Investigations in intersection types : confluence, and semantics of expansion in the -calculus, and a type error slicing method

Type systems were invented in the early 1900s to provide foundations for Mathematics where types were used to avoid paradoxes. Type systems have then been developed and extended throughout the years to serve different purposes such as efficiency or expressiveness. The λ-calculus is used in programming languages, logic, mathematics, and linguistics. Intersection types are a kind of types used for building semantic models of the λ-calculus and for static analysis of computer programs. The confluence property was used to prove the λ-calculus’ consistency and the uniqueness of normal forms. Confluence is useful to show that logics are sensibly designed, and to make equality decision procedures for use in theorem provers. Some proofs of the λ-calculus’ confluence are based on syntactic concepts (reduction relations and λ-term sets) and some on semantic concepts (type interpretations). Part I of this thesis presents an original syntactic proof that is a simplification of a semantic proof based on a sound type interpretation w.r.t. an intersection type system. Our proof can be seen as bridging some semantic and syntactic proofs. Expansion is an operation on typings (pairs of type environments and result types) in type systems for the λ-calculus. It was introduced to prove that the principal typing property (i.e., that every typable term has a strongest typing) holds in intersection type systems. Expansion variables were introduced to simplify the expansion mechanism. Part II of this thesis presents a complete realisability semantics w.r.t. an intersection type system with infinitely many expansion variables. This represents the first study on semantics of expansion. Providing sound (and complete) realisability semantics allows one to study the algorithmic behaviour of typed λ-terms through their types w.r.t. a type system. We believe such semantics will cast some light on the not yet well understood expansion operation. Intersection types were used in a type error slicer for the SML programming language. Existing compilers for many languages have confusing type error messages. Type error slicing (TES) helps the programmer by isolating the part of a program contributing to a type error (a slice). TES was initially done for a tiny toy language (the λ-calculus with polymorphic let-expressions). Extending TES to a full language is extremely challenging, and for SML we needed a number of innovations. Some issues would be faced for any language, and some are SML-specific but representative of the complexity of language-specific issues likely to be faced for other languages. Part III of this thesis solves both kinds of issues and presents an original, simple, and general constraint system for providing type error slices for ill-typed programs. We believe TES helps demystify language features known to confuse users

Realizing Continuity Using Stateful Computations

The principle of continuity is a seminal property that holds for a number of intuitionistic theories such as System T. Roughly speaking, it states that functions on real numbers only need approximations of these numbers to compute. Generally, continuity principles have been justified using semantical arguments, but it is known that the modulus of continuity of functions can be computed using effectful computations such as exceptions or reference cells. This paper presents a class of intuitionistic theories that features stateful computations, such as reference cells, and shows that these theories can be extended with continuity axioms. The modulus of continuity of the functionals on the Baire space is directly computed using the stateful computations enabled in the theory

Realisability Semantics for Intersection Types and Expansion Variables

Expansion was invented at the end of the 1970s for calculating principal typings for $\lambda$-terms in type systems with intersection types. Expansion variables (E-variables) were invented at the end of the 1990s to simplify and help mechanise expansion. Recently, E-variables have been further simplified and generalised to also allow calculating type operators other than just intersection. There has been much work on denotational semantics for type systems with intersection types, but none whatsoever before now on type systems with E-variables. Building a semantics for E-variables turns out to be challenging. To simplify the problem, we consider only E-variables, and not the corresponding operation of expansion. We develop a realisability semantics where each use of an E-variable in a type corresponds to an independent degree at which evaluation occurs in the $\lambda$-term that is assigned the type. In the $\lambda$-term being evaluated, the only interaction possible between portions at different degrees is that higher degree portions can be passed around but never applied to lower degree portions. We apply this semantics to two intersection type systems. We show these systems are sound, that completeness does not hold for the first system, and completeness holds for the second system when only one E-variable is allowed (although it can be used many times and nested). As far as we know, this is the first study of a denotational semantics of intersection type systems with E-variables (using realisability or any other approach)

Interfacing with Proof Assistants for Domain Specific Programming Using EventML

This paper presents a paradigm for using proof assistants in the programming process. We demonstrate how the programming language EventML provides a useful interface to proof assistants throughout code development. Enhancing the use of proof assistants in programming will make them more valuable and accessible to a large community. We designed EventML specifically to cooperate with proof assistants at every stage of program creation. It will help programmers ensure correctness, document the code, and support modifications and improvements. Cooperation is especially effective when the proof assistant and the programming language share the same type system and when the proof assistant can generate executable code for the programming language, as is natural for proof assistants using constructive type theories.

Challenges and solutions to realisability semantics for intersection types with expansion variables

International audienceExpansion is a crucial operation for calculating principal typings in intersection type systems. Because the early definitions of expansion were complicated, E-variables were introduced in order to make the calculations easier to mechanise and reason about. Recently, E-variables have been further simplified and generalised to also allow calculating other type operators than just intersection. There has been much work on semantics for type systems with intersection types, but none whatsoever before our work, on type systems with E-variables. In this paper we expose the challenges of building a semantics for E-variables and we provide a novel solution. Because it is unclear how to devise a space of meanings for E-variables, we develop instead a space of meanings for types that is hierarchical. First, we index each type with a natural number and show that although this intuitively captures the use of E-variables, it is difficult to index the universal type w with this hierarchy and it is not possible to obtain completeness of the semantics if more than one E-variable is used. We then move to a more complex semantics where each type is associated with a list of natural numbers and establish that both w and an arbitrary number of E-variables can be represented without losing any of the desirable properties of a realisability semantics

Challenges and solutions to realisability semantics for intersection types with expansion variables

International audienceExpansion is a crucial operation for calculating principal typings in intersection type systems. Because the early definitions of expansion were complicated, E-variables were introduced in order to make the calculations easier to mechanise and reason about. Recently, E-variables have been further simplified and generalised to also allow calculating other type operators than just intersection. There has been much work on semantics for type systems with intersection types, but none whatsoever before our work, on type systems with E-variables. In this paper we expose the challenges of building a semantics for E-variables and we provide a novel solution. Because it is unclear how to devise a space of meanings for E-variables, we develop instead a space of meanings for types that is hierarchical. First, we index each type with a natural number and show that although this intuitively captures the use of E-variables, it is difficult to index the universal type w with this hierarchy and it is not possible to obtain completeness of the semantics if more than one E-variable is used. We then move to a more complex semantics where each type is associated with a list of natural numbers and establish that both w and an arbitrary number of E-variables can be represented without losing any of the desirable properties of a realisability semantics

Validating Brouwer's Continuity Principle for Numbers Using Named Exceptions

This paper extends the Nuprl proof assistant (a system representative of the class of extensional type theories with dependent types) withnamed exceptionsandhandlers, as well as a nominalfreshoperator. Using these new features, we prove a version of Brouwer's continuity principle for numbers. We also provide a simpler proof of a weaker version of this principle that only uses diverging terms. We prove these two principles in Nuprl's metatheory using our formalization of Nuprl in Coq and reflect these metatheoretical results in the Nuprl theory as derivation rules. We also show that these additions preserve Nuprl's key metatheoretical properties, in particular consistency and the congruence of Howe's computational equivalence relation. Using continuity and the fan theorem, we prove important results of Intuitionistic Mathematics: Brouwer's continuity theorem, bar induction on monotone bars and the negation of the law of excluded middle.</jats:p

Intrusion Resilience Systems for Modern Vehicles

Current vehicular Intrusion Detection and Prevention Systems either incur high false-positive rates or do not capture zero-day vulnerabilities, leading to safety-critical risks. In addition, prevention is limited to few primitive options like dropping network packets or extreme options, e.g., ECU Bus-off state. To fill this gap, we introduce the concept of vehicular Intrusion Resilience Systems (IRS) that ensures the resilience of critical applications despite assumed faults or zero-day attacks, as long as threat assumptions are met. IRS enables running a vehicular application in a replicated way, i.e., as a Replicated State Machine, over several ECUs, and then requiring the replicated processes to reach a form of Byzantine agreement before changing their local state. Our study rides the mutation of modern vehicular environments, which are closing the gap between simple and resource-constrained "real-time and embedded systems", and complex and powerful "information technology" ones. It shows that current vehicle (e.g., Zonal) architectures and networks are becoming plausible for such modular fault and intrusion tolerance solutions,deemed too heavy in the past. Our evaluation on a simulated Automotive Ethernet network running two state-of-the-art agreement protocols (Damysus and Hotstuff) shows that the achieved latency and throughout are feasible for many Automotive applications

A complete realisability semantics for intersection types and arbitrary expansion variables

Expansion was introduced at the end of the 1970s for calculating principal typings for $\lambda$-terms in intersection type systems. Expansion variables (E-variables) were introduced at the end of the 1990s to simplify and help mechanise expansion. Recently, E-variables have been further simplified and generalised to also allow calculating other type operators than just intersection. There has been much work on semantics for intersection type systems, but only one such work on intersection type systems with E-variables. That work established that building a semantics for E-variables is very challenging. Because it is unclear how to devise a space of meanings for E-variables, that work developed instead a space of meanings for types that is hierarchical in the sense of having many degrees (denoted by indexes). However, although the indexed calculus helped identify the serious problems of giving a semantics for expansion variables, the sound realisability semantics was only complete when one single E-variable is used and furthermore, the universal type $\omega$ was not allowed. In this paper, we are able to overcome these challenges. We develop a realisability semantics where we allow an arbitrary (possibly infinite) number of expansion variables and where $\omega$ is present. We show the soundness and completeness of our proposed semantics.Comment: 5th International Colloquium on Theoretical Aspects of Computing, ICTAC 2008, 1-3 September 2008, Istanbul : Turquie (2008