Computer Science
[Open soon]
Work description
Study of security vulnerabilities associated with GitHub Actions and of state-of-the-art tools for their dynamic analysis, identifying potential optimization opportunities. Design of novel solutions capable of: - monitoring GitHub Actions execution environments, enabling the identification or blocking of suspicious actions (such as unauthorized code execution or data exfiltration); - ensuring that the execution and configurations of the different Actions remain unchanged throughout the pipeline workflow (for example, detecting version changes in Actions). Experimental evaluation of the developed programs in representative environments with realistic workloads. The tasks described in this working plan demand the application and development of concepts and techniques in the area of Software Engineering, which are usually introduced in curricular units included in the curricula of the Integrated MSc in Informatics Engineering or the MSc in Informatics Engineering studies.
Academic Qualifications
BSc Degree in Computer Science or Informatics Engineering.
Minimum profile required
- Solid knowledge of operating systems;- Practical experience with Git and GitHub Actions;- Practical experience with monitoring tools;- Practical experience with Ansible, Docker, and Kubernetes technologies;- Practical Experience with cloud computing services (e.g., GCP) and high performance computing (HPC).
Preference factors
- Experience with the C programming languages; - Solid experience with the Linux operating system and scripting.
Application Period
Since 06 Nov 2025 to 19 Nov 2025
[Open soon]
Centre
High-Assurance Software