298:
3981:
3401:
3411:
3421:
3971:
281:"; if the program that aids in the verification is itself unproven, there may be reason to doubt the soundness of the produced results. Some modern model checking tools produce a "proof log" detailing each step in their proof, making it possible to perform, given suitable tools, independent verification.
269:
Proponents of such systems argue that the results have greater mathematical certainty than human-produced proofs, since all the tedious details have been algorithmically verified. The training required to use such systems is also less than that required to produce good mathematical proofs by hand,
155:
Program synthesis is the process of automatically creating a program that conforms to a specification. Deductive synthesis approaches rely on a complete formal specification of the program, whereas inductive approaches infer the specification from examples. Synthesizers perform a search over the
1795:
Bartocci, Ezio; Beyer, Dirk; Black, Paul E.; Fedyukovich, Grigory; Garavel, Hubert; Hartmanns, Arnd; Huisman, Marieke; Kordon, Fabrice; Nagele, Julian; Sighireanu, Mihaela; Steffen, Bernhard; Suda, Martin; Sutcliffe, Geoff; Weber, Tjark; Yamada, Akihisa (2019). "TOOLympics 2019: An
Overview of
217:
inherent in natural language allows errors to be undetected in such proofs; often, subtle errors can be present in the low-level details typically overlooked by such proofs. Additionally, the work involved in producing such a good proof requires a high level of mathematical sophistication and
117:
Alternatively, specification may be the only stage in which formal methods is used. By writing a specification, ambiguities in the informal requirements can be discovered and resolved. Additionally, engineers can use a formal specification as a reference to guide their development processes.
714:, and Internet Business Logic, which do not seek to control the vocabulary or syntax. A feature of systems that support bidirectional English–logic mapping and direct execution of the logic is that they can be made to explain their results, in English, at the business or scientific level.
284:
The main feature of the abstract interpretation approach is that it provides a sound analysis, i.e. no false negatives are returned. Moreover, it is efficiently scalable, by tuning the abstract domain representing the property to be analyzed, and by applying widening operators to get fast
141:(BNF). Backus also wrote that a formal description of the meaning of syntactically valid ALGOL programs was not completed in time for inclusion in the report, stating that it "will be included in a subsequent paper." However, no paper describing the formal semantics was ever released.
342:
The design of a computing system can be expressed using a specification language, which is a formal language that includes a proof system. Using this proof system, formal verification tools can reason about the specification and establish that a system adheres to the specification.
722:
Semi-formal methods are formalisms and languages that are not considered fully "formal". It defers the task of completing the semantics to a later stage, which is then done either by human interpretation or by interpretation through software like code or test case
587:, and AMD. There are many areas of hardware, where Intel have used formal methods to verify the working of the products, such as parameterized verification of cache-coherent protocol, Intel Core i7 processor execution engine validation (using theorem proving,
615:, formal methods are mathematical approaches to solving software (and hardware) problems at the requirements, specification, and design levels. Formal methods are most likely to be applied to safety-critical or security-critical software and systems, such as
1511:
Gheorghe, A. V., & Ancel, E. (2008, November). Unmanned aerial systems integration to
National Airspace System. In Infrastructure Systems and Services: Building Networks for a Brighter Future (INFRA), 2008 First International Conference on (pp. 1-5).
265:
require guidance as to which properties are "interesting" enough to pursue, while others work without human intervention. Model checkers can quickly get bogged down in checking millions of uninteresting states if not given a sufficiently abstract model.
51:
systems. The use of formal methods for software and hardware design is motivated by the expectation that, as in other engineering disciplines, performing appropriate mathematical analysis can contribute to the reliability and robustness of a design.
113:
Formal methods may be used to give a formal description of the system to be developed, at whatever level of detail desired. Further formal methods may depend on this specification to synthesize a program or to verify the correctness of a system.
1614:
995:
can solve a variety of large instances. There are "solvers" for a variety of problems that arise in formal methods, and there are many periodic competitions to evaluate the state-of-the-art in solving such problems.
156:
space of possible programs to find a program consistent with the specification. Because of the size of this search space, developing efficient search algorithms is one of the major challenges in program synthesis.
602:
protocol and Intel advance management technology using
Cadence. Similarly, IBM has used formal methods in the verification of power gates, registers, and functional verification of the IBM Power7 microprocessor.
201:
of a system is not the obvious need for reassurance of the correctness of the system, but a desire to understand the system better. Consequently, some proofs of correctness are produced in the style of
478:
is unsatisfiable is equivalent to determining that all executions conform to the specification. SAT solvers are often used in bounded model checking, but can also be used in unbounded model checking.
710:, is an example. There is also work on mapping some version of English (or another natural language) automatically to and from logic, as well as executing the logic directly. Examples are
189:
Sign-off verification is the use of a formal verification tool that is highly trusted. Such a tool can replace traditional verification methods (the tool may even be certified).
476:
449:
407:
383:
226:
In contrast, there is increasing interest in producing proofs of correctness of such systems by automated means. Automated techniques fall into three general categories:
2395:
738:
formal methods, which emphasize partial specification and focused application, have been proposed. Examples of this lightweight approach to formal methods include the
734:
of the languages involved, as well as the complexity of the systems being modelled, make full formalization a difficult and expensive task. As an alternative, various
1591:
J. Grundy, "Verified optimizations for the Intel IA-64 architecture", In
Theorem Proving in Higher Order Logics, Springer Berlin Heidelberg, 2004, pp. 215–232.
1435:
Chaki, Sagar; Gurfinkel, Arie (2018). "BDD-Based
Symbolic Model Checking". In Clarke, Edmund M.; Henzinger, Thomas A.; Veith, Helmut; Bloem, Roderick (eds.).
639:
1477:
Bjørner, Dines; Gram, Christian; Oest, Ole N.; Rystrøm, Leif (2011). "Dansk
Datamatik Center". In Impagliazzo, John; Lundin, Per; Wangler, Benkt (eds.).
1213:
730:
Some practitioners believe that the formal methods community has overemphasized full formalization of a specification or design. They contend that the
247:, in which a system verifies certain properties by means of an exhaustive search of all possible states that a system could enter during its execution.
591:, and symbolic evaluation), optimization for Intel IA-64 architecture using HOL light theorem prover, and verification of high-performance dual-port
253:, in which a system verifies an over-approximation of a behavioural property of the program, using a fixpoint computation over a (possibly complete)
3457:
960:– a free model checker, simulator and refinement checker for concurrent systems and CSP extensions (e.g., shared variables, arrays, fairness)
170:
Formal verification is the use of software tools to prove properties of a formal specification, or to prove that a formal model of a system
1420:
Bryant, Randal E. (2018). "Binary
Decision Diagrams". In Clarke, Edmund M.; Henzinger, Thomas A.; Veith, Helmut; Bloem, Roderick (eds.).
873:
552:, Unmanned Aircraft System integration in National Airspace System, and Airborne Coordinated Conflict Resolution and Detection (ACCoRD).
210:, using a level of informality common to such proofs. A "good" proof is one that is readable and understandable by other human readers.
4010:
2437:
1694:
2198:
657:
has allowed the mathematical specification and testing (if not exhaustive testing) of the expected behaviour of individual functions.
1055:
549:
698:
Another approach to formal methods in software development is to write a specification in some form of logic—usually a variation of
427:, the problem of finding an assignment of variables that makes a given propositional formula evaluate to true. If a Boolean formula
2382:
409:
is a tautology; that is, it always evaluates to TRUE. If this is the case, then the program always conforms to the specification.
2204:
951:
815:
799:
1450:
Prasad, Mukul R; Biere, Armin; Gupta, Aarti (January 25, 2005). "A survey of recent advances in SAT-based formal verification".
1305:
Backus, J.W. (1959). "The Syntax and
Semantics of the Proposed International Algebraic Language of ZĂĽrich ACM-GAMM Conference".
3154:
3126:
900:
1601:
385:
expresses that an execution of a program conforms to the specification, a binary decision diagram can be used to determine if
4015:
3974:
3840:
3769:
3179:
2241:
2096:
2020:
1893:
1815:
1525:
1078:
1000:
The SAT competition is a yearly competition that compares SAT solvers. SAT solvers are used in formal methods tools such as
3663:
3566:
3030:
509:. There are several examples in which they have been used to verify the functionality of the hardware and software used in
1756:
3184:
2456:
2191:
1666:
731:
233:, in which a system attempts to produce a formal proof from scratch, given a description of the system, a set of logical
3450:
2689:
868:
832:
2211:
Garavel, Hubert; ter Beek, Maurice H.; van de Pol, Jaco (29 August 2020). "The 2020 Expert Survey on Formal
Methods".
3643:
3510:
3495:
3336:
3164:
2694:
2341:
2221:
1740:
793:
692:
4020:
3424:
2518:
2225:
724:
583:
Formal verification has been frequently used in hardware by most of the well-known hardware vendors, such as IBM,
2812:
2081:. Lecture Notes in Computer Science. Vol. 13244. Cham: Springer International Publishing. pp. 375–402.
1045:
278:
3799:
3726:
3716:
3561:
3490:
3103:
3065:
2722:
2430:
1121:
1001:
424:
198:
130:
2077:
Beyer, Dirk (2022). "Progress on
Software Verification: SV-COMP 2022". In Fisman, Dana; Rosu, Grigore (eds.).
1796:
Competitions in Formal Methods". In Beyer, Dirk; Huisman, Marieke; Kordon, Fabrice; Steffen, Bernhard (eds.).
3984:
3850:
3779:
3721:
3443:
3245:
3222:
2952:
2942:
1220:
3789:
3648:
3515:
3326:
2914:
2822:
2727:
2503:
2488:
2402:
2286:"Formal methods in dependable systems engineering: a survey of professionals from Europe and North America"
942:
895:
885:
688:
595:
277:: they make a pronouncement of truth, yet give no explanation of that truth. There is also the problem of "
96:
56:
695:) allow executable software specification and can be used to build up and validate application behaviour.
3711:
3706:
3520:
3414:
3149:
2647:
2212:
1575:
1007:
838:
711:
454:
3906:
3754:
3749:
3701:
3678:
3658:
3386:
3035:
1492:
Bjørner, Dines; Havelund, Klaus. "40 Years of Formal Methods: Some Obstacles and Some Possibilities?".
920:
910:
661:
1674:
668:) has allowed object-oriented systems to be formally specified, if not necessarily formally verified.
451:
expresses that a specific execution of a program conforms to the specification, then determining that
3911:
3901:
3404:
3331:
3306:
3169:
2817:
2423:
2386:
1559:
1324:
1111:
983:, but can be solved in cases arising in practice. For example, the Boolean satisfiability problem is
915:
751:
635:
309:
262:
230:
60:
1251:
430:
388:
364:
3814:
3613:
3596:
3505:
3255:
3088:
2674:
2543:
1035:
1011:
890:
538:
560:, is used to develop safety automatisms for the various subways installed throughout the world by
4005:
3764:
3608:
3316:
3250:
3141:
2957:
2617:
1909:
Barrett, Clark; Deters, Morgan; de Moura, Leonardo; Oliveras, Albert; Stump, Aaron (2013-03-01).
1715:
1106:
858:
771:
588:
352:
250:
1392:
3819:
3576:
3571:
3381:
3212:
3093:
2860:
2850:
2845:
1171:
988:
826:
665:
650:
534:
337:
254:
177:
Once a formal specification has been developed, the specification may be used as the basis for
1495:
FM 2014: Formal Methods: 19th International Symposium, Singapore, May 12–16, 2014. Proceedings
3638:
3591:
3351:
3321:
3311:
3207:
3121:
2997:
2937:
2904:
2894:
2777:
2742:
2732:
2669:
2538:
2513:
2508:
2473:
1800:. Lecture Notes in Computer Science. Cham: Springer International Publishing. pp. 3–24.
1238:
1089:
703:
1691:
181:
properties of the specification, and by inference, properties of the system implementation.
3936:
3774:
3633:
3623:
3535:
3480:
3466:
3111:
3083:
3055:
3050:
2879:
2855:
2807:
2790:
2785:
2767:
2757:
2752:
2714:
2664:
2659:
2576:
2522:
1878:
Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering
1275:
1166:
1131:
968:
680:
612:
138:
108:
32:
1831:
Froleyks, Nils; Heule, Marijn; Iser, Markus; Järvisalo, Matti; Suda, Martin (2021-12-01).
1641:
Functional verification of the IBM POWER7 microprocessor and POWER7 multiprocessor systems
8:
3956:
3941:
3809:
3673:
3581:
3525:
3376:
3301:
3217:
3202:
2967:
2747:
2704:
2699:
2596:
2586:
2558:
2265:
1640:
1639:
K. D. Schubert, W. Roesner, J. M. Ludden, J. Jackson, J. Buchert, V. Paruthi, B. Brock, "
1136:
1025:
957:
165:
40:
1479:
History of Nordic Computing 3: IFIP Advances in Information and Communication Technology
1354:
3946:
3586:
3341:
3240:
3116:
3073:
2982:
2924:
2909:
2899:
2684:
2483:
2325:
2301:
2247:
2214:
Formal Methods for Industrial Critical Systems: 25 International Conference, FMICS 2020
2125:
1961:
1880:. ASE '20. New York, NY, USA: Association for Computing Machinery. pp. 1161–1163.
1116:
963:
954:– an industrial-strength model checker used for formal proof of safety-critical systems
577:
487:
203:
178:
134:
1384:
525:
x86 processor development process. Intel uses such methods to verify its hardware and
3860:
3618:
3361:
3291:
3270:
3232:
3040:
3007:
2987:
2679:
2591:
2465:
2337:
2251:
2237:
2183:
2167:
2145:
2092:
2059:
2016:
2005:
2019 IEEE 31st International Conference on Tools with Artificial Intelligence (ICTAI)
1981:
1930:
1889:
1854:
1811:
1765:
Proceedings of the International Workshop on Current Trends in Applied Formal Methods
1736:
1493:
1388:
1161:
1065:
848:
707:
699:
616:
491:
238:
150:
76:
48:
3931:
3875:
3653:
3545:
3540:
3194:
3078:
3045:
2840:
2762:
2651:
2637:
2632:
2581:
2568:
2493:
2446:
2311:
2229:
2135:
2082:
2049:
2008:
1971:
1922:
1881:
1844:
1801:
1459:
1366:
1287:
592:
530:
499:
495:
358:
207:
36:
20:
1522:
486:
Formal methods are applied in different areas of hardware and software, including
3951:
3804:
3784:
3668:
3530:
3265:
3159:
3131:
3025:
2977:
2962:
2947:
2802:
2797:
2737:
2627:
2601:
2553:
2498:
2406:
2333:
2297:
2271:
2087:
2054:
2037:
1849:
1832:
1760:
1698:
1579:
1529:
1387:. Computer Languages, Systems and Structures. Volume 37(1), pp. 24–42, Elsevier,
984:
863:
684:
676:
624:
569:
68:
64:
2233:
2112:
Alur, Rajeev; Fisman, Dana; Singh, Rishabh; Solar-Lezama, Armando (2017-11-28).
1806:
1630:", Electronic Notes in Theoretical Computer Science, vol. 149, no. 1, pp. 49–60.
3855:
3759:
3371:
3275:
3174:
2992:
2316:
2285:
2000:
1753:
1670:
1627:
1219:. 16th Digital Avionics Systems Conference (27–30 October 1997). Archived from
1192:
1156:
1126:
1049:
788:
739:
274:
244:
171:
72:
1926:
1463:
3999:
3835:
3603:
3260:
2548:
2149:
2063:
2012:
1985:
1934:
1858:
1141:
1910:
1885:
1571:
Formal Verification in Intel Core i7 Processor Execution Engine Validation,
3870:
3865:
3794:
3356:
3015:
1999:
Shukla, Ankit; Biere, Armin; Pulina, Luca; Seidl, Martina (November 2019).
1560:
A simple method for parameterized verification of cache coherence protocols
1319:
1094:
121:
The need for formal specification systems has been noted for years. In the
80:
1873:
3346:
2972:
2884:
2410:
2390:
1615:
Functional verification of power gated designs by compositional reasoning
1151:
980:
878:
783:
702:—and then to directly execute the logic as though it were a program. The
599:
510:
502:
126:
84:
28:
2140:
2113:
1976:
1949:
1617:", Computer Aided Verification, Springer Berlin Heidelberg, pp. 433–445.
297:
3880:
3845:
3435:
3366:
3296:
2889:
2622:
2478:
2038:"The 2016 and 2017 QBF solvers evaluations (QBFEVAL'16 and QBFEVAL'17)"
1370:
1061:
1021:
992:
930:
853:
743:
654:
643:
418:
1692:"Application of Lightweight Formal Methods in Requirement Engineering"
537:
used formal methods in the 1980s to develop a compiler system for the
270:
making the techniques accessible to a wider variety of practitioners.
2871:
2832:
2277:
Formal Methods: From Academia to Industrial Practice – A Travel Guide
2187:
1307:
Proceedings of the International Conference on Information Processing
1291:
1146:
742:
object modelling notation, Denney's synthesis of some aspects of the
672:
557:
214:
3628:
2932:
2415:
2366:
2361:
2306:
2130:
1966:
1084:
1031:
1017:
805:
747:
631:
553:
526:
122:
44:
2275:
2079:
Tools and Algorithms for the Construction and Analysis of Systems
1798:
Tools and Algorithms for the Construction and Analysis of Systems
1041:
821:
627:
mandates formal methods at the highest levels of categorization.
620:
565:
1720:
ACM Transactions on Software Engineering and Methodology (TOSEM)
630:
For sequential software, examples of formal methods include the
623:
allows the usage of formal methods through supplementation, and
357:
A binary decision diagram is a data structure that represents a
3485:
2399:
1452:
International Journal on Software Tools for Technology Transfer
762:
There are a variety of formal methods and notations available.
561:
1572:
1562:", Formal Methods in Computer-Aided Design, pp. 382–398, 2004.
3685:
1908:
1794:
1541:
905:
843:
584:
573:
234:
1628:
Automatic verification of fault-tolerant register emulations
1385:
Widening and Narrowing Operators for Abstract Interpretation
95:
Formal methods can be applied at various points through the
3896:
2355:
2111:
1733:
Succeeding with Use Cases: Working Smart to Deliver Quality
1353:
Gulwani, Sumit; Polozov, Oleksandr; Singh, Rishabh (2017).
810:
777:
545:
518:
506:
2256:* Michael G. Hinchey, Jonathan P. Bowen, and Emil Vassev,
1830:
1643:", IBM Journal of Research and Development, vol. 55, no 3.
328:
Formal methods includes a number of different techniques.
2210:
2001:"A Survey on Applications of Quantified Boolean Formulas"
1058:
is an annual competition for software verification tools.
522:
514:
2284:
Gleirscher, Mario; Marmsoler, Diego (9 September 2020).
1521:
Airborne Coordinated Conflict Resolution and Detection,
541:
that went on to become a long-lived commercial product.
2396:
Evidence on Formal Methods uses and impact on Industry
2370:
2118:
Electronic Proceedings in Theoretical Computer Science
1998:
1954:
Electronic Proceedings in Theoretical Computer Science
1703:
Crosstalk: The Journal of Defense Software Engineering
1476:
572:
certification and the development of system models by
457:
433:
391:
367:
1948:
Fedyukovich, Grigory; RĂĽmmer, Philipp (2021-09-13).
1777:
2283:
2205:
Bundesamt fĂĽr Sicherheit in der Informationstechnik
2200:
Formal Methods for Safe and Secure Computer Systems
1352:
1602:Best known methods for using Cadence Conformal LEC
1337:
470:
443:
401:
377:
1947:
1767:, Boppard, Germany, Springer-Verlag, October 1998
1038:, which have applications to formal verification.
778:A Computational Logic for Applicative Common Lisp
273:Critics note that some of those systems are like
3997:
1735:, Addison-Wesley Professional Publishing, 2005,
1716:"Alloy: A Lightweight Object Modelling Notation"
1449:
1322:(1964), Backus Normal Form vs Backus Naur Form.
1523:http://shemesh.larc.nasa.gov/people/cam/ACCoRD/
1359:Foundations and Trends in Programming Languages
1274:Utting, Mark; Reeves, Steve (August 31, 2001).
757:
619:. Software safety assurance standards, such as
2207:, BSI study 875, Bonn, Germany, December 2013.
1722:, Volume 11, Issue 2 (April 2002), pp. 256-290
1434:
1338:O'Hearn, Peter W.; Tennent, Robert D. (1997).
1280:Software Testing, Verification and Reliability
1214:"Why Engineers Should Consider Formal Methods"
213:Critics of such approaches point out that the
3451:
2455:Note: This template roughly follows the 2012
2431:
1404:
548:in which formal methods are applied, such as
423:A SAT solver is a program that can solve the
1273:
765:
2036:Pulina, Luca; Seidl, Martina (2019-09-01).
2035:
1491:
974:
346:
129:presented a formal notation for describing
3458:
3444:
2438:
2424:
2197:Hubert Garavel (editor) and Susanne Graf.
2182:, Chapter 106, pages 106-1 – 106-25,
1754:"A Lightweight Approach to Formal Methods"
1405:Bjørner, Dines; Henson, Martin C. (2008).
1276:"Teaching formal methods lite via testing"
606:
331:
197:Sometimes, the motivation for proving the
2315:
2305:
2139:
2129:
2086:
2053:
1975:
1965:
1848:
1805:
1044:is a biennial competition of solvers for
550:Next Generation Air Transportation System
3649:Software development process/methodology
3465:
1874:"SAT-based arithmetic support for alloy"
184:
2114:"SyGuS-Comp 2017: Results and Analysis"
1871:
952:MALPAS Software Static Analysis Toolset
816:Common Algebraic Specification Language
800:Autonomic System Specification Language
192:
3998:
3155:Knowledge representation and reasoning
2274:, Dilian Gurov, and Alexander Malkis,
1419:
1304:
1190:
1034:is a yearly competition of solvers of
901:Specification and Description Language
717:
634:, the specification languages used in
529:(permanent software programmed into a
3439:
3180:Philosophy of artificial intelligence
2419:
2076:
1558:C. T. Chou, P. K. Mannava, S. Park, "
1184:
1079:Category:Formal methods organizations
671:For concurrent software and systems,
3970:
3664:Software verification and validation
3567:Component-based software engineering
2499:Energy consumption (Green computing)
2445:
2262:Encyclopedia of Software Engineering
1211:
979:Many problems in formal methods are
544:There are several other projects of
292:
3185:Distributed artificial intelligence
2457:ACM Computing Classification System
2192:Association for Computing Machinery
1752:Sten Agerholm and Peter G. Larsen,
471:{\displaystyle \neg {\mathcal {P}}}
55:Formal methods employ a variety of
16:Mathematical program specifications
13:
2690:Integrated development environment
2160:
833:Knowledge Based Software Assistant
463:
458:
436:
394:
370:
221:
14:
4032:
4011:Software development philosophies
3644:Software configuration management
3511:Search-based software engineering
3496:Experimental software engineering
3165:Automated planning and scheduling
2695:Software configuration management
2349:
2222:Lecture Notes in Computer Science
2174:. In Allen B. Tucker, Jr. (ed.),
1950:"Competition Report: CHC-COMP-21"
1582:, accessed at September 13, 2013.
1407:Logics of Specification Languages
936:
794:ANSI/ISO C Specification Language
693:event driven finite state machine
206:: handwritten (or typeset) using
3980:
3979:
3969:
3419:
3409:
3400:
3399:
1690:Vinu George and Rayford Vaughn,
1613:C. Eisner, A. Nahir, K. Yorav, "
1072:
1046:true quantified Boolean formulas
750:driven development, and the CSK
296:
102:
3410:
2813:Computational complexity theory
2260:. In Philip A. Laplante (ed.),
2105:
2070:
2029:
1992:
1941:
1902:
1865:
1824:
1788:
1770:
1746:
1725:
1708:
1684:
1660:
1646:
1633:
1620:
1607:
1594:
1585:
1565:
1552:
1534:
1515:
1505:
1485:
1470:
1443:
1428:
1413:
1398:
481:
159:
3491:Empirical software engineering
2597:Network performance evaluation
2290:Empirical Software Engineering
1915:Journal of Automated Reasoning
1377:
1346:
1331:
1313:
1298:
1267:
1258:
1205:
444:{\displaystyle {\mathcal {P}}}
425:Boolean satisfiability problem
412:
402:{\displaystyle {\mathcal {P}}}
378:{\displaystyle {\mathcal {P}}}
1:
2968:Multimedia information system
2953:Geographic information system
2943:Enterprise information system
2532:Computer systems organization
1872:Cornejo, CĂ©sar (2021-01-27).
1481:. Springer. pp. 350–359.
1177:
1064:is an annual competition for
1048:, which have applications to
664:(and specializations such as
498:, security applications, and
288:
174:satisfies its specification.
4016:Theoretical computer science
3516:Site reliability engineering
3327:Computational social science
2915:Theoretical computer science
2728:Software development process
2504:Electronic design automation
2489:Very Large Scale Integration
2330:Understanding formal methods
2088:10.1007/978-3-030-99527-0_20
2055:10.1016/j.artint.2019.04.002
1850:10.1016/j.artint.2021.103572
1675:"Lightweight Formal Methods"
1191:Butler, R. W. (2001-08-06).
943:List of model checking tools
758:Formal methods and notations
689:virtual finite state machine
144:
57:theoretical computer science
31:rigorous techniques for the
7:
3521:Social software engineering
3150:Natural language processing
2938:Information storage systems
2234:10.1007/978-3-030-58298-2_1
2178:, 2nd edition, Section XI,
1807:10.1007/978-3-030-17502-3_1
1626:P. C. Attie, H. Chockler, "
1573:http://cps-vo.org/node/1371
1501:. Springer. pp. 42–61.
1383:A. Cortesi and M. Zanioli,
1100:
1020:is a yearly competition of
1010:is a yearly competition of
712:Attempto Controlled English
521:, a theorem prover, in the
131:programming language syntax
10:
4037:
3659:Software quality assurance
3066:Human–computer interaction
3036:Intrusion detection system
2948:Social information systems
2933:Database management system
2317:10.1007/s10664-020-09836-5
1437:Handbook of Model Checking
1422:Handbook of Model Checking
1076:
940:
662:Object Constraint Language
416:
350:
335:
163:
148:
106:
3965:
3924:
3889:
3828:
3742:
3735:
3694:
3554:
3473:
3395:
3332:Computational engineering
3307:Computational mathematics
3284:
3231:
3193:
3140:
3102:
3064:
3006:
2923:
2869:
2831:
2776:
2713:
2646:
2610:
2567:
2531:
2464:
2453:
2387:Microsoft Academic Search
2280:, arXiv:2002.07279, 2020.
2224:(LNCS). Vol. 12327.
2176:Computer Science Handbook
1927:10.1007/s10817-012-9246-5
1464:10.1007/s10009-004-0183-4
1325:Communications of the ACM
1193:"What is Formal Methods?"
1112:Automated theorem proving
1012:automated theorem provers
636:automated theorem proving
263:automated theorem provers
231:Automated theorem proving
3815:Model-driven engineering
3614:Functional specification
3597:Software incompatibility
3506:Requirements engineering
3342:Computational healthcare
3337:Differentiable computing
3256:Graphics processing unit
2675:Domain-specific language
2544:Computational complexity
2324:Jean François Monin and
2170:and Michael G. Hinchey,
2013:10.1109/ICTAI.2019.00020
2007:. IEEE. pp. 78–84.
1600:E. Seligman, I. Yarom, "
1036:constrained Horn clauses
975:Solvers and competitions
891:Rebeca Modeling Language
539:Ada programming language
347:Binary decision diagrams
59:fundamentals, including
4021:Specification languages
3609:Enterprise architecture
3317:Computational chemistry
3251:Photograph manipulation
3142:Artificial intelligence
2958:Decision support system
2042:Artificial Intelligence
1886:10.1145/3324884.3415285
1837:Artificial Intelligence
1654:X2R-2, deliverable D5.1
1107:Abstract interpretation
1024:, which are applied to
859:Predicative programming
772:Abstract State Machines
766:Specification languages
607:In software development
361:. If a Boolean formula
353:Binary decision diagram
332:Specification languages
251:Abstract interpretation
90:
3820:Round-trip engineering
3577:Backward compatibility
3572:Software compatibility
3382:Educational technology
3213:Reinforcement learning
2963:Process control system
2861:Computational geometry
2851:Algorithmic efficiency
2846:Analysis of algorithms
2494:Systems on Chip (SoCs)
2268:, 2010, pages 308–320.
1833:"SAT Competition 2020"
1246:Cite journal requires
1212:Holloway, C. Michael.
1172:Specification language
827:Java Modeling Language
666:Java Modeling Language
655:property-based testing
651:functional programming
535:Dansk Datamatik Center
472:
445:
403:
379:
338:Specification language
279:verifying the verifier
3639:Software architecture
3592:Forward compatibility
3352:Electronic publishing
3322:Computational biology
3312:Computational physics
3208:Unsupervised learning
3122:Distributed computing
2998:Information retrieval
2905:Mathematical analysis
2895:Mathematical software
2778:Theory of computation
2743:Software construction
2733:Requirements analysis
2611:Software organization
2539:Computer architecture
2509:Hardware acceleration
2474:Printed circuit board
2356:Formal Methods Europe
1911:"6 Years of SMT-COMP"
1122:Formal methods people
1090:Formal Methods Europe
681:finite state machines
473:
446:
404:
380:
185:Sign-off verification
3937:Computer engineering
3634:Software archaeology
3624:Programming paradigm
3536:Software maintenance
3481:Computer programming
3467:Software engineering
3112:Concurrent computing
3084:Ubiquitous computing
3056:Application security
3051:Information security
2880:Discrete mathematics
2856:Randomized algorithm
2808:Computability theory
2786:Model of computation
2758:Software maintenance
2753:Software engineering
2715:Software development
2665:Programming language
2660:Programming paradigm
2577:Network architecture
2409:project (EU FP7) in
2266:Taylor & Francis
2180:Software Engineering
1340:Algol-like Languages
1167:Software engineering
1132:Formal specification
683:(which are based on
613:software development
455:
431:
389:
365:
193:Human-directed proof
109:Formal specification
3957:Systems engineering
3942:Information science
3722:Service orientation
3674:Structured analysis
3582:Compatibility layer
3526:Software deployment
3387:Document management
3377:Operations research
3302:Enterprise software
3218:Multi-task learning
3203:Supervised learning
2925:Information systems
2748:Software deployment
2705:Software repository
2559:Real-time computing
2362:Formal Methods Wiki
2141:10.4204/EPTCS.260.9
1977:10.4204/EPTCS.344.7
1355:"Program Synthesis"
1226:on 16 November 2006
1137:Formal verification
1026:formal verification
718:Semi-formal methods
706:language, based on
166:Formal verification
97:development process
3947:Project management
3712:Object orientation
3679:Essential analysis
3587:Compatibility mode
3170:Search methodology
3117:Parallel computing
3074:Interaction design
2983:Computing platform
2910:Numerical analysis
2900:Information theory
2685:Software framework
2648:Software notations
2587:Network components
2484:Integrated circuit
2405:2012-06-08 at the
2326:Michael G. Hinchey
2184:Chapman & Hall
1759:2006-03-09 at the
1697:2006-03-01 at the
1578:2015-05-03 at the
1528:2016-03-05 at the
1409:. pp. VII–XI.
1371:10.1561/2500000010
1117:Design by contract
989:Cook–Levin theorem
578:STMicroelectronics
468:
441:
399:
375:
308:. You can help by
204:mathematical proof
135:Backus normal form
3993:
3992:
3920:
3919:
3861:Information model
3765:Incremental model
3619:Modeling language
3433:
3432:
3362:Electronic voting
3292:Quantum Computing
3285:Applied computing
3271:Image compression
3041:Hardware security
3031:Security services
2988:Digital marketing
2768:Open-source model
2680:Modeling language
2592:Network scheduler
2398:supported by the
2377:Archival material
2243:978-3-030-58297-5
2228:. pp. 3–69.
2168:Jonathan P. Bowen
2098:978-3-030-99527-0
2022:978-1-7281-3798-8
1895:978-1-4503-6768-4
1817:978-3-030-17502-3
1162:Scientific method
1066:program synthesis
849:Perfect Developer
708:description logic
700:first-order logic
617:avionics software
598:with support for
496:routing protocols
492:Ethernet switches
326:
325:
151:Program synthesis
77:program semantics
4028:
3983:
3982:
3973:
3972:
3932:Computer science
3740:
3739:
3654:Software quality
3546:Systems analysis
3541:Software testing
3460:
3453:
3446:
3437:
3436:
3423:
3422:
3413:
3412:
3403:
3402:
3223:Cross-validation
3195:Machine learning
3079:Social computing
3046:Network security
2841:Algorithm design
2763:Programming team
2723:Control variable
2700:Software library
2638:Software quality
2633:Operating system
2582:Network protocol
2447:Computer science
2440:
2433:
2426:
2417:
2416:
2321:
2319:
2309:
2255:
2219:
2154:
2153:
2143:
2133:
2109:
2103:
2102:
2090:
2074:
2068:
2067:
2057:
2033:
2027:
2026:
1996:
1990:
1989:
1979:
1969:
1945:
1939:
1938:
1906:
1900:
1899:
1869:
1863:
1862:
1852:
1828:
1822:
1821:
1809:
1792:
1786:
1785:
1774:
1768:
1750:
1744:
1731:Richard Denney,
1729:
1723:
1714:Daniel Jackson,
1712:
1706:
1688:
1682:
1664:
1658:
1657:
1650:
1644:
1637:
1631:
1624:
1618:
1611:
1605:
1598:
1592:
1589:
1583:
1569:
1563:
1556:
1550:
1549:
1538:
1532:
1519:
1513:
1509:
1503:
1502:
1500:
1489:
1483:
1482:
1474:
1468:
1467:
1447:
1441:
1440:
1432:
1426:
1425:
1417:
1411:
1410:
1402:
1396:
1381:
1375:
1374:
1350:
1344:
1343:
1335:
1329:
1328:, 7(12):735–736.
1320:Knuth, Donald E.
1317:
1311:
1310:
1302:
1296:
1295:
1292:10.1002/stvr.223
1271:
1265:
1262:
1256:
1255:
1249:
1244:
1242:
1234:
1232:
1231:
1225:
1218:
1209:
1203:
1202:
1200:
1199:
1188:
593:gigabit Ethernet
531:read-only memory
500:operating system
477:
475:
474:
469:
467:
466:
450:
448:
447:
442:
440:
439:
408:
406:
405:
400:
398:
397:
384:
382:
381:
376:
374:
373:
359:Boolean function
321:
318:
300:
293:
257:representing it.
208:natural language
139:Backus–Naur form
65:formal languages
21:computer science
4036:
4035:
4031:
4030:
4029:
4027:
4026:
4025:
3996:
3995:
3994:
3989:
3961:
3952:Risk management
3916:
3885:
3824:
3805:Waterfall model
3775:Prototype model
3770:Iterative model
3731:
3707:Aspect-oriented
3690:
3669:Software system
3550:
3531:Software design
3469:
3464:
3434:
3429:
3420:
3391:
3372:Word processing
3280:
3266:Virtual reality
3227:
3189:
3160:Computer vision
3136:
3132:Multiprocessing
3098:
3060:
3026:Security hacker
3002:
2978:Digital library
2919:
2870:Mathematics of
2865:
2827:
2803:Automata theory
2798:Formal language
2772:
2738:Software design
2709:
2642:
2628:Virtual machine
2606:
2602:Network service
2563:
2554:Embedded system
2527:
2460:
2449:
2444:
2407:Wayback Machine
2352:
2347:
2298:Springer Nature
2272:Marieke Huisman
2244:
2217:
2163:
2161:Further reading
2158:
2157:
2110:
2106:
2099:
2075:
2071:
2034:
2030:
2023:
1997:
1993:
1946:
1942:
1907:
1903:
1896:
1870:
1866:
1829:
1825:
1818:
1793:
1789:
1776:
1775:
1771:
1761:Wayback Machine
1751:
1747:
1730:
1726:
1713:
1709:
1699:Wayback Machine
1689:
1685:
1665:
1661:
1652:
1651:
1647:
1638:
1634:
1625:
1621:
1612:
1608:
1599:
1595:
1590:
1586:
1580:Wayback Machine
1570:
1566:
1557:
1553:
1546:www.atelierb.eu
1540:
1539:
1535:
1530:Wayback Machine
1520:
1516:
1510:
1506:
1498:
1490:
1486:
1475:
1471:
1448:
1444:
1433:
1429:
1418:
1414:
1403:
1399:
1382:
1378:
1351:
1347:
1336:
1332:
1318:
1314:
1303:
1299:
1272:
1268:
1263:
1259:
1247:
1245:
1236:
1235:
1229:
1227:
1223:
1216:
1210:
1206:
1197:
1195:
1189:
1185:
1180:
1103:
1081:
1075:
977:
945:
939:
864:Process calculi
768:
760:
720:
685:automata theory
677:process algebra
625:Common Criteria
609:
570:Common Criteria
568:, and also for
484:
462:
461:
456:
453:
452:
435:
434:
432:
429:
428:
421:
415:
393:
392:
390:
387:
386:
369:
368:
366:
363:
362:
355:
349:
340:
334:
322:
316:
313:
306:needs expansion
291:
239:inference rules
237:, and a set of
224:
222:Automated proof
195:
187:
168:
162:
153:
147:
111:
105:
93:
69:automata theory
35:, development,
17:
12:
11:
5:
4034:
4024:
4023:
4018:
4013:
4008:
4006:Formal methods
3991:
3990:
3988:
3987:
3977:
3966:
3963:
3962:
3960:
3959:
3954:
3949:
3944:
3939:
3934:
3928:
3926:
3925:Related fields
3922:
3921:
3918:
3917:
3915:
3914:
3909:
3904:
3899:
3893:
3891:
3887:
3886:
3884:
3883:
3878:
3873:
3868:
3863:
3858:
3856:Function model
3853:
3848:
3843:
3838:
3832:
3830:
3826:
3825:
3823:
3822:
3817:
3812:
3807:
3802:
3797:
3792:
3787:
3782:
3777:
3772:
3767:
3762:
3760:Executable UML
3757:
3752:
3746:
3744:
3737:
3733:
3732:
3730:
3729:
3724:
3719:
3714:
3709:
3704:
3698:
3696:
3692:
3691:
3689:
3688:
3683:
3682:
3681:
3671:
3666:
3661:
3656:
3651:
3646:
3641:
3636:
3631:
3626:
3621:
3616:
3611:
3606:
3601:
3600:
3599:
3594:
3589:
3584:
3579:
3569:
3564:
3558:
3556:
3552:
3551:
3549:
3548:
3543:
3538:
3533:
3528:
3523:
3518:
3513:
3508:
3503:
3501:Formal methods
3498:
3493:
3488:
3483:
3477:
3475:
3471:
3470:
3463:
3462:
3455:
3448:
3440:
3431:
3430:
3428:
3427:
3417:
3407:
3396:
3393:
3392:
3390:
3389:
3384:
3379:
3374:
3369:
3364:
3359:
3354:
3349:
3344:
3339:
3334:
3329:
3324:
3319:
3314:
3309:
3304:
3299:
3294:
3288:
3286:
3282:
3281:
3279:
3278:
3276:Solid modeling
3273:
3268:
3263:
3258:
3253:
3248:
3243:
3237:
3235:
3229:
3228:
3226:
3225:
3220:
3215:
3210:
3205:
3199:
3197:
3191:
3190:
3188:
3187:
3182:
3177:
3175:Control method
3172:
3167:
3162:
3157:
3152:
3146:
3144:
3138:
3137:
3135:
3134:
3129:
3127:Multithreading
3124:
3119:
3114:
3108:
3106:
3100:
3099:
3097:
3096:
3091:
3086:
3081:
3076:
3070:
3068:
3062:
3061:
3059:
3058:
3053:
3048:
3043:
3038:
3033:
3028:
3023:
3021:Formal methods
3018:
3012:
3010:
3004:
3003:
3001:
3000:
2995:
2993:World Wide Web
2990:
2985:
2980:
2975:
2970:
2965:
2960:
2955:
2950:
2945:
2940:
2935:
2929:
2927:
2921:
2920:
2918:
2917:
2912:
2907:
2902:
2897:
2892:
2887:
2882:
2876:
2874:
2867:
2866:
2864:
2863:
2858:
2853:
2848:
2843:
2837:
2835:
2829:
2828:
2826:
2825:
2820:
2815:
2810:
2805:
2800:
2795:
2794:
2793:
2782:
2780:
2774:
2773:
2771:
2770:
2765:
2760:
2755:
2750:
2745:
2740:
2735:
2730:
2725:
2719:
2717:
2711:
2710:
2708:
2707:
2702:
2697:
2692:
2687:
2682:
2677:
2672:
2667:
2662:
2656:
2654:
2644:
2643:
2641:
2640:
2635:
2630:
2625:
2620:
2614:
2612:
2608:
2607:
2605:
2604:
2599:
2594:
2589:
2584:
2579:
2573:
2571:
2565:
2564:
2562:
2561:
2556:
2551:
2546:
2541:
2535:
2533:
2529:
2528:
2526:
2525:
2516:
2511:
2506:
2501:
2496:
2491:
2486:
2481:
2476:
2470:
2468:
2462:
2461:
2454:
2451:
2450:
2443:
2442:
2435:
2428:
2420:
2414:
2413:
2393:
2379:
2378:
2374:
2373:
2367:Formal methods
2364:
2359:
2351:
2350:External links
2348:
2346:
2345:
2322:
2281:
2269:
2258:Formal Methods
2242:
2208:
2195:
2172:Formal Methods
2164:
2162:
2159:
2156:
2155:
2104:
2097:
2069:
2028:
2021:
1991:
1940:
1921:(3): 243–277.
1901:
1894:
1864:
1823:
1816:
1787:
1769:
1745:
1724:
1707:
1705:, January 2003
1683:
1671:Jeannette Wing
1667:Daniel Jackson
1659:
1645:
1632:
1619:
1606:
1593:
1584:
1564:
1551:
1533:
1514:
1504:
1484:
1469:
1458:(2): 156–173.
1442:
1439:. p. 191.
1427:
1424:. p. 191.
1412:
1397:
1376:
1365:(1–2): 1–119.
1345:
1330:
1312:
1297:
1286:(3): 181–195.
1266:
1257:
1248:|journal=
1204:
1182:
1181:
1179:
1176:
1175:
1174:
1169:
1164:
1159:
1157:Model checking
1154:
1149:
1144:
1139:
1134:
1129:
1127:Formal science
1124:
1119:
1114:
1109:
1102:
1099:
1098:
1097:
1092:
1087:
1074:
1071:
1070:
1069:
1059:
1053:
1050:model checking
1039:
1029:
1015:
1005:
976:
973:
972:
971:
966:
961:
955:
949:
941:Main article:
938:
937:Model checkers
935:
934:
933:
928:
927:
926:
923:
913:
908:
903:
898:
893:
888:
883:
882:
881:
876:
871:
861:
856:
851:
846:
841:
836:
830:
824:
819:
813:
808:
803:
797:
791:
786:
781:
775:
767:
764:
759:
756:
732:expressiveness
719:
716:
608:
605:
483:
480:
465:
460:
438:
417:Main article:
414:
411:
396:
372:
351:Main article:
348:
345:
336:Main article:
333:
330:
324:
323:
303:
301:
290:
287:
259:
258:
248:
245:Model checking
242:
223:
220:
194:
191:
186:
183:
172:implementation
164:Main article:
161:
158:
149:Main article:
146:
143:
133:, later named
107:Main article:
104:
101:
92:
89:
73:control theory
29:mathematically
25:formal methods
15:
9:
6:
4:
3:
2:
4033:
4022:
4019:
4017:
4014:
4012:
4009:
4007:
4004:
4003:
4001:
3986:
3978:
3976:
3968:
3967:
3964:
3958:
3955:
3953:
3950:
3948:
3945:
3943:
3940:
3938:
3935:
3933:
3930:
3929:
3927:
3923:
3913:
3910:
3908:
3905:
3903:
3900:
3898:
3895:
3894:
3892:
3888:
3882:
3879:
3877:
3876:Systems model
3874:
3872:
3869:
3867:
3864:
3862:
3859:
3857:
3854:
3852:
3849:
3847:
3844:
3842:
3839:
3837:
3834:
3833:
3831:
3827:
3821:
3818:
3816:
3813:
3811:
3808:
3806:
3803:
3801:
3798:
3796:
3793:
3791:
3788:
3786:
3783:
3781:
3778:
3776:
3773:
3771:
3768:
3766:
3763:
3761:
3758:
3756:
3753:
3751:
3748:
3747:
3745:
3743:Developmental
3741:
3738:
3734:
3728:
3725:
3723:
3720:
3718:
3715:
3713:
3710:
3708:
3705:
3703:
3700:
3699:
3697:
3693:
3687:
3684:
3680:
3677:
3676:
3675:
3672:
3670:
3667:
3665:
3662:
3660:
3657:
3655:
3652:
3650:
3647:
3645:
3642:
3640:
3637:
3635:
3632:
3630:
3627:
3625:
3622:
3620:
3617:
3615:
3612:
3610:
3607:
3605:
3604:Data modeling
3602:
3598:
3595:
3593:
3590:
3588:
3585:
3583:
3580:
3578:
3575:
3574:
3573:
3570:
3568:
3565:
3563:
3560:
3559:
3557:
3553:
3547:
3544:
3542:
3539:
3537:
3534:
3532:
3529:
3527:
3524:
3522:
3519:
3517:
3514:
3512:
3509:
3507:
3504:
3502:
3499:
3497:
3494:
3492:
3489:
3487:
3484:
3482:
3479:
3478:
3476:
3472:
3468:
3461:
3456:
3454:
3449:
3447:
3442:
3441:
3438:
3426:
3418:
3416:
3408:
3406:
3398:
3397:
3394:
3388:
3385:
3383:
3380:
3378:
3375:
3373:
3370:
3368:
3365:
3363:
3360:
3358:
3355:
3353:
3350:
3348:
3345:
3343:
3340:
3338:
3335:
3333:
3330:
3328:
3325:
3323:
3320:
3318:
3315:
3313:
3310:
3308:
3305:
3303:
3300:
3298:
3295:
3293:
3290:
3289:
3287:
3283:
3277:
3274:
3272:
3269:
3267:
3264:
3262:
3261:Mixed reality
3259:
3257:
3254:
3252:
3249:
3247:
3244:
3242:
3239:
3238:
3236:
3234:
3230:
3224:
3221:
3219:
3216:
3214:
3211:
3209:
3206:
3204:
3201:
3200:
3198:
3196:
3192:
3186:
3183:
3181:
3178:
3176:
3173:
3171:
3168:
3166:
3163:
3161:
3158:
3156:
3153:
3151:
3148:
3147:
3145:
3143:
3139:
3133:
3130:
3128:
3125:
3123:
3120:
3118:
3115:
3113:
3110:
3109:
3107:
3105:
3101:
3095:
3094:Accessibility
3092:
3090:
3089:Visualization
3087:
3085:
3082:
3080:
3077:
3075:
3072:
3071:
3069:
3067:
3063:
3057:
3054:
3052:
3049:
3047:
3044:
3042:
3039:
3037:
3034:
3032:
3029:
3027:
3024:
3022:
3019:
3017:
3014:
3013:
3011:
3009:
3005:
2999:
2996:
2994:
2991:
2989:
2986:
2984:
2981:
2979:
2976:
2974:
2971:
2969:
2966:
2964:
2961:
2959:
2956:
2954:
2951:
2949:
2946:
2944:
2941:
2939:
2936:
2934:
2931:
2930:
2928:
2926:
2922:
2916:
2913:
2911:
2908:
2906:
2903:
2901:
2898:
2896:
2893:
2891:
2888:
2886:
2883:
2881:
2878:
2877:
2875:
2873:
2868:
2862:
2859:
2857:
2854:
2852:
2849:
2847:
2844:
2842:
2839:
2838:
2836:
2834:
2830:
2824:
2821:
2819:
2816:
2814:
2811:
2809:
2806:
2804:
2801:
2799:
2796:
2792:
2789:
2788:
2787:
2784:
2783:
2781:
2779:
2775:
2769:
2766:
2764:
2761:
2759:
2756:
2754:
2751:
2749:
2746:
2744:
2741:
2739:
2736:
2734:
2731:
2729:
2726:
2724:
2721:
2720:
2718:
2716:
2712:
2706:
2703:
2701:
2698:
2696:
2693:
2691:
2688:
2686:
2683:
2681:
2678:
2676:
2673:
2671:
2668:
2666:
2663:
2661:
2658:
2657:
2655:
2653:
2649:
2645:
2639:
2636:
2634:
2631:
2629:
2626:
2624:
2621:
2619:
2616:
2615:
2613:
2609:
2603:
2600:
2598:
2595:
2593:
2590:
2588:
2585:
2583:
2580:
2578:
2575:
2574:
2572:
2570:
2566:
2560:
2557:
2555:
2552:
2550:
2549:Dependability
2547:
2545:
2542:
2540:
2537:
2536:
2534:
2530:
2524:
2520:
2517:
2515:
2512:
2510:
2507:
2505:
2502:
2500:
2497:
2495:
2492:
2490:
2487:
2485:
2482:
2480:
2477:
2475:
2472:
2471:
2469:
2467:
2463:
2458:
2452:
2448:
2441:
2436:
2434:
2429:
2427:
2422:
2421:
2418:
2412:
2408:
2404:
2401:
2397:
2394:
2392:
2388:
2384:
2383:Formal method
2381:
2380:
2376:
2375:
2372:
2368:
2365:
2363:
2360:
2357:
2354:
2353:
2343:
2342:1-85233-247-6
2339:
2335:
2331:
2327:
2323:
2318:
2313:
2308:
2303:
2300:: 4473–4546.
2299:
2295:
2291:
2287:
2282:
2279:
2278:
2273:
2270:
2267:
2263:
2259:
2253:
2249:
2245:
2239:
2235:
2231:
2227:
2223:
2216:
2215:
2209:
2206:
2202:
2201:
2196:
2193:
2189:
2185:
2181:
2177:
2173:
2169:
2166:
2165:
2151:
2147:
2142:
2137:
2132:
2127:
2123:
2119:
2115:
2108:
2100:
2094:
2089:
2084:
2080:
2073:
2065:
2061:
2056:
2051:
2047:
2043:
2039:
2032:
2024:
2018:
2014:
2010:
2006:
2002:
1995:
1987:
1983:
1978:
1973:
1968:
1963:
1959:
1955:
1951:
1944:
1936:
1932:
1928:
1924:
1920:
1916:
1912:
1905:
1897:
1891:
1887:
1883:
1879:
1875:
1868:
1860:
1856:
1851:
1846:
1842:
1838:
1834:
1827:
1819:
1813:
1808:
1803:
1799:
1791:
1783:
1779:
1773:
1766:
1762:
1758:
1755:
1749:
1742:
1741:0-321-31643-6
1738:
1734:
1728:
1721:
1717:
1711:
1704:
1700:
1696:
1693:
1687:
1680:
1679:IEEE Computer
1676:
1672:
1668:
1663:
1655:
1649:
1642:
1636:
1629:
1623:
1616:
1610:
1603:
1597:
1588:
1581:
1577:
1574:
1568:
1561:
1555:
1547:
1543:
1537:
1531:
1527:
1524:
1518:
1508:
1497:
1496:
1488:
1480:
1473:
1465:
1461:
1457:
1453:
1446:
1438:
1431:
1423:
1416:
1408:
1401:
1394:
1390:
1386:
1380:
1372:
1368:
1364:
1360:
1356:
1349:
1341:
1334:
1327:
1326:
1321:
1316:
1308:
1301:
1293:
1289:
1285:
1281:
1277:
1270:
1264:Monin, pp.3-4
1261:
1253:
1240:
1222:
1215:
1208:
1194:
1187:
1183:
1173:
1170:
1168:
1165:
1163:
1160:
1158:
1155:
1153:
1150:
1148:
1145:
1143:
1142:Formal system
1140:
1138:
1135:
1133:
1130:
1128:
1125:
1123:
1120:
1118:
1115:
1113:
1110:
1108:
1105:
1104:
1096:
1093:
1091:
1088:
1086:
1083:
1082:
1080:
1073:Organizations
1067:
1063:
1060:
1057:
1054:
1051:
1047:
1043:
1040:
1037:
1033:
1030:
1027:
1023:
1019:
1016:
1013:
1009:
1006:
1003:
999:
998:
997:
994:
990:
986:
982:
970:
967:
965:
962:
959:
956:
953:
950:
947:
946:
944:
932:
929:
924:
922:
919:
918:
917:
914:
912:
909:
907:
904:
902:
899:
897:
894:
892:
889:
887:
884:
880:
877:
875:
872:
870:
867:
866:
865:
862:
860:
857:
855:
852:
850:
847:
845:
842:
840:
837:
834:
831:
828:
825:
823:
820:
817:
814:
812:
809:
807:
804:
801:
798:
795:
792:
790:
787:
785:
782:
779:
776:
773:
770:
769:
763:
755:
753:
749:
745:
741:
737:
733:
728:
726:
715:
713:
709:
705:
701:
696:
694:
690:
686:
682:
678:
674:
669:
667:
663:
658:
656:
652:
647:
645:
641:
637:
633:
628:
626:
622:
618:
614:
604:
601:
597:
594:
590:
586:
581:
579:
575:
571:
567:
563:
559:
555:
551:
547:
542:
540:
536:
532:
528:
524:
520:
516:
512:
508:
504:
501:
497:
493:
489:
479:
426:
420:
410:
360:
354:
344:
339:
329:
320:
311:
307:
304:This section
302:
299:
295:
294:
286:
285:convergence.
282:
280:
276:
271:
267:
264:
256:
252:
249:
246:
243:
240:
236:
232:
229:
228:
227:
219:
216:
211:
209:
205:
200:
190:
182:
180:
175:
173:
167:
157:
152:
142:
140:
137:then renamed
136:
132:
128:
124:
119:
115:
110:
103:Specification
100:
98:
88:
86:
82:
78:
74:
70:
66:
62:
58:
53:
50:
46:
42:
38:
34:
33:specification
30:
26:
22:
3871:Object model
3866:Metamodeling
3795:Spiral model
3695:Orientations
3500:
3357:Cyberwarfare
3020:
3016:Cryptography
2329:
2293:
2289:
2276:
2261:
2257:
2213:
2199:
2179:
2175:
2171:
2121:
2117:
2107:
2078:
2072:
2045:
2041:
2031:
2004:
1994:
1957:
1953:
1943:
1918:
1914:
1904:
1877:
1867:
1840:
1836:
1826:
1797:
1790:
1781:
1772:
1764:
1748:
1732:
1727:
1719:
1710:
1702:
1686:
1681:, April 1996
1678:
1662:
1653:
1648:
1635:
1622:
1609:
1604:", at Intel.
1596:
1587:
1567:
1554:
1545:
1536:
1517:
1507:
1494:
1487:
1478:
1472:
1455:
1451:
1445:
1436:
1430:
1421:
1415:
1406:
1400:
1379:
1362:
1358:
1348:
1339:
1333:
1323:
1315:
1306:
1300:
1283:
1279:
1269:
1260:
1239:cite journal
1228:. Retrieved
1221:the original
1207:
1196:. Retrieved
1186:
1095:Z User Group
978:
761:
735:
729:
721:
697:
670:
659:
648:
629:
610:
582:
543:
511:data centres
503:microkernels
485:
482:Applications
422:
356:
341:
327:
314:
310:adding to it
305:
283:
272:
268:
260:
225:
212:
196:
188:
176:
169:
160:Verification
154:
120:
116:
112:
94:
81:type systems
54:
41:verification
24:
18:
3562:Abstraction
3367:Video games
3347:Digital art
3104:Concurrency
2973:Data mining
2885:Probability
2618:Interpreter
2411:Archive.org
2391:Archive.org
2385:keyword on
2048:: 224–248.
1542:"Atelier B"
1152:Methodology
1077:Main page:
1022:SMT solvers
993:SAT solvers
985:NP-complete
784:Actor model
736:lightweight
687:; see also
600:PCI express
413:SAT solvers
218:expertise.
199:correctness
127:John Backus
85:type theory
4000:Categories
3881:View model
3846:Data model
3425:Glossaries
3297:E-commerce
2890:Statistics
2833:Algorithms
2791:Stochastic
2623:Middleware
2479:Peripheral
2307:1812.08815
2131:1611.07627
2124:: 97–115.
1967:2008.02939
1960:: 91–108.
1843:: 103572.
1230:2006-11-16
1198:2006-11-16
1178:References
1062:SyGuS-COMP
931:Z notation
879:Ď€-calculus
854:Petri nets
744:Z notation
725:generators
673:Petri nets
644:Z notation
642:, and the
596:controller
419:SAT solver
289:Techniques
3890:Languages
3246:Rendering
3241:Animation
2872:computing
2823:Semantics
2514:Processor
2252:221381022
2188:CRC Press
2150:2075-2180
2064:0004-3702
1986:2075-2180
1935:1573-0670
1859:0004-3702
1782:esbmc.org
1393:1477-8424
1309:. UNESCO.
1147:Methodism
896:SPARK Ada
558:Atelier B
459:¬
317:June 2024
215:ambiguity
145:Synthesis
63:calculi,
3985:Category
3851:ER model
3717:Ontology
3629:Software
3555:Concepts
3405:Category
3233:Graphics
3008:Security
2670:Compiler
2569:Networks
2466:Hardware
2403:Archived
2336:, 2003,
2334:Springer
2226:Springer
1757:Archived
1695:Archived
1576:Archived
1526:Archived
1101:See also
1085:BCS-FACS
1032:CHC-COMP
1018:SMT-COMP
806:B-Method
748:use case
632:B-Method
554:B-Method
527:firmware
505:such as
125:report,
123:ALGOL 58
49:hardware
45:software
37:analysis
3975:Commons
3800:V-model
3415:Outline
2194:, 2004.
1778:"ESBMC"
1395:(2011).
1056:SV-COMP
1042:QBFEVAL
987:by the
981:NP-hard
822:Esterel
754:Tools.
621:DO-178C
566:Siemens
488:routers
275:oracles
255:lattice
179:proving
3736:Models
3486:DevOps
3474:Fields
2400:DEPLOY
2371:Foldoc
2340:
2250:
2240:
2148:
2095:
2062:
2019:
1984:
1933:
1892:
1857:
1814:
1739:
1391:
1068:tools.
991:, but
969:UPPAAL
921:VDM-SL
839:Lustre
835:(KBSA)
818:(CASL)
802:(ASSL)
796:(ACSL)
780:(ACL2)
774:(ASMs)
679:, and
562:Alstom
235:axioms
83:, and
39:, and
3912:SysML
3836:SPICE
3829:Other
3790:Scrum
3750:Agile
3702:Agile
3686:CI/CD
2818:Logic
2652:tools
2369:from
2358:(FME)
2302:arXiv
2296:(6).
2248:S2CID
2218:(PDF)
2126:arXiv
1962:arXiv
1763:, In
1512:IEEE.
1499:(PDF)
1224:(PDF)
1217:(PDF)
1002:Alloy
948:ESBMC
925:VDM++
886:RAISE
874:LOTOS
844:mCRL2
829:(JML)
789:Alloy
746:with
740:Alloy
640:RAISE
585:Intel
574:ATMEL
556:with
517:used
261:Some
61:logic
3897:IDEF
3841:CMMI
3727:SDLC
2650:and
2523:Form
2519:Size
2389:via
2338:ISBN
2238:ISBN
2146:ISSN
2093:ISBN
2060:ISSN
2017:ISBN
1982:ISSN
1931:ISSN
1890:ISBN
1855:ISSN
1812:ISBN
1737:ISBN
1669:and
1389:ISSN
1252:help
1008:CASC
964:SPIN
906:TLA+
811:CADP
660:The
589:BDDs
576:and
564:and
546:NASA
519:ACL2
507:seL4
91:Uses
47:and
27:are
3907:USL
3902:UML
3780:RAD
3755:EUP
2312:doi
2230:doi
2136:doi
2122:260
2083:doi
2050:doi
2046:274
2009:doi
1972:doi
1958:344
1923:doi
1882:doi
1845:doi
1841:301
1802:doi
1460:doi
1367:doi
1288:doi
958:PAT
916:VDM
911:USL
869:CSP
752:VDM
704:OWL
691:or
649:In
611:In
533:).
523:AMD
515:IBM
312:.
43:of
19:In
4002::
3810:XP
3785:UP
2521:/
2332:,
2328:,
2310:.
2294:25
2292:.
2288:.
2264:,
2246:.
2236:.
2220:.
2203:.
2190:,
2186:/
2144:.
2134:.
2120:.
2116:.
2091:.
2058:.
2044:.
2040:.
2015:.
2003:.
1980:.
1970:.
1956:.
1952:.
1929:.
1919:50
1917:.
1913:.
1888:.
1876:.
1853:.
1839:.
1835:.
1810:.
1780:.
1718:,
1701:,
1677:,
1673:,
1544:.
1454:.
1361:.
1357:.
1284:11
1282:.
1278:.
1243::
1241:}}
1237:{{
727:.
675:,
653:,
646:.
638:,
580:.
513:.
494:,
490:,
99:.
87:.
79:,
75:,
71:,
67:,
23:,
3459:e
3452:t
3445:v
2459:.
2439:e
2432:t
2425:v
2344:.
2320:.
2314::
2304::
2254:.
2232::
2152:.
2138::
2128::
2101:.
2085::
2066:.
2052::
2025:.
2011::
1988:.
1974::
1964::
1937:.
1925::
1898:.
1884::
1861:.
1847::
1820:.
1804::
1784:.
1743:.
1656:.
1548:.
1466:.
1462::
1456:7
1373:.
1369::
1363:4
1342:.
1294:.
1290::
1254:)
1250:(
1233:.
1201:.
1052:.
1028:.
1014:.
1004:.
464:P
437:P
395:P
371:P
319:)
315:(
241:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.