New micro-architectural features for security improvement are emerging, and one very promising category of such support are hardware capabilities. These can be used for memory protection such as buffer overflow protection, but also in smaller and simpler devices, in the absence of dedicated MMU and MCU for constructing security domains, i.e. isolation boundaries, between different tasks and execution domains in the system. By such memory isolation, any potential attacks can be much better contained, but also trusted execution can be arranged for.
We are looking for a Security / Compiler Engineer to participate in a project, expecting to run during summer and autumn 2021, where we will leverage hardware capabilities in an existing microarchitecture for a MCU, to prototype domain isolation for an in-house microkernel on that platform. The work will entail embedded programming and system wake-up, but also participating in selecting design choices, and conduct performance analysis on the end result. The work will be done in a small team of researchers experienced in the field, but we expect the candidate to come with enough experience to be able to contribute from the start this is not an intern or study assignment. The work assignment is conducted on-site in our lab in Helsinki, although remote work is potentially needed in the beginning of term due to Covid-19 restrictions.
This work MAY lead to results that can be considered for academic publication, and if that is the case, we will as a team move in that direction. As such, the position could also be treatable / useful as e.g. a PostDoc position, but the main targets of the position are pre-defined and those will not be changed in the name of research.
Requirements
We are looking for a candidate with:
Benefits
The Helsinki System Security Laboratory in Huawei drives renewal and mastery in the field of platform and device related security technologies, especially for Huawei Consumer devices such as mobile phones, laptops, televisions and home IoT. Our topical expertise lies in hardware-assisted isolation and integrity, as well as in (Linux) operating system protection (hypervisor, TEE, secure enclaves and kernel hardening). We also carry expertise in cryptography and systems security functionality such as device key management (PKI), device attestation and device crypto services.
We offer a position in a forward-looking industrial research team, with a solid track record in both innovation and publication as well as delivering its result as factual contributions to on-the market devices. Many of us are privileged to have security features designed by us in daily use in 100s of millions of customer devices world-wide. Huawei offers opportunity to learn from the best of mobile industry. Working at Huawei in international atmosphere is fun and the opportunity to develop your skills and competences is endless. As we are second largest mobile phone brand in the world, in a long term you have opportunity to relocate around the world. Are you ready for the challenge?