Leonardo Montecchi

Leonardo Montecchi
Norwegian University of Science and Technology | NTNU · Department of Computer Science

PhD in Computer Science, Systems, and Telecommunications

About

61
Publications
4,186
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
296
Citations
Introduction
Associate Professor at NTNU/IDI. My research revolves around different aspects of the modeling of complex systems. I have extensive experience in quantitative system evaluation using stochastic models (e.g., Stochastic Petri Nets). Currently, my main focus is on applying model-driven engineering techniques to support the development and V&V of systems, with a particular focus on critical systems and infrastructures, and, more broadly, on Systems-of-Systems (SoS) and Cyber-Physical Systems (CPS).
Additional affiliations
June 2017 - December 2021
University of Campinas
Position
  • Assistant Professor
January 2014 - May 2017
University of Florence
Position
  • Research Fellow

Publications

Publications (61)
Article
With the advent of recent technological advances, more demanding tele-immersive applications have started to emerge. In the World Opera application, artists from different opera houses across the globe can participate in a single united performance, and interact almost as if they were co-located. One of the main design challenges in this applicatio...
Conference Paper
Personal information is continuously gathered and processed by modern web applications. Due to regulation laws and to protect the privacy of users, customers, and business partners, such information must be kept private. A recurring problem in constructing web applications and services that protect privacy is the insufficient resources for document...
Article
Full-text available
Dependability and performance analysis of modern systems is facing great challenges: their scale is growing, they are becoming massively distributed, interconnected, and evolving. Such complexity makes model-based assessment a difficult and time-consuming task. For the evaluation of large systems, reusable submodels are typically adopted as an effe...
Conference Paper
Coding conventions are a means to improve the reliability of software systems. They can be established for many reasons, ranging from improving the readability of code to avoiding the introduction of security flaws. However, coding conventions often come in the form of textual documents in natural language, which makes them hard to manage and to en...
Conference Paper
The injection of software faults in source code requires accurate knowledge of the programming language, both to craft faults and to identify injection locations. As such, fault injection and code mutation tools are typically tailored for a specific language and have limited extensibility. In this paper we present a model-driven approach to craft a...
Article
Multi-parameter monitoring systems in Intensive Care Units (ICUs) monitor the clinical condition of critical state patients. These Systems of Systems (SoS) comprise a set of Constituent Systems (CS) to measure parameters such as heart rate, respiratory frequency, and temperature. Due to the critical nature and relevance of ICUs, such SoS shall be a...
Article
Full-text available
Model-based evaluation is extensively used to estimate the performance and reliability of dependable systems. Traditionally, these systems were small and self-contained, and the main challenge for model-based evaluation has been the efficiency of the solution process. Recently, the problem of specifying and maintaining complex models has increasing...
Preprint
We argue that object detectors in the safety critical domain should prioritize detection of objects that are most likely to interfere with the actions of the autonomous actor. Especially, this applies to objects that can impact the actor's safety and reliability. In the context of autonomous driving, we propose new object detection metrics that rew...
Conference Paper
Fault Injection (FI) is a well-known system verification technique, in which faults are artificially introduced into a system, to assess its behavior in exceptional conditions. FI can be applied at different levels, including physical, hardware and software. FI has also been applied at model level, although the amount of work in this direction is l...
Conference Paper
Often, either to expand the target market or to satisfy specific new requirements, software systems inside a company are cloned, refactored, and customized, generating new derived software systems. Although this is a practical solution, it is not effective in the long-term because of the high maintenance costs when maintaining each of these derived...
Conference Paper
Mathematical models are an effective tool for studying the properties of complex systems. Constructing such models is a challenging task that often uses repeated patterns or templates. The Template Models Description Language (TMDL) has been developed to clearly define model templates that are used to generate model instances from the template spec...
Preprint
Full-text available
Model-based evaluation has been extensively used to estimate performance and reliability metrics of computer systems, especially critical systems, for which experimental approaches are not always applicable. A significant challenge is constructing and maintaining the models for large-scale and possibly evolving systems. In a recent work we defined...
Conference Paper
Knowledge-intensive Processes (KiPs) are processes characterized by high levels of unpredictability and dynamism. Their process structure may not be known before their execution. One way to cope with this uncertainty is to defer decisions regarding the process structure until run time. In this paper, we consider the definition of the process struct...
Article
Full-text available
With the expansion of autonomous robotics and its applications (e.g. medical, competition, military), the biggest hurdle in developing mobile robots lies in endowing them with the ability to interact with the environment and to make correct decisions so that their tasks can be executed successfully. However, as the complexity of robotic systems gro...
Article
Full-text available
Because of the substances they process and the conditions of operation, chemical plants are systems prone to the occurrence of undesirable and potentially dangerous events. Major accidents may occur when a triggering event produces a cascading accident that propagates to other units, a scenario known as domino effect. Assessing the probability of e...
Conference Paper
Service Oriented Architecture (SOA) is a common design pattern that allows building applications composed of several services. It promotes features as interoperability, scalability, and software reuse. Services composing a SOA system may evolve and change during runtime, often outside the control of the owner of the application, which makes the ver...
Conference Paper
Full-text available
Cloud services consumers deal with a major challenge in selecting services from several providers. Facilitating these choices has become critical, and an important factor is the service trustworthiness. To be trusted by users, cloud providers should explicitly communicate their capabilities to ensure important functional and non-functional requirem...
Conference Paper
Full-text available
With the expansion of autonomous robotics and its applications (e.g. medical, competition, military), the biggest hurdle in developing mobile robots lies in endowing them with the ability to interact with the environment and to make correct decisions so that their tasks can be executed successfully. However, as the complexity of robotic systems gro...
Conference Paper
Knowledge-intensive processes (KiPs) cannot be fully specified at design time because not all information about the process is available prior to its execution. At runtime, new information emerges reflecting environment changes or unexpected outcomes. The structure of this kind of processes varies from case to case and it is defined step-by-step ba...
Conference Paper
Dynamic features offered by programming languages provide greater flexibility to the programmer (e.g., dynamic constructions of classes and methods) and reduction of duplicate code snippets. However, the unnecessary use of dynamic features may detract from the code in many ways, such as readability, comprehension, and maintainability of software. T...
Conference Paper
CHESS is an open source methodology and toolset for the development of safety-critical systems. More specifically, CHESS is a model-based methodology, which supports the design, dependability analysis, and code generation of critical systems. Despite its rather mature level in terms of technology readiness, systematic guidance needs to be developed...
Article
A dramatic shift in system complexity is occurring, bringing monolithic system designs to be progressively replaced by modular approaches. In the latest years, this trend has been emphasized by the system of systems (SoS) concept, in which a complex system or application is the result of the integration of many independent, autonomous constituent s...
Article
Nowadays, personal information is collected, stored, and managed through web applications and services. Companies are interested in keeping such information private due to regulation laws and privacy concerns of customers. Furthermore, the reputation of a company can be dependent on privacy protection, ie, the more a company protects the privacy of...
Conference Paper
Socio-technical systems are characterized by the interplay of heterogeneous entities i.e., humans, organizations, and technologies. Application domains such as petroleum, e-health, and many others rely on solutions based on safety-critical socio-technical systems. To ensure a safe operation of these interacting heterogeneous entities, multifaceted...
Conference Paper
The shape of Critical Infrastructures (CIs) has changed drastically in recent years, leading them to become interconnected systems with complex interactions. This will be especially true for future power grids, known as “smart grids”. In such complex systems, one of the main challenges consists in understanding the possible impact of failures on th...
Cover Page
Full-text available
Presents the introductory welcome message of the Workshop on Dependability in Evolving Systems (WDES 2016), at LADC 2016 in Cali, Colombia.
Conference Paper
Several formalisms and techniques have been introduced in the literature for the purpose of modeling and evaluation of complex systems. Each of them has its strengths and weaknesses, which also depend on the purpose of the evaluation. In this paper we propose the integration of two different formalisms in a single framework for the modeling, valida...
Conference Paper
Accidents on petroleum installations can have huge consequences, to mitigate the risk, a number of safety barriers are devised. Faults and unexpected events may cause barriers to temporarily deviate from their nominal state. For safety reasons, a work permit process is in place: decision makers accept or reject work permits based on the current sta...
Conference Paper
Agile software development methodologies use an iterative and incremental development in order to handle evolving systems. Consolidated techniques in the field of testing have been applied to these techniques with the main purpose of aiding in the test creation stage. An example is Model-Based Test Driven Development (MBTDD) which joins the concept...
Conference Paper
Software Product Lines engineering is a technique that explores systematic reuse of software artifacts in large scale to implement applications that share a common domain and have some customized features. For improving Product Line Architecture evolution, it is advisable to develop Software Product Lines using a modular structure. This demand can...
Conference Paper
For several years, the vulnerability of Critical Infrastructures (CIs) to cyber-threats has been limited, since they were mostly isolated systems, using proprietary protocols. Nowadays, CIs are increasingly threatened by external attacks: the use of off-the-shelf components is common, they have become interconnected, and sometimes also connected to...
Conference Paper
Safety is a fundamental property for a wide class of systems, which can be assessed through safety analysis. Recent standards, as the ISO26262 for the automotive domain, recommend safety analysis processes to be performed at system, hardware, and software levels. While Failure Modes and Effects Analysis (FMEA) is a well-known technique for safety a...
Conference Paper
Safety analysis is increasingly important for a wide class of systems. In the automotive field, the recent ISO26262 standard foresees safety analysis to be performed at system, hardware, and software levels. Failure Modes and Effects Analysis (FMEA) is an important step in any safety analysis process, and its application at hardware and system leve...
Article
Full-text available
Current ICT infrastructures are characterized by increasing requirements of reliability, security, performance, availability, adaptability. A relevant issue is represented by the scalability of the system with respect to the increasing number of users and applications, thus requiring a careful dimensioning of resources. Furthermore, new security is...
Conference Paper
Dependability and performance analysis of modern systems is facing great challenges: their scale is growing, they are becoming massively distributed, interconnected, and evolving. Such complexity makes model-based assessment a difficult and time-consuming task. For the evaluation of large systems, reusable sub models are typically adopted as an eff...
Article
Session management in distributed Internet services is traditionally based on username and password, explicit logouts and mechanisms of user session expiration using classic timeouts. Emerging biometric solutions allow substituting username and password with biometric data during session establishment, but in such an approach still a single verific...
Conference Paper
Full-text available
Safety analysis is becoming more and more important in a wide class of systems. In the automotive field, the recent ISO26262 foresees safety analysis to be performed at different levels: system, software and hardware. The assessment of architecture with respect to safety is typically better understood at system and HW levels, while an equivalent an...
Conference Paper
Highly distributed, autonomous and self-powered systems operating in harsh, outdoors environments face several threats in terms of dependability, timeliness and security, due to the challenging operating conditions determined by the environment. Despite such difficulties, there is an increasing demand to deploy these systems to support critical ser...
Conference Paper
Recent technological advances have made it possible to design bandwidth demanding distributed interactive multimedia applications such as the World Opera application. In this application artists from different opera houses across the globe, can participate in a single united performance and interact almost as if they were co-located. One of the mai...
Conference Paper
Model-transformation techniques have increasingly gained attention in the design and evaluation of high-integrity systems, with the purpose to provide (semi-)automatic tools for non-functional analysis. Analysis models are automatically derived from an architectural description of the system in a UML-like language. One of the main challenges is des...
Chapter
This chapter provides an overview of the state of knowledge related to stochastic model-based assessment approaches, which are most commonly used for resiliency evaluation of current computing systems. The chapter first introduces a set of representative surveys developed in recent European projects, and then it provides a deeper description of com...
Conference Paper
In this paper we perform a model-based analysis of the Timed Reliable Communication (TRC) protocol, which is being used within the EU funded ALARP project for railway worksite com-munication. TRC is a group communication protocol based on IEEE 802.11 networks, targeting safety-critical applications with limited bandwidth requirements. The paper con...
Conference Paper
Biometric authentication systems verify the identity of users by relying on their distinctive traits, like fingerprint, face, iris, signature, voice, etc. Biometrics is commonly perceived as a strong authentication method; in practice several well-known vulnerabilities exist, and security aspects should be carefully considered, especially when it i...
Poster
Full-text available
Poster on the quantitative security evaluation of a biometric authentication system using the ADVISE formalism. Further details can be found in the related paper at the DESEC4LCCI workshop: L. Montecchi, P. Lollini, A. Bondavalli, E. La Mattina. "Quantitative Security Evaluation of a Multi-biometric Authentication System". In: Workshop on Dependa...
Chapter
Full-text available
Modelling and simulation are well suited approaches to analyze CI, providing useful insights into how components failures might propagate along interconnected infrastructures, possibly leading to cascading or escalating failures, and to quantitatively assess the impact of these failures on the service delivered to users. This chapter focuses on the...
Conference Paper
In the last ten years, Model Driven Engineering (MDE) approaches have been extensively used for the analy- sis of extra-functional properties of complex systems, like safety, dependability, security, predictability, quality of ser- vice. To this purpose, engineering languages (like UML and AADL) have been extended with additional features to model...
Conference Paper
Model-Driven engineering (MDE) aims to elevate models in the engineering process to a central role in the specification, design, integration, validation, and operation of a system. MDE is becoming a widely used approach within the dependability domain: the system, together with its main dependability-related characteristics, is represented by engin...
Technical Report
Full-text available
Model-Driven engineering (MDE) aims to elevate models in the engineering process to a central role in the speciication, design, integration, validation, and operation of a system. MDE is becoming a widely used approach within the dependabil-ity domain: the system, together with its main dependability-related characteristics, is represented by engin...
Conference Paper
Full-text available
In future inhomogeneous, pervasive and highly dynamic networks, end-nodes may often only rely on unreliable and uncertain observations to diagnose hidden network states and decide upon possible remediation actions. Inherent challenges exists to identify good and timely decision strategies to improve resilience of end-node services. In this paper we...
Article
Full-text available
This paper provides a QoS analysis of a dynamic, ubiquitous UMTS network scenario in the automotive context identi_ed in the ongoing EC HIDENETS project. The scenario comprises different types of mobile users, applications, traffic conditions, and outage events reducing the available network resources. Adopting a compositional modeling approach bas...
Conference Paper
Full-text available
This paper provides a QoS analysis of a dynamic, ubiquitous UMTS network scenario in the automotive context identified in the ongoing EC HIDENETS project. The scenario comprises different types of mobile users, applications, traffic conditions, and outage events reducing the available network resources. Adopting a compositional modeling approach ba...
Conference Paper
Full-text available
The ERTMS-ATC system is a distributed system where the Driver Machine Interface (DMI) is a slave unit of the train onboard vital computer (EVC). In this paper we analyze two types of communication protocols for the EVC-DMI interactions, based, respectively, on cyclic and acyclic messages’ exchange. Adopting a modular modeling methodology, we assess...
Technical Report
Full-text available
The ERTMS-ATC system is a distributed system where the Driver Machine Interface (DMI) is a slave unit of the train onboard vital computer (EVC). Consequently, as for the information visualization and the input data acquisition, the data transfer between DMI and EVC must also be safe. A safe communication protocol stack has therefore to be provided...
Technical Report
Full-text available
Current infrastructures are often characterized by a huge complexity in terms of large number of involved components, high system dynamicity, evolvability, and network heterogeneity. In this paper we introduce a modeling approach to analyze a class of dynamic/large-scale systems characterized by a phased behavior. The modeling approach we present i...

Network

Cited By

Projects

Project (1)
Archived project
The objective of AMADEOS is to bring time awareness and evolution into the design of System-of-Systems (SoS), to establish a sound conceptual model, a generic architectural framework and a design methodology, supported by some prototype tools, for the modeling, development and evolution of time-sensitive SoSes with possible emergent behaviors. Special emphasis is placed on evolution, emergence, dependability (e.g. safety, availability) and security, considering embedded devices and the cloud as the execution platform. The concept of evolution will be addressed from two complementary perspectives, considering both long-term evolution and short-term unexpected changes (e.g., failures) in the constituent systems.