<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p><font size="+1"><tt>[Our apologies if you receive multiple copies of this message]</tt></font><br>
</p>
<p><font size="+1"><tt><br>
The Software Technology Division of the Computer Science and<br>
Engineering Department, Chalmers University of Technology is hiring:<br>
<br>
- 1 PhD student in Programming Language-based Security<br>
<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.chalmers.se/en/about-chalmers/vacancies/?rmpage=job&rmjob=4389">
http://www.chalmers.se/en/about-chalmers/vacancies/?rmpage=job&rmjob=4389</a><br>
<br>
- 1 PhD student in Language-based Security using Functional Programming<br>
<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.chalmers.se/en/about-chalmers/vacancies/?rmpage=job&rmjob=4391">
http://www.chalmers.se/en/about-chalmers/vacancies/?rmpage=job&rmjob=4391</a><br>
<br>
PhD student positions are for up to five years of full-time employment;<br>
normally, 20% of the time is allocated to departmental work (mainly teaching<br>
duties). The salary for the positions is as specified in Chalmers's general<br>
agreement for PhD student positions.<br>
<br>
* Application deadline: 30 November 2016.<br>
* Expected starting date: preferably early 2017.<br>
<br>
-------------------------------------------------------------<br>
1 PhD student position in Programming Language-based Security<br>
-------------------------------------------------------------<br>
Increasingly, security flaws in applications arise due to software errors.<br>
Programming Language-based Security is a domain in which we strive to enhance<br>
security of software application by looking at properties of programming<br>
languages.<br>
<br>
In the Paragon project, we focus on achieving security of software through the<br>
construction and use of a dedicated, statically security-typed programming<br>
language. The language Paragon is an extension of Java (implemented in Haskell),<br>
adding a type system for information flow control based on an expressive<br>
calculus for security policies we have developed.<br>
<br>
The position focuses on improving and extending the applicability of Paragon to<br>
practical programming domains. Of particular interest is the Android operating<br>
system, where we envision the construction of a secure, information-flow aware<br>
app infrastructure.<br>
<br>
Research opportunities include:<br>
* applying Paragon to case studies in specific software domains, in particular<br>
the domain of Android apps.<br>
* investigating the interaction of information flow and particular language<br>
features such as concurrency or typestate;<br>
* applying the principles behind Paragon to other programming languages and<br>
paradigms;<br>
* proving mathematical properties of type systems;<br>
<br>
The ideal applicant has a strong working knowledge in programming language<br>
technology, including type systems, static analysis, and formal semantics; and<br>
also in functional programming, as well as a broad interest in programming<br>
languages and paradigms in general. Prior knowledge of software security or<br>
Android programming are useful but not essential.<br>
<br>
To read more about the Paragon project, see the project website<br>
(<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.cse.chalmers.se/research/group/paragon/">http://www.cse.chalmers.se/research/group/paragon/</a>). We recommend in particular<br>
the interactive tutorial<br>
(<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://cse-212294.cse.chalmers.se/research/paragon/tutorial/">http://cse-212294.cse.chalmers.se/research/paragon/tutorial/</a>).<br>
<br>
This position will be supervised by Prof. Niklas Broberg and Prof. David Sands.<br>
<br>
------------------------------------------------------------------------------ 1<br>
1 PhD student position in Language-based Security using Functional Programming<br>
------------------------------------------------------------------------------<br>
The position focuses on developing techniques to protect confidentiality and<br>
integrity of users' data when manipulated by third-party code (i.e., code<br>
written by someone else) -- a pressing problem for the web as well as mobile<br>
platforms. We expect functional programming to play an important role addressing<br>
this challenge. In this direction, researchers at Chalmers have been responsible<br>
for developing some of the state-of-the-art tools for protecting users' sensitive<br>
data in Haskell programs (e.g., LIO <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://hackage.haskell.org/package/lio">
https://hackage.haskell.org/package/lio</a> and<br>
MAC <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://hackage.haskell.org/package/mac">
https://hackage.haskell.org/package/mac</a>).<br>
<br>
It is expected that the work carried out by the applicant ranges from<br>
establishing new theoretical foundations to deploying prototypes in realistic<br>
systems. We are looking for candidates with strong background in programming<br>
languages who are also interested in building systems using their ideas. The<br>
candidate is expected to pursue one or more of the following topics:<br>
<br>
* Combining type-systems features and dynamic analysis to secure functional<br>
languages, where the main target is Haskell programs.<br>
* Leveraging hardware-level security components (e.g, Intel SGX and ARM<br>
TrustZones) to provide security in depth, where private data can be protected<br>
from the application level down to the low-level physical layers by the use of,<br>
for instance, foreign function calls.<br>
* Design of secure web frameworks to control the flow of information in an<br>
end-to-end fashion, i.e., at the server side as well as in web browsers. We<br>
envision the creation of secure web frameworks based on functional reactive<br>
programming (FRP).<br>
<br>
As an introduction to the research area, applicants are recommended to read the<br>
article Functional Pearl: Two can keep a secret if one of them uses Haskell<br>
(<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.cse.chalmers.se/%7Erusso/publications_files/pearl-russo.pdf">http://www.cse.chalmers.se/~russo/publications_files/pearl-russo.pdf</a>).<br>
<br>
This position will be supervised by Prof. Alejandro Russo<br>
(<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.cse.chalmers.se/%7Erusso/">http://www.cse.chalmers.se/~russo/</a>)</tt></font></p>
</body>
</html>