PhD Students

The CISPA Helmholtz Center for Information Security is looking for PhD Students in areas related to:

• Cybersecurity, Privacy and Cryptography
• Machine Learning and Data Science
• Efficient Algorithms and Foundations of Theoretical Computer Science
• Software Engineering, Program Analysis and Formal Methods

We constantly seek applications from qualified researchers regardless of their national origin or citizenship. The working language is English. A command of German is not required for a successful career at CISPA.

What we offer

• Admitted students are paid employees of CISPA with a full-time contract of three years with the possibility of one year extension. Salary starting from approx. €4180 (gross/month) according to the scale of the TVöD (German Federal Employment Agreement)
• Health insurance, 30 days paid time off and a pension scheme
• Opportunities for development and growth from language classes, research support to extracurricular and social activities
• Our onboarding team will provide you with all information needed for a successful start and support you if needed

What we expect

• You have a Bachelor’s or Master’s degree from a top-tier, research-oriented institutions of higher education in a subject relevant to our research
• You should have an outstanding academic record (at or near top of your class)
• You’re proficient in spoken and written English
• You have strong letters of recommendation from your academic advisors

Highlighted Positions

The group of Ali Abbasi is offering multiple positions for PhD candidates interested in the area of embedded systems security.

Ali Abbasi's group's main aim is to design defense mechanisms and break existing embedded systems to improve their security. We combine deep technical insights of both firmware and hardware to build novel analysis techniques, allowing us to tackle hard-to-test and previously unknown attack surfaces. We also design and implement new methods to protect embedded systems against various classes of attacks, both on the hardware and firmware level.

For hardware security-oriented Ph.D. positions, we are looking for candidates with a strong interest in:

• Hardware-assisted security testing and hardware vulnerabilities
• Side-channel attacks (e.g., power analysis and instruction-level side channel profiling)
• FPGA programming and system building at the board-level around customized circuits
• RISC-V and ideally one of its open source designs
• Computer architecture design, simulation, and performance evaluation

For software security-oriented Ph.D. positions, we are looking for candidates with solid programming skills in low-level languages like C/C++/Rust/Assembly and in-depth knowledge of operating systems. The candidate should also be interested in at least one of the following topics:

• Firmware reverse engineering and/or exploit development
• Automated software testing (e.g., fuzzing), especially with an interest in hardware/software-assisted firmware testing
• Space assets security (e.g., in-orbit satellite systems security)
• Security of Industrial Control Systems (ICS), Electronic Control Units (ECUs), or mobile basebands

For both types of positions, actively playing CTFs, having a public track record of vulnerability research, or building open-source security analysis tooling is a plus. A person with an offensive security mindset will enjoy the work in our group.

The group of Andreas Zeller is looking for PhD candidates with research interests in program analysis, software testing and automated debugging.

Andreas Zeller's group creates tools and techniques that help developers build better software - by automatically testing, analyzing and debugging its code and its development process. His group focuses on software analysis, notably software testing and debugging. Their research projects involve generating software tests, automated debugging and repair, analyzing mobile systems, analyzing user interfaces and more. Essentially, their research focuses on the following questions:

• How can we systematically test complex software systems?
• How can we accurately determine and characterize input formats?
• How can we explain causes and circumstances of software failures?

Andreas' solutions typically apply and combine several techniques including dynamic analysis, static analysis, specification mining, test generation, natural language processing, machine learning, constraint solving and formal languages.

In 2023, Andreas received an ERC Advanced Grant of 2.5 million EUR for the project “Semantics of Software Systems” (S3) on massice generaion of tests and oracles for software. Check out the grant proposal!

Since 2022, most of Andreas' projects focus on semantic fuzzing and debugging, centered around our all-new ISLa specification language and input generator.

Since 2021, Andreas' Debugging Book presents and implements techniques for automated debugging and repair, and The Fuzzing Book introduces test generation (“fuzzing”) techniques. Both books are interactive – you can execute and edit the code right in your browser.

In all this, we are looking for solutions that make a splash in academia and industry and that stand the test of time – Andreas holds no less than seven 10-year impact paper awards. If you'd like to go where no one has gone before, contact us.

The group of Christian Rossow is looking for a PhD candidate with interest in systems and network security.

Christian Rossow's group's research focuses on system and network security; network security spans practical protocol analyzing, network fuzzing, DDoS attacks and defenses, attack attribution, and traffic analysis. Our system security research is concerned about designing secure networked/distributed systems using novel trusted computing primitives (e.g., Intel TDX, AMD SEV, ARM Realms) or networking harward (e.g., P4-programmable switches, SmartNICs). Either way, our primary focus is practical high-impact research, aiming to present our results at the leading conferences in our field.
We can offer you an excellent working environment on the campus of TU Dortmund, strong individual supervision, interesting and cutting-edge research topics, and world-wide collaborations. You qualify for a PhD position if you (are about to) have an excellent degree at the MSc level. We expect enthusiasm and creativity from you, and (at least) a basic background in security.

The group of Krikamol Muandet has multiple openings for PhD students with a strong interest in the broad areas of machine learning.

Krikamol Muandet's group's research aims at understanding the principles that enable autonomous agents to learn from past experience and interact succesfully with complex environments, and to use this understanding to design new learning algorithms. The research theme spans the following areas:

• Prediction: How do we design ML algorithms that can cope with distrbutional shifts? The topics of interest are domain adaption (DA), domain generalization (DG), out-of-distribution (OOD) generalization, and robustness. Kernel methods, kernel mean embedding of distributions and applications thereof are our mathematical arsenal to tackle these problems.
• Causation: How do we leverage cause-effect relationships in improving ML models, and conversely how do we use sophisticated ML methods to aid causal inference in complex environments? Topics of interest are unobserved confounders in causal inference, spurious correlation in machine learning, distributional treatment effects, counterfactual inference, and algorithmic decision making. Natural experiments and quasi-experimental designs such as instrumental variable (IV), proxy variables, and regression discontinuity design (RDD) offers tools to address these problems.
• Regulation: How do we regulate the deployment of ML models in heterogeneous environments to ensure the democratic use of AI? Topics of interest are feedback loops and strategic behavior. To gain a better understanding of these problems, we will be adopting techniques from algorithmic game theory, mechanism design, social choice theory, and other related sub-fields of economics.

The group of Mridula Singh is looking for a PhD candidate with a strong research interest in wireless systems security.

Mridula Singh's group's research focuses on enabling secure communication, positioning, and combining sensor modalities for autonomous systems. The technologies of interest are CANBus, UWB, WiFi, 5G, LEO, and GNSS. Example research topics will include:

• Exploring security vulnerabilities of the communication technologies mainly at the physical and logical layer
• Secure sensor fusion
• Designing secure positioning architecture for 5G
• Secure time synchronization
• Location privacy

The group of Robert Künneman is offering a PhD position for those interested in monitoring and fuzzing protocol implementations.

Robert Künneman's group's goal is to bring guarantees obtained in abstract models for TLS etc. down to the implementation level. With monitoring, we can make programs crash if they violate those guarantees. With fuzzing, we can find out if they do that before they reach the user. We plan to closely collaborate with LORIA, Nancy as part of the French-German-Center for Cybersecurity, offering the option to be co-supervised and experience the rich research environment provided by both LORIA and CISPA. The ideal candidate has a knack for formal modelling and (computational) logic, but also an interest to explore program analysis techniques like fuzzing and symbolic execution.

The group of Sebastian Stich is looking for a PhD candidate interested in analysis and development of optimization strategies for training machine learning models.

Sebastian Stich's group's research focuses on distributed algorithms (such as federated and decentralized learning), algorithms for differentially private, robust, and fair machine learning, and on distributed artificial intelligence (see also www.sstich.ch for past and current research). It will be a plus if the student is motivated to work on theoretical challenges that arise in practical application in the fields of biology and health (e.g., structured, or multimodal data, low sample sizes, etc.). Within this project, the student will have the opportunity to collaborate with partners within the Helmholtz AI unit.
Requirements: The candidate is expected to have an excellent degree at the MSc level in mathematics, statistics, computer science or a related discipline. A solid mathematical foundation (e.g. probability theory, statistics, calculus, and linear algebra) is a must, experience in optimization, machine learning, data science or with a ML framework such as e.g. PyTorch, is a plus.

The group of Wouter Lueks is looking for PhD candidates with a strong research interest in design and analysis of privacy-friendly-systems.

Wouter Luek's group's interest is addressing — if possible — societal challenges through the careful design of new privacy-friendly systems. To do so, we create new applied cryptographic primitives and system’s building blocks such as anonymous communication systems. We also analyse and improve existing systems.

A familiarity with in security/privacy in general, and training in either applied cryptography or systems is recommended. But we welcome applications by qualified students from other areas as long as you have an interest in privacy and technology. For more information about the open positions, please refer to this page: https://wouterlueks.nl/positions/. For more information about Wouter and his research, see: https://wouterlueks.nl/.

The group of Xiao Zhang is looking for multiple PhD students who are interested in trustworthy machine learning research.

Within the group of Xiao Zhang, possible topics include foundations of adversarial machine learning, topics in trustworthy machine learning including robustness, privacy, interpretability and fairness, their applications in computer vision, neural language processing and cybersecurity, and many more. Besides computer scientists, we strongly encourage students from other scientific fields such as math and statistics to apply.

For detailed descriptions about open positions and how to apply, please check this page. For more information about Xiao and his research, see his homepage. 

Application

Qualified candidates who wish to pursue a doctoral degree in a research area covered by CISPA faculty may apply at any time. We will accept applications throughout the year for exceptionally strong candidates. Admitted applicants will have an opportunity to visit the center and its partner institutions and interact with faculty and students before making their decision. Admitted students are advised by CISPA faculty. All doctoral researchers at CISPA will be a member of a graduate program at our partnering degree-granting universities. For example, PhD Students in Saarbrücken are part of the SAARBRÜCKEN GRADUATE SCHOOL OF COMPUTER SCIENCE AT SAARLAND UNIVERSITY, with whom we have a long-standing close collaboration.

CISPA is committed to increasing the representation of women, minorities, and individuals with disability in Computer Science. In accordance with the Equal Opportunity Plan, CISPA aims at increasing the number of women in Computer Science, and explicitly encourages women to apply. Applications of severely disabled candidates with equivalent qualifications will be given priority. In general, we welcome applications regardless of gender, nationality, ethnic and social origin, religion/belief, disability, age, sexual orientation and identity.

In case of interest in working at CISPA, please press the "Apply now" button at the end of the page. Please upload your documents in PDF format on our application platform. Applications via email cannot be accepted.

For any questions regarding the application process, please contact us at applications@cispa.de

About CISPA
 

CISPA Helmholtz Center for Information Security is a German national Science Institution within the Helmholtz Association and provides a unique work environment that offers the advantage of a university department and a research laboratory alike. CISPA's mission is to rethink the digitized world of the future from the ground on up an make it safer through innovative cutting-edge research. CISPA is committed to the highest international academic standards. We offer a world-class research environment that grants extensive resources to a wide range of researchers and constitutes an attractive destination for the best talents and scientists from all countries. CISPA provides a highly international and diverse working environment, currently hosting researchers of over 40 nationalities.

CISPA headquarter is located in Saarbrücken, in the tri-border area of Germany, France and Luxembourg. The CISPA campus is located close to Saarland University, which is known for its excellence in Computer Science, the Max Planck Institute for Informatics, the Max Planck Institute for Software Systems, and the German Research Center for Artificial Intelligence (DFKI).

For more information about CISPA, see https://cispa.de/en

All information on the processing of your personal data, your statements in the application process and your data privacy rights can be found in our data privacy policy.