2025​​​‌Activity reportProject-TeamOLAS‌

7.1.1​​ Corinne

• Keywords:
  Choreography automata,​​​‌ Communicating finite state machines‌
• Scientific Description:

  Corinne relies‌​‌ on the theory of​​ choreography automata, which is​​​‌ described in:

  Franco Barbanera,‌ Ivan Lanese, Emilio Tuosto:‌​‌ Choreography Automata. COORDINATION 2020:​​ 86-106

  Franco Barbanera, Ivan​​​‌ Lanese, Emilio Tuosto: Composition‌ of choreography automata. CoRR‌​‌ abs/2107.06727 (2021)

• Functional Description:​​
  Choreography automata (c-automata) are​​​‌ finite state automata whose‌ transitions are labelled with‌​‌ interactions of the form​​ A -> B :​​​‌ m, representing a communication‌ in which participant A‌​‌ sends a message (of​​ type) m to participant​​​‌ B, and participant B‌ receives it. Corinne allows‌​‌ one to display c-automata​​ represented in the dot​​​‌ format, and: (a) project‌ them on communicating finite‌​‌ state machines representing the​​ behavior of single participants,​​​‌ (b) compute a product‌ c-automaton corresponding to the‌​‌ concurrent execution of two​​ c-automata, (c) synchronize two​​​‌ participants of a c-automaton‌ transforming them into coupled‌​‌ gateways, and (d) check​​ well-formedness conditions ensuring that​​​‌ the system of participants‌ obtained via projection behaves‌​‌ well.
• Release Contributions:
  Version​​ 4.0 of Corinne improves​​​‌ the usability of the‌ tool and refines the‌​‌ check for connectedness, allowing​​ the so called late​​​‌ join, when a participant‌ participate to a choreography‌​‌ only in some branches,​​ after having been contacted​​​‌ by some other participant.‌
• URL:
  https://­github.­com/­lanese/­corinne-3
• Publication:
  hal-03468190‌​‌
• Contact:
  Ivan Lanese
• Partner:​​
  Gran Sasso Science Institute​​​‌

7.1.2 CauDEr

• Name:
  Causal-consistent‌ Debugger for Erlang
• Keywords:‌​‌
  Debug, Reversible computing
• Scientific​​ Description:
  The CauDEr reversible​​​‌ debugger for Erlang is‌ based on the theory‌​‌ of causal-consistent reversibility, which​​ states that any action​​​‌ can be undone provided‌ that its consequences, if‌​‌ any, are undone beforehand.​​ This theory relies on​​​‌ a causal semantics for‌ the target language, and‌​‌ can be used even​​ if different processes have​​​‌ different notions of time.‌ Replay is based on‌​‌ causal-consistent replay, which allows​​ one to replay any​​​‌ future action, together with‌ all and only its‌​‌ causes.
• Functional Description:
  CauDEr​​ is a debugger allowing​​​‌ one to explore the‌ execution of concurrent and‌​‌ distributed Erlang programs both​​ forward and backward. Notably,​​​‌ when going backward, any‌ action can be undone‌​‌ provided that its consequences,​​ if any, are undone​​​‌ beforehand. The debugger also‌ provides commands to automatically‌​‌ find relevant past actions​​ (e.g., send of a​​​‌ given message) and undo‌ them, including their consequences.‌​‌ Forward computation can be​​ driven by a log​​​‌ taken from a computation‌ in the standard Erlang/OTP‌​‌ environment. An action in​​ the log can be​​​‌ selected and replayed together‌ with all and only‌​‌ its causes. The debugger​​ enables one to find​​​‌ a bug by following‌ the causality links from‌​‌ the visible misbehavior to​​ the bug.
• URL:
  https://­github.­com/­mistupv/­cauder​​​‌
• Publications:
  hal-03005383v1, hal-01912894v1‌, hal-02313745v1
• Contact:
  Ivan‌​‌ Lanese
• Participant:
  Ivan Lanese​​
• Partner:
  Universitat Politècnica de​​​‌ València

7.1.3 QuRA

• Name:‌
  Quipper Resource Analysis
• Keywords:‌​‌
  Static analysis, Quantum programming,​​​‌ Programming language
• Functional Description:​
  QuRA is a static​‌ analysis tool for the​​ verification of the resource​​​‌ consumption of quantum circuit​ description programs. QuRA takes​‌ as input a program​​ written in a variant​​​‌ of Quipper called PQ​ and outputs two things:​‌ a type for the​​ program and an upper​​​‌ bound to the size​ of the circuit it​‌ will build. QuRA is​​ capable of estimating global​​​‌ size metrics of circuits,​ such as their width​‌ and gate count, as​​ well as size metrics​​​‌ that are local to​ individual wires, such as​‌ depth. It does so​​ in an almost fully​​​‌ automatic fashion, with few​ annotations, thanks to the​‌ use of SMT solvers.​​
• URL:
  https://­github.­com/­andreacolledan/­qura
• Contact:
  Andrea​​​‌ Colledan
• Participants:
  Andrea Colledan,​ Ugo Dal Lago, Niki​‌ Vazou
• Partner:
  The IMDEA​​ Software Institute

7.1.4 Ranflood​​​‌

• Keywords:
  Cybersecurity, Ransomware
• Functional​ Description:

  Ranflood is an​‌ anti-crypto-ransomware tool that counteracts​​ the encryption phase by​​​‌ flooding specific folders (e.g.,​ the attacked location, the​‌ user's folders) with decoy​​ files and helps users​​​‌ recover their files after​ an attack.

  This action​‌ has a twofold effect.​​

  First, it confounds the​​​‌ genuine files of the​ user with decoy files,​‌ causing the attacking ransomware​​ to waste time on​​​‌ sacrificial data rather than​ on the victim's genuine​‌ files.

  Second, the file-flooding​​ IO-intensive activity contends with​​​‌ the ransomware to access​ the victim's computing resources,​‌ further slowing down the​​ attack of the malware.​​​‌

• Release Contributions:
  Ranflood 0.7-beta​ includes a) new code​‌ utilities and features, two​​ new Ranflood flooding strategies​​​‌ based on Shamir's Secret​ Sharing, and a related​‌ restore routine for the​​ FileChecker, and b) an​​​‌ HTTP and a WebSocket​ server that clients can​‌ use to connect to​​ the Ranflood daemon (useful​​​‌ also to support the​ connection with the new​‌ Ranflood webclient and additional​​ functionalities for a more​​​‌ fine-grained control of the​ daemon's processes).
• URL:
  https://­ranflood.­netlify.­app/​‌
• Contact:
  Saverio Giallorenzo

7.1.5​​ APP

• Name:
  Allocation Priority​​​‌ Policies
• Keywords:
  Serverless, Scheduling,​ Cloud computing, Optimisation
• Scientific​‌ Description:
  APP addresses the​​ problem of function execution​​​‌ scheduling, i.e., how to​ schedule the execution of​‌ Serverless functions to optimise​​ their performance against some​​​‌ user-defined goals, by specifying​ policies that inform the​‌ scheduling of function execution.​​
• Functional Description:

  Serverless computing​​​‌ is a Cloud development​ paradigm where developers write​‌ and compose stateless functions,​​ abstracting from their deployment​​​‌ and scaling.

  APP is​ a declarative language of​‌ Allocation Priority Policies to​​ specify policies that inform​​​‌ the scheduling of Serverless​ function execution to optimise​‌ their performance against some​​ user-defined goals.

  APP is​​​‌ currently implemented as a​ prototype extension of the​‌ Serverless Apache OpenWhisk platform.​​

• Release Contributions:

  0.1: APP​​​‌ first release introduced the​ APP declarative language used​‌ to write scheduling policies​​ in serverless platforms. The​​​‌ first release also introduced​ support for the OpenWhisk​‌ platform with an alternative​​ Load Balancer for APP​​​‌ scripts.

  0.1-tapp: This release​ introduces an extension of​‌ APP, named tAPP (topology-aware​​ Allocation Priority Policies), that​​​‌ adds the capability to​ declare topological constraints on​‌ function-scheduling. An implementation on​​ top of the OpenWhisk​​ platform is also provided.​​​‌

  0.1-aapp: Another extension, dubbed‌ aAPP (affinity-aware Allocation Priority‌​‌ Policies), that adds the​​ capability to define affinity​​​‌ and anti-affinity constraints on‌ 2 or more functions,‌​‌ together with an updated​​ implementation on OpenWhisk.

• URL:​​​‌
  https://­github.­com/­giusdp/­openwhisk
• Contact:
  Saverio Giallorenzo‌
• Partner:
  University of Southern‌​‌ Denmark

7.1.6 JOLIE

• Name:​​
  Jolie
• Keyword:
  Microservices
• Scientific​​​‌ Description:
  Jolie enforces a‌ strict separation of concerns‌​‌ between behaviour, describing the​​ logic of the application,​​​‌ and deployment, describing the‌ communication capabilities. The behaviour‌​‌ is defined using the​​ typical constructs of structured​​​‌ sequential programming, communication primitives,‌ and operators to deal‌​‌ with concurrency (parallel composition​​ and input choice). Jolie​​​‌ communication primitives comprise two‌ modalities of interaction typical‌​‌ of Service-Oriented Architectures (SOAs),​​ namely one-way (sends an​​​‌ asynchronous message) and request-response‌ (sends a message and‌​‌ waits for an answer).​​ A main feature of​​​‌ the Jolie language is‌ that it allows one‌​‌ to switch among many​​ communication media and data​​​‌ protocols in a simple,‌ uniform way. Since it‌​‌ targets the field of​​ SOAs, Jolie supports the​​​‌ main communication media (TCP/IP‌ sockets, Bluetooth L2CAP, Java‌​‌ RMI, and Unix local​​ sockets) and data protocols​​​‌ (HTTP, JSON-RPC, XML-RPC, SOAP‌ and their respective SSL‌​‌ versions) from this area.​​
• Functional Description:
  Jolie is​​​‌ a language for programming‌ service-oriented and microservice applications.‌​‌ It directly supports service-oriented​​ abstractions such as service,​​​‌ port, and session. Jolie‌ allows one to program‌​‌ a service behaviour, possibly​​ obtained by composing existing​​​‌ services, and supports the‌ main communication protocols and‌​‌ data formats used in​​ service-oriented architectures. Differently from​​​‌ other service-oriented programming languages‌ such as WS-BPEL, Jolie‌​‌ is based on a​​ user-friendly Java-like syntax (more​​​‌ readable than the verbose‌ XML syntax of WS-BPEL).‌​‌ Moreover, the kernel of​​ Jolie is equipped with​​​‌ a formal operational semantics.‌ Jolie is used to‌​‌ provide proof-of-concept implementations around​​ OLAS activities.
• Release Contributions:​​​‌
  Version 1.13 includes 4‌ minor releases. This version‌​‌ introduces several major enhancements.​​ The most significant change​​​‌ was the upgrade to‌ Java 21 as the‌​‌ language requirement. Other key​​ features include adding location​​​‌ data and line numbers‌ to faults, support for‌​‌ minimum values in number​​ ranges, and a complete​​​‌ JAP module system refactoring‌ query. The release also‌​‌ introduced a new Jolie2Java​​ implementation, YAML support, JSON​​​‌ schema enhancements, jolie2openapi improvements,‌ and refactored joliedoc and‌​‌ joliemock tools to support​​ the new syntax.
• URL:​​​‌
  http://­www.­jolie-lang.­org/
• Contact:
  Saverio Giallorenzo‌
• Participants:
  Claudio Guidi, Fabrizio‌​‌ Montesi, Maurizio Gabbrielli, Saverio​​ Giallorenzo, Ivan Lanese, Stefano​​​‌ Zingaro

7.1.7 FunLess

• Keywords:‌
  Serverless, WebAssembly
• Functional Description:‌​‌
  FunLess is a Function-as-a-Service​​ (FaaS) platform that, unlike​​​‌ traditional FaaS solutions that‌ rely on resource-heavy containerisation‌​‌ technologies, employs WebAssembly (Wasm)​​ as its runtime environment.​​​‌ Using Wasm ensures lightweight‌ execution, reduced cold starts,‌​‌ and enhanced portability, enabling​​ functions to run seamlessly​​​‌ on diverse hardware architectures‌ (particularly useful in cloud-edge‌​‌ environments). The platform supports​​ a consistent function development​​​‌ and deployment process, allowing‌ developers to write functions‌​‌ in multiple supported languages​​ (Rust, Go, and JavaScript),​​​‌ compile them into Wasm‌ binaries, and execute them‌​‌ across heterogeneous devices without​​​‌ requiring additional runtime adjustments.​ FunLess allows flexible deployments,​‌ supporting both bare-metal installations​​ and optional integration with​​​‌ container orchestration tools like​ Kubernetes.
• URL:
  https://­funless.­dev/
• Publication:​‌
  hal-04826377v1
• Contact:
  Matteo Trentin​​

7.1.8 JoT

• Name:
  Jolie​​​‌ Testing
• Keywords:
  Microservices, Software​ testing
• Functional Description:

  JoT​‌ is a testing framework​​ for Microservice Architectures based​​​‌ on technology agnosticism, a​ core principle of microservices.​‌

  The main advantage of​​ JoT is that it​​​‌ reduces the amount of​ work for a) testing​‌ microservices that use different​​ technology stacks, b) writing​​​‌ tests that involve multiple​ services, and c) reusing​‌ tests under different deployment​​ configurations or after changing​​​‌ some of its components​ (e.g., when, for performance,​‌ one reimplements a service​​ with a different technology).​​​‌

  In JoT, tests are​ orchestrators that can both​‌ consume or offer operations​​ from/to the microservice architecture​​​‌ under test. The language​ for writing JoT tests​‌ is Jolie, which provides​​ constructs that support technology​​​‌ agnosticism and the definition​ of terse test behaviors.​‌

• Release Contributions:
  In version​​ 0.0.27, JoT underwent some​​​‌ minor updates to fix​ some issues and integrate​‌ its functionalities with container​​ technologies (Docker) and continuous​​​‌ integration platforms (GitHub Actions).​
• URL:
  https://­github.­com/­jolie/­jot
• Contact:
  Saverio​‌ Giallorenzo
• Partner:
  University of​​ Southern Denmark

7.1.9 Choral​​​‌

• Keywords:
  Choreographic Programming, Compilation,​ Modularity, Distributed programming
• Scientific​‌ Description:

  In essence, Choral​​ developers program a choreography​​​‌ with the simplicity of​ a sequential program. Then,​‌ through the Choral compiler,​​ they obtain a set​​​‌ of programs that implement​ the roles acting in​‌ the distributed system. The​​ generated programs coordinate in​​​‌ a decentralised way and​ they faithfully follow the​‌ specification from their source​​ choreography, avoiding possible incompatibilities​​​‌ arising from discordant manual​ implementations. Programmers can use​‌ or distribute the single​​ implementations of each role​​​‌ to their customers with​ a higher level of​‌ confidence in their reliability.​​ Moreover, they can reliably​​​‌ compose different Choral(-compiled) programs,​ to mix different protocols​‌ and build the topology​​ that they need.

  Choral​​​‌ currently interoperates with Java​ (and it is planned​‌ to support also other​​ programming languages) at three​​​‌ levels: 1) its syntax​ is a direct extension​‌ of Java (if you​​ know Java, Choral is​​​‌ just a step away),​ 2) Choral code can​‌ reuse Java libraries, 3)​​ the libraries generated by​​​‌ Choral are in pure​ Java with APIs that​‌ the programmer controls, and​​ that can be used​​​‌ inside of other Java​ projects directly.

• Functional Description:​‌

  Choral is a language​​ for the programming of​​​‌ choreographies. A choreography is​ a multiparty protocol that​‌ defines how some roles​​ (the proverbial Alice, Bob,​​​‌ etc.) should coordinate with​ each other to do​‌ something together.

  Choral is​​ designed to help developers​​​‌ program distributed authentication protocols,​ cryptographic protocols, business processes,​‌ parallel algorithms, or any​​ other protocol for concurrent​​​‌ and distributed systems. At​ the press of a​‌ button, the Choral compiler​​ translates a choreography into​​​‌ a library for each​ role. Developers can use​‌ the generated libraries to​​ make sure that their​​​‌ programs (like a client,​ or a service) follow​‌ the choreography correctly. Choral​​ makes sure that the​​ generated libraries are compliant​​​‌ implementations of the source‌ choreography.

• Release Contributions:
  In‌​‌ 2025, Choral had 3​​ minor releases. The releases​​​‌ focused primarily on bug‌ fixes and minor improvements‌​‌ to the compiler and​​ standard library. These releases​​​‌ include fixing header bugs,‌ resolving problems with the‌​‌ building system, and addressing​​ compilation and compatibility issues​​​‌ with the standard library.‌
• URL:
  https://­www.­choral-lang.­org/
• Contact:
  Saverio‌​‌ Giallorenzo
• Participants:
  Saverio Giallorenzo,​​ Fabrizio Montesi
• Partner:
  University​​​‌ of Southern Denmark

7.1.10‌ ChorEr

• Name:
  Choreographies from‌​‌ Erlang
• Keywords:
  Choreography automata,​​ Erlang, Choreography extraction
• Scientific​​​‌ Description:

  ChorEr reconstructs the‌ possible message-passing interactions between‌​‌ Erlang processes and represents​​ them using Local Views,​​​‌ which are then combined‌ into a single Global‌​‌ View. The extraction follows​​ a bottom-up, over-approximating approach:​​​‌ any communication that might‌ occur is included. This‌​‌ ensures that potential issues,​​ including subtle concurrency bugs,​​​‌ are highlighted without being‌ missed. Deadlocks are highlighted‌​‌ directly in the Global​​ View graph: they appear​​​‌ as red states.

  This‌ tool is an early‌​‌ prototype and still under​​ development,

• Functional Description:
  Chorer​​​‌ is an analysis tool‌ that examines Erlang programs‌​‌ and extracts Choreography Automata​​ describing their communication behaviour.​​​‌ Its purpose is to‌ help developers uncover communication‌​‌ bugs in distributed and​​ actor-based systems, specifically those​​​‌ related to communication behaviour‌ (races, deadlocks, ...).
• Release‌​‌ Contributions:
  Deployment as web​​ application
• URL:
  https://­chorer.­cappuccino.­ovh/
• Contact:​​​‌
  Ivan Lanese
• Partner:
  I3S‌

8.1.1 Distributed systems and‌ choreographies

Considering failures and‌​‌ disruptions, we worked on​​ a behavioral theory for​​​‌ distributed systems with weak‌ recovery 7, introducing‌​‌ a process calculus that​​ models dynamic nodes/links, crash​​​‌ failures, imperfect knowledge, and‌ weak recovery with incarnation‌​‌ numbers. The work provides​​ a fully abstract coinductive​​​‌ characterization of weak barbed‌ congruence by means of‌​‌ a labeled transition system​​ semantics and its associated​​​‌ weak bisimilarity.

For specifying‌ and analyzing complex distributed‌​‌ coordination patterns, we advanced​​ choreography-based approaches with two​​​‌ complementary contributions: (1) pomsets‌ for process management 33‌​‌ applied to healthcare authorization/accreditation​​ protocols, featuring efficient realisability​​​‌ checking algorithms for both‌ synchronous and asynchronous communication;‌​‌ and (2) choreography extraction​​ for program understanding 45​​​‌, developing bottom-up techniques‌ that automatically generate global‌​‌ choreography automata from Erlang​​ message-passing code to reveal​​​‌ communication patterns, deadlocks, and‌ unexpected behaviors even in‌​‌ ill-formed systems 26.​​

Focusing on cloud-native systems,​​​‌ we presented two complementary‌ contributions addressing architecture adaptation.‌​‌ First, we introduced Adaptable​​ TeaStore 20, an​​​‌ extension of the TeaStore‌ benchmark 46 that incorporates‌​‌ adaptability as a first-class​​ design concern. The architecture​​​‌ distinguishes between mandatory services‌ and optional ones, supporting‌​‌ multiple component variants (called​​​‌ flavors) with varying resource​ requirements. Key innovations include​‌ outsourceable functionalities that can​​ be provided internally or​​​‌ by external providers, and​ local cache mechanisms ensuring​‌ resilience when external dependencies​​ fail. This contribution also​​​‌ includes a catalogue of​ varied adaptation scenarios (e.g.,​‌ database unavailability, cyberattacks, cloud​​ provider outages) and an​​​‌ open-source implementation for metrics​ collection and adaptation triggers.​‌ The second contribution 34​​ is an implementation of​​​‌ the Adaptable TeaStore architecture​ using AIOCJ 50,​‌ a choreographic language that​​ ensures correctness properties such​​​‌ as deadlock freedom before,​ during, and after adaptation.​‌ The approach uses adaptation​​ scopes to specify code​​​‌ sections that may change,​ while adaptation rules –​‌ which one can add​​ at runtime – define​​​‌ the execution of new​ distributed behaviors based on​‌ triggering conditions and on​​ code annotations, environment variables,​​​‌ and local state. The​ implementation revealed both strengths​‌ of the choreographic approach​​ and areas for improvement,​​​‌ including better integration with​ service controllers and more​‌ structured patterns for multi-scope​​ adaptations.

8.1.2 Serverless computing​​​‌

We addressed various aspects​ of serverless computing architectures.​‌ Continuing our development of​​ the APP (Allocation Priority​​​‌ Policies) language, we presented​ aAPP 35 an APP​‌ extension that supports affinity-aware​​ serverless function scheduling, allowing​​​‌ function allocation decisions to​ depend on the presence​‌ or absence of other​​ functions on execution nodes.​​​‌ This capability addresses both​ performance requirements (e.g., co-locating​‌ functions to reduce latency)​​ and security concerns (e.g.,​​​‌ preventing co-location of trusted​ and untrusted functions). We​‌ presented an implementation on​​ Apache OpenWhisk to demonstrate​​​‌ improved performance in affinity-aware​ scenarios with negligible overhead​‌ in non-affinity contexts. We​​ also formally analyzed APP​​​‌ and aAPP expressiveness 36​, 37, investigated​‌ from the point of​​ view of computational complexity​​​‌ of reachability analysis for​ APP and aAPP scripts​‌ – reachability essentially answers​​ the question “can a​​​‌ given function run on​ a specific node?”. While​‌ reachability analysis has linear​​ time complexity in APP,​​​‌ the addition of affinity​ constraints in aAPP makes​‌ the problem PSPACE-complete. Recognizing​​ the correspondence between aAPP​​​‌ reachability problems and automated​ planning problems, we also​‌ developed a static analyzer​​ that leverages PDDL (Planning​​​‌ Domain Definition Language) planners​ to verify scheduling properties.​‌ An open problem in​​ the usage of APP​​​‌ is defining the “right”​ scheduling policy, often requiring​‌ rounds of refinement involving​​ knowledge of the underlying​​​‌ infrastructure, guesswork, and empirical​ testing. We proposed a​‌ cost-aware variant of APP​​ 13 that lightens the​​​‌ burden on the shoulders​ of users by deriving​‌ cost information from the​​ functions, via static analysis.​​​‌

Remaining within the serverless​ domain, we presented Fenrir​‌ 42, a framework​​ that facilitates transitioning from​​​‌ monolithic programming to serverless​ architectures. In Fenrir, developers​‌ write applications in a​​ monolithic style and use​​​‌ annotations to specify which​ components should become separate​‌ serverless functions. Then, Fenrir​​ generates a deployable serverless​​​‌ codebase, ensuring alignment of​ execution semantics between monolithic​‌ and serverless code while​​ supporting rapid development and​​​‌ testing cycles.

We further​ explored the application of​‌ the serverless computing paradigm​​ in different areas than​​ the cloud. Specifically, we​​​‌ explored the application of‌ the paradigm in highly‌​‌ dynamic ad-hoc drone networks​​ 12. To support​​​‌ the routing of functions‌ in a decentralized way‌​‌ over moving drones, we​​ proposed the adoption of​​​‌ a two-layer network overlay‌ architecture that combines gossip-based‌​‌ topology management with distributed​​ function scheduling. To allow​​​‌ users to control the‌ deployment of functions over‌​‌ the drones, we introduced​​ another APP variant, called​​​‌ AHAPP (Ad-Hoc APP), that‌ enables function deployment based‌​‌ on resource constraints and​​ operational needs. The approach​​​‌ addresses network volatility through‌ execution semantics for both‌​‌ stable and dynamic topologies,​​ function offloading, and resilience​​​‌ to network disruptions. These‌ distributed systems must cope‌​‌ with various types of​​ failures, including crash failures​​​‌ with recovery.

8.1.3 Microservices‌

In the area of‌​‌ microservices, we introduced an​​ approach to microservice scaling​​​‌ 1 based on a‌ proactive-reactive global scaling algorithm‌​‌ that leverages knowledge of​​ functional dependencies between microservices.​​​‌ Unlike traditional local scaling‌ approaches, which adjust individual‌​‌ services independently, global scaling​​ performs coordinated architecture-level reconfigurations​​​‌ to reach a target‌ computational load. Based on‌​‌ this idea, we developed​​ an integrated architectural modeling​​​‌ and execution language based‌ on the ABS language,‌​‌ demonstrating that proactive-reactive global​​ scaling outperforms purely reactive​​​‌ approaches while optimizing both‌ performance and resource consumption.‌​‌ On the same thread​​ of global scaling, we​​​‌ presented a constraint optimization‌ approach 9 for deploying‌​‌ multi-flavored applications (where the​​ same components have different​​​‌ versions) on Cloud-Edge infrastructure‌ topologies. We demonstrate the‌​‌ practical feasibility of the​​ approach through experiments on​​​‌ a variety of realistic‌ Cloud-Edge infrastructural topologies and‌​‌ component architectures.

The application​​ of AI techniques to​​​‌ microservices lifecycle management represents‌ an emerging and rapidly‌​‌ growing field. In this​​ context, we conducted an​​​‌ exhaustive systematic mapping study‌ of AI techniques in‌​‌ the microservices' lifecycle 11​​, analyzing 269 peer-reviewed​​​‌ papers (2017–2023) to identify‌ 16 research themes connecting‌​‌ specific AI domains, DevOps​​ phases, and quality attributes.​​​‌ The study reveals performance‌ efficiency as the dominant‌​‌ focus (80%) and highlights​​ emerging trends in AIOps​​​‌ and Industry 4.0 applications.‌

8.1.4 Infrastructure as code‌​‌ for security

Following the​​ recent trend of Infrastructure​​​‌ as Code automatization, we‌ proposed applications that showcase‌​‌ the advantages of the​​ “as-code” paradigm to security.​​​‌ First, we presented SAFARI‌ 23, an open-source‌​‌ framework for safe and​​ efficient security investigation, focused​​​‌ on ransomware analysis. The‌ framework emphasizes scalability, air-gapped‌​‌ security, and automation, leveraging​​ virtualization, Infrastructure-as-Code, and OS-agnostic​​​‌ task automation to create‌ isolated environments for reproducible‌​‌ and controlled ransomware execution.​​ We demonstrated SAFARI's capabilities​​​‌ through case studies analyzing‌ notorious ransomware strains including‌​‌ WannaCry and LockBit, as​​ well as evaluating countermeasure​​​‌ tools. In the subsequent‌ work 3, we‌​‌ extended SAFARI for supporting​​ Operational Technology (OT) environments,​​​‌ enabling Security-Investigation-as-Code for industrial‌ systems. This adaptation addresses‌​‌ the challenges of validating​​ security in complex OT​​​‌ architectures where in-production testing‌ is impractical. Integrating technologies‌​‌ based on Infrastructure-as-Code and​​ Software Defined Networks with​​​‌ breach-and-simulation platforms (MITRE Caldera),‌ the framework provides scalable,‌​‌ reproducible multi-node security assessment​​​‌ capabilities while maintaining complete​ air-gapping.

8.3.1 Deterministic​​​‌ program analysis

Deterministic programs,​ following the traditional model​‌ of computation, can exhibit​​ quantitative effects and in​​​‌ particular give rise to​ time and space costs,​‌ which should for very​​ good reasons be kept​​​‌ under control. Moreover, the​ quantitative relational analysis of​‌ such programs through metrics​​ is also of interest.​​​‌ In OLAS, we study​ how this is possible​‌ and we thus deal​​ with semantics and verification​​​‌ of deterministic programs.

One​ class of deterministic programs​‌ which are of interest​​ for OLAS are certainly​​​‌ the higher-order ones, for​ which notions of complexity,​‌ called type-two complexity classes,​​ are well known. In​​​‌ 2, we investigate​ the class of type-two​‌ basic feasible functionals, which​​ serves as the higher-order​​ analogue of polynomial-time computable​​​‌ functions, and we study‌ how this class can‌​‌ be captured using higher-order​​ term rewriting. We model​​​‌ type-two computation by viewing‌ higher-order rewriting systems as‌​‌ mechanisms for computing functionals​​ that take first-order functions​​​‌ as inputs. Building on‌ existing approaches that use‌​‌ interpretations to analyze termination​​ and complexity in first-order​​​‌ rewriting, we focus on‌ a recently proposed framework‌​‌ of cost-size interpretations adapted​​ to the higher-order setting.​​​‌ We show that when‌ higher-order terms admit polynomially‌​‌ bounded cost-size interpretations, they​​ represent exactly the class​​​‌ of basic feasible functionals.‌ This result establishes a‌​‌ precise correspondence between second-order​​ polynomial-time computation defined via​​​‌ oracle Turing machines and‌ a syntactic, rewriting-based characterization‌​‌ grounded in higher-order term​​ rewriting theory.

In 24​​​‌, we study the‌ metric nature of differential‌​‌ logical relations as a​​ way to perform a​​​‌ quantitative analysis of deterministic‌ programs, measuring how program‌​‌ outputs vary in response​​ to variations in their​​​‌ inputs. Unlike standard metric-based‌ approaches, which assign a‌​‌ single numeric distance between​​ programs, we emphasize that​​​‌ differences between higher-order programs‌ should themselves be functions.‌​‌ These functions relate input​​ errors to output errors,​​​‌ yielding finer-grained and context-sensitive‌ quantitative information about program‌​‌ behavior. Our goal is​​ to clarify the metric​​​‌ nature of these relations.‌ Although prior work shows‌​‌ that differential logical relations​​ do not generally induce​​​‌ (quasi-)metric or partial metric‌ spaces, we show that‌​‌ the resulting distance functions,​​ what we call quasi-quasi-metrics,​​​‌ can be systematically related‌ to both quasi-metrics and‌​‌ partial metrics.

8.3.2 Probabilistic​​ program analysis

A class​​​‌ of programs and processes‌ that by their very‌​‌ nature exhibit quantitative effects​​ and are therefore suitable​​​‌ to quantitative analysis are‌ certainly probabilistic programs. In‌​‌ our team, we are​​ interested in studying probabilistic​​​‌ programs both from a‌ foundational and from a‌​‌ more applicative viewpoint.

In​​ 8, we extend​​​‌ intersection types to a‌ computational $\lambda$-calculus with‌​‌ algebraic operations in the​​ sense of Plotkin and​​​‌ Power, an example of‌ which is the probabilistic‌​‌ $\lambda$-calculus. We do​​ so by introducing monadic​​​‌ intersections, allowing computational effects‌ to be reflected not‌​‌ only in the operational​​ semantics but also directly​​​‌ in the type system.‌ Because termination is no‌​‌ longer the sole property​​ of interest in an​​​‌ effectful setting, we focus‌ on analyzing the interactive‌​‌ behavior of typed programs​​ with their environment. The​​​‌ resulting type system characterizes‌ a natural notion of‌​‌ observation, covering both finitary​​ and infinitary behaviors. We​​​‌ then extend the system‌ with subtyping to account‌​‌ for a broader range​​ of effects, using monads​​​‌ on preorders rather than‌ on sets, which enables‌​‌ in particular the modeling​​ of non-determinism. The core​​​‌ technical contribution is a‌ novel combination of syntactic‌​‌ methods with abstract relational​​ reasoning.

Abstract reduction systems​​​‌ provide a foundational framework‌ for operational semantics but‌​‌ are primarily limited to​​ qualitative reasoning. In 19​​​‌, we introduce weighted‌ rewrite systems, which‌​‌ enrich reductions with quantitative​​ information and enable the​​​‌ study of quantitative program‌ properties. We develop a‌​‌ theory of boundedness, a​​​‌ refinement of termination, together​ with sound and complete​‌ proof methods. Importantly, we​​ demonstrate that weighted rewrite​​​‌ systems form an abstract​ framework in which, in​‌ particular, probabilistic program properties​​ can be studied.

8.3.3​​​‌ Quantum program analysis

Quantum​ computation is a promising​‌ and emerging computational paradigm​​ which can efficiently solve​​​‌ problems considered to be​ intractable on classical computers.​‌ However, the unintuitive nature​​ of quantum mechanics poses​​​‌ interesting and challenging questions​ for the design and​‌ analysis of quantum programming​​ languages, with functional correctness​​​‌ and complexity analysis being​ of prime importance.

We​‌ study quantum program analysis​​ with the goal of​​​‌ statically reasoning about the​ size of the quantum​‌ circuits generated by high-level​​ programs, this being a​​​‌ crucial parameter for the​ realizability of the so-called​‌ quantum advantage. In particular,​​ we focus on circuit​​​‌ description languages, where classical​ programs produce quantum circuits​‌ that may far exceed​​ the capabilities of current​​​‌ hardware. We develop type-based​ techniques to derive parametric​‌ upper bounds on circuit​​ resources such as width,​​​‌ depth, and gate count,​ as well as refined​‌ variants that focus on​​ specific kinds of wires​​​‌ or gates 5,​ 4. Our approach​‌ relies on expressive type-and-effect​​ systems combining linearity, refinement​​​‌ types, and indexed effects,​ where indices are arithmetic​‌ expressions whose interpretation depends​​ on the chosen resource​​​‌ metric. This design allows​ us to flexibly adapt​‌ the analysis to different​​ notions of quantum cost.​​​‌ We apply these ideas​ to Quipper, a circuit​‌ description language, proving standard​​ type safety results and​​​‌ showing that the inferred​ resource bounds are sound​‌ with respect to a​​ big-step operational semantics. Finally,​​​‌ we implement our techniques​ in the QuRA tool​‌ and demonstrate empirically that​​ our framework can automatically​​​‌ infer tight and meaningful​ bounds for realistic quantum​‌ algorithms, including the Quantum​​ Fourier Transform and Grover’s​​​‌ algorithm.

In 31,​ we also extend a​‌ minimal system of Multiparty​​ Session Types with quantum​​​‌ data and quantum operations,​ obtaining Quantum Multiparty Session​‌ Types as a formal​​ framework for specifying and​​​‌ analyzing quantum communication protocols.​ Our approach supports protocol​‌ descriptions at both the​​ global level, where we​​​‌ specify the overall communication​ structure and dependencies, and​‌ the local level, where​​ we describe the expected​​​‌ behavior of each participant.​ In addition to guaranteeing​‌ standard communication properties such​​ as deadlock freedom, our​​​‌ system enforces single ownership​ of qubits at any​‌ point in time, thereby​​ capturing fundamental quantum principles​​​‌ such as no-cloning and​ no-deleting. We validate the​‌ expressiveness and usefulness of​​ our framework by verifying​​​‌ several representative quantum protocols​ from the literature, including​‌ Teleportation, Secret Sharing, Bit-Commitment,​​ and Key Distribution.

8.3.4​​​‌ Applications to cryptography and​ security

We have also​‌ become increasingly interested in​​ topics of cryptography and​​​‌ security.

Relational program​ logics are a fundamental​‌ tool in game-based cryptographic​​ proofs, where security arguments​​​‌ rely on relating the​ behavior of pairs of​‌ probabilistic programs. In 18​​, we introduce eRHL,​​​‌ a quantitative relational program​ logic whose assertions take​‌ values in the extended​​ non-negative reals, enabling reasoning​​ about relational expectation properties.​​​‌ By moving to quantitative‌ assertions, eRHL overcomes the‌​‌ randomness-alignment restrictions inherent in​​ earlier logics. As a​​​‌ result, eRHL is the‌ first relational probabilistic program‌​‌ logic to admit non-trivial​​ soundness and completeness results​​​‌ for all almost surely‌ terminating programs. Noteworthy, the‌​‌ logic is sound and​​ complete with respect to​​​‌ program equivalence, statistical distance,‌ and differential privacy. The‌​‌ practicality of this logic​​ has been demonstrated on​​​‌ several examples stemming from‌ cryptography and privacy, including‌​‌ the verification of randomized​​ response and privacy amplification​​​‌ mechanisms that ensure differential‌ privacy, and a proof‌​‌ of the PRP/PRF switching​​ lemma showing that pseudorandom​​​‌ permutations (PRPs) and functions‌ (PRFs) are computationally indistinguishable.‌​‌

In 6, we​​ have been re-investigating the​​​‌ role of memory layout‌ randomization (e.g. Kernel Layout‌​‌ randomization as employed in​​ the Linux kernel) as​​​‌ an (in)effective mitigation strategy‌ against attacks in the‌​‌ Spectre era. This work​​ encompasses a revised, formal​​​‌ thread model based on‌ the usual multi-tier memory‌​‌ model employed in modern​​ kernels as well as​​​‌ standard defense mechanisms (such‌ as DEP, SMAP/SMEP, etc),‌​‌ but where an attacker​​ can exploit side-channel information​​​‌ leaks and influence speculative‌ execution. We have proven‌​‌ that attacks comprising memory​​ safety such as the​​​‌ blindsight and related attacks‌ are not only possible‌​‌ due to practical limitations​​ of implementations, but are​​​‌ indeed inherent to the‌ attack vectors underlying modern‌​‌ computer architectures. To remedy,​​ we establish speculative memory​​​‌ safety through an adaptation‌ of the notion of‌​‌ constant time, a well​​ established implementation technique to​​​‌ mitigate side-channel attacks. We‌ also investigate program transformations‌​‌ to bridge the gap​​ between memory safety in​​​‌ speculative and classical scenarios.‌

8.4.1 Model checking higher-order​​ functions

Model checking is​​​‌ a powerful technique for‌ verifying systems and programs‌​‌ which, since the pioneering​​ results by Knapik et​​​‌ al. 47, Ong‌ 49, and Kobayashi‌​‌ 48, is known​​ to be applicable to​​​‌ functional programs with higher-order‌ types against properties expressed‌​‌ by formulas of monadic​​ second-order logic. Recent undecidability​​​‌ results of ours had‌ shown that applying higher-order‌​‌ model checking techniques to​​ programs that use effect​​​‌ handlers is a major‌ challenge. This is the‌​‌ challenge addressed in 15​​, using answer-type modifications,​​​‌ the use of a‌ monomorphic version of which‌​‌ allows to recover decidability.​​ However, the absence of​​​‌ polymorphism leads to a‌ loss of modularity, reusability,‌​‌ and even expressiveness. Hence​​ we also study, and​​​‌ propose a solution for,‌ the problem of defining‌​‌ a calculus that, on​​ the one hand, supports​​​‌ answer-type polymorphism and subtyping‌ but, on the other‌​‌ hand, ensures the underlying​​​‌ model checking problem to​ remain decidable. We have​‌ also implemented a proof-of-concept​​ model checker.

8.4.2 Asynchronous​​​‌ session types

Concerning session​ types, our efforts have​‌ gone into studying a​​ theory of asynchronous sessions​​​‌ ensuring that well-typed processes​ terminate under a suitable​‌ fairness assumption 32.​​ Fair termination ensures that​​​‌ all messages are eventually​ consumed, despite the asynchrony​‌ assumption. The type system​​ is also the first​​​‌ of its kind that​ is firmly rooted in​‌ linear logic; e.g., asynchronous​​ communication is modeled through​​​‌ commuting conversions and cut​ reductions in linear logic​‌ proofs.

8.4.3 Coinductive proof​​ techniques

`Up-to techniques' represent​​​‌ enhancements of the coinduction​ proof method and are​‌ widely used on coinductive​​ behavioral relations such as​​​‌ bisimilarity. In recent years,​ we have shown that​‌ these techniques are intimately​​ related to the proof​​​‌ technique of unique-solution of​ equations, originally proposed​‌ by Milner in the​​ 1980s. In 25 we​​​‌ first review two improvements​ of the unique-solution technique​‌ that we had proposed​​ in recent years. The​​​‌ first one builds on​ a new behavioral preorder,​‌ called contraction. The second​​ one relaxes the conditions​​​‌ under which unique-solution can​ be applied by focusing​‌ on divergence in processes.​​ We then compare the​​​‌ two techniques and present​ applications of these techniques​‌ to reason about higher-order​​ languages.

Abstract formulations of​​​‌ the up-to techniques exist,​ using fixed-points or category​‌ theory. In a recent​​ proposal, we had studied​​​‌ how to transport such​ techniques onto the concrete​‌ realms of inductive behavioral​​ relations, i.e., relations defined​​​‌ from inductive observables, e.g.,​ traces or enriched forms​‌ of traces. The abstract​​ meaning of these `inductive​​​‌ enhancements', however, remained unclear.​ We propose an abstract​‌ account in 39,​​ using fixed-point theory in​​​‌ complete lattices.

8.4.4 Unifying​ semantics and comparisons among​‌ models

A common theme​​ in OLAS is the​​​‌ comparison between models. On​ this, we have continued​‌ and refined work started​​ in previous years aimed​​​‌ at comparing the $\mathrm{\lambda }$-calculus, as a pure​‌ model of functions, and​​ the $\pi$-calculus, as​​​‌ a pure model of​ processes 14. There​‌ has been a lot​​ of work in the​​​‌ literature on the representation​ of the $\lambda$-calculus​‌ into the $\pi$-calculus,​​ since the early 1990s,​​​‌ where the process representations​ always yield (at best)​‌ non-extensional lambda-theories (i.e., the​​ beta rule holds, whereas​​​‌ eta does not). Our​ goal here was to​‌ see how to obtain​​ extensional representations. In particular​​​‌ we have showed that​ the representation of functions​‌ can be made parametric​​ on certain abstract components​​​‌ called wires (intuitively, processes​ whose task is to​‌ connect two end-point channels).​​ When a few algebraic​​​‌ properties of wires hold,​ the representation yields a​‌ lambda-theory. Further, by varying​​ the shape of wires​​​‌ (exploiting symmetries and dualities​ of the calculus), we​‌ can obtain well-known lambda-theories,​​ both extensional and non-extensional​​​‌ (intuitively, those of Böhm​ trees with infinite eta,​‌ of Levy-Longo trees, and​​ of Böhm trees).

Comparing​​​‌ models also offers us​ the opportunity for transferring​‌ ideas and techniques between​​ conceptually different models. In​​ 29, we take​​​‌ ideas from Game Semantics‌ for $\lambda$-calculi and‌​‌ transport them onto the​​ $\pi$-calculus). Precisely, we​​​‌ focus on the Game‌ Semantics concept of visibility‌​‌. Following the concept​​ of visibility, we first​​​‌ design a type system‌ for the $\pi$-calculus‌​‌ in which processes may​​ only store, or remember,​​​‌ first-order values. We then‌ show that visibility has‌​‌ a relevant impact on​​ process behaviors, and propose​​​‌ proof techniques to reason‌ about such behaviors.

In‌​‌ the semantics of higher-order​​ languages, a useful concept​​​‌ is that of duality;‌ it may be regarded‌​‌ as a unifying concept,​​ as it allows one​​​‌ to relate seemingly different‌ objects. Examples are: values‌​‌ and continuations; call-by-value and​​ call-by-name, programs and evaluation​​​‌ contexts; clients and servers‌ in session types, strict‌​‌ and lazy evaluation; product​​ and sum types, effects​​​‌ (monads) and coeffects (comonads).‌ In 22, we‌​‌ develop a different perspective:​​ a duality of abstraction​​​‌ – of currying and‌ cocurrying. Abstraction is at‌​‌ the heart of functional​​ programming. Just as higher-order​​​‌ functions give exponentials, higher-order‌ continuations give coexponentials. From‌​‌ this, we design a​​ language that combines exponentials​​​‌ and coexponentials, producing a‌ duality of lambda abstraction.‌​‌ We develop the semantics​​ of this language using​​​‌ the axiomatic structure of‌ continuations, yielding a complete‌​‌ axiomatization of control effects.​​ We further develop duals​​​‌ of first-order arrow languages‌ using coexponentials, and discuss‌​‌ the implementation of this​​ duality as control operators​​​‌ in programming.

8.5.1‌ Cybersecurity: ransomware defense

Two‌​‌ complementary works advanced the​​ Data Flooding Against Ransomware​​​‌ (DFaR) approach 44,‌ which contrasts ransomware with‌​‌ resource contention and confusion​​ by overwhelming attackers with​​​‌ decoy files that slow‌ down malicious operations and‌​‌ provide time for intervention.​​ The first contribution 28​​​‌ introduces a watermarking-based technique‌ that embeds imperceptible markers‌​‌ in randomly-generated decoy files,​​ enabling reliable identification and​​​‌ removal during system restoration‌ without requiring pre-attack file‌​‌ lists. This approach addresses​​ a critical limitation of​​​‌ existing random-content DFaR strategies‌ while maintaining the deceptive‌​‌ properties essential for confusing​​ ransomware. The second work​​​‌ 40 introduces a new‌ copy-based flooding modality based‌​‌ on Shamir's Secret Sharing​​ (SSS), providing protection against​​​‌ both crypto-ransomware and (for‌ the first time) exfiltration‌​‌ attacks. The proposal works​​ by splitting user files​​​‌ into shards. Since users‌ can parametrize the number‌​‌ of shards needed to​​ reconstruct the original files,​​​‌ the technique can achieve‌ high resilience when contrasting‌​‌ crypto-ransomware – allowing users​​ to recover data from​​​‌ few shards – while‌ maintaining secrecy against exfiltration‌​‌ – requiring attackers to​​ obtain many shards to​​​‌ reconstruct victims' data.

8.5.2‌ Educational technology and social‌​‌ analysis

We presented two​​ distinct contributions at the​​​‌ intersection of technology and‌ education, addressing different challenges‌​‌ in educational contexts. The​​ first 38 investigates the​​​‌ affordability and effectiveness of‌ using Large Language Models‌​‌ (LLMs) to answer multiple-choice​​​‌ questions in undergraduate Programming​ Languages courses. By fine-tuning​‌ smaller LLaMA-2 models (7B​​ and 13B parameters) with​​​‌ course textbook material, this​ work demonstrates that resource-efficient​‌ fine-tuned models outperform larger​​ generic ones, making LLM​​​‌ deployment more accessible for​ educational institutions with limited​‌ computational resources. The second​​ work 10 presents a​​​‌ framework for quantitatively measuring​ and improving social inclusion​‌ in educational settings using​​ affordable Internet of Things​​​‌ (IoT) devices for contact​ tracing combined with network​‌ analysis techniques. Employing PageRank​​ and Betweenness centrality measures,​​​‌ the framework identifies socially​ isolated students and proposes​‌ sustainable interventions aligned with​​ natural interaction patterns. A​​​‌ real-world case study in​ a primary school validates​‌ the methodology's effectiveness in​​ providing actionable insights for​​​‌ social integration without requiring​ substantial infrastructure investment.

8.5.3​‌ Programming language implementation

Within​​ the broader scope of​​​‌ systems programming, we introduced​ SILB-Recycler, a novel garbage​‌ collection algorithm 27 based​​ on a reference counting​​​‌ logic capable of collecting​ reference cycles. The algorithm​‌ features resilience to errors​​ during tracing, support for​​​‌ object finalization, no need​ for supplementary heap memory​‌ during collection, and a​​ fast breadth-first tracing approach​​​‌ that avoids stack overflows.​ Implemented as a Rust​‌ library, the garbage collector​​ provides smart pointers with​​​‌ APIs compatible with Rust's​ standard library. Benchmarks show​‌ that the algorithm performs​​ comparably to popular Rust​​​‌ alternatives and outperforms them​ when dealing with garbage​‌ cycles.

Ranflood

Giallorenzo co-leads​‌ a three-year project collaboration,​​ called “Ranflood”, between the​​​‌ “Regional Environmental Protection and​ Energy Agency” of Emilia-Romagna​‌ (ARPAE Emilia-Romagna) and the​​ “Department of Computer Science​​​‌ and Engineering” (DISI) at​ the University of Bologna.​‌ The collaboration regards the​​ development of techniques and​​​‌ software to combat the​ spread of malware by​‌ exploiting resource contention.

Participants:​​ Saverio Giallorenzo.

Enhancing Situational Awareness: Real-Time​‌ Monitoring and Replanning with​​ Collaborative Unmanned Vehicles and​​​‌ Onboard Sensing

Zavattaro and​ Giallorenzo participate in a​‌ two-year project collaboration, called​​ “Enhancing Situational Awareness: Real-Time​​​‌ Monitoring and Replanning with​ Collaborative Unmanned Vehicles and​‌ Onboard Sensing”, started in​​ December 2023, between Leonardo​​​‌ Company S.p.A., Thales Alenia​ Space Italia S.p.A., and​‌ the University of Bologna.​​ The collaboration regards the​​​‌ analysis of techniques for​ managing the development and​‌ deployment of software applications​​ in the context of​​​‌ multi-drone systems in disaster​ scenarios.

Participants: Gianluigi Zavattaro​‌, Saverio Giallorenzo.​​

10.1.1 Visits of international​‌ scientists

10.2.1 Horizon​​ Europe

10.3.1 HOPR

Participants: Martin​​​‌ Avanzini, Ugo Dal‌ Lago.

HOPR (Higher-Order‌​‌ Probabilistic and resource-aware Reasoning)​​ aims at investigating logical​​​‌ and semantical frameworks to‌ reason on computation including‌​‌ higher-order, probabilistic and resource-bounded​​ aspects. It explores applications​​​‌ to cryptography and to‌ differential privacy. This project‌​‌ started in January 2025,​​ for a duration of​​​‌ 4 years.

10.3.2 SmartCloud‌

SmartCloud (Smart dynamic adaptivity‌​‌ for cloud computing systems)​​ is an ANR project​​​‌ that started on January‌ 2024 and that will‌​‌ end in July 2027.​​

It aims at studying​​​‌ techniques for cloud computing‌ systems which can be‌​‌ updated in a smart,​​ dynamic and coordinated way​​​‌ to cope with changing‌ requirements and environment conditions.‌​‌ The project will define​​ a new framework for​​​‌ adaptation combining a model‌ of both platform and‌​‌ application aspects and heuristics​​ for online optimization.

Participants:​​​‌ Saverio Giallorenzo, Ivan‌ Lanese, Gianluigi Zavattaro‌​‌.

11.1.1​​​‌ Scientific events: organization

11.1.2 Journal

11.1.3 Invited talks

• 21st​​ Conference on Computability in​​​‌ Europe, CiE 2025 (​Ugo Dal Lago )​‌
• 27th International Symposium on​​ Principles and Practice of​​​‌ Declarative Programming, PPDP 2025​ (Ugo Dal Lago​‌ )
• 7th International Workshop​​ on Asynchronous Programming Models​​​‌ (Davide Sangiorgi )​

11.1.4 Leadership within the​‌ scientific community

• The Microservices​​ Community is a European-based,​​​‌ international, non-profit organization purposed​ to promote the development​‌ of microservices by bridging​​ research, education, and innovation​​​‌ within and between businesses,​ universities, organizations and individuals.​‌ Members of OLAS have​​ played active roles in​​​‌ the Community since its​ inception in 2019. The​‌ organization includes members from​​ the Innopolis University (Russia),​​​‌ the Dortmund University of​ Applied Sciences and Arts​‌ (Germany), SINTEF and the​​ University of Oslo (Norway),​​ the University of Pisa​​​‌ and the University of‌ Sassari (Italy), WSO2 (U.S.A.),‌​‌ and the Zurich University​​ of Applied Sciences (Switzerland).​​​‌ Lanese and Giallorenzo are‌ respectively part of the‌​‌ research and communication Community​​ groups.
• Ivan Lanese has​​​‌ been chair of the‌ IFIP (International Federation for‌​‌ Information Processing) WG6.1 on​​ Architectures and Protocols for​​​‌ Distributed Systems till June.‌

11.1.5 Research administration

• Martin‌​‌ Avanzini is member of​​ the "comité NICE" for​​​‌ welcoming external researchers (post-docs,‌ “delegation”).

11.2.1 Juries​​​‌

• Martin Avanzini has been‌ member of the evaluation‌​‌ comittee of the PhD​​ thesis of Neea Rusch​​​‌ at Augusta University, Georgia,‌ USA
• Ugo Dal Lago‌​‌ has been member of​​ the evaluation comittee of​​​‌ the PhD thesis of‌ Adrienne Lancelot at IRIF,‌​‌ Paris, France
• Ivan Lanese​​ has been member of​​​‌ the evaluation comittee of‌ the PhD thesis of‌​‌ Aurélie Kong Win Chang​​ at INRIA Grenoble, France​​​‌
• Ivan Lanese has been‌ member of the evaluation‌​‌ comittee of the PhD​​ thesis of Andrea Esposito​​​‌ at Università di Urbino‌ Carlo Bo, Italy

International​​​‌ journals

• 1 articleL.‌Lorenzo Bacchiani, M.‌​‌Mario Bravetti, S.​​Saverio Giallorenzo, M.​​​‌Maurizio Gabbrielli, G.‌Gianluigi Zavattaro and S.‌​‌ P.Stefano Pio Zingaro​​. Proactive–reactive microservice architecture​​​‌ global scaling.Journal‌ of Systems and Software‌​‌220February 2025,​​ 112262HALDOIback​​​‌ to text
• 2 article‌P.Patrick Baillot,‌​‌ U.Ugo Dal Lago​​, C.Cynthia Kop​​​‌ and D.Deivid Vale‌. A Characterization of‌​‌ Basic Feasible Functionals Through​​ Higher-Order Rewriting and Tuple​​​‌ Interpretations.Logical Methods‌ in Computer Science2025‌​‌. In press. HAL​​back to text
• 3​​​‌ articleF.Franco Callegati‌, S.Saverio Giallorenzo‌​‌, A.Andrea Melis​​, S.Simone Melloni​​​‌, M.Marco Prandini‌ and A.Alessandro Vannini‌​‌. Investigating Operational Technology​​​‌ Attacks as Code.​Empirical Software Engineering30​‌6September 2025,​​ 158HALDOIback​​​‌ to text
• 4 article​A.Andrea Colledan and​‌ U.Ugo Dal Lago​​. Flexible Type-Based Resource​​​‌ Estimation in Quantum Circuit​ Description Languages.Proceedings​‌ of the ACM on​​ Programming Languages9POPL,​​​‌ Article 47January 2025​, 1386-1416HALDOI​‌back to text
• 5​​ articleA.Andrea Colledan​​​‌, U. D.Ugo​ Dal Lago and N.​‌Niki Vazou. Circuit​​ Width Estimation via Effect​​​‌ Typing and Linear Dependency​.ACM Transactions on​‌ Programming Languages and Systems​​ (TOPLAS)473September​​​‌ 2025, 1-35HAL​DOIback to text​‌
• 6 articleD.Davide​​ Davoli, M.Martin​​​‌ Avanzini and T.Tamara​ Rezk. Comprehensive Kernel​‌ Safety in the Spectre​​ Era: Mitigations and Performance​​​‌ Evaluation.ACM Transactions​ on Privacy and Security​‌June 2025HALDOI​​back to text
• 7​​​‌ articleG.Giovanni Fabbretti​, I.Ivan Lanese​‌ and J.-B.Jean-Bernard Stefani​​. A Behavioral Theory​​​‌ for Distributed Systems with​ Weak Recovery.Logical​‌ Methods in Computer Science​​213July 2025​​​‌HALDOIback to​ text
• 8 articleZ.​‌Zeinab Galal, F.​​Francesco Gavazzo, R.​​​‌Riccardo Treglia and G.​Gabriele Vanoni. Monadic​‌ Intersection Types, Relationally and​​ Ordered.ACM Transactions​​​‌ on Programming Languages and​ Systems (TOPLAS)474​‌December 2025, 1-51​​HALDOIback to​​​‌ text
• 9 articleS.​Simone Gazza, R.​‌Roberto Amadini, A.​​Antonio Brogi, A.​​​‌Andrea d'Iapico, S.​Stefano Forti, S.​‌Saverio Giallorenzo, P.​​Pierluigi Plebani, F.​​​‌Francisco Ponce, J.​Jacopo Soldani, M.​‌Monica Vitali and G.​​Gianluigi Zavattaro. A​​​‌ Constraint-Based Approach to Optimise​ QoS- and Energy-Aware Cloud-Edge​‌ Application Deployments.ACM​​ Transactions on Internet Technology​​​‌July 2025HALDOI​back to text
• 10​‌ articleS.Saverio Giallorenzo​​, E.Emanuele Sinagra​​​‌, A.Angelo Trotta​, L.Loris Vergolini​‌ and A.Andrea Zanellati​​. A Framework for​​​‌ Improving Social Inclusion Using​ Network Analysis and IoT-Based​‌ Contact Tracing.IEEE​​ Transactions on Network Science​​​‌ and Engineering2025,​ 1-22HALDOIback​‌ to text
• 11 article​​S.Sergio Moreschini,​​​‌ S.Shahrzad Pour,​ I.Ivan Lanese,​‌ D.Daniel Balouek,​​ J.Justus Bogner,​​​‌ X.Xiaozhou Li,​ F.Fabiano Pecorelli,​‌ J.Jacopo Soldani,​​ E.Eddy Truyen and​​​‌ D.Davide Taibi.​ AI Techniques in the​‌ Microservices Life-Cycle: a Systematic​​ Mapping Study.Computing​​​‌1074March 2025​, 100HALDOI​‌back to text
• 12​​ articleG.Giuseppe de​​​‌ Palma, S.Saverio​ Giallorenzo, A.Alexandre​‌ Heideker, M.Matteo​​ Trentin, A.Angelo​​​‌ Trotta and G.Gianluigi​ Zavattaro. Distributed serverless​‌ function scheduling in ad-hoc​​ drone networks.Ad​​​‌ Hoc Networks178November​ 2025, 103951HAL​‌DOIback to text​​
• 13 articleG.Giuseppe​​​‌ de Palma, S.​Saverio Giallorenzo, C.​‌Cosimo Laneve, J.​​Jacopo Mauro, M.​​Matteo Trentin and G.​​​‌Gianluigi Zavattaro. Leveraging‌ static analysis for cost-aware‌​‌ serverless scheduling policies.​​International Journal on Software​​​‌ Tools for Technology Transfer‌January 2025HALDOI‌​‌back to text
• 14​​ articleK.Ken Sakayori​​​‌ and D.Davide Sangiorgi‌. Extensional and Non-extensional‌​‌ Functions as Processes.​​Logical Methods in Computer​​​‌ ScienceVolume 21, Issue‌ 3September 2025HAL‌​‌DOIback to text​​
• 15 articleT.Taro​​​‌ Sekiyama, U.Ugo‌ Dal Lago and H.‌​‌Hiroshi Unno. On​​ Higher-Order Model Checking of​​​‌ Effectful Answer-Type-Polymorphic Programs.‌Proceedings of the ACM‌​‌ on Programming Languages9​​OOPSLA2October 2025,​​​‌ 3726-3754HALDOIback‌ to text

Invited conferences‌​‌

• 16 inproceedingsU.Ugo​​ Dal Lago. Counting​​​‌ Qubits and Gates: Resource‌ Analysis in Quantum Programming‌​‌ Languages.PPDP 2025​​ - 27th International Symposium​​​‌ on Principles and Practice‌ of Declarative ProgrammingPPDP‌​‌ '25: Proceedings of the​​ 27th International Symposium on​​​‌ Principles and Practice of‌ Declarative Programming1Rende,‌​‌ ItalyACMSeptember 2025​​, 1-3HALDOI​​​‌

International peer-reviewed conferences

• 17‌ inproceedingsW.William Arnone‌​‌ and I.Ivan Lanese​​. Tallulah, a Tool​​​‌ to Support the Axiomatic‌ Approach to Causal-Consistent Reversibility‌​‌.RC 2025 -​​ 17th Conference on Reversible​​​‌ Computation15716Lecture Notes‌ in Computer ScienceOdense,‌​‌ DenmarkSpringer Nature Switzerland​​June 2025, 1-8​​​‌HALDOIback to‌ text
• 18 inproceedingsM.‌​‌Martin Avanzini, G.​​Gilles Barthe, D.​​​‌Davide Davoli and B.‌Benjamin Grégoire. A‌​‌ Quantitative Probabilistic Relational Hoare​​ Logic.ACM Digital​​​‌ LibraryPOPL 2025 -‌ 52nd ACM SIGPLAN Symposium‌​‌ on Principles of Programming​​ Languages9Proceedings of​​​‌ the ACM on Programming‌ LanguagesPOLP 2025Denver‌​‌ (Colorado), United StatesJanuary​​ 2025HALDOIback​​​‌ to text
• 19 inproceedings‌M.Martin Avanzini and‌​‌ A.Akihisa Yamada.​​ Weighted Rewriting.Lecture​​​‌ Notes in Computer Science.‌ Lecture Notes in Artificial‌​‌ IntelligenceFroCoS 2025 -​​ 15th International Symposium Frontiers​​​‌ of Combining SystemsFrontiers‌ of Combining Systems 15th‌​‌ International Symposium, FroCoS 2025,​​ Reykjavik, Iceland, September 29​​​‌ – October 1, 2025,‌ ProceedingsLNCS-LNAI-15979Reykjavic, Iceland‌​‌Springer Nature SwitzerlandSeptember​​ 2026, 191-208HAL​​​‌DOIback to text‌
• 20 inproceedingsS.Simon‌​‌ Bliudze, G.Giuseppe​​ de Palma, S.​​​‌Saverio Giallorenzo, I.‌Ivan Lanese, G.‌​‌Gianluigi Zavattaro and B.​​ A.Brice Arléon Zemtsop​​​‌ Ndadji. Adaptable TeaStore‌.Electronic Proceedings in‌​‌ Theoretical Computer ScienceWACA​​ 2025 - Workshop on​​​‌ Adaptable Cloud Architectures438‌Lille, FranceDecember 2025‌​‌, 1-14HALDOI​​back to text
• 21​​​‌ inproceedingsM.Mario Bravetti‌, L.Luca Padovani‌​‌ and G.Gianluigi Zavattaro​​. A Sound and​​​‌ Complete Characterization of Fair‌ Asynchronous Session Subtyping.‌​‌CONCUR 2025 - 36th​​ International Conference on Concurrency​​​‌ TheoryAarhus, DenmarkSchloss‌ Dagstuhl – Leibniz-Zentrum für‌​‌ Informatik2025HALDOI​​
• 22 inproceedingsV.Vikraman​​​‌ Choudhury and S. J.‌Simon J Gay.‌​‌ The Duality of $$-Abstraction​​.ACM Digital Library​​​‌POPL 2025 - 52nd‌ ACM SIGPLAN Symposium on‌​‌ Principles of Programming Languages​​​‌Proceedings of the ACM​ on Programming LanguagesDenver​‌ (Colorado), United StatesJanuary​​ 2025HALDOIback​​​‌ to text
• 23 inproceedings​T.Tommaso Compagnucci,​‌ F.Franco Callegati,​​ S.Saverio Giallorenzo,​​​‌ A.Andrea Melis,​ S.Simone Melloni and​‌ A.Alessandro Vannini.​​ SAFARI: A Scalable Air-Gapped​​​‌ Framework for Automated Ransomware​ Investigation.IFIP Advances​‌ in Information and Communication​​ Technology (Springer)IFIP SEC​​​‌ 2025 - ICT 40th​ IFIP International Information Security​‌ and Privacy ConferenceAICT-745​​ICT Systems Security and​​​‌ Privacy Protection : 40th​ IFIP International Conference, SEC​‌ 2025, Maribor, Slovenia, May​​ 21–23, 2025, Proceedings, Part​​​‌ IMaribor, SloveniaSpringer​ NatureMay 2025,​‌ 210-223HALDOIback​​ to text
• 24 inproceedings​​​‌U.Ugo Dal Lago​, N.Naohiko Hoshino​‌ and P.Paolo Pistone​​. On the Metric​​​‌ Nature of (Differential) Logical​ Relations.FSCD 2025​‌ - 10th International Conference​​ on Formal Structures for​​​‌ Computation and Deduction337​15Birmigham, United Kingdom​‌Schloss Dagstuhl – Leibniz-Zentrum​​ für Informatik2025HAL​​​‌DOIback to text​
• 25 inproceedingsA.Adrien​‌ Durier, D.Daniel​​ Hirschkoff and D.Davide​​​‌ Sangiorgi. Proof Techniques​ for Behavioural Relations Based​‌ on Unique-Solutions of Equations​​ and Inequations.Lecture​​​‌ Notes in Computer Science​Rebeca for Actor Analysis​‌ in Action - Essays​​ Dedicated to Marjan Sirjani​​​‌Lecture Notes in Computer​ ScienceLNCS-15560Västerås, Sweden​‌Springer Nature SwitzerlandMarch​​ 2025, 425-439HAL​​​‌DOIback to text​
• 26 inproceedingsG.Gabriele​‌ Genovese, I.Ivan​​ Lanese, C.Cinzia​​​‌ Di Giusto, E.​Emilio Tuosto and G.​‌Germán Vidal. Choreographies​​ for Program Understanding.​​​‌Lecture notes in computer​ science. LNCSFORTE 2025​‌ - 45th International Conference​​ on Formal Techniques for​​​‌ Distributed Objects, Components, and​ SystemsFormal Techniques for​‌ Distributed Objects, Components, and​​ SystemsLNCS-15732Lille, France​​​‌Springer Nature SwitzerlandJune​ 2025, 173-181HAL​‌DOIback to text​​
• 27 inproceedingsS.Saverio​​​‌ Giallorenzo and F.Francesco​ Goretti. Breadth-first Cycle​‌ Collection Reference Counting: Theory​​ and a Rust Smart​​​‌ Pointer Implementation.ACM​ digital library40th ACM/SIGAPP​‌ Symposium on Applied Computing,​​ SAC 2025Catania (IT),​​​‌ ItalyMarch 2025HAL​DOIback to text​‌
• 28 inproceedingsS.Saverio​​ Giallorenzo, S.Simone​​​‌ Melloni and P.Pietro​ Sami. Reliable and​‌ Robust Watermarking for Data​​ Flooding against Ransomware Random​​​‌ Techniques.IEEE Xplore​TrustCom 2025 - 24th​‌ IEEE International Conference on​​ Trust, Security and Privacy​​​‌ in Computing and Communications​Guiyang, ChinaNovember 2025​‌HALback to text​​
• 29 inproceedingsD.Daniel​​​‌ Hirschkoff, I.Iwan​ Quémerais and D.Davide​‌ Sangiorgi. First-order store​​ and visibility in name-passing​​​‌ calculi.36th International​ Conference on Concurrency Theory​‌ (CONCUR 2025)Aarhus (Denmark),​​ DenmarkSchloss Dagstuhl –​​​‌ Leibniz-Zentrum für Informatik2025​HALDOIback to​‌ text
• 30 inproceedingsU.​​ D.Ugo Dal Lago​​​‌, Z.Zeinab Galal​ and G.Giulia Giusti​‌. On Computational Indistinguishability​​ and Logical Relations.​​​‌Lecture notes in computer​ scienceAPLAS 2024 -​‌ 22nd Asian Symposium on​​ Programming Languages and Systems​​LNCS-15194Programming Languages and​​​‌ Systems : 22nd Asian‌ Symposium, APLAS 2024, Kyoto,‌​‌ Japan, October 22-24, 2024,​​ ProceedingsKyoto, JapanSpringer​​​‌ Nature SingaporeOctober 2025‌, 241-263HALDOI‌​‌
• 31 inproceedingsI.Ivan​​ Lanese, U.Ugo​​​‌ Dal Lago and V.‌Vikraman Choudhury. Towards‌​‌ Quantum Multiparty Session Types​​.PLanQC 2025 -​​​‌ Fifth International Workshop on‌ Programming Languages for Quantum‌​‌ ComputingDenver (Colorado), United​​ StatesJanuary 2025HAL​​​‌back to text
• 32‌ inproceedingsL.Luca Padovani‌​‌ and G.Gianluigi Zavattaro​​. Fair Termination of​​​‌ Asynchronous Binary Sessions.‌Leibniz International Proceedings in‌​‌ Informatics (LIPIcs)ECOOP 2025​​ - European Conference on​​​‌ Object-Oriented Programming39th European‌ Conference on Object-Oriented Programming‌​‌ (ECOOP 2025)LIPIcs-39Bergen,​​ NorwaySchloss Dagstuhl –​​​‌ Leibniz-Zentrum für Informatik2025‌HALDOIback to‌​‌ textback to text​​
• 33 inproceedingsS.Sourabh​​​‌ Pal, R.Roberto‌ Guanciale, I.Ivan‌​‌ Lanese, E.Emilio​​ Tuosto and M.Massimo​​​‌ Clo. Pomsets for‌ Process Management: A Healthcare‌​‌ Case Study.ICTAC​​ 2025 - International Colloquium​​​‌ on Theoretical Aspects of‌ Computing16237Lecture Notes‌​‌ in Computer ScienceMarrakech,​​ MoroccoSpringer Nature Switzerland​​​‌November 2026, 378-395‌HALDOIback to‌​‌ text
• 34 inproceedingsG.​​Giuseppe de Palma,​​​‌ S.Saverio Giallorenzo,‌ I.Ivan Lanese and‌​‌ G.Gianluigi Zavattaro.​​ Adaptable TeaStore: A Choreographic​​​‌ Approach.WACA 2025‌ - Workshop on Adaptable‌​‌ Cloud Architectures438Lille,​​ FranceDecember 2025,​​​‌ 79-99HALDOIback‌ to text
• 35 inproceedings‌​‌G.Giuseppe de Palma​​, S.Saverio Giallorenzo​​​‌, J.Jacopo Mauro‌, M.Matteo Trentin‌​‌ and G.Gianluigi Zavattaro​​. Affinity-aware Serverless Function​​​‌ Scheduling.IEEE Xplore‌22nd IEEE International Conference‌​‌ on Software ArchitectureOdense,​​ DenmarkMarch 2025HAL​​​‌back to text
• 36‌ inproceedingsG. D.Giuseppe‌​‌ De Palma, S.​​Saverio Giallorenzo, J.​​​‌Jacopo Mauro, M.‌Matteo Trentin and G.‌​‌Gianluigi Zavattaro. Function-as-a-Service​​ Allocation Policies Made Formal​​​‌.Lecture notes in‌ computer scienceISoLA 2024‌​‌ - 12th International Symposium​​ ON Leveraging Applications of​​​‌ Formal Methods, Verification and‌ Validation. REoCAS Colloquium in‌​‌ Honor of Rocco De​​ NicolaLNCS-15219Leveraging Applications​​​‌ of Formal Methods, Verification‌ and Validation. REoCAS Colloquium‌​‌ in Honor of Rocco​​ De NicolaCrete, France​​​‌Springer Nature SwitzerlandOctober‌ 2025, 306-321HAL‌​‌DOIback to text​​
• 37 inproceedingsG.Giuseppe​​​‌ de Palma, S.‌Saverio Giallorenzo, J.‌​‌Jacopo Mauro, M.​​Matteo Trentin and G.​​​‌Gianluigi Zavattaro. Reachability‌ Analysis of Function-as-a-Service Scheduling‌​‌ Policies.Lecture notes​​ in computer science. LNCS​​​‌IFM 2025 - 20th‌ International Conference on Integrated‌​‌ Formal MethodsIntegrated Formal​​ Methods : 20th International​​​‌ Conference, iFM 2025, Paris,‌ France, November 19–21, 2025,‌​‌ ProceedingsLNCS-16194Paris, France​​November 2025HALDOI​​​‌back to text
• 38‌ inproceedingsB.Bianca Raimondi‌​‌, S.Saverio Giallorenzo​​ and M.Maurizio Gabbrielli​​​‌. Affordably Fine-tuned LLMs‌ Provide Better Answers to‌​‌ Course-specific MCQs.Proceedings​​ of the 40th {ACM/SIGAPP}​​​‌ Symposium on Applied Computing,‌ {SAC} 2025, Catania, Italy,‌​‌ March 31-April 4, 2025​​​‌40th ACM/SIGAPP Symposium on​ Applied Computing, SAC 2025​‌Catania (IT), ItalyMarch​​ 2025HALDOIback​​​‌ to text
• 39 inproceedings​D.Davide Sangiorgi.​‌ An Abstract Account of​​ Up-to Techniques for Inductive​​​‌ Behavioural Relations.Lecture​ notes in computer science​‌ISoLA 2024 - 12th​​ International Symposium Leveraging Applications​​​‌ of Formal Methods Verification​ and Validation. REoCAS Colloquium​‌ in Honor of Rocco​​ De NicolaLNCS-15219Leveraging​​​‌ Applications of Formal Methods,​ Verification and Validation. REoCAS​‌ Colloquium in Honor of​​ Rocco De NicolaCrete​​​‌ Island, GreeceSpringer Nature​ SwitzerlandOctober 2025,​‌ 62-74HALDOIback​​ to text
• 40 inproceedings​​​‌D.Daniele d'Ugo,​ S.Saverio Giallorenzo and​‌ S.Simone Melloni.​​ Contrasting Crypto and Exfiltration​​​‌ Ransomware with Shamir's Secret​ Sharing Data Flooding.​‌IEEE XploreTrustCom 2025​​ - 24th IEEE International​​​‌ Conference on Trust, Security​ and Privacy in Computing​‌ and CommunicationsGuiyang, China​​November 2025HALback​​​‌ to text

Scientific book​ chapters

• 41 inbookI.​‌Ivan Lanese, C.​​ A.Claudio Antares Mezzina​​​‌ and M.Martin Vassor​. Bounded Reversibility in​‌ HOπ.16065Components​​ Operationally: Reversibility and System​​​‌ Engineering. Essays Dedicated to​ Jean-Bernard Stefani on the​‌ Occasion of His 65th​​ BirthdayLecture Notes in​​​‌ Computer ScienceSpringer Nature​ SwitzerlandOctober 2025,​‌ 24-45HALDOIback​​ to text
• 42 inbook​​​‌G.Giuseppe de Palma​, S.Saverio Giallorenzo​‌, J.Jacopo Mauro​​, M.Matteo Trentin​​​‌ and G.Gejsi Vjerdha​. Towards a Framework​‌ for Transitioning from Monolith​​ to Serverless.LNCS-15240​​​‌The Combined Power of​ Research, Education, and Dissemination:​‌ Essays Dedicated to Tiziana​​ Margaria on the Occasion​​​‌ of Her 60th Birthday​Lecture Notes in Computer​‌ ScienceJanuary 2025,​​ 167–182HALDOIback​​​‌ to text

Reports &​ preprints

• 43 miscV.​‌Vikraman Choudhury and W.​​Wind Wong. Symmetries​​​‌ in Sorting.2025​HAL