Position on Efficient and Reliable Run-Time Monitoring and Enforcement (Ph.D.)


Run-time monitoring is a dynamic program analysis technique. In comparison to static program analysis, run-time monitoring has multiple advantages, including the possibility to achieve better precision due to the knowledge of actual values such as inputs to a system. If run-time monitoring is combined with enforcement mechanisms then this creates the possibility to alter the behavior of a target program on the fly and, thereby, to avoid policy violations. However, there are also disadvantages. Since run-time monitoring tracks the behavior of a target program while it is running, it is unavoidable that some overhead is induced (delays and memory usage). For applying run-time monitoring and enforcement, it is crucial to keep the overhead induced by this technology within acceptable limits and, hence, effective performance optimizations are desirable.

To reduce the overhead, run-time monitoring frameworks usually feature combinations of multiple optimizations. However, these are often developed in the context of one particular run-time monitoring tool. Optimizations for run-time monitoring, as a research field, yet lacks systematization. By studying the effectiveness of individual optimizations and the pros and cons of possible combinations of such optimizations systematically, we want to improve the understanding of the effectiveness of optimizations for run-time monitoring and enforcement, and we want to employ this deepened understanding for arriving at better optimization techniques.

The Position

In this position, you will study the performance overhead of dynamic program analyses and contribute to reducing this overhead. In your research, you will
  • experimentally evaluate the performance of existing run-time monitoring frameworks,
  • identify performance bottlenecks (time and memory) and develop solutions for reducing them,
  • integrate known optimization techniques into frameworks for run-time monitoring and enforcement and study their effectiveness experimentally,
  • develop novel optimization techniques for run-time monitoring and enforcement, and
  • contribute to maturing run-time monitoring and enforcement and to widening the application spectrum of this promising technology.
You are expected to contribute to teaching as a tutor for lectures/exercises and for lab courses.

Prior Skills and Experiences

You should
  • have good programming skills in at least one object-oriented programming language and be willing to become fluent in Java,
  • have already some experience in software-development projects,
  • be knowledgeable in systematic software engineering (requirement analysis&definition, architectural specification, documentation, testing, ...), and
  • be interested in improving the efficiency of run-time monitoring and enforcement while preserving its soundness.
In addition, any of the following skills would be helpful (but they are no prerequisites for applying):
  • knowledge of dynamic and/or static program analyses,
  • competences in low-level languages (e.g., C), byte-code languages, or machine languages,
  • competences in IT security,
  • competences in formal methods and/or program semantics, and
  • experience with performance analyses.
Moreover, you should be highly motivated to tackle challenging research problems, to produce innovative insights and tools, to strive for international visibility as a researcher, and be open minded. You need good language skills in English (writing and talking). Prior knowledge of the German language is not expected, but you should be willing to obtain basic skills within a year.

Formal Prerequisites

What we offer

How To Apply

The Environment

A A A | Print | Imprint | Sitemap | Contact
zum Seitenanfang