Day 2 – 09 November

08:30 – 09:15  Registration 

Room: Amphi Jean-Baptiste Say

09:15 – 10:15   Keynote: Cloud deployments of 5G core networks: unleashing the power of private 5G 

Nicola Di Pietro, Athonet, Italy

5G networks have been conceived to address the needs and requirements of very heterogeneous verticals, proposing mobile networks as a controllable and tunable infrastructural asset for companies, industries, and governmental entities, even when they do not have a telecommunication-oriented vocation or deep expertise. To fully realize such an ambition, private 5G networks should be easily instantiated, operated, managed, and scaled. Cloud environments are a perfect domain to deploy virtualized network functions that support such goals. This presentation focuses on mobile core network virtualized solutions that allow users to deploy the most advanced and sophisticated 5G networks with Wi-Fi-like simplicity while using any 5G radio from any vendor. We will present a core network solution that can be deployed on private or public cloud environments and resources to serve the needs of different verticals, lighten and facilitate network deployment and management, and increase the network’s robustness. On-cloud 5G core network deployments make private 5G affordable, practical, and accessible to all kinds of users, without sacrificing latency, resilience, or control, and with reduced management complexity.

10:15 – 10:45   Coffee Break and networking

Room: Salle des conférences

10:45 – 11:00   Scheduling algorithms in the service of routing computational processes in MEC servers – Stylianos Koumoutzelis, 8Bells research

This presentation concerns the communication strategies between end-user devices and MEC servers. Several algorithms that have been proposed in service of routing computational processes between end-user devices and MEC servers at the Edge are presented and evaluated, while open questions in the field of resource allocation are raised.

11:00 – 11:25   ML-based applications at the edge of aeronautical networks – Babak Mafakheri, SPI

From the first in-flight movie screened in 1921 at an exposition in Chicago, to single-aisle coach-style television systems in the late 1970s, today’s In-Flight Entertainment and Connectivity (IFEC) systems offer each passenger also with their own personal system. According to global market statistics, the IFEC market had a value of USD 4.13 billion in 2020 and is predicted to reach USD 11.65 billion in 2030. To serve such a big business with ever-growing ubiquitous network connectivity and to boost the development of connected IFE systems, new technologies, such as AI/ML and cloud-edge, need to get integrated with the in-flight and aeronautical networks. In this presentation, we introduce and discuss the development of an aeronautical network architecture that provides aircraft onboard passengers with broadband connectivity as a development toward ubiquitous access. Moreover, we discuss how this aeronautical network is empowered by ML models that enable the harnessing of onboard localized information and perform analysis to improve the performance of IFEC systems.

11:25 – 11:50   End-to-end Security Problems in the Heterogeneous Multi-Party IoT-Cloud Infrastructure – Du Xiaojiang, Stevens Institute of Technology

Internet of Things (IoT) devices and systems have been widely used in many domains. IoT devices operate in a heterogeneous multi-party ICT infrastructure: IoT devices communicate with IoT hubs, Wi-Fi routers, and IoT cloud servers. In recent work, we analyse the IoT network protocol stack to demystify IoT timeout behaviours. Our analysis starts from the TCP layer and moves upwards. A key observation is that the timeout detection implemented in the TCP layer is decoupled from the data protection provided by the TLS layer. As a result, an attacker can fool both the IoT device and server to believe that a session is healthy, while the attacker actually delays IoT messages (although the data integrity remains protected by TLS). Based on the timeout behaviours, we design two attack primitives, e-Delay and c-Delay, allowing an attacker to cause significant message delays, without raising alarms in any layers of the IoT network protocol stack. Leveraging the two attack primitives, an attacker can cause not only delays of IoT events and commands but also spurious or disabled IoT operations. These attacks do not rely on any implementation vulnerabilities but can impose serious threats on smart environments. Our evaluation of 50 IoT devices and various IoT platforms shows that exploitable timeout behaviours widely exist. The study reveals critical design flaws of timeout behaviours and security problems in existing IoT network protocol stacks. In this talk, we also discuss possible countermeasures. We have contacted multiple IoT vendors regarding the vulnerability, and Google, Ring and SimpliSafe have acknowledged the problem.

11:50 – 12:15   AI@Edge Network Architecture and Automation of Future Telecom networks – Neiva Linder, EAB

I intend to start on requirements (complexity), and standardization overview and then progress to our NSAP (service management and orchestration) and the AI data-driven Architecture, giving some aspects on, e.g., Automation for Cloud RAN.

12:15 – 14:00   Lunch break

Room: Amphi Jean-Baptiste Say

14:00 – 15:00   Keynote: Moving Target Defense (MTD) in Future Telco Networks: Design, Implementation and Challenges

Dr G. Gur, University of Zurich

In the traditional fight between an attacker and a defender in information security, the attacker always has a spatiotemporal advantage where it can act in a self-guided way in terms of time and attack surface exploration. The Moving Target Defense (MTD) paradigm considers this phenomenon. It works with the fundamental assumption that no system can be completely secure and therefore another layer of security would be beneficial. Essentially, it is a technique to dynamically and proactively alter various system components in a randomized fashion to eliminate the asymmetric advantage of the attacker. In this way, an attacker has only a very limited time to find and exploit a vulnerability before parts of the system are changing. In this talk, we are going to elaborate on the MTD concept and its use in 5G and Beyond networks. We will present the design, modelling and implementation work carried out in the H2020 INSPIRE-5Gplus project as a case study. We will also identify some key challenges and future research directions on how MTD can be further integrated into future networks.

Room: Salle des conférences

15:00 – 15:30   Influence of transients on end-to-end network availability and resilience – Christian Tanguy, Orange

The resilience of networks is a fundamental issue in the telecommunications industry. The disruption of services should be kept at a minimum so that its consequences are not too serious, and its duration is as short as possible. Maintenance policies often rely on the steady-state availabilities of each element of the system, given by the well-known ratio MTTF/(MTTF + MTTR). The two-terminal — or end-to-end — availability is a standard performance index for networks. It can be difficult to compute exactly, especially in the case of a meshed network. Another difficulty may arise with the often-neglected availability transients of system components during their mission time. In this work we consider the network first proposed by Walter, Esch, and Limbourg (2008), in which links and nodes of the network may fail. We show that the computation of the availability can be made simple by using the recursive nature of a super-graph. The exact contributions of links and nodes have been obtained analytically, for possibly non-identical elements, leading them easily to variation with time of the global availability of the system. As steady-state availability may not always be a lower bound to the transient availability in the case of non-exponential failure and repair distributions, we have studied the influence of such configurations on the time-dependent behaviours of all the quantities as mentioned above. We discuss the results and their impact on the resilience assessment and policies.

15:30 – 16:00   Formal Proof Metrics: the Developer’s Guide to Formal – Gaber Chrystel, Orange (Webex)

With the growing regulation framework on cybersecurity (General Data Protection Regulation, the NIS Directive, the Cybersecurity Act and the Cyber Resilience Act), the EU demonstrates its dedication to strengthening the security requirements and obligations of Information and Communication Technology actors. As a result, having the capacity to demonstrate that software provides specific properties (e.g., memory isolation, memory safety or temporal isolation) whatever the context or without bugs becomes essential. Such assurance can be provided by computer-assisted theorem proving. However, theorem proving is less favoured by software engineers despite its versatility to check any property on any size of code. The main reason is that it is labour-intensive and requires a high level of expertise. We believe that this issue could in part be overcome by proposing metrics evaluating beforehand the efficiency of proof techniques or paths. We propose two metrics, based on the use of the code dependency graphs generated during the design phase of the code, to evaluate the efficiency in terms of proof effort and the progress of a proof. We illustrate their usage with our experience of designing the kernel Pip-MPU and proving it formally with Coq. In particular, the first metric highlights that our choice to posit and prove generic lemmas rather than repeating similar chunks of proofs improves the proving efficiency. The second metric conveys a snapshot of the proving status to non-experts. To our knowledge, this work is the first to propose metrics that can be used to guide and evaluate the proving process. Common metrics used are the number of lines of proofs; the ratio of the number of lines of proof and the number of lines of code or the proving effort expressed in person-years or person-months. D. Aspinall and C. Kaliszyk investigate the idea of proof metrics in a paper entitled “Towards Formal Proof Metrics” and define six proof metrics that capture the complexity of a proof. However, their metrics apply to final proofs while our methodology requires only knowledge of the code to be proved. In ”Proving Event-B Models with Reusable Generic Lemmas”, A. Iliasov assess how the technique of using generic lemmas that can be reused in the same or another project by showing how it simplifies the proof of pre-existing Event-B models but do not propose a metrics that captures it before carrying out the proof. The research leading to these results partly received funding from the MESRI-BMBF German-French cybersecurity program under grant agreements no ANR-20-CYAL-0005 and 16KIS1395K. The paper reflects only the authors’ views. MESRI and BMBF are not responsible for any use that may be made of the information it contains.

16:00 – 16:30   Placement of Artificial Intelligence Functions for Anomaly Detection – Yellas Nour El-houda, CNAM

We consider an environment where edge intelligence is combined with federated learning as a way to distribute learning and inference tasks in a scalable way. In this presentation, we address the problem of artificial intelligence function placement taking into consideration the specific constraint and the empirical behaviour of a virtualized infrastructure anomaly detection use-case, where hardware accelerators can be used. We propose a MILP formulation that takes into consideration several challenges, mainly the location of FL nodes and the communication and processing delays. We also propose a variant of the model and present a performance evaluation of the proposed solutions while comparing them to a baseline placement solution.

16:30 – 17:00   Final coffee break and networking