ACMES team

Samovar lab

New paper “Bringing privacy, security and performance to the Internet of Things using IOTA and usage control”

Bringing privacy, security and performance to the Internet of Things using IOTA and usage control
by Nathanaël Denis, Sophie Chabridon and Maryline Laurent

Annals of Telecoms, jan. 2024 link

The Internet of Things (IoT) is bringing new ways to collect and analyze data to develop applications answering or anticipating users’ needs. These data may be privacy-sensitive, requiring ecient privacypreserving mechanisms. The IoT is a distributed system of unprecedented scale, creating challenges for performance and security. Classic blockchains could be a solution by providing decentralization and strong security guarantees. However, they are not ecient and scalable enough for large scale IoT systems, and available tools designed for preserving privacy in blockchains, e.g. coin mixing, have a limited eect due to high transaction costs and insucient transaction rates. This article provides a framework based on several technologies to address the requirements of privacy, security and performance of the Internet of Things. The basis of the framework is the IOTA technology, a derivative of blockchains relying on a directed acyclic graph to create transactions instead of a linear chain. IOTA improves distributed ledger performance by increasing transaction throughput as more users join the network, making the network scalable. As IOTA is not designed for privacy protection, we complement it with privacy-preserving mechanisms: merge avoidance and decentralized mixing. Finally, privacy is reinforced by introducing usage control mechanisms for users to monitor the use and dissemination of their data. A Proof of Concept is proposed to demonstrate the feasibility of the proposed framework. Performance tests are conducted on this Proof of Concept, showing the framework can work on resource-constrained devices and within a reasonable time. The originality of this contribution is also to integrate an IOTA node within the usage control system, to support privacy as close as possible to the objects that need it.

PhD Defense of Nathanaël DENIS – For a Private and Secure Internet of Things with Usage Control and Distributed Ledger Technology

October 3 2023

Abstract: IoT devices represent one of the major targets for malicious activities. The grounds for this are manifold: first, to reduce the cost of security, manufacturers may sell vulnerable products, leaving users with security concerns. Second, many IoT devices have performance constraints and lack the processing power to execute security software. Third, the heterogeneity of applications, hardware, and software widens the attack surface. As a result, IoT networks are subject to a variety of cyber threats. To counter such a variety of attacks, the IoT calls for security and privacy-preserving technologies. For privacy concerns, usage control grants the users the power to specify how their data can be used and by whom. Usage control extends classic access control by introducing obligations, i.e., actions to be performed to be granted access, and conditions that are related to the system state, such as the network load or the time. This thesis aims at providing answers to the challenges in the Internet of Things in terms of performance, security and privacy. To this end, distributed ledger technologies (DLTs) are a promising solution to Internet of Things constraints, in particular for micro-transactions, due to the decentralization they provide. This leads to three related contributions: 1. a framework for zero-fee privacy-preserving transactions in the Internet of Things designed to be scalable; 2. an integration methodology of usage control and distributed ledgers to enable efficient protection of users’ data; 3. an extended model for data usage control in distributed systems, to incorporate decentralized information flow control and IoT aspects. A proof of concept of the integration (2) has been designed to demonstrate feasibility and conduct performance tests. It is based on IOTA, a distributed ledger using a directed acyclic graph for its transaction graph instead of a blockchain. The results of the tests on a private network show an approximate 90% decrease of the time needed to push transactions and make access decisions in the integrated setting.

New paper “Trustworthy Cross-Organizational Collaborations with Hybrid On/Off-Chain Declarative Choreographies” at ICSOC’2021

Authors: Tiphaine Henry, Amina Brahem, Nassim Laga, Julien Hatin, Walid Gaaloul and Boualem Benatallah


Business Process Management communities increasingly adopt the blockchain technology to support trustworthy decentralized execution of processes. In this context, the interest in business process choreographies rises as they offer a distributed way to compose and control cross-organizational processes. In choreographies, the process view is distributed between participants to limit privacy leakages. Hence, the process observability (i.e., who knows what) is challenging. On one side, partners have no insight into each other’s orchestration and communicate peer-to-peer via the public view. On the other side, they have to maintain their internal orchestrations’ states consistent with the choreography’s global state. The need to ensure a privacy-preserving method to enforce a blockchain-based execution thus rises. In the present work, we propose a unified solution for the hybrid on/off-chain generation and execution of business process choreographies. The public view, shared understanding of the cross-organizational process, is triggered by the on-chain smart contract. Participants generate their private views off-chain using this on-chain public view. They execute afterward the private views in their off-chain process execution engine. Our prototypical implementation demonstrates the feasibility of the approach .

PhD thesis defense of David Oudart on May 7 2020: “Model driven engineering applied to Smart Grids design: Cosimulation with FMI approach”

Model driven engineering applied to Smart Grids design: Cosimulation with FMI approach


Smart Grids are cyber-physical systems that interface power grids with information and communication technologies to monitor them, automate decision making and balance production with consumption. We want to use simulation to easily evaluate and compare several solutions before deployment in a real environment. The objective of this thesis is thus to propose tools and methods to model and simulate a Smart Grid in an industrial context. We have identified two main issues: How to combine heterogeneous models of a Smart Grid to simulate it? How to ensure consistency between the models produced by different stakeholders during the design of a Smart Grid? To address these issues, we propose a cosimulation approach, using the Functional Mockup Interface (FMI) standard. Our first two contributions are the proposal of a method to allow the exchange of discrete signals between several FMUs, and an extension of the OMNeT++ telecommunications simulation software implementing this method, called fmi4omnetpp. A third contribution is the development of the Smart Grid Simulation Framework tooled environment, which automates a number of repetitive tasks in order to ensure consistency between different simulation models. Finally, a fourth contribution is the formalization of an iterative design approach for the cosimulation of a Smart Grid, and how to integrate our Smart Grid Simulation Framework into it. To do so, we explain the different steps of the approach and the role of the actors involved in the design process, then we present its application to a real case study for which we use our Smart Grid Simulation Framework.

ACMES Team Retirement

Retirement program

19th and 20th December, 2019

at Domaine de Saint-Paul, Saint-Rémy-lès-Chevreuse (

Thursday 19/12

Morning (09:00 to 13:00)
09:00 – 09:30 – Welcome breakfast
09:30 – Introduction of the days, Amel
      – Presentations by groups (intro 5 ‘+ 3’ by non permanent (slot of 5 ‘) + 1 long talk of 20′ + 10’ questions
10:00 – 11:00 – DIEGO (Data IntElliGence and knOwledge) :
– 10:00 – Introduction group DIEGO, Walid
– 10:10 – Blockchain and IoT Conjugation for Process Deployment and Exploration, Leyla, 5′
– 10:25 – From Raw Signals to Human Skills Level in Physical Human-Robot Collaboration for Advanced Manufacturing Applications, Katleen, 5′
– 10:50 – Dynamic knowledge base for programmable networks: consistent views between resources, topology, configuration and service, Walid pour Wassim, 20’+10′
– ?? – P2P business process management based on Blockchain and IoT, Tiphaine, 5′ =>moved to afternoon

11:10 – 11:40 – DiSSEM (Distributed Systems, Software Engineering, and Middleware) :
– 11:10 – Introduction DiSSEM group, Sophie
– 11:20 – Middleware support for energy-awareness in the Internet of Things (IoT), Pedro, 5′
– 11:25 – Distributed processing of heterogeneous and imperfect information for the traceability of a supply chain in the context of the Internet of Things, Mohamed Ahmed, 5′
– 11:30 – Towards Autonomic Version Management in Self-healing Microservices Architecture, Yuwei, 5′
– 11:35 –  Real Analysis Theory in the context of Formal Verification of Cyber-Physical Systems, Marius, 5′
– ?? – A Model Based Toolchain for the Cosimulation of Cyber-Physical Systems with FMI, David, 20’+10′

15′ break

12:15 -13:10 –PDS (Parallel and Distributed Systems) :
– 12:15 – Introduction PDS group, Gaël
– 12:25 – Runtime prediction to guide runtime decisions, Alexis C,
– 12:30 – Scalevisor, un hyperviseur distribué pour le rack Yohan
– 12:45 – Optimization of NUMA effects on the input/output layer of an hypervisor, Damien
– 12:50 – NVcache : A hybrid cache powered by NVRAM, Rémi
– 12:55 – Automatic performance analysis for hybrid parallel applications, Anton
– 13:07 – Non-volatile Memory & Persistent Data Types in Managed Languages, Anatole
– 13:17 – A Domain Specific Language to enforce privacy using SGX, Suba
– 13:23 – Leaderless State Machine Replication and its applications Tuanir
– 13:34 – Degradation : a new principled approach to data consistency, Boubacar

13:40-14h30 : Lunch Break

Afternoon  (14:30 – 18:30)
14h30 – 15h30 –  Parallel  sessions :
Working groups (~8 people permanent staff and PhD students) on research themes (in rupture and also in the continuity of our work)
  1. Green (in IoT, HPC, etc.) (Chantal, Michel S., François, …)
  2. Efficiency of big data and machine learning systems (Bruno, Gaël, Elisabeth, Suba)
  3. Ethics, Reliability and Explainability of AI Systems  (Amel B., Denis, Paul, Sophie, Amel M., Badran, Eric)
  4. Serverless computing (Pierre, Djamel, …)
  5. Smart contract and blockchain for executing distributed applications (Mohamed, Tiphaine, …)

Break 5’
     15:35 – 16:40 –  10 mn of restitution per group

Break 5’

16:40 – 17:40 –  2 Parallel  sessions :
– Session IP Paris
    -Presentation of IP Paris and all the research ecosystem of Saclay
    – Discussion and identification of potential partnerships
    – Discussion of the future of the team
– Technical Session
    – Antidote: virtualized learning labs running over kubernetes”, Olivier
   – Suggestion :
   ECSA/SPLC 2019 Doctoral Symposium Keynote: Professor Carlo Ghezzi
 Becoming and being a researcher–what I wish someone would have told me when I started doing research

 19:00 – Cocktail &  Dinner

 Friday 20/12 – 08:30 – 12:30

08:00 – 08:30 – Breakfast
08:30 :  Session projet d’équipe (~1h à 1h30)
     – Team project progress report (HCERES)
— Workshops by research groups and restitution
— New issues, opportunities, etc.
— Identify calls for projects

10:00 Break

10:30 : Session miscellaneous  (~1h à 1h30)
           – Current state of IP Paris Master Programs
           – Bilocation: How to deal with TSP bilocation? which impact on the team functioning

12:30 : Lunch and closure of the retirement