Section: New Results

Verification of extensional properties

Participants : Elena Giachino, Cosimo Laneve, Tudor Alexandru Lascu, Davide Sangiorgi, Gianluigi Zavattaro.

Extensional refers to properties that have to do with behavioral descriptions of a system (i.e., how a system looks like from the outside). Examples of such properties include classical functional correctness and deadlock freedom. We mainly employ techniques based on behavioral equivalences (and preorders), and on types and logics. Type systems offer a good trade-off between expressiveness and efficiency of the techniques. A substantial amount of the work carried out this year has to do with the transfer of techniques between the areas of concurrency theory and object-oriented languages.

We have developed [29] a technique for the deadlock analysis of systems of concurrent object groups. The technique makes use of types in the form of contracts, that is, abstract descriptions of method's behaviours. Object groups are collections of objects that perform collective work. Within a group, there can be only one running thread at a time; the scheduling of threads is cooperative.

We have studied [37] the concept of ownership types, originally introduced for (sequential) object-oriented languages, in the setting of pure message-passing concurrency. Ownership types have the effect of statically preventing certain communications, and can block the accidental or malicious leakage of secrets. Intuitively, a channel defines a boundary and forbids access to its inside from outer channels, thus preserving the secrecy of the inner names from malicious outsiders.

In a different line of work, we have analyzed ad hoc networks, intended as networks of devices connected by wireless links and communicating via broadcast. We have considered [27] , [18] models in which the communication topology of a network is represented as a graph. Nodes represent states of individual processes, and adjacent nodes represent single-hop neighbors. Processes are finite state automata that communicate via selective broadcast messages. Reception of a broadcast is restricted to single-hop neighbors. In these systems we have studied various forms of reachability (example: the existence of an initial topology in which the execution of the protocol can lead to a configuration with at least one node in a certain state).

Induction is a pervasive tool in Computer Science and Mathematics for defining structures and reasoning on them. Coinduction is the dual of induction, and as such it brings in tools that are quite different from those provided by induction. The best known instance of coinduction is bisimulation, mainly employed to define and prove equalities among potentially infinite objects: processes, streams, non-well-founded sets, and so on. Sangiorgi has completed [47] , [49] two comprehensive textbooks on bisimulation and coinduction (in [49] , Sangiorgi is an editor, and author of two chapter contributions [48] , [46] ). The books explain the fundamental concepts and techniques, and the duality with induction. A special emphasis is put on bisimulation as a behavioural equivalence for processes. Thus the books also serve as an introduction to models for expressing processes, and to the associated techniques of operational and algebraic analysis.