Theorems about Composition

Compositional designs require component specifications that can be composed: Designers have to be able to deduce system properties from components specifications. On the other hand, components specifications should be abstract enough to allow component reuse and to hide substantial parts of correctness proofs in components verifications. Part of the problem is that too abstract specifications do not contain enough information to be composed. Therefore, the right balance between abstraction and composability must be found. This paper explores the systematic construction of abstract specifications that can be composed through specific forms of composition called existential and universal

Phase Clocks for Transient Fault Repair

Phase clocks are synchronization tools that implement a form of logical time in distributed systems. For systems tolerating transient faults by self-repair of damaged data, phase clocks can enable reasoning about the progress of distributed repair procedures. This paper presents a phase clock algorithm suited to the model of transient memory faults in asynchronous systems with read/write registers. The algorithm is self-stabilizing and guarantees accuracy of phase clocks within O(k) time following an initial state that is k-faulty. Composition theorems show how the algorithm can be used for the timing of distributed procedures that repair system outputs.Comment: 22 pages, LaTe

Causal graph dynamics

We extend the theory of Cellular Automata to arbitrary, time-varying graphs. In other words we formalize, and prove theorems about, the intuitive idea of a labelled graph which evolves in time - but under the natural constraint that information can only ever be transmitted at a bounded speed, with respect to the distance given by the graph. The notion of translation-invariance is also generalized. The definition we provide for these "causal graph dynamics" is simple and axiomatic. The theorems we provide also show that it is robust. For instance, causal graph dynamics are stable under composition and under restriction to radius one. In the finite case some fundamental facts of Cellular Automata theory carry through: causal graph dynamics admit a characterization as continuous functions, and they are stable under inversion. The provided examples suggest a wide range of applications of this mathematical object, from complex systems science to theoretical physics. KEYWORDS: Dynamical networks, Boolean networks, Generative networks automata, Cayley cellular automata, Graph Automata, Graph rewriting automata, Parallel graph transformations, Amalgamated graph transformations, Time-varying graphs, Regge calculus, Local, No-signalling.Comment: 25 pages, 9 figures, LaTeX, v2: Minor presentation improvements, v3: Typos corrected, figure adde

Symmetries in hexagonal quasigroups

summary:Hexagonal quasigroup is idempotent, medial and semisymmetric quasigroup. In this article we define and study symmetries about a point, segment and ordered triple of points in hexagonal quasigroups. The main results are the theorems on composition of two and three symmetries

Markov modeling of moving target defense games

We introduce a Markov-model-based framework for Moving Target Defense (MTD) analysis. The framework allows modeling of broad range of MTD strategies, provides general theorems about how the probability of a successful adversary defeating an MTD strategy is related to the amount of time/cost spent by the adversary, and shows how a multi-level composition of MTD strategies can be analyzed by a straightforward combination of the analysis for each one of these strategies. Within the proposed framework we define the concept of security capacity which measures the strength or effectiveness of an MTD strategy: the security capacity depends on MTD specific parameters and more general system parameters. We apply our framework to two concrete MTD strategies

Conjunctive Predicate Transformers for Reasoning about Concurrent Computation

In this paper we propose a calculus for reasoning about concurrent programs inspired by the wp calculus for reasoning about sequential programs. We suggest predicate transformers for reasoning about progress properties and for deducing properties obtained by parallel composition. The paper presents theorems about the predicate transformers and suggests how they can be used in program design. Familiarity with the wp calculus is assumed

Not Every Co-existential Map is Confluent

A continuous surjection between compacta is co-existential if it is the second of two maps whose composition is a standard ultracopower projection. Co-existential maps are always weakly confluent, and are even monotone when the range space is locally connected; so it is a natural question to ask whether they are always confluent. Here we give a negative answer. This is an interesting question, mainly because of the fact that most theorems about confluent maps have parallel versions for co-existential maps---notably, both kinds of maps preserve hereditary indecomposability. Where the known parallels break down is in the question of chainability. It is a celebrated open problem whether confluent maps preserve chainability, or even being a pseudo-arc; however, as has recently been shown, co-existential maps do indeed preserve both these properties

Reasoning about goal-directed real-time teleo-reactive programs

The teleo-reactive programming model is a high-level approach to developing real-time systems that supports hierarchical composition and durative actions. The model is different from frameworks such as action systems, timed automata and TLA+, and allows programs to be more compact and descriptive of their intended behaviour. Teleo-reactive programs are particularly useful for implementing controllers for autonomous agents that must react robustly to their dynamically changing environments. In this paper, we develop a real-time logic that is based on Duration Calculus and use this logic to formalise the semantics of teleo-reactive programs. We develop rely/guarantee rules that facilitate reasoning about a program and its environment in a compositional manner. We present several theorems for simplifying proofs of teleo-reactive programs and present a partially mechanised method for proving progress properties of goal-directed agents. © 2013 British Computer Society