@incollection(abdulla06, author = {P. {Abdulla} and J. {Deneux} and {St\IeC{\r a}lmarck}, G. and {\IeC{\r A}gren}, H. and {\IeC{\r A}kerlund}, O.}, year = {2006}, title = {Designing Safe, Reliable Systems Using {SCADE}}, booktitle = {Leveraging Applications of Formal Methods}, series = {LNCS 4313}, publisher = {Springer}, pages = {115--129}, doi = {10.1007/11925040\_8}, ) @inproceedings(ake99, author = {O. {Akerlund} and {Nadjm-Tehrani}, S. and {St\IeC{\r a}lmarck}, G.}, year = {1999}, title = {{Integration of Formal Methods into System Safety and Reliability Analysis}}, booktitle = {Proceedings of 17th International Systems Safety Conference}, pages = {326--336}, ) @incollection(bie02, author = {P. {Bieber} and C. {Castel} and C. {Seguin}}, year = {2002}, title = {{Combination of Fault Tree Analysis and Model Checking for Safety Assessment of Complex System}}, booktitle = {Dependable Computing EDCC-4}, publisher = {Springer}, pages = {19--31}, doi = {10.1007/3-540-36080-8\_3}, ) @article(boz07, author = {M. {Bozzano} and A. {Villafiorita}}, year = {2007}, title = {{The FSAP/NuSMV-SA Safety Analysis Platform}}, journal = {International Journal on Software Tools for Technology Transfer}, volume = {9}, number = {1}, pages = {5--24}, doi = {10.1007/s10009-006-0001-2}, ) @article(bry86, author = {R.E. {Bryant}}, year = {1986}, title = {{Graph-Based Algorithms for Boolean Function Manipulation}}, journal = {IEEE Transactions on Computers}, volume = {C-35}, number = {8}, pages = {677--691}, doi = {10.1109/TC.1986.1676819}, ) @article(cerone08, author = {A. {Cerone} and S. {Connelly} and P. A. {Lindsay}}, year = {2008}, title = {Formal analysis of human operator behavioural patterns in interactive surveillance systems}, journal = {Software and Systems Modeling}, volume = {7}, number = {3}, pages = {273--286}, doi = {10.1007/s10270-007-0072-x}, ) @article(ChaSon03, author = {S. {Cha} and H. {Son} and J. {Yoo} and E. {Jee} and P.H. {Seong}}, year = {2003}, title = {Systematic Evaluation of Fault Trees using Real-time Model Checker {UPPAAL}}, journal = {Reliability Engineering \& System Safety}, volume = {82}, number = {1}, pages = {11 -- 20}, doi = {10.1016/S0951-8320(03)00059-0}, ) @book(cla99, author = {{Clarke, Jr.}, E.M. and O. {Grumberg} and D.A. {Peled}}, year = {1999}, title = {Model Checking}, publisher = {MIT Press}, ) @article(cou92, author = {C. {Courcoubetis} and M.Y. {Vardi} and P. {Wolper} and M. {Yannakakis}}, year = {1992}, title = {{Memory-Efficient Algorithms for the Verification of Temporal Properties}}, journal = {Formal Methods in System Design}, volume = {1}, number = {2/3}, pages = {275--288}, doi = {10.1007/BF00121128}, ) @inproceedings(dro03, author = {R.G. {Dromey}}, year = {2003}, title = {{From Requirements to Design: Formalizing the Key Steps}}, booktitle = {1st International Conference on Software Engineering and Formal Methods}, publisher = {IEEE Computer Society}, pages = {2--11}, doi = {10.1109/SEFM.2003.1236202}, ) @misc(iec61508, author = {{International Electrotechnical Commission}}, year = {2010}, title = {{Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems. Part 1: General requirements}}, howpublished = {International Standard IEC~61508-1}, ) @article(koz83, author = {D. {Kozen}}, year = {1983}, title = {{Results on the Propositional mu-Calculus}}, journal = {Theoretical Computer Science}, volume = {27}, pages = {333--354}, doi = {10.1016/0304-3975(82)90125-6}, ) @phdthesis(kro14, author = {S. {Kromodimoeljo}}, year = {2014}, title = {Controlling the Generation of Multiple Counterexamples in LTL Model Checking}, type = {phdthesis}, doi = {10.14264/uql.2015.16}, ) @book(lev95, author = {N. {Leveson}}, year = {1995}, title = {{Safeware - System Safety and Computers: A Guide to Preventing Accidents and Losses caused by Technology}}, publisher = {Addison-Wesley}, ) @article(gru11, author = {L.{Grunske} and K. {Winter} and N. {Yatapanage} and S. {Zafar,Saad} and P.A. {Lindsay}}, year = {2011}, title = {Experience with Fault Injection Experiments for FMEA}, journal = {Software: Practice and Experience}, volume = {41}, number = {11}, pages = {1233--1258}, doi = {10.1002/spe.1039}, ) @inproceedings(lin12, author = {P.A. {Lindsay} and K. {Winter} and S. {Kromodimoeljo}}, year = {2012}, title = {{Model-based Safety Risk Assessment using Behavior Trees}}, booktitle = {Proceedings of the 6th Asia Pacific Conference on System Engineering}, publisher = {Systems Engineering Society of Australia}, url = {http://staff.itee.uq.edu.au/pal/papers/SETE2012.pdf}, ) @article(lin12b, author = {P.A. {Lindsay} and N. {Yatapanage} and K. {Winter}}, year = {2012}, title = {{Cut Set Analysis using Behavior Trees and Model Checking}}, journal = {Formal Aspects of Computing}, volume = {24}, number = {2}, pages = {249--266}, doi = {10.1007/s00165-011-0181-8}, ) @article(min93, author = {S. {Minato}}, year = {1993}, title = {{Fast Generation of Prime-Irredundant Covers from Binary Decision Diagrams}}, journal = {IEICE Transactions on Fundamentals of}, volume = {E76-A}, number = {6}, pages = {967--973}, ) @article(mor70, author = {E. {Morreale}}, year = {1970}, title = {{Recursive Operators for Prime Implicant and Irredundant Normal Form Determination}}, journal = {IEEE Transactions on Computers}, volume = {19}, number = {6}, pages = {504--509}, doi = {10.1109/T-C.1970.222967}, ) @inproceedings(mou04, author = {L. de {Moura} and S. {Owre} and {Rue\IeC{\ss}}, H. and J. {Rushby} and N. {Shankar} and M. {Sorea} and A. {Tiwari}}, year = {2004}, title = {{SAL 2}}, booktitle = {16th International Conference on Computer Aided Verification}, series = {LNCS 3114}, publisher = {Springer}, pages = {496--500}, doi = {10.1007/978-3-540-27813-9\_45}, ) @article(ort06, author = {F. {Ortmeier} and W. {Reif} and G. {Schellhorn}}, year = {2006}, title = {Deductive Cause-Consequence Analysis (DCCA)}, journal = {Proceedings of IFAC World Congress}, ) @article(OrtSch07, author = {F. {Ortmeier} and G. {Schellhorn}}, year = {2007}, title = {{Formal Fault Tree Analysis} - Practical Experiences}, journal = {Electronic Notes in Theoretical Computer Science}, volume = {185}, pages = {139 -- 151}, doi = {10.1016/j.entcs.2007.05.034}, ) @inproceedings(papadopoulosMaruhn01, author = {Y. {Papadopoulos} and M. {Maruhn}}, year = {2001}, title = {Model-Based Synthesis of Fault Trees from {Matlab-Simulink} Models}, booktitle = {Proc.\ Int.\ Conf.\ on Dependable Systems and Networks (DSN 2001)}, publisher = {IEEE Computer Society}, pages = {77--82}, doi = {10.1109/DSN.2001.941393}, ) @inproceedings(pel96, author = {D. {Peled} and T. {Wilke} and P. {Wolper}}, year = {1996}, title = {An Algorithmic Approach for Checking Closure Properties of $\omega$-Regular Languages}, booktitle = {7th International Conference on Concurrency Theory}, series = {LNCS 1119}, publisher = {Springer}, pages = {596--610}, doi = {10.1016/S0304-3975(97)00219-3}, ) @inproceedings(pnu77, author = {A. {Pnueli}}, year = {1977}, title = {{The Temporal Logic of Programs}}, booktitle = {18th Annual Symposium on Foundations of Computer Science}, publisher = {IEEE Computer Society}, pages = {46--57}, doi = {10.1109/SFCS.1977.32}, ) @inproceedings(rae04, author = {A. {Rae} and P. {Lindsay}}, year = {2004}, title = {{A Behaviour-based Method for Fault Tree Generation}}, booktitle = {Proceedings of 22nd Internatonal System Safety Conference}, publisher = {System Safety Society}, pages = {289--298}, )