This paper formalises within first-order logic some common practices in computer science to do with representing and reasoning about syntactical structures involving named bound variables (as opposed to nameless terms, explicit substitutions, or higher order abstract syntax). It introduces Nominal Logic, a version of first-order many-sorted logic with equality containing primitives for renaming via name-swapping and for freshness of names, from which a notion of binding can be derived. Its axioms express...

FreshML extends ML with elegant and practical constructs for declaring and manipulating syntactical data involving binding operations. User-declared FreshML datatypes involving binders are concrete, in the sense that values of these types can be deconstructed by matching against patterns naming bound variables explicitly. Such matching may have a computational effect in which bound names get swapped with freshly generated names. Previous work on FreshML used a complicated static type system inferring information about the `freshness' of names for expressions in order to tame such effects. The main contribution of this paper is to show (perhaps surprisingly) that a much simpler type system without freshness inference, coupled with name swapping and a conventional treatment of fresh name generation, suffices for FreshML's crucial correctness property---namely that values of datatypes involving binders are operationally equivalent if and only if they represent #-equivalent pieces of object-level syntax. This correctness result is established via a novel denotational semantics. FreshML without static freshness inference is no more impure than ML and our experiences programming in it show that it supports a programming style pleasingly close to informal practice when it comes to dealing with syntax modulo #-equivalence.

We present a generalisation of first-order unification to the practically important case of equations between terms involving binding operations. A substitution of terms for variables solves such an equation if it makes the equated terms #-equivalent, i.e. equal up to renaming bound names. For the applications we have in mind, we must consider the simple, textual form of substitution in which names occurring in terms may be captured within the scope of binders upon substitution. We are able to take a `nominal' approach to binding in which bound entities are explicitly named (rather than using nameless, de Bruijn-style representations) and yet get a version of this form of substitution that respects #-equivalence and possesses good algorithmic properties. We achieve this by adapting an existing idea and introducing a key new idea. The existing idea is terms involving explicit substitutions of names for names, except that here we only use explicit permutations (bijective substitutions). The key new idea is that the unification algorithm should solve not only equational problems, but also problems about the freshness of names for terms. There is a simple generalisation of the classical first-order unification algorithm to this setting which retains the latter's pleasant properties: unification problems involving #-equivalence and freshness are decidable; and solvable problems possess most general solutions.

We present a foundational language for distributed programming, called Lambda 5, that addresses both mobilityof code and locality of resources. In order to construct our system, we appeal to the powerful propositions-as-types interpretation of logic. Specifically, we take the possible worlds of the intuitionistic modal logic IS5 to be nodes ona network, and the connectives 2 and 3 to reflect mobility and locality, respectively. We formulate a novel systemof natural deduction for IS5, decomposing the introduction and elimination rules for 2 and 3, thereby allowing thecorresponding programs to be more direct. We then give an operational semantics to our calculus that is type-safe, logically faithful, and computationally realistic.

We settle the complexity bounds of the model checking problem for the ambient calculus with public names against the ambient logic. We show that if either the calculus contains replication or the logic contains the guarantee operator, the problem is undecidable. In the case of the replication-free calculus and guarantee-free logic we prove that the problem is PSPACE-complete. For the complexity upper-bound, we devise a new representation of processes that remains of polynomial size during process execution; this allows us to keep the model checking procedure in polynomial space. Moreover, we prove PSPACE-hardness of the problem for several quite simple fragments of the calculus and the logic; this suggests that there are no interesting fragments with polynomial-time model checking algorithms.

Trustless Software Dissemination.” In this report, we give a computational interpretation of modal logic in which the modalities necessity (�A) and possibility (♦A) describe locality in a distributed computation. This interpretation is quite natural, given the usual “possible worlds ” semantics underlying modal logic. In our case, the worlds we consider are processes in a spatially distributed configuration. Necessity describes a term that is well-typed anywhere and possibility a term that is well-typed somewhere. Thus typing determines the permissible degree of mobility for terms, in some cases allowing us to create new processes or move terms between existing processes, and in others forbidding mobility. In addition to the purely logical motivations, we present some examples demonstrating how the calculus of modal logic proof terms can be used to write distributed, concurrent programs while preserving safe access to and manipulation of localized resources.

Nominal logic is a theory of names and binding based on the primitive concepts of freshness and swapping, with a self-dual N - (or "new")-quantifier, originally presented as a Hilbert-style axiom system extending first-order logic. We present a sequent calculus for nominal logic called Fresh Logic, or FL, admitting cut-elimination. We use FL to provide a proof-theoretic foundation for nominal logic programming and show how to interpret $FOL^{\Delta abla}$, another logic with a self-dual quantifier, within FL.

In addition to behavioral properties, spatial logics can talk about other key properties of concurrent systems such as secrecy, freshness, usage of resources, and distribution. We study an expressive spatial logic for systems specified in the synchronous pi-calculus with recursion, based on a small set of behavioral and spatial observations. We give coinductive and equational characterizations of the equivalence induced on processes by the logic, and conclude that it strictly lies between structural congruence and strong bisimulation. We then show that model-checking is decidable for a useful class of processes that includes the finite-control fragment of the pi-calculus.

Abstract. We propose a methodology for the analysis of open systems based on process calculi and bisimilarity. Open systems are seen as coordinators (i.e. terms with place-holders), that evolve when suitable components (i.e. closed terms) fill in their place-holders. The distinguishing feature of our approach is the definition of a symbolic operational semantics for coordinators that exploits spatial/modal formulae as labels of transitions and avoids the universal closure of coordinators w.r.t. all components. Two kinds of bisimilarities are then defined, called strict and large, which differ in the way formulae are compared. Strict bisimilarity implies large bisimilarity which, in turn, implies the one based on universal closure. Moreover, for process calculi in suitable formats, we show how the symbolic semantics can be defined constructively, using unification. Our approach is illustrated on a toy process calculus with ccs-like communication within ambients. 1

In this dissertation I argue that modal type systems provide an elegant and practical means for controlling local resources in spatially distributed computer programs. A distributed program is one that executes in multiple physical or logical places. It usually does so because those places have local resources that can only be used in those locations. Such resources can include processing power, proximity to data, hardware, or the physical presence of a user. Programmers that write distributed applications therefore need to be able to reason about the places in which their programs will execute. This work provides an elegant and practical way to think about such programs in the form of a type system derived from modal logic. Modal logic allows for reasoning about truth from multiple simultaneous perspectives. These perspectives, called "worlds," are identified with the locations in the distributed program. This enables the programming language to be simultaneously aware of the various hosts involved in a program, their