Manuel Maarek
I am a lecturer in the Computer Science Department at the School of Mathematical and Computer Sciences of Heriot-Watt University in Edinburgh. I am co-lead of the University's Cyber Security Interest Group and member of the Dependable Systems Group.
I am the Programme Director for MSc Computer Science for Cyber Security (certified by NCSC) and MSc Network Security.
Research
My research interests are in the technical and developer-centred aspects of programming language, type theory, formal methods and their application to the safety, security and liability of software.
If you are interested in doing a PhD on these topics, do not hesitate to contact me.
Here is a list of past and ongoing projects I worked on.
- Serious games for developer-centred security
- I am working on methods for improving the security of developers' coding using games and developers' interactions [ICSE-SEET-2024,WSIW-2023,EuroCSEP-2022,EuroUSEC-2020,EuroUSEC-2019,GaLA-2018]. This is an interdisciplinary work with colleagues from Heriot-Watt University (Rob Stewart, Hans-Wolfgang Loidl, Ryan Shah, Sheung Chi Chan, Lynne Baillie, Shenando Stals, Theodoros Georgiou), the Glasgow School of Art (Sandy Louchart, Daisy Abbott, Jamie Ferguson, Olga Chatzifoti), the University of St Andrews (Adam Reed), Civic Digits (Clare Duffy, Rupert Goodwins), and with Léon McGregor (PhD in 2023, co-supervised by Hans-Wolfgang Loidl). This work was funded by EPSRC on the Secrious project EP/T017511/1 I co-lead: Serious Coding: A Game Approach To Security For The New Code-Citizens @SecriousProject led by Lynne Baillie. It was supported by NCSC-RISCS and CyBOK on projects I led to develop the Citadel Programming Lab. In August 2023, we organised Deconstructing Gamified Approaches to Security and Privacy DGASP co-located with SOUPS 2023. In May 2019, we organised a Workshop on Serious Games for Cyber Security (sponsored by SICSA Cybersecurity NEXUS).
- Programming Education
- With Smitha Kumar (current PhD student), Michael Lones and Hind Zantout, we are working on the role of feedback in introductory programming courses [LLM4Code-2024]. With Rob Stewart and Laura Schauer, we worked on closing the feedback loop and improving education workflows in programming courses [ICSE-SEET-2024], see our GitLab Commit Virtual 2021 talk. This relates to my work on Peer-Testing (see below).
- Blockchain & cryptocurrencies
- With Tin Tironsakkul (PhD in 2022), Mike Just and Andrea Eross we are working on an interdisciplinary research on the security analysis of cryptocurrencies transactions [CRC-2019,CBT-2020,EICC-2022,FSIDI-2022].
- Peer-Testing
- I am working on methods and tools for peer-feedback through programming tests, and its integration with code platforms such as GitLab. In 2016-17 I led a QAA project where I collaborated with Léon McGregor (Honours CS student) and with colleagues from Heriot-Watt University's Edinburgh and Dubai campuses [UKICER-2020,IA10-2017,STEM-HE-2017,PLATEAU-2017,NewDirections-2017]. More details are available on the project website.
- System hazard analysis for security
- I worked with Abdullah Altawairqi and Andrew Ireland on adapting STPA-based system hazard analysis methods for security [ASSURE-2017,ESWC-2019].
- Language-based security
- I am interested the security of software systems and how programming languages impact security. I have started an investigation into a change introduced in the OCaml language to make strings immutable [PLATEAU-2018]. This relates to my previous work on the LaFoSec project (see below).
- LaFoSec
- A study of the intrinsic security of functional programming languages (OCaml, F#, Scala). The project was initiated and funded by the French Network and Information Security Agency (ANSSI) and carried out by a consortium led by SafeRiver. The LaFoSec documents (in French) [LaFoSec-2011] are available on the ANSSI website. We presented some results of the study at JFLA 2013, at the F-IDE workshop [F-IDE-2014], and at ISCE 2015 SEIP [ICSE-SEIP-2015-a].
- LISE
- Liability Issues in Software Engineering was an ANR funded project (ANR-06-SECU-0007) led by Daniel Le Métayer. [CACM-2011,ICSE-2010]
- MathLang
- MathLang is a project for computerizing mathematical texts and knowledge led by Fairouz Kamareddine and Joe Wells
- FoCaLize
- FoCaLize is a formal development environment for certified programs.
Contact
- email address
- M.Maarek@hw.ac.uk
- online profiles
- Google Scholar, LinkedIn, Twitter, DBLP, Academia, ResearchGate
- office
- EM 1.63 (Earl Mountbatten Building, Riccarton Campus)
- phone number
- +441314513287
- address
- School of Mathematical & Computer Sciences
Heriot-Watt University
EH14 4AS Edinburgh
United Kingdom
Roles
- 2021-present
- Programme Director for MSc Computer Science for Cyber Security (programme certified by NCSC).
- 2019-present
- Programme Director for MSc Network Security.
- 2019-2023
- Director of Postgraduate Studies in the Computer Science Department.
- 2019-2023
- Programme Director for MSc Computing (2 years).
- 2017-2023
- Programme Director for MSc Software Engineering, MSc Information Technology Software Systems.
- 2017-2018
- Member of the University's Postgraduate Studies Committee.
- 2015-2019
- Convener of the Department's Computer Users Group, and Student Equipment Fund, member of the MACS IT Committee.
Teaching
Since March 2017, I am a Fellow of the Higher Education Academy (FHEA).
- 2023-2024 S1 F28SG (OUC)
- Introduction to Data Structures and Algorithms as part of Joint OUC programme. With Rob Stewart and Smitha Kumar.
- 2022-2023 S1 F21CN/F20CN
- Computer Network Security with Mike Just and Hani Ragab Hassen.
- 2022-2023 S1 F28SG (OUC)
- Introduction to Data Structures and Algorithms as part of Joint OUC programme. With Rob Stewart and Smitha Kumar.
- 2021-2022 S1 F21CN/F20CN
- Computer Network Security with Mike Just and Hani Ragab Hassen.
- 2021-2022 S1 F28SG (OUC)
- Introduction to Data Structures and Algorithms as part of Joint OUC programme. With Rob Stewart and Smitha Kumar.
- 2021-2022 S3 F20IM
- IT Master Class.
- 2020-2021 S1 F21CN/F20CN
- Computer Network Security with Mike Just and Hani Ragab Hassen.
- 2020-2021 S2 F28DA
- Data Structures and Algorithms with James McKinna and Ali Muzaffar.
- 2019-2020 S1 F21CN/F20CN
- Computer Network Security with Mike Just and Hani Ragab Hassen.
- 2019-2020 S1 F28DA
- Data Structures and Algorithms with Lucine Gharibian.
- 2018-2019 S1 F21SF/F20SF
- Software Engineering Foundations with Katrin Lohan and Lucine Gharibian.
- 2018-2019 S1 F28DA
- Data Structures and Algorithms with Hind Zantout.
- 2017-2018 S1 F21SF
- Software Engineering Foundations with Katrin Lohan and Mohamed Abdelshafy.
- 2017-2018 S1 F28DA
- Data Structures and Algorithms with Mohammad Hamdan.
- 2016-2017 S1 F21SF
- Software Engineering Foundations with Katrin Lohan and Hani Ragab Hassen.
- 2016-2017 S1 F28DA
- Data Structures and Algorithms with Mohammad Hamdan.
- 2015-2016 S1 F21SF
- Software Engineering Foundations with Katrin Lohan and Hani Ragab Hassen.
- 2015-2016 S1 F28DA
- Data Structures and Algorithms with Rob Pooley and Mohammad Hamdan.
- 2014-2015 S2 F29FB
- Foundations 2 with Joe Wells.
- 2014-2015 S1 F28DA
- Data Structures and Algorithms with Rob Pooley and Mohammad Hamdan.
Biography
- 2021-present
- Associate Professor in Computer Science at Heriot-Watt University in Edinburgh
- 2014-2021
- Assistant Professor in Computer Science at Heriot-Watt University in Edinburgh
- 2010-2014
- Research Engineer at SafeRiver in Paris
- 2008-2010
- Postdoctoral Fellow at Inria in Grenoble
- 2007-2008
- ERCIM Research Fellow at CRP Henri Tudor (now LIST) in Luxembourg
- 2002-2007
- PhD Student at Heriot-Watt University in Edinburgh
- 1998-2002
- Undergraduate the Postgraduate Student at UPMC (now Sorbonne Université) in Paris
Publications
References
- [ICSE-SEET-2024]
-
Laura Schauer, Robert Stewart, and Manuel Maarek.
Integrating Canvas and GitLab to Enrich Learning Processes.
In IEEE/ACM ICSE SEET International Conference on Software
Engineering: Software Engineering Eduation and Training, 2024.
[ DOI | http ] - [LLM4Code-2024]
-
Smitha Kumar, Michael Adam Lones, Manuel Maarek, and Hind Zantout.
Investigating the Proficiency of Large Language Models in
Formative Feedback Generation for Student Programmers.
In 2024 International Workshop on Large Language Models for Code
(LLM4Code), 2024.
[ .pdf ] - [WSIW-2023]
-
Léon McGregor, Manuel Maarek, and Hans-Wolfgang Loidl.
Communicating on Security within Software Development Issue
Tracking.
In 9th Workshop on Security Information Workers WSIW 2023 -
Co-located Workshop at SOUPS 2023, 2023.
[ DOI | .pdf ] - [EICC-2022]
-
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just.
The Unique Dressing of Transactions: Wasabi CoinJoin
Transaction Detection.
In Proceedings of the 2022 European Interdisciplinary
Cybersecurity Conference EICC, 2022.
Best paper award.
[ DOI ] - [FSIDI-2022]
-
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just.
Context matters: Methods for Bitcoin tracking.
Forensic Science International: Digital Investigation, 42-43,
2022.
[ DOI ] - [EuroCSEP-2022]
-
Léon McGregor, Sheung Chi Chan, Szymon Wlodarczyk, and Manuel Maarek.
Aligning a Serious Game, Secure Programming and
CyBOK-Linked Learning Outcomes.
In 2022 IEEE European Symposium on Security and
Privacy Workshops (EuroS&PW), 1st European Workshop on Cyber
Security Education and Practice (EURO CSEP 2022), 2022.
[ DOI ] - [UKICER-2020]
-
Léon McGregor and Manuel Maarek.
Software Testing as Medium for Peer Feedback.
In UKICER United Kingdom & Ireland Computing
Education Research Conference. ACM, 2020.
[ DOI ] - [CBT-2020]
-
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just.
Tracking Mixed Bitcoins.
In CBT Cryptocurrencies and Blockchain Technology,
LNCS, 2020.
[ DOI ] - [EuroUSEC-2020]
-
A. Ichario and M. Maarek.
Vision: Investigating Web API Developer Experience in
Relation to Terms of Service and Privacy Policies.
In EuroUSEC European Workshop on Usable Security, 2020.
[ DOI ] - [CRC-2019]
-
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just.
Probing the mystery of cryptocurrency theft, an investigation into
methods for cryptocurrency tainting analysis.
In Cryptocurrency Research Conference 2019, 2019.
(oral presentation).
[ DOI ] - [ESWC-2019]
-
Abdullah Altawairqi and Manuel Maarek.
Exploring the Modeling of Attack Strategies for STPA.
In ESWC European STAMP Workshop & Conference, 2019.
[ DOI ] - [EuroUSEC-2019]
-
Manuel Maarek, Léon McGregor, Sandy Louchart, and Ross McMenemy.
How Could Serious Games Support Secure Programming? Designing
a Study Replication and Intervention.
In EuroUSEC European Workshop on Usable Security, 2019.
[ DOI ] - [PLATEAU-2018]
-
Manuel Maarek.
Observing the Uptake of a Language Change Making Strings
Immutable.
In PLATEAU Workshop on Evaluation and Usability of
Programming Languages and Tools, 2018.
[ DOI ] - [GaLA-2018]
-
Manuel Maarek, Sandy Louchart, Léon McGregor, and Ross McMenemy.
Co-created Design of a Serious Game Investigation into
Developer-Centred Security.
In GaLA Games and Learning Alliance, 2018.
[ DOI ] - [IA10-2017]
-
Smitha S. Kumar, Manuel Maarek, and Talal A. G. Shaikh.
Investigating programming feedback to improve student learning
experience in computer science education.
In Innovation Arabia 10 – Smart Learning Conference, 2017.
(oral and poster presentations).
[ .pdf ] - [STEM-HE-2017]
-
Gudmund Grov, Mohammad Hamdan, Smitha S. Kumar, Manuel Maarek, Léon McGregor,
Talal A. G. Shaikh, J. B. Wells, and Hind Zantout.
Transition from passive learner to critical evaluator through
peer-testing of programming artifacts.
In STEM HE, 2017.
(presentation and demo).
[ .pdf ] - [ASSURE-2017]
-
Abdullah Altawairqi and Manuel Maarek.
Attack Modeling for System Security Analysis.
In ASSURE Workshop on Assurance Cases for Software-intensive
Systems, LNCS, 2017.
[ DOI ] - [PLATEAU-2017]
-
Manuel Maarek and Léon McGregor.
Development of a Web Platform for Code Peer-Testing.
In PLATEAU Workshop on Evaluation and Usability of
Programming Languages and Tools, 2017.
[ .pdf ] - [NewDirections-2017]
-
Gudmund Grov, Mohammad Hamdan, Smitha S. Kumar, Manuel Maarek, Léon
McGregor, Talal A. G. Shaikh, J. B. Wells, and Hind Zantout.
Transition from Passive Learner to Critical Evaluator through
Peer-Testing of Programming Artefacts.
New Directions in the Teaching of Physical Sciences, 12, 2017.
[ http ] - [ICSE-SEIP-2015-b]
-
Jean-Frédéric Etienne, Manuel Maarek, Florent Anseaume, and Véronique
Delebarre.
Improving predictability, efficiency and trust of model-based proof
activity.
In IEEE/ACM ICSE SEIP International Conference on Software
Engineering, Software Engineering In Practice, 2015.
[ DOI ] - [ICSE-SEIP-2015-a]
-
Damien Doligez, Christèle Faure, Thérèse Hardin, and Manuel Maarek.
Avoiding security pitfalls with functional programming: a report on
the development of a secure xml validator.
In IEEE/ACM ICSE SEIP International Conference on Software
Engineering, Software Engineering In Practice, 2015.
[ DOI ] - [F-IDE-2014]
-
Damien Doligez, Christèle Faure, Thérèse Hardin, and Manuel Maarek.
Experience in using a typed functional language for the development
of a security application.
In F-IDE Workshop on Formal Integrated Development Environment,
EPTCS, 2014.
[ DOI ] - [CACM-2011]
-
Daniel Le Métayer, Manuel Maarek, Eduardo Mazza, Marie-Laure Potet,
Stéphane Frénot, Valérie Tong Viet Triem, Nicolas Craipeau, and
Ronan Hardouin.
Liability issues in software engineering: the use of formal methods
to reduce legal uncertainties.
Communicantion of the ACM (CACM), 54, 2011.
[ DOI ] - [RDST-2011]
-
Nicolas Craipeau, Daniel Le Métayer, Marie-Laure Potet, Sylvain Steer,
Manuel Maarek, and Valérie Viet Triem Tong.
Définition des responsabilités pour les dysfonctionnements de
logiciels : cadre contractuel et outils de mise en œuvre.
In Actes du colloque Droit, sciences et techniques : quelles
responsabilités, LITEC, collection Colloques et Débats. Etienne Vergès,
2011.
- [ICSE-2010]
-
Daniel Le Métayer, Manuel Maarek, Eduardo Mazza, Marie-Laure Potet,
Stéphane Frénot, Valérie Viet Triem Tong, Nicolas Craipeau, Ronan
Hardouin, Christophe Alleaume, Valérie-Laure Benabou, Denis Beras,
Christophe Bidan, Gregor Goessler, Julien Le Clainche, Ludovic Mé, and
Sylvain Steer.
Liability in software engineering – Overview of the LISE
approach and illustration on a case study.
In ACM/IEEE ICSE International Conference on Software
Engineering, 2010.
[ DOI ] - [SPLeT-2010]
-
Manuel Maarek.
On the extraction of decisions and contributions from summaries of
French legal IT contract cases.
In SPLeT LREC Workshop on Semantic Processing of Legal Texts,
2010.
- [JFO-2008]
-
Manuel Maarek, Yannick Naudet, Patrick Plichart, and Thibaud Latour.
Ontologies, règles et services : vers une connaissance
actionnable.
In JFO Journées Francophones sur les Ontologies, 2008.
- [NLELA-2008]
-
Daniel Le Métayer and Manuel Maarek.
Deriving legal arguments from software traces, position paper.
In NLELA JURIX Workshop on the Natural Language Engineering of
Legal Argumentation: Language, Logic, and Computation., 2008.
- [AT65-2007]
-
Fairouz Kamareddine, Manuel Maarek, Krzysztof Retel, and J. B. Wells.
Gradual computerisation/formalisation of mathematical texts into
Mizar.
In From Insight to Proof: Festschrift in Honour of Andrzej
Trybulec, volume 10(23) of Studies in Logic, Grammar and Rhetoric.
University of Bialystok, 2007.
Under the auspices of the Polish Association for Logic and Philosophy
of Science.
- [NCD-2007]
-
Fairouz Kamareddine, Manuel Maarek, Krzysztof Retel, and J. B. Wells.
Digitised mathematics: Computerisation vs. formalisation.
In Review of the National Center for Digitization, volume 10,
2007.
- [MKM-2007-b]
-
Fairouz Kamareddine, Manuel Maarek, Krzysztof Retel, and J. B. Wells.
Narrative structure of mathematical texts.
In MKM Mathematical Knowledge Management, LNAI, 2007.
[ DOI ] - [MKM-2007-a]
-
Fairouz Kamareddine, Robert Lamar, Manuel Maarek, and J. B. Wells.
Restoring natural language as a computerised mathematics input
method.
In MKM Mathematical Knowledge Management, LNAI, 2007.
[ DOI ] - [MKM-2005]
-
Fairouz Kamareddine, Manuel Maarek, and J. B. Wells.
Toward an object-oriented structure for mathematical text.
In MKM Mathematical Knowledge Management, LNAI, 2006.
[ DOI ] - [MKM-2003]
-
Fairouz Kamareddine, Manuel Maarek, and J. B. Wells.
Mathlang: Experience-driven development of a new mathematical
language.
In MKMNET Mathematical Knowledge Management Symposium,
volume 93 of ENTCS, 2004.
[ DOI ] - [MKM-2004]
-
Fairouz Kamareddine, Manuel Maarek, and J. B. Wells.
Flexible encoding of mathematics on the computer.
In MKM Mathematical Knowledge Management, LNCS, 2004.
[ DOI ] - [Calculemus-2003]
-
Manuel Maarek and Virgile Prévosto.
FoCDoC: The Documentation System of FoC.
In Calculemus 2003 - 11th Symposium on the Integration
of Symbolic Computation and Mechanized Reasoning, 2003.
Reports
References
- [LaFoSec-2011]
-
Étude de la sécurité intrinsèque des langages fonctionnels (LaFoSec).
Technical report, ANSSI, 2011.
SafeRiver, CEDRIC and Normation. Part of the deliverable will
published on the ANSSI website.
[ http ] - [INRIA-RR-7148-2009]
-
Christophe Alleaume, Valérie-Laure Benabou, Denis Beras, Christophe Bidan,
Nicolas Craipeau, Stéphane Frénot, Gregor Goessler, Ronan Hardouin, Julien
Le Clainche, Daniel Le Métayer, Manuel Maarek, Eduardo Mazza, Ludovic
Mé, Marie-Laure Potet, Sylvain Steer, and Valérie Viet Triem Tong.
Liability in software engineering: Overview of the LISE approach
and illustration on a case study.
Research Report RR-7148, INRIA, December 2009.
[ http ] - [PhD-2007]
-
Manuel Maarek.
Mathematical Documents Faithfully Computerised: the Grammatical
and Text & Symbol Aspects of the MathLang Framework.
PhD thesis, Heriot-Watt University, Edinburgh, Scotland, June 2007.
[ http ] - [DEA-2002]
-
Manuel Maarek.
Conception d'une librairie OMDoc pour FoC.
Technical report, Université Pierre et Marie Curie Paris VI,
September 2002.
MSc thesis / Rapport de DEA.