You can also find my publications on Google Scholar, ORCID, and Scopus.

2026

Boldini, G., Negrini, L., Olivieri, L., Ferrara, P.: “A Modular Framework for Stack-Heap and Value Abstractions”, in Proceedings of the 33rd Static Analysis Symposium (SAS 2026) — to appear

Caiazza, G., Ferrara, P., Lisovenko, T., Biondo, M., Tosato, D.: “CoreTrust: Ensuring Data Quality at the Edge”, in Proceedings of the 20th European Conference on Software Architecture (ECSA 2026) — to appear

Arceri, V., Negrini, L., Zanatta, G., Bianchi, F., Lisovenko, T., Olivieri, L., Ferrara, P.: “JLiSA: The Java Frontend of the Library for Static Analysis (Competition Contribution)”, in Proceedings of the 32nd International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2026) [DOI]

2025

Olivieri, L., Beste, D., Negrini, L., Schönherr, L., Cinà, A.E., Ferrara, P.: “Code Generation of Smart Contracts with LLMs: A Case Study on Hyperledger Fabric”, in Proceedings of the 36th IEEE International Symposium on Software Reliability Engineering (ISSRE 2025) [DOI]

Olivieri, L., Pasetto, L., Negrini, L., Ferrara, P.: “An Overview of Termination in the Ethereum Blockchain”, in Proceedings of the 4th EAI International Conference on Blockchain Technology and Emerging Applications (BlockTEA 2025) [DOI]

Caiazza, G., Lisovenko, T., Ferrara, P., Berti, F., Ferrari, F., Zaupa, A., Zhang, G.: “From Legacy to Intelligent IIoT Systems: Automation, Scalability and Elasticity”, in Proceedings of the IEEE 22nd International Conference on Software Architecture (ICSA 2025) [DOI]

Olivieri, L., Negrini, L., Arceri, V., Ferrara, P., Cortesi, A.: “Detection of Read-Write Issues in Hyperledger Fabric Smart Contracts”, in Proceedings of the 40th ACM Symposium on Applied Computing (SAC 2025, track on Decentralized Applications) [DOI]

Olivieri, L., Negrini, L., Arceri, V., Ferrara, P., Cortesi, A., Spoto, F.: “Static Detection of Untrusted Cross-Contract Invocations in Go Smart Contracts”, in Proceedings of the 40th ACM Symposium on Applied Computing (SAC 2025, track on Decentralized Applications) [DOI]

Chachar, B., Cavazza, M., Bracciali, A., Ferrara, P., Cortesi, A.: “Finding Vulnerabilities in Solidity Smart Contracts with In-Context Learning”, in Proceedings of the Joint National Conference on Cybersecurity (ITASEC & SERICS 2025)

2024

Zanatta, G., Caiazza, G., Ferrara, P., Negrini, L., White, R.: “Automating ROS2 Security Policies Extraction through Static Analysis”, in Proceedings of the IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS 2024) — finalist for the Best Safety, Security, and Rescue Robotics paper award [DOI]

Zanatta, G., Caiazza, G., Ferrara, P., Negrini, L.: “Inference of Access Policies through Static Analysis”, in International Journal on Software Tools for Technology Transfer [DOI]

Olivieri, L., Arceri, V., Chachar, B., Negrini, L., Tagliaferro, F., Spoto, F., Ferrara, P., Cortesi, A.: “General-Purpose Languages for Blockchain Smart Contracts Development: A Comprehensive Study”, in IEEE Access [DOI]

Olivieri, L., Negrini, L., Arceri, V., Chachar, B., Ferrara, P., Cortesi, A.: “Detection of Phantom Reads in Hyperledger Fabric”, in IEEE Access [DOI] [LINK]

Negrini, L., Arceri, V., Cortesi, A., Ferrara, P.: “Tarsis: An effective automata-based abstract domain for string analysis”, in Journal of Software: Evolution and Process [DOI]

Ferrara, P., Arceri, V., Cortesi, A.: “Challenges of software verification: the past, the present, the future”, in International Journal on Software Tools for Technology Transfer [DOI]

Ferrara, P., Hadarean, L.: “State of the art in program analysis”, in International Journal on Software Tools for Technology Transfer [DOI]

Arceri, V., Negrini, L., Olivieri, L., Ferrara, P.: “Challenges of software verification”, in International Journal on Software Tools for Technology Transfer [DOI]

Negrini, L., Presotto, S., Ferrara, P., Zaffanella, E., Cortesi, A.: “Stability: an abstract domain for the trend of variation of numerical variables”, in Proceedings of the ACM SIGPLAN International Workshop on Numerical and Symbolic Abstract Domains (NSAD 2024) [DOI]

Zanatta, G., Ferrara, P., Lisovenko, T., Negrini, L., Caiazza, G., White, R.: “Sound Static Analysis for Microservices: Utopia? A preliminary experience with LiSA”, in Proceedings of Formal Techniques for Java-like Programs (FTfJP 2024) [DOI]

Negrini, L., Arceri, V., Olivieri, L., Cortesi, A., Ferrara, P.: “Teaching through Practice: Advanced Static Analysis with LiSA”, in Proceedings of the Formal Methods Teaching Workshop (FMTea 2024) [DOI]

Olivieri, L., Pasetto, L., Negrini, L., Ferrara, P.: “European Union Data Act and Blockchain Technology: Challenges and New Directions”, in Proceedings of the 6th Distributed Ledger Technologies Workshop (DLT 2024)

2023

Olliaro, M., Arceri, V., Cortesi, A., Ferrara, P.: “Lifting String Analysis Domains”, in Intelligent Systems Reference Library [DOI] [LINK]

Negrini, L., Ferrara, P., Arceri, V., Cortesi, A.: “LiSA: A Generic Framework for Multilanguage Static Analysis”, in Intelligent Systems Reference Library [DOI] [LINK]

Olivieri, L., Arceri, V., Ferrara, P., Spoto, F., Negrini, L., Tagliaferro, F., Cortesi, A.: “Information Flow Analysis for Detecting Non-Determinism in Blockchain”, in Proceedings of the 37th European Conference on Object-Oriented Programming (ECOOP 2023), LIPIcs [DOI] [LINK]

Calzavara, S., Ferrara, P., Lucchese, C.: “Certifying machine learning models against evasion attacks by program analysis”, in Journal of Computer Security [DOI] [LINK]

Ferrara, P.: “[Micro]services: threat, challenge, or opportunity for sound static program analysis?”, in Proceedings of the Fifth International Conference on Microservices (Microservices 2023)

2022

Arceri, V., Olliaro, M., Cortesi, A., Ferrara, P.: “Relational String Abstract Domains”, in Proceedings of the 23rd International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2022), LNCS [DOI] [LINK]

Olivieri, L., Tagliaferro, F., Arceri, V., Ruaro, M., Negrini, L., Cortesi, A., Ferrara, P., Spoto, F., Talin, E.: “Ensuring determinism in blockchain software with GoLiSA: an industrial experience report”, in Proceedings of the 11th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis (SOAP 2022) [DOI] [LINK]

2021

Negrini, L., Arceri, V., Ferrara, P., Cortesi, A.: “Twinning Automata and Regular Expressions for String Static Analysis”, in Proceedings of the 22nd International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2021), LNCS [DOI] [LINK]

Ferrara, P., Negrini, L., Arceri, V., Cortesi, A.: “Static analysis for dummies: Experiencing LiSA”, in Proceedings of the 10th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis (SOAP 2021) [DOI] [LINK]

Ferrara, P., Mandal, A.K., Cortesi, A., Spoto, F.: “Static analysis for discovering IoT vulnerabilities”, in International Journal on Software Tools for Technology Transfer [DOI] [LINK]

Ferrara, P., Olivieri, L., Spoto, F.: “Static Privacy Analysis by Flow Reconstruction of Tainted Data”, in International Journal of Software Engineering and Knowledge Engineering [DOI] [LINK]

Salvia, R., Cortesi, A., Ferrara, P., Spoto, F.: “Intents Analysis of Android Apps for Confidentiality Leakage Detection”, in Advances in Intelligent Systems and Computing [DOI] [LINK]

2020

Negrini, L., Arceri, V., Ferrara, P., Cortesi, A.: “Twinning automata and regular expressions for string static analysis”, in arXiv [DOI] [LINK]

Ferrara, P., Negrini, L.: “SARL: OO Framework Specification for Static Analysis”, in Proceedings of the 12th Working Conference on Verified Software: Theories, Tools, and Experiments (VSTTE 2020), LNCS [DOI] [LINK]

Ferrara, P., Cortesi, A., Spoto, F.: “From CIL to Java bytecode: Semantics-based translation for static analysis leveraging”, in Science of Computer Programming [DOI] [LINK]

Mandal, A., Ferrara, P., Khlyebnikov, Y., Cortesi, A., Spoto, F.: “Cross-program taint analysis for IoT systems”, in Proceedings of the ACM Symposium on Applied Computing (SAC 2020) [DOI] [LINK]

Calzavara, S., Ferrara, P., Lucchese, C.: “Certifying decision trees against evasion attacks by program analysis”, in Proceedings of the 25th European Symposium on Research in Computer Security (ESORICS 2020), LNCS [DOI] [LINK]

Ferrara, P., Olivieri, L., Spoto, F.: “BackFlow: Backward Context-Sensitive Flow Reconstruction of Taint Analysis Results”, in Proceedings of the 21st International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2020), LNCS [DOI] [LINK]

2019

Spoto, F., Burato, E., Ernst, M.D., Ferrara, P., Lovato, A., Macedonio, D., Spiridon, C.: “Static identification of injection attacks in Java”, in ACM Transactions on Programming Languages and Systems [DOI] [LINK]

Mandal, A.K., Panarotto, F., Cortesi, A., Ferrara, P., Spoto, F.: “Static analysis of Android Auto infotainment and on-board diagnostics II apps”, in Software - Practice and Experience [DOI] [LINK]

2018

Mandal, A.K., Cortesi, A., Ferrara, P., Panarotto, F., Spoto, F.: “Vulnerability analysis of android auto infotainment apps”, in Proceedings of the ACM International Conference on Computing Frontiers (CF 2018) [DOI] [LINK]

Ferrara, P., Olivieri, L., Spoto, F.: “Tailoring taint analysis to GDPR”, in Proceedings of the Annual Privacy Forum (APF 2018), LNCS [DOI] [LINK]

Panarotto, F., Cortesi, A., Ferrara, P., Mandal, A.K., Spoto, F.: “Static analysis of android apps interaction with automotive CAN”, in Proceedings of the 3rd International Conference on Smart Computing and Communication (SmartCom 2018), LNCS [DOI] [LINK]

Salvia, R., Ferrara, P., Spoto, F., Cortesi, A.: “SDLI: Static Detection of Leaks Across Intents”, in Proceedings of TrustCom/BigDataSE 2018 [DOI] [LINK]

Cortesi, A., Ferrara, P., Halder, R., Zanioli, M.: “Combining symbolic and numerical domains for information leakage analysis”, in Transactions on Computational Science, LNCS [DOI] [LINK]

Ferrara, P., Cortesi, A., Spoto, F.: “CIL to Java-bytecode translation for static analysis leveraging”, in Proceedings of the 6th Conference on Formal Methods in Software Engineering (FormaliSE 2018) — ACM SIGSOFT FME Distinguished Paper Award [DOI] [LINK]

2017

Aydin, A., Piorkowski, D., Tripp, O., Ferrara, P., Pistoia, M.: “Visual configuration of mobile privacy policies”, in Proceedings of the 20th International Conference on Fundamental Approaches to Software Engineering (FASE 2017), LNCS [DOI] [LINK]

Ferrara, P., Tripp, O., Liu, P., Koskinen, E.: “Using abstract interpretation to correct synchronization faults”, in Proceedings of the 18th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2017), LNCS [DOI] [LINK]

Piorkowski, D., Penney, S., Henley, A.Z., Pistoia, M., Burnett, M., Tripp, O., Ferrara, P.: “Foraging goes mobile: Foraging while debugging on mobile devices”, in Proceedings of the IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC 2017) [DOI] [LINK]

2016

Tripp, O., Pistoia, M., Ferrara, P., Rubin, J.: “Pinpointing mobile malware using code analysis”, in Proceedings of the IEEE/ACM International Conference on Mobile Software Engineering and Systems (MOBILESoft 2016) [DOI] [LINK]

Tsankov, P., Pistoia, M., Tripp, O., Vechev, M., Ferrara, P.: “FASE: Functionality-aware security enforcement”, in Proceedings of the ACM Annual Computer Security Applications Conference (ACSAC) [DOI] [LINK]

Barbon, G., Cortesi, A., Ferrara, P., Steffinlongo, E.: “DAPA: Degradation-aware privacy analysis of Android apps”, in Proceedings of the 12th International Workshop on Security and Trust Management (STM 2016), LNCS [DOI] [LINK]

Ferrara, P.: “A generic framework for heap and value analyses of object-oriented programming languages”, in Theoretical Computer Science [DOI] [LINK]

2015

Cortesi, A., Costantini, G., Ferrara, P.: “The abstract domain of Trapezoid Step Functions”, in Computer Languages, Systems and Structures [DOI] [LINK]

Brutschy, L., Ferrara, P., Tripp, O., Pistoia, M.: “ShamDroid: Gracefully degrading functionality in the presence of limited resource access”, in Proceedings of the ACM Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA 2015) [DOI] [LINK]

Barbon, G., Cortesi, A., Ferrara, P., Pistoia, M., Tripp, O.: “Privacy analysis of Android apps: Implicit flows and quantitative analysis”, in Proceedings of the 14th International Conference on Computer Information Systems and Industrial Management Applications (CISIM 2015), LNCS [DOI] [LINK]

Ferrara, P., Tripp, O., Pistoia, M.: “MORPHDROID: Fine-grained privacy verification”, in Proceedings of the ACM Annual Computer Security Applications Conference (ACSAC 2015) [DOI] [LINK]

Pistoia, M., Tripp, O., Ferrara, P., Centonze, P.: “Automatic detection, correction, and visualization of security vulnerabilities in mobile apps”, in Proceedings of the 3rd International Workshop on Mobile Development Lifecycle (MobileDeLi 2015) [DOI] [LINK]

Costantini, G., Ferrara, P., Cortesi, A.: “A suite of abstract domains for static analysis of string values”, in Software - Practice and Experience [DOI] [LINK]

2014

Brutschy, L., Ferrara, P., Müller, P.: “TouchGuru: Integrating static analysis with a mobile development environment”, in Proceedings of the 2nd International Workshop on Mobile Development Lifecycle (MobileDeLi 2014) [DOI] [LINK]

Ferrara, P., Schweizer, D., Brutschy, L.: “TouchCost: Cost analysis of TouchDevelop scripts”, in Proceedings of the 17th International Conference on Fundamental Approaches to Software Engineering (FASE 2014), LNCS [DOI] [LINK]

Brutschy, L., Ferrara, P., Müller, P.: “Static analysis for independent app developers”, in Proceedings of the ACM Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA 2014) [DOI] [LINK]

Ferrara, P.: “Generic combination of heap and value analyses in abstract interpretation”, in Proceedings of the 15th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2014), LNCS [DOI] [LINK]

2013

Costantini, G., Ferrara, P., Maggiore, G., Cortesi, A.: “The domain of parametric hypercubes for static analysis of computer games software”, in Proceedings of the 15th International Conference on Formal Engineering Methods (ICFEM 2013), LNCS [DOI] [LINK]

Cortesi, A., Ferrara, P., Chaki, N.: “Static analysis techniques for robotics software verification”, in Proceedings of the 44th International Symposium on Robotics (ISR 2013) [DOI] [LINK]

Cortesi, A., Costantini, G., Ferrara, P.: “A survey on product operators in abstract interpretation”, in Electronic Proceedings in Theoretical Computer Science (EPTCS) [DOI] [LINK]

Ferrara, P.: “A generic static analyzer for multithreaded Java programs”, in Software - Practice and Experience [DOI] [LINK]

2012

Ferrara, P., Fuchs, R., Juhasz, U.: “TVAL+ : TVLA and value analyses together”, in Proceedings of the 10th International Conference on Software Engineering and Formal Methods (SEFM 2012), LNCS [DOI] [LINK]

Zanioli, M., Ferrara, P., Cortesi, A.: “SAILS: Static analysis of information leakage with sample”, in Proceedings of the ACM Symposium on Applied Computing (SAC 2012) [DOI] [LINK]

Costantini, G., Ferrara, P., Cortesi, A.: “Linear approximation of continuous systems with trapezoid step functions”, in Proceedings of the 10th Asian Symposium on Programming Languages and Systems (APLAS 2012), LNCS [DOI] [LINK]

Ferrara, P., Müller, P.: “Automatic inference of access permissions”, in Proceedings of the 13th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI 2012), LNCS [DOI] [LINK]

2011

Costantini, G., Ferrara, P., Cortesi, A.: “Static analysis of string values”, in Proceedings of the 13th International Conference on Formal Engineering Methods (ICFEM 2011), LNCS [DOI] [LINK]

2010

Ferrara, P.: “Static type analysis of pattern matching by abstract interpretation”, in Proceedings of the IFIP Conference on Formal Techniques for Distributed Systems (FORTE/FMOODS 2010), LNCS [DOI] [LINK]

2009

Ferrara, P.: “Checkmate: A generic static analyzer of Java multithreaded programs”, in Proceedings of the 7th IEEE International Conference on Software Engineering and Formal Methods (SEFM 2009) [DOI] [LINK]

2008

Ferrara, P.: “Static analysis via abstract interpretation of the happens-before memory model”, in Proceedings of the 2nd International Conference on Tests and Proofs (TAP 2008), LNCS [DOI] [LINK]

Ferrara, P.: “Static analysis of the determinism of multithreaded programs”, in Proceedings of the 6th IEEE International Conference on Software Engineering and Formal Methods (SEFM 2008) [DOI] [LINK]

Ferrara, P., Logozzo, F., Fähndrich, M.: “Safer unsafe code for .net”, in Proceedings of the ACM Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA 2008) [DOI] [LINK]