메뉴 건너뛰기




Volumn 25, Issue 5, 1999, Pages 651-660

Systematic formal verification for fault-tolerant time-triggered algorithms

Author keywords

[No Author keywords available]

Indexed keywords

ALGORITHMS; COMPUTER SYSTEMS PROGRAMMING; FORMAL LANGUAGES; RESPONSE TIME (COMPUTER SYSTEMS);

EID: 0033336111     PISSN: 00985589     EISSN: None     Source Type: Journal    
DOI: 10.1109/32.815324     Document Type: Article
Times cited : (68)

References (49)
  • 2
    • 0022045868 scopus 로고
    • Impossibility of Distributed Consensus with One Faulty Process
    • Apr.
    • M.J. Fischer, N.A. Lynch, and M.S. Paterson, "Impossibility of Distributed Consensus with One Faulty Process," J. ACM, vol. 32, no. 2, pp. 374-382, Apr. 1985.
    • (1985) J. ACM , vol.32 , Issue.2 , pp. 374-382
    • Fischer, M.J.1    Lynch, N.A.2    Paterson, M.S.3
  • 6
    • 33747403119 scopus 로고
    • Dec. Prepared by the Airlines Electronic Engineering Committee
    • Aeronautical Radio, Inc, Annapolis, Md. ARINC Specification 659: Backplane Data Bus, Dec. 1993. Prepared by the Airlines Electronic Engineering Committee.
    • (1993) ARINC Specification 659: Backplane Data Bus
  • 7
    • 0029394434 scopus 로고
    • Boeing's Seventh Wonder
    • Oct.
    • W. Sweet and D. Dooling, "Boeing's Seventh Wonder," IEEE Spectrum, vol. 32, no. 10, pp. 20-23, Oct. 1995.
    • (1995) IEEE Spectrum , vol.32 , Issue.10 , pp. 20-23
    • Sweet, W.1    Dooling, D.2
  • 8
    • 0026203020 scopus 로고
    • Integrated Modular Avionics for Next-Generation Commercial Airplanes
    • Aug.
    • M.J. Morgan, "Integrated Modular Avionics for Next-Generation Commercial Airplanes," IEEE Aerospace and Electronic Systems Magazine, vol. 6, no. 8, pp. 9-12, Aug. 1991.
    • (1991) IEEE Aerospace and Electronic Systems Magazine , vol.6 , Issue.8 , pp. 9-12
    • Morgan, M.J.1
  • 9
    • 33749983218 scopus 로고
    • The Concepts and Technologies of Dependable and Real-Time Computer Systems for Shinkansen Train Control
    • Responsive Computer Systems, H. Kopetz and Y. Kakuda, eds., Vienna, Austria: Springer-Verlag
    • A. Hachiga, "The Concepts and Technologies of Dependable and Real-Time Computer Systems for Shinkansen Train Control," Responsive Computer Systems, H. Kopetz and Y. Kakuda, eds., Dependable Computing and Fault-Tolerant Systems, vol. 7, pp. 225-252, Vienna, Austria: Springer-Verlag, 1993.
    • (1993) Dependable Computing and Fault-Tolerant Systems , vol.7 , pp. 225-252
    • Hachiga, A.1
  • 10
    • 0028317462 scopus 로고
    • TTP - A Protocol for Fault-Tolerant Real-Time Systems
    • Jan.
    • H. Kopetz and G. Grünsteidl, "TTP - A Protocol for Fault-Tolerant Real-Time Systems," Computer, vol. 27, no. 1, pp. 14-23, Jan. 1994.
    • (1994) Computer , vol.27 , Issue.1 , pp. 14-23
    • Kopetz, H.1    Grünsteidl, G.2
  • 11
    • 0026104130 scopus 로고
    • Understanding Fault-Tolerant Distributed Systems
    • Feb.
    • F. Cristian, "Understanding Fault-Tolerant Distributed Systems," Comm. ACM, vol. 34, no. 2, pp. 56-78, Feb. 1991.
    • (1991) Comm. ACM , vol.34 , Issue.2 , pp. 56-78
    • Cristian, F.1
  • 12
    • 0030214489 scopus 로고    scopus 로고
    • Fault-Tolerance in Air Traffic Control Systems
    • Aug.
    • F. Cristian, B. Dancey, and J. Dehn, "Fault-Tolerance in Air Traffic Control Systems," ACM Trans. Computer Systems, vol. 14, no. 3, pp. 265-286, Aug. 1996.
    • (1996) ACM Trans. Computer Systems , vol.14 , Issue.3 , pp. 265-286
    • Cristian, F.1    Dancey, B.2    Dehn, J.3
  • 13
    • 84976810569 scopus 로고
    • Reaching Agreement in the Presence of Faults
    • Apr.
    • M. Pease, R. Shostak, and L. Lamport, "Reaching Agreement in the Presence of Faults," J. ACM, vol. 27, no. 2, pp. 228-234, Apr. 1980.
    • (1980) J. ACM , vol.27 , Issue.2 , pp. 228-234
    • Pease, M.1    Shostak, R.2    Lamport, L.3
  • 14
    • 0022246697 scopus 로고
    • Atomic Broadcast: From Simple Message Diffusion to Byzantine Agreement
    • Ann Arbor, Mich., June
    • F. Cristian, H. Aghili, R. Strong, and D. Dolev, "Atomic Broadcast: From Simple Message Diffusion to Byzantine Agreement," Proc. Fault Tolerant Computing Symp. 15, pp. 200-206, Ann Arbor, Mich., June 1985.
    • (1985) Proc. Fault Tolerant Computing Symp. , vol.15 , pp. 200-206
    • Cristian, F.1    Aghili, H.2    Strong, R.3    Dolev, D.4
  • 15
    • 34249957995 scopus 로고
    • Reaching Agreement on Processor-Group Membership in Synchronous Distributed Systems
    • F. Cristian, "Reaching Agreement on Processor-Group Membership in Synchronous Distributed Systems," Distributed Systems, vol. 4, pp. 175-187, 1991.
    • (1991) Distributed Systems , vol.4 , pp. 175-187
    • Cristian, F.1
  • 16
    • 0029378850 scopus 로고
    • Formal Specification and Compositional Verification of an Atomic Broadcast Protocol
    • P. Zhou and J. Hooman, "Formal Specification and Compositional Verification of an Atomic Broadcast Protocol," Real-Time Systems, vol. 9, no. 2, pp. 119-145, 1995.
    • (1995) Real-Time Systems , vol.9 , Issue.2 , pp. 119-145
    • Zhou, P.1    Hooman, J.2
  • 17
    • 0038927618 scopus 로고
    • Group Membership Protocol: Specification and Verification
    • E. Börger, ed., Oxford, U.K.: Oxford Univ. Press
    • Y. Gurevich and R. Mani, "Group Membership Protocol: Specification and Verification," Specification and Validation Methods, E. Börger, ed., pp. 295-328, Oxford, U.K.: Oxford Univ. Press, 1995.
    • (1995) Specification and Validation Methods , pp. 295-328
    • Gurevich, Y.1    Mani, R.2
  • 18
    • 84995731507 scopus 로고
    • Specifying and Verifying Fault-Tolerant Systems
    • H. Langmaack, W.-P. de Roever, and J. Vytopil, eds., Lübeck, Germany, Lecture Notes in Computer Science 863, Springer-Verlag, Sept.
    • L. Lamport and S. Merz, "Specifying and Verifying Fault-Tolerant Systems," Formal Techniques in Real-Time and Fault-Tolerant Systems. H. Langmaack, W.-P. de Roever, and J. Vytopil, eds., Lübeck, Germany, Lecture Notes in Computer Science 863, pp. 41-76, Springer-Verlag, Sept. 1994.
    • (1994) Formal Techniques in Real-Time and Fault-Tolerant Systems. , pp. 41-76
    • Lamport, L.1    Merz, S.2
  • 19
    • 2442631485 scopus 로고
    • Formal Verification of an Oral Messages Algorithm for Interactive Consistency
    • Computer Science Laboratory, SRI Int'l, Menlo Park, Calif., July 1992. also available as NASA Contractor Report 189704, Oct.
    • J. Rushby, "Formal Verification of an Oral Messages Algorithm for Interactive Consistency," Technical Report SRI-CSL-92-1, Computer Science Laboratory, SRI Int'l, Menlo Park, Calif., July 1992. also available as NASA Contractor Report 189704, Oct. 1992.
    • (1992) Technical Report SRI-CSL-92-1
    • Rushby, J.1
  • 20
    • 84947804054 scopus 로고
    • Formal Verification of an Agorithm for Interactive Consistency under a Hybrid Fault Model
    • C. Courcoubetis, ed., Elounda, Greece, Lecture Notes in Computer Science 697, Springer-Verlag, June/July
    • P. Lincoln and J. Rushby, "Formal Verification of an Agorithm for Interactive Consistency Under a Hybrid Fault Model," Proc. Computer-Aided Verification, CAV '93, pp. 292-304, C. Courcoubetis, ed., Elounda, Greece, Lecture Notes in Computer Science 697, Springer-Verlag, June/July 1993.
    • (1993) Proc. Computer-Aided Verification, CAV '93 , pp. 292-304
    • Lincoln, P.1    Rushby, J.2
  • 21
    • 0027880601 scopus 로고
    • A Formally Verified Algorithm for Interactive Consistency under a Hybrid Fault Model
    • Toulouse, France, June
    • P. Lincoln and J. Rushby, "A Formally Verified Algorithm for Interactive Consistency Under a Hybrid Fault Model," Proc. Fault Tolerant Computing Symp. 23, pp. 402-411, Toulouse, France, June 1993.
    • (1993) Proc. Fault Tolerant Computing Symp. 23 , pp. 402-411
    • Lincoln, P.1    Rushby, J.2
  • 22
    • 0028576751 scopus 로고
    • Formal Verification of an Interactive Consistency Algorithm for the Draper FTP Architecture under a Hybrid Fault Model
    • Gaithersburg, Md., June
    • P. Lincoln and J. Rushby, "Formal Verification of an Interactive Consistency Algorithm for the Draper FTP Architecture Under a Hybrid Fault Model," Proc. Ninth Ann. Conf. Computer Assurance, pp. 107-120, Gaithersburg, Md., June 1994.
    • (1994) Proc. Ninth Ann. Conf. Computer Assurance , pp. 107-120
    • Lincoln, P.1    Rushby, J.2
  • 23
    • 33749936786 scopus 로고
    • The Design and Proof of Correctness of a Fault-Tolerant Circuit
    • Dependable Computing for Critical Applications - 2, J.F. Meyer and R.D. Schlichting, eds., Vienna, Austria: Springer-Verlag, Feb.
    • W.R. Bevier and W.D. Young, "The Design and Proof of Correctness of a Fault-Tolerant Circuit," Dependable Computing for Critical Applications - 2, J.F. Meyer and R.D. Schlichting, eds., Dependable Computing and Fault-Tolerant Systems, vol. 6, pp. 243-260, Vienna, Austria: Springer-Verlag, Feb. 1991.
    • (1991) Dependable Computing and Fault-Tolerant Systems , vol.6 , pp. 243-260
    • Bevier, W.R.1    Young, W.D.2
  • 24
    • 0031274594 scopus 로고    scopus 로고
    • Formally Verified On-Line Diagnosis
    • Nov.
    • C.J. Walter, P. Lincoln, and N. Suri, "Formally Verified On-Line Diagnosis," IEEE Trans. Software Eng., vol. 23, no. 11, pp. 684-721, Nov. 1997.
    • (1997) IEEE Trans. Software Eng. , vol.23 , Issue.11 , pp. 684-721
    • Walter, C.J.1    Lincoln, P.2    Suri, N.3
  • 25
    • 33645621298 scopus 로고
    • A Fault-Masking and Transient-Recovery Model for Digital Flight-Control Systems
    • J. Vytopil, ed., eh. 5
    • J. Rushby, "A Fault-Masking and Transient-Recovery Model for Digital Flight-Control Systems," Formal Techniques in Real-Time and Fault-Tolerant Systems, J. Vytopil, ed., eh. 5, pp. 109-136, Boston, Dordecht, London: Kluwer, 1993.
    • (1993) Formal Techniques in Real-Time and Fault-Tolerant Systems , pp. 109-136
    • Rushby, J.1
  • 26
    • 33749910342 scopus 로고
    • Formal Techniques for Synchronized Fault-Tolerant Systems
    • C.E. Landwehr, B. Randell, and L. Simoncini, eds., Dependable Computing and Fault-Tolerant Systems, Vienna, Austria: Springer-Verlag, Sept.
    • B.L. Di Vito and R.W. Butler, "Formal Techniques for Synchronized Fault-Tolerant Systems," Dependable Computing for Critical Applications - 3, C.E. Landwehr, B. Randell, and L. Simoncini, eds., Dependable Computing and Fault-Tolerant Systems, vol. 8, pp. 163-188, Vienna, Austria: Springer-Verlag, Sept. 1992.
    • (1992) Dependable Computing for Critical Applications - 3 , vol.8 , pp. 163-188
    • Di Vito, B.L.1    Butler, R.W.2
  • 28
    • 0031118481 scopus 로고    scopus 로고
    • Comparing Verification Systems: Interactive Consistency in ACL2
    • Apr.
    • W.D. Young, "Comparing Verification Systems: Interactive Consistency in ACL2," IEEE Trans. Software Eng., vol. 23, no. 4, pp. 214-223 Apr. 1997
    • (1997) IEEE Trans. Software Eng. , vol.23 , Issue.4 , pp. 214-223
    • Young, W.D.1
  • 30
    • 0027701730 scopus 로고
    • Should Responsive Systems be Event-Triggered or Time-Triggered?
    • Nov.
    • H. Kopetz, "Should Responsive Systems be Event-Triggered or Time-Triggered?," IEICE Trans. Information and Systems, vol. D, no. 11, pp. 1,325-1,332, Nov. 1993.
    • (1993) IEICE Trans. Information and Systems , vol.D , Issue.11 , pp. 325-332
    • Kopetz, H.1
  • 31
    • 0029251055 scopus 로고
    • Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS
    • Feb.
    • S. Owre, J. Rushby, N. Shankar, and F. von Henke, "Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS," IEEE Trans. Software Eng., vol. 21, no. 2, pp. 107-125, Feb. 1995.
    • (1995) IEEE Trans. Software Eng. , vol.21 , Issue.2 , pp. 107-125
    • Owre, S.1    Rushby, J.2    Shankar, N.3    Von Henke, F.4
  • 32
    • 0021898159 scopus 로고
    • Synchronizing Clocks in the Presence of Faults
    • Jan.
    • L. Lamport and P.M. Melliar-Smith, "Synchronizing Clocks in the Presence of Faults," J. ACM, vol. 32, no. 1, pp. 52-78, Jan. 1985.
    • (1985) J. ACM , vol.32 , Issue.1 , pp. 52-78
    • Lamport, L.1    Melliar-Smith, P.M.2
  • 33
    • 33749878265 scopus 로고
    • An Optimized Implementation of a Fault-Tolerant Clock Synchronization Circuit
    • NASA Langley Research Center, Hampton, Va., Feb.
    • W. Torres-Pomales, "An Optimized Implementation of a Fault-Tolerant Clock Synchronization Circuit," NASA Technical Memo. 109176, NASA Langley Research Center, Hampton, Va., Feb. 1995.
    • (1995) NASA Technical Memo. 109176
    • Torres-Pomales, W.1
  • 34
    • 10644247113 scopus 로고    scopus 로고
    • Verification of an Optimized Fault-Tolerant Clock Synchronization Circuit: A Case Study Exploring the Boundary between Formal Reasoning Systems
    • M. Sheeran and S. Singh, eds., Bastad, Sweden, Sept.
    • P.S. Miner and S.D. Johnson, "Verification of an Optimized Fault-Tolerant Clock Synchronization Circuit: A Case Study Exploring the Boundary between Formal Reasoning Systems," Designing Correct Circuits, M. Sheeran and S. Singh, eds., Bastad, Sweden, Sept. 1996.
    • (1996) Designing Correct Circuits
    • Miner, P.S.1    Johnson, S.D.2
  • 35
    • 0025530011 scopus 로고
    • Continuous Clock Amortization Need Not Affect the Precision of a Clock Synchronization Algorithm
    • Québec City, Québec, Canada, Aug.
    • F. Schmuck and F. Cristian, "Continuous Clock Amortization Need Not Affect the Precision of a Clock Synchronization Algorithm," Proc. Ninth ACM Symp. Principles of Distributed Computing, pp. 133-143, Québec City, Québec, Canada, Aug. 1990.
    • (1990) Proc. Ninth ACM Symp. Principles of Distributed Computing , pp. 133-143
    • Schmuck, F.1    Cristian, F.2
  • 36
    • 0027147270 scopus 로고
    • Formal Verification of Algorithms for Critical Systems
    • Jan.
    • J. Rushby and F. von Henke, "Formal Verification of Algorithms for Critical Systems," IEEE Trans. Software Eng., vol. 19, no. 1, pp. 13-23, Jan. 1993.
    • (1993) IEEE Trans. Software Eng. , vol.19 , Issue.1 , pp. 13-23
    • Rushby, J.1    Von Henke, F.2
  • 39
    • 2442446248 scopus 로고
    • A Formally Verified Algorithm for Clock Synchronization under a Hybrid Fault Model
    • Los Angeles, Calif., Aug. Also available as NASA Contractor Report 198289
    • J. Rushby, "A Formally Verified Algorithm for Clock Synchronization Under a Hybrid Fault Model," Proc. 13th ACM Symp. Principles of Distributed Computing, pp. 304-313, Los Angeles, Calif., Aug. 1994. Also available as NASA Contractor Report 198289
    • (1994) Proc. 13th ACM Symp. Principles of Distributed Computing , pp. 304-313
    • Rushby, J.1
  • 40
    • 84958657477 scopus 로고    scopus 로고
    • Mechanical Verification of Clock Synchronization Algorithms
    • Lyngby, Denmark, Lecture Notes in Computer Science Springer-Verlag, Sept.
    • D. Schwier and F. von Henke, "Mechanical Verification of Clock Synchronization Algorithms," Formal Techniques in Real-Time and Fault-Tolerant Systems, Lyngby, Denmark, Lecture Notes in Computer Science 1486, pp. 262-271, Springer-Verlag, Sept. 1998.
    • (1998) Formal Techniques in Real-Time and Fault-Tolerant Systems , vol.1486 , pp. 262-271
    • Schwier, D.1    Von Henke, F.2
  • 41
    • 84988985992 scopus 로고    scopus 로고
    • Formal Verification for Time-Triggered Clock Synchronization
    • J. Rushby, ed., San Jose, Calif., Jan. Dependable Computing and Fault Tolerant Systems, pp. 207-286, C.B. Weinstock and J. Rushby, eds., IEEE Computer Society.
    • H. Pfeifer, D. Schwier, and F.W. von Henke, "Formal Verification for Time-Triggered Clock Synchronization," Dependable Computing for Critical Applications - 7, J. Rushby, ed., San Jose, Calif., Jan. 1999. Dependable Computing and Fault Tolerant Systems, pp. 207-286, C.B. Weinstock and J. Rushby, eds., IEEE Computer Society.
    • Dependable Computing for Critical Applications - 7 , pp. 1999
    • Pfeifer, H.1    Schwier, D.2    Von Henke, F.W.3
  • 42
    • 0023400323 scopus 로고
    • Clock Synchronization in Distributed Real-Time Systems
    • Aug.
    • H. Kopetz and W. Ochsenreiter, "Clock Synchronization in Distributed Real-Time Systems," IEEE Trans. Computers, vol. 36, no. 8, pp. 933-940, Aug. 1987
    • (1987) IEEE Trans. Computers , vol.36 , Issue.8 , pp. 933-940
    • Kopetz, H.1    Ochsenreiter, W.2
  • 43
    • 84903830446 scopus 로고    scopus 로고
    • Avoiding the Babbling-Idiot Failure in a Time-Triggered Communication System
    • Munich, Germany, June
    • C. Temple, "Avoiding the Babbling-Idiot Failure in a Time-Triggered Communication System," Proc. Fault Tolerant Computing Symp. 28, pp. 218-227, Munich, Germany, June 1998.
    • (1998) Proc. Fault Tolerant Computing Symp. , vol.28 , pp. 218-227
    • Temple, C.1
  • 45
    • 0001013288 scopus 로고
    • MJRTY - A Fast Majority Vote Algorithm
    • R.S. Boyer, ed., Dordrecht, The Netherlands: Kluwer Academic
    • R.S. Boyer and J.S. Moore, "MJRTY - A Fast Majority Vote Algorithm," Automated Reasoning: Essays in Honor of Woody Eledsoe, R.S. Boyer, ed., vol. 1, pp. 105-117, Dordrecht, The Netherlands: Kluwer Academic, 1991.
    • (1991) Automated Reasoning: Essays in Honor of Woody Eledsoe , vol.1 , pp. 105-117
    • Boyer, R.S.1    Moore, J.S.2
  • 47
    • 84949214168 scopus 로고    scopus 로고
    • Low-Overhead Time-Triggered Group Membership
    • M. Mavronicolas and P. Tsigas, eds., Saarbrüken, Germany, Lecture Notes in Computer Science Springer-Verlag, Sept. 1997.
    • S. Katz, P. Lincoln, and J. Rushby, "Low-Overhead Time-Triggered Group Membership," Proc. 11th Int'l Workshop Distributed Algorithms (WDAG '97), pp. 155-169, M. Mavronicolas and P. Tsigas, eds., Saarbrüken, Germany, Lecture Notes in Computer Science 1320, Springer-Verlag, Sept. 1997.
    • (1997) Proc. 11th Int'l Workshop Distributed Algorithms (WDAG '97) , vol.1320 , pp. 155-169
    • Katz, S.1    Lincoln, P.2    Rushby, J.3
  • 49
    • 33749898676 scopus 로고
    • J. Vytopil, ed., Nijmegen, The Netherlands, Lecture Notes in Computer Science 571, Springer-Verlag, Jan.
    • Formal Techniques in Real-Time and Fault-Tolerant Systems, J. Vytopil, ed., Nijmegen, The Netherlands, Lecture Notes in Computer Science 571, Springer-Verlag, Jan. 1992.
    • (1992) Formal Techniques in Real-Time and Fault-Tolerant Systems


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.