PhD Studentship in Program Analysis for Security (CDT)

Supervisor: Dr Johannes Kinder
Start date: October 2018
Duration: 4-5 years
Annual Stipend: about £20,000 (tax free)

Every day we trust our web, mobile, and desktop applications to operate correctly and to safeguard our personal data. Unfortunately, numerous security incidents have shown that often this trust is misplaced: software and systems crash, leak sensitive information, or get infected by malware. The core of the problem is usually a software bug that opened a particular vulnerability. We must identify such vulnerabilities early, before they can cause damage. Powerful methods from static and dynamic program analysis, such as symbolic execution, promise to find bugs and vulnerabilities automatically by inspecting the code and its runtime behaviour.

We are looking for qualified students to work with Dr Johannes Kinder and other members of the group in the field of program analysis and automated software verification with application to system security. This offers a unique opportunity to combine theory and practice: we are not only interested in elegant formalisms, but also in building robust tools that work on real applications. In the past, we have built tools that use temporal logic to detect malware or abstract interpretation to disassemble x86 binaries, for example.

The successful applicant will be hosted at the Department of Computer Science and the Information Security Group (ISG) of Royal Holloway, University of London. Both departments are leading research centres in their respective areas. As a result, the student will benefit from a thriving and dynamic research environment and may collaborate with PhD students and researchers with interest in the field.

The student will be enrolled in the Centre for Doctoral Training at ISG, which includes a taught course element in Information security. More information is available on the ISG's CDT web pages.


Applicants should have or be expecting to obtain a first class honours degree or a masters degree in Computer Science or similar subject. In addition, applicants should be very confident about their programming skills and their background in logic and algorithms. Practical experience in systems security is a plus.

To qualify for the doctoral training centre, applicants need to satisfy EPSRC's eligibility requirements.

How to Apply

Applications will be reviewed on a rolling basis as they are received. For informal inquiries about the position, please contact Johannes Kinder. To apply, please use the Royal Holloway online application system.