{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T14:38:24Z","timestamp":1775745504429,"version":"3.50.1"},"reference-count":50,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2024,3,21]],"date-time":"2024-03-21T00:00:00Z","timestamp":1710979200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,3,21]],"date-time":"2024-03-21T00:00:00Z","timestamp":1710979200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"funder":[{"DOI":"10.13039\/100000181","name":"Air Force Office of Scientific Research","doi-asserted-by":"publisher","award":["FA9550-19-1-0288"],"award-info":[{"award-number":["FA9550-19-1-0288"]}],"id":[{"id":"10.13039\/100000181","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-22-1-2156"],"award-info":[{"award-number":["N00014-22-1-2156"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N000142112719"],"award-info":[{"award-number":["N000142112719"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Science Foundation","award":["ITE-2134840"],"award-info":[{"award-number":["ITE-2134840"]}]},{"name":"National Science Foundation","award":["ITE-2134840"],"award-info":[{"award-number":["ITE-2134840"]}]},{"name":"National  Science  Foundation","award":["OIA-2040599"],"award-info":[{"award-number":["OIA-2040599"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Innovations Syst Softw Eng"],"published-print":{"date-parts":[[2025,6]]},"DOI":"10.1007\/s11334-024-00553-6","type":"journal-article","created":{"date-parts":[[2024,3,21]],"date-time":"2024-03-21T16:01:51Z","timestamp":1711036911000},"page":"619-634","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["The black-box simplex architecture for runtime assurance of multi-agent CPS"],"prefix":"10.1007","volume":"21","author":[{"given":"Sanaz","family":"Sheikhi","sequence":"first","affiliation":[]},{"given":"Usama","family":"Mehmood","sequence":"additional","affiliation":[]},{"given":"Stanley","family":"Bak","sequence":"additional","affiliation":[]},{"given":"Scott A.","family":"Smolka","sequence":"additional","affiliation":[]},{"given":"Scott D.","family":"Stoller","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,3,21]]},"reference":[{"key":"553_CR1","doi-asserted-by":"crossref","unstructured":"Clark M, Koutsoukos X, Porter J, Kumar R, Pappas G, Sokolsky O, Lee I, Pike L (2013) A study on run time assurance for complex cyber physical systems. Technical report, Air Force Research Laboratory, Aerospace Systems Directorate","DOI":"10.21236\/ADA585474"},{"key":"553_CR2","doi-asserted-by":"crossref","unstructured":"Seto D, Krogh B, Sha L, Chutinan A (1998) The simplex architecture for safe online control system upgrades. In: Proceedings of the 1998 American control conference. ACC (IEEE Cat. No. 98CH36207), vol. 6. IEEE","DOI":"10.1109\/ACC.1998.703255"},{"issue":"4","key":"553_CR3","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MS.2001.936213","volume":"18","author":"L Sha","year":"2001","unstructured":"Sha L (2001) Using simplicity to control complexity. IEEE Softw 18(4):20\u201328. https:\/\/doi.org\/10.1109\/MS.2001.936213","journal-title":"IEEE Softw"},{"key":"553_CR4","doi-asserted-by":"crossref","unstructured":"Desai A, Ghosh S, Seshia S.A, Shankar N, Tiwari A (2019) SOTER: a runtime assurance framework for programming safe robotics systems. In: 49th Annual IEEE\/IFIP international conference on dependable systems and networks, DSN 2019, Portland, OR, USA, June 24\u201327, 2019","DOI":"10.1109\/DSN.2019.00027"},{"issue":"1","key":"553_CR5","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/s10703-016-0265-4","volume":"51","author":"D Phan","year":"2017","unstructured":"Phan D, Yang J, Grosu R, Smolka SA, Stoller SD (2017) Collision avoidance for mobile robots with limited sensing and limited information about moving obstacles. Formal Methods Syst Design 51(1):62\u201386","journal-title":"Formal Methods Syst Design"},{"key":"553_CR6","doi-asserted-by":"crossref","unstructured":"Schierman J, DeVore M.D, Richards N, Gandhi N, Cooper J, Horneman K.R, Stoller S, Smolka S (2015) Runtime assurance framework development for highly adaptive flight control systems. Report AD1010277, Defense Technical Information Center","DOI":"10.21236\/AD1010277"},{"key":"553_CR7","doi-asserted-by":"crossref","unstructured":"Mehmood U, Bak S, Smolka S.A, Stoller S.D (2021) Safe cps from unsafe controllers. In: Proceedings of the workshop on computation-aware algorithmic design for cyber-physical systems, pp 26\u201328","DOI":"10.1145\/3457335.3461712"},{"key":"553_CR8","doi-asserted-by":"crossref","unstructured":"Mehmood U, Sheikhi S, Bak S, Smolka S, Stoller S (2022) The black-box simplex architecture for runtime assurance of autonomous cps. In: NASA formal methods symposium","DOI":"10.1007\/978-3-031-06773-0_12"},{"key":"553_CR9","doi-asserted-by":"crossref","unstructured":"Lin Q, Chen X, Khurana A, Dolan J (2020) Reachflow: an online safety assurance framework for waypoint-following of self-driving cars. In: 2020 IEEE\/RSJ international conference on intelligent robots and systems (IROS)","DOI":"10.1109\/IROS45743.2020.9341122"},{"key":"553_CR10","doi-asserted-by":"crossref","unstructured":"Bak S, Johnson T.T, Caccamo M, Sha L (2014) Real-time reachability for verified simplex design. In: 35th IEEE real-time systems symposium (RTSS 2014). IEEE Computer Society, Rome, Italy","DOI":"10.1109\/RTSS.2014.21"},{"key":"553_CR11","doi-asserted-by":"crossref","unstructured":"Althoff M, Dolan J.M (2014) Online verification of automated road vehicles using reachability analysis. IEEE Trans Robot 30(4)","DOI":"10.1109\/TRO.2014.2312453"},{"key":"553_CR12","doi-asserted-by":"crossref","unstructured":"Phan D, Grosu R, Jansen N, Paoletti N, Smolka SA, Stoller SD (2020) Neural simplex architecture. In: NASA formal methods symposium (NFM 2020)","DOI":"10.1007\/978-3-030-55754-6_6"},{"key":"553_CR13","doi-asserted-by":"crossref","unstructured":"Bak S, Chivukula D.K, Adekunle O, Sun M, Caccamo M, Sha L (2009) The system-level simplex architecture for improved real-time embedded system safety. In: 2009 15th IEEE real-time and embedded technology and applications symposium. IEEE, pp 99\u2013107","DOI":"10.1109\/RTAS.2009.20"},{"key":"553_CR14","doi-asserted-by":"crossref","unstructured":"Kapinski J, Deshmukh J (2015) Discovering forward invariant sets for nonlinear dynamical systems. In: Interdisciplinary topics in applied mathematics, modeling and computational science, pp 259\u2013264","DOI":"10.1007\/978-3-319-12307-3_37"},{"key":"553_CR15","unstructured":"Murray RM, Li Z, Sastry SS, Sastry SS (1994) A mathematical introduction to robotic manipulation"},{"key":"553_CR16","doi-asserted-by":"crossref","unstructured":"Khatib O (1986) Real-time obstacle avoidance for manipulators and mobile robots. In: Autonomous robot vehicles, pp 396\u2013404","DOI":"10.1007\/978-1-4613-8997-2_29"},{"key":"553_CR17","doi-asserted-by":"crossref","unstructured":"Girard A (2005) Reachability of uncertain linear systems using zonotopes. In: International workshop on hybrid systems: computation and control. Springer","DOI":"10.1007\/978-3-540-31954-2_19"},{"key":"553_CR18","unstructured":"Heidlauf P, Collins A, Bolender M, Bak S (2018) Verification challenges in f-16 ground collision avoidance and other automated maneuvers. In: 5th international workshop on applied verification of continuous and hybrid systems. EPiC Series in Computing, vol 54"},{"key":"553_CR19","unstructured":"Stevens BL, Lewis FL, Johnson EN (2015) Aircraft control and simulation"},{"key":"553_CR20","unstructured":"Kochenderfer MJ, Chryssanthacopoulos J (2011) Robust airborne collision avoidance through dynamic programming. Massachusetts Institute of Technology, Lincoln Laboratory, Project Report ATC-371 130"},{"issue":"3","key":"553_CR21","doi-asserted-by":"publisher","first-page":"598","DOI":"10.2514\/1.G003724","volume":"42","author":"KD Julian","year":"2019","unstructured":"Julian KD, Kochenderfer MJ, Owen MP (2019) Deep neural network compression for aircraft collision avoidance systems. J Guid Control Dyn 42(3):598\u2013608","journal-title":"J Guid Control Dyn"},{"key":"553_CR22","doi-asserted-by":"crossref","unstructured":"Katz G, Barrett C, Dill DL, Julian K, Kochenderfer MJ (2017) Reluplex: an efficient SMT solver for verifying deep neural networks. In: International conference on computer aided verification. Springer, pp 97\u2013117","DOI":"10.1007\/978-3-319-63387-9_5"},{"key":"553_CR23","unstructured":"Marston M, Baca G (2015) ACAS-Xu initial self-separation flight tests. Technical report, NASA"},{"key":"553_CR24","unstructured":"Bak S, Liu C, Johnson T (2021) The second international verification of neural networks competition (vnn-comp 2021): Summary and results. arXiv:2109.00498"},{"key":"553_CR25","doi-asserted-by":"crossref","unstructured":"Bak S, Tran H-D, Hobbs K, Johnson TT (2020) Improved geometric path enumeration for verifying relu neural networks. In: Proceedings of the 32nd international conference on computer aided verification","DOI":"10.1007\/978-3-030-53288-8_4"},{"key":"553_CR26","doi-asserted-by":"crossref","unstructured":"Chen X, \u00c1brah\u00e1m E, Sankaranarayanan S (2013) Flow*: an analyzer for non-linear hybrid systems. In: International conference on computer aided verification. Springer, pp 258\u2013263","DOI":"10.1007\/978-3-642-39799-8_18"},{"key":"553_CR27","doi-asserted-by":"crossref","unstructured":"Schouwenaars T, Valenti M, Feron E, How J (2005) Implementation and flight test results of MILP-based UAV guidance. In: 2005 IEEE aerospace conference, pp 1\u201313","DOI":"10.1109\/AERO.2005.1559600"},{"key":"553_CR28","unstructured":"Schouwenaars T (2006) Safe trajectory planning of autonomous vehicles. PhD thesis, Massachusetts Institute of Technology"},{"key":"553_CR29","doi-asserted-by":"publisher","unstructured":"Alsterda JP, Brown M, Gerdes JC (2019) Contingency model predictive control for automated vehicles. In: 2019 American control conference (ACC), pp 717\u2013722 . https:\/\/doi.org\/10.23919\/ACC.2019.8815260","DOI":"10.23919\/ACC.2019.8815260"},{"key":"553_CR30","doi-asserted-by":"crossref","unstructured":"Magdici S, Althoff M (2016) Fail-safe motion planning of autonomous vehicles. In: 2016 IEEE 19th international conference on intelligent transportation systems (ITSC). IEEE, pp 452\u2013458","DOI":"10.1109\/ITSC.2016.7795594"},{"key":"553_CR31","doi-asserted-by":"crossref","unstructured":"Schurmann B, Klischat M, Kochdumper N, Althoff M (2021) Formal safety net control using backward reachability analysis. IEEE Trans Autom Control","DOI":"10.1109\/TAC.2021.3124188"},{"issue":"2","key":"553_CR32","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1007\/BF01204182","volume":"29","author":"P Saint-Pierre","year":"1994","unstructured":"Saint-Pierre P (1994) Approximation of the viability kernel. Appl Math Optim 29(2):187\u2013209","journal-title":"Appl Math Optim"},{"key":"553_CR33","doi-asserted-by":"crossref","unstructured":"Kaynama S, Maidens J, Oishi M, Mitchell IM, Dumont GA (2012) Computing the viability kernel using maximal reachable sets. In: Proceedings of the 15th ACM international conference on hybrid systems: computation and control, pp 55\u201364","DOI":"10.1145\/2185632.2185644"},{"issue":"7","key":"553_CR34","doi-asserted-by":"publisher","first-page":"2017","DOI":"10.1016\/j.automatica.2013.03.020","volume":"49","author":"JN Maidens","year":"2013","unstructured":"Maidens JN, Kaynama S, Mitchell IM, Oishi MM, Dumont GA (2013) Lagrangian methods for approximating the viability kernel in high-dimensional systems. Automatica 49(7):2017\u20132029","journal-title":"Automatica"},{"key":"553_CR35","doi-asserted-by":"crossref","unstructured":"Phan D, Grosu R, Jansen N, Paoletti N, Smolka SA, Stoller SD (2020) Neural simplex architecture. In: NASA formal methods symposium (NFM 2020). Springer, pp 97\u2013114","DOI":"10.1007\/978-3-030-55754-6_6"},{"key":"553_CR36","doi-asserted-by":"crossref","unstructured":"Mashima D, Chen B, Zhou T, Rajendran R, Sikdar B (2018) Securing substations through command authentication using on-the-fly simulation of power system dynamics. In: IEEE international conference on communications, control, and computing technologies for smart grids","DOI":"10.1109\/SmartGridComm.2018.8587604"},{"key":"553_CR37","doi-asserted-by":"crossref","unstructured":"Borrmann U, Wang L, Ames AD, Egerstedt M (2015) Control barrier certificates for safe swarm behavior. In: Egerstedt M, Wardi Y (eds) ADHS. IFAC-PapersOnLine, vol 48, pp 68\u201373","DOI":"10.1016\/j.ifacol.2015.11.154"},{"key":"553_CR38","doi-asserted-by":"crossref","unstructured":"Gurriet T, Mote M, Ames AD, Feron E (2018) An online approach to active set invariance. In: conference on decision and control. IEEE","DOI":"10.1109\/CDC.2018.8619139"},{"key":"553_CR39","doi-asserted-by":"crossref","unstructured":"Gurriet T, Mote M, Singletary A, Feron E, Ames AD (2019) A scalable controlled set invariance framework with practical safety guarantees. In: 2019 IEEE 58th conference on decision and control (CDC). IEEE, pp 2046\u20132053","DOI":"10.1109\/CDC40024.2019.9030159"},{"key":"553_CR40","doi-asserted-by":"crossref","unstructured":"Wang L, Han D, Egerstedt M (2018) Permissive barrier certificates for safe stabilization using sum-of-squares. In: 2018 Annual American control conference, ACC 2018. IEEE, pp 585\u2013590","DOI":"10.23919\/ACC.2018.8431617"},{"key":"553_CR41","doi-asserted-by":"publisher","unstructured":"Zhao H, Zeng X, Chen T, Liu Z (2020) Synthesizing barrier certificates using neural networks. In: Proceedings of the 23rd international conference on hybrid systems: computation and control. HSCC \u201920. Association for Computing Machinery, New York, NY, USA. https:\/\/doi.org\/10.1145\/3365365.3382222","DOI":"10.1145\/3365365.3382222"},{"key":"553_CR42","doi-asserted-by":"crossref","unstructured":"Ames AD, Coogan S, Egerstedt M, Notomista G, Sreenath K, Tabuada P (2019) Control barrier functions: theory and applications. In: 18th European control conference, ECC 2019, Naples, Italy. IEEE, pp 3420\u20133431","DOI":"10.23919\/ECC.2019.8796030"},{"key":"553_CR43","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2022.102784","volume":"134","author":"U Mehmood","year":"2023","unstructured":"Mehmood U, Roy S, Damare A, Grosu R, Smolka SA, Stoller SD (2023) A distributed simplex architecture for multi-agent systems. J Syst Architect 134:102784. https:\/\/doi.org\/10.1016\/j.sysarc.2022.102784","journal-title":"J Syst Architect"},{"issue":"2","key":"553_CR44","doi-asserted-by":"publisher","first-page":"621","DOI":"10.1109\/TCNS.2021.3061900","volume":"8","author":"D Raju","year":"2021","unstructured":"Raju D, Bharadwaj S, Djeumou F, Topcu U (2021) Online synthesis for runtime enforcement of safety in multiagent systems. IEEE Trans Control Netw Syst 8(2):621\u2013632. https:\/\/doi.org\/10.1109\/TCNS.2021.3061900","journal-title":"IEEE Trans Control Netw Syst"},{"key":"553_CR45","doi-asserted-by":"publisher","first-page":"23","DOI":"10.4204\/eptcs.362.5","volume":"362","author":"DC Engelmann","year":"2022","unstructured":"Engelmann DC, Ferrando A, Panisson AR, Ancona D, Bordini RH, Mascardi V (2022) RV4jaca-runtime verification for multi-agent systems. Electron Proc Theor Comput Sci 362:23\u201336. https:\/\/doi.org\/10.4204\/eptcs.362.5","journal-title":"Electron Proc Theor Comput Sci"},{"key":"553_CR46","doi-asserted-by":"publisher","unstructured":"Schneider FB (2000) Enforceable security policies 3(1):30\u201350. https:\/\/doi.org\/10.1145\/353323.353382","DOI":"10.1145\/353323.353382"},{"key":"553_CR47","unstructured":"Bauer L, Ligatti J, Walker D (2002) More enforceable security policies"},{"key":"553_CR48","doi-asserted-by":"publisher","DOI":"10.1007\/s10703-011-0114-4","author":"Y Falcone","year":"2011","unstructured":"Falcone Y, Mounier L, Fernandez J-C, Richier J-L (2011) Runtime enforcement monitors: composition, synthesis, and enforcement abilities. Formal Methods Syst Design. https:\/\/doi.org\/10.1007\/s10703-011-0114-4","journal-title":"Formal Methods Syst Design"},{"key":"553_CR49","doi-asserted-by":"publisher","unstructured":"Pinisetty S, Preoteasa V, Tripakis S, J\u00e9ron T, Falcone Y, Marchand H (2016) Predictive runtime enforcement, pp 1628\u20131633 . https:\/\/doi.org\/10.1145\/2851613.2851827","DOI":"10.1145\/2851613.2851827"},{"key":"553_CR50","doi-asserted-by":"crossref","unstructured":"Rania\u00a0Taleb RK, Hall\u00e9 S (2022) A modular runtime enforcement model using multi-traces. Foundations and Practice of Security Lecture Notes in Computer Science, pp 283\u2013302","DOI":"10.1007\/978-3-031-08147-7_19"}],"container-title":["Innovations in Systems and Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11334-024-00553-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11334-024-00553-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11334-024-00553-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T07:05:21Z","timestamp":1750316721000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11334-024-00553-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,3,21]]},"references-count":50,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2025,6]]}},"alternative-id":["553"],"URL":"https:\/\/doi.org\/10.1007\/s11334-024-00553-6","relation":{},"ISSN":["1614-5046","1614-5054"],"issn-type":[{"value":"1614-5046","type":"print"},{"value":"1614-5054","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,3,21]]},"assertion":[{"value":"1 February 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"19 February 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 March 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}