<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Poster on Pascal Cotret</title><link>https://pcotret.gitlab.io/pubtypes/poster/</link><description>Recent content in Poster on Pascal Cotret</description><generator>Hugo</generator><language>en</language><lastBuildDate>Fri, 19 Jun 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://pcotret.gitlab.io/pubtypes/poster/index.xml" rel="self" type="application/rss+xml"/><item><title>HermiCache: Enclave-Aware Cache Replacement for Trusted Execution Environments</title><link>https://pcotret.gitlab.io/publications/2026-elmnaouri-soc2/</link><pubDate>Fri, 19 Jun 2026 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2026-elmnaouri-soc2/</guid><description>&lt;p&gt;Trusted Execution Environments (TEEs) protect enclave memory from untrusted software but remain vulnerable to cache-based side-channel attacks due to shared microarchitectural resources. Existing hardware defenses mainly rely on cache partitioning, which reduces effective capacity, or randomized remapping, which provides only probabilistic protection. This paper presents HermiCache, a deterministic enclave-aware cache isolation mechanism that enforces eviction confinement through ownership-aware replacement without partitioning. Each cache line is extended with lightweight metadata so that lookup and replacement decisions are restricted to the requester security domain. HermiCache is implemented at RTL in the CVA6 RISC-V core and integrated with Keystone. FPGA synthesis shows less than 5% hardware overhead, while gem5 evaluation reports up to 5% IPC degradation for secure and non-secure workloads.&lt;/p&gt;</description></item><item><title>Priority-Aware Scheduling of Multi-Model, Multi-Precision DNN Inference on Multi-Cores RISC-V</title><link>https://pcotret.gitlab.io/publications/2026-garreau-riscv/</link><pubDate>Tue, 09 Jun 2026 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2026-garreau-riscv/</guid><description>&lt;p&gt;Efficient deployment of Deep Learning (DL) models on RISC-V-based multi-core platforms remains a significant challenge, especially when multiple models with heterogeneous structures and precision requirements must run concurrently. Existing frameworks offer optimized execution for single-model inference but lack support for multi-model scheduling, as well as priority-based resource allocation. In this work, we extend the capabilities of such frameworks by formalizing the problem of multi-model, multiprecision inference scheduling on constrained many-core architectures like Parallel Ultra-Low Power (PULP). We define a scheduling space where multiple Deep Neural Networks (DNNs), varying in size, type and precision, compete for limited computing and memory resources. We introduce a simple, priority-aware scheduling layer that allocates cores and memory tiles across models, aiming to either minimize overall inference latency or find a tradeoff satisfying each model’s deadline. To demonstrate the effectiveness of our approach, we leverage the existing Deployment Oriented to memoRY (DORY) framework, and apply a greedy scheduling strategy. We conducted experiments with several models across several tasks and showed that even basic scheduling policies can significantly improve latency, core utilization, and memory efficiency over static and sequential baselines.&lt;/p&gt;</description></item><item><title>Security of Dynamically Reconfigurable RISC-V Systems: I/O Attack Focus</title><link>https://pcotret.gitlab.io/publications/2025-jendoubi-soc2/</link><pubDate>Wed, 18 Jun 2025 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2025-jendoubi-soc2/</guid><description>&lt;p&gt;Dynamic Partial Reconfiguration (DPR) enhances flexibility in modern hardware but introduces security risks. This work demonstrates how a Malicious Hardware Accelerator (MHA) can exploit Direct Memory Access (DMA) to bypass Input Output Memory Management Unit (IOMMU) protections through device ID manipulation, enabling unauthorized memory access. This vulnerability exposes a fundamental security gap in the management of dynamically reconfigurable systems. By highlighting this issue and proposing mitigation strategies, we provide a conceptual framework to guide the development of security mechanisms for dynamically adaptable architectures.&lt;/p&gt;</description></item><item><title>Enhancing Keystone Security Against Cache Timing Attacks: A Modular Approach</title><link>https://pcotret.gitlab.io/publications/2025-elmnaouri-soc2/</link><pubDate>Sun, 15 Jun 2025 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2025-elmnaouri-soc2/</guid><description>&lt;p&gt;Confidential computing includes various methods to enhance data security, notably by processing sensitive information within Trusted Execution Environments (TEEs). However, TEEs remain vulnerable to Side-Channel Attacks (SCAs), such as cache timing attacks, which exploit timing variations to extract confidential data. Existing TEE designs do not provide sufficient protection against these threats, highlighting the need for stronger security measures. This study focuses on integrating countermeasures specifically targeting timing and cache vulnerabilities within a TEE. The implementation will leverage the RISC-V architecture to explore its potential in mitigating SCA within TEE.&lt;/p&gt;</description></item><item><title>Enhancing Security in Heterogeneous Virtualized Systems: A Focus on I/O Attacks in the existence of IOMMU in a RISC-V architecture</title><link>https://pcotret.gitlab.io/publications/2024-jendoubi-soc2/</link><pubDate>Wed, 12 Jun 2024 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2024-jendoubi-soc2/</guid><description>&lt;p&gt;No abstract yet.&lt;/p&gt;</description></item><item><title>RISC-V Embedded AI for IDS Applications</title><link>https://pcotret.gitlab.io/publications/2024-garreau-ressi/</link><pubDate>Wed, 15 May 2024 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2024-garreau-ressi/</guid><description>&lt;p&gt;IDSs (Intrusion Detection Systems) include more and more AI (Artificial Intelligence) engines to detect several attack types. However, in order to be efficient in both learning and inference phases, such systems must include hardware coprocessors to improve AI-related computations. In this PhD thesis, we would like to explore the capabilities of RISC-V based processors in this context. RISC-V is an open-source ISA (Instruction Set Architecture) than can be easily extended. The main goal of this thesis is to propose RISC-V extensions for an IDS embedded into collaborative and heterogeneous unmanned vehicles (submarine, marine, or aerial), it must detect abnormal behaviors and must be efficient in terms of power consumption, area and runtime overheads. Furthermore, coprocessors developed in this thesis should not introduce security breaches into the system. Finally, a proof-of-concept should be developed to demonstrate the efficiency of algorithms and hardware implementations compared to software solutions.&lt;/p&gt;</description></item><item><title>Securing a high-level language virtual machine through its ISA: Pharo as a case study</title><link>https://pcotret.gitlab.io/publications/2021-ducasse-soc2/</link><pubDate>Tue, 08 Jun 2021 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2021-ducasse-soc2/</guid><description>&lt;p&gt;Managed languages such as Python, C#, Java or JavaScript are the most popular when looking at the PYPL (PopularitY of Programming Language) index. These languages come with modern engines called virtual machines (VMs) composed of performant and intricate pieces of software such as garbage collectors or just-in-time compilers. As these components need to be extremely performant, they have grown in size and complexity. They are also powerful tools that could become an important breach if exploited maliciously. Using vulnerabilities in a JIT compiler can lead to code injection or JIT spraying attacks, often needing no more than a carefully written input program. Enforcing memory security has been a hot topic for several years; our goal is to extend the RISC-V instruction set to enforce this memory isolation dynamically. This work-in-progress focuses on Pharo, a metacircular VM extended to the RISC-V ISA. We believe that the concepts applied to this VM should be applicable to other implementations.&lt;/p&gt;</description></item><item><title>Monitoring information flows in heterogeneous SoCs with a dedicated coprocessor</title><link>https://pcotret.gitlab.io/publications/2018-wahab-soc2/</link><pubDate>Wed, 13 Jun 2018 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2018-wahab-soc2/</guid><description>&lt;p&gt;Security is a major issue nowadays for the embedded systems community. Untrustworthy authorities may use a wide range of attacks in order to retrieve critical information. This paper introduces ARMHEx, a practical solution targeting DIFT (Dynamic Information Flow Tracking) on ARM-based SoCs (e.g. Xilinx Zynq). ARMHEx takes profit of ARM CoreSight debug components and static analysis to drastically reduce instrumentation time overhead (up to 90% compared to existing works).&lt;/p&gt;</description></item><item><title>ARMHEx: a hardware extension for information flow tracking on ARM-based platforms</title><link>https://pcotret.gitlab.io/publications/2017-wahab-soc2/</link><pubDate>Wed, 14 Jun 2017 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2017-wahab-soc2/</guid><description>&lt;p&gt;Security in embedded systems is a major concern for several years. Untrustworthy authorities use a wide range of both hardware and software attacks. This paper introduces ARMHEx, a practical solution targeting DIFT (Dynamic Information Flow Tracking) implementations on ARM-based SoCs. Existing DIFT solutions are either hardly portable to SoCs or bring unsuitable time overheads. ARMHEx overcomes both issues using modern debugging CPU features, along with a coprocessor implemented in FPGA logic. This work demonstrates how ARMHEx performs DIFT with negligible communication costs.&lt;/p&gt;</description></item><item><title>ARMHEx: a hardware extension for information flow tracking on ARM-based platforms</title><link>https://pcotret.gitlab.io/publications/2017-wahab-ressi/</link><pubDate>Wed, 17 May 2017 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2017-wahab-ressi/</guid><description>&lt;p&gt;Security in embedded systems is a major concern for several years. Untrustworthy authorities use a wide range of both hardware and software attacks. This paper introduces ARMHEx, a practical solution targeting DIFT (Dynamic Information Flow Tracking) implementations on ARM-based SoCs. Existing DIFT solutions are either hardly portable to SoCs or bring unsuitable time overheads. ARMHEx overcomes both issues using modern debugging CPU features, along with a coprocessor implemented in FPGA logic. This work demonstrates how ARMHEx performs DIFT with negligible communication costs.&lt;/p&gt;</description></item><item><title>A portable approach for SoC-based Dynamic Information Flow Tracking implementations</title><link>https://pcotret.gitlab.io/publications/2016-wahab-soc2/</link><pubDate>Thu, 09 Jun 2016 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2016-wahab-soc2/</guid><description>&lt;p&gt;This work introduces an efficient approach for DIFT (Dynamic Information Flow Tracking) implementations on reconfigurable chips. Existing solutions are either hardly portable or bring unsatisfactory time overheads. This work presents an innovative implementation for DIFT on reconfigurable SoCs such as Xilinx Zynq devices. Even though the feasibility of this approach is currently being studied, the first results are promising.&lt;/p&gt;</description></item><item><title>HardBlare: an efficient hardware-assisted DIFC for non-modified embedded processors</title><link>https://pcotret.gitlab.io/publications/2015-cotret-ches/</link><pubDate>Sun, 13 Sep 2015 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2015-cotret-ches/</guid><description>&lt;p&gt;No abstract yet.&lt;/p&gt;</description></item><item><title>Reconnaissance faciale basée sur les ondelettes robuste et optimisée pour les systèmes embarqués</title><link>https://pcotret.gitlab.io/publications/2015-cotret-gresti/</link><pubDate>Tue, 08 Sep 2015 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2015-cotret-gresti/</guid><description>&lt;p&gt;Dans le domaine du traitement d’images, la reconnaissance faciale est une technique appliquée dans de nombreuses applications, télésurveillance, accès à des zones restreintes, déverrouillage de systèmes électroniques, etc. Dans ce contexte, cette contribution propose une méthode rapide de reconnaissance faciale basée sur la transformée en ondelettes robuste aux variations de position et de luminosité pour des applications temps réel. La méthode proposée a une tolérance de +/- 10% aux variations de position avec des conditions de luminosité variables. Sur une plateforme embarquée type RaspberryPi, le temps de reconnaissance moyen est de 26 ms par visage avec une empreinte mémoire 64 fois plus faible que l’approche de référence et des taux de reconnaissance équivalents.&lt;/p&gt;</description></item><item><title>Self-configuration of latency-efficient security enhancements for mpsoc communications monitoring</title><link>https://pcotret.gitlab.io/publications/2012-cotret-gdrsoc/</link><pubDate>Fri, 15 Jun 2012 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2012-cotret-gdrsoc/</guid><description>&lt;p&gt;Nowadays, security is a key constraint in MPSoC development as many critical and secret information can be stored and manipulated within these systems. One strategic point of a bus-based MPSoC is the communication architecture as all data goes through it. Most solutions are currently built at the software level; we believe hardware enhancements also play a major role in system protection. Our approach relies on low complexity distributed security filters connected to all critical IPs of the system. Implementations on a Xilinx xc6vlx240t Virtex-6 FPGA show a latency decrease of 33 % compared to existing efforts while a reconfigurable version of such security services gives a 37% area overhead on a simple dual-processor case study with a 33% latency decrease on a sample image processing application.&lt;/p&gt;</description></item><item><title>Distributed security for communications and memories in a multiprocessor architecture</title><link>https://pcotret.gitlab.io/publications/2011-cotret-raw/</link><pubDate>Tue, 17 May 2011 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2011-cotret-raw/</guid><description>&lt;p&gt;The need for security in embedded systems has strongly increased since several years. Nowadays, it is possible to integrate several processors in a single chip. The design of such multiprocessor systems-on-chip (MPSoC) must be done with a lot of care as the execution of applications may lead to potential vulnerabilities such as revelation of critical data and private information. Thus it becomes mandatory to deal with security issues all along the design cycle of the MPSoC in order to guarantee a global protection. Among the critical points, the protection of the communications is very sensible as most of the data are exchanged through the communication architecture of the system. This paper targets this point and proposes a solution with distributed enhancements to secure data exchanges and to monitor communications within a MPSoC. In order to validate our contribution, a case study based on a generic multiprocessor architecture is considered.&lt;/p&gt;</description></item><item><title>Secured communications within a multi-processors architecture</title><link>https://pcotret.gitlab.io/publications/2010-cotret-gdrsoc/</link><pubDate>Wed, 13 Oct 2010 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2010-cotret-gdrsoc/</guid><description>&lt;p&gt;The development of secured embedded systems is in full expansion. The more we need complex treatments, the more we need to think about the security inside a system and its several elements. We participate in an ANR project aiming to develop a USB token able to cipher or decipher ”on-the-fly” files stored on a computer. The USB token is based on a MPSoC and our work focus on the security of communications between the processors and the other IPs in order to avoid critical informations theft from attackers.&lt;/p&gt;</description></item><item><title>Sécurisation des communications dans une architecture multi-processeurs</title><link>https://pcotret.gitlab.io/publications/2010-cotret-majecstic/</link><pubDate>Wed, 13 Oct 2010 00:00:00 +0000</pubDate><guid>https://pcotret.gitlab.io/publications/2010-cotret-majecstic/</guid><description>&lt;p&gt;La production de systèmes embarqués sécurisés ne cesse de progresser depuis plusieurs années. Ceci est dû au fait que des failles de sécurité potentielles sont présentes dès que l’on manipule des données sensibles ou des informations privées, ce qui rajoute de la complexité au développement d’un tel produit. Par conséquent, il est désormais indispensable de penser à la sécurité tout au long du flot de conception afin de garantir une protection globale des systèmes embarqués. La protection des communications est un problème fondamental étant donné que la majorité des données circulent à travers l’architecture de communication du système. Dans cet article, nous nous concentrons sur ce point et une solution est proposée pour échanger des données dans un environnement sécurisé et implanter un mécanisme de surveillance des communications dans une architecture multi-processeurs. Le travail présenté dans ce papier fait partie du projet SecReSoC financé par l’ANR. Afin de valider les résultats, un cas d’étude est proposé. Il s’agit d’un token USB capable de chiffrer ou déchiffrer à la volée des fichiers stockés sur un ordinateur.&lt;/p&gt;</description></item></channel></rss>