Jeff Foster
Jeffrey S. Foster is a professor in the Department of Computer Science.
Foster's research focuses on developing programming languages and software engineering approaches in order to make software easier to write and more reliable, secure, and available.
Some of his recent research efforts include improving security and privacy on Android mobile devices, developing automated techniques to check web application security, exploring the use of program synthesis to automatically construct program code from specifications, and creating new approaches to safely update software at run-time. Much of Foster's prior work focused on static analysis to find bugs and security flaws in practical software systems.
Foster was awarded the National Science Foundation (NSF) CAREER Award in 2004, given to outstanding junior faculty who exemplify the role of teacher-scholars so they can further their research in their areas of expertise. He was also a member of DARPA's Computer Science Study.
Foster received his doctorate in computer science from the University of California, Berkeley, and his M.Eng. and B.S. degrees from Cornell University, also in computer science.
Go here to view Foster's academic publications on Google Scholar.
Publications
2011
2011. State transfer for clear and efficient runtime updates. 2011 IEEE 27th International Conference on Data Engineering Workshops (ICDEW). :179-184.
2011. Directed Symbolic Execution. Static AnalysisStatic Analysis. 6887:95-111.
2011. Evaluating Dynamic Software Update Safety Using Systematic Testing. IEEE Transactions on Software Engineering. PP(99):1-1.
2011. LOCKSMITH: Practical static race detection for C. ACM Trans. Program. Lang. Syst.. 33(1):3:1–3:55-3:1–3:55.
2011. Dynamic inference of static types for ruby. Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages. :459-472.
2011. MultiOtter: Multiprocess Symbolic Execution. Technical Reports of the Computer Science Department.
2010
2010. Adapting Scrum to Managing a Research Group. Technical Reports of the Computer Science Department.
2010. SCORE: agile research group management. Commun. ACM. 53(10):30-31.
2010. Serializing C intermediate representations for efficient and portable parsing. Software: Practice and Experience. 40(3):225-238.
2010. Symbolic security analysis of ruby-on-rails web applications. Proceedings of the 17th ACM conference on Computer and communications security. :585-594.
2010. Viewpoint Adapting agile software development methodology toward more efficient management of academic research groups.. Communications of the ACM. 53(10):30-30.
2010. Mixing type checking and symbolic execution. ACM SIGPLAN Notices. 45:436-447.
2010. From program verification to program synthesis. ACM SIGPLAN Notices. 45:313-326.
2010. Using symbolic evaluation to understand behavior in configurable software systems. Software Engineering, 2010 ACM/IEEE 32nd International Conference on. 1:445-454.
2009
2009. Static type inference for Ruby. Proceedings of the 2009 ACM symposium on Applied Computing. :1859-1866.
2009. Tests to the left of me, types to the right: how not to get stuck in the middle of a ruby execution. Proceedings for the 1st workshop on Script to Program Evolution. :14-16.
2009. Directing JavaScript with arrows. Proceedings of the 5th symposium on Dynamic languages. :49-58.
2009. The ruby intermediate language. SIGPLAN Not.. 44(12):89-98.
2009. Efficient systematic testing for dynamically updatable software. Proceedings of the 2nd International Workshop on Hot Topics in Software Upgrades. :9:1–9:5-9:1–9:5.
2009. Triaging Checklists: a Substitute for a PhD in Static Analysis. Evaluation and Usability of Programming Languages and Tools (PLATEAU) PLATEAU 2009.
2009. Efficient systematic testing for dynamically updatable software. Proceedings of the 2nd International Workshop on Hot Topics in Software Upgrades. :9-9.
2009. Profile-guided static typing for dynamic scripting languages. ACM SIGPLAN Notices. 44(10):283-300.
2009. A Testing Based Empirical Study of Dynamic Software Update Safety Restrictions. Technical Reports of the Computer Science Department.
2008
2008. Rule-based static analysis of network protocol implementations. Information and Computation. 206(2):130-157.
2008. Contextual effects for version-consistent dynamic software updating and safe concurrent programming. Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages. :37-49.
2008. Formalizing Soundness of Contextual Effects. Theorem Proving in Higher Order LogicsTheorem Proving in Higher Order Logics. 5170:262-277.
2008. Checking type safety of foreign function calls. ACM Transactions on Programming Languages and Systems (TOPLAS). 30(4):18-18.
2008. Modular Information Hiding and Type-Safe Linking for C. IEEE Transactions on Software Engineering. 34(3):357-376.
2008. Path projection for user-centered static analysis tools. Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering. :57-63.
2007
2007. Appendix to CMod: Modular Information Hiding and Type-Safe Linking for C. Technical Reports of the Computer Science Department.
2007. Cofactor-independent phosphoglycerate mutase is an essential gene in procyclic form Trypanosoma brucei. Parasitology research. 100(4):887-892.
2007. Improving software quality with static analysis. Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering. :83-84.
2007. Type qualifier inference for Java. ACM SIGPLAN Notices. 42:321-336.
2007. Inferring aliasing and encapsulation properties for Java. ACM SIGPLAN Notices. 42(10):423-440.
2006
2006. Context-sensitive correlation analysis for detecting races. Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI). :320-331.
2006. Existential Label Flow Inference Via CFL Reachability. Static AnalysisStatic Analysis. 4134:88-106.
2006. Flow-insensitive type qualifiers. ACM Transactions on Programming Languages and Systems (TOPLAS). 28(6):1035-1087.
2006. LOCKSMITH: context-sensitive correlation analysis for race detection. SIGPLAN Not.. 41(6):320-331.
2005
2005. Checking type safety of foreign function calls. ACM SIGPLAN Notices. 40:62-72.
2005. Understanding source code evolution using abstract syntax tree matching. Proceedings of the 2005 international workshop on Mining software repositories. :1-5.
2004
2004. A comparison of bug finding tools for Java. Software Reliability Engineering, 2004. ISSRE 2004. 15th International Symposium on. :245-256.
2004. Visualizing type qualifier inference with Eclipse. Proceedings of the 2004 OOPSLA workshop on eclipse technology eXchange. :57-61.
2003
2003. Checking and inferring local non-aliasing. ACM SIGPLAN Notices. 38:129-140.
2002
2002. Flow-sensitive type qualifiers. ACM SIGPLAN Notices. 37(5):1-12.
2001
2001. Detecting format string vulnerabilities with type qualifiers. Proceedings of the 10th conference on USENIX Security Symposium-Volume 10. :16-16.
2000
2000. Polymorphic versus monomorphic points-to analysis. Proceedings of the 7th International Static Analysis Symposium, Lecture Notes in Computer Science. Springer Verlag.
2000. A first step towards automated detection of buffer overrun vulnerabilities. The 2000 Network and Distributed Systems Security Conference. San Diego, CA. 14
1999
1999. A theory of type qualifiers. ACM SIGPLAN Notices. 34:192-203.
1998
1998. Partial online cycle elimination in inclusion constraint graphs. ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI).