Static analysis tools for capturing bugs and vulnerabilities in software programs are widely
employed in practice, as they have the unique advantages of high coverage and …

Program logics for bug-finding (such as the recently introduced Incorrectness Logic) have
framed correctness and incorrectness as dual concepts requiring different logical …

Abstract interpretation is a well-known and extensively used method to extract over-
approximate program invariants by a sound program analysis algorithm. Soundness means …

Hoare logics are proof systems that allow one to formally establish properties of computer
programs. Traditional Hoare logics prove properties of individual program executions (such …

Machine learning and its promising branch deep learning have proven to be effective in a
wide range of application domains. Recently, several efforts have shown success in …

We study transformational program logics for correctness and incorrectness that we extend
to explicitly handle both termination and nontermination. We show that the logics are …

Hyperproperties relate multiple executions of a program and are useful to express common
correctness properties (such as determinism) and security properties (such as non …

Program termination is a classic non-safety property whose falsification cannot in general be
witnessed by a finite trace. This makes testing for non-termination challenging, and also a …

With the increasing reliance on Open Source Software, users are exposed to third-party
library vulnerabilities. Software Composition Analysis (SCA) tools have been created to alert …

Sound over-approximation methods have been proved effective for guaranteeing the
absence of errors, but inevitably they produce false alarms that can hamper the …