University of Trento, Dept. of Information Sciences and Engineering
|Where I am now:||I'm visiting ISI at USC in California, USA so beware of the time difference.|
UNITN Security Group Wiki
|Modelling Security Requirements Engineering (Now I do experiments on SRE)|
|Security-by-Contract for Mobile and Smart Card|
|Practical Enforcement of Information Flow Properties|
|Logical Cryptanalysis or Crypto with SAT for representing crypto-problems as logical problems.|
|Cryptographic Protocol Verification. See Larry Paulson's SET protocol page for the papers and the proof scripts).|
|Automated Reasoning for Modal, Description and Security Logics|
|2015: Ten Years Most Influential Paper Award at IEEE Requirements Engineering Conference] for our paper on Modeling security requirements through ownership, permission and delegation. You can read our pre-print copy or see our presentation at RE'15.|
|2001: AI*IA - Marco Somalvico Career Award for Young Researchers in AI by the Italian Association for Artificial Intelligence|
|Our research on risk reduction for vulnerability assessment made its way to the world standard Common Vulnerability Scoring System (CVSS) v3. You can see our Black Hat'13 presentation read the full paper on ACM TISSEC (Comparing Vulnerability Severity and Exploits Using Case-Control Studies) or our pre-print copy.|
|See the recent development of an intellectual child of mine: Logical Cryptanalysis was instrumental to break SHA-1|
|Ivan Pashchenko on experimental comparison of static analysis methods for vulnerability analysis|
|Chan Nam Ngo on FinTech and distributed transactions systems|
|Silvio Biagioni on experimental measures of operational (cyber) risk|
|If you are interested in a PhD make sure to read R.T. Azuma's guide (in particular the sections on graduate student as a job, and contacting perspective advisors). Then apply to the ICT PhD School and mention in the research proposal and in the motivation letter that you are interested in working with me. Forward your complete application to security.positions.disi @ unitn.it. Do not write to me.|
|Stanislav Dashevsky, on empirical methods for software vulnerabilities|
|If you are interested in a Post-doc please send your academic CV to security.positions.disi @ unitn.it. If you do this before August of each year (and we decide to hire you) we will also help you to write a Marie Curie Application that could provide you with your own independent funding.
||Luca Allodi [Assistant Professor at TU Eindhoven], University of Trento, Best PhD Award, CVSS SIG Voting Member
||Natalia Bielova [Researcher @ INRIA]
||Hristo Koshutanski [Co-founder and CTO @ Safe Society Labs S.L., Spain]
||Katsiaryna Labunets [Post-doctoral Researcher @ TU Delft]
||Katsiaryna Naliuka [Software Engineer @ Google]
||Minh Ngo [Post Doc @ INRIA]
||Viet Hung Nguyen [System architect @ Bosch]
||Nataliya Rassadko [Senior Developer @ GPI]
||Le Minh Sang Tran [Quantitative Researcher @ WorldQuant ], CAiSE PhD Award 2016
||Ida SR Siahaan [Post-doc @ AIT, Ireland]
||Artiom Yautsiukhin [Researcher @ CNR Pisa]
||Nicola Zannone [Associate Prof @ TU Eindhoven], IEEE RE'2015, 10 years most influential paper in Requirements Engineering
||Yudis Asnar, from Univ. of Trento [Professional Consultant @ STIKP Indonesia].
Nicola Dragoni from Univ. of Bologna [Associate Prof @ DTU - Denmark].
||Olga Gadyatskaya, from Univ. of Novosibirsk [Research associate @ Univ. of Luxembourg]
||Jing Nie, from Durham Business School [Assistant Professor @ University of International Business and Economics (UIBE) in Beijing]
||Stephan Neuhaus, from Saarland Univ. [Dozent @ Univ of Applied Sciences Zurich]
||Federica Paci, from Univ. of Milano and Purdue [Lecturer @ Southampton]
||Ayda Saidane, from Supelec [Security Consultant @ Revenue Quebec]
||Woohyun Shim, from Michigan State Univ. [Associate Research Fellow @ Korea Institute for Public Administration]
Recent publications on the Group's Wiki, and old Publications
||Google Scholar and Elsevier's Scopus
number is 3
EU-SESAR-WPE-EMFASE (Empirical Framework for Security Design and Economic Trade-Off), EU Coordinator
MIUR-PRIN-TENACE (Security of Critical Infrastructure),
EU-SEC-CP-SECONOMICS (Security Meets Socio-Economics), EU Coordinator, 3MEuro (UNITN approx 600K)
EU-FET-IP-SECURECHANGE (Security Engineering for lifelong Evolvable Systems), EU Coordinator, 5.1MEuro (UNITN approx 500K)
EU-IST-IP-MASTER (Managing Assurance, Security and Trust for Services) 920KEuro
EU-IST-IP-SERENITY (Security and Dependability Engineering) 586KEuro
EU-IST-STREP-S3MS (Security and Services for Mobile Systems), EU Coordinator, 2.4MEuro (UNITN approx 300K)
PAT-FU-MOSTRO (Modeling Security and Trust Relationships within Organizations) 81KEuro
Grant before 2005: ASI-DOVES (A Platform for Enabling on Board Autonomy), EU-IST-FET WASP (Working Group on Answer Set Programming), MIUR-FIRB ASTRO (Knowledge Level Software Engineering), MIUR-FIRB (Security Protocols Verification), EU-NoE-E-NEXT (Network of Excellence E-Next)
Courses at UNITN
||Official Page of the
Master in Computer Science and Engineering (Program is taught in English to a mixed audience of Italian and International students).
||Our Security and Privacy EIT Curriculum in the framework of the EIT Digital Master School
||2002-2009: Deputy Rector for ICT Procurements and Services for 7 years managing a staff of 70+ people and 5MEuro/year budget.
||1995: International habilitation as United Nation Officer (Level P2)
||1992-1997: European Executive Board Member and European Treasurer of Service Civil International.
At the ones above seems strange, I have been also strongly involved in the sector of International
Voluntary Service Organizations. Read an essay written for a post-degree Foreign
Relations course by the Italian Minister of Foreign Affairs. I advocated a different relationship between Western Democracies and
Militant Islam, rather than funding conservative islamist leaders
(like Saddam Hussein or Saudi princes) to bash communists. History
proved me right. Download it in Postscript.
||I met my wife (Beatrice De Blasi) while working in the NGO sector.
My Favourite Quotes
||According to the university, the duties of professors are 50% administration, 50% teaching, 50% research. Order is relevant. (Moshe Vardi)|
I'm on holiday at the moment, so not supposed to be reading my email. (Bashar Nuseibeh)
Data is the new gold, but maybe is the new asbestos (Participant at Cambridge Risk Seminar)
Information for Students
||Both BSc and MSc theses are available and some research and industry internships. Come and see me in person (after class is best).
Click for Instructions for Recommendation Letters