PhD Position: Explainable AI for Software Vulnerabilities (2 positions)

Are you an aspiring researcher passionate about software engineering with a strong interest in real-world industrial applications? Are you interested in ground-breaking research on security vulnerabilities and explainable AI that will help software engineers identify, fix and understand software bugs more efficiently? If so, you have a key role to play as a PhD candidate in the Find2Fix project!

Software errors and vulnerabilities, or bugs, consume significant time and resources from software engineers. Several solutions have been implemented, from memory-safe programming languages to coding assistants designed to help developers write safer, more efficient and maintainable code. Despite this, developers continue to develop buggy code, often without fully understanding the root causes or how to effectively fix them.

In the Find2Fix: Reducing Software Errors using Transparent AI project, we engineer the first open-source tool for the entire process from software error discovery to mitigation based on security testing and model inference (PhD1) and explainable AI (PhD2) technology. Your main responsibilities as a PhD candidate will be to conduct cutting-edge research within the Find2Fix project. Your research will be published and presented at international AI, software engineering and security venues.

The first position, supervised by Erik Poll and Harald Vranken, explores the combination of security testing, such as fuzzing or other techniques for static (SAST) and dynamic (DAST) analysis, with model inference using Sicco Verwer's FlexFringe tool. This tool maps execution traces to automata that model software behaviour, which can then be used to analyse security flaws.

The second position, supervised by Mairieli Wessel and Frits Vaandrager, focuses on explaining the root cause of already identified bugs and why a suggested fix works, tailoring explanations to the varying contexts and needs of software engineers. You will research and apply explainable AI techniques, engaging with software engineers via case studies, interviews and other empirical methods to better understand their perspectives, and refine and evaluate the quality of the explanations.

As a PhD candidate, you will be part of a dynamic and collaborative research group. The Find2Fix project is a joint initiative involving two industrial partners - ASML and dCodis (a startup). Alongside the rest of the team, you will contribute to developing demonstrators for the Find2Fix technology at our industrial partners. This project fosters a close collaboration between Radboud University and TU Delft, where two additional PhD students will also work on Find2Fix under the supervision of Dr Sicco Verwer, Dr Annibale Panichella, and Dr Sebastijan Dumančić.

Your teaching load will be up to 10% of your working time.

Would you like to learn more about what it’s like to pursue a PhD at Radboud University? Visit the page about working as a PhD candidate.

• You hold an MSc or equivalent degree in computer science, artificial intelligence, mathematics, or a closely related field, or expect to obtain such a degree this academic year.
• You enjoy working both independently and as part of a team.
• You are proficient in English and have good communication, presentation and writing skills.
• While previous knowledge of software engineering and security and programming skills are beneficial, the willingness to learn and extend your knowledge in these areas is more important.

If you have not yet fully completed your Master's degree but are excited about this position, please do not hesitate to apply or to contact Dr Mairieli Wessel.

• We will give you a temporary employment contract (1.0 FTE) of 1.5 years, after which your performance will be evaluated. If the evaluation is positive, your contract will be extended by 2.5 years (4-year contract).
• You will receive a starting salary of €2,901 gross per month based on a 38-hour working week, which will increase to €3,707 in the fourth year (salary scale P).
• You will receive an 8% holiday allowance and an 8,3% end-of-year bonus.
• We offer Dual Career Coaching. The Dual Career Coaching assists your partner via support, tools, and resources to improve their chances of independently finding employment in the Netherlands.
• You will receive extra days off. With full-time employment, you can choose between 30 or 41 days of annual leave instead of the statutory 20.

Work and science require good employment practices. This is reflected in Radboud University's primary and secondary employment conditions. You can make arrangements for the best possible work-life balance with flexible working hours, various leave arrangements and working from home. You are also able to compose part of your employment conditions yourself, for example, exchange income for extra leave days and receive a reimbursement for your sports subscription. And of course, we offer a good pension plan. You are given plenty of room and responsibility to develop your talents and realise your ambitions. Therefore, we provide various training and development schemes.

The positions are available in the Software Science and Digital Security groups at the Institute for Computing and Information Sciences (iCIS), Radboud University. The research will be conducted under the supervision of Dr Erik Poll, Prof. Frits Vaandrager, Prof. Harald Vranken, and Dr Mairieli Wessel. We offer joining a fun and diverse group that maintains a range of international cooperations.

You can apply only via the button below. Address your letter of application to Mairieli Wessel. In the application form, you will find which documents you need to include with your application.

The first interviews will take place in the week of 12 May. You will preferably start your employment on 1 August 2025.

We can imagine you're curious about our application procedure. It describes what you can expect during the application procedure and how we handle your personal data and internal and external candidates.