Welcome to the Security of Software (SOS) Lab!

Software systems are pervasive in all aspects of society. From online shopping to electronic voting, software has become an intrinsic part of business and our daily lives over the past few decades. However, software systems are not secure and robust. The media is full of reports of the catastrophic impact of software failures. A small collection of well-known software failures is available here.

The principal reason of software insecurity is the presence of software errors (i.e., bugs in computer jargon). For example, simple errors in software can result in buffer overruns or format string attacks that enable attackers to execute arbitrary code in attacked systems.

The SOS lab at Lehigh is a response to the urgent call for methodologies of making software secure. We are investigating the theory and constructing tools that help find and remove software errors, mitigate the effect of errors, and construct error-free software systems. The primary techniques we use are program analysis, program verification, programming languages, and compilers.

Current Projects

Past Projects


  • (7/10/09) Research paper "Finding bugs in exceptional situations of JNI programs" accepted by CCS '09
  • (6/30/09) News article about the lab's research
  • (6/28/09) Research paper about the NJ voting machine study accepted by EVT/WOTE '09
  • (6/1/09) Research positions available. More...
  • (12/10/08) Former member, Jason Croft, wins Honorable Mention in CRA's Outstanding Undergradate Award


Packard Lab 379. Contact info.


Last modified: Dec 20th, 2008