Counterfactual Causality from First Principles?

In this position paper we discuss three main shortcomings of existing approaches to counterfactual causality from the computer science perspective, and sketch lines of work to try and overcome these issues: (1) causality definitions should be driven by a set of precisely specified requirements rather than specific examples; (2) causality frameworks should support system dynamics; (3) causality analysis should have a well-understood behavior in presence of abstraction.Comment: In Proceedings CREST 2017, arXiv:1710.0277

Protection in the Think exokernel

In this paper, we present our preliminary ideas concerning the adaptation of security and protection techniques in the Think exokernel. Think is our proposition of a distributed adaptable kernel, designed according to the exokernel architecture. After summing up the main motivations for using the exokernel architecture, we describe the Think exokernel as it has been implemented on a PowerPC machine. We then present the major protection and security techniques that we plan to adapt to the Think environment, and give an example of how some of these techniques can be combined with the Think model to provide fair and protected resource management. Finally, we briefly present the iPAQ Pocket PC to which we plan to port the Think exokernel and explain our interest in this kind of mobile devices

A formal specification of the Fractal component model in Alloy

This report contains a formal specification of the Fractal component model using the Alloy specification language. The report covers all the elements of the (informal) reference specification of the Fractal model. It provides a truly language-independent specification of the Fractal model, and lifts the ambiguities of the reference specification

Building secure embedded kernels with the Think architecture.

We present in this paper the security features of Think, an object-oriented architecture dedicated to build customized operating system kernels. The Think architecture is composed of an object-oriented software framework including a trader, and a library of system abstractions programmed as components. We show how to use this architecture to build secure and efficient kernels for embedded systems. Policy- neutral security is achieved by providing elementary tools that can be used by the system programmer to build a system resistant to denial of service attacks and incorporating data access control. An example of such a secure system is given by detailing how to ensure component isolation with a elementary software-based memory isolation tool

Characterizing contextual equivalence in calculi with passivation

AbstractWe study the problem of characterizing contextual equivalence in higher-order languages with passivation. To overcome the difficulties arising in the proof of congruence of candidate bisimilarities, we introduce a new form of labeled transition semantics together with its associated notion of bisimulation, which we call complementary semantics. Complementary semantics allows to apply the well-known Howeʼs method for proving the congruence of bisimilarities in a higher-order setting, even in the presence of an early form of bisimulation. We use complementary semantics to provide a coinductive characterization of contextual equivalence in the HOπP calculus, an extension of the higher-order π-calculus with passivation, obtaining the first result of this kind. We then study the problem of defining a more effective variant of bisimilarity that still characterizes contextual equivalence, along the lines of Sangiorgiʼs notion of normal bisimilarity. We provide partial results on this difficult problem: we show that a large class of test processes cannot be used to derive a normal bisimilarity in HOπP, but we show that a form of normal bisimilarity can be defined for HOπP without restriction

Le système de composants Fractal

Les approches à base de composants apparaissent de plus en plus incontournables pour le développement de systèmes et d'applications répartis. Il s'agit de faire face à la complexité sans cesse croissante de ces logiciels et de répondre aux grands défis de l'ingénierie des systèmes : passage à grande échelle, administration, autonomie. Après les objets dans la première moitié des années 1990, les composants se sont imposés comme le paradigme clé de l'ingénierie des intergiciels et de leurs applications dans la seconde moitié des années 1990. L'intérêt de la communauté industrielle et académique s'est d'abord porté sur les modèles de composants pour les applications comme EJB, CCM ou .NET. A partir du début des années 2000, le champ d'application des composants s'est étendu aux couches inférieures : systèmes et intergiciels. Il s'agit toujours, comme pour les applications, d'obtenir des entités logicielles composables aux interfaces spécifiées contractuellement, déployables et configurables~; mais il s'agit également d'avoir des plates-formes à composants suffisamment performantes et légères pour ne pas pénaliser les performances du système. Le modèle de composants Fractal remplit ces conditions

Studying relationships between environment and malaria incidence in Camopi (French Guiana) through the objective selection of buffer-based landscape characterisations

<p>Abstract</p> <p>Background</p> <p>Malaria remains a major health problem in French Guiana, with a mean of 3800 cases each year. A previous study in Camopi, an Amerindian village on the Oyapock River, highlighted the major contribution of environmental features to the incidence of malaria attacks. We propose a method for the objective selection of the best multivariate peridomestic landscape characterisation that maximises the chances of identifying relationships between environmental features and malaria incidence, statistically significant and meaningful from an epidemiological point of view.</p> <p>Methods</p> <p>A land-cover map, the hydrological network and the geolocalised inhabited houses were used to characterise the peridomestic landscape in eleven discoid buffers with radii of 50, 100, 200, 300, 400, 500, 600, 700, 800, 900 and 1000 metres. Buffer-based landscape characterisations were first compared in terms of their capacity to discriminate between sites within the geographic space and of their effective multidimensionality in variable space. The Akaike information criterion (AIC) was then used to select the landscape model best explaining the incidences of <it>P. vivax </it>and <it>P. falciparum </it>malaria. Finally, we calculated Pearson correlation coefficients for the relationships between environmental variables and malaria incidence, by species, for the more relevant buffers.</p> <p>Results</p> <p>The optimal buffers for environmental characterisation had radii of 100 m around houses for <it>P. vivax </it>and 400 m around houses for <it>P. falciparum</it>. The incidence of <it>P. falciparum </it>malaria seemed to be more strongly linked to environmental features than that of <it>P. vivax </it>malaria, within these buffers. The incidence of <it>P. falciparum </it>malaria in children was strongly correlated with proportions of bare soil (r = -0.69), land under high vegetation (r = 0.68) and primary forest (r = 0.54), landscape division (r = 0.48) and the number of inhabited houses (r = -0.60). The incidence of <it>P. vivax </it>malaria was associated only with landscape division (r = 0.49).</p> <p>Conclusions</p> <p>The proposed methodology provides a simple and general framework for objective characterisation of the landscape to account for field observations. The use of this method enabled us to identify different optimal observation horizons around houses, depending on the <it>Plasmodium </it>species considered, and to demonstrate significant correlations between environmental features and the incidence of malaria.</p

Building secure embedded kernels with the Think architecture.

We present in this paper the security features of Think, an object-oriented architecture dedicated to build customized operating system kernels. The Think architecture is composed of an object-oriented software framework including a trader, and a library of system abstractions programmed as components. We show how to use this architecture to build secure and efficient kernels for embedded systems. Policy- neutral security is achieved by providing elementary tools that can be used by the system programmer to build a system resistant to denial of service attacks and incorporating data access control. An example of such a secure system is given by detailing how to ensure component isolation with a elementary software-based memory isolation tool

Causality Analysis and Fault Ascription in Component-Based Systems

This article introduces a general framework for fault ascription, which consists in identifying, within a multi-component system, the components whose faulty behavior has caused the failure of said system. Our framework uses configuration structures as a general semantical model to handle truly concurrent executions, partial and distributed observations in a uniform way. We define a set of expected properties for counterfactual analysis, and present a refined analysis that conforms to our requirements. This contrasts with current practice of evaluating definitions of counterfactual causality a posteriori on a set of toy examples. As an early study of the behavior of our analysis under abstraction we establish its monotony under refinement.Cet article introduit un cadre général pour l’attribution de fautes qui consiste à identifier, dans un système à composants, les composants dont le comportement incorrect a causé le dysfonctionnement du système. Nous définissons un ensemble de propriétés attendues de l’analyse contrefactuelle, et nous présentons une analyse raffinée qui satisfait ces besoins. Ceci contraste avec la pratique courante d’évaluer les définitions de causalité contrefactuelle a posteriori sur un ensemble d’exemples jouets. Nous établissons la monotonie de notre analyse sous différentes notions de raffinement