Proving soundness of combinatorial Vickrey auctions and generating verified executable code

Using mechanised reasoning we prove that combinatorial Vickrey auctions are soundly specified in that they associate a unique outcome (allocation and transfers) to any valid input (bids). Having done so, we auto-generate verified executable code from the formally defined auction. This removes a source of error in implementing the auction design. We intend to use formal methods to verify new auction designs. Here, our contribution is to introduce and demonstrate the use of formal methods for auction verification in the familiar setting of a well-known auction

An Introduction to Mechanized Reasoning

Mechanized reasoning uses computers to verify proofs and to help discover new theorems. Computer scientists have applied mechanized reasoning to economic problems but -- to date -- this work has not yet been properly presented in economics journals. We introduce mechanized reasoning to economists in three ways. First, we introduce mechanized reasoning in general, describing both the techniques and their successful applications. Second, we explain how mechanized reasoning has been applied to economic problems, concentrating on the two domains that have attracted the most attention: social choice theory and auction theory. Finally, we present a detailed example of mechanized reasoning in practice by means of a proof of Vickrey's familiar theorem on second-price auctions

Procurement of Goods and Services – Scope and Government

In modern economies firms are part of an extensive network of division of labor embedded in markets. Rather than producing everything “in house, ” the modern firm buys most inputs from the best available source outside. Similarly, firms ’ outputs are continuously specialized and redefined to make them fit into the larger scheme o

06472 Abstracts Collection - XQuery Implementation Paradigms

From 19.11.2006 to 22.11.2006, the Dagstuhl Seminar 06472 ``XQuery Implementation Paradigms'' was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Intelligent Agents - a Tool for Modeling Intermediation and Negotiation Processes

Many contemporary problems as encountered in society and economy require advanced capabilities for evaluation of situations and alternatives and decision making, most of the time requiring intervention of human agents, experts in negotiation and intermediation. Moreover, many problems require the application of standard procedures and activities to carry out typical socio-economic processes (for example by employing standard auctions for procurement or supply of goods or convenient intermediation to access resources and information). This paper focuses on enhancing knowledge about intermediation and negotiation processes in order to improve quality of services and optimize performances of business agents, using new computational methods that combine formal methods with intelligent agents paradigm. Taking into account their modularity and extensibility, agent systems allow facile, standardized and seamless integration of negotiation protocols and strategies by employing declarative and formal representations specific to computer science.Business processes, Intelligent Agents, Intermediation and Negotiation, Formal Models.

Session Communication and Integration

The scenario-based specification of a large distributed system is usually naturally decomposed into various modules. The integration of specification modules contrasts to the parallel composition of program components, and includes various ways such as scenario concatenation, choice, and nesting. The recent development of multiparty session types for process calculi provides useful techniques to accommodate the protocol modularisation, by encoding fragments of communication protocols in the usage of private channels for a class of agents. In this paper, we extend forgoing session type theories by enhancing the session integration mechanism. More specifically, we propose a novel synchronous multiparty session type theory, in which sessions are separated into the communicating and integrating levels. Communicating sessions record the message-based communications between multiple agents, whilst integrating sessions describe the integration of communicating ones. A two-level session type system is developed for pi-calculus with syntactic primitives for session establishment, and several key properties of the type system are studied. Applying the theory to system description, we show that a channel safety property and a session conformance property can be analysed. Also, to improve the utility of the theory, a process slicing method is used to help identify the violated sessions in the type checking.Comment: A short version of this paper is submitted for revie

Computer-aided verification in mechanism design

In mechanism design, the gold standard solution concepts are dominant strategy incentive compatibility and Bayesian incentive compatibility. These solution concepts relieve the (possibly unsophisticated) bidders from the need to engage in complicated strategizing. While incentive properties are simple to state, their proofs are specific to the mechanism and can be quite complex. This raises two concerns. From a practical perspective, checking a complex proof can be a tedious process, often requiring experts knowledgeable in mechanism design. Furthermore, from a modeling perspective, if unsophisticated agents are unconvinced of incentive properties, they may strategize in unpredictable ways. To address both concerns, we explore techniques from computer-aided verification to construct formal proofs of incentive properties. Because formal proofs can be automatically checked, agents do not need to manually check the properties, or even understand the proof. To demonstrate, we present the verification of a sophisticated mechanism: the generic reduction from Bayesian incentive compatible mechanism design to algorithm design given by Hartline, Kleinberg, and Malekian. This mechanism presents new challenges for formal verification, including essential use of randomness from both the execution of the mechanism and from the prior type distributions. As an immediate consequence, our work also formalizes Bayesian incentive compatibility for the entire family of mechanisms derived via this reduction. Finally, as an intermediate step in our formalization, we provide the first formal verification of incentive compatibility for the celebrated Vickrey-Clarke-Groves mechanism

Static Verification of Cloud Applications with Why3

Nowadays large-scale distributed applications rely on replication in order to improve their services. Having data replicated in multiple datacenters increases availability, but it might lead to concurrent updates that violate data integrity. A possible approach to solve this issue is to use strong consistency in the application because this way there is a total order of operations in every replica. However, that would make the application abdicate of its availability. An alternative would be to use weak consistency to make the application more available, but that could break data integrity. To resolve this issue many of these applications use a combination of weak and strong consistency models, such that synchronization is only introduced in the execution of operations that can break data integrity. To build applications that use multiple consistency models, developers have the difficult task of finding the right balance between two conflicting goals: minimizing synchronization while preserving data integrity. To achieve this balance developers have to reason about the concurrent effects of each operation, which is a non-trivial task when it comes to large and complex applications. In this document we propose an approach consisting of a static analysis tool that helps developers find a balance between strong and weak consistency in applications that operate over weakly consistent databases. The verification process is based on a recently defined proof rule that was proven to be sound. The proposed tool uses Why3 as an intermediate framework that communicates with external provers, to analyse the correctness of the application specification. Our contributions also include a predicate transformer and a library of verified data types that can be used to resolve commutativity issues in applications. The predicate transformer can be used to lighten the specification effort