Automating Protections Against Software Supply-Chain Threats: Modern software incorporates thousands of dependencies as a means of accelerating its development and reducing its cost—at a significant risk to safety and security for both developers and end-users. We have built a series of systems targeting the JavaScript dependency ecosystem—the largest such ecosystem out there—automating the analysis, transformation, and synthesis of JavaScript dependencies across a variety of threat models.

Automating the Acceleration and Scale-out of Software Systems: Some programming environments, such as the shell, are used pervasively partly due to their simplicity in combining components (commands) written in multiple languages. Unfortunately, this language-agnostic composition hinders automated parallelization and distribution, often forcing developers to manually rewrite shell programs (and their components) in other languages that support these features. We have built a system, PaSh, and several extensions and sibling projects that offer automated acceleration and scale-out in these environments—along with serious correctness and compatibility guarantees.

Automated Transformation Towards Secure Scalable Computing Paradigms: Recent trends are pushing developers towards new paradigms of secure and scalable computing—e.g., confidential computing, microservices, serverless computing, and edge computing. Transforming a conventional program to leverage these paradigms is a laborious manual process that can lead to suboptimal performance and in many cases even break the program. We are developing systems supporting this kind of decomposition and leveraging special hardware capabilities when these are available in the network.

More info on ATLAS web.

Some Recent Publications

Full list of publications.