Contracts are behavioral descriptions of Web services. We devise a theory of contracts that formalizes the compatibility of a client to a service, and the safe replacement of a service with another service. The use of contracts statically ensures the successful completion of every possible interaction between compatible clients and services. The technical device that underlies the theory is the filter, which is an explicit coercion preventing some possible behaviors of services and, in doing so, make services compatible with different usage scenarios. We show that filters can be seen as proofs of a sound and complete subcontracting deduction system which simultaneously refines and extends Hennessy’s classical axiomatization of the must testing preorder. The relation is decidable and the decision algorithm is obtained via a cut-elimination process that proves the coherence of subcontracting as a logical system. Despite the richness of the technical development, the resulting approach is based on simple ideas and basic intuitions. Remarkably, its application is mostly independent of the language used to program the services or the clients. We outline the practical aspects of our theory by studying two different concrete syntaxes for contracts and applying each of them to Web services languages. We also explore implementation issues of filters and discuss the perspectives of future research

Several proof-assistants rely on the very formal basis of Pure Type Systems (PTS) as their foundations. We are concerned with the issues involved in the development of large proofs in these provers such as namespace management, development of reusable proof libraries and separate verification. Although actual implementations offer many features to address them, few theoretical foundations have been laid for them up to now.

. This paper shows that the subtyping relation of a higherorder lambda calculus, F ! , is anti-symmetric. It exhibits the rst such proof, establishing in the process that the subtyping relation is a partial order|reexive, transitive, and anti-symmetric up to -equality. While a subtyping relation is reexive and transitive by denition, anti-symmetry is a derived property. The result, which may seem obvious to the nonexpert, is technically challenging, and had been an open problem for almost a decade. In this context, typed operational semantics for subtyping oers a powerful new technology to solve the problem: of particular importance is our extended rule for the well-formedness of types with head variables. The paper also gives a presentation of F ! without a relation for -equality, apparently the rst such, and shows its equivalence with the traditional presentation. 1 Introduction Object-oriented programming languages such as Smalltalk, C++, Modula 3, and ...

Abstract not found

We present a coercive subtyping system for the calculus of constructions. The proposed system λC co ≤ is obtained essentially by adding coercions and η-conversion to λC≤[10], which is a subtyping extension to the calculus of constructions without coercions. Following [17, 18], the coercive subtyping c: A ≤ B is understood as a special case of typing in arrow type c: A → B such that the term c behaves like an identity function. We prove that, with respect to this semantic interpretation, the proposed coercive subtyping system is sound and complete, and that this completeness leads to transitivity elimination (transitivity rule is admissible). In and CCβη, this fact implies that λC co ≤ has confluence, subject reduction and strong normalization. We propose a formalization of coercion inference problem and present a sound and complete coercion inference algorithm. addition, we establish the equivalence between λC co