Finally, a recent picture!

Patrice Godefroid

Contact: firstnamelastname AT hotmail.com
Warning: I will NOT reply to unsolicited requests, including journal review requests.

Welcome to my web-page!

My area of expertise includes program analysis, testing, verification, security, and software engineering.

Here is a very brief bio, a less brief bio, and a recent CV. This recent research overview summarizes most of my work during the last 35+ years. My h-index is growing faster than my age (but for how long?).

I am probably best known for my early work on partial-order reduction for model checking concurrent systems (my PhD thesis is published as LNCS volume 1032 by Springer), for my work on VeriSoft, the first software model checker for mainstream programming languages such as C and C++, for my work on 3-valued model checking with may/must abstractions for sound program verification and falsification, and for my work on automatic test generation with DART. More recently, I co-developed SAGE, the first whitebox fuzzer for security testing, which was credited to have found roughly one third of all the security vulnerabilities discovered by file fuzzing during the development of Microsoft's Windows 7. In 2015, I co-founded Project Springfield, the first commercial cloud fuzzing service. In 2017, I co-created RESTler, the first stateful REST API fuzzing tool for automatically testing cloud services through their APIs and finding security and reliability bugs in these services. In 2022, I joined Lacework, a fast-growing cloud security startup, to co-found its Code Security team; Lacework was acquired by Fortinet in 2024.

Research. My main research topic during the last 35+ years has been software model checking in a broad sense. Specifically, my main broad research contribution has been the development of dynamic software model checking, a new approach to software model checking via systematic testing that combines program analysis, testing, model checking, and theorem proving. This approach is implemented in Microsoft tools like SAGE, PEX, and YOGI, and in many other tools outside Microsoft.

After 12 years at Bell Labs, I joined Microsoft Research in 2006, and for several years, my main project was SAGE, the first whitebox fuzzer for security testing. SAGE extends systematic dynamic test generation (introduced in DART) to handle large applications and is optimized for long symbolic executions at the x86 binary level. Since 2008, SAGE has found many new expensive security bugs in many Windows applications. More information on the research behind SAGE can be found in the papers below. See also SAGE in one slide (old version) and SAGE for dummies (10min video). Our work on whitebox fuzzing and SAGE (first published in 2008) was credited to introducing the "fuzzing" problem to the program analysis, software engineering, and security academic-research communities. SAGE also pioneered the use of search heuristics based on code coverage for fuzzing purposes.

For a quick introduction to fuzzing, see Fuzzing: Hack, Art, and Science (CACM'2020) and this (3min) video:

In 2015, I co-founded Project Springfield and served as its CTO. Springfield is the first commercial cloud fuzzing service. It was renamed Microsoft Security Risk Detection in May 2017, and helped companies like OSIsoft and Deschutes Brewery (video) and DocuSign (video). It then evolved into an open-source fuzzing platform called OneFuzz in 2020.

My next main project was RESTler, the first stateful REST API fuzzer. Given a REST API specification of a cloud service, RESTler automatically generates and executes tests that exercise the service through its REST API, with the goal of finding security and reliability bugs in the service. RESTler is now open-source on GitHub (press release).

In 2022, I joined Lacework to co-found its Code Security team. Our team launched several new static-analysis products for Software Composition Analysis (i.e., identify all third-party vulnerable packages in code repos) and for finding security-related bugs in first-party code. I also co-developed Code-Aware Agents (CAA), a new runtime-monitoring tech to determine what code is executed (and not executed) in the cloud, with very low cost so that this monitoring can run everywhere, all the time, in production, and at cloud scale. CAA can detect whether vulnerable packages in cloud workloads are ever being executed or not. And it turns out that most open-source packages dragged into cloud workloads through dependencies are actually never executed anytime anywhere. This is a game changer for anyone who has ever had to prioritize what vulnerable packages to fix next. Overall, our combined static and dynamic analyses extend the Lacework platform to cover the entire development cycle of cloud services, from code to production.

Here is my old Bell Labs web-page and my academic genealogy.

Over the last 35+ years, I have been fortunate to work with great collaborators, including the co-authors of the papers listed below. I learned something from each of them and I thank them all.

Some On-line Talks:

Some Professional Activities: Member of the program committee for the conferences

Some Software:

Some Publications: in reverse chronological order; see also my Publications by Themes

Previous Publications (1990-1994)

Copyright Notice: The above material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

Some Words of Wisdom (Quotes)