There are several different software-based network devices which handles sensitive information. Their purpose can e.g. be to encrypt network traffic or filter payloads. During normal operation, it is possible to show that the information is handled in a correct and secure manner. But what happens if the device fails, is the claim still valid when encountering an error and/or an unrecoverable error state?
Available fall 2020
Examples of questions to be answered
- How can one ensure information handled by the software not leaking when encountering previously unknown bugs/errors?
- Under what circumstances is it possible to ensure that a software component fails in a controlled manner?
Preferred areas of knowledge / interest
- C/C++ programming
- Software development processes
- Information security