• Publications
  • Influence
Everest: Towards a Verified, Drop-in Replacement of HTTPS
The HTTPS ecosystem is the foundation on which Internet security is built. At the heart of this ecosystem is the Transport Layer Security (TLS) protocol, which in turn uses the X.509 public-keyExpand
  • 35
  • PDF
In-Place Refinement for Effect Checking
The refinement calculus is a powerful framework for reasoning about programs, specifications, and refinement relations between programs and specifications. In this paper we introduce a new refinementExpand
  • 9
  • PDF
Exception safety for C # K .
Programming-language mechanisms for throwing and handling exceptions can simplify some computer programs. However, the use of exceptions can also be error prone, leading to new programming errors andExpand
  • 1
  • PDF
Compiling Hilbert ’ s ε operator K .
Hilbert’s ε operator is a binder that picks an arbitrary element from a nonempty set. The operator is typically used in logics and proof engines. This paper contributes a discussion of considerationsExpand
  • 1
  • PDF
Specification and Verification of Object-Oriented Software (Part 2)
Comparing Heap Models: Ownership, Dynamic Frames, Permissions
Compiling Hilbert's ϵ Operator
Specification and Verification of Programs with Pointers (Part 0)
Checking Correctness Properties of Object-Oriented Programs (Lecture 3)
Well-founded Functions and Extreme Predicates in Dafny: A Tutorial
A recursive function is well defined if its every recursive call corresponds a decrease in some well-founded order. Such well-founded functions are useful for example in computer programs whenExpand
  • 1
  • PDF