![](https://webapps.unitn.it/public/store/ermete/persona/per0003620/ufficiale.jpg?c=2131633515)
Fabio Massacci
![]() ![]() |
Education |
|
|
![]() ![]() |
Academic career and teaching activities |
1.1 Present Position:
1.2 Previous Employments
1.3 Professional Appointments
1.4 Visiting appointments
|
|
![]() ![]() |
Research interests |
I illustrate below some of the major milestones in my research with some sample papers. They are not necessarily the most cited; they are the ones that one could actually read to have a comprehensive idea of my research. More details are available in the Research and Teaching Statement. Empirical Security Economics: My current research effort is to empirically validate practical and affordable security solution, albeit they might not be perfect. Often security solutions stop at a mathematical model, we go the last mile (more precisely the last light year) and empirically validate them by running experiments or by performing qualitative studies. Such works often go against the “ethos” of academic security research working to protect us against an all powerful adversary, yet it has an unfettered potential of industry impact (you can better prioritize your finite resources instead fighting an all powerful adversary that doesn’t exist). Three papers illustrate this research, two in flagship computer security venue and one in a top business journal.
Security Requirements Engineering: I started this work in 2003 with N. Zannone and J. Mylopoulos. The key idea is to develop a robut methodology to capture security requirements as first class citizens. Two, very different, ten-years apart, papers illustrate this research: initially I worked on design and formal reasoning capabilities, now understanding what really works in security risk analysis is the other focus in my research that complements it.
Run-time and load-time security enforcement. This research is a mixture of theoretical research on the limit of what can be actually enforced and what can be practically achieved. Out of this research stream started my long standing collaboration with KU Leuven (F. Piessens and Wouter Josen).
Formal Methods for Security: In 1996, half-way through my Phd, I went to Cambridge to work with Robin Milner (one of the inventor of the Hennessy-Milner logic). Alas, Milner had just been elected head of department and suggested I could work with Roger Needham and Larry Paulson who had a joint project on modal logic for security. This “one year long mishap” gave a whole new turn to my research career.
Automated Resoning for Modal Logic: When I started my Phd, reasoning in modal logic was divided in two fields: those that purely manipulate formulas and those that manipulated the corresponding models. I tried to combine both ideas to get something better than both. The tableaux for modal and description logics that I did as single author or with a couple of colleagues revamped the area. Massacci F., "Single Step Tableaux for Modal Logics". Journal of Automated Reasoning, 24(3): 319-364, 2000. In the Handbook of Tableaux Methods (1999) the chapter on modal tableaux by Gorè devotes 30 pages to my CADE paper of the mid 90s (the journal version is the one reported here). In 2014 our works in the area are still cited. My greatest satisfaction is a paper in the volume in memoriam of H. Ganzinger by R. Schmidt and U. Hustadt, the recognized advocates of the scientific competitor of tableaux (translation+resolution). Their paper “First-Order Resolution Methods for Modal Logics” is a survey with 90+ citations. There are only 2 citations for tableaux: the handbook above and one of my papers. I left the field 15 years ago and a citation by a scientific “enemy” to a paper 10 years old is truly “l’honneur des armes”. |
|
![]() ![]() |
Research work |
1.1.1Summary of publications (Data on 2019/Aug)
1.1.1Summary of grants (as PI)
(*) Excluding EIT funding for teaching I&E in security courses 1.1.2Industrial Impact
1.1.1Summary of supervised collaborators
1.1.2Current position of past collaborators
1.1.3Awards of PhD Students
|
|
![]() ![]() |
Memberships in societies and scientific committees |
Member of the AEA, ACM, IEEE, ISACA, Society for Risk Analysis and Chartered engineer. |
|
![]() ![]() |
Awards and honours |
1.1 Scientific Awards.
|
|
![]() ![]() |
Notes |
More information on www.massacci.org |