Specification, execution and verification of interaction protocols: an approach based on computational logic

Interaction protocols establish how different computational entities can interact with each other. The interaction can be finalized to the exchange of data, as in 'communication protocols', or can be oriented to achieve some result, as in 'application protocols'. Moreover, with the increasing complexity of modern distributed systems, protocols are used also to control such a complexity, and to ensure that the system as a whole evolves with certain features. However, the extensive use of protocols has raised some issues, from the language for specifying them to the several verification aspects. Computational Logic provides models, languages and tools that can be effectively adopted to address such issues: its declarative nature can be exploited for a protocol specification language, while its operational counterpart can be used to reason upon such specifications. In this thesis we propose a proof-theoretic framework, called SCIFF, together with its extensions. SCIFF is based on Abductive Logic Programming, and provides a formal specification language with a clear declarative semantics (based on abduction). The operational counterpart is given by a proof procedure, that allows to reason upon the specifications and to test the conformance of given interactions w.r.t. a defined protocol. Moreover, by suitably adapting the SCIFF Framework, we propose solutions for addressing (1) the protocol properties verification (g-SCIFF Framework), and (2) the a-priori conformance verification of peers w.r.t. the given protocol (AlLoWS Framework). We introduce also an agent based architecture, the SCIFF Agent Platform, where the same protocol specification can be used to program and to ease the implementation task of the interacting peers.

Constraint handling rules. Compositional semantics and program transformation

This thesis intends to investigate two aspects of Constraint Handling Rules (CHR). It proposes a compositional semantics and a technique for program transformation. CHR is a concurrent committed-choice constraint logic programming language consisting of guarded rules, which transform multi-sets of atomic formulas (constraints) into simpler ones until exhaustion [Frü06] and it belongs to the declarative languages family. It was initially designed for writing constraint solvers but it has recently also proven to be a general purpose language, being as it is Turing equivalent [SSD05a]. Compositionality is the first CHR aspect to be considered. A trace based compositional semantics for CHR was previously defined in [DGM05]. The reference operational semantics for such a compositional model was the original operational semantics for CHR which, due to the propagation rule, admits trivial non-termination. In this thesis we extend the work of [DGM05] by introducing a more refined trace based compositional semantics which also includes the history. The use of history is a well-known technique in CHR which permits us to trace the application of propagation rules and consequently it permits trivial non-termination avoidance [Abd97, DSGdlBH04]. Naturally, the reference operational semantics, of our new compositional one, uses history to avoid trivial non-termination too. Program transformation is the second CHR aspect to be considered, with particular regard to the unfolding technique. Said technique is an appealing approach which allows us to optimize a given program and in more detail to improve run-time efficiency or spaceconsumption. Essentially it consists of a sequence of syntactic program manipulations which preserve a kind of semantic equivalence called qualified answer [Frü98], between the original program and the transformed ones. The unfolding technique is one of the basic operations which is used by most program transformation systems. It consists in the replacement of a procedure-call by its definition. In CHR every conjunction of constraints can be considered as a procedure-call, every CHR rule can be considered as a procedure and the body of said rule represents the definition of the call. While there is a large body of literature on transformation and unfolding of sequential programs, very few papers have addressed this issue for concurrent languages. We define an unfolding rule, show its correctness and discuss some conditions in which it can be used to delete an unfolded rule while preserving the meaning of the original program. Finally, confluence and termination maintenance between the original and transformed programs are shown. This thesis is organized in the following manner. Chapter 1 gives some general notion about CHR. Section 1.1 outlines the history of programming languages with particular attention to CHR and related languages. Then, Section 1.2 introduces CHR using examples. Section 1.3 gives some preliminaries which will be used during the thesis. Subsequentely, Section 1.4 introduces the syntax and the operational and declarative semantics for the first CHR language proposed. Finally, the methodologies to solve the problem of trivial non-termination related to propagation rules are discussed in Section 1.5. Chapter 2 introduces a compositional semantics for CHR where the propagation rules are considered. In particular, Section 2.1 contains the definition of the semantics. Hence, Section 2.2 presents the compositionality results. Afterwards Section 2.3 expounds upon the correctness results. Chapter 3 presents a particular program transformation known as unfolding. This transformation needs a particular syntax called annotated which is introduced in Section 3.1 and its related modified operational semantics !0t is presented in Section 3.2. Subsequently, Section 3.3 defines the unfolding rule and prove its correctness. Then, in Section 3.4 the problems related to the replacement of a rule by its unfolded version are discussed and this in turn gives a correctness condition which holds for a specific class of rules. Section 3.5 proves that confluence and termination are preserved by the program modifications introduced. Finally, Chapter 4 concludes by discussing related works and directions for future work.

Specification and Verification of Declarative Open Interaction Models - A Logic-based framework

The advent of distributed and heterogeneous systems has laid the foundation for the birth of new architectural paradigms, in which many separated and autonomous entities collaborate and interact to the aim of achieving complex strategic goals, impossible to be accomplished on their own. A non exhaustive list of systems targeted by such paradigms includes Business Process Management, Clinical Guidelines and Careflow Protocols, Service-Oriented and Multi-Agent Systems. It is largely recognized that engineering these systems requires novel modeling techniques. In particular, many authors are claiming that an open, declarative perspective is needed to complement the closed, procedural nature of the state of the art specification languages. For example, the ConDec language has been recently proposed to target the declarative and open specification of Business Processes, overcoming the over-specification and over-constraining issues of classical procedural approaches. On the one hand, the success of such novel modeling languages strongly depends on their usability by non-IT savvy: they must provide an appealing, intuitive graphical front-end. On the other hand, they must be prone to verification, in order to guarantee the trustworthiness and reliability of the developed model, as well as to ensure that the actual executions of the system effectively comply with it. In this dissertation, we claim that Computational Logic is a suitable framework for dealing with the specification, verification, execution, monitoring and analysis of these systems. We propose to adopt an extended version of the ConDec language for specifying interaction models with a declarative, open flavor. We show how all the (extended) ConDec constructs can be automatically translated to the CLIMB Computational Logic-based language, and illustrate how its corresponding reasoning techniques can be successfully exploited to provide support and verification capabilities along the whole life cycle of the targeted systems.

Dall'involucro all'invaso. Lo spazio a pianta centrale nell'opera architettonica di Adalberto Libera

An archetype selected over the centuries Adalberto Libera wrote little, showing more inclination to use the project as the only means of verification. This study uses a survey of the project for purely compositional space in relation to the reason that most other returns with continuity and consistency throughout his work. "The fruit of a type selected over centuries", in the words of Libera, is one of the most widely used and repeated spatial archetypes present in the history of architecture, given its nature as defined by a few consolidated elements and precisely defined with characters of geometric precision and absoluteness, the central space is provided, over the course of evolution of architecture, and its construction aspects as well as symbolic, for various uses, from historical period in which it was to coincide with sacred space for excellence, to others in which it lends itself to many different expressive possibilities of a more "secular". The central space was created on assumptions of a constructive character, and the same exact reason has determined the structural changes over the centuries, calling from time to time with advances in technology, the maximum extent possible and the different applications, which almost always have coincided with the reason for the monumental space. But it’s in the Roman world that the reason for the central space is defined from the start of a series of achievements that fix the character in perpetuity. The Pantheon was seen maximum results and, simultaneously, the archetype indispensable, to the point that it becomes difficult to sustain a discussion of the central space that excludes. But the reason the space station has complied, in ancient Rome, just as exemplary, monuments, public spaces or buildings with very different implications. The same Renaissance, on which Wittkower's proving itself once and for all, the nature and interpretation of sacred space station, and thus the symbolic significance of that invaded underlying interpretations related to Humanism, fixing the space-themed drawing it with the study and direct observation by the four-sixteenth-century masters, the ruins that in those years of renewed interest in the classical world, the first big pieces of excavation of ancient Rome brought to light with great surprise of all. Not a case, the choice to investigate the architectural work of Libera through the grounds of the central space. Investigating its projects and achievements, it turns out as the reason invoked particularly evident from the earliest to latest work, crossing-free period of the war which for many authors in different ways, the distinction between one stage and another, or the final miss. The theme and the occasion for Libera always distinct, it is precisely the key through which to investigate her work, to come to discover that the first-in this case the central plan-is the constant underlying all his work, and the second reason that the quota with or at the same time, we will return different each time and always the same Libera, formed on the major works remained from ancient times, and on this building method, means consciously, that the characters of architectural works, if valid, pass the time, and survive the use and function contingent. As for the facts by which to formalize it, they themselves are purely contingent, and therefore available to be transferred from one work to another, from one project to another, using also the loan. Using the same two words-at-issue and it becomes clear now how the theme of this study is the method of Libera and opportunity to the study of the central space in his work. But there is one aspect that, with respect to space a central plan evolves with the progress of the work of Libera on the archetype, and it is the reason behind all the way, just because an area built entirely on reason centric. It 'just the "center" of space that, ultimately, tells us the real progression and the knowledge that over the years has matured and changed in Libera. In the first phase, heavily laden with symbolic superstructure, even if used in a "bribe" from Free-always ill-disposed to sacrifice the idea of architecture to a phantom-center space is just the figure that identifies the icon represents space itself: the cross, the flame or the statue are different representations of the same idea of center built around an icon. The second part of the work of clearing the space station, changed the size of the orders but the demands of patronage, grows and expands the image space centric, celebratory nature that takes and becomes, in a different way, this same symbol . You see, one in all, as the project of "Civiltà Italiana" or symbolic arch are examples of this different attitude. And at the same point of view, you will understand how the two projects formulated on the reuse of the Mausoleum of Augustus is the key to its passage from first to second phase: the Ara Pacis in the second project, making itself the center of the composition "breaks" the pattern of symbolic figure in the center, because it is itself an architecture. And, in doing so, the transition takes place where the building itself-the central space-to become the center of that space that itself creates and determines, by extending the potential and the expressiveness of the enclosure (or cover) that defines the basin centered. In this second series of projects, which will be the apex and the point of "crisis" in the Palazzo dei Congressi all'E42 received and is no longer so, the symbol at the very geometry of space, but space itself and 'action' will be determined within this; action leading a movement, in the case of the Arco simbolico and the "Civiltà Italiana" or, more frequently, or celebration, as in the great Sala dei Recevimenti all’E42, which, in the first project proposal, is represented as a large area populated by people in suits, at a reception, in fact. In other words, in this second phase, the architecture is no longer a mere container, but it represents the shape of space, representing that which "contains". In the next step-determining the knowledge from which mature in their transition to post-war-is one step that radically changes the way centric space, although formally and compositionally Libera continues the work on the same elements, compounds and relationships in a different way . In this last phase Freedom, center, puts the man in human beings, in the two previous phases, and in a latent, were already at the center of the composition, even if relegated to the role of spectators in the first period, or of supporting actors in the second, now the heart of space. And it’s, as we shall see, the very form of being together in the form of "assembly", in its different shades (up to that sacred) to determine the shape of space, and how to relate the parts that combine to form it. The reconstruction of the birth, evolution and development of the central space of the ground in Libera, was born on the study of the monuments of ancient Rome, intersected on fifty years of recent history, honed on the constancy of a method and practice of a lifetime, becomes itself, Therefore, a project, employing the same mechanisms adopted by Libera; the decomposition and recomposition, research synthesis and unity of form, are in fact the structure of this research work. The road taken by Libera is a lesson in clarity and rationality, above all, and this work would uncover at least a fragment.

Type Systems for Distributed Programs: Components and Sessions

Modern software systems, in particular distributed ones, are everywhere around us and are at the basis of our everyday activities. Hence, guaranteeing their cor- rectness, consistency and safety is of paramount importance. Their complexity makes the verification of such properties a very challenging task. It is natural to expect that these systems are reliable and above all usable. i) In order to be reliable, compositional models of software systems need to account for consistent dynamic reconfiguration, i.e., changing at runtime the communication patterns of a program. ii) In order to be useful, compositional models of software systems need to account for interaction, which can be seen as communication patterns among components which collaborate together to achieve a common task. The aim of the Ph.D. was to develop powerful techniques based on formal methods for the verification of correctness, consistency and safety properties related to dynamic reconfiguration and communication in complex distributed systems. In particular, static analysis techniques based on types and type systems appeared to be an adequate methodology, considering their success in guaranteeing not only basic safety properties, but also more sophisticated ones like, deadlock or livelock freedom in a concurrent setting. The main contributions of this dissertation are twofold. i) On the components side: we design types and a type system for a concurrent object-oriented calculus to statically ensure consistency of dynamic reconfigurations related to modifications of communication patterns in a program during execution time. ii) On the communication side: we study advanced safety properties related to communication in complex distributed systems like deadlock-freedom, livelock- freedom and progress. Most importantly, we exploit an encoding of types and terms of a typical distributed language, session π-calculus, into the standard typed π- calculus, in order to understand their expressive power.

Development of JADE, a new software for the verification and validation of nuclear data libraries

Nuclear cross sections are the pillars onto which the transport simulation of particles and radiations is built on. Since the nuclear data libraries production chain is extremely complex and made of different steps, it is mandatory to foresee stringent verification and validation procedures to be applied to it. The work here presented has been focused on the development of a new python based software called JADE, whose objective is to give a significant help in increasing the level of automation and standardization of these procedures in order to reduce the time passing between new libraries releases and, at the same time, increasing their quality. After an introduction to nuclear fusion (which is the field where the majority of the V\&V action was concentrated for the time being) and to the simulation of particles and radiations transport, the motivations leading to JADE development are discussed. Subsequently, the code general architecture and the implemented benchmarks (both experimental and computational) are described. After that, the results coming from the major application of JADE during the research years are presented. At last, after a final discussion on the objective reached by JADE, the possible brief, mid and long time developments for the project are discussed.