Michael Hicks' Publications

Also see publications by year.

Dynamic Software Updating

Software updates typically require stopping and restarting an application, but many systems cannot afford to halt service, or would prefer not to. Nonstop systems often employ special-purpose architectures or redundant hardware to facilitate on-line upgrades, but these techniques are not always appropriate. For example, we would like to support on-line upgrades for personal computer operating systems: users could then apply security patches and feature upgrades without having to shut down applications and restart their systems. To support such systems, I have been exploring techniques for Dynamic Software Updating (DSU), in which an application can be dynamically patched while it runs. This approach is appealing because it is general-purpose: any application can made dynamically updatable without requiring special support. The challenge is in making DSU practical: it should be flexible, and yet safe, efficient, and easy to use. I have been exploring semantic foundations, analyses, and implementation techniques toward meeting this challenge.

[1] Rubah: DSU for Java on a stock JVM. Luis Pina, Luis Veiga, and Michael Hicks. In Proceedings of the ACM Conference on Object-Oriented Programming Languages, Systems, and Applications (OOPSLA), October 2014. Conditionally accepted.
[2] Efficient, General-purpose Dynamic Software Updating for C. Christopher M. Hayden, Karla Saur, Edward K. Smith, Michael Hicks, and Jeffrey S. Foster. ACM Transactions on Programming Languages and Systems (TOPLAS), February 2014. To appear.
[3] Rubah: Efficient, General-purpose Dynamic Software Updating for Java. Luis Pina and Michael Hicks. In Proceedings of the Workshop on Hot Topics in Software Upgrades (HotSWUp), June 2013.
[4] Evaluating Dynamic Software Update Safety Using Efficient Systematic Testing. Christopher M. Hayden, Edward K. Smith, Eric A. Hardisty, Michael Hicks, and Jeffrey S. Foster. IEEE Transactions on Software Engineering, 38(6):1340-1354, December 2012. Accepted September 2011.
[5] Kitsune: Efficient, General-purpose Dynamic Software Updating for C. Christopher M. Hayden, Edward K. Smith, Michail Denchev, Michael Hicks, and Jeffrey S. Foster. In Proceedings of the ACM Conference on Object-Oriented Programming Languages, Systems, and Applications (OOPSLA), October 2012.
[6] Automating Object Transformations for Dynamic Software Updating. Stephen Magill, Michael Hicks, Suriya Subramanian, and Kathryn S. McKinley. In Proceedings of the ACM Conference on Object-Oriented Programming Languages, Systems, and Applications (OOPSLA), October 2012.
[7] A Study of Dynamic Software Update Quiescence for Multithreaded Programs. Christopher M. Hayden, Karla Saur, Michael Hicks, and Jeffrey S. Foster. In Proceedings of the Workshop on Hot Topics in Software Upgrades (HotSWUp), pages 6-10, June 2012.
[8] Towards Standardized Benchmarks for Dynamic Software Updating Systems. Edward K. Smith, Michael Hicks, and Jeffrey S. Foster. In Proceedings of the Workshop on Hot Topics in Software Upgrades (HotSWUp), pages 11-15, June 2012.
[9] Specifying and Verifying the Correctness of Dynamic Software Updates. Christopher M. Hayden, Stephen Magill, Michael Hicks, Nate Foster, and Jeffrey S. Foster. In Proceedings of the International Conference on Verified Software: Theories, Tools, and Experiments (VSTTE), pages 278-293, January 2012.
[10] State Transfer for Clear and Efficient Runtime Upgrades. Christopher M. Hayden, Edward K. Smith, Michael Hicks, and Jeffrey S. Foster. In Proceedings of the Workshop on Hot Topics in Software Upgrades (HotSWUp), pages 179-184, April 2011.
[11] Efficient Systematic Testing for Dynamically Updatable Software. Christopher M. Hayden, Eric A. Hardisty, Michael Hicks, and Jeffrey S. Foster. In Proceedings of the Workshop on Hot Topics in Software Upgrades (HotSWUp), October 2009. Invited article.
[12] Safe and Timely Dynamic Updates for Multi-threaded Programs. Iulian Neamtiu and Michael Hicks. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI), pages 13-24, June 2009.
[13] Dynamic Software Updates: A VM-Centric Approach. Suriya Subramanian, Michael Hicks, and Kathryn S. McKinley. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI), pages 1-12, June 2009.
[14] Dynamic Rebinding for Marshalling and Update, via Redex-time and Destruct-time Reduction. Peter Sewell, Gareth Stoyle, Michael Hicks, Gavin Bierman, and Keith Wansbrough. Journal of Functional Programming (JFP), 18(4):437-502, July 2008. Appeared on-line October, 2007. Supercedes ICFP 2003 and USE 2003 papers.
[15] Contextual Effects for Version-Consistent Dynamic Software Updating and Safe Concurrent Programming. Iulian Neamtiu, Michael Hicks, Jeffrey S. Foster, and Polyvios Pratikakis. In Proceedings of the ACM Conference on Principles of Programming Languages (POPL), pages 37-50, January 2008.
[16] Mutatis Mutandis: Safe and Flexible Dynamic Software Updating (full version). Gareth Stoyle, Michael Hicks, Gavin Bierman, Peter Sewell, and Iulian Neamtiu. ACM Transactions on Programming Languages and Systems (TOPLAS), 29(4), August 2007. Full version of POPL 05 paper.
[17] Practical Dynamic Software Updating for C. Iulian Neamtiu, Michael Hicks, Gareth Stoyle, and Manuel Oriol. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI), pages 72-83, June 2006.
[18] Dynamic Software Updating. Michael Hicks and Scott M. Nettles. ACM Transactions on Programming Languages and Systems (TOPLAS), 27(6):1049-1096, November 2005.
[19] Toward On-line Schema Evolution for Non-stop Systems. Amol Deshpande and Michael Hicks. Presented at the 11th High Performance Transaction Systems Workshop, September 2005.
[20] Understanding Source Code Evolution Using Abstract Syntax Tree Matching. Iulian Neamtiu, Jeffrey S. Foster, and Michael Hicks. In Proceedings of the International Workshop on Mining Software Repositories (MSR), pages 1-5, May 2005.
[21] Mutatis Mutandis: Safe and Flexible Dynamic Software Updating. Gareth Stoyle, Michael Hicks, Gavin Bierman, Peter Sewell, and Iulian Neamtiu. In Proceedings of the ACM Conference on Principles of Programming Languages (POPL), pages 183-194, January 2005.
[22] Formalizing Dynamic Software Updating. Gavin Bierman, Michael Hicks, Peter Sewell, and Gareth Stoyle. In On-line Proceedings of the Second International Workshop on Unanticipated Software Evolution (USE), April 2003. http://www.informatik.uni-bonn.de/~gk/use/2003/Papers/papers.html.
[23] Dynamic Software Updating. Michael Hicks. PhD thesis, Department of Computer and Information Science, University of Pennsylvania, August 2001. Winner of the 2002 ACM SIGPLAN Doctoral Dissertation award.
[24] Dynamic Software Updating. Michael Hicks, Jonathan T. Moore, and Scott Nettles. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI), pages 13-23. ACM, June 2001.
[25] Safe and Flexible Dynamic Linking of Native Code. Michael Hicks, Stephanie Weirich, and Karl Crary. In Robert Harper, editor, Proceedings of the ACM SIGPLAN Workshop on Types in Compilation (TIC), volume 2071 of Lecture Notes in Computer Science. Springer-Verlag, September 2000.

Technical Reports

[1] Specifying and Verifying the Correctness of Dynamic Software Updates. Christopher M. Hayden, Stephen Magill, Michael Hicks, Nate Foster, and Jeffrey S. Foster. Technical Report CS-TR-4997, University of Maryland Department of Computer Science, November 2011. Extended version of VSTTE'12 paper with proofs of theorems and additional discussion.
[2] Evaluating Dynamic Software Update Safety Using Efficient Systematic Testing. Christopher M. Hayden, Edward K. Smith, Eric A. Hardisty, Michael Hicks, and Jeffrey S. Foster. Technical Report CS-TR-4993, University of Maryland, Department of Computer Science, September 2011.
[3] A Testing Based Empirical Study of Dynamic Software Update Safety Restrictions. Christopher M. Hayden, Eric A. Hardisty, Michael Hicks, and Jeffrey S. Foster. Technical Report CS-TR-4949, University of Maryland, Department of Computer Science, November 2009.
[4] Contextual Effects for Version-Consistent Dynamic Software Updating and Safe Concurrent Programming (extended version). Iulian Neamtiu, Michael Hicks, Jeffrey S. Foster, and Polyvios Pratikakis. Technical Report CS-TR-4875, University of Maryland, Department of Computer Science, July 2007.
[5] Practical Dynamic Software Updating for C (Extended version). Iulian Neamtiu, Michael Hicks, Gareth Stoyle, and Manuel Oriol. Technical Report CS-TR-4790, Department of Computer Science, University of Maryland, March 2006. Extended version of PLDI 06 paper.
[6] A Calculus for Dynamic Loading. Michael Hicks and Stephanie Weirich. Technical Report MS-CIS-00-07, University of Pennsylvania, April 2000.

Security

The widespread sharing of information over the Internet has led to an explosive growth of useful services. The challenge is to provide information sharing while still ensuring integrity and confidentiality of data. I have looked at programming language-based techniques -- new analyses and programming languages -- for ensuring these properties.

[1] Adversary Gain vs. Defender Loss in Quantified Information Flow. Piotr Mardziel, Mário S. Alvim, and Michael Hicks. In (Unofficial) Proceedings of the International Workshop on Foundations of Computer Security (FCS), July 2014. Preprint. To appear.
[2] Automating Efficient RAM-Model Secure Computation. Chang Liu, Yan Huang, Elaine Shi, Jonathan Katz, and Michael Hicks. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland), May 2014.
[3] Quantifying Information Flow for Dynamic Secrets. Piotr Mardziel, Mario Alvim, Michael Hicks, and Michael Clarkson. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland), May 2014.
[4] Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations. Aseem Rastogi, Matthew A. Hammer, and Michael Hicks. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland), May 2014.
[5] Authenticated Data Structures, Generically. Andrew Miller, Michael Hicks, Jonathan Katz, and Elaine Shi. In Proceedings of the ACM Conference on Principles of Programming Languages (POPL), January 2014.
[6] Dynamic Enforcement of Knowledge-based Security Policies using Probabilistic Abstract Interpretation. Piotr Mardziel, Stephen Magill, Michael Hicks, and Mudhakar Srivatsa. Journal of Computer Security, 21:463-532, October 2013.
[7] Knowledge inference for optimizing and enforcing secure computations. Piotr Mardziel, Michael Hicks, Jonathan Katz, Matthew Hammer, Aseem Rastogi, and Mudhakar Srivatsa. In Proceedings of the Annual Meeting of the US/UK International Technology Alliance, September 2013. This short paper consists of coherent excerpts from several prior papers.
[8] Memory Trace Oblivious Program Execution. Chang Liu, Michael Hicks, and Elaine Shi. In Proceedings of the Computer Security Foundations Symposium (CSF), June 2013.
[9] Knowledge Inference for Optimizing Secure Multi-party Computation. Aseem Rastogi, Piotr Mardziel, Matthew Hammer, and Michael Hicks. In Proceedings of the ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), June 2013.
[10] Deanonymizing Mobility Traces: Using a Social Network as a Side-Channel. Mudhakar Srivatsa and Michael Hicks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), October 2012.
[11] Knowledge-Oriented Secure Multiparty Computation. Piotr Mardziel, Michael Hicks, Jonathan Katz, and Mudhakar Srivatsa. In Proceedings of the ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), June 2012.
[12] Dynamic Enforcement of Knowledge-based Security Policies. Piotr Mardziel, Stephen Magill, Michael Hicks, and Mudhakar Srivatsa. In Proceedings of the Computer Security Foundations Symposium (CSF), pages 114-128, June 2011.
[13] Secure sharing in distributed information management applications: problems and directions. Piotr Mardziel, Adam Bender, Michael Hicks, Dave Levin, Mudhakar Srivatsa, and Jonathan Katz. In Proceedings of the Annual Conference of the International Technology Alliance (ACITA), September 2010.
[14] Cross-tier, Label-based Security Enforcement for Web Applications. Brian J. Corcoran, Nikhil Swamy, and Michael Hicks. In Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD), pages 269-282, June 2009.
[15] Implicit Flows: Can't live with 'em, can't live without 'em. Dave King, Boniface Hicks, Michael Hicks, and Trent Jaeger. In R. Sekar and Arun K. Pujari, editors, Proceedings of the International Conference on Information Systems Security (ICISS), volume 5352 of Lecture Notes in Computer Science, pages 56-70. Springer, December 2008.
[16] Verified Enforcement of Stateful Information Release Policies. Nikhil Swamy and Michael Hicks. In Proceedings of the ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), pages 21-32, June 2008.
[17] Fable: A Language for Enforcing User-defined Security Policies. Nikhil Swamy, Brian Corcoran, and Michael Hicks. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland), pages 369-383, May 2008.
[18] Combining Provenance and Security Policies in a Web-based Document Management System. Brian Corcoran, Nikhil Swamy, and Michael Hicks. In On-line Proceedings of the Workshop on Principles of Provenance (PrOPr), November 2007. http://homepages.inf.ed.ac.uk/jcheney/propr/.
[19] Verified Enforcement of Security Policies for Cross-Domain Information Flows. Nikhil Swamy, Michael Hicks, and Simon Tsang. In Proceedings of the 2007 Military Communications Conference (MILCOM), October 2007.
[20] Automated Detection of Persistent Kernel Control-Flow Attacks. Nick L. Petroni, Jr. and Michael Hicks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), pages 103-115, October 2007.
[21] Defeating Scripting Attacks with Browser-Enforced Embedded Policies. Trevor Jim, Nikhil Swamy, and Michael Hicks. In Proceedings of the International World Wide Web Conference (WWW), pages 601-610, May 2007.
[22] Managing Policy Updates in Security-Typed Languages. Nikhil Swamy, Michael Hicks, Stephen Tse, and Steve Zdancewic. In Proceedings of the Computer Security Foundations Workshop (CSFW), pages 202-216, July 2006.
[23] Trusted Declassification: high-level policy for a security-typed language. Boniface Hicks, Dave King, Patrick McDaniel, and Michael Hicks. In Proceedings of the ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS), pages 65-74, June 2006.
[24] Dynamic Updating of Information-Flow Policies. Michael Hicks, Stephen Tse, Boniface Hicks, and Steve Zdancewic. In Proceedings of the International Workshop on Foundations of Computer Security (FCS), pages 7-18, June 2005.
[25] A Secure PLAN. Michael Hicks, Angelos D. Keromytis, and Jonathan M. Smith. IEEE Transactions on Systems, Man, and Cybernetics, Part C, 33(3):413-426, August 2003. Special Issue on Technologies Promoting Computational Intelligence, Openness and Programmability in Networks and Internet Services, Part I.

Technical Reports

[1] Quantifying Information Flow for Dynamic Secrets (extended version). Piotr Mardziel, Mario Alvim, Michael Hicks, and Michael Clarkson. Technical Report CS-TR-5035, Department of Computer Science, the University of Maryland, College Park, May 2014.
[2] Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations (extended version). Aseem Rastogi, Matthew A. Hammer, and Michael Hicks. Technical Report CS-TR-5034, Department of Computer Science, the University of Maryland, College Park, May 2014.
[3] Dynamic Enforcement of Knowledge-based Security Policies. Piotr Mardziel, Stephen Magill, Michael Hicks, and Mudhakar Srivatsa. Technical Report CS-TR-4978, University of Maryland Department of Computer Science, July 2011. Extended version with proofs and additional benchmarks.
[4] Verified Enforcement of Automaton-based Information Release Policies. Nikhil Swamy and Michael Hicks. Technical Report CS-TR-4906, University of Maryland, Department of Computer Science, 2008. Full version of PLAS 08 paper.
[5] Fable: A Language for Enforcing User-defined Security Policies. Nikhil Swamy, Brian J. Corcoran, and Michael Hicks. Technical Report CS-TR-4895, University of Maryland, Department of Computer Science, November 2007. Full version of Oakland 08 paper.
[6] Automated Detection of Persistent Kernel Control-Flow Attacks. Nick L. Petroni, Jr. and Michael Hicks. Technical Report CS-TR-4880, Department of Computer Science, University of Maryland, October 2007. Extends the CCS 2007 paper with more thorough performance results.
[7] Toward Specifying and Validating Cross-Domain Policies. Michael Hicks, Nikhil Swamy, and Simon Tsang. Technical Report CS-TR-4870, Department of Computer Science, University of Maryland, April 2007.
[8] Managing Policy Updates in Security-Typed Languages (Extended version). Nikhil Swamy, Michael Hicks, Stephen Tse, and Steve Zdancewic. Technical Report CS-TR-4793, Department of Computer Science, University of Maryland, August 2006. Extends CSFW version to include full proofs and additional discussion about metapolicies.
[9] Trusted Declassification: high-level policy for a security-typed language (Extended version). Boniface Hicks, Dave King, Patrick McDaniel, and Michael Hicks. Technical Report NAS-TR-033-2006, Department of Computer Science and Engineering, the Pennsylvania State University, June 2006. Extended version of the PLAS 2006 paper with full formal development.
[10] PLAN System Security. Michael Hicks. Technical Report MS-CIS-98-25, Department of Computer and Information Science, University of Pennsylvania, April 1998.

Safe Low-level Programming

Systems programs, such as operating systems, servers, network routers, and database systems are often written in low-level languages like C. Unfortunately, such systems are often plagued by pernicious, low-level bugs which can lead to incorrect behavior, crashes, and/or security compromises. I have spent several years exploring how to improve the reliability and security of low-level systems through the use of programming languages and analyses.

[1] Modular Information Hiding and Type Safe Linking for C. Saurabh Srivastava, Michael Hicks, Jeffrey S. Foster, and Patrick Jenkins. IEEE Transactions on Software Engineering, 34(3):1-20, May 2008. Full version of TLDI 07 paper.
[2] Modular Information Hiding and Type Safety for C. Saurabh Srivastava, Michael Hicks, and Jeffrey S. Foster. In Proceedings of the ACM Workshop on Types in Language Design and Implementation (TLDI), pages 3-14, January 2007.
[3] Cyclone: a Type-safe Dialect of C. Dan Grossman, Michael Hicks, Trevor Jim, and Greg Morrisett. C/C++ Users Journal, 23(1), January 2005.
[4] Cyclone: A Safe Dialect of C. Trevor Jim, Greg Morrisett, Dan Grossman, Michael Hicks, James Cheney, and Yanling Wang. In Proceedings of the USENIX Annual Technical Conference, pages 275-288. USENIX, June 2002.

Technical Reports

[1] Appendix to CMod: Modular Information Hiding and Type-Safe Linking for C. Saurabh Srivastava, Michael Hicks, and Jeffrey S. Foster. Technical Report CS-TR-4874, Department of Computer Science, University of Maryland, June 2007.
[2] Defining and Enforcing C's Module System. Saurabh Srivastava, Michael Hicks, Jeffrey S. Foster, and Bhargav Kanagal. Technical Report CS-4816, Department of Computer Science, University of Maryland, July 2006.

Multithreaded Programming

Multithreaded programming is becoming increasingly important as parallel machines become more widespread, and yet, writing multi-threaded software can be quite difficult. The programmer must reason about the myriad of possible thread interactions through shared resources. I have been exploring means to use static and dynamic analysis to simplify the process of multithreaded programming, and to identify important low-level bugs, particularly data races and violations of atomicity.

[1] Locksmith: Practical Static Race Detection for C. Polyvios Pratikakis, Jeffrey S. Foster, and Michael Hicks. ACM Transactions on Programming Languages and Systems (TOPLAS), 33(1):Article 3, January 2011.
[2] Dynamically Checking Ownership Policies in Concurrent C/C++ Programs. Jean-Philippe Martin, Michael Hicks, Manuel Costa, Periklis Akritidis, and Miguel Castro. In Proceedings of the ACM Conference on Principles of Programming Languages (POPL), pages 457-470, January 2010. Full version.
[3] Inferring Locking for Atomic Sections. Michael Hicks, Jeffrey S. Foster, and Polyvios Pratikakis. In On-line Proceedings of the ACM SIGPLAN Workshop on Languages, Compilers, and Hardware Support for Transactional Computing (TRANSACT), June 2006. http://www.cs.purdue.edu/homes/jv/events/TRANSACT/transact-06.tgz.
[4] Context-sensitive Correlation Analysis for Detecting Races. Polyvios Pratikakis, Jeffrey S. Foster, and Michael Hicks. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI), pages 320-331, June 2006.
[5] Dynamic Inference of Polymorphic Lock Types. James Rose, Nikhil Swamy, and Michael Hicks. Science of Computer Programming (SCP), 58(3):366-383, December 2005. Special Issue on Concurrency and Synchronization in Java programs. Supercedes 2004 CSJP paper of the same name.
[6] Transparent Proxies for Java Futures. Polyvios Pratikakis, Jaime Spacco, and Michael Hicks. In Proceedings of the ACM Conference on Object-Oriented Programming Languages, Systems, and Applications (OOPSLA), pages 206-223, October 2004.
[7] Dynamic Inference of Polymorphic Lock Types. James Rose, Nikhil Swamy, and Michael Hicks. In Proceedings of the ACM Conference on Principles of Distributed Computing (PODC) Workshop on Concurrency and Synchronization in Java Programs (CSJP), pages 18-25, July 2004.

Technical Reports

[1] Context-sensitive Correlation Analysis for Detecting Races (Extended version). Polyvios Pratikakis, Jeffrey S. Foster, and Michael Hicks. Technical Report CS-TR-4789, Department of Computer Science, University of Maryland, June 2006. Extends PLDI 2006 paper with full formal development.
[2] Transparent Proxies for Java Futures (Extended version). Polyvios Pratikakis, Jaime Spacco, and Michael Hicks. Technical Report CS-TR-4574, University of Maryland, Department of Computer Science, October 2004.

User Interfaces

[1] Triaging Checklists: a Substitute for a PhD in Static Analysis. Yit Phang Khoo, Jeffrey S. Foster, Michael Hicks, and Vibha Sazawal. In Proceedings of the Workshop on the Evaluation and Usability of Programming Languages and Tools (PLATEAU), October 2009.
[2] Directing JavaScript with Arrows. Yit Phang Khoo, Michael Hicks, Jeffrey S. Foster, and Vibha Sazawal. In Proceedings of the ACM SIGPLAN Dynamic Languages Symposium (DLS), pages 49-58, October 2009.
[3] Path Projection for User-Centered Static Analysis Tools. Yit Phang Khoo, Jeffrey S. Foster, Michael Hicks, and Vibha Sazawal. In Proceedings of the ACM Workshop on Program Analysis for Software Tools and Engineering (PASTE), pages 57-63, November 2008.
[4] Directing JavaScript with Arrows (poster summary). Yit Phang Khoo, Michael Hicks, Jeffrey S. Foster, and Vibha Sazawal. In Poster Proceedings of the ACM International Conference on Functional Programming (ICFP), September 2008.

Technical Reports

[1] Directing JavaScript with Arrows (Functional Pearl). Yit Phang Khoo, Michael Hicks, Jeffrey S. Foster, and Vibha Sazawal. Technical Report CS-TR-4923, University of Maryland, Department of Computer Science, August 2008. Extended version of ICFP 2008 poster.
[2] Path Projection for User-Centered Static Analysis Tools (long version). Yit Phang Khoo, Jeffrey S. Foster, Michael Hicks, and Vibha Sazawal. Technical Report CS-TR-4919, University of Maryland, Department of Computer Science, August 2008.

Static Analysis

Static analysis is a key component to much of the work I have done toward improving the availablity, reliability, and security of software.

[1] Polymonadic Programming. Michael Hicks, Gavin Bierman, Nataliya Guts, Daan Leijen, and Nikhil Swamy. In Proceedings of the Fifth Workshop on Mathematically Structured Functional Programming (MSFP), April 2014.
[2] A demo of Coco: a compiler for monadic coercions in ML. Nataliya Guts, Michael Hicks, Nikhil Swamy, and Daan Leijen. In Informal proceedings of the ML Workshop, September 2011.
[3] Directed Symbolic Execution. Kin-Keung Ma, Yit Phang Khoo, Jeffrey S. Foster, and Michael Hicks. In Eran Yahav, editor, Proceedings of the Static Analysis Symposium (SAS), volume 6887 of Lecture Notes in Computer Science, pages 95-111. Springer, September 2011.
[4] Lightweight Monadic Programming in ML. Nikhil Swamy, Nataliya Guts, Daan Leijen, and Michael Hicks. In Proceedings of the ACM International Conference on Functional Programming (ICFP), pages 15-27, September 2011.
[5] Position Paper: Dynamically Inferred Types for Dynamic Languages. Jong hoon (David) An, Avik Chaudhuri, Jeffrey S. Foster, and Michael Hicks. In Proceedings of the Workshop on Scripts to Programs (STOP), January 2011.
[6] Dynamic Inference of Static Types for Ruby. Jong hoon (David) An, Avik Chaudhuri, Jeffrey S. Foster, and Michael Hicks. In Proceedings of the ACM Conference on Principles of Programming Languages (POPL), pages 459-472, January 2011.
[7] Serializing C intermediate representations for efficient and portable parsing. Jeffrey A. Meister, Jeffrey S. Foster, and Michael Hicks. Software, Practice, and Experience, 40(3):225-238, February 2010.
[8] The Ruby Intermediate Language. Michael Furr, Jong hoon (David) An, Jeffrey S. Foster, and Michael Hicks. In Proceedings of the ACM SIGPLAN Dynamic Languages Symposium (DLS), pages 89-98, October 2009.
[9] A Theory of Typed Coercions and its Applications. Nikhil Swamy, Michael Hicks, and Gavin S. Bierman. In Proceedings of the ACM International Conference on Functional Programming (ICFP), pages 329-340, August 2009.
[10] Tests to the Left of Me, Types to the Right: How Not to Get Stuck in the Middle of a Ruby Execution (A Demo of Diamondback Ruby). Michael Furr, Jong hoon (David) An, Jeffrey S. Foster, and Michael Hicks. In Proceedings of the Workshop on Scripts to Programs (STOP), July 2009.
[11] Static Type Inference for Ruby. Michael Furr, Jong hoon (David) An, Jeffrey S. Foster, and Michael Hicks. In Proceedings of the ACM Symposium on Applied Computing, Object-oriented Programming Languages and Systems Track (OOPS), pages 1859-1866, March 2009.
[12] Formalizing Soundness of Contextual Effects. Polyvios Pratikakis, Jeffrey S. Foster, Michael Hicks, and Iulian Neamtiu. In Otmane Aït Mohamed, César Munoz, and Sofiène Tahar, editors, Proceedings of the International Conference on Theorem Proving in Higher Order Logics (TPHOLs), volume 5170 of Lecture Notes in Computer Science, pages 262-277. Springer, August 2008.
[13] Improving Software Quality with Static Analysis. Jeffrey S. Foster, Michael W. Hicks, and William Pugh. In Proceedings of the ACM Workshop on Program Analysis for Software Tools and Engineering (PASTE), pages 83-84, June 2007.
[14] Existential Label Flow Inference via CFL Reachability. Polyvios Pratikakis, Jeffrey S. Foster, and Michael Hicks. In Kwangkeun Yi, editor, Proceedings of the Static Analysis Symposium (SAS), volume 4134 of Lecture Notes in Computer Science, pages 88-106. Springer-Verlag, August 2006.

Technical Reports

[1] MultiOtter: Multiprocess Symbolic Execution. Jonathan Turpie, Elnatan Reisner, Jeffrey S. Foster, and Michael Hicks. Technical Report CS-TR-4982, University of Maryland Department of Computer Science, August 2011.
[2] Lightweight Monadic Programming in ML. Nikhil Swamy, Nataliya Guts, Daan Leijen, and Michael Hicks. Technical Report MSR-TR-2011-039, Microsoft Research, May 2011.
[3] Directed Symbolic Execution. Kin-Keung Ma, Yit Phang Khoo, Jeffrey S. Foster, and Michael Hicks. Technical Report CS-TR-4979, University of Maryland Department of Computer Science, April 2011. Extended version contains refinements and further experimental analysis.
[4] Dynamic Inference of Static Types for Ruby. Jong hoon (David) An, Avik Chaudhuri, Jeffrey S. Foster, and Michael Hicks. Technical Report CS-TR-4965, University of Maryland Department of Computer Science, July 2010. Extended version contains proofs of theorems.
[5] Existential Label Flow Inference via CFL Reachability (Extended Version). Polyvios Pratikakis, Michael Hicks, and Jeffrey S. Foster. Technical Report CS-TR-4700, Department of Computer Science, University of Maryland, July 2005.

Memory Management

Dynamic memory management is an important aspect of most computer systems software. One popular form of memory management is garbage collection, which ensures the absence of dangling pointers by managing memory automatically. I have explored techniques for improving the performance of garbage collection, and techniques toward ensuring that, when manual memory management is necessary for performance reasons, that it is used safely.

[1] Safe Manual Memory Management in Cyclone. Nikhil Swamy, Michael Hicks, Greg Morrisett, Dan Grossman, and Trevor Jim. Science of Computer Programming (SCP), 62(2):122-144, October 2006. Special issue on memory management. Expands ISMM conference paper of the same name.
[2] Experience with Safe Manual Memory Management in Cyclone. Michael Hicks, Greg Morrisett, Dan Grossman, and Trevor Jim. In Proceedings of the ACM International Symposium on Memory Management (ISMM), pages 73-84, October 2004. An abstract of this paper appeared in SPACE `04, http://www.diku.dk/topps/space2004/space_final/hicks-grossman-jim.pdf.
[3] Region-based Memory Management in Cyclone. Dan Grossman, Greg Morrisett, Trevor Jim, Michael Hicks, Yanling Wang, and James Cheney. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI), pages 282-293. ACM, June 2002.
[4] A Study of Large Object Spaces. Michael Hicks, Luke Hornof, Jonathan T. Moore, and Scott Nettles. In Proceedings of the ACM International Symposium on Memory Management (ISMM), pages 138-145. ACM, October 1998.
[5] The Measured Cost of Copying Garbage Collection Mechanisms. Michael W. Hicks, Jonathan T. Moore, and Scott M. Nettles. In Proceedings of the ACM SIGPLAN Conference on Functional Programming (ICFP), pages 292-305. ACM, June 1997.

Technical Reports

[1] Safe and Flexible Memory Management in Cyclone. Michael Hicks, Greg Morrisett, Dan Grossman, and Trevor Jim. Technical Report CS-TR-4514, University of Maryland Department of Computer Science, July 2003.
[2] Formal Type Soundness for Cyclone's Region System. Dan Grossman, Greg Morrisett, Trevor Jim, Michael Hicks, Yanling Wang, and James Cheney. Technical Report CS 2001-1856, Cornell University, November 2001.

Distributed Programming

Networked computing resources are ubiquitous, and yet most programming models target sequential, non-distributed computation. I have explored language support that can improve the reliability, security, and performance of distributed programming while easing the programming burden.

[1] Tagged Sets: a Secure and Transparent Coordination Medium. Manuel Oriol and Michael Hicks. In Jean-Marie Jacquet and Gian Pietro Picco, editors, Proceedings of the International Conference on Coordination Models and Languages (COORDINATION), volume 3454 of Lecture Notes in Computer Science, pages 252-267. Springer-Verlag, April 2005.
[2] Dynamic Rebinding for Marshalling and Update with Destruct-time lambda. Gavin Bierman, Michael Hicks, Peter Sewell, Gareth Stoyle, and Keith Wansbrough. In Proceedings of the ACM International Conference on Functional Programming (ICFP), pages 99-110, August 2003.
[3] Transparent Communication for Distributed Objects in Java. Michael Hicks, Suresh Jagannathan, Richard Kelsey, Jonathan T. Moore, and Cristian Ungureanu. In Proceedings of the ACM SIGPLAN Java Grande Conference, pages 160-170. ACM, June 1999.

Programmable Networks

The explosive growth of the Internet has placed new and increased demands on the network infrastructure. Applications now have varied service requirements such as high bandwidth, low delay, low jitter, etc. The one-size-fits-all, single-service model of IP, which has certainly contributed to its success, often no longer fits user or application needs. To meet these new demands, I spent several years researching active (a.k.a. programmable) networks, which can evolve to encompass new service models and protocols. Many ideas from active networks are finding deployment in things such as middleware boxes, overlay and peer to peer networks, multi-path routing, and more.

[1] Passive Aggressive Measurement with MGRP. Pavlos Papageorge, Justin McCann, and Michael Hicks. In Proceedings of the ACM SIGCOMM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM), pages 279-290, August 2009.
[2] PLAN: A Packet Language for Active Networks (Extended version). Michael W. Hicks, Pankaj Kakkar, Jonathan T. Moore, Carl A. Gunter, and Scott M. Nettles. Unpublished manuscript. Consolidates ICFP 98, IPL 98, Allterton 99 papers, May 2006.
[3] Merging Network Measurement with Data Transport (Extended Abstract). Pavlos Papageorgiou and Michael Hicks. In Proceedings of the IEEE Passive/Active Measurement Workshop (PAM), volume 3431, pages 368-371. Springer-Verlag, March 2005.
[4] User-Specified Adaptive Scheduling in a Streaming Media Network. Michael Hicks, Adithya Nagarajan, and Robbert van Renesse. In Proceedings of the IEEE Conference on Open Architectures (OPENARCH), pages 87-96, April 2003.
[5] Evolution in Action: Using Active Networking to Evolve Network Support for Mobility. Seo-Kyu Song, Stephen Shannon, Michael Hicks, and Scott Nettles. In James Sterbenz, Osamu Takada, Christian Tschudin, and Bernhard Plattner, editors, Proceedings of the Fourth International Working Conference on Active Networks (IWAN), volume 2546 of Lecture Notes in Computer Science, pages 146-161. Springer-Verlag, December 2002.
[6] Experiences with Capsule-based Active Networking. Michael Hicks, Jonathan T. Moore, David Wetherall, and Scott Nettles. In Proceedings of the DARPA Active Networks Conference and Exposition (DANCE), pages 16-24. IEEE, May 2002.
[7] Compiling PLAN to SNAP. Michael Hicks, Jonathan T. Moore, and Scott Nettles. In Ian W. Marshall, Scott Nettles, and Naoki Wakamiya, editors, Proceedings of the Third International Working Conference on Active Networks (IWAN), volume 2207 of Lecture Notes in Computer Science, pages 134-151. Springer-Verlag, October 2001.
[8] Practical Programmable Packets. Jonathan T. Moore, Michael Hicks, and Scott Nettles. In Proceedings of the Twentieth IEEE Computer and Communication Society INFOCOM Conference, pages 41-50. IEEE, April 2001.
[9] Active Networking means Evolution (or Enhanced Extensibility Required). Michael Hicks and Scott Nettles. In Hiroshi Yashuda, editor, Proceedings of the Second International Working Conference on Active Networks (IWAN), volume 1942 of Lecture Notes in Computer Science, pages 16-32. Springer-Verlag, October 2000.
[10] Scalable Resource Control in Active Networks. Kostas G. Anagnostakis, Michael W. Hicks, Sotiris Ioannidis, Angelos D. Keromytis, and Jonathan M. Smith. In Hiroshi Yashuda, editor, Proceedings of the Second International Working Conference on Active Networks (IWAN), volume 1942 of Lecture Notes in Computer Science, pages 343-358. Springer-Verlag, October 2000.
[11] Specifying the PLAN Network Programming Language. Pankaj Kakkar, Michael Hicks, Jonathan T. Moore, and Carl A. Gunter. In Higher Order Operational Techniques in Semantics (HOOTS), volume 26 of Electronic Notes in Theoretical Computer Science, pages 87-104. Elsevier, September 1999.
[12] Chunks in PLAN: Language Support for Programs as Packets. Jonathan T. Moore, Michael Hicks, and Scott M. Nettles. In Proceedings of the 37th Annual Allerton Conference on Communication, Control, and Computing, September 1999.
[13] A Secure PLAN. Michael Hicks and Angelos D. Keromytis. In Stefan Covaci, editor, Proceedings of the First International Working Conference on Active Networks (IWAN), volume 1653 of Lecture Notes in Computer Science, pages 307-314. Springer-Verlag, June 1999. Reprinted with extensions in DARPA Active Networks Conference and Exposition (DANCE) and IEEE Transactions on Systems, Man, and Cybernetics, Part C.
[14] PLANet: An Active Internetwork. Michael Hicks, Jonathan T. Moore, D. Scott Alexander, Carl A. Gunter, and Scott Nettles. In Proceedings of the Eighteenth IEEE Computer and Communication Society INFOCOM Conference, pages 1124-1133. IEEE, March 1999.
[15] PLAN: A Packet Language for Active Networks. Michael Hicks, Pankaj Kakkar, Jonathan T. Moore, Carl A. Gunter, and Scott Nettles. In Proceedings of the Third ACM SIGPLAN International Conference on Functional Programming Languages (ICFP), pages 86-93. ACM, September 1998.
[16] The SwitchWare Active Network Implementation. D. Scott Alexander, Michael W. Hicks, Pankaj Kakkar, Angelos D. Keromytis, Marianne Shaw, Jonathan T. Moore, Carl A. Gunter, Trevor Jim, Scott M. Nettles, and Jonathan M. Smith. In Notes of the ACM SIGPLAN Workshop on ML, pages 67-76, September 1998.
[17] Network Programming Using PLAN. Michael Hicks, Pankaj Kakkar, Jonathan T. Moore, Carl A. Gunter, and Scott Nettles. In Luca Cardelli, editor, Proceedings of the IEEE Workshop on Internet Programming Languages, volume 1686 of Lecture Notes in Computer Science, pages 127-143. Springer-Verlag, May 1998.
[18] The SwitchWare Active Network Architecture. D. Scott Alexander, William A. Arbaugh, Michael Hicks, Pankaj Kakkar, Angelos Keromytis, Jonathan T. Moore, Carl A. Gunter, Scott M. Nettles, and Jonathan M. Smith. IEEE Network Magazine, 12(3):29-36, 1998. Special issue on Active and Controllable Networks.

Technical Reports

[1] User-specified Adaptive Scheduling in a Streaming Media Network. Michael Hicks, Adithya Nagarajan, and Robbert van Renesse. Technical Report CS-TR-4430, University of Maryland Department of Computer Science, March 2003.

Miscellaneous

[1] Adapton: Composable, Demand-Driven Incremental Computation. Matthew Hammer, Yit Phang Khoo, Michael Hicks, and Jeffrey S. Foster. In Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI), June 2014.
[2] Expositor: Scriptable Time-Travel Debugging with First Class Traces (Full version). Yit Phang Khoo, Jeffrey S. Foster, and Michael Hicks, December 2013. Extended version of ICSE'13 paper.
[3] Expositor: Scriptable Time-Travel Debugging with First Class Traces. Yit Phang Khoo, Jeffrey S. Foster, and Michael Hicks. In Proceedings of the International Conference on Software Engineering (ICSE), May 2013.
[4] Score: Agile Research Group Management. Michael Hicks and Jeffrey S. Foster. Communications of the ACM, 53(10):30-31, October 2010.
[5] General-Purpose Persistence Using Flash Memory. Jonathan T. Moore, Michael Hicks, and Scott Nettles. Unpublished manuscript, April 1997.

Technical Reports

[1] Adapton: Composable, Demand-Driven Incremental Computation. Matthew Hammer, Yit Phang Khoo, Michael Hicks, and Jeffrey S. Foster. Technical Report CS-TR-5027, Department of Computer Science, the University of Maryland, College Park, July 2013.
[2] Adapting Scrum to Managing a Research Group. Michael Hicks and Jeffrey S. Foster. Technical Report CS-TR-4966, University of Maryland, Department of Computer Science, September 2010.
[3] Types and Intermediate Representations. Michael Hicks. Technical Report MS-CIS-98-05, Department of Computer and Information Science, University of Pennsylvania, April 1998.


All works on this page are copyrighted. Permission to make digital or hard copies of all or part of these works for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that all copies bear this notice and the full citation on the first page. For some of these works, such license may be prohibited by the copyright owners. To copy otherwise, to republish, to post on servers or to redistribute, requires specific written permission and a fee.

Some of this work was supported by the National Science Foundation; any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.