Education
Ph.D. Dissertation – Computer Science
I obtained my Ph.D. in Computer Science from SOFT, VUB, in 2026 under the supervision of Prof. Dr. Coen De Roover and Prof. Dr. Wolfgang De Meuter.
My dissertation, titled Provenance-Aware Dynamic Analysis of JavaScript, proposes a comprehensive framework to facilitate dynamic analysis of managed languages. The framework relies exclusively on source instrumentation and is illustrated using JavaScript. It helps reduce syntactic complexity, track the provenance of primitive values, and orchestrate distributed system analyses.
Abstract
Dynamic program analysis, which examines a program's behavior during execution, is essential in domains such as security and software maintenance. This dissertation focuses on provenance-aware analysis, such as dynamic taint analysis, which requires tracking how data propagates during execution. To implement analyses independently from the execution environment, a common approach is to instrument the source code of the target program. However, developing robust instrumentation-based analysis tools is hindered by three key challenges in most managed languages: the syntactic complexity of the language complicates instrumentation; optimizations in the representation of immutable values make provenance tracking difficult; and the distributed nature of modern applications requires analysis orchestration.
This dissertation presents a novel modular approach to overcome these challenges for JavaScript. To simplify instrumentation, we transpile programs into a core variant. Compared to JavaScript, this core variant employs simpler constructs, reduces the number of syntactic node types by 57%, and still passes 99.8% of the official JavaScript conformance test suite. To track immutable values, we introduce a value-centric approach that promotes primitive values to transparent reference values, which requires an access-control system based on reflection. Owing to JavaScript's reflection API, this method yields high precision and transparency, albeit with a performance cost. Finally, to coordinate the analysis of distributed applications, we centralize the analysis logic in a dedicated process. This architecture provides high expressiveness and convenience for the analysis developer, but introduces additional communication overhead.
This research advances the state of the art by delivering a modular framework for building robust instrumentation-based tools for provenance-aware analyses in JavaScript.
Master of Science in Engineering – Computer Science
I graduated with great distinction (top 25% of the class) from my Master of Engineering, specializing in Computer Science, at ULB in 2012.
Master Thesis: Iterative Typing
In my Master’s thesis, I developed a hybrid type system, called *Iterative Typing*, which statically types programs and inserts runtime checks when static analysis cannot guarantee the absence of type errors. This approach allows more expressive programs to be typed, at the cost of detecting some type errors at runtime, though still earlier than with fully dynamic typing.
Abstract
Types have been introduced into programming languages to increase safety and the abstraction level; with typing, programmers no longer directly manipulate byte strings but data of a certain type instead. Type systems must make a compromise between static safety and expressiveness; static safety being the ability to detect errors based on static code analysis and expressiveness being the ability to denote concepts. Traditionally, programming languages are separated into two classes: statically typed languages and dynamically typed languages. The first class emphasizes early error detection and catches many errors during static code analysis. The second emphasizes expressiveness but catches errors very late, right before calls to built-in functions. The gap between those two classes is considerable and we argue that the best of those two worlds can be combined. The compromise this thesis defends is called iterative typing. In essence, iterative typing is static typing that delays as few checks as possible for runtime. When uncertainty occurs during static code analysis, static typing typically makes assumptions that allow the analysis to continue but inhibit the expressiveness of the language. In the same situation, iterative typing inserts annotations into the code so the uncertainty can be precisely resolved at runtime, when more information will be available. Iterative typing shines when type deduction depends on the executed branch of a conditional structure as is the case for dispatch on types and deserialization patterns. As a validation of iterative typing, we present three case studies of practical interest; although the exposed solutions are implemented in a dynamic way, iterative typing is able to catch errors early on.
Bachelor of Science in Engineering – Civil Engineering
I graduated from my Bachelor of Engineering at ULB (École Polytechnique de Bruxelles) in 2010.