Cu D. Nguyen, PhD

Research Associate at SVV Lab

Interdisciplinary Centre for Security, Reliability and Trust / University of Luxembourg
4 rue Alphonse Weicker
L-2721 Luxembourg
Email: duy [DOT] nguyen [AT] uni [DOT] lu

Software systems are becoming more and more complex, networked, and intelligent (with self-* capability), they are often deployed on the untrusted Web; testing is, thus, more challenging. Investigating automated testing techniques and tools to deal with complexity and to improve software quality, building security in software are my research goal. Current research of interests include:

  • Automated Continuous Testing for Web-based and Mobile Systems:
    • Model Inference
    • Test Generation
    • Oracle Learning
  • Security Testing
    • Automated Vulnerability-based Testing
    • Penetration Testing and Tools
  • Software Agents and Multi-Agent Systems

I'm working with 2 industry partners (in finance and crisis management) on security testing topics: SQL injection, XML injection, and testing for access control.

Co-supervised PhD Students:

Tools that I develop and support:

  FITTEST ITE The FITTEST ITE (Integrated Testing Environment) is a tool for the automated test of Future Internet applications. It integrates a tool suite of new and improved testing tools for continuous automated testing.  
  M[agi]C M[agi]C is a tool for test case generation. It combines model-based testing and combinatorial testing. Models are used to generate test scenarios (test sequences), and combinatorial techniques complement the test scenarios with concrete test input data, minimizing the number of test combination while maintaining the test data interaction criteria.  
  EJADE EJADE is an Eclipse plug-in that supports JADE, JADEX agent developers.   
  eCAT eCAT, a Continuous Agent Testing Framework / Eclipse. The framework contains a special software agent (called Autonomous Tester Agent) that plays the role of the human tester by producing test suites and executing them; Monitoring Agents that observe the execution (including the exchanged messages), provide insights to the Autonomous Tester Agent, and recognize problematic behaviours...  
  Google Google Custom Search. A service for seaching papers from citeseer, ieeexplore,, springer, sciencedirect, 
interscience.wiley, citeulike, DBLP
  Some other tools:  Android Monkey Lib, TAOM4E  


Recent publications:



Software Testing and Analysis:

Invited Lectures:

Conference Contribution

Review papers in journals:

Review papers in conferences and workshops (selected only):

  • SERE
  • ASE
  • FSE
  • ICSE
  • AOSE
  • IAT
  • WI