DOCSLIB.ORG

The Theory and Practice of Concurrency A.W. Roscoe

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Contents i The Theory and Practice of Concurrency A.W. Roscoe Published 1997, revised to 2000 and lightly revised to 2005. The original version is in print in April 2005 with Prentice-Hall (Pearson). This version is made available for personal reference only. This version is copyright (c ) Pearson and Bill Roscoe. Contents Preface ix 0 Introduction 1 0.1 Background 1 0.2 Perspective 4 0.3 Tools 7 0.4 What is a communication? 8 I A FOUNDATION COURSE IN CSP 11 1 Fundamental concepts 13 1.1 Fundamental operators 14 1.2 Algebra 29 1.3 The traces model and traces refinement 35 1.4 Tools 48 2 Parallel operators 51 2.1 Synchronous parallel 51 2.2 Alphabetized parallel 55 2.3 Interleaving 65 2.4 Generalized parallel 68 iv Contents 2.5 Parallel composition as conjunction 70 2.6 Tools 74 2.7 Postscript: On alphabets 76 3 Hiding and renaming 77 3.1 Hiding 77 3.2 Renaming and alphabet transformations 86 3.3 A basic guide to failures and divergences 93 3.4 Tools 99 4 Piping and enslavement 101 4.1 Piping 101 4.2 Enslavement 107 4.3 Tools 112 5 Buffers and communication 115 5.1 Pipes and buffers 115 5.2 Buffer tolerance 127 5.3 The alternating bit protocol 130 5.4 Tools 136 5.5 Notes (2005) 137 6 Termination and sequential composition 139 6.1 What is termination? 139 6.2 Distributed termination 143 6.3 Laws 144 6.4 Effects on the traces model 147 6.5 Effects on the failures/divergences model 148 II THEORY 151 7 Operational semantics 153 7.1 A survey of semantic approaches to CSP 153 7.2 Transition systems and state machines 155 Contents v 7.3 Firing rules for CSP 162 7.4 Relationships with abstract models 174 7.5 Tools 181 7.6 Notes 182 8 Denotational semantics 183 8.1 Introduction 183 8.2 The traces model 186 8.3 The failures/divergences model 195 8.4 The stable failures model 211 8.5 Notes 218 9 Analyzing the denotational models 221 9.1 Deterministic processes 221 9.2 Analyzing fixed points 227 9.3 Full abstraction 232 9.4 Relations with operational semantics 242 9.5 Notes 247 10 Infinite traces 249 10.1 Calculating infinite traces 249 10.2 Adding failures 255 10.3 Using infinite traces 262 10.4 Notes 271 11 Algebraic semantics 273 11.1 Introduction 273 11.2 Operational semantics via algebra 275 11.3 The laws of ⊥N 279 11.4 Normalizing 281 11.5 Sequential composition and SKIP 291 11.6 Other models 294 11.7 Notes 297 vi Contents 12 Abstraction 299 12.1 Modes of abstraction 300 12.2 Reducing specifications 310 12.3 Abstracting errors: specifying fault tolerance 313 12.4 Independence and security 320 12.5 Tools 330 12.6 Notes 330 III PRACTICE 335 13 Deadlock! 337 13.1 Basic principles and tree networks 337 13.2 Specific ways to avoid deadlock 349 13.3 Variants 365 13.4 Network decomposition 376 13.5 The limitations of local analysis 379 13.6 Deadlock and tools 381 13.7 Notes 386 14 Modelling discrete time 389 14.1 Introduction 389 14.2 Meeting timing constraints 390 14.3 Case study 1: level crossing gate 395 14.4 Checking untimed properties of timed processes 405 14.5 Case study 2: the alternating bit protocol 410 14.6 Urgency and priority 417 14.7 Tools 420 14.8 Notes 420 15 Case studies 423 15.1 Combinatorial systems: rules and tactics 424 15.2 Analysis of a distributed algorithm 430 15.3 Distributed data and data-independence 445 15.4 Analyzing crypto-protocols 468 15.5 Notes 488 Contents vii A Mathematical background 491 A.1 Partial orders 491 A.2 Metric spaces 510 B A guide to machine-readable CSP 519 B.1 Introduction 519 B.2 Expressions 520 B.3 Pattern matching 526 B.4 Types 528 B.5 Processes 532 B.6 Special definitions 535 B.7 Mechanics 538 B.8 Missing features 539 B.9 Availability 539 C The operation of FDR 541 C.1 Basic operation 541 C.2 Hierarchical compression 553 Notation 563 Bibliography 567 Main index 577 Index of named processes 589 Preface Since C.A.R. Hoare’s text Communicating Sequential Processes was published in 1985, his notation has been extensively used for teaching and applying concurrency theory. This book is intended to provide a comprehensive text on CSP from the perspective that 12 more years of research and experience have brought. By far the most significant development in this time has been the emer- gence of tools to support both the teaching and industrial application of CSP. This has turned CSP from a notation used mainly for describing ‘toy’ examples which could be understood and analyzed by hand, into one which can and does support the description of industrial-sized problems and which facilitates their automated analysis. As we will see, the FDR model checking tool can, over a wide range of application areas, perform analyses and solve problems that are beyond most, if not all, humans. In order to use these tools effectively you need a good grasp of the fundamen- tal concepts of CSP: the tools are most certainly not an alternative to gaining an understanding of the theory. Therefore this book is still, in the first instance, a text on the principles of the language rather than being a manual on how to apply its tools. Nevertheless the existence of the tools has heavily influenced both the choice and presentation of material. Most of the chapters have a section specifically on the way the material in them relates to tools, two of the appendices are tool-related, and there is an associated web site http://www.comlab.ox.ac.uk/oucl/publications/books/concurrency/ on which readers can find • a list of tools available for CSP x Preface • demonstrations and details of some of the tools • directories of example files containing most of the examples from the text and many other related ones • practical exercises which can be used by those teaching and learning from this book • a list of materials available to support teaching (overhead foils, solutions to exercises, etc.) and instructions for obtaining them as well as supporting textual material. Contact information, etc., relating to those tools specifically mentioned in the text can be found in the Bibliography. The Introduction (Chapter 0) gives an indication of the history, purpose and range of applications of CSP, as well as a brief survey of the classes of tools that are available. There is also a discussion of how to go about one of the major steps when using CSP to model a system: deciding what constitutes an event.Itprovides background reading which should be of interest to more experienced readers before beginning the rest of the book; those with no previous exposure to concurrency might find some parts of the Introduction of more benefit after looking at Part I. The rest of the book is divided into three parts and structured to make it usable by as wide an audience as possible. It should be emphasized, however, that the quantity of material and the differing levels of sophistication required by various topics mean that I expect it will be relatively uncommon for people to attempt the whole book in a short space of time. Part I (Chapters 1–6) is a foundation course on CSP, covering essentially the same ground as Hoare’s text except that most of the mathematical theory is omitted. At an intuitive level, it introduces the ideas behind the operational (i.e., transition system), denotational (traces, failures and divergences) and algebraic models of CSP, but the formal development of these is delayed to Part II. Part I has its origins in a set of notes that I developed for an introductory 16-lecture course for Oxford undergraduates in Engineering and Computing Science. I would expect that all introductory courses would cover up to Section 5.1 (buffers), with the three topics beyond that (buffer tolerance, communications protocols and sequential composition1) being more optional. Part II and Part III (Chapters 7–12 and 13–15, though Chapter 12 arguably belongs equally to both) respectively go into more detail on the theory and practice 1Instructors who are intending to deal at any length with the theory presented in Part II should consider carefully whether they want to include the treatment of sequential composition, since it can reasonably be argued that the special cases it creates are disproportionate to the usefulness of that operator in the language. Certainly it is well worth considering presenting the theory without these extra complications before going back to see how termination and sequencing fit in. Preface xi of CSP. Either of them would form the basis of a one-term graduate course as a follow-on to Part I, though some instructors will doubtless wish to mix the material and to include extracts from Parts II and III in a first course. (At Oxford, intro- ductory courses for more mathematically sophisticated audiences have used parts of Chapters 8 and 9, on the denotational semantics and its applications, and some courses have used part of Chapter 13, on deadlock.) The chapters of Part III are largely independent of each other and of Part II.2 This book assumes no mathematical knowledge except for a basic under- standing of sets, sequences and functions. I have endeavoured to keep the level of mathematical sophistication of Parts I and III to the minimum consistent with giv- ing a proper explanation of the material.
Recommended publications
  • Edsger W. Dijkstra: a Commemoration

    Edsger W. Dijkstra: a Commemoration

    Edsger W. Dijkstra: a Commemoration Krzysztof R. Apt1 and Tony Hoare2 (editors) 1 CWI, Amsterdam, The Netherlands and MIMUW, University of Warsaw, Poland 2 Department of Computer Science and Technology, University of Cambridge and Microsoft Research Ltd, Cambridge, UK Abstract This article is a multiauthored portrait of Edsger Wybe Dijkstra that consists of testimo- nials written by several friends, colleagues, and students of his. It provides unique insights into his personality, working style and habits, and his influence on other computer scientists, as a researcher, teacher, and mentor. Contents Preface 3 Tony Hoare 4 Donald Knuth 9 Christian Lengauer 11 K. Mani Chandy 13 Eric C.R. Hehner 15 Mark Scheevel 17 Krzysztof R. Apt 18 arXiv:2104.03392v1 [cs.GL] 7 Apr 2021 Niklaus Wirth 20 Lex Bijlsma 23 Manfred Broy 24 David Gries 26 Ted Herman 28 Alain J. Martin 29 J Strother Moore 31 Vladimir Lifschitz 33 Wim H. Hesselink 34 1 Hamilton Richards 36 Ken Calvert 38 David Naumann 40 David Turner 42 J.R. Rao 44 Jayadev Misra 47 Rajeev Joshi 50 Maarten van Emden 52 Two Tuesday Afternoon Clubs 54 2 Preface Edsger Dijkstra was perhaps the best known, and certainly the most discussed, computer scientist of the seventies and eighties. We both knew Dijkstra |though each of us in different ways| and we both were aware that his influence on computer science was not limited to his pioneering software projects and research articles. He interacted with his colleagues by way of numerous discussions, extensive letter correspondence, and hundreds of so-called EWD reports that he used to send to a select group of researchers.
  • Texts in Computer Science

    Texts in Computer Science

    Texts in Computer Science Editors David Gries Fred B. Schneider For other titles published in this series, go to www.springer.com/series/3191 A.W. Roscoe Understanding Concurrent Systems Prof. A.W. Roscoe Oxford University Computing Laboratory Wolfson Bldg., Parks Road Oxford OX1 3QD UK [email protected] Series Editors David Gries Fred B. Schneider Department of Computer Science Department of Computer Science Upson Hall Upson Hall Cornell University Cornell University Ithaca, NY 14853-7501, USA Ithaca, NY 14853-7501, USA ISSN 1868-0941 e-ISSN 1868-095X ISBN 978-1-84882-257-3 e-ISBN 978-1-84882-258-0 DOI 10.1007/978-1-84882-258-0 Springer London Dordrecht Heidelberg New York British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library Library of Congress Control Number: 2010936468 © Springer-Verlag London Limited 2010 Apart from any fair dealing for the purposes of research or private study, or criticism or review, as per- mitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form or by any means, with the prior permission in writing of the publish- ers, or in the case of reprographic reproduction in accordance with the terms of licenses issued by the Copyright Licensing Agency. Enquiries concerning reproduction outside those terms should be sent to the publishers. The use of registered names, trademarks, etc., in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant laws and regulations and therefore free for general use.
  • Massachusetts Institute of Technology Artificial Intelligence Laboratory

    Massachusetts Institute of Technology Artificial Intelligence Laboratory

    MASSACHUSETTS INSTITUTE OF TECHNOLOGY ARTIFICIAL INTELLIGENCE LABORATORY Working Paper 190 June 1979 A FAIR POWER DOMAIN FOR ACTOR COMPUTATIONS Will Clinger AI Laboratory Working Papers are produced for internal circulation, and may contain information that is, for example, too preliminary or too detailed for formal publication. Although some will be given a limited external distribution, it is not intended that they should be considered papers to which reference can be made in the literature. This report describes research conducted at the Artificial Intelligence Laboratory of the Massachusetts Institute of Technology. Support for this research was provided in part by the Office of Naval Research of the Department of Defense under Contract N00014-75-C-0522. O MASSAnuTsms INSTTUTE OF TECMGoOry FM DRAFT 1 June 1979 -1- A fair power domain A FAIR POWER DOMAIN FOR ACTOR COMPUTATIONS Will Clingerl 1. Abstract Actor-based languages feature extreme concurrency, allow side effects, and specify a form of fairness which permits unbounded nondeterminism. This makes it difficult to provide a satisfactory mathematical foundation for their semantics. Due to the high degree of parallelism, an oracle semantics would be intractable. A weakest precondition semantics is out of the question because of the possibility of unbounded nondeterminism. The most attractive approach, fixed point semantics using power domains, has not been helpful because the available power domain constructions, although very general, seemed to deal inadequately with fairness. By taking advantage of the relatively complex structure of the actor computation domain C, however, a power domain P(C) can be defined which is similar to Smyth's weak power domain but richer.
  • Actor Model of Computation

    Actor Model of Computation

    Published in ArXiv http://arxiv.org/abs/1008.1459 Actor Model of Computation Carl Hewitt http://carlhewitt.info This paper is dedicated to Alonzo Church and Dana Scott. The Actor model is a mathematical theory that treats “Actors” as the universal primitives of concurrent digital computation. The model has been used both as a framework for a theoretical understanding of concurrency, and as the theoretical basis for several practical implementations of concurrent systems. Unlike previous models of computation, the Actor model was inspired by physical laws. It was also influenced by the programming languages Lisp, Simula 67 and Smalltalk-72, as well as ideas for Petri Nets, capability-based systems and packet switching. The advent of massive concurrency through client- cloud computing and many-core computer architectures has galvanized interest in the Actor model. An Actor is a computational entity that, in response to a message it receives, can concurrently: send a finite number of messages to other Actors; create a finite number of new Actors; designate the behavior to be used for the next message it receives. There is no assumed order to the above actions and they could be carried out concurrently. In addition two messages sent concurrently can arrive in either order. Decoupling the sender from communications sent was a fundamental advance of the Actor model enabling asynchronous communication and control structures as patterns of passing messages. November 7, 2010 Page 1 of 25 Contents Introduction ............................................................ 3 Fundamental concepts ............................................ 3 Illustrations ............................................................ 3 Modularity thru Direct communication and asynchrony ............................................................. 3 Indeterminacy and Quasi-commutativity ............... 4 Locality and Security ............................................
  • Common Sense for Concurrency and Strong Paraconsistency Using Unstratified Inference and Reflection

    Common Sense for Concurrency and Strong Paraconsistency Using Unstratified Inference and Reflection

    Published in ArXiv http://arxiv.org/abs/0812.4852 http://commonsense.carlhewitt.info Common sense for concurrency and strong paraconsistency using unstratified inference and reflection Carl Hewitt http://carlhewitt.info This paper is dedicated to John McCarthy. Abstract Unstratified Reflection is the Norm....................................... 11 Abstraction and Reification .............................................. 11 This paper develops a strongly paraconsistent formalism (called Direct Logic™) that incorporates the mathematics of Diagonal Argument .......................................................... 12 Computer Science and allows unstratified inference and Logical Fixed Point Theorem ........................................... 12 reflection using mathematical induction for almost all of Disadvantages of stratified metatheories ........................... 12 classical logic to be used. Direct Logic allows mutual Reification Reflection ....................................................... 13 reflection among the mutually chock full of inconsistencies Incompleteness Theorem for Theories of Direct Logic ..... 14 code, documentation, and use cases of large software systems Inconsistency Theorem for Theories of Direct Logic ........ 15 thereby overcoming the limitations of the traditional Tarskian Consequences of Logically Necessary Inconsistency ........ 16 framework of stratified metatheories. Concurrency is the Norm ...................................................... 16 Gödel first formalized and proved that it is not possible
  • Fifty Years of Hoare's Logic

    Fifty Years of Hoare's Logic

    Fifty Years of Hoare's Logic Krzysztof R. Apt CWI, Amsterdam, The Netherlands MIMUW, University of Warsaw, Warsaw, Poland Ernst-R¨udigerOlderog University of Oldenburg, Oldenburg, Germany Contents 1 Introduction 2 2 Precursors 3 2.1 Turing . .3 2.2 Floyd . .5 3 Hoare's Contributions 6 3.1 Reasoning about while programs . .6 3.2 Reasoning about recursive procedures . .9 3.3 Reasoning about termination . 11 4 Soundness and Completeness Matters 13 4.1 Preliminaries . 13 4.2 Soundness . 14 4.3 Completeness . 15 5 Fine-tuning the Approach 18 5.1 Adaptation rules . 18 5.2 Subscripted and local variables . 20 5.3 Parameter mechanisms and procedure calls . 23 6 Reasoning about Arbitrary Procedures 25 arXiv:1904.03917v2 [cs.LO] 24 Oct 2019 6.1 Completeness results for recursive procedures . 25 6.2 Clarke's incompleteness result . 28 6.3 Clarke's language L4 ......................................... 29 6.4 The characterization problem . 30 1 7 Nondeterministic and Probabilistic Programs 32 7.1 Reasoning about nondeterminism . 32 7.2 Reasoning about fairness . 34 7.3 Probabilistic programs . 36 8 Parallel and Distributed Programs 37 8.1 Reasoning about parallel programs . 37 8.2 Reasoning about distributed programs . 42 9 Object-oriented Programs 46 9.1 Language characteristics . 46 9.2 Reasoning about object-oriented programs . 47 9.3 Advanced topics in the verification of object-oriented programs . 49 10 Alternative Approaches 51 10.1 Weakest precondition semantics and systematic program development . 51 10.2 Specifying in Hoare's logic . 53 10.3 Programming from specifications . 54 10.4 Algorithmic logic and dynamic logic .
  • Oral History of Sir Antony Hoare

    Oral History of Sir Antony Hoare

    Oral History of Sir Antony Hoare Interviewed by: Jonathan P. Bowen Recorded: September 8, 2006 Cambridge, United Kingdom CHM Reference number: X3698.2007 © 2006 Computer History Museum Oral History of Sir Antony Hoare Jonathan Bowen: Hello, Tony. Would you like to introduce yourself briefly? Sir Antony Hoare: I’m Tony Hoare, principal researcher at Microsoft Research Limited in Cambridge. Thank you for coming here to talk to me. Bowen: Thank you, Tony. I’m looking forward to our talk together. It would be interesting to know, first of all, how you grew up, and what your mother and father did. Hoare: My father was a colonial civil servant, and my mother was the daughter of a tea planter in Ceylon. She was called out to Ceylon to act as social secretary for my grandfather, and they met in Ceylon, married there, and I was born there. Bowen: And do you have any memories of Ceylon? Hoare: Oh, yes, I have quite vivid memories of going to school there. In those days it was still quite a wild place, and we used to go out to the country -- indeed into the forest -- to see animals and elephants and tigers. Had quite exciting adventures there in the school party. Bowen: And you had brothers and sisters? Hoare: I have two younger brothers and two younger sisters. My second brother was also born in Ceylon. Bowen: And you all got on well together? You were a happy family? Hoare: Oh, yes, in the end anyway. Bowen: Yes, like all families. Yes. Hoare: We still have the opportunity to meet quite frequently.
  • Communicating Parallel Processes

    Communicating Parallel Processes

    Communicating Parallel Processes Stephen Brookes Abstract Tony Hoare's 1978 paper introducing the programming language Communicating Sequential Processes is now a classic. CSP treated input and output as fundamental programming primitives, and in- cluded a simple form of parallel composition based on synchronized communication. This paper provides an excellent example of Tony's clarity of vision and intuition. The notion of processes is easy to grasp intuitively, provides a natural abstraction of the way many par- allel systems behave, and has an abundance of applications. Ideas from CSP have influenced the design of more recent programming languages such as occam and Ada. Investigations of the semantic foundations of CSP and its successors and derivatives have flourished, bringing forth a variety of mathematical models, each tailored to focus on a particular kind of program behavior. In this paper we re-examine the rationale for some of the original language design decisions, equipped with the benefit of hindsight and the accumulation of two decades of research into programming language semantics. We propose an \ide- alized" version of CSP whose syntax generalizes the original language along familiar lines but whose semantics is based on asynchronous communication and fair parallel execution, in direct contrast with the original language and its main successors. This language permits nested and recursive uses of parallelism, so it is more appropriate for us to refer to Communicating Parallel Processes. We outline a sim- ple semantics for this language and compare its structure with the most prominent models of the synchronous language. Our semantic framework is equally well suited to modelling asynchronous processes, shared-variable programs, and Kahn-style dataflow networks, so that we achieve a unification of paradigms.
  • DEPARTMENT of COMPUTER SCIENCE Carneg,E-,Mellon Un

    DEPARTMENT of COMPUTER SCIENCE Carneg,E-,Mellon Un

    A MODEL FOR COMMUNICATING SEQUENTIAL PF_OCESSES Stephen D. Brookes DEPARTMENT of COMPUTER SCIENCE Carneg,e-,Mellon Un,vers,ty (7__[J--_ q - _ 2-- _ 4 :_ A MOI)EL FOR COMMUNICATING SEQUENTIAL PROCESSES Stephen D. Brookes Thesis submitted for the degree of Doctor of Philosophy. University College Oxford University January 1983 ABSTRACT This thesis describes tile construction and mathematical properties of a model for communicating sequential processes. We define a semantic model for processes based on failures, which encapsulate certain finite aspects of process behaviour and allow an elegant treatment of nondeterminism. We define a set of process operations, including nondeter- ministic choice, conditional composition, and various forms of' parallel composition. These process operations enjoy many interesting mathematical properties, which allow us to prove many process identities. The failures model is well suited to reasoning about deadlock properties of processes, and some examples are given to illustrate this. The failures model does not treat in a reasonable way the phenomenon of divergence, which occurs when a process performs a potentially infinite sequence of internal actions and never interacts with its environment. We offer an extension of" the model in Chapter 5, which treats divergence more satisfactorily. We also give a complete proof system for proving semantic equivalence of terms. Tile thesis also contains some results on the relationship of these models to other models of processes in the literature, specifically relating to the work of Milner, Kennaway, Hennessy and de Nicola. Chapter 3 gives an alternative formula t;ion of the failures model, a]iowing comparison with Kennaway's work.
  • Translating Between Models of Concurrency

    Translating Between Models of Concurrency

    Translating between models of concurrency David Mestel∗ A.W. Roscoe† April 23, 2019 Abstract Hoare’s Communicating Sequential Processes (CSP) [8] admits a rich universe of semantic models closely related to the van Glabbeek spectrum. In this paper we study finite observational models, of which at least six have been identified for CSP, namely traces, stable failures, revivals, ac- ceptances, refusal testing and finite linear observations [20]. We show how to use the recently-introduced priority operator ([21], ch.20) to transform refinement questions in these models into trace refinement (language in- clusion) tests. Furthermore, we are able to generalise this to any (rational) finite observational model. As well as being of theoretical interest, this is of practical significance since the state-of-the-art refinement checking tool FDR4 [5] currently only supports two such models. In particular we study how it is possible to check refinement in a discrete version of the Timed Failures model that supports Timed CSP. 1 Introduction In this paper we re-examine part of the Linear-Time spectrum that forms part of the field of study of van Glabbeek in [31, 30], specifically the part characterised by finite linear observations. A number of different forms of process calculus have been developed for the modeling of concurrent programs, including Hoare’s Communicating Sequential Processes (CSP) [8], Milner’s Calculus of Communicating Systems (CCS) [12], arXiv:1904.09875v1 [cs.FL] 22 Apr 2019 and the π-calculus [13]. Unlike the latter two, CSP’s semantics are traditionally given in behavioural semantic models coarser than bisimulation, normally ones that depend on linear observations only.
  • Security and Trust for Ubiquitous Communication

    Security and Trust for Ubiquitous Communication

    Security and trust for ubiquitous communication S. Creese Systems Assurance Group, QinetiQ, Malvern Technology Centre, UK G. M. Reed International Institute for Software Technology United Nations University Macau A. W. Roscoe and J. W. Sanders Programming Research Group University of Oxford Oxford, UK Prepared for the ITU WSIS Thematic Meeting on Cybersecurity 28 June – 1 July, 2005, Geneva Switzerland June 15, 2005 1 Abstract In this paper we report on an ethical approach to security and trust in contemporary computing and communication systems and we discuss some of its specific detailed consequences. The approach is that of the principle of distribution, in which control resides as much as possible with the individual rather than in centralised agents. The consequences on which we elaborate here include: the importance of establishing entirely distributed protocols, in particular for the secure and trusted dynamic networking of mobile ICT devices; that in view of their pervasive popularity, cellphones be subject to the same stringent criteria of security and trust as networked computers; the promotion of open-source software to bridge the digital divide and empower developing nations in configuring accepted software in their own languages and to their own needs. We report on the United Kingdom’s Department of Trade and Industry’s FOR- WARD program concerning security and trust in human-centric systems and on the United Nations University’s International Institute for Software Technology’s recent Open Computing Initiative, and end by raising some pertinent questions. 2 Introduction 1. We live in an age in which information and communications technologies span the globe, providing users with mobile and real-time access to information, services and each other.
  • Communicating Parallel Processes Stephen Brookes 2

    Communicating Parallel Processes Stephen Brookes 2

    Communicating Parallel Processes Stephen Brookes 2 Abstract Tony Hoare’s 1978 paper introducing the programming language Communicating Sequential Processes is now a classic. CSP treated input and output as fundamen- tal programming primitives, and included a simple form of parallel composition based on synchronized communication. This paper provides an excellent example of Tony’s clarity of vision and intuition. The notion of processes is easy to grasp intuitively, provides a natural abstraction of the way many parallel systems behave, and has an abundance of applications. Ideas from CSP have influenced the design of more recent programming languages such as occam and Ada. Investigations of the semantic foundations of CSP and its successors and derivatives have flourished, bringing forth a variety of mathematical models, each tailored to focus on a par- ticular kind of program behavior. In this paper we re-examine the rationale for some of the original language design decisions, equipped with the benefit of hind- sight and the accumulation of two decades of research into programming language semantics. We propose an “idealized” version of CSP whose syntax generalizes the original language along familiar lines but whose semantics is based on asyn- chronous communication and fair parallel execution, in direct contrast with the original language and its main successors. This language permits nested and recur- sive uses of parallelism, so it is more appropriate for us to refer to Communicating Parallel Processes. We outline a simple semantics for this language and compare its structure with the most prominent models of the synchronous language. Our semantic framework is equally well suited to modelling asynchronous processes, shared-variable programs, and Kahn-style dataflow networks, so that we achieve a unification of paradigms.