The University of Agder has more than 1500 employees and almost 14 000 students. This makes us one of the largest workplaces in Southern Norway. Our staff research, teach and disseminate knowledge from a variety of academic fields. Co-creation of knowledge is our common vision. We offer a broad range of study programmes in many fields. We are situated at two modern campuses in Kristiansand and Grimstad respectively.
We are an open and inclusive university marked by a culture of cooperation. The aim of the university is to further develop education and research at a high international level.
About the position
A fixed-term 100% position is available at the University of Agder, Faculty of Engineering and Science as a PhD Research Fellow in cybersecurity for Industrial cyber-physical critical systems (ICPCS), affiliated to the Department of Information and Communication Technology for a period of three years. The position is located at Campus Grimstad. The starting date is as soon as possible or by agreement with the Faculty.
This position is affiliated to the Department of Information and Communication Technology/ Centre for Integrated Emergency Management, (CIEM) at UiA, and it is supported the department for Risk, safety and Security at Institute for Energy Technology, (IFE). It is expected that the PhD candidate will spend periods at IFE in Halden.
CIEM is a Priority Research Centre at the University of Agder, which conducts interdisciplinary research on technology-based innovation for societal resilience, in close collaboration with emergency management stakeholders.
Responsibilities
Society and economy are strongly dependent on essential services supported by critical infrastructures providing the functioning of modern society and serve as the backbone for economic activities. Industrial cyber-physical critical systems (ICPCS) are essential to sectors such as energy, smart city, telecommunication, finance, health, and transport. In ICPCS, computational, communication and physical aspects are integrated to improve usability, efficiency, and reliability to different services in society (healthcare, telecommunications, energy, transportation, etc.). However, such combinations introduce a wide spectrum of risks related to cyber domain (e.g., privacy issues, cyber-attacks). A short disruption in ICPCS networks may lead to immediate profound consequences (social, economic, financial, etc.). Cybercrime is developing much faster than security tools, IoT is increasing the risk of a breach, and cloud and virtualization trends are set to be the main pain points for organizations in the coming years.
The threat agents are ranging from state actors to non-state actors, script-kiddies, disgruntled employees, experienced hackers and hacker groups, organized crime, hacktivists and terrorists. There are also non-malicious cyber security events, such as user/administrator errors or technical faults, which looks the same or may eventually have the same effect as a coordinated attack. Regardless of the source of a cyber security incident, the potential impact to the critical infrastructure is similar, e.g. brownout, blackout, or misconfiguration of control systems.
The focus on cybersecurity ICPCS, is to support reliability and resilience in the event of a cyber-attack. Unlike IT systems, a control system in the energy sector that is under attack cannot be easily disconnected from the network as this could potentially result in safety issues, brownouts or even blackouts. The Ukraine power grid attack in 2015 and NORSK Hydro in 2019 demonstrated the potential impact of cyber-attacks to the electricity sector.
With the growing use of digital devices and more advanced communications, the overall cyber risk has increased. For example, as substations are modernized, the new equipment is digital, rather than analog. These new devices include commercially available operating systems, protocols, and applications that provide a larger attack surface. This in combination with interconnectivity increase the complexity of addressing respective cyber risks and gives opportunities to potential adversary on cyber-attacks.
For organizations to tackle cyber threats, they need to obtain intelligent analytics and accurate data that is relevant to security vulnerabilities over the different layers of systems. This will enable a broader knowledge and situational awareness on the current cyber situation of their ICPCS and timely react if necessary. Basically, existing solutions are based only on the technical aspects of organizations, i.e., on the fusion of technical data collected from various sensors or agents. The “always-on” and “complex” nature of cybercrime and cyberattacks put a great strain on security personnel. The way to counteract these cyber-attacks is through resilient infrastructure systems together with well-prepared human resources and competences.
By exploiting the latest technologies and advances in AI, ML, IoT, digitalization and industry 4.0, we can provide further support towards resilient operations for essential services supported by ICPCS, facilitate grater cyber situational awareness, and respond to detected security issues.
The anticipated PhD focus areas will be on utilizing advanced simulation and attack scenario generation technology to develop dynamic and adaptive training environments for essential service’s operators. The goal is to enable higher levels of preparedness for cyber incident, crisis response teams and operational engineers. The cyber-physical range and scenario generation mechanism will adapt to the latest advances in attack infrastructure and methods, including attack scenarios against environments that include both real and emulated (digital twin) components of a cyber-physical critical infrastructure. The PhD candidate will apply and have access to some tools and results from the IFE cybersecurity centre.
Required qualifications
Master’s degree in cybersecurity, computer and control systems engineering, ICT, computer science or a similar/related field. Candidates who are in the closing stages of their master’s degree can also apply.
Simulation and modeling for industrial systems.
Systems safety and security engineering.
Technical expertise in the following areas:
Background in ICT systems’ security
Strong programming skills, especially in Python, MATLAB, and/or C/C++.
Written and spoken English proficiency. International candidates that are not exempt from the English language requirements pursuant to the guidelines of the Norwegian Agency for Quality Assurance in Education (NOKUT) must document this through one of the following tests with the stated results or better:
TOEFL - Test of English as a Foreign Language with a minimum score of 600 for the Paper-based Test (PBT), or 92 for the Internet-based Test (iBT)
IELTS - International English Language Testing System, with the result of 6.5
Finally, IFE is subject to the National Security Act, and the candidate must be able to pass a background check and must be able to obtain security clearance and authorization.
Desired qualifications
Experience in cyber incident management (i.e., SoC ops, C2C).
Experience in operational technology, e.g., SCADA systems, autonomous systems.
Experience in machine learning/artificial intelligence methods
Experience in automation of scenario-based training exercises
Applicants will be assessed on the basis of academic background and results, attainment, and any previous research and development work.
Personal qualities
Personal suitability, good teamwork and communication skills, inventiveness, and a proactive approach, will be emphasized in the evaluation as well as relevant practical experience. The PhD Research Fellow will be expected to contribute to an active research community that promotes the personal and professional growth of the doctoral candidate. The position places great demands on the applicant’s capacity for independent goal-oriented work, ability to concentrate and attention to detail.
We offer
Training to publish in the top journals and conferences in the covered areas.
Professional development in a large, exciting and socially influential organisation
A positive, inclusive and diverse working environment
Modern facilities and a comprehensive set of welfare offers
The position is remunerated according to the State Salary Scale, salary plan 17.515, code 1017 PhD Research Fellow, NOK 501 200 gross salary per year. A compulsory pension contribution to the Norwegian Public Service Pension Fund is deducted from the pay according to current statutory provisions.
General information
UiA is an open and inclusive university. We believe that diversity enriches the workplace and makes us better. We, therefore, encourage qualified candidates to apply for the position independent of gender, age, cultural background, disability or an incomplete CV.
Women are strongly encouraged to apply for the position.
The successful applicant will have rights and obligations in accordance with the current regulations for the position, and organisational changes and changes in the duties and responsibilities of the position must be expected. The engagement is to be made in accordance with the regulations in force concerning the acts relating to Control of the Export of Strategic Goods, Services and Technology. Appointment is made by the University of Agder’s Appointments Committee for Teaching and Research Positions.
Short-listed applicants will be invited for interview. With the applicant’s permission, UiA will also conduct a reference check before appointment. Read more about the employment process.
In accordance with the Freedom of Information Act § 25 (2), applicants may request that they are not identified in the open list of applicants. The University, however, reserves the right to publish the names of applicants. Applicants will be advised of the University’s intention to exercise this right.
Application
The application and any necessary information about education and experience (including diplomas and certificates) are to be sent electronically. Use the link "Apply for this job".
The following documentation must be uploaded electronically:
Motivation letter.
Complete post-secondary transcript of all academic degrees. When attaching a non-Norwegian academic transcript that does not include a description of the grading system (e.g. maximum grade and minimum passing grade) used by the issuing institution, a (preferably official) description should also be attached. The description may simply contain a link to an official website where the grading system is explained.
Updated CV with a complete list of scientific publications
Master thesis or link
Up to 5 representative publications or links
A description of the applicant’s research interests the relevance of your expertise to the advertised position and a preliminary work plan
Applicants who are required to document their English proficiency must submit their TOEFL or IELTS test results (these may be forwarded after the closing date)
The applicant is fully responsible for submitting complete digital documentation before the closing date. All documentation must be available in English or in a Scandinavian language.
