Results 1  10
of
102
Tragic Loss or Good Riddance? The Impending Demise of Traditional Scholarly Journals
 INTERNATIONAL JOURNAL OF HUMANCOMPUTER STUDIES
, 1995
"... Traditional printed journals are a familiar and comfortable aspect of scholarly work. They have been the primary means of communicating research results, and as such have performed an invaluable service. However, they are. ..."
Abstract

Cited by 102 (12 self)
 Add to MetaCart
Traditional printed journals are a familiar and comfortable aspect of scholarly work. They have been the primary means of communicating research results, and as such have performed an invaluable service. However, they are.
TAME: Using PVS strategies for specialpurpose theorem proving
 Annals of Mathematics and Arti cial Intelligence
, 2000
"... TAME (Timed Automata Modeling Environment), an interface to the theorem proving system PVS, is designed for proving properties of three classes of automata: I/O automata, LynchVaandrager timed automata, and SCR automata. TAME provides templates for specifying these automata, a set of auxiliary theo ..."
Abstract

Cited by 48 (14 self)
 Add to MetaCart
(Show Context)
TAME (Timed Automata Modeling Environment), an interface to the theorem proving system PVS, is designed for proving properties of three classes of automata: I/O automata, LynchVaandrager timed automata, and SCR automata. TAME provides templates for specifying these automata, a set of auxiliary theories, and a set of specialized PVS strategies that rely on these theories and on the structure of automata speci cations using the templates. Use of the TAME strategies simpli es the process of proving automaton properties, particularly state and transition invariants. TAME provides two types of strategies: strategies for \automatic " proof and strategies designed to implement \natural " proof steps, i.e., proof steps that mimic the highlevel steps in typical natural language proofs. TAME's \natural " proof steps can be used both to mechanically check hand proofs in a straightforward way and to create proof scripts that can be understood without executing them in the PVS proof checker. Several new PVS features can be used to obtain better control and e ciency in userde ned strategies such asthose used in TAME. This paper describes the TAME strategies, their use, and how their implementation exploits the structure of speci cations and various PVS features. It also describes several features, currently unsupported in PVS, that would either allow additional \natural" proof steps in TAME or allow existing TAME proof steps to be improved. Lessons learned from TAME relevant to the development of similar specialized interfaces to PVS or other theorem provers are discussed.
A Partition Model of Granular Computing
 LNCS Transactions on Rough Sets
, 2004
"... There are two objectives of this chapter. One objective is to examine the basic principles and issues of granular computing. We focus on the tasks of granulation and computing with granules. From semantic and algorithmic perspectives, we study the construction, interpretation, and representation ..."
Abstract

Cited by 44 (14 self)
 Add to MetaCart
(Show Context)
There are two objectives of this chapter. One objective is to examine the basic principles and issues of granular computing. We focus on the tasks of granulation and computing with granules. From semantic and algorithmic perspectives, we study the construction, interpretation, and representation of granules, as well as principles and operations of computing and reasoning with granules. The other objective is to study a partition model of granular computing in a settheoretic setting. The model is based on the assumption that a finite set of universe is granulated through a family of pairwise disjoint subsets. A hierarchy of granulations is modeled by the notion of the partition lattice.
Verification of a leader election protocol  formal methods applied to IEEE 1394
 IEEE 1394. Formal Methods in System Design
, 1997
"... The IEEE 1394 high performance serial multimedia bus protocol allows several components to communicate with each other at high speed. In this paper we present a formal model and verification of a leader election algorithm that forms the core of the tree identify phase of the physical layer of the 13 ..."
Abstract

Cited by 35 (7 self)
 Add to MetaCart
(Show Context)
The IEEE 1394 high performance serial multimedia bus protocol allows several components to communicate with each other at high speed. In this paper we present a formal model and verification of a leader election algorithm that forms the core of the tree identify phase of the physical layer of the 1394 protocol. We describe the algorithm formally in the I/O automata model of Lynch and Tuttle, and verify that for an arbitrary tree topology exactly one leader is elected. A large part of our verification has been checked mechanically with PVS, a verification system for higherorder logic.
Composition: A Way to Make Proofs Harder
 Lecture
, 1997
"... Compositional reasoning about a system means writing its specification as the parallel composition of components and reasoning separately about each component. When distracting language issues are removed and the underlying mathematics is revealed, compositional reasoning is seen to be of little use ..."
Abstract

Cited by 33 (0 self)
 Add to MetaCart
(Show Context)
Compositional reasoning about a system means writing its specification as the parallel composition of components and reasoning separately about each component. When distracting language issues are removed and the underlying mathematics is revealed, compositional reasoning is seen to be of little use.
Guaranteed proofs using interval arithmetic
 Proceedings of the 17th Symposium on Computer Arithmetic, Cape Cod
, 2005
"... This paper presents a set of tools for mechanical reasoning of numerical bounds using interval arithmetic. The tools implement two techniques for reducing decorrelation: interval splitting and Taylor’s series expansions. Although the tools are designed for the proof assistant system PVS, expertise o ..."
Abstract

Cited by 28 (15 self)
 Add to MetaCart
(Show Context)
This paper presents a set of tools for mechanical reasoning of numerical bounds using interval arithmetic. The tools implement two techniques for reducing decorrelation: interval splitting and Taylor’s series expansions. Although the tools are designed for the proof assistant system PVS, expertise on PVS is not required. The ultimate goal of the tools is to provide guaranteed proofs of numerical properties with a minimal humantheorem prover interaction. 1
Proving Invariants of I/O Automata with TAME
, 2002
"... This paper describes a specialized interface to PVS called TAME (Timed Automata Modeling Environment) which provides automated support for proving properties of I/O automata. A major goal of TAME is to allow a software developer to use PVS to specify and prove properties of an I/O automaton efficie ..."
Abstract

Cited by 20 (12 self)
 Add to MetaCart
This paper describes a specialized interface to PVS called TAME (Timed Automata Modeling Environment) which provides automated support for proving properties of I/O automata. A major goal of TAME is to allow a software developer to use PVS to specify and prove properties of an I/O automaton efficiently and without first becoming a PVS expert. To accomplish this goal, TAME provides a template that the user completes to specify an I/O automaton and a set of proof steps natural for humans to use for proving properties of automata. Each proof step is implemented by a PVS strategy and possibly some auxiliary theories that support that strategy. We have used the results of two recent formal methods studies as a basis for two case studies to evaluate TAME. In the first formal methods study, Romijn used I/O automata to specify and verify memory and remote procedure call components of a concurrent system. In the second formal methods study, Devillers et al. specified a tree identify protocol (TIP), part of the IEEE 1394 bus protocol, and provided hand proofs of TIP properties. Devillers also used PVS to specify TIP and to check proofs of TIP properties. In our first case study, the third author, a new TAME user with no previous PVS experience, used TAME to create PVS specifications of the I/O automata formulated by Romijn and Devillers et al. and to check their hand proofs. In our second case study, the TAME approach to verification was compared with an alternate approach by Devillers which uses PVS directly.
Verifying safety properties with the TLA+ proof system
 In Jürgen Giesl and Reiner Hähnle, editors, Intl. Joint Conf. Automated Reasoning (IJCAR 2010), volume 6173 of Lecture Notes in Computer Science
, 2010
"... TLAPS, the TLA+ proof system, is a platform for the development and mechanical verification of TLA+ proofs. The TLA+ proof language is declarative, and understanding proofs requires little background beyond elementary mathematics. The language supports hierarchical and nonlinear proof construction ..."
Abstract

Cited by 18 (8 self)
 Add to MetaCart
(Show Context)
TLAPS, the TLA+ proof system, is a platform for the development and mechanical verification of TLA+ proofs. The TLA+ proof language is declarative, and understanding proofs requires little background beyond elementary mathematics. The language supports hierarchical and nonlinear proof construction and verification, and it is independent of any verification tool or strategy. Proofs are written in the same language as specifications; engineers do not have to translate their highlevel designs into the language of a particular verification tool. A proof manager interprets a TLA+ proof as a collection of proof obligations to be verified, which it sends to backend verifiers that include theorem provers, proof assistants, SMT solvers, and decision procedures. The first public release of TLAPS is available from [1], distributed with a BSDlike license. It handles almost all the nontemporal part of TLA+ as well as the temporal reasoning needed to prove standard safety properties, in particular invariance and step simulation, but not liveness properties. Intuitively, a safety property asserts what is permitted to happen; a liveness property asserts what must happen; for a more formal overview, see [3, 10]. 2
Structured Calculational Proof
, 1996
"... We propose a new format for writing proofs, which we call structured calculational proof. The format is similar to the calculational style of proof already familiar to many computer scientists, but extends it by allowing large proofs to be hierarchically decomposed into smaller ones. In fact, struc ..."
Abstract

Cited by 16 (9 self)
 Add to MetaCart
(Show Context)
We propose a new format for writing proofs, which we call structured calculational proof. The format is similar to the calculational style of proof already familiar to many computer scientists, but extends it by allowing large proofs to be hierarchically decomposed into smaller ones. In fact, structured calculational proof can be seen as an alternative presentation of natural deduction. Natural deduction is a well established style of reasoning which uses hierarchical decomposition to great effect, but which is traditionally expressed in a notation that is inconvenient for writing calculational proofs. The hierarchical nature of structured calculational proofs can be used for proof browsing. We comment on how browsing can increase the value of a proof, and discuss the possibilities offered by electronic publishing for the presentation and dissemination of papers containing browsable proofs. Note: This paper is also available as Australian National University Joint Computer Science Tec...
Program derivation with verified transformations  A case study
 Comm. Pure Appl. Math
, 1995
"... ..."