Twitter Linked In Xing Induux


Welcome with your Diploma-, Bachelor-, Master-

Thesis "C#-Security"

Formulation of a set of C# coding rules in the context of statical code analysis for ensuring security aspects in industrial applications

In the context of industry 4.0 networking the topic security is increasingly gaining importance. Not only functional aspects must be implemented, but also sufficient measures to prevent typical attack vectors. A consistent application and verification of security coding rules is an inherent component of these measures.

This thesis shall implement a set of security rules in the programming language C#, based on the standard ‚ISO/IEC TR 24772:2013(E) Guidance to avoiding vulnerabilities in programming languages through language selection and use‘.
The literature research shall take already existing security standards and guidelines for C# into account.

The task includes the analysis of the created rules and whether these can be properly implemented/tested via statical code analysis.

For all rules that cannot be implemented, alternative methods must be worked out, like programming guidelines, security design requirements or manual verification via code review. The goal is a complete test suite based on the standard ‚ISO/IEC TR 24772:2013(E)‘.
For the implementation of the rules a widely accepted statical analysis tool like SonarQube shall be used.

The main tasks are designing and implementing the rules in the context of the chosen statical analysis tool, as well as creating and implementing test cases. The rule set shall be documented in a user-oriented way.

What we expect from you:

  • You are interested in security topics in the field of programming
  • You have advanced experience in C# and the .NET Compiler Platform (“Roslyn”)
  • You have a high level of analytical, methematical and methodical skills

What you can expect from us:

  • Support from our team
  • Insight in our departments
  • Opportunities for a permanent employment with individual career perspectives

We look forward to receiving your application, via E-Mail.

Begin: as of now / Duration: 6 months (scalable)  // Work location: Stuttgart

Keyword: ABA-CR2-C#-Security

Human Resources
Postfach 10 24 31 · 70020 Stuttgart
T +49 711 21037-00 · F 21037-53

Information about applicant data protection can be found in our privacy policy under point 7 ff.