CSE Colloquium: Principled and Practical Approaches to Secure Open-Source Systems and Beyond


Open-source programs are everywhere and have become the backbone of today’s cyber world. Among them, system programs such as operating-system kernels and firmware are arguably the most critical ones, and their security may affect billions of devices and users.

Modern systems have become extremely complex, often containing millions of lines of code written in unsafe programming languages. As a result, they are unfortunately insecure, and a single security bug (vulnerability) may compromise the whole system and even a large portion of the network. In this talk, I will discuss how to secure open-source systems with principled and practical approaches. I will first introduce three important properties of secure open-source systems: understandability, assurability, and sustainability. Correspondingly, I will then discuss how to achieve these properties with an overarching, three-pronged approach: program understanding and reasoning, secure-by-design defense, and sustainable security protection. In addition, I will introduce our scalable and precise large-system analysis framework, and discuss our work on securing emerging platforms such as trusted execution environments and IoT devices. At last, I will conclude by discussing challenging but exciting research directions for future work.


Dr. Kangjie Lu is an assistant professor in the Computer Science & Engineering Department of the University of Minnesota-Twin Cities. His research interests include security and privacy, software engineering, operating systems, and security ethics. He is particularly interested in developing both principled approaches that address fundamental security problems and practical techniques that secure real-world systems. His research also frequently intersects with other fields such as machine learning and NLP, programming languages, compilers, architecture, and formal methods. His research results are regularly published at top-tier venues and have led to many important security updates in widely used software systems such as the Linux kernel, the Android OS, the FreeBSD kernel, Apple’s iOS, OpenSSL, PHP, etc. He is a recipient of the NSF CAREER award 2021 and won the best paper award at ACM CCS 2019 and a distinguished paper award at ACSAC 2022. He received his Ph.D. in Computer Science from the Georgia Institute of Technology in 2017.

Faculty Host: Dr. Trent Jaeger

Research Area: Computer Security


Share this event

facebook linked in twitter email

Media Contact: Erin Ammerman



The School of Electrical Engineering and Computer Science was created in the spring of 2015 to allow greater access to courses offered by both departments for undergraduate and graduate students in exciting collaborative research fields.

We offer B.S. degrees in electrical engineering, computer science, computer engineering and data science and graduate degrees (master's degrees and Ph.D.'s) in electrical engineering and computer science and engineering. EECS focuses on the convergence of technologies and disciplines to meet today’s industrial demands.

School of Electrical Engineering and Computer Science

The Pennsylvania State University

207 Electrical Engineering West

University Park, PA 16802


Department of Computer Science and Engineering


Department of Electrical Engineering