45,679 research outputs found
Fifty years of Hoare's Logic
We present a history of Hoare's logic.Comment: 79 pages. To appear in Formal Aspects of Computin
Recommended from our members
Using formal methods to support testing
Formal methods and testing are two important approaches that assist in the development of high quality software. While traditionally these approaches have been seen as rivals, in recent
years a new consensus has developed in which they are seen as complementary. This article reviews the state of the art regarding ways in which the presence of a formal specification can be used to assist testing
Auditable Restoration of Distributed Programs
We focus on a protocol for auditable restoration of distributed systems. The
need for such protocol arises due to conflicting requirements (e.g., access to
the system should be restricted but emergency access should be provided). One
can design such systems with a tamper detection approach (based on the
intuition of "break the glass door"). However, in a distributed system, such
tampering, which are denoted as auditable events, is visible only for a single
node. This is unacceptable since the actions they take in these situations can
be different than those in the normal mode. Moreover, eventually, the auditable
event needs to be cleared so that system resumes the normal operation.
With this motivation, in this paper, we present a protocol for auditable
restoration, where any process can potentially identify an auditable event.
Whenever a new auditable event occurs, the system must reach an "auditable
state" where every process is aware of the auditable event. Only after the
system reaches an auditable state, it can begin the operation of restoration.
Although any process can observe an auditable event, we require that only
"authorized" processes can begin the task of restoration. Moreover, these
processes can begin the restoration only when the system is in an auditable
state. Our protocol is self-stabilizing and has bounded state space. It can
effectively handle the case where faults or auditable events occur during the
restoration protocol. Moreover, it can be used to provide auditable restoration
to other distributed protocol.Comment: 10 page
Complexity Hierarchies and Higher-order Cons-free Term Rewriting
Constructor rewriting systems are said to be cons-free if, roughly,
constructor terms in the right-hand sides of rules are subterms of the
left-hand sides; the computational intuition is that rules cannot build new
data structures. In programming language research, cons-free languages have
been used to characterize hierarchies of computational complexity classes; in
term rewriting, cons-free first-order TRSs have been used to characterize the
class PTIME.
We investigate cons-free higher-order term rewriting systems, the complexity
classes they characterize, and how these depend on the type order of the
systems. We prove that, for every K 1, left-linear cons-free systems
with type order K characterize ETIME if unrestricted evaluation is used
(i.e., the system does not have a fixed reduction strategy).
The main difference with prior work in implicit complexity is that (i) our
results hold for non-orthogonal term rewriting systems with no assumptions on
reduction strategy, (ii) we consequently obtain much larger classes for each
type order (ETIME versus EXPTIME), and (iii) results for cons-free
term rewriting systems have previously only been obtained for K = 1, and with
additional syntactic restrictions besides cons-freeness and left-linearity.
Our results are among the first implicit characterizations of the hierarchy E
= ETIME ETIME ... Our work confirms prior
results that having full non-determinism (via overlapping rules) does not
directly allow for characterization of non-deterministic complexity classes
like NE. We also show that non-determinism makes the classes characterized
highly sensitive to minor syntactic changes like admitting product types or
non-left-linear rules.Comment: extended version of a paper submitted to FSCD 2016. arXiv admin note:
substantial text overlap with arXiv:1604.0893
Packet flow analysis in IP networks via abstract interpretation
Static analysis (aka offline analysis) of a model of an IP network is useful
for understanding, debugging, and verifying packet flow properties of the
network. There have been static analysis approaches proposed in the literature
for networks based on model checking as well as graph reachability. Abstract
interpretation is a method that has typically been applied to static analysis
of programs. We propose a new, abstract-interpretation based approach for
analysis of networks. We formalize our approach, mention its correctness
guarantee, and demonstrate its flexibility in addressing multiple
network-analysis problems that have been previously solved via tailor-made
approaches. Finally, we investigate an application of our analysis to a novel
problem -- inferring a high-level policy for the network -- which has been
addressed in the past only in the restricted single-router setting.Comment: 8 page
- âŠ