222 research outputs found
A Fully Abstract Symbolic Semantics for Psi-Calculi
We present a symbolic transition system and bisimulation equivalence for
psi-calculi, and show that it is fully abstract with respect to bisimulation
congruence in the non-symbolic semantics.
A psi-calculus is an extension of the pi-calculus with nominal data types for
data structures and for logical assertions representing facts about data. These
can be transmitted between processes and their names can be statically scoped
using the standard pi-calculus mechanism to allow for scope migrations.
Psi-calculi can be more general than other proposed extensions of the
pi-calculus such as the applied pi-calculus, the spi-calculus, the fusion
calculus, or the concurrent constraint pi-calculus.
Symbolic semantics are necessary for an efficient implementation of the
calculus in automated tools exploring state spaces, and the full abstraction
property means the semantics of a process does not change from the original
Refinement Calculus of Reactive Systems
Refinement calculus is a powerful and expressive tool for reasoning about
sequential programs in a compositional manner. In this paper we present an
extension of refinement calculus for reactive systems. Refinement calculus is
based on monotonic predicate transformers, which transform sets of post-states
into sets of pre-states. To model reactive systems, we introduce monotonic
property transformers, which transform sets of output traces into sets of input
traces. We show how to model in this semantics refinement, sequential
composition, demonic choice, and other semantic operations on reactive systems.
We use primarily higher order logic to express our results, but we also show
how property transformers can be defined using other formalisms more amenable
to automation, such as linear temporal logic (suitable for specifications) and
symbolic transition systems (suitable for implementations). Finally, we show
how this framework generalizes previous work on relational interfaces so as to
be able to express systems with infinite behaviors and liveness properties
Linearization of CIF Through SOS
Linearization is the procedure of rewriting a process term into a linear
form, which consist only of basic operators of the process language. This
procedure is interesting both from a theoretical and a practical point of view.
In particular, a linearization algorithm is needed for the Compositional
Interchange Format (CIF), an automaton based modeling language.
The problem of devising efficient linearization algorithms is not trivial,
and has been already addressed in literature. However, the linearization
algorithms obtained are the result of an inventive process, and the proof of
correctness comes as an afterthought. Furthermore, the semantic specification
of the language does not play an important role on the design of the algorithm.
In this work we present a method for obtaining an efficient linearization
algorithm, through a step-wise refinement of the SOS rules of CIF. As a result,
we show how the semantic specification of the language can guide the
implementation of such a procedure, yielding a simple proof of correctness.Comment: In Proceedings EXPRESS 2011, arXiv:1108.407
On the nature of symbolic execution
In this paper, we provide a formal definition of symbolic execution in terms of a symbolic transition system and prove its correctness with respect to an operational semantics which models the execution on concrete values. We first introduce such a formal model for a basic programming language with a statically fixed number of programming variables. This model is extended to a programming language with recursive procedures which are called by a call-by-value parameter mechanism. Finally, we show how to extend this latter model of symbolic execution to arrays and object-oriented languages which feature dynamically allocated variables
An adequate logic for full LOTOS
We present a novel result for a logic for symbolic transition systems based on LOTOS processes. The logic is adequate with respect to bisimulation defined on symbolic transition systems
Symbolic semantics and bisimulation for full LOTOS
No abstract avaliabl
Modularity for Security-Sensitive Workflows
An established trend in software engineering insists on using components
(sometimes also called services or packages) to encapsulate a set of related
functionalities or data. By defining interfaces specifying what functionalities
they provide or use, components can be combined with others to form more
complex components. In this way, IT systems can be designed by mostly re-using
existing components and developing new ones to provide new functionalities. In
this paper, we introduce a notion of component and a combination mechanism for
an important class of software artifacts, called security-sensitive workflows.
These are business processes in which execution constraints on the tasks are
complemented with authorization constraints (e.g., Separation of Duty) and
authorization policies (constraining which users can execute which tasks). We
show how well-known workflow execution patterns can be simulated by our
combination mechanism and how authorization constraints can also be imposed
across components. Then, we demonstrate the usefulness of our notion of
component by showing (i) the scalability of a technique for the synthesis of
run-time monitors for security-sensitive workflows and (ii) the design of a
plug-in for the re-use of workflows and related run-time monitors inside an
editor for security-sensitive workflows
Input Output Symbolic Transition Systems Enriched by Program Calls and Contracts: a detailed example of vending machine
An Input Output Symbolic Transition System (IOSTS) specifies all expected sequences of input and output messages of a reactive system. Symbolic execution over this IOSTS then allows to generate a set of test cases that can exercise the various possible behaviors of the system it represents. In this paper, we extend the IOSTS framework with explicit program calls, possibly equipped with contracts specifying what the program is supposed to do. This approach bridges the gap between a model-based approach in which user-defined programs are abstracted away and a code-based approach in which small pieces of code are separately considered regardless of the way they are combined. First, we extend symbolic execution techniques for IOSTS with programs, in order to re-use classical test case generation algorithms. Second, we explore how constraints coming from IOSTS symbolic execution can be used to infer contracts for programs used in the IOSTS
A Supervisory Control Algorithm Based on Property-Directed Reachability
We present an algorithm for synthesising a controller (supervisor) for a
discrete event system (DES) based on the property-directed reachability (PDR)
model checking algorithm. The discrete event systems framework is useful in
both software, automation and manufacturing, as problems from those domains can
be modelled as discrete supervisory control problems. As a formal framework,
DES is also similar to domains for which the field of formal methods for
computer science has developed techniques and tools. In this paper, we attempt
to marry the two by adapting PDR to the problem of controller synthesis. The
resulting algorithm takes as input a transition system with forbidden states
and uncontrollable transitions, and synthesises a safe and
minimally-restrictive controller, correct-by-design. We also present an
implementation along with experimental results, showing that the algorithm has
potential as a part of the solution to the greater effort of formal supervisory
controller synthesis and verification.Comment: 16 pages; presented at Haifa Verification Conference 2017, the final
publication is available at Springer via
https://doi.org/10.1007/978-3-319-70389-3_
- …