Results 1  10
of
45
A New Approach to Abstract Syntax Involving Binders
 In 14th Annual Symposium on Logic in Computer Science
, 1999
"... Syntax Involving Binders Murdoch Gabbay Cambridge University DPMMS Cambridge CB2 1SB, UK M.J.Gabbay@cantab.com Andrew Pitts Cambridge University Computer Laboratory Cambridge CB2 3QG, UK ap@cl.cam.ac.uk Abstract The FraenkelMostowski permutation model of set theory with atoms (FMsets) ..."
Abstract

Cited by 146 (14 self)
 Add to MetaCart
Syntax Involving Binders Murdoch Gabbay Cambridge University DPMMS Cambridge CB2 1SB, UK M.J.Gabbay@cantab.com Andrew Pitts Cambridge University Computer Laboratory Cambridge CB2 3QG, UK ap@cl.cam.ac.uk Abstract The FraenkelMostowski permutation model of set theory with atoms (FMsets) can serve as the semantic basis of metalogics for specifying and reasoning about formal systems involving name binding, ffconversion, capture avoiding substitution, and so on. We show that in FMset theory one can express statements quantifying over `fresh' names and we use this to give a novel settheoretic interpretation of name abstraction. Inductively defined FMsets involving this nameabstraction set former (together with cartesian product and disjoint union) can correctly encode objectlevel syntax modulo ffconversion. In this way, the standard theory of algebraic data types can be extended to encompass signatures involving binding operators. In particular, there is an associated n...
Intuitionistic Reasoning about Shared Mutable Data Structure
 Millennial Perspectives in Computer Science
, 2000
"... Drawing upon early work by Burstall, we extend Hoare's approach to proving the correctness of imperative programs, to deal with programs that perform destructive updates to data structures containing more than one pointer to the same location. The key concept is an "independent conjunction" P & ..."
Abstract

Cited by 107 (5 self)
 Add to MetaCart
Drawing upon early work by Burstall, we extend Hoare's approach to proving the correctness of imperative programs, to deal with programs that perform destructive updates to data structures containing more than one pointer to the same location. The key concept is an "independent conjunction" P & Q that holds only when P and Q are both true and depend upon distinct areas of storage. To make this concept precise we use an intuitionistic logic of assertions, with a Kripke semantics whose possible worlds are heaps (mapping locations into tuples of values).
Linearity, Sharing and State: a fully abstract game semantics for Idealized Algol with active expressions
 ALGOLLIKE LANGUAGES
, 1997
"... The manipulation of objects with state which changes over time is allpervasive in computing. Perhaps the simplest example of such objects are the program variables of classical imperative languages. An important strand of work within the study of such languages, pioneered by John Reynolds, focusses ..."
Abstract

Cited by 103 (18 self)
 Add to MetaCart
The manipulation of objects with state which changes over time is allpervasive in computing. Perhaps the simplest example of such objects are the program variables of classical imperative languages. An important strand of work within the study of such languages, pioneered by John Reynolds, focusses on "Idealized Algol", an elegant synthesis of imperative and functional features. We present a novel semantics for Idealized Algol using games, which is quite unlike traditional denotational models of state. The model takes into account the irreversibility of changes in state, and makes explicit the difference between copying and sharing of entities. As a formal measure of the accuracy of our model, we obtain a full abstraction theorem for Idealized Algol with active expressions.
Secure Information Flow and Pointer Confinement in a Javalike Language
 In IEEE Computer Security Foundations Workshop (CSFW
, 2002
"... We consider a sequential objectoriented language with pointers and mutable state, private fields and classbased visibility, dynamic binding and inheritance, recursive classes, casts and type tests, and recursive methods. Programs are annotated with security levels, constrained by security typing ru ..."
Abstract

Cited by 101 (17 self)
 Add to MetaCart
We consider a sequential objectoriented language with pointers and mutable state, private fields and classbased visibility, dynamic binding and inheritance, recursive classes, casts and type tests, and recursive methods. Programs are annotated with security levels, constrained by security typing rules. A noninterference theorem shows how the rules ensure pointer confinement and secure information flow.
Relational reasoning in a nominal semantics for storage
 In Proc. 7th International Conference on Typed Lambda Calculi and Applications (TLCA), volume 3461 of Lecture Notes in Computer Science
, 2005
"... a higherorder CBV language with recursion and dynamically allocated mutable references that may store both ground data and the addresses of other references, but not functions. This model is adequate, though far from fully abstract. We then develop a relational reasoning principle over the denotati ..."
Abstract

Cited by 58 (13 self)
 Add to MetaCart
a higherorder CBV language with recursion and dynamically allocated mutable references that may store both ground data and the addresses of other references, but not functions. This model is adequate, though far from fully abstract. We then develop a relational reasoning principle over the denotational model, and show how it may be used to establish various contextual equivalences involving allocation and encapsulation of store. 1
Notions of Computation Determine Monads
 Proc. FOSSACS 2002, Lecture Notes in Computer Science 2303
, 2002
"... We give semantics for notions of computation, also called computational effects, by means of operations and equations. We show that these generate several of the monads of primary interest that have been used to model computational effects, with the striking omission of the continuations monad, demo ..."
Abstract

Cited by 54 (7 self)
 Add to MetaCart
We give semantics for notions of computation, also called computational effects, by means of operations and equations. We show that these generate several of the monads of primary interest that have been used to model computational effects, with the striking omission of the continuations monad, demonstrating the latter to be of a different character, as is computationally true. We focus on semantics for global and local state, showing that taking operations and equations as primitive yields a mathematical relationship that reflects their computational relationship.
An observationally complete program logic for imperative higherorder functions
 In Proc. LICS’05
, 2005
"... Abstract. We propose a simple compositional program logic for an imperative extension of callbyvalue PCF, built on Hoare logic and our preceding work on program logics for pure higherorder functions. A systematic use of names and operations on them allows precise and general description of comple ..."
Abstract

Cited by 39 (11 self)
 Add to MetaCart
Abstract. We propose a simple compositional program logic for an imperative extension of callbyvalue PCF, built on Hoare logic and our preceding work on program logics for pure higherorder functions. A systematic use of names and operations on them allows precise and general description of complex higherorder imperative behaviour. The proof rules of the logic exactly follow the syntax of the language and can cleanly embed, justify and extend the standard proof rules for total correctness of Hoare logic. The logic offers a foundation for general treatment of aliasing and local state on its basis, with minimal extensions. After establishing soundness, we prove that valid assertions for programs completely characterise their behaviour up to observational congruence, which is proved using a variant of finite canonical forms. The use of the logic is illustrated through reasoning examples which are hard to assert and infer using existing program logics.
Logical Relations for Encryption
, 2002
"... The theory of relational parametricity and its logical relations proof technique are powerful tools for reasoning about information hiding in the polymorphic calculus. We investigate the application of these tools in the security domain by defining a cryptographic calculusan extension of the ..."
Abstract

Cited by 38 (2 self)
 Add to MetaCart
The theory of relational parametricity and its logical relations proof technique are powerful tools for reasoning about information hiding in the polymorphic calculus. We investigate the application of these tools in the security domain by defining a cryptographic calculusan extension of the standard simply typed calculus with primitives for encryption, decryption, and key generation and introducing syntactic logical relations (in the style of Pitts and BirkedalHarper) for this calculus that can be used to prove behavioral equivalences between programs that use encryption. We illustrate
Parameterised notions of computation
 In MSFP 2006: Workshop on mathematically structured functional programming, ed. Conor McBride and Tarmo Uustalu. Electronic Workshops in Computing, British Computer Society
, 2006
"... Moggi’s Computational Monads and Power et al’s equivalent notion of Freyd category have captured a large range of computational effects present in programming languages such as exceptions, sideeffects, input/output and continuations. We present generalisations of both constructs, which we call para ..."
Abstract

Cited by 37 (3 self)
 Add to MetaCart
Moggi’s Computational Monads and Power et al’s equivalent notion of Freyd category have captured a large range of computational effects present in programming languages such as exceptions, sideeffects, input/output and continuations. We present generalisations of both constructs, which we call parameterised monads and parameterised Freyd categories, that also capture computational effects with parameters. Examples of such are composable continuations, sideeffects where the type of the state varies and input/output where the range of inputs and outputs varies. By also considering monoidal parameterisation, we extend the range of effects to cover separated sideeffects and multiple independent streams of I/O. We also present two typed λcalculi that soundly and completely model our categorical definitions — with and without monoidal parameterisation — and act as prototypical languages with parameterised effects.