[TYPES/announce] Postdoc position: verified timing-channel security for seL4

[Toby Murray]

Postdoc position: verified timing-channel security for seL4

http://jobs.unimelb.edu.au/caw/en/job/900474/research-fellow-in-verified-operating-system-security

Applications close: February 25, 09:00 AM Australian Eastern Daylight
Time (AEDT; GMT +11)

Timing channels plague modern systems, undermining their security.
Yet no operating system provides provable protection against them.
We believe that seL4 can be the first kernel to meet this challenge [1],
building on its world-first proof of confidentiality enforcement [2]
and its unique mechanisms for implementing time protection [3].

The seL4 project is seeking a highly motivated postdoctoral
researcher to investigate methods for proving that operating system
kernels can defend against timing channels. We are seeking somebody
with a research background in formal methods and security.

You will contribute to the development of methods for reasoning about
timing channels in verified operating system kernels, applied to the
seL4 kernel. Your work will also investigate how to extend seL4’s
existing proofs of information flow security, which primarily cover
storage channels, to also encompass timing channels.

Further details about the research project are summarised in the
following position paper:

[1] Gernot Heiser, Gerwin Klein and Toby Murray.
"Can We Prove Time Protection?" in Proceedings of the
Workshop on Hot Topics in Operating Systems (HotOS),
pages 23-29, May 2019.
https://arxiv.org/abs/1901.08338

The position is for two years in the first instance, based at the
University of Melbourne under Dr Toby Murray
(https://people.eng.unimelb.edu.au/tobym/).  You will work with a
close-knit team here at University of Melbourne, and collaborate
heavily with UNSW and Data61’s Trustworthy Systems group, in Sydney.

Candidates should have experience in at least one of the following:
 - program verification (e.g. Hoare logic)
 - information flow security (e.g. non-interference)
 - interactive theorem provers (e.g. Isabelle, Coq, etc.)

Applications close on February 25, 09:00 AM Australian Eastern Daylight
Time (AEDT; GMT +11)

To apply, or fore more information, visit:

http://jobs.unimelb.edu.au/caw/en/job/900474/research-fellow-in-verified-operating-system-security

Informal enquiries should be directed to
  Toby Murray
  toby.murray at unimelb.edu.au
  https://people.eng.unimelb.edu.au/tobym/

References

[1] Gernot Heiser, Gerwin Klein and Toby Murray.
"Can We Prove Time Protection?", HotOS 2019

[2] Toby Murray, et al.
"seL4: From General Purpose to a Proof of Information
Flow Enforcement", IEEE Symposium on Security and Privacy 2013

[3] Qian Ge, Yuval Yarom, Tom Chothia, Gernot Heiser.
"Time Protection: The Missing OS Abstraction", EuroSys 2019