A Static Analysis Framework for Security Properties in Mobile and Cryptographic Systems

Total Page:16

File Type:pdf, Size:1020Kb

A Static Analysis Framework for Security Properties in Mobile and Cryptographic Systems A Static Analysis Framework for Security Properties in Mobile and Cryptographic Systems Benyamin Y. Y. Aziz, M.Sc. School of Computing, Dublin City University A thesis presented in fulfillment of the requirements for the degree of Doctor of Philosophy Supervisor: Dr Geoff Hamilton September 2003 “Start by doing what’s necessary; then do what’s possible; and suddenly you are doing the impossible” St. Francis of Assisi To Yowell, Olivia and Clotilde Declaration I hereby certify that this material, which I now submit for assessment on the programme of study leading to the award of the degree of Doctor of Philosophy (Ph.D.) is entirely my own work and has not been taken from the work of others save and to the extent that such work has been cited and acknowledged within the text of my work. Signed: I.D. No.: Date: Acknowledgements I would like to thank all those people who were true sources of inspiration, knowledge, guidance and help to myself throughout the period of my doctoral research. In particular, I would like to thank my supervisor, Dr. Geoff Hamilton, without whom this work would not have seen the light. I would also like to thank Dr. David Gray, with whom I had many informative conversations, and my colleagues, Thomas Hack and Fr´ed´ericOehl, for their advice and guidance. Finally, I would like to mention that the work of this thesis was partially funded by project IMPROVE (Enterprise Ireland Strategic Grant ST/2000/94). Benyamin Aziz Abstract We introduce a static analysis framework for detecting instances of security breaches in infinite mobile and cryptographic systems specified using the languages of the π-calculus and its cryptographic extension, the spi calculus. The framework is composed from three components: First, standard denotational semantics of the π-calculus and the spi calculus are constructed based on domain theory. The resulting model is sound and adequate with respect to transitions in the operational semantics. The standard semantics is then extended correctly to non-uniformly capture the property of term substitution, which occurs as a result of communications and successful cryptographic operations. Finally, the non-standard semantics is abstracted to operate over finite domains so as to ensure the termination of the static analysis. The safety of the abstract semantics is proven with respect to the non- standard semantics. The results of the abstract interpretation are then used to capture breaches of the secrecy and authenticity properties in the analysed systems. Two initial prototype implementations of the security analysis for the π-calculus and the spi calculus are also included in the thesis. The main contributions of this thesis are summarised by the following. In the area of denotational semantics, the thesis introduces a domain-theoretic model for the spi calculus that is sound and adequate with respect to transitions in the structural operational seman- tics. In the area of static program analysis, the thesis utilises the denotational approach as the basis for the construction of abstract interpretations for infinite systems modelled by the π-calculus and the spi calculus. This facilitates the use of computationally significant mathematical concepts like least fixed points and results in an analysis that is fully compo- sitional. Also, the thesis demonstrates that the choice of the term-substitution property in mobile and cryptographic programs is rich enough to capture breaches of security properties, like process secrecy and authenticity. These properties are used to analyse a number of mo- bile and cryptographic protocols, like the file transfer protocol and the Needham-Schroeder, SPLICE/AS, Otway-Rees, Kerberos, Yahalom and Woo Lam authentication protocols. Contents 1 Introduction 1 1.1 The Problem of Computer Security . 1 1.2 Mobile Systems . 3 1.3 Denotational Semantics . 6 1.4 Static Program Analysis . 8 1.4.1 Data Flow Analysis . 8 1.4.2 Control Flow Analysis . 11 1.4.3 Abstract Interpretation . 13 1.4.4 Type Systems . 15 1.5 Security Properties . 18 1.5.1 Secrecy . 18 1.5.2 Authenticity . 21 1.6 Further Reading . 23 1.7 Outline of Our Approach . 23 2 Related Work 25 2.1 Introduction . 25 2.2 Static Analysis Techniques for Program Security . 25 2.2.1 Control Flow Analysis . 25 2.2.2 Abstract Interpretation . 26 2.2.3 Type Systems . 27 2.2.4 Other Approaches . 30 2.3 Denotational Semantics of Nominal Calculi . 31 2.4 Conclusion . 33 3 Nominal Calculi 34 3.1 Introduction . 34 vi 3.2 The π-calculus . 34 3.2.1 Syntax . 35 3.2.2 Structural Operational Semantics . 36 3.2.3 Denotational Semantics . 37 3.3 The Spi Calculus . 42 3.3.1 Syntax . 43 3.3.2 Structural Operational Semantics . 45 3.3.3 Denotational Semantics . 46 3.4 Conclusion . 52 4 Abstract Interpretation 53 4.1 Introduction . 53 4.2 The π-calculus . 54 4.2.1 Non-standard Semantics . 54 4.2.2 Abstract Semantics . 57 4.2.3 The Intruder I ............................... 62 4.2.4 The FTP Server Example . 63 4.3 The Spi Calculus . 67 4.3.1 Non-standard Semantics . 68 4.3.2 Abstract Semantics . 71 4.3.3 The Intruder I . 78 4.3.4 The Needham-Schroeder Public-Key Protocol Example . 79 4.3.5 The SPLICE/AS Protocol Example . 83 4.3.6 The Otway-Rees Protocol Example . 86 4.3.7 The Kerberos Protocol Example . 90 4.3.8 The Yahalom Protocol Example . 93 4.3.9 The Woo-Lam One-Way Authentication Protocol Example . 95 4.4 Conclusion . 98 5 Security Properties 99 5.1 Introduction . 99 5.2 Secrecy . 99 5.2.1 Mobile Systems . 100 5.2.2 Cryptographic Protocols . 101 5.3 Authenticity . 102 5.3.1 Mobile Systems . 103 vii 5.3.2 Cryptographic Protocols . 104 5.4 Examples . 105 5.4.1 The FTP Server Example . 105 5.4.2 The Needham-Schroeder Public-Key Protocol Example . 107 5.4.3 The SPLICE/AS Protocol Example . 109 5.4.4 The Otway-Rees Protocol Example . 110 5.4.5 The Kerberos Protocol Example . 112 5.4.6 The Yahalom Protocol Example . 114 5.4.7 The Woo-Lam Protocol Example . 115 5.5 Conclusion . 117 6 Automatic Tools 118 6.1 Introduction . 118 6.2 Picasso: A Pi-Calculus Analyser for Secrecy and Security Objectives . 118 6.3 Spicasso: A Spi-Calculus Analyser for Secrecy and Security Objectives . 123 6.4 Conclusion . 127 7 Conclusion and Future Work 128 7.1 Research Contributions . 130 7.1.1 Denotational Semantics . 130 7.1.2 The Static Analysis of Nominal Calculi . 130 7.1.3 Program Security . 131 7.2 Future Work . 132 7.2.1 Communication Secrecy . 132 7.2.2 Message Independence . 132 7.2.3 Language Extensions . 134 A Proofs 150 A.1 Safety of the ∪φ operation in the π-calculus (Lemma 1) . 150 A.2 Safety of the abstract semantics of the π-calculus (Theorem 5) . 152 A.3 Safety of the ∪φ operation in the spi calculus (Lemma 2) . 160 A.4 Safety of the abstract semantics for the spi calculus (Theorem 8) . 162 viii List of Figures 1.1 The flow graph of the factorial program. 9 1.2 The solution of the reaching definitions analysis for the factorial program. 10 1.3 Types for the reaching definitions analysis. 16 3.1 Syntax of the π-calculus. 35 3.2 Rules of the labelled transition relation in the π-calculus. 36 3.3 Elements of In, Out and P i⊥............................ 38 3.4 The definition of new for the π-calculus. 39 3.5 The denotational semantics of the π-calculus. 40 3.6 The syntax of the spi calculus. 44 3.7 Rules of the labelled transition relation in the spi calculus. 46 3.8 Elements of the predomain of terms T ....................... 48 3.9 Elements of In, Out, and Spi ⊥........................... 48 3.10 The definition of new for the spi calculus. 49 3.11 The denotational semantics of the spi calculus. 50 4.1 The non-standard semantics of the π-calculus. 56 4.2 The abstract semantics of the π-calculus. 59 4.3 The non-standard semantics of the spi calculus. 69 4.3 The non-standard semantics of the spi.
Recommended publications
  • Static Analyses for Stratego Programs
    Static analyses for Stratego programs BSc project report June 30, 2011 Author name Vlad A. Vergu Author student number 1195549 Faculty Technical Informatics - ST track Company Delft Technical University Department Software Engineering Commission Ir. Bernard Sodoyer Dr. Eelco Visser 2 I Preface For the successful completion of their Bachelor of Science, students at the faculty of Computer Science of the Technical University of Delft are required to carry out a software engineering project. The present report is the conclusion of this Bachelor of Science project for the student Vlad A. Vergu. The project has been carried out within the Software Language Design and Engineering Group of the Computer Science faculty, under the direct supervision of Dr. Eelco Visser of the aforementioned department and Ir. Bernard Sodoyer. I would like to thank Dr. Eelco Visser for his past and ongoing involvment and support in my educational process and in particular for the many opportunities for interesting and challenging projects. I further want to thank Ir. Bernard Sodoyer for his support with this project and his patience with my sometimes unconvential way of working. Vlad Vergu Delft; June 30, 2011 II Summary Model driven software development is gaining momentum in the software engi- neering world. One approach to model driven software development is the design and development of domain-specific languages allowing programmers and users to spend more time on their core business and less on addressing non problem- specific issues. Language workbenches and support languages and compilers are necessary for supporting development of these domain-specific languages. One such workbench is the Spoofax Language Workbench.
    [Show full text]
  • A Static Analysis Framework for Security Properties in Mobile and Cryptographic Systems
    A Static Analysis Framework for Security Properties in Mobile and Cryptographic Systems Benyamin Y. Y. Aziz, M.Sc. School of Computing, Dublin City University A thesis presented in fulfillment of the requirements for the degree of Doctor of Philosophy Supervisor: Dr Geoff Hamilton September 2003 “Start by doing what’s necessary; then do what’s possible; and suddenly you are doing the impossible” St. Francis of Assisi To Yowell, Olivia and Clotilde Declaration I hereby certify that this material, which I now submit for assessment on the programme of study leading to the award of the degree of Doctor of Philosophy (Ph.D.) is entirely my own work and has not been taken from the work of others save and to the extent that such work has been cited and acknowledged within the text of my work. Signed: I.D. No.: Date: Acknowledgements I would like to thank all those people who were true sources of inspiration, knowledge, guidance and help to myself throughout the period of my doctoral research. In particular, I would like to thank my supervisor, Dr. Geoff Hamilton, without whom this work would not have seen the light. I would also like to thank Dr. David Gray, with whom I had many informative conversations, and my colleagues, Thomas Hack and Fr´ed´ericOehl, for their advice and guidance. Finally, I would like to mention that the work of this thesis was partially funded by project IMPROVE (Enterprise Ireland Strategic Grant ST/2000/94). Benyamin Aziz Abstract We introduce a static analysis framework for detecting instances of security breaches in infinite mobile and cryptographic systems specified using the languages of the π-calculus and its cryptographic extension, the spi calculus.
    [Show full text]
  • Galois a Language for Proofs Using Galois Connections and Fork Algebras
    Galois A Language for Proofs Using Galois Connections and Fork Algebras Paulo F. Silva Joost Visser Jose´ N. Oliveira CCTC, University of Minho, Braga Software Improvement Group CCTC, University of Minho, Braga Portugal The Netherlands Portugal paufi[email protected] [email protected] [email protected] Abstract DSLs in associated tool support for theorem proving and proof Galois is a domain specific language supported by the Galculator assistance. This tool, called Galculator (= Galois connection + interactive proof-assistant prototype. Galculator uses an equational calculator) [Silva and Oliveira 2008a], takes Galois connections approach based on Galois connections with indirect equality as as primitives and exploits their algebraic properties in proofs. Basi- an additional inference rule. Galois allows for the specification of cally, a Galois connection is a pair of functions with “good” preser- different theories in a point-free style by using fork algebras, an vation properties which connect two domains. Often, problems in extension of relation algebras with expressive power of first-order one of the domains are easier to solve than problems in the other logic. The language offers sub-languages to derive proof rules from domain. Using a Galois connection it is possible to map a “hard” Galois connections, to express proof tactics, and to organize axioms problem to an equivalent but easier one in the other domain, to and theorems into modular definitions. find its solution, and then map it back to the result in the origi- In this paper, we describe how the algebraic theory underlying nal domain (this is known as “shunting”). Galois connections are the proof-method drives the design of the Galois language.
    [Show full text]
  • Security and Privacy Implications of Third-Party Access to Online Social Networks
    Die approbierte Originalversion dieser Dissertation ist in der Hauptbibliothek der Technischen Universität Wien aufgestellt und zugänglich. http://www.ub.tuwien.ac.at The approved original version of this thesis is available at the main library of the Vienna University of Technology. http://www.ub.tuwien.ac.at/eng Security and Privacy Implications of Third-Party Access to Online Social Networks PhD THESIS submitted in partial fulfillment of the requirements of Doctor of Technical Sciences within the Vienna PhD School of Informatics by Markus Huber, M.Sc. Registration Number 0306665 to the Faculty of Informatics at the Vienna University of Technology Advisor: Privatdoz. Dipl.-Ing. Mag.rer.soc.oec. Dr.techn. Edgar Weippl Second advisor: o.Univ.Prof. Dipl.Ing. Dr. A Min Tjoa External reviewers: Assoc. Prof. Dr. Engin Kirda. Northeastern University, USA. Prof. Dr. Stefan Katzenbeisser. Technische Universität Darmstadt, Germany. Wien, 27.08.2013 (Signature of Author) (Signature of Advisor) Technische Universität Wien A-1040 Wien Karlsplatz 13 Tel. +43-1-58801-0 www.tuwien.ac.at Declaration of Authorship Markus Huber, M.Sc. Burggasse 102/8, AT-1070 Vienna, Austria I hereby declare that I have written this Doctoral Thesis independently, that I have com- pletely specified the utilized sources and resources and that I have definitely marked all parts of the work - including tables, maps and figures - which belong to other works or to the internet, literally or extracted, by referencing the source as borrowed. (Vienna, 27/08/2013) (Signature of Author) i Acknowledgements I am grateful to my supervisor Edgar R. Weippl for his excellent mentoring over the course of my postgraduate studies and for giving me the freedom to pursue my own research ideas.
    [Show full text]
  • Bulletin of the German Historical Institute Bulletin of the German Historical Institute Washington DC
    Fall 2020 Bulletin of the German Historical Institute Bulletin of the German Historical Institute Washington DC Editor: Richard F. Wetzell Assistant Editor: Insa Kummer The Bulletin appears twice a year and is available free of charge. Current and back issues are available online at: www.ghi-dc.org/bulletin To sign up for a subscription or to report an address change please send an email to [email protected]. For editorial comments or inquiries, please contact the editor at [email protected] or at the address below. For further information about the GHI, please visit our web site www.ghi-dc.org. For general inquiries, please send an email to [email protected]. German Historical Institute 1607 New Hampshire Ave NW Washington DC 20009-2562 USA Phone: (202) 387-3355 Fax: (202) 483-3430 © German Historical Institute 2020 All rights reserved ISSN 1048-9134 Bulletin of the German Historical Institute 67 | Fall 2020 3 Preface FORUM: NEW RESEARCH IN TRANSATLANTIC HISTORY Edited by Axel Jansen and Claudia Roesch 7 Introduction: New Trends in Transatlantic History Axel Jansen and Claudia Roesch 17 “The Indians must yield”: Antebellum Free Land, the Homestead Act, and the Displacement of Native Peoples Julius Wilm 41 Trading in the Shadow of Neutrality: German-Speaking Europe’s Commerce with Union and Confederacy during the American Civil War Patrick Gaul 71 A Tumultuous Relationship: Nicholas Murray Butler and Germany in the Era of the Two World Wars Elisabeth Piller 101 “Taken on faith”: Expertise in Aerial Warfare and the Democratic “West” in the
    [Show full text]
  • Inductive Representation, Proofs and Refinement of Pointer Structures
    THÈSETHÈSE En vue de l’obtention du DOCTORAT DE L’UNIVERSITÉ DE TOULOUSE Délivré par : l’Université Toulouse 3 Paul Sabatier (UT3 Paul Sabatier) Présentée et soutenue le 20 juin 2013 par : Mathieu Giorgino Inductive Representation, Proofs and Refinement of Pointer Structures (Représentation Inductive, Preuves et Raffinement de Structures de Pointeurs) JURY Rachid Echahed Chargé de Recherche CNRS LIG, Grenoble Louis Féraud Professeur des Universités IRIT, Toulouse Ralph Matthes Chargé de Recherche CNRS IRIT, Toulouse Pierre-Etienne Moreau Professeur des Universités INRIA, Nancy Marc Pantel Maître de Conférence IRIT-ENSEEIHT, Toulouse Martin Strecker Maître de Conférence IRIT, Toulouse Arnaud J. Venet Chargé de Recherche NASA Ames, Mountain View École doctorale et spécialité : MITT : Domaine STIC : Sureté de logiciel et calcul de haute performance Unité de Recherche : IRIT Directeurs de Thèse : Ralph Matthes et Martin Strecker Rapporteurs : Pierre-Etienne Moreau et Rachid Echahed Remerciements Je tiens tout d’abord à remercier tous les membres de mon jury au sens large (invités ou non), à commencer par mes rapporteurs Rachid Echahed et Pierre-Etienne Moreau qui ont accepté de prendre le temps de lire et évaluer ce que j’avais pu écrire. Je remercie aussi Marc Pantel pour les cours qu’il a pu me donner et sans qui cette thèse n’aurait pas pu commencer. Merci également à Louis Féraud d’avoir accepté de faire partie de ce jury et à Arnaud Venet pour sa cordialité et son humanité. Évidement cette thèse n’aurait jamais pu être accomplie sans mes deux directeurs Ralph Matthes et Martin Strecker. Je remercie Ralph pour tous les bons conseils qu’il m’a donné, tirés de son expérience raisonnée et de sa rigueur.
    [Show full text]
  • Deriving Dynamic-Programming Algorithms Based on Preservation of Monotonicity
    MATHEMATICAL ENGINEERING TECHNICAL REPORTS Calculus of Minimals: Deriving Dynamic-Programming Algorithms based on Preservation of Monotonicity Akimasa MORIHATA and Kiminori MATSUZAKI and Zhenjiang HU and Masato TAKEICHI METR 2007{61 December 2007 DEPARTMENT OF MATHEMATICAL INFORMATICS GRADUATE SCHOOL OF INFORMATION SCIENCE AND TECHNOLOGY THE UNIVERSITY OF TOKYO BUNKYO-KU, TOKYO 113-8656, JAPAN WWW page: http://www.keisu.t.u-tokyo.ac.jp/research/techrep/index.html The METR technical reports are published as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have o®ered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder. Calculus of Minimals: Deriving Dynamic-Programming Algorithms based on Preservation of Monotonicity Akimasa Morihata Kiminori Matsuzaki Zhenjiang Hu Masato Takeichi fmorihata,[email protected] fhu,[email protected] The University of Tokyo Abstract Constructing e±cient algorithms is di±cult and often considered to be a privilege of a few special- ists. Program calculation is a methodology for easy construction of e±cient algorithms, where e±cient algorithms are systematically derived from naive but obviously correct algorithms by calculational laws. This paper shows an ongoing e®ort to give a clear and e®ective methodology to deal with combinatorial optimization problems based on program calculation.
    [Show full text]
  • Zur Praktischen Anwendbarkeit Mathematisch Rigoroser Methoden Zum Sicherstellen Der Korrektheit Von Sequentiellen Computerprogrammen
    Zur praktischen Anwendbarkeit mathematisch rigoroser Methoden zum Sicherstellen der Korrektheit von sequentiellen Computerprogrammen an den Fachbereich Informatik der Technischen Hochschule Darmstadt zum Erlangen des akademischen Grades Doktor-Ingenieur (Dr.-Ing.) eingereichte Dissertation von Robert Laurence Baber geboren in Los Angeles, California, U.S.A. Master of Science in Electrical Engineering und Master of Science in Industrial Management, Massachusetts Institute of Technology Erstreferent: Prof. Dr.-Ing. Hans-Jürgen Hoffmann Korreferent: Prof. Dr. David Lorge Parnas eingereicht am: 1994 August 4 Prüfungstermin: 1994 September 30 Erschienen in Darmstadt, 1994 D 17ÜÜÜ GGGKolumnentitelzeile 14,4p hoch. Kolumnentitel 10p, Seitenzahl 12p GGG ÜÜÜ ÜÜÜ GGGAbstandszeile, 13,98p hoch GGG ÜÜÜ ÜÜÜ GGG ???Erste Zeile im Textbereich ??? GGG ÜÜÜ ÜÜÜ GGGSchrift 12p, Zeilenabstand 14,4p GGG ÜÜÜ ÜÜÜ GGG GGG ÜÜÜ ÜÜÜ GGG GGG ÜÜÜ ÜÜÜ GGG GGG ÜÜÜ Satzspiegel Baber: Praktische Anwendbarkeit ... Höhe des Textbereichs = 24,100 cm = 683,16p = 47,44 Zeilen á 14,4p = 48,797 Zeilen á 14p ÜÜÜ GGG GGG ÜÜÜ ÜÜÜ GGG GGG ÜÜÜ ÜÜÜ GGG GGG ÜÜÜ ÜÜÜ GGG yyy ??? gggLetzte Zeile im Textbereich ggg ??? yyy GGG ÜÜÜ Geleitworte Die Qualität technischer Produkte muß gesichert und geprüft sein, bevor sie an einen Kunden ausgeliefert werden. Das gilt auch für Programme! Bei der Programmentwicklung fehlte lange Zeit ein Ansatz, diese Forderung zu erfüllen. Es wurde drauflos programmiert und geglaubt oder gehofft, daß kein Fehler vorliegt, der die Qualität mindert oder das Programm eigentlich unbrauchbar macht. In der Praxis ist es weitgehend immer noch so. Die in den letzten beiden Jahrzehnten gewonnenen wissenschaftlichen Erkenntnisse zur Qualitätssicherung beim Entwurf und der Implementierung sowie dann auch der stichhaltigen, nachvollziehbaren Überprüfung haben sich kaum bei Praktikern eingeführt; es sei zu mathematisch, zu aufwendig, zu schwierig waren (und sind) häufig gehörte Meinungsäußerungen von Programmierern, Software-Entwicklern und Projektverantwortlichen.
    [Show full text]
  • Fish Creek Voices
    FISH CREEK VOICES An Oral History of A Door County Village edited by FISH CREEK VOICES An Oral History of A Door County Village FISH CREEK VOICES An Oral History of A Door County Village edited by Wm CAXTON LTD Sister Bay, Wisconsin Published by Wm Caxton Ltd Box 709 - Smith Drive & Hwy 57 Sister Bay, WI 54234 (414) 854-2955 Copyright 1990 by Edward Schreiber. All rights reserved. No part of this book may be reproduced in any form or by any means without permission in writing from the publisher, except by a reviewer, who may quote brief passages in a review. Printed in the United States of America. 10 987654321 Library of Congress Cataloging-in-Publication Data Fish creek voices : oral an history of a Door County village / Edward & Lois Schreiber. p. cm. ISBN 0-940473-15-1 (alk. paper) : $20.00 - ISBN 0-940473-16-X (pbk. : alk. paper) $9.95 1. Fish Creek (Wis.)-Social life and customs. 2. Fish Creek (Wis.)-Biography. 3. Oral history. I. Schreiber, Edward, 1914- . II. Schreiber, Lois, 1910-1990 F589.F616F57 1990 977.5’63—dc20 90-38035 CIP ISBN# 0-940473-15-1 (hardcover) ISBN# 0-940473-16-X (paperback) This book is set in a version of Times Roman type chosen for its readability and attractiveness; it is printed on acid-neutral paper bound in sewn signatures and is intended to provide a very long useful life. This book is dedicated to the memory of my wife Lois Schreiber, who helped in many ways to organize the information and suggest the form of the material included here.
    [Show full text]
  • The Third Homomorphism Theorem on Trees Downward & Upward Lead to Divide-And-Conquer
    The Third Homomorphism Theorem on Trees Downward & Upward Lead to Divide-and-Conquer Akimasa Morihata Kiminori Matsuzaki Zhenjiang Hu Masato Takeichi University of Tokyo University of Tokyo National Institute of University of Tokyo JSPS Research Fellow Informatics [email protected] [email protected] [email protected] [email protected] Abstract 1. Introduction Parallel programs on lists have been intensively studied. It is What are little boys made of? well known that associativity provides a good characterization for Snips and snails, and puppy-dogs’ tails divide-and-conquer parallel programs. In particular, the third ho- That’s what little boys are made of! momorphism theorem is not only useful for systematic development What are little girls made of? of parallel programs on lists, but it is also suitable for automatic Sugar and spice and all things nice parallelization. The theorem states that if two sequential programs That’s what little girls are made of! iterate the same list leftward and rightward, respectively, and com- (an old nursery rhyme) pute the same value, then there exists a divide-and-conquer parallel program that computes the same value as the sequential programs. What are parallel programs on lists made of? Consider summing While there have been many studies on lists, few have been up the elements in a list [a1; a2; a3; a4; a5; a6; a7; a8] as an exam- done for characterizing and developing of parallel programs on ple. It is easy to derive sequential algorithms; both the rightward trees.
    [Show full text]
  • Trustees, Administration, Faculty
    Section Six Trustees, Administration, Faculty 628 Trustees, Administration, Faculty OFFICERS Peggy L. Cherng (2012) Co-Chairman Panda Restaurant Group David L. Lee, Chairman Robert B. Chess (2006) Ronald K. Linde, Vice Chairman Chairman Nektar Therapeutics Thomas F. Rosenbaum, President David Dreier (2013) Edward M. Stolper, Provost Lounette M. Dyer (1998) Joshua S. Friedman (2012) Matthew Brewer Co-founder, Co-Chairman and Controller Co-Chief Executive Officer Dean W. Currie Canyon Partners, LLC Vice President for Business and William T. Gross (1994) Finance Founder and Chief Executive Officer Charles Elachi Idealab Vice President and Director, Jet Narenda K. Gupta (2011) Propulsion Laboratory Co-Founder and Managing Director Diana Jergovic Nexus Venture Partners Vice President for Maria D. Hummer-Tuttle (2012) Strategic Implementation President Brian K. Lee Hummer Tuttle Foundation Vice President for Robert T. Jenkins (2005) Development and Institute G. Bradford Jones (2014) Relations Founding Partner Sharon E. Patterson Redpoint Ventures Associate Vice President for Peter D. Kaufman (2008) Finance and Treasurer Chairman and Chief Executive Officer Scott Richland Glenair, Inc. Chief Investment Officer Louise Kirkbride (1995) Joseph E. Shepherd Board Member Vice President for Student State of California Contractors Affairs State License Board Victoria D. Stratman Walter G. Kortschak (2012) General Counsel Senior Advisor and Former Managing Mary L. Webster Partner Secretary Summit Partners, L.P. Jon B. Kutler (2005) Chairman and Chief Executive Officer BOARD OF TRUSTEES Admiralty Partners, Inc. David Li Lee (2000) Trustees Managing General Partner (with date of first election) Clarity Partners, L.P. York Liao (1997) Sean Bailey (2015) Managing Director President Winbridge Company Ltd.
    [Show full text]
  • Intersection Types and Higher-Order Model Checking
    Intersection Types and Higher-Order Model Checking Steven J. Ramsay Merton College University of Oxford A dissertation submitted for the degree of Doctor of Philosophy in Computer Science Trinity Term 2013 Abstract Higher-order recursion schemes are systems of equations that are used to define finite and infinite labelled trees. Since, as Ong has shown, the trees defined have a decidable monadic second order theory, recursion schemes have drawn the attention of research in program verification, where they sit naturally as a higher-order, functional analogue of Boolean programs. Driven by applications, fragments have been studied, algorithms developed and extensions proposed; the emerging theme is called higher- order model checking. Kobayashi has pioneered an approach to higher-order model checking using intersection types, from which many recent advances have followed. The key is a characterisation of model checking as a problem of intersection type assignment. This dissertation contributes to both the theory and practice of the intersection type approach. A new, fixed-parameter polynomial-time decision procedure is described for the alternating trivial automaton fragment of higher-order model checking. The algorithm uses a novel, type-directed form of abstraction refinement, in which behaviours of the scheme are distinguished according to the intersection types that they inhabit. Furthermore, by using types to reason about acceptance and rejection simultaneously, the algorithm is able to converge on a solution from two sides. An implementation, Preface, and an extensive body of evidence demonstrate empirically that the algorithm scales well to schemes of several thousand rules. A comparison with other tools on benchmarks derived from current practice and the related literature puts it well beyond the state-of-the-art.
    [Show full text]