Section: Overall Objectives

Highlights of the Year

This year, we published 6 articles in international journals and 11 articles in peer-reviewed international conferences, including presitigious conferences such as IEEE S&P (1), ACM CCS (2), Usenix Security (1), ESORICS (2), and POST (3). In addition to these, we published 1 PhD thesis and several technical reports. We also have 3 articles already accepted for publication in international conferences in 2013: POPL (2), NDSS (1).

We released updates to several verification tools and software packages. We discovered and reported major security vulnerabilites in dozens of commercial software packages, hardware devices, and websites. The work of our group also spun-off a new startup company created by Graham Steel, and we continue to collaborate with this startup.

Of our work published in 2013, we would like to highlight the following:

• Our paper in IEEE S&P 2013 [21] presents the first cryptographically verified implementation of TLS.

• Our work on the computational analysis of cryptographic protocols yielded new results and major publications [19] , [26] .

• Our work on formally analyzing web application security uncovered major attacks on browsers and websites and proposed novel language-based verified solutions [20] , [29] , [25] .