Current software stacks are built on top of unsafe languages such as C and C++. Software attacks sabotage program executions by inducing control flow transfers to shellcode or manipulating data pointers to read/write sensitive information. By embedding security checks into subject programs during compilation, many attacks can be foiled effectively. In this proposal, we investigate current softw...

Testing remains the principal means of verification in commercial practice and in many certification regimes. Formal methods of verification will coexist with testing and should be developed in ways that improve, supplement, and exploit the value of testing. I describe automated test generation, which uses technology from formal methods to mechanize the construction of test cases, and discuss s...

The cost of maintaining formally specified and verified software is widely considered prohibitively high due to the need constantly keep code proofs its correctness in sync—the problem known as proof repair . One main challenges automated for evolving infer invariants a new version once program that are strong enough establish full functional correctness. In this work, we present first methodol...

Abstract interpreters are complex pieces of software: even if the abstract interpretation theory and companion algorithms well understood, their implementations subject to bugs, that might question soundness computations. While some formally verified have been written in past, writing understanding them requires expertise use proof assistants, a non-trivial amount interactive proofs. This paper...

Abstract First-order temporal logics and rule-based formalisms are two popular families of specification languages for monitoring. Each family has its advantages only few monitoring tools support their combination. We extend metric first-order logic (MFOTL) with a recursive let construct, which enables interleaving rules formulas. also VeriMon, an MFOTL monitor whose correctness been formally v...