Francesco Flammini
Francesco Flammini got with honours his laurea (July 2003) and doctorate (December 2006) degrees in Computer Engineering from the University Federico II of Naples.
From October 2003 to January 2007, he has worked in Ansaldo STS (Finmeccanica) as a Software/RAMS Engineer in the Verification & Validation unit. He has been involved in several ERTMS/ETCS (European Railway Traffic Management System / European Train Control System) related projects, both for the on-board and the trackside systems. In particular, he has specialized in functional testing of critical control systems. Since February 2007, after moving to the Innovation & Competitiveness unit, he has worked on critical infrastructure protection, transportation security and several interdisciplinary research projects. In particular, he has worked on risk assessment and design of security management systems. He has won company innovation awards in 2005 (Automatic Train Control System based on ERTMS/ETCS L3), 2007 (Subway Tunnel Protection System) and 2009 (PIEZORAIL Project).
His main research interests are about dependability and security of critical systems and infrastructures, including multi-paradigm modeling approaches. He is author of more than 35 scientific papers published in international journals, book chapters and conference proceedings. He has been awarded a grant as the "Best Ph.D. student paper" at the Dependability of Computer System Conference in 2006. He has classified 3rd at the business-plan competition Start Cup Federico II 2008 with the project "N-Enterprise".
He has served as a chairman, a member of the International Program Committee and a reviewer for several international conferences and IEEE journals. He is Vice-Chair of the IEEE Computer Society Italy and partecipates to several Technical Committees, including Software Engineering and Fault Tolerant Computing. He is also member of the European Workshop on Industrial Computer Systems Reliability, Safety and Security (EWICS TC7), FME (Formal Methods Europe), ERCIM Working Group on Formal Methods for Industrial Critical Systems (FMICS), ESRA TC on Operational Safety and Security of Interconnected Critical Infrastructures, and IEEE SMC TC on Homeland Security.
He is Editor in Chief of the "International Journal of Critical Computer-Based Systems" (IJCCBS, Inderscience Publishers).
He has been an Adjunct Professor of Software Engineering (Second University of Naples) and Computer Science (University "Federico II" of Naples).
In the Seclab research group, he collaborates to the OsMoSys and DETECT projects.
Supervisors: Antonino Mazzeo and Nicola Mazzocca
From October 2003 to January 2007, he has worked in Ansaldo STS (Finmeccanica) as a Software/RAMS Engineer in the Verification & Validation unit. He has been involved in several ERTMS/ETCS (European Railway Traffic Management System / European Train Control System) related projects, both for the on-board and the trackside systems. In particular, he has specialized in functional testing of critical control systems. Since February 2007, after moving to the Innovation & Competitiveness unit, he has worked on critical infrastructure protection, transportation security and several interdisciplinary research projects. In particular, he has worked on risk assessment and design of security management systems. He has won company innovation awards in 2005 (Automatic Train Control System based on ERTMS/ETCS L3), 2007 (Subway Tunnel Protection System) and 2009 (PIEZORAIL Project).
His main research interests are about dependability and security of critical systems and infrastructures, including multi-paradigm modeling approaches. He is author of more than 35 scientific papers published in international journals, book chapters and conference proceedings. He has been awarded a grant as the "Best Ph.D. student paper" at the Dependability of Computer System Conference in 2006. He has classified 3rd at the business-plan competition Start Cup Federico II 2008 with the project "N-Enterprise".
He has served as a chairman, a member of the International Program Committee and a reviewer for several international conferences and IEEE journals. He is Vice-Chair of the IEEE Computer Society Italy and partecipates to several Technical Committees, including Software Engineering and Fault Tolerant Computing. He is also member of the European Workshop on Industrial Computer Systems Reliability, Safety and Security (EWICS TC7), FME (Formal Methods Europe), ERCIM Working Group on Formal Methods for Industrial Critical Systems (FMICS), ESRA TC on Operational Safety and Security of Interconnected Critical Infrastructures, and IEEE SMC TC on Homeland Security.
He is Editor in Chief of the "International Journal of Critical Computer-Based Systems" (IJCCBS, Inderscience Publishers).
He has been an Adjunct Professor of Software Engineering (Second University of Naples) and Computer Science (University "Federico II" of Naples).
In the Seclab research group, he collaborates to the OsMoSys and DETECT projects.
Supervisors: Antonino Mazzeo and Nicola Mazzocca
less
Related Authors
InterestsView All (15)
Uploads
Books by Francesco Flammini
* Vulnerability analysis and risk assessment
* Threat prevention, detection and response
* Emergency planning and management
Each of the aforementioned topics is addressed considering both theoretical aspects and practical applications. Emphasis is given to model-based holistic evaluation approaches as well as to emerging protection technologies, including smart surveillance through networks of intelligent sensing devices. Critical Infrastructure Security can be used as a self-contained reference handbook for both practitioners and researchers or even as a textbook for master/doctoral degree students in engineering or related disciplines.
More specifically, the topic coverage of the book includes:
• Historical background on threats to critical infrastructures
• Model-based risk evaluation and management approaches
• Security surveys and game-theoretic vulnerability assessment
• Federated simulation for interdependency analysis
• Security operator training and emergency preparedness
• Intelligent multimedia (audio-video) surveillance
• Terahertz body scanners for weapon and explosive detection
• Security system design (intrusion detection / access control)
• Dependability and resilience of computer networks (SCADA / cyber-security)
• Wireless smart-sensor networks and structural health monitoring
• Information systems for crisis response and emergency management
• Early warning, situation awareness and decision support software
The list of contributors include: Ted G. Lewis, Rudolph P. Darken, Thomas Mackin, Donald Dudenhoeffer, Roger G. Johnston, Gabriele Oliva, Stefano Panzieri, Roberto Setola, Stephen Elky, A. Bondavalli, P. Lollini, L. Montecchi, Stefan Winter, Daniel Germanus, Hamza Ghani, Thorsten Piper, Abdelmajid Khelil, Neeraj Suri, Vincenzo Masucci, William B. Samuels, Farhad Dolatshahi, James R. Villanueva, Christopher J. Ziemniak, V. M. Bier, S. Tas, Brian Hennessey, F. Garzia, Rita Cucchiara, Andrea Prati, Roberto Vezzani, Stavros Ntalampiras, Megan R. Leahy-Hoppa, R. Mason, L. Gintert, S. Sweeney, K. Chandler, J. Chandler, P. Langendoerfer, L. Buttyan, A. Hessler, C. Casteluccia, A. Casaca, A. Alkassar, E. Osipov, Neil C. Rowe, Ahren A. Reed, Riqui Schwamm, Jeehee Cho, Jose J. Flores, Arijit Das, Luigi Coppolino, Salvatore D’Antonio, Luigi Romano, D. L. Hall
A failure occurs when the application is no longer able to guarantee the success of its required function. There exists several levels of criticality, according to the several possible classes of failure. The simplest distinction, for instance, is between the classes of failure corresponding to service unavailable or service incorrect, with many nuances within those two extremes (i.e. partial failures). Generally speaking, it is better to make the system unavailable when a possibly incorrect behavior is diagnosed, when system unavailability corresponds to a safer state. This new book discusses critical applications and the inconsistencies which poses a threat to the successful completion of the function.
Papers by Francesco Flammini
* Vulnerability analysis and risk assessment
* Threat prevention, detection and response
* Emergency planning and management
Each of the aforementioned topics is addressed considering both theoretical aspects and practical applications. Emphasis is given to model-based holistic evaluation approaches as well as to emerging protection technologies, including smart surveillance through networks of intelligent sensing devices. Critical Infrastructure Security can be used as a self-contained reference handbook for both practitioners and researchers or even as a textbook for master/doctoral degree students in engineering or related disciplines.
More specifically, the topic coverage of the book includes:
• Historical background on threats to critical infrastructures
• Model-based risk evaluation and management approaches
• Security surveys and game-theoretic vulnerability assessment
• Federated simulation for interdependency analysis
• Security operator training and emergency preparedness
• Intelligent multimedia (audio-video) surveillance
• Terahertz body scanners for weapon and explosive detection
• Security system design (intrusion detection / access control)
• Dependability and resilience of computer networks (SCADA / cyber-security)
• Wireless smart-sensor networks and structural health monitoring
• Information systems for crisis response and emergency management
• Early warning, situation awareness and decision support software
The list of contributors include: Ted G. Lewis, Rudolph P. Darken, Thomas Mackin, Donald Dudenhoeffer, Roger G. Johnston, Gabriele Oliva, Stefano Panzieri, Roberto Setola, Stephen Elky, A. Bondavalli, P. Lollini, L. Montecchi, Stefan Winter, Daniel Germanus, Hamza Ghani, Thorsten Piper, Abdelmajid Khelil, Neeraj Suri, Vincenzo Masucci, William B. Samuels, Farhad Dolatshahi, James R. Villanueva, Christopher J. Ziemniak, V. M. Bier, S. Tas, Brian Hennessey, F. Garzia, Rita Cucchiara, Andrea Prati, Roberto Vezzani, Stavros Ntalampiras, Megan R. Leahy-Hoppa, R. Mason, L. Gintert, S. Sweeney, K. Chandler, J. Chandler, P. Langendoerfer, L. Buttyan, A. Hessler, C. Casteluccia, A. Casaca, A. Alkassar, E. Osipov, Neil C. Rowe, Ahren A. Reed, Riqui Schwamm, Jeehee Cho, Jose J. Flores, Arijit Das, Luigi Coppolino, Salvatore D’Antonio, Luigi Romano, D. L. Hall
A failure occurs when the application is no longer able to guarantee the success of its required function. There exists several levels of criticality, according to the several possible classes of failure. The simplest distinction, for instance, is between the classes of failure corresponding to service unavailable or service incorrect, with many nuances within those two extremes (i.e. partial failures). Generally speaking, it is better to make the system unavailable when a possibly incorrect behavior is diagnosed, when system unavailability corresponds to a safer state. This new book discusses critical applications and the inconsistencies which poses a threat to the successful completion of the function.
Allo scopo di adattare gli aspetti citati (facilità d’uso, potenza espressiva, efficienza) alle diverse parti, aspetti o livelli di astrazione di sistemi complessi ed eterogenei, sono stati introdotti i cosiddetti approcci multi-formalismo, in cui più linguaggi e tecniche formali convivono in un’unica vista del sistema, che può integrare sia aspetti strutturali che comportamentali (o funzionali). A fronte di evidenti vantaggi in termini di possibilità di analisi, un tale approccio introduce una serie di problematiche teoriche e pratiche di non facile soluzione.
Esistono diversi approcci teorici e framework di supporto al multiformalismo. Vale la pena di citare l’approccio OsMoSys che mantiene i modelli scritti in linguaggi diversi distinti tra loro, sfruttando risolutori esistenti (con cui si interfaccia tramite opportuni adapters) e orchestrandoli tramite un’opportuna Workflow Engine. OsMoSys rappresenta quindi sia un approccio metodologico che un framework di supporto alla modellazione multiformalismo / multirisolutore, sviluppato in collaborazione tra le università di Napoli e Torino.
Nella creazione di modelli multiformalismo, riveste particolare importanza il modo in cui i diversi sottomodelli interagiscono tra loro. In particolare, i modelli cosiddetti “connessi” prevedono il passaggio di dati e risultati da un modello all’altro, ma non consentono un’interazione stretta, in fase di esecuzione dei sottomodelli. Per consentire tale interazione, che consente di incrementare la potenza espressiva del modello globale aumentandone la coesione, è necessario caratterizzare i sottomodelli in termini di stato e azioni. I concetti di stato e azione generalizzano i formalismi, sotto l’unica ipotesi di sistemi di tipo a eventi discreti (Discrete Event Systems, DES). Gli operatori di composizionalità sono gli strumenti teorici che consentono di definire la semantica della composizione. Rappresentati graficamente e associata loro una sintassi e semiotica ben definita, possono essere integrati nel framework OsMoSys sfruttando la distinzione tra elementi interni e di interfaccia dei sottomodelli: lo stato degli elementi di interfaccia costituirebbe in tal caso una classe di equivalenza di stati del modello e semplificherebbe la modellazione, riducendo alle condizioni all’interfaccia quelle di cui il modellista deve tener conto nel momento in cui si appresta a definire le regole di composizione. L’implementazione di siffatti operatori in OsMoSys richiede la valutazione di aspetti sia teorici (es. verifica di correttezza dei modelli, conservazione delle proprietà) che pratici (es. reingegnerizzazione di parte del framework).