Sean is available for hire

Sean Anderson

Verified Expert in Engineering

Software Engineer and Developer

Los Angeles, CA, United States

Toptal member since October 18, 2024

Expertise

Linux OCaml Rust Ethereum Python Jenkins

Bio

Sean is a formal verification expert with a deep knowledge of programming language theory. He has five years of experience formulating and proving properties of sophisticated software systems. Sean excels at distilling complex concepts into rigorous formal specifications that customers can depend on.

Portfolio

CertiK

Rust, Verus

CertiK

Coq, Rust

CertiK

Coq, Compiler Construction, Ethereum

Experience

Linux - 10 years
Formal Methods - 7 years
Formal Verification - 7 years
Programming Languages - 7 years
Coq - 5 years
Compiler Construction - 3 years
Rust - 2 years

Availability

Full-time

Preferred Environment

Linux, Emacs, Coq

The most amazing...

...project I've led is the Hyperenclave correctness proof, in which I defined the top-level safety theorem and the structure of the overall proofing system.

Work Experience

Formal Verification Consultant

2024 - PRESENT

CertiK

Led verification of a Rust-based operating system kernel using the Verus verification tool.
Owned the page-table subsystem of the kernel and created an abstract specification.
Rewrote the client Rust code when necessary to conform to Verus standards.

Technologies: Rust, Verus

Research and Development Intern

2021 - 2021

CertiK

Verified Rust-based hypervisor implementation formally.
Expanded proof automation for functional correctness proofs in Coq.
Developed memory models and Rust formal semantics for use in proofs.
Led a team of four interns on overall verification efforts.
Formalized a top-level security theorem for non-interfering trusted execution environments.
Outlined a proof structure, connecting a top-level theorem with functional specifications.
Prioritized a critical subset of the codebase for verification.

Technologies: Coq, Rust

Research and Development Intern

2020 - 2020

CertiK

Extended the CompCert-based DEEPSEA compiler to target Ethereum Virtual Machine (EVM) bytecode with local memory.
Created shared low-level intermediate representation (IR) that compiles to EVM and WebAssembly (Wasm).
Defined a novel "extended identifier" memory model to exploit the structure of EVM storage.

Technologies: Coq, Compiler Construction, Ethereum

Software Engineer

2013 - 2017

IBM

Developed and supported customized Linux-based operating systems for embedded devices.
Engaged with project management principles to plan for long-term supportability of specialized operating systems.
Drove implementation of continuous integration using Jenkins, smoothing the workflow for active customers and developers and enabling adoption by other teams.
Obtained the Manager's Choice Award for Agile development practices.
Worked closely with customers to develop clear support expectations motivated by long-term client success.

Technologies: Linux, Python, Bash, Jenkins

Experience

Tagged C

https://github.com/SNoAnd/Tagged-C

A security policy definition framework for the C programming language that uses a tag-based runtime monitor embedded in formal C language semantics. This project forms the core of my PhD thesis. I developed the semantics by extending those of CompCert C, modified the accompanying C interpreter, and proved the soundness and completeness of the interpreter. I have also used this framework to define and verify the correctness of a compartmentalization policy.

Stack Safety as Security Property

https://github.com/SNoAnd/stack-safety

How can we know when the stack is protected from attack? Numerous protection mechanisms promise stack safety, but there had been no rigorous, formal definition until I formalized this one. This theory-oriented project was published at Computer Security Foundations in 2023. It was a joint work with four co-authors. I came up with the key concepts of formalism and was the primary driver of the work, and implemented randomized property-based testing (a form of fuzzing) to show that a specific secure hardware mechanism could successfully enforce stack safety.

HyperEnclave Verification

HyperEnclave is a page-table-based trusted execution environment (TEE) written in Rust. As a CertiK research and development intern, I played a central role in verifying the isolation of enclaves within the system. I formalized the top-level theorem in Coq and sketched the overall proof structure. At the time, Rust had no published formal semantics, and I was responsible for writing the language model that we used to prove correctness. I also led a group of four interns in the proofs of functional correctness for pieces of Rust code, also using Coq. In the process, I became deeply familiar with Ltac metaprogramming, as I kept track of my team's friction points and wrote about Ltac tactics to help smooth the proof process. This work was eventually published in ASPLOS '24.

Education

2017 - 2024

PhD in Computer Science

Portland State University - Portland, OR, USA

2009 - 2013

Bachelor's Degree in Computer Science

Clarkson University - Potsdam, NY, USA

Skills

Tools

Emacs, Jenkins

Languages

Coq, Rust, OCaml, Python, Bash, Assembly

Platforms

Linux, Ethereum

Paradigms

Fuzz Testing, Metaprogramming

Other

Formal Methods, Formal Verification, Programming Languages, Security, Software Engineering, formal semantics, Verus, Compiler Construction, Computer Science, RISC-V ISA, Semantics, Paging

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring