Two Postdoctoral Positions in Software Testing, Security and Programming Languages
Two fixed-term appointments until 31 December 2020
Applications are invited for two postdoctoral positions, joint between the Software Reliability Group and the Multicore Programming Group, under the direction of Dr. Cristian Cadar and Dr. Alastair Donaldson on a new project entitled Automatically Detecting and Surviving Exploitable Compiler Bugs.
We are looking for motivated applicants interested in working at the intersection of software testing, security and programming languages. The research will focus on understanding the extent to which compiler bugs – where a compiler silently emits incorrect code – are a threat to the reliability and security of critical infrastructure, and on methods for mitigating this threat by detecting potential issues ahead of time, or by detecting and surviving problems live, in a production environment. Building on Cristian Cadar’s successful work on multi-version execution and program analysis for security, and Alastair Donaldson’s innovations related to compiler testing, the objectives of the project include:
To design novel techniques for identifying compiler-induced vulnerabilities in deployed software, by (a) extracting wrong code defect patterns and mining software codebases to identify cases where such defects affect the behaviour of real applications, and (b) monitoring the execution of multiple software versions, each generated by a different compiler, to detect previously unknown compiler bugs at runtime.
To understand the attack surface presented by compiler bugs by designing methods for manufacturing compiler backdoors that could be introduced (either inadvertently or maliciously) into widely-used software, based on the idea of applying semantics-preserving program transformations that can result in an exact match for one of the compiler bug patterns identified by our approach.
To devise novel techniques based on multi-version execution to defend against compiler backdoor attacks, by running multiple versions of the software, each compiled by different compilers, and stopping execution whenever their execution diverges.
To investigate a number of case studies, together with our industrial and academic partners, which would showcase the techniques of the project in concert.
Candidates should be motivated to work at the intersection of software testing, security and programming languages. To apply, candidates will need to have a strong computing background, experience in building and working with large software systems and tools, and proven knowledge in at least one of the areas of testing, security, and practical aspects of programming languages (such as compiler design and implementation). Candidates are also expected to have a proven research record and publications in the relevant areas. Applicants must have a PhD (or equivalent) in an area pertinent to the subject area. Candidates close to completion of their PhD will also be considered, but will be initially appointed as Research Assistant within the salary range £32,380 - £34,040 per annum.
Candidates will have excellent communication skills and be able to organise their own work with minimal supervision and prioritise work to meet deadlines. All applicants must be fluent in spoken and written English.
The Department of Computing at Imperial College London is a leading department of Computer Science among UK Universities. The department has achieved top results in each of the research assessment exercises undertaken by the Higher Education Funding Council for England. There are over fifty academic staff members actively involved in research, creating a lively and stimulating atmosphere. The department is located in central London, next to Hyde Park and the museums of South Kensington.
For informal inquiries about this position please contact Dr. Cristian Cadar and Dr. Alastair Donaldson. For further information on the Software Reliability Group and and Multicore Programming Group, and related projects, see http://srg.doc.ic.ac.uk/ and http://multicore.doc.ic.ac.uk/.
How to apply
Applications must include the following:
An online college application form available at http://www3.imperial.ac.uk/employment. Please select “Job Search”, then enter the job reference number EN20170334LE into “keywords”. Please complete and upload an application form as directed.
A full CV including a publication list.
A two-page research statement indicating what you see are interesting research issues relating to the above post and why your expertise is relevant.
Transcripts of all higher-education degree results.
The names and contact information of two or three referees who can provide letters of recommendation.
Should you have any queries regarding the application process please contact Ms. Georgina Tennant, Administrative Assistant, at firstname.lastname@example.org.
Committed to equality and valuing diversity. We are also an Athena SWAN Silver Award winner, a Stonewall Diversity Champion, a Two Ticks Employer, and are working in partnership with GIRES to promote respect for trans people.