Hardening open source software libraries

At Saab, we constantly look ahead and push boundaries for what is considered technically possible. We collaborate with colleagues around the world who all share our challenge – to make the world a safer place.

What you will be a part of
Surveillance provides efficient solutions for safety and security, for surveillance and decision support, and for threat detection and protection. The portfolio covers airborne, ground-based and naval radar, electronic warfare, combat systems and C4I solutions, and traffic management systems.
Our Cyber Security business unit develops products and services to increase the level of cyber security in Saabs portfolio. The rapid ongoing digitalization demands continuously improved and updated cyber security capability and data protection to maintain the privacy, integrity and availability of data and systems.
We develop a cloud based platform that takes full advantage of the benefits of virtualisation without compromising cyber security including tool chains that enables continuous compliance with high release velocity.

Your role
Keywords: Security, Continuous integration, Test automation, Fuzzing, Mutation testing
Open source libraries and increasingly used as part of large industrial software systems. Some of these systems are subject to strict safety and security constraints. In this context, it is essential to assess the quality of open source libraries. This assessment acitivity has to rely on state of the art testing and analysis techniques proposed in the scientific literature.
For this master thesis, you will experiment with the latest tools for safety and security analysis. These tools are in the area of fuzzing, automatic testing, and mutation analysis. You will be in charge of assessing the scalability, performance and effectiveness of these tools on large, critical libraries, such as the EFJCBA library for public Key Infrastucture (PKI)[1].
[1] https://github.com/EnigmaBridge/ejbca-community[2] https://github.com/STAMP-project/pitest-descartes[3] https://github.com/guneljahan/OASIs[4] Vera-Pérez, Oscar Luis, et al. "A comprehensive study of pseudo-tested methods." Empirical Software Engineering (2017): 1-31.[5] Gunel Jahangirova, David Clark, Mark Harman, and Paolo Tonella. OASIs: Oracle Assessment and Improvement Tool. In Proc. ISSTA’2018.[6] https://github.com/bcgit

Your skills and experience
You need to be on the last year of your studies for a computer science degree. The master thesis project will start in the first quarter of 2019. Java skills is a strong plus.

About Saab
Saab is a global defence and security company operating in the fields of air, land and naval defence, civil security and commercial aeronautics. We number 15,500 employees and have operations on all continents. Technologically we are leaders in many areas, and one-fifth of our earnings are spent on research and development. Saab is also a company with opportunities. A company where we see diversity as an asset and where you have both considerable responsibility and good opportunities for advancing in your career. But also a company that respects each person’s needs for a rewarding life beyond work.