Software meta-language engineering and CBS

The SLE conference series is devoted to the engineering principles of software languages: their design, their implementation, and their evolution. This paper is about the role of language specification in SLE. A precise specification of a software language needs to be written in a formal meta-language, and it needs to co-evolve with the specified language. Moreover, different software languages often have features in common, which should provide opportunities for reuse of parts of language specifications. Support for co-evolution and reuse in a meta-language requires careful engineering of its design.The author has been involved in the development of several meta-languages for semantic specification, including action semantics and modular variants of structural operational semantics (MSOS, I-MSOS). This led to the PLanCompS project, and to the design of its meta-language, CBS, for component-based semantics. CBS comes together with an extensible library of reusable components called ‘funcons’, corresponding to fundamental programming constructs. The main aim of CBS is to optimise co-evolution and reuse of specifications during language development, and to make specification of language semantics almost as straightforward as context-free syntax specification.The paper discusses the engineering of a selection of previous meta-languages, assessing how well they support co-evolution and reuse. It then gives an introduction to CBS, and illustrates significant features. It also considers whether other current meta-languages might also be used to define an extensible library of funcons for use in component-based semantics

The Theory of Interacting Deductions and its Application to Operational Semantics

This thesis concerns the problem of complexity in operational semantics definitions. The appeal of modern operational semantics is the simplicity of their metatheories, which can be regarded as theories of deduction about certain shapes of operational judgments. However, when applied to real programming languages they produce bulky definitions that are cumbersome to reason about. The theory of interacting deductions is a richer metatheory which simplifies operational judgments and admits new proof techniques. An interacting deduction is a pair (F, I), where F is a forest of inference trees and I is a set of interaction links (a symmetric set of pairs of formula occurrences of F), which has been built from interacting inference rules (sequences of standard inference rules, or rule atoms). This setting allows one to decompose operational judgments. For instance, for a simple imperative language, one rule atom might concern a program transition, and another a store transition. Program judgments only interact with store judgments when necessary: so stores do not have to be propagated by every inference rule. A deduction in such a semantics would have two inference trees: one for programs and one for stores. This introduces a natural notion of modularity in proofs about semantics. The proof fragmentation theorem shows that one need only consider the rule atoms relevant to the property being proved. To illustrate, I give the semantics for a simple process calculus, compare it with standard semantics and prove three simple properties: nondivergence, store correctness and an equivalence between the two semantics. Typically evaluation semantics provide simpler definitions and proofs than transition semantics. However, it turns out that evaluation semantics cannot be easily expressed using interacting deductions: they require a notion of sequentiality. The sequential deductions contain this extra structure. I compare the utility of evaluation and transition semantics in the interacting case by proving a simple translation correctness example. This proof in turn depends on proof-theoretic concerns which can be abstracted using dangling interactions. This gives rise to the techniques of breaking and assembling interaction links. Again I get the proof fragmentation theorem, and also the proof assembly theorem, which allow respectively both the isolation and composition of modules in proofs about semantics. For illustration, I prove a simple type-checking result (in evaluation semantics) and another nondivergence result (in transition semantics). I apply these results to a bigger language, CSP, to show how the results scale up. Introducing a special scoping side-condition permits a number of linguistic extensions including nested parallelism, mutual exclusion, dynamic process creation and recursive procedures. Then, as an experiment I apply the theory of interacting deductions to present and prove sound a compositional proof system for the partial correctness of CSP programs. Finally, I show that a deduction corresponds to CCS-like process evaluation, justifying philosophically my use of the theory to give operational semantics. A simple corollary is the undecidability of interacting-deducibility. Practically, the result also indicates how one can build prototype interpreters for definitions

First International Conference on Ada (R) Programming Language Applications for the NASA Space Station, volume 1

Topics discussed include: test and verification; environment issues; distributed Ada issues; life cycle issues; Ada in Europe; management/training issues; common Ada interface set; and run time issues

Expressing mobility in process algebras: first-order and higher-order paradigms

We study mobile systems, i.e. systems with a dynamically changing communication topology, from a process algebras point of view. Mobility can be introduced in process algebras by allowing names or terms to be transmitted. We distinguish these two approaches as first-order and higher-order. The major target of the thesis is the comparison between them. The prototypical calculus in the first-order paradigm is the π-calculus. By generalising its sort discipline we derive an w-order extension called Higher-Order π-calculus (HOπ). We show that such an extension does not add expressiveness to the π-calculus: Higher-order processes can be faithfully compiled down to first-order, and respecting the behavioural equivalence we adopted in the calculi. Such an equivalence is based on the notion of bisimulation, a fundamental concept of process algebras. Unfortunately, the standard definition of bisimulation is unsatisfactory in a higher-order calculus because it is over-discriminating. To overcome the problem, we propose barbed bisimulation. Its advantage is that it can be defined uniformly in different calculi because it only requires that the calculus possesses an interaction or reduction relation. As a test for barbed bisimulation, we show that in CCS and π-calculus, it allows us to recover the familiar bisimulation-based equivalences. We also give simpler characterisations of the equivalences utilised in HOπ. For this we exploit a special kind of agents called triggers, with which it is possible to reason fairly efficiently in a higher-order calculus notwithstanding the complexity of its transitions. Finally, we use the compilation from HOπ to π-calculus to investigate Milner'

Reasoning about systems with evolving structure

This thesis is concerned with the specification and verification of mobile systems, i.e. systems with dynamically-evolving communication topologies. The expressiveness and applicability of the πυ-calculus, an extension of the π-calculus with first-order data, is investigated for describing and reasoning about mobile systems. The theory of confluence and determinacy in the πυ-calculus is studied, with emphasis on results and techniques which facilitate process verification. The utility of the calculus for giving descriptions which are precise, natural and amenable to rigorous analysis is illustrated in three applications. First, the behaviour of a distributed protocol is analysed. The use of a mobile calculus makes it possible to capture important intuitions concerning the behaviour of the algorithm; the theory of confluence plays a central role in its correctness proof. Secondly, an analysis of concurrent operations on a dynamic search structure, the B-tree, is carried out. This exploits results obtained concerning a notion of partial confluence by whose use classes of systems in which interaction between components is of a certain disciplined kind may be analysed. Finally, the πυ-calculus is used to give a semantic definition for a concurrent-object programming language and it is shown how this definition can be used as a basis for reasoning about systems prescribed by programs. Syntactic conditions on programs are isolated and shown to guarantee determinacy. Transformation rules which increase the scope for concurrent activity within programs without changing their observable behaviour are given and their soundness proved