PERP, which is linked to the national cyber security strategy, experienced some form of formalization last week. How does he present himself?
More than a year of work … and finally some kind of achievement. Last week, on Campus Cyber, we formalized the first seven PEPR cyber security projects.
This initiative is part of the fourth investment program for the future (PIA 4). This is in line with the actions “Structuring Equipment for Research” and “Priority Research Programs” in PIA 3.
There are two types of PERPs. On the one hand, those that fit into a national strategy. On the other hand, those who are called “exploratory”. These are aimed at new scientific or technological sectors. For some, the areas of application of their research work may still fall under working hypotheses. MoleculArXiv, which focuses on storing DNA data, falls e.g. fall into this category. Its pilot: CNRS.
The CNRS is also at the forefront of PERP cyber security, which is linked to the national strategy unveiled by the government in early 2021 and which provides it with a preliminary framework of around € 1 billion.
Three pilots and about twenty academic partners
The budget for cybersecurity PERP amounts to 65 million euros over six years. Compare this with € 150 million for the one dedicated to quantum technologies, € 80 million for the one dedicated to carbon-free hydrogen or even € 60 million for the one dedicated to digital health.
CNRS is not alone in leading PERP. He is responsible for managing it with CEA and Inria. Gildas Avoine, Bruno Charrat and François Cuny are the respective representatives of the three organizations.
Twenty universities and large schools are in the loop. According to the latest news, PERP is to involve about 200 permanent researchers and teacher researchers. And fund about 140 dissertations. The idea is to support upstream research … and the transfer of knowledge to the industrial world.
A PEPR without post-quantum cryptography
The first seven targeted projects benefit from envelopes of 5.5 to 7.5 M €. A call for projects – which is scheduled to start this summer – will make it possible to fund three more. There will be no one in post-quantum cryptography: by common agreement, it is quantum PERP that will carry this effort.
Four of these projects relate to information security: DefMal, iPOP, SecureCompute and SVP.
The University of Versailles-Saint-Quentin-en-Yvelines is leading the project iPOP, ruled by Inria. Purpose: to design techniques for the protection of personal data.
7 projects selected within the framework of PEPR cyber, including the iPOP project (Interdisciplinary project on the protection of personal data), led by Iulian Sandu-Popa at the DAVID laboratory, team @Inria @uvsq PETRUS: https://t.co/rTGPWuKQPS #ipop #PEPR #cyber #cyber security pic.twitter.com/FAogkkJMpa
—UVSQ Research (@UVSQ_Research) June 23, 2022
Bag DefMal, which is the University of Lorraine. The idea is to improve the knowledge and understanding of malicious programs involving the discipline of humanities and social sciences.
🛡️The project “Defense against Malware” aims to predict, analyze and predict malware attacks. #malware #ransomware
A project led by @Univ_Lorraine with @CNRS, @Inria @CEA_Official @irisa_lab @centralesupelec @EURECOM #PEPR@CNRS_Centre_Est @Inria_Nancy https://t.co/3J9LjeCLCe
– Loria (@labo_Loria) June 21, 2022
ENS-PSL is at the forefront SecureCompute. The project touches on so-called “confidential” computing. Or how to secure the calculation (data processing) based on cryptography techniques.
Also in the field of cryptography, the CNRS is leading the project please. Which consists of analyzing the security of the protocols to move towards more robust solutions.
#PEPR #Cyber Security 🛡 | Stephanie DeLaune @irisa_labscientific leader of the project “Verification of security protocols”, working on #security from #Electronic voting
🤝@ CNRS_dr17 @ UnivRennes1 pic.twitter.com/s5e9T4iJsP
– Digital at CNRS (@ INS2I_CNRS) June 21, 2022
A place for multimedia data and cryptographic primitives
The other three projects concern system security. CEA takes two of them. Firstly, Arseny, which is aimed at the security of embedded data processing. The other, Securitywhich should result in tools for detecting hardware and software vulnerabilities.
Jacques Fournier @CEA_Leti and @__ftk from the CEA List presented the projects #Arsenyfor the security of microelectronic components in cybersecurity, and #Security to design new tools to verify the absence of hardware and software vulnerabilities pic.twitter.com/wywLklK4PY
– CEA_Officiel (@CEA_Officiel) June 21, 2022
Inria, on the other hand, is piloting Monitor. Its focus: discovery, response and remediation within major IS.
The three projects that will be added to the list cover the following areas:
– Multimedia data protection (video tagging, biometrics, AI security …)
– Vulnerability research and exploitation techniques
– Cryptanalysis (= security assessment) of cryptographic primitives
Main artwork © studio v-zwoelf – Adobe Stock