PhD/Researcher position: Privacy Engineering through Source Code Analysis

You share our concern for privacy and interest in privacy engineering, and you have:a master in computer science (or equivalent)affinity for model-based analysisan analytical mind and capability of design-centric thinkingtechnical/practical implementation skillsand fluent English written and oral communication skillsThreat modeling is a crucial element of the “shift-left” approach, which emphasizes addressing cybersecurity and privacy issues early in the development process for both new and existing digital systems and services. LINDDUN (https://linddun.org/) is an acclaimed privacy threat modeling approach that builds on 10+ years of research experience within DistriNet. As a member of the research team focused on security & privacy threat modeling and threat mitigation, you will contribute to the advancement, validation, and creation of tooling related to the LINDDUN Privacy Threat Modeling framework. The available work and results from the LINDDUN project serve as a major steppingstone for your work.Within our research group, a team of researchers is dedicated to privacy threat analysis using the LINDDUN framework. We actively address challenges related to privacy analysis and risk assessment, as well as privacy-by-design throughout the software development life cycle. We apply our findings through case studies across innovative and challenging application domains, such as e-health, industry 4.0, e-finance, e-media, e-government and the Internet-of-Things, with active participation in European and Flemish research projects. Given that many software projects start from existing codebases, there is a strong need to integrate and consider this pre-existing context in future privacy (and security) threat analyses.However, architectural documentation is frequently lacking, leading to a large upfront cost to recreate this documentation for use in threat modeling. This research track tackles this challenge by investigating and leveraging source code analysis to address this problem.When you join us, you will be contributing to our ongoing and upcoming research activities related to LINDDUN across a variety of topics of interest, including: code analysis and model reconstructioncode annotationsprivacy threat elicitation and documentationadvanced tooling and automation approaches in support of threat analysis(domain-specific) reference applications, exemplar and validation cases of threat analysisassessment of privacy risk in concrete systems and informed by software and system architecturemanagement and mitigation of privacy risk, in the design and development of privacy-preserving systems, the use and furthering of privacy-enhancing technologies (PETs)DistriNet is a leading research group specializing in secure and distributed software, embedded in the KU Leuven Department of Computer Science. With over 100 researchers, including 15 full-time professors, the group excels in systems-centric, application-driven research, often collaborating closely with industry. DistriNet's expertise has led to the creation of multiple spin-off companies. The group focuses on Secure Software and Systems, encompassing applications, services, middleware and systems, infrastructures, methods, and tools. Their research is applied to innovative case studies in e-health, industry 4.0, e-finance, e-media, and e-government.Are you passionate about privacy and enjoy diving into code? Join our team as a privacy researcher and contribute to driving innovative solutions that leverage source code for privacy threat modeling analysis. As a PhD candidate in this research track, you’ll play a crucial role in advancing privacy engineering practices. You will explore, investigate, and analyze techniques for architectural reconstruction to create the relevant models for privacy threat analysis. Your work will have an impact on cost-effective development practices, as well as enable seamless integration with contemporary development practices and CI/CD automation.We offer a full-time position as researcher, with or without a PhD trajectory in computer science:you will join a supportive and collaborative team in which you can develop know-how and expertise in state-of-the-art technologiesyou will have the opportunity to build up research and innovation skills that are essential for a future career in academia or in industryyou will work in a multicultural working environment at the KU Leuven High Tech Campus