Publications

Healthcare ecosystems form a critical type of infrastructures that provide valuable services in today societies. However, the underlying sensitive information is also of interest of malicious entities around the globe, with the attack volume being continuously increasing.

This paper presents a formal model of the features, named security capabilities, offered by the controls used for enforcing security policies in computer networks. It has been designed to support policy refinement and policy translation and address useful, practical tasks in a vendor-independent manner. The model adopts state-of-the-art design patterns and has been designed to be extensible. The model describes the actions that the controls can perform (e.g.

The serverless computing model has evolved as one of the key solutions in the cloud for fast autoscaling and capacity planning. In edge computing environments, however, the serverless model is challenged by the system heterogeneity and performance variability. In this paper, we introduce BenchFaaS, an open-source edge computing network testbed which automates the deployment and benchmarking of serverless functions.

Intent-based networking (IBN) solutions to managing complex ICT systems have become one of the key enablers of intelligent and autonomous network management. As the number of machine learning (ML) techniques deployed in IBN increases, it becomes increasingly important to understand their expected performance.

Microservice platforms have brought many advantages to support the deployment of light-weight applications at both near the edge and data centers. Still, their suitability to support telecommunication and vertical services beyond the network edge is far from being a reality. On one hand, their flat networking approach does not support the establishment of link-layer connectivity among the different components of telecommunication and vertical services (e.g., access points, routers, specific-purpose servers, etc.) due to their reliance on high-level APIs.

Network Functions Virtualization (NFV) is a key technology for network automation and has been instrumental to materialize the disruptive view of 5G and beyond mobile networks. In particular, 5G embraces NFV to support the automated and agile provision of telecommunication and vertical services as a composition of versatile virtualized components, referred to as Virtual Network Functions (VNFs). It provides a high degree of flexibility in placing these components on distributed NFV infrastructures (e.g., at the network edge, close to end users).

The fourth industrial revolution is led by the most recent ICT developments and is associated with a substantial investment directed towards the development of smart manufacturing systems. The Industry 4.0 paradigm is characterized by a modular structure of smart factories, where CPS monitors the physical processes and develops a virtual copy of the physical world to test and make decisions.

In this work an Intrusion Detection System to detect anomalies in networks system entries is presented. It is based on Machine Learning models and is composed of two components. The first component detects known anomalies with an accuracy beyond 95%. This component uses supervised models and several algorithms can be applied. In the use case analysed here, the best algorithm that fits the model is Random Forests. The second component detects unknown anomalies and benign entries and it is based on unsupervised models.

Thanks to the latest advances in containerization, the serverless edge computing model is becoming close to reality. Serverless at the edge is expected to enable low latency applications with fast autoscaling mechanisms, all running on heterogeneous and resource-constrained devices. In this work, we engineer and experimentally benchmark a serverless edge computing system architecture.

In data center networks, the reliability of Service Function Chain (SFC)—an end-to-end service presented by a chain of virtual network functions (VNFs)—is a complex and specific function of placement, configuration, and application requirements, both in hardware and software. Existing approaches to reliability analysis do not jointly consider multiple features of system components, including, (i) heterogeneity, (ii) disjointness, (iii) sharing, (iv) redundancy, and (v) failure interdependency.