The increasing use of sensitive private data in computing is matched by a growing concern
regarding data privacy. System software such as hypervisors and operating systems are …

Concurrent systems software is widely-used, complex, and error-prone, posing a significant
security risk. We introduce VRM, a new framework that makes it possible for the first time to …

System software is often large and complex, resulting in many vulnerabilities that can
potentially be exploited to compromise the security of a system. Formal verification offers a …

Modern automotive systems feature dozens of electronic control units (ECUs) for chassis,
body and powertrain functions. These systems are costly and inflexible to upgrade, requiring …

This paper presents DNS-V, a verification framework for our in-production DNS authoritative
engine, which is the core of our DNS service. The key idea for automated verification in …

Large-scale software verification relies critically on the use of compositional languages,
semantic models, specifications, and verification techniques. Recent work on certified …

Microarchitectural timing channels are a well-known mechanism for information leakage.
Time protection has recently been demonstrated as an operating-system mechanism able to …

Operating system in intelligent transportation systems (ITSs) is a complex software system
whose correctness and security are not obvious. There are advances in formal description …

Large software systems are usually divided into multiple components that interact with each
other. How to verify interacting components in a modular way is one of the major problems in …

Complex embedded systems are now supporting the co-existence of multiple OSes to
manage services once assigned to separate embedded microcontrollers. Automotive …