Apprenticeship:Securitization of the logs management in an embedded context Airbus Cybersecurity School (Bachelor 3 to Master 2)

Job Description

Job Description:

This apprenticeship is integrated into the certified training programme proposed by the Airbus Cybersecurity School in partnership with Toulouse Ynov Campus.

An apprenticeship offer entitled "Apprentice in Securitization of the logs management in an embedded context (M/F)" has just opened within Airbus Protect on its Toulouse - Blagnac site.

As a work-study student, you will join a department in charge of supporting customers in the architecture security topics. You will join one of the 4th security architecture team, you will be included in a team of 14 members.

This apprenticeship will start in September 2026 and will last for a period of 3 years.

This position requires security clearance or eligibility for clearance by recognised authorities.

Tasks & Responsibilities:

Under the guidance of your Airbus tutor, you will contribute to:

• In embedded systems, logs are essential for diagnostics, auditing, and security forensics. However, these systems face unique challenges: limited CPU/RAM, unstable network connectivity, and susceptibility to physical tampering. If an attacker gains access, they may attempt to delete or modify logs to hide their tracks.
  
• The goal of this apprenticeship is to research, design, and prototype a secure logging mechanism that ensures Integrity, Authenticity, and Forward Secrecy, focusing specifically on the TECERA (Trustworthy Event logs for Constrained Embedded Resilient Appliances) framework and secure transfer protocols
  

Technical activity:

State of the Art & Theoretical Study

• Literature Review: Research existing secure logging schemes for constrained devices.
  
• Focus on TECERA: Deep dive into the TECERA architecture, which utilizes "Trusted Execution Environments" (TEEs) or lightweight cryptographic primitives to secure logs even if the main OS is compromised.
  
• Constraint Analysis: Define the hardware limitations (e.g., flash memory wear, power consumption, limited bandwidth).
  

Threat Modeling

• Identify potential attack vectors: log injection, log truncation, and "deletion attacks."
  
• Define the security requirements needed to mitigate these risks in an embedded context.
  

Design of a Secure Transfer Solution

• Local Storage: How to sign or chain logs locally (e.g., using Hash Chains or Merkle Trees) to detect tampering.
  
• Secure Transport: Propose a lightweight transfer protocol (e.g., TLS 1.3, DTLS, or specialized MQTT-SN security) to move logs from the device to a central server.
  
• Resilience: Address how the system handles intermittent connectivity without losing data.
  

Implementation and Prototyping

• Develop a Proof of Concept (PoC) on a virtualized environment
  
• Implement a simplified version of the TECERA approach to secure log entries before transmission.
  

Key deliverables:

• A state-of-the-art report on embedded log security.
  
• A technical specification document for the proposed solution.
  
• A functional PoC code repository
  

Skills & Prerequisites:

You are currently enrolled in, or have already completed, at least a two-year higher education degree (Bac+2) in the IT field.

Hard Skills:

Product architecture skills :

• Knowledge of network technology (switch, router, DNS, TCP/IP)
  
• Knowledge of network security principles (Firewall, Proxy, Probe)
  
• Knowledge of system administration
  
• Knowledge of system hardening
  
• Knowledge of micro kernel based architecture system
  
• Basic knowledge of scripting (Powershell/Bash) and/or development (python, SQL) and/or DevOps tools (Github)
  

Soft Skills:

• Organisation:2-Good knowledge
  
• Communication:2-Good knowledge
  
• Teamwork:1-Basic
  
• Adaptability:1-Basic
  
• Problem solving:1-Basic
  

Language skills:

• English: Advanced (as the classes are taught partly in English, candidates must have an advanced level of English)
  
• French: Fluent
  

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:
Airbus Protect SAS

Contract Type:
Apprenticeship

Experience Level:
Student

Job Family:
Support to Management

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com .

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.