Fabio Fioravanti

Learn More
In this paper we present a mixed qualitative and quantitative approach for evaluation of information technology (IT) security investments. For this purpose, we model security scenarios by using defense trees, an extension of attack trees with attack countermeasures and we use economic quantitative indexes for computing the defender's return on security(More)
We present VeriMAP, a tool for the verification of C programs based on the transformation of constraint logic programs, also called constrained Horn clauses. VeriMAP makes use of Constraint Logic Programming (CLP) as a metalanguage for representing: (i) the operational semantics of the C language, (ii) the program, and (iii) the property to be verified.(More)
The goal of Bounded-Exhaustive Testing (BET) is the automatic generation of all the test cases satisfying a given invariant, within a given bound. When the input has a complex structure, the development of correct and efficient generators becomes a very challenging task. In this paper we use Constraint Logic Programming (CLP) to systematically develop(More)
We propose a set of transformation rules for constraint logic programs with negation. We assume that every program is locally stratified and, thus, it has a unique perfect model. We give sufficient conditions which ensure that the proposed set of transformation rules preserves the perfect model of the programs. Our rules extend in some respects the rules(More)
In this paper we present a qualitative approach for the selection of security countermeasures able to protect an IT system from attacks. For this purpose, we model security scenarios by using defense trees (an extension of attack trees) and preferences over countermeasure using Conditional Preference networks (CP-nets for short). In particular, we introduce(More)
We present a method for verifying the correctness of imperative programs which is based on the automated transformation of their specifications. Given a program prog, we consider a partial correctness specification of the form {φ} prog {ψ}, where the assertions φ and ψ are predicates defined by a set Spec of possibly recursive Horn clauses with linear(More)
The DPACS project (Data and Picture Archiving and Communication System) was undertaken at the University of Trieste by the Institute of Radiology and the DEEI (Dipartimento di Elettrotecnica, Elettronica ed Informatica), in collaboration with the CRSTBS (Centro Ricerche e Studi Tecnologie Biomediche Sanitarie) of the Area Science Park and the Azienda(More)