Capabilities

Over the past two decades, Cybernetica has developed several mission critical systems, most of them still in use today. We have done ground-breaking research in the field of cryptography and information security and developed innovative technologies based on the findings. Our team of cryptographers, system and software engineers has gathered considerable experience. We believe that our strength today lies in the following areas:

Building Mission Critical Systems

Cybernetica has designed many mission critical systems. Sometimes, human life is on the line, for example, with distress calls handled by our maritime radio communication system. The system is fully redundant, without a single point of failure. Different parts of the system are located at several sites, most of them unmanned. Built-in diagnostics and maintenance functions enable efficient preventive maintenance.

We have developed the X-Road (exported as UXP), which serves as a backbone for digital government in Estonia and elsewhere. The X-Road system has been in production for more than 17 years with no downtime and currently handles more than 600 million transactions annually. The distributed architecture of the X-Road allows it to continue growing to several order of magnitudes of the current load.

Specialising in Architecture

Experienced developers know – performance, security, reliability and extensibility of any system cannot be added as afterthoughts after the system is implemented. Adding hardware and additional components (network and application level firewalls, gateways, etc.) can only take you so far. We at Cybernetica know this and focus on the technical issues early on. Only by making security, reliability and scalability our priorities from the very beginning did we build scalable and reliable systems that can support an entire country.

In addition to external properties, Cybernetica has a strong culture of building “beautiful” systems. To us, beauty means very pragmatic things : functions of the system are divided between subsystems in a logical manner; dependencies between subsystems are optimized and minimized; appropriate protocols are selected or designed for reliable communication between subsystems; interfaces between subsystems are reliable; the downtime of a single component usually does not bring down entire system.

Cybernetica’s software development process makes the architecture first-class citizen in the project. From the beginning the focus is on identifying and mitigating technical risks. We do not consider the risk solved unless we see working code. This approach forces us to start coding and testing activities very early. By the time we start implementing bulk of the functionality, the architectural core of the system is already implemented and tested. Putting the candidate architecture through its paces we get the confidence that the system being built fulfills the important requirements of the customer.

Expertise in Protocol Design

Many of Cybernetica’s products and solutions contain (cryptographic) protocols designed in house. In many cases, the standard protocols are not available. In other cases, standard protocols must be used in an innovative manner to satisfy the requirements. And, for more innovative/groundbreaking systems, standards to not yet exist. The choice of using an existing protocol versus creating a new one is driven by concerns such as the required security properties, available hardware and software, assumptions that can be made about users and other systems/components, availability of a trusted computing base, etc.

Cybernetica has strong track record in protocol design. We have designed protocols for use in VPN systems, timestamping systems. Our current flagship products UXP, SplitKey, Sharemind as well as the Estonian Internet voting system all contain protocol-level innovations.

Our protocol design experience is complemented by our experience in formal analysis of cryptographic protocols, as well as in quantitative risk analysis of systems, enabling us to precisely qualify and quantify, as well as explain the guarantees that the protocols provide.

Secure Implementation

Great architecture and design are not worth much without competent implementation. Cybernetica is committed to creating clean, readable and secure code. We hold regular trainings for the developers, including about secure programming techniques. All the code written is peer reviewed by other developers. We employ static analysis tools to discover bugs and security issues before they are released to production. Also routine is performing internal or external security testing to ensure that the result is secure.

Cybernetica has extensive experience in using Java and C/C++ programming languages. But that is not all we know – parts of our systems are written in Python, Ruby, Haskell, Javascript and other languages. When needed, we create our own programming languages, such as SecreC that is used to write privacy-preserving computations for the Sharemind platform.

Cybernetica has ISO 9001 certified quality management system and ISO 27001 certified information security management system. This means that our output is consistently of high quality and you can rely on us to ensure safety of your data.