Thomas Leonard's blog

About Me

2016 -
Unikernel Systems Ltd
2015 - (acquired by Docker)
University of Cambridge
Senior Research Associate
2014 - 2015
Freelance developer / consultant
2014 (Jan - Mar)
IT Innovation Centre
Senior Research Engineer
2004 - 2013
University of Southampton
PhD, Computer Science
2000 - 2004
University of Southampton
BSc, Computer Science (1st)
1997 - 2000

I studied Computer Science at the University of Southampton, graduating with a 1st in 2000 and going on to get a PhD in 2004. I then worked there as a research engineer until 2013, building proof-of-concept systems in collaboration with industry. I took a career break in 2013, learning OCaml and taking evening classes in Philosophy.

After a brief but enjoyable few months freelancing, I became a researcher at Cambridge University, building Mirage unikernels. We later formed a start-up (Unikernel Systems Ltd) to continue this work, which was soon acquired by Docker.

Here is a somewhat-random selection from the projects I’ve worked on. All the software described here is Open Source.


In 2015, I created CueKeeper, a GTD-based action tracker written in OCaml and compiled to Javascript using js_of_ocaml. It uses Irmin to store its data structures in a Git-like repository backed by IndexedDB in your browser, providing history, undo and the ability to keep tabs in sync automatically, without a server

Mirage on ARM

In 2014 I got MirageOS, a library operating system written in OCaml, working on ARM devices. I used this to build a standalone file-queuing VM that could run under Xen - My first unikernel.

Tracing and profiling

In 2014, to help understand how Mirage worked and find performance problems, I instrumented the Lwt promise/threading library to generate trace files and wrote an interactive visualiser for the results:

I created the 0install project in 2003 to provide a secure, distributed, cross-platform package manager. It is now available from the repositories of all major Linux distributions and has been ported to Windows, OS X and the BSDs.

In 2013 I converted 0install from Python to OCaml, learning OCaml along the way.

The SERSCIS Access Modeller

In 2011 I wrote the SERSCIS Access Modeller (SAM). SAM takes a model of a system (e.g. a set of objects within a computer program or a set of machines on a network) and attempts to verify certain security properties about the system, by exploring all the ways access can propagate through the system. This can be used to prove that a design is actually secure (within the model’s assumptions).

Here is a paper about it:

ACM DL Author-ize serviceModelling Access Propagation in Dynamic Systems
Thomas Leonard, Martin Hall-May, Mike Surridge
ACM Transactions on Information and System Security (TISSEC), 2013

The Shared MIME Database

In 2002 I created the shared-mime-info system to unify the then-separate MIME databases used by the GNOME, KDE, XFCE and ROX desktops. It has been adopted by all of them and is now also used by LXDE and EDE. This package is installed by default on all mainstream desktop Linux systems. I am no longer involved with it, however.

The ROX desktop

In 1999 I created the ROX desktop, an alternative desktop environment based on user-interface concepts from RISC OS. Though now largely defunct, some people still use parts of it (including me!):


In 2008 I created an experimental language called Delight. It was based on D, but had a clever new (as I thought) security model. However, I then discovered that I was reinventing E (poorly), so I abandoned Delight and became an E developer instead, improving its performance, fixing some race conditions in its concurrency support and contributing an SQL-injection-attack-free database API to the standard library.