dependently typed programming with domain specific logics
play

Dependently Typed Programming with Domain-Specific Logics Dan - PowerPoint PPT Presentation

May 08, 2023 •302 likes •985 views

Dependently Typed Programming with Domain-Specific Logics Dan Licata Thesis Committee: Robert Harper Karl Crary Frank Pfenning Greg Morrisett, Harvard 1 Domain-specific logics Type systems for reasoning about a specific application

  1. Dependently Typed Programming with Domain-Specific Logics Dan Licata Thesis Committee: Robert Harper Karl Crary Frank Pfenning Greg Morrisett, Harvard 1

  2. Domain-specific logics Type systems for reasoning about a specific application domain/programming style: Cryptol: cryptographic protocols Ynot/HTT: imperative code Aura and PCML5: access to controlled resources 2

  3. Domain-specific logics Type systems for reasoning about a specific application domain/programming style: Cryptol: cryptographic protocols Ynot/HTT: imperative code Aura and PCML5: access to controlled resources 3

  4. Cryptol Track length in type swab : Word 32 → Word 32 swab [a b c d] = [b a c d] Pattern-match as four Word 8’s 4

  5. Cryptol swab : Word 32 → Word 32 swab [a b c d] = [b c d] 5

  6. Cryptol swab : Word 32 → Word 32 swab [a b c d] = [b c d] Type error! 5

  7. Domain-specific logics Type systems for reasoning about a specific application domain/programming style: Cryptol: cryptographic protocols Ynot/HTT: imperative code Aura and PCML5: access to controlled resources 6

  8. Ynot Start with lax modality for mutable state: OA Index with pre/postconditions: ST P A Q Postconditon: Precondition: Π a:A, initial: heap, final:heap. prop heap → prop 7

  9. Ynot 8

  10. Domain-specific logics Type systems for reasoning about a specific application domain/programming style: Cryptol: cryptographic protocols Ynot/HTT: imperative code Aura and PCML5: access control 9

  11. Security-typed PL Authorization logic [Garg + Pfenning]: Resources (F): files, database entries, … Principals (K): users, programs, … Permissions: K mayread F , … Statements by principals: K says A, … Proofs 10

  12. Security-typed PL Principals and resources: sort : type. princ : sort. res : sort. term : sort -> type. admin : term princ. dan : term princ. bob : term princ. 11

  13. Security-typed PL Permissions: aprop : type. owns : term princ -> term res -> aprop. mayrd : term princ -> term res -> aprop. maywt : term princ -> term res -> aprop. 12

  14. Security-typed PL Propositions: prop : type. atom : aprop -> prop. implies : prop -> prop -> prop. says : term princ -> prop -> prop. all : (term S -> prop) -> prop. HOAS 13

  15. Security-typed PL Judgements: Γ ⇒ (A true) and Γ ⇒ (K affirms A) conc : type. A true true : prop -> conc. affirms : term princ -> prop -> conc. K affirms A 14

  16. Security-typed PL Judgements: hyp : prop -> type. |- : conc -> type. Sequent A1 … An ⇒ C A true or K affirms A represented by A1 hyp -> … -> An hyp -> |- C 15

  17. Security-typed PL Proofs: saysr : |- (K says A) true <- |- K affirms A. saysl : ((K says A) hyp -> |- K affirms C) <- (A hyp -> |- K affirms C). 16

  18. Security-typed PL Policy: ownsplan : (atom (dan owns /home/dan/plan)) hyp. danplan : (dan says (all [p] atom (p mayrd /home/dan/plan))) hyp. 17

  19. Security-typed PL Access controlled-primitives: read : ∀ r:term res. ∀ D : |- (atom (self mayrd r)) true. string need a proof of authorization to call read! 18

  20. Security-typed PL Compute with derivations: Policy analysis Auditing: log cut-full proofs; eliminate cuts to see who to blame [Vaughn+08] 19

  21. Domain-specific logics Type systems for reasoning about a specific application domain/programming style: Cryptol: cryptographic protocols Ynot/HTT: imperative code Aura and PCML5: access control 20

  22. Domain-specific logics How are they implemented? Cryptol: stand-alone Ynot/HTT: extension of Coq Aura and PCML5: stand-alone 21

  23. Problems Engineer compiler, libraries, documentation Train/convince programmers Hard to use multiple DSLs in one program Programmer can’t pick the appropriate abstraction 22

  24. This work A host language that makes it easy to: Represent domain-specific logics Reason about them (mechanized metatheory) Use them to reason about code (certified software) 23

  25. Ingredients + • functional programming • binding and scope • effects: state, exceptions, ... • dependent types • polymorphism and modules • total programming 24

  26. Thesis contributions Previous work [LICS08]: Integration of binding and computation using higher-order focusing 25

  27. Thesis contributions Proposed work: Theory Practice • Dependency • Meta-functions • Effects • Term reconstruction • Modules 26

  28. Outline Previous work Proposed work Related work 27

  29. Outline Previous work Proposed work Related work 28

  30. Polarity [Girard ’93] Sums A + B are positive: Introduced by choosing inl or inr Eliminated by pattern-matching ML functions A → B are negative: Introduced by pattern-matching on A Eliminated by choosing an A to apply to 29

  31. Focusing [Andreoli ’92] Sums A + B are positive: Introduced by choosing inl or inr Eliminated by pattern-matching ML functions A → B are negative: Introduced by pattern-matching on A Eliminated by choosing an A to apply to 30

  32. Focusing [Andreoli ’92] Sums A + B are positive: Focus = make choices Introduced by choosing inl or inr Eliminated by pattern-matching ML functions A → B are negative: Introduced by pattern-matching on A Eliminated by choosing an A to apply to 30

  33. Focusing [Andreoli ’92] Sums A + B are positive: Introduced by choosing inl or inr Eliminated by pattern-matching ML functions A → B are negative: Introduced by pattern-matching on A Eliminated by choosing an A to apply to 31

  34. Focusing [Andreoli ’92] Sums A + B are positive: Inversion = respond to all Introduced by choosing inl or inr possible choices Eliminated by pattern-matching ML functions A → B are negative: Introduced by pattern-matching on A Eliminated by choosing an A to apply to 31

  35. Binding + computation 1. Computation: negative function space (A → B) 2. Binding: positive function space (P ⇒ A) Specified by intro λ u.V Eliminated by pattern-matching 32

  36. Arithmetic expressions Arithmetic expressions with let-binding: let x be (const 4) in (plus x x) e ::= const n | let x be e1 in e2 | plus e1 e2 | times e1 e2 | sub e1 e2 | mod e1 e2 | div e1 e2 33

  37. Arithmetic expressions Arithmetic expressions with let-binding: let x be (const 4) in (plus x x) e ::= const n | let x be e1 in e2 | plus e1 e2 | times e1 e2 | sub e1 e2 Suppose we want | mod e1 e2 to treat binops | div e1 e2 uniformly… 33

  38. Arithmetic expressions Arithmetic expressions with let-binding e ::= const n | let x be e1 in e2 | binop e1 φ e2 where φ : (nat → nat → nat) is the code for the binop. 34

  39. Arithmetic expressions const : nat ⇒ exp let : exp ⇒ (exp ⇒ exp) ⇒ exp binop : exp ⇒ (nat → nat → nat) ⇒ exp ⇒ exp let x be (const 4) in (x + x) represented by let (const 4) ( λ x.binop x add x) where add:(nat → nat → nat) is the code for addition 35

  40. Structural properties Identity, weakening, exchange, contraction, substitution, subordination-based strengthening Free in LF May fail when rules use computation 36

  41. Weakening Can’t necessarily go from proof by induction f : nat → nat to extends nat with new datatype constructor (weaken f) : nat ⇒ (nat → nat) doesn’t have a case for the new variable! 37

  42. Structural properties Our solution: λ x.V eliminated by pattern-matching: Nothing forces ⇒ to be structural But structural props may be implemented generically for a wide class of rule systems 38

  43. Structural properties const : nat ⇒ exp let : exp ⇒ (exp ⇒ exp) ⇒ exp binop : exp ⇒ (nat → nat → nat) ⇒ exp ⇒ exp Can’t weaken exp with nat: could need new case for → in a binop Can weaken exp with exp: doesn’t appear to left of → 39

  44. Higher-order focusing Zeilberger’s higher-order focusing: Specify types by their patterns Type-independent focusing framework Focus phase = choose a pattern Inversion phase = pattern-matching 40

  45. Higher-order focusing Zeilberger’s higher-order focusing: Inversion = pattern-matching is open-ended Represented by meta-level functions from patterns to expressions Use datatype-generic programming to implement structural properties! 41

  46. Higher-order focusing Pattern-bound Inference rule context: variables let : exp ⇒ (exp ⇒ exp) ⇒ exp, ... 42

  47. Higher-order focusing 43

  48. Higher-order focusing 44

  49. Higher-order focusing Inversion = pattern-matching: (case (e : < Ψ > A) of φ ) : C φ : Function from ( Δ ; Ψ ⊩ p :: A) to expressions of type C in Δ Infinitary: when A is nat, one case for each numeral 45

  50. Outline Previous work Proposed work Related work 46

  51. Proposed work Theory Practice • Dependency • Meta-functions • Effects • Term reconstruction • Modules 47

  52. Proposed work Theory Practice • Dependency • Meta-functions • Effects • Term reconstruction • Modules 48

  53. Dependency Three levels of ambitiousness Dependency on LF Dependency on positive data Dependency on negative computation, too 49

Recommend

Security-Typed Programming within Dependently-Typed Programming Dan Licata Joint work with

Security-Typed Programming within Dependently-Typed Programming Dan Licata Joint work with

Security-Typed Programming within Dependently-Typed Programming Dan Licata Joint work with Jamie Morgenstern Carnegie Mellon University Security-Typed Programming Access control: who gets access to what? read a file play a song make an

860 views • 62 slides
Security-Typed Programming within Dependently-Typed Programming Dan Licata Joint work with

Security-Typed Programming within Dependently-Typed Programming Dan Licata Joint work with

Security-Typed Programming within Dependently-Typed Programming Dan Licata Joint work with Jamie Morgenstern Carnegie Mellon University Supported by NSF CCF-0702381 and CNS-0716469 Security-Typed Programming Access control: who gets access

1.06k views • 79 slides
Positively Dependent Types Dan Licata and Robert Harper Carnegie Mellon University 1 Dans

Positively Dependent Types Dan Licata and Robert Harper Carnegie Mellon University 1 Dans

Positively Dependent Types Dan Licata and Robert Harper Carnegie Mellon University 1 Dans thesis New dependently typed programming language for programming with binding and scope Applications: Domain-specific logics for reasoning about

809 views • 67 slides
Generic Programming in a Dependently Typed Language Generic proofs for generic programs Peter

Generic Programming in a Dependently Typed Language Generic proofs for generic programs Peter

Generic Programming in a Dependently Typed Language Generic proofs for generic programs Peter Morris pwm@cs.nott.ac.uk University of Nottingham Generic Programming in a Dependently Typed Language p. 1/12 This talk We introduce a

599 views • 45 slides
Super advanced functional programming Or: dependently-typed programming in Agda Dr. Dominic

Super advanced functional programming Or: dependently-typed programming in Agda Dr. Dominic

Super advanced functional programming Or: dependently-typed programming in Agda Dr. Dominic Mulligan Programming, Logic, and Semantics Group, University of Cambridge Part III, Advanced Functional Programming, March 2017 1 System F Very

130 views • 9 slides
LEARN DEPENDENTLY- TYPED PROGRAMMING WITH IDRIS WHO I AM @puffnfresh Tiny contributor to

LEARN DEPENDENTLY- TYPED PROGRAMMING WITH IDRIS WHO I AM @puffnfresh Tiny contributor to

LEARN DEPENDENTLY- TYPED PROGRAMMING WITH IDRIS WHO I AM @puffnfresh Tiny contributor to Idris (18 commits) Played with dependent types for 2 years Been doing Idris for 6 months ASSUMPTIONS Small experience with Haskell

739 views • 39 slides
Dependently Typed Programming with Finite Sets Denis Firsov and Tarmo Uustalu Institute of

Dependently Typed Programming with Finite Sets Denis Firsov and Tarmo Uustalu Institute of

Dependently Typed Programming with Finite Sets Denis Firsov and Tarmo Uustalu Institute of Cybernetics at TUT November 13, 2015 1 / 67 Outline The problem and motivation Different notions of finiteness Pragmatic finite subsets Approaches to

860 views • 57 slides
Categories with Families Unityped, Simply Typed, Dependently Typed Peter Dybjer Chalmers

Categories with Families Unityped, Simply Typed, Dependently Typed Peter Dybjer Chalmers

Categories with Families Unityped, Simply Typed, Dependently Typed Peter Dybjer Chalmers tekniska hgskola joint work with Simon Castellan, Imperial College Pierre Clairambault, ENS Lyon TYPES 2019 Oslo, 11-14 June . . . . . . . .

140 views • 12 slides
Dependently-Typed Programming in Economic Modelling Cezar Ionescu (PIK) with Edwin Brady

Dependently-Typed Programming in Economic Modelling Cezar Ionescu (PIK) with Edwin Brady

DTP11, Nijmegen, 26-08-2011 Dependently-Typed Programming in Economic Modelling Cezar Ionescu (PIK) with Edwin Brady (University of St. Andrews) and members of the Cartesian Seminar at PIK DTP11, Nijmegen, 26-08-2011 PIK : Potsdam Institute

698 views • 22 slides
Dependently-typed Programming in Scientific Computing Cezar Ionescu (Potsdam Institute for

Dependently-typed Programming in Scientific Computing Cezar Ionescu (Potsdam Institute for

IFL 2012, Oxford, September 1st, 2012 Dependently-typed Programming in Scientific Computing Cezar Ionescu (Potsdam Institute for Climate Impact Research) and Patrik Jansson (Chalmers University of Technology) IFL 2012, Oxford, September 1st,

858 views • 59 slides
Scrapping Your Dependently- Typed Boilerplate is Hard Ahmad

Scrapping Your Dependently- Typed Boilerplate is Hard Ahmad

Scrapping Your Dependently- Typed Boilerplate is Hard Ahmad Salim Al-Sibahi Supervised by: Dr. Peter Sesto@ David R. ChrisCansen IT University of

422 views • 38 slides
A Dependently Typed Framework for Maintaining Invariants Lszl Nmeth Department of Computer

A Dependently Typed Framework for Maintaining Invariants Lszl Nmeth Department of Computer

A Dependently Typed Framework for Maintaining Invariants Lszl Nmeth Department of Computer Science Bilgi University, Istanbul TYPES06 - Nottingham Lszl Nmeth A Dependently Typed Framework for Maintaining Invariants

434 views • 11 slides
DSL Engineering with Sven Efftinge - itemis.com DOMAIN-SPECIFIC LANGUAGE A Domain Specific

DSL Engineering with Sven Efftinge - itemis.com DOMAIN-SPECIFIC LANGUAGE A Domain Specific

DSL Engineering with Sven Efftinge - itemis.com DOMAIN-SPECIFIC LANGUAGE A Domain Specific Language (DSL) is a computer programming language focused on a particular domain. Why DSLs? Software is eating the world! Abstractions!

581 views • 21 slides
A Translation-Based Animation of Specifications in a Dependently-Typed Lambda Calculus Mary

A Translation-Based Animation of Specifications in a Dependently-Typed Lambda Calculus Mary

A Translation-Based Animation of Specifications in a Dependently-Typed Lambda Calculus Mary Southern and Gopalan Nadathur Department of Computer Science and Engineering University of Minnesota Other Contributors: D. Baelde, Z. Snow The Context

417 views • 14 slides
Compiling Dependent Types Much recent focus on verified compilation of dependently typed

Compiling Dependent Types Much recent focus on verified compilation of dependently typed

CPS Translation of Dependent Types Amal Ahmed Northeastern University Work in progress, with Nick Rioux and William Bowman Compiling Dependent Types Much recent focus on verified compilation of dependently typed languages: Coqonut, CertiCoq

708 views • 44 slides
Dependently typed superposition in Lean Gabriel Ebner Matryoshka 2018 2018-06-27 TU Wien

Dependently typed superposition in Lean Gabriel Ebner Matryoshka 2018 2018-06-27 TU Wien

Dependently typed superposition in Lean Gabriel Ebner Matryoshka 2018 2018-06-27 TU Wien Introduction Calculus Implementation Conclusion 1 Lean Proof assistant based on dependent type theory terms, types, formulas, proofs are all

458 views • 33 slides
A Translation-Based Approach to Reasoning About Dependently Typed Specifications 1 Mary Southern

A Translation-Based Approach to Reasoning About Dependently Typed Specifications 1 Mary Southern

A Translation-Based Approach to Reasoning About Dependently Typed Specifications 1 Mary Southern Department of Computer Science and Engineering University of Minnesota Joint work with Kaustuv Chaudhuri, INRIA 1 Based on work which will be

571 views • 36 slides
Functional Programming WS 2019/20 Torsten Grust University of Tbingen 1 Domain-Specific

Functional Programming WS 2019/20 Torsten Grust University of Tbingen 1 Domain-Specific

Functional Programming WS 2019/20 Torsten Grust University of Tbingen 1 Domain-Specific Languages (DSLs) DSLs are small languages designed to easily and directly express the concepts/idioms of a specific domain. Not Turing complete in

616 views • 23 slides
A Logical Framework with Dependently Typed Records Thierry Coquand, Randy Pollack, Makoto

A Logical Framework with Dependently Typed Records Thierry Coquand, Randy Pollack, Makoto

A Logical Framework with Dependently Typed Records Thierry Coquand, Randy Pollack, Makoto Takeyama April 16, 2003 (809) A Logical Framework with Dependently Typed Records Thierry Coquand, Slide 1 Robert Pollack, Makoto Takeyama April 16,

363 views • 13 slides
Unifiers as Equivalences Proof-Relevant Unification of Dependently Typed Data Jesper Cockx

Unifiers as Equivalences Proof-Relevant Unification of Dependently Typed Data Jesper Cockx

Unifiers as Equivalences Proof-Relevant Unification of Dependently Typed Data Jesper Cockx Dominique Devriese Frank Piessens 20 September 2016 data Vec ( A : Set ) : N Set where [] : Vec A zero cons : ( n : N ) A Vec A n Vec A

876 views • 77 slides
Dependently Typed Heaps https://github.com/brunjlar/heap About Me Lars Brnjes (PhD) (Pure)

Dependently Typed Heaps https://github.com/brunjlar/heap About Me Lars Brnjes (PhD) (Pure)

Dependently Typed Heaps https://github.com/brunjlar/heap About Me Lars Brnjes (PhD) (Pure) Mathematician, Lead Software Architect based in Regensburg, Germany Email: brunjlar@gmail.com Github: https://github.com/brunjlar Agenda -

508 views • 22 slides
Domain-Specific Engineering of Domain-Specific Languages Rapha el Mannadiar and ,

Domain-Specific Engineering of Domain-Specific Languages Rapha el Mannadiar and ,

context and problem our example DSL foundations constructing DSLs from model to artifact our example... conclusion Domain-Specific Engineering of Domain-Specific Languages Rapha el Mannadiar and , Hans Vangheluwe McGill

847 views • 50 slides
A roadmap to domain specific programming languages for environmental modeling Key requirements

A roadmap to domain specific programming languages for environmental modeling Key requirements

A roadmap to domain specific programming languages for environmental modeling Key requirements and concepts Ioannis N. Athanasiadis 1 Ferdinando Villa 2 1 Electrical &amp; Computer Engineering Dept, Democritus University of Thrace, Xanthi, Greece

390 views • 19 slides
Dependently Typed Grammars MPC 2010 Kasper Brink, Stefan Holdermans, Andres L oh June 22,

Dependently Typed Grammars MPC 2010 Kasper Brink, Stefan Holdermans, Andres L oh June 22,

Dependently Typed Grammars MPC 2010 Kasper Brink, Stefan Holdermans, Andres L oh June 22, 2010 Parser Combinators Expression Grammar E E B N | N B + | N 0 | 1 pExpr , pNum :: Parser Int pBin :: Parser (Int Int

848 views • 48 slides

More recommend