Characteristic Bisimulation for Higher-Order Session Processes

Characterising contextual equivalence is a long-standing issue for higher-order (process) languages. In the setting of a higher-order pi-calculus with sessions, we develop characteristic bisimilarity, a typed bisimilarity which fully characterises contextual equivalence. To our knowledge, ours is the first characterisation of its kind. Using simple values inhabiting (session) types, our approach distinguishes from untyped methods for characterising contextual equivalence in higher-order processes: we show that observing as inputs only a precise finite set of higher-order values suffices to reason about higher-order session processes. We demonstrate how characteristic bisimilarity can be used to justify optimisations in session protocols with mobile code communication

Session Types for Broadcasting

Up to now session types have been used under the assumptions of point to point communication, to ensure the linearity of session endpoints, and reliable communication, to ensure send/receive duality. In this paper we define a session type theory for broadcast communication semantics that by definition do not assume point to point and reliable communication. Our session framework lies on top of the parametric framework of broadcasting psi-calculi, giving insights on developing session types within a parametric framework. Our session type theory enjoys the properties of soundness and safety. We further believe that the solutions proposed will eventually provide a deeper understanding of how session types principles should be applied in the general case of communication semantics.Comment: In Proceedings PLACES 2014, arXiv:1406.331

Typechecking protocols with Mungo and StMungo: a session type toolchain for Java

Static typechecking is an important feature of many standard programming languages. However, static typing focuses on data rather than communication, and therefore does not help programmers correctly implement communication protocols in distributed systems. The theory of session types provides a basis for tackling this problem; we use it to develop two tools that support static typechecking of communication protocols in Java. The first tool, Mungo, extends Java with typestate definitions, which allow classes to be associated with state machines defining permitted sequences of method calls: for example, communication methods. The second tool, StMungo, takes a session type describing a communication protocol, and generates a typestate specification of the permitted sequences of messages in the protocol. Protocol implementations can be validated by Mungo against their typestate definitions and then compiled with a standard Java compiler. The result is a toolchain for static typechecking of communication protocols in Java. We formalise and prove soundness of the typestate inference system used by Mungo, and show that our toolchain can be used to typecheck a client for the standard Simple Mail Transfer Protocol (SMTP)

Mungo and StMungo: tools for typechecking protocols in Java

We present two tools that support static typechecking of communica- tion protocols in Java. Mungo associates Java classes with typestate specifications, which are state machines defining permitted sequences of method calls. StMungo translates a communication protocol specified in the Scribble protocol description language into a typestate specification for each role in the protocol by following the message sequence. Role implementations can be typechecked by Mungo to ensure that they satisfy their protocols, and then compiled as usual with javac. We demonstrate the Scribble, StMungo and Mungo toolchain via a typechecked POP3 client that can communicate with a real-world POP3 server

Typechecking Protocols with Mungo and StMungo

We report on two tools which extend Java with support for static typechecking of communication protocols. Our Mungo tool extends Java with typestate definitions, which allow classes to be associated with state machines defining permitted sequences of method calls. A complementary tool, StMungo, takes a communication protocol specified in the Scribble protocol description language, and generates a typestate specification for each endpoint, capturing the permitted sequences of messages along that channel. Endpoint implementations can be validated by Mungo against their typestate definitions and then compiled as usual with javac. We formalise Mungo’s typestate inference system and demonstrate the Scribble, Mungo and StMungo toolchain via a typechecked SMTP client that can communicate with a real-world SMTP server

A Study of Bisimulation Theory for Session Types

Bisimulation theory is a co-inductive tool used as a tractable method for studying equivalence relations in process calculi. This dissertation studies bisimulation theory for session types. We define the Asynchronous Session π-calculus (ASP for short), which is a session type calculus with queue configurations acting as a communication medium at each session endpoint The semantics for ASP offer fine-grained communication that enjoys the non-blocking property of asynchrony and the order-preserving property of session types. The ASP typing system is shown to be sound to guarantee type safety in the presence of subtyping. A typed labelled transition system gives rise to a bisimilarity which is sound and complete with respect to typed reduction-closed congruence. The bisimilarity theory of ASP highlights the determinacy and confluence properties of session types. Event-driven programming is one of the major paradigms that utilise the asynchronous nature of distributed systems, where events are recognised as the presence of messages and their typed information in the communication medium. To justify the design choices made, we develop a superset of ASP, called the Eventful Session π-calculus (ESP for short), equipped with the minimal session primitives for an expressive event-driven computational model. The eventful session type system introduces the session set type, which is a collection of session types used to type a set of possible events. The ESP typing system maintains its consistency with respect to the ASP session typing system up-to a subtyping relation for session set types. The straightforward extension from ASP to ESP offers behavioural transparency, making the bisimilarity theory for the ASP a special case for the ESP theory – the bisimilarity relation coincides with typed reduction-closed congruence and determinacy and confluence properties are shown to hold for session transitions. Many studies regarding event-driven computation have identified the selector or its equivalent, the polling operator, as the key construct for describing an event-driven framework. The selector is defined as a higher level construct in ESP and it is used to implement the core event handling routine called the event loop. Following the empirical study by Lauer and Needham, we define a session-based transformation from a multi-threaded server to an event loop server. Confluence theory proves that the transformation is type- and semantics-preserving. In the last part of the dissertation we extend the behavioural theory to multiparty session types, both in the synchronous and the asynchronous cases. For each case, we examine two different typed labelled transition systems. In the first case we examine a standard labelled transition system with respect to the local session typing of processes. In the second case a choreography specification governs the behaviour of a multiparty session process and its observer. Each labelled transition system defines a bisimilarity relation, which coincides with the corresponding reduction-closed congruence.Open Acces

Privacy by typing in the π-calculus

In this paper we propose a formal framework for studying privacy in information systems. The proposal follows a two-axes schema where the first axis considers privacy as a taxonomy of rights and the second axis involves the ways an information system stores and manipulates information. We develop a correspondence between the above schema and an associated model of computation. In particular, we propose the \Pcalc, a calculus based on the π-calculus with groups extended with constructs for reasoning about private data. The privacy requirements of an information system are captured via a privacy policy language. The correspondence between the privacy model and the \Pcalc semantics is established using a type system for the calculus and a satisfiability definition between types and privacy policies. We deploy a type preservation theorem to show that a system respects a policy and it is safe if the typing of the system satisfies the policy. We illustrate our methodology via analysis of two use cases: a privacy-aware scheme for electronic traffic pricing and a privacy-preserving technique for speed-limit enforcement