9 research outputs found
Call-by-name Gradual Type Theory
We present gradual type theory, a logic and type theory for call-by-name
gradual typing. We define the central constructions of gradual typing (the
dynamic type, type casts and type error) in a novel way, by universal
properties relative to new judgments for gradual type and term dynamism, which
were developed in blame calculi and to state the "gradual guarantee" theorem of
gradual typing. Combined with the ordinary extensionality () principles
that type theory provides, we show that most of the standard operational
behavior of casts is uniquely determined by the gradual guarantee. This
provides a semantic justification for the definitions of casts, and shows that
non-standard definitions of casts must violate these principles. Our type
theory is the internal language of a certain class of preorder categories
called equipments. We give a general construction of an equipment interpreting
gradual type theory from a 2-category representing non-gradual types and
programs, which is a semantic analogue of Findler and Felleisen's definitions
of contracts, and use it to build some concrete domain-theoretic models of
gradual typing
Consistency types for replicated data in a higher-order distributed programming language
Distributed systems address the increasing demand for fast access to
resources and fault tolerance for data. However, due to scalability
requirements, software developers need to trade consistency for performance.
For certain data, consistency guarantees may be weakened if application
correctness is unaffected. In contrast, data flow from data with weak
consistency to data with strong consistency requirements is problematic, since
application correctness may be broken. In this paper, we propose lattice-based
consistency types for replicated data (CTRD), a higher-order static
consistency-typed language with replicated data types. The type system of CTRD
supports shared data among multiple clients, and statically enforces
noninterference between data types with weaker consistency and data types with
stronger consistency. The language can be applied to many distributed
applications and guarantees that updates of weakly-consistent data can never
affect strongly-consistent data. We also extend the basic CTRD with an
optimization that reduces synchronization for generating reference graphs
Gradual session types
Session types are a rich type discipline, based on linear types, that lifts
the sort of safety claims that come with type systems to communications.
However, web-based applications and microservices are often written in a mix of
languages, with type disciplines in a spectrum between static and dynamic
typing. Gradual session types address this mixed setting by providing a
framework which grants seamless transition between statically typed handling of
sessions and any required degree of dynamic typing.
We propose Gradual GV as a gradually typed extension of the functional
session type system GV. Following a standard framework of gradual typing,
Gradual GV consists of an external language, which relaxes the type system of
GV using dynamic types, and an internal language with casts, for which
operational semantics is given, and a cast-insertion translation from the
former to the latter. We demonstrate type and communication safety as well as
blame safety, thus extending previous results to functional languages with
session-based communication. The interplay of linearity and dynamic types
requires a novel approach to specifying the dynamics of the language.Comment: Preprint of an article to appear in Journal of Functional Programmin
Approximate Normalization for Gradual Dependent Types
Dependent types help programmers write highly reliable code. However, this
reliability comes at a cost: it can be challenging to write new prototypes in
(or migrate old code to) dependently-typed programming languages. Gradual
typing makes static type disciplines more flexible, so an appropriate notion of
gradual dependent types could fruitfully lower this cost. However, dependent
types raise unique challenges for gradual typing. Dependent typechecking
involves the execution of program code, but gradually-typed code can signal
runtime type errors or diverge. These runtime errors threaten the soundness
guarantees that make dependent types so attractive, while divergence spoils the
type-driven programming experience.
This paper presents GDTL, a gradual dependently-typed language that
emphasizes pragmatic dependently-typed programming. GDTL fully embeds both an
untyped and dependently-typed language, and allows for smooth transitions
between the two. In addition to gradual types we introduce gradual terms ,
which allow the user to be imprecise in type indices and to omit proof terms;
runtime checks ensure type safety . To account for nontermination and failure,
we distinguish between compile-time normalization and run-time execution:
compile-time normalization is approximate but total, while runtime execution is
exact , but may fail or diverge. We prove that GDTL has decidable typechecking
and satisfies all the expected properties of gradual languages. In particular,
GDTL satisfies the static and dynamic gradual guarantees: reducing type
precision preserves typedness, and altering type precision does not change
program behavior outside of dynamic type failures. To prove these properties,
we were led to establish a novel normalization gradual guarantee that captures
the monotonicity of approximate normalization with respect to imprecision
Verifying Information Flow Control Libraries
Information Flow Control (IFC) is a principled approach to protecting the confidentiality and integrity of data in software systems. Intuitively, IFC sys- tems associate data with security labels that track and restrict flows of information throughout a program in order to enforce security. Most IFC techniques require developers to use specific programming languages and tools that require substantial efforts to develop or to adopt. To avoid redundant work and lower the threshold for adopting secure languages, IFC has been embedded in general-purpose languages through software libraries that promote security-by-construction with their API.This thesis makes several contributions to state-of-the-art static (MAC) and dynamic IFC libraries (LIO) in three areas: expressive power, theoretical IFC foundations and protection against covert channels. Firstly, the thesis gives a functor algebraic structure to sensitive data, in a way that it can be processed through classic functional programming patterns that do not incur in security checks. Then, it establishes the formal security guarantees of MAC, using the standard proof technique of term erasure, enriched with two-steps erasure, a novel idea that simplifies reasoning about advanced programming features, such as exceptions, mutable references and concurrency. Secondly, the thesis demonstrates that the lightweight, but coarse-grained, enforcement of dynamic IFC libraries (e.g., LIO) can be as precise and permissive as the fine-grained, but heavyweight, approach of fully-fledged IFC languages. Lastly, the thesis contributes to the design of secure runtime systems that protect IFC libraries, and IFC languages as well, against internal- and external-timing covert channels that leak information through certain runtime system resources and features, such as lazy evaluation and parallelism.The results of this thesis are supported with extensive machine-checked proof scripts, consisting of 12,000 lines of code developed in the Agda proof assistant