Results 1  10
of
31
Fibring of logics as a categorial construction
 Journal of Logic and Computation
, 1999
"... Much attention has been given recently to the mechanism of fibring of logics, allowing free mixing of the connectives and using proof rules from both logics. Fibring seems to be a rather useful and general form of combination of logics that deserves detailed study. It is now well understood at the p ..."
Abstract

Cited by 51 (31 self)
 Add to MetaCart
Much attention has been given recently to the mechanism of fibring of logics, allowing free mixing of the connectives and using proof rules from both logics. Fibring seems to be a rather useful and general form of combination of logics that deserves detailed study. It is now well understood at the prooftheoretic level. However, the semantics of fibring is still insufficiently understood. Herein we provide a categorial definition of both prooftheoretic and modeltheoretic fibring for logics without terms. To this end, we introduce the categories of Hilbert calculi, interpretation systems and logic system presentations. By choosing appropriate notions of morphism it is possible to obtain pure fibring as a coproduct. Fibring with shared symbols is then easily obtained by cocartesian lifting from the category of signatures. Soundness is shown to be preserved by these constructions. We illustrate the constructions within propositional modal logic.
The semantics and execution of a synchronous blockdiagram language
 Science of Computer Programming
"... We present a new block diagram language for describing synchronous software. It coordinates the execution of synchronous, concurrent software modules, allowing realtime systems to be assembled from precompiled blocks specified in other languages. The semantics we present, based on fixed points, is ..."
Abstract

Cited by 34 (17 self)
 Add to MetaCart
We present a new block diagram language for describing synchronous software. It coordinates the execution of synchronous, concurrent software modules, allowing realtime systems to be assembled from precompiled blocks specified in other languages. The semantics we present, based on fixed points, is deterministic even in the presence of instantaneous feedback. The execution policy develops a static schedule—a fixed order in which to execute the blocks that makes the system execution predictable. We present exact and heuristic algorithms for finding schedules that minimize system execution time, and show that good schedules can be found quickly. The scheduling algorithms are applicable to other problems where large systems of equations need to be solved.
Constructions, Inductive Types and Strong Normalization
, 1993
"... This thesis contains an investigation of Coquand's Calculus of Constructions, a basic impredicative Type Theory. We review syntactic properties of the calculus, in particular decidability of equality and typechecking, based on the equalityasjudgement presentation. We present a settheoretic notio ..."
Abstract

Cited by 31 (2 self)
 Add to MetaCart
This thesis contains an investigation of Coquand's Calculus of Constructions, a basic impredicative Type Theory. We review syntactic properties of the calculus, in particular decidability of equality and typechecking, based on the equalityasjudgement presentation. We present a settheoretic notion of model, CCstructures, and use this to give a new strong normalization proof based on a modification of the realizability interpretation. An extension of the core calculus by inductive types is investigated and we show, using the example of infinite trees, how the realizability semantics and the strong normalization argument can be extended to nonalgebraic inductive types. We emphasize that our interpretation is sound for large eliminations, e.g. allows the definition of sets by recursion. Finally we apply the extended calculus to a nontrivial problem: the formalization of the strong normalization argument for Girard's System F. This formal proof has been developed and checked using the...
Standard Fixpoint Iteration for Java Bytecode Verification
 ACM Transactions on Programming Languages and Systems
"... . Java bytecode verification forms the basis for Javabased Internet security and needs a rigorous description. One important aspect of bytecode verification is to check if a Java Virtual Machine (JVM) program is statically welltyped. So far several formal specifications have been proposed to defin ..."
Abstract

Cited by 29 (0 self)
 Add to MetaCart
. Java bytecode verification forms the basis for Javabased Internet security and needs a rigorous description. One important aspect of bytecode verification is to check if a Java Virtual Machine (JVM) program is statically welltyped. So far several formal specifications have been proposed to define what the static welltypedness means. This paper takes a step further and presents a chaotic fixpoint iteration, which represents a family of fixpoint computation strategies to compute a least type for each JVM program within a finite number of iteration steps. Since a transfer function in the iteration is not monotone, we choose to follow the example of a nonstandard fixpoint theorem, which requires that all transfer functions are increasing, and monotone in case the bigger element is already a fixpoint. The resulting least type is the artificial top element if and only if the JVM program is not statically welltyped. The iteration is standard and close to Sun's informal specification and...
Extremal Solutions of Inequations over Lattices with Applications to Supervisory Control
 Theoretical Computer Science
"... We study the existence and computation of extremal solutions of a system of inequations defined over lattices. Using the KnasterTarski fixed point theorem, we obtain sufficient conditions for the existence of supremal as well as infimal solution of a given system of inequations. Iterative technique ..."
Abstract

Cited by 15 (7 self)
 Add to MetaCart
We study the existence and computation of extremal solutions of a system of inequations defined over lattices. Using the KnasterTarski fixed point theorem, we obtain sufficient conditions for the existence of supremal as well as infimal solution of a given system of inequations. Iterative techniques are presented for the computation of the extremal solutions whenever they exist, and conditions under which the termination occurs in a single iteration are provided. These results are then applied for obtaining extremal solutions of various inequations that arise in computation of maximally permissive supervisors in control of logical discrete event systems (DESs) first studied by Ramadge and Wonham. Thus our work presents a unifying approach for computation of supervisors in a variety of situations. Keywords: Fixed points, lattices, inequations, discrete event systems, supervisory control, language theory. 1 Introduction Given a set X and a function f : X ! X, x 2 X is called a fixed p...
Weak Key Authenticity and the Computational Completeness of Formal Encryption. Full version available at http://www.cs.umd.edu/∼horvitz, http://www.ee.umd.edu/∼gligor
"... Abstract. A significant effort has recently been made to rigorously relate the formal treatment of cryptography with the computational one. A first substantial step in this direction was taken by Abadi and Rogaway [AR02]. Considering a formal language that treats symmetric encryption, [AR02] show th ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
Abstract. A significant effort has recently been made to rigorously relate the formal treatment of cryptography with the computational one. A first substantial step in this direction was taken by Abadi and Rogaway [AR02]. Considering a formal language that treats symmetric encryption, [AR02] show that an associated formal semantics is sound with respect to an associated computational semantics, under a particular, sufficient, condition on the computational encryption scheme. In this paper, we give a necessary and sufficient condition for completeness, tightly characterizing this aspect of the exposition. Our condition involves the ability to distinguish a ciphertext and the key it was encrypted with, from a ciphertext and a random key. It is shown to be strictly weaker than a previously suggested condition for completeness (confusionfreedom of Micciancio and Warinschi [MW02]), and should be of independent interest.
Synchronization of Logics
 Studia Logica
, 1996
"... Motivated by applications in software engineering, we propose two forms of combination of logics: synchronization on formulae and synchronization on models. We start by reviewing satisfaction systems, consequence systems, onestep derivation systems and theory spaces, as well as their functorial ..."
Abstract

Cited by 12 (9 self)
 Add to MetaCart
Motivated by applications in software engineering, we propose two forms of combination of logics: synchronization on formulae and synchronization on models. We start by reviewing satisfaction systems, consequence systems, onestep derivation systems and theory spaces, as well as their functorial relationships. We define the synchronization on formulae of two consequence systems and provide a categorial characterization of the construction. For illustration we consider the synchronization of linear temporal logic and equational logic. We define the synchronization on models of two satisfaction systems and provide a categorial characterization of the construction. We illustrate the technique in two cases: linear temporal logic versus equational logic; and linear temporal logic versus branching temporal logic. Finally, we lift the synchronization on formulae to the category of logics over consequence systems. Key words: combination of logics, synchronization on formulae, sync...
A Formal Description of Verdi
, 1990
"... This paper will be most easily appreciated by the reader with some prior knowledge of Mathematical Logic [8, 19], Set Theory [11], and Denotational Semantics [9, 18, 20]. Verdi differs from its predecessor mVerdi [4] in several significant ways: ..."
Abstract

Cited by 10 (5 self)
 Add to MetaCart
This paper will be most easily appreciated by the reader with some prior knowledge of Mathematical Logic [8, 19], Set Theory [11], and Denotational Semantics [9, 18, 20]. Verdi differs from its predecessor mVerdi [4] in several significant ways:
Modelchecking processes with data
 In Science of Computer Programming
, 2005
"... We propose a procedure for automatically verifying properties (expressed in an extension of the modal µcalculus) over processes with data, specified in µCRL. We first briefly review existing work, such as the theory of µCRL and we discuss the logic, called first order modal µcalculus in more detai ..."
Abstract

Cited by 8 (3 self)
 Add to MetaCart
We propose a procedure for automatically verifying properties (expressed in an extension of the modal µcalculus) over processes with data, specified in µCRL. We first briefly review existing work, such as the theory of µCRL and we discuss the logic, called first order modal µcalculus in more detail. Then, we introduce the formalism of first order boolean equation systems and focus on several lemmata that are at the basis of the soundness of our decision procedure. We discuss our findings on three nontrivial applications for a prototype implementation of this procedure. The results show that our prototype can deal with quite complex and interesting properties and systems, showing the efficacy of the approach.
A fixpoint theory for nonmonotonic parallelism
, 2002
"... This paper studies parallel recursion. The trace specification language used in this paper incorporates sequential,j nondeterminism, reactiveness(inclvenessg,F'k traces), three forms of paral'VgJj (inclVgJjqMkEglglgl fairinterlkEglgl synchronous paralonousg and general recursion. In order to use Ta ..."
Abstract

Cited by 8 (5 self)
 Add to MetaCart
This paper studies parallel recursion. The trace specification language used in this paper incorporates sequential,j nondeterminism, reactiveness(inclvenessg,F'k traces), three forms of paral'VgJj (inclVgJjqMkEglglgl fairinterlkEglgl synchronous paralonousg and general recursion. In order to use Tarski's theorem to determine the fixpoints of recursions, we need to identify awelVjgJ,FIq partial order.Several orders are considered,incldered new order calrg the lexical order, which tends tosimulM, the execution of a recursion in asimilk manner as the EglVqgJ,E, order. A theorem of this paper shows that no appropriate order exists for the lhegIIIE Tarski's theoremalor is not enough to determine the fixpoints ofparalVI recursions. Instead of usingTarski's theoremdirectl, we reason about the fixpoints of terminatingand nonterminatingbehavioursseparateli Such reasoningis supported by the leg of a new compositioncalio partition. We propose a fixpoint techniquecalni the partitioned fixpoint, which is thelgqk fixpoint of the nonterminatingbehaviours after the terminatingbehaviours reach their greatest fixpoint. The surprisingresul is thataltg,M, a recursion may not beljV"EgJqVE' monotonic, it must have the partitioned fixpoint, which isequal to thelegj lgjIjI,gJqF' fixpoint. Since the partitioned #xpoint iswel defined in anycompl,q lmpl,q theresulq areappljFMgJ to various semanticmodeli Existing fixpoint techniques simpl becomespecial cases of the partitioned fixpoint. Forexamplj an EglIIqgJq',EFglEFg recursion has itslsgj EglMMFIgJq fixpoint, which can be shown to be the same as the partitioned fixpoint. The new technique is moregeneral than thelegq EglEEkIgJq fixpoint in that the partitioned fixpoint can be determined even when a recursion is notEglVjjVgJq monotonic.Exampln of nonmonotonic recur...