My research lies in the general area of software engineering, with an emphasis on automated verification and testing. The purpose of my research is to develop theories and techniques for verifying and validating the functionality, reliability, and security of software systems. My interests include but are not limited to model checking, symbolic execution, realizability analysis, predicate abstraction, automated testing, study of asynchronously communicating state machines, Web Services, and Workflow systems. Recently, my primary focus has been the application of static analyses to automated scanning of Web application vulnerabilities such as SQL injection, Cross-Site Scripting attack, and AJAX security holes.