Results

**11 - 15**of**15**### An Environment for Developing Securely Interoperable Heterogeneous Distributed Objects

"... lements a capability-based security model Theorems Theorems Mumbo Robust Object Calculus (ROC) ROC Mechanization into HOL Distributed Applications Distributed App MOM Theorems ROC Theorems Meta Object Model (MOM) Mumbo COOPL Figure 1 The Meta-Object Operating System Environment (MOOSE). of access c ..."

Abstract
- Add to MetaCart

lements a capability-based security model Theorems Theorems Mumbo Robust Object Calculus (ROC) ROC Mechanization into HOL Distributed Applications Distributed App MOM Theorems ROC Theorems Meta Object Model (MOM) Mumbo COOPL Figure 1 The Meta-Object Operating System Environment (MOOSE). of access control for distributed objects. Capabilities, which are unforgeable tokens, are modeled in ROC by unique names that are not visible and cannot be reproduced. MOM is used to design Mumbo, a concurrent object-oriented programming language (COOPL) for orchestrating the secure interoperability of heterogeneous resources in open systems. Mumbo employs wrapper technology and abstract specifications to integrate native components, while translators provide mappings from high-level languages to ROC, permitting source-level integration. Mumbo uses MOM's security model to support Discretionary Access Control (DAC) for software components. It also provides new language construc

### ROCVM: A Formal Execution Model for High Assurance, Heterogeneous Distributed Computing.

"... Most primitive languages reflect the hardware on which they execute. Current hardware promotes the development of sequential languages. Such languages do not provide atomic forms of communication (a fundamental concept in distributed computing), prohibiting fine-grained concurrency. Furthermore, mos ..."

Abstract
- Add to MetaCart

Most primitive languages reflect the hardware on which they execute. Current hardware promotes the development of sequential languages. Such languages do not provide atomic forms of communication (a fundamental concept in distributed computing), prohibiting fine-grained concurrency. Furthermore, most programming languages lack formal semantics, making analysis, i.e. the specification and proof of abstract properties, difficult. The following is a proposal to build a primitive concurrent execution model with formal semantics along with a tool for reasoning about the resulting systems. The fundamental event in the formal concurrent language is communication, so that computation consists of concurrent agents communicating values. A communication occurs between two agents when they are visible to each other and their communication offers match. The execution model will use a primitive language for specifying composable concurrent systems consisting of agents communicating through pattern m...

### Automated Proof Support for Reasoning about Distributed Mobile Programs

, 1997

"... The ß calculus is a process algebra for modelling concurrent systems in which the pattern of communication may change over time. We encode various versions of the ß calculus in Higher Order Logic, using the HOL90 and the HOL Light theorem provers. We extend the work of Tom Melham by attempting to in ..."

Abstract
- Add to MetaCart

The ß calculus is a process algebra for modelling concurrent systems in which the pattern of communication may change over time. We encode various versions of the ß calculus in Higher Order Logic, using the HOL90 and the HOL Light theorem provers. We extend the work of Tom Melham by attempting to incorporate polyadicity, agent definitions, guarded sums and the notion of barbed equivalence. We also encode a ß calculus with localities, the ß l calculus, and a translation from the ß l calculus to the ß calculus. Using these operational theories, we attempt a proof for an example system in the ß l calculus, translated into the ß calculus. Contents 1 Introduction 3 1.1 Problem Definition : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 3 1.2 Background : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 3 1.3 Related Work : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 4 1.4 Outline to the rest of the report : : : : : : : : : : :...

### Modalities in Analysis and Verification

, 1996

"... interpretation techniques have been very successful in for instance sharply reducing state space requirements for problems with very large, but finite, state spaces [5]. An important property is to preserve validity under abstraction. For instance, in [5] validity in a universal fragment of CTL i ..."

Abstract
- Add to MetaCart

interpretation techniques have been very successful in for instance sharply reducing state space requirements for problems with very large, but finite, state spaces [5]. An important property is to preserve validity under abstraction. For instance, in [5] validity in a universal fragment of CTL is preserved. Other authors have considered other fragments [6, 11]. Also positive and negative interpretations can be combined to provide sound, but incomplete interpretations of richer logics, as in [16, 7]. At the end of the day, however, if exact and very generally applicable analyses are called for then automated approaches are in our opinion likely to fall short of the target. As examples of the type of properties we ultimately wish to verify, consider the following kinds of properties of a process P : ffl No matter what agent P receives on channel a, if that agent ever tries to access x then a notification will be emitted on channel b. ffl P will eventually output a reference to an f...

### Reasoning with Inductively Defined Relations in the HOL Theorem Prover

, 1992

"... : Inductively defined relations are among the basic mathematical tools of computer science. Examples include evaluation and computation relations in structural operational semantics, labelled transition relations in process algebra semantics, inductively-defined typing judgements, and proof systems ..."

Abstract
- Add to MetaCart

: Inductively defined relations are among the basic mathematical tools of computer science. Examples include evaluation and computation relations in structural operational semantics, labelled transition relations in process algebra semantics, inductively-defined typing judgements, and proof systems in general. This paper describes a set of HOL theorem-proving tools for reasoning about such inductively defined relations. We also describe a suite of worked examples using these tools. First printed: August 1992 Parts of this report have previously appeared as: T. Melham, `A Package for Inductive Relation Definitions in HOL', in Proceedings of the 1991 International Workshop on the HOL Theorem Proving System and its Applications, Davis, August 1991, edited by M. Archer, J. J. Joyce, K. N. Levitt, and P. J. Windley (IEEE Computer Society Press, 1992), pp. 350--357. Contents Introduction 4 1 Inductive definitions 5 1.1 Rule induction : : : : : : : : : : : : : : : : : : : : : : : : :...