Manuel Maarek

Table of Contents

Manuel Maarek

I am a lecturer in the Computer Science Department at the School of Mathematical and Computer Sciences of Heriot-Watt University in Edinburgh. I am co-lead of the University's Cyber Security Interest Group and member of the Dependable Systems Group.

I am the Programme Director for MSc Computer Science for Cyber Security (certified by NCSC) and MSc Network Security.

Research

My research interests are in the technical and developer-centred aspects of programming language, type theory, formal methods and their application to the safety, security and liability of software.

If you are interested in doing a PhD on these topics, do not hesitate to contact me.

Here is a list of past and ongoing projects I worked on.

Serious games for developer-centred security
I am working on methods for improving the security of developers' coding using games and developers' interactions [ICSE-SEET-2024,WSIW-2023,EuroCSEP-2022,EuroUSEC-2020,EuroUSEC-2019,GaLA-2018]. This is an interdisciplinary work with colleagues from Heriot-Watt University (Rob Stewart, Hans-Wolfgang Loidl, Ryan Shah, Sheung Chi Chan, Lynne Baillie, Shenando Stals, Theodoros Georgiou), the Glasgow School of Art (Sandy Louchart, Daisy Abbott, Jamie Ferguson, Olga Chatzifoti), the University of St Andrews (Adam Reed), Civic Digits (Clare Duffy, Rupert Goodwins), and with Léon McGregor (PhD in 2023, co-supervised by Hans-Wolfgang Loidl). This work was funded by EPSRC on the Secrious project EP/T017511/1 I co-lead: Serious Coding: A Game Approach To Security For The New Code-Citizens @SecriousProject led by Lynne Baillie. It was supported by NCSC-RISCS and CyBOK on projects I led to develop the Citadel Programming Lab. In August 2023, we organised Deconstructing Gamified Approaches to Security and Privacy DGASP co-located with SOUPS 2023. In May 2019, we organised a Workshop on Serious Games for Cyber Security (sponsored by SICSA Cybersecurity NEXUS).
Programming Education
With Smitha Kumar (current PhD student), Michael Lones and Hind Zantout, we are working on the role of feedback in introductory programming courses [LLM4Code-2024]. With Rob Stewart and Laura Schauer, we worked on closing the feedback loop and improving education workflows in programming courses [ICSE-SEET-2024], see our GitLab Commit Virtual 2021 talk. This relates to my work on Peer-Testing (see below).
Blockchain & cryptocurrencies
With Tin Tironsakkul (PhD in 2022), Mike Just and Andrea Eross we are working on an interdisciplinary research on the security analysis of cryptocurrencies transactions [CRC-2019,CBT-2020,EICC-2022,FSIDI-2022].
Peer-Testing
I am working on methods and tools for peer-feedback through programming tests, and its integration with code platforms such as GitLab. In 2016-17 I led a QAA project where I collaborated with Léon McGregor (Honours CS student) and with colleagues from Heriot-Watt University's Edinburgh and Dubai campuses [UKICER-2020,IA10-2017,STEM-HE-2017,PLATEAU-2017,NewDirections-2017]. More details are available on the project website.
System hazard analysis for security
I worked with Abdullah Altawairqi and Andrew Ireland on adapting STPA-based system hazard analysis methods for security [ASSURE-2017,ESWC-2019].
Language-based security
I am interested the security of software systems and how programming languages impact security. I have started an investigation into a change introduced in the OCaml language to make strings immutable [PLATEAU-2018]. This relates to my previous work on the LaFoSec project (see below).
LaFoSec
A study of the intrinsic security of functional programming languages (OCaml, F#, Scala). The project was initiated and funded by the French Network and Information Security Agency (ANSSI) and carried out by a consortium led by SafeRiver. The LaFoSec documents (in French) [LaFoSec-2011] are available on the ANSSI website. We presented some results of the study at JFLA 2013, at the F-IDE workshop [F-IDE-2014], and at ISCE 2015 SEIP [ICSE-SEIP-2015-a].
LISE
Liability Issues in Software Engineering was an ANR funded project (ANR-06-SECU-0007) led by Daniel Le Métayer. [CACM-2011,ICSE-2010]
MathLang
MathLang is a project for computerizing mathematical texts and knowledge led by Fairouz Kamareddine and Joe Wells
FoCaLize
FoCaLize is a formal development environment for certified programs.

Contact

email address
M.Maarek@hw.ac.uk
online profiles
Google Scholar, LinkedIn, Twitter, DBLP, Academia, ResearchGate
office
EM 1.63 (Earl Mountbatten Building, Riccarton Campus)
phone number
+441314513287
address
School of Mathematical & Computer Sciences
Heriot-Watt University
EH14 4AS Edinburgh
United Kingdom

Roles

2021-present
Programme Director for MSc Computer Science for Cyber Security (programme certified by NCSC).
2019-present
Programme Director for MSc Network Security.
2019-2023
Director of Postgraduate Studies in the Computer Science Department.
2019-2023
Programme Director for MSc Computing (2 years).
2017-2023
Programme Director for MSc Software Engineering, MSc Information Technology Software Systems.
2017-2018
Member of the University's Postgraduate Studies Committee.
2015-2019
Convener of the Department's Computer Users Group, and Student Equipment Fund, member of the MACS IT Committee.

Teaching

Since March 2017, I am a Fellow of the Higher Education Academy (FHEA).

2023-2024 S1 F28SG (OUC)
Introduction to Data Structures and Algorithms as part of Joint OUC programme. With Rob Stewart and Smitha Kumar.
2022-2023 S1 F21CN/F20CN
Computer Network Security with Mike Just and Hani Ragab Hassen.
2022-2023 S1 F28SG (OUC)
Introduction to Data Structures and Algorithms as part of Joint OUC programme. With Rob Stewart and Smitha Kumar.
2021-2022 S1 F21CN/F20CN
Computer Network Security with Mike Just and Hani Ragab Hassen.
2021-2022 S1 F28SG (OUC)
Introduction to Data Structures and Algorithms as part of Joint OUC programme. With Rob Stewart and Smitha Kumar.
2021-2022 S3 F20IM
IT Master Class.
2020-2021 S1 F21CN/F20CN
Computer Network Security with Mike Just and Hani Ragab Hassen.
2020-2021 S2 F28DA
Data Structures and Algorithms with James McKinna and Ali Muzaffar.
2019-2020 S1 F21CN/F20CN
Computer Network Security with Mike Just and Hani Ragab Hassen.
2019-2020 S1 F28DA
Data Structures and Algorithms with Lucine Gharibian.
2018-2019 S1 F21SF/F20SF
Software Engineering Foundations with Katrin Lohan and Lucine Gharibian.
2018-2019 S1 F28DA
Data Structures and Algorithms with Hind Zantout.
2017-2018 S1 F21SF
Software Engineering Foundations with Katrin Lohan and Mohamed Abdelshafy.
2017-2018 S1 F28DA
Data Structures and Algorithms with Mohammad Hamdan.
2016-2017 S1 F21SF
Software Engineering Foundations with Katrin Lohan and Hani Ragab Hassen.
2016-2017 S1 F28DA
Data Structures and Algorithms with Mohammad Hamdan.
2015-2016 S1 F21SF
Software Engineering Foundations with Katrin Lohan and Hani Ragab Hassen.
2015-2016 S1 F28DA
Data Structures and Algorithms with Rob Pooley and Mohammad Hamdan.
2014-2015 S2 F29FB
Foundations 2 with Joe Wells.
2014-2015 S1 F28DA
Data Structures and Algorithms with Rob Pooley and Mohammad Hamdan.

Biography

2021-present
Associate Professor in Computer Science at Heriot-Watt University in Edinburgh
2014-2021
Assistant Professor in Computer Science at Heriot-Watt University in Edinburgh
2010-2014
Research Engineer at SafeRiver in Paris
2008-2010
Postdoctoral Fellow at Inria in Grenoble
2007-2008
ERCIM Research Fellow at CRP Henri Tudor (now LIST) in Luxembourg
2002-2007
PhD Student at Heriot-Watt University in Edinburgh
1998-2002
Undergraduate the Postgraduate Student at UPMC (now Sorbonne Université) in Paris

Publications

References

[ICSE-SEET-2024]
Laura Schauer, Robert Stewart, and Manuel Maarek. Integrating Canvas and GitLab to Enrich Learning Processes. In IEEE/ACM ICSE SEET International Conference on Software Engineering: Software Engineering Eduation and Training, 2024.
DOI | http ]
[LLM4Code-2024]
Smitha Kumar, Michael Adam Lones, Manuel Maarek, and Hind Zantout. Investigating the Proficiency of Large Language Models in Formative Feedback Generation for Student Programmers. In 2024 International Workshop on Large Language Models for Code (LLM4Code), 2024.
.pdf ]
[WSIW-2023]
Léon McGregor, Manuel Maarek, and Hans-Wolfgang Loidl. Communicating on Security within Software Development Issue Tracking. In 9th Workshop on Security Information Workers WSIW 2023 - Co-located Workshop at SOUPS 2023, 2023.
DOI | .pdf ]
[EICC-2022]
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just. The Unique Dressing of Transactions: Wasabi CoinJoin Transaction Detection. In Proceedings of the 2022 European Interdisciplinary Cybersecurity Conference EICC, 2022. Best paper award.
DOI ]
[FSIDI-2022]
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just. Context matters: Methods for Bitcoin tracking. Forensic Science International: Digital Investigation, 42-43, 2022.
DOI ]
[EuroCSEP-2022]
Léon McGregor, Sheung Chi Chan, Szymon Wlodarczyk, and Manuel Maarek. Aligning a Serious Game, Secure Programming and CyBOK-Linked Learning Outcomes. In 2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 1st European Workshop on Cyber Security Education and Practice (EURO CSEP 2022), 2022.
DOI ]
[UKICER-2020]
Léon McGregor and Manuel Maarek. Software Testing as Medium for Peer Feedback. In UKICER United Kingdom & Ireland Computing Education Research Conference. ACM, 2020.
DOI ]
[CBT-2020]
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just. Tracking Mixed Bitcoins. In CBT Cryptocurrencies and Blockchain Technology, LNCS, 2020.
DOI ]
[EuroUSEC-2020]
A. Ichario and M. Maarek. Vision: Investigating Web API Developer Experience in Relation to Terms of Service and Privacy Policies. In EuroUSEC European Workshop on Usable Security, 2020.
DOI ]
[CRC-2019]
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just. Probing the mystery of cryptocurrency theft, an investigation into methods for cryptocurrency tainting analysis. In Cryptocurrency Research Conference 2019, 2019. (oral presentation).
DOI ]
[ESWC-2019]
Abdullah Altawairqi and Manuel Maarek. Exploring the Modeling of Attack Strategies for STPA. In ESWC European STAMP Workshop & Conference, 2019.
DOI ]
[EuroUSEC-2019]
Manuel Maarek, Léon McGregor, Sandy Louchart, and Ross McMenemy. How Could Serious Games Support Secure Programming? Designing a Study Replication and Intervention. In EuroUSEC European Workshop on Usable Security, 2019.
DOI ]
[PLATEAU-2018]
Manuel Maarek. Observing the Uptake of a Language Change Making Strings Immutable. In PLATEAU Workshop on Evaluation and Usability of Programming Languages and Tools, 2018.
DOI ]
[GaLA-2018]
Manuel Maarek, Sandy Louchart, Léon McGregor, and Ross McMenemy. Co-created Design of a Serious Game Investigation into Developer-Centred Security. In GaLA Games and Learning Alliance, 2018.
DOI ]
[IA10-2017]
Smitha S. Kumar, Manuel Maarek, and Talal A. G. Shaikh. Investigating programming feedback to improve student learning experience in computer science education. In Innovation Arabia 10 – Smart Learning Conference, 2017. (oral and poster presentations).
.pdf ]
[STEM-HE-2017]
Gudmund Grov, Mohammad Hamdan, Smitha S. Kumar, Manuel Maarek, Léon McGregor, Talal A. G. Shaikh, J. B. Wells, and Hind Zantout. Transition from passive learner to critical evaluator through peer-testing of programming artifacts. In STEM HE, 2017. (presentation and demo).
.pdf ]
[ASSURE-2017]
Abdullah Altawairqi and Manuel Maarek. Attack Modeling for System Security Analysis. In ASSURE Workshop on Assurance Cases for Software-intensive Systems, LNCS, 2017.
DOI ]
[PLATEAU-2017]
Manuel Maarek and Léon McGregor. Development of a Web Platform for Code Peer-Testing. In PLATEAU Workshop on Evaluation and Usability of Programming Languages and Tools, 2017.
.pdf ]
[NewDirections-2017]
Gudmund Grov, Mohammad Hamdan, Smitha S. Kumar, Manuel Maarek, Léon McGregor, Talal A. G. Shaikh, J. B. Wells, and Hind Zantout. Transition from Passive Learner to Critical Evaluator through Peer-Testing of Programming Artefacts. New Directions in the Teaching of Physical Sciences, 12, 2017.
http ]
[ICSE-SEIP-2015-b]
Jean-Frédéric Etienne, Manuel Maarek, Florent Anseaume, and Véronique Delebarre. Improving predictability, efficiency and trust of model-based proof activity. In IEEE/ACM ICSE SEIP International Conference on Software Engineering, Software Engineering In Practice, 2015.
DOI ]
[ICSE-SEIP-2015-a]
Damien Doligez, Christèle Faure, Thérèse Hardin, and Manuel Maarek. Avoiding security pitfalls with functional programming: a report on the development of a secure xml validator. In IEEE/ACM ICSE SEIP International Conference on Software Engineering, Software Engineering In Practice, 2015.
DOI ]
[F-IDE-2014]
Damien Doligez, Christèle Faure, Thérèse Hardin, and Manuel Maarek. Experience in using a typed functional language for the development of a security application. In F-IDE Workshop on Formal Integrated Development Environment, EPTCS, 2014.
DOI ]
[CACM-2011]
Daniel Le Métayer, Manuel Maarek, Eduardo Mazza, Marie-Laure Potet, Stéphane Frénot, Valérie Tong Viet Triem, Nicolas Craipeau, and Ronan Hardouin. Liability issues in software engineering: the use of formal methods to reduce legal uncertainties. Communicantion of the ACM (CACM), 54, 2011.
DOI ]
[RDST-2011]
Nicolas Craipeau, Daniel Le Métayer, Marie-Laure Potet, Sylvain Steer, Manuel Maarek, and Valérie Viet Triem Tong. Définition des responsabilités pour les dysfonctionnements de logiciels : cadre contractuel et outils de mise en œuvre. In Actes du colloque Droit, sciences et techniques : quelles responsabilités, LITEC, collection Colloques et Débats. Etienne Vergès, 2011.
[ICSE-2010]
Daniel Le Métayer, Manuel Maarek, Eduardo Mazza, Marie-Laure Potet, Stéphane Frénot, Valérie Viet Triem Tong, Nicolas Craipeau, Ronan Hardouin, Christophe Alleaume, Valérie-Laure Benabou, Denis Beras, Christophe Bidan, Gregor Goessler, Julien Le Clainche, Ludovic Mé, and Sylvain Steer. Liability in software engineering – Overview of the LISE approach and illustration on a case study. In ACM/IEEE ICSE International Conference on Software Engineering, 2010.
DOI ]
[SPLeT-2010]
Manuel Maarek. On the extraction of decisions and contributions from summaries of French legal IT contract cases. In SPLeT LREC Workshop on Semantic Processing of Legal Texts, 2010.
[JFO-2008]
Manuel Maarek, Yannick Naudet, Patrick Plichart, and Thibaud Latour. Ontologies, règles et services : vers une connaissance actionnable. In JFO Journées Francophones sur les Ontologies, 2008.
[NLELA-2008]
Daniel Le Métayer and Manuel Maarek. Deriving legal arguments from software traces, position paper. In NLELA JURIX Workshop on the Natural Language Engineering of Legal Argumentation: Language, Logic, and Computation., 2008.
[AT65-2007]
Fairouz Kamareddine, Manuel Maarek, Krzysztof Retel, and J. B. Wells. Gradual computerisation/formalisation of mathematical texts into Mizar. In From Insight to Proof: Festschrift in Honour of Andrzej Trybulec, volume 10(23) of Studies in Logic, Grammar and Rhetoric. University of Bialystok, 2007. Under the auspices of the Polish Association for Logic and Philosophy of Science.
[NCD-2007]
Fairouz Kamareddine, Manuel Maarek, Krzysztof Retel, and J. B. Wells. Digitised mathematics: Computerisation vs. formalisation. In Review of the National Center for Digitization, volume 10, 2007.
[MKM-2007-b]
Fairouz Kamareddine, Manuel Maarek, Krzysztof Retel, and J. B. Wells. Narrative structure of mathematical texts. In MKM Mathematical Knowledge Management, LNAI, 2007.
DOI ]
[MKM-2007-a]
Fairouz Kamareddine, Robert Lamar, Manuel Maarek, and J. B. Wells. Restoring natural language as a computerised mathematics input method. In MKM Mathematical Knowledge Management, LNAI, 2007.
DOI ]
[MKM-2005]
Fairouz Kamareddine, Manuel Maarek, and J. B. Wells. Toward an object-oriented structure for mathematical text. In MKM Mathematical Knowledge Management, LNAI, 2006.
DOI ]
[MKM-2003]
Fairouz Kamareddine, Manuel Maarek, and J. B. Wells. Mathlang: Experience-driven development of a new mathematical language. In MKMNET Mathematical Knowledge Management Symposium, volume 93 of ENTCS, 2004.
DOI ]
[MKM-2004]
Fairouz Kamareddine, Manuel Maarek, and J. B. Wells. Flexible encoding of mathematics on the computer. In MKM Mathematical Knowledge Management, LNCS, 2004.
DOI ]
[Calculemus-2003]
Manuel Maarek and Virgile Prévosto. FoCDoC: The Documentation System of FoC. In Calculemus 2003 - 11th Symposium on the Integration of Symbolic Computation and Mechanized Reasoning, 2003.

Reports

References

[LaFoSec-2011]
Étude de la sécurité intrinsèque des langages fonctionnels (LaFoSec). Technical report, ANSSI, 2011. SafeRiver, CEDRIC and Normation. Part of the deliverable will published on the ANSSI website.
http ]
[INRIA-RR-7148-2009]
Christophe Alleaume, Valérie-Laure Benabou, Denis Beras, Christophe Bidan, Nicolas Craipeau, Stéphane Frénot, Gregor Goessler, Ronan Hardouin, Julien Le Clainche, Daniel Le Métayer, Manuel Maarek, Eduardo Mazza, Ludovic Mé, Marie-Laure Potet, Sylvain Steer, and Valérie Viet Triem Tong. Liability in software engineering: Overview of the LISE approach and illustration on a case study. Research Report RR-7148, INRIA, December 2009.
http ]
[PhD-2007]
Manuel Maarek. Mathematical Documents Faithfully Computerised: the Grammatical and Text & Symbol Aspects of the MathLang Framework. PhD thesis, Heriot-Watt University, Edinburgh, Scotland, June 2007.
http ]
[DEA-2002]
Manuel Maarek. Conception d'une librairie OMDoc pour FoC. Technical report, Université Pierre et Marie Curie Paris VI, September 2002. MSc thesis / Rapport de DEA.