Results 11  20
of
85
Strictness Analysis in Logical Form
, 1991
"... This paper presents a framework for comparing two strictness analysis techniques: Abstract interpretation and nonstandard type inference. The comparison is based on the representation of a lattice by its ideals. A formal system for deducing inclusions between ideals of a lattice is presented and p ..."
Abstract

Cited by 44 (2 self)
 Add to MetaCart
This paper presents a framework for comparing two strictness analysis techniques: Abstract interpretation and nonstandard type inference. The comparison is based on the representation of a lattice by its ideals. A formal system for deducing inclusions between ideals of a lattice is presented and proved sound and complete. Viewing the ideals as strictness properties we use the formal system to define a program logic for deducing strictness properties of expressions in a typed lambda calculus. This strictness logic is shown to be sound and complete with respect to the abstract interpretation, which establishes the main result that strictness analysis by typeinference and by abstract interpretation are equally powerful techniques. 1 Introduction Abstract interpretation is a wellestablished technique for static analysis of programs. Its virtue is its strong connection with denotational semantics which provides a means of proving the analysis correct. Its vice is that the process of...
Strictness Analysis Aids Time Analysis
 In Conference Record of the 15th Annual ACM Symposium on Principles of Programming Languages. ACM
, 1988
"... Analysing time complexity of functional programs in a lazy language is problematic, because the time required to evaluate a function depends on how much of the result is "needed" in the computation. Recent results in strictness analysis provide a formalisation of this notion of "need", and thus can ..."
Abstract

Cited by 35 (0 self)
 Add to MetaCart
Analysing time complexity of functional programs in a lazy language is problematic, because the time required to evaluate a function depends on how much of the result is "needed" in the computation. Recent results in strictness analysis provide a formalisation of this notion of "need", and thus can be adapted to analyse time complexity. The future of programming may be in this paradigm: to create software, first write a specification that is clear, and then refine it to an implementation that is efficient. In particular, this paradigm is a prime motivation behind the study of functional programming. Much has been written about the process of transforming one functional program into another. However, a key part of the process has been largely ignored, for very little has been written about assessing the efficiency of the resulting programs. Traditionally, the major indicators of efficiency are time and space complexity. This paper focuses on the former. Functional programming can be sp...
Reference Counting as a Computational Interpretation of Linear Logic
 Journal of Functional Programming
, 1996
"... We develop formal methods for reasoning about memory usage at a level of abstraction suitable for establishing or refuting claims about the potential applications of linear logic for static analysis. In particular, we demonstrate a precise relationship between type correctness for a language based o ..."
Abstract

Cited by 35 (0 self)
 Add to MetaCart
We develop formal methods for reasoning about memory usage at a level of abstraction suitable for establishing or refuting claims about the potential applications of linear logic for static analysis. In particular, we demonstrate a precise relationship between type correctness for a language based on linear logic and the correctness of a referencecounting interpretation of the primitives that the language draws from the rules for the `of course' operation. Our semantics is `lowlevel' enough to express sharing and copying while still being `highlevel ' enough to abstract away from details of memory layout. This enables the formulation and proof of a result describing the possible runtime reference counts of values of linear type. Contents 1 Introduction 1 2 Operational Semantics with Memory 4 3 A Programming Language Based on Linear Logic 9 4 Semantics 14 5 Properties of the Semantics 24 6 Linear Logic and Memory 27 7 Discussion 32 A Proofs of the Main Theorems 36 Acknowledgements...
Binding Time Analysis: A New PERspective
 In Proceedings of the ACM Symposium on Partial Evaluation and SemanticsBased Program Manipulation (PEPM'91
, 1991
"... Given a description of the parameters in a program that will be known at partial evaluation time, a binding time analysis must determine which parts of the program are dependent solely on these known parts (and therefore also known at partial evaluation time). In this paper a binding time analysis f ..."
Abstract

Cited by 34 (6 self)
 Add to MetaCart
Given a description of the parameters in a program that will be known at partial evaluation time, a binding time analysis must determine which parts of the program are dependent solely on these known parts (and therefore also known at partial evaluation time). In this paper a binding time analysis for the simply typed lambda calculus is presented. The analysis takes the form of an abstract interpretation and uses a novel formalisation of the problem of binding time analysis, based on the use of partial equivalence relations. A simple proof of correctness is achieved by the use of logical relations. 1 Introduction Given a description of the parameters in a program that will be known at partial evaluation time, a binding time analysis must determine which parts of the program are dependent solely on these known parts (and therefore also known at partial evaluation time). A binding time analysis performed prior to the partial evaluation process can have several practical benefits (see [...
CompileTime Detection of Information Flow in Sequential Programs
, 1994
"... We give a formal definition of the notion of information flow for a simple guarded command language. We propose an axiomatisation of security properties based on this notion of information flow and we prove its soundness with respect to the operational semantics of the language. We then identify t ..."
Abstract

Cited by 32 (2 self)
 Add to MetaCart
We give a formal definition of the notion of information flow for a simple guarded command language. We propose an axiomatisation of security properties based on this notion of information flow and we prove its soundness with respect to the operational semantics of the language. We then identify the sources of non determinism in proofs and we derive in successive steps an inference algorithm which is both sound and complete with respect to the inference system.
Filterbased Model Checking of Partial Systems
 In Proceedings of the Sixth ACM SIGSOFT Symposium on Foundations of Software Engineering
, 1998
"... Recent years have seen dramatic growth in the application of model checking techniques to the validation and verification of correctness properties of hardware, and more recently software, systems. Most of this work has been aimed at reasoning about properties of complete systems. This paper describ ..."
Abstract

Cited by 30 (8 self)
 Add to MetaCart
Recent years have seen dramatic growth in the application of model checking techniques to the validation and verification of correctness properties of hardware, and more recently software, systems. Most of this work has been aimed at reasoning about properties of complete systems. This paper describes an automatable approach for building finitestate models of partially defined software systems that are amenable to model checking using existing tools. It enables the application of existing model checking tools to system components taking into account assumptions about the behavior of the environment in which the components will execute. We illustrate the application of the approach by validating and verifying properties of a reusable parameterized programming framework. 1.1 Keywords Software verification and validation, model checking, assumeguarantee reasoning, filterbased analysis 2 INTRODUCTION Modern software is, increasingly, built as a collection of independently produced c...
Finding feasible abstract counterexamples
 STTT
, 2003
"... Abstract. A strength of model checking is its ability to automate the detection of subtle system errors and produce traces that exhibit those errors. Given the highcomputational cost of model checking most researchers advocate the use of aggressive propertypreserving abstractions. Unfortunately, th ..."
Abstract

Cited by 23 (5 self)
 Add to MetaCart
Abstract. A strength of model checking is its ability to automate the detection of subtle system errors and produce traces that exhibit those errors. Given the highcomputational cost of model checking most researchers advocate the use of aggressive propertypreserving abstractions. Unfortunately, the more aggressively a system is abstracted the more infeasible behavior it will have. Thus, while abstraction enables efficient model checking it also threatens the usefulness of model checking as a defect detection tool, since it may be difficult to determine whether a counterexample is feasible and hence worth developer time to analyze. We have explored several strategies for addressing this problem by extending an explicitstate model checker, Java PathFinder (JPF), to search for and analyze counterexamples in the presence of abstractions. We demonstrate that these techniques effectively preserve the defect detection ability of model checking in the presence of aggressive abstraction by applying them to check properties of several abstracted multithreaded Java programs. These new capabilities are not specific to JPF and can be easily adapted to other model checking frameworks; we describe how this was done for the Bandera toolset.
Rethinking the Taxonomy of Fault Detection Techniques
, 1991
"... The conventional classification of software fault detection techniques as static or dynamic analysis is inadequate as a basis for identifying useful relationships between techniques. A more useful distinction is between techniques that sample the space of possible executions, and techniques that ..."
Abstract

Cited by 22 (0 self)
 Add to MetaCart
The conventional classification of software fault detection techniques as static or dynamic analysis is inadequate as a basis for identifying useful relationships between techniques. A more useful distinction is between techniques that sample the space of possible executions, and techniques that fold the space. The new distinction provides better insight into the ways different techniques can interact, and is a basis for considering hybrid fault detection techniques including combinations of testing and formal verification.
An Integrated Approach to System Modelling using a Synthesis of Artificial Intelligence, Software Engineering and Simulation Methodologies
 ACM TRANSACTIONS ON MODELING AND COMPUTER SIMULATION
, 1992
"... Traditional computer simulation terminology includes taxonomic divisions with terms such as "discrete event," "continuous," and "process oriented." Even though such terms have become familiar to simulation researchers, the terminology is distinct from other disciplines such as artificial intellig ..."
Abstract

Cited by 21 (12 self)
 Add to MetaCart
Traditional computer simulation terminology includes taxonomic divisions with terms such as "discrete event," "continuous," and "process oriented." Even though such terms have become familiar to simulation researchers, the terminology is distinct from other disciplines such as artificial intelligence and software engineering which have similar goals relating specifically to modelling dynamic systems. There is a need to unify terminology among these disciplines so that system modelling is formalized in a common framework. We present a perspective that serves to characterize simulation models in terms of their procedural versus declarative orientations since these two orientations are prevalent throughout most modelling disciplines that we have encountered. We used a sample dynamic system (e.g., two jug problem) found in artificial intelligence to highlight the connecting threads in system modelling within each discipline. Moreover, in teaching simulation students using this perspe...