Travis D. Breaux Carnegie Mellon University Travis D. Breaux
Associate Professor of Computer Science
Institute for Software Research
School of Computer Science
5000 Forbes Avenue, Pittsburgh, PA 15213
5103 Wean Hall

Links: Home | Research | Teaching | Publications | Biography | Vitae

New Students

We are now accepting applications for a new Ph.D. student to join our research group. There are many great programs to consider, for example:

The choice of which program to apply to depends on one's preferences with regard to your professional and intellectual interests, curriculum requirements, other student interests in the programs, etc.

Current Students

Hanan Hibshi, Ph.D. Student in Societal Computing (SC). Ms. Hibshi is interested in usable security and privacy.

Jaspreet Bhatia, Ph.D. Student in Software Engineering. Ms. Bhatia is interested in applications of natural language processing and crowdsourcing to requirements engineering.

Daniel Smullen, Ph.D. Student in Software Engineering and co-advised with Dr. David Garlan. Mr. Smullen is interested in the intersection of requirements, architecture and policy-compliant systems.


Dr. Dave Gordon received the Ph.D. in Engineering and Public Policy for successfully defending his dissertation, entitled Without Borders: Addressing Legal Requirements in Multi-Jurisdictional IT Environments.

Funded Research Projects

Formal Analysis and Specification of Privacy and Security Requirements

Summary: As companies increasingly share sensitive, personal information, software developers need tools to design privacy-preserving and security systems. This includes emerging social networking, e-commerce and location-based services that collect and combine information in new, unprecedented ways. We are developing formal methods that can be used to reason about conflicting requirements within and among privacy and security policies in a complex data supply chain where responsibility for the data is distributed across multiple actors. Technical challenges in this research area include the ability to ask and answer relevant questions about privacy and security in ways that scale with specifications of large systems. The ability to support ambiguity and uncertainty in these specifications enables analysis and consideration of system design alternatives.

  • $693,716, NSF Frontier Award #1330596, National Science Foundation, Sep 2013 - Feb 2017
  • $120,000, Office of Naval Research, Jan 2014 - Aug 2015
  • $119,809, Office of Naval Research, Dec 2011 - Sep 2013

Multi-Jurisdictional Compliance for Distributed Software Systems

Summary: Increasingly, information systems are distributed across the physical and logical borders of nations, states and provinces. We see this trend emerging in mobile, social and cloud-based computing. The challenge for business analysts and software designers is to determine which set of requriements govern their systems as software and data move across these borders. This project aims to understand the "dynamics" of this multi-jurisdictional ecosystem to help analysts and designers develop legally compliant systems. The outcome of this research is empirically valid methods and tools that have been evaluated in real-world data.

  • $600,000, NSF CAREER Award #1453139, National Science Foundation, Sep 2015 - Aug 2020
  • $150,000, HPL IRP Award #CW267287 and HP Cloud & Security Lab, Oct 2011 - Sep 2013
  • $175,000, DHS Award #2006-CS-001-000001, via the I3P, Feb 2011 - Jul 2012

Improving the (Re-)Usability of Requirements Knowledge

Summary: Our prior research shows that software developers employ considerable domain knowledge when translating regulations, policies and standards into system requirements [Breaux & Baumer, 2011]. Furthermore, security best practices are often neglected when designing large-scale retail and financial systems, leading to software failures and regulatory violations [Breaux, Anton, Boucher, Dorfman, 2008]. This project aims to adapt theory from cognitive psychology to develop an experimental framework and theory for expressing, selecting and applying requirements patterns.

  • $146,670, National Security Agency, Apr 2015 - Mar 2016
  • $260,000, National Security Agency, Dec 2011 - Nov 2013

For more information, please see our research website.