DOCSLIB.ORG

Verification of High-Level Transformations With

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Verification of High-Level Transformations With Verification of High-Level Transformations with Inductive Refinement Types Ahmad Salim Al-Sibahi Thomas P. Jensen IT University of Copenhagen Inria Rennes University of Copenhagen France Skanned.com [email protected] Denmark ahmad@{di.ku.dk,skanned.com} Aleksandar S. Dimovski Andrzej Wąsowski IT University of Copenhagen IT University of Copenhagen Denmark Denmark Mother Teresa University, Skopje [email protected] Macedonia [email protected] Abstract 17th ACM SIGPLAN International Conference on Generative Program- High-level transformation languages like Rascal include ex- ming: Concepts and Experiences (GPCE ’18), November 5–6, 2018, pressive features for manipulating large abstract syntax trees: Boston, MA, USA. ACM, New York, NY, USA, 19 pages. hps://doi.org/10.1145/3278122.3278125 first-class traversals, expressive pattern matching, backtrack- ing and generalized iterators. We present the design and 1 Introduction implementation of an abstract interpretation tool, Rabit, for verifying inductive type and shape properties for transfor- Transformations play a central role in software development. mations written in such languages. We describe how to per- They are used, amongst others, for desugaring, model trans- form abstract interpretation based on operational semantics, formations, refactoring, and code generation. The artifacts specifically focusing on the challenges arising when analyz- involved in transformations—e.g., structured data, domain- ing the expressive traversals and pattern matching. Finally, specific models, and code—often have large abstract syn- we evaluate Rabit on a series of transformations (normal- tax, spanning hundreds of syntactic elements, and a corre- ization, desugaring, refactoring, code generators, type in- spondingly rich semantics. Thus, writing transformations ference, etc.) showing that we can effectively verify stated is a tedious and error-prone process. Specialized languages properties. and frameworks with high-level features have been devel- oped to address this challenge of writing and maintaining CCS Concepts • Theory of computation → Program transformations. These languages include Rascal [31], Strat- verification; Program analysis; Abstraction; Functional ego/XT[11],TXL[15],Uniplate [34] forHaskell,and Kiama [46] constructs; Program schemes; Operational semantics; Control for Scala. For example, Rascal combines a functional core primitives; • Software and its engineering → Translator language supporting state and exceptions, with constructs arXiv:1809.06336v1 [cs.PL] 17 Sep 2018 writing systems and compiler generators; Semantics; for processing of large structures. Keywords transformation languages, abstract interpreta- tion, static analysis 1 PUBLIC SCRIPT FLATTENBLOCKS(SCRIPT S) { ACM Reference Format: 2 SOLVE(S) { Ahmad Salim Al-Sibahi, Thomas P. Jensen, Aleksandar S. Dimovski, 3 S = BOTTOM-UP VISIT(S) { and Andrzej Wąsowski. 2018. Verification of High-Level Transfor- 4 CASE STMTLIST: [ XS,BLOCK(YS), ZS] => mations with Inductive Refinement Types. In Proceedings of the * * 5 XS + YS + ZS GPCE ’18, November 5–6, 2018, Boston, MA, USA 6 } © 2018 Copyright held by the owner/author(s). Publication rights licensed 7 } to ACM. 8 RETURN S; This is the author’s version of the work. It is posted here for your personal 9 } use. Not for redistribution. The definitive Version of Record was published in Proceedings of the 17th ACM SIGPLAN International Conference on Gen- erative Programming: Concepts and Experiences (GPCE ’18), November 5–6, Figure 1. Transformation in Rascal that flattens all nested 2018, Boston, MA, USA, hps://doi.org/10.1145/3278122.3278125. blocks in a statement GPCE’18,November5–6,2018,Boston,MA,USA A.S.Al-Sibahi, T. P. Jensen, A. S. Dimovski and A. Wąsowski Figure 1 shows an example Rascal transformation program 1 DATA NAT = ZERO() | SUC(NAT PRED); 1 taken from a PHP analyzer. This transformation program 2 DATA EXPR = VAR(STR NM) | CST(NAT VL) recursively flattens all blocks in a list of statements. The pro- 3 | MULT(EXPR EL, EXPR ER); gram uses the following core Rascal features: 4 • A visitor (VISIT) to traverse and rewrite all statement 5 EXPR SIMPLIFY(EXPR EXPR) = lists containing a block to a flat list of statements. Visi- 6 BOTTOM-UP VISIT (EXPR) { tors support various strategies, like the BOTTOM-UP strat- 7 CASE MULT(CST(ZERO()), Y) => CST(ZERO()) egy that traverses the abstract syntax tree starting from 8 CASE MULT(X, CST(ZERO())) => CST(ZERO()) leaves toward the root. 9 }; • An expressive pattern matching language is used to non-deterministically find blocks inside a list of state- Figure 2. The running example: eliminating multiplications ments. The starred variable patterns *XS and *ZS match by zero from expressions arbitrary number of elements in the list, respectively before and after the BLOCK(YS) element. Rascal sup- ports non-linear matching, negative matching and spec- 4. Schmidt-style abstract operational semantics [43] for ifying patterns that match deeply nested values. a significant subset of Rascal adapting the idea of trace • The solve-loop (SOLVE) performing the rewrite until a memoization to support arbitrary recursive calls with fixed point is reached (the value of s stops changing). input from infinite domains. To rule out errors in transformations, we propose a static Together, these contributions show feasibility of applying analysis for enforcing type and shape properties, so that tar- abstract interpretation for constructing analyses for expres- get transformations produce output adhering to particular sive transformation languages and properties. shape constraints. For our PHP example, this would include: We proceed by presenting a running example in Sect. 2. We introduce the key constructs of Rascal in Sect. 3. Sec- • The transformation preserves the constructors used tion 4 describes the modular construction of abstract domains. in the input: does not add or remove new types of PHP Sections 5 to 8 describe abstract semantics. We evaluate the statements. analyzer on realistic transformations, reporting results in • The transformation produces flat statement lists, i.e., Sect. 9. Sections 10 and 11 discuss related papers and con- lists that do not recursively contain any block. clude. To ensure such properties, a verification technique must rea- son about shapes of inductive data—also inside collections 2 Motivation and Overview such as sets and maps—while still maintaining soundness Verifying types and state properties such as the ones stated and precision. It must also track other important aspects, for the program of Fig. 1 poses the following key challenges: like cardinality of collections, which interact with target lan- • The programs use heterogeneous inductive data types, guage operations including pattern matching and iteration. and contain collections such as lists, maps and sets, In this paper, we address the problem of verifying type and basic data such as integers and strings. This com- and shape properties for high-level transformations written plicates construction of the abstract domains, since in Rascal and similar languages. We show how to design and one shall model interaction between these different implement a static analysis based on abstract interpretation. types while maintaining precision. Concretely, our contributions are: • The traversal of syntax trees depends heavily on the 1. An abstract interpretation-based static analyzer—Rascal type and shape of input, on a complex program state, ABstract Interpretation Tool (Rabit)—that supports in- and involves unbounded recursion. This challenges the ferring types and inductive shapes for a large subset inference of approximate invariants in a procedure of Rascal. that both terminates and provides useful results. 2. An evaluation of Rabit on several program transfor- • Backtracking and exceptions in large programs intro- mations: refactoring, desugaring, normalization algo- duce the possibility of state-dependent non-local jumps. rithm, code generator, and language implementation This makes it difficult to statically calculate the con- of an expression language. trol flow of target programs and have a compositional 3. A modular design for abstract shape domains, that denotational semantics, instead of an operational one. allows extending and replacing abstractions for con- Figure 2 presents a small pedagogical example using visitors. crete element types, e.g. extending the abstraction for The program performs expression simplification by travers- lists to include length in addition to shape of contents. ing a syntax tree bottom-up and reducing multiplications by constant zero. We now survey the analysis techniques con- 1hps://github.com/cwi-swat/php-analysis tributed in this paper, explaining them using this example. Verification of High-Level Transformations ... GPCE ’18, November 5–6, 2018, Boston, MA, USA mult (cst (Nat) , cst (Nat)) Inductive refinement types Rabit works by inferring an recursei inductive refinement type representing the shape of possi- recurse cst (Nat) ··· ble output of a transformation given the shape of its input. ii It does this by interpreting the simplification program ab- recurse Nat stractly, considering all possible paths the program can take fail zero iii partition for values satisfying the input shape (any expression of type partition zero suc (Nat) Expr in this case). The result of running Rabit on this case iv v is: recurse Nat ′ ′ vi partition successcst (Nat)≀ var (str)≀ mult (Expr , Expr ) partition ′ ′ fail cst (Nat)≀ var (str)≀ mult
Load more

Recommended publications
  • A Type and Scope Safe Universe of Syntaxes with Binding: Their Semantics and Proofs
    ZU064-05-FPR jfp19 26 March 2020 16:6 Under consideration for publication in J. Functional Programming 1 A Type and Scope Safe Universe of Syntaxes with Binding: Their Semantics and Proofs GUILLAUME ALLAIS, ROBERT ATKEY University of Strathclyde (UK) JAMES CHAPMAN Input Output HK Ltd. (HK) CONOR MCBRIDE University of Strathclyde (UK) JAMES MCKINNA University of Edinburgh (UK) Abstract Almost every programming language’s syntax includes a notion of binder and corresponding bound occurrences, along with the accompanying notions of α-equivalence, capture-avoiding substitution, typing contexts, runtime environments, and so on. In the past, implementing and reasoning about programming languages required careful handling to maintain the correct behaviour of bound variables. Modern programming languages include features that enable constraints like scope safety to be expressed in types. Nevertheless, the programmer is still forced to write the same boilerplate over again for each new implementation of a scope safe operation (e.g., renaming, substitution, desugaring, printing, etc.), and then again for correctness proofs. We present1 an expressive universe of syntaxes with binding and demonstrate how to (1) implement scope safe traversals once and for all by generic programming; and (2) how to derive properties of these traversals by generic proving. Our universe description, generic traversals and proofs, and our examples have all been formalised in Agda and are available in the accompanying material available online at https://github.com/gallais/generic-syntax. 1 Introduction In modern typed programming languages, programmers writing embedded DSLs (Hudak (1996)) and researchers formalising them can now use the host language’s type system to help them.
    [Show full text]
  • Multifocal: a Strategic Bidirectional Transformation Language for XML Schemas
    Multifocal: A Strategic Bidirectional Transformation Language for XML Schemas Hugo Pacheco and Alcino Cunha HASLab / INESC TEC & Universidade do Minho, Braga, Portugal fhpacheco,[email protected] Abstract. Lenses are one of the most popular approaches to define bidirectional transformations between data models. However, writing a lens transformation typically implies describing the concrete steps that convert values in a source schema to values in a target schema. In con- trast, many XML-based languages allow writing structure-shy programs that manipulate only specific parts of XML documents without having to specify the behavior for the remaining structure. In this paper, we propose a structure-shy bidirectional two-level transformation language for XML Schemas, that describes generic type-level transformations over schema representations coupled with value-level bidirectional lenses for document migration. When applying these two-level programs to partic- ular schemas, we employ an existing algebraic rewrite system to optimize the automatically-generated lens transformations, and compile them into Haskell bidirectional executables. We discuss particular examples involv- ing the generic evolution of recursive XML Schemas, and compare their performance gains over non-optimized definitions. Keywords: coupled transformations, bidirectional transformations, two- level transformations, strategic programming, XML 1 Introduction Data transformations are often coupled [16], encompassing software transfor- mation scenarios that involve the modification of multiple artifacts such that changes to one of the artifacts induce the reconciliation of the remaining ones in order to maintain global consistency. A particularly interesting instance of this class are two-level transformations [18, 5], that concern the type-level trans- formation of schemas coupled with the value-level transformation of documents that conform to those schemas.
    [Show full text]
  • Refinement Session Types
    MENG INDIVIDUAL PROJECT IMPERIAL COLLEGE LONDON DEPARTMENT OF COMPUTING Refinement Session Types Supervisor: Prof. Nobuko Yoshida Author: Fangyi Zhou Second Marker: Dr. Iain Phillips 16th June 2019 Abstract We present an end-to-end framework to statically verify multiparty concurrent and distributed protocols with refinements, where refinements are in the form of logical constraints. We combine the theory of multiparty session types and refinement types and provide a type system approach for lightweight static verification. We formalise a variant of the l-calculus, extended with refinement types, and prove their type safety properties. Based on the formalisation, we implement a refinement type system extension for the F# language. We design a functional approach to generate APIs with refinement types from a multiparty protocol in F#. We generate handler-styled APIs, which statically guarantee the linear usage of channels. With our refinement type system extension, we can check whether the implementation is correct with respect to the refinements. We evaluate the expressiveness of our system using three case studies of refined protocols. Acknowledgements I would like to thank Prof. Nobuko Yoshida, Dr. Francisco Ferreira, Dr. Rumyana Neykova and Dr. Raymond Hu for their advice, support and help during the project. Without them I would not be able to complete this project. I would like to thank Prof. Paul Kelly, Prof. Philippa Gardner and Prof. Sophia Drossopoulou, whose courses enlightened me to explore the area of programming languages. Without them I would not be motivated to discover more in this area. I would like to thank Prof. Paul Kelly again, this time for being my personal tutor.
    [Show full text]
  • Agda User Manual Release 2.6.3
    Agda User Manual Release 2.6.3 The Agda Team Sep 23, 2021 Contents 1 Overview 3 2 Getting Started 5 2.1 What is Agda?..............................................5 2.2 Installation................................................7 2.3 ‘Hello world’ in Agda.......................................... 13 2.4 A Taste of Agda............................................. 14 2.5 A List of Tutorials............................................ 22 3 Language Reference 25 3.1 Abstract definitions............................................ 25 3.2 Built-ins................................................. 27 3.3 Coinduction............................................... 40 3.4 Copatterns................................................ 42 3.5 Core language.............................................. 45 3.6 Coverage Checking............................................ 48 3.7 Cubical.................................................. 51 3.8 Cumulativity............................................... 65 3.9 Data Types................................................ 66 3.10 Flat Modality............................................... 69 3.11 Foreign Function Interface........................................ 70 3.12 Function Definitions........................................... 75 3.13 Function Types.............................................. 78 3.14 Generalization of Declared Variables.................................. 79 3.15 Guarded Cubical............................................. 84 3.16 Implicit Arguments...........................................
    [Show full text]
  • Current Issue of FACS FACTS
    Issue 2021-2 July 2021 FACS A C T S The Newsletter of the Formal Aspects of Computing Science (FACS) Specialist Group ISSN 0950-1231 FACS FACTS Issue 2021-2 July 2021 About FACS FACTS FACS FACTS (ISSN: 0950-1231) is the newsletter of the BCS Specialist Group on Formal Aspects of Computing Science (FACS). FACS FACTS is distributed in electronic form to all FACS members. Submissions to FACS FACTS are always welcome. Please visit the newsletter area of the BCS FACS website for further details at: https://www.bcs.org/membership/member-communities/facs-formal-aspects- of-computing-science-group/newsletters/ Back issues of FACS FACTS are available for download from: https://www.bcs.org/membership/member-communities/facs-formal-aspects- of-computing-science-group/newsletters/back-issues-of-facs-facts/ The FACS FACTS Team Newsletter Editors Tim Denvir [email protected] Brian Monahan [email protected] Editorial Team: Jonathan Bowen, John Cooke, Tim Denvir, Brian Monahan, Margaret West. Contributors to this issue: Jonathan Bowen, Andrew Johnstone, Keith Lines, Brian Monahan, John Tucker, Glynn Winskel BCS-FACS websites BCS: http://www.bcs-facs.org LinkedIn: https://www.linkedin.com/groups/2427579/ Facebook: http://www.facebook.com/pages/BCS-FACS/120243984688255 Wikipedia: http://en.wikipedia.org/wiki/BCS-FACS If you have any questions about BCS-FACS, please send these to Jonathan Bowen at [email protected]. 2 FACS FACTS Issue 2021-2 July 2021 Editorial Dear readers, Welcome to the 2021-2 issue of the FACS FACTS Newsletter. A theme for this issue is suggested by the thought that it is just over 50 years since the birth of Domain Theory1.
    [Show full text]
  • Objective Metatheory of Cubical Type Theories (Thesis Proposal) Jonathan Sterling August 15, 2020
    Objective Metatheory of Cubical Type Theories (thesis proposal) Jonathan Sterling August 15, 2020 School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 Thesis Committee: Robert Harper, Chair Lars Birkedal Jeremy Avigad Karl Crary Favonia Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy. Copyright © 2020 Jonathan Sterling I gratefully acknowledge the support of the Air Force Office of Scientific Research through MURI grant FA9550-15-1-0053. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author and do not necessarily reflect the views of the AFOSR. Contents 1 Introduction 1 1.1 Computation in dependent type theory ................. 1 1.2 Syntactic, phenomenal, and semantic aspects of equality . 3 1.3 Subjective metatheory: the mathematics of formalisms . 6 1.4 Objective metatheory: a syntax-invariant perspective . 6 1.5 Towards principled implementation of proof assistants . 20 1.6 Thesis Statement ............................. 20 1.7 Acknowledgments ............................. 21 2 Background and Prior Work 23 2.1 RedPRL: a program logic for cubical type theory . 23 2.2 The redtt proof assistant ......................... 28 2.3 XTT: cubical equality and gluing .................... 39 3 Proposed work 45 3.1 Algebraic model theory .......................... 46 3.2 Contexts and injective renamings .................... 46 3.3 Characterizing normal forms ....................... 48 3.4 Normalization of cartesian cubical type theory . 49 3.5 redtt reloaded: abstract elaboration ................... 50 3.6 Timeline and fallback positions ..................... 50 A redtt: supplementary materials 51 A.1 The RTT core language ......................... 51 A.2 Normalization by evaluation for RTT . 59 A.3 Elaboration relative to a boundary ..................
    [Show full text]
  • Haskell Communities and Activities Report
    Haskell Communities and Activities Report http://www.haskell.org/communities/ Eighth Edition – May 13, 2005 Andres L¨oh (ed.) Perry Alexander Lloyd Allison Tiago Miguel Laureano Alves Krasimir Angelov Alistair Bayley J´er´emy Bobbio Bj¨orn Bringert Niklas Broberg Paul Callaghan Mark Carroll Manuel Chakravarty Olaf Chitil Koen Claessen Catarina Coquand Duncan Coutts Philippa Cowderoy Alain Cr´emieux Iavor Diatchki Atze Dijkstra Shae Erisson Sander Evers Markus Forsberg Simon Foster Leif Frenzel Andr´eFurtado John Goerzen Murray Gross Walter Gussmann Jurriaan Hage Sven Moritz Hallberg Thomas Hallgren Keith Hanna Bastiaan Heeren Anders H¨ockersten John Hughes Graham Hutton Patrik Jansson Johan Jeuring Paul Johnson Isaac Jones Oleg Kiselyov Graham Klyne Daan Leijen Huiqing Li Andres L¨oh Rita Loogen Salvador Lucas Christoph Luth¨ Ketil Z. Malde Christian Maeder Simon Marlow Conor McBride John Meacham Serge Mechveliani Neil Mitchell William Garret Mitchener Andy Moran Matthew Naylor Rickard Nilsson Jan Henry Nystr¨om Sven Panne Ross Paterson Jens Petersen John Peterson Simon Peyton-Jones Jorge Sousa Pinto Bernie Pope Claus Reinke Frank Rosemeier David Roundy George Russell Chris Ryder David Sabel Uwe Schmidt Martijn Schrage Peter Simons Anthony Sloane Dominic Steinitz Donald Bruce Stewart Martin Sulzmann Autrijus Tang Henning Thielemann Peter Thiemann Simon Thompson Phil Trinder Arjan van IJzendoorn Tuomo Valkonen Eelco Visser Joost Visser Malcolm Wallace Ashley Yakeley Jory van Zessen Bulat Ziganshin Preface You are reading the 8th edition of the Haskell Communities and Activities Report (HCAR). These are interesting times to be a Haskell enthusiast. Everyone seems to be talking about darcs (→ 6.3) and Pugs (→ 6.1) these days, and it is nice to see Haskell being mentioned in places where it usually was not.
    [Show full text]
  • 162581776.Pdf
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by The IT University of Copenhagen's Repository Verification of High-Level Transformations with Inductive Refinement Types Ahmad Salim Al-Sibahi Thomas P. Jensen DIKU/Skanned.com/ITU INRIA Rennes Denmark France Aleksandar S. Dimovski Andrzej Wąsowski ITU/Mother Teresa University, Skopje ITU Denmark/Macedonia Denmark Abstract 1 Introduction High-level transformation languages like Rascal include ex- Transformations play a central role in software development. pressive features for manipulating large abstract syntax trees: They are used, amongst others, for desugaring, model trans- first-class traversals, expressive pattern matching, backtrack- formations, refactoring, and code generation. The artifacts ing and generalized iterators. We present the design and involved in transformations—e.g., structured data, domain- implementation of an abstract interpretation tool, Rabit, for specific models, and code—often have large abstract syn- verifying inductive type and shape properties for transfor- tax, spanning hundreds of syntactic elements, and a corre- mations written in such languages. We describe how to per- spondingly rich semantics. Thus, writing transformations form abstract interpretation based on operational semantics, is a tedious and error-prone process. Specialized languages specifically focusing on the challenges arising when analyz- and frameworks with high-level features have been devel- ing the expressive traversals and pattern matching. Finally, oped to address this challenge of writing and maintain- we evaluate Rabit on a series of transformations (normaliza- ing transformations. These languages include Rascal [28], tion, desugaring, refactoring, code generators, type inference, Stratego/XT [12], TXL [16], Uniplate [31] for Haskell, and etc.) showing that we can effectively verify stated properties.
    [Show full text]
  • Domain-Specific Languages for Modeling and Simulation
    Domain-specifc Languages for Modeling and Simulation Dissertation zur Erlangung des akademischen Grades Doktor-Ingenieur (Dr.-Ing.) der Fakultät für Informatik und Elektrotechnik der Universität Rostock vorgelegt von Tom Warnke, geb. am 25.01.1988 in Malchin aus Rostock Rostock, 14. September 2020 https://doi.org/10.18453/rosdok_id00002966 Dieses Werk ist lizenziert unter einer Creative Commons Namensnennung - Weitergabe unter gleichen Bedingungen 4.0 International Lizenz. Gutachter: Prof. Dr. Adelinde M. Uhrmacher (Universität Rostock) Prof. Rocco De Nicola (IMT Lucca) Prof. Hans Vangheluwe (Universität Antwerpen) Eingereicht am 14. September 2020 Verteidigt am 8. Januar 2021 Abstract Simulation models and simulation experiments are increasingly complex. One way to handle this complexity is developing software languages tailored to specifc application domains, so-called domain-specifc languages (DSLs). This thesis explores the potential of employing DSLs in modeling and simulation. We study diferent DSL design and implementation techniques and illustrate their benefts for expressing simulation models as well as simulation experiments with several examples. Regarding simulation models, we focus on discrete-event models based on continuous- time Markov chains (CTMCs). Most of our work revolves around ML-Rules, an rule-based modeling language for biochemical reaction networks. First, we relate the expressive power of ML-Rules to other currently available modeling languages for this application domain. Then we defne the abstract syntax and operational semantics for ML-Rules, mapping models to CTMCs in an unambiguous and precise way. Based on the formal defnitions, we present two approaches to implement ML-Rules as a DSL. The core of both implementations is fnding the matches for the patterns on the left side of ML-Rules’ rules.
    [Show full text]
  • From Action System to Distributed Systems: the Refinement Approach
    Luigia Petre and Emil Sekerinski From Action System to Distributed Systems: The Refinement Approach Contents List of Figures ix List of Tables xi I This is What a Part Would Look Like 1 1 A Contract-Based Approach to Ensuring Component Inter- operability in Event-B 3 Linas Laibinis and Elena Troubitsyna 1.1 Introduction . 3 1.2 Background: Event-B . 5 1.2.1 Modelling and Refinement in Event-B . 5 1.2.2 Modelling Modular Systems in Event-B . 7 1.3 From Event-B Modelling to Contracts . 11 1.3.1 Contracts . 11 1.3.2 From a Module Interface to a Component Contract . 12 1.4 Example: an Auction System . 13 1.4.1 Initial Model . 14 1.5 Conclusions . 19 Bibliography 21 vii List of Figures 1.1 Event-B machine and context components . 5 1.2 Before-after predicates . 6 1.3 Module interface . 8 1.4 Component contract . 11 1.5 Interface Component . 17 1.6 The Seller class contract . 18 ix List of Tables xi Part I This is What a Part Would Look Like 1 Chapter 1 A Contract-Based Approach to Ensuring Component Interoperability in Event-B Linas Laibinis Abo˚ Akademi University, Turku, Finland Elena Troubitsyna Abo˚ Akademi University, Turku, Finland 1.1 Introduction :::::::::::::::::::::::::::::::::::::::::::::::::::::: 3 1.2 Background: Event-B :::::::::::::::::::::::::::::::::::::::::::: 5 1.2.1 Modelling and Refinement in Event-B :::::::::::::::::: 5 1.2.2 Modelling Modular Systems in Event-B :::::::::::::::: 7 1.3 From Event-B Modelling to Contracts ::::::::::::::::::::::::::: 11 1.3.1 Contracts :::::::::::::::::::::::::::::::::::::::::::::::: 11 1.3.2 From a Module Interface to a Component Contract :::: 12 1.4 Example: an Auction System :::::::::::::::::::::::::::::::::::: 13 1.4.1 Initial Model ::::::::::::::::::::::::::::::::::::::::::::: 14 1.5 Conclusions ::::::::::::::::::::::::::::::::::::::::::::::::::::::: 19 1.1 Introduction Ensuring component interoperability constitutes one of the main chal- lenges in the component-based development approach [10].
    [Show full text]
  • A Theory of Software Product Line Refinement
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Elsevier - Publisher Connector Theoretical Computer Science 455 (2012) 2–30 Contents lists available at SciVerse ScienceDirect Theoretical Computer Science journal homepage: www.elsevier.com/locate/tcs A theory of software product line refinement Paulo Borba a,∗, Leopoldo Teixeira a, Rohit Gheyi b a Informatics Center, Federal University of Pernambuco, Recife, PE, Brazil b Department of Computing Systems, Federal University of Campina Grande, Campina Grande, PB, Brazil article info a b s t r a c t Keywords: To safely evolve a software product line, it is important to have a notion of product Software product lines line refinement that assures behavior preservation of the original product line products. Software evolution So in this article we present a language independent theory of product line refinement, Refinement Refactoring establishing refinement properties that justify stepwise and compositional product line evolution. Moreover, we instantiate our theory with the formalization of specific languages for typical product lines artifacts, and then introduce and prove soundness of a number of associated product line refinement transformation templates. These templates can be used to reason about specific product lines and as a basis to derive comprehensive product line refinement catalogues. ' 2012 Elsevier B.V. All rights reserved. 1. Introduction A software product line is a set of related software products that are generated from reusable assets. Products are related in the sense that they share common functionality. Assets correspond to components, classes, property files, and other artifacts that we compose or instantiate in different ways to specify or build the different products.
    [Show full text]
  • First-Class Type Classes
    First-Class Type Classes Matthieu Sozeau1 and Nicolas Oury2 1 Univ. Paris Sud, CNRS, Laboratoire LRI, UMR 8623, Orsay, F-91405 INRIA Saclay, ProVal, Parc Orsay Universit´e, F-91893 [email protected] 2 University of Nottingham [email protected] Abstract. Type Classes have met a large success in Haskell and Is- abelle, as a solution for sharing notations by overloading and for spec- ifying with abstract structures by quantification on contexts. However, both systems are limited by second-class implementations of these con- structs, and these limitations are only overcomed by ad-hoc extensions to the respective systems. We propose an embedding of type classes into a dependent type theory that is first-class and supports some of the most popular extensions right away. The implementation is correspond- ingly cheap, general and integrates well inside the system, as we have experimented in Coq. We show how it can be used to help structured programming and proving by way of examples. 1 Introduction Since its introduction in programming languages [1], overloading has met an important success and is one of the core features of object–oriented languages. Overloading allows to use a common name for different objects which are in- stances of the same type schema and to automatically select an instance given a particular type. In the functional programming community, overloading has mainly been introduced by way of type classes, making ad-hoc polymorphism less ad hoc [17]. A type class is a set of functions specified for a parametric type but defined only for some types.
    [Show full text]