References
- Ames SR, Jr, Gasser M., Schell RR. Security kernel design and implementation: An introduction. IEEE Comput 1983; 16(7)14–22
- Ammann P. E., Brilliant S. S., Knight JC. The effect of imperfect error detection on reliability assessment via life testing. IEEE Transact Software Eng 1994; 20: 142–148
- Anderson T., Lee PA. Fault Tolerance: Principles and Practice. Prentice Hall., Englewood Cliffs, NJ 1981
- Avizienis A. The N-version approach to fault-tolerant software. IEEE Transact Software Eng 1985; 11: 1491–1501
- Brilliant S. S., Knight J. C., Leveson NG. The consistent comparison problem in N-version software. IEEE Transact Software Eng 1989; 15: 1481–1485
- Brooks FP. Essence and accidents of software engineering. IEEE Comput 1987; 20(4)10–19
- Butler R. W., Finelli GB. The infeasibility of quantifying the reliability of life-critical real-time software. IEEE Transact Software Eng 1993; 19: 3–12
- Chen L., Avizienis A. N-version programming: A fault-tolerance approach to reliability of software operation. Digest of Papers of the 8th International Symposium on Fault-Tolerant Computing, Tolouse. IEEE Press, France Los Alamitos, CA 1978; 3–9
- Diller A. An Introduction to Formal Methods. John Wiley and Sons., New York 1990
- Eckhardt D. E., Lee LD. A theoretical basis for the analysis of multiversion software subject to coincident errors. IEEE Transact Software Eng 1985; 11: 1511–1517
- Eckhardt D. E., Lee LD. Fundamental differences in the reliability of N-modular redundancy and N-version programming. J Systems Software 1988; 8: 313–318
- Fagan ME. Advances in software inspections. IEEE Transact Software Eng 1986; 12: 744–751
- Gillies G. T., Ritter R. C., Broaddus W. C., Grady M. S., Howard MA, III, McNeil RG. Magnetic manipulation instrumentation for medical physics research. Rev Sci Instr 1994; 65: 533–562
- Grady M. S., Howard M. A., Malloy J. A., Ritter R. C., Quate E. G., Gillies GT. Preliminary experimental investigation of in vivo magnetic manipulation: Results and potential application in hyperthermia. Med Phys 1989; 16: 263–272
- Harel D. A visual formalism for complex systems. Sci Comput Programming 1987; 8: 231–274
- Henninger KL. Specifying software requirements for complex systems: New techniques and their applications. IEEE Transact Software Eng 1980; 6: 2–13
- Jones CB. Systematic Software Development Using VDM. Prentice Hall., Englewood Cliffs, NJ 1986
- Joseph MK. Architectural Issues in Fault-Tolerant, Secure Computing Systems. PhD Thesis. University of California, Los Angeles 1988
- Knight J. C., Cass A. G., Fernandez A. M., Wika KG. Testing a Safety-Critical Application. Department of Computer Science. Technical Report No. CS-94–08, University of Virginia 1994
- Knight J. C., Leveson NG. An empirical study of failure probabilities in multi-version software In: Digest of Papers of the 16th International Symposium on Fault-Tolerant Computing, Vienna. IEEE Press, Austria Los Alamitos, CA 1986; 165–170
- Knight J. C., Leveson NG. An experimental evaluation of the assumption of independence in multiversion programming. IEEE Transact Software Eng 1986; 12: 96–109
- Knight J. C., Meyers EA. An improved inspection technique. Commun ACM 1993; 36(11)51–61
- Laprie JC. The dependability approach to critical computing systems. Proceedings of the 1st European Conference on Software Engineering. StrasbourgFrance 1987; 233–243
- Leveson NG. Soft ware fault tolerance in safety-critical applications. Proceedings of the 3rd International Conference on Fault-Tolerant Computing Systems. BremerhavenGermany 1987
- Leveson N. G., Turner CS. An investigation of the Therac-25 accidents. IEEE Comput 1993; 26(7): 18–41
- McCormick NJ. Reliability and Risk Analysis. Academic Press., San Diego 1981
- Miller DR. Making Statistical Inferences About Software Reliability. NASA Langley Research Center, NASA Contractor Report 4197., Hampton, VA 1988
- Miller DR. The role of statistical modeling and inference in software quality assurance. Software Certification., B de Neumann. Elsevier Applied Science, London 1989; 135–152
- Paulk M. C., Curtis W., Chrissis M. B., Weber CV. Capability Maturity Model, Version 1.1. IEEE Transact Software Eng 1993; 10((4))18–27
- Potter B., Sinclair J., Till D. An Introduction to Formal Specification and Z. Englewood. Prentice Hall., Cliffs, NJ 1991
- Rushby J. Kernels for safety?. Safe and Secure Computing Systems., T Anderson. Blackwell Scientific Publications, Oxford 1989; 210–220
- Siewiorek D. R., Swarz RS. The Theory and Practice of Reliable System Design. Digital Press., Bedford, MA 1982
- Mod. The Procurement of Safety-Critical Software in Defense Equipment. Ministry of Defense, Directorate of Standardization., Glasgow 1991
- Mod. Hazard Analysis and Safety Classification of the Computer and Programmable Electronic System Elements of Defense Equipment. Ministry of Defense, Directorate of Standardization., Glasgow 1991
- Weyuker EJ. On testing nontestable programs. Comput J 1982. 1982; Vol 25
- Wika KG. Safety Kernel Enforcement of Software Safety Policies. Doctoral Dissertation. University of Virginia. 1995