Ferhat Erata

PhD Candidate at Yale | Applied Scientist Intern at AWS

Yale University

Biography

I am pursuing my PhD in Computer Science at Yale University under the guidance of Ruzica Piskac and Jakub Szefer. My recent research focuses on the automated inference of nonlinear relational properties, equalities, inequalities, and random self-reducible properties from programs by integrating machine learning with formal methods.

I am an Applied Scientist Intern at the Automated Reasoning Group of Amazon Web Services (AWS) mentored by Rupak Majumdar. I am developing tools for model-based testing, conformance checking, and fuzzing of distributed networked systems.

I have worked on verifying the side-channel insecurity of low-level Post-Quantum Cryptographic (PQC) code (EuroS&P 2023). I explored reverse engineering quantum circuits from power side-channel traces (CHES 2024, CCS 2023), and contributed to a technique that detects quantum computer viruses (HOST 2023). Additionally, I explored automated analysis of non-functional behaviors of intermittent programs (TECS 2023), and surveyed security verification techniques (JETC 2023).

Interests

Automated Reasoning
Program Analysis
Machine Learning
System Security
Distributed Systems
Software Engineering

Education

PhD in Computer Science, 2025
Yale University, CT, US
MSc, MPhil in Computer Science
Yale University, CT, US
MSc in Information Technologies
Ege University, Izmir, TR
BSc in Computer Science
Dokuz Eylul University, Izmir, TR

Experience

Graduate Research Assistant & Teaching Fellow

Yale University

June 2020 – Present New Haven, CT, US

Research Asistant:

Member of Rigorous Software Engineering (ROSE) Lab.
Member of Computer Architecture and Security (CASLAB) Lab.

Teaching Asistant:

CS437–Database Systems (Avi Silberschatz)
CS423–Principles of Operating System (Avi Silberschatz)
CS440–Advanced Databases (Robert Soule)

Applied Scientist Intern

Amazon Web Services (AWS)

May 2023 – January 2024 New York, NY, US

Automated Reasoning Group (ARG) – Developed a scheduler framework for randomized testing, model-based testing, and conformance checking of distributed AWS Services in Rust.

Applied Scientist Intern

Amazon Web Services (AWS)

June 2022 – January 2023 New York, NY, US

Automated Reasoning Group (ARG) – Developed a decision procedure in Rust programming languages for checking linearizability of distributed systems.

National Consortium Leader, Software Research Engineer

ITEA4 Project: XIVT–eXcellence In Variant Testing

October 2018 – August 2019 Ege University, Izmir, TR

I developed AlloyInEcore for Automated Model Reasoning from Alloy Specifications. Published in FSE 2018 and contributed to a Model-based Testing framework IEEE Access.

National Consortium Leader, Software Research Engineer

ITEA3 Project: ASSUME–Safe & Secure Mobility Evolution

September 2015 – December 2018 Ege University, Izmir, TR

I developed Tarski Automated Reasoning tool for Traces based on Formal Semantics. Published in FSE 2017 and SAC 2017.

Project Leader, Software Research Engineer

ITEA2 Project: Text & Model-Synchronized Document Engineering

January 2015 – September 2017 Ege University, Izmir, TR

I led the development of ModelWriter–Text and model-synchronization engineering platform. Published in ASE 2017.

Service

Management Committee Member

European Cooperation in Science and Technology (COST)

December 2017 – January 2019

Action IC1402 - Runtime Verification beyond Monitoring (ARVI)
Received a short-term scientific mission grant to visit Division of Formal Methods, Chalmers University of Technology, Gothenburg, Sweden,

Management Committee Member

European Cooperation in Science and Technology (COST)

January 2015 – January 2019

Action IC1404 - Multi-Paradigm Modelling for Cyber-Physical Systems (MPM4CPS)
Received a short-term scientific mission grant to visit Modelling, Simulation and Design lab (MSDL), University of Antwerp, Antwerp, Belgium.

Publications

See all publications by filtering.

Ferhat Erata, Chuanqi Xu, Ruzica Piskac, Jakub Szefer (2024). Quantum Circuit Reconstruction from Power Side-Channel Attacks on Quantum Computer Controllers. IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES).

PDF Cite Project

Chuanqi Xu, Ferhat Erata, Jakub Szefer (2023). Exploration of Power Side-Channel Vulnerabilities in Quantum Computer Controllers. ACM SIGSAC Conference on Computer and Communications Security (CCS).

PDF Cite Project DOI URL

Ferhat Erata, Ruzica Piskac, Victor Mateu, Jakub Szefer (2023). Towards Automated Detection of Single-Trace Side-Channel Vulnerabilities in Constant-Time Cryptographic Code. European Symposium on Security and Privacy (EuroS&P).

PDF Cite Slides Video DOI URL

Ferhat Erata, Eren Yildiz, Arda Goknil, Kasim Sinan Yildirim, Jakub Szefer, Ruzica Piskac, Gokcin Sezgin (2023). ETAP: Energy-aware timing analysis of intermittent programs. ACM Transactions on Embedded Computing Systems (TECS).

PDF Cite DOI URL

Ferhat Erata, Shuwen Deng, Faisal Zaghloul, Wenjie Xiong, Onur Demir, Jakub Szefer (2023). Survey of approaches and techniques for security verification of computer systems. ACM Journal on Emerging Technologies in Computing Systems (JETC).

PDF Cite DOI URL

Mohammad Yusaf Azimi, Celal Cagin Elgun, Atil Firat, Ferhat Erata, Cemal Yilmaz (2023). AdapTV: A Model-Based Test Adaptation Approach for End-to-End User Interface Testing of Smart TVs. IEEE Access.

PDF Cite DOI URL

Chuanqi Xu, Ferhat Erata, Jakub Szefer (2023). Classification of Quantum Computer Fault Injection Attacks. arXiv preprint arXiv:2309.05478.

PDF Cite Project DOI URL

Sanjay Deshpande, Chuanqi Xu, Theodoros Trochatos, Hanrui Wang, Ferhat Erata, Song Han, Yongshan Ding, Jakub Szefer (2023). Design of Quantum Computer Antivirus. International Symposium on Hardware Oriented Security and Trust (HOST).

PDF Cite DOI URL

Mert Ozkaya, Ferhat Erata (2020). A survey on the practical use of UML for different software architecture viewpoints. Information and Software Technology.

PDF Cite DOI URL

Bedir Tekinerdogan, Ferhat Erata (2020). Automated reasoning framework for traceability management of system of systems. Science of Computer Programming.

PDF Cite DOI URL

Matthias Kern, Ferhat Erata, Markus Iser, Carsten Sinz, Frederic Loiret, Stefan Otten, Eric Sax (2019). Integrating static code analysis toolchains. IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC).

PDF Cite DOI URL

Ferhat Erata, Arda Goknil, Ivan Kurtev, Bedir Tekinerdogan (2018). AlloyInEcore: embedding of first-order relational logic into meta-object facility for automated model reasoning. Proceedings of Foundations of Software Engineering (ESEC/FSE).

PDF Cite DOI URL

Ferhat Erata, Arda Goknil, Bedir Tekinerdogan, Geylani Kardas (2017). A tool for automated reasoning about traces based on configurable formal semantics. Proceedings of Foundations of Software Engineering (ESEC/FSE).

PDF Cite DOI URL

Ferhat Erata, Claire Gardent, Bikash Gyawali, Anastasia Shimorina, Yvan Lussaud, Bedir Tekinerdogan, Geylani Kardas, Anne Monceaux (2017). ModelWriter: Text and model-synchronized document engineering platform. 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE).

PDF Cite DOI URL

See all publications

Featured Projects

Chuanqi Xu, Ferhat Erata, Jakub Szefer

November, 2023 ACM SIGSAC Conference on Computer and Communications Security (CCS) selected

Exploration of Power Side-Channel Vulnerabilities in Quantum Computer Controllers

This work shows the first exploration and study of power-based side-channel attacks in quantum computers. The explored attacks could be used to recover information about the control pulses sent to these computers. By analyzing these control pulses, attackers can reverse-engineer the equivalent gate-level description of the circuits, and the algorithms being run, or data hard-coded into the circuits.

Ferhat Erata, Ruzica Piskac, Victor Mateu, Jakub Szefer

July, 2023 European Symposium on Security and Privacy (EuroS&P) selected

Towards Automated Detection of Single-Trace Side-Channel Vulnerabilities in Constant-Time Cryptographic Code

Pascal is a tool that introduces novel symbolic register analysis techniques for constant-time low-level cryptographic code, and verifies locations of potential single-trace power side-channel vulnerabilities with high precision. Pascal is evaluated on a number of implementations of post-quantum cryptographic algorithms, and it is able to find dozens of previously reported single-trace power side-channel vulnerabilities in these algorithms, all in an automated manner.

Ferhat Erata, Eren Yildiz, Arda Goknil, Kasim Sinan Yildirim, Jakub Szefer, Ruzica Piskac, Gokcin Sezgin

February, 2023 ACM Transactions on Embedded Computing Systems (TECS) selected

ETAP: Energy-aware timing analysis of intermittent programs

Energy harvesting battery-free embedded devices rely only on ambient energy harvesting that enables stand-alone and sustainable IoT applications. These devices execute programs intermittently when the harvested ambient energy in their energy reservoir is sufficient to operate and stop execution abruptly (and start charging) otherwise. This work presents a probabilistic symbolic execution approach that analyzes the timing and energy behavior of intermittent programs at compile time.

Contact

ferhat.erata@yale.edu
51 Prospect Street, AKW 203, New Haven, CT 06511