{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T13:24:14Z","timestamp":1773235454135,"version":"3.50.1"},"reference-count":32,"publisher":"Elsevier BV","issue":"1","license":[{"start":{"date-parts":[[2003,1,1]],"date-time":"2003-01-01T00:00:00Z","timestamp":1041379200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Annual Reviews in Control"],"published-print":{"date-parts":[[2003,1]]},"DOI":"10.1016\/s1367-5788(03)00004-x","type":"journal-article","created":{"date-parts":[[2003,7,16]],"date-time":"2003-07-16T13:31:26Z","timestamp":1058362286000},"page":"23-37","source":"Crossref","is-referenced-by-count":8,"title":["Safety of computer control systems: challenges and results in software development"],"prefix":"10.1016","volume":"27","author":[{"given":"Janusz","family":"Zalewski","sequence":"first","affiliation":[]},{"given":"Wolfgang","family":"Ehrenberger","sequence":"additional","affiliation":[]},{"given":"Francesca","family":"Saglietti","sequence":"additional","affiliation":[]},{"given":"Janusz","family":"G\u00f3rski","sequence":"additional","affiliation":[]},{"given":"Andrew","family":"Kornecki","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/S1367-5788(03)00004-X_BIB1","unstructured":"Al-Daraiseh, A., Zalewski, J., & Toetenel, H. (July 22\u201325, 2001). Software verification in ground transportation systems. In Proceedings of the SCI2001, 5th world multiconference on systemics, cybernetics and informatics. Orlando, FL."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB2","doi-asserted-by":"crossref","unstructured":"Ammerlaan, M., Spelberg, R. L., & Toetenel, H. (1998). XTG\u2014An engineering approach to modelling and analysis of real-time systems. In Proceedings of the 10th euromicro workshop on real-time systems (pp. 88\u201397). IEEE Computer Society Press.","DOI":"10.1109\/EMWRTS.1998.685072"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB3","unstructured":"Anderson, E., van Katwijk, J., & Zalewski, J. (August 16\u201321, 1999). New method of improving software safety in mission critical real-time systems. In Proceedings of the 17th international system safety conference (pp. 587\u2013596). Orlando, FL, System Safety Society, Unionville, VA."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB4","unstructured":"Bishop, P. (Ed.). (1990). Dependability of critical computer systems: Guidelines. Techniques directory. London: Elsevier Applied Science."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB5","doi-asserted-by":"crossref","unstructured":"Cichocki, T., & G\u00f3rski, J. (2000). Failure mode and effect analysis for safety critical systems with software components. In Proceedings of the SAFECOMP 2000, 19th international conference on computer safety, reliability and security (pp. 382\u2013394). Berlin: Springer-Verlag.","DOI":"10.1007\/3-540-40891-6_33"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB6","doi-asserted-by":"crossref","unstructured":"Cichocki, T., & G\u00f3rski, J. (2001). Formal support for fault modelling and analysis. In Proceedings of the SAFECOMP 2001, 20th international conference on computer safety, reliability and security (pp. 190\u2013199). Berlin: Springer-Verlag.","DOI":"10.1007\/3-540-45416-0_19"},{"issue":"12","key":"10.1016\/S1367-5788(03)00004-X_BIB7","doi-asserted-by":"crossref","first-page":"1511","DOI":"10.1109\/TSE.1985.231895","article-title":"A theoretical basis for the analysis of multiversion software subject to coincident errors","volume":"SE-11","author":"Eckhardt","year":"1985","journal-title":"IEEE Transactions on Software Engineering"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB8","unstructured":"Ehrenberger, W. (July 22\u201325, 2001a). Software diversity: Some considerations on failure dependency. In Proceedings of the SCI2001, 5th world multiconference on systemics, cybernetics and informatics. Orlando, FL."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB9","unstructured":"Ehrenberger, W. (2001b). Software-verification. Munich: Hanser Verlag."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB10","unstructured":"Ehrenberger, W., & Saglietti, F. (May 12\u201314, 1993). Architecture and safety qualification of large software systems. In Proceedings of the ESREL\u201993, European safety and reliability conference (pp. 985\u2013999). Munich, Germany, Elsevier, Amsterdam."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB11","unstructured":"FDR. (1997). Failures-divergence refinement, FDR2. Oxford, UK: Formal Systems (Europe) Ltd. http:\/\/www.formal.demon.co.uk\/FDR2.html."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB12","unstructured":"G\u00f3rski, J. (September 25\u201329, 2000). Application of system level analysis techniques to ensure safety of embedded software. In Proceedings of the 2nd world congress for software quality (pp. 149\u2013154). Yokohama, Tokyo: Union of Japanese Scientists and Engineers."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB13","unstructured":"Hilburn, T., & Zalewski, J. (1996). Real-time safety critical systems: An overview. In Proceedings of the 2nd IFAC workshop on safety and reliability in emerging control technologies (pp. 127\u2013138). Oxford: Elsevier."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB14","unstructured":"Kornecki, A., Nasah, B., & Zalewski, J. (November 4\u20137, 1998). TCAS safety analysis using timed environment-relation Petri nets. In Proceedings of the ISSRE\u201998, international symposium on software reliability engineering. Germany: Paderborn."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB15","doi-asserted-by":"crossref","unstructured":"Kornecki, A., & Zalewski, J. (February 11\u201313, 2003). Assessment of software development tools for safety-critical real-time systems. In Proceedings of the PDS2003, IFAC workshop on programmable devices and systems. Czech Republic: Ostrava.","DOI":"10.1016\/S1474-6670(17)33705-9"},{"issue":"7","key":"10.1016\/S1367-5788(03)00004-X_BIB16","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1109\/52.300036","article-title":"Safety verification of Ada programs using software fault trees","volume":"8","author":"Leveson","year":"1991","journal-title":"IEEE Software"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB17","unstructured":"Leveson, N. (1996). Safeware: System safety and computers. Reading, MA: Addison-Wesley."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB18","unstructured":"Littlewood, B., & Miller, D. R. (1987). A conceptual model of multi-version software. In Proceedings of the FTCS-17, international symposium on fault-tolerant computing (pp. 170\u2013175). IEEE Computer Society Press."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB19","doi-asserted-by":"crossref","unstructured":"Maier, T. (September 12\u201315, 1995). FMEA and FTA to support safety design of embedded software in safety-critical systems. In Proceedings of the ENCRESS conference on safety and reliability of software based systems. Belgium: Bruges.","DOI":"10.1007\/978-1-4471-0921-1_22"},{"issue":"1","key":"10.1016\/S1367-5788(03)00004-X_BIB20","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1109\/52.251205","article-title":"Retrofitting software safety in an implantable medical device","volume":"11","author":"Mojdehrakhsh","year":"1994","journal-title":"IEEE Software"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB21","unstructured":"Pezze, M. (1994). Cabernet: A customizable environment for the specification and analysis of real-time systems. Technical Report, Dip. di Elettronica e Informazione, Politecnico di Milano, Italy."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB22","doi-asserted-by":"crossref","unstructured":"Redmill, F., Chudleigh, M., & Catmur, J. (1999). System safety: HAZOP and software HAZOP. New York: John Wiley and Sons.","DOI":"10.1007\/978-1-4471-0823-8"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB23","unstructured":"Roscoe, A. W. (1998). The theory and practice of concurrency. London: Prentice Hall."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB24","doi-asserted-by":"crossref","unstructured":"Roubtsova, E. E., van Katwijk, J., & Toetenel, W. J. (2001). Transformation of UML specification to XTG. In Proceedings of the Andrei Ershov 4th international conference (pp. 249\u2013256). Novosibirsk, Russia, Springer-Verlag, Berlin.","DOI":"10.1007\/3-540-45575-2_25"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB25","doi-asserted-by":"crossref","first-page":"189","DOI":"10.1016\/0951-8320(94)90065-5","article-title":"Critical system properties: Survey and taxonomy","volume":"43","author":"Rushby","year":"1994","journal-title":"Reliability Engineering and System Safety"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB26","unstructured":"Saglietti, F., Ehrenberger, W., & Kersken, M. (1992). Software Diversit\u00e4t f\u00fcr Steuerungen mit Sicherheitsverantwortung. Report BAU-Forschungsbericht FB 664, Bundesanstalt f\u00fcr Arbeitsschutz, Dortmund."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB27","unstructured":"Saglietti, F. (1998). Integration of logical and physical properties of embedded systems by use of timed Petri nets. In Proceedings of the SAFECOMP\u201998, 17th international conference on computer safety, reliability and security (pp. 319\u2013328). Berlin: Springer-Verlag."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB28","doi-asserted-by":"crossref","unstructured":"Saglietti, F. (2000a). Evaluation of pre-developed software for use in safety-critical systems. In Proceedings of the EUROMICRO\u20192000, 26th euromicro conference on software process and product improvement (Vol. 2, pp. 193\u2013199). IEEE Computer Society Press.","DOI":"10.1109\/EURMIC.2000.874418"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB29","unstructured":"Saglietti, F. (November 27\u2013December 1, 2000b). Statistical significance of expert judgement for ultrahigh software reliability demands. In Proceedings of the 5th international conference on probabilistic safety assessment and management. Osaka, Japan: Universal Academy Press."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB30","unstructured":"Saglietti, F. (July 22\u201325, 2001). Criticality and sensitivity analysis for off-the-shelf components in safety-relevant systems. In Proceedings of the SCI2001, 5th world multiconference on systemics, cybernetics and informatics. Orlando, FL."},{"key":"10.1016\/S1367-5788(03)00004-X_BIB31","doi-asserted-by":"crossref","unstructured":"Sahraoui, A. E. K., Anderson, E., van Katwijk, J., & Zalewski, J. (2000). Formal specification of a safety shell in real-time control practice. Proceedings of the WRTP\u20192000, 25th IFAC workshop on real-time programming (pp. 117\u2013123). Oxford: Elsevier.","DOI":"10.1016\/S1474-6670(17)39941-X"},{"key":"10.1016\/S1367-5788(03)00004-X_BIB32","doi-asserted-by":"crossref","unstructured":"van Katwijk, J., Toetenel, H., Sahraoui, A. E. K., Anderson, E., & Zalewski, J. (2000). Specification and verification of a safety shell with statecharts and extended timed graphs. In Proceedings of the SAFECOMP 2000, 19th international conference on computer safety, reliability and security (pp. 37\u201352). Berlin: Springer-Verlag.","DOI":"10.1007\/3-540-40891-6_4"}],"container-title":["Annual Reviews in Control"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S136757880300004X?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S136757880300004X?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2024,12,13]],"date-time":"2024-12-13T05:47:25Z","timestamp":1734068845000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S136757880300004X"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2003,1]]},"references-count":32,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2003,1]]}},"alternative-id":["S136757880300004X"],"URL":"https:\/\/doi.org\/10.1016\/s1367-5788(03)00004-x","relation":{},"ISSN":["1367-5788"],"issn-type":[{"value":"1367-5788","type":"print"}],"subject":[],"published":{"date-parts":[[2003,1]]}}}