Master Thesis - Binary code analysis

Company Description

At Bosch, we shape the future by inventing high-quality technologies and services that spark enthusiasm and enrich people’s lives. Our promise to our associates is rock-solid: we grow together, we enjoy our work, and we inspire each other. Join in and feel the difference.

Bosch R&D Center Lund stands for modern development in cutting edge technology in the areas of connectivity, security, mobility solutions and AI. We are growing rapidly and looking for people to join us on our mission to become the Bosch Group’s 1st address for secure connected mobility solutions. We are working on a range of interesting projects, with a particular focus on software development for the automotive industry, electrical bicycles and Internet of Things.

Job Description

Problem statement

Bosch is a supplier of many different components for the automotive industry and one of them is an Electronic Control Unit (ECU), which is an embedded system that can be used to control many different electrical features in a vehicle. Examples of such features are wiper systems, air bags, traction control, engines etc.

Besides Bosch’s own code in an ECU, it can also include open source and artifacts in binary format from various suppliers. It is not always easy to know the content and to identify included code elements, especially in a compiled binary file. From the cybersecurity perspective, it is essential to identify any vulnerabilities, including code in ECUs, and for that reason the binary content needs to be extracted and analyzed.

Proposed solution

To improve our position regarding the identification of included elements, we offer this master thesis, in which a method is to be developed and implemented as a minimum viable product (MVP), where packages should be identified based on a compiled binary.

In detail, the binary needs to be extracted and analyzed, e.g. compression, file system identification, etc. For this and the following step, e.g. entropy analyses shall be used to identify code regions, comments, cryptographic material, etc. Further artifacts might be taken into consideration, like A2L files that describe ECU data content.

Scope of master thesis project

Two students completing 30 credits each (20 weeks) onsite at the Lund office.

Qualifications

Please note: Only applications from students at a Swedish University are accepted.

In order to be successful in the project you should be:

• A student in Information Technology, Computer Science, Electronics, Math or Physics.
• Interested in algorithm development and have some signal processing experience with machine learning knowledge.
• Experienced with or have at least some knowledge of programming in Python, C++ or similar.
• Self-driven, able to challenge yourself, and gain the experience needed to move the project forward.
• A person with team spirit, social skills and a curiosity for exploring new technology areas.

Supervisors:

Bosch: Samir Jasarevic (XC-CT/ESC2-SE)