We report on a case study in which the model checker Uppaal is used to formally model parts of Zeroconf, a protocol for dynamic configuration of IPv4 link-local addresses that has...
Biniam Gebremichael, Frits W. Vaandrager, Miaomiao...
When a system fails to satisfy its specification, the model checker produces an error trace (or counter-example) that demonstrates an undesirable behavior, which is then used in d...
UML is widely used today for modelling complex systems. However, the tools support capabilities for UML is limited, partially due to its lack of precise semantics. There are some ...
Abstract. Assertion-based contracts provide a powerful mechanism for stating invariants at module boundaries and for enforcing them uniformly. In 2002, Findler and Felleisen showed...
Decentralized information flow control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity ...
Indrajit Roy, Donald E. Porter, Michael D. Bond, K...