Researcher · software engineer · open-source contributor

Tanzim Hossain Romel

I study AI agents in real software systems. I want to know what they read, which actions they take, how they recover from failures, and whether their evidence holds up.

My work spans software reliability, agent security, empirical software engineering, program analysis, and developer tools. I also have three years of software and AI engineering experience, building backend services, cloud data workflows, and LLM/RAG features for healthcare analytics.

  • UIUC Block I logoUIUC++ SRSE 2026
  • University of Alberta crestIncoming Alberta M.Sc.
  • BUET logoBUET CSE
  • Dhaka, Bangladesh

Current work

Remote Research Intern, UIUCJune–August 2026

Research CV Email GitHub Scholar

Tanzim Hossain Romel seated outdoors
Researcher · software engineer · systems builder

About

I learn by building

I grew up in Rajshahi and now live in Dhaka. I like work that starts with a research question and ends with something I can run, test, or measure.

That usually means reading papers, tracing failures, building tools, and writing down what actually happened.

Research agenda

Reliable agents in real software systems

My current work falls into six related areas.

  1. 01 · Reliability-agent evaluation

    University of Illinois Block I mark
    Research context · UIUC++ SRSE 2026

    SREGym: AI for SRE and reliability-agent evaluation

    How can we evaluate an SRE agent in a live software environment without mistaking a shallow recovery for a reliable one?

    Through UIUC++ SRSE 2026, I am working on SREGym, a benchmark for evaluating SRE agents in live system environments and real-world reliability problems.

    Status
    Active research · UIUC++ SRSE 2026
    Context
    June–August 2026 · Professor Tianyin Xu and the UIUC systems reliability group
    Verified
  2. 02 · ML ecosystem security

    Methodology overview for the study of remote code execution in machine learning model hosting ecosystems
    Study methodology · five hosting ecosystems

    Remote Code Execution in ML model hosting ecosystems

    What risks emerge when model-hosting platforms load community code and artifacts at ecosystem scale?

    A cross-platform empirical study examines custom model-loading risk across five ML hosting ecosystems, using static analysis, malware-signature scanning, and more than 600 developer discussions.

    Status
    Under review at ICSE 2027
    Context
    With Mohammed Latif Siddiq, Natalie Sekerak, Beatrice Casey, and Joanna C. S. Santos
    Verified
  3. 03 · Agent security

    Conceptual architecture of an agentic AI system with tools, memory, and orchestration
    System context · choices inside an agent workflow

    The Choice Can Be the Attack: auditing aligned backdoors in LLM agents

    Can a trigger steer an agent toward an attacker’s preferred valid choice while its final answer still appears acceptable?

    SHIFT compares matched tasks with and without a known trigger, then asks whether a changed valid choice favors an attacker’s target after accounting for ordinary option quality.

    Status
    Submitted to TACL 2026 · manuscript not public
    Context
    With Chowdhury Rakin Haider · abstract-level summary only
    Verified

    The manuscript is not public; this is an abstract-level summary.

  4. 04 · Coding-agent systems

    Context, retrieval, and auditable repair

    How can coding agents preserve exact session facts, inspect the right files, and leave testable repair evidence?

    ContextLedger measures what survives context compaction, ctxhelm and HelmBench evaluate retrieval efficiency, and PatchSmith records bounded repair runs with sandbox validation and inspectable artifacts.

    Status
    Active systems research
    Context
    ContextLedger · ctxhelm and HelmBench · PatchSmith
    Verified
  5. 05 · Agent memory

    History-aware vibe coding

    Can coding agents preserve architectural intent while developers work through fast natural-language programming loops?

    This emerging direction studies how agents should use commit history, prior edits, repository memory, and design intent without losing the speed of vibe coding.

    Status
    Emerging research direction
    Context
    With Dr. Zhou Yang · University of Alberta and Amii
    Verified
  6. 06 · Multi-agent verification

    VeriSchema: verified database-schema generation

    How can specialized agents generate relational schemas while formal checks and targeted repair keep the result consistent?

    VeriSchema uses agents for entity extraction, relationship mining, normalization, and repair, with Z3 checks and component-level retries for relational consistency.

    Status
    Active research · targeting PVLDB
    Context
    With Dr. Sukarna Barua · BUET
    Verified

Publications and artifacts

Research record

Papers, submissions, and the public artifacts behind them.

  1. 2027

    Cover image for An Empirical Study on Remote Code Execution in Machine Learning Model Hosting Ecosystems

    An Empirical Study on Remote Code Execution in Machine Learning Model Hosting Ecosystems

    Under review at International Conference on Software Engineering (ICSE)

    Large-scale cross-platform security study of roughly 45,000 repositories across five ML model hosting ecosystems, measuring unsafe deserialization, eval injection, malware signals, and recurring developer security misconceptions.

  2. 2026

    The Choice Can Be the Attack: Auditing Aligned Backdoors in LLM Agents

    Submitted to Transactions of the Association for Computational Linguistics (TACL)

    SHIFT tests whether a known trigger changes which valid option an agent chooses, then asks whether that movement favors an attacker's target after accounting for ordinary option quality.

Full publication record

Experience

Research and production engineering

A short account of the work I did and the outcomes I can support.

  1. Remote Research Intern, UIUC

    Remote summer research internship at the University of Illinois Urbana-Champaign through UIUC++ Summer Research in Software Engineering (SRSE) 2026 with Professor Tianyin Xu's group, focused on software and systems reliability research.

    June–August 2026

    • Working on software engineering research with an emphasis on reliable systems and rigorous empirical evaluation
    • Reading systems and software reliability literature, prototyping research ideas, and preparing artifacts for reproducible evaluation

    Software Engineering Research · Systems Reliability · Empirical Evaluation · Reproducibility

  2. Software Development Engineer 1, IQVIA

    Backend engineer on the KPI Library team, building .NET/C# microservices for healthcare analytics workflows over large patient-level datasets. IQVIA (NYSE: IQV) provides analytics, technology solutions, and clinical research services to the life sciences industry, with 74,000+ employees across 100+ countries.

    June 2023–June 2026

    • Built and deployed cloud-native healthcare analytics services with C#/.NET Core and EF Core on AWS (Lambda, EC2, S3, DynamoDB); shipped RESTful APIs used by global pharmaceutical clients
    • Refactored a complex healthcare-analytics filter path into reusable query components, reducing duplicated business rules and improving filtering performance by 70% in the targeted workflow
    • Helped build a LangGraph/LangChain workflow using MCP and RAG to turn analyst prompts into structured dashboard setup, modification, analysis, and export actions
    • Reduced selected complex query execution times by 60% through PostgreSQL query planning, indexing, and materialized views
    70%targeted filtering improvement
    60%selected query-time reduction
    95%export workflow coverage
    35%deployment-time reduction

    C# · .NET Core · EF Core · PostgreSQL · MongoDB · AWS ·...

  3. Full Stack Engineer, Mindshare Bangladesh (Part-time)

    Built an e-commerce aggregator platform that let brands promote products by pulling listings from multiple e-commerce sites across Bangladesh.

    April–November 2021

    • Built a web scraping system with Scrapy that collected product data from about 20 major e-commerce platforms in Bangladesh
    • Deployed and maintained the scraper as a ScrapyRT server on DigitalOcean, enabling real-time extraction via API endpoints
    • Built the backend with Express.js and MongoDB to manage, process, and aggregate product data from the scraper
    • Created APIs for brands to host ads and integrate with the aggregated data

    Python · Scrapy · ScrapyRT · Express.js · Node.js · MongoDB · DigitalOcean ·...

Complete experience

Engineering and open source

Research systems, developer tools, and selected builds

My current agent tools come first. The rest shows the systems and ML work that led to them.

RefactoringMiner MCP

Active RefactoringMiner development with Professor Nikolaos Tsantalis; I helped build MCP access for coding agents and contribute to the JetBrains integration collaboration.

Java · MCP · AST diffs · program analysis

Architecture preview for ctxhelm and HelmBench

ctxhelm and HelmBench

A released Rust context compiler and source-free evaluation harness for testing whether coding agents inspect the right files with less irrelevant reading.

Rust · retrieval · agents · Homebrew release

Architecture preview for ContextLedger

ContextLedger

Typed, provenance-carrying session facts, exact token accounting, and measurable context compaction for long coding-agent runs.

TypeScript · OpenCode · context management

Architecture preview for PatchSmith

PatchSmith

An auditable repair harness with bounded context, structured patch proposals, sandbox validation, trace capture, and inspectable artifact directories.

Python · DeepAgents · software repair

Selected open-source contributions

Curated contribution evidence across EF Core, GenHTTP, deepagents, TypeScript, LangChain, and other developer-tooling repositories.

C# · TypeScript · Python · direct pull-request evidence

Systems and performance builds

1BRC C# on Apple Silicon, a Go database engine, a Go container runtime, a compiler, a ray tracer, TCP Vegas+, and the distributed EventFly platform.

C# · Go · C/C++ · distributed systems

Applied ML and learning builds

Bangla digit recognition from NumPy and OpenCV primitives, BERT-context image captioning, and a mini deep-learning framework with autodiff and tensor operations.

Python · NumPy · NLP · neural networks

All projectsContribution evidence

Education

Education

My academic path, from Rajshahi to BUET and Alberta.

  1. April 2018 - May 2023

    B.Sc in Computer Science and Engineering

    Bangladesh University of Engineering and Technology

    Dean's List Award - Level 2 (outstanding academic performance)

    Notable Courses: Machine Learning, High Performance Database Systems, Fault Tolerant Systems, Data Structure and Algorithms, Operating Systems, Computer Security
  2. 2015 - 2017

    Higher Secondary Certificate (HSC)

    Rajshahi College

    Placed 15th in Rajshahi Board, received Talentpool Scholarship, A+ in all subjects with 96.5% marks in Physics, Chemistry, and Higher Mathematics

Education details

Recognition

Awards and milestones

A few awards and competition results.

2025

IQVIA Impact Program — Silver

Performance, critical issue resolution, and essential feature delivery.

2022

2nd place · Bangla handwritten digit recognition

Second among 120 students; a custom CNN from NumPy and OpenCV primitives reached 95.9% test accuracy.

Level 2

BUET Dean's List

Academic recognition for sophomore-year performance.

2017

National Physics Olympiad prize

National recognition in theoretical and practical physics.

2017

National Chemistry Olympiad prize

National recognition in chemistry alongside the physics award.

2017

Talentpool HSC Scholarship

Merit scholarship after placing 15th in the Rajshahi Education Board.

All achievements

Recent milestones

What changed recently

Recent changes to my research and academic plans.

  1. SHIFT submitted to TACL 2026

    Aligned-backdoor auditing work submitted with Chowdhury Rakin Haider.

  2. ML hosting RCE under review at ICSE 2027

    Cross-platform empirical security study with a public arXiv artifact.

  3. Started UIUC++ SRSE research internship

    Summer research with Professor Tianyin Xu's systems reliability group.

  4. Incoming University of Alberta M.Sc.

    Joining U-A-Goose and Amii under Dr. Zhou Yang.

All news

Collaboration

Collaborate on reliable agent systems

If you are working on software reliability, agent evaluation, security, or developer tools, I would be glad to compare notes or review an artifact.

Email TanzimGitHubScholarLinkedInORCIDCV