Bounded Refinement Types

We present a notion of bounded quantification for refinement types and show how it expands the expressiveness of refinement typing by using it to develop typed combinators for: (1) relational algebra and safe database access, (2) Floyd-Hoare logic within a state transformer monad equipped with combinators for branching and looping, and (3) using the above to implement a refined IO monad that tracks capabilities and resource usage. This leap in expressiveness comes via a translation to "ghost" functions, which lets us retain the automated and decidable SMT based checking and inference that makes refinement typing effective in practice.Comment: 14 pages, International Conference on Functional Programming, ICFP 201

Declarative Policies for Capability Control

In capability-safe languages, components can access a resource only if they possess a capability for that resource. As a result, a programmer can prevent an untrusted component from accessing a sensitive resource by ensuring that the component never acquires the corresponding capability. In order to reason about which components may use a sensitive resource it is necessary to reason about how capabilities propagate through a system. This may be difficult, or, in the case of dynamically composed code, impossible to do before running the system. To counter this situation, we propose extensions to capability-safe languages that restrict the use of capabilities according to declarative policies. We introduce two independently useful semantic security policies to regulate capabilities and describe language-based mechanisms that enforce them. Access control policies restrict which components may use a capability and are enforced using higher-order contracts. Integrity policies restrict which components may influence (directly or indirectly) the use of a capability and are enforced using an information-flow type system. Finally, we describe how programmers can dynamically and soundly combine components that enforce access control or integrity policies with components that enforce different policies or even no policy at all.Engineering and Applied Science

Session Types in Concurrent Calculi: Higher-Order Processes and Objects

This dissertation investigates different formalisms, in the form of programming language calculi, that are aimed at providing a theoretical foundation for structured concurrent programming based on session types. The structure of a session type is essentially a process-algebraic style description of the behaviour of a single program identifier serving as a communication medium (and usually referred to as a channel): the types incorporate typed inputs, outputs, and choices which can be composed to form larger protocol descriptions. The effectiveness of session typing can be attributed to the linear treatment of channels and session types, and to the use of tractable methods such as syntactic duality to decide if the types of two connected channels are compatible. Linearity is ensured when accumulating the uses of a channel into a composite type that describes also the order of those actions. Duality provides a tractable and intuitive method for deciding when two connected channels can interact and exchange values in a statically determined type-safe way. We present our contributions to the theory of sessions, distilled into two families of programming calculi, the first based on higher-order processes and the second based on objects. Our work unifies, improves and extends, in manifold ways, the session primitives and typing systems for the Lambda-calculus, the Pi-calculus, the Object-calculus, and their combinations in multi-paradigm languages. Of particular interest are: the treatment of infinite interactions expressed with recursive sessions; the capacity to encapsulate channels in higher-order structures which can be exchanged and kept suspended, i.e., the use of code as data; the integration of protocol structure directly into the description of objects, providing a powerful and uniformly extensible set of implementation abstractions; finally, the introduction of asynchronous subtyping, which enables controlled reordering of actions on either side of a session. Our work on higher-order processes and on object calculi for session-based concurrent programming provides a theoretical foundation for programming language design integrating functional, process, and object-oriented features

An Implementation of the Language Lambda Prolog Organized around Higher-Order Pattern Unification

This thesis concerns the implementation of Lambda Prolog, a higher-order logic programming language that supports the lambda-tree syntax approach to representing and manipulating formal syntactic objects. Lambda Prolog achieves its functionality by extending a Prolog-like language by using typed lambda terms as data structures that it then manipulates via higher-order unification and some new program-level abstraction mechanisms. These additional features raise new implementation questions that must be adequately addressed for Lambda Prolog to be an effective programming tool. We consider these questions here, providing eventually a virtual machine and compilation based realization. A key idea is the orientation of the computation model of Lambda Prolog around a restricted version of higher-order unification with nice algorithmic properties and appearing to encompass most interesting applications. Our virtual machine embeds a treatment of this form of unification within the structure of the Warren Abstract Machine that is used in traditional Prolog implementations. Along the way, we treat various auxiliary issues such as the low-level representation of lambda terms, the implementation of reduction on such terms and the optimized processing of types in computation. We also develop an actual implementation of Lambda Prolog called Teyjus Version 2. A characteristic of this system is that it realizes an emulator for the virtual machine in the C language a compiler in the OCaml language. We present a treatment of the software issues that arise from this kind of mixing of languages within one system and we discuss issues relevant to the portability of our virtual machine emulator across arbitrary architectures. Finally, we assess the the efficacy of our various design ideas through experiments carried out using the system