Andrew W. Appel

Eugene Higgins Professor of Computer Science
Department of Computer Science
Princeton University

Andrew Appel Bio & Contact



My students

Research Interests: program verification, computer security, programming language semantics, machine-checked proofs, compilers, and election technology.

DeepSpec   The Science of Deep Specification
National Science Foundation Expedition in Computing 2016-2021

Verified Software Toolchain
VST project page
CertiCoq project page
Voting machines

Recent articles on voting:
Are voting-machine modems truly divorced from the Internet?
Securing the Vote — National Academies report
Serious design flaw in ESS ExpressVote touchscreen: “permission to cheat”
Design flaw in Dominion ImageCast Evolution voting machine
Continuous-roll VVPAT under glass: an idea whose time has passed
An unverifiability principle for voting machines
Ten ways to make voting machines cheat with plausible deniability
Cheating with paper ballots
End-to-End Verifiable Elections
When the optical scanners jam up, what then?
Two cheers for limited democracy in New Jersey
Florida is the Florida of ballot-design mistakes
Expert opinions on in-person voting machines and vote-by-mail
Why voters should mark ballots by hand
Pilots of risk-limiting election audi ts in California and Virginia
Reexamination of an all-in-one voting machine
Voting machines I recommend
BMDs are not meaningfully auditable
ImageCast Evolution voting machine: Mitigations, misleadings, and misunderstandings
How to do a Risk-Limiting Audit

   Internet Voting? Really?

Technology Policy

Center for Information Technology Policy

My blog at Freedom to Tinker

Other technology policy work I've done

Previous research projects

Standard ML of New Jersey, a compiler for the type-safe functional programming language ML.
Foundational Proof-Carrying Code for security of untrusted code.
Enterprise Network Security Analysis.