CEA-List’s cybersecurity platform brings together around 70 experts tasked with analyzing security vulnerabilities in software applications, integrated circuits, and embedded systems. Our teams also develop advanced techniques and tools to fend off cyberattacks and protect personal data.
Companies come to CEA-List for help protecting services, software, integrated circuits, embedded components, and other digital systems against cyberattacks and data leaks.
Our cybersecurity platform is home to 70 experts who use cutting-edge tools and technologies to identify even the most complex vulnerabilities in systems. They analyze how cyberthreats would affect a company’s systems and propose state-of-the-art cybersecurity solutions to mitigate the risks.
The platform’s size and scope of activity mean it is unrivaled by any other facility in Europe and has allowed us to form partnerships with around thirty companies, including Thales, Systerel, Trialog and Parsec. We also maintain close ties with academic research labs in countries all over the globe.
The platform works closely with Information Technology Security Evaluation Facilities (ITSEF/CESTI), helping advance the stat-of-the-art in the assessment of commercially available security products.
invested in the last 3 years
CEA-List develops tools to verify the security of software systems such as Frama-C for source code verification, Binsec for binary code analysis, and Unisim for platform virtualization. Frama-C has been identifies by NIST as one of the only tools in the world capable of exhaustively detecting entire categories of flaws in safety-critical software.
We also own hardware platform simulators and test benches for simulating faults, replicating physical attacks on electronic components, and analyzing network communications.
CEA-List’s cybersecurity experts use a wide range of innovative tools to secure all aspects of digital systems, including:
For the protection of personal data, CEA-List’s cybersecurity platform uses BiGπ, which can process encrypted cloud-based data without decrypting it. BiGπ offers a number of advantages: rapid, transparent implementation, low-latency algorithms, guaranteed privacy, easy scale-up, and low power consumption.
CEA-List is a leading figure in the French and European cybersecurity space, as demonstrated by its numerous partnerships with academic research labs, government research and technology organizations, and major industrial companies. The institute contributes its expertise to shape cybersecurity strategy at both a national and a European level, through initiatives like the French government Cybersecurity Grand Challenge and the EU Sparta project.
CEA-List also collaborates with the French National Cybersecurity Agency (ANSSI), the French Ministry for the Armed Forces, and the French Ministry of the Interior. It provides input on two levels: technical (through joint research programs with teams from government labs and testing centers), and strategic (through its involvement in industry-shaping committees and initiatives).
CEA-List maintains strong ties across the cybersecurity ecosystem—with operators, systems integrators, technology and service providers, software companies, and certification organizations. Its partners come from many different industries, including energy, transportation, telecommunications, and internet services. CEA-List’s scientific, non-profit status, enables its teams to provide fair and trusted expertise even in complex and evolving situations.
Our academic partners play a crucial role in helping us develop advanced tools and break into global markets where competition is high. For example, Frama-C and Binsec leverage formal methods developed by teams at Inria, and Cingulata’s compilation chain uses cryptographic algorithms developed by the CNRS. CEA-List’s tools are also widely used by research institutes—in particular IRT SystemX and IRT Nanoelec—to produce demonstrators.
CEA-List’s DataBait app helps social media users understand privacy risks and protect their personal data. It uses multimedia analysis tools to tell users what personal information could be mined from the content they are about to share. The software was developed as part of the EU USEMP project and won a European Commission prize in 2016.