Secure Software Development and AI Security Methods, Tooling, and Assurance

About the Project

The Blockchain Identity Lab (BIL) supports world-leading research in cryptography, distributed ledgers, privacy-preserving technologies, and sovereign identity such as decentralised identifiers and verifiable credentials. We invite applications for a PhD focused on software security and AI security, including how AI can automate and enhance cybersecurity processes.

The successful candidate will investigate secure software development and deployment practices, the security and privacy of AI/ML systems, and governance/consent in distributed and data-centric environments. A core theme is bridging “security for AI” and “AI for security”, developing methods, tools, and assurance evidence for real-world systems.

Research Themes

• AI for Application Security: LLM-assisted SAST/DAST, vulnerability triage, fix suggestion, and code+configuration hardening
• Security for AI/ML: adversarial robustness, data/model provenance, secure MLOps, model red-teaming
• Privacy-Preserving ML: federated learning, Differential Privacy, secure aggregation, consent and data minimisation
• Software Supply Chain & SBOMs: dependency risk scoring, attestation, policy-as-code, continuous assurance
• Evaluation Science: benchmarks, metrics, and human-in-the-loop studies for security tools

Academic qualifications

A first-class honours degree, or a distinction at master level, or equivalent achievements ideally in Computer Science with a good fundamental knowledge of computer science and computer security.

English language requirement

IELTS score must be at least 6.5 (with not less than 6.0 in each of the four components). Other, equivalent qualifications will be accepted. Full details of the University’s policy are available online.

Fundamental knowledge:

• Computer Science and Computer Security
• Privacy-Preserving Machine Learning
• AI Security
• Secure Software Development
• Software Security
• AI for Cybersecurity
• Cybersecurity for AI

Essential attributes:

• Experience of fundamental computer science areas, including a background in computer security
• Proficiency in programming and software testing (such as Python, JavaScript/TypeScript, or similar)
• Knowledge of core security concepts (threat modelling, vulnerabilities, cryptography basics, secure SDLC)
• Good written and oral communication skills
• Strong motivation, with evidence of independent research skills relevant to the project
• Good time management and ability to drive a research agenda

Desirable attributes:

• Experience with privacy-preserving ML (such as Federated Learning, Adversarial Examples, Differential Privacy), AI security, or secure software development.
• Interest in building trusted architectures that integrate privacy, identity, and consent.
• Familiarity with CI/CD, containers, IaC, or policy-as-code, exposure to red-teaming or model evaluations.
• Open-source contributions or reproducible research practices

APPLICATION CHECKLIST

• Completed application form
• CV
• 2 academic references, using the Postgraduate Educational Reference Form (download)
• Research project outline of 2 pages (list of references excluded). The outline may provide details about
  1. Background and motivation of the project. The motivation, explaining the importance of the project, should be supported also by relevant literature. You can also discuss the applications you expect for the project results.
  2. Research questions or objectives.
  3. Methodology: types of data to be used, approach to data collection, and data analysis methods.
  4. List of references.

The outline must be created solely by the applicant. Supervisors can only offer general discussions about the project idea without providing any additional support.

• Statement no longer than 1 page describing your motivations and fit with the project.
• Evidence of proficiency in English (if appropriate)

To be considered, the application must use

• the advertised title as project title

For informal enquiries about this PhD project, please contact P.Papadopoulos@napier.ac.uk

Application link: https://evision.napier.ac.uk/si/sits.urd/run/siw_sso.go?ElOlarlItFiG37xnH5PRRBvv3d563wLdwX4JfhYskMa3bJWTuc

PhD Start Date: October 2026