RESEARCH STAFF - ENFORCEMENT OF SECURE PROGRAMMING GUIDELINES (M/F/D)

fortiss is the research institute of the Free State of Bavaria for the development of software-intensive systems with headquarters in Munich. The scientists at the institute cooperate in research, development and transfer projects with universities and technology companies in Bavaria, Germany and Europe. The focus is on research into state-of-the-art methods, techniques and tools for the development of software- and AI-based technologies for dependable, secure cyber-physical systems such as the Internet of Things (IoT). fortiss is organized in the legal form of a non-profit limited liability company. Shareholders are the Free State of Bavaria (majority shareholder) and the Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. www.fortiss.org
 
We are looking for a new team member in the GuideForce project, starting as soon as possible. This positon is for one year with the possibility of extension.

The GuideForce project aims at developing tools for the automatic enforcement of secure programming guidelines for Java. It combines ideas from type systems and abstract interpretation to develop a scalable analysis method. While guidelines for secure programming are the first use-case, other applications are of interest too. At the present stage, the project focuses on the extension of an existing method for enforcing programming guidelines to handle more features of Java, such as reflection, concurrency, generic types and higher-order features. Another goal is to develop practical applications of the method, such capturing various kinds of guidelines from different application areas, in particular security, improving the implementation in a tool and assessing the practicability and scalability of the approach under real-world conditions. We expect to employ these tools in a future project in anionic systems with our industrial partners.
 

Research Staff - Enforcement of Secure Programming Guidelines (m/f/d)
 

____________
Your tasks:

  • Implementing an existing analysis method in a tool
  • Developing practical applications of the method: Capture various kinds of security guidelines and assess the practicability and scalability of the approach under real-world conditions
  • Demonstrating the developed tools to industrial partners
  • Contributing to other aspects of research in the GuideForce project, depending on the applicant's interests
  • Integrating into the GuideForce group
 

____________
Your profile:

  • You hold a M.Sc. or equivalent in Computer Science (a Ph.D. is a plus)
  • Excellent programming skills in Java
  • Experience in one of the following areas is a plus: compiler construction, security, static program analysis, type systems and logic, implementation of programming languages
  • Excellent communication skills in English, basic skills in German are a plus, but not required


____________
Our offer:

  • An „open space“ organizational culture that allows you to learn and apply competencies as well as to take on responsibilities in different areas in a wide network of government and industry partners
  • A dynamic work environment with highly qualified and motivated colleagues
  • Opportunities for personal and professional development
  • A salary according to the public service labor agreement at the federal state level (Tarifvertrag für den Öffentlichen Dienst der Länder / TV-L)


____________
Did we catch your interest?

Please submit your application with a motivational statement, a detailed CV and a current transcript of records 



Job-ID: SafSec-GuideF-MA-01-2020

Contact: Dr. Ulrich Schöpp