The Relatedness and Comparative Utility of Various Approaches to Operational Semantics

We examine three approaches to operational semantics: transition semantics, natural semantics, and reduction semantics. First we compare the style and expressive power of the three forms of semantics by using them to construct semantics for various language features. Program abortion, interleaving, and block structure particularly distinguish the three. Natural semantics was very good at specifying large granularity features such as blocks, but is apparently unable to capture interleaving because of its small granularity . On the other hand, transition semantics and reduction semantics easily express small granularity features but have difficulty with large granularity features. Reduction semantics provide especially concise specifications of non-sequential control constructs such as abortion and interleaving. We also analyze the utility of the different approaches for two application areas: implementation correctness and type soundness. For these two applications, natural semantics seems to allow simpler proofs, although we do not generalize this conclusion to other areas

Maia: A language for mandatory integrity controls of structured data

The integrity of systems files is necessary for the secure functioning of an operating system. Integrity is not generally discussed in terms of complete computer systems. Instead, integrity issues tend to be either tightly coupled to a particular domain (e.g. database constraints), or else so broad as to be useless except after the fact (e.g. backups). Often, file integrity is determined by who modifies the file or by a checksum. This paper focuses on a general model of the internal integrity of a file. Even if a file is modified by a subject with trust or has a valid checksum, it may not meet the specification of a valid file. An example would be a password file with no user assigned a user id of 0. In this paper, we describe a language called Maia that provides a means to specify what the contents of a valid file should be. Maia can be used to specify the format and valid properties of system configuration files, PNG files and others. We give a structural operational semantics of Ma ia and discuss an initial implementation within a mandatory integrity system

Towards a Generic Framework to Generate Explanatory Traces of Constraint Solving and Rule-Based Reasoning

In this report, we show how to use the Simple Fluent Calculus (SFC) to specify generic tracers, i.e. tracers which produce a generic trace. A generic trace is a trace which can be produced by different implementations of a software component and used independently from the traced component. This approach is used to define a method for extending a java based CHRor platform called CHROME (Constraint Handling Rule Online Model-driven Engine) with an extensible generic tracer. The method includes a tracer specification in SFC, a methodology to extend it, and the way to integrate it with CHROME, resulting in the platform CHROME-REF (for Reasoning Explanation Facilities), which is a constraint solving and rule based reasoning engine with explanatory traces

Formal semantics for LIPS (Language for Implementing Parallel/distributed Systems)

This thesis presents operational semantics and an abstract machine for a point-to-point asynchronous message passing language called LIPS (Language for Implementing Parallel/ distributed Systems). One of the distinctive features of LIPS is its capability to handle computation and communication independently. Taking advantage of this capability, a two steps strategy has been adopted to define the operational semantics. The two steps are as follows: • A big-step semantics with single-step re-writes is used to relate the expressions and their evaluated results (computational part of LIPS). • The developed big-step semantics has been extended with Structural Operational Semantics (SOS) to describe the asynchronous message passing of LIPS (communication part of LIPS). The communication in LIPS has been implemented using Asynchronous Message Passing System (AMPS). It makes use of very simple data structures and avoids the use of buffers. While operational semantics is used to specify the meaning of programs, abstract machines are used to provide intermediate representation of the language's implementation. LIPS Abstract Machine (LAM) is defined to execute LIPS programs. The correctness of the execution of the LIPS program/expression written using the operational semantics is verified by comparing it with its equivalent code generated using the abstract machine. Specification of Asynchronous Communicating Systems (SACS) is a process algebra developed to specify the communication in LIPS programs. It is an asynchronous variant of Synchronous Calculus of Communicating Systems (SCCS). This research presents the SOS for SACS and looks at the bisimulation equivalence properties for SACS which can be used to verify the behaviour of a specified process. An implementation is said to be complete when it is equivalent to its specifications. SACS has been used for the high level specification of the communication part of LIPS programs and is implemented using AMPS. This research proves that SACS and AMPS are equivalent by defining a weak bisimulation equivalence relation between the SOS of both SACS and AMPS

Type Oriented Parallel Programming

Context: Parallel computing is an important field within the sciences. With the emergence of multi, and soon many, core CPUs this is moving more and more into the domain of general computing. HPC programmers want performance, but at the moment this comes at a cost; parallel languages are either efficient or conceptually simple, but not both. Aim: To develop and evaluate a novel programming paradigm which will address the problem of parallel programming and allow for languages which are both conceptually simple and efficient. Method: A type-based approach, which allows the programmer to control all aspects of parallelism by the use and combination of types has been developed. As a vehicle to present and analyze this new paradigm a parallel language, Mesham, and associated compilation tools have also been created. By using types to express parallelism the programmer can exercise efficient, flexible control in a high level abstract model yet with a sufficiently rich amount of information in the source code upon which the compiler can perform static analysis and optimization. Results: A number of case studies have been implemented in Mesham. Official benchmarks have been performed which demonstrate the paradigm allows one to write code which is comparable, in terms of performance, with existing high performance solutions. Sections of the parallel simulation package, Gadget-2, have been ported into Mesham, where substantial code simplifications have been made. Conclusions: The results obtained indicate that the type-based approach does satisfy the aim of the research described in this thesis. By using this new paradigm the programmer has been able to write parallel code which is both simple and efficient

Action semantics of unified modeling language

The Uni ed Modeling Language or UML, as a visual and general purpose modeling language, has been around for more than a decade, gaining increasingly wide application and becoming the de-facto industrial standard for modeling software systems. However, the dynamic semantics of UML behaviours are only described in natural languages. Speci cation in natural languages inevitably involves vagueness, lacks reasonability and discourages mechanical language implementation. Such semi-formality of UML causes wide concern for researchers, including us. The formal semantics of UML demands more readability and extensibility due to its fast evolution and a wider range of users. Therefore we adopt Action Semantics (AS), mainly created by Peter Mosses, to formalize the dynamic semantics of UML, because AS can satisfy these needs advantageously compared to other frameworks. Instead of de ning UML directly, we design an action language, called ALx, and use it as the intermediary between a typical executable UML and its action semantics. ALx is highly heterogeneous, combining the features of Object Oriented Programming Languages, Object Query Languages, Model Description Languages and more complex behaviours like state machines. Adopting AS to formalize such a heterogeneous language is in turn of signi cance in exploring the adequacy and applicability of AS. In order to give assurance of the validity of the action semantics of ALx, a prototype ALx-to-Java translator is implemented, underpinned by our formal semantic description of the action language and using the Model Driven Approach (MDA). We argue that MDA is a feasible way of implementing this source-to-source language translator because the cornerstone of MDA, UML, is adequate to specify the static aspect of programming languages, and MDA provides executable transformation languages to model mapping rules between languages. We also construct a translator using a commonly-used conventional approach, in i which a tool is employed to generate the lexical scanner and the parser, and then other components including the type checker, symbol table constructor, intermediate representation producer and code generator, are coded manually. Then we compare the conventional approach with the MDA. The result shows that MDA has advantages over the conventional method in the aspect of code quality but is inferior to the latter in terms of system performance

Abstract interpretation and optimising transformations for applicative programs

This thesis describes methods for transforming applicative programs with the aim of improving their efficiency. The general justification for these techniques is presented via the concept of abstract interpretation. The work can be seen as providing mechanisms to optimise applicative programs for sequential von Neumann machines. The chapters address the following subjects. Chapter 1 gives an overview and gentle introduction to the following technical chapters. Chapter 2 gives an introduction to and motivation for the concept of abstract interpretation necessary for the detailed understanding of the rest of the work. It includes certain theoretical developments, of which I believe the most important is the incorporation of the concept of partial functions into our notion of abstract interpretation. This is done by associating non-standard denotations with functions just as denotational semantics gives the standard denotations. Chapter 3 gives an example of the ease with which we can talk about function objects within abstract interpretive schemes. It uses this to show how a simple language using call-by-need semantics can be augmented with a system that annotates places in a program at which call-by-value can be used without violating the call-by-need semantics. Chapter 4 extends the work of chapter 3 by showing that under some sequentiality restriction, the incorporation of call-by-value for call-by-need can be made complete in the sense that the resulting program will only possess strict functions except for the conditional. Chapter 5 is an attempt to apply the concepts of abstract interpretation to a completely different problem, that of incorporating destructive operators into an applicative program. We do this in order to increase the efficiency of implementation without violating the applicative semantics by introducing destructive operators into our language. Finally, chapter 6 contains a discussion of the implications of such techniques for real languages, and in particular presents arguments whereby applicative languages should be seen as whole systems and not merely the applicative subset of some larger language

Computing and estimating information leakage with a quantitative point-to-point information flow model

Information leakage occurs when a system exposes its secret information to an unauthorised entity. Information flow analysis is concerned with tracking flows of information through systems to determine whether they process information securely or leak information. We present a novel information flow model that permits an arbitrary amount of secret and publicly-observable information to occur at any point and in any order in a system. This is an improvement over previous models, which generally assume that systems process a single piece of secret information present before execution and produce a single piece of publicly-observable information upon termination. Our model precisely quantifies the information leakage from secret to publicly-observable values at user-defined points - hence, a "point-to-point" model - using the information-theoretic measures of mutual information and min-entropy leakage; it is ideal for analysing systems of low to moderate complexity. We also present a relaxed version of our information flow model that estimates, rather than computes, the measures of mutual information and min-entropy leakage via sampling of a system. We use statistical techniques to bound the accuracy of the estimates this model provides. We demonstrate how our relaxed model is more suitable for analysing complex systems by implementing it in a quantitative information flow analysis tool for Java programs