Postdoc in Secure Systems Design and Analysis based on the use of Trusted Computing Technologies

Tuesday 02 Jul 19

Apply for this job

Apply no later than 26 August 2019
Apply for the job at DTU Compute by completing the following form.

Apply online

The Cyber Security Section at DTU Compute conducts interdisciplinary research in most aspects of computer and information security, ranging from advanced cryptography and access control mechanisms, for ensuring secrecy and authentication in todays’ communications, to the design, analysis and implementation of novel protection mechanisms for enhanced security, privacy, trustworthiness, and reliability in numerous emerging IoT applications. Through methods such as applied cryptography, hardware enhanced security, modelling and security analysis of systems, and verification, we are building security into new technology, providing assurance to the user that they are interacting with a trusted platform. Our research focuses on cryptography; trusted computing; secure communications; privacy and authentication; and security verification – with applications in, e.g., automotive, future Internet and 5G, smart grid, healthcare, e Payment, etc.

Research field of the position
This position is part of the research project FutureTPM funded by the European Union as part of the H2020 programme. The goal of FutureTPM is to provide a new generation of (quantum-resistant) TPM-based solutions for ensuring long-term security, privacy and operational assurance in the complex domain of future ICT systems and services. The successful candidate will join the Cyber Security section for 12 months, working on the development and integration of advanced crypto algorithms in the Trusted Platform Module (TPM), the development of efficient mechanisms for verifying software- and device-integrity based on the use of trusted computing technologies and the vulnerability analysis of the TCG Software Stack (TSS) for accessing all the functions of the TPM.

Responsibilities and tasks
The goal of the postdoc project is to undertake a range of research activities within trusted computing and to investigate the design of novel cryptographic mechanisms and (remote, scalable) attestation protocols, based on the use of TPMs and other trusted components (i.e., Trusted Execution Environments (TEEs), Provable Unclonable Functions (PUFs), etc.) for providing enhanced operational assurance and device-, software-integrity in edge-computing environments. 

We are looking for an excellent, motivated, self-driven post-doctoral candidate to conduct high-quality research within the following key technological aspects:
 

  • the design and development of novel security and privacy-preserving protocols based on advanced crypto primitives and algorithms (symmetric crypto, asymmetric crypto and privacy-preserving primitives such as Direct Anonymous Attestation (DAA)) suitable for inclusion in a TPM;
  • the design and development of novel remote and scalable attestation mechanisms for verifying the integrity of an embedded device or software-based service against attack vectors that try to manipulate their control-flow integrity;
  • the security validation of the implemented mechanisms and protocols. This comprised of all activities that aim at demonstrating the security qualities of the specified protocols. Hence, it includes verification, analysis, testing, and performance evaluation;
  • the provision of run-time vulnerability analysis methodologies of the whole TPM-based system. This will include a complete security analysis of the operation of the devices hosting the TPM as they may leak sensitive information which can be then used for mounting successful attacks to recover secret information.
In addition to supporting the research project with internal and external collaborators, the position will serve as a platform for the research fellow to develop their career and profile as an independent researcher. The potential for the development of knowledge and skills at the intersection of trusted computing and applied cryptography may help the research fellow develop an independent research agenda.

The applicant will work in a team of PhD students, postdocs and faculty members in the section, and must contribute with research towards the overall goals of the FutureTPM project. The applicant is expected to interact with our collaborators on the design of secure systems based on the use of trusted computing technologies. The applicant is also expected to give limited contributions to teaching and training activities as well as supervision of students.

Qualifications
Candidates should hold, or are near completion of, a PhD in a relevant subject. (Relevant professional experience may be considered). The successful applicant will need to demonstrate: (i) experience and knowledge of applied cryptography and trusted computing technologies, (ii) a solid foundation in risk assessment, vulnerability analysis and design of novel security protocols for cyber-physical systems, and (ii) an interest in the application of formal methods to security and cryptography. Good implementation skills (including native code) and practical experience are also desirable. Furthermore, good command of the English language is essential.

Successful candidates have a unique opportunity of participating in the shaping of challenging and innovative research themes, as well as contributing to the ambitious research agenda of the DTU Cyber Security section supported by a number of national and international grants. They will be given excellent conditions for the development of their research skills, in terms of working conditions, mentoring and lab facilities.

We offer
DTU is a leading technical university globally recognized for the excellence of its research, education, innovation and scientific advice. We offer a rewarding and challenging job in an international environment. We strive for academic excellence in an environment characterized by collegial respect and academic freedom tempered by responsibility.

Salary and terms of employment
The appointment will be based on the collective agreement with the Danish Confederation of Professional Associations. The allowance will be agreed upon with the relevant union.

The duration of the position is 12 months, and we aim for at starting date of October 1
st, 2019 or as soon as possible after that.

You can read about career paths at DTU 
here

Further information
Further information can be obtained at the project’s homepage, FutureTPM, and the from the PI, Dr. Athanasios Giannetsos, mail atgi@dtu.dk, tel +45 45 25 30 09.

You can read more about DTU compute at 
compute.dtu.dk/english

Application procedure
Please submit your application no later than 26 August 2019 (local time). Applications must be submitted as one PDF file containing all materials to be given consideration. To apply, please open the link "Apply online", fill out the online application form, and attach all your materials in English in one PDF file. The file must include: 
  • Application (cover letter)
  • CV
  • Diploma (MSc/PhD)
  • List of publications
  • Research Statement including a brief description of how past experience and future plans fit with the advertised position (max 2 pages)
Applications and enclosures received after the deadline will not be considered.

All interested candidates irrespective of age, gender, disability, race, religion or ethnic background are encouraged to apply.

DTU Compute has a total staff of 400 including 100 faculty members and 130 PhD students. We offer introductory courses in mathematics, statistics, and computer science to all engineering programmes at DTU and specialised courses to the mathematics, computer science, and other programmes. We offer continuing education courses and scientific advice within our research disciplines, and provide a portfolio of innovation activities for students and employees.

DTU is a technical university providing internationally leading research, education, innovation and scientific advice. Our staff of 6,000 advance science and technology to create innovative solutions that meet the demands of society, and our 11,200 students are being educated to address the technological challenges of the future. DTU is an independent university collaborating globally with business, industry, government and public agencies.