Login



@conference{sort2014, author = "Ceccarelli, Andrea and Zoppi, Tommaso and Bondavalli, Andrea and Fabio Duchi and Giuseppe Vella", abstract = "Amongst the features of Service Oriented Architectures (SOAs), their flexibility, dynamicity, and scalability make them particularly attractive for adoption in the ICT infrastructure of organizations. Such features come at the cost of improved difficulty in monitoring the SOA for error detection: i) faults may manifest themselves differently due to services and SOA evolution, and ii) interactions between a service and its monitors may need reconfiguration at each service update. This calls for monitoring solutions that operate at different layers than the application layer (services layer). In this paper we present our ongoing work towards the definition of a monitoring framework for SOAs and services, which relies on anomaly detection performed at the Application Server (AS) and the Operating System (OS) layers to identify events whose manifestation or effect is not adequately described a-priori. Specifically the paper introduces the key concepts of our work and presents the case study built to exercise and set-up our monitor. The case study uses Liferay as application layer and it includes fault injection and data collection instruments to perform extended testing campaigns. ", booktitle = "ISORCW-SORT 2014", doi = "10.1109/ISORC.2014.31", issn = "1555-0885", keywords = "sort2014", pages = "358 - 365", publisher = "IEEE", title = " {A} {T}estbed for {E}valuating {A}nomaly {D}etection {M}onitors {T}hrough {F}ault {I}njection", url = "http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6899171", year = "2014", } @conference{MN2011alarp, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Florjan Gogaj and Andrea Seminatore and Michele Vadursi", booktitle = "M{\&}N 2011", keywords = "alarp mn localization", publisher = "IEEE ", title = " {L}ocalization errors of low-cost {GPS} devices in railway worksite-like scenario", year = "2011", } @conference{RESACS2017, author = "Vasenev, Alexandr and Ionita, Dan and Zoppi, Tommaso and Ceccarelli, Andrea and Wieringa, Roel", abstract = "Self-adaptive systems need to be designed with respect to threats within their operating conditions. Identifying such threats during the design phase can benefit from the involvement of stakeholders. Using a system model, the stakeholders, who may neither be IT experts nor security experts, can identify threats as a first step towards formulating security requirements. The modeling language might possess adequate features to support this task. This paper investigates how iconic signs as a feature of an informal modeling language can contribute to eliciting security requirements by non-experts. Taking urban grid as a case, we relate benefits and specifics of using iconic signs to the two modeling challenges: i) reducing the cognitive complexity required to understand and model a system by non-experts, and ii) facilitating the threat identification activity using a system model. Outputs of three experiments suggest that iconic signs do assists in addressing the challenges.", booktitle = "3rd International Workshop on Requirements Engineering for Self-Adaptive {\&} Cyber Physical Systems (RESACS)", keywords = "Requirements elicitation and analysis, Cyber-physical networks, Security requirements, Electrical network, Smart Grid, Experiments", title = " {T}owards {S}ecurity {R}equirements: {I}conicity as a {F}eature of an {I}nformal {M}odeling {L}anguage", year = "2017", } @misc{big4data2, author = "Massimiliano Leone Itria and Daidone, Alessandro and Ceccarelli, Andrea", howpublished = "EDCC Workshop Big4CIP", title = "{A} {C}omplex {E}vent {P}rocessing {A}pproach for {C}risis-{M}anagement {S}ystems", year = "2014", } @conference{SOSE17IQ, author = "Gharib, Mohamad and Lollini, Paolo and Bondavalli, Andrea", abstract = "A System-of-Systems (SoS) is an integration of a finite number of Constituent Systems (CSs), which are networked together for achieving a certain higher goal. Therefore, integration is the key viability of any SoS. Although the integration of CSs can be achieved by the exchange of information, no existing work has considered the quality of such information. Without considering Information Quality (IQ), a CS may depend on inaccurate, incomplete, inconsistent, invalid, and/or untrustworthy information, which might lead to its failure, and in turn to catastrophic incidents in the case of critical SoS. The main objective of the paper is proposing a novel conceptual model that provides the required concepts for analyzing for SoS. We illustrate the utility of the model with an example concerning the Intelligent Transportation System (ITS) domain. ", address = "Waikoloa, HI, USA", booktitle = "The12th System of Systems Engineering Conference (SoSE'17) ", doi = "10.1109/SYSOSE.2017.7994946", isbn = "978-1-5090-5945-4", keywords = "System-of-Systems, SoS, Information, Information Quality, Conceptual Modeling", month = "June", pages = "1-6", publisher = "IEEE", title = "{A} {C}onceptual {M}odel for {A}nalyzing {I}nformation {Q}uality in {S}ystem-of-{S}ystems", url = "http://ieeexplore.ieee.org/document/7994946/", year = "2017", } @techreport{BCDGS95-C9541-52, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and L. Strigini", institution = "CNUCE/CNR", month = "December", number = "C95-41", title = "{A} {C}ontribution to {D}ependability {E}valuation of {F}ault-{T}olerant, {I}terative-{E}xecution {S}oftware", type = "Technical Report", year = "1995", } @article{BCDGS99-STVR-56, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and L. Strigini", journal = "STVR - Software Testing, Verification and Reliability, John Wiley and Sons", number = "3", pages = "145--166", title = "{A} {C}ontribution to the {E}valuation of the reliability of {I}terative-{E}xecution {S}oftware", volume = "9", year = "1999", } @article{BDGX93-JCSSE-68, author = "Bondavalli, Andrea and Di Giandomenico, Felicita and J. Xu", journal = "Journal of Computer Systems Science and Engineering", note = "CRL Publishing", number = "4", pages = "234--244", title = "{A} {C}ost-{E}ffective and {F}lexible {S}cheme for {S}oftware fault {T}olerance", volume = "8", year = "1993", } @article{LBD07-LBDToR07-209, author = "Lollini, Paolo and Bondavalli, Andrea and Di Giandomenico, Felicita", journal = "IEEE Trans. on Reliability", number = "1", pages = "20--33", title = "{A} decomposition-based modeling framework for complex systems", volume = "58", year = "2009", } @conference{Montecchi2014-EDCC, author = "Montecchi, Leonardo and Lollini, Paolo and Bondavalli, Andrea", abstract = "Dependability and performance analysis of modern systems is facing great challenges: their scale is growing, they are becoming massively distributed, interconnected, and evolving. Such complexity makes model-based assessment a difficult and time-consuming task. For the evaluation of large systems, reusable submodels are typically adopted as an effective way to address the complexity and improve the maintanability of models. Approaches based on Stochastic Petri Nets often compose submodels by state-sharing, following predefined "patterns", depending on the scenario of interest. However, such composition patterns are typically not formalized. Clearly defining libraries of reusable submodels, together with valid patterns for their composition, would allow complex models to be automatically assembled, based on a high-level description of the scenario to be evaluated. The contribution of this paper to this problem is twofold: on one hand we describe our workflow for the automated generation of large performability models, on the other hand we introduce the TMDL language, a DSL to concretely support the workflow. After introducing the approach and the language, we detail their implementation within the Eclipse modeling platform, and briefly show its usage through an example.", booktitle = "Proceedings of the 10th European Dependable Computing Conference (EDCC'14)", doi = "10.1109/EDCC.2014.33", month = "May 13-16", note = "{ieee}", pages = "82-93", title = "{A} {DSL}-{S}upported {W}orkflow for the {A}utomated {A}ssembly of {L}arge {S}tochastic {M}odels", url = "http://ieeexplore.ieee.org/xpl/login.jsp?tp={\&}arnumber=6821093", year = "2014", } @misc{SRDS008Workshop-SRDS2008Workshop-222, author = "Ceccarelli, Andrea and D. Iovino and Bondavalli, Andrea", howpublished = "SRDS 2008 Workshop with no proceeding", month = "October 5", title = "{A} {F}ault {I}njection {T}ool for {T}rustworthy, {C}omparative {M}easurements and {A}nalysis", year = "2008", } @techreport{CBDG94-PDCS2-102, author = "Silvano Chiaradonna and Bondavalli, Andrea and Di Giandomenico, Felicita", institution = "Esprit BRA 6362 PDCS2", month = "September", title = "{A} {F}ault {T}reatment {A}pproach to {S}upport {D}ynamic {R}edundancy in {M}ultiprocessor {A}rchitectures", type = "2nd year deliverable", year = "1994", } @conference{BCCR03-LADC2003-2, author = "Bondavalli, Andrea and Silvano Chiaradonna and D. Cotroneo and Luigi Romano", address = "S{\~a}o Paulo, Brazil", booktitle = "LADC2003 - First Latin-American Symposium on Dependable Computing - LNCS 2847", month = "October 21-24", pages = "303--320", publisher = "Springer-Verlag", title = "{A} {F}ault-{T}olerant {D}istributed {L}egacy-based {S}ystem and {I}ts {E}valuation", year = "2003", } @conference{MRAMBL12, author = "Rossi, Magali Andreia and Jorge Rady de Almeida Junior and Bondavalli, Andrea and Lollini, Paolo", abstract = "This work presents a federated simulation framework for safety and reliability analysis in Aeronautical Communications Networking (ATN) considering the insertion of Unmanned Aircraft Vehicles (UAV) in the airspace control. The main objective is to quantitatively assess the impact of ATN faults on the risk collision probability between manned and unmanned aircraft. The paper first presents the framework that simulates the communication systems used in a non-controlled airspace. Then it is described the ATN fault injection module, which is then used to evaluate the impact of network-level faults on the risk of collisions probability considering a representative simulation scenario comprising 1500 aircraft in flight.", booktitle = "Computer Safety, Reliability, and Security", crossref = "DBLP:conf/safecomp/2012w", doi = "10.1007/978-3-642-33675-1_24", editor = "Frank Ortmeier; Peter Daniel", isbn = "978-3-642-33674-4", issn = "0302-9743", keywords = "Safety, Reliability, Simulation Framework, UAV, ATN, Fault Injection", month = "09", pages = "271-281", publisher = "Springer Berlin Heidelberg", series = "Lecture Notes in Computer Science", title = "{A} {F}ederated {S}imulation {F}ramework with {ATN} {F}ault {I}njection {M}odule for {R}eliablity {A}nalysis of {UAV}s in {N}on-controlled {A}irspace", url = "http://link.springer.com/chapter/10.1007%2F978-3-642-33675-1_24#", volume = "7613", year = "2012", } @conference{1364209-SAC08-206, author = "A. Casimiro and Lollini, Paolo and M. Dixit and Bondavalli, Andrea and P. Ver{\'i}ssimo", address = "New York, NY, USA", booktitle = "SAC '08: Proceedings of the 2008 ACM symposium on Applied computing", isbn = "978-1-59593-753-7", pages = "2192--2196", publisher = "ACM", title = "{A} framework for dependable {Q}o{S} adaptation in probabilistic environments", url = "http://doi.acm.org/10.1145/1363686.1364209", year = "2008", } @incollection{PCDGBI04-PostWADS2003-14, author = "Stefano Porcarelli and M. Castaldi and Di Giandomenico, Felicita and Bondavalli, Andrea and P. Inverardi", booktitle = "Architecting Dependable Systems", editor = "De Lemos, R. and Gacek, c. and Romanovsky, A.", note = "To appear, also ICSE-WADS2003, Post-Proceeding of ICSE-WADS2003", publisher = "Springer-Verlag", series = "LNCS", title = "{A} {F}ramework for {R}econfiguration-based {F}ault-{T}olerance in {D}istributed {S}ystems", year = "2004", } @conference{BDGPSZ04-PRDC04-19, author = "Bondavalli, Andrea and E. De Giudici and Stefano Porcarelli and S. Sabina and F. Zanini", address = "Papeete, Tahiti, French Polynesia", booktitle = "10th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC'04)", month = "March 03 - 05", pages = "292--301", title = "{A} {F}reshness {D}etection {M}echanism for {R}ailway {A}pplications", year = "2004", } @techreport{RCL060501-RCL060501-189, author = "Lollini, Paolo and Bondavalli, Andrea and Di Giandomenico, Felicita", month = "May", title = "{A} general modeling approach and its application to a {UMTS} network with soft-handover mechanism", type = "Technical Report RCL", year = "2006", } @conference{ares2016, author = "Alexandr Vasenev and Lorena Montoya and Ceccarelli, Andrea", abstract = "Ensuring an external electricity supply to critical city components during flood events requires adequate urban grid planning. The proliferation of smart grid technologies means that such planning needs to assess how smart grids might function during floods. This paper proposes a method to qualitatively investigate robustness of electricity supply to smart grid consumers during flood events. This method builds on the Hazus methodology and aims to provide inputs for the risk analysis of urban grids.", booktitle = "International Conference on Availability, Reliability and Security (ARES)", keywords = "Robustness; smart grid; Hazus; risk analysis; topology", pages = "6", publisher = "IEEE", title = "{A} {H}azus-based method for assessing robustness of electricity supply to critical smart grid consumers during flood events", year = "2016", } @article{Coppolino12, author = "Luigi Coppolino and Luigi Romano and Bondavalli, Andrea and Daidone, Alessandro", journal = " International Journal of Critical Computer-Based Systems", number = "3", pages = "210-228", title = "{A} hidden {M}arkov model based intrusion detection system for wireless sensor networks", volume = "3", year = "2012", } @conference{System of Systems; SysML Profile; Conceptual Model;, author = "Mori, Marco and Ceccarelli, Andrea and Lollini, Paolo and Bondavalli, Andrea and Bernhard Fr{\"o}mel", abstract = "In recent decades more and more efforts have been devoted in supporting the design of Systems-of-Systems (SoSs). These systems are composed of autonomous Constituent Systems (CSs) which are integrated together to achieve a higher level goal that cannot be achieved by any of its CSs in isolation. Designing such an SoS is a multidisciplinary problem which involves considering emergent phenomena, assuring the achievement of dependability and security requirements, guaranteeing system responsiveness, supporting dynamicity and evolution and multi-criticality of provided services. We believe that a first step towards a viable design approach is to provide a conceptual model of SoSs which captures SoS concepts (e.g., methods, characteristics, and technologies related to SoSs) and their inter-relationships. Such a conceptual model should enhance the understandability of SoSs to stakeholders and provide the basis for further automated analysis. In this context, the AMADEOS European project is bringing together researchers and practitioners to provide the support to design SoSs starting from the definition of a domain specific ontology serving as a vocabulary for SoSs. Our contribution consists of semi-formalizing the key SoS concepts and relationships defined in AMADEOS adopting a SysML visual modeling language. We propose a SysML profile for SoSs and we show its applicability in a Smart Grid scenario.", address = "Orlando, Florida(USA)", booktitle = "IEEE 17th International Symposium on High Assurance Systems Engineering (HASE), 2016 ", keywords = "System of Systems; SysML Profile; Conceptual Model;", publisher = "IEEE", title = "{A} holistic viewpoint-based {S}ys{ML} {P}rofile to {D}esign {S}ystems-of-{S}ystems", year = "2016", } @techreport{BCDGG96b-GUARDSD1A2A06003A-44, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and F. Grandoni", institution = "GUARDS Project - PDCC", month = "December", number = "D1A2/A0/60", title = "{A} {M}echanism for {D}iscriminating {T}ransient from {I}ntermittent/{P}ermanent {F}aults", type = "ESPRIT Project 20716", year = "1996", } @techreport{Bonfiglio130401, author = "Bonfiglio, Valentina and Montecchi, Leonardo and Francesco Rossi and Bondavalli, Andrea", institution = "University of Florence, RCL Group", month = "April", number = "RCL130401", title = "{A} {M}ethodological {A}pproach for {R}igorous {A}ssessment of {S}oftware {A}rchitectures within {ISO}26262", year = "2013", } @phdthesis{PhDMontecchi, author = "Montecchi, Leonardo", month = "March 25th", note = "Supervisor(s): A. Bondavalli", school = "Universit{\`a} degli Studi di Firenze. Dottorato in Informatica, Sistemi e Telecomunicazioni (XXVI ciclo)", title = "{A} {M}ethodology and {F}ramework for {M}odel-{D}riven {D}ependability {A}nalysis of {C}ritical {E}mbedded {S}ystems and {D}irections {T}owards {S}ystems of {S}ystems", year = "2014", } @conference{nostro2013methodology, author = "Nostro, Nicola and Ceccarelli, Andrea and Bondavalli, Andrea and Brancati, Francesco", booktitle = "Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing", organization = "ACM", pages = "3", title = "{A} methodology and supporting techniques for the quantitative assessment of insider threats", year = "2013", } @techreport{techRep-rcl090601-229, author = "{\'A}bel Heged{\"u}s", institution = "University of Florence, Dip. Sistemi Informatica, RCL group", month = "June", number = "rcl090601", title = "{A} model transformation-based approach for the {D}ependability analysis of {UML}-based system designs with maintenance", url = "http://dcl.isti.cnr.it/Documentation/Papers/Techreports.html", year = "2009", } @conference{Montecchi16DSN, author = "Montecchi, Leonardo and Atle Refsdal and Lollini, Paolo and Bondavalli, Andrea", abstract = "Accidents on petroleum installations can have huge consequences; to mitigate the risk, a number of safety barriers are devised. Faults and unexpected events may cause barriers to temporarily deviate from their nominal state. For safety reasons, a work permit process is in place: decision makers accept or reject work permits based on the current state of barriers. However, this is difficult to estimate, as it depends on a multitude of physical, technical and human factors. Information obtained from different sources needs to be aggregated by humans, typically within a limited amount of time. In this paper we propose an approach to provide an automated decision support to the work permit system, which consists in the evaluation of quantitative measures of the risk associated with the execution of work. The approach relies on state-based stochastic models, which can be automatically composed based on the work permit to be examined.", address = "Toulouse, France", booktitle = "Proceedings of the 46th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'16)", doi = " 10.1109/DSN.2016.33", isbn = "978-1-4673-8891-7", issn = "2158-3927", month = "June 28 - July 1", note = "{ieee}", pages = "275-286", publisher = "IEEE", title = "{A} {M}odel-{B}ased {A}pproach to {S}upport {S}afety-{R}elated {D}ecisions in the {P}etroleum {D}omain", url = "http://ieeexplore.ieee.org/document/7579748/", year = "2016", } @conference{Workflow2017SmartGIFT, author = "Zoppi, Tommaso and Bessler, Sandford and Ceccarelli, Andrea and Lambert, Edward and Lau, Eng Tseng and Vasenev, Alexandr", abstract = "Cyber security is becoming more and more relevant with the advent of large-scale systems made of independent and autonomous constituent systems that interoperate to achieve complex goals. To ensure security of cyberphysical systems, it is important to analyze identified threats and their possible consequences. In case of smart grids as an example of a complex system, threats can result in power outages that damage the continuous supply of energy that is required from critical infrastructures. Therefore, city planners must take into account security requirements when organizing the power grid, including demand-side management techniques able to mitigate the adverse effects of outages, ultimately improving grid resilience. This paper presents a modeling framework developed within the IRENE project that brings together methodologies, policies and a toolset to evaluate and measure the resilience of the targeted smart grid. This will support stakeholders and city planners in their activities, specifically the resilient evolution planning of Smart Grids.", address = "London, UK", booktitle = "2nd SmartGIFT Conference", keywords = "Threat Analysis, Smart Grids, Evolution, Resilience, City Planning, Power Flow Equations, Demand Side Management, IRENE", month = "March", pages = "10", publisher = "Springer", title = "{A} {M}odeling {F}ramework to {S}upport {R}esilient {E}volution {P}lanning of {S}mart {G}rids", year = "2017", } @article{jbcs05-JBCS-180, author = "Lollini, Paolo and Bondavalli, Andrea and Di Giandomenico, Felicita", booktitle = "Journal of the Brazilian Computer Society (JBCS)", month = "June", title = "{A} {M}odeling {M}ethodology for {H}ierarchical {C}ontrol {S}ystem and its {A}plication", year = "2005", } @conference{PDGLB04-ISAS2004-16, author = "Stefano Porcarelli and Di Giandomenico, Felicita and Lollini, Paolo and Bondavalli, Andrea", address = "Munich, Germany", booktitle = "International Service Availability Symposium 2004 (ISAS 2004)", month = "May 13-14", publisher = "Springer-Verlag", title = "{A} {M}odular {A}pproach for {M}odel-based {D}ependability {E}valuation of a {C}lass of {S}ystems", year = "2004", } @conference{issre-wosocer1, author = "Nuno Antunes and Brancati, Francesco and Ceccarelli, Andrea and Bondavalli, Andrea and Marco Vieira", booktitle = "ISSRE-WoSoCer", month = "November", publisher = "IEEE Computer society", title = "{A} {M}onitoring and {T}esting {F}ramework for {C}ritical {O}ff-{T}he-{S}helf {A}pplications and {S}ervices", year = "2013", } @conference{dadssac2016, author = "Nostro, Nicola and Ilaria Matteucci and Ceccarelli, Andrea and Francesco Santini and Felicita Di Giandomenico and Fabio Martinelli and Bondavalli, Andrea", abstract = "We propose a multi-criteria framework for ranking controlling strategies according to several weights, such as delay-time, resource cost, and success-probability of attacks defined via quantitative threat analysis. Therefore, by assigning a different priority to weight-dimensions, we can rank controllers in an adaptive way. We exemplify our approach on the Customer Energy Management System (CEMS), that acting as an interface among different systems, is exposed to attacks. We consider both the Man in the Middle (MiM) and the Denial of Service (DoS) attacks.", address = "New York, NY, USA", booktitle = "Proceedings of the 31st Annual ACM Symposium on Applied Computing", doi = "10.1145/2851613.2851878", isbn = "978-1-4503-3739-7", keywords = "Security assessment,Semiring,Algebraic formalism", pages = "530-533", publisher = "ACM", title = "{A} {M}ulti-{C}riteria {R}anking of {S}ecurity {C}ountermeasures", url = "http://dl.acm.org/citation.cfm?doid=2851613.2851878", year = "2016", } @conference{adet2015safecomp, author = "Zoppi, Tommaso and Bondavalli, Andrea and Ceccarelli, Andrea and Massimiliano Itria", abstract = "Revealing anomalies to support error detection in complex systems is a promising approach when traditional detection mechanisms (e.g., based on event logs, probes and heartbeats) are considered inadequate or not applicable. The detection capability of such complex system can be enhanced observing different layers to achieve richer information that describes the system status. Relying on an algorithm for statistical anomaly detection, in this paper we present the definition and implementation of an anomaly detector able to monitor data acquired from multiple layers, namely the Operating system and the Application Server, of a remote physical or virtual node. As case study, such monitoring system is applied to a node of the Secure! crisis management servicebased system. Results show the monitor performance, the intrusiveness of the probes, and ultimately the improved detection capability achieved observing data from the different layers.", booktitle = "Computer Safety, Reliability, and Security", doi = "10.1007/978-3-319-24255-2_13", isbn = "978-3-319-24254-5", issn = "0302-9743", keywords = "anomalies, monitor, complex event processor, Service Oriented Architecture, Secure", month = "September", pages = "166-180", publisher = "Springer International Publishing", series = "Lecture Notes in Computer Science", title = "{A} {M}ulti-{L}ayer {A}nomaly {D}etector for {D}ynamic {S}ervice-{B}ased {S}ystems", url = "http://link.springer.com/chapter/10.1007/978-3-319-24255-2_13", volume = "9337", year = "2015", } @article{TIM2010-TIM-239, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Falai, Lorenzo and Michele Vadursi", journal = "IEEE Tran. on Instr. and Meas.", number = "4", pages = "820-831", title = "{A} {N}ew {A}pproach and a {R}elated {T}ool {F}or {D}ependability {M}easurements on {D}istributed {S}ystems", volume = "59", year = "2010", } @conference{GCB98-HASE-113, author = "F. Grandoni and Silvano Chiaradonna and Bondavalli, Andrea", address = "Bethesda, MD, USA", booktitle = "3rd IEEE High Assurance System Engineering Symposium (HASE'98)", pages = "224--231", title = "{A} new {H}euristic to {D}iscriminate {T}ransient from {I}ntermittent {F}aults", year = "1998", } @conference{BMNSTZ91-FTCS-80, author = "Bondavalli, Andrea and M. Mannocci and L. Nardone and L. Simoncini and F. Tarini and P. Zini", address = "Nurnberg, Germany", booktitle = "5th Int. Conference on Fault-Tolerant Computing Systems", month = "September", pages = "332--347", publisher = "Springer-Verlag", title = "{A} {P}erformable {BSM} {A}rchitecture", year = "1991", } @conference{BDG00-ISORC2k-62, author = "Bondavalli, Andrea and Di Giandomenico, Felicita", address = "Newport Beach, CA, USA", booktitle = "ISORC2k - 3rd IEEE Int. Symposium on Object-oriented Real-time distributed Computing", month = "March 15-17", pages = "306--308", title = "{A} {P}osition on {D}esign, {M}ethods, and {T}ools for {O}bject-{O}riented {R}eal-time {C}omputing", year = "2000", } @conference{RSAMN2011, author = "Bondavalli, Andrea and Brancati, Francesco and A. Flammini and Stefano Rinaldi", booktitle = "IEEE International Workshop on Measurements and Networking (M{\&}N 2011)", month = "October", title = "{A} {R}eliable and {S}elf-{A}ware {C}lock for {R}eference {T}ime {F}ailure {D}etection in {I}nternal {S}ynchronization {E}nvironment", year = "2011", } @conference{DEPCOS2008-DEPCOSRELCOMEX2008-223, author = "Ceccarelli, Andrea and I. Majzik and D. Iovino and F. Caneschi and G. Pinter and Bondavalli, Andrea", booktitle = "IEEE Third International Conference on Dependability of Computer Systems (DepCoS-RELCOMEX 08)", month = "June", title = "{A} resilient {SIL} 2 {D}river {M}achine {I}nterface for train control systems", year = "2008", } @conference{Montecchi-ValueTools13, author = "Montecchi, Leonardo and Lollini, Paolo and Bondavalli, Andrea", abstract = "Model-transformation techniques have increasingly gained attention in the design and evaluation of high-integrity systems, with the purpose to provide (semi-)automatic tools for non-functional analysis. Analysis models are automatically derived from an architectural description of the system in a UML-like language. One of the main challenges is designing tools which can be reused: the modeling language, the analysis tools, and possibly the analysis method itself are going to evolve over time (e.g., due to different domains, new software versions, updates to standards). In this paper we describe the design and implementation of the toolchain for state-based dependability analysis developed within the CHESS project. The toolchain, which also provides back-annotation facilities, has been designed to be adapted to different modeling languages and analysis tools. The tool has been implemented as a plugin for the Eclipse platform, and it is publicly available on the CHESS website.", booktitle = "Proceedings of the 7th International Conference on Performance Evaluation Methodologies and Tools (VALUETOOLS 2013)", doi = "10.4108/icst.valuetools.2013.254395", isbn = "978-1-936968-48-0", month = "December, 10-12", note = "{acm}", pages = "298-303", title = "{A} {R}eusable {M}odular {T}oolchain for {A}utomated {D}ependability {E}valuation", url = "http://dl.acm.org/citation.cfm?id=2631882", year = "2013", } @conference{Rossi14, author = "Rossi, Magali Andreia and Lollini, Paolo and Bondavalli, Andrea and Italo Romani de Oliveira and Jorge Rady de Almeida Junior", address = "Colorado Springs", booktitle = "Proc. of the IEEE/AIAA 33rd IEEE Digital Avionics Systems Conference (DASC 2014)", month = "October 5-9", pages = "6B1-1 - 6B1-11", title = "{A} {S}afety {A}ssessment on the {U}se of {CPDLC} in {UAS} {C}ommunication {S}ystem", year = "2014", } @conference{BBDG97-FTDCS-32, author = "P. Bizzarri and Bondavalli, Andrea and Di Giandomenico, Felicita", address = "Tunis, Tunisia", booktitle = "6th IEEE Workshop on Future Trend in Distributed Computing Systems - FTDCS'97", month = "October 29-31", pages = "296--301", title = "{A} {S}cheduling {A}lgorithm for {A}periodic {G}roups of {T}asks in distributed {R}eal-{T}ime {S}ystems and its {H}olistic {A}nalysis", year = "1997", } @conference{BMCFPS00-pdp2007-195, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Falai, Lorenzo", booktitle = "The Fifteen Euromicro Conference on Parallel, Distributed and Network-based Processing (PDP 2007)", month = "Febraury 7-9", title = "{A} self-aware clock for pervasive computing systems", year = "2007", } @conference{SORT2011-ISORCWSORT-253, author = "Ceccarelli, Andrea and Marco Vieira and Bondavalli, Andrea", booktitle = "Object/Component/Service-Oriented Real-Time Distributed Computing Workshops (ISORCW), 2011 14th IEEE International Symposium on", month = "March", pages = "133-142", title = "{A} {S}ervice {D}iscovery {A}pproach for {T}esting {D}ynamic {SOA}s", year = "2011", } @conference{safecomp, author = "Antonio Bovenzi and Brancati, Francesco and Stefano Russo and Bondavalli, Andrea", booktitle = "Computer Safety, Reliability, and Security", doi = "10.1007/978-3-642-24270-0_10", editor = "Flammini, Francesco and Bologna, Sandro and Vittorini, Valeria", isbn = "978-3-642-24269-4", note = "{springer}", pages = "128-142", publisher = "Springer Berlin / Heidelberg", title = "{A} {S}tatistical {A}nomaly-{B}ased {A}lgorithm for {O}n-line {F}ault {D}etection in {C}omplex {S}oftware {C}ritical {S}ystems", url = "http://dx.doi.org/10.1007/978-3-642-24270-0_10", year = "2011", } @conference{SOAHASE, author = "Ceccarelli, Andrea and Bondavalli, Andrea and Marco Vieira", booktitle = "HASE 2011", keywords = "SOA, testing", publisher = "IEEE in press", title = "{A} {T}esting {S}ervice for {L}ifelong {V}alidation of {D}ynamic {SOA}. ", year = "2011", } @conference{ETA2017SmartGIFT, author = "Zoppi, Tommaso and Ceccarelli, Andrea and Mori, Marco", abstract = "Cyber-security is becoming more and more relevant with the advent of large-scale systems made of independent and autonomous constituent systems that interoperate to achieve complex goals. Providing security in such cyber-physical systems means, among other features, identifying threats generated by novel detrimental behaviors. This paper presents a tool based on a methodology that is intended to support city evolution and energy planning with a focus on threats due to novel and existing interconnections among different components. More in detail, we report a tool demonstration which shows the application of a tool devised to i) deal with security threats arising due to evolutions in a Smart City - intended as a complex cyber-physical system -, and ii) consequently perform threat analysis.", address = "London, UK", booktitle = "2nd SmartGIFT Conference", editor = "Springer", keywords = "Threat Analysis, Smart Grids, Evolution, IRENE", month = "March", pages = "6", title = "{A} {T}ool for {E}volutionary {T}hreat {A}nalysis of {S}mart {G}rids", year = "2017", } @conference{BDGM97b-WMCS-66, author = "Bondavalli, Andrea and Di Giandomenico, Felicita and I. Mura", address = "Pisa, Italy", booktitle = "2nd Int. Workshop on Mechatronical Computer Systems", pages = "155--163", title = "{A} {V}alue-{B}ased {A}pproach to {F}lexible {D}ecision {M}aking in {R}eal-{T}ime {D}ependable {S}ystems", year = "1997", } @article{Nostro-JSS2016, author = "Nostro, Nicola and Romina Spalazzese and Di Giandomenico, Felicita and Paola Inverardi", abstract = "Our everyday life is pervaded by the use of a number of heterogeneous systems that are continuously and dynamically available in the networked environment to interoperate to achieve some goal. Goals may include both functional and non functional aspects and the evolving nature of such environment requires automated solutions as means to reach the needed level of flexibility. Achieving interoperability in such environment is a challenging problem. Even though some of such systems may in principle interact since they have compatible functionalities and similar interaction protocols, mismatches in their protocols and non functional issues arising from the environment may undermine their seamless interoperability. In this paper, we propose an approach for the automated synthesis of application layer connectors between heterogeneous networked systems (NSs) addressing both functional and some non functional interoperability. Our contributions are: (i) an automated connectors synthesis approach for NSs interoperability taking into account functional, performance and dependability aspects spanning pre-deployment time and run-time; (ii) a connector adaptation process, related to the performance and dependability aspects; and (iii) a stochastic model-based implementation of the performance and dependability analysis. In addition, we implemented, analyzed, and critically discussed a case study.", doi = "10.1016/j.jss.2015.09.038", issn = "0164-1212", journal = "Journal of Systems and Software", keywords = " Connector synthesis for interoperability; Dependability; Performance", month = "January", pages = "185 - 199", title = "{A}chieving functional and non functional interoperability through synthesized connectors", url = "http://www.sciencedirect.com/science/article/pii/S0164121215002149", volume = "111", year = "2016", } @incollection{BSS95-RCS-98, author = "Bondavalli, Andrea and J. Stankovic and L. Strigini", address = "Boston", booktitle = "Responsive Computer Systems: Steps Toward Fault-Tolerant Real-Time Systems", editor = "Fussell, D. and Malek, M.", pages = "187--208", publisher = "Kluwer Academic Publishers", title = "{A}daptable {F}ault {T}olerance for {R}eal-{T}ime {S}ystems", year = "1995", } @article{taas10-taas-243, author = "M. Dixit and A. Casimiro and Lollini, Paolo and Bondavalli, Andrea and P. Ver{\'i}ssimo", issn = "1556-4665", journal = "ACM Transactions on Autonomous and Adaptive Systems", keywords = "Adaptation, dependability, probabilistic analysis, quality of service", number = "2", pages = "18:1-18:25", title = "{A}daptare: {S}upporting automatic and dependable adaptation in dynamic environments", volume = "7", year = "2012", } @phdthesis{PhDBranca, author = "Brancati, Francesco", month = "May 14th", note = "Supervisor(s): A. Bondavalli", school = "Universit{\`a} degli Studi di Firenze. Dottorato in Informatica e Applicazioni (XXIV ciclo)", title = "{A}daptive and {S}afe {E}stimation of {D}ifferent {S}ources of {U}ncertainty to {I}mprove {D}ependability of {H}ighly {D}ynamic {S}ystems {T}hrough {O}nline {M}onitoring {A}nalysis", year = "2012", } @conference{NSBBT96-WORDS-121, author = "Edgar Nett and H. Streich and P. Bizzarri and Bondavalli, Andrea and F. Tarini", address = "Laguna Beach, California, U.S.A.", booktitle = "WORDS 96, IEEE Second Int. Workshop on Object-oriented Real-time Dependable Systems", month = "February 1-2", pages = "78--85", title = "{A}daptive {S}oftware {F}ault {T}olerance {P}olicies with {D}ynamic {R}eal-{T}ime {G}uarantees", year = "1996", } @conference{nbs_wosocer_14, author = "Nostro, Nicola and Bondavalli, Andrea and Nuno Silva", booktitle = "Software Reliability Engineering Workshops (ISSREW), 2014 IEEE International Symposium on", doi = "10.1109/ISSREW.2014.56", keywords = "Safety,Security,Safety-critical system,Cyber Threats,Threats Library", month = "November", pages = "521-526", title = "{A}dding {S}ecurity {C}oncerns to {S}afety {C}ritical {C}ertification", url = "http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6983897", year = "2014", } @conference{DGS90-SRDS-172, author = "Di Giandomenico, Felicita and L. Strigini", address = "Huntsville, Alabama", booktitle = "9th Symposium on Reliable Distributed Systems", pages = "114--123", title = "{A}djudicators for {D}iverse-{R}edundant {C}omponents", year = "1990", } @techreport{RCL120301, author = "Montecchi, Leonardo and Lollini, Paolo and Bondavalli, Andrea", month = "March", number = "RCL120301", title = "{ADVISE} model for the security evaluation of the {CASHMA} multi-biometric authentication system", year = "2012", } @conference{TRA2012, author = "Andrea Seminatore and Luca Ghelardoni and Ceccarelli, Andrea and Falai, Lorenzo and Michael Schultheis and Boris Malinowsky", abstract = "The ALARP (A railway automatic track warning system based on distributed personal mobile terminals) project has the aim to study, design and implement an innovative more efficient Automated Track Warning Systems with the intent of overcome the limits of current state-of-the-art solutions. The ALARP system provides a solution which is low cost, non-invasive, easy to install and totally independent from the existing signaling. It is responsible of advising workers of a train approaching and has the functionality of localizing the workers inside the worksite and of guiding them to a safe area.", booktitle = "TRA 2012", pages = "10", publisher = "Elsevier Ltd", title = "{ALARP} ({A} {R}ailway {A}utomatic {T}rack {W}arning {S}ystem {B}ased on {D}istributed {P}ersonal {M}obile {T}erminals)", year = "2012", } @techreport{PRB98-GUARDSI1SA1TN5009VE-157, author = "D. Powell and C. Rab{\'e}jac and Bondavalli, Andrea", number = "Report GUA", title = "{A}lpha-count {M}echanism and {I}nter-{C}hannel {D}iagnosis", type = "GUARDS Project - PDC", year = "1998", } @article{BCDGX02-JSA-1, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and J. Xu", journal = "JSA - Journal on Systems and Architectures", number = "9", pages = "763--781", title = "{A}n {A}daptive {A}pproach to {A}chieving {H}ardware and {S}oftware {F}ault {T}olerance in a {D}istributed {C}omputing {E}nvironment", volume = "47", year = "2002", } @article{DGBCN-IJARAS13, author = "Di Giandomenico, Felicita and Bertolino, Antonia and Calabr{\`o}, Antonello and Nostro, Nicola", doi = "10.4018/jaras.2013010101", journal = "International Journal of Adaptive, Resilient and Autonomic Systems (IJARAS)", keywords = "Adaptation, Dependability, Evolving Heterogeneous Systems, Model-based Assessment, Monitoring, Performance", month = "March", number = "1", pages = "1-25", title = "{A}n approach to adaptive dependability assessment in dynamic and evolving connected systems", url = "http://www.igi-global.com/article/approach-adaptive-dependability-assessment-dynamic/75547", volume = "Volume 4", year = "2013", } @conference{Ficco2011, author = "Massimo Ficco and Daidone, Alessandro and Luigi Coppolino and Luigi Romano and Bondavalli, Andrea", address = "New York, NY, USA", booktitle = "Proceedings of the 13th European Workshop on Dependable Computing", doi = "10.1145/1978582.1978586", isbn = "978-1-4503-0284-5", keywords = "diagnosis, filtering, monitoring", pages = "15--20", publisher = "ACM", series = "EWDC '11", title = "{A}n event correlation approach for fault diagnosis in {SCADA} infrastructures", url = "http://doi.acm.org/10.1145/1978582.1978586", year = "2011", } @conference{MCCB00-PESSRA2000-119, author = "M. Minichino and E. Ciancamerla and Silvano Chiaradonna and Bondavalli, Andrea", address = "K{\"o}ln, Cologne, Germany", booktitle = "4t Int. Symposium Programmable Electronic Systems in Safety Related Applications", month = "May 3-4", title = "{A}n experience of dependability assessment of a typical industrial safety critical {P}rogrammable {L}ogic {C}ontroller", year = "2000", } @conference{SEUS09Bondavalli-SEUS-236, author = "Bondavalli, Andrea and Brancati, Francesco and Ceccarelli, Andrea and Falai, Lorenzo", booktitle = "LNCS Software Technologies for Embedded and Ubiquitous Systems (SEUS)", pages = "69-81", title = "{A}n {E}xperimental {F}ramework for the {A}nalysis and {V}alidation of {S}oftware {C}locks", year = "2009", } @conference{BFLS00-EFTS00-69, author = "Bondavalli, Andrea and A. Fantechi and D. Latella and L. Simoncini", address = "Washington DC", booktitle = "IEEE Int. Workshop On Embedded Fault-Tolerant Systems (EFTS00)", month = "September 21-22", title = "{A}n {I}ntegrated and {C}ompositional {A}pproach to {D}esign {V}alidation of {E}mbedded {D}ependable {S}ystems", year = "2000", } @conference{BMCFPS00-SERENE08-210, author = "M. Kovacs and Lollini, Paolo and I. Majzik and Bondavalli, Andrea", booktitle = "RISE/EFTS Joint International Workshop on Software Engineering for REsilieNt systEms (SERENE 2008)", month = "November 17-19", pages = "29--38", title = "{A}n {I}ntegrated {F}ramework for the {D}ependability {E}valuation of {D}istributed {M}obile {A}pplications", year = "2008", } @techreport{techRepMoLoBo10-247, author = "Montecchi, Leonardo and Lollini, Paolo and Bondavalli, Andrea", institution = "University of Florence, Dip. Sistemi Informatica, RCL group", month = "January", number = "rcl101115 ", title = "{A}n {I}ntermediate {D}ependability {M}odel for state-based dependability analysis", year = "2011", } @article{BDGM99-RTSJ-67, author = "Bondavalli, Andrea and Di Giandomenico, Felicita and I. Mura", journal = "Real-Time Systems Journal, Kluwer Academic Publishers", number = "1", pages = "5--30", title = "{A}n {O}ptimal {V}alue-{B}ased {A}dmission {P}olicy and its {R}eflective {U}se in {R}eal-{T}ime {D}ependable {S}ystems", volume = "16", year = "1999", } @article{Bovenzi15-TDSC, author = "Antonio Bovenzi and Brancati, Francesco and Stefano Russo and Bondavalli, Andrea", abstract = "Revealing anomalies at the operating system (OS) level to support online diagnosis activities of complex software systems is a promising approach when traditional detection mechanisms (e.g., based on event logs, probes and heartbeats) are inadequate or cannot be applied. In this paper we propose a configurable detection framework to reveal anomalies in the OS behavior, related to system misbehaviors. The detector is based on online statistical analyses techniques, and it is designed for systems that operate under variable and non-stationary conditions. The framework is evaluated to detect the activation of software faults in a complex distributed system for Air Traffic Management (ATM). Results of experiments with two different OSs, namely Linux Red Hat EL5 and Windows Server 2008, show that the detector is effective for mission-critical systems. The framework can be configured to select the monitored parameter so as to tune the level of intrusivity. A sensitivity analysis of the detector parameters is carried out to show their impact on the performance and to give to practitioners guidelines for its field tuning.", journal = "IEEE Transactions on Dependable and Secure Computing", month = "May-June 1", note = "{IEEE}", number = "3", pages = "366-372", title = "{A}n {OS}-level {F}ramework for {A}nomaly {D}etection in {C}omplex {S}oftware {S}ystems", volume = "12", year = "2015", } @mastersthesis{Pacini 2007, author = "Pacini, Alessandro", month = "February 9th", note = "Supervisor: A. Bondavalli, Co-Supervisor: F. Di Giandomenico, A. Daidone", school = "Universit{\`a} di Firenze", title = "{A}nalisi di possibili soluzioni per la diagnosi e la riconfigurazione dello scenario applicativo {A}ssisted {T}rasportation all'interno del progetto {H}idenets", year = "2007", } @misc{Albini 2006, author = "Albini, Martina", howpublished = "Bachelor's thesis. Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", month = "December 18th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): L. Falai", title = "{A}nalisi e {V}alidazione di {A}lgoritmi {D}istribuiti in {S}istemi con {P}almari: {S}pecifica e {D}efinizione di {N}eko{PDA} e {A}nalisi delle {P}roblematiche del {P}orting", year = "2006", } @misc{Guarnieri 2006, author = "Guarnieri, Vania", howpublished = "Bachelor's thesis. Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", month = "December 18th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): L. Falai", title = "{A}nalisi e {V}alidazione di {S}istemi {D}istribuiti con {S}upporto {A}utomatico {I}ndipendente dalla {P}iattaforma", year = "2006", } @misc{Montecchi 2007, author = "Montecchi, Leonardo", howpublished = "Bachelor's thesis. Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", month = "April 27th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): P. Lollini", title = "{A}nalisi e valutazione di reti {UMTS}", year = "2007", } @misc{Baldini 2006, author = "Baldini, Alessio", howpublished = "Bachelor's thesis. Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", month = "December 18th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): S. Chiaradonna, P. Lollini", title = "{A}nalisi {Q}uantitativa di {S}istemi di {C}onsenso {S}oggetti ad {A}ttacchi", year = "2006", } @misc{tesicecca, author = "Ceccarelli, Andrea", howpublished = "Bachelor's thesis. Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", month = "April 28th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): L. Falai", title = "{A}nalisi sperimentale di applicazioni critiche real-time: uno strumento consapevole della qualit{\`a} delle misurazioni raccolte", year = "2006", } @conference{CBDG01-ISORC01-138, author = "A. Coccoli and Bondavalli, Andrea and Di Giandomenico, Felicita", address = "Magdeburg, Germany", booktitle = "ISORC'01 - 4th IEEE Int. Symposium on Object-oriented Real-time distributed Computing", pages = "209--216", title = "{A}nalysis and {E}stimation of the {Q}uality of {S}ervice of {G}roup {C}ommunication {P}rotocols", year = "2001", } @phdthesis{Porcarelli2003, author = "Stefano Porcarelli", month = "June 4th", note = "Supervisor(s): L. Simoncini, A. Bondavalli", school = "Universit{\`a} degli Studi di Pisa, Dottorato in Ingegneria dell'Informazione", title = "{A}nalysis and {M}odeling of {D}ependability and {P}erformability of {T}elecommunication {S}ystems", year = "2003", } @conference{CSB99-NGC-108, author = "A. Coccoli and L. Simoncini and Bondavalli, Andrea", address = "Pisa, Italy", booktitle = "First Int. Workshop on Networked Group Communication, NGC '99", title = "{A}nalysis and {V}alidation of {P}rotocols for the {R}ealisation of {D}istributed {D}ependable {A}pplications in {W}ireless {N}etworks", year = "1999", } @incollection{DCBV08-DCBV08LNCS-214, author = "Daidone, Alessandro and Silvano Chiaradonna and Bondavalli, Andrea and P. Verissimo", booktitle = "Architecting Dependable Systems V", editor = "De Lemos, R. and Di Giandomenico, F. and Gacek, C. and Muccini, H. and Vieira, M.", pages = "78--100", publisher = "Springer, Heidelberg", series = "LNCS", title = "{A}nalysis of a {R}edundant {A}rchitecture for {C}ritical {I}nfrastructure {P}rotection", volume = "5135", year = "2008", } @conference{DBLP:conf/safecomp/CeccarelliS15, author = "Ceccarelli, Andrea and Nuno Silva", booktitle = "Computer Safety, Reliability, and Security - SAFECOMP 2015 Workshops, ASSURE, DECSoS, ISSE, ReSA4CI, and SASSUR, Delft, The Netherlands, September 22, 2015, Proceedings", crossref = "DBLP:conf/safecomp/2015w", doi = "10.1007/978-3-319-24249-1_26", pages = "303--313", title = "{A}nalysis of {C}ompanies {G}aps in the {A}pplication of {S}tandards for {S}afety-{C}ritical {S}oftware", url = "http://dx.doi.org/10.1007/978-3-319-24249-1_26", year = "2015", } @phdthesis{PhDCecca, author = "Ceccarelli, Andrea", keywords = "critical systems, assessment, experimental evaluation, testing, methodology", month = "May 9th", note = "Supervisor(s): A. Bondavalli", school = "Universit{\`a} degli Studi di Firenze. Dottorato in Ingegneria Informatica e dell'Automazione (XXIV Ciclo)", title = "{A}nalysis of {C}ritical {S}ystems {T}hrough {R}igorous, {R}eproducible and {C}omparable {E}xperimental {A}ssessment", year = "2012", } @conference{EDCC 2012, author = "Silvano Chiaradonna and Di Giandomenico, Felicita and Nostro, Nicola", booktitle = "EDCC", doi = "10.1109/EDCC.2012.17", editor = "Cristian Constantinescu , Miguel P. Correia", isbn = "978-1-4673-0938-7", keywords = "Stochastic Modeling; Electric Power System; In- frastructures Dependencies; Blackout-size Assessment", month = "May", pages = "84-93", publisher = "IEEE", title = "{A}nalysis of {E}lectric {P}ower {S}ystems accounting for interdependencies in heterogeneous scenarios", url = "http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp={\&}arnumber=6214763{\&}contentType=Conference+Publications{\&}sortType%3Dasc_p_Sequence%26filter%3DAND%28p_IS_Number%3A6214743%29", year = "2012", } @conference{CSDGMB00-HASE00-109, author = "A. Coccoli and S. Schemmer and Di Giandomenico, Felicita and M. Mock and Bondavalli, Andrea", address = "Albuquerque, NM, USA", booktitle = "HASE00 - 5th IEEE High Assurance System Engineering Symposium", pages = "247--256", title = "{A}nalysis of {G}roup {C}ommunication {P}rotocols to {A}ssess {Q}uality of {S}ervice {P}roperties", year = "2000", } @conference{CB03-WORDS03-15, author = "A. Coccoli and Bondavalli, Andrea", address = "Capri, Italy", booktitle = "WORDS 2003, 9th IEEE International Workshop on Object-oriented Real-time Dependable Systems", publisher = "IEEE Computer Society Press", title = "{A}nalysis of {S}afety {R}elated {A}rchitectures", year = "2003", } @conference{CBBS94-DCCS-100, author = "Gy. Csert{\'a}n and C. Bernardeschi and Bondavalli, Andrea and L. Simoncini", address = "Toledo, Spain", booktitle = "12th IFAC workshop DCCS 94", pages = "153--158", publisher = "Elsevier Science", title = "{A}nalysis of temporal properties of dataflow networks", year = "1994", } @conference{TPDGB01-DSN-147, author = "F. Tataranni and Stefano Porcarelli and Di Giandomenico, Felicita and Bondavalli, Andrea", address = "G{\"o}teborg, Sweden", booktitle = "IEEE Int. Conference on Dependable Systems and Networks (DSN-2001)", pages = "235--244", title = "{A}nalysis of the {E}ffects of {O}utages on the {Q}uality of {S}ervice of {GPRS} {N}etwork {S}ystems", year = "2001", } @conference{forms08-FORMS2008-211, author = "Lollini, Paolo and Montecchi, Leonardo and M. Magyar and I. Majzik and Bondavalli, Andrea", booktitle = "Symposium on Formal Methods for Automation and Safety in Railway and Automotive Systems (FORMS/FORMAT 2008)", month = "October 9-10", title = "{A}nalysis of the impact of communication protocols on service quality in {ERTMS} automatic train control systems", year = "2008", } @incollection{blm08-SEUS2008-215, author = "Bondavalli, Andrea and Lollini, Paolo and Montecchi, Leonardo", booktitle = "6th IFIP Workshop on Software Technologies for Future Embedded and Ubiquitous Systems (SEUS 2008)", note = "{springer}", publisher = "Springer Verlag", series = "LNCS", title = "{A}nalysis of {U}ser {P}erceived {Q}o{S} in {U}biquitous {UMTS} {E}nvironments {S}ubject to {F}aults", year = "2008", } @conference{BMN97-HASE-79, author = "Bondavalli, Andrea and I. Mura and M. Nelli", address = "Washington, DC, USA", booktitle = "IEEE HASE'97, High Assurance System Engineering Workshop", month = "August 11-12", pages = "85--91", title = "{A}nalytical {M}odelling and {E}valuation of {P}hased-{M}ission {S}ystems for {S}pace {A}pplications", year = "1997", } @techreport{BMN97b-GUARDSD3A4AO6001C-161, author = "Bondavalli, Andrea and I. Mura and M. Nelli", month = "March 18", number = "Report GUA", title = "{A}nalytical modelling and evaluation of the {GUARDS} instances: example for space applications", type = "GUARDS Project - PDC", year = "1997", } @techreport{CDGB97-GUARDSD3A4AO6002C-107, author = "Silvano Chiaradonna and Di Giandomenico, Felicita and Bondavalli, Andrea", institution = "PDCC", month = "March 18", number = "D3A4/AO/60", title = "{A}nalytical {M}odelling of {GUARDS} {M}echanisms and {C}omponents: {E}xample of the {E}rror {F}iltering {M}echanism", type = "ESPRIT Project 20716", year = "1997", } @conference{PDGB02-ISCC02-8, author = "Stefano Porcarelli and Di Giandomenico, Felicita and Bondavalli, Andrea", address = "Taormina, Italy", booktitle = "IEEE Symposium on Computers and Communications (ISCC02)", pages = "142--149", title = "{A}nalyzing {Q}uality of {S}ervice of {GPRS} {N}etwork {S}ystems from a {U}sers {P}erspective", year = "2002", } @conference{gmee, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Brancati, Francesco and Diego Santoro and Michele Vadursi", booktitle = "XXXI Congresso Nazionale dell'AssociazioneGruppo Misure Elettriche ed Elettroniche", isbn = "978-88-97683-66-7", keywords = "anomaly gmee", title = "{A}nomaly detection in sistemi complessi mediante monitoraggio di variabili di sistema operativo", year = "2014", } @conference{BNSM97-WCRR-85, author = "Bondavalli, Andrea and M. Nelli and L. Simoncini and G. Mongardi", address = "Firenze, Italia", booktitle = "WCRR - World Congress on Railway Research", month = "16-19 Novembre", title = "{A}pplication of {A}nalytical {M}odel-{B}ased {E}valuations to {T}he {R}ailway {A}plications: a case study", year = "1997", } @inbook{ads7-ads_vii-242, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Lollini, Paolo", address = "Berlin Heidelberg", month = "January", publisher = "Springer Berlin / Heidelberg", series = "LNCS", title = "{A}rchitecting and {V}alidating {D}ependable {S}ystems: {E}xperiences and {V}isions", year = "2010", } @conference{SDGBC04-WCC2004-22, author = "L. Simoncini and Di Giandomenico, Felicita and Bondavalli, Andrea and Silvano Chiaradonna", address = "Toulouse, France", booktitle = "Fault Tolerance for Trustworthy and Dependable Information Infrastructures, Topical Days Track, WCC 18th IFIP World Computer Congress", month = "August, 22-27", title = "{A}rchitectural {C}hallenges for a {D}ependable {I}nformation {S}ociety", year = "2004", } @techreport{techRep-rcl080401-205, author = "Lollini, Paolo and Montecchi, Leonardo and M. Magyar and I. Majzik and Bondavalli, Andrea", institution = "University of Florence, Dip. Sistemi Informatica, RCL group", month = "April", number = "rcl080401", title = "{A}ssessing the impact of cyclic/acyclic {EVC}-{DMI} interactions in {A}utomatic {T}rain {C}ontrol systems", url = "http://dcl.isti.cnr.it/Documentation/Papers/Techreports.html", year = "2008", } @article{CDGL09-IJSSECDGL09-232, author = "Silvano Chiaradonna and Di Giandomenico, Felicita and Lollini, Paolo", journal = "International Journal of System of Systems Engineering (IJSSE), InderScience Publishers", number = "3", pages = "367--386", title = "{A}ssessing the {I}mpact of {I}nterdependencies in {E}lectric {P}ower {S}ystems", volume = "1", year = "2009", } @conference{SRDS08-SRDS2008-224, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Falai, Lorenzo", address = "Washington, DC, USA", booktitle = "SRDS 2008: Proceedings of the 27th IEEE Symposium on Reliable Distributed Systems", publisher = "IEEE Computer Society", title = "{A}ssuring {R}esilient {T}ime {S}ynchronization", year = "2008", } @mastersthesis{SchiavoneMaster, author = "Schiavone, Enrico", month = "April 17th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): A. Ceccarelli", school = "Universit{\`a} degli Studi di Firenze. Corso di Laurea Magistrale in Informatica", title = "{A}utenticazione {C}ontinua {B}iometrica: {D}efinizione e {P}rototipazione di una {S}oluzione per la {P}rotezione di {A}mbienti {D}esktop", year = "2015", } @conference{BMM99-ISORC-77, author = "Bondavalli, Andrea and I. Majzik and I. Mura", address = "Saint Malo, France", booktitle = "2nd IEEE Int. Symposium on Object-oriented Real-time distributed Computing (ISORC'99)", month = "May 2-5", pages = "139--144", title = "{A}utomated {D}ependability {A}nalysis of {UML} {D}esigns", year = "1999", } @article{DiGiandomenico2014220, author = "Di Giandomenico, Felicita and Massimiliano Leone Itria and P. Masci and Nostro, Nicola", abstract = "Approaches to dependability and performance are challenged when systems are made up of networks of heterogeneous applications/devices, especially when operating in unpredictable open-world settings. The research community is tackling this problem and exploring means for enabling interoperability at the application level. The EU project Connect has developed a generic interoperability mechanism which relies on the on-the-fly synthesis of “Connectors”, that is software bridges that enable and adapt communication among heterogeneous devices. Dependability and Performance are relevant aspects of the system. In our previous work, we have identified generic dependability mechanisms for enhancing the dependability of Connectors. In this work, we introduce a set of generic strategies for automating the selection and application of an appropriate dependability mechanism. A case study based on a global monitoring system for environment and security (GMES) is used as a means for demonstrating the approach. ", doi = "http://dx.doi.org/10.1016/j.ress.2014.08.001", issn = "0951-8320", journal = "Reliability Engineering {\&} System Safety ", keywords = "Model-based analysis", pages = "220 - 232", title = "{A}utomated synthesis of dependable mediators for heterogeneous interoperable systems ", url = "http://www.sciencedirect.com/science/article/pii/S095183201400194X", volume = "132", year = "2014", } @conference{BMM99b-HASE-78, author = "Bondavalli, Andrea and I. Majzik and I. Mura", address = "Washington D.C., USA", booktitle = "4th IEEE High Assurance System Engineering Symposium (HASE99)", pages = "64--71", title = "{A}utomatic {D}ependability {A}nalysis for {S}upporting {D}esign {D}ecisions in {UML}", year = "1999", } @conference{MB98-ISSRE-115, author = "I. Majzik and Bondavalli, Andrea", address = "Paderborn, Germany", booktitle = "9th IEEE Int. Symposium on Software Reliability Engineering (ISSRE) - Fast Abstract Track", month = "November 4-7", pages = "29--30", title = "{A}utomatic {D}ependability {M}odelling of {S}ystems {D}escribed in {UML}", year = "1998", } @techreport{PSBDG98b-CSRtn-153, author = "M. Pizza and L. Strigini and Bondavalli, Andrea and Di Giandomenico, Felicita", month = "January", title = "{B}ayesian {D}iagnosis of {T}ransient vs {P}ermanent {F}aults", type = "CSR Technical note", year = "1998", } @misc{big4data1, author = "Marcello Cinque and Flavio Frattini and Antonio Pecchia and Stefano Russo and Leonardo Querzoni and Leonardo Aniello and Claudio Ciccottelli and Ceccarelli, Andrea and Bondavalli, Andrea and Andrea Pugliese and Antonella Guzzo", howpublished = "EDCCW Big4CIP", title = "{B}ig {D}ata in {C}ritical {I}nfrastructures {S}ecurity {M}onitoring: {C}hallenges and {O}pportunities", year = "2014", } @techreport{BM98-GUARDSI3A4AO6015VA-156, author = "Bondavalli, Andrea and I. Mura", month = "11 June", number = "Report GUA", title = "{B}rief {O}verview of some {T}ools to {S}upport the {M}odelling and {E}valuation of {P}hased {M}ission {S}ystems", type = "GUARDS Project, PDCC", year = "1998", } @conference{srds2016tommaso, author = "Zoppi, Tommaso and Ceccarelli, Andrea and Bondavalli, Andrea", abstract = "Software infrastructures are becoming more and more complex, making performance and dependability monitoring in wide and dynamic contexts such as Distributed Systems, Systems of Systems (SoS) and Cloud environments an unachievable goal. Consequently, it is very difficult to know how all the specific parts, services and modules of these systems behave. This negatively impacts our ability in detecting anomalies, because the boundaries between normal and anomalous behaviors are not always known. The paper describes the context and the targeted problem highlighting the research directions that the student will follow in the next years. In particular, after introducing the relevance of this work with respect to the academic and the industrial state of the art, we carefully define the problem and summarize the main challenges that arise according to such problem definition.", booktitle = "Proceedings of 2016 IEEE 35th Symposium on Reliable Distributed Systems", doi = "10.1109/SRDS.2016.34", isbn = "978-1-5090-3513-7", keywords = "anomaly detection; monitoring; multi-layer; distributed system; complex system;", pages = "2", publisher = "IEEE", title = "{C}hallenging {A}nomaly {D}etection in {C}omplex {D}ynamic {S}ystems", year = "2016", } @conference{BerniniEDCC16, author = "Riccardo Bernini and Bondavalli, Andrea and Lollini, Paolo and Montecchi, Leonardo", abstract = "Several formalisms and techniques have been in- troduced in the literature for the purpose of modeling and evaluation of complex systems. Each of them has its strengths and weaknesses, which also depend on the purpose of the evaluation. In this paper we propose the integration of two different formalisms in a single framework for the modeling, validation, and optimization of production-supply problems. In particular, the proposed framework combines Process Graphs (P-Graphs) as the modeling formalism, and Stochastic Activity Networks (SAN) for the analysis and optimization. The integration proposed in this paper extends the capabilities of the P-Graph formalism to include performance and dependability metrics in the optimization process, without hampering the modeling convenience of P-Graphs. The proposed approach is applied to a case study of the optimization of a power supply network.", address = "Gothenburg, Sweden", booktitle = "Proceedings of the 12th European Dependable Computing Conference (EDCC2016)", doi = "10.1109/EDCC.2016.33", isbn = "978-1-5090-1582-5 ", month = "September 5-9", note = "{ieee}", pages = "197-207", title = "{C}ombining {SAN} and {P}-{G}raphs for the {A}nalysis and {O}ptimization of {I}ndustrial {P}rocesses", url = "http://ieeexplore.ieee.org/document/7780361/", year = "2016", } @techreport{CBS94-C9402-104, author = "Silvano Chiaradonna and Bondavalli, Andrea and L. Strigini", institution = "CNUCE/CNR", month = "January", number = "C94-02", title = "{C}omparative {P}erformability {E}valuation of {RB}, {NVP} and {SCOP}", type = "Technical Report", year = "1994", } @proceedings{safecomp2014, author = "Bondavalli, Andrea and Di Giandomenico, Felicita", doi = "10.1007/978-3-319-10506-2", editor = "Andrea Bondavalli; Felicita Di Giandomenico", isbn = "978-3-319-10505-5", publisher = "Springer", series = "Lecture Notes in Computer Science", title = "{C}omputer {S}afety, {R}eliability, and {S}ecurity - 33rd {I}nternational {C}onference, {SAFECOMP} 2014, {F}lorence, {I}taly, {S}eptember 10-12, 2014. {P}roceedings", url = "http://dx.doi.org/10.1007/978-3-319-10506-2", volume = "8666", year = "2014", } @proceedings{safecomp2014workshops, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Frank Ortmeier", editor = "Andrea Bondavalli; Andrea Ceccarelli; Frank Ortmeier ", isbn = "978-331910556-7", issn = "03029743", publisher = "Springer", series = "Lecture Notes in Computer Science", title = "{C}omputer {S}afety, {R}eliability, and {S}ecurity - {SAFECOMP} 2014 {W}orkshops: {ASC}o{MS}, {DECS}o{S}, {DEVVARTS}, {ISSE}, {R}e{SA}4{CI}, {SASSUR}. {F}lorence, {I}taly, {S}eptember 8-9, 2014, {P}roceedings", url = "http://www.springer.com/us/book/9783319105567", volume = "8696", year = "2014", } @conference{BG88b-SNIPS-73, author = "Bondavalli, Andrea and E. Gregori", address = "Sofia, Bulgaria", booktitle = "IFIP TC6/TC8 Open Symposium on Network Information Processing Systems", month = "May", pages = "69--77", publisher = "North Holland", title = "{C}oncurrency {C}ontrol in {OSI} {T}ransactional {E}nvironments", year = "1988", } @conference{LBDGP04-ISCC2004-18, author = "Lollini, Paolo and Bondavalli, Andrea and Di Giandomenico, Felicita and Stefano Porcarelli", address = "Alexandria, Egypt", booktitle = "The Ninth IEEE Symposium On Computers And Communications (ISCC'2004)", month = "June 28 - July 1", title = "{C}ongestion {A}nalysis during {O}utage, {C}ongestion {T}reatment and {O}utage {R}ecovery for simple {GPRS} networks", year = "2004", } @conference{LDGBP04-MV04-24, author = "Lollini, Paolo and Di Giandomenico, Felicita and Bondavalli, Andrea and Stefano Porcarelli", address = "Athens, Greece", booktitle = "Mobile Venue '04 (informal proceedings)", month = "May 27-28", title = "{C}ongestion analysis in a general {GPRS} network", year = "2004", } @conference{CBS00-IDPT2000-103, author = "A. Coccoli and Bondavalli, Andrea and L. Simoncini", address = "Dallas, TX, USA", booktitle = "IDPT '2000 5th, Int. Conference on Integrated Design and Process Technology", month = "June 4-8", title = "{C}onsensus in asynchronous distributed systems", year = "2000", } @conference{SAFECOMP16AD, author = "Zoppi, Tommaso and Ceccarelli, Andrea and Bondavalli, Andrea", abstract = "Revealing anomalies to support error detection in softwareintensive systems is a promising approach when traditional detection mechanisms are considered inadequate or not applicable. The core of anomaly detection lies in the definition of the expected behavior of the observed system. Unfortunately, the behavior of complex and dynamic systems is particularly difficult to understand. To improve the accuracy of anomaly detection in such systems, in this paper we present a contextaware anomaly detection framework which acquires information on the running services to calibrate the anomaly detection. To cope with system dynamicity, our framework avoids instrumenting probes into the application layer of the observed system monitoring multiple underlying layers instead. Experimental evaluation shows that the detection accuracy is increased considerably through context-awareness and multiple layers monitoring. Results are compared to state-of-the-art anomaly detectors exercised in demanding more static contexts.", booktitle = "Computer Safety, Reliability and Security (SAFECOMP 2016)", doi = "10.1007/978-3-319-45477-1", editor = "Amund Skavhaug; J{\'e}r{\'e}mie Guiochet; Friedemann Bitsch", isbn = "978-3-319-45477-1", keywords = "Anomaly Detection, Monitoring, Service Oriented Architecture, SOA, Context Aware, Multi Layer", pages = "145-158", publisher = "Springer International Publishing", series = "9922", title = "{C}ontext-{A}wareness to improve {A}nomaly {D}etection in {D}ynamic {S}ervice {O}riented {A}rchitectures", url = "https://www.springerprofessional.de/context-awareness-to-improve-anomaly-detection-in-dynamic-servic/10656174", year = "2016", } @article{Ceccarelli-TDSC2015, author = "Ceccarelli, Andrea and Montecchi, Leonardo and Brancati, Francesco and Lollini, Paolo and Angelo Marguglio and Bondavalli, Andrea", abstract = "Session management in distributed Internet services is traditionally based on username and password, explicit logouts and mechanisms of user session expiration using classic timeouts. Emerging biometric solutions allow substituting username and password with biometric data during session establishment, but in such an approach still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session. Additionally, the length of the session timeout may impact on the usability of the service and consequent client satisfaction. This paper explores promising alternatives offered by applying biometrics in the management of sessions. A secure protocol is defined for perpetual authentication through continuous user verification. The protocol determines adaptive timeouts based on the quality, frequency and type of biometric data transparently acquired from the user. The functional behavior of the protocol is illustrated through Matlab simulations, while model-based quantitative analysis is carried out to assess the ability of the protocol to contrast security attacks exercised by different kinds of attackers. Finally, the current prototype for PCs and Android smartphones is discussed.", doi = "10.1109/TDSC.2013.2297709", journal = "IEEE Transactions on Dependable and Secure Computing", month = "May-June", note = "{ieee}", number = "3", pages = "270-283", title = "{C}ontinuous and {T}ransparent {U}ser {I}dentity {V}erification for {S}ecure {I}nternet {S}ervices", volume = "12", year = "2015", } @conference{SRDSsf2016Schiavone, author = "Schiavone, Enrico and Ceccarelli, Andrea and Bondavalli, Andrea", abstract = "User authentication is a key service, especially for systems that can be considered critical for the data stored and the functionalities offered. In those cases, traditional authentication mechanisms can be inadequate to face intrusions: they usually verify user’s identity only at login, and even repeating this step, frequently asking for passwords or PIN would reduce system’s usability. Biometric continuous authentication, instead, is emerging as viable alternative approach that can guarantee accurate and transparent verification for the entire session: the traits can be repeatedly acquired avoiding disturbing the user’s activity. Another security service that these systems may need is nonrepudiation, which protect against the denial of having used the system or executed some commands with it. The paper focuses on biometric continuous authentication and nonrepudiation, and it briefly presents a preliminary solution based on a specific case study. This work presents the current research direction of the author and describes some challenges that the student aims to address in the next years.", address = "Budapest, Hungary", booktitle = "PhD Forum of the 35th IEEE Symposium on Reliable Distributed Systems, SRDS", keywords = "authenticity; non-repudiation; continuous authentication; biometrics; security;", month = "September", publisher = "IEEE", title = "{C}ontinuous {A}uthentication and {N}on-repudiation for the {S}ecurity of {C}ritical {S}ystems", year = "2016", } @conference{ARES17, author = "Schiavone, Enrico and Ceccarelli, Andrea and Bondavalli, Andrea", abstract = "As our society massively relies on ICT, security services are becoming essential to protect users and entities involved. Amongst such services, non-repudiation provides evidences of actions, protects against their denial, and helps solving disputes between parties. For example, it prevents denial of past behaviors as having sent or received messages. Noteworthy, if the information flow is continuous, evidences should be produced for the entirety of the flow and not only at specific points. Further, non-repudiation should be guaranteed by mechanisms that do not reduce the usability of the system or application. To meet these challenges, in this paper, we propose two solutions for non-repudiation of remote services based on multi-biometric continuous authentication. We present an application scenario that discusses how users and service providers are protected with such solutions. We also discuss the technological readiness of biometrics for non-repudiation services, and the assumptions under which this is possible.", booktitle = "ARES '17 Proceedings of the 12th International Conference on Availability, Reliability and Security ", doi = "http://dx.doi.org/10.1145/3098954.3098969", isbn = "978-1-4503-5257-4", keywords = "Non-repudiation, biometrics, security, authentication, continuous authentication, protocol, biometric signature", month = "August", publisher = "ACM", title = "{C}ontinuous {B}iometric {V}erification for {N}on-{R}epudiation of {R}emote {S}ervices", url = "http://dl.acm.org/citation.cfm?id=3098969", year = "2017", } @conference{Schiavone2015-ICA3PP, author = "Schiavone, Enrico and Ceccarelli, Andrea and Bondavalli, Andrea", abstract = "Human operators in control rooms are often responsible of issuing critical commands, and in charge of managing sensitive data. Insiders must be prevented to operate on the system: they may benefit of their position in the con-trol room to fool colleagues, and gain access to machines or accounts. This paper proposes an authentication system for deterring and detecting malicious access to the workstations of control rooms. Specifically tailored for the operators in the control room of the crisis management system Secure!, the solution aims to guar-antee authentication and non-repudiation of operators, reducing the risk that un-authorized personnel (including intruders) misuses a workstation. A continuous multi-biometric authentication mechanism is developed and applied in which bi-ometric data is acquired transparently from the operator and verified continu-ously through time. This paper presents the authentication system design and pro-totype, its execution and experimental results.", booktitle = "Algorithms and Architectures for Parallel Processing - {ICA3PP} International Workshops and Symposiums, Zhangjiajie, China, November 18-20, 2015, Proceedings", keywords = "Biometrics, Verification, Trust, Security, Control Rooms", month = "November 18-20", pages = "187-200", publisher = "Springer", series = "Lecture Notes in Computer Science", title = "{C}ontinuous {U}ser {I}dentity {V}erification for {T}rusted {O}perators in {C}ontrol {R}ooms", volume = "9532", year = "2015", } @conference{Brancati15-DSNW, author = "Brancati, Francesco and Andr{\'a}s Pataricza and Nuno Silva and Abel Hegedus and Laszlo Gonczy and Bondavalli, Andrea and Rosaria Esposito", abstract = "Cost (time and effort) estimation is fundamental in system and software management. The software related research, together with industries, elaborated and currently use a large number of different cost estimators (CE). While expert judgment is still the most widely used estimation practice in industry, these estimators take a representative calibration set of projects and use a best matching extrapolation curve to predict the costs of further projects. The approach has proven its usefulness in predicting system and software development cost with the breakdown granularity of the main phases of the workflow (specification, implementation, testing etc.). However, there is no such CE for the broad application field of safety critical applications which would be fine granular enough to predict the costs related to Verification and Validation (V{\&}V) and certification. The paper presents an ongoing work for creating such a V{\&}V specific CE. The usefulness of the approach is illustrated by a "what-if" analysis example on the impacts of introducing sophisticated formal methods into the V{\&}V workflow instead of the traditional methodology.", booktitle = "Dependable Systems and Networks Workshops (DSN-W), 2015 IEEE International Conference on ", doi = "10.1109/DSN-W.2015.15", month = "June 22-25", pages = "57-62", title = "{C}ost {P}rediction for {V}{\&}{V} and {C}ertification {P}rocesses ", year = "2015", } @incollection{SAFECOMPW-DEVVARTS2, author = "Fabio Duchi and Nuno Antunes and Ceccarelli, Andrea and Giuseppe Vella and Francesco Rossi and Bondavalli, Andrea", booktitle = "Computer Safety, Reliability, and Security - Workshop", editor = "Andrea Bondavalli, Andrea Ceccarelli, Frank Ortmeier", pages = "231-242", publisher = "Springer International Publishing", title = "{C}ost-{E}ffective {T}esting for {C}ritical {O}ff-the-{S}helf {S}ervices", year = "2014", } @conference{BBBL88-AICA-30, author = "T. Belli and C. Bernardeschi and Bondavalli, Andrea and D. Latella", address = "Cagliari, Italy", booktitle = "27th Congresso annuale A.I.C.A.", month = "September 28-30", pages = "165--180", title = "{C}ostruzione gerarchica di tipi di dati astratti condivisi", year = "1988", } @phdthesis{tesidaidonephd, author = "Daidone, Alessandro", month = "April 21th", school = "Universit{\`a} degli Studi di Firenze. Dottorato in Informatica e Applicazioni (XXII ciclo)", title = "{C}ritical {I}nfrastructures: a {C}onceptual {F}ramework for {D}iagnosis, {S}ome {A}pplications and {T}heir {Q}uantitative {A}nalysis", year = "2010", } @conference{Ussami2016RADIANCE, author = "Thais Harumi Ussami and Eliane Martins and Montecchi, Leonardo", abstract = "Agile software development methodologies use an iterative and incremental development in order to handle evolving systems. Consolidated techniques in the field of testing have been applied to these techniques with the main purpose of aiding in the test creation stage. An example is Model-Based Test Driven Development (MBTDD) which joins the concepts of Model-Based Testing (MBT) and Test Driven Development (TDD). However, when iterative and incremental processes are used, problems appear as the consequence of the evolution of the system, such as: how to reuse the test artefacts, and how to select the relevant tests for implementing the new version of the system. In this context, this work proposes a process called D-MBTDD in which the agile development of a system is guided by model-based tests, focusing on helping with the reuse of test artefacts and on the process of identifying tests relevant to development. The information about the modifications between two versions of the test model are used in this approach, which was compared to the RegenerateAll approach, which regenerates test cases along the iterations and does not reuse any of them.", address = "Toulouse, France", booktitle = "Proceedings of the RADIANCE Workshop 2016", doi = " 10.1109/DSN-W.2016.22", isbn = "978-1-5090-3688-2", month = "June 28", note = "{ieee}", pages = "39-46", publisher = "IEEE", title = "{D}-{MBTDD}: {A}n {A}pproach for {R}eusing {T}est {A}rtefacts in {E}volving {S}ystems", url = "http://ieeexplore.ieee.org/document/7575347/", year = "2016", } @conference{BBS93b-SAFECOMP-35, author = "C. Bernardeschi and Bondavalli, Andrea and L. Simoncini", address = "Poznan, Poland", booktitle = "SAFECOMP '93", month = "October 27-29", pages = "9--20", publisher = "Springer Verlag", title = "{D}ata {F}low {C}ontrol {S}ystems: an {E}xample of {S}afety {V}alidation", year = "1993", } @conference{SBS91-IFAC-126, author = "L. Strigini and Bondavalli, Andrea and L. Simoncini", address = "Vienna, Austria", booktitle = "10th IFAC Workshop on Distributed Computer Control Systems", pages = "131--136", publisher = "Pergamon Press", title = "{D}ata-{F}low like {L}anguages for {D}esigning {D}ependable {R}eal-{T}ime {C}ontrol {S}ystems", year = "1991", } @conference{BSS92b-SRDS-97, author = "Bondavalli, Andrea and L. Strigini and L. Simoncini", address = "Houston, Texas, USA", booktitle = "11th IEEE Symposium on Reliable Distributed Systems (SRDS-11)", month = "October 5-7", note = "also Esprit PDCS (Predictably Dependable Computing Systems) report No. D10, 1992", pages = "214--221", title = "{D}ata-{F}low like {L}anguages for {R}eal-{T}ime {S}ystems: {I}ssues of {C}omputational {M}odels and {N}otation", year = "1992", } @conference{BBS94b-ESREL-37, author = "C. Bernardeschi and Bondavalli, Andrea and L. Simoncini", address = "Le Baule, France", booktitle = "ESREL 94", pages = "876--881", title = "{D}ata-flow networks in the design of safety-critical systems", year = "1994", } @article{BS89-JCSSE-90, author = "Bondavalli, Andrea and L. Simoncini", journal = "Journal of Computer Systems Science and Engineering", note = "Butterworths, July", number = "3", pages = "176--184", title = "{D}ata-flow-like model for robust computations", volume = "4", year = "1989", } @conference{CRITIS17, author = "Gharib, Mohamad and Lollini, Paolo and Ceccarelli, Andrea and Bondavalli, Andrea", abstract = "Road transport system is an essential infrastructures in the world, where the majority of the population use its facilities on a daily basis. That is why ensuring their safety has been always a growing concern for most authorities. The automotive industry is already aware of that, and the ISO 26262, a standard for developing functional safety systems for vehicles, has been developed. Although current studies have shown that the root cause for most of the accidents has shifted from vehicle-centric to driver-centric, the main objective of ISO 26262 is covering electronic and electric (E/E) systems of vehicles with almost no emphasis on the driver itself. To this end, we propose a holistic approach based on the ISO 26262 standard that not only considers the E/E systems of the vehicle but also the driver's behavior. We illustrate the utility of the approach with an example from the automotive domain.", booktitle = "The 12th International Conference on Critical Information Infrastructures Security (CRITIS)", keywords = "Transport, Automotive systems, Functional safety requirements, ISO 26262, Cyber-Physical-Social systems", month = "October ", publisher = "Springer", title = "{D}ealing with {F}unctional {S}afety {R}equirements for {A}utomotive {S}ystems: {A} {C}yber-{P}hysical-{S}ocial {A}pproach", year = "2017", } @conference{BMCFPS00-DSN2000-76, author = "Bondavalli, Andrea and I. Mura and Silvano Chiaradonna and R. Filippini and S. Poli and F. Sandrini", booktitle = "DSN-2000 IEEE Int. Conference on Dependable Systems and Networks (FTCS-30 and DCCA-8)", month = "June 25-28", pages = "231--236", title = "{DEEM}: a {T}ool for the {D}ependability {M}odeling and {E}valuation of {M}ultiple {P}hased {S}ystems", year = "2000", } @article{CDGL11-CDGL11IJCIP-254, author = "Silvano Chiaradonna and Di Giandomenico, Felicita and Lollini, Paolo", doi = "10.1016/j.ijcip.2011.03.001", issn = "1874-5482", journal = "International Journal of Critical Infrastructure (IJCIP), Elsevier", keywords = " Electric power systems; Control systems; SCADA systems; Dependencies; Interdependencies; Stochastic modeling", month = "April", number = "1", pages = "24--40", title = "{D}efinition, {I}mplementation and {A}pplication of a {M}odel-based {F}ramework for the {A}nalysis of {I}nterdependencies in {E}lectric {P}ower {S}ystems {P}rotection", url = "http://www.sciencedirect.com/science/article/pii/S1874548211000059", volume = "4", year = "2011", } @mastersthesis{Bastone 2005, author = "Bastone, Giuseppina", month = "September 20th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): L. Falai", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{D}efinizione e realizzazione di miglioramenti alle metodologie per l'analisi di sistemi distribuiti", year = "2005", } @article{BDCLMPS01-134, author = "Bondavalli, Andrea and M. Dal Cin and D. Latella and I. Majzik and Andr{\'a}s Pataricza and G. Savoia", journal = "Journal of Computer Systems Science and Engineering", number = "5", pages = "265--275", title = "{D}ependability {A}nalysis in the {E}arly {P}hases of {UML} {B}ased {S}ystem {D}esign", volume = "16", year = "2001", } @techreport{MB98b-HIDET12PDCC1v1-155, author = "I. Majzik and Bondavalli, Andrea", number = "Project Re", title = "{D}ependability {A}nalysis in the {HIDE} {F}ramework", type = "Technical note", year = "1998", } @conference{MCDG10-EDCC2010MCDG10-234, author = "P. Masci and Silvano Chiaradonna and Di Giandomenico, Felicita", booktitle = "Eighth European Dependable Computing Conference (EDCC-2010)", title = "{D}ependability {A}nalysis of {D}iffusion {P}rotocols in {W}ireless {N}etworks with {H}eterogeneous {N}ode {C}apabilities", year = "2010", } @incollection{BCDGS95b-PDCS-53, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and L. Strigini", booktitle = "Predictably Dependable Computing Systems", editor = "Randell, B. and Laprie, J.C. and Kopetz, H. and Littlewood, B.", pages = "459--472", publisher = "Springer-Verlag", title = "{D}ependability {A}nalysis of {I}terative {F}ault {T}olerant {S}oftware {C}onsidering {C}orrelation", year = "1995", } @conference{CBDG00-EWDC12-101, author = "A. Coccoli and Bondavalli, Andrea and Di Giandomenico, Felicita", address = "Budapest, Hungary", booktitle = "EWDC-12 European Workshop on Dependable Computing", title = "{D}ependability and performance analysis of a protocol for efficient real-time group communication", year = "2000", } @incollection{BCDN11, author = "Bertolino, Antonia and Calabr{\`o}, Antonello and Di Giandomenico, Felicita and Nostro, Nicola", booktitle = "Formal Methods for Eternal Networked Software Systems", editor = "M. Bernardo and V. Issarny", pages = "350 - 392", publisher = "Springer", series = "LNCS", title = "{D}ependability and {P}erformance {A}ssessment of {D}ynamic {CONNECT}ed {S}ystems", volume = "6659", year = "2011", } @conference{MoLoBo2011a-WORNUS2011-250, author = "Montecchi, Leonardo and Lollini, Paolo and Bondavalli, Andrea", booktitle = "14th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops (ISORCW 2011)", month = "28-31 March", note = "{ieee}", title = "{D}ependability {C}oncerns in {M}odel-{D}riven {E}ngineering", year = "2011", } @incollection{ABDGJJKMP01-GUARDS2001-131, author = "J. Arlat and Bondavalli, Andrea and Di Giandomenico, Felicita and M. T. Jarboui and E. Jenn and K. Kanoun and I. Mura and D. Powell", address = "Boston", booktitle = "A Generic Fault-Tolerant Architecture for Real-Time Dependable Systems", editor = "Powell, D.", note = "ISBN 0-7923-7295-6", pages = "157--191", publisher = "Kluwer Academic Publishers", title = "{D}ependability {E}valuation", year = "2001", } @incollection{GCDGPBB06-EPEW2006-185, author = "L. G{\"o}nczy and Silvano Chiaradonna and Di Giandomenico, Felicita and Andr{\'a}s Pataricza and Bondavalli, Andrea and T. Bartha", booktitle = "3rd European Performance Engineering Workshop (EPEW2006), Budapest, Hungary, June 21-22, 2006", editor = "Horv{\'a}th, A. and Telek, M.", pages = "166--180", publisher = "Springer Verlag", series = "LNCS", title = "{D}ependability {E}valuation of {W}eb {S}ervice-{B}ased {P}rocesses", url = "http://dx.doi.org/10.1007/11777830_12", volume = "4054", year = "2006", } @conference{DGPLB03-WPMC03-20, author = "Di Giandomenico, Felicita and Stefano Porcarelli and Lollini, Paolo and Bondavalli, Andrea", booktitle = "WMPC03 - 6th International Symposium on Wireless Personal Multimedia Communications", pages = "146--150", title = "{D}ependability {I}ssues in {R}adio {R}esource {M}anagement of {W}ireless {S}ystems", volume = "2", year = "2003", } @article{BCDGM04-TRDEEM-3, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and I. Mura", journal = "IEEE Transactions on Reliability", number = "4", pages = "509-522", title = "{D}ependability {M}odeling and {E}valuation of {M}ultiple-{P}hased {S}ystems using {DEEM}", volume = "53", year = "2004", } @techreport{BMZT98-GUARDSI1SA4TN6010-152, author = "Bondavalli, Andrea and I. Mura and X. Zang and K. S. Trivedi", month = "20 January", number = "Report GUA", title = "{D}ependability modeling and {E}valuation of {P}hased {M}ission {S}ystems: a {DSPN} {A}pproach", type = "PDCC Technical Note", year = "1998", } @conference{MBZT99-DCCA7-117, author = "I. Mura and Bondavalli, Andrea and X. Zang and K. S. Trivedi", address = "San Jose, CA, USA", booktitle = "IEEE DCCA-7, IFIP Int. Conference on Dependable Computing for Critical Applications", month = "January 6-8", pages = "319--337", title = "{D}ependability {M}odeling and {E}valuation of {P}hased {M}ission {S}ystems: a {DSPN} {A}pproach", year = "1999", } @conference{NBS96-EDCC2-120, author = "M. Nelli and Bondavalli, Andrea and L. Simoncini", address = "Taormina, Italy", booktitle = "EDCC-2 European Dependable Computing Conference", pages = "93--110", title = "{D}ependability {M}odelling and {A}nalysis of {C}omplex {C}ontrol {S}ystems: an {A}pplication to {R}ailway {I}nterlocking", year = "1996", } @conference{BMT99-EDCC3-83, author = "Bondavalli, Andrea and I. Mura and K. S. Trivedi", address = "Prague, Czech Republic", booktitle = "EDCC-3 European Dependable Computing Conference (also LNCS N. 1667)", month = "September", pages = "7--23", publisher = "Springer Verlag", title = "{D}ependability {M}odelling and {S}ensitivity {A}nalysis of {S}cheduled {M}aintenance {S}ystems", year = "1999", } @conference{BCDGS95c-IPDS-54, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and L. Strigini", address = "Erlangen, Germany", booktitle = "IEEE Int. Computer Performance and Dependability Symposium (IPDS'95)", pages = "13--21", title = "{D}ependability {M}odels for {I}terative {S}oftware {C}onsidering {C}orrelation among {S}uccessive {I}nputs", year = "1995", } @conference{BCDGLT95-SAFECOMP-49, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and La Torre, S.", address = "Belgirate, Italy", booktitle = "14th Int. Conference on Computer Safety, Reliability and Security (SAFECOMP'95)", month = "October 11-13", pages = "489--503", publisher = "Springer-Verlag", title = "{D}ependability of {I}terative {S}oftware: a {M}odel for {E}valuating the {E}ffects of {I}nput {C}orrelation", year = "1995", } @book{BT02-EDCC4-12, author = "", address = "Berlin, Heidelberg, New York", editor = "Andrea Bondavalli and Th{\`e}venod-Fosse, P.", publisher = "Springer Verlag", series = "Lecture Notes in Computer Science", title = "{D}ependable {C}omputing -- {EDCC}-4 {LNCS} 2485", year = "2002", } @inbook{BBR07-LADC2007-201, author = "Bondavalli, Andrea and F.V. Brasileiro and S. Rajsbaum", editor = "Andrea Bondavalli and Brasileiro, F. V. and Rajsbaum, S.", isbn = "978-3-540-75293-6", publisher = "Springer", series = "Lecture Notes in Computer Science", title = "{D}ependable {C}omputing, {T}hird {L}atin-{A}merican {S}ymposium, {LADC} 2007, {M}orella, {M}exico, {S}eptember 26-28, 2007, {P}roceedings", volume = "4746", year = "2007", } @conference{BS94-MicroP94-95, author = "Bondavalli, Andrea and L. Simoncini", address = "Budapest, Hungary", booktitle = "MicroP94, 8th Symposium on Microcomputer and Microprocessor Applications", month = "March 30 - April 1", pages = "5--14", title = "{D}ependable {D}ataflow {C}ontrol {S}ystems", year = "1994", } @article{IJPESAFEDMI-IJPESafedmi-226, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Jesper Gr{\o}nb{\ae}k and D. Iovino and L. Karna and S. Klapka and T.K. Madsen and M. Magyar and I. Majzik and A. Salzo", journal = "IJPE", number = "2", pages = "153--166", title = "{D}esign and {E}valuation of a {S}afe {D}river {M}achine {I}nterface", volume = "4", year = "2009", } @conference{HASE2012MT, author = "Ceccarelli, Andrea and Bondavalli, Andrea and Joao Figueiras and Boris Malinowsky and Jurij Wakula and Brancati, Francesco and C. Dambra and Andrea Seminatore", abstract = "Trackside railway workers can benefit of intelligent systems for automatic track warning, that are able to safely i) detect trains or rolling stock approaching the worksite, and ii) notify their arrival to the workers. The usage of wearable mobile devices to monitor workers positions and notify trains arrivals requires to face serious challenges mainly in terms of service timeliness, safety, security and ergonomics (this last one to define notification signals to the workers that are always perceivable). This paper presents the design and the prototype of the Mobile Terminal (MT), a wearable, real-time, wireless, safety-critical device which exploits information received from track monitoring devices to inform a worker about trains or rolling stock approaching the worksite. The MT design concept is based on a hybrid architecture to favor the apportionment of different requirements, in terms of timing and security, to the different parts of the MT. Additionally, the MT includes novel solutions to interface with the worker, to realize an accurate localization service and to achieve safety-critical real-time communication.", booktitle = "High-Assurance Systems Engineering (HASE), 2012 IEEE 14th International Symposium on", keywords = "railway workers; hybrid architecture; track-warning system; safety; self-localization; real-time; wireless", pages = "147--154", publisher = "IEEE Computer society", title = "{D}esign and implementation of real-time wearable devices for a safety-critical track warning system", year = "2012", } @conference{B96-EDCC2-27, author = "Bondavalli, Andrea", address = "Gliwice, Poland", booktitle = "EDCC-2 Companion Workshop on Dependable Computing", note = "ISBN 83-906582-0-8", pages = "41--51", publisher = "AMK-Press", title = "{D}esign of {F}ault {T}olerant {S}oftware", year = "1996", } @conference{BBBDGT95-WRTP-29, author = "M. Bizzarri and P. Bizzarri and Bondavalli, Andrea and Di Giandomenico, Felicita and F. Tarini", address = "Ft. Lauderdale, Florida, USA", booktitle = "20th IFAC-IFIP WRTP'95", editor = "Press, Pergamon", title = "{D}esign of {F}lexible and {D}ependable {R}eal-{T}ime {A}pplications", year = "1995", } @article{BFLS01-IEEEMICRO-136, author = "Bondavalli, Andrea and A. Fantechi and D. Latella and L. Simoncini", journal = "IEEE MICRO (special issue on embedded fault tolerant systems)", number = "5", pages = "52--62", title = "{D}esign {V}alidation of {E}mbedded {D}ependable {S}ystems", volume = "21", year = "2001", } @article{BSS92-CNISDNS-96, author = "Bondavalli, Andrea and L. Strigini and M. Sereno", journal = "Computer Networks and ISDN Systems", note = "also CNUCE / CNR report, No. C90-07, 1990", number = "1", pages = "15--32", title = "{D}estination {S}tripping {D}ual {R}ing: a new protocol for {MAN}s", volume = "24", year = "1992", } @conference{DSN2007sf-DSN2007-197, author = "Daidone, Alessandro", booktitle = "DSN-2007 student forum", month = "June 25--28", title = "{D}iagnosis {F}ramework for {C}omplex {C}ritical {S}ystems/{I}nfrastructures", year = "2007", } @article{Bondavalli2016229, author = "Bondavalli, Andrea and Brancati, Francesco and Ceccarelli, Andrea and Diego Santoro and Michele Vadursi", abstract = "Abstract Dependable complex systems often operate under variable and non-stationary conditions, which requires efficient and extensive monitoring and error detection solutions. Among the many, the paper focuses on anomaly detection techniques, which monitor the evolution of some specific indicators through time to identify anomalies, i.e. deviations from the expected operational behavior. The timely identification of anomalies in dependable, fault tolerant systems allows to timely detect errors in the services and react appropriately. In this paper, we investigate the possibility to monitor the evolution of indicators through time using the random walk model on indicators belonging to Operating Systems, specifically in our study the Linux Red Hat EL5. The approach is based on the experimental evaluation of a large set of heterogeneous indicators, which are acquired under different operating conditions, both in terms of workload and faultload, on an air traffic management target system. The statistical analysis is based on a best-fitting approach aiming to minimize the integral distance between the empirical data distribution and some reference distributions. The outcomes of the analysis show that the idea of adopting a random walk model for the development of an anomaly detection monitor for critical systems that operates at Operating System level is promising. Moreover, standard distributions such as Laplace and Cauchy, rather than Normal, should be used for setting up the thresholds of the monitor. Further studies that involve a new application, a different Operating System and a new layer (an Application Server) will allow verifying the generalization of the approach to other fault tolerant systems, monitored layers and set of indicators. ", doi = "http://dx.doi.org/10.1016/j.measurement.2015.11.010", issn = "0263-2241", journal = "Measurement ", keywords = "System monitoring", pages = "229 - 240", title = "{D}ifferential analysis of {O}perating {S}ystem indicators for anomaly detection in dependable systems: {A}n experimental study ", url = "http://www.sciencedirect.com/science/article/pii/S0263224115005965", volume = "80", year = "2016", } @conference{BCDGG97-FTCS-45, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and F. Grandoni", address = "Seattle, Washington, USA", booktitle = "27th IEEE Int. Symposium on Fault-Tolerant Computing (FTCS-27)", month = "June 25-27", pages = "354--362", title = "{D}iscriminating {F}ault {R}ate and {P}ersistency to {I}mprove {F}ault {T}reatment", year = "1997", } @techreport{BCDGG96c-B433-166, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and F. Grandoni", institution = "IEI/CNR, Pisa, Italy", number = "B4-33", title = "{D}iscriminating {F}ault {R}ate and {P}ersistency to {I}mprove {F}ault {T}reatment", type = "Internal Report", year = "1996", } @conference{BS91-INFOCOM-92, author = "Bondavalli, Andrea and L. Strigini", address = "Miami, Florida", booktitle = "IEEE INFOCOM'91", month = "April 9-11", pages = "1022--1030", title = "{DSDR}: {A} {F}air and {E}fficient {A}ccess {P}rotocol for {R}ing-{T}opology {MAN}s", year = "1991", } @incollection{XBDG95-PDCS-130, author = "J. Xu and Bondavalli, Andrea and Di Giandomenico, Felicita", booktitle = "Predictably Dependable Computing Systems", editor = "Randell, B. and Laprie, J.C. and Kopetz, H. and Littlewood, B.", pages = "155--172", publisher = "Springer-Verlag", title = "{D}ynamic {A}djustment of {D}ependability and {E}fficiency in {F}ault-{T}olerant {S}oftware", year = "1995", } @article{BCCR04-TDSC-173, author = "Bondavalli, Andrea and Silvano Chiaradonna and D. Cotroneo and Luigi Romano", journal = "IEEE Transactions on Dependable and Secure Computing", number = "4", pages = "223--237", title = "{E}ffective {F}ault {T}reatment for {I}mproving the {D}ependability of {COTS}- and {L}egacy-based {A}pplications", volume = "1", year = "2004", } @conference{BCDG94-ICPADS-41, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita", address = "Hsinchu, Taiwan, ROC", booktitle = "IEEE Int. Conference on Parallel and Distributed Systems (ICPADS'94)", month = "December", pages = "354--359", title = "{E}fficient {F}ault {T}olerance: an {A}pproach to {D}eal with {T}ransient {F}aults in {M}ultiprocessor {A}rchitectures", year = "1994", } @conference{depend10-depend-244, author = "Lorenzo Vinerbi and Bondavalli, Andrea and Lollini, Paolo", booktitle = "Third International Conference on Dependability (DEPEND 2010)", title = "{E}mergence: a new source of failures in complex systems", year = "2010", } @misc{RADB08Bondavalli-RADB2008-221, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Falai, Lorenzo and Michele Vadursi", howpublished = "Workshop with no proceeding DSN-RADB2008", month = "June", title = "{E}nhancing the {N}eko{S}tat {T}ool with {U}ncertainty, {R}esolution and {I}ntrusiveness {E}valuation {C}apabilities", year = "2008", } @incollection{BCDGGPR01-GUARDS2001-133, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and F. Grandoni and D. Powell and C. Rab{\'e}jac", address = "Boston", booktitle = "A Generic Fault-Tolerant Architecture for Real-Time Dependable Systems", editor = "Powell, D.", month = "January", pages = "71--86", publisher = "ISBN 0-7923-7295-6, Kluwer Academic Publishers", title = "{E}rror {P}rocessing and {F}ault {T}reatment", year = "2001", } @incollection{DGGGS92-169, author = "Di Giandomenico, Felicita and M. L. Guidotti and F. Grandoni and L. Simoncini", booktitle = "Hardware and Software Fault Tolerance in Parallel Computing Systems", editor = "Avresky, D. R.", pages = "227--242", publisher = "Ellis Horwood Workshops", title = "{E}valuating the {E}fficiency of {B}yzantine {A}greement {A}lgorithms", year = "1992", } @incollection{CDGL08-CDGL08LNCS-213, author = "Silvano Chiaradonna and Di Giandomenico, Felicita and Lollini, Paolo", booktitle = "Architecting Dependable Systems V", editor = "De Lemos, R. and Di Giandomenico, F. and Gacek, C. and Muccini, H. and Vieira, M.", pages = "52--77", publisher = "Springer, Heidelberg", series = "LNCS 5135", title = "{E}valuation of {C}ritical {I}nfrastructures: {C}hallenges and {V}iable {A}pproaches", url = "http://dx.doi.org/10.1007/978-3-540-85571-2_3", volume = "5135", year = "2008", } @article{GCDGB01-CJ2001-142, author = "F. Grandoni and Silvano Chiaradonna and Di Giandomenico, Felicita and Bondavalli, Andrea", journal = "Special Issue on High Assurance Systems of The Computer Journal", number = "6", pages = "544--556", title = "{E}valuation of {F}ault-{T}olerant {M}ultiprocessor {S}ystems for {H}igh {A}ssurance {A}pplications", volume = "44", year = "2001", } @conference{DGCBG00-PDPTA2000-111, author = "Di Giandomenico, Felicita and Silvano Chiaradonna and Bondavalli, Andrea and F. Grandoni", address = "Monte Carlo Resort, Las Vegas, Nevada, USA", booktitle = "IEEE Int. Conference on Parallel and Distributed Processing Techniques and Applications (PDPTA 2000)", month = "June 26-29", pages = "1145--1151", title = "{E}valuation of {I}ntegrated {E}rror {P}rocessing and {F}ault {D}iagnosis in {M}ultiprocessor {S}ystems", year = "2000", } @conference{ISAS2005-LNCS-182, author = "Lollini, Paolo and Bondavalli, Andrea and Di Giandomenico, Felicita", booktitle = "ISAS 2005/Service Availability, Lecture Notes in Computer Science 3694, Volume Editor(s): M. Malek, N. Suri, E. Nett", title = "{E}valuation of the {I}mpact of {C}ongestion on {S}ervice {A}vailability in {GPRS} infrastructures", year = "2005", } @conference{5609784-I2MTC2011-258, author = "P. Ferrari and A. Flammini and Stefano Rinaldi and Bondavalli, Andrea and Brancati, Francesco", booktitle = "2011 IEEE Instrumentation and Measurement Technology Conference (I2MTC)", month = "May", title = "{E}valuation of {T}imestamping {U}ncertainty in a {S}oftware-based {IEEE}1588 {I}mplementation", year = "2011", } @conference{Azzolini15, author = "Raphael P. Azzolini and Cecilia M. F. Rubira and Leonardo P. Tizzei and Felipe N. Gaia and Montecchi, Leonardo", abstract = "Software Product Lines engineering is a technique that explores systematic reuse of software artifacts in large scale to implement applications that share a common domain and have some customized features. For improving Product Line Architecture evolution, it is advisable to develop Software Product Lines using a modular structure. This demand can be satisfied by an aspect-oriented and component-based feature-architecture method that integrates components, aspects and variation point aspect-connectors. This approach allows minimization of feature scattering in the architectural model and supports modular modelling of crosscutting features. A case study mapping major features of significant e-commerce systems operating in Brazil and other countries was performed to evaluate this approach. The assessment of our solution was performed comparing its stability and modularity with other two approaches. Our results indicate that change impact in the architectural model is reduced when using our solution in the context of Software Product Lines evolution.", booktitle = "Proceedings of the Workshop on Variability for Qualities in Software Architecture (VAQUITA 2015)", month = "September", note = "{acm}", pages = "26:1-26:7", title = "{E}volving a {S}oftware {P}roducts {L}ine for {E}-commerce {S}ystems: a {C}ase {S}tudy", year = "2015", } @conference{Bonfiglio15HASE, author = "Bonfiglio, Valentina and Montecchi, Leonardo and Francesco Rossi and Lollini, Paolo and Andr{\'a}s Pataricza and Bondavalli, Andrea", abstract = "Safety analysis is increasingly important for a wide class of systems. In the automotive field, the recent ISO26262 standard foresees safety analysis to be performed at system, hardware, and software levels. Failure Modes and Effects Analy- sis (FMEA) is an important step in any safety analysis process, and its application at hardware and system levels has been extensively addressed in the literature. Conversely, its application to software architectures is still to a large extent an open problem, especially concerning its integration into a general certification process. The approach we propose in this paper aims at performing semi-automated FMEA on component-based software architectures described in UML. The foundations of our approach are model-execution and fault-injection at model-level, which allows us to compare the nominal and faulty system behaviors and thus assess the effectiveness of safety countermeasures. Besides introducing the detailed workflow for SW FMEA, the work in this paper focuses on the process for obtaining an executable model from a component-based software architecture specified in UML. ", address = "Daytona Beach Shores, FL", booktitle = "Proceedings of the IEEE 16th International Symposium on High Assurance Systems Engineering (HASE'15) ", doi = "10.1109/HASE.2015.36", isbn = "978-1-4799-8110-6", month = "8-10 January", note = "{ieee}", pages = "189-196", title = "{E}xecutable {M}odels to {S}upport {A}utomated {S}oftware {FMEA}", url = "http://ieeexplore.ieee.org/xpl/login.jsp?tp={\&}arnumber=7027431", year = "2015", } @conference{MiniSy2017Zoppi, author = "Zoppi, Tommaso", abstract = "Revealing anomalies in data usually suggests significant - also critical - actionable information in a wide variety of application domains. Anomaly detection can support dependability monitoring when traditional detection mechanisms e.g., based on event logs, probes and heartbeats, are considered inadequate or not applicable. On the other hand, checking the behavior of complex and dynamic system it is not trivial, since the notion of “normal” – and, consequently, anomalous - behavior is changing frequently according to the characteristics of such system. In such a context, performing anomaly detection calls for dedicate strategies and techniques that are not consolidated in the state-of-the-art. The paper expands the context, the challenges and the work done so far in association with our current research direction. The aim is to highlight the challenges and the future works that the PhD student tackled and will tackle in the next years.", booktitle = "24th PhD MiniSymposium", keywords = "anomaly detection; monitoring; multi-layer; dynamicity; complex system; online", month = "January", organization = "DMIS Budapest", pages = "4", publisher = "IEEE", title = "{E}xecuting {O}nline {A}nomaly {D}etection in {C}omplex {D}ynamic {S}ystems", year = "2017", } @conference{bondavalli2013experimental, author = "Bondavalli, Andrea and Brancati, Francesco and Ceccarelli, Andrea and Diego Santoro and Michele Vadursi", booktitle = "Measurements and Networking Proceedings (M{\&}N), 2013 IEEE International Workshop on", organization = "IEEE", pages = "138--142", title = "{E}xperimental analysis of the first order time difference of indicators used in the monitoring of complex systems", year = "2013", } @article{elsevier2013, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Florjan Gogaj and Michele Vadursi and Andrea Seminatore", abstract = "Since GPS has been made available for civil usage, satellite-based localization in open space has become a more and more common option for vehicular tracking and for a number of commercial applications. The accuracy of the localization results and the availability of the localization system are influenced by several factors, such as the characteristics of the devices used, the surrounding environment, and the distance from reference stations. The possibility of exploiting off-the-shelf GPS devices, in the contest of a composite multi-sensor localization, is currently being investigated within the framework of the ALARP project [9], where it is required to accurately localize workers in railway worksites. This paper presents the results of an experimental campaign aimed at determining if, and under which conditions, low-cost GPS devices can be used in such a scenario. The evaluation is performed comparing data from low-cost GPS devices to data collected using a highly accurate reference system. The analysis permits to assess the feasibility of two different, very popular, commercial GPS devices for the ALARP requirements on localization.", doi = "10.1016/j.measurement.2012.08.001", issn = "0263-2241", journal = "Measurement", keywords = "Localization errors, Experimental evaluation, GPS, Railway technology, Railway measurements", month = "January", number = "1", pages = "11", title = "{E}xperimental assessment of low-cost {GPS}-based localization in railway worksite-like scenarios", url = "http://www.sciencedirect.com/science/article/pii/S0263224112002965", volume = "46", year = "2013", } @article{6140566, author = "P. Ferrari and A. Flammini and Stefano Rinaldi and Bondavalli, Andrea and Brancati, Francesco", doi = "10.1109/TIM.2011.2180974", issn = "0018-9456", journal = "Instrumentation and Measurement, IEEE Transactions on", month = " May", number = "5", pages = "1512-1521", title = "{E}xperimental {C}haracterization of {U}ncertainty {S}ources in a {S}oftware-{O}nly {S}ynchronization {S}ystem", volume = "61", year = "2012", } @conference{QOSFD-dsn2005-176, author = "Falai, Lorenzo and Bondavalli, Andrea", address = "Yokohama", booktitle = "Proceedings of the International Conference on Dependable Systems and Networks (DSN 2005)", month = "june", title = "{E}xperimental evalutation of the {Q}o{S} of {F}ailure {D}etectors on {W}ide {A}rea {N}etwork", url = "http://doi.ieeecomputersociety.org/10.1109/DSN.2005.47", year = "2005", } @conference{SRDS2010-SRDS2010-248, author = "Bondavalli, Andrea and Brancati, Francesco and Ceccarelli, Andrea and Michele Vadursi", booktitle = "SRDS 2010", journal = "Reliable Distributed Systems, IEEE Symposium on", pages = "245-254", title = "{E}xperimental {V}alidation of a {S}ynchronization {U}ncertainty-{A}ware {S}oftware {C}lock", year = "2010", } @conference{AnDet2017SAC, author = "Zoppi, Tommaso and Ceccarelli, Andrea and Bondavalli, Andrea", abstract = "The loosely coupled integration of heterogeneous existing systems, together with the ongoing replacement of monolithic systems design with Off-The-Shelf (OTS) approaches, promotes a new architectural paradigm that is called System of Systems (SoS). In SoSs, independent and autonomous constituent systems (CSs) cooperate to achieve higher-level goals. Some inherent challenges are that boundaries of the SoS may be partially unknown and the components may be governed by different authorities, affecting the ability to observe the system as a whole. Further, novel challenges related to dependability and security are introduced, such as the detection of emerging and possibly unexpected behaviors resulting from the interconnection of previous disconnected CSs. In this paper we explore these challenges questioning if a novel mindset to error, malware or intrusion detection is needed when dealing with SoSs. With the support of a state of the art review, we first identify the design principles and the performance targets of a monitoring and anomaly detection framework. Then we discuss these principles at the light of SoS fundamentals. Ultimately, we propose an approach to design a monitoring and anomaly detection framework for SoSs aggregating i) monitoring approaches ii) SoS properties, and iii) anomaly detection techniques. ", booktitle = "Symposium on Applied Computing (SAC) - "Software Architecture: Theory, Technology, and Applications" track", editor = "Springer", keywords = "Systems-of-Systems; Anomaly Detection; Monitoring;", title = "{E}xploring {A}nomaly {D}etection in {S}ystems of {S}ystems", year = "2017", } @incollection{FB07-seft2007-194, author = "Falai, Lorenzo and Bondavalli, Andrea", booktitle = "SOFTWARE ENGINEERING AND FAULT TOLERANCE", editor = "Pelliccione, P.", publisher = "World Scientific Publishing Co. Pte. Ltd", title = "{E}xtending the {A}pplicability of the {N}eko {F}ramework for the {V}alidation and {V}erification of {D}istributed {A}lgorithms", year = "2007", } @conference{BS90-FTDCS-91, author = "Bondavalli, Andrea and L. Simoncini", address = "Cairo, Egypt", booktitle = "2nd. IEEE Workshop on Future Trends in Distributed Computing Systems", month = "September 30 - Octob", note = "also Esprit PDCS (Predictably Dependable Computing Systems) report 1st Year Deliverables, 1990", pages = "47--53", title = "{F}ailures {C}lassification with {R}espect to {D}etection", year = "1990", } @techreport{BCDGG96-GUARDSD1A2A06000A-43, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and F. Grandoni", institution = "CNUCE/CNR", month = "October", number = "C96-26 (al", title = "{F}ault {T}olerance {S}tructures {\&} {M}echanisms for the {GUARDS} {A}rchitecture", type = "Technical Report", year = "1996", } @conference{DGS91b-SRDS-171, author = "Di Giandomenico, Felicita and L. Strigini", address = "Pisa, Italy", booktitle = "10th Symposium on Reliable Distributed Systems", pages = "86--95", title = "{F}lexible {S}chemes for {A}pplication-{L}evel {F}ault-{T}olerance", year = "1991", } @techreport{RCL081215-RCL081215-219, author = "Daidone, Alessandro", institution = "University of Florence, Dip. Sistemi Informatica, RCL group", month = "December", number = "rcl080508", title = "{FOREVER} assessment: modelling details", url = "http://dcl.isti.cnr.it/Documentation/Papers/Techreports.html", year = "2008", } @conference{FORMSBonda08-FORMSFORMAT-225, author = "I. Majzik and Bondavalli, Andrea and S. Klapka and T.K. Madsen and D. Iovino", booktitle = "FORMS-FORMAT 2008", month = "October", title = "{FORMAL} {METHODS} {IN} {THE} {EVALUATION} {OF} {A} {SAFE} {DRIVER}-{MACHINE} {INTERFACE}", year = "2008", } @conference{BCFV2007-DSN2007-198, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Falai, Lorenzo and Michele Vadursi", booktitle = "DSN-2007 IEEE Int. Conference on Dependable Systems and Networks", month = "June 25--28", title = "{F}oundations of measurement theory applied to the evaluation of dependability attributes", year = "2007", } @incollection{bondavalli2012foundations, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Falai, Lorenzo and Michele Vadursi", booktitle = "Resilience Assessment and Evaluation of Computing Systems", pages = "205--211", publisher = "Springer", title = "{F}oundations of {M}etrology in the {O}bservation of {C}ritical {S}ystems", year = "2012", } @incollection{BBS93-PARLE-34, author = "C. Bernardeschi and Bondavalli, Andrea and L. Simoncini", address = "Munchen, Germany", booktitle = "PARLE 93 - LNCS 694", month = "June 14-18", pages = "740--743", publisher = "Springer Verlag", series = "Lecture Notes in Computer Science", title = "{F}rom {D}ata {F}low {N}etworks to {P}rocess {A}lgebras", volume = "694", year = "1993", } @conference{BS93-ISADS-94, author = "Bondavalli, Andrea and L. Simoncini", address = "Kawasaki, japan", booktitle = "IEEE Int. Symposium on Autonomous Decentralized Systems (ISADS '93)", month = "March 30 - April 1", pages = "108--114", title = "{F}unctional {P}aradigm for {D}esigning {D}ependable {L}arge-{S}cale {P}arallel {C}omputing {S}ystems", year = "1993", } @incollection{AMBERRoadmap, author = "Bondavalli, Andrea and Henrique Madeira and Lollini, Paolo", abstract = "This chapter provides a condensed description of a roadmap for research in technologies for assessment, measurement and benchmarking (AMB) of the resilience of information, computer and communication systems. The research roadmap is the result of the EU-funded AMBER Coordination Action, integrating the consortium experience in the field with the insights resulting from discussions and interviews with a variety of stakeholders about motivating scenarios, drivers and priorities. A set of motivating scenarios help understand the current needs and challenges in resilience assessment. These scenarios present viewpoints of industrial players, end users, system operators and regulators. The research roadmap then provides a detailed list of research needs and challenges grouped in three categories: (i) scientific and technological foundations, (ii) measurement and assessment, and (iii) benchmarking. The foundations make the case for two types of research advances, which we could label as ‘back to basics’ and ‘holistic’. The measurement and assessment category identifies a number of topics of acute interest and that are particularly challenging. Resilience benchmarking aims at providing generic, repeatable and widely accepted methods for characterising and quantifying the system (or component) behaviour in the presence of faults, and comparing the resilience of alternative solutions. In addition to the above research issues, we also identified the challenges we see in education as well as standardization.", booktitle = "Resilience Assessment and Evaluation of Computing Systems ", editor = " Katinka Wolter, Alberto Avritzer, Marco Vieira, Aad van Moorsel ", month = "November", pages = "415-439 ", publisher = "Springer", title = "{F}uture of {R}esilience {A}ssessment: {T}he {AMBER} {R}esearch {R}oadmap", year = "2012", } @conference{HASE2012local, author = "Joao Figueiras and Jesper Gr{\o}nb{\ae}k and Ceccarelli, Andrea and Schwefel, Hans-Peter", abstract = "Context-dependent decisions in safety-critical applications require careful consideration of accuracy and timeliness of the underlying context information. Relevant examples include location-dependent actions in mobile distributed systems. This paper considers localization functions for personalized warning systems for railway workers, where the safety aspects require timely and precise identification whether a worker is located in a dangerous (red) or safe (green) zone within the worksite. The paper proposes and analyzes a data fusion approach based on low-cost GPS receivers integrated on mobile devices, combined with electronic fences strategically placed in the adjacent boundaries between safe and unsafe geographic zones. An approach based on the combination of a Kalman Filter for GPS-based trajectory estimation and a Hidden Markov Model for inclusion of mobility constraints and fusion with information from the electronic fences is developed and analyzed. Different accuracy metrics are proposed and the benefit obtained from the fusion with electronic fences is quantitatively analyzed in the scenarios of a single mobile entity: By having fence information, the correct zone estimation can increase by 30%, while false alarms can be reduced one order of magnitude in the tested scenario.", booktitle = "High-Assurance Systems Engineering (HASE), 2012 IEEE 14th International Symposium on", keywords = "Mobile Positioning, Data Fusion, Kalman Filter, Hidden Markov Model, GPS, Electronic Fences", pages = "17--23", publisher = "IEEE Computer society", title = "{GPS} and {E}lectronic {F}ence {D}ata {F}usion for {P}ositioning within {R}ailway {W}orksite {S}cenarios", year = "2012", } @incollection{BoLoMo2010-249, author = "Bondavalli, Andrea and Lollini, Paolo and Montecchi, Leonardo", address = " Ashurst Lodge, Ashurst, Southampton, UK", booktitle = "Critical Infrastructure Security: Assessment, Prevention, Detection, Response", editor = "Francesco Flammini", isbn = "9781845645625", pages = "57-73", publisher = "WIT Press", title = "{G}raphical formalisms for modeling critical infrastructures", year = "2012", } @techreport{PABBCFJRW98-GUARDS-154, author = "D. Powell and J. Arlat and L. Beus-Dukic and Bondavalli, Andrea and P. Coppola and A. Fantechi and E. Jenn and C. Rab{\'e}jac and A. Wellings", number = "Report GUA", title = "{GUARDS}: a {G}eneric {U}pgradable {A}rchitecture for {R}eal-time {D}ependable {S}ystems", type = "GUARDS Project", year = "1998", } @article{PABBCFJRW99-TPDS-122, author = "D. Powell and J. Arlat and L. Beus-Dukic and Bondavalli, Andrea and P. Coppola and A. Fantechi and E. Jenn and C. Rab{\'e}jac and A. Wellings", journal = "IEEE Transactions on Parallel and Distributed Systems, Special Issue on Dependable Real-Time Systems", number = "6", pages = "580--599", title = "{GUARDS}: a {G}eneric {U}pgradable {A}rchitecture for {R}eal-time {D}ependable {S}ystems", volume = "10", year = "1999", } @article{ABHV06-TDSC06-207, author = "J. Arlat and Bondavalli, Andrea and B. R. Haverkort and P. Ver{\'i}ssimo", journal = "IEEE Trans. on Dependable and Secure Computing", number = "3", pages = "169--171", title = "{G}uest {E}ditorial for the {S}pecial {I}ssue on the 2005 {IEEE}/{IFIP} {C}onference on {D}ependable {S}ystems and {N}etworks, including the {D}ependable {C}omputing and {C}ommunications and {P}erformance and {D}ependability {S}ymposia", volume = "3", year = "2006", } @techreport{DGBX95-Esprit173-168, author = "Di Giandomenico, Felicita and Bondavalli, Andrea and J. Xu", month = "June", number = "173", title = "{H}ardware and {S}oftware {F}ault {T}olerance: {A}daptive {A}rchitectures in {D}istributed {C}omputing {E}nvironments", type = "Esprit BRA 6362 PDCS", year = "1995", } @techreport{DGBX95b-B415-167, author = "Di Giandomenico, Felicita and Bondavalli, Andrea and J. Xu", institution = "IEI CNR, Pisa, Italy", month = "April", number = "B4-15", title = "{H}ardware and {S}oftware {F}ault {T}olerance: {A}daptive {A}rchitectures in {D}istributed {C}omputing {E}nvironments", type = "Internal Report", year = "1995", } @conference{DGBXC97-ESREL-110, author = "Di Giandomenico, Felicita and Bondavalli, Andrea and J. Xu and Silvano Chiaradonna", address = "Lisbon, Portugal", booktitle = "Int. Conference on Safety and Reliability (ESREL'97)", month = "June 17-20", pages = "341--348", publisher = "Pergamon Press", title = "{H}ardware and {S}oftware {F}ault {T}olerance: {D}efinition and {E}valuation of {A}daptive {A}rchitectures in a {D}istributed {C}omputing {E}nvironment", year = "1997", } @conference{DDGBC06-SRDS2006-188, author = "Daidone, Alessandro and Di Giandomenico, Felicita and Bondavalli, Andrea and Silvano Chiaradonna", address = "Leeds, UK", booktitle = "25th IEEE Symposium on Reliable Distributed Systems (SRDS 2006)", month = "October", pages = "245--256", title = "{H}idden {M}arkov {M}odels as a {S}upport for {D}iagnosis: {F}ormalization of the {P}roblem and {S}ynthesis of the {S}olution", year = "2006", } @techreport{BM97-GUARDSI3A4AO6007a-162, author = "Bondavalli, Andrea and I. Mura", month = "November 19", number = "Report GUA", title = "{H}ierarchical {M}odelling and {E}valuation of {P}hased-{M}ission {S}ystems", type = "GUARDS Project - PDC", year = "1997", } @article{MB99-TR-116, author = "I. Mura and Bondavalli, Andrea", journal = "IEEE Transactions on Reliability", number = "4", pages = "360--368", title = "{H}ierarchical {M}odelling and {E}valuation of {P}hased-{M}ission {S}ystems", volume = "48", year = "1999", } @article{BNSM01-JCSSE-137, author = "Bondavalli, Andrea and M. Nelli and L. Simoncini and G. Mongardi", journal = "Journal of Computer Systems Science and Engineering, CRL Publishing", number = "4", pages = "249--261", title = "{H}ierarchical {M}odelling of {C}omplex {C}ontrol {S}ystems: {D}ependability {A}nalysis of a {R}ailway {I}nterlocking", volume = "16", year = "2001", } @techreport{NBS96b-C960-164, author = "M. Nelli and Bondavalli, Andrea and L. Simoncini", institution = "CNUCE-CNR, Pisa, Italy", number = "C96-09", title = "{H}ierarchical {M}odelling of {HW}/{SW} {C}ontrol {S}ystems: an {A}pplication to {D}ependability {A}nalysis of {R}ailway {I}nterlocking", type = "Internal Report", year = "1996", } @conference{BDCLP99-WORDS-59, author = "Bondavalli, Andrea and M. Dal Cin and D. Latella and Andr{\'a}s Pataricza", address = "Monterey, CA, USA", booktitle = "WORDS'99F Fifth Int. Workshop on Object-oriented Real-time Dependable Systems", month = "November 18-20", pages = "87--92", title = "{H}igh-level {I}ntegrated {D}esign {E}nvironment for {D}ependability ({HIDE})", year = "1999", } @conference{BM99-EWDC10-75, author = "Bondavalli, Andrea and I. Mura", address = "Vienna, Austria", booktitle = "10th European Workshop on Dependable Computing (EWDC-10)", pages = "91--95", title = "{H}igh-{L}evel {P}etri {N}et {M}odelling of {P}hased {M}ission {S}ystems", year = "1999", } @conference{MB01b-144, author = "I. Mura and Bondavalli, Andrea", booktitle = "Fast Abstract", title = "{I}mpact of outages on {GPRS} service availability", year = "2001", } @conference{RBCC02-SRDS2002-6, author = "Luigi Romano and Bondavalli, Andrea and Silvano Chiaradonna and D. Cotroneo", address = "Osaka University, Suita, Japan", booktitle = "21st IEEE Symposium on Reliable Distributed Systems (SRDS'02)", month = "October 13-16", pages = "296--303", title = "{I}mplementation of {T}hreshold-based {D}iagnostic {M}echanisms for {COTS}-based {A}pplications", year = "2002", } @phdthesis{Cotroneo2001, author = "D. Cotroneo", month = "November", note = "Supervisor(s): S. Russo, Co-Supervisor(s): A. Bondavalli", school = "Universit{\`a} degli Studi di Napoli Federico II. Dottorato di Ricerca in Ingegneria dell'Informazione (XIV ciclo)", title = "{I}mplementation {S}trategies for {D}eveloping {M}iddleware-{B}ased {D}istribuited {D}ependable {A}pplications", year = "2001", } @conference{DGS91-FTCSTDFT-170, author = "Di Giandomenico, Felicita and L. Strigini", address = "Nurnberg FRG", booktitle = "5th International Conference Fault-Tolerant Computing Systems Test, Diagnosis, Fault Treatment", pages = "42--53", title = "{I}mplementations and {E}xtensions of the {C}onversation {C}oncept", year = "1991", } @conference{NCA2010-NCA2010-245, author = "Jesper Gr{\o}nb{\ae}k and Schwefel, Hans-Peter and Ceccarelli, Andrea and Bondavalli, Andrea", booktitle = "Network Computing and Applications (NCA), 2010 9th IEEE International Symposium on", month = "July", pages = "229 -232", title = "{I}mproving {R}obustness of {N}etwork {F}ault {D}iagnosis to {U}ncertainty in {O}bservations", year = "2010", } @conference{5609784-ISPCS2010-256, author = "P. Ferrari and A. Flammini and Stefano Rinaldi and Bondavalli, Andrea and Brancati, Francesco", booktitle = "Precision Clock Synchronization for Measurement Control and Communication (ISPCS), 2010 International IEEE Symposium on", doi = "10.1109/ISPCS.2010.5609784", keywords = "IEEE1588 nodes;protocol;reliable and self aware clock;statistical instruments;synchronization quality;IEEE standards;clocks;instrumentation;protocols;quality of service;synchronisation;telecommunication network reliability;telecommunication standards;", month = "oct", pages = "36 -41", title = "{I}mproving robustness of the synchronization quality of {IEEE}1588 nodes", year = "2010", } @conference{srds2012, author = "Ceccarelli, Andrea and Bondavalli, Andrea and Brancati, Francesco and Ernesto La Mattina", abstract = "Session management in distributed Internet services is traditionally based on username and password, and explicit logouts and timeouts that expire due to idle activity of the user. Emerging biometric solutions allow substituting username and password with biometric data, but still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session. Additionally, the length of the timeout may impact on the usability of the service and consequent client satisfaction. This paper explores promising alternatives offered by biometrics for the management of sessions. A secure protocol is defined for perpetual authentication through continuous user verification. The protocol determines adaptive timeouts selected on the basis of the quality, frequency and type of biometric data acquired transparently from the user. Protocol behavior is shown through simulations.", booktitle = "Reliable Distributed Systems (SRDS), 2012 IEEE 31st Symposium on", pages = "201-206", title = "{I}mproving {S}ecurity of {I}nternet {S}ervices {T}hrough {C}ontinuous and {T}ransparent {U}ser {I}dentity {V}erification", year = "2012", } @article{ncbb14, author = "Nostro, Nicola and Ceccarelli, Andrea and Brancati, Francesco and Bondavalli, Andrea", abstract = "Security is a major challenge for today's companies, especially ICT ones which manage large scale cyber-critical systems. Amongst the multitude of attacks and threats to which a system is potentially exposed, there are insider attackers i.e., users with legitimate access which abuse or misuse of their power, thus leading to unexpected security violation (e.g., acquire and disseminate sensitive information). These attacks are very difficult to detect and mitigate due to the nature of the attackers, which often are company's employees motivated by socio-economical reasons, and to the fact that attackers operate within their granted restrictions. It is a consequence that insider attackers constitute an actual threat for ICT organizations. In this paper we present our methodology, together with the application of existing supporting libraries and tools from the state-of-the-art, for insider threats assessment and mitigation. The ultimate objective is to define the motivations and the target of an insider, investigate the likeliness and severity of potential violations, and finally identify appropriate countermeasures. The methodology also includes a maintenance phase during which the assessment can be updated to reflect system changes. As case study, we apply our methodology to the crisis management system Secure!, which includes different kinds of users and consequently is potentially exposed to a large set of insider threats.", doi = "10.1145/2694737.2694740", issn = "0163-5980", journal = "SIGOPS Operating Systems Review (OSR) journal", keywords = "security,insider threats,risk assessment,attack path", month = "July", number = "2", pages = "3--12", title = "{I}nsider {T}hreat {A}ssessment: a {M}odel-{B}ased {M}ethodology", url = "http://dl.acm.org/citation.cfm?id=2694740", volume = "48", year = "2014", } @techreport{BCCDGG95-C9542-40, author = "Bondavalli, Andrea and Silvano Chiaradonna and M. Cipollone and Di Giandomenico, Felicita and F. Grandoni", institution = "CNUCE/CNR", month = "December", number = "C95-42", title = "{I}ntegrated {E}rror {P}rocessing and {F}ault {D}iagnosis in {M}ultiprocessor {S}ystems", type = "Technical Report", year = "1995", } @conference{BFLS99b-IDPT-71, author = "Bondavalli, Andrea and A. Fantechi and D. Latella and L. Simoncini", address = "Kusadasi, Turkey", booktitle = "IDPT '99 4th, Int. Conference on Integrated Design and Process Technology", month = "June 27 - July 2", title = "{I}ntegrated {V}alidation of {D}ependable {S}ystems", year = "1999", } @conference{BCLS06-QEST06TOOLS-187, author = "Bondavalli, Andrea and Silvano Chiaradonna and Lollini, Paolo and Squittieri, Fabrizio", address = "University of California, Riverside, CA, USA", booktitle = "3rd IEEE International Conference on Quantitative Evaluation of SysTems (QEST 2006) - Tool Session", month = "September", pages = "139--140", title = "{I}ntegration of an {MPS} {M}odeling {A}pproach into {M}{\"o}bius", year = "2006", } @mastersthesis{BerniniMaster, author = "Riccardo Bernini", month = "April 17th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): P. Lollini", school = "Universit{\`a} degli Studi di Firenze. Corso di Laurea Magistrale in Scienze e Tecnologie dell'Informazione", title = "{I}ntegrazione di {F}ormalismi {S}tocastici per {L}'{A}nalisi e {L}'{O}ttimizzazione di {P}rocessi {I}ndustriali", year = "2015", } @techreport{BCM98-PDCCTN0003A-58, author = "Bondavalli, Andrea and Silvano Chiaradonna and I. Mura", institution = "PDCC-ENEA", month = "December 15", number = "PDCC-TN-00", title = "{I}ntegrazione di {T}ecniche di {F}ault-{F}orecasting", type = "Technical Note", year = "1998", } @techreport{BCDGG97b-GUARDSI1SA46006B-46, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and F. Grandoni", institution = "GUARDS Project - PDCC", month = "November 14", number = "I1-SA4/600", title = "{I}nter-channel {S}tate {R}estoration", type = "Activity Output, ESP", year = "1997", } @conference{ciis09-CRITIS08-218, author = "Silvano Chiaradonna and Di Giandomenico, Felicita and Lollini, Paolo", address = "Berlin Heidelberg", booktitle = "Critical Information Infrastructure Security", editor = "R. Setola and S. Geretshuber", pages = "60--71", publisher = "Springer Berlin / Heidelberg", series = "CRITIS 2008, LNCS 5508", title = "{I}nterdependency {A}nalysis in {E}lectric {P}ower {S}ystems", year = "2009", } @techreport{BCDGG97c-GUARDSD1A2A06005B-47, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and F. Grandoni", institution = "PDCC", month = "February", number = "D1A2/A0/60", title = "{I}ntra-{C}hannel {E}rror {P}rocessing {M}echanisms", type = "ESPRIT Project 20716", year = "1997", } @conference{HaseSoS, author = "Ceccarelli, Andrea and Mori, Marco and Lollini, Paolo and Bondavalli, Andrea", address = "Daytona Beach Shores, FL", booktitle = "High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on ", doi = "10.1109/HASE.2015.31", keywords = "SoS", month = "January 8-10", pages = "150-157", title = "{I}ntroducing {M}eta-{R}equirements for {D}escribing {S}ystem of {S}ystems", year = "2015", } @incollection{PAAABBCDFJ01-GUARDS2001-145, author = "D. Powell and A. Amendola and J. Arlat and B. Attermeyer and L. Beus-Dukic and Bondavalli, Andrea and P. Coppola and C. Dambra and A. Fantechi and E. Jenn and C. Rab{\'e}jac and V. Thevenot and A. Wellings", address = "Boston", booktitle = "A Generic Fault-Tolerant Architecture for Real-Time Dependable Systems", editor = "Powell, D.", note = "ISBN 0-7923-7295-6", pages = "2--26", publisher = "Kluwer Academic Publishers", title = "{I}ntroduction and {O}verview", year = "2001", } @misc{Menichetti 2007, author = "Menichetti, Alberto", howpublished = "Bachelor's thesis. Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", month = "April 27th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): A. Daidone", title = "{I}ntrusion {D}etection {S}ystems: tecniche per la rilevazione di intrusione su sistemi informatici", year = "2007", } @mastersthesis{Neri 2004, author = "Neri, Massimo", month = "July", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): A. Coccoli, P. Lollini", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{L}'error detection nelle architetture critiche per la sicurezza in ambito ferroviario", year = "2004", } @article{JSME2017RL, author = "Zoppi, Tommaso and Ceccarelli, Andrea and Francesco lo Piccolo and Lollini, Paolo and Gabriele Giunta and Vito Morreale and Bondavalli, Andrea", abstract = "Thanks to the large availability of portable devices and the growing interest in the Internet of Things, during crises, social networks or alerts sent through mobile devices or sensor net-works are available and can be matched each other to perform situational analysis. However, the inclusion of multiple heterogeneous sources in situational analysis leads to two main is-sues: i) a source could deliver (voluntarily or erroneously) wrong data damaging the integrity and the correctness of the analysis, and ii) a significant amount of heterogeneous data need to be processed. As a consequence, the crisis management operator faces a large amount of potentially unreliable data. In this paper we present a relevance labelling strategy to process information gathered from heterogeneous data streams to select the most relevant events. These are presented to the crisis management operator with the highest priority. Our strategy is evaluated using events collected by the Secure! crisis management system, considering three real crisis scenarios happened in Italy in 2015. Results show that our strategy is able to correctly identify sets of relevant events, supporting the activities of the crisis management operator.", journal = "Journal of Software: Evolution and Process", keywords = "Crisis Management System; Human Sensors; Heterogeneous Data; Data Filtering; Relevance Labelling; Twitter ", title = "{L}abelling {R}elevant {E}vents to {S}upport the {C}risis {M}anagement {O}perator", year = "2017", } @mastersthesis{Daidone 2005, author = "Daidone, Alessandro", month = "December 19th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): F. Di Giandomenico", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{L}e catene di {M}arkov nascoste come supporto alla formalizzazione del problema della diagnosi nei sistemi affidabili", year = "2005", } @article{BCGLS90-CNISDNS-57, author = "Bondavalli, Andrea and M. Conti and E. Gregori and L. Lenzini and L. Strigini", journal = "Computer Networks and ISDN Systems", month = "February", number = "2", pages = "97--113", title = "{MAC} {P}rotocols for {H}igh-{S}peed, {MAN}s: {P}erformance {C}omparisons for a {F}amily of {F}asnet-based {P}rotocols", volume = "18", year = "1990", } @techreport{MB99b-B41999009-150, author = "I. Mura and Bondavalli, Andrea", institution = "CNUCE-CNR", month = "August", number = "B4-1999-00", title = "{M}arkov {R}egenerative {S}tochastic {P}etri {N}ets to {M}odel and {E}valuate the {D}ependability of {P}hased {M}issions", type = "Technical Report", year = "1999", } @article{MB01-TC-143, author = "I. Mura and Bondavalli, Andrea", journal = "IEEE Transactions on Computers", number = "12", pages = "1337--1351", title = "{M}arkov {R}egenerative {S}tochastic {P}etri {N}ets to {M}odel and {E}valuate the {D}ependability of {P}hased {M}issions", volume = "50", year = "2001", } @article{rsaattim, author = "Bondavalli, Andrea and Brancati, Francesco and A. Flammini and Stefano Rinaldi", journal = "Instrumentation and Measurement, IEEE Transactions on", month = " January", number = "1", pages = "4-12", title = "{M}aster {F}ailure {D}etection {P}rotocol in {I}nternal {S}ynchronization {E}nvironment ", volume = "62", year = "2013", } @conference{MontecchiSORT13, author = "Montecchi, Leonardo and Ceccarelli, Andrea and Lollini, Paolo and Bondavalli, Andrea", abstract = "Highly distributed, autonomous and self-powered systems operating in harsh, outdoors environments face several threats in terms of dependability, timeliness and security, due to the challenging operating conditions determined by the environment. Despite such difficulties, there is an increasing demand to deploy these systems to support critical services, thus calling for severe timeliness, safety, and security requirements. Several challenges need to be faced and overcome. First the designed architecture must be able to cope with the environmental challenges and satisfy dependability, timeliness and security requirements. Second, the assessment of the system must be carried on despite potentially incomplete field-data, and complex cascading effects that small modifications in system properties and operating conditions may have on the targeted metrics. In this paper we present our experience from the EU- funded project ALARP (A railway automatic track warning system based on distributed personal mobile terminals), which aims to built and validate a distributed, real-time, safety-critical system that detects trains approaching a railway worksite and notifies their arrivals to railway trackside workers. The paper describes the challenges we faced, and the solutions adopted, when architecting and evaluating the ALARP system. ", address = "Paderborn, Germany", booktitle = "4th IEEE Workshop on Self-Organizing Real-Time Systems (SORT'13)", doi = "http://dx.doi.org/10.1109/ISORC.2013.6913237", month = "June 20th", note = "{springer}", publisher = "Springer", title = "{M}eeting the challenges in the design and evaluation of a trackside real-time safety-critical system", year = "2013", } @inbook{AQS2011Chapter3, author = "Bondavalli, Andrea and Montecchi, Leonardo", editor = "Andrea Bondavalli", publisher = "Esculapio", series = "L'Analisi Quantitativa dei Sistemi Critici", title = "{M}etodi {C}ombinatori", year = "2011", } @mastersthesis{ZoppiMaster, author = "Zoppi, Tommaso", month = "July 18th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): A. Ceccarelli", school = "Universit{\`a} degli Studi di Firenze. Corso di Laurea Magistrale in Scienze e Tecnologie dell'Informazione", title = "{M}etodologia, {A}mbiente di {T}est e {A}nalisi dei {D}ati per lo {S}tudio di {I}ndicatori {M}iddleware e di {S}istema {F}inalizzata alla {R}ilevazione di {A}nomalie", year = "2014", } @mastersthesis{Falai 2004, author = "Falai, Lorenzo", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): F. Di Giandomenico", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{M}etodologie e strumenti per la valutazione quantitativa sperimentale e simulativa di algoritmi distribuiti", year = "2004", } @conference{montecchi12, author = "Montecchi, Leonardo and Lollini, Paolo and Boris Malinowsky and Jesper Gr{\o}nb{\ae}k and Bondavalli, Andrea", address = "Paphos, Cyprus", booktitle = "Proceedings of the 15th ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems (MSWiM'12)", month = "21--25 October", note = "{acm}", title = "{M}odel-based {A}nalysis of a {P}rotocol for {R}eliable {C}ommunication in {R}ailway {W}orksites", year = "2012", } @phdthesis{nostro-phd-thesis, author = "Nostro, Nicola", keywords = "Model-based, dependability, security, performance, insider threats, electrical power systems, connector", month = "March 18th", note = "Supervisors: Prof. Andrea Bondavalli, Dr. Felicita Di Giandomenico", school = "Universit{\`a} degli Studi di Firenze. Dottorato in Informatica, Sistemi e Telecomunicazioni (XXVII ciclo)", title = "{M}odel-{B}ased {A}pproaches {T}o {D}ependability {A}nd {S}ecurity {A}ssessment in {C}ritical and {D}ynamic {S}ystems", year = "2015", } @conference{SAFECOMP_CGN12, author = "Silvano Chiaradonna and Di Giandomenico, Felicita and Nostro, Nicola", booktitle = "SAFECOMP Workshops", crossref = "DBLP:conf/safecomp/2012w", doi = "10.1007/978-3-642-33675-1_29", keywords = "Stochastic Modeling, Electric Power System, Infrastructures Dependencies, Blackout-size Assessment", pages = "328-339", title = "{M}odel-{B}ased {A}ssessment of {M}ulti-region {E}lectric {P}ower {S}ystems {S}howing {H}eterogeneous {C}haracteristics", url = "http://www.springerlink.com/content/l42h285347028872/", year = "2012", } @techreport{LBDGP04b-RCL040501-13, author = "Lollini, Paolo and Bondavalli, Andrea and Di Giandomenico, Felicita and Stefano Porcarelli", month = "May", title = "{M}odel-based congestion analysis during outage and system reconfiguration in {GPRS} networks", type = "Technical Report RCL", year = "2004", } @conference{DGCGM06-ISTMobilesummit06-186, author = "Di Giandomenico, Felicita and Silvano Chiaradonna and E. Galliano and I. Mura", address = "Myconos, Greece", booktitle = "15th IST Mobile {\&} Wireless Communication Summit", month = "June", title = "{M}odel-{B}ased {D}imensioning of {CAUTION}++", year = "2006", } @incollection{BCDG05-DCSBook05-184, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita", booktitle = "Dependable Computing Systems: Paradigms, Performance Issues, {\&} Applications", editor = "Diab, H. B. and Zomaya, A. Y.", publisher = "John Wiley {\&} Sons", title = "{M}odel-{B}ased {E}valuation as a {S}upport to the {D}esign of {D}ependable {S}ystems", year = "2005", } @conference{DGPVBL04-MV04-25, author = "Di Giandomenico, Felicita and Stefano Porcarelli and D. Viva and Bondavalli, Andrea and Lollini, Paolo", address = "Athens, Greece", booktitle = "Venue '04 (informal proceedings)", month = "May 27-28", title = "{M}odel-based {E}valuation for {D}ependability {A}ssessment of {CAUTION}++ {I}nstances", year = "2004", } @conference{PDGBL04-CF04-17, author = "Stefano Porcarelli and Di Giandomenico, Felicita and Bondavalli, Andrea and Lollini, Paolo", address = "Ischia, Italy", booktitle = "CF'04 Computing Frontiers", month = "April 14-16", pages = "51--59", title = "{M}odel-based {E}valuation of a {R}adio {R}esource {M}anagement {S}ystem for {W}ireless {N}etworks", year = "2004", } @article{Montecchi2015-PASM, author = "Montecchi, Leonardo and Nostro, Nicola and Ceccarelli, Andrea and Giuseppe Vella and Antonio Caruso and Bondavalli, Andrea", abstract = "Current ICT infrastructures are characterized by increasing requirements of reliability, security, performance, availability, adaptability. A relevant issue is represented by the scalability of the system with respect to the increasing number of users and applications, thus requiring a careful dimensioning of resources. Furthermore, new security issues to be faced arise from exposing applications and data to the Internet, thus requiring an attentive analysis of potential threats and the identification of stronger security mechanisms to be implemented, which may produce a negative impact on system performance and scalability properties. The paper presents a model-based evaluation of scalability and security tradeoffs of a multi-service web-based platform, by evaluating how the introduction of security mechanisms may lead to a degradation of performance properties. The evaluation focuses on the OPENNESS platform, a web-based platform providing different kind of services, to different categories of users. The evaluation aims at identifying the bottlenecks of the system, under different configurations, and assess the impact of security countermeasures which were identified by a thorough threat analysis activity previously carried out on the target system. The modeling activity has been carried out using the Stochastic Activity Networks (SANs) formalism, making full use of its characteristics of modularity and reusability. The analysis model is realized through the composition of a set of predefined template models, which facilitates the construction of the overall system model, and the evaluation of different configuration by composing them in different ways.", booktitle = "7th Workshop on Practical Applications of Stochastic Modeling (PASM'14)", doi = "10.1016/j.entcs.2014.12.015", issn = "1571-0661", journal = "Electronic Notes in Theoretical Computer Science", month = "January", number = "5", pages = "113-133", title = "{M}odel-based {E}valuation of {S}calability and {S}ecurity {T}radeoffs: a {C}ase {S}tudy on a {M}ulti-{S}ervice {P}latform", url = "http://www.sciencedirect.com/science/article/pii/S1571066114000991", volume = "310", year = "2015", } @article{FB04-CJ04-21, author = "R. Filippini and Bondavalli, Andrea", abstract = "This paper describes a way to manage the modeling and analysis of Scheduled Maintenance Systems (SMS) within an analytically tractable context. We chose a significant case study having a variety of interesting features like a heavily redundant architecture and a test and maintenance policy whose execution is made on-line without halting the system. We apply a methodology we previously developed based on the Deterministic Stochastic Petri Net (DSPN) approach where the underlying stochastic process is Markov regenerative (MRGP) solved in our setting with efficient analytical solution method. The model construction and its analysis have been carried out with the help of a tool for the modeling and the de pendability evaluation of the Phased Mission Systems (PMS). We exercise our methodology with such case study, to check whether it can master real and complex SMS problems and compare its efficacy with traditional approaches (fault trees). At the same time the paper investigates the problem of the optimal tuning of a maintenance program, giving a useful decision support tool to evaluate the system performance since the early design stage. ", doi = "10.1093/comjnl/47.6.634", journal = "The Computer Journal, BCS", number = "6", pages = "634-650", title = "{M}odeling and {A}nalysis of a {S}cheduled {M}aintenance {S}ystem: a {DSPN} {A}pproach", url = "http://comjnl.oxfordjournals.org/content/47/6/634", volume = "47", year = "2004", } @techreport{FB01-CNUCEB42001017-141, author = "R. Filippini and Bondavalli, Andrea", institution = "CNUCE-CNR", number = "CNUCE-B4-2", title = "{M}odeling and {A}nalysis of a {S}cheduled {M}aintenance {S}ystem: a {DSPN} {A}pproach", type = "Technical Report", year = "2001", } @conference{TPDGBS01-WORDS2001-148, author = "F. Tataranni and Stefano Porcarelli and Di Giandomenico, Felicita and Bondavalli, Andrea and L. Simoncini", address = "Rome, Italy", booktitle = "WORDS 2001 6th Int. Workshop on Object-oriented Real-time Dependable Systems", month = "January 2001", pages = "51--58", title = "{M}odeling and {A}nalysis of the {B}ehavior of {GPRS} {S}ystems", year = "2001", } @conference{PDS2011, author = "Silvano Chiaradonna and Di Giandomenico, Felicita and Nostro, Nicola", booktitle = "IEEE/IFIP 41st Int. Conf. on Dependable Systems and Networks (DSN 2011)", isbn = "978-1-4244-9231-2", month = "Jun", pages = "442--453", title = "{M}odeling and {A}nalysis of the {I}mpact of {F}ailures in {E}lectric {P}ower {S}ystems{O}rganized in {I}nterconnected {R}egions", year = "2011", } @techreport{TPDGB00-B42000028-149, author = "F. Tataranni and Stefano Porcarelli and Di Giandomenico, Felicita and Bondavalli, Andrea", institution = "CNUCE-CNR", month = "December", number = "B4-2000-02", title = "{M}odeling and {E}valuation of the {E}ffects of {O}utages on the {Q}uality of {S}ervice of {GPRS} {N}etwork {S}ystems", type = "Technical Report", year = "2000", } @article{TPDS2016, author = "Narasimha Raghavan Veeraragavan and Montecchi, Leonardo and Nostro, Nicola and Roman Vitenberg and Hein Meling and Bondavalli, Andrea", abstract = "With the advent of recent technological advances, more demanding tele-immersive applications have started to emerge. In the World Opera application, artists from different opera houses across the globe can participate in a single united performance, and interact almost as if they were co-located. One of the main design challenges in this application domain is to assess to what extent the inevitable failures of some of the numerous and complex hardware, software, and network components affect the quality of experience for the user. This challenge cannot be addressed by traditional system-centric methods for dependability evaluation, which do not take personalized user perspective into account when considering meaningful and acceptable degradation of services. In this paper, we propose a novel method to assess the quality of experience in presence of failures, based on a new metric called perceived reliability. The method takes the human perspective into account and allows considering factors such as human perception of video and audio, characteristics of the audience, as well as performance elements and artistic content. This method can help system designers and engineers compare architectural variants and determine the dependability budget. We show the feasibility of our method by applying it to a World Opera performance. To this end, we construct a SAN-based model and run simulations in the M ̈obius framework. The obtained results provide useful guidelines for system engineers towards improving the quality of experience of World Opera performances despite the presence of failures.", doi = "10.1109/TPDS.2015.2503291", issn = "1045-9219", journal = "IEEE Transactions on Parallel and Distributed Systems (IEEE TPDS)", keywords = "Reliability analysis, Quality of Experience, Tele- immersive Applications, World Opera", month = "September", note = "{ieee}", number = "9", pages = "2667-2681", title = "{M}odeling {Q}o{E} in {D}ependable {T}ele-immersive {A}pplications: {A} {C}ase {S}tudy of {W}orld {O}pera", url = "http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7336533", volume = "27", year = "2016", } @article{klbk08-IJPE08-217, author = "M. Kaaniche and Lollini, Paolo and Bondavalli, Andrea and K. Kanoun", journal = "International Journal of Performability Engineering", month = "April", number = "2", pages = "153--168", title = "{M}odeling the {R}esilience of {L}arge and {E}volving {S}ystems", volume = "4", year = "2008", } @mastersthesis{MasterNostro, author = "Nostro, Nicola", keywords = "Stochastic Modeling, Electric Power System, InfrastructuresDependencies, Blackout-size Assessment, CRUTIAL", month = "October 27th", note = "Supervisor(s): Silvano Chiaradonna, Co-Supervisor(s): Felicita Di Giandomenico", school = "Universit{\`a} degli Studi di Firenze. Corso di Laurea in Scienze e Tecnologie dell'Informazione", title = "{M}odellazione e {A}nalisi della {D}ependability in {S}istemi {E}lettrici {S}trutturati in {R}egioni {I}nterconnesse", year = "2010", } @misc{Marmugi 2007, author = "Marmugi, Alessio", howpublished = "Bachelor's thesis. Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", month = "February 9th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): L. Falai", title = "{M}odelli di {S}incronia per {S}istemi {D}istribuiti", year = "2007", } @techreport{MCB98-PDCCTN0001B-118, author = "I. Mura and Silvano Chiaradonna and Bondavalli, Andrea", institution = "PDCC-ENEA", month = "July", number = "PDCC-TN-00", title = "{M}odelli {T}eorici e {P}ratici per la {R}appresentazione del {P}rocesso di {G}uasto", type = "Technical Note", year = "1998", } @conference{BF01-DSN2001-135, author = "Bondavalli, Andrea and R. Filippini", address = "goteborg Sweden", booktitle = "DSN2001 IEEE Int. Conference on Dependable Systems and Networks (Fast Abstract Track)", title = "{M}odelling and analysis of a scheduled maintenance system: a {DSPN} approach", year = "2001", } @phdthesis{Mura1999, author = "I. Mura", month = "January", note = "Supervisor(s): L. Simoncini, Co-Supervisor(s): A. Bondavalli", school = "Universit{\`a} degli Studi di Pisa. Dottorato in Ingegneria Elettronica, Informatica e delle Telecomunicazioni (XI ciclo)", title = "{M}odelling and {E}valuation of {P}hased {M}ission {S}ystems", year = "1999", } @incollection{RAEPaper13, author = "Bondavalli, Andrea and Lollini, Paolo and I. Majzik and Montecchi, Leonardo", booktitle = "Resilience Assessment and Evaluation of Computing Systems", editor = "K. Wolter and A. Avritzer and M. Vieira and A. van Moorsel.", isbn = "978-3642290312", month = "July", publisher = "Springer", title = "{M}odelling and model-based assessment", year = "2012", } @techreport{BCDGS94-C9420-51, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and L. Strigini", institution = "CNUCE/CNR", month = "October", number = "C94-20", title = "{M}odelling {C}orrelation among {S}uccessive {I}nputs in {S}oftware {D}ependability {A}nalyses", type = "Technical Report", year = "1994", } @techreport{techRep07-RCL071202-204, author = "Silvano Chiaradonna and Lollini, Paolo and Di Giandomenico, Felicita", institution = "University of Florence, Dip. Sistemi Informatica, RCL group", month = "December", number = "RCL071202", title = "{M}odelling framework of an instance of the {E}lectric {P}ower {S}ystem: functional description and implementation", url = "http://dcl.isti.cnr.it/Documentation/Papers/Techreports.html", year = "2007", } @conference{BS88-FTDCS-89, author = "Bondavalli, Andrea and L. Simoncini", address = "Hong Kong", booktitle = "1st IEEE Workshop on Future Trends of Distributed Computing Systems", month = "September 14-16", pages = "252--261", title = "{M}odelling robust computations in a {D}ata-{F}low-{L}ike style", year = "1988", } @conference{BS87-FTDC-87, author = "Bondavalli, Andrea and L. Simoncini", address = "San Diego, California", booktitle = "Workshop on Fault Tolerance in Parallel and Distributed Computing (without Proceedings)", note = "also Workshop on Fault Tolerance in Parallel and Distributed Computing, San Diego, California, Dec. 7-8,1987 and EWDC-1 1st European Workshop on Dependable Computing, Toulouse, Francia, March 1988. (Workshps without Proceedings)", title = "{M}odelling robust computations in a {D}ata-{F}low-{L}ike style", year = "1987", } @article{BCDGLT97-RESS-50, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and La Torre, S.", journal = "Reliability Engineering and System Safety Journal (RESS), Elsevier", number = "3", pages = "189--202", title = "{M}odelling the {E}ffects of {I}nput {C}orrelation in {I}terative {S}oftware", volume = "57", year = "1997", } @mastersthesis{Culicchi 2004, author = "Culicchi, Elisa", month = "September", note = "A. Bondavalli, Co-Supervisor(s): F. Di Giandomenico, P. Lollini", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{M}odellizzazione ed analisi dell'infrastruttura {UMTS} e delle politiche di handover", year = "2004", } @mastersthesis{Petruzzi 2004, author = "Petruzzi, Gabriele", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): F. Di Giandomenico, P. Lollini", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{M}odellizzazione ed analisi della {Q}o{S} offerta da una cella {UMTS}", year = "2004", } @mastersthesis{Casciaro-Master, author = "Casciaro, Marco", month = "February 22th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): P. Lollini", school = "Universit{\`a} degli Studi di Firenze, Corso di Laurea Magistrale in Informatica", title = "{M}odellizzazione ed {A}nalisi di {S}ecurity in un {S}istema {A}utomatico di {P}rotezione {C}antiere", year = "2013", } @inbook{AQSbook, author = "Bondavalli, Andrea and Brancati, Francesco and Ceccarelli, Andrea", editor = "A. Bondavalli", pages = "201-232", publisher = "Esculapio", series = "L'Analisi Quantitativa dei Sistemi Critici", title = "{M}onitoring", year = "2011", } @conference{figueiras2013multi, author = "Joao Figueiras and Jesper Gr{\o}nb{\ae}k and Schwefel, Hans-Peter and Bondavalli, Andrea", booktitle = "Dependable Computing (LADC), 2013 Sixth Latin-American Symposium on", organization = "IEEE", pages = "31--39", title = "{M}ulti-hypothesis {GPS} and {E}lectronic {F}ence {D}ata {F}usion for {S}afety-{C}ritical {P}ositioning in {R}ailway {W}orksites", year = "2013", } @conference{DSNsf2015Zoppi, author = "Zoppi, Tommaso", abstract = "Revealing anomalies to support error detection in complex systems is a promising approach when traditional detection mechanisms (i.e., based on event logs, probes and heartbeats) are considered inadequate or not applicable: anomalies in data usually suggest significant, and also critical, actionable information in a wide variety of application domains. The detection capability of such complex system can be enhanced observing different layers and indicators to achieve richer information that describe the system status. The paper describes the context and the state of the art in association with the current research direction of the author with the aim to highlight the challenges and the future works that the student aims to perform in the next years. ", address = "Rio de Janeiro", booktitle = "In proceedings of Dependable Systems and Networks (DSN 2015) - Student Forum Session", keywords = "anomaly detection, error detection, monitoring, fault injection, SOA, Secure", month = "June", publisher = "IEEE", title = "{M}ulti-{L}ayer {A}nomaly {D}etection in {C}omplex {D}ynamic {C}ritical {S}ystems", url = "http://www.lbd.dcc.ufmg.br/colecoes/dsn/2015/022.pdf", year = "2015", } @conference{NekoStatQEST-QEST05-178, author = "Falai, Lorenzo and Bondavalli, Andrea and Di Giandomenico, Felicita", booktitle = "Proceedings of the 2nd International Conference on Quantitative Evaluation of Systems (QEST '05)", title = "{N}eko{S}tat extension for {N}eko: {Q}uantitative {E}valuation of {D}istributed {A}lgorithms", year = "2005", } @phdthesis{Falai_2008, author = "Falai, Lorenzo", month = "April 11th", note = "Supervisor(s): A. Bondavalli", school = "Universit{\`a} degli Studi di Firenze. Dottorato in Ingegneria Informatica e dell'Automazione (XX Ciclo)", title = "{O}bserving, {M}onitoring and {E}valuating {D}istributed {S}ystems", year = "2008", } @conference{CLDG07-DSN2007-196, author = "Silvano Chiaradonna and Lollini, Paolo and Di Giandomenico, Felicita", address = "Edinburgh, UK", booktitle = "IEEE/IFIP 37th Int. Conference on Dependable Systems and Networks (DSN 2007)", month = "June", pages = "185--195", title = "{O}n a {M}odeling {F}ramework for the {A}nalysis of {I}nterdependencies in {E}lectric {P}ower {S}ystems", year = "2007", } @techreport{C97-GUARDSI1SA4TN6008a-163, author = "A. Coccoli", month = "November 20", number = "Report GUA", title = "{O}n {A}pproaching {R}unning {S}tate {R}estoration {A}lgorithms in {A}da95", type = "GUARDS Project - PDC", year = "1997", } @conference{SERENE11, author = "P. Masci and Nostro, Nicola and Di Giandomenico, Felicita", booktitle = "Proc. Third International Workshop, SERENE 2011", pages = "78 - 92", publisher = "Sringer", series = "LNCS", title = "{O}n {E}nabling {D}ependability {A}ssurance in {H}eterogeneous {N}etworks through {A}utomated {M}odel-{B}ased {A}nalysis", volume = "6968", year = "2011", } @techreport{MB98c-HIDET12PDCC4v1-160, author = "I. Majzik and Bondavalli, Andrea", number = "Project Re", title = "{O}n high level dependability modeling in {HIDE}", type = "Technical note", year = "1998", } @phdthesis{Coccoli2002, author = "A. Coccoli", month = "February, 14th", note = "Supervisor(s): L. Simoncini, Co-Supervisor(s): A. Bondavalli", school = "Universit{\`a} degli Studi di Pisa. Dottorato in Ingegneria Elettronica, Informatica e delle Telecomunicazioni (XIV ciclo)", title = "{O}n {I}ntegrating {M}odelling and {E}xperiments in {D}ependability and {P}erformability {E}valuation of {D}istributed {A}pplications", year = "2002", } @techreport{CBS94c-PDCS2-106, author = "Silvano Chiaradonna and Bondavalli, Andrea and L. Strigini", institution = "ESPRIT BRA 6362 PDCS2", month = "September", title = "{O}n {P}erformability {M}odeling and {E}valuation of {S}oftware {F}ault {T}olerance {S}tructures", type = "2nd year deliverable", year = "1994", } @conference{CBS94b-EDCC-105, author = "Silvano Chiaradonna and Bondavalli, Andrea and L. Strigini", address = "Berlin, Germany", booktitle = "1st European Dependable Computing Conference (EDCC-1)", pages = "97--114", publisher = "Springer-Verlag", title = "{O}n {P}erformability {M}odeling and {E}valuation of {S}oftware {F}ault {T}olerance {S}tructures", year = "1994", } @incollection{SAFECOMPW-DEVVARTS1, author = "Nostro, Nicola and Ilaria Matteucci and Ceccarelli, Andrea and Di Giandomenico, Felicita and Fabio Martinelli and Bondavalli, Andrea", booktitle = "Computer Safety, Reliability, and Security - Workshop", editor = "Andrea Bondavalli, Andrea Ceccarelli, Frank Ortmeier", isbn = "978-3-319-10556-7", pages = "243-254", publisher = "Springer International Publishing", title = "{O}n {S}ecurity {C}ountermeasures {R}anking through {T}hreat {A}nalysis", year = "2014", } @conference{Eleuterio16, author = "Jane Eleuterio and Felipe Gaia and Bondavalli, Andrea and Lollini, Paolo and Genaina Rodrigues and Cecilia Rubira", address = "Limassol, Cyprus", booktitle = "Proc. of the 42nd Euromicro Conference series on > Software Engineering and Advanced Applications (SEAA 2016)", month = "Aug. 31 - Sept. 2", note = "To appear", title = "{O}n the {D}ependability for {D}ynamic {S}oftware {P}roduct {L}ines - {A} {C}omparative {S}ystematic {M}apping {S}tudy", year = "2016", } @techreport{RCL-071201-RCL071201-203, author = "Lollini, Paolo and Montecchi, Leonardo and Bondavalli, Andrea", institution = "Universita' degli Studi di Firenze, Dipartimento di Sistemi e Informatica", month = "12", number = "RCL-071201", title = "{O}n the evaluation of hidenets use-cases having phased behavior", year = "2007", } @conference{SoS, security, evolution, emergence, author = "Mori, Marco and Ceccarelli, Andrea and Zoppi, Tommaso and Bondavalli, Andrea", abstract = "Cyber security is becoming more and more relevant with the advent of System of Systems (SoSs). The latter are large scale systems made of independent and autonomous Constituent Systems which interoperate to achieve higher level goals also with the intervention of humans. Providing security in a cyber-physical SoS means, among other features, forecasting and anticipating evolving SoS functionalities and consequently detecting emerging phenomena resulting from the interactions among entailed Constituent Systems. This paper clarifies the relations occurring among SoS evolution, emergence phenomena and security requirements. We show how to enact an evolution step by means of changing SoS functionalities and how to perform the threat analysis consequently. An illustrative scenario in the Smart City domain shows how to dynamically generate security guarantees according to the evolving SoS thus supporting the enactment of mitigation strategies from SoS administrators.", address = "Kongsberg, Norway", booktitle = "7th International Conference on System of Systems Engineering (SoSE)", journal = "7th International Conference on System of Systems Engineering (SoSE)", keywords = "emergent properties; SoS security; SoS evolution; evolutionary threat analysis;", publisher = "IEEE", title = "{O}n the impact of emergent properties on {S}o{S} security", year = "2016", } @phdthesis{Lollini2005, author = "Lollini, Paolo", month = "December", note = "Supervisor(s): A. Bondavalli, F. Di Giandomenico", school = "Universit{\`a} degli Studi di Firenze. Dottorato in Informatica e Applicazioni (XVIII ciclo)", title = "{O}n the {M}odeling and {S}olution of {C}omplex {S}ystems: {F}rom {T}wo {D}omain-{S}pecific {C}ase-{S}tudies {T}owards the {D}efinition of a {M}ore {G}eneral {F}ramework", year = "2005", } @techreport{RCL061201-RCL061201-190, author = "Silvano Chiaradonna and Lollini, Paolo and Di Giandomenico, Felicita", month = "December", title = "{O}n the modeling of an instance of the electric power system", type = "Technical Report RCL", year = "2006", } @conference{CARS2013, author = "Bonfiglio, Valentina and Montecchi, Leonardo and Francesco Rossi and Bondavalli, Andrea", booktitle = "Proceedings of Workshop CARS (2nd Workshop on Critical Automotive applications: Robustness {\&} Safety) of the 32nd International Conference on Computer Safety, Reliability and Security", month = "September, 24-27", title = "{O}n the {N}eed of a {M}ethodological {A}pproach for the {A}ssessment of {S}oftware {A}rchitectures within {ISO}26262", url = "http://hal.archives-ouvertes.fr/hal-00848469/", year = "2013", } @article{ceccarelli2015trustworthy, author = "Ceccarelli, Andrea and Bondavalli, Andrea", journal = "International Journal of Critical Computer-Based Systems", number = "2", pages = "154--170", publisher = "Inderscience Publishers (IEL)", title = "{O}n trustworthy measurements when testing dependable systems: a discussion and experiences", volume = "6", year = "2015", } @inbook{BCDGNIS-13, author = "Bertolino, Antonia and Calabr{\`o}, Antonello and Di Giandomenico, Felicita and Nostro, Nicola and P. Inverardi and Spalazzese, Romina", abstract = "The development of next generation Future Internet systems must be capable to address complexity, heterogeneity, interdependency and, especially, evolution of loosely connected networked systems. The European project Connect addresses the challenging and ambitious topic of ensuring eternally functioning distributed and heterogeneous systems through on-the-fly synthesis of the Connectors through which they communicate. In this paper we focus on the Connect enablers that dynamically derive such connectors ensuring the required non-functional requirements via a framework to analyse and assess dependability and performance properties. We illustrate the adaptive approach under development integrating synthesis of Connectors, stochastic model-based analysis performed at design time and run-time monitoring. The proposed framework is illustrated on a case study.", doi = "10.1007/978-3-642-36177-7_2", editor = "Escalona, Maria Jos{\'e}; Cordeiro, Jos{\'e}; Shishkov, Boris", isbn = "978-3-642-36176-0", month = "May", pages = "20-37", publisher = "Springer Berlin Heidelberg", series = "Communications in Computer and Information Science", title = "{O}n-the-{F}ly {D}ependable {M}ediation between {H}eterogeneous {N}etworked {S}ystems", url = "http://link.springer.com/chapter/10.1007%2F978-3-642-36177-7_2#", volume = "303", year = "2013", } @article{SBS07-TDSC07-202, author = "Marco Serafini and Bondavalli, Andrea and N. Suri", journal = "IEEE Trans. on Dependable and Secure Computing", number = "4", pages = "295--312", title = "{O}nline {D}iagnosis and {R}ecovery: {O}n the {C}hoice and {I}mpact of {T}uning {P}arameters", volume = "4", year = "2007", } @techreport{gharib16arXiv, author = "Gharib, Mohamad and Paolo Giorgini and John Mylopoulos", abstract = "Abstract. Privacy has been frequently identified as a main concern for system developers while dealing with/managing personal information. Despite this, most existing work on privacy requirements deals with them as a special case of security requirements. Therefore, key aspects of privacy are, usually, overlooked. In this context, wrong design decisions might be made due to insufficient understanding of privacy concerns. In this paper, we address this problem with a systematic literature review whose main purpose is to identify the main concepts/relations for capturing privacy requirements. In addition, the identified concepts/relations are further analyzed to propose a novel privacy ontology to be used by software engineers when dealing with privacy requirements.", keywords = "Privacy Ontology, Privacy Requirements, Privacy by Design, Requirements Engineering", title = "{O}ntologies for {P}rivacy {R}equirements {E}ngineering: {A} {S}ystematic {L}iterature {R}eview", url = "https://arxiv.org/pdf/1611.10097v1.pdf", year = "2016", } @article{thibault, author = "Daidone, Alessandro and Thibault Renier and Bondavalli, Andrea and Schwefel, Hans-Peter", doi = "10.1504/IJCCBS.2013.056493", issn = "1757-8779", journal = "IJCCBS", number = "2", pages = "144 - 172", title = "{O}ptimal configuration of fault-tolerance parameters for distributed replicated server access", volume = "4", year = "2013", } @conference{PSBDG98-HASE-125, author = "M. Pizza and L. Strigini and Bondavalli, Andrea and Di Giandomenico, Felicita", address = "Bethesda, MD, USA", booktitle = "3rd IEEE High Assurance System Engineering Symposium", pages = "214--223", title = "{O}ptimal {D}iscrimination between {T}ransient and {P}ermanent {F}aults", year = "1998", } @techreport{PSBDG98c-CSRtn-159, author = "M. Pizza and L. Strigini and Bondavalli, Andrea and Di Giandomenico, Felicita", title = "{O}ptimal {D}iscrimination between {T}ransient and {P}ermanent {F}aults - {M}athematical {D}etails", type = "CSR Technical report", year = "1998", } @conference{BG88-ZSDC-72, author = "Bondavalli, Andrea and E. Gregori", address = "Zurich, Switzerland", booktitle = "2nd IEEE Int. Zurich Seminar on Digital Communications", month = "March 8-10", pages = "261--266", title = "{OSIRIDE} and {T}ransactions", year = "1988", } @conference{BMNSTZ91c-AICA-82, author = "Bondavalli, Andrea and M. Mannocci and L. Nardone and L. Simoncini and F. Tarini and P. Zini", address = "Siena, Italy", booktitle = "30th Congresso annuale A.I.C.A.", pages = "1025--1028", title = "{PACS}: {P}erformability-{A}chieving {C}omputing {S}ystems", year = "1991", } @conference{BMNSTZ91b-EWDC-81, author = "Bondavalli, Andrea and M. Mannocci and L. Nardone and L. Simoncini and F. Tarini and P. Zini", address = "Munich, Germany", booktitle = "EWDC-3 European Workshop on Dependable Computing", month = "April 3-5", title = "{PACS}: {P}erformability-{A}chieving {C}omputing {S}ystems", year = "1991", } @conference{CUBS02-IPDS02-9, author = "A. Coccoli and P. Urban and Bondavalli, Andrea and A. Schiper", address = "Washington DC, USA", booktitle = "IEEE DSN - International Conference on Dependable Systems and Networks (IPDS Track)", pages = "551--560", publisher = "IEEE Computer Society Press", title = "{P}erformance {A}nalysis of a {C}onsensus {A}lgorithm {C}ombining {S}tochastic {A}ctivity {N}etworks and {M}easurements", year = "2002", } @conference{BBDGT96-WRTS-33, author = "P. Bizzarri and Bondavalli, Andrea and Di Giandomenico, Felicita and F. Tarini", address = "L'Aquila, Italy", booktitle = "8th IEEE Euromicro Workshop on Real-Time Systems", month = "June 12-14", pages = "169--174", title = "{P}lanning the {E}xecution of {T}ask {G}roups in {R}eal-{T}ime {S}ystems", year = "1996", } @conference{5623408-SRDS2011-257, author = "Brancati, Francesco and Bondavalli, Andrea", booktitle = "Reliable Distributed Systems, 2010 29th IEEE Symposium on", doi = "10.1109/SRDS.2010.46", issn = "1060-9857", month = "nov", pages = "328 -332", title = "{P}ractical {A}spects in {A}nalyzing and {S}haring the {R}esults of {E}xperimental {E}valuation", year = "2010", } @conference{hase2016secure, author = "Zoppi, Tommaso and Ceccarelli, Andrea and Bondavalli, Andrea and Lollini, Paolo and Francesco Lo Piccolo and Gabriele Giunta and Vito Morreale", abstract = "The large availability of smart portable devices and the growing interest in developing Internet of Things (IoT) oriented software components make several heterogeneous data available for analysis purposes. In the context of Crisis Management Systems, this means that people owning mobile devices when involved in natural disasters or terroristic attacks may be considered information sources as the classical ones, e.g., sensors or surveillance cameras. Including the information from the citizens in the situational analysis processes comes with two main issues that need to be addressed: i) the source could deliver wrong data (voluntarily or by mistake) that damage the integrity and the correctness of the analysis, and ii) a significant amount of heterogeneous data need to be selected, filtered and aggregated, to provide to the operator a real-time snapshot of the situation depicted using only credible and relevant information. In this paper, we define and implement a relevance labeling strategy able to process information coming from heterogeneous sources aimed at crisis situations and to provide to the human operator all the details he needs. We include provisions for detecting and removing redundancies and misleading data that can slow down or compromise the process and the a-posteriori analysis. The filtering strategy is last applied to events collected for the Secure! crisis management service-based system, showing its application to three scenarios related to real crisis situations happened in the last year.", booktitle = " IEEE 17th International Symposium on High Assurance Systems Engineering (HASE)", doi = "10.1109/HASE.2016.31", issn = "1530-2059", keywords = "crisis management system; human sensors; data filtering; relevance labeling", pages = "228-235", publisher = "IEEE", title = "{P}resenting the {P}roper {D}ata to the {C}risis {M}anagement {O}perator: {A} {R}elevance {L}abelling {S}trategy", url = "http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7423156{\&}filter%3DAND%28p_IS_Number%3A7423114%29%26pageNumber%3D2", volume = "2016 IEEE 17th International S", year = "2016", } @article{Basso17, author = "Tania Basso and Montecchi, Leonardo and Regina Moraes and Mario Jino and Bondavalli, Andrea", abstract = "Nowadays, personal information is collected, stored, and managed through web applications and services. Companies are interested in keeping such information private due to regulation laws and privacy concerns of customers. Also, the reputation of a company can be dependent on privacy protection, i.e., the more a company protects the privacy of its customers the more credibility it gets. This paper proposes an integrated approach which relies on models and design tools to help the analysis, design and development of web applications and services with privacy concerns. Using the approach, these applications can be developed consistently with their privacy policies in order to enforce them, protecting personal information from different sources of privacy violation. The approach is composed of a conceptual model, a reference architecture, and a UML Profile, i.e., an extension of the UML for including privacy protection. The idea is to systematize the privacy concepts in the scope of web applications and services, organizing the privacy domain knowledge and providing features and functionalities that must be addressed to protect the privacy of the users in the design and development of web applications. Validation has been performed by analyzing the ability of the approach to model privacy policies from real web applications, and by applying it to a simple application example of an online bookstore. Results show that privacy protection can be implemented in a model-based approach, bringing values for the stakeholders and being an important contribution towards improving the process of designing web applications in the privacy domain. ", doi = "10.1002/spe.2546", note = "To appear", title = "{P}riv{APP}: {A}n {I}ntegrated {A}pproach for the {D}esign of {P}rivacy-{A}ware {A}pplications", url = "http://onlinelibrary.wiley.com/doi/10.1002/spe.2546/full", year = "2017", } @mastersthesis{tesibrancati, author = "Brancati, Francesco", abstract = "Il tempo {\`e} un elemento critico che permette di associare ad un evento in un nodo di una rete un altro evento corrispondente ad un altro nodo. Se pensiamo al tempo come un sistema di riferimento, possiamo vedere gli errori di sincronizzazione come trasformazioni che cambiano il sistema di riferimento da un nodo ad un altro. In generale qualsiasi applicazione che fa uso di comunicazioni realtime, deve garantire la consistenza delle informazioni ricevute attraverso un massiccio uso di timestamps. Ovviamente, come non {\`e} possibile paragonare due grandezze fisiche misurate in sistemi di riferimento differenti, non {\`e} possibile paragonare due timestamps misurati da due orologi non sincronizzati. Un errore si trasforma in fallimento quando non viene rilevato dal sistema; per ridurre il rischio di fallimenti, dotiamo ogni misura temporale di un ulteriore valore: la qualit{\`a} della sincronizzazione dell’orologio su cui viene effettuata. Queste considerazioni ci spingono a considerare il clock come un vero e proprio strumento di misura, e come tale, caratterizzato da un’incertezza, che deve essere inclusa come parte del risultato della misura (i.e., deve essere stimata ogni volta che si legge il tempo dal clock locale). Una stima adattiva e autocorrettiva dell’incertezza della propria visione del tempo da parte di un’applicazione, porta sicuramente ad un effettivo miglioramento delle funzionalit{\`a} offerte, oltre ad aumentare la safety nei sistemi critici. In questa tesi {\`e} descritta una modellizzazione del comportamento di un oscillatore atomico e di un oscillatore al quarzo, definendo un procedimento per il calcolo dell’incertezza dei valori temporali forniti da orologi di questo tipo. {\`E} anche fornita un’implementazione prototipale che mostra la possibilit{\`a} di calcolare questa incertezza di sincronizzazione su sistemi embedded particolarmente poveri di risorse.", month = "July 14th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): L. Falai", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{P}rogettazione di uno strumento di misura del tempo capace di autovalutarsi ed autocalibrarsi", year = "2008", } @mastersthesis{Ceccarelli 2008, author = "Ceccarelli, Andrea", month = "October 24th", note = "Supervisor(s): A. Bondavalli", school = "University of Firenze. Corso di Laurea Specialistica in Scienze e Teconologie dell'Informazione", title = "{P}rogettazione e validazione di un’architettura safety-critical per sistemi di controllo ferroviar", year = "2008", } @mastersthesis{De Giudici 2003, author = "De Giudici, Enrico", month = "June 26th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): S. Porcarelli", school = "Universit{\`a} degli Studi di Pisa, Corso di Laurea in Scienze dell'Informazione", title = "{P}rogettazione ed analisi di un meccanismo per garantire la sicurezza in applicazioni ferroviarie", year = "2003", } @misc{Gogaj 2009, author = "Florjan Gogaj", howpublished = "Bachelor's thesis. Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", month = "December 21th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): F. Brancati, A. Ceccarelli", title = "{P}rogettazione ed implementazione di un algoritmo per il calcolo dell'incertezza di sincronizzazione e sua integrazione in un prototipo di {R}{\&}{SACLOCK}", year = "2009", } @misc{BuracchiBachelor, author = "Marco Buracchi", note = "Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica. October, 9th 2015. Supervisor(s): A. Bondavalli, Co-Supervisor(s): A. Ceccarelli", title = "{P}rogettazione ed {I}mplementazione di un {M}aster {C}lock {S}icuro ed {A}ffidabile per {C}yberphysical {S}ystems of {S}ystems", year = "2015", } @mastersthesis{Moretto 2004, author = "Moretto, Marco", month = "December 15th", note = "Supervisor(s): L. Simoncini, L. Lopriore, F. Di Giandomenico, A. Bondavalli", school = "Universit{\`a} degli Studi di Pisa, Corso di Laurea in Ingegneria Informatica", title = "{P}rogettazione, realizzazione ed utilizzo di un generatore di simulatori per sistemi a fasi multiple", year = "2004", } @conference{PBM97-Didamatica-124, author = "A. Parigi and Bondavalli, Andrea and E. Martinelli", address = "Siena, Italy", booktitle = "Didamatica'97", month = "8-10 Maggio", pages = "371--374", title = "{P}rogetto e {R}ealizzazione di un {S}erver {I}nternet come {A}usilio alla {O}rganizzazione della {D}idattica", year = "1997", } @conference{BGL89-ITC-74, author = "Bondavalli, Andrea and E. Gregori and L. Lenzini", address = "Sarajevo, Yugoslavia", booktitle = "13th. Information Technologies Conference SARAJEVO JAHORINA 1989''", month = "March 20-24", pages = "112--1--112--9", title = "{P}roposals for improving the {FASNET} {P}erformances", year = "1989", } @conference{DSNsf2016Schiavone, author = "Schiavone, Enrico", abstract = "Secure user authentication is a crucial service for many systems and applications, especially when the data stored and the functionalities offered are highly confidential or critical. In those situations, traditional, single-occurrence, authentication mechanisms can be inadequate to face intrusions: no checks are performed after login, and even if they were repeated, frequently asking for passwords or secrets would reduce system usability. Biometric continuous authentication, instead, is emerging as viable alternative that can guarantee reliable and transparent verification for the whole session: the traits can be repeatedly acquired without the user active participation. In addition, another security service that it can offer is non-repudiation, thus providing irrefutable evidence of system usage, hard -or better, impossible- to deny. The paper focuses on biometric continuous authentication and non-repudiation, and it presents a preliminary solution based on a specific case study. This article constitutes the current research direction of the author and describes challenges and the future works that the student aims to perform in the next years.", address = "Toulouse, France", booktitle = "Student Forum of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2016", keywords = "authenticity; non-repudiation; continuous authentication; biometrics; security;", month = "June", title = "{P}roviding {C}ontinuous {A}uthentication and {N}on-{R}epudiation {S}ecurity {S}ervices", year = "2016", } @incollection{bondavalli2013providing, author = "Bondavalli, Andrea and Brancati, Francesco and Ceccarelli, Andrea and Falai, Lorenzo", abstract = "Executing critical services through small, portable devices in harsh environment with uncontrolled system boundaries requires resilient and self-adaptive services and networks, which are able to track the current status of the system, to estimate its uncertainties and to react accordingly. Achieving the required dependability, timeliness and security levels is an architectural challenge due to the intrinsic asynchrony of the system and the complexity of its fault model. In this paper we present the design of a resilient middleware and architecture for real-time, safety-critical and distributed mobile devices which operates in an uncertain environment. Such mobile devices, called Mobile Terminals (MTs), are developed as part of the ALARP (A railway automatic track warning system based on distributed personal mobile terminals) project which aims to design and develop a safety-critical Automatic Track Warning System (ATWS) for railway trackside workers. The MTs are wearable devices which operate in a railway worksite, to execute the real-time and safety critical service of notifying to the railway worker a train approaching the worksite or the occurrence of hazardous situation (e.g., workers missing or not responding).", booktitle = "Self-Organization in Embedded Real-Time Systems", doi = " 10.1007/978-1-4614-1969-3_2", isbn = " 978-1-4614-1968-6", pages = "25--53", publisher = "Springer New York", title = "{P}roviding {S}afety-{C}ritical and {R}eal-{T}ime {S}ervices for {M}obile {D}evices in {U}ncertain {E}nvironment", url = "http://link.springer.com/chapter/10.1007%2F978-1-4614-1969-3_2", year = "2013", } @conference{CSN2005-CSN2005-183, author = "Lollini, Paolo and Bondavalli, Andrea and Di Giandomenico, Felicita", booktitle = "CSN-2005 The Fourth IASTED International Conference on Communication Systems and Networks", month = "September 12-14", title = "{Q}o{S} {A}nalysis of a {UMTS} cell with different {S}ervice {C}lasses", year = "2005", } @incollection{BCDG02-CDC02-10, author = "Bondavalli, Andrea and A. Coccoli and Di Giandomenico, Felicita", booktitle = "Concurrency in Dependable Computing", editor = "Ezhilchelvan, P. and Romanovsky, A.", pages = "169--188", publisher = "Kluwer Academic Publishers", title = "{Q}o{S} {A}nalysis of {G}roup {C}ommunication {P}rotocols in {W}ireless {E}nvironment", year = "2002", } @techreport{RCL050601-RCL050601-179, author = "Lollini, Paolo and Bondavalli, Andrea and Di Giandomenico, Felicita", month = "June", title = "{Q}o{S} evaluation in a {UMTS} cell", type = "Technical Report RCL", year = "2005", } @article{JoSseus-JoS-240, author = "Bondavalli, Andrea and Lollini, Paolo and Montecchi, Leonardo", doi = "10.4304/jsw.4.7.675-685", journal = "Journal of Software", month = "September", number = "7", pages = "675--685", title = "{Q}o{S} {P}erceived by {U}sers of {U}biquitous {UMTS}: {C}ompositional {M}odels and {T}horough {A}nalysis", volume = "4", year = "2009", } @conference{issre-wosocer2, author = "Ceccarelli, Andrea and Nuno Silva", booktitle = "ISSRE-WoSoCer", month = "November", title = "{Q}ualitative comparison of aerospace standards: an objective approach", year = "2013", } @conference{BFDCDGLDG09-CRIS2009BFDCDGLDG09-233, author = "M. Beccuti and G. Franceschinis and S. Donatelli and Silvano Chiaradonna and Di Giandomenico, Felicita and Lollini, Paolo and G. Dondossola and F. Garrone", address = "Linkoping, Sweden", booktitle = "4th International Conference on Critical Infrastructures (CRIS 2009)", publisher = "IEEE Computer Society Press", title = "{Q}uantification of {D}ependencies in {E}lectrical and {I}nformation {I}nfrastructures: the {CRUTIAL} approach", year = "2009", } @conference{Montecchi15Radiance, author = "Montecchi, Leonardo and Lollini, Paolo and Bondavalli, Andrea", abstract = "For several years, the vulnerability of Critical Infrastructures (CIs) to cyber-threats has been limited, since they were mostly isolated systems, using proprietary protocols. Nowadays, CIs are increasingly threatened by external attacks: the use of off-the-shelf components is common, they have become interconnected, and sometimes also connected to the Internet. This problem is exacerbated by the recent trend towards the adoption of wireless connectivity and mobile devices, which is gaining interest also in this domain. One of the main challenges is to quantify the impact that external attacks may have on the infrastructure, and ensure that its dependability and safety equirements can still be fulfilled. In this paper we focus on the ALARP system, which protects workers on the railway infrastructure using distributed mobile terminals, and evaluate the impact of two attacks to the communication infrastructure. In performing such analysis, we experiment with a new method, which combines a stochastic model of the system with a model of the attacker, and quantifies the impact of specific attacks on precise safety and availability metrics.", booktitle = "International Workshop on Recent Advances in the DependabIlity AssessmeNt of Complex systEms (RADIANCE'15)", month = "June, 22th", note = "{ieee}", pages = "33-38", publisher = "IEEE", title = "{Q}uantifying the {I}mpact of {E}xternal {A}ttacks on a {D}istributed {A}utomatic {T}rack {W}arning {S}ystem", year = "2015", } @conference{NekoStatLADC-LADC2005-177, author = "Falai, Lorenzo and Bondavalli, Andrea and Di Giandomenico, Felicita", booktitle = "LADC", title = "{Q}uantitative evaluation of distributed algorithms using the {N}eko framework: the {N}eko{S}tat extension", year = "2005", } @techreport{Nekostat2004-175, author = "Falai, Lorenzo and Bondavalli, Andrea and Di Giandomenico, Felicita", institution = "University of Firenze, Dip. Sistemi e Informatica", month = "Nov", title = "{Q}uantitative {E}valuation using {N}eko tool: {N}eko{S}tat {E}xtensions", type = "Technical Report", year = "2004", } @conference{Montecchi12-DESEC4LCCI, author = "Montecchi, Leonardo and Lollini, Paolo and Bondavalli, Andrea and Ernesto La Mattina", booktitle = "SAFECOMP 2012 Workshop Proceedings", month = "September 24-28", note = "{springer}", title = "{Q}uantitative {S}ecurity {E}valuation of a {M}ulti-{B}iometric {A}uthentication {S}ystem", year = "2012", } @conference{LADC2011-LADC2011-252, author = "Ceccarelli, Andrea and Lorenzo Vinerbi and Falai, Lorenzo and Bondavalli, Andrea", booktitle = "IEEE LADC 2011", note = "In Press", title = "{RACME}: a framework to support {V}{\&}{V} and certification", year = "2011", } @incollection{BCDGS95d-PDCS-55, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and L. Strigini", booktitle = "Predictably Dependable Computing Systems", editor = "Randell, B. and Laprie, J.C. and Kopetz, H. and Littlewood, B.", pages = "141--154", publisher = "Springer-Verlag", title = "{R}ational {D}esign of {M}ultiple-{R}edundant {S}ystems: {A}djudication and {F}ault {T}reatment", year = "1995", } @conference{ABCMS96-Euromicro-26, author = "B. Antal and Bondavalli, Andrea and Gy. Csert{\'a}n and I. Majzik and L. Simoncini", address = "Prague, Czech Republic, September 2-5, 1996", booktitle = "Euromicro 96, 22nd IEEE Euromicro Conference", note = "ISBN 0-8186-7487-3", pages = "193--200", title = "{R}eachability and {T}iming {A}nalysis in {D}ata {F}low {N}etworks: a {C}ase {S}tudy", year = "1996", } @techreport{MDGB96-B407029-165, author = "I. Mura and Di Giandomenico, Felicita and Bondavalli, Andrea", institution = "IEI-CNR, Pisa, Italy", number = "B4-07-02-9", title = "{R}eal-{T}ime {M}ultiprocessor {S}ystems: {P}erformability {E}valuation", type = "Internal Report", year = "1996", } @misc{Squittieri 2006, author = "Squittieri, Fabrizio", howpublished = "Bachelor's thesis. Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", month = "April 28th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): P. Lollini, S. Chiaradonna", title = "{R}ealizzazione di un'estensione per la modellazione di sistemi multiple phased con il tool {M}obius", year = "2006", } @mastersthesis{Niobiti 2003, author = "Niobiti, Monica", month = "July 7th", note = "Supervisor(s): A. Bondavalli, S. Chiaradonna, F. Di Giandomenico", school = "Universit{\`a} degli Studi di Pisa. Corso di Laurea in Scienze dell'Informazione", title = "{R}ealizzazione in {J}ava di una interfaccia grafica per un tool di valutazione di sistemi {MPS}", year = "2003", } @techreport{uav-report-2012, author = "Rossi, Magali Andreia and Jorge Rady de Almeida Junior and Bondavalli, Andrea and Lollini, Paolo", institution = "University of S{\~a}o Paulo and University of Florence", month = "September", number = "RCL120901", title = "{R}eliability {E}valuation of {UAV} {C}ommunication in non-controlled {A}irspace", year = "2012", } @techreport{techRepRSAClock-techRepRSAClock-208, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Falai, Lorenzo", institution = "University of Florence, Dip. Sistemi Informatica, RCL group", month = "May", number = "rcl080508", title = "{R}eliable and {S}elf-{A}ware {C}lock: complete description", url = "http://dcl.isti.cnr.it/Documentation/Papers/Techreports.html", year = "2008", } @article{ijccbs_cecca_1, author = "Bondavalli, Andrea and Brancati, Francesco and Ceccarelli, Andrea and Falai, Lorenzo and Michele Vadursi", doi = "10.1504/IJCCBS.2013.059038", issn = "1757-8779", journal = "IJCCBS ", month = "October", number = "4", pages = "301 - 322", title = "{R}esilient {E}stimation of {S}ynchronisation {U}ncertainty through {S}oftware {C}locks", volume = "4", year = "2013", } @inbook{AQS2011Chapt2, author = "Lollini, Paolo and Ceccarelli, Andrea and Michele Vadursi", editor = "A. Bondavalli", pages = "13-55", publisher = "Esculapio", series = "L'Analisi Quantitativa dei Sistemi Critici", title = "{R}ichiami di probabilit{\`a} e metrologia", year = "2011", } @conference{ITASEC17, author = "Schiavone, Enrico and Ceccarelli, Andrea and Bondavalli, Andrea", abstract = "Distributed internet services involve multiple heterogeneous applications that communicate with each other. Guaranteeing their security is in general both mandatory and complex. Amongst the many security requirements that have to be guaranteed, secure user authentication is one of the most fundamental. Authentication is traditionally executed only at login phase, based on username and password. However, a single authentication point may not always guarantee a sufficient degree of security, especially in the context of critical systems. In a previous work we proposed a continuous authentication protocol that applies multiple biometric traits to continuously compute its trust in the user. This paper analyzes the security provided by such solution through a qualitative risk assessment, focusing on both threats related to transmission and specific of the biometric system level. Applying a NIST-compliant threat analysis, we identify the main threats and we assess their impact. Finally, we define the required countermeasures which allow us improving security of our authentication solution.", address = "Venice, Italy", booktitle = "Proceedings of the First Italian Conference on Cybersecurity (ITASEC17)", keywords = "risk assessment,authentication,biometrics,security", month = "January", pages = "53-65", publisher = "CEUR Workshop Proceedings", title = "{R}isk {A}ssessment of a {B}iometric {C}ontinuous {A}uthentication {P}rotocol for {I}nternet {S}ervices", url = "http://ceur-ws.org/Vol-1816/paper-06.pdf", volume = "1816", year = "2017", } @conference{radb2008lfab-radb2008lfab-227, author = "Bondavalli, Andrea and Falai, Lorenzo", booktitle = "Workshop on Resilience Assessment and Dependability Benchmarking (RADB08). DSN 2008-The 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.", month = "June", title = "{RODS}: {G}eneral {F}ramework for {R}igorous {O}bservation of {D}istributed {S}ystems", year = "2008", } @conference{ISPCS09-ISPCS-238, author = "Bondavalli, Andrea and Brancati, Francesco and Ceccarelli, Andrea", booktitle = "Proc. of Int. IEEE Symp. on Precision Clock Synch. for Measur., Contr. and Comm., ISPCS 2009", pages = "47--52", title = "{S}afe {E}stimation of {T}ime {U}ncertainty of {L}ocal {C}locks", year = "2009", } @conference{Montecchi17, author = "Montecchi, Leonardo and Barbara Gallina", abstract = "Socio-technical systems are characterized by the interplay of heterogeneous entities i.e., humans, organizations, and technologies. Application domains such as petroleum, e-health, and many others rely on solutions based on safety-critical socio-technical systems. To ensure a safe operation of these interacting heterogeneous entities, multifaceted and integrated modeling and analysis capabilities are needed. Currently, such capabilities are not at disposal. To contribute to the provision of such capabilities, in this paper we propose SafeConcert, a metamodel that offers constructs to model socio-technical entities and their safety-related properties. SafeConcert also represents a unified and harmonized language that supports the integrated application of qualitative as well as quantitative safety analyses techniques. To support our claims we briefly report about the evaluation that was conducted and documented in the context of the EU CONCERTO project.", address = "Trento, Italy", booktitle = "Model-Based Safety and Assessment. IMBSA 2017", doi = "https://doi.org/10.1007/978-3-319-64119-5_9", isbn = "978-3-319-64119-5", month = "September 11-13", note = "{ieee}", pages = "129-144", series = "LNCS", title = "{S}afe{C}oncert: {A} {M}etamodel for a {C}oncerted {S}afety {M}odeling of {S}ocio-{T}echnical {S}ystems", url = "https://link.springer.com/chapter/10.1007/978-3-319-64119-5_9", volume = "10437", year = "2017", } @conference{DGGBM99-FTCS-112, author = "Di Giandomenico, Felicita and F. Grandoni and Bondavalli, Andrea and I. Mura", address = "Madison, Wisconsin USA", booktitle = "29th IEEE FTCS - Int. Symposium on Fault-Tolerant Computing - Fast Abstract Track", month = "June 15-18", title = "{S}cheduling {S}olutions for a {U}nified {A}pproach to the {T}olerance of {V}alue and {T}iming {F}aults", year = "1999", } @conference{SDGBN00-ISORC2k-127, author = "F. Sandrini and Di Giandomenico, Felicita and Bondavalli, Andrea and Edgar Nett", address = "Newport Beach, CA, USA", booktitle = "ISORC2k - 3rd IEEE Int. Symposium on Object-oriented Real-time distributed Computing.", month = "March 15-17", pages = "122--129", title = "{S}cheduling solutions for supporting dependable real-time applications", year = "2000", } @conference{Minisymp17-Schiavone, author = "Schiavone, Enrico", abstract = "Providing a mechanism for authenticating a user’s access to resources is very important, especially for systems that can be considered critical for the data stored and the functionalities offered. In those environments, traditional authentication mechanisms can be ineffective to face intrusions: they usually verify user’s identity only at login, and even repeating this step, frequently asking for passwords or PIN would reduce system’s usability. Biometric continuous authentication, instead, is emerging as viable alternative approach that can guarantee accurate and transparent verification for the entire session: the traits can be repeatedly acquired avoiding disturbing the user’s activity. Another important property that critical systems may need to be guaranteed is non-repudiation, which means protection against the denial of having used the system or executed some specific commands with it. The paper focuses on biometric continuous authentication and non-repudiation, and it briefly presents a preliminary solution based on a specific case study. This work presents the current research direction of the author and describes some challenges that the student aims to address in the next years.", address = "Budapest, Hungary", booktitle = "Proceedings of the 24th PhD Mini-Symposium of the Department of Measurement and Information Systems, Budapest University of Technology and Economics", doi = "10.5281/zenodo.291904", isbn = "978-963-313-243-2", keywords = "authenticity, non-repudiation, continuous authentication, biometrics, security", month = "January", pages = "70-73", publisher = "IEEE", title = "{S}ecuring {C}ritical {S}ystems through {C}ontinuous {U}ser {A}uthentication and {N}on-repudiation", year = "2017", } @conference{BB94-MicroP-28, author = "C. Bernardeschi and Bondavalli, Andrea", address = "Budapest, Hungary", booktitle = "MicroP94", pages = "15--24", title = "{S}emantics analysis of dataflow control systems", year = "1994", } @article{PDGBBM03-TMC-7, author = "Stefano Porcarelli and Di Giandomenico, Felicita and Bondavalli, Andrea and M. Barbera and I. Mura", journal = "IEEE Transactions on Mobile Computing", note = "IEEE Transactions on Mobile Computing submitted feb/2002", number = "3", pages = "233--247", title = "{S}ervice {L}evel {A}vailability {E}stimation of {GPRS}", volume = "2", year = "2003", } @incollection{BDFLV89-MFDBS-60, author = "Bondavalli, Andrea and N. De Francesco and D. Latella and G. Vaglini", address = "Visegrad, Hungary", booktitle = "2nd Symposium on Mathematical Fundamentals of Database Systems-MFDBS'89, LNCS 364", month = "June 26-30", pages = "53--67", publisher = "Springer-Verlag", series = "Lecture Notes in Computer Science", title = "{S}hared {A}bstract {D}ata {T}ypes: an {A}lgebraic {M}ethodology for their {S}pecification", volume = "364", year = "1989", } @conference{RCDGS07-HASE07-200, author = "F. Romani and Silvano Chiaradonna and Di Giandomenico, Felicita and L. Simoncini", address = "Dallas, Texas, USA", booktitle = "10th IEEE High Assurance Systems Engineering Symposium (HASE'07)", month = "November", pages = "305--312", title = "{S}imulation {M}odels and {I}mplementation of a {S}imulator for the {P}erformability {A}nalysis of {E}lectric {P}ower {S}ystems {C}onsidering {I}nterdependencies", year = "2007", } @techreport{RCDGS07-ISTI2007TR012-199, author = "F. Romani and Silvano Chiaradonna and Di Giandomenico, Felicita and L. Simoncini", institution = "ISTI-CNR, Italy", number = "2007-TR-01", title = "{S}imulation {M}odels and {I}mplementation of a {S}imulator for the {P}erformability {A}nalysis of {E}lectric {P}ower {S}ystems {C}onsidering {I}nterdependencies", type = "Technical Report", year = "2007", } @conference{Bonfiglio15_SSIV, author = "Bonfiglio, Valentina and Montecchi, Leonardo and Ivano Irrera and Francesco Rossi and Lollini, Paolo and Bondavalli, Andrea", abstract = "Safety is a fundamental property for a wide class of systems, which can be assessed through safety analysis. Recent standards, as the ISO26262 for the automotive domain, recommend safety analysis processes to be performed at system, hardware, and software levels. While Failure Modes and Effects Analysis (FMEA) is a well-known technique for safety assessment at system level, its application at software level is still an open problem, especially concerning its integration into certification processes. Fault injection has been envisioned as a viable approach for performing Software-FMEA (SW-FMEA), but it typically requires an advanced development stage where code is available. The approach we propose in this paper, aims to perform software fault injection at model-level, namely on fUML-ALF models obtained from a component-based UML description through transformations proposed in a previous work. Model-level fault injection allows SW-FMEA to assess the effectiveness of safety mechanisms from the early stages of system design. The work in this paper focuses on how the software fault injection is implemented, and on the study of fault propagation through appropriate points of observation to highlight possible violations of requirements, with the identification critical paths.", booktitle = "1st Workshop on Safety and Security of Intelligent Vehicles (SSIV 2015)", month = "June, 22th", note = "{ieee}", pages = "133-140", publisher = "IEEE", title = "{S}oftware {F}aults {E}mulation at {M}odel-{L}evel: {T}owards {A}utomated {S}oftware {FMEA}", year = "2015", } @misc{BaldecchiBachelor, author = "Andrea Baldecchi", month = "April 20th", note = "Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica. April 20th, 2016. Supervisor(s): P. Lollini, Co-Supervisor(s): L. Montecchi", school = "Universit{\`a} degli Studi di Firenze. Corso di Laurea Magistrale in Informatica", title = "{S}oftware {FMEA}: tecniche, tools di supporto e sviluppi recenti", year = "2016", } @book{UB03-TC03-23, author = "Shambhu J. Upadhyaya and Bondavalli, Andrea", editor = "Upadhyaya, S.J. and Andrea Bondavalli", publisher = "IEEE Computer Society", series = "IEEE Transactions on Computers", title = "{S}pecial issue on reliable distributed systems", volume = "52", year = "2003", } @misc{Zampini 2011, author = "Dario Zampini", note = "Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica. December 21th, 2009. Supervisor(s): A. Bondavalli, Co-Supervisor(s): F. Brancati, A. Ceccarelli", title = "{S}perimentazione dell'utilizzo di strumenti per la rilevazione online di anomalie in sistemi e infrastrutture critiche", year = "2011", } @techreport{VBC99-PDCCTN0002B-128, author = "D. Viva and Bondavalli, Andrea and Silvano Chiaradonna", institution = "PDCC-ENEA", month = "March 23", number = "PDCC-TN-00", title = "{S}perimentazione di {D}iverse {M}etodologie e {S}trumenti per la {M}odellizzazione", type = "Technical Note", year = "1999", } @conference{BDGGPR98-ISORC-64, author = "Bondavalli, Andrea and Di Giandomenico, Felicita and F. Grandoni and D. Powell and C. Rab{\'e}jac", address = "Kyoto, Japan", booktitle = "1st IEEE Int. Symposium on Object-oriented Real-time distributed Computing (ISORC '98)", month = "April 20 - 22", pages = "174--183", title = "{S}tate {R}estoration in a {COTS}-based {N}-{M}odular {A}rchitecture", year = "1998", } @techreport{RCL131001, author = "Montecchi, Leonardo and Nostro, Nicola and Narasimha Raghavan Veeraragavan and Roman Vitenberg and Hein Meling and Bondavalli, Andrea", institution = "University of Florence, RCL Group", month = "October", note = "v2.1", number = "RCL131001", title = "{S}tochastic {A}ctivity {N}etworks model for the evaluation of the {W}orld {O}pera system", year = "2015", } @article{CGN-IJCCBS-13, author = "Silvano Chiaradonna and Di Giandomenico, Felicita and Nostro, Nicola", abstract = "Power systems are among the most critical infrastructures providing services highly impacting on everyday life of modern and future society. They rely on a complex internal organisation, where interdependencies among the composing parts increase their vulnerabilities. The authors of this paper have already focused on this problem and have contributed to studies devoted to analyse the impact of interdependencies in power systems, evolving from rather simplistic scenarios to more sophisticated ones, more adherent to real system conditions. Elaborating on previous work, in this paper new investigations are performed to explore aspects of heterogeneity partially or not addressed so far, and related impact on blackouts indicators, to both prove the feasibility of the developed modelling framework and to assess the relevance of accounting for such heterogeneity.", doi = "10.1504/IJCCBS.2013.059022", issn = "1757-8779", journal = "International Journal of Critical Computer-Based Systems", keywords = "stochastic modelling, electric power systems, EPS, infrastructures dependencies, blackout-size assessment", number = "4", pages = "326--348", title = "{S}tochastic assessment of power systems in presence of heterogeneity", url = "http://dx.doi.org/10.1504/IJCCBS.2013.059022", volume = "4", year = "2013", } @incollection{MPB03-UMLbook-11, author = "I. Majzik and Andr{\'a}s Pataricza and Bondavalli, Andrea", address = "Berlin, Heidelberg, New York", booktitle = "Architecting Dependable Systems, LNCS 2677", editor = "De Lemos, R. and Gacek, C. and Romanovsky, A.", pages = "219--244", publisher = "Springer-Verlag", series = "Lecture Notes in Computer Science", title = "{S}tochastic {D}ependability {A}nalysis of {S}ystem {A}rchitecture {B}ased on {UML} {M}odels", year = "2003", } @conference{BS92-FTDCS-93, author = "Bondavalli, Andrea and L. Simoncini", address = "Taipei, Taiwan", booktitle = "3rd. IEEE Workshop on Future Trends in Distributed Computing Systems", month = "April 14-16", note = "also Esprit PDCS (Predictably Dependable Computing Systems) report 2nd Year Deliverables, 1991", pages = "278--286", title = "{S}tructured {S}ofware {F}ault-{T}olerance with {BSM}", year = "1992", } @mastersthesis{Guarnieri2009, author = "Guarnieri, Vania", month = "July 20th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): A. Daidone", school = "Universit{\`a} di Firenze. Corso di Laurea in Scienze e Teconologie dell'Informazione", title = "{S}trumenti automatici per la correlazione di eventi a scopo diagnostico in infrastrutture critiche", year = "2009", } @mastersthesis{Ceri 2007, author = "Ceri, Stefano", month = "September 28th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): L. Falai", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{S}tudio metodologico per l'analisi quantitativa di famiglie di protocolli distribuiti con il framework {N}eko", year = "2007", } @conference{BN91-AICA-84, author = "Bondavalli, Andrea and L. Nardone", address = "Siena, Italy", booktitle = "30th Congresso annuale A.I.C.A.", pages = "1061--1075", title = "{S}upporto a {T}empo di {E}secuzione ed {A}mbiente per un {L}inguaggio {D}ataflow {E}steso", year = "1991", } @techreport{VBC99b-PDCCTN0004B-129, author = "D. Viva and Bondavalli, Andrea and Silvano Chiaradonna", institution = "PDCC-ENEA", month = "March 22", number = "PDCC-TN-00", title = "{S}viluppo di un {C}aso di {S}tudio", type = "Technical Note", year = "1999", } @article{SJ2016, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Lollini, Paolo and Montecchi, Leonardo and Mori, Marco", abstract = "A dramatic shift in system complexity is occurring, bringing monolithic system designs to be progressively replaced by modular approaches. In the latest years this trend has been emphasized by the System of Systems (SoS) concept, in which a complex system or application is the result of the integration of many independent, autonomous Constituent Systems (CS), brought together in order to satisfy a global goal under certain rules of engagement. The overall behavior of the SoS, emerging from such complex interactions and dependencies, poses several threats in terms of dependability, timeliness and security, due to the challenging operating and environmental conditions caused by mobility, wireless connectivity, and the use of off-the-shelf components. Referring to our experience in mobile safety-critical applications gained from three different research projects, in this paper we illustrate the challenges and benefits posed by the adoption of an SoS approach in designing, developing and maintaining mobile safety-critical applications, and we report on some possible solutions.", doi = "10.1109/JSYST.2016.2588284", journal = "IEEE Systems Journal", note = "{ieee}", title = "{S}ystem-of-{S}ystems to {S}upport {M}obile {S}afety {C}ritical {A}pplications: {O}pen {C}hallenges and {V}iable {S}olutions", url = "http://ieeexplore.ieee.org/document/7523896/", volume = "To appear", year = "2016", } @article{BBCMS98-IFACA-31, author = "C. Bernardeschi and Bondavalli, Andrea and Gy. Csert{\'a}n and I. Majzik and L. Simoncini", journal = "IFAC Automatica", number = "2", pages = "169--182", title = "{T}emporal {A}nalysis of {D}ata {F}low {C}ontrol {S}ystems", volume = "34", year = "1998", } @incollection{Verissimo:08ads-ADS08-220, author = "P. Verissimo and N. Neves and M. Correia and A. Abou El Kalam and Y. Deswarte and Bondavalli, Andrea and Daidone, Alessandro", booktitle = "Architecting Dependable Systems V", editor = "R. de Lemos et al.", month = "August", pages = "1-27", publisher = "Springer, Heidelberg", series = "LNCS 5135", title = "{T}he {CRUTIAL} {A}rchitecture for {C}ritical {I}nformation {I}nfrastructures", year = "2008", } @incollection{BBS94-RTC-36, author = "Bondavalli, Andrea and C. Bernardeschi and L. Simoncini", address = "Saint Martin, Dutch Antilles", booktitle = "Real Time Computing", editor = "Halang, W.A. and Stoyenko, A.D.", pages = "527--529", publisher = "Springer Verlag", series = "NATO ASI Series F", title = "{T}he {D}esign of {D}istributed, {D}ependable {R}eal-{T}ime {S}ystems {U}sing a {F}unctional {P}aradigm", year = "1994", } @techreport{LTCDGB95-B424-114, author = "La Torre, S. and Silvano Chiaradonna and Di Giandomenico, Felicita and Bondavalli, Andrea", institution = "IEI/CNR", month = "May", number = "B4-24", title = "{T}he {E}ffects of {I}nput {C}orrelation on the {D}ependability of {I}terative {S}oftware", type = "Technical Report", year = "1995", } @techreport{BDG98-ErcimNews-151, author = "Bondavalli, Andrea and Di Giandomenico, Felicita", month = "January", number = "32", pages = "46--47", title = "{T}he {GUARDS} {A}pproach to {S}afety-{C}ritical {R}eal-{T}ime {S}ystems", type = "Ercim News", year = "1998", } @article{hid09-tmc-241, author = "Bondavalli, Andrea and O. Hamouda and M. Ka{\^a}niche and Lollini, Paolo and I. Majzik and Schwefel, Hans-Peter", doi = "10.1109/TMC.2010.222 ", issn = "1536-1233", journal = "IEEE Transactions on Mobile Computing", month = "June", number = "Issue:6 ", pages = "783 -- 796 ", title = "{T}he {HIDENETS} {H}olistic {A}pproach for the {A}nalysis of {L}arge {C}ritical {M}obile {S}ystems", url = "http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5645639{\&}tag=1", volume = "10", year = "2011", } @article{BPBDGRSS00-JSA-86, author = "A. Burns and D. Prasad and Bondavalli, Andrea and Di Giandomenico, Felicita and K. Ramamritham and J. Stankovic and L. Strigini", journal = "Journal of System Architecture (JSA), Special Issue on Real-Time Systems", pages = "305--325", title = "{T}he {M}eaning and {R}ole of {V}alue in {S}cheduling {F}lexible {R}eal-{T}ime {S}ystems", volume = "46", year = "2000", } @conference{thnavigator, author = "Alexandr Vasenev and Lorena Montoya and Ceccarelli, Andrea and Anhtuan Le and Dan Ionita", abstract = "Deriving value judgements about threat rankings for large and entangled systems, such as those of urban smart grids, is a challenging task. Suitable approaches should account for multiple threat events posed by different classes of attackers who target system components. Given the complexity of the task, a suitable level of guidance for ranking more relevant and filtering out the less relevant threats is desirable. This requires a method able to distil the list of all possible threat events in a traceable and repeatable manner, given a set of assumptions about the attackers. The Threat Navigator proposed in this paper tackles this issue. Attacker profiles are described in terms of Focus (linked to Actor-to-Asset relations) and Capabilities (Threat-to-Threat dependencies). The method is demonstrated on a sample urban Smart Grid. The ranked list of threat events obtained is useful for a risk analysis that ultimately aims at finding cost-effective mitigation strategies. ", booktitle = "1st EAI International Conference on Smart Grid Inspired", keywords = "Smart Grid, Threat Assessment, FAIR, NIST, Risk Analysis", pages = "8", publisher = "Springer", title = "{T}hreat navigator: grouping and ranking malicious external threats to current and future urban smart grids", year = "2016", } @techreport{BCDGG98-B4170698-48, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and F. Grandoni", institution = "IEI-CNR", month = "June 17", number = "B4-17-06-9", title = "{T}hreshold-{B}ased {M}echanisms to {D}iscriminate {T}ransient from {I}ntermittent {F}aults", type = "Technical Report", year = "1998", } @article{BCDGG00-IEEETC-42, author = "Bondavalli, Andrea and Silvano Chiaradonna and Di Giandomenico, Felicita and F. Grandoni", journal = "IEEE Transactions on Computers", number = "3", pages = "230--245", title = "{T}hreshold-{B}ased {M}echanisms to {D}iscriminate {T}ransient from {I}ntermittent {F}aults", volume = "49", year = "2000", } @conference{MalinowskyGSCBN12, author = "Boris Malinowsky and Jesper Gr{\o}nb{\ae}k and Schwefel, Hans-Peter and Ceccarelli, Andrea and Bondavalli, Andrea and Edgar Nett", booktitle = "EDCC", pages = "144-155", title = "{T}imed {B}roadcast via {O}ff-the-{S}helf {WLAN} {D}istributed {C}oordination {F}unction for {S}afety-{C}ritical {S}ystems", year = "2012", } @conference{SOSE17TRUST, author = "Gharib, Mohamad and Lollini, Paolo and Bondavalli, Andrea", abstract = "During the last decade, the integration of smart devices into humans' lives has witnessed an exponential increase. This has led to a new paradigm, namely Cyber-Physical-Social Systems (CPSS), which consists of cyber components (computer systems), physical components (controlled objects) and social components (humans and their interactions). Although social components are playing a main role in CPSS, their analysis did not receive much attentions. Especially the social trust among humans that allows for analyzing their expectations in one another concerning their social interactions and dependencies. In this paper, we propose an approach for analyzing trust in CPSS using structured assurance cases. We illustrate the utility of the approach with an example from telemedicine domain. ", address = "Waikoloa, HI, USA", booktitle = "The12th System of Systems Engineering Conference (SoSE'17) ", doi = "10.1109/SYSOSE.2017.7994947", isbn = "978-1-5090-5945-4", keywords = "Trust, Cyber-Physical-Social Systems, Assurance cases, CAE building blocks", month = "June", pages = "1-6", publisher = "IEEE", title = "{T}owards an {A}pproach for {A}nalyzing {T}rust in {C}yber-{P}hysical-{S}ocial {S}ystems", url = "http://ieeexplore.ieee.org/document/7994947/", year = "2017", } @conference{irene2016energycon, author = "Oliver Jung and Alexandr Vasenev and Ceccarelli, Andrea and Tony Clarke and Sanford Bessler and Lorena Montoya and Zoppi, Tommaso and Keith Chappell", abstract = "Two trends will help to ensure resilient electricity supply in Smart Cities: a) the ongoing deployment of Smart Grid technology and b) the adoption of distributed energy resources. Unfortunately, the increased reliance on ICT in the Smart Grid will expose new threats that could result in incidents that might affect urban electricity distribution networks by causing power outages. Diverse specialists will need to cooperate to address these threats. This position paper outlines a methodology for establishing a collaborative framework that supports the definition of response strategies to threats. We consider the ongoing evolution of the electricity grids and the threats emerging while the grid evolves. After outlining possible scenarios of urban grid development, we highlight several threats and the strategies of attackers. Finally, we introduce a framework that aims to foster the collaboration of stakeholders involved in city resilience planning taking into account grid vulnerability and criticality from a city’s perspective.", booktitle = "IEEE International Energy Conference", keywords = "collaborative framework, grid resilience, city planning, smart grid, urban planning", publisher = "IEEE", title = "{T}owards a {C}ollaborative {F}ramework to {I}mprove {U}rban {G}rid {R}esilience", year = "2016", } @incollection{BFLS99-CSDA-70, author = "Bondavalli, Andrea and A. Fantechi and D. Latella and L. Simoncini", address = "Williamsburg, VA, USA", booktitle = "IEEE - From Needs to Solutions: Computer Security, Dependability, and Assurance (NATO CSDA'98)", month = "November 11-13", pages = "144--165", title = "{T}owards a {D}iscipline of {S}ystem {E}ngineering: {V}alidation of {D}ependable {S}ystems", year = "1999", } @conference{Rossi11, author = "Rossi, Magali Andreia and Jorge Rady de Almeida Junior and Bondavalli, Andrea and Lollini, Paolo", address = "Madrid, Spain", booktitle = "Proc. of the 30th IEEE Symposium on Reliable Distributed Systems Workshops (SRDSW 2011)", month = "October 4", pages = "67-71", title = "{T}owards a federated simulation approach for reliability evaluation of {U}nmanned {A}ircraft {V}ehicles within {A}eronautical {C}ommunications {N}etworking", year = "2011", } @conference{5479511-ISORCWORNUS2010-246, author = "Ceccarelli, Andrea and Jesper Gr{\o}nb{\ae}k and Montecchi, Leonardo and Schwefel, Hans-Peter and Bondavalli, Andrea", booktitle = "13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops (ISORCW 2010)", month = "May", note = "{ieee}", pages = "184 -193", title = "{T}owards a {F}ramework for {S}elf-{A}daptive {R}eliable {N}etwork {S}ervices in {H}ighly-{U}ncertain {E}nvironments", year = "2010", } @conference{MoLoBo2011b-ICECCS2011-251, author = "Montecchi, Leonardo and Lollini, Paolo and Bondavalli, Andrea", booktitle = "16th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS 2011)", month = "27-29 April", note = "{ieee}", title = "{T}owards a {MDE} {T}ransformation {W}orkflow for {D}ependability {A}nalysis", year = "2011", } @conference{Basso15, author = "Tania Basso and Montecchi, Leonardo and Regina Moraes and Mario Jino and Andrea Bondavalli", abstract = "Personal information is continuously gathered and processed by modern web applications. Due to regulation laws and to protect the privacy of users, customers, and business partners, such information must be kept private. A recurring problem in constructing web applications and services that protect privacy is the insufficient resources for documenting them. As web applications must be developed consistently with the statements of the privacy policy in order to enforce them, a structured documentation is necessary to model privacy protection during application design. To contribute with solutions to this problem, in this paper we propose a UML profile for privacy-aware applications. This profile helps building UML models that specify and structure particular concepts of privacy and, consequently, improve privacy definition and enforcement. After introducing the main privacy concepts, we describe how they are represented in the UML language. The profile’s ability to model statements of realistic privacy policies is then demonstrated on a case study.", address = "Liverpool, UK", booktitle = "The 15th IEEE International Conference on Computer and Information Technology (CIT-2015)", doi = "10.1109/CIT/IUCC/DASC/PICOM.2015.53", isbn = "978-1-5090-0153-8", month = "26-28 October", note = "{ieee}", pages = "371-378", title = "{T}owards a {UML} {P}rofile for {P}rivacy-{A}ware {A}pplications", url = "http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7363095", year = "2015", } @conference{GharibER2017, author = "Gharib, Mohamad and Paolo Giorgini and John Mylopoulos", abstract = "Privacy has been frequently identified as a main concern for systems that deal with personal information. However, much of existing work on privacy requirements deals with them as a special case of security requirements, thereby overlooking key aspects of privacy. In this paper, we address this problem by proposing an ontology for privacy requirements. The ontology is mined from the literature through a systematic literature review whose main purpose is to identify key concepts/relationships for capturing privacy requirements. In addition, identified concepts/relations are further analyzed to identify redundancies and semantic overlaps. ", booktitle = "The 36th International Conference on Conceptual Modeling", keywords = "Privacy Ontology, Privacy Requirements, Privacy by Design, PbD, Requirements Engineering", month = "November ", publisher = "Springer ", title = "{T}owards an {O}ntology for {P}rivacy {R}equirements via a {S}ystematic {L}iterature {R}eview", year = "2017", } @conference{Kopetz15-SOSE, author = "Hermann Kopetz and O. H{\"o}ftberger and B. Fr{\"o}mel and Brancati, Francesco and Bondavalli, Andrea", abstract = "Emergence is a systemic phenomenon in an System-of-Systems (SoS) that cannot be reduced to the behavior of the isolated parts of a system. It is the objective of this paper to contribute to the understanding of emergent phenomena in SoSs. After a short look at the literature on emergence in the domains of philosophy and computer science, this paper continues with an elaboration on multi-level nearly-decomposable systems, gives a tentative definition of emergence and discusses how emergent behavior manifests itself in an SoS.", address = "San Antonio, TX ", booktitle = "System of Systems Engineering Conference (SoSE), 2015 10th ", doi = " 10.1109/SYSOSE.2015.7151925 ", month = "May 17-20", pages = "214-219", title = "{T}owards an understanding of emergence in systems-of-systems", year = "2015", } @conference{sort2016, author = "Nostro, Nicola and Davide Iacono and Ceccarelli, Andrea and Bondavalli, Andrea", abstract = "The ongoing replacement of monolithic system designs with Off-The-Shelf approaches aims to enable the loosely coupled integration of heterogeneous existing legacy systems. This trend is currently promoting a new architectural paradigm, called System of Systems (SoS). An SoS is made of independent and autonomous constituent systems (CSs) which interact to achieve higher level goals also with the intervention of humans. While enhancing the services provided, an SoS at the same time introduces new challenges to be faced, specifically when dependability and security properties must be addressed. In fact, traditional failure and attack detection approaches are not easily applicable to an SoS due to the autonomy, dynamicity and the uncoordinated evolution of its CSs. This paper first analyses the challenges posed by SoS for the development of effective failure and intrusion detectors; then it investigates which are the available solutions for SoS in the state of the art. Finally, a possible approach that is currently under development is envisioned together with the planned case study.", booktitle = "ISORC-SORT 2016", keywords = "System of System; monitoring; intrusion detection; failure detection", publisher = "IEEE", title = "{T}owards {F}ailure and {I}ntrusion {D}etection in {S}ystems of {S}ystems: {C}hallenges and an {A}pproach", year = "2016", } @conference{anomalyMN2011, author = "Antonio Bovenzi and Brancati, Francesco and Stefano Russo and Bondavalli, Andrea", booktitle = "IEEE International Workshop on Measurements and Networking (M{\&}N 2011)", month = "October", title = "{T}owards identifying {OS}-level anomalies to detect {A}pplication {S}oftware {F}ailures", year = "2011", } @conference{BCFV07-ISADS2007-192, author = "Bondavalli, Andrea and Ceccarelli, Andrea and Falai, Lorenzo and Michele Vadursi", booktitle = "Proceedings of The 8th International Symposium on Autonomous Decentralized Systems", month = "March", title = "{T}owards {M}aking {N}eko{S}tat a {P}roper {M}easurement {T}ool for the {V}alidation of {D}istributed {S}ystems", year = "2007", } @conference{CDGPB01-ISASSCI2001-139, author = "A. Chohra and Di Giandomenico, Felicita and Stefano Porcarelli and Bondavalli, Andrea", address = "Orlando, Florida, USA", booktitle = "The 5th World Multi-Conference on Systemics, Cybernetics and Informatics, ISAS-SCI 2001, Volume I: Information Systems Development", editor = "Callaos, N. and Da Silva, N. I. and Molero, J.", month = "July 22-25", pages = "571--576", publisher = "IIIS", title = "{T}owards {O}ptimal {D}atabase {M}aintenance in {W}ireless {C}ommunication {S}ystems", year = "2001", } @conference{DSNSTUDENTFORUM09-DSN2009-230, author = "Ceccarelli, Andrea", booktitle = "Student Forum at DSN-2009 IEEE Int. Conference on Dependable Systems and Networks, Supplemental Volume", month = "June 29-July 2", pages = "G34--G37", title = "{T}owards techniques and methodologies for collecting trusted observation results", year = "2009", } @mastersthesis{DuchiMaster2010, author = "Fabio Duchi", month = "April 27th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): P. Lollini", school = "Universit{\`a} degli Studi di Firenze. Corso di Laurea in Informatica", title = "{T}ransformation {L}anguages - {V}alutazione pratica dei principali approcci", year = "2010", } @mastersthesis{VinerbiMaster, author = "Lorenzo Vinerbi", month = "October", school = "Universit{\`a} degli Studi di Firenze. Corso di Laurea in Scienze e Tecnologie dell'Informazione", title = "{T}rattazione del {C}omportamento {E}mergente in {S}istemi {C}omplessi", year = "2009", } @conference{CeccarelliPRDC09-PRDC-235, author = "Ceccarelli, Andrea and Bondavalli, Andrea and D. Iovino", booktitle = "IEEE 15th Pacific Rim International Symposium on Dependable Computing", pages = "234-241", title = "{T}rustworthy {E}valuation of a {S}afe {D}river {M}achine {I}nterface through {S}oftware-{I}mplemented {F}ault {I}njection", year = "2009", } @conference{PDGCB01-SAFECOMP-146, author = "Stefano Porcarelli and Di Giandomenico, Felicita and A. Chohra and Bondavalli, Andrea", address = "Budapest, Hungary", booktitle = "SAFECOMP 2001, 20th Int. Conference on Computer Safety, Reliability and Security", editor = "Voges, U.", pages = "238--248", publisher = "Springer-Verlag", title = "{T}uning of {D}atabase {A}udits to {I}mprove {S}cheduled {M}aintenance in {C}ommunication {S}ystems", year = "2001", } @conference{PABWBDG97-CABERNET-123, author = "D. Powell and J. Arlat and L. Beus-Dukic and A. Wellings and Bondavalli, Andrea and Di Giandomenico, Felicita", address = "IRISA, Campus de Beaulieu, Rennes, France", booktitle = "3rd CABERNET Plenary Workshop", month = "April 16-18", title = "{U}ltra-{D}ependable and {R}eal-{T}ime {S}ystems: {T}he {GUARDS} {A}pproach", year = "1997", } @mastersthesis{MasterMontecchi, author = "Montecchi, Leonardo", keywords = "idm, modello intermedio, mde, chess", month = "October 27th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): P. Lollini", school = "Universit{\`a} degli Studi di Firenze. Corso di Laurea in Scienze e Tecnologie dell'Informazione", title = "{U}n {M}odello {I}ntermedio di {D}ependability {I}ntegrabile in un {P}rocesso di {M}odel-{D}riven {E}ngineering", year = "2010", } @conference{BS87b-AICA-88, author = "Bondavalli, Andrea and L. Simoncini", address = "Trento, Italy", booktitle = "26th Congresso annuale A.I.C.A.", month = "September 30 - Octob", pages = "163--182", title = "{U}n modello per la descrizione di computazioni robuste {D}ata-{F}low-{L}ike", year = "1987", } @mastersthesis{Albini2009, author = "Albini, Martina", month = "July 20th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): P. Lollini", school = "Universit{\`a} di Firenze. Corso di Laurea in Scienze e Tecnologie dell'Informazione", title = "{U}n profilo {UML} 2.0 per la descrizione di strategie di manutenzione in sistemi critici e sue applicazioni", year = "2009", } @conference{BDGBT95-AICA-63, author = "P. Bizzarri and Di Giandomenico, Felicita and Bondavalli, Andrea and F. Tarini", address = "Cagliari, Italy", booktitle = "Congresso annuale A.I.C.A. '95", pages = "202--208", title = "{U}n protocollo per la schedulazione distribuita {H}ard {R}eal-{T}ime", year = "1995", } @mastersthesis{Serafini 2004, author = "Marco Serafini", month = "September", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): P. Lollini", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{U}na metodologia per modellare e valutare la dependability di sistemi safety-critical", year = "2004", } @conference{Raghavan13, author = "Narasimha Raghavan Veeraragavan and Montecchi, Leonardo and Nostro, Nicola and Bondavalli, Andrea and Roman Vitenberg and Hein Meling", address = "Coimbra, Portugal", booktitle = "28th ACM Symposium On Applied Computing (SAC 2013) - Track on Dependable and Adaptive Distributed Systems (DADS)", doi = "10.1145/2480362.2480450", month = "March, 18-22", note = "{acm}", pages = "439-446", title = "{U}nderstanding the {Q}uality of {E}xperience in {M}odern {D}istributed {I}nteractive {M}ultimedia {A}pplications in {P}resence of {F}ailures: {M}etrics and {A}nalysis ", url = "http://dl.acm.org/citation.cfm?id=2480450", year = "2013", } @conference{CB93-AICA-99, author = "Silvano Chiaradonna and Bondavalli, Andrea", address = "Lecce, Italy", booktitle = "Congresso annuale A.I.C.A. '93", month = "September 22-24", pages = "1289--1303", title = "{U}no {S}chema {E}fficiente per la {T}olleranza a {G}uasti {O}perazionali in {A}rchitetture {M}ultiprocessore", year = "1993", } @conference{BBT95-AICA-39, author = "Bondavalli, Andrea and A. Buzzi and F. Tarini", address = "Cagliari, Italy", booktitle = "Congresso annuale A.I.C.A. '95", pages = "979--986", title = "{U}no {S}trumento {G}rafico per la {S}trutturazione di {A}pplicazioni {T}olleranti i {G}uasti", year = "1995", } @conference{LADC16Usability, author = "Schiavone, Enrico and Ceccarelli, Andrea and Bondavalli, Andrea and Ariadne M. B. R. Carvalho", abstract = "Multimodal biometric continuous authentication systems allow to improve security, making user identity verification a continuous process rather than a one-time occurrence. Unfortunately, the usability of these systems and their adequacy for working activities are often questioned. This paper presents a usability study for a multimodal biometric continuous authentication system capable of continuously and transparently verifying user identity through face, fingerprint and keystroke traits. We evaluate the system’s usability obtained varying configuration parameters. This allows identifying the more suitable parameters configuration for different usability and security requirements. The experimental campaign relies on 60 users performing pre-defined tasks while our continuous authentication system is running. Users’ opinions on system usability were collected with a post questionnaire. Our findings show that users were able to complete ordinary tasks securely and without additional effort, and that they have accepted the authentication system, which only requires minimal training.", booktitle = "Proceedings of the 7h Latin-American Symposium on Dependable Computing, LADC 2016", keywords = "usability;security;biometrics;authentication;testing", month = "October", publisher = "IEEE", title = "{U}sability {A}ssessment in a {M}ulti-biometric {C}ontinuous {A}uthentication {S}ystem", year = "2016", } @techreport{BM98b-GUARDSI3A4AO6016VA-158, author = "Bondavalli, Andrea and I. Mura", month = "11 June", number = "Report GUA", title = "{U}sers {G}uide for {T}ool-{S}upported {M}odelling of {P}hased-{M}ission {S}ystems", type = "GUARDS Project - PDC", year = "1998", } @conference{BDFLV89b-ITC-61, author = "Bondavalli, Andrea and N. De Francesco and D. Latella and G. Vaglini", address = "Sarajevo, Yugoslavia", booktitle = "13th. Information Technologies Conference SARAJEVO JAHORINA 1989''", month = "March 20-24", pages = "130--1--130--10", title = "{U}sing {A}lgebraic {S}pecifications for {D}ata {T}ypes {S}hared among {C}oncurrent {T}ransactions", year = "1989", } @article{BBS95-TIS-38, author = "C. Bernardeschi and Bondavalli, Andrea and L. Simoncini", journal = "IEICE Trans. on Information and Systems", number = "8", pages = "959--968", title = "{U}sing {P}rocess {A}lgebras for the {S}emantic {A}nalysis of {D}ata {F}low {N}etworks", volume = "E78-D", year = "1995", } @conference{BDGM97-WORDS2001-65, author = "Bondavalli, Andrea and Di Giandomenico, Felicita and I. Mura", address = "Newport Beach, California, USA", booktitle = "Third IEEE Int. Workshop on Object-oriented Real-time Dependable Systems (WORDS 97)", month = "February 6-7", pages = "92--99", title = "{V}alue-{D}riven {R}esource {A}ssignment in {O}bject-{O}riented {R}eal-{T}ime {D}ependable {S}ystems", year = "1997", } @mastersthesis{Viti 2006, author = "Viti, Lorenzo", month = "April 28th", note = "Supervisor(s): A. Bondavalli, Co-Supervisor(s): P. Fantappi{\'e}, P. Maltese, L. Falai", school = "Universit{\`a} di Firenze. Corso di Laurea in Informatica", title = "{V}alutazione quantitativa della {Q}o{S} dei servizi applicativi su rete {ATN} ({A}eronautical {T}elecommunications {N}etwork)", year = "2006", } @conference{radiance2016, author = "Nuno Antunes and Ariadne Carvalho and Andrea Ceccarelli and Andras Zentai", booktitle = "DSN 2016", keywords = "dependability, assessment", pages = "2", publisher = "IEEE", title = "{W}orkshop on {R}ecent {A}dvances in the {D}ependab{I}lity {A}ssessme{N}t of {C}omplex syst{E}ms ({RADIANCE})", year = "2016", } @conference{7266885, author = "A.M.B.R. Carvalho and N. Antunes and A. Zentai and Ceccarelli, Andrea", booktitle = "Dependable Systems and Networks (DSN), 2015 45th Annual IEEE/IFIP International Conference on", doi = "10.1109/DSN.2015.68", keywords = "complex systems;dependability assessment;dynamic systems;fault injection", month = "June", pages = "567-568", title = "{W}orkshop on {R}ecent {A}dvances in the {D}ependab{I}lity {A}ssessme{N}t of {C}omplex syst{E}ms ({RADIANCE})", year = "2015", } @conference{radiance2016_1, author = "", booktitle = "DSN 2016", keywords = "dependability, assessment", pages = "2", publisher = "IEEE", title = "{W}orkshop on {R}ecent {A}dvances in the {D}ependab{I}lity {A}ssessme{N}t of {C}omplex syst{E}ms ({RADIANCE})_1", year = "2016", } @conference{Rossi15, author = "Rossi, Magali Andreia and Lollini, Paolo and Bondavalli, Andrea and Fabricio Barros de Oliveira and Mario Corr{\^e}a", address = "Prague, Czech Republic", booktitle = "Proc. of the IEEE/AIAA 34th IEEE Digital Avionics Systems Conference (DASC 2015)", month = "September 13-17", title = "{Z}arzir{B}ird {P}roject: {M}odeling {RPAS} {D}ynamics for {L}oad {S}tability", year = "2015", }

Resilient Computing Lab, 2011

Joomla - Realizzazione siti web