Thomas A. Henzinger

Learn More
We present a general framework for the formal specification and algorithmic analysis of hybrid systems. A hybrid system consists of a discrete program with an analog environment. We model hybrid systems as finite automata equipped with variables that evolve continuously with time according to dynamical laws. For verification purposes, we restrict ourselves(More)
One approach to model checking software is based on the <i>abstract-check-refine</i> paradigm: build an abstract model, then check the desired property, and if the check fails, refine the model and start over. We introduce the concept of <i>lazy abstraction</i> to integrate and optimize the three phases of the abstract-check-refine loop. Lazy abstraction(More)
We describe nite-state programs over real-numbered time in a guardedcommand language with real-valued clocks or, equivalently, as nite automata with real-valued clocks. Model checking answers the question which states of a real-time program satisfy a branching-time speci cation (given in an extension of CTL with clock variables). We develop an algorithm(More)
Conventional type systems specify interfaces in terms of values and domains. We present a light-weight formalism that captures the <i>temporal</i> aspects of software component interfaces. Specifically, we use an automata-based language to capture both input assumptions about the order in which the methods of a component are called, and output guarantees(More)
A hybrid system is a dynamical system whose behavior exhibits both discrete and continuous change. A hybrid automaton is a mathematical model for hybrid systems, which combines, in a single formalism, automaton transitions for capturing discrete change with differential equations for capturing continuous change. HyTech is a symbolic model checker for linear(More)
We introduce the framework of hybrid automata as a model and speci cation language for hybrid systems. Hybrid automata can be viewed as a generalization of timed automata, in which the behavior of variables is governed in each state by a set of di erential equations. We show that many of the examples considered in the workshop can be de ned by hybrid(More)
We introduce a temporal logic for the specification of real-time systems. Our logic, TPTL, employs a novel quantifier construct for referencing time: the <italic>freeze quantifier</italic> binds a variable to the time of the local temporal context. TPTL is both a natural language for specification and a suitable formalism for verification. We present a(More)