Michael Franz is an American computer scientist best known for his pioneering work on just-in-time compilation and optimization and on artificial software diversity. He is a Chancellor's Professor of Computer Science in the Donald Bren School of Information and Computer Sciences at the University of California, Irvine (UCI), a Professor of Electrical Engineering and Computer Science (by courtesy) in the Henry Samueli School of Engineering at UCI, and Director of UCI's Secure Systems and Software Laboratory.
He is a Fellow of the ACM, a Fellow of IEEE, and a recipient of the IEEE Computer Society's Technical Achievement Award. He has graduated 25 Ph.D.s. as primary advisor, published more than 130 peer-reviewed articles, and holds 5 U.S. Patents. He is also a co-founder of Immunant, Inc., a start-up company specializing in software security.
Born and raised in Hamburg, Germany, Franz attended the Christianeum in Hamburg and the Gordonstoun School in Elgin, Scotland and eventually graduated from the Christianeum with an accelerated high school diploma ("vorgezogenes Abitur") ahead of the rest of his class.
After completing military service in Germany, Franz moved to Switzerland to begin studies of computer science at ETH Zurich, finishing his Diplom-Ingenieur degree in 1989. During his undergraduate years, he was President of ETH's Computer Science Students Association.
Declining a Full Fulbright Scholarship that would have funded doctoral studies in the United States, he stayed at ETH and began doctoral studies under the supervision of Turing Award Winner Niklaus Wirth, completing his Doctor of Technical Sciences degree in 1994.
Following two further years at ETH Zurich as a Senior Research Associate and Lecturer, he joined the University of California, Irvine as an Assistant Professor of Computer Science in January 1996. He was promoted to Associate Professor in 2001 and Full Professor in 2006. Since 2007, he has held a second appointment in UCI's School of Engineering, as a Professor of Electrical Engineering and Computer Sciences (by courtesy). In 2016, he was awarded the title Chancellor's Professor.
Franz is well known for pioneering and advancing several research ideas that were quite unconventional when he proposed them and that now seem almost obvious in hindsight.
His doctoral dissertation, entitled "Code Generation On-The-Fly: A Key To Portable Software" proposed to make software portable among different target computer architectures by way of using on-the-fly compilation from a compressed intermediate data structure at load time. Two years later, the Java programming language and system were launched and took this idea mainstream, albeit using the term "just-in-time compilation" instead of the term "on-the-fly compilation" that Franz had used.
More recently, Franz has been one of the main drivers of the "Moving Target Defense" movement for cyber security. He has been pioneering compiler-generated software diversity as a defense mechanism against software attacks, inspired by biodiversity in nature. Imagine an "App Store" containing a diversification engine (a "multicompiler") that automatically generates a unique version of every program for every user. All the different versions of the same program behave in exactly the same way from the perspective of the end-user, but they implement their functionality in subtly different ways. As a result, any specific attack will succeed only on a small fraction of targets. An attacker would require a large number of different attacks and would have no way of knowing a priori which specific attack will succeed on which specific target. Equally importantly, this approach makes it much more difficult for an attacker to generate attack vectors by way of reverse engineering of security patches.
This project has attracted attention beyond academia, with coverage in the popular press ranging from as far as The Economist to Wired Magazine. Franz and some of his students hold a U.S. Patent on some of the underlying ideas.