I'm an associate professor at the Software Engineering Division of the University of Gothenburg, in Sweden. My main research interests are in the area of Secure Software Engineering, with focus on:
  • Privacy-by-design and security-by-design (threat analysis, precise modeling and analysis of security & privacy properties in software architecture, patterns)
  • Empirical methods for security (controlled experiments and mining software repositories)

I spend my spare time taking photographs (see my photos here).

Under the spotlight

We have published a systematic literature review comparing several techniques for threat analysis in the Journal of Systems and Software
  • Katja Tuma, Gul Calikli, Riccardo Scandariato, Threat analysis of software systems: A systematic literature review
We have published a systematic literature review comparing several techniques for secure design in the Journal of Software and Systems Modeling
  • Alexander van den Berghe, Riccardo Scandariato, Koen Yskout, Wouter Joosen, Design Notations for Secure Software: A Systematic Literature Review

Short bio

Prof. Riccardo Scandariato received his PhD in Computer Science in 2004 from Politecnico di Torino, Italy. In 2005, he was a post-doctoral researcher at Politecnico di Torino, with the Software Engineering research group. In 2006, he joined the DistriNet research group at KU Leuven, Belgium. In Leuven, he became the leader of a team of researchers in the area of secure software. In 2014, he moved to Gothenburg (Sweden) and joined the department of Computer Science and Engineering, which is shared between the Chalmers University of Technology and the University of Gothenburg.

Prof. Scandariato's main research interests are in the area of secure software engineering, with a particular focus on (i) privacy & security by design and (ii) empirical methods for security. He has published over 80 papers in the area of security and software engineering. He is an Associate Editor of the International Journal of Secure Software Engineering (IJSSE) and a member of the Review Editorial Board of Frontiers in ICT. He regularly participates to the Program Committees of several top-rated conferences in the area of security and software engineering.


I am the co-author of over 80 publications. Click here for a complete list. This is my Google Scholar page.

PhD students

I have the privilege of supervising the following PhD students:

  • Mazen Mohamad, working on security assurance cases
  • Katja Tuma, working on security threat modeling of automotive software
  • Laurens Sion (at KU Leuven), working on code annotations for security
  • Alexander van den Berghe (at KU Leuven), working on analyzing security properties in design
  • Tomasz Kosinski (as co-supervisor, main supervisor being Morten Fjeld), working on privacy of IoT

Former PhD students

  • Koen Buyens, graduated in January 2012. Analyzing software architectures for least privilege violations
  • Thomas Heyman, graduated in March 2013. A formal analysis technique for secure software architectures
  • Kim Wuyts, graduated in January 2014. Privacy Threats in Software Architectures
  • Koen Yskout, graduated in April 2013. Connecting security requirements and software architecture with patterns


See this page for a list of conferences and workshops I am and have been involved in.