Results 1  10
of
30
OrderSorted Algebra I: Equational Deduction for Multiple Inheritance, Overloading, Exceptions and Partial Operations
 Theoretical Computer Science
, 1992
"... This paper generalizes manysorted algebra (hereafter, MSA) to ordersorted algebra (hereafter, OSA) by allowing a partial ordering relation on the set of sorts. This supports abstract data types with multiple inheritance (in roughly the sense of objectoriented programming), several forms of pol ..."
Abstract

Cited by 208 (33 self)
 Add to MetaCart
This paper generalizes manysorted algebra (hereafter, MSA) to ordersorted algebra (hereafter, OSA) by allowing a partial ordering relation on the set of sorts. This supports abstract data types with multiple inheritance (in roughly the sense of objectoriented programming), several forms of polymorphism and overloading, partial operations (as total on equationally defined subsorts), exception handling, and an operational semantics based on term rewriting. We give the basic algebraic constructions for OSA, including quotient, image, product and term algebra, and we prove their basic properties, including Quotient, Homomorphism, and Initiality Theorems. The paper's major mathematical results include a notion of OSA deduction, a Completeness Theorem for it, and an OSA Birkhoff Variety Theorem. We also develop conditional OSA, including Initiality, Completeness, and McKinseyMalcev Quasivariety Theorems, and we reduce OSA to (conditional) MSA, which allows lifting many known MSA results to OSA. Retracts, which intuitively are left inverses to subsort inclusions, provide relatively inexpensive runtime error handling. We show that it is safe to add retracts to any OSA signature, in the sense that it gives rise to a conservative extension. A final section compares and contrasts many different approaches to OSA. This paper also includes several examples demonstrating the flexibility and applicability of OSA, including some standard benchmarks like STACK and LIST, as well as a much more substantial example, the number hierarchy from the naturals up to the quaternions.
Introducing OBJ
, 1993
"... This is an introduction to the philosophy and use of OBJ, emphasizing its operational semantics, with aspects of its history and its logical semantics. Release 2 of OBJ3 is described in detail, with many examples. OBJ is a wide spectrum firstorder functional language that is rigorously based on ..."
Abstract

Cited by 120 (29 self)
 Add to MetaCart
This is an introduction to the philosophy and use of OBJ, emphasizing its operational semantics, with aspects of its history and its logical semantics. Release 2 of OBJ3 is described in detail, with many examples. OBJ is a wide spectrum firstorder functional language that is rigorously based on (order sorted) equational logic and parameterized programming, supporting a declarative style that facilitates verification and allows OBJ to be used as a theorem prover.
Multiset Rewriting and the Complexity of Bounded Security Protocols
 Journal of Computer Security
, 2002
"... We formalize the DolevYao model of security protocols, using a notation based on multiset rewriting with existentials. The goals are to provide a simple formal notation for describing security protocols, to formalize the assumptions of the DolevYao model using this notation, and to analyze the ..."
Abstract

Cited by 56 (5 self)
 Add to MetaCart
We formalize the DolevYao model of security protocols, using a notation based on multiset rewriting with existentials. The goals are to provide a simple formal notation for describing security protocols, to formalize the assumptions of the DolevYao model using this notation, and to analyze the complexity of the secrecy problem under various restrictions. We prove that, even for the case where we restrict the size of messages and the depth of message encryption, the secrecy problem is undecidable for the case of an unrestricted number of protocol roles and an unbounded number of new nonces. We also identify several decidable classes, including a dexpcomplete class when the number of nonces is restricted, and an npcomplete class when both the number of nonces and the number of roles is restricted. We point out a remaining open complexity problem, and discuss the implications these results have on the general topic of protocol analysis.
ZeroSafe Nets: Comparing the Collective and Individual Token Approaches
"... The main feature of zerosafe nets is a primitive notion of transition synchronization. To this aim, besides ordinary places, called stable places, zerosafe nets are equipped with zero places, which in an observable marking cannot contain any token. This yields the notion of transaction: a basic ..."
Abstract

Cited by 40 (20 self)
 Add to MetaCart
The main feature of zerosafe nets is a primitive notion of transition synchronization. To this aim, besides ordinary places, called stable places, zerosafe nets are equipped with zero places, which in an observable marking cannot contain any token. This yields the notion of transaction: a basic atomic computation, which may use zero tokens as triggers, but defines an evolution between observable markings only. The abstract counterpart of a generic zerosafe net B consists of an ordinary P/T net whose places are the stable places of B, and whose transitions represent the transactions of B. The two nets offer both the refined and the abstract model of the same system, where the former can be much smaller than the latter, because of the transition synchronization mechanism. Depending on the chosen approach  collective vs individual token philosophy  two notions of transaction may be defined, each leading to different operational and abstract models. Their comparison is fully dis...
Process and Term Tile Logic
, 1998
"... In a similar way as 2categories can be regarded as a special case of double categories, rewriting logic (in the unconditional case) can be embedded into the more general tile logic, where also sideeffects and rewriting synchronization are considered. Since rewriting logic is the semantic basis o ..."
Abstract

Cited by 33 (25 self)
 Add to MetaCart
In a similar way as 2categories can be regarded as a special case of double categories, rewriting logic (in the unconditional case) can be embedded into the more general tile logic, where also sideeffects and rewriting synchronization are considered. Since rewriting logic is the semantic basis of several language implementation efforts, it is useful to map tile logic back into rewriting logic in a conservative way, to obtain executable specifications of tile systems. We extend the results of earlier work by two of the authors, focusing on some interesting cases where the mathematical structures representing configurations (i.e., states) and effects (i.e., observable actions) are very similar, in the sense that they have in common some auxiliary structure (e.g., for tupling, projecting, etc.). In particular, we give in full detail the descriptions of two such cases where (net) processlike and usual term structures are employed. Corresponding to these two cases, we introduce two ca...
Explicit Graphs in a Functional Model for Spatial Databases
 IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING
, 1994
"... Observing that networks are ubiquitous in applications for spatial databases, we define a new data model and query language that especially supports graph structures. This model integrates concepts of functional data modeling with ordersorted algebra. Besides object and data type hierarchies grap ..."
Abstract

Cited by 28 (9 self)
 Add to MetaCart
Observing that networks are ubiquitous in applications for spatial databases, we define a new data model and query language that especially supports graph structures. This model integrates concepts of functional data modeling with ordersorted algebra. Besides object and data type hierarchies graphs are available as an explicit modeling tool, and graph operations are part of the query language. Graphs have three classes of components, namely nodes, edges, and explicit paths. These are at the same time object types within the object type hierarchy and can be used like any other type. Explicit paths are useful because “real world ” objects often correspond to paths in a network. Furthermore, a dynamic generalization concept is introduced to handle heterogeneous collections of objects in a query. In connection with spatial data types this leads to powerful modeling and querying capabilities for spatial databases, in particular for spatially embedded networks such as highways, rivers, public transport, and so forth. We use multilevel ordersorted algebra as a formal framework for the specification of our model. Roughly spoken, the first level algebra defines types and operations of the query language whereas the second level algebra defines kinds (collections of types) and type constructors as functions between kinds and so provides the types that can be used at the first level.
An Actor Rewriting Theory
, 1996
"... We present a semantic framework for actor systems based on rewriting logic. This framework accounts for fairness and provides a variety of semantics for actor system components that have good composability properties. 1 Introduction We are interested in developing a semantic foundation for open dis ..."
Abstract

Cited by 27 (8 self)
 Add to MetaCart
We present a semantic framework for actor systems based on rewriting logic. This framework accounts for fairness and provides a variety of semantics for actor system components that have good composability properties. 1 Introduction We are interested in developing a semantic foundation for open distributed systems that supports specifying, composing, and reasoning about components of open distributed systems. We take the actor model of computation [12,1,2] as our starting point. Actors are independent computational agents that interact solely via message passing. An actor can create other actors; send messages; and modify its own local state. An actor can only effect the local state of other actors by sending them messages, and it can only send messages to its acquaintances  addresses of actors it was given upon creation, it received in a message or actors it created. Actor semantics requires computations to be fair. We take two views of actors: as individuals and as elements of com...
Categorybased Semantics for Equational and Constraint Logic Programming
, 1994
"... This thesis proposes a general framework for equational logic programming, called categorybased equational logic by placing the general principles underlying the design of the programming language Eqlog and formulated by Goguen and Meseguer into an abstract form. This framework generalises equation ..."
Abstract

Cited by 24 (10 self)
 Add to MetaCart
This thesis proposes a general framework for equational logic programming, called categorybased equational logic by placing the general principles underlying the design of the programming language Eqlog and formulated by Goguen and Meseguer into an abstract form. This framework generalises equational deduction to an arbitrary category satisfying certain natural conditions; completeness is proved under a hypothesis of quantifier projectivity, using a semantic treatment that regards quantifiers as models rather than variables, and regards valuations as model morphisms rather than functions. This is used as a basis for a model theoretic categorybased approach to a paramodulationbased operational semantics for equational logic programming languages. Categorybased equational logic in conjunction with the theory of institutions is used to give mathematical foundations for modularisation in equational logic programming. We study the soundness and completeness problem for module imports i...
Introducing FOOPS
, 1992
"... This document describes FOOPS, an objectoriented specification language with an executable subset. The main distinguishing aspect of FOOPS is its advanced facilities for defining and interconnecting modules, which go beyond what other objectoriented languages offer. We present all the language fea ..."
Abstract

Cited by 19 (0 self)
 Add to MetaCart
This document describes FOOPS, an objectoriented specification language with an executable subset. The main distinguishing aspect of FOOPS is its advanced facilities for defining and interconnecting modules, which go beyond what other objectoriented languages offer. We present all the language features, explain their formal semantics, and provide a guide to its current implementation at Oxford.
Certifying DomainSpecific Policies
, 2001
"... Proofchecking code for compliance to safety policies potentially enables a productoriented approach to certain aspects of software certification. To date, previous research has focused on generic, lowlevel programminglanguage properties such as memory type safety. In this paper we consider proof ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
Proofchecking code for compliance to safety policies potentially enables a productoriented approach to certain aspects of software certification. To date, previous research has focused on generic, lowlevel programminglanguage properties such as memory type safety. In this paper we consider proofchecking higherlevel domainspecific properties for compliance to safety policies. The paper first describes a framework related to abstract interpretation in which compliance to a class of certification policies can be efficiently calculated. Membership equational logic is shown to provide a rich logic for carrying out such calculations, including partiality, for certification. The architecture for a domainspecific certifier is described, followed by an implemented case study. The case study considers consistency of abstract variable attributes in code that performs geometric calculations in Aerospace systems.