A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2006; you can also visit the original URL.
The file type is
This paper presents a new distributed process calculus, called the M-calculus, that can be understood as a higher-order version of the Distributed Join calculus with programmable localities. The calculus retains the implementable character of the Distributed Join calculus while overcoming several important limitations: insufficient control over communication and mobility, absence of dynamic binding, and limited locality semantics. The calculus is equipped with a polymorphic type system thatdoi:10.1145/640128.604136 fatcat:x64e2vf32raitowi3fhdlec534
more »... antees the unicity of locality names, even in presence of higher-order communications -a crucial property for the determinacy of message routing in the calculus.
Lecture Notes in Computer Science
We consider a recent publication on higher-order process calculi  and describe how its main results have been formalized in the Coq proof assistant. We highlight a number of important technical issues that we have uncovered in the original publication. We believe that these issues are not unique to the paper under consideration and require particular care to be avoided.doi:10.1007/978-3-319-22102-1_19 fatcat:3gwgchwquradjin6nmnvwn6eo4
A lens is a bidirectional program. When read from left to right, it denotes an ordinary function that maps inputs to outputs. When read from right to left, it denotes an "update translator" that takes an input together with an updated output and produces a new input that reflects the update. Many variants of this idea have been explored in the literature, but none deal fully with ordered data. If, for example, an update changes the order of a list in the output, the items in the output list anddoi:10.1145/1328897.1328487 fatcat:oz4kl32scnfajgenf7p3tysgwa
more »... the chunks of the input that generated them can be misaligned, leading to lost or corrupted data. We attack this problem in the context of bidirectional transformations over strings, the primordial ordered data type. We first propose a collection of bidirectional string lens combinators, based on familiar operations on regular transducers (union, concatenation, Kleene-star) and with a type system based on regular expressions. We then design a new semantic space of dictionary lenses, enriching the lenses of Foster et al. (2007b) with support for two additional combinators for marking "reorderable chunks" and their keys. To demonstrate the effectiveness of these primitives, we describe the design and implementation of Boomerang, a full-blown bidirectional programming language with dictionary lenses at its core. We have used Boomerang to build transformers for complex real-world data formats including the SwissProt genomic database. We formalize the essential property of resourcefulness-the correct use of keys to associate chunks in the input and output-by defining a refined semantic space of quasi-oblivious lenses. Several previously studied properties of lenses turn out to have compact characterizations in this space. (the default year range 0000-0000 is generated by the del lens in comp from the regular expression YEARS). Problems with Order On other examples, however, the behavior of this put function is highly unsatisfactory. If the update to the abstract string breaks the positional association between lines in the concrete and abstract strings, the output will be mangled-e.g., when the update to the abstract string is a reordering, combining
Current issues in linguistic theory
(For a more detailed discussion of Chierchia's system, see Schmitt and Munn 1999 .) ... Schmitt and Munn 1999 showed that Brazilian Portuguese disconfirms the first prediction. ...doi:10.1075/cilt.220.16mun fatcat:45szq3qxsfgbpfr23tyrv54b7u
We show how to use Howe's method to prove that context bisimilarity is a congruence for process calculi equipped with their usual semantics. We apply the method to two extensions of HOπ, with passivation and with join patterns, illustrating different proof techniques.doi:10.4230/lipics.concur.2015.212 dblp:conf/concur/LengletS15 fatcat:2rkcun6aozfdrk5hheno7ehwzq
Lecture Notes in Computer Science
Concurrent reversibility has been studied in different areas, such as biological or dependable distributed systems. However, only "rigid" reversibility has been considered, allowing to go back to a past state and restart the exact same computation, possibly leading to divergence. In this paper, we present croll-π, a concurrent calculus featuring flexible reversibility, allowing the specification of alternatives to a computation to be used upon rollback. Alternatives in croll-π are attached todoi:10.1007/978-3-642-37036-6_21 fatcat:tp2wbjgupbfodkhz37oxwfjv54
more »... ssages. We show the robustness of this mechanism by encoding more complex idioms for specifying flexible reversibility, and we illustrate the benefits of our approach by encoding a calculus of communicating transactions.
blow-ups of expression sizes  .INRIAinria-00305302, version 3 -24 Jul 2008Efficient Static Analysis of XML Paths and Types RR n°6590inria-00305302, version 3 -24 Jul 2008 Genevès, Layaïda & Schmitt ...doi:10.1145/1273442.1250773 fatcat:gx4nfskx2beetltnec7oejgs5y
Behavioral theory for higher-order process calculi is less well developed than for first-order ones such as the π-calculus. In particular, effective coinductive characterizations of barbed congruence, such as the notion of normal bisimulation developed by Sangiorgi for the higherorder π-calculus, are difficult to obtain. In this paper, we study bisimulations in two simple higher-order calculi with a passivation operator, that allows the interruption and thunkification of a running process. Wedoi:10.1007/978-3-642-00596-1_19 fatcat:wlxv6fozuzfbpozyzs3nlvncny
more »... velop a normal bisimulation that characterizes barbed congruence, in the strong and weak cases, for the first calculus which has no name restriction operator. We then show that this result does not hold in the calculus extended with name restriction.
We show how to apply Howe's method for the proof of congruence of early bisimilarities in a higher-order process calculus with passivation. This involves the introduction of a proof technique based on a new kind of transition system and bisimilarity, called complementary semantics. We show that complementary semantics is equivalent to contextual semantics, originally introduced by Sangiorgi, that relies on classical transition systems for higher-order calculi and context bisimilarity. We applydoi:10.1007/978-3-642-04081-8_30 fatcat:e7lqqt5sufgrza3gvbmstweyhi
more »... his technique to obtain the first characterization of weak barbed congruence for such a higher-order calculus with passivation.
Building complex component-based software systems, for instance communication systems based on the Click, Coyote, Appia, or Dream frameworks, can lead to subtle assemblage errors. We present a novel type system and type inference algorithm that prevent interconnection and message-handling errors when assembling component-based communication systems. These errors are typically not captured by classical type systems of host programming languages such as Java or ML. We have implemented ourdoi:10.1007/978-3-642-02138-1_11 fatcat:6p42x5wh35h3rgzffauvuc2nya
more »... by extending the architecture description language (ADL) toolset used by the Dream framework, and used it to check Dream-based communication systems. Introduction Building software systems from components has many benefits , including easier maintenance and evolution. However, component-based systems are not exempt from subtle assemblage errors that are not captured by the type systems provided with the implementation languages. These errors are hard to catch because they may be purely an artifact of a faulty assemblage, and thus may arise even if individual components and their interconnections are correct. As noted in  , this is for instance the case with data manipulation errors. These errors may occur when handling protocol data units in a communication stack built from components or micro-protocols with frameworks like Appia , Click , Coyote , Dream , or Ensemble . Dealing with assemblage errors in system software and communication systems has already been approached in five main ways. The first one uses theorem proving to check the expected properties of an assemblage on a formal specification of the behavior of individual components and of the assemblage, as in Ensemble  . The second approach uses an architecture description language (ADL) to specify component behaviors and assemblage constraints, typically component dependencies, and to automatically verify the assemblage consistency, as in Aster  , Knit , or Plastik . The third approach relies on type systems for interaction contracts, as in the Singularity system  or in web service workflows  . The fourth approach uses model checking to verify the expected properties of a formally specified assemblage, as in the Vercors system  . A fifth approach relies on property-preserving composition, as described in  , where it is applied to deadlock-free assemblages. The theorem-proving approach is comprehensive and can address arbitrary properties, but it requires theorem-proving expertise, which is not readily available for systems programmers. The ADL approach is more automatic, but it typically supports a limited set of architectural constraints, and a limited set of behavioral checks that fail to address subtler run-time errors such as data manipulation errors. The type-system approach can be made entirely automatic if type inference is decidable, but the type systems devised so far fail to deal with the data handling errors we consider in this paper. The model-checking approach is automatic, but may require considerable expertise in the property language used, again not necessarily available for systems programmers. The property-preserving composition approach also can be made entirely automatic, for instance using model checking techniques, but to this date does not readily apply to the data handling errors we consider. We thus propose an extension of the ADL approach with a type analysis devised to deal with a class of data manipulation errors that occur in ill-formed communication systems assemblages. More specifically, our approach involves: (i) the definition of a simple process calculus that allows to specify an operational model of a component assemblage (where program execution is abstracted by a reduction relation); (ii) the definition of a type system, that operates on programs abstracted as terms of the process calculus, and that ensures that typable assemblages do not exhibit the targeted class of errors; (iii) an extension of the target ADL to allow architecture descriptions with process annotations characterizing the abstract behavior of selected components; (iv) the addition of a type analyzer in the ADL assembly toolchain to statically verify component assemblages. Technically, the paper makes two main contributions: (i) we define a novel type system, which combines rows  with process types [36, 25] , to track message flows in component assemblages; (ii) we define a total type inference algorithm for automatically checking annotated component assemblages. Outline. The paper is organized as follows. Section 2 details the assemblage verification we target. Section 3 presents the calculus and Section 4 the type system that we use to abstract the behavior of communication components and to characterize them. Section 5 discusses type inference and its implementation in actual assemblage tool chains. Section 6 discusses related work and Section 7 concludes the paper. Assemblages in Dream To explain the assemblage verifications we target in this paper, we use the example of the Dream framework, which we now briefly present. Dream is a component-based framework, written in Java, designed for the construction of communication systems (protocol stacks, communication subsystems of middleware for distributed execution). It is built on top of the Java implementation of the Fractal component model  .
Lecture Notes in Computer Science
We present a first distributed implementation of the Cardelli-Gordon's ambient calculus. We use Jocaml as an implementation language and we present a formal translation of Ambients into the distributed join calculus, the process calculus associated with Jocaml. We prove the correctness of the translation.doi:10.1007/3-540-44929-9_26 fatcat:hnwc7py5mfhotlcgpg2bc7sza4
We study the problem of characterizing contextual equivalence in higher-order languages with passivation. To overcome the difficulties arising in the proof of congruence of candidate bisimilarities, we introduce a new form of labeled transition semantics together with its associated notion of bisimulation, which we call complementary semantics. Complementary semantics allows to apply the well-known Howe's method for proving the congruence of bisimilarities in a higher-order setting, even in thedoi:10.1016/j.ic.2011.08.002 fatcat:gkpm2qyasjhg3eusoq7cnvpfxy
more »... presence of an early form of bisimulation. We use complementary semantics to provide a coinductive characterization of contextual equivalence in the HOπ P calculus, an extension of the higher-order π -calculus with passivation, obtaining the first result of this kind. We then study the problem of defining a more effective variant of bisimilarity that still characterizes contextual equivalence, along the lines of Sangiorgi's notion of normal bisimilarity. We provide partial results on this difficult problem: we show that a large class of test processes cannot be used to derive a normal bisimilarity in HOπ P, but we show that a form of normal bisimilarity can be defined for HOπ P without restriction. 1391 The situation is less satisfactory for higher-order concurrent languages. Bisimilarity relations that coincide with barbed congruence have only been given for some higher-order concurrent languages. They usually take the form of context bisimilarities, building on a notion of context bisimulation introduced by D. Sangiorgi for a higher-order π -calculus, HOπ  . Context bisimilarity has been proven to coincide with contextual equivalence for higher-order variants of the π -calculus: Sangiorgi's HOπ [36,37,20], a concurrent ML with local names , a higher-order distributed π -calculus called SafeDpi , Mobile Ambients , and some of Mobile Ambients's variants such as Boxed Ambients . A sound but incomplete form of context bisimilarity has been proposed for the Seal calculus . For the Homer calculus  , strong context bisimilarity is proven sound and complete, but weak context bisimilarity is not complete. A sound and complete context bisimilarity has been defined for the Kell calculus  , but for the strong case only. Context bisimilarity is not entirely satisfactory, however. Its definition still involves quantification on processes (or on abstractions and concretions, following Milner's terminology  , that can be understood, respectively, as receiving processes and emitting processes). 1 For this reason, Sangiorgi has introduced in his study of HOπ  an alternative form of bisimulation, called normal bisimulation, that replaces the universal quantification on processes in the input and output clauses in the definition of context bisimulation with a single test process. 2 To the best of our knowledge, the only higher-order concurrent language for which normal bisimilarity has been defined and proved to coincide with context bisimilarity is HOπ and its typed variant [36, 37, 20] . Process calculi with passivation The difficulties in characterizing contextual equivalence are particularly acute in calculi featuring process passivation, such as the Homer calculus, the Kell calculus, and, to some extent, the Seal calculus. Let us motivate first our interest in higher-order languages with strong process mobility and process passivation. Strong process mobility refers to the possibility of moving a running process from one locus of computation (or locality) to another. This feature typically occurs in languages or calculi intended for distributed programming such as the Join calculus , Mobile Ambients , or Nomadic Pict  . Process passivation refers to the ability to suspend the execution of a named running process and to pass around the suspended process, typically as a higher-order parameter in messages. This capability is featured in the Homer calculus  , the M-calculus  , and the Kell calculus  . Passivation actually subsumes strong mobility, as discussed in  , since strong mobility amounts to a sequence of passivation, transfer of the suspended process between localities, and reactivation. Strong mobility is a linear operation that moves a computation from one locality to another, whereas passivation may be non-linear: a passivated process can be reactivated several times. The Seal calculus  provides an intermediate form, with a combined migrate and replicate (and hence non-linear) operation. Strong mobility is one of several paradigms for mobile code. It has been introduced as a primary feature in several languages, including Obliq , Nomadic Pict , and JoCaml  . It potentially allows interesting performance and design trade-offs [9, 13] , and its use can be compelling in certain application areas such as network and distributed system management  . Process passivation provides basic support for dynamic reconfiguration: with passivation, named parts of a system can be replaced during execution. Dynamic reconfiguration is useful to support patches and system updates while limiting system downtime and increasing availability; to support fault recovery and fault tolerance by providing a basic mechanism for checkpointing computations and replicating them; and to support adaptive behaviors, whereby a system changes its configuration to adapt to varying operating conditions, with the aim of improving performance and/or dependability. A form of process passivation has been introduced in the Acute programming language  for the same reasons. There, it is called thunkification and applies to designated groups of threads. In this paper, we work with the HOπ P calculus, a minimal extension of HOπ with passivation. An example of process passivation in HOπ P is given by the following reduction: where a[P ] is a locality named a that contains a process P , and a( X)Q is a receiver process. The passivation above removes the locality a, and passes process P as an argument to the receiver process a( X)Q . A locality a[ ] is an execution context and is transparent: if P can evolve into P (i.e., P −→ P ), then we have a[P ] −→ a[P ]. Also, if P can emit a message, then 1 Despite this quantification on processes, the use of context bisimulation as a proof technique is still an improvement over the direct use of barbed congruence, as argued in  . Removing this quantification would pave the way to automated proof support. 2 For instance, the definition of an early strong contextual bisimulation R in HOπ has the following input clause:
Quasometry is precision measurement of celestial positions and apparent motion of very distant extragalactic objects, such as quasars, galactic nuclei, and QSOs. We use this term to identify a specific area of research, the methodology of which differs from that of general astrometry. The main purpose of quasometry is to link the sub-milliarcsecond radio frame (ICRF) with the existing and emerging optical reference frames of similar accuracy, constructed by astrometric satellites. Some of thearXiv:1202.5283v1 fatcat:iq6nk3a32nbf7ooa6z2ujysgdi
more »... in difficulties in achieving this goal are discussed, e.g., the extended structures of quasar hosts, apparent motion on the sky, optical variability, galactic companions, faintness. Besides the strategic purpose, quasometry is undoubtedly useful for global astrometric surveys, as it helps to verify or even correct the resulting reference frames. There are two options of using measurements of distant quasars in a global astrometric solution: 1) hard constraints embedded in the fabric of observational equations; 2) a posteriori fitting of zonal errors. The relative benefits and shortcoming of the two options are reviewed. A relatively small set of about 200 carefully selected reference quasars can go a long way in improving the astrometric value of a space mission, if they are sufficiently bright, stable, fairly uniformly distributed on the sky, and are defining sources in the ICRF. We present an ongoing program at the USNO to construct a quality set of optical quasars with the required properties and to enhance the ICRF with new sources in the areas where known, well-observed quasars are scarce.
Lecture Notes in Computer Science
Philippe Bidinger, Alan Schmitt, and Jean-Bernard Stefani Note that the Channel Ambient abstract machine presented in  assumes that ambients may synchronize, for instance to run an in primitive ...doi:10.1007/11494881_3 fatcat:y7zrjbkdfve77jtfvxvplbygsq
« Previous Showing results 1 — 15 out of 7,991 results