Research

Our research focuses on tools and techniques for building reliable, efficient, and secure software systems. To this end, we work on techniques that advance the state of the art in program analysis, automated testing, and machine learning. As part of our research, we have contributed to techniques that detected thousands of bugs and critical vulnerabilities in widely used software.

Learning to Find Bugs

Practically all software has bugs, but finding them is difficult. We develop deep learning-based bug detectors that automatically spot unusual and likely wrong code.

Neural Type Prediction

Code written in dynamic languages, e.g., Python and JavaScript, often lacks type annotations. Our neural network-based type predictors automatically add missing annotations, which improves reliability and maintainability.

Reliable Quantum Computing

Quantum computing is an emerging paradigm, which requires a solid software stack. We develop automated testing techniques to improve the reliability of quantum computing platforms.

Analyzing WebAssembly

WebAssembly powers various applications in the web and beyond. We develop program analyses for WebAssembly and study the WebAssembly ecosystem.

Node.js Security

Server-side JavaScript and the Node.js ecosystem have interesting security challenges. We

Dynamic Analysis Frameworks

Dynamic analysis is a powerful technique to understand and improve software, but can be tricky to implement. We develop general-purpose dynamic analysis frameworks that help develop analyses with little effort.

JavaScript and Web Applications

JavaScript has become ubiquitous in the web and beyond. We develop dynamic analyses, static analyses, and test generation techniques to detect bugs in JavaScript-based web applications.

Actionable Performance Profiling

Inefficient software is annoying and costs money. We create actionable performance profilers that pinpoint specific optimization opportunities to help developers speed up their code.

Test Generation

Many bugs are exposed only when running the program. We develop tools that generate inputs for automated and effective testing, both at the unit-level and the system-level.

Concurrency

Inefficient software is annoying and costs money. We create actionable performance profilers that pinpoint specific optimization opportunities to help developers speed up their code.

API Protocol Mining and Checking

APIs often impose constraints on the order of method calls. We develop techniques to automatically infer and check such API protocols.