Center for Cybersecurity

Internships

Open Calls

This page lists the internship projects currently available in the Center for Cybersecurity of Fondazione Bruno Kessler (FBK).

Procedure

  1. Application: submit your application for the internship project you are interested in using the designated online form and providing the required information. Make sure to apply before the specified deadline. You are advised not to apply to more than two projects at the same time.
  2. Selection: project supervisors will review the applications and choose the most suitable candidate. If needed, they may request an oral interview during the selection process. Each project is evaluated independently.
  3. Results: once the selection process is complete, all applicants (both selected and not selected) will be notified of the outcome for the specific project.

For general inquiries, you can email internships-cs@fbk.eu. If you have specific questions about a project, please reach out to the project supervisor directly.

Please note that applications sent via email will not be considered.

Projects are listed starting with those that have the earliest submission deadlines.

Context-free grammar for TLS validation ST

ID: p-2025-st-4

Published on: Wednesday, 12 March 2025

Deadline for Applications: Wednesday, 26 March 2025 at 23:59

Description:

Since its first version was published as an RFC in 1999, Transport Layer Security (TLS) has rapidly become the de facto standard for providing confidentiality and integrity to communications exchanged in an unsecured environment. While there exist multiple implementations (e.g., OpenSSL, GnuTLS, rusttls) that allow system administrators to easily deploy a webserver, there does not exist a practical way to verify their compliance with the RFCs they are based on. The primary objective of this internship is to write a context-free grammar able to parse TLS messages and check if they comply with the expected structure.

Type: Internship + Thesis

Levels: BSc, MSc

Supervisors: Salvatore Manfredi (smanfredi@fbk.eu), Riccardo Germenia (rgermenia@fbk.eu)

Prerequisites:

  • Experience with formal grammars (e.g. LFC course)
  • Basic knowledge of the TLS protocol (e.g. Intro2CNS or Networking course)

Objectives: Creation of a CFG (context-free grammar) for TLS 1.3

Topics: Research tool, Context-free grammar, Packet analysis, TLS vulnerabilities

Notes: The project's scope will be adjusted to accommodate the number of available credits, making it suitable for both bachelor and master students. However, due to the need for future-proof and reusable results, access to the thesis period is dependent on an assessment performed on (and during) the internship period.