Static Safety for an Actor Dedicated Process Calculus by Abstract Interpretation

The actor model eases the definition of concurrent programs with non uniform behaviors. Static analysis of such a model was previously done in a data-flow oriented way, with type systems. This approach was based on constraint set resolution and was not able to deal with precise properties for communications of behaviors. We present here a new approach, control-flow oriented, based on the abstract interpretation framework, able to deal with communication of behaviors. Within our new analyses, we are able to verify most of the previous properties we observed as well as new ones, principally based on occurrence counting

Event Systems and Access Control

We consider the interpretations of notions of access control (permissions, interdictions, obligations, and user rights) as run-time properties of information systems specified as event systems with fairness. We give proof rules for verifying that an access control policy is enforced in a system, and consider preservation of access control by refinement of event systems. In particular, refinement of user rights is non-trivial; we propose to combine low-level user rights and system obligations to implement high-level user rights

A Study of Concurrency Bugs and Advanced Development Support for Actor-based Programs

The actor model is an attractive foundation for developing concurrent applications because actors are isolated concurrent entities that communicate through asynchronous messages and do not share state. Thereby, they avoid concurrency bugs such as data races, but are not immune to concurrency bugs in general. This study taxonomizes concurrency bugs in actor-based programs reported in literature. Furthermore, it analyzes the bugs to identify the patterns causing them as well as their observable behavior. Based on this taxonomy, we further analyze the literature and find that current approaches to static analysis and testing focus on communication deadlocks and message protocol violations. However, they do not provide solutions to identify livelocks and behavioral deadlocks. The insights obtained in this study can be used to improve debugging support for actor-based programs with new debugging techniques to identify the root cause of complex concurrency bugs.Comment: - Submitted for review - Removed section 6 "Research Roadmap for Debuggers", its content was summarized in the Future Work section - Added references for section 1, section 3, section 4.3 and section 5.1 - Updated citation

Organising the knowledge space for software components

Software development has become a distributed, collaborative process based on the assembly of off-the-shelf and purpose-built components. The selection of software components from component repositories and the development of components for these repositories requires an accessible information infrastructure that allows the description and comparison of these components. General knowledge relating to software development is equally important in this context as knowledge concerning the application domain of the software. Both form two pillars on which the structural and behavioural properties of software components can be addressed. Form, effect, and intention are the essential aspects of process-based knowledge representation with behaviour as a primary property. We investigate how this information space for software components can be organised in order to facilitate the required taxonomy, thesaurus, conceptual model, and logical framework functions. Focal point is an axiomatised ontology that, in addition to the usual static view on knowledge, also intrinsically addresses the dynamics, i.e. the behaviour of software. Modal logics are central here – providing a bridge between classical (static) knowledge representation approaches and behaviour and process description and classification. We relate our discussion to the Web context, looking at Web services as components and the Semantic Web as the knowledge representation framewor

Mobile cameras as new technologies of surveillance? How citizens experience the use of mobile cameras in public nightscapes.

In Surveillance Studies the terms ‘sousveillance’ and ‘inverse surveillance’ describe forms of surveillance that have a bottom-up and democratic character. However, in this paper this democratic notion is questioned by looking into practices and experiences with both Closed Circuit Television (CCTV) and mobile cameras by Dutch citizens. By intervening in the nightlife district of the\ud Rotterdam1 city centre, data has been gathered on both mobile- and CCTV camera confrontations. From this, an exploration is made into how mobile cameras are experienced in the nightlife landscape. Comparing these experiences with CCTV provides insight into new surveillance issues that emerge due to the mobile camera. The perspective of analyzing surveillance technologies as hybrid collectives that may take different shapes in different places, allows for a contribution that attempts to improve our understanding of the current changes in the surveillance technology landscap

Automatic Verification of Erlang-Style Concurrency

This paper presents an approach to verify safety properties of Erlang-style, higher-order concurrent programs automatically. Inspired by Core Erlang, we introduce Lambda-Actor, a prototypical functional language with pattern-matching algebraic data types, augmented with process creation and asynchronous message-passing primitives. We formalise an abstract model of Lambda-Actor programs called Actor Communicating System (ACS) which has a natural interpretation as a vector addition system, for which some verification problems are decidable. We give a parametric abstract interpretation framework for Lambda-Actor and use it to build a polytime computable, flow-based, abstract semantics of Lambda-Actor programs, which we then use to bootstrap the ACS construction, thus deriving a more accurate abstract model of the input program. We have constructed Soter, a tool implementation of the verification method, thereby obtaining the first fully-automatic, infinite-state model checker for a core fragment of Erlang. We find that in practice our abstraction technique is accurate enough to verify an interesting range of safety properties. Though the ACS coverability problem is Expspace-complete, Soter can analyse these verification problems surprisingly efficiently.Comment: 12 pages plus appendix, 4 figures, 1 table. The tool is available at http://mjolnir.cs.ox.ac.uk/soter

Enforcement in Dynamic Spectrum Access Systems

The spectrum access rights granted by the Federal government to spectrum users come with the expectation of protection from harmful interference. As a consequence of the growth of wireless demand and services of all types, technical progress enabling smart agile radio networks, and on-going spectrum management reform, there is both a need and opportunity to use and share spectrum more intensively and dynamically. A key element of any framework for managing harmful interference is the mechanism for enforcement of those rights. Since the rights to use spectrum and to protection from harmful interference vary by band (licensed/unlicensed, legacy/newly reformed) and type of use/users (primary/secondary, overlay/underlay), it is reasonable to expect that the enforcement mechanisms may need to vary as well.\ud \ud In this paper, we present a taxonomy for evaluating alternative mechanisms for enforcing interference protection for spectrum usage rights, with special attention to the potential changes that may be expected from wider deployment of Dynamic Spectrum Access (DSA) systems. Our exploration of how the design of the enforcement regime interacts with and influences the incentives of radio operators under different rights regimes and market scenarios is intended to assist in refining thinking about appropriate access rights regimes and how best to incentivize investment and growth in more efficient and valuable uses of the radio frequency spectrum