Research
Our research focuses on tools and techniques for building reliable, efficient, and secure software systems. To this end, we work on techniques that advance the state of the art in program analysis, automated testing, and machine learning. As part of our research, we have contributed to techniques that detected thousands of bugs and critical vulnerabilities in widely used software.
Learning to Find Bugs
Practically all software has bugs, but finding them is difficult. We develop deep learning-based bug detectors that automatically spot unusual and likely wrong code.
Neural Type Prediction
Code written in dynamic languages, e.g., Python and JavaScript, often lacks type annotations. Our neural network-based type predictors automatically add missing annotations, which improves reliability and maintainability.
Reliable Quantum Computing
Quantum computing is an emerging paradigm, which requires a solid software stack. We develop automated testing techniques to improve the reliability of quantum computing platforms.
Analyzing WebAssembly
WebAssembly powers various applications in the web and beyond. We develop program analyses for WebAssembly and study the WebAssembly ecosystem.
Node.js Security
Server-side JavaScript and the Node.js ecosystem have interesting security challenges. We
Dynamic Analysis Frameworks
Dynamic analysis is a powerful technique to understand and improve software, but can be tricky to implement. We develop general-purpose dynamic analysis frameworks that help develop analyses with little effort.
JavaScript and Web Applications
JavaScript has become ubiquitous in the web and beyond. We develop dynamic analyses, static analyses, and test generation techniques to detect bugs in JavaScript-based web applications.
Actionable Performance Profiling
Inefficient software is annoying and costs money. We create actionable performance profilers that pinpoint specific optimization opportunities to help developers speed up their code.
Test Generation
Many bugs are exposed only when running the program. We develop tools that generate inputs for automated and effective testing, both at the unit-level and the system-level.
Concurrency
Inefficient software is annoying and costs money. We create actionable performance profilers that pinpoint specific optimization opportunities to help developers speed up their code.
API Protocol Mining and Checking
APIs often impose constraints on the order of method calls. We develop techniques to automatically infer and check such API protocols.