Modular Logic Programming: Full Compositionality and Conflict Handling for Practical Reasoning

With the recent development of a new ubiquitous nature of data and the profusity of available knowledge, there is nowadays the need to reason from multiple sources of often incomplete and uncertain knowledge. Our goal was to provide a way to combine declarative knowledge bases – represented as logic programming modules under the answer set semantics – as well as the individual results one already inferred from them, without having to recalculate the results for their composition and without having to explicitly know the original logic programming encodings that produced such results. This posed us many challenges such as how to deal with fundamental problems of modular frameworks for logic programming, namely how to define a general compositional semantics that allows us to compose unrestricted modules. Building upon existing logic programming approaches, we devised a framework capable of composing generic logic programming modules while preserving the crucial property of compositionality, which informally means that the combination of models of individual modules are the models of the union of modules. We are also still able to reason in the presence of knowledge containing incoherencies, which is informally characterised by a logic program that does not have an answer set due to cyclic dependencies of an atom from its default negation. In this thesis we also discuss how the same approach can be extended to deal with probabilistic knowledge in a modular and compositional way. We depart from the Modular Logic Programming approach in Oikarinen & Janhunen (2008); Janhunen et al. (2009) which achieved a restricted form of compositionality of answer set programming modules. We aim at generalising this framework of modular logic programming and start by lifting restrictive conditions that were originally imposed, and use alternative ways of combining these (so called by us) Generalised Modular Logic Programs. We then deal with conflicts arising in generalised modular logic programming and provide modular justifications and debugging for the generalised modular logic programming setting, where justification models answer the question: Why is a given interpretation indeed an Answer Set? and Debugging models answer the question: Why is a given interpretation not an Answer Set? In summary, our research deals with the problematic of formally devising a generic modular logic programming framework, providing: operators for combining arbitrary modular logic programs together with a compositional semantics; We characterise conflicts that occur when composing access control policies, which are generalisable to our context of generalised modular logic programming, and ways of dealing with them syntactically: provided a unification for justification and debugging of logic programs; and semantically: provide a new semantics capable of dealing with incoherences. We also provide an extension of modular logic programming to a probabilistic setting. These goals are already covered with published work. A prototypical tool implementing the unification of justifications and debugging is available for download from http://cptkirk.sourceforge.net

Differentiable Algorithm Networks for Composable Robot Learning

This paper introduces the Differentiable Algorithm Network (DAN), a composable architecture for robot learning systems. A DAN is composed of neural network modules, each encoding a differentiable robot algorithm and an associated model; and it is trained end-to-end from data. DAN combines the strengths of model-driven modular system design and data-driven end-to-end learning. The algorithms and models act as structural assumptions to reduce the data requirements for learning; end-to-end learning allows the modules to adapt to one another and compensate for imperfect models and algorithms, in order to achieve the best overall system performance. We illustrate the DAN methodology through a case study on a simulated robot system, which learns to navigate in complex 3-D environments with only local visual observations and an image of a partially correct 2-D floor map.Comment: RSS 2019 camera ready. Video is available at https://youtu.be/4jcYlTSJF4

Attack-Surface Metrics, OSSTMM and Common Criteria Based Approach to “Composable Security” in Complex Systems

In recent studies on Complex Systems and Systems-of-Systems theory, a huge effort has been put to cope with behavioral problems, i.e. the possibility of controlling a desired overall or end-to-end behavior by acting on the individual elements that constitute the system itself. This problem is particularly important in the “SMART” environments, where the huge number of devices, their significant computational capabilities as well as their tight interconnection produce a complex architecture for which it is difficult to predict (and control) a desired behavior; furthermore, if the scenario is allowed to dynamically evolve through the modification of both topology and subsystems composition, then the control problem becomes a real challenge. In this perspective, the purpose of this paper is to cope with a specific class of control problems in complex systems, the “composability of security functionalities”, recently introduced by the European Funded research through the pSHIELD and nSHIELD projects (ARTEMIS-JU programme). In a nutshell, the objective of this research is to define a control framework that, given a target security level for a specific application scenario, is able to i) discover the system elements, ii) quantify the security level of each element as well as its contribution to the security of the overall system, and iii) compute the control action to be applied on such elements to reach the security target. The main innovations proposed by the authors are: i) the definition of a comprehensive methodology to quantify the security of a generic system independently from the technology and the environment and ii) the integration of the derived metrics into a closed-loop scheme that allows real-time control of the system. The solution described in this work moves from the proof-of-concepts performed in the early phase of the pSHIELD research and enrich es it through an innovative metric with a sound foundation, able to potentially cope with any kind of pplication scenarios (railways, automotive, manufacturing, ...)

A Generic Module System forWeb Rule Languages: Divide and Rule

An essential feature in practically usable programming languages is the ability to encapsulate functionality in reusable modules. Modules make large scale projects tractable by humans. For Web and Semantic Web programming, many rule-based languages, e.g. XSLT, CSS, Xcerpt, SWRL, SPARQL, and RIF Core, have evolved or are currently evolving. Rules are easy to comprehend and specify, even for non-technical users, e.g. business managers, hence easing the contributions to the Web. Unfortunately, those contributions are arguably doomed to exist in isolation as most rule languages are conceived without modularity, hence without an easy mechanism for integration and reuse. In this paper a generic module system applicable to many rule languages is presented. We demonstrate and apply our generic module system to a Datalog-like rule language, close in spirit to RIF Core. The language is gently introduced along the EU-Rent use case. Using the Reuseware Composition Framework, the module system for a concrete language can be achieved almost for free, if it adheres to the formal notions introduced in this paper

Modularity for Security-Sensitive Workflows

An established trend in software engineering insists on using components (sometimes also called services or packages) to encapsulate a set of related functionalities or data. By defining interfaces specifying what functionalities they provide or use, components can be combined with others to form more complex components. In this way, IT systems can be designed by mostly re-using existing components and developing new ones to provide new functionalities. In this paper, we introduce a notion of component and a combination mechanism for an important class of software artifacts, called security-sensitive workflows. These are business processes in which execution constraints on the tasks are complemented with authorization constraints (e.g., Separation of Duty) and authorization policies (constraining which users can execute which tasks). We show how well-known workflow execution patterns can be simulated by our combination mechanism and how authorization constraints can also be imposed across components. Then, we demonstrate the usefulness of our notion of component by showing (i) the scalability of a technique for the synthesis of run-time monitors for security-sensitive workflows and (ii) the design of a plug-in for the re-use of workflows and related run-time monitors inside an editor for security-sensitive workflows