Results 1  10
of
76
Fast and Precise Regular Approximation of Logic Programs
, 1993
"... A practical procedure for computing a regular approximation of a logic program is given. Regular approximations are useful in a variety of tasks in debugging, program specialisation and compiletime optimisation. The algorithm shown here incorporates optimisations taken from deductive database fixpo ..."
Abstract

Cited by 99 (19 self)
 Add to MetaCart
A practical procedure for computing a regular approximation of a logic program is given. Regular approximations are useful in a variety of tasks in debugging, program specialisation and compiletime optimisation. The algorithm shown here incorporates optimisations taken from deductive database fixpoint algorithms and efficient bottomup abstract interpretation techniques. Frameworks for defining regular approximations have been put forward in the past, but the emphasis has usually been on theoretical aspects. Our results contribute mainly to the development of effective analysis tools that can be applied to large programs. Precision of the approximation can be greatly improved by applying queryanswer transformations to a program and a goal, thus capturing some argument dependency information. A novel technique is to use transformations based on computation rules other than lefttoright to improve precision further. We give performance results for our procedure on a range of programs. 1
Set Constraints are the Monadic Class
, 1992
"... We investigate the relationship between set constraints and the monadic class of firstorder formulas and show that set constraints are essentially equivalent to the monadic class. From this equivalence we can infer that the satisfiability problem for set constraints is complete for NEXPTIME. Mor ..."
Abstract

Cited by 69 (0 self)
 Add to MetaCart
We investigate the relationship between set constraints and the monadic class of firstorder formulas and show that set constraints are essentially equivalent to the monadic class. From this equivalence we can infer that the satisfiability problem for set constraints is complete for NEXPTIME. More precisely, we prove that this problem has a lower bound of NTIME(c n= log n ). The relationship between set constraints and the monadic class also gives us decidability and complexity results for certain practically useful extensions of set constraints, in particular "negative projections" and subterm equality tests.
Type Dependencies for Logic Programs using ACIunification
 In Proceedings of the 1996 Israeli Symposium on Theory of Computing and Systems
, 1996
"... This paper presents a new notion of typing for logic programs which generalizes the notion of directional types. The generation of type dependencies for a logic program is fully automatic with respect to a given domain of types. The analysis method is based on a novel combination of program abstract ..."
Abstract

Cited by 43 (8 self)
 Add to MetaCart
This paper presents a new notion of typing for logic programs which generalizes the notion of directional types. The generation of type dependencies for a logic program is fully automatic with respect to a given domain of types. The analysis method is based on a novel combination of program abstraction and ACIunification which is shown to be correct and optimal. Type dependencies are obtained by abstracting programs, replacing concrete terms by their types, and evaluating the meaning of the abstract programs using a standard semantics for logic programs enhanced by ACIunification. This approach is generic and can be used with any standard semantics. The method is both theoretically clean and easy to implement using general purpose tools. The proposed domain of types is condensing which means that analyses can be carried out in both topdown or bottomup frameworks with no loss of precision for goalindependent analyses. The proposed method has been fully implemented within a bottomup approach and the experimental results are promising.
Directional Type Checking of Logic Programs
 In Proceedings of the 1st International Static Analysis Symposium
, 1994
"... We present an algorithm for automatic type checking of logic programs with respect to directional types that describe both the structure of terms and the directionality of predicates. The type checking problem is reduced to a decidable problem on systems of inclusion constraints over set expressio ..."
Abstract

Cited by 42 (1 self)
 Add to MetaCart
We present an algorithm for automatic type checking of logic programs with respect to directional types that describe both the structure of terms and the directionality of predicates. The type checking problem is reduced to a decidable problem on systems of inclusion constraints over set expressions. We discuss some properties of the reduction algorithm, complexity, and present a proof of correctness. 1 1 Introduction Most logic programming languages are untyped. In Prolog, for example, it is considered meaningful to apply any nary predicate to any ntuple of terms. However, it is generally accepted that static type checking has great advantages in detecting programming errors early and for generating efficient executable code. Motivated at least in part by the success of type systems for procedural and functional languages, there is currently considerable interest in finding appropriate definitions of type and welltyping for logic languages. This paper explores the type checki...
Cryptographic protocol analysis on real C code
 In 6th International Conference on Verification, Model Checking and Abstract Interpretation (VMCAI’05), volume 3385 of LNCS
, 2005
"... Abstract. Implementations of cryptographic protocols, such as OpenSSL for example, contain bugs affecting security, which cannot be detected by just analyzing abstract protocols (e.g., SSL or TLS). We describe how cryptographic protocol verification techniques based on solving clause sets can be app ..."
Abstract

Cited by 40 (5 self)
 Add to MetaCart
Abstract. Implementations of cryptographic protocols, such as OpenSSL for example, contain bugs affecting security, which cannot be detected by just analyzing abstract protocols (e.g., SSL or TLS). We describe how cryptographic protocol verification techniques based on solving clause sets can be applied to detect vulnerabilities of C programs in the DolevYao model, statically. This involves integrating fairly simple pointer analysis techniques with an analysis of which messages an external intruder may collect and forge. This also involves relating concrete runtime data with abstract, logical terms representing messages. To this end, we make use of socalled trust assertions. The output of the analysis is a set of clauses in the decidable class § ¥ , which can then be solved independently. This can be used to establish secrecy properties, and to detect some other bugs. 1
AbstractionCarrying Code
 In Proc. of LPAR’04, number 3452 in LNAI
, 2005
"... Abstract. ProofCarrying Code (PCC) is a general approach to mobile code safety in which programs are augmented with a certificate (or proof). The practical uptake of PCC greatly depends on the existence of a variety of enabling technologies which allow both to prove programs correct and to replace ..."
Abstract

Cited by 36 (17 self)
 Add to MetaCart
Abstract. ProofCarrying Code (PCC) is a general approach to mobile code safety in which programs are augmented with a certificate (or proof). The practical uptake of PCC greatly depends on the existence of a variety of enabling technologies which allow both to prove programs correct and to replace a costly verification process by an efficient checking procedure on the consumer side. In this work we propose AbstractionCarrying Code (ACC), a novel approach which uses abstract interpretation as enabling technology. We argue that the large body of applications of abstract interpretation to program verification is amenable to the overall PCC scheme. In particular, we rely on an expressive class of safety policies which can be defined over different abstract domains. We use an abstraction (or abstract model) of the program computed by standard static analyzers as a certificate. The validity of the abstraction on the consumer side is checked in a singlepass by a very efficient and specialized abstractinterpreter. We believe that ACC brings the interpretation techniques to the area of mobile code safety. We have implemented and benchmarked ACC within the Ciao system preprocessor. The experimental results show that the checking phase is indeed faster than the proof generation phase, and that the sizes of certificates are reasonable. 1
Solving Systems of Set Constraints (Extended Abstract)
 In Seventh Annual IEEE Symposium on Logic in Computer Science
, 1992
"... ) Alexander Aiken Edward L. Wimmers IBM Almaden Research Center 650 Harry Rd. San Jose, CA 95120 phone: 408/9271876 or 9271882 email: lastname@almaden.ibm.com fax: 408/9272100 Abstract Systems of set constraints are a natural formalism for many problems in program analysis. Set constraints ar ..."
Abstract

Cited by 31 (0 self)
 Add to MetaCart
) Alexander Aiken Edward L. Wimmers IBM Almaden Research Center 650 Harry Rd. San Jose, CA 95120 phone: 408/9271876 or 9271882 email: lastname@almaden.ibm.com fax: 408/9272100 Abstract Systems of set constraints are a natural formalism for many problems in program analysis. Set constraints are also a generalization of tree automata. We present an algorithm for solving systems of set constraints built from free variables, constructors, and the set operations of intersection, union, and complement. Furthermore, we show that all solutions of such systems can be finitely represented. 1 1 Introduction Set constraints are a natural formalism for describing relationships between sets of terms of a free algebra. A set constraint has the form X ` Y , where X and Y are set expressions. Examples of set expressions are 0 (the empty set), 1 (the set of all terms), ff (a setvalued variable), c(X; Y ) (a constructor application) , and the union, intersection, or complement of set expressi...
Finite Representation of Infinite Query Answers
, 1992
"... : We define here a formal notion of finite representation of infinite query answers in logic programs. We apply this notion to Datalog nS (Datalog with n successors): an extension of Datalog capable of representing infinite phenomena like flow of time or plan construction. Predicates in Datalog nS ..."
Abstract

Cited by 30 (5 self)
 Add to MetaCart
: We define here a formal notion of finite representation of infinite query answers in logic programs. We apply this notion to Datalog nS (Datalog with n successors): an extension of Datalog capable of representing infinite phenomena like flow of time or plan construction. Predicates in Datalog nS can have arbitrary unary and limited nary function symbols in one fixed position. This class of logic programs is known to be decidable. However, least Herbrand models of Datalog nS programs may be infinite and consequently queries may have infinite answers. We present a method to finitely represent infinite least Herbrand models of Datalog nS programs as relational specifications. A relational specification consists of a finite set of facts and a finitely specified congruence relation. A relational specification has the following desirable properties. First, it is explicit in the sense that once it is computed, the original Datalog nS program (and its underlying computational engine) can ...
Abstract Interpretation over NonDeterministic Finite Tree Automata for SetBased Analysis of Logic Programs
 In Fourth International Symposium on Practical Aspects of Declarative Languages, number 2257 in LNCS
, 2002
"... Abstract. Setbased program analysis has many potential applications, including compiler optimisations, typechecking, debugging, verification and planning. One method of setbased analysis is to solve a set of set constraints derived directly from the program text. Another approach is based on abst ..."
Abstract

Cited by 29 (10 self)
 Add to MetaCart
Abstract. Setbased program analysis has many potential applications, including compiler optimisations, typechecking, debugging, verification and planning. One method of setbased analysis is to solve a set of set constraints derived directly from the program text. Another approach is based on abstract interpretation (with widening) over an infiniteheight domain of regular types. Up till now only deterministic types have been used in abstract interpretations, whereas solving set constraints yields nondeterministic types, which are more precise. It was pointed out by Cousot and Cousot that set constraint analysis of a particular program P could be understood as an abstract interpretation over a finite domain of regular tree grammars, constructed from P. In this paper we define such an abstract interpretation for logic programs, formulated over a domain of nondeterministic finite tree automata, and describe its implementation. Both goaldependent and goalindependent analysis are considered. Variations on the abstract domains operations are introduced, and we discuss the associated tradeoffs of precision and complexity. The experimental results indicate that this approach is a practical way of achieving the precision of setconstraints in the abstract interpretation framework. 1