About

Fred B. Schneider is the Samuel B. Eckert Professor of Computer Science and Duffield College Professor at the Department of Computer Science at Cornell University. His research is focused on supporting the construction of concurrent and distributed systems for high-integrity and mission-critical settings, with particular emphasis on fault-tolerance and security. Throughout his career, he has contributed to the development of fault-tolerant services, security protocols, and trustworthy computing systems, and has been involved in numerous projects and initiatives related to cybersecurity, dependable computing, and cyber-resilience. Professor Schneider has held various leadership roles in academia, industry, and government advisory boards, including serving as a Professor-at-Large at the University of Tromsø, Editor-in-Chief of the journal Distributed Computing, and co-director of the CCC Leadership in Science Policy Institute. He has been a member of the National Research Council's Computer Science and Telecommunications Board and the Forum on Cyber-Resilience, where he has contributed to shaping research and policy in cybersecurity and dependable systems. His professional activities include chairing and participating in numerous study groups, advisory committees, and panels for organizations such as DARPA, NSF, and the Department of Defense. His numerous awards and honors include Fellowships in the American Association for the Advancement of Science, the Association for Computing Machinery, and the Institute of Electrical and Electronics Engineers, as well as prestigious recognitions such as the IEEE Emanuel R. Piore Award, the ACM SIGOPS Hall of Fame Award, and election to the National Academy of Engineering and the American Academy of Arts & Sciences. Professor Schneider's work has significantly influenced the fields of fault-tolerant computing, cybersecurity, and distributed systems, and he continues to contribute to advancing research and policy in these areas.

Research topics

• Computer Science
• Computer Security
• Artificial Intelligence
• Theoretical computer science
• Political Science
• Software engineering
• Systems engineering
• Engineering
• Embedded system
• Mathematics
• Law
• Programming language
• Operating system

Selected publications

• Accountability, Involvement, and Mediation for Information Flow

  2025-06-16

  article

  Explainability and transparency of computations, as well as compliance with data-privacy requirements, presuppose an understanding of whether some input plays a non-trivial role in computing an output. However, difficulty in distinguishing between correlation and actual usage in computation, along with possible correlations between inputs, makes determination of such accountability challenging. A flow definition is presented that can make this distinction. The definition enables the construction of accountability evidence to establish how an input is computed based on an output, in terms of the intermediate variables used. Intermediate variables can also serve as mediation points that fully block information flow from an input to an output. A connection between accountability and mediation is established by showing the role of mediation points for constructing accountability evidence.

  PublisherDOI

• Software Bill of Materials as a Proactive Defense

  IEEE Security & Privacy · 2025-03-01 · 2 citations

  articleSenior author

  The recently mandated software bill of materials (SBOM) is intended to help mitigate software supply-chain risk. We discuss extensions that would enable an SBOM to serve as a basis for making trust assessments thus also serving as a proactive defense.

  PublisherDOI

• Composable Mission-Critical Embedded System Architecture for High Assurance

  2024-09-23 · 1 citations

  articleSenior author

  Mission-critical systems must go through a laborious and lengthy high assurance certification process. Slight modifications of a certified system often trigger a new certification cycle. We have leveraged a Modular Open Systems Approach (MOSA) and developed a composable Embedded-Security-as-a-Service (ESaaS) architecture for mission-critical embedded systems. A zero-trust approach has been applied to incorporate security and resilience technologies and address mission assurance requirements. In this paper, we discuss an ecosystem that supports the acquisition and certification processes of high assurance ESaaS modular embedded systems for critical missions.

  PublisherDOI

• Security-as-a-Service for Embedded Systems

  MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM) · 2023 · 4 citations

  Senior authorCorresponding
  • Computer Science
  • Computer Security
  • Computer Science

  In order to promote competition and technology refresh, the Department of Defense (DoD) has required the use of a Modular Open Systems Approach (MOSA) for the acquisition and implementation of embedded systems. Designing security and mission assurance for MOSA systems often relies upon payload specific, potentially inadequate, and difficult to update schemes. Our goal is to develop a physically separated Embedded Security-as-a-Service (ESaaS) function as a payload agnostic, updatable security manager for MOSA systems. In this paper, we describe the ongoing development of an ESaaS module for securing embedded systems that align with DoD standards, OpenVPX and Sensor Open Systems Architecture (SOSA).

  PublisherDOI

• Zero Trust Architecture Approach for Developing Mission Critical Embedded Systems

  2023-09-25 · 6 citations

  articleSenior author

  This paper describes a Zero Trust Architecture (ZTA) approach for the survivability development of mission critical embedded systems. Designers could use ZTA as a systems analysis tool to explore the design space. The ZTA concept of “never trust, always verify” is being leveraged in the design process to guide the selection of security and resilience features for the codesign of functionality, performance, and survivability. The design example of a small drone for survivability is described along with the explanation of the ZTA approach.

  PublisherDOI

• Evoking Whitehead’s Dictum

  ACM eBooks · 2022-07-12

  book-chapter1st authorCorresponding

  chapter Share on Evoking Whitehead's Dictum Author: Fred B. Schneider View Profile Authors Info & Claims Edsger Wybe Dijkstra: His Life,Work, and LegacyJuly 2022 Pages 445–454https://doi.org/10.1145/3544585.3544614Published:13 July 2022Publication History 0citation4DownloadsMetricsTotal Citations0Total Downloads4Last 12 Months4Last 6 weeks1 Get Citation AlertsNew Citation Alert added!This alert has been successfully added and will be sent to:You will be notified whenever a record that you have chosen has been cited.To manage your alert preferences, click on the button below.Manage my Alerts New Citation Alert!Please log in to your account Save to BinderSave to BinderCreate a New BinderNameCancelCreateExport CitationPublisher SiteGet Access

  PublisherDOI

• Causal network telemetry

  2022-12-01 · 2 citations

  articleSenior author

  Current approaches to network observability rely on techniques like active probing, packet sampling, and path-level telemetry, which only provide a partial view. This paper presents causal telemetry, a new model that adapts ideas from distributed systems to the network setting. Causal telemetry captures causal relationships between events, including those that take place on physically separated devices. We motivate causal telemetry through examples, we show how it can be used to diagnose anomalies and faults, and we present algorithms for constructing the needed causal graphs from network executions. We develop a P4-based prototype implementation, CoCaTel, and discuss a case study that uses causal telemetry to detect Priority-Based Flow Control (PFC) deadlocks.

  PublisherDOI

• Verifying Hyperproperties With TLA

  2021 · 15 citations

  Senior authorCorresponding
  • Computer Science
  • Computer Science
  • Programming language

  Hyperproperties generalize ordinary properties by expressing relations among multiple executions of a system. Self-composition has been used to reduce verifying that a system satisfies certain classes of Hyperproperties to verifying that a derived system satisfies an ordinary property. By describing systems and their properties in the temporal logic TLA, we use self-composition to handle a larger class of Hyperproperties that includes those we have seen that express security conditions. TLA tools are used to verify that high-level designs of industrial systems satisfy properties. Now, they can also verify that those systems satisfy these Hyperproperties. No prior knowledge of Hyperproperties or TLA is assumed.

  PublisherDOI

• A Research Ecosystem for Secure Computing

  arXiv (Cornell University) · 2021-01-04 · 1 citations

  preprintOpen access

  Computing devices are vital to all areas of modern life and permeate every aspect of our society. The ubiquity of computing and our reliance on it has been accelerated and amplified by the COVID-19 pandemic. From education to work environments to healthcare to defense to entertainment - it is hard to imagine a segment of modern life that is not touched by computing. The security of computers, systems, and applications has been an active area of research in computer science for decades. However, with the confluence of both the scale of interconnected systems and increased adoption of artificial intelligence, there are many research challenges the community must face so that our society can continue to benefit and risks are minimized, not multiplied. Those challenges range from security and trust of the information ecosystem to adversarial artificial intelligence and machine learning. Along with basic research challenges, more often than not, securing a system happens after the design or even deployment, meaning the security community is routinely playing catch-up and attempting to patch vulnerabilities that could be exploited any minute. While security measures such as encryption and authentication have been widely adopted, questions of security tend to be secondary to application capability. There needs to be a sea-change in the way we approach this critically important aspect of the problem: new incentives and education are at the core of this change. Now is the time to refocus research community efforts on developing interconnected technologies with security "baked in by design" and creating an ecosystem that ensures adoption of promising research developments. To realize this vision, two additional elements of the ecosystem are necessary - proper incentive structures for adoption and an educated citizenry that is well versed in vulnerabilities and risks.

  PublisherOA PDFDOI

• Implementing insider defenses

  Communications of the ACM · 2021-04-26 · 2 citations

  articleOpen access

  How to avoid insider cyber-attacks by creating a corporate culture that infuses trust.

  PublisherOA PDFDOI

Frequent coauthors

• David Gries

  58 shared

• Leslie Lamport

  25 shared

• Robbert van Renesse

  Cornell University

  24 shared

• Bowen Alpern

  Lehman College

  24 shared

• Miguel Revilla

  Universidad de Zaragoza

  16 shared

• Lesley Poliner

  University of Georgia

  16 shared

• Wayne Yuhasz

  Cornell University

  16 shared

• Joe O'rourke

  Stony Brook University

  16 shared

Education

• B.S., Engineering

  Cornell University

  1975

• Ph.D.

  Stony Brook University

  1978

Awards & honors

• 2018 Edsger W. Dijkstra Prize in Distributed Computing
• Jean-Claude Laprie Award in Dependable Computing
• Fellow of the American Association for the Advancement of Sc…
• Fellow of the Institute of Electrical and Electronics Engine…
• Fellow of the Association for Computing Machinery (1995)