Publications

2025

• Optimal Active Cyber Defence Strategies based on Multi-Agent System Verification
  
  • Ballot Gabriel
  , 2025. Many computer and industrial systems are designed at a given point in time using the tools and knowledge available at that time, but evolve little afterwards. This static nature benefits cyberattackers, whose techniques advance frequently and who can observe the system over long periods and plan targeted attacks. Active cyber defence mechanisms—such as moving target defences, which frequently reconfigure the system, and adaptive honeypots, which deceive attackers and study their capabilities—reduce this vulnerability. Finding effective active cyber defence strategies to protect the system and lure attackers poses a major challenge. Current techniques rely on analytical game theory and machine learning, and do not provide a general solution for determining active cyber defence strategies with strong guarantees against multi-step attacks. These limits can be naturally overcome through multi-agent system verification. However, this approach does not account for an essential aspect of cybersecurity: attacker profiles.This thesis proposes tools to model systems where active cyber defences interact with attackers of diverse profiles, formalise security objectives, and extract defence strategies with robust guarantees. A central contribution is the introduction of the capacity concept, which models agent profiles and lays the groundwork for a novel logical formalism: Capacity Alternating-time Temporal Logic (CapATL). It enables the expression and verification of strategic, temporal, and capacity (e.g. profile identification) objectives, thus allowing the characterisation of desired behaviours for active cyber defences. CapATL has been extended to imperfect information (CapATEL) and probabilistic (ATL-SA) settings to account for real-world constraints, requiring the resolution of new theoretical challenges in verification. We show how these formalisms can model a non-trivial adaptive honeypot and derive a strategy suited to the objectives of realism, security, resource management, and attacker profiling.
• Timing advance and Doppler shift estimation in LEO satellite networks: A recursive Bayesian study
  
  • Balakrishnan Ashutosh
  • Popineau Pierre
  • Martins Philippe
  , 2025, pp.3561-3566. <div><p>Low earth orbit (LEO) satellite based nonterrestrial networks are a key theme of the upcoming 6G networks. These space networks are proposed to be used for high-mobility use-cases like airplanes and vehicles. The initial access process between a base station (BS) and a user equipment (UE) involves timing advance (TA) value computation at the BS, requiring precise BS location information at the UE. It becomes more challenging in LEO satellite networks due to the fast moving LEO satellites and large pathloss, in addition to the mobile UE. This paper aims to compute the TA and Doppler shift experienced at the UE by modeling the joint system dynamics in a LEO satellite-mobile UE network through an extended Kalman filter (EKF) based recursive Bayesian framework. The framework accurately models the joint system dynamics by considering the LEO satellite acceleration. It constructs the Jacobian to linearize the inherent non-linearities present in the motion. Probabilistic insights regarding the state-update and propagation are also provided. The analytical framework factors in the limited satellite visibility at the UE and the satellite-UE geometry w.r.t. the earth center. The proposed framework is also useful when the satellite and UE clocks are not in sync, with the corresponding clock drift a function of the measured time difference of arrivals. Our results showcase the efficacy and robustness of the proposed EKF framework to estimate the TA and Doppler shift, even at very high UE speeds. The work is expected to be extremely useful in realizing LEO satellite based non-terrestrial networks.</p></div> (10.1109/GLOBECOM59602.2025.11432282)
  DOI : 10.1109/GLOBECOM59602.2025.11432282
• Evaluation of Information Leakage in Side Channels
  
  • Béguinot Julien
  , 2025. A symmetric key cryptographic algorithmis deemed robust against cryptanalysis when seen asa function mapping a secret key and a plaintext to a ciphertext. However, the computation of this function may leak some sensitive information about the secret key being manipulated by the underlying hardware circuit. The corresponding attacks are devastating if no proper countermeasure is implemented. Countermeasures have to be implemented and the leakages of a chip have to be evaluated by a certification laboratory before it is deployed. The masking countermeasure essentially amounts to a secret sharing over the wire of a circuit.The goal of my PhD is to leverage information theoretic tools to improve the leakage certification process of a device in the presence of the masking countermeasure.The first aspect is to provide informational bounds on several operational measures of the adver-sary success. This includes the success rate of an attack iin presence of key enumeration and the average enumeration time required to find a correct key (guessing entropy). This is achieved by variations of Fano's inequality and offers Gibb's inequality.The second aspect is to provide information theoretic bounds on the leakages of masked sensitive variable in terms of the leakages of each share. This is achieved by a variation of Mrs Gerber's lemma.The third aspect is to derive a security bound in the presence of computations, especially in the presence of multiplications. I used the complementary Doeblin coefficient to reduce general side channels to the much simpler erasure channels.Finally, connecting the three contributions above we obtain a faster evaluation methodology for laboratories based on information theoretic inequalities.While this thesis is motivated by concrete problems, iit essentially relies on information theoretic derivations. Information leakages are measured by Sibson's α-information. Emphasis is put on desirable mathematical properties such as data processing inequalities, tensorization, Gibbs inequality and Mrs Gerber's lemma.
• Efficient Compact Single-Layer Metasurface RF Energy Harvesters for IoT Applications
  
  • Sharifi Raziyeh
  • Lepage Anne Claire
  • Niotaki Kyriaki
  • Begaud Xavier
  Reviews of Electromagnetics, 2025, 4. In this paper, we extend our previous works on compact and efficient metasurface energy harvesters by introducing additional theoretical analysis and measurement results for evaluating performance in finite arrays. Two metasurface harvesters are studied: a single-band design operating at 2.45 GHz and a dual-band design covering 2.45 GHz and 5.2 GHz (Wi-Fi bands), proposed for IoT applications. This paper introduces the concept of central rows in the finite array, which provides a more realistic and reliable metric for characterizing the capturing efficiency. For both designs, 5×4 finite arrays are analyzed. The simulated capturing efficiency of the central rows reaches 90% at 2.54 GHz for the single-band structure, and 74% at 2.5 GHz and 30% at 5.09 GHz for the dual-band design. Each proposed design has been analyzed independently, fabricated, and measured to verify its performance. (10.53792/RoE/2025/25014)
  DOI : 10.53792/RoE/2025/25014
• Tight PAC-Bayesian Risk Certificates for Contrastive Learning
  
  • van Elst Anna
  • Ghoshdastidar Debarghya
  SIAM Journal on Mathematics of Data Science, Society for Industrial and Applied Mathematics, 2025, 7 (4), pp.1904-1927. Contrastive representation learning is a modern paradigm for learning representations of unlabeled data via augmentations—precisely, contrastive models learn to embed semantically similar pairs of samples (positive pairs) closer than independently drawn samples (negative samples). In spite of its empirical success and widespread use in foundation models, statistical theory for contrastive learning remains less explored. Recent works have developed generalization error bounds for contrastive losses, but the resulting risk certificates are either vacuous (certificates based on Rademacher complexity or f-divergence) or require strong assumptions about samples that are unreasonable in practice. The present paper develops non-vacuous PAC-Bayesian risk certificates for contrastive representation learning, considering the practical considerations of the popular SimCLR framework. Notably, we take into account that SimCLR reuses positive pairs of augmented data as negative samples for other data, thereby inducing strong dependence and making classical PAC or PAC-Bayesian bounds inapplicable. We further refine existing bounds on the downstream classification loss by incorporating SimCLRspecific factors, including data augmentation and temperature scaling, and derive risk certificates for the contrastive zero-one risk. The resulting bounds for contrastive loss and downstream prediction are much tighter than those of previous risk certificates, as demonstrated by experiments on CIFAR-10. (10.1137/24M1715283)
  DOI : 10.1137/24M1715283
• Mining Rules on Tabular Data
  
  • Amat François
  , 2025. Recent years have seen the rise of highly powerful machine-learning models, particularly deep-learning approaches. Their main drawback lies in their “black box” nature: the decision logic remains largely opaque. As a result, deploying them is delicate in critical contexts, for example security, health care, and justice, or more generally wherever users or citizens need to understand an algorithmic prediction. In Europe in particular, the General Data Protection Regulation (GDPR) and other legal frameworks increasingly require algorithmic recommendations to be explainable. The scientific community has therefore turned to Explainable Artificial Intelligence (XAI), which aims either to produce interpretable models or to explain existing ones.In the tabular setting, one has a set of columns (attributes) and many rows (observations), and one typically seeks to explain a model's prediction for each observation. We argue that the need for explanation goes beyond this single objective: any tabular dataset may call for explanations that are understandable by humans. Consider, for example, the operator of a large fleet of aircraft who maintains a table of technical incidents that required intervention. It is useful to know whether incidents occur primarily on a certain aircraft model, whether specific parts fail under certain weather conditions, or whether recently repaired aircraft are more prone to new failures. Such findings, readable by humans, can inform maintenance, logistics, and production.Similarly, imagine an income table including occupation, seniority, gender, ethnicity, company, and location. One may wish to analyze how these factors influence salaries without restricting analysis to a single target column, by exploring, for instance, correlations between company and ethnicity, or cross-row patterns: among people in the same occupation and of the same gender, do those who earn less than the median tend to belong to a particular age group? Such explanations can guide feature engineering, anomaly detection, missing-value imputation, and even the design of recruitment policies, while remaining intelligible to decision-makers.We do not claim to settle the debate between correlation and causation, nor to redefine what qualifies as an “explanation.” Our objective is more modest and more practical: to make sense of tabular data in human-understandable terms by identifying patterns that genuinely help to apprehend them. Recent advances in sub-symbolic learning only underscore the need for symbolic approaches to interpretability. We therefore propose to construct, directly from tabular data, a symbolic model, based on rules and relational constraints, that captures useful and interpretable regularities.
• Expanding bipartite Bell inequalities for maximum multi-partite randomness
  
  • Wooltorton Lewis
  • Brown Peter
  • Colbeck Roger
  Quantum, Verein zur Förderung des Open Access Publizierens in den Quantenwissenschaften, 2025, 9, pp.1930. Nonlocal tests on multipartite quantum correlations form the basis of protocols that certify randomness in a device-independent (DI) way. Such correlations admit a rich structure, making the task of choosing an appropriate test difficult. For example, extremal Bell inequalities are tight witnesses of nonlocality, however achieving their maximum violation places constraints on the underlying quantum system, which can reduce the rate of randomness generation. As a result there is often a trade-off between maximum randomness and the amount of violation of a given Bell inequality. Here, we explore this trade-off for more than two parties. More precisely, we study the maximum amount of randomness that can be certified by correlations exhibiting a violation of the Mermin-Ardehali-Belinskii-Klyshko (MABK) inequality. We find that maximum quantum violation and maximum randomness are incompatible for any even number of parties, with incompatibility diminishing as the number of parties grow, and conjecture the precise trade-off. We also show that maximum MABK violation is not necessary for maximum randomness for odd numbers of parties. To obtain our results, we derive new families of Bell inequalities certifying maximum randomness from a technique for randomness certification, which we call "expanding Bell inequalities". Our technique allows one to take a bipartite Bell expression, known as the seed, and transform it into a multipartite Bell inequality tailored for randomness certification, showing how intuition learned in the bipartite case can find use in more complex scenarios. (10.22331/q-2025-12-05-1930)
  DOI : 10.22331/q-2025-12-05-1930
• Efficiently Solving Saddle Point Problems : Smoothed Duality Gap-Based Stopping Criterion for Convex Settings and a Nonconvex Coordinate Descent Algorithm
  
  • Walwil Iyad
  , 2025. Mathematical optimization lies at the heart of a vast range of scientific and engineering disciplines. From machine learning, artificial intelligence, and data science to transportation networks, resource allocation, and game theory, among many others.Regardless of the domain, such problems are ultimately formulated as optimization problems, with the aim of solving them efficiently—most often through a suitable algorithm.While this thesis does not focus on a specific real-world application, it concerns a more in-depth and fundamental topic: algorithms. In particular, we study primal-dual algorithms for solving saddle point problems, with the overarching goal of contributing toward making such algorithms more efficient in practice. Two elements are especially critical to the performance of any algorithm: the stopping criterion that decides when to halt, and the update steps that drive progress toward a solution. Accordingly, this work is divided into two main parts, each devoted to one of these key aspects.In the first part, we optimize the running time of the primal-dual algorithms by optimizing their stopping criteria for solving convex optimization problems under affine equality constraints, which means terminating the algorithm earlier with fewer iterations.We study the relations between four stopping criteria and show under which conditions they are accurate to detect optimal solutions. The uncomputable one: "Optimality gap and Feasibility error," and the computable ones: the "Karush-Kuhn-Tucker error," the "Projected Duality Gap," and the "Smoothed Duality Gap."Assuming metric sub-regularity or quadratic error bound, we establish that all of the computable criteria provide practical upper bounds for the optimality gap, and approximate it effectively. Furthermore, we establish comparability between some of the computable criteria under certain conditions.Numerical experiments on basis pursuit, and quadratic programs with(out) non-negative weights corroborate these findings and show that the smoothed duality gap is more widely applicable than the rest.In the second part, we introduce two novel primal-dual algorithms for addressing nonconvex, nonconcave, and nonsmooth saddle point problems characterized by the weak Minty Variational Inequality (MVI) assumption. The first algorithm, Nonconvex-Nonconcave Primal-Dual Hybrid Gradient (NC-PDHG), extends the well-known Primal-Dual Hybrid Gradient (PDHG) method to this challenging problem class. The second algorithm, Nonconvex-Nonconcave Stochastic Primal-Dual Hybrid Gradient (NC-SPDHG), incorporates a randomly extrapolated primal-dual coordinate descent approach, extending the Stochastic Primal-Dual Hybrid Gradient (SPDHG) algorithm.To our knowledge, designing a coordinate-based algorithm to solve nonconvex-nonconcave saddle point problems is unprecedented, and proving its convergence posed significant difficulties. This challenge motivated us to utilize PEPit, a Python-based tool for computer-assisted worst-case analysis of first-order optimization methods. By integrating PEPit with automated Lyapunov function techniques, we successfully derived the NC-SPDHG algorithm. Both methods are effective under a mild condition on the weak MVI parameter, achieving convergence with constant step sizes that adapt to the structure of the problem.Numerical experiments on sigmoid regression with squared loss and perceptron-regression problems validate our theoretical findings and show their efficiency compared to existing state-of-the-art algorithms, where linear convergence is observed. Additionally, we conduct a convex-concave least-squares experiment to show that NC-SPDHG performs competitively with SAGA, a leading algorithm in the smooth convex setting.
• Energy and Memory-Efficient Artificial Intelligence for On-Device Learning
  
  • Quélennec Aël
  , 2025. On-device learning enables neural networks to continuously adapt on edge devices, offering enhanced privacy, reduced latency, and improved energy efficiency. However, limited memory and computational resources pose significant challenges, particularly during backpropagation. This thesis addresses these bottlenecks through two complementary approaches: strategic subnetwork selection for efficient fine-tuning and activation map compression for memory-efficient training.The first line of work introduces dynamic methods that adaptively identify important network components for updating. We develop extbf{Tra}ining extbf{Dy}namics (TraDy), a framework incorporating heavy-tailed gradient theory for dynamic subnetwork selection under strict memory constraints, and extbf{Me}mory-constrained extbf{Dy}namic Upd extbf{ate} (MeDyate), an adaptive channel selection strategy with stochasticity and sampling mechanisms. Experimental validation demonstrates state-of-the-art performance in memory-constrained fine-tuning.The second line of work addresses the activation memory bottleneck in backpropagation through tensor decomposition-based compression. We propose compression using High-Order Singular Value Decomposition (HOSVD) with controlled information loss and convergence guarantees. To overcome HOSVD's computational overhead, we develop ASI (Activation Subspace Iteration), which leverages activation map stability. By performing rank selection once before training and utilizing single subspace iterations with warm starts, ASI achieves significant memory reduction (up to 120× compression) and speedup (up to 91× faster) while maintaining comparable performance.Theoretical contributions include formal analysis of fine-tuning dynamics, convergence guarantees for compressed activation training, and complexity analysis of tensor decomposition methods. Extensive validation across diverse architectures, datasets, and real-world scenarios including Raspberry Pi implementations demonstrates practical effectiveness.
• Rethinking AI Deployment in IoT Architectures: Granular AI
  
  • N’kouka Thierry Isaac
  • Aubonnet Tatiana
  • Lemoine Frédéric
  • Simoni Noëmie
  , 2025, pp.752-757. Executing Artificial Intelligence (AI) on Internet of Things (IoT) devices is constrained by limited computation, memory, and energy resources. Techniques such as pruning, quantization, and compression enable lightweight deployment but often compromise model accuracy and responsiveness. Existing distributed AI frameworks also suffer from static workload mapping, bandwidth dependency, and orchestration overhead. To overcome these issues, this work introduces Granular AI, a paradigm that redefines AI deployment across the IoT-edge-fog-cloud continuum. A federated execution model enables adaptive placement, low-latency inference, and optimized resource utilization through an energy-aware scheduling framework. By aligning AI deployment with distributed systems principles, Granular AI and its Functionality-as-a-Service (FaaS) component enables Quality of Service (QoS)-aware deployments, achieving coordinated task placement, controlled execution, and resilient, scalable, real-time intelligence at the extreme edge of IoT ecosystems. A smart thermostat use case illustrates full model decomposition across a smart home setup. (10.1109/AIoT66900.2025.00117)
  DOI : 10.1109/AIoT66900.2025.00117
• Continuous Simplicial Neural Networks
  
  • Einizade Aref
  • Thanou Dorina
  • Malliaros Fragkiskos D
  • Giraldo Zuluaga Jhony Heriberto
  , 2025, pp.1-29. Simplicial complexes provide a powerful framework for modeling higher-order interactions in structured data, making them particularly suitable for applications such as trajectory prediction and mesh processing. However, existing simplicial neural networks (SNNs), whether convolutional or attention-based, rely primarily on discrete filtering techniques, which can be restrictive. In contrast, partial differential equations (PDEs) on simplicial complexes offer a principled approach to capture continuous dynamics in such structures. In this work, we introduce continuous simplicial neural network (COSIMO), a novel SNN architecture derived from PDEs on simplicial complexes. We provide theoretical and experimental justifications of COSIMO's stability under simplicial perturbations. Furthermore, we investigate the over-smoothing phenomenon-a common issue in geometric deep learning-demonstrating that COSIMO offers better control over this effect than discrete SNNs. Our experiments on real-world datasets demonstrate that COSIMO achieves competitive performance compared to state-of-the-art SNNs in complex and noisy environments. The implementation codes are available in https://github.com/ArefEinizade2/COSIMO.
• A Theoretical Framework for Grokking: Interpolation followed by Riemannian Norm Minimisation
  
  • Boursier Etienne
  • Pesme Scott
  • Dragomir Radu-Alexandru
  , 2025, 38. We study the dynamics of gradient flow with small weight decay on general training losses F : R d → R. Under mild regularity assumptions and assuming convergence of the unregularised gradient flow, we show that the trajectory with weight decay λ exhibits a two-phase behaviour as λ → 0. During the initial fast phase, the trajectory follows the unregularised gradient flow and converges to a manifold of critical points of F. Then, at time of order 1/λ, the trajectory enters a slow drift phase and follows a Riemannian gradient flow minimising the ℓ2-norm of the parameters. This purely optimisation-based phenomenon offers a natural explanation for the grokking effect observed in deep learning, where the training loss rapidly reaches zero while the test loss plateaus for an extended period before suddenly improving. We argue that this generalisation jump can be attributed to the slow norm reduction induced by weight decay, as explained by our analysis. We validate this mechanism empirically on several synthetic regression tasks.
• Self-Supervised Learning of Graph Representations for Network Intrusion Detection
  
  • Guerra Lorenzo
  • Chapuis Thomas
  • Duc Guillaume
  • Mozharovskyi Pavlo
  • Nguyen Van-Tam
  , 2025, 38, pp.109471-109501. Detecting intrusions in network traffic is a challenging task, particularly under limited supervision and constantly evolving attack patterns. While recent works have leveraged graph neural networks for network intrusion detection, they often decouple representation learning from anomaly detection, limiting the utility of the embeddings for identifying attacks. We propose GraphIDS, a self-supervised intrusion detection model that unifies these two stages by learning local graph representations of normal communication patterns through a masked autoencoder. An inductive graph neural network embeds each flow with its local topological context to capture typical network behavior, while a Transformer-based encoder-decoder reconstructs these embeddings, implicitly learning global co-occurrence patterns via self-attention without requiring explicit positional information. During inference, flows with unusually high reconstruction errors are flagged as potential intrusions. This end-to-end framework ensures that embeddings are directly optimized for the downstream task, facilitating the recognition of malicious traffic. On diverse NetFlow benchmarks, GraphIDS achieves up to 99.98% PR-AUC and 99.61% macro F1-score, outperforming baselines by 5-25 percentage points.
• The quest for the GRAph Level autoEncoder (GRALE)
  
  • Krzakala Paul
  • Melo Gabriel
  • Laclau Charlotte
  • d'Alché-Buc Florence
  • Flamary Rémi
  , 2025. Although graph-based learning has attracted a lot of attention, graph representation learning is still a challenging task whose resolution may impact key application fields such as chemistry or biology. To this end, we introduce GRALE, a novel graph autoencoder that encodes and decodes graphs of varying sizes into a shared embedding space. GRALE is trained using an Optimal Transport-inspired loss that compares the original and reconstructed graphs and leverages a differentiable node matching module, which is trained jointly with the encoder and decoder. The proposed attention-based architecture relies on Evoformer, the core component of AlphaFold, which we extend to support both graph encoding and decoding. We show, in numerical experiments on simulated and molecular data, that GRALE enables a highly general form of pre-training, applicable to a wide range of downstream tasks, from classification and regression to more complex tasks such as graph interpolation, editing, matching, and prediction.
• From stability of Langevin diffusion to convergence of proximal MCMC for non-log-concave sampling
  
  • Renaud Marien
  • de Bortoli Valentin
  • Leclaire Arthur
  • Papadakis Nicolas
  , 2025. We consider the problem of sampling distributions stemming from non-convex potentials with Unadjusted Langevin Algorithm (ULA). We prove the stability of the discrete-time ULA to drift approximations under the assumption that the potential is strongly convex at infinity. In many context, e.g. imaging inverse problems, potentials are non-convex and non-smooth. Proximal Stochastic Gradient Langevin Algorithm (PSGLA) is a popular algorithm to handle such potentials. It combines the forward-backward optimization algorithm with a ULA step. Our main stability result combined with properties of the Moreau envelope allows us to derive the first proof of convergence of the PSGLA for non-convex potentials. We empirically validate our methodology on synthetic data and in the context of imaging inverse problems. In particular, we observe that PSGLA exhibits faster convergence rates than Stochastic Gradient Langevin Algorithm for posterior sampling while preserving its restoration properties.
• Fair Text Classification via Transferable Representations
  
  • Leteno Thibaud
  • Perrot Michael
  • Laclau Charlotte
  • Gourru Antoine
  • Gravier Christophe
  Journal of Machine Learning Research, Microtome Publishing, 2025, 26 (239), pp.1--47. Group fairness is a central research topic in text classification, where reaching fair treatment between sensitive groups (e.g., women and men) remains an open challenge. We propose an approach that extends the use of the Wasserstein Dependency Measure for learning unbiased neural text classifiers. Given the challenge of distinguishing fair from unfair information in a text encoder, we draw inspiration from adversarial training by inducing independence between representations learned for the target label and those for a sensitive attribute. We further show that Domain Adaptation can be efficiently leveraged to remove the need for access to the sensitive attributes in the dataset we cure. We provide both theoretical and empirical evidence that our approach is well-founded.
• Multi-level Parameter Estimation for Receiver Noise in CV-QKD
  
  • Ricard Guillaume
  • Jaouën Yves
  • Alléaume Romain
  , 2026, 2743, pp.146-156. We present an experimental method for continuous-variable quantum key distribution (CV-QKD) that removes the need for conventional receiver noise calibration. By exploiting Multi-Level Parameter Estimation (MLPE) with controlled attenuation at the receiver, our approach directly estimates the total receiver noise, including contributions from the local oscillator, while simultaneously extracting channel-induced excess noise. This calibration-free technique allows continuous operation without halting quantum transmissions, increasing experimental throughput and robustness. We implement the method in a dual-polarization, local-local oscillator CV-QKD system multiplexed with a classical communication channel, demonstrating precise receiver noise estimation. Our results highlight MLPE as a practical tool for scalable, real-time CV-QKD deployment. (10.1007/978-3-032-13852-1_16)
  DOI : 10.1007/978-3-032-13852-1_16
• Robust Distributed Estimation: Extending Gossip Algorithms to Ranking and Trimmed Means
  
  • van Elst Anna
  • Colin Igor
  • Clémençon Stephan
  , 2025. <div><p>This paper addresses the problem of robust estimation in gossip algorithms over arbitrary communication graphs. Gossip algorithms are fully decentralized, relying only on local neighbor-to-neighbor communication, making them well-suited for situations where communication is constrained. A fundamental challenge in existing mean-based gossip algorithms is their vulnerability to malicious or corrupted nodes. In this paper, we show that an outlier-robust mean can be computed by globally estimating a robust statistic. More specifically, we propose a novel gossip algorithm for rank estimation, referred to as GORANK, and leverage it to design a gossip procedure dedicated to trimmed mean estimation, coined GOTRIM. In addition to a detailed description of the proposed methods, a key contribution of our work is a precise convergence analysis: we establish an O(1/t) rate for rank estimation and an O(1/t) rate for trimmed mean estimation, where by t is meant the number of iterations. Moreover, we provide a breakdown point analysis of GOTRIM. We empirically validate our theoretical results through experiments on diverse network topologies, data distributions and contamination schemes.</p></div>
• Assessing the Security of Software Supply Chains : Software Bill of Materials, Threat Propagation, and Logical Attack Graphs
  
  • Soeiro Luís Fernando de Oliveira
  , 2025. The Software Supply Chain (SSC) is becoming more complex and vulnerabledue to the growing diversity of software products and the challenges intracking their dependencies. The Software Bill of Materials (SBOM), aninventory of components, is proposed as a solution to this complexity.Yet, comprehensive studies on SBOM practices using real-world files arelacking. To facilitate such research, we present the largest SBOMdataset to date, with over 78,000 unique SBOM files deduplicated frommore than 94 million public repositories.To leverage SBOMs effectively, especially at scale, industrystakeholders need reliable automated tools for their analysis. Weperform an empirical analysis of real-world SBOMs to benchmark eightstate-of-the-art tools designed for validating and scoring SBOMquality. We establish independent metrics to evaluate the suitabilityof SBOMs for specific applications and compare tool outputs with ourmetrics. Our findings indicate that most SBOMs are not adequatelyprepared for use, and there is significant disagreement among thetools.Current Software Composition Analysis (SCA) tools, attack trees, andgraphs fail to account for the interactions that impact softwaresecurity within the SSC. We propose a novel method for assessing threatlevels in supply chains with the Log Model. This approach identifiesthe key elements that propagate or are targeted by attacks. A set ofrules allows for deducing the threat level of the core elements basedon the initial state, SSC interactions, and assumptions about theattackers.MulVal is a state-of-the-art open-source tool for generating logicalattack graphs in networked systems. However, it does not adequatelyaddress SSC threat propagation, making it less effective against modernSSC attacks like the XZ compromise and the 3CX double SSC attack. Weintroduce a new MulVal extension that addresses this limitation,featuring a new set of predicates in MulVal syntax to model SSCinteractions and integrate them with existing rules, along with 20example scenarios and a test-case framework.
• Near-sensor testing method for observing radiation-induced soft errors in modern sensors
  
  • Minelli de Carvalho Matheus
  • Cheymol Benjamin
  • Naviner Lirida
  • Possamai Bastos Rodrigo
  , 2025.
• Genuine Multipartite Entanglement is Not Necessary for Standard Device-Independent Conference Key Agreement
  
  • Wooltorton Lewis
  • Brown Peter
  • Colbeck Roger
  Physical Review Letters, American Physical Society, 2025, 135 (22), pp.220803. Conference key agreement (CKA) aims to establish shared, private randomness among many separated parties in a network. Device-independent (DI) CKA is a variant in which no assumptions are placed on the nature of the source, or the measurements performed by each party. So far, DICKA protocols largely fall into two categories: those that rely on violating a joint Bell inequality using genuinely multi-partite entangled states, and those that concatenate many bipartite protocols. The question of whether a hybrid protocol exists, where a multi-partite Bell inequality can be violated using only bipartite entanglement, was asked by Grasselli et al. in [Quantum 7, 980, (2023)]. We answer this question affirmatively, by constructing an asymptotically secure DICKA protocol achieving the same rate as the concatenation of bipartite DIQKD, yet relying on a single joint Bell violation. Our results prompt further discussion on the benefits of multi-partite entanglement for DICKA over its bipartite alternative, and we give an overview of different arguments for near-term devices. (10.48550/arXiv.2503.21290)
  DOI : 10.48550/arXiv.2503.21290
• Finding Software Supply Chain Attack Paths with Logical Attack Graphs
  
  • Soeiro Luı́s
  • Robert Thomas
  • Zacchiroli Stefano
  , 2025. Cyberattacks are becoming increasingly frequent and sophisticated, often exploiting the software supply chain (SSC) as an attack vector. Attack graphs provide a detailed representation of the sequence of events and vulnerabilities that could lead to a successful security breach in a system. MulVal is a widely used open-source tool for logical attack graph generation in networked systems. However, its current lack of support for capturing and reasoning about SSC threat propagation makes it unsuitable for addressing modern SSC attacks, such as the XZ compromise or the 3CX double SSC attack. To address this limitation, we propose an extension to MulVal that integrates SSC threat propagation analysis with existing network-based threat analysis. This extension introduces a new set of predicates within the familiar MulVal syntax, enabling seamless integration. The new facts and interaction rules model SSC assets, their dependencies, interactions, compromises, additional security mechanisms, initial system states, and known threats. We explain how this integration operates in both directions and demonstrate the practical application of the extension.
• The Economic and Environmental Sustainability of Digital Commons. Lessons from the 2023 Debian project survey
  
  • Broca Sébastien
  • O'Neil Mathieu
  • Cai Xiaolan
  • Daly Angela
  • Rikap Cecilia
  • Shulz Sebastien
  • Zacchiroli Stefano
  , 2025. Digital commons are shared information and knowledge resources such as data, software and cultural content. They are produced and managed for collective use, and to be modified and redistributed as needed. Using results from a 2023 survey of the Debian community, this new DCPC report addresses question such as: Is the free, libre and open source software or FLOSS development model economically sustainable? What role can FLOSS play in the transition to more environmentally sustainable production and consumption? With the benefit of hindsight, the first survey of the Debian community, carried out in 2016, whose preliminary results were published in 2017 in the Journal of Peer Production, represented the first manifestation of a core DCPC program of work: to empirically map which categories of workers (e.g., firm employees, foundation employees, researchers, volunteers, etc) were performing which duties in the digital commons production process, with a view to increasing the recognition of these commons and these voluntary workers by industry and society. The 2023 edition had a more clearly militant intent than its predecessor, as it also sought to investigate community opinion about the predatory practices and environmental sustainability of large IT firms as well as about alternative models. A key finding is the rejection by the community of the use of restrictive licences to incentivise environmental action (e.g., preventing entities that engage in unsustainable environmental practices from using Debian). Other interesting findings can be drawn from comments responding to the question ‘Are the main obstacles to reducing environmental impacts in your workplace economic (for example, their cost), organisational (for example, lack of support from management), technical (for example, difficulty of implementation)?’ These detailed responses allow us to understand the extent and ramifications of the obstacles.
• Equivariant Denoisers for Plug and Play Image Restoration
  
  • Renaud Marien
  • Guez Eliot
  • Leclaire Arthur
  • Papadakis Nicolas
  , 2025. One key ingredient of image restoration is to define a realistic prior on clean images to complete the missing information in the observation. State-of-the-art restoration methods rely on a neural network to encode this prior. Typical image distributions are invariant to some set of transformations, such as rotations or flips. However, most deep architectures are not designed to represent an invariant image distribution. Recent works have proposed to overcome this difficulty by including equivariance properties within a Plug-and-Play paradigm. In this work, we propose two unified frameworks named Equivariant Regularization by Denoising (ERED) and Equivariant Plug-and-Play (EPnP) based on equivariant denoisers and stochastic optimization. We analyze the convergence of the proposed algorithms and discuss their practical benefit.
• Consensus-Based Optimization Beyond Finite-Time Analysis
  
  • Bianchi Pascal
  • Dragomir Radu-Alexandru
  • Priser Victor
  , 2025. We analyze a zeroth-order particle algorithm for the global optimization of a non-convex function, focusing on a variant of Consensus-Based Optimization (CBO) with small but fixed noise intensity. Unlike most previous studies restricted to finite horizons, we investigate its long-time behavior with fixed parameters. In the mean-field limit, a quantitative Laplace principle shows exponential convergence to a neighborhood of the minimizer x * . For finitely many particles, a block-wise analysis yields explicit error bounds: individual particles achieve long-time consistency near x * , and the global best particle converge to x * . The proof technique combines a quantitative Laplace principle with block-wise control of Wasserstein distances, avoiding the exponential blow-up typical of Grönwall-based estimates.