José Flora

I am a PhD student of the Doctoral Program in Information Science and Technology at the University of Coimbra where I am, since 2017, a student researcher with the Centre for Informatics and Systems. I have completed my Masters in Informatics Security in 2019 and the Bachelor's degree in Informatics Engineering in 2017 at the University of Coimbra. I have participated as student researcher in 3 projects, namely H2020: ATMOSPHERE; METRICS and TalkConnect. My expertise include testing techniques, fault injection, vulnerability injection and benchmarking, applied in the context of multi-tenant cloud and virtualised environments, containers platforms and microservice architectures.


  • Cloud Security
  • Security Testing
  • Virtualised Environments
  • Intrusion Detection & Tolerance
  • Trusted Computing
  • Trusted Execution Environments


AIDA: Adaptive, Intelligent and Distributed Assurance Platform

PhD Researcher

The project aims at improving a platform used by Mobileum for integral risk management in companies. This platform ensures revenue, corporate conditions and fraud control for companies. Thanks to the newest version of the platform, developed by AIDA, companies will be able to collect and monitor data in an extremely flexible way, with real time guarantees, security and reliability.

November 2019 - April 2022

SNOB-5G: Scalable Network Backhauling for 5G

PhD Researcher

SNOB-5G will carry out the research and development of a self-optimised, intelligent and fault-tolerant wireless backhaul solution for 5G networks that will empower cities, as neutral hosts, in the 5G business, by promoting total connectivity with a high-bandwidth, capacity and latency requirements, capable of accommodating new and innovative urban services. The new and robust technological solution for 5G deployment may use existing urban furniture to overcome the current limitations related to the availability and installation costs of wired connections that support the backhaul communication.

November 2019 - October 2022

ISSRE 2020: International Symposium on Software Reliability Engineering


The annual International Symposium on Software Reliability Engineering (ISSRE) is focused on innovative techniques and tools for assessing, predicting, and improving the reliability, safety, and security of software products. ISSRE will be organizing its 31st edition in Coimbra, Portugal, and will continue to emphasize scientific methods, industrial relevance, rigorous empirical validation and shared value of practical tools and experiences as paper selection criteria.

November 2020

TalkConnect: Voice Architecture over Distributed Network

PhD Researcher

The TalkConnect project aims at research and implement a new solution which combines multiple direct telco connection with third party Communication Platform as a Service (CPaas) providers with global coverage. One of the main cornerstones of this work is related to ensuring the security of the platform and of the communications. More precisely, these are cloud environments that typically use microservice architectures and virtualisation environments to deploy such application exacerbating security concerns that need to be addressed.

2019 - September 2021

METRICS: Monitoring and Measuring the Trustworthiness of Critical Cloud Systems

Master Researcher

Cloud is pervasive nowadays, but its adoption in critical systems is limited by trust issues, mainly influenced by security, dependability, privacy, fairness and transparency concerns, as per the recent GDPR regulation. Organizations, businesses, and customers need to know how much they can trust in the cloud systems storing and managing their sensitive data or executing their business processes. As a evolving concept, the trustworthiness of the system must be continuously monitored and measured, but there is a lack of means to do that in cloud environment. This project aims to propose a framework and means for monitoring and assessing the trustworthiness of cloud systems. This includes the definition of trustworthiness properties, their continuous measurement and analysis. The solution can also be used to monitor whether the data of individuals is handled properly. The project’s outcome will be demonstrated in a big data analytics system used in city traffic management and improvement.

July 2018 - July 2021

QUATIC 2018: Quality of Information and Communications Technology


The International Conference on the Quality of Information and Communications Technology (QUATIC) serves as a forum for disseminating advanced methods, techniques and tools for supporting quality approaches to ICT engineering and management. Practitioners and researchers are encouraged to exchange ideas and approaches on how to adopt a quality culture in ICT process and product improvement and to provide practical studies in varying contexts.

September 2018

ATMOSPHERE: Adaptive, Trustworthy, Manageable, Orchestrated, Secure, Privacy-assuring, Hybrid Ecosystem for REsilient Cloud Computing

Master Researcher

ATMOSPHERE is a project aiming at the design and development of an ecosystem comprised of a framework and a platform enabling the implementation of next generation trustworthy cloud services on top of an intercontinental hybrid and federated resource pool. The framework considers a broad spectrum of trustworthiness properties and their measures. The platform supports the development, build, deployment, measurement and evolution of trustworthy cloud resources, data management services and data processing services, and is demonstrated on a sensitive scenario consisting of a cloud-enabled secure and trustworthy application for distributed telemedicine.

2017 - 2018


University of Coimbra

Doctor of Science
September 2019 -

University of Coimbra

Master of Science

Thesis: Container-level Intrusion detection for multi-tenant environments
Final Grade: 18 / 20

September 2017 - September 2019

Cambridge English School

Cambridge English: Advanced – C1

Final Grade: 195 / 210

September 2018 - July 2019

University of Coimbra

Bachelor of Science

Final Grade: 15 / 20

September 2014 - July 2017


Techniques & Technologies
  • Security Testing Techniques
  • Fault and Vulnerability Injection
  • Attack Injection
  • Container Platforms (Docker, LXC, OpenVZ)
  • Microservice Architectures
  • Intel Software Guard Extensions (SGX)