8' A Concurrent Logical Framework

1
8. A Concurrent Logical Framework
Work in Progress

• Iliano Cervesato iliano_at_itd.nrl.navy.mil
• ITT Industries, inc _at_ NRL Washington, DC
• http//theory.stanford.edu/iliano

2
Last Lecture
3
Lecture Outline

• Logical Frameworks
• The LF approach
• CLF
• True concurrency
• Monadic encapsulation
• A canonical approach
• Whats next?

4
Logical Frameworks

• Represent and reason about object systems
• Languages, logics,
• Often semi-formalized as deductive systems
• Reasoning often informal
• Benefits
• Formal specification of object system
• Automate verification of reasoning arguments
• Feed back into other tools
• Theorem provers, PCC,

5
The LF Way

• Identify fundamental mechanisms and buildthem
  into the framework (soundly!)
• done (right) once and for all instead of each
  time
• Modular constructions S-Algebras
• app f a
• Variable binding, a-renaming, substitution LF
• lx. x1
• Disposable, updateable cell LLF
• ls. f s
• True concurrency CLF

6
Its all about Adequacy
Representation
Object system
Automated
Informal

• Task
• complex
• long
• tedious

• LF make adequacy as simple as possible

7
Representation Targets

• Mottos, mottos, mottos
• LF judgments-as-types / proofs-as-objects
• 35 8 ? N ev ( 3 5) 8
• LLF state-as-linear-hypotheses /
  imperative-computations-as-linear-functions
• CLF concurrent-computations-as-monadic-expression
  s /

Judgment(a statement we want to make)
type
object
8
Canonical Objects
Object system
_LF

• Each object of interest has exactly 1
  representation
• Canonical objects
• h-long, b-normal _LF term
• Decidable, computable

9
But what is LLF?

• Types
• A a P xA. B
• Terms
• N x l xA. N N1 N2
• Main judgment
• G - N A

10
An Example
Many instances can be executing concurrently
11
LLF Encoding

• net step o netout m o (netin m o
  step).
• LLF forces continuation-passing style

• Consider 2 independent applications
• lni1. net no1 (lni2. net no2 C)
• lni2. net no2 (lni1. net no1 C)
• Should be indistinguishable (true concurrency)
• Equate them at the meta-level
• same-trace T1 T2 o-
• Never-ending even for small system!

12
Encoding in Linear logic

• ?m. netout m o netin m
• Much simpler
• In general, requires synchronous operators
• ? and 1
• Concurrency given by commuting conversions
• let x1 ? y1 N1 in (let x2 ? y2 N2 in M)
• let x2 ? y2 N2 in (let x1 ? y1 N1 in M)
  if xi,yi ? FV(N2-i)
• looks like what we want

13
However

• Commuting conversions are too wild
• Allow permutations we dont care for
• Synchronous types destroy uniqueness of canonical
  forms
• nattype. znat. snat-gtnat. c1.
• Natural numbers z, s z, s (s z),
• What about let 1c in z?What if c is linear?
• No good! ?

14
Monadic Encapsulation

• Separate synchronous and asynchronous types
• Outside the monad
• LLF types (asynchronous)
• h-long, b-normal forms
• Inside the monad
• Synchronous types
• Commuting conversions
• Concurrency equation
• h-long, b-normal forms
• Monad is a sandbox for synchronous behavior

15
CLF

• Types
• A a P xA. B A o B A B T S
• S A !A S1 ? S2 1 xA. S
• Terms
• N x l xA. N N1 N2 lxA. N N1N2
  ltN1,N2gt fst N snd N ltgt E
• E M let p N in E
• M N !N M1 ? M2 1 N,M
• p x !x p1 ? p2 1 x,p

16
Example in CLF

• net netin m o netout m .
• Relating the 2 specifications
• 2 sets of CLF declarations
• Meta-level definition of trace transformation
• simplify-net Ti/o T
• Trivial mapping
• Permutations handled automatically
• No need to take action
• Critical for more complex examples

17
The Canonical Approach

• _LF meta-theory
• Decidability of type-checking
• Existence of unique canonical forms
• Substitution theorem,
• A progression of techniques
• LF start with equality modulo b, h over all
  terms
• 10 years to prove several Ph.D. theses, book
• LLF start with equality modulo b over h-long
  terms
• 6 months to prove thesis
• CLF work only with h-long, b-normal terms
• 2 weeks to prove method is the thesis
• Applicable with minimal effort to other languages

18
Examples and Applications

• p-calculus
• Synchronous
• Asynchronous
• Concurrent ML
• Petri nets
• Execution-sequence semantics
• Trace semantics
• MSR security protocol specification language
• Ongoing prototype implementation

19
CLF Encoding of NSPKs Initiator
20
Future Developments

• Theory
• Appropriate operational semantics
• Irrelevant types
• Multiple monads,
• Further experience
• More concurrent systems
• Process algebras
• Security protocols,
• Reasoning
• Trace-base reasoning
• Process equivalences,

21
References

• R. Harper, F. Honsell, G. Plotkin A framework
  for defining logics, JACM 1993 www
• ic, F. Pfenning A Linear Logical Framework,
  LICS 1996 www
• ic, K. Watkins, F. Pfenning, D. Walker A
  Concurrent Logical Framework I Judgments and
  Properties, 2003 www
• K. Watkins, ic, F. Pfenning, D. Walker A
  Concurrent Logical Framework II Examples and
  Applications, 2003 www
• ic, K. Watkins, F. Pfenning, D. Walker A
  Concurrent Logical Framework, 2002

22
Thanks!

• For more information
• http//theory.stanford.edu/iliano
• iliano_at_itd.nrl.navy.mil