• Publications
  • Influence
KIV: overview and VerifyThis competition
TLDR
KIV is an interactive specification and verification system that we are developing since the mid-1980s. Expand
  • 41
  • 6
The Mondex Challenge: Machine Checked Proofs for an Electronic Purse
TLDR
The Mondex case study about the specification and refinement of an electronic purse as defined in [SCJ00] has recently been proposed as a challenge for formal system-supported verification. Expand
  • 37
  • 2
Verification of a Virtual Filesystem Switch
TLDR
This paper bridges the gap between an abstract specification of POSIX and a realistic model of VFS by ASM refinement. Expand
  • 25
  • 2
  • PDF
Verification of Mondex electronic purses with KIV: from transactions to a security protocol
TLDR
We extend the Mondex case study here with a refinement to a suitable security protocol that uses symmetric cryptography to achieve the necessary properties of the security-relevant messages. Expand
  • 35
  • 1
  • PDF
Abstract Specification of the UBIFS File System for Flash Memory
TLDR
This paper develops a formal, abstract model for the UBIFS flash file system, which has recently been included in the Linux kernel. Expand
  • 38
  • 1
  • PDF
The user interface of the KIV verification system: a system description
TLDR
This article describes the sophisticated graphical user interface (GUI) of the KIV verication system that works on structured algebraic specications. Expand
  • 17
  • 1
A Systematic Verification Approach for Mondex Electronic Purses Using ASMs
TLDR
In previous work we solved the challenge to mechanically verify the Mondex challenge about the specification and refinement of an electronic purse, using the data refinement framework. Expand
  • 30
  • PDF
Development of a Verified Flash File System
TLDR
This paper gives an overview over the development of a formally verified file system for flash memory. Expand
  • 26
Verifying Smart Card Applications: An ASM Approach
TLDR
We present PROSECCO1, a formal model for security protocols of smart card applications, based on Abstract State Machines (ASM) [BS03],[Gur95], and a suitable method for verifying security properties of such protocols. Expand
  • 24