A program logic for resources

AbstractWe introduce a reasoning infrastructure for proving statements about resource consumption in a fragment of the Java Virtual Machine Language (JVML). The infrastructure is based on a small hierarchy of program logics, with increasing levels of abstraction: at the top there is a type system for a high-level language that encodes resource consumption. The infrastructure is designed to be used in a proof-carrying code (PCC) scenario, where mobile programs can be equipped with formal evidence that they have predictable resource behaviour.This article focuses on the core logic in our infrastructure, a VDM-style program logic for partial correctness, which can make statements about resource consumption alongside functional behaviour. We establish some important results for this logic, including soundness and completeness with respect to a resource-aware operational semantics for the JVML. We also present a second logic built on top of the core logic, which is used to express termination; it too is shown to be sound and complete. We then outline how high-level language type systems may be connected to these logics.The entire infrastructure has been formalized in Isabelle/HOL, both to enhance the confidence in our meta-theoretical results, and to provide a prototype implementation for PCC. We give examples to show the usefulness of this approach, including proofs of resource bounds on code resulting from compiling high-level functional programs

Automating Deductive Verification for Weak-Memory Programs

Writing correct programs for weak memory models such as the C11 memory model is challenging because of the weak consistency guarantees these models provide. The first program logics for the verification of such programs have recently been proposed, but their usage has been limited thus far to manual proofs. Automating proofs in these logics via first-order solvers is non-trivial, due to reasoning features such as higher-order assertions, modalities and rich permission resources. In this paper, we provide the first implementation of a weak memory program logic using existing deductive verification tools. We tackle three recent program logics: Relaxed Separation Logic and two forms of Fenced Separation Logic, and show how these can be encoded using the Viper verification infrastructure. In doing so, we illustrate several novel encoding techniques which could be employed for other logics. Our work is implemented, and has been evaluated on examples from existing papers as well as the Facebook open-source Folly library.Comment: Extended version of TACAS 2018 publicatio

A Logic Model for Program Planning and Evaluation Applied to a Rural Social Work Department

A logic model is framework that is used to delineate goals and resources. It was used by the Social Work Department at Texas A&M University-Commerce to help visualize and establish the initial accreditation of the MSW program and continues to be a valuable tool for this rural social work program. The model has helped faculty determine a vision for the program. This vision has transferred to other areas such as recruitment and retention of faculty, curriculum choices for students, resources for alumni, and community development to reach rural social service agencies that are lacking in resources. The logic model provided a guiding framework that started at the inception of the social work program and has helped clarify strengths and weaknesses in building the social work program

Quantitative Robustness Analysis of Quantum Programs (Extended Version)

Quantum computation is a topic of significant recent interest, with practical advances coming from both research and industry. A major challenge in quantum programming is dealing with errors (quantum noise) during execution. Because quantum resources (e.g., qubits) are scarce, classical error correction techniques applied at the level of the architecture are currently cost-prohibitive. But while this reality means that quantum programs are almost certain to have errors, there as yet exists no principled means to reason about erroneous behavior. This paper attempts to fill this gap by developing a semantics for erroneous quantum while-programs, as well as a logic for reasoning about them. This logic permits proving a property we have identified, called $\epsilon$-robustness, which characterizes possible "distance" between an ideal program and an erroneous one. We have proved the logic sound, and showed its utility on several case studies, notably: (1) analyzing the robustness of noisy versions of the quantum Bernoulli factory (QBF) and quantum walk (QW); (2) demonstrating the (in)effectiveness of different error correction schemes on single-qubit errors; and (3) analyzing the robustness of a fault-tolerant version of QBF.Comment: 34 pages, LaTeX; v2: fixed typo

From truth to computability II

Computability logic is a formal theory of computational tasks and resources. Formulas in it represent interactive computational problems, and "truth" is understood as algorithmic solvability. Interactive computational problems, in turn, are defined as a certain sort games between a machine and its environment, with logical operators standing for operations on such games. Within the ambitious program of finding axiomatizations for incrementally rich fragments of this semantically introduced logic, the earlier article "From truth to computability I" proved soundness and completeness for system CL3, whose language has the so called parallel connectives (including negation), choice connectives, choice quantifiers, and blind quantifiers. The present paper extends that result to the significantly more expressive system CL4 with the same collection of logical operators. What makes CL4 expressive is the presence of two sorts of atoms in its language: elementary atoms, representing elementary computational problems (i.e. predicates, i.e. problems of zero degree of interactivity), and general atoms, representing arbitrary computational problems. CL4 conservatively extends CL3, with the latter being nothing but the general-atom-free fragment of the former. Removing the blind (classical) group of quantifiers from the language of CL4 is shown to yield a decidable logic despite the fact that the latter is still first-order. A comprehensive online source on computability logic can be found at http://www.cis.upenn.edu/~giorgi/cl.htm

Specifying and Verifying Concurrent Algorithms with Histories and Subjectivity

We present a lightweight approach to Hoare-style specifications for fine-grained concurrency, based on a notion of time-stamped histories that abstractly capture atomic changes in the program state. Our key observation is that histories form a partial commutative monoid, a structure fundamental for representation of concurrent resources. This insight provides us with a unifying mechanism that allows us to treat histories just like heaps in separation logic. For example, both are subject to the same assertion logic and inference rules (e.g., the frame rule). Moreover, the notion of ownership transfer, which usually applies to heaps, has an equivalent in histories. It can be used to formally represent helping---an important design pattern for concurrent algorithms whereby one thread can execute code on behalf of another. Specifications in terms of histories naturally abstract granularity, in the sense that sophisticated fine-grained algorithms can be given the same specifications as their simplified coarse-grained counterparts, making them equally convenient for client-side reasoning. We illustrate our approach on a number of examples and validate all of them in Coq.Comment: 17 page

Poster Presentation: Xcerpt and XChange – Logic Programming Languages for Querying and Evolution on the Web

age Xcerpt and provides advanced, Web-specific capabilities, such as propagation of changes on the Web (change) and event-based communications between Web sites (exchange). Xcerpt: Querying Data on the Web Xcerpt is a declarative, rule-based query language for Web data (i.e. XML documents or semistructured databases) based on logic programming. An Xcerpt program contains at least one goal and some (maybe zero) rules. Rules and goals consist of query and construction patterns, called terms in analogy to other logic programming languages. Terms represent tree-like (or graph-like) structures. The children of a node may be either ordered (as in standard XML) or unordered (as is common in databases). Data terms are used to represent XML documents and the data items of a semistructured database. They are similar to ground functional programming expressions and logical atoms. A database is a (multi-)set of data terms (e.g. the Web). Query terms are patterns matched against Web resources

Creating Progam Logic Models: A Toolkit for State Flex Programs

A logic modeling toolkit developed by the Flex Monitoring Team is available for use by state Medicare Rural Hospital Flexibility Programs (Flex Programs) in planning for and managing their Flex programs. The use of the Program Logic Model (PLM) Toolkit will provide states with a tool to assist in: Planning, managing, reporting on, and assessing their Flex Program goals, activities, and accomplishments; Developing buy-in among key Flex Program stakeholders; Clarifying the underlying program assumptions; Identifying and defining measurable outcomes; Linking state-level Flex Program strategies and activities to specific and measurable outcomes; and Reporting program results to both internal and external stakeholders. The PLM Toolkit is organized according to the steps in the PLM development process and guides the user through each section. Included in the Toolkit is an overview of PLMs, their component parts, and the application of the PLM framework to the planning, implementation, and evaluation of the Flex Program. The bulk of the Toolkit provides a step-by-step approach to developing a Program Logic Model. The final section of the Toolkit lists resources for additional information on PLMs