Experience

Google

Software Engineer | Cambridge, MA | October 2023 – Present

Within the Privacy Sandbox, I’ve focused on designing and implementing features for the Private Aggregation API that improve utility while preserving user privacy. On the design side, I’ve written internal design docs, explainer updates, and defined requirements in the API’s specification (relevant commits). Feature implementations live in the Chromium repo (relevant CLs).

• Feature: increase contribution limit to 100 for Protected Audience callers.
• Feature: per-context contribution limits for Shared Storage callers.
• [WIP] Feature: Named Budgets (see preexisting explainer).
• [WIP] Feature: Global contribution limits (see issue #81).
• Received two peer bonuses for self-driven 20% work:
  • Invented an efficient fuzzer for SQLite’s built-in recovery module: https://crrev.com/c/5153917
  • Untangled cookie access logic with algebraic data types: https://crrev.com/c/5178770

Open-source contributions:

• Rclone: Created and maintained the gitannex subcommand.
• [WIP] Clang: Fixed two bugs in Clang’s Thread Safety Analysis (llvm/llvm-project#95290).

zeroRISC Inc.

Software Engineer | Cambridge, MA | April 2023 – September 2023

OpenTitan

• Optimized CRC32 implementation, achieving a 28x speedup.
  • Developed an on-device perftest to measure performance baseline, then rewrote the C implementation with inline assembly instructions from RISC-V’s bitmanip spec (PR #17989). This yielded a 20x speedup.
  • Discovered significant overhead from function calls by inspecting disassembly. Achieved an overall 28x speed improvement by inlining helper functions (PR #18068).
• Audited call sites of sec_mmio functions for improper usage. This mitigated the risk of shipping self-inflicted DoS bugs in the M2.5.1-RC0 release.
  • Developed syntax-level audit tooling with Bazel, Python, and libclang (PR #18719).
• Enabled C/C++ compiler warnings for entire project in 20+ PRs (tracker). This work improved the toolchain’s ability to detect bugs and undefined behavior.
• Added a “chip info” struct at a fixed location in the ROM (PRs #18100 and #18254). This change is intended to aid debugging when the ROM crashes. For instance, if the ROM silently failed on a physical chip, we could dump the chip info via JTAG and determine which Git revision the software came from.
• Developed “ROM_EXT bootstrap” feature, a recovery mode for reprogramming the flash via the SPI interface after manufacturing.
  • Refactored existing ROM bootstrap into a library to enable code reuse (PR #19155).
  • Implemented new ROM_EXT bootstrap with access controls that protect the flash regions that contain ROM_EXT (PR #18929).
  • Wrote a fuzzer that throws SPI commands at the bootstrap library (PR #19194).

Google

Software Engineer | Cambridge, MA | October 2018 – March 2023

OpenTitan

• Developed Python, TCL, and Bazel tooling to splice OTP (one-time programmable memory) images into pre-built FPGA bitstreams (PR #15163). This enabled more comprehensive end-to-end tests and saved >1 hour of build time per test.
• Created infrastructure for JTAG-based end-to-end tests defined with GDB and OpenOCD.
  • Custom Bazel test rule: opentitan_gdb_fpga_cw310_test.
  • Python backend for rule: gdb_test_coordinator.py.
• Used these new splicing and testing capabilities to develop a number of end-to-end tests. A few examples:
  • Test that the ROM initializes watchdog timer (PR #15798).
  • Test that JTAG debugging works in various lifecycle states (PR #16139).
  • Test the configuration of physical memory protection (PR #16169).
• Optimized memory functions and achieved a 1.5-5x speedup (PR #14243).
• Enabled cross-references for C/C++ sources in Codesearch by developing an internal CI pipeline. This improves developer productivity by reducing friction while exploring the codebase. Try it out by clicking on a function or variable in dif_otbn.c.
• Designed and implemented bitstream_bisect.py, a tool that accelerates git bisect (see the design proposal in issue #16406 and implementation in PR #16701). The key insight is that the time spent building bitstreams dominates the time spent running tests. By bisecting only on commits with cached bitstreams, we can run what would be an all-day bisect session in an hour.
• Received a peer bonus for discovering and fixing a subtle build caching bug
  • https://github.com/lowRISC/opentitan/pull/16863
  • https://github.com/lowRISC/opentitan/pull/16893
• Received a peer bonus for various improvements to developer quality-of-life.
  • Created a script that generates clangd-compatible compile_commands.json containing multi-platform compile commands from Bazel: generate_compilation_db.py.
  • Enabled semantic codesearch for the OpenTitan repo at https://cs.opensource.google/opentitan.

Chrome

• Developed prototypes of TLS Encrypted Client Hello (ECH) in BoringSSL. ECH enables clients to encrypt sensitive fields such as the desired server name, which are sent in cleartext by default.
  • Completed C and Go server prototypes for draft 09 in CL 45285.
  • Contributed to ECH’s specification in eight PRs.
  • Added GREASE support for drafts 08 and 09 in CL 40204 and CL 44784. First defined in RFC 8701, GREASE staves off ecosystem ossification by enabling clients to send fake ECH data to servers that do not support it; passive middleboxes cannot tell the difference. Thus, passive adversaries cannot selectively block ECH traffic without blocking GREASEd non-ECH traffic.
  • Implemented backend server for draft 09 in CL 43924.
• Developed prototypes of RFC 9180: Hybrid Public Key Encryption (HPKE) in BoringSSL.
  • Contributed C implementation of draft-irtf-cfrg-hpke-04 in CL 41304.
  • Contributed Go implementation of draft-irtf-cfrg-hpke-05 in CL 42124.
  • Updated C implementation to draft-irtf-cfrg-hpke-05 in CL 42444.
  • Added PSK variants of HPKE in CL 42664.
  • Updated C and Go implementations to draft-irtf-cfrg-hpke-07 CL 44904.
• Contributed to specification for SVCB/HTTPS, a new DNS resource record required for practical deployment of TLS ECH.
  • While HTTPS record specification was in flux, designed and ran a Chrome experiment to study the impact of new resource records on the DNS ecosystem [design doc].
• Added a number of fuzzers, such as robots_rules_parser_fuzzer, content_settings_pattern_parser_fuzzer, and vr_omnibox_formatting_fuzzer.
  • Discovered a bug in Chrome’s URL parser that made it non-idempotent. Filed crbug 1128999 and added an idempotency check to gurl_fuzzer in CL 2414615.
• Hosted an intern who implemented RFC 8914: Extended DNS Errors in Chrome’s net stack.
• Received a peer bonus for large-scale refactor that was required to fix unintuitive behavior in WTF::HashMap::at(): https://crbug.com/1058527
• Received a peer bonus for discovering a non-idempotency in the GURL parser: https://crbug.com/1128999
• Received a peer bonus for implementing DNS padding in the Intra app: https://github.com/Jigsaw-Code/outline-go-tun2socks/pull/39

Draper Laboratory

Software Engineer / Member of Technical Staff | Cambridge, MA | March 2018 – October 2018

• Technical work on DoD projects with a focus on formal methods and cybersecurity.
• Specific topics include formally-verified software, static taint analysis, and fuzzing.
• Audited Adam Chlipala’s Spring 2018 Formal Reasoning about Programs at MIT.

Architecture Technology Corporation

Software Engineer | Ithaca, NY | August 2015 – February 2018

• Cybersecurity R&D for DoD customers and technical proposal writing.
• Authored winning Phase II SBIR proposal for SWARM project and managed development effort.
• Proposal work led to a number of patents.
• Supervised interns developing interactive security coursework.
• Technical work included Linux/FreeBSD kernel hacking and modifying the LLVM compiler.

State University of New York at Buffalo

Adjunct Professor | Buffalo, NY | June 2015 – August 2015

• Taught CSE 305: Introduction to Programming Languages.
  • Developed lectures and coursework teaching a variety of programming paradigms.
  • Focused on Haskell programming language and the Lambda calculus.

Syracuse University

Graduate Teaching Assistant | Syracuse, NY | August 2013 – May 2014

• CIS 252: Introduction to Computer Science (Spring 2014).
  • Graded papers, held office hours, and led two lab sessions per week in Haskell language.
• CIS 275: Discrete Math (Fall 2013).
  • Graded papers, held office hours, and led a weekly recitation.

Metis Consulting Group

Intern & Software Engineer | Syracuse, NY | May 2011 – August 2014

• Responsible for web application development projects, specializing in travel.
• Tech stack included ColdFusion, PHP, Microsoft SQL Server, and JavaScript.

Education

Master of Science | Computer Science and Engineering

State University of New York at Buffalo | Buffalo, NY | 2015

• Contributed to published research on adding real-time capabilities to Standard ML, a functional programming language.

Bachelor of Arts | Computer Science

State University of New York at Geneseo | Geneseo, NY | 2013

• Multiple semesters of Directed Studies focused on Document Image Analysis.
• Presented Stompbox framework for real-time simulation of analog audio effects at GREAT Day (Geneseo Recognizing Excellence, Achievement, and Talent).

Skills

• Languages: C, C++, Rust, Python, Go, Bash. Some experience with RISC-V and X86 assembly. Approximate knowledge of many other languages.
• Version control: Git. Some experience with Mercurial and Perforce.
• Build systems: Bazel, GN, Make. Some experience with CMake.
• Debuggers: GDB and RR.
• Technical writing: DoD proposals and software documentation. Contributed to some IETF specifications.

Patents & Publications

• Daniel McArdle, Judson Powers, Robert A. Joyce (2022-12-06). Self-healing architecture for resilient computing services (US-11522904-B2).
  https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/11522904

• Paul Nicotera, Robert Joyce, Judson Powers, Daniel McArdle (2022-03-15). Systems and methods for used learned representations to determine terrain type (US-11275940-B1).
  https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/11275940

• Daniel McArdle, Judson Powers (2021-05-18). Systems and methods for runtime enforcement of data flow integrity (US-11010495-B1).
  https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/11010495

• Judson Powers, Robert A. Joyce, Daniel McArdle (2019-09-10). Mechanism for concealing application and operation system identity (US-10412116-B1).
  https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10412116

• Judson Powers, Robert A. Joyce, Daniel McArdle (2019-09-10). Application randomization mechanism (US-10412114-B1).
  https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10412114

• Judson Powers, Robert A. Joyce, Daniel McArdle (2019-05-07). Application randomization mechanism (US-10284592-B1).
  https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10284592

• Judson Powers, Robert A. Joyce, Daniel McArdle (2019-02-05). Evaluating results of multiple virtual machines that use application randomization mechanism (US-10200401-B1).
  https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10200401

• Judson Powers, Robert A. Joyce, Daniel McArdle (2019-02-05). Configuration of application randomization mechanism (US-10200406-B1).
  https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10200406

• Judson Powers, Daniel McArdle, Robert A. Joyce (2018-09-18). Late-stage software feature reduction tool for security and performance (US-10078510-B1).
  https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10078510

• Li, Muyuan, Daniel E. McArdle, Jeffrey C. Murphy, Bhargav Shivkumar, and Lukasz Ziarek. “Adding real-time capabilities to a SML compiler.” ACM SIGBED Review 13, no. 2 (2016): 8-13.