Journal of Logical and Algebraic Methods in Programming最新文献

We study iso-recursive and equi-recursive subtyping for session types in a logical setting, where session types are propositions of multiplicative/additive linear logic extended with least and greatest fixed points. Both subtyping relations admit a simple characterization that can be roughly spelled out as the following lapalissade: every session type is larger than the smallest session type and smaller than the largest session type. We observe that, because of the logical setting in which they arise, these subtyping relations preserve termination in addition to the usual safety properties of sessions.

We study the realizability and strong satisfiability problems for Safety LTL, a syntactic fragment of Linear Temporal Logic (

We revisit the problem of the exact classification of the complexity of realizability for

Furthermore, we revisit the techniques used in the purported proof of

Stormwater detention ponds play an important role in urban water management for collecting and conveying rainfall runoff from urban catchment areas to nearby streams. Their purpose is not only to avoid flooding but also to reduce stream erosion and degradation caused by the direct discharge of pollutants to the stream. We model the problem of controlling the discharge rate of water from the ponds as a partially observable hybrid Markov decision process and subsequently use Uppaal Stratego for synthesizing safe and near optimal control strategies. The generated strategies are based on noisy sensor measurements of the water height in the pond, hence the underlying system is only partially observable. We present results analyzing how sensitive the synthesized strategies are with respect to the accuracy of the measurement sensors in both offline and online settings. These types of analyses not only provide insight into the robustness of the generated strategies, but they can also be used for deciding on which measurement sensors to use, thereby balancing sensor cost and accuracy.

Partial functions are a key concept in programming. Without partiality a programming language has limited expressiveness – it is not Turing-complete, hence, it excludes some constructs such as while-loops. In functional programming languages, partiality mostly originates from the non-termination of recursive functions. Corecursive functions are another source of partiality: here, the issue is not termination, but the inability to produce arbitrary large, finite approximations of a theoretically infinite output.

Partial functions have been formally studied in the branch of theoretical computer science called domain theory. In this paper we propose to step up the level of formality by using the Coq proof assistant. The main difficulty is that Coq requires all functions to be total, since partiality would break the soundness of its underlying logic. We propose practical solutions for this issue, and others, which appear when one attempts to define and reason about partial (co)recursive functions in a total functional language.

Protocols are typically specified in an operational manner by specifying the communication patterns among the different involved principals. However, many properties are of epistemic nature, e.g., what each principal believes after having seen a run of the protocol. We elaborate on a unified algebraic framework suitable for epistemic reasoning about operational protocols. This reasoning framework is based on a logic of beliefs and allows for the operational specification of untruthful communications. The information recorded in the semantic models to support reasoning about the interaction between the operational and epistemic aspects intensifies the state-space explosion. We propose an efficient on-the-fly reduction for such a unifying framework by providing a set of operational rules. These operational rules automatically generate efficient reduced semantics for a class of epistemic properties, specified in a rich extension of modal μ-calculus with past and belief modality, and can potentially reduce an infinite state space into a finite one. We reformulate and prove criteria that guarantee belief consistency for credulous agents, i.e., agents that are ready to believe what is told unless it is logically inconsistent. We adjust our reduction so that the belief consistency of an original model is preserved. We prove the soundness and completeness result for the specified class of properties.

Addressing the problem of fairness is crucial to safely using machine learning algorithms to support decisions that have a critical impact on people's lives, such as job hiring, child maltreatment, disease diagnosis, loan granting, etc. Several notions of fairness have been defined and examined in the past decade, such as statistical parity and equalized odds. However, the most recent notions of fairness are causal-based and reflect the now widely accepted idea that using causality is necessary to appropriately address the problem of fairness. This paper examines an exhaustive list of causal-based fairness notions and studies their applicability in real-world scenarios. As most causal-based fairness notions are defined in terms of non-observable quantities (e.g., interventions and counterfactuals), their deployment in practice requires computing or estimating those quantities using observational data. This paper offers a comprehensive report of the different approaches to infer causal quantities from observational data, including identifiability (Pearl's SCM framework) and estimation (potential outcome framework). The main contributions of this survey paper are (1) a guideline to help select a suitable causal fairness notion given a specific real-world scenario and (2) a ranking of the fairness notions according to Pearl's causation ladder, indicating how difficult it is to deploy each notion in practice.

In this paper we study the problem of realizability of reactive specifications written in ${\mathrm{LTL}}_T$, which is the extension of LTL where atomic propositions can be literals from a first-order theory, including arithmetic theories. We present a solution based on transforming ${\mathrm{LTL}}_T$ specifications into purely Boolean specifications by (1) substituting theory literals by Boolean variables, and (2) computing an additional Boolean formula that captures the dependencies between the new variables imposed by the literals. We prove that the resulting specification is realizable if and only if the original specification is realizable. Moreover, the resulting specification can be passed to existing Boolean off-the-shelf synthesis and realizability tools, which can handle only Boolean LTL specifications.

A second contribution is to prove that ${\mathrm{LTL}}_T$ realizability of theories with a decidable ${\exists }^{⁎}{\forall }^{⁎}$ fragment is decidable for all combinations of LTL temporal modalities. We present a simple version of our method, which relies on SMT solving, and performs a brute-force search to construct the “extra requirement”. A third contribution is an algorithm that checks whether a candidate is a correct Booleanization in non-Boolean LTL realizability.

In his book A practical theory of programming [10], [12], Eric Hehner proposes and applies a radical reformulation of set theory in which the collection and packaging of elements are seen as separate activities. This provides for unpackaged collections, referred to as “bunches”. Bunches allow us to reason about non-determinism at the level of terms, and, very remarkably, allow us to reason about the conceptual entity “nothing”, which is just an empty bunch (and very different from an empty set). This eliminates mathematical “gaps” caused by undefined terms. We have made use of bunches in a number of papers that develop a refinement calculus for backtracking programs. We formulate our bunch theory as an extension of the set theory used in the B-Method, and provide a denotational model to give this formulation a sound mathematical basis. We replace the classical logic that underpins B with a version that is still able to prove the laws of our logic toolkit, but is unable to prove the property, derivable in classical logic, that every term denotes an element, which for us is pathological since we hold that terms such as 1/0 simply denote “nothing”. This change facilitates our ability to reason about partial functions and backtracking programs. We include a section on our backtracking program calculus, showing how it is derived from WP and how bunch theory simplifies its formulation. We illustrate its use with two small case studies.

We discuss two extensions to a recently introduced theory of arrays, which are based on considerations coming from the model theory of power structures. First, we discuss how the ordering relation on the index set can be expressed succinctly by referring to arbitrary Venn regions. Second, we show how to add general aggregators to the calculus. The result is a logic that subsumes four previous fragments discussed in the literature and is distinct from array fold logic, in that it can express summations, while its satisfiability problem remains in non-deterministic polynomial time.

Binary multirelations allow modelling alternating nondeterminism, for instance, in games or nondeterministically evolving systems interacting with an environment. Such systems can show partial or total functional behaviour at both levels of alternation, so that nondeterministic behaviour may occur only at one level or both levels, or not at all. We study classes of inner and outer partial and total functional multirelations in a multirelational language based on relation algebra and power allegories. While it is known that general multirelations do not form a category, we show in the multirelational language that the classes of deterministic multirelations mentioned form categories with respect to Peleg composition from concurrent dynamic logic, and sometimes quantaloids. Some of these categories are isomorphic to the category of binary relations. We also introduce determinisation maps that approximate multirelations either by binary relations or by deterministic multirelations. Such maps are useful for defining modal operators on multirelations.