Home   /   Our Competencies  /   E-ID Technologies

BİLGEM

E-ID Technologies

national-id-card

National Identity Card / TR & TRNC Identity Card

  • Visual authentication:
    Photograph, wet signature, guilloche, rainbow print, MLI, micro text, raster print, charm, relief print, optical variable ink, ultraviolet ink and OVD/DOVID
  • Electronic authentication:
    Electronic certificate, digital photo, PIN
  • Biometric verification:
    Fingerprint, finger vein print, hand palm print
  • Ability to upload Qualified Electronic Certificate (QC) and private key
  • ISO/IEC 7816-3 compliant contact communication
  • ISO/IEC 7816-4, 8, 9 compliant instruction set
  • AES-256 secure messaging
  • Get hashes (SHA-1, SHA-256, SHA-384, SHA-512)6
  • Card Verifiable Certificate (CVC) support
  • Role-based access control mechanism
  • True Random Number Generator (TRNG)
  • RSA digital signing, decryption and certificate validation1
  • Generating RSA key pair2
  • ECDSA signing (ECC 128 – 640 bit range)3
  • ECC key pair generation (ECC 128 – 640 bit range)3
  • Symmetric encryption/decryption (DES3, AES-128, AES-192, AES-256)3
  • Cryptographic integrity calculation (DES3 MAC/CMAC/RetailMAC, AES MAC/CMAC)3
  • Common Criteria (CC) EAL 4+ security level
  • Multi-chip support4
    • UKTUM-H v7.01
    • Infineon SLE78CFX2400P
    • NXP P71D320P, P71D352B
  • Standards compliance
  • ICAO 9303
  • ISO/IEC 14443-3, 4 compliant contactless communication
  • ISO/IEC 7816-4, 8, 9 compliant instruction set
  • ICAO Technical Report Supplemental Access Control for MRTDs
  • BSI TR-03110 (for EAC)
  • BSI TR 03111
  • Compatible with ICAO LDS 1.7 data structure
  • Basic Access Control (BAC)
  • Active Authentication (AA)
    • RSA (up to 2048 bit): SHA-1, SHA-256, SHA-384, SHA-512
    • ECC (up to 521 bit): SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
  • Supplemental Access Control (SAC)
    • PACE v2
    • MRZ and CAN support
    • Generic Mapping and Integrated Mapping support
    • ECDH (Brainpool curves up to 512 bits)
    • DH (1024 bits, 2048 bits)
  • Extended Access Control (EAC)
    • EAC v1 (CA v1, TA v1)
    • RSA (up to 3072 bit): SHA-1, SHA-256, SHA-512
    • ECC (up to 521 bit): SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
  • Contactless Communication
    • ISO/IEC 14443-3, 4 Type-A
    • 424/848 kbps communication speed
  • Secure Communication
    • DES3
    • AES-128, AES-192, AES-256
  • Common Criteria (CC) security level
    • CC EAL 4+ for BAC (ALC_DVS.2)
    • CC EAL 5+ for SAC & EAC (ALC_DVS.2, AVA_VAN.5)
  • Multi-chip support7
    • Infineon SLE78CLFX3000P, SLE78CLFX4000P, SLE78CLFX308AP, SLE78CLFX408AP
    • NXP P71D320P

 

[1] RSA 1024 – 2816 bit range is supported for AKiS v2.5, only RSA 1024 and 2048 bits are supported for AKiS v2.2.

[2] RSA 1024 – 2816 bit range is supported for AKiS v2.5, only RSA 2048 bit is supported for AKiS v2.2.

[3] Only supported in AKiS v2.5.

[4] Chips have at least CC EAL 5+ security assessment certification.

[5] These are the features of AKiS TRAVEL.

[6] Only SHA-1 and SHA-256 are supported for AKiS v2.2.

[7] Chips have at least CC EAL 6+ security assessment certification.

GGM - Embedded Security Module

 The Embedded Security Module has been developed to be used in security applications such as secure storage of passwords, access control and authentication on tablet computers, mobile phones and similar devices. The security module, which uses the UKTUM-Hv7.0 integrated circuit with the common criterion EAL5+ security level, constitutes a reliable national option in terms of functionality, performance and price.

The Embedded Security Module, which is used in the production of tablet computers with its QFN type cover, implements the authentication function that allows only authorized persons to access the data stored on the tablet computer.

  • Microprocessor: based on 8051 (Internal memory: 256 B)
  • Flash memory: Total 192 Kb
  • 64 Kb ROM and 128 Kb data memory or
  • It can be defined as 128 Kb ROM and 64 Kb data memory.
  • SRAM: 8Kb
  • Interface: Compliant with ISO/IEC 7816 standard
  • Hardware crypto support resistant to side-channel analysis:
  • DES and 3-DES coprocessor
  • AES256 coprocessor
  • RSA1024 and RSA2048 coprocessor
  • RSU: Physical random number generator that generates real random numbers in accordance with the FIBS-140-2 standard
  • Security: Common Criteria EAL5+ certification
  • Safety sensors: High-low supply voltage/clock frequency/temperature detection
  • Protection of the IC surface against attacks with an effective shield
  • Detecting laser and bug attacks
  • Precautions against side channel analyzes
akis-pki

AKIS PKI

AKiS operating system has been developed in accordance with ISO/IEC 7816 standards and has PKI features. AKİS v2.2, v2.5 and v2.6 versions can be used in user login (login), digital signature and similar PKCS#11 applications if they are customized with PKCS#15 data structure.

  • ISO/IEC 7816-3 compliant contact communication
  • ISO/IEC 7816-4, 8, 9 compliant instruction set
  • AES-256 secure messaging
  • Get hashes (SHA-1, SHA-256, SHA-384, SHA-512)8
  • Card Verifiable Certificate (CVC) support2
  • Role-based access mechanism
  • True Random Number Generator (TRNG)
  • RSA digital signing and decryption operations2
  • Generating RSA key pair3
  • ECDSA signing (ECC 128 – 640 bit range)4
  • ECC key pair generation (ECC 128 – 640 bit range)4
  • Cryptographic integrity calculation (DES3 MAC/CMAC/RetailMAC, AES MAC/CMAC)4
  • Symmetric encryption/decryption (DES3, AES-128, AES-192, AES-256 : CBC, ECB, GCM)5
  • WRAP / UNWRAP Key6
  • ECDH Key Derivation6
  • Session based Symmetric Key generation6
  • Session based ECC Key Pair generation6
  • Common Criteria (CC) EAL 4+ security level
  • Multi-chip support7
  • UKTUM-H v7.01
  • Infineon SLE78CFX2400P
  • NXP P71D320P, P71D352P

 

1Driver support for PKCS#11 applications (PKCS#11 and Minidriver).
2RSA 1024 – 2816 bit range is supported for AKiS v2.5 and RSA 1024 – 2688 bit range for AKiS v2.6, only RSA 1024 bits and 2048 bits are supported for AKiS v2.2.
3RSA 1024 – 2816 bit range is supported for AKiS v2.5 and RSA 1024 – 2688 bit range is supported for AKiS v2.6, only RSA 2048 bit is supported for AKiS v2.2.
4 Supported in AKiS v2.5 and v2.6.
5Supported in AKiS v2.5 and v2.6; CBC and ECB modes are supported in v2.5 and v2.6, while GCM (Galois Counter Mode) mode is only supported in v2.6.
6Only supported in AKiS v2.6.
7The chips have at least CC EAL 5+ security assessment certification.
8Only SHA-1 and SHA-256 are supported for AKiS v2.2.

AKİS GEZGİN E-Passport

AKiS GEZGiN E-Passport application has been developed in accordance with ICAO 9303 standards. Thanks to the Basic Access Control (BAC) and Supplemental Access Control (SAC) features, the information on the contactless chip can only be read with secure communication, and the passport is prevented from being copied thanks to the Active Authentication feature. In addition, with the EAC feature, personal biometric data is protected by using CVC certificates, only authorized countries can access this data.

Logical Data Structure (LDS) 1.7 is supported in AKiS GEZGiN E-Passport application and there can be a maximum of 11 data groups1 (DG1–DG11). Of these, the identification of DG1 with MRZ data is mandatory, while the identification of other data sets is optional.1 data group (DG1 – DG11) can be found. Of these, the identification of DG1 with MRZ data is mandatory, while the identification of other data sets is optional.

1 More data groups can be defined in AKiS GEZGiN v2.0.

ICAO LDS 1.7 Basic Access Control (BAC)
  • Active Authentication (AA)RSA (up to 2560 bits)6: SHA-1, SHA-256, SHA-384, SHA-512
  • ECC (up to 521 bit): SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
Supplemental Access Control (SAC)
  • PACE v2
  • MRZ, CAN and PIN2 support
  • Generic Mapping and Integrated Mapping support
  • ECDH (Brainpool curves up to 512 bits)
  • DH (1024 bits, 2048 bits)
 Extended Access Control (EAC)
  • EAC v1 (CA v1, TA v1)3
  • RSA (up to 3072 bit): SHA-1, SHA-256, SHA-512
  • ECC (up to 521 bit): SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
Contactless Communication
  • ISO/IEC 14443-3, 4 Type A
  • 424/848 kbps communication speed
Secure Communication
  • DES3
  • AES-128, AES-192, AES-256
Common Criteria (CC) Security Level
  • CC EAL 4+ for BAC (ALC_DVS.2)
  • CC EAL 5+ for SAC & EAC (ALC_DVS.2, AVA_VAN.5)
Multi-Chip Support4
  • Infineon SLE78CLFX3000P, SLE78CLFX308AP, SL78CLFX4000P and SLE78CLFX408AP
  • NXP P71D320P and P71D352P5
Standard Compliance
  • ICAO 9303
  • ISO/IEC 14443-3, 4
  • ISO/IEC 7816-4, 8, 9
  • ICAO Technical Report Supplemental Access Control for MRTDs
  • BSI TR-03110 (for EAC)
  • BSI TR 03111
 

BASIC ACCESS CONTROL (BAC)
It is the mechanism that provides access to the data in the contactless chip by an authorized terminal and ensures that the messaging between the terminal and the contactless chip is done securely. It enables the generation and verification of session keys and initiation of secure messaging by optically reading the MRZ (Machine Readable Zone) or CAN (Card Access Number) information printed on the e-Passport.

EXTENDED ACCESS CONTROL (EAC)
It enables to update secure session keys with Chip Authentication (EAC – CA) and to control access to biometric data groups (DG3: fingerprint, DG4: iris) in the chip by using role-based certificates with Terminal Authentication (EAC – TA).

ACTIVE AUTHENTICATION
It prevents making an exact copy of the e-Passport chip.

SUPPLEMENTAL ACCESS CONTROL (SAC)
It is a mechanism that enables the creation of more secure and stronger session keys than BAC, thanks to Diffie - Hellman key generation protocols (DH/ECDH).  

2 PIN support is available in AKiS GEZGiN v2.0.
3 A maximum of 32 roles can be used in AKiS GEZGiN v2.0.
4 The chips have CC EAL 6+ security evaluation certification.
5 Compatible with AKiS GEZGiN v2.0.
6 For AKiS GEZGiN v1.x, RSA is supported up to 2048 bits.
epassport
esrc

AKİS GEZGİN E-Driver's License

AKiS GEZGiN E-Driver's Licence application has been developed in compliance with ISO/IEC 18013 standards (ISO/IEC 18013-3:2009 and ISO/IEC 18013-3:2017). Thanks to the Basic Access Protection (BAP) feature, the information on the contactless chip can only be read with secure communication, and the Active Duplication feature prevents the driver's licence from being copied. Extended Access Protection (EAP) feature (ISO/IEC 18013-3:2009 compliance) protects all files (DG1 - DG24) and Extended Access Control (EAC) feature (ISO/IEC 18013-3:2017 compliance) protects personalised biometric data files (DG7 and DG8). EAP/EAC ensures that only authorised readers can access these data groups.

In the application of AKiS GEZGiN E-Driver's License, a total of 24 data groups (DG1 – DG24) can be found for ISO/IEC 18013-3:2009 compliance, and a total of 14 data groups (DG1 – DG14) for ISO/IEC 18013-3:2017 compliance; The definition of DG1, which includes the demographic data of the document holder and the vehicle category, restrictions and conditions, is mandatory, while the definition of other data groups is optional.2

1 Personalized AKiS GEZGiN cards can only support one of the ISO/IEC 18013-3:2009 and ISO/IEC 18013-3:2017 standards, depending on customization.

2More data groups can be defined in AKiS GEZGiN v2.0.

ISO/IEC 18013 LDS Basic Access Protection (BAP) Active Authentication (AA)
  • RSA (up to 2560 bits)7: SHA-1, SHA-256, SHA-384, SHA-512
  • ECC (up to 521 bit): SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
Extended Access Protection (EAP)
  • ISO/IEC 18013-3:2009
  • RSA (up to 3072 bit): SHA-1, SHA-256, SHA-512
  • ECC (up to 521 bit): SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
Supplemental Access Control (SAC)
  • PACE v2
  • MRZ, SAI and PIN3 support
  • Generic Mapping support
  • ECDH (Brainpool curves up to 512 bits)
Extended Access Control (EAC)
  • ISO/IEC 18013-3:2017
  • EAC v14
  • ECC (up to 521 bit): SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
Contactless Communication
  • ISO/IEC 14443-3, 4 Type-A
  • 424/848 kbps communication speed
Secure Communication
  • DES3
  • AES-128, AES-192, AES-256
Common Criteria (CC) security level
  • CC EAL 4+ (ALC_DVS.2) for BAP Config 1
  • CC EAL 5+ for SAC & EAC (ALC_DVS.2, AVA_VAN.5)
Multi-Chip Support 5
  • Infineon SLE78CLFX3000P, SLE78CLFX308AP, SLE78CLFX4000P, SLE78CLFX408AP
  • NXP P71D320P, P71D352P 6
Standard Compliance
  • ISO/IEC 18013-3
  • ISO/IEC 14443-3, 4
  • ISO/IEC 7816-4, 8, 9
  • BSI TR-03110 (for EAC)
  • BSI TR 03111


BASIC ACCESS PROTECTION (BAP)
It is the mechanism that provides access to the data in the contactless chip by an authorized terminal and ensures that the messaging between the terminal and the contactless chip is done securely. It enables the generation and verification of session keys and initiation of secure messaging by optically reading the SAI (Scanning Area Identifier) information printed on the E-Driver's License or entering it by the operator.

EXTENDED ACCESS PROTECTION (EAP)
It enables to update secure session keys with Chip Authentication (EAP - CA) and to control access to all data groups in the chip by using role-based certificates with Terminal Authentication (EAP - TA).

EXTENDED ACCESS CONTROL (EAC)
It allows updating secure session keys with Chip Authentication (EAC – CA) and controlling access to optional signature and biometric data groups in the chip using role-based certificates with Terminal Authentication (EAC – TA).

ACTIVE AUTHENTICATION
It prevents making an exact copy of the e-Driving License chip.

SUPPLEMENTAL ACCESS CONTROL (SAC)
It is a mechanism that enables the creation of more secure and stronger session keys than BAC, thanks to Diffie - Hellman key generation protocols (DH/ECDH).



3 PIN support is available in AKiS GEZGiN v2.0.
4A maximum of 32 roles can be used in AKiS GEZGiN v2.0.
5 Valid for AKiS GEZGiN v2.0.
6 The chips have CC EAL 6+ security evaluation certification.
7 For AKiS GEZGiN v1.x, RSA is supported up to 2048 bits.

AKIS TICKET

AKiS Ticket is a CIPURSE1 based, contactless smart card product running on the Smart Card Operating System (AKIS) developed nationally by TÜBİTAK BİLGEM, a member of the OSPT Alliance. AKiS TICKET is designed to be used as a payment tool in electronic fare collection systems, especially in the field of transportation, due to the advanced security infrastructure it provides and the open standards it is based on. It is also the first domestic smart card solution in contactless card applications such as access authorization control and parking systems.

 

1 CIPURSE open specifications are published by the OSPT Alliance.

KEY FEATURES

  • Contactless data rate up to 848 kbps
  • 13.56MHz operating frequency
  • ISO / IEC 14443-4 compliant
  • ISO/IEC 7816 compliant file system
  • ISO / IEC 7816-4 and ISO/IEC 7816-9 compliant APDU instruction set2
  • 8 app support2
  • Support for 32 files per application2
  • Binary File, Linear Record Type, Rotary Record Type, Value Record Type Files
  • Consistent Transaction mechanism3
  • Multiple App support

SAFETY FEATURES

  • Hardware platform with CC EAL 6+ security level
  • True Random Number Generator (TRNG)
  • AES-1284, 128-bit forward encryption mechanism
  • 8 AES-128 security keys for each application
  • Flexible key management structure
  • Built-in protection mechanism against Differential Power Analysis (DPA) attacks
  • Built-in protection mechanism against Differential Fault Analysis (DFA) attacks
  • ISO / IEC 9798-2 based Mutual Authentication (Mutual Authentication, AES-128)
  • Secure Messaging modes based on ISO/IEC 7816-4 (Plain, AES MACed, AES ENCed)
  • Data integrity protection
  • File-based Access Authorization and Secure Messaging

SCOPE OF APPLICATION

  • E-Ticket applications
  • Personnel attendance control systems
  • Access authorization control systems
  • Parking systems
  • Libraries
  • Health, welfare, loyalty, etc. card apps

CIPURSE OPEN STANDARDS

CIPURSE open standards provide a proven technology infrastructure built on ISO/IEC 7816, ISO/IEC 14443 standards and AES-128 to provide secure, flexible and standardized electronic toll collection solutions.

INDEPENDENT TECHNOLOGY

Platform independent: CIPURSE technology can be implemented on any smart card chip that meets all specifications, as well as an applet on NFC SIM cards or JavaCards.

Supplier independent: CIPURSE technology was developed not as a specific manufacturer's solution, but as a standard and open technology that anyone can implement. Today, many companies, including TÜBİTAK, produce CIPURSE products and the number of these companies is increasing.

Card reader standalone: No changes are required in existing card readers in order to communicate with CIPURSE cards. CIPURSE technology can be used in all smart card readers that comply with ISO/IEC 14443 Type A L4 standards.

 

2 Applies to CIPURSE T Profile only.

3 A mechanism that prevents possible data corruption that may occur in communication problems by ensuring that the data to be written to the card is written at once and completely.

4 AES, Advance Encryption Standard, ISO / IEC 18033-3:2010 & FIPS 197.

ticket
kys

KYS - Card Management System

KYS is a set of applications that can manage the entire life cycle of identity cards, driver's licenses, passports and similar documents.

Due to its modular structure, KYS can offer solutions suitable for different needs. Different solutions can be produced according to the needs of the institution from the inventory, reporting, personalization and registration modules in the KYS.

KYS has safely met the needs of many medium and large-scale organizations until today.

  • Server: Independent of platform and database management system. It easily integrates into external systems with web-services. It provides role-authorization-based access and redundancy support and implements all business logic in the customization process.
  • Smart Card: Compatible with National Smart Card Operating System (AKIS) and JCOP. It has integration with identity, passport and driver's license applications.
  • Security: It has the features of authorization-based access, secure storage of sensitive data, SSL connection between terminals, electronic signed transaction records and card access to the system.
  • PKI: Works integrated with the National Public Key Infrastructure (MA3).
  • Role-based authorization

PERSONALIZATION

  • Creating an application package
  • Application package management
  • Application package personalization
  • Quality control
  • Integration with industrial and desktop customization machines
  • Chip coding with contact and contactless interfaces of cards
  • Terminal and user management
  • Announcement management

REGISTRATION

  • Application registration
  • Card and application status tracking
  • Mobile (online/offline) application registration
  • Obtaining biometric registration in accordance with standards

REPORTING

  • Card based reporting
  • Machine based reporting
  • Reporting by transaction records
  • Parametric query options
  • Ability to produce output in PDF, MS Excel and MS Word formats

INVENTORY

  • Serial numbered / unnumbered card entries can be made
  • Card return, cancellation and destruction processes
  • Distributing cards in the personalization environment
  • End of day transactions
  • Safe pickup and delivery
  • Card status summary notification

EKDS - Electronic Authentication System

While performing the service, it confirms whether the people who participate in the service and want to benefit from the service are really the people they claim.

ELECTRONIC AUTHENTICATION SYSTEM COMPONENTS

ELECTRONIC ID CARD

It is a smart identity card used for personal identity verification in order to benefit from the services offered by public service institutions.

CARD ACCESS DEVICE

The Card Access Device (KEC) is one of the terminal devices of EKDS and is used to verify that the ID card is issued by the authorized institution for applications that serve in the electronic environment and that the card really belongs to the holder.

AUTHENTICATION SERVER

It is the server where the authenticity of the authentication notifications created by KEC is checked.

AUTHENTICATION POLICY SERVER

The authentication process is carried out in accordance with the policies determined by each institution depending on the services it offers. While some institutions find only the card password (PIN) sufficient, some institutions may request verification with both the card password and biometrics. Institutions' authentication policies are defined on this server.

INTERFACE APPLICATION SOFTWARE

The integration of the software used by the institutions into EKDS is carried out through interface application software. Interface applications can be a desktop application [Automation Software Interface (OYA/WIA)] or an application running on a server [Security Services Platform (GSP)].

AUTHENTICATION FACTORS

  • Physical verification
  • Secure messaging
  • Electronic certificate
  • Password (PIN code)
  • Biometrics
  • Digital photography
ekds
bit

GEM - Secure Access Module

GEM is the security module of the Card Access Device (it performs the cryptographic operations of the Card Access Device), which is designed to be able to validate the Turkish ID card and electronically verify the cardholder for applications serving in the electronic environment. By means of GEM, data fields such as the biometric data of the card holder can be accessed and read/written in these fields. In addition, by using the certificates and keys in GEM, secure communication is made with the Turkish identity card. In short, GEM is a module that enables citizens to use the Card Access Device securely and thus to have their identity information verified electronically in a secure manner.

  • Communicate with ISO 7816 (contact) standard message sets
  • ISO 7816 instruction set support
  • Secure messaging
  • Symmetric and asymmetric encryption methods (3DES, RSA, AES)
  • Original file and memory management system
  • Structured security architecture and security key management
  • Role-based access
  • PKCS11, CSP support
  • Has CC EAL4+ security certification
  • Compatible with UKTUM, Infineon and NXP chips
sge

(SGE) Cyber Security Institute

The Cyber Security Institute, which was established to carry out studies to increase the national cyber security capacity, carries out research and development activities in the field of cyber security; carries out solutions-oriented projects for military institutions, public institutions and organizations and the private sector.

The main fields of activity of our institute, which has made a significant contribution to the creation of cyber security knowledge and tactical infrastructure in our country with many successful projects to date, are secure software development, penetration tests and vulnerability analysis.

6-yze card logo

(IZE) Artificial Intelligence Institute

Artificial Intelligence Institute is the first institute established within the scope of TUBITAK centers and institutes, which cuts the sectors and research fields horizontally and focuses directly on the emerging technology field. For this reason, it constitutes an innovative model in terms of both the open innovation and co-development approach of the institute and its focus on emerging technology.

Artificial Intelligence Institute aims to develop core technologies in the field of artificial intelligence and bring these innovations from the forefront of science to the use of the industry as soon as possible. Focusing on the transformative potential of artificial intelligence, it will continue to play its part in pioneering efforts to create and sustain artificial intelligence-based innovation, growth and productivity in Turkey. Working with industry and public institutions in Turkey, together with other organizations within the artificial intelligence ecosystem, spreading the use of artificial intelligence and increasing the workforce specialized in this field are among its primary goals.

Discover institutes laboratories technologies products projects of BİLGEM.

Discover institutes laboratories technologies products projects of BİLGEM.

Intern

TÜBİTAK BİLGEM builds its basic strategy for the future on qualified knowledge and qualified people focused on national targets in the research, technology development and innovation ecosystem.

Starting from the understanding that "the most important resource of a country is generally people, specifically scientists," TÜBİTAK encourages and supports our youth from an early age. In this context, providing young minds with early exposure to technology production is crucial for the success of our National Technology Move. Accordingly, TÜBİTAK BİLGEM offers internship opportunities to undergraduate students from universities every year.

You can follow internship announcements and submit your applications through the Career Gateway at https://kariyerkapisi.cbiko.gov.tr.

You can access frequently asked questions about internships at TÜBİTAK BİLGEM from here. 

Application Conditions
  • Students enrolled in undergraduate (2nd year and above) and associate degree programs in departments offering education in universities and conducting insurance procedures through the higher education institution to which they are affiliated can benefit from the internship opportunity.
  • For undergraduate and associate degree students, a minimum Weighted Grade Point Average (GPA) of 2.50 out of 4 is required. The GPA of candidates with a 100-point system is converted to a 4-point system based on the "Conversion Table of Grades from the 4-Point System to the 100-Point System" published by the Higher Education Council.
  • There is no requirement for a foreign language certificate during the internship application process.
  • Students enrolled in departments such as Forensic Computing Engineering, Computer Sciences, Computer Science and Engineering, Computer Engineering, Computer and Informatics, Computer and Software Engineering, Information Systems Engineering, Electrical and Electronics Engineering, Control Engineering, Control and Computer Engineering, Control and Automation Engineering, Mechanical Engineering, Mechatronics Engineering, Telecommunication Engineering, or Software Engineering in universities can apply for internships.

Internship applications are accepted between December and January, and the internship period covers June, July, and August.

intern-img-1

Scholar

Scholar assignments are made for research and development activities for undergraduate, master's, doctoral students, and post-doctoral researchers. In our center, scholars are appointed for practical purposes in externally funded, TARAL, or European Union projects.

You can contact us via the email address bilgem.yetenekkazanimi@tubitak.gov.tr to apply to be a scholar.
Application Conditions

(1) The conditions for undergraduate scholars in externally funded projects conducted by the institution are specified below:

  •  Being a student continuing undergraduate education at higher education institutions established in Turkey (excluding foreign language preparatory students).
  • Having a weighted cumulative GPA for previous years, excluding preparatory years, based on the university's grading system, which satisfies the formula score and foreign language requirements in the recruitment criteria.
  • Completing at least the first semester of the first year of undergraduate education.
  • Having a GPA of "+3.00" and a University Placement Exam Ranking of "10,000 ≥" for undergraduate general average.
  • For foreign students placed in Turkish universities without taking the ÖSYM exam or for those who completed undergraduate education through exams such as Vertical Transfer Exam, the lowest university placement ranking of the department from the year the candidate started the undergraduate program is considered in the ranking formula.

(2) The conditions for master's degree scholars in externally funded projects conducted by the institution are specified below:

  • Being a student continuing master's degree education at higher education institutions established in Turkey (excluding special students and foreign language preparatory students).
  • Currently pursuing a master's degree in the project's field of responsibility.

(3) The conditions for doctoral students in externally funded projects conducted by the institution are specified below:

  • Being a student continuing doctoral education at higher education institutions established in Turkey (excluding special students and foreign language preparatory students).
  • Currently pursuing a doctorate in the project's field of responsibility or conducting a doctorate in areas determined within the framework of the YÖK-TÜBİTAK Doctoral Program Project Collaboration Protocol. (Students in medical specialization and artistic proficiency are accepted as doctoral students.)
scholarship-img-1

Candidate Researcher

Students in the 3rd and 4th years of relevant engineering departments at universities can apply to our Part-Time Candidate Researcher positions through our Job Application System at kariyer.tubitak.gov.tr. By doing so, they can gain work experience at TÜBİTAK BİLGEM during their university years.

This program does not have an end date. Candidate Researcher personnel working part-time during their university period can seamlessly transition to full-time employment as Researcher personnel at TÜBİTAK BİLGEM without interrupting their career journey after graduating from the undergraduate program.

Application Conditions

Conditions for the Candidate Researcher Program:

  • Being a 3rd or 4th-year student in the relevant departments specified in the announcements at universities.
  • Foreign language proficiency: Achieving appropriate scores in the exam types specified in the announcement or studying in a program that is 100% in English for undergraduate education.
  • Satisfying the formula score:

Weighted Graduation Average + (10,000/University Placement Exam Ranking) + Additional Score* >= 3.20

*Candidates who have achieved rankings and awards in national and international competitions will receive an additional score of 0.3.

candidate-researcher-img-1

Researcher

By joining TÜBİTAK BİLGEM as a Researcher, you can contribute to developments in the fields of information technology, information security, and advanced electronics. You'll have the opportunity to make your mark on innovations, closely follow advancements, enhance your skills, and shape your future by advancing in your career.

You can apply to our currently open positions through the TÜBİTAK Job Application System .

Application Conditions

Conditions for Job Application:

  • Foreign language proficiency: Attaining appropriate scores in the exam types specified in the announcement or studying in a program that is 100% in English for undergraduate education.
  • Fulfilling specific requirements stated in the announcement (such as undergraduate department, years of experience, expertise, etc.).
  • Satisfying the formula score:

For Candidates with Less than 3 Years of Experience:

Weighted Graduation Average + (10,000 / University Placement Exam Ranking) + Additional Score* >= 3.20

 

For Candidates with 3 Years and More of Experience:

Weighted Graduation Average + (10,000 / University Placement Exam Ranking) + 5*[1 / (1 + e^(5 - years of experience) ) ] + Additional Score* >= 3.20


*Candidates who have achieved rankings and awards in national and international competitions will receive an additional score of 0.3.

researcher-img-1

MILSEC 4 - Secure IP Terminal

SAFE IP TERMINAL

While the MİLSEC-4 terminal offers an up-to-date solution for next-generation secure communication (voice, data and video) in IP networks, it provides an uninterrupted communication service by maintaining the compatibility of secure voice communication in PSTN networks with PSTN secure phones in use.
provides.

Configuration, surveillance and software update processes of MILSEC-4 terminals are carried out securely remotely using the Security Management Center (GYM). MİLSEC-4 terminal is capable of IP Network Key Loading (IPAAY) through secure communication with GYM without the need for an additional device.

MİLSEC-4 terminals are interoperable with MİLSEC-1A and MİLSEC-2 phones and offer the opportunity to replace MİLSEC-1A and MİLSEC-2 phones without interruption in the gradual transformation of PSTN networks to next generation IP networks.

FEATURES

  • End-to-end secure voice communication in PSTN networks
  • End-to-end secure voice, image and data transmission in IP networks
  • NATO SCIP compliance on IP networks
  • Compatibility with commercial SIP products
  • Interoperability with MILSEC1A and MILSEC2 secure phones
  • National and AES crypto algorithms
  • Remote software update
  • Easy operation with touch screen

It is subject to the sales license to be given by the Ministry of National Defense.