Principled Systems Group
Max Planck Institute for Software Systems

The Principled Systems Group at the Max Planck Institute for Software Systems (MPI-SWS) is led by Andrea Lattuada. We design, implement, and verify systems software, construed broadly[1] and focus on the advancement of verification tooling and methodology for systems verification.
We are interested in systems software verification as a way to substantially improve their safety and reliability, but to achieve this, the verification effort must be commensurate to the value it provides. We build (verified) systems, and extend the available tooling to find and fix inefficiencies.
Contact: (click to reveal)@mpi-sws.org
We co-lead the Verus project, Verus is a tool to rapidly verify the correctness of systems code written in Rust.
The Verus project involves members from VMware Research, Microsoft Research, Carnegie Mellon University, ETH Zurich, University of Washington, University of Michigan, University of Wisconsin-Madison, and others.
There are a number of research and industry projects using and developing Verus: verus-lang.github.io/verus/publications-and-projects/.
Travis has recently earned his Ph.D. from Carnegie Mellon University under Bryan Parno, with work spanning systems, verification tools, and large verification projects. Travis is part of the Verus core team.
Alex recently finished his undergraduate studies at Tufts University majoring in computer science and mathematics, advised by Jeff Foster and David Smyth. Alex has contributed to Verus' internals and to its standard library.
Group leader Andrea Lattuada and postdoctoral researcher Travis Hance, who has recently joined the group, have received, along with their collaborators, the SOSP'24 Distinguished Artifact Award for their paper "Verus: A Practical Foundation for Systems Verification."
The artifact, available at https://verus-lang.github.io/paper-sosp24-artifact/, contains the code and proof for 5 sizable case studies, comprising over six thousand lines of executable code, verified with around 35 thousand lines of proof and specification code, and a number of smaller verification benchmarks. In combination, these help demonstrate Verus’ ability to quickly verify complex systems in multiple domains: from operating systems, to critical runtime components, to distributed systems.
Master Student at UdS
Research Assistant