• Publications
  • Influence
Coverage metrics for requirements-based testing
TLDR
In black-box testing, one is interested in creating a suite of tests from requirements that adequately exercise the behavior of a software system without regard to the internal structure of the implementation. Expand
  • 142
  • 10
  • PDF
Compositional Verification of Architectural Models
TLDR
This paper describes a design flow and supporting tools to significantly improve the design and verification of complex cyber-physical systems. Expand
  • 97
  • 10
  • PDF
A proposal for model-based safety analysis
TLDR
We propose an approach, Model-Based Safety Analysis, in which the system and safety engineers use the same system models created during a model-based development process. Expand
  • 88
  • 8
  • PDF
Software model checking takes off
TLDR
A translator framework enables the use of model checking in complex avionics systems and other industrial settings using a variety of model checkers and theorem provers. Expand
  • 148
  • 5
  • PDF
Programs, tests, and oracles: the foundations of testing revisited
TLDR
We extend Gourlay's functional description of testing with the notion of a test oracle, an aspect of testing largely overlooked in previous foundational work and only lightly explored in general. Expand
  • 86
  • 5
  • PDF
Efficient generation of inductive validity cores for safety properties
TLDR
We present a new algorithm to efficiently compute an inductive validity core (IVC) within a model necessary for inductive proofs of safety properties for sequential systems. Expand
  • 28
  • 5
  • PDF
Reduction and slicing of hierarchical state machines
TLDR
Formal specification languages are often criticized for being difficult to understand, difficult to use, and unacceptable by software practitioners. Expand
  • 67
  • 4
  • PDF
A formal semantics for RSML- e
  • 39
  • 4
Resolute: an assurance case language for architecture models
TLDR
A framework for automatically generating assurance cases based on a system model specified in an architectural design language, a set of logical rules expressed in a domain specific language that we have developed, and the results of other formal analyses that have been run on the model. Expand
  • 20
  • 4
On the requirements of high-integrity code generation
TLDR
A set of requirements for code generation from formal specification languages for safety-critical systems, including formality and traceability constraints. Expand
  • 31
  • 4
  • PDF
...
1
2
3
4
5
...