Winter Research School 2026

The fourth edition of the Winter Research School brought together students, PhD students and researchers to discuss recent advances in cybersecurity.

Day 1: Cryptography, Physical Attacks and Cyber-Physical Security

The first day was opened by Pierre-Alain Fouque, Scientific Director of the CyberSchool, who officially launched this new edition.

The morning began with a talk by Loïc Masure, CNRS research fellow at the Laboratory of Computer Science, Robotics and Microelectronics of Montpellier (LIRMM). His presentation focused on side-channel analysis of cryptographic implementations and the associated counter-measures. In particular, he discussed masking, a technique based on secret sharing used to protect sensitive data during computations.

The afternoon was dedicated to physical and electromagnetic attacks and to cyber-physical security. Ludovic Claudepierre and Edna Rocio Ferrucho Alvarez, postdoctoral researchers at IETR, opened the session with a presentation on physical attacks. They provided a rapid overview of fault-injection techniques, presenting clock-glitch injection and laser fault injection on microcontrollers, as well as reverse-engineering techniques based on photoemission. Romain Bourdais, Professor at CentraleSupélec and head of the “Smart Energy” department at IETR, then introduced the concept of cyber-physical security for energy systems, particularly in smart grids. The presentation showed how control theory provides tools for detecting and mitigating attacks, drawing on experiments carried out on the IETR Smart and Secure Room platform. The day concluded with Pierre Granier, a PhD student in electromagnetic cybersecurity at IETR, who presented the concept of data recovery through electromagnetic leakage (TEMPEST). He then introduced malicious cable modifications that can transform them into retroreflectors. These concepts were illustrated through attack demonstrations and the presentation of implants on various data links (VGA, USB and Ethernet).

Day 2: Formal Verification, Software Security and Legal Issues

The second day began with a morning devoted to formal verification applied to computer security, with Steve Zdancewic, Schlein Family President’s Distinguished Professor in the Computer and Information Science Department at the University of Pennsylvania.
The first part of the presentation introduced the basics of what it means to conduct formal verification in a tool like Rocq. Several applications related to computer security were discussed, including memory safety, information-flow control for confidentiality and integrity, cryptography and authorisation mechanisms. The second part focused on two related topics: retrofitting memory safety to legacy C code via SoftBound, and ongoing work on developing a formal semantics for LLVM IR in the Vellvm project.

The afternoon of the second day was organised in collaboration with the SoSySec seminar. The first presentation, entitled “Video games from screen to reality: legal and (geo)political issues through the lens of cybersecurity”, was delivered by Léandre Lebon, a PhD student in law and political science at the University of Rennes/IODE, and Sandrine Turgis, HDR Associate Professor in public law at the University of Rennes/IODE, with contributions from Damien Franchi, Ewen Jac, Svein Lebarque–Turgis and Yanis Peres. The speakers discussed the legal and geopolitical issues surrounding video games from a cybersecurity perspective: copyright protection, combating cheating techniques, interactions with warfare and hybrid conflicts, and democratic issues. The second talk focused on the Man-at-the-End (MATE) threat model. Mohamed Sabt, lecturer-researcher at the University of Rennes/IRISA, and Etienne Nedjaï, a PhD student at the University of Rennes/IRISA, explored the vulnerabilities of real systems when faced with an attacker capable of fully controlling the execution environment. The session included practical work to understand and test MATE attacks, notably using the Frida tool, and discussed the implications for system security, such as anti-cheat solutions in video games.

Day 3: Artificial Intelligence and Industrial Applications

The final morning of the research school, dedicated to artificial intelligence, was organised in collaboration with the SequoIA Cluster. Emeric Auriant and Lucas Laloue, AI engineers at AMIAD, opened the session by sharing their experience at the Tourville CTF, organised by the French Ministry of the Armed Forces. By using open-source AI tools and a collaborative approach, their team succeeded in finishing on the podium. They presented their strategies, lessons learned and best practices, showing how AI can be a major asset even for non-specialist teams. The morning continued with tech talks on state-of-art research: “AI for cybersecurity – intrusion detection and network traffic generation” by Pierre-François Gimenez, researcher at Inria/IRISA; “Log Probability Tracking of LLM API” by Timothée Chauvin, PhD student at Inria/IRISA; “Adversarial risk of AI on AI-boosted software security” by Yufei Han, researcher at Inria/IRISA; “AI and network security” by Pierre Alain, lecturer-researcher at the University of Rennes/IRISA.

The afternoon took a slightly different format, organised as a Cyber Thursday event. Today, cybersecurity is built on the synergy between scientific research, empirical knowledge and operational applications. This Jeudi Cyber featured an afternoon of keynote talks dedicated to three major ongoing transitions:

• Andy Russon, cybersecurity engineer at Almond, gave a presentation on the transition to post-quantum cryptography. He reviewed the scientific, technical and methodological challenges and presented the support methods offered to industry to address this transition and support operational deployments.
• Belkacem Teibi, co-founder and CEO of Daspren, explored the transition from research projects to industrial value propositions. He explained how to detect and block advanced threats such as zero-day ransomware, APTs and fileless attacks in real time, and how automated system mapping and intelligent classification enable a more precise understanding of cyber threats.
• Ewa Kijak, Professor at the University of Rennes and member of the Inria/IRISA ARTISHAU project team, addressed the detection of visual content generated or modified by AI. She presented both active and passive methods for identifying such content, as well as the associated challenges.

The CyberSchool team would like to warmly thank all the speakers at our Winter Research School, as well as all the participants. The event concluded on an inspiring note!