Skip to main content

Experience

Selected Projects #

CRA gap analysis
For a Swiss client in the machinery industry, I analyzed their current product and development processes against the EU Cyber Resilience Act (CRA) and IEC 62443. We established a roadmap towards compliance in Q4 2027.

RED DA compliance pilot & scale up project
For a Danish client in the liquid handling industry, I executed a pilot program for product compliance under the newly activated essential requirements in the EU Radio Equipment Directive (RED DA). During this pilot, we ran through the compliance process for two products following EN 18031, and designed and supervised the process for scaling compliance to the full product portfolio.

CRA training for the C-level
For a producer of chemical laboratory equipment, I developed a customized training course focused on CRA compliance. This interactive training was designed for the executive board and addressed, among others, industry-specific questions raised by the client.

Product PKI design
For an international client producing building management equipment, I designed a product public key infrastructure (PKI). The design was tailored to the specific needs of the client, including: (i) the absence of Internet connectivity, (ii) the need for zero-config installations, and (iii) support for OEM manufacturing.

Fleet security for 3D-imaging products
A client developed a product that utilizes high-precision photographs to create 3D facial reconstructions. I supported in securing capture device based on embedded linux. I also provided support to protect the devices against remote take over in the case of a compromised development pipeline.

Positions & Education #

Current Product Security Consultant at Product Security Guru, CH
Boutique consulting on product security and related EU legislation (Primarily CRA and RED DA). Actively involved in CRA standardization.

Current Network Security Lecturer at ETH Zürich, CH
Teaching in the master-level Network Security course. Ca. 320 students/year.
Focus topics: PKI, VPNs, anonymous communication, and BGP security.

Lead Security Architect at Zühlke Engineering, CH
Work on PKI design, product security, IEC 62443, EU CRA, RED DA, …
Various Swiss and international clients in industrial and consumer products

PhD in Network Security at ETH Zürich, CH
Advised by Prof. Adrian Perrig at the Computer Science Department
Thesis: “Fine-Grained Access Control for Sensors, Actuators, and Automation Networks”

MSc in Electrical Engineering at ETH Zürich, CH
GPA: 5.92/6 — with Distinction — ESOP Excellence Scholarship

BSc in Electrical Engineering at TU Delft, NL
GPA: 9.5/10 — Cum Laude — Honours Programme — Challenge Programme

Piet De Vaere
Author
Piet De Vaere