Post-doctorat in Digital Twin for Quantifying the Security of 5G/6G Slices

Description de l'offre d'emploi

Télécom SudParis

Présentation de Télécom SudParis :

Télécom SudParis est une grande école publique d'ingénieurs reconnue au meilleur niveau des sciences et technologies du numérique. La qualité de ses formations est basée sur l’excellence scientifique de son corps professoral et une pédagogie mettant l’accent sur les projets d’équipes, l’innovation de rupture et l’entreprenariat. Télécom SudParis compte 1 000 étudiantes et étudiants dont 700 élèves ingénieurs et environ de 150 doctorantes et doctorants. Télécom SudParis fait partie de l’Institut Mines-Télécom, premier groupe d’école d’ingénieurs en France, et partage son campus avec Institut Mines-Télécom Business School. Télécom SudParis est co- fondatrice de l'Institut Polytechnique de Paris (IP Paris), Institut de Sciences et Technologies à vocation mondiale avec l’École polytechnique, l’ENSTA Paris, l’ENSAE Paris et Télécom Paris.

À propos de l'Institut Mines-Télécom :

L'Institut Mines-Télécom (IMT) est un établissement public dédié à l'enseignement supérieur et la recherche pour l'innovation dans les domaines de l'ingénierie et du numérique. À l’écoute permanente du monde économique, l'IMT conjugue une forte légitimité académique et scientifique, une proximité avec les entreprises et un positionnement unique sur les transformations majeures au XXIe siècle : numériques, énergétiques, industrielles et éducatives siècle. Ses activités se déploient au sein des grandes écoles Mines et Télécom sous tutelle du ministre en charge de l’Industrie et des communications électroniques, de deux filiales et de partenaires associés ou sous convention. L'IMT est membre fondateur de l’Alliance Industrie du Futur. Il est doublement labellisé Carnot pour la qualité de sa recherche partenariale.


Missions

Network and function virtualization technologies (SDN/NFV) are considered enablers to 5G slices, that is virtual and physical resources are dynamically allocated and orchestrated by a network slice broker to fulfil the needs of a tenant or a service provider. 5G slicing could be vulnerable to a number of threats across time including information leakage at design time, policy tampering at deployment stage, or application vulnerability exploitation or denial of service during runtime. At the same time, those same enablers allow slice owners to specify security policies and constraints that would apply to their slice. Such policies and constraints are negotiated with infrastructure and service providers in the form of service-level agreements (SLA). Finally, these policies are deployed automatically and evaluated continuously so as to anticipate changes. Therefore, it is needed to quantify security indicators and deploy means to continuously monitor them. The slice owner or operator would gain insights on the security level of the slice and subsequently verify the
enforcement of security policies. This ultimately ensures that security is guaranteed throughout the slice lifecycle.
The objective of the proposed work is to develop a number of indicators of security to quantify the level of security of a system in order to gain situational awareness. This will enable operators to take informed decision on the security of the slice. What is more, we would like to assess different countermeasures, not only in terms of their efficiency to thwart the detected attacks, but also in terms of their (adverse) impact to the protected slice. Therefore, the candidate will pursue the following goals:
• develop an integrated model (e.g., a digital twin) to produce security decisions based on the previously developed indicators
• quantify risks related to cybersecurity
• quantify mitigation and detection systems in a dynamic 5G slicing system
• quantify the efficiency and collateral damages of automated countermeasures


Activités

The proposed work aims at securing 5G slices and verifying that deployed policies are compliant with what was specified by the slice owner in terms of slicing and security. From the metrics collected throughout the infrastructure, we will be able to gain insights on the state of the slice, and its security level.
Thus, we propose to define a model of the slice as a digital twin in order to quantify its risks. The security policies are often expressed in a domain-specific language, and together with the aforementioned model, we (ii) propose to quantify the coverage of mitigation and detection systems – by deriving security policies from the owner’s specifications (SLAs) to the implemented dataplane configurations – with respect to expected threats, through injection against the digital twin. Finally, we will (iii) improve on existing response quantification methodologies to adapt to 5G needs, to measure the trade off between the efficiency of the response and its potential collateral damages against the slice.

Pré-requis du poste

Formation

  • Doctorat depuis moins de 3 ans

Compétences, connaissances et expériences indispensables

- Experience in modelling and/or simulation
- Knowledge in modelling langages and formalisms
- Knowledge in network virtualization and security
- English written and spoken

Compétences, connaissances et expériences souhaitables

  • Prior experience with digital twins

Capacités et aptitudes

  • Rigor
  • Autonomy
  • Teamwork

Informations complémentaires et candidature

  • Date limite de candidature : 24 avril 2022
  • Nature du contrat : CDD 1.5 an
  • Catégorie et métier du poste: II - P, Post-doctorant
  • Les postes offerts au recrutement sont ouverts à toutes et tous avec, sur demande, des aménagements pour les candidats en situation de handicap
  • For funding reasons, the applicant MUST hold French or UE member state citizenship to be eligible.