Software engineering research · coding-agent tooling · healthcare systems

Tanzim Hossain Romel

I'm a software engineer at IQVIA and a software engineering researcher. I build tools for coding agents, healthcare backend systems, and research software for AI/ML security, LLM systems, and empirical software engineering.

I completed my B.Sc. in Computer Science and Engineering at BUET. I will start an M.Sc. in Computing Science at the University of Alberta in September 2026.

Email CV Bio Scholar Github LinkedIn

ML Security 45k-repo ecosystem study

LLM Agents Backdoor auditing research

Systems Healthcare microservices

Open Source RefactoringMiner, EF Core, TypeScript

Current Focus

Right now I am working on The Choice Can Be the Attack, ctxhelm, VeriSchema, RefactoringMiner, and reading Designing Data-Intensive Applications.

I have also been contributing to RefactoringMiner, EF Core, GenHTTP, deepagents, and TypeScript.

News Research & Publications Education Work Projects Skills

Open source activity

GitHub activity: Loading recent merged pull requests...

Recent repositories:deepagents typescript-go RefactoringMiner

News

Feb 2026: Paper submitted to TOSEM 2026. Resubmitted 'An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems' to ACM Transactions on Softw...

Oct 2025: Paper submitted to MSR 2026. Submitted 'An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems' to the Mining Software Reposit...

May 2025: Received IQVIA Impact Program Silver Award. Honored with the IQVIA Impact Program Silver Award for outstanding performance and contributions to the KPI Library t...

View all news

Research & Publications

Selected work I want visitors to notice first. The full research profile and publication archive are linked below.

ML remote code execution research visual

An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems

TOSEM 2026 submission / ML model hosting security

Large-scale study of roughly 45,000 repositories across major ML model hosting ecosystems, measuring unsafe deserialization, eval injection, malware signals, and recurring developer security misconceptions.

The Choice Can Be the Attack: Auditing Aligned Backdoors in LLM Agents

In progress / LLM agents and aligned backdoors

Endpoint-black-box auditing framework for aligned backdoors in LLM agents using counterfactual environments and discrete-choice estimation.

VeriSchema: Multi-Agent Framework for Generating Relational DB Schema & ERD

Database schema generation / multi-agent verification

Multi-agent framework for generating relational database schemas and ER diagrams from requirements, with auto-repair and formal verification.

Patient-Centric Blockchain Framework for EHR Management

Undergraduate thesis / blockchain healthcare

Patient-centric blockchain framework for electronic health records using encrypted off-chain IPFS storage and Ethereum-based access control.

See more research All publications

Education

University of Alberta

M.Sc in Computing Science · Starting September 2026 · Incoming

Starting the M.Sc in Computing Science program in September 2026, with interests in software engineering research, trustworthy AI, distributed systems, and LLM systems. I will be joining the U-A-Goose software engineering group at the...

Bangladesh University of Engineering and Technology

B.Sc in Computer Science and Engineering · April 2018 - May 2023

Dean's List Award - Level 2 (outstanding academic performance) Notable Courses: Machine Learning, High Performance Database Systems, Fault Tolerant Systems, Data Structure and Algorithms, Operating Systems, Computer Security

Rajshahi College

Higher Secondary Certificate (HSC) · 2015 - 2017

Placed 15th in Rajshahi Board, received Talentpool Scholarship, A+ in all subjects with 96.5% marks in Physics, Chemistry, and Higher Mathematics

See more education

Work

Software Development Engineer 1, IQVIA

June 2023 - June 2026

Backend engineer on the KPI Library team, building microservices-based healthcare applications that handle millions of patient records using .NET Core and C#. IQVIA (NYSE: IQV) provides analytics, technology solutions, and clinical research services to the life sciences industry, with 74,000+ employees across 100+ countries.

Full Stack Engineer, Mindshare Bangladesh (Part-time)

Apr 2021 - Nov 2021

Built an e-commerce aggregator platform that let brands promote products by pulling listings from multiple e-commerce sites across Bangladesh.

Full work history

Projects

ctxhelm: Context Compiler

Ongoing Rust project for compiling useful repository context for coding agents. The v1.1.7 public release can inventory a repo, retrieve lexical and symbol matches, include dependency, graph, semantic-provider, memory, and...

Go Container Runtime: Docker from Scratch

Freelance learning project where I am building a small Docker-like runtime in Go. It covers process isolation, namespaces, filesystem setup, container networking, and command-line behavior.

Mini Deep Learning Framework: PyTorch from Scratch

Freelance learning project where I am rebuilding the basic parts of PyTorch: scalar values, tensors, autodiff, neural-network layers, convolutional operators, and simple training loops.

Blockchain-Based Ticketing Platform

Finalist in Blockchain Olympiad Bangladesh (BCOLBD) 2021 with team "Recursively Enumerable". Designed NFT-based ticketing system using ERC-1155 standard. Implemented smart contracts for anti-scalping, dynamic QR codes, and decentralized identity management...

More projects

Skills

Languages & Systems: Rust, C#/.NET Core, C++, Go, Java, Shell

AI & Agents: Python, LangGraph, MCP, RAG, PyTorch, LLM Evaluation

Web & Backend: TypeScript, Node.js/Express, React/Next.js, Microservices, REST APIs, EF Core

Data & Storage: PostgreSQL, MongoDB, SQL Server, Oracle/PLSQL, DynamoDB, SQLAlchemy

Cloud & DevOps: AWS, Docker, Kubernetes, Terraform, GitHub Actions

Security & Research Tooling: CodeQL, Semgrep, Bandit, YARA, Z3, Solidity/Web3