158,676 research outputs found
Using ACL2 to Verify Loop Pipelining in Behavioral Synthesis
Behavioral synthesis involves compiling an Electronic System-Level (ESL)
design into its Register-Transfer Level (RTL) implementation. Loop pipelining
is one of the most critical and complex transformations employed in behavioral
synthesis. Certifying the loop pipelining algorithm is challenging because
there is a huge semantic gap between the input sequential design and the output
pipelined implementation making it infeasible to verify their equivalence with
automated sequential equivalence checking techniques. We discuss our ongoing
effort using ACL2 to certify loop pipelining transformation. The completion of
the proof is work in progress. However, some of the insights developed so far
may already be of value to the ACL2 community. In particular, we discuss the
key invariant we formalized, which is very different from that used in most
pipeline proofs. We discuss the needs for this invariant, its formalization in
ACL2, and our envisioned proof using the invariant. We also discuss some
trade-offs, challenges, and insights developed in course of the project.Comment: In Proceedings ACL2 2014, arXiv:1406.123
Robust Computer Algebra, Theorem Proving, and Oracle AI
In the context of superintelligent AI systems, the term "oracle" has two
meanings. One refers to modular systems queried for domain-specific tasks.
Another usage, referring to a class of systems which may be useful for
addressing the value alignment and AI control problems, is a superintelligent
AI system that only answers questions. The aim of this manuscript is to survey
contemporary research problems related to oracles which align with long-term
research goals of AI safety. We examine existing question answering systems and
argue that their high degree of architectural heterogeneity makes them poor
candidates for rigorous analysis as oracles. On the other hand, we identify
computer algebra systems (CASs) as being primitive examples of domain-specific
oracles for mathematics and argue that efforts to integrate computer algebra
systems with theorem provers, systems which have largely been developed
independent of one another, provide a concrete set of problems related to the
notion of provable safety that has emerged in the AI safety community. We
review approaches to interfacing CASs with theorem provers, describe
well-defined architectural deficiencies that have been identified with CASs,
and suggest possible lines of research and practical software projects for
scientists interested in AI safety.Comment: 15 pages, 3 figure
Type Classes for Lightweight Substructural Types
Linear and substructural types are powerful tools, but adding them to
standard functional programming languages often means introducing extra
annotations and typing machinery. We propose a lightweight substructural type
system design that recasts the structural rules of weakening and contraction as
type classes; we demonstrate this design in a prototype language, Clamp.
Clamp supports polymorphic substructural types as well as an expressive
system of mutable references. At the same time, it adds little additional
overhead to a standard Damas-Hindley-Milner type system enriched with type
classes. We have established type safety for the core model and implemented a
type checker with type inference in Haskell.Comment: In Proceedings LINEARITY 2014, arXiv:1502.0441
A Hybrid Analysis for Security Protocols with State
Cryptographic protocols rely on message-passing to coordinate activity among
principals. Each principal maintains local state in individual local sessions
only as needed to complete that session. However, in some protocols a principal
also uses state to coordinate its different local sessions. Sometimes the
non-local, mutable state is used as a means, for example with smart cards or
Trusted Platform Modules. Sometimes it is the purpose of running the protocol,
for example in commercial transactions.
Many richly developed tools and techniques, based on well-understood
foundations, are available for design and analysis of pure message-passing
protocols. But the presence of cross-session state poses difficulties for these
techniques.
In this paper we provide a framework for modeling stateful protocols. We
define a hybrid analysis method. It leverages theorem-proving---in this
instance, the PVS prover---for reasoning about computations over state. It
combines that with an "enrich-by-need" approach---embodied by CPSA---that
focuses on the message-passing part. As a case study we give a full analysis of
the Envelope Protocol, due to Mark Ryan
Edit and verify
Automated theorem provers are used in extended static checking, where they
are the performance bottleneck. Extended static checkers are run typically
after incremental changes to the code. We propose to exploit this usage pattern
to improve performance. We present two approaches of how to do so and a full
solution
The Vampire and the FOOL
This paper presents new features recently implemented in the theorem prover
Vampire, namely support for first-order logic with a first class boolean sort
(FOOL) and polymorphic arrays. In addition to having a first class boolean
sort, FOOL also contains if-then-else and let-in expressions. We argue that
presented extensions facilitate reasoning-based program analysis, both by
increasing the expressivity of first-order reasoners and by gains in
efficiency
I2PA : An Efficient ABC for IoT
Internet of Things (IoT) is very attractive because of its promises. However,
it brings many challenges, mainly issues about privacy preserving and
lightweight cryptography. Many schemes have been designed so far but none of
them simultaneously takes into account these aspects. In this paper, we propose
an efficient ABC scheme for IoT devices. We use ECC without pairing, blind
signing and zero knowledge proof. Our scheme supports block signing, selective
disclosure and randomization. It provides data minimization and transactions'
unlinkability. Our construction is efficient since smaller key size can be used
and computing time can be reduced. As a result, it is a suitable solution for
IoT devices characterized by three major constraints namely low energy power,
small storage capacity and low computing power
- …