Bekend en onbemind; Het beeld van Duitsland en Duitsers onder jongeren van vijftien tot negentien jaar

The establishment and working of political institutions and democratic processe

On JML: topics in tool-assisted verification of Java programs

Contains fulltext : 36183.pdf (Publisher’s version ) (Open Access)RU Radboud Universiteit Nijmegen, 24 april 2006Promotor : Jacobs, B.P.F. Co-promotor : Poll, E.131 p

Cicero vs. Mark Antony: Identity construction and ingroup/outgroup formation in Philippics One and Three

This chapter is concerned with the beginning of the conflict between Cicero and Mark Antony, which was sparked by the orator’s performance of the Philippics and ended with his death in 43 BCE. This starting point has been the subject of much debate among many scholars, including Ramsey (2003), Manuwald (2007), and Usher (2010). Based on Cicero’s intent with and Antony’s interpretation of the speeches, the content of the speeches, and the political climate of 44-43 BCE Rome, they have argued convincingly in favor of either Philippic One or Philippic Three as the conflict’s beginning. This chapter adds to their analyses by taking a Social Constructionist approach to the texts, considering the subtle ways in which Cicero constructs Antony’s identity in Philippics One and Three through his use of language. Taking the three dimensions of identity construction suggested by Bamberg (e.g. 2011a) - sameness/difference, agency, and diachronic identity navigation - as a starting point, it investigates the linguistic devices that contribute to ingroup/outgroup formation. Based on an analysis of phenomena such as category-bound activities, footing-shifts, agency expression, and dissociative demonstratives, it concludes that the conflict between Cicero and Antony started with Philippic Three

Formal Methods for Smart Cards: An Experience Report

This paper presents a case study in formal specification and verification of a smart card application. The application is an electronic purse implementation, developed by the smart card producer Gemplus as a test case for formal methods for smart cards. It has been annotated (by the authors) with specifications using the Java Modeling Language (JML), a language designed to specify the functional behavior of Java classes. The reason for using JML as a specification language is that several tools are available to check (parts of) the specification w.r.t. an implementation. These tools vary in their level of automation and in the level of correctness they ensure. Several of these tools have been used for the Gemplus case study. We discuss how the usage of these di#erent tools is complementary: large parts of the specification can be checked automatically, while more precise verification methods can be used for the more intricate parts of the specification and implementation. We believe that having such a range of tools available for a single specification language is an important step towards acceptance of formal methods in industry

Certification of Smart-Card Applications in Common Criteria

This report describes a certification method of smart-card applications in the framework of Common Criteria. In this framework, a smart-card application is represented consecutively by a model of its specification, a functional specification describing an input-output relationship, a low-level design, and implementation code. The certification process consists of the following tasks: (1) prove that the model, the functional specification, the low-level design, and the code satisfy security properties in the smart-card application’s specification, and (2) prove that there is a representation correspondence between each two consecutive representations. For each task, a certificate or a collection of certificates are needed to certify the accomplishment of the task. We describe in this report the application of a theory of program properties to the certification process. The theory provides foundations for describing and proving properties of a single program and properties relating two programs. The theory provides a notion of verification condition as a notion of certificate. The theory is applicable to the certification process because all representations of a smart-card application are essentially programs and the representation correspondences are properties relating two programs