We develop systematic tools, theories, and methodologies for ensuring the correctness, reliability, and efficiency of software and systems, focusing on automated techniques such as model checking, machine learning, and program analysis. We target several different challenging kinds of software and systems, ranging from (concurrent) object-oriented programs to real cyber-physical systems such as SWaT.

This page provides an overview of some of our research projects. For more information, please take a look at our publications.

Research Projects

Model Checking

  • PAT: Process Analysis Toolkit — a self-contained framework that supports composing, simulating, and reasoning about domains including concurrent and real-time systems.

Applied Machine Learning

  • ALearner — learns likely assertions based on passing and failing test cases.
  • TLV — combines testing, learning, and validation to construct correct and accurate abstractions of Java classes.
  • Tzuyu — automatically learns stateful typestates through active learning.
  • ZiQian — automatically learns probabilistic models from system executions.
  • Ziyuan — applies bug localisation and active learning to construct “simple” predicates explaining why test cases are failing.


Hybrid Systems Analysis

  • HyChecker — analyses hybrid systems using a combination of random sampling and symbolic execution (“concolic sampling”).

Attestation and Testing of Cyber-Physical Systems

  • Physical Attestation — learning invariants of cyber-physical systems from the traces of mutated PLC software, and applying them to attest the system.
  • Smart Fuzzing — an automated, machine learning guided technique for systematically finding ‘test suites’ of CPS network attacks, without requiring any knowledge of the system’s control programs or physical processes.

Verification of Security Protocols