PhD student position in the WASP NEST project ShiftLeft, based at KTH Royal Institute of Technology.
Project description
The doctoral student will contribute to the project WASP NEST ShiftLeft, a framework project conducted jointly with Chalmers University of Technology, Lund University, and Umeå University to explore code-centric solutions to secure the software supply chain. NESTs are flagship projects of the Wallenberg AI, Autonomous Systems and Software Program (WASP).
ShiftLeft seeks to transform the security of software supply chain by introducing a declarative code-centric platform supporting continuous security analysis. It incorporates foundational frameworks, novel abstractions combining static and dynamic techniques, and human-in-the-loop feedback with AI-driven prioritization metrics. The doctoral student will conduct research in developing foundational models and scalable code-centric analysis for a range of vulnerability classes, including code injection, sensitive information disclosure, insecure deserialization and more. They will explore a range of technologies including taint analysis, code property graphs, program slicing, and runtime monitoring. The doctoral student will also have the opportunity to apply the research results by building demonstrators that showcase their potential in real-life contexts, in collaboration with Cparta Cyber Defense, Debricked, Ericsson, Recorded Futures, and SEB.