We propose a general, powerful framework of type systems for the #-calculus, and show that we can obtain as its instances a variety of type systems guaranteeing non-trivial properties like deadlock-freedom and race-freedom. A key idea is to express types and type environments as abstract processes: We can check various properties of a process by checking the corresponding properties of its type environment. The framework clarifies the essence of recent complex type systems, and it also enables sharing of a large amount of work such as a proof of type preservation, making it easy to develop new type systems.

The asynchronous pi-calculus is considered the basis of experimental programming languages (or proposal of programming languages) like Pict, Join, and Blue calculus. However, at a closer inspection, these languages are based on an even simpler calculus, called Local (L), where: (a) only the output capability of names may be transmitted; (b) there is no matching or similar constructs for testing equality between names. We study the basic operational and algebraic theory of Lpi. We focus on bisimulation-based behavioural equivalences, precisely on barbed congruence. We prove two coinductive characterisations of barbed congruence in Lpi, and some basic algebraic laws. We then show applications of this theory, including: the derivability of delayed input; the correctness of an optimisation of the encoding of call-by-name lambda-calculus; the validity of some laws for Join.

Abstraction and composition are the fundamental issues in making model checking viable for software. This paper proposes new techniques for automating abstraction and decomposition using source level type information provided by the programmer. Our system includes two novel components to achieve this end: (1) a new behavioral type-and-effect system for the pi-calculus, which extracts sound models as types, and (2) a new assume-guarantee proof rule for carrying out compositional model checking on the types. Open simulation between CCS processes is used as both the subtyping relation in the type system and the abstraction relation for compositional model checking. We have implemented these ideas in a tool -- Piper. Piper exploits type signatures provided by the programmer to partition the model checking problem, and emit model checking obligations that are discharged using the Spin model checker. We present the details on applying Piper on two examples: (1) the SIS standard for managing trouble tickets across multiple organizations and (2) a file reader from the pipelined implementation of a web server.

The -calculus with synchronous output and mixed-guarded choices is strictly more expressive than the -calculus with asynchronous output and no choice. As a corollary, Palamidessi recently proved that there is no fully compositional encoding from the former into the latter that preserves divergence-freedom and symmetries. This paper shows

Abstract. Communication is becoming one of the central elements in software development. As a potential typed foundation for structured communication-based programming, session types have been studied over the last decade for a wide range of process calculi and programming languages, focussing on binary (twoparty) sessions. This work extends the foregoing theories of binary session types to multiparty, asynchronous sessions, which often arise in practical communicationcentred applications. Presented as a typed calculus for mobile processes, the theory introduces a new notion of types in which interactions involving multiple peers are directly abstracted as a global scenario. Global types retain a friendly type syntax of binary session types while capturing complex causal chains of multiparty asynchronous interactions. A global type plays the role of a shared agreement among communication peers, and is used as a basis of efficient type checking through its projection onto individual peers. The fundamental properties of the session type discipline such as communication safety and progress are

Interpretation. An alternative way to analyze the behavior of a concurrent program would be to use abstract interpretation [4, 5]. Actually, from a very general viewpoint, our type-based analysis of locks can be seen as a kind of abstract interpretation. We can read a type judgment # P as "# is an abstraction of a concrete process P ." (The relation "#" corresponds to a pair of abstraction /concretization functions.) Indeed, we can regard a type environment as an abstract process: we have defined reductions of type environments in Section 3.7.

We extend Kobayashi and Sumii's type system for the deadlock -free #-calculus and develop a type reconstruction algorithm. Kobayashi and Sumii's type system helps high-level reasoning about concurrent programs by guaranteeing that communication on certain channels will eventually succeed. It can ensure, for example, that a process implementing a function really behaves like a function. However, because it lacked a type reconstruction algorithm and required rather complicated type annotations, applying it to real concurrent languages was impractical. We have therefore developed a type reconstruction algorithm for an extension of the type system. The key novelties that made it possible are generalization of usages (which specifies how each communication channel is used) and a subusage relation. 1

Concurrent objects oer services non-uniformly, as the availability of a service may depend on the internal state of the object. Types-as-interfaces is an approach not suitable to model non-uniform service availability, and the message-not-understood communication error is, in this setting, very restrictive. We propose a looser denition of communication error, demanding only weak fairness for the reception of messages, by not accounting as errors messages that request methods that may become enabled at some time in the future. This new notion of error detects messages that are never accepted, either because the requested method does not exists at all, or because the object is deadlocked and cannot change its state to accept the request. We formalise non-uniform concurrent objects in T yCO, a name-passing object calculus, and we ensure program safety via a type system. Types are terms of a process algebra which describe dynamic aspects of the behaviour of objects. The type sy...

Abstract. We extend a previous type system for the π-calculus that guarantees deadlock-freedom. The previous type systems for deadlockfreedom either lacked a reasonable type inference algorithm or were not strong enough to ensure deadlock-freedom of processes using recursion. Although the extension is fairly simple, the new type system admits type inference and is much more expressive than the previous type systems that admit type inference. In fact, we show that the simply-typed λcalculus with recursion can be encoded into the deadlock-free fragment of our typed π-calculus. To enable analysis of realistic programs, we also present an extension of the type system to handle recursive data structures like lists. Both extensions have already been incorporated into the recent release of TyPiCal, a type-based analyzer for the π-calculus. 1

Distributed message-passing based asynchronous systems are becoming increasingly important. Such systems are notoriously hard to design and test. A promising approach to help programmers design such programs is to provide a behavioral type system that checks for behavioral properties such as deadlock freedom using a combination of type inference and model checking. The fundamental challenge in making a behavioral type system work for realistic concurrent programs is state explosion. This paper develops the theory to design a behavioral module system that permits decomposing the type checking problem, saving exponential cost in the analysis. Unlike module systems for sequential programming languages, a behavioral specification for a module typically assumes that the module operates in an appropriate concurrent context. We identify assume-guarantee reasoning as a fundamental principle in designing such a module system. Concretely, we propose a behavioral module system for pi-calculus programs. Types are CCS processes that correctly approximate the behavior of programs, and by applying model checking techniques to process types one can check many interesting program properties, including deadlockfreedom and communication progress. We show that modularity can be achieved in our type system by applying circular assume-guarantee reasoning principles whose soundness requires an induction over time. We state and prove an assume-guarantee rule for CCS. Our module system integrates this assume-guarantee rule into our behavioral type system.