Research Interests:  Static Analysis, security, virtual execution environments, dynamic optimization, testing of parallel programs

Marple:  A Demand-Driven Path-Sensitive Static Analysis Framework to Detect, Diagnosis and Test Software Vulnerabilities

The goal of this research is to harness the power of  static analysis by developing tools for  vulnerabilities  that are path-sensitive for precision and demand-driven for scalability.  This project is  developing a comprehensive path-sensitive framework that detects and diagnoses a variety of vulnerabilities, including but not limited to,  buffer overflow, memory errors, integer errors, unauthorized usage, and denial-of-service. With path-sensitive analysis, we report path segments and highlight statements that are pertinent to the vulnerability. We have developed a framework to handle buffer overflow.  A paper on this work appeared in the Foundation of Software Engineering. We are currently extending the work and developing a systematic abstraction for a class of vulnerabilities. (Wei Le)

Dynamic Optimization

We have two projects currently exploring dynamic optimization.  One of the projects is developing a dynamic optimizer that uses the mechanism of a virtual execution environment.  The other is just beginning and is developing scenario based optimization technique. (Shukang Yang and Jason Mars)

Virtual Execution Environment for Embedded Systems