Results 1  10
of
17
LTL types FRP: Lineartime temporal logic propositions as types, proofs as functional reactive programs
 In Proc. ACM Workshop Programming Languages meets Program Verification
, 2012
"... Functional Reactive Programming (FRP) is a form of reactive programming whose model is pure functions over signals. FRP is often expressed in terms of arrows with loops, which is the type class for a Freyd category (that is a premonoidal category with a cartesian centre) equipped with a premonoid ..."
Abstract

Cited by 13 (3 self)
 Add to MetaCart
(Show Context)
Functional Reactive Programming (FRP) is a form of reactive programming whose model is pure functions over signals. FRP is often expressed in terms of arrows with loops, which is the type class for a Freyd category (that is a premonoidal category with a cartesian centre) equipped with a premonoidal trace. This type system suffices to define the dataflow structure of a reactive program, but does not express its temporal properties. In this paper, we show that Lineartime Temporal Logic (LTL) is a natural extension of the type system for FRP, which constrains the temporal behaviour of reactive programs. We show that a constructive LTL can be defined in a dependently typed functional language, and that reactive programs form proofs of constructive LTL properties. In particular, implication in LTL gives rise to stateless functions on streams, and the “constrains ” modality gives rise to causal functions. We show that reactive programs form a partially traced monoidal category, and hence can be given as a form of arrows with loops, where the type system enforces that only decoupled functions can be looped.
A Semantic Model for Graphical User Interfaces
, 2011
"... We give a denotational model for graphical user interface (GUI) programming in terms of the cartesian closed category of ultrametric spaces. The metric structure allows us to capture natural restrictions on reactive systems, such as causality, while still allowing recursively defined values. We capt ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
(Show Context)
We give a denotational model for graphical user interface (GUI) programming in terms of the cartesian closed category of ultrametric spaces. The metric structure allows us to capture natural restrictions on reactive systems, such as causality, while still allowing recursively defined values. We capture the arbitrariness of user input (e.g., a user gets to decide the stream of clicks she sends to a program) by making use of the fact that the closed subsets of a metric space themselves form a metric space under the Hausdorff metric, allowing us to interpret nondeterminism with a “powerspace ” monad on ultrametric spaces. The powerspace monad is commutative, and hence gives rise to a model of linear logic. We exploit this fact by constructing a mixed linear/nonlinear domainspecific language for GUI programming. The linear sublanguage naturally captures the usage constraints on the various linear objects in GUIs, such as the elements of a DOM or scene graph. We have implemented this DSL as an extension to OCaml, and give examples demonstrating that programs in this style can be short and readable.
HigherOrder Functional Reactive Programming in Bounded Space
"... Functional reactive programming (FRP) is an elegant and successful approach to programming reactive systems declaratively. The high levels of abstraction and expressivity that make FRP attractive as a programming model do, however, often lead to programs whose resource usage is excessive and hard to ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
(Show Context)
Functional reactive programming (FRP) is an elegant and successful approach to programming reactive systems declaratively. The high levels of abstraction and expressivity that make FRP attractive as a programming model do, however, often lead to programs whose resource usage is excessive and hard to predict. In this paper, we address the problem of space leaks in discretetime functional reactive programs. We present a functional reactive programming language that statically bounds the size of the dataflow graph a reactive program creates, while still permitting use of higherorder functions and highertype streams such as streams of streams. We achieve this with a novel linear type theory that both controls allocation and ensures that all recursive definitions are wellfounded. We also give a denotational semantics for our language by combining recent work on metric spaces for the interpretation of higherorder causal functions with lengthspace models of spacebounded computation. The resulting category is doubly closed and hence forms a model of the logic of bunched implications.
Functional reactive programming with liveness guarantees
 In 18th International Confernece on Functional Programming. ACM
, 2013
"... Functional Reactive Programming (FRP) is an approach to the development of reactive systems which provides a pure functional interface, but which may be implemented as an abstraction of an imperative eventdriven layer. FRP systems typically provide a model of behaviours (total timeindexed values, ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
(Show Context)
Functional Reactive Programming (FRP) is an approach to the development of reactive systems which provides a pure functional interface, but which may be implemented as an abstraction of an imperative eventdriven layer. FRP systems typically provide a model of behaviours (total timeindexed values, implemented as pull systems) and event sources (partial timeindexed values, implemented as push systems). In this paper, we investigate a type system for eventdriven FRP programs which provide liveness guarantees, that is every input event is guaranteed to generate an output event. We show that FRP can be implemented on top of a model of sets and relations, and that the isomorphism between event sources and behaviours corresponds to the isomorphism between relations and setvalued functions. We then implement sets and relations using a model of continuations using the usual doublenegation CPS transform. The implementation of behaviours as pull systems based on futures, and of event sources as push systems based on the observer pattern, thus arises from first principles. We also discuss a Java implementation of the FRP model.
Pure type systems with corecursion on streams From finite to infinitary normalisation
 IN ICFP
, 2012
"... In this paper, we use types for ensuring that programs involving streams are wellbehaved. We extend pure type systems with a type constructor for streams, a modal operator next and a fixed point operator for expressing corecursion. This extension is called Pure Type Systems with Corecursion (CoPTS) ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
In this paper, we use types for ensuring that programs involving streams are wellbehaved. We extend pure type systems with a type constructor for streams, a modal operator next and a fixed point operator for expressing corecursion. This extension is called Pure Type Systems with Corecursion (CoPTS). The typed lambda calculus for reactive programs defined by Krishnaswami and Benton can be obtained as a CoPTS. CoPTS’s allow us to study a wide range of typed lambda calculi extended with corecursion using only one framework. In particular, we study this extension for the calculus of constructions which is the underlying formal language of Coq. We use the machinery of infinitary rewriting and formalize the idea of wellbehaved programs using the concept of infinitary normalization. We study the properties of infinitary weak and strong normalization for CoPTS’s. The set of finite and infinite terms is defined as a metric completion. We shed new light on the meaning of the modal operator by connecting the modality with the depth used to define the metric. This connection is the key to the proofs of infinitary weak and strong normalization.
Fair reactive programming
, 2013
"... Functional Reactive Programming (FRP) models reactive systems with events and signals, which have previously been observed to correspond to the “eventually ” and “always ” modalities of linear temporal logic (LTL). In this paper, we define a constructive variant of LTL with least fixed point and gre ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
(Show Context)
Functional Reactive Programming (FRP) models reactive systems with events and signals, which have previously been observed to correspond to the “eventually ” and “always ” modalities of linear temporal logic (LTL). In this paper, we define a constructive variant of LTL with least fixed point and greatest fixed point operators in the spirit of the modal mucalculus, and give it a proofsasprograms interpretation in the realm of reactive programs. Previous work emphasized the propositionsastypes part of the correspondence between LTL and FRP; here we emphasize the proofsasprograms part by employing structural proof theory. We show that this type system is expressive enough to enforce liveness properties such as the fairness of schedulers and the eventual delivery of results. We illustrate programming in this language using (co)iteration operators. We prove type preservation of our operational semantics, which guarantees that our programs are causal. We give also a proof of strong normalization which provides justification that the language is productive and that our programs satisfy liveness properties derived from their types.
Typebased productivity of stream definitions in the calculus of constructions
 In LICS’13
, 2013
"... Abstract—Productivity of corecursive definitions is an essential property in proof assistants since it ensures logical consistency and decidability of type checking. Typebased mechanisms for ensuring productivity use types annotated with size information to track the number of elements produced in ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Abstract—Productivity of corecursive definitions is an essential property in proof assistants since it ensures logical consistency and decidability of type checking. Typebased mechanisms for ensuring productivity use types annotated with size information to track the number of elements produced in corecursive definitions. In this paper, we propose an extension of the Calculus of Constructions—the theory underlying the Coq proof assistant—with a typebased criterion for ensuring productivity of stream definitions. We prove strong normalization and logical consistency. Furthermore, we define an algorithm for inferring size annotations in types. These results can be easily extended to handle general coinductive types. I.
Hyperstream processing systems: Nonstandard modeling of continuous signal processing. Extended version with proofs, 2013. wwwmmm.is.s.utokyo.ac.jp/~ichiro/papers.html. [32] T. Terauchi. Dependent types from counterexamples
 In M. V
"... We exploit the apparent similarity between (discretetime) stream processing and (continuoustime) signal processing and transfer a deductive verification framework from the former to the latter. Our development is based on rigorous semantics that relies on nonstandard analysis (NSA). Specifically, ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
We exploit the apparent similarity between (discretetime) stream processing and (continuoustime) signal processing and transfer a deductive verification framework from the former to the latter. Our development is based on rigorous semantics that relies on nonstandard analysis (NSA). Specifically, we start with a discrete framework consisting of a Lustrelike stream processing language, its Kahnstyle fixed point semantics, and a program logic (in the form of a type system) for partial correctness guarantees. This stream framework is transferred as it is to one for hyperstreams—streams of streams, that typically arise from sampling (continuoustime) signals with progressively smaller intervals—via the logical infrastructure of NSA. Under a certain continuity assumption we identify hyperstreams with signals; our final outcome thus obtained is a deductive verification framework of signals. In it one verifies properties of signals using the (conventionally discrete) proof principles, like fixed point induction. Categories and Subject Descriptors F.3.1 [Logics and Mean
Guarded dependent type theory with coinductive types, 2015, submitted for publication. Available online at http://userscs.au.dk/birke/papers/gdttconf.pdf
"... We present guarded dependent type theory, gDTT, an extensional dependent type theory with a ‘later ’ modality and clock quantifiers for programming and proving with guarded recursive and coinductive types. The later modality is used to ensure the productivity of recursive definitions in a modular, ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
We present guarded dependent type theory, gDTT, an extensional dependent type theory with a ‘later ’ modality and clock quantifiers for programming and proving with guarded recursive and coinductive types. The later modality is used to ensure the productivity of recursive definitions in a modular, type based, way. Clock quantifiers are used for controlled elimination of the later modality and for encoding coinductive types using guarded recursive types. We demonstrate the expressiveness of gDTT via a range of examples. Key to the development of gDTT are novel type and term formers involving what we call ‘delayed substitutions’. These generalise the applicative functor rules for the later modality considered in earlier work, and are crucial for programming and proving with dependent types. We show soundness of the type theory using a denotational model.
Foundational Extensible Corecursion A Proof Assistant Perspective
"... This paper presents a formalized framework for defining corecursive functions safely in a total setting, based on corecursion upto and relational parametricity. The end product is a general corecursor that allows corecursive (and even recursive) calls under “friendly” operations, including construc ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
This paper presents a formalized framework for defining corecursive functions safely in a total setting, based on corecursion upto and relational parametricity. The end product is a general corecursor that allows corecursive (and even recursive) calls under “friendly” operations, including constructors. Friendly corecursive functions can be registered as such, thereby increasing the corecursor’s expressiveness. The metatheory is formalized in the Isabelle proof assistant and forms the core of a prototype tool. The corecursor is derived from first principles, without requiring new axioms or extensions of the logic. Categories and Subject Descriptors F.3.1 [Logics and Mean