The newly created KTH Centre for Cyber Defense and Information Security, and the CASTOR research centre, have launched cooperation via 3 new PhD thesis proposals.

In the following you can find short descriptions of them.

 


Verified System Software: A Synthesis-Based Approach

(with Roberto Guanciale and Mads Dam)

The past decade or so has seen impressive progress in the area of
formally verified low level software. However, the verification cost it
still large. Finding ways of reducing this cost gap is therefore urgent.
We propose automated program synthesis as a possible solution.
In particular we aim to eliminate manual refinement, implementation, and
compilation of low level software that must preserve security invariant.
Applications include various types of real-time applications, kernel
functionality, and device drivers and we expect to completely synthesize
a non-trivial microkernel for a contemporary high-performance processor
architecture such as RISC-V.

 


 

Secure IoT Dashboard

(with Marcus Birgersson, Cyrille Artho, Musard Balliu)

Modern military operations are becoming increasingly complex, multifaceted, and unpredictable. As technological capabilities advance, more pressure is put on commanders to assess and take action in increasingly dynamic environments and restricted timeframes. In the foreseeable future, military systems will be increasingly connected; modern command centers will provide battlefield analytics using a dashboard-like view of military units of various types and sizes.
Recent initiatives like Internet of Battlefield/Military Things (IoMT) aim at developing such applications in logistics, smart bases, and data warfare. By integrating information from different data sources into existing military infrastructures, the military can become more efficient and effective. The goal of this project is to investigate the secure and robust integration of information collected by IoMT devices. This integration will be the base for a secure middleware, which is then used to create a high-assurance IoT dashboard with strong integrity, confidentiality and availability guarantees.

 


 

Self-learning Systems for Cyber Defense

(with Kim Hammar, Rolf Stadler)

A growing problem in system security stems from the fact that both attack methods and target systems constantly evolve: on the one hand attacks increase in sophistication over time, on the other hand target systems keep changing due to functional upgrades and innovation. As a consequence, a defender must constantly adapt and improve the target system in order to remain effective, which imposes an increasing burden on system designers and operators. The goal of this project is to study, develop, and demonstrate strategies that will automate the defender’s task and keep a system secure in a changing environment. To this end, the project will investigate various approaches for self-learning systems that produce ever better defender strategies. The research will adopt an adversarial approach, based on reinforcement learning, genetic algorithms, or game theory, whereby the strategies of simulated attackers and defenders co-evolve without human intervention.