About Me

I’m Alex, a security engineer with a background in embedded systems and firmware development. I’m studying Systems Engineering at Luleå University of Technology and working at my previous company, where I test the security of network-exposed firmware on real hardware.

My work sits at the hardware-software boundary: finding attack surface in firmware update paths, testing authentication and access control implementations, and tracing failures with packet captures and log instrumentation. I care about the details that only become visible when something is actively probed.

I’m moving into ICS/OT security, where the embedded and protocol background translates directly. The longer arc is security architecture and independent consulting for industrial clients, the kind of work that requires understanding both the hardware constraints and the business risk.

Work experience

At my previous company I’ve analyzed attack surface on firmware update vectors (SCP, TFTP, WebGUI), tested authentication features including RADIUS, LDAP/AD with IPv6, FIPS, and SNMP, and built Python tooling for device interaction over UART and TCP/IP. Root cause analysis via packet capture and log tracing is a regular part of the job.

Thesis

My bachelor’s thesis reimplements an RS-485/UART driver from the REMHUB4 firmware in Rust, integrating it into an existing C++ codebase. The comparison covers memory safety, error handling, robustness, and ecosystem maturity, with a focus on incremental adoption without touching the surrounding firmware.

Tools and skills
  • Security: attack surface analysis, protocol fault testing, CVE/NVD triage, OWASP, MITRE ATT&CK
  • Network and auth: TCP/IP, UART/RS-485, RADIUS, LDAP/AD, SNMP, FIPS, packet capture
  • Tools: Wireshark, Nmap, Wazuh, Splunk, GDB, GitLab CI/CD
  • Languages: Python, Bash, C, C++, Rust
  • Systems: GNU/Linux, bare-metal firmware, memory-mapped I/O
Beyond work

I repair and take apart hardware when I can. Understanding the physical side makes the software side make more sense. This site is where I write about what I build and what goes wrong.