The goal of the MADYNES research group is to design, to validate and to deploy novel management and security paradigms together with supporting software architectures and solutions that are able to cope with the growing dynamicity and the scalability issues induced by the ubiquitous Internet.
The project develops applied research activities in the following areas:
Autonomous Management:
the design of models and methods enabling self-organization and self-management of networked entities and services,
the evaluation of management architectures based on peer-to-peer and overlay principles,
the investigation of novel approaches to the representation of management information,
the modeling and performance evaluation of dynamic networks.
Functional Areas instantiate autonomous management functions:
the security plane where we focus on building closed-loop approaches to protect networking assets,
the service configuration where we aim at providing solutions covering the delivery chain from device discovery to QOS-aware delivery in dynamic networks,
monitoring where we aim at building solutions to characterize and detect unwanted service behavior.
The next generation Internet is the main application field of our research. Its architecture and the services that it is planned to support offer all dynamic and scalability features that we address in the complementary research directions of the project.
The foundation of the MADYNES research activity is the ever increasing need for automated monitoring and control within networked environments. This need is mainly due to the increasing dependency of both people and goods towards communication infrastructures as well as the growing demand towards services of higher quality. Because of its strategic importance and crucial requirements for interoperability, the management models were constructed in the context of strong standardization activities by many different organizations over the last 15 years. This has led to the design of most of the paradigms used in today's deployed approaches. These paradigms are the Manager/Agent interaction model, the Information Model paradigm and its container, together with a naming infrastructure called the Management Information Base. In addition to this structure, five functional areas known under Fault, Configuration, Accounting, Performance and Security are associated to these standards.
While these models were well suited for the specific application domains for which they were designed (telecommunication networks or dedicated protocol stacks), they all show the same limits. Especially they are unable:
to deal with any form of dynamicity in the managed environment,
to master the complexity, the operating mode and the heterogeneity of the emerging services,
to scale to new networks and service environments.
These three limits are observed in all five functional areas of the management domain (fault, configuration, accounting, performance and security) and represent the major challenges when it comes to enable effective automated management and control of devices, networks and services in the next decade.
MADYNES addresses these challenges by focusing on the design of management models that rely on inherently dynamic and evolving environments. The project is centered around two core activities. These activities are, as mentioned in the previous section, the design of an autonomous management framework and its application to three of the standard functional areas namely security, configuration and performance.
Self organization and automation are fundamental requirements within the management plane in today's dynamic environments. It is necessary to automate the management processes and enable management frameworks to operate in time sensitive evolving networks and service environments. The automation of the organization of devices, software components, networks and services is investigated in many research projects and has already led to several solution proposals. While these proposals are successful at several layers, like IP auto-configuration or service discovery and binding facilities, they did not enhance the management plane at all. For example, while self-configuration of IP devices is commonplace, no solution exists that provides strong support to the management plane to configure itself (e.g. finding the manager to which an agent has to send traps or organizing the access control based on locality or any other context information). So, this area represents a major challenge in extending current management approaches so that they become self-organized.
Our approach is bottom-up and consists in identifying those parameters and framework elements (manager data, information model sharing, agent parameters, protocol settings, ...) that need dynamic configuration and self-organization (like the address of a trap sink). For these parameters and their instantiation in various management frameworks (SNMP, Netconf, WBEM, ...), we investigate and elaborate novel approaches enabling fully automated setup and operation in the management plane.
Over the last years, several models have emerged and gained wide acceptance in the networking and service world. Among them, the overlay networks together with the P2P paradigms appear to be very promising. Since they rely mainly on fully decentralized models, they offer excellent fault tolerance and have a real potential to achieve high scalability. Mainly deployed in the content delivery and the cooperation and distributed computation disciplines, they seem to offer all features required by a management framework that needs to operate in a dynamic world. This potential however needs an in depth investigation because these models have also many characteristics that are unusual in management (e.g. a fast and uncontrolled evolution of the topology or the existence of a distributed trust relationship framework rather than a standard centralized security framework).
Our approach envisions how a complete redesign of a management framework is done given the characteristics of the underlying P2P and overlay services. Among the topics of interest we study the concept of management information and operations routing within a management overlay as well as the distribution of management functions in a multi-manager/agent P2P environment. The functional areas targeted in our approach by the P2P model are network and service configuration and distributed monitoring. The models are to be evaluated against highly dynamic frameworks such as ad-hoc environments (network or application level) and mobile devices.
Representation, specification and integration of management information models form a foundation for network and service management and remains an open research domain. The design and specification of new models is mainly driven by the appearance of new protocols, services and usage patterns. These need to be managed and exposed through well designed management information models. Integration activities are driven by the multiplication of various management approaches. To enable automated management, these approaches need to inter-operate which is not the case today.
The MADYNES approach to this problem of modeling and representation of management information aims at:
enabling application developers to establish their management interface in the same workspace, with the same notations and concepts as the ones used to develop their application,
fostering the use of standard models (at least the structure and semantics of well defined models),
designing a naming structure that allows the routing of management information in an overlay management plane, and
evaluating new approaches for management information integration especially based on management ontologies and semantic information models.
The impact of a management approach on the efficiency of the managed service is highly dependent on three factors:
the distribution of the considered service and their associated management tasks,
the management patterns used (e.g. monitoring frequency, granularity of the management information considered),
the cost in terms of resources these considered functions have on the managed element (e.g. method call overhead, management memory footprint).
MADYNES addresses this problem from multiple viewpoints: communication patterns, processing and memory resources consumption. Our goal is to provide management patterns combining optimized management technologies so as to optimize the resources consumed by the management activity imposed by the operating environment while ensuring its efficiency in large dynamic networks.
Securing the management plane is vital. While several proposals are already integrated in the existing management frameworks, they are rarely used. This is due to the fact that these approaches are completely detached from the enterprise security framework. As a consequence, the management framework is “managed” separately with different models; this represents a huge overhead. Moreover the current approaches to security in the management plane are not inter-operable at all, multiplying the operational costs in a heterogeneous management framework.
The primary goal of the research in this activity is the design and the validation of a security framework for the management plane that will be open and capable to integrate the security services provided in today's management architectures. Management security interoperability is of major importance in this activity.
Our activity in this area aims at designing a generic security model in the context of multi-party / multi-technology management interactions. Therefore, we develop research on the following directions:
Abstraction of the various access control mechanisms that exist in today's management frameworks. We are particularly interested in extending these models so that they support event-driven management, which is not the case for most of them today.
Extension of policy and trust models to ease and to ensure coordination among managers towards one agent or a subset of the management tree. Provisional policies are of great interest to us in this context.
Evaluation of the adequacy of key distribution architectures to the needs of the management plane as well as selecting reputation models to be used in the management of highly dynamic environments (e.g. multicast groups, ad-hoc networks).
A strong requirement towards the future generic model is that it needs to be instantiated (with potential restrictions) into standard management platforms like SNMP, WBEM or Netconf and to allow interoperability in environments where these approaches coexist and even cooperate. A typical example of this is the security of an integration agent which is located in two management worlds.
Since 2006 we have also started an activity on security assessment. The objective is to investigate new methods and models for validating the security of large scale dynamic networks and services. The first targeted service is VoIP.
Configuration covers many processes which are all important to enable dynamic networks. Within our research activity, we focus on the operation of tuning the parameters of a service in an automated way. This is done together with the activation topics of configuration management and the monitoring information collected from the underlying infrastructure. Some approaches exist today to automate part of the configuration process (download of a configuration file at boot time within a router, on demand code deployment in service platforms). While these approaches are interesting they all suffer from the same limits, namely:
they rely on specific service life cycle models,
they use proprietary interfaces and protocols.
These two basic limits have high impacts on service dynamics in a heterogeneous environment.
We follow two research directions in the topic of configuration management. The first one aims at establishing an abstract life-cycle model for either a service, a device or a network configuration and to associate with this model a generic command and programming interface. This is done in a way similar to what is proposed in the area of call control in initiatives such as Parlay or OSA.
In addition to the investigation of the life-cycle model, we work on technology support for distributing and exchanging configuration management information. Especially, we investigate policy-driven approaches for representing configurations and constraints while we study XML-based protocols for coordinating distribution and synchronization. Off and online validation of configuration data is also part of this effort.
Performance management is one of the most important and deployed management function. It is crucial for any service which is bound to an agreement about the expected delivery level. Performance management needs models, metrics, associated instrumentation, data collection and aggregation infrastructures and advanced data analysis algorithms.
Today, a programmable approach for end-to-end service performance measurement in a client server environment exists. This approach, called Application Response Measurement (ARM) defines a model including an abstract definition of a unit of work and related performance records; it offers an API to application developers which allows easy integration of measurement within their distributed application. While this approach is interesting, it is only a first step toward the automation of performance management.
We are investigating two specific aspects. First we are working on the coupling and possible automation of performance measurement models with the upper service level agreement and specification levels. Second we are working on the mapping of these high level requirements to the lower level of instrumentation and actual data collection processes available in the network. More specifically we are interested in providing automated mapping of service level parameters to monitoring and measurement capabilities. We also envision automated deployment and/or activation of performance measurement sensors based on the mapped parameters. This activity also incorporates self-instrumentation (and when possible on the fly instrumentation) of software components for performance monitoring purpose.
The results coming out from MADYNES can be applied to any dynamic infrastructure that contributes to the delivery of value added services. While this is a potentially huge application domain, we focus on the following environments at the network level:
multicast services,
ad-hoc networks,
mobile devices and IPv6 networks,
voice over IP infrastructure.
All these selected application areas exhibit different dynamicity features. In the context of multicast services, we focus on distribution, monitoring and accounting of key distribution protocols. On ad-hoc and dynamic networks we are investigating the provisioning, monitoring, configuration and performance management issues.
Concerning mobile devices, we are interested in their configuration, provisioning and monitoring. IPv6 work goes on in Information Models and on self-configuration of the agents.
At the service level, dynamics is also increasing very fast. We apply the results of our work on autonomous management on infrastructures which support dynamic composition and for which self-instrumentation and management automation is required.
The target service environments are:
sensor networks,
peer-to-peer infrastructures,
information centric networks,
ambiant environments.
The Madynes team got involved this year in some new funded collaborations:
in HUMA, funded at the french national level (FUI)
in Orange and Inria laboratory “<I/O Lab>”
The Alérion spin off is definitively on track (http://
Keywords: Large scale - Experimentation - Virtualization - Emulation
It can be used to transform an homogenenous cluster (composed of identical nodes) into an experimental platform where nodes have different performance, and are linked together through a complex network topology, making it the ideal tool to benchmark applications targetting such environments.
Participants: Luc Sarzyniec, Lucas Nussbaum and Tomasz Buchert
Partners: CNRS - Université de Lorraine - Loria - Grid'5000 - Inria
Contact: Lucas Nussbaum
Keywords: Security - Web - Privacy - TLS (Transport Layer Security)
Escape is a Firefox web browser add-on that offers the ability to bypass HTTPS firewalls that filter websites based on the SNI value of the TLS connection. In addition, it can be used to bypass legacy filtering of DNS requests. The extension is implemented in JavaScript and is based on another security add-on named Convergence.
Participants: Shbair Wazen, Thibault Cholez, Antoine Goichot and Isabelle Chrisment
Contact: Thibault Cholez
Keywords: Android - NetFlow - Monitoring
Flowoid is a flow based monitoring probe dedicated to Android environments. It uses the NetFlow protocol to send to a collector, information related to the network activities of running Android applications. The information about each connection are grouped into records containing traditional properties including source IP address, destination IP address, bytes, packets, etc. In addition, Flowoid associates and sends for each NetFlow record a set of information related to the geographic location of the device, the name of the application that established the connection, the state of the device screen (ON, OFF, locked, unlocked) and the type of the traffic (foreground, background).
Participants: Abdelkader Lahmadi, Frédéric Beck, Julien Vaubourg and Olivier Festor
Contact: Abdelkader Lahmadi
Grid'5000 is a scientific instrument designed to support experiment-driven research in all areas of computer science related to parallel, large-scale or distributed computing and networking. It gathers 10 sites, 25 clusters, 1200 nodes, for a total of 8000 cores. It provides its users with a fully reconfigurable environment (bare metal OS deployment with Kadeploy, network isolation with KaVLAN) and a strong focus on enabling high-quality, reproducible experiments.
Participants: Luc Sarzyniec, Jérémie Gaidamour, Arthur Garnier, Clement Parisot, Emmanuel Jeanvoine, Lucas Nussbaum and Émile Morel
Contact: Lucas Nussbaum
Kadeploy is a scalable, efficient and reliable deployment (provisioning) system for clusters and grids. It provides a set of tools for cloning, configuring (post installation) and managing cluster nodes. It can deploy a 300-nodes cluster in a few minutes, without intervention from the system administrator. It plays a key role on the Grid'5000 testbed (see below), where it allows users to reconfigure the software environment on the nodes, and is also used on a dozen of production clusters both inside and outside Inria.
Participants: Emmanuel Jeanvoine, Lucas Nussbaum and Luc Sarzyniec
Partners: CNRS - Université de Lorraine - Loria - Grid'5000 - Inria
Contact: Emmanuel Jeanvoine
Keywords: Modeling - Simulation - Simulator - Multi-model - Co-simulation - Multi-agent - Agent - Artefact
The MECSYCO suite (formerly AA4MM) is aiming at the modeling and simulation of complex systems. It provides concepts and tools to describe and then simulate a system as a set of heterogeneous models (namely a multi-model). It features MECSYCO-RE-java the Java implementation of the central part (core) and VisuAA4MM a visualization tool.
Participants: Vincent Chevrier (Former LORIA Maia team), Laurent Ciarletta, Julien Siebert, Yannick Presse, Benjamin Segault, Benjamin Camus, Victorien Elvinger, Julien Vaubourg, Christine Bourjot, Benjamin Vouillaume and David Michel
Partners: Université de Lorraine - Inria
Contact: Vincent Chevrier
Keywords: Internet of things - Home Automation - Health - Smart home - Home care - Connected object
MPIGate stands for Multi Protocol Interface GATEway for Tele-care, Environment Monitoring and Control. It is a set of softwares aiming at facilitating the development of both home automation and ambient assisted living applications thanks to the abstraction of heterogeneous sensor data and the facility of access to read and write functions over the devices plugged to the networks. This year, its evolution has mainly been carried out within SATELOR project and LAR project. Bluetooth Low Emission (BLE) has been integrated this year. It can be used by people working on home automation and ambient assisted living applications.
Participants: Mandar Harshe and Ye-Qiong Song
Contact: Yeqiong Song
Keywords: Experimentation - HPC - Cloud
Ruby-Cute is a set of Commonly Used Tools for Experiments, or Critically Useful Tools for Experiments, depending on who you ask. It is a library aggregating various Ruby snippets useful in the context of (but not limited to) development of experiment software on distributed systems testbeds such as Grid'5000.
Contact: Lucas Nussbaum
Keywords: Network monitoring - Scanning
This tool allows to scan the entire IPv4 space in an efficient way. It relies on the Zmap (smap.io) while optimizing the randomness of the scanned IP addresses to avoid overloading destination networks and reduce the probability to scan two successive addresses of the same IP address block. Our approach to generate random permutation of IP addresses outperforms the approach used by Zmap in terms of the distribution of distance between successive IP addresses. Besides, our scan methodology can be distributed from multiple sources with few efforts.
Contact: Jérôme François
XPFlow is an implementation of a new, workflow-inspired approach to control experiments involving large-scale computer installations. Such systems pose many difficult problems to researchers due to their complexity, their numerous constituents and scalability problems. The main idea of the approach consists in describing the experiment as a workflow and execute it using achievements of Business Process Management (BPM), workflow management techniques and scientific workflows.
Participants: Tomasz Buchert and Lucas Nussbaum
Contact: Lucas Nussbaum
SCADA Supervisory Control and Data Acquisitions refers to a centralized control and monitoring system for a variety of machinery and equipment involved with many industrial activities including: power generation and distribution, transportation, nuclear plants, manufacturing processes, etc. The most threaten accidents in SCADA networks are caused by targeted attacks, where adversaries exploit vulnerabilities available in software or network protocols components to disturb and make damage to the physical process. Therefore, it is important to provide new methods and tools for protecting SCADA networks from malicious cyber attacks targeting physical processes and infrastructures.
We are developing and maintaining a platform to assess and analyse the security of SCADA systems. The current version of the testbed combines real hardware Programmable Logic Controllers (PLCs) and simulation tools of physical processes. It also provides a set of tools that we have developed to capture and analyse control messages exchanged between a PLC and the physical processes. During the year 2015, we have received a regional funding to extend our platform with more devices and off-the-shelf solutions for home automation.
We have also extended the platform with IoT devices dedicated to home automation solutions (smart plugs, home boxes, lighting systems , door locks and detectors, etc). Our main goal is to rely on Software Defined Radio solution to evaluate the security of these devices and finding their communication protocol vulnerabilities.
In 2015, we pursued our collaboration with Juan Pablo Timpanaro a
former team's PhD student and published a new paper
on the I2P anonymous network
(http://
In we presented some results from our study based on a combination of crowdsending and survey. We discussed some technical problems we faced and some lessons learned during our crowdsensing experiment. Furthermore we showed how information regarding social context can be used for better interpretation of crowdsensed data. Next we selected some questions from the multiple choice survey questionnaire and combined the responses with crowdsensed data to analyze users’ perception about their smartphone usage and discussed cognitive factors associated with reporting information on questionnaires. Moreover we showed that combining sensing with survey can improve both the techniques and the combination has important use cases such as helping users to have a better understanding and control of their technology usage.
The main motivation of this work was to assess the exposition of
industrial systems in the Internet, especially by measuring how many
SCADA systems are accessible. To do so, we built an IPv4 methodology
which is able to scan the entire IPv4 address space by maximizing the
distance between consecutive IP addresses. It thus avoids colateral
effect of overloading targeted networks and being blacklisted. We thus
extend the Zmap tool (zmap.
This year, our work on security-oriented monitoring has been centered on building a distributed architecture that supports passive monitoring in the Internet of Things using the RPL protocol . A particular interest has been given to advanced metering infrastructure (AMI) networks, where higher order devices are expected to form the backbone infrastructure, to which more constrained nodes would connect. Our distributed architecture exploits the capabilities of these higher order devices to perform network monitoring tasks, and takes benefits from properties inherent to that protocol, such as DODAG building and multi-instance routing mechanisms, in order to passively monitor the environment with a minimal impact on constrained nodes.
We have also consolidated our taxonomy on security attacks in these networks . In addition, we have pursued our work on topological inconsistency attacks . It is evident from the experiments that we have conducted that mitigating such attacks is critical to avoid channel congestion and high resource usage. Our initial adaptive threshold (AT) strategy to mitigate the effects of such attacks has been further improved. The new strategy dynamically takes into account network characteristics in order to infer an appropriate threshold for counteracting these attacks.
During the year 2015, we have extended our monitoring platform dedicated to Android environments with more analytics features. The monitoring platform is dedicated to the collection, storage, analysis and visualization of logs and network flow data of mobile applications. The platform relies on a set of on-device probes to monitor network and system activities of these applications. The data are collected from these probes and parsed through generic and flexible collectors relying on Flume agents that we have adapted and extended. We are storing the collected data using a column oriented Hbase storage engine (Hadoop database). Finally, after being parsed, the data are made available within the Elasticsearch engine to search and visualize them using the Kibana tool. We have also presented the building blocks of the platform in a lab session within the conference AIMS 2015 .
We have also maintained an IETF draft to promote a standardization effort towards the extension of IP Flow-based monitoring with geographic information. Associating Flow information with their measurement geographic locations will enable security applications to detect anomalous activities. In the case of mobile devices, the characterization of communication patterns using only time and volume is not enough to detect unusual location-related communication patterns.
Besides, we looked at aggregating flows collected at the High Security Lab since a single attack is represented by multiple flows. For example, a DDoS or a scan is a sequence of similar parallel flows coming from the same or distributed machines. As attacks occur very frequently and even at the same time, grouping flows occurring in a pre-defined time window is not a valid approach. Two approaches have been investigated and are actually dependent of the sources of collected flows. First, we analyzed collected Netflow data from the Darknet which is basically a sinkhole without any services running or announced. Hence, all traffic is considered as abnormal and is limited to a set of predefined attacks. Indeed, since no packets can be sent back, complex attacks with different steps cannot be caught. Therefore, scanning, flooding-based denial-of-service and backscatter are the main types of anomalies we can observe. Flows are thus grouped and labeled regarding certain criteria (common IP addresses/subnets, ports, co-occurrence) thanks to a pre-established decision process . The final goal was to compare data collected in Nancy and in Tokyo. Secondly, we assume flow data without specific knowledge about the type of traffic it embeds. In such a case, the goal is to automatically extract recurrent patterns. The initial approach consisted in representing flows as nodes in a graph and linking them when sharing some properties (IP addresses, ports). Major subsequent problems have been faced like indexation, split flows in multiple files and visualization .
We previously investigated the latest technique for HTTPS traffic filtering that is based on the Server Name Indication (SNI) field of TLS and which has been recently implemented in many firewall solutions. We showed that SNI has two weaknesses, regarding (1) backward compatibility and (2) multiple services using a single certificate and we implemented a proof of concept of these vulnerabilities as a web browser extension (Escape). This work was published in the IFIP/IEEE IM'15 conference .
This led us to the development of new reliable methods to investigate the increasing number of HTTPS traffic that may hold security breaches but without relying on decryption at any step, in order to respect users' privacy (no HTTPS proxy). Many approaches already identify the main type of an application (Web, P2P, SSH,..) running in secure tunnels, and others identify a couple of specific encrypted web pages through website fingerprinting.
In this context, we developed a better technique to precisely identify the services run within HTTPS connections, i.e. to name the services, without relying on specific header fields that can be easily altered. We have defined dedicated features for HTTPS traffic that are used as input for a multi-level identification framework based on machine learning algorithms. Our evaluation based on real traffic shows that we can identify encrypted web services with a high accuracy. This work will be published next year in the IFIP/IEEE Network Operations and Management Symposium (NOMS 2016).
Our work during year 2015 was mainly focused on the orchestration of security functions in the context of mobile smart environments . Most of current security approaches for these environments are provided in the form of applications or packages to be directly installed on the devices themselves. Such approaches may be qualified as on-device. However, on-device approaches generally induce significant local resource consumption leading to the significant reduction of battery lifetime. In the meantime, current cloud-based approaches for mobile security attempt to deal with this issue by offloading most of the workload on a remote server, but may introduce significant additional latency. In that context, we have pursued the efforts on our strategy for dynamically outsourcing and composing security functions in the cloud, considering software-defined networking. The architecture relies on a set of security functions that are activated, configured and orchestrated according to the current contexts and risks, while a dedicated modelling has been introduced for supporting the evaluation of security compositions and their properties. The chaining of security functions is performed dynamically in order to fit with the security requirements of mobile devices at runtime. In particular, we have proposed in to analyze and cluster applications running on the mobile devices based on their network behaviors, in order to drive the selection and deployment of adequate security compositions that may be fully outsourced or split between in-cloud and on-device.
We have also investigated in to what extent security automation, more specifically in the context of vulnerability management, might be supported by conceptual knowledge discovery. The intended extension might be a mean to cope with the increasing dynamics and complexity of networked environments. Most current security solutions still seem to work under certain boundaries that prevent them to act intelligently and flexibly, i.e. strictly sticked to the available security information in order to analyze, report and eventually remediate found problems. Our purpose is to exploit methods and techniques coming from formal concept and knowledge discovery in databases, in order to provide high-level automation based on mechanisms capable of understanding, reasoning about, and anticipating the surrounding environment and its vulnerabilities.
This section covers our work on experimentation on testbeds (mainly Grid'5000), on emulation (mainly on Distem), and on Reproducible Research.
The team was again heavily involved in the evolutions and the governance of the Grid'5000 testbed.
In the context of ADT LAPLACE, Jérémie Gaidamour adapted and configured the CiGri middleware on Grid'5000. CiGri enables the execution of large campaigns of best-effort jobs (low priority, interruptible jobs). It is expected that this work will allow the remaining free time slots to be filled by tasks from other research communities such as natural language processing.
Jérémie Gaidamour also greatly improved stats5k, our tool to
generate metrics about the testbed (usage, resources availability,
etc.), available at https://
Arthur Garnier added the testing of Grid'5000 tutorials to our continuous integration installation, enabling the earlier detection of problems on the testbed. He then led the migration to PostgreSQL as the backend for the OAR batch scheduler – a behind-the-scenes but major migration.
In addition to daily administratrive duties and to his work on Kwapi described below (section ), Clément Parisot added support for production workloads to Grid'5000, extending the scope of the testbed to make it more suitable for additional user communities. He then managed the installation of the new clusters at Nancy, purchased in the context of OIP Grid'5000 and CPER CyberEntreprises.
Finally, in addition to his roles in the bureau, comité d'architectes and comité des responsables de sites of Grid'5000, Lucas Nussbaum managed the purchase of the new clusters at Nancy mentioned above, and gave several presentations about the testbed, at Journées SUCCES , at Retour d'expéRiences sur la Recherche Reproductible , and at École Cumulo Numbio.
Providing experimenters with deep insight about the effects of their experiments is a central feature of testbeds, that Grid'5000 was only partially addressing. We designed Kwapi, a framework that unifies measurements for both energy consumption and network traffic. Because all measurements are taken at the infrastructure level (using sensors in power and network equipment), using this framework has no dependencies on the experiments themselves. Initially designed for OpenStack infrastructures, the Kwapi framework allows monitoring and reporting of energy consumption of distributed platforms. In this work, we extended Kwapi to network monitoring, and overcame several challenges: scaling to a testbed as large as Grid'5000 while still providing high-frequency measurements; providing long-term loss-less storage of measurements; handling operational issues when deploying such a tool on a real infrastructure.
This work was published at Tridentcom and presented in a GENI/FIRE collaboration workshop . It is now in production as the default monitoring framework on Grid'5000.
Given the recent launch of two large NSF-funded projects that share similar goals as Grid'5000 (CloudLab and ChameleonCloud), we worked on analyzing the design choices made so far by those projects, comparing them with Grid'5000. Preliminary results were presented at REPPAR and at a GENI/FIRE collaboration workshop .
Several improvements have been made around Distem, mostly in the context of ADT COSETTE.
During the internship of Arthur Carcano, we tried to use Distem to experiment on NDN infrastructures. We obtained promising results, especially in terms of scale. We plan to continue this work and publish it in 2016.
We also submitted, to CCGRID, a paper demonstrating the use of Distem to evaluate fault tolerance and load balancing strategies implemented in Charm++. This submission is still pending evaluation.
Finally, in an effort to validate Distem performance, we studied the performance of Container-based virtualization technologies such as LXC or Docker, as most of the underlying technology is also shared with Distem. We studied their performance in the context of HPC, and showed that containers technology has matured over the years, and that performance issues are being solved. This work has been published at VHPC .
Following our survey of experiment management
tools accepted at FGCS at the end of 2014
and published early this year, we worked on Ruby-Cute, a library that
aggregates various useful functionality in the context of such
tools. We hope that it will be useful as a basis for future tools, and
ease testing of new ideas in that field. The library is available on
http://
In the context of our work on XPFlow, we worked on the collection of provenance during experiments. We surveyed provenance collection in various domains of computer science, introduced a new classification of provenance types suited to distributed systems experiments, and proposed a design of a provenance system inspired by this classification. This work has been published at REPPAR .
Lucas Nussbaum gave a presentation on Reproducible Research at the ICube laboratory seminar (Strasbourg). A shorter version of the talk was given to the Inria Comité des projets in Nancy.
Lucas Nussbaum also co-organized the second edition of REPPAR, a workshop on Reproducibility in Parallel Computing, held in conjunction with Euro-Par'2015.
We have formalized our previous work on the routing protocol for wireless sensor network by fuzzy logic specifications. The rules of routing metric composition are now valid for any network depth and we demonstrated its quality by real experimentation . This work is done in the context of the associated team we build with the Cameroun and the Inria international lab LIRIMA.
For potentially very large wireless sensor network, our routing or any other routing, can not limit traffic bottleneck near the network root. Network depth should also be reduced as hop by hop communication is a factor which strongly increases data loss rate. Considering theses problems Nesrine Khelifi PhD student of the Manouba University in Tunisia spent 3 months within the Madynes team trying to limit the depth of the network by splitting it under the supervision of network quality observers we had to define.
Recently, Operator calculus (OC) has been developed by Schott and Staples with whom we collaborate. We make use of OC methods on graphs to solve path selection in the presence of multiple constraints. Based on OC, we developed a distributed algorithm for path selection in a graph. This approach has been applied to efficiently solve a joint routing, channel and time slot scheduling optimization problem in UWB wireless sensor networks . We also designed a new routing protocol which makes use of this algorithm: the Operator Calculus based Routing Protocol (OCRP). In OCRP, a node selects the set of eligible next hops based on the given constraints and the distance to the destination. It then sends the packet to all eligible next hops. The protocol is implemented in Contiki OS (Rime profile) and emulated for TelosB motes using Cooja. We compared its performance against tree and directional flooding routing and showed the advantages of our technique . Our ongoing work consists in its comparison with RPL to show its practical contribution to handle simultaneously several IETF ROLL routing metrics. This work is part of Lorraine AME Satelor project granted by Lorraine Region.
Healthcare applications are considered as promising fields for Wireless Sensor Networks (WSNs). Thanks to WSNs, patients can be monitored in hospitals or smart home environments, providing health improvement, or emergency care. A key issue is the limited battery of sensors; indeed, current WSN research trends for healthcare applications include energy efficient routing and network lifetime guarantee mechanisms, among others. One of our ongoing work consists in designing a Smart Probabilistic Energy-Aware Routing Protocol (SPEAR) for WSNs which aims at maximizing the network lifetime by keeping low energy consumption and balancing network traffic between nodes. Our experimental campaign reveals that our SPEAR protocol outperforms the popular Energy Aware Routing Protocol (EAR) from the literature, proving to be more effective in extending the network lifetime. This work has resulted in a conference submission. It is part of Lorraine AME Satelor project granted by Lorraine Region.
The focus of our research is to minimize the energy consumption of the network through a management strategy that selectively switches off devices according to the traffic level. We consider a set of traffic scenarios and jointly optimize their energy consumption assuming a per-flow routing. We propose a traffic engineering mathematical programming formulation based on integer linear programming that includes constraints on the changes of the device states and routing paths to limit the impact on quality of service and the signaling overhead.
A very important issue that may be affected by green networking techniques is resilience to node and link failures. We thus extended the optimization models to guarantee network survivability. Results show that significant savings, up to 30%, may be achieved even when both survivability and robustness are fully guaranteed.
Computational cost of proposed models can be very high when dealing with large size instances (network size and/or number of demands). For this reason, we proposed and tested different problem formulations with the aim of solving larger size instances at optimality. We focus on a particular form of shared protection mechanism, where energy consumption is associated only to active devices during normal functioning. We propose a standard and a projected formulation, with additions of cuts and valid inequalities. Computational results show that the projected formulation is very effective . We plan to extend the work to consider multiperiod scenarios.
Network Functions Virtualization (NFV) is incrementally deployed by Internet Service Providers (ISPs) in their carrier networks, by means of Virtual Network Function (VNF) chains, to address customers' demands. The motivation is the increasing manageability, reliability and performance of NFV systems, the gains in energy and space granted by virtualization, at a cost that becomes competitive with respect to legacy physical network function nodes. From a network optimization perspective, the routing of VNF chains across a carrier network implies key novelties making the VNF chain routing problem unique with respect to the state of the art: the bitrate of each demand flow can change along a VNF chain, the VNF processing latency and computing load can be a function of the demands traffic, VNFs can be shared among demands, etc. We started our work providing an integer linear programming model for Virtual Network Functions Placement and demand rerouting. By extensive simulation on realistic ISP topologies, we draw conclusions on the trade-offs achievable between legacy Traffic Engineering (TE) ISP goals and novel combined TE-NFV goals .
With the emergence of IoT, many layer 2 protocols have been proposed with each of them its own characteristics, advantages and drawbacks. Choosing a protocol often depends on the global context, as for example number of users, time of the day... Although devices can now be fitted with multiple interfaces, using always the same specific layer 2 protocol is not efficient, in particular if we assume that connected devices are retrieving or exchanging similar contents. For example, assuming that WiFi is the most usable interface to download some files in Internet through an access point may not be ideal if a close-by device accessible by Bluetooth already has it. To accommodate so multiple layer 2 protocols, we propose to leverage the Named-Data Networking (NDN) paradigm which allows to explore in parallel multiple paths for retrieving content independently of the underlying protocol. Our first results show that such a theoretical solution cannot work practically. Indeed, applying NDN in a blind mode over multiple layer 2 protocols does not assume the corresponding specificities like for example various collision rates depending on the underlying protocols, which have to be taken into account.
Vincent Chevrier (former Maia team, Dep 5, LORIA) is a collaborator and the correspondant for the MS4SG project, Benjamin Camus, and Christine Bourjot (former MAIA team, Dep 5, LORIA) are collaborators for AA4MM/MECSYCO. Julien Vaubourg's PhD is under the co-direction of V. Chevrier and L. Ciarletta.
In Pervasive or Ubiquitous Computing, a growing number of communicating/computing devices are collaborating to provide users with enhanced and ubiquitous services in a seamless way.
These systems, embedded in the fabric of our daily lives, are complex: numerous interconnected and heterogeneous entities are exhibiting a global behavior impossible to forecast by merely observing individual properties. Firstly, users physical interactions and behaviors have to be considered. They are influenced and influence the environment. Secondly, the potential multiplicity and heterogeneity of devices, services, communication protocols, and the constant mobility and reorganization also need to be addressed. Our research on this field is going towards both closing the loop between humans and systems, physical and computing systems, and taming the complexity, using multi-modeling (to combine the best of each domain specific model) and co-simulation (to design, develop and evaluate) as part of a global conceptual and practical toolbox.
We proposed the AA4MM meta-model that solves the core challenges of multimodeling and simulation coupling in an homogeneous perspective. In AA4MM, we chose a multi-agent point of view: a multi-model is a society of models; each model corresponds to an agent and coupling relationships correspond to interaction between agents. In the MS4SG (Multi Simulation for Smart Grids) projet which involves some members of the former MAIA team, Madynes and EDF R&D on smart-grid simulation, we developed a proof of concepts for a smart-appartment case that serves as a basis for building up use cases.
In 2015 we worked on the following research topics:
Assessment and evaluation of complex systems.
Cyber Physical Systems
We have led the design and implementation of the Aetournos platform at Loria. The collective movements of a flock of flying communicating robots / UAVs, evolving in potentially perturbed environment constitute a good example of a Cyber Physical System. Applying co-simulation technique we plan to develop a hybrid "network-aware flocking behavior" / "behavior aware routing protocol".
We have provided a working set of tools: multi-simulation behavior / network / physics and generic software development using ROS (Robot Operating System). The UAVs carry a set of sensors for location awareness, their own computing capabilities and several wireless networks.
The effort put in the UAVs gathers academic and research ressources from the Aetournos platform, the R2D2 ADT and the 6PO project, while applied, industrial and more R&D projects have been pursued this year (Outback Joe Search and Rescue Challenge, Alerion, Hydradrone) .
MS4SG to link multi-simulations tools such as HLA (High Level
Architecture) and FMI (Functional Mockup Interface) thanks to our
AA4MM framework. We have so far successfully applied our solution to
the simulation of smart apartment complex and to combine the
electrical and networking part of a Smart Grid. The AA4MM software
has seen major improvements in 2015 thanks to the ressources
provided by the MS4SG project and a Carnot engineer financed thanks
to Inria. It has been renamed as MECSYCO
(http://
Starting from domain specific and heterogenous models and simulators, the MECSYCO suite allows for multi *systems* integration at several levels: conceptual, formal and software. A couple of visualization tools have been developed as proof of concepts both at run-time and post-mortem.
We have developed software components and plugins that interconnects within MECSYCO heterogeneous simulators from different domains: FMU (working with the 1.0 and 2.0 FMI standard for CoSimulation) ou non-FMU such as NS3 or Omnet++.
Several EDF oriented use cases have demonstrated multi-simulations.
In additon to technical reports, several publications have been accepted in 2015 on these subjects , and .
In Pervasive or Ubiquitous Computing, a growing number of communicating/computing devices are collaborating to provide users with enhanced and ubiquitous services in a seamless way.
These systems, incresingly numerous and heterogeneous, are embedded in the fabric of our daily lives. Our initial subject of interest is to study them with regards to their complexity: Those numerous interconnected and heterogeneous entities are exhibiting a global behavior impossible to forecast by merely observing individual properties.
Firstly, users physical interactions and behaviors have to be considered. They are influenced and influence their surroundings and the environment. Secondly, the potential multiplicity and heterogeneity of devices, services, communication protocols, and the constant mobility and reorganization also need to be addressed.
Our research on this field is going towards both closing the loop between humans and systems, physical and computing systems, and taming the complexity, using multi-modeling (to combine the best of each domain specific model) and co-simulation (to design, develop and evaluate) as part of a global conceptual and practical toolbox.
During some exploratory work, we have seen the potential of these Pervasive Computing ressources in the (Very Serious) Gaming area.
In 2015 we worked on the following topics:
Cyber Physical Systems
We pursuied the design and implementation of the Aetournos platform at Loria. The collective movements of a flock of flying communicating robots / UAVs, evolving in potentially perturbed environment constitute a good example of a Cyber Physical System. Eventually, we applied co-simulation technique and plan to develop a hybrid "network-aware flocking behavior" / "behavior aware routing protocol".
We developed a working set of tools: multi-simulation behavior / network / physics and generic software development using ROS (Robot Operating System). The UAVs carry a set of sensor for location awareness, their own computing capabilities and several wireless networks.
The effort put in the UAVs gathers academic and research ressources from the Aetournos platform, the Inria ADT R2D2 and the 6PO project, while applied, industrial and more R&D projects have been pursued this year (Medical Express / Outback Joe Search and Rescue Challenge, Alerion, Hydradrone, and a CIFRE PhD with Thales) .
Smart * (MS4SG)
We have studied scientific problems around model and simulator composition. We have also looked into practical and implementation issues in the frame of our MECSYCO /AA4MM solutions. We have added to our Smart Grid scenarios a smart appartment complex use case.
(Very Serious) Gaming: Starburst Gaming
Three main contributions have been made this year. Firstly iQueue-MAC has been extended to work on both single channel mode and multi-channel mode, improving its throughput performance . Secondly, S-CoSenS and iQueue-MAC our previously designed protocols have been implemented on RIOT OS over MSP430-based motes. Our contribution consists in developing a port of RIOT OS on the MSP430 micro-controller and demonstrating that RIOT OS offers rich and advanced real-time features, especially the simultaneous use of as many hardware timers as the underlying platform (micro-controller), which are fundamental features to implement high performance MAC protocols . The Cooja/MSPSim network simulation framework is widely used for developing and debugging, but also for performance evaluation of WSN projects. Our third contribution shows that Cooja is not limited only to the simulation of the Contiki OS based systems and networks, but can also be extended to perform simulation experiments of other OS based platforms, especially that with RIOT OS. Moreover, when performing our own simulations with Cooja and MSPSim, we observed timing inconsistencies with identical experimentations made on actual hardware. Such inaccuracies clearly impair the use of the Cooja/MSPSim framework as a performance evaluation tool, at least for time-related performance parameters. The detailed results of our investigations on the inaccuracy problems, as well as the consequences of this issue, and possible ways to fix or avoid it are available in . Part of this work has been supported by PIA LAR project.
Probabilistic end-to-end performance guarantee may be required when dealing with real-time applications. As part of ANR QUASIMODO project, we are dealing with Markov modeling of multi-hop networks running duty-cycled MAC protocols. One of the problems of the existing Markovian models resides in their strong assumptions that may not be directly used to assess the end-to-end delay in practice. In particular, realistic radio channel, capture effect and OS-related implementation factors are not taken into account. We proposed to explore a new approach combining code instrumentation and Markov chain analysis. In we propose a novel approach to obtain the Markov chain model of sensor nodes by means of Process Mining techniques through the analysis of MAC protocol execution traces for a given traffic scenario. End to end delay is then computed based on this Markov chain. Experimentations were done using IoT-LAB testbed platform. Comparisons in terms of delay have been presented for two different metrics of the RPL protocol (hop count and ETX). The overall approach and its generalization using non-linear regression techniques in terms of traffic rate are detailed in the PhD thesis of François Despaux defended in September 2015 .
This work has been carried out as part of a co-supervised PhD thesis between University of Lorraine and SupCom Tunis.
The objective of this research topic is to develop different resource allocation mechanisms in Network Virtualization, for increasing the QoS guarantee. Firstly, we demonstrated the potential of SDN in the QoS management of a virtualized home network (VN). We proposed and implemented ”FlowQoS”, a mechanism that can be deployed by an Internet Service Provider in the last-mile hop or in the home gateway. Performance measurements show that this solution can share bandwidth between applications according to user-defined configuration to guarantee QoS for each active traffic. The second contribution is the modeling of the interaction between service providers and infrastructure providers using game theory framework to offer dynamic sharing of physical infrastructure across multiple VN with different QoS requirements. We presented a set of non-cooperative games to model the negotiation phase and the dynamic allocation of nodes and physical links for each deployed VN. Finally we proposed a predictive approach that allows an adaptive control of bandwidth allocation in order to reduce the packet delays for a given VN on each physical link. The last two contributions offer dynamic sharing models of physical infrastructure resources while guaranteeing the QoS for each VN.
The overall approach is detailed in the PhD thesis of Said Seddiki defended in April 2015 .
The QoS must be guaranteed when dealing with real-time distributed systems interconnected by a network. Not only task schedulability in processors, but also message schedulability in networks should be analysed for validating the system design. Fault-tolerance is another critical issue that one must take into account. In collaboration with Thales TRT industrial partner as part of a CIFRE PhD work, we started a study on the real-time dependability of distributed multi-criticity systems interconnected by an embedded mesh network (RapidIO). For easing the QoS specification at the higher level, DDS middleware is used. We postulate that enhancing QoS for real-time applications entails the development of a cross-layer support of high-level requirements, thus requiring a deep knowledge of the underlying networks. This year, we proposed and implemented a new simulation/emulation/experimentation framework called ERICA, for designing such a feature. ERICA integrates both a network simulator (Ptolemy) and an actual hardware network to allow implementation and evaluation of different QoS-guaranteeing mechanisms. It also supports real-software-in-the-loop, i.e. running of real applications and middleware over these networks. Each component can evolve separately or together in a symbiotic manner, also making teamwork more flexible , .
Wireless sensor and actuator networks provide a key technology for fully interacting within a CPS (Cyber-Physical System). However, the introduction of the mobile actuator nodes in a network rises some new challenging issues. In this context, we addressed two important issues: the multiple target tracking using both fixed and mobile sensors and the optimal scheduling of mobile wireless energy chargers (actuators) for fixed sensor nodes.
In our work, the data association problem in multiple target tracking is investigated. To reduce the computational complexity of traditional Joint Probabilistic Data Association (JPDA) algorithm, a modified JPDA algorithm is proposed to execute data association in multiple target tracking by utilizing the information of occlusion conditions, which is identified by a three-step algorithm. Simulation results show that the proposed algorithm has good tracking performance but low computational complexity .
We also investigated the multiple mobile chargers coordination problem that is minimizing the energy expenditure of the mobile chargers while guaranteeing the perpetual operation of the wireless sensor network. We formulated this problem as a mixed-integer linear program (MILP). To solve this problem efficiently, we proposed a novel decentralized method which is based on Benders decomposition. The multiple mobile chargers coordination problem is then decomposed into a master problem (MP) and a slave problem (SP), with the MP for mobile chargers scheduling and the SP for mobile chargers moving and charging time allocation. The convergence of proposed method is analyzed theoretically. Simulation results demonstrated the effectiveness and scalability of the proposed method .
Performances of Big Data applications are tightly coupled with the performance of the network in supporting large data transfers. Deploying high-performance networks in data centers is thus vital but configuration and performance management as well as the usage of the network are of paramount importance. We thus surveyed helpful approaches in a book chapter . This chapter starts by discussing the problem of virtual machine placement and its solutions considering the underlying network topology. It then provides an analysis of alternative topologies highlighting their advantages from the perspective of Big Data applications needs. In this context, different routing and flow scheduling algorithms are discussed in terms of their potential for using the network most efficiently. In particular, Software-Defined Networking relying on centralized control and the ability to leverage global knowledge about the network state is propounded as a promising approach for efficient support of Big Data applications.
Information Centric Networking (ICN) has become a promising new paradigm for the future Internet architecture. It is based on named data, where content address, content retrieval and the content identification is led by its name instead of its physical location. One of the ICN key concepts relies on in-network caching to store multiple copies of data in the network and serve future requests, which helps reducing the load on servers, congestion in the network and enhances end-users delivery performances. Thus, the efficiency of the CCN architecture depends drastically on performances of caching strategies at each node. To date, there has been a lot of studies proposing new caching strategies to improve the performances of CCN. However, among all these strategies, it is still unclear which one performs better as there is a lack of common environment to compare these strategies. To this end, we compared the performances of CCN caching strategies within the same simulation environment. We build a common evaluation scenario and we compare via simulation five relevant caching strategies: Leave Copy Everywhere (LCE), Leave Copy Down (LCD), ProbCache, Cache “Less” For More and MAGIC. We analyze the performances of all the strategies in terms of Cache Hit, Stretch, Diversity and Complexity, and determine the cache strategy that fits the best with every scenario. This work has been published in IEEE Globecom 2015 .
At the meantime, CCN architecture uses Interest and Data messages to request and receive the data, and there has been no routing scheme to match a request to a specific content, as it is currently the case in the Internet. Indeed, CCN relies on flooding, which is a limitation for a future deployment at the Internet-scale. To this end, we proposed a Routing Scheme for CCN based on the softwarization (SDN). In our scheme SRSC, a controller gets knowledge of the network it administers as well as the content, and each node request the next hop to forward the Interest to their controller, until it reaches the closer Content Stores with the requested content. Nodes use a communication channel with the controller that relies only CCN messages and does not use the traditional SDN communication channel protocol Openflow over IP. The rationale is to help having CCN as a stand-alone new networking stack and to enforce its deployement without the IP infrastructure. This research work has been published in IEEE Netsoft 2015 and Algotel 2015 .
Xilopix (Epinal, France):
Pay-per-use contract for the use of Grid'5000
Support contract for their use of Grid'5000 (define experimental requirements and plans)
CIFRE, Thales TRT (Paris, France):
CIFRE PhD (Florian Greff, managed by Ye-Qiong Song and Laurent Ciarletta)
Dynamic reconfiguration and graceful degradation of distributed real-time applications over mesh networks
CIFRE, Orange Labs (Issy-Les-Moulineaux, France)
CIFRE PhD (Maxime Compastie, managed by Olivier Festor and Remi Badonnel)
Software-Defined Security for Distributed Cloud Infrastructures
CIFRE, Xilopix (Epinal, France):
CIFRE PhD (Abdulqawi Saif, managed by Ye-Qiong Song and Lucas Nussbaum)
Open Science for the scalability of a new generation search technology
Funded by Region Lorraine and Université de Lorraine since 2013. Adel Belkadi (CRAN & LORIA) is co-directed by L. Ciarletta and Didier Theilliol (CRAN correspondant).
6PO (“Systèmes Cyber-Physiques et Commande Coopérative Sûre de Fonctionnement pour une Flotte de Véhicules sans Pilote” ) is a joint research project between the Loria and CRAN laboratories. As a part of the Aetournos ecosystem, it also aims at researching solutions for safe formation flying of collaborative UAVs seen as part of a collection of Cyber Physical Systems mixing computer science and automation solutions.
It is reinforced by a PhD grant from this federation that started in october 2014 (Conception de méthodes de diagnostic et de tolérance aux fautes des systèmes multi-agents: Application à une flotte de véhicules autonomes, Adel Belkadi).
This led to common publications, notably on the subjects of control of a fleet of UAV (with or without leader, using particle swarm optimisation and ) and the organisation of a Federation Charles Hermite research day in may 2015.
The project provides common use cases and scientific challenges that serve as catalysts for collaboration between teams from different research topics :
Cyber Physical Systems, Real Time, Quality of service, Performance and Energy in Wireless Sensors and Activator Networks
Collaborative, communicating autonomous systems and Unmanned Vehicles
Safety, Dependabilty, Reliability, Diagnosis, Fault-Tolerance
Funded by the Region Lorraine under the R&D program.
The Madynes team has been working on the Hydradrone project since July 2014. It started as a collaborative R&D initiative funded by Région Lorraine and is now FEDER funded. This project started as a joint work between Madynes and PEMA (Pedon Environnement et Milieux Aquatiques), an SME/VSE (small and medium size Entreprise, PME/TPE). The consortium now includes Alerion another VSE, spinoff form Loria.
It consists in developing a new solution for the surveillance of aquatic environment, the Hydradrone:
starting with an actual need for automated and remote operation of environmental sensing expressed by PEMA
based on an hybrid UxV (Unmanned Air, Surface... Vehicle),
some Cyber Physical bricks in coherence with the Alerion's concepts (ease of use, safety, autonomy)
and an integration in the Information System of the company
PEMA, as an environmental company, is providing the use cases and terrain (and business) validation, while Alerion is working on the integration and engineering of the solution.
This first year has been dedicated to the development of :
a couple of small scale hydradrones / proofs of concept (the UxV) for both hardware and software (embedded / remote)
a larger 1:1 scale hydradrone for heavy sensor payload
evaluation of the needed sensor payload, and the requirements to turn them into "cyber physical" components.
The Madynes team is involved in Satelor, a regional research and development project funded by the AME (Agence de Mobilisation Economique) of Lorraine (October 2013 – September 2016). The consortium includes academic (Univ. of Lorraine, Inria), medical (OHS) and industrial (Diatelic-Pharmagest (lead), ACS, Kapelse, Salendra, Neolinks) partners. It aims at developing innovative and easily deployable ambient assisted living solutions for their effective use in the tele-homecare systems. The Madynes team is mainly involved in the data collection system development based on wireless sensors networks and IoT technology. The first topic consists in defining the basic functions of the future SATEBOX – a gateway box for interconnecting in-home sensors to the medical datacenter, based on our previously developed MPIGate software. A beta-version prototype of the future Satebox gateway has been realased. It now includes Zigbee wireless sensors, EnOcean battery-free sensors and Bluetooth Low Energy sensors. It provides a low-cost and easily deployable solution for the daily activity monitoring. After its first real-world deployment at a OHS hospital room, a second prototype testbed has been prepared for a further test deployment including several rooms. The second topic is related to improving the data transfer reliability while still keeping minimum energy consumption. This has led us to focus on the multi-hop mesh network topology with multi-constrained QoS routing problem (PhD thesis of Evangelia Tsiontsiou) . The third topic is related to the wireless charging of sensor nodes (PhD work of Lei MO) in order to keeping sensors in perpetual working state . A new direction has been also investigated which consists in using the CSI (channel signal information) of the omnipresent WiFi (IEEE802.11n) as a new generation of contactless sensors. A first test bed of using CSI to measure the respiration rate has been set up.
The DOCTOR project http://
This year, we mainly worked on the WP1 which goal is to define the global architecture of DOCTOR and select the most relevant technologies solutions , . We focused on performance of different virtualization solutions. We also contributed to WP4, dedicated to the testbed infrastructure . We also provided a routing scheme for NDN based on a softwarization approach (Software-Defined Networking, SDN) , .
LAR (Living Assistant Robot) is a PIA (Projet investissement d'avenir) national project getting together Inria (MAIA and MADYNES projects), Crédit Agricole (lead), Diatelic and Robotsoft. The aim is to develop an ambient assisted living system for elderly including both sensors and assistant robots. The task of Madynes team is the development of a WSN-based system integrating both sensors of the environment and sensors and actuators embedded on a mobile robot. The research issues include the QoS, energy and mobility management. This year we have intensively tested the S-CoSenS MAC protocol under RIOT OS by using ARM Cortex-M3 motes of IoT-LAB (Grenoble) and especially contributed to the improvement of the robustness (see section ). Another achievement is the connection of our MPIGate-based sensor data collect system to the application server, by the mean of properly defined JSON message formats.
The HUMA project (L’HUmain au cœur de l’analyse de données MAssives pour la sécurité) is funded under the national FUI Framework (Fonds Unique Interministerial) jointly by the BPI (Banque Publique d'Investissement) and the Région Lorraine. It has been approved by two competitive clusters: Systematic and Imaginove. The consortium is composed of three academic (ICube, Citi, Inria) and five industrial (Airbus Defence and Space, Intrinsec, Oberthur, Wallix, Sydo) partners. The leader is Intrinsec.
This project started in September 2015 and targets the analysis of Advanced Persistent Threat. APT are long and complex attacks which thus cannot be captured with standard techniques focused on short time windows and few data sources. Indeed, APTs may be several months long and involve multiple steps with different types of attacks and approaches. The project will address such an issue by leveraging data analytics and visualization techniques to guide human experts, which are the only one able to analyze APT today, rather than targeting a fully automated approach. Academic partners will be mainly focused on defining those techniques while industrial partners will build an experimental platform to design a testing platform and data collectors.
The challenges addressed by the Inria-Orange joint lab relate to the virtualization of communication networks, the convergence between cloud computing and communication networks, and the underlying software-defined infrastructures. This lab aims at specifying and developing a GlobalOS (Global Operating System) approach as a platform or a software infrastructure for all the network and computing resources required by the Orange network operator. Our work, started in November 2015, concerns in particular monitoring methods for software-defined infrastructures, and management strategies for supporting software-defined security in multi-tenant cloud environments.
This ADT is linked to the consortium Metroscope
http://
The goal of this ADT is to provide an novel security solution for Android platforms where the users will be able to evaluate the security level of their devices. The solution relies on the analysis and collection of logs and network activities of running Android applications to detect malicious activities and also the detection of vulnerable configurations of the device using an OVAL-based approach. Through this ADT, funded by Inria an engineer (Eric Finickel) was hired for 2 years (2013-2015). The work was focused on the development of Android devices embedded probes to export logs and network activities, and also the design and setup of collector and analysis applications using a Hadoop based framework. The resulting platform from this ADT is currently deployed in the High Security Lab and it will be extended during the year 2016.
The goal of this ADT is to provide assistance in developing the Aetournos platform. Through this ADT, funded by Inria, Ceilidh Hoffmann stayed until february 2015 and then Raphaël Cherfan was hired for the rest of the year (2015). They both have been helping maintaining the Aetournos platform, coordinating students work on the platform and tutoring the Aetournos team for the 2014 and 2016 Outback Joe Search and Rescue / Medical Express Challenge.
This ADT started on 2014 and will end on 2016. The Madynes project is a major partner funded at the level of 120k€. ADT LAPLACE builds upon the foundations of the Grid'5000 testbed to reinforce and extend it towards new use cases and scientific challenges. Several directions are being explored: networks and Software Defined Networking, Big Data, HPC, and production computation needs. Already developed prototypes are also being consolidated, and the necessary improvements to user management and tracking are also being performed.
This ADT started on 2013 and will end on 2016. The Madynes project is the only partner funded at the level of 120k€.ADT COSETTE, for COherent SET of Tools for Experimentation aims at developing or improving a tool suite for experimentation at large scale on testbeds such as Grid'5000. Specifically, we will work on (1) the development of Ruby-CUTE, a library gathering features useful when performing such experiments; (2) the porting of Kadeploy, Distem and XPFlow on top of Ruby-CUTE; (3) the release of XPFlow, developed in the context of Tomasz Buchert's PhD; (4) the improvement of the Distem emulator to address new scientific challenges in Cloud and HPC. E. Jeanvoine (SED) is delegated in the Madynes team for the duration of this project.
RIOT ADT is a multi-site project with Infine and Madynes teams, which
started in December 2015 for a duration of two years. The high-level
objective is to (1) contribute open source code, upstream, to the RIOT
code base, (2) coordinate RIOT development within Inria, with other
engineers and researchers using/developing RIOT, (3) coordinate RIOT
development outside Inria, help maintain the RIOT community at large
(see www.
Specific objectives of Madynes team include (a) implementation, on RIOT, of new MAC protocols issuing from the latest research, as well as the design of the MAC layer interfaces both with the upper network layer and directly with applications (API), (b) RIOT drivers development to allow efficiently interfacing with both radio transceivers and sensors (via UART, SPI, I2C, GPIO, …), according to the chosen hardware platforms (e.g., Zolertia Z1, AVR, ARM Cortex), (c) implementation of the previous solutions in a smart home environment, (d) development of an MCU emulator, (e) integration of the developed MCU emulator into a network simulation tool (e.g. Cooja).
Alerion is an "e-falconry" startup created by a member of Madynes in June 2015. Its goal is to provide novel solutions and services in the field of UxV (Unmanned Air, Ground, Surface ... Vehicles) and in moving and interacting objects of the "Internet of Things". The concept is to enhance such existing systems or design new ones by combining well-designed (i.e with regards to efficiency, safety, ease of use) components and containers seen as Cyber Physical bricks. This has also given some publications , and . The Alerion project is also actively supporting the international UAV Challenge team that is participating to the "Medical Express", the new "Outback Joe Challenge".
Title: Management of the Future Internet
Programm: FP7
Duration: November 2012 - October 2016
Coordinator: University Twente
Partners: Iminds Vzw (Belgium), Jacobs University Bremen Ggmbh (Germany), University College London (United Kingdom), Université de Lorraine (France), Universitaet Der Bundeswehr Muenchen (Germany), Universitat Politecnica de Catalunya (Spain), Universiteit Twente (Netherlands), Universitaet Zuerich (Switzerland)
Inria contact: Jérôme François
The goals of FLAMINGO are (a) to strongly integrate the research of leading European research groups in the area of network and service management, (b) to strengthen the European and worldwide research in this area, and (c) to bridge the gap between scientific research and industrial application.
In 2015, our activities of Flamingo have been focused on automated configuration using service function chaining for mobile device (section ), sensor network monitoring to counter-fight attacks in cooperation with the Jacobs University Bremen (§), leading the standardization activities of the project (WP leader), enhancing our flow-based monitoring specification to be standardized at the IETF in a close future (§) and Online training material on network management (§).
LIRIMA (Laboratoire international de recherche en informatique et mathématiques appliquées): Madynes is associated with the MASECNESS research team of the Yaoundé University, Cameroun. The collaboration is about wireless sensors networks and was the support for funding student mobility (4 months this year). The LIRIMA has also supported the purchase of thirty sensors used in our common work. Some results have been presented this year at the scientific workshop of the LIRIMA held in St-Louis of Senegal.
Since September 2015, Thomas Silverston is on leave at JFLI (délégation CNRS), an international joint-laboratory between CNRS, Inria, UPMC, Univ. Paris Sud, Keio University, NII and the University of Tokyo located in Tokyo, Japan. He is currently hosted at the University of Tokyo. His main research objectives are on virtualization on new network architecture (e.g.: ICN/NDN) through the use of software-defined networking or Network Function Virtualization.
Dash Kondo, a PhD student from Madynes, is currently doing an internship at JFLI at the University of Tokyo with Prof. Asami Tohru and Thomas Silverston, on virtualization and security in NDN.
University of Luxembourg: Jérôme François is a Fellow at SnT (Interdisciplinary Center for Security, Reliability and Trust) to empower our collaboration with the University of Luxembourg. This collaboration is now focused on network virtualization, which also includes the co-advising of S. Signorello.
University of Waterloo: we pursue our collaboration with the team of Prof. Raouf Boutaba especially on using SDN for scheduling flows generated by Big Data applications. This work lead to a a survey .
The AKD project, funded by the STIC-AmSud Program, addresses the challenge of autonomic knowledge discovery for security vulnerability prevention in self-governing systems. The partners include Federal University of Rio Grande do Sul (UFRGS, Brazil), Republic University of Uruguay (INCO, Uruguay), Technical University of Federico Santa Maria (UTFSM, Chile), and Inria (Orpailleur, Madynes). Computer vulnerabilities constitute one of the main entry points for security attacks, and therefore, vulnerability management mechanisms are crucial for any computer systems. However autonomic mechanisms for assessing and remediating vulnerabilities can degrade the performance of the system and might contradict existing operational policies. In that context, this project started in January 2015 focuses on the design of solutions able to pro-actively understand the behavior of systems and networks, in order to prevent vulnerable states. For that purpose, our work concerns more specifically the exploitation and integration of knowledge discovery techniques within autonomic systems for providing intelligent self-configuration and self-protection. It also investigates the building of flexible and dynamic security management mechanisms taking benefits from software-defined methods and techniques.
Nesrine Khelifi, 18/06/2015-18/09/2015, Université de Manouba - Tunisie. See §
Seetaraman Savita, 10/07/2015-31/10/2015, University of Trento (Italy), Benchmarking of virtualized network functions
Dr. Jian Li, associate professor at Shanghai Jiaotong University (China) visited the team for two weeks in December and given a talk on the recent research results of his group on network virtualization and cloud applications.
Thomas Silverston is currently on leave (Delegation CNRS) at the University of Tokyo within JFLI, an international joint-lab between CNRS, Inria, UPMC, Univ. Paris Sud, Keio University, NII and the University of Tokyo. Daishi Kondo, co-advised with Prof. Olivier Perrin (UL) and Thomas Silverston, is also doing an internship at the JFLI from September 2015 to February 2016.
Thomas Silverston organized (General Chair) the 2nd international Workshop on Crowd-Assisted Sensing in Pervasive Systems and Communications (CASPER'2015) along with the IEEE PERCOM Conference on March 27th 2015.
Remi Badonnel was member of the organizing committee for the following conferences: IEEE International Conference on Cloud Networking (IEEE CloudNet 2015), IEEE International Conference on Network Softwarization (IEEE NetSoft 2016).
Isabelle Chrisment was member of the organizing committee for the following conferences: JCSA 2015 (Journée du Conseil Scientifique de l'AFNIC) "Quelles mesures sur Internet, pour quels usages scientifiques et techniques, RESSi'15 (Rendez-vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information).
Lucas Nussbaum was member of the organizing committee for the following conferences: Reppar (2st International Workshop on Reproducibility in Parallel Computing, held together with Euro-Par 2015).
Vassili Rivron and Cécile Dolbeau-Bandin organized a one-day seminar on “Us et abus de l’Internet : enjeux sociologiques et psychologiques des pratiques numériques“, Université de Caen Basse Normandie, Caen, on 25th September 2015.
Vassili Rivron, Claudia Ignat and Isabelle Chrisment organized a one-day seminar on "Social science insights for large scale and mobile collaboration/networks", LORIA, Nancy, on 14th September 2015.
Ye-Qiong Song was member of the organizing committee for MSR 2015
(http://
Rémi Badonnel was TPC co-chair for the following conferences: IFIP/IEEE International Symposium on Integrated Network Management (IFIP/IEEE IM 2015), the Experience Track of the IFIP/IEEE Network Operations and Management Symposium (IFIP/IEEE NOMS 2016), IFIP/IEEE International Workshop of Management of the Future Internet (IFIP/IEEE ManFI 2016), IFIP International Conference on Autonomous Infrastructure, Management and Security (IFIP AIMS 2016).
Laurent Ciarletta was associated Associate Editor for IEEE CSS / RAS International Conference on Unmanned Aircraft Systems ICUAS 2015.
Jérôme François was co-chair of the PhD workshop at IFIP International Conference on Autonomous Infrastructures, Management and Security (IFIP AIMS'15).
Bernardetta Addis: International Conference on Green IT Solutions (ICGREEN 2015) ; Design of Reliable Communication Networks (DRCN 2016)
Remi Badonnel: IFIP/IEEE International Symposium on Integrated Network Management (IFIP/IEEE IM 2015) ; IFIP International Conference on Autonomous Infrastructure, Management and Security (IFIP AIMS 2015) ; IFIP/IEEE International Conference on Network and Service Management (IFIP/IEEE CNSM 2015) ; IEEE Global Information Infrastructure and Networking Symposium (IEEE GIIS 2015) ; Asia-Pacific Network Operations and Management Symposium (APNOMS 2015) ; IEEE Global Communications Conference (IEEE GLOBECOM - SAC 2015) ; IFIP/IEEE Network Operations and Management Symposium (IFIP/IEEE NOMS 2016).
Thibault Cholez: 7th IEEE International Workshop on Network Science for Communication Networks (NetSciCom 2015) ; 9th International Conference on Autonomous Infrastructure, Management and Security (AIMS 2015) PhD workshop.
Isabelle Chrisment: IFIP International Conference on Autonomous Infrastructures, Management and Security (IFIP AIMS'15); Rencontres Francophones sur les Aspects Algorithmiques de Télécommunications (AlgoTel'15); Colloque francophone sur l’ingénierie des protocoles et Nouvelles Technologies de la Répartition (CFIP-NOTERE'15); IFIP/IEEE International Symposium on Integrated Network Management (IFIP/IEEE IM'15); IFIP/IEEE International Symposium on Network Operations and Management (IFIP/IEEE NOMS'16).
Laurent Ciarletta: EEE CSS / RAS International Conference on Unmanned Aircraft Systems ICUAS 2015.
Olivier Festor: IFIP/IEEE International Symposium on Integrated Network Management (IFIP/IEEE IM 2015); IFIP International Conference on Autonomous Infrastructure, Management and Security (IFIP AIMS 2015); IFIP/IEEE International Conference on Network and Service Management (IFIP/IEEE CNSM 2015); Asia Pacific Network Operations and Management Symposium (APNOMS 2016); ACM SIGCOMM Poster/Demo Committee 2015; IEEE International Conference in COmmunications (IEEE ICC 2016); IEEE Internationa Conference on Network Softwarization (IEEE Netsoft 2015, IEEE Netsoft 2016); IFIP/IEEE Network Operations and Management Symposium (IFIP/IEEE NOMS 2016).
Jérôme François: IFIP/IEEE International Symposium on Integrated Network Management (IFIP/IEEE IM'15); Sec-SDN workshop of the 1st Network Softwarization Conference (IEEE NetSoft, 2015); Asia-Pacific Network Operations and Management Symposium (APNOMS 2015); Principles, Systems and Applications of IP Telecommunications (IPTComm'15); Global Information Infrastructure and Networking Symposium (IEEE GIIS 2015).
Abdelkader Lahmadi: IFIP/IEEE International Symposium on Integrated Network Management (IFIP/IEEE IM'15); IFIP/IEEE International Symposium on Network Operations and Management (IFIP/IEEE NOMS'16); Asia-Pacific Network Operations and Management Symposium (APNOMS 2015); IFIP/IEEE International Workshop on Management of the Future Internet (ManFI 2015).
Lucas Nussbaum: Reppar (2nd International Workshop on Reproducibility in Parallel Computing, held together with Euro-Par 2015); CloudCom'2015 (HPC on Cloud track); WETICE'2015 (Convergence of Distributed Grid, Cloud and their Management track); ComPAS'2015.
Thomas Silverston: CASPER'15 Workshop (with IEEE Percom); ICNS Workshop (with IEEE Globecom'15); ACM AINTEC 2015, ACM ICN 2015 (Posters and Demos).
Françoise Simonot-Lion: 10th IEEE International Workshop on Factory Communication Systems (WFCS 2015); CARS@EDCC2015, satellite workshop of the 11th European Dependable Computing Conference - Dependability in Practice, 2015.
Ye-Qiong Song: 10th IEEE International Workshop on Factory Communication Systems (WFCS 2015); 5th IEEE International Conference on Communications and Networking (ComNet 2015); 20th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA 2015); 13th International Conference on Smart Homes and Health Telematics (ICOST 2015); 8th IFIP Wireless and Mobile Networking Conference; 23rd International Conference on Real-Time Networks and Systems (RTNS 2015).
Rémi Badonnel is Associate Editor for the Wiley International Journal of Network Management (IJNM).
Olivier Festor is Associate Editor for -IEEE Transactions on Network and Service Management and -Wiley International Journal of Network Management (IJNM).
Françoise Simonot-Lion is Associate Editor for the IEEE Transactions on Industrial Informatics.
Ye-Qiong Song is Associate Editor for the Elsevier Computers and Electrical Engineering Journal.
The following reviews for journals has been made by team members:
Bernardetta Addis: Computers and Operation Research (COR), Discrete Applied Mathematics (DAM), Journal of Network and Systems Management (JONS), Telecommunication Systems (TELS).
Remi Badonnel: IEEE Transactions on Network and Service Management (IEEE TNSM), Springer Journal of the Network and Systems Management (JNSM), Elsevier International Journal on Computer Networks (COMNET), IEEE Communications Magazine (COMMAG).
Thibault Cholez: IEEE Transactions on Network and Service Management (IEEE TNSM), IEEE Communications Letters.
Isabelle Chrisment: Elsevier Computer Communications (COMCOM).
Abdelkader Lahmadi: IEEE Transactions on Network and Service Management (IEEE TNSM), Springer Journal of the Network and Systems Management (JNSM), Wiley International Journal of Network Management (IJNM).
Lucas Nussbaum: Concurrency and Computation: Practice and Experience ; SoftwareX.
Thomas Silverston: Elsevier Computer Network.
Françoise Simonot-Lion: Journal Mathematical Problem in Engineering, IEEE Transactions on Industrial Informatics.
Ye-Qiong Song: the Elsevier Computers and Electrical Engineering journal, Elsevier Ad hoc network journal, Journal of Real-time systems (Springer), ACM Transactions on Architecture and Code Optimization (TACO), IEEE transaction on cloud computing.
Isabelle Chrisment gave a talk on Mitigation of Topological Attacks in RPL based Networks at the IFIP WG11.2 seminar in June 2015, Paris, France.
Isabelle Chrisment and Jérôme François gave a talk on Internet Monitoring for Tracking Cybercriminal Activities at the French-German Cybersecurity Workshop, in February 2015, Saarbrücken, Germany.
Jérôme François gave a talk on monitoring network for fighting cybersecurity threats at the Cybersecurity French-Japanese Workshop in April 2015, Tokyo, Japan. He presented a tutorial on data analytics for network management at IFIP AIMS 2015. He also presented flow aggregation techniques at the first NMLRG (Network Machine Learning Resarch group) meeting at the IETF 94.
Olivier Festor is Chair of the IFIP Working-Group 6.6 on Network and systems management. This working group is actively involved the animation of most major conferences in this research area and organizes frequent meetings and workshops on the domain.
Olivier Festor was Co-chair together with Lisandro Zambenedetti Grandvile from the Federal University of Rio Grande do Sul (UFRGS) of the Internet Research Task Force (IRTF) Network Management Research Group until november 2015.
Isabelle Chrisment is member of AFNIC scientific board since January 2013.
Thibault Cholez was invited by Thales to review the results of the NoE FP7 CAPITAL whose objective was to propose and motivate a research program in the field of cyber security for the European Commission.
Olivier Festor served as external expert in the AERES panel for the LIG laboratory evaluation.
Isabelle Chrisment participated in the review of a FNR (Fonds National de la Recherche - Luxembourg) proposal.
Thomas Silverston participated in the review of a FNR proposal (Luxembourg).
Françoise Simonot-Lion is Scientific Delegate with HCERES. She was member of the regional jury for the i-LAB 2015 Competition (Ministère de l'Enseignement Supérieur et de la Recherche and BPI-France)
Ye-Qiong Song is a member of the national Gilles Kahn best computer science PhD thesis awards committee.
Remi Badonnel is heading the Telecommunications, Networks and Services specialization of the 2nd and 3rd years at the TELECOM Nancy engineering school, and is coordinating the Security Pathway Program at the same school, elaborated in the context of the International Master of Science in Security of Computer Systems built with the Mines Nancy and ENSEM engineering schools.
Laurent Ciarletta is heading the specialization Safe Systems Architecture of the Computer Science and IT department of the Ecole des Mines de Nancy ("Grande Ecole", Engineering School, Master degree level).
Olivier Festor is the Director of the TELECOM Nancy Engineering School.
E-learning
MOOC : Rémi Badonnel, "Introduction to Nagios-based Monitoring", MOOC exercices complementing the initial course (45 minutes + 25 minutes), Youtube Platform (Flamingo Channel), TELECOM Nancy, Master/Engineering Students, more than 30 000 views in 2 years (initial course).
Team members are teaching the following courses:
Bernardetta Addis 216 hours, -M2 -Operational Research, Discrete Optimization -Écoles des Mines de Nancy, Université de Lorraine
Rémi Badonnel 242 hours -L3, M1, M2 Networks, Systems and Services, Software Design and Programming, Cloud Computing, Network and Security Management -TELECOM Nancy, Université de Lorraine
Thibault Cholez 340 hours, -L3, M1, M2 -Main topics: Computer Networks, Databases, Object-Oriented Programming, C and Shell Programming, Techniques and Tools for Programming, Network Services, Constraint development on small Connected Objects, Mobile applications and Internet of Things -TELECOM Nancy, Université de Lorraine
Isabelle Chrisment 220 hours -L3, M1, M2 -C and Shell Programing, Computer Networking, Operating Systems, Network Security. -TELECOM Nancy, Université de Lorraine
Laurent Ciarletta 250 hours -L3, M1, M2 -Component-based software development, Pervasive Computing, Networking and Systems -Écoles des Mines de Nancy, Université de Lorraine & ARTEM
Olivier Festor 192 hours -L3, M1, M2 -Network, Programming, Algorithmics, Complexity -TELECOM Nancy, Université de Lorraine
Jérôme François 70 hours -M1, M2 -Network security, Big Data -Université de Lorraine & Telecom Nancy
Abdelkader Lahmadi 280 hours - L1, M1, M2 -Algorithms and Java programming, C language programming, Real Time systems, Databases, Distributed algorithms, Constrained systems programming -ENSEM & Telecom Nancy
Emmanuel Nataf 192 hours -L1 L2 M2 -Network, operating system, network monitoring -IUT Nancy-Charlemagne & Telecom Nancy & Université de Lorraine
Lucas Nussbaum 96 hours (due to partial leave to Inria), -L3, M1, M2 -Systems and networks administration -IUT Nancy-Charlemagne
Ye-Qiong Song 230 hours, -L1, M1, M2 -Algorithms and Java programming, Databases, Networking, Sensor networks -ENSEM
Jonathan Arnault, Data-Analytics infrastructure for Security Monitoring, since November 2015, supervised by Isabelle Chrisment & Jérôme François.
Elian Aubry, Using Software Defined Network to manage Content Centric Networks, since October 2013, supervised by Isabelle Chrisment & Thomas Silverston.
Tomasz Buchert, Orchestration of Experiments on Distributed Systems, since Oct 2011, supervised by Jens Gustedt & Lucas Nussbaum.
Maxime Compastie, Software-Defined Security for the Cloud, since Dec 2015, supervised by Olivier Festor & Remi Badonnel.
Giulia De Santis, Modelling and Analysis of Complex and Targeted Cyberattacks, since October 2015, Olivier Festor & Abdelkader Lahmadi.
Meihui Gao, Optimization models and methods for Network Functions Virtualization architectures, since Nov 2015, supervised by Ye-Qiong Song & Bernardetta Addis.
Florian Greff, QoS and fault-tolerance of distributed real-time systems over mesh networks, since Feb. 2015, supervised by Ye-Qiong Song & Laurent Ciarletta.
Gaetan Hurel, Mobile Cloud Security, since Jan 2014, supervised by Olivier Festor, Abdelkahder Lahmadi & Remi Badonnel.
Patrick-Olivier Kamgue, Routing management in WSNs, since Jun 2012, supervised by Emmanuel Nataf & Olivier Festor in France, Thomas Djotio in Cameroun.
Daishi Kondo, New Networking Architecture through Virtualization, since September 2015, supervised with Olivier Perrin (EPI COAST) & Thomas Silverston.
Xavier Marchal, Secure operation of virtualized Named Data Networks traffic, since December 2015, supervised by Olivier Festor & Thibault Cholez.
Anthea Mayzaud, Monitoring and Security for the Internet of Things, since May 2013, supervised by Isabelle Chrisment & Rémi Badonnel.
Kevin Roussel, Dynamic management of QoS and energy in heterogeneous sensor networks for e-health applications, since December 2012, supervised by Ye-Qiong Song & Olivier Zendra.
Abdulqawi Saif, Open Science for the scalability of a new generation search technology, since December 2015, supervised by Ye-Qiong Song & Lucas Nussbaum.
Evangelia Tsiontsiou, Multiconstrained QoS routing for wireless sensors networks with applications to smart space for ambient assisted living, since Oct 2013, supervised by Ye-Qiong Song & Bernardetta Addis.
Shbair Wazen, Contributions for the Management of HTTPS traffic, since December 2013, supervised by Isabelle Chrisment & Thibault Cholez.
François Despaux, Modelling and evaluation of the end to end delay in WSN, Université de Lorraine, September 2015, supervised by Ye-Qiong Song & Abdelkahder Lahmadi.
Mohamed Said Seddiki, Dynamic resource allocation and quality of service management in Network Virtualization, Université de Lorraine, April 2015, supervised by Ye-Qiong Song & Mounir Frikha.
Team members participated to the following Ph.D. defense committees in Computer Science if no other indication:
Dalal Belabed, in Informatics, Telecommunication and Electronics from Université Paris 6. Title: Optimization of Virtual Networks: design and assessment, 2015 – (Bernardetta Addis).
Manamiary Bruno Andriamiarina, in Computer Science and Networking from Télécom SudParis and Université Pierre et Marie Curie. Title: Corrélation d'alertes : un outil plus efficace d'aide à la décision pour répondre aux intrusions, April 2015 – (Isabelle Chrisment as president).
Florent Fourcot, joint Ph.D. from Télécom Bretagne and TU Dresden. Title: Address Spreading in Future Internet Supporting both the Unlinkability of Communication Relations and the Filtering of Non Legitimate Traffic, January 2015 – (Isabelle Chrisment as reviewer)
Badis Hammi, in Networking, Knowledge and Organization from Université de Technologie de Troyes. Title: Vers une détection à la source des activités malveillantes dans les clouds publics : application aux attaques de déni de service, September 2015 – (Isabelle Chrisment as reviewer).
Christopher Humphries, from Université de Rennes 1. Title: User-centred security event visualisation, December 2015 – (Isabelle Chrisment as president).
Yosra Ben Mustapha. From Université de Lorraine. Title: Développement d'algorithmes répartis corrects par construction, May 2015 – (Isabelle Chrisment as reviewer)
Yves Studnia. In Networking, Telecommunication, System and Architecture from Université Fédérale Toulouse Midi-Pyrénées, delivered by INSA Toulouse. Title: Détection d'intrusion pour des réseaux embarqués automobiles : une approche orientée langage, September 2015 – (Isabelle Chrisment as reviewer).
Khalid Alsubli, from the University of Waterloo. Title: Security Configuration Management in Intrusion Detection, November 2015 – (Olivier Festor as reviewer).
Yann Bachi, from Université Fédérale Toulouse Midi-Pyrénées. Title: Sécurité des équipements grands publics connectés à Internet: évaluation des liens de communication, June 2015 – (Olivier Festor as reviewer).
Jonathan Dechaux, from École Polytechnique. Title: Formalisation, implémentation et tests d'une méthodologie et des techniques d'évaluation de logiciels antivirus. Application aux virus de documents, December 2015 – (Olivier Festor as reviewer).
Léa El Samarji. From Télécom Bretagne. Title: Risk-aware Decision Support System to Counter Coordinated and Simultaneous Attacks, March 2015 – (Olivier Festor as reviewer).
Samuel Marchal, joint Ph.D. from University of Luxembourg and Université Lorraine. Title: DNS and Semantic Analysis for Phishing Detection, June 2015 – (Olivier Festor as reviewer).
Patrick Raad, from Université Pierre et Marie Curie, Paris 6. Title: Protocol Architecture and Algorithms for Distributed Data Center Networks, December 2015 – (Olivier Festor as reviewer).
Mihai Andries, from Université de Lorraine. Title: Object and human tracking, and robot controls through a load sensing floor, December 2015 – (Ye-Qiong Song as president).
Mouna Abdelmoumen, from Université de Carthage - SUPCOM Tunis. Title: Modèles de mobilité et leur impact sur la capacité des réseaux sans fil et mobiles, December 2015 – (Ye-Qiong Song as reviewer).
Ali Kadhum Idrees, from Université de Franche-Comté. Title: Distributed Coverage Optimization Techniques for Improving Lifetime of Wireless Sensor Networks, October 2015 – (Ye-Qiong Song as reviewer).
Ehsan Muhammad, from Université de Pau et des Pays de l'Adour. Title: Designing of MAC layer for Mission-Critical Surveillance Applications in Wireless Image Sensor Networks, June 2015 – (Ye-Qiong Song as reviewer).
Team members participated to the following Habilitation Degree in Computer Science defense committees of:
Yves Roudier, from Université Nice-Sophia Antipolis, France. Title: Advances in the Design and Engineering of Secure Distributed Systems, December 2015 – (Isabelle Chrisment as examiner).
Bertrand Mathieu, from Université Rennes 1. Title: Efficient Use of Network Resources for End-Users Quality Quality Improvement, April 2015 – (Olivier Festor as reviewer)
Alain Pirovano, from Université Paul Sabatier de Toulouse. Title: Conception et Optimisation d'Architectures Réseaux pour les Systèmes de Communication Aéronautiques. February 2015 – (Olivier Festor as reviewer)
Patrick Senac, from Université Pierre et Marie Curie, Sorbonne Universités. Title : L'Internet de l'extrême. Modèles, protocoles et mécanismes de bout en bout pour les réseaux de communication de nouvelle génération. December 2015 – (Olivier Festor as examiner)
Claire Pagetti, from INP-ENSEEIHT. Title: Programmation sûre de plates-formes embarquées de type multi/pluri-cœurs, (January 2015) – (Françoise Simonot-Lion as examiner)
Team members participated to the following recruitment selection committee:
Isabelle Chrisment was member of the selection committee from Université de Technologie de Troyes to recruit an Assistant Professor (February 2015), from Université de Nice-Sophia Antipolis to recruit an Assistant Professor (April 2015) and from Université de Strasbourg to recruit a Professor (May 2015).
Thomas Silverston gave an interview with a subject on smart cities for the program Mov'Futur on the Le Mouv' radio (December 2015).