Technische Universität Wien, generally referred to as TU Wien, is located in the heart of Europe, a place where one can experience cultural diversity and international life. Research, teaching and learning have been conducted here in the service of progress for 200 years. TU Wien is amongst Europe’s most successful universities of technology and, with over 30,000 students and a staff of about 5,200, is Austria’s largest scientific and engineering research and education institution.
Cyber-physical production systems (CPPS) need suitable networked architectures that take into account and combine safety (operation of the system must not pose any danger) and security (protection against unauthorized manipulation). As part of the newly founded "TÜV AUSTRIA Safety and Security in Industry Research Lab" (SafeSecLab), several related research questions are addressed within the framework of dissertation projects (3 years funding) at TU Wien.
Project – PhD1)
The PhD topic "SafeSecSystem Modeling" will investigate approaches for modeling secure system architectures relevant in the industrial environment with particular attention to functional safety and resilience. Research questions include the identification of attack vectors for assets to be protected (such as devices or plants) w.r.t. data sources and data sinks, taking into consideration machine-to-machine communication aspects and IT/OT convergence. Methods from IT threat modeling and safety modeling are to be re-visited, revised, adapted and brought in line with the reference architecture model "Industry 4.0". Ultimately, a catalog of protection measures supported by a tool chain is to be devised in order to evaluate existing (and future) CPPS.
Project – PhD2)
The goal of the PhD topic is the design of a "Safety and Security integrated IT/OT architecture" which enables a safe yet secure integration of the different levels of the automation pyramid. Relevant topics for the project address the integration or embedding of legacy components, network security (network segmentation, challenges of ad-hoc networking), hierarchical security architectures (defense in depth), security/safety versus real-time requirements, challenges of limited resources in automation systems, scalability and resilience as well as the management of keys and certificates. Derived from this, a reference architecture and recommendations for their implementation are to be developed and implemented as a prototype.
Project – PhD5)
This PhD topic focuses on information security risk management in industrial control systems. Existing approaches typically rely on static system models which quickly lose their relevance due to plant modifications or changes in the threat landscape. Such an approach is time-consuming and can lead to incorrect risk estimations. This project, by contrast, aims to continuously collect data from various sources inside the CPPS (e.g., sensors, network traffic), automatically build system models, and identify and assess cyber risks. In addition, this project strives to develop methods to evaluate consequences of successful exploits and to select effective countermeasures.
Project – PhD7)
In CPPS, hardware platforms performing malicious functions can be a serious threat to reliable and safe operation. The goal of this project is to design and/or develop a verification method to evaluate security properties of hardware designs. Research questions address the detection of unauthorized information flows (e.g. based on hardware Trojans) and the definition of appropriate security policies. A toolset for modeling and detection of malicious hardware shall be developed that can later be used as basis for a workflow guiding secure hardware design and assessment.
Academic master degree in computer science/informatics, electrical engineering or information technology
Interest in research in security and safety
Excellent knowledge of English
Ability to work in a team, collaborate effectively with other PhDs, interest in interdisciplinary work
Additional project requirements: PhD1, PhD2, PhD5: Knowledge in information technology with a focus on (distributed) automation, industrial control systems, industrial communication systems, embedded systems, and safety & security;
PhD7: Knowledge of specification, design and verification of digital hardware systems and related hardware description languages (Verilog, SystemVerilog, VHDL) and handling of EDA software (especially Yosys); knowledge of formal verification techniques; programming skills (C ++, Python);
Continuing personal and professional education and flexible working hours
Central location with very good accessibility (U1/U2/U4 Karlsplatz)
A creative environment in one of the most liveable cities in the world
TU Wien is committed to increase female employment in leading scientific positions. Female candidates are explicitly encouraged to apply. Preference will be given when equally qualified.
People with special needs are equally encouraged to apply. In case of any questions, please contact the confidant for disabled persons at the university (contact: email@example.com)
Remuneration shall be based on the minimum remuneration for salary group B1 and shall amount to at least EUR 2.196,80 gross/month for weekly employment of 30 hours. (14 x per year).
We look forward to receiving your application up to 19.03.2020 - Note: The application period has been extended to 30.04.2020.