System specifications have long been expressed through automata-based languages, enabling verification techniques such as model checking. These verification techniques can assess ...
Abstract. When a model does not satisfy a given specification, a counterexample is produced by the model checker to demonstrate the failure. A user must then examine the counterexa...
Ilan Beer, Shoham Ben-David, Hana Chockler, Avigai...
—Scenarios are increasingly recognized as an effective means for eliciting, validating, and documenting software requirements. This paper concentrates on the use of scenarios for...
Future Interval Logic (FIL) and its intuitive graphical representation, Graphical Interval Logic (GIL), can be used as the formal description language of model checking tools to v...
In this paper we describe the method used to develop a gateway capable of meeting the ITSEC E4 requirements. The security policy was formally modelled and proven consistent with t...