with existing analysis tools. Modular reasoning principles such as abstraction, compositional refinement, and assume-guarantee reasoning are well understood for architectural hiera...
Incompatibility of component interaction styles is identified as a major obstacle to interoperability when using off-the-shelf components or dealing with legacy software in compos...
We prove the Needham-Schroeder-Lowe public-key protocol secure under real, active cryptographic attacks including concurrent protocol runs. This proof is based on an abstract crypt...
A collection of distributed databases forms an important architectural component of the ATON project for networked incidence management of highway traffic. The database sub-archit...
Mohan M. Trivedi, Shailendra K. Bhonsle, Amarnath ...
Assume-guarantee reasoning has long been advertised as an important method for decomposing proof obligations in system veri cation. Re nement mappings (homomorphisms) have long bee...
Thomas A. Henzinger, Shaz Qadeer, Sriram K. Rajama...