Safer in the Clouds (Extended Abstract)

We outline the design of a framework for modelling cloud computing systems.The approach is based on a declarative programming model which takes the form of a lambda-calculus enriched with suitable mechanisms to express and enforce application-level security policies governing usages of resources available in the clouds. We will focus on the server side of cloud systems, by adopting a pro-active approach, where explicit security policies regulate server's behaviour.Comment: In Proceedings ICE 2010, arXiv:1010.530

Honesty by typing

We propose a type system for a calculus of contracting processes. Processes may stipulate contracts, and then either behave honestly, by keeping the promises made, or not. Type safety guarantees that a typeable process is honest - that is, the process abides by the contract it has stipulated in all possible contexts, even those containing dishonest adversaries

A true concurrent model of smart contracts executions

The development of blockchain technologies has enabled the trustless execution of so-called smart contracts, i.e. programs that regulate the exchange of assets (e.g., cryptocurrency) between users. In a decentralized blockchain, the state of smart contracts is collaboratively maintained by a peer-to-peer network of mutually untrusted nodes, which collect from users a set of transactions (representing the required actions on contracts), and execute them in some order. Once this sequence of transactions is appended to the blockchain, the other nodes validate it, re-executing the transactions in the same order. The serial execution of transactions does not take advantage of the multi-core architecture of modern processors, so contributing to limit the throughput. In this paper we propose a true concurrent model of smart contract execution. Based on this, we show how static analysis of smart contracts can be exploited to parallelize the execution of transactions.Comment: Full version of the paper presented at COORDINATION 202

Tools and verification

This chapter presents different tools that have been developed inside the Sensoria project. Sensoria studied qualitative analysis techniques for verifying properties of service implementations with respect to their formal specifications. The tools presented in this chapter have been developed to carry out the analysis in an automated, or semi-automated, way. We present four different tools, all developed during the Sensoria project, exploiting new techniques and calculi from the Sensoria project itself

Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach

The adoption of blockchain-based distributed computation platforms is growing fast. Some of these platforms, such as Ethereum, provide support for implementing smart contracts, which are envisioned to have novel applications in a broad range of areas, including finance and Internet-of-Things. However, a significant number of smart contracts deployed in practice suffer from security vulnerabilities, which enable malicious users to steal assets from a contract or to cause damage. Vulnerabilities present a serious issue since contracts may handle financial assets of considerable value, and contract bugs are non-fixable by design. To help developers create more secure smart contracts, we introduce FSolidM, a framework rooted in rigorous semantics for designing con- tracts as Finite State Machines (FSM). We present a tool for creating FSM on an easy-to-use graphical interface and for automatically generating Ethereum contracts. Further, we introduce a set of design patterns, which we implement as plugins that developers can easily add to their contracts to enhance security and functionality

Modelling and verifying contract-oriented systems in Maude

We address the problem of modelling and verifying contractoriented systems, wherein distributed agents may advertise and stipulate contracts, but — differently from most other approaches to distributed agents — are not assumed to always behave “honestly”. We describe an executable specification in Maude of the semantics of CO2, a calculus for contract-oriented systems [6]. The honesty property [5] characterises those agents which always respect their contracts, in all possible execution contexts. Since there is an infinite number of such contexts, honesty cannot be directly verified by model-checking the state space of an agent (indeed, honesty is an undecidable property in general [5]). The main contribution of this paper is a sound verification technique for honesty. To do that, we safely over-approximate the honesty property by abstracting from the actual contexts a process may be engaged with. Then, we develop a model-checking technique for this abstraction, we describe an implementation in Maude, and we discuss some experiments with it

A Methodology for Abstracting the Physical Layer of Direct V2X Communications Technologies

Recent advancements in vehicle-to-everything (V2X) communications have greatly increased the flexibility of the physical (PHY) and medium access control (MAC) layers. This increases the complexity when investigating the system from a network perspective to evaluate the performance of the supported applications. Such flexibility, in fact, needs to be taken into account through a cross-layer approach, which might lead to challenging evaluation processes. As an accurate simulation of the signals appears unfeasible, a typical solution is to rely on simple models for incorporating the PHY layer of the supported technologies based on off-line measurements or accurate link-level simulations. Such data are, however, limited to a subset of possible configurations, and extending them to others is costly when not even impossible. The goal of this paper is to develop a new approach for modeling the PHY layer of V2X communications that can be extended to a wide range of configurations without leading to extensive measurement or simulation campaigns at the link layer. In particular, given a scenario and starting from results in terms of the packet error rate (PER) vs. signal-to-interference-plus-noise ratio (SINR) related to a subset of possible configurations, we first approximated the curves with step functions characterized by a given SINR threshold, and we then derived one parameter, called implementation loss, that was used to obtain the SINR threshold and evaluate the network performance under any configuration in the same scenario. The proposed methodology, leading to a good trade-off among the complexity, generality, and accuracy of the performance evaluation process, was validated through extensive simulations with both IEEE 802.11p and LTE-V2X sidelink technologies in various scenarios. The results first show that the curves can be effectively approximated by using an SINR threshold, with a value corresponding to 0.5 PER, and then demonstrate that the network-level outputs derived from the proposed approach are very close to those obtained with complete curves, despite not being restricted to a few possible configurations

Contested novel ecosystems: Socio-ecological processes and evidence from Italy

In the context of contemporary global climate and environmental change, both natural and social scientists have stressed the role green areas play in global warming adaptation strategies and in improving the healthiness of the urban environment. Indeed, in recent years these spaces have become central to institutional political debates and various policies have been designed for their valorization. However, little attention has been paid to rewilded urban spaces, recently defined as novel urban ecosystems, and to their socio-ecological complexity. By adopting an interdisciplinary approach that links natural and social science perspectives, this article aims to highlight the role of novel urban ecosystems in the reconfiguration of urban policies. Indeed, this contribution analyzes ecosystem services coupled with the hybrid, contested socio-ecological nature of four case studies in Italy characterized by grassroots socio-environmental mobilization. Data were collected through comparative quantitative and qualitative methods. The evidence shows that the specific ecological features of novel urban ecosystems are strategic in terms of actual and potential ecosystem service provision for cities and suggests that citizens play a fundamental role in recognizing and valorizing them. In parallel, these spaces, reconceptualized as contested novel ecosystems, emerge as controversial hybrid urban socio-natures that enable community empowerment and produce a heterogeneous, grassroots political space oriented towards urban commons and environmental-climate justice