I am currently an assistant professor (RTDa) at Politecnico di Milano, working in the system security group at NECST Laboratory inside the Dipartimento di Elettronica, Informazione e Bioingegneria. The focus of my research revolves around threat modeling and developing offensive and defensive techniques for the security of cyber-physical systems and transportation systems, e.g., automotive, space, industry 4.0, and critical infrastructure. I teach mainly courses and lectures on (cyber-physical) systems security and social engineering.

For more details check my links on the left!

Teaching

Human and Physical Aspects of Security

Available to Politecnico di Milano's Computer Science and Engineering master students and to Bocconi's Cyber Risk Strategy and Governance master students.

Program overview

  • The threat modeling process, common threat modeling frameworks
  • The human factor in security: Social engineering, digital and physical mediums, mitigations and countermeasures
  • Cyber-physical systems security: differences between IT and OT, technology use cases, and countermeasures

Resources

  • Resources for the 2024/2025 academic year can be found on Webeep

Advanced Research Topics in Cybersecurity

Available to Politecnico di Milano's Computer Science and Engineering Ph.D. students and optionally to master students.

Program overview

The course provides an understanding of cutting-edge research challenges in cybersecurity. The first half will be held as frontal lectures, while the second half will be a flipped classroom with paper discussions. Topics include: Economics of cybercrime, software vulnerabilities, malware analysis, hardware and embedded systems security, cyber-physical and critical systems security, cyberwarfare, and the security of machine learning.

Emerging Topics in Security

Available to Bocconi's Cyber Risk Strategy and Governance master students.

Program overview

The short course (~16 hrs) provides an overview of the most relevant research topics presented last year in cybersecurity. The students may choose a top conference paper to present through the course, and will be tasked with evaluating others' presentations.

Research

My research mostly focuses on Cyber-Physical Systems (CPS) security. Currently I am working on diverse fields, including automotive, industrial robots, railway infrastructure, e-vehicle charging solutions, satellite systems, and critical infrastructure resilience. Across these domains, my main interests are attack detection and threat modeling, exploring threats emerging from integrating novel technological solutions into existing systems. Additionally, I am participating in various projects addressing emerging cybersecurity challenges involving AI-driven social engineering, covert communication channels utilizing Large Language Models (LLMs), and vulnerabilities within federated learning systems.

Publication Highlights

Janus: A Trusted Execution Environment Approach for Attack Detection in Industrial Robot Controllers (IEEE TETC 2024)

The evolution of our work on monitoring mechanisms for cyber-physical systems based on the use of Trusted Execution Environments, to guarantee the integrity of the attack detection algorithm even in case the controller's software is compromised, while not requiring external hardware for its detection process.

Preprint / Link

Evaluating the Impact of Privacy-Preserving Federated Learning on CAN Intrusion Detection (IEEE VTC 2024)

Our initial project focusing on the federation of ML/DL algorithms for intrusion detection on CAN. The goal of the paper is to understand the limitiations and requirements to federate CANdito (an evolution of CANnolo, see below) while maintaining detection capabilities and low network overhead.

Preprint / Link

CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks (ACM CCS 2022)

One of our team's most effective attack approaches. We demonstrate how it is possible to generate advanced data-link layer attacks against automotive networks (CAN) without requiring physical access to the vehicle, previously an assumption for that kind of attacks.

Preprint / Link

CANnolo: An anomaly detection system based on LSTM autoencoders for controller area network (IEEE TNSM 2020)

The beginning of our research team work on automotive intrusion detection based on deep learning. Our IDS attempts to reconstruct the last CAN packets with a specific ID, and depending on its reconstruction error defines whether a sequence is anomalous or not.

Preprint / Link