Bouguern Abderrahmane

Securing embedded systems is like forging the skeleton of a digital fortress — if the bones are weak, no wall will ever hold.

• Designed and implemented hardware-based security architectures for next-generation PLCs, leveraging NXP i.MX SoCs with EdgeLock Enclave (ELE) as the root of trust for key provisioning, secure boot, and runtime attestation
• Integrated NXP V2X security enclaves into embedded platforms, enabling cryptographic isolation and identity management at the hardware level
• Architected PKCS#11-based key management solutions using TPM and SoftHSM, bridging hardware security modules with application-layer TLS stacks (OpenSSL 3.x provider model)
• Implemented ARM TrustZone / TEE to enforce hardware-enforced isolation between secure and non-secure execution environments on embedded Linux targets
• Contributed to OS/Firmware co-design, analyzing and hardening interactions between the firmware layer and the Linux userspace in Yocto-based embedded systems
• Secured IIoT real-time communication protocols including OPC-UA and Modbus, enforcing mutual TLS authentication, certificate lifecycle management, and secure channel establishment
• Built and maintained Yocto-based BSPs, integrating cryptographic providers, HSM drivers, and security middleware into reproducible embedded Linux distributions

Analyzing code for security is like peering into the DNA of a digital organism to safeguard its health in the cyber ecosystem.

• Countermeasure correctness analysis — formal and semi-formal verification that protections preserve original program behavior under compiler transformations
• Compiler optimization resistance — assessment of countermeasure survival through LLVM optimization passes (O1–O3), ensuring no silent neutralization of security-critical code
• Attack surface evaluation — systematic identification of exploitable code patterns exposed to fault injection and side-channel adversaries
• Attack model adequacy — formal mapping of countermeasures against threat models, verifying coverage and robustness with respect to defined attacker capabilities
• Formal & semi-formal methods — applied abstract interpretation for sound over-approximation of program states, combined with symbolic execution (KLEE) for constraint-based path exploration
• Security assurance alignment — analysis conducted in accordance with Common Criteria evaluation levels (EAL1–EAL7), ensuring countermeasures meet rigorous assurance requirements
• LLVM-level instrumentation — developed C++ analysis passes via the LLVM API for low-level, compiler-aware security auditing

Research: where the curious go to play, the dedicated go to work, and the persistent go to discover

• Physical attack research — fault injection & side-channel (auxiliary channel) attacks on embedded targets
• Attack surface analysis — software protection assessment against hardware-level adversaries
• LLVM-level instrumentation — developed C++ passes via the LLVM API for static binary analysis
• Countermeasure implementation — fault injection mitigations, control flow integrity (CFI) enforcement, and execution path hardening
• Control flow analysis — detection and prevention of CFG hijacking, ROP-chain resistance at compiler level
• Vulnerability assessment — C-level code auditing, data flow analysis & symbolic execution with KLEE
• Path exploration — constraint-based reachability analysis for vulnerability discovery in safety-critical code
• Secure compilation — hardened build pipelines integrating static analysis and countermeasure passes

MERN stack: Uniting the web's building blocks for powerful full stack development

Utilized the MERN (MongoDB, Express.js, React, Node.js) stack to develop the “Help Center” platform.

React: Empowering developers to build dynamic and delightful user interfaces with ease.

Conducted in-depth study on JavaScript frameworks, with a focus on React, for the implementation of visualization models. Executed integration and visualization of JavaScript scripts utilizing Kibana and Elasticsearch.

National School of Computer Science and Applied Mathematics of Grenoble

Top French educational institution in Informatics, Applied Mathematics and Telecommunications, pioneer in the field of information processing, Ensimag evolves to remain the reference in this field.

School of Engineering in Physics, Electronics and Materials Science - Grenoble INP - Phelma

Grenoble INP – Phelma is the school for scientific diversity. It offers its students courses in various fields with a promising future: micro and nano-technologies (micro / nano-electronics, nano-sciences, materials, health, building, etc.), energy…

TSI (Technologie et Sciences de l'Ingénieur) preparatory class.

Two years in preparatory classes in Mathematics and IEE (Information processing, electrical engineering and electronics).”Classes préparatoires” are two-year intensive preparatory courses in France, aimed at high-achieving students who wish to enter the prestigious grandes écoles—elite higher education institutions.