Postdoc in Security of Industrial Control Systems

Deadline: Until position is filled Natioanlity: International University of Twente
How to APPLY.
De uitdaging / The challenge
As project partner of the newly starting EU FP7 cooperative research project CRISALIS, we are searching for a suitable candidate to be involved in research activities of this project. The project already started May 2012 and suitable candidates are requested to apply immediately. Candidate selection will continue until the position is filled. In the past few years, it became evident how vulnerable our ICT infrastructure that controls critical industrial processes actually is. The Stuxnet worm is just the tip of the ice-berg. Numerous researchers have illustrated that these so called SCADA or ICS systems consisting of both commodity systems and specialized embedded controllers are not sufficiently secured. Furthermore, our technology for securing such systems and investigating security incidents are not sufficiently developed. As ICS control more and more critical processes that affect everyday life of citizens and as they are more and more inter-connected and thus accessible by determined attackers, security becomes a primary concern and focus to manufacturers and operators of such equipment. The CRISALIS project aims at providing new means to secure critical infrastructure environments from targeted attacks, carried out by resourceful and motivated individuals. The recent discovery of the Stuxnet malware shows that these threats are already a reality. Their success in infiltrating Critical Infrastructure environments is calling attention on the ineffectiveness of standard security mechanisms at detecting them. Stuxnet is believed to have been operating undetected for almost one year leveraging multiple vulnerabilities that were previously unknown, and has been discovered only as a consequence to an operational anomaly that triggered the attention of the field operators. This fact clearly shows that our methods to find vulnerabilities and detect ongoing or successful attacks in critical infrastructure environments are not sufficient. CRISALIS focuses on these two aspects: detection of vulnerabilities and attacks in critical infrastructure environments. We address two different, yet interlinked, use cases that are typical for the power grid infrastructure: control systems based on SCADA protocols and the Advanced Metering Infrastructure. CRISALIS leverages the unique characteristics of critical infrastructure environments to produce novel practical mechanisms and techniques for their security assessment and protection. This is achieved by pursuing three main research objectives: (i) providing new methodologies and techniques to secure critical infrastructure systems; (ii) providing new tools to detect intrusions; (iii) developing new, more effective, techniques to analyze infected systems. Particular attention is paid to ensure the practical implementation of these techniques in real-world environments, and to minimize the impact on operations, goals which are attainable thanks to the direct involvement in the process of end users and device manufacturers who provide expertise and realistic test environments to validate the proposed methodologies. CRISALIS partners include Symantec, Alliander, Chalmers Technical University, ENEL, Eurecom, SecurityMatters, Siemens, and the University of Twente.
Ons aanbod / Our offer
We offer a full-time position in a dynamic and international environment. The duration of the contract is three years. The gross salary will range from € 2,861.00 per month depending on relevant years of research experience. Additionally, the University of Twente provides excellent facilities for professional and personal development. In addition, we offer a holiday allowance (amounts to 8%) and an end-of-year bonus (amounts to 8.3%) and a number of additional benefits. The labor agreements are in accordance with the CAO-NU for Dutch universities. You get the chance to work in an international team of security researchers and to extend your network with national and international contacts. The CRISALIS project will provide you an excellent opportunity for professional success and high visibility within Europe and beyond. You will connect with researchers and many other stakeholders from industry and the European commission. In addition to research, you can get involved in the group’s teaching activities to acquire teaching experience and qualification.
Uw profiel / Your profile
The candidate is expected to joint and extent the ICS and SCADA-related research agenda of the DIES group and contribute to our research in areas like host-based intrusion detection in ICS, automated device fingerprinting of ICS/SCADA devices, and security testing tools and methodologies for ICS/SCADA. This type of research requires a candidate with a strong interest in practical system-level skills. As an ideal candidate for this position, you •hold a recent PhD in computer science or a closely related discipline (mandatory); •have a proven record of research, documented by excellent publications in the field; •have done research in and are familiar with the field of ICS and SCADA security, especially Intrusion Detection; •have experience in participating in cooperative research projects, preferably EU FP7 projects; •have good management and team leading skills; •have excellent communication skills, mastering both oral and written English fluently; •are able to pursue challenging, interdisciplinary research problems and deliver proof-of-concept results; and •have strong practical security skills, including C, C++, embedded systems, intrusion, and IT forensics. If you think you fulfill at least a good number of these characteristics, we strongly encourage you to apply through the website link. For more information please contact Dr. Frank Kargl (f.kargl@utwente.nl) or Dr. Damiano Bolzoni (damiano.bolzoni@utwente.nl). Applications have to be submitted via the central job portal of the University of Twente at http://www.utwente.nl/vacatures/en/. Please submit your application together with • motivation letter, • full curriculum vitae including a list of all courses and marks, • publication list incl. a summary of your PhD thesis, • and the names and addresses of two references Starting date: as soon as possible. The search for candidates is on-going until the position is filled.
How to APPLY.