PhD Position (M/F): Model-Based Threat Modeling for Compartmentalized Systems

Position PHD

Expected start dateAutumn 2026

Estimated duration3 years

Education levelMaster's degree or equivalent

ContactArnaud BLOUINarnaud.blouin@irisa.fr

Β 

🎯 Join a Cutting-Edge Cybersecurity Research Project

Are you passionate about cybersecurity, software/system architecture, and model-based techniques? We’re looking for a talented PhD candidate to tackle one of the most pressing challenges in modern system security: evaluating and promoting compartmentalization in embedded systems.

πŸ”¬ The Research Challenge

In an era where cyber threats are increasingly sophisticated, compartmentalization represents a critical last line of defense against attacks. Despite its proven effectiveness, compartmentalization remains underutilized in embedded system design. Why? Current threat modeling tools simply aren’t equipped to properly evaluate compartmentalized architectures.

Your mission: Change this.

“Despite longstanding recognition within the academic sphere and proven effectiveness in seminal industry projects, the adoption of compartmentalization techniques in main-stream software remains inconsistent: compartmentalizing is still far from being a common engineering practice."
β€” Lefeuvre et al. [Lef+25]

πŸš€ Your Project at a Glance

You’ll develop a tool-supported methodology that revolutionizes how we threat model compartmentalized embedded systems. This involves:

Core Innovations

1. Comprehensive Ontology Development
Create a formal ontology capturing the features and characteristics of various compartmentalization techniques β€” from virtualization to process isolation.

2. Specialized Modeling Language
Design an Architecture Description Language with rich semantics specifically tailored for compartmentalized systems.

3. Semi-Automated Threat Analysis
Build intelligent algorithms that, compared to existing tools, better take into account compartmentalization in the assessment of embedded systems architectures.

4. Real-World Validation
Evaluate your methodology on well-known compartmentalized systems (Qmail, Postfix, OpenSSH) and potentially on security-critical systems from the US Naval Research Laboratory.

πŸ’‘ What Makes This Position Unique

High-Impact Research Domain

As international regulations increasingly mandate threat modeling, your work will address a real and urgent need in the cybersecurity industry. System providers worldwide need better tools to demonstrate their products’ cyber resilience.

Strong Connections

  • Collaborate directly with the French Defense Procurement Agency (DGA)
  • Potential partnerships with international partners of the DiverSE team
  • Evaluation on architectural models of real-world security-sensitive systems

Cutting-Edge Technical Stack

Work at the intersection of:

  • (Model-Based) System Engineering β€” (embedded) system architecture, modeling languages, domain-specific languages
  • Cybersecurity β€” threat modeling, compartmentalization, security evaluation
  • Semi-Formal Methods β€” ontologies, semantics, automated reasoning

Publication Opportunities

Position yourself at the forefront of an emerging research area with excellent potential for high-quality publications at top-tier conferences.

πŸ›οΈ Your Work Environment

IRISA: A Premier Research Laboratory

IRISA (Research Institute of Computer Science and Random Systems) is one of France’s largest computer science research labs, with over 850 members contributing to groundbreaking work across seven scientific departments.

Research Focus Areas:

  • Bioinformatics
  • System Security & Cybersecurity
  • Software Architectures
  • Virtual Reality
  • Big Data Analysis
  • Artificial Intelligence

IRISA is embedded in a dynamic regional ecosystem with strong international collaborations, playing a key role in digital transformation, cybersecurity, health, environment, and robotics.

DiverSE Team: Excellence in Software Engineering

The DiverSE research team specializes in building reliable and efficient applications with a strong focus on:

  • Cybersecurity
  • Large Language Models (LLMs)
  • Model-Driven Engineering

Team Composition:

  • ~15 permanent members (Inria, CNRS researchers, university lecturers)
  • 3 members of the prestigious French University Institute
  • ~15 PhD students
  • Multiple research engineers
  • Strong industry partnerships at global, national, and local levels

What sets DiverSE apart:

  • βœ… Internationally recognized research excellence
  • βœ… Friendly, collaborative work atmosphere
  • βœ… Direct involvement in impactful projects
  • βœ… Close collaboration with practitioners

πŸŽ“ Ideal Candidate Profile

Required Qualifications

  • Master’s degree (or equivalent) in Computer Science, Cybersecurity, System Engineering, or related field
  • Strong interest in cybersecurity and system architecture
  • Excellent analytical and problem-solving skills
  • Good programming and software development abilities
  • Fluency in English (written and spoken)

Valuable Skills & Experience

  • Background in model-based system engineering, ontologies, or formal methods
  • Knowledge of threat modeling methodologies (STRIDE, PASTA, etc.)
  • Experience with security analysis or compartmentalization techniques
  • Familiarity with embedded systems
  • Experience with tool development

πŸ’Ό Compensation & Benefits

Competitive Salary

around €2,200 gross/month (approx. €1,769 net)

Excellent Work-Life Balance

  • 🏠 Remote work up to 2 days per week
  • 🚊 Partial reimbursement of public transport costs
  • 🚴 Sustainable mobility support (cycling allowance)
  • πŸ₯ Partial health insurance coverage
  • 🍽️ Subsidized on-site cafeteria

Convenient Location

  • πŸš— Free car parking
  • 🚲 Free bicycle parking
  • 🚌 Bus stop: 5 minutes away
  • πŸš‡ Metro station: 10 minutes away

πŸ“ Location:
Campus de Beaulieu, IRISA/Inria Rennes
Building 12, 263 Avenue du GΓ©nΓ©ral Leclerc
35042 RENNES Cedex, France

πŸ“… Timeline

  • Application Deadline: Spring 2026
  • Position Start: Autumn 2026
  • Duration: 3 years (full PhD program)

πŸ“§ How to Apply

We’d love to hear from you! Please contact:

Dr. Arnaud BLOUIN
Tenured Associate Professor, INSA Rennes
πŸ“§ arnaud.blouin@irisa.fr

Dr. Gurvan LE GUERNIC
Research Engineer, DGA
πŸ“§ Gurvan.Le_Guernic@inria.fr

Application Materials

Please include:

  • Detailed CV
  • Cover letter explaining your motivation and relevant experience
  • Academic transcripts
  • Contact information for 2-3 references
  • Any relevant publications or projects

πŸ”’ Security Clearance Note

This position is located in a sector covered by the protection of scientific and technical potential (PPST). In accordance with regulations, your appointment will require authorization by the competent authority of the French Ministry of Higher Education and Research (MESR).

🌟 Why This PhD Will Transform Your Career

This isn’t just a PhD β€” it’s an opportunity to:

  • 🎯 Tackle a critical gap in modern cybersecurity
  • πŸ”¬ Work on internationally recognized research
  • 🀝 Build a strong professional network in defense and cybersecurity
  • πŸ“Š Contribute to work that has the potential to influence international regulations
  • πŸš€ Position yourself as an expert in an emerging field
  • πŸ† Develop skills highly valued in both academia and industry

Join us in making compartmentalization a standard practice in secure system design!

IRISA and the DiverSE team are committed to diversity and inclusion. We encourage applications from all qualified candidates regardless of background.