Welcome to Francis Some, a new PhD student

A new PhD student, Francis Some, joined INDES on 1 November 2015 to work under the supervision of Tamara Rezk and Nataliia Bielova. Welcome, Francis!

New paper on behavioural types for security is published at JLAMP

Ilaria Castellani together with her co-authors has a new paper accepted to the Journal of Logical and Algebraic Methods in Programming (JLAMP):

  • Combining behavioural types with security analysis.
    Massimo Bartoletti, Ilaria Castellani, Pierre-Malo Deniélou, Mariangiola Dezani-Ciancaglini, Silvia Ghilezan, Jovanka Pantovic, Jorge A. Pérez, Peter Thiemann, Bernardo Toninho, Hugo Torres Vieira.

We are organizing the Dynamic Languages Symposium (DLS’15)

The 11th Dynamic Languages Symposium (DLS) at SPLASH 2015 is the premier forum for researchers and practitioners to share knowledge and research on dynamic languages, their implementation, and applications. The influence of dynamic languages – from Lisp to Smalltalk to Python to Javascript – on real-world practice and research continues to grow. More details and program are on the DLS’15 website.

2 papers on Hop and Hop.js in PPDP’15 and DBPL’15

2 papers on JavaScript security to appear in TGC’15

Tamara Rezk together with her co-authors has two new papers to appear in Trustworthy Global Computing Symposium (TGC’15), both tackling different aspects of information flow security for JavaScript programs:

Welcome to Colin Vidal, a new PhD student

A new PhD student, Colin Vidal, joined INDES on 1 July 2015 to work under the supervision of Manuel Serrano. Welcome, Colin!

New article in the Journal of Mathematical Structures in Computer Science

In their new article in the Journal of Mathematical Structures in Computer Science, Ilaria Castellani (INDES), Sara Capecchi and Mariangiola Dezani-Ciancaglini (University of Turin) propose a monitored semantics for a multiparty session calculus and show that it enforces a secure information flow property.

PhD positions and Internships at INDES

We have three PhD positions and five internships available for highly motivated students interested in web programming and security. For more information, see the job section : jobs.

The symposium on Trends in Functional Programming (TFP 2015), Sophia Antipolis (France), June 3-5 2015

The symposium on Trends in Functional Programming (TFP) is an international forum for researchers with interests in all aspects of functional programming, taking a broad view of current and future trends in the area. It aspires to be a lively environment for presenting the latest research results, and other contributions. Authors of draft papers will be invited to submit revised papers based on the feedback receive at the symposium. A post-symposium refereeing process will then select a subset of these articles for formal publication.

TFP 2015 will be the main event of a pair of functional programming events. TFP 2015 will be accompanied by the International Workshop on Trends in Functional Programming in Education (TFPIE), which will take place on June 2nd.

The symposium recognizes that new trends may arise through various routes. As part of the Symposium’s focus on trends we therefore identify the following five article categories. High-quality articles are solicited in any of these categories:

Research Articles: leading-edge, previously unpublished research work
Position Articles: on what new trends should or should not be
Project Articles: descriptions of recently started new projects
Evaluation Articles: what lessons can be drawn from a finished project
Overview Articles: summarizing work with respect to a trendy subject

Articles must be original and not simultaneously submitted for publication to any other forum. They may consider any aspect of functional programming: theoretical, implementation-oriented, or experience-oriented. Applications of functional programming techniques to other languages are also within the scope of the symposium.

Topics suitable for the symposium include:

Functional programming and multicore/manycore computing
Functional programming in the cloud
High performance functional computing
Extra-functional (behavioural) properties of functional programs
Dependently typed functional programming
Validation and verification of functional programs
Debugging and profiling for functional languages
Functional programming in different application areas:
security, mobility, telecommunications applications, embedded systems,
global computing, grids, etc.
Interoperability with imperative programming languages
Novel memory management techniques
Program analysis and transformation techniques
Empirical performance studies
Abstract/virtual machines and compilers for functional languages
(Embedded) domain specific languages
New implementation strategies
Any new emerging trend in the functional programming area

If you are in doubt on whether your article is within the scope of
TFP, please contact the TFP 2015 program chair, Manuel Serrano.


To reward excellent contributions, TFP awards a prize for the best paper accepted for the formal proceedings.TFP traditionally pays special attention to research students, acknowledging that students are almost by definition part of new subject trends. A student paper is one for which the authors state that the paper is mainly the work of students, the students are listed as first authors, and a student would present the paper. A prize for the best student paper is awarded each year.

In both cases, it is the PC of TFP that awards the prize. In case the best paper happens to be a student paper, that paper will then receive both prizes.

International Symposium on Engineering Secure Software and Systems (ESSoS 2015), Milan (Italy), March 4-6 2015

Call for participation

Date: March 4 – 6, 2015
Venue: Milan, Italy
Website: https://distrinet.cs.kuleuven.be/events/essos/2015/
Deadlines: January 25, 2015 (Early bird)

In cooperation with: (pending) ACM SIGSAC and SIGSOFT and IEEE CS (TCSP).

Context and motivation

Trustworthy, secure software is a core ingredient of the modern world. So is the Internet. Hostile, networked environments, like the Internet, can allow vulnerabilities in software to be exploited from anywhere. To address this, high-quality security building blocks (e.g., cryptographic components) are necessary, but insufficient. Indeed, the construction of secure software is challenging because of the complexity of modern applications, the growing sophistication of security requirements, the multitude of available software technologies and the progress of attack vectors. Clearly, a strong need exists for engineering techniques that scale well and that demonstrably improve the software’s security properties.

Goal and setup

The goal of this symposium, which will be the sixth in the series, is to bring together researchers and practitioners to advance the states of the art and practice in secure software engineering. Being one of the few conference-level events dedicated to this topic, it explicitly aims to bridge the software engineering and security engineering communities, and promote cross-fertilization. The symposium will feature two days of technical program. In addition to academic papers, the symposium encourages submission of high-quality, informative industrial experience papers about successes and failures in security software engineering and the lessons learned. Furthermore, the symposium also accepts short idea papers that crisply describe a promising direction, approach, or insight.


ESSoS 2015 will take place in Milano, at Politecnico di Milano, the largest engineering and architecture university in Italy, with more than 39.000 students and 7 campuses. ESSoS will take place at the main campus of the university, located in Milan’s “Città studi” (university neighborhood).

Hotels conveniently located around the Politecnico di Milano have been reserved at preferential rates through our partner KC Travel. A range of accommodations will be available, together with any additional travel services you may require. Details will be posted soon to the ESSoS 2015 website.


Complete overview of the program with paper presentations and demos can be found at the conference website.


Browser technology – essentials for securing the Web
Dr. Philippe De Ryck iMinds-DistriNet, KU Leuven

Effective security management: a tutorial on CVSS v3 and using case control studies to measure vulnerability risk
Luca Allodi & Fabio Massacci


The botnet that would not die Keynote talk
Herbert Bos (VU Amsterdam)

The European Strategic Agenda for Research and Innovation in Cybersecurity
Afonso Ferreira (European Commission)

Rocco Mammoliti (Poste Italiane)

Felix Lindner (Recurity Labs GmbH)