Secure and High-Performance Dynamic Program Analysis for WebAssembly

Secure and High-Performance Dynamic Program Analysis for WebAssembly

Published Deadline Location
26 Nov 14 Mar Amsterdam
PhD Position: Secure and High-Performance Dynamic Program Analysis for WebAssembly.

Job description

Are you interested in building the next-generation of secure and high-performance software systems based on WebAssembly? Are you passionate about software performance and want to work on cutting-edge JIT compilation techniques? Are you excited about software security and runtime mitigation techniques? Do you like to build real software systems? Do you want to work with ambitious colleagues at the intersection of WebAssembly runtimes and software security in the exciting city of Amsterdam? Then we are eager to get to know you. Please apply for a Ph.D. position at Vrije Universiteit Amsterdam.

WebAssembly (Wasm) is reshaping web and cloud applications by enabling near-native performance and sandboxed execution. WebAssembly offers a promising platform for executing code safely in untrusted environments, but achieving both high performance and strong security in Wasm continues to be a challenging endeavor. This Ph.D. project will investigate dynamic program analysis techniques to analyze, optimize, and secure WebAssembly runtimes, focusing on runtime profiling, dynamic instrumentation, and security vulnerability detection.

Research Focus:
The successful candidate will conduct research at the intersection of performance optimization, security, and dynamic program analysis within WebAssembly runtimes. Key aspects of the research include:
  • Dynamic Program Analysis for Performance: The project will investigate how dynamic program analysis techniques, such as profiling, tracing, and runtime instrumentation, can be used to monitor the behavior of WebAssembly code as it executes. This includes the development of tools to gather runtime performance data, such as memory usage, execution time, and instruction throughput, and the use of such data to identify performance bottlenecks. By integrating dynamic analysis with existing Wasm runtimes, the candidate will work on innovative optimization strategies to enhance the performance of WebAssembly execution engines such as V8 or Wasmer. Areas of interest will include JIT compilation, Ahead-of-time (AOT) compilation, and memory management.
  • Dynamic Instrumentation for Security: Dynamic program analysis can also be applied to improve the security of Wasm runtimes. This includes using dynamic instrumentation to detect vulnerabilities, such as buffer overflows, memory leaks, or unintended data flows during runtime (taint tracking). The Ph.D. candidate will explore how to dynamically instrument Wasm code to track sensitive data, enforce security policies, and identify potential attack vectors, such as side-channel attacks or sandbox escapes, as they arise during execution. Developing dynamic monitoring tools that can continuously assess and enforce security properties at runtime will be a key component of the project. Areas of interest will include the analysis of large-scale real-world WebAssembly applications in domains such as edge devices, cloud environments, and internet-of-things applications to identify and prevent software vulnerabilities under different workloads and security constraints.

Specifications

Vrije Universiteit Amsterdam (VU)

Requirements

We are looking for a highly motivated and independent candidate with the following qualifications:
  • A Master’s degree (or equivalent) in Computer Science or related areas, with excellent grades.
  • Strong background in systems programming and performance optimizations.
  • Proficiency in programming languages such as C/C++, Rust, and/or Java.
  • Strong background in computer security. Knowledge of vulnerabilities and security flaws would be a plus.
  • Ideally, previous experience with compiler technologies (e.g., LLVM, CraneLift, or JIT compilation in language VMs such as the JVM or JavaScript engines).
  • Familiarity with WebAssembly and Wasm runtimes (e.g., Wasmer, Wasmtime, V8, etc.) is desirable, but not essential.
  • Experience in analyzing and optimizing runtime performance or detecting security vulnerabilities in code is a plus.
  • A passion for tackling fundamental challenges in computer security and performance engineering.
  • Strong analytical and problem-solving skills, as well as the ability to work both independently and as part of a collaborative research team.
  • Good communication skills, with a strong command of English (both written and spoken).

The Ph.D. will be jointly supervised by Assistant Professors Dr. Daniele Bonetta (Language Runtimes) and Dr. Mengyuan Zhang (Software Security). The project will be carried out in collaboration with experts from academia and industry in domains such as language runtimes, dynamic program analysis, and software security.

As a university, we strive for equal opportunities for all, recognising that diversity takes many forms. We believe that diversity in all its complexity is invaluable for the quality of our teaching, research and service. We are always looking for talent with diverse backgrounds and experiences. This also means that we are committed to creating an inclusive community so that we can use diversity as an asset.

We realise that each individual brings a unique set of skills, expertise and mindset. Therefore we are happy to invite anyone who recognises themselves in the profile to apply, even if you do not meet all the requirements.

Conditions of employment

Fixed-term contract: 18 months.

A challenging position in a socially engaged organisation. At VU Amsterdam, you contribute to education, research and service for a better world. And that is valuable. So in return for your efforts, we offer you:
  • a salary of minimum € 2.872,00 (PhD) and maximum € 3.670,00 (PhD) gross per month, on a full-time basis. This is based on UFO profile PhD candidate. The exact salary depends on your education and experience.
  • a position for at least 0.8 FTE. Your employment contract will initially last 18 months. After a satisfactory evaluation of the initial appointment, the contract will be extended to a total duration of 4 years.

We also offer you attractive fringe benefits and regulations. Some examples:
  • A full-time 38-hour working week comes with a holiday leave entitlement of 232 hours per year. If you choose to work 40 hours, you have 96 extra holiday leave hours on an annual basis. For part-timers, this is calculated pro rata.
  • 8% holiday allowance and 8.3% end-of-year bonus
  • solid pension scheme (ABP)
  • contribution to commuting expenses
  • optional model for designing a personalized benefits package

Employer

Vrije Universiteit Amsterdam

Department of Computer Science
The VU Department of Computer Science has approximately 200 staff members, including 35 tenured staff members and 110 PhD students. The department comprises 14 research groups that collaborate on six key themes: Artificial Intelligence, Bioinformatics, Computer Systems, User-Centric Data Science, Software and Sustainability, and Theoretical Computer Science. The PhD candidate will join the Computer Systems research section of the VU, and will be jointly supervised by Assistant Professors Dr. Daniele Bonetta (Language Runtimes) and Dr. Mengyuan Zhang (Software Security)

Faculty of Science
Researchers and students at VU Amsterdam’s Faculty of Science tackle fundamental and complex scientific problems to help pave the way for a sustainable and healthy future. From forest fires to big data, from obesity to malnutrition, and from molecules to the moon: we cover the full spectrum of the natural sciences. Our teaching and research have a strong experimentally technical, computational and interdisciplinary nature.

We work on new solutions guided by value-driven, interdisciplinary methodologies. We are committed to research, valorisation and training socially engaged citizens of the world who will make valuable contributions to a sustainable, healthy future.

Are you interested in joining the Faculty of Science? You will join undergraduate students, PhD candidates and researchers at the biggest sciences faculty in the Netherlands. You will combine a professional focus with a broad view of the world. We are proud of our collegial working climate, characterised by committed staff, a pragmatic attitude and engagement in the larger whole. The faculty is home to over 11,000 students enrolled in 40 study programmes. It employs over 1,600 professionals spread across 10 academic departments.

Vrije Universiteit Amsterdam
Vrije Universiteit Amsterdam stands for values-driven education and research. We are open-minded experts with the ability to think freely - a broader mind. Maintaining an entrepreneurial perspective and concentrating on diversity, significance and humanity, we work on sustainable solutions with social impact. By joining forces, across the boundaries of disciplines, we work towards a better world for people and planet. Together we create a safe and respectful working and study climate, and an inspiring environment for education and research. Learn more about our codes of conduct

We are located on one physical campus, in the heart of Amsterdam's Zuidas business district, with excellent location and accessibility. Over 6,150 staff work at the VU and over 31,000 students attend academic education.

Diversity
Diversity is the driving force of the VU. The VU wants to be accessible and receptive to diversity in disciplines, cultures, ideas, nationalities, beliefs, preferences and worldviews. We believe that trust, respect, interest and differences lead to new insights and innovation, to sharpness and clarity, to excellence and a broader understanding.

We stand for an inclusive community and believe that diversity and internationalisation contribute to the quality of education, research and our services.

We want to develop talent and creativity by bringing together people from different backgrounds and cultures. We recruit and select based on competencies and talents. We therefore encourage anyone who recognizes themselves in a vacancy, regardless of age, gender, origin, religion, philosophy of life, orientation, disability or chronic illness, to respond. Candidates with a jobs agreement indication (“doelgroepregistratie”) will be given priority if suitable. For these candidates applies:
  • A PhD candidate with a registration (“doelgroepregister”) may apply for a minimum of 0.7 fte
  • An extra supervisor is available for PhD students with target group registration and their supervisors.

Additional information

Are you interested in this position and do you believe that your experience will contribute to the further development of our university? In that case, we encourage you to submit your application and upload your curriculum vitae, list of Master's grades, and cover letter until March 14th, 2025.

Applications received by e-mail will not be considered.

Acquisition in response to this advertisement is not appreciated.

Specifications

  • PhD
  • Engineering
  • €2872—€3670 per month
  • University graduate
  • 4425

Employer

Vrije Universiteit Amsterdam (VU)

Learn more about this employer

Location

De Boelelaan 1111, 1081HV, Amsterdam

View on Google Maps

Interesting for you