240 research outputs found
Implicit complexity for coinductive data: a characterization of corecurrence
We propose a framework for reasoning about programs that manipulate
coinductive data as well as inductive data. Our approach is based on using
equational programs, which support a seamless combination of computation and
reasoning, and using productivity (fairness) as the fundamental assertion,
rather than bi-simulation. The latter is expressible in terms of the former. As
an application to this framework, we give an implicit characterization of
corecurrence: a function is definable using corecurrence iff its productivity
is provable using coinduction for formulas in which data-predicates do not
occur negatively. This is an analog, albeit in weaker form, of a
characterization of recurrence (i.e. primitive recursion) in [Leivant, Unipolar
induction, TCS 318, 2004].Comment: In Proceedings DICE 2011, arXiv:1201.034
Coinductive big-step operational semantics
Using a call-by-value functional language as an example, this article
illustrates the use of coinductive definitions and proofs in big-step
operational semantics, enabling it to describe diverging evaluations in
addition to terminating evaluations. We formalize the connections between the
coinductive big-step semantics and the standard small-step semantics, proving
that both semantics are equivalent. We then study the use of coinductive
big-step semantics in proofs of type soundness and proofs of semantic
preservation for compilers. A methodological originality of this paper is that
all results have been proved using the Coq proof assistant. We explain the
proof-theoretic presentation of coinductive definitions and proofs offered by
Coq, and show that it facilitates the discovery and the presentation of the
results
A Hoare logic for the coinductive trace-based big-step semantics of While
In search for a foundational framework for reasoning about observable
behavior of programs that may not terminate, we have previously devised a
trace-based big-step semantics for While. In this semantics, both traces and
evaluation (relating initial states of program runs to traces they produce) are
defined coinductively. On terminating runs, this semantics agrees with the
standard inductive state-based semantics. Here we present a Hoare logic
counterpart of our coinductive trace-based semantics and prove it sound and
complete. Our logic subsumes the standard partial-correctness state-based Hoare
logic as well as the total-correctness variation: they are embeddable. In the
converse direction, projections can be constructed: a derivation of a Hoare
triple in our trace-based logic can be translated into a derivation in the
state-based logic of a translated, weaker Hoare triple. Since we work with a
constructive underlying logic, the range of program properties we can reason
about has a fine structure; in particular, we can distinguish between
termination and nondivergence, e.g., unbounded classically total search fails
to be terminating, but is nonetheless nondivergent. Our meta-theory is entirely
constructive as well, and we have formalized it in Coq
Global semantic typing for inductive and coinductive computing
Inductive and coinductive types are commonly construed as ontological
(Church-style) types, denoting canonical data-sets such as natural numbers,
lists, and streams. For various purposes, notably the study of programs in the
context of global semantics, it is preferable to think of types as semantical
properties (Curry-style). Intrinsic theories were introduced in the late 1990s
to provide a purely logical framework for reasoning about programs and their
semantic types. We extend them here to data given by any combination of
inductive and coinductive definitions. This approach is of interest because it
fits tightly with syntactic, semantic, and proof theoretic fundamentals of
formal logic, with potential applications in implicit computational complexity
as well as extraction of programs from proofs. We prove a Canonicity Theorem,
showing that the global definition of program typing, via the usual (Tarskian)
semantics of first-order logic, agrees with their operational semantics in the
intended model. Finally, we show that every intrinsic theory is interpretable
in a conservative extension of first-order arithmetic. This means that
quantification over infinite data objects does not lead, on its own, to
proof-theoretic strength beyond that of Peano Arithmetic. Intrinsic theories
are perfectly amenable to formulas-as-types Curry-Howard morphisms, and were
used to characterize major computational complexity classes Their extensions
described here have similar potential which has already been applied
On coalgebras with internal moves
In the first part of the paper we recall the coalgebraic approach to handling
the so-called invisible transitions that appear in different state-based
systems semantics. We claim that these transitions are always part of the unit
of a certain monad. Hence, coalgebras with internal moves are exactly
coalgebras over a monadic type. The rest of the paper is devoted to supporting
our claim by studying two important behavioural equivalences for state-based
systems with internal moves, namely: weak bisimulation and trace semantics.
We continue our research on weak bisimulations for coalgebras over order
enriched monads. The key notions used in this paper and proposed by us in our
previous work are the notions of an order saturation monad and a saturator. A
saturator operator can be intuitively understood as a reflexive, transitive
closure operator. There are two approaches towards defining saturators for
coalgebras with internal moves. Here, we give necessary conditions for them to
yield the same notion of weak bisimulation.
Finally, we propose a definition of trace semantics for coalgebras with
silent moves via a uniform fixed point operator. We compare strong and weak
bisimilation together with trace semantics for coalgebras with internal steps.Comment: Article: 23 pages, Appendix: 3 page
Parametric trace expressions for runtime verification of Java-like programs
Parametric trace expressions are a formalism expressly designed for parametric runtime verification (RV) which has been introduced and successfully employed in the context of runtime monitoring of multiagent systems. Trace expressions are built on the general notion of event type, which allows them to be adopted in different contexts. In this paper we show how trace expressions can be used for conveniently specifying the expected behavior of a Java-like program to be monitored at runtime. Furthermore, we investigate the basic properties of the primitive operators on which trace expressions are coinductively defined in terms of a labeled transition system; this provides a basis for formal reasoning about equivalence of trace expressions and for adopting useful optimization techniques to speed up runtime verification
Characteristic Formulae for Liveness Properties of Non-Terminating CakeML Programs
There are useful programs that do not terminate, and yet standard Hoare logics are not able to prove liveness properties about non-terminating programs. This paper shows how a Hoare-like programming logic framework (characteristic formulae) can be extended to enable reasoning about the I/O behaviour of programs that do not terminate. The approach is inspired by transfinite induction rather than coinduction, and does not require non-terminating loops to be productive. This work has been developed in the HOL4 theorem prover and has been integrated into the ecosystem of proof tools surrounding the CakeML programming language
Formal verification of language-based concurrent noninterference
We perform a formal analysis of compositionality techniques for proving possibilistic noninterference for a while language with parallel composition. We develop a uniform framework where we express a wide range of noninterference variants from the literature and compare them w.r.t. their contracts: the strength of the security properties they ensure weighed against the harshness of the syntactic conditions they enforce. This results in a simple implementable algorithm for proving that a program has a specific noninterference property, using only compositionality, which captures uniformly several security type-system results from the literature and suggests a further improved type system. All formalism and theorems have been mechanically verified in Isabelle/HOL
- …