What “Exactly” a PhD is or.. what the PhD has meant to me
Andrea [email protected] researcher, SE Unit
Who am I? (The not so technical background)
Who am I? (The not so technical background)
Someone who decided to study computer science
Who am I? (The not so technical background)
Someone who decided to study computer science
bachelor@University of Trento
Who am I? (The not so technical background)
Someone who decided to study computer science
bachelor@University of Trento
Worked for 2 years as bartender
Who am I? (The not so technical background)
Someone who decided to study computer science
bachelor@University of Trento
Worked for 2 years as bartender
Joined Software Engineering unit in 2008 (as Software Engineer)
Who am I? (The not so technical background)
Someone who decided to study computer science
bachelor@University of Trento
Worked for 2 years as bartender
Joined Software Engineering unit in 2008 (as Software Engineer)
Then… more stuff, master@University of Trento
Who am I? (The not so technical background)
Someone who decided to study computer science
bachelor@University of Trento
Worked for 2 years as bartender
Joined Software Engineering unit in 2008 (as Software Engineer)
Then… more stuff, master@University of Trento
Joined PhD program in 2009 (25th cycle)
Who am I? (The not so technical background)
Someone who decided to study computer science
bachelor@University of Trento
Worked for 2 years as bartender
Joined Software Engineering unit in 2008 (as Software Engineer)
Then… more stuff, master@University of Trento
Joined PhD program in 2009 (25th cycle)Got my PhD in December 2013 with the thesis
“Security Testing of Web and Smartphone Applications”
Who am I? (The not so technical background)
Someone who decided to study computer science
bachelor@University of Trento
Worked for 2 years as bartender
Joined Software Engineering unit in 2008 (as Software Engineer)
Then… more stuff, master@University of Trento
Joined PhD program in 2009 (25th cycle)Got my PhD in December 2013 with the thesis
“Security Testing of Web and Smartphone Applications”PostDoc with the Software Engineering unit
The Software Engineering unit
Software System
Requirements
Test Cases
Which functionalities is the system going to provide and why?
Is the system delivering the expected functionalitiesand how?
Quality of the resulting system dependson the quality of requirement specification
and on the quality of testing
Research projects: ! Requirements elicitation and
analysis for complex Socio-Technical Systems ! Mixing participatory and goal-
oriented elicitation approaches [A-cube, Made in Italy]
! Regulatory compliance and risk analysis [RISCOSS]
! Code analysis and testing ! Reverse and re-engineering [CERN,
IBT] ! Web testing and automated test
case generation [FITTEST] ! Security testing and software
protection [ASPIRE]
International Conferences: • ISSTA 2010: ACM Int. Symp. on Software Testing and Analysis • RE 2011: IEEE Int. Requirements Eng. Conf. • ICSM 2012: IEEE Int. Conf. on Software Maintenance
What the PhD is..aka The illustrated guide to PhD
http://matt.might.net/articles/phd-school-in-pictures/
What the PhD is..aka The illustrated guide to PhD
http://matt.might.net/articles/phd-school-in-pictures/
The human knowledge
What the PhD is..aka The illustrated guide to PhD
http://matt.might.net/articles/phd-school-in-pictures/
The human knowledge After elementary school
What the PhD is..aka The illustrated guide to PhD
http://matt.might.net/articles/phd-school-in-pictures/
The human knowledge After elementary school After high school
What the PhD is..aka The illustrated guide to PhD
http://matt.might.net/articles/phd-school-in-pictures/
The human knowledge After elementary school After high school After the bachelor
What the PhD is..aka The illustrated guide to PhD
http://matt.might.net/articles/phd-school-in-pictures/
The human knowledge After elementary school After high school After the bachelor
After the master
What the PhD is..aka The illustrated guide to PhD
http://matt.might.net/articles/phd-school-in-pictures/
The human knowledge After elementary school After high school After the bachelor
After the master Reading papers
What the PhD is (2)
What the PhD is (2)
Once at the boundaries, you focus
What the PhD is (2)
Once at the boundaries, you focus Then, one day…
What the PhD is (2)
In any case, don’t forget the big picture
… keep pushing!
What my Phd was..aka first contact with PhD world
My first official presentation was at the 6th International Workshop on Software Engineering for Secure Systems in 2010
Towards security testing with taint analysis and genetic algorithms, Andrea Avancini and Mariano Ceccato
What my Phd was..aka first contact with PhD world
My first official presentation was at the 6th International Workshop on Software Engineering for Secure Systems in 2010
Towards security testing with taint analysis and genetic algorithms, Andrea Avancini and Mariano Ceccato
[Real reproduction of my face that morning]
After that…we published some works..• Avancini A., Ceccato M., Comparison and integration of genetic algorithms and dynamic symbolic execution for security testing of cross-site scripting vulnerabilities,
in «INFORMATION AND SOFTWARE TECHNOLOGY», vol. 55, 2013 , pp. 2209 - 2222
• Avancini A., Ceccato M., Security Oracle Based on Tree Kernel Methods, Trustworthy Eternal Systems via Evolving Software, Data and Knowledge, 2013 , pp. 30 - 43
• Andrea Avancini, Mariano Ceccato, Circe: A grammar-based oracle for testing Cross-site scripting in web applications, in Proceedings of the 20th Conference on Reverse Engineering, WCRE, 2013, pp. 262-271, (20th International Conference on Reverse Engineering, Koblenz, Germany, November 2013)
• Andrea Avancini, Mariano Ceccato, Security Testing of the Communication among Android Applications, Proceedings of the 8th International Workshop on Automation of Software Test, IEEE computer society, 2013 , pp. 57- 63 , (8th International Workshop on Automation of Software Test, San Francisco, CA, USA, 18-19 May 2013)
• Andrea Avancini, Mariano Ceccato, Security Testing of Web Applications: A Research Plan, in IEEE, Proceedings of 34th International Conference on Software Engineering (ICSE 2012), 2012 , (ICSE 2012, Zurigo, da 06/02/2012 a 06/09/2012)
• Andrea Avancini, Mariano Ceccato, Grammar Based Oracle for Security Testing of Web Applications, Proceedings of the 7th International Workshop on Automation of Software Test (AST), IEEE, 2012 , pp. 15- 21 , (7th International Workshop on Automation of Software Test (AST), Zurich, Switzerland, 02/06/2012)
• A. Avancini, M. Ceccato, Towards a Security Oracle Based on Tree Kernel Methods, Proceedings of 2012 Joint Workshop on Intelligent Methods for Software System Engineering, 2012 , pp. 1- 4 , (2012 Joint Workshop on Intelligent Methods for Software System Engineering, Montpellier, Francia, 08/28/2012)
• Andrea Avancini, Mariano Ceccato, Security Testing of Web Applications: a Search Based Approach for Cross-Site Scripting Vulnerabilities, Proceedings of Eleventh IEEE International Working Conference on Source Code Analysis and Manipulation, IEEE Computer Society, 2011 , pp. 85- 94 , (2011 11th IEEE International Working Conference on Source Code Analysis and Manipulation, Williamsburg, VA, USA, da 25/09/2011 a 26/09/2011)
After that…I participated some conferences and events..
..which means that I met a lot of people..
After that…I’ve visited some places..
In summary… A PhD helps you to..
• Learn how to communicate
• Learn how to learn and to discover on your own
• Learn how to get stuff done
• Learn how to work with other people