Kolloquium WiSe 2016-17
Prof. Dr. Riccardo Scandariato
Associate Professor, University of Gothenburg
When: 16.01.2017, 17:15
Where: Room D-125
Security and privacy threat analysis: lessons learned and future directions
Threat analysis is the cornerstone of security-by-design and privacy-by-design approaches for building more secure and privacy-friendly software systems. Threat analysis provides the means to assess a design model (e.g., a software architecture) and identify potential flaws early on in the software development life-cycle. This talk will overview a series of empirical studies that investigated the performance of state-of-the-practice threat analysis techniques. We will introduce the setup used for the empirical evaluation, present the observed results and discuss the limitations of the existing techniques. Moving forward, the talk will outline our present research directions in the field of threat analysis, with particular focus on a) improving the efficiency of said techniques and b) supporting automated analysis and refactoring.
Prof. Riccardo Scandariato received his PhD in Computer Science in 2004 from Politecnico di Torino, Italy. After several years at KU Leuven in Belgium, in 2014 he moved to Sweden and joined the department of Computer Science and Engineering at the University of Gothenburg.
Prof. Scandariato's main research interests are in the area of secure software engineering, with a particular focus on (i) privacy&security by design and (ii) empirical methods for security. He has published over 65 papers in the area of security and software engineering and regularly participates to the Program Committees of several top-rated conferences in the area of security and software engineering. He is also a passionate teacher and the coordinator of the Master programs in Software Engineering at the University of Gothenburg and the Chalmers University of Technology.
Prof. Matthias Riebisch, SWK