Capturing Hiproofs in HOL Light

Hierarchical proof trees (hiproofs for short) add structure to ordinary proof trees, by allowing portions of trees to be hierarchically nested. The additional structure can be used to abstract away from details, or to label particular portions to explain their purpose. In this paper we present two complementary methods for capturing hiproofs in HOL Light, along with a tool to produce web-based visualisations. The first method uses tactic recording, by modifying tactics to record their arguments and construct a hierarchical tree; this allows a tactic proof script to be modified. The second method uses proof recording, which extends the HOL Light kernel to record hierachical proof trees alongside theorems. This method is less invasive, but requires care to manage the size of the recorded objects. We have implemented both methods, resulting in two systems: Tactician and HipCam

A Framework for Datatype Transformation

We study one dimension in program evolution, namely the evolution of the datatype declarations in a program. To this end, a suite of basic transformation operators is designed. We cover structure-preserving refactorings, but also structure-extending and -reducing adaptations. Both the object programs that are subject to datatype transformations, and the meta programs that encode datatype transformations are functional programs.Comment: Minor revision; now accepted at LDTA 200

A Model Driven Approach for Refactoring Heterogeneous Software Artefacts

Refactoring is the process of transforming a software system to improve its overall structure while preserving its observable behaviour. Refactoring engines are normally used to perform these transformations for efficiency and in order to avoid introducing behavioural changes into the program due to human error. Although these engines do not verify that behaviour is preserved, it is widely accepted that automated transformations are less likely to introduce errors in comparison to manual refactoring. Despite the advantages provided by refactoring engines they fall foul of certain weaknesses. Here we hypothesise that Model Driven Engineering can be used to produce improved refactoring engines that are less vulnerable to those weaknesses. We develop a Domain Specific Transformation Language for defining new composite refactorings from a set of built–in primitives and to script their application. We also develop an interpreter for the language, effectively providing an operational semantics, in the guise of an extensible transformation framework. We evaluate our approach with a case study examining the correlation between actual and predicted measurements of the Coupling Between Objects metric for classes that undergo the extract class refactoring. The results show that our approach is promising

Pattern-based Rewriting through Abstraction

Fundamenta Informaticae, vol. 144, no. 2, pp. 109-160, 2016, Copyright 2016, with permission from IOS PressModel-based development relies on models in different phases for different purposes, with modelling patterns being used to document and gather knowledge about good practices in specific domains, to analyse the quality of existing designs, and to guide the construction and refactoring of models. Providing a formal basis for the use of patterns would also support their integration with existing approaches to model transformation. To this end, we turn to the commonly used, in this context, machinery of graph transformations and provide an algebraic-categorical formalization of modelling patterns, which can express variability and required/forbidden application contexts. This allows the definition of transformation rules having patterns in left and right-hand sides, which can be used to express refactorings towards patterns, change the use of one pattern by a different one, or switch between pattern variants. A key element in our proposal is the use of operations to abstract models into patterns, so that they can be manipulated by pattern rules, thus leading to a rewriting mechanism for classes of graphs described by patterns and not just individual graphs. The proposal is illustrated with examples in object-oriented software design patterns and enterprise architecture patterns, but can be applied to any other domain where patterns are used for modelling.This work has been partially supported by the Spanish Ministry of Economy and Competitivity with projects Go-Lite (TIN2011-24139) and Flexor (TIN2014-52129-R), the Madrid Region with project SICOMORO (S2013/ICE-3006), and the EU commission with project MONDO (FP7-ICT-2013-10, #611125)

ADsafety: Type-Based Verification of JavaScript Sandboxing

Web sites routinely incorporate JavaScript programs from several sources into a single page. These sources must be protected from one another, which requires robust sandboxing. The many entry-points of sandboxes and the subtleties of JavaScript demand robust verification of the actual sandbox source. We use a novel type system for JavaScript to encode and verify sandboxing properties. The resulting verifier is lightweight and efficient, and operates on actual source. We demonstrate the effectiveness of our technique by applying it to ADsafe, which revealed several bugs and other weaknesses.Comment: in Proceedings of the USENIX Security Symposium (2011