Design and Optimisation of the FlyFast Front-end for Attribute-based Coordination

Collective Adaptive Systems (CAS) consist of a large number of interacting objects. The design of such systems requires scalable analysis tools and methods, which have necessarily to rely on some form of approximation of the system's actual behaviour. Promising techniques are those based on mean-field approximation. The FlyFast model-checker uses an on-the-fly algorithm for bounded PCTL model-checking of selected individual(s) in the context of very large populations whose global behaviour is approximated using deterministic limit mean-field techniques. Recently, a front-end for FlyFast has been proposed which provides a modelling language, PiFF in the sequel, for the Predicate-based Interaction for FlyFast. In this paper we present details of PiFF design and an approach to state-space reduction based on probabilistic bisimulation for inhomogeneous DTMCs.Comment: In Proceedings QAPL 2017, arXiv:1707.0366

Smooth Number Message Authentication Code in the IoT Landscape

This paper presents the Smooth Number Message Authentication Code (SNMAC) for the context of lightweight IoT devices. The proposal is based on the use of smooth numbers in the field of cryptography, and investigates how one can use them to improve the security and performance of various algorithms or security constructs. The literature findings suggest that current IoT solutions are viable and promising, yet they should explore the potential usage of smooth numbers. The methodology involves several processes, including the design, implementation, and results evaluation. After introducing the algorithm, provides a detailed account of the experimental performance analysis of the SNMAC solution, showcasing its efficiency in real-world scenarios. Furthermore, the paper also explores the security aspects of the proposed SNMAC algorithm, offering valuable insights into its robustness and applicability for ensuring secure communication within IoT environments

Smooth Number Message Authentication Code in the IoT Landscape

This paper presents the Smooth Number Message Authentication Code (SNMAC) for the context of lightweight IoT devices. The proposal is based on the use of smooth numbers in the field of cryptography, and investigates how one can use them to improve the security and performance of various algorithms or security constructs. The literature findings suggest that current IoT solutions are viable and promising, yet they should explore the potential usage of smooth numbers. The methodology involves several processes, including the design, implementation, and results evaluation. After introducing the algorithm, provides a detailed account of the experimental performance analysis of the SNMAC solution, showcasing its efficiency in real-world scenarios. Furthermore, the paper also explores the security aspects of the proposed SNMAC algorithm, offering valuable insights into its robustness and applicability for ensuring secure communication within IoT environments.Comment: 19 pages, 7 figure

Collective Adaptive Systems: Qualitative and Quantitative Modelling and Analysis (Dagstuhl Seminar 14512)

This report documents the program and the outcomes of Dagstuhl Seminar 14512 "Collective Adaptive Systems: Qualitative and Quantitative Modelling and Analysis". Besides presentations on current work in the area, the seminar focused on the following topics: (i) Modelling techniques and languages for collective adaptive systems based on the above formalisms. (ii) Verification of collective adaptive systems. (iii) Humans-in-the-loop in collective adaptive systems

Choral: Object-Oriented Choreographic Programming

We present Choral, the first choreographic programming language based on mainstream abstractions. The key idea in Choral is a new notion of data type, which allows for expressing that data is distributed over different roles. We use this idea to reconstruct the paradigm of choreographic programming through object-oriented abstractions. Choreographies are classes, and instances of choreographies are objects with states and behaviours implemented collaboratively by roles. Choral comes with a compiler that, given a choreography, generates an implementation for each of its roles. These implementations are libraries in pure Java, whose types are under the control of the Choral programmer. Developers can then modularly compose these libraries in their own programs, in order to participate correctly in choreographies. Choral is the first incarnation of choreographic programming offering such modularity, which finally connects more than a decade of research on the paradigm to practical software development. The integration of choreographic and object-oriented programming yields other powerful advantages, where the features of one paradigm benefit the other in ways that go beyond the sum of the parts. The high-level abstractions and static checks from the world of choreographies can be used to write concurrent and distributed object-oriented software more concisely and correctly. We obtain a much more expressive choreographic language from object-oriented abstractions than in previous work. For example, object passing makes Choral the first higher-order choreographic programming language, whereby choreographies can be parameterised over other choreographies without any need for central coordination. Together with subtyping and generics, this allows Choral to elegantly support user-defined communication mechanisms and middleware

Formal Analysis of Android's Permission-Based Security Model

In this work we present a comprehensive formal specification of an idealized formulation of Android?s permission model. Permissions in Android are basically tags that developers declare in their applications, more precisely in the so-called application manifest, to gain access to sensitive resources. Several analyses have recently been carried out concerning the security of the Android system. Few of them, however, pay attention to the formal aspects of the permission enforcing framework. We provide a complete and uniform formulation of several security properties using the higher order logic of the Calculus of Inductive Constructions and sketch the proofs that have been developed and verified using the Coq proof assistant. We also analyze how the changes introduced in the latest version of Android, that allows to manage permissions at runtime, impact the presented model

Actor programming with static guarantees

This thesis discusses two methodologies for applying type discipline to concurrent programming with actors: process types, and session types. A system based on each of the two is developed, and used as the basis for a comprehensive overview of process- and session- type merits and limitations. In particular, we analyze the trade-offs of the two approaches with regard to the expressiveness of the resulting calculi, versus the nature of the static guarantees offered. The first system discussed is based on the notion of a \emph{typestate}, that is, a view of an actor's internal state that can be statically tracked. The typestates used here capture what each actor handle \emph{may} be used for, as well as what it \emph{must} be used for. This is done by associating two kinds of tokens with each actor handle: tokens of the first kind are consumed when the actor receives a message, and thus dictate the types of messages that can be sent through the handle; tokens of the second kind dictate messaging obligations, and the type system ensures that related messages have been sent through the handle by the end of its lifetime. The next system developed here adapts session types to suit actor programming. Session types come from the world of process calculi, and are a means to statically check the messaging taking place over communication channels against a pre-defined protocol. Since actors do not use channels, one needs to consider pairs of actors as participants in multiple, concurrently executed---and thus interleaving---protocols. The result is a system with novel, parameterized type constructs to capture communication patterns that prior work cannot handle, such as the sliding window protocol. Although this system can statically verify the implementation of complicated messaging patterns, it requires deviations from industry-standard programming models---a problem that is true for all session type systems in the literature. This work argues that the typestate-based system, while not enforcing protocol fidelity as the session-inspired one does, is nevertheless more suitable for model actor calculi adopted by practical, already established frameworks such as Erlang and Akka

Distributing abstract machines

Today's distributed programs are often written using either explicit message passing or Remote Procedure Calls (RPCs) that are not natively integrated in the language. It is difficult to establish the correctness of programs written this way compared to programs written for a single computer. We propose a generalisation of RPCs that are natively integrated in a functional programming language meaning that they have support for higher-order calls across node boundaries. Our focus is on how such languages can be compiled correctly and efficiently. We present four different solutions. Two of them are based on interaction semantics --- the Geometry of Interaction and game semantics --- and two are extensions of conventional abstract machines --- the Krivine machine and the SECD machine. To target as general distributed systems as possible our solutions support RPCs without sending code. We prove the correctness of the abstract machines with respect to their single-node execution, and show their viability for use for compilation by implementing prototype compilers based on them. The conventionally based machines are shown to enable efficient programs. Our intention is that these abstract machines can form the foundation for future programming languages that use the idea of higher-order RPCs

Session-based concurrency: between operational and declarative views

Communication-based software is ubiquitous nowadays. From e-banking to e-shopping, online activities often involve message exchanges between software components. These interactions are often governed by protocols that explicitly describe the sequences of communication actions that should be executed by each component. Crucially, these protocols are not isolated from a program’s context: external conditions such as timing constraints or exceptional events that occur during execution can affect message exchanges. As an additional difficulty, individual components are typically developed in different programming languages. In this setting, certifying that a program conforms to its intended protocols is challenging. A widely studied program verification technique uses behavioral type systems, which exploit abstract representations of these protocols to check that the program executes communication actions as intended. Unfortunately, the abstractions offered by behavioral type systems may neglect the influence that external conditions have on the program. This thesis addresses this issue by considering programming languages with declarative features, in which the governing conditions of the program can be adequately described. Our work develops correct translations between programming languages to show that languages with declarative features can indeed articulate a unified view of communication-based programs. Specifically, these translations demonstrate that the operational features of communication-based programs can be correctly represented by languages with declarative features. An additional contribution is a hybrid language that combines the best of both worlds, enabling the analysis of operational and declarative features in communication-based programs