We are always interested in talented students looking to write their master thesis and offers several interesting proposals in the areas of embedded systems and embedded system security.
We are also interested in hardware design, development processes and other process related areas.
Even in security-critical systems, the use of third-party software components is common. Integrating open source components can save time/money and in some cases increase quality of the software. On the other hand it introduces a risk as it is possible for anyone to find security flaws and one has very little control of how the software is developed.
There are several different software-based network devices which handles sensitive information. Their purpose can e.g. be to encrypt network traffic or filter payloads. During normal operation, it is possible to show that the information is handled in a correct and secure manner. But what happens if the device fails, is the claim still valid when encountering an error and/or an unrecoverable error state?
Visual programming (VP) enables non-programmers to develop simple, easy to understand executable code. The programming visualization lets users manipulate graphical objects rather than textually (TP). This is supposed to help the user to develop independent of programming language and future knowledge. Using boxes and arrows is a common way to visualize, another way is to represent the flow of code in a flow-chart manner.
The easiest method of file type detection is the extension-based method. Other methods include verifying magic bytes - a predefined signature in the header or trailer of binary files or checking for metadata in the file. These methods are vulnerable to spoofing attacks.
Git - an example of a Version Control System (VCS) - provides its users with the possibility of Signed Commits (SC) using GPG signatures. SC are useful for establishing strong guarantees of integrity, authorship, non-repudiation and auditability of source code. These properties are highly desirable when developing high assurance products. Additionally the following features are also desirable in a SC enabled VCS system: Write Access Control, Write Access Management and GPG Identity Revocation.
Homomorphic encryption – a type of encryption where it is possible to do operations on the encrypted data without decrypting it, with the result being the same as if the operations had been performed on the plaintext. This is useful in a number or areas where privacy is a concern, for example when handling financial data. Although not widely used it is becoming more and more interesting with the ever-expanding use of cloud storage as well as increased privacy concerns.
Advenica provides expertise and world-class high assurance cybersecurity solutions for critical data in motion up to Top Secret classification. We enable countries, authorities and companies to raise information security and digitalise responsibly. Founded in 1993, we are EU approved to the highest level of security. Our unique products are designed, developed and manufactured in Sweden.
Advenica has offices in Malmö, Stockholm, Helsinki and Vienna, and is a publicly traded company listed on Nasdaq First North Premier. Read more at advenica.com
Career site by Teamtailor