<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-15">
</head>
<body>
<div class="moz-text-html" lang="x-unicode"><span style="font-size:
14.000000pt; font-family: 'Calibri'; font-style: italic"
class="">Postdoc position in Artificial Intelligence </span>
<p><font size="+1"><b>Security hardening based on multi-agent
system verification in the context of the connected car
infrastructure<br>
</b></font></p>
<p><span style="font-size: 12.000000pt; font-family:
'TimesNewRomanPS'; font-weight: 700" class="">Keywords:
Security, Formal Verification, Model Checking of Multi-Agent
Systems, Security Risk Management, Attack Modelling </span><br>
</p>
<p><b>Description</b><br>
</p>
<p>Recently, classic verification approaches such as model
checking have been extended to handle multi-agent systems. These
are systems that encapsulate the behavior of two or more
rational agents interacting among them in a cooperative or
adversarial way, aiming at a designed goal. In system security
checking, a malicious attack can be seen as an attempt of an
intruder to gain unauthorized access to a resource or as an
attempt to compromise the system integrity. The envisioned
approach is: given an attack model of the system (such an attack
graph), to model the interactions between the attacker &
defender as a game on this attack model and use multi-agent
system verification techniques to determine optimal defense
strategies.<br>
</p>
<p><b>Goals</b></p>
<p>The global objective of this postdoc is the use of methods and
tools for security hardening in the context of the connected car
infrastructure based on a formal verification approach.<br>
<br>
Some of the challenges of this postdoc will be to answer to the
following questions:<br>
</p>
<ul>
<li>How can we select security counter-measures ensuring the
best trade-off between security level achieved and other
constraints?</li>
<li>How can we capture the dynamic between the attacker and the
defender?</li>
<li>How can we integrate these decision support tools in the
classical risk management process such as defined by the
ISO/IEC 27005 without redefining it completely?<br>
</li>
</ul>
<p> </p>
<p><b>Profile and skills required</b></p>
<p>- PhD in computer science, mathematics, or related fields.<br>
- Strong computer science and/or mathematical background (with
particular attention on formal methods, logic, and security).<br>
- Good programming skills.<br>
- Good level in written and spoken English.<br>
</p>
<p><b>How to apply</b><br>
</p>
If you are interested you can apply by sending your CV and
motivation letter to: <a class="moz-txt-link-abbreviated"
href="mailto:jean.leneutre@telecom-paris.fr">jean.leneutre@telecom-paris.fr</a>
and <a class="moz-txt-link-abbreviated"
href="mailto:vadim.malvone@telecom-paris.fr">vadim.malvone@telecom-paris.fr</a><br>
</div>
<div class="moz-text-html" lang="x-unicode"><br>
</div>
<b>Deadline for application submission:</b> October 29, 2021.
</body>
</html>