In this paper, we address the correct refinement of abstract architectural models into more platformspecific representations. We consider the challenging case of dynamic architect...
The lazy caching algorithm of Afek, Brown, and Merrit (1993) is a protocol that allows the use of local caches with delayed updates. It results in a memory model that is not atomi...
We present a model of the IEEE 1394 Root Contention Protocol with a proof of Safety. This model has real-time properties which are expressed in the language of the event B method: ...
Abstract. This paper presents a framework for reasoning about the security of confidential data within software systems. A novelty is that we use Hoare and He's Unifying Theor...
The synchronous computational model with its simple computation and communication mechanism makes it easy to describe, simulate and formally verify synchronous embedded systems at...