Mark Bickford

Learn More
For twenty years the Nuprl (“new pearl”) system has been used to develop software systems and formal theories of computational mathematics. It has also been used to explore and implement computational type theory (CTT) – a formal theory of computation closely related to Martin-Löf’s intuitionistic type theory (ITT) and to the calculus of inductive(More)
The paper presents and evaluates Nysiad,1 a system that implements a new technique for transforming a scalable distributed system or network protocol tolerant only of crash failures into one that tolerates arbitrary failures, including such failures as freeloading and malicious attacks. The technique assigns to each host a certain number of guard hosts,(More)
Fault-tolerant distributed systems often contain complex error handling code. Such code is hard to test or model-check because there are often too many possible failure scenarios to consider. As we will demonstrate in this paper, formal methods have evolved to a state in which it is possible to generate this code along with correctness guarantees. This(More)
As we see a growing variety of network and application behaviors, it becomes more important that protocols adapt to their surroundings. Building adaptive protocols is complicated, and therefore we have considered building hybrid protocols that switch between specialized protocols. In this paper, we show for which communication properties this is a correct(More)
We propose a new foundation for security based on a logical concept of protected information that can be enforced in the mathematical structure of a computation system. We describe a computation system based on event structures and a logic of events, and we show how to model all limitations on the capabilities of adversaries using a theory of atoms.
There is a well-established theory and practice for creating correct-by-construction functional programs by extracting them from constructive proofs of assertions of the form ∀x : A.∃y : B.R(x, y). There have been several efforts to extend this methodology to concurrent programs, say by using linear logic, but there is no practice and the results are(More)