Skip to main content

We build systems that lift the capabilities of programmers dealing with the vast complexity of modern software systems. Our systems automate away inessential complexity and automate in desired features — for example, securing programs that use hundreds of software dependencies, bolting distribution onto existing applications, and parallelizing large-scale pipelines built out of multi-language components. We characterize the behavior of the systems we build using real workloads seen in practice, often paired with mathematical models and proofs of key properties of interest.

News #

Dec'23: Nikos Vasilakis is co-chairing the PC of EuroSec'24, co-located with EuroSys.
Oct'23: We’re hosting the 3rd PaSh Research Workshop at Brown University.
Sep'23: Nikos Pagonas joins the group for a six-month visit on serverless computing.
Sep'23: Brown CS News published an article on our ACM AsiaCCS'23 distinguished paper award!
Aug'23: Anirudh Narsipur and Seth Sabar start their undergraduate dissertations.
Jul'23: Oğuzhan Çölkesen and Yizheng Xie join the group for their PhD.
Jun'23: Nikos Vasilakis is co-chairing ACM SCORED'23, a workshop co-located with ACM CCS'23.
Jun'23: BinWrap to receive the distinguished-paper award at AsiaCCS'23!

See all news

Team #

Research #


Automating Protections Against Software Supply-Chain Threats
Modern software incorporates thousands of dependencies as a means of accelerating development and reducing cost—risking safety and security for both developers and end-users. We have built a series of systems targeting the JavaScript ecosystem—the largest such ecosystem out there—automating the analysis, transformation, and synthesis of JavaScript dependencies across a variety of threat models. Examples: AsiaCCS'23, CCS'21, CCS'21.


Automating Acceleration and Scale-out of Software Systems
Language-agnostic programming environments hinder automated parallelization and distribution, often forcing developers that deal with large datasets to manually rewrite programs and their components in languages that support these features. We have built a series of systems that accelerate, parallelize, distribute, and scale out computations fully automatically — while maintaining key correctness and security guarantees. Our systems target widely used environments — e.g., JavaScript, Python, the Shell — and are offered by open-source consortia such as the Linux Foundation. Examples: NSDI'23, OSDI'22, EuroSys'21.


Automated Transformation Towards Secure Scalable Computing Paradigms
Recent trends are pushing developers towards new paradigms of secure and scalable computing—e.g., confidential computing, microservices, serverless computing, and edge computing. Transforming a conventional program to leverage these paradigms is a laborious manual process that can lead to suboptimal performance and in many cases even break the program. We are developing systems that support this kind of decomposition and leveraging special hardware capabilities when these are available in the network. Examples: ARES'22, PLDI'19, ATC'19.