Abstract: A method for verifying a property of a complete model of a system under study includes abstracting at least some of the variables from the model so as to produce an abstract model of the system. Beginning with an initial state in a state space of the abstract model, an abstract path is found through the state space of the abstract model in accordance with the transition relation to a target state defined by the property. A subset of the abstracted variables is restored to the abstract model so as to produce an intermediate model of the system, and the property on the complete model is verified based on the intermediate model.

Abstract: A system and a method is disclosed for scheduling mobile agents. The system includes a dispatcher and at least one data processor that embodies a scheduling engine. A transceiver is coupled to the dispatcher for performing two-way communication with mobile agents through mobile agent transceivers. The dispatcher is responsive to a reception of a message or signal that is transmitted from a mobile agent for entering the received signal into the scheduling engine. The scheduling engine is responsive to an occurrence of a triggering event and to signals received from mobile agents for recomputing a schedule of activities for a plurality of the mobile agents, and for causing information descriptive of the recomputed schedule to be selectively transmitted to none, one, or more than one of the mobile agents through the transceiver. The two-way communication can use radio devices capable of entering and displaying text messages.