{"id":"https://openalex.org/W7119483179","doi":"https://doi.org/10.1145/3779031.3779088","title":"Foundational Verification of Running-Time Bounds for Interactive Programs","display_name":"Foundational Verification of Running-Time Bounds for Interactive Programs","publication_year":2026,"publication_date":"2026-01-08","ids":{"openalex":"https://openalex.org/W7119483179","doi":"https://doi.org/10.1145/3779031.3779088"},"language":"en","primary_location":{"id":"doi:10.1145/3779031.3779088","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3779031.3779088","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM SIGPLAN International Conference on Certified Programs and Proofs","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"http://hdl.handle.net/20.500.11850/794554","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5092081617","display_name":"Andy Tockman","orcid":null},"institutions":[{"id":"https://openalex.org/I63966007","display_name":"Massachusetts Institute of Technology","ror":"https://ror.org/042nb2s44","country_code":"US","type":"education","lineage":["https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Andy Tockman","raw_affiliation_strings":["Massachusetts Institute of Technology, Boston, USA"],"affiliations":[{"raw_affiliation_string":"Massachusetts Institute of Technology, Boston, USA","institution_ids":["https://openalex.org/I63966007"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101572960","display_name":"Pratap Singh","orcid":"https://orcid.org/0000-0002-7139-2334"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Pratap Singh","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, USA"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, USA","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082766906","display_name":"Andres Erbsen","orcid":"https://orcid.org/0000-0002-9854-7500"},"institutions":[{"id":"https://openalex.org/I1291425158","display_name":"Google (United States)","ror":"https://ror.org/00njsd438","country_code":"US","type":"company","lineage":["https://openalex.org/I1291425158","https://openalex.org/I4210128969"]},{"id":"https://openalex.org/I58610484","display_name":"Seattle University","ror":"https://ror.org/02jqc0m91","country_code":"US","type":"education","lineage":["https://openalex.org/I58610484"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Andres Erbsen","raw_affiliation_strings":["Google, Seattle, USA"],"affiliations":[{"raw_affiliation_string":"Google, Seattle, USA","institution_ids":["https://openalex.org/I1291425158","https://openalex.org/I58610484"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028002789","display_name":"Samuel Gruetter","orcid":"https://orcid.org/0000-0001-8369-9117"},"institutions":[{"id":"https://openalex.org/I35440088","display_name":"ETH Zurich","ror":"https://ror.org/05a28rw58","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Samuel Gruetter","raw_affiliation_strings":["ETH Zurich, Zurich, Switzerland"],"affiliations":[{"raw_affiliation_string":"ETH Zurich, Zurich, Switzerland","institution_ids":["https://openalex.org/I35440088"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5119958277","display_name":"Adam Chlipala","orcid":null},"institutions":[{"id":"https://openalex.org/I63966007","display_name":"Massachusetts Institute of Technology","ror":"https://ror.org/042nb2s44","country_code":"US","type":"education","lineage":["https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Adam Chlipala","raw_affiliation_strings":["Massachusetts Institute of Technology, Boston, USA"],"affiliations":[{"raw_affiliation_string":"Massachusetts Institute of Technology, Boston, USA","institution_ids":["https://openalex.org/I63966007"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5092081617"],"corresponding_institution_ids":["https://openalex.org/I63966007"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.08365608,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"187","last_page":"200"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10933","display_name":"Real-Time Systems Scheduling","score":0.5647000074386597,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10933","display_name":"Real-Time Systems Scheduling","score":0.5647000074386597,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10142","display_name":"Formal Methods in Verification","score":0.26330000162124634,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10126","display_name":"Logic, programming, and type systems","score":0.07590000331401825,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/toolchain","display_name":"Toolchain","score":0.807200014591217},{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.760200023651123},{"id":"https://openalex.org/keywords/semantics","display_name":"Semantics (computer science)","score":0.5401999950408936},{"id":"https://openalex.org/keywords/model-checking","display_name":"Model checking","score":0.512499988079071},{"id":"https://openalex.org/keywords/compiler","display_name":"Compiler","score":0.49559998512268066},{"id":"https://openalex.org/keywords/formal-verification","display_name":"Formal verification","score":0.4586000144481659},{"id":"https://openalex.org/keywords/automated-theorem-proving","display_name":"Automated theorem proving","score":0.4505999982357025},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.42649999260902405},{"id":"https://openalex.org/keywords/formal-methods","display_name":"Formal methods","score":0.3921000063419342}],"concepts":[{"id":"https://openalex.org/C2777062904","wikidata":"https://www.wikidata.org/wiki/Q545406","display_name":"Toolchain","level":3,"score":0.807200014591217},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.760200023651123},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.739300012588501},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.6060000061988831},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.5401999950408936},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.512499988079071},{"id":"https://openalex.org/C169590947","wikidata":"https://www.wikidata.org/wiki/Q47506","display_name":"Compiler","level":2,"score":0.49559998512268066},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.4586000144481659},{"id":"https://openalex.org/C206880738","wikidata":"https://www.wikidata.org/wiki/Q431667","display_name":"Automated theorem proving","level":2,"score":0.4505999982357025},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.42649999260902405},{"id":"https://openalex.org/C75606506","wikidata":"https://www.wikidata.org/wiki/Q1049183","display_name":"Formal methods","level":2,"score":0.3921000063419342},{"id":"https://openalex.org/C202973057","wikidata":"https://www.wikidata.org/wiki/Q7380130","display_name":"Runtime verification","level":3,"score":0.39169999957084656},{"id":"https://openalex.org/C33054407","wikidata":"https://www.wikidata.org/wiki/Q6504747","display_name":"Software verification","level":5,"score":0.39079999923706055},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3813999891281128},{"id":"https://openalex.org/C156325763","wikidata":"https://www.wikidata.org/wiki/Q1930895","display_name":"Operational semantics","level":3,"score":0.3528999984264374},{"id":"https://openalex.org/C94461902","wikidata":"https://www.wikidata.org/wiki/Q2762418","display_name":"Formal proof","level":3,"score":0.3407999873161316},{"id":"https://openalex.org/C116253237","wikidata":"https://www.wikidata.org/wiki/Q1437424","display_name":"Formal specification","level":2,"score":0.3343000113964081},{"id":"https://openalex.org/C162838799","wikidata":"https://www.wikidata.org/wiki/Q596077","display_name":"Counterexample","level":2,"score":0.3077999949455261},{"id":"https://openalex.org/C6943359","wikidata":"https://www.wikidata.org/wiki/Q875276","display_name":"Boolean satisfiability problem","level":2,"score":0.30000001192092896},{"id":"https://openalex.org/C2776235265","wikidata":"https://www.wikidata.org/wiki/Q18392052","display_name":"Fragment (logic)","level":2,"score":0.299699991941452},{"id":"https://openalex.org/C203265346","wikidata":"https://www.wikidata.org/wiki/Q11387554","display_name":"Proof assistant","level":3,"score":0.29510000348091125},{"id":"https://openalex.org/C146499914","wikidata":"https://www.wikidata.org/wiki/Q5469969","display_name":"Formal semantics (linguistics)","level":2,"score":0.28610000014305115},{"id":"https://openalex.org/C2776633867","wikidata":"https://www.wikidata.org/wiki/Q186612","display_name":"Timer","level":3,"score":0.2775999903678894},{"id":"https://openalex.org/C30128091","wikidata":"https://www.wikidata.org/wiki/Q291929","display_name":"Predicate transformer semantics","level":4,"score":0.2736000120639801},{"id":"https://openalex.org/C159718280","wikidata":"https://www.wikidata.org/wiki/Q5526353","display_name":"Gas meter prover","level":3,"score":0.27059999108314514},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.2619999945163727},{"id":"https://openalex.org/C127705205","wikidata":"https://www.wikidata.org/wiki/Q5748245","display_name":"Heuristics","level":2,"score":0.2565999925136566}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3779031.3779088","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3779031.3779088","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM SIGPLAN International Conference on Certified Programs and Proofs","raw_type":"proceedings-article"},{"id":"pmh:doi:10.3929/ethz-c-000794554","is_oa":true,"landing_page_url":"http://hdl.handle.net/20.500.11850/794554","pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference Paper"}],"best_oa_location":{"id":"pmh:doi:10.3929/ethz-c-000794554","is_oa":true,"landing_page_url":"http://hdl.handle.net/20.500.11850/794554","pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference Paper"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W126106944","https://openalex.org/W1496304956","https://openalex.org/W1588567874","https://openalex.org/W1853550368","https://openalex.org/W2006731094","https://openalex.org/W2066550846","https://openalex.org/W2068055184","https://openalex.org/W2148662736","https://openalex.org/W2172426415","https://openalex.org/W2514317887","https://openalex.org/W2547267640","https://openalex.org/W2565334366","https://openalex.org/W2763435855","https://openalex.org/W2911450990","https://openalex.org/W2953840721","https://openalex.org/W2964769002","https://openalex.org/W2995075587","https://openalex.org/W3110167032","https://openalex.org/W3175981353","https://openalex.org/W4213447153","https://openalex.org/W4297927502","https://openalex.org/W4312405055","https://openalex.org/W4399851161","https://openalex.org/W4399851201","https://openalex.org/W4411267930"],"related_works":[],"abstract_inverted_index":{"Some":[0],"important":[1],"domains":[2],"of":[3,77,121,180,185],"software":[4],"demand":[5],"concrete":[6],"bounds":[7,80],"on":[8,146],"how":[9],"long":[10],"functions":[11],"may":[12,23,29],"run,":[13],"for":[14,16,43,81,155],"instance":[15],"real-time":[17],"cyberphysical":[18,173],"systems":[19],"where":[20,36],"missed":[21],"deadlines":[22,38],"damage":[24],"industrial":[25],"machinery.":[26],"Such":[27],"programs":[28,101],"interact":[30],"with":[31,119],"external":[32],"devices":[33],"throughout":[34],"execution,":[35],"time":[37,79,177],"ought":[39],"to":[40,51,65,92,102,124,175],"depend":[41,144],"on,":[42],"instance,":[44],"sensor":[45,58],"readings":[46],"(e.g.":[47],"we":[48,164],"only":[49,145],"scramble":[50],"close":[52],"a":[53,57,61,122,160,166,170],"valve":[54],"immediately":[55],"when":[56],"reports":[59],"that":[60,73,108],"tank":[62],"is":[63],"about":[64],"overflow).":[66],"We":[67,98],"present":[68],"the":[69,95,135],"first":[70],"software-development":[71],"toolchain":[72],"delivers":[74],"first-principles":[75],"proofs":[76,116],"meaningful":[78],"interactive":[82],"machine":[83,126],"code,":[84],"while":[85],"allowing":[86],"all":[87],"per-application":[88],"programming":[89],"and":[90,114,132,150,183],"verification":[91,120,168],"happen":[93],"at":[94],"source-code":[96],"level.":[97],"allow":[99],"C-like":[100],"be":[103],"proved":[104,133],"against":[105],"separation-logic":[106],"specifications":[107],"also":[109],"constrain":[110],"their":[111],"running":[112,157],"time,":[113],"such":[115],"are":[117,130],"composed":[118],"compiler":[123],"RISC-V":[125],"code.":[127],"All":[128],"components":[129],"implemented":[131],"inside":[134],"Rocq":[136],"proof":[137],"assistant,":[138],"producing":[139],"final":[140],"theorems":[141],"whose":[142],"statements":[143],"machine-language":[147],"formal":[148],"semantics":[149],"some":[151],"elementary":[152],"specification":[153],"constructions":[154],"describing":[156],"time.":[158],"As":[159],"capstone":[161],"case":[162],"study,":[163],"extended":[165],"past":[167],"(of":[169],"real":[171],"microcontroller-based":[172],"system)":[174],"bound":[176],"between":[178],"arrival":[179],"network":[181],"packets":[182],"actuation":[184],"an":[186],"attached":[187],"device.":[188]},"counts_by_year":[],"updated_date":"2026-03-01T08:55:55.761014","created_date":"2026-01-09T00:00:00"}