Internship - Threat Modeling Library for Gsp - Izegem, België - Televic

Televic
Televic
Geverifieerd bedrijf
Izegem, België

2 weken geleden

Sophie Dubois

Geplaatst door:

Sophie Dubois

beBee Recruiter
StageSHIP
Beschrijving
Televic Rail


With over 30 years of experience in designing, manufacturing and maintaining on-board communication and control systems, Televic Rail is a leading, trusted partner for railway operators and train builders worldwide.


Its Passenger Information Systems and Control Systems are high quality, tailor-made solutions that offer the flexibility, user-friendliness and stability that our clients ask for.

Our various types of on-board control systems such as our bogie monitoring systems are innovative yet reliable products which are designed specifically for the railway business.


Trains and trams all around the world are equipped with Televic Rail solutions, from New Zealand to Canada, from China to the United States, from India to Belgium, England and France.

Topic


Threat modeling is a process by which potential threats or the absence of appropriate safeguards, can be identified and enumerated, and countermeasures prioritized.

A lot of tools exist and many have features which could be interesting to use in Televic GSP.

However, designing a threat model, identifying and prioritizing potential threats remains time consuming. Using the specific context of Televic GSP, i.e. software runs on the trainside or wayside, and the specific software stacks, this could be optimized.


Potential master thesis:
Design and implement a common Televic-GSP-specific potential threats library


This libary allows to:

  • Maximize the number of useful potential threat suggestions.
  • Minimize the number of false positive threat suggestions.
  • Identify common security patterns.
  • Provide risk analysis guidelines for each of the threat suggestions.

Potential internship:
Implement and integrate the threat modeling tool into a product-based security dashboard:

  • Linking a version of the threat model to a version of the software.
  • Generate Jira tickets based on the threat suggestions.
  • Follow status of Jira tickets related to security problems and indicate those in the threat model.
  • Generate security reports which could be sent to customers.
Specifics

  • Level: Academic Master/Master
  • Specialty: Software
  • Type of work: Research 50%, Implem. 30%, Experim. 20%
  • Location: Televic/University
  • Type of activities: Implementation, Literature study, Programming
  • Number of students: 1 or 2
Meer banen van Televic
Bekijk alle vacatures van Televic