Manuel Maarek

Table of Contents

Manuel Maarek

I am a lecturer in the Computer Science Department at the School of Mathematical and Computer Sciences of Heriot-Watt University in Edinburgh. I am part of the University's Cyber Security research. I am a member of the ULTRA Group. I am Director of Postgraduate Studies in the Computer Science Department and also the Programme Director for MSc Computer Science for Cyber Security (new 2021-22 programme, provisionally certified by NCSC), MSc Network Security, MSc Software Engineering, MSc Information Technology Software Systems, MSc Computing (2 years). I was in charge of the department's Student Equipment Fund.

Research

My research interests are in programming language, type theory, formal methods and their application to the safety, security and liability of software.

If you are interested in doing a PhD on these topics, do not hesitate to contact me.

Here is a list of past and ongoing projects I worked on.

Games for developer-centred security
I am working on methods for improving the security of developers' coding using games and developers' interactions [EuroUSEC-2020] [EuroUSEC-2019] [GaLA-2018]. This work is funded by EPSRC on the Secrious project EP/T017511/1 I co-lead: Serious Coding: A Game Approach To Security For The New Code-Citizens @SecriousProject led by Lynne Baillie. This is an interdisciplinary work with colleagues from Heriot-Watt University (Rob Stewart, Hans-Wolfgang Loidl, Sheung Chi Chan, Lynne Baillie, Theodoros Georgiou), the Glasgow School of Art (Sandy Louchart, Daisy Abbott, Olga Chatzifoti), the University of St Andrews (Adam Reed), Civic Digits (Clare Duffy, Rupert Goodwins), and with Léon McGregor (PhD student, co-supervised by Hans-Wolfgang Loidl). It was supported by NCSC-RISCS on a project I led and for which we developed an online Tower Defence game. In May 2019, we organised a Workshop on Serious Games for Cyber Security (sponsored by SICSA Cybersecurity NEXUS).
Language-based security
I am interested the security of software systems and how programming languages impact security. I have started an investigation into a change introduced in the OCaml language to make strings immutable [PLATEAU-2018]. This relates to my previous work on the LaFoSec project (see below).
System hazard analysis for security
I am working with Abdullah Altawairqi (PhD student) and Andrew Ireland on adapting STPA-based system hazard analysis methods for security [ASSURE-2017] [ESWC-2019].
Blockchain & cryptocurrencies
With Tin Tironsakkul (PhD student), Mike Just and Andrea Eross we are working on an interdisciplinary research on the security analysis of cryptocurrencies transactions [CBT-2020] [CRC-2019].
Peer-Testing
I am working on methods and tools for peer-feedback through programming tests, and its integration with code platforms such as GitLab. In 2016-17 I led a QAA project where I collaborated with Léon McGregor (Honours CS student) and with colleagues from Heriot-Watt University's Edinburgh and Dubai campuses [UKICER-2020] [IA10-2017] [STEM-HE-2017] [PLATEAU-2017] [NewDirections-2017]. More details are available on the project website.
LaFoSec
A study of the intrinsic security of functional programming languages (OCaml, F#, Scala). The project was initiated and funded by the French Network and Information Security Agency (ANSSI) and carried out by a consortium led by SafeRiver. The LaFoSec documents (in French) [LaFoSec-2011] are available on the ANSSI website. We presented some results of the study at JFLA 2013, at the F-IDE workshop [F-IDE-2014], and at ISCE 2015 SEIP [ICSE-SEIP-2015-a].
LISE
Liability Issues in Software Engineering was an ANR funded project (ANR-06-SECU-0007) led by Daniel Le Métayer. [CACM-2011] [ICSE-2010]
MathLang
MathLang is a project for computerizing mathematical texts and knowledge led by Fairouz Kamareddine and Joe Wells
FoCaLize
FoCaLize is a formal development environment for certified programs.

Contact

email address
M.Maarek@hw.ac.uk
online profiles
Google Scholar, LinkedIn, Twitter, DBLP, Academia, ResearchGate
office
EM 1.63 (Earl Mountbatten Building, Riccarton Campus)
phone number
+441314513287
address
School of Mathematical & Computer Sciences
Heriot-Watt University
EH14 4AS Edinburgh
United Kingdom

Teaching

Since March 2017, I am a Fellow of the Higher Education Academy (FHEA).

2020-2021 S1 F21CN/F20CN
Computer Network Security with Mike Just and Hani Ragab Hassen.
2020-2021 S2 F28DA
Data Structures and Algorithms with James McKinna and Ali Muzaffar.
2019-2020 S1 F21CN/F20CN
Computer Network Security with Mike Just and Hani Ragab Hassen.
2019-2020 S1 F28DA
Data Structures and Algorithms with Lucine Gharibian.
2018-2019 S1 F21SF/F20SF
Software Engineering Foundations with Katrin Lohan and Lucine Gharibian.
2018-2019 S1 F28DA
Data Structures and Algorithms with Hind Zantout.
2017-2018 S1 F21SF
Software Engineering Foundations with Katrin Lohan and Mohamed Abdelshafy.
2017-2018 S1 F28DA
Data Structures and Algorithms with Mohammad Hamdan.
2016-2017 S1 F21SF
Software Engineering Foundations with Katrin Lohan and Hani Ragab Hassen.
2016-2017 S1 F28DA
Data Structures and Algorithms with Mohammad Hamdan.
2015-2016 S1 F21SF
Software Engineering Foundations with Katrin Lohan and Hani Ragab Hassen.
2015-2016 S1 F28DA
Data Structures and Algorithms with Rob Pooley and Mohammad Hamdan.
2014-2015 S2 F29FB
Foundations 2 with Joe Wells.
2014-2015 S1 F28DA
Data Structures and Algorithms with Rob Pooley and Mohammad Hamdan.

Biography

2014-present
Assistant Professor in Computer Science at Heriot-Watt University in Edinburgh
2010-2014
Research Engineer at SafeRiver in Paris
2008-2010
Postdoctoral Fellow at Inria in Grenoble
2007-2008
ERCIM Research Fellow at CRP Henri Tudor (now LIST) in Luxembourg
2002-2007
PhD Student at Heriot-Watt University in Edinburgh
1998-2002
Undergraduate the Postgraduate Student at UPMC (now Sorbonne Université) in Paris

Publications and Conferences

[EuroUSEC-2020]
A. Ichario and M. Maarek. Vision: Investigating Web API Developer Experience in Relation to Terms of Service and Privacy Policies. In EuroUSEC European Workshop on Usable Security, 2020.
DOI ]
[CBT-2020]
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just. Tracking Mixed Bitcoins. In CBT Cryptocurrencies and Blockchain Technology, LNCS, 2020.
DOI ]
[UKICER-2020]
Léon McGregor and Manuel Maarek. Software Testing as Medium for Peer Feedback. In UKICER United Kingdom & Ireland Computing Education Research Conference. ACM, 2020.
DOI ]
[EuroUSEC-2019]
Manuel Maarek, Léon McGregor, Sandy Louchart, and Ross McMenemy. How Could Serious Games Support Secure Programming? Designing a Study Replication and Intervention. In EuroUSEC European Workshop on Usable Security, 2019.
DOI ]
[ESWC-2019]
Abdullah Altawairqi and Manuel Maarek. Exploring the Modeling of Attack Strategies for STPA. In ESWC European STAMP Workshop & Conference, 2019.
DOI ]
[CRC-2019]
Tin Tironsakkul, Manuel Maarek, Andrea Eross, and Mike Just. Probing the mystery of cryptocurrency theft, an investigation into methods for cryptocurrency tainting analysis. In Cryptocurrency Research Conference 2019, 2019. (oral presentation).
DOI ]
[GaLA-2018]
Manuel Maarek, Sandy Louchart, Léon McGregor, and Ross McMenemy. Co-created Design of a Serious Game Investigation into Developer-Centred Security. In GaLA Games and Learning Alliance, 2018.
DOI ]
[PLATEAU-2018]
Manuel Maarek. Observing the Uptake of a Language Change Making Strings Immutable. In PLATEAU Workshop on Evaluation and Usability of Programming Languages and Tools, 2018.
DOI ]
[NewDirections-2017]
Gudmund Grov, Mohammad Hamdan, Smitha S. Kumar, Manuel Maarek, Léon McGregor, Talal A. G. Shaikh, J. B. Wells, and Hind Zantout. Transition from Passive Learner to Critical Evaluator through Peer-Testing of Programming Artefacts. New Directions in the Teaching of Physical Sciences, 12, 2017.
http ]
[PLATEAU-2017]
Manuel Maarek and Léon McGregor. Development of a Web Platform for Code Peer-Testing. In PLATEAU Workshop on Evaluation and Usability of Programming Languages and Tools, 2017.
.pdf ]
[ASSURE-2017]
Abdullah Altawairqi and Manuel Maarek. Attack Modeling for System Security Analysis. In ASSURE Workshop on Assurance Cases for Software-intensive Systems, LNCS, 2017.
DOI ]
[STEM-HE-2017]
Gudmund Grov, Mohammad Hamdan, Smitha S. Kumar, Manuel Maarek, Léon McGregor, Talal A. G. Shaikh, J. B. Wells, and Hind Zantout. Transition from passive learner to critical evaluator through peer-testing of programming artifacts. In STEM HE, 2017. (presentation and demo).
.pdf ]
[IA10-2017]
Smitha S. Kumar, Manuel Maarek, and Talal A. G. Shaikh. Investigating programming feedback to improve student learning experience in computer science education. In Innovation Arabia 10 – Smart Learning Conference, 2017. (oral and poster presentations).
.pdf ]
[ICSE-SEIP-2015-a]
Damien Doligez, Christèle Faure, Thérèse Hardin, and Manuel Maarek. Avoiding security pitfalls with functional programming: a report on the development of a secure xml validator. In IEEE/ACM ICSE SEIP International Conference on Software Engineering, Software Engineering In Practice, 2015.
DOI ]
[ICSE-SEIP-2015-b]
Jean-Frédéric Etienne, Manuel Maarek, Florent Anseaume, and Véronique Delebarre. Improving predictability, efficiency and trust of model-based proof activity. In IEEE/ACM ICSE SEIP International Conference on Software Engineering, Software Engineering In Practice, 2015.
DOI ]
[F-IDE-2014]
Damien Doligez, Christèle Faure, Thérèse Hardin, and Manuel Maarek. Experience in using a typed functional language for the development of a security application. In F-IDE Workshop on Formal Integrated Development Environment, EPTCS, 2014.
DOI ]
[RDST-2011]
Nicolas Craipeau, Daniel Le Métayer, Marie-Laure Potet, Sylvain Steer, Manuel Maarek, and Valérie Viet Triem Tong. Définition des responsabilités pour les dysfonctionnements de logiciels : cadre contractuel et outils de mise en œuvre. In Actes du colloque Droit, sciences et techniques : quelles responsabilités, LITEC, collection Colloques et Débats. Etienne Vergès, 2011.
[CACM-2011]
Daniel Le Métayer, Manuel Maarek, Eduardo Mazza, Marie-Laure Potet, Stéphane Frénot, Valérie Tong Viet Triem, Nicolas Craipeau, and Ronan Hardouin. Liability issues in software engineering: the use of formal methods to reduce legal uncertainties. Communicantion of the ACM (CACM), 54, 2011.
DOI ]
[SPLeT-2010]
Manuel Maarek. On the extraction of decisions and contributions from summaries of French legal IT contract cases. In SPLeT LREC Workshop on Semantic Processing of Legal Texts, 2010.
[ICSE-2010]
Daniel Le Métayer, Manuel Maarek, Eduardo Mazza, Marie-Laure Potet, Stéphane Frénot, Valérie Viet Triem Tong, Nicolas Craipeau, Ronan Hardouin, Christophe Alleaume, Valérie-Laure Benabou, Denis Beras, Christophe Bidan, Gregor Goessler, Julien Le Clainche, Ludovic Mé, and Sylvain Steer. Liability in software engineering – Overview of the LISE approach and illustration on a case study. In ACM/IEEE ICSE International Conference on Software Engineering, 2010.
DOI ]
[NLELA-2008]
Daniel Le Métayer and Manuel Maarek. Deriving legal arguments from software traces, position paper. In NLELA JURIX Workshop on the Natural Language Engineering of Legal Argumentation: Language, Logic, and Computation., 2008.
[JFO-2008]
Manuel Maarek, Yannick Naudet, Patrick Plichart, and Thibaud Latour. Ontologies, règles et services : vers une connaissance actionnable. In JFO Journées Francophones sur les Ontologies, 2008.
[MKM-2007-a]
Fairouz Kamareddine, Robert Lamar, Manuel Maarek, and J. B. Wells. Restoring natural language as a computerised mathematics input method. In MKM Mathematical Knowledge Management, LNAI, 2007.
DOI ]
[MKM-2007-b]
Fairouz Kamareddine, Manuel Maarek, Krzysztof Retel, and J. B. Wells. Narrative structure of mathematical texts. In MKM Mathematical Knowledge Management, LNAI, 2007.
DOI ]
[NCD-2007]
Fairouz Kamareddine, Manuel Maarek, Krzysztof Retel, and J. B. Wells. Digitised mathematics: Computerisation vs. formalisation. In Review of the National Center for Digitization, volume 10, 2007.
[AT65-2007]
Fairouz Kamareddine, Manuel Maarek, Krzysztof Retel, and J. B. Wells. Gradual computerisation/formalisation of mathematical texts into Mizar. In From Insight to Proof: Festschrift in Honour of Andrzej Trybulec, volume 10(23) of Studies in Logic, Grammar and Rhetoric. University of Bialystok, 2007. Under the auspices of the Polish Association for Logic and Philosophy of Science.
[MKM-2005]
Fairouz Kamareddine, Manuel Maarek, and J. B. Wells. Toward an object-oriented structure for mathematical text. In MKM Mathematical Knowledge Management, LNAI, 2006.
DOI ]
[MKM-2004]
Fairouz Kamareddine, Manuel Maarek, and J. B. Wells. Flexible encoding of mathematics on the computer. In MKM Mathematical Knowledge Management, LNCS, 2004.
DOI ]
[MKM-2003]
Fairouz Kamareddine, Manuel Maarek, and J. B. Wells. Mathlang: Experience-driven development of a new mathematical language. In MKMNET Mathematical Knowledge Management Symposium, volume 93 of ENTCS, 2004.
DOI ]
[Calculemus-2003]
Manuel Maarek and Virgile Prévosto. FoCDoC: The Documentation System of FoC. In Calculemus 2003 - 11th Symposium on the Integration of Symbolic Computation and Mechanized Reasoning, 2003.

Reports and theses

[LaFoSec-2011]
Étude de la sécurité intrinsèque des langages fonctionnels (LaFoSec). Technical report, ANSSI, 2011. SafeRiver, CEDRIC and Normation. Part of the deliverable will published on the ANSSI website.
http ]
[INRIA-RR-7148-2009]
Christophe Alleaume, Valérie-Laure Benabou, Denis Beras, Christophe Bidan, Nicolas Craipeau, Stéphane Frénot, Gregor Goessler, Ronan Hardouin, Julien Le Clainche, Daniel Le Métayer, Manuel Maarek, Eduardo Mazza, Ludovic Mé, Marie-Laure Potet, Sylvain Steer, and Valérie Viet Triem Tong. Liability in software engineering: Overview of the LISE approach and illustration on a case study. Research Report RR-7148, INRIA, December 2009.
http ]
[PhD-2007]
Manuel Maarek. Mathematical Documents Faithfully Computerised: the Grammatical and Text & Symbol Aspects of the MathLang Framework. PhD thesis, Heriot-Watt University, Edinburgh, Scotland, June 2007.
http ]
[DEA-2002]
Manuel Maarek. Conception d'une librairie OMDoc pour FoC. Technical report, Université Pierre et Marie Curie Paris VI, September 2002. MSc thesis / Rapport de DEA.