Security Evaluation Analysis and Research Lab Ltd (SEARCH, Hungary)


The organisation:
SEARCH Laboratory was established in 1999 at the Budapest University of Technology and Economics, Hungary, with a focus on security research and development. In 2002 the leaders of the laboratory founded SEARCH-LAB Ltd as a spin-off company to provide the legal and infrastructural background for dependable professional services. The cooperation of the university laboratory and the professional dedicated company provides an incomparable combination that can successfully face challenges in the wide area from research through development to high-level services. We have a strong expertise and high respect on the market, with a unique experience in the area of security of embedded devices, and having market leading mobile phone and set-top-box manufacturers among our customers. Besides human intelligence driven black- and white-box testing (following our own methodology called MEFORMA), we also use our automated security testing tool named FLINDER for evaluation of APIs, protocol implementations and pieces of software in general.

Relevant skills/experience/technologies: The expertise of SEARCH-LAB is comprised of the following:

·         Automated security testing and manual security auditing of software and hardware products. Systematic, human intelligence-based security evaluation is complemented with automated test case generation, execution and assessment. Service includes threat analysis, preparedness evaluation and risk assessment.

·         A set of IT security trainings for software developers. Courses combine a strong theoretical foundation based on a university background and the practice-oriented approach based on the needs of the industry.

·         Certification activities such as Common Criteria and Common Evaluation Methodology. Also includes the assessment under DRM compliance programs such as CMLA and WMLA.

Role in the project: SEARCH-LAB will contribute to Aniketos with its strong expertise in security evaluation, research and education. Most importantly, it will lead the Tutorials and Trainings work package. Besides these, SEARCH-LAB will be involved in the development of Web Services security monitoring and response tool, provide expertise with security vulnerability repositories (such as the SVRS of the SHIELDS project) and also conduct security evaluation of the prototype implementations.

Interest in project results: Related to the security assessment as a service to its industrial partners, SEARCH-LAB’s research efforts are directed at advancing the automation of security/robustness testing, covering different levels and aspects of security-sensitive systems. Automated tools are being widely used during the company’s assignments to complement human intelligence-based evaluation of ICT products. As a consequence, automatic test generation and run-time monitoring for the purpose of exhaustive testing of composite services is of its main interest in the project and would enhance further its related capabilities.

Key personnel

Zoltán Hornák completed his degree at the Budapest University of Technology and Economics as an engineer of informatics. After spending eight years in the anti-virus industry as the development director of VirusBuster and working two-and-a-half years as a security consultant, he returned back to research and established the SEARCH Laboratory. He took part in the organisation of several scientific conferences as a PC member, and recently he is also involved as the member of the International Board of Advisors in the Software Assurance Forum for Excellence in Code (SAFECode) initiative established by large software vendor companies like Microsoft, SAP and Nokia.

Ernő Jeges has been working in the area of security for nearly fifteen years. During this period he was involved in a number of activities in different areas of security. His areas of interest include the convergence of logical and physical security, data hiding, technological aspects of digital rights, remote biometrics, and intelligent video surveillance. He has several innovations in the area of ear-based human identification, integration of fingerprint biometrics with cryptosystems, computer vision, and software watermarking.

László Szekeres graduated from the Budapest University of Technology and Economics specialising in ICT systems security. He has been involved in IT security research and development projects as well as security evaluation of software and hardware products for more than five years. His recent research interests include software security, security testing, and language-based security.

ANIKETOS newsletter

Stay informed on our latest news!

Login

Only for users who has an user and a password sent by the administrator.