- 2016 -
- Unikernel Systems Ltd
2015 - (acquired by Docker)
- University of Cambridge
- Senior Research Associate
2014 - 2015
- Freelance developer / consultant
- 2014 (Jan - Mar)
- IT Innovation Centre
- Senior Research Engineer
2004 - 2013
- University of Southampton
- PhD, Computer Science
2000 - 2004
- University of Southampton
- BSc, Computer Science (1st)
1997 - 2000
I studied Computer Science at the University of Southampton, graduating with a 1st in 2000 and going on to get a PhD in 2004. I then worked there as a research engineer until 2013, building proof-of-concept systems in collaboration with industry. I took a career break in 2013, learning OCaml and taking evening classes in Philosophy.
After a brief but enjoyable few months freelancing, I became a researcher at Cambridge University, building Mirage unikernels. We later formed a start-up (Unikernel Systems Ltd) to continue this work, which was soon acquired by Docker.
Here is a somewhat-random selection from the projects I’ve worked on. All the software described here is Open Source.
- Mirage on ARM
- Tracing and profiling
- The SERSCIS Access Modeller
- The freedesktop.org Shared MIME Database
- The ROX desktop
js_of_ocaml. It uses Irmin to store its data structures in a Git-like repository backed by IndexedDB in your browser, providing history, undo and the ability to keep tabs in sync automatically, without a server
Mirage on ARM
Tracing and profiling
In 2014, to help understand how Mirage worked and find performance problems, I instrumented the Lwt promise/threading library to generate trace files and wrote an interactive visualiser for the results:
I created the 0install project in 2003 to provide a secure, distributed, cross-platform package manager. It is now available from the repositories of all major Linux distributions and has been ported to Windows, OS X and the BSDs.
In 2013 I converted 0install from Python to OCaml, learning OCaml along the way.
The SERSCIS Access Modeller
In 2011 I wrote the SERSCIS Access Modeller (SAM). SAM takes a model of a system (e.g. a set of objects within a computer program or a set of machines on a network) and attempts to verify certain security properties about the system, by exploring all the ways access can propagate through the system. This can be used to prove that a design is actually secure (within the model’s assumptions).
Here is a paper about it:
The freedesktop.org Shared MIME Database
In 2002 I created the shared-mime-info system to unify the then-separate MIME databases used by the GNOME, KDE, XFCE and ROX desktops. It has been adopted by all of them and is now also used by LXDE and EDE. This package is installed by default on all mainstream desktop Linux systems. I am no longer involved with it, however.
The ROX desktop
In 1999 I created the ROX desktop, an alternative desktop environment based on user-interface concepts from RISC OS. Though now largely defunct, some people still use parts of it (including me!):
In 2008 I created an experimental language called Delight. It was based on D, but had a clever new (as I thought) security model. However, I then discovered that I was reinventing E (poorly), so I abandoned Delight and became an E developer instead, improving its performance, fixing some race conditions in its concurrency support and contributing an SQL-injection-attack-free database API to the standard library.