@inproceedings(Calinescu2019-SocioCyberPhysical,
 author       = {Radu Calinescu and Javier Camara and Colin Paterson},
 year         = {2019},
 title        = {Socio-Cyber-Physical Systems: Models, Opportunities, Open Challenges},
 booktitle    = {5th ICSE Workshop on Software Engineering for Smart Cyber-Physical Systems ({SEsCPS})},
 publisher    = {{IEEE}/{ACM}},
 pages        = {1--6},
 doi          = {10.1109/sescps.2019.00008},
)
@article(Calinescu2018-EngineeringTrustworthySelf,
 author       = {Radu Calinescu and Danny Weyns and Simos Gerasimou and Muhammad Usman Iftikhar and Ibrahim Habli and Tim Kelly},
 year         = {2018},
 title        = {Engineering Trustworthy Self-Adaptive Software with Dynamic Assurance Cases},
 journal      = {{IEEE} Transactions on Software Engineering},
 volume       = {44},
 number       = {11},
 pages        = {1039--1069},
 doi          = {10.1109/tse.2017.2738640},
)
@book(Ericson2015-HazardAnalysisTechniques,
 author       = {Clifton A. Ericson},
 year         = {2015},
 title        = {Hazard Analysis Techniques for System Safety},
 edition      = {2},
 publisher    = {Wiley},
)
@incollection(Foster2015-IsabelleUTPMechanisedTheory,
 author       = {Simon Foster and Frank Zeyda and Jim Woodcock},
 year         = {2015},
 title        = {{Isabelle/UTP}: A Mechanised Theory Engineering Framework},
 booktitle    = {UTP},
 publisher    = {Springer},
 pages        = {21--41},
 doi          = {10.1007/978-3-319-14806-9_2},
)
@manual(Gleirscher-YapManual,
 author       = {Mario Gleirscher},
 year         = {2020},
 title        = {{\upshape\textsc {Yap}\ } Against Perils: Application Guide and User's Manual},
 organization = {University of York and Technical University of Munich},
 url          = {http://gleirscher.de/yap/},
)
@inproceedings(Gleirscher2020-SafetyControllerSynthesis,
 author       = {Mario Gleirscher and Radu Calinescu},
 year         = {2020},
 title        = {Safety Controller Synthesis for Collaborative Robots},
 booktitle    = {Engineering of Complex Computer Systems, 25th International Conference ({ICECCS}), 28 - 31 October 2020, Singapore},
 pages        = {1--12},
 url          = {https://arxiv.org/abs/2007.03340},
 note         = {In press},
)
@techreport(Gleirscher2020-RiskStructuresDesign,
 author       = {Mario Gleirscher and Radu Calinescu and Jim Woodcock},
 year         = {2020},
 title        = {Risk Structures: A Design Algebra for Risk-Aware Machines},
 type         = {Working paper},
 institution  = {Department of Computer Science, University of York},
 address      = {York, UK},
 url          = {https://arxiv.org/abs/1904.10386},
)
@book(Hoare1985-CommunicatingSequentialProcesses,
 author       = {Charles A. R. Hoare},
 year         = {1985},
 title        = {Communicating Sequential Processes},
 series       = {Int. Series in Comp. Sci.},
 publisher    = {Prentice-Hall},
 url          = {http://www.usingcsp.com},
)
@techreport(IEC61508,
 author       = {{IEC 61508}},
 year         = {2011},
 title        = {Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems},
 type         = {Standard},
 institution  = {The 61508 Association},
 url          = {http://www.61508.org/},
)
@techreport(IEC61882,
 author       = {{IEC 61882}},
 year         = {2016},
 title        = {Hazard and operability studies -- Application guide},
 type         = {Standard},
 number       = {61882},
 institution  = {IEC},
 url          = {https://webstore.iec.ch/publication/24321},
)
@techreport(ISO15066,
 author       = {{ISO/TS 15066}},
 year         = {2016},
 title        = {Robots and robotic devices -- Collaborative robots},
 type         = {Standard},
 institution  = {Robotic Industries Association (RIA)},
 url          = {https://www.iso.org/standard/62996.html},
)
@book(Jensen2009-ColouredPetriNets,
 author       = {Kurt Jensen and Lars M. Kristensen},
 year         = {2009},
 title        = {Coloured Petri Nets},
 publisher    = {Springer},
 address      = {Berlin Heidelberg},
 doi          = {10.1007/b95112},
)
@book(Knight2012-FundamentalsDependableComputing,
 author       = {John Knight},
 year         = {2012},
 title        = {Fundamentals of Dependable Computing for Software Engineers},
 publisher    = {Chapman and Hall/CRC},
 doi          = {10.1201/b11667},
)
@incollection(Kwiatkowska2007-StochasticModelChecking,
 author       = {Marta Kwiatkowska and Gethin Norman and David Parker},
 year         = {2007},
 title        = {Stochastic Model Checking},
 editor       = {M. Bernardo and J. Hillston},
 booktitle    = {Formal Methods for the Design of Computer, Communication and Software Systems: Performance Evaluation ({SFM})},
 series       = {LNCS},
 volume       = {4486},
 publisher    = {Springer},
 pages        = {220--70},
 doi          = {10.1007/978-3-540-72522-0_6},
)
@inproceedings(Kwiatkowska2011-PRISM4Verification,
 author       = {Marta Kwiatkowska and Gethin Norman and David Parker},
 year         = {2011},
 title        = {{PRISM} 4.0: Verification of Probabilistic Real-time Systems},
 editor       = {G. Gopalakrishnan and S. Qadeer},
 booktitle    = {23rd International Conference on Computer Aided Verification ({CAV})},
 series       = {LNCS},
 volume       = {6806},
 publisher    = {Springer},
 pages        = {585--591},
 doi          = {10.1007/978-3-642-22110-1_47},
)
@article(Lamport1977-ProvingCorrectnessMultiprocess,
 author       = {Leslie Lamport},
 year         = {1977},
 title        = {Proving the Correctness of Multiprocess Programs},
 journal      = {{IEEE} Trans. Software Eng.},
 volume       = {3},
 number       = {2},
 pages        = {125--43},
 doi          = {10.1109/TSE.1977.229904},
)
@article(Leucker2009-briefaccountruntime,
 author       = {Martin Leucker and Christian Schallhart},
 year         = {2009},
 title        = {A brief account of runtime verification},
 journal      = {Journal of Logic and Algebraic Programming},
 volume       = {78},
 number       = {5},
 pages        = {293--303},
 doi          = {10.1016/j.jlap.2008.08.004},
)
@book(Leveson2012-EngineeringSaferWorld,
 author       = {Nancy G. Leveson},
 year         = {2012},
 title        = {Engineering a Safer World: Systems Thinking Applied to Safety},
 series       = {Engineering Systems},
 publisher    = {MIT Press},
 address      = {Cambridge, Mass.},
 doi          = {10.7551/mitpress/8179.001.0001},
)
@book(Manna1995-TemporalVerificationReactive,
 author       = {Zohar Manna and Amir Pnueli},
 year         = {1995},
 title        = {Temporal Verification of Reactive Systems: Safety},
 publisher    = {Springer},
 doi          = {10.1007/978-1-4612-4222-2},
)
@article(Miyazawa2019-RoboChartmodellingverification,
 author       = {Alvaro Miyazawa and Pedro Ribeiro and Wei Li and Ana Cavalcanti and Jon Timmis and Jim Woodcock},
 year         = {2019},
 title        = {{RoboChart}: modelling and verification of the functional behaviour of robotic applications},
 journal      = {Software {\&} Systems Modeling},
 doi          = {10.1007/s10270-018-00710-z},
)
@manual(Parker2019-PRISMModelChecker,
 author       = {Dave Parker and Gethin Norman and Marta Kwiatkowska},
 year         = {2019},
 title        = {{PRISM} Model Checker},
 url          = {http://www.prismmodelchecker.org/manual/},
)