Raef Coles

Firmware Engineer at Arm

Bristol, England, United Kingdom
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Raef Coles is a firmware and low-level security engineer with 12 years' experience, currently implementing secure processing environments for M-class Arm processors on Arm's TrustedFirmware-M team. He specialises in cryptographic implementations, side-channel and fault-injection countermeasures, and space-constrained bootloaders, balancing practical production constraints with rigorous security design. His upstream open-source work includes the first commercial-grade Leighton–Micali Signature (LMS/LMOTS) implementation in Mbed TLS and hardening of mcuboot's critical boot path against fault attacks. He has also developed an advanced two-stage ROM bootloader and an open-source fault-mitigation primitives library with a simulator presented at Virtual Linaro Connect. Comfortable with reverse engineering hardware, he implemented drivers for security accelerators such as the Arm CryptoCell-312. Based in Bristol, he combines academic grounding from a Bristol MEng with hands-on open-source contributions that influence widely used embedded security projects.
code12 years of coding experience
bookMaster of Engineering - MEng, Computer Science, Master of Engineering - MEng, Computer Science at University of Bristol
github-logo-circle

Github Skills (24)

bootloader10
tls1210
python10
testing10
firmware10
it-security10
configuration-management10
c1110
microcontroller10
tls1310
security10
post-quantum-cryptography10
c1710
icalendar10
mtls10

Programming languages (7)

CTeXLuaHTMLVim scriptGroovyPython

Github contributions (5)

github-logo-circle
mcu-tools/mcuboot

May 2020 - Oct 2021

Secure boot for 32-bit Microcontrollers!
Role in this project:
userEmbedded Systems Engineer / IoT Developer
Contributions:14 reviews, 9 commits, 4 PRs in 1 year 4 months
Contributions summary:Raef primarily contributed to the secure boot process for microcontrollers within the mcuboot repository. They hardened the critical path against fault attacks by introducing mitigation measures to validate images. The commits demonstrate expertise in areas such as image validation, security counter measures, and firmware upgrade processes, which are core to the repository's functionality. The contributions involved modifications to critical boot-related source code.
securedevicedevice-management32-bitsecure-boot
Mbed-TLS/mbedtls

Oct 2020 - Oct 2022

An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
Role in this project:
userBack-end Developer
Contributions:65 reviews, 103 commits, 4 PRs in 2 years
Contributions summary:Raef primarily worked on implementing and documenting post-quantum cryptographic algorithms within the mbed TLS library. Their contributions included the addition of the LMS (Leighton-Micali Signature) and LMOTS (Leighton-Micali One-Time Signature) implementations, alongside necessary supporting functions. The user also refactored and updated the existing documentation to describe the use and context of the new cryptographic algorithms, making them a key contributor to the post-quantum security features of the project. Furthermore, the user moved to utilize PSA (Platform Security Architecture) hashing for the LMS and LMOTS to improve performance.
cryptography-libraryapisslcryptographycryptography-api
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Raef Coles - Firmware Engineer at Arm