Security and Systems / Security and Safety of Complex Systems

Permanent members

  • Elloh Christian Adja (Associate professor, Paris)
  • Marc Espie (Associate professor, Paris)
  • Walid Ghandour (Associate professor, Paris)
  • Ghada Gharbi (Associate professor, Toulouse)
  • Riadh Robbana (Full professor, Toulouse)

PhD Students

  • Youssef Ben Hamadi
  • Khaoula Sghaier

Keywords

  • Blockchains, Security by design, Formal methods, Design and verification of Protocols

Context and Motivation

The thematics focuses on advancing the security and reliability of complex systems, with a particular emphasis on distributed architectures, embedded environments, and operating system integrity. The scientific goals are organized around three thematic pillars: Design and formal verification of cryptographic protocols, Trusted Software Integration and Security of Distributed and Embedded Systems.

Research Objectives

Design and formal verification of cryptographic protocols

This research axis focuses on the rigorous construction and verification of secure communication schemes. It leverages formal methods to model, specify, and prove the security properties of cryptographic protocols. Developing mathematical models to specify and prove critical security properties (ballot secrecy, receipt freeness, verifiability, coercion-resistance, …). Employing and extending state-of-the-art verification tools ( ProVerif, Tamarin, …) to automatically analyze the security of protocols where multiple cryptographic primitives interact and to discover subtle, previously unknown attack vectors.

Security of Distributed and Embedded Systems

The Distributed Services Protection thematic focuses on the design and empirical evaluation of advanced mechanisms for Public Key Infrastructure (PKI) management in decentralized environments, with a strong emphasis on Web3 security. It addresses key lifecycle operations including generation, distribution, storage, and revocation through advanced management strategies in decentralized environments using blockchain technologies, leveraging their inherent decentralization, immutability, and traceability to enhance security and resilience. The robustness and applicability of the proposed security frameworks are systematically validated in domain specific scenarios, notably within the financial sector and heterogeneous Internet of Things (IoT) ecosystems, with particular emphasis on smart home environments and intelligent transportation systems.

Trusted Software Integration

This area of expertise primarily targets the software supply chain, with a focus on the provisioning of software packages through port-based distribution systems, the integration of quality assurance mechanisms such as debugging and profiling tools and the evaluation of their performance and reliability. While the OpenBSD operating system constitutes the primary platform of experimentation and development, the research also extends to modern deployment models, including virtualized infrastructures and microservice-based architectures, which raise new challenges in terms of software trustworthiness and maintainability.

Related Projects

OSMOSE

The OSMOSE project, led by the University of Toulouse, aims to boost cybersecurity skills in the Occitanie region. It offers tailored training from secondary school to lifelong learning, utilizing interactive cyber-ranges and a network of instructors. The project also promotes cybersecurity careers and aligns with regional and national strategies, integrating technical, psychological, sociological, and legal aspects with diverse partnerships.

Learn More

Software Defined Vehicle Security

The goal of this project is the design of an approach to secure CAV nodes and the end-to-end interactions between the TCU and the V2X application services. To this end, we rely on bio-inspired techniques.

Learn More

Related Publications

[1]

Maroua Idi • Sana Younes • Riadh Robbana. "Exploring Dependability of Cellular Access Networks through Formal Methods". International Conference on Advanced Information Networking and Applications (AINA 2026). 2026.

[2]

Oussama Trabelsi • Lilia Sfaxi • Riadh Robbana. "DCC: A High-Performance Distributed Encryption Framework for Large Volumes of Data". IEEE Trans. Dependable Secur. Comput.. 2025. https://doi.org/10.1109/TDSC.2025.3558764.

[3]

Nida Meddouri • David Beserra • Loic Salmon • Elloh Adja. "Decision Rule-Based Learning of Terrorist Threats". Proceeding of 17th International Joint Conference on Knowledge Discovery,Knowledge Engineering and Knowledge Management (IC3K). 2025. https://doi.org/10.5220/0013774400004000.

[4]

Quentin PeyrasGhada Gharbi • Souheib Baarir. "Towards Verifying Security Policies for Infinite-State Systems". Proceedings of the 16th International Conference on Verified Software: Theories, Tools, and Experiments (VSTTE'24). 2024. https://doi.org/FIXME.

[5]

Hammi, Badis • Zeadally, Sherali • Nebhen, Jamel. "Security threats, countermeasures, and challenges of digital supply chains". ACM Computing Surveys. 2023. https://doi.org/10.1145/3588999.

[6]

Hammi, Badis • Zeadally, Sherali. "Software supply-chain security: Issues and countermeasures". Computer. 2023. https://doi.org/10.1109/MC.2023.3273491.

[7]

Hammi, Badis • Zeadally, Sherali • Perez, Alfredo J. "Non-fungible tokens: a review". IEEE Internet of Things Magazine. 2023. https://doi.org/10.1109/IOTM.001.2200244.

[8]

Hammi, Badis • Zeadally, Sherali • Adja, Elloh and Giudice, Manlio Del • Nebhen, Jamel. "Blockchain-Based Solution for Detecting and Preventing Fake Check Scams". IEEE Transactions on Engineering Management. 2022. https://doi.org/10.1109/TEM.2021.3087112.

[9]

Badis Hammi • Jean-Philippe Monteuuis • Jonathan Petit. "PKIs in C-ITS: Security functions, architectures and projects: A survey". Vehicular Communications. 2022. https://doi.org/10.1016/j.vehcom.2022.100531.

[10]

Hammi, Badis • Idir, Mohamed Yacine • Khatoun, Rida. "A machine learning based approach for the detection of sybil attacks in C-ITS". The 23rd Asia-Pacific Network Operations and Management Symposium. 2022. https://doi.org/10.23919/APNOMS56106.2022.9919991.

[11]

Hammi, Badis • Zeadally, Sherali • Khatoun, Rida and Nebhen, Jamel. "Survey on Smart Homes: Vulnerabilities, Risks, and Countermeasures". Computers & Security. 2022. https://doi.org/10.1016/j.cose.2022.102677.

[12]

Hammi, Badis • Idir, Yacine Mohamed • Zeadally, Sherali • Khatoun, Rida • Nebhen, Jamel. "Is it Really Easy to Detect Sybil Attacks in C-ITS Environments: A Position Paper". IEEE Transactions on Intelligent Transportation Systems. 2022. https://doi.org/10.1109/TITS.2022.3165513.