Journal of Logical and Algebraic Methods in Programming最新文献

Session types are a well-established approach to communication correctness in message-passing processes. Widely studied from a process calculi perspective, here we pursue an unexplored strand and investigate the use of the Maude system for implementing session-typed process languages and reasoning about session-typed process specifications.

We present four technical contributions. First, we develop and implement in Maude an executable specification of the operational semantics of a session-typed π-calculus by Vasconcelos. Second, we also develop an executable specification of its associated algorithmic type checking, and describe how both specifications can be integrated. Third, we show that our executable specification can be coupled with reachability and model checking tools in Maude to detect well-typed but deadlocked processes. Finally, we demonstrate the robustness of our approach by adapting it to a higher-order session π-calculus, in which exchanged values include names but also abstractions (functions from names to processes).

All in all, our contributions define a promising new approach to the (semi)automated analysis of communication correctness in message-passing concurrency.

Switch graphs are graph-like structures characterized by embedding higher-level edges (edges that link to other edges) to describe reactive phenomena. When an edge of such structure is traversed, the accessibility relation of this graph can be changed by adding/removing edges. Relation-changing models have been used to represent phenomena in diverse fields (from Biology to Computer Science) and some modal languages were introduced recently. In this paper we introduce four-valued local information in switch graphs, and propose a paraconsistent logic to study these systems.

With the incresasing importance of program verification, an issue that has been receiving more attention is the certification of verification tools, addressing the vernacular question: “Who verifies the verifier?”. In this paper we approach this meta-verification problem by focusing on a fundamental component of program verifiers: the “Verification Conditions Generator” (VCGen), responsible for producing a set of proof obligations from a program and a specification. The semantic foundations of VCGens lie in program logics, such as Hoare logic, Dynamic logic, or Separation logic, and related predicate transformers.

Dynamic logic is the basis of the KeY system, one of the foremost deductive verifiers, whose logic makes use of the notion of update, which is quite intricate to formalize. In this paper we derive systematically, based on a KeY-style dynamic logic, a correct-by-construction VCGen for a toy programming language. Our workflow covers the entire process, from the logic to the VCGen. It is implemented in the Why3 tool, which is itself a program verifier. We prove the soundness and (an appropriate notion of) completeness of the logic, then define a VCGen for our language and establish its soundness.

Dynamic logic is one of a variety of research topics that our dear friend and colleague Luís Soares Barbosa has, over the years, initiated and promoted at the University of Minho. It is a pleasure for us to dedicate this work to him on the occasion of his 60th birthday.

A monolithic process is a single recursive equation with data parameters, which only uses non-determinism, action prefixing, and recursion. We present a technique that decomposes such a monolithic process into multiple processes where each process defines behaviour for a subset of the parameters of the monolithic process. For this decomposition we can show that a composition of these processes is strongly bisimilar to the monolithic process under a suitable synchronisation context. Minimising the resulting processes before determining their composition can be used to derive a state space that is smaller than the one obtained by a monolithic exploration. We apply the decomposition technique to several specifications to show that this works in practice. Finally, we prove that state invariants can be used to further improve the effectiveness of this decomposition technique.

This work aims to provide a general mechanism for safety enforcement in rewriting logic computations. Our technique relies on an assertion-guided model transformation that leverages the newly defined Maude strategy language for ensuring rich safety policies in non-deterministic programs. The transformed system is guaranteed to comply with user-defined invariants that are expressed in a strategy-based, pattern-matching logic, thus preventing the concurrent system to reach any unsafe states. The performance and scalability of the technique is empirically evaluated and benchmarked on a set of realistic programs.

We aim to reason about the correctness of behaviour-preserving transformations of Erlang programs. Behaviour preservation is characterised by semantic equivalence. Based upon our existing formal semantics for Core Erlang, we investigate potential definitions of suitable equivalence relations. In particular we adapt a number of existing approaches of expression equivalence to a simple functional programming language that carries the main features of sequential Core Erlang; we then examine the properties of the equivalence relations and formally establish connections between them. The results presented in this paper, including all theorems and their proofs, have been machine checked using the Coq proof assistant.

Component based software engineering (CBSE) is a methodology that aims to design and build software systems by assembling together reusable and loosely coupled components. Applying CBSE in a distributed setting is appealing but challenging: distributed applications require different remote components to interact following a well-defined protocol. In this paper we consider a model for message passing component-based systems where components are assembled together with a protocol, and are reactive to messages in a flexible way. We propose a type language that allows capturing component reactive behaviour and checking its compatibility with the protocol. Moreover, we show the correspondence of component and type behaviours, which entails a progress property for components.

The Robot Operating System (ROS) is a framework for building robust software for complex robot systems in several domains. The Navigation Stack stands out among the different libraries available in ROS, providing a set of components that can be reused to build robots with autonomous navigation capabilities. This library is a critical component, as navigation failures could have catastrophic consequences for applications like self-driving cars where safety is crucial.

Here we devise a general methodology for verifying this kind of complex systems by specifying them in different executable specification languages with verification support and validating the equivalence between the specifications and the original system using differential testing techniques. The complex system can then be indirectly analyzed using the verification tools of the specification languages like model checking, semi-automated functional verification based on Hoare logic, and other formal techniques. In this paper we apply this verification methodology to the NavFn planner, which is the main planner component of the Navigation Stack of ROS, using Maude and Dafny as specification languages. We have formally proved several desirable properties of this planner algorithm like the absence of obstacles in the planned path. Moreover, we have found counterexamples for other concerns like the optimality of the path cost.

With the continuous development of information technology, software vulnerabilities have become a critical threat to information security. Post-release detection of memory leaks, double free and use after free is one of the most challenging research problems in software vulnerability analysis. To tackle this challenge, we introduce a vulnerability model based on Petri Net. We consider the characteristics and causes of vulnerabilities, modeling is conducted from the subject and environment of vulnerabilities. Based on this vulnerability model, we propose a memory-related vulnerability detection framework based on vulnerability model (MRVD-VM) and its vulnerability detection algorithm based on vulnerability mode (VDA-VM). The results of experiments on Juliet Test Suite 1.2 for C_CPP show that MRVD-VM significantly outperforms three state-of-the-art baseline tools, including Cppcheck, Flawfinder, and Splint, in detecting memory leaks, double free and use after free.

Several notions of synchronisation in concurrent systems can be modelled by regular shuffle operators. In this paper we consider regular expressions extended with three operators corresponding respectively to strong, arbitrary, and weak synchronisation. For these expressions, we define a location based position automaton. Furthermore, we show that the partial derivative automaton is still a quotient of the position automaton.