I'm a professor of software engineering at Department of Computer Science and Engineering, University of Gothenburg and Chalmers University of Technology, in Sweden. My main research interests are in the area of secure software engineering, with focus on:
  • Privacy-by-design and security-by-design (threat analysis, precise modeling and analysis of security & privacy properties in software architecture)
  • Empirical methods for security (controlled experiments and mining software repositories)

I spend my spare time taking photographs (see my photos here).

Short bio

Prof. Riccardo Scandariato received his PhD in Computer Science in 2004 from Politecnico di Torino, Italy. In 2005, he was a post-doctoral researcher at Politecnico di Torino, with the Software Engineering research group. In 2006, he joined the DistriNet research group at KU Leuven, Belgium. In 2014, he moved to Gothenburg (Sweden) and joined the department of Computer Science and Engineering, which is shared between the Chalmers University of Technology and the University of Gothenburg.

Prof. Scandariato's main research interests are in the area of secure software engineering, with a particular focus on (i) privacy & security by design and (ii) empirical methods for security. He has published over 80 papers in the area of security and software engineering. He regularly participates to the Program Committees of several top-rated conferences in the area of security and software engineering.

Research team

I have the privilege of working together with the following researchers:

  • Katja Tuma, (PhD student) working on security threat assessment of automotive software
  • Mazen Mohamad, (PhD student) working on security assurance cases for automotive
  • Tomasz Kosinski, (PhD student) working on privacy of IoT
  • Rodi Jolak, (PostDoc) working on resiliance of automotive systems


I created (and teach) a new project course (15 credits) on "production ML systems" for the Bachelor program in Software Engineering and Management at the University of Gothenburg. The course official title is "Software Engineering for Data-Intensive AI Applications (DIT824)".

Former PhD students

  • Alexander van den Berghe, graduated in March 2020 (KU Leuven). SMILE: A Security-Centric, Formally-Founded Modelling Language for Humans
  • Kim Wuyts, graduated in January 2014 (KU Leuven). Privacy Threats in Software Architectures
  • Thomas Heyman, graduated in March 2013 (KU Leuven). A formal analysis technique for secure software architectures
  • Koen Yskout, graduated in April 2013 (KU Leuven). Connecting security requirements and software architecture with patterns
  • Koen Buyens, graduated in January 2012 (KU Leuven, co-supervisor). Analyzing software architectures for least privilege violations