Recent advances of large language models (LLMs) have demonstrated strong results in natural language processing (NLP) applications such as dialogue systems, text classification, machine translation, and document summarization. With the improving capability of LLMs, there is a growing need for controllable generation to produce reliable and tailored outputs, especially in applications requiring adherence to specific guidelines or creativity within defined boundaries. However, the prevalent auto-regressive paradigm that trains models to predict the next word given the left-hand-side context makes it challenging to impose structural or content control/constraints on the model.

In this talk, I will present our recent work on controllable natural language generation (NLG) that transcends the conventional auto-regressive formulation, aiming to improve both reliability and creativity of generative models. We introduce controllable decoding-time algorithms that steer auto-regressive models to better conform to specified constraints. We also introduce novel insertion-based generation paradigm that goes beyond auto-regressive models. Our approach enables more reliable and creative outputs, with applications to creative generation, formality-controlled machine translation, and commonsense-compliant generation.

Nanyun (Violet) Peng is an Associate Professor of Computer Science at the University of California, Los Angeles. She received her Ph.D. in Computer Science from Johns Hopkins University, Center for Language and Speech Processing. Her research focuses on robust and generalizable NLP techniques, with applications to creative language generation, multi-modal cross-lingual understanding, and low-resource information extraction. Dr. Peng is a recipient of the NSF CAREER Award, an NIH R01 grant, Google Research Scholar Award, Okawa Foundation Research Grant, and various federal and industrial grants. Her works have won the Outstanding Paper Award at NAACL 2022, Best Paper Awards at AAAI 2022 DLG workshop and EMNLP 2023 PAN-DL workshop, and have been featured at the IJCAI 2022 early career spotlight.

Misinformation poses a growing threat to our society. It has a severe impact on public health by promoting fake cures or vaccine hesitancy, and it is used as a weapon during military conflicts to spread fear and distrust. Current natural language processing (NLP) fact-checking research focuses on identifying evidence and the veracity of a claim. People’s beliefs however often do not depend on the claim and the rational reasoning as such, but on credible content that makes the claim seem more reliable, such as scientific publications or visual content that was manipulated or stems from unrelated context. To combat misinformation we need to show (1) "Why was the claim believed to be true?", (2) "Why is the claim false?", (3) "Why is the alternative explanation correct?". In the talk, I will zoom into two critical aspects of such misinformation supported by credible though misleading content. First, I will present our efforts to dismantle misleading narratives based on fallacious interpretations of scientific publications. Second, I will show how we can use multimodal large language models to (1) detect misinformation based on visual content, (2) provide strong alternative explanations for the visual content.

Iryna Gurevych (PhD 2003, U. Duisburg-Essen, Germany) is professor of Computer Science and director of the Ubiquitous Knowledge Processing (UKP) Lab at the Technical University (TU) of Darmstadt in Germany. In addition, she is Adjunct Professor at MBZUAI in Abu-Dhabi, UAE and Affiliated Professor at INSAIT, Sofia, Bulgaria. Her main research interests are in machine learning for large-scale language understanding and text semantics. Iryna’s work has received numerous awards such as the ACL fellow 2020, the first-ever Hessian LOEWE Distinguished Chair in 2021 (2,5 mil. Euro) and an ERC Advanced Grant in 2022 (2,5 Mil. Euro). Iryna is co-director of the NLP program within ELLIS, a European network of excellence in machine learning. In 2023, she was the president of the Association for Computational Linguistics (ACL). In 2024, she has been elected a Member of the National Academy of Science Leopoldina.

Despite ML models' impressive performance, training and deploying them is currently a somewhat messy endeavor. But does it have to be? In this talk, I overview my work on making ML "predictably reliable"---enabling developers to know when their models will work, when they will fail, and why.

To begin, we use a case study of adversarial inputs to show that human intuition can be a poor predictor of how ML models operate. Motivated by this, we present a line of work that aims to develop a precise understanding of the ML pipeline, combining statistical tools with large-scale experiments to characterize the role of each individual design choice: from how to collect data, to what dataset to train on, to what learning algorithm to use.

Andrew Ilyas is a PhD student in Computer Science at MIT, where he is advised by Aleksander Madry and Constantinos Daskalakis. His research aims to improve the reliability and predictability of machine learning systems. He was previously supported by an Open Philanthropy AI Fellowship.

Platforms, devices, and algorithms are increasingly weaponized to control and harass the most vulnerable among us. Some of these harms occur at the individual and interpersonal level: for example, abusers in intimate partner violence (IPV) use smartphones and social media to surveil and stalk their victims. Others are more subtle, at the level of social structure: for example, in organizations, workplace technologies can inadvertently scaffold exploitative labor practices. This talk will discuss my research (1) investigating these harms via online measurement studies, (2) building interventions to directly assist survivors with their security and privacy; and (3) instrumenting these interventions, to enable scientific research into new types of harms as attackers and technologies evolve. I will close by sharing my vision for centering inclusion and equity in digital safety, security and privacy, towards brighter technological futures for us all.

Emily Tseng is a PhD candidate in Information Science at Cornell University. Her research explores the systems, interventions, and design principles we need to make digital technology safe and affirming for everyone. Emily’s work has been published at top-tier venues in human-computer interaction (ACM CHI, CSCW) and computer security and privacy (USENIX Security, IEEE Oakland). For 6 years, she has served as a researcher-practitioner with the Clinic to End Tech Abuse, where her work has enabled specialized security services for over 600 survivors of intimate partner violence (IPV). Emily is the recipient of a Microsoft Research PhD Fellowship, Rising Stars in EECS, Best Paper Awards at CHI, CSCW, and USENIX Security, and third place in the Internet Defense Prize. She has additionally completed internships at Google and with the Social Media Collective at Microsoft Research. She holds a B.A. from Princeton University.

As ubiquitous AI becomes increasingly integrated into the smart devices that users use daily, the rise of extensive datafication, data surveillance, and monetized behavioral engineering is becoming increasingly noticeable. Sophisticated algorithms are utilized to perform in-depth analyses of people's data, dissecting it to evaluate personal characteristics, thereby making significant and impactful algorithmic decisions for them. In this evolving digital environment, smart devices are no longer just functional tools; they have become active agents in shaping experiences, transforming lives as algorithmic decisions are etching pathways for people's futures. This trend is particularly concerning for vulnerable groups such as children, young people, and other marginalized communities, who may be disproportionately affected by these technological advancements. My research in human-computer interaction focuses on reimagining these data-driven AI systems to better support user autonomy. To address these challenges, I develop tools and systems that empower users and communities, especially those most vulnerable, to control their own experiences and information directly. These include: 1) human-AI interaction tools that enhance user decision-making power, 2) AI literacy tools for a deeper, critical understanding of data-driven systems, and 3) the development of actionable strategies and frameworks for policymakers and industry leaders to ensure the ethical development and use of AI technologies.

Tiffany Ge Wang is a final year doctoral candidate in Computer Science at the University of Oxford. Her research lies at the intersection of human-computer interaction (HCI) and human-centered privacy & security. Through her research, she aims to empower humans, especially those in at-risk populations, to have autonomy in their dealings with data-driven systems. She has received 7 paper awards at top-tier HCI conferences and journals, including ACM CHI and CSCW. Her research has been cited by influential organizations such as the Council of Europe, the UK ICO, the Australian ICO, and the FTC, and has been featured in news articles in El Pais, among others. She holds a bachelor's degree in Physics from the University of Oxford and an MSc in Information Science from University College London.

Searching and exploring information online is integral to everyday life, shaping how we learn, work, and create. As the Web paradigm evolves to include foundational AI models and beyond, we are experiencing a shift in how we search and work. With this transformation in human-AI interaction, it is important to investigate how we might present the user with the right information in the right context, the right representation, and at the right time. In this talk, I will share how I have explored these questions in the context of complex critical information work (such as knowledge discovery, synthesis, and creativity). I present insights about user behaviors and challenges from mixed-method studies observing how people conduct this work using today’s tools. Then, I present novel AI-powered tools and techniques that augment these cognitive processes by mining rich contextual signals from unstructured user-generated artifacts. By deepening our understanding of human cognition and behavior and building tools that understand user contexts more meaningfully, I envision a future where human-AI interactions are more personalized, context-aware, cognitively-convivial, and truly collaborative.

Srishti Palani is a PhD Candidate at the University of California, San Diego. She researches at the intersection of human-computer interaction, cognitive science, and artificial intelligence. She conducts mixed-methods studies to deepen our understanding of how people search, synthesize, and create using vast amounts of disparate information on the Web and Large Language Models. Based on this understanding of user behavior, she develops novel intelligent interaction techniques to augment knowledge discovery, sensemaking, and creativity! Her research has been published at top conferences such as ACM CHI, UIST, CSCW, CHIIR, and SIGIR and has won several prestigious awards, including best paper awards and nominations. Among other honors, she is a Google PhD Research Fellow, Heidelberg Laureate Young Researcher, NCWIT Aspirations in Computing Awardee, and Grace Hopper Research Scholar mentor. During her PhD, she has also worked in top industry research labs such as Microsoft Research, Autodesk Research, and the Allen Institute for AI. Before her PhD, she graduated summa cum laude from Mount Holyoke College, double majoring in Computer Science and Psychology, where her thesis was a CRA Outstanding Undergraduate Researcher Award finalist and awarded the Phi Beta Kappa Research Prize. Outside of research, she is passionate about establishing mentorship programs to bridge the gender gap in tech and teaching computational and design thinking courses to the next generation of innovators.

Data is today generated on smart devices at the edge, shaping a decentralized data ecosystem comprising multiple data owners (clients) and a service provider (server). Clients interact with the server with their personal data for specific services, while the server performs analysis on the joint dataset. However, the sensitive nature of the involved data, coupled with inherent misalignment of incentives between clients and the server, breeds mutual distrust. Consequently, a key question arises: How to facilitate private data analytics within a decentralized data ecosystem, comprising multiple distrusting parties?

My research shows a way forward by designing systems that offer strong and provable privacy guarantees while preserving data functionality. I accomplish this by systematically exploring the synergy between cryptography and differential privacy, exposing their rich interconnections in both theory and practice. In this talk, I will focus on two systems, CryptE and EIFFeL, which enable privacy-preserving query analytics and machine learning, respectively.

Amrita Roy Chowdhury is a CRA/CCC CIFellow at University of California-San Diego, working with Prof. Kamalika Chaudhuri. She graduated with her PhD from University of Wisconsin-Madison and was advised by Prof. Somesh Jha. She completed her Bachelor of Engineering in Computer Science from the Indian Institute of Engineering Science and Technology, Shibpur where she was awarded the President of India Gold Medal. Her work explores the synergy between differential privacy and cryptography through novel algorithms that expose the rich interconnections between the two areas, both in theory and practice. She has been recognized as a Rising Star in EECS in 2020 and 2021, and a Facebook Fellowship finalist, 2021. She has also been selected as a UChicago Rising Star in Data Science, 2021.

We present a number of methods used by central banks and regulatory authorities to assess the stability of the financial system, including stress tests, network analysis of the interbank market and models of interbank contagion and fire sales, aiming to capture the dynamics similar to those observed during the 2008 financial crisis. We will discuss the key role of banks in the money creation process, how this relates to monetary aggregates and what the introduction of central bank digital currencies and their different implementation options may mean in this context.

--

Please contact the office team for link information

Christoph Siebenbrunner is currently affiliated with the research institute for cryptoeconomics at WU Vienna and the strategy and stress testing unit of the banking supervision department at the Austrian National Bank. All views presented are his own. Christoph has previously worked as a post-doctoral research fellow in Milind Tambe's group in the Computer Science department at Harvard SEAS, focussing on restless mulit-armed bandit models and security games in the Artificial Intelligence for Social Good research stream. Christoph holds a PhD in Mathematics from the University of Oxford, where he has also worked as a college lecturer for Mathematics and Statistics, and a PhD in Management Science with a Finance concentration from TU Vienna.

People use storytelling to persuade, to entertain, to inform, and to make sense of their experiences as a community—and as a form of self-disclosure, personal storytelling can strengthen social bonds, build trust, and support the storyteller’s health. But computational analysis of narratives faces challenges, including difficulty in defining stories, lack of annotated datasets, and need to generalize across diverse settings. In this talk, I’ll present work addressing these challenges that uses methods from natural language processing (NLP) to measure storytelling both across online communities and within specific social contexts. This work has implications for NLP methods for story detection, the literary field of narratology, cooperative work in online communities, and better healthcare support. As one part of my research in NLP and cultural analytics, it also highlights how NLP methods can be used creatively and reliably to study human experiences.

Maria Antoniak is a Young Investigator at the Allen Institute for AI. Her research is in natural language processing (NLP) and cultural analytics, and her interests include using computational methods to study stories, values, and healthcare, often in the setting of online communities, and in measuring the reliability of NLP tools when used for curated datasets and human-focused research questions. She earned her PhD in Information Science from Cornell University, has a master’s degree in Computational Linguistics from the University of Washington, and has been recognized as a "Rising Star" in both computer science and data science.

As the Internet's user base and criticality of online services continue to expand daily, powerful adversaries like Internet censors are increasingly monitoring and restricting Internet traffic. These adversaries, powered by advanced network technology, perform large-scale connection tampering attacks seeking to prevent users from accessing specific online content, compromising Internet availability and integrity. In recent years, we have witnessed recurring censorship events affecting Internet users globally, with far-reaching social, financial, and psychological consequences, making them important to study. However, characterizing tampering attacks at the global scale is an extremely challenging problem, given intentionally opaque practices by adversaries, varying tampering mechanisms and policies across networks, evolving environments, sparse ground truth, and safety risks in collecting data. In this talk, I will describe my research on building empirical methods to characterize connection tampering globally and investigate the network technology enabling tampering. First, I will introduce novel network measurement methods for locating and examining network devices that perform censorship. Next, I will describe a modular design for the Censored Planet Observatory that enables it to remotely and sustainably measure Internet censorship longitudinally in more than 200 countries. I will introduce time series analysis methods to detect key censorship events in longitudinal Censored Planet data, and reveal global censorship trends. Finally, I will describe exciting ongoing and future research directions, such as building intelligent measurement platforms.

Ram Sundara Raman is a PhD candidate in Computer Science and Engineering at the University of Michigan, advised by Prof. Roya Ensafi. His research lies in the intersection of computer security, privacy, and networking, employing empirical methods to study large-scale Internet attacks. Ram has been recognized as a Rising Star at the Workshop on Free and Open Communications on the Internet (FOCI), and was awarded the IRTF Applied Networking Research Prize in 2023. His work has helped produce one of the biggest active censorship measurement platforms, the Censored Planet Observatory, and has helped prevent large-scale attacks on end-to-end encryption.

Planetary health is an emerging field which recognizes the inextricable link between human health and the health of our planet. Our planet’s growing crises include biodiversity loss, with animal population sizes declining by an average of 70% since 1970, and maternal mortality, with 1 in 49 girls in low-income countries dying from complications in pregnancy or birth. Underlying these global challenges is the urgent need to effectively allocate scarce resources. My research develops data-driven AI decision-making methods to do so, overcoming the messy data ubiquitous in these settings. Here, I’ll present technical advances in stochastic bandits, robust reinforcement learning, and restless bandits, addressing research questions that emerge from my close collaboration with the public sector. I’ll also discuss bridging the gap from research and practice, including anti-poaching field tests in Cambodia, field visits in Belize and Uganda, and large-scale deployment with SMART conservation software.

Lily Xu is a computer science PhD student at Harvard developing AI techniques to address planetary health challenges. She focuses on advancing methods in machine learning, large-scale planning, and causal inference. Her work building the PAWS system to predict poaching hotspots has been deployed in multiple countries and is being scaled globally through integration with SMART conservation software. Lily co-organizes the Mechanism Design for Social Good (MD4SG) research initiative and serves as AI Lead for the SMART Partnership. Her research has been recognized with best paper runner-up at AAAI, the INFORMS Doing Good with Good OR award, a Google PhD Fellowship, and a Siebel Scholarship.

In the past decade, we have begun grappling with difficult questions related to the rise of AI, including: What rights do individuals have in the age of AI? When should we regulate AI and when should we abstain? What degree of transparency is needed to monitor AI systems? These questions are all concerned with AI accountability: determining who owes responsibility and to whom in the age of AI. In this talk, I will discuss the two main components of AI accountability, then illustrate them through a case study on social media. Within the context of social media, I will focus on how social media platforms filter (or curate) the content that users see. I will review several methods for auditing social media, drawing from concepts and tools in hypothesis testing, causal inference, and LLMs.

Sarah is a final-year PhD student at MIT in the Electrical Engineering and Computer Science Department advised by Professor Aleksander Mądry and Professor Devavrat Shah. Sarah utilizes methods from machine learning, statistical inference, causal inference, and game theory to study responsible computing and AI policy. Previously, she has written about social media, trustworthy algorithms, algorithmic fairness, and more. She is currently interested in AI auditing, AI supply chains, and IP Law x Gen AI.

Living in a computer-reliant era, we’re balancing the power of computer systems with the challenges of ensuring their functional correctness and security. Program analysis has proven successful in addressing these issues by predicting the behavior of a system when executed. However, the complexity of conducting program analysis significantly arises as modern applications employ advanced, high-level programming languages and progressively embody the structure of a composite of independent modules that interact in sophisticated manners. In this talk, I will detail how to apply programming language theory to construct refined vulnerability specifications and reduce the complexity of program analysis across computational, conformational, and compositional aspects: - My primary focus will be on introducing some formal specifications that I have developed for modeling the common exponential worst-case computational complexity inherent in modern programming languages. These specifications have guided the first worst-case polynomial solution for detecting performance bugs in regexes. - I will also briefly discuss why generating inputs with complex conformation to target deep-seated bugs is a significant obstacle for existing techniques, and how I devised strategies to generate more sound input by intentionally satisfying previously unrecognized forms of dependencies. - Finally, as part of a vision to enhance security analysis in modern distributed systems, where different operations can be composed in a complex way and may interleave with each other, I will briefly discuss my efforts to establish new security notions to identify non-atomic operations in smart contracts and deter any potential attacks that might exploit their interactions.

Yinxi Liu is completing her Ph.D. in Computer Science and Engineering at the Chinese University of Hong Kong in July 2024. Her research interests are in the field of computer security, where she constructs refined vulnerability specifications to reduce the complexity of security analysis across computational, conformational, and compositional aspects, as well as develops program analysis techniques that have found hundreds of real-world bugs. In the last year of her Ph.D. study, Yinxi had a research visit at Southern University of Science and Technology. She received Microsoft Research Asia Fellowship Nomination Award in 2022. Her research has been published in prestigious security conferences IEEE S&P and ACM CCS, and has been recognized by Best Software Artifact Nomination Award at ASE 2021.

Establishing strong guarantees for security-critical systems has never been more challenging. On the one hand, systems become increasingly complex and intricate. On the other hand, many security requirements are relational, i.e., they compare several execution traces. Examples are noninterference properties, program indistinguishability, and even algorithmic fairness. Due to their relational nature, formal reasoning about such properties quickly blows up in complexity. In this talk, I discuss the necessity to scale relational reasoning to larger software and black-box systems and present two of our recent contributions to tackle this challenge. In the first part, I focus on formal algorithms for white-box systems and show how to combine relational reasoning with non-relational specifications to enable the synthesis of smart contract control flows. In the second part, I focus on relational testing of black-box systems and illustrate its use in modeling and detecting microarchitectural information leakage in modern CPUs.

Jana Hofmann is a postdoctoral researcher at Azure Research, Microsoft. She obtained her PhD in 2022 at CISPA/Saarland University, for which she was awarded the university’s Dr.-Eduard-Martin Prize for best computer science thesis of the year. Her research interests lie in the intersection of formal methods and security with publications at LICS, CAV, USENIX Security, and CSF. She develops formal algorithms and testing methods for relational properties with a current focus on microarchitectural information leakage.

We need reliable measurement in order to develop rigorous knowledge about ML models and the systems in which they are embedded. But reliable measurement is a really hard problem, touching on issues of reproducibility, scalability, uncertainty quantification, epistemology, and more. In this talk, I will discuss the criteria needed to take reliability seriously — criteria for designing meaningful metrics, and for methodologies that ensure that we can dependably and efficiently measure these metrics at scale and in practice. I will give two examples of my research that put these criteria into practice: (1) large-scale evaluation of training-data memorization in large language models, and (2) evaluating latent arbitrariness in algorithmic fairness binary classification contexts. Throughout this discussion, I will emphasize how important it is to make metrics understandable for other stakeholders in order to facilitate public governance. For this reason, my work aims to design metrics that are legally cognizable — a goal that frames the both my ML and legal scholarship. I will draw on important connections that I have uncovered between ML and law: connections between (1) the generative-AI supply chain and US copyright law, and (2) ML arbitrariness and arbitrariness in legal rules. This talk reflects joint work with collaborators at The GenLaw Center, Cornell CS, Cornell Law School, Google DeepMind, and Microsoft Research.

A. Feder Cooper is a scalable machine-learning (ML) researcher, working on reliable measurement and evaluation of ML. Cooper’s research develops nuanced quality metrics for ML behaviors, and makes sure that we can effectively measure these metrics at scale and in practice. Cooper’s contributions span distributed training, hyperparameter optimization, uncertainty estimation, model selection, and generative AI. To make sure that our evaluation metrics can meaningfully measure our goals for ML, Cooper also leads research in tech policy and law, and spends a lot of time working to effectively communicate the capabilities and limits of AI/ML to the broader public. Cooper is a CS Ph.D. candidate at Cornell University, an Affiliate at the Berkman Klein Center for Internet & Society at Harvard University, co-founder of The Center for Generative AI, Law, and Policy Research (The GenLaw Center), and a student researcher at Google Research. Cooper has received many spotlight and oral awards at top conferences, including NeurIPS, AAAI, and AIES, and was named a "Rising Star in EECS" by MIT.

Despite the remarkable progress in large language models (LLMs), it is well-known that natural language processing (NLP) models tend to fit for spurious correlations, which can lead to unstable behavior under domain shifts or adversarial attacks. In my research, I develop a causal framework for robust and fair NLP, which investigates the alignment of the causality of human decision-making and model decision-making mechanisms. Under this framework, I develop a suite of stress tests for NLP models across various tasks, such as text classification, natural language inference, and math reasoning; and I propose to enhance robustness by aligning model learning direction with the underlying data generating direction. Using this causal inference framework, I also test the validity of causal and logical reasoning in models, with implications for fighting misinformation, and also extend the impact of NLP by applying it to analyze the causality behind social phenomena important for our society, such as causal analysis of policies, and measuring gender bias in our society. Together, I develop a roadmap towards socially responsible NLP by ensuring the reliability of models, and broadcasting its impact to various social applications.

Zhijing Jin (she/her) is a Ph.D. at Max Planck Institute & ETH. Her research focuses on socially responsible NLP by causal inference. Specifically, she works on expanding the impact of NLP by promoting NLP for social good, and developing CausalNLP to improve robustness, fairness, and interpretability of NLP models, as well as analyze the causes of social problems. She has published at many NLP and AI venues (e.g., ACL, EMNLP, NAACL, NeurIPS, AAAI, AISTATS). Her work has been featured in MIT News, ACM TechNews, and Synced. She is actively involved in AI for social good, as the co-organizer of three NLP for Positive Impact Workshops (at ACL 2021, EMNLP 2022, and EMNLP 2024), Moral AI Workshop at NeurIPS 2023, and RobustML Workshop at ICLR 2021. To support the NLP research community, she organizes the ACL Year-Round Mentorship Program. To foster the causality research community, she organized the Tutorial on CausalNLP at EMNLP 2022, and served as the Publications Chair for the 1st conference on Causal Learning and Reasoning (CLeaR). More information can be found on her personal website: zhijing-jin.com

Advancements in Artificial Intelligence (AI) are impacting our lives, raising concerns related to data collection, and social alignment to the resilience of AI models. A major criticism of AI development is the lack of transparency in design and decision-making about AI behavior, potentially leading to adverse outcomes such as discrimination, lack of inclusivity and representation, breaching legal rules, and privacy and security risks. Underserved populations, in particular, can be disproportionately affected by these design decisions. Conventional approaches in soliciting people’s input, such as interviews, surveys, and focus groups, have limitations, such as often lacking consensus, coordination, and regular engagement. In this talk, I will present two examples of sociotechnical interventions for democratic and ethical AI. First, to address the need for ethical dataset creation for AI development, I will present a novel method "BivPriv," drawing ideas from accessible computing and computer vision in creating an inclusive private visual dataset with blind users as contributors. Then I will discuss my more recent work on "Inclusive.AI" funded by OpenAI to address concerns of social alignment by facilitating a democratic platform with decentralized governance mechanisms for scalable user interaction and integrity in the decision-making processes related to AI.

Tanusree Sharma is a Ph.D. candidate of Informatics at the University of Illinois at Urbana Champaign, advised by Yang Wang. She works at the intersection of usable security and privacy, human-centered AI, and decentralized governance, where she uses human-centered methods to design, build, and study systems to address issues around power imbalances in technology design and transparency in complex socio-technical systems (e.g., AI). Tanusree has authored more than 15 publications in premier academic venues across HCI, security, and privacy (e.g., Nature, ACM CHI, Usenix Security). Tanusree’s work is supported by NSF, Meta, and OpenAI. She is awarded the OpenAI "Democratic Input to AI" Grant as part of her dissertation. Her work has been covered by media outlets such as Nature and Forbes. Her research is deeply influenced by her upbringing in her home country, Bangladesh. You can find out more about Tanusree at https://tanusreesharma.github.io/

Today, nearly all internet connections are established using a cryptographic key exchange protocol. Fo r these protocols, we want to guarantee security even if an adversary can control the protocol’s execution or secr ets are leaked. A security analysis takes this into account and provides a mathematical proof relying on computati onal problems that are believed to be hard to solve. In this talk, I will first give an overview of the security p roperties of authenticated key exchange protocols and how to achieve them using cryptographic building blocks. I w ill talk about tight security and the role of idealized models such as the generic group model. In addition to cla ssical Diffie-Hellman based key exchange, I will also present recent results on isogeny-based key exchange, a prom ising candidate for post-quantum secure cryptography. Finally, I will touch upon examples of advanced cryptographi c primitives like ratcheted key exchange for secure messaging.

Doreen Riepel is a postdoctoral researcher at UC San Diego working with Mihir Bellare. Her research focuses on the theoretical foundations of applied cryptography and in particular on provable security. She completed her PhD at Ruhr University Bochum where she was advised by Eike Kiltz and funded by the DFG Cluster of Excellence "Cyber Security in the Age of Large-Scale Adversaries" (CASA). During her PhD, she worked on the design and analysis of key exchange protocols. She interned at NTT Research, where she worked on attribute-based encryption.

Machine learning security is an emerging area with many open questions lacking systematic analysis. In this talk, I will present three new algorithmic tools to address this gap: (1) algebraic proofs; (2) causal reasoning; and (3) sound statistical verification. Algebraic proofs provide the first conceptual mechanism to resolve intellectual property disputes over training data. I show that stochastic gradient descent, the de-facto training procedure for modern neural networks, is a collision-resistant computation under precise definitions. These results open up connections to lattices, which are mathematical tools used for cryptography presently. I will also briefly mention my efforts to analyze causes of empirical privacy attacks and defenses using causal models, and to devise statistical verification procedures with ‘probably approximately correct’ (PAC)-style soundness guarantees.

Teodora Baluta is a Ph.D. candidate in Computer Science at the National University of Singapore. She enjoys working on security problems that are both algorithmic in nature and practically relevant. She is one of the EECS Rising Stars 2023, a Google PhD Fellow, a Dean’s Graduate Research Excellence Award recipient and a President’s Graduate Fellowship recipient at NUS. She interned at Google Brain working in the Learning for Code team. Her works are published in security (CCS, NDSS), programming languages/verification conferences (OOPSLA, SAT), and software engineering conferences (ICSE, ESEC/FSE). More details are available on her webpage: https://teobaluta.github.io/.

People around the world use data-driven online services every day. However, data center attacks and data breaches have become a regular and rising phenomenon. How, then, can one reap the benefits of data-driven statistical insights without compromising the privacy of individuals' data? In this talk, I will first present an overview of three disparate approaches towards privacy-preserving computations today, namely homomorphic cryptography, distributed trust, and secure hardware. These ostensibly unconnected approaches have one unifying element: oblivious algorithms. I will discuss the relevance and pervasiveness of oblivious algorithms in all the different models for privacy-preserving computations. Finally, I highlight the performance and security challenges in deploying such privacy-preserving solutions, and present three of my works that mitigate these obstacles through the design of novel efficient oblivious algorithms.

Sajin Sasy is a PhD candidate in the Cryptography, Security, and Privacy (CrySP) group at the University of Waterloo, advised by Ian Goldberg. His work focuses on improving the security and privacy of individuals' data and communications online, through research spanning the fields of cryptography, design and analysis of algorithms, distributed systems, and machine learning. In particular, his work presents novel privacy-preserving computation protocols that improve asymptotics, underlying constants, wall-clock time, and parallelizability over state-of-the-art solutions. His works have been published in top-tier systems security venues (ACM CCS and NDSS), privacy venues (PoPETs), and in AI and machine learning venues (NeurIPS and AAAI). His research is supported by an NSERC Collaborative Research and Development Grant with the Royal Bank of Canada.

Meta-programming is the art of writing programs that produce or manipulate other programs. This allows programmers to automate error-prone or repetitive tasks, and exploit domain-specific knowledge to customize the generated code. Hence, meta-programming is widely used in a range of technologies: from cryptographic message authentication in secure network protocols to supporting reflection in proof environments such as Lean or Coq.   Unfortunately, writing safe meta-programs remains very challenging and sometimes frustrating, as traditionally errors in the generated code are only detected when running it, but not at the time when code is generated. To make it easier to write and maintain meta-programs, tools that allow us to detect errors during code generation -- instead of when running the generated  code — are essential.   This talk revisits Cocon, a Martin-Loef dependent type theory for defining logics and proofs, as a framework for certified meta-programming. Cocon allows us to represent domain-specific languages (DSL) within the logical framework LF and in addition write recursive meta-programs and proofs about those DSLs. In particular, we can embed into LF STLC or System F, or even MLTT itself and then write programs about those encodings using Cocon itself. This means Cocon can be viewed as a type-theoretic framework for certified meta-programming.   This work revisits the LICS'19 paper "A Type Theory for Defining Logics" by Brigitte Pientka, David Thibodeau, Andreas Abel, Francisco Ferreira, Rébecca Zucchini and reframes it as a foundation for meta-programming. It highlights what is necessary to use Cocon as a type-theoretic foundation for certified meta-programming and how to build such a certified meta-programming system from the ground up.

This is joint work with Jason Z. Hu and Junyoung Jang.

---

Please contact the Office team for Zoom link information.

-

The goal of under-approximating logics, such as incorrectness logic, is to reason about the existence of bugs  by specifying a subset of possible program behaviour. While this approach allows for the specification of a broad range of bugs, it does not account for divergence bugs (such as infinite loops), since the nature of the triple itself does not allow statements about infinite execution traces.     To fill this gap, I will present a divergent variant of the forward under-approximating (FUA) triple. This new separation logic reasons functionally compositionally about divergence bugs and is under-approximating in the sense that all specified bugs are true bugs, that is, reachable. It can detect divergence originating from loops, recursive function calls and goto-cycles.     I will motivate the talk by defining the type of divergent programs we are aiming to reason about, and show how previously introduced logics fall short of specifying their divergent behaviour. After introducing the FUA triple, I will outline how this triple differs from traditional over-approximating  and under-approximating approaches such as (partial) Hoare logic and incorrectness logic. Finally, I will discuss the mechanisms within the FUX framework that enable reasoning about divergence, with a focus on how to prove divergence arising from goto-cycles.

--

Please contact the office team for the Zoom link details.

During and after my bachelor's degree in mathematics and computer science I have worked on verification and program logics through multiple research internships. While working at Imperial College London in 2021, I worked on the soundness proof of under-approximate reasoning about function calls, and co-authored a paper on Exact Separation Logic. My most recent work focuses on providing a logic that can prove the existence on non-terminating execution traces without false-positive bug reports. I get excited about proofs and all things mathy.

Presburger arithmetic, or linear integer arithmetic, is known to have decision procedures that work in triply exponential time.

Jointly with M. Benedikt (Oxford) and A. Mansutti (IMDEA Software Institute), we have recently considered two decidable extensions of Presburger arithmetic: with the power function and with the predicate for the set of powers of 2. No elementary decision procedures were known for these two theories.

In this talk, I will introduce this work and outline ideas behind our results. Namely, we have shown that existence of solutions over N to systems of linear equations and constraints of the form $y = 2^x$ can be decided in nondeterministic exponential time. Also, linear integer arithmetic extended with a predicate for powers of 2 can be decided in triply exponential time.

(Based on a paper in ICALP'23.)

-

Concurrent programs are notoriously hard to write correctly, as scheduling nondeterminism introduces subtle errors that are both hard to detect and to reproduce.

Despite rigorous testing, concurrency bugs such as races conditions often find their way into production software, and manifest as critical security issues. Consequently, considerable effort has been made towards developing efficient techniques for detecting them automatically.

The preferred approach to detect data races is through dynamic analysis, where one executes the software with some test inputs, and checks for the presence of bugs in the execution observed.

Traditional bug detectors however are often unable to discover simple bugs present in the underlying software, even after executing the program several times, because these bugs are sensitive to thread scheduling.

In this talk, I will discuss how runtime predictive analysis can help. Runtime predictive analyses aim to expose concurrency bugs, that can be otherwise missed by traditional dynamic analysis techniques (such as the race detector TSan), by inferring the presence of these bugs in alternate executions of the underlying software, without explicitly re-executing the software program.

I will talk about the fundamentals of and recent algorithmic advances for building highly scalable and sound predictive analysis techniques.

Umang Mathur is a Presidential Young Professor at the National University of Singapore. He received his PhD from the University of Illinois at Urbana Champaign and was an NTT Research Fellow at the Simons Institute for the Theory of Computing at Berkeley. His research broadly centers on developing techniques inspired from formal methods and logic for answering design, analysis and implementation questions in programming languages, software engineering and systems. He has received a Google PhD Fellowship, an ACM SIGSOFT Distinguished Paper Award at ESEC/FSE'18. Best Paper Award at ASPLOS'22 and an ACM SIGPLAN Distinguished Paper Award at POPL'23 for his work on designing techniques and tools for analyzing concurrent software. More details can be found at: https://www.comp.nus.edu.sg/~umathur/

After discovering, back in 2011, that Language Models are useful for modeling repetitive patterns in source code (c.f. The "Naturalness" of software ), and exploring some applications thereof, more recently (since about 2019) our group at UC Davis has focused on the observation that Software, as usually written, is bimodal, admitting both the well-known formal, deterministic semantics (mostly for machines) and probabilistic, noisy semantics (for humans). This bimodality property affords both new approaches to software tool construction (using machine-learning) and new ways of studying human code reading. In this talk, I'll give an overview of the Naturalness/Bimodality program, and some recent work we have done on calibrating the quality of code produced by large language models, and also on "bimodal prompting".

--

Please contact the office team for link information

Prem Devanbu holds a B.Tech from IIT Madras, and a Ph.D from Rutgers University. After circa 20 years at Bell Labs, he joined UC Davis, where he is now a Distinguished Research Professor of Computer Science. He works in Empirical Software Engineering, and AI for SE, specifically exploiting "big data" available in software repositories to support software development. He is a winner of  the ACM SIGSOFT Outstanding Research Award (2021), and the Alexander von Humboldt Research Award (2022), and several best-paper,  most-influential paper, and test-of-time awards. He is a Fellow of the ACM.

Machine learning algorithms curate much of the content we encounter online. However, there is concern that these algorithms may unintentionally amplify hostile discourse and perpetuate divisive 'us versus them' mentalities. How can we re-engineer algorithms to bridge diverse perspectives and facilitate constructive conflict? First, I will discuss results from our randomized experiment measuring effects of Twitter’s engagement-based ranking algorithm on downstream sociopolitical outcomes like the amplification of divisive content and users’ perceptions of their in-group and out-group. Crucially, we found that an alternative ranking, based on users’ stated preferences rather than their engagement, reduced amplification of negative, partisan, and out-group hostile content. Second, I will discuss how we applied these insights in practice to design an objective function for algorithmic ranking at Twitter. The core idea to the approach is to interpret users' actions in a way that is consistent with their stated, reflective preferences. Finally, I will discuss lessons learned and open questions for designing algorithms that support a plurality of viewpoints, with an emphasis on the emerging paradigm of bridging-based ranking.

Smitha Milli is a Postdoctoral Associate at Cornell Tech. They received their BS and PhD in Electrical Engineering & Computer Science from UC Berkeley where they were supported by an NSF Graduate Research Fellowship and an Open Philanthropy AI Fellowship. The goal of their research is to create algorithms that help bridge diverse perspectives and facilitate constructive conflict. To do so, they employ a range of methodologies ranging from randomized trials akin to those in the social sciences, to the creation of novel machine learning algorithms, to economic game-theoretic analyses of socio-technical phenomena. Beyond academic outlets, Smitha’s work has been discussed in live television on ABC7 News, in articles published by Tech Policy Press and the Knight First Amendment Institute on the effects of social media, and in testimony to the House Financial Services Committee.

With the development of big data, machine learning, and AI, existing software engineering techniques must be re-imagined to provide the productivity gains that developers desire. Furthermore, specialized hardware accelerators like GPUs or FPGAs have become a prominent part of the current computing landscape. However, developing heterogeneous applications is limited to a small subset of programmers with specialized hardware knowledge. To improve productivity and performance for data-intensive and compute-intensive development, now is the time that the software engineering community should design new waves of refactoring, testing, and debugging tools for big data analytics and heterogeneous application development.

In this talk, we overview software development challenges in this new data-intensive scalable computing and heterogeneous computing domain. We describe examples of automated software engineering (debugging, testing, and refactoring) techniques that target this new domain and share lessons learned from building these techniques.

Miryung Kim is a Professor and Vice Chair of Graduate Studies in the Department of Computer Science at UCLA. Her current research focuses on software developer tools for data-intensive scalable computing and heterogeneous computing. Her group created automated testing and debugging for Apache Spark and conducted the largest scale study of data scientists in industry. Her group's Java bytecode debloating JDebloat made a tech transfer impact to the Navy.

She produced 6 professors (Columbia, Purdue, two at Virginia Tech, etc). For her impact on nurturing the next generation of academics, she received the ACM SIGSOFT Influential Educator Award. She was a Program Co-Chair of FSE 2022. She was a Keynote Speaker at ASE 2019 and ISSTA 2022. She gave Distinguished Lectures at CMU, UIUC, UMN, UC Irvine, etc. She is a recipient of 10 Year Most Influential Paper Award from ICSME twice, an NSF CAREER award, a Microsoft Software Engineering Innovation Foundation Award, an IBM Jazz Innovation Award, a Google Faculty Research Award, an Okawa Foundation Research Award, and a Humboldt Fellowship from Alexander von Humboldt Foundation. She is an ACM Distinguished Member.

Machine learning provides us with an amazing set of tools to make predictions, but how much should we trust particular predictions? To answer this, we need a way of estimating the confidence we should have in particular predictions of black-box models. Standard tools for doing this give guarantees that are averages over predictions. For instance, in a medical application, such tools might paper over poor performance on one medically relevant demographic group if it is made up for by higher performance on another group. Standard methods also depend on the data distribution being static — in other words, the future should be like the past.

In this talk, I will describe new techniques to address both these problems: a way to produce prediction sets for arbitrary black-box prediction methods that have correct empirical coverage even when the data distribution might change in arbitrary, unanticipated ways and such that we have correct coverage even when we zoom in to focus on demographic groups that can be arbitrary and intersecting. When we just want correct group-wise coverage and are willing to assume that the future will look like the past, our algorithms are especially simple.

This talk is based on two papers, that are joint work with Osbert Bastani, Varun Gupta, Chris Jung, Georgy Noarov, and Ramya Ramalingam.

Please contact the office team for link information

Aaron Roth is the Henry Salvatori Professor of Computer and Cognitive Science, in the Computer and Information Sciences department at the University of Pennsylvania, with a secondary appointment in the Wharton statistics department. He is affiliated with the Warren Center for Network and Data Science, and co-director of the Networked and Social Systems Engineering (NETS) program. He is also an Amazon Scholar at Amazon AWS. He is the recipient of a Presidential Early Career Award for Scientists and Engineers (PECASE) awarded by President Obama in 2016, an Alfred P. Sloan Research Fellowship, an NSF CAREER award, and research awards from Yahoo, Amazon, and Google. His research focuses on the algorithmic foundations of data privacy, algorithmic fairness, game theory, learning theory, and machine learning. Together with Cynthia Dwork, he is the author of the book "The Algorithmic Foundations of Differential Privacy." Together with Michael Kearns, he is the author of "The Ethical Algorithm".

In recent years, humanity has been faced with a new resource - artificial intelligence. AI can be a boon to society, or can also have negative impacts, especially with inappropriate use. My research agenda studies the societal impact of AI, particularly focusing on AI as a resource and on the strategic decisions that agents make in deciding how to use it. In this talk, I will consider some of the key strategic questions that arise in this framework: the decisions that agents make in jointly constructing and sharing AI models, and the decisions that they make in dividing tasks between their own expertise and the expertise of a model. The first of these questions has motivated my work on "model-sharing games", which models scenarios such as federated learning or data cooperatives. In this setting, we view agents with data as game-theoretic players and analyze questions of stability, optimality, and fairness (https://arxiv.org/abs/2010.00753, https://arxiv.org/abs/2106.09580, https:// arxiv.org/abs/2112.00818). Secondly, I will describe some of my ongoing work in modeling human-algorithm collaboration. In particular, I will describe work on best-item recovery in categorical prediction, showing how differential accuracy rates and anchoring on algorithmic suggestions can influence overall performance (https://arxiv.org/abs/2308.11721).

Kate Donahue is a sixth year computer science PhD candidate at Cornell advised by Jon Kleinberg. She works on algorithmic problems relating to the societal impact of AI such as fairness, human/AI collaboration and game-theoretic models of federated learning. Her work has been supported by an NSF fellowship and recognized by a FAccT Best Paper award. During her PhD, she has interned at Microsoft Research, Amazon, and Google.

Large language Models (LLMs, e.g., GPT-3, OPT, TNLG,…) are shown to have a remarkably high performance on standard benchmarks, due to their high parameter count, extremely large training datasets, and significant compute. Although the high parameter count in these models leads to more expressiveness, it can also lead to higher memorization, which, coupled with large unvetted, web-scraped datasets can cause different negative societal and ethical impacts such as leakage of private, sensitive information and generation of harmful text. In this talk, we will go over how these issues affect the trustworthiness of LLMs, and zoom in on how we can measure the leakage and memorization of these models, and mitigate it through differentially private training. Finally we will discuss what it would actually mean for LLMs to be privacy preserving, and what are the future research directions on making large models trustworthy.

Fatemehsadat Mireshghallah is a post-doctoral scholar at the Paul G. Allen Center for Computer Science & Engineering at University of Washington. She received her Ph.D. from the CSE department of UC San Diego in 2023. Her research interests are Trustworthy Machine Learning and Natural Language Processing. She is a recipient of the National Center for Women & IT (NCWIT) Collegiate award in 2020 for her work on privacy-preserving inference, a finalist of the Qualcomm Innovation Fellowship in 2021 and a recipient of the 2022 Rising star in Adversarial ML award.

In this talk, I will explore three elements of designing next-generation machine learning systems: congestion control, network topology, and computation frequency. I will show that fair sharing, the holy grail of congestion control algorithms, is not necessarily desirable for deep neural network training clusters. Then I will introduce a new optical fabric that optimally combines network topology and parallelization strategies for machine learning training clusters. Finally, I will demonstrate the benefits of leveraging photonic computing systems for real-time, energy-efficient inference via analog computing. I will discuss that pushing the frontiers of optical networks for machine learning workloads will enable us to fully harness the potential of deep neural networks and achieve improved performance and scalability.

Manya Ghobadi is faculty in the EECS department at MIT. Her research spans different areas in computer networks, focusing on optical reconfigurable networks, networks for machine learning, and high-performance cloud infrastructure. Her work has been recognized by the ACM-W Rising Star award, Sloan Fellowship in Computer Science, ACM SIGCOMM Rising Star award, NSF CAREER award, Optica Simmons Memorial Speakership award, best paper award at the Machine Learning Systems (MLSys) conference, as well as the best dataset and best paper awards at the ACM Internet Measurement Conference (IMC). Manya received her Ph.D. from the University of Toronto and spent a few years at Microsoft Research and Google before joining MIT.

Given a sentence $\forall X \exists Y \varphi(X, Y)$ in a first-order theory, it is well-known that there exists a function $F(X)$ for $Y$ in $\varphi$ such that $\exists Y \varphi(X, Y)\leftrightarrow \varphi(X, F(X))$ holds for all values of the universal variables X. Such a function is also called a Skolem function, in honour of Thoralf Skolem who first made us of this in proving what are now known as the Lowenheim-Skolem theorems. The existence of a Skolem function for a given formula is technically analogous to the Axiom of Choice -- it doesn't give us any any hint about how to compute the function, although we know such a function exists. Nevertheless, since Skolem functions are often very useful in practical applications (like finding a strategy for a reactive controller), we investigate when is it possible to algorithmically construct a Turing machine that computes a Skolem function for a given first-order formula. We show that under fairly relaxed conditions, this cannot be done. Does this mean the end of the road for automatic synthesis of Skolem functions? Fortunately, no. We show model-theoretic necessary and sufficient condition for the existence and algorithmic synthesizability of Turing machines implementing Skolem functions. We show that several useful first-order theories satisfy these conditions, and hence admit algorithms that can synthesize Turing machines implementing Skolem functions. We conclude by presenting several open problems in this area.

Supratik Chakraborty is Bajaj Group Chair Professor in the Department of Computer Science and Engineering at IIT Bombay. His research interests include applications of formal methods to the verification, synthesis and analysis of complex systems, including hardware, software and machine-learning enabled systems. He also works on constrained sampling and counting and their applications, and on automata theory and logic. Supratik is a Distinguished Member of ACM, a Fellow of Indian National Academy of Engineering and a recipient of the Distinguished Alumnus Award of IIT Kharagpur.

Efficient data-intensive systems translate data into value for decision making. As data is collected at unprecedented rates for timely analysis, the model-centric paradigm of machine learning (ML) is shifting towards a data-centric and system-centric paradigm. Recent breakthroughs in large ML models (e.g., GPT 4 and ChatGPT) and the remarkable outcomes of reinforcement learning (e.g., AlphaFold and AlphaCode) have shown that scalable data management and its optimizations are critical to obtain state-of-the-art performance. This talk aims to answer the question "how to co-design multiple layers of the software/system stack to improve scalability, performance, and energy efficiency of ML and data-intensive systems". It addresses the challenges to build fully automated data-intensive systems that integrate the ML layer, the data management layer, and the compilation-based optimization layer. Finally, this talk will sketch and explore the vision to leverage the computational advantage of quantum computing on hybrid classic/quantum systems in the post-Moore era.

Please contact office for zoom link information.

Bo Zhao is a Lecturer (Assistant Professor) in Computer Science at Queen Mary University of London and an Honorary Research Fellow at Imperial College London. Bo’s research focuses on efficient data-intensive systems at the intersection of scalable reinforcement learning systems and distributed data management systems, as well as compilation-based optimization techniques. His long-term goal is to explore and understand the fundamental connections between data management and modern machine learning systems to make decision-making transparent, robust and efficient. Please find more details via http://www.eecs.qmul.ac.uk/~bozhao/.

In this talk, we consider synthesis of reactive systems interacting with environments using an infinite data domain. A popular formalism for specifying and modelling those systems is register automata and transducers. They extend finite-state automata by adding registers to store data values and to compare the incoming data values against stored ones. Synthesis from nondeterministic or universal register automata is undecidable in general. However, its register-bounded variant, where additionally a bound on the number of registers in a sought transducer is given, is known to be decidable for universal register automata which can compare data for equality, i.e., for data domain (N,=).

After briefly reviewing this result, we extend it to the domain (N,<) of natural numbers with linear order. Our solution is generic: we define a sufficient condition on data domains (regular approximability) for decidability of register-bounded synthesis. It allows one to use simple language-theoretic arguments and avoid technical game-theoretic reasoning. Further, by defining a generic notion of reducibility between data domains, we show the decidability of synthesis in the domain (N^d,<^d) of tuples of numbers equipped with the component-wise partial order and in the domain (Σ*, ≺) of finite strings with the prefix relation.

-

In the zoo of programming languages there are two cute yet rather misbehaved animals, typically found in the Dynamic Languages section: Duck Typing and Monkey Patching.

Duck Typing is hardly seen. You hear a "quack!", but you can’t easily tell if it’s coming form an actual duck, a parrot, or a recording. Monkey Patching, like the name suggests, patches any existing creature to change their behavior. It can even make a dog quack!

While these two animals bring lots of joy, they are also quite dangerous when used in the wild, as they can bring unexpected behavior to the rest of the creatures.

Crystal is a rarity among Static Languages in that it has Duck Typing and Monkey Patching. Given the strong —yet barely visible— fences of types, it manages to properly contain these beasts. In this talk I will present Crystal and provide a glimpse at how it manages to feel so dynamic.

Please contact office for zoom link information.

Beta leads the development of the Crystal Programming Language and teaches about programming languages at Universidad Nacional de Córdoba in Argentina. With a recent past as a researcher in programming languages, he was notoriously the first student of Derek Dreyer to get a PhD at MPI-SWS. He has neither ducks nor monkeys, despite them being effective weapons against Córdoba's venomous scorpions.

Smart contract languages are increasingly popular and numerous, and their programming models and challenges are somewhat unusual. The ubiquitous presence of untrusted external code in such a system makes classical contracts unsuitable for safety verification, while the intentional presence of (potentially-mutating) callbacks via unknown code makes standard static analysis techniques imprecise in general. On the other hand, smart contract languages such as Vyper (for Ethereum) tightly encapsulate direct access to the program's state. In this talk I'll present a methodology for expressing contracts for this language, in a way that supports sound verification of safety properties, with deductive verification tooling (converting Vyper to Viper) to automate the corresponding proofs.

Based on joint work with Christian Bräm, Marco Eilers, Peter Müller and Robin Sierra; see also the accompanying paper at OOPSLA 2021. --- Please contact Office for Zoom link information.

Alex Summers is an Associate Professor of Computer Science at the University of British Columbia (UBC). Prior to moving to UBC in early 2020 he worked at ETH Zurich as a senior researcher in the Chair of Programming Methodology group run by Peter Müller. Alex works the general area of program correctness, including developing new specification and verification logics and type systems, and developing automated tools for constructing proofs about heap-based and concurrent programs, usually building on SMT solvers. He co-ordinated the Viper project for several years, and started the Prusti project providing user-facing verification for Rust. Alex is broadly interested in software verification for a wide variety of concurrent and imperative programming paradigms, and was awarded the 2015 Dahl-Nygaard Junior Prize for his work in these areas.

Cryptography provides the data protection mechanisms that underlie security and privacy in the modern connected world. Given this pivotal role, implementations of cryptographic code must not only be correct, but also meet stringent performance and security requirements. Achieving these aims is often difficult and requires significant investment in software development and manual tuning.

This talk presents two approaches for automating the task of generating correct, secure, and efficient cryptographic code. The first, Rosita, uses a power consumption emulator to detect unintended leaky interactions between values in the microarchitecture. It then rewrites the code to eliminate these interactions and produce code that is resistant to power analysis. The second, CryptOpt, uses evolutionary computation to search for the most efficient constant-time implementation of a cryptographic function. It then formally verifies that the produced implementation is semantically equivalent to the original code.

Rosita is a joint work with Lejla Batina, Łukasz Chmielewski, Francesco Regazzoni, Niels Samwel, Madura A. Shelton, and Markus Wagner.CryptOpt is a joint work with Adam Chlipala, Chitchanok Chuengsatiansup, Owen Conoly, Andres Erbsen, Daniel Genkin, Jason Gross, Joel Kuepper, Chuyue Sun, Samuel Tian, Markus Wagner, and David Wu.

Please contact office for zoom link information.

Yuval Yarom is a Professor of Computer Science at Ruhr University Bochum (RUB). Before joining RUB, he was an Associate Professor at the School of Computer and Mathematical Sciences at the University of Adelaide. He earned a Ph.D. in Computer Science from the University of Adelaide in 2014. Earlier, he was the Vice President of Research in Memco Software and a co-founder and Chief Technology Officer of Girafa.com. Yuval is well-known as a co-discoverer of the Spectre family of microarchitectural side-channel attacks, and has won numerous awards for his research.

Abstract: Quantum pseudorandom states are efficiently constructable states which nevertheless masquerade as Haar-random states to poly-time observers. First defined by Ji, Liu and Song, such states have found a number of applications ranging from cryptography to the AdS/CFT correspondence. A fundamental question is exactly how much entanglement is required to create such states. Haar-random states, as well as t-designs for t≥2, exhibit near-maximal entanglement. Here we provide the first construction of pseudorandom states with only polylogarithmic entanglement entropy across an equipartition of the qubits, which is the minimum possible. Our construction can be based on any one-way function secure against quantum attack. We additionally show that the entanglement in our construction is fully "tunable", in the sense that one can have pseudorandom states with entanglement Θ(f(n)) for any desired function ω(logn)≤f(n)≤O(n). More fundamentally, our work calls into question to what extent entanglement is a "feelable" quantity of quantum systems. Inspired by recent work of Gheorghiu and Hoban, we define a new notion which we call "pseudoentanglement", which are ensembles of efficiently constructable quantum states which hide their entanglement entropy. We show such states exist in the strongest form possible while simultaneously being pseudorandom states. We also describe diverse applications of our result from entanglement distillation to property testing to quantum gravity.



Based on joint work with Bill Fefferman, Soumik Ghosh, Umesh Vazirani, and Zixin Zhou, arXiv:2211.00747

https://theory.stanford.edu/~abouland/

The vast amount of digital data we create and collect has revolutionized many scientific fields and industrial sectors. Yet, despite our success in harnessing this transformative power of data, computational and societal trends emerging from the current practices of data science necessitate upgrading our toolkit for data analysis. In this talk, we discuss how practical considerations such as privacy and memory limits affect statistical inference tasks. In particular, we focus on two examples: First, we consider hypothesis testing with privacy constraints. More specifically, how one can design an algorithm that tests whether two data features are independent or correlated with a nearly-optimal number of data points while preserving the privacy of the individuals participating in the data set. Second, we study the problem of entropy estimation of a distribution by streaming over i.i.d. samples from it. We determine how bounded memory affects the number of samples we need to solve this problem. Please contact office for zoom link information

Maryam Aliakbarpour is a postdoctoral researcher at Boston University and Northeastern University, where she is hosted by Prof. Adam Smith and Prof. Jonathan Ullman. Before that, she was a postdoctoral research associate at the University of Massachusetts Amherst, hosted by Prof. Andrew McGregor (from Fall 2020-Summer 2021). In Fall 2020, she was a visiting participant in the Probability, Geometry, and Computation in High Dimensions Program at the Simons Institute at Berkeley. Maryam received her Ph.D. in September 2020 from MIT, where she was advised by Prof. Ronitt Rubinfeld. Maryam was selected for the Rising Stars in EECS in 2018 and won the Neekeyfar Award from the Office of Graduate Education, MIT.

Feedback allows systems to seamlessly and instantaneously adapt their behavior to their environment and is thereby the fundamental principle of life and technology -- it lets animals breathe, it stabilizes the climate, it allows airplanes to fly, and the energy grid to operate. During the last century, control technology excelled at using this power of feedback to engineer extremely stable, robust, and reliable technological systems.

With the ubiquity of computing devices in modern technological systems, feedback loops become cyber-physical -- the laws of physics governing technological, social or biological processes interact with (cyber) computing systems in a highly nontrivial manner, pushing towards higher and higher levels of autonomy and self-regulation. While reliability of these systems remains of utmost importance, a fundamental understanding of cyber-physical feedback loops for large-scale CPS is lacking far behind.

In this talk I will discuss how a control-inspired view on formal methods for reliable software design enables us to utilize the power of feedback for robust and reliable self-adaptation in cyber-physical system design.

Please contact office team for link information.

Anne-Kathrin Schmuck is an independent research group leader at the Max Planck Institute for Software Systems (MPI-SWS) in Kaiserslautern, Germany. Her group is externally funded by the Emmy Noether Programme of the German Science Foundation (DFG). She received the Dipl.-Ing. (M.Sc) degree in engineering cybernetics from OvGU Magdeburg, Germany, in 2009 and the Dr.-Ing. (Ph.D.) degree in electrical engineering from TU Berlin, Germany, in 2015. Between 2015 and 2020 she was a postdoctoral researcher at MPI-SWS mentored by Rupak Majumdar. She currently serves as the co-chair of the IEEE CSS Technical Committee on Discrete Event Systems and as associate editor for the Springer Journal on Discrete Event Dynamical Systems, the IEEE Open Journal of Control Systems and the IFAC Journal on Nonlinear Analysis: Hybrid Systems. Her current research interests include cyber-physical system design, logical control software synthesis, reliability of automation systems and dynamical systems theory.

We entrust large parts of our daily lives to computer systems, which are becoming increasingly more complex. Developing scalable yet trustworthy techniques for designing and verifying such systems is an important problem. In this talk, our focus will be on automated synthesis, a technique that uses formal specifications to automatically generate systems (such as functions, programs, or circuits) that provably satisfy the requirements of the specification. I will introduce a state-of-the-art synthesis algorithm that leverages artificial intelligence to provide an initial guess for the system, and then uses formal methods to repair and verify the guess to synthesize probably correct system. I will conclude by exploring the potential for combining AI and formal methods to address real-world scenarios. Please contact the office team for link information.

Priyanka Golia is a final year Ph.D. candidate at NUS, Singapore and IIT Kanpur. Her research interests lie at the intersection of formal methods and artificial intelligence. In particular, her dissertation work has focused on designing scalable automated synthesis and testing techniques. Her work has been awarded Best Paper Nomination at ICCAD-21 and Best Paper Candidate at DATE-23. She was named one of the EECS Rising Stars in 2022. She has co-presented a tutorial on Automated Synthesis: Towards the Holy Grail of AI at AAAI-22 and IJCAI-22, and She is co-authoring an upcoming book (on invitation from NOW publishers) on functional synthesis.

Machine learning systems are deployed in diverse decision-making settings in service of stakeholders characterized by complex preferences. For example, in healthcare and finance, we ought to account for various levels of risk tolerance; and in personalized recommender systems, we face users whose preferences evolve dynamically over time. Building systems better aligned with stakeholder needs requires that we take the rich nature of human preferences into account. In this talk, I will give an overview of my research on the statistical and algorithmic foundations for building such human-centered machine learning systems. First, I will present a line of work that draws inspiration from the economics literature to develop learning algorithms that account for the risk preferences of stakeholders. Subsequently, I will discuss a line of work that draws insights from the psychology literature to develop online learning algorithms for personalized recommender systems that account for users’ evolving preferences. Please contact the office team for link information

Leqi Liu is a Ph.D. candidate in the Machine Learning Department at Carnegie Mellon University, where she is advised by Zachary Lipton. Her research revolves around machine learning and behavioral sciences, with a focus on developing a theory for building learning systems that interact with people. She is a recipient of the Open Philanthropy AI Fellowship (2020-2023) and has interned at Apple and DeepMind during her Ph.D.

Please note that this is a virtual talk which will be video casted to Saarbrücken and Kaiserslautern.

Traditionally, multimodal information consumption has been entity-centric with a focus on concrete concepts (such as objects, object types, physical relations, e.g., a person in a car), but lacks ability to understand abstract semantics (such as events and semantic roles of objects, e.g., driver, passenger, mechanic). However, such event-centric semantics are the core knowledge communicated, regardless whether in the form of text, images, videos, or other data modalities.

At the core of my research in Multimodal Information Extraction (IE) is to bring such deep semantic understanding ability to the multimodal world. My work opens up a new research direction Event-Centric Multimodal Knowledge Acquisition to transform traditional entity-centric single-modal knowledge into event-centric multi-modal knowledge. Such a transformation poses two significant challenges: (1) understanding multimodal semantic structures that are abstract (such as events and semantic roles of objects): I will present my solution of zero-shot cross-modal transfer (CLIP-Event), which is the first to model event semantic structures for vision-language pretraining, and supports zero-shot multimodal event extraction for the first time; (2) understanding long-horizon temporal dynamics: I will introduce Event Graph Model, which empowers machines to capture complex timelines, intertwined relations and multiple alternative outcomes. I will also show its positive results on long-standing open problems, such as timeline generation, meeting summarization, and question answering. Such Event-Centric Multimodal Knowledge starts the next generation of information access, which allows us to effectively access historical scenarios and reason about the future. I will lay out how I plan to grow a deep semantic understanding of language world and vision world, moving from concrete to abstract, from static to dynamic, and ultimately from perception to cognition. Please contact the Office team for Zoom link information.

Manling Li is a Ph.D. candidate at the Computer Science Department of University of Illinois Urbana-Champaign. Her work on multimodal knowledge extraction won the ACL'20 Best Demo Paper Award, and the work on scientific information extraction from COVID literature won NAACL'21 Best Demo Paper Award. She was a recipient of Microsoft Research PhD Fellowship in 2021. She was selected as a DARPA Riser in 2022, and a EE CS Rising Star in 2022. She was awarded C.L. Dave and Jane W.S. Liu Award, and has been selected as a Mavis Future Faculty Fellow. She led 19 students to develop the UIUC information extraction system and ranked 1st in DARPA AIDA evaluation in 2019 and 2020. She has more than 30 publications on multimodal knowledge extraction and reasoning, and gave tutorials about event-centric multimodal knowledge at ACL'21, AAAI'21, NAACL'22, AAAI'23, etc. Additional information is available at https://limanling.github.io/.

We consider Kitaev's quantum double model based on a finite group G and describe quantum circuits for (a) preparation of the ground state, (b) creation of anyon pairs separated by an arbitrary distance, and (c) non-destructive topological charge measurement. We show that for any solvable group G all above tasks can be realized by constant-depth adaptive circuits with geometrically local unitary gates and mid-circuit measurements. Each gate may be chosen adaptively depending on previous measurement outcomes. Constant-depth circuits are well suited for implementation on a noisy hardware since it may be possible to execute the entire circuit within the qubit coherence time. Thus our results could facilitate an experimental study of exotic phases of matter with a non-abelian particle statistics. We also show that adaptiveness is essential for our circuit construction. Namely, task (b) cannot be realized by non-adaptive constant-depth local circuits for any non-abelian group G. This is in a sharp contrast with abelian anyons which can be created and moved over an arbitrary distance by a depth-1 circuit composed of generalized Pauli gates.

This is joint work with S. Bravyi, I. Kim and A. Kliesch, arXiv:2205.01933.

-

Memory safety is a major source of vulnerabilities in computer systems. Capability machines are a type of CPUs that support fine-grained privilege separation using capabilities, machine words that include forms of authority. Over the last decade, CHERI, a family of capability machines, has matured into an extensive design featuring, among other, a full UNIX-style operating system, CheriBSD. Building on ideas from CHERI, capability machines are even becoming a reality in industry; the Arm Morello program is a research program led by Arm to create a prototype system on chip with capabilities. One of the promises of capability machines is that they can enforce security properties that we expect from high-level languages, in particular stack safety, even when machine code is linked with other untrusted and possibly adversarial machine code. In this talk, I will discuss what it takes to realise that promise in practice. Since stack safety properties can be quite subtle, it is crucial to formally reason about the enforcement mechanisms enabled by capabilities. This is a complex task that involves reasoning about the interaction between known code, and unknown untrusted code. We use Iris to formally reason about the deep semantic properties of capability machines.

-

The feedback that users provide through their choices (e.g. clicks, purchases) is one of the most common types of data readily available for training autonomous systems, and it is widely used in online platforms. However, naively training systems based on choice data may only improve short-term engagement, but not the long-term sustainability of the platform. In this talk, I will discuss some of the pitfalls of engagement-maximization, and explore methods that allow us to supplement engagement with additional criteria that are not limited to individual action-response metrics. The goal is to give platform operators a new set of macroscopic interventions for steering the dynamics of the platform, providing a new level of abstraction that goes beyond the engagement with individual recommendations or rankings.

Please contact the Office team for Zoom link information.

Thorsten Joachims is a Professor in the Department of Computer Science and in the Department of Information Science at Cornell University, and he is an Amazon Scholar. His research interests center on a synthesis of theory and system building in machine learning, with applications in information access, language technology, and recommendation. His past research focused on counterfactual and causal inference, learning to rank, structured output prediction, support vector machines, text classification, learning with preferences, and learning from implicit feedback. He is an ACM Fellow, AAAI Fellow, KDD Innovations Award recipient, and member of the ACM SIGIR Academy.

AI can enhance programming experiences for a diverse set of programmers: from professional developers and data scientists (proficient programmers) who need help in software engineering and data wrangling, all the way to spreadsheet users (low-code programmers) who need help in authoring formulas, and students (novice programmers) who seek hints when stuck with their programming homework. To communicate their need to AI, users can express their intent explicitly—as input-output examples or natural-language specification—or implicitly—where they encounter a bug (and expect AI to suggest a fix), or simply allow AI to observe their last few lines of code or edits (to have it suggest the next steps).

The task of synthesizing an intended program snippet from the user’s intent is both a search and a ranking problem. Search is required to discover candidate programs that correspond to the (often ambiguous) intent, and ranking is required to pick the best program from multiple plausible alternatives. This creates a fertile playground for combining symbolic-reasoning techniques, which model the semantics of programming operators, and machine-learning techniques, which can model human preferences in programming. Recent advances in large language models like Codex offer further promise to advance such neuro-symbolic techniques.

Finally, a few critical requirements in AI-assisted programming are usability, precision, and trust; and they create opportunities for innovative user experiences and interactivity paradigms. In this talk, I will explain these concepts using some existing successes, including the Flash Fill feature in Excel, Data Connectors in PowerQuery, and IntelliCode/CoPilot in Visual Studio. I will also describe several new opportunities in AI-assisted programming, which can drive the next set of foundational neuro-symbolic advances.

This talk will be a hybrid event. You can join the meeting in E1 5 room 002 in Saarbrücken, in G26 room 111 in Kaiserlautern or via Zoom. Please contact the Office team for Zoom link information.

Sumit Gulwani is a computer scientist connecting ideas, people, and research & practice. He invented the popular Flash Fill feature in Excel, which has now also found its place in middle-school computing textbooks. He leads the PROSE research and engineering team at Microsoft that develops APIs for program synthesis and has incorporated them into various Microsoft products including Visual Studio, Office, Notebooks, PowerQuery, PowerApps, PowerAutomate, Powershell, and SQL. He is a sponsor of storytelling trainings and initiatives within Microsoft. He has started a novel research fellowship program in India, a remote apprenticeship model to scale up impact while nurturing globally diverse talent and growing research leaders. He has co-authored 11 award-winning papers (including 3 test-of-time awards from ICSE and POPL) amongst 140+ research publications across multiple computer science areas and delivered 60+ keynotes/invited talks. He was awarded the Max Planck-Humboldt medal in 2021 and the ACM SIGPLAN Robin Milner Young Researcher Award in 2014 for his pioneering contributions to program synthesis and intelligent tutoring systems. He obtained his PhD in Computer Science from UC-Berkeley, and was awarded the ACM SIGPLAN Outstanding Doctoral Dissertation Award. He obtained his BTech in Computer Science and Engineering from IIT Kanpur, and was awarded the President’s Gold Medal.

Theoretical Reflections on Quantum Supremacy

Google's 2019 experiment and their announcement of quantum supremacy relied on the inability of classical computers to efficiently carry out a task called random quantum circuit sampling (RCS). I will describe recent theoretical developments on the complexity of RCS. I will also describe a different line of work that provides scalable and rigorous proofs of quantumness based on an approach called the cryptographic leash, and the prospects of a concrete experimental challenge based on this approach.

https://people.eecs.berkeley.edu/~vazirani/

Quantum money is a cryptographic protocol where one party (the mint) can prepare quantum states (each with a unique serial number) that can be verified but not duplicated. We sketch our 2010 quantum money protocol based on knot invariants and planar embeddings of knots, and sketch other proposals for quantum money that have been made since then, including our recent failed protocol.

Peter Williston Shor is a professor of applied mathematics at MIT. He is known for his work on quantum computation, in particular for devising Shor's algorithm, a quantum algorithm for factoring exponentially faster than the best currently-known algorithm running on a classical computer.

"Analogue" Hamiltonian simulation involves engineering a Hamiltonian of interest in the laboratory and studying its properties experimentally. Large-scale Hamiltonian simulation experiments have been carried out in optical lattices, ion traps and other systems for two decades. This is often touted as the most promising near-term application of quantum computing technology, as it is argued it does not require a scalable, fault-tolerant quantum computer.

Despite this, the theoretical basis for Hamiltonian simulation is surprisingly sparse. Even a precise definition of what it means to simulate a Hamiltonian was lacking. In my talk, I will explain how we put analogue Hamiltonian simulation on a rigorous theoretical footing, by drawing on techniques from Hamiltonian complexity theory in computer science, and Jordan and C* algebra results in mathematics.

I will then explain how this proved to be far more fruitful than a mere mathematical tidying-up exercise. It led to the discovery of universal quantum Hamiltonians [Science, 351:6 278, p.1180 (2016); Proc. Natl. Acad. Sci. 115:38 p.9497, (2018); J. Stat. Phys. 176:1 p228\u2013261 (2019); [[[01]https://link.springer.com/article/10.1007/s00023-021-01111-7][Annales Henri Poincar?, 23 p.223 (2021)], later shown to have a deep connection back to quantum complexity theory [PRX Quantum 3:010308 (2022)]. The theory has also found applications in developing new and more efficient fermionic encodings for quantum computing [Phys. Rev. B 104:035118 (2021)], leading to dramatic reductions in the resource requirements for Hamiltonian simulation on near-term quantum computers [Nature Commun. 12:1, 4929 (2021)]. It has even found applications in quantum gravity, leading to the first toy models of AdS/CFT to encompass energy scales, dynamics, and (toy models of) black hole formation [J. High Energy Phys. 2019:17 (2019); J. High Energy Phys. 2022:52 (2022)].

-

Given an integer n ≥ 2, let P (n) stand for its largest prime factor. Given integers k ≥ 2 and ℓ ≥ 2, consider the set Ek,ℓ of those integers n ≥ 2 for which P (n + i)ℓ | n + i for i = 0, 1, . . . , k. Each of these sets is very small. For instance, the smallest element of E3,2 is 1 294 298, the smallest known element of E3,3 has 77 digits and no elements of E4,2 are known, even though all these sets are believed to be infinite. In this talk, using elementary, analytic and probabilistic approaches, we will shed some light on these sets and raise several open problems. This is joint work with Nicolas Doyon, Florian Luca and Matthieu Moineau.

---

This talk will be a hybrid event. You can join the meeting in E1 5 room 002 in Saarbrücken, in G26 room 111 in Kaiserlautern or via Zoom. Please contact the Office team for Zoom link information.

Jean-Marie De Koninck has been a researcher and professor of mathematics at Université Laval (Québec) for more than forty years and is well known to the scientific community for his work in analytic number theory. He is the author of 18 books and 163 peer reviewed articles in scientific journals. He is now Professor Emeritus. Professor De Koninck has also hosted his own science outreach television show "C'est mathématique!", broadcasted on the French-Canadian channel (Canal Z) and later on TFO (Télévision française de l'Ontario). In 2005, he created the Sciences and Mathematics in Action (SMAC) program whose purpose is to excite kids about science and mathematics. He is well known by the general public as the founder of Operation Red Nose, a road safety operation involving over 55,000 volunteers across Canada. He was also very active in the media during the ten years he acted as President of the Table québécoise de la sécurité routière. He is now a member of the Board for the Société de l'assurance automobile du Québec. Many have also seen him as a color-commentator for nationally televised swim events.

The Skolem Problem asks how to determine algorithmically whether a given linear recurrence sequence (such as the Fibonacci numbers) has a zero. It is a central question in dynamical systems and number theory, and has many connections to other branches of mathematics and computer science. Unfortunately, its decidability has been open for nearly a century! In this talk, I will present a brief survey of what is known on the Skolem Problem and related questions, including recent and ongoing developments.

---

This talk will be a hybrid event. You can join the meeting in E1 5 room 002 in Saarbrücken, in G26 room 111 in Kaiserlautern or via Zoom. Please contact the Office team for Zoom link information.

-

Mistrust over traditional financial institutions is motivating the development of decentralized financial infrastructures based on blockchains. In particular, Consortium blockchains (such as the Linux Foundation Hyperledger and Facebook’s diem) are emerging as the approach preferred by businesses. These systems allow only a well-known set of mutually distrustful parties to add blocks to the blockchain; in this way, they aim to retain the benefits of decentralization without embracing the cyberpunk philosophy that informed Nakamoto’s disruptive vision. At the core of consortium blockchains is State Machine Replication, a classic technique borrowed from fault tolerant distributed computing; to ensure the robustness of their infrastructure, consortium blockchains actually borrow the Byzantine-tolerant version of this technique, which guarantees that the blockchain will operate correctly even if as many as about a third of the contributing parties are bent on cheating.

But, sometimes, "a borrowing is a sorrowing".

I will discuss why Byzantine-tolerant state machine replication is fundamentally incapable of recognizing, never mind preventing, an ever present scourge of financial exchanges: the fraudulent manipulation of the order in which transactions are processed — and how its specification needs to be expanded to give it a fighting chance.

But is it possible to completely eliminate the ability of Byzantine parties to engage in order manipulation? What meaningful ordering guarantees can be enforced? And at what cost?

---

This talk will be a hybrid event. You can either attend in room 002 or via Zoom. Please contact the office team for zoom link information.

Lorenzo Alvisi is the Tisch University Professor of Computer Science at Cornell University. Prior to joining Cornell, he held an endowed professorship at UT Austin, where he is now a Distinguished Professor Emeritus. Lorenzo received his Ph.D. in 1996 from Cornell, after earning a Laurea cum Laude in Physics from the University of Bologna. His research interests span theory and practice of distributed computing, with a focus on scaling strong consistency and dependability guarantees. He is a Fellow of the ACM and IEEE , an Alfred P. Sloan Foundation Fellow, and the recipient of a Humboldt Research Award, an NSF Career Award, and several teaching awards. He serves on the editorial boards of ACM TOCS and Springer’s Distributed Computing, and on the steering committee of Eurosys and SOSP . Besides distributed computing, he is passionate about classical music and red Italian motorcycles.

Quantum algorithms are useful for a variety of problems in search and > optimization. This line of work started with Grover's quantum search algorithm > which achieved a quadratic speedup over naive exhaustive search but has now > developed far beyond it. > > In this talk, we describe three recent results in this area: > > 1. We show that, for any classical algorithm that uses a random walk to find an > object with some property (by walking until the random walker reaches such an > object), there is an almost quadratically faster quantum algorithm > (https://arxiv.org/abs/1903.07493 ). > > 2. We show that the best known exponential time algorithms for solving several > NP-complete problems (such as Travelling Salesman Problem or TSP) can be > improved quantumly  (https://arxiv.org/abs/1807.05209 > ). For example, for the > TSP, the best known classical algorithm needs time O(2^n) but our quantum > algorithm solves the problem in time O(1.728...^n). > > 3. We show a almost quadratic quantum speedup for a number of geometric problems > such as finding three points that are on the same line > (https://arxiv.org/abs/2004.08949 ).

-

In this paper, we study how bandit algorithms in a bounded reward setting can be contaminated and fooled to learn wrong actions. In particular, we consider a strong attacker model in which the attacker aims to fool the learning algorithm to learn a suboptimal bandit policy. To do so, this attacker can observe both the selected actions and their corresponding rewards, and can contaminate the rewards with additive noise. We show that any bandit algorithm with regret O(\log T) can be forced to suffer a linear regret with an expected amount of contamination O(\log T). We show that this amount of contamination is also necessary, as we prove that there exists a no-regret bandit algorithm, specifically the classical UCB, that requires \Omega(\log T) amount of contamination to suffer linear regret. To combat such poisoning attacks, our second main contribution is to propose verification-based mechanisms, which use a verification scheme to access a limited number of uncontaminated rewards. In particular, for the case of unlimited verifications, we show that with O(\log T) expected number of verifications, a simple modified version of the Explore-then-Commit type bandit algorithm can restore the order optimal O(\log T) regret irrespective of the amount of contamination used by the attacker. We also provide a UCB-like verification scheme, called Secure-UCB, that also enjoys full recovery from any attacks, also with O(\log T) expected number of verifications. To derive a matching lower bound on the number of verifications, we also prove that for any order-optimal bandit algorithm, this number of verifications O(\log T) is necessary to recover the order-optimal regret. On the other hand, when the number of verifications is bounded above by a budget B, we propose a novel algorithm, Secure-BARBAR, which provably achieves O(\min\{C,T/sqrt{B} \}) regret with high probability against weak attackers (i.e., attackers who have to place the contamination \emph{before} seeing the actual pulls of the bandit algorithm), where C is the total amount of contamination by the attacker. This new result breaks the known \Omega(C) lower bound of the non-verified setting if C is large.  

This is joint work with Anshuka Rangi and Haifeng Xu.

Please contact crichter@mpi-sws.org for link information

Long Tran-Thanh is an Associate Professor in Artificial Intelligence at the University of Warwick. Long has been doing active research in a number of key areas of Artificial Intelligence and multi-agent systems, mainly focusing on multi-armed bandits, game theory, and incentive engineering, and their applications to crowdsourcing, human-agent learning, and AI for Social Good. He has published more than 80 papers at top AI/ML conferences (including AAAI, AAMAS, CVPR, ECAI, IJCAI, NeurIPS, UAI) and journals (JAAMAS, AIJ), and have received a number of prestigious national/international awards, including 2 best paper honourable mention awards at top-tier AI conferences (AAAI, ECAI), 2 Best PhD Thesis Awards (in the UK and in Europe), and the AIJ Prominent Paper Award, for being the author of one of the most influential papers published at the flagship journal in AI. Long currently serves as a board member (2018-2024) of the IFAAMAS Directory Board, the main international governing body of the International Federation for Autonomous Agents and Multiagent Systems, a major sub-field of the AI community. He is also the local chair of the AAMAS 2021 and AAMAS 2023 conference, the flagship international conference of the multi-agent systems community.

The classic textbook approach to designing and analyzing algorithms for combinatorialproblems considers worst-case instances of the problem, about which the algorithm designer has no prior information. Since for many problems such worst-case guarantees are quite weak, practitioners often employ a data-driven algorithm design approach; specifically,they use machine learning and instances of the problem from their specific domain to learn a method that works well in that domain. Historically, such data-driven algorithmic techniques have come with no performance guarantees. In this talk, I will describeour recent work on providing performance guarantees for data-driven algorithm design both in the distributional and online learning formalizations.

--

Please contact the office team for zoom link information.

Maria Florina Balcan is the Cadence Design Systems Professor of Computer Science in the School of Computer Science at Carnegie Mellon University. Her main research interests are machine learning, artificial intelligence, theory of computing, and algorithmic game theory. She is a Simons Investigator, a Sloan Fellow, a Microsoft Research New Faculty Fellow, and  recipient of the ACM Grace Murray Hopper Award, an NSF CAREER award, and several best paper awards.   She has co-chaired major conferences in the field: the Conference on Learning Theory (COLT) 2014, the International Conference on Machine Learning (ICML) 2016, and Neural Information Processing Systems (NeurIPS) 2020. She has also  been  the general chair for the International Conference on Machine Learning (ICML) 2021, a board member of the International Machine Learning Society, and a co-organizer for the Simons semester on Foundations of Machine Learning.

This talk outlines my work building systems that enable applications to securely interact with users' data while preserving individuals' privacy. First, I'll talk bout how we can bring the power of secure computation to difficult settings: TimeCrypt is an encrypted time-series database design that meets the scalability and low-latency requirements associated with time-series workloads. Then, I'll discuss work on using end-to-end privacy as a strong foundation for data protection: Zeph is a new end-to-end privacy system that provides the means to extract value from encrypted streaming data safely while ensuring data confidentiality and privacy by serving only privacy-compliant views of the data. Throughout the talk, I will discuss the prevalent challenges of efficiency, functionality, and accessibility in this research area; my approach to addressing these challenges; and future directions that will help bring end-to-end privacy to an even wider range of applications.

Please contact MPI-SWS Office Team for link information

Adam Dziedzic is a Postdoctoral Fellow at the Vector Institute and the University of Toronto, advised by Prof. Nicolas Papernot, where he is working on trustworthy ML. Adam finished his Ph.D. at the University of Chicago, advised by Prof. Sanjay Krishnan, where he worked on input and model compression for adaptive and robust neural networks. He obtained his Bachelor's and Master's degrees from Warsaw University of Technology. Adam was also studying at DTU and EPFL. He worked at CERN, Barclays Investment Bank, Microsoft Research, and Google.

The potential of data to transform science and society has spurred unparalleled efforts to collect it in increasingly sensitive and granular forms. This accumulation of sensitive data did not materialize without issues and has raised severe societal concerns. These concerns appear amply justified by numerous reports of data breaches and misuse. Today, we are at an inflection point: if we want to continue enjoying the benefits of data-driven services, we need to place privacy at the center of our data ecosystems.

This talk outlines my work building systems that enable applications to securely interact with users' data while preserving individuals' privacy. First, I'll talk bout how we can bring the power of secure computation to difficult settings: TimeCrypt is an encrypted time-series database design that meets the scalability and low-latency requirements associated with time-series workloads. Then, I'll discuss work on using end-to-end privacy as a strong foundation for data protection: Zeph is a new end-to-end privacy system that provides the means to extract value from encrypted streaming data safely while ensuring data confidentiality and privacy by serving only privacy-compliant views of the data. Throughout the talk, I will discuss the prevalent challenges of efficiency, functionality, and accessibility in this research area; my approach to addressing these challenges; and future directions that will help bring end-to-end privacy to an even wider range of applications.

---

Please contact the MPI-SWS Office Team for the ZOOM link information.

Anwar Hithnawi is an Ambizione research fellow at ETH Zurich where she leads the Privacy-Preserving Systems Lab (pps-lab.com). She works at the intersection of systems, data privacy, and applied cryptography. Anwar received her doctoral degree in computer science from ETH Zurich. Prior to joining ETH Zurich as a research fellow in 2020, she was a postdoctoral researcher at UC Berkeley. She is the recipient of an SNSF Ambizione grant, the Facebook Research Award, an SNSF Postdoctoral Fellowship, and the Google Anita Borg Memorial Scholarship.

Digital technologies are evolving with advanced capabilities. To function, these technologies rely on collecting and processing various types of sensitive data from their users. These data practices could expose users to a wide array of security and privacy risks. My research at the intersection of security, privacy, and human-computer interaction aims to help all people have safer interactions with digital technologies. In this talk, I will share results on people’s security and privacy preferences and attitudes toward technologies such as smart devices and remote communication tools. I will then describe a security and privacy transparency tool that I designed and evaluated to address consumers’ needs when purchasing and interacting with smart devices. I will end my talk by discussing emerging and future directions for my research to design equitable security and privacy tools and policies by studying and designing for the needs of diverse populations.

Please contact MPI-SWS Office Team for link information

Pardis Emami-Naeini is a postdoctoral researcher in the Security and Privacy Research Lab at the University of Washington. Her research is broadly at the intersection of security and privacy, usability, and human-computer interaction. Her work has been published at flagship venues in security (IEEE S&P, SOUPS) and human-computer interaction and social sciences (CHI, CSCW) and covered by multiple outlets, including Wired and the Wall Street Journal. Her research has informed the National Institute of Standards and Technology (NIST), Consumer Reports, and World Economic Forum in their efforts toward designing usable and informative security and privacy labels for smart devices. Pardis received her B.Sc. degree in computer engineering from Sharif University of Technology in 2015 and her M.Sc. and Ph.D. degrees in computer science from Carnegie Mellon University in 2018 and 2020, respectively. She was selected as a Rising Star in electrical engineering and computer science in October 2019 and was awarded the 2019-2020 CMU CyLab Presidential Fellowship.

Scale appears to be the winning recipe in today's AI leaderboards. And yet, extreme-scale neural models are still brittle to make errors that are often nonsensical and even counterintuitive. In this talk, I will argue for the importance of knowledge, especially commonsense knowledge, and demonstrate how smaller models developed in academia can still have an edge over larger industry-scale models, if powered with knowledge.

First, I will introduce "symbolic knowledge distillation", a new framework to distill larger neural language models into smaller commonsense models, which leads to a machine-authored KB that wins, for the first time, over a human-authored KB in all criteria: scale, accuracy, and diversity. Next, I will present an experimental conceptual framework toward computational social norms and commonsense morality, so that neural language models can learn to reason that "helping a friend" is generally a good thing to do, but "helping a friend spread fake news" is not. Finally, I will discuss an approach to multimodal script knowledge demonstrating the power of complex raw data, which leads to new SOTA performances on a dozen leaderboards that require grounded, temporal, and causal commonsense reasoning.

Yejin Choi is Brett Helsel Professor at the Paul G. Allen School of Computer Science & Engineering at the University of Washington and a senior research manager at AI2 overseeing the project Mosaic. Her research investigates a wide range of problems including commonsense knowledge and reasoning, neuro-symbolic integration, multimodal representation learning, and AI for social good. She is a co-recipient of the ACL Test of Time award in 2021, the CVPR Longuet-Higgins Prize in 2021, a NeurIPS Outstanding Paper Award in 2021, the AAAI Outstanding Paper Award in 2020, the Borg Early Career Award in 2018, the inaugural Alexa Prize Challenge in 2017, IEEE AI's 10 to Watch in 2016, and the ICCV Marr Prize in 2013. https://homes.cs.washington.edu/~yejin/

Experts recommend a plethora of advice for staying safe online, yet people still use weak passwords, fall for scams, or ignore software updates. Such inconsistent adoption of protective behaviors is understandable given the need to navigate other priorities and constraints in everyday life. Yet when the actions taken are insufficient to mitigate potential risks, it leaves people – especially those already marginalized – vulnerable to dire consequences from financial loss to abuse and harassment.

In this talk, I share findings from my research on hurdles that prevent people from adopting secure behaviors and solutions that encourage adoption in three domains: designing data breach notifications, informing privacy interface guidelines in regulations, and supporting survivors of tech-enabled abuse. (1) Even small changes in system design can make a big difference. I empirically show consumers’ low awareness of data breaches, rational justifications and biases behind inaction, and how to motivate consumers to change breached passwords through nudges in breach notifications. (2) Public policy is essential in incentivizing companies to implement better data practices, but policymaking needs to be informed by evidence from research. I present a series of user studies that led to a user-tested icon for conveying the "do not sell my personal information" opt-out, now part of the California Consumer Privacy Act (CCPA). (3) Different user groups have different threat models and safety needs, requiring special considerations in developing and deploying interventions. Drawing on findings from focus groups, I discuss how computer security support agents can help survivors of tech-enabled abuse using a trauma-informed approach. Altogether, I highlight the impact of my research on technology design, public policy, and educational efforts. I end the talk by discussing how my interdisciplinary, human-centered approach in solving security and privacy challenges can apply to future work such as improving expert advice and developing trauma-informed computing systems.

Please contact MPI-SWS Office Team for link information

Yixin Zou (she/her) is a Ph.D. Candidate at the University of Michigan School of Information. Her research interests span cybersecurity, privacy, and human-computer interaction, with an emphasis on improving people’s adoption of protective behaviors and supporting vulnerable populations (e.g., survivors of intimate partner violence and older adults) in protecting their digital safety. Her research has received a Best Paper Award at the Symposium on Usable Privacy and Security (SOUPS) and two Honorable Mentions at the ACM Conference on Human Factors in Computing Systems (CHI). She has been an invited speaker at the US Federal Trade Commission's PrivacyCon, and she co-led the research effort that produced the opt-out icon in the California Consumer Privacy Act (CCPA). She has also collaborated with industry partners at NortonLifeLock and Mozilla, and her research at Mozilla has directly influenced the product development of Firefox Monitor. Before joining the University of Michigan, she received a Bachelor’s degree in Advertising from the University of Illinois at Urbana-Champaign.

Policy synthesis or algorithms to design policies for computational systems is one of the fundamental problems in computer science. Standing on the shoulders of simplified yet concise task-specification using high-level logical specification languages, this talk will cover synthesis algorithms using two contrasting approaches. First, the classical logic-based approach of reactive synthesis; Second, the modern learning-based approach of reinforcement learning. This talk will cover our scalable and efficient state-of-the-art algorithms for synthesis from high-level specifications using both these approaches, and investigate whether formal guarantees are possible. We will conclude with a forward-looking view of these contributions to trustworthy AI.

Please contact MPI-SWS Office Team for link information

Suguman Bansal is an NSF/CRA Computing Innovation Postdoctoral Fellow at the University of Pennsylvania, mentored by Prof. Rajeev Alur. Her primary area of research is Formal Methods and Programming Langauge, and her secondary area of research is Artificial Intelligence. She is the recipient of the 2020 NSF CI Fellowship and has been named a 2021 MIT EECS Rising Star. Her research has appeared at venues in formal methods and programming languages (CAV, POPL, TACAS), and artificial intelligence and machine learning (AAAI, NeurIPS). She completed her Ph.D. in 2020, advised by Prof. Moshe Y. Vardi, from Rice University. She received B.S. with Honors in 2014 from Chennai Mathematical Institute.

As humans, our understanding of language is grounded in a rich mental model about "how the world works" – that we learn through perception and interaction. We use this understanding to reason beyond what is literally said, imagining how situations might unfold in the world. Machines today struggle at making such connections, which limits how they can be safely used. In my talk, I will discuss three lines of work to bridge this gap between machines and humans. I will first discuss how we might measure grounded understanding. I will introduce a suite of approaches for constructing benchmarks, using machines in the loop to filter out spurious biases. Next, I will introduce PIGLeT: a model that learns physical commonsense understanding by interacting with the world through simulation, using this knowledge to ground language. PIGLeT learns linguistic form and meaning – together – and outperforms text-to-text only models that are orders of magnitude larger. Finally, I will introduce MERLOT, which learns about situations in the world by watching millions of YouTube videos with transcribed speech. The model learns to jointly represent video, audio, and language, together and over time – learning multimodal and neural script knowledge representations. Together, these directions suggest a path forward for building machines that learn language rooted in the world.

Please contact MPI-SWS Office Team for link information

Rowan Zellers is a final year PhD candidate at the University of Washington in Computer Science & Engineering, advised by Yejin Choi and Ali Farhadi. His research focuses on enabling machines to understand language, vision, sound, and the world beyond these modalities. He has been recognized through NSF and ARCS Graduate Fellowships, and a NeurIPS 2021 outstanding paper award. His work has appeared in several media outlets, including Wired, the Washington Post, and the New York Times. In the past, he graduated from Harvey Mudd College with a B.S. in Computer Science & Mathematics, and has interned at the Allen Institute for AI.

Complex social and political processes at many scales—from interpersonal networks of friends to international networks of countries—are a central theme of computational social science. Modern methods of data science that can contend with the complexity of data from such processes have the potential to break ground on long-standing questions of critical relevance to public policy. In this talk, I will present two lines of work on 1) estimating the causal effects of friend-to-friend mobilization in US elections, and 2) inferring complex latent structure in dyadic event data of country-to-country interactions. In the first part, I will discuss recent work using large-scale digital field experiments on the mobile app Outvote to estimate the causal effects of friend-to-friend texting on voter turnout in the 2018 and 2020 US elections. This work is among the first to rigorously assess the effectiveness of friend-to-friend "get out the vote" tactics, which political campaigns have increasingly embraced in recent elections. I will discuss the statistical challenges inherent to randomizing interactions between friends with a "light touch" design and will describe the methodology we developed to identify and precisely estimate causal effects. In the second part of this talk, I will discuss hierarchical Bayesian modeling of dyadic event data sets in international relations which contain millions of micro-records of the form "country i took action a to country j at time t". The models I will discuss blend elements of tensor decomposition and dynamical systems to capture complex temporal and network dependence structure in the data. Approximate posterior inference relies on new auxiliary variable augmentation schemes and theorems about the properties and relationships between different discrete distributions. At the end of the talk, I will outline the future of both lines of work, as well as their intersection, and sketch a broader vision for how data science can serve computational social science and vice versa.

Please contact MPI-SWS Office Team for link information

Aaron is a postdoctoral fellow in the Data Science Institute at Columbia University, where he is co-advised by David Blei and Donald Green. His research develops machine learning and data science methods for computational social science. His recent work uses large-scale digital field experiments to assess the causal effects of friend-to-friend mobilization on voter turnout in US elections. Aaron did his PhD at UMass Amherst in Computer Science, where he was advised by Hanna Wallach. His doctoral research developed new hierarchical Bayesian models, tensor decomposition methods, and dynamical systems for analyzing massive data sets of country-to-country events. Aaron has interned at Google and Microsoft Research and worked in policy at the MITRE Corporation. He is also currently a senior technical advisor at Ocurate and a research affiliate at PredictWise. Prior to doing his PhD, he received a BA in Political Science and an MA in Computational Linguistics from UMass Amherst. He is on Twitter @AaronSchein.

Computer development has come a long way. Along with the evolution of computers, advances in high-level programming languages allow us to write large-scale software systems easily. While new language features significantly extend the language expressive power, they often lack theoretical development and lead to subtle implementation bugs. Moreover, while high-level languages abstract over low-level aspects and thus eliminate many sources of errors, the abstraction often comes with a runtime penalty that results in inefficient low-level code. In this talk, I will show how to apply programming language theory to practical programming to offer strong static safety and efficiency guarantees in three domains: language design, runtime systems, and machine learning systems. First, I will demonstrate a type-theoretical formalization of language features, focusing on type inference for dependent types in algebraic datatype declarations. The formalization has guided real-world language implementations. Then, I will show that programming language theory reaps benefits beyond safety. I will present Perceus, a garbage-free reference counting algorithm with reuse, that supports high-level programming while preserving low-level efficiency. Perceus delivers competitive performance compared to state-of-the-art memory reclamation implementations. Finally, as part of a vision to make programming languages broadly applicable, I will discuss my efforts to apply programming language techniques to machine learning systems, by presenting a program synthesis framework that accelerates large-scale distributed machine learning on hardware platforms.

Please contact MPI-SWS Office Team for link information

Ningning Xie is a research associate at the University of Cambridge. She received her Ph.D. in Computer Science at the University of Hong Kong in 2021. Her research interests are in the field of programming languages, where she applies programming language theory to a variety of domains, including language design, runtime and compiler systems, and machine learning systems. In the last two years of her Ph.D. study, Ningning had research visits at Microsoft Research Redmond and DeepMind London. Her research has been recognized by ACM SIGPLAN Distinguished Paper awards at the Symposium on Principles of Programming Languages (POPL 2020) and the Conference on Programming Language Design and Implementation (PLDI 2021).

There are many robustness issues arising in a variety of forms while deploying ML systems in the real world. For example, neural networks suffer from distributional shift — a model is tested on a data distribution different from what it was trained on. In addition, neural networks are vulnerable to adversarial examples – small perturbations to the input can successfully fool classifiers into making incorrect predictions. In this talk, I will introduce how to improve robustness of machine learning models by building connections between different perspectives of robustness issues and bridging gaps between a wide range of modalities. As a result, seemingly different robustness issues can be tackled by closely-related approaches, and robust ML on multiple modalities and backbone architectures can converge to a common ground.

Please contact MPI-SWS Office Team for link information

Yao Qin is a Research Scientist at Google Research. She received a PhD degree in Computer Science and Engineering at UC San Diego under the supervision of Prof. Garrison Cottrell in 2020. Her research focuses on improving robustness of machine learning. Due to her contributions to the robustness of ML models (10 first-author publications and over 1500 citations), She has been selected as EECS Rising Star at MIT, 2021. Yao interned at Brain Toronto Team advised by Geoffrey Hinton in 2019, and Google Brain, advised by Ian Goodfellow in 2018. Homepage: http://cseweb.ucsd.edu/~yaq007/

The internet has had a revolutionary impact on our world. The vision of a quantum internet is to provide fundamentally new internet technology by enabling quantum communication between any two points on Earth. Such a quantum internet can —in synergy with the "classical" internet that we have today—connect quantum information processors in order to achieve unparalleled capabilities that are provably impossible by using only classical information. At present, such technology is under development in physics labs around the globe, but no large-scale quantum network systems exist. We start by providing a gentle introduction to quantum networks for computer scientists, and briefly review the state of the art. We highlight some of the many open questions to computer science in the domain of quantum networking, illustrated with a very recent result realizing the first quantum link layer protocol on a programmable 3 node quantum network based on Nitrogen-Vacancy Centers in Diamond. We close by providing a series of pointers to learn more, as well as tools to download that allow play with simulated quantum networks without leaving your home.

Information about the series and recordings of previous talks can be found at https://www.mpi-inf.mpg.de/departments/algorithms-complexity/quantum-lecture-ser ies

-

Supporting a safe and trustworthy online environment is challenging, as these environments are constantly threatened by abusive behaviors that cause real human harm. Among the numerous threats, online harassment suppresses voices, and misleading information and propaganda undermine public trust. Existing methods to combat these threats are often not sufficient, as adversaries may abuse and exploit technologies in nuanced ways, and mitigation strategies don't always reflect users' needs. In this talk, I will present my work on characterizing threats, and empowering users with new techniques to combat these threats. First, I will discuss the challenges faced in detecting subtle harassment on social media, and my approach to context-specific analysis using the United States 2018 general election as a case study. Second, I will demonstrate the importance of characterizing user participation in adversarial activities, to inform better moderation mechanism design. Lastly, I will introduce my work on developing privacy-preserving abuse mitigation techniques, to allow user-side warnings of misinformation images in end-to-end encrypted environments.

Please contact MPI-SWS Office Team for link information

Yiqing Hua is a PhD candidate in Computer Science at Cornell Tech, Cornell University. Her research lies in the intersection of social computing and security and privacy. Her work focuses on characterizing threats to online trust and safety, and enabling abuse mitigation in privacy-sensitive environments. She was a recipient of the Digital Life Initiative Fellowship, and was named as EECS Rising Star in 2020. Her work received an Honorable Mention award in CHI 2020.

Representation learning with neural networks automates feature extraction with less need for continental feature engineering; thereby achieving incredible performance in image, text, and strategy processing. However, the underlying mechanism of representation learning is not well understood. This limits applications of representation learning in critical tasks, such as cancer diagnoses and other medical decisions. In this talk, we propose a research plan for studying representation learning with three core research focuses: Random neural networks. By studying random neural networks, we shed light on the inner workings of the incredible performance of modern neural networks. We demonstrate how the study of random networks allows us to go beyond the conventional trial and error development of neural networks. Local optimality. Given a neural network, is it possible to improve its performance only by slight modifications of the network parameters? This is the focus of local optimization for representation learning. Our research highlights that local optimization requires more studies in modern representation learning with generative adversarial networks. Modeling. A mathematical study of learning dynamics is very challenging. Modeling facilitates the study of learning dynamics by omitting technical details of learning. For example, a continuous-time dynamical system may model an iterative learning method, bridging the gap between dynamical systems and representation learning.

Please contact MPI-SWS Office Team for link information

Hadi is a postdoc at Princeton University. He previously worked at INRIA Paris as a postdoc researcher under the supervision of Professor Francis Bach. Hadi completed his Ph.D. in computer science in June 2020 in the Machine Learning Department of ETH Zurich under the supervision of Professor Thomas Hofmann. The focus of his research is optimization for (deep) neural networks.

Society is made up of a set of diverse individuals, demographic groups, and institutions. Therefore, learning and deploying algorithmic models across heterogeneous environments face a set of various trade-offs. In order to develop reliable machine learning algorithms that can interact successfully with the real world, it is necessary to deal with changes in underlying data-generating distributions. This talk will be about the kernel mean embedding (KME), a nonparametric kernel-based framework to represent probability distributions and model changes thereof. In particular, I will focus on how this framework can help improve the credibility of algorithmic decision-making by enabling us to reason about higher-order causal effects of policy interventions as well as by removing the effect of unobserved confounders through the use of an instrumental variable (IV). Lastly, I will argue that a better understanding of the ways in which our data are generated and how our models can influence them will be crucial for reliable machine learning systems, especially when gaining full information about data may not be possible.

Please contact MPI-SWS Office Team for link information

Krikamol Muandet is currently a research group leader in the Empirical Inference Department at the Max Planck Institute for Intelligent Systems (MPI-IS), Tübingen, Germany. Previously, he was a lecturer in the Department of Mathematics at Mahidol University, Bangkok, Thailand. He received his Ph.D. in computer science from the University of Tübingen in 2015 working mainly with Prof. Bernhard Schölkopf. He received his master's degree in machine learning from University College London (UCL), the United Kingdom where he worked mostly with Prof. Yee Whye Teh at Gatsby Computational Neuroscience Unit. He served as a publication chair of AISTATS 2021 and as an area chair for AISTATS 2022, NeurIPS 2021, NeurIPS 2020, NeurIPS 2019, and ICML 2019, among others.

Nowadays, security researchers are increasingly using AI to automate and facilitate security analysis. Although making some meaningful progress, AI has not maximized its capability in security yet, mainly due to two challenges. First, existing ML techniques have not reached security professionals' requirements in critical properties, such as interpretability and adversary-resistancy. Second, Security data imposes many new technical challenges, and these challenges break the assumptions of existing ML models and thus jeopardize their efficacy. In this talk, I will describe my research efforts to address the above challenges, with a primary focus on strengthening the interpretability of ML-based security systems and enriching ML to detect concept drifts in security data. Regarding interpretability, I will describe our explanation methods for deep learning-based and deep reinforcement learning-based security systems and demonstrate how security analysts could benefit from these methods to establish trust in blackbox models and patching model vulnerabilities. As for concept drifts, I will introduce a novel ML system to detect and explain drifting samples and demonstrate its application in a real-world malware database. Finally, I will conclude by highlighting my future plan towards maximizing the capability of advanced ML in cybersecurity.

Please contact MPI-SWS Office Team for link information

Wenbo Guo is a Ph.D. Candidate at Penn State, advised by Professor Xinyu Xing. His research interests are machine learning and cybersecurity. His work includes strengthening the fundamental properties of machine learning models and designing customized machine learning models to handle security-unique challenges. He is a recipient of the IBM Ph.D. Fellowship (2020-2022), Facebook/Baidu Ph.D. Fellowship Finalist (2020), and ACM CCS Outstanding Paper Award (2018). His research has been featured by multiple mainstream media and has appeared in a diverse set of top-tier venues in security, machine learning, and data mining. Going beyond academic research, he also actively participates in many world-class cybersecurity competitions and has won the 2018 DEFCON/GeekPwn AI challenge finalist award.

Storage technologies are entering the market with performance vastly superior to conventional storage devices. This technology shift requires a complete rethinking of the software storage stack.

In this talk I will give two examples of our work with Optane-based solid-state (block) devices that illustrate the need for and the benefit of a wholesale redesign.

First, I will describe the Kvell key-value (KV) store. The key observation underlying Kvell is that conventional KV software on fast devices is bottlenecked by the CPU rather than by the device. Kvell therefore focuses on minimizing CPU intervention.

Second, I will describe the Kvell+ OLTP/OLAP system built on top of Kvell. The key underlying observation here is that these storage devices have become so fast that the conventional implementation of snapshot isolation – maintaining multiple versions – quickly leads to the device filling up. Kvell therefore focuses processes new versions as they are created.

This talk describes joint work with Oana Balmau (McGill University), Karan Gupta (Nutanix) and Baptiste Lepers (University of Sydney).

---

Please contact the MPI-SWS Office Team for the ZOOM link information. .

Willy Zwaenepoel received his BS/MS from Ghent University in 1979, and his MS and PhD from Stanford University, in 1980 and 1984, respectively. He is currently dean of engineering at the University of Sydney. Previously, he has been on the faculty at Rice University and head of the school of computer and communication sciences at EPFL.  He has been involved with a number of startups including Nutanix (Nasdaq:NTNX). He was elected IEEE Fellow in 1998 and ACM Fellow in 2000 and received a number of awards for teaching and research, including the Eurosys Lifetime Achievement Award. His main interests are in operating systems and distributed systems.

Data analytics in the cloud has become an integral part of enterprise businesses. Big data analytics systems, however, still lack the ability to take task objectives such as user performance goals and budgetary constraints and automatically configure an analytical job to achieve these objectives. This talk presents UDAO, a Unified Data Analytics Optimizer, that can automatically determine a cluster configuration with a suitable number of cores as well as other system parameters that best meet the task objectives. At a core of our work is a principled multi-objective optimization (MOO) approach that computes a Pareto optimal set of configurations to reveal tradeoffs between different objectives, recommends a new cluster configuration that best explores such tradeoffs, and employs novel optimizations to enable such recommendations within a few seconds. Such optimization is further enabled by a Deep Learning-based modeling approach that can learn a model for each user objective as complex as necessary for the underlying computing environment. Detailed experiments using a Spark-based prototype and benchmark workloads show that our MOO techniques provide a 2-50x speedup over existing MOO methods, while offering good coverage of the Pareto frontier. Compared to Ottertune, a state-of-the-art performance tuning system, UDAO recommends Spark configurations that yield 26%-49% reduction of running time of the TPCx-BB benchmark while adapting to different user preferences on multiple objectives. This talk ends by outlining remaining research challenges in automated resource management and performance optimization for cloud data analytics.

Yanlei Diao is Professor of Computer Science at the University of Massachusetts Amherst, USA and Ecole Polytechnique, France. Her research interests lie in big data analytics and scalable intelligent information systems, with a focus on optimization in cloud analytics, data stream analytics, explanation discovery, interactive data exploration, and uncertain data management. She received her PhD in Computer Science from the University of California, Berkeley in 2005.

Prof. Diao is a recipient of the 2016 ERC Consolidator Award, 2013 CRA-W Borg Early Career Award (one female computer scientist selected each year for outstanding contributions), IBM Scalable Innovation Faculty Award, and NSF Career Award. She has given keynote speeches at the ACM DEBS Conference, the ExploreDB workshop, and the Distinguished Lecture Series at the IBM Almaden Research Center, the University of Texas at Austin and Technische Universitaet Darmstadt. She has served as Editor-in-Chief of the ACM SIGMOD Record, Associate Editor of ACM TODS, Chair of the ACM SIGMOD Research Highlight Award Committee, and member of the SIGMOD and PVLDB Executive Committees. She was PC Co-Chair of IEEE ICDE 2017 and ACM SoCC 2016, and served on the organizing committees of SIGMOD, PVLDB, and CIDR, as well as on the program committees of many international conferences and workshops. http://www.lix.polytechnique.fr/~yanlei.diao/

In supervised machine learning, in an abstract sense, a concept in a given reference class has to be inferred from a small set of labeled examples. Machine teaching refers to the inverse problem, namely the problem to compress any concept in the reference class to a "teaching set" of labeled examples in a way that the concept can be reconstructed. The goal is to minimize the worst-case teaching set size taken over all concepts in the reference class, while at the same time adhering to certain conditions that disallow unfair collusion between the teacher and the learner. Applications of machine teaching include multi-agent systems and program synthesis. In this presentation, it is first shown how preference relations over concepts can be used in order to guarantee collusion-free teaching and learning. Intuitive examples are presented in which quite natural preference relations result in data-efficient collusion-free teaching of complex classes of concepts. Further, it is demonstrated that optimal collusion-free teaching cannot always be attained by the preference-based approach. Finally, we will challenge the standard notion of collusion-freeness and show that a more stringent notion characterizes teaching with the preference-based approach. This presentation summarizes joint work with Shaun Fallat, Ziyuan Gao, David G. Kirkpatrick, Christoph Ries, Hans U. Simon, and Abolghasem Soltani.

Dr. Sandra Zilles is a Professor of Computer Science at the University of Regina, where she holds a Canada Research Chair in Computational Learning Theory as well as a Canada CIFAR AI Chair. Her research on machine learning and artificial intelligence is funded by government agencies and industry partners and has led to over 100 peer-reviewed publications. Her main research focus is on theoretical aspects of machine learning, yet some of the methods developed in her lab have found applications in research on autonomous vehicles, in research on genetics, and in cancer research. Dr. Zilles is a member of the College of New Scholars, Artists and Scientists of the Royal Society of Canada, an Associate Editor for the IEEE Transactions on Pattern Analysis and Machine Intelligence, and an Associate Editor for the Journal of Computer and System Sciences. She recently served on the Board of Directors for Innovation Saskatchewan and on the Board of Directors for the Pacific Institute for the Mathematical Sciences (PIMS).

Abstract: Support for hardware acceleration and parallel software workloads on heterogeneous multiprocessor platforms is becoming increasingly relevant in the design of high-performance and power-efficient real-time embedded systems. Communication between jobs dispatched on different cores and specialized hardware accelerators such as FPGAs and GPUs is most often implemented using asynchronous events. The delays incurred by each task due to the time spent waiting for such events should appropriately be accounted for in the timing analysis of the resulting scheduling behavior. This talk presents the event-driven delay-induced (EDD) task model, which is suitable to represent and analyze the timing behavior of complex computing workloads that incur event-related delays in the communication and synchronization between different processing elements. The EDD task model generalizes several existing task models, providing enhanced expressiveness towards the timing analysis of parallel processing workloads that involve both synchronous and asynchronous hardware acceleration requests. Two analysis techniques for EDD tasks executing on single-core platforms under fixed-priority scheduling are presented; then, a model transformation technique is provided to analyze parallel real-time tasks executing under partitioned multiprocessor scheduling by means of a set of EDD tasks. In the experiments, partitioned scheduling of parallel tasks is shown to outperform federated scheduling when the proposed analysis approach is combined with specialized partitioning heuristics.

Please contact the office team for link information.

Federico Aromolo is a Ph.D. student in Emerging Digital Technologies (Embedded Systems curriculum) at the Scuola Superiore Sant'Anna (Pisa, Italy), where he works at the Real-Time Systems Laboratory (ReTiS Lab) under the supervision of Prof. Giorgio Buttazzo and Prof. Alessandro Biondi. He holds a Master of Science degree in Embedded Computing Systems from the Scuola Superiore Sant'Anna and the University of Pisa, and a Bachelor of Science degree in Computer Engineering from the University of Pisa, both achieved with highest honors. His research interests are in the area of real-time embedded systems and include real-time scheduling and synchronization algorithms, design and implementation of embedded and cyber-physical systems, real-time operating systems, and advanced robotics and artificial intelligence applications.

Software 2.0 – the augmentation and replacement of traditional code with models, especially deep neural networks – is changing how we develop, deploy, and maintain software. In this talk, I will describe the challenges and opportunities that this change brings with it, focusing on its impact on database systems.

Johannes Gehrke is a Technical Fellow at Microsoft and the Managing Director of Microsoft Research at Redmond and the CTO and head of machine learning for Microsoft Teams. He has received a National Science Foundation Career Award, an Arthur P. Sloan Fellowship, a Humboldt Research Award, the 2011 IEEE Computer Society Technical Achievement Award, the 2021 ACM SIGKDD Innovation Award, and he is an ACM Fellow and an IEEE Fellow. From 1999 to 2015, Johannes was on the faculty in the Department of Computer Science at Cornell University where he graduated 25 PhD students, and from 2005 to 2008, he was Chief Scientist at FAST Search and Transfer.

Enzian is a research computer built at ETH Zurich which combines a server-class CPU with a large FPGA in an asymmetric 2-socket NUMA system. It is designed to be used individually or in a cluster to explore the design space for future hardware and its implications for system software. Enzian is deliberately over-engineered, and (as I'll show) can replicate the use-cases of almost all other FPGA platforms used in academic research today. Perhaps unique to Enzian is exposing the CPU's native cache-coherence protocol to applications on the FPGA, and I'll discuss the additional opportunities this offers for research as well as the challenges we faced in interoperating with an existing coherence protocol not designed for this use-case. There are nine Enzian systems operational so far, being used locally at ETH and remotely by collaborators.

---

Please contact the MPI-SWS Office Team for the ZOOM link information. .

Timothy Roscoe is a Full Professor in the Systems Group of the Computer Science Department at ETH Zurich, where he works on operating systems, networks, and distributed systems, and is currently head of department.

Mothy received a PhD in 1995 from the Computer Laboratory of the University of Cambridge, where he was a principal designer and builder of the Nemesis OS. After three years working on web-based collaboration systems at a startup in North Carolina, he joined Sprint's Advanced Technology Lab in Burlingame, California in 1998, working on cloud computing and network monitoring. He joined Intel Research at Berkeley in April 2002 as a principal architect of PlanetLab, an open, shared platform for developing and deploying planetary-scale services. Mothy joined the Computer Science Department ETH Zurich in January 2007, and was named Fellow of the ACM in 2013 for contributions to operating systems and networking research.

His work has included the Barrelfish multikernel research OS, as well as work on distributed stream processors, and using formal specifications to describe the hardware/software interfaces of modern computer systems. Mothy's current research centers on Enzian, a powerful hybrid CPU/FPGA machine designed for research into systems software.

We introduce Concurrent NetKAT (CNetKAT), an extension of the network programming language NetKAT with multiple packets and with operators to specify and reason about concurrency and state in a network We provide a model of the language based on partially ordered multisets, well-established mathematical structures in the denotational semantics of concurrent languages. We prove that CNetKAT is a sound and complete axiomatization of this model, and we illustrate the use of CNetKAT through various examples. More generally, CNetKAT is analgebraic framework to reason about programs with both local and global state. In our model these are, respectively, the packets and the global variable store, but the scope of applications is much more general, including reasoning about hardware pipelines inside an SDN switch. This is joint work with Jana Wagemaker, Nate Foster, Tobia Kappe, Dexter Kozen, and Jurriaan Rot.

Please contact the office team for link information,

Alexandra Silva is a Professor at the Computer Science Department at Cornell University. Her main research focuses on the modular development of specification languages and algorithms for models of computation. A lot of the work is developed from unifying perspective offered by coalgebra, a mathematical framework established in the last decades.

We present fully automated approaches to safety and termination analysis of probabilistic while-programs whose guards and expressions are polynomial expressions over random variables and parametrised distributions. We combine methods from symbolic summation and statistics to derive invariants as valid properties over higher-order moments, such as expected values or variances, of program variables, synthesizing this way quantitative invariants of probabilistic program loops. We further extend our moments-based analysis to prove termination of considered probabilistic while-programs. This is a joint work with Ezio Bartocci, Joost-Pieter Katoen, Marcel Moosbrugger and Miroslav Stankovic.

--

Please contact the MPI-SWS Office Team for the ZOOM link information.

Laura Kovacs is a full professor in computer science at the TU Wien, leading the automated program reasoning (APRe) group of the Formal Methods in Systems Engineering Division. Her research focuses on the design and development of new theories, technologies, and tools for program analysis, with a particular focus on automated assertion generation, symbolic summation, computer algebra, and automated theorem proving. She is the co-developer of the Vampire theorem prover and a Wallenberg Academy Fellow of Sweden. Her research has also been awarded with a ERC Starting Grant 2014, an ERC Proof of Concept Grant 2018 and an ERC Consolidator Grant 2020.

Microarchitectural security is one of the most challenging and exciting problems in system security today. With the discovery of transient execution attacks, it has become clear that microarchitectural attacks have significant impact on the security properties of software running on a processor that runs code from various stakeholders (such as, for instance, in the cloud). This talk will first provide an overview of the current understanding of microarchitectural security, with a focus on how the research community has built formal models for processors that support proving that software is resilient to specific classes of microarchitectural attacks. Next, we turn to the problem of validating these proposed formal models: how can we convince ourselves and others that a given formal model is an adequate model for a given real-world processor, and that we can justifiably trust the security properties proven based on the model. This is an instance of the more general problem of empirically validating whether a real-world system satisfies the assumptions on which a formal model relies. We will discuss a small case study where we empirically validated a formally proven security property of a simple processor by systematically attacking the corresponding real-world implementation of the processor. We end with some conclusions and reflections on how our experiences from this case study might help us build more adequate formal models.

--

Please contact the MPI-SWS Office Team for the ZOOM link information.

Frank Piessens is a full professor in the Department of Computer Science at the Katholieke Universiteit Leuven, Belgium. His research field is software and system security, where he focuses on the development of high-assurance techniques to deal with implementation-level software vulnerabilities and bugs, including techniques such as software verification, run-time monitoring, hardware security architectures, type systems and programming language design. He has served on the program committee of numerous security and software conferences including ACM CCS, Usenix Security, IEEE Security & Privacy, and ACM POPL. He acted as program chair for the International symposium on Engineering Secure Software and Systems (ESSOS 2014 & 2015), for the International Conference on Principles of Security and Trust (POST 2016) and for the IEEE European Symposium on Security & Privacy (Euro S&P 2018 & 2019).

Rigorous approaches based on controller synthesis can generate correct-by-construction controllers that guarantee that the system under control meets some higher-level tasks. By reducing designing and testing cycles, synthesis can help create safe autonomous systems that involve complex interactions of dynamics and decision logic. In general, however, synthesis problems are known to have high computational complexity for high dimensional and nonlinear systems. In this talk, I will present a series of new synthesis algorithms that suggest that these challenges can be overcome and that rigorous approaches are indeed promising. I will talk about how to synthesize controllers for linear systems, nonlinear systems, hybrid systems with both discrete and continuous control variables, and multi-agent systems, with guarantees on the safety and optimality of the solutions.

Please contact the office team for link information.

Chuchu Fan an Assistant Professor in the Department of Aeronautics and Astronautics at MIT. Before that, she was a postdoc researcher at Caltech and got her Ph.D. from the Electrical and Computer Engineering Department at the University of Illinois at Urbana-Champaign in 2019. She earned her bachelor’s degree from Tsinghua University, Department of Automation, in 2013. Her group at MIT works on using rigorous mathematics including formal methods, machine learning, and control theory for the design, analysis, and verification of safe autonomous systems. Chuchu’s dissertation work "Formal methods for safe autonomy" won the ACM Doctoral Dissertation Award in 2020.

Max Planck Distinguished Speaker Talk in Quantum Computing and Quantum Information

Speaker: Andrew Childs (University of Maryland), https://www.cs.umd.edu/~amchilds/

Title: Efficient quantum algorithm for dissipative nonlinear differential equations

Time: Thursday, July 22nd, 4pm.

Location: https://zoom.us/j/94577321297?pwd=N3l5K1ZtZ3E1aytnWlBkL1FUazNXZz09 Meeting ID: 945 7732 1297 Passcode: 205903

Hosts: Ignacio Cirac (MPQ) and Kurt Mehlhorn (MPI-INF).

Abstract: While there has been extensive previous work on efficient quantum algorithms for linear differential equations, analogous progress for nonlinear differential equations has been severely limited due to the linearity of quantum mechanics. Despite this obstacle, we develop a quantum algorithm for initial value problems described by dissipative quadratic n-dimensional ordinary differential equations. Assuming R<1, where R is a parameter characterizing the ratio of the nonlinearity to the linear dissipation, this algorithm has complexity T^2 poly(log T, log n, log(1/ϵ))/ϵ, where T is the evolution time and ϵ is the allowed error in the output quantum state. This is an exponential improvement over the best previous quantum algorithms, whose complexity is exponential in T. We achieve this improvement using the method of Carleman linearization, for which we give a novel convergence theorem. This method maps a system of nonlinear differential equations to an infinite-dimensional system of linear differential equations, which we discretize, truncate, and solve using the forward Euler method and the quantum linear system algorithm. We also provide a lower bound on the worst-case complexity of quantum algorithms for general quadratic differential equations, showing that the problem is intractable for R≥sqrt(2). Finally, we discuss potential applications of this approach to problems arising in biology as well as in fluid and plasma dynamics.

Based on joint work with Jin-Peng Liu, Herman Kolden, Hari Krovi, Nuno Loureiro, and Konstantina Trivisa.

-

When using distributed machine learning (ML) systems to train models on a cluster of worker machines, users must configure a large number of parameters: hyper-parameters (e.g. the batch size and the learning rate) affect model convergence; system parameters (e.g. the number of workers and their communication topology) impact training performance. Some of these parameters, such as the number of workers, may also change in elastic machine learning scenarios. In current systems, adapting such parameters during training is ill-supported. In this talk, I will describe our recent work on KungFu, a distributed deep learning library for TensorFlow and PyTorch that is designed to enable adaptive and elastic training. KungFu allows users to express high-level Adaptation Policies (APs) that describe how to change hyper-and system parameters during training. APs take real-time monitored metrics (e.g. signal-to-noise ratios) as input and trigger control actions (e.g. cluster rescaling or synchronisation strategy updates). For execution, APs are translated into monitoring and control operators that are embedded in the dataflow graph. APs exploit an efficient asynchronous collective communication layer, which ensures concurrency and consistency of monitoring and adaptation operations.

--

Please contact the MPI-SWS Office Team for the ZOOM link information.

Peter Pietzuch is a Professor of Distributed Systems at Imperial College London, where he leads the Large-scale Data & Systems (LSDS) group (http://lsds.doc.ic.ac.uk). His research work focuses on the design and engineering of scalable, reliable and secure large-scale software systems, with a particular interest in performance, data management and security issues. He has published papers in premier scientific venues, including OSDI/SOSP, SIGMOD, VLDB, ASPLOS, USENIX ATC, EuroSys, SoCC, ICDCS and Middleware. Currently he is a Visiting Researcher with Microsoft Research and serves as the Director of Research in the Department, the Chair of the ACM SIGOPS European Chapter, and an Associate Editor for IEEE TKDE and TCC. Before joining Imperial College London, he was a post-doctoral Fellow at Harvard University. He holds PhD and MA degrees from the University of Cambridge.

Within a span of just a few years, we have gone from completely trusting our hardware to realising that everything is broken and all our security guarantees are built on sand. Memory chips have fundamental (Rowhammer) flaws that allow attackers to modify data without accessing it and CPUs are full of side channels and transient execution problems that lead to information leakage across pretty much all security boundaries. Combined, these issues have led to a string of high-profile attacks. In this talk, I will discuss some of the developments in such attacks, mostly by means of the attacks in which our group was involved. Although the research was exciting, I will argue that the way we conduct security research on hardware is broken. The problem is that the interests of hardware manufacturers and academics do not align and this is bad for everyone.

--

Please contact MPI-SWS Office Team for Zoom link information.

Herbert Bos is professor of Systems and Network Security at Vrije Universiteit Amsterdam where he co-leads the VUSec research group. He obtained his Ph.D. from Cambridge University Computer Laboratory (UK). Coming from a systems background, he drifted into security a few years ago and never left. His research interests cover all aspects of system-level security and reliability, including topics such as software hardening, exploitation, micro-architectural attacks, binary analysis, fuzzing, side channels, and reverse engineering. He is very proud of his (former) students who are much cleverer than he is.

Domain-specific hardware accelerators for graphics, deep learning, image processing, and other tasks have become pervasive to meet the performance and energy-efficiency needs of emerging applications. However, such specializations are inherently at odds with the programmability long enjoyed by software developers from general-purpose processors. In this talk, I will explore the feasibility of programmable, domain-agnostic accelerators that can be morphed and instantiated to specialized accelerators at runtime through software. In particular, I will present Coarse-Grained Reconfigurable Array (CGRA) as a promising approach to offer high accelerator efficiency while supporting diverse tasks through compile-time configurability. The central challenge is efficient spatio-temporal mapping of the applications expressed in high-level programming languages with complex data dependencies, control flow, and memory accesses to the accelerator. We approach this challenge through a synergistic hardware-software co-designed approach with (a) innovations at the architecture level to improve the efficiency of the application execution as well as ease the burden on the compilation, and (b) innovations at the compiler level to fully exploit the architectural optimizations for quality and fast mapping. Finally, I will share systems-level considerations for real-world deployment of domain-agnostic accelerators in the context of edge computing.

Please contact the office team for link information

Tulika Mitra is Provost’s Chair Professor of Computer Science and Vice Provost (Academic Affairs) at the National University of Singapore (NUS). Her research is focused on the design automation of energy-efficient, real-time embedded computing systems. She has authored around two hundred scientific publications in premier international journals and conferences. Her research has been recognized by best paper award and nominations in major conferences. Tulika is recently serving as the Editor-in-Chief of ACM Transactions on Embedded Computing Systems, Program Chair of International Conference on Computer Aided Design (ICCAD) 2021, and General Chair of Embedded Systems Week (ESWEEK) 2020.

Algorithms are increasingly used to aid decision-making in high-stakes settings including employment, lending, healthcare, and the legal system. This development has led to an ecosystem of growing complexity in which algorithms and people interact around consequential decisions, often mediated by organizations and firms that may be in competition with one another.

We consider two related sets of issues that arise in this setting. First, concerns have been raised about the effects of algorithmic monoculture, in which multiple decision-makers all rely on the same algorithm. In a set of models drawing on minimal assumptions, we show that when competing decision-makers converge on the use of the same algorithm as part of a decision pipeline, the result can potentially be harmful for social welfare even when the algorithm is more accurate than any decision-maker acting on their own. Second, we consider some of the canonical ways in which data is simplified over the course of these decision-making pipelines, showing how this process of simplification can introduce sources of bias in ways that connect to principles from the psychology of stereotype formation.

The talk will be based on joint work with Sendhil Mullainathan and Manish Raghavan.

Please contact the office team for link information.

Jon Kleinberg is the Tisch University Professor in the Departments of Computer Science and Information Science at Cornell University. His research focuses on the interaction of algorithms and networks, the roles they play in large-scale social and information systems, and their broader societal implications. He is a member of the US National Academy of Sciences and National Academy of Engineering, and the recipient of MacArthur, Packard, Simons, Sloan, and Vannevar Bush research fellowships, as well awards including the Harvey Prize, the Nevanlinna Prize, and the ACM Prize in Computing

Financial applications such as Landing and Payment protocols, and their realization in decentralized financial (DeFi) applications in Blockchains, comprise a unique domain where bugs in the code may be exploited by anyone to steal assets. This situation provides unique opportunities for formal verification to enable "move fast and break nothing". Formal verification can be used to detect errors early in the development process and guarantee correctness when a new version of the code is deployed.

I will describe an attempt to automatically verify DeFis and identify potential bugs. The approach is based on breaking the verification of DeFis into decidable verification tasks. Each of these tasks is solved via a decision procedure which automatically generates a formal proof or a test input showing a violation of the specification. In order to overcome undecidability, high level properties are expressed as ghost states and static analysis used to infer how low level programs update ghost states.

--

Please contact MPI-SWS Office Team for Zoom link information

Mooly Sagiv is a professor in the School of Computer Sciences at Tel-Aviv University and a CEO and co-founder of Certora. He is a leading researcher in the area of large scale (inter-procedural) program analysis, and one of the key contributors to shape analysis. His fields of interests include programming languages, compilers, abstract interpretation, profiling, pointer analysis, shape analysis, inter-procedural dataflow analysis, program slicing, and language-based programming environments. Prof. Sagiv is a recipient of a 2013 senior ERC research grant for Verifying and Synthesizing Software Composition. He also served as Member of the Advisory Board of Panaya Inc. and received best-paper awards at PLDI'11 and PLDI'12 for his work on composing concurrent data structures and a ACM SIGSOFT Retrospective Impact Award (2011) for program slicing. He is a recipient of Friedrich Wilhelm Bessel Research Award (2002), He is an ACM fellow and a recipient of Microsoft Research Outstanding Collaborator Award 2016.

Want to speed up data access? Add a cache! Data caching, as the solution to performance woes, is as old as our field. However, we have been less aggressive at caching computation. While memoization is a widely known technique, it is rarely employed as pervasively as data caching. In this talk, I'll present examples of how we've used computational caching in areas ranging from interpretable machine learning to program synthesis to automatic parallelization.

--

Please contact the MPI-SWS office team for Zoom link details.

MARGO I. SELTZER is Canada 150 Research Chair in Computer Systems and the Cheriton Family chair in Computer Science at the University of British Columbia. Her research interests are in systems, construed quite broadly: systems for capturing and accessing data provenance, file systems, databases, transaction processing systems, storage and analysis of graph-structured data, new architectures for parallelizing execution, and systems that apply technology to problems in healthcare.

She is the author of several widely-used software packages including database and transaction libraries and the 4.4BSD log-structured file system. Dr. Seltzer was a co-founder and CTO of Sleepycat Software, the makers of Berkeley DB, recipient of the 2020 ACM SIGMOD Systems Award. She serves on Advisory Council for the Canadian COVID alert app and the Computer Science and Telecommunications Board (CSTB) of the (US) National Academies. She is a past President of the USENIX Assocation and served as the USENIX representative to the Computing Research Association Board of Directors and on the Computing Community Consortium. She is a member of the National Academy of Engineering, a Sloan Foundation Fellow in Computer Science, an ACM Fellow, a Bunting Fellow, and was the recipient of the 1996 Radcliffe Junior Faculty Fellowship. She is recognized as an outstanding teacher and mentor, having received the Phi Beta Kappa teaching award in 1996, the Abrahmson Teaching Award in 1999, the Capers and Marion McDonald Award for Excellence in Mentoring and Advising in 2010, and the CRA-E Undergraduate Research Mentoring Award in 2017.

Professor Seltzer received an A.B. degree in Applied Mathematics from Harvard/Radcliffe College and a Ph. D. in Computer Science from the University of California, Berkeley.

In the synthesis problem, we are given a specification over input and output signals, and we synthesize a system that realizes the specification: with every sequence of input signals, the system associates a sequence of output signals so that the generated computation satisfies the specification. The above classical formulation of the problem is Boolean. The talk surveys recent efforts to automatically synthesize reactive systems that are not only correct, but also of high quality. Indeed, designers would be willing to give up manual design only after being convinced that the automatic procedure that replaces it generates systems of comparable quality. We distinguish between behavioral quality, which refers to the way the specification is satisfied, and costs, which refer to resources that the system consumes. We argue that both are crucial for synthesis to become appealing in practice. __________________________________________________________________________

Please contact MPI-SWS Office Team for Zoom link information

-

Distributional reinforcement learning (RL) is a new approach to RL with the emphasis on the distribution of the rewards obtained rather than just the expected reward as in traditional RL. In this work we take the distributional point of view and analyse a number of sampling-based algorithms such as value iteration, TD(0) and policy iteration. These algorithms have been shown to converge under various assumptions but usually with completely different proofs. We have developed a new viewpoint which allows us to prove convergence using a uniform approach. The idea is based on couplings and on viewing the approximation algorithms as Markov processes in their own right. It originated from work on bisimulation metrics in which I have been working for the last quarter century. This is joint work with Philip Amortila (U. Illinois), Marc Bellemare (Google Brain) and Doina Precup (McGill, Mila and DeepMind).

Please contact MPI-SWS office for the Zoom links

Prakash Panangaden is a Professor of Computer Science at McGill University. His research interests are primarily in theoretical foundations of computer science with a focus on stochastic systems, but ranges from black holes and curved space-time to reinforcement learning. He has received numerous awards, including the Test of Time award at LICS. He is a Fellow of the ACM.

Computational social choice is an interdisciplinary field that studies collective decision making from an algorithmic perspective. Determining the winners under various voting rules is a mainstream area of research in computational social choice. Many such rules assume that the voters provide complete information about their preferences, an assumption that is often unrealistic because typically only partial preference information is available.  This state of affairs has motivated the study of the notions of the necessary winners and the possible winners with respect to a variety of voting rules.

The main aim of this talk is to present an overview of winner determination under incomplete information and to highlight some recent advances in this area, including the development of a framework that aims to create bridges between computational social choice and data management. This framework infuses relational database context into social choice and allows for the formulation of sophisticated queries about voting rules, candidates, winners, issues, and positions on issues. We will introduce the necessary answer semantics and the possible answer semantics to queries and will explore the computational complexity of query evaluation under these semantics.

------------------------------------------------------------

Please contact MPI-SWS Office Team for Zoom link information

Phokion Kolaitis is a Distinguished Research Professor at UC Santa Cruz and a Principal Research Staff Member at the IBM Almaden Research Center. His research interests include principles of database systems, logic in computer science, and computational complexity.

Program termination is a key question in program verification. This talk considers the termination of probabilistic programs, programs that can describe e.g., randomized algorithms, security algorithms and Bayesian learning.

Probabilistic termination has several nuances. Diverging program runs may occur with probability zero. Such programs are almost surely terminating (AST). If the expected duration until termination is finite, they are positive AST.

This talk presents a simple though powerful proof rule for deciding AST, reports on recent approaches towards automation, and sketches a Dijkstra-like weakest precondition calculus for proving positive AST in a compositional way.

-------------

Please contact MPI-SWS Office Team for Zoom link information

Joost-Pieter Katoen is a distinguished professor at RWTH Aachen University in the Software Modeling and Verification (MOVES) group and is part-time associated to the Formal Methods & Tools Group at the University of Twente (NL). He is interested in model checking, concurrency theory, program analysis and formal semantics. He is a member of the Academia Europaea, received an honorary doctorate from Aalborg University, is ERC Advanced Grant holder and was recently named ACM Fellow.

Cyber-physical systems (CPSs) combine cyber capabilities, such as computation or communication, with physical capabilities, such as motion or other physical processes. Cars, aircraft, and robots are prime examples, because they move physically in space in a way that is determined by discrete computerized control algorithms. Designing these algorithms is challenging due to their tight coupling with physical behavior, while it is vital that these algorithms be correct because we rely on them for safety-critical tasks.

This talk highlights some of the most fascinating aspects of the logical foundations for developing cyber-physical systems with the mathematical rigor that their safety-critical nature demands. The underlying logic, differential dynamic logic, provides an integrated specification and verification language for dynamical systems, such as hybrid systems that combine discrete transitions and continuous evolution along differential equations.

In addition to providing a strong theoretical foundation for CPS, differential dynamic logics have been instrumental in verifying many applications, including the Airborne Collision Avoidance System ACAS X, the European Train Control System ETCS, automotive systems, mobile robot navigation, and a surgical robotic system for skull-base surgery. Logic is the foundation to provably transfer safety guarantees about models to CPS implementations. This technology is also the key ingredient behind Safe AI for CPS.

-------

Please contact MPI-SWS office team for zoom link information

André Platzer is a Professor of Computer Science at Carnegie Mellon University. He develops the logical foundations of cyber-physical systems to characterize their fundamental principles and to answer the question how we can trust a computer to control physical processes. Dr. Platzer has a Ph.D. from the University of Oldenburg, Germany, received an ACM Doctoral Dissertation Honorable Mention and NSF CAREER Award, and was named one of the Brilliant 10 Young Scientists by the Popular Science magazine and one of the AI's 10 to Watch by the IEEE Intelligent Systems Magazine.

The Internet was meant to be neutral: treat all traffic the same, without discriminating in favor of specific apps, sites, or services. As commercial interests threaten this ideal, many countries have introduced neutrality regulations. Unfortunately, none of them are actually enforceable. In this talk, I will first discuss the challenge of inferring whether a network is neutral or not using solely external observations. Then, I will show that we can go beyond neutrality inference and reach network transparency, in which networks provide explicit hints that enable their users to reliably assess network behavior, including neutrality. Network transparency, however, requires exposing information about what traffic is seen where and when, which can hurt user privacy. I will close by looking at the important question of whether network transparency indeed must come at the cost of reduced anonymity for Internet users.

--

Please contact MPI-SWS Office Team for Zoom link information

Katerina is an associate professor of computer science at EPFL, where she does research on network architecture and systems, with a particular interest in network transparency and neutrality. She received an IRTF applied networking research prize (2020) and Best Paper awards at SOSP (2009) and NSDI (2014), all shared with her students and co-authors. She has been honored with the EuroSys Jochen Liedtke Young Researcher Award (2016) and three teaching awards at EPFL. Prior to EPFL, she worked at Arista Networks from day one, and received her PhD from Stanford (2007)

Don't we all dream of the perfect assistant whom we can just tell what to do and the assistant can figure out how to accomplish the tasks? Formally, given a specification F(X,Y) over the set of input variables X and output variables Y, we want the assistant, aka functional synthesis engine, to design a function G such that (X,Y=G(X)) satisfies F. Functional synthesis has been studied for over 150 years, dating back Boole in 1850's and yet scalability remains a core challenge. Motivated by progress in machine learning, we design a new algorithmic framework Manthan, which views functional synthesis as a classification problem, relying on advances in constrained sampling for data generation, and advances in automated reasoning for a novel proof-guided refinement and provable verification. On an extensive and rigorous evaluation over 609 benchmarks, we demonstrate that Manthan significantly improves upon the current state of the art, solving 356 benchmarks in comparison to 280, which is the most solved by a state of the art technique; thereby, we demonstrate an increase of 76 benchmarks over the current state of the art. The significant performance improvements, along with our detailed analysis, highlights several interesting avenues of future work at the intersection of machine learning, constrained sampling, and automated reasoning.

Please contact MPI-SWS office team for link information

Kuldeep Meel is the Sung Kah Kay Assistant Professor in the Computer Science Department of School of Computing at National University of Singapore. His research interests lie at the intersection of Formal Methods and Artificial Intelligence. He is a recipient of 2019 NRF Fellowship for AI, and was named AI's 10 to Watch by IEEE Intelligent Systems in 2020. His work received the 2018 Ralph Budd Award for Best PhD Thesis in Engineering, 2014 Outstanding Masters Thesis Award from Vienna Center of Logic and Algorithms and Best Student Paper Award at CP 2015. He received his Ph.D. (2017) and M.S. (2014) degree from Rice University, and B. Tech. (with Honors) degree (2012) in Computer Science and Engineering from Indian Institute of Technology, Bombay

We are seeing a persistent gap between the theoretical security of e.g. cryptographic algorithms and real world vulnerabilities, data-breaches and possible attacks. Software developers – despite being computer experts – are rarely security experts, and security and privacy are usually, at best, of secondary importance for them. They may not have training in security and privacy or even be aware of the possible implications, and they may be unable to allocate time or effort to ensure that security and privacy best practices and design principles are upheld for their end users. Understanding their education and mindsets, their processes, the tools that they use, and their pitfalls are the foundation for shifting development practices to be more secure. This talk will give an overview of security challenges for developers, and interdisciplinary research avenues to address these.

--

Please contact MPI-SWS Office team for link information.

Yasemin Acar is a Research Group Leader at MPI-SP, where she focuses on human factors in computer security. Her research centers humans, their comprehension, behaviors, wishes and needs. She aims to better understand how software can enhance users’ lives without putting their data at risk. Her recent focus has been on human factors in secure development, investigating how to help software developers implement secure software development practices. Her research has shown that working with developers on these issues can resolve problems before they ever affect end users. She was a visiting scholar at the National Institute for Standards and Technology in 2019, where she researched how users of smart homes want to have their security and privacy protected. She received the John Karat Usable Security and Privacy student Research Award for the community’s outstanding student in 2018. Her work has also been honored by the National Security Agency in their best cybersecurity paper competition 2016.

To establish software security at scale, we need efficient automated vulnerability discovery techniques that can run on thousands of machines. In this talk, we will discuss the abundant opportunities and fundamental limitations of fuzzing, one of the most successful vulnerability discovery techniques. We will explore why only an exponential number of machines will allow us to discover software bugs at a linear rate. We will discuss the kind of correctness guarantees that we can expect from automatic vulnerability discovery, anywhere from formally proving the absence of bugs to statistical claims about program correctness. We shall touch upon unexpected connections to ecological biostatistics and information theory which allow us to address long-standing scientific and practical problems in automatic software testing. Finally, we will take a forward looking view and discuss our larger vision for the field of software security.

--

Please contact MPI-SWS Office for Zoom link information

Marcel Böhme is a 2019 ARC DECRA Fellow and Senior Lecturer (A/Prof) at Monash University, Australia. He completed his PhD at National University of Singapore advised by Prof Abhik Roychoudhury in 2014. It followed a postdoctoral stint at the CISPA-Helmholtz Zentrum Saarbrücken with Prof. Andreas Zeller and a role as senior research fellow at the TSUNAMi Security Research Centre in Singapore. Marcel leads his group with a reproducibility policy (https://mboehme.github.io/manifesto), such that all tools and data are made available as open-source, and in some cases have been upstreamed for integration into popular fuzzers, such as AFL and LibFuzzer. His fuzzers discovered 100+ bugs in widely-used software systems, more than 60 of which are security-critical vulnerabilities registered as CVEs at the US National Vulnerability Database. His most recent fuzzer, Entropic, powers the two largest continuous fuzzing platforms at Google and Microsoft.

Software is everywhere, and almost everywhere, software is broken. Some bugs just crash your printer; others hand an identity thief your bank account number; still others let nation-states spy on dissidents and persecute minorities. This talk outlines my work preventing bugs using a blend of programming languages techniques and systems design. First, I'll talk about securing massive, security-critical codebases without clean slate rewrites. This means rooting out hard-to-find bugs---as in Sys, which scales symbolic execution to find exploitable bugs in systems like the twenty-million line Chrome browser. It also means proving correctness of especially vulnerable pieces of code---as in VeRA, which automatically verifies part of the Firefox JavaScript engine. Finally, I'll discuss work on stronger foundations for new systems---as in CirC, a recent project unifying compiler infrastructure for program verification, cryptographic proofs, optimization problems, and more.

--

Please contact MPI-SWS Office for link information

Fraser Brown is a PhD student at Stanford advised by Dawson Engler, occasional visiting student at UCSD with Deian Stefan, and NSF graduate research fellowship recipient. She works at the intersection of programming languages, systems, and security, and her research has been used by several companies. She holds an undergraduate degree in English from Stanford.

Building intelligent visual systems is essential for the next generation of artificial intelligence systems. It is a fundamental tool for many disciplines and beneficial to various potential applications such as autonomous driving, robotics, surveillance, augmented reality, to name a few. An accurate and efficient intelligent visual system has a deep understanding of the scene, objects, and humans. It can automatically understand the surrounding scenes. In general, 2D images and 3D point clouds are the two most common data representations in our daily life. Designing powerful image understanding and point cloud processing systems are two pillars of visual intelligence, enabling the artificial intelligence systems to understand and interact with the current status of the environment automatically. In this talk, I will first present our efforts in designing modern neural systems for 2D image understanding, including high-accuracy and high-efficiency semantic parsing structures, and unified panoptic parsing architecture. Then, we go one step further to design neural systems for processing complex 3D scenes, including semantic-level and instance-level understanding. Further, we show our latest works for unified 2D-3D reasoning frameworks, which are fully based on self-attention mechanisms. In the end, the challenges, up-to-date progress, and promising future directions for building advanced intelligent visual systems will be discussed.

--

Please contact MPI-SWS office for link information.

Dr. Hengshuang Zhao is a postdoctoral researcher at the University of Oxford. Before that, he obtained his Ph.D. degree from the Chinese University of Hong Kong. His general research interests cover the broad area of computer vision, machine learning and artificial intelligence, with special emphasis on building intelligent visual systems. He and his team won several champions in competitive international challenges like ImageNet Scene Parsing Challenge. He is recognized as outstanding/top reviewers in ICCV’19 and NeurIPS’19. He receives the rising star award at the world artificial intelligence conference 2020. Some of his research projects are supported by Microsoft, Adobe, Uber, Intel, and Apple. His works have been cited for about 5,000+ times, with 5,000+ GitHub credits and 80,000+ YouTube views.

Satisfying the growing demand for more compute as processor performance continues to stagnate in the post-Moore era requires radical changes throughout the systems stack. A proven strategy is to move from today’s general purpose platforms to post-Moore systems, specialized systems comprising tightly integrated and co-designed hardware and software components. Currently, designing and implementing these systems is a complex, laborious, and risky process, accessible to few and only practical for the most computing intensive applications. In this talk, I discuss the nascent challenges in building post-Moore systems and illustrate them through specific systems I have built. As a first step to address these challenges, I present Simbricks, a modular simulation framework that flexibly combines existing simulators for computers, custom hardware, and networks, into complete virtual post-Moore systems, enabling developers to compare and evaluate designs earlier and quicker. I conclude with a look towards future opportunities in abstractions, tooling, and methodology to further simplify the development of post-Moore systems.



Please contact MPI-SWS Office for link information.

Antoine Kaufmann is a research group leader at the Max Planck Institute for Software Systems (MPI-SWS). In his research, he builds computer systems at the intersection of software and hardware with a focus on performance and efficiency. Antoine received his PhD from the University of Washington in 2018, and his MSc and BSc from ETH Zürich in 2014 and 2012 respectively.

In this talk, I will describe a distributionally robust learning framework that offers accurate uncertainty quantification and rigorous guarantees under data distribution shift. This framework yields appropriately conservative yet still accurate predictions to guide real-world decision-making and is easily integrated with modern deep learning. I will showcase the practicality of this framework in applications on agile robotic control and computer vision. I will also introduce a survey of other real-world applications that would benefit from this framework for future work.

--

Please contact MPI-SWS Office for Zoom link information

Hongyang Zhang is a Postdoc fellow at Toyota Technological Institute at Chicago, hosted by Avrim Blum and Greg Shakhnarovich. He obtained his Ph.D. from CMU Machine Learning Department in 2019, advised by Maria-Florina Balcan and David P. Woodruff. His research interests lie in the intersection between theory and practice of machine learning, robustness and AI security. His methods won the championship or ranked top in various competitions such as the NeurIPS’18 Adversarial Vision Challenge (all three tracks), the Unrestricted Adversarial Examples Challenge hosted by Google, and the NeurIPS’20 Challenge on Predicting Generalization of Deep Learning. He also authored a book in 2017.

To create trustworthy AI systems, we must safeguard machine learning methods from catastrophic failures. For example, we must account for the uncertainty and guarantee the performance for safety-critical systems, like in autonomous driving and health care, before deploying them in the real world. A key challenge in such real-world applications is that the test cases are not well represented by the pre-collected training data. To properly leverage learning in such domains, we must go beyond the conventional learning paradigm of maximizing average prediction accuracy with generalization guarantees that rely on strong distributional relationships between training and test examples. In this talk, I will describe a distributionally robust learning framework that offers accurate uncertainty quantification and rigorous guarantees under data distribution shift. This framework yields appropriately conservative yet still accurate predictions to guide real-world decision-making and is easily integrated with modern deep learning. I will showcase the practicality of this framework in applications on agile robotic control and computer vision. I will also introduce a survey of other real-world applications that would benefit from this framework for future work.

--

Please contact MPI-SWS office team for Zoom link information

Anqi (Angie) Liu is a postdoctoral scholar research associate at the Department of Computing and Mathematical Sciences in the California Institute of Technology. She obtained her Ph.D. from the Department of Computer Science of the University of Illinois at Chicago. She is interested in machine learning for safety-critical tasks and the societal impact of AI. She aims to design principled learning methods and collaborate with domain experts to build more reliable systems for the real world. She has been selected for the EECS Rising Star in UC Berkeley 2020. Her publication appears in prestigious machine learning conferences like Neurips, ICML, ICLR, AAAI, and AISTAT.

Despite the phenomenal empirical successes of deep learning in many application domains, its underlying mathematical mechanisms remain poorly understood. Mysteriously, deep neural networks in practice can often fit training data perfectly and generalize remarkably well to unseen test data, despite highly non-convex optimization landscapes and significant over-parameterization. Moreover, deep neural networks show extraordinary ability to perform representation learning: feature representation extracted from a trained neural network can be useful for other related tasks.

In this talk, I will present our recent progress on building the theoretical foundations of deep learning, by opening the black box of the interactions among data, model architecture, and training algorithm. First, I will show that gradient descent on deep linear neural networks induces an implicit regularization effect towards low rank, which explains the surprising generalization behavior of deep linear networks for the low-rank matrix completion problem. Next, turning to nonlinear deep neural networks, I will talk about a line of studies on wide neural networks, where by drawing a connection to the neural tangent kernels, we can answer various questions such as how training loss is minimized, why trained network can generalize, and why certain component in the network architecture is useful; we also use theoretical insights to design a new simple and effective method for training on noisily labeled datasets. Finally, I will analyze the statistical aspect of representation learning, and identify key data conditions that enable efficient use of training data, bypassing a known hurdle in the i.i.d. tasks setting.

--

Please contact the MPI-SWS office team for link information.

Wei Hu is a PhD candidate in the Department of Computer Science at Princeton University, advised by Sanjeev Arora. Previously, he obtained his B.E. in Computer Science from Tsinghua University. He has also spent time as a research intern at research labs of Google and Microsoft. His current research interest is broadly in the theoretical foundations of modern machine learning. In particular, his main focus is on obtaining solid theoretical understanding of deep learning, as well as using theoretical insights to design practical and principled machine learning methods. He is a recipient of the Siebel Scholarship Class of 2021.

Failures of machine learning systems can threaten both the security and privacy of their users. My research studies these failures from an adversarial perspective, by building new attacks that highlight critical vulnerabilities in the machine learning pipeline, and designing new defenses that protect users against identified threats. In the first part of this talk, I'll explain why machine learning models are so vulnerable to adversarially chosen inputs. I'll show that many proposed defenses are ineffective and cannot protect models deployed in overtly adversarial settings, such as for content moderation on the Web. In the second part of the talk, I'll focus on the issue of data privacy in machine learning systems, and I'll demonstrate how to enhance privacy by combining techniques from cryptography, statistics, and computer security.

--

Please contact MPI-SWS Office for link information

Florian Tramèr is a PhD student at Stanford University advised by Dan Boneh. His research interests lie in Computer Security, Cryptography and Machine Learning security. In his current work, he studies the worst-case behavior of Deep Learning systems from an adversarial perspective, to understand and mitigate long-term threats to the safety and privacy of users. Florian is supported by a fellowship from the Swiss National Science Foundation and a gift from the Open Philanthropy Project.

Software bugs are pervasive and costly.  As a result, developers spend the majority of their time debugging their software.  Traditionally, debugging involves inspecting and tracking the runtime behavior of a program.  Alas, program inspection is computationally expensive, especially when employing powerful techniques such as dynamic information flow tracking, data-race detection, and data structure invariant checks.  Moreover, debugging logic is difficult to specify correctly.  Current tools (e.g., gdb, Intel Pin) allow developers to write debugging logic in an imperative inline programming model that mirrors the programming style of traditional software.  So, debugging logic faces the same challenges as traditional software, including concurrency, fault handling, dynamic memory, and extensibility.  In general, specifying debugging logic can be as difficult as writing the program being debugged!

In this talk, I will describe a new data-centric debugging framework that alleviates the performance and specification limitations of current debugging models.  The key idea is to use deterministic record and replay to treat a program execution as a massive data object consisting of all program states reached during the execution.  In this framework, developers can express common debugging tasks (e.g., tracking the value of a variable) and dynamic analyses (e.g., data-race detection) as queries over an execution's data object.  My research explores how a data-centric model enables large-scale parallelism to accelerate debugging queries (JetStream and SledgeHammer) and relational query models to simplify the specification of debugging logic (SledgeHammer and the OmniTable Query Model).

--

Please contact MPI-SWS office for Zoom link information

Andrew Quinn is a sixth-year graduate student at the University of Michigan working with Jason Flinn and Baris Kasikci.  He received an NSF fellowship (2017) and an MSR fellowship (2017).  His research investigates systems, tools, techniques to make software more reliable.  His dissertation focuses on solutions that help developers better understand their software for tasks such as debugging, security forensics, and data provenance.  In addition, he has recently been working on solutions to improve the reliability of applications that use emerging hardware, including persistent memory, heterogeneous systems, and edge computing.

Before Michigan, Andrew attended Dension University where received degrees in Computer Science and Mathematics.  Between his undergraduate and Ph.D. studies, he worked as a software engineer at IBM.  When not working, Andrew is likely wrestling with his dogs, enjoying a long run around Ann Arbor MI, or baking something sweet.

Conversations are central to our social systems. Understanding how conversationalists navigate through them could unlock great improvements in domains like public health, where the provision of social support is crucial. To this end, I develop computational frameworks that can capture and systematically examine aspects of conversations that are difficult, interesting and meaningful for conversationalists and the jobs they do. Importantly, these frameworks aim to yield actionable understandings—ones that reflect the choices that conversationalists make and their consequences, beyond the inert linguistic patterns that are produced in the interaction.

Please contact MPI-SWS Office for link information.

Justine Zhang is a PhD Candidate in the Information Science department at Cornell University. She focuses on developing computational frameworks to study conversations. Her research engages with a wide range of fields, spanning natural language processing, computational social science, political science, psychological counseling, and economics. Previously, she completed a bachelor's degree in computer science at Stanford University. She is a recipient of the Microsoft PhD Fellowship.

Graphs are widespread models for relations between entities. One of the fundamental problems when dealing with graphs is to decide isomorphism, i.e., to check whether two graphs are structurally identical. Even after decades of research, the quest for an efficient graph-isomorphism test still continues. In this talk, I will discuss the Weisfeiler-Leman (WL) algorithm as a powerful combinatorial procedure to approach the graph-isomorphism problem. The algorithm can be seen as a link between many research areas (the ""WL net""), including, for example, descriptive complexity theory, propositional proof complexity, and machine learning. I will present work regarding the two central parameters of the algorithm – its dimension and the number of iterations – and explore their connection to finite-model theory. I will also touch on some past and ongoing projects in other areas from the WL net.

--

Please contact MPI-SWS office team for link information.

Sandra Kiefer completed her undergraduate studies in Bioinformatics and Mathematics at Goethe University Frankfurt, with theses on the Graph Isomorphism Problem and the diameter of polytopes under the supervision of Nicole Schweikardt and Thorsten Theobald, respectively. During her Master’s studies in Mathematics, she further specialised in Group Theory and Combinatorial Optimisation, including one year at the University of Santander in Spain. After obtaining the M.Sc., she moved to RWTH Aachen University, where she has been working on combinatorial algorithms in the context of the Graph Isomorphism Problem under the supervision of Martin Grohe and Pascal Schweitzer. Her research visits to the Australian National University in Canberra and the University of Warsaw have led to collaborations with Brendan McKay and Mikołaj Bojańczyk. In addition to her research, she successfully completed an M.Ed. degree in Mathematics and Spanish.

Sandra obtained her Ph.D. in Computer Science in March 2020. As a postdoctoral researcher, she has continued her work at Martin Grohe’s chair at RWTH Aachen University and has established interdisciplinary collaborations broadening her field of research. She is currently on leave from RWTH Aachen on a temporary position at the University of Warsaw, where she engages in a continuation of her project on a higher-order functional programming language with Mikołaj Bojańczyk.

Deep learning today is successful in almost any domain of computer vision. The talk will revisit the seminal work of FlowNet to show how deep learning was applied to optical flow and led to a paradigm shift in this domain. Optical flow, disparity, motion and depth boundaries as well as uncertainty estimation with multi-hypothesis networks will be covered and it will be discussed how deep learned models could surpass traditional methods. Asking the more fundamental question what models we need in computer vision, the talk will then progress to recent deep-learned scene representation approaches such as the ones obtained by learned signed distance functions and NeRF and provide a perspective on how computer vision might change in the future.

--

Please contact the MPI-SWS office team for link information.

Eddy holds Master degrees from the University of Southern California in artificial intelligence and from the University of Freiburg in robotics and computer vision. He did his PhD under Thomas Brox and is known for his work on estimating optical flow with convolutional neural networks. Currently, Eddy is a senior research scientist in industry in the domain of augmented reality working on 3D reconstruction and neural scene representations with a focus on object reconstruction in the wild.

The success of today's hardware and software systems is due in part to a mature toolbox of techniques, like abstraction, that systems designers use to manage complexity. While powerful, these techniques are also subtly dangerous: they induce implicit trust relationships among system components and between related systems, presenting attackers with many opportunities to undermine the integrity of our hardware and software. This talk discusses an approach to building systems with precise control over trust, drawing on techniques from theoretical computer science. Making this approach practical is a challenge that requires innovation across the entire technology stack, from hardware to theory. I will present several examples of such innovations from my research and describe a few potential directions for future work.

--

Please contact MPI-SWS Office Team for link information

Riad S. Wahby is a Ph.D. candidate at Stanford, advised by Dan Boneh and Keith Winstein. His research interests include systems, computer security, and applied cryptography. Prior to attending Stanford, Riad spent ten years as an analog and mixed-signal integrated circuit designer. Riad and his collaborators received a 2016 IEEE Security and Privacy Distinguished Student Paper award; his work on hashing to elliptic curves is being standardized by the IETF.

Data is now everywhere: enormous amounts of data are produced and processed every day. Data is gathered,exchanged, and used extensively in computations that serve many purposes: e.g., computing statistics on populations, refining bidding strategies in ad auctions, improving recommendation systems, and making loan or hiring decisions. Yet, data is not always transacted and processed in a responsible manner. Data collection often happens without the data holders' consent, who may also not be compensated for their data. Privacy leaks are numerous, exhibiting a need for better privacy protections on personal and sensitive data. Data-driven machine learning and decision making algorithms have been shown to both mimic past bias and to introduce additional bias in their predictions, leading to inequalities and discrimination. In this talk, I will focus on my research on using data in a more responsible manner. The main focus of the talk will be on my work on the privacy issues that arise in data transactions and data-driven analysis, under the lens of a framework known as differential privacy. I will go over my work on designing transactions for data where we provide differential privacy guarantees to the individuals whose sensitive data we are buying and using in computations, and will focus on my recent work on providing differential privacy to agents in auction settings, where it is natural to want to protect the valuations and bids of said agents. I will also give a brief overview of the other directions that I have followed in my research, both on the optimization and economic challenges that arise when letting agents opt in and out of data sharing and compensating them sufficiently for their data contributions, and on how to reduce the disparate and discriminatory impact of data-driven decision-making.

--

Please contact MPI-SWS office team for Zoom link information

Juba Ziani is a Warren Center Postdoctoral Fellow at the University of Pennsylvania, hosted by Sampath Kannan, Michael Kearns, Aaron Roth, and Rakesh Vohra. Prior to this, he was a PhD student at Caltech in the Computing and Mathematical Sciences department, where he was advised by Katrina Ligett and Adam Wierman. Juba studies the optimization, game theoretic, economic, ethical, and societal challenges that arise from transactions and interactions involving data. In particular, his research focuses on the design of markets for data, on data privacy with a focus on "differential privacy", on fairness in machine learning and decision- making, and on strategic considerations in machine learning.

The network stack in today's operating systems is a remnant from a time when a server had a handful of cores and processed requests from a few thousand clients. It simply cannot keep up with the scale of modern servers and the requirements of modern applications. Specifically, real-time applications and high user expectations enforce strict performance requirements on the infrastructure. Further, there is a fundamental shift in the way hardware capacity scales from simply relying on Moore's law to deliver faster hardware every couple of years to leveraging parallel processing and task-specific accelerators. This talk covers innovations in three key components of the network stack. First, I will cover my work on scalable packet scheduling in software network stacks, improving the control of traffic outgoing from large-scale servers. Second, I will move on to my work on improving overload control for servers handling microsecond-scale remote procedure calls, providing better control over incoming traffic to large-scale servers. Then, the talk covers my work on Wide Area Network (WAN) congestion control, focusing on network-assisted congestion control schemes, where end-to-end solutions fail. The talk will conclude with a discussion of plans for future research in this area.

--

Please contact MPI-SWS office team for Zoom link information

Ahmed Saeed is a postdoctoral associate at MIT working with Prof. Mohammad Alizadeh. His research interests broadly cover the theory, design, and implementation of scalable computer networks and systems, including resource scheduling, congestion control, wireless networks, and cyber-physical systems. Before joining MIT, Ahmed received his PhD in computer science from Georgia Tech, where he was advised by Prof. Mostafa Ammar and Prof. Ellen Zegura. His PhD was partially supported by the Google PhD Fellowship in Systems and Networking. He received his bachelor's degree from Alexandria University in 2010.

Several major innovations in artificial intelligence (AI) (e.g. convolutional neural networks, experience replay) are based on findings about the brain. However, the underlying brain findings took many years to first consolidate and many more to transfer to AI. Moreover, these findings were made using invasive methods in non-human species. For cognitive functions that are uniquely human, such as natural language processing, there is no suitable model organism and a mechanistic understanding is that much farther away. In this talk, I will present my research program that circumvents these limitations by establishing a direct connection between the human brain and AI systems with two main goals: 1) to improve the generalization performance of AI systems and 2) to improve our mechanistic understanding of cognitive functions. Lastly, I will discuss future directions that build on these approaches to investigate the role of memory in meaning composition, both in the brain and AI. This investigation will lead to methods that can be applied to a wide range of AI domains, in which it is important to adapt to new data distributions, continually learn to perform new tasks, and learn from few samples.

Please contact MPI-SWS Office Team for link information

Mariya Toneva is a Ph.D. candidate in a joint program between Machine Learning and Neural Computation at Carnegie Mellon University, where she is advised by Tom Mitchell and Leila Wehbe. She received a B.S. in Computer Science and Cognitive Science from Yale University. Her research is at the intersection of Artificial Intelligence, Machine Learning, and Neuroscience. Mariya works on bridging language in machines with language in the brain, with a focus on building computational models of language processing in the brain that can also improve natural language processing systems.

LLVM is an industrial-strength compiler that's used for everything from day-to-day iOS development (in Swift) to pie-in-the-sky academic research projects. This makes the LLVM framework a sweet spot for bug-finding and verification technologies--any improvements to it are amplified across its many applications.

This talk asks the question: what does LLVM code _mean_, and, how can we ensure that LLVM-based tools (compilers, optimizers, code instrumentation passes, etc.) do what they're supposed to -- especially for safety- or security-critical applications? The Verified LLVM project (Vellvm) is our attempt to provide an answer. Vellvm gives a semantics to LLVM IR programs in the Coq interactive theorem prover, which can be used for developing machine-checkable formal properties about LLVM IR programs and transformation passes.

Our approach to modeling LLVM IR semantics uses _interaction trees_, a data structure that is suitable for representing impure, possibly nonterminating programs in dependent type theory. Interaction trees support compositional and modular reasoning about program semantics but are also executable, and hence useful for implementation and testing. We'll see how interaction trees are used in Vellvm and, along the way, we'll get a taste of what LLVM code looks like including some of its trickier semantic aspects. We'll also see (at a high level) how modern interactive theorem provers--in this case, Coq--can be used to verify compiler transformations.

No experience with LLVM or formal verification technologies will be assumed.

--

Please contact office for the Zoom details.

Dr. Zdancewic is a Full Professor and Associate Department Chair in Computer and Information Science at the University of Pennsylvania. He received his Ph.D. in Computer Science from Cornell University in 2002, and he graduated from Carnegie Mellon University with a B.S. in Computer Science and Mathematics in 1996. He is the recipient of an NSF Graduate Research Fellowship, an Intel fellowship, an NSF CAREER award, and a Sloan Fellowship. His numerous publications in the areas of programming languages and computer security include several best paper awards.

Dr. Zdancewic's research centers around using programming languages technology to help build secure and reliable software. He has worked on type-based enforcement of both information-flow and authorization policies, compiler techniques for ensuring memory safety of legacy C code, and, more recently, on using interactive theorem-proving technology to construct highly-trustworthy compiler optimization passes. His interests also include type theory and linear logics, and applications of those ideas.

This talk will be a survey of instances of the synthesis problem in distributed models with rendez-vous synchronization. I will talk about synthesis for distributed automata within the theory of Mazurkiewicz traces and about the simpler model of negotiation diagrams (aka as workflow nets). 

---

Please contact Office for Zoom details. 

-

Human Behavior Modeling and Understanding is a key challenge in the development of intelligent systems. In my talk I will describe a few of the projects that I have carried out over the course of the past 25 years to address this challenge. In particular, I will give an overview of my work on Smart Rooms (real-time facial expression recognition and visual surveillance), Smart Cars (driver maneuver recognition), Smart Offices (multi-modal office activity recognition), Smart Mobile Phones (boredom inference) and finally a Smart World (pandemics and specifically COVID-19). On this last area, I will share the lessons learned during the past 8 months as Commissioner to the President of the Valencian Government in Spain on AI and Data Science against COVID-19. It is a very special initiative of collaboration between the civil society at large (through the survey), the scientific community and a public administration (at the President level)

--

Please contact office for Zoom link details

Oliver, Nuria, PhD Co-founder and Vicepresident of ELLIS, The European Laboratory for Learning and Intelligent Systems Chief Data Scientist, Data-Pop Alliance, New York, USA and Spain Commissioner for the President of the Valencian Government on AI and Data Science against COVID-19

Nuria Oliver is Chief Data Scientist at Data-Pop Alliance, Chief Scientific Advisor at the Vodafone Institute, co-founder and vice-president of ELLIS (The European Laboratory for Learning and Intelligent Systems) and co-founder of the Alicante ELLIS Unit, devoted to research on "Human(ity)-centric Artificial Intelligence". She is a Telecommunications Engineer from the Universidad Politécnica de Madrid and holds a PhD in Artificial Intelligence from the Massachusetts Institute of Technology (MIT). In March 2020, she was named Commissioner for the President of the Valencian Region on AI Strategy and Data Science to fight Covid-19. Since then, she has led a team of with 20+ data scientists. She is an independent member of the Board of Directors at Bankia. She has over 25 years of research experience in the areas of human behavior modeling and prediction from data and human-computer interaction. She has been a researcher at Microsoft Research (Redmond, WA), the first female Scientific Director at Telefonica R&D for over 8 years and the first Director of Research in Data Science at Vodafone globally (2017-2019). Her work in the computational modeling of human behavior using Artificial Intelligence techniques, human-computer interaction, mobile computing and Big Data analysis - especially for the Social Good is well known with over 160 scientific publications that have received more than 18,000 citations and a ten best paper award nominations and awards. She is co-inventor of over 40 filed patents and she is a regular keynote speaker at international conferences. Her work has contributed to the improvement of services, the creation of new services, the definition of business strategies and the creation of new companies. Nuria is the only Spanish researcher recognized by the ACM as Distinguished Scientist (2015) and Fellow (2017) at the same time. She is also a Fellow of the IEEE (2017) and the European Association for Artificial Intelligence (2016). She has received an Honorary Doctorate from the Miguel Hernandez University (2018). Dr. Oliver is the youngest and fourth female member of the Spanish Royal Academy of Engineering (2018) and an elected member of the Academia Europaea (2016) and CHI Academy (2018), where she is the only Spanish scientist.

As an advisor, Dr. Oliver is a member of the scientific advisory committee of several European universities, the Gadea Ciencia Foundation, Mahindra Comviva and the Future Digital Society, among others. In addition, is/has been an advisor to the Spanish, Belgian and Valencian Governments, the European Commission and the World Economic Forum on issues related to Artificial Intelligence.

Dr. Oliver is a member of the program committee of the main international congresses in her research areas. She has also been a member of the organizing committee of 19 international conferences and is a member of the editorial committee of five international magazines.

Dr. Oliver's work has been recognized internationally with numerous awards. She graduated top of her class at the UPM and received the First National Telecommunications Award (1004). She is the first Spanish scientist to receive the MIT TR100 (today TR35) Young Innovator Award (2004) and the Rising Talent award by the Women's Forum for the Economy and Society (2009). She has been awarded Data Scientist of the Year in Europe (2019), Engineer of the Year Award by the COIT (2018), the Medal for Business and Social Merit by the Valencian Government (2018), the European Digital Woman of the Year award (2016) and the Spanish National Computer Science Award (2016).

She has been named one of the top 11 Artificial Intelligence influencers worldwide by Pioneering Minds (2017), one of Spanish wonderful minds in technology by EL PAIS newspaper (2017), "an outstanding female director in technology" (El PAIS, 2012), one of "100 leaders for the future" (Capital, 2009) and one of the "40 youngsters who will mark the next millennium" (El PAIS, 1999).

Nuria firmly believes in the value of technology to improve the quality of people, both individually and collectively, and dedicates her professional life to achieving it.

Her passion is to improve people's quality of life, both individually and collectively, through technology. She is also passionate about scientific outreach. Hence, she regularly collaborates with the media (press, radio, TV) and gives non-technical talks about science and technology to broad audiences, and particularly to teenagers, with a special interest on girls. She has given talks to more than 10,000 adolescents, has contributed to the book "Digital natives do not exist" (Deusto, 2017) with the chapter "Digital scholars", has written articles for EL PAIS, The Guardian, TechCrunch among others and has been co -organizer of large congresses with thousands of attendees, such as the first TEDxBarcelona event dedicated to emerging education, the I and II International Congress on Artificial Intelligence and the I International Congress on Aging. Her talks on WIRED, TEDx and similar events have been viewed thousands of times. Twitter: @nuriaoliver

People who use modern technologies are inundated with content and information from many sources, including advertisements on the web, posts on social media, and (looking to the future) content in augmented or virtual reality. While these technologies are transforming our lives and communications in many positive ways, they also come with serious risks to users’ security, privacy, and the trustworthiness of content they see: the online advertising ecosystem tracks individual users and may serve misleading or deceptive ads, social media feeds are full of potential mis/disinformation, and emerging augmented reality technologies can directly modify users’ perceptions of the physical world in undesirable ways. In this talk, I will discuss several lines of research from our lab that explore these issues from a broad computer security and privacy perspective, leveraging methodologies ranging from qualitative user studies to systematic measurement studies to system design and evaluation. What unites these efforts is a key question: what can (or do) users believe about the content they receive through our existing and emerging technologies, and how can we design platforms and ecosystems more robust to these risks?

--

Contact SWS Office for Zoom link details

Franziska (Franzi) Roesner is an associate professor in the Paul G. Allen School of Computer Science & Engineering at the University of Washington, where she co-directs the Security and Privacy Research Lab. Her research focuses broadly on computer security and privacy for end users of existing and emerging technologies. For example, her work has studied contexts including the web, smartphones, sensitive user groups (e.g., journalists, survivors of human trafficking), emerging augmented reality (AR) and IoT platforms, and online mis/disinformation. She is the recipient of an MIT Technology Review "Innovators Under 35" Award, an Emerging Leader Alumni Award from the University of Texas at Austin, a Google Security and Privacy Research Award, and an NSF CAREER Award. She serves on the USENIX Security and USENIX Enigma Steering Committees. She received her PhD from the University of Washington in 2014 and her BS from UT Austin in 2008. Her website is at https://www.franziroesner.com.

People play a central role in the machine learning life cycle. Consequently, building machine learning systems that are reliable, trustworthy, and fair requires that relevant stakeholders—including developers, users, and the people affected by these systems—have at least a basic understanding of how they work. Yet what makes a system "intelligible" is difficult to pin down. Intelligibility is a fundamentally human-centered concept that lacks a one-size-fits-all solution. I will explore the importance of evaluating methods for achieving intelligibility in context with relevant stakeholders, ways of empirically testing whether intelligibility techniques achieve their goals, and why we should expand our concept of intelligibility beyond machine learning models to other aspects of machine learning systems, such as datasets and performance metrics.

--

Please contact Office for the Zoom details.

Jenn Wortman Vaughan is a Senior Principal Researcher at Microsoft Research, New York City. Her research background is in machine learning and algorithmic economics. She is especially interested in the interaction between people and AI, and has often studied this interaction in the context of prediction markets and other crowdsourcing systems. In recent years, she has turned her attention to human-centered approaches to transparency, interpretability, and fairness in machine learning as part of MSR's FATE group and co-chair of Microsoft’s Aether Working Group on Transparency. Jenn came to MSR in 2012 from UCLA, where she was an assistant professor in the computer science department. She completed her Ph.D. at the University of Pennsylvania in 2009, and subsequently spent a year as a Computing Innovation Fellow at Harvard. She is the recipient of Penn's 2009 Rubinoff dissertation award for innovative applications of computer technology, a National Science Foundation CAREER award, a Presidential Early Career Award for Scientists and Engineers (PECASE), and a handful of best paper awards. In her "spare" time, Jenn is involved in a variety of efforts to provide support for women in computer science; most notably, she co-founded the Annual Workshop for Women in Machine Learning, which has been held each year since 2006.

Human cooperation is fundamental to the success of our species. But emerging machine intelligence poses new challenges to human cooperation. This talk explores two interrelated problems: How can we humans cooperate *through* machines--that is, agree among ourselves on how machines should behave? And how can we cooperate *with* machines--that is, convince self-interested machines to cooperate with us. The talk will then propose an interdisciplinary agenda for understanding and improving our human-machine ecology.

--

Please contact SWS Office for Zoom details

Iyad Rahwan is a director of the Max Planck Institute for Human Development in Berlin, where he founded and directs the Center for Humans & Machines. He is also an honorary professor of Electrical Engineering and Computer Science at the Technical University of Berlin. Until June 2020, he was an Associate Professor of Media Arts & Sciences at the Massachusetts Institute of Technology (MIT). A native of Aleppo, Syria, Rahwan holds a PhD from the University of Melbourne, Australia.

On-demand ride-hailing platforms like Uber and Lyft are helping reshape urban transportation, by enabling car owners to become drivers for hire with minimal overhead. Such platforms are a multi-sided market and offer a rich space for studies with socio-economic implications. In this talk I am going to address two questions:

1. In the absence of coordination, what is the best course of action for a self-interested driver that wants to optimize his earnings?

2. In the presence of coordination, is it possible to maximize social welfare objectives in an environment where the objectives of the participants (drivers, customers and the platform) are (often) misaligned?

We will discuss the computational problems behind these problems and describe simple algorithmic solutions that work extremely well in practice. We will demonstrate the practical strength of our approaches with well-designed experiments on novel datasets we collected from such platforms. --- Please contact Office for the Zoom details.

Evimaria Terzi is a Professor of Computer Science at Boston University. Her work focuses on algorithmic problems in team formation, recommender systems and network applications. She joined BU in 2009 after being a Research Staff Member for two years at the IBM Almaden Research Center. She got her PhD in CS from the University of Helsinki (Finland), her MSc in CS from Purdue University (USA) and her BSc also in CS from the Aristotle University (Greece). Her research is funded by NSF as well as gifts from companies such as Microsoft, Google and Yahoo.

In this talk, we'll look together at some of the problems of today's data ecosystem, including issues of privacy, control, fairness, surveillance, and manipulation. We'll explore the ways in which various recent technologies can provide (partial) solutions to some of these woes, and we'll confront some of the limitations of technology. The discussion will expose a rich array of interesting research problems that bridge between computer science, law, economics, and beyond. -- Please contact Office for the Zoom details.

Katrina Ligett is an Associate Professor of Computer Science at the Hebrew University of Jerusalem, where she is also a member of the Federmann Center for the Study of Rationality, and the head of the program on Internet & Society. She previously was an Assistant Professor of Computer Science and Economics at Caltech. Katrina currently serves on the executive committee of the ACM Special Interest Group on Economics and Computation (sigecom) and is on the editorial board for Transactions on Economics and Computation (TEAC). She is currently the Program Chair for the Symposium on Foundations of Responsible Computing (FORC) 2021, and Program Co-Chair for the International Conference on Algorithmic Learning Theory (ALT) 2021. Her research interests include data privacy, algorithmic game theory, algorithmic fairness, and machine learning theory.

The generalization gap of a learning algorithm is the expected difference between its performance on the training data and its performance on fresh unseen test samples. Modern deep learning algorithms typically have large generalization gaps, as they use more parameters than the size of their training set. Moreover the best known rigorous bounds on their generalization gap are often vacuous.

In this talk we will see a new upper bound on the generalization gap of classifiers that are obtained by first using self-supervision to learn a complex representation of the (label free) training data, and then fitting a simple (e.g., linear) classifier to the labels. Such classifiers have become increasingly popular in recent years, as they offer several practical advantages and have been shown to approach state-of-art results.

We show that (under the assumptions described below) the generalization gap of such classifiers tends to zero as long as the complexity of the simple classifier is asymptotically smaller than the number of training samples. We stress that our bound is independent of the complexity of the representation that can use an arbitrarily large number of parameters. Our bound holds assuming that the learning algorithm satisfies certain noise-robustness (adding small amount of label noise causes small degradation in performance) and rationality (getting the wrong label is not better than getting no label at all) properties.  These conditions widely (and sometimes provably) hold across many standard architectures. We complement this result with an empirical study, demonstrating that our bound is non-vacuous for many popular representation-learning based classifiers on CIFAR-10 and ImageNet, including SimCLR, AMDIM and BigBiGAN.

The talk will not assume any specific background in machine learning, and should be accessible to a general mathematical audience. Joint work with Yamini Bansal and Gal Kaplun.

-

Abstract: Machine learning (ML) is driving many of our applications and life-changing decisions. Yet, it is often brittle and unstable, making decisions that are hard to understand or can be exploited. Tiny changes to an input can cause dramatic changes in predictions; this results in decisions that surprise, appear unfair, or enable attack vectors such as adversarial examples. Moreover, models trained on users' data can encode not only general trends from large datasets but also very specific, personal information from these datasets; this threatens to expose users' secrets through ML models or predictions. This talk positions differential privacy (DP) -- a rigorous privacy theory -- as a versatile foundation for building into ML much-needed guarantees of security, stability, and privacy. I first present PixelDP (S&P'19), a scalable certified defense against adversarial example attacks that leverages DP theory to guarantee a level of robustness against these attacks. I then present Sage (SOSP'19), a DP ML platform that bounds the cumulative leakage of secrets through models while addressing some of the most pressing challenges of DP, such as running out of privacy budget and the privacy-accuracy tradeoff. PixelDP and Sage are designed from a pragmatic, systems perspective and illustrate that DP theory is powerful but requires adaptation to achieve practical guarantees for ML workloads.

Roxana Geambasu is an Associate Professor of Computer Science at Columbia University and a member of Columbia's Data Sciences Institute. She joined Columbia in Fall 2011 after finishing her Ph.D. at the University of Washington. For her work in cloud and mobile data privacy, she received: an Alfred P. Sloan Faculty Fellowship, an NSF CAREER award, a Microsoft Research Faculty Fellowship, several Google Faculty awards, a "Brilliant 10" Popular Science nomination, the Honorable Mention for the 2013 inaugural Dennis M. Ritchie Doctoral Dissertation Award, a William Chan Dissertation Award, two best paper awards at top systems conferences, and the first Google Ph.D. Fellowship in Cloud Computing

In this talk I will describe how formal methods such as synthesis – automatically creating a system from a formal specification – can be leveraged to design robots, explain and provide guarantees for their behavior, and even identify skills they might be missing. I will discuss the benefits and challenges of synthesis techniques and will give examples of different robotic systems including modular robots, swarms and robots interacting with people.

Hadas Kress-Gazit is an Associate Professor at the Sibley School of Mechanical and Aerospace Engineering at Cornell University. She received her Ph.D. in Electrical and Systems Engineering from the University of Pennsylvania in 2008 and has been at Cornell since 2009. Her research focuses on formal methods for robotics and automation and more specifically on synthesis for robotics – automatically creating verifiable robot controllers for complex high-level tasks. Her group explores different types of robotic systems including modular robots, soft robots and swarms and synthesizes (pun intended) ideas from different communities such as robotics, formal methods, control, hybrid systems and computational linguistics. She received an NSF CAREER award in 2010, a DARPA Young Faculty Award in 2012, the Fiona Ip Li ’78 and Donald Li ’75 Excellence in teaching award in 2013, the senior faculty champion award in 2019, and the Kenneth A. Goldman ’71 Teaching Award in 2019. She lives in Ithaca with her partner and two kids.

In this talk, I will discuss an ambitious research program towards graph algorithms that work efficiently across many computational models. I will provide an overview of new results and techniques coming out of this research program. Results that will be discussed include edge connectivity (global minimum cut), vertex connectivity, and maximum matching. No background is required, except for some very basic graph algorithms.

-

Non-convex and discrete optimization problems are at the heart of many algorithmic tasks that arise in machine learning and other computing applications. A promising approach to solve such problems with provable guarantees is the sum-of-squares (SOS) meta-algorithm, which has been discovered multiple times across different disciplines including control theory, proof complexity, and quantum information.

My collaborators and I show in a sequence of recent works that for a wide range of optimization and estimation problems, this meta-algorithm achieves the best known provable guarantees, often improving significantly over all previous methods. For example, for mixtures of spherical Gaussians, we obtain guarantees that improve exponentially over the previous best ones and approach, for the first time, the information-theoretic limits. Remarkably, the SOS meta-algorithm achieves these guarantees without being tailored to this specific problem.

Moreover, we prove that for a rich class of problems, the guarantees that SOS achieves are best possible with respect to a restricted but very powerful model of computation. This result leads to the strongest known concrete lower bounds for NP-complete problems.

Taken together these results point toward a unified theory for efficient optimization and estimation centered around SOS that could change how we think about efficient computation in general.

-

Physical-layer programmability enables the network topology to be changed dynamically. In this talk, the speaker will make a case that cloud data center networks can be significantly easier to manage with physical-layer programmability. Three example network architectures will be shown as different use cases of this approach. ShareBackup enhances reliability through sharing backup switches efficiently network-wide, where a backup switch can be brought online instantaneously to recover from failures. Flat-tree solves the problem of choosing the right network topology for different cloud services by dynamically changing topological clustering characteristics of the network. OmniSwitch is a universal building block of data center networks that supports automatic device wiring and easy device maintenance. At the end of the talk, the speaker will briefly introduce an ongoing follow-up research that extends physical-layer programmability from data center networks to backbone networks.

Yiting Xia is a research scientist at Facebook, where she design and implement the Facebook network infrastructures. Before joining Facebook, she got the PhD degree from Rice University. Her past and ongoing research is on building novel networked systems using physical-layer programmability to enable faster transmission, better fault tolerance, and easier management.

Two important challenges in image and video understanding are designing more efficient deep Convolutional Neural Networks and learning models that are able to achieve higher-level understanding. In this talk, I will present some of my recent works towards tackling these challenges. Specifically, I will introduce the Octave Convolution [ICCV 2019], a plug-and-play replacement for the convolution operator that exploits the spatial redundancy of CNN activations and can be used without any adjustments to the network architecture. I will also present the Global Reasoning Networks [CVPR 2019], a new approach for reasoning over arbitrary sets of features of the input, by projecting them from a coordinate space into an interaction space where relational reasoning can be efficiently computed.  The two methods presented are complementary and achieve state-of-the-art performance on both image and video tasks. Aiming for higher-level understanding, I will also present our recent works on vision and language modeling, specifically our work on learning state-of-the-art image and video captioning models that are also able to better visually ground the generated sentences with [CVPR 2019] or without [arXiv 2019] explicit localization supervision. The talk will conclude with current research and a brief vision for the future.

Yannis Kalantidis was a research scientist at Facebook AI in California for the last three years. He got his PhD on large-scale visual search and clustering from the National Technical University of Athens in 2014. He was a postdoc and research scientist at Yahoo Research in San Francisco for from 2015 until 2017, leading the visual similarity search project at Flickr and participated in the Visual Genome dataset efforts with Stanford. At Facebook Research he was part of the video understanding group, conducting research on representation learning, video understanding and modeling of vision and language. He is further leading the Computer Vision for Global Challenges Initiative (cv4gc.org) that has organized impactful workshops at top venues like CVPR and ICLR. Personal website:  https://www.skamalas.com/

Machine learning increasingly supports consequential decisions  in health, lending, criminal justice or employment that affect the wellbeing of individual members or entire groups of our society. Such applications raise concerns about fairness, privacy violations and the long-term consequences of automated decisions in a social context. After a brief introduction to fairness in machine learning, I will highlight concrete settings with specific fairness or privacy ramifications and outline approaches to address them. I will conclude by embedding these examples into a broader context of socioalgorithmic systems and the complex interactions therein.

Niki Kilbertus is a final-year PhD student in the Cambridge-Tübingen program co-supervised by Bernhard Schölkopf and Carl Rasmussen. He is primarily interested in building socially beneficial, robust, and theoretically substantiated machine learning systems. Prior, Niki studied physics and mathematics at the University of Regensburg with research visits at Harvard and Stanford.

We live in a world where errors in computation are becoming ubiquitous and come from a wide variety of sources -- from unintentional soft errors in shrinking transistors to deliberate errors introduced by approximation or malicious attacks. Guaranteeing perfect functionality across a wide range of future systems will be prohibitively expensive. Error-Efficient computing offers a promising solution by allowing the system to make controlled errors. Such systems can be considered as being error-efficient: they only prevent as many errors as they need to for an acceptable user experience. Allowing the system to make errors can lead to significant resource (time, energy, bandwidth, etc.) savings. Error-efficient computing can transform the way we design hardware and software to exploit new sources of compute efficiency; however, excessive programmer burden and a lack of principled design methodologies have thwarted its adoption. My research addresses these limitations through foundational contributions that enable the adoption of error-efficiency as a first-class design principle by a variety of users and application domains. In this talk, I will show how my work (1) enables an understanding of how errors affect program execution by providing a suite of automated and scalable error analysis tools, (2) demonstrates how such an understanding can be exploited to build customized error-efficiency solutions targeted to low-cost hardware resiliency and approximate computing and (3) develops methodologies for principled integration of error-efficiency into the software design workflow.Finally, I will discuss future research avenues in error-efficient computing with multi-disciplinary implications in core disciplines (programming languages, software engineering, hardware design, systems) and emerging application areas (AI, VR, robotics, edge computing).

Radha is a doctoral candidate in Computer Science at the University of Illinois at Urbana-Champaign. Her research interests lie in the area of Computer Architecture and Systems. Radha’s dissertation work aims to build efficient computing systems that redefine "correctness"as producing results that are good enough to ensure an acceptable user experience. Radha’s research work has been nominated to the IBM Pat Goldberg Memorial Best Paper Award for 2019. She was among 20 people invited to participate in an exploratory workshop on error-efficient computing systems initiated by the Swiss National Science Foundation and is one of 200 young researchers in Math and Computer Science worldwide to be selected for the prestigious 2018 Heidelberg Laureate Forum. Radha was selected for the Rising Stars in EECS and the Rising Stars in Computer Architecture (RISC-A) workshops for the year 2019. Before joining the University of Illinois, Radha was a CPU/Silicon validation engineer at Intel where her work won a divisional award for key contributions in validating new industry standard CPU

Software testing remains the key technique for detection of functionality errors and vulnerabilities. Automated test generation typically involves searching in a huge input domain. Similarly many other software engineering activities such as software debugging and automated repair can be seen as large search problems. Despite advances in constraint solving and symbolic reasoning, major practical challenges in the use of automated testing and automated program repair, as opposed to manual testing and manual repair include (a) the lack of specifications, leading to problems such as overfitting patches and test-suite bias, and (b) learning curve in using these automated tools, leading to the lack of deployment. In this talk, I will present pragmatic solutions to address these challenges. Lack of specifications can be alleviated by implicitly exploiting lightweight specifications from comment-code inconsistencies, past program versions, or other program artifacts. Lack of deployment can be alleviated via systematic approaches towards collaborative bug finding. Such a collaborative approach can contribute to automated program repair as well as testing.

Shin Hwei Tan is a tenure-track Assistant Professor at Southern University of Science and Technology in Shenzhen, China. She obtained her PhD degree from National University of Singapore and her B.S (Hons) and MSc degree from University of Illinois at Urbana-Champaign, USA. Her main research interests are in automated program repair, software testing and search-based software engineering. She received the David J. Kuck Outstanding MSc Thesis Award and a Google Anita Borg Memorial Scholarship. She has served as PCs for several conferences (i.e., ICSE 2020, ASE 2019, FSE Tool Demos, ICSE 2019 SRC, ASE 2020, FSE 2020), and workshops (i.e., Genetic Improvement workshop at GECCO 2018, and the First International Workshop On Intelligent Bug Fixing (IBF) 2019). She also co-organized the 6th International Workshop on Genetic Improvement and proposed the 1st International Workshop on Automated Program Repair.

Learning is a predominant theme for any intelligent system, humans or machines. Moving beyond the classical paradigm of learning from past experience, e.g., supervised learning from given labels, a learner needs to actively collect exploratory feedback to learn the unknowns. Considerable challenges arise in such a setting, including sample complexity, costly and even outdated feedback.

In this talk, I will introduce our themed efforts on developing solutions to efficiently explore the unknowns and dynamically adjust to the changes through exploratory feedback. Specifically, I will first present our studies in leveraging special problem structures for efficient exploration. Then I will present our work on empowering the learner to detect and adjust to potential changes in the environment adaptively. Besides, I will also highlight the impact our research has generated in top-valued industry applications, including online learning to rank and interactive recommendation.

Qingyun Wu is a Ph.D. candidate in the Department of Computer Science, University of Virginia. Her research focuses on interactive online learning, including bandit algorithms, reinforcement learning, and their applications in real-world problems. Her research has appeared in multiple top-tier venues, including SIGIR, WWW, KDD, and NeurIPS; and her algorithms have been evaluated in several commercial systems in industry (including Yahoo news recommendation and Snapchat lens recommendation). Qingyun received multiple prestigious awards from the University of Virginia for her excellence in research, including the Virginia Engineering Foundation Fellowship and the Graduate Student Award for Outstanding Research. Her recent work on online learning to rank won the Best Paper Award of SIGIR'2019. She was also selected as one of the Rising Stars in EECS 2019.

The communication complexity of secure protocols is a fundamental question of the theory of computation and has important repercussions in the development of real-life systems. As an example, the recent surge in popularity of cryptocurrencies has been enabled and accompanied by advancements in the construction of more compact cryptographic machinery. In this talk we discuss how to meet the boundaries of compactness in cryptography and how to exploit succinct communication to construct systems with new surprising properties. Specifically, we consider the problem of computing functions on encrypted data: We show how to construct a fully-homomorphic encryption scheme with message-to-ciphertext ratio (i.e. rate) of 1 – o(1), which is optimal. Along the way, we survey the implication of cryptographic compactness in different contexts, such as proof systems, scalable blockchains, and fair algorithms.

Giulio Malavolta is currently a postdoc with a joint appointment at UC Berkeley and CMU. Prior to that he was a research fellow at the Simons Institute for the Theory of Computing and he completed his PhD at Friedrich-Alexander Universitat Erlangen-Nurnberg in 2019. His research interest spans the theory and the applications of cryptography and computer security and his work was published in leading venues in cryptography (CRYPTO, EUROCRYPT), theory of computation (FOCS) , and system security (S&P, CCS, NDSS).

A fundamental challenge of software testing is the statistically well-grounded extrapolation from program behaviors observed during testing. For instance, a security researcher who has run the fuzzer for a week has currently no means (i) to estimate the total number of feasible program branches, given that only a fraction has been covered so far, (ii) to estimate the additional time required to cover 10% more branches (or to estimate the coverage achieved in one more day, resp.), or (iii) to assess the residual risk that a vulnerability exists when no vulnerability has been discovered. Failing to discover a vulnerability, does not mean that none exists—even if the fuzzer was run for a week (or a year). Hence, testing provides no formal correctness guarantees.

In this talk, I establish an unexpected connection with the otherwise unrelated scientific field of ecology, and introduce a statistical framework that models Software Testing and Analysis as Discovery of Species (STADS). For instance, in order to study the species diversity of arthropods in a tropical rain forest, ecologists would first sample a large number of individuals from that forest, determine their species, and extrapolate from the properties observed in the sample to properties of the whole forest. The estimation (i) of the total number of species, (ii) of the additional sampling effort required to discover 10% more species, or (iii) of the probability to discover a new species are classical problems in ecology. The STADS framework draws from over three decades of research in ecological biostatistics to address the fundamental extrapolation challenge for automated test generation. Our preliminary empirical study demonstrates a good estimator performance even for a fuzzer with adaptive sampling bias—AFL, a state-of-the-art vulnerability detection tool. The STADS framework provides statistical correctness guarantees with quantifiable accuracy.

Marcel Böhme is 2019 ARC DECRA Fellow and Lecturer (Asst Prof) at the Faculty of IT at Monash University, Australia. He completed his PhD at the National University of Singapore advised by Prof Abhik Roychoudhury in 2014. It followed a postdoctoral stint at the CISPA-Helmholtz Zentrum Saarbrücken with Prof. Andreas Zeller and a role as senior research fellow at the TSUNAMi Security Research Centre in Singapore. Marcel's research is focused on automated vulnerability discovery, program analysis, testing, debugging, and repair of large software systems, where he investigates practical topics such as efficiency, scalability, and reliability of automated techniques via theoretical and empirical analysis. His high-performance fuzzers have discovered 100+ bugs in widely used software systems, more than 60 of which are security-critical vulnerabilities that are registered as CVEs at the US National Vulnerability Database.

In a cyber-physical system (CPS), a physical process is controlled by software running on a cyber platform. And there exists a strong interaction between the physical dynamics, the control software, the sensors and actuators, and the cyber resources (i.e., computation, communication, and memory resources). These systems are common in domains such as automotive, avionics, health-care, smart manufacturing, smart grid, among others. The state-of-practice is to design CPSs using a disjoint set of tools handling different design domains. Such a design methodology has proved to be inefficient with respect to resource usage and performance. In this talk, I will discuss how models from different engineering disciplines can be integrated to design efficient cyber-physical systems. In particular, I will show two use-cases. First, I will talk about a multi-resource platform consisting of high- and low-quality resources. Correspondingly, I will show that a cost-efficient switching control strategy can be designed exploiting heterogeneous resources and by effectively managing the interplay between control theory, scheduling and formal verification. Second, I will talk about the cyber-physical battery management systems (BMS) for high-power battery packs. I will specifically discuss the problem of cell balancing which is an important task of BMS. I will show how integrated modeling of the individual cells, battery architecture, control circuits, and cyber architecture, can lead to energy- and time-efficient scheduling for active cell balancing.

Debayan Roy is a final-year PhD student in the Department of Electrical and Computer Engineering at the Technical University of Munich, where he is being advised by Samarjit Chakraborty. He obtained his Bachelor’s degree from Jadavpur University in Electrical Engineering with First Class Honors, and his Master's degree in Communications Engineering from TU Munich with a High Distinction. His research interests are in the area of modeling, design, and verification of cyber-physical systems. His work has been recognized with the Best Paper Award at RTCSA 2017 and two Best Paper Nominations at DATE 2019 and DATE 2020, respectively.

Information systems have the potential to enhance or limit opportunities when mediating user interactions. They also have the potential to violate privacy by accumulating observational data into detailed user profiles or by exposing people in sensitive contexts. This talk will cover measures and mechanisms we have proposed for mitigating various threats to user well-being in online information ecosystems. In particular, I am going to focus on two contributions in the areas of algorithmic fairness and privacy. The first contribution demonstrates how to operationalize the notion of equity in the context of search systems and how to design optimization models that achieve equity while accounting for human cognitive biases. The second ties our empirical work on profiling privacy and data collection to concepts in data protection laws. Finally, I will discuss the necessity for a holistic approach to responsible technology, from studying different types of harms, through development of different types of interventions, up to taking a step back and refusing technologies that cannot be fixed by technical tweaks.

Asia J. Biega is a postdoctoral researcher in the Fairness, Accountability, Transparency, and Ethics in AI (FATE) Group at Microsoft Research Montréal. A common theme in her research is protecting user rights and well-being. Through interdisciplinary collaborations, she designs ethically, socially, and legally responsible information and social computing systems and studies how they interact with and influence their users. Before joining Microsoft Research, she completed her PhD summa cum laude at the Max Planck Institute for Informatics and Saarland University. Her doctoral work focused on the issues of privacy and fairness in search systems. She has published her work in leading information retrieval and data mining venues, and has been serving on the program committees of SIGIR, KDD, FAT*, and the senior program committee of SIGIR. Beyond academia, her perspectives and methodological approaches are informed by an industrial experience, including work on privacy infrastructure at Google and consulting Microsoft product teams on issues related to FATE and privacy.

Recent progress in systems verification have shown that verification techniques can scale to thousands of lines. It is time to ask whether verification can displace testing as an effective path to software correctness. The veribetrfs project is developing a verified high-performance storage system. A primary goal of the project is to reduce verification methodology to engineering practice. Veribetrfs is developed using the Iron★ methodology, a descendent of the Ironclad and IronFleet projects. So far, we have a key-value store with 100k iops performance and strong guarantees against data loss. This talk will give an overview of the methodology and describe how we have enhanced it in veribetrfs. 

Jon Howell is a distributed systems researcher with a focus on correctness and security. He was a principal contributor to the IronFleet verified distributed systems project, the Ironclad verified secure server project, the Embassies secure client computing project, and the FARSITE decentralized file system.

Program synthesis techniques aim to generate executable programs from some high-level of expression on user intent, such as logical specifications, examples, or naive reference implementation. This talk will survey different flavors of program synthesis and their applications across the entire software stack, ranging from computer end-users all the way to systems programmers. We will also illustrate how program synthesis is useful for addressing different concerns in software development, including functionality, correctness, performance, and security.

Isil Dillig (PhD, Stanford) is an Associate Professor of Computer Science at the University of Texas at Austin where she leads the UToPiA research group. Her main research area is programming languages, with a specific emphasis on static analysis, verification, and program synthesis. The techniques developed by her group aim to make software systems more reliable, secure, and easier to build. Dr. Dillig is a Sloan Fellow and a recipient of the NSF CAREER award. Her publications have received distinguished paper awards at top-tier conferences, such as PLDI, OOPSLA, ETAPS, and others. She has also served as co-chair of international conferences and workshops, such as, most recently, the 2019 Computer Aided Verification (CAV) conference.

WebAssembly is the first new language to be introduced to the Web ecosystem in over 20 years. Its official specification is given as a formal semantics, making the language a perfect target for further applications of formal methods. This talk highlights recent work which builds on this formal semantics, and discusses the ongoing development of WebAssembly's relaxed memory model, which is complicated by the language's inter-operation with JavaScript.

Conrad Watt is a PhD student at the University of Cambridge, supervised by Peter Sewell. His work focusses on the WebAssembly language, and he serves as an Invited Expert to the WebAssembly Working Group, assisting with the development of the language's relaxed memory model. He holds a Google Doctoral Fellowship in Programming Technology and Software Engineering.

Producing reliable systems software is a major challenge, plagued by the ubiquitous problems of shared mutable state, pointer aliasing, dynamic memory management, and subtle concurrency issues such as race conditions; even expert programmers struggle to tame the wide variety of reasons why their programs may not behave as they intended. Formal verification offers potential solutions to many of these problems, but typically at a very high price: the mathematical techniques employed are highly-complex, and difficult for even expert researchers to understand and apply.

The relatively-new Rust programming language is designed to help with the former problem: a powerful ownership type system requires programmers to specify and restrict their discipline for referencing heap locations, providing in return the strong guarantee (almost – the talk, and Rustbelt!) that code type-checked by this system will be free from dangling pointers, unexpected aliasing, race conditions and the like. While this rules out a number of common errors, the question of whether a program behaves as intended remains.

In this talk, I’ll give an overview of the Prusti project, which leverages Rust’s type system and compiler analyses for formal verification. By combining the rich information available about a type-checked Rust program with separate user-specification of intended behaviour, Prusti enables a user to verify functional correctness of their code without interacting with a complex program logic; in particular, specifications and all interactions with our implemented tool are at the level of abstraction of Rust expressions.

Alex Summers works broadly on program verification techniques and tools, specialising in imperative concurrent languages, and modular deductive verification. Alex obtained his PhD from Imperial College London, worked as a postdoc at Imperial College London and ETH Zurich, and then as a Senior Researcher (Oberassistent) at ETH Zurich. He currently coordinates the Viper and Prusti research projects. In March 2020 he will start a new position as Associate Professor at the University of British Columbia.

Epidemic processes can model anything that spreads. As such, they are a useful tool for studying not only human diseases, but also network attacks, chains of activation in the brain, the propagation of real or fake news, the spread of viral tweets, and other processes. In this talk, we investigate epidemics spreading on a graph in the presence of various forms of uncertainty. We present in particular a result about controlling the spread of an epidemic when there is uncertainty about who exactly is infected. We show first that neither algorithms nor results are robust to uncertainty. In other words, uncertainty fundamentally changes how we must approach epidemics on graphs. We also present two related results about learning the graph underlying an epidemic process when there is uncertainty about when people were infected or what infected them.

Jessica Hoffmann is a 5th-year PhD student at the University of Texas at Austin, working with Prof. Constantine Caramanis. Her areas of interest include epidemics, applied probability, graph algorithms, combinatorics, and robustness. She received her master's degree in Applied Mathematics from ENS Paris, and most recently was awarded second place in the George E. Nicholson Student Paper Competition. During her graduate studies, she revived and led for two years the Graduate Women in Computing association at UT Austin, which is still active to this day.

Cloud providers are nervous about recent research showing how Rowhammer attacks affect many types of DRAM including DDR4 and ECC-equipped DRAM.  Unfortunately, cloud providers lack a systematic way to test the DRAM present in their servers for the threat of a Rowhammer attack. Building such a methodology needs to overcome two difficult challenges: (1) devising a CPU instruction sequence that maximizes the rate of DRAM row activations on a given system, and (2) determining the adjacency of rows internal to DRAM. This talk will present an end-to-end methodology that overcomes these challenges to determine if cloud servers are susceptible to Rowhammer attacks. With our methodology, a cloud provider can construct worst-case testing conditions for DRAM.

We used our methodology to create worst-case DRAM testing conditions on the hardware used by a major cloud provider for a recent generation of its servers. Our findings show that none of the instruction sequences used in prior work to mount Rowhammer attacks create worst-case DRAM testing conditions. Instead, we construct an instruction sequence that issues non-explicit load and store instructions. Our new sequence leverages microarchitectural side-effects to ``hammer'' DRAM at a near-optimal rate on modern Skylake platforms. We also designed a DDR4 fault injector capable of reverse engineering row adjacency inside a DRAM device. When applied to our cloud provider's DIMMs, we find that rows inside DDR4 DRAM devices do not always follow a linear map.

Joint work with Lucian Cojocar (VU Amsterdam), Jeremie Kim, Minesh Patel, Onur Mutlu (ETH Zurich), Lily Tsai (MIT), and Alec Wolman (MSR)

Stefan Saroiu is a researcher in the Mobility and Networking Research group at Microsoft Research (MSR) in Redmond. Stefan's research interests span many aspects of systems and networks although his most recent work focuses on systems security. Stefan takes his work beyond publishing results. With his colleagues at MSR, he designed and built (1) the reference implementation of a software-based Trusted Platform Module (TPM) used in millions of smartphones and tablets, and (2) Microsoft Embedded Social, a cloud service aimed at user engagement in mobile apps that has 20 million users. Before joining MSR in 2008, Stefan spent three years as an Assistant Professor at the University of Toronto, and four months at Amazon.com as a visiting researcher where he worked on the early designs of their new shopping cart system (aka Dynamo). Stefan is an ACM Distinguished Member.

Online services, devices or secret services are constantly collecting data and meta-data from users. This data collection is mostly  used to target users or customise their services. However, as illustrated by the Cambridge Analytica case, data and technologies are more and  more used to manipulate, influence or shape people's opinions online, i.e. to "hack" our brains. In this context, it is urgent to develop the field of  "Cognitive security" in order to better comprehend these attacks and provide counter-measures.  This talk will introduce the concept of "Cognitive security". We will explore the different types of cognitive attacks and discuss possible research directions.

Claude Castelluccia, Research Director, Inria, head of the Privatics Group, co-founder of the UGA Data and cybersecurity institutes, member  of the Grenoble AI institute (MAIA). He is teaching at the University Grenoble Alps (CS and Law departments), Skema business school and SciencePo Paris. His current research interests include Data privacy, Surveillance, Cognitive security and Trusted and Ethical Algorithmic Decision Systems. https://team.inria.fr/privatics/claude-castelluccia/

How can we make better applications for social impact issues? For example, the combination of Human-Centered Design (HCD) and Data Science (DS) can be the answer to avoid biases in the collection of data with online-experiments and the analysis of small data. This presentation shows how we combine HCD and DS to design applications and analyze the collected data for Good.  We will focus mainly on the project: "Early screening of dyslexia using a language-independent content game and machine learning". With our two designed games (MusVis and DGames), we collected data sets (313 and 137 participants) in different languages (mainly Spanish and German) and evaluated them with machine learning classifiers. For MusVis, we mainly use content that refers to one single acoustic or visual indicator, while DGames content refers to generic content related to various indicators. Our results open the possibility of low-cost and early screening of dyslexia through the Web. In this talk, we will further address the techniques used from HCD and DS to reach these results. 

Maria Rauschenberger started her research by defining and integrating Usability and User Experience into different contexts in 2010. Her Ph.D. topic focuses on the early screening of dyslexia using a language-independent content game and machine learning. Her thesis supervisors are Prof. Dr. Ricardo Baeza-Yates and Prof. Dr. Luz Rello. Since January 2016, Maria is a member of the Web Science and Social Computing Group at the Universitat Pompeu Fabra in Barcelona, chaired by Carlos Castillo. Her excellent research has been awarded three times in a row with the fem:talent Scholarship from the University of Applied Science Emden/Leer, besides she received the prestigious German Reading Award in 2017. Her current research interest is about how to solve social issues with computer science techniques.

The performance of modern key-value servers or layer-7 load balancers often heavily depends on the efficiency of the underlying TCP stack. Despite numerous optimizations such as kernel-bypassing and zero-copying, performance improvement for TCP applications is fundamentally limited due to the protocol conformance overhead for compatible TCP operations.

In this talk, I will introduce AccelTCP, a hardware-assisted TCP stack architecture that harnesses programmable network interface cards (NICs) as a TCP protocol accelerator. AccelTCP can offload complex TCP operations such as connection setup and teardown completely to NIC, which frees a significant amount of host CPU cycles for application processing. In addition, for layer-7 proxies, it supports running connection splicing on NIC so that the NIC relays all packets of the spliced connections with zero DMA overhead. We showcase the effectiveness of AccelTCP with two real-world applications: (1) Redis, a popular in-memory key-value store, and (2) HAProxy, a widely-used layer-7 load balancer. Our evaluation shows that AccelTCP improves their performance by 2.3x and 11.9x, respectively.

YoungGyoun Moon is a Ph.D. candidate in KAIST under supervision of Prof. KyoungSoo Park. His research interests broadly lie in networked systems, including host networking stack, middleboxes, and programmable dataplane. He is a recipient of USENIX NSDI Best Paper Award in 2017. 

Recent research in automated software synthesis from specifications or observations has leveraged the power of SMT solvers in order to explore the space of synthesis conjectures efficiently. In most of this work, synthesis techniques are built around a backend SMT solver which is used as a black-box reasoning engine. In this talk, I will describe a successful multiyear research effort by the developers of the SMT solver CVC4 that instead incorporates synthesis capabilities directly within the solver, and the discuss the advances in performance and scope made possible by this approach.

Cesare Tinelli received a Ph.D. in Computer Science from the University of Illinois at Urbana-Champaign in 1999 and is a F. Wendell Miller Professor at the University of Iowa. His main research interests are in automated reasoning and their applications in formal methods. He has done seminal work in Satisfiability Modulo Theories (SMT), a subfield of automated reasoning he helped establish through his research and service activities. His research has appeared in more than 80 refereed publications and has been funded both by governmental agencies (AFOSR, AFRL, DARPA, NASA, NSF, and ONR) and corporations (Amazon, Intel, General Electric, Rockwell Collins, and United Technologies). He leads the development of the Kind 2 model checker and co-leads the development of the widely used and award winning CVC4 SMT solver. He is a founder and coordinator of the SMT-LIB initiative, an international effort aimed at standardizing benchmarks and I/O formats for SMT solvers. He is an associate editor of the Journal of Automated Reasoning and a co-founder of the SMT workshop series and the Midwest Verification Day series. He has served in the program committee of more than 70 automated reasoning and formal methods conferences and workshops, as well as the steering committee of CADE, ETAPS, FTP, FroCoS, IJCAR, and SMT. He was the PC chair of FroCoS’11 and a PC co-chair of TACAS’15. He has given invited talks or tutorials at CADE, CAV, ETAPS, FroCoS, HVC, NSV, TABLEAUX, VSTTE, and WoLLIC.

Learning technologies are becoming increasingly important in today's education. This includes game-based learning and simulations, which produce high volume output, and MOOCs (massive open online courses), which reach a broad and diverse audience at scale. The users of such systems often are of very different backgrounds, for example in terms of age, prior knowledge, and learning speed. Adaptation to the specific needs of the individual user is therefore essential. In this talk, I will present two of my contributions on modeling and predicting student learning in computer-based environments with the goal to enable individualization. The first contribution introduces a new model and algorithm for representing and predicting student knowledge. The new approach is efficient and has been demonstrated to outperform previous work regarding prediction accuracy. The second contribution introduces models, which are able to not only take into account the accuracy of the user, but also the inquiry strategies of the user, improving prediction of future learning. Furthermore, students can be clustered into groups with different strategies and targeted interventions can be designed based on these strategies. Finally, I will also describe lines of future research.

Tanja Käser is a senior data scientist at the Swiss Data Science Center (SDSC). Before joining the SDSC, she was as postdoctoral researcher at Stanford University. Tanja also worked as a postdoctoral researcher at ETH Zurich and as a consultant for Disney Research Zurich and Dybuster AG. She received her PhD in Computer Science from ETH Zurich; her thesis was distinguished with the Fritz Kutter Award of ETH Zurich. Tanja works in the field of artificial intelligence in education and is especially interested in modeling and predicting student thinking and learning to provide optimal computer-based learning environments.

Since introduction of the IEEE 754 floating point standard in 1985, numerical methods have become ubiquitous --- and increasingly sophisticated. With growing code complexity of numerical libraries grows the need for rigorous Software Engineering methodology: as provided by Computer Science and state of the art regarding digital processing of discrete data, but lacking in the continuous realm. We apply, adapt, and extend the classical concepts --- specification, algorithmics, analysis, complexity, verification --- from discrete bit strings, integers, graphs etc. to real numbers, converging sequences, smooth/integrable functions, bounded operators, and compact subsets: A new paradigm formalizes mathematical structures as continuous Abstract Data Types with rigorous Turing-computable semantics but without the hassle of actual Turing machines.

-

A growing number of domestic spaces incorporate products that collect data from cameras, microphones and other sensors, leading to privacy concerns. In this talk I report on two user studies performed to learn about perceptions of privacy and trust for sensor-enabled, connected devices such as smart home assistants. The study results suggest that users are more likely to trust devices with materially representative privacy status indicators. This means that the indicators themselves are part of what determines what sensing can take place. I will describe how we have applied the study results to the design of current devices and what the implications are for the physical design of future smart devices.

Time permitting, I will also talk about my other current passion -- design for additive manufacturing – and what researchers can do to ensure we reach the vastly exciting potential of this method of production. I will bring exotic 3D printed parts to help demonstrate my points.

Mary Baker is a senior technologist at HP Inc. in Palo Alto. Her research interests cover a broad range of areas where predicting and solving problems tangibly improves the experience people have with technology. Her research topics include mobile systems and applications, physical affordances for IoT privacy, digital preservation, authentication, and design and workflow for additive manufacturing. Before joining HP in 2003 she was on the faculty of the computer science department at Stanford University where she led the MosquitoNet and Mobile People Architecture projects and graduated 7 Ph.D. students. She received a Sloan Foundation Fellowship, an Okawa Foundation Grant, and an NSF CAREER Award. She is a founding member of the editorial board for IEEE Pervasive Computing, for which she also writes the popular "Notes from the Community" column. She received an A.B. in Mathematics and an M.S. and Ph.D. in Computer Science, all from the University of California at Berkeley.

Automated program repair is an emerging and exciting field of research, which allows for automated rectification of errors and vulnerabilities. The use of automated program repair can be myriad, such as (a) improving programmer productivity (b) automated fixing of security vulnerabilities as they are detected, (c) self-healing software for autonomous devices such as drones, as well as (d) use of repair in introductory programming education by grading and providing hints for programming assignments. One of the key technical challenges in achieving automated program repair, is the lack of formal specifications of intended program behavior. In this talk, we will conceptualize the use of symbolic execution approaches and tools for extracting such specifications. This is done by analyzing a buggy program against selected tests, or against reference implementations. Such specification inference capability can be combined with program synthesis techniques to automatically repair programs. The capability of specification inference also serves a novel use of symbolic execution beyond verification and navigation of large search spaces. Automated program repair via symbolic execution goes beyond search-based approaches which attempt to lift patches from elsewhere in the program. Such an approach can construct "imaginative" patches, serves as a test-bed for the grand- challenge of automated programming, and contributes to the vision of trustworthy self-healing software. Towards the end of the talk, we can put the research on automated repair in light of the overall practice of software security, by sharing some experiences gained at the Singapore Cyber-security Consortium.

Abhik Roychoudhury is a Professor of Computer Science at the National University of Singapore. He is the Director of the National Satellite of Excellence in Trustworthy Software Systems at Singapore (2019-23). He helped establish, and is leading the Singapore Cyber-security Consortium, which is a consortium of more than 40 companies engaging with academia for research, translation and collaboration in cyber-security. His research focuses on software testing and analysis, software security and trust-worthy software construction. He has advised on secure and smart cyber- space in different capacities, including being an industry advisory board member of the London Office for Rapid Cyber-security Advancement (LORCA) since 2018. He has been a keynote speaker at several conferences, and serves in the Steering Committee of ACM International Symposium on Software Testing and Analysis (ISSTA). He is General Chair of the upcoming ACM SIGSOFT Symposium on Foundations of Software Engineering (FSE) 2022. His former doctoral students have been placed at universities all over the world (including Peking University, Monash, and University College London) as academics and have received recognition for their doctoral research including an ACM SIGSOFT Outstanding Doctoral Dissertation Award. Abhik received his Ph.D. in Computer Science from the State University of New York at Stony Brook in 2000.

The spread of fake news was one of the most discussed characteristics of the 2016 U.S. Presidential Election. The concerns regarding fake news have garnered significant attention in both media and policy circles, with some journalists even going as far as claiming that results of the 2016 election were a consequence of the spread of fake news. Yet, little is known about the prevalence and focus of such content, how its prevalence changed over time, and how this prevalence related to important election dynamics. In this talk, I will address these questions by examining social media, news media, and interview data. These datasets allow examining the interplay between news media production and consumption, social media behavior, and the information the electorate retained about the presidential candidates leading up to the election.

-

In the last two decades, automation has had a significant impact on software testing and analysis. Automated testing techniques, such as symbolic execution, concolic testing, and feedback-directed fuzzing, have found numerous critical faults, security vulnerabilities, and performance bottlenecks in mature and well-tested software systems. The key strength of automated techniques is their ability to quickly search state spaces by performing repetitive and expensive computational tasks at a rate far beyond the human attention span and computation speed. In this talk, I will give a brief overview of our past and recent research contributions in automated test generation using symbolic execution, program analysis, constraint solving, and fuzzing. I will also describe a new technique, called constraint-directed fuzzing, where given a pre-condition on a program as a logical formula, we can efficiently generate millions of test inputs satisfying the pre-condition.

Koushik Sen is a professor in the Department of Electrical Engineering and Computer Sciences at the University of California, Berkeley. His research interest lies in Software Engineering, Programming Languages, and Formal methods. He is interested in developing software tools and methodologies that improve programmer productivity and software quality. He is best known for his work on "DART: Directed Automated Random Testing" and concolic testing. He has received a NSF CAREER Award in 2008, a Haifa Verification Conference (HVC) Award in 2009, a IFIP TC2 Manfred Paul Award for Excellence in Software: Theory and Practice in 2010, a Sloan Foundation Fellowship in 2011, a Professor R. Narasimhan Lecture Award in 2014, an Okawa Foundation Research Grant in 2015, and an ACM SIGSOFT Impact Paper Award in 2019. He has won several ACM SIGSOFT Distinguished Paper Awards. He received the C.L. and Jane W-S. Liu Award in 2004, the C. W. Gear Outstanding Graduate Award in 2005, and the David J. Kuck Outstanding Ph.D. Thesis Award in 2007, and a Distinguished Alumni Educator Award in 2014 from the UIUC Department of Computer Science. He holds a B.Tech from Indian Institute of Technology, Kanpur, and M.S. and Ph.D. in CS from University of Illinois at Urbana-Champaign.

The ongoing shift of enterprise computing to the cloud provides an opportunity to rethink operating systems for this new setting. I will discuss two specific technologies, kernel bypass for high performance networking and low latency non-volatile storage, and their implications for operating system design. In each case, delivering the performance of the underlying hardware requires novel approaches to the division of labor between hardware, the operating system kernel, and the application library.

-

Software-defined Networks and programmable data-planes represent a shift in networking paradigm, which enables novel applications. Despite the growing interest and adoption of SDNs, SDNs remain plagued with availability and performance problems. In this talk, I discuss recent and ongoing work by my group to analyze these paradigms and create systematic abstractions that provide control over performance and availability. First, I will discuss Tardis a system that improves fault tolerance by leveraging the novel programmability provided by SDNs to identify and transform the failure-inducing event(s). Second, I will discuss a pair of projects, Hermes and SCC, that revisits traditional storage principles and applies them to network updates. Through this work, I will demonstrate how the centralization and programmability offered by SDNs enables us to more systematically reason about traditional networking issues such as availability and performance.

Theo is an assistant professor in the Department of Computer Science at Brown University. His group works on designing frameworks and algorithms for solving practical networking problems with an emphasis on speeding up the internet, improving network reliability,  and simplifying network management.  He has won multiple awards including best paper awards, an applied network research prize, various Yahoo! and Facebook Faculty Awards, and an NSF Career award.

Multiprocessor Systems-on-Chip (MPSoC) integrating hard processing cores with programmable logic (PL) are becoming increasingly common. While these platforms have been originally designed for high performance computing applications, their rich feature set can be exploited to efficiently implement mixed criticality domains serving both critical hard real-time tasks, as well as soft real-time tasks.

In this talk, we show how one can tailor these MPSoCs to support a mixed criticality system, where cores are strictly isolated to avoid contention on shared resources such as Last-Level Cache (LLC) and main memory. We present and discuss a set of software and hardware techniques to improve the predictability using a modern MPSoC platform. We evaluate our techniques using an image processing application and show the maximum supported processing frequency.

Giovani Gracioli received his Ph.D. in Automation and Systems Engineering from the Federal University of Santa Catarina (UFSC), Brazil in 2014. Since 2013, he is assistant professor at UFSC. From 2017 to 2018, he has been a visiting professor in the Department of Electrical and Computer Engineering at the University of Waterloo, Canada. Currently, Giovani Gracioli is a research associate at the Technical University of Munich, Germany. His research interests include real-time, embedded, and operating systems.

As deep learning research pushes towards using larger and more sophisticated models, system infrastructure must use many GPUs efficiently. Analyzing the dataflow graph that represents the DNN computation is a promising avenue for optimization. By specializing execution for a given dataflow graph, we can accelerate DNN computation in ways that are transparent to programmers. In this talk, I show the benefits of dataflow graph analysis by discussing two recent systems that we've built to support large model training and low-latency inference. To train very large DNN models, Tofu automatically re-writes a dataflow graph of tensor operators into an equivalent parallel graph in which each original operator can be executed in parallel across multiple GPUs.  To achieve low-latency inference, Batchmaker discovers identical sub-graph computation among different requests to enable batched execution of requests arriving at different times. 

Jinyang Li is a professor of computer science at New York University.  Her research is focused on developing better system infrastructure to accelerate machine learning and web applications. Most recently, her group has released DGL, an open-source library for programming graph neural networks.  Her honors include a NSF CAREER award, a Sloan Research Fellowship and multiple Google research awards.  She received her B.S. from National University of Singapore and her Ph.D. from MIT, both in Computer Science.

Recent AI advances have been driven by high-quality input data, often labeled by human annotators. A fundamental challenge in eliciting high-quality information from humans is that there is often no way to directly verify the quality of the information they provide. Consider, for example, product reviews and marketing surveys where data is inherently subjective, environmental community sensing where data is highly localized, and geopolitical forecasting where the ground truth is revealed in the distant future. In these settings, data elicitation has to rely on peer-consistency mechanisms, which incentivize high-quality reporting by examining the consistency between the reports of different data providers. In this talk, I will discuss some of the recent advances in peer-consistency designs. Furthermore, I will outline some thoughts on an agenda around the design of human-AI collaborative systems.

Goran Radanovic is a postdoctoral researcher at Harvard University, where he works on problems related to human-AI collaboration, value-aligned artificial intelligence, and social computing. His research particularly focuses on incentive mechanism design, reinforcement learning with humans, and algorithmic fairness. He received his Ph.D. in Computer Science from the Swiss Federal Institute of Technology in Lausanne (EPFL) in 2016. He is a recipient of the Early Postdoc Mobility Fellowship (2016-2018) from the Swiss National Science Foundation, and was awarded with an EPFL Ph.D. Distinction for an outstanding dissertation in 2017.

Secure Multi-Party Computation (MPC) allows mutually distrusting parties to run joint computations without revealing private data. Current MPC algorithms scale poorly with data size, which makes MPC on "big data" prohibitively slow and inhibits its practical use. Many relational analytics queries can maintain MPC’s end-to-end security guarantee without using cryptographic MPC techniques for all operations. Conclave is a query compiler that accelerates such queries by transforming them into a combination of data-parallel, local cleartext processing and small MPC steps. When parties trust others with specific subsets of the data, Conclave applies new hybrid MPC-cleartext protocols to run additional steps outside of MPC and improve scalability further. Our Conclave prototype generates code for cleartext processing in Python and Spark, and for secure MPC using the Sharemind and Obliv-C frameworks. Conclave scales to data sets between three and six orders of magnitude larger than state-of-the-art MPC frameworks support on their own. Thanks to its hybrid protocols and additional optimizations, Conclave also substantially outperforms SMCQL, the most similar existing system.

-

In 2012, Herbelin developed a calculus (dPAω) in which constructive proofs for the axioms of countable and dependent choices can be derived via the memoization of choice functions However, the property of normalization (and therefore the one of soundness) was only conjectured. The difficulty for the proof of normalization is due to the simultaneous presence of dependent dependent types (for the constructive part of the choice), of control operators (for classical logic), of coinductive objects (to encode functions of type ℕ→A into streams (a₀,a₁,…)) and of lazy evaluation with sharing (for these coinductive objects). Building on previous works, we introduce a variant of dPAω presented as a sequent calculus. On the one hand, we take advantage of a variant of Krivine classical realizability we developed to prove the normalization of classical call-by-need. On the other hand, we benefit of dLtp, a classical sequent calculus with dependent types in which type safety is ensured using delimited continuations together with a syntactic restriction. By combining the techniques developed in these papers, we manage to define a realizability interpretation à la Krivine of our calculus that allows us to prove normalization and soundness. This talk will go over the whole process, starting from Herbelin’s calculus dPAω until the introduction of its sequent calculus counterpart dLPAω that we prove to be sound.

I am Étienne Miquey, currently doing a post-doc in the INRIA team Gallinette (in Nantes) where I mainly work with Guillaume Munch-Maccagnoni. Previously, I was a PhD student under the co-supervision of Hugo Herbelin (in the IRIF laboratory, Paris) and Alexandre Miquel (in the Mathematical Institute of the Faculty of Engineering of Montevideo). I am mainly interested in the computational content of proofs through the Curry-Howard correspondence, and especially in classical logic.

Recognizing that applications (whether in mobile, desktop, or server environments) are rarely executed in isolation today, I will discuss some practical challenges in making best use of available hardware and our approach to addressing these challenges. I will describe two independent and complementary control mechanisms using low-overhead hardware performance counters that we have developed: a sharing- and resource-aware mapper (SAM) to effect task placement with the goal of localizing shared data communication and minimizing resource contention based on the offered load; and an application parallelism manager (MAPPER) that controls the offered load with the goal of improving system parallel efficiency. If time permits, I will also outline our work on streamlining instruction memory management and address translation to eliminate redundancy and improve efficiency, especially in mobile environments. Our results emphasize the need for low-overhead monitoring of application behavior under changing environmental conditions in order to adapt to environment and application behavior changes.

Sandhya Dwarkadas is the Albert Arendt Hopeman Professor of Engineering, and Professor and Chair of Computer Science with a secondary appointment in Electrical and Computer Engineering, at University of Rochester, where she has been on the faculty since 1996. She received her Bachelor's degree from the Indian Institute of Technology, Madras, India, and her M.S. and Ph.D. from Rice University. She is a fellow of the ACM and IEEE. She is also a member of the board and steering committee for the computing Research Association's Committee on the Status of Women in Computing Research (CRA-W). Her areas of research interest include parallel and distributed computing, computer architecture and the interaction and interface between the compiler, runtime/operating system, and underlying architecture. Her research lies at the intersection of computer hardware and software with a particular focus on support for parallelism. She has made fundamental contributions to the design and implementation of shared memory both in hardware and in software, and to hardware and software energy- and resource-aware configurability. URL: http://www.cs.rochester.edu/u/sandhya

The notion of edge computing introduces new computing functions away from centralized locations and closer to the network edge and thus facilitating new applications and services. This enhanced computing paradigm is provides new opportunities to applications developers, not available otherwise. In this talk, I will discuss why placing computation functions at the extreme edge of our network infrastructure, i.e., in wireless Access Points and home set-top boxes, is particularly beneficial for a large class of emerging applications. I will discuss a specific approach, called ParaDrop, to implement such edge computing functionalities, and use examples from different domains -- smarter homes, sustainability, and intelligent transportation -- to illustrate the new opportunities around this concept.

-

A sliding window algorithm for a language L receives a stream of symbols and has to decide at each time step whether the suffix of length n belongs to L or not. The window size n is either a fixed number (in the fixed-size model) or can be controlled online by an adversary (in the variable-size model). In this talk we give a survey on recent results for deterministic and randomized sliding window algorithms for regular languages.

Moses Ganardi is a PhD student in Computer Science at the University of Siegen, Germany, under the supervision of Prof. Dr. Markus Lohrey. His main research interests are formal languages and automata, and their applications in the context of streaming algorithms. He received his B.Sc. degree in Computer Science and Mathematics, in 2011 and 2012, respectively, and his M.Sc. degree in Computer Science in 2013 from the RWTH Aachen, Germany.

The last few years have seen a surge of decision problems with an astronomical, non primitive-recursive complexity, in logic, verification, and games. While the existence of such uncontrived problems is known since the early 1980s, the field has matured with techniques for proving complexity lower and upper bounds and the definition of suitable complexity classes. This framework has been especially successful for analysing so-called `well-structured systems'---i.e., transition systems endowed with a well-quasi-order, which underly most of these astronomical problems---, but it turns out to be applicable to other decision problems that resisted analysis, including two famous problems: reachability in vector addition systems and bisimilarity of pushdown automata. In this talk, I will explain how some of these techniques apply to reachability in vector addition systems, yielding tight Ackermannian upper bounds for the decomposition algorithm initially invented by Mayr, Kosaraju, and Lambert; this will be based on joint work with Jérôme Leroux.

Sylvain Schmitz is an assistant professor (maître de conférences) at École Normale Supérieure Paris-Saclay since 2008 and a junior member of Institut Universitaire de France since 2018. He received his Ph.D. degree in Computer Science from Université Nice-Sophia Antipolis in 2007 and his habilitation from École Normale Supérieure Paris-Saclay in 2017. His research interests are in logic, verification, and complexity.

Real-time embedded systems need to be analyzable for execution time guarantees. Despite significant scientific advances, however, timing analysis lags years behind current microarchitectures with out-of-order scheduling pipelines, several hardware threads and multiple (shared)cache layers. To satisfy the increasing demand for predictable performance, analyzable performance features are required. We introduce runtime-reconfigurable instruction set processors as one way to escape the scarcity of analyzable performance features while preserving the flexibility of the system. To this end, we first present a reconfiguration controller for guaranteed reconfiguration delays of accelerators onto an FPGA. We propose a novel timing analysis approach to obtain worst-case execution time (WCET) guarantees for applications that utilize runtime-reconfigurable custom instructions (CIs), which each utilize one or more accelerators. Given the constrained reconfigurable area of an FPGA, we solve the problem of selecting CIs for each computational kernel of an application to optimize its worst-case execution time. Finally, we show that runtime reconfiguration provides the unique feature of optimized static WCET guarantees and optimization of the average-case execution time (maintaining statically-given WCET guarantees) by repurposing reconfigurable area for different selections of CIs at runtime.

Marvin Damschen received his Ph.D. (Dr.-Ing.) in Computer Science from the Karlsruhe Institute of Technology (KIT), Germany, under the supervision of Prof. Dr. Jörg Henkel in Dec. 2018. Currently, he is a postdoctoral researcher at the Chair for Embedded Systems at KIT. His main research interests are timing analysis and architectures for real-time embedded systems with special focus on runtime-reconfigurable architectures. Marvin Damschen received a B.Sc. degree - with distinction - and M.Sc. degree - with distinction - in Computer Science with a minor in Mathematics from the University of Paderborn, Germany, in 2012 and 2014, respectively.

Algorithms and decision making based on Big Data have become pervasive in all aspects of our daily (offline and online) lives. Social media, e-commerce, professional, political, educational, and dating sites, to mention just a few, shape our possibilities as individuals, consumers, employees, voters, students, and lovers. In this process, vast amounts of personal data are collected and used to train machine-learning based systems. These systems are used to classify and rank people, and can discriminate us on grounds such as gender, age, or ethnicity, even without intention, and even if legally protected attributes, such as race, are not explicit in the data. Algorithmic bias exists even when there is no discrimination intention in the developer of the algorithm. Sometimes it may be inherent to the data sources used (software making decisions based on data can reflect, or even amplify, the results of historical discrimination), but even when the sensitive attributes have been suppressed from the input, a well trained machine learning algorithm may still discriminate on the basis of such sensitive attributes because of correlations existing in the data.

Carlos Castillo is a Distinguished Research Professor at Universitat Pompeu Fabra in Barcelona. He is a web miner with a background on information retrieval, and has been influential in the areas of web content quality and credibility, and adversarial web search. He is a prolific researcher with more than 80 publications in top-tier international conferences and journals, receiving 13,000+ citations. His works include a book on Big Crisis Data, as well as monographs on Information and Influence Propagation, and Adversarial Web Search.

Cloud computing gives the illusion of infinite computational capacity and allows for on-demand resource provisioning. As a result, over the last few years, the cloud computing model has experienced widespread industrial adoption and companies like Netflix offloaded their entire infrastructure to the cloud. However, with even the largest datacenter being of a finite size, cloud infrastructures have experienced overload due to overbooking or transient failures. In essence, this is an excellent opportunity for the design of control solutions, that tackle the problem of mitigating overload peaks, using feedback from the infrastructure. These solutions can then exploit control-theoretical principles and take advantage of the knowledge and the analysis capabilities of control tools to provide formal guarantees on the predictability of the infrastructure behavior. This talk introduces recent research advances on feedback control in the cloud computing domain, together with my research agenda for enhancing predictability and formal guarantees for cloud computing.

Martina Maggio is an Associate Professor at the Department of Automatic Control, Lund University. Her research area is the application of control-theoretical techniques to computing systems' problems. Martina completed her Ph.D. at Politecnico di Milano, working with Alberto Leva. During her Ph.D., she spent one year as a visiting graduate student at the Computer Science and Artificial Intelligence Laboratory at MIT, working with Anant Agarwal and Hank Hoffmann on the Self-Aware Computing project. She joined Lund University in 2012 as a postdoctoral researcher, working with Karl-Erik Årzén. Since then, her research has been mainly focused on resource allocation for cloud infrastructures and real-time systems. Martina became an Assistant Professor in 2014, and then Docent and Associate Professor in 2017.

Internet applications rely on large-scale networked environments such as the cloud for their backend support. In these multi-tenanted environments, various stakeholders have diverse goals. The objective of the infrastructure provider is to increase revenue by utilizing the resources efficiently. Applications, on the other hand, want to meet their performance requirements at minimal cost. However, estimating the exact amount of resources required to meet the application needs is a difficult task, even for expert users. Easy workarounds employed for tackling this problem, such as resource over-provisioning, negatively impact the goals of the provider, applications, or both. In this talk, I will discuss the design of application-aware self-optimizing systems through automated resource management that helps meet the varied goals of the provider and applications in large-scale networked environments. The key steps in closed-loop resource management include learning of application resource needs, efficient scheduling of resources, and adaptation to variations in real time. I will describe how I apply this high-level approach in two distinct environments using (a) Morpheus in enterprise clusters, and (b) Patronus in cellular provider networks with geo-distributed micro data centers. I will also touch upon my related work in application-specific context at the intersection of network scheduling and deep learning. I will conclude with my vision for self-optimizing systems including fully automated clouds and an elastic geo-distributed platform for thousands of micro data centers.

Sangeetha Abdu Jyothi is a Ph.D. candidate at the University of Illinois at Urbana-Champaign. Her research interests lie in the areas of computer networking and systems with a focus on building application-aware self-optimizing systems through automated resource management. She is a winner of the Facebook Graduate Fellowship (2017-2019) and the Mavis Future Faculty Fellowship (2017-2018). She was invited to attend the Rising Stars in EECS workshop at MIT (2018). Website: http://abdujyo2.web.engr.illinois.edu

Nowadays, innovation in many industrial areas is software driven, where existing software functions become more complex and new software functions are constantly introduced. The rapid increase in functionality comes along with a steep increase in software complexity. To cope with this transition, current trends shift away from today’s distributed architectures towards integrated architectures. Here, previously distributed functionality is consolidated on fewer, more powerful, computers. Such a trend can for example be observed in the automotive or avionics domain. This can ease the integration process, reduce the hardware complexity, and ultimately save costs. One promising hardware platform for these powerful embedded computers is the many-core processor. A many-core processor hosts a vast number of compute cores, that are partitioned on clusters which are connected by a Network-on-Chip. However, ensuring that real-time requirements are satisfied in the presence of contention in shared resources, such as memories, remains an open issue. In addition, industrial applications are often subject to timing constraints on the data propagation through a chain of semantically related tasks. Such requirements pose challenges to the system designer as they are only able to verify them after the system synthesis (i.e. very late in the design process). In this talk, we present methods that transform timing constraints on the data propagation delay into precedence constraints between individual task instances. An execution framework for the cluster of the many-core is proposed that allows access to cluster external memory while it avoids contention on shared resources by design. Spatial and temporal isolation between different clusters is provided by a partitioning and configuration of the Network-on-Chip that further reduces the worst-case access times to external memory.

Matthias Becker is a postdoc researcher at KTH Royal Institute of Technology since February 2018. He received his B.Eng. degree in Mechatronics/Automation Systems from the University of Applied Sciences Esslingen, Germany in 2011. In the year 2013 he got his M.Sc. degree in Computer Science specializing in embedded computing from the University of Applied Sciences Munich, Germany. He received his Licentiate and PhD degree in Computer Science and Engineering from Mälardalen University, Sweden in 2015 and 2017 respectively. Matthias has been a visiting researcher at CISTER - Research Centre in Real-Time and Embedded Computing Systems in Porto, Portugal for two months in 2015 and for three months in 2016.

The rise of user-centric Internet systems such as Facebook or Twitter brought security and privacy threats that became out of control in recent years. To make such systems more dependable, my research focuses on three key aspects: (1) privacy: ensure users understand and can control the information that is disclosed about them; (2) transparency: ensure users understand how their data is being used and how it affects the services they receive; and (3) trust: ensure users can evaluate the trustworthiness of content consumed from these systems. 

In this talk, I will share my research efforts in understanding and tackling security and privacy threats in social media targeted advertising. Despite a number of recent controversies regarding privacy violations, lack of transparency, or vulnerability to discrimination or propaganda by dishonest actors; users still have little understanding of what data targeted advertising platforms have about them and why they are shown the ads they see. To address such concerns, Facebook recently introduced the "Why am I seeing this?" button that provides users with an explanation of why they were shown a particular ad. I first investigate the level of transparency provided by this mechanism by empirically measuring whether it satisfies a number of key properties and what are the consequences of the current design choices. To provide a better understanding of the Facebook advertising ecosystem, we developed a tool called AdAnalyst that collects the ads users receive and provides aggregate statistics. I will then share our findings from analyzing data from over 600 real-world AdAnalyst users; in particular on who is advertising on Facebook and how these advertisers are targeting users and customizing ads via the platform. 

Oana Goga is a tenured CNRS research scientist in the Laboratoire d’Informatique Grenoble (France) since October 2017. Prior to this, she was a postdoc at the Max Plank Institute for Software Systems and obtained a PhD in 2014 from Pierre et Marie Curie University in Paris. She is the recipient of a young researcher award from the French National Research Agency (ANR). Her research interests are in security and privacy issues that arise in online systems that have at their core user provided data. Her recent work on security and privacy issues in social media advertising led to changes in the Facebook advertising platform. 

Over the past decade, the field of artificial intelligence (AI) has seen striking developments. Yet, today’s AI systems sorely lack the essence of human intelligence i.e.  our ability to (a) understand language and grasp its meaning, (b) assimilate common-sense background knowledge of the world, and (c) draw inferences and perform reasoning. Before we even begin to build AI systems that possess the aforementioned human abilities, we must ask an even more fundamental question: How would we even evaluate an AI system on the aforementioned abilities? In this talk, I will argue that we can evaluate AI systems in the same way as we evaluate our children - by giving them standardized tests. Standardized tests are administered to students to measure the knowledge and skills gained by them. Thus, it is natural to use these tests to measure the intelligence of our AI systems. Then, I will describe Parsing to Programs (P2P), a framework that combines ideas from semantic parsing and probabilistic programming for situated question answering. We used P2P to build systems that can solve pre-university level Euclidean geometry and Newtonian physics examinations. P2P achieves a performance at least as well as the average student on questions from textbooks, geometry questions from previous SAT exams, and mechanics questions from Advanced Placement (AP) exams. I will conclude by describing implications of this research and some ideas for future work.

Mrinmaya Sachan is a Ph.D. candidate in the Machine Learning Department in the School of Computer Science at Carnegie Mellon University. His research is in the interface of machine learning, natural language processing, knowledge discovery and reasoning. He received an outstanding paper award at ACL 2015, multiple fellowships (IBM fellowship, Siebel scholarship and CMU CMLH fellowship) and was a finalist for the Facebook fellowship. Before graduate school, he graduated with a B.Tech. in Computer Science and Engineering from IIT Kanpur with an Academic Excellence Award.

Modern applications must collect and store massive amounts of data. Cloud storage offers these applications simplicity: the abstraction of a failure-free, perfectly scalable black-box. While appealing, offloading data to the cloud is not without challenges. Cloud storage systems often favour weaker levels of isolation and consistency. These weaker guarantees introduce behaviours that, without care, can break application logic. Offloading data to an untrusted third party like the cloud also raises questions of security and privacy.

This talk summarises my efforts to improve the performance, the semantics and the security of transactional cloud storage systems. It centers around a simple idea: defining consistency guarantees from the perspective of the applications that observe these guarantees, rather than from the perspective of the systems that implement them. I will discuss how this new perspective brings forth several benefits. First, it offers simpler and cleaner definitions of weak isolation and consistency guarantees. Second, it enables more scalable implementations of existing guarantees like causal consistency. Finally, I will discuss its applications to security: our client-centric perspective allows us to add obliviousness guarantees to transactional cloud storage systems.

Natacha Crooks is a PhD candidate at the University of Texas at Austin and a visiting student at Cornell University. Her research interests are in distributed systems, distributed computing and databases. She is the recipient of a Google Doctoral Fellowship in Distributed Computing and a Microsoft Research Women Fellowship.

Developing high-performance datacenter applications is complex and time-consuming today, as developers must understand and correctly implement subtle interactions between different backend systems. I describe a new approach that redesigns core datacenter systems around new abstractions: the right abstractions substantially reduce complexity while maintaining the same performance. This saves expensive developer time, uses datacenter servers more efficiently, and can enable new, previously impossible systems and applications. I illustrate the impact of such redesigns with Noria, which recasts web application backends-i.e., databases and caches-as a streaming dataflow computation based on a new abstraction of partial state. Noria's partially-stateful dataflow brings classic databases' familiar query flexibility to scalable dataflow systems, simplifying applications and improving the backend's efficiency. For example, Noria increases the request load handled by a single server by 5-70x compared to state-of-the-art backends. Additional new abstractions from my research increase the efficiency of other datacenter systems (e.g., cluster schedulers), or enable new kinds of systems that, for example, may help protect user data against exposure through application bugs.

Malte Schwarzkopf is a postdoc at MIT CSAIL, where he is a member of the Parallel and Distributed Operating Systems (PDOS) group. In his research, Malte designs and builds systems that aim to be both efficient and easy to use, and some of these systems have already impacted industry practice. Malte received both his B.A. and Ph.D. from the University of Cambridge, and his research has won an NSDI Best Paper Award and a EuroSys Best Student Paper Award.

Symbolic execution is a program analysis technique that can automatically explore and analyse paths through a program. While symbolic execution was initially introduced in the seventies, it has only received significant attention during the last decade, due to tremendous advances in constraint solving technology and effective blending of symbolic and concrete execution into what is often called dynamic symbolic execution. Dynamic symbolic execution is now a key ingredient in many computer science areas, such as software engineering, computer security, and software systems, to name just a few. In this talk, I will discuss recent advances and ongoing challenges in the area of dynamic symbolic execution, drawing upon our experience developing several symbolic execution tools for many different scenarios, such as high-coverage test input generation, bug and security vulnerability detection, patch testing and bounded verification, among many others.

Cristian Cadar is a Reader in the Department of Computing at Imperial College London, where he leads the Software Reliability Group (http://srg.doc.ic.ac.uk ), working on automatic techniques for increasing the reliability and security of software systems. Cristian received an ERC Consolidator Grant in 2018, the HVC Award in 2017, the ACM CCS Test of Time Award in 2016, a British Computer Society Fellowship in 2016, the Jochen Liedtke Young Researcher Award in 2015 and an EPSRC Early-Career Fellowship in 2013. Many of the research techniques he co-authored have been open-sourced and used by several groups in both academia and industry. In particular, he is co-author and the principal maintainer of the KLEE symbolic execution system, a popular system with a large user base. Cristian has a PhD in Computer Science from Stanford University, and undergraduate and Master's degrees from the Massachusetts Institute of Technology.

First-order (FO) transition systems have recently attracted attention for the verification of parametric systems such as network protocols, software-defined networks or multi-agent workflows. Desirable properties of these systems such as functional correctness or non-interference have conveniently been formulated as safety properties. Here, we go one step further. Our goal is to verify safety, and also to develop techniques for automatically synthesizing strategies to enforce safety. For that reason, we generalize FO transition systems to FO safety games. We prove that the existence of a winning strategy of safety player in finite games is equivalent to second-order quantifier elimination. For monadic games, we provide a complete classification into decidable and undecidable cases. For games with non-monadic predicates, we concentrate on universal invariants only. We identify a non-trivial sub-class where safety is decidable. For the general case, we provide meaningful abstraction and refinement techniques for realizing a CEGAR based synthesis loop. Joint work with: Christian Müller, TUM Bernd Finkbeiner, Universität des Saarlandes

Helmut Seidl graduated in Mathematics (1983) and received his Ph.D. degree in Computer Science (1986) from the Johann Wolfgang Goethe Universität, Frankfurt. He received his Dr. Habil. (1994) from the Universität des Saarlandes, Saarbrücken. 1994 he was appointed Full Professor at the University of Trier. Since 2003, he holds the chair for "Languages and Specification Formalisms" at TU München. From 2009 to 2018, he has been speaker of the research training group PUMA ("Programm- Und Modell-Analyse") and now is speaker of the research training group ConVeY ("Continuous Verification of CYber-Physical Systems"). His research interests include static analysis by abstract interpretation and model checking, efficient fixpoint algorithms, and expressive domains for numerical invariants. He has worked on dedicated analyses of concurrent and parametric systems, safety critical C programs, and cryptographic protocols. He is also interested in tree automata and corresponding classes of Horn clauses, in tree transducers and XML processing.

Many approaches to analyze the complexity of programs automatically are based on transformations into integer or term rewrite systems. However, state-of-the-art tools that analyze the worst-case complexity of rewrite systems are restricted to the inference of upper bounds. In this talk, the first techniques for the inference of lower bounds on the worst-case complexity of integer and term rewrite systems are introduced. While upper bounds can prove the absence of performance-critical bugs, lower bounds can be used to find them.

For term rewriting, the power of the presented technique gives rise to the question whether the existence of a non-constant lower bound is decidable. Thus, the corresponding decidability results are also discussed in this talk.

Finally, to see the practical value of complexity analysis techniques for rewrite systems, we will have a glimpse at the transformation from Java programs to integer rewrite systems that is implemented in the tool AProVE.

Florian Frohn is a research assistant at Lehr- und Forschungsgebiet Informatik 2 at RWTH Aachen. In December 2018, he successfully defended his PhD thesis.

In this talk I shall outline a summary of our five year long initiative studying the temporal dynamics of various human language-like entities over the social media. Some of the topics that I plan to cover are (a)  how opinion conflicts could be effectively used for incivility detection in Twitter [CSCW 2018], (b) how word borrowings can be automatically identified from social signals [EMNLP 2017] and (c)  how hashtags in Twitter form compounds like natural language words (e.g., #Wikipedia+#Blackout=#WikipediaBlackout) that become way more popular than the individual constituent hashtags [CSCW 2016, Honorable Mention].

Animesh Mukherjee is an Associate Professor in the Department of Computer Science and Engineering, Indian Institute of Technology, Kharagpur. He is also a Simons Associate, ICTP, Italy and an ACM Distinguished Speaker. His main research interests are in applying complex system approaches (mainly complex networks and agent-based simulations) to different problems in Computer Science including (a) human language evolution and change, (b) web social media, (c) information retrieval, and (d) natural language processing He regularly publishes in top conferences like ACM SIGKDD, ACM CIKM, ACM CSCW, ICWSM, ACL, EMNLP, COLING, ACM/IEEE JCDL and journals like PNAS, Sci Reports, ACM TKDD, ACM CACM, IEEE TKDE, IEEE JSAC, Phys. Rev, Europhysics Letters. He regularly serves on the programme committee of various top conferences like IJCAI, EMNLP, COLING. He has received many notable awards including the INAE Young Engineer Award 2012, INSA Medal for Young Scientists 2014, IBM Faculty Award 2015 and the Humboldt Fellowship for Experienced Researchers in 2017.

Many classification tasks have no objective ground truth. Examples include: which content or explanation is "better" according to some community? is this comment toxic? what is the political leaning of this news article? The traditional modeling approach assumes each item has an objective true state that is perceived by humans with some random error. It fails to account for the fact that people have greater agreement on some items than others. I will describe an alternative model where the true state is a distribution over labels that raters from a specified population would assign to an item. This leads to information gain (mutual information) as a theoretically justified and computationally tractable measure of a classifier's quality, and an intuitive interpretation of information gain in terms of the sample size for a survey that would yield the same expected error rate.

Paul Resnick is the Michael D. Cohen Collegiate Professor of Information and Associate Dean for Research at the University of Michigan School of Information. He was a pioneer in the fields of recommender systems and reputation systems. He recently started the Center for Social Media Responsibility, which encourages and helps social media platforms to meet their public responsibilities.

I will present a recent non-elementary lower bound for the complexity of reachability problem for Vector Addition Systems. I plan to show the main insights of the proof. In particular I will present a surprising equation on fractions, which is the core of the new source of hardness found in VASes.

Wojciech Czerwiński is an assistant professor (pol. adiunkt) at the Institute of Informatics, Faculty of Mathematics, Informatics and Mechanics of the University of Warsaw. His interests include automata and logic, more concretely infinite state systems and separability problems.

In real-time embedded systems, for each task the compliance to timing constraints has to be guaranteed in addition to the functional correctness. The first part of the talk considers the theoretical comparison of scheduling algorithms and schedulability tests by evaluating speedup factors for non-preemptive scheduling, which leads to a discussion about general problems of resource augmentation bounds. In addition, it is explained how utilization bounds can be parametrized, resulting in better bounds for specific scenarios, i.e., when analyzing non-preemptive Rate-Monotonic scheduling as well as task sets inspired by automotive applications.

In the second part, a setting similar to mixed-criticality systems is considered and the criticism on previous work in this area is detailed. Hence, a new system model that allows a better applicability to realistic scenarios, namely Systems with Dynamic Real-Time Guarantees, is explained. This model is extended to a multiprocessor scenario, considering CPU overheating as a possible cause for mixed-criticality behaviour. Finally, a way to determine the deadline-miss probability for such systems is described that drastically reduces the runtime of such calculations.

The third part discusses tasks with self-suspension behaviour, explains a fixed-relative-deadline strategy for segmented self-suspension tasks with one suspension interval, and details how this approach can be exploited in a resource-oriented partitioned scheduling. Furthermore, it is explained how the gap between the dynamic and the segmented self-suspension model can be bridged by hybrid models.

-

SCION is a new Internet architecture that addresses many of the security vulnerabilities of today’s Internet. Its clean-slate design provides, among other properties, route control, failure isolation, and multi-path communication. The verifiedSCION project is an effort to formally verify the correctness and security of SCION. It aims to provide strong guarantees for the entire architecture, from the protocol design to its concrete implementation. The project uses stepwise refinement to prove that the protocol withstands increasingly strong attackers. The refinement proofs assume that all network components such as routers satisfy their specifications. This property is then verified separately using deductive program verification in separation logic. This talk will give an overview of the verifiedSCION project and explain, in particular, how we verify code-level properties such as memory safety, I/O behavior, and information flow security.

Peter Müller has been Full Professor and head of the Chair of Programming Methodology at ETH Zurich since August 2008. His research focuses on languages, techniques, and tools for the development of correct software. His previous appointments include a position as Researcher at Microsoft Research in Redmond, an Assistant Professorship at ETH Zurich, and a position as Project Manager at Deutsche Bank in Frankfurt. Peter Müller received his PhD from the University of Hagen.

Cloud computing gives the illusion of infinite computational capacity and allows for on-demand resource provisioning. As a result, over the last few years, the cloud computing model has experienced widespread industrial adoption and companies like Netflix offloaded their entire infrastructure to the cloud. However, with even the largest datacenter being of a finite size, cloud infrastructures have experienced overload due to overbooking or transient failures. In essence, this is an excellent opportunity for the design of control solutions, that tackle the problem of mitigating overload peaks, using feedback from the computing infrastructure. Exploiting control-theoretical principles and taking advantage of the knowledge and the analysis capabilities of control tools, it is possible to provide formal guarantees on the predictability of the cloud platform. This talk introduces recent research advances on feedback control in the cloud computing domain. This talk discusses control solutions and future research for both cloud application development, and infrastructure management. In particular, it covers application brownout, control-based load-balancing, and autoscaling.

Martina Maggio is an Associate Professor at the Department of Automatic Control, Lund University. Her research area is the application of control-theoretical techniques to computing systems' problems. She completed her Ph.D. at Politecnico di Milano, on the applications of control-theoretical tools for the design of computing systems components. During her Ph.D., she spent one year as a visiting graduate student at the Computer Science and Artificial Intelligence Laboratory at MIT, working with Anant Agarwal and Hank Hoffmann on the Self-Aware Computing project, named one of the one of ten "World Changing Ideas" by Scientific American in 2011. She joined Lund University in 2012 as a postdoctoral researcher, working with Karl-Erik Årzén on resource allocation for cloud infrastructures and real-time systems. Martina became an Assistant Professor in 2014, and then Docent and Associate Professor in 2017.

A variety of experts -- computer scientists, policy makers, judges -- constantly make decisions about best practices for computational systems. They decide which features are fair to use in a machine learning classifier predicting whether someone will commit a crime, and which security behaviors to recommend and require from end-users. Yet, the best decision is not always clear. Studies have shown that experts often disagree with each other and, perhaps more importantly, with the people for whom they are making these decisions: the users.

This raises a question: Is it possible to learn best practices directly from the users? The field of moral philosophy suggests yes, through the process of descriptive decision-making, in which we observe people’s preferences and then infer best practice rather than using experts’ normative (prescriptive) determinations to define best practice. In this talk, I will explore the benefits and challenges of applying such a descriptive approach to making computationally relevant decisions regarding: (i) selecting security prompts for an online system; (ii) determining which features to include in a classifier for jail sentencing; (iii) defining standards for ethical virtual reality content.

Elissa Redmiles is a Ph.D. Candidate in Computer Science at the University of Maryland and has been a visiting researcher with the Max Planck Institute for Software Systems and the University of Zurich. Elissa’s research interests are broadly in the areas of security and privacy. She uses computational, economic, and social science methods to understand users’ security and privacy decision-making processes, specifically investigating inequalities that arise in these processes and mitigating those inequalities through the design of systems that facilitate safety equitably across users. Elissa is the recipient of a NSF Graduate Research Fellowship, a National Science Defense and Engineering Graduate Fellowship, and a Facebook Fellowship. Her work has appeared in popular press publications such as Scientific American, Business Insider, Newsweek, and CNET and has been recognized with the John Karat Usable Privacy and Security Student Research Award, a Distinguished Paper Award at USENIX Security 2018, and a University of Maryland Outstanding Graduate Student Award.

Fairness considerations in settings where decisions are made by supervised learning algorithms (e.g. criminal risk assessment) has received considerable attention, recently. As the fairness literature continues to expand mostly around this canonical learning task, it is important to recognize that many real-world applications of ML fall outside the category of supervised, one-shot learning. In this presentation, I will talk about two scenarios in which algorithmic decisions are made in a sequential manner and over time. I will argue that in such settings, being fair---at a minimum---requires decisions to be "consistent" across individuals who arrive at different time steps, that is, similar individuals must be treated similarly. I will then talk about how such consistency constraints affect learning. 

In the first part of the talk, I will introduce a generic sequential decision making framework, in which at each time step the learning algorithm receives data corresponding to a new individual (e.g. a new job application) and must make an irrevocable decision about him/her (e.g. whether to hire the applicant) based on observations it has made so far. I propose a general framework for post-processing predictions made by a black-box learning model, so that the resulting sequence of outcomes is guaranteed to be consistent. I show, both theoretically and via simulations, that imposing consistency constraints will not significantly slow down learning.

In the second part of the talk, I will focus on fairness considerations in a particular type of market---namely, combinatorial prediction markets---where traders can submit limit orders on various security bundles, and the market maker is tasked with executing these orders in a fair manner. The main challenge in running such market is that executing one order can potentially change the price of every other order in the book. I define the notion of a "fair trading path", which at a high level guarantees similar orders are executed similarly: no order executes at a price above its limit, and every order executes when its market price falls below its limit price. I present a market algorithm that respects these fairness conditions, and evaluate it using real combinatorial predictions made during the 2008 U.S. Presidential election. 

I will conclude by comparing my work with previous papers on fairness for online learning, and a list of directions for future work.

Hoda Heidari is a Post-doctoral Fellow at the Machine Learning Institute at ETH Zurich working under supervision of Prof. Andreas Krause. She received her PhD in Computer and Information Science from the University of Pennsylvania where she was advised by Prof. Michael Kearns and Prof. Ali Jadbabaie. Her research interests are broadly in algorithmic economics and societal aspects of AI. In particular, she is interested in fairness considerations in online markets and data-driven decision making systems.

Parameterized complexity analyzes the computational complexity of NP-hard combinatorial problems in finer detail than classical complexity: instead of expressing the running time as a univariate function of the size $n$ of the input, one or more relevant parameters are defined and the running time is analyzed as a function depending on both the input size and these parameters. The goal is to obtain algorithms whose running time depends polynomially on the input size, but may have arbitrary (possibly exponential) dependence on the parameters. Moreover, we would like the dependence on the parameters to be as slowly growing as possible, to make it more likely that the algorithm is efficient in practice for small values of the parameters. In recent years, advances in parameterized algorithms and complexity have given us a tight understanding of how the parameter has to influence the running time for various problems. The talk will survey results of this form, showing that seemingly similar NP-hard problems can behave in very different ways if they are analyzed in the parameterized setting.

http://www.cs.bme.hu/~dmarx/

Programmable analog devices are a powerful new computing substrate that are especially appropriate for performing computationally intensive simulations of dynamical systems. Until recently, the de-facto standard for programming these devices required hardware specialists to manually program the analog device to model the dynamical system of interest. In this talk, I will present Arco, a compiler that automatically configures analog devices to perform dynamical system simulation, and Jaunt, a compilation technique that that scales dynamical system parameters to change the speed of the simulation and render the resulting simulation physically realizable given the operating constraints of the analog hardware platform. These techniques capture the domain knowledge required to fully exploit the capabilities of reconfigurable analog devices, eliminating a key obstacle to the widespread adoption of these devices.

Sara Achour is a PhD candidate at the Computer Science and Artificial Intelligence Laboratory at Massachusetts Institute of Technology (CSAIL MIT) and a NSF Fellowship recipient. Her current research focuses on compilation techniques for reconfigurable analog devices. Her broader research interests focus on developing automated techniques for nontraditional computational platforms and devices.

Suppose that a group of voters wants to select k \ge 1 alternatives from a given set, and each voter indicates which of the alternatives are acceptable to her: the alternatives could be conference submissions, applicants for a scholarship or locations for a fast food chain. In this setting it is natural to require that the winning set represents the voters fairly, in the sense that large groups of voters with similar preferences have at least some of their approved alternatives in the winning set. We describe several ways to formalize this idea, and show how to use it to classify voting rules. For one of our axioms, the only known voting rule that satisfies it is not polynomial-time computable, and it was conjectured that no voting rule that satisfies this axiom can be polynomial-time computable; however, we will show that this is not the case.

Edith Elkind researches game theory and the computation of social choices. She looks at the decisions involved in multi-agent systems such as auctions, elections and co-operative games.

In this talk, I will present AI2, a sound and scalable analyzer for deep neural networks. Based on overapproximation, AI2 can automatically prove safety properties (e.g., robustness) of realistic neural networks (e.g., convolutional neural networks). The key insight behind AI2 is to phrase reasoning about safety and robustness of neural networks in terms of classic abstract interpretation, enabling to leverage decades of advances in that area. To this end, I will introduce abstract transformers that capture the behavior of fully connected and convolutional neural network layers with rectified linear unit activations (ReLU), as well as max pooling layers. This allows to handle real-world neural networks, which are often built out of these types of layers. I will also empirically demonstrate that (i) AI2 is precise enough to prove useful specifications (e.g., robustness), (ii) AI2 can be used to certify the effectiveness of state-of-the-art defenses for neural networks, and (iii) AI2 is significantly faster than existing analyzers based on symbolic analysis, which often take hours to verify simple fully connected networks.

Dana Drachsler Cohen is a postdoc in the Secure, Reliable, and Intelligent Systems Lab at the Computer Science Department at ETH Zurich. Her research interests span program synthesis, machine learning, security, and computer networks.

Energy consumption is an important concern for cloud datacenters. Its cost represents about 80% of the total cost of ownership and it is estimated that in 2020, the US datacenters alone will spend about $13 billion on energy bills. Generally, the servers are manufactured in such a way that they achieve high energy efficiency at high utilizations. Thereby for a low cost per computation all datacenter servers should push the utilization as high as possible. In order to fight the historically low utilization, cloud computing adopted server virtualization. This technology enables a cloud provider to pack (consolidate) the entire set of virtual machines (VMs) on a small set of physical servers and thereby, reduce the number of active servers. Even so, the datacenter servers rarely reach utilizations higher than 50% which means that they operate with a set of long-term unused resources (called 'holes'). Our first contribution is a cloud management system that dynamically splits/fusions VMs such that they can better fill the holes. However the datacenter resource fragmentation has a more fundamental problem. Over time, cloud applications demand more and more memory but the physical servers provide more an more CPU. In nowadays datacenters, the two resources are strongly coupled since they are bounded to a physical sever. Our second contribution is a practical way to decouple the CPU-memory tuple that can simply be applied to a commodity server. The underutilization observed on physical servers is also true for virtual machines. It has been shown that VMs consume only a small fraction of the allocated resources because the cloud customers are not able to correctly estimate the resource amount necessary for their applications. Our third contribution is a system that estimates the memory consumption (i.e. the working set size) of a VM, with low overhead and high accuracy. Thereby, we can now consolidate the VMs on based on their working set size (not the booked memory). However, the drawback of this approach is the risk of memory starvation. If one or multiple VMs have an sharp increase in memory demand, the physical server may run out of memory. This event is undesirable because the cloud platform is unable to provide the client with the memory he paid for. Our fourth contribution is a system that allows a VM to use remote memory provided by a different rack server. Thereby, in the case of a peak memory demand, our system allows the VM to allocate memory on a remote physical server.

Vlad Nitu is a PhD student at Toulouse University and interested in operating and visualization systems with a focus on optimizing their energy consumption. Starting October, he will be post-doc at EPFL in the group of Prof. Rachid Guerraoui.

Embedding a domain-specific language (DSL) in a general purpose host language is an efficient way to develop a new DSL. Various kinds of languages and paradigms can be used as host languages, including object-oriented, functional, statically typed, and dynamically typed variants, all having their pros and cons. For deep embedding, statically typed languages enable early checking and potentially good DSL error messages, instead of reporting runtime errors. Dynamically typed languages, on the other hand, enable flexible transformations, thus avoiding extensive boilerplate code. In this talk, I will discuss the concept of gradually typed symbolic expressions that mix static and dynamic typing for symbolic data. The key idea is to combine the strengths of dynamic and static typing in the context of deep embedding of DSLs. Moreover, I will briefly outline an ongoing research effort of developing a new framework for developing heterogenous domain-specific languages.

David Broman is an Associate Professor at the KTH Royal Institute of Technology in Sweden, where he is leading the Model-based Computing Systems (MCS) research group. Between 2012 and 2014, he was a visiting scholar at the University of California, Berkeley, where he also was employed as a part time researcher until 2016. David received his Ph.D. in Computer Science in 2010 from Linköping University, Sweden, and was appointed Assistant Professor there in 2011. He earned a Docent degree in Computer Science in 2015. His research focuses on model-based design of time-aware systems, including cyber-physical systems, embedded systems, and real-time systems. In particular, he is interested in programming and modeling language theory, formal semantics, compilers, and machine learning. David has received an outstanding paper award at RTAS (co-authored 2018), the award as teacher of the year, selected by the student union at KTH (2017), the best paper award at IoTDI (co-authored 2017), awarded the Swedish Foundation for Strategic Research's individual grant for future research leaders (2016), and the best paper presentation award at CSSE&T (2010). He has worked several years within the software industry, co-founded three companies, co-founded the EOOLT workshop series, and is a member of IFIP WG 2.4, Modelica Association, and a senior member of IEEE.

The design and implementation of real-time systems require that both the logical and the temporal behaviour are correct. There exist several specialized languages and tools that use the notion of logical time, as well as industrial strength languages such as Ada and RTJS that incorporate direct handling of real time. Although these languages and tools have shown to be good alternatives for safety-critical systems, most commodity real-time and embedded systems are today implemented in the standard C programming language. Such systems are typically targeting proprietary bare-metal platforms, standard POSIX compliant platforms, or open-source operating systems. It is, however, error prone to develop large, reliable, and portable systems based on these APIs. In this talk, I will talk about an extension to the C programming language, called Timed C, with a minimal set of language primitives, and show how a retargetable source-to-source compiler can be used to compile and execute simple, expressive, and portable programs

Saranya Natarajan is a third year PhD student at the KTH Royal Institute of Technology, School of Computer Science and Electrical Engineering (EECS). She is pursuing her doctoral research under the guidance of David Broman. She received her master's degree from Indian Institute of Science, Bangalore in 2015. Her research interests span the areas of real-time systems, programming languages, and compilers

Road safety is a major public health issue, with road accidents accounting for an estimated 1.25 million fatalities, and many more injuries, the world over, each year. The problem is particularly acute in India, with nearly a quarter of a million fatalities every year, i.e., 20% of the world’s total. Besides the heavy human cost, road accidents also impose a significant economic cost. The crux of the problem is that the major factors impacting safety — vehicles, roads, and people — have virtually no ongoing monitoring today. In the HAMS project at Microsoft Research India, we employ a dashboard-mounted smartphone, and the array of sensors it includes, as a virtual harness, with a view to monitoring drivers and their driving. We focus primarily on the camera sensors of the smartphone, both the front camera, which faces the driver, and the back camera, which looks out to the front of the vehicle. We address the challenges arising from our choice of low-cost generic sensors instead of more expensive specialized sensors, the need for efficient processing on a smartphone, and demands of robust operation in uncontrolled environments. HAMS has been piloted as part of a driver training program, with promising early results.

Venkat Padmanabhan is a Principal Researcher at Microsoft Research India, where he founded the Mobility, Networks, and Systems group in 2007. He was previously with Microsoft Research Redmond, USA for nearly 9 years. Venkat’s research interests are broadly in networked and mobile systems, and his work over the years has led to highly-cited papers and paper awards, technology transfers within Microsoft, and also industry impact. He received the Shanti Swarup Bhatnagar Prize and the inaugural ACM SIGMOBILE Test-of-Time paper award, both in 2016. Venkat holds a B.Tech. from IIT Delhi and an M.S. and a Ph.D. from UC Berkeley, all in Computer Science, and has been elected a Fellow of the INAE, the IEEE, and the ACM. He can be reached online at http://research.microsoft.com/~padmanab/.

Materials and manufacturing processes can be made to adapt to the way in which their end-products are used, by imbuing raw materials with sensing and computation elements. By making the algorithms that run on these computing elements aware of the physics of the objects in which they are embedded, computation-and-sensing augmented materials could change the way we think about the border between inanimate objects and computing systems. One way to exploit knowledge about the physical world in the programs running on (or in) these objects is to exploit the fact that these programs can often tolerate noise and other deviations from correctness in their input data. This talk will highlight research that builds on these observations.

Phillip Stanley-Marbell is an Assistant Professor in the Department of Engineering at the University of Cambridge where he leads the Physical Computation Lab http://physcomp.eng.cam.ac.uk). His research focus is on exploiting an understanding of properties of the physical world and the physiology of human perception to make computing systems more efficient. Prior to joining the University of Cambridge, he was a researcher at MIT, from 2014 to 2017. He received his Ph.D. from CMU in 2007, was a postdoc at TU Eindhoven until 2008, and then a permanent Research Staff Member at IBM Research—Zürich (2008-2012). In 2012 he joined Apple where he led the development of a new system component now used across all iOS, watchOS, and macOS platforms. Prior to completing his Ph.D., he held positions at Bell-Labs Research (1995, 1996), Lucent Technologies and Philips (1999), and NEC Research Labs (2005).

Is perfect matching in NC? That is, is there a deterministic fast parallel algorithm for it? This has been an outstanding open question in theoretical computer science for over three decades, ever since the discovery of RNC matching algorithms. Within this question, the case of planar graphs has remained an enigma: On the one hand, counting the number of perfect matchings is far harder than finding one (the former is #P-complete and the latter is in P), and on the other, for planar graphs, counting has long been known to be in NC whereas finding one has resisted a solution. In this paper, we give an NC algorithm for finding a perfect matching in a planar graph. Our algorithm uses the above-stated fact about counting matchings in a crucial way. Our main new idea is an NC algorithm for finding a face of the perfect matching polytope at which W(n) new conditions, involving constraints of the polytope, are simultaneously satisfied. Several other ideas are also needed, such as finding a point in the interior of the minimum weight face of this polytope and finding a balanced tight odd set in NC.

-

We compare the expressive power of three programming abstractions for user-defined computational effects: Plotkin and Pretnar’s effect handlers, Filinski’s monadic reflection, and delimited control. This comparison allows a precise discussion about the relative expressiveness of each programming abstraction. It also demonstrates the sensitivity of the relative expressiveness of user-defined effects to seemingly orthogonal language features.

We present each notion as an extension of a simply-typed core lambda-calculus with an effect type system. Using Felleisen’s notion of a macro translation, we show that these abstractions can macro-express each other, providing we disregard types. Alas, not all of the translations are type-preserving; moreover, no alternative type-preserving macro translations exist. We show that if we add suitable notions of polymorphism to the core calculus and its extensions then all of the translations can be adapted to preserve typing.

(based on joint work with Yannick Forster, Ohad Kammar, and Matija Pretnar)

-

Automated invariant generation is a fundamental challenge in program analysis and verification, going back many decades, and remains a topic of active research. In this talk I'll present a select overview and survey of work on this problem, and discuss unexpected connections to other fields including algebraic geometry, group theory, and quantum computing. (No previous knowledge of these fields will be assumed.) This is joint work with Ehud Hrushovski, Amaury Pouly, and James Worrell.

-

The ongoing trend to more heterogeneity forces us to rethink the design of systems. In this talk, I will present a new system design that considers heterogeneous compute units (general-purpose cores with different instruction sets, DSPs, FPGAs, fixed-function accelerators, etc.) from the beginning instead of as an afterthought. The goal is to treat all compute units (CUs) as first-class citizens, enabling 1) isolation and secure communication between all types of CUs, 2) a direct interaction of all CUs to remove the conventional CPU from the critical path, and 3) access to OS services such as file systems and network stacks for all CUs. To study this system design, I am using a hardware/software co-design based on two key ideas: 1) introduce a new hardware component next to each CU used by the OS as the CUs' common interface and 2) let the OS kernel control applications remotely from a different CU. In my talk, I will show how this approach allows to support arbitrary CUs as aforementioned first-class citizens, ranging from fixed-function accelerators to complex general-purpose cores.

-

We are developing methods to improve human learning and performance on challenging perceptual categorization tasks, e.g., bird species identification, diagnostic dermatology. Our approach involves inferring psychological embeddings -- internal representations that individuals use to reason about a domain. Using predictive cognitive models that operate on an embedding, we perform surrogate-based optimization to determine efficient and effective means of training domain novices as well as amplifying an individual's capabilities at any stage of training. Our cognitive models leverage psychological theories of: similarity judgement and generalization, contextual and sequential effects in choice, attention shifts among embedding dimensions.  Rather than searching over all possible training policies, we focus our search on policy spaces motivated by the training literature, including manipulation of exemplar difficulty and the sequencing of category labels. We show that our models predict human behavior not only in the aggregate but at the level of individual learners and individual exemplars, and preliminary experiments show the benefits of surrogate-based optimization on learning and perform ance.

This work was performed in close collaboration with Brett Roads at University College London.

Michael Mozer received a Ph.D. in Cognitive Science at the University of California at San Diego in 1987.  Following a postdoctoral fellowship with Geoffrey Hinton at the University of Toronto, he joined the faculty at the University of Colorado at Boulder and is presently an Professor in the Department of Computer Science and the Institute of Cognitive Science.  He is secretary of the Neural Information Processing Systems Foundation, has served as Program Chair and General Chair at NIPS and as chair of the Cognitive Science Society. He is interested in human-centric artificial intelligence, which involves designing machine learning methods that leverage insights  from human cognition, and building software tools to optimize human performance using machine learning methods.

Next to performance, early power and energy estimation is a key challenge in the design of computer systems. Traditional simulation-based methods are often too slow while existing analytical models are often not sufficiently accurate. In this talk, I will present our work on bridging this gap by providing fast yet accurate alternatives for power and performance modeling of software and hardware. In the past, we have pioneered so-called source-level and host-compiled simulation techniques that are based on back-annotation of source code with semi-analytically estimated target metrics. More recently, we have studied alternative approaches in which we employ advanced machine learning techniques to synthesize analytical proxy models that can extract latent correlations and accurately predict time-varying power and performance of an application running on a target platform purely from data obtained while executing the application natively on a completely different host machine. We have developed such learning-based approaches for both hardware and software. On the hardware side, learning-based models for white-box and black-box hardware accelerators reach simulation speeds of 1 Mcycles/s at 97% accuracy. On the software side, depending on the granularity at which prediction is performed, cross-platform prediction can achieve more than 95% accuracy at more than 3 GIPS ofequivalent simulation throughput.

Andreas Gerstlauer is an Associate Professor in Electrical and Computer Engineering at The University of Texas at Austin. He received his Ph.D. in Information and Computer Science from the University of California, Irvine (UCI) in 2004. His research interests include system-level design automation, system modeling, design languages and methodologies, and embedded hardware and software synthesis.

One of the fundamental NP-hard problems in combinatorial optimization is Bin Packing. In terms of the best polynomial time approximation algorithm, we show how to improve over the previous best algorithm by Karmarkar and Karp from 1981 by a quadratic factor. The crucial techniques come from recent developments in discrepancy theory, a sub-field of combinatorics.

Then we will consider the special case that the number of different item sizes is a constant. It had been open for at least 15 years, whether or not this case is solvable in polynomial time. We provide an affirmative answer to that.

The talk includes joint work with Michel X. Goemans and Rebecca Hoberg.

Thomas Rothvoss did his PhD in Mathematics in 2009 at EPFL in Switzerland under Friedrich Eisenbrand. Then he was a PostDoc at MIT working with Michel Goemans. Since January 2014 he is Assistant Professor at the University of Washington, Seattle. He was (co-)winner of the best paper awards at STOC 2010, SODA 2014 and STOC 2014. He received an Sloan Research Fellowship, an NSF CAREER award and a Packard Fellowship.

As software systems, especially those based on machine learning and data analysis, become ever more deeply engrained in modern society and take on increasingly powerful roles in shaping people's lives, concerns have been raised about the fairness, equity, and other embedded values of these systems. Many definitions of "fairness" have been proposed, and the technical definitions capture a variety of desirable statistical invariants. However, such invariants may not address fairness for all stakeholders, may be in tension with each other or other desirable properties, and may not be recognized by people as capturing the correct notion of fairness. In addition, requirements that serve fairness, in practice, often are enacted by prohibiting a set of practices considered unfair rather than fully modeling a particular definition of fairness.

For these reasons, we attack the goal of producing fair systems from a different starting point. We argue that a focus on accountability and transparency in the design of a computer system is a stronger basis for reasoning about fairness. We outline a research agenda in responsible system design based on this approach, attacking both technical and non-technical open questions. Technology can help realize human values - including fairness - in computer systems, but only if it is supported by appropriate organizational best practices and a new approach to the system design life cycle.

As a first step toward realizing this agenda, we present a cryptographic protocol for accountable algorithms, which uses a combination of commitments and zero-knowledge proofs to construct audit logs for automated decision-making systems that are publicly verifiable for integrity. Such logs comprise an integral record of the behavior of a computer system, providing evidence for future interrogation, oversight, and review while also providing immediate public assurance of important procedural regularity properties, such as the guarantee that all decisions were made under the same policy. Further, the existence of such evidence provides a strong incentive for the system's designers to capture the right human values by making deviations from those values apparent and undeniable. Finally, we describe how such logs can be extended to demonstrate the existence of key fairness and transparency properties in machine-learning settings. For example, we consider how to demonstrate that a model was trained on particular data, that it operates without considering particular sensitive inputs, or that it satisfies particular fairness invariants of the type considered in the machine-learning fairness literature. This approach leads to a better, more complete, and more flexible outcome from the perspective of preventing unfairness.

Joshua A. Kroll is a computer scientist studying the relationship between governance, public policy, and computer systems. As a Postdoctoral Research Scholar at the School of Information at the University of California at Berkeley, his research focuses on how technology fits within a human-driven, normative context and how it satisfies goals driven by ideals such as fairness, accountability, transparency, and ethics. He is most interested in the governance of automated decision-making systems, especially those using machine learning. His paper "Accountable Algorithms" in the University of Pennsylvania Law Review received the Future of Privacy Forum's Privacy Papers for Policymakers Award in 2017.

Joshua's previous work spans accountable algorithms, cryptography, software security, formal methods, Bitcoin, and the technical aspects of cybersecurity policy. He also spent two years working on cryptography and internet security at the web performance and security company Cloudflare. Joshua holds a PhD in computer science from Princeton University, where he received the National Science Foundation Graduate Research Fellowship in 2011.

Serious concerns have been raised about the role of `socialbots' in manipulating public opinion and influencing the outcome of elections by retweeting partisan content to increase its reach. Here we analyze the role and influence of socialbots on Twitter by determining how they contribute to retweet diffusions. We collect a large dataset of tweets during the 1st U.S. presidential debate in 2016 and we analyze its 1.5 million users from three perspectives: user influence, political behavior (partisanship and engagement) and botness. First, we define a measure of user influence based on the user's active contributions to information diffusions, i.e. their tweets and retweets. Given that Twitter does not expose the retweet structure -- it associates all retweets with the original tweet -- we model the latent diffusion structure using only tweet time and user features, and we implement a scalable novel approach to estimate influence over all possible unfoldings. Next, we use partisan hashtag analysis to quantify user political polarization and engagement. Finally, we use the BotOrNot API to measure user botness (the likelihood of being a bot). We build a two-dimensional "polarization map" that allows for a nuanced analysis of the interplay between botness, partisanship and influence. We find that not only are socialbots more active on Twitter -- starting more retweet cascades and retweeting more -- but they are 2.5 times more influential than humans, and more politically engaged. Moreover, pro-Republican bots are both more influential and more politically engaged than their pro-Democrat counterparts. However we caution against blanket statements that software designed to appear human dominates politics-related activity on Twitter. Firstly, it is known that accounts controlled by teams of humans (e.g. organizational accounts) are often identified as bots. Secondly, we find that many highly influential Twitter users are in fact pro-Democrat and that most pro-Republican users are mid-influential and likely to be human (low botness).

Dr. Marian-Andrei Rizoiu is a Research Fellow with the Australian National University, studying the dynamics of human attention in the online environment. His research has made several key contributions, particularly to the areas of online popularity prediction and online privacy. For the past four years, he has been developing theoretical models for online information diffusion, which can account for complex social phenomena, such as the rise and fall of online popularity, the spread of misinformation or the adoption of disruptive technologies. He approached questions such as "Why did X become popular, but not Y?" and "How can items be promoted?" with implications in advertising and marketing. Marian-Andrei has also worked on detecting the evolution of privacy loss over time. His research has shown that privacy "leaks" over time and it identified the factors causing the loss: the individual's own actions and the environment. The conclusions were staggering: privacy continues to decrease even for users who retired from activity. Marian-Andrei published in the most selective venues of the field (such as WWW, WSDM, ICWSM or CIKM) and his work has received significant media attention, including from the Wikimedia Foundation for the work concerning the privacy of Wikipedia editors (which featured in the March 2016 Wikimedia Research Showcase). See more at www.rizoiu.eu

To create a truly sustainable world, we need to generate ample resources and allocate them appropriately.  In traditional economics, these goals are achieved using money.  However, in many settings of particular social significance, monetary transactions are infeasible, be it due to ethical considerations or technological constraints.  In this talk, we will discuss alternatives to money, including risk, social status, and scarcity, and show how to use them to achieve socially-optimal outcomes.  Risk helps determine a person's value for a resource: the more someone is willing to risk for something, the more they value it.  Using this insight, we propose an algorithm to find a good assignment of students in school choice programs.  Social status helps motivate people to contribute to a public project.  Using this insight, we design badges to maximize contributions to user-generated content websites.  Scarcity forces people to evaluate trade-offs, allowing algorithms to infer the relative strength of their preference for different options.  Using this insight, we design voting schemes that select the most highly-valued alternative.

-

We tackle the problem of deciding whether two probabilistic programs are equivalent in the context of Probabilistic NetKAT, a formal language for reasoning about the behavior of packet-switched networks. The main challenge lies in reasoning about iteration, which we address by a reduction to finite-state absorbing Markov chains. Building on this approach, we develop an effective decision procedure based on stochastic matrices. Through an extended case study with a real-world data center network, we show how to use these techniques to automatically verify various properties of interests, including resilience in the presence of failures. This is joint work with Steffen Smolka, Praveen Kumar, Nate Foster, Justin Hsu, David Kahn, and Dexter Kozen.

-

What are the odds that you will get hacked tomorrow? To answer this question, it is not enough to reason about the state of your host -- we must also understand how easy it is for adversaries to exploit software vulnerabilities and what helps them distribute malware around the world. Moreover, the machine learning techniques that drive the success of such prediction tasks in non-adversarial domains, like computer vision or autonomous driving, face new challenges in security. 

In this talk I will discuss my work, combining machine learning with global-scale measurements, that has exposed critical security threats and has guided industrial practices. First, I will present the Worldwide Intelligence Network Environment (WINE), an analytics platform that has enabled systematic security measurements across more than 10 million hosts from around the world. Second, I will use WINE as a vehicle for exploring open research questions, such as the duration and impact of zero-day attacks, the weaknesses in public key infrastructures (PKIs) that allow malware to masquerade as reputable software, and how we can use machine learning to predict certain security incidents. I will conclude by discussing the impact of these predictions on the emerging cyber insurance industry and the lessons we learned about using machine learning in the security domain.

Tudor Dumitraș is an Assistant Professor in the Electrical & Computer Engineering Department at the University of Maryland, College Park. His research focuses on data-driven security: he studies real-world adversaries empirically, he builds machine  learning systems for detecting attacks and predicting security incidents, and he investigates the security of machine learning in adversarial environments. In his previous role at Symantec Research Labs he built the Worldwide Intelligence Network Environment (WINE) - a data analytics platform for security research. His work on the effectiveness of certificate revocations in the Web PKI was featured in the Research Highlights of the Communications of the ACM in 2018, and his measurement of the duration and prevalence of zero-day attacks received an Honorable Mention in the NSA competition for the Best Scientific Cybersecurity Paper of 2012. He also received the 2011 A. G. Jordan Award from the ECE Department at Carnegie Mellon University, the 2009 John Vlissides Award from ACM SIGPLAN, and the Best Paper Award at ASP-DAC'03. Tudor holds a Ph.D. degree from Carnegie Mellon University.

I will speak about an unexpected correspondence between a beautiful theory, due to Lovasz, about homomorphisms and graph limits and a popular heuristic for the graph isomorphism problem known as the Weisfeiler-Leman algorithm. I will also relate this to graph kernels in machine learning. Indeed, the context of this work is to desgin and understand similarity measures between graphs and discrete structures.

Prof. Martin Grohe is full professor at RWTH Aachen University where he heads the chair for Logic and Theory of Discrete Systems. His research interests are logic, algorithms und complexity, database theory, graph theory, and algorithmic learning theory.(Joint work with Holger Dell and Gaurav Rattan.)

The popularity of wearable and mobile devices, including smartphones and smartwatches, has generated an explosion of detailed behavioral data. These massive digital traces provide us with an unparalleled opportunity to realize new types of scientific approaches that provide novel insights about our lives, health, and happiness. However, gaining valuable insights from these data requires new computational approaches that turn observational, scientifically "weak" data into strong scientific results and can computationally test domain theories at scale. In this talk, I will describe novel computational methods that leverage digital activity traces at the scale of billions of actions taken by millions of people. These methods combine insights from data mining, social network analysis, and natural language processing to generate actionable insights about our physical and mental well-being. Specifically, I will describe how massive digital activity traces reveal unknown health inequality around the world, and how personalized predictive models can target personalized interventions to combat this inequality. I will demonstrate that modelling how fast we are using search engines enables new types of insights into sleep and cognitive performance. Further, I will describe how natural language processing methods can help improve counseling services for millions of people in crisis. I will conclude the talk by sketching interesting future directions for computational approaches that leverage digital activity traces to better understand and improve human well-being.

Tim Althoff is a Ph.D. candidate in Computer Science in the Infolab at Stanford University advised by Jure Leskovec. His research advances computational methods to improve human well-being, combining techniques from Data Mining, Social Network Analysis, and Natural Language Processing. Prior to his PhD, Tim obtained M.S. and B.S. degrees from Stanford University and University of Kaiserslautern, Germany. He has received several fellowships and awards including the SAP Stanford Graduate Fellowship, Fulbright scholarship, German Academic Exchange Service scholarship, the German National Merit Foundation scholarship, and a Best Paper Award by the International Medical Informatics Association. Tim’s research has been covered internationally by news outlets including BBC, CNN, The Economist, The Wall Street Journal, and The New York Times.

There is growing recognition that machine learning (ML) exposes new security and privacy vulnerabilities in software systems, yet the technical community's understanding of the nature and extent of these vulnerabilities remains limited but expanding. In this talk, I explore the threat model space of ML algorithms, and systematically explore the vulnerabilities resulting from the poor generalization of ML models when they are presented with inputs manipulated by adversaries. This characterization of the threat space prompts an investigation of defenses that exploit the lack of reliable confidence estimates for predictions made. In particular, we introduce a promising new approach to defensive measures tailored to the structure of deep learning. Through this research, we expose connections between the resilience of ML to adversaries, model interpretability, and training data privacy.

Nicolas Papernot is a PhD student in Computer Science and Engineering working with Professor Patrick McDaniel at the Pennsylvania State University. His research interests lie at the intersection of computer security, privacy and machine learning. He is supported by a Google PhD Fellowship in Security and received a best paper award at ICLR 2017. He is also the co-author of CleverHans, an open-source library widely adopted in the technical community to benchmark machine learning in adversarial settings. In 2016, he received his M.S. in Computer Science and Engineering from the Pennsylvania State University and his M.S. in Engineering Sciences from the Ecole Centrale de Lyon.

The datacenters behind popular cloud services are extremely resource-dense. A typical deployment has thousands of cores, terabytes of memory, gigabits of bandwidth, and petabytes of storage available per-rack. Datacenter economics require that providers share these resources across multiple customers for efficient utilization and as a means of providing price-competitive offerings. Shared infrastructure, however, risks cross-client interference and can result in degraded performance or data leaks, leading to outages and breaches. My work explores this tension with systems that provide security and performance isolation on shared hardware, while enabling efficient utilization and preserving the underlying performance of the devices.

This talk describes two such systems dealing with different resources: the first, Plastic, transparently mitigates poor scalability on multi-core systems caused by insufficient cache line isolation, which results in unnecessary memory contention and wasted compute cycles. Another one, Decibel, provides isolation in shared non-volatile storage and allows clients to remotely access high-speed devices at latencies comparable to local devices while guaranteeing throughput, even in the face of competing workloads.

Mihir is a PhD candidate at the University of British Columbia, working with Andy Warfield and Bill Aiello. He is broadly interested in systems and has worked on multi-core scalability and performance, and on providing better security and performance isolation in virtualized environments. During his PhD, he also spent a couple of years at Coho Data, working on high-speed storage systems. Prior to graduate school, he worked in the security industry on detecting kernel-level malware and on black-box vulnerability detection for applications.

As we rely more and more on computer software for automating processes and making decisions, the range of software that is considered critical goes well beyond the avionics and nuclear power industries: nowadays software plays an increasingly important role in convicting criminals, trading on the financial markets, autonomously driving cars, and performing medical diagnoses, to name a few applications. It is now paramount to ensure the reliability and security of such software, and expectations about software fairness and transparency are rapidly rising. To meet these needs, we need new mathematical models of software behavior that capture the aspects relevant for a particular dependability property, and new algorithmic approaches to effectively navigate this mathematical space and decide whether the software behaves as desired. This talk gives an overview of the steps I have taken towards addressing these challenges. Starting from a series of works on deciding software termination, I show that the insights from this domain are transferable to other formal methods and properties. These results pave the way for a unified framework for deciding increasingly advanced software dependability properties. I discuss the first results that I obtained in this more general direction, which in particular bring new conceptual clarity to the synergies with deciding security properties of software. Finally, I conclude with an outlook to the future and discuss the potential impact of this research on our personal, civic, and economic life.

Caterina Urban is a Postdoctoral Researcher in the Department of Computer Science of ETH Zurich. Her main research interest is the development of methods and tools to enhance the reliability of computer software and to help understanding complex software systems that nowadays permeate our society. Caterina received her Ph.D. from the École Normale Supérieure in Paris where she was advised by Radhia Cousot and Antoine Miné. During her Ph.D., she spent five months as a visiting research scholar at the NASA Ames research center and Carnegie Mellon University Silicon Valley. For her work, she received an ETH Zurich Career Seed Grant, a Gilles Kahn Thesis Award Honorable Mention, and the best paper award at the 25th International Conference on Automated Deduction.

Recent years have seen a rise in distributed systems for interactive, large-scale data processing. Cutting-edge systems focus on reducing latency and increasing expressiveness in order to provide an interactive and rich experience to more and varied users coming from emerging fields such as data science. Meanwhile, the languages and runtimes underlying such systems face numerous challenges in the context of the severely demanding needs of these new distributed systems; popular languages and runtimes like Scala and the JVM (a) limit the customizability of fundamental operations like serialization, and (b) expose low-level distribution-related errors to application developers and end users when trying to distribute core language features, such as functions. This talk presents three systems that (a) give more control over these primitives to distributed systems builders thereby enabling important optimizations, and (b) increase the reliability of distributing functions and objects. Theoretical, experimental, and empirical results are used in the validation of our work.

Heather Miller is an Assistant Clinical Professor at Northeastern University’s College of Computer and Information Science in Boston and the Executive Director of the Scala Center at EPFL, where she is also a Research Scientist. She recently completed her PhD in EPFL’s Faculty of Computer and Communication Science where she worked on the now-widespread programming language, Scala. Heather’s research interests are at the intersection of data-centric distributed systems and programming languages, with a focus on transferring her research results into industrial use. She has also taught and led development of several popular MOOCs some 1,000,000 students strong, such as "Big Data Analysis in Scala and Spark" and "Functional Programming Principles in Scala."

Distributed systems represent some of the most interesting and successful computing applications in use today, from modern web applications and social networks, to data analytics and large-scale machine learning.  However, it is notoriously difficult to understand, troubleshoot, and enforce distributed systems behaviors, because unlike standalone programs, they lack a central point of visibility and control.  This impacts important tasks like resource management, performance, security, accounting, and more.  In this talk I will outline techniques and abstractions for re-establishing cross-component visibility and control.  I will demonstrate with two cross-cutting tools that I have developed in my research: Retro, which measures resource usage and co-ordinates scheduler parameters to achieve end-to-end performance goals; and Pivot Tracing, which dynamically monitors and correlates metrics across component boundaries.  Together, these tools illustrate some of the common challenges and potential solutions when developing and deploying tools for distributed systems.

Jonathan Mace is a Ph.D. candidate in the Computer Science department at Brown University advised by Professor Rodrigo Fonseca.  His research centers on how to understand and enforce end-to-end behaviors in distributed systems.  During his Ph.D. he was awarded the Facebook Fellowship in Distributed Systems, and he received a Best Paper Award at SOSP for his work on Pivot Tracing.  Jonathan received his undergraduate degree in Mathematics and Computer Science from Oxford University in 2009

A popular approach to automatic program verification is to come up with an abstraction that reflects pertinent properties of the program. This abstraction is drawn from a class of formal models that is amenable to analysis. In the plethora of existing formal models, the aspects of programs that can be represented faithfully are typically determined by the infinite dimension of its state space, its storage mechanism. A central theme of my recent research is to obtain general insights into how the structure of the storage mechanism affects the analysis of a formal model. In the first part of my talk, I will survey results on an overarching framework of storage mechanisms developed in my doctoral work. It encompasses a range of infinite-state models and permits meaningful characterizations of when a particular method of analysis is applicable. Another current focus of my work concerns finite-state abstractions of infinite-state models. On one hand, these can be over- or under-approximations that are more efficient to analyze than infinite-state systems. On the other hand, they can serve as easy-to-check correctness certificates that are produced instead of yes-or-no answers to a verification task. Thus, the second part of my talk will be concerned with results on computing downward closures and related finite-state abstractions.

Georg Zetzsche is a post-doc at the Institut de Recherche en Informatique Fondamentale (IRIF) in Paris and holds a fellowship of the Fondation Sciences Mathématiques de Paris. Before that, he was a post-doc at Laboratoire Spécification et Vérification (LSV) in Cachan with a fellowship from the German Academic Exchange Service (DAAD). He received his PhD in 2015 from the University of Kaiserslautern. For his doctoral work, he received the Distinguished Dissertation Award of the European Association for Theoretical Computer Science (EATCS).

The widespread access to the Internet and the ubiquity of web-based services make it easy to communicate and interact globally. Unfortunately, the software implementing the functionality of these services is often vulnerable to attacks. In turn, an attacker can exploit them to compromise and abuse the services for nefarious purposes. In my research, I aim to better understand, detect, and prevent these attacks.

In this talk, we first look at detecting website defacements, which can inflict significant harm on a website's owner or operator through the loss of sales, the loss in reputation, or because of legal ramifications. Then, we dive into how to automatically identify malware distribution campaigns, which has become a major challenge in today's Internet. Next, we look at how to mitigate the dangers of domain takeover attacks, which give attackers the same capabilities to spread misinformation or malware as vulnerabilities do, but without the actual need for a vulnerability in the affected service. Last, I will conclude by sketching interesting future directions on how to better understand, detect, and prevent Internet abuse.

Kevin Borgolte is a Ph.D. Candidate in Computer Science in the SecLab at the University of California, Santa Barbara. In his research, he advances methods and builds systems to better understand, detect, and prevent large-scale Internet abuse. Prior to his Ph.D. studies, Kevin received a M.Sc. from ETH Zurich and a B.Sc. from the University of Bonn, Germany. He is a member of the Shellphish Capture the Flag team and he won 3rd place at the DARPA Cyber Grand Challenge with Shellphish. Kevin's research has been covered by CNN, The Guardian, WIRED, The Christian Science Monitor, as well as Schneier on Security, and Krebs on Security.

TCP is widely used for client-server communication in modern data centers. But TCP packet handling is notoriously CPU intensive, accounting for an increasing fraction of data center processing time. Techniques such as TCP segment offload, kernel bypass, and RDMA are of limited benefit for the typical small, frequent RPCs. These techniques can also compromise protocol agility, resource isolation, overall system reliability, and complicate multi-tenancy.

I propose a unique refactoring of TCP functionality that splits processing between a streamlined fast path for common operations, and an out-of-band slow path. Protocol processing executes in the kernel on dedicated cores that enforce correctness and resource isolation. Applications asynchronously communicate with the kernel through event queues, improving parallelism and cache utilization. I show that my approach can increase RPC throughput by up to 4.1x compared to Linux. The fast-path can be offloaded to a programmable NIC to further improve performance and minimize CPU time for network processing. With hardware offload, data packets are delivered directly from application to application, while the NIC and kernel cooperate to enforce correctness and resource isolation. I show that hardware offload can increase per-core packet throughput by 10.7x compared to the Linux kernel TCP implementation.

Antoine Kaufmann is a Ph.D. candidate in Computer Science and Engineering at the University of Washington, where he is a member of the Computer Systems Lab. Previously, he completed a Master's Degree from the Swiss Federal Institute of Technology (ETH) in Zurich. Antoine's research area is operating systems and networks, and much of his recent work has focused on improving application I/O performance in the data center.

A large portion of computation is now carried out in datacenter. A single datacenter hosts several 100s or 1000s of applications which share common compute and network resources in a datacenter. Isolating each application's performance, i.e., ensuring that its performance is predictable regardless of the behavior of other applications is essential to developing and deploying data center applications, since otherwise developers need to account for co-located applications, which increases development and deployment complexity. Despite its importance current approaches to performance isolation are incomplete, and focus mostly on isolating computational resources. In this talk I present two schemes for isolation network performance. The first, Silo, takes a resource allocation based approach and implements mechanisms for guaranteeing an application's network latency and throughput. The second, Express Pass, takes a congestion control based approach and fairly partitions network resources across applications.  Both approaches require no hardware (ASIC) changes, and can be deployed in today's datacenter. This shows that full application performance isolation is achievable today.

Keon Jang is a Software Engineer at Google Networking Infrastructure team. Previously he was a research scientist at Intel, and before that he was a postdoctoral researcher at Microsoft Research Cambridge where he worked with Hitesh Ballani. Keon got his PhD from KAIST in Daejon, South Korea where he was advised by Sue Moon and KyoungSoo Park. His current research focuses on datacenter networks.

Whether or not a distributed optimization problem, such as MST, shortest path, or min-cut, can be solved fast in a given network depends in a highly non-trivial manner on the network's topology. While there are pathological worst-case n-node topologies on which any of these optimization problems require Omega(sqrt(n)) rounds to compute, despite a small diameter D, most networks allow for fast O(D polylog n) round distributed algorithms. This talk will introduce the low-congestion shortcuts framework which allows to study these dependencies and makes it easy to design algorithms that, on networks of interest, are provably fast and often near instance optimal.

This is joint work with Mohsen Ghaffari, Goran Zuzic, Taisuke Izumi, Ellis Hershkowitz, David Wajc, and Jason Li.

Bernhard Haeupler is an Assistant Professor at the Computer Science Department of Carnegie Mellon University. He received his PhD and MSc in Computer Science from MIT, and a BSc, MSc and Diploma in (Applied) Mathematics from the Technical University of Munich. He has (co-)authored over 70 publications and won several awards for his research, including STOC and SODA best student paper awards, the 2014 ACM-EATCS Doctoral Dissertation Award of Distributed Computing and the NSF CAREER award. His research interests lie in the intersection of classical algorithm design, distributed computing, and coding theory.

Formal verification has been gaining the attention and resources of both the academic and the industrial world since it prevents critical software bugs that cost money, energy, time, and even lives. Yet, software development and formal verification are decoupled, requiring verification experts to prove properties of a template – instead of the actual – implementation ported into verification specific languages. My goal is to bridge formal verification and software development for the programming language Haskell. Haskell is a unique programming language in that it is a general purpose, functional language used for industrial development, but simultaneously it stands at the leading edge of research and teaching welcoming new, experimental, yet useful features.

In this talk I am presenting Liquid Haskell, a refinement type checker in which formal specifications are expressed as a combination of Haskell’s types and expressions and are automatically checked against real Haskell code. This natural integration of specifications in the language, combined with automatic checking, established Liquid Haskell as a usable verifier, enthusiastically accepted by both industrial and academic Haskell users. Recently, I turned Liquid Haskell into a theorem prover, in which arbitrary theorems about Haskell functions would be proved within the language. As a consequence, Liquid Haskell can be used in Haskell courses to teach the principles of mechanized theorem proving.   

Turning a general purpose language into a theorem prover opens up new research questions – e.g., can theorems be used for runtime optimizations of existing real-world applications? – that I plan to explore in the future.

Niki Vazou is a Postdoctoral Fellow at the Programming Languages Group at University of Maryland. She completed her Ph.D at UC San Diego, where together with her supervisor Ranjit Jhala, she developed Liquid Haskell, a formal verifier integrated into the Haskell programming language. During her Ph.D she was an intern at MSR Cambridge, MSR Redmond, and Awake Security, where she collaborated with top Haskell researchers and industrial developers on further expanding the applications and foundations of Liquid Haskell. Niki received the MSR Graduate Fellowship and is a member of the HaskellOrg committee.

Pic: https://nikivazou.github.io/images/me2.jpg

In the era of Big Data, datacenter and cloud architectures decouple compute and storage resources from each other for better scalability. While this design choice enables elastic scale-out, it also causes unnecessary data movements. One solution is to push parts of the computation down to storage where data can be filtered more efficiently. Systems that do this are already in use and rely either on regular server machines as storage nodes or on network attached storage devices. Even though the former provide complex computation and rich functionality since there are plenty of conventional cores available to run the offloaded computation, this solution is quite inefficient because of the over-provisioning of computing capacity and the bandwidth mismatches between storage, CPU, and network.  Networked storage devices, on the other hand, are better balanced in terms of bandwidth but at the price of offering very limited options for offloading data processing.

With Caribou, we explore an alternative design that offers rich offloading functionality while matching the available line-rate processing performance of either storage or network. It also does this in a much more efficient package (size, energy consumption) than regular servers. Our FPGA-based prototype system has been designed such that the internal data management logic can saturate the network for most operation mixes, without being over-provisioned. As a result, it can extract and process data from storage at multi-GB/s rate before sending it to the computing nodes, while at the same time offering features such as replication for fault-tolerance.

Caribou has been released as open source. Its modular design and extensible processing pipeline make it a convenient platform for exploring domain-specific processing inside storage nodes.

Zsolt Istvan is a recent PhD graduate of the Systems Group at ETH Zurich. His research looks at using FPGAs in the context of databases and distributed systems, with the goal of building hybrid solutions and specialized accelerators for data intensive tasks. Before graduate school he was a Master's student at ETH Zurich, Switzerland, and a Bachelor's student at the Technical University of Cluj-Napoca, Romania.

Formal reasoning about computational complexity turns out to be quite cumbersome as it often requires to manipulate explicit time bounds for a specific machine model. Implicit Computational Complexity is a research area which provides techniques and complexity classes characterisations to avoid this. We have formally verified the soundness (and part of the completeness) of such a technique − called quasi-interpretations − using the Coq proof assistant. In particular, we turned this into a tool to help guarantee the polynomial complexity of programs (here, term rewriting systems).

-

An educational program of study can be viewed as a knowledge graph consisting of learning units and relationships between them. Such a knowledge graph provides the core data structure for organizing and navigating learning experiences. We address three issues in this talk. First, how can we synthesize the knowledge graph, given a set of concepts to be covered in the study program. Next, how can we use data mining to identify and correct deficiencies in a knowledge graph. Finally, how can we use data mining to form study groups with the goal of maximizing overall learning. We conclude by pointing out some open research problems.

Rakesh Agrawal is the President and Founder of the Data Insights Laboratories, San Jose, USA and a Visiting Professor at EPFL, Lausanne, Switzerland. He is a member of the National Academy of Engineering, both USA and India, a Fellow of ACM, and a Fellow of IEEE. He has been both an IBM Fellow and a Microsoft Fellow. He has also been the Rukmini Visiting Chair Professor at the Indian Institute of Science, Bangalore, India. ACM SIGKDD awarded him its inaugural Innovations Award and ACM SIGMOD the Edgar F. Codd Award. He was named to the Scientific American’s First list of top 50 Scientists. Rakesh has been granted 80+ patents and published 200+ papers, including the 1st and 2nd highest cited in databases and data mining. Five of his papers have received "test-of-time" awards. His papers have received 100,000+ citations. His research formed the nucleus of IBM Intelligent Miner that led the creation of data mining as a new software category. Besides Intelligent Miner, several other commercial products incorporate his work, including IBM DB2 and WebSphere and Microsoft Bing.

Static verification techniques are used to analyse and prove properties about programs before they are deployed. In particular, deductive verification techniques often work directly on the source code and are used to verify data-oriented properties of all possible executions. In contrast, runtime verification techniques have been extensively used for control-oriented properties, and analyse concrete executions that occur in the deployed program. I present an approach in which data-oriented and control-oriented properties may be stated in a single formalism amenable to both static and dynamic verification techniques. The specification language enhances a control-oriented property language with data-oriented pre/postconditions. We show how such specifications can be analysed using a combination of the deductive verification system KeY and the runtime verification tool LARVA. Verification is performed in two steps: KeY performs fully automated proof attempts, the resulting partial proofs are analysed, and used to optimize the specification for efficient runtime checking.

Wolfgang Ahrendt is associate professor at Chalmers University of Technology in Gothenburg, Sweden. His major interests are software verification, theorem proving, and runtime verification. He one of the people behind the KeY approach and system, and has recently co-edited the book 'Deductive Software Verification - The KeY Book' (LNCS 100001).

Complex statistical models are increasingly being used or considered for use in high-stakes decision-making pipelines in domains such as financial services, health care, criminal justice and human services. These models are often investigated as possible improvements over more classical tools such as regression models or human judgement. While the modeling approach may be new, the practice of using some form of risk assessment to inform decisions is not. When determining whether a new model should be adopted, it is essential to be able to compare the proposed model to the existing approach across a range of task-relevant accuracy and fairness metrics. In this talk I will describe a subgroup analysis approach for characterizing how models differ in terms of fairness-related quantities such as racial or gender disparities. I will also talk about an ongoing collaboration with the Allegheny County Department of Health and Human Services on developing and implementing a risk assessment tool for use in child welfare referral screening.

https://arxiv.org/abs/1707.00046

http://www.post-gazette.com/local/region/2017/04/09/Allegheny-County-using-algor ithm-to-assist-in-child-welfare-screening/stories/201701290002

please see http://www.andrew.cmu.edu/user/achoulde/

Much of the policy and legal debate about algorithmic decision-making has focused on issues of accuracy and bias. Equally important, however, is the question of whether algorithmic decisions are understandable by human observers: whether the relationship between algorithmic inputs and outputs can be explained. Explanation has long been deemed a crucial aspect of accountability, particularly in legal contexts. By requiring that powerful actors explain the bases of their decisions — the logic goes — we reduce the risks of error, abuse, and arbitrariness, thus producing more socially desirable decisions. Decision-making processes employing machine learning algorithms complicate this equation. Such approaches promise to refine and improve the accuracy and efficiency of decision-making processes, but the logic and rationale behind each decision often remains opaque to human understanding. Indeed, at a technical level, it is not clear that all algorithms can be made explainable and, at a normative level, it is an open question when and if the costs of making algorithms explainable outweigh the benefits. This presentation will begin to map out some of the issues that must be addressed in determining in what contexts, and under what constraints, machine learning approaches to governmental decision-making are appropriate.

-

Two-thirds of all American adults access the news through social media. But social networks and social media recommendations lead to information bubbles, and personalization and recommendations, by maximizing the click-through rate, lead to ideological polarization. Consequently, rumors, false news, conspiracy theories, and now even fake news sites are an increasingly worrisome phenomena. While media organizations (Snopes.com, PolitiFact, FactCheck.org, et al.) have stepped up their efforts to verify news, political scientists tell us that fact-checking efforts may be ineffective or even counterproductive. To address some of these challenges, researchers at Indiana University are working on an open platform for the automatic tracking of both online fake news and fact-checking on social media. The goal of the platform, named Hoaxy, is to reconstruct the diffusion networks induced by hoaxes and their corrections as they are shared online and spread from person to person.

Giovanni Luca Ciampaglia is an assistant research scientist at the Indiana University Network Science Institute (IUNI). His research interests are in the emerging disciplines of network science and computational social science, with a particular focus on information diffusion on the Internet and social media. At IUNI, he leads various efforts within the Social Network Science Hub. His research has been covered in major news outlets, including the Wall Street Journal, the Economist, Wired, MIT Technology Review, NPR, and CBS News, to cite a few. He holds a Ph.D. in Informatics from the University of Lugano, Switzerland and a M.Sc. (Laurea) from Sapienza University of Rome, Italy.

This talk will introduce synchronization strings, which provide a novel way to efficiently deal with synchronization errors, i.e., insertions and deletions. Synchronization errors are strictly more general and much harder to cope with than more commonly considered Hamming errors, i.e., symbol corruptions and erasures. For every eps > 0, synchronization strings allow to index a sequence with an eps^{-O(1)} size alphabet such that one can efficiently transform k synchronization errors into (1 + eps) k Hamming errors. This powerful new technique has many applications. This talk will focus on designing insdel codes, i.e., error correcting block codes (ECCs) for insertion deletion channels.

While ECCs for both half-errors and synchronization errors have been intensely studied, the later has largely resisted progress. As Mitzenmacher puts it in his 2009 survey: "Channels with synchronization errors . . . are simply not adequately understood by current theory. Given the near-complete knowledge we have for channels with erasures and errors ... our lack of under- standing about channels with synchronization errors is truly remarkable."

A straight forward application of our synchronization strings based indexing method gives a simple black-box construction which transforms any ECC into an equally efficient insdel code with only a small increase in the alphabet size. This instantly transfers much of the highly developed understanding for regular ECCs into the realm of insdel codes. Most notably, for the complete noise spectrum we obtain efficient insdel codes which get arbitrarily close to the optimal rate-distance tradeoff, i.e., for any delta < 1 and eps > 0 we give insdel codes achieving a rate of 1 - delta that efficiently correct a delta - eps fraction of insertions or deletions.

This is joint work with Amirbehshad Shahrasbi.

http://www.cs.cmu.edu/~haeupler/

Social media has brought a revolution on how people get exposed to information and how they are consuming news. Beyond the undoubtedly large number of advantages and capabilities brought by social-media platforms, a point of criticism has been the creation of filter bubbles or echo chambers, caused by social homophily as well as by algorithmic personalisation and recommendation in content delivery. In this talk, I will present the methods we developed to (i) detect and quantify the existence of polarization on social media, (ii) monitor the evolution of polarisation over time, and finally, (iii) devise methods to overcome the effects caused by increased polarization. We build on top of existing studies and ideas from social science with principles from graph theory to design algorithms which are language independent, domain agnostic and scalable to large number of users.

Kiran Garimella is a PhD student at Aalto University. His research focuses on identifying and combating polarization on social media. In general he is interested in making use of large public datasets to understand human behaviour. Prior to starting his PhD, he worked as a Research Engineer at Yahoo Research, QCRI and as an intern at Carnegie Mellon University, LinkedIn and Amazon. His work on reducing polarization received the best student paper award at WSDM’17.

We define a syntactic monadic translation of type theory, called the weaning translation, that allows for a large range of effects in dependent type theory, such as exceptions, non-termination, non-determinism or writing operation. Through the light of a call-by-push-value decomposition, we explain why the traditional approach fails with type dependency and justify our approach. Crucially, the construction requires that the universe of algebras of the monad forms itself an algebra. The weaning translation applies to a version of the Calculus of Inductive Constructions with a restricted version of dependent elimination, dubbed Baclofen Type Theory, which we conjecture is the proper generic way to mix effects and dependence. This provides the first effectful version of CIC, which can be implemented as a Coq plugin.

-

Due to modern computer and data technology, we can today collect, store, process, and share more data than every before. This data revolution opens fundamentally new ways to think about the classical concept of feedback control as a basis for building future (artificial) intelligent systems, which interact with the physical world. In this talk, I will provide an overview of our recent research on intelligent control systems, which leverages machine learning and modern communication networks for control. I will present algorithms that enable systems to (i) autonomously learn from data, (ii) interconnect in cooperative networks, and (iii) use their resources efficiently. Throughout the talk, the developed algorithms and theory are highlighted with experiments on humanoid robots and a self-balancing dynamic sculpture.

Sebastian Trimpe is a Senior Research Scientist and Group Leader at the Max Planck Institute for Intelligent Systems in Tuebingen, Germany, where he leads the Intelligent Control Systems group. Sebastian obtained his Ph.D. (Dr. sc.) degree in 2013 from ETH Zurich with Raffaello DíAndrea at the Institute for Dynamic Systems and Control. Before, he received a B.Sc. degree in General Engineering Science in 2005, a M.Sc. degree (Dipl.-Ing.) in Electrical Engineering in 2007, and an MBA degree in Technology Management in 2007, all from Hamburg University of Technology. In 2007, he was a research scholar at the University of California at Berkeley. Sebastian is recipient of the General Engineering Award for the best undergraduate degree (2005), a scholarship from the German Academic National Foundation (2002-2007), the triennial IFAC World Congress Interactive Paper Prize (2011), and the Klaus Tschira Award for achievements in public understanding of science (2014). 

The nonnegative rank of a nonnegative m x n matrix M is the smallest number d such that M can be written as the product M = WH of a nonnegative m x d matrix W and a nonnegative d x n matrix H.  The notions of nonnegative rank and nonnegative matrix factorization have a wide variety of applications, including bioinformatics, computer vision, communication complexity, document clustering, and recommender systems. A longstanding open problem is whether, when M is a rational matrix, the factors W and H in a rank decomposition M=WH can always be chosen to be rational.  In this talk we resolve this problem negatively and discuss consequences of this result for the computational complexity of computing nonnegative rank.

This is joint work with Dmitry Chistikov, Stefan Kiefer, Ines Marusic, and Mahsa Shirmohammadi.

James Worrell is a Professor of Computer Science at the University of Oxford.  He currently holds on an EPSRC Established Career Fellowship on the subject of Verification of Linear Dynamical Systems.

Moore's Law may be slowing, but, perhaps as a result, other measures of processor complexity are only accelerating. In recent years, Intel's architects have turned to an alphabet soup of instruction set extensions such as MPX, SGX, MPK, and CET as a way to sell CPUs through new security features. SGX in particular promises powerful security: user-mode "enclaves" protected against both physical attacks and privileged software adversaries. To achieve this, SGX's designers implemented an isolation mechanism approaching the complexity of an OS microkernel in the ISA, using an inscrutable mix of silicon and microcode. However, while CPU-based security mechanisms are harder to attack, they are also harder to deploy and update, and already a number of significant flaws have been identified. Worse, the availability of new SGX features is dependent on the slowing deployment of new CPUs.

In this talk, I'll describe an alternative approach to providing SGX-like enclaves: decoupling the underlying hardware mechanisms such as memory encryption, address-space isolation and attestation from a privileged software monitor which implements enclaves. The monitor's trustworthiness is guaranteed by a machine-checked proof of both functional correctness and high-level security properties. The ultimate goal is to achieve security that is equivalent or better than SGX while decoupling enclave features from the underlying hardware.

Andrew Baumann is a researcher in the Systems Group at Microsoft Research, Redmond. His research interests include operating systems, distributed systems, and systems security. Recent research highlights include the Barrelfish multikernel OS, Drawbridge LibOS, and Haven trusted cloud platform. He was previously at The University of New South Wales (BE/PhD)and ETH Zurich (postdoc).

Web deep links are instrumental to many fundamental user experiences such as navigating to one web page from another, bookmarking a page, or sharing it with others. Such experiences are not possible with individual pages inside mobile apps, since historically mobile apps did not have links equivalent to web deep links. Mobile deep links, introduced in recent years, still lack many important properties of web deep links. Unlike web links, mobile deep links must be explicitly built into apps by developers, cover a small number of predefined pages, and are defined statically to navigate to a page for a given link, but not to dynamically generate a link for a given page. Another problem with state-of-the-art deep links is that, once exposed, they are hard to discover, thus limiting their usage in both first and third-party experiences.

In this talk, I'll give an overview of two new deep linking mechanisms that address these problems. First, we implemented an application library that transparently tracks data- and UI-event-dependencies of app pages and encodes the information in links to the pages; when a link is invoked, the information is utilized to recreate the target page quickly and accurately. Second, using static and dynamic analysis we prototyped a tool that can automatically discover links that are exposed by an app; in addition, it can discover many links that are not explicitly exposed. The goal is to obtain links to every page in an app automatically and precisely.

Oriana Riva is a researcher at Microsoft Research, Redmond. Prior to joining MSR in 2010, she received her PhD from the University of Helsinki, and was a PostDoc at ETH Zurich. Her research interests revolve around mobile systems, including the programming abstractions, developer tools and cloud infrastructures required to expand their role in the computing world.

In this talk I will present my research in developing local reasoning techniques in both concurrent and sequential settings.

On the concurrency side, I’ll present my work on the program logic of CoLoSL (Concurrent Local Subjective Logic) and its application to various fine-grained concurrent algorithms. A key difficulty in verifying concurrent programs is reasoning compositionally about each thread in isolation. CoLoSL is the first program logic to introduce the general composition and framing of interference relations (describing how shared resources may be manipulated by each thread) in the spirit of resource composition and framing in separation logic. This in turn enables local reasoning and allows for more concise specifications and proofs.

I will then present preliminary work on extending CoLoSL to reason about distributed database applications running under the snapshot isolation (SI) consistency model. SI is a commonly used consistency model for transaction processing, implemented by most distributed databases. The existing work focuses on the SI semantics and verification techniques for client-side applications remain unexplored. To fill this gap, I look into extending CoLoSL towards a program logic for client-side reasoning under SI.

On the sequential side, I’ll briefly discuss my work on specification and verification of web programs. My research in this area include: a compositional specification of the DOM (Document Object Model) library in separation logic; integrating this DOM specification with the JaVerT (JavaScript Verification Toolchain) framework for automated DOM/JavaScript client verification; as well as ongoing work towards extending JaVerT to reason about higher-order JavaScript programs.

Azalea is currently a PhD student at Imperial College's Department of Computing, supervised by Philippa Gardner and Sophia Drossopoulou. She is interested in applying formal verification techniques to web technologies, programming languages, and new application domains.

Flight critical subsystems in aerospace vehicles must achieve probability of failure rates of less than 1 failure in 10^9 flight hours (i.e. less than 1 failure per 100,000 years of operation).  Systems that achieve this level of reliability are hard to design, hard to verify, and hard to validate, especially if software is involved.  In this talk, I will talk about some of the challenges that the aerospace community faces in designing systems with this level of reliability and how tools from formal methods and control theory might help.  I will also describe some of the my group’s work in synthesis of reactive protocols for hybrid systems and its applications to design of safety critical systems.

Richard M. Murray received the B.S. degree in Electrical Engineering from California Institute of Technology in 1985 and the M.S. and Ph.D. degrees in Electrical Engineering and Computer Sciences from the University of California, Berkeley, in 1988 and 1991, respectively. He is currently the Thomas E. and Doris Everhart Professor of Control & Dynamical Systems and Bioengineering at Caltech. Murray's research is in the application of feedback and control to networked systems, with applications in biology and autonomy. Current projects include analysis and design biomolecular feedback circuits, synthesis of discrete decision-making protocols for reactive systems, and design of highly resilient architectures for autonomous systems.

Configuration errors are among the dominant causes of service-wide, catastrophic failures in today's cloud and datacenter systems. Despite the wide adoption of fault-tolerance and recovery techniques, these large-scale software systems still fail to effectively deal with configuration errors. In fact, even tolerance/recovery mechanisms are often misconfigured and thus crippled in reality.

In this talk, I will present our research efforts towards hardening cloud and datacenter systems against configuration errors. I will start with work that seeks for understanding the fundamental causes of misconfigurations. I will then focus on two of my approaches, PCheck and Spex, that enable software systems to anticipate and defend against configuration errors. PCheck generates checking code to help systems detect configuration errors early, and Spex exposes bad system reactions to configuration errors based on constraints inferred from source code.

Tianyin Xu is a Ph.D. candidate in Computer Science and Engineering at University of California, San Diego. His research interests intersect systems, software engineering, and HCI towards the overarching goal of building reliable and secure systems. His dissertation work has impacted the configuration design and implementation of real-world commercial and open-source systems, and has received a Best Paper Award at OSDI 2016.

Modern networks do far more than  just deliver packets, and provide network functions -- including  firewalls, caches, and WAN optimizers — that are crucial for scaling networks, ensuring security and enabling new applications. Network functions were traditionally implemented using dedicated hardware middleboxes, but in recent years they are increasingly being deployed as VMs on commodity servers. While many herald this move towards network function virtualization (NFV) as a great step forward, I argue that accepted virtualization techniques are ill-suited to network functions. In this talk I describe NetBricks — a new approach to building and running virtualized network functions that speeds development and increases performance. I end the talk by discussing the implications of being able to easily create and insert new network functions. 

Aurojit Panda is a PhD candidate in Computer Science at the University of California Berkeley, where he is advised by Scott Shenker . His work spans programming languages, networking and systems, and his recent work has investigated network verification, consensus algorithms in software defined networks and frameworks for building network functions. He has received best paper awards at SIGCOMM and EuroSys, and was previously awarded a Qualcomm Innovation Fellowship.

We first present an approach for analyzing the event time series, namely, the times of event occurrences. Interestingly, the event time series appears in various fields, including neuroscience (action potentials of a neuron), social media analysis (Twitter, Facebook), and so on. Then, we develop a framework for forecastingretweet activity through the analysis of Twitter dataset(Kobayashi & Lambiotte, ICWSM, 2016). This work is joint work with Renaud Lambiotte.

Dr. Kobayashi is an assistant professor at National Institute of Informatics in Japan. His research interests include mathematical modeling of human activity and computational neuroscience. He received EPFL award and INCF (International Neuroinformatics Coordinating Facility) prize for the development of single neuron model.

Current cloud services are vulnerable to hacks and surveillance programs that undermine user privacy and personal liberties. In this talk, I present how we can build practical systems for protecting user privacy from powerful persistent threats. I will discuss Talek, a private publish-subscribe protocol. With Talek, application developers can send and synchronize data through the cloud without revealing any information about data contents or communication patterns of application users. The protocol is designed with provable security guarantees and practical performance, 3-4 orders of magnitude better throughput than other systems with comparable security goals. I will also discuss Radiatus, a security-focused web framework to protect web apps against external intrusions, and uProxy, a Internet censorship circumvention tool in deployment today.

Raymond Cheng is a PhD student working with Thomas Anderson and Arvind Krishnamurthy at the University of Washington. Previously, he spent several years conducting security research in the US government. Raymond's research area is in building practical systems for security and privacy. He has published 6 papers in top systems conferences, including OSDI, Eurosys, and SOCC. In addition, Raymond has been an invited speaker at universities and research labs, such as Stanford, Microsoft Research, Google, and Palantir.

Algorithms and formal verification are two classical areas of computer science. The two fields apply rigorous mathematical proof to seemingly disparate ends---on the one hand, analyzing computational efficiency of algorithms; on the other, designing techniques to mechanically show that programs are correct.

In this talk, I will present a surprising confluence of ideas from these two areas. First, I will show how coupling proofs, used to analyze random walks and Markov chains, correspond to proofs in the program logic pRHL (probabilistic Relational Hoare Logic). This connection enables formal verification of novel probabilistic properties, and provides an structured understanding of proofs by coupling. Then, I will show how an approximate version of pRHL, called apRHL, points to a new, approximate version of couplings closely related to differential privacy. The corresponding proof technique---proof by approximate coupling---enables cleaner proofs of differential privacy, both for humans and for formal verification. Finally, I will share some directions towards a possible "Theory AB", blending ideas from both worlds.

Justin Hsu is a final year graduate student in Computer Science at the University of Pennsylvania. He obtained his undergraduate degree in Mathematics from Stanford University. His research interests span formal verification and theoretical computer science, including verification of randomized algorithms, differential privacy, and game theory. He is the recipient of a Simons graduate fellowship in Theoretical Computer Science.

Constrained counting and sampling are two fundamental problems in Computer Science with numerous applications, including network reliability, privacy, probabilistic reasoning, and constrained-random verification. In constrained counting, the task is to compute the total weight, subject to a given weighting function, of the set of solutions of the given constraints. In constrained sampling, the task is to sample randomly, subject to a given weighting function, from the set of solutions to a set of given constraints. In this talk, I will introduce a novel algorithmic framework for constrained sampling and counting that combines the classical algorithmic technique of universal hashing with the dramatic progress made in Boolean reasoning over the past two decades. This has allowed us to obtain breakthrough results in constrained sampling and counting, providing a new algorithmic toolbox in machine learning, probabilistic reasoning, privacy, and design verification. I will demonstrate the utility of the above techniques on various real applications including probabilistic inference, design verification and our ongoing collaboration in estimating the reliability of critical infrastructure networks during natural disasters.

Kuldeep Meel is a final year PhD candidate in Rice University working with Prof. Moshe Vardi and Prof. Supratik Chakraborty. His research broadly lies at the intersection of artificial intelligence and formal methods. He is the recipient of a 2016-17 IBM PhD Fellowship, the 2016-17 Lodieska Stockbridge Vaughn Fellowship and the 2013-14 Andrew Ladd Fellowship. His research won the best student paper award at the International Conference on Constraint Programming 2015. He obtained a B.Tech. from IIT Bombay and an M.S. from Rice in 2012 and 2014 respectively. He co-won the 2014 Vienna Center of Logic and Algorithms International Outstanding Masters thesis award.

Bayesian methods are frequently used for analysing privacy-sensitive datasets, including medical records, emails, and educational data, and there is a growing need for practical Bayesian inference algorithms that protect the privacy of individuals' data. To this end, we provide a general framework for privacy-preserving variational Bayes (VB) for a large class of probabilistic models, called the conjugate exponential (CE) family. Our primary observation is that when models are in the CE family, we can privatise the variational posterior distributions simply by perturbing the expected sufficient statistics of the complete-data likelihood. For widely used non-CE models with binomial likelihoods (e.g., logistic regression), we exploit the Polya-Gamma data augmentation scheme to bring such models into the CE family, such that inferences in the modified model resemble the original (private) variational Bayes algorithm as closely as possible. The iterative nature of variational Bayes presents a further challenge for privacy preservation, as each iteration increases the amount of noise needed. We overcome this challenge by combining: (1) a relaxed notion of differential privacy, called concentrated differential privacy, which provides a tight bound on the privacy cost of multiple VB iterations and thus significantly decreases the amount of additive noise; and (2) the privacy amplification effect of subsampling mini-batches from large-scale data in stochastic learning. We empirically demonstrate the effectiveness of our method in CE and non-CE models including latent Dirichlet allocation (LDA), Bayesian logistic regression, and Sigmoid Belief Networks (SBNs), evaluated on real-world datasets. >

Mijung Park completed her Ph.D. in the department of Electrical and Computer Engineering under the supervision of Prof. Jonathan Pillow (now at Princeton University) and Prof. Alan Bovik at The University of Texas at Austin. She worked with Prof. Maneesh Sahani as a postdoc at the Gatsby computational neuroscience unit at University College London. Currently, she works with Prof. Max Welling as a postdoc in the informatics institute at University of Amsterdam. Her research focuses on developing practical algorithms for privacy preserving data analysis. Previously, she worked on a broad range of topics including approximate Bayesian computation (ABC), probabilistic manifold learning, active learning for drug combinations and neurophysiology experiments, and Bayesian structure learning for sparse and smooth high dimensional parameters.

People are becoming an integral part of computational systems, fueled primarily by recent technological advancements as well as deep-seated economic and societal changes. Consequently, there is a pressing need to design new data science and machine learning frameworks that can tackle challenges arising from human participation (e.g. questions about incentives and users’ privacy) and can leverage people’s capabilities (e.g. ability to learn).

In this talk, I will share my research efforts at the confluence of people and computing to address real-world problems. Specifically, I will focus on collaborative consumption systems (e.g. shared mobility systems and sharing economy marketplaces like Airbnb) and showcase the need to actively engage users for shaping the demand who would otherwise act primarily in their own interest. The main idea of engaging users is to incentivize them to switch to alternate choices that would improve the system’s effectiveness. To offer optimized incentives, I will present novel multi-armed bandit algorithms and online learning methods in structured spaces for learning users’ costs for switching between different pairs of available choices. Furthermore, to tackle the challenges of data sparsity and to speed up learning, I will introduce hemimetrics as a structural constraint over users’ preferences. I will show experimental results of applying the proposed algorithms on two real-world applications: incentivizing users to explore unreviewed hosts on services like Airbnb and tackling the imbalance problem in bike sharing systems. In collaboration with an ETH Zurich spinoff and a public transport operator in the city of Mainz, Germany, we deployed these algorithms via a smartphone app among users of a bike sharing system. I will share the findings from this deployment.

Adish Singla is a PhD student in the Learning and Adaptive Systems Group at ETH Zurich. His research focuses on designing new machine learning frameworks and developing algorithmic techniques, particularly for situations where people are an integral part of computational systems. Before starting his PhD, he worked as a Senior Development Lead in Bing Search for over three years. He is a recipient of the Facebook Fellowship in the area of Machine Learning, Microsoft Research Tech Transfer Award, and Microsoft Gold Star Award.

The CakeML project has recently produced a verified compiler which we believe to be the most realistic verified compiler for a functional programming language to date. In this talk I'll give an overview of the CakeML project with focus on the new compiler, in particular how the compiler is structured, how the intermediate languages are designed and how the proofs are carried out. The talk will stay at a fairly high-level, but I am happy to dive into details for any of the parts that I know well.

The CakeML project is currently a collaboration between six sites across three continents. The new compiler is due to: Anthony Fox (Cambridge, UK), Ramana Kumar (Data61, Sydney Australia), Magnus Myreen (Chalmers, Sweden), Michael Norrish (Data61, Canberra Australia), Scott Owens (Kent, UK), and Yong Kiam Tan (CMU, USA).

I grew up in Finland, but did my undergraduate studies in Oxford UK where Dr Jeff Sanders was my tutor. I completed my PhD on verification of machine-code programs in 2009 at the University of Cambridge UK supervised by Prof. Mike Gordon. My PhD dissertation was selected as the winner of the BCS Distinguished Dissertation Competition in 2010. In 2012, I became a Royal Society Research Fellow. In 2014, I moved to Chalmers, where I became Associate Professor (tenured) in 2015.

There has been an uptrend in the demand and need for complex Cyber-Physical Systems (CPS), such as self-driving cars, unmanned aerial vehicles (UAVs), and smart manufacturing systems for Industry 4.0. CPS  often need to accurately sense the surrounding environment by using high-bandwidth acoustic, imaging and other types of sensors; and to take coordinated decisions and issue time critical actuation commands. Hence, temporal predictability in sensing, communication, computation, and actuation is a fundamental attribute. Additionally, CPS must operate safely even in spite of software and hardware misbehavior to avoid catastrophic failures. To satisfy the increasing demand for performance, modern computing platforms have substantially increased in complexity; for instance, multi-core systems are now mainstream, and partially re-programmable system-on-chip (SoC) have just entered production. Unfortunately, extensive and unregulated sharing of hardware resources directly undermines the ability of guaranteeing strong temporal determinism in modern computing platforms. Novel software architectures are needed to restore temporal correctness of complex CPS when using these platforms. My research vision is to design and implement software architectures that can serve as a reference for the development of high-performance CPS, and that embody two main requirements: temporal predictability and robustness. In this talk, I will address the following questions concerning modern multi-core systems: Why application timing can be highly unpredictable? What techniques can be used to enforce safe temporal behaviors on multi-core platforms? I will also illustrate possible approaches for time-aware fault tolerance to maximize CPS functional safety. Finally, I will review the challenges faced by the embedded industry when trying to adopt emerging computing platforms, and I will highlight some novel directions that can be followed to accomplish my research vision.

Renato Mancuso is a doctoral candidate in the Department of Computer Science at the University of Illinois at Urbana-Champaign. He is interested in high-performance cyber-physical systems, with a specific focus on techniques to enforce strong performance isolation and temporal predictability in multi-core systems. He has published around 20 papers in major conferences and journals. His papers were awarded a best student paper award and a best presentation award at the Real-Time and Embedded Technology and Applications Symposium (RTAS) in 2013 and 2016, respectively. He was the recipient of a Computer Science Excellence Fellowship, and a finalist for the Qualcomm Innovation Fellowship. Some of the design principles for real-time multi-core computing proposed in his research have been officially incorporated in recent certification guidelines for avionics systems. They have also been endorsed by government agencies, industries and research institutions worldwide. He received a B.S. in Computer Engineering with honors (2009) and a M.S. in Computer Engineering with honors (2012) from the University of Rome "Tor Vergata".

The emergence of online platforms has brought about a fundamental shift in economic thinking: the design of economic systems is now a problem that computer science can tackle. For the first time we are able to move from the study of economic systems as natural systems to carefully designing and executing them on a computer. Prominent examples of digital market mechanisms include auctions for ads (run by companies such as Google) and electromagnetic spectrum (used by the US government). I will discuss several recent developments in fair division and mechanism design. I will start with a dictatorship theorem for fair division (cake cutting), showing that requiring truthfulness gives rise to a dictator. Afterwards, I will discuss the theme of simplicity and complexity in mechanism design, and more generally the interplay between economics and computation and learning.

Simina Branzei is an I-CORE postdoctoral fellow at the Hebrew University of Jerusalem, specializing in the area of Economics and Computation. Her research has been published at top conferences in artificial intelligence such as AAAI and IJCAI, and she received multiple awards, such as the Simons-Berkeley fellowship, the IBM Ph.D. fellowship, and the Google Anita Borg Memorial scholarship. She completed a Ph.D. at Aarhus University, Denmark, M.Math from the University of Waterloo, Canada, and held visiting positions at Tsinghua University, China, and Carnegie Mellon University.

The past decade has seen a rapid acceleration in the development of new and transformative applications in many areas including transportation, medicine, finance, and communication. Most of these applications are made possible by the increasing diversity and scale of hardware and software systems.

While this brings unprecedented opportunity, it also increases the probability of failures and the difficulty of diagnosing them. Increased scale and transience has also made management increasingly challenging. Devices can come and go for a variety of reasons including mobility, failure and recovery, and scaling capacity to meet demand.

In this talk, I will be presenting several systems that I built to address the resulting challenges to reliability, management, and security.

Ori is a reliable distributed file system for devices at the network edge. Ori automates many of the tasks of storage reliability and recovery through replication, taking advantage of fast LANs and low cost local storage in edge networks.

Castor is record/replay system for multi-core applications with predictable and consistently low overheads. This makes it practical to leave record/replay on in production systems, to reproduce difficult bugs when they occur, and to support recovering from hardware failures through fault tolerance.

Cryptographic CFI (CCFI) is a dynamic approach to control flow integrity. Unlike previous CFI systems that rely purely on static analysis, CCFI can classify pointers based on dynamic and runtime characteristics. This limits the attacks to only actively used code paths, resulting in a substantially smaller attack surface.

Ali is currently completing his PhD at Stanford University where he is advised by Prof. David Mazières. His work focuses on improving reliability, ease of management and security in operating systems and distributed systems. Previously, he was a Staff Engineer at VMware, Inc. working as the technical lead for the live migration products. Ali received an M.Eng. in electrical engineering and computer science and a B.S. in electrical engineering from the Massachusetts Institute of Technology.

Modern programming languages safeguard developers from many typical errors, yet more subtle errors—such as violations of security policies—still plague software. Program synthesis has the potential to eliminate such errors, by generating executable code from concise and intuitive high-level specifications. Traditionally, program synthesis failed to scale to specifications that encode complex behavioral properties of software: these properties are notoriously hard to check even for a given program, and so it’s not surprising that finding the right program within a large space of candidates has been considered very challenging. My work tackles this challenge through the design of synthesis-friendly program verification mechanisms, which are able to check a large set of candidate programs against a complex specification at once, whereby efficiently pruning the search space.

Based on this principle, I developed Synquid, a program synthesizer that accepts specifications in the form of expressive types and uses a specialized type checker as its underlying verification mechanism. Synquid is the first synthesizer powerful enough to automatically discover provably correct implementations of complex data structure manipulations, such as insertion into Red-Black Trees and AVL Trees, and normal-form transformations on propositional formulas. Each of these programs is synthesized in under a minute. Going beyond textbook algorithms, I created a language called Lifty, which uses type-driven synthesis to automatically rewrite programs that violate information flow policies. In our case study, Lifty was able to enforce all required policies in a prototype conference management system.

Nadia Polikarpova is a postdoctoral researcher at the MIT Computer Science and Artificial Intelligence Lab, interested in helping programmers build secure and reliable software. She completed her PhD at ETH Zurich. For her dissertation she developed tools and techniques for automated formal verification of object-oriented libraries, and created the first fully verified general-purpose container library, receiving the Best Paper Award at the International Symposium on Formal Methods. During her doctoral studies, Nadia was an intern at MSR Redmond, where she worked on verifying real-world implementations of security protocols. At MIT, Nadia has been applying formal verification to automate various critical and error-prone programming tasks.

The security properties of blockchain technology allow for the shifting of trust assumptions, e.g., to remove trusted third parties; they, however, create new challenges for security and scalability, which have not yet been fully understood and that we investigate in this talk. The blockchain’s security, for example, affects the ability of participants to exchange monetary value or to participate in the network communication and the consensus process. Our first contribution provides a quantitative framework to objectively compare the security and performance characteristics of Proof of Work-based blockchains under adversaries with optimal strategies. Our work allows us to increase Bitcoin’s transaction throughput by a factor of ten, given only one parameter change and without deteriorating the security of the underlying blockchain. In our second contribution, we highlight previously unconsidered impacts of the PoW blockchain’s scalability on its security and propose design modifications that are now implemented in the primary Bitcoin client. Because blockchain technology is still in its infancy, we conclude the talk with an outline of future work towards an open, scalable, privacy-preserving and decentralized blockchain.

Arthur Gervais's research interests revolve around the security and privacy of blockchain technology, and he also worked on web privacy. He just defended in December 2016 his Ph.D. in the Institute of Information Security at ETH Zürich. During his Ph.D., he performed a 3-months internship at Intel Labs, Oregon, working on blockchain technology. He obtained his Master degrees from KTH Stockholm (Sweden) and Aalto University (Finland) in 2012. Furthermore, he holds a diplôme d'ingénieur from INSA de Lyon (France) from 2012. His Master's thesis was on the security of industrial control systems (SCADA).

Most static program analysis techniques do not fully verify all possible executions of a program. They leave executions unverified when they do not check certain properties, fail to verify properties, or check properties under certain unsound assumptions, such as the absence of arithmetic overflow. In the first part of the talk, I will present a technique to complement partial verification results by automatic test case generation. In contrast to existing work, our technique supports the common case that the verification results are based on unsound assumptions. We annotate programs to reflect which executions have been verified, and under which assumptions. These annotations are then used to guide dynamic symbolic execution toward unverified program executions, leading to smaller and more effective test suites.

In the second part of the talk, I will describe a new program simplification technique, called program trimming. Program trimming is a program pre-processing step to remove execution paths while retaining equi-safety (that is, the generated program has a bug if and only if the original program has a bug). Since many program analyzers are sensitive to the number of execution paths, program trimming has the potential to improve their effectiveness. I will show that program trimming has a considerable positive impact on the effectiveness of two program analysis techniques, abstract interpretation and dynamic symbolic execution.

Maria Christakis is currently a lecturer (assistant professor) in the School of Computing at the University of Kent, England. She was previously a post-doctoral researcher at Microsoft Research Redmond, USA. She received her Ph.D. from the Department of Computer Science of ETH Zurich, Switzerland in the summer of 2015. Maria was awarded with the ETH medal for an outstanding doctoral thesis. She completed her Bachelor's and Master's degrees at the Department of Electrical and Computer Engineering of the National Technical University of Athens, Greece.

Static verification of performance properties of programs is an important problem that has attracted great deal of research. However, most existing tools infer best-effort upper bounds and hope that they match users expectations. In this talk, I will present a system for specifying and verifying bounds on resources such as the number of evaluation steps and heap-allocated objects, for functional Scala programs that may rely on lazy evaluation and memoization. In our system, users can specify the desired resource bound as a template with numerical holes in the contracts of functions e.g. as "steps <= ? * size(list) + ?", along with other functional properties necessary for establishing the bounds. The system automatically infers values for the holes that will make the templates hold for all executions of the functions. For example, the property that a function converting a propositional formula f into negation-normal form (NNF) takes time linear in the size of f can be expressed in the post-condition of the function using the predicate "steps <= ? * size(f) + ?", where size is a user-defined function counting the number of nodes in the syntax tree of the formula. Using our tool, we have verified asymptotically precise bounds of several algorithms and data structures that rely on complex sharing of higher-order functions and memoization. Our benchmarks include balanced search trees like red-black trees and AVL trees, Okasaki’s constant-time queues, deques, lazy data structures based on numerical representations such as lazy binomial heaps, cyclic streams, and dynamic programming algorithms. Some of the benchmarks have posed serious challenges to automatic as well as manual reasoning. The system is a part of the Leon verifier and can be tried online at "http://leondev.epfl.ch" ("Resource bounds" section).

Ravichandhran Madhavan is a fifth year Ph.D student at EPFL, Switzerland, where he is advised by Prof. Viktor Kuncak. His research interests lie in the areas of programming languages, static program analysis and software verification. Before joining EPFL, he spent a couple of years as a research assistant in the Programming Languages and Tools group of Microsoft Research India, where he developed a static, side-effects analysis for C# programs (seal.codeplex.com). His Ph.D thesis is focused on resource verification of higher-order programs. Website: lara.epfl.ch/~kandhada

Static verification of performance properties of programs is an important problem that has attracted great deal of research. However, most existing tools infer best-effort upper bounds and hope that they match users expectations. In this talk, I will present a system for specifying and verifying bounds on resources such as the number of evaluation steps and heap-allocated objects, for functional Scala programs that may rely on lazy evaluation and memoization. In our system, users can specify the desired resource bound as a template with numerical holes in the contracts of functions e.g. as "steps <= ? * size(list) + ?", along with other functional properties necessary for establishing the bounds. The system automatically infers values for the holes that will make the templates hold for all executions of the functions.  For example, the property that a function converting a propositional formula f into negation-normal form (NNF)  takes time linear in the size of f can be expressed in the post-condition of the function using the predicate "steps <= ? * size(f) + ?",  where size is a user-defined function counting the number of nodes in the syntax tree of the formula. Using our tool, we have verified asymptotically precise bounds of several algorithms and data structures that rely on complex sharing of higher-order functions and memoization. Our benchmarks include balanced search trees like red-black trees and AVL trees, Okasaki’s constant-time queues, deques, lazy data structures based on numerical representations such as lazy binomial heaps, cyclic streams, and dynamic programming algorithms. Some of the benchmarks have posed serious challenges to automatic as well as manual reasoning. The system is a part of the Leon verifier and can be tried online at "http://leondev.epfl.ch" ("Resource bounds" section).

References:   (a) Symbolic Resource Bound Inference For Functional Programs. Ravichandhran Madhavan and Viktor Kuncak. Computer Aided Verification, CAV 2014 (b) Contract-based Resource Verification for Higher-order Functions with Memoization. Ravichandhran Madhavan, Sumith Kulal and Viktor Kuncak. To appear in POPL 2017

Ravichandhran Madhavan is a fifth year Ph.D student at EPFL, Switzerland, where he is advised by Prof. Viktor Kuncak.  His research interests lie in the areas of programming languages, static program analysis and software verification. Before joining EPFL, he spent a couple of years as a research assistant in the Programming Languages and Tools group of Microsoft Research India, where he developed a static, side-effects analysis for  C# programs (seal.codeplex.com). His Ph.D thesis is focused on resource verification of higher-order programs. Website: lara.epfl.ch/~kandhada

The energy sector is in the midst of an exciting transition. Driven by new generation technologies and by infrastructure digitalization, the traditional way of transmitting, distributing and using energy is transforming a centralized hierarchical system into a multi-directional open infrastructure. While the vision of Intelligent Energy Networks is appealing and desirable---especially from a sustainability perspective---a number of major challenges remain to be tackled. The loss of centralized control, the intermittent nature of renewable energy sources and the scale of the future digital energy systems are novel situations for power systems infrastructures and consumers that pose reliability and availability threats.

In this talk, I show examples of how Computer Science techniques are having and will have an important role in future energy systems. I focus on electricity as energy vector, and techniques from Service-Oriented Computing and AI Planning. I also present Complex Network theory as a design tool for energy distribution systems. To make things concrete, I will review almost ten years of personal research that include making office buildings energy efficient, homes smarter, and futuristic models for the evolution of power distribution grids to accommodate for multi-directional energy flows with distributed generation and local control.

Marco Aiello is full professor of Distributed Systems at the University of Groningen (RUG), head of the Distributed Systems unit, Founder of the startup SustainableBuildings, and member of the Board of the startup Nerdalize BV. Before joining the RUG he was a Lise Meitner fellow at the Technical University of Vienna (from which he obtained the Habilitation), and assistant professor at the University of Trento. He holds a PhD in Logic from the University of Amsterdam and a MSc in Engineering from the University of Rome La Sapienza, cum Laude.

Attribute-based Encryption(ABE) is a form of asymmetric cryptography that allows encryption over labels named "attributes". In an ABE scheme, an "authority" generates public parameters and secrets and assigns attributes (and associated secrets) to users. Data can be encrypted using formulas over attributes; users can decrypt if they have attribute secrets that satisfy the encryption formula.

In this talk, I will discuss an extension to ABE that allows encryption over attributes provided by multiple authorities. Such a scheme enables secure data sharing between otherwise distrusting organizations. I will discuss example scenarios where multi-authority ABE is useful, and describe one new construction of multi-authority ABE scheme named DMA.

In DMA, a data owner is a first class principal: users in the system get attributes in cooperation with the data owner and various authorities. Compared to previous work, DMA does not require a global identity for users, or require the multiple authorities to trust a single central authority. DMA is also immune to collusion attacks mounted by users and authorities.

Beverly Li received her Ph.D. from Shanghai Jiaotong University in 2007, and is an assistant professor at Hunan University. Her research interests are in security, networking, and computer systems.

The controller synthesis problem for CPS is often reduced to solving omega-regular games with an optional optimization criterion. The criteria commonly used in the literature on omega-regular games are however frequently unsuitable for obtaining high-quality CPS controllers as they are unable to capture many, if not most, real-world optimization objectives. We survey a few such cases and show that such problems can be overcome with more sophisticated optimization criteria. The synthesis problem for them gives rise to ugly games, i.e. games that have complicated definitions but relatively simple solutions.

-

In this talk, I will show how we can harness the synergy between programming languages and verification methods to help programmers build reliable software, prove complex properties about them, and scale verification to industrial projects. First, I will describe P a domain-specific language to write asynchronous event driven code. P isolates the control-structure, or protocol, from the data-processing. This allows us not only to generate efficient code, but also to test it using model checking techniques. P was used to implement and verify the core of the USB device driver stack that ships with Microsoft Windows 8 and later versions. The language abstractions and verification helped building a driver which is both reliable and fast. Then, I will introduce PSync a domain specific language for fault-tolerant distributed algorithms that simplifies the implementation of these algorithms enables automated formal verification, and can be executed efficiently. Fault-tolerant algorithms are notoriously difficult to implement correctly, due to asynchronous communication and faults. PSync provides an high-level abstraction by viewing an asynchronous faulty system as synchronous one with an adversarial environment that simulates faults. We have implemented in PSync several important fault-tolerant distributed algorithms and we compare the implementation of consensus algorithms in PSync against implementations in other languages.

Damien Zufferey is a Postdoctoral researcher in Martin Rinard's group at MIT CSAIL since Octorber 2013. Before moving to MIT, He obtained a PhD at the Institute of Science and Technology Austria (IST Austria) under supervision of Thomas A. Henzinger in September 2013 and a Master in computer science from EPFL in 2009. He is interested in improving software reliability by developing theoretical models, building analysis tools, and giving the programmer the appropriate language constructs. He is particularly interested in the study of complex concurrent systems. His research lies at the intersection of formal methods and programming languages.

The existing gap between the processor and main memory operating speeds motivated the introduction of intermediate cache memories to accelerate the average access time to instructions and data accessed by programs running on the processor. The introduction of cache memories in modern computing platforms is the cause of important variations in the execution time of each task, depending on whether the instruction and data it requires are already loaded in the cache or not. Many works have focused on analyzing the impact of preemptions on the worst-case execution time (WCET) and worst-case response time (WCRT) of tasks in preemptive systems. Indeed, the preempted tasks may suffer additional cache misses if its memory blocks are evicted from the cache during the execution of preempting tasks. These evictions cause extra accesses to the main memory, which result in additional delays in the task execution. This extra cost is usually referred to as cache-related preemption delays (CRPDs).

Several approaches use information about the tasks' memory access patterns to bound and incorporate preemption costs into the WCRT analysis. These approaches all result in pessimistic WCRT bounds due to the fact that they do not consider the variation in memory demand for successive instances of a same task. They usually assume that the useful cache content for the task is completely erased between two of its executions. However, in actual systems, successive instances of a task may re-use most of the data and instructions that were already loaded in the cache during previous executions. During this talk, we will discuss the concept of persistent cache blocks from a task WCRT perspective, and will present how it can be used to reduce the pessimism of the WCRT analysis for fixed priority preemptive systems. Then, we will introduce techniques exploiting this notion of cache persistence to pre-configure systems so as to improve their runtime behavior.

Geoffrey Nelissen was born in Brussels, Belgium in 1985. He earned his M.Sc. degree in Electrical Engineering at Université Libre de Bruxelles (ULB), Belgium in 2008. He then worked during four years as a Ph.D. student in the PARTS research unit of ULB. In 2012, he received his Ph.D. degree under the supervision of Professors Joël Goossens and Dragomir Milojevic, on the topic "Efficient Optimal Multiprocessor Scheduling Algorithms for Real-Time Systems". He is currently working at CISTER, Porto, Portugal, as an associate researcher in the area of real-time scheduling, embedded, distributed and safety critical system design and analysis.

Laci will report about this breakthrough result on graph isomorphism.

The presentation will be in two parts of 45 minutes each.

The first part will be for a general audience.

-

This talk will briefly cover the overall research agenda of the MSR Lab in Bangalore. We work in many broad areas that of CS including Algorithms, Crypto, Systems, ML, and ICT4D among others.  The talk will cover three ongoing projects to give you a sense of the breadth of our work: The Trusted Cloud, Green Spaces, and 99DOTS. The goal of the Trusted Cloud project is to explore the challenges of keeping client data stored in the Cloud secure without trusting the Cloud operator, and involves research in the disciplines of computer security, programming languages and verification, and hardware.

The Green Spaces project attempts to understand the implications of using TV spectrum to provide ubiquitous internet access in countries like India or Brazil where, unlike the US, there is plenty of unused spectrum that can be tapped. This project involves both questions in CS research as well as policy issues at the national level on spectrum allocation.

The 99DOTS project address the problem that arises when patients do not adhere to medications as prescribed by the doctors. Such non-adherence has severe health consequences to large population of patients in all parts of the world. 99DOTS proposes a novel solution to ensure medication adherence in a very cost way, and is used by the Indian Government for Tuberculosis in all its treatment centers in the country.

Chandu Thekkath, currently head of Microsoft Research India, joined Microsoft in 2001. Microsoft Research India, which began operating in January 2005, conducts basic research in computing and engineering sciences relevant to Microsoft’s business and the global IT community, with a special focus on algorithms, cryptography, security, mobility, networks and systems, multilingual systems, software engineering, machine learning, and the role of technology in socioeconomic development. Thekkath began his career at Microsoft as a Senior Researcher at Microsoft Research Silicon Valley, where he did research in multiple areas: mobile devices, distributed data intensive computing, and large-scale storage systems. He also worked with the Hotmail team as chief architect for the Blue project. Blue went into production use within MSN in mid-2006 and was an early example within Microsoft of a large scale distributed storage system that provided strict read/write guarantees in the presence of disk, machine, and network failures.

Synthesis, the automatic construction of objects related to hard- and software, is one of the great challenges of computer science. Although synthesis problems are impossible to solve in general, learning-based approaches, in which the synthesis of an object is based on learning from examples, have recently been used to build elegant and extremely effective solutions for a large number of difficult problems. Such examples include automatically fixing bugs, translating programs from one language into another, program verification, as well as the generation of high-level code from given specifications.

This talk gives an introduction to learning-based synthesis. First, we develop a generic view on learning-based synthesis, called abstract learning frameworks for synthesis, which introduces a common terminology to compare and contrast learning-based synthesis techniques found in the literature. Then, we present a learning-based program verifier, which can prove the correctness of numeric programs (nearly) automatically, and show how this technique can be modeled as an abstract learning framework for synthesis. During the talk, we present various examples that highlight the power of the learning-based approach to synthesis.

I work as postdoctoral researcher in the ExCAPE project at University of Illinois at Urbana-Champaign and University of California, Los Angeles. I joined ExCAPE in August 2014. I received my Ph.D. from RWTH Aachen University in April 2014, where I worked with Christof Löding and Wolfgang Thomas. My thesis is on Applications of Automata Learning in Verification and Synthesis. During this time, I visited Prof. Madhusudan at University of Illinois at Urbana-Champaign. I graduated from RWTH Aachen University with a Master of Science in Computer Science in November 2007.

Machine learning has taken over our world, in more ways than we realize. You might get book recommendations, or an efficient route to your destination, or even a winning strategy for a game of Go. But you might also be admitted to college, granted a loan, or hired for a job based on algorithmically enhanced decision-making. We believe machines are neutral arbiters: cold, calculating entities that always make the right decision, that can see patterns that our human minds can't or won't. But are they? Or is decision-making-by-algorithm a way to amplify, extend and make inscrutable the biases and discrimination that is prevalent in society? To answer these questions, we need to go back — all the way to the original ideas of justice and fairness in society. We also need to go forward — towards a mathematical framework for talking about justice and fairness in machine learning.

Suresh Venkatasubramanian is an associate professor in the School of Computing at the University of Utah. He did his Ph.D at Stanford University, and did a stint at AT&T Research before joining the U. His research interests include computational geometry, data mining and machine learning, with special interests in high dimensional geometry, large data algorithms, clustering and kernel methods. He received an NSF CAREER award in 2010. He spends much of his time now thinking about the problem of "algorithmic fairness": how we can ensure that algorithmic decision-making is fair, accountable and transparent. His work has been covered on Science Friday, NBC News, and Gizmodo, as well as in various print outlets.

Internet crime has become increasingly dependent on the underground economy: a loose federation of specialists selling capabilities, services, and resources explicitly tailored to the abuse ecosystem. Through these emerging markets, modern criminal entrepreneurs piece together dozens of à la carte components into entirely new criminal endeavors. In this talk, I'll discuss parts of this ecosystem and show that criminal reliance on this black market introduces fragile dependencies that, if disrupted, undermine entire operations that as a composite appear intractable to protect against.

Prof. McCoy is an Assistant Professor at New York University in the Computer Science and Engineering department. His focus is on empirical measurements of the socio-economics of cyber attackers and security of cyber-physical systems.

Discrepancy theory is widely studied area in combinatorics, and has various applications in computer science to areas such as approximation algorithms, space-time lower bounds, geometric algorithms, numerical integration and so on. In the last few years there has been remarkable progress in our understanding of algorithmic aspects of discrepancy. In addition to leading to efficient algorithms for various problems where only non-constructive proofs were known before, these methods have also led to improved results and various new connections between discrepancy and convex geometry, optimization and probability. In this talk, we will give an overview of some of these developments.

Nikhil Bansal is a Professor in the Department of Mathematics and Computer Science at Eindhoven University of Technology. He did his Bachelors in Computer Science from IIT Mumbai (1999) and obtained his PhD from Carnegie Mellon University in 2003. He worked at the IBM T.J. Watson Research Center until 2011, where he also managed the Algorithms group. He is broadly interested in theoretical computer science with focus on the design and analysis of algorithms. He has received several best paper awards for his work and he is on the editorial boards for several journals. He is also the recipient of a NWO Vidi grant, an ERC consolidator grant and an NWO TOP grant.

Counter automata are an appealing formal model of systems and programs with an unbounded number of states that find a plethora of applications, for instance in the verification of concurrent shared-memory programs. A counter automaton comprises a finite-state controller with a finite number of counters ranging over the natural numbers that can be incremented, decremented and tested for zero when a transition is taken. Despite having been studied since the early days of computer science, many important problems about decidable subclasses of counter automata have remained unsolved. This talk will give an overview over the history and some of the progress on both theoretical and practical aspects of counter automata that has been made over the last two years, focusing on new results concerning reachability, stochastic extensions, practical decision procedures, and the challenges that lie ahead.

This talk is based on joint work with M. Blondin (Montreal), A. Finkel (Cachan), S. Haddad (Cachan), P. Hofman (Cachan), S. Kiefer (Oxford) and M. Lohrey (Siegen).

-

YouTube competes with Hollywood as an entertainment channel, and also supplements Hollywood by acting as a distribution mechanism.  Twitter has a similar relationship to news media, and Coursera to Universities. But there are no online alternatives for making democratic decisions at large scale as a society. In this talk, we will describe two algorithmic approaches towards large scale decision making that we are exploring.

a) Knapsack voting and participatory budgeting: All budget problems are knapsack problems at their heart, since the goal is to pack the largest amount of societal value into a budget. This naturally leads to "knapsack voting" where each voter solves a knapsack problem, or comparison-based voting where each voter compares pairs of projects in terms of benefit-per-dollar. We analyze natural aggregation algorithms for these mechanisms, and show that knapsack voting is strategy-proof. We will also describe our experience with helping implement participatory budgeting in close to two dozen cities and municipalities, and briefly comment on issues of fairness.

b) Triadic consensus: Here, we divide individuals into small groups (say groups of three) and ask them to come to consensus; the results of the triadic deliberations in each round form the input to the next round. We show that this method is efficient and strategy-proof in fairly general settings, whereas no pair-wise deliberation process can have the same properties.

This is joint work with Tanja Aitamurto, Brandon Fain, Anilesh Krishnaswamy, David Lee, Kamesh Munagala, and Sukolsak Sakshuwong.

Ashish Goel is a Professor of Management Science and Engineering and (by courtesy) Computer Science at Stanford University, and a member of Stanford's Institute for Computational and Mathematical Engineering. He received his PhD in Computer Science from Stanford in 1999, and was an Assistant Professor of Computer Science at the University of Southern California from 1999 to 2002. His research interests lie in the design, analysis, and applications of algorithms; current application areas of interest include social networks, Internet commerce, and large scale data processing. Professor Goel is a recipient of an Alfred P. Sloan faculty fellowship (2004-06), a Terman faculty fellowship from Stanford, an NSF Career Award (2002-07), and a Rajeev Motwani mentorship award (2010). He was a co-author on the paper that won the best paper award at WWW 2009, and was a research fellow at Twitter from 2009-14 where he designed and prototyped Twitter's monetization and personalization algorithms. Professor Goel is also Principal Scientist at Teapot, Inc.

In this talk I will introduce first  my general research interests which span from mobility modelling and geo-social network analysis to mobile sensing and mobile systems. I will then describe our work in the area of understanding patterns of mobility through sensing using microphone, accelerometer and gyroscope, primarily. I will then describe techniques which help make this energy efficient to achieve continuous sensing on smartphones and wearables. Examples will be drawn from our studies in mental health monitoring, vehicular mobility monitoring and organization analytics.

Cecilia Mascolo is Full Professor of Mobile Systems in the Computer Laboratory, University of Cambridge, UK. Prior joining Cambridge in 2008, she has been a faculty member in the Department of Computer Science at University College London. She holds a PhD from the University of Bologna. Her research interests are in human mobility modelling, mobile and sensor systems and networking and spatio-temporal data analysis. She has published in a number of top tier conferences and journals in the area and her investigator experience spans more than twenty projects funded by Research Councils and industry. She has served as organizing and programme committee member of over fifty mobile, sensor systems and networking conferences and workshops. She sits on the editorial boards of IEEE Pervasive Computing, IEEE Transactions on Mobile Computing and ACM Transactions on Sensor Networks. More details at www.cl.cam.ac.uk/users/cm542

With the success of machine learning, we increasingly see learning algorithms ma ke decisions in the real world. Often, however, this is in stark contrast to the  classical train- test paradigm, since the learning algorithm affects the very data it must operat e on.  I will explain how predictive confidence bounds can guide data acquisition in a principled way to make effecti ve decisions in a variety of complex settings.  I will present algorithms with performance guarantees relying on the notion of submodularity, a natural notion of diminishing returns.  I will also discuss several applications, ranging from autonomously guiding wetlab experimen ts in protein structure optimization, to safe automatic parameter tuning on a ro botic platform.

Andreas Krause is an Associate Professor of Computer Science at ETH Zurich, where he leads the Learning & Adaptive Systems Group. Before that he was an Assistant Professor of Computer Science at Caltech. He received his Ph.D. and M.Sc. in Computer Science from Carnegie Mellon University (2008) and his Diplom in Computer Science and Mathematics from the Technical University of Munich, Germany (2004). He is a Microsoft Research Faculty Fellow and a Kavli Frontiers Fellow of the US National Academy of Sciences. He received an ERC Starting Investigator grant, the Deutscher Mustererkennungspreis, an NSF CAREER award, the Okawa Foundation Research Grant recognizing top young researchers in telecommunications as well as the ETH Golden Owl teaching award. His research in learning and adaptive systems that actively acquire information, reason and make decisions in large, distributed and uncertain domains, such as sensor networks and the Web received awards at several premier conferences and journals.

For computer software, our security models, policies, mechanisms, and means of assurance were primarily conceived and developed before the end of the 1970's. However, since that time, software has changed radically: it is thousands of times larger, comprises countless libraries, layers, and services, and is used for more purposes, in far more complex ways. This suggests that we should revisit some of our core computer security concepts. For example, what does the Principle of Least Privilege mean when all software contains libraries that can express arbitrary functionality? And, what security policy should be enforced when software is too complex for either its developers or its users to explain its intended behavior in detail? One possibility is to take an empirical, data-driven approach to modern software, and determine its exact, concrete behavior via comprehensive, online monitoring. Such an approach can be a practical, effective basis for security— as demonstrated by its success in spam and abuse fighting—but its use to constrain software behavior raises many questions. In particular, two questions seem critical. First, is it possible to learn the details of how software *is* behaving, without intruding on the privacy of its users?  Second, are those details a good foundation for deriving security policies that constrain how software *should* behave?  This talk answers both these questions in the affirmative, as part of an overall approach to data-driven security. Specifically, the talk describes techniques for learning detailed software statistics while providing differential privacy for its users, and how deep learning can help derive useful security policies that match users' expectations with intended software behavior. Those techniques are both practical and easy to adopt, and have already been used at scale for billions of users.

Úlfar currently heads a security research team at Google. Previously, he has been a researcher at Microsoft Research, Silicon Valley, an Associate Professor at Reykjavik University, Iceland, and led security technology at two startups: GreenBorder and deCODE Genetics. He holds a PhD in computer science from Cornell University.

Connectivity services have been the focus of tremendous innovation in the recent past. The majority of such innovation, however, has primarily targeted mobile devices, despite the ever growing interest around home services. In this talk I am going to describe different types of innovation that I consider interesting for residential users and why they have or have not succeeded. The fundamental question is "What does it actually take to create interesting, novel user experiences for residential users?". In the talk I am going to focus on constraints, but also opportunities that could create meaningful value added services for the place that we love to call our home.

Konstantina (Dina) Papagiannaki is the Scientific Director, responsible for the Internet, Systems and mobile research carried out by the scientific group at Telefonica Research and Development in Barcelona. Prior to that she was a senior researcher at Intel Labs; from 2004 until the end of 2006 in Cambridge, UK and from 2007 until 2011 in Pittsburgh, USA. From the beginning of 2000 until the end of 2003 she was a member of the IP Group at the Sprint Advanced Technology Labs. She got awarded her PhD from the Computer Science Department of University College London (UCL) in March 2003, receiving the Distinguished Dissertations Award 2003. She got her first degree in Electrical and Computer Engineering at the National Technical University of Athens (NTUA) in October 1998. She has chaired the technical program committee of the premier conferences in her field, authored more than 60 peer reviewed papers, authored a book on the design and management of large-scale IP networks through Cambridge University Press, has 1 pending and 5 awarded patents, and has received the best paper awards at ACM Mobicom 2009, ACM IMC 2013, and ACM CoNEXT 2013. She has held an adjunct faculty position in the Computer Science Department at Carnegie Mellon University from 2007 until 2011, and in 2008 she received the rising star award of the computer networking community of ACM. She has participated as an expert in panels for the Federal Commission of Communications, the National Telecommunications and Information Agency, and the National Science Foundation of the U.S.A, as well as the Association of Computing Machinery.

Reliability is a first-order concern in modern distributed systems. Even large, well-provisioned systems such as Gmail and Amazon Web Services can be brought down by failures, incurring millions of dollars of cost and hurting company reputation. Such service outages are typically caused by either hardware failures or software bugs. The systems community has developed various techniques for dealing with both kinds of failures (e.g. replication, software testing), but those techniques come at a significant cost. For example, our replication techniques for handling hardware failures are incompatible with multithreaded execution, forcing a stark choice between reliability and performance. As for guarding against software failures, our only real option today is to test our system as best we can and hope we have not missed any subtle bugs. In principle there exists another option, formal verification, that fully addresses this problem, but its overhead in both raw performance and programming effort is considered way too impractical to adopt in real developments.

In this talk, I make the case for Sustainable Reliability, i.e. reliability techniques that provide strong guarantees without imposing unnecessary overhead that limits their practicality. My talk covers the challenges faced by both hardware and software failures and proposes novel techniques in each area. In particular, I will describe how we can reconcile replication and multithreaded execution by rethinking the architecture of replicated systems. The resulting system, Eve, offers an unprecedented combination of strong guarantees and high performance. I will also describe IronFleet, a new methodology that brings formal verification of distributed systems within the realm of practicality. Despite its strong guarantees, IronFleet incurs a very reasonable overhead in both performance and programming effort.

Manos Kapritsos is a Postdoctoral Researcher at Microsoft Research in Redmond, WA. He received his Ph.D. from the University of Texas at Austin in 2014. His research focuses on designing reliable distributed systems, by applying fault-tolerant replication to combat machine failures and using formal verification to ensure software correctness.

Many of our everyday activities are now performed online - whether it is banking, shopping, or chatting with friends. Behind the scenes, these activities are implemented by large distributed systems that often contain machines from several different organizations. Usually, these machines do what we expect them to, but occasionally they 'misbehave' - sometimes by mistake, sometimes to gain an advantage, and sometimes because of a deliberate attack.

In society, accountability is widely used to counter such threats. Accountability incentivizes good performance, exposes problems, and builds trust between competing individuals and organizations. In this talk, I will argue that accountability is also a powerful tool for designing distributed systems. An accountable distributed system ensures that 'misbehavior' can be detected, and that it can be linked to a specific machine via some form of digital evidence. The evidence can then be used just like in the 'offline' world, e.g., to correct the problem and/or to take action against the responsible organizations.

I will give an overview of our progress towards accountable distributed systems, ranging from theoretical foundations and efficient algorithms to practical applications. I will also present one result in detail: a technique that can detect information leaks through covert timing channels.

Andreas Haeberlen is a Raj and Neera Singh Assistant Professor at the University of Pennsylvania. His research interests are in distributed systems, networking, and security. Andreas received his PhD degree in Computer Science from Rice University in 2009; he is the recipient of a NSF CAREER award, and he was awarded the Otto Hahn Medal by the Max Planck Society.

Application developers lack tools to profile and compare the energy consumption of different software designs. This energy-optimization task is challenging because of unpredictable interactions between the application and increasingly complex power management logic. Yet, having accurate power information would allow application developers to both avoid inefficient designs and discover opportunities for new optimizations.

In this talk, I will show that it is possible to accurately measure system-level power and attribute it to application activities. I will present BattOr, a portable, easy-to-use power monitor that provides developers with a profile of the energy consumption of their designs-without modifications to hardware or software. I will show how Google developers are using BattOr to improve Chrome's energy efficiency. I will also show how fine-grained understanding of cellular power at different signal strengths enables novel energy optimizations. Finally, I will describe my future plans to attribute system-level power to individual hardware components and to investigate opportunities presented by instrumenting every server in a data center with fine-grained power monitoring.

Aaron Schulman is a Postdoctoral Scholar at Stanford working with Sachin Katti; he earned his Ph.D. in Computer Science from the University of Maryland, where he was advised by Neil Spring. His research interests are in low-power embedded systems, wireless communication, and network measurement. Aaron’s research on the BattOr power monitor has been funded by Google, is being commercialized by his startup Mellow Research, and is becoming Google’s de facto standard tool for measuring the energy consumption of the Chrome web browser. For his dissertation, Aaron provided the first observations of fundamental factors that limit the reliability of the Internet’s critical last-mile infrastructure. His dissertation was selected to receive the the 2013 ACM SIGCOMM Doctoral Dissertation Award.http://stanford.edu/~aschulm

Understanding the complex defender-adversary interaction in any adversarial interaction allows for the design of intelligent and adaptive defense.  Game theory is a natural model for such multi-agent interaction. However, significant challenges need to be overcome in order to apply game theory in practice. In this talk, I will present my work on addressing two such challenges: scalability and learning adversary behavior. First, I will present a game model of screening of passengers at airports and a novel optimization approach based on randomized allocation and disjunctive programming techniques to solve large instances of the problem. Next, I will present an approach that learns adversary behavior and then plans optimal defensive actions, thereby bypassing standard game-theoretic assumptions such as rationality. However, a formal Probably Approximately Correct (PAC) model analysis of the learning module in such an approach reveals possible conditions under which learning followed by optimization can produce sub-optimal results. This emphasizes the need of formal compositional reasoning when using learning in large systems. 

The airport screening work was done in collaboration with the Transport Security Administration in USA. The approach of learning adversary behavior was applied for predictive policing in collaboration with University of Southern California (USC) police, and is being tested on the USC campus.

-

We present a recent line of work on automated synthesis of synchronization constructs for concurrent programs. Our techniques are inspired by a study of the most common types of concurrency bugs and bugs-fixes in Linux device-drivers.  As opposed to classical techniques which tend to use expensive synchronization constructs, our technique attempts to use inexpensive program transformations, such as reordering independent statements, to improve the performance of generated fixes.

Our techniques are based on the observation that a large fraction of concurrency bugs are data-independent. This observations allow us to characterize and fix concurrency bugs based only on the order of execution of the statements involved. We evaluated our techniques on several real concurrency bugs that occurred in Linux device drivers, and showed that our synthesis procedure is able to produce more efficient and "programmer-like" bug-fixes.

We finish by talk with a brief note on the general theme of soft specifications, such as performance and energy consumption, in program synthesis. Specifically, we will discuss the use of quantitative specifications and their applications to resource management in embedded and cyber-physical systems.

Arjun Radhakrishna is a post-doctoral researcher at the University of Pennsylvania. Previously, he completed his PhD at the Institute of Science and Technology, Austria advised by Prof. Thomas A. Henzinger. His research focuses primarily on using programming language techniques, specifically, automated program synthesis, for rigorous systems engineering.  His current research interests include the use of alternative specification mechanisms to capture subtle soft requirements on computing systems, such as program performance, energy consumption, or a program's robustness to errors. He is also interested in verification and synthesis of concurrent programs, in particular, device drivers.

Online social interactions have become an integral part of people's lives, e.g., presidential candidates use Facebook and Twitter to engage with the public, programmers rely on Stackoverflow to write code, and various communities have been forming online. This unprecedented amount of social interaction offers tremendous opportunities to understand human behavior. Such an understanding can induce significant social impact, ranging from influencing election outcomes to better communication for everyone. 

My research leverages newly available massive datasets of social interactions to understand human behavior and predict human decisions. These results can be used to build or improve socio-technical systems. In this talk, I will explain my research at both micro and macro levels. At the micro level, I investigate the effect of wording in message sharing via natural experiments. I develop a classifier that outperforms humans in predicting which tweet will be retweeted more. At the macro level, I examine how users engage with multiple communities and find that, surprisingly, users continually explore new communities on Reddit. Moreover, their exploration patterns in their early ``life'' can be used to predict whether they will eventually abandon Reddit. I will finish with some discussion of future research directions in understanding human behavior.

Chenhao Tan is a Ph.D. Candidate in the Department of Computer Science at Cornell University. He earned Bachelor degrees in Computer Science and in Economics from Tsinghua University. His research spans a wide range of topics in social computing. He has published papers primarily at ACL and WWW, and also at KDD, WSDM, ICWSM, etc. His work has been covered by many news media outlets, such as the New York Times and the Washington Post. He also won a Facebook fellowship and a Yahoo! Key Scientific Challenges award.

The state of Internet security today is largely reactive, continually raising the defensive bar in response to increasingly sophisticated attackers. In this talk, I will present an alternate approach to building Internet systems that underlies much of my work: instead of reactively working around some attacks, what if we were to make them impossible in the first place?

 I will discuss two primitives my collaborators and I have created that provide small proofs of impossibility, and I will demonstrate   how they can be applied to solve large-scale problems, including censorship resistance, digital currency, and online voting.     First, I will present TrInc, a small piece of trusted hardware that provides proof that an attacker could not have sent conflicting   messages to others.  Second, I will present Alibi Routing, a peer-to-peer system that provides proof that a user's packets could   not have gone through a region of the world the user requested them to forbid. Finally, I will describe some of my ongoing   and future efforts, including securing the Web's public key infrastructure.

Dave Levin is a research scientist and co-chair of the Computer Science Undergraduate Honors program at the University of Maryland.   He previously worked in the Social Computing Group at Hewlett Packard Labs after getting his PhD from UMD in 2010.  His work lies   at the intersection of networking, security, and economics. Dave has received a best paper award at NSDI, and a best reviewer award   from ACM SIGCOMM.

The shift to multi-core architectures in the past ten years pushed developers to write concurrent software to leverage hardware parallelism. The transition to multi-core hardware happened at a more rapid pace than the evolution of associated programming techniques and tools, which made it difficult to write concurrent programs that are both efficient and correct. Failures due to concurrency bugs are often hard to reproduce and fix, and can cause significant losses.

In this talk, I will first give an overview of the techniques we developed for the detection, root cause diagnosis, and classification of concurrency bugs. Then, I will discuss how the techniques we developed have been adopted at Microsoft and Intel. I will then discuss in detail Gist, a technique for the root cause diagnosis of failures. Gist uses hybrid static-dynamic program analysis and gathers information from real user executions to isolate root causes of failures. Gist is highly accurate and efficient, even for failures that rarely occur in production. Finally, I will close by describing future work I plan to do toward solving the challenges posed to software systems by emerging technology trends.

Baris Kasikci completed his Ph.D. in the Dependable Systems Laboratory (DSLAB) at EPFL, advised by George Candea. His research is centered around developing techniques, tools, and environments that help developers build more reliable and secure software. He is interested in finding solutions that allow programmers to better reason about their code, and that efficiently detect bugs, classify them, and diagnose their root cause. He especially focuses on bugs that manifest in production, because they are hard and time-consuming. He is also interested in efficient runtime instrumentation, hardware and runtime support for enhancing system security, and program analysis under various memory models.

Baris is one of the four recipients of the VMware 2014-2015 Graduate Fellowship. During his Ph.D., he interned at Microsoft Research, VMware, and Intel. Before starting his Ph.D., he worked as a software engineer for four years, mainly developing real-time embedded systems software. Before joining EPFL, he was working for Siemens Corporate Technology. More details can be found at http://www.bariskasikci.org/.

Humans as well as information are organized in networks. Interacting with these networks is part of our daily lives: we talk to friends in our social network; we find information by navigating the Web; and we form opinions by listening to others and to the media. Thus, understanding, predicting, and enhancing human behavior in networks poses important research problems for computer and data science with practical applications of high impact. In this talk I will present some of my work in this area, focusing on (1) human navigation of information networks and (2) person-to-person opinions in social networks.

Network navigation constitutes a fundamental human behavior: in order to make use of the information and resources around us, we constantly explore, disentangle, and navigate networks such as the Web. Studying navigation patterns lets us understand better how humans reason about complex networks and lets us build more human-friendly information systems. As an example, I will present an algorithm for improving website hyperlink structure by mining raw web server logs. The resulting system is being deployed on Wikipedia's full server logs at terabyte scale, producing links that are clicked 10 times as frequently as the average link added by human Wikipedia editors.

Communication and coordination through natural language is another prominent human network behavior. Studying the interplay of social network structure and language has the potential to benefit both sociolinguistics and natural language processing. Intriguing opportunities and challenges have arisen recently with the advent of online social media, which produce large amounts of both network and natural language data. As an example, I will discuss my work on person-to-person sentiment analysis in social networks, which combines the sociological theory of structural balance with techniques from natural language processing, resulting in a machine learning model for sentiment prediction that clearly outperforms both text-only and network-only versions.

I will conclude the talk by sketching interesting future directions for computational approaches to studying and enhancing human behavior in networks.

Robert West is a sixth-year Ph.D. candidate in Computer Science in the Infolab at Stanford University, advised by Jure Leskovec. His research aims to understand, predict, and enhance human behavior in social and information networks by developing techniques in data science, data mining, network analysis, machine learning, and natural language processing. Previously, he obtained a Master's degree from McGill University in 2010 and a Diplom degree from Technische Universität München in 2007.

Severe low-level vulnerabilities abound in today's computer systems, allowing cyber-attackers to remotely gain full control. This happens in big part because our programming languages, compilers, and architectures were designed in an era of scarce hardware resources and too often trade off security for efficiency. The semantics of mainstream low-level languages like C is inherently insecure, and even for safer languages, establishing security with respect to a high-level semantics does not guarantee the absence of low-level attacks. Secure compilation using the coarse-grained protection mechanisms provided by mainstream hardware architectures would be too inefficient for most practical scenarios.

In this talk I will present a new project that is aimed at leveraging emerging hardware capabilities for fine-grained protection to build the first, efficient secure compilers for realistic programming languages, both low-level (the C language) and high-level (ML and F*, a dependently-typed variant). These compilers will provide a secure semantics for all programs and will ensure that high-level abstractions cannot be violated even when interacting with untrusted low-level code. To achieve this level of security without sacrificing efficiency, our secure compilers target a novel tagged architecture, which associates a metadata tag to each word and efficiently propagates and checks tags according to software-defined rules. Formally, our goal is full abstraction with respect to a secure high-level semantics. This property is much stronger than just compiler correctness and ensures that no machine-code attacker can do more harm to securely compiled components than a component in the secure source language already could.

Catalin is a tenured Research Scientist at Inria Paris where he develops rigorous formal techniques for solving security problems. He is particularly interested in formal methods for security (memory safety, compartmentalization, access control, integrity, security protocols, information flow), programming languages (type systems verification, proof assistants, property-based testing, semantics, formal metatheory, certified tools, dynamic enforcement), and the design and verification of security-critical systems (reference monitors, secure compilers, microkernels, secure hardware).  He is a developer of the new F* verification system and of several other open source tools based on his research.  Catalin was a PhD student at Saarland University and a Research Associate at University of Pennsylvania before joining Inria Paris in September 2013.

Cyber-physical systems -- such as cars, pacemakers, and power plants -- need to interact with the physical world in a timely manner to ensure safety. It is important to have a way to analyze these systems and to prove that they can meet their timing requirements. However, modern cyber-physical systems are increasingly complex: they can involve thousands of tasks running on dozens of processors, many of which can have multiple cores or shared caches. Existing techniques for ensuring timing guarantees cannot handle this level of complexity. In this talk, I will present some of my recent work that can help to bridge this gap, such as overhead-aware compositional scheduling and analysis. I will also discuss some potential applications, such as real-time cloud platforms and intrusion-resistant cyber-physical systems.

Linh Thi Xuan Phan is an Assistant Research Professor in the Department of Computer and Information Science at the University of Pennsylvania. Her interests include real-time systems, embedded systems, cyber-physical systems, and cloud computing. Her research develops theoretical foundations and practical tools for building complex systems with provable safety and timing guarantees. She is especially interested in techniques that integrate theory, systems, and application aspects. Recently, she has been working on methods for defending cyber-physical systems against malicious attacks, as well as on real-time cloud infrastructures for safety-critical and mission-critical systems. Linh holds a Ph.D. degree in Computer Science from the National University of Singapore (NUS); she received the Graduate Research Excellence Award from NUS for her dissertation work.

This talk will present the design and soundness proof of Verasco, a formally verified static analyzer for most of the ISO C99 language (excluding recursion and dynamic allocation), developed using the Coq proof assistant. Verasco aims at establishing the absence of run-time errors in the analyzed programs. It enjoys a modular architecture that supports the extensible combination of multiple abstract domains, both relational and non-relational. It include a memory abstract domain, an abstract domain of arithmetical symbolic equalities, an abstract domain of intervals, an abstract domain of arithmetical congruences and an octagonal abstract domain.

Verasco integrates with the CompCert formally-verified C compiler so that not only the soundness of the analysis results is guaranteed with mathematical certitude, but also the fact that these guarantees carry over to the compiled code.

-

Today, many embedded and cyber-physical systems, e.g., automotive, comprise several control applications. Guaranteeing the stability of these control applications is perhaps the most fundamental requirement while implementing such applications. Often, however, the design of such systems is done without considering the implementation impacts. In this case, the guarantees provided at design time might not be preserved for the final implementation. In this talk, we discuss the implementation- aware design of embedded control systems.

-

CakeML is a new ML dialect aimed at supporting formally verified programs. The CakeML project has several aspects including formal semantics and metatheory, a verified compiler, a formal connection between its semantics and higher-order logic (in the HOL4 interactive theorem prover), and example verified applications written in CakeML and HOL4. The project is an active collaboration between Ramana Kumar at NICTA, Magnus Myreen at Chalmers, Michael Norrish at NICTA, Yong Kiam Tan at (A*STAR, Singapore), and myself.

In this talk, I will explain the architecture of CakeML's verified compiler, focussing on a new optimising backend that we are currently developing.

CakeML's web site is https://cakeml.org, and development is hosted on GitHub at https://github.com/CakeML/cakeml.

-

Processor architectures are critical interfaces in computing, but they are typically defined only by prose and pseudocode documentation. This is especially problematic for the subtle concurrency behaviour of weakly consistent multiprocessors such as ARM and IBM POWER: the traditional documentation does not define precisely what programmer-observable behaviour is (and is not) allowed for concurrent code; it is not executable as a test oracle for pre-Silicon or post-Silicon hardware testing; it is not executable as an emulator for software testing; and it is not mathematically rigorous enough to serve as a foundation for software verification.

In this talk, I will present a rigorous architectural envelope model for IBM POWER and ARM multiprocessors, that aims to support all of these for small-but-intricate test cases, integrating an operational concurrency model with an ISA model for the sequential behaviour of a substantial fragment of the user-mode instruction set (expressed in a new ISA description language). I will present the interface between the two, whose requirements drove the development of our new language Sail. I will also present the interesting aspects of Sail's dependent type system, which is a light-weight system balancing the benefits of static bounds and effects checking with the usability of the language for engineers. Futher, our models can be automatically translated into executable code, which, combined with front-ends for concurrency litmus tests and ELF executables, can interactively or exhaustively explore all the allowed behaviours of small test cases.

Joint work with: S. Flur, G. Kerneis*, L. Maranget**, D. Mulligan, C. Pulte, S. Sarkar***, and P. Sewell, University of Cambridge (* Google, ** Inria, *** St Andrews)

-

In my PhD thesis I have developed a formal semantics of a significant part of the C programming language as described by the C11 standard. In this talk I will give a brief overview of the main parts of my formalized semantics.

* A structured memory model based on trees to capture subtleties of C11 that have not been addressed by others.

* A core C language with a small step operational semantics. The operational semantics is non-deterministic due to unspecified expression evaluation order.

* An explicit type system for the core language that enjoys type preservation and progress.

* A type sound translation of actual C programs into the core language.

* An executable semantics that has been proven sound and complete with respect to the operational semantics.

* Extensions of separation logic to reason about subtle constructs in C like non-determinism in expressions, and gotos in the presence of block scope variables.

-

Software is susceptible to malformed data originating from untrusted sources. Occasionally the programming logic or constructs used are inappropriate to handle the varied constraints imposed by legal and well-formed data. Consequently, software may produce unexpected results or even crash. In this paper, we present \tool, a novel hybrid approach that saves such software from crashing when failures originate from malformed strings or inappropriate handling of strings. Clotho statically analyzes a program to identify statements that are vulnerable to failures related to associated string data. Clotho then generates patches that are likely to satisfy constraints on the data, and in case of failures produces program behavior which would be close to the expected. The precision of the patches is improved with the help of a dynamic analysis. 

We have implemented Clotho for the Java String API, and our evaluation based on several popular open-source libraries shows that Clotho generates patches that are semantically similar to the patches generated by the programmers in the later versions. Additionally, these patches are activated only when a failure is detected, and thus Clotho incurs no runtime overhead during normal execution, and negligible overhead in case of failures.

Aritra is a research engineer at Xerox Research Center India and a prospective PhD student. He has a M.Tech degree from IIIT-Delhi and he is interested in program analysis, crypto currency and wireless sensor networks.

The benefits of adopting emerging multicore processors include reductions in space, weight, power, and cooling, while increasing CPU bandwidth per processor. However, the existing real-time software engineering process is based on the constant worst case execution time (WCET) assumption, which states that the measured worst case execution time of a software task when executed alone is the same as when that task is running together with other tasks. While this assumption is correct for single-core chips, it is NOT true for multicore chips. As it is now, the interference between cores can cause delay spikes as high as 600% in industry benchmarks. This presentation reviews main challenges faced by the embedded industry today when adopting multicore in safety critical embedded systems. A discussion on the notion of Single Core Equivalence follows.

Caccamo received his Ph.D. in computer engineering from Scuola Superiore Sant’Anna, Pisa, Italy in January 2002 and joined University of Illinois at Urbana-Champaign shortly after graduation, where he is a professor of computer science. He also has a courtesy appointment in the Department of Electrical and Computer Engineering (ECE) at the University of Illinois. In broad terms, his research interests are centered on the area of embedded systems. He has worked in close collaboration with avionics, farming, and automotive industries developing innovative software architectures and toolkits for the design automation of embedded digital controllers, and low-level resource management solutions for real-time operating systems running on multicore architectures. He has authored/coauthored more than 90 refereed publications in real-time and embedded networked computing systems. He has been a guest editor of the Journal of Real-Time Systems and he is the program chair of RTSS'15. He was previously program chair of RTAS and also served as both general chair of RTAS and Cyber Physical Systems Week (CPSWeek’11). He was also awarded an NSF CAREER Award in 2003 and is a senior member of IEEE.

n geo-replicated distributed data stores, the need to ensure responsiveness in the face of network partitions and processor failures results in implementations that provide only weak (so-called eventually consistent) guarantees on when data updated by one process becomes visible to another. Applications must be carefully constructed to be aware of unwanted inconsistencies permitted by such implementations (e.g., having negative balances in a bank account, or having an item appear in a shopping cart after it has been removed), but must balance correctness concerns with performance and scalability needs. Because understanding these tradeoffs requires subtle reasoning and detailed knowledge about the underlying data store, implementing robust distributed applications in such environments is often an error-prone and expensive task.

-

The collection and analysis of observational and experimental data represent the main tools for assessing the presence, the extent, the nature, and the trend of discrimination phenomena. Data analysis techniques have been proposed in the last fifty years in the economic, legal, statistical, and, recently, in the data mining literature. This is not surprising, since discrimination analysis is a multi-disciplinary problem, involving sociological causes, legal argumentations, economic models, statistical techniques, computational issues. The objective of the talk is to provide first an introduction on concepts, problems, application areas, datasets, methods and approaches from a multidisciplinary perspective; and then to deep in the data-driven approach based on data mining for discrimination discovery and prevention. Reference: · A. Romei, S. Ruggieri. A multidisciplinary survey on discrimination analysis. The Knowledge Engineering Review. Vol. 29, Issue 5, November 2014, 582-638.

Salvatore Ruggieri is Associate Professor at the Computer Science Department of the University of Pisa, and he is currently the director the Master Programme in Business Informatics. He holds a Ph.D. in Computer Science (1999), whose thesis has been awarded by the Italian Chapter of EATCS as the best Ph.D. thesis in Theoretical Computer Science. He has been the treasurer of the Italian Association for Artificial Intelligence (2003-2007), and the program chair of the XIII Italian Symposium on Artificial Intelligence, Pisa 10-12 December 2014. He was the coordinator of Enforce, a national FIRB (Italian Fund for Basic Research) young researcher project on Computer science and legal methods for enforcing the personal rights of non-discrimination and privacy in ICT systems (ENFORCE, 2010-2014, enforce.di.unipi.it). Salvatore regularly participates in the program committee of top conferences such as KDD, ECML-PKDD, ICDM, and he has been the guest editor of two special issues: Intelligenza Artificiale journal on Artificial Intelligence for Society and Economy, June 2015; and Artificial Intelligence and Law journal on Computational Methods for Enforcing Privacy and Fairness in the Knowledge Society, June 2014. He is a member of the KDD LAB research group, a joint initiative of the University of Pisa and the National Research Council (www-kdd.isti.cnr.it), with research interests focused in the data mining and knowledge discovery area, including: discrimination measurement, segregation discovery, fairness in classification, interplay between privacy and fairness, languages and systems for modelling the process of knowledge discovery; sequential and parallel classification algorithms; frequent itemset mining; web mining and personalization; and applications (CRM, operational risk). Past research topics include program verification and termination methods, constraint programming, quantified linear systems, intelligent multimedia presentation systems, software quality models.

In real-time scheduling theory we are interested in finding out whether a set of repeatedly activated computational tasks can be co-executed on a shared computer platform, such that all of their deadlines are met. The periodic and sporadic task models are among the most basic formalisms used for modeling computational tasks. Among computer platforms considered, the preemptive uniprocessor is one of the simplest. To decide whether a given set of periodic or sporadic tasks can be scheduled on a preemptive uniprocessor so that all deadlines are met is therefore a core problem in real-time scheduling theory. Still, the complexity of this decision problem has long been open. In this talk, which is targeted to a general audience, I will outline some recent results pinpointing this complexity.   

Pontus Ekberg is a PhD student at Uppsala University, Sweden. There he has worked on the analysis of algorithms and models for real-time scheduling theory.

In this talk, I will present an approach to ease the verification of file-system code using a domain-specific language, currently called CoGent, supported by a self-certifying compiler that produces C code, a high-level specification, and translation correctness proofs.

CoGent is a restricted, polymorphic, higher-order, and purely functional language with linear types and without the need for a trusted runtime or garbage collector. It compiles to efficient C code that is designed to interoperate with existing C functions.

For a well-typed CoGent program, the compiler produces C code, a high-level shallow embedding of its semantics in Isabelle/HOL, and a proof that the C code correctly implements this embedding. The aim is for proof engineers to reason about the full semantics of real-world systems code productively and equationally, while retaining the interoperability and leanness of C.

I will give a high-level overview of the formal verification stages of the compiler, which include automated formal refinement calculi, a switch from imperative update semantics to functional value semantics formally justified by the linear type system, and a number of standard compiler phases such as type checking and monomorphisation. The compiler certificate is a series of language-level meta proofs and per-program translation validation phases, combined into one coherent top-level theorem in Isabelle/HOL.

-

Octagonal constraints expressing weakly relational numerical properties of the form ($l \le \pm x \pm y \leq h$) have been found useful and effective in static analysis of numerical programs. Their analysis serves as a key component of the tool ASTREE based on abstract interpretation framework proposed by Patrick Cousot and his group, which has been successfully used to analyze commercial software consisting of hundreds of thousand of lines of code. This talk will discuss a heuristic based on the quantifier-elimination (QE) approach presented by Kapur (2005) that can be used to automatically derive loop invariants expressed as a conjunction of octagonal constraints in $O(n^2)$, where $n$ is the number of program variables over which these constraints are expressed. This is in contrast to the algorithms developed in Mine's thesis which have the complexity at least $O(n^3)$. The restricted QE heuristic usually generates invariants stronger than those obtained by the freely available Interproc tool. Extensions of the proposed approach to generating disjunctive invariants will be presented.

PhD (1980), Massachusetts Institute of Technology (MIT), Cambridge, MA; M. Tech. (1973) and B. Tech. (1971), Indian Institute of Technology (IIT), Kanpur, India.

Chair, Department of Computer Science, University of New Mexico, Jan. 1999--June 2006.

Adjunct Professor, School of Technology and Computer Science, Tata Institute of Fundamental Research, Mumbai, India, 2003 onwards.

Professor, Department of Computer Science, Jan. 1988-- Dec. 1998, University at Albany. Founder and former Director, Institute for Programming and Logics, University at Albany.

Member, Research Staff, Computer Science Branch, General Electric Corporate Research and Development, Schenectady, NY, 1980-87.

The underlying theories of both control engineering and real-time systems engineering assume idealized system abstractions that mutually neglect central aspects of the other discipline. Control engineering theory, on the one hand, usually assumes jitter free sampling and constant input-output latencies disregarding complex real-world timing effects. Real-time engineering theory, on the other hand, uses abstract performance models that neglect the functional behavior, and derives worst-case situations that have little expressiveness for control functionalities in physically dominated automotive systems. As a consequence, there is a lot of potential for a systematic co-engineering between both disciplines, increasing design efficiency and confidence. In this talk, possible approaches for such a co-engineering and their current applicability to real world problems are discussed. In particular, simulation-based and formal verification techniques are compared for different construction principles of automotive real-time control software.

-

Data centers run a range of important applications with ever increasing performance demands, from cloud and server computing to Big Data and eScience. However, the scaling of CPU frequency has stalled in recent years, leading to hardware architectures that no longer transparently scale software performance. Two trends stand out: 1) Instead of frequency, hardware architectures increase the number of CPU cores, leaving complex memory system performance and CPU scheduling tradeoffs exposed to software. 2) Network and storage I/O performance continues to improve, but without matching improvements in CPU frequency. Software thus faces ever increasing I/O efficiency demands.

In my research, I address how operating systems (OSes) can handle these growing complexity and performance pressures to avoid becoming the limiting factor to performance. I first explain how current OS architecture is already inadequate to address these trends, limiting application performance. I then present how the OS can be redesigned to eliminate the performance limitations without compromising on existing features or application compatibility. I finish with an outlook on how these hardware trends affect software in the future and present ideas to address them.

Simon is a postdoctoral research associate at the University of Washington, where he leads research in operating systems and networks. His postdoctoral advisors are Tom Anderson and Arvind Krishnamurthy. Simon received a Ph.D. in Computer Science from ETH Zurich in 2012 and an MSc in Computer Science from the Carl-von-Ossietzky University Oldenburg, Germany in 2006.

Simon's research focus is on data center performance issues. For his work on the Arrakis high I/O performance operating system, he received the Jay Lepreau best paper award (2014) and the Madrona prize (2014). Previously, Simon has worked on the Barrelfish multicore operating system and conducted further award-winning systems research at various locations, including MSR Silicon Valley, MSR Cambridge, Intel Labs Germany, UC Riverside, and the NSF.

As the most serious cyber-attack threats rapidly shift from untargeted toward increasingly targeted methods, it is becoming more crucial for organizations to protect the identity and location of their members against malicious tracking and surveillance. The common approach by organizations to use encryption is not enough, as metadata, such as the sender and receiver, has recently been shown to be as valuable and hence as dangerous as data. Employing existing anonymous communication tools, such as Tor, only deter but do not prevent tracking and targeting attacks. This talk describes three major challenges to protecting users: network-based traffic analysis attacks, intersection attacks against identities and traffic flows, and application / environment exploits. The talk then introduces practical approaches that address these challenges as implemented and evaluated in the Dissent project.

David Wolinsky is a research scientist and lecturer at Yale University. He joined Yale in the Summer of 2011 after obtaining a PhD at the University of Florida. His research efforts primarily focus on building practical and secure distributed systems. During his PhD, he built a free-to-join compute grid, Grid Appliance (HPDC'11), that combined NSF funded and volunteer resources to produce a 1,000+ node system with 100,000s of compute hours. At Yale, he leads the Dissent project (OSDI'12), a novel group anonymous communication protocol that turned an interesting theoretical idea into a practical system.

Abstract: Large Internet services, "big science", and increasingly, industrial R&D, are all powered by warehouse scale computing — tens of thousands of servers connected over a network. Increasing parallelism and big data analytics require that the network provide high throughput connectivity. In this talk, I will describe Jellyfish, our proposed design for such a network. Jellyfish uses a random graph topology, allowing construction at arbitrary sizes, easier network growth over time, and integration of newer and more powerful network equipment as it becomes available — practical problems that rigidly structured traditional networks fail to address. Surprisingly, Jellyfish also beats state-of-the-art real-world designs on throughput, by as much as 40%. In fact, we show that Jellyfish networks achieve near optimal throughput, i.e., one cannot build, using the same networking equipment, *any* network that provides much higher throughput.

Ankit Singla is a PhD Candidate in Computer Science at the University of Illinois at Urbana-Champaign. He received his Bachelors in Technology (Computer Science) at IIT Bombay, India, in 2008. He is a winner of the 2012 Google PhD Fellowship. These days, he is refining a plan for building a speed-of-light Internet, which he loses no opportunity to talk about.

Large-scale private user data theft has become a common occurrence on the web. A huge factor in these privacy breaches we hear so much about is that developers specify and enforce data security policies by strewing checks throughout their application code. Overlooking even a single check can lead to vulnerabilities.

In this talk, I will describe a new approach to protecting sensitive data even when application code is buggy or malicious. The key ideas behind my approach are to separate the security and privacy concerns of an application from its functionality, and to use language-level information flow control (IFC) to enforce policies throughout the code. The main challenge of this approach is at once to design practical systems that can be easily adopted by average developers, and simultaneously to leverage formal semantics that rule out large classes of design error. The talk will cover a server-side web framework (Hails), a language-level IFC system (LIO), and a browser security architecture (COWL), which, together, provide end-to-end security against the privacy leaks that plague today's web applications.

Deian Stefan is a PhD student in Computer Science at Stanford. His research interests intersect systems, programming languages, and security. As part of his PhD work, Deian focused on web application security; he built practical systems with formal underpinnings that enable average developers to build secure web applications. Deian is a recipient of a NDSEG Fellowship and a Mozilla Research Grant for his work on web security. He is a co-founder and the CTO of GitStar Inc., a company that provides security-as-a-service to web developers. He is a member of the W3C Web Application Security Group, where he serves as editor of the COWL spec. He received his BE and ME in Electrical Engineering from Cooper Union.

Trusted hardware modules are becoming prevalent in computing devices of all kinds. A broad trusted hardware assumption purports to solve almost all security problems in a trivial and uninteresting manner. However, relying entirely on hardware assumptions to achieve security goals of a system can be impractical given the limited memory, bandwidth and CPU capabilities of available hardware modules, and makes the designed system vulnerable to even a tiny overlooked or undiscovered flaw/side-channel in the employed module. Thus, the key challenge to me while designing a trusted hardware-based system is to determine a minimal hardware assumption required to achieve the system's goals, and justify the assumption for an available hardware module.

In this talk, I will present my recent work on developing privacy-preserving systems based on the above insight. In particular, I will introduce a privacy-preserving transaction protocol for credit networks (PrivPay), an architecture for privacy-preserving online behavioral advertising (ObliviAd), and an asynchronous multiparty computation protocol with only an honest majority (NeqAMPC).

Aniket Kate is a junior faculty member and an independent research group leader at Saarland University in Germany, where he is heading the Cryptographic Systems research group within the Cluster of Excellence. His primary research interests lie at the intersection of cryptography, and systems security research. Along with producing theoretically elegant cryptographic results, he endeavors to make them useful in real-world scenarios. Before joining Saarland University in 2012, Aniket was a postdoctoral researcher at Max Planck Institute for Software Systems (MPI-SWS), Germany. He received his PhD from the University of Waterloo, Canada in 2010, and his masters from Indian Institute of Technology (IIT) - Bombay, India in 2006.

Online privacy and security decision making is complex, because it is affected both by objective risks and benefits from disclosure or protection of personal information, and by factors that do not directly affect economic trade-offs. For instance, design features - such as default visibility settings, look & feel of a website, granularity of privacy controls, or framing of privacy policies - as well as cognitive and behavioral biases affect risk perception. Behavioral sciences provide useful insights on how people respond to risks and threats. Of particular interest to my research is whether individuals detect, recognize, and react differently to "offline" and "online" threats. I will present a series of laboratory experiments, that combine findings from HCI and behavioral sciences, showing how to help users of online sharing technologies detect online privacy and security threats, and thus make better informed decisions. The experiments demonstrate how sensorial, visceral stimuli from the offline, physical world can affect online privacy concern and online disclosures. The results show the importance of going beyond privacy and security usability research, and provide suggestions on how to improve interfaces to help users make sound privacy and security decisions.

Laura Brandimarte is a post-doctoral fellow at Carnegie Mellon University. After undergraduate studies in economics in Rome and a Master of Science at the London School of Economics, she joined CMU to study the behavioral economics of privacy. In December 2012, she obtained her PhD from CMU in Public Policy and Management, with a specialization in Behavioral Science. Her current research interests include privacy decision making, cognitive and behavioral biases in privacy attitudes and choices, soft paternalism and privacy, risk perception and impression formation. Her research is mostly empirical and oriented towards practical policy and human-computer interaction implications.

Numerical software, common in scientific computing or embedded systems, inevitably uses an approximation of the real arithmetic in which most algorithms are designed. Finite-precision arithmetic, such as fixed-point or floating-point, is a common and efficient choice, but introduces an uncertainty on the computed result that is often very hard to quantify. We need adequate tools to estimate the errors introduced in order to choose suitable approximations which satisfy the accuracy requirements. I will present a new programming model where the scientist writes his or her numerical program in a real-valued specification language with explicit error annotations. It is then the task of our verifying compiler to select a suitable floating-point or fixed-point data type which guarantees the needed accuracy. I will show how a combination of SMT theorem proving, interval and affine arithmetic and function derivatives yields an accurate, sound and automated error estimation which can handle nonlinearity, discontinuities and certain classes of loops. We have further combined our error computation with genetic programming to not only verify but also improve accuracy. Finally, together with techniques from validated numerics we developed a runtime technique to certify solutions of nonlinear systems of equations, quantifying truncation in addition to roundoff errors.

Eva Darulova is a postdoc at EPFL in the Laboratory for Automated Reasoning and Analysis. Her research interests include programming languages, software verification and in particular approximate computing. Her recent research focused on automated verification and synthesis for numerical programs where she developed techniques and tools for explicit handling of uncertainties. She received a PhD from EPFL in 2014 and a BS degree from University College Dublin in 2009 with a joint major in computer science and mathematical physics.

Abstract: In recent years, we have witnessed the emergence of many sophisticated web services that allow people to interact on an unprecedented scale. The wealth of data produced by these new ways of communication can be used, in principle, to increase our understanding of human social behaviour, but a fundamental hurdle is posed by the sensitivity of these data. Access must of necessity be severely constrained in order to protect the privacy of the users and the confidentiality of the data. A very broad question arises naturally: can non-trivial conclusions about various social processes be inferred based only on such limited information? We give a few specific examples taken from our own research of what can, and cannot, be learned from digital traces. The talk describes joint work with several people: B.Abrahao, P.Brach, F.Chierichetti, R.Kleinberg, A.Epasto, P.Sankowski

Alessandro Panconesi is full professor of Computer Science at Sapienza, University of Rome. He holds a PhD degree in Computer Science from Cornell University. He was the recipient of the ACM Danny Lewin Award. Last year he was awarded a Google Focused Award and, previously, he received research faculty awards from IBM, Yahoo and Google. His main current research interest are distributed and randomised algorithms for social networks.

Dynamic graph algorithms are data structures that maintain properties of graphs while they are modified by edge deletions and insertions. These data structures can be used, for example, to efficiently detect deadlocks in operating systems, compute shortest-paths in navigation systems, or to speed up static algorithms, such as algorithms used in computer-aided verification or certain multi-commodity flow algorithms, that solve multiple graph propblems on very similar graphs.

While basic properties, such as connectivity, in undirected graphs can be maintained in time polylogarithmic in the size of the graph per edge update, no such bounds are known for basic properties, such as reachability, in directed graphs or more sophisticated graph properties, such as shortest paths, in undirected graphs. We will present the state of the art for these problems, giving both upper and (conditional) lower bounds. Conditional lower bounds result from a relatively new research direction, where similar to hardness reductions in complexity theory, we show that based on the assumption that some well-known problems, such as Boolean matrix multiplication, cannot be solved fast, certain dynamic problems cannot be solved in polylogarithmic time per operation.

-

Shared memory parallel machines have existed since the 1960s and, with the proliferation of multi-core processors, shared memory parallel programming has become increasingly important. Unfortunately, some fairly basic questions about parallel program semantics have not been addressed until quite recently. Multi-threaded programming languages are on much more solid ground than they were as recently as a decade ago. Nonetheless a number of foundational issues have turned out to be surprisingly subtle and resistant to easy solutions. We briefly survey three such issues:

1) All major programming languages support atomic operations that enforce only very weak memory ordering properties. These implicitly rely on enforcement of dependencies to preclude certain "nonsensical" outcomes. Unfortunately, we do not know how to define a suitable notion of dependency.

2) Garbage collected programming languages such as Java, rely on finalization, most commonly to interact correctly with non-garbage-collected parts of the system. But finalization raises largely unsolved concurrency issues. As a result, almost all interesting uses of finalization uses are subtly, but seriously, incorrect.

3) It can be difficult to avoid object destruction or memory deallocation races in-garbage-collected languages like C++. As a result, async(), the basic C++11 thread spawning facility has surprisingly complex semantics, with unintended consequences.

-

In this talk we'll consider two problems in which users must select from a set of alternatives. In the first scenario, a user consumes a class of item repeatedly, such as listening to a sequence of songs, or visiting a sequence of restaurants over time. Our goal is to understand the dynamics of repeated consumption of the same item. We present a model related to Herbert Simon's 1955 copying model, and analyze its effectiveness. In the second scenario, a user traverses a directed graph whose nodes represent items, and whose arcs represent related items recommended by the system. In this setting, we develop a model and algorithm for determining the underlying quality of each node based on traversal data. Our result provides a well-motivated unique solution to the problem of "reverse engineering" a markov chain by finding a transition matrix given the graph and the steady state

Andrew Tomkins is an engineering director at Google working on web analysis, search, and personalization. His research has focused on measurement, modelling, and analysis of content, communities, and users on the World Wide Web. Prior to joining Google, he spent four years at Yahoo!, leading search research and serving as chief scientist of the search organization. He also spent eight years at IBM's Almaden Research Center, where he co-founded the WebFountain project and served as its chief scientist. He has published over 100 technical papers and submitted over sixty patents. Andrew received Bachelors degrees in Mathematics and Computer Science from MIT, and a PhD in CS from Carnegie Mellon University. He recently co-chaired the program of WWW2008 and KDD2010, and serves on the editorial board of ACM Transactions on the Web

Modern Internet services often achieve dependability by relying on geo-replicated databases that provide consistency models for transactions weaker than serialisability. We investigate a promising consistency model of Sovran et al.'s parallel snapshot isolation (PSI), which weakens the classical snapshot isolation in a way that allows more efficient geo-replicated implementations. We first give a declarative specification to PSI that does not refer to implementation-level concepts and, thus, allows application programmers to reason about the behaviour of PSI databases more easily. We justify our high-level specification by proving its equivalence to the existing low-level one. Using our specification, we develop a criterion for checking when a set of transactions executing on PSI can be chopped into smaller pieces without introducing new behaviours. This allows application programmers to optimise the code of their transactions to execute them more efficiently. We find that our criterion is more permissive than the existing one for chopping serialisable transactions. These results contribute to understanding the complex design space of consistency models for geo-replicated databases.This is joint work with Andrea Cerone (IMDEA) and Hongseok Yang (Oxford).

-

A key difficulty in verifying shared-memory concurrent programs is reasoning compositionally about each thread in isolation. When the footprints of threads overlap with each other, existing program logics require reasoning about static global shared resource which impedes compositionality. We introduce the program logic of CoLoSL, where each thread is verified with respect to its subjective view of the global shared state. This subjective view describes only that part of the global shared resource accessed by the thread. Subjective views may arbitrarily overlap with each other, and expand and contract depending on the resource required by the thread, thus allowing for truly compositional proofs for shared-memory concurrency.

-

Scaling the performance of short TCP connections on multicore systems is fundamentally challenging. Despite many proposals that have attempted to address various shortcomings, inefficiency of the kernel implementation still persists. For example, even state-of-the-art designs spend 70% to 80% of CPU cycles in handling TCP connections in the kernel, leaving only small room for innovation in the user-level program.  In this talk, I will present mTCP, a high-performance user-level TCP stack for multicore systems. mTCP addresses the inefficiencies from the ground up - from packet I/O and TCP connection management to the application interface. In addition to adopting well-known techniques, our design (1) translates multiple expensive system calls into a single shared memory reference, (2) allows efficient flow-level event aggregation, and (3) performs batched packet I/O for high I/O efficiency. Our evaluations on an 8-core machine showed that mTCP improves the performance of small message transactions by a factor of 25 compared to the latest Linux TCP stack and a factor of 3 compared to the MegaPipe system. It also improves the performance of various popular applications by 33% to 320% compared to those on the Linux stack.

KyoungSoo Park is an associate professor in the Electrical Engineering department at KAIST. His research interests focus on the reliability, performance, and security issues in the design and implementation of networked computing systems. He has developed CoBlitz, a scalable large-file content distribution network (CDN), which is acquired by Verivue, Inc., and subsequently by Akamai, Inc. He has co-developed HashCache, a memory-efficient caching storage system for developing regions, which was chosen one of the top 10 technologies in 2009 by the MIT technology review magazine. Most recently, his mTCP paper received the community award at USENIX NSDI 2014. He received his B.S. degree from Seoul National University in 1997, and his M.A. and Ph.D. degrees from Princeton University in 2004 and 2007, respectively, all in computer science. Before joining KAIST, he worked as assistant professor in the computer science department at University of Pittsburgh in the year of 2009.

An authenticated data structure (ADS) is a data structure whose operations can be carried out by an untrusted prover, the results of which a verifier can efficiently check as authentic. This is done by having the prover produce a compact proof that the verifier can check along with each operation's result. ADSs thus support outsourcing data maintenance and processing tasks to untrusted servers without loss of integrity. Past work on ADSs has focused on particular data structures (or limited classes of data structures), one at a time, often with support only for particular operations.

This paper presents a generic method, using a simple extension to a ML-like functional programming language we call (lambda-auth), with which one can program authenticated operations over any data structure defined by standard type constructors, including recursive types, sums, and products. The programmer writes the data structure largely as usual and it is compiled to code to be run by the prover and verifier. Using a formalization of we prove that all well-typed programs result in code that is secure under the standard cryptographic assumption of collision-resistant hash functions. We have implemented as an extension to the OCaml compiler, and have used it to produce authenticated versions of many interesting data structures including binary search trees, red-black+ trees, skip lists, and more. Performance experiments show that our approach is efficient, giving up little compared to the hand-optimized data structures developed previously.

Joint work with Andrew Miller, Jonathan Katz, and Elaine Shi, at UMD

Michael W. Hicks is a Professor in the Computer Science department and UMIACS at the University of Maryland and is the former Director of the Maryland Cybersecurity Center (MC2). His research focuses on using programming languages and analyses to improve the security, reliability, and availability of software. He is perhaps best known for his work exploring dynamic software updating, which is a technique by which software can be updated without shutting it down. He has explored the design of new programming languages and analysis tools for helping programmers find bugs and software vulnerabilities, and for identifying suspicious or incorrect program executions. He has recently been exploring new approaches to authenticated and privacy-preserving computation, combining techniques from cryptography and automated program analysis.

Person-to-person evaluations are prevalent in all kinds of discourse and important for establishing reputations, building social bonds, and shaping public opinion. Such evaluations can be analyzed separately using signed social networks and textual sentiment analysis, but this misses the rich interactions between language and social context. To capture such interactions, we develop a model that predicts individual A's opinion of individual B by synthesizing information from the signed social network in which A and B are embedded with sentiment analysis of the evaluative texts relating A to B. We prove that this problem is NP-hard but can be relaxed to an efficiently solvable hinge-loss Markov random field, and we show that this implementation outperforms text-only and network-only versions in two very different datasets involving community-level decision-making: the Convote U.S. Congressional speech corpus and the Wikipedia Requests for Adminship corpus. (Joint work with Hristo Paskov, Jure Leskovec, and Christopher Potts)

Time permitting, I will also briefly discuss the "From Cookies to Cooks" project, where we leverage search-engine query logs to gain insights into what foods people consume when and where. (Joint work with Ryen White and Eric Horvitz)

Bob obtained a Diplom degree in computer science from the Technical University of Munich in his native Germany in 2007 and a Master's degree in computer science from McGill University in 2010. He is currently a fifth-year Ph.D. candidate in the InfoLab at Stanford University, advised by Jure Leskovec, where he has been working at the intersection of data mining, machine learning, and natural language processing to convert raw log data into meaningful insights on a number of human behaviors, ranging from navigation in complex networks to Wikipedia editing to food intake.

Exploring the power and limitations of different coordination problems has always been at the heart of the theory of distributed computing. This talk addresses a coordination problem called renaming. Renaming can be seen as a dual to the classical consensus problem: instead of agreeing on a unique value, in renaming correct processes must disagree by picking distinct values from an appropriate range of values. The talk consists of two parts, each considering a different fault model in synchronous message-passing systems. In the first part, we tackle crash faults and propose a new randomization technique, called balls-into-leaves, which solves renaming in sub-logarithmic number of rounds. This technique outperforms optimal deterministic algorithms by an exponential factor. In the second part, we consider the more challenging Byzantine faults. We propose a randomized renaming algorithm that tolerates up to t

Oksana Denysyuk received an M.S. and B.S. in Computer Science from the Instituto Superior Tecnico of the University of Lisbon in 2009 and 2007, respectively. She is currently a Ph.D. student in the same organization and expects to obtain her doctorate degree in November 2014. Her work was published at the PODC, DISC, and ICDCS conferences. Her research interests include theory of distributed computing, dynamic networks, fault tolerance, and randomized distributed algorithms.

Web applications (web mail, web stores, social networks, etc) keep massive amounts of data that must be readily available to users.  The storage system underlying these applications has evolved dramatically over the past 25 years, from file systems, to SQL database systems, to a large variety of NOSQL systems. In this talk, we contemplate this fascinating history and present a new storage system called Yesquel. Yesquel combines several advantages of prior systems. It supports the SQL query language to facilitate the design of Web applications, while offering performance and scalability competitive with a widely used NOSQL system.

Dr. Aguilera received a Ph.D. in Computer Science from Cornell University in 2000. His work spans both the theoretical foundations of distributed computing and the practical applications of distributed systems. He has worked as a researcher at Compaq's Systems Research Center, HP Labs, and Microsoft Research Silicon Valley. He chaired OPODIS 2014, DISC 2012, ICDCN 2011, and LADIS 2010. He currently serves on the editorial board of ACM Transactions on Computing Systems and on the program committees of SOSP 2015 and HotOS 2015.

Replicated state machine is a fundamental computing construct for it essentially makes a distributed system emulate a highly available, centralized one, using a consensus abstraction through which processes agree on common decisions. The idea is at the heart of the fault-tolerance of most data centers today. Any sequential object is modeled by a state machine that can be replicated over all processes of the system and accessed in a wait-free manner: we talk about the universality of the construct and of its underlying consensus abstraction. Yet, consensus is just a special case of a more general abstraction, k-set consensus, where processes agree on at most k different decisions. It is natural to ask whether there exists a generalization of state machine replication with k-set agreement, for otherwise distributed computing would not deserve the aura of having an underpinning Theory as 1 (k-set consensus with k=1) would be special. The talk will recall the classical state machine replication construct and show how, using k-set consensus as an underlying abstraction, the construct can be generalized to implement k state machines of which at least one makes progress, generalizing in a precise sense the very notion of consensus universality. The work is a joint work with Eli Gafni 

Rachid Guerraoui is professor of Computer Science at the Swiss Federal Institute of Technology in Lausanne where he leads the Distributed Programming Laboratory. Rachid is fellow of the ACM and has recently been awarded an advanced ERC grant and a Google focused award. He has also been affiliated in the past with the Research Center of Ecole des Mines de Paris, the Commissariat a l'Energie Atomique in Saclay,  Hewlett-Packard Laboratories in Palo Alto and the Massachusetts Institute of Technology.

The ever-growing amount of data available on the Internet clearly calls for personalization. Yet, the most effective personalization schemes, such as those based on collaborative filtering (CF), are notoriously resource greedy. We argue that scalable infrastructures relying on  P2P design can scale to that increasing number of users, data and dynamics. We will present a novel scalable k-nearest neighbor protocol, which P2P flavor provides scalability by design. This protocol provides each user with an implicit social network composed of users with similar tastes in a given application. This protocol has been instanciated in various infrastructures on several applications (recommendation, top-k, serach, etc.) (1) A P2P system, WhatsUp, a collaborative filtering system for disseminating news items in a large-scale dynamic setting with no central authority; (2) A hybrid recommendation infrastructure HyRec, an online cost-effective scalable system for CF personalization, offloading CPU-intensive recommendation tasks to front-end client browsers, while retaining storage and orchestration tasks within back-end servers; (3) A cloud-based centralized  engine providing real time recommendations.

Anne-Marie Kermarrec is a research director at Inria where she leads the ASAP (as Scalable As Possible) research group on large-scale dynamic distributed systems. Before that she has been with Vrije Universteit and  Microsoft Research Cambridge. She was the PI  of an ERC Strating Grant (2008-2013) and an ERC Proof of Concept Grant (2013). 

What can be computed, and how efficiently, is a core question in computer science. Not surprisingly, in distributed systems and networking research, a fundamental question is what can be computed how efficiently in a distributed fashion, in a network. More precisely, if nodes of a network must solve a problem by locally communicating with their neighbors, how fast can they compute (or approximate) a global (optimization) problem? Throughout the years, we studied different aspects and problems of this "network complexity" theory. In my talk I will discuss a few facets, e.g., how to compute the network diameter, or the role of randomness. Towards the end of the talk I will present some nuggets regarding "complex networks", in particular updates in Software Defined Networks, and attacks on the Bitcoin network.

Roger Wattenhofer is a full professor at the Information Technology and Electrical Engineering Department, ETH Zurich, Switzerland. He received his doctorate in Computer Science in 1998 from ETH Zurich. From 1999 to 2001 he was in the USA, first at Brown University in Providence, RI, then at Microsoft Research in Redmond, WA. He then returned to ETH Zurich, originally as an assistant professor at the Computer Science Department.

Roger Wattenhofer's research interests are a variety of algorithmic and systems aspects in computer science and information technology, currently in particular wireless networks, wide area networks, mobile systems, social networks, and physical algorithms. He publishes in different communities: distributed computing (e.g., PODC, SPAA, DISC), networking (e.g., SIGCOMM, MobiCom, SenSys), or theory (e.g., STOC, FOCS, SODA, ICALP).

This talk presents two ongoing lines of work looking at how Twitter can be used to track societal level health issues. You Tweet What You Eat: Studying Food Consumption Through Twitter; joint work with Yelena Mejova and Sofiane Abbar Food is an integral part of our lives, cultures, and well-being, and is of major interest to public health. The collection of daily nutritional data involves keeping detailed diaries or periodic surveys and is limited in scope and reach. Alternatively, social media is infamous for allowing its users to update the world on the minutiae of their daily lives, including their eating habits. In this work we examine the potential of Twitter to provide insight into US-wide dietary choices by linking the tweeted dining experiences of 210K users to their interests, demographics, and social networks. We validate our approach by relating the caloric values of the foods mentioned in the tweets to the state-wide obesity rates, achieving a Pearson correlation of 0.77 across the 50 US states and the District of Columbia. We then build a model to predict county-wide obesity and diabetes statistics based on a combination of demographic variables and food names mentioned on Twitter. Our results show significant improvement over previous research. We further link this data to societal and economic factors, such as education and income, illustrating that, for example, areas with higher education levels tweet about food that is significantly less caloric. Finally, we address the issue of the social nature of obesity (first raised by Christakis & Fowler) by inducing two social networks using mentions and reciprocal following relationships. From Fitness Junkies to One-time Users: Determining Successful Adoptions of Fitness Applications on Twitter; joint work with Kunwoo Park and Meeyoung Cha As our world becomes more digitized and interconnected, one's health status---a topic that was once thought to be private---is shared on public platforms. This trend is facilitated by scores of fitness applications that push health updates to users' social networks. This paper presents the behavioral patterns of social opt-in users of a popular fitness application, MyFitnessPal. Through data gathered from Twitter, we determine whether any features such as the profile, fitness activities, and social support can predict long-term retention and weight loss of users. We discuss implications of findings related to HCI and the design of health applications.

At QCRI, Ingmar works on social media mining, web science and computational political science. Common to most of his research is the use of online data to understand offline behaviour. Before joining QCRI, Ingmar was a research scientist at Yahoo! Research in Barcelona working in the area of web mining, analyzing large sets of user log data. Previously, he was a postdoc at EPFL working on sponsored search auctions, tag recommendation and other things. In the summer of 2008 he visited Microsoft Research Cambridge and, before starting his PhD, interned with companies in the area of public key cryptography and the Fraunhofer Institute for Industrial Mathematics. He did his PhD at the Max-Planck Institute for Computer Science and holds BA and MA degrees in mathematics from Cambridge University.

This talk describes new analysis algorithms for text data aimed at understanding the social world from which the data emerged. The political world offers some excellent questions to explore: Do US presidential candidates "move to the political center" after winning a primary election? Are Supreme Court justices swayed by amicus curiae briefs, documents crafted at great expense? I'll show how our computational models capture theoretical commitments and uncertainty, offering new tools for exploring these kinds of questions and more. Time permitting, we'll close with an analysis of a quarter million biographies, discussing what can be discovered about human lives as well as those who write about them.

The primary collaborators on this research are my Ph.D. students David Bamman and Yanchuan Sim; collaborators from the Political Science Department at UNC Chapel Hill, Brice Acree, and Justin Gross; and Bryan Routledge from the Tepper School of Business at CMU.

Noah Smith designs algorithms for automated analysis of human language. He often exploits the web to this end, including mining the web for translations (Resnik and Smith, 2003), measuring public opinion from social messages (O'Connor et al., 2010), and inferring geographic linguistic variation (Eisenstein et al., 2010).

Smith has also contributed algorithms tackling the core problems of natural language processing: parsing sentences into syntactic representations (Eisner et al., 2005; Martins et al., 2009) and semantic representations (Das et al., 2010; Flanigan et al., 2014), as well as cross-cutting techniques for unsupervised language learning (Smith and Eisner, 2005; Cohen and Smith, 2009). His 2011 book, Linguistic Structure Prediction, synthesizes many statistical modeling techniques for language.

Such methods advance applications for automatic translation (Al-Onaizan et al., 1999; Gimpel and Smith, 2011), empirical work in the social sciences (Kogan et al., 2009; Yano et al., 2009, Sim et al., 2013) and humanities (Bamman et al., 2014), and education (Heilman and Smith, 2010), and other next-generation language technologies.

Smith is Associate Professor of Language Technologies and Machine Learning in the School of Computer Science at Carnegie Mellon University. In fall 2015, he will join the University of Washington as Associate Professor of Computer Science & Engineering. Prior to coming to CMU, he was a Hertz Foundation Fellow at Johns Hopkins University, where he completed his Ph.D. in 2006. He is a clarinetist, tanguero, and swimmer.

Dynamic symbolic execution (DSE) has been proposed to effectively generate test inputs for real-world programs. Unfortunately, DSE techniques do not scale well for large realistic programs, because often the number of feasible execution paths of a program increases exponentially with the increase in the length of an execution path.

In this paper, we propose MultiSE, a new technique for merging states incrementally during symbolic execution, without using auxiliary variables. The key idea of MultiSE is based on an alternative representation of the state, where we map each variable, including the program counter, to a set of guarded symbolic expressions called a value summary. MultiSE has several advantages over conventional DSE and existing state merging techniques: value summaries enable sharing of symbolic expressions and path constraints along multiple paths and thus avoid redundant execution. MultiSE does not introduce auxiliary symbolic variables, which enables it to 1) make progress even when merging values not supported by the constraint solver, 2) avoid expensive constraint solver calls when resolving function calls and jumps, and 3) carry out most operations concretely. Moreover, MultiSE updates value summaries incrementally at every assignment instructions, which makes it unnecessary to identify the join points and to keep track of variables to merge at join points.

We have implemented MultiSE for JavaScript programs in a publicly available open-source tool. Our evaluation of MultiSE on several programs shows that MultiSE can run significantly faster than traditional dynamic symbolic execution and save substantial number of state merges compared to existing state merging techniques.

-

The Low-Level Virtual Machine (LLVM) compiler provides a modern, industrial-strength SSA-based intermediate representation (IR) along with infrastructure support for many source languages and target platforms. Much of the LLVM compiler is structured as IR to IR translation passes that apply various optimizations and analyses, making it an ideal target for enforcing security properties of low-level code.

In this talk, I will describe the Vellvm project, which seeks to provide a formal framework for developing machine-checkable proofs about LLVM IR programs and translation passes. I'll discuss some of the subtleties of modeling the LLVM IR semantics, including nondeterminism and its use of SSA representation. I'll also describe some of the proof techniques that we have used for reasoning about LLVM IR transformations and describe our results about the formal verification of the SoftBound pass, which hardens C programs against memory safety errors.

Vellvm, which is implemented in the Coq theorem prover, provides facilities for extracting LLVM IR transformation passes and plugging them into the LLVM compiler, thus enabling us to create verified optimization passes for LLVM and evaluate them against their unverified counterparts. Our experimental results show that fully verified and automatically extracted implementations can yield competitive performance.

This is joint work with Jianzhou Zhao and Milo Martin (both at Penn) and Santosh Nagarakatte (at Rutgers University).

-

In the quest for program analysis and verification, program termination -- determining whether a given program will always halt or could execute forever -- has emerged as a central component. Although proven undecidable in the general case by Alan Turing over 80 years ago, positive results have been obtained in a variety of restricted instances. We survey the situation with a focus on simple linear programs, i.e., WHILE loops in which all assignments and guards are linear, discussing recent progress as well as ongoing and emerging challenges.

-

Most if not all datacenter services use sharding and replication for scalability and reliability. Shards are more-or-less independent of one another and individually replicated. We challenge this design philosophy and present a replication protocol where the shards interact with one another: A protocol running within shards ensures linearizable consistency, while the shards interact in order to improve availability. We analyze its availability properties and evaluate a working implementation.

Robbert van Renesse obtained his Ph.D. in 1989 at the Vrije Universiteit in Amsterdam, and subsequently worked on the Plan 9 operating system at AT&T Bell Labs. Since 1991 he and his students have been working at Cornell University on the theory and practice of scalable distributed systems. Van Renesse co-founded two companies in distributed systems technology.

Concurrent data-structures, such as stacks, queues, and deques, often implicitly enforce a total order over elements in their underlying memory layout. However, much of this order is unnecessary: linearizability only requires that elements are ordered if the insert methods ran in sequence. We propose a new approach which uses timestamping to avoid unnecessary ordering. Pairs of elements can be left unordered (represented by unordered timestamps) if their associated insert operations ran concurrently, and order imposed as necessary by the eventual remove operations.

We realise our approach in a new non-blocking data-structure, the TS (timestamped) stack. In experiments on x86, the TS stack outperforms and outscales all its competitors -- for example, it outperforms the elimination-backoff stack by factor of two. In our approach, more concurrency translates into less ordering, giving less-contended removal and thus higher performance and scalability. Despite this, the TS stack is linearizable with respect to stack semantics.

The weak internal ordering in the TS stack presents a challenge when establishing linearizability: standard techniques such as linearization points work well when there exists a total internal order. We have developed a new stack theorem, mechanised in Isabelle, which characterises the orderings sufficient to establish stack semantics. By applying our stack theorem, we can show that the TS stack is indeed correct.

-

Prediction tasks in machine learning usually require deducing a latent variable, or structure, from observed traces of activity — sometimes, these tasks can be carried out with a significant precision, while sometimes getting any significance out of the prediction requires an unrealistically large number of traces.

In this talk, we will study the trace complexity of (that is: the number of traces needed for) a number of prediction tasks in social networks: the network inference problem, the number of signers problem, and the star rating problem.

The first problem was defined by [Gomez-Rodriguez et al, 2010] and consists of reconstructing the edge set of a network given traces representing the chronology of infection times as epidemics spread through the network. The second problem’s goal is to predict the unknown number of signers of email-based petitions, given only a small subset of the emails that circulated. The last problem aims to predict the unknown absolute "quality" of a movie using the ratings given by different users (each with their own unknown precision)

These examples will allow us to highlight some interesting general points of prediction tasks.

Joint work with subsets of Bruno Abrahao, Anirban Dasgupta, Bobby Kleinberg, Jon Kleinberg, Ravi Kumar, Silvio Lattanzi and David Liben-Nowell.

Flavio Chierichetti is an assistant professor in the Department of Computer Science at Sapienza University of Rome.

This talk discusses a principled approach to web application security through tracking information flow in web applications. Although the agile nature of developments in web application technology makes web application security much of a moving target, we show that there are some fundamental challenges and tradeoffs that determine possibilities and limitations of automatically securing web applications. We address challenges related to mutual distrust on the policy side (as in web mashups) and tracking information flow in dynamic web programming languages (such as JavaScript) to provide a foundation for practical web application security.

Andrei Sabelfeld is a Professor in the Department of Computer Science and Engineering at Chalmers University of Technology in Gothenburg, Sweden. After receiving his Ph.D. in Computer Science from Chalmers in 2001 and before joining Chalmers as faculty in 2004, he was a Research Associate at Cornell University in Ithaca, NY. His research has developed the link between two areas of Computer Science: Programming Languages and Computer Security. Sabelfeld's article on Language-Based Information-Flow Security is one of the most cited articles in all of Computer Science from 2003.

Many verification problems can be reduced to refinement verification. However, existing work on verifying refinement of concurrent programs either fails to prove the preservation of termination, allowing a diverging program to trivially refine any programs, or is difficult to apply in compositional thread-local reasoning. In this talk, I will present a Hoare-style concurrent program logic supporting termination-preserving refinement proofs. We show two key applications of our logic, i.e., verifying linearizability and lock-freedom together for fine-grained concurrent objects, and verifying full correctness of optimizations of concurrent algorithms.

Hongjin and her advisor have been been working on program logics for proving refinement of concurrent programs and have been publishing at top places: POPL, PLDI, LICS, CONCUR.

If you possessed the power to synthesize any program from just a high-level description of the desired behavior, how would you deploy this power? It seems that you could end programming as we know it and automate the creation of everything that can be viewed as a program, including biological and economic models. This dream is not fully achievable but over the last decade we have learnt how to rephrase the synthesis problem to make it solvable and practically applicable. This talk will mine seven projects from my group for surprising lessons and future opportunities. I will first present two fresh answers to the question of "where do specifications come from?" and then argue for synergy between domain-specific languages and synthesis. I will also explain why synthesis may help rethink compiler construction, necessitated by the era of unusual hardware. Looking into the next decade, I will illustrate how synthesis may facilitate computational doing --- the development of tools for data science and the digital life.

Ras Bodik is a Professor of Computer Science at UC Berkeley. He works on a range of techniques for program synthesis, from programming by demonstration, to sketching, and solver-aided languages. His group has applied synthesis to high-performance computing, web browser construction, algorithm design, document layout, and biology. He has designed a course on programming languages where student learn hands-on small-language design by constructing a modern web browser.

Our everyday life brings us in contact with a rich range of materials that contribute to both the utility and aesthetics of our environment. Human beings are very good at using subtle distinctions in appearance to distinguish between materials (e.g., silk vs. cotton, laminate vs. granite). In my group we are working on understanding how we perceive materials to drive better graphics and vision algorithms.

In this talk I will present OpenSurfaces, a rich, labeled database consisting of thousands of examples of surfaces segmented from consumer photographs of interiors, and annotated with material parameters, texture information, and contextual information. We demonstrate the use of this database in applications like surface retexturing, intrinsic image decomposition, intelligent material-based image browsing, and material design. I will also briefly describe our work on light scattering for translucent materials and realistic micron-resolution models for fabrics. Our work has applications in many domains: in virtual and augmented reality fueled by the advent of devices like Google Glass, in virtual prototyping for industrial design, in ecommerce and retail, in textile design and prototyping, in interior design and remodeling, and in games and movies.

Kavita Bala is an Associate Professor in the Computer Science Department at Cornell University. She received her PhD from the Massachusetts Institute of Technology (MIT). Bala leads research projects in physically-based scalable rendering, perceptually-based graphics, material perception and acquisition, and image-based modeling and texturing. Her group's scalable rendering research on Lightcuts is the core rendering technology in Autodesk's cloud rendering platform. Bala's professional activities include Chair of SIGGRAPH Asia 2011, co-Chair Pacific Graphics (2010) and the Eurographics Symposium on Rendering (2005), Papers Advisory Board for SIGGRAPH and SIGGRAPH Asia, Senior Associate Editor for TOG, and Associate Editor for TVCG and CGF. She has received the NSF CAREER award, and Cornell's College of Engineering James and Mary Tien Excellence in Teaching Award (2006 and 2009)

The Satisfiability Modulo Theories (SMT) problem is a generalization of the Boolean satisfiability problem to first-order logic. SMT solvers are now at the forefront of automated reasoning and they are increasingly used in a number of diverse applications. In this talk I will first present a new decision procedure for the theory of fixed-width bit-vectors, and then describe an application of SMT techniques to verifying compiler transformations.

Most SMT solvers decide bit-vector constraints via eager reduction to propositional logic after first applying powerful word-level rewrite techniques. While often efficient in practice, this method does not scale on problems for which top-level rewrites cannot reduce the problem size sufficiently. We present a lazy solver that targets such problems by maintaining the word-level structure during search. This approach also enables efficient combination with the theory of arrays using variants of the Nelson-Oppen combination procedure.

The combination of the array and bit-vector theories offers a natural way of encoding the semantics of compiler intermediate representation languages. We show how to integrate an SMT solver with a compiler to build a "self-certifying" compiler: a compiler that generates a verifiable justification for its own correctness on every run. Our compiler produces as justification a refinement relation between the source and target programs of every optimization step. This "witness" relation is produced by an auxiliary witness generator, and is untrusted: its correctness is checked by an external SMT solver. Our implementation is based on the LLVM compiler: we have written generators for a number of intra-procedural optimizations. Preliminary results suggest the overhead of witness generation and checking compilation is manageable.

-

First order logic with transitive closure, and separation logic enable elegant interactive verification of heap-manipulating programs. However, undecidabilty results and high asymptotic complexity of checking validity preclude complete automatic verification of such programs, even when loop invariants and procedure contracts are specified as formulas in these logics. We tackle the problem of procedure-modular verification of reachability properties of heap-manipulating programs using efficient decision procedures that are complete: that is, a SAT solver must generate a counterexample whenever a program does not satisfy its specification. By (a) requiring each procedure modifies a fixed set of heap partitions and creates a bounded amount of heap sharing, and (b) restricting program contracts and loop invariants to use only deterministic paths in the heap, we show that heap reachability updates can be described in a simple manner. The restrictions force program specifications and verification conditions to lie within a fragment of first-order logic with transitive closure that is reducible to effectively propositional logic, and hence facilitate sound, complete and efficient verification. We implemented a tool atop Z3 and report on preliminary experiments that establish the correctness of several programs that manipulate linked data structures.

Presented in POPL'14.

Joint work with: Shachar Itzhaky (Tel Aviv University), Anindya Banerjee (IMDEA Software Institute), Neil Immerman (University of Massachusetts), Aleksandar Nanevski (IMDEA Software Institute), Mooly Sagiv (Tel Aviv University)

-

The modern smartphone is a power hungry device, and due largely to the proliferation of multi-core CPUs, the applications processor is one of the main energy drivers. Indeed, a current-generation mobile multi-core can drain your battery in well under one hour. In this talk I will discuss how to manage mobile multi-cores more effectively. I will start with some ground-truth about the energy consumption inside a smartphone, based on circuit-level measurements of real devices. Noting that the applications processor continues to be relevant, I will discuss some techniques for regulating multi-core CPU power, showing the importance of static power and its surprising variance among devices. Finally, I will conclude the talk discussing current and future work on exploring alternate ways to utilize the parallelism available in mobile multi-cores.

Aaron Carroll is a final-year PhD student in the Software Systems Research Group at NICTA and UNSW in Sydney, Australia, under the supervision of Prof. Gernot Heiser. His research interests include mobile and embedded systems, power management and measurement, operating systems, and multi-core performance, all with a strong emphasis on practicality. He is currently interning in the Efficient Computing group at Rice University, where he is exploring ways to improve performance on multi-core processors beyond thread-level parallelism.

From video and music to responsive UIs, a lot of real-time workloads run on today's desktops and mobile devices, but real-time scheduling interfaces in commodity operating systems have not gained traction. As a result, the CPU scheduler receives no explicit knowledge about applications' needs and thus falls back to heuristics or best-effort operation. I present ATLAS - the Auto-Training Look-Ahead Scheduler. ATLAS improves service to applications with regard to two non-functional properties: timeliness and overload detection. ATLAS provides timely service to applications, accessible through an easy-to-use interface. Deadlines specify timing requirements, workload metrics describe jobs. ATLAS employs machine learning to predict job execution times. Deadline misses are detected before they occur, so applications can react early. ATLAS is currently a single-core scheduler, so after presenting the status quo I will discuss the planned multicore extension and the new application scenarios it enables.

-

Code and data are exchanged and reused freely across the Internet and the Web. But both are vectors for attacks on confidentiality and integrity. Current systems are vulnerable because they're built at too low a level of abstraction, without principled security assurance. The Fabric project has been developing higher-level abstractions that securely support future open, extensible applications. Unlike current Web abstractions, Fabric has a principled basis for security: language-based information flow, which works even for distrusted mobile code. Warranties, a new abstraction for distributed computation, enable scalability even with a strong consistency model that simplifies programmer reasoning.

Bio: Andrew Myers is a Professor in the Cornell University Department of Computer Science in Ithaca, New York, USA. He received his Ph.D. in Electrical Engineering and Computer Science from MIT. Myers is an ACM Fellow. He has received awards for papers appearing in POPL'99, SOSP'01, SOSP'07, CIDR'13, and PLDI'13. He is currently co-Editor-in-Chief for the Journal of Computer Security and serves on the editorial board of ACM Transactions on Computer Systems.

The Internet has become ubiquitous, bringing many benefits to people across the globe. Unfortunately, Internet users face threats to their security and privacy: repressive regimes deprive them of freedom of speech and open access to information, governments and corporations monitor their online behavior, advertisers collect and sell their private data, and cybercriminals hurt them financially through security breaches. My research aims to make Internet communications more secure and privacy-preserving. In this talk, I will focus on the design, implementation, and analysis of tools that help users bypass Internet censorship. I will discuss the major challenges in building robust censorship circumvention tools, introduce two novel classes of systems that we have developed to overcome these challenges, and conclude with several directions for future research.

Amir Houmansadr is a postdoctoral scholar at the University of Texas at Austin. He received his Ph.D. from the University of Illinois at Urbana-Champaign in August 2012. Amir’s research revolves around various network security and privacy problems, including Internet censorship circumvention, network traffic analysis, and anonymous communications. He has received several awards for his research, including the Best Practical Paper Award at the IEEE Symposium on Security & Privacy (Oakland) 2013.

With the tremendous growth in cloud-based services, the web platform is now easily the most widely used application platform. In this talk, I will present work done we have done at Berkeley towards developing a secure client-side for web applications. I will discuss three directions: secure protocols, secure applications and secure user experience.

First, I will present work on providing a formal foundation for web security protocols. We formalize the typical web attacker model and identify broadly applicable security goals. We also identify an abstraction of the web platform that is amenable to automated analysis yet able to express subtle attacks missed by humans. Using a model checker, we automatically identified a previously unknown flaw in a widely used Kerberos-like authentication protocol for the web.

Second, I will present work on improving assurance in client-side web applications. We identify pervasive over-privileging in client-side web applications and present a new architecture that relies on privilege separation to mitigate vulnerabilities. Our design uses standard primitives and enables a 6x to 10000x reduction in the trusted computing base with less than 13 lines modified.

Lastly, I will present the results of a large-scale measurement study to empirically assess whether browser security warnings are as ineffective as popular opinion suggests. We used Mozilla Firefox and Google Chrome's in-browser telemetry to observe over 25 million warning impressions in situ. Our results demonstrate that security warnings can be effective in practice; security practitioners should not dismiss the goal of communicating security information to end users.

Devdatta is a graduate student at UC Berkeley interested in security of software, with a primary focus on web application security. He is part of Dawn Song's research group at UC Berkeley. Devdatta is also an invited expert on the W3C's Web Application Security Working Group. More details, including how to pronounce his name, are on his homepage: devd.me

Dynamically allocated data structures are heavily used in software nowadays, to organize and facilitate the access to data. This poses new challenges to software verification, due to various aspects, either related to the control structure or to the data. In this talk, we present logic-based frameworks for automatic verification of programs manipulating data structures that store unbounded data. First, we are concerned with designing decidable logics, that can be used to automate deductive verification in the Hoare-style of reasoning. This method relies on user provided annotations, such as loop invariants. Second, we introduce static analyses, that can automatically synthesize such annotations. Classically, static analysis has been used to prove correctness of non-functional properties, such as null pointer deference. In this talk, we present static analyses, that can prove complex functional properties describing the values stored in the data structure.

Cezara is a Romanian-born computer scientist living in Austria. She is currently a post-doctoral researcher at IST Austria, in the group of Tom Henzinger. In 2011 she was awarded a Ph.D. from the Department of Computer Science at the University of Paris-Diderot (Paris 7), LIAFA, under the advising of Ahmed Bouajjani. Cezara's research focuses on software verification, and in particular on static analyses techniques for programs with dynamically allocated data structures. She has been a teaching and research assistant at the University of Bucharest and at the Romanian Institute of Mathematics.

In the context of program refinement, it is of particular interest to be able to automatically check whether the implementation of a specification before the refinement step behaves equivalently to the implementation after the refinement step.

Since equivalence checking of programs is generally undecidable, one is typically confronted with a trade-off problem. On the one hand, one wishes to carry out the equivalence check fully automatically and therefore needs to model/abstract the program in such a way that equivalence checking remains at least decidable. On the other hand, the modeling/abstraction of the program should be expressive enough to model the program as faithfully as possible.

Infinite-state systems are a suitable means for faithfully modeling computer programs. For instance, the call and return behavior of recursive programs can faithfully be modeled using pushdown systems (the transition graphs induced by pushdown automata).

The focus of my talk will be on some recent work on bisimulation equivalence checking of stack-based infinite-state systems, i.e. infinite-state systems whose states and transitions involve the manipulation of a stack.

I will present in a bit more detail a PSPACE upper bound on deciding bisimulation equivalence of one-counter systems, which are pushdown systems over a unary stack alphabet, and an NLOGSPACE upper bound on bisimulation equivalence of deterministic one-counter systems, closing a long-standing complexity gap. Furthermore I will give some intuition why bisimulation equivalence checking of pushdown systems and higher-order pushdown systems is much more difficult to decide from a computational perspective, being nonelementary and undecidable, respectively. I will conclude with some challenging open problems in this area of research.

Stefan Goeller is a research associate at the University of Bremen. He received his PhD from the University of Leipzig in 2008. His research interests are in the verification of infinite-state systems, logic, and automata theory. In particular, his recent research has focused on the problem of checking bisimulation equivalences between infinite state systems.

Networks represent a fundamental medium for spreading and diffusion of various types of information, behavior and rumors. However, observing a diffusion process often reduces to noting when nodes (people, blogs, etc.) reproduce a piece of information, adopt a behavior, buy a product, or, more generally, adopt a contagion. We often observe where and when but not how or why contagions propagate through a network. The mechanism underlying the process is hidden. However, the mechanism is of outstanding interest in all cases, since understanding diffusion is necessary for predicting meme propagation, stopping rumors, or maximizing sales of a product.

In this talk, I will present a flexible probabilistic model of diffusion over networks that makes minimal assumptions about the physical, biological or cognitive mechanisms responsible for diffusion. This is possible since the model is data-driven and relies primarily on the visible temporal traces that diffusion processes generate. I apply the model to information diffusion among 3.3 million blogs and mainstream media sites during a one year period. The model allows us to predict future events, it sheds light on the hidden underlying structure and temporal dynamics of diffusion, and provides insights into the positions and roles various nodes play in the diffusion process.

Manuel Gomez Rodriguez is a Research Scientist at Max Planck Institute for Intelligent Systems. Manuel develops machine learning and large-scale data mining methods for the analysis and modeling of large real-world networks and processes that take place over them. He is particularly interested in problems motivated by the Web and social media and has received several recognitions for his research, including an Outstanding Paper Award at NIPS'13 and a Best Research Paper Honorable Mention at KDD'10. Manuel holds a PhD in Electrical Engineering from Stanford University and a BS in Electrical Engineering from Carlos III University in Madrid (Spain). You can find more about him at http://people.tuebingen.mpg.de/manuelgr/

Many people have legitimate needs to avoid their online activities being tracked and linked to their real-world identities - from citizens of authoritarian regimes, to everyday victims of domestic abuse or law enforcement officers investigating organized crime. Current state-of-the-art anonymous communication systems are based on onion routing, an approach effective against localized adversaries with a limited ability to monitor or tamper with network traffic. In an environment of increasingly powerful and all-seeing state-level adversaries, however, onion routing is showing cracks, and may not offer reliable security for much longer. All current anonymity systems are vulnerable in varying degrees to five major classes of attacks: global passive traffic analysis, active attacks, "denial-of-security" or DoSec attacks, intersection attacks, and software exploits.

The Dissent project is prototyping a next-generation anonymity system representing a ground-up redesign of current approaches. Dissent is the first anonymity and pseudonymity architecture incorporating protection against the five major classes of known attacks. By switching from onion routing to alternate anonymity primitives offering provable resistance to traffic analysis, Dissent makes anonymity possible even against an adversary who can monitor most, or all, network communication. A collective control plane renders a group of participants in an online community indistinguishable even if an adversary interferes actively, such as by delaying messages or forcing users offline. Protocol-level accountability enables groups to identify and expel misbehaving nodes, preserving availability, and preventing adversaries from using denial-of-service attacks to weaken anonymity. The system computes anonymity metrics that give users realistic indicators of anonymity protection, even against adversaries capable of long-term intersection and statistical disclosure attacks, and gives users control over tradeoffs between anonymity loss and communication responsiveness. Finally, virtual machine isolation offers anonymity protection against browser software exploits of the kind recently employed to de-anonymize Tor users. While Dissent is still a proof-of-concept prototype with important functionality and performance limitations, preliminary evidence suggests that it may in principle be possible - though by no means easy - to hide in an Internet panopticon.

Bryan Ford leads the Decentralized/Distributed Systems (DeDiS) research group at Yale University. His work focuses broadly on building secure systems, touching on many particular topics including secure and certified OS kernels, parallel and distributed computing, privacy-preserving technologies, and Internet architecture. He has received the Jay Lepreau Best Paper Award at OSDI, and multiple grants from NSF, DARPA, and ONR, including the NSF CAREER award. His pedagogical achievements include PIOS, the first OS course framework leading students through development of a working, native multiprocessor OS kernel. Prof. Ford earned his B.S. at the University of Utah and his Ph.D. at MIT, while researching topics including mobile device naming and routing, virtualization, microkernel architectures, and touching on programming languages and formal methods.

Parallel programming is hard.  Most parallel programs today deal with the complexities of parallel programming, such as scheduling and synchronization, using low-level system primitives such as pthreads, locks, and condition variables.  Although these low-level primitives are flexible, like goto statements, they lack structure and make it difficult for the programmer to reason locally about the program state.  Just as goto has been mostly deprecated in ordinary serial programming in favor of structured control constructs, we can simplify parallel programming by replacing these low-level concurrency primitives with linguistic constructs that enable well structured parallel programs.  Of course, elegant linguistic structure is only half the battle.  The underlying system must also efficiently support the linguistics, allowing the programmer to write fast code.

I have developed several new parallel linguistic constructs and devised new, more efficient runtime support for other constructs invented by others.  In this talk, I will focus largely on one example: a pipe_while construct that supports pipeline parallelism, a programming pattern commonly used in streaming applications.   This example provides a case study of how well-designed linguistics for structured parallel programming can simplify parallel programming while allowing the runtime system to execute the linguistic model efficiently.  This work has had some impact since its publication --- Intel released an experimental branch of Cilk Plus that incorporates support for parallel pipelining based on this work.  I will also mention other examples from my research to demonstrate how novel mechanisms in operating systems and hardware, not just the runtime, can help provide efficient support for parallel-programming linguistics.

I-Ting Angelina Lee is a postdoctoral associate in the Computer Science and Artificial Intelligence Laboratory (CSAIL) at MIT, working with Prof. Charles E. Leiserson. Her areas of interest include designing linguistics for parallel programming, developing runtime system support for multithreaded software, and building novel mechanisms in operating systems and hardware to efficiently support parallel abstractions.  Her work on "memory-mapped reducers" won best paper at SPAA 2012.  She received her Ph.D. from MIT in 2012 under the supervision of Prof. Charles E. Leiserson.  She received her Bachelor of Science in Computer Science from UC San Diego in 2003.

Internet eXchange Points (IXPs) are generally considered to be the successors of the four Network Access Points that were mandated as part of the decommissioning of the NSFNET in 1994/95 to facilitate the transition to "public Internet" as we know it today. While this does not tell the whole story of the early beginnings, what is true is that since around 1994, the number of IXPs has grown to more than 300 with the largest IXPs handling traffic volumes comparable to those of Tier-1 ISPs. But IXPs have never attracted much attention from the research community. At first glance, this lack of interest seems understandable as IXPs have apparently little to do with current "hot" topic areas such as data centers and cloud services or software defined networking (SDN) and mobile communication. However, we argue that, in fact, IXPs are not only cool monitoring points with huge visibility but are all about Internet connectivity data centers and cloud services and even SDN and mobile communication. To this end, we in this talk start with an overview of the basic technical and operational aspects of IXPs and then highlight some of our research results regarding application mix, AS-graph, Internet infrastructure distribution, and traffic flows.

-

The proliferation of user-generated content on the web provides a wealth of opportunity to study humans through their online traces. I will discuss three aspects of my research, which aims to model and understand people's behavior online. First, I will develop rich models of opinions by combining structured data (such as ratings) with unstructured data (such as text). Second, I will describe how preferences and behavior evolve over time, in order to characterize the process by which people "acquire tastes" for products such as beer and wine. Finally, I will discuss how people organize their personal social networks into communities with common interests and interactions. These lines of research require models that are capable of handling high-dimensional, interdependent, and time-evolving data, in order to gain insights into how humans behave.

Julian McAuley is a postdoctoral scholar at Stanford University, where he works with Jure Leskovec on modeling the structure and dynamics of social networks. His current work is concerned with modeling opinions and behavior in online communities, especially with respect to their linguistic and temporal dimensions. Previously, Julian received his PhD from the ANU under Tiberio Caetano, with whom he worked on inference and learning in structured output spaces. His work has been featured in Time, Forbes, New Scientist, and Wired, and has received over 30,000 "likes" on Facebook.

Recent years have seen the development of successful commercial programming tools based on static analysis technologies, which automatically verify intended properties of programs or find tricky bugs that are difficult to detect by testing techniques. One of the key reasons for this success is that these tools use clever strategies for abstracting programs -- most details about a given program are abstracted away by these strategies, unless they are predicted to be crucial for proving a given property about the program or detecting a type of program errors of interest. Developing such a strategy is, however, nontrivial, and is currently done by a large amount of manual engineering efforts in most tool projects. Finding a good abstraction strategy automatically or even reducing these manual efforts involved in the development of such a strategy is considered one of the main open challenges in the area of program analysis.

In this talk, I will explain how I tried to address this challenge with colleagues in the US and Korea in the past few years. During this time, we worked on parametric program analyses, where parameters for controlling the degree of program abstraction are expressed explicitly in the specification of the analyses. For those analyses, we developed algorithms for searching for a desired parameter value with respect to a given program and a given property, which use ideas from the neighboring areas of program analysis such as testing, searching and optimisation. In my talk, I will describe the main ideas behind these algorithms without going into technical details. I will focus on intuitions about why and when these algorithms work. I will also talk briefly about a few lessons that I learnt while working on this problem.

This talk is based on the joint work with Mayur Naik, Xin Zhang, Ravi Mangal, Radu Grigore, Hakjoo Oh, Wonchan Lee, Kihong Heo, and Kwangkeun Yi.

-

I will present techniques my research group has been developing to transform reusable software specifications, suitable for users and designers, into executable implementations, suitable for efficient execution. I outline deductive synthesis techniques that transform input/output behavior descriptions (such as postconditions, invariants, and examples) into conventional functions form inputs to outputs. We have applied these techniques to complex functional data structures, out of core database algorithms, as well as numerical computations.

Bio: Viktor Kuncak is Associate Professor in the School of Computer and Communication Sciences of the Swiss Federal Institute of Technology, Lausanne. His research goal is to increase software development productivity and software reliability through new algorithms and tools for synthesis, analysis, and automated reasoning. In 2012 he received an ERC grant to develop the concept of Implicit Programming, whose aim to make programming easier and more accessible. He also received a SIGSOFT distinguished paper award and his work was also published as a Communications of ACM Research Highlight. He has been a program chair of the conferences Verification, Model Checking and Abstract Interpretation (2012), as well as Formal Methods in Computer-Aided Design (2014).

Ubiquitous electronic transactions give us efficiency and convenience, but introduce security and reliability issues and affect user privacy. Consider for example how much more private information is revealed during online shopping compared to what leaks in physical transactions that are paid in cash. Luckily, cryptographic research gives us the tools to achieve efficient and secure electronic transactions that at the same time preserve user privacy. Anonymous credentials is one such tool that allows users to prove possession of credentials while revealing the minimum amount of information required. In the first part of this talk, we present "Anonymous Credentials Light": the first provably secure construction of anonymous credentials that is based on the DDH assumption and can work in the elliptic group setting without bilinear pairings. Our construction requires just a few exponentiations in a prime-order group in which the DDH problem is hard, which makes it suitable for mobile devices, RFIDs and smartcards.

In the second part of the talk we explain how we can get secure e-cash with attributes from our construction and we show implementation results in an NFC enabled smartphone. The efficiency of our scheme is comparable to Brands e-cash, which is known to be the most efficient e-cash scheme in the literature but as a recently work of us shows it is impossible to prove it secure under the currently known techniques.

-

This talk addresses the static verification problem for data-centric business processes, using as vehicle the "business artifact" model recently deployed by IBM in commercial products and consulting services, and studied in an increasing line of research papers.

Artifacts are records of variables that correspond to business-relevant objects and are updated by a set of services equipped with pre-and post-conditions that implement business process tasks. For the purpose of this talk, the verification problem consists in statically checking whether all runs of an artifact system satisfy desirable properties expressed in (some first order extension of) a temporal logic.

The talk surveys results that identify various practically significant classes of business artifact systems with decidable verification problem. The talk is based on a series of prior and current work conducted jointly with Elio Damagio, David Lorant, Yuliang Li, Victor Vianu (UCSD), and Richard Hull (IBM TJ Watson).

Alin Deutsch is a professor of computer science at the University of California, San Diego. His research is motivated by the data management challenges raised by applications that are powered by underlying databases (viewed in a broad sense that includes traditional database management systems but also collections of semi- and un-structured data providing a query interface, however rudimentary).

Alin's education includes a PhD degree from the University of Pennsylvania, an MSc degree from the Technical University of Darmstadt (Germany) and a BSc degree from the Polytechnic University Bucharest (Romania). He is the recipient of a Sloan fellowship and an NSF CAREER award, and has served as PC chair of the ICDT-2012 International Conference on Database Theory, the PLANX-2009 Workshop on Programming Language Techniques for XML, and the WebDB-2006 International Workshop on the Web and Databases.

Future applications will need to use programmable high-throughput accelerators like GPUs to achieve their performance and power goals. However building efficient systems that use accelerators today is incredibly difficult. I argue that the main problem lies in the lack of appropriate OS support for accelerators -- while OSes provide optimized resource management and I/O services to CPU applications, they make no such services available to accelerator programs.

I propose to build an operating system layer for GPUs which provides I/O services via familiar OS abstractions directly to programs running on GPUs. This layer effectively transforms GPUs into first-class computing devices with full I/O support, extending the constrained GPU-as-coprocessor programming model.

As a concrete example I will describe GPUfs, a software layer which enables GPU programs to access host files. GPUfs provides a POSIX-like API, exploits parallelism for efficiency, and optimizes for access locality by extending a CPU buffer cache into physical memories of all GPUs and CPUs in a single machine. Using real benchmarks I will show that GPUfs simplifies the development of efficient applications by eliminating the GPU management complexity, and broadens the range of applications that can be accelerated by GPUs. For example, a simple self-contained GPU program which searches for a set of strings in the entire tree of Linux kernel source files completes in about third of the time of an 8-core CPU run.

I will then describe my ongoing work on native network support for GPUs, current open problems and future directions.

The talk is self-contained, no background in GPU computing is necessary.

This is a joint work with Emmett Witchel, Bryan Ford, Idit Keidar and UT Austin students.

Mark Silberstein is an Assistant Professor at the Electrical Engineering Department, Technion, Israel. He truly believes that building practical, programmable and efficient computer systems with computational accelerators requires cross-cutting changes in system interfaces, OS design, hardware mechanisms, storage and networking services, as well as programming models and parallel algorithms, all of which constitute his research interests, keep him busy, and excited.

Web page: https://sites.google.com/site/silbersteinmark

In the context of computer systems, scheduling theory seeks to enable the efficient utilization of computing resources in order to optimize specified system-wide objectives. In this presentation we will examine how real-time scheduling theory is dealing with the recent trend in embedded systems towards implementing functionalities of different levels of importance, or criticalities, upon a shared platform. We will explore the factors that motivated this trend towards mixed-criticality (MC) systems, discuss how these MC systems pose new challenges to real-time scheduling theory, and describe how real-time scheduling theory is responding to these challenges by devising new models and methods for the design and analysis of MC systems.

Sanjoy Baruah is a professor in the Department of Computer Science at the University of North Carolina at Chapel Hill. He received his Ph.D. from the University of Texas at Austin in 1993. His research and teaching interests are in scheduling theory, real-time and safety-critical system design, and resource-allocation and sharing in distributed computing environments.