Project description
Third-cycle subject: Computer Science
The doctoral student will join the LangSec research group at KTH and work on the WASP project XSBOM, which focuses on developing innovative solutions for securing the software supply chain. The project aims to protect applications from risks introduced by third-party components while maintaining the flexibility of modern software ecosystems.
A central concept in XSBOM is the Capability-Enhanced Software Bill of Materials (CBOM), which serves as a security contract between component providers and developers. These CBOMs will be enforced dynamically using a combination of code instrumentation and program analysis. The approach will enable runtime protection and monitoring of third-party components, resulting in practical tool prototypes. The methods will be evaluated through large-scale experiments across established ecosystems such as npm and emerging platforms like AI supply chains.
The Wallenberg AI, Autonomous Systems and Software Program (WASP) is Sweden’s largest research initiative, focusing on artificial intelligence, autonomous systems, and software. Its goal is to advance research and competence in these areas for the benefit of society and industry.
Read more: https://wasp-sweden.org/
The WASP graduate school provides training in AI, autonomous systems, and software through courses, research visits, and collaboration with partner universities and industry. It supports the development of an international and multidisciplinary professional network for PhD students and researchers. Read more: https://wasp-sweden.org/graduate-school/
Supervision: Associate Professor Musard Balliu is proposed to supervise the doctoral student. Decisions are made on admission
Admission requirements
To be admitted to postgraduate education (Chapter 7, 39 § Swedish Higher Education Ordinance), the applicant must have basic eligibility in accordance with either of the following:
- passed a second cycle degree (for example a master’s degree), or
- completed course requirements of at least 240 higher education credits, of which at least 60 second-cycle higher education credits, or
- acquired, in some other way within or outside the country, substantially equivalent knowledge
In addition to the above, there is also a mandatory requirement for English equivalent to English B/6.
Selection
In order to succeed as a doctoral student at KTH you need to be goal oriented and persevering in your work. During the selection process, candidates will be assessed upon their ability to:
- independently pursue his or her work
- collaborate with others,
- have a professional approach and
- analyze and work with complex issues and
- demonstrate very good knowledge in computer science and computer security.
After the qualification requirements, great emphasis will be placed on personal skills.
Target degree: Doctoral degree
Information regarding admission and employment
Only those admitted to postgraduate education may be employed as a doctoral student. The total length of employment may not be longer than what corresponds to full-time doctoral education in four years’ time. An employed doctoral student can, to a limited extent (maximum 20%), perform certain tasks within their role, e.g. training and administration. A new position as a doctoral student is for a maximum of one year, and then the employment may be renewed for a maximum of two years at a time. In the case of studies that are to be completed with a licentiate degree, the total period of employment may not be longer than what corresponds to full-time doctoral education for two years.
As a doctoral student, you are entitled to a workplace with many employee benefits and monthly salary according to KTH’s Doctoral student salary agreement. Read more about Doctoral studies (PhD) | KTH | Sweden.
Union representatives
Contact information for union representatives.
Doctoral Student’s network (Students’ union on KTH Royal Institute of Technology)
Contact information for PhD chapter.
To apply for the position
Apply for the position and admission through KTH’s recruitment system. It is the applicant’s responsibility to ensure that the application is complete in accordance with the instructions in the advertisement.
Applications must include the following elements:
- Copies of diplomas and grades from previous university studies and certificates of fulfilled language requirements (see above). Translations into English or Swedish if the original document is not issued in one of these languages.Copies of originals must be certified.
- CV including your relevant professional experience and knowledge.
- Application letter with a brief description of why you want to pursue research studies, about what your academic interests are and how they relate to your previous studies and future goals. (Maximum 2 pages long)
- Representative publications or technical reports. For longer documents, please provide a summary (abstract) and a web link to the full text.
Applications must be received at the last closing date at midnight, CET/CEST (Central European Time/Central European Summer Time).
Other information
It may be the case that a position at KTH is classified as a security-sensitive role in accordance with the Protective Security Act (2018:585). If this applies to the specific position, a security clearance will be conducted for the applicant in accordance with the same law with the applicant’s consent. In such cases, a prerequisite for employment is that the applicant is approved following the security clearance.
We firmly decline all contact with staffing and recruitment agencies and job ad salespersons.
Disclaimer: In case of discrepancy between the Swedish original and the English translation of the job announcement, the Swedish version takes precedence.