Analysing Security and Reliability Effects of Mutations in Communication Protocols
PhDs and postgraduate research
Self-funded PhD students only
School of Computing
Applications accepted all year round
The work on this project will:
- Define a model of mutations in communication protocols, and construct analysis algorithms that capture the safety and security effects of those mutations
- Demonstrate soundness and completeness of the model with respect to pre-defined classes of safety and security properties
- Validate the results of the model and algorithms using an industrial IoT case study
Mutation testing and analysis is concerned with the introduction of single faults (or errors) into a system's design, specification, implementation or interface and then testing or analysing the effects caused by those faults or errors on the system's properties and behaviour. Such faulty entities are called mutants. In communication protocols, mutants can be used to identify whether a protocol’s implementation may deviate from the standard defining that protocols. Despite the fact that mutation testing and analysis has a wide scope of research in areas related to systems testing and analysis, its application using formal specification and verification methods has remained somehow limited over the years.
This project will aim at defining how mutations could be used as a technique in formally understanding whether faulty implementations of protocols in critical systems can pass as correct implementations in relation to the standards defining those systems. For example, it is well-known that implementing a standard encryption function by an XOR-based function weakens the resulting implementation. Similarly, a protocol’s quality of service level sometimes may be as weak as to allow for lossy communications, however, such definition may result in implementations that deny a service altogether while still adhering to the protocol’s standard specification. The theoretical framework will consider as a use case IoT protocols, such as MQTT and CoAP, and their implementation within industrial IoT systems, such as the Hermes electronic board system.
The outcome of this 3-year project will be a model and theory that define mutations in communication (particularly IoT) protocols, and construct analysis algorithms that capture the effects of those mutations in relation to safety and security properties. The project will use the case of industrial IoT systems as a validation case, where an industrial system will be modelled and analysed as a demonstration.
Fees and funding
Funding availability: Self-funded PhD students only.
PhD full-time and part-time courses are eligible for the UK Government Doctoral Loan (UK and EU students only).
2021/2022 fees (applicable for October 2021 and February 2022 start)
PhD and MPhil
Home/EU/CI full-time students: £4,500 p/a**
Home/EU/CI part-time students: £2,250 p/a**
International full-time students: £17,600 p/a*
International part-time students: £8,800 p/a*
PhD by Publication
External candidates: £4,407*
Members of staff: £1,720
All fees are subject to annual increase. If you are an EU student starting a programme in 2021/22 please visit this page.
*This is the 2020/21 UK Research and Innovation (UKRI) maximum studentship fee; this fee will increase to the 2021/22 UKRI maximum studentship fee when UKRI announces this rate in Spring 2021.
Some PhD projects may include additional fees – known as bench fees – for equipment and other consumables, and these will be added to your standard tuition fee. Speak to the supervisory team during your interview about any additional fees you may have to pay. Please note, bench fees are not eligible for discounts and are non-refundable.
You'll need a good first degree from an internationally recognised university or a Master’s degree in an appropriate subject. In exceptional cases, we may consider equivalent professional experience and/or qualifications. English language proficiency at a minimum of IELTS band 6.5 with no component score below 6.0.
- Interest in the following: theoretical computer science, testing, safety and security properties, Industrial IoT
- Good familiarity or interest in learning functional programming, e.g. Erlang or OCAML
- Analytical skills and knowledge of foundations of computer science
- Ability to think independently, including the formulation of research problems
- Strong verbal and written communication skills, both in plain English and scientific language for publication in relevant journals and presentation at conferences
How to apply
We’d encourage you to contact Dr Benjamin Aziz (firstname.lastname@example.org) to discuss your interest before you apply, quoting the project code.
When you are ready to apply, you can use our online application form. Make sure you submit a personal statement, proof of your degrees and grades, details of two referees, proof of your English language proficiency and an up-to-date CV. Our ‘How to Apply’ page offers further guidance on the PhD application process.
If you want to be considered for this PhD opportunity you must quote project code COMP4980220 when applying.