Resume-aware faculty matching

Find professors who actually fit you

Upload your resume. Four AI agents analyze your background, rank the faculty who fit, inspect their recent research, and help you draft outreach — grounded in their actual work, not templates.

Free to startNo credit cardCancel anytime
Top matches Balanced preset
Dr. Sarah Chen
Stanford · Interpretability · NLP
91
Dr. Marcus Holloway
MIT · Robotics · RL
84
Dr. Aisha Okonkwo
CMU · Fairness · HCI
82
Nova · Professor Researcher · re-ranking top 20…
Robbert van Renesse

Robbert van Renesse

Verified

Cornell University · Computer Science

Active 1984–2026

h-index57
Citations13.7k
Papers28612 last 5y
Funding
Faculty page
See your match with Robbert van Renesse — sign in to PhdFit.Sign in

About

Robbert van Renesse is a professor in the Department of Computer Science at Cornell University. He is a member of the Systems and Networking group and is interested in distributed systems, particularly in their fault tolerance and scalability aspects. He is co-editor-in-chief for ACM Transactions on Computing Systems. Van Renesse received his M.Sc. in mathematics and computer science and his Ph.D. in computer science, both from the Vrije Universiteit under the supervision of Andrew S. Tanenbaum. He is a Fellow of the Association of Computing Machinery.

Research topics

  • Computer Science
  • Distributed computing
  • Computer Security
  • Programming language
  • Computer network
  • Embedded system
  • Computer architecture
  • World Wide Web
  • Operating system
  • Database
  • Business
  • Parallel computing

Selected publications

  • Editor-in-Chief's Message

    ACM Transactions on Computer Systems · 2026-02-26

    articleOpen accessSenior author
    PublisherDOI

  • FicusDB: Scalable Multi-Versioned Authenticated Archival Storage

    2026-04-24

    articleOpen accessSenior author

    As consensus protocols scale, storage has become the dominant bottleneck in modern blockchains. Systems must maintain historical versions, generate integrity proofs, and sustain high throughput as state grows. Prior work often redesigns the authenticated data structure (ADS), but such changes sacrifice compatibility and require disruptive hard forks. We take the complementary approach: redesigning the storage layer while preserving the existing ADS interface.

    PublisherDOI

  • [Artifact Evaluation] FicusDB: Scalable Multi-Versioned Authenticated Storage

    Open MIND · 2026-03-06

    otherSenior author
    DOI

  • [Artifact Evaluation] FicusDB: Scalable Multi-Versioned Authenticated Storage

    Zenodo (CERN European Organization for Nuclear Research) · 2026-03-06

    otherOpen accessSenior author
    PublisherDOI

  • Modeling Metastability

    2025-11-17

    article

    Recently, there has been increasing concern about a new failure mode in data-center systems: when there is an external shock, such as a sudden load spike or some machine failures, systems will sometimes respond with reduced throughput - but, in contrast to a traditional overload situation, the throughput does not recover once the external shock disappears, and remains permanently degraded. This phenomenon has been called a metastable failure.

    PublisherDOI

  • Ordered Consensus with Equal Opportunity

    ArXiv.org · 2025-09-11

    preprintOpen access

    The specification of state machine replication (SMR) has no requirement on the final total order of commands. In blockchains based on SMR, however, order matters, since different orders could provide their clients with different financial rewards. Ordered consensus augments the specification of SMR to include specific guarantees on such order, with a focus on limiting the influence of Byzantine nodes. Real-world ordering manipulations, however, can and do happen even without Byzantine replicas, typically because of factors, such as faster networks or closer proximity to the blockchain infrastructure, that give some clients an unfair advantage. To address this challenge, this paper proceeds to extend ordered consensus by requiring it to also support equal opportunity, a concrete notion of fairness, widely adopted in social sciences. Informally, equal opportunity requires that two candidates who, according to a set of criteria deemed to be relevant, are equally qualified for a position (in our case, a specific slot in the SMR total order), should have an equal chance of landing it. We show how randomness can be leveraged to keep bias in check, and, to this end, introduce the secret random oracle (SRO), a system component that generates randomness in a fault-tolerant manner. We describe two SRO designs based, respectively, on trusted hardware and threshold verifiable random functions, and instantiate them in Bercow, a new ordered consensus protocol that, by approximating equal opportunity up to within a configurable factor, can effectively mitigate well-known ordering attacks in SMR-based blockchains.

    PublisherOA PDFDOI

  • Functional Reasoning for Distributed Systems with Failures

    ArXiv.org · 2025-10-14

    preprintOpen access

    Distributed system theory literature often argues for correctness using an informal, Hoare-like style of reasoning. While these arguments are intuitive, they have not all been foolproof, and whether they directly correspond to formal proofs is in question. We formally ground this kind of reasoning and connect it to standard formal approaches through language design and meta-analysis, which leads to a functional style of compositional formal reasoning for a class of distributed systems, including cases involving Byzantine faults. The core of our approach is twin languages: Sync and Async, which formalize the insight from distributed system theory that an asynchronous system can be reduced to a synchronous system for more straightforward reasoning under certain conditions. Sync describes a distributed system as a single, synchronous, data-parallel program. It restricts programs syntactically and has a functional denotational semantics suitable for Hoare-style formal reasoning. Async models a distributed system as a collection of interacting monadic programs, one for each non-faulty node in the system. It has a standard trace-based operational semantics, modeling asynchrony with interleaving. Sync compiles to Async and can then be extracted to yield executable code. We prove that any safety property proven for a Sync program in its denotational semantics is preserved in the operational semantics of its compiled Async programs. We implement the twin languages in Rocq and verify the safety properties of two fault-tolerant consensus protocols: BOSCO and SeqPaxos.

    PublisherOA PDFDOI

  • Invited Paper: Disaggregating Applications Using Uniservices

    2023-06-19

    articleSenior author

    The current method for building software infrastructure in disaggregated data centers involves creating new virtual machine monitors or operating system kernels that make the underlying hardware appear as a group of logical servers. Although this approach is effective for maintaining backward compatibility, we suggest that it would be more beneficial to invest in redesigning the applications themselves to be disaggregated along physical boundaries. We propose uniservices, a new programming paradigm that utilizes the actor model and is highly specialized for a single type of hardware resource for disaggregated architecture. Applications would be built from these uniservices, communicating over fast interconnects and a shared log. This approach simplifies operating systems while making better use of available hardware resources.

    PublisherDOI

  • Trees and Turtles: Modular Abstractions for State Machine Replication Protocols

    2023-05-02 · 1 citations

    preprintSenior author

    We present two abstractions for designing modular state machine replication (SMR) protocols: trees and turtles. A tree captures the set of possible state machine histories, while a turtle represents a subprotocol that tries to find agreement in this tree. We showcase the applicability of these abstractions by constructing crash-tolerant SMR protocols out of abstract tree turtles and providing examples of tree turtle implementations. The modularity of tree turtles allows a generic approach for adding a leader for liveness. We expect that these abstractions will simplify reasoning and formal verification of SMR protocols as well as facilitate innovation in protocol designs.

    PublisherDOI

  • Charlotte: Reformulating Blockchains into a Web of Composable Attested Data Structures for Cross-Domain Applications

    ACM Transactions on Computer Systems · 2023 · 3 citations

    • Computer Science
    • Computer Science
    • Computer Security

    Cross-domain applications are rapidly adopting blockchain techniques for immutability, availability, integrity, and interoperability. However, for most applications, global consensus is unnecessary and may not even provide sufficient guarantees. We propose a new distributed data structure: Attested Data Structures (ADS), which generalize not only blockchains but also many other structures used by distributed applications. As in blockchains, data in ADSs is immutable and self-authenticating. ADSs go further by supporting application-defined proofs ( attestations ). Attestations enable applications to plug in their own mechanisms to ensure availability and integrity. We present Charlotte , a framework for composable ADSs. Charlotte deconstructs conventional blockchains into more primitive mechanisms. Charlotte can be used to construct blockchains but does not impose the usual global-ordering overhead. Charlotte offers a flexible foundation for interacting applications that define their own policies for availability and integrity. Unlike traditional distributed systems, Charlotte supports heterogeneous trust: different observers have their own beliefs about who might fail, and how. Nevertheless, each observer has a consistent, available view of data. Charlotte’s data structures are interoperable and composable : applications and data structures can operate fully independently or can share data when desired. Charlotte defines a language-independent format for data blocks and a network API for servers. To demonstrate Charlotte’s flexibility, we implement several integrity mechanisms, including consensus and proof of work. We explore the power of disentangling availability and integrity mechanisms in prototype applications. The results suggest that Charlotte can be used to build flexible, fast, composable applications with strong guarantees.

    PublisherDOI

Frequent coauthors

Education

  • Ph.D., Computer Science

    Cornell University

    1992

  • M.S., Computer Science

    University of California, Berkeley

    1987

  • B.S., Computer Science

    University of California, Berkeley

    1985

Awards & honors

  • ACM Fellow
  • Resume-aware match score
  • Save to shortlist
  • AI-drafted outreach

See your match with Robbert van Renesse

PhdFit ranks faculty by your research interests, methods, and publications — grounded in their actual work, not templates.

Join the waitlistHow it works
  • Free to start
  • No credit card
  • 30-second signup