User:DaveMKZ1/sandbox

Mehdi Mirakhorli is an American research scientist His research is invested in software and system security. He is a faculty member at the University of Hawaii at Manoa.

His research relates to software assurance^[1]^[2], cybersecurity^[3], resiliency^[4] and software analysis. He has developed techniques based on program analysis, software verification and custom machine learning algorithms to solve software engineering problems in the areas such as software architecture analysis, requirements engineering, software security, software compliance and verification, and source code comprehension.

Mirakhorli's research in the area of Secure by design has led to the development of Common Architectural Weakness Enumeration (CAWE), which are known design and implementation flaws in the security architecture of a system resulting in severe vulnerabilities and security breaches.

His work in the area of Browser security, Plugins, and extensions has resulted in the identification of 16 common vulnerability types and 19 potential mitigations.^[5]

^ Joanna C. S. Santos, Ali Shokri, Mehdi Mirakhorli: Towards Automated Evidence Generation for Rapid and Continuous Software Certification. ISSRE Workshops 2020: 287-294
^ Mehdi Mirakhorli, Jane Cleland-Huang: Tracing architectural concerns in high assurance systems. ICSE 2011: 908-911
^ J. C. S. Santos, K. Tarrit and M. Mirakhorli, "A Catalog of Security Architecture Weaknesses," 2017 IEEE International Conference on Software Architecture Workshops (ICSAW), Gothenburg, 2017, pp. 220-223, doi: 10.1109/ICSAW.2017.25.
^ Joanna C. S. Santos, Selma Suloglu, Joanna Ye, and Mehdi Mirakhorli. 2020. Towards an Automated Approach for Detecting Architectural Weaknesses in Critical Systems. In Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops (ICSEW'20). Association for Computing Machinery, New York, NY, USA, 250–253. DOI:https://doi.org/10.1145/3387940.3392222
^ Santos, Joanna C. S.; Sejfia, Adriana; Corrello, Taylor; Gadenkanahalli, Smruthi; Mirakhorli, Mehdi (2019). "Achilles' Heel of plug-and-Play Software Architectures: A Grounded Theory Based Approach". Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ESEC/FSE 2019. New York, NY, USA: ACM: 671–682. doi:10.1145/3338906.3338969. ISBN 978-1-4503-5572-8. S2CID 199501995.

[1] Joanna C. S. Santos, Ali Shokri, Mehdi Mirakhorli: Towards Automated Evidence Generation for Rapid and Continuous Software Certification. ISSRE Workshops 2020: 287-294

[2] Mehdi Mirakhorli, Jane Cleland-Huang: Tracing architectural concerns in high assurance systems. ICSE 2011: 908-911

[3] J. C. S. Santos, K. Tarrit and M. Mirakhorli, "A Catalog of Security Architecture Weaknesses," 2017 IEEE International Conference on Software Architecture Workshops (ICSAW), Gothenburg, 2017, pp. 220-223, doi: 10.1109/ICSAW.2017.25.

[4] Joanna C. S. Santos, Selma Suloglu, Joanna Ye, and Mehdi Mirakhorli. 2020. Towards an Automated Approach for Detecting Architectural Weaknesses in Critical Systems. In Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops (ICSEW'20). Association for Computing Machinery, New York, NY, USA, 250–253. DOI:https://doi.org/10.1145/3387940.3392222

[5] Santos, Joanna C. S.; Sejfia, Adriana; Corrello, Taylor; Gadenkanahalli, Smruthi; Mirakhorli, Mehdi (2019). "Achilles' Heel of plug-and-Play Software Architectures: A Grounded Theory Based Approach". Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ESEC/FSE 2019. New York, NY, USA: ACM: 671–682. doi:10.1145/3338906.3338969. ISBN 978-1-4503-5572-8. S2CID 199501995.

[1]

[2]

[3]

[4]

[5]