131 research outputs found
On Observing Dynamic Prioritised Actions in SOC
We study the impact on observational semantics for SOC of priority mechanisms which combine dynamic priority with local pre-emption. We define manageable notions of strong and weak labelled bisimilarities for COWS, a process calculus for SOC, and provide alternative characterisations in terms of open barbed bisimilarities. These semantics show that COWS’s priority mechanisms partially recover the capability to observe receive actions (that could not be observed in a purely asynchronous setting) and that high priority primitives for termination impose specific conditions on the bisimilarities
Memory usage verification using Hip/Sleek.
Embedded systems often come with constrained memory footprints. It is therefore essential to ensure that software running on such platforms fulfils memory usage specifications at compile-time, to prevent memory-related software failure after deployment. Previous proposals on memory usage verification are not satisfactory as they usually can only handle restricted subsets of programs, especially when shared mutable data structures are involved. In this paper, we propose a simple but novel solution. We instrument programs with explicit memory operations so that memory usage verification can be done along with the verification of other properties, using an automated verification system Hip/Sleek developed recently by Chin et al.[10,19]. The instrumentation can be done automatically and is proven sound with respect to an underlying semantics. One immediate benefit is that we do not need to develop from scratch a specific system for memory usage verification. Another benefit is that we can verify more programs, especially those involving shared mutable data structures, which previous systems failed to handle, as evidenced by our experimental results
An Elementary Affine λ-Calculus with Multithreading and Side Effects
International audienceLinear logic provides a framework to control the complexity of higher-order functional programs. We present an extension of this framework to programs with multithreading and side effects focusing on the case of elementary time. Our main contributions are as follows. First, we introduce a modal call-by-value λ-calculus with multithreading and side effects. Second, we provide a combinatorial proof of termination in elementary time for the language. Third, we introduce an elementary affine type system that guarantees the standard subject reduction and progress properties. Finally, we illustrate the programming of iterative functions with side effects in the presented formalism
Globally Governed Session Semantics
This paper proposes a bisimulation theory based on multiparty session types
where a choreography specification governs the behaviour of session typed
processes and their observer. The bisimulation is defined with the observer
cooperating with the observed process in order to form complete global session
scenarios and usable for proving correctness of optimisations for globally
coordinating threads and processes. The induced bisimulation is strictly more
fine-grained than the standard session bisimulation. The difference between the
governed and standard bisimulations only appears when more than two interleaved
multiparty sessions exist. This distinct feature enables to reason real
scenarios in the large-scale distributed system where multiple choreographic
sessions need to be interleaved. The compositionality of the governed
bisimilarity is proved through the soundness and completeness with respect to
the governed reduction-based congruence. Finally, its usage is demonstrated by
a thread transformation governed under multiple sessions in a real usecase in
the large-scale cyberinfrustracture
Fine-grained and coarse-grained reactive noninterference
International audienceWe study the security property of noninterference in a core synchronous reactive language that we call CRL. In the synchronous reactive paradigm, programs communicate by means of broadcast events, and their parallel execution is regulated by a notion of instant. We first show that CRL programs are indeed reactive, namely that they always converge to a state of termination or suspension ("end of instant") in a finite number of steps. We define two bisimulation equivalences on CRL programs, corresponding respectively to a fine-grained and to a coarse-grained observation of programs. We show that coarse-grained bisimilarity is more abstract than fine-grained bisimilarity, as it is insensitive to the order of generation of events and to repeated emissions of the same event during an instant. Based on these bisimulations, two properties of Reactive Noninterference (RNI) are introduced, formalising secure information flow. Both properties are time-insensitive and termination-insensitive. Again, coarse-grained RNI is more abstract than fine-grained RNI. Finally, a type system guaranteeing both security properties is presented. Thanks to a design choice of CRL, which offers two separate constructs for loops and iteration, and to refined typing rules, this type system allows for a precise treatment of termination leaks, which are an issue in parallel languages
Probabilistic Anonymity
The concept of anonymity comes into play in
a wide range of situations, varying from voting
and anonymous donations to postings on bulletin
boards and sending mails. A formal definition of
this concept has been given in literature in
terms of nondeterminism. In this paper, we
investigate a notion of anonymity based on
probability theory, and we we discuss the relation
with the nondeterministic one. We then formulate
this definition in terms of observables for
processes in the probabilistic -calculus, and
propose a method to verify automatically the
anonymity property. We illustrate the method by
using the example of the dining cryptographers
Choreography Rehearsal ⋆
Abstract. We propose a methodology for statically predicting the possible interaction patterns of services within a given choreography. We focus on choreographies exploiting the event notification paradigm to manage service interactions. Control Flow Analysis techniques statically approximate which events can be delivered to match the choreography constraints and how the multicast groups can be optimised to handle event notification within the service choreography.
A criterion for separating process calculi
We introduce a new criterion, replacement freeness, to discern the relative
expressiveness of process calculi. Intuitively, a calculus is strongly
replacement free if replacing, within an enclosing context, a process that
cannot perform any visible action by an arbitrary process never inhibits the
capability of the resulting process to perform a visible action. We prove that
there exists no compositional and interaction sensitive encoding of a not
strongly replacement free calculus into any strongly replacement free one. We
then define a weaker version of replacement freeness, by only considering
replacement of closed processes, and prove that, if we additionally require the
encoding to preserve name independence, it is not even possible to encode a non
replacement free calculus into a weakly replacement free one. As a consequence
of our encodability results, we get that many calculi equipped with priority
are not replacement free and hence are not encodable into mainstream calculi
like CCS and pi-calculus, that instead are strongly replacement free. We also
prove that variants of pi-calculus with match among names, pattern matching or
polyadic synchronization are only weakly replacement free, hence they are
separated both from process calculi with priority and from mainstream calculi.Comment: In Proceedings EXPRESS'10, arXiv:1011.601
Compiling Pattern Matching in Join-Patterns
We propose an extension of the join-calculus with pattern matching on algebraic data types. Our initial motivation is twofold: to provide an intuitive semantics of the interaction between concurrency and pattern matching; to define a practical compilation scheme from extended join-definitions into ordinary ones plus (ML) pattern matching. To assess the correctness of our compilation scheme, we develop a theory of the applied join-calculus, a calculus with value-passing and value matching
- …