PhD position on Software Security
Uppsala University is a comprehensive research-intensive university with a strong international standing. Our mission is to pursue top-quality research and education and to interact constructively with society. Our most important assets are all the individuals whose curiosity and dedication make Uppsala University one of Sweden’s most exciting workplaces. Uppsala University has 44.000 students, 7.100 employees and a turnover of SEK 7 billion.
The Department of Information Technology has a leading position in research and education. TheDepartment currently has about 280 employees, including 120 teachers and 110 PhD students. More than 4000 students study one or more courses at the department each year.
Subject area and Duties: The topic for the PhD position is techniques for software security. Central topics are techniques for, detecting and removing bugs security vulnerabilities in software, and techniques for verifying and analyzing software and protocols for security properties. Since bugs and vulnerabilities in software can lead to huge damages when exploited, it is important that software components are bug-free and correctly implement security services.
Techniques that the positions will focus on include testing using fuzzing, taint analysis, model learning, program analysis, formal verification, symbolic execution supported by constraint solving and SMT. Among the goals is to significantly extend the power and scalability of such techniques to real-world code bases; examples of foreseen applications include to analyze the widely-used Contiki OS for IoT, as well as implementations of widely used security protocols, such as TLS and DTLS.
Research environment: The positions are funded by recent five-year grants from SSF that bring together several research groups at Uppsala University (Bengt Jonsson, Parosh Abdulla, Mohammed Faouzi Atig, Philipp Ruemmer, Kostis Sagonas, Wang Yi) that are world-renowned in the fields of automated verification, programming language implementation, and testing. Past contributions include the UPPAAL model checker, high-impact techniques and tools for testing and verification of multithreaded software, including Concuerror and Nidhugg, and the native-code compiler and several tools for the Erlang programming language. Members received the CAV (Computer-Aided Verification) Award, the most prestigious academic award in the area, both in 2013 (Wang Yi) and in 2017 (Parosh Abdulla and Bengt Jonsson). The work is performed in collaboration with partners at RISE SICS (Luca Mottola, Thiemo Voigt) that contribute to developing the ContikiOS, and the SICS Security lab (Shahid Raza).
Requirements: The candidate should have a Master of Science in Computer Science, Computer Engineering, or equivalent, in a field which is relevant for the work. We expect the candidate to be fluent in verbal and written English.
It is helpful to have a good background in some of the fields of testing, security, program analysis, compiler techniques, model checking, formal verification, software engineering, and similar, as well as to be proficient in implementing non-trivial algorithms.
The position is for a maximum of five years and includes departmental duties at a level of at most 20% (typically teaching) as well as taking graduate courses. The candidate will be expected to teach in English or Swedish.
For more information click "LINK TO ORIGINAL" below.