Our group’s main aim is to design defense mechanisms and break existing embedded systems to improve their security. We combine deep technical insights of both firmware and hardware to build novel analysis techniques, allowing us to tackle hard-to-test and previously unknown attack surfaces. We also design and implement new methods to protect embedded systems against various classes of attacks, both on the hardware and firmware level.
For hardware security-oriented Ph.D. positions, we are looking for candidates with a strong interest in:
- Hardware-assisted security testing and hardware vulnerabilities
- Side-channel attacks (e.g., power analysis and instruction-level side channel profiling)
- FPGA programming and system building at the board-level around customized circuits
- RISC-V and ideally one of its open source designs
- Computer architecture design, simulation, and performance evaluation
For software security-oriented Ph.D. positions, we are looking for candidates with solid programming skills in low-level languages like C/C++/Rust/Assembly and in-depth knowledge of operating systems. The candidate should also be interested in at least one of the following topics:
- Firmware reverse engineering and/or exploit development
- Automated software testing (e.g., fuzzing), especially with an interest in hardware/software-assisted firmware testing
- Space assets security (e.g., in-orbit satellite systems security)
- Security of Industrial Control Systems (ICS), Electronic Control Units (ECUs), or mobile basebands
For both types of positions, actively playing CTFs, having a public track record of vulnerability research, or building open-source security analysis tooling is a plus. A person with an offensive security mindset will enjoy the work in our group.
How to apply
All applications must be submitted through the CISPA application system and contain the following:
- Cover letter. As the CISPA application system is centralized, your cover letter must specify that you are applying for a position in the group of Dr. Abbasi
- For Ph.D. positions, the most recent transcript of records
- Names, titles, and email addresses of your referees
Submit PDF files only; Microsoft Office documents will be discarded.
To speed up the process, send me a heads-up email for your submission to firstname.lastname@example.org.
Why submit boring applications?!
Is sending a bunch of PDFs via email too boring for you? Would you like to spice up your application a little bit? Say no more. I got you covered!
Here is a challenge for you. Please reverse engineer the challenge and find a valid serial for the user pr0cracker.
Then write a quick report about it. Solving the challenge is strongly recommended. Once you are done send it together with your application.