SGE Home   /   SGE Services



TÜBİTAK BİLGEM SGE carries out research and development activities in the field of cyber security; carries out solution-oriented projects for military institutions, public institutions and organizations and the private sector. With these studies, it strives to minimize the information security problems of institutions and to raise corporate information security awareness. It provides services within the scope of creating cyber security knowledge in our country with many projects it has successfully carried out so far.

IOT Security Studies

Internet of Things (IoT) is a network of physical objects embedded with sensors, software and other technologies for the purpose of data connection and sharing with other devices and systems over the Internet.
Statista’nın öngörülerine göre, 2018 yılında internete bağlı olan cihaz sayısı 22 milyar iken, 2025 yılında bu sayının 38,6 milyarı bulması beklenmektedir. 2030 yılında ise bu sayının 50 milyara çıkması beklenmektedir. Business Insider ise Statista’nın tahmininden daha yukarıda veriler olacağını öngörüyor. Business Insider’ın 2016 ve 2017 yılları için yayınladığı IoT Pazarı Raporu’na göre, 2025 yılında 55 milyardan fazla IoT cihazı olacağı öngörülüyor. Rapora göre, 2017-2025 yılları arasında 15 trilyon dolara yakın IoT yatırımı yapılması bekleniyor. 2025 yılının sonunda 75 milyar cihazın internete bağlı olması bekleniyor. 2026 yılında IoT pazarının 3 trilyon doların üzerine çıkacağı tahmin ediliyor.

A typical IoT Penetration Test includes the following steps:

1. Determination of IoT Service Scope
2. Information Gathering
3. Vulnerability Assessment
4. Exploitation Phase
5. Reporting

  • In order to ensure that security tests are carried out in the most effective way, all your needs are listened to and information is exchanged. Thus, the scope, type and required information are determined at the first safety meeting.
  • At this meeting, it is decided whether physical security tests will be needed on IoT devices and which components will be included in the test.

In this step, attack vectors on IoT devices are first determined. The basic attack vectors on an IoT device are as follows:

  • Implementation of Hardware Attacks
  • Firmware Reviews (Reverse Engineering, etc.)
  • Implementation of Network Attacks
  • Implementation of Wireless Network Attacks
  • Mobile and Web Applications
  • Penetration Tests
  • Cloud Services Penetration Tests

This process starts with vulnerability assessment, firmware and application analysis. The following steps are used in firmware analysis:

  • Binary Analysis:
    • Reverse engineering,
    • Document analysis in the system (for finding sensitive information or certificates),
    • Performing all necessary application tests according to the type of application during application analysis.
  • Researching Communication Protocols:
    • Determination of communication protocols (BLE, Zigbee, LoRA, 6LoWPAN)
    • Sniffing, modifying and replaying communication protocols (relay-replay attacks),
    • Jam-based attacks,
    • Third party services (mobile application API services, etc.) that then communicate with the IoT devices specified in the information collection step.
  • Physical Security Tests:
    • External USB Access,
    • External ports access,
    • Location and storage environment,
    • Availability of debug console access
    • Availability of serial console access
    • Allowed connection methods (wireless, wired, Bluetooth, etc.)
    • Test controls.
  • This phase aims to exploit the vulnerabilities collected in the information gathering and vulnerability assessment sections. In this way, the party receiving the penetration test service can see the possible damage after a real cyber attack. In addition, the risks are evaluated for the vulnerabilities found. Similar vulnerabilities may have different levels of criticality based on ease of exploitation, access to information required to exploit, and the like.
  • Cyber security experts use the necessary attack techniques to show what a malicious attacker can do in this step, without damaging the systems as much as possible.
  • All detected vulnerabilities and findings are reported. The report is prepared in a simple language, understandable by the developers, in a standard supported by screenshots and presented to the parties.
  • The report consists of sections that include the purpose and scope of the test, the general testing methodology, the security tests performed, and finally the evaluation and summary information for administrators.

The widespread use of these systems causes security vulnerabilities that can have dramatic effects. Cyber Security Institute conducts security research on IoT systems, monitors current vulnerabilities and performs hardware and software penetration tests. Provides detailed technical reports and executive summaries as a result of penetration tests. It contributes to raising the awareness of institutions about security and eliminating possible security vulnerabilities.

  • In Software Planning and Pre-Development Phase:
    • Helping for designing a secure architecture,
    • Recommending best practices for developers to follow,
    • Integrating continuous IoT security testing into the DevOps cycle.
  • During Development:
    • Iteratively evaluating the product with its security requirements,
    • Constantly reviewing secure code,
    • Incorporating a security perspective as part of an automated process.
  • Post Development:
    • Performing penetration tests for all major releases,
    • Managing the security program and interacting with external developers,
    • Patch management and recommending security updates.

Penetration Tests

SGE conducts penetration tests and security audits for both public institutions/organizations and private sector companies. Penetration tests and security audits cover all components in the IT infrastructure. After the tests are completed, detailed technical reports and executive summaries are produced. In addition to technical security tests, social engineering tests are also carried out to increase the security awareness of the employees.

New exploitation methods and tools are being researched and developed by SGE researchers to perform more efficient and high-standard testing.

One of the main goal in this area is information sharing. In addition to the security tests carried out in both the public and private sectors, studies are carried out to increase the quality of the tests carried out within this scope in the sector. Workshops are organized to determine the scope and depth of tests, to increase the quality and objectivity of test result reports, and joint projects are carried out with regulatory agencies.

Security Controls

Güvenlik, yazılımlara ve sisteme sonradan eklenebilecek bir özellik değildir. Geliştirme sürecinin parçası olarak ele alınmalıdır. Geliştirme ve kurulum süreçlerinde güvenlik işlevlerini uygulamak hem daha kolay hem daha etkilidir. SGE bu bağlamda “Güvenlik Denetimleri” hizmeti vermektedir.

SGE provides the following support to public institutions/organizations and the private sector:
  • Secure software development trainings,
  • Software source code analysis to detect vulnerabilities as a result of mistakes made while developing software,
  • Risk analysis and threat modeling to make secure software development processes more effective,
  • Researching and implementing new secure software development methods,
  • Conducting secure software development workshops and conferences.
In this regard, SGE has been involved in multiple NATO information systems development projects. Within the scope of the system and software security accreditation process of these projects, it supported the design of secure systems, the preparation of accreditation documents, and performed the security tests of the developed systems.

Risk Analysis

SGE provides information security risk analysis services for military, public and private sector organizations. Risk analysis projects can be done on software and system basis. Risk analysis services are also provided within the scope of ISO 27001 certification on a corporate basis. 

In this context, the business processes of the institution are analyzed and critical business processes are determined; assets in these business processes and dependencies between assets are removed and asset valuation is carried out. Afterwards, the probability and impact values for the risks that affect these assets are determined and the risk values for the asset or process are calculated. Risks are documented in detail in accordance with the content of the project. In accordance with the threats, the measures are issued according to the requirements defined in ISO 27001 and NIST SP 800-53 standards, the maturity levels of the measures are determined together with the customer and they are documented in accordance with the project content. Finally, after the implementation of the measures, a risk study is carried out and the remaining risk is evaluated.


(SGE) Cyber Security Institute

The Cyber Security Institute, which was established to carry out studies to increase the national cyber security capacity, carries out research and development activities in the field of cyber security; carries out solutions-oriented projects for military institutions, public institutions and organizations and the private sector.

The main fields of activity of our institute, which has made a significant contribution to the creation of cyber security knowledge and tactical infrastructure in our country with many successful projects to date, are secure software development, penetration tests and vulnerability analysis.

6-yze card logo

(IZE) Artificial Intelligence Institute

Artificial Intelligence Institute is the first institute established within the scope of TUBITAK centers and institutes, which cuts the sectors and research fields horizontally and focuses directly on the emerging technology field. For this reason, it constitutes an innovative model in terms of both the open innovation and co-development approach of the institute and its focus on emerging technology.

Artificial Intelligence Institute aims to develop core technologies in the field of artificial intelligence and bring these innovations from the forefront of science to the use of the industry as soon as possible. Focusing on the transformative potential of artificial intelligence, it will continue to play its part in pioneering efforts to create and sustain artificial intelligence-based innovation, growth and productivity in Turkey. Working with industry and public institutions in Turkey, together with other organizations within the artificial intelligence ecosystem, spreading the use of artificial intelligence and increasing the workforce specialized in this field are among its primary goals.



By joining TÜBİTAK BİLGEM as a Researcher, you can contribute to developments in the fields of information technology, information security, and advanced electronics. You'll have the opportunity to make your mark on innovations, closely follow advancements, enhance your skills, and shape your future by advancing in your career.

You can apply to our currently open positions through the TÜBİTAK Job Application System .

Application Conditions

Conditions for Job Application:

  • Foreign language proficiency: Attaining appropriate scores in the exam types specified in the announcement or studying in a program that is 100% in English for undergraduate education.
  • Fulfilling specific requirements stated in the announcement (such as undergraduate department, years of experience, expertise, etc.).
  • Satisfying the formula score:

For Candidates with Less than 3 Years of Experience:

Weighted Graduation Average + (10,000 / University Placement Exam Ranking) + Additional Score* >= 3.20


For Candidates with 3 Years and More of Experience:

Weighted Graduation Average + (10,000 / University Placement Exam Ranking) + 5*[1 / (1 + e^(5 - years of experience) ) ] + Additional Score* >= 3.20

*Candidates who have achieved rankings and awards in national and international competitions will receive an additional score of 0.3.


Competence Centers

Candidate Researcher

Students in the 3rd and 4th years of relevant engineering departments at universities can apply to our Part-Time Candidate Researcher positions through our Job Application System at By doing so, they can gain work experience at TÜBİTAK BİLGEM during their university years.

This program does not have an end date. Candidate Researcher personnel working part-time during their university period can seamlessly transition to full-time employment as Researcher personnel at TÜBİTAK BİLGEM without interrupting their career journey after graduating from the undergraduate program.

Application Conditions

Conditions for the Candidate Researcher Program:

  • Being a 3rd or 4th-year student in the relevant departments specified in the announcements at universities.
  • Foreign language proficiency: Achieving appropriate scores in the exam types specified in the announcement or studying in a program that is 100% in English for undergraduate education.
  • Satisfying the formula score:

Weighted Graduation Average + (10,000/University Placement Exam Ranking) + Additional Score* >= 3.20

*Candidates who have achieved rankings and awards in national and international competitions will receive an additional score of 0.3.


Discover institutes laboratories technologies products projects of BİLGEM.


TÜBİTAK BİLGEM builds its basic strategy for the future on qualified knowledge and qualified people focused on national targets in the research, technology development and innovation ecosystem.

Starting from the understanding that "the most important resource of a country is generally people, specifically scientists," TÜBİTAK encourages and supports our youth from an early age. In this context, providing young minds with early exposure to technology production is crucial for the success of our National Technology Move. Accordingly, TÜBİTAK BİLGEM offers internship opportunities to undergraduate students from universities every year.

You can follow internship announcements and submit your applications through the Career Gateway at

You can access frequently asked questions about internships at TÜBİTAK BİLGEM from here. 

Application Conditions
  • Students enrolled in undergraduate (2nd year and above) and associate degree programs in departments offering education in universities and conducting insurance procedures through the higher education institution to which they are affiliated can benefit from the internship opportunity.
  • For undergraduate and associate degree students, a minimum Weighted Grade Point Average (GPA) of 2.50 out of 4 is required. The GPA of candidates with a 100-point system is converted to a 4-point system based on the "Conversion Table of Grades from the 4-Point System to the 100-Point System" published by the Higher Education Council.
  • There is no requirement for a foreign language certificate during the internship application process.
  • Students enrolled in departments such as Forensic Computing Engineering, Computer Sciences, Computer Science and Engineering, Computer Engineering, Computer and Informatics, Computer and Software Engineering, Information Systems Engineering, Electrical and Electronics Engineering, Control Engineering, Control and Computer Engineering, Control and Automation Engineering, Mechanical Engineering, Mechatronics Engineering, Telecommunication Engineering, or Software Engineering in universities can apply for internships.

Internship applications are accepted between December and January, and the internship period covers June, July, and August.



Scholar assignments are made for research and development activities for undergraduate, master's, doctoral students, and post-doctoral researchers. In our center, scholars are appointed for practical purposes in externally funded, TARAL, or European Union projects.

You can contact us via the email address to apply to be a scholar.
Application Conditions

(1) The conditions for undergraduate scholars in externally funded projects conducted by the institution are specified below:

  •  Being a student continuing undergraduate education at higher education institutions established in Turkey (excluding foreign language preparatory students).
  • Having a weighted cumulative GPA for previous years, excluding preparatory years, based on the university's grading system, which satisfies the formula score and foreign language requirements in the recruitment criteria.
  • Completing at least the first semester of the first year of undergraduate education.
  • Having a GPA of "+3.00" and a University Placement Exam Ranking of "10,000 ≥" for undergraduate general average.
  • For foreign students placed in Turkish universities without taking the ÖSYM exam or for those who completed undergraduate education through exams such as Vertical Transfer Exam, the lowest university placement ranking of the department from the year the candidate started the undergraduate program is considered in the ranking formula.

(2) The conditions for master's degree scholars in externally funded projects conducted by the institution are specified below:

  • Being a student continuing master's degree education at higher education institutions established in Turkey (excluding special students and foreign language preparatory students).
  • Currently pursuing a master's degree in the project's field of responsibility.

(3) The conditions for doctoral students in externally funded projects conducted by the institution are specified below:

  • Being a student continuing doctoral education at higher education institutions established in Turkey (excluding special students and foreign language preparatory students).
  • Currently pursuing a doctorate in the project's field of responsibility or conducting a doctorate in areas determined within the framework of the YÖK-TÜBİTAK Doctoral Program Project Collaboration Protocol. (Students in medical specialization and artistic proficiency are accepted as doctoral students.)

MILSEC 4 - Secure IP Terminal


While the MİLSEC-4 terminal offers an up-to-date solution for next-generation secure communication (voice, data and video) in IP networks, it provides an uninterrupted communication service by maintaining the compatibility of secure voice communication in PSTN networks with PSTN secure phones in use.

Configuration, surveillance and software update processes of MILSEC-4 terminals are carried out securely remotely using the Security Management Center (GYM). MİLSEC-4 terminal is capable of IP Network Key Loading (IPAAY) through secure communication with GYM without the need for an additional device.

MİLSEC-4 terminals are interoperable with MİLSEC-1A and MİLSEC-2 phones and offer the opportunity to replace MİLSEC-1A and MİLSEC-2 phones without interruption in the gradual transformation of PSTN networks to next generation IP networks.


  • End-to-end secure voice communication in PSTN networks
  • End-to-end secure voice, image and data transmission in IP networks
  • NATO SCIP compliance on IP networks
  • Compatibility with commercial SIP products
  • Interoperability with MILSEC1A and MILSEC2 secure phones
  • National and AES crypto algorithms
  • Remote software update
  • Easy operation with touch screen

It is subject to the sales license to be given by the Ministry of National Defense.