The CISPA Helmholtz Center for Information Security is looking for PhD Students in areas related to:
Cybersecurity, Privacy and Cryptography
Machine Learning and Data Science
Efficient Algorithms and Foundations of Theoretical Computer Science
Software Engineering, Program Analysis and Formal Methods
We constantly seek applications from qualified researchers regardless of their national origin or citizenship. The working language is English. A command of German is not required for a successful career at CISPA
What we offer
- Admitted students are paid employees of CISPA with a full-time contract of three years with the possibility of one year extension. Salary starting from approx. €4180 (gross/month) according to the scale of the TVöD (German Federal Employment Agreement)
- Health insurance, 30 days paid time off and a pension scheme
- Opportunities for development and growth from language classes, research support to extracurricular and social activities
- Our onboarding team will provide you with all information needed for a successful start and support you if needed
What we expect
- You have a Bachelor’s or Master’s degree from a top-tier, research-oriented institutions of higher education in a subject relevant to our research
- You should have an outstanding academic record (at or near top of your class)
- You’re proficient in spoken and written English
- You have strong letters of recommendation from your academic advisors
Ali Abbasi's group's main aim is to design defense mechanisms and break existing embedded systems to improve their security. We combine deep technical insights of both firmware and hardware to build novel analysis techniques, allowing us to tackle hard-to-test and previously unknown attack surfaces. We also design and implement new methods to protect embedded systems against various classes of attacks, both on the hardware and firmware level.
For hardware security-oriented Ph.D. positions, we are looking for candidates with a strong interest in:
Hardware-assisted security testing and hardware vulnerabilities
Side-channel attacks (e.g., power analysis and instruction-level side channel profiling)
FPGA programming and system building at the board-level around customized circuits
RISC-V and ideally one of its open source designs
Computer architecture design, simulation, and performance evaluation
For software security-oriented Ph.D. positions, we are looking for candidates with solid programming skills in low-level languages like C/C++/Rust/Assembly and in-depth knowledge of operating systems. The candidate should also be interested in at least one of the following topics:
Firmware reverse engineering and/or exploit development
Automated software testing (e.g., fuzzing), especially with an interest in hardware/software-assisted firmware testing
Space assets security (e.g., in-orbit satellite systems security)
Security of Industrial Control Systems (ICS), Electronic Control Units (ECUs), or mobile basebands
For both types of positions, actively playing CTFs, having a public track record of vulnerability research, or building open-source security analysis tooling is a plus. A person with an offensive security mindset will enjoy the work in our group.
Andreas Zeller's goup's research topics include novel methods for highly efficient software testing; mining specifications for inputs and programs; synthesizing oracles; explaining software failures; and more.
Christian Rossow's group's research focuses on system and network security; network security spans practical protocol analyzing, network fuzzing, DDoS attacks and defenses, attack attribution, and traffic analysis. Our system security research is concerned about designing secure networked/distributed systems using novel trusted computing primitives (e.g., Intel TDX, AMD SEV, ARM Realms) or networking harward (e.g., P4-programmable switches, SmartNICs). Either way, our primary focus is practical high-impact research, aiming to present our results at the leading conferences in our field.
We can offer you an excellent working environment on the campus of TU Dortmund, strong individual supervision, interesting and cutting-edge research topics, and world-wide collaborations. You qualify for a PhD position if you (are about to) have an excellent degree at the MSc level. We expect enthusiasm and creativity from you, and (at least) a basic background in security.
Krikamol Muandet's group's research aims at understanding the principles that enable autonomous agents to learn from past experience and interact succesfully with complex environments, and to use this understanding to design new learning algorithms. The research theme spans the following areas:
Prediction: How do we design ML algorithms that can cope with distrbutional shifts? The topics of interest are domain adaption (DA), domain generalization (DG), out-of-distribution (OOD) generalization, and robustness. Kernel methods, kernel mean embedding of distributions and applications thereof are our mathematical arsenal to tackle these problems.
Causation: How do we leverage cause-effect relationships in improving ML models, and conversely how do we use sophisticated ML methods to aid causal inference in complex environments? Topics of interest are unobserved confounders in causal inference, spurious correlation in machine learning, distributional treatment effects, counterfactual inference, and algorithmic decision making. Natural experiments and quasi-experimental designs such as instrumental variable (IV), proxy variables, and regression discontinuity design (RDD) offers tools to address these problems.
Regulation: How do we regulate the deployment of ML models in heterogeneous environments to ensure the democratic use of AI? Topics of interest are feedback loops and strategic behavior. To gain a better understanding of these problems, we will be adopting techniques from algorithmic game theory, mechanism design, social choice theory, and other related sub-fields of economics.
Mridula Singh's group's research focuses on enabling secure communication, positioning, and combining sensor modalities for autonomous systems. The technologies of interest are CANBus, UWB, WiFi, 5G, LEO, and GNSS. Example research topics will include:
Exploring security vulnerabilities of the communication technologies mainly at the physical and logical layer
Secure sensor fusion
Designing secure positioning architecture for 5G
Secure time synchronization
Robert Künneman's group's goal is to bring guarantees obtained in abstract models for TLS etc. down to the implementation level. With monitoring, we can make programs crash if they violate those guarantees. With fuzzing, we can find out if they do that before they reach the user. We plan to closely collaborate with LORIA, Nancy as part of the French-German-Center for Cybersecurity, offering the option to be co-supervised and experience the rich research environment provided by both LORIA and CISPA. The ideal candidate has a knack for formal modelling and (computational) logic, but also an interest to explore program analysis techniques like fuzzing and symbolic execution.
Sebastian Stich's group's research focuses on distributed algorithms (such as federated and decentralized learning), algorithms for differentially private, robust, and fair machine learning, and on distributed artificial intelligence (see also www.sstich.ch for past and current research). It will be a plus if the student is motivated to work on theoretical challenges that arise in practical application in the fields of biology and health (e.g., structured, or multimodal data, low sample sizes, etc.). Within this project, the student will have the opportunity to collaborate with partners within the Helmholtz AI unit.
Requirements: The candidate is expected to have an excellent degree at the MSc level in mathematics, statistics, computer science or a related discipline. A solid mathematical foundation (e.g. probability theory, statistics, calculus, and linear algebra) is a must, experience in optimization, machine learning, data science or with a ML framework such as e.g. PyTorch, is a plus.
Wouter Luek's group's interest is addressing — if possible — societal challenges through the careful design of new privacy-friendly systems. To do so, we create new applied cryptographic primitives and system’s building blocks such as anonymous communication systems. We also analyse and improve existing systems.
A familiarity with in security/privacy in general, and training in either applied cryptography or systems is recommended. But we welcome applications by qualified students from other areas as long as you have an interest in privacy and technology. For more information about the open positions, please refer to this page: https://wouterlueks.nl/positions/. For more information about Wouter and his research, see: https://wouterlueks.nl/.
Within the group of Xiao Zhang, possible topics include foundations of adversarial machine learning, topics in trustworthy machine learning including robustness, privacy, interpretability and fairness, their applications in computer vision, neural language processing and cybersecurity, and many more. Besides computer scientists, we strongly encourage students from other scientific fields such as math and statistics to apply.
For detailed descriptions about open positions and how to apply, please check this page. For more information about Xiao and his research, see his homepage.
Qualified candidates who wish to pursue a doctoral degree in a research area covered by CISPA faculty may apply at any time. We will accept applications throughout the year for exceptionally strong candidates. Admitted applicants will have an opportunity to visit the center and its partner institutions and interact with faculty and students before making their decision. Admitted students are advised by CISPA faculty. All doctoral researchers at CISPA will be a member of a graduate program at our partnering degree-granting universities. For example, PhD Students in Saarbrücken are part of the Saarbrücken Graduate School of Computer Science at Saarland University, with whom we have a long-standing close collaboration.
CISPA is committed to increasing the representation of women, minorities, and individuals with disability in Computer Science. In accordance with the Equal Opportunity Plan, CISPA aims at increasing the number of women in Computer Science, and explicitly encourages women to apply. Applications of severely disabled candidates with equivalent qualifications will be given priority. In general, we welcome applications regardless of gender, nationality, ethnic and social origin, religion/belief, disability, age, sexual orientation and identity.
In case of interest in working at CISPA, please press the "Apply now" button at the end of the page. Please upload your documents in PDF format on our application platform. Applications via email cannot be accepted.
For any questions regarding the application process, please contact us at firstname.lastname@example.org
CISPA Helmholtz Center for Information Security is a German national Science Institution within the Helmholtz Association and provides a unique work environment that offers the advantage of a university department and a research laboratory alike. CISPA's mission is to rethink the digitized world of the future from the ground on up an make it safer through innovative cutting-edge research. CISPA is committed to the highest international academic standards. We offer a world-class research environment that grants extensive resources to a wide range of researchers and constitutes an attractive destination for the best talents and scientists from all countries. CISPA provides a highly international and diverse working environment, currently hosting researchers of over 40 nationalities.
CISPA headquarter is located in Saarbrücken, in the tri-border area of Germany, France and Luxembourg. The CISPA campus is located close to Saarland University, which is known for its excellence in Computer Science, the Max Planck Institute for Informatics, the Max Planck Institute for Software Systems, and the German Research Center for Artificial Intelligence (DFKI).
For more information about CISPA, see https://cispa.de/en