Work summary:
I work as a software engineer in Software Integrity Group at Synopsys Inc. (India), located at Prestige Blue Chip, Bengaluru, India.
My current focus is on development state-of-the-art lightweight, scalable, and precise static/program analysis tool that detects
security vulnerabilities in software code to safeguard it from different types of attacks.
Prior to joining Synopysis Inc. in July 2022, I worked as a senior scientist at TRDDC, one of the research-and-innovation labs of TCS Research (Tata Consultancy Services Ltd), located in Pune, India.
My research interests span across several aspects of program analysis, software security, software verification, and software engineering.
Currently, my primary focus is on (1) analysis and verification of smart contracts to detect security vulnerabilities, and (2) improving the state of program analysis and alarms postprocessing by using machine learning.
More details about my work and work-experience are
here.
Education summary:
PhD from Eindhoven University of Technology (TU/e) in 2020. More details about my PhD and thesis can be found here.
Bachelor of Engineering in Computer Science in 2006 from Maharashtra Institute of Technology, Pune, affiliated to University of Pune, India.
Service to Conference Organizing/Journals:
PC Member:
ISEC 2023 (Research track),
SANER 2023 (ERA track),
SANER 2022 (ERA track),
ICSE 2022 (Artifacts Evaluation track),
SCAM 2021 (Research track, distinguished reviewer award ),
SANER 2021 (ERA track),
SCAM 2020 (NIER track), SCAM 2019 (Research track),
DSN 2019 (Industry track),
DSN 2017 (Industry track), SANER 2015 (Research track).
Referee for Journals:
IST (2022),
TDSC (2022),
TDSC (2021),
IST (2021),
EMSE (2021),
EMSE (2019).
Sub-reviewer (Conference):
SANER 2021 (RENE track),
ISEC 2021 (Research track),
ISEC 2019 (Research track),
ISEC 2018 (Research track),
SEFM 2016 (Research track).
Others:
ATVA 2017 (Finance Chair), ISSRE 2015 (Industry panelist).
Tutorials/Invited talks:
- Invited talk - Approaches for Postprocessing of Static Analysis Alarms.
Oracle Labs, Brisbane, Australia. March 30, 2022.
- Tutorial - Approaches and techniques for automatic postprocessing of static analysis alarms.
Half day tutorial in ISSRE 2020 conference. Coimbra, Portugal. October 14, 2020.
- Tutorial - Approaches and techniques for automatic postprocessing of static analysis alarms.
Half day tutorial in ISSRE 2019 conference. Berlin, Germany. October 28, 2019.
- Invited talk - Thinking optimizations in programming.
Maharashtra Institute of Technology, Pune, India. Feb 11, 2016.
- Invited talk - Efficient elimination of false positives.
Fraunhofer USA. USA. November 06, 2015.
Collaborators and Interns:
Collaborators:
Dr. Bonita Sharif (University of Nebraska - Lincoln): 2018 onwards;
Dr. Alexander Serebrenik (Eindhoven University of Technology): 2016 onwards,
Prof. Uday Khedker (IIT Bombay): 2014-2016,
Dr. Paddy Krishnan (Bond University): 2010.
Interns: I had the privilege of supervising several interns at TRDDC. The recent ones are -
2021: Furqan Khangujjar (IIT Patna), Bhanu Prakash Reddy Koppula (IIIT Nagpur).
2020: Abhinav Kumar (IIIT Pune), Prajkta Kodavade (Walchand College of Engineering, Sangli), Nathan van Beusekom (Eindhoven University of Technology).
2019: Anushri Laddha (IIIT Nagpur), Peeyush Kushwaha (IIIT Delhi), Kunal Verma (IIT Gandhinagar).
Publications:
- Tukaram Muske and Alexander Serebrenik.
Classification and Ranking of Delta Static Analysis Alarms. 22nd IEEE International Working Conference on Source Code Analysis
& Manipulation (SCAM 2022), accepted
(PDF)
- Niloofar Mansoor, Tukaram Muske,
Alexander Serebrenik, and Bonita Sharif.
An Empirical Assessment of Repositioning of Static Analysis Alarms. 22nd IEEE International Working Conference on Source Code Analysis
& Manipulation (SCAM 2022), accepted
(PDF)
- Tukaram Muske and Alexander Serebrenik.
Survey of Approaches for Postprocessing of Static Analysis Alarms. ACM Computing Surveys (CSUR),
55, no. 3 (2022), pp: 1-39, ACM, 2022.
(DOI
· PDF)
- Tukaram Muske and Alexander Serebrenik.
Techniques for efficient automated elimination of false positives.
20th International Working Conference on Source Code Analysis and Manipulation (SCAM 2020),
pp. 259-263. IEEE, 2020. (DOI
· PDF
· Slides
· YouTube)
- Tukaram Muske, Rohith Talluri, and Alexander Serebrenik.
Reducing static analysis alarms based on non-impacting control dependencies. Asian Symposium on Programming Languages and Systems (APLAS 2019),
pp. 115-135. Springer, 2019. (DOI
· PDF
· Slides)
- Tukaram Muske, Rohith Talluri, and Alexander Serebrenik.
Repositioning of static analysis alarms. 27th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2018), pp. 187-197. ACM, 2018.
(DOI
· PDF
· version with proofs
· Slides)
- Tukaram Muske and Alexander Serebrenik. Survey of approaches for handling static analysis alarms.
16th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM 2016), pp. 157-166. IEEE, 2016.
(DOI
· PDF
· Slides)
- Tukaram Muske and Uday P. Khedker. Cause points analysis for effective handling of alarms.
27th IEEE International Symposium on Software Reliability Engineering (ISSRE 2016), pp. 173-184. IEEE, 2016.
(DOI
· PDF
· Slides)
- Tukaram Muske and Uday P. Khedker. Efficient elimination of false positives using static analysis. 26th IEEE International Symposium on Software Reliability Engineering (ISSRE 2015), pp. 270-280. IEEE, 2015. (DOI· PDF · Slides)
- Tukaram Muske and Prasad Bokil. On implementational variations in static analysis tools. 22nd International Conference on Software Analysis, Evolution, and Reengineering (SANER 2015), pp. 512-515. IEEE, 2015. (DOI
· PDF)
- Tukaram Muske and Amey Zare. Inconsistencies-based multi-region protocol verification. International Conference on Advances in System Testing and Validation Lifecycle (VALID 2014), pp. 40-45. IARIA XPS Press, 2014. (DOI)
- Tukaram Muske. Improving review of clustered-code analysis warnings. International Conference on Software Maintenance and Evolution (ICSME 2014), pp. 569-572. IEEE, 2014. (DOI)
- Tukaram Muske. Supporting reviewing of warnings in presence of shared variables: Need and effectiveness. 25th IEEE International Symposium on Software Reliability Engineering Workshops (ISSRE Workshops 2014) pp. 104-107. IEEE, 2014. (DOI)
- Tukaram Muske, Ankit Baid, and Tushar Sanas. Review efforts reduction by partitioning of static analysis warnings. 13th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM 2013) pp. 106-115. IEEE, 2013. (DOI)
- Tukaram Muske. Improving manual analysis of automated code inspection results: Need and effectiveness. 24th IEEE International Symposium on Software Reliability Engineering Workshops (ISSRE Workshops 2013) pp. 53. IEEE, 2013. (DOI)
- Tukaram Muske, Advaita Datar, Mayur Khanzode, and Kumar Madhukar. Efficient elimination of false positives using bounded model checking. International Conference on Advances in System Testing and Validation Lifecycle (VALID 2013), pp. 13-20. IARIA XPS Press, 2013. (DOI)
- Padmanabhan Krishnan, R. Venkatesh, Prasad Bokil, Tukaram Muske, and P. Vijay Suman. Effectiveness of random testing of embedded systems. 45th Hawaii International International Conference on Systems Science (HICSS 2012), pp. 5556-5563. IEEE, 2012. (DOI)
- P. Vijay Suman, Tukaram Muske, Prasad Bokil, Ulka Shrotri, and R. Venkatesh. Masking boundary value coverage: Effectiveness and efficiency. 5th International Academic and Industrial Conference on Testing - Practice and Research Techniques (TAIC PART 2010), pp. 8-22. Springer, 2010. (DOI · PDF)
- Nishigandha Hirve, Tukaram Muske, Ulka Shrotri, and R. Venkatesh. Feature based structuring and composing of SDLC artifacts. 22nd International Conference on Software Engineering & Knowledge Engineering (SEKE 2010), pp. 583-586. 2010. (PDF)
Patents:
- Tukaram B Muske and Vinayak Kumar Charaka. Method and system for reducing gas consumption in ethereum smart contracts. Recently filed in India (July 2022).
- Tukaram B Muske. Method and system for identification of redundant function-level slicing calls. Under examination in India, US, and EPO.
- Tukaram B Muske. Method and system for classification and ranking of delta alarms. Under examination in India, US, and EPO.
- Tukaram B Muske. Method and system for identification and elimination of false positives from delta alarms.
Granted in USA (2022);
under examination in India and EPO.
- Tukaram B Muske and Rohith Talluri. Method and system for non-impacting control dependencies-based repositioning of static analysis alarms.
Granted in USA (2020);
under examination in India.
- Tukaram B Muske and Rohith Talluri. Method and system for repositioning of a plurality of static analysis alarms.
Granted in USA (2020),
Japan (2020),
and EPO (2020);
under examination in India.
- Tukaram B Muske. System and method for cause point analysis for effective handling of static analysis alarms.
Granted in USA (2020)
and EPO (2021);
under examination in Japan, and India.
- Tukaram B Muske. Static analysis based efficient elimination of false positives.
Granted in USA (2018)
and Japan (2018);
under examination in EPO and India.
- Tukaram B Muske. Reviewing warnings generated in clustered-code analysis.
Granted in USA (2018) and
Japan (2017); under examination in India.
- Tukaram B Muske. System and method to facilitate a user interface enabled review of static analysis warnings.
Granted in USA (2015),
Japan (2017), and
India (2021).
- Tukaram B Muske, Advaita Datar, Mayur Khanzode, and R. Venkatesh. System and method for facilitating a model checker based elimination of false positives. Under examination in India.
- Tukaram B Muske, Advaita Datar, and Amey Anand Zare. Method and system for verifying sleep wakeup protocol by computing state transition paths.
Granted in USA (2015),
Japan (2016) , and
India (2021).
- Tukaram B Muske, Ankit Baid, and Tushar Rohidas Sanas. A system and method to provide grouping of warnings generated during static analysis.
Granted in USA (2016) and
Japan (2016), and India (2022).
- Vijay Suman Pasupuleti, Tukaram B Muske, Prasad Bokil, Ulka Shrotri, Venkatesh Ramanathan, and Priyanka Darke. A system and method for automatic test data generation for relational testing.
Granted in USA (2013).