Program

Date Time Event
21 June, 2024
Grand Hotel, Salerno 		14:00 - 14:05 Welcome from the Organizers
14:05 - 15:05 Keynote
Mike Papadakis | University of Luxembourg, Interdisciplinary Centre for Security, Reliability and Trust (SnT)

Mike Papadakis is an Associate Professor at the University of Luxembourg where he leads the SERVAL (SEcurity, Reasoning and VALidation) research team. His research interests include software testing, code analysis and artificial inteligence for software engineering. He is best known for his work on Mutation Testing for which he has been awarded IEEE TCSE Rising Star Award 2020. He has been General Chair of the ACM SIGSOFT ISSTA 2025 and IEEE ICSME 2021 and Program Chair of SSBSE 2022 and IEEE ICST 2023. He also serves at the editorial and review boards of international Software Engineering journals (STVR, Empirical Software Engineering, ACM Transactions on Software Engineering and Methodology) and has co-authored of more than 100 publications in international peer-reviewed conferences and journals. His work has been supported by Facebook, FNR, CETREL (SIX group company), BGL (BNP Paribas), Microsoft and PayPal.


A Tale of Vulnerability Prediction

Over the past years, automated vulnerability prediction research, mainly supported by AI techniques, has grown in popularity. While a large number of studies have been proposed, they often make simplification assumptions, which limit their applicability and adoption. This talk will provide a historical view of the vulnerability prediction approaches and will focus on the challenges and limitation that they face through the lens of three different research communities, i.e., AI, SE and Security. The talk will conclude with a discussion on the links between vulnerability prediction and testing, showing potential applications and cross-fertilization between the two research fields.
15:05 - 15:30 Paper Session #1 — 2 papers
  • 15:05-15:20 — "Semgrep*: Improving the Limited Performance of Static Application Security Testing (SAST) Tools", G. Bennett et al.
  • 15:20-15:30 — "Toward a Search-Based Approach to Support the Design of Security Tests for Malicious Network Traffic", D. La Gamba et al.
15:30 - 16:00 Coffee Break
16:00 - 16:25 Paper Session #2 — 2 papers
  • 16:00-16:15 — "Security Risk Assessment on Cloud: A Systematic Mapping Study", G. Annunziata et al.
  • 16:15-16:25 — "LLM Security Guard for Code", A. Kavian et al.
16:25 - 16:40 Open Discussion
16:40 - 16:45 Closing