Trent Jarger will discuss ongoing work in the verification of authorization hook placement in Linux. The idea is that we can develop tools to check that all security-sensitive kernel operations can be mediated properly. Dawson Engler will discuss ongoing work in static checking for kernal and driver bugs, including security bugs, based on his meta-complier xgcc. The idea is that reguirements can be expressed in a high-level language that the xgcc can check.David Wagner will discuss using formal modeling to guide the identifcation of security bugs. The idea is that a formal model generated fromteh source code can be more easily analyzed to find bugs.Cynthia Irvine will discuss security quality-of-service. The idea is that the cost of security in terms of performance and resource usage can be compared with the security benefits in such a way that decisions about security improvements can be made.