Arthur M. Dowell III (1998):
Layer of protection analysis for determining safety integrity level.
ISA Transactions 37(3),
pp. 155 – 165,
doi:10.1016/S0019-0578(98)00018-4.
Ola Bäckström, Yuliya Butkova, Holger Hermanns, Jan Krcál & Pavel Krcál (2016):
Effective Static and Dynamic Fault Tree Analysis.
In: Skavhaug,
pp. 266–280,
doi:10.1007/978-3-319-45477-1_21.
Christel Baier & Joost-Pieter Katoen (2008):
Principles of Model Checking.
MIT Press.
Manfred Broy & Ketil Stølen (2001):
Specification and Development of Interactive Systems: Focus on Streams, Interfaces, and Refinement.
Springer,
Berlin,
doi:10.1007/978-1-4613-0091-5.
Stephen P. Cook (2017):
An ASTM Standard for Bounding Behavior of Adaptive Algorithms for Unmanned Aircraft Operations (Invited).
AIAA SciTech Forum.
American Institute of Aeronautics and Astronautics,
doi:10.2514/6.2017-0881.
Matthew B. Dwyer, G. S. Avrunin & J. C. Corbett (1999):
Patterns in property specifications for finite-state verification.
In: ICSE,
pp. 411–20,
doi:10.1109/icse.1999.841031.
R. Eastwood, T.P. Kelly, R.D. Alexander & E. Landre (2013):
Towards a safety case for runtime risk and uncertainty management in safety-critical systems.
In: System Safety Conference incorporating the Cyber Security Conference 2013, 8th IET International,
pp. 1–6,
doi:10.1049/cp.2013.1713.
Clifton A. Ericson (2015):
Hazard Analysis Techniques for System Safety,
2nd edition.
Wiley.
Mario Gleirscher (2014):
Behavioral Safety of Technical Systems.
Dissertation.
Technische Universität München,
doi:10.13140/2.1.3122.7688.
Mario Gleirscher & Stefan Kugele (2017):
Defining Risk States in Autonomous Road Vehicles.
In: High Assurance Systems Engineering (HASE), 18th Int. Symp.,
pp. 112–115,
doi:10.1109/hase.2017.14.
Mario Gleirscher & Stefan Kugele (2017):
From Hazard Analysis to Hazard Mitigation Planning: The Automated Driving Case.
In: C. Barrett et al.: NASA Formal Methods (NFM) – 9th Int. Symp., Proceedings,
LNCS 10227.
Springer, Berlin/New York,
pp. 310–326,
doi:10.1007/978-3-319-57288-8_23.
Jeremie Guiochet, Mathilde Machin & Helene Waeselynck (2017):
Safety-critical Advanced Robots: A Survey.
Robots and Autonomous Systems,
doi:10.1016/j.robot.2017.04.004.
Charles A. R. Hoare (1985):
Communicating Sequential Processes,
1st edition,
Int. Series in Comp. Sci..
Prentice-Hall.
Phil Koopman & Michael Wagner (2016):
Challenges in Autonomous Vehicle Testing and Validation.
In: SAE World Congress,
doi:10.4271/2016-01-0128.
Ron Koymans (1990):
Specifying real-time properties with metric temporal logic.
Real-Time Syst. 2(4),
pp. 255–99,
doi:10.1007/bf01995674.
Rajesh Kumar & Mariëlle Stoelinga (2017):
Quantitative Security and Safety Analysis with Attack-Fault Trees.
In: 18th IEEE International Symposium on High Assurance Systems Engineering, HASE 2017, Singapore, January 12-14, 2017.
IEEE,
pp. 25–32,
doi:10.1109/HASE.2017.12.
Leslie Lamport (1977):
Proving the Correctness of Multiprocess Programs.
IEEE Trans. Software Eng. 3(2),
pp. 125–43,
doi:10.1109/TSE.1977.229904.
Nancy Gail Leveson (2012):
Engineering a Safer World: Systems Thinking Applied to Safety.
Engineering Systems.
MIT Press.
Mass Soldal Lund, Bjørnar Solhaug & Ketil Stølen (2011):
Model-Driven Risk Analysis: The CORAS Approach,
1st edition.
Springer,
doi:10.1007/978-3-642-12323-8.
Jan Lunze (2010):
Regelungstechnik 1: Systemtheoretische Grundlagen, Analyse und Entwurf einschleifiger Regelungen,
8th edition,
Lehrbuch.
Springer,
doi:10.1007/978-3-642-13808-9.
Mathilde Machin, Jérémie Guiochet, Hélène Waeselynck, Jean-Paul Blanquart, Matthieu Roy & Lola Masson (2016):
SMOF – A Safety MOnitoring Framework for Autonomous Systems 99,
pp. 1–14,
doi:10.1109/tsmc.2016.2633291.
Zohar Manna & Amir Pnueli (1991):
The Temporal Logic of Reactive and Concurrent Systems: Specification,
1st edition.
Springer.
Zohar Manna & Amir Pnueli (1995):
Temporal Verification of Reactive Systems: Safety,
1st edition.
Springer,
doi:10.1007/978-1-4612-4222-2.
Robin Milner (1995):
Communication and Concurrency.
International Series in Computer Science.
Prentice Hall.
Stefan Mitsch & André Platzer (2016):
ModelPlex: Verified Runtime Validation of Verified Cyber-Physical System Models,
doi:10.1007/978-3-319-11164-3_17.
D.S. Nielsen (1971):
The cause/consequence diagram method as basis for quantitative accident analysis.
Technical Report RISO-M-1374.
Danish Atomic Energy Commission.
On-Road Automated Driving Committee (2016):
Taxonomy and Definitions for Terms Related to Driving Automation Systems for On-Road Motor Vehicles.
Technical Report SAE J 3016.
SAE International,
doi:10.4271/j3016_201609.
Christopher Preschern, Nermin Kajtazovic & Christian Kreiner (2013):
Building a safety architecture pattern system.
In: Uwe van Heesch & Christian Kohls: Proceedings of the 18th European Conference on Pattern Languages of Programs (EuroPLoP), Irsee, Germany, July 10-14, 2013.
ACM,
pp. 17,
doi:10.1145/2739011.2739028.
Hendrik Roehm, Jens Oehlerking, Thomas Heinz & Matthias Althoff (2016):
STL Model Checking of Continuous and Hybrid Systems,
pp. 412–27.
Springer,
doi:10.1007/978-3-319-46520-3_26.
Amund Skavhaug, Jérémie Guiochet & Friedemann Bitsch (2016):
Computer Safety, Reliability, and Security - 35th International Conference, SAFECOMP 2016, Trondheim, Norway, September 21-23, 2016, Proceedings.
Lecture Notes in Computer Science 9922.
Springer,
doi:10.1007/978-3-319-45477-1.
I. Svedung & J. Rasmussen (2002):
Graphic representation of accident scenarios: Mapping system structure and the causation of accidents.
Safety Science 40(5),
pp. 397–417,
doi:10.1016/s0925-7535(00)00036-9.
Transport Systems Catapult (2017):
Taxonomy of Scenarios for Automated Driving.
Technical Report.
Transport Systems Catapult.
Jan Tretmans (2008):
Model Based Testing with Labelled Transition Systems.
In: Formal Methods and Testing,
pp. 1–38,
doi:10.1007/978-3-540-78917-8_1.
U.S. Department of Transportation (2016):
Federal Automated Vehicles Policy.
Technical Report.
U.S. Department of Transportation.
Matthias Volk, Sebastian Junges & Joost-Pieter Katoen (2016):
Advancing Dynamic Fault Tree Analysis - Get Succinct State Spaces Fast and Synthesise Failure Rates.
In: Skavhaug,
pp. 253–265,
doi:10.1007/978-3-319-45477-1_20.