Coinductive Formal Reasoning in Exact Real Arithmetic

In this article we present a method for formally proving the correctness of the lazy algorithms for computing homographic and quadratic transformations -- of which field operations are special cases-- on a representation of real numbers by coinductive streams. The algorithms work on coinductive stream of M\"{o}bius maps and form the basis of the Edalat--Potts exact real arithmetic. We use the machinery of the Coq proof assistant for the coinductive types to present the formalisation. The formalised algorithms are only partially productive, i.e., they do not output provably infinite streams for all possible inputs. We show how to deal with this partiality in the presence of syntactic restrictions posed by the constructive type theory of Coq. Furthermore we show that the type theoretic techniques that we develop are compatible with the semantics of the algorithms as continuous maps on real numbers. The resulting Coq formalisation is available for public download.Comment: 40 page

The consistency strength of long projective determinacy

We determine the consistency strength of determinacy for projective games of length omega(2). Our main theorem is that Pi(1)(n+1)-determinacy for games of length omega(2) implies the existence of a model of set theory with omega + n Woodin cardinals. In a first step, we show that this hypothesis implies that there is a countable set of reals A such that M-n(A), the canonical inner model for n Woodin cardinals constructed over A, satisfies A = R and the Axiom of Determinacy. Then we argue how to obtain a model with omega + n Woodin cardinal from this. We also show how the proof can be adapted to investigate the consistency strength of determinacy for games of length omega(2) with payoff in (sic)(R)Pi(1)(1) or with sigma-projective payoff

Coinductive program verification

We present a program-verification approach based on coinduction, which makes it feasible to verify programs given an operational semantics of a programming language, without constructing intermediates like axiomatic semantics or verification-condition generators. Specifications can be written using any state predicates. The key observations are that being able to define the correctness of a style of program specification as a greatest fixpoint means coinduction can be used to conclude that a specification holds, and that the number of cases that need to be enumerated to have a coinductively provable specification can be reduced to a feasible number by using a generalized coinduction principle (based on notions of ``coinduction up to'' developed for proving bisimulation) instead of the simplest statement of coinduction. We implement our approach in Coq, producing a certifying language-independent verification framework. The soundness of the system is based on a single module proving the necessary coinduction theorem, which is imported unchanged to prove programs in any language. We demonstrate the power of this approach by verifying algorithms as complicated as Schorr-Waite graph marking, and the flexibility by instantiating it for language definitions covering several paradigms, and in several styles of semantics. We also demonstrate a comfortable level of proof automation for several languages and domains, using a common overall heuristic strategy instantiated with customized subroutines. Manual assistance is also smoothly integrated where automation is not completely successful

Components as coalgebras

In the tradition of mathematical modelling in physics and chemistry, constructive formal specification methods are based on the notion of a software model, understood as a state-based abstract machine which persists and evolves in time, according to a behavioural model capturing, for example, partiality or (different degrees of) nondeterminism. This can be identified with the more prosaic notion of a software component advocated by the software industry as ‘building block’ of large, often distributed, systems. Such a component typically encapsulates a number of services through a public interface which provides a limited access to a private state space, paying tribute to the nowadays widespread object-oriented programming principles. The tradition of communicating systems formal design, by contrast, has developed the notion of a process as an abstraction of the behavioural patterns of a computing system, deliberately ignoring the data and state aspects of software systems. Both processes and components are among the broad group of computing phenomena which are hardly definable (or simply not definable) algebraically, i.e., in terms of a complete set of constructors. Their semantics is essentially observational, in the sense that all that can be traced of their evolution is their interaction with the environment. Therefore, coalgebras, whose theory has recently witnessed remarkable developments, appear as a suitable modelling tool. The basic observation of category theory that universal constructions always come in pairs, has motivated research on the duality between algebras and coalgebras, which provides a bridge between models of static (constructive, data-oriented) and dynamical (observational, behaviour-oriented) systems. At the programming level, the intuitive symmetry between data and behaviour provides evidence of such a duality, in its canonical initial-final specialisation. This line of thought entails both definitional and proof principles, i.e., a basis for the development of program calculi directly based on (actually driven by) type specifications. Moreover, such properties can be expressed in terms of generic programming combinators which are used, not only to calculate programs, but also to program with. Framed in this context, this thesis addresses the following main themes: The investigation of a semantic model for (state-based) software components. These are regarded as concrete coalgebras for some Set endofunctors, with specified initial conditions, and organise themselves in a bicategorical setting. The model is able to capture both behavioural issues, which are usually left implicit in state-based specification methods, and interaction through structured data, which is usually a minor concern on process calculi. Two basic cases are considered entailing, respectively, a ‘functional’ and an ‘object-oriented’ shape for components. Both cases are parametrized by a model of behaviour, introduced as a strong (usually commutative) monad. The development of corresponding component calculi, also parametric on the behaviour model, which adds to the genericity of the approach. The study of processes and the ‘reconstruction’ of classical (CCS-like) process calculi on top of their representation as inhabitants of (the carriers of) final coalgebras, in an essentially pointfree, calculational style. An overall concern for genericity, in the sense that models and calculi for both components and processes are parametric on the behaviour model and the interaction discipline, respectively. The animation of both processes and components in CHARITY, a functional programming language entirely based on inductive and coinductive categorical data types. In particular this leads to the development of a process calculi interpreter parametric on the interaction discipline.PRAXIS XXI - Projecto LOGCAMP; POO11/IC-PME/II/S -Projecto KARMA; Fundação para a Ciência e Tecnologia; ALGORITMI Research Center

Specification and refinement of software connectors

Tese de doutoramento em Informática (área de conhecimento de Fundamentos da Computação)Modern computer based systems are essentially based on the cooperation of distributed, heterogeneous component organized into open software architectures that, moreover, can survive in loosely-coupled environments and be easily adapted to changing application requirements. Such is the case, for example, of applications designed to take advantage of the increased computational power provided by massively parallel systems or of the whole business of Internet-based software development. In order to develop such systems in a systematic way, the focus in development method has switched, along the last decade, from functional to structural issues: both data and processes are encapsulated into software units which are connected into large systems resorting, to a number of techniques intended to support reusability and modifiability. Actually, the complexity and ubiquity achieved by software in present times makes it imperative, more than ever, the availability of both technologies and sound methods to drive its development. Programming ‘in–the–large’, component–based programming and software architecture become popular expressions which embody this sort of concerns and correspond to driving forces in current software engineering. In such a context this thesis aims at introducing formal models for software connectors as well as the corresponding notions of equivalence and refinement upon which calculation principles for reasoning and transforming connector-based software architectures can be developed. This research adopts an exogenous coordination point of view in order to deal with components’ temporal and spatial decoupling and, therefore, to provide support for looser levels of inter-component dependency. The thesis also characterises a notion of behavioural interface for components and services. Interfaces and connectors are put together to form configurations, an abstraction for representing software architectures. A prototype implementation of a subset of the proposed models is provided, in the form of a HASKELL library, as a proof of concept. Furthermore, the thesis reports on a case study in which exogenous coordination is applied to the specification of interactive systems.Um número crescente de sistemas computacionais é baseado na cooperação de componentes interdependentes e heterogêneas, organizadas em arquiteturas abertas capazes de sobreviverem em ambientes altamente distribuídos e facilmente adaptáveis a alterações nos requisitos das aplicações que os suportam. Tal é o caso, por exemplo, de aplicações que exploram o poder computacional de sistemas massivamente paralelos ou de sistemas desenvolvidos sobre a Internet. Para desenvolver este tipo de sistemas de forma sistemática, o foco nos métodos de desenvolvimento alterou-se, ao longo da última década, dos aspectos funcionais para os aspectos estruturais dos sistemas: ambos, estruturas de dados e processos são encapsulados em unidades computacionais que são conectadas em grandes sistemas utilizando-se de diversas técnicas que se pretendem capazes de suportar a reutilização e a adaptabilidade do software. Na realidade, a complexidade e ubiqüidade atingidas pelo software nos dias correntes tornam imperativo, mais do que nunca, a disponibilidade de tecnologias e sólidos métodos para conduzir este processo de desenvolvimento. Programação ’em-grande-escala’, programação baseada em componentes e arquiteturas de software são expressões populares que englobam esta preocupação e correspondem aos esforços direcionados pela engenharia de software. Em tal contexto, esta tese tem por objetivo introduzir modelos formais para conectores de software bem como as correspondentes noções de equivalência e refinamento que suportem cálculos para raciocinar e transformar arquiteturas de software baseada em conectores. Esta pesquisa adota um ponto de vista de coordenação exógena para lidar com a separação espacial e temporal das componentes e suportar níveis elevados de independência entre componentes. A tese caracteriza, ainda, uma noção de interface comportamental para componentes e serviços. Interfaces e conectores agregam-se para formar configurações, uma abstração introduzida para representar arquiteturas de software. A implementação, em protótipo, de parte dos modelos propostos, sob a forma de uma biblioteca em HASKELL, é fornecida como prova de conceito. Finalmente, a tese percorre um estudo de caso em que coordenação exôgena é utilizada na especificação de sistemas interactivos.Fundação para a Ciência e a Tecnologia (FCT), SFRH/BD/11083/200

Coalgebraic Multigames

Coalgebraic games have been recently introduced as a generalization of Conway games and other notions of games arising in different contexts. Using coalgebraic methods, games can be viewed as elements of a final coalgebra for a suitable functor, and operations on games can be analyzed in terms of (generalized) coiteration schemata. Coalgebraic games are sequential in nature, i.e. at each step either the Left (L) or the Right (R) player moves (global polarization), moreover only a single move can be performed at each step. Recently, in the context of Game Semantics, concurrent games have been introduced, where global polarization is abandoned, and multiple moves are allowed. In this paper, we introduce coalgebraic multigames, which are situated half-way between traditional sequential games and concurrent games: global polarization is still present, however multiple moves are possible at each step, i.e. a team of L/R players moves in parallel. Coalgebraic operations, such as sum and negation, can be naturally defined on multigames. Interestingly, sum on coalgebraic multigames turns out to be related to Conway's selective sum on games, rather than the usual (sequential) disjoint sum. Selective sum has a parallel nature, in that at each step the current player performs a move in at least one component of the sum game, while on disjoint sum the current player performs a move in exactly one component at each step. A monoidal closed category of coalgebraic multigames in the vein of a Joyal category of Conway games is then built. The relationship between coalgebraic multigames and games is then formalized via an equivalence of the multigame category and a monoidal closed category of coalgebraic games where tensor is selective sum

Multigames and strategies, coalgebraically

Coalgebraic games have been recently introduced as a generalization of Conway games and other notions of games arising in different contexts. Using coalgebraic methods, games can be viewed as elements of a final coalgebra for a suitable functor, and operations on games can be analyzed in terms of (generalized) coiteration schemata. Coalgebraic games are sequential in nature, i.e., at each step either the Left (L) or the Right (R) player moves (global polarization); moreover, only a single move can be performed at each step. Recently, in the context of Game Semantics, concurrent games have been introduced, where global polarization is abandoned, and multiple moves are allowed. In this paper, we introduce coalgebraic multigames, which are situated half-way between traditional sequential games and concurrent games: global polarization is still present, however multiple moves are possible at each step, i.e., a team of L/R players moves in parallel. Coalgebraic operations, such as sum and negation, can be naturally defined on multigames. Interestingly, sum on coalgebraic multigames turns out to be related to Conway's selective sum on games, rather than the usual (sequential) disjoint sum. Selective sum has a parallel nature, in that at each step the current player performs a move in at least one component of the sum game, while on disjoint sum the current player performs a move in exactly one component at each step. A presentation of strategies on coalgebraic games is given via a final coalgebra of a pair of mutually recursive functors, and a suitable notion of simulation. A monoidal closed category of coalgebraic multigames in the vein of a Joyal category of Conway games is then built. The relationship between coalgebraic multigames and games is then formalized via an equivalence of the multigame category and a monoidal closed category of coalgebraic games where tensor is selective sum. \ua9 2015