Dependable & Secure Software Systems
I serve as a Professor within the College of Computing and Informatics at UNC Charlotte. My mission is to engineer software systems that remain secure, reliable and trustworthy, even in the face of unpredictable AI evolution.
Short Bio
Prior to joining UNC Charlotte, I was a Professor at the University of Naples Federico II. I am an IEEE Senior Member and an active member of the IFIP WG 10.4 on Dependable Computing and Fault Tolerance. My research focuses on Software Reliability and Security for large-scale infrastructures. I leverage Fault Injection and Failure Analysis to mitigate system degradation. My recent work integrates AI, applying ML for system monitoring and ensuring the trustworthiness of AI-generated code.
I play a leading role in the community, serving on the Steering Committees for the premier conferences in the field: DSN and ISSRE. In a career spanning over two decades, I have mentored more than 15 PhD students and co-authored 200+ papers in top-tier international journals and conferences.
I enjoy working with motivated students on topics at the intersection of dependability, security, and AI-driven software engineering.
Research Interests
Software Reliability & Security
My research adopts a holistic view of Software Reliability and Security as intertwined facets of system dependability. Rather than treating them in isolation, I develop unified methodologies to assess and improve the resilience of critical software systems. My work spans the entire system lifecycle, combining model-based approaches (such as stochastic modeling and Petri nets) for early-stage reliability prediction, with measurement-based techniques (like fault injection and log analysis) for operational security assessment. This integrated approach allows for the quantification of system behavior under both accidental fault conditions and malicious stress scenarios, ensuring robust performance in complex, safety-critical environments.
Software Fault Injection & Failure Analysis
My research addresses the critical challenge of validating system dependability against realistic software defects. In this context, my paper “On fault representativeness of software fault injection” stands out as a seminal contribution. It was among the first studies to propose a methodology that is not only statistically rigorous in ensuring fault representativeness but also efficient and streamlined enough for industrial adoption. This work provided a practical framework for integrating realistic fault injection into standard development lifecycles, effectively bridging the gap between academic validation techniques and industry-grade requirements. I develop advanced data analysis methodologies to extract actionable reliability insights from large-scale system logs, enabling the accurate characterization of failure dynamics and root causes in production environments.
Software Aging and Performance Degradation
I focused on characterizing the gradual deterioration of system resources in long-running software. A cornerstone of this work is the analysis of operating system internals, where I provided empirical evidence that aging phenomena are intrinsic to system runtime states, not just a byproduct of heavy usage. My paper “Software aging analysis of the Linux operating system” was among the first studies to detect and quantify performance degradation trends even in the absence of user workload. This pivotal observation demonstrated that intrinsic background processes and OS jitter contribute significantly to resource exhaustion, laying the groundwork for more accurate rejuvenation strategies that account for idle-time degradation.
AI for Software Dependability
My research investigates the integration of Machine Learning (ML) and Data Mining techniques to enhance software dependability assessment and monitoring. I focus on developing data-driven methodologies for automated anomaly detection and failure prediction in large-scale distributed systems. By applying unsupervised learning to vast amounts of field failure data and system logs, my work aims to identify latent error patterns and improve the accuracy of fault diagnosis beyond the capabilities of traditional rule-based approaches.
Trustworthy AI Code Generation & Code Quality
My research addresses the emerging challenges of Trustworthy AI in software engineering, with a primary focus on the reliability and security of code generated by Large Language Models (LLMs). Through extensive empirical studies on common tools like GitHub Copilot and ChatGPT, I investigate the quality of AI-generated code, specifically quantifying the prevalence of security vulnerabilities and code smells. My work aims to define rigorous validation methodologies and prompt engineering strategies that mitigate the risk of introducing defects into critical software, ensuring that AI-assisted development meets strict industrial dependability standards.
Resiliency of Cloud & HPC Systems
Investigating resiliency issues in massive-scale distributed environments. My work focuses on diagnosing complex failure patterns in Cloud and HPC systems, characterizing error propagation across multi-node architectures, and validating resiliency strategies through rigorous data-driven analysis and stress testing.
Publications
I have co-authored more than 200 publications in international journals and conferences on software reliability engineering, dependable and secure computing. A selected subset is listed below (for the full list, please see my Google Scholar or DBLP profile).
PhD Students
Current PhD Students
- Roberta De Luca — Vulnerability Detection of AI-Generated Code / Security
- Giuseppe De Rosa — Neural Software Fault Injection
- Cristina Improta — Code Quality
Selected Past PhD Students
- Marcello Cinque — Professor at University of Naples, Reliability of RT systems
- Catello Di Martino — General Manager, Nokia Cognitive Digital Mine
Over the past years, I have supervised more than 15 PhD students in the area of dependable and secure software systems.
Interested in a PhD?
If you are passionate about dependable systems, security, and AI-driven software engineering, I welcome inquiries from motivated students who are considering a PhD.
When contacting me, please briefly describe your background and interests.
Teaching
Current Courses (UNCC)
- Introduction to Data Mining (ITCS 3162) — Foundations of data exploration, preprocessing, ML pipelines, clustering, classification, and model evaluation.
- Software Design and Implementation (ITCS 6112) — Modern software engineering principles, software design, patterns, testing, and secure coding practices.
Past Courses (University of Naples Federico II)
- Dependable Systems / Fault Tolerance
- Operating Systems
- Workload Characterization & Performance Evaluation
- Foundations of Computer Engineering
- Software Security for Industrial Systems
For Students
Do difficult things. It’s the only way to grow. Anyone can do what’s easy.
The difficult things are the ones that challenge you, that reveal who you truly are.
Don’t be afraid: jump in, make mistakes, get back up.
Beauty in life is hidden inside the difficult things.
— Roberto Benigni —
Contact
Phone: (704) 687-1912
Computer Science Department,
College of Computing and Informatics,
University of North Carolina at Charlotte