Students: Summer 2019

What's a typical day at Crypto4A?

Olivier: I usually get to work around nine. I’m lucky enough to have multiple projects on-going so I can always work on what is most important, and occasionally I can switch to a different project when I’m stuck on the first one. Since I only work three days a week, I asked Jim (our Principal Security Architect, and my supervisor) not to do anything that is time critical, so I have a bit more flexibility in what I pursue each day. I usually leave work around 5:30 pm.

Max: I typically come in any time between 8:30 and 9 am and leave around 4:30-5:30pm, lunch typically at 12. Work usually starts right away after getting some coffee. Generally I’ll be assigned some tasks on Redmine so I can manage my time and prioritize them as I please unless I’ve been given other direction about time critical tasks. Wednesdays we have a quick software team meeting where we update Ron, our VP of Engineering, and JP, our Principal System Architect, with what we’ve been working on, what kind of challenges we’re facing, and discuss how to solve them. On Thursdays the whole engineering team gets together so we can get a feel for what everyone is doing. And then, of course, Fridays we’ve got our beer and boardgames afternoon, which is always a great way to end the week!

Thomas: I usually come in around 9:30am. I work with the testing team so every morning I come in and check the results from any tests that I left running the night before. Then I work to fix any bugs with the test framework. After that I review the bugs I encountered with my supervisor, JP. I spend the rest of the day working to implement new features for the test automation framework and run the test again.

Matt: A typical day at work starts by reviewing the logs and reports from the tests that were run overnight the night before. Unfortunately these are extremely long, and sometimes there may be only one error that we are searching for, which causes the test to grind to a halt. After determining the error, Brian, our Principal Hardware Engineer, and I usually investigate what might have caused it, and what the next steps to mitigating this error in the future would be. This usually comes in the form of re-writing some test code, implementing new test code, or it could be as simple as adding an extra piece of tape to a board. After creating and implementing our solution, we look at our checklist to determine which area of the chassis requires more testing, more code, more attention. Our checklist contains a list of everything that requires testing, whether it has been tested or not, or anything that has failed in the past that requires further investigation. Some days, if someone in the office requests a new chassis, I am in charge of building the box from all the parts in the storage room. We have a big instruction list on how to build the chassis which I made to make it easier to remember the steps in order, because there are a lot of components.

Had you ever considered working in cybersecurity?

Olivier: Yes, I had, however I decided to study wireless communications in university because I had a few courses on that subject that I found really interesting. At the same time, there is a lot of crossover between cryptography and telecommunication, so I think my studies and my work enhance each other.

Max: Before this co-op I hadn’t considered working in any specific field of interest as it’s tough to be picky when you don’t have much experience. However, I was interested in cybersecurity. As this is my 3rd term I felt like I had enough experience to actually seek out a co-op in security and that led me to Crypto4A. Now that I’m here I’m loving the field, and I’ve taken up some online courses on cryptography. I’ve even switched streams to Computer and Network security.

Thomas: Yes, I considered cybersecurity after taking a computer science class where we covered the topic of RSA encryption. I thought the theory and math behind it was really interesting and wanted to pursue it in the professional world.

Matt: No I did not. I was aware that the field of cyber security existed before I joined, but I had never considered it for myself. Now that I have had time to familiarize myself with some of the problems and current solutions in the cyber security world, I have been able to really grasp how complex and necessary diligent security measures are.

What is interesting about cybersecurity work?

Olivier: There are a few things! First, you have to design from the perspective of an enemy that wants to break the system. It’s actually really cool and really challenging at the same time as you need to anticipate downfalls and actively attempt to destroy your own solutions . Also, you can’t just rely on codes you find online because there may be a back door, it really forces you to understand what you’re doing inside and out to create robust codes. Finally, I would say that it is a great way to improve coding skills, because you have to think about every little detail and, again, anticipate how to avoid targeted attacks and failures that will jeopardize the system.

Max: Cybersecurity is fundamental to all systems (or it should be!). You get to work on the backbone of what makes so many systems carry out their objectives in a secure fashion. Additionally, the system needs to be efficient to be a good product. I find that lots of higher level services tend to put performance to the side, but with a system like ours, performance matters much more, especially for computationally complicated instructions like cryptographic algorithms.

What is the most challenging part of working at Crypto4A?

Olivier: Right now I’ll have to say that it is the stochastic model of our entropy sources that I am working on, because there is a lot of math. Overall, I think the hardest part is simply the complexity of our jobs, security can’t be rushed and solutions can’t just be okay, they need to be optimal.

Max: The standards are high. The system is critical to clients so everything is tested very thoroughly with regression tests and unit tests. We go through code reviews as well to make sure we’re writing code that is efficient, well written, and properly documented. Although this makes things tougher at times, it allows you to learn A LOT.

Thomas: The concepts can be really complex and the majority of work I do was not covered in school. It meant I had a steep learning curve when I first started working, but it has helped me develop new skills and expand my knowledge over the summer.

Matt:The most challenging part of working at Crypto4A is that I am always learning. Whether I am learning a new programming language, learning why the circuits are designed in the way that they are, or or just learning how to put our physical chassis together, there’s so much new stuff to cover. Everyday I learn a lot, and if you don’t come to work prepared for a brain blast then it can get a bit overwhelming.

What advice would you give a student coming to work at Crypto4A?

Olivier: Be prepared to learn and to work hard. I think it’s a great work environment, but it is also a great learning environment and you should try to learn as much as possible from this work term. As long as you have a good attitude you will succeed. The people here want to help and make your life easier.

Max: Don’t get too attached to what you write. Coming in to Crypto4a I hadn’t done “formal” code reviews, so I wasn’t used to being given these different perspectives on what was a good approach vs what was the best approach. It’s likely you don’t take the best approach the first time, and you get asked to change it, and that’s no big deal. You learn a lot from that process.

Matt: Lots of things break in the hardware lab, but it is important not to be let down by it. Everything is a learning experience, and you can always learn valuable information from when things break. It’s especially important that things break in the lab, not in our customers hands.

What made working at Crypto4A a positive experience?

Olivier: I may not have a lot of experience with different workplaces (and the experience I do have is atypical since it is with the Army) however, I’m pretty sure that our work environment is one of the best you can find, especially for a first job. People are nice, they want to help, and, of course, there’s beer o’clock on Fridays. The most important thing for me was the level of trust that everyone has towards us. One of the reasons why I chose not to pursue a career in the military was because I wanted more room for making decisions and taking initiative. Here, Jim basically gives me a task and lets me see what I can do, and he gives me support when I need it (and I do need it, of course). It’s great to not be micromanaged and to be trusted, especially since we’re students and they have every reason in the world to micromanage us!

Max: The people are great. I realised immediately how smart the people are here and I’ve learned so much because of them. The product is also really cool, it’s fun to work with emerging technologies, as I’d previously only worked in positions maintaining older systems. It keeps the days exciting and engaging.

Thomas: I really appreciate learning from such talented people, and having access to everyone on the team since it is still a relatively small team. Beer and games every Friday afternoon is also a great way to start the weekend!