, Secure Computer Systems: Mathematical Foundations, MITRE, vol.1, 1973.
, Computer Security Model: Unified Exposition and Multics Interpretation, 1976.
, Integrity Considerations for Secure Computer Systems, MITRE, issue.1, 1977.
, What is computer security?, IEEE Security & Privacy Magazine, vol.1, issue.1, 2003.
DOI : 10.1109/MSECP.2003.1176998
, An approach to information security in distributed systems, Proceedings of the Fifth IEEE Computer Society Workshop on Future Trends of Distributed Computing Systems, pp.384-394, 1995.
DOI : 10.1109/FTDCS.1995.525008
, Introduction to Logic, 1972.
, Enforcing Information Flow Security Properties in Cyber-Physical Systems: A Generalized Framework Based on Compensation, 2010 IEEE 34th Annual Computer Software and Applications Conference Workshops, pp.158-163, 2010.
DOI : 10.1109/COMPSACW.2010.36
, Security Policies and Security Models, 1982 IEEE Symposium on Security and Privacy, pp.11-20, 1982.
DOI : 10.1109/SP.1982.10014
, Unwinding and Inference Control, 1984 IEEE Symposium on Security and Privacy, pp.75-87, 1984.
DOI : 10.1109/SP.1984.10019
, Protection in operating systems, Communications of the ACM, vol.19, issue.8, pp.461-471, 1976.
DOI : 10.1145/360303.360333
, Modeling and reasoning about the security of drive-by-wire automobile systems, International Journal of Critical Infrastructure Protection, vol.5, issue.3-4, pp.127-134, 2012.
DOI : 10.1016/j.ijcip.2012.09.001
, A multiple security domain model of a driveby-wire system, Proceedings of the Thirty-Seventh IEEE Computer Software and Applications Conference, pp.369-374, 2013.
, A modal model of Stuxnet attacks on cyberphysical systems: A matter of trust, Proceedings of the Eighth International Conference on Software Security and Reliability, pp.225-234, 2014.
, A completeness theorem in modal logic, The Journal of Symbolic Logic, vol.XIV, issue.01, pp.1-14, 1959.
DOI : 10.2307/2964568
, Cyber-physical systems ? Are computing foundations adequate? presented at the NSF Workshop on Cyber-Physical Systems: Research Motivation, 2006.
, Belief, information acquisition, and trust in multi-agent systems???A modal logic formulation, Artificial Intelligence, vol.149, issue.1, pp.31-60, 2003.
DOI : 10.1016/S0004-3702(03)00063-8
, Non-discretionary controls for commercial applications, Proceedings of the IEEE Symposium on Security and Privacy, pp.2-10, 1982.
DOI : 10.1109/sp.1982.10022
, Quantitative information flow as network flow capacity, ACM SIGPLAN Notices, vol.43, issue.6, pp.193-205, 2008.
DOI : 10.1145/1379022.1375606
, Security models and information flow, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp.180-187, 1990.
DOI : 10.1109/RISP.1990.63849
, Protecting privacy in a decentralized environment, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00, pp.266-277, 2000.
DOI : 10.1109/DISCEX.2000.825031
, Run-time detection of covert channels, First International Conference on Availability, Reliability and Security (ARES'06), pp.577-584, 2006.
DOI : 10.1109/ARES.2006.114
, A calculus of information flow, Proceedings of the First European Symposium on Research in Computer Security, pp.147-159, 1990.
, Hacker disables more than 100 cars remotely, Wired, 2010.
, Language-based information-flow security, IEEE Journal on Selected Areas in Communications, vol.21, issue.1, pp.5-19, 2003.
DOI : 10.1109/JSAC.2002.806121
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.10.3979
, A model of information, Proceedings of the Ninth National Computer Security Conference, pp.175-183, 1986.
, Information flow in nondeterministic systems, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp.144-161, 1990.
DOI : 10.1109/RISP.1990.63846
, Start, unlock or honk horn of your GM car from a cellphone, 2010.