Beyond Traces and Independence

  • Fred B. Schneider
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6875)


The formal methods, fault-tolerance, and cyber-security research communities explore models that differ from each other. The differences frustrate efforts at cross-community collaboration. Moreover, ignorance about these differences means the status quo is likely to persist. This paper discusses two of the key differences: (i) the trace-based semantic foundation for formal methods and (ii) the implicit notions of independence.


Model Checker Formal Method Mutual Exclusion Homomorphic Encryption Trace Property 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alpern, B., Schneider, F.B.: Defining liveness. Information Processing Letters 21(4), 181–185 (1985)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Alpern, B., Schneider, F.B.: Recognizing safety and liveness. Distributed Computing 2(3), 117–126 (1987)CrossRefzbMATHGoogle Scholar
  3. 3.
    Clarkson, M., Schneider, F.B.: Hyperproperties. Journal of Computer Security 18(6), 1157–1210 (2010)CrossRefGoogle Scholar
  4. 4.
    Forrest, S., Somayaji, A., Ackley, D.H.: Building diverse computer systems. In: Proc. 6th Workshop on Hot Topics in Operating Systems, pp. 67–72. IEEE Computer Science Press, Los Alamitos (1997)CrossRefGoogle Scholar
  5. 5.
    Knight, J.C., Leveson, N.G.: An experimental evaluation of the assumption of independence in multiversion programming. IEEE Transactions on Software. Engineering 12(1), 96–109 (1986)CrossRefGoogle Scholar
  6. 6.
    Lamport, L.: Proving the correctness of multiprocess programs. IEEE Transactions on Software Engineering 3(2), 125–143 (1977)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Transactions on Programming Languages 4(3), 382–401 (1982)CrossRefzbMATHGoogle Scholar
  8. 8.
    Randell, B.: On failures and faults. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 18–39. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Roeder, T., Schneider, F.B.: Proactive obfuscation. ACM Transactions on Computing Systems 28(2) (2010)Google Scholar
  10. 10.
    Schneider, F.B.: Implementing fault-tolerant services using the state machine approach: A tutorial. ACM Computing Surveys 22(4), 299–319 (1990)CrossRefGoogle Scholar
  11. 11.
    Xu, J., Kalbarczyk, Z., Iyer, R.K.: Transparent runtime randomization for security. In: Proc. 22nd International Symposium on Reliable Distributed Systems, pp. 260–269. IEEE Computer Science Press, Los Alamitos (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Fred B. Schneider
    • 1
  1. 1.Department of Computer ScienceCornell UniversityIthacaUSA

Personalised recommendations