2,915 research outputs found
Causal Consistency for Reversible Multiparty Protocols
In programming models with a reversible semantics, computational steps can be
undone. This paper addresses the integration of reversible semantics into
process languages for communication-centric systems equipped with behavioral
types. In prior work, we introduced a monitors-as-memories approach to
seamlessly integrate reversible semantics into a process model in which
concurrency is governed by session types (a class of behavioral types),
covering binary (two-party) protocols with synchronous communication. The
applicability and expressiveness of the binary setting, however, is limited.
Here we extend our approach, and use it to define reversible semantics for an
expressive process model that accounts for multiparty (n-party) protocols,
asynchronous communication, decoupled rollbacks, and abstraction passing. As
main result, we prove that our reversible semantics for multiparty protocols is
causally-consistent. A key technical ingredient in our developments is an
alternative reversible semantics with atomic rollbacks, which is conceptually
simple and is shown to characterize decoupled rollbacks.Comment: Extended, revised version of a PPDP'17 paper
(https://doi.org/10.1145/3131851.3131864
Combining behavioural types with security analysis
Today's software systems are highly distributed and interconnected, and they
increasingly rely on communication to achieve their goals; due to their
societal importance, security and trustworthiness are crucial aspects for the
correctness of these systems. Behavioural types, which extend data types by
describing also the structured behaviour of programs, are a widely studied
approach to the enforcement of correctness properties in communicating systems.
This paper offers a unified overview of proposals based on behavioural types
which are aimed at the analysis of security properties
On duality relations for session types
Session types are a type formalism used to describe communication protocols over private session channels. Each participant in a binary session owns one endpoint of a session channel. A key notion is that of duality: the endpoints of a session channel should have dual session types in order to guarantee communication safety. Duality relations have been independently defined in different ways and different works, without considering their effect on the type system. In this paper we systematically study the existing duality relations and some new ones, and compare them in order to understand their expressiveness. The outcome is that those relations are split into two groups, one related to the na¨ıve inductive duality, and the other related to a notion of mutual compliance, which we borrow from the literature on contracts for web-services
Contract agreements via logic
We relate two contract models: one based on event structures and game theory,
and the other one based on logic. In particular, we show that the notions of
agreement and winning strategies in the game-theoretic model are related to
that of provability in the logical model.Comment: In Proceedings ICE 2013, arXiv:1310.401
Lending Petri nets and contracts
Choreography-based approaches to service composition typically assume that,
after a set of services has been found which correctly play the roles
prescribed by the choreography, each service respects his role. Honest services
are not protected against adversaries. We propose a model for contracts based
on a extension of Petri nets, which allows services to protect themselves while
still realizing the choreography. We relate this model with Propositional
Contract Logic, by showing a translation of formulae into our Petri nets which
preserves the logical notion of agreement, and allows for compositional
verification
Contractual Testing
Variants of must testing approach have been successfully applied in Service Oriented Computing for capturing compliance between (contracts exposed by) a client and a service and for characterising safe replacement, namely
the fact that compliance is preserved when a service exposing a ’smaller’ contract is replaced by another one with a ’larger’ contract. Nevertheless, in multi-party
interactions, partners often lack full coordination capabilities. Such a scenario calls for less discriminating notions of testing in which observers are, e.g., the
description of uncoordinated multiparty contexts or contexts that are unable to observe the complete behaviour of the process under test. In this paper we propose an extended notion of must preorder, called contractual preorder, according to which contracts are compared according to their ability to pass only the tests belonging to a given set. We show the generality of our framework by proving that preorders induced by existing notions of compliance in a distributed setting are instances of the contractual preorder when restricting to suitable sets of observers
Orchestrated Session Compliance
We investigate the notion of orchestrated compliance for client/server
interactions in the context of session contracts. Devising the notion of
orchestrator in such a context makes it possible to have orchestrators with
unbounded buffering capabilities and at the same time to guarantee any message
from the client to be eventually delivered by the orchestrator to the server,
while preventing the server from sending messages which are kept indefinitely
inside the orchestrator. The compliance relation is shown to be decidable by
means of 1) a procedure synthesising the orchestrators, if any, making a client
compliant with a server, and 2) a procedure for deciding whether an
orchestrator behaves in a proper way as mentioned before.Comment: In Proceedings ICE 2015, arXiv:1508.0459
Choreographies in the wild
We investigate the use of choreographies in distributed scenarios where, as in the real world, mutually distrusting (and possibly dishonest) participants may be unfaithful to their expected behaviour. In our model, each participant advertises its promised behaviour as a contract. Participants may interact through multiparty sessions, created when their contracts allow to synthesise a choreography. We show that systems of honest participants (which always adhere to their contracts) enjoy progress and session fidelity
Preliminary Results Towards Contract Monitorability
This paper discusses preliminary investigations on the monitorability of
contracts for web service descriptions. There are settings where servers do not
guarantee statically whether they satisfy some specified contract, which forces
the client (i.e., the entity interacting with the server) to perform dynamic
checks. This scenario may be viewed as an instance of Runtime Verification,
where a pertinent question is whether contracts can be monitored for adequately
at runtime, otherwise stated as the monitorability of contracts. We consider a
simple language of finitary contracts describing both clients and servers, and
develop a formal framework that describes server contract monitoring. We define
monitor properties that potentially contribute towards a comprehensive notion
of contract monitorability and show that our simple contract language satisfies
these properties.Comment: In Proceedings PrePost 2016, arXiv:1605.0809
- …