Research Interests


Adaptive Service-Oriented Applications


Adaptive Security & Privacy


Topology Aware Adaptive Security


Forensically Ready Systems


User-Centric Adaptation


Requirements Engineering for the Healthcare










Adaptive Service-Oriented Applications

During my PhD, I developed a novel requirements-driven methodology for self-supervised service compositions, called FLAGS (Fuzzy Live Adaptation Goals for Self- adaptive systems). FLAGS extends traditional goal models by formalising possible satisfaction levels of non-functional requirements together with possible self-adaptation capabilities that can be enabled/disabled accordingly. Modelled requirements are traced onto a coherent service composition and a set of strategies that define how to assess the requirements of interest and adapt the composition to keep it "on track". I also designed and implemented a runtime infrastructure to support the execution, monitoring and adaptation of service compositions. FLAGS is one of the first methodologies that expresses adaptation at the requirements level and links how adaptation is performed to the reasons why it is necessary. FLAGS enables the identification and application of suitable adaptation actions on the system, as soon as the requirements are not satis ed adequately or new requirements arise. I have also used the ideas behind my dissertation to engineer dynamic software product lines.

<Back>


Adaptive Security & Privacy

As systems become complex and pervasive, it is difficult to guarantee a certain security level when assets or other security concerns (e.g., vulnerabilities) change. For this reason, I have been working on a requirements-based methodology for engineering systems able to protect valuable assets from harm. In particular, I fostered the idea to promote assets as first-class entities in engineering secure software systems. I extended a requirement model by explicitly representing assets and other security concerns, such as vulnerabilities, threats, attacks, security goals and controls. Requirements are used to track relevant changes that may arise at runtime, reason on the security risk, and enable, when necessary, a set of security controls to mitigate security threats. In this way, it is possible to engineer systems able to prevent potential attacks, by dynamically adjusting their security controls depending on the current risk of harm. This approach has been applied to engineer adaptive access control systems, cloud services (GMail), and mobile devices management software.

In collaboration with my colleagues at Lero, I also contributed to the development of an analysis technique to identify and mitigate privacy threats in mobile applications, which can disclose personal information about their users. In particular, we proposed the notion of "privacy awareness requirements" to support disclosure decisions made by mobile applications at runtime.

<Back>


Topology Aware Adaptive Security

This research builds on the idea that for adaptive security, the topology of the system operational environment (e.g., structure of the physical and cyber space, network topology) can provide important contextual characteristics. These include the location of assets being protected or the proximity of potentially threatening agents that might harm them. Agents' actions, such as physical movements, connection to a wireless network, or allocation of a virtual machine may be viewed as topological changes. The detection of a possible undesired topological change may lead to the decision to deploy a particular security control to protect the relevant asset. In collaboration with researchers at Politecnico di Milano, I investigated the use of modelling formalisms, i.e. Ambient Calculus and Bigraphical Reactive Systems, to represent the topology of physical and digital spaces and reson about how possible future evolutions of such spaces can lead to the violation of security requirements. We also developed planning techniques to prevent identified requirements violations.

<Back>


Forensically Ready Systems

A digital forensic investigation aims to collect and analyse the evidence necessary to demonstrate a potential hypothesis of a digital crime. Despite the availability of several digital forensics tools, investigators still approach each crime case from scratch, postulating potential hypotheses and analysing large volumes of data. In this research I propose to model forensic requirements in order to engineer software systems that are forensically ready. Forensic requirements relate some speculative hypotheses of a crime to the evidence that should be collected and analysed in a crime scene. They allow configuring proactive activities necessary to preserve important - potentially ephemeral - evidence in advance, depending on the risk of a digital crime to take place. Once an investigation starts, forensic requirements are used to guide the (reactive) activities of the investigation. They allow configuring the analysis of the evidence collected proactively in order to assess if some of the speculative hypotheses of a crime hold and what further evidence is necessary to demonstrate them. I evaluated this approach on realistic digital forensics datasets and obtained results suggest that modelling forensic requirements allows engineering systems able to reduce significantly the amount of evidence to be collected and the hypotheses to be analysed during a digital forensic investigation.

<Back>


User-Centric Adaptation

One of the major drawbacks of multi-tenant services is lack of configurability. Since users may often have con icting and changing configuration prefer- ences, offering the best user experience is an open challenge for service providers. Therefore, in collaboration with researchers at the University of Seville, I recently investigated an approach to support service re- configuration when users and their preferences change at runtime, or when available service configurations or infrastructural resources vary dynamically. I developed a preference analysis that leverages meta-heuristic optimisation functions to identify a service configuration that maximises users' preferences satisfaction and guarantees that available infrastructural resources are sufficient to serve the requests coming from a specific number of users. This approach has been applied to support dynamic re-configuration of virtual desktops.


Requirements Engineering for the Healthcare

I started to investigate the healthcare domain after my PhD, by using FLAGS to foster the automation of surgical actions and, in particular, to configure surgical robots performing a set of simple actions (e.g., puncturing, cutting, and suturing). Recently, I have become interested in identifying novel elicitation and modelling techniques for physiotherapy requirements in order to develop motion-based games for rehabilitation.

<Back>