PhD Perspectives The case of Software Engineering, Secuirty and lookalikes Wouter Joosen ESSoS Doctoral Symposium February 27, 2013
DistriNet Scope Part I My context and background
DistriNet Research focus Distributed Software Secure Software Software that enables autonomic self- management of distributed Software systems architectures All software layers: Programming language technologies middleware -> reasoning Languages systems / platforms Software Engineering Applications: Program verification techniques Future Software internet, architectures, Internet Security of Things/ services Aspect-oriented Services, software the Cloud development, Security middleware Software verification Security for low-level system software Partly in support for other themes
Research About 30-35 Projects funded projects: Fundamental research at the core (e.g. GOA TENSE: Secure Software; GOA ADDIS: Distributed Software) Strategic basic research for industry Applied research (often with industry) Contract research Interplay between theory and applications Applied research on societally essential themes: E-health, logistics, telematics, e- finance
DistriNet Organization
Position within dept. of Computer Science Dept. Of Computer Science Num. Anal. And Appl. Math. (10 ZAP) Informatics (26 ZAP) DistriNet DTAI HCI CODes (10 ZAP) (9 ZAP) (3 ZAP) (2 ZAP) Secure Software (6 ZAP) Distributed software (4 ZAP) Embedded & Ubiquitous Systems Multi Agent Systems Language Technology & Middleware Network Software 6
Task forces in the research group (headcount 80) Secure Software TF Distributed Software TF Research Manager/Expert 7 Faculty Project Office
A full spectrum of research activities Demand-driven research in synergy with fundamental, basic, and collaborative research Fundamental research Basic research Collaborative research Ready-tomarket Up to the offering of value-added services o o o To sense needs in the market and spot market opportunities To understand and monetize valorization potential of internal expertise To test sustainability of specific services 8
DistriNet is part of the iminds Security Department Security, Privacy and Trust of E-* www.iminds.be a strategic research center in Flanders 9
Aggregating three (KUL) research labs: Security United Security research a strong tradition in Flanders ICRI Legal Engineering COSIC Cryptographic Engineering DistriNet Secure Software Engineering 10
Field of expertise Web Security
PI s and DistriNet research experts, managers Prof. Bart Preneel Prof. Claudia Diaz Prof. Vincent Rijmen Prof. Wouter Joosen Prof. Yolande Berbers Prof. Dave Clarke Prof. Jos Dumortier Prof. Peggy Valcke Prof. Ingrid Verbauwhede Prof. Bart De Decker 2 postdocs Prof. Tom Holvoet 7 postdocs Dr. Lieven Desmet 15+ junior researchers 40+ junior researchers Prof. Danny Hughes Dr. Sam Michiels Prof. Christophe Huygens Dr. Ricc Scandariato Prof. Bart Jacobs Prof. Frank Piessens Prof. Eric Steegmans Dr. Bert Lagaisse Dr. Davy Preuveneers Dr. Dimitri Van Landuyt 15 postdocs 50+ junior researchers 1/03/2013 12
An International Research Department Non-EU 24% Other EU 24% Belgium 52% Australia Austria Argentina Armenië Belgium Brazil Bulgaria China Croatia Estonia France Germany Greece Guatemala Hungary India Iran 33 nationalities Israel Italy Japan Kenia the Netherlands Pakistan Panama Poland Portugal Russian Federation Serbia Spain Syria Turkey UK USA (Last count: 19/06/2012)
Security, Privacy & Trust of E-* E-Health E-Media E-banking E-Logistics E-Voting E- Future Internet Applications (E-*) Security Privacy Trust
What does it mean for PhD students? Part II
(1) What is a PhD? A PhD A PhD student A PhD graduate
Not that hard
(2) What is the method? Problem statement State-of-the-art Solution, refined and improved Validation Publication Each activity taking a fair share (20%)
(3) Is it cheap? NO! Funding is sometimes hard to obtain And funding introduces constraints
LESSONS LEARNED @KUL: graduated > 20 PhD students as (co-)promoter Abroad: in jury of > 10 PhD students
Misconceptions (top 5) 1. You are free? 2. You mainly are a student? 3. You report to a boss? 4. You work on your (own) research? 5. You follow standard procedure? No, No, No, No and No
Pitfalls (top 3) Being selfish in stead of generous Shopping the (least demanding) rules and requirements Focus on bureaucracy (are we talking personality?)
The key instrument Work on relationships!!!
What really helps (oxygen top 5) 1. The coach 2. The team, the working environment 3. Your mobility 4. The conferences and communities 5. The applications, the stakeholders owning the applications
Key skills (top 5) Autonomy and independence hard to catch and understand Pro-active communication Frequency of written communication (there always is a next deadline), quality of problem statement Open mind Reliability in partnership, collaboration
The key issues from the perspective of the supervisor: (1) diversity is essential Examples: Broadly defined domain vs. specific research question Time frame before the first result Frequency of communication/publication Impact and relevance of validating case study
(2). Validation, validation, validation Empirical research o Especially now in SE methods Performance and benchmarking o Especially in secure systems and applications Formalization o In languages, protocols and verification Application case studies
The (additional) Trend Valorization, go to market, industry relevance etc. o This is not that bad (a.o. for your career) In any case: value for money for the sponsor is essential
Never forget the bigger picture Of your life (Part III)
PhD-students
Why?
20+??
Learn
40+??
Impact
Now IIY
Invest In Yourself as a professional Thank you.