effpi
play

Effpi concurrent programming with dependent behavioural types - PowerPoint PPT Presentation

Nov 19, 2023 •298 likes •870 views

Effpi concurrent programming with dependent behavioural types Alceste Scalas with Elias Benussi & Nobuko Yoshida VeTSS PhD school / FMATS workshop Microsoft Research Cambridge, 25 September 2018 Problem Introduction Calculus Types

  1. Effpi concurrent programming with dependent behavioural types Alceste Scalas with Elias Benussi & Nobuko Yoshida VeTSS PhD school / FMATS workshop Microsoft Research Cambridge, 25 September 2018

  2. Problem Introduction Calculus Types Properties Implementation Conclusion The problem Languages and toolkits for message-passing concurrent programming provide intuitive high-level abstractions ▸ e.g., actors, channels, processes (Akka, Erlang, Go, . . . ) . . . but do not allow to verify code against behavioural specs ▸ risks: protocol violations , deadlocks , starvation , . . . ▸ issues found at run-time , hence expensive to fix ▸ can vehicle attacks : e.g., data breaches, DoS 2 / 17

  3. Problem Introduction Calculus Types Properties Implementation Conclusion The problem and our solution Languages and toolkits for message-passing concurrent programming provide intuitive high-level abstractions ▸ e.g., actors, channels, processes (Akka, Erlang, Go, . . . ) . . . but do not allow to verify code against behavioural specs ▸ risks: protocol violations , deadlocks , starvation , . . . ▸ issues found at run-time , hence expensive to fix ▸ can vehicle attacks : e.g., data breaches, DoS Our solution: Effpi , a toolkit for strongly-typed concurrent programming in Dotty (a.k.a. Scala 3) ▸ using types as behavioural specifications ▸ and type-level model checking to verify code properties 2 / 17

  4. Problem Introduction Calculus Types Properties Implementation Conclusion Example: payment service with auditing A payment service should implement the following specification : 1. wait to receive a payment request 2. then, either : 2.1 reject the payment, or 2.2 report the payment to an audit service, and then accept it 3. continue from point 1 3 / 17

  5. Problem Introduction Calculus Types Properties Implementation Conclusion Example: payment service with auditing Demo! 4 / 17

  6. Problem Introduction Calculus Types Properties Implementation Conclusion What is the Dotty / Scala 3 compiler saying? found: Out[ActorRef[Result], Accepted] required: Out[ActorRef[Result](pay.replyTo), Rejected] ∣ Out[ActorRef[Audit[ ]](aud), Audit[Pay(pay)]] >>: Out[ActorRef[Result](pay.replyTo), Accepted] 5 / 17

  7. Problem Introduction Calculus Types Properties Implementation Conclusion A λ -calculus with communication & concurrency Example: a pinger process sends a communication channel to a ponger process, who uses the channel to reply "Hello!" 6 / 17

  8. Problem Introduction Calculus Types Properties Implementation Conclusion A λ -calculus with communication & concurrency Example: a pinger process sends a communication channel to a ponger process, who uses the channel to reply "Hello!" let pinger = λ self . λ pongc . ( 6 / 17

  9. Problem Introduction Calculus Types Properties Implementation Conclusion A λ -calculus with communication & concurrency Example: a pinger process sends a communication channel to a ponger process, who uses the channel to reply "Hello!" let pinger = λ self . λ pongc . ( send ( pongc , self , λ . ( 6 / 17

  10. Problem Introduction Calculus Types Properties Implementation Conclusion A λ -calculus with communication & concurrency Example: a pinger process sends a communication channel to a ponger process, who uses the channel to reply "Hello!" let pinger = λ self . λ pongc . ( send ( pongc , self , λ . ( recv ( self , λ reply . ( 6 / 17

  11. Problem Introduction Calculus Types Properties Implementation Conclusion A λ -calculus with communication & concurrency Example: a pinger process sends a communication channel to a ponger process, who uses the channel to reply "Hello!" let pinger = λ self . λ pongc . ( send ( pongc , self , λ . ( recv ( self , λ reply . ( end ))))) 6 / 17

  12. Problem Introduction Calculus Types Properties Implementation Conclusion A λ -calculus with communication & concurrency Example: a pinger process sends a communication channel to a ponger process, who uses the channel to reply "Hello!" let pinger = λ self . λ pongc . ( let ponger = λ self . ( send ( pongc , self , λ . ( recv ( self , λ reqc . ( recv ( self , λ reply . ( send ( reqc , "Hello!" , λ . ( end ))))) end ))))) 6 / 17

  13. Problem Introduction Calculus Types Properties Implementation Conclusion A λ -calculus with communication & concurrency Example: a pinger process sends a communication channel to a ponger process, who uses the channel to reply "Hello!" let pinger = λ self . λ pongc . ( let ponger = λ self . ( send ( pongc , self , λ . ( recv ( self , λ reqc . ( recv ( self , λ reply . ( send ( reqc , "Hello!" , λ . ( end ))))) end ))))) let pingpong = λ c1 . λ c2 . ( pinger c1 c2 ∣∣ ponger c2 ) 6 / 17

  14. Problem Introduction Calculus Types Properties Implementation Conclusion A λ -calculus with communication & concurrency Example: a pinger process sends a communication channel to a ponger process, who uses the channel to reply "Hello!" let pinger = λ self . λ pongc . ( let ponger = λ self . ( send ( pongc , self , λ . ( recv ( self , λ reqc . ( recv ( self , λ reply . ( send ( reqc , "Hello!" , λ . ( end ))))) end ))))) let pingpong = λ c1 . λ c2 . ( pinger c1 c2 ∣∣ ponger c2 ) let main = let c1 = chan () ; let c2 = chan () ; pingpong c1 c2 6 / 17

  15. Problem Introduction Calculus Types Properties Implementation Conclusion A λ -calculus with communication & concurrency Example: a pinger process sends a communication channel to a ponger process, who uses the channel to reply "Hello!" let pinger = λ self . λ pongc . ( let ponger = λ self . ( send ( pongc , self , λ . ( recv ( self , λ reqc . ( recv ( self , λ reply . ( send ( reqc , "Hello!" , λ . ( end ))))) end ))))) let pingpong = λ c1 . λ c2 . ( pinger c1 c2 ∣∣ ponger c2 ) let main = let c1 = chan () ; let c2 = chan () ; pingpong c1 c2 Monadic encoding of the higher-order π -calculus ▸ λ -terms model abstract processes ▸ Continuations are expressed as λ -terms 6 / 17

  16. Problem Introduction Calculus Types Properties Implementation Conclusion How to type a process calculus For typing, we use a context Γ with channel types . E.g.: Γ = x ∶ str , y ∶ c o [ str ] Typing judgements are (partly) standard: Γ ⊢ "Hello " + + x ∶ str 7 / 17

  17. Problem Introduction Calculus Types Properties Implementation Conclusion How to type a process calculus For typing, we use a context Γ with channel types . E.g.: Γ = x ∶ str , y ∶ c o [ str ] Typing judgements are (partly) standard: Γ ⊢ "Hello " + + x ∶ str How do we type communication? E.g., if t = send ( y , x , λ . end ) Γ ⊢ t ∶ proc Classic approach: (“ t is a well-typed process in Γ ”) 7 / 17

  18. Problem Introduction Calculus Types Properties Implementation Conclusion How to type a process calculus For typing, we use a context Γ with channel types . E.g.: Γ = x ∶ str , y ∶ c o [ str ] Typing judgements are (partly) standard: Γ ⊢ "Hello " + + x ∶ str How do we type communication? E.g., if t = send ( y , x , λ . end ) Γ ⊢ t ∶ proc Classic approach: (“ t is a well-typed process in Γ ”) Γ ⊢ t ∶ T Our approach: ( “ t behaves as T in Γ ” ) 7 / 17

  19. Problem Introduction Calculus Types Properties Implementation Conclusion How to type a process calculus For typing, we use a context Γ with channel types . E.g.: Γ = x ∶ str , y ∶ c o [ str ] Typing judgements are (partly) standard: Γ ⊢ "Hello " + + x ∶ str How do we type communication? E.g., if t = send ( y , x , λ . end ) Γ ⊢ t ∶ proc Classic approach: (“ t is a well-typed process in Γ ”) Γ ⊢ t ∶ T Our approach: ( “ t behaves as T in Γ ” ) Γ ⊢ T ⩽ proc ( “ T is a refined process type ” ) 7 / 17

  20. Problem Introduction Calculus Types Properties Implementation Conclusion Behavioural types (inspired by π -calculus theory) Some examples: x ∶ str , y ∶ c o [ str ] ⊢ send ( y , x , λ . end ) ∶ T 8 / 17

  21. Problem Introduction Calculus Types Properties Implementation Conclusion Behavioural types (inspired by π -calculus theory) Some examples: x ∶ str , y ∶ c o [ str ] ⊢ send ( y , x , λ . end ) ∶ T = o [ c o [ str ] , str, nil ] 8 / 17

  22. Problem Introduction Calculus Types Properties Implementation Conclusion Behavioural types (inspired by π -calculus theory) Some examples: x ∶ str , y ∶ c o [ str ] ⊢ send ( y , x , λ . end ) ∶ T = o [ c o [ str ] , str, nil ] ∅ ⊢ λ x . λ y . send ( y , x , λ . end ) ∶ T ′ 8 / 17

  23. Problem Introduction Calculus Types Properties Implementation Conclusion Behavioural types (inspired by π -calculus theory) Some examples: x ∶ str , y ∶ c o [ str ] ⊢ send ( y , x , λ . end ) ∶ T = o [ c o [ str ] , str, nil ] ∅ ⊢ λ x . λ y . send ( y , x , λ . end ) ∶ T ′ = str → c o [ str ] → T 8 / 17

  24. Problem Introduction Calculus Types Properties Implementation Conclusion Behavioural types (inspired by π -calculus theory) Some examples: x ∶ str , y ∶ c o [ str ] ⊢ send ( y , x , λ . end ) ∶ T = o [ c o [ str ] , str, nil ] ∅ ⊢ λ x . λ y . send ( y , x , λ . end ) ∶ T ′ = str → c o [ str ] → T Can we use types to specify and verify process behaviours ? 8 / 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Outline Operating System Security, Buffer overflows Continued Designing secure

Outline Operating System Security, Buffer overflows Continued Designing secure

Outline Operating System Security, Buffer overflows Continued Designing secure operating systems CS 239 Assuring OS security Computer Security Logging and auditing February 27, 2006 Lecture 12 Lecture 12 Page 1 Page 2

329 views • 9 slides
Information security audits & certification Security in Organizations 2011 Eric Verheul 1

Information security audits & certification Security in Organizations 2011 Eric Verheul 1

Information security audits & certification Security in Organizations 2011 Eric Verheul 1 Literature Main literature for this lecture: 1. NOREA beroepsregels http://www.norea.nl/Norea/Thema's/Gedrags-

1.26k views • 69 slides
Knowledge Framework (PHKSF) Opportunity to COMMENT December 2015 This presentation gives you -

Knowledge Framework (PHKSF) Opportunity to COMMENT December 2015 This presentation gives you -

Revised Public Health Skills and Knowledge Framework (PHKSF) Opportunity to COMMENT December 2015 This presentation gives you - feedback on the consultation that took place earlier this year an outline of the work that we have done

567 views • 28 slides
PGC: Decentralized Confjdential Payment System with Auditability Yu Chen Shandong University

PGC: Decentralized Confjdential Payment System with Auditability Yu Chen Shandong University

PGC: Decentralized Confjdential Payment System with Auditability Yu Chen Shandong University Xuecheng Ma SKLOIS, CAS Cong Tang pgc.info Man Ho Au The University of Hong Kong ESORICS 2020 http://eprint.iacr.org/2019/319

871 views • 58 slides
Election Verifiability or Ballot Privacy Do We Need to Choose? Edouard Cuvelier Thomas Peters

Election Verifiability or Ballot Privacy Do We Need to Choose? Edouard Cuvelier Thomas Peters

Election Verifiability or Ballot Privacy Do We Need to Choose? Edouard Cuvelier Thomas Peters Olivier Pereira Universit e catholique de Louvain ICTEAM Crypto Group SecVote 2012 UCL Crypto Group PPAT - Jul. 2012 1

451 views • 16 slides
AFPEO BES MISSION Rapidly acquire, operate, sustain, and enable flexible w ar-w inning business

AFPEO BES MISSION Rapidly acquire, operate, sustain, and enable flexible w ar-w inning business

AFPEO BES MISSION Rapidly acquire, operate, sustain, and enable flexible w ar-w inning business system capabilities 80+ STAKEHOLDERS 24 AF AF/SGD AFPOA Joint Staff (J7) 33 NWS AFC2IC AFSC/LG Joint Staff (J8) BUSINESS AREAS 83 NOS

524 views • 27 slides
Hypothesis Tests using Excel T.TEST function V1e 11/12/2013 Two group hypothesis tests using

Hypothesis Tests using Excel T.TEST function V1e 11/12/2013 Two group hypothesis tests using

Hypothesis Tests using Excel T.TEST function V1e 11/12/2013 Two group hypothesis tests using Excel T.TEST Two group hypothesis tests using Excel T.TEST 1 2 Two-Group Hypothesis Tests Excel T.TEST Function Using Excel T.TEST Function

562 views • 28 slides
1 Terminology Security services: Authentication, confidentiality, integrity,

1 Terminology Security services: Authentication, confidentiality, integrity,

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security: Private Communication in a Public World [Chap. 2-8] Charles Kaufman, Mike Speciner, Radia

454 views • 20 slides
1 / 25 Elliptic Curve Cryptography EC crypto consists of geometric points with an addition

1 / 25 Elliptic Curve Cryptography EC crypto consists of geometric points with an addition

1 / 25 Elliptic Curve Cryptography EC crypto consists of geometric points with an addition operator. Such a set is a group. Any group element G can be multiplied by an integer n by adding G to itself repeatedly. G + G + + G

363 views • 25 slides
Cryptographic proofs for remote storage: models and construction Julien Lavauzelle 1 , Franoise

Cryptographic proofs for remote storage: models and construction Julien Lavauzelle 1 , Franoise

Cryptographic proofs for remote storage: models and construction Julien Lavauzelle 1 , Franoise Levy-dit-Vehel 1,2 1 LIX & INRIA Saclay, Universit Paris-Saclay 2 ENSTA ParisTech Journes codage & cryptographie 2018, Aussois, France

842 views • 55 slides
16 Control Theory Intro to Database Systems Andy Pavlo AP AP 15-445/15-645 Computer Science

16 Control Theory Intro to Database Systems Andy Pavlo AP AP 15-445/15-645 Computer Science

Concurrency 16 Control Theory Intro to Database Systems Andy Pavlo AP AP 15-445/15-645 Computer Science Carnegie Mellon University Fall 2020 2 ADM IN ISTRIVIA Project #2 C2 is due Sun Nov 1st @ 11:59pm Project #3 will be released

1.08k views • 85 slides
CABLE MODEM COURSE INSTRUCTOR Prof.Andreas Schrader Imran Ahmad ISNM 2003 Cable Modem What is

CABLE MODEM COURSE INSTRUCTOR Prof.Andreas Schrader Imran Ahmad ISNM 2003 Cable Modem What is

CABLE MODEM COURSE INSTRUCTOR Prof.Andreas Schrader Imran Ahmad ISNM 2003 Cable Modem What is cable modem The cable modem is another technology, which has recently emerged into the home user Market. It is also a suitable and convenient

617 views • 5 slides
Internet Engineering Connecting to The Internet Ali Kamandi Fall 2007 kamandi@sharif.edu

Internet Engineering Connecting to The Internet Ali Kamandi Fall 2007 kamandi@sharif.edu

Internet Engineering Connecting to The Internet Ali Kamandi Fall 2007 kamandi@sharif.edu Sharif University of Technology 1 How Networks Link to the Internet LAN Dial-up (Online Service or ISP) Cable Modem Digital Subscriber

478 views • 25 slides
Man Manag agin ing F Fai airness an and Applic icat ation Performance w with Activ ive Qu

Man Manag agin ing F Fai airness an and Applic icat ation Performance w with Activ ive Qu

Man Manag agin ing F Fai airness an and Applic icat ation Performance w with Activ ive Qu Queue Man Manag agement in DOC OCSIS-based C ed Cable e Net etworks Presen ented a d at ACM M SIGCOMM MM Cap apac acity Shar aring

387 views • 25 slides
Tanmay Bhagwat (Slides borrowed from Kevin Cleary and modified as required) UB Cyber and Network

Tanmay Bhagwat (Slides borrowed from Kevin Cleary and modified as required) UB Cyber and Network

Tanmay Bhagwat (Slides borrowed from Kevin Cleary and modified as required) UB Cyber and Network Defense Most communications on the internet are Client / Server based. A client is typically a desktop computer or smart device. Servers are

486 views • 29 slides
ACCC 2004 Regulation Conference 29-30 July, 2004 Competition in a IP World Martin Cave Warwick

ACCC 2004 Regulation Conference 29-30 July, 2004 Competition in a IP World Martin Cave Warwick

ACCC 2004 Regulation Conference 29-30 July, 2004 Competition in a IP World Martin Cave Warwick Business School martin.cave@wbs.ac.uk mec1128 mec1128 1 1 The question: What is the scope for competition in a post- PSTN/first generation

140 views • 13 slides
Physics 2D Lecture Slides Jan 8 Vivek Sharma UCSD Physics Waves/Interference/Diffraction

Physics 2D Lecture Slides Jan 8 Vivek Sharma UCSD Physics Waves/Interference/Diffraction

Physics 2D Lecture Slides Jan 8 Vivek Sharma UCSD Physics Waves/Interference/Diffraction Refresher Brian Wechts streaming video and lecture notes available http://tijuana.ucsd.edu/sharma/review Your will need Quicktime 6

542 views • 16 slides
Good Evening! INT1005 Introduction to Computer Systems Ulrich Werner Discovering Computers

Good Evening! INT1005 Introduction to Computer Systems Ulrich Werner Discovering Computers

Good Evening! INT1005 Introduction to Computer Systems Ulrich Werner Discovering Computers Technology in a World of Computers, Mobile Devices, and the Internet Chapter 9 Operating Systems Operating System Functions Starting Computers

661 views • 55 slides
Alphabet Soup MAC (ethernet address e.g. 00-00-6c-4f-3d-1a) Lecture 15: Differentiates

Alphabet Soup MAC (ethernet address e.g. 00-00-6c-4f-3d-1a) Lecture 15: Differentiates

Alphabet Soup MAC (ethernet address e.g. 00-00-6c-4f-3d-1a) Lecture 15: Differentiates between machines on one ethernet segment) The Internet and the Web UDP (datagram) TCP (transport gives you a reliable connection)

557 views • 6 slides
EnGiNeErInG HtMl5 aPpLiCaTiOnS fOr bEtTeR pErFoRmAnCe LaUrI SvAn @ LaUrI S An @lAuRiS

EnGiNeErInG HtMl5 aPpLiCaTiOnS fOr bEtTeR pErFoRmAnCe LaUrI SvAn @ LaUrI S An @lAuRiS

EnGiNeErInG HtMl5 aPpLiCaTiOnS fOr bEtTeR pErFoRmAnCe LaUrI SvAn @ LaUrI S An @lAuRiS lAuRiSvAn An Sc5 OnLiNe @sC5 Sc5 OnLiNe @sC5 ViCe HtMl5 eXpErTiSe a HtMl5 eXpErTiSe aT y T yOuR sEr OuR sErViCe GiVe mE sOmEtHiNg tHaT I

521 views • 37 slides
Week 9 March 20, 22

Week 9 March 20, 22

Week 9 March 20, 22 !

1.54k views • 27 slides
Chapter 1: Introduction to Computers, Programs, and Java CS1: Java Programming Colorado State

Chapter 1: Introduction to Computers, Programs, and Java CS1: Java Programming Colorado State

Chapter 1: Introduction to Computers, Programs, and Java CS1: Java Programming Colorado State University Original slides by Daniel Liang Modified slides by Chris Wilcox Liang, Introduction to Java Programming, Tenth Edition, (c) 2015 Pearson

1.45k views • 69 slides
Product Life Cycle Theory and the Maturation of the Internet Christopher S. Yoo University of

Product Life Cycle Theory and the Maturation of the Internet Christopher S. Yoo University of

Product Life Cycle Theory and the Maturation of the Internet Christopher S. Yoo University of Pennsylvania Law School December 13, 2017 Classic Product Diffusion Curve adoption Innovators Early Early Laggards Late Adopters

358 views • 7 slides
Linux IP Masquerading Brian Vargyas XNet Information Systems 1 Agenda What is IP Masquerade

Linux IP Masquerading Brian Vargyas XNet Information Systems 1 Agenda What is IP Masquerade

Linux IP Masquerading Brian Vargyas XNet Information Systems 1 Agenda What is IP Masquerade How does it work Example Setting Up IP Masquerade References 2 What not to expect Teaching you how to set up Redhat Linux 5.1

483 views • 21 slides

More recommend