{"id":"https://openalex.org/W3018689464","doi":"https://doi.org/10.1145/3377813.3381347","title":"Code-level model checking in the software development workflow","display_name":"Code-level model checking in the software development workflow","publication_year":2020,"publication_date":"2020-06-27","ids":{"openalex":"https://openalex.org/W3018689464","doi":"https://doi.org/10.1145/3377813.3381347","mag":"3018689464"},"language":"en","primary_location":{"id":"doi:10.1145/3377813.3381347","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3377813.3381347","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3377813.3381347","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3377813.3381347","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5073793617","display_name":"Nathan Chong","orcid":"https://orcid.org/0000-0001-7843-9556"},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Nathan Chong","raw_affiliation_strings":["Amazon"],"affiliations":[{"raw_affiliation_string":"Amazon","institution_ids":["https://openalex.org/I4210089985"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112528389","display_name":"Byron Cook","orcid":null},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Byron Cook","raw_affiliation_strings":["Amazon"],"affiliations":[{"raw_affiliation_string":"Amazon","institution_ids":["https://openalex.org/I4210089985"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054940489","display_name":"\u039a\u03c9\u03bd\u03c3\u03c4\u03b1\u03bd\u03c4\u03af\u03bd\u03bf\u03c2 \u039a\u03b1\u03bb\u03bb\u03ac\u03c2","orcid":"https://orcid.org/0000-0002-8984-6648"},"institutions":[{"id":"https://openalex.org/I36788626","display_name":"California University of Pennsylvania","ror":"https://ror.org/01spssf70","country_code":"US","type":"education","lineage":["https://openalex.org/I36788626"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Konstantinos Kallas","raw_affiliation_strings":["University of Pennsylvania"],"affiliations":[{"raw_affiliation_string":"University of Pennsylvania","institution_ids":["https://openalex.org/I36788626"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022017841","display_name":"Kareem Khazem","orcid":null},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Kareem Khazem","raw_affiliation_strings":["Amazon"],"affiliations":[{"raw_affiliation_string":"Amazon","institution_ids":["https://openalex.org/I4210089985"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043837755","display_name":"Felipe R. Monteiro","orcid":"https://orcid.org/0000-0001-9420-9056"},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Felipe R. Monteiro","raw_affiliation_strings":["Amazon"],"affiliations":[{"raw_affiliation_string":"Amazon","institution_ids":["https://openalex.org/I4210089985"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022049158","display_name":"Daniel Schwartz\u2010Narbonne","orcid":"https://orcid.org/0000-0002-0453-2552"},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Daniel Schwartz-Narbonne","raw_affiliation_strings":["Amazon"],"affiliations":[{"raw_affiliation_string":"Amazon","institution_ids":["https://openalex.org/I4210089985"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091601759","display_name":"Serdar Ta\u015firan","orcid":null},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Serdar Tasiran","raw_affiliation_strings":["Amazon"],"affiliations":[{"raw_affiliation_string":"Amazon","institution_ids":["https://openalex.org/I4210089985"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001580382","display_name":"Michael Tautschnig","orcid":"https://orcid.org/0000-0002-7947-983X"},"institutions":[{"id":"https://openalex.org/I166337079","display_name":"Queen Mary University of London","ror":"https://ror.org/026zzn846","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I166337079"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Michael Tautschnig","raw_affiliation_strings":["Queen Mary University of London"],"affiliations":[{"raw_affiliation_string":"Queen Mary University of London","institution_ids":["https://openalex.org/I166337079"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5004031220","display_name":"Mark R. Tuttle","orcid":null},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Mark R. Tuttle","raw_affiliation_strings":["Amazon"],"affiliations":[{"raw_affiliation_string":"Amazon","institution_ids":["https://openalex.org/I4210089985"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":9,"corresponding_author_ids":["https://openalex.org/A5073793617"],"corresponding_institution_ids":["https://openalex.org/I4210089985"],"apc_list":null,"apc_paid":null,"fwci":3.3208,"has_fulltext":true,"cited_by_count":29,"citation_normalized_percentile":{"value":0.9362155,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"11","last_page":"20"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10142","display_name":"Formal Methods in Verification","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10142","display_name":"Formal Methods in Verification","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8068093657493591},{"id":"https://openalex.org/keywords/correctness","display_name":"Correctness","score":0.7430388927459717},{"id":"https://openalex.org/keywords/model-checking","display_name":"Model checking","score":0.6567638516426086},{"id":"https://openalex.org/keywords/hypervisor","display_name":"Hypervisor","score":0.5777559280395508},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.5375207662582397},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.5275663137435913},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.5188904404640198},{"id":"https://openalex.org/keywords/legacy-code","display_name":"Legacy code","score":0.4617493450641632},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.43484658002853394},{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.42590975761413574},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.42541733384132385},{"id":"https://openalex.org/keywords/formal-verification","display_name":"Formal verification","score":0.421120285987854},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.41974180936813354},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.38565751910209656},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.28092819452285767},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.23256024718284607}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8068093657493591},{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.7430388927459717},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.6567638516426086},{"id":"https://openalex.org/C112904061","wikidata":"https://www.wikidata.org/wiki/Q1077480","display_name":"Hypervisor","level":4,"score":0.5777559280395508},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.5375207662582397},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.5275663137435913},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5188904404640198},{"id":"https://openalex.org/C85687889","wikidata":"https://www.wikidata.org/wiki/Q445962","display_name":"Legacy code","level":3,"score":0.4617493450641632},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.43484658002853394},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.42590975761413574},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.42541733384132385},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.421120285987854},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.41974180936813354},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.38565751910209656},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.28092819452285767},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.23256024718284607},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C513985346","wikidata":"https://www.wikidata.org/wiki/Q270471","display_name":"Virtualization","level":3,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3377813.3381347","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3377813.3381347","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3377813.3381347","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice","raw_type":"proceedings-article"},{"id":"pmh:oai:qmro.qmul.ac.uk:123456789/63239","is_oa":false,"landing_page_url":"https://qmro.qmul.ac.uk/xmlui/handle/123456789/63239","pdf_url":null,"source":{"id":"https://openalex.org/S4306400530","display_name":"Queen Mary Research Online (Queen Mary University of London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I166337079","host_organization_name":"Queen Mary University of London","host_organization_lineage":["https://openalex.org/I166337079"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference Proceeding"}],"best_oa_location":{"id":"doi:10.1145/3377813.3381347","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3377813.3381347","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3377813.3381347","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.6200000047683716,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3018689464.pdf","grobid_xml":"https://content.openalex.org/works/W3018689464.grobid-xml"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W201766245","https://openalex.org/W777621473","https://openalex.org/W1516936561","https://openalex.org/W1518705996","https://openalex.org/W1993836075","https://openalex.org/W2008626182","https://openalex.org/W2031525781","https://openalex.org/W2105357036","https://openalex.org/W2117798902","https://openalex.org/W2129538349","https://openalex.org/W2133900335","https://openalex.org/W2170612356","https://openalex.org/W2514084604","https://openalex.org/W2606939423","https://openalex.org/W2784876765","https://openalex.org/W2810768857","https://openalex.org/W2884325678","https://openalex.org/W2884432391","https://openalex.org/W2901387825","https://openalex.org/W2912640545","https://openalex.org/W2929832674","https://openalex.org/W2964232059","https://openalex.org/W2968736585"],"related_works":["https://openalex.org/W3011785936","https://openalex.org/W2044925663","https://openalex.org/W1245344834","https://openalex.org/W2100424584","https://openalex.org/W2471255227","https://openalex.org/W2476395263","https://openalex.org/W2956679612","https://openalex.org/W2556057931","https://openalex.org/W2109457818","https://openalex.org/W1550519739"],"abstract_inverted_index":{"This":[0],"experience":[1],"report":[2],"describes":[3],"a":[4],"style":[5],"of":[6,15,30,57],"applying":[7],"symbolic":[8],"model":[9],"checking":[10],"developed":[11],"over":[12],"the":[13,55],"course":[14],"four":[16],"years":[17],"at":[18],"Amazon":[19],"Web":[20],"Services":[21],"(AWS).":[22],"Lessons":[23],"learned":[24],"are":[25,70,83],"drawn":[26],"from":[27],"proving":[28],"properties":[29],"numerous":[31],"C-based":[32,60],"systems,":[33],"e.g.,":[34],"custom":[35],"hypervisors,":[36],"encryption":[37],"code,":[38],"boot":[39],"loaders,":[40],"and":[41,65],"an":[42],"IoT":[43],"operating":[44],"system.":[45],"Using":[46],"our":[47],"methodology,":[48],"we":[49,52],"find":[50],"that":[51],"can":[53],"prove":[54],"correctness":[56],"industrial":[58],"low-level":[59],"systems":[61],"with":[62],"reasonable":[63],"effort":[64],"predictability.":[66],"Furthermore,":[67],"AWS":[68],"developers":[69],"increasingly":[71],"writing":[72],"their":[73],"own":[74],"formal":[75],"specifications.":[76],"All":[77],"proofs":[78],"discussed":[79],"in":[80],"this":[81],"paper":[82],"publicly":[84],"available":[85],"on":[86],"GitHub.":[87]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":10},{"year":2020,"cited_by_count":1}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}