Since 2021 I am a professor at the Hamburg University of Technology and lead the Institute of Software Security. My work focuses on the design of secure and privacy-friendly applications, particularly in the realms of micro-services, IoT ecosystems, and cyber-physical systems. My research goal is to build round-trip security & privacy engineering methods, which are based on lightweight design models and connect the design models with the implementation code. In this research agenda, an important role is played by the use of ML/AI, as well as the adoption security-oriented intelligent agents. My work is also characterized by the systematic use of empirical methods for security, including controlled experiments and mining software repositories. I received my PhD in Computer Science in 2004 from Politecnico di Torino, Italy. In my academic career I had the opportunity to work in several countries, including the United States (University of Virginia, 2003), Italy (Politecnico di Torino, 2004-2005), Belgium (KU Leuven, 2006-2014) and Sweden (University of Gothenburg, 2014-2020). My interest in machine learning and AI is related to automatically identifying malware, localizing software vulnerabilities in Java/C++ code, and creating intelligent agents that can support the developers towards creating more secure software.