Publications

2024

Giacomo Zanatta, Pietro Ferrara, Teodors Lisovenko, Luca Negrini, Gianluca Caiazza, Ruffin White: “Sound Static Analysis for Microservices: Utopia? A Preliminary Experience with LiSA”, [DOI] [LINK]

Luca Olivieri, Luca Negrini, Vincenzo Arceri, Badaruddin Chachar, Pietro Ferrara, Agostino Cortesi: “Detection of Phantom Reads in Hyperledger Fabric”, in IEEE Access [DOI] [LINK]

2023

Olliaro, M., Arceri, V., Cortesi, A., Ferrara, P.: “Lifting String Analysis Domains”, in Intelligent Systems Reference Library [DOI] [LINK]

Negrini, L., Ferrara, P., Arceri, V., Cortesi, A.: “LiSA: A Generic Framework for Multilanguage Static Analysis”, in Intelligent Systems Reference Library [DOI] [LINK]

Olivieri, L., Arceri, V., Ferrara, P., Spoto, F., Negrini, L., Tagliaferro, F., Cortesi, A.: “Information Flow Analysis for Detecting Non-Determinism in Blockchain”, in Leibniz International Proceedings in Informatics, LIPIcs [DOI] [LINK]

Calzavara, S., Ferrara, P., Lucchese, C.: “Certifying machine learning models against evasion attacks by program analysis”, in Journal of Computer Security [DOI] [LINK]

2022

Arceri, V., Olliaro, M., Cortesi, A., Ferrara, P.: “Relational String Abstract Domains”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Olivieri, L., Tagliaferro, F., Arceri, V., Ruaro, M., Negrini, L., Cortesi, A., Ferrara, P., Spoto, F., Talin, E.: “Ensuring determinism in blockchain software with GoLiSA: an industrial experience report”, in SOAP 2022 - Proceedings of the 11th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis, co-located with PLDI 2022 [DOI] [LINK]

2021

Negrini, L., Arceri, V., Ferrara, P., Cortesi, A.: “Twinning Automata and Regular Expressions for String Static Analysis”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Ferrara, P., Negrini, L., Arceri, V., Cortesi, A.: “Static analysis for dummies: Experiencing LiSA”, in SOAP 2021 - Proceedings of the 10th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis, co-located with PLDI 2021 [DOI] [LINK]

Ferrara, P., Mandal, A.K., Cortesi, A., Spoto, F.: “Static analysis for discovering IoT vulnerabilities”, in International Journal on Software Tools for Technology Transfer [DOI] [LINK]

Ferrara, P., Olivieri, L., Spoto, F.: “Static Privacy Analysis by Flow Reconstruction of Tainted Data”, in International Journal of Software Engineering and Knowledge Engineering [DOI] [LINK]

Salvia, R., Cortesi, A., Ferrara, P., Spoto, F.: “Intents Analysis of Android Apps for Confidentiality Leakage Detection”, in Advances in Intelligent Systems and Computing [DOI] [LINK]

2020

Negrini, L., Arceri, V., Ferrara, P., Cortesi, A.: “Twinning automata and regular expressions for string static analysis”, in arXiv [DOI] [LINK]

Ferrara, P., Negrini, L.: “SARL: OO Framework Specification for Static Analysis”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Ferrara, P., Cortesi, A., Spoto, F.: “From CIL to Java bytecode: Semantics-based translation for static analysis leveraging”, in Science of Computer Programming [DOI] [LINK]

Mandal, A., Ferrara, P., Khlyebnikov, Y., Cortesi, A., Spoto, F.: “Cross-program taint analysis for IoT systems”, in Proceedings of the ACM Symposium on Applied Computing [DOI] [LINK]

Calzavara, S., Ferrara, P., Lucchese, C.: “Certifying decision trees against evasion attacks by program analysis”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Calzavara, S., Ferrara, P., Lucchese, C.: “Certifying Decision Trees Against Evasion Attacks by Program Analysis”, in arXiv [DOI] [LINK]

Ferrara, P., Olivieri, L., Spoto, F.: “BackFlow: Backward Context-Sensitive Flow Reconstruction of Taint Analysis Results”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

2019

Spoto, F., Burato, E., Ernst, M.D., Ferrara, P., Lovato, A., Macedonio, D., Spiridon, C.: “Static identification of injection attacks in Java”, in ACM Transactions on Programming Languages and Systems [DOI] [LINK]

Mandal, A.K., Panarotto, F., Cortesi, A., Ferrara, P., Spoto, F.: “Static analysis of Android Auto infotainment and on-board diagnostics II apps”, in Software - Practice and Experience [DOI] [LINK]

2018

Mandal, A.K., Cortesi, A., Ferrara, P., Panarotto, F., Spoto, F.: “Vulnerability analysis of android auto infotainment apps”, in 2018 ACM International Conference on Computing Frontiers, CF 2018 - Proceedings [DOI] [LINK]

Ferrara, P., Olivieri, L., Spoto, F.: “Tailoring taint analysis to GDPR”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Panarotto, F., Cortesi, A., Ferrara, P., Mandal, A.K., Spoto, F.: “Static analysis of android apps interaction with automotive CAN”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Salvia, R., Ferrara, P., Spoto, F., Cortesi, A.: “SDLI: Static Detection of Leaks Across Intents”, in Proceedings - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018 [DOI] [LINK]

Cortesi, A., Ferrara, P., Halder, R., Zanioli, M.: “Combining symbolic and numerical domains for information leakage analysis”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Ferrara, P., Cortesi, A., Spoto, F.: “CIL to Java-bytecode translation for static analysis leveraging”, in Proceedings - International Conference on Software Engineering [DOI] [LINK]

2017

Aydin, A., Piorkowski, D., Tripp, O., Ferrara, P., Pistoia, M.: “Visual configuration of mobile privacy policies”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Ferrara, P., Tripp, O., Liu, P., Koskinen, E.: “Using abstract interpretation to correct synchronization faults”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Piorkowski, D., Penney, S., Henley, A.Z., Pistoia, M., Burnett, M., Tripp, O., Ferrara, P.: “Foraging goes mobile: Foraging while debugging on mobile devices”, in Proceedings of IEEE Symposium on Visual Languages and Human-Centric Computing, VL/HCC [DOI] [LINK]

2016

Tripp, O., Pistoia, M., Ferrara, P., Rubin, J.: “Pinpointing mobile malware using code analysis”, in Proceedings - International Conference on Mobile Software Engineering and Systems, MOBILESoft 2016 [DOI] [LINK]

Tsankov, P., Pistoia, M., Tripp, O., Vechev, M., Ferrara, P.: “FASE: Functionality-aware security enforcement”, in ACM International Conference Proceeding Series [DOI] [LINK]

Barbon, G., Cortesi, A., Ferrara, P., Steffinlongo, E.: “DAPA: Degradation-aware privacy analysis of Android apps”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Ferrara, P.: “A generic framework for heap and value analyses of object-oriented programming languages”, in Theoretical Computer Science [DOI] [LINK]

2015

Cortesi, A., Costantini, G., Ferrara, P.: “The abstract domain of Trapezoid Step Functions”, in Computer Languages, Systems and Structures [DOI] [LINK]

Brutschy, L., Ferrara, P., Tripp, O., Pistoia, M.: “ShamDroid: Gracefully degrading functionality in the presence of limited resource access”, in Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications, OOPSLA [DOI] [LINK]

Barbon, G., Cortesi, A., Ferrara, P., Pistoia, M., Tripp, O.: “Privacy analysis of Android apps: Implicit flows and quantitative analysis”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Ferrara, P., Tripp, O., Pistoia, M.: “MORPHDROID: Fine-grained privacy verification”, in ACM International Conference Proceeding Series [DOI] [LINK]

Pistoia, M., Tripp, O., Ferrara, P., Centonze, P.: “Automatic detection, correction, and visualization of security vulnerabilities in mobile apps”, in MobileDeLi 2015 - Proceedings of the 3rd International Workshop on Mobile Development Lifecycle [DOI] [LINK]

Costantini, G., Ferrara, P., Cortesi, A.: “A suite of abstract domains for static analysis of string values”, in Software - Practice and Experience [DOI] [LINK]

2014

Brutschy, L., Ferrara, P., Müller, P.: “TouchGuru: Integrating static analysis with a mobile development environment”, in MobileDeLi 2014 - Proceedings of the 2nd International Workshop on Mobile Development Lifecycle, Part of SPLASH 2014 [DOI] [LINK]

Ferrara, P., Schweizer, D., Brutschy, L.: “TouchCost: Cost analysis of TouchDevelop scripts”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Brutschy, L., Ferrara, P., Müller, P.: “Static analysis for independent app developers”, in Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications, OOPSLA [DOI] [LINK]

Ferrara, P.: “Generic combination of heap and value analyses in abstract interpretation”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

2013

Costantini, G., Ferrara, P., Maggiore, G., Cortesi, A.: “The domain of parametric hypercubes for static analysis of computer games software”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Cortesi, A., Ferrara, P., Chaki, N.: “Static analysis techniques for robotics software verification”, in 2013 44th International Symposium on Robotics, ISR 2013 [DOI] [LINK]

Cortesi, A., Costantini, G., Ferrara, P.: “A survey on product operators in abstract interpretation”, in Electronic Proceedings in Theoretical Computer Science, EPTCS [DOI] [LINK]

Ferrara, P.: “A generic static analyzer for multithreaded Java programs”, in Software - Practice and Experience [DOI] [LINK]

2012

Ferrara, P., Fuchs, R., Juhasz, U.: “TVAL+ : TTTVLA and value analyses together”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Zanioli, M., Ferrara, P., Cortesi, A.: “SAILS: Static analysis of information leakage with sample”, in Proceedings of the ACM Symposium on Applied Computing [DOI] [LINK]

Costantini, G., Ferrara, P., Cortesi, A.: “Linear approximation of continuous systems with trapezoid step functions”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Ferrara, P., Müller, P.: “Automatic inference of access permissions”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

2011

Costantini, G., Ferrara, P., Cortesi, A.: “Static analysis of string values”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

2010

Ferrara, P.: “Static type analysis of pattern matching by abstract interpretation”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

2009

Ferrara, P.: “Checkmate: A generic static analyzer of Java multithreaded programs”, in SEFM 2009 - 7th IEEE International Conference on Software Engineering and Formal Methods [DOI] [LINK]

2008

Ferrara, P.: “Static analysis via abstract interpretation of the happens-before memory model”, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) [DOI] [LINK]

Ferrara, P.: “Static analysis of the determinism of multithreaded programs”, in Proceedings - 6th IEEE International Conference on Software Engineering and Formal Methods, SEFM 2008 [DOI] [LINK]

Ferrara, P., Logozzo, F., Fähndrich, M.: “Safer unsafe code for .net”, in Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications, OOPSLA [DOI] [LINK]