Section: New Results

Foundations of Concurrency

Distributed systems have changed substantially in the recent past with the advent of phenomena like social networks and cloud computing. In the previous incarnation of distributed computing the emphasis was on consistency, fault tolerance, resource management and related topics; these were all characterized by interaction between processes. Research proceeded along two lines: the algorithmic side which dominated the Principles Of Distributed Computing conferences and the more process algebraic approach epitomized by CONCUR where the emphasis was on developing compositional reasoning principles. What marks the new era of distributed systems is an emphasis on managing access to information to a much greater degree than before.

The Concurrent constraint programming (ccp) paradigm focuses on information access and therefore it is suited for this new era of concurrent systems. Ccp singles out the fundamental aspects of asynchronous systems whose agents (or processes) evolve by accessing information in a global medium. In the works [20] , [21] , [31] , [26] described below we developed algorithms and extended the foundations of ccp.

Spatial and Epistemic Modalities for Constraint-based Calculi

Epistemic concepts were crucial in distributed computing as was realized in the mid 1980s with Halpern and Moses' groundbreaking paper on common knowledge. This led to a flurry of activity in the next few years with many distributed protocols being understood from an epistemic point of view. The impact of epistemic ideas in the concurrency theory community was slower in coming. We believe that epistemic ideas need to be exploited more by concurrency theorists and we did so in the following works.

In [26] we introduced spatial and epistemic process calculi for reasoning about spatial information and knowledge distributed among the agents of a system. We also introduced domain-theoretical structures to represent spatial and epistemic information. Finally we provided operational and denotational techniques for reasoning about the potentially infinite behaviour of spatial and epistemic processes. We also gave compact representations of infinite objects that can be used by processes to simulate announcements of common knowledge and global information. We also developed an interpreter of these calculi in [31] .

Bisimilarity for Constraint-based Calculi

Bisimilarity is a standard behavioural equivalence in concurrency theory, but a well-behaved notion of bisimilarity for ccp has been proposed only recently. When the state space of a system is finite, the ordinary notion of bisimilarity can be computed via the well-known partition refinement algorithm, but unfortunately, this algorithm does not work for ccp bisimilarity. In [20] we proposed a variation of the partition refinement algorithm for verifying ccp bisimilarity. To the best of our knowledge this is the first work providing for the automatic verification of program equivalence for ccp.

In [20] we only studied the strong version of bisimilarity. Weak bisimiliarity is obtained from the strong case by taking into account only the actions that are observable in the system. Typically, the standard partition refinement can also be used for deciding weak bisimilarity simply by using Milner's reduction from weak to strong bisimilarity; a technique referred to as saturation. In [21] we showed that, because of its involved labeled transitions, the above-mentioned saturation technique does not work for ccp. We also gave an alternative reduction from weak ccp bisimilarity to the strong one that allows us to use the ccp partition refinement algorithm for deciding this equivalence.

In the more traditional setting of the pi-calculus we have also proposed an approach to restrict access to information.

Locality in the Pi-Calculus

In [25] we enriched the pi-calculus with an operator for confidentiality (hide), whose main effect is to restrict the access to the object of the communication, thus representing confidentiality in a natural way. The hide operator is meant for local communication, and it differs from new in that it forbids the extrusion of the name and hence has a static scope. Consequently, a communication channel in the scope of a hide can be implemented as a dedicated channel, and it is more secure than one in the scope of a new. To emphasize the difference, we introduced a spy context that represents a side-channel attack and breaks some of the standard security equations for new. To formally reason on the security guarantees provided by the hide construct, we also introduced an observational theory and establish stronger equivalences by relying on a proof technique based on bisimulation semantics.

Foundations of Probabilistic Concurrent Systems

In [17] we have solved an open problem in the literature by proving that two known semantics for the probabilistic mu-calculus, a denotational semantics and a two-player stochastic game semantics, coincide on all models.

In [18] we have improved the result of [17] by introducing a new logic called probabilistic mu-calculus with independent product. We have proved that two semantics coincide in all models: a denotational semantics and a two-player game semantics based on a novel class of concurrent games. Furthermore, we have shown how the new logic is strictly more expressive than the other. This allows the encoding of other important temporal logics for probabilistic concurrent systems such as PCTL.

In [27] we have introduced a proof system designed for supporting human-aided verification of properties (expressed as probabilistic mu-calculus formulas ([17] ) of concurrent probabilistic processes described by SOS-style operational semantics.

Interference metrics for Mobile ad-hoc networks (MANETs)

Mobile ad-hoc networks consist of a collection of nodes that communicate with each other through wireless links without a pre-established networking infrastructure. A common feature of most of these networks is free node mobility. Each device will therefore change its links to other devices frequently. These frequent changes in the network topology can cause the nodes to continuously enter and exit each other transmission area. Hence, highly dynamic routing algorithms are needed to ensure the connectivity. Moreover, mobile devices may have strict requirements on the energy consumption because their expected life-time often depends on the energy stored in a battery or other exhaustible power sources. For these reasons, finding a good trade-off between network connectivity, power saving and interference reduction is one of the most critical challenges in managing mobile ad hoc networks. In [23] , we have proposed an effective framework for analysing protocol connectivity and measuring the level of interference and, based on that for developing novel interference-aware communication strategies. Though other models exist in the literature, to our best knowledge, our framework is the most comprehensive and effective for the behavioral analysis and a quantitative assessment of interference for wireless networks in the presence of node mobility.