PhD Position F/M Type-based security properties assurance in operating systems
Contract type : Fixed-term contract
Level of qualifications required : Graduate degree or equivalent
Fonction : PhD Position
About the research centre or Inria department
The Inria Rennes - Bretagne Atlantique Centre is one of Inria's eight centres and has more than thirty research teams. The Inria Center is a major and recognized player in the field of digital sciences. It is at the heart of a rich R&D and innovation ecosystem: highly innovative PMEs, large industrial groups, competitiveness clusters, research and higher education players, laboratories of excellence, technological research institute, etc.
Context
The PhD thesis is fully funded under the framework of a partnership between Inria and ANSSI. The PhD student will be supervised by researchers from Team SUSHI in collaboration with cyber-security experts from ANSSI.
Assignment
For a detailed description of the proposed research activities, see the full description on the team's webpage.
We propose to explore using types in operating system source code as a mean to get assurance on security properties. With the rise of memory-safe languages for system programming like Rust, type-based techniques in operating system source have just recently started being investigated to get assurance on functional correctness. With security properties an additional challenge is the need to consider the whole program at once instead of individual functions or modules. It is thus proposed to address three sub-challenges in the thesis:
- to identify relevant low-level security properties that support global, high-level properties,
- to study methods to ensure these low-level properties using the type system of the programming language,
- and finally to explore how to keep guarantees despite interactions with code in memory-unsafe programming languages like C.
Proof-of-concept implementations should be done on Rust-based operating systems as well as on operating systems having added support for Rust code, like Linux.
Keywords: Operating systems; Security; Programming languages; Rust.
Main activities
Main activities:
- propose new approaches to operating system development
- develop prototypes and evaluate the proposed approaches
- write, submit and present papers to conferences, workshops and journals to present the thesis contributions
- build and maintain a state of the art review of the research topic during the whole thesis work
- write the final PhD thesis document and defend the thesis
Skills
Technical skills and level required : familiar with system programming, interested by Rust programming and operating systems internals, comfortable with communicating technical ideas
Languages : english
Relational skills : able to debate novel ideas, team player
Other valued appreciated : creative, curious, fast learner, willingness to learn, dedicated, self-motivated
Benefits package
- Subsidized meals
- Partial reimbursement of public transport costs
- Possibility of teleworking (90 days per year) and flexible organization of working hours
- Partial payment of insurance costs
Remuneration
Monthly gross salary amounting to 2100 euros for the first and second years and 2200 euros for the third year
General Information
- Theme/Domain :
Security and Confidentiality
System & Networks (BAP E) - Town/city : Rennes
- Inria Center : Centre Inria de l'Université de Rennes
- Starting date : 2024-10-01
- Duration of contract : 3 years
- Deadline to apply : 2024-08-31
Warning : you must enter your e-mail address in order to save your application to Inria. Applications must be submitted online on the Inria website. Processing of applications sent from other channels is not guaranteed.
Instruction to apply
Please submit online : your resume, cover letter and letters of recommendation eventually
Defence Security :
This position is likely to be situated in a restricted area (ZRR), as defined in Decree No. 2011-1425 relating to the protection of national scientific and technical potential (PPST).Authorisation to enter an area is granted by the director of the unit, following a favourable Ministerial decision, as defined in the decree of 3 July 2012 relating to the PPST. An unfavourable Ministerial decision in respect of a position situated in a ZRR would result in the cancellation of the appointment.
Recruitment Policy :
As part of its diversity policy, all Inria positions are accessible to people with disabilities.
Contacts
- Inria Team : SUSHI
-
PhD Supervisor :
Tronel Frederic / Frederic.Tronel@inria.fr
The keys to success
See advices on how (not) to fail a PhD.
About Inria
Inria is the French national research institute dedicated to digital science and technology. It employs 2,600 people. Its 200 agile project teams, generally run jointly with academic partners, include more than 3,500 scientists and engineers working to meet the challenges of digital technology, often at the interface with other disciplines. The Institute also employs numerous talents in over forty different professions. 900 research support staff contribute to the preparation and development of scientific and entrepreneurial projects that have a worldwide impact.