Nicola Bena

Home About Publications Theses News

Postdoc

Department of Computer Science

Università degli Studi di Milano

We always look forward to collaborating with motivated students at any level. Our theses typically focus on theoretical and practical aspects of security assurance, certification, risk management, and artificial intelligence. All our theses consist of a theoretical and practical part, this split varies depending on the student (BSc, MSc) and the topic. In addition, the distinction between bachelor and master theses is not sharp (for instance, a BSc thesis can be extended). Prerequisites do not need to be acquired before starting the thesis. If you are interested in one of the following theses, as well as any other theses fitting the aforementioned topics, just contact us by email.

Index

Bachelor Theses

Here is a list of available Bachelor theses. Typically, a BsC thesis emphasizes more the practical aspect of a research topic, but we welcome theoretical-oriented theses as well.
  1. Lightweight Techniques for Poisoning Detection

    One of the threats affecting machine learning (ML) is poisoning, where an attacker alters (poisons) the dataset such that the predictions of the resulting model change. There are several approaches to mitigate this threat, including the detection of poisoned data points, where the dataset is inspected according to some techniques and suspicious data points are flagged. The goal of the thesis is to design and implement novel techniques for poisoning detection. These techniques should balance the quality of the results and performance overhead.

    Expected duration: 3 months
    Prerequisites: Machine Learning
    Status: available
    Other reference persons:
  2. Implementation of an IoT Environment to Simulate Assurance Activities

    The goal of the thesis is to design and implement in a simulated/emulated/virtualized environment a small to medium-scale IoT system. The simulator should be easy configurable and allow the creation of IoT systems resembling as much as possible a real-world IoT system, for instance in terms of type of devices. The resulting systems will be used in the experimental evaluation of novel assurance methodologies.

    Expected duration: 3 months
    Prerequisites: IoT
    Status: available
    Other reference persons:

Master Theses

Here is a list of available Master theses. Typically, a MsC thesis emphasizes more the theoretical aspect of a research topic by proposing novel methodologies and approaches.
  1. Fine-Grained Cost Model for Certification-Ready Systems

    The goal of the thesis is to extend the work in our paper Bridging the Gap Between Certification and Software Development, where we defined a methodology to develop a software that, once realized, exhibits strong quality of non-functional properties, and, in turn, can be certified with low cost. In particular, the thesis should investigate i) the integration of cost models such as COCOMO within our methodology, ii) the refinement of the existing optimization methodology to balance between strength and cost.

    Expected duration: 6 months
    Prerequisites: Mathematical Optimization; Software Engineering
    Status: available
    Other reference persons:
  2. Discovery and Inference of Non-Functional Properties from a Running System

    Existing certification schemes assume the existence of a detailed certification model specifying the certification process in details, namely the non-functional (e.g., confidentiality) property to certify, the target of certification, and the tests to execute to collect evidence that the target of certification supports the non-functional property. As we are moving towards lightweight techniques, this assumption no longer holds. For instance, in highly-dynamic scenarios where system components are composed at run time, not all components are individually certified and drive the composition according to their certificates. The goal of the thesis is to design a methodology where non-functional properties to certify or system components are inferred at run and certification time.

    Expected duration: 6 months
    Status: available
    Other reference persons:
  3. Trust Negotiation in Modern Distributed Systems

    Modern distributed systems are multi-cloud, dynamic, and based on run time composition of heterogeneous (micro and nano)services. It is increasingly important to guarantee non-functional properties of each participating service as well as of the resulting composition to ensure, for instance, Service-Level Agreements (SLAs) and, in general, a trustworthy distributed system. However, existing techniques for trust negotiation and remote attestation needs to be re-designed, accounting for the dynamic and multi-cloud nature of these systems.

    The goal of this thesis is to investigate the problem of trust management in heterogeneous services deployment in multi-cloud environments to ensure the trustworthiness of services compositions on the basis of existing certification techniques. This goal involves:

    1. the enhancement of traditional trust negotiation protocols and indices computation for services and data deployed on different clouds towards smart compositions that rely on certification-based trust negotiation;
    2. an approach based on (security) evaluation and negotiation for composing services according to service level objectives and certifying resulting compositions.

    This thesis is an international collaboration between SESAR Lab and LIRIS-INSA (Lyon, France).

    Expected duration: 6 months
    Prerequisites: Certification; Trust Management; Cloud Computing; Service Life Cycle Management
    Status: available
    Other reference persons: