Technolution is a company that specializes in building embedded and information systems, in which software plays a key role. Recently, Technolution is transitioning from the use of C in embedded systems, to Rust, a relatively new programming language developed by Mozilla. By design, Rust provides the programmer with higher security and reliability guarantees, such as memory safety, type safety and the absence of race conditions. These guarantees are ensured by means of an expressive ownership-based type system. However, it is impossible for the Rust type system to detect all errors statically. Hence, there are still many operations that contain dynamic checks to test for erroneous conditions. When such a check fails, an unrecoverable problem has been encountered and the current thread exits, this is called a panic in Rust. A panic causes the program to terminate, leading to a decrease in availability of the system. To avoid situations causing panic, Technolution wants tooling that detects possible ways a program could panic. For this purpose, we developed a static analysis tool: Rustig. When given a program, Rustig notifies the user of all the operations that either directly, or indirectly via another library, may cause a panic. The tools performs the analysis of panic calls in two stages. First, it builds a call graph from the executable of a Rust program, modelling functions as nodes and function calls as directed edges. Secondly, it performs an analysis on the call graph to determine which functions could cause panic. As part of the development of Rustig, we devised two new approaches. We have developed an approach to construct call graphs taking into account dynamic dispatch calls. This is based upon the assumption once a function address is loaded, it will also be called during execution. Furthermore, in order to efficiently analyze the call graph, a simplification of the all paths problem is proposed. In contrast with the all paths problem, the simplification is solvable in polynomial time. The approach involves finding the shortest path for every crossing edge on a graph cut.

Technolution is a company that specializes in building embedded and information systems, in which software plays a key role. Recently, Technolution is transitioning from the use of C in embedded systems, to Rust, a relatively new programming language developed by Mozilla. By design, Rust provides the programmer with higher security and reliability guarantees, such as memory safety, type safety and the absence of race conditions. These guarantees are ensured by means of an expressive ownership-based type system. However, it is impossible for the Rust type system to detect all errors statically. Hence, there are still many operations that contain dynamic checks to test for erroneous conditions. When such a check fails, an unrecoverable problem has been encountered and the current thread exits, this is called a panic in Rust. A panic causes the program to terminate, leading to a decrease in availability of the system. To avoid situations causing panic, Technolution wants tooling that detects possible ways a program could panic. For this purpose, we developed a static analysis tool: Rustig. When given a program, Rustig notifies the user of all the operations that either directly, or indirectly via another library, may cause a panic. The tools performs the analysis of panic calls in two stages. First, it builds a call graph from the executable of a Rust program, modelling functions as nodes and function calls as directed edges. Secondly, it performs an analysis on the call graph to determine which functions could cause panic. As part of the development of Rustig, we devised two new approaches. We have developed an approach to construct call graphs taking into account dynamic dispatch calls. This is based upon the assumption once a function address is loaded, it will also be called during execution. Furthermore, in order to efficiently analyze the call graph, a simplification of the all paths problem is proposed. In contrast with the all paths problem, the simplification is solvable in polynomial time. The approach involves finding the shortest path for every crossing edge on a graph cut.

Blockchain technology has revolutionized the way data is stored, managed, and shared across various industries. Its decentralized nature and immutability make it highly attractive in use cases that require transparency, integrity, and accountability. However, some applications demand confidentiality, necessitating the development of permissioned/consortium blockchains that try to strike a balance between transparency and privacy. Hyperledger Fabric is a permissioned blockchain that has gained popularity due to its modular architecture, performance, and scalability. Despite its strengths, the current set of privacy-enhancing features leaves room for improvement. Therefore, this master thesis aims to explore the potential of introducing various privacy-enhancing technologies to Hyperledger Fabric, including Dynamic Searchable Symmetric Encryption (DSSE), Multi Authority Attribute-based Encryption (MA-ABE), and Trusted Execution Environments (TEE). Based on the promising results of our study, we decided to implement DSSE and MA-ABE. The combination of blockchain technology with TEE was ruled out after the thorough analysis of two research papers on the subject. Our main result is the first implementation of a provable secure DSSE scheme in the context of consortium blockchains. Moreover, we developed a blockchain-enabled MA-ABE system that utilizes a novel and generic approach to foreign function invocation. Finally, the thesis discusses unexplored challenges in the field of logistics related to electronic consignment notes used in road transport. To address these issues, we designed a blockchain architecture that incorporates our developed privacy-enhanced technologies.