This paper introduces ctrees, a monad for modeling nondeterministic, recursive, and impure
programs in Coq. Inspired by Xia et al.'s itrees, this novel data structure embeds …

Contracts specifying a procedure's behavior in terms of pre-and postconditions are essential
for scalable software verification, but cannot express any constraints on the events occurring …

Abstract We present Behavioral Program Logic (BPL), a dynamic logic for trace properties
that incorporates concepts from behavioral types and allows reasoning about non-functional …

Abstract programs contain schematic placeholders representing potentially infinitely many
concrete programs. They naturally occur in multiple areas of computer science concerned …

We introduce a new approach to analyze distributed hybrid systems by a generalization of
rely-guarantee reasoning. First, we give a system for deductive verification of class …

Designing and modeling complex cyber-physical systems (CPS) faces the double challenge
of combined discrete-continuous dynamics and concurrent behavior. Existing formal …

Formal specification of multi-threaded programs is notoriously hard, because thread
execution may be preempted at any point. In contrast, abstract concurrency models such as …

Formal, mathematically rigorous programming language semantics are the essential
prerequisite for the design of logics and calculi that permit automated reasoning about …

The behavior of concurrent, asynchronous procedures depends in general on the call
context, because of the global protocol that governs scheduling. This context cannot be …

Knowledge bases have been extensively used to represent and reason about static domain
knowledge. In this work, we show how to enforce domain knowledge about dynamic …