Master's Thesis: Security protocols for Satellite-Path Awareness Networking

Background
Path Aware Networking (PAN) is a networking technology that allows devices to be aware of the properties of the paths over which their traffic is carried. This can be useful in satellite communications, especially for optimizing data transmission between ground stations and satellites in a constellation with Inter-Satellite Links (ISLs). In this context, PAN is sometimes referred to as Satellite-Path Awareness Networking (S-PAN). Regardless of how path property information is distributed, a set of S-PAN-specific security properties is required to guarantee that the PAN paradigm does not introduce new vulnerabilities that a malicious entity may exploit to launch any attack to the network or the end hosts; In particular, we need to guarantee the following security properties: path authorization, path validation, packet authentication, and source authentication.

Thesis description
The goal of this project is to design and develop a set of S-PAN-specific security protocols as a part of S-PAN techniques for LEO, MEO or GEO systems with dynamic bandwidth allocation and oversubscription and for hybrid satellite-terrestrial networks with multipath. The new security protocols will first be implemented in software and verified in a laboratory environment.

RISE will provide the necessary background information and guidance throughout the completion of the master thesis. The student's tasks for this project will include:

• Conduct a comprehensive study on path-specific security protocols.
• Design and implement solutions for addressing the security requirements of S-PAN, by relying on relevant building blocks (e.g., SRv6, SD-WAN).
• Conduct experimental evaluations of the developed solutions in a laboratory environment.
• Evaluate the correctness and effectiveness of the implemented solutions, also in the presence of an adversary.
• Document all activities and outcomes of the research in the form of a comprehensive thesis report.

Student profile
We are looking for an ambitious MSc student who has fulfilled the course requirements. Good python programming skills are required, as is good spoken and written English. Experience with network and communication security is a plus. Applications should include a brief personal statement, a CV, and a list of grades. The application has to mention previous activities or other projects that are relevant for the position.

This thesis will be conducted within the RISE Cybersecurity Unit in Kista, Stockholm.

Candidates are encouraged to send their application as soon as possible. Suitable applicants will be interviewed as applications are received. A successful candidate will have the opportunity to contribute to European Research & Development security projects.

About us
RISE Research Institutes of Sweden AB is a research organization owned by the Swedish government. This thesis will be conducted within the RISE Cybersecurity Unit, which is among the largest public sector cybersecurity research groups in Sweden. Our core areas of expertise are: IoT Security, Cloud Security, Network & Communication Security, Access Control, Privacy (technical and social aspects), and Secure Virtualization and Trusted Computing. The RISE Cybersecurity Unit is the European leader in IoT security research & development. In additional to a strong research environment, RISE

Cybersecurity is the owner of the RISE Cyber Range, a cybersecurity test and demo facility in Kista with a critical infrastructure grade security, that provides a trusted place for Swedish industry to understand and address their cybersecurity needs. RISE Cyber Range, in addition to providing practical cybersecurity education, training and exercise, is an environment for state-of-the-art cybersecurity research and development.

Welcome with your application
If you want to know more, please contact Alfonso Iacovazzi (alfonso.iacovazzi@ri.se). Last day of application