I am pleased to announce the opening of a PHD position at KTH Royal Institute of Technology (Stockholm, Sweden), in software technology. The student will investigate novel technology to harden the software supply chain of applications. The research will contribute to the fields of dependency management  and automatic build . Research directions will include diverse double compilation , software debloating  and automatic diversification in the supply chains .
 A. Gkortzis, D. Feitosa, and D. Spinellis, Software reuse cuts both ways: An empirical analysis of its relationship with security vulnerabilities, Journal of Systems and Software, 2021.
 C. Lamb and S. Zacchiroli, Reproducible builds: Increasing the integrity of software supply chains, IEEE Software, 2021.
 D. A. Wheeler, Countering trusting trust through diverse double-compiling, in Proc. of ACSAC, pp. 13–pp, 2005.
 C. Soto-Valero, T. Durieux, and B. Baudry, A longitudinal analysis of bloated java dependencies, in Proc. of ESEC/FSE, pp. 1021–1031, 2021.
 B. Baudry and M. Monperrus, The multiple facets of software diversity: Recent developments in year 2000 and beyond, in ACM Computing Survey, 2015