About
Know Me More
I am Sabbir Muhammad Saleh, a software engineering and cybersecurity researcher.
I am a PhD Candidate in Computer Science at Western University. My research focuses on security, privacy, and trust in modern software and AI-driven systems, with emphasis on anomaly detection, cloud security, CI/CD pipelines, DevSecOps, operational assurance, and trustworthy computing.
My work examines how security requirements, pipeline activities, cloud deployment events, vulnerability signals, and operational traces can be transformed into explainable and tamper-evident evidence across the software delivery lifecycle.
I have taught computing courses in Canada and Bangladesh, including programming, software design, software engineering, data analytics, network technologies, and project-based courses. I have also contributed to graduate and undergraduate supervision, curriculum development, and academic service.
- Name: Sabbir Muhammad Saleh
- Email: ssaleh47@uwo.ca
- Location: London, Ontario, Canada
- From: Dhaka, Bangladesh
- Affiliation: Department of Computer Science, Western University
- ORCID: 0000-0001-9944-2615
Research
What I Do
Secure CI/CD and DevSecOps
Embedding security controls, vulnerability checks, and assurance evidence across source, build, test, package, deploy, and runtime stages.
Software Supply-Chain Security
Studying risks from dependencies, build systems, artefact registries, cloud deployment workflows, and third-party CI/CD integrations.
Tamper-Evident Evidence
Designing blockchain-inspired and cryptographic evidence mechanisms that record compact commitments while keeping raw logs off-chain.
AI and NLP for Security Logs
Using topic modelling, anomaly detection, and log intelligence to extract security-relevant signals from fragmented pipeline and cloud telemetry.
Cloud-Native Security
Analysing cloud platforms, containers, Kubernetes-based workflows, deployment automation, and operational evidence generation.
Requirements-to-Evidence Traceability
Linking security requirements to pipeline activities and runtime evidence so assurance claims remain auditable and explainable.
Resource allocation and optimisation methods for security-aware CI/CD pipelines.
CNN-LSTM and decision-support methods for cloud security analytics.
Topic modelling and optimisation-based alert scoring for CI/CD logs.
Outputs
Selected Publications
Research Works and Selected Publications
The following selected publications stem from my PhD research and have accumulated 92 citations as of June 16, 2026.
- Saleh, Sabbir M., Nazim Madhavji and John Steinbacher, (2024). A Systematic Literature Review on Continuous Integration and Deployment (CI/CD) for Secure Cloud Computing. In Proceedings of the 20th International Conference on Web Information Systems and Technologies, Volume 1: WEBIST; ISBN 978-989-758-718-4, SciTePress, pages 331-341. [DOI]
- Saleh, Sabbir M., Nazim Madhavji and John Steinbacher, (2024). Blockchain for Securing CI/CD Pipeline: A Review on Tools, Frameworks, and Challenges. 2024 7th Conference on Cloud and Internet of Things (CIoT), Montreal, QC, Canada, pp. 1-5. [DOI]
- Saleh, Sabbir M., Ibrahim Mohammed Sayem, Nazim Madhavji and John Steinbacher. (2024). Advancing Software Security and Reliability in Cloud Platforms through AI-based Anomaly Detection. In Proceedings of the 2024 Cloud Computing Security Workshop (CCSW '24), co-located with the ACM Conference on Computer and Communications Security (CCS), October 14-18, 2024, Salt Lake City, UT, USA. ACM, New York, NY, USA, 10 pages. [DOI]
- Saleh, Sabbir M., Nazim Madhavji and John Steinbacher, (2024). Enhancing Cloud Security Through Topic Modelling. 2024 28th ACIS International Winter Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD-Winter), Taichung, Taiwan, December 04-06, 2024, pp. 65-71. [DOI]
- Saleh, Sabbir M., Nazim Madhavji and John Steinbacher, (2025). Towards a Blockchain-Based CI/CD Framework to Enhance Security in Cloud Environments. 2025 20th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE), April 04-06, 2025. Technically co-sponsored by IEEE. [DOI]
- Saleh, Sabbir M., (2025). DevSecLogs: AI-Powered, Tamper-Evident Log Intelligence for Secure CI/CD Pipelines. 2025 IEEE International Conference on Software Maintenance and Evolution (ICSME), Auckland, New Zealand, September 07-12, 2025, pp. 890-894. [DOI]
- Saleh, Sabbir M., Nazim Madhavji and John Steinbacher, (2025). Toward Stage-Aware Container Security in CI/CD: A Practical Review. International Conference on Systems Engineering 2025, October 27-28, 2025, Warsaw, Poland. In press.
- Saleh, Sabbir M., Md. Nafiz Al Ifat, Nazim Madhavji and John Steinbacher, (2025). A Threat-Oriented Study of API Security Challenges in CI/CD Pipelines. 2025 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Shenzhen, China, pp. 1-8. [DOI]
- Saleh, Sabbir M., Md. Nafiz Al Ifat, Nazim H. Madhavji, and John Steinbacher. (2026). A Defence-Oriented Study of API Security in CI/CD Pipelines. In Proceedings of the 2025 10th International Conference on Cloud Computing and Internet of Things (CCIOT '25). Association for Computing Machinery, New York, NY, USA, 33-42. [DOI]
- Saleh, Sabbir M., Nazim H. Madhavji, and John Steinbacher. (2026). Systematic Review of Identity-Centric Security in Cloud-Native CI/CD Pipelines. In Proceedings of the 2025 10th International Conference on Cloud Computing and Internet of Things (CCIOT '25). Association for Computing Machinery, New York, NY, USA, 23-32. [DOI]
- Saleh, Sabbir M., Nazim H. Madhavji, and John Steinbacher. (2026). A Stage-Aware Requirements-to-Evidence Framework for Secure CI/CD Pipelines. Thirteenth International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE '26), 2026 IEEE 33rd International Requirements Engineering Conference Workshops (REW), Montreal, Canada. Accepted.
Teaching
Experience
Lecturer, Limited Duties
Taught Game Development Project at the 4000 level and Programming for Engineers in Python at the graduate level.
Professor, Part-Time
Taught Python programming, software design patterns, and network enterprise technologies and fundamentals.
Graduate Teaching Assistant
Supported courses in software requirements engineering, software tools, information systems, object-oriented design, data analytics, and software architecture.
Assistant Professor and Department Coordinator
Taught undergraduate CSE courses, supervised projects, coordinated academic activities, and contributed to outcome-based curriculum work.
Lecturer and Department Coordinator
Prepared course materials, delivered lectures and labs, advised students, and contributed to syllabus and programme coordination.
Computer Instructor
Taught computer fundamentals to more than 150 high-school students.
Service
Academic Service
- PC Member, IEEE ICSME 2026 Tool Demonstration and Data Showcase Track.
- Reviewer for IEEE TCSS, Information and Software Technology, IEEE Access, IEEE Internet of Things Journal, IJITWE, and IJSI.
- Reviewer for REFSQ, ACDSA, ICRAIE, IEEE RE, IEEE IHTC, ICCA, ENASE, SEAA, and related venues.
- Editorial Board Member, Bangladesh Journal of Public Health and International Journal of Information Technology and Web Engineering.
- Senate Member, Graduate Student Constituency, Western University Secretariat, 2024 to 2025.
- SOGS Councillor, Department of Computer Science, Western University, 2021 to 2022.
- Member of SOGS committees including Subsidies, Academic, IGSIC, and GSIC.
- President and Assistant General Secretary, AIUB Oratory Club.
Contact
Get in Touch
Address
Department of Computer Science, Western University, London, Ontario, Canada
Academic profiles
For the latest publication metadata and citation count, please use the Google Scholar profile.