The GSSI Gran Sasso Science Institute (recently ranked the first computer science department in the Italian evaluation exercise), along with the main Italian Universities and research institutes, is partner of the National Ph.D. Programs launched by the Italian Ministry of University and Research. 


PhD in Cybersecurity coordinated by IMT Lucca 

The computer science department of the GSSI is partner of the PhD programme of the new Italian National School on Cybersecurity. The school is coordinated by IMT Lucca and includes several research institutions  and industrial partners. The school aims to form researchers in cybersecurity providing them with multidisciplinary background and skill based on 4 curricula:

The scholarship supported by GSSI is about the use of formal modelling and analysis of human behaviour that makes critical assets vulnerable. For instance, people may ignore well-specified practices due to negligence, lack of appreciation of the security risks, or misunderstandings (eg, about when or how should a rule be applied). Also, protocols and legal requirements may change over time and their compliance may be compromised by miscommunications.


The project at GSSI (Contact: Emilio Tuosto, email: emilio.tuosto@gssi.it)

Our ambition is the realisation of a framework for testing security and Quality-of-Service (QoS) properties in Ethernet Consist Networks (ECNs) which are an emerging technology for on-board communication on trains subject to stringent security and QoS requirements. The main goals of this research are:

1) to develop a verification framework to evaluate security properties of ECNs;

2) to assess the security of ECNs against common attacks such as spoofing, reply, and man-in-the-middle attacks;

3) to develop a framework for the verification of QoS properties of ECNs;

4) to assess how ECNs guarantee QoS depending on the kind of traffic such as data traffic, vocal traffic, or video traffic.

Research plan: The activities will be executed in two main phases:

1: Development. This phase will focus on identifying the requirements, design, and implement a prototype verification framework. We foresee that the framework will integrate several testing techniques such as static analysis of source code, testing (test fuzzing, simulation, scenario-based testing, property-based testing), as well as of runtime verification (e.g., runtime monitoring).

2: Validation. The framework will be validated on standard attacker models, and typical QoS requirements.

The interaction with Cleverynext,  an industrial partner leader in the railways sector,  is crucial for the project. Cleverynext will provide access to their infrastructure and to the software and firmware of their devices. If needed, Cleverynext will also provide real data obtained by deployed systems. The PhD student will have the opportunity to spend research periods at Cleverynext and interact with their staff.


Application site: https://pica.cineca.it/imtlucca/imtlucca-phd-cyber-2024/

Further information: https://cysec.imtlucca.it