Dominic Steinhöfel

Dominic Steinhöfel

Postdoctoral Researcher in Computer Science

CISPA Helmholtz Center for Information Security

About me.

I am a postdoctoral researcher of computer science at CISPA Helmholtz Center for Information Security, working in the research group of Andreas Zeller. My research focuses on languages, techniques, and tools for increasing confidence in the software correctness. To this end, I work on testing and program proving approaches and design specification languages for the unit and system level. As part of my research, I contributed Abstract Execution, an automatic verification framework mainly for unit-level program transformations, and ISLa, a language and solver for complex string constraints for the precise testing and analysis of software systems.

Interests
  • Specification-Based Fuzzing
  • Specification Mining
  • Program Proving
  • Symbolic Execution
  • Formal Languages
Education

  • PhD in Computer Science, 2020

    Technical University of Darmstadt

  • MSc in Computer Science, 2015

    Technical University of Darmstadt

  • BSc in Computer Science, 2013

    Technical University of Darmstadt

Affiliations

 
 
 
 
 
Postdoctoral Researcher
CISPA Helmholtz Center for Information Security
Jan 2021 – Present Saarbrücken, Germany
 
 
 
 
 
Research Assistant (Postdoctoral Researcher)
Technical University of Darmstadt
May 2020 – Dec 2020 Darmstadt, Germany
 
 
 
 
 
Research Assistant (Doctoral Researcher)
Technical University of Darmstadt
May 2015 – May 2020 Darmstadt, Germany

Projects

Dominic Steinhöfel
Last updated on Aug 24, 2022
ISLearn
ISLearn

ISLearn mines input invariants expressed in the ISLa language that are associated to some program behavior (e.g., “input is accepted”). It is based on a catalog of abstract ISLa patterns that are instantiated and filtered. The resulting invariants are ranked according to their specificity and recall w.r.t. a set of provided or automatically produced input samples.
Dominic Steinhöfel
Last updated on Aug 24, 2022
ISLa
ISLa

ISLa (Input Specification Language) is a specification language with a solver for context-sensitive string constraints. Strings are structured using a context-free grammar, and ISLa constraints are expressed in terms of grammar elements. The ISLa solver can report unsatisfiability for unsatisfiable constraints, and generate thousands of sample strings for satisfiable ones. Applications of ISLa include high-precision fuzz testing, debugging based on precise failure circumstances reports, and understanding of program behavior.
Dominic Steinhöfel
Last updated on Aug 24, 2022 tools
REFINITY
REFINITY

REFINITY is a workbench for modeling statement-based program transformation rules using abstract programs, based on Abstract Execution. It provides GUI support for creating models, and sends proof obligations to the KeY program prover to prove correctness of the transformation model. Once created proof certificates can be saved and validated.
Dominic Steinhöfel
Last updated on Aug 24, 2022
The KeY Project
The KeY Project

The KeY framework is in its core a deduction-based program prover for Java. It is used for research and teaching, and supports functional verification, symbolic debugging, information-flow security, automatic test case generation and more. I have been massively contributing to KeY since 2015. Due to my implementation of Abstract Execution based on KeY, the system can now also prove universal second-order program properties (using abstract programs).

Teaching

Own Courses

During my time at CISPA, I was the main organizer of several seminars held together with Andreas Zeller.

  • 2022: Multimodal seminar on Symbolic Execution (upcoming)
    This seminar focuses on central aspects of symbolic execution. It consists of lecture, paper presentation, and lab sessions. I developed all the concepts and technical materials of the lecture and lab parts.
  • 2021/22: Seminar on Automated Testing and Debugging
    This seminar covers fuzzing, property-based testing, specification inference, and debugging approaches like Delta and Statistical Debugging.
  • 2021: Seminar on Specification and Testing
    In this seminar, we discussed approaches to specification-based automated testing and mining specifications based on dynamic execution data.

Teaching Assistant

  • 2016/17, 2017/18: Software Engineering Lecture
    For this mandatory course for Bachelor students at TU Darmstadt, I organized the exercises, including tutor supervision, preparing exercise sheets, and chairing exercise sessions.
  • 2015, 2015/16, 2017/18: Bachelor Lab
    This is a mandatory course for Bachelor students at TU Darmstadt. Students work in teams on assigned software projects during a 6-month period. I handled many aspects of the course’s organization.
  • Seminars: I supervised students in several seminars at TU Darmstadt.

Recent & Upcoming Talks

Input Invariants
ISLa is a novel specification language and fuzzer generating system inputs from grammars and constraints. It lets you specify input constraints like “a variable has to be defined before it is used”; “the ‘file name’ block must be 100 bytes long,” or “the number of columns in all CSV rows must be identical.” We show that a few ISLa constraints suffice to produce 100% semantically valid inputs while still maintaining input diversity. ISLa can also parse and precisely validate; inputs against semantic constraints. On top, our ISLearn prototype mines constraints from existing examples based on a catalog of common patterns. The resulting constraints can then again be used for fuzzing and parsing.
Dominic Steinhöfel, Andreas Zeller
Last updated on Mar 8, 2023
Talk on YouTube
Input Invariants
Ever Touch a Running System
Changing software without breaking it! How to use Abstract Execution and REFINITY to automatically prove properties of program transformation rules.
Dominic Steinhöfel
Last updated on May 31, 2021
Ever Touch a Running System
REFINITY to Model and Prove Program Transformation Rules
REFINITY is a workbench for modeling statement-level transformation rules on Java programs with the aim to formally verify their …
Last updated on Dec 2, 2020
PDF
REFINITY to Model and Prove Program Transformation Rules
Invited Talk: How to Prove the Correctness of Refactoring Rules
In this tutorial session colocated with the International Conference on integrated Formal Methods (iFM), I gave a 30-minutes talk …
Last updated on Oct 6, 2020
PDF
The Trace Modality
We propose the trace modality, a concept to uniformly express a wide range of program verification problems. To demonstrate its …
Dominic Steinhöfel, Reiner Hähnle
Last updated on Aug 5, 2020
The Trace Modality
See all

Recent Posts

BibTeX Done Right
Automation instead of BibTeX reference sheets! I explain how to use online bibliographies, cite online resources, use BibTeX linters, and automatically reformat BibTeX files to obtain valid and complete bibliographies as well as tidy .bib files.
Dominic Steinhöfel
Last updated on Nov 3, 2022 12 min read writing
BibTeX Done Right
Precise Symbolic State Merging
State merging is a standard technique for mitigating path explosion in symbolic execution. Nondeterministic value summaries are guarded sets of values with overlapping guards. Without those, we cannot perform fully precise state merging in all situations (do-while loops, unstructured code, nondeterministic programs). Reconstructing symbolic execution traces from states merged with nondeterministic value summaries requires some notion of time or origin.
Last updated on Dec 21, 2020 9 min read
PhD Thesis Published
My PhD thesis “Abstract Execution: Automatically Proving Infinitely Many Programs” has been published and is available for download (open access). The abstract and possible errata found after publication are listed on a separate page.
Last updated on Aug 5, 2020 1 min read publication
PhD Thesis Published
Extract Inkscape Layers to PDF files for LaTeX Beamer Presentations
Presentation of a script for using Inkscape as an editor for animations in LaTeX presentations.
Last updated on Aug 5, 2020 5 min read tools
See all posts

Contact