Rody Kersten is a software engineering manager at Synopsys. With his team, he works on the Sigma static analysis engine, also known as Rapid Scan Static. The exceptional speed of this tool allows to shift code analysis completely left in the software development lifecycle, and scan for vulnerabilities as-you-type in the IDE via the Code Sight plug-in.

He has received an M.Sc. (2010) and Ph.D. (2015) in Computer Science from Radboud University Nijmegen in The Netherlands. He is a former Postdoctoral Researcher at Carnegie Mellon University, and a former Assistant Professor at Open University of the Netherlands. His research interests include static analysis, formal verification, symbolic execution, and fuzz testing, with a focus on software resource consumption (time, memory, energy). As a software engineer, he has contributed to a variety of software analysis applications, including Synopsys' industry-leading Static Application Security Testing product Coverity.

Contact

Open-source tools

Kelinci, an interface for running AFL on Java programs.
JayHorn, a Horn-based verification tool for Java.
SPF-WCA, infers algorithmic complexity of Java methods. Based on Symbolic PathFinder.
ECAlogic, energy analysis of software-controlled systems.
ResAna, heap, stack and loop-bound analysis for Java.

Publications

Scientific peer-reviewed publications

• Complexity Vulnerability Analysis using Symbolic Execution [link]
  Kasper Soe Luckow, Rody Kersten and Corina Pasareanu
  In Software Testing, Verification and Reliability (Wiley), Volume 30, Issue 7-8, 2020.

• Badger: Complexity Analysis with Fuzzing and Symbolic Execution [pdf]
  Yannic Noller, Rody Kersten and Corina Pasareanu
  In Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2018).

• A Cloud-Based Execution Framework for Program Analysis [link]
  Daniel Balasubramanian, Dmitriy Kostyuchenko, Kasper Luckow, Rody Kersten, Gabor Karsai
  In International Conference on Software Engineering and Formal Methods (SEFM 2018).

• Symbolic Execution and Recent Applications to Worst-Case Execution, Load Testing and Security Analysis [pdf]
  Corina Pasareanu, Rody Kersten, Kasper Luckow, Quoc-Sang Phan
  In Advances in Computers, Volume 113.

• Poster: AFL-based Fuzzing for Java with Kelinci [pdf]
  Rody Kersten, Kasper Luckow and Corina Pasareanu
  In 24th ACM Conference on Computer and Communications Security (CCS 2017).

• Quantified Heap Invariants for Object-Oriented Programs [pdf]
  Temesghen Kahsai, Rody Kersten, Philipp Ruemmer and Martin Schäf
  In Proceedings of the 21st International Conference on Logic for Programming, Artificial Intelligence and Reasoning (LPAR 2017).

• Symbolic Complexity Analysis using Context-preserving Histories [pdf]
  Kasper Luckow, Rody Kersten and Corina Pasareanu
  In Proceedings of the 10th IEEE International Conference on Software Testing, Verification and Validation (ICST 2017). Won best paper award!

• Resource Contracts for Java [pdf]
  Rody Kersten, Martin Schäf and Temesghen Kahsai
  In Proceedings of the Java PathFinder Workshop 2016, ACM SIGSOFT Software Engineering Notes, 2016.

• Using Dependent Types to define Energy Augmented Semantics of Programs [pdf]
  Bernard van Gastel, Rody Kersten, Marko van Eekelen
  In Proceedings of the Fourth International Workshop on Foundational and Practical Aspects of Resource Analysis (FOPARA'15).

• Improving Coverage of Test-Cases Generated by Symbolic PathFinder for Programs with Loops [pdf]
  Rody Kersten, Suzette Person, Neha Rungta and Oksana Tkachuk
  In Proceedings of the Java PathFinder Workshop 2014, ACM SIGSOFT Software Engineering Notes, 2015.

• ECAlogic: Hardware-Parametric Energy-Consumption Analysis of Algorithms [pdf]
  Marc Schoolderman, Jascha Neutelings, Rody Kersten and Marko van Eekelen
  In Proceedings of the 13th Foundations of Aspect-Oriented Languages Workshop, pages 19-22, 2014.

• A Hoare Logic for Energy Consumption Analysis [pdf]
  Rody Kersten, Paolo Parisen Toldin, Bernard van Gastel and Marko van Eekelen
  In Proceedings of the Third International Workshop on Foundational and Practical Aspects of Resource Analysis (FOPARA'13), LNCS 8552, pages 93-109, 2014.

• ResAna: A Resource Analysis Toolset for (Real-Time) Java [pdf]
  Rody Kersten, Bernard van Gastel, Olha Shkaravska, Manuel Montenegro and Marko van Eekelen
  Journal of Concurrency and Computation: Practice and Experience, Vol. 26, Number 14, Pages 2432-2455. Wiley, 2014.

• Using Model-Checking to Reveal a Vulnerability of Tamper-Evident Pairing [pdf]
  Rody Kersten, Bernard van Gastel, Manu Drijvers, Sjaak Smetsers and Marko van Eekelen
  In Proceedings of the 5th NASA Formal Methods Symposium, LNCS 7871, pages 63-77. Springer, May 2013.

• Making Resource Analysis Practical for Real-Time Java [pdf]
  Rody Kersten, Olha Shkaravska, Bernard van Gastel, Manuel Montenegro and Marko van Eekelen
  In JTRES'12: Proceedings of the 10th International Workshop on Java Technologies for Real-time and Embedded Systems, ACM Digital Proceedings Series, 2012.

• Test-Based Inference of Polynomial Loop-Bound Functions [pdf]
  Olha Shkaravska, Rody Kersten and Marko van Eekelen
  In PPPJ'10: Proceedings of the 8th International Conference on the Principles and Practice of Programming in Java, pages 99-108, 2010.

Technical reports

• Soundness Proof for a Hoare Logic for Energy Consumption Analysis [pdf]
  Paolo Parisen Toldin, Rody Kersten, Bernard van Gastel, and Marko van Eekelen
  Technical report ICIS--R13009, Radboud University Nijmegen, October 2013.

• Ranking Functions for Loops with Disjunctive Exit-Conditions [pdf]
  Rody Kersten and Marko van Eekelen
  In Ricardo Peña (ed.) Proceedings of the 2th International Workshop on Foundational and Practical Aspects of Resource Analysis (FOPARA2011). Madrid, Spain. Tech. Rep. SIC-08/11. Dept. Computer Systems and Computing Universidad Complutense de Madrid. pp. 111-126. May 2011.

Non-scientific

• Software en Energiegebruik
  Marko van Eekelen, Rody Kersten and Bernard van Gastel
  In Duurzame ICT, Grondstof en energiebron voor een duurzame wereld, pages 23-33, 2010.

Poster presentations

• JayHorn: A framework for verifying Java programs
  Temesghen Kahsai, Rody Kersten, Philipp Rümmer, Huascar Sanchez, Martin Schäf
  At CAV '16, July 2016, Toronto, Ontario, Canada.

• Big Energy Data for Software Engineering
  Christoph Bockisch, Jeroen Keiren, Bernard van Gastel, Rody Kersten, Marko van Eekelen
  At ECOOP '15, July 2015, Prague, Czech Republic.

• Go-Green: Greener house through a self-learning, privacy-aware, user-centric, energy-aware, wireless monitoring and control system
  Rody Kersten
  At An Innovative Truth IV, June 2012, Beatrix Theater, Utrecht, The Netherlands.

PhD Thesis

• Software Analysis Methods for Resource-Sensitive Systems [pdf]
  Rody Kersten, July 2015.