bibliography.bib

@article{schneider_implementing_1990,
  title = {Implementing {{Fault}}-Tolerant {{Services Using}} the {{State Machine Approach}}: {{A Tutorial}}},
  volume = {22},
  issn = {0360-0300},
  shorttitle = {Implementing {{Fault}}-Tolerant {{Services Using}} the {{State Machine Approach}}},
  doi = {10.1145/98163.98167},
  abstract = {The state machine approach is a general method for implementing fault-tolerant services in distributed systems. This paper reviews the approach and describes protocols for two different failure models\textemdash{}Byzantine and fail stop. Systems reconfiguration techniques for removing faulty components and integrating repaired components are also discussed.},
  number = {4},
  journal = {ACM Comput. Surv.},
  author = {Schneider, Fred B.},
  month = dec,
  year = {1990},
  pages = {299--319}
}

@article{androulaki_hyperledger_2018,
  archivePrefix = {arXiv},
  eprinttype = {arxiv},
  eprint = {1801.10228},
  primaryClass = {cs},
  title = {Hyperledger {{Fabric}}: {{A Distributed Operating System}} for {{Permissioned Blockchains}}},
  shorttitle = {Hyperledger {{Fabric}}},
  abstract = {Hyperledger Fabric is a modular and extensible open-source system for deploying and operating permissioned blockchains. Fabric is currently used in more than 400 prototypes and proofs-of-concept of distributed ledger technology, as well as several production systems, across different industries and use cases. Starting from the premise that there are no "one-size-fits-all" solutions, Fabric is the first truly extensible blockchain system for running distributed applications. It supports modular consensus protocols, which allows the system to be tailored to particular use cases and trust models. Fabric is also the first blockchain system that runs distributed applications written in general-purpose programming languages, without systemic dependency on a native cryptocurrency. This stands in sharp contrast to existing blockchain platforms for running smart contracts that require code to be written in domain-specific languages or rely on a cryptocurrency. Furthermore, it uses a portable notion of membership for realizing the permissioned model, which may be integrated with industry-standard identity management. To support such flexibility, Fabric takes a novel approach to the design of a permissioned blockchain and revamps the way blockchains cope with non-determinism, resource exhaustion, and performance attacks. This paper describes Fabric, its architecture, the rationale behind various design decisions, its security model and guarantees, its most prominent implementation aspects, as well as its distributed application programming model. We further evaluate Fabric by implementing and benchmarking a Bitcoin-inspired digital currency. We show that Fabric achieves end-to-end throughput of more than 3500 transactions per second in certain popular deployment configurations, with sub-second latency.},
  journal = {arXiv:1801.10228 [cs]},
  author = {Androulaki, Elli and Barger, Artem and Bortnikov, Vita and Cachin, Christian and Christidis, Konstantinos and De Caro, Angelo and Enyeart, David and Ferris, Christopher and Laventman, Gennady and Manevich, Yacov and Muralidharan, Srinivasan and Murthy, Chet and Nguyen, Binh and Sethi, Manish and Singh, Gari and Smith, Keith and Sorniotti, Alessandro and Stathakopoulou, Chrysoula and Vukoli{\'c}, Marko and Cocco, Sharon Weed and Yellick, Jason},
  month = jan,
  year = {2018},
  keywords = {Computer Science - Cryptography and Security,Computer Science - Distributed; Parallel; and Cluster Computing}
}

@article{liu_scalable_2016,
  title = {Scalable {{Byzantine Consensus}} via {{Hardware}}-Assisted {{Secret Sharing}}},
  journal = {arXiv preprint arXiv:1612.04997},
  author = {Liu, Jian and Li, Wenting and Karame, Ghassan O. and Asokan, N.},
  year = {2016}
}

@inproceedings{bentov_cryptocurrencies_2016,
  series = {Lecture Notes in Computer Science},
  title = {Cryptocurrencies {{Without Proof}} of {{Work}}},
  isbn = {978-3-662-53356-7 978-3-662-53357-4},
  doi = {10.1007/978-3-662-53357-4_10},
  abstract = {We study decentralized cryptocurrency protocols in which the participants do not deplete physical scarce resources. Such protocols commonly rely on Proof of Stake, i.e., on mechanisms that extend voting power to the stakeholders of the system. We offer analysis of existing protocols that have a substantial amount of popularity. We then present our novel pure Proof of Stake protocols, and argue that they help in mitigating problems that the existing protocols exhibit.},
  language = {en},
  booktitle = {Financial {{Cryptography}} and {{Data Security}}},
  publisher = {{Springer, Berlin, Heidelberg}},
  author = {Bentov, Iddo and Gabizon, Ariel and Mizrahi, Alex},
  month = feb,
  year = {2016},
  pages = {142-157}
}

@techreport{matetic_rote_2017,
  title = {{{ROTE}}: {{Rollback Protection}} for {{Trusted Execution}}},
  shorttitle = {{{ROTE}}},
  abstract = {Security architectures such as Intel SGX need protection against rollback attacks, where the adversary violates the integrity of a protected application state by replaying old persistently stored data or by starting multiple application instances. Successful rollback attacks have serious consequences on applications such as financial services. In this paper, we propose a new approach for rollback protection on SGX. The intuition behind our approach is simple. A single platform cannot efficiently prevent rollback, but in many practical scenarios, multiple processors can be enrolled to assist each other. We design and implement a rollback protection system called ROTE that realizes integrity protection as a distributed system. We construct a model that captures adversarial ability to schedule enclave execution and show that our solution achieves a strong security property: the only way to violate integrity is to reset all participating platforms to their initial state. We implement ROTE and demonstrate that distributed rollback protection can provide significantly better performance than previously known solutions based on local non-volatile memory.},
  number = {048},
  author = {Matetic, Sinisa and Ahmed, Mansoor and Kostiainen, Kari and Dhar, Aritra and Sommer, David and Gervais, Arthur and Juels, Ari and Capkun, Srdjan},
  year = {2017},
  keywords = {Distributed system,Rollback protection,SGX,State protection,TEE,Trusted Execution}
}

@article{verissimo_travelling_2006,
  title = {Travelling through Wormholes: A New Look at Distributed Systems Models},
  volume = {37},
  shorttitle = {Travelling through Wormholes},
  number = {1},
  journal = {ACM SIGACT News},
  author = {Ver{\'\i}ssimo, Paulo E.},
  year = {2006},
  pages = {66--81}
}

@inproceedings{castro_practical_1999,
  title = {Practical {{Byzantine}} Fault Tolerance},
  volume = {99},
  booktitle = {{{OSDI}}},
  author = {Castro, Miguel and Liskov, Barbara},
  year = {1999},
  pages = {173--186}
}

@misc{_ethereum_2018,
  title = {The {{Ethereum White Paper}}},
  shorttitle = {Wiki},
  publisher = {{ethereum}},
  month = mar,
  year = {2018}
}

@article{hildebrandt_declarative_2011,
  title = {Declarative Event-Based Workflow as Distributed Dynamic Condition Response Graphs},
  journal = {arXiv preprint arXiv:1110.4161},
  author = {Hildebrandt, Thomas T. and Mukkamala, Raghava Rao},
  year = {2011}
}

@article{costan_intel_2016,
  title = {Intel {{SGX Explained}}.},
  volume = {2016},
  journal = {IACR Cryptology ePrint Archive},
  author = {Costan, Victor and Devadas, Srinivas},
  year = {2016},
  pages = {86}
}

@article{gopinath_nirmala_improving_2017,
  title = {Improving the {{Security}} and {{Efficiency}} of {{Blockchain}}-Based {{Cryptocurrencies}}},
  author = {Gopinath Nirmala, Rakesh},
  year = {2017}
}

@incollection{dhillon_hyperledger_2017,
  title = {The {{Hyperledger Project}}},
  booktitle = {Blockchain {{Enabled Applications}}},
  publisher = {{Springer}},
  author = {Dhillon, Vikram and Metcalf, David and Hooper, Max},
  year = {2017},
  pages = {139--149}
}

@misc{intel_sgx,
  title = {Intel {{SGX}}},
  howpublished = {https://software.intel.com/en-us/sgx},
  author = {{Intel}}
}

@misc{intel_sgx_guide,
  title = {{{Intel}}\textregistered{} {{Software Guard Extensions Developer Guide}} | {{Intel}}\textregistered{} {{Software}}},
  howpublished = {https://software.intel.com/en-us/documentation/sgx-developer-guide}
}

@book{coulouris_distributed_2005,
  edition = {5.th},
  title = {Distributed Systems: Concepts and Design},
  shorttitle = {Distributed Systems},
  publisher = {{pearson education}},
  author = {Coulouris, George F. and Dollimore, Jean and Kindberg, Tim},
  year = {2005}
}

@article{fischer_impossibility_1985,
  title = {Impossibility of Distributed Consensus with One Faulty Process},
  volume = {32},
  number = {2},
  journal = {Journal of the ACM (JACM)},
  author = {Fischer, Michael J. and Lynch, Nancy A. and Paterson, Michael S.},
  year = {1985},
  pages = {374--382}
}

@misc{silent_bob,
  title = {Silent {{Bob}} Is Silent},
  howpublished = {https://embedi.com/wp-content/uploads/dlm\_uploads/2017/11/silent-bob-is-silent.pdf}
}

@article{miller_anonymous_2014,
  title = {Anonymous Byzantine Consensus from Moderately-Hard Puzzles: {{A}} Model for Bitcoin},
  shorttitle = {Anonymous Byzantine Consensus from Moderately-Hard Puzzles},
  journal = {Available on line: http://nakamotoinstitute. org/research/anonymous-byzantine-consensus},
  author = {Miller, Andrew and LaViola Jr, Joseph J.},
  year = {2014}
}

@article{nakamoto_bitcoin_2008,
  title = {Bitcoin: {{A}} Peer-to-Peer Electronic Cash System},
  shorttitle = {Bitcoin},
  author = {Nakamoto, Satoshi},
  year = {2008}
}

@article{correia_byzantine_2011,
  title = {Byzantine Consensus in Asynchronous Message-Passing Systems: A Survey},
  volume = {2},
  shorttitle = {Byzantine Consensus in Asynchronous Message-Passing Systems},
  number = {2},
  journal = {International Journal of Critical Computer-Based Systems},
  author = {Correia, Miguel and Veronese, Giuliana Santos and Neves, Nuno Ferreira and Verissimo, Paulo},
  year = {2011},
  pages = {141--161}
}

@article{lamport_part-time_1998,
  title = {The Part-Time Parliament},
  volume = {16},
  number = {2},
  journal = {ACM Transactions on Computer Systems (TOCS)},
  author = {Lamport, Leslie},
  year = {1998},
  pages = {133--169}
}

@inproceedings{debois_concurrency_2015,
  title = {Concurrency and Asynchrony in Declarative Workflows},
  booktitle = {International {{Conference}} on {{Business Process Management}}},
  publisher = {{Springer}},
  author = {Debois, S{\o}ren and Hildebrandt, Thomas and Slaats, Tijs},
  year = {2015},
  pages = {72--89}
}

@inproceedings{hildebrandt_safe_2011,
  title = {Safe Distribution of Declarative Processes},
  booktitle = {International {{Conference}} on {{Software Engineering}} and {{Formal Methods}}},
  publisher = {{Springer}},
  author = {Hildebrandt, Thomas and Mukkamala, Raghava Rao and Slaats, Tijs},
  year = {2011},
  pages = {237--252}
}

@inproceedings{skeen_nonblocking_1981,
  address = {New York, NY, USA},
  series = {SIGMOD '81},
  title = {Nonblocking {{Commit Protocols}}},
  isbn = {978-0-89791-040-8},
  doi = {10.1145/582318.582339},
  abstract = {Protocols that allow operational sites to continue transaction processing even though site failures have occurred are called nonblocking. Many applications require nonblocking protocols. This paper investigates the properties of nonblocking protocols. Necessary and sufficient conditions for a protocol to be nonblocking are presented and from these conditions a method for designing them is derived. Both a central site nonblocking protocol and a decentralized nonblocking protocol are presented.},
  booktitle = {Proceedings of the 1981 {{ACM SIGMOD International Conference}} on {{Management}} of {{Data}}},
  publisher = {{ACM}},
  author = {Skeen, Dale},
  year = {1981},
  pages = {133--142}
}

@article{veronese_efficient_2013,
  title = {Efficient Byzantine Fault-Tolerance},
  volume = {62},
  number = {1},
  journal = {IEEE Transactions on Computers},
  author = {Veronese, Giuliana Santos and Correia, Miguel and Bessani, Alysson Neves and Lung, Lau Cheuk and Verissimo, Paulo},
  year = {2013},
  pages = {16--30}
}

@inproceedings{driscoll_byzantine_2003,
  title = {Byzantine Fault Tolerance, from Theory to Reality},
  booktitle = {International {{Conference}} on {{Computer Safety}}, {{Reliability}}, and {{Security}}},
  publisher = {{Springer}},
  author = {Driscoll, Kevin and Hall, Brendan and akan Sivencrona, H$\backslash$a and Zumsteg, Phil},
  year = {2003},
  pages = {235--248}
}

@techreport{gueron_memory_2016,
  title = {A {{Memory Encryption Engine Suitable}} for {{General Purpose Processors}}},
  abstract = {Cryptographic protection of memory is an essential ingredient for any technology that allows a closed computing system to run software in a trustworthy manner and handle secrets, while its external memory is susceptible to eavesdropping and tampering. An example for such a technology is Intel's emerging Software Guard Extensions technology (Intel SGX) that appears in the latest processor generation, Architecture Codename Skylake. This technology operates under the assumption that the security perimeter includes only the internals of the CPU package, and in particular, leaves the DRAM untrusted. It is supported by an autonomous hardware unit called the Memory Encryption Engine (MEE), whose role is to protect the confidentiality, integrity, and freshness of the CPU-DRAM traffic over some memory range. To succeed in adding this unit to the micro architecture of a general purpose processor product, it must be designed under very strict engineering constraints. This requires a careful combination of cryptographic primitives operating over a customized integrity tree that mostly resides on the DRAM while relying only on a small internally stored root. The purpose of this paper is to explain how this hardware component of SGX works, and the rationale behind some of its design choices. To this end, we formalize the MEE threat model and security objectives, describe the MEE design, cryptographic properties, security margins, and report some concrete performance results.},
  number = {204},
  author = {Gueron, Shay},
  year = {2016},
  keywords = {implementation}
}

@inproceedings{jang_sgx-bomb_2017,
  title = {{{SGX}}-{{Bomb}}: {{Locking Down}} the {{Processor}} via {{Rowhammer Attack}}},
  isbn = {978-1-4503-5097-6},
  shorttitle = {{{SGX}}-{{Bomb}}},
  doi = {10.1145/3152701.3152709},
  abstract = {Intel Software Guard Extensions (SGX) provides a strongly isolated memory space, known as an enclave, for a user process, ensuring confidentiality and integrity against software and hardware attacks. Even the operating system and hypervisor cannot access the enclave because of the hardware-level isolation. Further, hardware attacks are neither able to disclose plaintext data from the enclave because its memory is always encrypted nor modify it because its integrity is always verified using an integrity tree. When the processor detects any integrity violation, it locks itself to prevent further damages; that is, a system reboot is necessary. The processor lock seems a reasonable solution against such a powerful hardware attacker; however, if a software attacker has a way to trigger integrity violation, the lock could result in a severe denial-of-service (DoS) attack.},
  language = {en},
  publisher = {{ACM Press}},
  author = {Jang, Yeongjin and Lee, Jaehyuk and Lee, Sangho and Kim, Taesoo},
  year = {2017},
  pages = {1-6}
}

@article{normand_single_1996,
  title = {Single Event Upset at Ground Level},
  volume = {43},
  number = {6},
  journal = {IEEE transactions on Nuclear Science},
  author = {Normand, Eugene},
  year = {1996},
  pages = {2742--2750}
}

@article{bracha_asynchronous_1985,
  title = {Asynchronous Consensus and Broadcast Protocols},
  volume = {32},
  number = {4},
  journal = {Journal of the ACM (JACM)},
  author = {Bracha, Gabriel and Toueg, Sam},
  year = {1985},
  pages = {824--840}
}

@inproceedings{kotla_zyzzyva_2007,
  title = {Zyzzyva: Speculative Byzantine Fault Tolerance},
  volume = {41},
  shorttitle = {Zyzzyva},
  booktitle = {{{ACM SIGOPS Operating Systems Review}}},
  publisher = {{ACM}},
  author = {Kotla, Ramakrishna and Alvisi, Lorenzo and Dahlin, Mike and Clement, Allen and Wong, Edmund},
  year = {2007},
  pages = {45--58}
}

@article{pease_reaching_1980,
  title = {Reaching Agreement in the Presence of Faults},
  volume = {27},
  number = {2},
  journal = {Journal of the ACM (JACM)},
  author = {Pease, Marshall and Shostak, Robert and Lamport, Leslie},
  year = {1980},
  pages = {228--234}
}

@inproceedings{kapitza_cheapbft_2012,
  title = {{{CheapBFT}}: Resource-Efficient Byzantine Fault Tolerance},
  shorttitle = {{{CheapBFT}}},
  booktitle = {Proceedings of the 7th {{ACM}} European Conference on {{Computer Systems}}},
  publisher = {{ACM}},
  author = {Kapitza, R{\"u}diger and Behl, Johannes and Cachin, Christian and Distler, Tobias and Kuhnle, Simon and Mohammadi, Seyed Vahid and Schr{\"o}der-Preikschat, Wolfgang and Stengel, Klaus},
  year = {2012},
  pages = {295--308}
}

@inproceedings{song_bosco_2008,
  title = {Bosco: {{One}}-Step Byzantine Asynchronous Consensus},
  shorttitle = {Bosco},
  booktitle = {International {{Symposium}} on {{Distributed Computing}}},
  publisher = {{Springer}},
  author = {Song, Yee Jiun and {van Renesse}, Robbert},
  year = {2008},
  pages = {438--450}
}

@inproceedings{sousa_partial_2001,
  title = {Partial Replication in the {{Database State Machine}}},
  isbn = {978-0-7695-1432-1},
  doi = {10.1109/NCA.2001.962546},
  abstract = {This paper investigates the use of partial replication in the Database State Machine approach introduced earlier for fully replicated databases. It builds on the order and atomicity properties of group communication primitives to achieve strong consistency and proposes two new abstractions: Resilient Atomic Commit and Fast Atomic Broadcast.},
  language = {en},
  publisher = {{IEEE Comput. Soc}},
  author = {Sousa, A. and Pedone, F. and Oliveira, R. and Moura, F.},
  year = {2001},
  pages = {298-309}
}

@inproceedings{madsen_collaboration_2018,
  title = {Collaboration among {{Adversaries}}: {{Distributed Workflow Execution}} on a {{Blockchain}}},
  shorttitle = {Collaboration among {{Adversaries}}},
  booktitle = {2018 {{Symposium}} on {{Foundations}} and {{Applications}} of {{Blockchain}}},
  author = {Madsen, Mads Frederik and Gaub, Mikkel and H{\o}gnason, Tr{\'o}ndur and Kirkbro, Malthe Ettrup and Slaats, Tijs and Debois, S{\o}ren},
  year = {2018}
}

@incollection{debois_safety_2015,
  address = {Cham},
  title = {Safety, {{Liveness}} and {{Run}}-{{Time Refinement}} for {{Modular Process}}-{{Aware Information Systems}} with {{Dynamic Sub Processes}}},
  volume = {9109},
  isbn = {978-3-319-19248-2 978-3-319-19249-9},
  abstract = {We study modularity, run-time adaptation and refinement under safety and liveness constraints in event-based process models with dynamic sub-process instantiation. The study is part of a larger programme to provide semantically well-founded technologies for modelling, implementation and verification of flexible, run-time adaptable processaware information systems, moved into practice via the Dynamic Condition Response (DCR) Graphs notation co-developed with our industrial partner. Our key contributions are: (1) A formal theory of dynamic subprocess instantiation for declarative, event-based processes under safety and liveness constraints, given as the DCR* process language, equipped with a compositional operational semantics and conservatively extending the DCR Graphs notation; (2) an expressiveness analysis revealing that the DCR* process language is Turing-complete, while the fragment corresponding to DCR Graphs (without dynamic sub-process instantiation) characterises exactly the languages that are the union of a regular and an omega-regular language; (3) a formalisation of run-time refinement and adaptation by composition for DCR* processes and a proof that such refinement is undecidable in general; and finally (4) a decidable and practically useful sub-class of run-time refinements. Our results are illustrated by a running example inspired by a recent Electronic Case Management solution based on DCR Graphs and delivered by our industrial partner. An online prototype implementation of the DCR* language (including examples from the paper) and its visualisation as DCR Graphs can be found at http://tiger.itu.dk:8020/.},
  language = {en},
  booktitle = {{{FM}} 2015: {{Formal Methods}}},
  publisher = {{Springer International Publishing}},
  author = {Debois, S{\o}ren and Hildebrandt, Thomas and Slaats, Tijs},
  year = {2015},
  pages = {143-160},
  doi = {10.1007/978-3-319-19249-9_10}
}

@incollection{hildebrandt_declarative_2012,
  address = {Berlin, Heidelberg},
  title = {Declarative {{Modelling}} and {{Safe Distribution}} of {{Healthcare Workflows}}},
  volume = {7151},
  isbn = {978-3-642-32354-6 978-3-642-32355-3},
  abstract = {We present a formal technique for safe distribution of workflow processes described declaratively as nested Dynamic Condition Response (DCR) Graphs and apply the technique to a distributed healthcare workflow. Concretely, we provide a method to synthesize from a nested DCR Graph and any distribution of its atomic events a set of local process graphs communicating by shared events, such that the distributed execution of the local processes is equivalent to executing the original process. The technique extends our recent work on safe distribution of non-nested DCR Graphs applied to cross-organizational case management. The main contributions of the present paper is to adapt the technique to allow for nested processes and milestones and to apply it to a healthcare workflow identified in a previous field study at danish hospitals. We also provide a new formalization of the semantics of DCR Graphs which highlights its declarative nature.},
  language = {en},
  booktitle = {Foundations of {{Health Informatics Engineering}} and {{Systems}}},
  publisher = {{Springer Berlin Heidelberg}},
  author = {Hildebrandt, Thomas and Mukkamala, Raghava Rao and Slaats, Tijs},
  year = {2012},
  pages = {39-56},
  doi = {10.1007/978-3-642-32355-3_3}
}

@article{dwork_consensus_1988,
  title = {Consensus in the Presence of Partial Synchrony},
  volume = {35},
  number = {2},
  journal = {Journal of the ACM (JACM)},
  author = {Dwork, Cynthia and Lynch, Nancy and Stockmeyer, Larry},
  year = {1988},
  pages = {288--323}
}

@article{lamport_lower_2006,
  title = {Lower Bounds for Asynchronous Consensus},
  volume = {19},
  number = {2},
  journal = {Distributed Computing},
  author = {Lamport, Leslie},
  year = {2006},
  pages = {104--125}
}

@inproceedings{guerraoui_revisiting_1995,
  title = {Revisiting the Relationship between Non-Blocking Atomic Commitment and Consensus},
  booktitle = {International {{Workshop}} on {{Distributed Algorithms}}},
  publisher = {{Springer}},
  author = {Guerraoui, Rachid},
  year = {1995},
  pages = {87--100}
}

@article{chandra_unreliable_1996,
  title = {Unreliable Failure Detectors for Reliable Distributed Systems},
  volume = {43},
  number = {2},
  journal = {Journal of the ACM (JACM)},
  author = {Chandra, Tushar Deepak and Toueg, Sam},
  year = {1996},
  pages = {225--267}
}

@article{lamport_time_1978,
  title = {Time, Clocks, and the Ordering of Events in a Distributed System},
  volume = {21},
  number = {7},
  journal = {Communications of the ACM},
  author = {Lamport, Leslie},
  year = {1978},
  pages = {558--565}
}

@inproceedings{robson_electrically_2007,
  title = {Electrically Programmable Fuse (Efuse): {{From}} Memory Redundancy to Autonomic Chips},
  shorttitle = {Electrically Programmable Fuse (Efuse)},
  booktitle = {Custom {{Integrated Circuits Conference}}, 2007. {{CICC}}'07. {{IEEE}}},
  publisher = {{IEEE}},
  author = {Robson, Norm and Safran, John and Kothandaraman, Chandrasekharan and Cestero, Alberto and Chen, Xiang and Rajeevakumar, Raj and Leslie, Alan and Moy, Dan and Kirihata, Toshiaki and Iyer, Subramanian},
  year = {2007},
  pages = {799--804}
}

@article{chandy_distributed_1985,
  title = {Distributed Snapshots: {{Determining}} Global States of Distributed Systems},
  volume = {3},
  shorttitle = {Distributed Snapshots},
  number = {1},
  journal = {ACM Transactions on Computer Systems (TOCS)},
  author = {Chandy, K. Mani and Lamport, Leslie},
  year = {1985},
  pages = {63--75}
}

@article{johnson_finding_1975,
  title = {Finding {{All}} the {{Elementary Circuits}} of a {{Directed Graph}}},
  volume = {4},
  issn = {0097-5397, 1095-7111},
  doi = {10.1137/0204007},
  abstract = {An algorithm is presented which finds all the elementary circuits-of a directed graph in time bounded by O((n + e)(c + 1)) and space bounded by O(n + e), where there are n vertices, e edges and c elementary circuits in the graph. The algorithm resembles algorithms by Tiernan and Tarjan, but is faster because it considers each edge at most twice between any one circuit and the next in the output sequence.},
  language = {en},
  number = {1},
  journal = {SIAM Journal on Computing},
  author = {Johnson, Donald B.},
  month = mar,
  year = {1975},
  pages = {77-84}
}

@book{cormen_introduction_2009,
  address = {Cambridge, Mass},
  edition = {3rd ed},
  title = {Introduction to Algorithms},
  isbn = {978-0-262-03384-8 978-0-262-53305-8},
  lccn = {QA76.6 .C662 2009},
  language = {en},
  publisher = {{MIT Press}},
  editor = {Cormen, Thomas H.},
  year = {2009},
  keywords = {Computer algorithms,Computer programming},
  note = {OCLC: ocn311310321}
}

@article{mateti_prabhaker_algorithms_1976,
  title = {On {{Algorithms}} for {{Enumerating All Circuits}} of a {{Graph}}},
  volume = {5},
  doi = {10.1137/0205007},
  number = {1},
  journal = {SIAM Journal on Computing},
  author = {{Mateti, Prabhaker} and {Deo, Narsingh}},
  year = {1976},
  pages = {90-99}
}

@book{sedgewick_algorithms_2011,
  edition = {4th},
  title = {Algorithms},
  isbn = {978-0-321-57351-3},
  publisher = {{Addison-Wesley Professional}},
  author = {Sedgewick, Robert and Wayne, Kevin},
  year = {2011}
}

@article{_topological_2018,
  title = {Topological Sorting},
  copyright = {Creative Commons Attribution-ShareAlike License},
  abstract = {In the field of computer science, a topological sort or topological ordering of a directed graph is a linear ordering of its vertices such that for every directed edge uv from vertex u to vertex v, u comes before v in the ordering. For instance, the vertices of the graph may represent tasks to be performed, and the edges may represent constraints that one task must be performed before another; in this application, a topological ordering is just a valid sequence for the tasks. A topological ordering is possible if and only if the graph has no directed cycles, that is, if it is a directed acyclic graph (DAG). Any DAG has at least one topological ordering, and algorithms are known for constructing a topological ordering of any DAG in linear time.},
  language = {en},
  journal = {Wikipedia},
  month = may,
  year = {2018},
  note = {Page Version ID: 839618280}
}

@article{debois_replication_2017-1,
  title = {Replication, Refinement \& Reachability: Complexity in Dynamic Condition-Response Graphs},
  issn = {0001-5903, 1432-0525},
  shorttitle = {Replication, Refinement \& Reachability},
  doi = {10.1007/s00236-017-0303-8},
  abstract = {We explore the complexity of reachability and run-time refinement under safety and liveness constraints in event-based process models. Our study is framed in the DCR process language, which supports modular specification through a compositional operational semantics. DCR encompasses the ``Dynamic Condition Response (DCR) graphs'' declarative process model for analysis, execution and safe run-time refinement of process-aware information systems; including replication of sub-processes. We prove that event-reachability and refinement are np- hard for DCR processes without replication, and that these finite state processes recognise exactly the languages that are the union of a regular and an $\omega$-regular language. Moreover, we prove that event-reachability and refinement are undecidable in general for DCR processes with replication and local events, and we provide a tractable approximation for refinement. A prototype implementation of the DCR language is available at http:// dcr.tools/acta16.},
  language = {en},
  journal = {Acta Informatica},
  author = {Debois, S{\o}ren and Hildebrandt, Thomas T. and Slaats, Tijs},
  month = sep,
  year = {2017}
}

@article{dolev_security_1983,
  title = {On the Security of Public Key Protocols},
  volume = {29},
  number = {2},
  journal = {IEEE Transactions on information theory},
  author = {Dolev, Danny and Yao, Andrew},
  year = {1983},
  pages = {198--208}
}

@inproceedings{ongaro_search_2014,
  title = {In Search of an Understandable Consensus Algorithm.},
  booktitle = {{{USENIX Annual Technical Conference}}},
  author = {Ongaro, Diego and Ousterhout, John K.},
  year = {2014},
  pages = {305--319}
}

@article{chen_sgxpectre_2018,
  title = {{{SGXPECTRE Attacks}}: {{Leaking Enclave Secrets}} via {{Speculative Execution}}},
  shorttitle = {{{SGXPECTRE Attacks}}},
  journal = {arXiv preprint arXiv:1802.09085},
  author = {Chen, Guoxing and Chen, Sanchuan and Xiao, Yuan and Zhang, Yinqian and Lin, Zhiqiang and Lai, Ten H.},
  year = {2018}
}

@misc{intel_sgx_developer_reference,
  title = {{{Intel}}\textregistered{} {{Software Guard Extensions Developer Reference}} | {{Intel}}\textregistered{} {{Software}}}
}