Consensus is one of the most fundamental problems in fault-tolerant distributed computing. This paper proposes a mechanical method for analyzing the condition that allows one to s...
Model checking and other finite-state analysis techniques have been very successful when used with hardware systems and less successful with software systems. It is especially di...
Failure Mode and Effect Analysis (FMEA) is a method for assessing cause-consequence relations between component faults and hazards that may occur during the lifetime of a system. ...
Relations between models are important for effective automatic validation, for comparing implementations with specifications, and for increased understanding of embedded systems d...
Probabilistic B (pB) [2, 8] extends classical B [7] to incorporate probabilistic updates together with the specification of quantitative safety properties. As for classical B, prob...