Bianchi earns NSF CAREER Award to advance secure patching of outdated software - Department of Computer Science - Purdue University Skip to main content
Department of Computer Science

Bianchi earns NSF CAREER Award to advance secure patching of outdated software

06-18-2025

Antonio Bianchi, assistant professor in the Department of Computer Science at Purdue University

AntonioBianchi, assistant professor in the Department of Computer Science at Purdue University

Today, millions of devices worldwide are vulnerable to attacks, with repercussions that range from identity theft to system-wide failures. This is a result of older or unmaintained devices running outdated software that can't be easily updated because the code is not accessible, or the lack of involvement from the original vendors.

Antonio Bianchi, assistant professor in the Department of Computer Science at Purdue University, has been selected as a recipient of the prestigious National Science Foundation (NSF) CAREER Award for his proposed work to address these issues. The five-year grant will support his groundbreaking research into developing robust and trustworthy binary-level methods to patch outdated or unsupported software, even when the source code is unavailable.

Bianchi’s team aims to build new approaches and toolchains to safely and reliably patch such software directly at the binary level. Their research will develop trustworthy methods for generating, testing, and explaining software patches without access to source code, ensure patches securely fix vulnerabilities without introducing new bugs or breaking existing functionality and help protect critical systems from being compromised due to unpatched software.

“Purdue Computer Science has a long-standing tradition of excellence in cybersecurity research and education,” says Petros Drineas, professor and head of the Department of Computer Science.

“From foundational contributions to secure systems and software analysis to world-class centers like CERIAS and the PurSec Lab, our faculty continue to lead in tackling today’s most pressing security challenges. Professor Bianchi’s CAREER Award exemplifies this legacy and our commitment to advancing safe and trustworthy computing.”

The research

Bianchi leads the project as the principal investigator, with Ph.D. student Han Dai collaborating on the effort. Dai has already contributed preliminary work that helped shape the research direction.

The work will be conducted in Bianchi’s PurSec Lab, with additional support from Purdue’s renowned Center for Education and Research in Information Assurance and Security (CERIAS).

Bianchi is actively seeking graduate and undergraduate students interested in systems and software security to join his team. This CAREER funding will create new opportunities for student researchers to work on cutting-edge problems that have strong real‑world relevance.

“With this funding, we aim to make software patching safer, faster and more reliable, especially for older or unsupported systems,” said Bianchi. “Our goal is to help secure millions of devices that remain vulnerable simply because updating them is too complex, risky or impractical.”

Impact of patching

Over the past decade, the security community has made tremendous progress in detecting bugs using fuzzers, static analysis, and AI to uncover vulnerabilities. But identifying a flaw is only the first hurdle; safely fixing those problems, especially in aging or source-less systems, remains largely unsolved.

Too often, known vulnerabilities go unpatched due to testing concerns, lack of guarantee, or fear of breaking systems. Bianchi’s research tackles these core challenges, bringing us closer to a future where safe, reliable software updates are possible. even in outdated or unmaintained environments.

This project extends Bianchi’s previous work under the DARPA AMP program. As part of that effort, his team released the Patcherex2 tool for automated binary patching. The NSF CAREER award will enable them to significantly advance tool capabilities, incorporate rigorous testing and user-experience components, and publish open‑source releases to benefit both academia and industry.

NSF CAREER Awards

NSF CAREER awards are the organization’s most prestigious awards given to junior faculty who embody the role of teacher-scholars through research, education and the integration of those concepts within the mission of their organizations. CAREER awards support promising and talented researchers in building a foundation for a lifetime of leadership. Receiving this award reflects this project’s merit of the NSF statutory mission and its worthiness of financial support.

Beyond this CAREER grant, Bianchi conducts research in many areas of software and systems security including mobile and IoT device security (Android, iOS, and connected devices), Linux kernel exploitation and defense techniques, software vulnerability discovery and remediation, cyber–physical systems security and security of AI‑powered and autonomous systems. He is a core member of the Shellphish, OOO and Nautilus teams, and he has played and organized many security competitions. He earned third place at the DARPA Cyber Grand Challenge.

About the Department of Computer Science at Purdue University

Founded in 1962, the Department of Computer Science was created to be an innovative base of knowledge in the emerging field of computing as the first degree-awarding program in the United States. The department continues to advance the computer science industry through research. U.S. News & World Report ranks the department No. 8 in computer engineering and No. 16 overall in undergraduate and graduate computer science. Additionally, the program is ranked No. 6 in cybersecurity, No. 8 in software engineering, No. 13 in systems, No. 15 in programming languages and data analytics, and No. 18 in theory. Graduates of the program are able to solve complex and challenging problems in many fields. Our consistent success in an ever-changing landscape is reflected in the record undergraduate enrollment, increased faculty hiring, innovative research projects, and the creation of new academic programs. The increasing centrality of computer science in society, academic disciplines and new research activities — centered around foundations and applications of artificial intelligence and machine learning, such as natural language processing, human computer interaction, vision, and robotics, as well as systems and security — are the future focus of the department. Learn more at cs.purdue.edu.  

Last Updated: Jun 18, 2025 2:09 PM

Department of Computer Science, 305 N. University Street, West Lafayette, IN 47907

Purdue University Indianapolis, 723 W. Michigan St., Indianapolis, IN 46202

Phone: (765) 494-6010 • Fax: (765) 494-0739

Copyright © 2024 Purdue University | An equal access/equal opportunity university | Copyright Complaints | DOE Degree Scorecards

Trouble with this page? Accessibility issues? Please contact the College of Science.