Home Page of Roberto Natella

I am Associate Professor in Computer Engineering at the Federico II University of Naples, Italy. My research interests are in the field of software security and dependability. The main recurring theme of my research activity is the experimental injection of faults, attacks, and stressful conditions. My research topics include:
  • fuzzing and static analysis
  • red teaming, adversary emulation, cyber ranges
  • cyber threat intelligence
  • machine learning techniques for security
  • fault injection, robustness testing, dependability benchmarking
  • software aging and rejuvenation
  • applications in operating systems and in cloud, mobile, embedded, and virtualization technologies
In 2022, I received the DSN Rising Star in Dependability Award from the IEEE Technical Committee on Dependable Computing and Fault Tolerance (TCFT) and the IFIP Working Group 10.4 on Dependable Computing and Fault Tolerance, for research achievements within 10 years after PhD graduation.


Call for Papers: The call for papers for ISSRE 2022 (IEEE International Symposium on Software Reliability Engineering) has been released, see www.issre.net (alternative link: issre2022.github.io)

New papers and repositories: Translating natural language (English) into exploits in Python/Assembly using Neural Machine Translation (NMT), for code and datasets see: EVIL and Shellcode_IA32

New paper and repository: We released a fault injection tool for multi-tenant cloud infrastructures based on OpenStack: ThorFI

New repositories: Two fuzzing projects are available as open-source software, ProFuzzBench - A Benchmark for Stateful Protocol Fuzzing, and StateAFL - A Coverage-Driven (Greybox) Fuzzer for Stateful Network Protocols.

Research Interests

Fault Injection and Robustness Testing

The occurrence of severe software-related accidents highlights the need for assuring that complex systems are able to operate even in the presence of faulty software. Software Fault Injection is the deliberate injection of software faults or errors into a component, in order to assess fault-tolerance and robustness properties. Two fundamental issues arise:

What should be injected to perform meaningful and relevant fault injection experiments (e.g., find robustness issues that do actually matter)?
Can we keep small the number and duration of experiments and, at the same time, obtain useful results (e.g., quickly find robustness issues)?
See also:

Software Aging and Rejuvenation

When software systems are executed continuously for long time periods, they tend to exhibit degraded performance and are more prone to fail. This phenomenon, namely software aging, is caused by elusive software bugs ("Mandelbugs") that gradually corrupt the software state, such as memory leak bugs. On one hand, software aging can be mitigated by preemptively rejuvenating the software, i.e., bringing it into an aging-free state, for instance by restarting it. On the other hand, software aging can be avoided by detecting and fixing bugs, such as through performance and resource consumption tests.

See also:

Contact information

roberto dot natella at unina dot it
DIETI Department, Via Claudio 21, Ed. 3/A, 80125, Napoli, Italy