Results 1 
6 of
6
The Generic Approximation Lemma
 Information Processing Letters
, 2001
"... The approximation lemma is a simplification of the wellknown take lemma, and is used to prove properties of programs that produce lists of values. We show how the approximation lemma, unlike the take lemma, can naturally be generalised from lists to a large class of datatypes, and present a gen ..."
Abstract

Cited by 13 (2 self)
 Add to MetaCart
The approximation lemma is a simplification of the wellknown take lemma, and is used to prove properties of programs that produce lists of values. We show how the approximation lemma, unlike the take lemma, can naturally be generalised from lists to a large class of datatypes, and present a generic approximation lemma that is parametric in the datatype to which it applies. As a useful byproduct, we find that generalising the approximation lemma in this way also simplifies its proof. Keywords: Programming calculi; Functional Programming 1 Introduction The standard proof method for programs that consume lists of values is structural induction. However, this method is not applicable to the dual case of programs that produce lists of values, because in general such programs do not have a list argument over which to perform induction. Proof methods that are applicable to such programs have recently been surveyed in [6], and include fixpoint induction [4], the take lemma [3], coin...
Aspects preserving properties
 IN PROC. OF THE 2008 ACM SIGPLAN SYMPOSIUM ON PARTIAL EVALUATION AND SEMANTICBASED PROGRAM MANIPULATION (PEPM’08
, 2008
"... Aspect Oriented Programming can arbitrarily distort the semantics of programs. In particular, weaving can invalidate crucial safety and liveness properties of the base program. In this article, we identify categories of aspects that preserve some classes of properties. It is then sufficient to check ..."
Abstract

Cited by 10 (2 self)
 Add to MetaCart
Aspect Oriented Programming can arbitrarily distort the semantics of programs. In particular, weaving can invalidate crucial safety and liveness properties of the base program. In this article, we identify categories of aspects that preserve some classes of properties. It is then sufficient to check that an aspect belongs to a specific category to know which properties will remain satisfied by woven programs. Our categories of aspects, inspired by Katz’s, comprise observers, aborters and confiners. Observers introduce new instructions and a new local state but they do not modify the base program’s state and controlflow. Aborters are observers which may also abort executions. Confiners only ensure that executions remain in the reachable states of the base program. These categories (along with three other) are defined precisely based on a language independent abstract semantics framework. The classes of properties are defined as subsets of LTL for deterministic programs and CTL* for nondeterministic ones. We can formally prove that, for any program, the weaving of any aspect in a category preserves any property in the related class. We give examples
When is a function a fold or an unfold
 Coalgebraic Methods in Computer Science, number 44.1 in Electronic Notes in Theoretical Computer Science
, 2001
"... We give a necessary and sufficient condition for when a settheoretic function can be written using the recursion operator fold, and a dual condition for the recursion operator unfold. The conditions are simple, practically useful, and generic in the underlying datatype. 1 ..."
Abstract

Cited by 9 (3 self)
 Add to MetaCart
We give a necessary and sufficient condition for when a settheoretic function can be written using the recursion operator fold, and a dual condition for the recursion operator unfold. The conditions are simple, practically useful, and generic in the underlying datatype. 1
Domain separation by construction
 In Foundations of Computer Security Workshop(FCS’03
, 2003
"... Abstract. Languagebased approaches to security typically use static type systems to control information flow, relying on type inference to distinguish secure programs from insecure ones. This paper advocates a novel approach to languagebased security: by structuring software with monads (a form of ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Abstract. Languagebased approaches to security typically use static type systems to control information flow, relying on type inference to distinguish secure programs from insecure ones. This paper advocates a novel approach to languagebased security: by structuring software with monads (a form of abstract data type for effects), we are able to maintain separation of effects by construction. The thesis of this work is that wellunderstood properties of monads and monad transformers aid in the construction and verification of secure software. We introduce a formulation of noninterference based on monads (rather than the typical tracebased formulation). Using this formulation, we prove a noninterference style property for a simple instance of our abstract system model. Because monads may be easily and safely represented within any higherorder, typed functional language, monadic event systems may be directly realized within such a language. 1
Specialized Aspect Languages Preserving Classes of Properties
"... Aspect oriented programming can arbitrarily distort the semantics of programs. In particular, weaving can invalidate crucial safety and liveness properties of the base program. In previous work, we have identified categories of aspects that preserve classes of temporal properties. We have formally p ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
Aspect oriented programming can arbitrarily distort the semantics of programs. In particular, weaving can invalidate crucial safety and liveness properties of the base program. In previous work, we have identified categories of aspects that preserve classes of temporal properties. We have formally proved that, for any program, the weaving of any aspect in a category preserves all properties in the related class. In this article, after a summary of our previous
Deriving Sorting Algorithms by José Bacelar Almeida and Jorge Sousa Pinto
, 2006
"... This paper shows how 3 wellknown sorting algorithms can be derived by similar sequences of transformation steps from a common specification. Each derivation uses an auxiliary algorithm based on insertion into an intermediate structure. The proofs given involve both inductive and coinductive reasoni ..."
Abstract
 Add to MetaCart
This paper shows how 3 wellknown sorting algorithms can be derived by similar sequences of transformation steps from a common specification. Each derivation uses an auxiliary algorithm based on insertion into an intermediate structure. The proofs given involve both inductive and coinductive reasoning, which are here expressed in the same program calculation framework, based on unicity properties. Deriving Sorting Algorithms