Andrea Lattuada

I lead the Principled Systems Group at the Max Planck Institute for Software Systems (MPI-SWS). I joined in September 2024.

Between the beginning of 2023 and the first half of 2024 I was a Researcher in the VMware Research Group. I got my PhD at the end of 2022 in the Systems Group at ETH Zürich, advised by Prof. Timothy Roscoe.

At the moment I do not have openings for internships, student applications, HiWi (UdS) or RIL projects.

I am a researcher and software engineer with experience in systems, databases, formal methods, and formal verification. You can find my academic profile at /research.

Verus Logo I co-started and co-lead the Verus project, Verus is a tool to rapidly verify the correctness of systems code written in Rust. The Verus project involves members from VMware Research, Microsoft Research, Carnegie Mellon University, ETH Zurich, University of Washington, University of Michigan, University of Wisconsin-Madison, and others. There are a number of research and industry projects using and developing Verus.

🏆 Research Awards

PLDI Distinguished Paper Award at PLDI '25 for "Destabilizing Iris"
Distinguished Artifact Award at SOSP '24 for "Verus: A Practical Foundation for Systems Verification"
Jay Lepreau Best Paper Award at OSDI '24 for "Anvil: Verifying Liveness of Cluster Management Controllers"
Recognized as Distinguished Reviewer for ASPLOS '24
Distinguished Paper Award at OOPSLA '22 for Linear Dafny ("Linear Types for Large-Scale Systems Verification")
Recipient of the 2018 Google PhD Fellowship for Systems and Networking (2018-2022)

Selected talks

Invited talk at AWS Identity, Amazon Inc., Remote (October 2024)

Verus – Efficient Verification of Rust Programs
New England Verification Workshop 2024, MIT CSAIL, Cambridge, Massachusetts, USA

Tunable automation for SMT-based verification in Verus
Dafny 2024 Workshop at POPL 2024, Paris, France

Co-author of Domesticating Automation

To be presented by Pranav Srinivasan
Rust Verification Workshop (RW2023) at ETAPS 2023, Paris, France

Rust Ghost Code
Invited talk at the New England Verification Workshop 2022, MIT CSAIL, Cambridge, Massachusetts, USA

Verus -- SMT-based verification of low-level systems code
Rust Verification Workshop (RW2022) at ETAPS 2022, Munich / Garching, Germany

Verus -- SMT-based verification of low-level systems code

Community talks

June 2023, Zürich Rust Meetup, ETH Zurich, Switzerland

Verus -- Verified Rust for low-level systems code
Rust Devroom at FOSDEM 2019, Brussels, Belgium

Containing the RDMA plasma
Rustfest 2017, Zürich, Switzerland

A hammer you can only hold by the handle
March 2017, Papers we love, Zürich, Switzerland

Naiad: A timely dataflow system

Peer-reviewed Publications

PLDI 2025 ⸺ Distinguished Paper Award

Destabilizing Iris, Simon Spies, Niklas Mück, Haoyi Zeng, Michael Sammler, Andrea Lattuada, Peter Müller, Derek Dreyer

46th ACM SIGPLAN Conference on Programming Language Design and Implementation
SOSP 2024 ⸺ Distinguished Artifact Award

Verus: A Practical Foundation for Systems Verification, Andrea Lattuada, Travis Hance, Jay Bosamiya, Matthias Brun, Chanhee Cho, Hayley LeBlanc, Pranav Srinivasan, Reto Achermann, Tej Chajed, Chris Hawblitzel, Jon Howell, Jacob R. Lorch, Oded Padon, Bryan Parno

The 30th Symposium on Operating Systems Principles
OSDI 2024 ⸺ Jay Lepreau Best Paper Award

Anvil: Verifying Liveness of Cluster Management Controllers, Xudong Sun, Wenjie Ma, Jiawei Tyler Gu, Zicheng Ma, Tej Chajed, Jon Howell, Andrea Lattuada, Oded Padon, Lalith Suresh, Adriana Szekeres, Tianyin Xu

18th USENIX Symposium on Operating Systems Design and Implementation
OOPSLA 2023

Verus: Verifying Rust Programs using Linear Ghost Types, Andrea Lattuada, Travis Hance, Chanhee Cho, Matthias Brun, Isitha Subasinghe, Yi Zhou, Jon Howell, Bryan Parno, Chris Hawblitzel

Proceedings of the ACM on Programming Languages
HotOS 2023

Beyond isolation: OS verification as a foundation for correct applications, Matthias Brun, Reto Achermann, Tej Chajed, Jon Howell, Gerd Zellweger, Andrea Lattuada

The 19th Workshop on Hot Topics in Operating Systems
OSDI 2023

Sharding the State Machine: Automated Modular Reasoning for Complex Concurrent Systems, Travis Hance, Yi Zhou, Andrea Lattuada, Reto Achermann, Alex Conway, Ryan Stutsman, Gerd Zellweger, Chris Hawblitzel, Jon Howell, Bryan Parno

17th USENIX Symposium on Operating Systems Design and Implementation
OOPSLA 2022 ⸺ Distinguished Paper Award

Linear Types for Large-Scale Systems Verification, Jialin Li, Andrea Lattuada, Yi Zhou, Jonathan Cameron, Jon Howell, Bryan Parno, Chris Hawblitzel

Proceedings of the ACM on Programming Languages
ITP 2021

Verified Progress Tracking for Timely Dataflow [Technical Report], Matthias Brun, Sára Decova, Andrea Lattuada, Dmitriy Traytel

The International Conference on Interactive Theorem Proving
OSDI 2020

Storage Systems are Distributed Systems (So Verify Them That Way!), Travis Hance, Andrea Lattuada, Chris Hawblitzel, Jon Howell, Rob Johnson, Bryan Parno

14th USENIX Symposium on Operating Systems Design and Implementation
VLDB 2020

Shared Arrangements: practical inter-query sharing for streaming dataflows [Technical report] [Talk video], Frank McSherry, Andrea Lattuada, Malte Schwarzkopf, Timothy Roscoe

Proceedings of the VLDB Endowment, Volume 13, No. 10 (VLDB 2020)
VLDB 2019

Megaphone: Latency-conscious state migration for distributed streaming dataflows, Moritz Hoffmann, Andrea Lattuada, Frank McSherry, Vasiliki Kalavri, John Liagouris, Timothy Roscoe

Proceedings of the VLDB Endowment, Volume 12, 2018-2019
BeyondMR 2018

Latency-conscious dataflow reconfiguration, Moritz Hoffmann, Frank McSherry, Andrea Lattuada

Proceedings of the 5th ACM SIGMOD Workshop on Algorithms and Systems for MapReduce and Beyond
NSDI 2018

SnailTrail: Generalizing critical paths for online analysis of distributed dataflows [Technical report], Moritz Hoffmann, Andrea Lattuada, John Liagouris, Vasiliki Kalavri, Desislava Dimitrova, Sebastian Wicki, Zaheer Chothia, Timothy Roscoe

Proceedings of the 15th USENIX Symposium on Networked Systems Design and Implementation
BeyondMR 2016

Faucet: a user-level, modular technique for flow control in dataflow engines, Andrea Lattuada, Frank McSherry, Zaheer Chotia

Proceedings of the 3rd ACM SIGMOD Workshop on Algorithms and Systems for MapReduce and Beyond

Journal Publications

Usenix ;login: ⸺ June 2024

Anvil: Building Kubernetes Controllers That Do Not Break, Xudong Sun, Jiawei Tyler Gu, Cody Rivera, Tej Chajed, Jon Howell, Andrea Lattuada, Oded Padon, Lalith Suresh, Adriana Szekeres, Tianyin Xu

Workshops, Conferences, Peer-review Service

ASPLOS '26 − External Review Committee
OOPSLA '26 − Program Committee (accepted invite)
RW2025 Rust Verification Workshop − Co-chair
OSDI '25 − Program Committee
ASPLOS '25 − External Review Committee
NSDI '25 − Program Committee
Dafny '24 − Program Committee
ASPLOS '24 − Program Committee - 🏆 Distinguished Reviewer
ASPLOS '22 − External Review Committee
OSDI '21 − Artifact Evaluation Committee
2018 - VLDB Journal − Referred reviewer

Blog Posts

The design and implementation of a lock-free ring-buffer with contiguous reservations

03 June 2019

This is the story of how James Munns and I designed and implemented (two versions!) of an high-perf lock-free ring-buffer for cross-thread communication. If any of those words look scary to you, don't fret, we'll explain everything from the basics.

A hammer you can only hold by the handle

05 November 2018

Today we're looking at the rust borrow checker from a different perspective. As you may know, the borrow checker is designed to safely handle memory allocation and ownership, preventing accessess to invalid memory and ensuring data-race freedom. This is a form of resource management: the borrow checker is tracking who's in charge of a chunk of memory, and who is currently allowed to read or write to it. In this post, we'll see how these facilities can be used to enforce higher-level API constraints in your libraries and software. Once you're familiar with these techniques, we'll cover how the same principles apply to advanced memory management and handling of other more abstract resources.