Riccardo Focardi, Professor

Office hours (ricevimento studenti): Tuesday, 10.30-12:30

Coordinator of the PhD programme in Computer Science

Research

• I am a member of the ACADIA research centre. My research activity mainly focuses on the following topics:

  • System and network security

  • Cryptography

  • Security protocols and APIs

  • Secure hardware

  • Web security

  • Formal methods

  • Automated verification tools

• I am one of the co-founders of Cryptosense, a spin-off specialized in the development of security analysis software for the financial, industrial and government sectors.



• I am chair of the IFIP Working Group 1.7 "Theoretical Foundations of Security Analysis and Design".



• I coordinate secgroup@unive. On the group web-site you can find news, discussions and description of recent research.

  
  News and highlights:

  • New attacks on crypto tokens

  • ASA Workshop in Verona with IEEE CSF

  • Convegno Nazionale Cyber Security

  • Got 5th place at UCSB iCTF2013!

  • RSA padding oracle hands-on

  • The “Million Message Attack” in 15,000 Messages

  • Gran: grsecurity analyser

  • ENOWARS 2011 CTF: we got 3rd place!

  • We got third place in UCSB iCTF

  • Attacking and Fixing PKCS#11 Security Tokens

  ... more on the blog

Publications

• Ca' Foscari web site (in Italian)
• Google Scholar
• dblp

Projects

• [2017-2020] I'm the coodinator of local unit of the Project FilieraSicura

Concluded Projects

• [2013-2015] I've been the coodinator of local unit of the national MIUR Project "Security Horizons".

• [2009-1010] I've been the coodinator of the national MIUR Project SOFT - "Software Oriented Formal Techniques". Click here to see the project proposal.

• [2005-2006] I've been part of the Venetian team of the MIUR Project AIDA - Abstract Interpretation: Design and Applications

• [2002-2004] MyThS: Models and Types for Security in Mobile Distributed Systems. FET-Global Computing, IST-2001-32617.

• [2002-2003] I have been the coordinator of the Venetian team of the MIUR project MEtodi FormalI per la Sicurezza e il TempO (MEFISTO)

Journals

• I am in the editorial board of the Journal of Computer Security (JCS), IOS Press.

Recent Events

• ESORICS 2017 (PC member) 22nd European Symposium on Research in Computer SecurityOslo, Norway on September 11-13, 2017.

• HotSpot 2017 (PC member) 5th Workshop on Hot Issues in Security Principles and TrustAffiliated with ETAPS 2017 Uppsala, Sweden. April 23rd, 2017

• ITASEC 2017 (PC chair and General chair) First Italian Conference on Cybersecurity, January 17-20, Venice, Italy

• ESORICS 2016 (PC member) 21st European Symposium on Research in Computer SecurityHeraklion, Greece on September 28-30, 2016.

• POST 2016 (PC member) 5th International Conference on Principles of Security and Trust2-8 April 2016, Eindhoven, The Netherlands.

• HotSpot 2016 (PC member) 4th Workshop on Hot Issues in Security Principles and TrustAffiliated with ETAPS 2016, Eindhoven, The Netherlands April 3rd, 2016.

• ASA8 (Program chair) 8th International Workshop on Analysis of Security APIs. Satellite workshop of IEEE CSF'15. July 13th 2015, Verona, Italy.

• POST'15 (Program co-chair) 4th Conference on Principles of Security and Trust . 11-19 April 2015, London, UK. With ETAPS 2015.

• IEEE CSF'14 (PC member) IEEE Computer Security Foundations Symposium. Vienna, as part of the Vienna Summer of Logic, July 19-22, 2014.

• ESORICS'13 (PC member) European Symposium on Research in Computer Security. Egham U.K. at Royal Holloway, University of London on 9th – 11th September 2013.

• IEEE CSF'13 (PC member) IEEE Computer Security Foundations Symposium.. Tulane University, New Orleans, LA, June 26-28, 2013.

• ACM CCS'12 (PC member) ACM Computer and Communications Security Conference. Oct. 16-18, 2012, Sheraton Raleigh Hotel, Raleigh, NC, USA.

• ESORICS'12 (PC member) European Symposium on Research in Computer Security. September 2012 in Pisa, Italy.

• IEEE CSF'12 (PC member) IEEE Computer Security Foundations Symposium. Harvard University, Cambridge, MA, USA, June 25-27, 2012.

• CISIM'13 (PC member) International Conference on Information Systems and Industrial Management. Krakow 2013, September 25-27.

• CISIM'12 (PC member) International Conference on Information Systems and Industrial Management. Venice, Italy, September 26-28, 2012.

• IEEE CSF'11 (PC member) IEEE Computer Security Foundations Symposium. Domaine de l'Abbaye des Vaux de Cernay, France, June 27-29, 2011.

• TOSCA'11 (PC member) Theory of Security and Applications. Saarbrücken, Germany March 31 and April 1, 2011.

• Other Events

Verification Tools

• Tookan (TOOl for cryptoKi ANalysis) is a tool for the automated analysis of PKCS#11 tokens. Tookan is the predecessor of Cryptosense analyzer (below).

• Cryptosense analyzer is the latest commercial version of our analyser for PKCS#11 devices, fully supported by Cryptosense.

• CryptokiX a patch to opencryptoki with security fixes.

• Grsecurity Analyser a tool for checking security flaws on real Grsecurity policies.

• Mignis a semantic based tool for firewall configuration.

Old, unsupported tools:

• BANANA: a tool for the analysis of information leakage in Mobile Ambient specifications.

• CoPS: a tool to efficiently verify persistent non-interference properties

• PEAR: a tool to statically check authentication protocols

Teaching activity

• [CT0125] Sistemi Operativi - Mod 2

• [CM0228] Security of Computer Systems

  Dall'anno accademico 2002/2003 all'anno accademico 2006/2007

• Sistemi Operativi A

• Sicurezza

  Anni Accademici precedenti

• Laboratorio di Ingegneria del Software

• Sistemi B + Laboratorio

Università Ca' Foscari di Venezia

• Dipartimento di Informatica