43 research outputs found

    Behavioural Types

    Get PDF
    Behavioural type systems in programming languages support the specification and verification of properties of programs beyond the traditional use of type systems to describe data processing. A major example of such a property is correctness of communication in concurrent and distributed systems, motivated by the importance of structured communication in modern software. Behavioural Types: from Theory to Tools presents programming languages and software tools produced by members of COST Action IC1201: Behavioural Types for Reliable Large-Scale Software Systems, a European research network that was funded from October 2012 to October 2016. As a survey of the most recent developments in the application of behavioural type systems, it is a valuable reference for researchers in the field, as well as an introduction to the area for graduate students and software developers

    Programming Languages and Systems

    Get PDF
    This open access book constitutes the proceedings of the 29th European Symposium on Programming, ESOP 2020, which was planned to take place in Dublin, Ireland, in April 2020, as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2020. The actual ETAPS 2020 meeting was postponed due to the Corona pandemic. The papers deal with fundamental issues in the specification, design, analysis, and implementation of programming languages and systems

    Engineering Self-Adaptive Collective Processes for Cyber-Physical Ecosystems

    Get PDF
    The pervasiveness of computing and networking is creating significant opportunities for building valuable socio-technical systems. However, the scale, density, heterogeneity, interdependence, and QoS constraints of many target systems pose severe operational and engineering challenges. Beyond individual smart devices, cyber-physical collectives can provide services or solve complex problems by leveraging a “system effect” while coordinating and adapting to context or environment change. Understanding and building systems exhibiting collective intelligence and autonomic capabilities represent a prominent research goal, partly covered, e.g., by the field of collective adaptive systems. Therefore, drawing inspiration from and building on the long-time research activity on coordination, multi-agent systems, autonomic/self-* systems, spatial computing, and especially on the recent aggregate computing paradigm, this thesis investigates concepts, methods, and tools for the engineering of possibly large-scale, heterogeneous ensembles of situated components that should be able to operate, adapt and self-organise in a decentralised fashion. The primary contribution of this thesis consists of four main parts. First, we define and implement an aggregate programming language (ScaFi), internal to the mainstream Scala programming language, for describing collective adaptive behaviour, based on field calculi. Second, we conceive of a “dynamic collective computation” abstraction, also called aggregate process, formalised by an extension to the field calculus, and implemented in ScaFi. Third, we characterise and provide a proof-of-concept implementation of a middleware for aggregate computing that enables the development of aggregate systems according to multiple architectural styles. Fourth, we apply and evaluate aggregate computing techniques to edge computing scenarios, and characterise a design pattern, called Self-organising Coordination Regions (SCR), that supports adjustable, decentralised decision-making and activity in dynamic environments.Con lo sviluppo di informatica e intelligenza artificiale, la diffusione pervasiva di device computazionali e la crescente interconnessione tra elementi fisici e digitali, emergono innumerevoli opportunità per la costruzione di sistemi socio-tecnici di nuova generazione. Tuttavia, l'ingegneria di tali sistemi presenta notevoli sfide, data la loro complessità—si pensi ai livelli, scale, eterogeneità, e interdipendenze coinvolti. Oltre a dispositivi smart individuali, collettivi cyber-fisici possono fornire servizi o risolvere problemi complessi con un “effetto sistema” che emerge dalla coordinazione e l'adattamento di componenti fra loro, l'ambiente e il contesto. Comprendere e costruire sistemi in grado di esibire intelligenza collettiva e capacità autonomiche è un importante problema di ricerca studiato, ad esempio, nel campo dei sistemi collettivi adattativi. Perciò, traendo ispirazione e partendo dall'attività di ricerca su coordinazione, sistemi multiagente e self-*, modelli di computazione spazio-temporali e, specialmente, sul recente paradigma di programmazione aggregata, questa tesi tratta concetti, metodi, e strumenti per l'ingegneria di ensemble di elementi situati eterogenei che devono essere in grado di lavorare, adattarsi, e auto-organizzarsi in modo decentralizzato. Il contributo di questa tesi consiste in quattro parti principali. In primo luogo, viene definito e implementato un linguaggio di programmazione aggregata (ScaFi), interno al linguaggio Scala, per descrivere comportamenti collettivi e adattativi secondo l'approccio dei campi computazionali. In secondo luogo, si propone e caratterizza l'astrazione di processo aggregato per rappresentare computazioni collettive dinamiche concorrenti, formalizzata come estensione al field calculus e implementata in ScaFi. Inoltre, si analizza e implementa un prototipo di middleware per sistemi aggregati, in grado di supportare più stili architetturali. Infine, si applicano e valutano tecniche di programmazione aggregata in scenari di edge computing, e si propone un pattern, Self-Organising Coordination Regions, per supportare, in modo decentralizzato, attività decisionali e di regolazione in ambienti dinamici

    Model Transformation Languages with Modular Information Hiding

    Get PDF
    Model transformations, together with models, form the principal artifacts in model-driven software development. Industrial practitioners report that transformations on larger models quickly get sufficiently large and complex themselves. To alleviate entailed maintenance efforts, this thesis presents a modularity concept with explicit interfaces, complemented by software visualization and clustering techniques. All three approaches are tailored to the specific needs of the transformation domain

    Informacijos saugos reikalavimų harmonizavimo, analizės ir įvertinimo automatizavimas

    Get PDF
    The growing use of Information Technology (IT) in daily operations of enterprises requires an ever-increasing level of protection over organization’s assets and information from unauthorised access, data leakage or any other type of information security breach. Because of that, it becomes vital to ensure the necessary level of protection. One of the best ways to achieve this goal is to implement controls defined in Information security documents. The problems faced by different organizations are related to the fact that often, organizations are required to be aligned with multiple Information security documents and their requirements. Currently, the organization’s assets and information protection are based on Information security specialist’s knowledge, skills and experience. Lack of automated tools for multiple Information security documents and their requirements harmonization, analysis and visualization lead to the situation when Information security is implemented by organizations in ineffective ways, causing controls duplication or increased cost of security implementation. An automated approach for Information security documents analysis, mapping and visualization would contribute to solving this issue. The dissertation consists of an introduction, three main chapters and general conclusions. The first chapter introduces existing Information security regulatory documents, current harmonization techniques, information security implementation cost evaluation methods and ways to analyse Information security requirements by applying graph theory optimisation algorithms (Vertex cover and Graph isomorphism). The second chapter proposes ways to evaluate information security implementation and costs through a controls-based approach. The effectiveness of this method could be improved by implementing automated initial data gathering from Business processes diagrams. In the third chapter, adaptive mapping on the basis of Security ontology is introduced for harmonization of different security documents; such an approach also allows to apply visualization techniques for harmonization results presentation. Graph optimization algorithms (vertex cover algorithm and graph isomorphism algorithm) for Minimum Security Baseline identification and verification of achieved results against controls implemented in small and medium-sized enterprises were proposed. It was concluded that the proposed methods provide sufficient data for adjustment and verification of security controls applicable by multiple Information security documents.Dissertatio

    Towards assessing information privacy in microblogging online social networks. The IPAM framework

    Get PDF
    Les xarxes socials en línia incorporen diferents formes de comunicació interactiva com serveis de microblogs, compartició de fitxers multimèdia o xarxes de contactes professionals. En els últims anys han augmentat els escàndols públics en relació amb pràctiques qüestionables de la indústria de les xarxes socials pel que fa a la privacitat. Així, doncs, cal una avaluació efectiva i eficient del nivell de privacitat en les xarxes socials en línia. El focus de la present tesi és la construcció d'un esquema (IPAM) per a identificar i avaluar el nivell de privacitat proporcionat per les xarxes socials en línia, en particular per als serveis de microblogs. L'objectiu d'IPAM és ajudar els usuaris a identificar els riscos relacionats amb les seves dades. L'esquema també permet comparar el nivell de protecció de la privacitat entre diferents sistemes analitzats, de manera que pugui ser també utilitzat per proveïdors de servei i desenvolupadors per a provar i avaluar els seus sistemes i si les tècniques de privacitat usades són eficaces i suficients.Las redes sociales en línea incorporan diferentes formas de comunicación interactiva como servicios de microblogueo, compartición de ficheros multimedia o redes de contactos profesionales. En los últimos años han aumentado los escándalos públicos relacionados con prácticas cuestionables de la industria de las redes sociales en relación con la privacidad. Así pues, es necesaria una evaluación efectiva y eficiente del nivel de privacidad en las redes sociales en línea. El foco de la presente tesis es la construcción de un esquema (IPAM) para identificar y evaluar el nivel de privacidad proporcionado por las redes sociales en línea, en particular para los servicios de microblogueo. El objetivo de IPAM es ayudar a los usuarios a identificar los riesgos relacionados con sus datos. El esquema también permite comparar el nivel de protección de la privacidad entre diferentes sistemas analizados, de modo que pueda ser también utilizado por proveedores de servicio y desarrolladores para probar y evaluar sus sistemas y si las técnicas de privacidad usadas son eficaces y suficientes.Online social networks (OSNs) incorporate different forms of interactive communication, including microblogging services, multimedia sharing and business networking, among others. In recent years there has been an increase in the number of privacy-related public scandals involving questionable data handling practices in OSNs. This situation calls for an effective and efficient evaluation of the privacy level provided by such services. In this thesis, we take initial steps towards developing an information privacy assessment framework (IPAM framework) to compute privacy scores for online social networks in general, and microblogging OSNs in particular. The aim of the proposed framework is to help users identify personal data-related risks and how their privacy is protected when using one OSN or another. The IPAM framework also allows for a comparison between different systems' privacy protection level. This gives system providers, not only an idea of how they are positioned in the market vis-à-vis their competitors, but also recommendations on how to enhance their services

    A Machine-Checked, Type-Safe Model of Java Concurrency : Language, Virtual Machine, Memory Model, and Verified Compiler

    Get PDF
    The Java programming language provides safety and security guarantees such as type safety and its security architecture. They distinguish it from other mainstream programming languages like C and C++. In this work, we develop a machine-checked model of concurrent Java and the Java memory model and investigate the impact of concurrency on these guarantees. From the formal model, we automatically obtain an executable verified compiler to bytecode and a validated virtual machine
    corecore