Marco Eilers

Senior Researcher (Oberassistent), Programming Methodology Group

Department of Computer Science, ETH Zurich

I am a senior researcher in the Programming Methodology Group at ETH Zurich, led by Prof. Peter Müller. I work on automated, deductive program verification, building tools and theory that let us prove, mechanically and with strong guarantees, that software behaves as intended.

My research focuses in particular on the verification of hyperproperties and information flow security for object-oriented programs, and on making powerful verification techniques usable for real-world languages. I lead the development of the Nagini verifier for Python, supervise the 2vyper verifier for Ethereum smart contracts, have been the main developer of the Viper verification infrastructure since 2022, and contributed to the VerifiedSCION project. I received my PhD from ETH Zurich in 2022, for which I was awarded the ETH Medal.

News

2026
Our paper Towards Cross-Language Verification between Python and C has been accepted in the SpecifyThis track at ISoLA 2026.
2026
I am on the program committee of OOPSLA 2027.
2026
I will give a talk at HYPER 2026.
2026
Our paper Modular Reasoning about Object Relations has been accepted at CAV 2026 and is available here.
2026
I am on the program committee of FMCAD 2026.
2026
I am on the program committee of CCS 2026.
2026
Won second-best team at the VerifyThis 2026 verification competition, together with Jonáš Fiala.
2025
Protocols to Code: Formal Verification of a Secure Next-Generation Internet Router appeared at CCS 2025, where it received a Distinguished Artifact Award.

Research

What I work on

I design verification techniques and build the tools that put them to work, spanning everyday programming languages, security properties that relate multiple executions, and safety-critical systems from internet routers to smart contracts.

Nagini

An automated, deductive verifier for statically typed Python programs. Nagini proves memory safety, absence of runtime errors, and rich functional, progress and information flow properties of real Python code. I lead its development.

Code Nagini, CAV 2018

Information Flow & Hyperproperties

Techniques to prove that programs do not leak secret information, and more generally to verify hyperproperties relating multiple executions. I design techniques that let standard verification tools check hyperproperties via modular product programs and extend them to concurrent programs (CommCSL).

CommCSL, PLDI 2023 Modular Product Programs, TOPLAS 2020 Product Programs in the Wild, CAV 2021

Viper

A verification infrastructure for permission-based reasoning developed at ETH Zurich. Its intermediate language and back-end verifiers are the foundation of tools like Nagini, 2vyper, Prusti, Gobra and VerCors. I have been one of its main developers since 2022.

Project Try online Fifteen Years of Viper, CAV 2025

Full-stack verification of the SCION next-generation internet architecture. Using Viper-based tools, we prove safety and security properties of the production Go implementation of the SCION router — from protocol models all the way down to running code.

Project Code Protocols to Code, CCS 2025 ★

Smart Contract Verification

Specifying and verifying rich functional and security properties of Ethereum smart contracts. The 2vyper tool verifies contracts written in Vyper against expressive, resource-style specifications that capture properties beyond conventional contract analyzers.

Code Rich Specifications, OOPSLA 2021 ★

Publications

Selected publications

A full and up-to-date list is available on DBLP and Google Scholar.

Conference papers

CAV 2026

Modular Reasoning about Object Relations M. Greutmann, M. Eilers, P. Müller
PDF
CCS 2025

Protocols to Code: Formal Verification of a Secure Next-Generation Internet Router J. Pereira, T. Klenze, S. Giampietro, M. Limbeck, D. Siliopoulos, F. Wolf, M. Eilers, C. Sprenger, D. Basin, P. Müller, A. Perrig
Distinguished Artifact Award

PDF
OOPSLA 2025

Modular Reasoning about Global Variables and Their Initialization J. Pereira, I. van Bakel, P. Firlejczyk, M. Eilers, P. Müller
PDF Publisher
CAV 2025

Fifteen Years of Viper M. Eilers, M. Schwerhoff, A. J. Summers, P. Müller
PDF Publisher
CAV 2024

Verification Algorithms for Automated Separation Logic Verifiers M. Eilers, M. Schwerhoff, P. Müller
PDF Publisher Slides
PLDI 2023

CommCSL: Proving Information Flow Security for Concurrent Programs using Abstract Commutativity M. Eilers, T. Dardinier, P. Müller
PDF Publisher arXiv Talk
OOPSLA 2021

Rich Specifications for Ethereum Smart Contract Verification C. Bräm, M. Eilers, P. Müller, R. Sierra, A. J. Summers
Distinguished Artifact Award

PDF Publisher Extended TR Talk
CAV 2021

Product Programs in the Wild: Retrofitting Program Verifiers to Check Information Flow Security M. Eilers, S. Meier, P. Müller
PDF Publisher Talk
OOPSLA 2020

Igloo: Soundly Linking Compositional Refinement and Separation Logic for Distributed System Verification C. Sprenger, T. Klenze, M. Eilers, F. Wolf, P. Müller, M. Clochard, D. Basin
PDF Publisher Extended TR Talk
CAV 2018

Nagini: A Static Verifier for Python M. Eilers, P. Müller
PDF Publisher Slides
CAV 2018

MaxSMT-based Type Inference for Python 3 M. Hassan, C. Urban, M. Eilers, P. Müller
PDF Publisher Slides
ESOP 2018

Modular Product Programs M. Eilers, P. Müller, S. Hitz
Best Paper Award nominee

PDF Publisher Slides

Journal articles

TOPLAS 2020

Modular Product Programs M. Eilers, P. Müller, S. Hitz ACM Transactions on Programming Languages and Systems 42(1)
PDF Publisher

Theses

PhD 2022

Modular Specification and Verification of Security Properties for Mainstream Languages Doctoral thesis, ETH Zurich. Advisor: Prof. Peter Müller.
ETH Medal

PDF
MSc 2014

Multireduce and Multiscan on Modern GPUs Master’s thesis, University of Copenhagen.
PDF

Recognition

Awards & honors

2026
Second-best team, VerifyThis 2026 verification competition (with Jonáš Fiala).
2025
Distinguished Artifact Award, CCS 2025 CCS ★
for Protocols to Code: Formal Verification of a Secure Next-Generation Internet Router.
2023
Best team, VerifyThis 2023 verification competition (with Alexander J. Summers).
2022
ETH Medal ETH ★ for an outstanding doctoral thesis, ETH Zurich.
2021
Distinguished Artifact Award, OOPSLA 2021 OOPSLA ★
for Rich Specifications for Ethereum Smart Contract Verification.
2021
Best student team, second place, VerifyThis 2021 (with Vytautas Astrauskas).
2018
Best Paper Award nomination, ESOP 2018, for Modular Product Programs.
2011
Best student in Business Information Systems (2008 cohort), Berlin School of Economics and Law.
2008
DMV-Abiturpreis, awarded by the Deutsche Mathematiker-Vereinigung.

Talks & Posters

Selected talks and posters

Jan 2026
Protocols to Code: Formal Verification of a Secure Next-Generation Internet Router (poster) · Dagstuhl seminar “Software Contracts Meet System Contracts”
Oct 2025
Modular Reasoning about Global Variables and Their Initialization · OOPSLA, Singapore
Jul 2025
Fifteen Years of Viper · CAV, Zagreb
Jul 2024
Verification Algorithms for Automated Separation Logic Verifiers · CAV, Montreal
Jul 2024
VerifiedSCION: Verified Secure Routing · FRIDA workshop, Montreal
Mar 2024
Resource-Based Specifications for Smart Contracts · Lorentz Center, Leiden
Sep 2023
Proving Python code correct with Nagini · Swiss Python Summit, Rapperswil
Jun 2023
CommCSL: Proving Information Flow Security for Concurrent Programs using Abstract Commutativity · PLDI, Orlando

Earlier talks

Sep 2022
Rich Specifications for Ethereum Smart Contract Verification · Formal Reasoning about Financial Systems Workshop, Stanford
Oct 2021
Rich Specifications for Ethereum Smart Contract Verification · Dagstuhl seminar “Rigorous Methods for Smart Contracts” & OOPSLA, Chicago
Jul 2021
Product Programs in the Wild: Retrofitting Program Verifiers to Check Information Flow Security · CAV (online)
Apr 2019
Modular Product Programs · Workshop on Program Equivalence and Relational Reasoning (PERR), Prague
Oct 2018
Viper: A Verification Infrastructure for Permission-based Reasoning · Tezos/Nomadic, Paris
Jul 2018
Nagini: A Static Verifier for Python · CAV, Oxford
Jul 2018
MaxSMT-based Type Inference for Python 3 · CAV, Oxford
Apr 2018
Modular Product Programs · ESOP, Thessaloniki
Oct 2016
Nagini: Verifying Python Programs in Viper · Charles University, Prague

Teaching

Teaching & supervision

As lecturer at ETH Zurich:

Spring 2023–26
Lecturer · Program Verification (MSc), every spring semester

I have also been a teaching assistant for MSc and BSc courses including Concepts of Object-Oriented Programming, Software Architecture & Engineering, Rigorous Software Engineering and Computer Science I.

Student supervision

I have supervised more than 30 Master’s and Bachelor’s theses, internships and research projects. A selection:

2025–26
Luca Schafroth, MSc · Formally Verified ASN.1 Python Encoders and Decoders · Report
2025
Nicolas Kaletsch, MSc · Verification of Information Flow Security in the Presence of Unverified Code · Report
2024–25
Markus Limbeck, MSc · Enhancing Deductive Verification of Unbounded Heap Data Structures · Report
2024–25
Etienne Birling, MSc · Cross-Language Verification of Python Modules Written in C · Report
2023–24
Frédéric Necker, MSc · Verification of Object Invariants in the Presence of Unverified Code · Report
2020
Christian Bräm, MSc · Verification of Advanced Properties for Real World Vyper Contracts · Report

More supervised projects

2026–
Rémi Germe, internship · Idiomatic Specification of Magic Wands in Implicit Dynamic Frames
2026–
Felix Beckers, practical work · VS Code Integration for an Automated Python Verifier
2025–26
Marco Principe, BSc · Enabling Ghost Code in the Nagini Verifier · Report
2025
Johannes Gasser, MSc · Theory-Based Verification Condition Encoding · Report
2024–25
Micha Greutmann, BSc · Enabling Object Equality Reasoning for Python · Report
2024–25
Victor Canard-Duchene, practical work · Exploring Loop Pre- and Postconditions in Viper
2024
Pascal Devenoge, BSc · Specification of Python Math and Data Science Libraries
2023–24
Edgars Vitolins, MSc · Verification of Python Code with a Dynamic Object Model · Report
2023–24
Patricia Firlejczyk, BSc · Specifying and Verifying Static Initialization in Deductive Program Verifiers · Description
2023–24
Andrea Keusch, practical work · Adding Debugging Functionality to Viper · Report
2023
Saman Eslami, summer fellowship · Bounded Model Checking for Viper
2023
Raoul van Doren, BSc · Advanced Counterexample Generation for Viper · Report
2020–21
Christian Bräm, internship
2020
Constantin Müller, MSc · Verification of Programs Written in Libra’s Move Language · Report
2019–20
Robin Sierra, internship
2019
Robin Sierra, MSc · Verification of Ethereum Smart Contracts Written in Vyper · Report
2019
Pavel Pozdnyakov, BSc · Lightweight Automatic Loop Invariant Selection · Report
2019
Mathias Blarer, BSc · Static Analysis of GPU Kernel Performance Hyperproperties · Report
2018
Severin Meier, MSc · Verification of Information Flow Security for Python Programs · Report
2018
Sascha Forster, BSc · Static Verification of the SCION Router Implementation · Report
2018
Christian Knabenhans, BSc · Automatic Inference of Hyperproperties · Report
2017–18
Benjamin Schmid, BSc · Abstract Read Permission Support for an Automatic Python Verifier · Report
2017
Benjamin Weber, MSc · Automatic Verification of Closures and Lambda-Functions in Python · Report
2017
Mostafa Hassan, BSc · A Static Type Inference for Python · Report
2017
Anatole Dahan, internship
2016
Vytautas Astrauskas, MSc · Input-Output Verification in Viper · Report
2016
Sahil Rishi, internship

Service

Academic service

Program committees: OOPSLA 2027, FMCAD 2026, CCS 2026, CAV 2026, iFM 2024, SOAP 2023, PriSC 2023, PERR 2022.

Artifact evaluation committees: ECOOP 2019.

Journal reviews: Formal Aspects of Computing (2025); International Journal on Software Tools for Technology Transfer (STTT, 2023 & 2024).

Subreviews: PLDI 2025, POPL 2024, ICALP 2023, ESOP 2023, ICTAC 2022, ISSTA 2022, SEFM 2020, CAV 2020, VMCAI 2020, iFM 2019, LOPSTR 2019, CAV 2019, ISSTA 2019, TACAS 2019, VMCAI 2019, FM 2018, ESOP 2017.