Ayoub L.

Cryptography & Key Management

- Implemented cryptographic workflows (AES-GCM/CBC, RSA, ECC) within secure communication and key management systems

- Developed key lifecycle mechanisms (KEK/DEK derivation, IV management, secure token generation)

- Contributed to PKI-based trust models and tokenized security architectures (payment, identity systems)

- Applied HSM-oriented principles to enforce strict separation between key material and application layers

System Debugging & Cross-Layer Analysis

- Investigated and resolved complex issues in C-based cryptographic implementations (encryption flows, key handling, authentication)

- Developed Python reference models to reproduce, validate, and challenge cryptographic workflows and design decisions

- Ensured consistency between embedded and backend system components during integration phases

- Collaborated with security, backend, and firmware teams to resolve cross-layer integration issues

Tooling & Automation

- Developed Python tools to automate PKI generation and validation workflows, replacing manual OpenSSL-based processes

- Built YAML-based pipelines for automated testing and CI integration

- Refactored internal tooling to improve modularity, maintainability, and reproducibility

Engineering Impact

- Operated with high autonomy in validation and debugging activities within security-critical systems

- Contributed to process improvements and technical documentation aligned with team practices

- Improved knowledge sharing and team alignment through structured documentation and reusable tooling

Tools & Technologies

- Crypto: PKI, X.509, AES-GCM, RSA/ECC, HSM

- Languages: C (Embedded), Python (Validation & Tooling)

- QA: VTP, Code Coverage, Traceability

- Environment: Git, Jira, Confluence, CI/CD

Provisioning & Security Workflow Analysis

- Configured and operated a multi-ECU validation environment (Multiverse bench) to perform end-to-end testing of connected vehicle security features

- Executed and analyzed provisioning workflows via diagnostic services, validating secure vehicle access using JWT-based authentication mechanisms

- Developed Python tools to simulate, reproduce, and validate provisioning and authentication scenarios

- Investigated ECU and Android logs to analyze issues in provisioning, authentication, and secure communication flows

- Collaborated with ECU development teams to reproduce, debug, and resolve system-level issues identified during end-to-end validation

- Resolved cross-layer integration issues across diagnostics, backend communication, and ECU interaction layers

Embedded Security & AUTOSAR Engineer — Continental

- Designed, developed, and validated AUTOSAR software components for safety- and security-critical ECUs, contributing to ISO 26262 and MISRA-compliant systems

- Acted as a key technical contributor on security-critical features, performing cross-layer design, implementation, and debugging across AUTOSAR, diagnostics, and cryptography domains

Plug & Charge (PnC) — Certificate Handling & Diagnostics

- Led development of an AUTOSAR SWC for secure reception, parsing, and validation of digital certificates (X.509, ASN.1, DER/PEM)

- Defined component architecture from system requirements (SRS → SDD), ensuring traceability and compliance

- Implemented diagnostic services (DIDs, DTCs) to monitor certificate integrity and system behavior

- Acted as technical reference for cross-layer debugging across AUTOSAR, diagnostics, and cryptographic layers

- Developed automated validation scripts used by system teams for integration testing

Secure Network Management ECU

- Integrated CAN NM / OSEK NM modules and developed monitoring SWC to manage secure network state transitions

- Resolved cross-layer integration issues, improving system robustness and stability

- Provided architectural recommendations to handle edge cases and improve system reliability

Smart Access (BLE/NFC)

- Developed AUTOSAR SWCs enabling secure vehicle access via BLE/NFC, including provisioning and contract handling

- Integrated cryptographic and certificate-based authentication mechanisms

- Contributed to feature design and resolved security-related issues across communication and cryptographic layers

Testing & Engineering Practices

- Performed unit, integration, and system-level testing using Robot Framework, CAPL, CANoe, and Trace32

- Contributed to Agile processes (planning, refinement, defect triage) aligned with safety and security priorities