Abstract. We present five axioms of name-carrying lambda-terms identified up to alpha-conversion—that is, up to renaming of bound variables. We assume constructors for constants, variables, application and lambdaabstraction. Other constants represent a function Fv that returns the set of free variables in a term and a function that substitutes a term for a variable free in another term. Our axioms are (1) equations relating Fv and each constructor, (2) equations relating substitution and each constructor, (3) alpha-conversion itself, (4) unique existence of functions on lambda-terms defined by structural iteration, and (5) construction of lambda-abstractions given certain functions from variables to terms. By building a model from de Bruijn’s nameless lambda-terms, we show that our five axioms are a conservative extension of HOL. Theorems provable from the axioms include distinctness, injectivity and an exhaustion principle for the constructors, principles of structural induction and primitive recursion on lambda-terms, Hindley and Seldin’s substitution lemmas and

High assurance security is difficult to achieve in distributed computer systems and databases because of their complexity, non-determinism and inherent heterogeneity. The practical application of formal methods is the key to high assurance security in open, distributed environments. This paper proposes the use of formal methods and a special layered architecture to achieve secure interoperation of heterogeneous distributed objects. The foundation is provided by ROC, a process calculus tailored for concurrent objects. Lying aboveROC in the layered architecture is a meta-object model for creating object models with various programming constructs, mega-programming facilities and securitymechanisms. Successive layers of the architecture represent more sophisticated toolkits for modeling distributed objects. Since eachlayer inherits ROC's formal foundation, it automatically has an unambiguous semantics and supports verification.

: This paper describes a mechanization in higher order logic of the theory for a subset of Milner's ccs. The aim is to build a sound and effective tool to support verification and reasoning about process algebra specifications. To achieve this goal, the formal theory for pure ccs (no value passing) is defined in the interactive theorem prover hol, and a set of proof tools, based on the algebraic presentation of ccs, is provided. y Research supported by Consiglio Nazionale delle Ricerche (C.N.R.), Italy. Contents 1 Introduction 2 2 The HOL System 3 3 CCS 4 3.1 Syntax and Operational Semantics : : : : : : : : : : : : : : : : : : : : : : : 4 3.2 Observational Semantics : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 5 3.3 Axiomatic Characterization of Observational Congruence : : : : : : : : : : 6 3.4 A Modal Logic : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 7 4 Mechanization of CCS in HOL 8 4.1 The Syntax : : : : : : : : : : : : : : : : : : : : : ...

The aim of this work is to investigate mechanical support for process algebra, both for concrete applications and theoretical properties. Two approaches are presented using the verification system PVS. One approach declares process terms as an uninterpreted type and specifies equality on terms by axioms. This is convenient for concrete applications where the rewrite mechanisms of PVS can be exploited. For the verification of theoretical results, often induction principles are needed. They are provided by the second approach where process terms are defined as an abstract datatype with a separate equivalence relation. 1 Introduction We investigate the possibilities of obtainingmechanical support for equational reasoning in process algebra. In particular, we consider ACP-style process algebras [2, 3]. In this framework, processes are represented by terms constructed from atoms (denoting atomic actions) and operators such as choice (non-determinism), sequential composition, and para...

A formalisation of pi-calculus in the Coq system is presented. Based on a de Bruijn notation for names, our...

We present a realizability interpretation of co-inductive types based on partial equivalence relations (per's). We extract from the per's interpretation sound rules to type recursive definitions. These recursive definitions are needed to introduce "infinite" and "total" objects of co-inductive type such as an infinite stream or a non-terminating process. We show that the proposed type system enjoys the basic syntactic properties of subject reduction and strong normalization with respect to a confluent rewriting system first studied by Gimenez. We also compare the proposed type system with those studied by Coquand and Gimenez. In particular, we provide a semantic reconstruction of Gimenez's system which suggests a rule to type nested recursive definitions.

. To formally specify and reason about composed systems, a process algebra is developed that integrates an extended interpreter model. This approach utilizes the interpreter model for device decomposition, while also being able to reason about larger systems that require interdevice communication. By combining these approaches, convenient notations are available to specify and verify both device independent properties (e.g., instruction sets) and device interdependent properties (e.g., communication protocols). 1 Introduction Previous approaches to system verification have decomposed systems into several hardware and software layers that may be independently verified [3, 9, 11, 17]. Each layer consists of an implementation description and a more abstract specification. The layers are joined, or "stacked", with each implementation description serving as the specification for the next lower layer. The hardware layers of these systems have been modeled as a microprocessor with memory. Th...

. A formalized theory of alpha-conversion for the #-calculus in

Jody R. Threet (Ph.D. in Computer Science) A Formal Process Calculus and Execution Model for Distributed Agent Computing (55 pp. - V Chapters ) Directed by Professor Sujeet Shenoi (237 words) Most low level machine languages reflect the hardware on which they execute. Current hardware promotes the development of sequential machine languages. Such languages do not provide atomic forms of communication which is a fundamental operation in distributed computing and severely restricts the expression of fine-grained concurrency. Furthermore, most high and low level programming languages lack formal semantics. This makes the analysis, i.e. the specification and proof of abstract properties, practically impossible. This work involves the design of a formal concurrent language which is a robust extension of an exiting flawed concurrent language. The fundamental event in the formal concurrent language is communication, so that computation consists of distributed agents communicating values. A co...

: pto) : amohamed@loria.fr Unite de recherche INRIA Lorraine Technopole de Nancy-Brabois, Campus scientifique, 615 rue de Jardin Botanique, BP 101, 54600 VILLERS LE S NANCY (France) Telephone : (33) 83 59 30 30 -- Telecopie : (33) 83 27 83 19 Antenne de Metz, technopole de Metz 2000, 4 rue Marconi, 55070 METZ Telephone : (33) 87 20 35 00 -- Telecopie : (33) 87 76 39 Verification of ß-calculus equivalence in HOL Abstract: This paper describes a definitionnelle presentation in higher order logic of the theory for Milner's ß-calculus. The algebraic laws for the ß-calculus are proved as theorems in the HOL logic and a set of proof tools is provided. So our system is in fact a secure environment for reasonning about equivalence in the ß-calulus. As a case study, we show by induction the correction of the specification of the addition in ß-calculus. Key-words: ß-calculus, HOL 1 1 Introduction Les alg`ebres de processus sont un cadre naturel pour d'ecrire et analyser les syst`emes conc...