Riccardo Sisto

Riccardo Sisto
Politecnico di Torino | polito · DAUIN - Department of Control and Computer Engineering

PhD in Computer and System Engineering

About

137
Publications
23,431
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,790
Citations
Citations since 2017
28 Research Items
519 Citations
2017201820192020202120222023020406080100120
2017201820192020202120222023020406080100120
2017201820192020202120222023020406080100120
2017201820192020202120222023020406080100120
Introduction
My current research interests are mainly in the area of formal methods, applied to communication protocols and virtualized networks, with a special focus on computer security issues. More information about me and my research is available from my home page at href="http://staff.polito.it/riccardo.sisto/" Several full texts of my papers are available from http://porto.polito.it/view/creators/Sisto=3ARiccardo=3A001943=3A.html

Publications

Publications (137)
Article
The pervasiveness of Internet of Things (IoT) has made the management of computer networks more troublesome. The softwarized control provided by Software-Defined Networking (SDN) is not sufficient to overcome the problems raising in this context. An increasing number of attacks can, in fact, occur in SDN-aware IoT networks if the security configura...
Article
Full-text available
The configuration of security functions in computer networks is still typically performed manually, which likely leads to security breaches and long re-configuration times. This problem is exacerbated for modern networks based on network virtualization, because their complexity and dynamics make a correct manual configuration practically unfeasible...
Article
Network Function Virtualization (NFV) and Software Defined Networking (SDN) are new emerging paradigms that changed the rules of networking, shifting the focus on dynamicity and programmability. In this new scenario, a very important and challenging task is to detect anomalies in the data plane, especially with the aid of suitable automated softwar...
Article
Although high-speed in-vehicle networks are being increasingly adopted by the industry to support emerging use cases, previous research already demonstrated that car hacking is a real threat. This paper formalizes a novel framework proposed to provide improved security to the emerging SOME/IP middleware, without introducing at the same time limitat...
Article
Full-text available
The Alternate-Marking method, as presented in RFC 8321, can only be applied to point-to-point flows, because it assumes that all the packets of the flow measured on one node are measured again by a single second node. This document generalizes and expands this methodology to measure any kind of unicast flow whose packets can follow several differen...
Article
The increased flexibility and inter-connectivity of modern industrial communication networks, obtained through the use of innovative technologies like Network Function Virtualization (NFV) and Software Defined Networking (SDN), requires a secure and manageable framework to support the new communication and computing needs. To focus on these require...
Article
With every generation, vehicles are becoming smarter and more oriented toward information and communications technology (ICT). However, computerization is posing unforeseen challenges in a sector for which the first goal must be safety: car hacking has been shown to be a real threat. This article presents a novel mechanism to provide improved secur...
Conference Paper
Although vehicle platooning promises to improve transportation efficiency and safety by leveraging communication between convoy members, preliminary results in previous work suggest that cyber-attacks could deceive many Cooperative Adaptive Cruise Control algorithms, hence endangering the safety of every participant. This paper deeply analyzes the...
Article
Traffic monitoring is essential to manage large networks and validate Service Level Agreements. Passive monitoring is particularly valuable to promptly identify transient fault episodes and react in a timely manner. This article proposes a novel, non-invasive and flexible method to passively monitor large backbone networks. By using only packet cou...
Article
Full-text available
In order to achieve the highest safety integrity levels, ISO26262 recommends the use of formal methods for various verification activities, throughout the lifecycle of safety-related embedded systems for road vehicles. Since formal methods are known to be difficult to use, one of the main challenges raised by these ISO26262 requirements is to find...
Article
One of the proposed management strategies for SDN networks is to specify traffic forwarding through policies, where each policy rule identifies a traffic flow and its traversed service chains. While network operators need to check network configurations as soon as possible, the SDN verification literature focuses on checking policy correctness duri...
Article
Full-text available
span lang="EN-US">Network Function Virtualization (NFV) architectures are emerging to increase networks flexibility. However, this renewed scenario poses new challenges, because virtualized networks, need to be carefully verified before being actually deployed in production environments in order to preserve network coherency (e.g., absence of forwa...
Conference Paper
Performance measurement in terms of packet loss, delay, and jitter is key in modern packet switched networks. These values give a clear indication of the quality of service (QoS) perceived by users, thus being helpful to service providers to properly support, in particular, real-time communications such as voice and video conferences. This paper ad...
Article
Full-text available
Network virtualization and softwarization will serve as a new way to implement new services, increases network functionality and flexibility. However, increasing complexity of the services and the management of very large scale environments drastically complicates detecting alerts and configuration errors of the network components. Nowadays, miscon...
Article
Full-text available
Network function virtualization has enabled data center providers to offer new service provisioning models. Through the use of data center management software (cloud managers), providers allow their tenants to customize their virtual network infrastructure, enabling them to create a network topology that includes network functions (e.g., routers, f...
Article
Designing and coding security protocols is an error prone task. Several flaws are found in protocol implementations and specifications every year. Formal methods can alleviate this problem by backing implementations with rigorous proofs about their behavior. However, formally-based development typically requires domain specific knowledge available...
Article
Thanks to the increasing success of virtualization technologies and processing capabilities of computing devices, the deployment of virtual network functions is evolving towards a unified approach aiming at concentrating a huge amount of such functions within a limited number of commodity servers. To keep pace with this trend, a key issue to addres...
Article
Network security is a crucial aspect for administrators due to increasing network size and number of functions and controls (e.g. firewall, DPI, parental control). Errors in configuring security controls may result in serious security breaches and vulnerabilities (e.g. blocking legitimate traffic or permitting unwanted traffic) that must be absolut...
Article
Full-text available
This report presents the results of the UNIFY Service Provider (SP)-DevOps activities. First, we present the final definition and assessment of the concept. SP-DevOps is realized by a combination of various functional components facilitating integrated service verification, efficient and programmable observability, and automated troubleshooting pro...
Article
Long Term Evolution (LTE) is the most recent standard in mobile communications, introduced by 3rd Generation Partnership Project (3GPP). Most of the works in literature about LTE security analyze authentication procedures, while handover procedures are far less considered. This paper focuses on the procedures that are activated when a mobile device...
Article
Full-text available
This report provides an understanding of how the UNIFY Service Provider (SP)-DevOps concept can be applied and integrated with a combined cloud and transport network NFV architecture. Specifically, the report contains technical descriptions of a set of novel SP-DevOps tools and support functions that facilitate observability, troubleshooting, verif...
Article
Full-text available
This report presents a first sketch of the Service Provider DevOps concept including four major management processes to support the roles of both service and VNF developers as well as the operator in a more agile manner. The sketch is based on lessons learned from a study of management and operational practices in the industry and recent related wo...
Conference Paper
Wireless in shop-floors is a bet: it outlines the possibility of making automation more flexible and to simplify plant reconfiguration. However, the specific context subtends several challenging requirements, which the available off-the-shelf solutions are not 100%-ready to cope with. By the way, the potential benefits of wireless for automation ar...
Conference Paper
Full-text available
The role of software and its flexibility is becoming more and more important in todays networks. New emerging paradigms, such as Software Defined Networking (SDN) and Network Function Virtualization (NFV), are changing the rules of the game, shifting the focus on dynamicity and programmability. Perfectly aligned with this new spirit, the FP7 UNIFY...
Conference Paper
The complexity of network topology together with heterogeneity of network services make the network configuration a hard task, even for skilled and experienced administrators. In order to reduce the complexity of the network configuration, administrators have leveraged network policies, introducing hence new possibility of error. Indeed, erroneous...
Article
Full-text available
Finite state automata (FSA) are used by many network processing applications to match complex sets of regular expressions in network packets. In order to make FSA-based matching possible even at the ever-increasing speed of modern networks, multi-striding has been introduced. This technique increases input parallelism by transforming the classical...
Conference Paper
Content Centric Networking (CCN) has introduced new concepts and ideas in the next generation routing protocols research area, proposing an alternative approach to the well known and consolidated TCP/IP protocol suite. CCN envisions a network of smart caching devices that not only transport bits from one place to another but also support the networ...
Article
Full-text available
Navigation Devices (NDs), which are common tools for getting driving assistance, are increasingly integrating local information (e.g., maps, user position) with remote data such as real-time traffic information. However, the ND of a given manufacturer is hardly capable to access data provided by a different service provider, as current systems are...
Article
Content-Centric Networking (CCN) represents an established candidate for the future Internet, proposing a routing architecture designed to elevate content to first class entity. Starting from the fact that the network usage has dramatically evolved towards content retrieval, CCN relies on an on-demand pull based mechanism to transfer data from the...
Article
Cloud Management Systems (CMS) such as Open Stack are commonly used to manage IT resources such as computing and storage in large data enters. Recently, CMS are starting to offer customers also the possibility to customize their network infrastructure, allowing each tenant to build his virtual network made of elementary blocks such as traffic monit...
Conference Paper
Full-text available
In-network function chaining often involves the deployment of multiple applications into a single, possibly multi-tenant, middlebox. This approach has gained much interest since new network paradigms, such as Software Defined Networking (SDN) and Network Function Virtualization (NFV), have been proposed to virtualize resources as well as network fu...
Conference Paper
In the past, formal verification of security properties of distributed applications has been mostly targeted to security protocols and generic security properties, like confidentiality and authenticity. At ESSOS 2010, Moebius et. al. presented an approach for developing Java applications with formally verified application-specific security properti...
Article
When using formal methods, security protocols are usually modeled at a high level of abstraction. In particular, data encoding and decoding transformations are often abstracted away. However, if no assumptions at all are made on the behavior of such transformations, they could trivially lead to security faults, for example leaking secrets or breaki...
Article
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implem...
Article
This paper presents JavaSPI, a “model-driven” development framework that allows the user to reliably develop security protocol implementations in Java, starting from abstract models that can be verified formally. The main novelty of this approach stands in the use of Java as both a modeling language and the implementation language. The JavaSPI fram...
Conference Paper
Full-text available
Content Centric Networking represents a paradigm shift in the evolution and definition of modern network protocols. Many research efforts have been made with the purpose of proving the feasibility and the scalability of this proposal. Our main contribution is to provide an analysis of the Pending Interest Table memory requirements in real deploymen...
Conference Paper
The increasing interest for the cloud computing paradigm is leading several different applications and services moving to the “cloud”. Those range from general storage and computing services to document management systems and office applications. A new challenge is the migration to the cloud of interactive 3D applications, especially those designed...
Chapter
This paper presents JavaSPI, a “model-driven” development framework that allows the user to reliably develop security protocol implementations in Java, starting from abstract models that can be verified formally. The main novelty of this approach stands in the use of Java as both a modeling language and the implementation language. The JavaSPI fram...
Conference Paper
A novel visual model-driven approach to security protocol design, verification, and implementation is presented in this paper. User-friendly graphical models are combined with rigorous formal methods to enable protocol verification and sound automatic code generation. Domain-specific abstractions keep the graphical models simple, yet powerful enoug...
Conference Paper
Full-text available
GNSS-assisted vehicle navigation services are nowadays very common in most of the developed countries. However, most of those services are either delivered through proprietary technologies, or fall short in flexibility because of the limited capability to couple road information with real-time traffic information. This paper presents the motivation...
Conference Paper
Full-text available
Multistride automata speed up input matching because each multistriding transformation halves the size of the input string, leading to a potential 2× speedup. However, up to now little effort has been spent in optimizing the building process of multistride automata, with the result that current algorithms cannot be applied to real-life, large autom...
Article
This paper presents an experiment in which an implementation of the client side of the SSH Transport Layer Protocol (SSH-TLP) was semi-automatically derived according to a model-driven development paradigm that leverages formal methods in order to obtain high correctness assurance. The approach used in the experiment starts with the formalization o...
Chapter
Designing and implementing security protocols are known to be error-prone tasks. Recent research progress in the field of formal methods applied to security protocols has enabled the use of these techniques in practice. The objective of this chapter is to give a circumstantial account of the state-of-the-art reached in this field, showing how forma...
Conference Paper
Full-text available
This paper presents JavaSPI, a "model-driven" development framework that allows the user to reliably develop security protocol implementations in Java, starting from abstract models that can be verified formally. The main novelty of this approach stands in the use of Java as both a modeling language and the implementation language. By using the SSL...
Article
During last years, the importance of safety aspects in industry has significantly increased. System engineering modeling language SysML is widely used in order to manage increasing complexity of embedded systems. Being just a modeling language, SysML does not provide integrated means of verification and validation for its models. Therefore, additio...
Article
As fieldbus networks are becoming accessible from the Internet, security mechanisms to grant access only to autho- rized users and to protect data are becoming essential. This paper proposesaformallybasedapproachtotheanalysisofsuchsystems, both at the security protocols level and at the system architecture level. This multilevel analysis allows the...
Article
Full-text available
We propose a stateless packet filtering technique based on finite-state automata (FSA). FSAs provide a comprehensive framework with well-defined composition operations that enable the generation of stateless filters from high-level specifications and their compilation into efficient executable code without resorting to various opportunistic optimiz...
Article
Designing and implementing security protocols are known to be error-prone tasks. Recent research progress in the field of formal methods applied to security protocols has enabled the use of these techniques in practice. The objective of this chapter is to give a circumstantial account of the state-of-the-art reached in this field, showing how forma...
Article
Full-text available
This paper presents iNFAnt, a parallel engine for regular expression pattern matching. In contrast with traditional approaches, iNFAnt adopts non-deterministic automata, allowing the compilation of very large and complex rule sets that are otherwise hard to treat. iNFAnt is explicitly designed and developed to run on graphical processing units that...
Article
Spi Calculus is an untyped high level modeling language for security protocols, used for formal protocols specification and verification. In this paper, a type system for the Spi Calculus and a translation function are formally defined, in order to formalize the refinement of a Spi Calculus specification into a Java implementation. The Java impleme...
Article
Full-text available
Safety in the automotive domain is becoming more and more important with the ever increasing level of complexity in emerging technologies built-in into the cars. As a stimulus for industry to refine its safety measures related to electrical, electronic and software systems in the cars, the ISO 26262 standard has been recently introduced. Developing...
Conference Paper
We report on our experience with the formal verification of CalRoc2003, the software that controls the scientific payload for the SCORE coronographic experiment. Our target was using the state-of-the-art SPIN model checker for spotting concurrency problems that could have gone undetected in the traditional testing phase. Some challenges had to be f...
Article
The tools for cryptographic protocols analysis based on state exploration are designed to be completely automatic and should carry out their job with a reasonable amount of computing and storage resources, even when run by users having a limited amount of expertise in the field. This paper compares four tools of this kind to highlight their feature...
Article
In modern factories, personal computers are starting to replace traditional programmable logic controllers, due to cost and flexibility reasons, and also because their operating systems now support programming environments even suitable for demanding real-time applications. These characteristics, as well as the ready availability of many software p...
Conference Paper
Spi Calculus is an untyped high level modeling language for security protocols, used for formal protocols specification and verification. In this paper, a type system for the Spi Calculus and a translation function are formally defined, inorder to formalize the refinement of a Spi Calculus specification into a Java implementation. Since the generat...
Conference Paper
When using formal methods, security protocols are usually modeled with a high level of abstraction. In particular, encryption is assumed to be perfect and cryptographic algorithms and their parameters are often abstracted away. This paper states a set of constraints under which, if an abstract protocol model is secure, then a refined model, which t...
Conference Paper
In order to perform a successful attack on a network, an intruder must know various penetration techniques, also known as exploits. In general, an exploit can be successful only if some pre-conditions are true. Such conditions may involve the presence of vulnerable programs and/or specific software configurations, as well as certain attacker privil...
Article
This paper addresses the problem of representing the intruder’s knowledge in the formal verification of cryptographic protocols, whose main challenges are to represent the intruder’s knowledge efficiently and without artificial limitations on the structure and size of messages. The new knowledge representation strategy proposed in this paper achiev...
Conference Paper
Full-text available
In formal methods, security protocols are usually modeled with a high level of abstraction. In particular, marshalling/unmarshalling operations on transmitted messages are generally abstracted away. However, in real applications, errors in this protocol component could be exploited to break protocol security. In order to solve this issue, this pape...
Conference Paper
Full-text available
This paper describes the design and implementation of a lightweight static security analyzer that exploits the compilation process of the gcc compiler. The tool is aimed at giving to programmers useful and precise hints for improving the security of the developed software, while also detecting format string vulnerabilities, buffer overflows, and su...
Conference Paper
Full-text available
Spi2Java is a tool that enables semi-automatic generation of cryptographic protocol implementations, starting from verified formal models. This paper shows how the last version of spi2Java has been enhanced in order to enable interoperability of the generated implementations. The new features that have been added to spi2Java are reported here. A ca...
Conference Paper
The tools for cryptographic protocols analysis based on state exploration are designed to be completely automatic and should carry out their job with a limited amount of computing and storage resources, even when run by users having a limited amount of expertise in the field. This paper compares four tools of this kind to highlight their features a...
Conference Paper
On large and complex distributed systems hardware and software faults, as well as vulnerabilities, exhibit significant dependencies and interrelationships. Being able to assess their actual impact on the overall system dependability is especially important. The goal of this paper is to propose a unifying way of describing a complex hardware and sof...
Article
Computer networks are exposed to serious security threats that can even have catastrophic consequences from both the points of view of economy and safety if such networks control critical infrastructures, such as for example industrial plants. Security must then be considered as a fundamental issue starting from the earlier phases of the design of...
Article
Grading programming assignments of courses on distributed programming can greatly benefit from extensive testing, especially if quality aspects such as portability, robustness, security, and performance have to be evaluated. This paper presents a framework that was developed at the Turin Polytechnic, Turin, Italy, to enable seamless and fast implem...
Article
Testing equivalence is a quite powerful way of expressing security properties of cryptographic protocols, but its formal verification is a difficult task, because it is based on universal quantification over contexts. A technique based on state exploration to address this verification problem has previously been presented; it relies on an Environme...
Conference Paper
Many of the bugs in distributed software modules are security vulnerabilities, the most common and also the most exploited of which are buffer overflows and they typically arise in programs written in the C language. This paper, focusing on static analysis tools for detecting buffer overflows in C programs, presents a methodology for experimentally...
Article
Full-text available
It is well known that the design and development of complex distributed systems, such as those used in mod-ern factory automation and process control environments, can obtain significant benefits from the adoption of formal methods during the specification and verification phases. The importance of using formal techniques for verifying the design c...
Conference Paper
Recently, a new verification tool for cryptographic protocols called S3A (Spi Calculus Specifications Symbolic Analyzer) has been developed, which is based on exhaustive state space exploration and symbolic data representation, and overcomes most of the limitations of previously available tools. In this paper we present some insights on the abilit...
Article
The paper shows how secure telecommunication services supporting user and terminal mobility and service personalization can be designed using the SCARAB architecture, developed within the EU ACTS SCARAB project. The most important aspects of this architecture are the combined use of smart cards and mobile code technologies to solve the mobility and...