Michael Hicks

I am an associate professor in the Computer Science Department and UMIACS at the University of Maryland, College Park. My primary research interest is to develop and evaluate techniques to improve software reliability and security. I am the Director of the Maryland Cybersecurity Center (MC2), and with Jeff Foster I direct PLUM, the lab for Programming Languages research at the University of Maryland. You may find it interesting to read about how we organize our group.

Here is my current vita and a list of my publications, organized by year and by category.

I received my Ph.D. in Computer and Information Science from the University of Pennsylvania in August 2001, and I spent one year as a post-doctoral associate affiliated with the Information Assurance Institute of the Computer Science Department at Cornell University. During academic 2008 - 2009, I was on sabbatical in Cambridge, England. From September to November I was at Microsoft Research and from December to August 2009 I was at the University of Cambridge Computer Laboratory. I started as director of MC2 in October 2011. 

How fast can you type? (My best so far is 100 wpm.)

Research

I am currently working on a number of projects.

Dynamic Software Updating - how to safely, efficiently, and flexibly update running code.

Language-based Security - means to enforce security policies through programming languages and analyses. A recent exemplar, though currently inactive, is SELinks. A follow-on project Coco, examines how to add coercions to programs automatically, which can be used to include security-checking code, among many other more general constructions. I have also been looking into quantitative information flow security, as exemplified by this paper.

Diamondback Ruby - static and hybrid static/dynamic typing for the Ruby scripting language.

Previously, I was involved with the development of Otter, a symbolic executor for C programs. I also worked on LockSmith, a static analysis tool for proving the absence of race conditions in C programs, and a novel user interface technique applied to it called Path Projection, which is a browser-based UI toolkit for presenting, navigating, and querying paths emitted as static analysis results. I was also a core developer of Cyclone, a safe dialect of C. I have an interest in systems and networking as well, and for a while I worked on measurement-aware data transport. Links to all past projects may be found on the PLUM home page.

Students

Graduated students:

Chris Hayden*	Clear, Correct, and Efficient Dynamic Software Updates
	at Washington Post Labs, since June 2012
Justin McCann	Automating Performance Diagnosis in Networked Systems
Martin Ma*	Improving Program Testing and Understanding via Symbolic Execution
	Software Engineer, Amazon, since January 2012
Saurabh Srivastava*	Satisfiability-based Program Reasoning and Program Synthesis
	Assistant Research Engineer (previously a post-doc), Berkeley, since July 2010
Pavlos Papageorgiou	The Measurement Manager: Modular and Efficient End-to-end Measurement Services
	Software Engineer, Google, since December 2008
Iulian Neamtiu	Practical Dynamic Software Updating
	Asst. Prof, UC Riverside, since Fall 2008
Polyvios Pratikakis*	Sound, precise, and efficient static race detection for multithreaded programs
	Researcher, Institute of Computer Science, FORTH (Crete, Greece), since Spring 2010 (previously a post-doc at CNRS/VERIMAG)
Nikhil Swamy	Language-based Enforcement of User-defined Security Policies as Applied to Multi-tier Web Applications
	Researcher, Microsoft Research, Redmond, since Fall 2008
Nick Petroni**	Property-based Integrity Monitoring of Operating System Kernels
	Research scientist, IDA/CCS since Spring 2008
Nataliya Guts (postdoc)
Stephen Magill (postdoc)	Research scientist, IDA/CCS since August 2011
Manuel Oriol (postdoc)	Principal Scientist at ABB Switzerland Ltd. since Fall 2011
	Senior Lecturer, University of York (UK), since Fall 2008

* co-advised with Jeff Foster

** co-advised with Bill Arbaugh

I have also worked with Mike Furr, David An, and Elnatan Reisner (advised by Jeff Foster), Adam Bender (advised by Bobby Bhattacharjee), Jaime Spacco (advised by Bill Pugh), and Suriya Subramanian (advised by Kathryn McKinley at UT Austin). I have previously advised Jonathan Turpie (now at Amazon), Brian Corcoran (now at Palantir), Eric Hardisty, and James Rose. I've also worked with post-grad Patrick Jenkins, undergrad Jeff Meister, and high school students, Ted Smith (Walt Whitman High), and Matt McCutchen and Cody Burton (both at Montgomery Blair). Both Ted and Matt are/were undergraduate students in our Department.

Teaching

• CMSC 498L (Cybersecurity Lab), Fall 2012
• CMSC 498B (Secure Maryland - pen testing), Spring 2012
• CMSC 838G (Software Security) Spring 2011
• CMSC 433 (Programming Language Technologies and Paradigms) Fall 2010, Spring 2006, Fall 2003, Fall 2002
• CMSC 330 (Organization of Programming Languages) Spring 2013, Spring 2010
• CMSC 631 (Program Analysis and Understanding) Fall 2011, Fall 2009, Fall 2007 and Fall 2006
• CMSC 412 (Operating Systems) Spring 2007, Fall 2005, Fall 2004
• CMSC 838Z (Language-Based Security) Spring 2005
• CMSC 838Z (Tools and Techniques for Software Dependability) Spring 2004
• CMSC 838Y (Agile and Adaptive Programming Systems) Spring 2003

Professional Activities

I have served (or am serving) on the program committees for

2013	POPL (ERC), PLDI
2012	POPL (program chair), HotSWUp
2011	TLDI, HotSWUp (co-organizer), OOPSLA
2010	ESOP, PLDI (ERC and tutorials chair), ICFP (PC and local arrangements), PASTE
2009	POPL, IEEE S&P, PLDI SRC
2008	CCS, CATARS, COORDINATION, ISMM (ERC)
2007	PLAS (general and program chair), OOPSLA, COORDINATION, PLDI
2006	FTfJP, PLAS, SPACE, OOPS (part of SAC 2006)
2005	SCOOL, VEE
2004	IWAN, ICPP, FUSE
2003	IWAN, USE
2002	IWAN, USE
2001	IWAN