Join us for an internship!

CEA Tech Corporate from CEA Tech on Vimeo

As an intern at CEA, you will have the opportunity to work in a world-renowned research environment. Our teams are made up of passionate and dedicated experts, offering a framework conducive to learning and collaboration. You will have access to state-of-the-art equipment and first-rate research resources to carry out your assignments.

Main goals

(1) Investigate how LLM can be used to assist evaluators in finding bug automatically in source code. For example, a research question is how IA could assist the user in generating formal specification, which is a long repetitive and complex process.

(2) Assess how LLM perform and can be complementary to traditional tools used for evaluation (formal methods, using Frama-C and Lazart). 

Internship tasks

•Literature review of LLMs solutions for automatic bug finding.

•Test of LLMs on open benchmarks of source code containing vulnerabilities ([3,4])

•Evaluation of a scope where LLM is relevant (i.e. where it performs better than traditional tools, where it can be complementary, to assist the evaluator)

•Proposition of a methodology to assist source code analysis with LLMs 

References

[1] Sauze-Kadar Marine, Thomas. Loubier. (2025). A Multi-Model Approach to Enhance Automatic Matching of Vulnerabilities to Attack Patterns. Récupéré sur https://www.scitepress.org/DigitalLibrary/Link.aspx?doi=10.5220/0013555900003979

[2] Lacombe, G., Feliot, D., Boespflug, E. et al. Combining static analysis and dynamic symbolic execution in a toolchain to detect fault injection vulnerabilities. J Cryptogr Eng 14, 147–164 (2024). https://doi.org/10.1007/s13389-023-00310-8

[3] WooKey challenge: https://wookey-project.github.io/  

[4] ANSSI, Amossys, EDSI, LETI, Lexfo, Oppida, Quarkslab, SERMA, Synacktiv, Thales, Trusted Labs. (2020) Inter-CESTI: Methodological and Technical Feedbacks on Hardware Devices Evaluations. https://www.sstic.org/2020/presentation/inter-cesti_methodological_and_technical_feedbacks_on_hardware_devices_evaluations/

What do we expect from you?

We are looking for a motivated and curious candidate (BAC+5) in the field of cybersecurity to join our team. The candidate must have good programming skills (Python, C, assembly, …) and some basic knowledge in artificial intelligence, embedded system security, vulnerability exploits.

A prior technical knowledge in formal methods for static code analysis is highly valued. A proactive and autonomous profile, an enthusiasm for scientific research are encouraged.

We offer:

An internship in the heart of the Grenoble metropolitan area, easily accessible via the CEA's soft mobility program.

A unique research environment dedicated to topics with high societal impact.

Experience in a cutting-edge field of innovation with strong industrial development potential.

Training to strengthen your skills or acquire new ones in embedded electronics, information technology, telecommunications, and/or cybersecurity.

In accordance with the CEA's commitments to the integration of people with disabilities, this job is open to all. The CEA offers accommodations and/or organizational possibilities for the inclusion of workers with disabilities.