Research in this area aims at addressing all security aspects of critical applications, both at the system level (by developing methodologies and developing tools for their design and run-time governance) and device level (by measuring and evaluating the security performance, i.e. the effectiveness of the security mechanisms against real/realistic attacks).

Packet Filtering Optimization in Multiple Firewall Networks

Firewalls are one of the most known and used security countermeasures for networks and distributed systems in general. Usually, they are configured and programmed by taking into account the risks to be addressed, the underlying network topology and the expected traffic load and profile. Unfortunately, the same elements and knowledge may guide attackers to circumvent the firewall protection or, at least, to make it ineffective, for instance by launching (Distributed) Denial of Service (DDOS) attacks. Moreover, a firewall configuration may be optimal with respect to a certain traffic profile, but it may also become a bottleneck if the actual profile changes.
By exploiting the modern and flexible network paradigms such as software defined networking (SDN) and network function virtualization (NFV), research in this area is aimed at developing methodologies for the governance of networks including multiple firewalls, so as to optimize the overall system performance without weakening the security guarantees.

Analysis and Verification of Access Control Policies

Access control policies are main security building elements but, unfortunately, several peculiarities of cyber-physical systems (CPS) prevent the adoption of techniques able to automatically enforce the policies into the protected infrastructures. Differently from other conventional applications such as database management systems (DBMS), in CPS all users’ actions allowed by the real system have to be checked against the (high level) policies, in order to grant they are correctly applied in practice.
Research in this area is aimed at bridging the gap between high level access control policies and their actual implementation, through the development of both models able to describe real systems in all details, and suitable algorithms to extract all possible actions allowed by the systems themselves. Actions are then automatically checked against access control policies and suitable counterexamples are found in order to fix possible mismatches and errors.