The VLISP project showed how to produce a comprehensively verified implemen tation for a programming language, namely Scheme [4, 15). Some of the major elements in this verification were: * The proof was based on the Clinger-Rees denotational semantics of Scheme given in [15). Our goal was to produce a "warts-and-all" verification of a real language. With very few exceptions, we constrained ourselves to use the se mantic specification as published. The verification was intended to be rigorous, but. not. complet.ely formal, much in the style of ordinary mathematical discourse. Our goal was to verify the algorithms and data types used in the implementat.ion, not their embodiment. in code. See Section 2 for a more complete discussion ofthese issues. Our decision to be faithful to the published semantic specification led to the most difficult portions ofthe proofs; these are discussed in [13, Section 2.3-2.4). * Our implementation was based on the Scheme48 implementation of Kelsey and Rees [17). This implementation t.ranslates Scheme into an intermediate-level "byte code" language, which is interpreted by a virtual machine. The virtual machine is written in a subset of Scheme called PreScheme. The implementationissufficient.ly complete and efficient to allow it to bootstrap itself. We believe that this is the first. verified language implementation with these properties.

This Festschrift volume is published in honor of Catherine A. Meadows and contains essays presented at the Catherine Meadows Festschrift Symposium held in Fredericksburg, VA, USA, in May 2019. Catherine A. Meadows has been a pioneer in developing symbolic formal verification methods and tools. Her NRL Protocol Analyzer, a tool and methodology that embodies symbolic model checking techniques, has been fruitfully applied to the analysis of many protocols and protocol standards and has had an enormous influence in the field. She also developed a new temporal logic to specify protocol properties, as well as new methods for analyzing various kinds of properties beyond secrecy such as authentication and resilience under Denial of Service (DoS) attacks and has made important contributions in other areas such as wireless protocol security, intrusion detection, and the relationship between computational and symbolic approaches to cryptography. This volume contains 14 contributions authored by researchers from Europe and North America. They reflect on the long-term evolution and future prospects of research in cryptographic protocol specification and verification.

The VLISP project showed how to produce a comprehensively verified implemen tation for a programming language, namely Scheme [4, 15). Some of the major elements in this verification were: * The proof was based on the Clinger-Rees denotational semantics of Scheme given in [15). Our goal was to produce a "warts-and-all" verification of a real language. With very few exceptions, we constrained ourselves to use the se mantic specification as published. The verification was intended to be rigorous, but. not. complet.ely formal, much in the style of ordinary mathematical discourse. Our goal was to verify the algorithms and data types used in the implementat.ion, not their embodiment. in code. See Section 2 for a more complete discussion ofthese issues. Our decision to be faithful to the published semantic specification led to the most difficult portions ofthe proofs; these are discussed in [13, Section 2.3-2.4). * Our implementation was based on the Scheme48 implementation of Kelsey and Rees [17). This implementation t.ranslates Scheme into an intermediate-level "byte code" language, which is interpreted by a virtual machine. The virtual machine is written in a subset of Scheme called PreScheme. The implementationissufficient.ly complete and efficient to allow it to bootstrap itself. We believe that this is the first. verified language implementation with these properties.

This book constitutes the refereed proceedings of the first International Conference on Principles of Security and Trust, POST 2012, held in Tallinn, Estonia, in March/April 2012, as part of ETAPS 2012, the European Joint Conferences on Theory and Practice of Software. The 20 papers, presented together with the abstract of an invited talk and a joint-ETAPS paper, were selected from a total of 67 submissions. Topics covered by the papers include: foundations of security, authentication, confidentiality, privacy and anonymity, authorization and trust, network security, protocols for security, language-based security, and quantitative security properties.

The present volume contains the proceedings of the 6th International workshop on Formal Aspects of Security and Trust (fast 2009), held in Eindhoven, The Netherlands, 5-6 November 2009, as part of Formal Methods Week 2009. fast is sponsored by IFIP WG 1.7 on Foundations of Security Analysis and Design. The previous ?ve fast workshop editions have fostered cooperation among researchers in the areas of security and trust, and we aimed to continue this tradition. As computing and networkinfrastructures become increasingly per- sive, and as they carry increasing economic activity, society needs well-matched security and trust mechanisms. These interactions increasingly span several - terprises and involve loosely structured communities of individuals. Participants in these activities must control interactions with their partners based on trust policies and business logic. Trust-based decisions e?ectively determine the se- ritygoalsforsharedinformationandfor accessto sensitiveorvaluableresources. fast sought original papers focusing of formal aspects of: security and trust policy models; security protocol design and analysis; formal models of trust and reputation; logics for security and trust; distributed trust management s- tems; trust-based reasoning; digital assets protection; data protection; privacy and id issues; information ? ow analysis; language-based security; security and trust aspects in ubiquitous computing; validation/analysis tools; Web service security/trust/privacy; grid security; security risk assessment; and case studies. The fast proceedings contain-in addition to an abstract of the invited talk by Anindya Banerjee-revisionsoffull papersacceptedforpresentationat fast.

The present volume contains the proceedings of the 5th International Workshop on Formal Aspects in Security and Trust (FAST 2008), held in Malaga, Spain, October 9-10, 2008. FAST is an event a?liated with the 13th European Sym- sium on Research in Computer Security (ESORICS 2008). FAST 2008 was held under the auspices of the IFIP WG 1.7 on Foundations of Security Analysis and Design. The 5th International Workshop on Formal Aspects in Security and Trust (FAST 2008) aimed at continuing the successful e?ort of the previous three FAST workshop editions for fostering the cooperation among researchers in the areas of security and trust. As computing and network infrastructures become increasingly pervasive, and as they carry increasing economic activity, society needs well-matched security and trust mechanisms. These interactions incre- ingly span several enterprises and involve loosely structured communities of - dividuals. Participants in these activities must control interactions with their partners based on trust policies and business logic. Trust-based decisions - fectively determine the security goals for shared information and for access to sensitive or valuable resources. FAST sought for original papers focusing on formal aspects in: security and trust policy models; security protocol design and analysis; formal models of trustand reputation;logicsfor security andtrust;distributed trust management systems;trust-basedreasoning;digitalassetsprotection;dataprotection;privacy and ID issues; information ?ow analysis; language-based security; security and trust aspects in ubiquitous computing; validation/analysis tools; Web service security/trust/privacy; GRID security; security risk assessment; case studies.