Results 1 
7 of
7
The SLAM project: debugging system software via static analysis
 SIGPLAN Not
"... Abstract. The goal of the SLAM project is to check whether or not a program obeys "API usage rules " that specif[y what it means to be a good client of an API. The SLAM toolkit statically analyzes a C program to determine whether or not it violates given usage rules. The toolkit has two unique aspec ..."
Abstract

Cited by 372 (12 self)
 Add to MetaCart
Abstract. The goal of the SLAM project is to check whether or not a program obeys "API usage rules " that specif[y what it means to be a good client of an API. The SLAM toolkit statically analyzes a C program to determine whether or not it violates given usage rules. The toolkit has two unique aspects: it does not require the programmer to annotate the source program (invariants are inferred); it minimizes noise (false error messages) through a process known as "counterexampledriven refinement". SLAM exploits and extends results fi'om program analysis, model checking and automated deduction.}V ~ have successfully applied the SLAM toolkit to Windows XP device drivers, to both validate behavior and find defects in their usage of kernel APIs. Context. Today, many programmers are realizing the benefits of using languages with static type systems. By providing
Computational Techniques for the Verification and Control of Hybrid Systems
 PROCEEDINGS OF THE IEEE
, 2003
"... Hybrid system theory lies at the intersection of the fields of engineering control theory and computer science verification. It is defined as the modeling, analysis, and control of systems which involve the interaction of both discrete state systems, represented by finite automata, and continuous ..."
Abstract

Cited by 23 (0 self)
 Add to MetaCart
Hybrid system theory lies at the intersection of the fields of engineering control theory and computer science verification. It is defined as the modeling, analysis, and control of systems which involve the interaction of both discrete state systems, represented by finite automata, and continuous state dynamics, represented by differential equations. The embedded autopilot of a modern commercial jet is a prime example of a hybrid system: the autopilot modes correspond to the application of different control laws, and the logic of mode switching is determined by the continuous state dynamics of the aircraft, as well as through interaction with the pilot. Embedded
Symbolic Model Checking of Infinite State Programs Using Presburger Arithmetic
 In Proceedings of International Conference on ComputerAided Verification
, 1996
"... Model checking is a powerful technique for analyzing large, finitestate systems. In an infinite transition system, however, many basic properties are undecidable. In this paper we present a new symbolic model checker which conservatively evaluates safety and liveness properties on infinitestate pr ..."
Abstract

Cited by 14 (0 self)
 Add to MetaCart
Model checking is a powerful technique for analyzing large, finitestate systems. In an infinite transition system, however, many basic properties are undecidable. In this paper we present a new symbolic model checker which conservatively evaluates safety and liveness properties on infinitestate programs. We use Presburger formulas to symbolically encode a program's transition system, as well as its modelchecking computations. All fixpoint calculations are executed symbolically, and their convergence is guaranteed by using approximation techniques. We demonstrate the promise of this technology on some wellknown infinitestate concurrency problems. Keywords Static analysis, symbolic model checking, transition systems, Presburger arithmetic. INTRODUCTION In recent years CTL model checking [5] has emerged as a successful method for verifying large finitestate systems [4, 18]. Two main reasons behind this success are: (1) many of the properties one wants to check are representabl...
A Symbolic Model Checker for ACTL*
 In Proceedings of FMTrends’98, volume 1641 of LNCS
, 1998
"... We present SAM, a symbohc model checker for ACTL, the actionbased version of CTL. SAM rehes on imphcit representations of Labeled Transition Systems (LTSs), the semantic domain for ACTL for mulae, and makes use of symbohc manipulation algorithms. SAM has been realized by translating (networks ..."
Abstract

Cited by 7 (3 self)
 Add to MetaCart
We present SAM, a symbohc model checker for ACTL, the actionbased version of CTL. SAM rehes on imphcit representations of Labeled Transition Systems (LTSs), the semantic domain for ACTL for mulae, and makes use of symbohc manipulation algorithms. SAM has been realized by translating (networks of) LTSs and, possibly recursive, ACTL formulae into BSP (Boolean Symbohc Programming), a program ming language aiming at defining computations on boolean functions, and by using the BSP interpreter to carry out computations (i.e. verifications) .
Timed Automata and Robust Control: Can We Now Control Complex Dynamical Systems?
 Proceedings of the 36th IEEE Conference on Decision and Control
, 1997
"... Two different approaches have emerged in recent years for the analysis and synthesis of hybrid control systems. One approach views the hybrid system as a set of concurrent computer processes whose execution is controlled by continuous variables generated by an external environment. The other approac ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Two different approaches have emerged in recent years for the analysis and synthesis of hybrid control systems. One approach views the hybrid system as a set of concurrent computer processes whose execution is controlled by continuous variables generated by an external environment. The other approach studies hybrid systems as dynamical systems using familiar concepts of stability and robust performance. The development of a systematic framework for the analysis and synthesis of hybrid systems will require the integration of these two perspectives. The objective of this tutorial paper is to highlight some of the recent developments in computer science and control that provide insight into the integration of these two methods.
NASA Contractor Report 4723 Applications of Formal Methods to Specification and Safety of Avionics Software
, 1996
"... This report treats several topics in applications of formal methods to avionics software development. Most of these topics concern decision tables, an orderly, easytounderstand format for formally specifying complex choices among alternative courses of action. The topics relating to decision table ..."
Abstract
 Add to MetaCart
This report treats several topics in applications of formal methods to avionics software development. Most of these topics concern decision tables, an orderly, easytounderstand format for formally specifying complex choices among alternative courses of action. The topics relating to decision tables include: generalizations of decision tables that are more concise and support the use of decision tables in a refinementbased formal software development process; a formalism for systems of decision tables with behaviors; an exposition of Parnas tables for users of decision tables; and test coverage criteria and decision tables. We outline features of a revised version of ORA's decision table tool, Tablewise, which will support many of the new ideas described in this report. We also survey formal safety analysis of specifications and software.
of the PCI Local Bus: A Step Towards IP Core Based SystemOnChip Design Verification
, 1999
"... degree of ..."