196 research outputs found
A Note on the Expressiveness of BIP
We extend our previous algebraic formalisation of the notion of
component-based framework in order to formally define two forms, strong and
weak, of the notion of full expressiveness. Our earlier result shows that the
BIP (Behaviour-Interaction-Priority) framework does not possess the strong full
expressiveness. In this paper, we show that BIP has the weak form of this
notion and provide results detailing weak and strong full expressiveness for
classical BIP and several modifications, obtained by relaxing the constraints
imposed on priority models.Comment: In Proceedings EXPRESS/SOS 2016, arXiv:1608.0269
A linear programming approach to general dataflow process network verification and dimensioning
In this paper, we present linear programming-based sufficient conditions,
some of them polynomial-time, to establish the liveness and memory boundedness
of general dataflow process networks. Furthermore, this approach can be used to
obtain safe upper bounds on the size of the channel buffers of such a network.Comment: In Proceedings ICE 2010, arXiv:1010.530
Safer in the Clouds (Extended Abstract)
We outline the design of a framework for modelling cloud computing
systems.The approach is based on a declarative programming model which takes
the form of a lambda-calculus enriched with suitable mechanisms to express and
enforce application-level security policies governing usages of resources
available in the clouds. We will focus on the server side of cloud systems, by
adopting a pro-active approach, where explicit security policies regulate
server's behaviour.Comment: In Proceedings ICE 2010, arXiv:1010.530
Port Protocols for Deadlock-Freedom of Component Systems
In component-based development, approaches for property verification exist
that avoid building the global system behavior of the component model.
Typically, these approaches rely on the analysis of the local behavior of fixed
sized subsystems of components. In our approach, we want to avoid not only the
analysis of the global behavior but also of the local behaviors of the
components. Instead, we consider very small parts of the local behaviors called
port protocols that suffice to verify properties.Comment: In Proceedings ICE 2010, arXiv:1010.530
Toward Sequentializing Overparallelized Protocol Code
In our ongoing work, we use constraint automata to compile protocol
specifications expressed as Reo connectors into efficient executable code,
e.g., in C. We have by now studied this automata based compilation approach
rather well, and have devised effective solutions to some of its problems.
Because our approach is based on constraint automata, the approach, its
problems, and our solutions are in fact useful and relevant well beyond the
specific case of compiling Reo. In this short paper, we identify and analyze
two such rather unexpected problems.Comment: In Proceedings ICE 2014, arXiv:1410.701
A note on two notions of compliance
We establish a relation between two models of contracts: binary session
types, and a model based on event structures and game-theoretic notions. In
particular, we show that compliance in session types corresponds to the
existence of certain winning strategies in game-based contracts.Comment: In Proceedings ICE 2014, arXiv:1410.701
Deductive Verification of Parallel Programs Using Why3
The Message Passing Interface specification (MPI) defines a portable
message-passing API used to program parallel computers. MPI programs manifest a
number of challenges on what concerns correctness: sent and expected values in
communications may not match, resulting in incorrect computations possibly
leading to crashes; and programs may deadlock resulting in wasted resources.
Existing tools are not completely satisfactory: model-checking does not scale
with the number of processes; testing techniques wastes resources and are
highly dependent on the quality of the test set.
As an alternative, we present a prototype for a type-based approach to
programming and verifying MPI like programs against protocols. Protocols are
written in a dependent type language designed so as to capture the most common
primitives in MPI, incorporating, in addition, a form of primitive recursion
and collective choice. Protocols are then translated into Why3, a deductive
software verification tool. Source code, in turn, is written in WhyML, the
language of the Why3 platform, and checked against the protocol. Programs that
pass verification are guaranteed to be communication safe and free from
deadlocks.
We verified several parallel programs from textbooks using our approach, and
report on the outcome.Comment: In Proceedings ICE 2015, arXiv:1508.0459
On the Executability of Interactive Computation
The model of interactive Turing machines (ITMs) has been proposed to
characterise which stream translations are interactively computable; the model
of reactive Turing machines (RTMs) has been proposed to characterise which
behaviours are reactively executable. In this article we provide a comparison
of the two models. We show, on the one hand, that the behaviour exhibited by
ITMs is reactively executable, and, on the other hand, that the stream
translations naturally associated with RTMs are interactively computable. We
conclude from these results that the theory of reactive executability subsumes
the theory of interactive computability. Inspired by the existing model of ITMs
with advice, which provides a model of evolving computation, we also consider
RTMs with advice and we establish that a facility of advice considerably
upgrades the behavioural expressiveness of RTMs: every countable transition
system can be simulated by some RTM with advice up to a fine notion of
behavioural equivalence.Comment: 15 pages, 0 figure
On Asynchrony and Choreographies
Choreographic Programming is a paradigm for the development of concurrent
software, where deadlocks are prevented syntactically. However, choreography
languages are typically synchronous, whereas many real-world systems have
asynchronous communications. Previous attempts at enriching choreographies with
asynchrony rely on ad-hoc constructions, whose adequacy is only argued
informally. In this work, we formalise the properties that an asynchronous
semantics for choreographies should have: messages can be sent without the
intended receiver being ready, and all sent messages are eventually received.
We explore how out-of-order execution, used in choreographies for modelling
concurrency, can be exploited to endow choreographies with an asynchronous
semantics. Our approach satisfies the properties we identified. We show how our
development yields a pleasant correspondence with FIFO-based asynchronous
messaging, modelled in a process calculus, and discuss how it can be adopted in
more complex choreography models.Comment: In Proceedings ICE 2017, arXiv:1711.1070
- …