Rust is a modern systems programming language whose ownership-based type system
statically guarantees memory safety, making it particularly well-suited to the domain of safety …

We present Aeneas, a new verification toolchain for Rust programs based on a lightweight
functional translation. We leverage Rust's rich region-based type system to eliminate …

We introduce Flux, which shows how logical refinements can work hand in glove with Rust's
ownership mechanisms to yield ergonomic type-based verification of low-level pointer …

Type soundness, which asserts that “well-typed programs cannot go wrong,” is widely
viewed as the canonical theorem one must prove to establish that a type system is doing its …

Fine-grained concurrent programs are difficult to get right, yet play an important role in
modern-day computers. We want to prove strong specifications of such programs, with …

Despite significant progress in the verification of hypervisors, operating systems, and
compilers, and in verification tooling, there exists a wide gap between the approaches used …

Recent years have seen great advances towards verifying large-scale systems code.
However, these verifications are usually based on hand-written assembly or machine-code …

Today's compilers employ a variety of non-trivial optimizations to achieve good performance.
One key trick compilers use to justify transformations of concurrent programs is to assume …

Substructural type systems are growing in popularity because they allow for a resourceful
interpretation of data which can be used to rule out various software bugs. Indeed …

Embedded systems are pervasive and find various applications all around us. These
systems run on low-power microcontrollers with real-time constraints. Developers often …