基本信息
浏览量:371
![](https://originalfileserver.aminer.cn/sys/aminer/icon/show-trajectory.png)
个人简介
My area of expertise includes program analysis, testing, verification, security, and software engineering.
I am probably best known for my early work on partial-order reduction for model checking concurrent systems (my PhD thesis is published as LNCS volume 1032 by Springer), for my work on VeriSoft, the first software model checker for mainstream programming languages such as C and C++, for my work on 3-valued model checking with may/must abstractions for sound program verification and falsification, and for my work on automatic test generation with DART. More recently, I co-developed SAGE, the first whitebox fuzzer for security testing, which was credited to have found roughly one third of all the security vulnerabilities discovered by file fuzzing during the development of Microsoft's Windows 7. In 2015, I co-founded Project Springfield, the first commercial cloud fuzzing service. In 2017, I co-created RESTler, the first stateful REST API fuzzing tool for automatically testing cloud services through their APIs and finding security and reliability bugs in these services. In 2022, I joined Lacework, a fast-growing cloud security start-up, with the mission to revolutionize software engineering for the cloud.
Research. My main research topic during the last 30+ years has been software model checking in a broad sense. Specifically, my main broad research contribution has been the development of dynamic software model checking, a new approach to software model checking via systematic testing that combines program analysis, testing, model checking, and theorem proving. This approach is implemented in Microsoft tools like SAGE, PEX, and YOGI, and in many other tools outside Microsoft.
I am probably best known for my early work on partial-order reduction for model checking concurrent systems (my PhD thesis is published as LNCS volume 1032 by Springer), for my work on VeriSoft, the first software model checker for mainstream programming languages such as C and C++, for my work on 3-valued model checking with may/must abstractions for sound program verification and falsification, and for my work on automatic test generation with DART. More recently, I co-developed SAGE, the first whitebox fuzzer for security testing, which was credited to have found roughly one third of all the security vulnerabilities discovered by file fuzzing during the development of Microsoft's Windows 7. In 2015, I co-founded Project Springfield, the first commercial cloud fuzzing service. In 2017, I co-created RESTler, the first stateful REST API fuzzing tool for automatically testing cloud services through their APIs and finding security and reliability bugs in these services. In 2022, I joined Lacework, a fast-growing cloud security start-up, with the mission to revolutionize software engineering for the cloud.
Research. My main research topic during the last 30+ years has been software model checking in a broad sense. Specifically, my main broad research contribution has been the development of dynamic software model checking, a new approach to software model checking via systematic testing that combines program analysis, testing, model checking, and theorem proving. This approach is implemented in Microsoft tools like SAGE, PEX, and YOGI, and in many other tools outside Microsoft.
研究兴趣
论文共 148 篇作者统计合作学者相似作者
按年份排序按引用量排序主题筛选期刊级别筛选合作者筛选合作机构筛选
时间
引用量
主题
期刊级别
合作者
合作机构
2022 IEEE/ACM 44th International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP) (2022): 331-340
ISSTA '20: 29th ACM SIGSOFT International Symposium on Software Testing and Analysis
Virtual Event
USA
July, 2020pp.312-323, (2020)
Computing and Software Sciencepp.505-531, (2019)
加载更多
作者统计
合作学者
合作机构
D-Core
- 合作者
- 学生
- 导师
数据免责声明
页面数据均来自互联网公开来源、合作出版商和通过AI技术自动分析结果,我们不对页面数据的有效性、准确性、正确性、可靠性、完整性和及时性做出任何承诺和保证。若有疑问,可以通过电子邮件方式联系我们:report@aminer.cn