Project DEPLOY Grant Agreement 214158 "Industrial deployment of advanced system engineering methods for high productivity and dependability"

[1]  P. Haggard Look and feel , 2001, Trends in Cognitive Sciences.

[2]  Pim Kars,et al.  Formal Methods in the Design of s Storm Surge Barrier Control System , 1996, European Educational Forum: School on Embedded Systems.

[3]  Dominique Cansell,et al.  Formal Construction of a Non-blocking Concurrent Queue Algorithm (a Case Study in Atomicity) , 2005, J. Univers. Comput. Sci..

[4]  Dominique Cansell,et al.  Proved-Patterns-Based Development for Structured Programs , 2007, CSR.

[5]  Larry Apfelbaum,et al.  Model Based Testing , 1997 .

[6]  Constance L. Heitmeyer Formal Methods for Specifying, Validating, and Verifying Requirements , 2007, J. Univers. Comput. Sci..

[7]  Stefan Hallerstede,et al.  Proving Quicksort Correct in Event-B , 2009, REFINE@FMWeek.

[8]  Jonathan P. Bowen,et al.  The Industrial Take-up of Formal Methods in Safety-Critical and Other Areas: A Perspective , 1993, FME.

[9]  Cliff B. Jones,et al.  The Role of Auxiliary Variables in the Formal Development of Concurrent Programs , 2010, Reflections on the Work of C. A. R. Hoare.

[10]  B. Prothman,et al.  Meta data , 2000 .

[11]  Jim Woodcock,et al.  A Chain Datatype in Z , 2009, Int. J. Softw. Informatics.

[12]  Dominique Méry,et al.  Cryptologic protocols analysis using proof-based patterns , 2009 .

[13]  Jann Röder,et al.  Relevance filters for event-B , 2010 .

[14]  Marvin V. Zelkowitz,et al.  Lessons learned from 25 years of process improvement: the rise and fall of the NASA software engineering laboratory , 2002, Proceedings of the 24th International Conference on Software Engineering. ICSE 2002.

[15]  Jean-Raymond Abrial,et al.  The B-book - assigning programs to meanings , 1996 .

[16]  Michael J. Butler,et al.  Event-B Code Generation: Type Extension with Theories , 2012, ABZ.

[17]  Frank Piessens,et al.  Safe concurrency for aggregate objects with invariants , 2005, Third IEEE International Conference on Software Engineering and Formal Methods (SEFM'05).

[18]  Jonathan P. Bowen,et al.  Ten Commandments of Formal Methods , 1995, Computer.

[19]  Susan Owicki,et al.  An axiomatic proof technique for parallel programs I , 1976, Acta Informatica.

[20]  Jean-Raymond Abrial,et al.  Formal Methods: Theory Becoming Practice , 2007, J. Univers. Comput. Sci..

[21]  Jane Hillston,et al.  Process algebras for quantitative analysis , 2005, 20th Annual IEEE Symposium on Logic in Computer Science (LICS' 05).

[22]  Michael J. Butler,et al.  Formal Modelling for Ada Implementations: Tasking Event-B , 2012, Ada-Europe.

[23]  Andrew Ireland,et al.  The Use of Planning Critics in Mechanizing Inductive Proofs , 1992, LPAR.

[24]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[25]  Cliff B. Jones,et al.  An Approach to Splitting Atoms Safely: Extended Abstract , 2006, MFPS.

[26]  Ionuţ Dincǎ Multi-objective Test Suite Optimization for Event-B Models , 2011 .

[27]  John Lygeros,et al.  Design of an extended architecture for degraded modes of operation of IVHS , 1995, Proceedings of 1995 American Control Conference - ACC'95.

[28]  Cliff B. Jones,et al.  Atomicity: A Unifying Concept in Computer Science , 2007, J. Univers. Comput. Sci..

[29]  Anas N. Al-Rabadi,et al.  A comparison of modified reconstructability analysis and Ashenhurst‐Curtis decomposition of Boolean functions , 2004 .

[30]  Mingsheng Ying,et al.  Reasoning about probabilistic sequential programs in a probabilistic logic , 2003, Acta Informatica.

[31]  Harry D. Foster,et al.  Assertion-Based Design , 2010 .

[32]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[33]  Jonathan P. Bowen,et al.  Seven More Myths of Formal Methods , 1995, IEEE Softw..

[34]  Matthias Schmalz Term rewriting in logics of partial functions , 2011, FM 2011.

[35]  Alexander Romanovsky,et al.  Refinement Patterns for Fault Tolerant Systems , 2008, 2008 Seventh European Dependable Computing Conference.

[36]  Victor Carreño,et al.  Formal verification of conflict detection algorithms , 2001, International Journal on Software Tools for Technology Transfer.

[37]  Jean-Raymond Abrial,et al.  Modeling in event-b - system and software engineering by Jean-Raymond Abrial , 2010, SOEN.

[38]  Peter Gorm Larsen,et al.  Applying Formal Specification in Industry , 1996, IEEE Softw..

[39]  Michael Butler,et al.  Tasking Event-B: An Extension to Event-B for Generating Concurrent Code , 2011 .

[40]  Alonzo Church,et al.  A formulation of the simple theory of types , 1940, Journal of Symbolic Logic.

[41]  Fernando Luís Dotti,et al.  Structuring Specifications with Modes , 2009, 2009 Fourth Latin-American Symposium on Dependable Computing.

[42]  Michael J. Butler,et al.  Automatic Testing from Formal Specifications , 2007, TAP.

[43]  Emre Yilmaz Tool support for qualitative reasoning in event-B , 2010 .

[44]  John Derrick,et al.  Mechanizing a Correctness Proof for a Lock-Free Concurrent Stack , 2008, FMOODS.

[45]  Ernst-Rüdiger Olderog,et al.  Proof Rules and Transformations Dealing with Fairness , 1983, Sci. Comput. Program..

[46]  Joris Rehm Proved development of the real-time properties of the IEEE 1394 Root Contention Protocol with the event-B method , 2009, International Journal on Software Tools for Technology Transfer.

[47]  Michael O. Rabin,et al.  The choice coordination problem , 1982, Acta Informatica.

[48]  Colin F. Snook,et al.  UML-B: Formal modeling and design aided by UML , 2006, TSEM.

[49]  Maged M. Michael,et al.  Nonblocking Algorithms and Preemption-Safe Locking on Multiprogrammed Shared Memory Multiprocessors , 1998, J. Parallel Distributed Comput..

[50]  John Kelly,et al.  Experiences Using Lightweight Formal Methods for Requirements Modeling , 1998, IEEE Trans. Software Eng..

[51]  John C. Mitchell,et al.  Games and the Impossibility of Realizable Ideal Functionality , 2006, TCC.

[52]  Alexei Iliasov,et al.  On fault tolerance reuse during refinement , 2010, SERENE.

[53]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[54]  Edsger W. Dijkstra,et al.  A Discipline of Programming , 1976 .

[55]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[56]  Cliff B. Jones,et al.  Splitting atoms safely , 2007, Theor. Comput. Sci..

[57]  Jörg Kienzle,et al.  Addressing degraded service outcomes and exceptional modes of operation in behavioural models , 2008, SERENE '08.

[58]  Cliff B. Jones,et al.  Software development - a rigorous approach , 1980, Prentice Hall international series in computer science.

[59]  Stephan Schulz,et al.  E - a brainiac theorem prover , 2002, AI Commun..

[60]  Lawrence Charles Paulson,et al.  Isabelle/HOL: A Proof Assistant for Higher-Order Logic , 2002 .

[61]  Edmund M. Clarke,et al.  Formal Verification of Curved Flight Collision Avoidance Maneuvers: A Case Study , 2009, FM.

[62]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[63]  Cliff B. Jones,et al.  Systematic software development using VDM , 1986, Prentice Hall International Series in Computer Science.

[64]  Ron Bell,et al.  Introduction to IEC 61508 , 2006 .

[65]  Alan Bundy,et al.  Learning from Experts to Aid the Automation of Proof Search. , 2009 .

[66]  Max Jacobson,et al.  A Pattern Language: Towns, Buildings, Construction , 1981 .

[67]  Geoff Sutcliffe,et al.  Divvy: An ATP Meta-system Based on Axiom Relevance Ordering , 2009, CADE.

[68]  Andrew Ireland,et al.  Proof planning for strategy development , 2001, Annals of Mathematics and Artificial Intelligence.

[69]  Thomas A. Henzinger,et al.  Automatic Symbolic Verification of Embedded Systems , 1996, IEEE Trans. Software Eng..

[70]  Ben L. Di Vito,et al.  Formalizing space shuttle software requirements: four case studies , 1998, TSEM.

[71]  Jean-Raymond Abrial,et al.  Event Model Decomposition , 2009 .

[72]  Eerke A. Boiten,et al.  Formal Program Development with Approximations , 2005, ZB.

[73]  Ivar Jacobson,et al.  Object-oriented software engineering - a use case driven approach , 1993, TOOLS.

[74]  Fernando Luís Dotti,et al.  Modal Systems: Specification, Refinement and Realisation , 2009, ICFEM.

[75]  Anthony Hall,et al.  Seven myths of formal methods , 1990, IEEE Software.

[76]  Michael Butler,et al.  The Rodin formal modelling tool , 2007 .

[77]  Michael J. Butler,et al.  ProB: an automated analysis toolset for the B method , 2008, International Journal on Software Tools for Technology Transfer.

[78]  Michael J. Butler,et al.  An Open Extensible Tool Environment for Event-B , 2006, ICFEM.

[79]  Stephen Gilmore,et al.  The PEPA Workbench: A Tool to Support a Process Algebra-based Approach to Performance Modelling , 1994, Computer Performance Evaluation.

[80]  Kent L. Beck,et al.  Test-driven Development - by example , 2002, The Addison-Wesley signature series.

[81]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[82]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[83]  Arvind,et al.  Getting Formal Verification into Design Flow , 2008, FM.

[84]  Eerke A. Boiten From ABZ to Cryptography , 2008, ABZ.

[85]  Dominique Cansell,et al.  A Mechanically Proved and Incremental Development of IEEE 1394 Tree Identify Protocol , 2003, Formal Aspects of Computing.

[86]  Ivar Jacobson,et al.  Object Oriented Development in an Industrial Environment , 1987, OOPSLA.

[87]  Sebastian Wieczorek,et al.  Improving Testing of Enterprise Systems by Model-Based Testing on Graphical User Interfaces , 2010, 2010 17th IEEE International Conference and Workshops on Engineering of Computer Based Systems.

[88]  Leo Freitas Mechanising Data-Types for Kernel Design in Z , 2009, SBMF.

[89]  Alexander Romanovsky,et al.  Formal Modelling and Analysis of Business Information Applications with Fault Tolerant Middleware , 2009, 2009 14th IEEE International Conference on Engineering of Complex Computer Systems.

[90]  Tony Cant Proceedings of the eleventh Australian workshop on Safety critical systems and software - Volume 69 , 2001 .

[91]  Dominique Méry,et al.  Refinement-Based Guidelines for Algorithmic Systems , 2009, Int. J. Softw. Informatics.

[92]  Stephen Wright,et al.  Using EventB to Create a Virtual Machine Instruction Set Architecture , 2008, ABZ.

[93]  Frédéric Boussinot,et al.  The ESTEREL language , 1991, Proc. IEEE.

[94]  Michael J. Butler,et al.  A Roadmap for the Rodin Toolset , 2008, ABZ.

[95]  Alan Bundy,et al.  Automatic verification of functions with accumulating parameters , 1999, Journal of Functional Programming.

[96]  H. R. Simpson,et al.  New algorithms for asynchronous communication , 1997 .

[97]  Alessandro Fantechi,et al.  A Story About Formal Methods Adoption by a Railway Signaling Manufacturer , 2006, FM.

[98]  Florentin Ipate,et al.  Towards Search-Based Testing for Event-B Models , 2011, 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops.

[99]  Michael Jastram,et al.  Requirements Modeling Framework , 2011 .

[100]  R. Cramer,et al.  Multiparty Computation, an Introduction , 2005 .

[101]  Thai Son Hoang,et al.  Rodin: an open toolset for modelling and reasoning in Event-B , 2010, International Journal on Software Tools for Technology Transfer.

[102]  Dominique Cansell,et al.  Designing Old and New Distributed Algorithms by Replaying an Incremental Proof-Based Development , 2009, Rigorous Methods for Software Construction and Analysis.

[103]  Michael Butler,et al.  Tool Support for Event-B Code Generation , 2010 .

[104]  Florentin Ipate,et al.  Test Data Generation for Event-B Models Using Genetic Algorithms , 2011, ICSECS.

[105]  Dominique Cansell,et al.  System-on-chip design by proof-based refinement , 2009, International Journal on Software Tools for Technology Transfer.

[106]  Álvaro Enrique Arenas,et al.  Towards Modelling Obligations in Event-B , 2008, ABZ.

[107]  Hermann Kopetz,et al.  Dependability: Basic Concepts and Terminology , 1992 .

[108]  Michael Leuschel,et al.  Developing Camille, a text editor for Rodin , 2011, Softw. Pract. Exp..

[109]  Florentin Ipate,et al.  Learn and Test for Event-B - A Rodin Plugin , 2012, ABZ.

[110]  Barry W. Boehm,et al.  Software Engineering Economics , 1993, IEEE Transactions on Software Engineering.

[111]  Matthias Schmalz The logic of event-B , 2011 .

[112]  Egon Börger,et al.  Abstract State Machines. A Method for High-Level System Design and Analysis , 2003 .

[113]  Tong Yi,et al.  Measuring Z specifications , 2004, SOEN.

[114]  Andrew Edmunds,et al.  From Event-B models to code: sensing, actuating, and the environment , 2011 .

[115]  Andrei Voronkov,et al.  The design and implementation of VAMPIRE , 2002, AI Commun..

[116]  Cliff B. Jones,et al.  The Transition from VDL to VDM , 2001, J. Univers. Comput. Sci..

[117]  Patrik Berander,et al.  A goal question metric based approach for efficient measurement framework definition , 2006, ISESE '06.

[118]  Gérard Berry,et al.  The foundations of Esterel , 2000, Proof, Language, and Interaction.

[119]  Thai Son Hoang,et al.  Qualitative Probabilistic Modelling in Event-B , 2007, IFM.

[120]  Goran Frehse PHAVer: Algorithmic Verification of Hybrid Systems Past HyTech , 2005, HSCC.

[121]  Sandro Morasca,et al.  Applying GQM in an industrial software factory , 1998, TSEM.

[122]  John Barnes,et al.  Programming in Ada 2005 , 2006 .

[123]  K. Rustan M. Leino,et al.  The Spec# Programming System: An Overview , 2004, CASSIS.

[124]  G. Reeves,et al.  The Mars Rover Spirit FLASH anomaly , 2005, 2005 IEEE Aerospace Conference.

[125]  Matthew John Squair,et al.  Issues in the application of software safety standards , 2006 .

[126]  Kerstin Eder,et al.  Using Event-B to construct instruction set architectures , 2009, Formal Aspects of Computing.

[127]  Michael Leuschel,et al.  Mapping Requirements to B models , 2009 .

[128]  Dominique Cansell,et al.  Click'n Prove: Interactive Proofs within Set Theory , 2003, TPHOLs.

[129]  Lawrence C. Paulson,et al.  The foundation of a generic theorem prover , 1989, Journal of Automated Reasoning.

[130]  Gudmund Grov,et al.  Reasoned modelling critics: Turning failed proofs into modelling guidance , 2013, Sci. Comput. Program..

[131]  C. A. R. Hoare,et al.  An axiomatic basis for computer programming , 1969, CACM.

[132]  Raoul Praful Jetley,et al.  A formal methods approach to medical device review , 2006, Computer.

[133]  Michael A. Jackson,et al.  Problem Frames - Analysing and Structuring Software Development Problems , 2000 .

[134]  Farhad Mehta,et al.  Proofs for the working engineer , 2008 .

[135]  Jonathan P. Bowen,et al.  Ten Commandments of Formal Methods ...Ten Years Later , 2006, Computer.

[136]  Michael Butler,et al.  UML-B and Event-B: an integration of languages and tools , 2008, ICSE 2008.

[137]  Ellis Horowitz,et al.  Software Cost Estimation with COCOMO II , 2000 .

[138]  C. A. R. Hoare,et al.  The verifying compiler: A grand challenge for computing research , 2003, JACM.

[139]  Michael G. Hinchey Confessions of a Formal Methodist , 2002, SCS.

[140]  Alan Bundy,et al.  Proof Plans for the Correction of False Conjectures , 1994, LPAR.

[141]  Yujun Zheng,et al.  An extension of COCOMO II for the B-Method , 2006, EDSER '06.

[142]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[143]  Florentin Ipate,et al.  Functional Search-based Testing from State Machines , 2008, 2008 1st International Conference on Software Testing, Verification, and Validation.

[144]  Geoff Sutcliffe,et al.  SRASS - A Semantic Relevance Axiom Selection System , 2007, CADE.

[145]  Andreas Fürst,et al.  Event-B patterns and their tool support , 2009, 2009 Seventh IEEE International Conference on Software Engineering and Formal Methods.

[146]  Ernie Cohen,et al.  Validating the Microsoft Hypervisor , 2006, FM.

[147]  André Platzer,et al.  Logical Analysis of Hybrid Systems - Proving Theorems for Complex Dynamics , 2010 .

[148]  Tim Barton,et al.  ON THE SAFE SIDE , 2003 .

[149]  Ina Schieferdecker,et al.  Applying Model Checking to Generate Model-Based Integration Tests from Choreography Models , 2009, TestCom/FATES.

[150]  Gerhard Weikum,et al.  The Atomic Manifesto , 2005, J. Univers. Comput. Sci..

[151]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1985, JACM.

[152]  Alan Bundy,et al.  Rippling - meta-level guidance for mathematical reasoning , 2005, Cambridge tracts in theoretical computer science.

[153]  Michael J. Butler,et al.  Supporting Reuse of Event-B Developments through Generic Instantiation , 2009, ICFEM.

[154]  Maritta Heisel,et al.  A Security Engineering Process based on Patterns , 2007 .

[155]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[156]  Chris F. Kemerer,et al.  A Metrics Suite for Object Oriented Design , 2015, IEEE Trans. Software Eng..

[157]  Cliff B. Jones,et al.  Tentative steps toward a development method for interfering programs , 1983, TOPL.

[158]  Maurice Herlihy,et al.  Axioms for concurrent objects , 1987, POPL '87.

[159]  Cliff B. Jones,et al.  Elucidating concurrent algorithms via layers of abstraction and reification , 2011, Formal Aspects of Computing.

[160]  Egon Berghout,et al.  Integrating goal-oriented measurement in industrial software engineering: industrial experiences with and additions to the Goal/Question/Metric method (GQM) , 2001, Proceedings Seventh International Software Metrics Symposium.

[161]  Alan Bundy,et al.  The Use of Explicit Plans to Guide Inductive Proofs , 1988, CADE.

[162]  thierry lecomte,et al.  Formal Methods in Safety-Critical Railway Systems , 2007 .

[163]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[164]  Eran Yahav,et al.  Comparison Under Abstraction for Verifying Linearizability , 2007, CAV.

[165]  Steven P. Miller Specifying the mode logic of a flight guidance system in CoRE and SCR , 1998, FMSP '98.

[166]  Yuri Gurevich,et al.  Evolving algebras 1993: Lipari guide , 1995, Specification and validation methods.

[167]  Lawrence C. Paulson,et al.  Lightweight relevance filtering for machine-generated resolution problems , 2009, J. Appl. Log..

[168]  Mark A. Hillebrand,et al.  VCC: A Practical System for Verifying Concurrent C , 2009, TPHOLs.

[169]  Wei Wei,et al.  Local Enforceability and Inconsumable Messages in Choreography Models , 2009, 2009 Fourth South-East European Workshop on Formal Methods.

[170]  G. Fohler,et al.  Realizing Changes of Operational Modes with a Pre Run-Time Scheduled Hard Real-Time System , 1993 .

[171]  Jean-Raymond Abrial,et al.  Introducing Dynamic Constraints in B , 1998, B.

[172]  Wim H. Hesselink,et al.  A criterion for atomicity revisited , 2007, Acta Informatica.

[173]  Peter Gorm Larsen,et al.  PICGAL: Practical Use of Formal Specification to Develop a Complex Critical System , 1997, FME.

[174]  Thomas A. Henzinger,et al.  Finitary fairness , 1998, TOPL.

[175]  Robert Colvin,et al.  Verifying Concurrent Data Structures by Simulation , 2005, Electron. Notes Theor. Comput. Sci..

[176]  Cliff B. Jones,et al.  Accommodating interference in the formal design of concurrent object-based programs , 1996, Formal Methods Syst. Des..

[177]  Alexander Romanovsky A looming fault tolerance software crisis? , 2007, SOEN.