References

[AFKT03] A. Aiken, J.S. Foster, J. Kodumal and T. Terauchi. Checking and Inferring Local Non- Aliasing. ACM SIGPLAN Conf. on Programming Language Design and Implementation. San Diego, California. June 2003.
[AND03] R. Anderson. Cryptography and competition policy---Issues with "trusted computing". Proc. of the 2nd Annual Workshop on Economics and Information Security, May 2003.
[AR02] M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption. J. Cryptology, 15(2):103-127, 2002.
[AT02] S. Adireddy and L. Tong, "Exploiting Decentralized Channel State Information for Random Access" Submitted to IEEE Transactions on Information Theory, November, 2002.
[BBDDKZS02] R. Barr, J.C. Bicket, D.S. Dantas, B. Du, T.W.D. Kim, B. Zhou and E.G. Sirer. On the Need for System-Level Support for Ad hoc and Sensor Networks. Operating Systems Review, ACM, 36(2):1-5, April 2002.
[BCH03] K.P. Birman, J. Chen, K. Hopkinson, R. Thomas, J. Thorp, R. van Renesse and W. Vogels Overcoming Communications Challenges in Software for Monitoring and Controlling Power Systems. Submitted to Proc. of the IEEE, Special Issue on Energy Protection Systems. Sept. 2003.
[BHO99] K.P. Birman, M. Hayden, O. Ozkasap, Z. Xiao, M. Budiu and Y. Minsky. Bimodal Multicast. ACM Transactions on Computer Systems, Vol. 17, No. 2, pp 41-88, May, 1999.
[a name="BP04">BP*04] A. Bavier, L. Peterson, M. Wawrzoniak, S. Karlin, T. Spalink, T. Roscoe, D. Culler, B. Chun and M. Bowman. Operating Systems Support for Planetary-Scale Network Services. 1st Symp. on Network Systems Design and Implementation. Mar. 2004.
[BP03] M. Backes and B. Pfitzmann. A cryptographically sound security proof of the Needham- Schroeder-Lowe public-key protocol. 23rd Conf. Foundations of Software Technology and Theoretical Computer Science, 2003.
[BV96] K. Birman and R. van Renesse. Software for Reliable Networks. Scientific American, May 1996, 274(5): 64-69.
[BVW01] K.P. Birman, R. van Renesse and W. Vogels. Spinglass: Secure and Scalable Communications Tools for Mission-Critical Computing. International Survivability Conf. and Expo. DARPA DISCEX-2001, Anaheim, CA, June 2001.
[BWBF03] B. Krishnamachari, S. Wicker, R. Bejar and C. Fernandez. On the Complexity of Distributed Self-Configuration in Wireless Networks. To appear in Telecommunication Systems, Special Issue on Wireless Networks and Mobile Computing, Eds. I. Stojmenovic and S. Olariu, 2003.
[Bir00] K.P. Birman. Next Generation Internet: Unsafe at Any Speed? IEEE Computer, Special Issue on Infrastructure Protection, Vol. 33, No 8, pp54-88. August 2000.
[Bir99] K.P. Birman. A Review of Experiences with Reliable Multicast. Software Practice and Experience 29(9), (July 1999) 741-774
[CHB02] D.V. Coury, K.M. Hopkinson and K.P. Birman. An Agent Based Current Differential Relay for use with a Utility Intranet. IEEE Transactions on Power Delivery, Jan. 22, 2002, Vol. 17, No. 1, pp. 47-53.

[CIK01] R. Canetti, Y. Ishai, R. Kumar, M.K. Reiter, R. Rubinfeld and R.N. Wright. Selective private function evaluation with applications to private statistics. Proc. of the 20th ACM Symp. on Principles of Distributed Computing, August 2001.
[CKRT03a] Y. Chevalier, R. Kuesters, M. Rusinowitch and M. Turuani. An np decision procedure for protocol insecurity with xor. In LICS 2003, 2003.
[CKRT03b] Y. Chevalier, R. Kuesters, M. Rusinowitch and M. Turuani. Deciding the security of protocols with diffie-hellman exponentiation and products in exponents. 23rd Conf. Foundations of Software Technology and Theoretical Computer Science, 2003.
[CP03] H. Chan and A. Perrig. Security and Privacy in Sensor Networks. IEEE Computer Magazine, Oct. 2003. pp. 99-101.
[CP04] H. Chan and A. Perrig. ACE: An Emergent Algorithm for Highly Uniform Cluster Formation. European Workshop on Wireless Sensor Networks (EWSN 2004), January 2004.
[CPS03] H. Chan, A. Perrig and D. Song. Random Key Predistribution Schemes for Sensor Networks IEEE Symp. on Security and Privacy 2003.
[CS03] H. Comon-Lundh and V. Shmatikov. Constraint solving and insecurity decision in presence of exclusive or. Proc. 18th Annual IEEE Symp. on Logic in Computer Science (LICS '03), 2003.
[CSK02] W. Cui, I. Stoica and R.H. Katz. Backup Path Allocation Based on a Correlated Link Failure Probability Model in Overlay Networks. Proc. of ICNP'02, Paris, France, November 2002, pp. 236- 245.
[DP00] R. Dhamija and A. Perrig. DÈj Vu: A User Study Using Images for Authentication. Proc. of 9th USENIX Security Symp., August 2000.
[DSSK98] J. Davis, J. Scott, J. Sztipanovits, G. Karsai and M. Martinez. Integrated Analysis Environment for High Impact Systems. Proc. of the ECBS-98 Conf., Jerusalem, Israel, pp. 218-225
[ECPS02] D. Estrin, D. Culler, K. Pister and G. Sukhatme. Connecting the Physical World with Pervasive Networks. IEEE Pervasive Computing, January-March 2002 (Vol. 1, No. 1) P 59-69
[EGS03] A. Evfimievski, J.E. Gehrke and R. Srikant. Limiting Privacy Breaches in Privacy Preserving Data Mining. To appear in Proc. of the 22nd ACM SIGACT-SIGMOD-SIGART Symp. on Principles of Database Systems (PODS 2003). San Diego, CA, June 2003.
[ESAG02] A. Evfimievski, R. Srikant, R. Agrawal and J.E. Gehrke. Privacy Preserving Mining of Association Rules. In Proc. of the Eighth ACM SIGKDD International Conf. on Knowledge Discovery and Data Mining. Edmonton, Alberta, Canada, July 2002.
[FTA02] J.S. Foster, T. Terauchi and A. Aiken. Flow-Sensitive Type Qualifiers. ACM SIGPLAN Conf. on Programming Language Design and Implementation (PLDI'02), pages 1-12. Berlin, Germany. June 2002.
[GBL03] I. Gupta, K.P. Birman, P. Linga, Al Demers and Robbert van Renesse. Kelips: Building an Efficient and Stable P2P DHT Through Increased Memory and Background Overhead. 2nd Annual Workshop on Peer-to-Peer Systems (IWP2P 03), Oakland, California. (Feb. 2003)
[GLB03] I. Gupta, P. Linga and K.P. Birman. A Churn-Resistant Peer-to-Peer Web Caching System. 2003 ACM Workshop on Survivable and Self-Regenerative Systems (CCS-10), George Mason Univ., Fairfax, VA, Oct. 31 2003.
[GSNGW03] A. Gokhale, D.C. Schmidt, B. Natarajan, J. Gray and N. Wang. Model Driven Middleware. Middleware for Communications, Edited by Q. Mahmoud, Wiley and Sons, 2003.
[HC02] J. Hill and D. Culler. Mica: A Wireless Platform for Deeply Embedded Networks. IEEE Micro., Vol. 22(6), Nov/Dec 2002, pp 12-24.
[Herz03] J. Herzog. The Diffie-Hellman key-agreement scheme in the strand-space model. IEEE Computer Science Foundation Workshop (CFSW 2003), Pacific Grove, California, 2003.
[IK03] R. Impagliazzo and B.M. Kapron. Logics for reasoning about cryptographic constructions. 2003.
[ISAT02] Security with Privacy. ISAT DARPA study. Available at http://www.darpa.mil/iao/secpriv.pdf
[JB01] K. Jenkins and K.P. Birman. A Gossip Protocol for Subgroup Multicast. International Workshop on Applied Reliable Group Communication (WARGC 2001), Phoenix, Arizona, April 2001.
[KASS03] G. Karsai, A. Agarwal, F. Shi, J. Sprinkle. On the Use of Graph Transformation in the Formal Specification of Model Interpreters. Journal of Universal Computer Science, Volume 9, Issue 11, 2003.
[KASS03] G. Karsai, A. Agarwal, F. Shi, J. Sprinkle. On the Use of Graph Transformation in the Formal Specification of Model Interpreters. Journal of Universal Computer Science, Volume 9, Issue 11, 2003.
[KLNS00] G. Karsai, G. Nordstrom, A. Ledeczi and J. Sztipanovits. Specifying Graphical Modeling Systems Using Constraint-based Metamodels. IEEE Symp. on Computer Aided Control System Design, Conf. CD-Rom, Anchorage, Alaska, September 25, 2000.
[KLNS00] G. Karsai, G. Nordstrom, A. Ledeczi and J. Sztipanovits. Specifying Graphical Modeling Systems Using Constraint-based Metamodels. IEEE Symp. on Computer Aided Control System Design, Conf. CD-Rom, Anchorage, Alaska, September 25, 2000.
[KMLGS04] G. Karsai, M. Maroti, A.LÈdeczi, J. Gray and J. Sztipanovits. Composition and Cloning in Modeling and Meta-Modeling. IEEE Transactions on Control System Technology (special issue on Computer Automated Multi-Paradigm Modeling), in press.
[KMS02] B. Krishnamachari, Y. Mourtada and S. Wicker. The Energy-Robustness Tradeoff for Real- Time Information Routing in Wireless Sensor Networks. Submitted to the Special Issue of Elsevier Computer Networks on Wireless Sensor Networks, October 2002.
[KSLB03] G. Karsai, J. Sztipanovits, A. Ledeczi and T. Bapty. Model-Integrated Development of Embedded Software. Proc. of the IEEE, Vol. 91, No.1., pp. 145-164, January, 2003
[KSLB03] G. Karsai, J. Sztipanovits, A. Ledeczi and T. Bapty. Model-Integrated Development of Embedded Software. Proc. of the IEEE, Vol. 91, No.1., pp. 145-164, January, 2003
[KSLB03] G. Karsai, J. Sztipanovits, A. Ledeczi and T. Bapty. Model-Integrated Development of Embedded Software. Proc. of the IEEE, Vol. 91, No.1., pp. 145-164, January, 2003
[KW03] C. Karlof and D. Wagner. Secure Routing in Sensor Networks: Attacks and Countermeasures. To appear in Elsevier's AdHoc Networks journal, Special Issue on Sensor Network Applications and Protocols. [Also appeared in First IEEE International Workshop on Sensor Network Protocols and Applications, May 11, 2003.]
[LBSK01] A. Ledeczi, A. Bakay, M. Maroti., P. Volgyesi, G. Nordstrom, J. Sprinkle and G. Karsai. Composing Domain-Specific Design Environments. Computer, pp. 44-51, November, 2001.
[LBSK01] A. Ledeczi, A. Bakay, M. Maroti., P. Volgyesi, G. Nordstrom, J. Sprinkle and G. Karsai. Composing Domain-Specific Design Environments. Computer, pp. 44-51, November, 2001.
[LBSK01] A. Ledeczi, A. Bakay, M. Maroti., P. Volgyesi, G. Nordstrom, J. Sprinkle and G. Karsai. Composing Domain-Specific Design Environments. Computer, pp. 44-51, November, 2001.
[LKV99] X. Liu, C. Kreitz, R. van Renesse, J. Hickey, M. Hayden, K.P. Birman and R. Constable Building Reliable, High-Performance Communication Systems from Components. Proc. of the 17th ACM Symp. on Operating System Principles, Kiawah Island Resort, SC, December 1999.
[LMGP04] P. Levis, S. Madden, D. Gay, J. Polastre, R. Szewczyk, A. Woo, E. Brewer and D. Culler. The Emergence of Networking Abstractions and Techniques in TinyOS. 1st Symp. on Network Systems Design and Implementation, Mar. 2004.
[LMMS98] P.D. Lincoln, J.C. Mitchell, M. Mitchell and A. Scedrov. A probabilistic poly-time framework for protocol analysis. ACM Conf. Computer and Communication Security, 1998.
[LMMS99] P.D. Lincoln, J.C. Mitchell, M. Mitchell and A. Scedrov. Probabilistic polynomial-time equivalence and security analysis. FM'99 - Formal Methods World Congress on Formal Methods in the Development of Computing Systems, pages 776-793, 1999.
[MMS02] J.C. Mitchell, M. Mitchell and U. Stern. Automated Analysis of Cryptographic Protocols Using Murphi. IEEE Symp. Security and Privacy, Oakland, 1997, pages 141-153.
[MMS03] P. Mateus, J.C. Mitchell and A. Scedrov. Composition of cryptographic protocols in a probabilistic polynomial-time process calculus. 14th Int. Conf. on Concurrency Theory, 2003.
[MMS99] J.C. Mitchell, M. Mitchell and A. Scedrov. A linguistic characterization of bounded oracle computation and probabilistic polynomial time. IEEE Symp. Foundations of Computer Science, 1998.
[MR01] P. MacKenzie and M.K. Reiter. Networked cryptographic devices resilient to capture. Proc. of the 2001 IEEE Symp. on Security and Privacy, pages 12-25, May 2001.
[MRLLS02] F. Monrose, M.K. Reiter, Q. Li, D.P. Lopresti and C. Shih. Toward speech-generated cryptographic keys on resource constrained devices. Proc. of the 11th USENIX Security Symp., pages 283-296, Aug. 2002.
[MRW02] F. Monrose, M.K. Reiter and S.G. Wetzel. Password hardening based on keystroke dynamics. International Journal on Information Security 1(2):69-83, February 2002.
[MS03] J. Millen and V. Shmatikov. Symbolic protocol analysis with products and Diffie-Hellman exponentiation. Proc. {IEEE] Computer Science Foundation Workshop (CFSW 2003), Pacific Grove, California, 2003.
[MSE04] P. Mosterman, J. Sztipanovits and S. Engell. Computer-Automated Multi-Paradigm Modeling in Control Systems technology. IEEE Transactions on Control System Technology, April 200
[MW03] A.B. MacKenzie and S.B. Wicker. Game-Theoretic Approaches to Distributed Power Control in CDMA Wireless Data Networks. ACM/Baltzer Wireless Networks, to appear.
[MZT03] G. Mergen, Q. Zhao and L. Tong. Sensor Networks with Mobile Agents: Energy and Capacity Considerations. Submitted to the IEEE J. on Selected Areas in Communications: Special Issue on Sensor Networks, July, 2003.
[NEU95] P.G. Neumann. Computer Related Risks, ACM Press, New York, 1995. North American Electric Reliability Council Disturbances Analysis Working Group, Database. Available online: http://www.nerc.com/dawg/database.html.
[PACR02] L. Peterson, T. Anderson, D. Culler and T. Roscoe. A Blueprint for Introducing Disruptive Technology into the Internet. Proc. of the 1st Workshop on Hot Topics in Networks (HotNets-I), Princeton, New Jersey, USA, October 2002.
[PS00a] A. Perrig and D. Song. A First Step towards the Automatic Generation of Security Protocols. Network and Distributed System Security Symposium (NDSS 2000), pages 73-84, February 2000.
[PS00b] A. Perrig and D. Song. Looking for Diamonds in the Desert - Extending Automatic Protocol Generation to Three-Party Authentication and Key Agreement Protocols. In Proceedings of Computer Security Foundations Workshop, CSFW 13, July 2000.
[PSC03] I. Pyarali, D.C. Schmidt and R Cytron. Techniques for Enhancing Real-time CORBA Quality of Service. IEEE Proc. Special Issue on Real-time Systems, Vol. 91, No. 7, July 2003.
[PSC03] I. Pyarali, D.C. Schmidt and R Cytron. Techniques for Enhancing Real-time CORBA Quality of Service. IEEE Proc. Special Issue on Real-time Systems, Vol. 91, No. 7, July 2003.
[PSP03] B. Przydatek, D. Song and A. Perrig. SIA: Secure Information Aggregation in Sensor Networks. ACM SenSys 2003. Nov. 5-7, 2003.
[PSWCT02] A. Perrig, R. Szewczyk, V. Wen, D. Culler and J.D. Tygar. SPINS: Security Protocols for Sensor Networks. Journal of Wireless Networks, 8(5), pages 521-534, September 2002.
[RHCJ02] S.J. Ross, J.L. Hill, M.Y. Chen, A.D. Joseph, D.E. Culler and E.A. Brewer: A Composable Framework for Secure Multi-Modal Access to Internet Services from Post-PC Devices. MONET 7(5): 389-406 (2002).
[RS04] V. Ramasubramanian and E.G. Sirer. Beehive: Exploiting Power Law Query Distributions for O(1) Lookup Performance in Peer to Peer Overlays. To appear Proc. of Networked System Design and Implementation, May 2004.
[SK02] J. Sztipanovits and G. Karsai. Generative Programming for Embedded Systems, in Generative Programming and Component Engineering, LNCS 2787 pp. 32-49, Springer 2002
[SK97] J. Sztipanovits and G. Karsai. Model-Integrated Computing. IEEE Computer, V.30. pp. 110-112, April, 1997
[SSBG03] S. Sastry, J. Sztipanovits, R. Bajcsy and H. Gill. Model-Based Design of Embedded Systems: Scanning the Issue. Proc. of the IEEE, Vol. 91, No.1., pp. 4-10, January, 2003
[SSS03] S. Sastry, J. Stankovic and J. Sztipanovits. New Vistas in CIP Research and Development: Secure Networked Embedded Systems. Report of the NSF/OSTP Workshop on Innovative Information Technologies for Critical Infrastructure Protection September 19-20, 2002.
[SSWL02] R. Schantz, D. C. Schmidt, F. Webber, P. Pal and J. Loyall. Protecting Applications Against Malice with Adaptive Middleware, Certification and Security in E-Services stream of the 17th IFIP World Computer Congress, Montreal, Canada, August 25-30, 2002.
[SWP00] D.X. Song, D. Wagner and A. Perrig. Practical Techniques for Searches on Encrypted Data. IEEE Symp. on Security and Privacy, Oakland, 2000.
[Schm02] D.C. Schmidt. R&D Advances in Middleware for Distributed, Real-time, and Embedded Systems. Communications of the ACM special issue on Middleware, Vol. 45, No. 6, June 2002.
[Shavell87] S. Shavell. Economic Analysis of Accident Law. Harvard University Press, 1987.
[Song03] D. Song. An Automatic Approach for Building Secure Systems. PhD thesis, UC Berkeley, December 2003.
[TYG03] J.D. Tygar. Privacy in Sensor Webs and Distributed Information Systems. Software Security - Theories and Systems (edited by M. Okada, et al) Springer-Verlag, Berlin, 2003.
[TZA03a] L. Tong, Q. Zhao and S. Adireddy. Sensor Networks with Mobile Agents. Proc. of IEEE Military Comm. Conf., Oct., 2003, Boston, MA.
[VAT03] P. Venkitasubramaniam, S. Adireddy and L. Tong. Opportunistic ALOHA and Cross-Layer Design for Sensor Networks. Proc. of IEEE Military Comm. Conf., Oct., 2003, Boston, MA.
[VBW04] R. van Renesse, K.P. Birman and W. H. Vogels. Astrolabe: A Robust and Scalable Technology for Distributed System Monitoring, Management, and Data Mining. To appear, ACM Transactions on Computer Systems (TOCS). February 2004.
[VBW04] R. van Renesse, K.P. Birman and W. H. Vogels. Astrolabe: A Robust and Scalable Technology for Distributed System Monitoring, Management, and Data Mining. To appear, ACM Transactions on Computer Systems (TOCS). February 2004.
[VS03] V. Vishnumurthy, S. Chandrakumar and E.G. Sirer. KARMA: A Secure Economic Framework for P2P Resource Sharing. Proc. of the Workshop on the Economics of Peer-to-Peer Systems, Berkeley, California, June 2003.
[WCB01] M. Welsh, D. Culler and E. Brewer. SEDA: An Architecture for Well-Conditioned, Scalable Internet Services. Proc. of the Eighteenth Symp. on Operating Systems Principles (SOSP-18), Banff, Canada, October, 2001. 230-243.
[WSGRNLSG03] N. Wang, D.C. Schmidt, A. Gokhale, C. Rodrigues, B. Natarajan, J. Loyall, R. Schantz and C. Gill. QoS-enabled Middleware. Middleware for Communications, Edited by Q. Mahmoud, Wiley and Sons, 2003.
[WSGRNLSG03] N. Wang, D.C. Schmidt, A. Gokhale, C. Rodrigues, B. Natarajan, J. Loyall, R. Schantz and C. Gill. QoS-enabled Middleware. Middleware for Communications, Edited by Q. Mahmoud, Wiley and Sons, 2003.
[WT03] A. Whitten and J.D. Tygar. Safe staging for computer security. HCI and Security Systems Workshop, CHI 2003, Ft. Lauderdale, Florida, April 2003.
[WT99] A. Whitten and J.D. Tygar. Why Johnny Canít Encrypt: A Usability Evaluation of PGP 5.0. Proc. of the 8th USENIX Security Symp., August 1999.
[War03] B. Warinschi. A computational analysis of the {Needham-Schroeder] protocol. IEEE Computer Science Foundation Workshop (CFSW 2003), Pacific Grove, California.
[ZHSJK03] B.Y. Zhao, L. Huang, J. Stribling, A.D. Joseph and J.D. Kubiatowicz, Exploiting Routing Redundancy via Structured Peer-to-Peer Overlays. Proc. of 11th IEEE International Conf. on Network Protocols (ICNP), Atlanta, Georgia, October, 2003.
[ZHSRJK04] B.Y. Zhao, L. Huang, J. Stribling, S.C. Rhea, A.D. Joseph and J. Kubiatowicz, Tapestry: A Global-scale Overlay for Rapid Service Deployment. IEEE Journal on Selected Areas in Communications (Special Issue: Recent Advances in Service Overlay Networks), 22(1):41-53, Jan. 2004.