[{"quality_controlled":"1","extern":"1","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","author":[{"last_name":"Passerone","first_name":"Roberto","full_name":"Passerone, Roberto"},{"last_name":"De Alfaro","first_name":"Luca","full_name":"De Alfaro, Luca"},{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724","last_name":"Henzinger","first_name":"Thomas A"},{"full_name":"Sangiovanni Vincentelli, Alberto","first_name":"Alberto","last_name":"Sangiovanni Vincentelli"}],"citation":{"short":"R. Passerone, L. De Alfaro, T.A. Henzinger, A. Sangiovanni Vincentelli, in:, Proceedings of the 11th IEEE/ACM International Conference on Computer-Aided Design, IEEE, 2002, pp. 132–139.","chicago":"Passerone, Roberto, Luca De Alfaro, Thomas A Henzinger, and Alberto Sangiovanni Vincentelli. “Convertibility Verification and Converter Synthesis: Two Faces of the Same Coin.” In <i>Proceedings of the 11th IEEE/ACM International Conference on Computer-Aided Design</i>, 132–39. IEEE, 2002. <a href=\"https://doi.org/10.1145/774572.774592\">https://doi.org/10.1145/774572.774592</a>.","ista":"Passerone R, De Alfaro L, Henzinger TA, Sangiovanni Vincentelli A. 2002. Convertibility verification and converter synthesis: Two faces of the same coin. Proceedings of the 11th IEEE/ACM international conference on Computer-aided design. ICCAD: Computer-Aided Design, 132–139.","ama":"Passerone R, De Alfaro L, Henzinger TA, Sangiovanni Vincentelli A. Convertibility verification and converter synthesis: Two faces of the same coin. In: <i>Proceedings of the 11th IEEE/ACM International Conference on Computer-Aided Design</i>. IEEE; 2002:132-139. doi:<a href=\"https://doi.org/10.1145/774572.774592\">10.1145/774572.774592</a>","ieee":"R. Passerone, L. De Alfaro, T. A. Henzinger, and A. Sangiovanni Vincentelli, “Convertibility verification and converter synthesis: Two faces of the same coin,” in <i>Proceedings of the 11th IEEE/ACM international conference on Computer-aided design</i>, San Jose, CA, USA, 2002, pp. 132–139.","mla":"Passerone, Roberto, et al. “Convertibility Verification and Converter Synthesis: Two Faces of the Same Coin.” <i>Proceedings of the 11th IEEE/ACM International Conference on Computer-Aided Design</i>, IEEE, 2002, pp. 132–39, doi:<a href=\"https://doi.org/10.1145/774572.774592\">10.1145/774572.774592</a>.","apa":"Passerone, R., De Alfaro, L., Henzinger, T. A., &#38; Sangiovanni Vincentelli, A. (2002). Convertibility verification and converter synthesis: Two faces of the same coin. In <i>Proceedings of the 11th IEEE/ACM international conference on Computer-aided design</i> (pp. 132–139). San Jose, CA, USA: IEEE. <a href=\"https://doi.org/10.1145/774572.774592\">https://doi.org/10.1145/774572.774592</a>"},"year":"2002","day":"01","oa_version":"None","date_updated":"2023-06-05T14:21:46Z","type":"conference","_id":"4413","language":[{"iso":"eng"}],"doi":"10.1145/774572.774592","title":"Convertibility verification and converter synthesis: Two faces of the same coin","publication":"Proceedings of the 11th IEEE/ACM international conference on Computer-aided design","abstract":[{"text":"An essential problem in component-based design is how to compose components designed in isolation. Several approaches have been proposed for specifying component interfaces that capture behavioral aspects such as interaction protocols, and for verifying interface compatibility. Likewise, several approaches have been developed for synthesizing converters between incompatible protocols. In this paper, we introduce the notion of adaptability as the property that two interfaces have when they can be made compatible by communicating through a converter that meets specified requirements. We show that verifying adaptability and synthesizing an appropriate converter are two faces of the same coin: adaptability can be formalized and solved using a game-theoretic framework, and then the converter can be synthesized as a strategy that always wins the game. Finally we show that this framework can be related to the rectification problem in trace theory.","lang":"eng"}],"publication_status":"published","acknowledgement":"The authors would like to thank Jerry Burch of the Cadence Berkeley Labs for many insightful discussions and suggestions.\r\n","page":"132 - 139","date_published":"2002-11-01T00:00:00Z","publisher":"IEEE","scopus_import":"1","publist_id":"318","publication_identifier":{"isbn":["9780780376076"]},"status":"public","month":"11","conference":{"location":"San Jose, CA, USA","start_date":"2002-11-10","name":"ICCAD: Computer-Aided Design","end_date":"2002-11-14"},"date_created":"2018-12-11T12:08:44Z"},{"user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","author":[{"first_name":"Freddy","last_name":"Mang","full_name":"Mang, Freddy"}],"extern":"1","article_processing_charge":"No","citation":{"mla":"Mang, Freddy. <i>Games in Open Systems Verification and Synthesis</i>. University of California, Berkeley, 2002, pp. 1–116.","apa":"Mang, F. (2002). <i>Games in open systems verification and synthesis</i>. University of California, Berkeley.","ama":"Mang F. Games in open systems verification and synthesis. 2002:1-116.","ieee":"F. Mang, “Games in open systems verification and synthesis,” University of California, Berkeley, 2002.","short":"F. Mang, Games in Open Systems Verification and Synthesis, University of California, Berkeley, 2002.","chicago":"Mang, Freddy. “Games in Open Systems Verification and Synthesis.” University of California, Berkeley, 2002.","ista":"Mang F. 2002. Games in open systems verification and synthesis. University of California, Berkeley."},"day":"01","year":"2002","supervisor":[{"first_name":"Thomas A","last_name":"Henzinger","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000-0002-2985-7724"}],"date_updated":"2021-01-12T07:56:48Z","type":"dissertation","oa_version":"None","language":[{"iso":"eng"}],"_id":"4414","title":"Games in open systems verification and synthesis","publication_status":"published","abstract":[{"text":"This dissertation investigates game-theoretic approaches to the algorithmic analysis of concurrent, reactive systems. A concurrent system comprises a number of components working concurrently; a reactive system maintains an ongoing interaction with its environment. Traditional approaches to the formal analysis of concurrent reactive systems usually view the system as an unstructured state-transition graphs; instead, we view them as collections of interacting components, where each one is an open system which accepts inputs from the other components. The interactions among the components are naturally modeled as games.\r\n\r\nAdopting this game-theoretic view, we study three related problems pertaining to the verification and synthesis of systems. Firstly, we propose two novel game-theoretic techniques for the model-checking of concurrent reactive systems, and improve the performance of model-checking. The first technique discovers an error as soon as it cannot be prevented, which can be long before it actually occurs. This technique is based on the key observation that &quot;unpreventability&quot; is a local property to a module: an error is unpreventable in a module state if no environment can prevent it. The second technique attempts to decompose a model-checking proof into smaller proof obligations by constructing abstract modules automatically, using reachability and &quot;unpreventability&quot; information about the concrete modules. Three increasingly powerful proof decomposition rules are proposed and we show that in practice, the resulting abstract modules are often significantly smaller than the concrete modules and can drastically reduce the space and time requirements for verification. Both techniques fall into the category of compositional reasoning.\r\n\r\nSecondly, we investigate the composition and control of synchronous systems. An essential property of synchronous systems for compositional reasoning is non-blocking. In the composition of synchronous systems, however, due to circular causal dependency of input and output signals, non-blocking is not always guaranteed. Blocking compositions of systems can be ruled out semantically, by insisting on the existence of certain fixed points, or syntactically, by equipping systems with types, which make the dependencies between input and output signals transparent. We characterize various typing mechanisms in game-theoretic terms, and study their effects on the controller synthesis problem. We show that our typing systems are general enough to capture interesting real-life synchronous systems such as all delay-insensitive digital circuits. We then study their corresponding single-step control problems --a restricted form of controller synthesis problem whose solutions can be iterated in appropriate manners to solve all LTL controller synthesis problems. We also consider versions of the controller synthesis problem in which the type of the controller is given. We show that the solution of these fixed-type control problems requires the evaluation of partially ordered (Henkin) quantifiers on boolean formulas, and is therefore harder (nondeterministic exponential time) than more traditional control questions.\r\n\r\nThirdly, we study the synthesis of a class of open systems, namely, uninitialized state machines. The sequential synthesis problem, which is closely related to Church's solvability problem, asks, given a specification in the form of a binary relation between input and output streams, for the construction of a finite-state stream transducer that converts inputs to appropriate outputs. For efficiency reasons, practical sequential hardware is often designed to operate without prior initialization. Such hardware designs can be modeled by uninitialized state machines, which are required to satisfy their specification if started from any state. We solve the sequential synthesis problem for uninitialized systems, that is, we construct uninitialized finite-state stream transducers. We consider specifications given by LTL formulas, deterministic, nondeterministic, universal, and alternating Buechi automata. We solve this uninitialized synthesis problem by reducing it to the well-understood initialized synthesis problem. While our solution is straightforward, it leads, for some specification formalisms, to upper bounds that are exponentially worse than the complexity of the corresponding initialized problems. However, we prove lower bounds to show that our simple solutions are optimal for all considered specification formalisms. The lower bound proofs require nontrivial generic reductions.","lang":"eng"}],"page":"1 - 116","date_published":"2002-05-01T00:00:00Z","publisher":"University of California, Berkeley","publist_id":"315","status":"public","date_created":"2018-12-11T12:08:44Z","month":"05"},{"type":"conference","date_updated":"2023-06-05T13:07:20Z","oa_version":"None","day":"25","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","acknowledgement":"This research was supported in part by the DARPA SEC grant F33615-C-98-3614, the MARCO GSRC grant 98-DT-660, and the AFOSR MURI grant F49620-00-1-0327.","language":[{"iso":"eng"}],"doi":"10.1007/3-540-45828-X_5","date_published":"2002-09-25T00:00:00Z","page":"46 - 60","alternative_title":["LNCS"],"publication_identifier":{"isbn":["9783540443070"]},"scopus_import":"1","year":"2002","citation":{"ista":"Kirsch C, Sanvido M, Henzinger TA, Pree W. 2002. A Giotto-based helicopter control system. Proceedings of the 2nd International Conference on Embedded Software. EMSOFT: Embedded Software , LNCS, vol. 2491, 46–60.","short":"C. Kirsch, M. Sanvido, T.A. Henzinger, W. Pree, in:, Proceedings of the 2nd International Conference on Embedded Software, ACM, 2002, pp. 46–60.","chicago":"Kirsch, Christoph, Marco Sanvido, Thomas A Henzinger, and Wolfgang Pree. “A Giotto-Based Helicopter Control System.” In <i>Proceedings of the 2nd International Conference on Embedded Software</i>, 2491:46–60. ACM, 2002. <a href=\"https://doi.org/10.1007/3-540-45828-X_5\">https://doi.org/10.1007/3-540-45828-X_5</a>.","ama":"Kirsch C, Sanvido M, Henzinger TA, Pree W. A Giotto-based helicopter control system. In: <i>Proceedings of the 2nd International Conference on Embedded Software</i>. Vol 2491. ACM; 2002:46-60. doi:<a href=\"https://doi.org/10.1007/3-540-45828-X_5\">10.1007/3-540-45828-X_5</a>","ieee":"C. Kirsch, M. Sanvido, T. A. Henzinger, and W. Pree, “A Giotto-based helicopter control system,” in <i>Proceedings of the 2nd International Conference on Embedded Software</i>, Grenoble, France, 2002, vol. 2491, pp. 46–60.","mla":"Kirsch, Christoph, et al. “A Giotto-Based Helicopter Control System.” <i>Proceedings of the 2nd International Conference on Embedded Software</i>, vol. 2491, ACM, 2002, pp. 46–60, doi:<a href=\"https://doi.org/10.1007/3-540-45828-X_5\">10.1007/3-540-45828-X_5</a>.","apa":"Kirsch, C., Sanvido, M., Henzinger, T. A., &#38; Pree, W. (2002). A Giotto-based helicopter control system. In <i>Proceedings of the 2nd International Conference on Embedded Software</i> (Vol. 2491, pp. 46–60). Grenoble, France: ACM. <a href=\"https://doi.org/10.1007/3-540-45828-X_5\">https://doi.org/10.1007/3-540-45828-X_5</a>"},"author":[{"full_name":"Kirsch, Christoph","last_name":"Kirsch","first_name":"Christoph"},{"first_name":"Marco","last_name":"Sanvido","full_name":"Sanvido, Marco"},{"orcid":"0000−0002−2985−7724","full_name":"Henzinger, Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","last_name":"Henzinger","first_name":"Thomas A"},{"last_name":"Pree","first_name":"Wolfgang","full_name":"Pree, Wolfgang"}],"extern":"1","quality_controlled":"1","publication_status":"published","abstract":[{"lang":"eng","text":"We demonstrate the feasibility and benefits of Giotto-based control software development by reimplementing the autopilot system of an autonomously flying model helicopter. Giotto offers a clean separation between the platform-independent concerns of software functionality and I/O timing, and the platform-dependent concerns of software scheduling and execution. Functionality code such as code computing control laws can be generated automatically from Simulink models or, as in the case of this project, inherited from a legacy system. I/O timing code is generated automatically from Giotto models that specify real-time requirements such as task frequencies and actuator update rates. We extend Simulink to support the design of Giotto models, and from these models, the automatic generation of Giotto code that supervises the interaction of the functionality code with the physical environment. The Giotto compiler performs a schedulability analysis on the Giotto code, and generates timing code for the helicopter platform. The Giotto methodology guarantees the stringent hard real-time requirements of the autopilot system, and at the same time supports the automation of the software development process in a way that produces a transparent software architecture with predictable behavior and reusable components."}],"title":"A Giotto-based helicopter control system","publication":"Proceedings of the 2nd International Conference on Embedded Software","_id":"4421","publisher":"ACM","volume":2491,"date_created":"2018-12-11T12:08:46Z","conference":{"location":"Grenoble, France","start_date":"2002-10-07","name":"EMSOFT: Embedded Software ","end_date":"2002-10-09"},"month":"09","status":"public","intvolume":"      2491","publist_id":"310"},{"volume":2471,"publisher":"Springer","intvolume":"      2471","publist_id":"308","month":"09","conference":{"location":"Edinburgh, Scotland","name":"CSL: Computer Science Logic"},"date_created":"2018-12-11T12:08:46Z","status":"public","citation":{"ieee":"M. Jurdziński, O. Kupferman, and T. A. Henzinger, “Trading probability for fairness,” in <i>Proceedings of the 16th International Workshop on Computer Science Logic</i>, Edinburgh, Scotland, 2002, vol. 2471, pp. 292–305.","ama":"Jurdziński M, Kupferman O, Henzinger TA. Trading probability for fairness. In: <i>Proceedings of the 16th International Workshop on Computer Science Logic</i>. Vol 2471. Springer; 2002:292-305. doi:<a href=\"https://doi.org/10.1007/3-540-45793-3_20\">10.1007/3-540-45793-3_20</a>","chicago":"Jurdziński, Marcin, Orna Kupferman, and Thomas A Henzinger. “Trading Probability for Fairness.” In <i>Proceedings of the 16th International Workshop on Computer Science Logic</i>, 2471:292–305. Springer, 2002. <a href=\"https://doi.org/10.1007/3-540-45793-3_20\">https://doi.org/10.1007/3-540-45793-3_20</a>.","short":"M. Jurdziński, O. Kupferman, T.A. Henzinger, in:, Proceedings of the 16th International Workshop on Computer Science Logic, Springer, 2002, pp. 292–305.","ista":"Jurdziński M, Kupferman O, Henzinger TA. 2002. Trading probability for fairness. Proceedings of the 16th International Workshop on Computer Science Logic. CSL: Computer Science Logic, LNCS, vol. 2471, 292–305.","mla":"Jurdziński, Marcin, et al. “Trading Probability for Fairness.” <i>Proceedings of the 16th International Workshop on Computer Science Logic</i>, vol. 2471, Springer, 2002, pp. 292–305, doi:<a href=\"https://doi.org/10.1007/3-540-45793-3_20\">10.1007/3-540-45793-3_20</a>.","apa":"Jurdziński, M., Kupferman, O., &#38; Henzinger, T. A. (2002). Trading probability for fairness. In <i>Proceedings of the 16th International Workshop on Computer Science Logic</i> (Vol. 2471, pp. 292–305). Edinburgh, Scotland: Springer. <a href=\"https://doi.org/10.1007/3-540-45793-3_20\">https://doi.org/10.1007/3-540-45793-3_20</a>"},"extern":"1","author":[{"full_name":"Jurdziński, Marcin","first_name":"Marcin","last_name":"Jurdziński"},{"full_name":"Kupferman, Orna","last_name":"Kupferman","first_name":"Orna"},{"full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","last_name":"Henzinger","first_name":"Thomas A"}],"quality_controlled":"1","year":"2002","title":"Trading probability for fairness","publication":"Proceedings of the 16th International Workshop on Computer Science Logic","_id":"4422","abstract":[{"text":"Behavioral properties of open systems can be formalized as objectives in two-player games. Turn-based games model asynchronous interaction between the players (the system and its environment) by interleaving their moves. Concurrent games model synchronous interaction: the players always move simultaneously. Infinitary winning criteria are considered: Büchi, co-Büchi, and more general parity conditions. A generalization of determinacy for parity games to concurrent parity games demands probabilistic (mixed) strategies: either player 1 has a mixed strategy to win with probability 1 (almost-sure winning), or player 2 has a mixed strategy to win with positive probability.\r\nThis work provides efficient reductions of concurrent probabilistic Büchi and co-Büchi games to turn-based games with Büchi condition and parity winning condition with three priorities, respectively. From a theoretical point of view, the latter reduction shows that one can trade the probabilistic nature of almost-sure winning for a more general parity (fairness) condition. The reductions improve understanding of concurrent games and provide an alternative simple proof of determinacy of concurrent Büchi and co-Büchi games. From a practical point of view, the reductions turn solvers of turn-based games into solvers of concurrent probabilistic games. Thus improvements in the well-studied algorithms for the former carry over immediately to the latter. In particular, a recent improvement in the complexity of solving turn-based parity games yields an improvement in time complexity of solving concurrent probabilistic co-Büchi games from cubic to quadratic.","lang":"eng"}],"publication_status":"published","date_published":"2002-09-09T00:00:00Z","page":"292 - 305","alternative_title":["LNCS"],"scopus_import":"1","publication_identifier":{"isbn":["9783540442400"]},"user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","oa_version":"None","type":"conference","date_updated":"2023-06-05T10:02:54Z","day":"09","doi":"10.1007/3-540-45793-3_20","language":[{"iso":"eng"}],"acknowledgement":"This research was supported in part by the Polish KBN grant 7-T11C-027-20, the AFOSR MURI grant F49620-00-1-0327, and the NSF Theory grant CCR-9988172."},{"abstract":[{"text":"Automation control systems typically incorporate legacy code and components that were originally designed to operate independently. Furthermore, they operate under stringent safety and timing constraints. Current design strategies deal with these requirements and characteristics with ad hoc approaches. In particular, when designing control laws, implementation constraints are often ignored or cursorily estimated. Indeed, costly redesigns are needed after a prototype of the control system is built due to missed timing constraints and subtle transient errors. In this paper, we use the concepts of platform-based design, and the Giotto programming language, to develop a methodology for the design of automation control systems that builds in modularity and correct-by-construction procedures. We illustrate our strategy by describing the (successful) application of the methodology to the design of a time-based control system for a rotorcraft Uninhabited Aerial Vehicle (UAV).","lang":"eng"}],"publication_status":"published","title":"Embedded software design and system integration for rotorcraft UAV using platforms","publication":"Proceedings of the 15th Triennial World Congress of the International Federation of Automatic Control","_id":"4423","year":"2002","citation":{"ieee":"B. Horowitz <i>et al.</i>, “Embedded software design and system integration for rotorcraft UAV using platforms,” in <i>Proceedings of the 15th Triennial World Congress of the International Federation of Automatic Control</i>, Barcelona, Spain, 2002, vol. 15, no. 1.","ama":"Horowitz B, Liebman J, Ma C, et al. Embedded software design and system integration for rotorcraft UAV using platforms. In: <i>Proceedings of the 15th Triennial World Congress of the International Federation of Automatic Control</i>. Vol 15. Elsevier; 2002. doi:<a href=\"https://doi.org/10.3182/20020721-6-ES-1901.01628\">10.3182/20020721-6-ES-1901.01628</a>","short":"B. Horowitz, J. Liebman, C. Ma, T.J. Koo, T.A. Henzinger, A. Sangiovanni Vincentelli, S. Sastry, in:, Proceedings of the 15th Triennial World Congress of the International Federation of Automatic Control, Elsevier, 2002.","chicago":"Horowitz, Benjamin, Judith Liebman, Cedric Ma, T John Koo, Thomas A Henzinger, Alberto Sangiovanni Vincentelli, and Shankar Sastry. “Embedded Software Design and System Integration for Rotorcraft UAV Using Platforms.” In <i>Proceedings of the 15th Triennial World Congress of the International Federation of Automatic Control</i>, Vol. 15. Elsevier, 2002. <a href=\"https://doi.org/10.3182/20020721-6-ES-1901.01628\">https://doi.org/10.3182/20020721-6-ES-1901.01628</a>.","ista":"Horowitz B, Liebman J, Ma C, Koo TJ, Henzinger TA, Sangiovanni Vincentelli A, Sastry S. 2002. Embedded software design and system integration for rotorcraft UAV using platforms. Proceedings of the 15th Triennial World Congress of the International Federation of Automatic Control. IFAC: World Congress on Automatic Control vol. 15.","apa":"Horowitz, B., Liebman, J., Ma, C., Koo, T. J., Henzinger, T. A., Sangiovanni Vincentelli, A., &#38; Sastry, S. (2002). Embedded software design and system integration for rotorcraft UAV using platforms. In <i>Proceedings of the 15th Triennial World Congress of the International Federation of Automatic Control</i> (Vol. 15). Barcelona, Spain: Elsevier. <a href=\"https://doi.org/10.3182/20020721-6-ES-1901.01628\">https://doi.org/10.3182/20020721-6-ES-1901.01628</a>","mla":"Horowitz, Benjamin, et al. “Embedded Software Design and System Integration for Rotorcraft UAV Using Platforms.” <i>Proceedings of the 15th Triennial World Congress of the International Federation of Automatic Control</i>, vol. 15, no. 1, Elsevier, 2002, doi:<a href=\"https://doi.org/10.3182/20020721-6-ES-1901.01628\">10.3182/20020721-6-ES-1901.01628</a>."},"quality_controlled":"1","author":[{"full_name":"Horowitz, Benjamin","first_name":"Benjamin","last_name":"Horowitz"},{"full_name":"Liebman, Judith","first_name":"Judith","last_name":"Liebman"},{"first_name":"Cedric","last_name":"Ma","full_name":"Ma, Cedric"},{"first_name":"T John","last_name":"Koo","full_name":"Koo, T John"},{"last_name":"Henzinger","first_name":"Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724"},{"first_name":"Alberto","last_name":"Sangiovanni Vincentelli","full_name":"Sangiovanni Vincentelli, Alberto"},{"last_name":"Sastry","first_name":"Shankar","full_name":"Sastry, Shankar"}],"extern":"1","month":"07","conference":{"location":"Barcelona, Spain","start_date":"2002-07-21","name":"IFAC: World Congress on Automatic Control","end_date":"2002-07-26"},"date_created":"2018-12-11T12:08:47Z","status":"public","intvolume":"        15","publist_id":"306","publisher":"Elsevier","volume":15,"issue":"1","acknowledgement":"Research supported in part by DARPA under contract no.F33615-98-C-3614, Software Enabled Control, administered by\r\nAFRL, Dayton OH.","language":[{"iso":"eng"}],"doi":"10.3182/20020721-6-ES-1901.01628","oa_version":"None","type":"conference","date_updated":"2023-06-05T09:55:10Z","day":"01","article_processing_charge":"No","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","scopus_import":"1","publication_identifier":{"issn":["1474-6670"]},"date_published":"2002-07-01T00:00:00Z"},{"publisher":"ACM","page":"315 - 326","date_published":"2002-06-01T00:00:00Z","status":"public","date_created":"2018-12-11T12:08:53Z","conference":{"start_date":"2002-06-17","location":"Berlin, Germany","end_date":"2002-06-19","name":"PLDI: Programming Languages Design and Implementation"},"month":"06","publication_identifier":{"isbn":["9781581134636"]},"publist_id":"284","scopus_import":"1","day":"01","year":"2002","date_updated":"2023-06-05T09:02:23Z","type":"conference","oa_version":"None","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","extern":"1","quality_controlled":"1","author":[{"last_name":"Henzinger","first_name":"Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724"},{"last_name":"Kirsch","first_name":"Christoph","full_name":"Kirsch, Christoph"}],"article_processing_charge":"No","citation":{"ista":"Henzinger TA, Kirsch C. 2002. The embedded machine: predictable, portable real-time code. Proceedings of the ACM SIGPLAN 2002 conference on Programming language design and implementation. PLDI: Programming Languages Design and Implementation, 315–326.","short":"T.A. Henzinger, C. Kirsch, in:, Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation, ACM, 2002, pp. 315–326.","chicago":"Henzinger, Thomas A, and Christoph Kirsch. “The Embedded Machine: Predictable, Portable Real-Time Code.” In <i>Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation</i>, 315–26. ACM, 2002. <a href=\"https://doi.org/10.1145/512529.512567\">https://doi.org/10.1145/512529.512567</a>.","ama":"Henzinger TA, Kirsch C. The embedded machine: predictable, portable real-time code. In: <i>Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation</i>. ACM; 2002:315-326. doi:<a href=\"https://doi.org/10.1145/512529.512567\">10.1145/512529.512567</a>","ieee":"T. A. Henzinger and C. Kirsch, “The embedded machine: predictable, portable real-time code,” in <i>Proceedings of the ACM SIGPLAN 2002 conference on Programming language design and implementation</i>, Berlin, Germany, 2002, pp. 315–326.","mla":"Henzinger, Thomas A., and Christoph Kirsch. “The Embedded Machine: Predictable, Portable Real-Time Code.” <i>Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation</i>, ACM, 2002, pp. 315–26, doi:<a href=\"https://doi.org/10.1145/512529.512567\">10.1145/512529.512567</a>.","apa":"Henzinger, T. A., &#38; Kirsch, C. (2002). The embedded machine: predictable, portable real-time code. In <i>Proceedings of the ACM SIGPLAN 2002 conference on Programming language design and implementation</i> (pp. 315–326). Berlin, Germany: ACM. <a href=\"https://doi.org/10.1145/512529.512567\">https://doi.org/10.1145/512529.512567</a>"},"publication_status":"published","abstract":[{"lang":"eng","text":"The Embedded Machine is a virtual machine that mediates in real time the interaction between software processes and physical processes. It separates the compilation of embedded programs into two phases. The first, platform-independent compiler phase generates E code (code executed by the Embedded Machine), which supervises the timing ---not the scheduling--- of application tasks relative to external events, such as clock ticks and sensor interrupts. E~code is portable and exhibits, given an input behavior, predictable (i.e., deterministic) timing and output behavior. The second, platform-dependent compiler phase checks the time safety of the E code, that is, whether platform performance (determined by the hardware) and platform utilization (determined by the scheduler of the operating system) enable its timely execution. We have used the Embedded Machine to compile and execute high-performance control applications written in Giotto, such as the flight control system of an autonomous model helicopter."}],"acknowledgement":"This research was supported in part by the DARPA SEC grant F33615-C-98-3614, the MARCO GSRC grant 98-DT- 660, the AFOSR MURI grant F49620-00-1-0327, and the NSF ITR grant CCR-0085949.","doi":"10.1145/512529.512567","language":[{"iso":"eng"}],"_id":"4444","title":"The embedded machine: predictable, portable real-time code","publication":"Proceedings of the ACM SIGPLAN 2002 conference on Programming language design and implementation"},{"acknowledgement":"Supported in part by the DARPA SEC grant F33615-C-98-3614, MARCO GSRC grant 98-DT-660, AFOSR MURI grant F49620-00-1-0327, NSF grant CCR-9988172, and a Microsoft Research Fellowship.","language":[{"iso":"eng"}],"doi":"10.1007/3-540-45828-X_7","date_updated":"2023-06-05T08:50:59Z","type":"conference","oa_version":"None","day":"25","article_processing_charge":"No","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","alternative_title":["LNCS"],"publication_identifier":{"isbn":["9783540443070"]},"scopus_import":"1","date_published":"2002-09-25T00:00:00Z","page":"76 - 92","publication_status":"published","abstract":[{"text":"Giotto is a platform-independent language for specifying software for high-performance control applications. In this paper we present a new approach to the compilation of Giotto. Following this approach, the Giotto compiler generates code for a virtual machine, called the E machine, which can be ported to different platforms. The Giotto compiler also checks if the generated E code is time safe for a given platform, that is, if the platform offers sufficient performance to ensure that the E code is executed in a timely fashion that conforms with the Giotto semantics. Time-safety checking requires a schedulability analysis. We show that while for arbitrary E code, the analysis is exponential, for E code generated from typical Giotto programs, the analysis is polynomial. This supports our claim that Giotto identifies a useful fragment of embedded programs.","lang":"eng"}],"title":"Time-safety checking for embedded programs","publication":"Proceedings of the 2nd International Conference on Embedded Software","_id":"4470","year":"2002","citation":{"apa":"Henzinger, T. A., Kirsch, C., Majumdar, R., &#38; Matic, S. (2002). Time-safety checking for embedded programs. In <i>Proceedings of the 2nd International Conference on Embedded Software</i> (Vol. 2491, pp. 76–92). Grenoble, France: ACM. <a href=\"https://doi.org/10.1007/3-540-45828-X_7\">https://doi.org/10.1007/3-540-45828-X_7</a>","mla":"Henzinger, Thomas A., et al. “Time-Safety Checking for Embedded Programs.” <i>Proceedings of the 2nd International Conference on Embedded Software</i>, vol. 2491, ACM, 2002, pp. 76–92, doi:<a href=\"https://doi.org/10.1007/3-540-45828-X_7\">10.1007/3-540-45828-X_7</a>.","ieee":"T. A. Henzinger, C. Kirsch, R. Majumdar, and S. Matic, “Time-safety checking for embedded programs,” in <i>Proceedings of the 2nd International Conference on Embedded Software</i>, Grenoble, France, 2002, vol. 2491, pp. 76–92.","ama":"Henzinger TA, Kirsch C, Majumdar R, Matic S. Time-safety checking for embedded programs. In: <i>Proceedings of the 2nd International Conference on Embedded Software</i>. Vol 2491. ACM; 2002:76-92. doi:<a href=\"https://doi.org/10.1007/3-540-45828-X_7\">10.1007/3-540-45828-X_7</a>","chicago":"Henzinger, Thomas A, Christoph Kirsch, Ritankar Majumdar, and Slobodan Matic. “Time-Safety Checking for Embedded Programs.” In <i>Proceedings of the 2nd International Conference on Embedded Software</i>, 2491:76–92. ACM, 2002. <a href=\"https://doi.org/10.1007/3-540-45828-X_7\">https://doi.org/10.1007/3-540-45828-X_7</a>.","short":"T.A. Henzinger, C. Kirsch, R. Majumdar, S. Matic, in:, Proceedings of the 2nd International Conference on Embedded Software, ACM, 2002, pp. 76–92.","ista":"Henzinger TA, Kirsch C, Majumdar R, Matic S. 2002. Time-safety checking for embedded programs. Proceedings of the 2nd International Conference on Embedded Software. EMSOFT: Embedded Software , LNCS, vol. 2491, 76–92."},"author":[{"last_name":"Henzinger","first_name":"Thomas A","orcid":"0000−0002−2985−7724","full_name":"Henzinger, Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87"},{"last_name":"Kirsch","first_name":"Christoph","full_name":"Kirsch, Christoph"},{"full_name":"Majumdar, Ritankar","last_name":"Majumdar","first_name":"Ritankar"},{"last_name":"Matic","first_name":"Slobodan","full_name":"Matic, Slobodan"}],"quality_controlled":"1","extern":"1","date_created":"2018-12-11T12:09:01Z","conference":{"name":"EMSOFT: Embedded Software ","end_date":"2002-10-09","start_date":"2002-10-07","location":"Grenoble, France"},"month":"09","status":"public","intvolume":"      2491","publist_id":"259","publisher":"ACM","volume":2491},{"doi":"10.1007/3-540-45465-9_55","language":[{"iso":"eng"}],"acknowledgement":"This research was supported in part by the SRC contract 99-TJ-683.003, the DARPA contract NAG2-1214, and the NSF grant CCR-9988172.","article_processing_charge":"No","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","day":"26","type":"conference","date_updated":"2023-06-05T08:05:13Z","oa_version":"None","publication_identifier":{"isbn":["9783540438649"]},"scopus_import":"1","alternative_title":["LNCS"],"page":"644 - 656","date_published":"2002-06-26T00:00:00Z","_id":"4471","publication":"Proceedings of the 29th International Colloquium on Automata, Languages and Programming","title":"Synthesis of uninitialized systems","publication_status":"published","abstract":[{"lang":"eng","text":"The sequential synthesis problem, which is closely related to Church’s solvability problem, asks, given a specification in the form of a binary relation between input and output streams, for the construction of a finite-state stream transducer that converts inputs to appropriate outputs. For efficiency reasons, practical sequential hardware is often designed to operate without prior initialization. Such hardware designs can be modeled by uninitialized state machines, which are required to satisfy their specification if started from any state. In this paper we solve the sequential synthesis problem for uninitialized systems, that is, we construct uninitialized finite-state stream transducers. We consider specifications given by LTL formulas, deterministic, nondeterministic, universal, and alternating Büchi automata. We solve this uninitialized synthesis problem by reducing it to the well-understood initialized synthesis problem. While our solution is straightforward, it leads, for some specification formalisms, to upper bounds that are exponentially worse than the complexity of the corresponding initialized problems. However, we prove lower bounds to show that our simple solutions are optimal for all considered specification formalisms. We also study the problem of deciding whether a given specification is uninitialized, that is, if its uninitialized and initialized synthesis problems coincide. We show that this problem has, for each specification formalism, the same complexity as the equivalence problem."}],"quality_controlled":"1","author":[{"last_name":"Henzinger","first_name":"Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724"},{"first_name":"Sriram","last_name":"Krishnan","full_name":"Krishnan, Sriram"},{"last_name":"Kupferman","first_name":"Orna","full_name":"Kupferman, Orna"},{"full_name":"Mang, Freddy","last_name":"Mang","first_name":"Freddy"}],"extern":"1","citation":{"apa":"Henzinger, T. A., Krishnan, S., Kupferman, O., &#38; Mang, F. (2002). Synthesis of uninitialized systems. In <i>Proceedings of the 29th International Colloquium on Automata, Languages and Programming</i> (Vol. 2380, pp. 644–656). Malaga, Spain: Springer. <a href=\"https://doi.org/10.1007/3-540-45465-9_55\">https://doi.org/10.1007/3-540-45465-9_55</a>","mla":"Henzinger, Thomas A., et al. “Synthesis of Uninitialized Systems.” <i>Proceedings of the 29th International Colloquium on Automata, Languages and Programming</i>, vol. 2380, Springer, 2002, pp. 644–56, doi:<a href=\"https://doi.org/10.1007/3-540-45465-9_55\">10.1007/3-540-45465-9_55</a>.","ama":"Henzinger TA, Krishnan S, Kupferman O, Mang F. Synthesis of uninitialized systems. In: <i>Proceedings of the 29th International Colloquium on Automata, Languages and Programming</i>. Vol 2380. Springer; 2002:644-656. doi:<a href=\"https://doi.org/10.1007/3-540-45465-9_55\">10.1007/3-540-45465-9_55</a>","ieee":"T. A. Henzinger, S. Krishnan, O. Kupferman, and F. Mang, “Synthesis of uninitialized systems,” in <i>Proceedings of the 29th International Colloquium on Automata, Languages and Programming</i>, Malaga, Spain, 2002, vol. 2380, pp. 644–656.","ista":"Henzinger TA, Krishnan S, Kupferman O, Mang F. 2002. Synthesis of uninitialized systems. Proceedings of the 29th International Colloquium on Automata, Languages and Programming. ICALP: Automata, Languages and Programming, LNCS, vol. 2380, 644–656.","short":"T.A. Henzinger, S. Krishnan, O. Kupferman, F. Mang, in:, Proceedings of the 29th International Colloquium on Automata, Languages and Programming, Springer, 2002, pp. 644–656.","chicago":"Henzinger, Thomas A, Sriram Krishnan, Orna Kupferman, and Freddy Mang. “Synthesis of Uninitialized Systems.” In <i>Proceedings of the 29th International Colloquium on Automata, Languages and Programming</i>, 2380:644–56. Springer, 2002. <a href=\"https://doi.org/10.1007/3-540-45465-9_55\">https://doi.org/10.1007/3-540-45465-9_55</a>."},"year":"2002","publist_id":"257","intvolume":"      2380","status":"public","date_created":"2018-12-11T12:09:01Z","conference":{"name":"ICALP: Automata, Languages and Programming","end_date":"2002-07-13","start_date":"2002-07-08","location":"Malaga, Spain"},"month":"06","volume":2380,"publisher":"Springer"},{"user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","day":"19","date_updated":"2023-06-05T08:11:32Z","type":"conference","oa_version":"None","doi":"10.1007/3-540-45657-0_45","language":[{"iso":"eng"}],"acknowledgement":"This work was supported in part by the NSF ITR grants CCR-0085949, CCR-0081588, the NSF Career grant CCR-9875171, the DARPA PCES grant F33615-00-C-1693, the MARCO GSRC grant 98-DT-660, the SRC contract 99-TJ-683, a Microsoft fellowship, and gifts from AT&T Research and Microsoft Research.","page":"526 - 538","date_published":"2002-06-19T00:00:00Z","publication_identifier":{"isbn":["9783540439974"]},"scopus_import":"1","alternative_title":["LNCS"],"author":[{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724","last_name":"Henzinger","first_name":"Thomas A"},{"last_name":"Necula","first_name":"George","full_name":"Necula, George"},{"full_name":"Jhala, Ranjit","last_name":"Jhala","first_name":"Ranjit"},{"first_name":"Grégoire","last_name":"Sutre","full_name":"Sutre, Grégoire"},{"full_name":"Majumdar, Ritankar","last_name":"Majumdar","first_name":"Ritankar"},{"last_name":"Weimer","first_name":"Westley","full_name":"Weimer, Westley"}],"extern":"1","quality_controlled":"1","citation":{"mla":"Henzinger, Thomas A., et al. “Temporal Safety Proofs for Systems Code.” <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>, vol. 2404, Springer, 2002, pp. 526–38, doi:<a href=\"https://doi.org/10.1007/3-540-45657-0_45\">10.1007/3-540-45657-0_45</a>.","apa":"Henzinger, T. A., Necula, G., Jhala, R., Sutre, G., Majumdar, R., &#38; Weimer, W. (2002). Temporal safety proofs for systems code. In <i>Proceedings of the 14th International Conference on Computer Aided Verification</i> (Vol. 2404, pp. 526–538). Copenhagen, Denmark: Springer. <a href=\"https://doi.org/10.1007/3-540-45657-0_45\">https://doi.org/10.1007/3-540-45657-0_45</a>","ista":"Henzinger TA, Necula G, Jhala R, Sutre G, Majumdar R, Weimer W. 2002. Temporal safety proofs for systems code. Proceedings of the 14th International Conference on Computer Aided Verification. CAV: Computer Aided Verification, LNCS, vol. 2404, 526–538.","chicago":"Henzinger, Thomas A, George Necula, Ranjit Jhala, Grégoire Sutre, Ritankar Majumdar, and Westley Weimer. “Temporal Safety Proofs for Systems Code.” In <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>, 2404:526–38. Springer, 2002. <a href=\"https://doi.org/10.1007/3-540-45657-0_45\">https://doi.org/10.1007/3-540-45657-0_45</a>.","short":"T.A. Henzinger, G. Necula, R. Jhala, G. Sutre, R. Majumdar, W. Weimer, in:, Proceedings of the 14th International Conference on Computer Aided Verification, Springer, 2002, pp. 526–538.","ieee":"T. A. Henzinger, G. Necula, R. Jhala, G. Sutre, R. Majumdar, and W. Weimer, “Temporal safety proofs for systems code,” in <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>, Copenhagen, Denmark, 2002, vol. 2404, pp. 526–538.","ama":"Henzinger TA, Necula G, Jhala R, Sutre G, Majumdar R, Weimer W. Temporal safety proofs for systems code. In: <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>. Vol 2404. Springer; 2002:526-538. doi:<a href=\"https://doi.org/10.1007/3-540-45657-0_45\">10.1007/3-540-45657-0_45</a>"},"year":"2002","_id":"4472","title":"Temporal safety proofs for systems code","publication":"Proceedings of the 14th International Conference on Computer Aided Verification","publication_status":"published","abstract":[{"lang":"eng","text":"We present a methodology and tool for verifying and certifying systems code. The verification is based on the lazy-abstraction paradigm for intertwining the following three logical steps: construct a predicate abstraction from the code, model check the abstraction, and automatically refine the abstraction based on counterexample analysis. The certification is based on the proof-carrying code paradigm. Lazy abstraction enables the automatic construction of small proof certificates. The methodology is implemented in Blast, the Berkeley Lazy Abstraction Software verification Tool. We describe our experience applying Blast to Linux and Windows device drivers. Given the C code for a driver and for a temporal-safety monitor, Blast automatically generates an easily checkable correctness certificate if the driver satisfies the specification, and an error trace otherwise."}],"volume":2404,"publisher":"Springer","publist_id":"258","intvolume":"      2404","status":"public","date_created":"2018-12-11T12:09:01Z","month":"06","conference":{"location":"Copenhagen, Denmark","start_date":"2002-07-27","name":"CAV: Computer Aided Verification","end_date":"2002-07-31"}},{"publication":"ACM Transactions on Programming Languages and Systems (TOPLAS)","title":"An assume-guarantee rule for checking simulation","_id":"4473","publication_status":"published","abstract":[{"lang":"eng","text":"The simulation preorder on state transition systems is widely accepted as a useful notion of refinement, both in its own right and as an efficiently checkable sufficient condition for trace containment. For composite systems, due to the exponential explosion of the state space, there is a need for decomposing a simulation check of the form P ≤s Q, denoting &quot;P is simulated by Q,&quot; into simpler simulation checks on the components of P and Q. We present an assume-guarantee rule that enables such a decomposition. To the best of our knowledge, this is the first assume-guarantee rule that applies to a refinement relation different from trace containment. Our rule is circular, and its soundness proof requires induction on trace trees. The proof is constructive: given simulation relations that witness the simulation preorder between corresponding components of P and Q, we provide a procedure for constructing a witness relation for P ≤s Q. We also extend our assume-guarantee rule to account for fairness constraints on transition systems."}],"citation":{"mla":"Henzinger, Thomas A., et al. “An Assume-Guarantee Rule for Checking Simulation.” <i>ACM Transactions on Programming Languages and Systems (TOPLAS)</i>, vol. 24, no. 1, ACM, 2002, pp. 51–64, doi:<a href=\"https://doi.org/10.1145/509705.509707\">10.1145/509705.509707</a>.","apa":"Henzinger, T. A., Qadeer, S., Rajamani, S., &#38; Tasiran, S. (2002). An assume-guarantee rule for checking simulation. <i>ACM Transactions on Programming Languages and Systems (TOPLAS)</i>. ACM. <a href=\"https://doi.org/10.1145/509705.509707\">https://doi.org/10.1145/509705.509707</a>","ista":"Henzinger TA, Qadeer S, Rajamani S, Tasiran S. 2002. An assume-guarantee rule for checking simulation. ACM Transactions on Programming Languages and Systems (TOPLAS). 24(1), 51–64.","chicago":"Henzinger, Thomas A, Shaz Qadeer, Sriram Rajamani, and Serdar Tasiran. “An Assume-Guarantee Rule for Checking Simulation.” <i>ACM Transactions on Programming Languages and Systems (TOPLAS)</i>. ACM, 2002. <a href=\"https://doi.org/10.1145/509705.509707\">https://doi.org/10.1145/509705.509707</a>.","short":"T.A. Henzinger, S. Qadeer, S. Rajamani, S. Tasiran, ACM Transactions on Programming Languages and Systems (TOPLAS) 24 (2002) 51–64.","ama":"Henzinger TA, Qadeer S, Rajamani S, Tasiran S. An assume-guarantee rule for checking simulation. <i>ACM Transactions on Programming Languages and Systems (TOPLAS)</i>. 2002;24(1):51-64. doi:<a href=\"https://doi.org/10.1145/509705.509707\">10.1145/509705.509707</a>","ieee":"T. A. Henzinger, S. Qadeer, S. Rajamani, and S. Tasiran, “An assume-guarantee rule for checking simulation,” <i>ACM Transactions on Programming Languages and Systems (TOPLAS)</i>, vol. 24, no. 1. ACM, pp. 51–64, 2002."},"quality_controlled":"1","author":[{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","orcid":"0000−0002−2985−7724","full_name":"Henzinger, Thomas A","first_name":"Thomas A","last_name":"Henzinger"},{"full_name":"Qadeer, Shaz","first_name":"Shaz","last_name":"Qadeer"},{"last_name":"Rajamani","first_name":"Sriram","full_name":"Rajamani, Sriram"},{"full_name":"Tasiran, Serdar","last_name":"Tasiran","first_name":"Serdar"}],"extern":"1","year":"2002","intvolume":"        24","publist_id":"256","date_created":"2018-12-11T12:09:02Z","month":"01","status":"public","volume":24,"issue":"1","publisher":"ACM","article_type":"original","doi":"10.1145/509705.509707","language":[{"iso":"eng"}],"article_processing_charge":"No","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","date_updated":"2023-06-05T07:59:47Z","type":"journal_article","oa_version":"None","day":"01","publication_identifier":{"issn":["0164-0925"]},"scopus_import":"1","date_published":"2002-01-01T00:00:00Z","page":"51 - 64"},{"main_file_link":[{"url":"https://www.sciencedirect.com/science/article/pii/S0890540101930858?via%3Dihub","open_access":"1"}],"citation":{"mla":"Henzinger, Thomas A., et al. “Fair Simulation.” <i>Information and Computation</i>, vol. 173, no. 1, Elsevier, 2002, pp. 64–81, doi:<a href=\"https://doi.org/10.1006/inco.2001.3085\">10.1006/inco.2001.3085</a>.","apa":"Henzinger, T. A., Kupferman, O., &#38; Rajamani, S. (2002). Fair simulation. <i>Information and Computation</i>. Elsevier. <a href=\"https://doi.org/10.1006/inco.2001.3085\">https://doi.org/10.1006/inco.2001.3085</a>","ista":"Henzinger TA, Kupferman O, Rajamani S. 2002. Fair simulation. Information and Computation. 173(1), 64–81.","short":"T.A. Henzinger, O. Kupferman, S. Rajamani, Information and Computation 173 (2002) 64–81.","chicago":"Henzinger, Thomas A, Orna Kupferman, and Sriram Rajamani. “Fair Simulation.” <i>Information and Computation</i>. Elsevier, 2002. <a href=\"https://doi.org/10.1006/inco.2001.3085\">https://doi.org/10.1006/inco.2001.3085</a>.","ama":"Henzinger TA, Kupferman O, Rajamani S. Fair simulation. <i>Information and Computation</i>. 2002;173(1):64-81. doi:<a href=\"https://doi.org/10.1006/inco.2001.3085\">10.1006/inco.2001.3085</a>","ieee":"T. A. Henzinger, O. Kupferman, and S. Rajamani, “Fair simulation,” <i>Information and Computation</i>, vol. 173, no. 1. Elsevier, pp. 64–81, 2002."},"extern":"1","quality_controlled":"1","author":[{"first_name":"Thomas A","last_name":"Henzinger","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724"},{"first_name":"Orna","last_name":"Kupferman","full_name":"Kupferman, Orna"},{"full_name":"Rajamani, Sriram","last_name":"Rajamani","first_name":"Sriram"}],"year":"2002","publication":"Information and Computation","title":"Fair simulation","_id":"4474","oa":1,"abstract":[{"lang":"eng","text":"The simulation preorder for labeled transition systems is defined locally, and operationally, as a game that relates states with their immediate successor states. Simulation enjoys many appealing properties. First, simulation has a denotational characterization: system S simulates system I iff every computation tree embedded in the unrolling of I can be embedded also in the unrolling of S. Second, simulation has a logical characterization: S simulates I iff every universal branching-time formula satisfied by S is satisfied also by I. It follows that simulation is a suitable notion of implementation, and it is the coarsest abstraction of a system that preserves universal branching-time properties. Third, based on its local definition, simulation between finite-state systems can be checked in polynomial time. Finally, simulation implies trace containment, which cannot be defined locally and requires polynomial space for verification. Hence simulation is widely used both in manual and in automatic verification. Liveness assumptions about transition systems are typically modeled using fairness constraints. Existing notions of simulation for fair transition systems, however, are not local, and as a result, many appealing properties of the simulation preorder are lost. We propose a new view of fair simulation by extending the local definition of simulation to account for fairness: system View the MathML sourcefairly simulates system View the MathML source iff in the simulation game, there is a strategy that matches with each fair computation of View the MathML source a fair computation of View the MathML source. Our definition enjoys a denotational characterization and has a logical characterization: View the MathML source fairly simulates View the MathML source iff every fair computation tree (whose infinite paths are fair) embedded in the unrolling of View the MathML source can be embedded also in the unrolling of View the MathML source or, equivalently, iff every Fair-∀AFMC formula satisfied by View the MathML source is satisfied also by View the MathML source (∀AFMC is the universal fragment of the alternation-free μ-calculus). The locality of the definition leads us to a polynomial-time algorithm for checking fair simulation for finite-state systems with weak and strong fairness constraints. Finally, fair simulation implies fair trace containment and is therefore useful as an efficiently computable local criterion for proving linear-time abstraction hierarchies of fair systems."}],"publication_status":"published","volume":173,"issue":"1","publisher":"Elsevier","article_type":"original","intvolume":"       173","publist_id":"255","month":"02","date_created":"2018-12-11T12:09:02Z","status":"public","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","oa_version":"Published Version","date_updated":"2023-06-05T07:53:27Z","type":"journal_article","day":"25","doi":"10.1006/inco.2001.3085","language":[{"iso":"eng"}],"acknowledgement":"We thank Ramin Hojati, Doron Bustan, and the anonymous reviewers for their comments on this paper.","date_published":"2002-02-25T00:00:00Z","page":"64 - 81","scopus_import":"1","publication_identifier":{"issn":["0890-5401"]}},{"oa_version":"None","type":"conference","date_updated":"2023-06-05T07:45:53Z","year":"2002","day":"01","citation":{"apa":"Henzinger, T. A., Jhala, R., Majumdar, R., &#38; Sutre, G. (2002). Lazy abstraction. In <i>Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages</i> (pp. 58–70). Portland, OR, USA: ACM. <a href=\"https://doi.org/10.1145/503272.503279\">https://doi.org/10.1145/503272.503279</a>","mla":"Henzinger, Thomas A., et al. “Lazy Abstraction.” <i>Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages</i>, ACM, 2002, pp. 58–70, doi:<a href=\"https://doi.org/10.1145/503272.503279\">10.1145/503272.503279</a>.","ama":"Henzinger TA, Jhala R, Majumdar R, Sutre G. Lazy abstraction. In: <i>Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages</i>. ACM; 2002:58-70. doi:<a href=\"https://doi.org/10.1145/503272.503279\">10.1145/503272.503279</a>","ieee":"T. A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre, “Lazy abstraction,” in <i>Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages</i>, Portland, OR, USA, 2002, pp. 58–70.","short":"T.A. Henzinger, R. Jhala, R. Majumdar, G. Sutre, in:, Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, ACM, 2002, pp. 58–70.","chicago":"Henzinger, Thomas A, Ranjit Jhala, Ritankar Majumdar, and Grégoire Sutre. “Lazy Abstraction.” In <i>Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages</i>, 58–70. ACM, 2002. <a href=\"https://doi.org/10.1145/503272.503279\">https://doi.org/10.1145/503272.503279</a>.","ista":"Henzinger TA, Jhala R, Majumdar R, Sutre G. 2002. Lazy abstraction. Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages. POPL: Principles of Programming Languages, 58–70."},"user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","extern":"1","quality_controlled":"1","author":[{"full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","first_name":"Thomas A","last_name":"Henzinger"},{"full_name":"Jhala, Ranjit","last_name":"Jhala","first_name":"Ranjit"},{"full_name":"Majumdar, Ritankar","last_name":"Majumdar","first_name":"Ritankar"},{"first_name":"Grégoire","last_name":"Sutre","full_name":"Sutre, Grégoire"}],"article_processing_charge":"No","acknowledgement":"We thank Wes Weimer and Jeff Foster for many useful discussions. \r\n","abstract":[{"lang":"eng","text":"One approach to model checking software is based on the abstract-check-refine paradigm: build an abstract model, then check the desired property, and if the check fails, refine the model and start over. We introduce the concept of lazy abstraction to integrate and optimize the three phases of the abstract-check-refine loop. Lazy abstraction continuously builds and refines a single abstract model on demand, driven by the model checker, so that different parts of the model may exhibit different degrees of precision, namely just enough to verify the desired property. We present an algorithm for model checking safety properties using lazy abstraction and describe an implementation of the algorithm applied to C programs. We also provide sufficient conditions for the termination of the method."}],"publication_status":"published","publication":"Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages","title":"Lazy abstraction","_id":"4476","language":[{"iso":"eng"}],"doi":"10.1145/503272.503279","publisher":"ACM","date_published":"2002-01-01T00:00:00Z","page":"58 - 70","month":"01","conference":{"start_date":"2002-01-16","location":"Portland, OR, USA","name":"POPL: Principles of Programming Languages","end_date":"2002-01-18"},"date_created":"2018-12-11T12:09:03Z","status":"public","scopus_import":"1","publist_id":"254","publication_identifier":{"isbn":["9781581134506"]}},{"month":"06","conference":{"end_date":"2002-07-31","name":"CAV: Computer Aided Verification","start_date":"2002-07-27","location":"Copenhagen, Denmark"},"date_created":"2018-12-11T12:09:29Z","status":"public","intvolume":"      2404","publist_id":"146","publisher":"Springer","volume":2404,"abstract":[{"lang":"eng","text":"We present interface models that describe both the input assumptions of a component, and its output behavior. By enabling us to check that the input assumptions of a component are met in a design, interface models provide a compatibility check for component-based design. When refining a design into an implementation, interface models require that the output behavior of a component satisfies the design specification only when the input assumptions of the specification are satisfied, yielding greater flexibility in the choice of implementations. Technically, our interface models are games between two players, Input and Output; the duality of the players accounts for the dual roles of inputs and outputs in composition and refinement. We present two interface models in detail, one for a simple synchronous form of interaction between components typical in hardware, and the other for more complex synchronous interactions on bidirectional connections. As an example, we specify the interface of a bidirectional bus, with the input assumption that at any time at most one component has write access to the bus. For these interface models, we present algorithms for compatibility and refinement checking, and we describe efficient symbolic implementations."}],"publication_status":"published","publication":"Proceedings of the 14th International Conference on Computer Aided Verification","title":"Synchronous and bidirectional component interfaces","_id":"4562","year":"2002","citation":{"chicago":"Chakrabarti, Arindam, Luca De Alfaro, Thomas A Henzinger, and Freddy Mang. “Synchronous and Bidirectional Component Interfaces.” In <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>, 2404:414–27. Springer, 2002. <a href=\"https://doi.org/10.1007/3-540-45657-0_34\">https://doi.org/10.1007/3-540-45657-0_34</a>.","short":"A. Chakrabarti, L. De Alfaro, T.A. Henzinger, F. Mang, in:, Proceedings of the 14th International Conference on Computer Aided Verification, Springer, 2002, pp. 414–427.","ista":"Chakrabarti A, De Alfaro L, Henzinger TA, Mang F. 2002. Synchronous and bidirectional component interfaces. Proceedings of the 14th International Conference on Computer Aided Verification. CAV: Computer Aided Verification, LNCS, vol. 2404, 414–427.","ieee":"A. Chakrabarti, L. De Alfaro, T. A. Henzinger, and F. Mang, “Synchronous and bidirectional component interfaces,” in <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>, Copenhagen, Denmark, 2002, vol. 2404, pp. 414–427.","ama":"Chakrabarti A, De Alfaro L, Henzinger TA, Mang F. Synchronous and bidirectional component interfaces. In: <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>. Vol 2404. Springer; 2002:414-427. doi:<a href=\"https://doi.org/10.1007/3-540-45657-0_34\">10.1007/3-540-45657-0_34</a>","apa":"Chakrabarti, A., De Alfaro, L., Henzinger, T. A., &#38; Mang, F. (2002). Synchronous and bidirectional component interfaces. In <i>Proceedings of the 14th International Conference on Computer Aided Verification</i> (Vol. 2404, pp. 414–427). Copenhagen, Denmark: Springer. <a href=\"https://doi.org/10.1007/3-540-45657-0_34\">https://doi.org/10.1007/3-540-45657-0_34</a>","mla":"Chakrabarti, Arindam, et al. “Synchronous and Bidirectional Component Interfaces.” <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>, vol. 2404, Springer, 2002, pp. 414–27, doi:<a href=\"https://doi.org/10.1007/3-540-45657-0_34\">10.1007/3-540-45657-0_34</a>."},"extern":"1","author":[{"last_name":"Chakrabarti","first_name":"Arindam","full_name":"Chakrabarti, Arindam"},{"last_name":"De Alfaro","first_name":"Luca","full_name":"De Alfaro, Luca"},{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724","first_name":"Thomas A","last_name":"Henzinger"},{"full_name":"Mang, Freddy","last_name":"Mang","first_name":"Freddy"}],"quality_controlled":"1","alternative_title":["LNCS"],"scopus_import":"1","publication_identifier":{"isbn":["9783540439974"]},"date_published":"2002-06-19T00:00:00Z","page":"414 - 427","acknowledgement":"This research was supported in part by the AFOSR grant F49620-00-1-0327, the DARPA grant F33615-00-C-1693, the MARCO grant 98-DT-660, the NSF grant CCR-9988172, the SRC grant 99-TJ-683.003, and the NSF CAREER award CCR-0132780.","language":[{"iso":"eng"}],"doi":"10.1007/3-540-45657-0_34","oa_version":"None","date_updated":"2023-06-02T12:01:22Z","type":"conference","day":"19","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No"},{"publication":"Proceedings of the 14th International Conference on Computer Aided Verification","title":"Interface compatibility checking for software modules","_id":"4563","publication_status":"published","abstract":[{"text":"We present a formal methodology and tool for uncovering errors in the interaction of software modules. Our methodology consists of a suite of languages for defining software interfaces, and algorithms for checking interface compatibility. We focus on interfaces that explain the method-call dependencies between software modules. Such an interface makes assumptions about the environment in the form of call and availability constraints. A call constraint restricts the accessibility of local methods to certain external methods. An availability constraint restricts the accessibility of local methods to certain states of the module. For example, the interface for a file server with local methods open and read may assert that a file cannot be read without having been opened. Checking interface compatibility requires the solution of games, and in the presence of availability constraints, of pushdown games. Based on this methodology, we have implemented a tool that has uncovered incompatibilities in TinyOS, a small operating system for sensor nodes in adhoc networks.","lang":"eng"}],"citation":{"mla":"Chakrabarti, Arindam, et al. “Interface Compatibility Checking for Software Modules.” <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>, vol. 2404, Springer, 2002, pp. 428–41, doi:<a href=\"https://doi.org/10.1007/3-540-45657-0_35\">10.1007/3-540-45657-0_35</a>.","apa":"Chakrabarti, A., De Alfaro, L., Henzinger, T. A., Jurdziński, M., &#38; Mang, F. (2002). Interface compatibility checking for software modules. In <i>Proceedings of the 14th International Conference on Computer Aided Verification</i> (Vol. 2404, pp. 428–441). Copenhagen, Denmark: Springer. <a href=\"https://doi.org/10.1007/3-540-45657-0_35\">https://doi.org/10.1007/3-540-45657-0_35</a>","ama":"Chakrabarti A, De Alfaro L, Henzinger TA, Jurdziński M, Mang F. Interface compatibility checking for software modules. In: <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>. Vol 2404. Springer; 2002:428-441. doi:<a href=\"https://doi.org/10.1007/3-540-45657-0_35\">10.1007/3-540-45657-0_35</a>","ieee":"A. Chakrabarti, L. De Alfaro, T. A. Henzinger, M. Jurdziński, and F. Mang, “Interface compatibility checking for software modules,” in <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>, Copenhagen, Denmark, 2002, vol. 2404, pp. 428–441.","ista":"Chakrabarti A, De Alfaro L, Henzinger TA, Jurdziński M, Mang F. 2002. Interface compatibility checking for software modules. Proceedings of the 14th International Conference on Computer Aided Verification. CAV: Computer Aided Verification, LNCS, vol. 2404, 428–441.","chicago":"Chakrabarti, Arindam, Luca De Alfaro, Thomas A Henzinger, Marcin Jurdziński, and Freddy Mang. “Interface Compatibility Checking for Software Modules.” In <i>Proceedings of the 14th International Conference on Computer Aided Verification</i>, 2404:428–41. Springer, 2002. <a href=\"https://doi.org/10.1007/3-540-45657-0_35\">https://doi.org/10.1007/3-540-45657-0_35</a>.","short":"A. Chakrabarti, L. De Alfaro, T.A. Henzinger, M. Jurdziński, F. Mang, in:, Proceedings of the 14th International Conference on Computer Aided Verification, Springer, 2002, pp. 428–441."},"extern":"1","quality_controlled":"1","author":[{"last_name":"Chakrabarti","first_name":"Arindam","full_name":"Chakrabarti, Arindam"},{"full_name":"De Alfaro, Luca","first_name":"Luca","last_name":"De Alfaro"},{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724","last_name":"Henzinger","first_name":"Thomas A"},{"last_name":"Jurdziński","first_name":"Marcin","full_name":"Jurdziński, Marcin"},{"last_name":"Mang","first_name":"Freddy","full_name":"Mang, Freddy"}],"year":"2002","intvolume":"      2404","publist_id":"147","date_created":"2018-12-11T12:09:30Z","month":"06","conference":{"end_date":"2002-07-31","name":"CAV: Computer Aided Verification","location":"Copenhagen, Denmark","start_date":"2002-07-27"},"status":"public","volume":2404,"publisher":"Springer","language":[{"iso":"eng"}],"doi":"10.1007/3-540-45657-0_35","acknowledgement":"This research was supported in part by the AFOSR grant F49620-00-1-0327, the DARPA grant F33615-00-C-1693, the MARCO grant 98-DT-660, the NSF grants CCR-9988172, CCR-0085949, CCR-0132780, the SRC grant 99-TJ-683, and the Polish KBN grant 7-T11C-027-20.","article_processing_charge":"No","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","type":"conference","date_updated":"2023-06-05T07:38:10Z","oa_version":"None","day":"19","alternative_title":["LNCS"],"publication_identifier":{"isbn":[" 9783540439974"]},"scopus_import":"1","date_published":"2002-06-19T00:00:00Z","page":"428 - 441"},{"title":"A comparison of control problems for timed and hybrid systems","publication":"Proceedings of the 5th International Workshop on Hybrid Systems: Computation and Control","_id":"4565","publication_status":"published","abstract":[{"text":"In the literature, we find several formulations of the control\r\nproblem for timed and hybrid systems. We argue that formulations where\r\na controller can cause an action at any point in dense (rational or real)\r\ntime are problematic, by presenting an example where the controller\r\nmust act faster and faster, yet causes no Zeno effects (say, the control\r\nactions are at times 0, 1/2, 1, 1 1/4, 2, 2 1/8, 3, 3 1/16 ,...). Such a controller is,\r\nof course, not implementable in software. Such controllers are avoided by formulations where the controller can cause actions only at discrete (integer) points in time. While the resulting control problem is well- understood if the time unit, or “sampling rate” of the controller, is fixed a priori, we define a novel, stronger formulation: the discrete-time control problem with unknown sampling rate asks if a sampling controller exists for some sampling rate. We prove that this problem is undecidable even in the special case of timed automata.","lang":"eng"}],"citation":{"apa":"Cassez, F., Henzinger, T. A., &#38; Raskin, J. (2002). A comparison of control problems for timed and hybrid systems. In <i>Proceedings of the 5th International Workshop on Hybrid Systems: Computation and Control</i> (Vol. 2289, pp. 134–148). Stanford, CA, USA: Springer. <a href=\"https://doi.org/10.1007/3-540-45873-5_13\">https://doi.org/10.1007/3-540-45873-5_13</a>","mla":"Cassez, Franck, et al. “A Comparison of Control Problems for Timed and Hybrid Systems.” <i>Proceedings of the 5th International Workshop on Hybrid Systems: Computation and Control</i>, vol. 2289, Springer, 2002, pp. 134–48, doi:<a href=\"https://doi.org/10.1007/3-540-45873-5_13\">10.1007/3-540-45873-5_13</a>.","ama":"Cassez F, Henzinger TA, Raskin J. A comparison of control problems for timed and hybrid systems. In: <i>Proceedings of the 5th International Workshop on Hybrid Systems: Computation and Control</i>. Vol 2289. Springer; 2002:134-148. doi:<a href=\"https://doi.org/10.1007/3-540-45873-5_13\">10.1007/3-540-45873-5_13</a>","ieee":"F. Cassez, T. A. Henzinger, and J. Raskin, “A comparison of control problems for timed and hybrid systems,” in <i>Proceedings of the 5th International Workshop on Hybrid Systems: Computation and Control</i>, Stanford, CA, USA, 2002, vol. 2289, pp. 134–148.","short":"F. Cassez, T.A. Henzinger, J. Raskin, in:, Proceedings of the 5th International Workshop on Hybrid Systems: Computation and Control, Springer, 2002, pp. 134–148.","chicago":"Cassez, Franck, Thomas A Henzinger, and Jean Raskin. “A Comparison of Control Problems for Timed and Hybrid Systems.” In <i>Proceedings of the 5th International Workshop on Hybrid Systems: Computation and Control</i>, 2289:134–48. Springer, 2002. <a href=\"https://doi.org/10.1007/3-540-45873-5_13\">https://doi.org/10.1007/3-540-45873-5_13</a>.","ista":"Cassez F, Henzinger TA, Raskin J. 2002. A comparison of control problems for timed and hybrid systems. Proceedings of the 5th International Workshop on Hybrid Systems: Computation and Control. HSCC: Hybrid Systems - Computation and Control, LNCS, vol. 2289, 134–148."},"quality_controlled":"1","extern":"1","author":[{"full_name":"Cassez, Franck","first_name":"Franck","last_name":"Cassez"},{"orcid":"0000−0002−2985−7724","full_name":"Henzinger, Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","last_name":"Henzinger","first_name":"Thomas A"},{"full_name":"Raskin, Jean","first_name":"Jean","last_name":"Raskin"}],"year":"2002","intvolume":"      2289","publist_id":"144","date_created":"2018-12-11T12:09:30Z","conference":{"end_date":"2002-03-27","name":"HSCC: Hybrid Systems - Computation and Control","start_date":"2002-03-25","location":"Stanford, CA, USA"},"month":"03","status":"public","volume":2289,"publisher":"Springer","language":[{"iso":"eng"}],"doi":"10.1007/3-540-45873-5_13","acknowledgement":"Partially supported by the FNRS, Belgium, under grant 1.5.096.01.\r\nPartially supported by the DARPA SEC grant F33615-C-98-3614, the AFOSR MURI grant F49620-00-1-0327, the NSF Theory grant CCR-9988172, and the MARCO GSRC grant 98-DT-660.\r\nPartially supported by a “Crédit aux chercheurs” from the Belgian National Fund for Scientific Research.","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","type":"conference","date_updated":"2023-06-02T10:29:10Z","oa_version":"None","day":"14","alternative_title":["LNCS"],"publication_identifier":{"isbn":["9783540433217"]},"scopus_import":"1","date_published":"2002-03-14T00:00:00Z","page":"134 - 148"},{"year":"2002","author":[{"first_name":"Rajeev","last_name":"Alur","full_name":"Alur, Rajeev"},{"first_name":"Thomas A","last_name":"Henzinger","orcid":"0000−0002−2985−7724","full_name":"Henzinger, Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87"},{"full_name":"Kupferman, Orna","last_name":"Kupferman","first_name":"Orna"}],"quality_controlled":"1","extern":"1","citation":{"ama":"Alur R, Henzinger TA, Kupferman O. Alternating-time temporal logic. <i>Journal of the ACM</i>. 2002;49(5):672-713. doi:<a href=\"https://doi.org/10.1145/585265.585270\">10.1145/585265.585270</a>","ieee":"R. Alur, T. A. Henzinger, and O. Kupferman, “Alternating-time temporal logic,” <i>Journal of the ACM</i>, vol. 49, no. 5. ACM, pp. 672–713, 2002.","chicago":"Alur, Rajeev, Thomas A Henzinger, and Orna Kupferman. “Alternating-Time Temporal Logic.” <i>Journal of the ACM</i>. ACM, 2002. <a href=\"https://doi.org/10.1145/585265.585270\">https://doi.org/10.1145/585265.585270</a>.","short":"R. Alur, T.A. Henzinger, O. Kupferman, Journal of the ACM 49 (2002) 672–713.","ista":"Alur R, Henzinger TA, Kupferman O. 2002. Alternating-time temporal logic. Journal of the ACM. 49(5), 672–713.","mla":"Alur, Rajeev, et al. “Alternating-Time Temporal Logic.” <i>Journal of the ACM</i>, vol. 49, no. 5, ACM, 2002, pp. 672–713, doi:<a href=\"https://doi.org/10.1145/585265.585270\">10.1145/585265.585270</a>.","apa":"Alur, R., Henzinger, T. A., &#38; Kupferman, O. (2002). Alternating-time temporal logic. <i>Journal of the ACM</i>. ACM. <a href=\"https://doi.org/10.1145/585265.585270\">https://doi.org/10.1145/585265.585270</a>"},"abstract":[{"text":"Temporal logic comes in two varieties: linear-time temporal logic assumes implicit universal quantification over all paths that are generated by the execution of a system; branching-time temporal logic allows explicit existential and universal quantification over all paths. We introduce a third, more general variety of temporal logic: alternating-time temporal logic offers selective quantification over those paths that are possible outcomes of games, such as the game in which the system and the environment alternate moves. While linear-time and branching-time logics are natural specification languages for closed systems, alternating-time logics are natural specification languages for open systems. For example, by preceding the temporal operator &quot;eventually&quot; with a selective path quantifier, we can specify that in the game between the system and the environment, the system has a strategy to reach a certain state. The problems of receptiveness, realizability, and controllability can be formulated as model-checking problems for alternating-time formulas. Depending on whether or not we admit arbitrary nesting of selective path quantifiers and temporal operators, we obtain the two alternating-time temporal logics ATL and ATL*.ATL and ATL* are interpreted over concurrent game structures. Every state transition of a concurrent game structure results from a choice of moves, one for each player. The players represent individual components and the environment of an open system. Concurrent game structures can capture various forms of synchronous composition for open systems, and if augmented with fairness constraints, also asynchronous composition. Over structures without fairness constraints, the model-checking complexity of ATL is linear in the size of the game structure and length of the formula, and the symbolic model-checking algorithm for CTL extends with few modifications to ATL. Over structures with weak-fairness constraints, ATL model checking requires the solution of 1-pair Rabin games, and can be done in polynomial time. Over structures with strong-fairness constraints, ATL model checking requires the solution of games with Boolean combinations of Büchi conditions, and can be done in PSPACE. In the case of ATL*, the model-checking problem is closely related to the synthesis problem for linear-time formulas, and requires doubly exponential time.","lang":"eng"}],"publication_status":"published","_id":"4595","title":"Alternating-time temporal logic","publication":"Journal of the ACM","article_type":"original","publisher":"ACM","volume":49,"issue":"5","status":"public","month":"09","date_created":"2018-12-11T12:09:40Z","publist_id":"110","intvolume":"        49","day":"01","oa_version":"None","type":"journal_article","date_updated":"2023-06-02T10:07:22Z","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","acknowledgement":"We thank Luca de Alfaro, Kousha Etessami, Salvatore La Torre, P. Madhusudan, Amir Pnueli, Moshe Vardi, Thomas Wilke, and Mihalis Yannakakis for helpful discussions. We also thank Freddy Mang for comments on a draft of this manuscript.","language":[{"iso":"eng"}],"doi":"10.1145/585265.585270","page":"672 - 713","date_published":"2002-09-01T00:00:00Z","scopus_import":"1","publication_identifier":{"issn":["0004-5411"]}},{"volume":2491,"publisher":"ACM","publist_id":"76","intvolume":"      2491","status":"public","conference":{"end_date":"2002-10-09","name":"EMSOFT: Embedded Software ","start_date":"2002-10-07","location":"Grenoble, France"},"month":"10","date_created":"2018-12-11T12:09:51Z","author":[{"full_name":"De Alfaro, Luca","first_name":"Luca","last_name":"De Alfaro"},{"first_name":"Thomas A","last_name":"Henzinger","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","full_name":"Henzinger, Thomas A","orcid":"0000−0002−2985−7724"},{"full_name":"Stoelinga, Mariëlle","last_name":"Stoelinga","first_name":"Mariëlle"}],"extern":"1","quality_controlled":"1","citation":{"mla":"De Alfaro, Luca, et al. “Timed Interfaces.” <i>Proceedings of the 2nd International Conference on Embedded Software</i>, vol. 2491, ACM, 2002, pp. 108–22, doi:<a href=\"https://doi.org/10.1007/3-540-45828-X_9\">10.1007/3-540-45828-X_9</a>.","apa":"De Alfaro, L., Henzinger, T. A., &#38; Stoelinga, M. (2002). Timed interfaces. In <i>Proceedings of the 2nd International Conference on Embedded Software</i> (Vol. 2491, pp. 108–122). Grenoble, France: ACM. <a href=\"https://doi.org/10.1007/3-540-45828-X_9\">https://doi.org/10.1007/3-540-45828-X_9</a>","ama":"De Alfaro L, Henzinger TA, Stoelinga M. Timed interfaces. In: <i>Proceedings of the 2nd International Conference on Embedded Software</i>. Vol 2491. ACM; 2002:108-122. doi:<a href=\"https://doi.org/10.1007/3-540-45828-X_9\">10.1007/3-540-45828-X_9</a>","ieee":"L. De Alfaro, T. A. Henzinger, and M. Stoelinga, “Timed interfaces,” in <i>Proceedings of the 2nd International Conference on Embedded Software</i>, Grenoble, France, 2002, vol. 2491, pp. 108–122.","ista":"De Alfaro L, Henzinger TA, Stoelinga M. 2002. Timed interfaces. Proceedings of the 2nd International Conference on Embedded Software. EMSOFT: Embedded Software , LNCS, vol. 2491, 108–122.","chicago":"De Alfaro, Luca, Thomas A Henzinger, and Mariëlle Stoelinga. “Timed Interfaces.” In <i>Proceedings of the 2nd International Conference on Embedded Software</i>, 2491:108–22. ACM, 2002. <a href=\"https://doi.org/10.1007/3-540-45828-X_9\">https://doi.org/10.1007/3-540-45828-X_9</a>.","short":"L. De Alfaro, T.A. Henzinger, M. Stoelinga, in:, Proceedings of the 2nd International Conference on Embedded Software, ACM, 2002, pp. 108–122."},"year":"2002","_id":"4631","publication":"Proceedings of the 2nd International Conference on Embedded Software","title":"Timed interfaces","abstract":[{"lang":"eng","text":"We present a theory of timed interfaces, which is capable of specifying both the timing of the inputs a component expects from the environment, and the timing of the outputs it can produce. Two timed interfaces are compatible if there is a way to use them together such that their timing expectations are met. Our theory provides algorithms for checking the compatibility between two interfaces and for deriving the composite interface; the theory can thus be viewed as a type system for real-time interaction. Technically, a timed interface is encoded as a timed game between two players, representing the inputs and outputs of the component. The algorithms for compatibility checking and interface composition are thus derived from algorithms for solving timed games."}],"publication_status":"published","page":"108 - 122","date_published":"2002-10-24T00:00:00Z","publication_identifier":{"isbn":["9783540443070"]},"alternative_title":["LNCS"],"user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","day":"24","oa_version":"None","type":"conference","date_updated":"2023-06-02T10:00:32Z","language":[{"iso":"eng"}],"doi":"10.1007/3-540-45828-X_9","acknowledgement":"This research was supported in part by the NSF CAREER award CCR-0132780, the NSF grant CCR-9988172 the AFOSR MURI grant F49620-00-1-0327, the DARPA PCES grant F33615-00-C-1693, the MARCO GSRC grant 98-DT-660, and the ONR grant N00014-02-1-0671."},{"page":"499 - 501","external_id":{"pmid":["11721681"]},"date_published":"2001-09-01T00:00:00Z","scopus_import":"1","publication_identifier":{"issn":["0168-9479"]},"day":"01","oa_version":"None","type":"journal_article","date_updated":"2023-06-02T09:38:37Z","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","doi":"10.1016/S0168-9525(01)02376-9","language":[{"iso":"eng"}],"publisher":"Elsevier","article_type":"original","volume":17,"issue":"9","status":"public","month":"09","date_created":"2018-12-11T11:48:47Z","publist_id":"6805","intvolume":"        17","year":"2001","author":[{"full_name":"Wolf, Yuri","last_name":"Wolf","first_name":"Yuri"},{"id":"44FDEF62-F248-11E8-B48F-1D18A9856A87","orcid":"0000-0001-8243-4694","full_name":"Kondrashov, Fyodor","first_name":"Fyodor","last_name":"Kondrashov"},{"last_name":"Koonin","first_name":"Eugene","full_name":"Koonin, Eugene"}],"extern":"1","quality_controlled":"1","citation":{"apa":"Wolf, Y., Kondrashov, F., &#38; Koonin, E. (2001). Footprints of primordial introns on the eukaryotic genome: still no clear traces . <i>Trends in Genetics</i>. Elsevier. <a href=\"https://doi.org/10.1016/S0168-9525(01)02376-9\">https://doi.org/10.1016/S0168-9525(01)02376-9</a>","mla":"Wolf, Yuri, et al. “Footprints of Primordial Introns on the Eukaryotic Genome: Still No Clear Traces .” <i>Trends in Genetics</i>, vol. 17, no. 9, Elsevier, 2001, pp. 499–501, doi:<a href=\"https://doi.org/10.1016/S0168-9525(01)02376-9\">10.1016/S0168-9525(01)02376-9</a>.","ista":"Wolf Y, Kondrashov F, Koonin E. 2001. Footprints of primordial introns on the eukaryotic genome: still no clear traces . Trends in Genetics. 17(9), 499–501.","chicago":"Wolf, Yuri, Fyodor Kondrashov, and Eugene Koonin. “Footprints of Primordial Introns on the Eukaryotic Genome: Still No Clear Traces .” <i>Trends in Genetics</i>. Elsevier, 2001. <a href=\"https://doi.org/10.1016/S0168-9525(01)02376-9\">https://doi.org/10.1016/S0168-9525(01)02376-9</a>.","short":"Y. Wolf, F. Kondrashov, E. Koonin, Trends in Genetics 17 (2001) 499–501.","ieee":"Y. Wolf, F. Kondrashov, and E. Koonin, “Footprints of primordial introns on the eukaryotic genome: still no clear traces ,” <i>Trends in Genetics</i>, vol. 17, no. 9. Elsevier, pp. 499–501, 2001.","ama":"Wolf Y, Kondrashov F, Koonin E. Footprints of primordial introns on the eukaryotic genome: still no clear traces . <i>Trends in Genetics</i>. 2001;17(9):499-501. doi:<a href=\"https://doi.org/10.1016/S0168-9525(01)02376-9\">10.1016/S0168-9525(01)02376-9</a>"},"publication_status":"published","_id":"841","pmid":1,"title":"Footprints of primordial introns on the eukaryotic genome: still no clear traces ","publication":"Trends in Genetics"},{"abstract":[{"text":"The study and comparison of mutation(al) spectra is an important problem in molecular biology, because these spectra often reflect on important features of mutations and their fixation. Such features include the interaction of DNA with various mutagens, the function of repair/replication enzymes, and properties of target proteins. It is known that mutability varies significantly along nucleotide sequences, such that mutations often concentrate at certain positions, called &quot;hotspots,&quot; in a sequence. In this paper, we discuss in detail two approaches for mutation spectra analysis: the comparison of mutation spectra with a HG-PUBL program, (FTP: sunsite.unc.edu/pub/academic/ biology/dna-mutations/hyperg) and hotspot prediction with the CLUSTERM program (www.itba.mi.cnr.it/webmutation; ftp.bionet.nsc.ru/pub/biology/dbms/clusterm.zip). Several other approaches for mutational spectra analysis, such as the analysis of a target protein structure, hotspot context revealing, multiple spectra comparisons, as well as a number of mutation databases are briefly described. Mutation spectra in the lacI gene of E. coli and the human p53 gene are used for illustration of various difficulties of such analysis.","lang":"eng"}],"publication_status":"published","_id":"851","pmid":1,"publication":"Human Mutation","title":"Use of mutation spectra analysis software","year":"2001","author":[{"full_name":"Rogozin, Igor","last_name":"Rogozin","first_name":"Igor"},{"id":"44FDEF62-F248-11E8-B48F-1D18A9856A87","full_name":"Kondrashov, Fyodor","orcid":"0000-0001-8243-4694","first_name":"Fyodor","last_name":"Kondrashov"},{"full_name":"Glazko, Galina","first_name":"Galina","last_name":"Glazko"}],"extern":"1","quality_controlled":"1","citation":{"mla":"Rogozin, Igor, et al. “Use of Mutation Spectra Analysis Software.” <i>Human Mutation</i>, vol. 17, no. 2, Wiley-Blackwell, 2001, pp. 83–102, doi:<a href=\"https://doi.org/10.1002/1098-1004(200102)17:2&#38;lt;83::AID-HUMU1&#38;gt;3.0.CO;2-E\">10.1002/1098-1004(200102)17:2&#38;lt;83::AID-HUMU1&#38;gt;3.0.CO;2-E</a>.","apa":"Rogozin, I., Kondrashov, F., &#38; Glazko, G. (2001). Use of mutation spectra analysis software. <i>Human Mutation</i>. Wiley-Blackwell. <a href=\"https://doi.org/10.1002/1098-1004(200102)17:2&#38;lt;83::AID-HUMU1&#38;gt;3.0.CO;2-E\">https://doi.org/10.1002/1098-1004(200102)17:2&#38;lt;83::AID-HUMU1&#38;gt;3.0.CO;2-E</a>","ista":"Rogozin I, Kondrashov F, Glazko G. 2001. Use of mutation spectra analysis software. Human Mutation. 17(2), 83–102.","short":"I. Rogozin, F. Kondrashov, G. Glazko, Human Mutation 17 (2001) 83–102.","chicago":"Rogozin, Igor, Fyodor Kondrashov, and Galina Glazko. “Use of Mutation Spectra Analysis Software.” <i>Human Mutation</i>. Wiley-Blackwell, 2001. <a href=\"https://doi.org/10.1002/1098-1004(200102)17:2&#38;lt;83::AID-HUMU1&#38;gt;3.0.CO;2-E\">https://doi.org/10.1002/1098-1004(200102)17:2&#38;lt;83::AID-HUMU1&#38;gt;3.0.CO;2-E</a>.","ama":"Rogozin I, Kondrashov F, Glazko G. Use of mutation spectra analysis software. <i>Human Mutation</i>. 2001;17(2):83-102. doi:<a href=\"https://doi.org/10.1002/1098-1004(200102)17:2&#38;lt;83::AID-HUMU1&#38;gt;3.0.CO;2-E\">10.1002/1098-1004(200102)17:2&#38;lt;83::AID-HUMU1&#38;gt;3.0.CO;2-E</a>","ieee":"I. Rogozin, F. Kondrashov, and G. Glazko, “Use of mutation spectra analysis software,” <i>Human Mutation</i>, vol. 17, no. 2. Wiley-Blackwell, pp. 83–102, 2001."},"status":"public","month":"01","date_created":"2018-12-11T11:48:50Z","publist_id":"6796","intvolume":"        17","article_type":"original","publisher":"Wiley-Blackwell","volume":17,"issue":"2","acknowledgement":"Russian Fund of Fundamental Research. Grant Number: 99-04-49535. NIH. Grant Number: GM 20293. NASA. Grant Number: NCC2-1057","language":[{"iso":"eng"}],"doi":"10.1002/1098-1004(200102)17:2&lt;83::AID-HUMU1&gt;3.0.CO;2-E","day":"01","oa_version":"None","type":"journal_article","date_updated":"2023-06-02T09:22:17Z","user_id":"ea97e931-d5af-11eb-85d4-e6957dddbf17","article_processing_charge":"No","scopus_import":"1","publication_identifier":{"issn":["1059-7794"]},"page":"83 - 102","external_id":{"pmid":["11180592"]},"date_published":"2001-01-01T00:00:00Z"},{"publisher":"American Mathematical Society","article_type":"original","date_published":"2001-04-24T00:00:00Z","keyword":["General Mathematics"],"page":"28-36","volume":7,"issue":"5","date_created":"2020-09-18T10:49:43Z","month":"04","status":"public","intvolume":"         7","publication_identifier":{"issn":["1079-6762"]},"date_updated":"2021-01-12T08:19:51Z","type":"journal_article","oa_version":"None","day":"24","year":"2001","citation":{"chicago":"Kaloshin, Vadim, and Brian R. Hunt. “A Stretched Exponential Bound on the Rate of Growth of the Number of Periodic Points for Prevalent Diffeomorphisms II.” <i>Electronic Research Announcements of the American Mathematical Society</i>. American Mathematical Society, 2001. <a href=\"https://doi.org/10.1090/s1079-6762-01-00091-9\">https://doi.org/10.1090/s1079-6762-01-00091-9</a>.","short":"V. Kaloshin, B.R. Hunt, Electronic Research Announcements of the American Mathematical Society 7 (2001) 28–36.","ista":"Kaloshin V, Hunt BR. 2001. A stretched exponential bound on the rate of growth of the number of periodic points for prevalent diffeomorphisms II. Electronic Research Announcements of the American Mathematical Society. 7(5), 28–36.","ama":"Kaloshin V, Hunt BR. A stretched exponential bound on the rate of growth of the number of periodic points for prevalent diffeomorphisms II. <i>Electronic Research Announcements of the American Mathematical Society</i>. 2001;7(5):28-36. doi:<a href=\"https://doi.org/10.1090/s1079-6762-01-00091-9\">10.1090/s1079-6762-01-00091-9</a>","ieee":"V. Kaloshin and B. R. Hunt, “A stretched exponential bound on the rate of growth of the number of periodic points for prevalent diffeomorphisms II,” <i>Electronic Research Announcements of the American Mathematical Society</i>, vol. 7, no. 5. American Mathematical Society, pp. 28–36, 2001.","apa":"Kaloshin, V., &#38; Hunt, B. R. (2001). A stretched exponential bound on the rate of growth of the number of periodic points for prevalent diffeomorphisms II. <i>Electronic Research Announcements of the American Mathematical Society</i>. American Mathematical Society. <a href=\"https://doi.org/10.1090/s1079-6762-01-00091-9\">https://doi.org/10.1090/s1079-6762-01-00091-9</a>","mla":"Kaloshin, Vadim, and Brian R. Hunt. “A Stretched Exponential Bound on the Rate of Growth of the Number of Periodic Points for Prevalent Diffeomorphisms II.” <i>Electronic Research Announcements of the American Mathematical Society</i>, vol. 7, no. 5, American Mathematical Society, 2001, pp. 28–36, doi:<a href=\"https://doi.org/10.1090/s1079-6762-01-00091-9\">10.1090/s1079-6762-01-00091-9</a>."},"quality_controlled":"1","extern":"1","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","article_processing_charge":"No","author":[{"last_name":"Kaloshin","first_name":"Vadim","full_name":"Kaloshin, Vadim","orcid":"0000-0002-6051-2628","id":"FE553552-CDE8-11E9-B324-C0EBE5697425"},{"full_name":"Hunt, Brian R.","first_name":"Brian R.","last_name":"Hunt"}],"publication_status":"published","abstract":[{"text":"We continue the previous article's discussion of bounds, for prevalent diffeomorphisms of smooth compact manifolds, on the growth of the number of periodic points and the decay of their hyperbolicity as a function of their period $n$. In that article we reduced the main results to a problem, for certain families of diffeomorphisms, of bounding the measure of parameter values for which the diffeomorphism has (for a given period $n$) an almost periodic point that is almost nonhyperbolic. We also formulated our results for $1$-dimensional endomorphisms on a compact interval. In this article we describe some of the main techniques involved and outline the rest of the proof. To simplify notation, we concentrate primarily on the $1$-dimensional case.","lang":"eng"}],"publication":"Electronic Research Announcements of the American Mathematical Society","title":"A stretched exponential bound on the rate of growth of the number of periodic points for prevalent diffeomorphisms II","language":[{"iso":"eng"}],"doi":"10.1090/s1079-6762-01-00091-9","_id":"8521"}]