1,233 research outputs found
Completeness and Incompleteness of Synchronous Kleene Algebra
Synchronous Kleene algebra (SKA), an extension of Kleene algebra (KA), was
proposed by Prisacariu as a tool for reasoning about programs that may execute
synchronously, i.e., in lock-step. We provide a countermodel witnessing that
the axioms of SKA are incomplete w.r.t. its language semantics, by exploiting a
lack of interaction between the synchronous product operator and the Kleene
star. We then propose an alternative set of axioms for SKA, based on Salomaa's
axiomatisation of regular languages, and show that these provide a sound and
complete characterisation w.r.t. the original language semantics.Comment: Accepted at MPC 201
Kleene Algebras, Regular Languages and Substructural Logics
We introduce the two substructural propositional logics KL, KL+, which use
disjunction, fusion and a unary, (quasi-)exponential connective. For both we
prove strong completeness with respect to the interpretation in Kleene algebras
and a variant thereof. We also prove strong completeness for language models,
where each logic comes with a different interpretation. We show that for both
logics the cut rule is admissible and both have a decidable consequence
relation.Comment: In Proceedings GandALF 2014, arXiv:1408.556
A synchronous program algebra: a basis for reasoning about shared-memory and event-based concurrency
This research started with an algebra for reasoning about rely/guarantee
concurrency for a shared memory model. The approach taken led to a more
abstract algebra of atomic steps, in which atomic steps synchronise (rather
than interleave) when composed in parallel. The algebra of rely/guarantee
concurrency then becomes an instantiation of the more abstract algebra. Many of
the core properties needed for rely/guarantee reasoning can be shown to hold in
the abstract algebra where their proofs are simpler and hence allow a higher
degree of automation. The algebra has been encoded in Isabelle/HOL to provide a
basis for tool support for program verification.
In rely/guarantee concurrency, programs are specified to guarantee certain
behaviours until assumptions about the behaviour of their environment are
violated. When assumptions are violated, program behaviour is unconstrained
(aborting), and guarantees need no longer hold. To support these guarantees a
second synchronous operator, weak conjunction, was introduced: both processes
in a weak conjunction must agree to take each atomic step, unless one aborts in
which case the whole aborts. In developing the laws for parallel and weak
conjunction we found many properties were shared by the operators and that the
proofs of many laws were essentially the same. This insight led to the idea of
generalising synchronisation to an abstract operator with only the axioms that
are shared by the parallel and weak conjunction operator, so that those two
operators can be viewed as instantiations of the abstract synchronisation
operator. The main differences between parallel and weak conjunction are how
they combine individual atomic steps; that is left open in the axioms for the
abstract operator.Comment: Extended version of a Formal Methods 2016 paper, "An algebra of
synchronous atomic steps
A synchronous program algebra: a basis for reasoning about shared-memory and event-based concurrency
This research started with an algebra for reasoning about rely/guarantee
concurrency for a shared memory model. The approach taken led to a more
abstract algebra of atomic steps, in which atomic steps synchronise (rather
than interleave) when composed in parallel. The algebra of rely/guarantee
concurrency then becomes an instantiation of the more abstract algebra. Many of
the core properties needed for rely/guarantee reasoning can be shown to hold in
the abstract algebra where their proofs are simpler and hence allow a higher
degree of automation. The algebra has been encoded in Isabelle/HOL to provide a
basis for tool support for program verification.
In rely/guarantee concurrency, programs are specified to guarantee certain
behaviours until assumptions about the behaviour of their environment are
violated. When assumptions are violated, program behaviour is unconstrained
(aborting), and guarantees need no longer hold. To support these guarantees a
second synchronous operator, weak conjunction, was introduced: both processes
in a weak conjunction must agree to take each atomic step, unless one aborts in
which case the whole aborts. In developing the laws for parallel and weak
conjunction we found many properties were shared by the operators and that the
proofs of many laws were essentially the same. This insight led to the idea of
generalising synchronisation to an abstract operator with only the axioms that
are shared by the parallel and weak conjunction operator, so that those two
operators can be viewed as instantiations of the abstract synchronisation
operator. The main differences between parallel and weak conjunction are how
they combine individual atomic steps; that is left open in the axioms for the
abstract operator.Comment: Extended version of a Formal Methods 2016 paper, "An algebra of
synchronous atomic steps
Recommended from our members
Automated verification of refinement laws
Demonic refinement algebras are variants of Kleene algebras. Introduced by von Wright as a light-weight variant of the refinement calculus, their intended semantics are positively disjunctive predicate transformers, and their calculus is entirely within first-order equational logic. So, for the first time, off-the-shelf automated theorem proving (ATP) becomes available for refinement proofs. We used ATP to verify a toolkit of basic refinement laws. Based on this toolkit, we then verified two classical complex refinement laws for action systems by ATP: a data refinement law and Back's atomicity refinement law. We also present a refinement law for infinite loops that has been discovered through automated analysis. Our proof experiments not only demonstrate that refinement can effectively be automated, they also compare eleven different ATP systems and suggest that program verification with variants of Kleene algebras yields interesting theorem proving benchmarks. Finally, we apply hypothesis learning techniques that seem indispensable for automating more complex proofs
Probabilistic Rely-guarantee Calculus
Jones' rely-guarantee calculus for shared variable concurrency is extended to
include probabilistic behaviours. We use an algebraic approach which combines
and adapts probabilistic Kleene algebras with concurrent Kleene algebra.
Soundness of the algebra is shown relative to a general probabilistic event
structure semantics. The main contribution of this paper is a collection of
rely-guarantee rules built on top of that semantics. In particular, we show how
to obtain bounds on probabilities by deriving rely-guarantee rules within the
true-concurrent denotational semantics. The use of these rules is illustrated
by a detailed verification of a simple probabilistic concurrent program: a
faulty Eratosthenes sieve.Comment: Preprint submitted to TCS-QAP
An Event Structure Model for Probabilistic Concurrent Kleene Algebra
We give a new true-concurrent model for probabilistic concurrent Kleene
algebra. The model is based on probabilistic event structures, which combines
ideas from Katoen's work on probabilistic concurrency and Varacca's
probabilistic prime event structures. The event structures are compared with a
true-concurrent version of Segala's probabilistic simulation. Finally, the
algebraic properties of the model are summarised to the extent that they can be
used to derive techniques such as probabilistic rely/guarantee inference rules.Comment: Submitted and accepted for LPAR19 (2013
A Dutch Book theorem for partial subjective probability
The aim of this paper is to show that partial probability can be justified
from the standpoint of subjective probability in much the same way as classical
probability does. The seminal works of Ramsey and De Finetti have furnished a
method for assessing subjective probabilities: ask about the bets the
decision-maker would be willing to place. So we introduce the concept of
partial bet and partial Dutch Book and prove for partial probability a result
similar to the Ramsey-De Finetti theorem. Finally, we make a comparison between
two concepts of bet: we can bet our money on a sentence describing an event, or
we can bet our money on the event itself, generally conceived as a set. These
two ways of understanding a bet are equivalent in classical probability, but
not in partial probability
- …