Hi, I’m Florian Stosse, just another information security engineer !
I currently work at Safran Data Systems (a Safran Electronics & Defense subsidiary), in the Space & Communications business unit. I focus on hardening and securing our embedded Windows 7 and 10 platforms, among other cool things :)
Previously, in October 2018, I started a PhD thesis at CEA-List and ANSSI to work on formal methods applied to software security. More specifically, I was working on software defenses and hardening against hardware vulnerabilities, such as Spectre and Meltdown, using sound static analysis tools ( Frama-C in particular).
My thesis was under the supervision of Julien Signoles (CEA), and my advisors were Patricia Mouy (ANSSI) and Florent Kirchner (CEA).
Unfortunately, we had to put a stop to the thesis, but hey, that’s life !
Before that, I graduated in August 2018 from ESIEA Paris, a French computer engineering school. During my graduate studies, I was an apprentice at Bureau Veritas’ R&D center in La Défense, Paris.
I worked in the RAMS department, and my main areas of work were:
Do not hesitate to get in touch if you want to chat about these topics (or anything else, really) !
M.Sc. in Information Security, 2015/2018
ESIEA, Paris, France
Associate's degree in Computer Science, 2012/2014
University of Lorraine, Metz, France
Space & Communications business unit.
My main activies are:
Hardening of embedded Windows 7 & 10 platforms
Vulnerability and compliance scans with Nessus
Development, test and integration of new security solutions and architecture
Technical referent on Operating Systems and Security matters
Level 3 support on Operating Systems and Security matters
Security tools integration in CI/CD pipelines
Thesis subject: software countermeasures against vulnerable hardware platforms.
Study of formal methods and countermeasures applicable for secure execution on vulnerable hardware platforms (e.g. Spectre & Meltdown vulnerabilities):
Working in the Safety department of our European Technical Center (R&D center) on various security-related activities, such as:
Connected vehicles and autonomous vehicles security:
Embedded systems (IoT) and industrial systems (SCADA/ICS) security
Software security
Internship subject: multi-sensors ad-hoc network use to improve indoor positioning of mobile users.
Embedded system (LEGO Mindstorms EV3) programming in Java (Lejos framework). The goal was to build and program the robot to navigate inside a previously unknown room, in order to map its Wi-Fi and Bluetooth coverage.
The data would later be used to perform indoor positionning on a smartphone (using Wi-Fi RSSI, see HORUS system). The robot had to avoid obstacles and report them. I implemented the following parts:
I try to always learn something new, fun and/or useful ! I rely a lot on MOOCs to do so, and I had the opportunity to follow these one so far: