We propose an automatic method to enforce trace properties on programs. The programmer specifies the property separately from the program; a program transformer takes the program...
—Formal methods have proved their usefulness for analyzing the security of protocols. Most existing results focus on trace properties like secrecy (expressed as a reachability pr...