Charles Zhang

Associate Professor, Director of Cybersecurity Laboratory
Department of Computer Science and Engineering (direction)
The Hongkong University of Science and Technology
Room 3516 (lift 25/26) Tel: (852)23586997 Fax: (852)23581477

If you like programming and care about writing more secure programs, send me emails for Post-Doc, PhD, and RA positions.

Highlights

Two PLDI papers accepted, still about static analysis.
Sourcebrella has graduated after 4 years of incredible journey!
Congrats to Qingkai in defending his thesis. He is now Dr. Shi!
Congrats to Gang in defending his thesis. He is now Dr. Fan!
Congratulations to Heqing on his fuzzing work accepted by Oakland!
Jeff is now a tenured professor at TAMU!
Congratulations to Qingkai on his double ICSE acceptances!
Congratulations to Rongxin Wu for joining the CS faculty of Xiamen University!
Congratulations to Gang for winning the Distinguished Paper Award on finding memory leaks over large scale software at ICSE 2019!
Congratulations to Qirun Zhang for joining Georgia Tech CS as an assistant professor!
The Pinpoint paper has been accepted by PLDI 2018. You can play with this simple online version.

Research
My general reseach interest centers around the use of both static and dynamic programm analysis techniques for making complex software systems more secure and reliable.

The 10-million LOC static analysis statement: "to achieve all-sensitive precision and sublinear scalability while SIMULTANEOUSLY addressing the DORA requirements : source code is largely unavailable(Dark code); need to be open for defining new properties to analyze through APIs and DSLs (Open); need to understand reactive control flow (Reactive) introduced by frameworks and infrastructures, such as containers; analysis can be carried out across different time and space (Asynchronous).

Recent Papers

Yuandao Cai, Peisen Yao, and Charles Zhang. Canary: Practical Static Detection of Inter-Thread Value-Flow Bugs. In PLDI 2021: The 42nd ACM SIGPLAN Conference on Programming Language Design and Implementation, June 20-25, Virtual, UK, https://doi.org/10.1145/3453483.3454099
Qingkai Shi, Peisen Yao, Rongxin Wu, and Charles Zhang. Path-Sensitive Sparse Analysis without Path Conditions. In PLDI 2021: The 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation , June 20-25, 2021, Virtual, https://doi.org/10.1145/3453483.3454086
Peisen Yao, Qingkai Shi, Heqing Huang, Charles Zhang Fast Bit-Vector Satisfiability In ISSTA 2020: The 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, 18-22 July, 2020
Gang Fan, Chengpeng Wang, Rongxin Wu, Qingkai Shi, Charles Zhang Escaping Dependency Hell: Finding Build Dependency Errors with the Unified Dependency Graph In ISSTA 2020:The 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, 18-22 July, 2020
Heqing Huang, Peisen Yao, Rongxin Wu, Charles Zhang Pangolin: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction In IEEE S&P:: Proceedings of the 41st IEEE Symposium on Security and Privacy, San Francisco, USA, May, 2020.
Qingkai Shi, Charles Zhang, Pipelining Bottom-up Data Flow Analysis, In ICSE 2020: The 42nd ACM/IEEE International Conference on Software Engineering, Seoul, Korea, May, 2020
Qingkai Shi, Rongxin Wu, Gang Fan, Charles Zhang, Conquering the Extensional Scalability Problem for Value-Flow Analysis Frameworks In ICSE 2020:The 42nd ACM/IEEE International Conference on Software Engineering, Seoul, Korea, May, 2020
(ICSE Distinguished Paper) Gang Fan, Rongxin Wu, Qingkai Shi, Xiao Xiao, Jinguo Zhou, Charles Zhang SMOKE: Scalable Path-Sensitive Memory Leak Detection for Millions of Lines of Code In ICSE 2019: The 41st International Conference on Software Engineering, Montreal, Canada, May, 2019.
Qingkai Shi, Xiao Xiao, Rongxin Wu, Jinguo Zhou, Fan Gang and Charles Zhang Pinpoint: Fast and Precise Sparse Value Flow Analysis for Million Lines of Code. In PLDI 2018: the 39th annual ACM SIGPLAN conference on Programming Language Design and Implementation. Philadelphia, USA, June, 2018

View all publications

Students

I am fortunate to work with the following students:
In progress:
Yikun Hu (Post-Doc), Wensheng Tang (Ph.D), Yongchao Wang (Ph.D), Peisen Yao (Ph.D), Yiyuan Guo (Ph.D), Yushan Zhang (Ph.D), Chengpeng Wang, Yuandao Cai, Maryam Masoudian. Heqing Huang (Ph.D), Anshunkang Zhou(Ph.D), Hao Ling(Ph.D), Lingjie Huang (M.Phil), Kexin Ma (M.Phil)
Alumni with last known employment:

Qingkai Shi (Ph.D), Ant Financial
Gang Fan (Ph.D) , Staff Engineer, SourceBrella Inc., now at Ant Financial
Rongxin Wu (Post-Doc), Associate Professor, Xiamen University
Yepang Liu (Post-Doc), Assistant Professor, SUSTech
Richard Xiao (Ph.D, Post-Doc), SourceBrella Inc. (Founder, CEO), now at Ant Financial
Jinguo(Andy) Zhou (Post-Doc), SourceBrella Inc. (Co-Founder), now at Ant Financial
Qirun Zhang (Post Doc) Assistant Professor, Georgia Tech
Peng Liu (Ph.D), Researcher, IBM T.J.Watson Research Lab
Jeff Huang (Ph.D), Assitant Professor, Texas A&M University
Bin Xu (M.Phil) Software Engineer, Facebook
Fan Yu(M.Phil), Software Engineer, Pinduoduo.

Teaching

COMP4111: Software Engineering Practices
COMP3021: Java Programming (Fall 2015, Spring 2014; Spring, 2013; Spring 2012)
COMP5111: Fundamentals of Software Analysis (Spring 2014; Spring, 2013; Spring 2011; Fall, 2009; Fall, 2008)
COMP3111: Introduction to Software Engineerings (Fall, 2014;Fall, 2011;Fall, 2010; Spring, 2010,Spring 2009)
COMP610: Topics in Engineering Enterprise Middleware Platforms. (Spring, 2009)

Professional Activities

Editorial Services
IEEE TSE: Associate Editor
Program Committee Services
ASE: 2018 (TPC),   2016(Demo),    2013 (TPC)
ECOOP:    2016(ERC)
FSE: 2019 (TPC),    2014 (TPC, DS, SRC)     2012 (TPC, NIER)
ICSE: 2014 (TPC)     2012 (Demo, SRC)     2009 (Demo)
ISSTA:    2014 (TPC)     2012 (TPC)
OOPSLA:     2015 (TPC)    2014 (ERC)     2012 (ERC)     2011 (TPC)
VMCAI:    2018(PC)
Chairs
ISSTA:    2019 (Doctoral Symposium Co-Chair)
ICSE:    2017 (SRC Co-Chair)
ICSE:    2016 (Proceedings Chair)
PLDI:    2012 (Pacific Publicity Chair)
AOSD:    2013 (Demo Chair)
APSEC:   2012 (Postgraduate Symposium Chair)
InternetWare: 2014 (Co-Chair)

Group Activities

Group hiking of HKUST hills pic1 pic2 pic3 pic4 pic5
Group Photos at HKUST or anywhere else pic1
Santa Fe, New Mexico, USA (FSE 2010) pic1 pic2 pic3 pic4 pic5
Honolulu, Hawaii, USA (ICSE 2011) pic1 pic2 pic3 pic4 pic5 pic6 pic7 pic8
Toronto, Ontario, Canada (ISSTA 2011) pic1 pic2 pic3 pic4 pic5 pic6 pic7
Venice, Italy, (SAS 2011) pic1 pic2 pic3 pic4 pic5

Bio

Charles Zhang is an Associate Professor and the director of the Cybersecurity Lab in the Department of Computer Science and Engineering, HKUST. His major research interest is the use of program analysis techniques to improve software reliability. He has published extensively at premium conferences and journals of programming languages and software engineering. He has served as an associate editor of IEEE TSE, in addition to numerous organizational and technical committees of international conferences. His research received many awards including the ICSE distinguished paper award, the PLDI distinguished paper award, the ACM SIGSOFT Doctoral Dissertation Award, and IBM PhD fellowships. Dr. Zhang has also assumed numerous industrial roles, most noteworthy the software engineer at Motorola Inc, expert advisor to Huawei Inc, and expert security panelist of the Hong Kong Monetary Authority. He successfully co-founded and served as the chairman of Sourcebrella Inc, a static analysis tool vendor. His research is supported by Research Grant Council, Innovation and Technology Fund, and grants from Huawei, TCL, Microsoft and IBM. Charles obtained his Ph.D, M.Sc, and B.Sc. with honours, all from University of Toronto.