The foundational legacy of ASL

Abstract. We recall the kernel algebraic specification language ASL and outline its main features in the context of the state of research on algebraic specification at the time it was conceived in the early 1980s. We discuss the most significant new ideas in ASL and the influence they had on subsequent developments in the field and on our own work in particular.

Facilitating modular property-preserving extensions of programming languages

We will explore an approach to modular programming language descriptions and extensions in a denotational style. Based on a language core, language features are added stepwise on the core. Language features can be described separated from each other in a self-contained, orthogonal way. We present an extension semantics framework consisting of mechanisms to adapt semantics of a basic language to new structural requirements in an extended language preserving the behaviour of programs of the basic language. Common templates of extension are provided. These can be collected in extension libraries accessible to and extendible by language designers. Mechanisms to extend these libraries are provided. A notation for describing language features embedding these semantics extensions is presented

A Verified Information-Flow Architecture

SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and flexible propagation and combination of tags as instructions are executed. The operating system virtualizes these generic facilities to present an information-flow abstract machine that allows user programs to label sensitive data with rich confidentiality policies. We present a formal, machine-checked model of the key hardware and software mechanisms used to dynamically control information flow in SAFE and an end-to-end proof of noninterference for this model. We use a refinement proof methodology to propagate the noninterference property of the abstract machine down to the concrete machine level. We use an intermediate layer in the refinement chain that factors out the details of the information-flow control policy and devise a code generator for compiling such information-flow policies into low-level monitor code. Finally, we verify the correctness of this generator using a dedicated Hoare logic that abstracts from low-level machine instructions into a reusable set of verified structured code generators

Formal Design of Asynchronous Fault Detection and Identification Components using Temporal Epistemic Logic

Autonomous critical systems, such as satellites and space rovers, must be able to detect the occurrence of faults in order to ensure correct operation. This task is carried out by Fault Detection and Identification (FDI) components, that are embedded in those systems and are in charge of detecting faults in an automated and timely manner by reading data from sensors and triggering predefined alarms. The design of effective FDI components is an extremely hard problem, also due to the lack of a complete theoretical foundation, and of precise specification and validation techniques. In this paper, we present the first formal approach to the design of FDI components for discrete event systems, both in a synchronous and asynchronous setting. We propose a logical language for the specification of FDI requirements that accounts for a wide class of practical cases, and includes novel aspects such as maximality and trace-diagnosability. The language is equipped with a clear semantics based on temporal epistemic logic, and is proved to enjoy suitable properties. We discuss how to validate the requirements and how to verify that a given FDI component satisfies them. We propose an algorithm for the synthesis of correct-by-construction FDI components, and report on the applicability of the design approach on an industrial case-study coming from aerospace.Comment: 33 pages, 20 figure

Behavioural and abstractor specifications

AbstractIn the literature, one can distinguish two main approaches to the definition of observational semantics of algebraic specifications. On one hand, observational semantics is defined using a notion of observational satisfaction for the axioms of the specifications and, on the other hand, one can define observational semantics by abstraction with respect to an observational equivalence relation between algebras. In this paper, we present an analysis and a comparative study of the different approaches in a more general framework which subsumes the observational case. The distinction between the different observational concepts is reflected by our notions of behavioural specification and abstractor specification. We provide necessary and sufficient conditions for the semantical equivalence of both kinds of specifications and we show that behavioural specifications can be characterized by an abstractor construction and, vice versa, abstractor specifications can be characterized in terms of behavioural specifications. Hence, there exists a duality between both concepts which allows to express each one by the other. We also study the relationships to fully abstract algebras which can be used for a further characterization of behavioural semantics. Finally, we provide proof-theoretic results which show that behavioural theories of specifications can be reduced to standard theories of some classes of algebras

Novel information and data exchange within power systems using enhanced blockchain technologies

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonCurrent energy systems are primarily designed for centralized power generation and supplying bulk electricity to users with stable and predictable usage patterns. However, with the increasing penetration of renewable energy sources (RES), future energy systems will require greater flexibility and wider distribution of both demand and supply. Integrating RES on a large scale poses challenges to the hosting capacity of distribution systems. To address these challenges, the digitalization of energy systems through novel Information and Communication Technologies (ICT) infrastructure is essential. The shift from centralized to highly distributed systems necessitates increased coordination and communication efforts. This is because a distributed system is composed of multiple independent entities that need to communicate and collaborate effectively to accomplish a shared objective. Coordination and communication are necessary to ensure that the system is operating efficiently and effectively. Traditional centralized cloud-based data exchange schemes depend on a single trusted third party, this may lead to single-point failure and lack of data privacy and access control. To overcome these issues, a novel approach is proposed for exchanging data within power systems using blockchain technology. This approach enables users to securely exchange data while maintaining ownership. The experiments conducted demonstrate that the proposed approach can handle more users and enables information and data exchange within power systems. Secondly, this thesis proposes an Artificial Neural Network (ANN) based prediction model to optimize the performance of the blockchain-enabled data exchange approach. A use case for exchanging data within the power system is implemented on the proposed platform using various performance metrics. The results of the proposed approach are compared to two other schemes: the baseline scheme and an optimized scheme. The evaluation results indicate that the proposed approach can enhance network performance when compared to the baseline and optimized schemes. In summary, the proposed novel approach to ICT infrastructure for successfully exchanging information and data within power systems entities. The performance of the novel approach is evaluated based on the ability to handle multiple users, scalability, reliability, and security

Layering Assume-Guarantee Contracts for Hierarchical System Design

Specifications for complex engineering systems are typically decomposed into specifications for individual subsystems in a manner that ensures they are implementable and simpler to develop further. We describe a method to algorithmically construct component specifications that implement a given specification when assembled. By eliminating variables that are irrelevant to realizability of each component, we simplify the specifications and reduce the amount of information necessary for operation. We parametrize the information flow between components by introducing parameters that select whether each variable is visible to a component. The decomposition algorithm identifies which variables can be hidden while preserving realizability and ensuring correct composition, and these are eliminated from component specifications by quantification and conversion of binary decision diagrams to formulas. The resulting specifications describe component viewpoints with full information with respect to the remaining variables, which is essential for tractable algorithmic synthesis of implementations. The specifications are written in TLA + , with liveness properties restricted to an implication of conjoined recurrence properties, known as GR(1). We define an operator for forming open systems from closed systems, based on a variant of the “while-plus” operator. This operator simplifies the writing of specifications that are realizable without being vacuous. To convert the generated specifications from binary decision diagrams to readable formulas over integer variables, we symbolically solve a minimal covering problem. We show with examples how the method can be applied to obtain contracts that formalize the hierarchical structure of system design

Controller synthesis for parameterized discrete event systems

Les systèmes à événements discrets sont des systèmes dynamiques particuliers. Ils changent d’état de fa¸con discrète et le terme événement est utilisé afin de représenter l’occurrence de changements discontinus. Ces systèmes sont principalement construits par l’homme et on les retrouve surtout dans les secteurs manufacturier, de la circu- lation automobile, des bases de données et des protocoles de communication. Cette thèse s’intéresse au contrôle des systèmes paramétrés à événements discrets où les spécifications sont exprimées à l’aide de prédicats et satisfont une condition de similarité. Des conditions sont données afin de déduire des propriétés, en observation partielle ou totale, pour un système composé de n processus similaires à partir d’un système com- posé de n0 processus, avec n ≥ n0. De plus, il est montré comment inférer des politiques de contrôle en présence de relations d’interconnexion entre les processus. Cette étude est principalement motivée par la faiblesse des méthodes actuelles de synthèse pour le traitement des problèmes industriels de taille réelle.Discrete event systems are a special type of dynamic systems. The state of these systems changes only at discrete instants of time and the term event is used to represent the occurrence of discontinuous changes. These systems are mostly man-made and arise in the domains of manufacturing systems, traffic systems, database management systems and communication protocols. This thesis investigates the control of parameterized discrete event systems when specifications are given in terms of predicates and satisfy a similarity assumption. For systems consisting of similar processes under total or partial observation, conditions are given to deduce properties of a system of n processes from properties of a system of n0 processes, with n ≥ n0. Furthermore, it is shown how to infer a control policy for the former from the latter’s, while taking into account interconnections between processes. This study is motivated by a weakness in current synthesis methods that do not scale well to huge systems