Application of model checking to isolated software components is not directly possible because a component does not form a complete program - the problem of missing environment oc...
A fair non-repudiation protocol should guarantee, (1) when a sender sends a message to a receiver, neither the sender nor the receiver can deny having participated in this communic...
RDT is a graphical formal modelling language in which the modeller works by constructing diagrams of the processes in their model which they then join together to form complete sy...
Craig interpolation is a well known method of abstraction successfully used in both hardware and software model checking. The logical strength of interpolants can affect the quali...
Simone Fulvio Rollini, Ondrej Sery, Natasha Sharyg...
Symbolic model checking is PSPACE complete. Since QBF is the standard PSPACE complete problem, it is most natural to encode symbolic model checking problems as QBF formulas and th...