K. Rustan M. Leino
Research interests
My work focuses on formal verification, programming languages, and
and software-correctness tools for software engineers.
Research projects
Dafny |
Dafny is a programming language designed with verification in mind,
and its compiler includes a state-of-the-art program verifier. The
language offers forms of both imperative and functional programming and
can also be used to express some mathematics. The verifier runs in
the background of the development environment. Dafny has been used
to verify challenging algorithms, is used in teaching at several
universities, and has been used by award-winning teams at program
verification competitions. Dafny excels at providing an accessible
integrated verification experience. Joint work with
Reza Ahmadi, Nada Amin,
Chris Hawblitzel,
Jason Koenig, Jay R. Lorch, Dan Matichuk,
Michał Moskal, Peter Müller,
Clément Pit--Claudel, Bryan Parno, Nadia Polikarpova,
Tiark Rompf,
Dan Rosén,
Valentin Wüstholz, and others. 2008-present. |
Jennisys |
Jennisys ("this is where programs begin") is a program synthesizer.
Joint work with Aleksandar Milicevic. 2011-2012. |
Chalice |
Chalice is an experimental language for concurrency. Its
specifications are based on Implicit Dynamic Frames with fractional
permissions. Joint work with Stefan Heule, Peter Müller, Jan
Smans, Alex J. Summers, Kuat Yessenov, and others. 2009-present. |
Boogie |
Boogie is an Intermediate Verification Language and a verification
engine for that language. It is used by more than a dozen
verifiers for different languages. Joint work with Mike Barnett, Sascha
Böhme,
Bor-Yuh Evan Chang, Robert DeLine, Bart Jacobs, Michał Moskal, Shaz
Qadeer, Philipp Rümmer, and others. 2003-present. |
Spec# |
Spec# is a superset of the language C# 2.0, adding contracts and
non-null types. It includes a static verifier for the contracts.
Joint work with Mike Barnett, Ádám Darvas, Manuel Fähndrich,
Bart Jacobs, Ronald Middelkoop, Peter Müller, Wolfram
Schulte, Herman Venter, Angela Wallenburg, and others. 2003-2009. |
Houdini |
Houdini is a specification wizard, originally for ESC/Java.
The technique infers specifications by guessing candidate specifications
and then running an underlying checker to refute bad guesses. Joint
work with Cormac Flanagan, Rajeev Joshi, Michael Y. Levin, and others.
1999-2001. |
ESC/Java |
ESC/Java (which won the Most Influential 2002 PLDI Paper award) is a
formal-methods based tool for statically finding software defects in
Java programs. Joint work with Cormac Flanagan, Gary T. Leavens, Mark
Lillibridge, Todd Millstein, Greg Nelson, James B. Saxe, Raymie Stata,
and others. 1997-2001. |
ESC/Modula-3 |
ESC is the original Extended Static Checker for the Modula-3
language. Joint work with David L. Detlefs, Greg Nelson, and James B.
Saxe. 1994-1996. |
Modula-3D |
A variant of the Modula-3 language for programming multicomputers.
1992-1993. |
Education
PhD |
Computer Science, California Institute of Technology, 1995.
Advisor: Prof. Dr. K. Mani Chandy |
MS |
Computer Science, California Institute of Technology, 1993.
Advisor: Prof. Dr. Jan L. A. van de Snepscheut |
BA |
with Special Honors in Computer Science, The University of Texas at
Austin, 1989. Honors research advisor: Prof. Dr. Louis E. Rosier |
Employment
Amazon
Seattle, WA, USA |
Senior Principal Engineer (2017-present) |
Microsoft
Redmond, WA, USA |
Principal Researcher (2007-2017) Senior Researcher (2006-2007)
Researcher (2001-2006) Software design engineer, technical lead
(1989-1991) |
Imperial College London
London, UK |
Visiting Professor (honorary post, 2012-2017) |
DEC/Compaq
Systems Research Center Palo Alto,
CA, USA |
Computer science researcher (Jan 1995-Nov 2001) Research intern
(summer 1994) Research intern (summer 1992) |
Caltech
Pasadena, CA, USA |
Co-instructor, Mathematics of Program Construction (Fall
1994) Co-instructor, Mathematics of Program Construction
(Spring 1994) Teaching assistant, Computation, Computers,
Programs (Fall 1991-Spring 1994) Graduate research assistant
(Fall 1991-Fall 1994) |
CompuGuide
Austin, TX, USA |
President, consultant (Feb 1988-May 1989) |
UT Austin
Informal Classes Austin, TX, USA |
Instructor of various computer classes (Sep 1987-May 1989) |
One-Eleven, Inc.
Austin, TX, USA |
Programmer (Aug 1987-May 1989) |
Publications
(Caution: Contents has not been updated since January 2017.)
Legend |
|
Books, Chapters, Lecture Notes |
|
Edited Volumes |
|
Journal Articles |
|
In Conference Proceedings |
|
Theses |
|
Other |
|
|
|
|
|
|
|
Quicksort Revisited—Verifying Alternative Versions of Quicksort |
TPFM 2016 |
|
Razvan Certezeanu, Sophia Drossopoulou, Benjamin Egelund-Muller, K. Rustan M. Leino,
Sinduran Sivarajan, and Mark Wheelhouse |
|
|
In Erika Ábrahám, Marcello M. Bonsangue, and Einar Broch Johnsen, editors,
Theory and Practice of Formal Methods—Essays Dedicated to Frank de Boer on the Occasion of His 60th Birthday,
pages 407-426.
Springer, 2016. |
|
Trigger Selection Strategies to Stabilize Program Verifiers |
CAV 2016 |
|
K. Rustan M. Leino and Clément Pit-Claudel |
|
|
In Swarat Chaudhuri and Azadeh Farzan, editors,
Computer Aided Verification—28th International Conference, CAV 2016,
volume 9779 of Lecture Notes in Computer Science, pages 361-381. Springer,
July 2016. |
|
Integrated Environment for Diagnosing Verification Errors |
TACAS 2016 |
|
Maria Christakis, K. Rustan M. Leino, Peter Müller, and Valentin Wüstholz |
|
|
In Marsha Chechik and Jean-François Raskin, editors,
Tools and Algorithms for the Construction and Analysis of Systems—22nd International Conference, TACAS 2016,
volume 9636 of Lecture Notes in Computer Science, pages 424-441. Springer,
April 2016. |
|
Verification, Model Checking, and
Abstract Interpretation—17th International Conference, VMCAI 2016 |
LNCS (VMCAI 2016) |
|
Barbara Jobstmann and K. Rustan M. Leino |
|
|
Volume 9583 of Lecture Notes in Computer Science.
Springer, January 2016. |
|
An Assertional Proof of the Stability
and Correctness of Natural Mergesort |
ACM Comp. Logic |
|
K. Rustan M. Leino and Paqui Lucio |
|
|
ACM Transactions on Computational Logic, 17(1): 6,
December 2015.
|
|
Fine-Grained Caching of Verification Results |
CAV 2015 |
|
K. Rustan M. Leino and Valentin Wüstholz |
|
|
In Daniel Kroening and Corina S. Pasareanu, editors,
Computer Aided Verification—27th International Conference, CAV 2015, Proceedings, Part I,
volume 9206 of Lecture Notes in Computer Science, pages 380-397. Springer,
July 2015. |
|
Automatic verification of Dafny programs with traits |
FTfJP@ECOOP 2015 |
|
Reza Ahmadi, K. Rustan M. Leino, and Jyrki Nummenmaa |
|
|
In Rosemary Monahan, editor,
Proceedings of the 17th Workshop on Formal Techniques for Java-like Programs, FTfJP 2015,
pages 4:1-4:5.
ACM, 2015. |
|
Well-founded Functions and Extreme Predicates in Dafny: A Tutorial |
IWIL-2015 |
|
K. Rustan M. Leino |
|
|
In Boris Konev, Stephan Schulz, and Laurent Simon, editors,
IWIL-2015. 11th International Workshop on the Implementation of Logics, volume 40 of
EPiC Series in Computing, pages 106-118. EasyChair, 2016. |
|
Compiling Hilbert's epsilon operator |
LPAR short papers 2015 |
|
K. Rustan M. Leino |
|
|
In Ansgar Fehnker, Annabelle McIver, Geoff Sutcliffe, and Andrei Voronkov, editors,
20th International Conferences on Logic for Programming, Artificial Intelligence and Reasoning—Short
Presentations, LPAR 2015, volume 35 of
EPiC Series in Computing, pages 106-118. EasyChair, 2015. |
|
Programming Language Features for Refinement |
Refine@FM 2015 |
|
Jason Koenig and K. Rustan M. Leino |
|
|
In John Derrick, Eerke A. Boiten, and Steve Reeves, editors,
Proceedings 17th International Workshop on Refinement, Refine@FM 2015, volume 209 of
Electronic Proceedings in Theoretical Computer Science, pages 87-106.
2016. |
|
Co-induction simply—Automatic Co-inductive Proofs in a Program Verifier |
FM 2014 |
|
K. Rustan M. Leino and Michał Moskal |
|
|
In Cliff B. Jones, Pekka Pihlajasaari, and Jun Sun, editors,
FM 2014: 19th International Symposium on Formal Methods,
volume 8442 of Lecture Notes in Computer Science, pages 382-398. Springer,
May 2014. |
|
Formalizing and Verifying a Modern Build Language |
FM 2014 |
|
Maria Christakis, K. Rustan M. Leino, and Wolfram Schulte |
|
|
In Cliff B. Jones, Pekka Pihlajasaari, and Jun Sun, editors,
FM 2014: 19th International Symposium on Formal Methods,
volume 8442 of Lecture Notes in Computer Science, pages 643-657. Springer,
May 2014. |
|
Computing with an SMT Solver |
TAP 2014 |
|
Nada Amin, K. Rustan M. Leino, and Tiark Rompf |
|
|
In Martina Seidl and Nikolai Tillmann, editors,
Tests and Proofs—8th International Conference, TAP 2014,
volume 8570 of Lecture Notes in Computer Science, pages 20-35. Springer,
July 2014. |
|
The Dafny Integrated Development Environment |
F-IDE 2014 |
|
K. Rustan M. Leino and Valentin Wüstholz |
|
|
In Catherine Dubois, Dimitra Giannakopoulou, and Dominique Méry, editors,
1st Workshop on Formal-IDE, volume 149 of
Electronic Proceedings in Theoretical Computer Science.
April 2014. |
|
Automating Theorem Proving with SMT |
ITP 2013 |
|
K. Rustan M. Leino |
|
|
In Sandrine Blazy, Christine Paulin-Mohring, and David Pichardie, editors,
Interactive Theorem Proving, 4th International Conference, ITP 2013,
volume 7998 of Lecture Notes in Computer Science, pages 2-16. Springer,
July 2013. |
|
Developing Verified Programs with Dafny |
ICSE 2013 |
|
K. Rustan M. Leino |
|
|
In David Notkin, Betty H. C. Cheng, and Klaus Pohl, editors,
35th International Conference on Software Engineering, ICSE '13,
pages 1488-1490. ACM, May 2013. |
|
Verified Calculations |
VSTTE 2013 |
|
K. Rustan M. Leino and Nadia Polikarpova |
|
|
In Ernie Cohen and Andrey Rybalchenko, editors,
Verified Software: Theories, Tools, Experiments—5th
International Conference, VSTTE 2013, Revised Selected Papers,
volume 8164 of Lecture Notes in Computer Science, pages 170-190.
Springer, 2014. |
|
Co-induction Simply: Automatic
Co-inductive Proofs in a Program Verifier |
MSR TR |
|
K. Rustan M. Leino and Michal Moskal |
|
|
Technical Report MSR-TR-2013-49, Microsoft Research, May 2013. |
|
Tools for Software Verification:
special section from the Seventeenth International Conference on Tools
and Algorithms for the Construction and Analysis of Systems |
STTT (from TACAS 2011) |
|
Parosh Aziz Abdulla and K. Rustan M. Leino |
|
|
Software Tools for Technology Transfer, 15(2).
April 2013. |
|
Abstract Read
Permissions: Fractional Permissions without the Fractions |
VMCAI 2013 |
|
Stefan Heule, K. Rustan M. Leino, Peter Müller, and
Alexander J. Summers |
|
|
In Roberto Giacobazzi, Josh Berdine, and Isabella
Mastroeni, editors, Verification, Model Checking, and Abstract
Interpretation, 14th International Conference, VMCAI 2013, volume
7737 of Lecture Notes in Computer Science, pages 315-334.
Springer, January 2013. |
|
Using Dafny, an Automatic Program
Verifier |
LASER 2011 |
|
Luke Herbert, K. Rustan M. Leino, and Jose Quaresma |
|
|
In Bertrand Meyer and Martin Nordio, editors, Tools
for Practical Software Verification, {LASER}, International Summer
School 2011, volume 7682 of Lecture Notes in Computer Science,
pages 156-181. Springer, 2012. |
|
Program
extrapolation with Jennisys |
OOPSLA 2012 |
|
K. Rustan M. Leino and Alexandar Milicevic |
|
|
In Gary T. Leavens and Matthew B. Dwyer, editors,
Proceedings of the 27th Annual ACM SIGPLAN Conference on Object-Oriented
Programming, Systems, Languages, and Applications, OOPSLA 2012, pages
411-430. ACM, October 2012. |
|
Stepwise refinement
of heap-manipulating code in Chalice |
FAC |
|
K. Rustan M. Leino and Kuat Yessenov |
|
|
Formal Aspects of Computing, 24(4-6): 519-535,
July 2012. Celebrating the 60th Birthday of Carroll Morgan. |
|
Endorsement blurb |
|
|
K. Rustan M. Leino |
|
|
On back cover of SPARK - The Proven Approach to High
Integrity Software. John Barnes with Altran Praxis.
Altran Praxis, 2012. |
|
The EventB2Dafny Rodin plug-in |
TOPI 2012 |
|
Néstor Cataño, K. Rustan M. Leino, and Victor Rivera |
|
|
In 2nd Workshop on Developing Tools as Plug-ins (TOPI), pages 49-54.
IEEE, June 2012. |
|
Behavioral Interface Specification
Languages |
Comp. Surv. |
|
John Hatcliff, Gary T. Leavens, K. Rustan M. Leino, Peter Müller, and Matthew Parkinson |
|
|
ACM Computing Surveys, 44(3): 16, June 2012. |
|
Special issue:
Selected Papers of the Confrence 'Tools and Algorithms for the
Construction and Analysis of Systems "TACAS" 2011' |
LMCS (from TACAS 2011) |
|
Parosh Aziz Abdulla and K. Rustan M. Leino |
|
|
Logical Methods in Computer Science. DOI:
10.2168/LMCS-TACAS:2011. 2012.
http://www.lmcs-online.org/ojs/specialIssues.php?id=40 |
|
Getting Started with Dafny: A Guide |
MOD 2011 |
|
Jason Koenig and K. Rustan M. Leino |
|
|
In Tobias Nipkow, Orna Grumberg, and Benedikt Hauptmann, editors,
Software Safety and Security: Tools for Analysis and Verification. NATO Science for Peace and
Security Series D: Information and Communication Security. IOS
Press, 2012, volume 33, pages 152-181.
Marktoberdorf International
Summer School 2011 lecture notes. |
|
Automating Induction
with an SMT Solver |
VMCAI 2012 |
|
K. Rustan M. Leino |
|
|
In Viktor Kuncak and Andrey Rybalchenko, editors,
Verification, Model Checking, and Abstract Interpretation - 13th
International Conference, VMCAI 2012, volume
7148 of Lecture Notes
in Computer Science, pages 315-331. Springer, January 2012. |
|
The Boogie
Verification Debugger (Tool Paper) |
SEFM 2011 |
|
Claire Le Goues, K. Rustan M. Leino, and Michał Moskal |
|
|
In Gilles Barthe, Alberto Pardo, and Gerardo Schneider, editors,
Software Engineering and Formal Methods - 9th International
Conference, SEFM 2011, volume
7041 of Lecture Notes
in Computer Science, pages 407-414. Springer, November 2011. |
|
The 1st Verified
Software Competition: Experience Report |
FM 2011 |
|
Vladimir Klebanov, Peter Müller, Natarajan
Shankar, Gary T. Leavens, Valentin Wüstholz, Eyad
Alkassar, Rob Arthan, Derek Bronish, Rod Chapman, Ernie
Cohen, Mark Hillebrand, Bart Jacobs, K. Rustan M. Leino,
Rosemary Monahan, Frank Piessens, Nadia Polikarpova, Tom
Ridge, Jan Smans, Stephan Tobies, Thomas Tuerk, Mattias
Ulbrich, and Benjamin Weiβ |
|
|
In Michael Butler and Wolfram Schulte, editors, FM
2011: Formal Methods - 17th International Symposium on Formal Methods, volume
6664 of Lecture Notes
in Computer Science, pages 154-168. Springer, June 2011.
FM 2011 Best
Paper Award. |
|
Specification and
verification: the Spec# experience |
CACM |
|
Mike Barnett, Manuel Fähndrich, K. Rustan M. Leino,
Peter Müller, Wolfram Schulte, and Herman Venter |
|
|
Communications of the ACM, 54(6):
81-91, June 2011.
|
|
Tools and Algorithms
for the Construction and Analysis of Systems - 17th International
Conference, TACAS 2011 |
LNCS (TACAS 2011) |
|
Parosh Aziz Abdulla and K. Rustan M. Leino |
|
|
Volume 6605 of Lecture Notes in Computer Science.
Springer, March-April 2011. |
|
Doomed program points |
FMSD |
|
Jochen Hoenicke, K. Rustan M. Leino, Andreas Podelski,
Martin Schäf, and Thomas Wies |
|
|
Formal Methods in System Design, 37(2-3):
171-199, December 2010.
|
|
Tools and Behavioral
Abstraction: A Direction for Software Engineering |
FOSE 2010 |
|
K. Rustan M. Leino |
|
|
In Sebastian Nanz, editor, The Future of Software
Engineering, pages 115-124. Springer, November 2010.
Festschrift for Bertrand Meyer on the Occasion of His 60th Birthday. |
|
Usable Auto-Active Verification |
UV 2010 |
|
K. Rustan M. Leino and Michał Moskal |
|
|
In Tom Ball, Lenore Zuck, and N. Shankar, editors,
UV10 (Usable Verification) workshop. November 2010.
http://fm.csl.sri.com/UV10/ |
|
VACID-0: Verification of Ample
Correctness of Invariants of Data-structures, Edition 0 |
VSTTE 2010 workshop |
|
K. Rustan M. Leino and Michał Moskal |
|
|
In Tools and Experiments workshop at VSTTE 2010.
August 2010. |
|
Dafny Meets the
Verification Benchmarks Challenge |
VSTTE 2010 |
|
K. Rustan M. Leino and Rosemary Monahan |
|
|
In Gary T. Leavens, Peter W. O'Hearn, and Sriram K.
Rajamani, editors, Verified Software: Theories, Tools, Experiments,
Third International Conference, VSTTE 2010, volume 6217 of Lecture Notes
in Computer Science, pages 112-126. Springer, August 2010. |
|
To Goto Where No
Statement Has Gone Before |
VSTTE 2010 |
|
Mike Barnett and K. Rustan M. Leino |
|
|
In Gary T. Leavens, Peter W. O'Hearn, and Sriram K.
Rajamani, editors, Verified Software: Theories, Tools, Experiments,
Third International Conference, VSTTE 2010, volume 6217 of Lecture Notes
in Computer Science, pages 157-168. Springer, August 2010. |
|
Learning to do
program verification |
CACM |
|
K. Rustan M. Leino |
|
|
Communications of the ACM, 53(6):
106, June 2010. Technical
Perspective, introducing the article seL4: Formal Verification of an
Operating-System Kernel by Gerwin Klein et al.
|
|
Dafny: An Automatic
Program Verifier for Functional Correctness |
LPAR-16 |
|
K. Rustan M. Leino |
|
|
In Edmund M. Clarke and Andrei Voronkov, editors,
Logic for Programming, Artificial Intelligence, and Reasoning - 16th
International Conference, LPAR-16, volume 6355 of Lecture Notes
in Computer Science, pages 348-370. Springer, April-May 2010. |
|
Deadlock-Free
Channels and Locks |
ESOP 2010 |
|
K. Rustan M. Leino, Peter Müller, and Jan Smans |
|
|
In Andrew D. Gordon, editor, Programming Languages
and Systems, 19th European Symposium on Programming, ESOP 2010, volume
6012 of Lecture Notes
in Computer Science, pages 407-426. Springer, March 2010. |
|
A Polymorphic
Intermediate Verification Language: Design and Logical Encoding |
TACAS 2010 |
|
K. Rustan M. Leino and Philipp Rümmer |
|
|
In Javier Esparza and Rupak Majumdar, editors, Tools
and Algorithms for the Construction and Analysis of Systems, 16th
International Conference, TACAS 2010, volume 6015 of Lecture Notes
in Computer Science, pages 312-327. Springer, March 2010. |
|
Using the Spec# Language, Methodology,
and Tools to Write Bug-Free Programs |
LASER 2007/2008 |
|
K. Rustan M. Leino and Peter Müller |
|
|
In Peter Müller, editor, Advanced Lectures on
Software Engineering, LASER Summer School 2007/2008, volume 6029 of
Lecture Notes in Computer Science, pages 91-139. Springer, 2010. |
|
It's Doomed; We Can
Prove It |
FM 2009 |
|
Jochen Hoenicke, K. Rustan M. Leino, Andreas Podelski,
Martin Schäf, and Thomas Wies |
|
|
In Ana Cavalcanti and Dennis Dams, editors, FM 2009:
Formal Methods, Second World Congress, volume 5850 of Lecture Notes
in Computer Science, pages
338-353. Springer, November 2009. |
|
A Basis for Verifying Multi-threaded
Programs |
ESOP 2009 |
|
K. Rustan M. Leino and Peter Müller |
|
|
In Giuseppe Castagna, editor, Programming Languages
and Systems, 18th European Symposium on programming, ESOP 2009, pages
378-393. Springer, March 2009. |
|
Proving Consistency of Pure Methods and
Model Fields |
FASE 2009 |
|
K. Rustan M. Leino and Ronald Middelkoop |
|
|
In Marsha Chechik and Martin Wirsing, editors,
Fundamental Approaches to Software Engineering, 12th International
Conference, FASE 2009, pages
231-245. Springer, March 2009. |
|
Verification of
Concurrent Programs with Chalice |
|
|
K. Rustan M. Leino, Peter Müller, and Jan Smans |
|
|
In Alessandro Aldini, Gilles Barthe, Roberto Gorrieri, editors,
Foundations of Security Analysis and Design V, FOSAD 2007/2008/2009
Tutorial Lectures, volume 5705 of
Lecture Notes in Computer Science, pages 195-222. Springer, 2009. |
|
Reasoning about Comprehensions with First-Order SMT Solvers |
SAC 2009 |
|
K. Rustan M. Leino and Rosemary Monahan |
|
|
In 2009 Symposium on Applied Computing, pages
615-622. ACM, March 2009. A previous version of this article
had the title Automatic verification of textbook programs that use comprehensions. |
|
Specification and verification of
object-oriented software |
MOD 2008 |
|
K. Rustan M. Leino |
|
|
In Manfred Broy, Wassiou Sitou, and Tony Hoare, editors,
Engineering Methods and Tools for Software Safety and Security. NATO Science for Peace and
Security Series D: Information and Communication Security. IOS
Press, 2009, volume 22, pages 231-266.
Marktoberdorf International
Summer School 2008 lecture notes. |
|
A programming model for concurrent
object-oriented programs |
TOPLAS |
|
Bart Jacobs, K. Rustan M. Leino, Frank Piessens, Wolfram
Schulte, and Jan Smans |
|
|
ACM Transactions on Programming Languages and
Systems, 31(1), December 2008.
|
|
Flexible immutability with frozen objects |
VSTTE 2008 |
|
K. Rustan M. Leino, Peter Müller, and Angela Wallenburg |
|
|
In Jim Woodcock and N. Shankar, editors, Verified Software:
Theories, Tools, Experiments, VSTTE 2008,
volume 5295 of Lecture Notes in Computer Science, pages 192-208.
Springer, October 2008. |
|
Verification Condition Splitting |
MSR TR |
|
K. Rustan M. Leino, Michał Moskal, and Wolfram Schulte |
|
|
Technical Report, Microsoft Research, October 2008. |
|
HOL-Boogie - An Interactive Prover for
the Boogie Program-Verifier |
TPHOLs 2008 |
|
Sascha Böhme, K. Rustan M. Leino, and Burkhart Wolff |
|
|
In Otmane Aït Mohamed, César A. Muñoz, Sofiène Tahar, editors,
Theorem Proving in Higher Order Logics, 21st International
Conference, TPHOLs 2008,
volume 5170 of Lecture Notes in Computer Science, pages 150-166.
Springer, August 2008. |
|
Position Statement:
Ceaselessly-Analyzing Development Environments, One Direction for the
Next 40 Years of Software Engineering |
COMPAC 2008 |
|
K. Rustan M. Leino |
|
|
In Proceedings of the 32nd Annual IEEE International
Computer Software and Applications Conference, COMPSAC 2008, page
11. IEEE Computer Society, August 2008. |
|
This is Boogie 2 |
MSR TR |
|
K. Rustan M. Leino |
|
|
Technical Report, Microsoft Research, June 2008. |
|
Verification of equivalent-results
methods |
ESOP 2008 |
|
K. Rustan M. Leino and Peter Müller |
|
|
In Sophia Drossopoulou, editor, Programming Languages
and Systems, 17th European Symposium on Programming, ESOP 2008,
volume 4960 of Lecture Notes in Computer Science, pages 307-321.
Springer, March/April 2008. |
|
Class-local object invariants |
ISEC 2008 |
|
K. Rustan M. Leino and Angela Wallenburg |
|
|
In Proceedings of the 2008 First India Software
Engineering Conference, pages 57-66.
ACM, February 2008. |
|
Using widenings to infer loop invariants inside an SMT solver,
or: A theorem prover as abstract domain |
WING 2007 |
|
K. Rustan M. Leino and Francesco Logozzo |
|
|
In proceedings of Workshop on Invariant Generation (WING 2007), June 2007. |
|
Specification and verification challenges for sequential object-oriented programs |
FAC |
|
Gary T. Leavens, K. Rustan M. Leino, and Peter Müller |
|
|
Formal Aspects of Computing, 19(2):159-189, June 2007.
|
|
Using history invariants to verify
observers |
ESOP 2007 |
|
K. Rustan M. Leino and Wolfram Schulte |
|
|
In Rocco De Nicola, editor, Programming Languages
and Systems, 16th European Symposium on Programming, ESOP 2007,
volume 4421 of Lecture Notes in Computer Science, pages 80-94.
Springer, March 2007. |
|
Practical reasoning about invocations and
implementations of pure methods |
FASE 2007 |
|
Ádám Darvas and K. Rustan M. Leino |
|
|
In Matthew B. Dwyer and Antónia Lopes, editors,
Fundamental Approaches to Software Engineering, 10th International
Conference, FASE 2007, volume 4422 of Lecture Notes in Computer
Science, pages 336-351. Springer, March 2007. |
|
A verifying compiler for a multi-threaded
object-oriented language |
MOD 2006 |
|
K. Rustan M. Leino and Wolfram Schulte |
|
|
In Manfred Broy, Johannes Grünbauer, and Tony Hoare, editors,
Software Safety and Security. NATO Science for Peace and
Security Series D: Information and Communication Security. IOS
Press, 2007, volume 9, pages 351-416.
Marktoberdorf International
Summer School 2006 lecture notes. |
|
Foreword |
|
|
K. Rustan M. Leino |
|
|
Verification of Object-Oriented Software: The KeY
Approach. Bernhard Beckert, Reiner Hähnle, and Peter H. Schmitt,
editors. Volume 4334 of Lecture Notes in Artificial Intelligence, pages
VII-VIII. Springer, 2007. |
|
Boogie: A Modular Reusable Verifier for Object-Oriented Programs |
FMCO 2005 |
|
Mike Barnett, Robert DeLine, Bart Jacobs, Bor-Yuh Evan Chang, and K. Rustan M. Leino |
|
|
In Frank S. de Boer, Marcello M. Bonsangue, Susanne
Graf, and Willem-Paul de Roever, editors, Formal Methods for
Components and Objects: 4th International Symposium, FMCO 2005,
volume 4111 of Lecture Notes in Computer Science, pages 364-387.
Springer, September 2006. |
|
Verified Software: Theories, Tools, and Experiments, VSTTE 2006, Workshop proceedings |
MSR TR (VSTTE 2006) |
|
K. Rustan M. Leino and Wolfram Schulte, editors |
|
|
Technical Report MSR-TR-2006-117, Microsoft Research, August 2006. |
|
A verification methodology for model
fields |
ESOP 2006 |
|
K. Rustan M. Leino and Peter Müller |
|
|
In Peter Sestoft, editor, Programming Languages and
Systems: 15th European Symposium on Programming, ESOP 2006, volume
3924 of Lecture
Notes in Computer Science, pages 115-130. Springer, March 2006. |
|
Loop invariants on demand |
APLAS 2005 |
|
K. Rustan M. Leino and Francesco Logozzo |
|
|
In Kwangkeun Yi, editor, Programming Languages and
Systems, Third Asian Symposium, APLAS 2005, volume 3780 of Lecture
Notes in Computer Science, pages 119-134. Springer, November 2005. |
|
The Spec# programming system: Challenges
and directions |
VSTTE 2005 |
|
Mike Barnett, Robert DeLine, Bart Jacobs, Manuel
Fähndrich, K. Rustan M. Leino, Wolfram Schulte, and Herman Venter |
|
|
Position paper, Verified Software: Theories, Tools,
Experiments (VSTTE 2005), October 2005. |
|
Weakest-precondition of unstructured programs |
PASTE 2005 |
|
Mike Barnett and K. Rustan M. Leino |
|
|
In Michael D. Ernst and Thomas P. Jensen, editors,
Proceedings of the 2005 ACM SIGPLAN-SIGSOFT Workshop on
Program Analysis For Software Tools and Engineering, PASTE'05,
pages 82-87. ACM, September 2005. |
|
Safe Concurrency for Aggregate Objects
with Invariants |
SEFM 2005 |
|
Bart Jacobs, K. Rustan M. Leino, Frank Piessens, and Wolfram Schulte |
|
|
In Bernhard K. Aichernig and Bernhard Beckert, editors,
3rd IEEE International Conference on Software Engineering and Formal
Methods (SEFM 2005), pages137-146. IEEE Computer Society, September 2005. |
|
Modular verification of static class
invariants |
FM 2005 |
|
K. Rustan M. Leino and Peter Müller |
|
|
In John Fitzgerald, Ian J. Hayes, and Andrzej Tarlecki,
editors, FM 2005: Formal Methods, International Symposium of Formal
Methods Europe, volume 3582 of Lecture Notes in Computer Science, pages
26-42.
Springer, July 2005. |
|
BoogiePL: A typed procedural language for checking object-oriented programs |
MSR TR |
|
Robert DeLine and K. Rustan M. Leino |
|
|
Technical Report MSR-TR-2005-70, Microsoft Research, May 2005. |
|
A Two-Tier Technique for Supporting
Quantifiers in a Lazily Proof-Explicating Theorem Prover |
TACAS 2005 |
|
K. Rustan M. Leino, Madan Musuvathi, and Xinming Ou |
|
|
In Nicolas Halbwachs and Lenore D. Zuck, editors,
Tools and Algorithms for the Construction and Analysis of Software, 11th
International Conference, TACAS 2005, volume 3440 of
Lecture Notes in Computer Science, pages 334-348.
Springer, April 2005. |
|
Efficient weakest preconditions |
IPL |
|
K. Rustan M. Leino |
|
|
Information Processing Letters, 93(6):281-288,
March 2005. |
|
An overview of JML tools and applications |
STTT |
|
Lilian Burdy, Yoonsik Cheon, David R. Cok, Michael D.
Ernst, Joseph R. Kiniry, Gary T. Leavens, K. Rustan M. Leino, and Erik
Poll |
|
|
International Journal on Software Tools for
Technology Transfer, 7(3):212-232,
2005. |
|
Generating error traces from verification-condition counterexamples |
SCP |
|
K. Rustan M. Leino, Todd Millstein, and James B. Saxe |
|
|
Science of Computer Programming, 55(1-3):209-226,
2005. |
|
Inferring object invariants |
AIOOL 2005 |
|
Bor-Yuh Evan Chang and K. Rustan M. Leino |
|
|
First international workshop on
Abstract Interpretation of Object-Oriented Languages
(AIOOL), January 2005. |
|
Abstract interpretation with alien expressions and heap structures |
VMCAI 2005 |
|
Bor-Yuh Evan Chang and K. Rustan M. Leino |
|
|
In Radhia Cousot, editor, Verification, Model Checking, and Abstract Interpretation,
6th International Conference, VMCAI 2005, volume 3385 of
Lecture Notes in Computer Science, pages 147-163.
Springer, January 2005. |
|
Finding stale-value errors in concurrent programs |
C&C: P&E |
|
Michael Burrows and K. Rustan M. Leino |
|
|
Concurrency and Computation: Practice and Experience,
16(12):1161-1172, October 2004. |
|
Modular verification of global module invariants in object-oriented programs |
ETHZ TR |
|
K. Rustan M. Leino and Peter Müller |
|
|
Technical Report 459, ETH Zurich, Department of Computer Science, September 2004. |
|
Exception safety for C# |
SEFM 2004 |
|
K. Rustan M. Leino and Wolfram Schulte |
|
|
In Jorge R. Cuellar and Zhiming Liu, editors, SEFM 2004—Second
International Conference on Software Engineering and Formal Methods, pages 218-227.
IEEE, September 2004. |
|
Object invariants in dynamic contexts |
ECOOP 2004 |
|
K. Rustan M. Leino and Peter Müller |
|
|
In Martin Odersky, editor, ECOOP 2004—Object-oriented
programming, 18th European Conference, Proceedings, volume 3086 of
Lecture Notes in Computer Science, pages 491-516. Springer, June 2004. |
|
Verification of object-oriented programs with invariants |
JOT |
|
Mike Barnett, Robert DeLine, Manuel Fähndrich, K. Rustan M. Leino, and Wolfram Schulte |
|
|
Journal of Object Technology, 3(6):27-56, June
2004. |
|
The Spec# Programming System: An overview |
CASSIS 2004 |
|
Mike Barnett, K. Rustan M. Leino, and Wolfram Schulte |
|
|
In Gilles Barthe, Lilian Burdy, Marieke Huisman,
Jean-Louis Lanet, Traian Muntean, editors, Construction and Analysis
of Safe, Secure, and Interoperable Smart Devices, volume 3362 of
Lecture Notes in Computer Science, pages 49-69. Springer, March 2004. |
|
On computing the fixpoint of a set of boolean equations |
MSR TR |
|
Viktor Kuncak and K. Rustan M. Leino |
|
|
Technical Report MSR-TR-2003-08, Microsoft Research, December 2003.
Also available as cs.PL/0408045, The Computing Research Repository (CoRR). |
|
Declaring and checking non-null types in
an object-oriented language |
OOPSLA 2003 |
|
Manuel Fähndrich and K. Rustan M. Leino |
|
|
In Proceedings of the 2003 ACM Conference on
Object-Oriented Programming, Systems, Languages, and Applications
(OOPSLA'03), volume 38(11) of SIGPLAN Notices, pages 302-312.
ACM, November 2003. |
|
Abstraction dependencies |
|
|
K. Rustan M. Leino and Greg Nelson |
|
|
In Annabelle McIver and Carroll Morgan, editors,
Programming Methodology, Monographs in Computer Science, chapter 13,
pages 269-289. Springer, 2003. |
|
Heap monotonic typestates |
IWACO 2003 |
|
Manuel Fähndrich and K. Rustan M. Leino |
|
|
In Proceedings of International Workshop on
Aliasing, Confinement and Ownership in object-oriented
programming (IWACO), July 2003. |
|
A SAT characterization of boolean-program correctness |
SPIN 2003 |
|
K. Rustan M. Leino |
|
|
In Thomas Ball and Sriram K. Rajamani, editors,
Model Checking Software, volume 2648 of Lecture Notes in Computer
Science, pages 104-120. Springer, May 2003. |
|
In-place refinement for effect checking |
AVIS'03 |
|
Viktor Kuncak and K. Rustan M. Leino |
|
|
Presented at Second International Workshop on Automated Verification
of Infinite-State Systems (AVIS'03), Warsaw, Poland, April 2003. |
|
A logic of object-oriented programs |
|
|
Martín Abadi and K. Rustan M. Leino |
|
|
In Nachum Dershowitz, editor,
Verification: Theory and Practice,
Essays dedicated to Zohar Manna on the occasion of his 64th birthday,
volume 2772 of Lecture Notes in Computer Science, pages 11-41.
Springer, 2003. |
|
Data abstraction and information hiding |
TOPLAS |
|
K. Rustan M. Leino and Greg Nelson |
|
|
ACM Transactions on Programming Languages and Systems, 24(5):491-553, September 2002. |
|
Using data groups to specify and check side effects |
PLDI 2002 |
|
K. Rustan M. Leino, Arnd Poetzsch-Heffter, and Yunhong
Zhou |
|
|
In
Proceedings of the 2002 ACM SIGPLAN Conference on Programming Language
Design and Implementation (PLDI), volume 37(5) of SIGPLAN Notices,
pages 246-257. ACM, May 2002. |
|
Extended static checking for Java |
PLDI 2002 |
|
Cormac Flanagan, K. Rustan M. Leino, Mark Lillibridge, Greg Nelson, James
B. Saxe, and Raymie Stata |
|
|
In Proceedings of the 2002 ACM SIGPLAN Conference on
Programming Language Design and Implementation (PLDI), volume 37(5) of
SIGPLAN Notices, pages 234-245. ACM, May 2002.
Most Influential PLDI 2012 Paper Award
(awarded in 2012). |
|
Applications of extended static checking |
SAS'01 |
|
K. Rustan M. Leino |
|
|
In Patrick Cousot, editor, Static Analysis: 8th International Symposium
(SAS'01), volume 2126 of Lecture Notes in Computer Science, pages 185-193.
Springer, July 2001. |
|
Houdini, an annotation assistant for ESC/Java |
FME 2001 |
|
Cormac Flanagan and K. Rustan M. Leino |
|
|
In International Symposium of Formal Methods
Europe 2001: Formal Methods for Increasing Software Productivity, volume
2021 of Lecture Notes in Computer Science, pages 500-517. Springer, March
2001. |
|
Annotation inference for modular checkers |
IPL |
|
Cormac Flanagan, Rajeev Joshi, and K. Rustan M. Leino |
|
|
Information Processing Letters, 77(2-4):97-108, February 2001. |
|
Real estate of names |
IPL |
|
K. Rustan M. Leino |
|
|
Information Processing Letters, 77(2-4):169-171, February 2001. |
|
Extended static checking: A ten-year perspective |
Dagstuhl 10th anniversary |
|
K. Rustan M. Leino |
|
|
In Reinhard Wilhelm, editor, Informatics—10 Years Back,
10 Years Ahead, volume 2000 of Lecture Notes in Computer Science, pages
157-175. Springer, January 2001. |
|
ESC/Java quick reference |
SRC TN |
|
Silvija Seres with K. Rustan M. Leino and James B. Saxe |
|
|
Technical Note 2000-004, Compaq Systems Research Center, Palo Alto,
CA, October 2000. |
|
ESC/Java user's manual |
SRC TN |
|
K. Rustan M. Leino, Greg Nelson, and James B. Saxe |
|
|
Technical Note 2000-002, Compaq Systems Research Center, Palo Alto,
CA, October 2000. |
|
JML: Notations and tools supporting detailed design in
Java |
OOPSLA'00 poster |
|
Gary T. Leavens, K. Rustan M. Leino, Erik Poll, Clyde
Ruby, and Bart Jacobs |
|
|
In OOPSLA'00 Companion. ACM, 2000. Also available as Technical
Report TR #00-15, Department of Computer Science, Iowa State University,
August 2000. |
|
A semantic approach to secure information flow |
SCP |
|
Rajeev Joshi and K. Rustan M. Leino |
|
|
Science of Computer Programming, 37(1-3):113-138,
May 2000. |
|
Checking Java programs via guarded commands |
FTfJP 1999 |
|
K. Rustan M. Leino, James B. Saxe, and Raymie Stata |
|
|
Technical Note 1999-002, Compaq Systems Research Center, Palo Alto,
CA, May 1999. Also appeared in Formal Techniques for Java Programs,
workshop proceedings. Bart Jacobs, Gary T. Leavens, Peter Muller, and Arnd Poetzsch-Heffter, editors. Technical Report
251, Fernuniversität Hagen, 1999. |
|
Virginity: A contribution to the specification of object-oriented software |
IPL |
|
K. Rustan M. Leino and Raymie Stata |
|
|
Information Processing Letters, 70(2):99-105, April 1999. |
|
Joining specification statements |
TCS |
|
K. Rustan M. Leino and Rajit Manohar |
|
|
Theoretical Computer Science, 216(1-2):375-394, March 1999. |
|
Computing permutation encodings |
FAC |
|
K. Rustan M. Leino |
|
|
Formal Aspects of Computing, 11(1):56-74, 1999. |
|
Extended static checking |
SRC RR |
|
David L. Detlefs, K. Rustan M. Leino, Greg Nelson, and James B. Saxe |
|
|
Research Report 159, Compaq Systems Research Center, Palo Alto, CA,
December 1998. |
|
Data groups: Specifying the modification of extended state |
OOPSLA '98 |
|
K. Rustan M. Leino |
|
|
In Proceedings of the 1998 ACM SIGPLAN Conference on
Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA
'98), volume 33(10) of ACM SIGPLAN Notices, pages 144-153.
ACM, October 1998. |
|
Recursive object types in a logic of object-oriented programs |
NJC |
|
K. Rustan M. Leino |
|
|
Nordic Journal of Computing, 5(4):330-360, 1998. |
|
Wrestling with rep exposure |
SRC RR |
|
David L. Detlefs, K. Rustan M. Leino, and Greg Nelson |
|
|
Research Report 156, Digital Equipment Corporation Systems Research
Center, Palo Alto, CA, July 1998. |
|
A semantic approach to secure information flow |
MPC '98 |
|
K. Rustan M. Leino and Rajeev Joshi |
|
|
In Johan Jeuring, editor, Mathematics of
Program Construction: 4th International Conference, MPC'98, volume 1422 of
Lecture Notes in Computer Science, pages 254-271. Springer, June 1998. |
|
Recursive object types in a logic of object-oriented programs |
ESOP '98 |
|
K. Rustan M. Leino |
|
|
In Chris Hankin, editor, Programming
Languages and Systems: 7th European Symposium on Programming, ESOP'98,
volume 1381 of Lecture Notes in Computer Science, pages 170-184. Springer,
April 1998. |
|
Tool Demonstration: An extended static checker for Modula-3 |
CC'98 tool demo |
|
K. Rustan M. Leino and Greg Nelson |
|
|
In Kai Koskimies, editor, Compiler Construction: 7th
International Conference, CC'98, volume 1383 of Lecture Notes in Computer
Science, pages 302-305. Springer, April 1998. |
|
A small dual-automorphic lattice with no involutory dual automorphism |
SRC TN |
|
K. Rustan M. Leino and Lyle Ramshaw |
|
|
Technical Note 1997-008, Digital Equipment Corporation Systems
Research Center, Palo Alto, CA, May 1997. |
|
A logic of object-oriented programs |
TAPSOFT '97 |
|
Martín Abadi and K. Rustan M. Leino |
|
|
In Michel Bidoit and Max Dauchet, editors, Theory and
Practice of Software Development: Proceedings / TAPSOFT '97, 7th International
Joint Conference CAAP/FASE, volume 1214 of Lecture Notes in Computer
Science, pages 682-696. Springer, April 1997. |
|
Checking object
invariants |
SRC TN |
|
K. Rustan M. Leino and Raymie Stata |
|
|
Technical Note 1997-007, Digital Equipment Corporation Systems
Research Center, Palo Alto, CA, January 1997. |
|
Ecstatic: An object-oriented programming
language with an axiomatic semantics |
FOOL 4 |
|
K. Rustan M. Leino |
|
|
In Proceedings of the Fourth
International Workshop on Foundations of Object-Oriented Languages,
January 1997. |
|
Conditional composition |
FAC |
|
Rajit Manohar and K. Rustan M. Leino |
|
|
Formal Aspects of Computing, 7(6):683-703, March 1995. |
|
Constructing a program with exceptions |
IPL |
|
K. Rustan M. Leino |
|
|
Information Processing Letters, 53(3):159-163, February 1995. |
|
Toward reliable modular programs |
PhD thesis |
|
K. Rustan M. Leino |
|
|
PhD thesis, California Institute of Technology, January 1995.
Available as Technical Report Caltech CS-TR-95-03. |
|
A method for showing progress |
FAC |
|
K. Rustan M. Leino |
|
|
Formal Aspects of Computing, 7(5):567-580, January 1995. |
|
Semantics of exceptions |
PROCOMET '94 |
|
K. Rustan M. Leino and Jan L. A. van de Snepscheut |
|
|
In E.-R. Olderog, editor, Programming concepts, methods,
and calculi (PROCOMET'94), volume A-56 of IFIP Transactions, pages
447-466. North-Holland, June 1994. |
|
Multicomputer programming with Modula-3D |
MS thesis |
|
K. Rustan M. Leino |
|
|
MS thesis, California Institute of Technology, June 1993.
Available as Technical Report Caltech CS-TR-93-15. |
|
Extensions to an object-oriented programming
language for programming fine-grain multicomputers |
Caltech CS TR |
|
K. Rustan M. Leino |
|
|
Technical Report Caltech-CS-TR-92-26, 1992. |
|
K pinwheel schedulable numbers always have 3
friends, but need not have more |
|
|
K. Rustan M. Leino |
|
|
Undergraduate honors research, The University of Texas at Austin,
May 1989. Unpublished manuscript. |
Presentations
(other than conference and workshop presentations of papers
above)
- Automation and Dafny
- New Directions In Software Technology (NDIST'16), St John, VI, USA (December
2016).
- Well-founded functions, induction, and extreme predicates in an SMT-based verifier
- Seminar, Microsoft Research, Cambridge, UK (December
2016).
- Verification beyond programs
- Invited talk, Workshop on Software Correctness and Reliability, Zurich, Switzerland (October
2016).
- Certified intermediate verification language
- IFIP WG 2.3 meeting 58, Villebrumier, France (October
2016).
- Advanced Encodings into an Intermediate Verification Language
- Invited talk, AutoProof workshop, Villebrumier, France (October
2016).
- Global snapshots
- Dr. TLA+ series lecture, Microsoft Research (and youtube), Redmond, WA, USA (September
2016).
- Two-state lemmas
- Lightening talk, UW PLSE Retreat 2016, Leavenworth, WA, USA (September
2016).
- Dafny Autumn School
- 2-day seminar, with Gudmund Grov, Edinburgh, Scotland, UK (September
2016).
- Verification for the rest of us
- Invited talk, MisraFest, Austin, TX, USA (April
2016).
- Dafny tutorial
- Invited tutorial, VerifyThis @ ETAPS 2016, Eindhoven, The Netherlands (April
2016).
- Automated verification of functional programs
- Dagstuhl seminar on Verification of Functional Languages, Dagstuhl, Germany (March
2016).
- Modeling program semantics in an automated program verifier
- Pacific Northwest PLSE 2016, Seattle, WA (March
2016).
- Extreme predicates beyond continuity
- IFIP WG 2.3 meeting 57, Pasadena, CA, USA (January
2016).
- Software correctness: A personal journey
- Invited talk, PAUSE, Villebrumier, France (December
2015).
- The Dafny perspective on reasoning
- Seminar, TU Darmstadt, Germany (March 2016)
- CS Colloquium, Yale University, New Haven, CT, USA (November
2015).
- Dafny: Programs and proofs
- PLCLUB seminar, University of Pennsylvania, Philadelphia, PA, USA (October
2015).
- Traits and dynamic frames
- Semantics and Verification of Object-Oriented Languages, NII Shonan Meeting Seminar 063, Japan (September
2015).
- Program semantics and machine-assisted proofs
- 3-day mini-course, Imperial College London, London, UK (May
2015).
- Programming with and implementing Hilbert's ε operator
- IFIP WG 2.3 meeting 56, Istanbul, Turkey (March 2015).
- Induction, Synthesis, Inference
- Invited talk, Induction workshop, Chalmers, Göteborg, Sweden (March 2015).
- Making program verification work
- Seminar, U. Bergen, Norway (June 2015).
- Seminar, CEA LIST, Paris, France (March 2015).
- PL Seminar, UC Berkeley, CA, USA (February 2015).
- Higher-order functions in the verification-aware programming language Dafny
- Seminar, Imperial College London, UK (January 2015).
- Using Dafny for proofs
- Guest presentation, C141, Imperial College London, UK (January 2015).
- Early Verification
- Keynote, VMCAI 2015, joint TIFR Colloquium, Mumbai, India (January 2015).
- Preserving intent
- New Directions In Software Technology (NDIST'14), St John, VI, USA (December 2014).
- Thinking for a living
- Invited talk, Renton Rotary, Renton, WA, USA (December 2014).
- Program verification via an intermediate verification language
- Guest lecture in Emina Torlak's CSE 507, Computer-Aided Reasoning for Software, University of Washington, Seattle, WA
(May 2016).
- Guest lecture in Emina Torlak's CSE 507, Computer-Aided Reasoning for Software, University of Washington, Seattle, WA
(October 2014).
- An interface to symbolic methods
- Keynote, International Workshop on Algebraic Development Techniques (WADT 2014), Sinaia, Romania (September 2014)
- Predicates that do more
- IFIP WG 2.3 meeting 55, Orlando, FL, USA (May 2014).
- Using Dafny for programs and proofs
- Invited Tutorial, AI4FM workshop, Singapore (May 2014).
- Verifying coroutines
- Seminar, ETH Zurich, Switzerland (April 2014).
- Dafny crash course
- Tutorial, Dagstuhl seminar on Evaluating Software Verification Systems: Benchmarks and Competitions, Schloss
Dagstuhl, Germany (April 2014).
- Programming in Stages
- Invited Talk, Third workshop on Validation Strategies for Software Evolution, Grenoble, France (April 2014).
- Theorem Proving and Program Verification with Dafny
- 3-day mini-course, Imperial College London, London, UK (March
2014).
- Dafny induction demo
- Induction workshop, Imperial College London, London, UK (November
2013).
- Theorem proving using SMT
- Keynote, ITP 2013, Rennes, France (July 2013).
- More co-induction
- IFIP WG 2.3 meeting 54, Saint Petersburg, Russia (June 2013).
- Dafny: A programming system for functional correctness
- CS Colloquium, UCLA, Los Angeles, CA (January 2014).
- Northrop Grumman, Carson, CA (June 2013).
- Microsoft Development
Center Copenhagen, Copenhagen, Denmark (June 2013).
- Oracle Labs, Redwood Shores, CA (May 2013).
- For programs and proofs: mo' specs and mo' math
- JML seminar, Shonan Village, Japan (May 2013).
- Verifying coroutines
- Imperial College, London, UK (March 2013).
- Program Proving using Intermediate Verification Languages (IVLs)
like Boogie and Why3
- Invited plenary talk, HILT 2012,
Boston, MA (December 2012).
- Developing verified programs with Dafny
- Tutorial, SPLASH 2013, Indianapolis, IN
(October 2013).
- Tutorial, ICSE 2013, San Francisco, CA
(May 2013).
- Tutorial, HILT 2012, Boston, MA
(December 2012).
- Dafny and other tools in RiSE
- NASA Ames, Moffett Field, CA (November 2012).
- Induction, co-induction, calculations—what's not to like about
Dafny?
- Chalmers Technical University, Göteborg, Sweden
(May 2013).
- Imperial College, London, UK (November 2012).
- CMU, Pittsburgh, PA
(November 2012).
- Dafny, a programming system for functional correctness
- Oracle Labs, Redwood Shores, CA (May 2013).
- Ohio State University, Columbus, OH (November 2012).
- NASA JPL LaRS, Pasadena, CA (November 2012).
- Staged
program development
- Keynote, SPLASH 2012, Tucson, AZ (October 2012).
-
Coinduction in a language and verifier
- IFIP WG 2.3 meeting 53, Kirkland, WA (July 2012).
-
Induction and coinduction in an automatic program verifier
- Dagstuhl seminar on AI meets formal software development, Schloss
Dagstuhl, Germany (July 2012).
- Dafny: a tool for program
correctness
- PL seminar, MIT, Cambridge, MA (June 2012).
- Languages and
tools for supporting programmers at design time
- Invited talk, New England Programming Languages and Systems
Symposium (NEPLS), Portland, ME (June 2012).
- Engineering
Methods for Ensuring Program Correctness
- Microsoft Research LATAM Faculty Summit, Riviera Maya, Mexico (May
2012).
- Dafny: A Language and Program Verifier for Functional
Correctness
- Tutorial, Microsoft Research LATAM Faculty Summit, Riviera Maya,
Mexico (May 2012).
- Program verification using Dafny
- ELLIIT Distinguished Lecture, Linköping University, Linköping,
Sweden (March 2012).
- Wasn't that easy?! A tutorial on program
verification with Dafny
- Tutorial, KTH, Stockholm, Sweden (March 2012).
- The increasing role of verification in software development
- ACCESS Distinguished Lecture Series, KTH, Stockholm, Sweden (March
2012).
- Induction in the program verifier Dafny
- Imperial College, London, UK (February 2012).
- Chalice,
use and encoding
- Philippa Gardner's group meeting, Imperial College, London, UK
(February 2012).
- Developing verified programs with Dafny
- Semantics lunch, Cambridge University, Cambridge, UK (February
2012).
- Invited tutorial, VSTTE 2012, Philadelphia,
PA (January 2012).
- Using Chalice to reason about objects and concurrency
- POPL TutorialFest 2012 (x2), Philadelphia, PA (January 2012).
- Program verification
- Guest lecture in Ethan Jackson's CSE P 503, University of Washington, Seattle, WA
(January 2012).
- Program synthesis with Jennisys
- IFIP WG 2.3 meeting 52, Winchester, UK (September 2011).
- Using and Building an Automatic Program Verifier.
4 or 6 lectures.
- LASER Summer School 2011, Elba, Italy
(September 2011).
- International Summer School
Marktoberdorf,
Bayrischzell, Germany (August 2011).
- Using Program Verification Tools in Teaching
- With Rajeev Joshi and Rosemary Monahan. Session, Microsoft
Research Faculty Summit, Redmond, WA (July 2011).
-
Harnessing SMT power using the verification engine Boogie
- SAT/SMT Solver Summer School 2011, MIT, Cambridge, MA (June 2011).
- Building an
SMT-based program verifier using Boogie
- Informatics@Edinburgh Distinguished Lecture
- specialized lecture,
Edinburgh, Scotland (May 2011).
- Program verification
Yesterday, today, tomorrow
- Informatics@Edinburgh Distinguished Lecture, Edinburgh, Scotland
(May 2011).
- From Retrospective Verification to
Forward-Looking Development
- Invited talk, NFM 2011, Pasadena, CA (April 2011).
- Dafny:
A program verifier for functional correctness, and for students
- University of Lugano, Lugano, Switzerland (February 2011).
- UT
Austin, Austin, TX (January 2011).
- Refinement, reusable
libraries, instantiable classes
- IFIP WG 2.3 meeting 51, Santa Barbara, CA (January 2011).
- Tools and Behavioral Abstraction: A Direction for Software
Engineering
- Invited talk, Future of Software Engineering symposium, Zurich,
Switzerland (November 2010).
- Using Boogie 2 in the verification of Spec# programs
- With Rosemary Monahan. Tutorial,
SBMF 2010, Natal, Brazil (November 2010).
- Dafny, a program verifier for functional correctness
- Technical University Eindhoven, Eindhoven, The Netherlands (November
2011).
- CMU, Pittsburg, PA (April 2011).
- Seminar, Altran Praxis, Bath, UK (August 2010).
- The Dafny program verifier
- Victoria University of Wellington, Wellington, NZ (April 2010).
- Contracts, tools, verification
- Keynote, ASWEC 2010, Auckland, NZ (April 2010).
- Two problems in the specification of termination
- IFIP WG 2.3 meeting 50, Lachen, Switzerland (March 2010).
- Verifying Concurrent Programs with Chalice
- Invited talk, VMCAI 2010, Madrid, Spain (January 2010).
- Fun with code, tests, and verification
- Guest lecture in Mani Chandy's CS 141, Caltech, Pasadena, CA (November 2009).
- Understanding Program Verification
- Invited talk, PROLE 2009, San Sebastian, Spain (September 2009).
- Verification of concurrent object-oriented programs
- EPFL, Lausanne, Switzerland (September 2009).
- A Foundation for Verifying Concurrent Programs. 2
lectures.
- 9th International School on Foundations of
Security Analysis and Design (FOSAD 2009), Bertinoro, Italy
(September 2009).
- Comparing heap models: Ownership, Dynamic frames, Permissions
- Dagstuhl seminar on Typing, Analysis and Verification of
Heap-Manipulating Programs, Schloss Dagstuhl, Germany (July 2009).
- Dynamic-frame specifications in Dafny
- JML seminar, Schloss Dagstuhl, Germany (July 2009).
- Locks, channels, deadlock freedom, progress
- IFIP WG 2.3 meeting 49, Boston, MA (June 2009).
- Correct Concurrency with Chalice
- Seminar, MIT, Cambridge, MA (June 2009).
- Seminar, INRIA-MSR joint lab, Orsay, France (January 2009).
- Verification tools at Microsoft
- Invited talk, Digiteo seminar, Orsay, France (January 2009).
- How tool-based verification can be incorporated in teaching
- Invited talk, Informatics Education Europe III, Venice, Italy
(December 2008).
- Specification techniques for verifying object-oriented software
- University of Lugano, Lugano, Switzerland (December 2008).
- Dynamic-frame specifications in Dafny
- Invited talk, COST Action IC0701, Formal Verification of
Object-Oriented Software, working group meeting, Madrid, Spain
(December 2008).
- Specification and Verification of Object-Oriented Software.
5 lectures.
- International Summer School Marktoberdorf,
Marktoberdorf, Germany (August 2008).
- Ceaselessly-analyzing development environments
- Panel presentation, COMPSAC 2008, Turku, Finland (July 2008).
- Specification and Verification of Programs with Pointers.
2 lectures.
-
Summer School on Logic and Theorem-Proving in
Programming Languages, Eugene, OR (July 2008).
- Thread-local contributions
- IFIP WG 2.3 meeting 48, Cambridge, UK (July 2008).
- Spec#
- Alt.NET, Redmond, WA (April 2008).
- Boogie
- Microsoft Research India, Bangalore, India (February 2008).
- Program verification using the Spec# programming system
- With Rosemary Monahan. Tutorial, ETAPS 2008, Budapest, Hungary
(March 2007).
- Specifying and verifying software
- KU Leuven, Leuven, Belgium (August 2008).
- Chalmers, Göteborg, Sweden (November 2007).
- Invited talk, ASE 2007, Atlanta, GA (November 2007).
- Spec#
- Invited talk, Øredev, Malmö, Sweden (November
2007).
- Designing a type system for BoogiePL 2
- IFIP WG 2.3 meeting 47, Santa Fe, NM (October
2007).
- Designing verification conditions for software
- Invited talk, CADE-21, Bremen, Germany (July
2007).
- Program verification via an intermediate language
- Seminar, National University of Ireland, Maynooth, Maynooth, Ireland (June
2007).
- Verifying object-oriented software: Lessons and challenges
- Invited talk, TACAS 2007, part of ETAPS in Braga, Portugal (March
2007).
- Reasoning about object structures in Spec#
- UNSW, Sydney, Australia (January 2007).
- INRIA + Microsoft lab,
Paris, France (November 2006).
- Automatic verification of summations
- IFIP WG 2.3 meeting 46, Sydney, Australia (January 2007).
- Going beyond a simple ownership system in Spec#
- European Science Foundation workshop on Java program verification,
Nijmegen, The Netherlands (October 2006).
- Object invariants in specification and verification
- Invited talk, Brazilian Symposium on Formal Methods (SBMF 2006), Natal, Brazil (September 2006).
- Spec#
- Microsoft Research Faculty Summit 2006, Redmond, WA (July 2006).
- Specifying and verifying programs in Spec#.
- Invited talk, Sixth International Andrei Ershov Memorial Conference
Perspectives of System Informatics (PSI 2006), Novosibirsk, Russia (June
2006).
- Building a program verifier
- Guest lecture in Shaz Qadeer's CSE 599f, Formal Verification of
Computer Systems, University
of Washington, Seattle, Washington (May 2006).
- Panel on Integrated Verification
- The Challenge of Software Verification, Schloss Dagstuhl, Germany (Jul 2006).
- IFIP WG 2.3 meeting 45, Bruges, Belgium (April 2006).
- Invariants on demand
- Invited talk, 3rd IEEE International Conference on Software Engineering
and Formal Methods (SEFM 2005), Koblenz, Germany (September 2005).
- Loop invariants on demand
- IFIP WG 2.3 meeting 44, Niagara Falls, ON (June 2005).
- The Spec# programming system
- Distinguished Lecture, Max-Planck Institute for Software Systems,
Kaiserslautern, Germany (March 2006).
- Seminar, Åbo Akademi University, Turku, Finland (December 2005).
- Lunch seminar, Praxis High Integrity Systems, Bath, UK (December 2005).
- Short presentation and demo, Verified Software: Theories, Tools,
Experiments (VSTTE 2005), Zurich, Switzerland (October 2005).
- Software Quality Research Lab Distinguished Lecture, McMaster
University, Hamilton, ON (May 2005).
- Colloquium, University of Toronto, Toronto, ON (May 2005).
- Advanced programming tools at Microsoft
- Distinguished Lecture, York University, Toronto, ON (May 2005).
- Demand-driven inference of loop invariants in a theorem prover.
- Invited talk, Fourth International Workshop on
Automated Verification of Infinite-State Systems (AVIS'05),
Edinburgh, Scotland, UK (April 2005).
- Program verification and programming methodology.
- Invited talk, 12th International Workshop on
Abstract State Machines (ASM 2005), Paris, France (March 2005).
- Programming methodology.
- Panel discussion, Workshop on the Verification Grand Challenge,
Menlo Park, CA (February 2005).
- Writing specifications for object-oriented programs.
- Invited talk, First International Workshop on Abstract
Interpretation of Object-Oriented Languages, Paris, France (January 2005).
- Challenges in increasing tool support for programming.
- Invited talk, First International Colloquium on Theoretical
Aspects of Computing, Guiyang, Guizhou, China (September 2004).
- On bounded model checking, induction, and interpolants
- IFIP WG 2.3 meeting 43, Prato, Italy (September 2004).
- Spec#: Writing and checking contracts in a .NET language.
- Keynote, .NET Technologies 2004, 2nd International Workshop,
Plzeň, Czech Republic (June 2004).
- Hoare-style program verification.
3 lectures.
- Guest lectures in Rob DeLine's CSE 503, Software Engineering, University
of Washington, Seattle, Washington (April/May 2004).
- Toward enforceable contracts in .NET
- Keynote, Workshop on Construction and Analysis of Safe, Secure
and Interoperable Smart devices (CASSIS 2004), Marseille, France (March 2004).
- Abstract interpretation for heap structures
- IFIP WG 2.3 meeting 42, Philadelphia, PA (January 2004).
- Verifying invariants in object-oriented programs
- Colloquium, Department of Computer Science, ETH Zurich, Switzerland (November 2003).
- Technologies for finding errors in object-oriented software.
4 lectures.
- UNU-IIST (United Nations University - International Institute for
Software Technology) and IFIP WG 2.3 Summer School on Formal methods of
Software, Tunis, Tunisia (September 2003).
- Static program checking, module by module
- Invited tutorial, Prato workshop on Trusted Components, Prato, Italy
(January 2003).
- A SAT characterization of boolean-program correctness.
- IFIP WG 2.3 meeting 41, Biarritz, France (March 2003).
- Department colloquium, Washington University in St. Louis, St. Louis, MO
(February 2003).
- IFIP WG 2.4 meeting, Schloss Dagstuhl, Germany (November 2002).
- University of Eindhoven, Eindhoven, The Netherlands (November 2002).
- ESC/Java or Light-weight formal methods: from objects to
components.
- Invited talk, First international symposium on Formal Methods for
Components and Objects (FMCO 2002), Leiden, The Netherlands (November 2002).
- Checking correctness properties of object-oriented programs.
5 lectures.
- EEF Summer School on Specification, Refinement and Verification, Turku,
Finland (August 2002).
- Modular checking and side effects.
- IFIP WG 2.3 meeting 40, Turku, Finland (August 2002).
- Checking side effects in object-oriented programs.
- Invited talk, Java Verification Workshop (JVW'02), Portland, OR (January
2001).
- ESC/Java: The Greatest Thing Since Sliced Bread.
- Distinguished Lecturer Series, Computing and Information Sciences,
Kansas State University, Manhattan, KS (October 2001).
- Applications of extended static checking.
- Invited talk, Static Analysis Symposium (SAS'01), Paris, France (July
2001).
- Challenging applications of extended static checking.
- Panelist, Silver bullets for AI softwolves, AAAI 2001 Spring
Symposium on Model-Based Validation of Intelligence, Stanford, CA (March
2001).
- Houdini, an annotation assistant for ESC/Java.
- Swedish Institute of Computer Science, Kista, Sweden (May 2001).
- Uppsala University, Uppsala, Sweden (May 2001).
- Chalmers University of Technology, Göteborg, Sweden (May 2001).
- Computer science colloquium, University of Iowa, Iowa City, IA (May
2001).
- Microsoft Research, Redmond, WA (April 2001).
- Imperial College, London, England (January 2001).
- Oxford University, Oxford, England (January 2001).
- Benevolent side effects considered malevolent.
- IFIP WG 2.3 meeting 38, Santa Cruz, CA (January 2001).
- Program checking.
- Invited talk, Schloss Dagstuhl's Tenth Anniversary conference
Informatics—10 years back, 10 years ahead, Saarbrucken, Germany
(August 2000).
- IFIP WG 2.3 workshop on program methodology, Tandil, Argentina
(September 2000).
- Real estate of names.
- Invited talklet, In Pursuit of Simplicity, a symposium honoring
Edsger W. Dijkstra, UT Austin, Austin, TX (May 2000).
- Extended static checking for Java.
- Automated Software Engineering Group seminar, NASA Ames, Mountain View,
CA (November 2001).
- Distinguished Lecture Series, Cornell University Computer Science
Department, Ithaca, NY (Oct 2001).
- University of Toronto, Toronto, ON, Canada (May 2001).
- Computer Science Seminar, University of Cambridge, Cambridge, England
(April 2000).
- LFCS Theory Seminar, University of Edinburgh, Edinburgh, Scotland (April
2000).
- University of Glasgow, Glasgow, Scotland (April 2000).
- Programming Systems Seminar, UC Berkeley, Berkeley, CA (March 2000).
- UC Davis, Davis, CA (February 2000).
- Finding bugs in Java programs.
- IFIP WG 2.3 meeting 37, Longhorsley, England (April 2000).
- ESC/Java.
- Stanford University, Stanford, CA (October 1999).
- Invited talk, Larch Users' Group Meeting at World Congress on Formal
Methods (FM'99), Toulouse, France (September 1999).
- UW/MSR Summer Institute on Technologies to Improve Software Development,
Semi-ah-moo, WA (August 1999).
- The essence of object-oriented program semantics.
- Distinguished Lecturer Series -
specialized lecture, Computing and Information Sciences,
Kansas State University, Manhattan, KS (October 2001).
- The University of Texas at Austin, Austin, TX (October 1999).
- The semantic challenge of object-oriented programming (seminar), Schloss
Dagstuhl, Germany (June 1998).
- IFIP WG 2.3 meeting 35, Bloomington, IN (June 1998).
- Extended static checking.
- Invited talk, PROCOMET'98, Shelter Island, NY (June 1998).
- A semantic approach to secure information flow.
- California Institute of Technology, Pasadena, CA (March 1998).
- IFIP WG 2.3 meeting 34, Alsace, France (September 1997).
- Soundness and completeness considered harmful.
- SRI computer science seminar, Menlo Park, CA (May 1998).
- Object invariants in Java.
- IFIP WG 2.3 meeting 34, Alsace, France (September 1997).
- Generalized data abstraction.
- IFIP WG 2.3 meeting 33, Napa Valley, CA (January 1997).
- Extended static checking.
- ETH Zurich, Zurich, Switzerland (September 1997).
- The University of Texas at Austin, Austin, TX (August 1997).
- Rice University, Houston, TX (July 1997).
- IBM Austin Research Laboratory, Austin, TX (July 1997).
- Seminar on semantics and abstract interpretation, Ecole Normale
Superieure, Paris, France (April 1997).
- California Institute of Technology, Pasadena, CA (December 1996).
- Odyssey Research Associates, Inc., Ithaca, NY (November 1996).
- NUPRL seminar, Cornell University, Ithaca, NY (November 1996).
- Toward reliable modular programs.
- Microsoft Research, Redmond, WA (January 1995).
Professional distinctions
- IFIP Fellow, 2022
- ACM Fellow, 2016
- Tool Used by Most Teams Award (for Dafny), VerifyThis @ ETAPS 2015 program verification competition
- ACM SIGPLAN Most Influential 2002 PLDI Paper Award, 2012. For the
paper "Extended Static Checking for Java" by Cormac Flanagan, K. Rustan M.
Leino, Mark Lillibridge, Greg Nelson, James B. Saxe, and Raymie Stata.
- Shared Tool Used by Most Teams Award (for Dafny), VerifyThis @
FM 2012 program verification competition
- Silver Medal (with Peter Müller), VSTTE 2012 Program Verification Competition
- Best Paper Award, FM 2011 for the paper "Software Competition: Experience Report"
by Vladimir Klebanov, et al.
- IFIP Silver Core Award, 2010, awarded for outstanding service
- Member, IFIP
Working Group 2.3 "Programming Methodology", 2000-present.
(Secretary, 2003-2012.) (Vice Chair, 2014-2020.) (Chair, 2020-present.)
Graduate school awards and distinctions
- Research supported by Digital Equipment Corporation Systems Research
Center, Palo Alto, CA, 1992-93 and 1994-95.
- American Scandinavian Foundation of Los Angeles. Scholarship, 1994.
- One of about 75 computer science students selected worldwide to attend the
International Summer School on Program Design Calculi, Marktoberdorf, Germany,
1992.
Undergraduate awards and distinctions
- Upsilon Pi Epsilon, Computer Science Honors Society (elected officer, UT
Austin, 1988-89).
- College of Natural Sciences, College Scholar, UT Austin, 1988 and 1989.
- The Honor Society of Phi Kappa Phi.
- Phi Beta Kappa.
- Golden Key National Honor Society.
- Angus G. and Erna H. Pearson Endowed Scholarship, UT Austin, 1988.
- Alpha Lambda Delta, Freshman Honor Society.
- Phi Eta Sigma, Freshman Honor Society.
High school awards and distinctions
- Among numerous other academic high school awards, won 1st place Advanced
Level, Kentucky Council Teachers of Mathematics High School Math Contest,
1985-86.
- Among other high school programming contests first places, tied 5th place
in the 1986 International Computer Program Solving Contest, in which 2500
teams from 13 countries participated. (With team mates Robert S. French and
Dean Brooks.)
- Among several other musical awards in high school, selected to play in the
1986 Kentucky All-State Symphonic Band. (Bass saxophone and baritone
saxophone.)
Advisory committees
Thesis committees
- Habilitation thesis committees:
- Jean-Christophe Filliâtre, Université Paris Sud 11
(December 2011).
- Claude Marché, University Paris 11 (2005).
- PhD thesis committees:
- Jatin Arora, CMU (August 2024).
Advisor: Umut A. Acar.
- Tim Woods, Imperial College London (December 2016). Internal
reviewer. Advisor: Sophia Drossopoulou.
- Martin Hentschel, TU Darmstadt (March 2016).
External reviewer. Advisor: Reiner Hähnle.
- Nadia Polikarpova, ETH Zurich (April 2014).
External reviewer. Advisor: Bertrand Meyer.
- Nicholas Smallbone, Chalmers Technical University (May 2013).
Opponent. Advisor: Koen Claessen.
- Ronald Middelkoop, Technical University Eindhoven (November 2011). External
reviewer. Advisor: Ruurd Kuiper and Kees Huizing. Professor:
Mark G. J. van den Brand.
- Aliaksei Ttsitovich, University of Lugano (February 2011). Advisor:
Natasha Sharygina.
- Radu Grigore, University College Dublin (August 2010). External
reviewer. Advisor: Joe Kiniry.
- Yannick Moy, Université
Paris 11 (2009). External reviewer. Advisor: Claude Marché.
- Cristina Cerschi Seceleanu, Åbo Akademi University (2005).
External reviewer and Opponent. Advisor: Academy Prof. Dr. Ralph-Johan Back.
- Rajeev Joshi, The University of Texas at Austin (1999).
Advisor: Prof. Dr. Jayadev Misra.
Editorial boards
- Editorial board, Journal of Automated Reasoning, 2007-present.
Project advice
- Project evaluator, Research theme: Proof and Verification, INRIA, 2015.
- Project evaluator, Research theme A: Symbolic systems, INRIA, 2006.
- Scientific advisory board, Mobius project, 2005-2007.
- Project retreat external visitor, Open Software Quality project, UC
Berkeley, May 2001.
Steering committees
- Programming Languages meet Program Verification (PLPV) workshop (2011-2015)
- ETAPS steering committee (2011-2012)
- BOOGIE workshop on intermediate verification languages (2011-2012)
- Formal Techniques for Java-like Programs (FTfJP) workshop (2004-present)
Program committees
- 13th International Conference on integrated Formal Methods (iFM 2017), Torino, Italy (September 2017).
- 29th International Conference on Computer-Aided Verification (CAV 2017), Heidelberg, Germany (July 2017).
- Formal Methods (FM 2016), Limassol, Cyprus (November 2016).
- 3rd Workshop on Formal Integrated Development Environment (F-IDE 2016),
at FM 2016, Limassol, Cyprus (November 2016).
- 8th Working Conference on Verified Software: Theories, Tools, and
Experiments (VSTTE 2016), Toronto, ON, Canada (July
2016).
- Co-chair, International Conference on Verification, Model Checking,
and Abstract Interpretation (VMCAI 2016), St Petersburg, FL, USA
(January 2016).
- 20th International Conference on Logic for Programming, Artificial Intelligence and Reasoning
(LPAR-20), Suva, Fiji (November 2015).
- Formal Methods (FM 2015), Oslo, Norway (June 2015).
- 7th NASA Formal Methods Symposium (NFM 2015), Pasadena, CA, USA (April 2015).
- 2nd Workshop on Formal Integrated Development Environment (F-IDE 2015),
at FM 2015, Oslo, Norway (June 2015).
- 1st Workshop on Formal Integrated Development Environment (F-IDE 2014),
at ETAPS 2014, Grenoble, France (April 2014).
- Workshop on Formal Techniques for Java-like Programs (FTfJP 2013),
at ECOOP 2013, Montpellier, France (2013).
- ESEC/FSE 2013 Tool Demos (ESEC/FSE Tools), Saint
Petersburg, Russia (August 2013).
- 24th International Conference on
Automated Deduction (CADE-24), Lake Placid, NY (June 2013).
-
27th European Conference on Object-Oriented Programming (ECOOP 2013),
Montpellier, France (June 2013).
- Formal Methods (FM 2012),
Paris, France (August 2012).
- 26th European Conference on
Object-Oriented Programming (ECOOP 2012), Beijing,
China (June 2012).
- Eighteenth International Conference on Tools and Algorithms
for the Construction and Analysis of Systems (TACAS 2012),
Tallinn, Estonia (March 2012).
- Verified Software: Theories, Tools and
Experiments (VSTTE 2012), Philadelphia, PA (January
2012).
- Co-chair, First International Workshop on
Intermediate Verification Languages (BOOGIE 2011),
Wrocław, Poland (August 2011).
- Workshop on Formal Techniques for
Java-like Programs (FTfJP 2011), Lancaster UK (July 2011).
-
Co-chair,
Seventeenth International Conference on Tools and Algorithms for the Construction
and Analysis of Systems (TACAS 2011), Saarbrücken, Germany
(March-April 2011).
- Verified Software: Theories, Tools and
Experiments (VSTTE 2010),
Edinburgh, Scotland (August 2010).
- International Joint Conference on
Automated Reasoning (IJCAR 2010), Edinburgh, Scotland (July
2010).
- Programming Languages meets Program Verification (PLPV 2010),
Madrid, Spain (January 2010).
-
Verification, Model Checking, and Abstract Interpretation (VMCAI 2010),
Madrid, Spain (January 2010).
-
11th International Conference on Formal Engineering Methods (ICFEM 2009),
Rio de Janeiro, Brazil (December 2009).
-
International Workshop on Aliasing, Confinement and Ownership in
object-oriented programming (IWACO 2009) (July 2009).
- Seventh International Andrei
Ershov Memorial Conference, Perspectives of System Informatics (PSI 2009),
Novosibirsk, Russia (June 2009).
- Programming Languages meets Program
Verification (PLPV 2009), Savannah, Georgia (January
2009).
- 15th International Symposium on Formal
Methods
(FM 2008), Turku, Finland (May 2008).
-
Verification, Model Checking, and Abstract Interpretation (VMCAI 2008),
San Francisco, CA (January 2008).
-
Ninth International Conference on Formal Engineering Methods (ICFEM
2007), Boca Raton, FL, USA (November 2007).
- International Workshop on
Aliasing, Confinement and Ownership in Object-Oriented Programming (IWACO
2007),
at ECOOP 2007, Berlin, Germany (July 2007).
- Workshop on Programming Languages and Analysis for Security (PLAS
2007), at PLDI 2007, San Diego, CA, USA (June 2007).
- International
Conference TOOLS EUROPE 2007 - Objects, Models, Components, Patterns,
Zurich, Switzerland (June 2007).
- Foundations and Developments of Object-Oriented Languages
(FOOL/WOOD 2007), at POPL 2007, Nice, France (January 2007).
-
Co-chair, Workshop on Verified Software: Theories, Tools, and
Experiments (VSTTE 2006), at FLoC 2006, Seattle, WA, USA (August 2006).
- Formal Methods (FM 2006), Hamilton, Canada (August 2006).
-
15th International Conference on Compiler Construction (CC 2006),
Vienna, Austria (March 2006).
- Workshop on Formal Techniques for Java-like Programs (FTfJP 2006),
at ECOOP, Nantes, France (July 2006).
-
Fourth workshop on Specification and Verification of Component-Based Systems
(SAVCBS 2005), at ESEC/FSE 2005, Lisbon, Portugal (September 2005).
- 3rd
International Conference on Software Engineering and Formal Methods (SEFM
2005), Koblenz, Germany (September 2005).
- 1st International Workshop on Abstract Interpretation of
Object-Oriented Languages (AIOOL), at VMCAI 2005, Paris, France (January
2005).
- 14th International Conference on Compiler Construction (CC
2005), Edinburgh, Scotland (April 2005).
- Workshop on Specification and Verification of Component-Based
Systems (SAVCBS 2004), at ACM SIGSOFT 2004/FSE-12, Newport Beach,
California (October/November 2004).
- 2nd International Conference on Software Engineering and Formal
Methods (SEFM 2004), Beijing, China (September 2004).
- Mathematics of Program Construction (MPC 2004), Stirling, Scotland,
UK (July 2004).
- 2nd International Workshop on .NET Technologies'2004, University of
West Bohemia, Campus-Bory Plzen, Czech Republic (31 May - 2 June 2004).
- Workshop on Specification and Verification of Component-Based
Systems (SAVCBS 2003), at ESEC/FSE, Helsinki, Finland (September 2003).
- Workshop on Formal Techniques for Java-like Programs (FTfJP 2003),
at ECOOP, Darmstadt, Germany (July 2003).
- Prato workshop on Trusted Components, Prato, Italy (January 2003).
- Workshop on Formal Techniques for Java-like Programs (FTfJP 2002),
at ECOOP, Málaga, Spain (June 2002).
- Workshop on Foundations of Aspect-oriented Languages (FOAL), at
AOSD, Enschede, The Netherlands (April 2002).
- Mathematics of Program Construction (MPC 2002), Schloss Dagstuhl,
Germany (July 2002).
- ACM Symposium on Principles of Programming Languages (POPL'02),
Portland, Oregon (January 2002).
- Workshop on Specification and Verification of Component-Based
Systems (SAVCBS 2001), at OOPSLA, October 2001.
- Workshop on Formal Techniques for Java Programs (FTfJP 2001), at
ECOOP, Budapest, Hungary (June 2001).
- The Second International Workshop on Automated Program Analysis,
Testing and Verification (WAPATV), at ICSE, Toronto, Canada (May 2001).
- Mathematics of Program Construction (MPC 2000), Ponte de Lima,
Portugal, July 2000.
- The First International Workshop on Automated Program Analysis, Testing and Verification
(WAPATV), at ICSE,
University of Limerick, Ireland, June 2000.
- Intercontinental Workshop on Aliasing in Object-Oriented Systems (IWAOOS'99),
in conjunction with ECOOP, Lisbon, Portugal, June 1999.
- The Sixth International Workshop on Foundations of Object-Oriented
Languages (FOOL 6), at POPL, San Antonio, TX, January 1999.
External Review Committees
- 40th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2013),
External Review Committee, Rome, Italy.
Mentoring
- Intern mentor, Amazon Web Services:
- Tabea Bordis (KIT), 2023.
- Gaurav Parthasarathy (ETH Zurich), 2022.
- Stefan Zetzsche (University College London), 2021.
- Jatin Arora (CMU), 2021.
- Wouter Schols (Eindhoven University of Technology), 2020.
- Marianna Rapoport (U. Waterloo), 2019.
- Sam Gruetter (MIT), 2019.
- Vihang Patel (Texas A&M), 2019.
- Jared Lim (Cornell), 2019.
- Joshua Gancher (Cornell), 2019.
- Matthias Schlaipfer (TU Vienna), 2019.
- Daniel Schoepe (Chalmers), 2018.
- Steven S. Lyubomirsky (U. Washington), 2018.
- James Bornholt (U. Washington), 2018.
- Research intern mentor, Microsoft Research:
- James Wilcox (U. Washington), shared intern with Jay Lorch, 2017.
- Daniel Matichuk (Software Systems Research Group at Data61), 2016.
- Kenny Foner (U. Penn), 2016.
- Clément Pit--Claudel (MIT), 2015.
- Dan Rosén (Chalmers), 2014.
- Maria Christakis (ETH Zurich), 2013.
- Valentin Wüstholz (ETH Zurich), 2013.
- Jason Koenig (CMU), 2011, 2012.
- Aleksandar Milicevic (MIT), 2011.
- Kuat Yessenov (MIT), 2010.
- Claire Le Goues (U. Virginia), 2009.
- Philipp Rümmer (Chalmers), 2008, 2009.
- Ronald Middelkoop (TU Eindhoven), 2007.
- Ralf Sasse (UI Urbana-Champaign), 2007.
- Ádám Darvas (ETH Zurich), 2006.
- Angela Wallenburg (Chalmers), 2006.
- Bor-Yuh Evan Chang (UC Berkeley), 2004, 2005.
- Xinming Ou (Princeton), 2004.
- Rob Klapper (Washington University in St. Louis), 2003.
- Viktor Kuncak (MIT), 2002.
- Mentor, Compaq SRC:
- Stephen N. Freund, 2000-2001.
- Rajeev Joshi, 1999-2001.
- Cormac Flanagan, 1997-2001.
- Raymie Stata, 1996-2000.
- Research intern host, Compaq SRC:
- Todd Millstein (University of Washington), 1999.
- Rajeev Joshi (The University of Texas at Austin), 1997.
Other professional activities
- Delegate, National Academy of Engineering / UK Royal Academy of
Engineering / Chinese Academy of Engineering Global Grand Challenges
Summit, Washington, DC, USA, 2018.
- Delegate, National Academy of Engineering / UK Royal Academy of
Engineering / Chinese Academy of Engineering Global Grand Challenges
Summit, Beijing, China, 2016.
- Microsoft Achievement Award (awarded 2011, used Aug-Oct 2013)
- Delegate, National Academy of Engineering / UK Royal Academy of
Engineering / Chinese Academy of Engineering Global Grand Challenges
Summit, London, UK, 2013.
- National Academy of Engineering Japan-America Frontiers of
Engineering symposium, Irvine, CA, Nov 2009.
- National Academy of Engineering Frontiers of Engineering
symposium, Redmond, WA, 2007.
- Summer intern czar (program coordinator), Compaq SRC, 1998.
- Graduate Admissions Committee, Computer Science, Caltech, 1994.
- Contributing editor to Cobb Journal on Microsoft Word for the PC,
1990-1991.
- Contributor to the LAN Manager Programming Reference, Microsoft
Press, 1990.
- Member of the Association for Computing Machinery, 1989-present.
Patents
- Cormac Andrias Flanagan and K. Rustan M. Leino. Method and
apparatus for automatically inferring annotations. U.S. Patent
7,120,902, October 2006.
- K. Rustan M. Leino, Todd David Millstein, and
James B. Saxe. System and method for verifying computer program
correctness and providing recoverable execution trace information.
U.S. Patent 7,024,661, April 2006.
- Cormac Andrias Flanagan and K. Rustan M. Leino. Method and
apparatus for organizing warning messages. U.S. Patent 6,978,443,
December 2005.
- Raymond Paul Stata, Cormac Flanagan, K. Rustan M. Leino, Mark D.
Lillibridge, and James Benjamin Saxe. System and method for lexing
and parsing program annotations. U.S. Patent 6,353,925, March 2002.
- K. Rustan M. Leino, Mark David Lillibridge, and Raymond Paul Stata.
Method and apparatus for statically analyzing a computer program for data
dependencies. U.S. Patent 5,987,252, November 1999.
Shareware computer games
Compact Discs
- Caltech Jazz Bands.
Exothermic Jazz. 1994. Director: Bill Bing. (Tenor and
baritone saxophones.)
Videos and soundtracks
- Verification Corner (http://research.microsoft.com/verificationcorner)
- PPRC Summer Intern Video,
The Incredible Race. Microsoft
Research, 2003. (Production. And with others, editing and
soundtrack.)
- PPRC Espresso Machine Tutorial. Microsoft Research,
2003. With Shaz Qadeer.
- PPRC Summer Intern Video, Episode 2002: Attack of the aliasing
bug. Microsoft Research, 2002. (Production. And with
others, editing and soundtrack.)
- Soundtrack for Emergency Response Procedures video, Compaq SRC, 2000.
- Soundtrack for Compaq Research for Palo Alto Chamber of Commerce, 2000.
- Soundtrack for SRC Summer Intern Video 1999. (With Todd Millstein.)
- Soundtrack for research videos At the Gallery and In the
Lab, describing the Bytes of Art project, 1998.
- Soundtrack for research video describing VistaBar, 1997.
- SRC Summer Intern Video 1994. (Script, soundtrack, and editing, joint with
others.)
- SRC Summer Intern Video 1992. (Soundtrack and editing, joint with others.)
Acknowledgment: Ken Beckman made the videos in the third group above
possible and lots of fun.
Original music
Some recordings, lyrics, and sheet music of original music is available at https://leino-online.com/music.
Some musical appearances
- Various bands, St. Matthew's Lutheran Church, Renton, WA. 2012-present. (Drums, bass, keyboards, tenor sax.)
- House band, retirement party, Luther's Table, Renton, WA. July 2016. (Bass.)
- House band, Children's Hospital Cancer Research fund raiser, Mercer Island, WA. October 2012. (Drums.)
- Jazz Open Jam, a monthly event,
Luther's Table, Renton, WA. 2012-2013. (Drums, keyboards, tenor sax, vocals.)
- Principles of Jazz, POPL 2012 jazz band, Philadelphia, PA.
January 2012. (Drums, piano.)
- Farewell party band, Marktoberdorf International Summer School,
Bayrischzell, Germany, 2011. (Piano, vocals.)
- Principles of Jazz, POPL 2011 jazz band, Austin, TX. January 2011. (Drums, tenor sax, piano.)
- The Assumptions, Marktoberdorf International Summer School,
Marktoberdorf, Germany, 2008. (Tenor sax, bass, keyboards, drums.)
- God's Garage band, every third Sunday at 9:30 and 11:00 services,
St. Matthew's Lutheran Church, Renton, WA. 2008-2011. (Drums, fill-in on keyboards.)
- Song of the day, monthly at 10:30 service, with Grace Ensemble.
Grace Lutheran Church, Bellevue, WA. 2002-2005. (Drums, bass guitar, keyboards, sax.)
- Weekly worship services, Immanuel Lutheran Church, Los Altos, CA. 1996-2001. (Drums, bass guitar, keyboards, vocals.)
- Joseph and the technicolor dreamcoat. St. Lawrence Academy, March 2001. (Drums.)
- They're playing our song. West Valley Light Opera, Spring 1999. (Drums.)
- Various concerts with the Caltech Thursday Jazz Band,
1992-95. Guest artists at concerts included: drummer Gregg Bissonette,
guitarist Grant Geissman, trumpet
player Chuck Findley, vocalist Angie Whitney, and composer and arranger Joe
Curiale. (Tenor and baritone saxophones.)
- Various concerts with the Caltech Monday Jazz Band, 1991-92. (Tenor saxophone.)
- Special appearance with rock band Bob Popular, UT Austin, May 1989. (Tenor saxophone.)
Some extracurricular activities
- Sabbatical team, St Matthew's Lutheran Church, Renton, WA. (2023)
- Mutual Ministry Team, St Matthew's Lutheran Church, Renton, WA. (2022-present)
- Board member, Mending Wings, Yakama Nation. (September 2013-December 2016)
- Volunteer, Luther's Table (a cafe and bar), Renton, WA. (September-October 2013)
- Volunteer High School math teacher, Maths Camp, Sponsor an African Scholar (SAAS), Mombasa, Kenya. (August 2013)
- Vice President, St. Matthew's Lutheran Church, Renton, WA. (2013-present)
- Council member, St. Matthew's Lutheran Church, Renton, WA. (2012-present)
- Group Exercise Volunteer (step aerobics instructor), Bellevue Family YMCA, Bellevue, WA. 2004-2012.
(Substitute instructor, 2012-2017.)
- Celebrity scientist, 2nd grade class, Somerset Elementary School, Bellevue, WA, January 2007.
- Celebrity scientist, one 1st grade and one 4th grade class, Somerset Elementary School, Bellevue, WA, February 2006.
- Fusion Jazz combo (drums), Ron Cole, instructor, Music Works Northwest, Spring 2005, Fall 2005, Winter 2006, Spring 2006.
- Smooth Jazz combo (drums), Darren Motamedy, instructor, Music Works Northwest, Fall 2004, Winter 2005.
- Chair, Evangelism committee, Grace Lutheran Church, Bellevue, WA. 2004-present.
- Coach of a Somerset Elementary School team for Middle School Math Olympiad, Bellevue, WA, Spring 2004.
- Music leader, Grace Ensemble, Grace Lutheran Church, Bellevue, WA. 2002-2005.
- Worship and music committee, Grace Lutheran Church, Bellevue, WA. 2002-2004.
- Co-coach of a Somerset Elementary School team for Middle School Math Olympiad, Bellevue, WA, Spring 2002.
- Co-leader, small-group Bible studies (Genesis; Jeremiah; Romans;
Revelation; Shadow of the Galilean; The inward pilgrimage: an introduction to
Christian spiritual classics), Immanuel Lutheran Church, Los Altos, CA, 1999-2001.
- Chair, Evangelism committee, Immanuel Lutheran Church, Los Altos, CA, 1999-2001.
- Performed and recorded music for youth group musicals, Immanuel Lutheran Church, Los Altos, CA, 1999, 2000.
- Visioning for the 21st Century committee, Immanuel Lutheran Church, Los Altos, CA, 1999.
- Church Council, Immanuel Lutheran Church, Los Altos, CA, 1996-1999.
- Chair, Youth director search committee, Immanuel Lutheran Church, Los Altos, CA, 1997.
- Music leader, contemporary worship service, Immanuel Lutheran Church, Los Altos, CA, 1996-1997.
- Representative at ELCA Sierra Pacific Synod convention, 1997.
- Chair, Second Phase Building Fund Campaign, Immanuel Lutheran Church, Los Altos, CA, Summer 1996.
- Helped start contemporary worship service, Immanuel Lutheran Church, Los Altos, CA, 1996.
- Vision 2000 committee, Immanuel Lutheran Church, Los Altos, CA, 1995.
- Organizer and co-founder, Caltech Swedish Club, Pasadena, CA, 1993-1994.
- President, AAL Branch #6905 (a fraternal benefit society), San Gabriel, CA, 1993-1994.
- Arranged, performed, and recorded music for youth group musicals, Trinity Lutheran Church, San Gabriel, CA, 1992, 1993.
Last updated April 2023.
|