Results 1  10
of
166
Interface Automata
 Proceedings of the Ninth Annual Symposium on Foundations of Software Engineering (FSE), ACM
, 2001
"... Conventional type systems specify interfaces in terms of values and domains. ..."
Abstract

Cited by 454 (23 self)
 Add to MetaCart
Conventional type systems specify interfaces in terms of values and domains.
Interface Theories for Componentbased Design
, 2001
"... We classify componentbased models of computation into component models and interface models. A component model specifies for each component how the component behaves in an arbitrary environment; an interface model specifies for each component what the component expects from the environment. ..."
Abstract

Cited by 154 (20 self)
 Add to MetaCart
(Show Context)
We classify componentbased models of computation into component models and interface models. A component model specifies for each component how the component behaves in an arbitrary environment; an interface model specifies for each component what the component expects from the environment.
Timed Interfaces
, 2002
"... We present a theory of timed interfaces, which is capable of specifying both the timing of the inputs a component expects from the environment, and the timing of the outputs it can produce. Two timed interfaces are compatible if there is a way to use them together such that their timing expectat ..."
Abstract

Cited by 119 (23 self)
 Add to MetaCart
We present a theory of timed interfaces, which is capable of specifying both the timing of the inputs a component expects from the environment, and the timing of the outputs it can produce. Two timed interfaces are compatible if there is a way to use them together such that their timing expectations are met. Our theory provides algorithms for checking the compatibility between two interfaces and for deriving the composite interface; the theory can thus be viewed as a type system for realtime interaction. Technically, a timed interface is encoded as a timed game between two players, representing the inputs and outputs of the component. The algorithms for compatibility checking and interface composition are thus derived from algorithms for solving timed games.
Discounting the future in systems theory
 In Automata, Languages, and Programming, LNCS 2719
, 2003
"... ..."
(Show Context)
Optimizations for LTL synthesis
 IN 6TH CONFERENCE ON FORMAL METHODS IN COMPUTER AIDED DESIGN (FMCAD’06
, 2006
"... We present an approach to automatic synthesis of specifications given in Linear Time Logic. The approach is based on a translation through universal coBüchi tree automata and alternating weak tree automata [1]. By careful optimization of all intermediate automata, we achieve a major improvement i ..."
Abstract

Cited by 59 (10 self)
 Add to MetaCart
We present an approach to automatic synthesis of specifications given in Linear Time Logic. The approach is based on a translation through universal coBüchi tree automata and alternating weak tree automata [1]. By careful optimization of all intermediate automata, we achieve a major improvement in performance. We present several optimization techniques for alternating tree automata, including a gamebased approximation to language emptiness and a simulationbased optimization. Furthermore, we use an incremental algorithm to compute the emptiness of nondeterministic Büchi tree automata. All our optimizations are computed in time polynomial in the size of the automaton on which they are computed. We have applied our implementation to several examples and show a significant improvement over the straightforward implementation. Although our examples are still small, this work constitutes the first implementation of a synthesis algorithm for full LTL. We believe that the optimizations discussed here form an important step towards making LTL synthesis practical.
Coalition games and alternating temporal logics
 Proceeding of the Eighth Conference on Theoretical Aspects of Rationality and Knowledge (TARK VIII
, 2001
"... We draw parallels between coalition game logics developed in [Pauly, 2000b] and [Pauly, 2000c] on one hand, and alternatingtime temporal logics of computations introduced in [Alur et al, 97] on the other. In particular, we show equivalence of their semantics, embedding of coalition game logics int ..."
Abstract

Cited by 55 (4 self)
 Add to MetaCart
We draw parallels between coalition game logics developed in [Pauly, 2000b] and [Pauly, 2000c] on one hand, and alternatingtime temporal logics of computations introduced in [Alur et al, 97] on the other. In particular, we show equivalence of their semantics, embedding of coalition game logics into alternatingtime temporal logic, and propose axiomatic systems for these logics. 1
Interfacebased design
 In Engineering Theories of Software Intensive Systems, proceedings of the Marktoberdorf Summer School
, 2004
"... Abstract. Surveying results from [5] and [6], we motivate and introduce the theory behind formalizing rich interfaces for software and hardware components. Rich interfaces specify the protocol aspects of component interaction. Their formalization, called interface automata, permits a compiler to che ..."
Abstract

Cited by 52 (4 self)
 Add to MetaCart
(Show Context)
Abstract. Surveying results from [5] and [6], we motivate and introduce the theory behind formalizing rich interfaces for software and hardware components. Rich interfaces specify the protocol aspects of component interaction. Their formalization, called interface automata, permits a compiler to check the compatibility of component interaction protocols. Interface automata support incremental design and independent implementability. Incremental design means that the compatibility checking of interfaces can proceed for partial system descriptions, without knowing the interfaces of all components. Independent implementability means that compatible interfaces can be refined separately, while still maintaining compatibility. 1
Symbolic Algorithms for InfiniteState Games
, 2001
"... A procedure for the analysis of state spaces is called symbolic if it manipulates not individual states, but sets of states that are represented by constraints. Such a procedure can be used for the analysis of infinite state spaces, provided termination is guaranteed. We present symbolic procedures, ..."
Abstract

Cited by 51 (5 self)
 Add to MetaCart
A procedure for the analysis of state spaces is called symbolic if it manipulates not individual states, but sets of states that are represented by constraints. Such a procedure can be used for the analysis of infinite state spaces, provided termination is guaranteed. We present symbolic procedures, and corresponding termination criteria, for the solution of infinitestate games, which occur in the control and modular verification of infinitestate systems. To characterize the termination of symbolic procedures for solving infinitestate games, we classify these game structures into four increasingly restrictive categories: 1. Class 1 consists of infinitestate structures for which all safety and reachability games can be solved...
Symbolic models for nonlinear control systems using approximate bisimulation
, 2007
"... Symbolic models for nonlinear control systems using approximate bisimulation Abstract — Control systems are usually modeled by differential equations describing how physical phenomena can be influenced by certain control parameters or inputs. Although these models are very powerful when dealing with ..."
Abstract

Cited by 45 (13 self)
 Add to MetaCart
(Show Context)
Symbolic models for nonlinear control systems using approximate bisimulation Abstract — Control systems are usually modeled by differential equations describing how physical phenomena can be influenced by certain control parameters or inputs. Although these models are very powerful when dealing with physical phenomena, they are less suitable to describe software and hardware interfacing the physical world. This has spurred a recent interest in describing control systems through symbolic models that are abstract descriptions of the continuous dynamics, where each “symbol” corresponds to an “aggregate” of continuous states in the continuous model. Since these symbolic models are of the same nature of the models used in computer science to describe software and hardware, they provided a unified language to study problems of control in which software and hardware interact with the physical world. In this paper we show that every incrementally globally asymptotically stable nonlinear control system is approximately equivalent (bisimilar) to symbolic model with a precision that can be chosen a–priori. We also show that for digital controlled systems, in which inputs are piecewise–constant, and under the stronger assumption of incremental input–to–state stability, the symbolic models can be obtained, based on a suitable quantization of the inputs.
Stuckfree conformance
 In CAV 04: ComputerAided Verification, LNCS
, 2000
"... Abstract. We present a novel refinement relation (stuckfree conformance) for CCS processes, which satisfies the substitutability property: If I conforms to S, andP is any environment such that P  S is stuckfree, then P  I is stuckfree. Stuckfreedom is related to the CSP notion of deadlock, but ..."
Abstract

Cited by 43 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We present a novel refinement relation (stuckfree conformance) for CCS processes, which satisfies the substitutability property: If I conforms to S, andP is any environment such that P  S is stuckfree, then P  I is stuckfree. Stuckfreedom is related to the CSP notion of deadlock, but it is more discriminative by taking orphan messages in asynchronous systems into account. We prove that conformance is a precongruence on CCS processes, thereby supporting modular refinement. We distinguish conformance from the related preorders, stable failures refinement in CSP and refusal preorder in CCS. We have implemented conformance checking in a new software model checker, zing, andwe report on how we used it to find errors in distributed programs. 1