330,683 research outputs found
Abstract State Machines 1988-1998: Commented ASM Bibliography
An annotated bibliography of papers which deal with or use Abstract State
Machines (ASMs), as of January 1998.Comment: Also maintained as a BibTeX file at http://www.eecs.umich.edu/gasm
Gaming security by obscurity
Shannon sought security against the attacker with unlimited computational
powers: *if an information source conveys some information, then Shannon's
attacker will surely extract that information*. Diffie and Hellman refined
Shannon's attacker model by taking into account the fact that the real
attackers are computationally limited. This idea became one of the greatest new
paradigms in computer science, and led to modern cryptography.
Shannon also sought security against the attacker with unlimited logical and
observational powers, expressed through the maxim that "the enemy knows the
system". This view is still endorsed in cryptography. The popular formulation,
going back to Kerckhoffs, is that "there is no security by obscurity", meaning
that the algorithms cannot be kept obscured from the attacker, and that
security should only rely upon the secret keys. In fact, modern cryptography
goes even further than Shannon or Kerckhoffs in tacitly assuming that *if there
is an algorithm that can break the system, then the attacker will surely find
that algorithm*. The attacker is not viewed as an omnipotent computer any more,
but he is still construed as an omnipotent programmer.
So the Diffie-Hellman step from unlimited to limited computational powers has
not been extended into a step from unlimited to limited logical or programming
powers. Is the assumption that all feasible algorithms will eventually be
discovered and implemented really different from the assumption that everything
that is computable will eventually be computed? The present paper explores some
ways to refine the current models of the attacker, and of the defender, by
taking into account their limited logical and programming powers. If the
adaptive attacker actively queries the system to seek out its vulnerabilities,
can the system gain some security by actively learning attacker's methods, and
adapting to them?Comment: 15 pages, 9 figures, 2 tables; final version appeared in the
Proceedings of New Security Paradigms Workshop 2011 (ACM 2011); typos
correcte
Virtual Evidence: A Constructive Semantics for Classical Logics
This article presents a computational semantics for classical logic using
constructive type theory. Such semantics seems impossible because classical
logic allows the Law of Excluded Middle (LEM), not accepted in constructive
logic since it does not have computational meaning. However, the apparently
oracular powers expressed in the LEM, that for any proposition P either it or
its negation, not P, is true can also be explained in terms of constructive
evidence that does not refer to "oracles for truth." Types with virtual
evidence and the constructive impossibility of negative evidence provide
sufficient semantic grounds for classical truth and have a simple computational
meaning. This idea is formalized using refinement types, a concept of
constructive type theory used since 1984 and explained here. A new axiom
creating virtual evidence fully retains the constructive meaning of the logical
operators in classical contexts.
Key Words: classical logic, constructive logic, intuitionistic logic,
propositions-as-types, constructive type theory, refinement types, double
negation translation, computational content, virtual evidenc
Logical Specification and Analysis of Fault Tolerant Systems through Partial Model Checking
This paper presents a framework for a logical characterisation of fault tolerance and its formal analysis based on partial model checking techniques. The framework requires a fault tolerant system to be modelled using a formal calculus, here the CCS process algebra. To this aim we propose a uniform modelling scheme in which to specify a formal model of the system, its failing behaviour and possibly its fault-recovering procedures. Once a formal model is provided into our scheme, fault tolerance - with respect to a given property - can be formalized as an equational Āµ-calculus formula. This formula expresses in a logic formalism, all the fault scenarios satisfying that fault tolerance property. Such a characterisation understands the analysis of fault tolerance as a form of analysis of open systems and thank to partial model checking strategies, it can be made independent on any particular fault assumption. Moreover this logical characterisation makes possible the fault-tolerance verification problem be expressed as a general Āµ-calculus validation problem, for solving which many theorem proof techniques and tools are available. We present several analysis methods showing the flexibility of our approach
Layered architecture for quantum computing
We develop a layered quantum computer architecture, which is a systematic
framework for tackling the individual challenges of developing a quantum
computer while constructing a cohesive device design. We discuss many of the
prominent techniques for implementing circuit-model quantum computing and
introduce several new methods, with an emphasis on employing surface code
quantum error correction. In doing so, we propose a new quantum computer
architecture based on optical control of quantum dots. The timescales of
physical hardware operations and logical, error-corrected quantum gates differ
by several orders of magnitude. By dividing functionality into layers, we can
design and analyze subsystems independently, demonstrating the value of our
layered architectural approach. Using this concrete hardware platform, we
provide resource analysis for executing fault-tolerant quantum algorithms for
integer factoring and quantum simulation, finding that the quantum dot
architecture we study could solve such problems on the timescale of days.Comment: 27 pages, 20 figure
Monitoring-Oriented Programming: A Tool-Supported Methodology for Higher Quality Object-Oriented Software
This paper presents a tool-supported methodological paradigm for object-oriented software development, called monitoring-oriented programming and abbreviated MOP, in which runtime monitoring is a basic software design principle. The general idea underlying MOP is that software developers insert specifications in their code via annotations. Actual monitoring code is automatically synthesized from these annotations before compilation and integrated at appropriate places in the program, according to user-defined configuration attributes. This way, the specification is checked at runtime against the implementation. Moreover, violations and/or validations of specifications can trigger user-defined code at any points in the program, in particular recovery code, outputting or sending messages, or raising exceptions.
The MOP paradigm does not promote or enforce any specific formalism to specify requirements: it allows the users to plug-in their favorite or domain-specific specification formalisms via logic plug-in modules. There are two major technical challenges that MOP supporting tools unavoidably face: monitor synthesis and monitor integration. The former is heavily dependent on the specification formalism and comes as part of the corresponding logic plug-in, while the latter is uniform for all specification formalisms and depends only on the target programming language. An experimental prototype tool, called Java-MOP, is also discussed, which currently supports most but not all of the desired MOP features. MOP aims at reducing the gap between formal specification and implementation, by integrating the two and allowing them together to form a system
Unifying type systems for mobile processes
We present a unifying framework for type systems for process calculi. The
core of the system provides an accurate correspondence between essentially
functional processes and linear logic proofs; fragments of this system
correspond to previously known connections between proofs and processes. We
show how the addition of extra logical axioms can widen the class of typeable
processes in exchange for the loss of some computational properties like
lock-freeness or termination, allowing us to see various well studied systems
(like i/o types, linearity, control) as instances of a general pattern. This
suggests unified methods for extending existing type systems with new features
while staying in a well structured environment and constitutes a step towards
the study of denotational semantics of processes using proof-theoretical
methods
Some observations on the logical foundations of inductive theorem proving
In this paper we study the logical foundations of automated inductive theorem
proving. To that aim we first develop a theoretical model that is centered
around the difficulty of finding induction axioms which are sufficient for
proving a goal.
Based on this model, we then analyze the following aspects: the choice of a
proof shape, the choice of an induction rule and the language of the induction
formula. In particular, using model-theoretic techniques, we clarify the
relationship between notions of inductiveness that have been considered in the
literature on automated inductive theorem proving. This is a corrected version
of the paper arXiv:1704.01930v5 published originally on Nov.~16, 2017
- ā¦