[ Home ] [People] [Projects] [Publications] [PhD Thesis] [Events] [Prototypes] [Resources] [Courses]
 

People
Group Info

Research themes
Dessert Group research themes

Publications
List of publications

PhD Thesis

Teaching
Proposals and past thesis
Thesis guidelines
Courses

Projects
Current projects

Contacts
Contact us


News
Dessert news




Dessert News

2016 GUFPI-ISMA Student Award
The DESSERT member Raffaele Della Corte received the 2016 Student Award from the Gruppo Utenti Function Point Italia - Italian Software Metrics Association (GUFPI-ISMA) with his PhD thesis entitled "Understanding the Error Behavior of Complex Critical Software Systems through Field Data".

The award ceremony will take place during the "3° Evento Metrico 2017" organaized by GUFPI-ISMA on December 1st 2017, Hotel Vanvitelli, Caserta, Italy.

ISSRE 2017 Best Research Paper Award
The paper "Chizpurfle: A Gray-Box Android Fuzzer for Vendor Service Customizations" authored by DESSERT members Antonio Ken Iannillo, Roberto Natella, prof. Domenico Cotroneo, and by the prof. Cristina Nita-Rotaru from Northeastern University, received the Best Research Paper Award during the 28th IEEE International Symposium on Software Reliability Engineering (ISSRE), Toulouse, France, October 23-26, 2017.


Abstract: Android has become the most popular mobile OS, as it enables device manufacturers to introduce customizations to compete with value-added services. However, customizations make the OS less dependable and secure, since they can introduce software flaws. Such flaws can be found by using fuzzing, a popular testing technique among security researchers.
This paper presents Chizpurfle, a novel "gray-box" fuzzing tool for vendor-specific Android services. Testing these services is challenging for existing tools, since vendors do not provide source code and the services cannot be run on a device emulator. Chizpurfle has been designed to run on an unmodified Android OS on an actual device. The tool automatically discovers, fuzzes, and profiles proprietary services. This work evaluates the applicability and performance of Chizpurfle on the Samsung Galaxy S6 Edge, and discusses software bugs found in privileged vendor services.


Seminar Announcement
The DESSERT postdoctoral research fellow Dr. Roberto Pietrantuono will hold a seminar on:

Testing for software reliability assessment and improvement


Abstract: Testing software efficiently for reliability improvement and/or assessment is an as much old and studied topic as a still open and tricky challenge. It is related to the ability of appropriately designing testing strategies to get the best result (in terms of delivered reliability or of accurate reliability estimate) at low cost.

Conventional techniques are based on the operational profile (a.k.a. operational testing) and on software reliability growth models (SRGMs). Although these are pillars of software reliability engineering, they suffer from serious limitations related to the assumptions they rely on, but also related to their inherent inability to cope with ultra-reliable systems.

The seminar surveys some of the fundamental issues of reliability testing. It then presents practical policies to allocate testing effort optimally from the reliability perspective, and to design new sampling-based strategies for efficient test cases selection.


The seminar will take place at the Centre for Software Reliability (CSR) of the City University of London (Room AG01) on July 13th 2017, from 13:00 to 14:00.
CSR announcement here

Seminar Announcement
The DESSERT research team invites you to attend the seminar on:

MINIX3: A Reliable and Secure Operating System


held by Prof. Andrew S. Tanenbaum, Vrije Universiteit, Amsterdam.
The seminar will take place at the Dipartimento di Ingegneria Elettrica e delle Tecnologie dell’Informazione (Ed. 3/A DIETI, Room SOFTEL, Floor I) on Wednesday November 30th 2016, from 12.30 to 14.00.
Abstract and further details here

Seminar Announcement
The DESSERT research team invites you to attend the seminar on:

Modelling Critical Infrastructures (CIs) Resilience


held by Prof. Peter Popov, City University London, during his visiting period at DESSERT lab (from 25/10/2016 to 25/11/2016).
The seminar will take place at the Dipartimento di Ingegneria Elettrica e delle Tecnologie dell’Informazione (DIETI, Meeting room, 4th floor) on Thursday November 3rd, 2016, starting from 10:00 am.
Abstract and further details here

13th European Workshop on Performance Engineering (EPEW 2016)
Chios (Greece), October 5-7 2016

Submission deadlines: June 1st, 2016 (abstract), June 8th, 2016 (paper)

Scope and Topics
The European Performance Engineering Workshop is an annual event that aims to gather academic and industrial researchers working on all aspects of performance engineering.
Original papers related to theoretical and methodological issues as well as case studies and automated tool support are solicited in the following three areas:

  • Performance modeling and evaluation: stochastic models; real-time models; queueing networks; quantitative extensions of Petri nets, automata, process calculi; analytical or numerical solution techniques; simulation; quantitative model checking.
  • System and network performance engineering: performance engineering of distributed, mobile and embedded systems; communication networks; grid computing; experimental design; benchmark design and benchmark-based evaluation; quality of service and quality of security; e-health systems.
  • Software performance engineering: software performance modeling languages; performance-oriented software architecture, design, implementation, deployment, and maintenance; model-driven software performance engineering; software performance monitoring.

Call for Contributions
Authors are invited to submit technical papers describing original research. Accepted papers will be published in the conference proceedings, in the Lecture Notes in Computer Science (LNCS) series, by Springer-Verlag.

Papers must not exceed 15 pages in camera-ready form, including figures and references, in Springer LNCS style. All submissions must be in English. Submissions will be handled by EasyChair:
https://easychair.org/conferences/?conf=epew2016

Important Deadlines
June 1st, 2016: Abstract Submission
June 8th, 2016: Paper Submission
July 15th, 2016: Authors Notification
July 31st, 2016: Camera ready
July 31st, 2016: Registration deadline

Organization
GENERAL CHAIR
Agapios Platis, University of the Aegean

PROGRAM CO-CHAIRS
Dieter Fiems, Ghent University
Marco Paolieri, University of Florence


The 3rd IEEE International Workshop on Reliability and Security Data Analysis (RSDA 2016)
co-located with 46th IEEE International Conference on Dependable Systems and Networks (DSN 2016)
June 28 - July 1, 2016, Toulouse, FRANCE


Special Issue of the IEEE Transactions on Dependable and Secure Computing (TDSC) entitled Data-Driven Dependability and Security.

-------------------------------------------------------------
Important Dates
-------------------------------------------------------------
Paper submission deadline: 16 Nov 2016;
All reviews back and first round notification: 13 March 2017;
Revised submission deadline: 15 May 2017;
All reviews back and final notification: 24 July 2017.

Guest Editors
Domenico Cotroneo, Federico II University of Naples, ITALY (cotroneo@unina.it)
Karthik Pattabiraman, University of British Columbia, CANADA (karthikp@ece.ubc.ca)
Antonio Pecchia, Federico II University of Naples, ITALY (antonio.pecchia@unina.it)

Call for Papers
Journal Home Page

8th International Conference on Security of Information and Networks (SIN 2015)
8-10 September 2015, Sochi, Russia

In Technical Cooperation with ACM Special Interest Group on Security, Audit and Control (SIGSAC).
Proceedings by ACM Press; all papers will be inserted into the ACM Digital Library.

Papers must be submitted electronically via the SIN 2015 Submission Site.

SIN 2015 will feature the following keynote papers and talks:
- Ron Poet, The University of Glasgow, UK
Title: TBA
- Ramki Thurimella, The University of Denver, USA
Title: Some New Results in Keyless Jam Resistance Communication (Joint Work with Hamid Hanifi and Leemon Baird)
- Valentin Tsirlov, NPO Echelon, Moscow, Russia
Title: Modern trends in the regulatory framework of the information security conformity assessment in Russia based on Common Criteria (Joint work with Alexey Markov)
- Alexey Zhukov, Bauman Moscow State Technical University, Russia
Title: Lightweight cryptography: modern development paradigms

Future SIN Conferences are scheduled to take place in the USA (2016) and Australia (2017).

IEEE Transactions on Services Computing (TSC)
Special Issue on Security and Dependability of Cloud Systems and Services

Service-based cloud systems are being used in business-, mission- and safety-critical scenarios to achieve operational goals. Their characteristics of complexity, heterogeneity, and fast-changing dynamics bring difficult challenges to the research and industry communities. Among them, security and dependability (Sec. & Dep.) have been widely identified as increasingly relevant issues. Crucial aspects to be addressed include: metrics, techniques and tools for assessing Sec. & Dep.; modeling and evaluation of the impact of accidental and malicious threats; failure and recovery analysis; Sec. & Dep. testing, testbeds, benchmarks; infrastructure interdependencies, interoperability in presence of Sec. & Dep. guarantees.

The objective of this Special Issue is to bring together sound original contributions from researchers and practitioners on methodologies, techniques and tools to assess or improve the security and dependability of cloud systems and services.
Suggested topics include, but are not limited to:
- Design, deployment and management of secure and dependable cloud systems and services;
- Secure and dependable Service-Oriented Architecture (SOA);
- Secure and dependable Big Data services;
- Specification and design methodologies (e.g., model-driven, component-based);
- Modeling and simulation of security and dependability of cloud systems and services;
- Metrics for quantifying services dependability and security;
- Dependability and security benchmarking of cloud systems;
- Verification and validation (V&V) for dependability and security evaluation of services;
- Formal verification, testing, analytical and experimental evaluation of services;
- Off-line versus on-line dependability and security services assessment;
- Protocols and network technologies for dependable and secure mobile cloud applications;
- Virtualization for dependable cloud networks;
- Future Internet architectures and protocols for mobile cloud computing;
- Design and use of supporting tools for creating dependable and secure services;
- Case studies illustrating challenges and solutions in designing secure and dependable cloud systems and services.

--- Important Dates:
- May 31, 2015: deadline for manuscript submission
- July 31, 2015: first round decision announcement
- Sept. 30, 2015: revised submissions due
- Oct. 30, 2015: second round decision announcement
- Dec. 31, 2015: camera-ready version due

--- Submission Guidelines:
Manuscripts that have not been published or considered for publication elsewhere are welcome. Authors will submit their manuscripts through the TSC online system (https://mc.manuscriptcentral.com/tsc-cs) and select “SI - Security and Dependability of Cloud Systems and Services”.
Author guidelines will be available at the journal website.

--- Guest Editors:
Prof. Marco Vieira, University of Coimbra, Portugal, mvieira at dei dot uc dot pt
Prof. Stefano Russo, Università di Napoli Federico II, sterusso at unina dot it


Call for Papers
Journal Home Page

 

The 3rd edition of the IEEE International Workshop on Software Certification (WoSoCer2013)
4th - 7th November 2013, Pasadena CA (USA)

The WoSoCer workshop series brings together researchers, practitioners, companies, domain experts, and regulatory authorities interested in investigating and discussing new strategies, methods, processes, formalisms and techniques for the development and the assessment of safety and security-critical software. Researchers and practitioners from both academia and industry, as well as people from certification authorities, that work on different aspects of software certification, are invited to participate; the workshop aims to foster interactions among these players, and to propose solutions for improving the development of critical systems, as well as the certification process as a whole. The 2013 edition of WoSoCer is co-located with the 24th IEEE International Symposium on Software Reliability Engineering (ISSRE), and it will take place in Pasadena, CA, USA, in November 4-7.

Call For Papers
Workshop Home Page

 

The 2nd Workshop on Dependability and Certification
Key Achievements from the Critical Step Project
20th - 21st February 2013, Coimbra (Portugal)

The scope of this workshop is to establish a discussion forum among academic and industrial specialists in the development and assessment of safety critical systems. It features talks covering challenges and market trends of dependable systems industry, and highlighting findings of the recent research in the field. The workshop aims to drive an active discussion on the addressed topics and to foster new collaborations among practitioners working in the area of fault injection, verification, security and certification of critical systems.
Such an event represents the final workshop of the project and aims at presenting the gained knowledge to external researchers (both industry and academia) and industrial key players in the domain of critical systems development and evaluation. It will be a two-day workshop (from 20th to 21st February 2013) and will be held at the hotel Quinta das Lacrimas in Coimbra (Portugal).


IEEE Computing Now Video Feed for the paper "Automated generation of performance and Dependability Models for the assessment of Wireless Sensor Networks" authored by M. Cinque, D. Cotroneo and C. Di Martino, IEEE Trans. on Computers. Link here.

 

Past News

Seminar Announcement
September 6 and 7, 2012 - 14:30-18:30

iOS: Theory and Practice

By: Carlos Rodriguez Dominguez, University of Granada, Spain.
Where: CINI, Complesso Universitario Monte S. Angelo, Via Cinthia, Naples.

July 2 and July 5, 2012. Seminar Announcement
: Software and Systems RAMS: The Industrial Perspective.
By: Nuno Silva and Ricardo Barbosa
Critical Software, Coimbra (PT). Naples

16th-20th January 2011 - Winter School on Hot Topics in Secure and Dependable Computing for Critical Infrastructure (SDCI 2012), Cortina Jan 16th-20th 2012 - More details

30th November 2011 - The 1st International Workshop on Software Certification (WoSoCER), held in Hiroshima, Japan, co-located with the 22nd annual International Symposium on Software Reliability Engineering (ISSRE 2011). More details

4 October 2011 - The second International Workshop on Resiliency Assessment of COmplex Systems (RACOS 2011), co-located at the 30th IEEE International Symposium on Reliable and Distributed Systems (SRDS 2011), 4-7 October 2011, Madrid Spain.

IMPORTANT DATES

Full paper submission: June 8th 2011

Workshop website -> RACOS 2011

 


Venerdì 16 Settembre 2011 alle ore 10:30 presso la sala riunioni del Dipartimento di Informatica e Sistemistica in via Claudio 21 - Napoli, il Prof. Paulo Verissimo, IEEE e ACM Fellow, della Universidade de Lisboa, Portogallo, terrà un seminario dal titolo "Security and Dependability Risks of Critical Information Infrastructures (or why Bang! is different from Crash)". Scarica qui la locandina del seminario.


Venerdì 23 Settembre 2011 alle ore 11:00 presso la sala riunioni del Dipartimento di Informatica e Sistemistica in via Claudio 21 - Napoli, il Prof. Kishor Trivedi, IEEE Fellow, della Duke University, Durham, North Carolina (USA), terrà un seminario dal titolo "End-to-End Performability Analysis for Infrastructure-as-a-Service Cloud". Scarica qui la locandina del seminario.



1 Novembre 2010 - The second International Workshop on Software Aging and Rejuvenation Co-located with 21st IEEE International Symposium on Software Reliability Engineering ISSRE 2010 (www.issre.org) - San Jose/Silicon Valley CA, USA. This international event aims to bring together researchers and practitioners involved with the theoretical and experimental aspects of software aging and rejuvenation. As a satellite event of the premier symposium, ISSRE 2010, this workshop aims to provide a forum for researchers and practitioners to present and discuss the state of the art and the new challenges in software aging and rejuvenation research, as well as providing a unique opportunity for establishing collaborations among several research groups interested in this research field.

IMPORTANT DATES

Full paper submission: 20 Sept. 2010

 

Avviso di Seminario

Lunedì 21 Giugno 2010 alle ore 11:30 presso la sala riunioni del Dipartimento di Informatica e Sistemistica in via Claudio 21 - Napoli, il Prof. Rivalino Matias Jr. della Federal University of Uberlândia, Brasile, terrà il seguente seminario nell'ambito del Corso di Dottorato di Ricerca in Ingegneria Informatica e Automatica – Scuola di Dottorato in Ingegneria dell'Informazione: The fundamental of Software Aging Theory. Verranno discussi gli aspetti teorici e le implicazioni pratiche del fenomeno del software agng, presentati casi di studio reali e vari progetti in corso relativi allo studio sperimentale di questo fenomeno.

Progetto COSMIC-FARM (www.cosmiclab.it),
BANDO DI SELEZIONE per n.10 neo-laureati
(n.2 laureati e n.8 laureati magistrali) al corso di formazione di tecnici in grado di operare su applicazioni "near real-time" e "mission and safety critical" nell'ambito dei sistemi di Controllo del Traffico Aereo. Bando di selezione, Regolamento e Modulo di domanda sono disponibili sul sito web www.cosmiclab.it
Gli interessati sono invitati a compilare il modulo di domanda via web, allegando il proprio dettagliato curriculum in formato PDF, entro e non oltre il 1 agosto 2007. I candidati devono essere in possesso dei requisiti di ammissione alla data del 30 settembre 2007.


Martedì 17 luglio Worksop Selex sulle tematiche del Data Distribution Service, nell'ambito delle attività del progetto Iniziativa Software e COSMIC
dettagli.

Mercoledì 20 Giugno alle ore 10 si terrà presso la sede di SELEX sistemi integrati di Roma, un seminario tenuto dal Prof. Philippe Kruchten sulle Architetture Software dal titolo:“Software Architecture: Perspectives on a Maturing Discipline”. dettagli

Martedì 19 giugno Worksop Selex nell'ambito delle attività del progetto Iniziativa Software e COSMIC (dettagli)

Mercoledì 9 Maggio, introdotta nuova sezione courses.

Giovedì 10 Maggio, inizio del corso "Mobile Systems" per l'European Master on Critical Networked Systems. dettagli

Martedì 22 Maggio, inizio del corso "Tecniche per il trattamento e la comprensione automatica del linguaggio naturale" per Il Master per il trattamento semantico dei documenti. dettagli

Seminario del prof. Peter Croll della Queensland University of Technology, Brisbane, Australia su "Privacy with Critical Government ICT Systems: Challenges and Technologies". 2 Maggio 2007, ore 11:30, presso la sala riunioni del DIS (Univ. di Napoli Fedrico II), via Claudio 21, Napoli.

bando per n. 7 collaborazioni a progetto da reclutare, per la durata di mesi 12, Progetto "Mo.de.m." per l'attuazione di percorsi di formazione a distanza, nell'ambito della Misura 3.22 del POR Campania 2000-2006
- DGR n. 434 del 31.03.2006 (http://www.uniparthenope.it/personale/ccc.htm)

October 27, 2006 - Meeting Finale Progetto FIRB WEB-MINDS .

October 9, 2006 - Inaugurazione Laboratorio CINI-ITEM "C. Savy"

March 9, 2006 - Invited Talk
Prof. Kimmo Raatikainen – Helsinki University- Mobility Middleware: Challenges and Solutions






 

 


Dessert Research Group:
Roberto Natella
Antonio Pecchia
Domenico Di Leo
Flavio Frattini
Anna Lanzaro
Francesco Fucci
Fabio Scippacercola
Raffaele Della Corte

News


More news

 contact info: info@dessert.unina.it  webmaster: webmaster@dessert.unina.it