[this includes some relevant work completed before the project started]

Software

• DALEQ - Datalog-based Binary Equivalence - a tool for the comparison of binaries from alternative / reproduced builds, currently being used or evaluated by Oracle and Google. [paper]
• shade detector - a tool to find vulnerable clones in Maven Central, has lead to several GHSA updates, including for CVE-2021-44228 (aka log4shell) [paper]