George Candea wins 1st Eurosys Jochen Liedtke Young Researcher Award
Prof. George Candea, head of the Dependable Systems Laboratory (DSLAB), was awarded the first Eurosys Jochen Liedtke Young Researcher Award for his outstanding contributions to the field of computer science. Starting in 2014, the award will be given annually to the researchers who contribute to advancement in all areas of computer science directly related to, or having an impact on, the development, design, architecture, deployment and operation of software and hardware systems.
George's research goal is to make computer systems reliable, safe and secure. He is most intrigued by the fundamental challenges that arise when trying to build a "real" computer system consisting of hundreds of threads and millions of lines of code written by hundreds of programmers. He likes solving real-world problems by overcoming theoretical worst-case limitations.
His recent work has focused on techniques and abstractions for automated testing, automated debugging and automated correcting of software flaws.
For automated testing, George's team built upon a classic technique called symbolic execution, and developed a way to employ this technique in complex systems that historically have been off-limits for this approach. George's group developed S2E, a special engine for symbolically executing programs "in vivo," while operating in their live, real environment. He also introduced the notion of symbolic hardware, which provides a way to efficiently represent all possible hardware behavior, while making it possible to test low-level software even when the hardware is not present. George’s team automatically tested dozens of closed-source Windows device drivers and found many bugs. They also used S2E to automatically reverse engineer software. S2E is open-source and currently used by hundreds of engineers and researchers worldwide. In follow-on work, George's group developed dynamic state merging, a new set of algorithms for symbolic execution that improve the efficiency and performance of the technique by up to 13 orders of magnitude.
Automated debugging is George's answer to one of the most challenging tasks for software developers: debugging. Doing this in real systems requires deep knowledge of the code and is time-consuming. Bug reports rarely provide sufficient information, thus forcing developers to turn into detectives searching for an explanation of how the program could have arrived at the reported failure point. Together with his students, George developed a technique that, starting from a mere bug report, "reverse executes" the program to automatically find an execution that leads to the reported bug symptoms. This execution can be played back deterministically in a regular debugger, making it easy for developers to diagnose and fix it.
In the real world, developers rarely have time to fix all the bugs they discover in their software. It is often the most intricate ones (such as concurrency bugs) that remain unresolved. George's team developed the notion of failure immunity, as an alternative to the classic patch-based approach to bug fixing. An example of this is Dimmunix, a system that provides software with deadlock immunity, i.e. a way for programs, once afflicted by a given deadlock, to develop resistance against all future occurrences of the same or similar deadlocks. Whenever a deadlock is encountered, Dimmunix saves a "signature" of how the program arrived at that deadlock, i.e. stores an "antibody" for the deadlock in the software's immune system. Subsequently, Dimmunix monitors program execution to determine whether the program is about to match the signature of a previously encountered deadlock. If so, it subtly alters the thread schedule so as to avoid that deadlock. George's lab also developed Communix, an immunity framework for distributed communities of programs where the affliction of one member leads to the prompt immunization of the entire community.