biblio.bib

@inproceedings{rul,
author = {Kirov, Dmitrii and Rollini, Simone Fulvio},
title = {Benchmark: Remaining Useful Life Predictor for Aircraft Equipment},
year = {2023},
isbn = {978-3-031-46001-2},
publisher = {Springer-Verlag},
address = {Berlin, Heidelberg},
url = {https://doi.org/10.1007/978-3-031-46002-9\_18},
doi = {10.1007/978-3-031-46002-9\_18},
pages = {299–304},
numpages = {6},
location = {Crete, Greece}
}


@article{abcrown,
  title={Efficient Neural Network Robustness Certification with General Activation Functions},
  author={Zhang, Huan and Weng, Tsui-Wei and Chen, Pin-Yu and Hsieh, Cho-Jui and Daniel, Luca},
  journal={Advances in Neural Information Processing Systems},
  volume={31},
  pages={4939-4948},
  year={2018},
  url={https://arxiv.org/pdf/1811.00866.pdf}
}

@inproceedings{venus,
  title={Efficient Verification of ReLU-Based Neural Networks via Dependency Analysis},
  author={Elena Botoeva and Panagiotis Kouvaros and Jan Kronqvist and Alessio Lomuscio and Ruth Misener},
  booktitle={AAAI Conference on Artificial Intelligence},
  year={2020},
  url={https://api.semanticscholar.org/CorpusID:213299187}
}

@misc{marabou2,
      title={Marabou 2.0: A Versatile Formal Analyzer of Neural Networks}, 
      author={Haoze Wu and Omri Isac and Aleksandar Zeljić and Teruhiro Tagomori and Matthew Daggitt and Wen Kokke and Idan Refaeli and Guy Amir and Kyle Julian and Shahaf Bassan and Pei Huang and Ori Lahav and Min Wu and Min Zhang and Ekaterina Komendantskaya and Guy Katz and Clark Barrett},
      year={2024},
      eprint={2401.14461},
      archivePrefix={arXiv},
      primaryClass={cs.AI}
}

@MISC{agree_userguide,
	author =       {Andrew Gacek and John Backes And Michael Whalen and Darren Cofer},
	title =        {{AGREE} Users Guide},
	year = "2018",
	howpublished = {https://github.com/smaccm/smaccm}
}

@inproceedings{Stewart17:IMBSA,
  author =       {Danielle Stewart and Michael Whalen and Darren Cofer and Mats P.E. Heimdahl},
  title =        {{Architectural Modeling and Analysis for Safety Engineering}},
  booktitle =    {{IMBSA 2017}},
  year =         "2017",
 pages =	 "97-111"
}

@book{sutton2018reinforcement,
	title={Reinforcement learning: An introduction},
	author={Sutton, Richard S and Barto, Andrew G},
	year={2018},
	publisher={MIT press}
}

@article{brockman2016openai,
	title={Openai gym},
	author={Brockman, Greg and Cheung, Vicki and Pettersson, Ludwig and Schneider, Jonas and Schulman, John and Tang, Jie and Zaremba, Wojciech},
	journal={arXiv preprint arXiv:1606.01540},
	year={2016}
}

@article{schulman2017proximal,
	title={Proximal policy optimization algorithms},
	author={Schulman, John and Wolski, Filip and Dhariwal, Prafulla and Radford, Alec and Klimov, Oleg},
	journal={arXiv preprint arXiv:1707.06347},
	year={2017}
}

@misc{hill2018stable,
	title={Stable baselines},
	author={Hill, Ashley and Raffin, Antonin and Ernestus, Maximilian and Gleave, Adam and Kanervisto, Anssi and Traore, Rene and Dhariwal, Prafulla and Hesse, Christopher and Klimov, Oleg and Nichol, Alex and others},
	year={2018}
}

@inproceedings{quigley2009ros,
	title={ROS: an open-source Robot Operating System},
	author={Quigley, Morgan and Conley, Ken and Gerkey, Brian and Faust, Josh and Foote, Tully and Leibs, Jeremy and Wheeler, Rob and Ng, Andrew Y},
	booktitle={ICRA workshop on open source software},
	volume={3},
	number={3.2},
	pages={5},
	year={2009},
	organization={Kobe, Japan}
}

@inproceedings{Joshi05:Dasc,
  author =       {Anjali Joshi and Steven P. Miller and Michael Whalen and Mats P.E. Heimdahl},
  title =        {{A Proposal for Model-Based Safety Analysis}},
  booktitle =    {{In Proceedings of 24th Digital Avionics Systems Conference}},
  year =         "2005"
}

@inproceedings{Joshi05:SafeComp,
  author =       {Anjali Joshi and Mats P.E. Heimdahl},
  title =        {{Model-Based Safety Analysis of Simulink Models Using SCADE Design Verifier}},
  booktitle =    {SAFECOMP},
  year =         "2005",
  volume =       "3688",
  series =       {LNCS},
  pages =        "122"
}

@inproceedings{Joshi07:Hase,
  author =       {Anjali Joshi and Mats P.E. Heimdahl},
  title =        {{Behavioral Fault Modeling for Model-based Safety Analysis}},
  booktitle =    {{Proceedings of the 10th IEEE High Assurance Systems Engineering Symposium (HASE)}},
  year =         "2007"
}

@inproceedings{Halbwachs91:IEEE,
  author =       {N. Halbwachs and P. Caspi and P. Raymond and D. Pilaud},
  title =        {{The Synchronous Dataflow Programming Language Lustre}},
  booktitle =    {{IEEE}},
   year =         "1991",
  volume =       "79(9)",
  pages =        "1305-1320"
}

@MISC{SRIInternational,
  author =       {{SRI International}},
  title =        {{The {PVS} Specification and Verification System}},
  howpublished = "http://pvs.csl.sri.com"
}

@MISC{SRIInternational,
	author =       {{SRI International}},
	title =        {{The {PVS} Specification and Verification System}},
	howpublished = "http://pvs.csl.sri.com"
}

@MISC{WBS_EMV2_Example,
  author =       {{The Software Engineering Institute (SEI)}},
  title =        {{ARP4761 - Wheel Brake System (WBS) Example}},
  howpublished = "\url{https://wiki.sei.cmu.edu/aadl/index.php/ARP4761_-_Wheel_Brake_System_%28WBS%29_Example}"
}

@inproceedings{QFCS15:backes,
 author={Backes, John and Cofer, Darren and Miller, Steven and Whalen, Michael W.},
 title={{Requirements Analysis of a Quad-Redundant Flight Control System}},
 year={2015},
 booktitle={{NFM}},
 volume={9058},
 series={LNCS},
 pages={82-96}
}

@inproceedings{hilt2013:MuWhRaHe,
  author    = {Anitha Murugesan and Michael W. Whalen and Sanjai Rayadurgam and Mats P.E. Heimdahl},
  title     = {{Compositional Verification of a Medical Device System}},
  booktitle = {HILT 2013},
  month     = {November},
  publisher = {ACM}
}

@ARTICLE{2017arXiv171201222G,
   author = {{Gacek}, A. and {Backes}, J. and {Whalen}, M. and {Wagner}, L. and
	{Ghassabani}, E.},
    title = "{The JKind Model Checker}",
  journal = {ArXiv e-prints},
archivePrefix = "arXiv",
   eprint = {1712.01222},
 primaryClass = "cs.LO",
 keywords = {Computer Science - Logic in Computer Science},
     year = 2017,
    month = dec,
   adsurl = {http://adsabs.harvard.edu/abs/2017arXiv171201222G},
  adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}


@inproceedings{NFM2012:CoGaMiWhLaLu,
 author = {Darren D. Cofer and Andrew Gacek and Steven P. Miller and Michael W. Whalen and Brian LaValley and Lui Sha},
 title = {{Compositional Verification of Architectural Models}},
 booktitle = {NFM 2012},
 volume = {7226},
 location = {Norfolk, VA, USA},
 pages = {126--140},
 month = {April},
 year = {2012}
}

@MISC{IEEE:PSL,
  title = {{{IEEE} Standard for Property Specification Language (PSL)}},
  organization = {IEEE Std 1850-2005},
  year = {2005}
}

@inproceedings{FMCAD2008:HaTi,
 author = {G. Hagen and C. Tinelli},
 title = {{Scaling up the formal verification of {L}ustre programs with {SMT}-based techniques}},
 booktitle = {In Proceedings of the 8th International Conference on Formal Methods in Computer-Aided Design (FMCAD '08)},
 publisher = {IEEE},
 year = {2008}
}

@inproceedings{NFM2012:KaGaTiWh,
 author = {Temesghan Kahsai and Pierre-Loic Garoche and Cesare Tinelli and Michael Whalen},
 title = {{Incremental Verification with Mode Machine Invariants in State Machines}},
 booktitle = {Proceedings of the 4th  NASA Formal Methods Symposium (NFM 2012)},
 location = {Norfolk, VA, USA},
 month = {April},
 year = {2012}
}

@inproceedings{DBLP:conf/cav/BozzanoCPJKPRT15,
  author    = {Marco Bozzano and
               Alessandro Cimatti and
               Anthony Fernandes Pires and
               D. Jones and
               G. Kimberly and
               T. Petri and
               R. Robinson and
               Stefano Tonetta},
  title     = {{Formal Design and Safety Analysis of {AIR6110} Wheel Brake System}},
  booktitle = {{CAV} 2015, Proceedings, Part {I}},
  pages     = {518--535},
  year      = {2015}
}

@book{FeilerModelBasedEngineering2012,
   title = {Model-Based Engineering with AADL: An Introduction to the SAE Architecture Analysis \& Design Language},
   author={Peter Feiler and David Gluch},
   year={2012},
   publisher={Addison-Wesley Professional},
}

@MISC{AIR6110,
  author = {{AIR 6110}},
  title = {{Contiguous Aircraft/System Development Process Example}},
  publisher = {SAE},
  month = {Dec.},
  year={2011}
}

@MISC{AADL_Standard,
	author = {{AS5506C}},
	title = {{Architecture Analysis \& Design Language (AADL)}},
	publisher = {SAE International},
	month = {Jan.},
	year={2017}
}

@inproceedings{CAV2015:BoCiGrMa,
 author = {Marco Bozzano and Alessandro Cimatti and Alberto Griggio and Cristian Mattarei},
 title = {{Efficient Anytime Techniques for Model-Based Safety Analysis}},
 booktitle = {Computer Aided Verification},
 year = {2015}
}

@inproceedings{CAV2011:KwNoPa,
 author = {Marta Kwiatkowska and Gethin Norman and David Parker},
 title = {{{PRiSM} 4.0: Verification of Probabilistic Real-time Systems}},
 booktitle = {In Proceedings of the 23rd International Conference on Computer Aided Verification (CAV '11)},
 volume = {6806 of LNCS},
 page = {585-591},
 year = {2011}
}

@TECHREPORT{EMV2,
author = {Feiler, Peter and Hudak, John and Delange, Julien and Gluch, Dave},
year = {2016},
month = {06},
title = {Architecture Fault Modeling and Analysis with the Error Model Annex, Version 2},
institution = {Software Engineering Institute},
number = {CMU/SEI-2016-TR-009}
}

@ARTICLE{info17:HaLuHo,
 author = {Hönig, Philipp and Lunde, Rüdiger and Holzapfel, Florian},
 title = {{Model Based Safety Analysis with smartIflow}},
 journal = {Information},
 volume={8},
 year = {2017},
 number ={1},
 url = {http://www.mdpi.com/2078-2489/8/1/7}
}

@article{CHEN201391,
title = {{Systems Modeling with {EAST-ADL} for Fault Tree Analysis through {HiP-HOPS}*}},
 author = {Chen, DeJiu and Mahmud, Nidhal and Walker, Martin and Feng, Lei and L{\"o}nn, Henrik and Papadopoulos, Yiannis},
journal = "IFAC Proceedings Volumes",
volume = "46",
number = "22",
pages = "91 - 96",
year = "2013",
note = "",
issn = "1474-6670"
}

@techreport{SEI:AADL,
 author = {Delange, Julien and Feiler, Peter and Gluch, Danid P. and Hudak, John},
 title = {{{AADL} Fault Modeling and Analysis Within an {ARP4761} Safety Assessment}},
 number = {CMU/SEI-2014-TR-020 },
 institution = {Software Engineering Institute: Carnegie Mellon University},
 month = {October},
 year = {2014},
 url = {http://resources.sei.cmu.edu/asset_files/technicalreport/2014_005_001_311911.pdf}
}

@MISC{SAE:ARP4761,
  author = {{SAE ARP 4761}},
  title = {{Guidelines and Methods for Conducting the Safety Assessment
Process on Civil Airborne Systems and Equipment}},
  publisher = {SAE International},
  month = {December},
  year={1996}
}

@MISC{SAE:ARP4754A,
	author = {{SAE ARP4754A}},
	title = {{Guidelines for Development of Civil Aircraft and Systems}},
	publisher = {SAE International},
	location = {Warrendale, PA, USA},
	month = {December},
	year={2010}
}

@article{CIMATTI2015333,
	title = "Contracts-refinement proof system for component-based embedded systems",
	journal = "SCP",
	volume = "97",
	year = "2015",
	note = "SEAA ’12",
	author = "Alessandro Cimatti and Stefano Tonetta"
}


@article{Bozzano:2011:SDP:1992983.1992988,
	author = {Bozzano, Marco and Cimatti, Alessandro and Katoen, Joost-Pieter and Nguyen, Viet Yen and Noll, Thomas and Roveri, Marco},
	title = {Safety, Dependability and Performance Analysis of Extended AADL Models},
	journal = {Comput. J.},
	issue_date = {May 2011},
	volume = {54},
	number = {5},
	month = may,
	year = {2011},
	publisher = {Oxford University Press},
	address = {Oxford, UK},
}

@inproceedings{symbAltaRica,
	author    = {Marco Bozzano and
	Alessandro Cimatti and
	Oleg Lisagor and
	Cristian Mattarei and
	Sergio Mover and
	Marco Roveri and
	Stefano Tonetta},
	title     = {{Symbolic Model Checking and Safety Assessment of Altarica Models}},
	volume = {98},
	booktitle = {Science of Computer Programming},
	year = {2011}
}

@InProceedings{10.1007/978-3-540-75596-8-13,
	author="Bozzano, Marco
	and Cimatti, Alessandro
	and Tapparo, Francesco",
	title="Symbolic Fault Tree Analysis for Reactive Systems",
	booktitle="ATVA",
	year="2007"
}

@InProceedings{10.1007/978-3-319-11936-6-7,
	author="Bozzano, Marco
	and Cimatti, Alessandro
	and Mattarei, Cristian
	and Tonetta, Stefano",
	title="Formal Safety Assessment via Contract-Based Design",
	booktitle="Automated Technology for Verification and Analysis",
	year="2014"
}


@book{Bozzano:2010:DSA:1951720,
	author = {Bozzano, Marco and Villafiorita, Adolfo},
	title = {Design and Safety Assessment of Critical Systems},
	year = {2010},
	edition = {1st},
	publisher = {Auerbach Publications},
	address = {Boston, MA, USA},
}

@inproceedings{DBLP:conf/tacas/BittnerBCCGGMMZ16,
  author    = {Benjamin Bittner and
               Marco Bozzano and
               Roberto Cavada and
               Alessandro Cimatti and
               Marco Gario and
               Alberto Griggio and
               Cristian Mattarei and
               Andrea Micheli and
               Gianni Zampedri},
  title     = {{The x{SAP} Safety Analysis Platform}},
  booktitle = {{TACAS}},
  year      = {2016}
}

@Article{info8010007,
AUTHOR = {H{\"o}nig, Philipp and Lunde, R{\"u}diger and Holzapfel, Florian},
TITLE = {{Model Based Safety Analysis with smartIflow}},
JOURNAL = {Information},
VOLUME = {8},
YEAR = {2017},
NUMBER = {1},
ARTICLE_NUMBER = {7}
}

@INPROCEEDINGS{5979344,
author={O. Lisagor and T. Kelly and R. Niu},
booktitle={The Proceedings of 2011 9th International Conference on Reliability, Maintainability and Safety},
title={{Model-based safety assessment: Review of the discipline and its challenges}},
year={2011}
}

@article{PROSVIRNOVA2013127,
title = {{The {A}lta{R}ica 3.0 Project for Model-Based Safety Assessment}},
journal = "IFAC",
volume = "46",
number = "22",
year = "2013",
author = "Tatiana Prosvirnova and Michel Batteux and Pierre-Antoine Brameret and Abraham Cherfi and Thomas Friedlhuber and Jean-Marc Roussel and Antoine Rauzy"
}

@phdthesis{prosvirnova:tel-01119730,
  TITLE = {{AltaRica 3.0: a Model-Based approach for Safety Analyses}},
  AUTHOR = {Prosvirnova, Tatiana},
  URL = {https://pastel.archives-ouvertes.fr/tel-01119730},
  SCHOOL = {{Ecole Polytechnique}},
  YEAR = {2014},
  MONTH = Nov,
  KEYWORDS = {Safety ; Reliability ; Model-Based approach ; AltaRica ; Analyse du risque ; Fiabilit{\'e} ; S{\^u}ret{\'e} de Fonctionnement ; approche orient{\'e}e mod{\`e}les},
  TYPE = {Theses},
  PDF = {https://pastel.archives-ouvertes.fr/tel-01119730/file/main.pdf}
}


@inproceedings{Gudemann:2010:FQQ:1909626.1909813,
   author = {Gudemann, Matthias and Ortmeier, Frank},
   title = {A Framework for Qualitative and Quantitative Formal Model-Based Safety Analysis},
   booktitle = {HASE 2010},
   year = {2010}
}

@inproceedings{Driscoll-Byzantine-Fault,
	author = {Driscoll, Kevin and Sivencrona, Hkan and Zumsteg, Phil},
	title =  {{Byzantine Fault Tolerance, from Theory to Reality}},
	booktitle =    {SAFECOMP},
	year =         "2003",
	series =       {LNCS}
}

@techreport{SATechReport,
 author = {Stewart, Danielle and Liu, Jing and Whalen, Michael and Cofer, Darren and Peterson, Michael},
 title = {{Safety Annex for Architecture Analysis Design and Analysis Language}},
 number = {18-007},
 institution = {University of Minnesota},
 month = {March},
 year = {2018},
 url = {https://www.cs.umn.edu/research/technical_reports/view/18-007}
}

@INPROCEEDINGS{Bieber04safetyassessment,
    author = {Pierre Bieber and Christian Bougnol and Charles Castel and Jean Pierre Heckmann and Christophe Kehren and Sylvain Metge and Christel Seguin},
    title = {{Safety Assessment with Altarica - Lessons Learnt Based on Two Aircraft System Studies}},
    booktitle = {In 18th IFIP World Computer Congress},
    year = {2004}
}

@INPROCEEDINGS{BieberERTS2018,
	author = {Pierre Bieber and Jean-Loup Farges and Xavier Pucel and Louis-Marie S{\`e}jeau and Christel Seguin},
	title = {Model - Based Safety Analysis for co-assessment of operation and system safety: application to specific operations of unmanned aircraft},
	booktitle = {ERTS2},
	year = {2018}
}


@InProceedings{10.1007/978-3-642-04468-7_15,
author="Bozzano, Marco
and Cimatti, Alessandro
and Katoen, Joost-Pieter
and Nguyen, Viet Yen
and Noll, Thomas
and Roveri, Marco",
title={{The COMPASS Approach: Correctness, Modelling and Performability of Aerospace Systems}},
booktitle="Computer Safety, Reliability, and Security",
year="2009",
publisher="Springer Berlin Heidelberg"
}

@InProceedings{compass30toolset,
	author = {Bozzano, Marco and Bruintjes, Harold and Cimatti, Alessandro and Katoen, Joost-Pieter and Noll, Thomas and Tonetta, Stefano},
	title = {The COMPASS 3.0 Toolset (short paper)},
	booktitle =    {{IMBSA 2017}},
  	year =         "2017"
}

@Article{Cimatti2000,
author="Cimatti, Alessandro
and Clarke, Edmund
and Giunchiglia, Fausto
and Roveri, Marco",
title="NUSMV: a new symbolic model checker",
journal="International Journal on Software Tools for Technology Transfer",
year="2000"
}

@inproceedings{Katoen:2005:MRM:1114692.1115230,
 author = {Katoen, Joost-Pieter and Khattri, Maneesh and Zapreev, Ivan S.},
 title = {A Markov Reward Model Checker},
 booktitle = {Proceedings of the Second International Conference on the Quantitative Evaluation of Systems},
 series = {QEST '05},
 year = {2005},
 publisher = {IEEE Computer Society}
}

@article{criticalembeddedsystems,
author = {Bozzano, Marco and Cimatti, Alessandro and Katoen, Joost-Pieter and Yen Nguyen, Viet and Noll, Thomas and Roveri, Marco},
year = {2009},
title = {Model-Based Codesign of Critical Embedded Systems},
volume = {507}
}

@INPROCEEDINGS{5185388,
author={M. Bozzano and A. Cimatti and M. Roveri and J. P. Katoen and V. Y. Nguyen and T. Noll},
booktitle={2009 7th IEEE/ACM International Conference on Formal Methods and Models for Co-Design},
title={Codesign of dependable systems: A component-based modeling language},
year={2009}
}

@MISC{RAT,
	author =       {{RAT: Requirements Analysis Tool}},
	howpublished = "http://rat.itc.it"
}

@MISC{MRMC,
	author =       {{MRMC: Markov Rewards Model Checker}},
	howpublished = "http://wwwhome.cs.utwente.nl/~zapreevis/mrmc/"
}

@MISC{NuSMV,
	author =       {{NuSMV Model Checker}},
	howpublished = "http://nusmv.itc.it"
}

@MISC{COMPASSusersguide,
	author = {{COMPASS Users Manual}},
	howpublished = "http://www.compass-toolset.org/docs/compass-manual.pdf"
}

@misc{SAGithub,
  author = {Stewart, Danielle and Liu, Jing and Whalen, Michael and Cofer, Darren and Peterson, Michael},
  title = {Safety Annex for AADL Repository},
  year = {2017},
  publisher = {GitHub},
  journal = {GitHub repository},
  howpublished = {\url{https://github.com/loonwerks/AMASE}}
}

@MISC{RTCA:StdC,
  title = {{{RTCA/DO-178C} Software Considerations in Airborne Systems and Equipment Certification}},
  organization = {RTCA, Inc.},
  year = {2011}
}

@MISC{MathWorks,
  author =       {Math{W}orks},
  title =        {{The {M}ath{W}orks {I}nc. {S}imulink Product Web Site}},
  year = "2004",
  howpublished = "http://www.mathworks.com/products/simulink"
}

@INPROCEEDINGS{lustre,
	author = {N. Halbwachs and P. Caspi and P. Raymond and D. Pilaud},
	title = {The Synchronous Dataflow Programming Language {LUSTRE}},
	booktitle = {Proceedings of the IEEE},
	year = {1991},
	pages = {1305--1320}
}

@article{pals,
	author = {Meseguer, Jos{\'e} and \"{O}lveczky, Peter Csaba},
	title = {Formalization and Correctness of the PALS Architectural Pattern for Distributed Real-time Systems},
	journal = {Theor. Comput. Sci.},
	volume = {451},
	month = sep,
	year = {2012},
	pages = {1--37},
	numpages = {37},
	keywords = {Distributed real-time systems, Formally verified architectural patterns, Model checking, Rewriting logic, Synchronizers},
}

@misc{osate,
	author = {{The Software Engineering Institute}},
	title = {{OSATE}: Plug-ins for Front-end Processing of {AADL} Models},
	year = {2013}
}

@article{Miller:2010:SMC:1646353.1646372,
	author = {Miller, Steven P. and Whalen, Michael W. and Cofer, Darren D.},
	title = {Software Model Checking Takes off},
	journal = {Commun. ACM},
	issue_date = {February 2010},
	volume = {53},
	number = {2},
	month = feb,
	year = {2010},
	issn = {0001-0782},
	pages = {58--64},
	numpages = {7},
	url = {http://doi.acm.org/10.1145/1646353.1646372},
	doi = {10.1145/1646353.1646372},
	acmid = {1646372},
	publisher = {ACM},
	address = {New York, NY, USA},
}

@article{HACMS-Computer,
	title = {A Formal Approach to Constructing Secure Air Vehicle Software},
	journal = {IEEE Computer Magazine},
	author = {Darren Cofer and Andrew Gacek and John Backes and Michael W. Whalen and Lee Pike and Adam Foltzer and Michal Podhradsky and Gerwin Klein and Ihor Kuz and June Andronick and Gernot Heiser and Douglas Stuart},
	volume = {51},
	issue = {11},
	month = nov,
	year = 2018
}

@techreport{HACMS-Report,
	author = {D. Cofer and J. Backes and A. Gacek and D. DaCosta and M. Whalen and I. Kuz and G. Klein and G. Heiser and L. Pike and A. Foltzer and M. Podhradsky and D. Stuart and J. Graham and B. Wilson},
	title = {{Secure Mathematically-Assured Composition of Control Models}},
	number = {HACMS Final Report, AFRL-RI-RS-TR-2017-176},
	month = {October},
	year = {2017}
}

@inproceedings{McMillan:1999:CCR:646704.701881,
	author = {McMillan, Kenneth L.},
	title = {Circular Compositional Reasoning About Liveness},
	booktitle = {Proceedings of the 10th IFIP WG 10.5 Advanced Research Working Conference on Correct Hardware Design and Verification Methods},
	series = {CHARME '99},
	year = {1999},
	isbn = {3-540-66559-5},
	pages = {342--345},
	numpages = {4},
	url = {http://dl.acm.org/citation.cfm?id=646704.701881},
	acmid = {701881},
	publisher = {Springer-Verlag},
	address = {London, UK, UK},
}

@inproceedings{resolute,
	author = {A. Gacek et. al},
	title = {Resolute: An Assurance Case Language for Architecture Models},
	booktitle = {HILT 2014},
	year = {2014},
	isbn = {978-1-4503-3217-0},
	location = {Portland, Oregon, USA},
	pages = {19--28},
	numpages = {10},
	url = {http://doi.acm.org/10.1145/2663171.2663177},
	doi = {10.1145/2663171.2663177},
	acmid = {2663177},
	publisher = {ACM},
	address = {New York, NY, USA},
	keywords = {aadl, architecture models, assurance case, avionics},
}

@inproceedings{export,
	author    = {Jing Liu and
	John D. Backes and
	Darren D. Cofer and
	Andrew Gacek},
	title     = {From Design Contracts to Component Requirements Verification},
	booktitle = {{NASA} Formal Methods - 8th International Symposium, {NFM} 2016, Minneapolis,
	MN, USA, June 7-9, 2016, Proceedings},
	pages     = {373--387},
	year      = {2016},
}

@misc{F3269-17,
	author = {{ASTM F3269-17}},
	title = {Standard Practice for Methods to Safely Bound Flight Behavior of Unmanned Aircraft Systems Containing Complex Functions},
	publisher = { ASTM International},
	year = {2017},
	url = {www.astm.org},
}

@misc{DO-178,
	author = {{RTCA DO-178C}},
	title = {Software Considerations in Airborne Systems and Equipment Certification},
	publisher = {RTCA},
	year = {2011},
	url = {https://www.rtca.org/content/standards-guidance-materials},
}

@misc{DO-248,
	author = {{RTCA DO-248C}},
	title = {{Supporting Information for DO-178C and DO-278A}},
	publisher = {RTCA},
	year = {2011},
	url = {https://www.rtca.org/content/standards-guidance-materials},
}

@misc{DO-331,
	author = {{RTCA DO-331}},
	title = {{Model-Based Development and Verification Supplement to DO-178C and DO-278A}},
	publisher = {RTCA},
	year = {2011},
	url = {https://www.rtca.org/content/standards-guidance-materials},
}

@misc{DO-333,
	author = {{RTCA DO-333}},
	title = {{Formal Methods Supplement to DO-178C and DO-278A}},
	publisher = {RTCA},
	year = {2011},
	url = {https://www.rtca.org/content/standards-guidance-materials},
}

@MISC{APT,
	author = {{Kestrel Institute}},
 	title = {{{APT}: {A}utomated {P}rogram {T}ransformations}},
	year = {2020},
 	howpublished = "https://www.kestrel.edu/home/projects/apt/"
}

@MISC{ACL2,
	author = {{Matt Kaufmann and J Strother Moore}},
 	title = {{ACL2 Version 8.3}},
	year = {2020},
 	howpublished = "http://www.cs.utexas.edu/users/moore/acl2/"
}

@MISC{Axe,
	author = {{Kestrel Institute}},
 	title = {{Axe}},
	year = {2020},
 	howpublished = "https://www.kestrel.edu/home/projects/axe/"
}

@techreport{simplex,
	title={An Architectural Description of the Simplex Architecture},
	author={Jose Rivera and Alejandro Danylyszyn and Charles Weinstock and Lui Sha and Michael Gagliardi},
	year={1996},
	number={CMU/SEI-96-TR-006},
	institution={Software Engineering Institute, Carnegie Mellon University},
	address={Pittsburgh, PA},
	url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=12521}
}

@article{VAE,
 	author    = {Taylor Denouden and
               Rick Salay and
               Krzysztof Czarnecki and
               Vahdat Abdelzad and
               Buu Phan and
               Sachin Vernekar},
 	title     = {Improving Reconstruction Autoencoder Out-of-distribution Detection
               with Mahalanobis Distance},
   	journal   = {CoRR},
  	volume    = {abs/1812.02765},
  	year      = {2018},
  	url       = {http://arxiv.org/abs/1812.02765},
	archivePrefix = {arXiv},
	eprint    = {1812.02765},
	timestamp = {Tue, 01 Jan 2019 15:01:25 +0100},
	biburl    = {https://dblp.org/rec/bib/journals/corr/abs-1812-02765},
	bibsource = {dblp computer science bibliography, https://dblp.org}
}

@book{AADL,
author = {Feiler, Peter H. and Gluch, David P.},
title = {Model-Based Engineering with AADL: An Introduction to the SAE Architecture Analysis and Design Language},
year = {2012},
isbn = {0321888944},
publisher = {Addison-Wesley Professional},
edition = {1st}
}

@article{AGREE,
author = {Michael W. Whalen and Andrew Gacek and Darren Cofer and Anitha Murugesan and Mats P.E. Heimdahl and Sanjai Rayadurgam},
title = {Your ``What'' Is My ``How'': Iteration and Hierarchy in System Design},
journal ={IEEE Software},
volume = {30},
number = {2},
issn = {0740-7459},
year = {2013},
pages = {54-60},
doi = {http://doi.ieeecomputersociety.org/10.1109/MS.2012.173},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
}

@MISC{DARPA-assured-autonomy,
	 author =       {{DARPA}},
 	title =        {{{A}ssured {A}utonomy}},
 	howpublished = "https://www.darpa.mil/program/assured-autonomy"
}

@MISC{loonwerks-AAHAA,
	 author =       {{Loonwerks}},
 	title =        {{{AAHAA}: {A}rchitecture and {A}nalysis for {H}igh-{A}ssurance {A}utonomy}},
 	howpublished = "http://loonwerks.com/projects/aahaa.html"
}

@MISC{GPSWorld-CP,
	 author =       {{Petovello, Mark}},
 	title =        {{{Inside GNSS}: {W}hat is the {C}arrier {P}hase {M}easurement}},
	year = {2010},
 	howpublished = "http://www.insidegnss.com/auto/julaug10-solutions.pdf"
}
@article{simplex-article,
author = {Sha, Lui},
title = {Using Simplicity to Control Complexity},
year = {2001},
issue_date = {July 2001},
publisher = {IEEE Computer Society Press},
address = {Washington, DC, USA},
volume = {18},
number = {4},
issn = {0740-7459},
url = {https://doi.org/10.1109/MS.2001.936213},
doi = {10.1109/MS.2001.936213},
journal = {IEEE Software},
month = July,
pages = {20–28},
numpages = {9}
}

@misc{doersch2016tutorial,
    title={Tutorial on Variational Autoencoders},
    author={Carl Doersch},
    year={2016},
    eprint={1606.05908},
    archivePrefix={arXiv},
    primaryClass={stat.ML}
}

@inproceedings{an2015variational,
    title={Variational Autoencoder based Anomaly Detection using Reconstruction
           Probability},
    author={Jinwon An and Sungzoon Cho},
    year={2015}
}

@misc{chalapathy2019deep,
    title={Deep Learning for Anomaly Detection: A Survey},
    author={Raghavendra Chalapathy and Sanjay Chawla},
    year={2019},
    eprint={1901.03407},
    archivePrefix={arXiv},
    primaryClass={cs.LG}
}

@misc{nalisnick2019detecting,
    title={Detecting Out-of-Distribution Inputs to Deep Generative Models Using
           Typicality},
    author={Eric Nalisnick and Akihiro Matsukawa and Yee Whye Teh and Balaji
            Lakshminarayanan},
    year={2019},
    eprint={1906.02994},
    archivePrefix={arXiv},
    primaryClass={stat.ML}
}

@misc{byun2020manifold,
    title={Manifold for Machine Learning Assurance},
    author={Taejoon Byun and Sanjai Rayadurgam},
    year={2020},
    eprint={2002.03147},
    archivePrefix={arXiv},
    primaryClass={cs.LG}
}

@INPROCEEDINGS{byun2019input,
    author={T. {Byun} and V. {Sharma} and A. {Vijayakumar} and S. {Rayadurgam}
            and D. {Cofer}},
    booktitle={2019 IEEE International Conference On Artificial Intelligence
               Testing (AITest)},
    title={Input Prioritization for Testing Neural Networks},
    year={2019},
    pages={63-70},
}

@inproceedings{marabou,
  author    = {Guy Katz and
               Derek A. Huang and
               Duligur Ibeling and
               Kyle Julian and
               Christopher Lazarus and
               Rachel Lim and
               Parth Shah and
               Shantanu Thakoor and
               Haoze Wu and
               Aleksandar Zeljic and
               David L. Dill and
               Mykel J. Kochenderfer and
               Clark W. Barrett},
  editor    = {Isil Dillig and
               Serdar Tasiran},
  title     = {The Marabou Framework for Verification and Analysis of Deep Neural
               Networks},
  booktitle = {Computer Aided Verification - 31st International Conference, {CAV}
               2019, New York City, NY, USA, July 15-18, 2019, Proceedings, Part
               {I}},
  series    = {Lecture Notes in Computer Science},
  volume    = {11561},
  pages     = {443--452},
  publisher = {Springer},
  year      = {2019},
  url       = {https://doi.org/10.1007/978-3-030-25540-4\_26},
  doi       = {10.1007/978-3-030-25540-4\_26},
  timestamp = {Fri, 31 Jan 2020 21:32:18 +0100},
  biburl    = {https://dblp.org/rec/conf/cav/KatzHIJLLSTWZDK19.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{jkind,
  author    = {Andrew Gacek and
               John Backes and
               Mike Whalen and
               Lucas G. Wagner and
               Elaheh Ghassabani},
  editor    = {Hana Chockler and
               Georg Weissenbacher},
  title     = {The JKind Model Checker},
  booktitle = {Computer Aided Verification - 30th International Conference, {CAV}
               2018, Held as Part of the Federated Logic Conference, FloC 2018, Oxford,
               UK, July 14-17, 2018, Proceedings, Part {II}},
  series    = {Lecture Notes in Computer Science},
  volume    = {10982},
  pages     = {20--27},
  publisher = {Springer},
  year      = {2018},
  url       = {https://doi.org/10.1007/978-3-319-96142-2\_3},
  doi       = {10.1007/978-3-319-96142-2\_3},
  timestamp = {Fri, 31 Jan 2020 21:32:18 +0100},
  biburl    = {https://dblp.org/rec/conf/cav/GacekBWWG18.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org}
}

@INPROCEEDINGS{ccas,
  author={S. {Bhattacharyya} and D. {Cofer} and D. {Musliner} and J. {Mueller} and E. {Engstrom}},
  booktitle={2015 International Conference on Unmanned Aircraft Systems (ICUAS)},
  title={Certification considerations for adaptive systems},
  year={2015},
  volume={},
  number={},
  pages={270-279},}

  @online{unknown,
  author = {CSPAN},
  title = {{``Defense Department Briefing," February 12, 2002}},
  year = 2002,
  url = {https://www.c-span.org/video/?168646-1/defense-department-briefing},
  urldate = {2021-07-01}
}

@misc{unknowns,
   author={{CSPAN}},
   title={{Defense Department Briefing}},
   howpublished="\url{https://www.c-span.org/video/?168646-1/defense-department-briefing}",
   journal={CSPAN},
   year={2002},
   month={Feb 12,}
}

@misc{F3269,
	author = {{ASTM F3269-17}},
	title = {Standard Practice for Methods to Safely Bound Flight Behavior of Unmanned Aircraft Systems Containing Complex Functions},
	publisher = { ASTM International},
	year = {2017},
	url = {www.astm.org},
}

@misc{uber-crash,
   author={Aarian Marshall and Alex Davies},
   title = {Uber’s Self-Driving Car Didn’t Know Pedestrians Could Jaywalk},
   publisher = {Wired},
   howpublished="\url{https://www.wired.com/story/ubers-self-driving-car-didnt-know-pedestrians-could-jaywalk/}",
   year={2019},
   month={Nov 5,}
}

@misc{tesla-crash,
  author={Jack Stewart},
  title = {Tesla's Autopilot Was Involved in Another Deadly Car Crash},
  publisher = {Wired},
  howpublished="\url{https://www.wired.com/story/tesla-autopilot-self-driving-crash-california/}",
  year = {2018},
  month = {Mar 30,}
}

@misc{hayhurst,
  author={Kelly Hayhurst and Dan Veerhusen and John Chilenski and Leanna Rierson},
  title = {A Practical Tutorial on Modified Condition\/Decision Coverage},
  publisher = {{NASA}},
  howpublished = {{NASA} Technical report TM-2001-210876},
  year = {2001}
}

@inproceedings{ml-testing,
  author    = {Dusica Marijan and
               Arnaud Gotlieb},
  title     = {Software Testing for Machine Learning},
  booktitle = {The Thirty-Fourth {AAAI} Conference on Artificial Intelligence, {AAAI}
               2020, The Thirty-Second Innovative Applications of Artificial Intelligence
               Conference, {IAAI} 2020, The Tenth {AAAI} Symposium on Educational
               Advances in Artificial Intelligence, {EAAI} 2020, New York, NY, USA,
               February 7-12, 2020},
  pages     = {13576--13582},
  publisher = {{AAAI} Press},
  year      = {2020},
  url       = {https://aaai.org/ojs/index.php/AAAI/article/view/7084},
  timestamp = {Tue, 02 Feb 2021 08:00:33 +0100},
  biburl    = {https://dblp.org/rec/conf/aaai/MarijanG20.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org}
}

@misc{easa-roadmap,
  author = {{EASA}},
  title = {{Artificial Intelligence Roadmap 1.0: A human-centric approach to AI in aviation}},
  howpublished="\url{https://www.easa.europa.eu/sites/default/files/dfu/EASA-AI-Roadmap-v1.0.pdf}",
  year = {2020}
}

@misc{codann1,
  author = {Jean Marc Cluzeau and Xavier Henriquel and Georges Rebender and Guillaume Soudain and Luuk van Dijk and Alexey Gronskiy and David Haber and Corentin Perret-Gentil and Ruben Polak},
  publisher = {{EASA}},
  title = {{Concepts of Design Assurance for Neural Networks (CoDANN)}},
  howpublished="\url{https://www.easa.europa.eu/sites/default/files/dfu/EASA-DDLN-Concepts-of-Design-Assurance-for-Neural-Networks-} \url{CoDANN.pdf}",
  year = {2020},
  month = {Mar 31,}
}

@misc{easa-guidance,
  author = {{EASA}},
  title = {{EASA Concept Paper: First usable guidance for Level 1 machine learning applications}},
  howpublished = "\url{https://www.easa.europa.eu/sites/default/files/dfu/easa_concept_paper_first_usable_guidance_for_level_1_machine_learning_applications_-_proposed_issue_01_1.pdf}",
  year = {2021},
  month= {April}
}


@inproceedings{manifold,
  author    = {Taejoon Byun and
               Abhishek Vijayakumar and
               Sanjai Rayadurgam and
               Darren D. Cofer},
  title     = {Manifold-based Test Generation for Image Classifiers},
  booktitle = {{IEEE} International Conference On Artificial Intelligence Testing,
               AITest 2020, Oxford, UK, August 3-6, 2020},
  pages     = {15--22},
  publisher = {{IEEE}},
  year      = {2020},
  url       = {https://doi.org/10.1109/AITEST49225.2020.00010},
  doi       = {10.1109/AITEST49225.2020.00010},
  timestamp = {Wed, 16 Sep 2020 17:29:39 +0200},
  biburl    = {https://dblp.org/rec/conf/aitest/ByunVRC20.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org}
}

@inproceedings{reluplex,
  author    = {Guy Katz and
               Clark W. Barrett and
               David L. Dill and
               Kyle Julian and
               Mykel J. Kochenderfer},
  editor    = {Rupak Majumdar and
               Viktor Kuncak},
  title     = {Reluplex: An Efficient {SMT} Solver for Verifying Deep Neural Networks},
  booktitle = {Computer Aided Verification - 29th International Conference, {CAV}
               2017, Heidelberg, Germany, July 24-28, 2017, Proceedings, Part {I}},
  series    = {Lecture Notes in Computer Science},
  volume    = {10426},
  pages     = {97--117},
  publisher = {Springer},
  year      = {2017},
  url       = {https://doi.org/10.1007/978-3-319-63387-9\_5},
  doi       = {10.1007/978-3-319-63387-9\_5},
  timestamp = {Wed, 25 Sep 2019 18:02:04 +0200},
  biburl    = {https://dblp.org/rec/conf/cav/KatzBDJK17.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org}
}

@InProceedings{dasc2020,
author = {Darren D. Cofer and
               Isaac Amundson and
               Ramachandra Sattigeri and
               Arjun Passi and
               Christopher Boggs and
               Eric Smith and
               Limei Gilham and
               Taejoon Byun and
               Sanjai Rayadurgam},
booktitle = {Digitial Avionics Systems Conference ({DASC})},
title = {{Run-Time Assurance for Learning-Based Aircraft Taxiing}},
year = {2020}
}

@misc{overarching,
  author={C. Michael Holloway},
  title = {{Understanding the Overarching Properties}},
  publisher = {{NASA}},
  howpublished = {{NASA} Technical report TM-2019–220292},
  year = {2019}
}


@misc{atj,
  author = {Kestrel Institute},
  title = {{ATJ: ACL2-To-Java}},
  howpublished="https://www.kestrel.edu/research/atj/",
  year = {2022}
}

@misc{atc,
  author = {Kestrel Institute},
  title = {{ATJ: ACL2-To-C}},
  howpublished="https://www.kestrel.edu/research/atc/",
  year = {2022}
}

@article{agree2012,
  title={Your" what" is my" how": Iteration and hierarchy in system design},
  author={Whalen, Michael W and Gacek, Andrew and Cofer, Darren and Murugesan, Anitha and Heimdahl, Mats PE and Rayadurgam, Sanjai},
  journal={IEEE software},
  volume={30},
  number={2},
  pages={54--60},
  year={2012},
  publisher={IEEE}
}

@MISC{DO_366A,	
	title = {{{RTCA/DO-366A} Minimum Operational Performance Standards (MOPS) for Air-to-Air Radar for Traffic Surveillance}},
	publisher = {RTCA, Inc},
	month = {September},
	year={2020}
}

@MISC{DO_365,	
	title = {{{RTCA/DO-365} Minimum Operational Performance Standards (MOPS) for Detect and Avoid (DAA) Systems}},
	publisher = {RTCA, Inc},
	month = {May},
	year={2017}
}

@inproceedings{prob_conflict_detection,
  author    = {Inseok Hwang and
               Chze Eng Seah},
  title     = {Intent-Based Probabilistic Conflict Detection for the Next Generation Air Transportation System},
  booktitle = {Proceedings of the {IEEE}},
  pages     = {2040--2059},
  publisher = {{IEEE}},
  year      = {2008},
}

@inproceedings{whitebox,
author = {Pei, Kexin and Cao, Yinzhi and Yang, Junfeng and Jana, Suman},
title = {DeepXplore: Automated Whitebox Testing of Deep Learning Systems},
year = {2017},
isbn = {9781450350853},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3132747.3132785},
doi = {10.1145/3132747.3132785},
booktitle = {Proceedings of the 26th Symposium on Operating Systems Principles},
pages = {1–18},
numpages = {18},
keywords = {Deep learning testing, differential testing, whitebox testing},
location = {Shanghai, China},
series = {SOSP '17}
}

@misc{GPT4,
      title={{GPT}-4 {T}echnical {R}eport}, 
      author={OpenAI},
      year={2023},
      eprint={2303.08774},
      archivePrefix={arXiv},
      primaryClass={cs.CL},
      url={https://arxiv.org/pdf/2303.08774.pdf}
}

@article{Gopinath2019FindingII,
  title={Finding Invariants in Deep Neural Networks},
  author={Divya Gopinath and Ankur Taly and Hayes Converse and Corina S. Păsăreanu},
  journal={ArXiv},
  year={2019},
  volume={abs/1904.13215},
  url={https://api.semanticscholar.org/CorpusID:140218354}
}

@inproceedings {8952519,
author = {D. Gopinath and H. Converse and C. Pasareanu and A. Taly},
booktitle = {2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)},
title = {Property Inference for Deep Neural Networks},
year = {2019},
volume = {},
issn = {},
pages = {797-809},
abstract = {We present techniques for automatically inferring formal properties of feed-forward neural networks. We observe that a significant part (if not all) of the logic of feed forward networks is captured in the activation status (on or off) of its neurons. We propose to extract patterns based on neuron decisions as preconditions that imply certain desirable output property e.g., the prediction being a certain class. We present techniques to extract input properties, encoding convex predicates on the input space that imply given output properties and layer properties, representing network properties captured in the hidden layers that imply the desired output behavior. We apply our techniques on networks for the MNIST and ACASXU applications. Our experiments highlight the use of the inferred properties in a variety of tasks, such as explaining predictions, providing robustness guarantees, simplifying proofs, and network distillation.},
keywords = {neurons;feeds;biological neural networks;feature extraction;task analysis;robustness;safety},
doi = {10.1109/ASE.2019.00079},
url = {https://doi.ieeecomputersociety.org/10.1109/ASE.2019.00079},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
month = {nov}
}

@article{10.1007/s10703-021-00363-7,
author = {Katz, Guy and Barrett, Clark and Dill, David L. and Julian, Kyle and Kochenderfer, Mykel J.},
title = {Reluplex: a calculus for reasoning about deep neural networks},
year = {2021},
issue_date = {Feb 2022},
publisher = {Kluwer Academic Publishers},
address = {USA},
volume = {60},
number = {1},
issn = {0925-9856},
url = {https://doi.org/10.1007/s10703-021-00363-7},
doi = {10.1007/s10703-021-00363-7},
abstract = {Deep neural networks have emerged as a widely used and effective means for tackling complex, real-world problems. However, a major obstacle in applying them to safety-critical systems is the great difficulty in providing formal guarantees about their behavior. We present a novel, scalable, and efficient technique for verifying properties of deep neural networks (or providing counter-examples). The technique is based on the simplex method, extended to handle the non-convex Rectified Linear Unit (ReLU) activation function, which is a crucial ingredient in many modern neural networks. The verification procedure tackles neural networks as a whole, without making any simplifying assumptions. We evaluated our technique on a prototype deep neural network implementation of the next-generation airborne collision avoidance system for unmanned aircraft (ACAS Xu). Results show that our technique can successfully prove properties of networks that are an order of magnitude larger than the largest networks that could be verified previously.},
journal = {Form. Methods Syst. Des.},
month = {jul},
pages = {87–116},
numpages = {30},
keywords = {Satisfiability modulo theories, Verification, Neural networks}
}

@inproceedings{10.1007/978-3-030-62822-2_4,
author = {Feng, Weizhi and Huang, Cheng-Chao and Turrini, Andrea and Li, Yong},
title = {Modelling and Implementation of Unmanned Aircraft Collision Avoidance},
year = {2020},
isbn = {978-3-030-62821-5},
publisher = {Springer-Verlag},
address = {Berlin, Heidelberg},
url = {https://doi.org/10.1007/978-3-030-62822-2\_4},
doi = {10.1007/978-3-030-62822-2\_4},
abstract = {With the increasing application of unmanned aircraft in civil airspace, collision avoidance systems for unmanned aircraft are becoming more and more important and valuable. An ideal collision avoidance system gives the aircraft an optimal strategy for choosing flight actions to avoid collision risks when it detects other aircraft nearby. Currently the general approach to generating collision avoidance logics is to model the problem as a partially observable Markov decision process (POMDP), and then synthesize an optimal policy. However, the existing systems require the precise position information of the intruder aircraft to generate the avoidance actions and ignore the effects of the flight path changes, which may result in its lower robustness or a wasting of flying resources.In this paper, we construct a collision avoidance system based on limited information that reduces the variations from the original flight path. We use POMDPs to model the collision avoidance system with only the destination information of our own aircraft and rough information about the intruder position and generate the collision resolution logic. We implement the collision avoidance module, embed it into the real unmanned aircraft system over PX4 flight control platform and demonstrate the effectiveness of our system by flight simulation.},
booktitle = {Dependable Software Engineering. Theories, Tools, and Applications: 6th International Symposium, SETTA 2020, Guangzhou, China, November 24–27, 2020, Proceedings},
pages = {52–69},
numpages = {18},
location = {Guangzhou, China}
}

@misc{safednn-nasa,
  author        = "{Safe Deep Learning for Space Systems Group, NASA Ames Research Center}",
  title         = "{ACASX Prophecy parallel experiments}",
  url  = "{https://github.com/safednn-nasa/Prophecy/blob/master/ACASX\_Prophecy\_parallel\_experiments.ipynb}"
}

@inproceedings{sharma2021sketching,
  title={Sketching curvature for efficient out-of-distribution detection for deep neural networks},
  author={Sharma, Apoorva and Azizan, Navid and Pavone, Marco},
  booktitle={Uncertainty in artificial intelligence},
  pages={1958--1967},
  year={2021},
  organization={PMLR}
}

@STANDARD{saej3016,
  author = {},
  title = {Taxonomy and Definitions for Terms Related to Driving Automation Systems for On-Road Motor Vehicles},
  type = {SAE on Road Automated Driving Committee},
  number = {SAE J3016},
  year = {}
}
@inproceedings{torfah2022learning,
  title={Learning monitorable operational design domains for assured autonomy},
  author={Torfah, Hazem and Xie, Carol and Junges, Sebastian and Vazquez-Chanlatte, Marcell and Seshia, Sanjit A},
  booktitle={International Symposium on Automated Technology for Verification and Analysis},
  pages={3--22},
  year={2022},
  organization={Springer}
}

@inproceedings{irvine2021two,
  title={A two-level abstraction odd definition language: Part i},
  author={Irvine, Patrick and Zhang, Xizhe and Khastgir, Siddartha and Schwalb, Edward and Jennings, Paul},
  booktitle={2021 IEEE International Conference on Systems, Man, and Cybernetics (SMC)},
  pages={2614--2621},
  year={2021},
  organization={IEEE}
}
@article{hendrycks2016baseline,
  title={A baseline for detecting misclassified and out-of-distribution examples in neural networks},
  author={Hendrycks, Dan and Gimpel, Kevin},
  journal={arXiv preprint arXiv:1610.02136},
  year={2016}
}
@inproceedings{ritter2018scalable,
  title={A scalable laplace approximation for neural networks},
  author={Ritter, Hippolyt and Botev, Aleksandar and Barber, David},
  booktitle={6th international conference on learning representations, ICLR 2018-conference track proceedings},
  volume={6},
  year={2018},
  organization={International Conference on Representation Learning}
}
@article{abdelzad2019detecting,
  title={Detecting out-of-distribution inputs in deep neural networks using an early-layer output},
  author={Abdelzad, Vahdat and Czarnecki, Krzysztof and Salay, Rick and Denounden, Taylor and Vernekar, Sachin and Phan, Buu},
  journal={arXiv preprint arXiv:1910.10307},
  year={2019}
}

@article{madras2019detecting,
  title={Detecting underspecification with local ensembles},
  author={Madras, David and Atwood, James and D'Amour, Alex},
  journal={arXiv preprint arXiv:1910.09573},
  year={2019}
}

@inproceedings{byun2021black,
	title={Black-box testing of deep neural networks},
	author={Byun, Taejoon and Rayadurgam, Sanjai and Heimdahl, Mats PE},
	booktitle={2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE)},
	pages={309--320},
	year={2021},
	organization={IEEE}
}


@inproceedings{byun2020manifoldtestgen,
	title={Manifold-based test generation for image classifiers},
	author={Byun, Taejoon and Rayadurgam, Sanjai},
	booktitle={Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops},
	pages={221--221},
	year={2020}
}

@inproceedings{byun2020manifoldassurance,
	title={Manifold for machine learning assurance},
	author={Byun, Taejoon and Rayadurgam, Sanjai},
	booktitle={Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: New Ideas and Emerging Results},
	pages={97--100},
	year={2020}
}