Interests

Formal methods, logics, protocol verification and model checking.

Reverse bio

Starting February 2017, I am Assistant Professor in Computer Security at the IT-University of Copenhagen. Previously, I worked as a Postdoc in Carsten Shürmann’s group at the IT-University of Copenhagen, working on the Meta-CLF project. I obtained my Ph.D. at the Technical University of Denmark, under supervision of Flemming Nielson and Hanne Riis Nielson, working on formal methods, security protocol verification and model checking, and before that I did my B.Sc. and M.Sc. at the University of Padova, Italy, graduating under supervision of Paolo Baldan.

Current events

• 26-27 Nov 2018: Paper accepted at Standardization Security Research “Formal Verification of Ephemeral Diffie-Hellman Over COSE (EDHOC)”, with Theis Grønbech Petersen, Thorvald Sahl Jørgensen, and Carsten Schürmann
• 24-27 Oct 2017: Paper accepted at E-Vote-ID 2017 Towards a Mechanized Proof of Selene Receipt-Freeness and Vote-Privacy, with Eva Drewsen and Carsten Schürmann
• 3 Sep 2017: First International Workshop on Trends in Mechanized Secruity Proofs
• 7-8 Aug 2017: EASSS Summer school Presenting the analysis of security protocols in AIF-omega, with case studies in automotive
• 30 May 2017: Oresund Security Day ‘17, Resolution in linear logic, joint work with Eike Ritter and Carsten Schürmann

Teaching

• Discrete Mathematics, ITU, Fall 2018
• Security II, ITU, Fall 2018
• Security, ITU, Spring 2018
• Critical Systems Seminar and Project, ITU, Fall 2017
• Discrete Mathematics, ITU, Fall 2017
• Critical Systems Seminar, ITU, Fall 2016
• Ethical Hacking Club, ITU (Facebook group)
• Supervising Theses and Projects

Tools

AIF-Omega is an abstraction based verification tool for security protocols where participants have state that is beyond a single session.

SetPi (Now being merged with AIF-Omega) is an extension of the Applied Pi-calculus with support for persistent state, expressible in terms of names that can grow and shrink over time.

CPNunf is an unfolder for contextual Petri nets, an extension of this formalism with semantics to support concurrent read access to shared resources

Publications

Conference papers

1. Ieva Daukantas, Alessandro Bruni, Carsten Schürmann: Trimming Data Sets: a Verified Algorithm for Robust Mean Estimation. PPDP 2021
2. Karl Norrman, Vaishnavi Sundararajan, Alessandro Bruni: Formal Analysis of EDHOC Key Establishment for Constrained IoT Devices. SECRYPT 2021
3. Rosario Giustolisi, Alessandro Bruni: Privacy-Preserving Dispute Resolution in the Improved Bingo Voting. E-VOTE-ID 2020
4. Karl Norrman, Vaishnavi Sundararajan, Alessandro Bruni: Formal Analysis of EDHOC Key Establishment for Constrained IoT Devices. CoRR abs/2007.11427 (2020)
5. Carsten Schürmann, Alessandro Bruni; Technical and Socio-Technical Attacks on the Danish Party Endorsement System. E-VOTE-ID 2019
6. Theis Grønbech Petersen, Thorvald Sahl Jørgensen, Alessandro Bruni and Carsten Schürmann; “Formal Verification of Ephemeral Diffie-Hellman Over COSE (EDHOC)”. Security Standardisation Research, Third International Conference, 2018 [Preprint]
7. Alessandro Bruni, Rosario Giustolisi, Carsten Schürmann; Automated Analysis of Accountability. 20th Information Security Conference (ISC), 2017 [Slides]
8. Eva Drewsen, Alessandro Bruni, Carsten Schürmann; Towards a Mechanized Proof of Selene Receipt-Freeness and Vote-Privacy. Second International Joint Conference on Electronic Voting, 2017 [Slides]
9. Peter Brottveit Bock, Alessandro Bruni, Agata Murawska and Carsten Schürmann: Representing Session Types. Dale Miller’s Festschrift, 2016
10. Michael Denzel, Alessandro Bruni and Mark Ryan. Smart-Guard: Defending User Input from Malware. The 13th IEEE International Conference on Advanced and Trusted Computing, 2016
11. Sebastian Mödersheim and Alessandro Bruni. AIF-ω: Set-Based Protocol Abstraction with Countable Families. Principles of Security and Trust, 2016 [Preprint]
12. Alessandro Bruni, Sebastian Mödersheim, Flemming Nielson and Hanne Riis Nielson. Set-pi: Set Membership Pi-calculus. Computer Security Foundations, 2015 [Extended version with corrections]
13. Alessandro Bruni, Michal Sojka, Flemming Nielson and Hanne Riis Nielson. Formal Security Analysis of the MaCAN Protocol. Integrated Formal Methods, 2014
14. Vigo, Roberto, Alessandro Bruni, and Ender Yüksel. Security Games for Cyber-Physical Systems. Secure IT Systems. Springer Berlin Heidelberg, 2013. 17-32.
15. Baldan, P., Bruni, A., Corradini, A., König, B., & Schwoon, S. On the computation of McMillan’s prefix for contextual nets and graph grammars. Graph Transformations, 2010. 91-106.

Journal papers

1. Baldan, P., Bruni, A., Corradini, A., König, B., Rodríguez, C., & Schwoon, S. Efficient unfolding of contextual Petri nets. Theoretical Computer Science, 2012.

Posters and Workshop Papers

1. Alessandro Bruni, Sebastian Mödersheim, Flemming Nielson, Hanne Riis Nielson. Verification of Stateful Protocols, Set-based Abstractions in the Applied π-Calculus. Secure IT Systems, 2014.
2. Alessandro Bruni, Markulf Kohlweiss, Myrto Arapinis, Mark D. Ryan, Eike Ritter, Flemming Nielson, and Hanne Riis Nielson. “Proving Stateful Injective Agreement with Refinement Types”. Cryptoforma Workshop, 2015. [Paper]

Thesis

1. Alessandro Bruni. Analysis of Security Protocols in Embedded Systems. PhD thesis, DTU, 2016. [Link]

Popular media appeareances

• ITU-forsker bliver leder af OWASP i København – Version2
• Slut med kringlede kodeord: Ny login-teknik kommer til Android – DR Nyheder

Past events

• 07 Sep. 2016: “Selene in Celf: Formalising Voting Protocols in Linear Logic”, Invited talk at the University of Luxembourg [Slides]
• 16 Sep. 2016: Presenting AIF-ω at Lamas Sing 2016, [Slides].
• 26 Apr. 2016: Giving a talk at MF#K, on F* and the verification of security protocols [Slides]
• Jan 2016: “AIF-ω: Set-Based Protocol Abstraction with Countable Families” accepted at POST-2016