• Publications
  • Influence
Kodkod: A Relational Model Finder
The key design challenges in the construction of a SAT-based relational model finder are described, and novel techniques are proposed to address them. An efficient model finder must have a mechanismExpand
  • 480
  • 77
Syntax-guided synthesis
The classical formulation of the program-synthesis problem is to find a program that meets a correctness specification given as a logical formula. Recent work on program synthesis and programExpand
  • 406
  • 56
A constraint solver for software engineering: finding models and cores of large relational specifications
Relational logic is an attractive candidate for a software description language, because both the design and implementation of software often involve reasoning about relational structures:Expand
  • 73
  • 19
A lightweight symbolic virtual machine for solver-aided host languages
Solver-aided domain-specific languages (SDSLs) are an emerging class of computer-aided programming systems. They ease the construction of programs by using satisfiability solvers to automate tasksExpand
  • 138
  • 18
Growing solver-aided languages with rosette
SAT and SMT solvers have automated a spectrum of programming tasks, including program synthesis, code checking, bug localization, program repair, and programming with oracles. In principle, we obtainExpand
  • 120
  • 16
Controlled physical random functions and applications
The cryptographic protocols that we use in everyday life rely on the secure storage of keys in consumer devices. Protecting these keys from invasive attackers, who open a device to steal its key, isExpand
  • 86
  • 13
MemSAT: checking axiomatic specifications of memory models
Memory models are hard to reason about due to their complexity, which stems from the need to strike a balance between ease-of-programming and allowing compiler and hardware optimizations. In thisExpand
  • 83
  • 8
Angelic debugging
Software ships with known bugs because it is expensive to pinpoint and fix the bug exposed by a failing test. To reduce the cost of bug identification, we locate expressions that are likely causes ofExpand
  • 122
  • 5
Specifying and Checking File System Crash-Consistency Models
Applications depend on persistent storage to recover state after system crashes. But the POSIX file system interfaces do not define the possible outcomes of a crash. As a result, it is difficult forExpand
  • 29
  • 5
Finding Minimal Unsatisfiable Cores of Declarative Specifications
Declarative specifications exhibit a variety of problems, such as inadvertently overconstrained axioms and underconstrained conjectures, that are hard to diagnose with model checking and theoremExpand
  • 81
  • 4