Research Projects


SEcurity and RIghts In the CyberSpace

We aim to design and develop innovative solutions to identify and manage information disorder threats that come alive through fake news and deep fake spreading. These malicious actions, leveraging people’s cognitive bias, generate citizens’ disapproval and media and institutions untrust. The project will utilize a multidisciplinary approach leveraging open source automation achieved through Intelligence Analysis, recent advancements in Artificial Intelligence, and knowledge from political and geopolitical sciences..

More info here.

Principal Investigator: Rocco De Nicola

IT Matters

Methods and Tools for Trustworthy Smart Systems

The goal of IT-Matters is the development and the experimentation of a novel methodology for the specification, implementation and validation of trustworthy smart systems based on formal methods. We envisage system development in three steps by first providing and analysing system models to find design errors, then moving from models to executable code by translation into domain-specific programming languages and, finally, monitoring runtime execution to detect anomalous behaviours and to support systems in taking context-dependent decisions autonomously.

More info:

Principal Investigator: Rocco De Nicola


AM∀DEUS: Automatic Modelling and verificAtion of Dedicated sEcUrity deviceS

The AM∀DEUS project aims to define a specification and verification methodology for Dedicated Security Devices, which allows developers to obtain a formal model directly from the device implementation semi-automatically and then verify that security properties of interest are met. 

The project develops around three main research objectives.  The first aims to provide a threat model for dedicated security devices, formalizing a class of attackers and identifying the security properties of interest to them. The second objective aims to provide black-box, bottom-up approaches to automatically build formal models from device implementations relying on model learning techniques. The third objective aims to provide scalable and automatic verification techniques to discover security vulnerabilities or prove the security of the modeled devices.

Local Principal Investigator: Letterio Galletta


Methods and Designing Spatially Distributed Cyber-Physical Systems under Uncertainty for Trustworthy Smart Systems

Model-based engineering (MBE) of cyberphysical systems (CPS) is challenging due to some specific features of these systems: they act in an open physical space environment, which is subject to unpredictable changes. Hence, approaches to MBE of CPS have to explicitly take into account the uncertainty and the spatial structure of the environment in which they act.

SEDUCE proposes a framework in this direction, dealing with spatially distributed CPS in an uncertain environment. The framework will allow engineers to describe the system and the requirements with a high-level, UML like specification language, which will be automatically converted in a domain specific language from which a formal executable model of the system and a formalization of requirements will be extracted.

Principal Investigator: Mirco Tribastone

Cyber Range

Cyber Ranges are virtual environments that replicate real infrastructures for security testing and training purposes.

This project, funded by Regione Toscana, aims at creating a Cyber Range for the regional, industrial ecosystem.

Training scenarios will be hosted in the Cyber Range and provided to the community through a federation mechanism.

Principal Investigator: Gabriele Costa

Network Security for Critical Infrastructures

This project's objective is to analyse vulnerabilities and their impact on the security of critical infrastructure control networks.  

The proposed security analysis follows the highest cybersecurity standards and industry guidelines, proposing innovative management of the cybersecurity process where necessary.

Emulation tools, i.e. cyber range, are used to analyse specific network vulnerabilities and the effectiveness of specific protocols in mitigating cyber attacks. 

Project duration: 3 years.

Principal Investigator: Simone Soderi


Tools for Fighting Fakes

TOFFEE is an internal project, funded by IMT School For Advanced Studies under the PAI (Progetto di Attività Integrate, Integrated Activity Project) program.

The ambition of TOFFEe is to overcome important limitations of existing social platforms, which often dedicate little attention to trustworthy interaction among peers and to reliability of information. The aim of the project is to increase people’s confidence on the data they get and about who they follow, while minimizing the risk of false information and malicious actions.

More info:

Principal Investigator: Rocco De Nicola


Methods and Tools for Trustworthy Smart Systems

VeriOSS is an internal project, funded by IMT School For Advanced Studies under the PAI (Progetto di Attività Integrate, Integrated Activity Project) junior program.

Mission: Imagine a novel solution for a fair, reliable and efficient market where ethical hackers can disclose OSS vulnerabilities.

Impact: VeriOSS will develop a smart contract-based platform for bug disclosure and reward payment.

Vision: Offer a fair trade support to boost bug bounty programs and their effectiveness.

Principal Investigator: Gabriele Costa


Mission: Re-imagining the way cybersecurity research, innovation, and training are performed in Europe across domains and expertise, from foundations to applications, in academia and industry.

Impact: SPARTA will create a long-lasting community capable of collaboration to define, develop, share, and evolve solutions that will help practitioners prevent cybercrime and enhance cybersecurity.

Vision: Become a unique innovation force in cybersecurity with transformative impacts on European Union economy, infrastructures, society and democracy.

More info:

Principal Investigators: Gabriele Costa and Rocco De Nicola