Learn More
This paper addresses the formal verification of diagnosis systems. We tackle the problem of diagnos-ability: given a partially observable dynamic system , and a diagnosis system observing its evolution over time, we discuss how to verify (at design time) if the diagnosis system will be able to infer (at run-time) the required information on the hidden part(More)
We show that the problem of model checking multi-dimensional modal logics can be reduced to the problem of model checking ARCTL, an extension of the temporal logic CTL with action labels and operators to reason about actions. In particular, we introduce a methodology for model checking a temporal-epistemic logic by building upon an extension of the model(More)
While autonomous systems offer great promise in terms of capability and flexibility, their reliability is particularly hard to assess. This paper describes research to apply formal verification methods to languages used to develop autonomy software. In particular, we describe tools that automatically convert autonomy software into formal models that are(More)
This paper discusses the use of formal methods for analysing human-computer interaction. We focus on the mode confusion problem that arises whenever the user thinks that the system is doing something while it is in fact doing another thing. We consider two kinds of models: the system model describes the actual behaviour of the system and the mental model(More)
—Automated systems are increasingly complex, making it hard to design interfaces for human operators. Human-machine interaction (HMI) errors like automation surprises are more likely to appear and lead to system failures or accidents. In previous work, we studied the problem of generating system abstractions, called mental models, that facilitate system(More)
We use the formal language LOTOS to specify and verify the robustness of the Equicrypt protocol under design in the European OKAPI project for conditional access to multimedia services. We state some desired security properties and formalize them. We describe a generic intruder process and its modelling, and show that some properties are falsified in the(More)
Artifical Intelligence (AI) is useful. AI can deliver more functionality for reduced cost. AI should be used more widely but won't be unless developers can trust ada-pative, nondeterministic, or complex AI systems. Verification and validation is one method used by software analysts to gain that trust. AI systems have features that make them hard to check(More)
The goal of the work presented in this paper was to test the adequacy of LOTOS for the specification of operating systems, by specifying the basic structures and functionalities of the distributed operating system CHORUSּ V3. The paper focusses on the discussion of the issues encountered during the development of the specification, rather than on the(More)