Programs, Proofs, and Service Networks



Similar documents
3. Mathematical Induction

CHAPTER 7 GENERAL PROOF SYSTEMS

Note on some explicit formulae for twin prime counting function

Static Program Transformations for Efficient Software Model Checking

Automated Theorem Proving - summary of lecture 1

ML for the Working Programmer

Software Engineering Reference Framework

CSC 373: Algorithm Design and Analysis Lecture 16

Chapter II. Controlling Cars on a Bridge

ON FUNCTIONAL SYMBOL-FREE LOGIC PROGRAMS

Model Checking: An Introduction

Section IV.21. The Field of Quotients of an Integral Domain

Mathematics Course 111: Algebra I Part IV: Vector Spaces

FORMALLY CERTIFIED SATISFIABILITY SOLVING. Duck Ki Oe. An Abstract

SECTION 10-2 Mathematical Induction

Relations: their uses in programming and computational specifications

it is easy to see that α = a

Foundational Proof Certificates

This asserts two sets are equal iff they have the same elements, that is, a set is determined by its elements.

Predicate Logic Review

One More Decidable Class of Finitely Ground Programs

Scalable Automated Symbolic Analysis of Administrative Role-Based Access Control Policies by SMT solving

Introduction to Logic in Computer Science: Autumn 2006

The Model Checker SPIN

A Beginner s Guide to Modern Set Theory

Basic Proof Techniques

Dedekind s forgotten axiom and why we should teach it (and why we shouldn t teach mathematical induction in our calculus classes)

[Refer Slide Time: 05:10]

A Note on Context Logic

Summary Last Lecture. Automated Reasoning. Outline of the Lecture. Definition sequent calculus. Theorem (Normalisation and Strong Normalisation)

Correspondence analysis for strong three-valued logic

Logic in general. Inference rules and theorem proving

Model Driven Security: Foundations, Tools, and Practice

Cartesian Products and Relations

(LMCS, p. 317) V.1. First Order Logic. This is the most powerful, most expressive logic that we will examine.

Introduction to type systems

How To Prove The Dirichlet Unit Theorem

Rigorous Software Development CSCI-GA

Biinterpretability up to double jump in the degrees

CONTENTS 1. Peter Kahn. Spring 2007

Invertible elements in associates and semigroups. 1

def: An axiom is a statement that is assumed to be true, or in the case of a mathematical system, is used to specify the system.

Section 4.2: The Division Algorithm and Greatest Common Divisors

Introducing Formal Methods. Software Engineering and Formal Methods

Verifying Specifications with Proof Scores in CafeOBJ

Lecture 11: Tail Recursion; Continuations

Estimating the Average Value of a Function

2. The Language of First-order Logic

People have thought about, and defined, probability in different ways. important to note the consequences of the definition:

Extending Semantic Resolution via Automated Model Building: applications

Introduction to Finite Fields (cont.)

UPDATES OF LOGIC PROGRAMS

Outline. NP-completeness. When is a problem easy? When is a problem hard? Today. Euler Circuits

CHAPTER 3. Methods of Proofs. 1. Logical Arguments and Formal Proofs

Finite dimensional topological vector spaces

CSG 399 Lecture. The Inductive Approach to Protocol Analysis p.1

1(a). How many ways are there to rearrange the letters in the word COMPUTER?

DEFINABLE TYPES IN PRESBURGER ARITHMETIC

OUTILS DE DÉMONSTRATION

1 Sets and Set Notation.

From Program Verification to Certified Binaries

First-Order Logics and Truth Degrees

Pretty-big-step semantics

Cassandra. References:

Notes on Complexity Theory Last updated: August, Lecture 1

Discrete Mathematics and Probability Theory Fall 2009 Satish Rao, David Tse Note 2

Computational Logic and Cognitive Science: An Overview

Non-deterministic Semantics and the Undecidability of Boolean BI

9.2 Summation Notation

Mathematical Induction

Degrees that are not degrees of categoricity

WRITING PROOFS. Christopher Heil Georgia Institute of Technology

Using the Computer to Prove the Correctness of Programs p.1/12

Software Engineering using Formal Methods

First-Order Theories

Turing Degrees and Definability of the Jump. Theodore A. Slaman. University of California, Berkeley. CJuly, 2005

Algorithmic Software Verification

Rolle s Theorem. q( x) = 1

AN INTRODUCTION TO SET THEORY. Professor William A. R. Weiss

Parametric Domain-theoretic models of Linear Abadi & Plotkin Logic

TOPIC 4: DERIVATIVES

Chapter 4, Arithmetic in F [x] Polynomial arithmetic and the division algorithm.

HOMEWORK 5 SOLUTIONS. n!f n (1) lim. ln x n! + xn x. 1 = G n 1 (x). (2) k + 1 n. (n 1)!

Taylor and Maclaurin Series

System Description: Delphin A Functional Programming Language for Deductive Systems

Handout #1: Mathematical Reasoning

Methods for Finding Bases

CSE 459/598: Logic for Computer Scientists (Spring 2012)

Math 55: Discrete Mathematics

Remarks on Non-Fregean Logic

Specification and Analysis of Contracts Lecture 1 Introduction

TAKE-AWAY GAMES. ALLEN J. SCHWENK California Institute of Technology, Pasadena, California INTRODUCTION

Mathematics for Computer Science/Software Engineering. Notes for the course MSM1F3 Dr. R. A. Wilson

LOGNORMAL MODEL FOR STOCK PRICES

Peter V. Homeier and David F. Martin. and

Monitoring Metric First-order Temporal Properties

Trust but Verify: Authorization for Web Services. The University of Vermont

Computability Theory

Lecture 9 verifying temporal logic

parent ROADMAP MATHEMATICS SUPPORTING YOUR CHILD IN HIGH SCHOOL

Transcription:

Programs, Proofs, and Service Networks Ruchira Datta Web Over Wireless Group University of California Berkeley, California January 30, 2002 1

Guiding Analogy Type checker for functional programming language yields well-typedness judgements for programs Very special kind of theorem prover Theorem prover such as Isabelle/Isar/HOL (www.cl.cam.uk/research/hvg/isabelle) yields proofs for formulae May be written in strongly typed functional programming language such as Ocaml (www.ocaml.org) If type system allows dependent types, correspondence is exact (Martin-Löf isomorphism between proofs and programs) Basis of Coq and Nuprl theorem provers 2

Introducing Application to Service Networks Will describe service manager by declarations in imaginary functional programming language Similar to ML, but includes dependent types for convenience type α list n is a list of n elements of type α Service manager uses service providers to construct expressions using services to yield other services Service manager proves well-typedness of expressions 3

type service an abstract type Services and Service Types type servicelogicformula = Opaque of service -> bool And of servicelogicformula list Basic formulae such as ϕ(x) are in more complicated service logic Actually have structure, but to service manager are atomic: therefore opaque Service is of a type iff it satisfies the corresponding formula ϕ 1 (x) ϕ 2 (x) ϕ n (x) 4

Service Providers type serviceprovider n = (premises: servicelogicformula list n) * (conclusion: servicelogicformula) * (useconstraint: service list -> bool) * (provide:( (resources: service list n) * (currentusers: service list) -> service ) ) * derivation: servicelogicderivation An n-ary service provider with premises ϕ 1,..., ϕ n, conclusion ϕ, use constraint u and provision function provide carries a derivation in the service logic of the formula: ϕ 1 (x 1 ) ϕ n (x n ) u(y ) ϕ(provide(x 1,..., x n, Y )) where the x i s are services and Y is a list of services of arbitrary length 5

Semantics of Service Provision The x i s are the resources used The ϕ i s are the types of those resources, encoded as formulae in the service logic ϕ is the type of service this service provider provides Y is the set of this service provider s current users u(y ) is whether the service provider can provide the service to another user despite already serving current users Y f(x 1,..., x n, Y ) is the service provided to the newest user 6

Service Logic Example Let services be integers, and the service logic be elementary number theory The service provider sum uses as resources two even integers and provides another even integer The use constraint u always evaluates to true The service provider proves the formula: even(n 1 ) even(n 2 ) true even(sum(n 1, n 2 )) 7

Semantics of Service Logic Example Three levels of understanding: You who designed the service provider may have had a mental picture such as the following: which guided you in creating a proof of the service logic formula The service logic oracle knows the Peano axioms for the integers and the definitions of even and sum, so it can check your proof The service manager treats integers, predicates such as even, and functions such as sum as black boxes 8

Service Management type servicemanager = blockedserviceprovider list * runningserviceprovider list Will show mutually recursive type declarations leading up to blockedserviceprovider and runningserviceprovider An n-ary service provider may be blocked awaiting some of its resources x 1,..., x n When all these are provided, it will start running and can provide its resource to others until it is all used up (its use constraint fails) 9

Proof-related Declarations type goal = servicelogicformula * int type proof_state n = ( resourcepool: runningserviceprovider list ) * ( goals: goal list ) * ( assignment n: int -> int ) and tactic = proof_state -> proof_state and derivation n = ( tactic_sequence: tactic list ) * ( current_goals: goal list ) * ( current_assignment n: int -> int ) and... 10

Semantics of Proof-related Declarations goal (ϕ, i) stands for ϕ(x i ) assignment maps i with 1 i n to j if runningserviceprovider j is to provide service x i, and maps i to 1 if no such runningserviceprovider has been found tactic advances proof state toward easier goals backward tactic works on goals forward tactic works on hypotheses (embedded in running service provider list) derivation is (almost) a proof state, plus sequence of tactics leading to it 11

Managed Service Provider Declarations...and blockedserviceprovider n = serviceprovider n * derivation n and serviceuse = runningserviceprovider * service and runningserviceprovider n = serviceprovider n * derivation n true * ( resources: serviceuse list n ) * ( users: serviceuse list ) 12

Completing Semantics of Derivations Recall: service provider proves rule ϕ 1 (x 1 ) ϕ n (x n ) u(y ) ϕ(f(x 1,..., x n, Y )) Initial goal of registered service provider s derivation is rule s premise ϕ 1 (x 1 ) ϕ n (x n ) Initial proof state includes servicemanager s runningserviceprovider list, assignment always to 1 13

Managed Service Provider Semantics When derivation can make no more progress, blocks Current goals can be seen as pending service requests derivation n true means assignment maps 1,..., n to positive integers the indices of resources in the runningserviceprovider list and current goal list is empty if ((p 1, y 1 ),..., (p k, y k )) is a runningserviceprovider s user list, and u is its use constraint, then it must be the case that u(y 1,..., ŷ i,..., y k ), for any i, i.e., the use constraint is not violated 14

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information