Results 1  10
of
28
Notions of Computation and Monads
, 1991
"... The i.calculus is considered a useful mathematical tool in the study of programming languages, since programs can be identified with Iterms. However, if one goes further and uses bnconversion to prove equivalence of programs, then a gross simplification is introduced (programs are identified with ..."
Abstract

Cited by 730 (15 self)
 Add to MetaCart
The i.calculus is considered a useful mathematical tool in the study of programming languages, since programs can be identified with Iterms. However, if one goes further and uses bnconversion to prove equivalence of programs, then a gross simplification is introduced (programs are identified with total functions from calues to values) that may jeopardise the applicability of theoretical results, In this paper we introduce calculi. based on a categorical semantics for computations, that provide a correct basis for proving equivalence of programs for a wide range of notions of computation.
Categorical Logic
 A CHAPTER IN THE FORTHCOMING VOLUME VI OF HANDBOOK OF LOGIC IN COMPUTER SCIENCE
, 1995
"... ..."
A Coinduction Principle for Recursive Data Types Based on Bisimulation
, 1996
"... This paper provides foundations for a reasoning principle (coinduction) for establishing the equality of potentially infinite elements of selfreferencing (or circular) data types. As it is wellknown, such data types not only form the core of the denotational approach to the semantics of programmin ..."
Abstract

Cited by 37 (3 self)
 Add to MetaCart
This paper provides foundations for a reasoning principle (coinduction) for establishing the equality of potentially infinite elements of selfreferencing (or circular) data types. As it is wellknown, such data types not only form the core of the denotational approach to the semantics of programming languages [SS71], but also arise explicitly as recursive data types in functional programming languages like Standard ML [MTH90] or Haskell [HPJW92]. In the latter context, the coinduction principle provides a powerful technique for establishing the equality of programs with values in recursive data types (see examples herein and in [Pit94]).
Syntactic considerations on recursive types
 In Proceedings of the 11th Annual Symposium on Logic in Computer Science
, 1996
"... Abstract We study recursive types from a syntactic perspective. In particular, we compare the formulations of recursive types that are used in programming languages and formal systems. Our main tool is a new syntactic explanation of type expressions as functors. We also introduce a simple logic for ..."
Abstract

Cited by 31 (0 self)
 Add to MetaCart
Abstract We study recursive types from a syntactic perspective. In particular, we compare the formulations of recursive types that are used in programming languages and formal systems. Our main tool is a new syntactic explanation of type expressions as functors. We also introduce a simple logic for programs with recursive types in which we carry out our proofs. 1 Introduction Recursive types are common in both programming languages and formal systems. By now, there is a deep and welldeveloped semantic theory of recursive types. The syntactic aspects of recursive types are also well understood in some special cases. In particular, there is an important body of knowledge about covariant recursive types, which include datatypes like natural numbers, lists, and trees. Beyond the covariant case, however, the syntactic understanding of recursive types becomes rather spotty. Consequently, the relations between various alternative formulations of recursive types are generally unclear. Furthermore, the syntactic counterparts to some of the most basic semantic results are unknown.
Modular verification of security protocol code by typing
 in: Proceedings of the 37th ACM SIGACTSIGPLAN Symposium on Principles of Programming Languages (POPL
, 2010
"... We propose a method for verifying the security of protocol implementations. Our method is based on declaring and enforcing invariants on the usage of cryptography. We develop cryptographic libraries that embed a logic model of their cryptographic structures and that specify preconditions and postcon ..."
Abstract

Cited by 28 (12 self)
 Add to MetaCart
We propose a method for verifying the security of protocol implementations. Our method is based on declaring and enforcing invariants on the usage of cryptography. We develop cryptographic libraries that embed a logic model of their cryptographic structures and that specify preconditions and postconditions on their functions so as to maintain their invariants. We present a theory to justify the soundness of modular code verification via our method. We implement the method for protocols coded in F # and verified using F7, our SMTbased typechecker for refinement types, that is, types carrying formulas to record invariants. As illustrated by a series of programming examples, our method can flexibly deal with a range of different cryptographic constructions and protocols. We evaluate the method on a series of larger case studies of protocol code, previously checked using wholeprogram analyses based on ProVerif, a leading verifier for cryptographic protocols. Our results indicate that compositional verification by typechecking with refinement types is more scalable than the best domainspecific analysis currently available for cryptographic code.
An Extension of Models of Axiomatic Domain Theory to Models of Synthetic Domain Theory
 In Proceedings of CSL 96
, 1997
"... . We relate certain models of Axiomatic Domain Theory (ADT) and Synthetic Domain Theory (SDT). On the one hand, we introduce a class of nonelementary models of SDT and show that the domains in them yield models of ADT. On the other hand, for each model of ADT in a wide class we construct a model of ..."
Abstract

Cited by 17 (6 self)
 Add to MetaCart
. We relate certain models of Axiomatic Domain Theory (ADT) and Synthetic Domain Theory (SDT). On the one hand, we introduce a class of nonelementary models of SDT and show that the domains in them yield models of ADT. On the other hand, for each model of ADT in a wide class we construct a model of SDT such that the domains in it provide a model of ADT which conservatively extends the original model. Introduction The aim of Axiomatic Domain Theory (ADT) is to axiomatise the structure needed on a category so that its objects can be considered to be domains (see [11, x Axiomatic Domain Theory]). Models of axiomatic domain theory are given with respect to an enrichment base provided by a model of intuitionistic linear type theory [2, 3]. These enrichment structures consist of a monoidal adjunction C \Gamma! ? /\Gamma D between a cartesian closed category C and a symmetric monoidal closed category with finite products D, as well as with an !inductive fixedpoint object (Definition 1...
Logical StepIndexed Logical Relations
"... We show how to reason about “stepindexed ” logical relations in an abstract way, avoiding the tedious, errorprone, and proofobscuring stepindex arithmetic that seems superficially to be an essential element of the method. Specifically, we define a logic LSLR, which is inspired by Plotkin and Aba ..."
Abstract

Cited by 15 (6 self)
 Add to MetaCart
We show how to reason about “stepindexed ” logical relations in an abstract way, avoiding the tedious, errorprone, and proofobscuring stepindex arithmetic that seems superficially to be an essential element of the method. Specifically, we define a logic LSLR, which is inspired by Plotkin and Abadi’s logic for parametricity, but also supports recursively defined relations by means of the modal “later ” operator from Appel et al.’s “very modal model” paper. We encode in LSLR a logical relation for reasoning (in)equationally about programs in callbyvalue System F extended with recursive types. Using this logical relation, we derive a useful set of rules with which we can prove contextual (in)equivalences without mentioning step indices. 1
Programming Metalogics with a Fixpoint Type
, 1992
"... A programming metalogic is a formal system into which programming languages can be translated and given meaning. The translation should both reflect the structure of the language and make it easy to prove properties of programs. This thesis develops certain metalogics using techniques of category th ..."
Abstract

Cited by 12 (6 self)
 Add to MetaCart
A programming metalogic is a formal system into which programming languages can be translated and given meaning. The translation should both reflect the structure of the language and make it easy to prove properties of programs. This thesis develops certain metalogics using techniques of category theory and treats recursion in a new way. The notion of a category with fixpoint object is defined. Corresponding to this categorical structure there are type theoretic equational rules which will be present in all of the metalogics considered. These rules define the fixpoint type which will allow the interpretation of recursive declarations. With these core notions FIX categories are defined. These are the categorical equivalent of an equational logic which can be viewed as a very basic programming metalogic. Recursion is treated both syntactically and categorically. The expressive power of the equational logic is increased by embedding it in an intuitionistic predicate calculus, giving rise to the FIX logic. This contains propositions about the evaluation of computations to values and an induction principle which is derived from the definition of a fixpoint object as an initial algebra. The categorical structure which accompanies the FIX logic is defined, called a FIX hyperdoctrine, and certain existence and disjunction properties of FIX are stated. A particular FIX hyperdoctrine is constructed and used in the proof of the same properties. PCFstyle languages are translated into the FIX logic and computational adequacy reaulta are proved. Two languages are studied: Both are similar to PCF except one has call by value recursive function declararations and the other higher order conditionals. ...
New Foundations for Fixpoint Computations
, 1990
"... This paper introduces a new higherorder typed constructive predicate logic for fixpoint computations, which exploits the categorical semantics of computations introduced by Moggi [8] and contains a strong version of MartinLof's `iteration type' [11]. The type system enforces a separation of comput ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
This paper introduces a new higherorder typed constructive predicate logic for fixpoint computations, which exploits the categorical semantics of computations introduced by Moggi [8] and contains a strong version of MartinLof's `iteration type' [11]. The type system enforces a separation of computations from values. The logic contains a novel form of fixpoint induction and can express partial and total correctness statements about evaluation of computations to values. The constructive nature of the logic is witnessed by strong metalogical properties which are proved using a categorytheoretic version of the `logical relations' method. 1 Computation types It is well known that primitive recursion at higher types can be given a categorical characterisation in terms of Lawvere's concept of natural number object [6]. We show that a similar characterisation can be given for general recursion via fixpoint operators of higher types, in terms of a new conceptthat of a fixpoint object in ...