• Home
  • Microsoft
  • Research in Software Engineering (RiSE)
  • Michal Moskal
Michal Moskal

Michal Moskal
Microsoft · Research in Software Engineering (RiSE)

PhD

About

49
Publications
9,467
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,283
Citations
Additional affiliations
September 2009 - present
Microsoft
Position
  • Researcher
Education
September 2005 - December 2009
University of Wroclaw
Field of study
  • Computer Science
September 2000 - June 2005
University of Wroclaw
Field of study
  • Computer Science

Publications

Publications (49)
Article
A codable computer half the size of a credit card is inspiring students worldwide to develop core computing skills in fun and creative ways.
Conference Paper
Microsoft MakeCode (https://www.makecode.com) is a platform and accompanying web app for simplifying the programming of microcontroller-based devices in the classroom. For each device, MakeCode provides a customized end-to-end experience in the web browser consisting of code editors, device simulator, debugger, compiler to machine code, and linker...
Conference Paper
While the programming of microcontroller-based embeddable devices typically is the realm of the C language, such devices are now finding their way into the classroom for CS education, even at the level of middle school. As a result, the use of scripting languages (such as JavaScript and Python) for microcontrollers is on the rise. We present Static...
Article
Full-text available
Historically, embedded systems development has been a specialist skill, requiring knowledge of low-level programming languages, complex compilation toolchains, and specialist hardware, firmware, device drivers and applications. However, it has now become commonplace for a broader range of non-specialists to engage in the making (design and developm...
Conference Paper
The growing maker movement has created a number of hardware and construction toolkits that lower the barriers of entry into programming for youth and others, using a variety of approaches, such as gaming or robotics. For constructionist-like kits that use gaming, many are focused on designing and programming games that are single player, and few ex...
Conference Paper
Full-text available
Across the globe, it is now commonplace for educators to engage in the making (design and development) of embedded systems in the classroom to motivate and excite their students. This new domain brings its own set of unique requirements. Historically, embedded systems development requires knowledge of low-level programming languages, local installa...
Article
Full-text available
Across the globe, it is now commonplace for educators to engage in the making (design and development) of embedded systems in the classroom to motivate and excite their students. This new domain brings its own set of unique requirements. Historically, embedded systems development requires knowledge of low-level programming languages, local installa...
Conference Paper
Collaborating on a piece of code is notoriously difficult when the number of people involved goes above 1. In particular, every computer programmer dreads the "merge conflict", a brutal, unforgiving experience, where they must reconcile their changes with someone else's. If offline collaboration is already so painful, real-time collaboration seems...
Conference Paper
Software engineering tools and environments are migrating to the cloud, enabling more people to participate in programming from many more devices. To study this phenomenon in detail, we designed, implemented and deployed Touch Develop (url www.touchdevelop.com), a cloud-based integrated development environment (CIDE), which has been online for the...
Patent
A tracing just-in-time (TJIT) compiler system is described for performing parallelization of code in a runtime phase in the execution of code. Upon detecting a hot loop during the execution of the code, the compiler system extracts trace information from sequentially recorded traces. In a first phase, the compiler system uses the trace information...
Patent
The description relates to media files and more particularly to media files that include a program and a human-understandable description of the program. One example can receive executable code. This example can determine a functionality provided by the executable code. The example can also create a media file that stores the executable code and pr...
Conference Paper
Full-text available
JavaScript has long outpaced its original target applications, being used not only for coding complex web clients, but also web servers, game development and even desktop applications. The most appealing advantage of moving applications to JavaScript is its capability to run the same code in a large number of different devices. It is not surprising...
Conference Paper
Live programming allows programmers to edit the code of a running program and immediately see the effect of the code changes. This tightening of the traditional edit-compile-run cycle reduces the cognitive gap between program code and execution, improving the learning experience of beginning programmers while boosting the productivity of seasoned o...
Conference Paper
Full-text available
Mobile devices are becoming the prevalent computing platform for most people. TouchDevelop is a new mobile development environment that enables anyone with a Windows Phone to create new apps directly on the smartphone, without a PC or a traditional keyboard. At the core is a new mobile programming language and editor that was designed with the touc...
Conference Paper
Applications in mobile-marketplaces may leak private user infor-mation without notification. Existing mobile platforms provide lit-tle information on how applications use private user data, making it difficult for experts to validate applications and for users to grant applications access to their private data. We propose a user-aware privacy contr...
Conference Paper
In this tutorial I’ll show how to prove deep functional properties of tricky sequential and concurrent C programs using VCC. I’ll get into induction, termination, algebraic data types, infinite maps, and lemmas, all unified as ghost data and C-like code manipulating it. Once these are provided, verification is automatic, but the development process...
Article
Full-text available
From paper to computers, the way that we have been writing down thoughts and performing symbolic computations has been constantly evolving. Teaching methods closely follow this trend, leveraging existing technology to make teaching more effective and preparing students for their later careers with the available technology. Right now, in 2012, we ar...
Article
Code search has always been essential to software development; it is the cornerstone of activities such as program comprehension and maintenance. Traditionally, code search required learning of complex query languages with very steep learning curves.
Conference Paper
Full-text available
We propose a technique for verifying high-level security properties of cryptographic protocol implementations based on stepwise refinement. Our refinement strategy supports reasoning about abstract protocol descriptions in the symbolic model of cryptography and gradually concretizing them towards executable code. We have implemented the technique w...
Conference Paper
We are experiencing a technology shift: powerful and easy-to-use touchscreen-based mobile devices such as smartphones and tablets are becoming more prevalent than traditional PCs and laptops. Many mobile devices are going to be the first and, in less developed countries, possibly the only computing devices that virtually all people would own and ca...
Conference Paper
Full-text available
The Boogie Verification Debugger (BVD) is a tool that lets users explore the potential program errors reported by a deductive program verifier. The user interface is like that of a dynamic debugger, but the debugging happens statically without executing the program. BVD integrates with the program-verification engine Boogie. Just as Boogie supports...
Conference Paper
Full-text available
Software verification is one of the most prominent application areas for automatic reasoning systems, but their potential improvement is limited by shortage of good benchmarks. Current benchmarks are usually large but shallow, require decision procedures, or have soundness problems. In contrast, we propose a family of benchmarks in first-order logi...
Conference Paper
VCC [2] is an industrial-strength verification environment for low-level concurrent systems code written in C. VCC takes a program (annotated with function contracts, state assertions, and type invariants) and attempts to prove the correctness of these annotations. VCC’s verification methodology [4] allows global two-state invariants that restrict...
Conference Paper
The Boogie Verification Debugger (BVD) is a tool that lets users explore the potential program errors reported by a deductive program verifier. The user interface is like that of a dynamic debugger, but the debugging happens statically without executing the program. BVD integrates with the programverification engine Boogie. Just as Boogie supports...
Chapter
Full-text available
Consider interaction of principals where each principal has its own policy and different principals may not trust each other. In one scenario the principals could be pharmaceutical companies, hospitals, biomedical labs and health related government institutions. In another scenario principals could be navy fleets of different and not necessarily fr...
Article
Full-text available
This tutorial provides basic information about developing specifications and annotations for concurrent C programs, so that they can be verified with VCC. [TODO: add more] 1
Conference Paper
Full-text available
We describe a practical method for reasoning about realistic concurrent programs. Our method allows global two-state invariants that restrict update of shared state. We provide simple, sufficient conditions for checking those global invariants modularly. The method has been implemented in VCC 3, an automatic, sound, modular verifier for concurrent...
Article
Full-text available
The main goal of the VerisoftXT project is the creation of methods and tools which allow for the pervasive formal verification of integrated computer systems, and the prototypical realization of four concrete industrial application tasks. In this paper, we report on two of VerisoftXT’s sub-projects, where formal verification is applied to real-wor...
Conference Paper
This paper defines a suite of benchmark verification problems, to serve as an acid test for verification systems that reason about programs with non-trivial data-structure invariants. Solutions to the benchmarks can be used to understand similarities and differences between verification tools and techniques. The paper also gives a procedure for sco...
Article
Full-text available
Verification for OO programs typically starts from a strongly typed object model in which distinct objects/fields are guaranteed not to overlap. This model simplifies verification by eliminating all “uninteresting” aliasing and allowing the use of more efficient frame axioms. Unfortunately, this model is unsound and incomplete for languages like C,...
Conference Paper
Full-text available
VCC is an industrial-strength verification environment for low-level concurrent system code written in C. VCC takes a program (annotated with function contracts, state assertions, and type invariants) and attempts to prove the correctness of these annotations. It includes tools for monitoring proof attempts and constructing partial counterex- ample...
Conference Paper
Full-text available
The quest for modular concurrency reasoning has led to re- cent proposals that extend program assertions to include not just knowl- edge about the state, but rights to access the state. We argue that these rights are really just sugar for knowledge that certain updates preserve certain invariants.
Article
Full-text available
Boogie is a verification condition generator for an imperative core language. It has front-ends for the programming languages C# and C enriched by annotations in first-order logic, i.e. pre- and postconditions, assertions, and loop invariants. Moreover, concepts like ghost fields, ghost variables, ghost code and specification functions have been in...
Conference Paper
Full-text available
Most system level software is written in C and executed concurrently. Because such software is often critical for system reliability, it is an ideal target for formal verification. Annotated C and the Verified C Compiler (VCC) form the first modular sound verification methodology for concurrent C that scales to real-world production code. VCC is in...
Article
Full-text available
We give a case study for a Satisfiability Modulo Theories (SMT) solver usage in functional verification of a real world operating system. In particular, we present a view of the E-matching pattern annotations on quantified formulas as a kind of logic programming language, used to encode se-mantics of the programming language undergoing verifica-tio...
Article
We present the design of a meta-programming system em- bedded into Nemerle1, a new functional language for the .NET plat- form. The system enables compile-time operations { generation, trans- formation and automated analysis of programs by means of hygienic code quotation, syntax extensions, operating on the code like on any other datatype (e.g. li...
Article
Full-text available
E!cie nt handling of quantifiers is crucial for solving software verification problems. E-matching algorithms are used in satisfability modulo theories solvers that handle quantified formulas through instantiation. Two novel, e!c ient algorithms for solv- ing the E-matching problem are presented and compared to a well-known algorithm described in t...
Conference Paper
Full-text available
Modern Satisfiability Modulo Theories (SMT) solvers are used in a wide variety of software and hardware verification applications. Proof producing SMT solvers are very desirable as they increase confidence in the solver and ease debugging/profiling, while allowing for scenarios like Proof-Carrying Code (PCC). However, the size of typical proofs gen...
Conference Paper
Full-text available
Well-specified programs enable code reuse and therefore techniques that help programmers to annotate code correctly are valuable. We devised an automated analysis that detects unreachable code in the presence of code annotations. We implemented it as an enhancement of the extended static checker ESC/Java2 where it serves as a check of coherency of...
Article
Full-text available
Automated theorem provers are used in extended static check- ing, where they are the performance bottleneck. Extended static checkers are run typically after incremental changes to the code. We propose to exploit this usage pattern to improve performance. We present two ap- proaches of how to do so and a full solution.
Conference Paper
Full-text available
Vx86 is the first static analyzer for sequential Intel x86 assembler code using automated deductive verification. It proves the correctness of assembler code against function contracts, which are expressed in terms of pre-, post-, and frame conditions using first-order predicates. Vx86 takes the annotated assembler code, translates it into C code s...
Article
Full-text available
Folklore has it that verification of functional properties of C programs is intractable without making compromises on soundness of the heap model or coverage of C features. In contrast, we present a heap model for deductive verifi-cation that achieves (1) soundness by explicitly keeping track of runtime type as-signment of pointers, (2) completenes...
Article
Full-text available
The number of applications available in mobile marketplaces is increasing rapidly. It's very easy to become overwhelmed by the sheer size of their codebase. We propose to use code clone analysis to help manage existing applications and develop new ones. First, we propose an automatic application ranking scheme based on (dis)similarity. Traditionall...
Article
Full-text available
We describe a methodology for reasoning about realistic concurrent programs. Our methodology allows two-state invariants that span multiple objects without sacrificing thread- or data-modularity, as well as the derived construction of first-class objects that capture knowledge about the system state. The methodology has been implemented in an autom...
Article
Full-text available
A common problem faced by modern mobile-device platforms is that third-party applications in the marketplace may leak private information without notifying users. Existing approaches adopted by these platforms provide little information on what applications will do with the private information, failing to effectively assist users in deciding whethe...

Network

Cited By