Specifying and Implementing Secure Mobile Applications in the Channel Ambient System

Total Page:16

File Type:pdf, Size:1020Kb

Specifying and Implementing Secure Mobile Applications in the Channel Ambient System University of London Imperial College of Science, Technology and Medicine Department of Computing Specifying and Implementing Secure Mobile Applications in the Channel Ambient System Andrew Nicholas John Brojer Phillips Submitted in part fulfilment of the requirements for the degree of Doctor of Philosophy in Computing of the University of London and the Diploma of Imperial College, October 2005 Abstract The Internet has grown substantially in recent years, and an increasing number of applications are now being developed to exploit this distributed infrastructure. Mobility is an important paradigm for such applications, where mobile code is supplied on demand and mobile components interact freely within a given network. However, mobile applications are difficult to develop: not only do they involve complex parallel interactions between multiple components, but they must also satisfy strict security requirements. One could argue that the development of such applications requires a rigorous means of describing and reasoning about mobile computation, through the use of an appropriate model. Foundational research by Cardelli and Gordon on the Ambient Calculus has shown that process calculi are a promising approach to modelling mobile computation. This thesis builds on more recent research in the field of process calculi, and presents a new model of computation known as the Channel Ambient calculus, which can be used both to specify mobile applications and to reason about their security properties. The primitives of the model were developed with real-world applications in mind, and are designed to be at a level of abstraction suitable for an application programmer. The thesis also bridges a gap between theory and implementation by defining a distributed abstract machine for the Channel Ambient calculus. The abstract machine uses a list semantics, which is close to an implementation language, and a blocking semantics, which leads to an effi- cient implementation. The machine is proved sound and complete with respect to the underlying calculus. A prototype implementation is also described, together with an application for tracking the location of migrating ambients. The correctness of the machine ensures that the work done in specifying and analysing mobile applications is not lost during their implementation. 2 To Sandra Acknowledgements I would like to thank my supervisors, Susan Eisenbach and Nobuko Yoshida, for their dedication and support during my time at Imperial and throughout the writing of this thesis. Both have shown tremendous patience in reading and evaluating my work, and have been an invaluable source of encouragement, providing the guidance and advice I needed to bring this research to fruition. Susan’s expertise in distributed programming languages was instrumental in building the foundations for this research, allowing me to identify and implement programming abstractions for mobile applications. I also benefited from discussions with the SLURP programming group, which helped to place this research in the broader context of modern programming languages for distributed computing. Nobuko’s expertise in process calculi was essential in developing the theoretical foundations of this research, and I am grateful for her patience in teaching me the theoretical background I needed to design and implement a calculus for mobile computation. I also benefited from numerous discussions with the members of the Concurrency Group, which provided an ideal environment for exchanging ideas and exploring the technical challenges of process calculi. I am particularly grateful to Sergio Maffeis and Maria Vigliotti, not only for lively discussion and sound technical advice, but also for their friendship and support. I would also like to thank my co-supervisor, Bashar Nuseibeh, without whom none of this research would have been possible. His expertise in the area of Software Engineering provided an ideal background for studying the design and implementation of mobile applications. I also benefited from discussions with the Requirements Engineering group, which helped to crystallise some of the challenges faced by modern software developers and to identify potential areas for research. I am particularly grateful to my external examiners, Andrew Gordon and Julian Rathke, for their thorough examination of this thesis and their invaluable suggestions for improvement. I am also grateful to my advisers, Luca Cardelli and Stephen Emmott at Microsoft Research Cambridge, for giving me the time I needed to complete this thesis. During my time at Imperial I was fortunate to work in an ideal environment. I am very grateful to my colleagues and friends in the Department of Computing, who helped to make my teaching 4 and research activities that much more enjoyable. I have particularly fond memories of organising weekly PhD cake meetings with Xiang Feng, which provided an ideal setting for discussing and exchanging ideas. My interest in process calculi was initially sparked by a research project at Cambridge Univer- sity, under the supervision of Peter Sewell. His pragmatic views on the delicate balance between theory and practice were an inspiration for my research. During this time, I also had the privilege of working with Pawel Wojciechowski, who shared with me his experience in developing the No- madic Pict system, and provided invaluable insight on the design and implementation of process calculi. Throughout my time in the UK, my parents John and Mary, and my dearest sister Rosemary have always been near to my heart, encouraging me every step of the way. I am also grateful to friends and extended family for their support. Last but not least, I would like to thank my wife, Sandra, who has been with me from the very beginning of this work, and whose love and kindness have helped me reach this far. This research was supported by an ORS scholarship, and also by a research studentship from the Department of Computing, Imperial College. Declaration This thesis conforms to the requirements for the degree of Doctor of Philosophy in Computing of the University of London and the Diploma of Imperial College. The text of this thesis does not exceed 100,000 words, excluding the bibliography and appendices. The research presented in this thesis has not been submitted for any degree or comparable award of this or any other university or institution. This thesis constitutes my own work, and is not the outcome of work done in collaboration. The thesis was supervised by Susan Eisenbach, Nobuko Yoshida and Bashar Nuseibeh. Some of the research presented in this thesis was previously published in the following article, of which I was the main author: Andrew Phillips, Nobuko Yoshida, and Susan Eisenbach. A distributed abstract machine for boxed ambient calculi. In proceedings of the European Symposium on Programming, LNCS. Springer, 2004. 6 Contents 1 Introduction 14 1.1 Problem Description . 14 1.1.1 Specifying and Implementing Secure Mobile Applications . 14 1.1.2 Example Mobile Applications . 14 1.1.3 Security Properties of Mobile Applications . 17 1.1.4 Implementing Mobile Applications . 18 1.1.5 Specifying Mobile Applications . 18 1.2 Related Work . 19 1.2.1 Process Calculi for Mobile Applications . 19 1.2.2 The π-calculus . 20 1.2.3 The Nomadic π-calculus . 25 1.2.4 The Ambient Calculus . 29 1.2.5 The Boxed Ambient Calculus . 33 1.3 Thesis Outline . 34 1.3.1 Thesis Statement . 34 1.3.2 Thesis Contribution . 34 1.3.3 The Channel Ambient Calculus . 34 1.3.4 The Channel Ambient Machine . 35 1.3.5 The Channel Ambient Runtime . 35 1.3.6 The Channel Ambient Language . 36 2 The Channel Ambient Calculus 37 2.1 Introduction . 37 2.2 Design Principles . 38 2.2.1 Components of Mobile Applications . 39 2.2.2 Interaction Between Mobile Application Components . 40 2.2.3 Communication Between Mobile Application Components . 43 7 CONTENTS 8 2.2.4 Migration of Mobile Application Components . 44 2.3 Definition . 45 2.3.1 Syntax of Calculus Processes . 45 2.3.2 Reduction Rules for Executing Calculus Processes . 47 2.3.3 Structural Congruence Rules for Equating Calculus Processes . 49 2.3.4 Substitution of Free Values Inside Processes . 50 2.3.5 Syntax Abbreviations for Frequently Used Processes . 51 2.4 Distributed Model . 52 2.4.1 Constraining the Calculus Syntax to Model TCP/IP Networks . 52 2.4.2 Using Sites to Model a Hierarchical Network Topology . 54 2.4.3 Using Reduction to Model Network Execution . 55 2.4.4 Allowing Multiple Sites to Share the Same IP Address . 57 2.5 Resource Monitoring Application . 58 2.5.1 Examples of Resource Monitoring Applications . 59 2.5.2 Informal Specification of an Application . 60 2.5.3 Formal Calculus Specification . 61 2.5.4 Calculus Execution Scenario . 62 2.6 Security Properties . 64 2.6.1 Proving Safety to Prevent Runtime Errors . 64 2.6.2 Using Channel Types to Ensure Reliable Communication . 65 2.6.3 Using Syntactic Constraints to Prevent Ambient Impersonation . 68 2.7 Related Work . 72 2.8 Conclusion . 74 3 The Channel Ambient Machine 77 3.1 Introduction . 77 3.2 Design Principles . 79 3.2.1 Problems with Using Calculus Reduction to Implement a Runtime . 79 3.2.2 Using a Normal Form to Execute Reductions up to Structural Congruence . 80 3.2.3 Using Blocking to Efficiently Execute Successive Reductions . 82 3.2.4 Justification for Defining an Abstract Machine . 82 3.3 Definition . 83 3.3.1 Syntax of Machine Terms . 84 3.3.2 Using Construction to Encode a Process to a Machine Term . 85 3.3.3 Using Selection to Schedule a Machine Term . 88 3.3.4 Using Unblocking to Prevent Deadlocks During Execution . 88 CONTENTS 9 3.3.5 Using Reduction to Execute a Machine Term . 89 3.4 Distributed Execution . 93 3.4.1 Summary of Distributed Constraints for the Channel Ambient Calculus .
Recommended publications
  • Mobile Processes: a Commented Bibliography
    Mobile Processes: a Commented Bibliography Silvano Dal Zilio Microsoft Research Abstract. We propose a short bibliographic survey of calculi for mobile processes. Contrasting with other similar exercises, we consider two re- lated, but distinct, notions of mobile processes, namely labile processes, which can exhibit dynamic changes in their interaction structure, as mod- elled in the π-calculus of Milner, Parrow and Walker for example, and motile processes, which can exhibit motion, as modelled in the ambient calculus of Cardelli and Gordon. A common characteristic of the alge- braic frameworks presented in this paper is the use of names as first class values and the support for the dynamic generation of new, fresh names. 1 Introduction Process algebras have proved to be valuable mathematical tools to reason about the behaviour of concurrent and communicating systems. For more than ten years now, research has been conducted on semantics of higher-order processes that allow communication channels or even processes to be carried across by communications. Process calculi featuring the ability to dynamically create and exchange channel names are often referred to as mobile, a term popularised by the seminal introduction to the π-calculus [1], a prominent example of calculus with mobile processes. 1. Robin Milner, Joachim Parrow, David Walker: A Calculus of Mobile Pro- cesses, (parts I and II). Information and Computation 100(1) (1992) 1–77 2. Robin Milner: Communicating and Mobile Systems: the Pi-Calculus. Cam- bridge University Press (2000) Unfortunately, the term mobility is overloaded with meaning and the notion of mobility supported by the π-calculus encompasses only part of all the abstrac- tions meaningful to mobility in a distributed system.
    [Show full text]
  • A Survey of Reasoning Methods for Concurrent Systems
    A Survey of Reasoning Methods for Concurrent Systems Chun-Kun Wang Hao Xu Department of Computer Science Data Intensive Cyber Environment Center Univ. of North Carolina at Chapel Hill Univ. of North Carolina at Chapel Hill Chapel Hill, NC 27599, USA Chapel Hill, NC 27599, USA Email: [email protected] Email: [email protected] Abstract—The theory of parallel and distributed systems in tial studies of formal methods for concurrency reasoning. In computer science has been developing for decades. Multiple this paper, we do not compare reasoning methods down to the methods have emerged for the purpose of providing flexibility, last detail (i.e., syntax, inference rules and proof systems). We expressiveness and theories for concurrent processes. This paper provides a comparative introduction to the history of concurrent do, however, discuss concurrency reasoning approaches from systems reasoning and a decision tree to guide the choice of a a high-level and provide a comparative introduction to them. reasoning method accordingly. Our account on these matters is The authors would like to stress that our account on the incomplete. developmental history of concurrent systems reasoning is Index Terms—Concurrent systems, Formal methods, Program incomplete. The guides to select a method accordingly are logic, Process calculi. provided in this paper. Others may well have very different views. I. INTRODUCTION Concurrency theory has been developing for decades, yet II. HISTORY remains an unsolved problem today. Modern software heavily The history of reasoning concurrency dates back to the late relies upon the services provided by distributed systems, twentieth century. The foundations of early concurrency theory ranging from smartphone applications to social media.
    [Show full text]
  • Concurrent Programming CLASS NOTES
    COMP 409 Concurrent Programming CLASS NOTES Based on professor Clark Verbrugge's notes Format and figures by Gabriel Lemonde-Labrecque Contents 1 Lecture: January 4th, 2008 7 1.1 Final Exam . .7 1.2 Syllabus . .7 2 Lecture: January 7th, 2008 8 2.1 What is a thread (vs a process)? . .8 2.1.1 Properties of a process . .8 2.1.2 Properties of a thread . .8 2.2 Lifecycle of a process . .9 2.3 Achieving good performances . .9 2.3.1 What is speedup? . .9 2.3.2 What are threads good for then? . 10 2.4 Concurrent Hardware . 10 2.4.1 Basic Uniprocessor . 10 2.4.2 Multiprocessors . 10 3 Lecture: January 9th, 2008 11 3.1 Last Time . 11 3.2 Basic Hardware (continued) . 11 3.2.1 Cache Coherence Issue . 11 3.2.2 On-Chip Multiprocessing (multiprocessors) . 11 3.3 Granularity . 12 3.3.1 Coarse-grained multi-threading (CMT) . 12 3.3.2 Fine-grained multithreading (FMT) . 12 3.4 Simultaneous Multithreading (SMT) . 12 4 Lecture: January 11th, 2008 14 4.1 Last Time . 14 4.2 \replay architecture" . 14 4.3 Atomicity . 15 5 Lecture: January 14th, 2008 16 6 Lecture: January 16th, 2008 16 6.1 Last Time . 16 6.2 At-Most-Once (AMO) . 16 6.3 Race Conditions . 18 7 Lecture: January 18th, 2008 19 7.1 Last Time . 19 7.2 Mutual Exclusion . 19 8 Lecture: January 21st, 2008 21 8.1 Last Time . 21 8.2 Kessel's Algorithm . 22 8.3 Brief Interruption to Introduce Java and PThreads .
    [Show full text]
  • Abstractions for Mobile Computation.Fm
    Abstractions for Mobile Computation Luca Cardelli Microsoft Research Abstract. We discuss the difficulties caused by mobile computing and mobile com- putation over wide area networks. We propose a unified framework for overcoming such difficulties. 1 Introduction The Internet and the World-Wide-Web provide a computational infrastructure that spans the planet. It is appealing to imagine writing programs that exploit this global infrastruc- ture. Unfortunately, the Web violates many familiar assumptions about the behavior of dis- tributed systems, and demands novel and specialized programming techniques. In particular, three phenomena that remain largely hidden in local area network architectures become readily observable on the Web: • (A) Virtual locations. Because of the presence of potential attackers, barriers are erected between mutually distrustful administrative domains. Therefore, a program must be aware of where it is, and of how to move or communicate between different domains. The existence of separate administrative domains induces a notion of vir- tual locations and of virtual distance between locations. • (B) Physical locations. On a planet-size structure, the speed of light becomes tan- gible. For example, a procedure call to the antipodes requires at least 1/10 of a sec- ond, independently of future improvements in networking technology. This absolute lower bound to latency induces a notion of physical locations and physical distance between locations. • (C) Bandwidth fluctuations. A global network is susceptible to unpredictable con- gestion and partitioning, which result in fluctuations or temporary interruptions of bandwidth. Moreover, mobile devices may perceive bandwidth changes as a conse- quence of physical movement. Programs need to be able to observe and react to these fluctuations.
    [Show full text]
  • Review of the Π-Calculus: a Theory of Mobile Processes∗
    Review of The π-calculus: A Theory of Mobile Processes∗ Riccardo Pucella Department of Computer Science Cornell University July 8, 2001 Introduction With the rise of computer networks in the past decades, the spread of distributed applications with components across multiple machines, and with new notions such as mobile code, there has been a need for formal methods to model and reason about concurrency and mobility. The study of sequential computations has been based on notions such as Turing machines, recursive functions, the λ-calculus, all equivalent formalisms capturing the essence of sequential computations. Unfortunately, for concurrent programs, theories for sequential computation are not enough. Many programs are not simply programs that compute a result and return it to the user, but rather interact with other programs, and even move from machine to machine. Process calculi are an attempt at getting a formal foundation based on such ideas. They emerged from the work of Hoare [4] and Milner [6] on models of concurrency. These calculi are meant to model systems made up of processes communicating by exchanging values across channels. They allow for the dynamic creation and removal of processes, allowing the modelling of dynamic systems. A typical process calculus in that vein is CCS [6, 7]. The π-calculus extends CCS with the ability to create and remove communication links between processes, a new form of dynamic behaviour. By allowing links to be created and deleted, it is possible to model a form of mobility, by identifying the position of a process by its communication links. This book, “The π-calculus: A Theory of Mobile Processes”, by Davide Sangiorgi and David Walker, is a in-depth study of the properties of the π-calculus and its variants.
    [Show full text]
  • Concurrency Theory: a Historical Perspective on Coinduction and Process Calculi
    CONCURRENCY THEORY: A HISTORICAL PERSPECTIVE ON COINDUCTION AND PROCESS CALCULI Jos Baeten, Davide Sangiorgi Readers:Luca Aceto and Robert van Glabbeek 1 INTRODUCTION Computer science is a very young science, that has its origins in the middle of the twentieth century. For this reason, describing its history, or the history of an area of research in computer science, is an activity that receives scant attention. The discipline of computer science does not have a clear demarcation, and even its name is a source of debate. Computer science is sometimes called informatics or information science or information and communication science. A quote widely attributed to Edsger Dijkstra is Computer science is no more about computers than astronomy is about telescopes. If computer science is not about computers, what is it about? We claim it is about behavior. This behavior can be exhibited by a computer executing a program, but equally well by a human being performing a series of actions. In general, behavior can be shown by any agent. Here, an agent is simply an entity that can act. So, computer science is about behavior, about processes, about things happening over time. We are concerned with agents that are executing actions, taking input, emitting output, communicating with other agents. Thus, an agent has behavior, e.g., the execution of a software system, the actions of a machine or even the actions of a human being. Behavior is the total of events or actions that an agent can perform, the order in which they can be executed and maybe other aspects of this execution such as timing, probabilities or evolution.
    [Show full text]
  • Arxiv:Math/0703713V3 [Math.CT] 14 Nov 2007 6
    THE LOGIC OF MESSAGE PASSING J. R. B. COCKETT AND CRAIG PASTRO Abstract. Message passing is a key ingredient of concurrent programming. The purpose of this paper is to describe the equivalence between the proof theory, the categorical semantics, and term calculus of message passing. In order to achieve this we introduce the categorical notion of a linear actegory and the related polycategorical notion of a poly-actegory. Not surprisingly the notation used for the term calculus borrows heavily from the (synchronous) π- calculus. The cut elimination procedure for the system provides an operational semantics. Contents 1. Introduction 2 2. The logic of messages 6 2.1. A term calculus for Msg 6 2.2. Cut elimination for Msg 8 2.3. Equations in Msg 9 3. The logic of message passing 12 3.1. Term calculus for PMsg 13 3.2. A programming syntax term calculus 16 3.3. Cut elimination for PMsg 17 3.4. Equations in PMsg 21 4. Linear actegories 24 4.1. Linearly distributive categories 24 4.2. Linear actegories 25 5. Categorical semantics 33 5.1. The actions are functors 34 5.2. Identities 34 5.3. Associativity and interchange 35 5.4. The natural transformations 36 5.5. Completeness 39 arXiv:math/0703713v3 [math.CT] 14 Nov 2007 6. Representability and soundness 40 6.1. Poly-actegories and circuit representation 40 6.2. Representability of the actions 43 Date: 20 September 2007. Key words and phrases. message passing, concurrency, process semantics, linear logic, term logic, multicategory, polycategory, linearly distributive category, poly-actegory, linear actegory.
    [Show full text]
  • This Thesis Has Been Submitted in Fulfilment of the Requirements for a Postgraduate Degree (E.G
    This thesis has been submitted in fulfilment of the requirements for a postgraduate degree (e.g. PhD, MPhil, DClinPsychol) at the University of Edinburgh. Please note the following terms and conditions of use: • This work is protected by copyright and other intellectual property rights, which are retained by the thesis author, unless otherwise stated. • A copy can be downloaded for personal non-commercial research or study, without prior permission or charge. • This thesis cannot be reproduced or quoted extensively from without first obtaining permission in writing from the author. • The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the author. • When referring to this work, full bibliographic details including the author, title, awarding institution and date of the thesis must be given. Type-parameterized Actors and Their Supervision Jiansen HE Master of Philosophy Department of Computer Science University of Edinburgh 2014 Acknowledgements This thesis is dedicated to my parents for their endless love and support. It is also dedicated to my wife, Shiye, for her continuous encouragement during my hard times. Meeting my wife and getting married are the best two things happened to me in the past 4 years. I want to thank my supervisors, Philip Wadler, Philip Trinder and Don Sannella, for their guidance over 4 years. I am fortunate to have been supervised by them. I want to thank my examiners, Ian Stark and Kevin Hammond, for their meticulous examination and detailed suggestions that contribute to the final version of this thesis. I gratefully acknowledge the substantial help that have received from many colleagues who have shared their related results and ideas over the long period during which this thesis was in preparation.
    [Show full text]
  • What Is a Good Process Semantics?
    What is a good process semantics? Robin Cockett [email protected] University of Calgary Estonia 2006: What is a good process semantics? July, 2006 – p. 1/61 What is a good process semantics? 1. Where are we? Where should we be? 2. Communication on a channel. 3. Polycategories and representability. 4. Communication on many channels. 5. Communication protocols. Estonia 2006: What is a good process semantics? July, 2006 – p. 2/61 1. Where are we? Where should we be? Estonia 2006: What is a good process semantics? July, 2006 – p. 3/61 Distributed computing: the reality ... In the 1970's networks, parallel, and distributed computing was going to solve everything! Practitioners pushed back with “the fallacies” (Joy, Lyon, Deutsch, Gosling): The network is reliable. Latency is zero. Bandwidth is infinite The network is secure. Topology doesn't change. Transport cost is zero. The network is homogeneous. Computing had blindly entered a new world of expectation and connectedness! There was no turning back ... Estonia 2006: What is a good process semantics? July, 2006 – p. 4/61 Practice ahead of theory ... Where was the theory? Where was the mathematics of processes, concurrency, communication? Was the theory only develop in response to practice? Was theory simply modeling practice? Should it? Was there a need to develop new theory ... .... or was it just taking time to link existing theory and practice? Does mathematics have anything insightful to say about communicating processes? Estonia 2006: What is a good process semantics? July, 2006 – p. 5/61 A brief history of process semantics ... Petri nets, C.
    [Show full text]
  • A General Overview of Formal Languages for Individual-Based
    A General Overview of Formal Languages for Individual-Based Modelling of Ecosystems Mauricio Toro Universidad Eafit mtorobe@eafit.edu.co Abstract Various formal languages have been proposed in the literature for the individual- based modelling of ecological systems. These languages differ in their treatment of time and space. Each modelling language offers a distinct view and techniques for analyzing systems. Most of the languages are based on process calculi or P systems. In this article, we present a general overview of the existing modelling languages based on process calculi. We also discuss, briefly, other approaches such as P systems, cellular automata and Petri nets. Finally, we show advantages and disadvantages of these modelling languages and we propose some future research directions. 1 Introduction The collective evolution of a group of individuals is of importance in many fields; for instance, in system biology, ecology and epidemiology. When modelling such systems, we want to know the emergent behavior of the whole population given a description of the low-level interactions of the individuals in the system. As an example, in eco-epidemiology the focus is on the evolution in time of the number of individuals infected in a certain population and how a small number of individuals infected may lead to an epidemic. arXiv:1901.10820v1 [cs.LO] 28 Jan 2019 Eco-epidemiology can be seen as a particular case of population ecology. The main aim of population ecology is to gain a better understanding of population dynamics and make predictions about how populations will evolve and how they will respond to specific management schemes.
    [Show full text]
  • 4.2.3 Advantages and Limitations of the Π Calculus
    DynamiTE: A 21st-Century Framework for Concurrent Component-Based Design Andrew John Hughes 11th of December 2009 This thesis is submitted for the degree of Doctor of Philosophy Department of Computer Science University of Sheffield Abstract The free ride for software developers is over. In the past, computer programs have increased in performance simply by running on new hardware with ever increasing clock speeds. Now, however, this line of development has reached its end and chip designers are producing new processors, not with faster clocks, but with more cores. To take advantage of the speed increases offered by these new products, applications need to be redesigned with parallel processing firmly in mind. The problem is that mainstream designs are still inherently sequential. Concur- rency tends to be an afterthought that may be useful to gain a performance boost, not an essential part of the design process. The current vogue for object-oriented designs tends to also have the side-effect of making them heavily data-oriented which doesn’t scale well; each shared element of data has to be protected from simultane- ous access, resulting in operations becoming sequential again. In addition, the usual methods for protecting data tend to be very low-level and error-prone. In this thesis, we introduce a new design method whereby applications are con- structed from small sequential tasks connected by intercommunication primitives. Our approach is based on a two-stage process; first, the individual tasks are cre- ated as independent entities and tested with appropriate inputs, then secondly, the communication infrastructure between them is developed.
    [Show full text]
  • Parallelism in Curricula – an International Survey
    International Working Group Introduction Software Engineering for parallel Systems (SEPARS) German Computer Science Society (Gesellschaft fuer Informatik e.V.) http://www.multicore‐systems.org/separs Parallelism in Curricula – An International Survey David J. Meder Victor Pankratius Walter F. Tichy Karlsruhe Institute of Karlsruhe Institute of Karlsruhe Institute of Technology Technology Technology 76131 Karlsruhe, Germany 76131 Karlsruhe, Germany 76131 Karlsruhe, Germany [email protected] [email protected] [email protected] Last update: December 3, 2009 Download latest version at: http://www.multicore‐systems.org/separs/downloads/GI‐WG‐SurveyParallelismCurricula.pdf Contents Introduction.................................................................................................................................................. II Summary of Findings............................................................................................................................... VII Overview – Number of Courses and Categories ................................................................................ XIII Courses at American Universities............................................................................................................15 Courses at U.K. Universities .....................................................................................................................44 Courses at German Universities...............................................................................................................53
    [Show full text]