PhD Studentship in Usable Abstractions for Secure Programming: A Mental Models Approach (supported by GCHQ)

University of Bristol - Computer Science

The project:

Cryptographic application programming interfaces (APIs) are currently widely used to provide security of communication and information flows in contemporary applications. Existing research has highlighted that vulnerabilities arise in software due to misunderstanding about the guarantees provided by API functions or unintentional misconfiguration of relevant security parameters. However, little is understood about developers’ mental models that lead to such issues and the misalignment between these models and the actual functionality the API as intended by developers. The aim of the studentship is to study developers’ mental models of security APIs and to understand any misalignment with correct API usage. Based on these results we will design novel programming abstractions that improve the usability of security APIs.

Doing research at the University of Bristol:

The quality of research at the University of Bristol places it within the top five Universities in the UK based on the Research Excellence Framework and Times higher Education rankings 2014-15. The PhD candidate will be a part of a friendly and diverse community. The University has a Doctoral College (BDC) which offers approximately 200 courses, interactive workshops, and seminars as a part of the University’s Personal and Professional Development Programme for PGR students. The BDC organises University-wide events and provides a hub of information, guidance, and resources to help researchers to get the most of their time at Bristol.

How to apply:

Please make an online application for this project at Please select <Computer Science> on the Programme Choice page and enter details of the studentship when prompted in the Funding and Research Details sections of the form with the name of the supervisor.

Candidate requirements:

Applicants should have or expect to achieve a first-class or high upper-second class degree in Computer Science or Software Engineering.

The ideal candidate will have a background in computer science (in particular programming languages) or software engineering and a strong interest in usable security.

The applicant must be willing to undergo Developed Vetting (DV) clearance prior to the start of the studentship (cost of clearance is covered by the grant).


Scholarship covers full UK PhD tuition fees and a tax-free stipend of £19,533 p.a. subject to contracts.


Please contact Prof Awais Rashid (

For general enquiries, please email

Share this PhD
  Share by Email   Print this job   More sharing options
We value your feedback on the quality of our adverts. If you have a comment to make about the overall quality of this advert, or its categorisation then please send us your feedback
Advert information

Type / Role:



South West England