The increasing use of sensitive private data in computing is matched by a growing concern
regarding data privacy. System software such as hypervisors and operating systems are …

Concurrent systems software is widely-used, complex, and error-prone, posing a significant
security risk. We introduce VRM, a new framework that makes it possible for the first time to …

Modern automotive systems feature dozens of electronic control units (ECUs) for chassis,
body and powertrain functions. These systems are costly and inflexible to upgrade, requiring …

This paper presents DNS-V, a verification framework for our in-production DNS authoritative
engine, which is the core of our DNS service. The key idea for automated verification in …

System software is often large and complex, resulting in many vulnerabilities that can
potentially be exploited to compromise the security of a system. Formal verification offers a …

Computer systems use many scheduling heuristics to allocate resources. Understanding
their performance properties is hard because it requires a representative workload and …

Large-scale software verification relies critically on the use of compositional languages,
semantic models, specifications, and verification techniques. Recent work on certified …

Microarchitectural timing channels are a well-known mechanism for information leakage.
Time protection has recently been demonstrated as an operating-system mechanism able to …

Complex embedded systems are now supporting the co-existence of multiple OSes to
manage services once assigned to separate embedded microcontrollers. Automotive …

Real-time systems power safety-critical applications that require strong isolation among
each other. Such isolation needs to be enforced at two orthogonal levels. On the micro …