
B. Finkbeiner, M. Gieseking, J. HeckingHarbusch, und E. Olderog, "Global Winning Conditions in Synthesis of Distributed Systems with Causal Memory" in Proc. 30th EACSL Annual Conference on Computer Science Logic, CSL 2022, February 1419, 2022, Göttingen, Germany (Virtual Conference), 2022, p. 20:120:19.
@inproceedings{DBLP:conf/csl/FinkbeinerGHO22,
author = {Bernd Finkbeiner and Manuel Gieseking and Jesko HeckingHarbusch and ErnstR{\"{u}}diger Olderog},
title = {Global Winning Conditions in Synthesis of Distributed Systems with Causal Memory},
booktitle = {30th {EACSL} Annual Conference on Computer Science Logic, {CSL} 2022, February 1419, 2022, G{\"{o}}ttingen, Germany (Virtual Conference)},
pages = {20:120:19},
year = {2022},
url = {https://doi.org/10.4230/LIPIcs.CSL.2022.20},
doi = {10.4230/LIPIcs.CSL.2022.20},
timestamp = {Thu, 27 Jan 2022 17:51:51 +0100},
biburl = {https://dblp.org/rec/conf/csl/FinkbeinerGHO22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

K. R. Apt und E. R. Olderog, "Nondeterminism and Guarded Commands" in Edsger Wybe Dijkstra: His Life, Work, and Legacy, Apt, K. R. und Hoare, T., Eds., ACM / Morgan & Claypool, 2022, pp. 169204.
@incollection{DBLP:books/mc/22/AptO22,
author = {Krzysztof R. Apt and E.R. Olderog},
editor = {Krzysztof R. Apt and Tony Hoare},
title = {Nondeterminism and Guarded Commands},
booktitle = {Edsger Wybe Dijkstra: His Life, Work, and Legacy},
pages = {169204},
publisher = {{ACM} / Morgan {\&} Claypool},
year = {2022},
url = {https://doi.org/10.1145/3544585.3544595},
doi = {10.1145/3544585.3544595},
timestamp = {Fri, 15 Jul 2022 10:31:05 +0200},
biburl = {https://dblp.org/rec/books/mc/22/AptO22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

P. Hannibal und E. R. Olderog, "The Synthesis Problem for Repeatedly Communicating Petri Games" in Proc. Application and Theory of Petri Nets and Concurrency  43rd International Conference, PETRI NETS 2022, Bergen, Norway, June 1924, 2022, Proceedings, 2022, pp. 236257.
@inproceedings{DBLP:conf/apn/HannibalO22,
author = {Paul Hannibal and E.R. Olderog},
editor = {Luca Bernardinello and Laure Petrucci},
title = {The Synthesis Problem for Repeatedly Communicating Petri Games},
booktitle = {Application and Theory of Petri Nets and Concurrency  43rd International Conference, {PETRI} {NETS} 2022, Bergen, Norway, June 1924, 2022, Proceedings},
series = {Lecture Notes in Computer Science},
volume = {13288},
pages = {236257},
publisher = {Springer},
year = {2022},
url = {https://doi.org/10.1007/9783031066535\_13},
doi = {10.1007/9783031066535\_13},
timestamp = {Mon, 20 Jun 2022 16:55:49 +0200},
biburl = {https://dblp.org/rec/conf/apn/HannibalO22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

B. Finkbeiner, M. Gieseking, J. H. , und E. R. Olderog, "Global Winning Conditions in Synthesis of Distributed Systems with Causal Memory" in Proc. 30th EACSL Annual Conference on Computer Science Logic, CSL 2022, February 1419, 2022, Göttingen, Germany (Virtual Conference), 2022, p. 20:120:19.
@inproceedings{DBLP:conf/csl/FinkbeinerGHO22,
author = {Bernd Finkbeiner and Manuel Gieseking and Jesko Hecking{}Harbusch and E.R Olderog},
editor = {Florin Manea and Alex Simpson},
title = {Global Winning Conditions in Synthesis of Distributed Systems with Causal Memory},
booktitle = {30th {EACSL} Annual Conference on Computer Science Logic, {CSL} 2022, February 1419, 2022, G{\"{o}}ttingen, Germany (Virtual Conference)},
series = {LIPIcs},
volume = {216},
pages = {20:120:19},
publisher = {Schloss Dagstuhl  LeibnizZentrum f{\"{u}}r Informatik},
year = {2022},
url = {https://doi.org/10.4230/LIPIcs.CSL.2022.20},
doi = {10.4230/LIPIcs.CSL.2022.20},
timestamp = {Thu, 27 Jan 2022 17:51:51 +0100},
biburl = {https://dblp.org/rec/conf/csl/FinkbeinerGHO22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

M. Gieseking und N. Würdemann, "Canonical Representations for Direct Generation of Strategies in Highlevel Petri Games (Full Version)" CoRR, vol. abs/2103.10207, 2021.
@article{DBLP:journals/corr/abs210310207,
author = {Manuel Gieseking and Nick W{\"{u}}rdemann},
title = {Canonical Representations for Direct Generation of Strategies in Highlevel Petri Games (Full Version)},
journal = {CoRR},
volume = {abs/2103.10207},
year = {2021},
url = {https://arxiv.org/abs/2103.10207},
archiveprefix = {arXiv},
eprint = {2103.10207},
biburl = {https://dblp.org/rec/journals/corr/abs210310207.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

K. R. Apt und E. Olderog, "Assessing the Success and Impact of Hoare's Logic" in Theories of Programming: The Life and Works of Tony Hoare, , 2021, pp. 4176.
@incollection{DBLP:books/mc/21/AptO21,
author = {Krzysztof R. Apt and ErnstR{\"{u}}diger Olderog},
title = {Assessing the Success and Impact of Hoare's Logic},
booktitle = {Theories of Programming: The Life and Works of Tony Hoare},
pages = {4176},
year = {2021},
url = {https://doi.org/10.1145/3477355.3477359},
doi = {10.1145/3477355.3477359},
timestamp = {Tue, 05 Oct 2021 10:22:06 +0200},
biburl = {https://dblp.org/rec/books/mc/21/AptO21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

M. Gieseking und E. Olderog, "HighLevel Representation of Benchmark Families for Petri Games" in Proc. Model Checking, Synthesis, and Learning  Essays Dedicated to Bengt Jonsson on The Occasion of His 60th Birthday, 2021, pp. 115137.
@inproceedings{DBLP:conf/birthday/GiesekingO21,
author = {Manuel Gieseking and ErnstR{\"{u}}diger Olderog},
title = {HighLevel Representation of Benchmark Families for Petri Games},
booktitle = {Model Checking, Synthesis, and Learning  Essays Dedicated to Bengt Jonsson on The Occasion of His 60th Birthday},
pages = {115137},
year = {2021},
url = {https://doi.org/10.1007/9783030913847\_7},
doi = {10.1007/9783030913847\_7},
timestamp = {Fri, 21 Jan 2022 22:02:45 +0100},
biburl = {https://dblp.org/rec/conf/birthday/GiesekingO21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

E. Olderog, B. Steffen, und W. Yi, "Model Checking, Synthesis, and Learning" in Proc. Model Checking, Synthesis, and Learning  Essays Dedicated to Bengt Jonsson on The Occasion of His 60th Birthday, 2021, pp. 17.
@inproceedings{DBLP:conf/birthday/OlderogS021,
author = {ErnstR{\"{u}}diger Olderog and Bernhard Steffen and Wang Yi},
title = {Model Checking, Synthesis, and Learning},
booktitle = {Model Checking, Synthesis, and Learning  Essays Dedicated to Bengt Jonsson on The Occasion of His 60th Birthday},
pages = {17},
year = {2021},
url = {https://doi.org/10.1007/9783030913847\_1},
doi = {10.1007/9783030913847\_1},
timestamp = {Tue, 11 Jan 2022 18:34:32 +0100},
biburl = {https://dblp.org/rec/conf/birthday/OlderogS021.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

O. Özkan und N. Würdemann, "Resilience of Wellstructured Graph Transformation Systems" CoRR, vol. abs/2108.00889, 2021.
@article{DBLP:journals/corr/abs210800889,
author = {Okan {\"{O}}zkan and Nick W{\"{u}}rdemann},
title = {Resilience of Wellstructured Graph Transformation Systems},
journal = {CoRR},
volume = {abs/2108.00889},
year = {2021},
url = {https://arxiv.org/abs/2108.00889},
eprinttype = {arXiv},
eprint = {2108.00889},
timestamp = {Thu, 05 Aug 2021 14:27:08 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs210800889.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

E. Olderog, M. Fränzle, O. E. Theel, und P. Kröger, "System correctness under adverse conditions" it Inf. Technol., vol. 63, iss. 56, pp. 249251, 2021.
@article{DBLP:journals/it/OlderogFTK21,
author = {ErnstR{\"{u}}diger Olderog and Martin Fr{\"{a}}nzle and Oliver E. Theel and Paul Kr{\"{o}}ger},
title = {System correctness under adverse conditions},
journal = {it Inf. Technol.},
volume = {63},
number = {56},
pages = {249251},
year = {2021},
url = {https://doi.org/10.1515/itit20210043},
doi = {10.1515/itit20210043},
timestamp = {Fri, 19 Nov 2021 11:34:13 +0100},
biburl = {https://dblp.org/rec/journals/it/OlderogFTK21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

N. Würdemann, "Exploiting symmetries of highlevel Petri games in distributed synthesis" it Inf. Technol., vol. 63, iss. 56, pp. 321331, 2021.
@article{DBLP:journals/it/Wurdemann21,
author = {Nick W{\"{u}}rdemann},
title = {Exploiting symmetries of highlevel Petri games in distributed synthesis},
journal = {it Inf. Technol.},
volume = {63},
number = {56},
pages = {321331},
year = {2021},
url = {https://doi.org/10.1515/itit20210012},
doi = {10.1515/itit20210012},
timestamp = {Fri, 19 Nov 2021 11:34:13 +0100},
biburl = {https://dblp.org/rec/journals/it/Wurdemann21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

Model Checking, Synthesis, and Learning  Essays Dedicated to Bengt Jonsson on The Occasion of His 60th BirthdaySpringer, 2021.
@proceedings{DBLP:conf/birthday/2021jonsson, editor = {ErnstR{\"{u}}diger Olderog and Bernhard Steffen and Wang Yi},
title = {Model Checking, Synthesis, and Learning  Essays Dedicated to Bengt Jonsson on The Occasion of His 60th Birthday},
series = {Lecture Notes in Computer Science},
volume = {13030},
publisher = {Springer},
year = {2021},
url = {https://doi.org/10.1007/9783030913847},
doi = {10.1007/9783030913847},
isbn = {9783030913830},
timestamp = {Tue, 11 Jan 2022 18:33:29 +0100},
biburl = {https://dblp.org/rec/conf/birthday/2021jonsson.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

M. Gieseking und N. Würdemann, "Canonical Representations for Direct Generation of Strategies in HighLevel Petri Games" in Proc. Application and Theory of Petri Nets and Concurrency  42nd International Conference, PETRI NETS 2021, Virtual Event, June 2325, 2021, Proceedings, 2021, pp. 95117.
@inproceedings{DBLP:conf/apn/GiesekingW21,
author = {Manuel Gieseking and Nick W{\"{u}}rdemann},
editor = {Didier Buchs and Josep Carmona},
title = {Canonical Representations for Direct Generation of Strategies in HighLevel Petri Games},
booktitle = {Application and Theory of Petri Nets and Concurrency  42nd International Conference, {PETRI} {NETS} 2021, Virtual Event, June 2325, 2021, Proceedings},
series = {Lecture Notes in Computer Science},
volume = {12734},
pages = {95117},
publisher = {Springer},
year = {2021},
url = {https://doi.org/10.1007/9783030769833\_6},
doi = {10.1007/9783030769833\_6},
timestamp = {Wed, 16 Jun 2021 13:05:52 +0200},
biburl = {https://dblp.org/rec/conf/apn/GiesekingW21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

M. Gieseking, J. HeckingHarbusch, und A. Yanich, "A Web Interface for Petri Nets with Transits and Petri Games" in Proc. Tools and Algorithms for the Construction and Analysis of Systems  27th International Conference, TACAS 2021, Part II, 2021, pp. 381388.
@inproceedings{DBLP:conf/tacas/GiesekingHY21,
author = {Manuel Gieseking and Jesko HeckingHarbusch and Ann Yanich},
editor = {Jan Friso Groote and Kim Guldstrand Larsen},
title = {A Web Interface for Petri Nets with Transits and Petri Games},
booktitle = {Tools and Algorithms for the Construction and Analysis of Systems  27th International Conference, {TACAS} 2021, Part {II}},
series = {Lecture Notes in Computer Science},
volume = {12652},
pages = {381388},
publisher = {Springer},
year = {2021},
url = {https://doi.org/10.1007/9783030720131\_22},
doi = {10.1007/9783030720131\_22},
timestamp = {Wed, 24 Mar 2021 17:22:09 +0100},
biburl = {https://dblp.org/rec/conf/tacas/GiesekingHY21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

B. Finkbeiner, M. Gieseking, J. HeckingHarbusch, und E. Olderog, "AdamMC: A Model Checker for Petri Nets with Transits against FlowLTL (Full Version)" CoRR, vol. abs/2005.07130, 2020.
@article{DBLP:journals/corr/abs200507130,
author = {Bernd Finkbeiner and Manuel Gieseking and Jesko HeckingHarbusch and ErnstR{\"{u}}diger Olderog},
title = {AdamMC: {A} Model Checker for Petri Nets with Transits against FlowLTL (Full Version)},
journal = {CoRR},
volume = {abs/2005.07130},
year = {2020},
url = {https://arxiv.org/abs/2005.07130},
archiveprefix = {arXiv},
eprint = {2005.07130},
timestamp = {Fri, 22 May 2020 16:21:28 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs200507130.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

B. Finkbeiner, M. Gieseking, J. HeckingHarbusch, und E. Olderog, "Model Checking Branching Properties on Petri Nets with Transits (Full Version)" CoRR, vol. abs/2007.07235, 2020.
@article{DBLP:journals/corr/abs200707235,
author = {Bernd Finkbeiner and Manuel Gieseking and Jesko HeckingHarbusch and ErnstR{\"{u}}diger Olderog},
title = {Model Checking Branching Properties on Petri Nets with Transits (Full Version)},
journal = {CoRR},
volume = {abs/2007.07235},
year = {2020},
url = {https://arxiv.org/abs/2007.07235},
archiveprefix = {arXiv},
eprint = {2007.07235},
timestamp = {Tue, 21 Jul 2020 12:53:33 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs200707235.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

B. Finkbeiner, M. Gieseking, J. HeckingHarbusch, und E. Olderog, "Model Checking Branching Properties on Petri Nets with Transits" in Proc. Automated Technology for Verification and Analysis  18th International Symposium, ATVA 2020, Hanoi, Vietnam, October 1923, 2020, Proceedings, 2020, pp. 394410.
@inproceedings{DBLP:conf/atva/FinkbeinerGHO20,
author = {Bernd Finkbeiner and Manuel Gieseking and Jesko HeckingHarbusch and ErnstR{\"{u}}diger Olderog},
title = {Model Checking Branching Properties on Petri Nets with Transits},
booktitle = {Automated Technology for Verification and Analysis  18th International Symposium, {ATVA} 2020, Hanoi, Vietnam, October 1923, 2020, Proceedings},
pages = {394410},
year = {2020},
optcrossref = {DBLP:conf/atva/2020},
url = {https://doi.org/10.1007/9783030591526\_22},
doi = {10.1007/9783030591526\_22},
timestamp = {Tue, 13 Oct 2020 16:57:38 +0200},
biburl = {https://dblp.org/rec/conf/atva/FinkbeinerGHO20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

B. Finkbeiner, M. Gieseking, J. HeckingHarbusch, und E. Olderog, "AdamMC: A Model Checker for Petri Nets with Transits against FlowLTL" in Proc. Computer Aided Verification  32nd International Conference, CAV 2020, Los Angeles, CA, USA, July 2124, 2020, Proceedings, Part II, 2020, pp. 6476.
@inproceedings{DBLP:conf/cav/FinkbeinerGHO20,
author = {Bernd Finkbeiner and Manuel Gieseking and Jesko HeckingHarbusch and ErnstR{\"{u}}diger Olderog},
title = {AdamMC: {A} Model Checker for Petri Nets with Transits against FlowLTL},
booktitle = {Computer Aided Verification  32nd International Conference, {CAV} 2020, Los Angeles, CA, USA, July 2124, 2020, Proceedings, Part {II}},
pages = {6476},
year = {2020},
optcrossref = {DBLP:conf/cav/20202},
url = {https://doi.org/10.1007/9783030532918\_5},
doi = {10.1007/9783030532918\_5},
timestamp = {Fri, 17 Jul 2020 12:05:42 +0200},
biburl = {https://dblp.org/rec/conf/cav/FinkbeinerGHO20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

M. Gieseking, E. Olderog, und N. Würdemann, "Solving highlevel Petri games" Acta Inf., vol. 57, iss. 35, pp. 591626, 2020.
@article{DBLP:journals/acta/GiesekingOW20,
author = {Manuel Gieseking and ErnstR{\"{u}}diger Olderog and Nick W{\"{u}}rdemann},
title = {Solving highlevel Petri games},
journal = {Acta Inf.},
volume = {57},
number = {35},
pages = {591626},
year = {2020},
url = {https://doi.org/10.1007/s00236020003685},
doi = {10.1007/s00236020003685},
timestamp = {Fri, 22 May 2020 21:54:01 +0200},
biburl = {https://dblp.org/rec/journals/acta/GiesekingOW20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

M. Gieseking und E. Olderog, "HighLevel Representation of Benchmark Families for Petri Games" CoRR, vol. abs/1904.05621, 2019.
@article{DBLP:journals/corr/abs190405621,
author = {Manuel Gieseking and ErnstR{\"{u}}diger Olderog},
title = {HighLevel Representation of Benchmark Families for Petri Games},
journal = {CoRR},
volume = {abs/1904.05621},
year = {2019},
url = {http://arxiv.org/abs/1904.05621},
archiveprefix = {arXiv},
eprint = {1904.05621},
timestamp = {Thu, 25 Apr 2019 13:55:01 +0200},
biburl = {https://dblp.org/rec/bib/journals/corr/abs190405621},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

B. Finkbeiner, M. Gieseking, J. HeckingHarbusch, und E. Olderog, "Model Checking Data Flows in Concurrent Network Updates (Full Version)" CoRR, vol. abs/1907.11061, 2019.
@article{DBLP:journals/corr/abs190711061,
author = {Bernd Finkbeiner and Manuel Gieseking and Jesko HeckingHarbusch and ErnstR{\"{u}}diger Olderog},
title = {Model Checking Data Flows in Concurrent Network Updates (Full Version)},
journal = {CoRR},
volume = {abs/1907.11061},
year = {2019},
url = {http://arxiv.org/abs/1907.11061},
archiveprefix = {arXiv},
eprint = {1907.11061},
timestamp = {Thu, 01 Aug 2019 08:59:33 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs190711061.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

B. Finkbeiner, M. Gieseking, J. HeckingHarbusch, und E. Olderog, "Model Checking Data Flows in Concurrent Network Updates" in Proc. Automated Technology for Verification and Analysis  17th International Symposium, ATVA 2019, Taipei, Taiwan, October 2831, 2019, Proceedings, 2019, pp. 515533.
@inproceedings{DBLP:conf/atva/FinkbeinerGHO19,
author = {Bernd Finkbeiner and Manuel Gieseking and Jesko HeckingHarbusch and ErnstR{\"{u}}diger Olderog},
title = {Model Checking Data Flows in Concurrent Network Updates},
booktitle = {Automated Technology for Verification and Analysis  17th International Symposium, {ATVA} 2019, Taipei, Taiwan, October 2831, 2019, Proceedings},
pages = {515533},
year = {2019},
optcrossref = {DBLP:conf/atva/2019},
url = {http://www.unioldenburg.de/fileadmin/user\_upload/f2informcsd/FinGieHecOld19.pdf},
opturl = {https://doi.org/10.1007/9783030317843\_30},
doi = {10.1007/9783030317843\_30},
timestamp = {Tue, 22 Oct 2019 15:35:01 +0200},
biburl = {https://dblp.org/rec/bib/conf/atva/FinkbeinerGHO19},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

C. Bischopink und M. Schwammberger, "Verification of Fair Controllers for Urban Traffic Manoeuvres at Intersections" in Proc. Formal Methods. FM 2019 International Workshops  Porto, Portugal, October 711, 2019, Revised Selected Papers, Part I, 2019, pp. 249264.
@inproceedings{DBLP:conf/fm/BischopinkS19,
author = {Christopher Bischopink and Maike Schwammberger},
editor = {Emil Sekerinski and Nelma Moreira and Jos{\'{e}} N. Oliveira and Daniel Ratiu and Riccardo Guidotti and Marie Farrell and Matt Luckcuck and Diego Marmsoler and Jos{\'{e}} Campos and Troy Astarte and Laure Gonnord and Antonio Cerone and Luis Couto and Brijesh Dongol and Martin Kutrib and Pedro Monteiro and David Delmas},
title = {Verification of Fair Controllers for Urban Traffic Manoeuvres at Intersections},
booktitle = {Formal Methods. {FM} 2019 International Workshops  Porto, Portugal, October 711, 2019, Revised Selected Papers, Part {I}},
series = {Lecture Notes in Computer Science},
volume = {12232},
pages = {249264},
publisher = {Springer},
year = {2019},
url = {https://doi.org/10.1007/9783030549947\_18},
doi = {10.1007/9783030549947\_18},
timestamp = {Mon, 17 Aug 2020 17:09:20 +0200},
biburl = {https://dblp.org/rec/conf/fm/BischopinkS19.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

D. Rahmatov, O. Theel, und M. Gieseking, "Towards a Composition of RegionAdherent Systems" in Proc. The Fourteenth International Conference on Networking and Services, ICNS 2018, 2024 May 2018, Nice, France, 2018, pp. 2126.
@inproceedings{conf/icns/RahmatovTG18,
author = {Dilshod Rahmatov and Oliver Theel and Manuel Gieseking},
title = {Towards a Composition of RegionAdherent Systems},
booktitle = {The Fourteenth International Conference on Networking and Services, {ICNS} 2018, 2024 May 2018, Nice, France},
pages = {2126},
year = {2018}
}

M. Schwammberger, "Introducing Liveness into Multilane Spatial Logic lane change controllers using UPPAAL" in Proc. Proceedings 2nd International Workshop on Safe Control of Autonomous Vehicles, SCAV@CPSWeek 2018, Porto, Portugal, 10th April 2018., 2018, pp. 1731.
@inproceedings{Schwammberger18a,
author = {Maike Schwammberger},
title = {Introducing Liveness into Multilane Spatial Logic lane change controllers using {UPPAAL}},
editor = {Mario Gleirscher and Stefan Kugele and Sven Linker},
booktitle = {Proceedings 2nd International Workshop on Safe Control of Autonomous Vehicles, SCAV@CPSWeek 2018, Porto, Portugal, 10th April 2018.},
series = {{EPTCS}},
volume = {269},
pages = {1731},
year = {2018},
url = {https://doi.org/10.4204/EPTCS.269.3}
}

E. R. Olderog, "Space for Traffic Manoeuvres  An Overview" in Proc. Symposium on RealTime and Hybrid Systems, 2018, pp. 211230.
@inproceedings{Olderog18,
author = {E.R. Olderog},
title = {Space for Traffic Manoeuvres  An Overview},
editor = {Cliff Jones and Ji Wang and Naijun Zhan},
booktitle = {Symposium on RealTime and Hybrid Systems},
pages = {211230},
series = {LNCS},
volume = {11180},
publisher = {Springer},
year = {2018},
url = {https://doi.org/10.1007/9783030014612_11}
}

M. Schwammberger, "An abstract model for proving safety of autonomous urban traffic" Theor. Comput. Sci., vol. 744, pp. 143169, 2018.
@article{DBLP:journals/tcs/Schwammberger18,
author = {Maike Schwammberger},
title = {An abstract model for proving safety of autonomous urban traffic},
journal = {Theor. Comput. Sci.},
volume = {744},
pages = {143169},
year = {2018},
url = {https://doi.org/10.1016/j.tcs.2018.05.028},
doi = {10.1016/j.tcs.2018.05.028},
timestamp = {Fri, 28 Sep 2018 17:00:52 +0200},
biburl = {https://dblp.org/rec/bib/journals/tcs/Schwammberger18},
bibsource = {dblp computer science bibliography, https://dblp.org}
}

Provably Correct Systems, Hinchey, M. G., Bowen, J. P., und Olderog, E. R., Eds., SpringerVerlag, 2017.
@book{HBO17, editor = {M. G. Hinchey and J. P. Bowen and E.R. Olderog },
title = {Provably Correct Systems},
series = {NASA Monographs in System and Software Engineering},
publisher = {SpringerVerlag},
year = {2017},
note = {328 pp, ISBN 9783319486277},
url = {https://link.springer.com/book/10.1007/9783319486284}
}

B. Finkbeiner und E. R. Olderog, "Petri Games: Synthesis of Distributed Systems with Causal Memory" Information and Computation, vol. 253, Part 2, pp. 181203, 2017.
@article{FinkbeinerOlderog16, title = {Petri Games: Synthesis of Distributed Systems with Causal Memory},
author = {B. Finkbeiner and E.R. Olderog},
journal = {Information and Computation},
volume = {253, Part 2 },
year = {2017},
pages = {181203},
url = {https://www.unioldenburg.de/fileadmin/user_upload/f2informcsd/pub/mainPGIC.pdf},
abstract = {We present a new multiplayer game model for the interaction and the flow of information in a distributed system. The players are tokens on a Petri net. As long as the players move in independent parts of the net, they do not know of each other; when they synchronize at a joint transition, each player gets informed of the causal history of the other player. We show that for Petri games with a single environment player and an arbitrary bounded number of system players, deciding the existence of a safety strategy for the system players is EXPTIMEcomplete.}
}

G. v. Bochmann, M. Hilscher, S. Linker, und E. R. Olderog, "Synthesizing and Verifying Controllers for Multilane Traffic Maneuvers" Formal Aspects of Computing, vol. 29, iss. 4, pp. 583600, 2017.
@article{BHLO17,
author = {G. v. Bochmann and M. Hilscher and S. Linker and E.R. Olderog},
title = {Synthesizing and Verifying Controllers for Multilane Traffic Maneuvers},
journal = {Formal Aspects of Computing},
volume = {29},
number = {4},
year = {2017},
pages = {583600},
doi = {10.1007/s0016501704244},
url = {https://www.unioldenburg.de/fileadmin/user_upload/informatik/ag/csd/pub/faocsynthesis.pdf}
}

E. R. Olderog, A.P.Ravn, und R. Wisniewski, "Linking Discrete and Dynamic Models: Applied to Traffic Manoevres" in Provably Correct Systems, Hinchey, M. G., Bowen, J. P., und Olderog, E. R., Eds., Springer, 2017, pp. 95120.
@incollection{ORW17,
author = {E.R. Olderog and A.P.Ravn and R. Wisniewski},
title = {Linking Discrete and Dynamic Models: Applied to Traffic Manoevres},
editor = {M.G. Hinchey and J.P. Bowen and E.R. Olderog},
booktitle = {Provably Correct Systems},
note = {NASA Monographs in Systems and Software Engineering},
publisher = {Springer},
year = {2017},
pages = {95120},
url = {https://www.unioldenburg.de/fileadmin/user_upload/informatik/ag/csd/pub/mainORW.pdf}
}

M. Schwammberger, "Imperfect Knowledge in Autonomous Urban Traffic Manoeuvres" in Proc. Proceedings First Workshop on Formal Verification of Autonomous Vehicles, FVAV@iFM 2017, Turin, Italy, 19th September 2017., 2017, pp. 5974.
@inproceedings{DBLP:journals/corr/abs170902559,
author = {Maike Schwammberger},
title = {Imperfect Knowledge in Autonomous Urban Traffic Manoeuvres},
booktitle = {Proceedings First Workshop on Formal Verification of Autonomous Vehicles, FVAV@iFM 2017, Turin, Italy, 19th September 2017.},
pages = {5974},
year = {2017},
url = {https://doi.org/10.4204/EPTCS.257.7},
doi = {10.4204/EPTCS.257.7},
timestamp = {Mon, 16 Oct 2017 16:32:11 +0200},
biburl = {http://dblp.org/rec/bib/journals/corr/abs170902559},
bibsource = {dblp computer science bibliography, http://dblp.org}
}

E. R. Olderog und M. Schwammberger, "Formalising a Hazard Warning Communication Protocol with Timed Automata" in Proc. Models, Algorithms, Logics and Tools, 2017, pp. 640660.
@inproceedings{OlderogSchwammberger17,
author = {E.R. Olderog and M. Schwammberger},
title = {Formalising a Hazard Warning Communication Protocol with Timed Automata},
editor = {Luca Aceto and Giorgio Bacci and Giovanni Bacci and Anna Ing{\'{o}}lfsd{\'{o}}ttir and Axel Legay and Radu Mardare},
booktitle = {Models, Algorithms, Logics and Tools},
pages = {640660},
series = {LNCS},
volume = {10460},
publisher = {Springer},
year = {2017},
url = {https://doi.org/10.1007/9783319631219_32}
}

B. Finkbeiner, M. Gieseking, J. HeckingHarbusch, und E. Olderog, "Symbolic vs. Bounded Synthesis for Petri Games" in Proc. Proceedings Sixth Workshop on Synthesis, SYNT@CAV 2017, Heidelberg, Germany, 22nd July 2017, 2017, pp. 2343.
@inproceedings{DBLP:journals/corr/abs171110637,
author = {Finkbeiner, Bernd and Gieseking, Manuel and HeckingHarbusch, Jesko and Olderog, ErnstR\"udiger},
year = {2017},
title = {Symbolic vs. Bounded Synthesis for Petri Games},
editor = {Fisman, Dana and Jacobs, Swen},
booktitle = {Proceedings Sixth Workshop on Synthesis, SYNT@CAV 2017, Heidelberg, Germany, 22nd July 2017},
series = {Electronic Proceedings in Theoretical Computer Science {(EPTCS)}},
volume = {260},
publisher = {Open Publishing Association},
pages = {2343},
doi = {10.4204/EPTCS.260.5},
url = {https://arxiv.org/abs/1711.10637}
}

H. Ody, "Monitoring of Traffic Manoeuvres with Imprecise Information" in Proc. Proceedings First Workshop on Formal Verification of Autonomous Vehicles, Turin, Italy, 19th September 2017, 2017, pp. 4358.
@inproceedings{Ody17,
author = {Ody, Heinrich},
year = {2017},
title = {Monitoring of Traffic Manoeuvres with Imprecise Information},
editor = {Bulwahn, Lukas and Kamali, Maryam and Linker, Sven},
booktitle = {{Proceedings First Workshop on} Formal Verification of Autonomous Vehicles, {Turin, Italy, 19th September 2017}},
series = {Electronic Proceedings in Theoretical Computer Science},
volume = {257},
publisher = {Open Publishing Association},
pages = {4358},
doi = {10.4204/EPTCS.257.6},
url = {https://arxiv.org/abs/1709.02558v1}
}

B. Engelmann und E. Olderog, "A Sound and Complete Hoare Logic for DynamicallyTyped, ObjectOriented Programs" in Proc. Proc. Theory and Practice of Formal Methods, 2016, pp. 173193.
@inproceedings{EngelmannOlderog2015,
author = {Bj\"orn Engelmann and ErnstR\"udiger Olderog},
title = {{A} {S}ound and {C}omplete {H}oare {L}ogic for {D}ynamically{T}yped, {O}bject{O}riented {P}rograms},
booktitle = {Proc. Theory and Practice of Formal Methods},
year = {2016},
editor = {Erika {\' A}brah{\' a}m and Marcello Bonsangue and Einar Broch Johnsen},
volume = {9660},
series = {LNCS},
publisher = {Springer},
pages = {173193},
url = {http://link.springer.com/chapter/10.1007%2F9783319307343_13},
optaddress = {Eindhoven, The Netherlands}
}

M. Hilscher und M. Schwammberger, "An Abstract Model for Proving Safety of Autonomous Urban Traffic" in Proc. Theoretical Aspects of Computing (ICTAC), 2016, pp. 274292.
@inproceedings{HS16,
author = {Hilscher, Martin and Schwammberger, Maike},
editor = {Sampaio, Augusto and Wang, Farn},
title = {An Abstract Model for Proving Safety of Autonomous Urban Traffic},
booktitle = {Theoretical Aspects of Computing (ICTAC)},
optbooktitle = {Theoretical Aspects of Computing  ICTAC 2016: 13th International Colloquium, Taipei, Taiwan, ROC, October 2431, 2016, Proceedings},
year = {2016},
publisher = {Springer},
optaddress = {Cham},
volume = {9965},
series = {LNCS},
pages = {274292},
isbn = {9783319467504},
doi = {10.1007/9783319467504_16}
}

H. Ody, M. Fränzle, und M. R. Hansen, "Discounted Duration Calculus" in Proc. FM 2016: Formal Methods  21st International Symposium, Limassol, Cyprus, November 911, 2016, Proceedings, 2016, pp. 577592.
@inproceedings{OFH16,
author = {Heinrich Ody and Martin Fr{\"{a}}nzle and Michael R. Hansen},
editor = {John S. Fitzgerald and Constance L. Heitmeyer and Stefania Gnesi and Anna Philippou},
title = {Discounted Duration Calculus},
booktitle = {{FM} 2016: Formal Methods  21st International Symposium, Limassol, Cyprus, November 911, 2016, Proceedings},
series = {Lecture Notes in Computer Science},
volume = {9995},
pages = {577592},
year = {2016},
url = {http://theoretica.informatik.unioldenburg.de/~sefie/files/discounteddurationcalculus.pdf},
doi = {10.1007/9783319489896_35},
timestamp = {Mon, 22 May 2017 17:11:19 +0200},
biburl = {http://dblp.unitrier.de/rec/bib/conf/fm/OdyFH16},
bibsource = {dblp computer science bibliography, http://dblp.org}
}

B. Engelmann, "Formally Verifying Dynamicallytyped Programs like Staticallytyped Ones  Another perspective" in Proc. Proceedings of the Young Researchers Conference Frontiers of Formal Methods, 2015.
@inproceedings{Eng2015,
author = {Bj{\"o}rn Engelmann},
title = {Formally Verifying Dynamicallytyped Programs like Staticallytyped Ones  Another perspective},
booktitle = {Proceedings of the Young Researchers Conference Frontiers of Formal Methods},
year = {2015},
url = {http://sunsite.informatik.rwthaachen.de/Publications/AIB/2015/201506.pdf}
}

M. Schwammberger, "Properties of Communicating Controllers for Safe Traffic Manoeuvres" in Proc. Proceedings of the Doctoral Symposium of Formal Methods 2015, 2015, pp. 37.
@inproceedings{MS15,
author = {Maike Schwammberger},
title = {Properties of Communicating Controllers for Safe Traffic Manoeuvres},
booktitle = {Proceedings of the Doctoral Symposium of Formal Methods 2015},
editor = {Aichernig, Bernhard K. and Rossini, Alessandro},
pages = {37},
year = 2015 }

E. R. Olderog und M. Swaminathan, "Structural Transformations for DataEnriched RealTime Systems" Formal Asp. Comput., vol. 27, pp. 727750, 2015.
@article{OlderogSwaminathan14,
author = {E.R Olderog and M. Swaminathan},
title = {Structural Transformations for DataEnriched RealTime Systems},
journal = {Formal Asp. Comput.},
volume = {27},
pages = {727750},
year = {2015},
url = {http://dx.doi.org/10.1007/s001650140306y}
}

B. Engelmann, E. R. Olderog, und N. Flick, Closing the Gap  Formally Verifying Dynamically Typed Programs like Statically Typed Ones Using Hoare Logic, 2015.
@misc{EOF2015,
author = {Bj{\"o}rn Engelmann and E.R Olderog and NilsErik Flick},
title = {Closing the Gap  Formally Verifying Dynamically Typed Programs like Statically Typed Ones Using Hoare Logic},
month = {January},
year = {2015},
howpublished = {arXiv:1501.02699v1 [cs.PL]},
abstract = {Dynamically typed objectoriented languages enable programmers to write elegant, reusable and extensible programs. However, with the current methodology for program verification, the absence of static type information creates significant overhead. Our proposal is twofold: First, we propose a layer of abstraction hiding the complexity of dynamic typing when provided with sufficient type information. Since this essentially creates the illusion of verifying a staticallytyped program, the effort required is equivalent to the staticallytyped case. Second, we show how the required type information can be efficiently derived for all typesafe programs by integrating a type inference algorithm into Hoare logic, yielding a semiautomatic procedure allowing the user to focus on those typing problems really requiring his attention. While applying type inference to dynamically typed programs is a wellestablished method by now, our approach complements conventional soft typing systems by offering formal proof as a third option besides modifying the program (static typing) and accepting the presence of runtime type errors (dynamic typing).},
url = {http://arxiv.org/abs/1501.02699}
}

M. Fränzle, M. R. Hansen, und H. Ody, "Discounted Duration Calculus" School of Computer Science, Reykjavik University, RUTRSCS16001, 2015.
@techreport{FHO15b, title = {Discounted Duration Calculus},
author = {Fr{\"a}nzle, Martin and Hansen, Michael R. and Ody, Heinrich},
year = {2015},
booktitle = {Nordic Workshop on Programming Theory  NWPT},
editor = {Luca Aceto, Ignacio Fabregas, Alvaro GarciaPerez and Anna Ingolfsdottir},
institution = {School of Computer Science, Reykjavik University},
number = {RUTRSCS16001},
url = {http://icetcs.ru.is/nwpt2015/NWPT15Proceedings.pdf}
}

S. Linker und M. Hilscher, "Proof Theory of a MultiLane Spatial Logic" Logical Methods in Computer Science, vol. 11, iss. 3, 2015.
@article{LH15,
author = {S. Linker and M. Hilscher},
editor = {Zhiming Liu and Jim Woodcock and Huibiao Zhu},
title = {Proof Theory of a MultiLane Spatial Logic},
journal = {Logical Methods in Computer Science},
volume = {11},
number = {3},
pages = {},
year = {2015},
url = {http://www.lmcsonline.org/ojs/regularIssues.php?id=46}
}

M. Gieseking, "Trace Refinement of $\pi$Calculus Processes" in Proc. Frontiers of Formal Methods 2015, 2015, pp. 109114.
@inproceedings{gie2015, booktitle = {Frontiers of Formal Methods 2015},
type = {Technical Report},
organization = {RWTH Aachen},
month = {February},
title = {Trace Refinement of $\pi$Calculus Processes},
author = {Manuel Gieseking},
year = {2015},
series = {Proceedings of the Young Researchers' Conference "Frontiers of Formal Methods"},
pages = {109114},
url = {http://www.unioldenburg.de/fileadmin/user\_upload/f2informcsd/gieseking15\_ffm.pdf}
}

M. Fränzle, M. R. Hansen, und H. Ody, "No Need Knowing Numerous Neighbours  Towards a Realizable Interpretation of MLSL" in Proc. Correct System Design, 2015, pp. 152171.
@inproceedings{FHO15a,
author = {Martin Fr{\"{a}}nzle and Michael R. Hansen and Heinrich Ody},
title = {No Need Knowing Numerous Neighbours  Towards a Realizable Interpretation of {MLSL}},
editor = {Roland Meyer and Andr{\'{e}} Platzer and Heike Wehrheim},
booktitle = {Correct System Design},
pages = {152171},
year = {2015},
series = {Lecture Notes in Computer Science},
volume = {9360},
publisher = {Springer},
url = {http://theoretica.informatik.unioldenburg.de/~sefie/files/neighbourscsd15.pdf},
doi = {10.1007/9783319235066_11},
biburl = {http://dblp.unitrier.de/rec/bib/conf/birthday/FranzleHO15},
bibsource = {dblp computer science bibliography, http://dblp.org}
}

E. R. Olderog, A. P. Ravn, und R. Wisniewski, "Linking Spatial and Dynamic Models for Traffic Maneuvers" in Proc. 54th IEEE Conf. on Decision and Control (CDC), Osaka, Japan, 2015, pp. 68096816.
@inproceedings{ORW2015,
author = {E.R. Olderog and A.P. Ravn and R. Wisniewski},
title = {Linking Spatial and Dynamic Models for Traffic Maneuvers},
booktitle = {54th IEEE Conf. on Decision and Control (CDC), Osaka, Japan },
year = {2015},
pages = {68096816},
month = {Dec},
publisher = {IEEE},
url = {https://www.unioldenburg.de/fileadmin/user_upload/f2informcsd/pub/rootORW15.pdf},
doi = {10.1109/CDC.2015.7403292},
subproject = {H3},
conferenceshort = {CDC},
conferencelong = {IEEE Conference on Decision and Control},
abstract = {For traffic maneuvers of multiple vehicles on highways we build an abstract spatial and a concrete dynamic model. In the spatial model we show the safety (collision freedom) of lanechange maneuvers. By linking the spatial and dynamic model via suitable refinements of the spatial atoms to distance measures, the safety carries over to the concrete mode}
}

H. Ody, "Undecidability Results for MultiLane Spatial Logic" in Proc. Theoretical Aspects of Computing  ICTAC, 2015, pp. 404421.
@inproceedings{Ody15b,
author = {Heinrich Ody},
title = {Undecidability Results for MultiLane Spatial Logic},
booktitle = {Theoretical Aspects of Computing  {ICTAC}},
pages = {404421},
year = {2015},
editor = {Martin Leucker and Camilo Rueda and Frank D. Valencia},
volume = {9399},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
url = {http://theoretica.informatik.unioldenburg.de/~sefie/files/mlslundecictac15.pdf},
doi = {10.1007/9783319251509_24},
biburl = {http://dblp.unitrier.de/rec/bib/conf/ictac/Ody15},
bibsource = {dblp computer science bibliography, http://dblp.org}
}

G. v. Bochmann, M. Hilscher, S. Linker, und E. Olderog, "Synthesizing Controllers for MultiLane Traffic Maneuvers" in Proc. International Symposium on Dependable Software Engineering (SETTA), 2015, pp. 7186.
@inproceedings{avacsh3dec15, title = {Synthesizing Controllers for MultiLane Traffic Maneuvers},
author = {Gregor v. Bochmann AND Martin Hilscher AND Sven Linker AND ErnstRüdiger Olderog},
editor = {Xuandong Li AND Zhiming Liu AND Wang Yi},
booktitle = {International Symposium on Dependable Software Engineering (SETTA)},
year = {2015},
month = {Nov.},
pages = {7186},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = 9409, abstract = {The dynamic behavior of a car can be modeled as a hybrid system involving continuous state changes and discrete state transitions. However, we show that the control of safe (collision free) lane change maneuvers in multilane traffic on highways can be described by finite state machines extended with continuousvariables coming from the environment. We use standard theory for controller synthesis to derive the dynamic behavior of a lanechange controller. Thereby, we contrast the setting of interleaving semantics and synchronous concurrent semantics. We also consider the possibility of exchanging knowledge between neighboring cars in order to come up with the right decisions.},
conferencelong = {International Symposium on Dependable Software Engineering},
conferenceshort = {SETTA}
}

B. Finkbeiner, M. Gieseking, und E. Olderog, "Adam: CausalityBased Synthesis of Distributed Systems" in Proc. Computer Aided Verification  27th International Conference, CAV 2015, San Francisco, CA, USA, July 1824, 2015, Proceedings, Part I, 2015, pp. 433439.
@inproceedings{fingieold15, title = {Adam: CausalityBased Synthesis of Distributed Systems},
author = {Bernd Finkbeiner and Manuel Gieseking and ErnstR{\"{u}}diger Olderog},
booktitle = {Computer Aided Verification  27th International Conference, {CAV} 2015, San Francisco, CA, USA, July 1824, 2015, Proceedings, Part {I}},
year = {2015},
editor = {Daniel Kroening and Corina S. Pasareanu},
pages = {433439},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {9206},
abstract = {We present ADAM, a tool for the automatic synthesis of distributed systems with multiple concurrent processes. For each process, an individual controller is synthesized that acts on locally available information obtained through synchronization with the environment and with other system processes. ADAM is based on Petri games, an extension of Petri nets where each token is a player in a multiplayer game. ADAM implements the first symbolic game solving algorithm for Petri games. We report on experience from several case studies with up to 38 system processes.},
conferencelong = {International Conference on Computer Aided Verification},
conferenceshort = {CAV},
url = {http://www.unioldenburg.de/fileadmin/user\_upload/f2informcsd/fingieold15.pdf}
}

H. Ody, "Undecidability Results for MultiLane Spatial Logic" SFB/TR 14 AVACS, Reports of SFB/TR 14 AVACS 112, 2015.
@techreport{Ody15a, title = {Undecidability Results for MultiLane Spatial Logic},
author = {Heinrich Ody},
institution = {SFB/TR 14 AVACS},
year = {2015},
month = {September},
note = {http://www.avacs.org},
number = {112},
type = {Reports of SFB/TR 14 AVACS},
abstract = {We consider (un)decidability of MultiLane Spatial Logic (MLSL), a multidimensional modal logic introduced for reasoning about traffic manoeuvres. MLSL with length measurement has been shown to be undecidable. However, the proof relies on exact values. This raises the question whether the logic remains undecidable when we consider robust satisfiability, i.e. when values are known only approximately. Our main result is that robust satisfiability of MLSL is undecidable. Furthermore, we prove that even MLSL without length measurement is undecidable. In both cases we reduce the intersection emptiness of two contextfree languages to the respective satisfiability problem. This is the full version of a paper with the same title published at the ICTAC 2015.},
access = {open},
bibtex = {atr112.bib},
editor = {Bernd Becker and Werner Damm and Bernd Finkbeiner and Martin Fr{\"a}nzle and ErnstR{\"u}diger Olderog and Andreas Podelski},
pdf = {avacs_technical_report_112.pdf},
url = {http://www.avacs.org/fileadmin/Publikationen/Open/avacs\_technical\_report\_112.pdf},
series = {ATR},
subproject = {H3,R1}
}

N. Flick und B. Engelmann, "Properties of Petri Nets with Contextfree Structure Changes" in Proc. Fifth International Workshop on Graph Computation Models, 2014.
@inproceedings{FE2014,
author = {NilsErik Flick and Bj{\"o}rn Engelmann},
title = {Properties of Petri Nets with Contextfree Structure Changes},
booktitle = {Fifth International Workshop on Graph Computation Models},
year = {2014},
abstract = {Petri nets model systems with distributed state and syn chronised state changes. Extending them with rewriting rules allows for evolving structure. In this paper, we investigate dynamic properties of simple structurechanging Petri nets. We show undecidability of checking a languagebased notion of correctness even for very restricted classes of structurechanging nets. We also introduce a colourbased abstraction and use it to specify, and in special cases decide, reachability properties.},
url = {http://gcm2014.imag.fr/proceedingsGCM2014.pdf}
}

B. Finkbeiner und E. R. Olderog, "Petri Games: Synthesis of Distributed Systems with Causal Memory" in Proc. Proceedings Fifth International Symposium on Games, Automata, Logics and Formal Verification, GandALF 2014, Verona, Italy, September 1012, 2014., 2014, pp. 217230.
@inproceedings{FinOld14,
author = {Bernd Finkbeiner and E.R Olderog},
title = {Petri Games: Synthesis of Distributed Systems with Causal Memory},
editor = {Adriano Peron and Carla Piazza},
booktitle = {Proceedings Fifth International Symposium on Games, Automata, Logics and Formal Verification, GandALF 2014, Verona, Italy, September 1012, 2014.},
series = {{EPTCS}},
year = {2014},
volume = {161},
pages = {217230},
url = {http://arxiv.org/abs/1406.1069v2}
}

S. Linker und M. Hilscher, "Proof theory of a multilane spatial logic" in Proc. Theoretical Aspects of ComputingICTAC 2013, 2013, pp. 231248.
@inproceedings{LH13, title = {Proof theory of a multilane spatial logic},
author = {Linker, Sven and Hilscher, Martin},
booktitle = {Theoretical Aspects of ComputingICTAC 2013},
pages = {231248},
year = {2013},
publisher = {Springer}
}

B. Engelmann, "Towards Practical Verification of Dynamically Typed Programs" in Proc. 25th Nordic Workshop on Programming Theory, 2013.
@inproceedings{Eng2013,
author = {Bj{\"o}rn Engelmann},
title = {Towards Practical Verification of Dynamically Typed Programs},
booktitle = {25th Nordic Workshop on Programming Theory},
year = {2013},
abstract = {Dynamically typed languages enable programmers to write elegant, reusable and extendable programs. Recently, some progress has been made regarding their verification. However, the user is currently required to manually show the absence of type errors, a tedious task usually involving large amounts of repetitive work. As most dynamically typed programs only occasionally divert from what would also be possible in statically typed languages, properly designed type inference algorithms should be able to supply the missing type information in most cases. We propose integrating a certified type inference algorithm into an interactive verification environment in order to a) provide a layer of abstraction, allowing the users to verify their programs like in a statically typed language whenever possible and b) use verification results to improve type inference and thus allow type checking of difficult cases.},
pdf = {http://theoretica.informatik.unioldenburg.de/~ben/papers/nwpt2013paper.pdf},
slides = {http://theoretica.informatik.unioldenburg.de/~ben/slides/nwpt2013/},
url = {http://theoretica.informatik.unioldenburg.de/~ben/papers/nwpt2013paper.pdf}
}

M. Hilscher, S. Linker, und E. R. Olderog, "Proving Safety of Traffic Manoeuvres on Country Roads" in Proc. Theories of Programming and Formal Methods, 2013, pp. 196212.
@inproceedings{HLO13,
author = {M. Hilscher and S. Linker and E.R. Olderog},
editor = {Zhiming Liu and Jim Woodcock and Huibiao Zhu},
title = {Proving Safety of Traffic Manoeuvres on Country Roads},
booktitle = {Theories of Programming and Formal Methods},
publisher = {Springer},
series = {LNCS},
volume = {8051},
year = {2013},
pages = {196212}
}

S. Kemper und C. Etzien, "A Visual Logic for the Description of Highway Traffic Scenarios" in Proc. Complex Systems Design & Management, Proceedings of the Fourth International Conference on Complex Systems Design & Management CSD&M 2013, Paris, France, December 46, 2013, 2013, pp. 233245.
@inproceedings{DBLP:conf/csdm/KemperE13,
author = {Stephanie Kemper and Christoph Etzien},
title = {A Visual Logic for the Description of Highway Traffic Scenarios},
booktitle = {Complex Systems Design {\&} Management, Proceedings of the Fourth International Conference on Complex Systems Design {\&} Management CSD{\&}M 2013, Paris, France, December 46, 2013},
pages = {233245},
year = {2013},
url = {http://dx.doi.org/10.1007/9783319028125_17},
doi = {10.1007/9783319028125_17},
timestamp = {Sun, 08 Dec 2013 13:34:23 +0100},
biburl = {http://dblp.unitrier.de/rec/bib/conf/csdm/KemperE13},
bibsource = {dblp computer science bibliography, http://dblp.org}
}

E. R. Olderog und M. Swaminathan, "Structural Transformations for DataEnriched RealTime Systems" in Proc. Integrated Formal Methods (iFM), 2013, pp. 378393.
@inproceedings{OlderogSwaminathan13,
author = {E.R. Olderog and Mani Swaminathan},
title = {Structural Transformations for DataEnriched RealTime Systems},
editor = {Einar Broch Johnsen and Luigia Petre},
booktitle = {Integrated Formal Methods (iFM)},
volume = {7940},
series = {Lecture Notes in Computer Science},
pages = {378393},
publisher = {SpringerVerlag},
year = {2013},
url = {http://dx.doi.org/10.1007/9783642386138_26}
}

K. R. Apt, F. S. de Boer, E. R. Olderog, und S. de Gouw, "Verification of objectoriented programs: A transformational approach" J Computer System Sciences, vol. 78, pp. 823852, 2012.
@article{ABOG12,
author = {K. R. Apt and F. S. de Boer and E.R. Olderog and S. de Gouw},
title = {Verification of objectoriented programs: A transformational approach},
journal = {J Computer System Sciences},
volume = {78},
number = {},
pages = {823852},
year = {2012},
optnote = {DOI information: 10.1016/j.jcss.2011.08.002}
}

E. R. Olderog und R. Wilhelm, "Turing und die Verifikation" InformatikSpektrum, vol. 35, iss. 4, pp. 271279, 2012.
@article{OW12,
author = {E.R. Olderog and R. Wilhelm},
title = {Turing und die {Verifikation}},
journal = {InformatikSpektrum},
volume = {35},
number = {4},
pages = {271279},
year = {2012},
optnote = {Themenheft: Turing}
}

M. Swaminathan, J. P. Katoen, und E. R. Olderog, "Layered Reasoning for randomized distributed algorithms" Formal Asp. Comput., vol. 24, iss. 46, pp. 477496, 2012.
@article{SwaminathanKatoenOlderog12,
author = {M. Swaminathan and J.P. Katoen and E.R. Olderog},
title = {Layered Reasoning for randomized distributed algorithms},
journal = {Formal Asp. Comput.},
volume = {24},
number = {46},
year = {2012},
pages = {477496},
url = {http://dx.doi.org/10.1007/s001650120231x}
}

S. Linker, "Translating Structural Process Properties to Petri Net Markings" in Proc. Proceedings of the 12th International Conference on Application of Concurrency to System Design (ACSD'12), 2012, pp. 8291.
@inproceedings{Lin12,
author = {S. Linker},
title = {Translating Structural Process Properties to Petri Net Markings},
booktitle = {Proceedings of the 12th International Conference on Application of Concurrency to System Design (ACSD'12)},
pages = {8291},
publisher = {IEEE Computer Society Conference Publishing Services},
year = {2012},
month = {June},
abstract = {We introduce a spatiotemporal logic PSTL defined on PiCalculus processes. This logic is especially suited to formulate properties in relation to the structural semantics of the PiCalculus due to Meyer, a representation of processes as Petri nets. To allow for the use of wellresearched verification techniques, we present a translation of a subset of PSTL to LTL on Petri nets. We further prove soundness of our translation.}
}

E. R. Olderog, "Automatic Verification of RealTime Systems with Rich Data  An Overview" in Proc. Theory and Applications of Models of Computation (TAMC), 2012, pp. 8493.
@inproceedings{Old12,
author = {E.R. Olderog},
title = {Automatic Verification of RealTime Systems with Rich Data  An Overview},
booktitle = {Theory and Applications of Models of Computation (TAMC)},
editor = {Manindra Agrawal and S. Barry Cooper and Angsheng Li},
series = {LNCS},
volume = {7287},
pages = {8493},
publisher = {Springer},
year = {2012}
}

T. Strazny und R. Meyer, "An Algorithmic Framework for Coverability in WellStructured Systems" in Proc. Proceedings of the 12th International Conference on Application of Concurrency to System Design (ACSD'12), 2012, pp. 173182.
@inproceedings{straznymeyer:2012:framework,
author = {T. Strazny and R. Meyer},
title = {An Algorithmic Framework for Coverability in WellStructured Systems},
booktitle = {Proceedings of the 12th International Conference on Application of Concurrency to System Design (ACSD'12)},
year = {2012},
pages = {173182},
month = {June},
publisher = {IEEE Computer Society Conference Publishing Services},
abstract = {We generalize the backward algorithm for coverability in WSTS's to an algorithmic framework. The idea is to consider the predecessor computation, the witness function, and the processing order as parameters. On the theoretical side, we prove that every instantiation of the functions (that satisfies some requirements) still yields a decision procedure for coverability. On the practical side, we show that known optimizations like partial order reduction and pruning can be formulated in our framework. We also give a novel acceleration based instantiation. For wellknown classes of WSTS's (PN, PN+Transfer, LCS), we optimize the selection function inspired by $A^*$. We implemented our instantiations and comment on the data structures. Extensive experiments show that the new algorithms can compete with a stateoftheart tool: MIST2.},
note = {Best Paper Award of ACSD}
}

S. Kemper, "SATbased verification for timed component connectors" Science of Computer Programming, vol. 77, iss. 7–8, pp. 779798, 2012.
@article{Kemper2012779,
author = {S. Kemper},
title = {SATbased verification for timed component connectors },
journal = {Science of Computer Programming },
year = {2012},
volume = {77},
pages = {779  798},
number = {7–8},
note = {(1) FOCLASA’09 (2) FSEN’09 },
abstract = {Componentbased software construction relies on suitable models underlying components, and in particular the coordinators which orchestrate component behaviour. Verifying correctness and safety of such systems amounts to model checking the underlying system model. The model checking techniques not only need to be correct (since system sizes increase), but also scalable and efficient. In this paper, we present a SATbased approach for bounded model checking of Timed Constraint Automata, which permits true concurrency in the timed orchestration of components. We present an embedding of bounded model checking into propositional logic with linear arithmetic. We define a product that is linear in the size of the system, and in this way overcome the state explosion problem to deal with larger systems. To further improve model checking performance, we show how to embed our approach into an extension of counterexample guided abstraction refinement with Craig interpolants. },
doi = {http://dx.doi.org/10.1016/j.scico.2011.02.003},
issn = {01676423},
keywords = {Timed constraint automata},
url = {http://www.sciencedirect.com/science/article/pii/S0167642311000499}
}

J. Quesel und A. Platzer, "Playing Hybrid Games with KeYmaera." SFB/TR 14 AVACS, Reports of SFB/TR 14 AVACS 84, 2012.
@techreport{DBLP:conf/cade/QueselP12:TR,
author = {JanDavid Quesel and Andr{\'e} Platzer},
title = {Playing Hybrid Games with {KeYmaera}.},
editor = {Bernd Becker and Werner Damm and Martin Fr{\"a}nzle and ErnstR{\"u}diger Olderog and Andreas Podelski and Reinhard Wilhelm},
institution = {SFB/TR 14 AVACS},
subproject = {H3},
year = {2012},
month = {April},
type = {Reports of SFB/TR 14 AVACS},
series = {ATR},
number = 84, note = {ISSN: 18609821, http://www.avacs.org.},
abstract = { We propose a new logic, called differential dynamic game logic (dDGL), for expressing properties of parametric hybrid games, and develop a theorem prover for it. We give an operational and a modal semantics of dDGL and prove their equivalence. To allow for deductive reasoning, we exploit the fact that dDGL is a conservative extension of differential dynamic logic(dL). We provide rules for extending the dL sequent proof calculus to handle the dDGL specifics. We have implemented dDGL in the theorem prover KeYmaera and consider a case study in which a robot plays a game against other agents in a factory automation scenario. },
access = {open},
bibtex = {atr084.bib},
pdf = {http://www.avacs.org/Publikationen/Open/avacs_technical_report_084.pdf}
}

J. Quesel und A. Platzer, "Playing Hybrid Games with KeYmaera." in Proc. Automated Reasoning, Sixth International Joint Conference, IJCAR 2012, Manchester, UK, Proceedings, 2012, pp. 439453.
@inproceedings{DBLP:conf/cade/QueselP12,
author = {JanDavid Quesel and Andr{\'e} Platzer},
title = {Playing Hybrid Games with {KeYmaera}.},
booktitle = {Automated Reasoning, Sixth International Joint Conference, IJCAR 2012, Manchester, UK, Proceedings},
month = {June},
year = {2012},
editor = {Bernhard Gramlich and Dale Miller and Ulrike Sattler},
publisher = {Springer},
volume = {7364},
series = {LNCS},
pages = {439453},
doi = {10.1007/9783642313653_34},
pdf = {http://csd.informatik.unioldenburg.de/~jdq/paper/cdglijcar.pdf},
slides = {http://csd.informatik.unioldenburg.de/~jdq/slides/ijcar20120626.pdf},
note = {The original publication is available at \url{http://www.springerlink.com/content/l44k5x507h67737q}{www.springerlink.com}.},
keywords = {differential dynamic logic, hybrid games, sequent calculus, theorem proving, logics for hybrid systems, factory automation},
abstract = { We propose a new logic, called differential dynamic game logic (dDGL), for expressing properties of parametric hybrid games, and develop a theorem prover for it. We give an operational and a modal semantics of dDGL and prove their equivalence. To allow for deductive reasoning, we exploit the fact that dDGL is a conservative extension of differential dynamic logic(dL). We provide rules for extending the dL sequent proof calculus to handle the dDGL specifics. We have implemented dDGL in the theorem prover KeYmaera and consider a case study in which a robot plays a game against other agents in a factory automation scenario. }
}

J. Faber, S. Linker, E. Olderog, und J. Quesel, "Syspect  Modelling, Specifying, and Verifying RealTime Systems with Rich Data" International Journal of Software and Informatics, vol. 5, iss. 12, pp. 117137, 2011.
@article{FLO+2011,
author = {Johannes Faber and Sven Linker and ErnstR{\"u}diger Olderog and JanDavid Quesel},
title = {Syspect  Modelling, Specifying, and Verifying RealTime Systems with Rich Data},
journal = {International Journal of Software and Informatics},
year = {2011},
volume = {5},
number = {12},
part = {1},
pages = {117137},
note = {ISSN 16737288.},
url = {http://www.ijsi.org/IJSI/ch/reader/create_pdf.aspx?file_no=i78&flag=1&journal_id=ijsi},
abstract = {We introduce the graphical tool Syspect for modelling, specifying, and automatically verifying reactive systems with continuous realtime constraints and complex, possibly infinite data. For modelling these systems, a UML profile comprising component diagrams, protocol state machines, and class diagrams is used; for specifying the formal semantics of these models, the combination CSPOZDC of CSP (Communicating Sequential Processes), OZ (ObjectZ) and DC (Duration Calculus) is employed; for verifying properties of these specifications, translators are provided to the input formats of the model checkers ARMC (Abstraction Refinement Model Checker) and SLAB (Slicing Abstraction model checker) as well as the tool HPILoT (Hierarchical Proving by Instantiation in Local Theory extensions). The application of the tool is illustrated by a selection of examples that have been successfully analysed with Syspect. },
publists = {syspect}
}

T. Strazny, "Accelerating Backward Reachability Analysis" in Proc. Proceedings of the 23rd Nordic Workshop on Programming Theory (NWPT'11), 2011, pp. 24.
@inproceedings{strazny:2011:accelerating,
author = {Tim Strazny},
title = {Accelerating Backward Reachability Analysis},
booktitle = {Proceedings of the 23rd Nordic Workshop on Programming Theory (NWPT'11)},
year = {2011},
editor = {Paul Pettersson and Cristina Seceleanu},
pages = {24},
month = {October},
organization = {M\"{a}lardalen University Sweden},
note = {Technical report 254/2011},
abstract = {In the context of depthfirst backward reachability analysis, we identify two general operations which allow for performance improvements, while covering wellknown techniques such as partial order methods and pruning. We instantiate these operations with novel \emph{backward acceleration} techniques and employ methods of \emph{guided search} in this context. Further, we introduce \emph{supportbased search trees},
a data structure to represent upwardclosed sets (ucs's) which allows for efficient implementation of operations necessary for the analysis.},
comment = {M\"{a}lardalen RealTime Research Centre, Box 883, 72123 V\"{a}ster\r{a}s, Sweden},
issn = {14043041}
}

B. Wirtz, T. Strazny, J. Rakow, und A. Rakow, "A Lane Change Assistance System: Cooperation and Hybrid Control" SFB/TR 14 AVACS, Reports of SFB/TR 14 AVACS 78, 2011.
@techreport{atr078,
author = {Boris Wirtz and Tim Strazny and Jan Rakow and Astrid Rakow},
title = {A Lane Change Assistance System: Cooperation and Hybrid Control},
institution = {SFB/TR 14 AVACS},
year = {2011},
type = {Reports of SFB/TR 14 AVACS},
number = {78},
month = {July},
note = {ISSN: 18609821, http://www.avacs.org},
abstract = { Automated Highway Systems (AHS's) are considered as a key technology that promises increased safety, reduced energy consumption and optimized traffic flow. Safe and dependable operation of AHS's is of paramount importance and requires the application of rigid formal methods at design time. In this report we present a model for a lane change assistance system which is meant to serve as a foundation for benchmarks boosting theoretic and algorithmic advances in formal verification of the challenging class of cyberphysical systems. The assistance system implements an autonomous lane change manoeuvre conducted in cooperation with other communicating agents. The model implements a layered design for traffic agents where aspects of communication and autonomous control are described as realtime and hybrid systems, respectively, which are intertwined by synchronous message passing. },
editor = {Bernd Becker and Werner Damm and Bernd Finkbeiner and Martin Fr{\"a}nzle and ErnstR{\"u}diger Olderog and Andreas Podelski},
series = {ATR},
subproject = {H3}
}

J. D. Quesel, M. Fränzle, und W. Damm, "Crossing the bridge between similar games" in Proc. Formal Modeling and Analysis of Timed Systems  9th International Conference (FORMATS), Aalborg, Denmark, 2123 September, 2011. Proceedings, 2011, pp. 160176.
@inproceedings{AVACSH3BRG11,
author = {J.D. Quesel AND M. Fr\"{a}nzle AND W. Damm},
title = {Crossing the bridge between similar games},
booktitle = {Formal Modeling and Analysis of Timed Systems  9th International Conference (FORMATS), Aalborg, Denmark, 2123 September, 2011. Proceedings},
year = {2011},
editor = {Stavros Tripakis and Uli Fahrenberg},
series = {LNCS},
volume = {6919},
pages = {160176},
month = {Sep.},
publisher = {Springer},
note = {The original publication is available at \url{http://www.springerlink.com/content/e6r94n5820k08626}{www.springerlink.com}.},
subproject = {H3},
pdf = {http://csd.informatik.unioldenburg.de/~jdq/paper/bridging.pdf},
slides = {http://csd.informatik.unioldenburg.de/~jdq/slides/bridgingformats20110921.pdf},
abstract = { Specifications and implementations of complex physical systems tend to differ as low level effects such as sampling are often ignored when high level models are created. Thus, the low level models are often not exact refinements of the high level specification. However, they are similar to those. To bridge the gap between those models, we study robust simulation relations for hybrid systems. We identify a family of robust simulation relations that allow for certain bounded deviations in the behavior of a system specification and its implementation in both values of the system variables and timings. We show that for this relaxed version of simulation a broad class of logical properties is preserved. The question whether two systems are in simulation relation can be reduced to a reach avoid problem for hybrid games. We provide a sufficient condition under which a winning strategy for these games exists.}
}

M. Hilscher, S. Linker, E. R. Olderog, und A. P. Ravn, "An Abstract Model for Proving Safety of MultiLane Traffic Manoeuvres" in Proc. Int'l Conf.\ on Formal Engineering Methods (ICFEM), 2011, pp. 404419.
@inproceedings{avacsh3dec11,
author = {M. Hilscher AND S. Linker AND E.R. Olderog AND A.P. Ravn},
title = {An Abstract Model for Proving Safety of MultiLane Traffic Manoeuvres},
booktitle = {Int'l Conf.\ on Formal Engineering Methods (ICFEM)},
year = {2011},
editor = {Shengchao Qin AND Zongyan Qiu},
volume = {6991},
series = {Lecture Notes in Computer Science},
pages = {404419},
month = {Oct.},
publisher = {SpringerVerlag},
note = {The original publication is available at \url{http://www.springerlink.com/content/y4721k1525v23520}{www.springerlink.com}.},
subproject = {H3},
pdf = {http://csd.informatik.unioldenburg.de/pub/Papers/hlor2011icfem.pdf},
url = {http://csd.informatik.unioldenburg.de/pub/Papers/hlor2011icfem.pdf},
abstract = { We present an approach to prove safety (collision freedom) of multilane motorway trac with lanechange manoeuvres. This is ultimately a hybrid veri cation problem due to the continuous dynamics of the cars. We abstract from the dynamics by introducing a new spatial interval logic based on the view of each car. To guarantee safety, we present two variants of a lanechange controller, one with perfect knowledge of the safety envelopes of neighbouring cars and one which takes only the size of the neighbouring cars into account. Based on these controllers we provide a local safety proof for unboundedly many cars by showing that at any moment the reserved space of each car is disjoint from the reserved space of any other car. }
}

S. Fröschle, P. Janvcar, S. Lasota, und Z. Sawa, "Noninterleaving bisimulation equivalences on Basic Parallel Processes" Inf. Comput., vol. 208, iss. 1, pp. 4262, 2010.
@article{FrJaLaSa:InfComput10,
author = {Fr\"{o}schle, Sibylle and Jan\v{c}ar, Petr and Lasota, Slawomir and Sawa, Zden\v{e}k},
title = {Noninterleaving bisimulation equivalences on Basic Parallel Processes},
journal = {Inf. Comput.},
volume = {208},
number = {1},
year = {2010},
pages = {4262},
publisher = {Academic Press, Inc.}
}

A. Platzer, Logical Analysis of Hybrid Systems: Proving Theorems for Complex Dynamics, Heidelberg: Springer, 2010.
@book{Platzer10,
author = {Andr{\'e} Platzer},
title = {Logical Analysis of Hybrid Systems: Proving Theorems for Complex Dynamics},
publisher = {Springer},
address = {Heidelberg},
year = {2010},
isbn = {9783642145094},
doi = {10.1007/9783642145094},
url = {http://symbolaris.com/lahs/}
}

H. Baumgartner, M. Gieseking, C. Concolato, und J. L. Feuvre, "Individual Supportive Audio Signal Processing" in Proc. 26th Tonmeistertagung  VDT International Convention, Leipzig, Germany, 2010, pp. 282284.
@inproceedings{bauGieConFeu10,
author = {Hannah Baumgartner and Manuel Gieseking and Cyril Concolato and Jean Le Feuvre},
title = {Individual Supportive Audio Signal Processing},
publisher = {Verband Deutscher Tonmeister e.V.},
booktitle = {26th Tonmeistertagung  VDT International Convention},
month = {Nov.},
year = {2010},
pages = {282284},
address = {Leipzig, Germany}
}

J. Hoenicke, E. R. Olderog, und A. Podelski, "Fairness for Dynamic Control" in Proc. Tools and Algorithms for the Construction and Analysis of Systems (TACAS), 2010, pp. 251265.
@inproceedings{HOP10,
author = {J. Hoenicke and E.R. Olderog and A. Podelski},
title = {Fairness for Dynamic Control},
editor = {J. Esparza and R. Majumdar },
booktitle = {Tools and Algorithms for the Construction and Analysis of Systems (TACAS) },
series = {Lecture Notes in Computer Science},
volume = {6015},
publisher = {SpringerVerlag},
pages = {251265},
year = {2010}
}

E. R. Olderog und A. Podelski, "Explicit Fair Scheduling for Dynamic Control" in Proc. Concurrency, Compositionality, and Correctness, 2010, pp. 96117.
@inproceedings{OlPo10,
author = {E.R. Olderog and A. Podelski},
editor = {D. Dams and U. Hannemann and M. Steffen},
title = { Explicit Fair Scheduling for Dynamic Control },
booktitle = {Concurrency, Compositionality, and Correctness },
series = {Lecture Notes in Computer Science},
volume = {5930 },
publisher = {SpringerVerlag },
pages = {96117 },
year = {2010}
}

J. Hoenicke, R. Meyer, und E. R. Olderog, "Kleene, Rabin, and Scott Are Available" in Proc. CONCUR 2010  Concurrency Theory (CONCUR), 2010, pp. 462477.
@inproceedings{HMO10,
author = {J. Hoenicke and R. Meyer and E.R. Olderog},
title = {Kleene, Rabin, and Scott Are Available},
editor = {Paul Gastin and Fran\c{c}ois Laroussinie},
booktitle = {CONCUR 2010  Concurrency Theory (CONCUR)},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {6269},
pages = {462477},
year = {2010},
url = {http://dx.doi.org/10.1007/9783642153754_32}
}

E. R. Olderog und M. Swaminathan, "Layered Composition for Timed Automata" in Proc. Formal Modeling and Analysis of Timed Systems (FORMATS), 2010, pp. 228242.
@inproceedings{OS10,
author = {E.R. Olderog and M. Swaminathan},
title = {Layered Composition for Timed Automata},
editor = {K. Chatterjee and T. A Henzinger},
booktitle = {Formal Modeling and Analysis of Timed Systems (FORMATS) },
series = {Lecture Notes in Computer Science},
volume = {6246},
publisher = {SpringerVerlag},
pages = {228242},
year = {2010},
url = {http://dx.doi.org/10.1007/9783642152979_18}
}

S. Kemper, "Compositional Construction of RealTime Dataflow Networks" in Proc. Coordination Models and Languages, 12th International Conference, COORDINATION 2010, Amsterdam, The Netherlands, June 79, 2010. Proceedings, 2010, pp. 92106.
@inproceedings{Kem10,
author = {Stephanie Kemper},
editor = {Dave Clarke and Gul A. Agha},
title = {Compositional Construction of RealTime Dataflow Networks},
booktitle = {Coordination Models and Languages, 12th International Conference, COORDINATION 2010, Amsterdam, The Netherlands, June 79, 2010. Proceedings},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {6116},
year = {2010},
pages = {92106},
doi = {10.1007/9783642134142_7},
url = {http://csd.informatik.unioldenburg.de/~stephie/Kemper_COORDINATION10.pdf}
}

R. Meyer und T. Strazny, "Petruchio: From dynamic networks to nets" in Proc. Proceedings of the 22nd International Conference on Computer Aided Verification 2010, CAV 2010, 2010, pp. 175179.
@inproceedings{MS2010, editor = {Tayssir Touili and Byron Cook and Paul Jackson},
volume = {6174},
year = {2010},
pages = {175179},
isbn = {9783642142949},
author = {R. Meyer and T. Strazny},
title = {Petruchio: From dynamic networks to nets},
booktitle = {Proceedings of the 22nd International Conference on Computer Aided Verification 2010, CAV 2010},
series = {LNCS},
publisher = {SpringerVerlag},
publists = {rmeyer},
abstract = {We introduce Petruchio, a tool for computing Petri net translations of dynamic networks. To cater for unbounded architectures beyond the capabilities of existing implementations, the principle fixedpoint engine runs interleaved with coverability queries. We discuss algorithmic enhancements and provide experimental evidence that Petruchio copes with models of reasonable size.}
}

S. Linker, "Diagrammatic Specification of Mobile RealTime Systems" in Diagrammatic Representation and Inference, Goel, A., Jamnik, M., und Narayanan, N., Eds., Springer Berlin / Heidelberg, 2010, vol. 6170, pp. 316318.
@incollection{springerlink:10.1007/9783642146008_40,
author = {Linker, Sven},
affiliation = {Carl von Ossietzky University of Oldenburg},
title = {Diagrammatic Specification of Mobile RealTime Systems},
booktitle = {Diagrammatic Representation and Inference},
series = {Lecture Notes in Computer Science},
editor = {Goel, Ashok and Jamnik, Mateja and Narayanan, N.},
publisher = {Springer Berlin / Heidelberg},
isbn = {},
pages = {316318},
volume = {6170},
url = {http://dx.doi.org/10.1007/9783642146008_40},
note = {10.1007/9783642146008_40},
year = {2010}
}

J. Faber, C. Ihlemann, S. Jacobs, und V. SofronieStokkermans, "Automatic Verification of Parametric Specifications with Complex Topologies" in Proc. Integrated Formal Methods, 2010, pp. 152167.
@inproceedings{FIJ+2010,
author = {J. Faber and C. Ihlemann and S. Jacobs and V. SofronieStokkermans},
title = {Automatic Verification of Parametric Specifications with Complex Topologies},
series = {Lecture Notes in Computer Science},
booktitle = {Integrated Formal Methods},
year = {2010},
editor = {D. M{\'e}ry and S. Merz},
volume = {6396},
pages = {152167},
publisher = {Springer, Heidelberg},
abstract = {The focus of this paper is on reducing the complexity in verification by exploiting modularity at various levels: in specification, in verification, and structurally. For specifications, we use the modular language CSPOZDC, which allows us to decouple verification tasks concerning data from those concerning durations. At the verification level, we exploit modularity in theorem proving for rich data structures and use this for invariant checking. At the structural level, we analyze possibilities for modular verification of systems consisting of various components which interact. We illustrate these ideas by automatically verifying safety properties of a case study from the European Train Control System standard, which extends previous examples by comprising a complex track topology with lists of track segments and trains with different routes.},
pdf = {http://csd.informatik.unioldenburg.de/~jfaber/dl/IFM2010b.pdf},
note = {This publication is available at \url{http://www.springerlink.com/openurl.asp?genre=article&id=doi:10.1007/9783642162657_12} {SpringerLink}},
doi = {http://dx.doi.org/10.1007/9783642162657_12}
}

J. Faber, "Verification Architectures: Compositional Reasoning for Realtime Systems" in Proc. Integrated Formal Methods, 2010, pp. 136151.
@inproceedings{Faber2010,
author = {J. Faber},
title = {{Verification Architectures}: Compositional Reasoning for Realtime Systems},
booktitle = {Integrated Formal Methods},
year = {2010},
editor = {D. M{\'e}ry and S. Merz},
volume = {6396},
series = {Lecture Notes in Computer Science},
pages = {136151},
publisher = {Springer, Heidelberg},
doi = {10.1007/9783642162657_11},
abstract = { We introduce a conceptual approach to decompose realtime systems, specified by integrated formalisms: instead of showing safety of a system directly, one proves that it is an instance of a Verification Architecture, a safe behavioural protocol with unknowns and local realtime assumptions. We examine how different verification techniques can be combined in a uniform framework to reason about protocols, assumptions, and instantiations of protocols. The protocols are specified in CSP, extended by data and unknown processes with local assumptions in a realtime logic. To prove desired properties, the CSP dialect is embedded into dynamic logic and a sequent calculus is presented. Further, we analyse the instantiation of protocols by combined specifications, here illustrated by CSPOZDC. Using an example, we show that this approach helps us verify specifications that are too complex for direct verification. },
pdf = {http://csd.informatik.unioldenburg.de/~jfaber/dl/IFM2010a.pdf},
note = {This publication is available at \url{http://www.springerlink.com/openurl.asp?genre=article&id=doi:10.1007/9783642162657_11} {SpringerLink}}
}

J. Faber, C. Ihlemann, S. Jacobs, und V. SofronieStokkermans, "Automatic Verification of Parametric Specifications with Complex Topologies" SFB/TR 14 AVACS, Reports of SFB/TR 14 AVACS 66, 2010.
@techreport{FIJS2010,
author = {Johannes Faber and Carsten Ihlemann and Swen Jacobs and Viorica SofronieStokkermans},
title = {Automatic Verification of Parametric Specifications with Complex Topologies},
institution = {SFB/TR 14 AVACS},
year = {2010},
type = {Reports of SFB/TR 14 AVACS},
number = {66},
note = {ISSN: 18609821, \url{http://www.avacs.org}{http://www.avacs.org}.},
abstract = {The focus of this paper is on reducing the complexity in verification by exploiting modularity at various levels: in specification, in verification, and structurally. For specifications, we use the modular language CSPOZDC, which allows us to decouple verification tasks concerning data from those concerning durations. At the verification level, we exploit modularity in theorem proving for rich data structures and use this for invariant checking. At the structural level, we analyze possibilities for modular verification of systems consisting of various components which interact. We illustrate these ideas by automatically verifying safety properties of a case study from the European Train Control System standard, which extends previous examples by comprising a complex track topology with lists of track segments and trains with different routes.},
access = {open},
bibtex = {atr066.bib},
editor = {Bernd Becker and Werner Damm and Martin Fr{\"a}nzle and ErnstR{\"u}diger Olderog and Andreas Podelski and Reinhard Wilhelm},
series = {ATR},
subproject = {R1},
url = {http://csd.informatik.unioldenburg.de/~jfaber/dl/ATR066.pdf},
publists = {syspect}
}

J. Faber, "Verification Architectures: Compositional Reasoning for Realtime Systems" SFB/TR 14 AVACS, Reports of SFB/TR 14 AVACS 65, 2010.
@techreport{Faber2010a,
author = {J. Faber},
title = {Verification {A}rchitectures: Compositional Reasoning for Realtime Systems},
institution = {SFB/TR 14 AVACS},
year = {2010},
type = {Reports of SFB/TR 14 AVACS},
number = {65},
month = {August},
note = {ISSN: 18609821, \url{http://www.avacs.org}{http://www.avacs.org}.},
abstract = { We introduce a conceptual approach to decompose realtime systems, specified by integrated formalisms: instead of showing safety of a system directly, one proves that it is an instance of a Verification Architecture, a safe behavioural protocol with unknowns and local realtime assumptions. We examine how different verification techniques can be combined in a uniform framework to reason about protocols, assumptions, and instantiations of protocols. The protocols are specified in CSP, extended by data and unknown processes with local assumptions in a realtime logic. To prove desired properties, the CSP dialect is embedded into dynamic logic and a sequent calculus is presented. Further, we analyse the instantiation of protocols by combined specifications, here illustrated by CSPOZDC. Using an example, we show that this approach helps us verify specifications that are too complex for direct verification. },
access = {open},
bibtex = {atr065.bib},
editor = {Bernd Becker and Werner Damm and Martin Fr{\"a}nzle and ErnstR{\"u}diger Olderog and Andreas Podelski and Reinhard Wilhelm},
series = {ATR},
subproject = {R1},
url = {http://csd.informatik.unioldenburg.de/~jfaber/dl/ATR065.pdf}
}

S. B. Fröschle und D. Gorla, "Proceedings 16th International Workshop on Expressiveness in Concurrency" CoRR, vol. abs/0911.3189, 2009.
@article{FrGo:Express09,
author = {Sibylle B. Fr{\"o}schle and Daniele Gorla},
title = {Proceedings 16th International Workshop on Expressiveness in Concurrency},
journal = {CoRR},
volume = {abs/0911.3189},
year = {2009}
}

S. Fröschle und G. Steel, "Analysing PKCS\#11 Key Management APIs with Unbounded Fresh Data" , pp. 92106, 2009.
@article{FrSt:ArspaWits09,
author = {Fr\"{o}schle, Sibylle and Steel, Graham},
title = {Analysing PKCS\#11 Key Management APIs with Unbounded Fresh Data},
book = {Foundations and Applications of Security Analysis: Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security, ARSPAWITS 2009, York, UK, March 2829, 2009, Revised Selected Papers},
year = {2009},
pages = {92106},
publisher = {SpringerVerlag}
}

W. Czerwi'nski, S. Fröschle, und S. Lasota, "PartiallyCommutative ContextFree Processes" in Proc. CONCUR 2009: Proceedings of the 20th International Conference on Concurrency Theory, 2009, pp. 259273.
@inproceedings{CzFrLa:Concur09,
author = {Czerwi\'{n}ski, Wojciech and Fr\"{o}schle, Sibylle and Lasota, S\lawomir},
title = {PartiallyCommutative ContextFree Processes},
booktitle = {CONCUR 2009: Proceedings of the 20th International Conference on Concurrency Theory},
year = {2009},
pages = {259273},
publisher = {SpringerVerlag}
}

S. Fröschle und S. Lasota, "Normed Processes, Unique Decomposition, and Complexity of Bisimulation Equivalences" Electron. Notes Theor. Comput. Sci., vol. 239, pp. 1742, 2009.
@article{FrLa:Infinity06,
author = {Fr\"{o}schle, Sibylle and Lasota, S\lawomir},
title = {Normed Processes, Unique Decomposition, and Complexity of Bisimulation Equivalences},
journal = {Electron. Notes Theor. Comput. Sci.},
volume = {239},
year = {2009},
pages = {1742},
publisher = {Elsevier Science Publishers B. V.}
}

K. R. Apt, F. S. de Boer, und E. R. Olderog, Verification of Sequential and Concurrent Programs, 3rd Edition, SpringerVerlag, 2009.
@book{ABO09Book3,
author = { K. R. Apt and F. S. de Boer and E.R. Olderog },
title = {Verification of Sequential and Concurrent Programs, 3rd Edition},
series = {Texts in Computer Science},
publisher = {SpringerVerlag},
year = {2009},
note = {502 pp, ISBN 9781848827448},
url = {http://www.springer.com/computer/theoretical+computer+science/book/9781848827448}
}

S. Fröschle, "Adding Branching to the Strand Space Model" Electron. Notes Theor. Comput. Sci., vol. 242, iss. 1, pp. 139159, 2009.
@article{Fr:Express08,
author = {Fr\"{o}schle, Sibylle},
title = {Adding Branching to the Strand Space Model},
journal = {Electron. Notes Theor. Comput. Sci.},
volume = {242},
number = {1},
year = {2009},
pages = {139159},
publisher = {Elsevier Science Publishers B. V.}
}

E. R. Olderog und R. Meyer, "Automatatheoretic verification based on counterexample specification" in Proc. Informatik als Dialog zwischen Theorie und Anwendung, 2009, pp. 217225.
@inproceedings{erorm09,
author = {E.R. Olderog and R. Meyer},
title = {Automatatheoretic verification based on counterexample specification},
editor = {V. Diekert and K. Weicker and N. Weicker},
booktitle = {Informatik als Dialog zwischen Theorie und Anwendung},
year = {2009},
pages = {217225},
publisher = {ViewegTeubner},
publists = {rmeyer}
}

S. Kemper, "SATbased Verification for Timed Component Connectors" Electr. Notes Theor. Comput. Sci., vol. 255, pp. 103118, 2009.
@article{Kem09,
author = {Stephanie Kemper},
title = {{SAT}based {V}erification for {T}imed {C}omponent {C}onnectors},
journal = {Electr. Notes Theor. Comput. Sci.},
volume = {255},
year = {2009},
pages = {103118},
url = {http://csd.informatik.unioldenburg.de/~stephie/Kemper_FOCLASA09.pdf},
doi = {10.1016/j.entcs.2009.10.027},
keywords = {Timed Constraint Automata, Abstraction Refinement, Model Checking, SAT, ComponentBased Software Engineering}
}

M. Fränzle und M. Swaminathan, "Revisiting Decidability and Optimum Reachability for MultiPriced Timed Automata" in Proc. Formal Modeling and Analysis of Timed Systems (FORMATS), 2009, pp. 149163.
@inproceedings{MS09,
author = {M. Fr{\"a}nzle and M. Swaminathan},
title = {Revisiting Decidability and Optimum Reachability for MultiPriced Timed Automata},
editor = {J. Ouaknine and F. Vaandrager},
booktitle = {Formal Modeling and Analysis of Timed Systems (FORMATS) },
series = {Lecture Notes in Computer Science},
volume = {5813},
publisher = {SpringerVerlag},
pages = {149163},
year = {2009},
url = {http://dx.doi.org/10.1007/9783642043680_13}
}

A. Schäfer und M. John, "Conceptional Modeling and Analysis of SpatioTemporal Processes in Biomolecular Systems" in Proc. Sixth AsiaPacific Conference on Conceptual Modelling (APCCM 2009), Wellington, New Zealand, January 2009, 2009, pp. 3948.
@inproceedings{sj09,
author = {Sch\"afer, A. and John, M.},
title = {Conceptional Modeling and Analysis of SpatioTemporal Processes in Biomolecular Systems},
booktitle = {Sixth AsiaPacific Conference on Conceptual Modelling (APCCM 2009), Wellington, New Zealand, January 2009},
editor = {Markus Kirchberg and Sebastian Link},
series = {CRPIT},
volume = {96},
publisher = {Australian Computer Society},
year = {2009},
pages = {3948},
publists = {schaefer}
}

R. Meyer, V. Khomenko, und T. Strazny, "A Practical Approach to Verification of Mobile Systems Using Net Unfoldings" Fundamenta Informaticae, vol. 94, iss. 34, pp. 439471, 2009.
@article{MeyerKhomenkoStrazny2009Unfolding,
author = {R. Meyer and V. Khomenko and T. Strazny},
title = {A Practical Approach to Verification of Mobile Systems Using Net Unfoldings},
journal = {Fundamenta Informaticae},
publisher = {IOS Press},
note = {Special Issue on Petri Nets 2008, invited version of the ATPN 2008 paper},
volume = {94},
number = {34},
pages = {439471},
year = {2009},
publists = {rmeyer},
keywords = {finite control processes, safe processes, $\pi$Calculus, mobile systems, model checking, Petri net unfoldings},
abstract = { We propose a technique for verification of mobile systems. We translate \emph{finite control processes,} which are a wellknown subset of \picalc, into Petri nets, which are subsequently used for model checking. This translation always yields bounded Petri nets with a small bound, and we develop a technique for computing a nontrivial bound by static analysis. Moreover, we introduce the notion of \emph{safe processes,} which are a subset of finite control processes, for which our translation yields safe Petri nets, and show that every finite control process can be translated into a safe one of at most quadratic size. This gives a possibility to translate every finite control process into a safe Petri net, for which efficient unfoldingbased verification is possible. Our experiments show that this approach has a significant advantage over other existing tools for verification of mobile systems in terms of memory consumption and runtime. We also demonstrate the applicability of our method on a realistic model of an automated manufacturing system.}
}

J. Faber, "Verification Architectures for Realtime Systems" in Proc. Proceedings of Formal Methods 2009 Doctoral Symposium, 2009, pp. 1419.
@inproceedings{Faber2009,
author = {J. Faber},
title = {Verification Architectures for Realtime Systems},
booktitle = {Proceedings of Formal Methods 2009 Doctoral Symposium},
year = {2009},
editor = {M. Mousavi and E. Sekerinski},
number = {0915},
series = {CSReport, Eindhoven University of Technology},
pages = {1419},
pdf = {http://csd.informatik.unioldenburg.de/~jfaber/dl/FM09_DS.pdf},
url = {http://alexandria.tue.nl/repository/books/654108.pdf },
institution = {Eindhoven University of Technology},
type = {CSReport}
}

A. Platzer, J. Quesel, und P. Rümmer, "Real World Verification" in Proc. Automated Deduction  CADE22, 22nd International Conference on Automated Deduction, McGill University, Montreal, Canada, August 2  7, 2009, Proceedings, 2009, pp. 485501.
@inproceedings{DBLP:conf/cade/PlatzerQR09,
author = {Andr{\'e} Platzer and JanDavid Quesel and Philipp R{\"u}mmer},
title = {Real World Verification},
booktitle = {Automated Deduction  CADE22, 22nd International Conference on Automated Deduction, McGill University, Montreal, Canada, August 2  7, 2009, Proceedings},
editor = {Renate A. Schmidt},
publisher = {Springer},
volume = {5663},
pages = {485501},
series = {LNCS},
year = {2009},
doi = {10.1007/9783642029592_35},
pdf = {http://symbolaris.com/pub/rwv.pdf},
note = {\url{http://dx.doi.org/10.1007/9783642029592_35}{(c) SpringerVerlag}},
abstract = {Scalable handling of real arithmetic is a crucial part of the verification of hybrid systems, mathematical algorithms, and mixed analog/digital circuits. Despite substantial advances in verification technology, complexity issues with classical decision procedures are still a major obstacle for formal verification of realworld applications, e.g., in automotive and avionic industries. To identify strengths and weaknesses, we examine state of the art symbolic techniques and implementations for the universal fragment of realclosed fields: approaches based on quantifier elimination, Gr{\"o}bner Bases, and semidefinite programming for the Positivstellensatz. Within a uniform context of the verification tool KeYmaera, we compare these approaches qualitatively and quantitatively on verification benchmarks from hybrid systems, textbook algorithms, and on geometric problems. Finally, we introduce a new decision procedure combining Gr{\"o}bner Bases and semidefinite programming for the real Nullstellensatz that outperforms the individual approaches on an interesting set of problems.}
}

A. Platzer und J. Quesel, "European Train Control System: A Case Study in Formal Verification" in Proc. Formal Methods and Software Engineering, 11th International Conference on Formal Engineering Methods, ICFEM 2009, Rio de Janeiro, December 912, 2009, Proceedings, Heidelberg, 2009, pp. 246265.
@inproceedings{conf/icfem/PlatzerQ09,
author = {Andr{\'e} Platzer and JanDavid Quesel},
title = {European Train Control System: A Case Study in Formal Verification},
booktitle = {Formal Methods and Software Engineering, 11th International Conference on Formal Engineering Methods, ICFEM 2009, Rio de Janeiro, December 912, 2009, Proceedings},
editor = {Ana Cavalcanti and Karin Breitman},
publisher = {Springer},
address = {Heidelberg},
series = {LNCS},
volume = {5885},
pages = {246265},
year = {2009},
doi = {10.1007/9783642103735_13},
pdf = {http://symbolaris.com/pub/etcs.pdf},
slides = {http://csd.informatik.unioldenburg.de/~jdq/slides/ETCSslides.pdf},
note = {\url{http://dx.doi.org/10.1007/9783642103735_13}{(c) SpringerVerlag}},
abstract = {Complex physical systems have several degrees of freedom. They only work correctly when their control parameters obey corresponding constraints. Based on the informal specification of the European Train Control System (ETCS), we design a controller for its cooperation protocol. For its free parameters, we successively identify constraints that are required to ensure collision freedom. We formally prove the parameter constraints to be sharp by characterizing them equivalently in terms of reachability properties of the hybrid system dynamics. Using our deductive verification tool KeYmaera, we formally verify controllability, safety, liveness, and reactivity properties of the ETCS protocol that entail collision freedom. We prove that the ETCS protocol remains correct even in the presence of perturbation by disturbances in the dynamics. Finally we verify that safety is preserved when a PI controller is used for speed supervision.}
}

A. Platzer, J. Quesel, und P. Rümmer, "Real World Verification" SFB/TR 14 AVACS, Reports of SFB/TR 14 AVACS 52, 2009.
@techreport{DBLP:conf/cade/PlatzerQR09:TR,
author = {Andr{\'e} Platzer and JanDavid Quesel and Philipp R{\"u}mmer},
title = {Real World Verification},
editor = {Bernd Becker and Werner Damm and Martin Fr{\"a}nzle and ErnstR{\"u}diger Olderog and Andreas Podelski and Reinhard Wilhelm},
institution = {SFB/TR 14 AVACS},
subproject = {H3},
year = {2009},
month = {June},
type = {Reports of SFB/TR 14 AVACS},
series = {ATR},
number = 52, note = {ISSN: 18609821, http://www.avacs.org.},
access = {open},
abstract = {Scalable handling of real arithmetic is a crucial part of the verification of hybrid systems, mathematical algorithms, and mixed analog/digital circuits. Despite substantial advances in verification technology, complexity issues with classical decision procedures are still a major obstacle for formal verification of realworld applications, e.g., in automotive and avionic industries. To identify strengths and weaknesses, we examine state of the art symbolic techniques and implementations for the universal fragment of realclosed fields: approaches based on quantifier elimination, Gr{\"o}bner Bases, and semidefinite programming for the Positivstellensatz. Within a uniform context of the verification tool KeYmaera, we compare these approaches qualitatively and quantitatively on verification benchmarks from hybrid systems, textbook algorithms, and on geometric problems. Finally, we introduce a new decision procedure combining Gr{\"o}bner Bases and semidefinite programming for the real Nullstellensatz that outperforms the individual approaches on an interesting set of problems.},
bibtex = {atr052.bib},
pdf = {http://www.avacs.org/Publikationen/Open/avacs_technical_report_052.pdf}
}

A. Platzer und J. Quesel, "European Train Control System: A Case Study in Formal Verification" SFB/TR 14 AVACS, Reports of SFB/TR 14 AVACS 54, 2009.
@techreport{conf/icfem/PlatzerQ09:TR,
author = {Andr{\'e} Platzer and JanDavid Quesel},
title = {European Train Control System: A Case Study in Formal Verification},
editor = {Bernd Becker and Werner Damm and Martin Fr{\"a}nzle and ErnstR{\"u}diger Olderog and Andreas Podelski and Reinhard Wilhelm},
institution = {SFB/TR 14 AVACS},
subproject = {H3},
year = {2009},
month = {Oct},
type = {Reports of SFB/TR 14 AVACS},
series = {ATR},
number = 54, note = {ISSN: 18609821, http://www.avacs.org.},
access = {open},
abstract = {Complex physical systems have several degrees of freedom. They only work correctly when their control parameters obey corresponding constraints. Based on the informal specification of the European Train Control System (ETCS), we design a controller for its cooperation protocol. For its free parameters, we successively identify constraints that are required to ensure collision freedom. We formally prove the parameter constraints to be sharp by characterizing them equivalently in terms of reachability properties of the hybrid system dynamics. Using our deductive verification tool KeYmaera, we formally verify controllability, safety, liveness, and reactivity properties of the ETCS protocol that entail collision freedom. We prove that the ETCS protocol remains correct even in the presence of perturbation by disturbances in the dynamics. Finally we verify that safety is preserved when a PI controller is used for speed supervision.},
bibtex = {atr054.bib},
pdf = {http://www.avacs.org/Publikationen/Open/avacs_technical_report_054.pdf}
}

E. R. Olderog und H. Dierks, RealTime Systems  Formal Specification and Automatic Verification  Errata: see below, Cambridge University Press, 2008.
@book{OD08,
author = {E.R. Olderog and H. Dierks},
title = {RealTime Systems  Formal Specification and Automatic Verification  Errata: see below},
publisher = {Cambridge University Press},
year = 2008, note = {ISBN 9780521883337. For more information see: \url{http://csd.informatik.unioldenburg.de/rtbook/}{http://csd.informatik.unioldenburg.de/rtbook/}},
url = {http://www.cambridge.org/de/academic/subjects/computerscience/distributednetworkedandmobilecomputing/realtimesystemsformalspecificationandautomaticverification}
}

M. Möller, E. R. Olderog, H. Rasch, und H. Wehrheim, "Integrating a Formal Method into a Software Engineering Process with UML and Java" Formal Apsects of Computing, vol. 20, pp. 161204, 2008.
@article{MORW08,
author = {M. M{\"o}ller and E.R. Olderog and H. Rasch and H. Wehrheim},
title = {Integrating a Formal Method into a Software Engineering Process with {UML} and {Java}},
journal = {Formal Apsects of Computing},
year = {2008},
volume = {20},
pages = {161204},
abstract = {We describe how CSPOZ, a formal method combining the process algebra CSP with the specification language ObjectZ, can be integrated into an objectoriented software engineering process employing the UML as a modelling and Java as an implementation language. The benefit of this integration lies in the rigour of the formal method, which improves the precision of the constructed models and opens up the possibility of (1) verifying properties of models in the early design phases, and (2) checking adherence of implementations to models. The envisaged application area of our approach is the design of distributed {\em reactive systems}. To this end, we propose a specific UML {\em profile} for reactive systems. The profile contains facilities for modelling components, their interfaces and interconnections via synchronous/broadcast communication, and the overall architecture of a system. The integration with the formal method proceeds by generating a significant part of the CSPOZ specification from the initially developed UML model. The formal specification is on the one hand the starting point for {\em verifying} properties of the model, for instance by using the FDR model checker. On the other hand, it is the basis for generating {\em contracts} for the final implementation. Contracts are written in the Java Modeling Language (JML) complemented by \CSPjassda{},
an assertion language for specifying orderings between method invocations. A set of tools for runtime checking can be used to supervise the adherence of the final Java implementation to the generated contracts.},
publists = {syspect}
}

A. Platzer, "DifferentialAlgebraic Dynamic Logic for DifferentialAlgebraic Programs" Journal of Logic and Computation, 2008.
@article{DBLP:journals/logcom/Platzer08,
author = {Andr{\'e} Platzer},
title = {DifferentialAlgebraic Dynamic Logic for DifferentialAlgebraic Programs},
journal = {Journal of Logic and Computation},
year = {2008},
note = {Accepted for publication},
doi = {10.1093/logcom/exn070},
pdf = {http://symbolaris.com/pub/DAL.pdf},
keywords = {dynamic logic, differential constraints, sequent calculus, verification of hybrid systems, differential induction, theorem proving},
abstract = { We generalise dynamic logic to a logic for differentialalgebraic programs, i.e., discrete programs augmented with firstorder differentialalgebraic formulas as continuous evolution constraints in addition to firstorder discrete jump formulas. These programs characterise interacting discrete and continuous dynamics of hybrid systems elegantly and uniformly. For our logic, we introduce a calculus over real arithmetic with discrete induction and a new \emph{differential induction} with which differentialalgebraic programs can be verified by exploiting their differential constraints algebraically without having to solve them. We develop the theory of differential induction and differential refinement and analyse their deductive power. As a case study, we present parametric tangential roundabout maneuvers in air traffic control and prove collision avoidance in our calculus.}
}

M. Johns, B. Engelmann, und J. Posegga, "XSSDS: ServerSide Detection of CrossSite Scripting Attacks" in Proc. ACSAC, 2008, pp. 335344.
@inproceedings{JEP08,
author = {Martin Johns and Bj{\"o}rn Engelmann and Joachim Posegga},
title = {XSSDS: ServerSide Detection of CrossSite Scripting Attacks},
booktitle = {ACSAC},
year = {2008},
pages = {335344},
abstract = {Crosssite Scripting (XSS) has emerged to one of the most prevalent type of security vulnerabilities. While the reason for the vulnerability primarily lies on the serverside, the actual exploitation is within the victim's web browser on the clientside. Therefore, an operator of a web application has only very limited evidence of XSS issues. In this paper, we propose a passive detection system to identify successful XSS attacks. Based on a prototypical implementation, we examine our approach's accuracy and verify its detection capabilities. We compiled a dataset of 500.000 individual HTTP request/responsepairs from 95 popular web applications for this, in combination with both real word and manually crafted XSSexploits; our detection approach results in a total of zero false negatives for all tests, while maintaining an excellent false positive rate for more than 80\% of the examined web applications.},
bibtex = {jep08.bib},
doi = {10.1109/ACSAC.2008.36},
pdf = {http://www.acsac.org/openconf2008/modules/request.php?module=oc_proceedings&action=view.php&a=Accept&id=104}
}

M. Swaminathan, M. Fränzle, und J. P. Katoen, "The Surprising Robustness of (Closed) Timed Automata against ClockDrift" in Proc. IFIP International Conference on Theoretical Computer Science (IFIP TCS), 2008, pp. 537553.
@inproceedings{SFK08,
author = {M. Swaminathan and M. Fr{\"a}nzle and J.P. Katoen},
title = {The Surprising Robustness of (Closed) Timed Automata against ClockDrift},
editor = {Giorgio Ausiello and Juhani Karhum{\"a}ki},
booktitle = {IFIP International Conference on Theoretical Computer Science (IFIP TCS) },
series = {International Federation for Information Processing},
volume = {273},
publisher = {Springer},
pages = {537553},
year = {2008},
url = {http://dx.doi.org/10.1007/9780387096803_36}
}

V. Khomenko und R. Meyer, "Checking $\pi$Calculus Structural Congruence is Graph Isomorphism Complete" School of Computing Science, Newcastle University, CSTR: 1100, 2008.
@techreport{KhomenkoMeyer2008ComplexityStructCong,
author = {V. Khomenko and R. Meyer},
title = {Checking $\pi$Calculus Structural Congruence is Graph Isomorphism Complete},
number = {CSTR: 1100},
institution = {School of Computing Science, Newcastle University},
year = {2008},
note = {20 pages},
url = {http://www.cs.ncl.ac.uk/publications/trs/abstract/1100},
publists = {rmeyer},
keywords = {structural congruence, graph isomorphism, $\pi$Calculus, computational complexity},
abstract = {We show that the problems of checking $\pi$Calculus structural congruence ($\pi$SC) and graph isomorphism (GI) are Karp reducible to each other. The reduction from GI to $\pi$SC is given explicitly, and the reduction in the opposite direction proceeds by transforming $\pi$SC into an instance of the term equality problem (i.e., the problem of deciding equivalence of two terms in the presence of associative and/or commutative operations and commutative variablebinding quantifiers), which is known to be Karp reducible to GI. Our result is robust in the sense that it holds for several variants of structural congruence and some rather restrictive fragments of $\pi$Calculus. Furthermore, we address the question of solving $\pi$SC in practice, and describe a number of optimisations exploiting specific features of $\pi$Calculus terms, which allow one to significantly reduce the size of the resulting graphs that have to be checked for isomorphism.}
}

R. Meyer, V. Khomenko, und T. Strazny, "A Practical Approach to Verification of Mobile Systems Using Net Unfoldings" School of Computing Science, Newcastle University, CSTR: 1064, 2008.
@techreport{MeyerKhomenkoStrazny2008UnfoldingTR,
author = {R. Meyer and V. Khomenko and T. Strazny},
title = {A Practical Approach to Verification of Mobile Systems Using Net Unfoldings},
institution = {School of Computing Science, Newcastle University},
month = {January},
year = {2008},
number = {CSTR: 1064},
note = {29 pages},
publists = {rmeyer},
keywords = {finite control processes, safe processes, $\pi$Calculus, mobile systems, model checking, Petri net unfoldings},
abstract = { In this paper we propose a technique for verification of mobile systems.We translate finite control processes, which are a wellknown subset of $\pi$Calculus, into Petri nets, which are subsequently used for model checking. This translation always yields bounded Petri nets with a small bound, and we develop a technique for computing a nontrivial bound by static analysis. Moreover, we introduce the notion of safe pro cesses, which are a subset of finite control processes, for which our translation yields safe Petri nets, and show that every finite control process can be translated into a safe one of at most quadratic size. This gives a possibility to translate every finite control process into a safe Petri net, for which efficient unfoldingbased verification is possible. Our experiments show that this approach has a significant advantage over other existing tools for verification of mobile systems in terms of memory consumption and runtime. }
}

R. Meyer, V. Khomenko, und T. Strazny, "A Practical Approach to Verification of Mobile Systems Using Net Unfoldings" in Proc. Proc. of the 29th International Conference on Application and Theory of Petri Nets and Other Models of Concurrency, ATPN 2008, 2008, pp. 327347.
@inproceedings{MeyerKhomenkoStrazny2008Unfolding,
author = {R. Meyer and V. Khomenko and T. Strazny},
title = {A Practical Approach to Verification of Mobile Systems Using Net Unfoldings},
booktitle = {Proc. of the 29th International Conference on Application and Theory of Petri Nets and Other Models of Concurrency, ATPN 2008},
series = {LNCS},
volume = {5062},
publisher = {SpringerVerlag},
pages = {327347},
year = {2008},
publists = {rmeyer},
keywords = {finite control processes, safe processes, $\pi$Calculus, mobile systems, model checking, Petri net unfoldings},
abstract = { In this paper we propose a technique for verification of mobile systems.We translate finite control processes, which are a wellknown subset of $\pi$Calculus, into Petri nets, which are subsequently used for model checking. This translation always yields bounded Petri nets with a small bound, and we develop a technique for computing a nontrivial bound by static analysis. Moreover, we introduce the notion of safe pro cesses, which are a subset of finite control processes, for which our translation yields safe Petri nets, and show that every finite control process can be translated into a safe one of at most quadratic size. This gives a possibility to translate every finite control process into a safe Petri net, for which efficient unfoldingbased verification is possible. Our experiments show that this approach has a significant advantage over other existing tools for verification of mobile systems in terms of memory consumption and runtime.}
}

A. Platzer und E. M. Clarke, "Computing Differential Invariants of Hybrid Systems as Fixedpoints" School of Computer Science, Carnegie Mellon University, Pittsburgh, PA, CMUCS08103, 2008.
@techreport{DBLP:conf/cav/PlatzerC08:TR,
author = {Andr{\'e} Platzer and Edmund M. Clarke},
title = {Computing Differential Invariants of Hybrid Systems as Fixedpoints},
number = {CMUCS08103},
year = {2008},
month = {},
institution = {School of Computer Science, Carnegie Mellon University},
address = {Pittsburgh, PA},
annote = {Long version of~\cite{PlatzerC08}},
keywords = {verification of hybrid systems, differential invariants, verification logic, fixedpoint engine},
abstract = { We introduce a fixedpoint algorithm for verifying safety properties of hybrid systems with differential equations that have righthand sides that are polynomials in the state variables. In order to verify nontrivial systems without solving their differential equations and without numerical errors, we use a continuous generalization of induction, for which our algorithm computes the required differential invariants. As a means for combining local differential invariants into global system invariants in a sound way, our fixedpoint algorithm works with a compositional verification logic for hybrid systems. To improve the verification power, we further introduce a saturation procedure that refines the system dynamics successively with differential invariants until safety becomes provable. By complementing our symbolic verification algorithm with a robust version of numerical falsification, we obtain a fast and sound verification procedure. We verify roundabout maneuvers in air traffic management and collision avoidance in train control.},
pdf = {http://reportsarchive.adm.cs.cmu.edu/anon/2008/CMUCS08103.pdf}
}

A. Platzer, "Differential Dynamic Logic for Hybrid Systems." Journal of Automated Reasoning, vol. 41, iss. 2, pp. 143189, 2008.
@article{DBLP:journals/jar/Platzer08,
author = {Andr{\'e} Platzer},
title = {Differential Dynamic Logic for Hybrid Systems.},
journal = {Journal of Automated Reasoning},
year = {2008},
volume = {41},
number = {2},
pages = {143189},
doi = {10.1007/s1081700891038},
pdf = {http://symbolaris.com/pub/freedL.pdf},
note = {\url{http://dx.doi.org/10.1007/s1081700891038}{(c) SpringerVerlag}},
keywords = {dynamic logic, differential equations, sequent calculus, axiomatisation, automated theorem proving, verification of hybrid systems},
abstract = { Hybrid systems are models for complex physical systems and are defined as dynamical systems with interacting discrete transitions and continuous evolutions along differential equations. With the goal of developing a theoretical and practical foundation for deductive verification of hybrid systems, we introduce a dynamic logic for hybrid programs, which is a program notation for hybrid systems. As a verification technique that is suitable for automation, we introduce a free variable proof calculus with a novel combination of realvalued free variables and Skolemisation for lifting quantifier elimination for real arithmetic to dynamic logic. The calculus is compositional, i.e., it reduces properties of hybrid programs to properties of their parts. Our main result proves that this calculus axiomatises the transition behaviour of hybrid systems completely relative to differential equations. In a case study with cooperating traffic agents of the European Train Control System, we further show that our calculus is wellsuited for verifying realistic hybrid systems with parametric system dynamics. }
}

A. Schäfer, "Beschreibung und Verifikation räumlicher und zeitlicher Eigenschaften mobiler Systeme" it  Information Technology, vol. 50, iss. 5, pp. 324326, 2008.
@article{schaefer2008,
author = {A. Sch\"afer},
title = {{Beschreibung und Verifikation r\"aumlicher und zeitlicher Eigenschaften mobiler Systeme}},
journal = {it  Information Technology},
year = {2008},
volume = {50},
pages = {324326},
number = {5},
doi = {DOI 10.1524/itit.2008.0503},
publists = {schaefer},
url = {http://csd.informatik.unioldenburg.de/pub/Papers/itti0805_324a.pdf},
note = {\url{http://itInformationTechnology.de}{http://itInformationTechnology.de}},
abstract = { This paper provides an overview over a formal method for the analysis of mobile realtime systems. Control systems for cars and trains as well as mobile robots are examples of such systems. We develop a spatiotemporal logic that is used to model both the systems and safety requirements. We investigate the theoretical foundations like decidability and axiomatisability and develop a prototype tool for the automatic verification based on these results. The application of this logic is exemplified with an industrial case study.}
}

R. Meyer, "On Boundedness in Depth in the $\pi$Calculus" in Proc. Proc. of the 5th IFIP International Conference on Theoretical Computer Science, IFIP TCS 2008, 2008.
@inproceedings{Meyer2008BoundedDepth,
author = {R. Meyer},
title = {On Boundedness in Depth in the $\pi$Calculus},
booktitle = {Proc. of the 5th IFIP International Conference on Theoretical Computer Science, IFIP TCS 2008},
series = {IFIP},
volume = {273},
publisher = {SpringerVerlag},
year = {2008},
pages = {},
note = {To appear},
publists = {rmeyer},
keywords = {$\pi$Calculus, structural congruence, wellstructured transition systems, termination},
abstract = { We investigate the class $P_{\mathit{BD}}$ of $\pi$Calculus processes that are bounded in the function depth. First, we show that boundedness in depth has an intuitive characterisation when we understand processes as graphs: a process is bounded in depth if and only if the length of the simple paths is bounded. The proof is based on a new normal form for the $\pi$Calculus called anchored fragments. Using this concept, we then show that processes of bounded depth have wellstructured transition systems (WSTS). As a consequence, the termination problem is decidable for this class of processes. The instantiation of the WSTS framework employs a new wellquasiordering for processes in $P_{\mathit{BD}}$.}
}

A. Platzer und J. Quesel, "Logical Verification and Systematic Parametric Analysis in Train Control." in Proc. Hybrid Systems: Computation and Control, 10th International Conference, HSCC 2008, St. Louis, USA, Proceedings, 2008, pp. 646649.
@inproceedings{DBLP:conf/hybrid/PlatzerQ08,
author = {Andr{\'e} Platzer and JanDavid Quesel},
title = {Logical Verification and Systematic Parametric Analysis in Train Control.},
year = {2008},
pages = {646649},
doi = {10.1007/9783540789291_55},
editor = {Magnus Egerstedt and Bud Mishra},
booktitle = {Hybrid Systems: Computation and Control, 10th International Conference, HSCC 2008, St. Louis, USA, Proceedings},
publisher = {Springer},
series = {LNCS},
volume = {4981},
isbn = {},
keywords = {parametric verification, logic for hybrid systems, symbolic decomposition},
abstract = { We formally verify hybrid safety properties of cooperation protocols in a fully parametric version of the European Train Control System (ETCS). We present a formal model using hybrid programs and verify correctness using our logicbased decomposition procedure. This procedure supports free parameters and parameter discovery, which is required to determine correct design choices for free parameters of ETCS.},
url = {http://symbolaris.com/pub/ETCSshort.pdf},
note = {\url{http://dx.doi.org/10.1007/9783540789291_55}{(c) SpringerVerlag}}
}

R. Meyer, J. Faber, J. Hoenicke, und A. Rybalchenko, "Model Checking Duration Calculus: A Practical Approach" Formal Aspects of Computing, vol. 20, iss. 45, pp. 481505, 2008.
@article{Meyer2008,
author = {R. Meyer and J. Faber and J. Hoenicke and A. Rybalchenko},
title = {Model Checking Duration Calculus: A Practical Approach},
journal = {Formal Aspects of Computing},
year = {2008},
publisher = {Springer London},
volume = {20},
pages = {481505},
number = {45},
month = jul, note = {{ISSN} 09345043 (Print) 1433299X (Online)},
abstract = {Model checking of realtime systems against Duration Calculus (DC) specifications requires the translation of DC formulae into automatabased semantics. The existing algorithms provide a limited DC coverage and do not support compositional verification. We propose a translation algorithm that advances the applicability of model checking tools to realistic applications. Our algorithm significantly extends the subset of DC that can be checked automatically. The central part of the algorithm is the automatic decomposition of DC specifications into subproperties that can be verified independently. The decomposition is based on a novel distributive law for DC. We implemented the algorithm in a tool chain for the automated verification of systems comprising data, communication, and realtime aspects. We applied the tool chain to verify safety properties in an industrial case study from the European Train Control System (ETCS).},
doi = {10.1007/s0016500800827},
issn = {09345043},
keywords = {Model checking, Verification, Duration Calculus, Timed automata, Realtime systems, European Train Control System, Case study},
url = {http://www.springerlink.com/content/81g876074077601g/fulltext.pdf},
publists = {rmeyer,pea,syspect}
}

A. Platzer und E. M. Clarke, "Computing Differential Invariants of Hybrid Systems as Fixedpoints" in Proc. ComputerAided Verification, CAV 2008, Princeton, USA, Proceedings, 2008, pp. 176189.
@inproceedings{DBLP:conf/cav/PlatzerC08,
author = {Andr{\'e} Platzer and Edmund M. Clarke},
title = {Computing Differential Invariants of Hybrid Systems as Fixedpoints},
year = {2008},
month = {},
editor = {Aarti Gupta and Sharad Malik},
booktitle = {ComputerAided Verification, CAV 2008, Princeton, USA, Proceedings},
publisher = {Springer},
series = {LNCS},
pages = {176189},
volume = {5123},
isbn = {},
doi = {10.1007/9783540705451_17},
keywords = {verification of hybrid systems, differential invariants, verification logic, fixedpoint engine},
abstract = { We introduce a fixedpoint algorithm for verifying safety properties of hybrid systems with differential equations whose righthand sides are polynomials in the state variables. In order to verify nontrivial systems without solving their differential equations and without numerical errors, we use a continuous generalization of induction, for which our algorithm computes the required differential invariants. As a means for combining local differential invariants into global system invariants in a sound way, our fixedpoint algorithm works with a compositional verification logic for hybrid systems. To improve the verification power, we further introduce a saturation procedure that refines the system dynamics successively with differential invariants until safety becomes provable. By complementing our symbolic verification algorithm with a robust version of numerical falsification, we obtain a fast and sound verification procedure. We verify roundabout maneuvers in air traffic management and collision avoidance in train control.},
pdf = {http://symbolaris.com/pub/fpdi.pdf},
note = {\url{http://dx.doi.org/10.1007/9783540705451_17}{(c) SpringerVerlag}}
}

E. R. Olderog, "Automatic Verification of Combined Specifications" in Proc. Proc. of the 1st Internat. Workshop on Harnessing Theories for Tool Support in Software (TTSS 2007), Macau, 2008, pp. 316.
@inproceedings{Old08,
author = {E.R. Olderog},
title = {Automatic Verification of Combined Specifications},
booktitle = {Proc. of the 1st Internat. Workshop on Harnessing Theories for Tool Support in Software (TTSS 2007), Macau},
year = {2008},
editor = {G. Pu and V. Stolz},
series = {ENTCS},
journal = {Electr. Notes Theor. Comput. Sci.},
issn = {15710661},
volume = {207},
number = {},
month = {April},
pages = {316},
ee = {http://dx.doi.org/10.1016/j.entcs.2008.03.082},
url = {},
keywords = {Realtime systems, complex data, CSP, ObjectZ, Duration Calculus, model checking, abstraction refinement, UML profile, tool support},
abstract = { This paper gives an overview of results of the project ``Beyond Timed Automata'' carried out in the Collaborative Research Center AVACS (Automatic Verification and Analysis of Complex Systems) of the Universities of Oldenburg, Freiburg, and Saarbr\"ucken. We discuss how properties of highlevel specifications of realtime systems combining the dimensions of process behaviour, data, and time can be automatically verified, exploiting recent advances in semantics, constraintbased model checking, and decision procedures for complex data. As specification language we consider CSOZDC, which integrates concepts from Communicating Sequential Processes (CSP), ObjectZ (OZ), and Duration Calculus (DC). Our approach to automatic verification of CSPOZDC rests on a compositional semantics of this languages in terms of PhaseEventAutomata. These can be translated into Transition Constraint Systems which serve as an input language of an abstract refinement model checker called ARMC which can handle constraints covering both realtime and infinite data. This is demonstrated by a case study concerning emergency messages in the European Train Control System (ETCS). For CSPOZDC we also discuss a UML profile and tool support. }
}

A. Platzer und J. Quesel, "KeYmaera: A Hybrid Theorem Prover for Hybrid Systems." in Proc. Automated Reasoning, Fourth International Joint Conference, IJCAR 2008, Sydney, Australia, Proceedings, 2008, pp. 171178.
@inproceedings{DBLP:conf/cade/PlatzerQ08,
author = {Andr{\'e} Platzer and JanDavid Quesel},
title = {{KeYmaera}: A Hybrid Theorem Prover for Hybrid Systems.},
booktitle = {Automated Reasoning, Fourth International Joint Conference, IJCAR 2008, Sydney, Australia, Proceedings},
year = {2008},
pages = {171178},
editor = {Alessandro Armando and Peter Baumgartner and Gilles Dowek},
publisher = {Springer},
series = {LNCS},
volume = {5195},
doi = {10.1007/9783540710707_15},
isbn = {10.1007/9783540710707_15},
issn = {03029743},
keywords = {dynamic logic, automated theorem proving, decision procedures, computer algebra, verification of hybrid systems},
abstract = { KeYmaera is a hybrid verification tool for hybrid systems that combines deductive, real algebraic, and computer algebraic prover technologies. It is an automated and interactive theorem prover for a natural specification and verification logic for hybrid systems. KeYmaera supports differential dynamic logic, which is a realvalued firstorder dynamic logic for hybrid programs, a program notation for hybrid automata. For automating the verification process, KeYmaera implements a generalized freevariable sequent calculus and automatic proof strategies that decompose the hybrid system specification symbolically. To overcome the complexity of real arithmetic, we integrate real quantifier elimination following an iterative background closure strategy. Our tool is particularly suitable for verifying parametric hybrid systems and has been used successfully for verifying collision avoidance in case studies from train control and air traffic management.},
note = {\url{http://dx.doi.org/10.1007/9783540710707_15}{(c) SpringerVerlag}},
url = {http://symbolaris.com/pub/KeYmaera.pdf},
slides = {http://csd.informatik.unioldenburg.de/~jdq/slides/keymaeraslides.pdf}
}

S. Fröschle, "The Insecurity Problem: tackling Unbounded Data" in Proc. IEEE Computer Security Foundations Symposium 2007, 2007.
@inproceedings{Froeschle:CSF07,
author = {Sibylle Fr{\"o}schle},
title = {The Insecurity Problem: tackling Unbounded Data},
booktitle = {IEEE Computer Security Foundations Symposium 2007},
year = {2007},
publisher = {IEEE Computer Society},
abstract = { In this paper we focus on tackling the insecurity problem of security protocols in the presence of an unbounded number of data such as nonces or session keys. First, we pinpoint four open problems in this category. The first two problems concern protocols with natural restrictions that any `realistic' protocol should satisfy while the second two concern protocols with disequality constraints. For protocols with disequality constraints we will prove: (1)~Insecurity is decidable in NEXPTIME when bounding the size of messages and not requiring data to be \emph{freshly} generated. (2)~Insecurity is NEXPTIMEcomplete when bounding the size of messages and the number of freshly generated data used in honest sessions. This shows that unbounded data can be tackled in settings which do not trivially reduce to the case of bounded data. The second result is in contrast with a recently published proof, which appears to prove the same problem undecidable. We will point out why this proof cannot be considered to be valid. },
publists = {froeschle}
}

R. Meyer, "A Petri Net Semantics for $\pi$Calculus Verification" in Proc. Dagstuhl ''zehn plus eins'', 2007, pp. 7677.
@inproceedings{Meyer2007Dagstuhl,
author = {R. Meyer},
title = {{A Petri Net Semantics for $\pi$Calculus Verification}},
booktitle = {Dagstuhl ''zehn plus eins''},
pages = {7677},
year = {2007},
publisher = {Verlagshaus Mainz GmbH Aachen},
publists = {rmeyer}
}

S. Fröschle und S. l, "Causality versus trueconcurrency" Theoretical Computer Science, vol. 386, iss. 3, pp. 169187, 2007.
@article{FrLa:TCS07,
author = {Sibylle Fr{\"o}schle and S{\l}awomir Lasota},
title = {Causality versus trueconcurrency},
journal = {Theoretical Computer Science},
year = {2007},
volume = {386},
number = {3},
pages = {169187},
publists = {froeschle}
}

B. Becker, A. Podelski, W. Damm, M. Fränzle, E. R. Olderog, und R. Wilhelm, "SFB/TR 14 AVACS  Automatic Verification and Analysis of Complex Systems" it  Information Technology, vol. 49, iss. 2, pp. 118126, 2007.
@article{AVACS07,
author = {B. Becker and A. Podelski and W. Damm and M. Fr{\"a}nzle and E.R. Olderog and R. Wilhelm},
title = {{SFB/TR 14 AVACS  Automatic Verification and Analysis of Complex Systems}},
journal = {it  Information Technology},
publisher = {Oldenbourg},
year = {2007},
number = {2},
volume = {49},
pages = {118126},
note = {See also \url{http://www.avacs.org}{http://www.avacs.org}}
}

A. Schäfer, "Axiomatisation and Decidability of MultiDimensional Duration Calculus" TIME'05 special issue of Information and Computation, vol. 205, iss. 1, 2007.
@article{schaefer07,
author = {A. Sch\"afer},
title = {Axiomatisation and Decidability of MultiDimensional Duration Calculus},
journal = {TIME'05 special issue of Information and Computation},
year = {2007},
volume = {205},
number = {1},
note = {DOI \url{http://dx.doi.org/10.1016/j.ic.2006.08.005}{10.1016/j.ic.2006.08.005} },
publists = {schaefer},
abstract = { The Shape Calculus is a spatiotemporal logic based on an $n$dimensional Duration Calculus tailored for the specification and verification of mobile realtime systems. After showing nonaxiomatisability, we give a complete embedding in $n$dimensional interval temporal logic and present two different decidable subsets, which are important for tool support and practical use. }
}

D. Basin, E. R. Olderog, und P. E. Sevinç, "Specifying and analyzing security automata using CSPOZ" in Proc. Proceedings of the 2007 ACM Symposium on Information, Computer and Communications Security (ASIACCS 2007), 2007, pp. 7081.
@inproceedings{BSO07,
author = {D. Basin and E.R. Olderog and P.E. Sevin\c{c}},
title = {Specifying and analyzing security automata using {CSPOZ}},
booktitle = {Proceedings of the 2007 ACM Symposium on Information, Computer and Communications Security (ASIACCS 2007)},
pages = {7081},
year = 2007, month = {March},
publisher = {ACM Press},
location = {Singapore},
abstract = { Security automata are a variant of B\"uchi automata used to specify security policies that can be enforced by monitoring system execution. In this paper, we propose using CSPOZ, a specification language combining Communicating Sequential Processes (CSP) and ObjectZ (OZ), to specify security automata, formalize their combination with target systems, and analyze the security of the resulting system specifications. We provide theoretical results relating CSPOZ specifications and security automata and show how refinement can be used to reason about specifications of security automata and their combination with target systems. Through a case study, we provide evidence for the practical usefulness of this approach. This includes the ability to specify concisely complex operations and complex control, support for structured specifications, refinement, and transformational design, as well as automated, toolsupported analysis. }
}

A. Schäfer, "PhD Abstract: Specification and Verification of Mobile RealTime Systems" Bulletin of the EATCS, vol. 92, pp. 193195, 2007.
@article{sch07b,
author = {A. Sch\"afer},
title = {{PhD Abstract: Specification and Verification of Mobile RealTime Systems}},
editor = {V. Sassone},
year = {2007},
pages = {193195},
publisher = {EATCS},
journal = {Bulletin of the EATCS},
volume = {92},
publists = {schaefer},
url = {http://csd.informatik.unioldenburg.de/pub/Papers/as07b.pdf}
}

A. Schäfer, "Spezifikation und Verifikation mobiler Realzeitsysteme" in Proc. Ausgezeichnete Informatikdissertationen 2007, 2007, pp. 169177.
@inproceedings{sch07a,
author = {A. Sch\"afer},
title = {{Spezifikation und Verifikation mobiler Realzeitsysteme}},
booktitle = {{Ausgezeichnete Informatikdissertationen 2007}},
editor = {D. Wagner},
year = {2007},
pages = {169177},
series = {GIEditionLecture Notes in Informatics (LNI)},
publisher = {Gesellschaft f\"ur Informatik},
publists = {schaefer},
url = {http://csd.informatik.unioldenburg.de/pub/Papers/as07a.pdf}
}

A. Platzer, "A Temporal Dynamic Logic for Verifying Hybrid System Invariants." , Reports of SFB/TR 14 AVACS 12, 2007.
@techreport{DBLP:conf/lfcs/Platzer07:TR,
author = {Andr{\'e} Platzer},
title = {A Temporal Dynamic Logic for Verifying Hybrid System Invariants.},
number = {12},
year = {2007},
month = {February},
editor = {B. Becker and W. Damm and M. Fr{\"a}nzle and E.R. Olderog and A. Podelski and R. Wilhelm},
optinstitution = {{SFB/TR~14 AVACS}},
type = {Reports of SFB/TR 14 AVACS},
series = {ATR},
note = {ISSN: 18609821, http://www.avacs.org.},
url = {http://www.avacs.org/Publikationen/Open/avacs_technical_report_012.pdf},
annote = {Long version of~\cite{DBLP:conf/lfcs/Platzer07}}
}

J. Faber, S. Jacobs, und V. SofronieStokkermans, "Verifying CSPOZDC Specifications with Complex Data Types and Timing Parameters" in Proc. Integrated Formal Methods, 2007, pp. 233252.
@inproceedings{FJSS07,
author = {J. Faber and S. Jacobs and V. SofronieStokkermans},
title = {Verifying {CSPOZDC} Specifications with Complex Data Types and Timing Parameters},
booktitle = {Integrated Formal Methods},
year = {2007},
editor = {J. Davies and J. Gibbons},
volume = {4591},
series = {Lecture Notes in Computer Science},
pages = {233252},
publisher = {SpringerVerlag},
month = jul, publists = {pea},
abstract = {We extend existing verification methods for CSPOZDC to reason about realtime systems with complex data types and timing parameters. We show that important properties of systems can be encoded in wellbehaved logical theories in which hierarchical reasoning is possible. Thus, testing invariants and bounded model checking can be reduced to checking satisfiability of ground formulae over a simple base theory. We illustrate the ideas by means of a simplified version of a case study from the European Train Control System standard.},
url = {http://csd.informatik.unioldenburg.de/~jfaber/dl/FaberJacobsSofronie.pdf}
}

J. Faber und I. Stierand, "From HighLevel Verification to RealTime Scheduling: A PropertyPreserving Integration" SFB/TR 14 AVACS, Reports of SFB/TR 14 AVACS 19, 2007.
@techreport{atr19,
author = {J. Faber and I. Stierand},
title = {From HighLevel Verification to RealTime Scheduling: A PropertyPreserving Integration},
editor = {B. Becker and W. Damm and M. Fr{\"a}nzle and E.R. Olderog and A. Podelski and R. Wilhelm},
institution = {SFB/TR 14 AVACS},
subproject = {R1,R2},
year = {2007},
month = {June},
type = {Reports of SFB/TR 14 AVACS},
series = {ATR},
number = 19, note = {{ISSN} 18609821, \url{http://www.avacs.org}{http://www.avacs.org}.},
abstract = { In the design process of realtime systems, formal verification establishes global properties of highlevel specifications while realtime scheduling analysis ensures that concrete realisations meet essential timing properties with respect to a given target platform. But a formal link between these phases is missing. It is unclear (1) whether timing assumptions that are required to verify properties of highlevel specifications can actually be realised on a target platform and (2) whether verified properties remain valid for a schedulable task network. Our approach bridges this gap by guaranteeing that properties verified on specification level are preserved on the implementation level, and vice versa, schedulability results can be propagated back to the specification. To this end, we provide a propertypreserving translation from a subclass of the highlevel realtime language CSPOZDC into Cyclic Timed Automata, a Timed Automata based task network formalism. We apply our method to a case study from the European Train Control System standard. },
url = {http://csd.informatik.unioldenburg.de/~jfaber/dl/FaberStierand2007.pdf}
}

A. Platzer und E. M. Clarke, "The Image Computation Problem in Hybrid Systems Model Checking." in Proc. Hybrid Systems: Computation and Control, 10th International Conference, HSCC 2007, Pisa, Italy, Proceedings, 2007, pp. 473486.
@inproceedings{DBLP:conf/hybrid/PlatzerC07,
author = {Andr{\'e} Platzer and Edmund M. Clarke},
title = {The Image Computation Problem in Hybrid Systems Model Checking.},
year = {2007},
doi = {10.1007/9783540714934_37},
editor = {A. Bemporad and A. Bicchi and G. Buttazzo},
booktitle = {Hybrid Systems: Computation and Control, 10th International Conference, HSCC 2007, Pisa, Italy, Proceedings},
publisher = {SpringerVerlag},
series = {LNCS},
pages = {473486},
volume = {4416},
keywords = {model checking, hybrid systems, image computation},
note = {\url{http://dx.doi.org/10.1007/9783540714934_37}{(c) SpringerVerlag}},
url = {http://symbolaris.com/pub/happroximation.pdf},
abstract = { In this paper, we analyze limits of approximation techniques for (nonlinear) continuous image computation in model checking hybrid systems. In particular, we show that even a single step of continuous image computation is not semidecidable numerically even for a very restricted class of functions. Moreover, we show that symbolic insight about derivative bounds provides sufficient additional information for approximation refinement model checking. Finally, we prove that purely numerical algorithms can perform continuous image computation with arbitrarily high probability. Using these results, we analyze the prerequisites for a safe operation of the roundabout maneuver in air traffic collision avoidance. }
}

A. Platzer, "A Temporal Dynamic Logic for Verifying Hybrid System Invariants." in Proc. Logical Foundations of Computer Science, International Symposium, LFCS 2007, New York, USA, Proceedings, 2007, pp. 457471.
@inproceedings{DBLP:conf/lfcs/Platzer07,
author = {Andr{\'e} Platzer},
title = {A Temporal Dynamic Logic for Verifying Hybrid System Invariants.},
editor = {S. Artemov and A. Nerode},
doi = {10.1007/9783540727347_32},
booktitle = {Logical Foundations of Computer Science, International Symposium, LFCS 2007, New York, USA, Proceedings},
publisher = {Springer},
series = {LNCS},
year = {2007},
pages = {457471},
volume = {4514},
note = {\url{http://dx.doi.org/10.1007/9783540727347_32}{(c) SpringerVerlag}},
url = {http://symbolaris.com/pub/dTL.pdf},
keywords = {dynamic logic, sequent calculus, logic for hybrid systems, temporal logic, deductive verification of embedded systems},
abstract = { We combine firstorder dynamic logic for reasoning about possible behaviour of hybrid systems with temporal logic for reasoning about the temporal behaviour during their operation. Our logic supports verification of hybrid programs with firstorder definable flows and provides a uniform treatment of discrete and continuous evolution. For our combined logic, we generalise the semantics of dynamic modalities to refer to hybrid traces instead of final states. Further, we prove that this gives a conservative extension of dynamic logic. On this basis, we provide a modular verification calculus that reduces correctness of temporal behaviour of hybrid systems to nontemporal reasoning. Using this calculus, we analyse safety invariants in a train control system and symbolically synthesise parametric safety constraints. }
}

A. Platzer, "Combining Deduction and Algebraic Constraints for Hybrid System Analysis." in Proc. 4th International Verification Workshop, VERIFY'07, Workshop at Conference on Automated Deduction (CADE), Bremen, Germany, 2007, pp. 164178.
@inproceedings{DBLP:conf/verify/Platzer07,
author = {Andr{\'e} Platzer},
title = {Combining Deduction and Algebraic Constraints for Hybrid System Analysis.},
booktitle = {4th International Verification Workshop, VERIFY'07, Workshop at Conference on Automated Deduction (CADE), Bremen, Germany},
year = {2007},
pages = {164178},
editor = {Bernhard Beckert},
volume = {259},
publisher = {CEURWS.org},
series = {},
note = {\url{http://ceurws.org/Vol259}{CEUR Workshop Proceedings}},
issn = {16130073},
keywords = {modular prover combination, analytic tableaux, verification of hybrid systems, dynamic logic},
abstract = { We show how theorem proving and methods for handling real algebraic constraints can be combined for hybrid system verification. In particular, we highlight the interaction of deductive and algebraic reasoning that is used for handling the joint discrete and continuous behaviour of hybrid systems. We illustrate proof tasks that occur when verifying scenarios with cooperative traffic agents. From the experience with these examples, we analyse proof strategies for dealing with the practical challenges for integrated algebraic and deductive verification of hybrid systems, and we propose an iterative background closure strategy.},
url = {http://symbolaris.com/pub/cdachsa.pdf}
}

S. Kemper und A. Platzer, "SATbased Abstraction Refinement for Realtime Systems" in Proc. Formal Aspects of Component Software, Third International Workshop, FACS 2006, Prague, Czech Republic, Proceedings, 2007, pp. 107122.
@inproceedings{DBLP:journals/entcs/KemperP07,
author = {Stephanie Kemper and Andr{\'e} Platzer},
title = {SATbased Abstraction Refinement for Realtime Systems},
booktitle = {Formal Aspects of Component Software, Third International Workshop, FACS 2006, Prague, Czech Republic, Proceedings},
year = {2007},
editor = {Frank S. de Boer and Vladimir Mencl},
journal = {Electr. Notes Theor. Comput. Sci.},
volume = {182},
series = {ENTCS},
issn = {15710661},
pages = {107122},
doi = {10.1016/j.entcs.2006.09.034},
url = {http://symbolaris.com/pub/SAAtRe.pdf},
keywords = {abstraction refinement, model checking, realtime systems, SAT, Craig interpolation},
abstract = { In this paper, we present an abstraction refinement approach for model checking safety properties of realtime systems using SATsolving. With a faithful embedding of bounded model checking for systems of timed automata into propositional logic and linear arithmetic, we achieve both, quick abstraction techniques and a linearsize representation of parallel composition. In this logical setting, we introduce an abstraction that works uniformly for clocks, events, and states. When necessary, abstractions are refined by analysing spurious counterexamples using a promising extension of counterexampleguided abstraction refinement with syntactic information about Craig interpolants. To support generalisations, our overall approach identifies the algebraic and logical principles required for logicbased abstraction refinement. }
}

W. Damm, A. Mikschl, J. Oehlerking, E. Olderog, J. Pang, A. Platzer, M. Segelken, und B. Wirtz, "Automating Verification of Cooperation, Control, and Design in Traffic Applications." in Proc. Formal Methods and Hybrid RealTime Systems, 2007, pp. 115169.
@inproceedings{DammMOOPPSW07,
author = {Werner Damm and Alfred Mikschl and Jens Oehlerking and ErnstR{\"u}diger Olderog and Jun Pang and Andr{\'e} Platzer and Marc Segelken and Boris Wirtz},
title = {Automating Verification of Cooperation, Control, and Design in Traffic Applications.},
year = {2007},
pages = {115169},
editor = {Cliff Jones and Zhiming Liu and Jim Woodcock},
booktitle = {Formal Methods and Hybrid RealTime Systems},
publisher = {SpringerVerlag},
series = {LNCS},
volume = {4700},
doi = {10.1007/9783540752219_6},
issn = {},
keywords = {},
abstract = { We present a verification methodology for cooperating traffic agents covering analysis of cooperation strategies, realization of strategies through control, and implementation of control. For each layer, we provide dedicated approaches to formal verification of safety and stability properties of the design. The range of employed verification techniques invoked to span this verification space includes application of preverified design patterns, automatic synthesis of Lyapunov functions, constraint generation for parameterized designs, modelchecking in rich theories, and abstraction refinement. We illustrate this approach with a variant of the European Train Control System (ETCS), employing layer specific verification techniques to layer specific views of an ETCS design.},
note = {\url{http://dx.doi.org/10.1007/9783540752219_6}{(c) SpringerVerlag}}
}

I. Brückner, K. Dräger, B. Finkbeiner, und H. Wehrheim, "Slicing Abstractions" in Proc. FSEN 2007: IPM International Symposium on Fundamentals of Software Engineering, 2007, pp. 1732.
@inproceedings{BDFW07,
author = {I. Br\"uckner and K. Dr\"ager and B. Finkbeiner and H. Wehrheim},
title = {{Slicing Abstractions}},
booktitle = {FSEN 2007: IPM International Symposium on Fundamentals of Software Engineering},
series = {Lecture Notes in Computer Science},
volume = {4767},
publisher = {Springer},
issn = {},
isbn = {9783540756972},
editor = {F. Arbab and M. Sirjani},
pages = {1732},
month = {April},
year = {2007},
abstract = { Abstraction and slicing are both techniques for reducing the size of the state space to be inspected during verification. In this paper, we present a new model checking procedure for infinitestate concurrent systems that interleaves automatic abstraction refinement, which splits states according to new predicates obtained by Craig interpolation, with slicing, which removes irrelevant states and transitions from the abstraction. The effects of abstraction and slicing complement each other. As the refinement progresses, the increasing accuracy of the abstract model allows for a more precise slice; the resulting smaller representation gives room for additional predicates in the abstraction. The procedure terminates when an error path in the abstraction can be concretized, which proves that the system is erroneous, or when the slice becomes empty, which proves that the system is correct. },
publists = {brueckner,wehrheim},
url = {http://csd.informatik.unioldenburg.de/pub/Papers/ib07fsen.pdf}
}

A. Platzer, "Differential Logic for Reasoning about Hybrid Systems." in Proc. Hybrid Systems: Computation and Control, 10th International Conference, HSCC 2007, Pisa, Italy, Proceedings, 2007, pp. 746749.
@inproceedings{DBLP:conf/hybrid/Platzer07,
author = {Andr{\'e} Platzer},
title = {Differential Logic for Reasoning about Hybrid Systems.},
year = {2007},
optee = {},
editor = {A. Bemporad and A. Bicchi and G. Buttazzo},
booktitle = {Hybrid Systems: Computation and Control, 10th International Conference, HSCC 2007, Pisa, Italy, Proceedings},
publisher = {SpringerVerlag},
series = {LNCS},
pages = {746749},
doi = {10.1007/9783540714934_75},
volume = {4416},
note = {\url{http://dx.doi.org/10.1007/9783540714934_75}{(c) SpringerVerlag}},
url = {http://symbolaris.com/pub/dLshort.pdf},
keywords = {dynamic logic, hybrid systems, parametric verification},
abstract = { We propose a firstorder dynamic logic for reasoning about hybrid systems. As a uniform model for discrete and continuous evolutions in hybrid systems, we introduce hybrid programs with differential actions. Our logic can be used to specify and verify correctness statements about hybrid programs, which are suitable for symbolic processing by calculus rules. Using firstorder variables, our logic supports systems with symbolic parameters. With dynamic modalities, it is prepared to handle multiple system components. }
}

A. Platzer, "Differential Dynamic Logic for Verifying Parametric Hybrid Systems." in Proc. Automated Reasoning with Analytic Tableaux and Related Methods, International Conference, TABLEAUX 2007, Aix en Provence, France, July 36, 2007, Proceedings, 2007, pp. 216232.
@inproceedings{DBLP:conf/tableaux/Platzer07,
author = {Andr{\'e} Platzer},
title = {Differential Dynamic Logic for Verifying Parametric Hybrid Systems.},
pages = {216232},
doi = {10.1007/9783540730996_17},
keywords = {dynamic logic, sequent calculus, verification of parametric hybrid systems, quantifier elimination},
abstract = { We introduce a firstorder dynamic logic for reasoning about systems with discrete and continuous state transitions, and we present a sequent calculus for this logic. As a uniform model, our logic supports hybrid programs with discrete and differential actions. For handling real arithmetic during proofs, we lift quantifier elimination to dynamic logic. To obtain a modular combination, we use side deductions for verifying interacting dynamics. With this, our logic supports deductive verification of hybrid systems with symbolic parameters and firstorder definable flows. Using our calculus, we prove a parametric inductive safety constraint for speed supervision in a train control system.},
booktitle = {Automated Reasoning with Analytic Tableaux and Related Methods, International Conference, TABLEAUX 2007, Aix en Provence, France, July 36, 2007, Proceedings},
year = {2007},
editor = {Nicola Olivetti},
volume = {4548},
series = {LNCS},
publisher = {SpringerVerlag},
isbn = {},
note = {\url{http://dx.doi.org/10.1007/9783540730996_17}{(c) SpringerVerlag}},
url = {http://symbolaris.com/pub/dL.pdf}
}

I. Brückner, "Slicing Concurrent RealTime System Specifications for Verification" in Proc. Integrated Formal Methods, 2007, pp. 5474.
@inproceedings{ib07ifm,
author = {I. Br{\"u}ckner},
title = {{Slicing Concurrent RealTime System Specifications for Verification}},
booktitle = {Integrated Formal Methods},
series = {Lecture Notes in Computer Science},
volume = {4591},
publisher = {SpringerVerlag},
issn = {03029743},
isbn = {9783540732099},
editor = {J. Davies and J. Gibbons},
pages = {5474},
month = jul, year = {2007},
abstract = { The highlevel specification language CSPOZDC has been shown to be wellsuited for modelling and analysing industrially relevant concurrent realtime systems. It allows to model each of the most important functional aspects such as control flow, data, and realtime requirements in adequate notations, maintaining a common semantical foundation for subsequent verification. Slicing on the other hand has become an established technique to complement the fight against state space explosion during verification which inherently accompanies increasing system complexity. In this paper, we exploit the special structure of CSPOZDC specifications by extending the dependence graphwhich usually serves as a basis for slicingwith several new types of dependencies, including timing dependencies derived from the specification's DC part. Based on this we show how to compute a specification slice and prove correctness of our approach. },
publists = {brueckner},
url = {http://csd.informatik.unioldenburg.de/pub/Papers/ib07ifm.pdf}
}

A. Platzer, "Towards a Hybrid Dynamic Logic for Hybrid Dynamic Systems" in Proc. Proc., LICS International Workshop on Hybrid Logic, HyLo 2006, Seattle, USA, 2007, pp. 6377.
@inproceedings{DBLP:journals/entcs/Platzer07,
author = {Andr{\'e} Platzer},
title = {Towards a Hybrid Dynamic Logic for Hybrid Dynamic Systems},
booktitle = {Proc., LICS International Workshop on Hybrid Logic, HyLo 2006, Seattle, USA},
year = {2007},
editor = {Patrick Blackburn and Thomas Bolander and Torben Bra\"{u}ner and Valeria de Paiva and J{\o}rgen Villadsen},
series = {ENTCS},
journal = {Electr. Notes Theor. Comput. Sci.},
issn = {15710661},
volume = {174},
number = {6},
month = {Jun},
pages = {6377},
doi = {10.1016/j.entcs.2006.11.026},
url = {http://symbolaris.com/pub/hdL.pdf},
keywords = {hybrid logic, dynamic logic, sequent calculus, compositional verification, realtime hybrid dynamic systems},
abstract = { We introduce a hybrid variant of a dynamic logic with continuous state transitions along differential equations, and we present a sequent calculus for this extended hybrid dynamic logic. With the addition of satisfaction operators, this hybrid logic provides improved system introspection by referring to properties of states during system evolution. In addition to this, our calculus introduces statebased reasoning as a paradigm for delaying expansion of transitions using nominals as symbolic state labels. With these extensions, our hybrid dynamic logic advances the capabilities for compositional reasoning about (semialgebraic) hybrid dynamic systems. Moreover, the constructive reasoning support for goaloriented analytic verification of hybrid dynamic systems carries over from the base calculus to our extended calculus. }
}

E. R. Olderog und B. Steffen, "Formale Semantik und Programmverifikation" in Proc. InformatikHandbuch, 4. Auflage, 2006, pp. 145166.
@inproceedings{erobs06,
author = {E.R. Olderog and B. Steffen},
title = {{F}ormale {S}emantik und {P}rogrammverifikation},
booktitle = {InformatikHandbuch, 4. Auflage},
editor = {P. Rechenberg and G. Pomberger},
year = 2006, publisher = {Hanser Verlag},
pages = {145166}
}

R. Meyer, "Model Checking the $\pi$Calculus" in Proc. Proceedings of the International Research Training Groups Workshop, 2006, p. 15.
@inproceedings{Meyer2006Dagstuhl,
author = {R. Meyer},
title = {Model Checking the $\pi$Calculus},
booktitle = {Proceedings of the International Research Training Groups Workshop},
pages = {15},
year = {2006},
volume = {3},
series = {Trustworthy Software Systems},
publisher = {GITO},
publists = {rmeyer}
}

J. D. Quesel und A. Schäfer, "SpatioTemporal Model Checking for Mobile RealTime Systems" in Proc. 3rd International Colloquium on Theoretical Aspects of Computing, ICTAC, 2006, pp. 347361.
@inproceedings{QS06,
author = {J.D. Quesel and A. Sch\"afer},
title = {SpatioTemporal Model Checking for Mobile RealTime Systems},
booktitle = {3rd International Colloquium on Theoretical Aspects of Computing, ICTAC},
year = {2006},
editor = {K. Barkaoui and A. Cavalcanti and A. Cerone},
series = {LNCS},
pages = {347361},
publists = {schaefer,quesel},
abstract = { This paper presents an automatic verification method for combined temporal and spatial properties of mobile realtime systems. To this end, we provide a translation of the Shape Calculus (SC), a spatiotemporal extension of Duration Calculus, into weak second order logic of one successor (WS1S). A prototypical implementation facilitates successful verification of spatiotemporal properties by translating SC specifications into the syntax of the WS1S checker MONA. For demonstrating the formalism and tool usage, we apply it to the benchmark case study ``generalised railroad crossing'' (GRC) enriched by requirements inexpressible in nonspatial formalisms. }
}

W. Damm, H. Hungar, und E. R. Olderog, "Verification of cooperating traffic agents" International Journal of Control, vol. 79, iss. 5, pp. 395421, 2006.
@article{DHO06,
author = {W. Damm and H. Hungar and E.R. Olderog},
title = {Verification of cooperating traffic agents},
journal = {International Journal of Control},
year = {2006},
optkey = {},
volume = {79},
number = {5},
month = {May},
pages = {395421},
abstract = { This paper exploits design patterns employed in coordinating autonomous transport vehicles so as to ease the burden in verifying cooperating hybrid systems. The presented verification methodology is equally applicable for avionics applications (such as TCAS, the Traffic Alert and Collision Avoidance System), train applications (such as ETCS, the European Train Control System), or automotive applications (such as platooning). We present a verification rule explicating the essence of employed design patters, guaranteeing global safety properties of the kind ``a collision will never occur'', and whose premises can either be established by offline analysis of the worstcase behavior of the involved traffic agents, or by purely local proofs, involving only a single traffic agent. A companion paper will show how such local proof obligations can be discharged automatically. }
}

R. Meyer, "Model Checking Using Testing" in Dependability Engineering, Hasselbring, W. und Giesecke, S., Eds., GITO, 2006, vol. 2, pp. 147171.
@incollection{Meyer2006,
author = {R. Meyer},
title = {Model Checking Using Testing},
booktitle = {Dependability Engineering},
pages = {147171},
publisher = {GITO},
year = {2006},
editor = {W. Hasselbring and S. Giesecke},
volume = {2},
series = {Trustworthy Software Systems},
publists = {rmeyer}
}

J. Faber und R. Meyer, "Model Checking DataDependent RealTime Properties of the European Train Control System" in Proc. Formal Methods in Computer Aided Design, 2006. FMCAD '06, 2006, pp. 7677.
@inproceedings{FR06,
author = {J. Faber and R. Meyer},
title = {Model Checking DataDependent RealTime Properties of the European Train Control System},
booktitle = {Formal Methods in Computer Aided Design, 2006. FMCAD '06},
year = {2006},
month = nov, pages = {7677},
publisher = {IEEE Computer Society Press},
note = {This publication is available free of charge at \url{http://doi.ieeecomputersociety.org/10.1109/FMCAD.2006.21} {IEEE Digital Library}},
publists = {rmeyer},
abstract = { The behavior of embedded hardware and software systems is determined by at least three dimensions: control flow, data aspects, and realtime requirements. To specify the different dimensions of a system with the bestsuited techniques, the formal language CSPOZDC integrates Communicating Sequential Processes (CSP), ObjectZ (OZ), and Duration Calculus (DC) into a declarative formalism equipped with a unified and compositional semantics. In this paper, we provide evidence that CSPOZDC is a convenient language for modeling systems of industrial relevance. To this end, we examine the emergency message handling in the European Train Control System (ETCS) as a case study with uninterpreted constants and infinite data domains. We automatically verify that our model ensures realtime safety properties, which crucially depend on the system?s data handling. }
}

T. Strazny und C. Stehno, "Ein Simulator für mehrfach erweiterte höhere Petrinetze" in Proc. 19. Symposium Simulationstechnik (ASIM 2006), 2006, pp. 171176.
@inproceedings{SS06,
author = {Tim Strazny and Christian Stehno},
title = {{E}in {S}imulator {f}\"{u}r {m}ehrfach {e}rweiterte {h}\"{o}here {P}etrinetze},
booktitle = {19. Symposium Simulationstechnik (ASIM 2006)},
editor = {Matthias Becker and Helena Szczerbicka},
year = {2006},
month = sep, pages = {171176},
publisher = {SCS Publishing House e.V.},
publists = {strazny},
abstract = {Petrinetze mit ihrer eindeutigen Semantik und dem zugrunde liegenden mathematischen Modell bew\"{a}hren sich vermehrt bei Entwurf, Analyse und Steuerung komplexer, asynchroner und verteilter Systeme. Insbesondere zeitbehaftete stochastische gef\"{a}rbte Petrinetze bieten M\"{o}glichkeiten komplizierte Sachverhalte strukturiert und kompakt auszudr\"{u}cken, jedoch ist die Simulation solcher h\"{o}heren Petrinetze um ein Vielfaches aufw\"{a}ndiger. Mit Geschwindigkeit und Vielf\"{a}ltigkeit als Hauptziel wurde mit PUMLaut/Sim ein Simulator f\"{u}r solche mehrfach erweiterten Petrinetze entwickelt.}
}

I. Brückner, B. Metzler, und H. Wehrheim, "Optimizing Slicing of Formal Specifications by Deductive Verification" Nordic Journal of Computing, vol. 13, iss. 12, pp. 2245, 2006.
@article{BMW06,
author = {I. Br\"uckner and B. Metzler and H. Wehrheim},
title = {Optimizing Slicing of Formal Specifications by Deductive Verification},
journal = {Nordic Journal of Computing},
year = {2006},
volume = {13},
number = {12},
month = {August},
pages = {2245},
publists = {brueckner,wehrheim},
abstract = { Slicing is a technique for extracting parts of programs or specifications with respect to certain criteria of interest. The extraction is carried out in such a way that properties as described by the slicing criterion are preserved, i.e., they hold in the complete program if and only if they hold in the sliced program. During verification, slicing is often employed to reduce the state space of specifications to a size tractable by a model checker. The computation of specification slices relies on the construction of dependence graphs, reflecting (at least) control and data dependencies in specifications. The more dependencies the graph has, the less removal of parts is possible. In this paper we present a technique for optimizing the construction of the dependence graph by using deductive verification techniques. More precisely, we propose a technique for showing that certain control dependencies in the graph can be eliminated. The technique employs small {\em deductive} proofs of the enabledness of certain transitions. Thereby we obtain dependence graphs with less control dependencies and as a consequence smaller specification slices which are an easier target for model checking. },
url = {http://csd.informatik.unioldenburg.de/pub/Papers/ib06njc.pdf}
}

P. E. Sevinç, D. Basin, und E. R. Olderog, "Controlling Access to Documents: A Formal Access Control Model" in Proc. ETRICS 2006, 2006, pp. 352367.
@inproceedings{SBO06,
author = {P. E. Sevin\c{c} and D. Basin and E.R. Olderog},
booktitle = {ETRICS 2006},
editor = {G\"unter M\"uller},
month = {June},
pages = {352367},
publisher = {SpringerVerlag},
series = {LNCS},
title = {Controlling Access to Documents: A Formal Access Control Model},
volume = 3995, year = 2006, abstract = { Current accesscontrol systems for documents suffer from one or more of the following limitations: they are coarsegrained, limited to XML documents, ot unable to maintain control over copies of documents once they are released by the system. We present a formal model of a system that overcomes all of these restrictions. It is very finegrained, supporst a general class of documents, and provides a foundation for usage control. }
}

R. Meyer, J. Faber, und A. Rybalchenko, "Model Checking Duration Calculus: A Practical Approach" in Proc. Theoretical Aspects of Computing  ICTAC 2006, 2006, pp. 332346.
@inproceedings{MFR2006,
author = {R. Meyer and J. Faber and A. Rybalchenko},
title = {Model Checking Duration Calculus: A Practical Approach},
booktitle = {Theoretical Aspects of Computing  ICTAC 2006},
year = {2006},
editor = {K. Barkaoui and A. Cavalcanti and A. Cerone},
series = {LNCS},
volume = {4281},
pages = {332346},
pdf = {http://csd.informatik.unioldenburg.de/~jfaber/dl/MeyerFaberRybalchenko2006.pdf},
note = {This publication is available at \url{ http://www.springerlink.com/openurl.asp?genre=article&id=doi:10.1007/11921240_23 } {SpringerLink}},
publists = {rmeyer,pea},
abstract = { Model checking of realtime systems with respect to Duration Calculus (DC) specifications requires the translation of DC formulae into automatabased semantics. This task is difficult to automate. The existing algorithms provide a limited DC coverage and do not support compositional verification. We propose a translation algorithm that advances the applicability of model checking tools to real world applications. Our algorithm significantly extends the subset of DC that can be handled. It decomposes DC specifications into subproperties that can be verified independently. The decomposition bases on a novel distributive law for DC. We implemented the algorithm as part of our tool chain for the automated verification of systems comprising data, communication, and realtime aspects. Our translation facilitated a successful application of the tool chain on an industrial case study from the European Train Control System (ETCS). }
}

B. Beckert und A. Platzer, "Dynamic Logic with Nonrigid Functions: A Basis for Objectoriented Program Verification" in Proc. Automated Reasoning, Third International Joint Conference, IJCAR 2006, Seattle, WA, USA, August 1720, 2006, Proceedings, 2006, pp. 266280.
@inproceedings{DBLP:conf/cade/BeckertP06,
author = {Bernhard Beckert and Andr{\'e} Platzer},
title = {Dynamic Logic with Nonrigid Functions: A Basis for Objectoriented Program Verification},
booktitle = {Automated Reasoning, Third International Joint Conference, IJCAR 2006, Seattle, WA, USA, August 1720, 2006, Proceedings},
year = {2006},
editor = {U. Furbach and N. Shankar},
volume = {4130},
series = {LNCS},
subseries = {LNAI},
pages = {266280},
doi = {10.1007/11814771_23},
issn = {03029743},
isbn = {3540371877},
publisher = {SpringerVerlag},
keywords = {dynamic logic, sequent calculus, program logic, software verification, logical foundations of programming languages, objectorientation},
note = {\url{http://dx.doi.org/10.1007/11814771_23}{(c) SpringerVerlag}},
url = {http://symbolaris.com/pub/odl.pdf},
abstract = { We introduce a dynamic logic that is enriched by nonrigid functions, i.e., functions that may change their value from state to state (during program execution), and we present a (relatively) complete sequent calculus for this logic. In conjunction with dynamically typed object enumerators, nonrigid functions allow to embed notions of objectorientation in dynamic logic, thereby forming a basis for verification of objectoriented programs. A semantical generalisation of substitutions, called state update, which we add to the logic, constitutes the central technical device for dealing with object aliasing during function modification. With these few extensions, our dynamic logic captures the essential aspects of the complex verification system KeY and, hence, constitutes a foundation for objectoriented verification with the principles of reasoning that underly the successful KeY case studies. }
}