An Experiment in Ping-Pong Protocol Verification by Nondeterministic Pushdown Automata

An experiment is described that confirms the security of a well-studied class of cryptographic protocols (Dolev-Yao intruder model) can be verified by two-way nondeterministic pushdown automata (2NPDA). A nondeterministic pushdown program checks whether the intersection of a regular language (the protocol to verify) and a given Dyck language containing all canceling words is empty. If it is not, an intruder can reveal secret messages sent between trusted users. The verification is guaranteed to terminate in cubic time at most on a 2NPDA-simulator. The interpretive approach used in this experiment simplifies the verification, by separating the nondeterministic pushdown logic and program control, and makes it more predictable. We describe the interpretive approach and the known transformational solutions, and show they share interesting features. Also noteworthy is how abstract results from automata theory can solve practical problems by programming language means.Comment: In Proceedings MARS/VPT 2018, arXiv:1803.0866

Program Understanding through Cliché Recognition

We propose research into automatic program understanding via recognition of common data structures and algorithms (clichés). Our goals are two-fold: first, to develop a theory of program structure which makes such recognition tractable; and second, to produce a program (named Inspector) which, given a Lisp program and a library of clichés, will construct a hierarchical decomposition of the program in terms of the clichés it uses. Our approach involves assuming constraints on the possible decompositions of programs according to the teleological relations between their parts. Programs are analyzed by translating them into a language-independent form and then parsing this representation in accordance with a context-free web grammar induced by the library of clichés. Decompositions produced by this analysis will in general be partial, since most programs will not be made up entirely of clichés. This work is motivated by the belief that identification of clichés used in program, together with knowledge of their properties, provides a sufficient basis for understanding large parts of that program's behavior. Inspector will become one component of a system of programs known as a programmer's apprentice, in which Inspector's output will be used to assist a programmer with program synthesis, debugging, and maintenance.MIT Artificial Intelligence Laborator

Component library retrieval using property models

The re-use of products such as code, specifications, design decisions and documentation has been proposed as a method for increasing software productivity and reliability. A major problem that has still to be adequately solved is the storage and retrieval of re-usable 'components'. Current methods, such as keyword retrieval and catalogues, rely on the use of names to describe components or categories. This is inadequate for all but a few well established components and categories; in the majority of cases names do not convey sufficient information on which to base a decision to retrieve. One approach to this problem is to describe components using a formal specification. However this is impractical for two reasons; firstly, the limitations of theorem proving would severely restrict the complexity of components that could be retrieved and secondly the retrieval mechanism would need to have a method of retrieving components with 'similar' specifications. This thesis proposes the use of formal 'property' models to represent the key functionality of components. Retrieval of components can then take place on the basis of a property model produced by the library's users. These models only describe the key properties of a component, thereby making the task of comparing properties feasible. Views are introduced as a method of relating similar, non identical property models, and the use of these views facilitates the re-use of components with similar properties. The language Miramod has been developed for the purpose of describing components, and a Miramod compiler and property prover which allow Miramod models to be compared for similarity, have been designed and implemented. These tools have indicated that model based component library retrieval is feasible at relatively low levels of the programming process, and future work is suggested to extend the method to encompass earlier stages in the development of large systems

Formalizing graphical notations

The thesis describes research into graphical notations for software engineering, with a principal interest in ways of formalizing them. The research seeks to provide a theoretical basis that will help in designing both notations and the software tools that process them. The work starts from a survey of literature on notation, followed by a review of techniques for formal description and for computational handling of notations. The survey concentrates on collecting views of the benefits and the problems attending notation use in software development; the review covers picture description languages, grammars and tools such as generic editors and visual programming environments. The main problem of notation is found to be a lack of any coherent, rigorous description methods. The current approaches to this problem are analysed as lacking in consensus on syntax specification and also lacking a clear focus on a defined concept of notated expression. To address these deficiencies, the thesis embarks upon an exploration of serniotic, linguistic and logical theory; this culminates in a proposed formalization of serniosis in notations, using categorial model theory as a mathematical foundation. An argument about the structure of sign systems leads to an analysis of notation into a layered system of tractable theories, spanning the gap between expressive pictorial medium and subject domain. This notion of 'tectonic' theory aims to treat both diagrams and formulae together. The research gives details of how syntactic structure can be sketched in a mathematical sense, with examples applying to software development diagrams, offering a new solution to the problem of notation specification. Based on these methods, the thesis discusses directions for resolving the harder problems of supporting notation design, processing and computer-aided generic editing. A number of future research areas are thereby opened up. For practical trial of the ideas, the work proceeds to the development and partial implementation of a system to aid the design of notations and editors. Finally the thesis is evaluated as a contribution to theory in an area which has not attracted a standard approach

Software maintenance by program transformation in a wide spectrum language

This thesis addresses the software maintenance problem of extracting high-level designs from code. The investigated solution is to use a mathematically-based formal program transformation system. The resulting tool, the Maintainer's Assistant, is based on Ward's [177] WSL (wide spectrum language) and method of proving program equivalence. The problems addressed include: how to reverse engineer from code alone (the only reliable source of information about a program [158]), how to express program transformations within the system, what kinds of transformations should be incorporated, how to make the tool simple to use, how to perform abstraction and how to create a tool suitable for use with large programs. Using the Maintainer's Assistant, the program code is automatically translated into WSL and the transformations, although tested for valid applicability by the system, are interactively applied by the user. Notable features include a mathematical simplifier, a large flexible transformation catalogue and, significantly, the use of an extension of WSL, A4etaWSL, for representing the transformations. MetaWSL expands WSL by incorporating a variety of extensions, including: program editing statements, pattern matching and template filling functions, symbolic mathematics and logic functions, statements for moving within the program’s syntax tree and statements for repeating an operation at each node of the tree. Using MetaWSL, 80% of the 601 transformations can be expressed in less than 20 program statements. The Maintainer's Assistant has been used on a wide variety of examples of up to several thousand lines, including commercial software written in IBM 370 assembler. It has been possible to transform initially unstructured programs into a hierarchy of procedures, facilitating subsequent design recovery. These results show that program transformation is a viable method of renovating old (370 assembler) code in a cost elective way, and that MetaWSL provides an effective basis for clearly and concisely expressing the required transformations

Transformation of logic programs: Foundations and techniques

AbstractWe present an overview of some techniques which have been proposed for the transformation of logic programs. We consider the so-called “rules + strategies” approach, and we address the following two issues: the correctness of some basic transformation rules w.r.t. a given semantics and the use of strategies for guiding the application of the rules and improving efficiency. We will also show through some examples the use and the power of the transformational approach, and we will briefly illustrate its relationship to other methodologies for program development

A Requirements Analyst's Apprentice: A Proposal

The Requirements Analyst's APprentice (RAAP) partially automates the modeling process involved in creating a software requirement. It uses knowledge of the specific domain and general experience regarding software requirements to guide decisions made in the construction of a requirement. RAAP assists the analyst by maintaining consistency, detecting redundancy of description, and analyzing completeness relative to a known body of requirements experience. RAAP is a tool to be used by an analyst in his dealings with the customer. It helps him translate the customer's informal ideas into a requirements knowledge base. RAAP will have the ability to present its internal representation of the requirement in document form. Document-based requirements analysis is the state of the art. A computer-based, knowledge-based analysis system can provide improvement in quality, efficiency and maintainability over document-based requirements analysis and thus advance the state of the art towards automatic programming. RAAP takes a new approach to automating software development by concentrating on the modeling process involved in system construction (as opposed to the model translation process.) By supporting the intelligent creation of perspicuous models, it is hoped that flaws will become self revealing and the quality of software can be improved. Assistance is proved or the creation of "correct" models and for the analysis of the implications of modeling decisions.MIT Artificial Intelligence Laborator