143 research outputs found
Rewrite based Verification of XML Updates
We consider problems of access control for update of XML documents. In the
context of XML programming, types can be viewed as hedge automata, and static
type checking amounts to verify that a program always converts valid source
documents into also valid output documents. Given a set of update operations we
are particularly interested by checking safety properties such as preservation
of document types along any sequence of updates. We are also interested by the
related policy consistency problem, that is detecting whether a sequence of
authorized operations can simulate a forbidden one. We reduce these questions
to type checking problems, solved by computing variants of hedge automata
characterizing the set of ancestors and descendants of the initial document
type for the closure of parameterized rewrite rules
FO2(<,+1,~) on data trees, data tree automata and branching vector addition systems
A data tree is an unranked ordered tree where each node carries a label from
a finite alphabet and a datum from some infinite domain. We consider the two
variable first order logic FO2(<,+1,~) over data trees. Here +1 refers to the
child and the next sibling relations while < refers to the descendant and
following sibling relations. Moreover, ~ is a binary predicate testing data
equality. We exhibit an automata model, denoted DAD# that is more expressive
than FO2(<,+1,~) but such that emptiness of DAD# and satisfiability of
FO2(<,+1,~) are inter-reducible. This is proved via a model of counter tree
automata, denoted EBVASS, that extends Branching Vector Addition Systems with
States (BVASS) with extra features for merging counters. We show that, as
decision problems, reachability for EBVASS, satisfiability of FO2(<,+1,~) and
emptiness of DAD# are equivalent
Unranked Tree Rewriting and Effective Closures of Languages
International audienceWe consider rewriting systems for unranked ordered trees, where the number of chil- dren of a node is not determined by its label, and is not a priori bounded. The rewriting systems are defined such that variables in the rewrite rules can be substituted by hedges (sequences of trees) instead of just trees. Consequently, this notion of rewriting subsumes both standard term rewriting and word rewriting.We present some properties of preservation for classes of unranked tree languages, including hedge automata languages and various context-free extensions. Finally, ap- plications to static type checking for XML transformations and to the verification of read/write access control policies for XML updates are mentioned
Some results on confluence: decision and what to do without
International audienceWe recall first some decidability results on the confluence of TRS, and related properties about unicity of normal forms. In particular we put it in perspective old proofs of undecidability of confluence for the class of flat systems with more recent results, in order to discuss the importance of linearity wrt these decision problems. Second, we describe a case study on musical rhythm notation involving modeling rewrite systems which are not confluent. In this case, instead of applying rewrite rules directly, we enumerate the equivalence class of a given term using automata-based representations and dynamic programming
Decidable Classes of Tree Automata Mixing Local and Global Constraints Modulo Flat Theories
We define a class of ranked tree automata TABG generalizing both the tree
automata with local tests between brothers of Bogaert and Tison (1992) and with
global equality and disequality constraints (TAGED) of Filiot et al. (2007).
TABG can test for equality and disequality modulo a given flat equational
theory between brother subterms and between subterms whose positions are
defined by the states reached during a computation. In particular, TABG can
check that all the subterms reaching a given state are distinct. This
constraint is related to monadic key constraints for XML documents, meaning
that every two distinct positions of a given type have different values. We
prove decidability of the emptiness problem for TABG. This solves, in
particular, the open question of the decidability of emptiness for TAGED. We
further extend our result by allowing global arithmetic constraints for
counting the number of occurrences of some state or the number of different
equivalence classes of subterms (modulo a given flat equational theory)
reaching some state during a computation. We also adapt the model to unranked
ordered terms. As a consequence of our results for TABG, we prove the
decidability of a fragment of the monadic second order logic on trees extended
with predicates for equality and disequality between subtrees, and cardinality.Comment: 39 pages, to appear in LMCS journa
Rapport d’étape et bilan financier 2015 PHC AMADEUS 2015 « LETITBE » N° 33808SC
Le projet LETITBE (PHC Amadeus 2015) a pour objectif l'application au développement de systèmes musicaux interactifs de paradigmes et outils formels pour les systèmes embarqués critiques temps-réels. Il s'agit d'un projet de recherche pluridisciplinaire, chacun des partenaires étant spécialiste d'un des deux thèmes de recherche, et exploratoire, ces approches formelles étant traditionnellement plutôt réservée aux systèmes critiques (avionique, transports, etc)
Rigid Tree Automata and Applications
International audienceWe introduce the class of Rigid Tree Automata (RTA), an extension of standard bottom-up automata on ranked trees with distinguished states called rigid. Rigid states define a restriction on the computation of RTA on trees: RTA can test for equality in subtrees reaching the same rigid state. RTA are able to perform local and global tests of equality between subtrees, non-linear tree pattern matching, and some inequality and disequality tests as well. Properties like determinism, pumping lemma, Boolean closure, and several decision problems are studied in detail. In particular, the emptiness problem is shown decidable in linear time for RTA whereas membership of a given tree to the language of a given RTA is NP-complete. Our main result is the decidability of whether a given tree belongs to the rewrite closure of an RTA language under a restricted family of term rewriting systems, whereas this closure is not an RTA language. This result, one of the first on rewrite closure of languages of tree automata with constraints, is enabling the extension of model checking procedures based on finite tree automata techniques, in particular for the verification of communicating processes with several local non rewritable memories, like security protocols. Finally, a comparison of RTA with several classes of tree automata with local and global equality tests, with dag automata and Horn clause formalisms is also provided
A Supervised Approach for Rhythm Transcription Based on Tree Series Enumeration
International audienceWe present a rhythm transcription system integrated in the computer-assisted composition environment OpenMusic. Rhythm transcription consists in translating a series of dated events into traditional music notation's pulsed and structured representation. As transcription is equivocal, our system favors interactions with the user to reach a satisfactory compromise between various criteria, in particular the precision of the transcription and the readability of the output score. It is based on a uniform approach, using a hierarchical representation of duration notation in the form of rhythm trees, and an efficient dynamic-programming algorithm that lazily evaluates the transcription solutions. It is run through a dedicated user interface allowing to interactively explore the solution set, visualize the solutions and locally edit them
One-variable context-free hedge automata
International audienceWe introduce an extension of hedge automata called One-Variable Context-Free Hedge Automata. The class of unranked ordered tree languages they recognize has polynomial membership problem and is preserved by rewrite closure with inverse-monadic rules. We also propose a modeling of primitives of the W3C XQuery Update Facility by mean of parameterized rewriting rules, and show that the rewrite closure of a context-free hedge language with these extended rewriting systems is a context-free hedge language. This result is applied to static analysis of XML access control policies expressed with update primitives
Decision Procedures for the Security of Protocols with Probabilistic Encryption against Offline Dictionary Attacks
International audienceWe consider the problem of formal automatic verification of cryptographic protocols when some data, like poorly chosen passwords, can be guessed by dictionary attacks. First, we define a theory of these attacks and propose an inference system modeling the deduction capabilities of an intruder. This system extends a set of well-studied deduction rules for symmetric and public key encryption, often called Dolev–Yao rules, with the introduction of a probabilistic encryption operator and guessing abilities for the intruder. Then, we show that the intruder deduction problem in this extended model is decidable in PTIME. The proof is based on a locality lemma for our inference system. This first result yields to an NP decision procedure for the protocol insecurity problem in the presence of a passive intruder. In the active case, the same problem is proved to be NP-complete: we give a procedure for simultaneously solving symbolic constraints with variables that represent intruder deductions. We illustrate the procedure with examples of published protocols and compare our model to other recent formal definitions of dictionary attacks
- …