Razonando acerca de programas funcionales

Una de las grandes ventajas de los lenguajes funcionales puros es que permiten ser razonados ecuacionalmente, de esta forma, se facilita su depuración, vericación de la corrección, reducción, etc. Pero esta pureza impide los efectos computacionales necesarios para que este tipo de programas tengan interacción alguna, es por esto que las funciones monádicas, que se encargan de encapsular estos efectos y así conservar la pureza, representan una estructura importante dentro de los lenguajes funcionales tales como Haskell. Sin embargo, debido a que las mónadas poseen una estructura imperativa, no se ha podido establecer una manera de poder razonar ecuacionalmente sobre éstas, el lograrlo supondría un avance significativo en lo que a verificación de programas se refiere. Por tanto, se presentan los conceptos básicos que permitan comprender cómo se razona sobre los programas y se muestra mediante un ejemplo la posibilidad de razonar ecuacionalmente sobre funciones monádicas

Hacia la formalización del razonamiento ecuacional sobre mónadas

Una de las grandes ventajas de los lenguajes funcionales puros es que permiten ser razonados ecuacionalmente, de esta forma, se facilita la verificación de su corrección. Pero esta pureza impide los efectos computacionales necesarios para que este tipo de programas tengan interacción alguna, es por esto que las funciones monádicas, que se encargan de encapsular estos efectos y así conservar la pureza, representan una estructura importante dentro de los lenguajes funcionales. Sin embargo, debido a que las mónadas poseen una estructura imperativa, no se ha podido establecer un enfoque aceptado para razonar ecuacionalmente sobre éstas. Por tanto, se pretende formalizar (desde un punto de vista computacional) en Agda la propuesta realizada por Gibbons y Hinze en [7] minimizando así los errores en los pasos de cada una de las demostraciones. Así pues, se presentan los conceptos básicos que permitan comprender cómo se razona sobre los programas y se muestra mediante un ejemplo la posibilidad de formalizar este razonamiento

Formalization of Programs with Positive Inductive Types

Proof assistants are computer systems that allows a user to do mathematics on a computer helping with the development of formal proof by human-machine collaboration, however most of them only work with strictly positive types, this restriction limits the number of problem that can be formalized. This is perhaps the reason why verification of programs that use positive (and negative) types is uncommon. Hence, we use the programming logic created by Bove, Dybjer and Sicard- Ram´ırez that accept positive types to formalize the termination of a breadth-first search in a binary tree using continuations data type which is positive

A Programming Language for Data Privacy with Accuracy Estimations

Differential privacy offers a formal framework for reasoning about the privacy and accuracy of computations on private data. It also offers a rich set of building blocks for constructing private data analyses. When carefully calibrated, these analyses simultaneously guarantee the privacy of the individuals contributing their data, and the accuracy of the data analyses results, inferring useful properties about the population. The compositional nature of differential privacy has motivated the design and implementation of several programming languages aimed at helping a data analyst in programming differentially private analyses. However, most of the programming languages for differential privacy proposed so far provide support for reasoning about privacy but not for reasoning about the accuracy of data analyses. To overcome this limitation, in this work we present DPella, a programming framework providing data analysts with support for reasoning about privacy, accuracy, and trade-offs. The distinguishing feature of DPella is a novel component that statically tracks the accuracy of different data analyses. In order to make tighter accuracy estimations, this component leverages taint analysis for automatically inferring statistical independence of the different noise quantities added for guaranteeing privacy. We evaluate our approach by implementing several classical queries from the literature and showing how data analysts can figure out the best manner to calibrate privacy to meet the accuracy requirements

Language-Based Differential Privacy with Accuracy Estimations and Sensitivity Analyses

This thesis focuses on the development of programming frameworks to enforce, by construction, desirable properties of software systems. Particularly, we are interested in enforcing differential privacy -- a mathematical notion of data privacy -- while statically reasoning about the accuracy of computations, along with deriving the sensitivity of arbitrary functions to further strengthen the expressiveness of these systems. To this end, we first introduce DPella, a programming framework for differentially-private queries that allows reasoning about the privacy and accuracy of data analyses. DPella provides a novel component that statically tracks the accuracy of different queries. This component leverages taint analysis to infer statistical independence of the different noises that were added to ensure the privacy of the overall computation. As a result, DPella allows analysts to implement privacy-preserving queries and adjust the privacy parameters to meet accuracy targets or vice-versa.In the context of differentially-private systems, the sensitivity of a function determines the amount of noise needed to achieve a desired level of privacy. However, establishing the sensitivity of arbitrary functions is non-trivial. Consequently, systems such as DPella provided a limited set of functions -- whose sensitivity is known -- to apply over sensitive data, thus hindering the expressiveness of the language. To overcome this limitation, we propose a new approach to derive proofs of sensitivity in programming languages with support for polymorphism. Our approach enriches base types with information about the metric relation between values and applies parametricity to derive proof of a function\u27s sensitivity. These ideas are formalized in a sound calculus and implemented as a Haskell library called Spar, enabling programmers to prove the sensitivity of their functions through type-checking alone.Overall, this thesis contributes to the development of expressive programming frameworks for data analysis with privacy and accuracy guarantees. The proposed approaches are feasible and effective, as demonstrated through the implementation of DPella and Spar

Let\u27s not Make a Fuzz about it

The work of Fuzz has pioneered the use of functional programming languages wheretypes allow to reason about the sensitivity of programs. Fuzz and subsequentwork (e.g., DFuzz and Duet) use technical devices like linear types, modal types, and partial evaluation. These features usually require the design of a newprogramming language from scratch - a major task on its own! While thesefeatures are part of the classical toolbox of programming languages, they areoften rather obscure for non-programming language experts. In this work, weexplore a different direction. We propose the design of a library capable ofcalculating the sensitivity of programs. The library is built on a novel use ofpolymorphism to represent (and prove) the sensitivity of functions andthe use of type constraints and type-level natural numbers. We show how ourapproach can be used to reason about the sensitivity of classical examplesworking over vectors, such as sum, map, and sort - we leave reasoning aboutmore complex programs for future work. Our library, called DSencity, isimplemented with just 360 lines of Haskell code

A Programming Language for Data Privacy with Accuracy Estimations

Differential privacy offers a formal framework for reasoning about the privacy and accuracy of computations on private data. It also offers a rich set of building blocks for constructing private data analyses. When carefully calibrated, these analyses simultaneously guarantee the privacy of the individuals contributing their data, and the accuracy of the data analysis results, inferring useful properties about the population. The compositional nature of differential privacy has motivated the design and implementation of several programming languages to ease the implementation of differentially private analyses. Even though these programming languages provide support for reasoning about privacy, most of them disregard reasoning about the accuracy of data analyses. To overcome this limitation, we present DPella, a programming framework providing data analysts with support for reasoning about privacy, accuracy, and their trade-offs. The distinguishing feature of DPella is a novel component that statically tracks the accuracy of different data analyses. To provide tight accuracy estimations, this component leverages taint analysis for automatically inferring statistical independence of the different noise quantities added for guaranteeing privacy. We evaluate our approach by implementing several classical queries from the literature and showing how data analysts can calibrate the privacy parameters to meet the accuracy requirements, and vice versa

Jeremy Jones performing a Half Cab at Brighton, 1996.

Photo of snowboarder Jeremy Jones performing a Half Cab at Brighton ski resort, in 199