Mike Hicks
I am the Cecilia Fitler Moore Professor in the Computer and Information Science Department and the Director of the Schlein Center for Cybersecurity at the University of Pennsylvania, and I am an Amazon Scholar.
Previously, I was a Senior Principal Scientist at Amazon Web Services where I co-led (with Emina Torlak) development on the Cedar authorization policy language, which is part of Amazon Verified Permissions.
I am also a Professor Emeritus (retired 2022) in the Computer Science Department and UMIACS at the University of Maryland, College Park. I was the inaugural Director of the Maryland Cybersecurity Center (MC2), and with Jeff Foster I founded and directed PLUM, the lab for Programming Languages research at the University of Maryland.
I was Chair (2015-2018) and Past Chair (2018-2021) of ACM SIGPLAN, the Founder (2019) and Editor (until mid-2021) of PL Perspectives, the SIGPLAN blog, and was the CTO of Correct Computation, Inc (2018-2021). I am currently the Editor in Chief of Proceedings of the ACM on Programming Languages (PACMPL).
Here is my current vita and a list of my publications, organized by year and by category.
Research
My research focuses on improving software availability, reliability, and security through programming languages and software engineering techniques. Current areas include:
- Secure programming: Developing Checked C, a memory-safe extension to C for legacy code migration; conducting Build it, Break it, Fix it contests to evaluate secure development practices; and working with safe languages like Rust
- Fuzz testing: Developing methodologies for evaluating randomized testers and combining coverage-guided fuzzing with property-based testing
- Quantum computation: Creating verified compiler stacks for quantum programs, including VOQC, and developing robust quantum programs for near-term devices
- Privacy & cryptography: Building languages for secure multiparty computation ( Wysteria, Symphony); developing authenticated data structures and compiler-optimized oblivious RAM
Past projects include dynamic software updating (Kitsune, Rubah), information flow control (LWeb, Prob), incremental computation (Adapton), type systems for Ruby (Diamondback Ruby), symbolic execution (Otter), race detection (LockSmith), and the memory-safe C dialect Cyclone.
Teaching
- Current: Empirical Security & Privacy, for Humans (CIS 7000, Fall 2025)
- Recent: Organization of Programming Languages (CMSC 330, multiple semesters); Program Analysis and Understanding (CMSC 631, multiple semesters); Software Security MOOC (now free, originally on Coursera)
- Past: Build it, Break it, Fix it contest (CMSC 388N); Mechanized Proof and Verified Software (CMSC 838G); Cybersecurity Lab (CMSC 498L); Operating Systems (CMSC 412)
Service, professional activities
- Editor in Chief: Proceedings of the ACM on Programming Languages (PACMPL) (2023-2028); Associate Editor for TOPLAS (2012-2016)
- ACM SIGPLAN: Chair (2015-2018), Past Chair (2018-2021); POPL Steering Committee Chair (2018-2021); Founder and Editor of PL Perspectives blog (2019-2021)
- Recent program committees: CSF, OOPSLA, S&P, POPL, PLDI (Area Chair), CCS (Area Chair), ASPLOS, SecDev, and many others
- Past roles: Co-PC Chair for CSF 2015-2016, SecDev 2016; inaugural Director of Maryland Cybersecurity Center (2011-2013); CTO of startup Correct Computation, Inc (2018-2021)
Mike Hicks
Professor. Director. Scholar.
Address:
University of Pennsylvania
Dept. of Computer & Information Science
3330 Walnut Street
Philadelphia, PA 19104
Office: 321 Amy Guttman Hall (3317 Chestnut St)
CV: Curriculum Vitae
Blogs: