Functional active objects: typing and formalisation

This paper provides a sound foundation for autonomous objects communicating by remote method invo- cations and futures. As a distributed extension of ς-calculus, we define ASPfun, a calculus of functional objects, behaving autonomously and communicating by a request-reply mechanism: requests are method calls handled asynchronously and futures represent awaited results for requests. This results in a well structured distributed object language enabling a concise representation of asynchronous method invoca- tions. This paper first presents the ASPfun calculus and its semantics. Secondly we provide a type system for ASPfun, which guarantees the “progress” property. Most importantly, ASPfun and its properties have been formalised and proved using the Isabelle theorem prover, and we consider it as a good step toward formalisation of distributed languages

ASPfun: a typed functional active object calculus

This paper provides a sound foundation for autonomous objects communicating by remote method invocations and futures. As a distributed extension of ς-calculus we define ASPfun, a calculus of functional objects, behaving autonomously and communicating by a request-reply mechanism: requests are method calls handled asynchronously and futures represent awaited results for requests. This results in an object language enabling a concise representation of a set of active objects interacting by asynchronous method invocations. This paper first presents the ASPfun calculus and its semantics. Then, we provide a type system for ASPfun which guarantees the “progress” property. Most importantly, ASPfun has been formalised; its properties have been formalised and proved using the Isabelle theorem prover and we consider this as an important step in the formalization of distributed languages. This work was also an opportunity to study different binder representations and experiment with two of them in the Isabelle/HOL theorem prover

Dynamic reconfiguration of GCM components

We detail in this report past research and current/future developments in formal specification of Grid component systems by temporal logic and consequent resolution technique, for an automated dynamic reconfiguration of components. It is analysed the specification procedure of GCM (Grid Component Model) components and infrastructure in respect to their state behaviour, and the verification process in a dynamic and reconfigurable distributed system. Furthermore it is demonstrated how an automata based method is used to achieve the specification, as well as how the enrichment of the temporal specification language of Computation Tree Logic CTL with the ability to capture norms, allows to formally define the concept of reconfiguration

A locally nameless theory of objects

This paper presents the formalisation of an object calculus in Isabelle/HOL highlighting the binder technique called locally nameless1. This techniques has its origins already in a note at the end of de Bruijn’s paper [5] introducing the classical de Bruijn indices. In the last few years, with the advent of mechanized proofs in the domain of programming languages, e.g. [1], this technique attracted new attention. The most recent work on locally nameless technique [2] provides cofinite quantification, necessary for proving non-trivial properties. Indeed the de Bruijn indices are often criticised, as being too technical, that is why alternative techniques are investigated. The de Bruijn indices method, however, is known to be reliable, and is often chosen in order to focus on aspects of programming languages unrelated to variable bindings. With locally nameless techniques, one expects to spend less time proving auxiliary lemmas dealing with variable bind- ings, but also to obtain theorems that are more convincing because closer to the paper version. Our contributions are a formalisation in Isabelle/HOL of ς-calculus; and an in depth comparison of both locally nameless and de Bruijn complete mechanisations including specification and proofs

Declarative Scheduling for Active Objects

International audienceActive objects are programming constructs that abstract dis- tribution and help to handle concurrency. In this paper, we extend the multiactive object programming model to offer a priority specification mechanism. This mechanism allows programmers to have control on the scheduling of requests. The priority representation is based on a dependency graph which makes it very convenient to use. This article shows how to use this mechanism from the programmer side, and exposes the main properties of the dependency graph. The software architecture of our implementation is also presented, as it can be applied to various scheduling systems. Finally, we validate our approach through a microbenchmark that shows that the overhead of our priority representation is rather low. On the whole, we provide a general pattern to introduce a prioritized scheduling in active objects or in any other con- current systems. The resulting framework is shown to be fine-grained, user-friendly, and efficient

Isabelle Modelchecking for insider threats

The Isabelle Insider framework formalises the technique of social explanation for modeling and analysing Insider threats in infrastructures including physical and logical aspects. However, the abstract Isabelle models need some refinement to provide sufficient detail to explore attacks constructively and understand how the attacker proceeds. The introduction of mutable states into the model leads us to use the concepts of Modelchecking within Isabelle. Isabelle can simply accommodate classical CTL type Modelchecking. We integrate CTL Modelchecking into the Isabelle Insider framework. A running example of an IoT attack on privacy motivates the method throughout and illustrates how the enhanced framework fully supports realistic modeling and analysis of IoT Insiders

Deadlock detection for actor-based coroutines

The actor-based language studied in this paper features asynchronous method calls and supports coroutines which allow for the cooperative scheduling of the method invocations belonging to an actor. We model the local behavior of an actor as a well-structured transition system by means of predicate abstraction and derive the decidability of the occurrence of deadlocks caused by the coroutine mode of method execution

Shuffle–based verification of component compatibility

An extension of earlier work on component compatibility is described in this paper. Similarly as before, the behavior of components is specified by component interface languages, and the shuffle operation is introduced to represent possible interleavings of service requests that originate at several concurrent components. The paper shows that the verification of component compatibility is possible without the exhaustive analysis of the state space of interacting components. Exhaustive analysis of state spaces was the basis of earlier approaches to compatibility verification