It was sad to hear about Peter Neumann’s passing yesterday (May 17th, 2026). I encountered Peter’s work while studying the Rainbow Books in the late 1980s. I got to meet him in 1998 when a Cisco Exec colleague asked me to give a “small networking group” a tour of the FIX-West Internet Exchange Point. Yes, I was meeting with one of the pioneers of Intrusion Detection & Protection (IDP) about a product I was working on at Cisco. Over the years, I would email Peter with questions and always get a response. Funny, four years ago, when I was doing the early re-thinking about the Digital Safety mindset (where your cybersecurity goal is human/societal safety), Peter’s work was dusted off and used again.
Who was Peter Neumann?
Peter Gabriel Neumann dedicated his life to serving the computing community. Born in Manhattan on 21 September 1932, he earned doctorates from Harvard (1961, under Anthony Oettinger; thesis Efficient Error-Limiting Codes) and the Technische Hochschule Darmstadt (Dr. rer. nat., 1960, under Alwin Walther) on a Fulbright fellowship. He spent ten years at Bell Labs co-designing the Multics file system, then over 54 years at SRI International as Principal Scientist and Chief Scientist of the Computer Science Laboratory. Starting 1 August 1985, he founded and personally moderated the ACM RISKS Forum, which became the field’s institutional memory. He wrote or guided 216 consecutive monthly Inside Risks columns in Communications of the ACM, founded the ACM SIGSOFT Software Engineering Notes in 1976 and edited it for 18 years, co-developed the IDES intrusion-detection model with Dorothy Denning, led PSOS, and championed CHERI through to working ARM Morello silicon.
Peter’s Life
Peter Gabriel Neumann (21 September 1932 – 17 May 2026) lived a life focused on service rather than self. He earned his A.B. (1954), S.M. (1955), and Ph.D. (1961) at Harvard under Anthony Oettinger, and a second doctorate (Dr. rer. nat., 1960) from the Technische Hochschule Darmstadt on a Fulbright fellowship with Alwin Walther. As a Harvard undergraduate, he had a memorable two-hour breakfast with Albert Einstein on 8 November 1952. The meeting happened because Einstein had received and valued a mosaic portrait by Peter’s mother, Elsa Schmid. What stayed with Peter for the next seventy-four years was Einstein’s principle: “everything should be made as simple as possible, but no simpler.” His first computing job, in the summer of 1953, was programming an IBM Card-Programmed Calculator for the U.S. Naval Ordnance Laboratory in White Oak, Maryland. This was a four-register machine with no hardware memory, using punched cards for storage. From 1960 to 1970, he worked at Bell Labs in Murray Hill, where he co-designed the Multics file system with Bob Daley. Features such as directory hierarchies, access control lists, dynamic linking, dynamically paged segments, and hardware-supported virtual memory are now part of every modern operating system. He also worked on Multics input-output design with Ken Thompson, Joe Ossanna, and Stan Dunten, introducing symbolic stream names that Thompson later adapted into Unix pipes. He was a Bell Labs member of the Multics Triumvirate with Fernando Corbató at MIT and Charlie Clingen at Honeywell. In September 1971, he joined SRI International’s Computer Science Laboratory and stayed there for over five decades, eventually becoming CSL Chief Scientist and SRI Fellow.
Peter’s community service followed three main paths: the RISKS Forum, Inside Risks, and SIGSOFT. He founded the ACM SIGSOFT Software Engineering Notes in 1976 and edited it for 18 years before passing it to Will Tracz. On 1 August 1985, while chairing the ACM Committee on Computers and Public Policy (until it was reorganized in 2018), Peter started what became the ACM Risks Forum (comp.risks). For over forty years, he personally moderated every issue, turning thousands of cautionary case studies into an institutional memory for the field. From 1990 onward, he wrote or guided over 230 monthly Inside Risks columns for Communications of the ACM, including 216 consecutive months on the back cover, then continued on a roughly quarterly schedule. His most recent CACM piece, Computer-Related Risks and Remediation Challenges, appeared in June 2023. The columns are archived at https://www.csl.sri.com/users/neumann/insiderisks.html, and the RISKS Digest archive is at https://catless.ncl.ac.uk/Risks/.
Peter’s systems work has stood the test of time. PSOS, the Provably Secure Operating System (SRI, 1973–1983), introduced a formally specified, capability-based, layered architecture. The 1979 summary paper with Richard J. Feiertag remains the primary reference. In the mid-1980s, Peter and Dorothy E. Denning co-developed IDES, the Intrusion Detection Expert System, which combined rule-based signature detection with statistical anomaly profiling. The 1985 SRI requirements report for IDES is the direct ancestor of today’s EDR, NDR, and XDR products. Years later, the ideas from PSOS led Peter, along with Robert N. M. Watson and the Cambridge team, to CHERI, a hybrid capability architecture for memory-safe computing. Arm announced Morello, an experimental CHERI-extended ARMv8-A processor, in October 2019 as part of the UK’s £187M UKRI Digital Security by Design Challenge with SRI and Cambridge. Prototype boards shipped to developers in January 2022, marking a forty-year validation of the PSOS approach. Peter’s DARPA CHATS final report, Principled Assuredly Trustworthy Composable Architectures (under “Composable High-Assurance Trustworthy Systems,” DARPA Contract N66001-01-C-8040, dated 28 December 2004), is still the most thorough argument for building trustworthiness from the ground up instead of adding it later.
Peter’s book, Computer-Related Risks (Addison-Wesley/ACM Press, 1995, ISBN 0-201-55805-X, 384pp.), is, as he said, “still very timely … almost everything in the book is still true and still relevant today; in many cases, the situation is even worse.” It remains the main case-driven guide to how computer systems fail and why, using RISKS-curated examples like Therac-25 radiation overdoses, Ariane 5 flight 501, automation surprises in aviation, hospital IT outages, and financial trading glitches. These examples are now standard in safety-critical computing courses worldwide.
Peter also served the public in many ways. He testified before the U.S. Congress, served on the U.S. Government Accountability Office Executive Council on Information Management and Technology, and contributed to National Research Council studies that led to Computers at Risk (1990) and Cryptography’s Role in Securing the Information Society (1996). He co-founded People For Internet Responsibility (PFIR) and the Union for Representative International Internet Cooperation and Analysis (URIICA), and was the principal investigator for the NSF-funded ACCURATE center for election integrity research.
Peter received many honors, though he rarely sought recognition. He was a Fellow of the AAAS, ACM, and IEEE, an SRI Fellow (2000), and received awards such as the ACM Outstanding Contribution Award (1992), EFF Pioneer Award (1996), ACM SIGSOFT Distinguished Service Award (1997), CPSR Norbert Wiener Award for Social and Professional Responsibility (1997, “for excellence in promoting socially responsible use of computing technology”), National Computer System Security Award (NIST/NSA, 2002), ACM SIGSAC Outstanding Contributions Award (2005), CRA Distinguished Service Award (2013), and was one of the first inductees into the National Cyber Security Hall of Fame in 2012. He also received the EPIC Lifetime Achievement Award (2018) and the Albert Nelson Marquis Lifetime Achievement Award (2018). He was just as proud of mentoring Ph.D. students like Drew Dean, Lenny Foner, Chenxi Wang, Rebecca Mercuri, and Michael LeMay, as well as the RISKS Forum subscribers he educated over four decades. Outside of work, he was a lifelong pianist, and his Gilbert & Sullivan and Tom Lehrer sing-alongs became part of his community’s traditions.
Reading Peter’s Work to Honor His Life
Three works to read now, in the age of AI security failures
1. “Risks of Untrustworthiness,” Peter G. Neumann, ACSAC 2006 (Classic Papers track), pp. 321–328.
URL: https://www.csl.sri.com/~neumann/acsac06.pdf — slides: https://www.csl.sri.com/users/neumann/acsac06sl.pdf
Core argument. Peter reviews decades of RISKS case material to make a key point: failures in security, reliability, survivability, and human safety are not just isolated bugs, but a recurring pattern caused by oversimplification, weak system design, and the gap between what systems claim to do and what they actually do. His main slide is clear: “Security is a set of end-to-end total-system emergent properties,” and “Strength in Depth is desirable, but we have Weakness in Depth.” He quotes Einstein — “Everything should be made as simple as possible, but no simpler” — and warns that oversimplifying security leads to flaws.
Why it matters for the AI Vulnpocalypse. The issues Peter described now apply directly to LLM and agentic-AI systems: unexpected behaviors, complexity that makes testing difficult, and “weakness in depth” as each new layer (retrieval, tools, plugins, memory) adds new risks. There is also a constant gap between what vendors claim and what can be proven about security. Prompt injection, in Peter’s terms, is a classic failure of composition between an untrustworthy data layer and a trusted control layer. He warned in 2006 to design for total-system emergent properties, but we built LLM agents anyway.
2. “The Foresight Saga, Redux,” Peter G. Neumann, Communications of the ACM “Inside Risks,” October 2012.
URL: https://www.csl.sri.com/users/neumann/cacm228.pdf — CACM: https://cacm.acm.org/magazines/2012/10/155535-the-foresight-saga-redux/abstract
Core argument. “Short-term thinking is the enemy of the long-term future.” Focusing on ship dates, quarterly results, or minimum features undermines trustworthiness because adding security and reliability later is much harder than building them in from the start. Peter calls for “preplanned evolution” and designing hardware and software together from the beginning, using early CHERI work as an example of long-term thinking that also brings short-term benefits.
Why it matters for the AI Vulnpocalypse. The current problems with model supply chains, training data, and dependencies are exactly what Peter predicted: years of “ship now, secure later” have led to systems where provenance, evaluation, and accountability are being figured out after deployment. Every team rushing to add an LLM to a critical workflow is making the trade-off Peter warned about. His advice — anticipate, specify, and design with foresight — is the simplest and most effective step, but it is often the first to be skipped.
3. “Toward Total-System Trustworthiness,” Peter G. Neumann, Communications of the ACM “Inside Risks,” June 2022, Vol. 65 No. 6, pp. 32–35 (DOI 10.1145/3532631).
URL: https://www.csl.sri.com/~neumann/cacm252.html
Core argument. Trustworthiness comes from the whole system, not just individual parts. Requirements should be specified — ideally in a formal way — at every level, from hardware ISA to hypervisor, OS, and application. In the “Illustrative Applications” section, Peter lists six areas where total-system analysis is crucial but still lacking: cryptography, real-time systems, election integrity, quantum computing, multilevel security, and artificial intelligence. About AI, he writes that “the trustworthiness of systems based on deep learning, neural networks, and many other aspects of what is generally referred to as artificial intelligence is typically difficult to prove or otherwise evaluate, for all possible circumstances … the use of AI would seem very risky in life-critical and other systems with stringent requirements.” He highlights seL4, CertiKOS, and CHERI-Morello as real examples of principled assurance.
Why it matters for the AI Vulnpocalypse. This is Peter’s answer to the AI security crisis, written four years before it became obvious: you cannot have trustworthy AI without trustworthy hardware, OS, and system design underneath. Deep learning systems cannot be made trustworthy just by testing them after the fact. The only real solution is to specify the properties you need, formally if possible, and not deploy systems where you cannot prove those properties. This is the article to share with anyone who says, “We’ll secure the agent later.” A more recent column, Computer-Related Risks and Remediation Challenges (CACM, June 2023), updates the list of failure modes and is also worth reading.
How to honor him by what you do
- Subscribe to the RISKS Forum at https://catless.ncl.ac.uk/Risks/ (or through the ACM list with its new moderators) and read it. The archive exists to help the field remember important lessons.
- Teach using Computer-Related Risks. Choose three chapters that fit your area — assurance, complexity, or human factors — and discuss them with your team over lunch. The chapters on Therac-25, Ariane 5, and automation surprises in aviation are often the most useful starting points.
- Refer to the CHERI work when making the case for memory-safe architectures and capability-based isolation in AI-agent runtimes. The foundations Peter helped build are now in production hardware.
- Use the Inside Risks approach for your AI deployments: list the emergent properties you need, the assumptions you rely on, and the components you do not control. Then check if you can actually demonstrate any of these.
Caveats
- The New York Times obituary at https://www.nytimes.com/2026/05/17/obituaries/peter-g-neumann-dead.html was not accessible to automated retrieval at the time this tribute was prepared. The 17 May 2026 death date is independently corroborated by the authoritative Multicians community site (https://www.multicians.org/multics.html), which posted the notice on the day. Biographical facts above are drawn from Peter’s own SRI Computer Science Laboratory homepage (https://www.csl.sri.com/~neumann/), his SRI and EPIC bios, the IT History Society and Computer History Museum profiles, his published ACSAC and CACM papers, the Wikipedia entry, and the Charles Babbage Institute oral history (University of Minnesota). Any additional direct quotations from the NYT obituary — including the framing of him as a “conscience” of the field and his observation that humans “repeatedly make the same mistakes” — should be inserted from the NYT text once accessible; the substance of that observation is, however, the through-line of every Inside Risks column and is faithfully reflected above.
- Peter G. Neumann (SRI, RISKS) is distinct from Peter R. Neumann (King’s College London, terrorism studies), Peter M. Neumann (Oxford mathematician, 1940–2020), and from John von Neumann (Princeton/IAS, the mathematician); biographical claims and quotations here have been verified to refer specifically to Peter Gabriel Neumann of SRI International.
- Peter valued service over ceremony. The recommendations above reflect that spirit: the best way to honor him is to engage with his work, not just offer praise.