• Publications
  • Influence
The SLAM project: debugging system software via static analysis
This work has successfully applied the SLAM toolkit to Windows XP device drivers, to both validate behavior and find defects in their usage of kernel APIs. Expand
Automatically validating temporal safety properties of interfaces
A process for validating temporal safety properties of software that uses a well-defined interface is presented, and it is found that the process converges on a set of predicates powerful enough to validate properties in just a few iterations. Expand
Bebop: A Symbolic Model Checker for Boolean Programs
Bbop represents control flow explicitly, and sets of states implicitly using BDDs, and is able to model check boolean programs with several thousand lines of code, hundreds of procedures, and several thousand variables in a few minutes. Expand
Thorough static analysis of device drivers
The Static Driver Verifier tool (SDV) uses this engine to find kernel API usage errors in a driver, and discusses the techniques used in SDV to meet these requirements, and empirical results from running SDV on over one hundred Windows device drivers. Expand
Boolean and Cartesian abstraction for model checking C programs
We show how to attack the problem of model checking a C program with recursive procedures using an abstraction that we formally define as the composition of the Boolean and the CartesianExpand
MOCHA: Modularity in Model Checking
This paper presents a parallel version of the Celada–Seiden cellular automaton that automates the very labor-intensive and therefore time-heavy and therefore expensive and expensive and therefore computationally burdensome process of integrating these two systems. Expand
Probabilistic programming
This paper describes connections this research area called ``Probabilistic Programming" has with programming languages and software engineering, and this includes language design, and the static and dynamic analysis of programs. Expand
The SLAM Toolkit
The SLAM toolkit checks safety properties of software without the need for user-supplied annotations or abstractions using three tools: a predicate abstraction tool that abstracts P into a boolean program BP(P,E) with respect to a set of predicates E over P 1,2. Expand
Automatic predicate abstraction of C programs
This work presents the first algorithm to automatically construct a predicate abstraction of programs written in am industrial programming language such as C, and its implementation in a tool -- C2BP, part of the SLAM toolkit. Expand
From symptom to cause: localizing errors in counterexample traces
An algorithm is presented that exploits the existence of correct traces in order to localize the error cause in an error trace, report a single error trace per error cause, and generate multiple error traces having independent causes. Expand