20 research outputs found
Session Types in a Linearly Typed Multi-Threaded Lambda-Calculus
We present a formalization of session types in a multi-threaded
lambda-calculus (MTLC) equipped with a linear type system, establishing for the
MTLC both type preservation and global progress. The latter (global progress)
implies that the evaluation of a well-typed program in the MTLC can never reach
a deadlock. As this formulated MTLC can be readily embedded into ATS, a
full-fledged language with a functional programming core that supports both
dependent types (of DML-style) and linear types, we obtain a direct
implementation of session types in ATS. In addition, we gain immediate support
for a form of dependent session types based on this embedding into ATS.
Compared to various existing formalizations of session types, we see the one
given in this paper is unique in its closeness to concrete implementation. In
particular, we report such an implementation ready for practical use that
generates Erlang code from well-typed ATS source (making use of session types),
thus taking great advantage of the infrastructural support for distributed
computing in Erlang.Comment: This is the original version of the paper on supporting programming
with dyadic session types in AT
Linearly Typed Dyadic Group Sessions for Building Multiparty Sessions
Traditionally, each party in a (dyadic or multiparty) session implements
exactly one role specified in the type of the session. We refer to this kind of
session as an individual session (i-session). As a generalization of i-session,
a group session (g-session) is one in which each party may implement a group of
roles based on one channel. In particular, each of the two parties involved in
a dyadic g-session implements either a group of roles or its complement. In
this paper, we present a formalization of g-sessions in a multi-threaded
lambda-calculus (MTLC) equipped with a linear type system, establishing for the
MTLC both type preservation and global progress. As this formulated MTLC can be
readily embedded into ATS, a full-fledged language with a functional
programming core that supports both dependent types (of DML-style) and linear
types, we obtain a direct implementation of linearly typed g-sessions in ATS.
The primary contribution of the paper lies in both of the identification of
g-sessions as a fundamental building block for multiparty sessions and the
theoretical development in support of this identification.Comment: This paper can be seen as the pre-sequel to classical linear
multirole logic (CLML). arXiv admin note: substantial text overlap with
arXiv:1603.0372
Foundations of Information-Flow Control and Effects
In programming language research, information-flow control (IFC) is a technique for enforcing a variety of security aspects, such as confidentiality of data,on programs. This Licenciate thesis makes novel contributions to the theory and foundations of IFC in the following ways: Chapter A presents a new proof method for showing the usual desired property of noninterference; Chapter B shows how to securely extend the concurrent IFC language MAC with asynchronous exceptions; and, Chapter C presents a new and simpler language for IFC with effects based on an explicit separation of pure and effectful computations
Two Applications of Logic Programming to Coq
The logic programming paradigm provides a flexible setting for representing, manipulating, checking, and elaborating proof structures. This is particularly true when the logic programming language allows for bindings in terms and proofs. In this paper, we make use of two recent innovations at the intersection of logic programming and proof checking. One of these is the foundational proof certificate (FPC) framework which provides a flexible means of defining the semantics of a range of proof structures for classical and intuitionistic logic. A second innovation is the recently released Coq-Elpi plugin for Coq in which the Elpi implementation of ?Prolog can send and retrieve information to and from the Coq kernel. We illustrate the use of both this Coq plugin and FPCs with two example applications. First, we implement an FPC-driven sequent calculus for a fragment of the Calculus of Inductive Constructions and we package it into a tactic to perform property-based testing of inductive types corresponding to Horn clauses. Second, we implement in Elpi a proof checker for first-order intuitionistic logic and demonstrate how proof certificates can be supplied by external (to Coq) provers and then elaborated into the fully detailed proof terms that can be checked by the Coq kernel
Session Types for the Transport Layer: Towards an Implementation of TCP
Session types are a typing discipline used to formally describe communication-driven applications with the aim of fewer errors and easier debugging later into the life cycle of the software. Protocols at the transport layer such as TCP, UDP, and QUIC underpin most of the communication on the modern Internet and affect billions of end-users. The transport layer has different requirements and constraints compared to the application layer resulting in different requirements for verification. Despite this, to our best knowledge, no work shows the application of session types at the transport layer. In this work, we discuss how multiparty session types (MPST) can be applied to implement the TCP protocol. We develop an MPST-based implementation of a subset of a TCP server in Rust and test its interoperability against the Linux TCP stack. Our results highlight the differences in assumptions between session type theory and the way transport layer protocols are usually implemented. This work is the first step towards bringing session types into the transport layer
HasTEE: Programming Trusted Execution Environments with Haskell
Trusted Execution Environments (TEEs) are hardware-enforced memory isolation
units, emerging as a pivotal security solution for security-critical
applications. TEEs, like Intel SGX and ARM TrustZone, allow the isolation of
confidential code and data within an untrusted host environment, such as the
cloud and IoT. Despite strong security guarantees, TEE adoption has been
hindered by an awkward programming model. This model requires manual
application partitioning and the use of error-prone, memory-unsafe, and
potentially information-leaking low-level C/C++ libraries.
We address the above with \textit{HasTEE}, a domain-specific language (DSL)
embedded in Haskell for programming TEE applications. HasTEE includes a port of
the GHC runtime for the Intel-SGX TEE. HasTEE uses Haskell's type system to
automatically partition an application and to enforce \textit{Information Flow
Control} on confidential data. The DSL, being embedded in Haskell, allows for
the usage of higher-order functions, monads, and a restricted set of I/O
operations to write any standard Haskell application. Contrary to previous
work, HasTEE is lightweight, simple, and is provided as a \emph{simple security
library}; thus avoiding any GHC modifications. We show the applicability of
HasTEE by implementing case studies on federated learning, an encrypted
password wallet, and a differentially-private data clean room.Comment: To appear in Haskell Symposium 202
Relating Functional and Imperative Session Types
Imperative session types provide an imperative interface to session-typed
communication. In such an interface, channel references are first-class objects
with operations that change the typestate of the channel. Compared to
functional session type APIs, the program structure is simpler at the surface,
but typestate is required to model the current state of communication
throughout.
Following an early work that explored the imperative approach, a significant
body of work on session types has neglected the imperative approach and opts
for a functional approach that uses linear types to manage channel references
soundly. We demonstrate that the functional approach subsumes the early work on
imperative session types by exhibiting a typing and semantics preserving
translation into a system of linear functional session types.
We further show that the untyped backwards translation from the functional to
the imperative calculus is semantics preserving. We restrict the type system of
the functional calculus such that the backwards translation becomes type
preserving. Thus, we precisely capture the difference in expressiveness of the
two calculi and conclude that the lack of expressiveness in the imperative
calculus is largely due to restrictions imposed by its type system.Comment: 39 pages, insubmissio
Constrained Type Families
We present an approach to support partiality in type-level computation
without compromising expressiveness or type safety. Existing frameworks for
type-level computation either require totality or implicitly assume it. For
example, type families in Haskell provide a powerful, modular means of defining
type-level computation. However, their current design implicitly assumes that
type families are total, introducing nonsensical types and significantly
complicating the metatheory of type families and their extensions. We propose
an alternative design, using qualified types to pair type-level computations
with predicates that capture their domains. Our approach naturally captures the
intuitive partiality of type families, simplifying their metatheory. As
evidence, we present the first complete proof of consistency for a language
with closed type families.Comment: Originally presented at ICFP 2017; extended editio
Session types in a linearly typed multi-threaded lambda-calculus
We present a formalization of session types in a multi-threaded lambda-calculus (MTLC) equipped with a linear type system, establishing for the MTLC both type preservation and global progress. The latter (global progress) implies that the evaluation of a well-typed program in the MTLC can never reach a deadlock. As this formulated MTLC can be readily embedded into ATS, a full-fledged language with a functional programming core that supports both dependent types (of DML-style) and linear types, we obtain a direct implementation of session types in ATS. In addition, we gain immediate support for a form of dependent session types based on this embedding into ATS. Compared to various existing formalizations of session types, we see the one given in this paper is unique in its closeness to concrete implementation. In particular, we report such an implementation ready for practical use that generates Erlang code from well-typed ATS source (making use of session types), thus taking great advantage of the infrastructural support for distributed computing in Erlang.First author draf