Shane Markstrum

"When I'm creating programs, there are certain things I want to know about the software that I create — Is it safe? Is it doing what I expect it to do? The idea of my research is to find ways in which programmers can specify how best to check their programs for the properties they are interested in."

Assistant professor of computer science
undefined

Whether shopping online or flying in an airplane, we expect the computer systems responsible for managing every aspect of modern life to be secure and reliable. Writing programming code, however, is a creative and complex process with plenty of room for error. Assistant Professor of Computer Science Shane Markstrum is developing ways to help programmers avoid some of those mistakes.

"When I'm creating programs, there are certain things I want to know about the software that I create — Is it safe? Is it doing what I expect it to do?" he says. "The idea of my research is to find ways in which programmers can specify how best to check their programs for the properties they are interested in."

To accomplish that goal, Markstrum taps into a feature that most programming languages already offer, called type systems. By creating a framework that can be tailored to different needs, Markstrum provides a convenient way for programmers to write their own type systems to check the relevant properties for their application. For example, a website developer creating an online store might make sure credit card numbers are never revealed to the wrong person, while someone else might check that his or her program never gets hung up trying to divide by zero.

Markstrum and colleagues in Los Angeles and New Zealand use a framework they developed called JavaCOP to check properties that are vital to safety-critical applications. This could allow programmers to use the Java language to create programs for use in sensitive applications ranging from airplanes to heart monitors. JavaCOP is open source code, which means it is freely available online.

So far, Markstrum has developed frameworks that work with one programming language, such as C# (pronounced C-sharp) or Java, but in the future he plans to investigate ways to check multiple languages at once. Websites, for instance, often have their static elements written in a language called HTML and their dynamic features written in Adobe Flash or JavaScript. Finding a way to check that properties hold even as these different languages interact with each other is one way to be sure that the web page keeps the layout the developer intended, or that secure information is not revealed.

In addition to exploring how program checking tools can help people create better software, Markstrum also is interested in how these same tools affect how students learn programming languages. One question he'll be asking as he begins teaching at Bucknell is how useful these frameworks are for getting students to think more deeply about the properties they want in their own programs, and how they might check those properties.

Posted Sept. 22, 2009