The ultimate goal of my research work is the development of techniques for building better software products.

Since software products are among the most complex of the human artifacts, a key challenge is separation of concerns. The solution of different problems is ideally designed, implemented, verified, and maintained separately, possibly by different individuals or teams.
This complexity has to be managed in the descriptions of the features of a system, thus a linguistic support is needed; I studied aspect oriented languages and their weakness in coping with the evolution of a product. I advocated the use of formal techniques as graph grammars and model checking to improve the current situation.
Moreover, the collaboration among designers and developers has also to be supported by powerful tools; I studied novel paradigms for configuration management and collaborative work.

In fact, the pervasiveness of the Internet has brought up another key challenge: the conception of proper abstractions to exploit the power of network computing. I studied and evaluated the performance of peer-to-peer middleware and the support needed to ease mobile computing. The Network has also fostered new ways to share the knowledge needed to build complex systems: while open source communities propose novel paradigms to distribute the value of products, the complexity of the human interactions and the assessment of the quality of products have still to be dealt with.

Software is at the core of most of our daily activities: however, its increasing dynamic and decentralized nature makes the security of our systems an unavoidable but very difficult issue. We all rely on a plethora of products and we should be able to rationally assess the trust they deserve. We need also to build proper countermeasures against malware, i.e., software that has goals contrasting with ours and has often built in order to perform criminal activities; thus, I proposed the use program analysis techniques, both static and dynamic, to detect vulnerabilities that might allow intrusions. An illicit use of software products needs also the development a general knowledge of computer forensics, since the abstraction on which users rely, can be very deceptive when analyzed in a Court.

sw_eng algebraic specifications graph_grammars mobile computing requirements_eng vulnerability assessment virtualization computer forensics extreme programming intrusion detection malware open source sw evolution impact_change_analysis peer-to-peer sw specification artificial intelligence specification inference configuration mgtm web_apps performance evaluation aop e-learning configuration mgmt game_theory expert systems Petri nets information systems risk assessment wireless_sensor_networks trusted computing debug security os cs_education