The global interaction behavior in message-based systems can be specified as a finite-state machine defining acceptable sequences of messages exchanged by a group of peers. Realizability analysis determines if there exist local implementations for each peer, such that their composition produces exactly the intended global behavior. Although there are existing sufficient conditions for realizability, we show that these earlier results all fail for a particular class of specifications called arbitrary-initiator protocols. We present a novel algorithm for deciding realizability by computing a finite-state model that keeps track of the information about the global state of a conversation protocol that each peer can deduce from the messages it sends and receives. By searching for disagreements between each peer's deduced states, we provide a sound analysis for realizability that correctly classifies realizability of arbitrary-initiator protocols.
The document discusses several algorithms for computing the 3D convex hull of a set of points: gift wrapping, divide and conquer, and incremental. Gift wrapping directly extends the 2D algorithm and has complexity O(nF) where F is the number of faces. Divide and conquer recursively splits the point set into halves, computes the convex hulls, and merges them in O(n log n) time. The incremental algorithm maintains a conflict graph to efficiently find the visible faces from each new point in O(n log n) time.
This document contains questions related to management and entrepreneurship. It begins with questions about planning functions, strategic and tactical planning, and types of decisions. It then covers questions about organization structure, communication, control systems, and motivation theories. The second part includes questions about entrepreneurs, their characteristics and role in economic development. It also discusses barriers to entrepreneurship, small scale industries, and government support programs. The last section focuses on project contents, feasibility studies, and project appraisal steps.
This document discusses register allocation in compiler construction. It begins with an example of constructing an interference graph from a code snippet during liveness analysis. It then covers the main steps of register allocation: constructing interference graphs from liveness analysis, graph coloring to assign registers while minimizing spills, and handling move instructions through coalescing. It provides examples demonstrating graph coloring on interference graphs with different numbers of available registers.
The document discusses dataflow analysis and liveness analysis. It defines liveness analysis as determining which variables are "live" or may be needed in the future at different points in a program. This allows optimizations like register allocation by mapping live variables that do not overlap in time to the same register. The document outlines the formal definition of liveness, including live-in and live-out variables at each node, and provides an algorithm to compute liveness information through a fixed point iteration on the control flow graph.
ECCV2008: MAP Estimation Algorithms in Computer Vision - Part 1zukun
The document describes various algorithms for maximum a posteriori (MAP) estimation in computer vision problems. It discusses how MAP estimation involves defining an energy function consisting of unary and pairwise potentials, and finding the labeling that minimizes this energy function. Common computer vision problems addressed include binary image segmentation, object detection using parts-based models, and stereo correspondence. Computational challenges are discussed as MAP estimation is NP-hard in general, though approximate algorithms can be used.
This document summarizes two algorithms for computing properties of high-dimensional polytopes given access to certain oracle functions:
1. An algorithm for computing the edge-skeleton of a polytope in oracle polynomial-time using an oracle that returns the vertex maximizing a linear function.
2. A randomized algorithm for approximating the volume of a polytope by generating random points within it using a hit-and-run process, and estimating the volume from these points. The algorithm runs in oracle polynomial-time and provides an approximation with high probability.
Experimental results show the volume algorithm can approximate volumes of polytopes up to 100 dimensions within 1% error in under 2 hours, outperforming exact
I am Martin J. I am a DSP System Assignment Expert at matlabassignmentexperts.com. I hold a Master's in Matlab, University of Maryland. I have been helping students with their assignments for the past 10 years. I solve assignments related to the DSP System.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com.
You can also call on +1 678 648 4277 for any assistance with DSP System Assignment.
This document appears to be an exam question paper that contains questions related to management, entrepreneurship, digital signal processing, analog communication, and microwaves and radar. It provides instructions for answering 5 questions by selecting at least 2 from each part. The paper contains questions in two parts (Part A and Part B) for each subject. The questions generally ask students to explain, derive, or calculate certain terms, properties, or specifications related to the subjects.
The document discusses several algorithms for computing the 3D convex hull of a set of points: gift wrapping, divide and conquer, and incremental. Gift wrapping directly extends the 2D algorithm and has complexity O(nF) where F is the number of faces. Divide and conquer recursively splits the point set into halves, computes the convex hulls, and merges them in O(n log n) time. The incremental algorithm maintains a conflict graph to efficiently find the visible faces from each new point in O(n log n) time.
This document contains questions related to management and entrepreneurship. It begins with questions about planning functions, strategic and tactical planning, and types of decisions. It then covers questions about organization structure, communication, control systems, and motivation theories. The second part includes questions about entrepreneurs, their characteristics and role in economic development. It also discusses barriers to entrepreneurship, small scale industries, and government support programs. The last section focuses on project contents, feasibility studies, and project appraisal steps.
This document discusses register allocation in compiler construction. It begins with an example of constructing an interference graph from a code snippet during liveness analysis. It then covers the main steps of register allocation: constructing interference graphs from liveness analysis, graph coloring to assign registers while minimizing spills, and handling move instructions through coalescing. It provides examples demonstrating graph coloring on interference graphs with different numbers of available registers.
The document discusses dataflow analysis and liveness analysis. It defines liveness analysis as determining which variables are "live" or may be needed in the future at different points in a program. This allows optimizations like register allocation by mapping live variables that do not overlap in time to the same register. The document outlines the formal definition of liveness, including live-in and live-out variables at each node, and provides an algorithm to compute liveness information through a fixed point iteration on the control flow graph.
ECCV2008: MAP Estimation Algorithms in Computer Vision - Part 1zukun
The document describes various algorithms for maximum a posteriori (MAP) estimation in computer vision problems. It discusses how MAP estimation involves defining an energy function consisting of unary and pairwise potentials, and finding the labeling that minimizes this energy function. Common computer vision problems addressed include binary image segmentation, object detection using parts-based models, and stereo correspondence. Computational challenges are discussed as MAP estimation is NP-hard in general, though approximate algorithms can be used.
This document summarizes two algorithms for computing properties of high-dimensional polytopes given access to certain oracle functions:
1. An algorithm for computing the edge-skeleton of a polytope in oracle polynomial-time using an oracle that returns the vertex maximizing a linear function.
2. A randomized algorithm for approximating the volume of a polytope by generating random points within it using a hit-and-run process, and estimating the volume from these points. The algorithm runs in oracle polynomial-time and provides an approximation with high probability.
Experimental results show the volume algorithm can approximate volumes of polytopes up to 100 dimensions within 1% error in under 2 hours, outperforming exact
I am Martin J. I am a DSP System Assignment Expert at matlabassignmentexperts.com. I hold a Master's in Matlab, University of Maryland. I have been helping students with their assignments for the past 10 years. I solve assignments related to the DSP System.
Visit matlabassignmentexperts.com or email info@matlabassignmentexperts.com.
You can also call on +1 678 648 4277 for any assistance with DSP System Assignment.
This document appears to be an exam question paper that contains questions related to management, entrepreneurship, digital signal processing, analog communication, and microwaves and radar. It provides instructions for answering 5 questions by selecting at least 2 from each part. The paper contains questions in two parts (Part A and Part B) for each subject. The questions generally ask students to explain, derive, or calculate certain terms, properties, or specifications related to the subjects.
This document contains questions for an examination in Information Theory and Coding. It has two parts, with multiple choice and long answer questions. Part A focuses on information theory concepts like entropy, mutual information, and channel capacity. Questions ask students to calculate entropy and capacity for given sources and channels. Part B covers error control coding techniques, including linear block codes, cyclic codes, and convolutional codes. Questions require encoding and decoding binary codes, finding generator polynomials, and describing different coding schemes.
This document contains a 25 question multiple choice quiz about computer science topics. The questions cover topics like Boolean algebra, graphs, probability, algorithms, automata theory, programming languages, operating systems, computer networks, databases and software engineering. For each question there are 4 possible answer choices, with one being marked as the correct answer. Explanations are provided for some of the questions.
The document introduces data-flow analysis, which derives information about a program's dynamic behavior by examining its static code. It discusses liveness analysis, which determines whether a variable is live (will be used in the future) or dead at a given point. The concepts of control flow graphs, uses/defs, and solving the data-flow equations through iterative analysis are explained. An example liveness analysis is worked through to demonstrate the process.
Module 13 Gradient And Area Under A Graphguestcc333c
1) The document provides examples and questions related to calculating gradient, area under graphs, speed, velocity, and distance from speed-time and distance-time graphs.
2) It includes 10 multi-part questions testing concepts like calculating rate of change of speed, uniform speed, total distance, meeting time, and average speed.
3) Detailed step-by-step answers are provided for each question at the end to demonstrate how to apply the concepts to calculate the requested values.
The document discusses register allocation techniques used by compilers to optimize code generation. It describes how register allocation works by constructing a register interference graph and using graph coloring algorithms to assign temporaries to a limited number of machine registers. When graph coloring fails to find a solution, spilling of temporaries is used to reduce interferences and allow coloring. Cache optimization is also briefly covered.
On Resolution Proofs for Combinational Equivalencesatrajit
The document discusses generating resolution proofs for equivalence checking of combinational circuits. It describes how modern equivalence checking engines use transformations like structural hashing, functional hashing, and rewriting to simplify circuit structures, and how these transformations can be modeled as sequences of basic operations. It proposes maintaining correspondence between circuit transformations and resolution proof fragments, such that each basic operation generates a fragment deriving new clauses.
The document contains 10 math problems involving finding equations of lines from graphs, finding gradients, y-intercepts, x-intercepts, and points of intersection of parallel and perpendicular lines. It provides diagrams and step-by-step workings for calculating values related to the straight lines shown. The document tests skills in using properties of straight lines, simultaneous equations, and coordinate geometry.
This document provides a series of math word problems involving transformations. It includes:
1) Five sections with multiple parts assessing skills with translations, reflections, rotations, and enlargements/reductions. Problems include finding coordinates of transformed points and describing transformations.
2) Diagrams of figures on Cartesian planes along with their transformed images under different combinations of transformations.
3) Calculating areas of transformed figures when given the area of the original figure.
The document assesses a wide range of skills with geometric transformations, providing practice applying concepts of translations, reflections, rotations, and scale changes to specific word problems and diagrams.
Reducing Structural Bias in Technology Mappingsatrajit
The document discusses techniques to reduce structural bias in technology mapping. It proposes using supergates, which combine multiple library gates, to allow matches that intermediate points not present in the original circuit. It also describes performing lossless synthesis to merge equivalent networks and add choice nodes. Experimental results show the combined approach of supergates and lossless synthesis improves delay and area over the baseline.
This document discusses canonical-Laplace transforms and various testing function spaces. It begins by defining the canonical-Laplace transform and establishes some testing function spaces using Gelfand-Shilov technique, including CLa,b,γ, CLab,β, CLγa,b,β, CLa,b,β,n, and CLγa,,m,β,n. It then presents results on countable unions of s-type spaces, proving that various spaces can be expressed as countable unions and discussing topological properties. The document concludes by stating that canonical-Laplace transforms are generalized in a distributional sense and results on countable unions of s-type spaces are discussed, along with the topological structure
Cleansing test suites from coincidental correctness to enhance falut localiza...Tao He
This document discusses techniques for automatic fault localization. It introduces coverage-based fault localization (CBFL) which calculates the suspiciousness of statements based on their coverage in test cases and whether the test passed or failed. The document evaluates CBFL techniques like Jaccard, Tarantula and Ochiai coefficients by assigning scores to faulty programs based on the percentage of statements that need to be examined to find the fault. It discusses rewriting the coefficients to show that the rankings depend only on the number of times a statement is covered in failed and passed tests.
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
The document proposes a novel approach for designing online testable reversible circuits that can detect single bit errors. The approach works by converting each reversible gate in the circuit to a testable reversible gate with an additional output bit used for error detection. These testable gates are then cascaded to form testable blocks. An error checker circuit is constructed using modified Fredkin gates to examine the output bits of each testable block and produce a final error signal. Theoretical analysis proves the approach produces reversible and online testable circuits. Experimental results show the approach outperforms existing methods with fewer gates, garbage outputs, and quantum cost.
Runtime Monitoring of a Quantified Temporal Logic (Talk @ UniSA)Sylvain Hallé
The document discusses runtime monitoring of quantified temporal logic and its application to interface contracts in web applications. Specifically, it discusses using linear temporal logic with first-order quantification (LTL-FO+) to express properties of message sequences in web service interfaces by quantifying over elements in XML messages. This allows interface contracts to express constraints on messages while handling XML documents as the symbols in the logical language.
Runtime Verification for the Web (RV 2010 Tutorial)Sylvain Hallé
Web service message contracts are constraints on the values and sequences of XML messages that can be exchanged between a client’s web browser and an application server. This tutorial presents BeepBeep, a lightweight Java monitor that can check and enforce message contracts expressed as LTL formulae with first-order quantification over data fields. Its use is illustrated on real world web applications submitted to these kinds of contracts.
Model-Based Simulation of SOAP Web Services From Temporal Logic Specification...Sylvain Hallé
The document describes a method for automatically simulating SOAP web services from temporal logic specifications. It discusses how SOAP web services use XML messages in requests and responses to form transactions, but not all message sequences are valid. It presents challenges in creating a realistic stub service that follows constraints on valid sequences and parameter values. Current solutions involve hard-coding responses, but the document proposes using Linear Temporal Logic with First-Order quantifiers (LTL-FO+) to specify valid behavior, and decomposing the specification into a tree to guide automatic message generation. This allows producing response sequences directly from the logical constraints.
Cooperative Runtime Monitoring of LTL Interface Contracts (EDOC 2010)Sylvain Hallé
Requirements on message-based interactions can be formalized as an interface contract that specifies constraints on the sequence of possible messages that can be exchanged by multiple parties. At runtime, each peer can monitor incoming messages and check that the contract is correctly being followed by their respective senders. We introduce cooperative runtime monitoring, where a recipient “delegates” its monitoring task to the sender, which is required to provide evidence that the message it sends complies with the contract. In turn, this evidence can be quickly checked by the recipient, which is then guaranteed of the sender’s compliance to the contract without doing the monitoring computation by itself. A particular application of this concept is shown on web services, where service providers can monitor and enforce contract compliance of third-party clients at a small cost on the server side, while avoiding to certify or digitally sign them.
Activity Recognition Through Complex Event Processing: First Findings Sylvain Hallé
The activities of daily living of a patient in a smart home environment can be detected to a large extent by the real-time analysis of characteristics of the habitat's electrical consumption. However, reasoning over the conduct of these activities occurs at a much higher level of abstraction than what the sensors generally produce. In this paper, we leverage the concept of Complex Event Processing (CEP), in which low-level data streams are progressively transformed into higher-level ones, to the task of activity recognition. We show how the use of an appropriate representation for each level of abstraction can greatly simplify the process. We also report on the use of an existing event stream processor to successfully implement the complete chain, from low-level sensor data up to a sequence of discrete and high-level actions.
Temporal logic and functional reactive programmingSergei Winitzki
In my day job, most bugs come from imperatively implemented reactive programs. Temporal Logic and FRP are declarative approaches that promise to solve my problems. I will briey review the motivations behind
and the connections between temporal logic and FRP. I propose a rather "pedestrian" approach to propositional linear-time temporal logic (LTL), showing how to perform calculations in LTL and how to synthesize programs from LTL formulas. I intend to explain why LTL largely failed to
solve the synthesis problem, and how FRP tries to cope.
FRP can be formulated as a -calculus with types given by the propositional intuitionistic LTL. I will discuss the limitations of this approach, and outline the features of FRP that are required by typical application programming scenarios. My talk will be largely self-contained and should be understandable to anyone familiar with Curry-Howard and functional programming.
An older presentation I gave on temporal logic and model checking. Note that the diamond operator (signifying eventuality) does not appear properly in the uploaded slide.
This document contains multiple choice questions about MATLAB input and output, arithmetic operations, algebra, and managing variables. It asks about MATLAB commands, variable types, matrix operations, and polynomial functions. The correct answers are provided at the end.
Speeding Up Distributed Machine Learning Using CodesNAVER Engineering
발표자: 이강욱 (KAIST 박사 후 연구원)
발표일: 2017.5.
Kangwook Lee is a postdoctoral scholar in the School of EE at KAIST, working with Prof. Changho Suh. He received his PhD degree in 2016 from the EECS department at UC Berkeley under the supervision of Prof. Kannan Ramchandran. He also obtained his MS degree in EECS from UC Berkeley in 2012, and BS degree in EE from KAIST in 2010.
목차:
1. Coded Computation
2. Coded Shuffling
Unix and Shell Programming,
Q P Code: 60305.
Additional Mathematics I
Q P Code: 60306
Computer Organization and Architecture
Q P Code: 62303
Data Structures Using C
Q P Code: 60303
Discrete Mathematical Structures
Q P Code: 60304
Engineering Mathematics - III
Q P Code: 60301
Soft Skill Development
Q P Code: 60307
This document contains questions for an examination in Information Theory and Coding. It has two parts, with multiple choice and long answer questions. Part A focuses on information theory concepts like entropy, mutual information, and channel capacity. Questions ask students to calculate entropy and capacity for given sources and channels. Part B covers error control coding techniques, including linear block codes, cyclic codes, and convolutional codes. Questions require encoding and decoding binary codes, finding generator polynomials, and describing different coding schemes.
This document contains a 25 question multiple choice quiz about computer science topics. The questions cover topics like Boolean algebra, graphs, probability, algorithms, automata theory, programming languages, operating systems, computer networks, databases and software engineering. For each question there are 4 possible answer choices, with one being marked as the correct answer. Explanations are provided for some of the questions.
The document introduces data-flow analysis, which derives information about a program's dynamic behavior by examining its static code. It discusses liveness analysis, which determines whether a variable is live (will be used in the future) or dead at a given point. The concepts of control flow graphs, uses/defs, and solving the data-flow equations through iterative analysis are explained. An example liveness analysis is worked through to demonstrate the process.
Module 13 Gradient And Area Under A Graphguestcc333c
1) The document provides examples and questions related to calculating gradient, area under graphs, speed, velocity, and distance from speed-time and distance-time graphs.
2) It includes 10 multi-part questions testing concepts like calculating rate of change of speed, uniform speed, total distance, meeting time, and average speed.
3) Detailed step-by-step answers are provided for each question at the end to demonstrate how to apply the concepts to calculate the requested values.
The document discusses register allocation techniques used by compilers to optimize code generation. It describes how register allocation works by constructing a register interference graph and using graph coloring algorithms to assign temporaries to a limited number of machine registers. When graph coloring fails to find a solution, spilling of temporaries is used to reduce interferences and allow coloring. Cache optimization is also briefly covered.
On Resolution Proofs for Combinational Equivalencesatrajit
The document discusses generating resolution proofs for equivalence checking of combinational circuits. It describes how modern equivalence checking engines use transformations like structural hashing, functional hashing, and rewriting to simplify circuit structures, and how these transformations can be modeled as sequences of basic operations. It proposes maintaining correspondence between circuit transformations and resolution proof fragments, such that each basic operation generates a fragment deriving new clauses.
The document contains 10 math problems involving finding equations of lines from graphs, finding gradients, y-intercepts, x-intercepts, and points of intersection of parallel and perpendicular lines. It provides diagrams and step-by-step workings for calculating values related to the straight lines shown. The document tests skills in using properties of straight lines, simultaneous equations, and coordinate geometry.
This document provides a series of math word problems involving transformations. It includes:
1) Five sections with multiple parts assessing skills with translations, reflections, rotations, and enlargements/reductions. Problems include finding coordinates of transformed points and describing transformations.
2) Diagrams of figures on Cartesian planes along with their transformed images under different combinations of transformations.
3) Calculating areas of transformed figures when given the area of the original figure.
The document assesses a wide range of skills with geometric transformations, providing practice applying concepts of translations, reflections, rotations, and scale changes to specific word problems and diagrams.
Reducing Structural Bias in Technology Mappingsatrajit
The document discusses techniques to reduce structural bias in technology mapping. It proposes using supergates, which combine multiple library gates, to allow matches that intermediate points not present in the original circuit. It also describes performing lossless synthesis to merge equivalent networks and add choice nodes. Experimental results show the combined approach of supergates and lossless synthesis improves delay and area over the baseline.
This document discusses canonical-Laplace transforms and various testing function spaces. It begins by defining the canonical-Laplace transform and establishes some testing function spaces using Gelfand-Shilov technique, including CLa,b,γ, CLab,β, CLγa,b,β, CLa,b,β,n, and CLγa,,m,β,n. It then presents results on countable unions of s-type spaces, proving that various spaces can be expressed as countable unions and discussing topological properties. The document concludes by stating that canonical-Laplace transforms are generalized in a distributional sense and results on countable unions of s-type spaces are discussed, along with the topological structure
Cleansing test suites from coincidental correctness to enhance falut localiza...Tao He
This document discusses techniques for automatic fault localization. It introduces coverage-based fault localization (CBFL) which calculates the suspiciousness of statements based on their coverage in test cases and whether the test passed or failed. The document evaluates CBFL techniques like Jaccard, Tarantula and Ochiai coefficients by assigning scores to faulty programs based on the percentage of statements that need to be examined to find the fault. It discusses rewriting the coefficients to show that the rankings depend only on the number of times a statement is covered in failed and passed tests.
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
The document proposes a novel approach for designing online testable reversible circuits that can detect single bit errors. The approach works by converting each reversible gate in the circuit to a testable reversible gate with an additional output bit used for error detection. These testable gates are then cascaded to form testable blocks. An error checker circuit is constructed using modified Fredkin gates to examine the output bits of each testable block and produce a final error signal. Theoretical analysis proves the approach produces reversible and online testable circuits. Experimental results show the approach outperforms existing methods with fewer gates, garbage outputs, and quantum cost.
Runtime Monitoring of a Quantified Temporal Logic (Talk @ UniSA)Sylvain Hallé
The document discusses runtime monitoring of quantified temporal logic and its application to interface contracts in web applications. Specifically, it discusses using linear temporal logic with first-order quantification (LTL-FO+) to express properties of message sequences in web service interfaces by quantifying over elements in XML messages. This allows interface contracts to express constraints on messages while handling XML documents as the symbols in the logical language.
Runtime Verification for the Web (RV 2010 Tutorial)Sylvain Hallé
Web service message contracts are constraints on the values and sequences of XML messages that can be exchanged between a client’s web browser and an application server. This tutorial presents BeepBeep, a lightweight Java monitor that can check and enforce message contracts expressed as LTL formulae with first-order quantification over data fields. Its use is illustrated on real world web applications submitted to these kinds of contracts.
Model-Based Simulation of SOAP Web Services From Temporal Logic Specification...Sylvain Hallé
The document describes a method for automatically simulating SOAP web services from temporal logic specifications. It discusses how SOAP web services use XML messages in requests and responses to form transactions, but not all message sequences are valid. It presents challenges in creating a realistic stub service that follows constraints on valid sequences and parameter values. Current solutions involve hard-coding responses, but the document proposes using Linear Temporal Logic with First-Order quantifiers (LTL-FO+) to specify valid behavior, and decomposing the specification into a tree to guide automatic message generation. This allows producing response sequences directly from the logical constraints.
Cooperative Runtime Monitoring of LTL Interface Contracts (EDOC 2010)Sylvain Hallé
Requirements on message-based interactions can be formalized as an interface contract that specifies constraints on the sequence of possible messages that can be exchanged by multiple parties. At runtime, each peer can monitor incoming messages and check that the contract is correctly being followed by their respective senders. We introduce cooperative runtime monitoring, where a recipient “delegates” its monitoring task to the sender, which is required to provide evidence that the message it sends complies with the contract. In turn, this evidence can be quickly checked by the recipient, which is then guaranteed of the sender’s compliance to the contract without doing the monitoring computation by itself. A particular application of this concept is shown on web services, where service providers can monitor and enforce contract compliance of third-party clients at a small cost on the server side, while avoiding to certify or digitally sign them.
Activity Recognition Through Complex Event Processing: First Findings Sylvain Hallé
The activities of daily living of a patient in a smart home environment can be detected to a large extent by the real-time analysis of characteristics of the habitat's electrical consumption. However, reasoning over the conduct of these activities occurs at a much higher level of abstraction than what the sensors generally produce. In this paper, we leverage the concept of Complex Event Processing (CEP), in which low-level data streams are progressively transformed into higher-level ones, to the task of activity recognition. We show how the use of an appropriate representation for each level of abstraction can greatly simplify the process. We also report on the use of an existing event stream processor to successfully implement the complete chain, from low-level sensor data up to a sequence of discrete and high-level actions.
Temporal logic and functional reactive programmingSergei Winitzki
In my day job, most bugs come from imperatively implemented reactive programs. Temporal Logic and FRP are declarative approaches that promise to solve my problems. I will briey review the motivations behind
and the connections between temporal logic and FRP. I propose a rather "pedestrian" approach to propositional linear-time temporal logic (LTL), showing how to perform calculations in LTL and how to synthesize programs from LTL formulas. I intend to explain why LTL largely failed to
solve the synthesis problem, and how FRP tries to cope.
FRP can be formulated as a -calculus with types given by the propositional intuitionistic LTL. I will discuss the limitations of this approach, and outline the features of FRP that are required by typical application programming scenarios. My talk will be largely self-contained and should be understandable to anyone familiar with Curry-Howard and functional programming.
An older presentation I gave on temporal logic and model checking. Note that the diamond operator (signifying eventuality) does not appear properly in the uploaded slide.
This document contains multiple choice questions about MATLAB input and output, arithmetic operations, algebra, and managing variables. It asks about MATLAB commands, variable types, matrix operations, and polynomial functions. The correct answers are provided at the end.
Speeding Up Distributed Machine Learning Using CodesNAVER Engineering
발표자: 이강욱 (KAIST 박사 후 연구원)
발표일: 2017.5.
Kangwook Lee is a postdoctoral scholar in the School of EE at KAIST, working with Prof. Changho Suh. He received his PhD degree in 2016 from the EECS department at UC Berkeley under the supervision of Prof. Kannan Ramchandran. He also obtained his MS degree in EECS from UC Berkeley in 2012, and BS degree in EE from KAIST in 2010.
목차:
1. Coded Computation
2. Coded Shuffling
Unix and Shell Programming,
Q P Code: 60305.
Additional Mathematics I
Q P Code: 60306
Computer Organization and Architecture
Q P Code: 62303
Data Structures Using C
Q P Code: 60303
Discrete Mathematical Structures
Q P Code: 60304
Engineering Mathematics - III
Q P Code: 60301
Soft Skill Development
Q P Code: 60307
The document provides instructions for an online aerospace engineering examination. It states that the exam has 65 multiple-choice questions worth a total of 100 marks. Questions are either worth 1 or 2 marks depending on the question number. There is no negative marking for numerical answer questions but negative marking for multiple choice questions. Calculators are allowed but no other materials. The exam is timed for 3 hours.
The document discusses optimizing the dimensions of a box made from a 4m by 4m sheet of plastic to maximize its volume, and then optimizing the number of holes in the box to maximize oxygen intake and minimize carbon dioxide intake.
To maximize volume, the squares cut from the box corners should be 2/3m by 2/3m, giving a maximum volume of 4.7407m3.
To optimize gas rates, the number of holes was modeled with accumulation functions. Taking derivatives and finding critical points indicated 20 holes maximizes oxygen intake and minimizes carbon dioxide, ensuring proper ventilation for animals inside.
Ec2203 digital electronics questions anna university by www.annaunivedu.organnaunivedu
EC2203 Digital Electronics Anna University Important Questions for 3rd Semester ECE , EC2203 Digital Electronics Important Questions, 3rd Sem Question papers,
http://www.annaunivedu.org/digital-electronics-ec-2203-previous-year-question-paper-for-3rd-sem-ece-anna-univ-question/
This is a Question Papers of Mumbai University for B.Sc.IT Student of Semester - II [Computer Graphics] (Old Course). [Year - June / 2014] . . .Solution Set of this Paper is Coming soon..
The document describes a method called WADaR for repairing wrappers and the structured data they extract from web pages. WADaR first analyzes the extracted data to identify errors made by the wrapper, such as incorrectly segmented or misplaced values. It then uses techniques like sequence labeling and max-flow algorithms on a constructed network to identify the underlying correct structure of the data. Regular expressions are induced from the correctly structured data and used to repair both the extracted relations and the original wrappers. An evaluation on real-world datasets found the approach improved precision, recall, and F1-score of several existing wrapper generation systems by up to 30% across different domains.
Karnaugh maps (K-maps) are a graphical method used to obtain the most simplified form of a logic expression. K-maps allow visualization of logic variables to find patterns and group terms to minimize the expression. The document provides examples of 3-variable and 4-variable K-maps and demonstrates how they are used to simplify expressions through grouping of ones. It also gives examples of designing combinational logic circuits by deriving truth tables from problems, obtaining logic expressions, and simplifying using K-maps to arrive at the final circuit diagram.
Karnaugh maps (K-maps) are a graphical method used to obtain the most simplified form of a logic expression. K-maps allow visualization of logic variables to find patterns and group terms to minimize components. They provide rules to systematically simplify expressions into their simplest sum-of-products or product-of-sums form. Examples are given for 3-variable and 4-variable K-maps, showing how expressions can be derived from the maps. Combinational circuit design is also discussed, with examples of using truth tables derived from problems to design circuits by first finding unsimplified expressions, then simplifying and implementing.
Karnaugh maps (K-maps) are a graphical method used to obtain the most simplified form of a logic expression. K-maps allow visualization of logic variables to find patterns and group terms to minimize the expression. The document provides examples of 3-variable and 4-variable K-maps and demonstrates how they are used to simplify expressions through grouping of ones. It also discusses the design process for combinational digital circuits which involves deriving a truth table from requirements, obtaining the logic expression, simplifying it using K-maps or Boolean algebra, and drawing the logic circuit.
MongoDB Days UK: Indexing and Performance TuningMongoDB
Presented by Tom Schreiber, Senior Consulting Engineer, MongoDB
Experience level: Beginner
MongoDB supports a wide range of indexing options to enable fast querying of your data, but what are the right strategies for your application? In this talk we’ll cover how indexing works, the various indexing options, and cover use cases where each might be useful. We'll dive into common pitfalls using real-world examples to ensure that you're ready for scale. We'll show you the tools and techniques for diagnosing and tuning the performance of your MongoDB deployment. Whether you're running into problems or just want to optimize your performance, these skills will be useful.
The document discusses Karnaugh maps (K-maps), which are a tool for representing and simplifying Boolean functions with up to six variables. K-maps arrange the variables in a grid with cells representing minterms or maxterms. Adjacent cells that are both 1s can be combined to eliminate variables. The document provides examples of constructing K-maps from Boolean expressions and using them to find minimum sum of products (SOP) and product of sums (POS) expressions.
Homework Value of InformationPlease respond to the following.docxadampcarr67227
Homework
Value of Information
Please respond to the following:
-- Firms realize that in order to make money, they have to invest money. This can be attributed to the information that the firm relies on. As discussed in the text, there are seven characteristics of useful information. From the first e-Activity and assuming that you are new CFO of Strayer University, identify the top-three characteristics you would rely on the most for improving the profitability of the firm. Provide an example of how each characteristic would directly help the firm in terms of profitability.
-- On the other hand, public and private firms are accountable to a wide range of regulators and stakeholders. Of the seven characteristics, identify the top three that would be applicable to meeting the needs of regulators and stakeholders. Provide an example of how each characteristic would directly help the firm in terms of meeting the needs of these key regulators and stakeholders. [250 words][1-refreneces]
Impact of Design of an Accounting Information System (AIS)
Please respond to the following:
-- Some of the world’s most successful companies (Fortune 500) operate multiple lines of business. Despite this fact, many of these firms rely on a single AIS. From the second e-Activity, for the business you researched, examine how its lines of business would affect the design of a new AIS.
-- If the business was selecting a new AIS, examine how the business model would affect the design of a new AIS. [250 words][1-refreneces]
MAT 1214 – Brucks – Spring 2014 Name: ____________________________________________
Sample Exam 2
Part 2
Instructions: Answer all of the following on your own paper. Show all necessary work neatly, using proper notation, and
box your answers. When necessary, solutions may be expressed as decimals rounded to 3 places.
9. Show that the function ( ) has exactly one zero in the interval [ ], with the following steps:
a. Show that the function has at least one zero.
(Hint: To do this, show that the function changes sign in the interval.)
b. Show that the function has at most one zero.
(Hint: To do this, show that the function has no turning points in the interval.)
10. Given the velocity function ( ) and the initial position of the body moving along a coordinate line
( ) , find the body’s position at time with the following steps:
a. Find a family of functions ( ) having derivative ( ). (Use as an arbitrary constant.)
b. Find a particular member of that family of functions that satisfies the initial condition.
11. Determine the following for the function ( ) whose derivative is given below.
( ) ( )( )
a. Find the critical points of .
b. Determine the intervals on which is increasing and decreasing.
c. Determine the -values of the local extrema of by applying the first derivative test.
12. Determine the following for the function ( )
.
This is a Question Papers of Mumbai University for B.Sc.IT Student of Semester - III [Computer Graphics] (Revised Course). [Year - June / 2016] . . .Solution Set of this Paper is Coming soon...
This document provides a summary of Class 6 of the Programming with Data course. It introduces lists and common list procedures like cons, car, and cdr. It also discusses practice procedures like identity, pick-one, and middle. The class covers the history of Scheme and Lisp and how cons pairs are used to represent lists. Students are charged to read ahead and be prepared for an upcoming quiz covering material from the first five classes.
The document discusses computational complexity problems that are solvable in polynomial time but for which no significantly faster algorithms are known. It presents several such problems from areas like graph algorithms, computational biology, and computational geometry. It then discusses recent work that aims to establish conditional lower bounds for the runtime of such problems by relating their hardness to standard conjectures like 3SUM, APSP, SETH, orthogonal vectors, and small universe hitting set. Fine-grained reductions are used to show relationships between problems. Overall, the document outlines an approach for proving conditional lower bounds for problems solvable in polynomial time based on reasonable complexity theoretic conjectures.
The document contains a 20 question multiple choice exam covering various topics in mathematics and geometry. For each question, there are 5 potential answer choices labeled a-e. The questions cover topics such as functions, complex numbers, limits, integrals, geometry, and probability. At the end, a key is provided indicating the correct answer for each question.
This document contains a worksheet for the Compiler Design course CS6660. It includes questions related to lexical analysis, syntax analysis, and code generation. Specifically, it asks students to construct symbol tables, finite automata, parse trees, and three-address code. The questions are meant to help students learn and practice different phases of compiler construction.
An introduction to frequent pattern mining algorithms and their usage in mining log data. Presented by Krishna Sridhar (Dato) at Seattle DAML meetup, Feb 2016.
Similar to Realizability Analysis for Message-based Interactions Using Shared-State Projections (Talk @ FSE 2010) (20)
Monitoring Business Process Compliance Across Multiple Executions with Stream...Sylvain Hallé
The document discusses stream processing and querying of process logs. It defines a process log as a mapping of case identifiers to traces, which are sequences of events. Queries can check properties of individual traces or perform aggregations across multiple traces. Hyper-queries generalize this to operate on the full log. Various methods of incrementally evaluating queries and hyper-queries are discussed as the log is produced, such as processing one case or event at a time. The state of the art in constraint and query languages is reviewed.
A Stream-Based Approach to Intrusion DetectionSylvain Hallé
1) The document proposes an approach to intrusion detection based on runtime verification by running monitors on every suffix of an event stream to detect multiple instances of patterns.
2) It describes techniques to prune redundant monitors by discarding those that remain in the initial state after the first event or reach the same state at the same step.
3) Retaining only the "progressing subsequence" of the stream that visits each new state in order further reduces the number of matches.
Event Stream Processing with BeepBeep 3Sylvain Hallé
Event logs and event streams can be found in software systems of very diverse kinds. Analyzing the wealth of information contained in these logs can serve multiple purposes. In this tutorial, the audience will learn about BeepBeep, a versatile Java library intended to make the processing of event streams (either offline or in realtime) both fun and simple. BeepBeep is the result of more than a decade of research led by a team at Laboratoire d’informatique formelle at Université du Québec à Chicoutimi (Canada). Over the past few years, BeepBeep has been involved in a variety of case studies, and provides built-in support for writing domain-specific languages. Recently, a complete textbook has been published on BeepBeep, testifying to the maturity that the system has acquired.
Smart Contracts-Enabled Simulation for Hyperconnected LogisticsSylvain Hallé
(Slides for a talk given in the journal-first track of the EDOC 2022 conference.)
The combination of the Internet of Things and blockchain-based technologies represents a real opportunity for supply chain and logistics protagonists, who need more dynamic, trustworthy and transparent tracking systems in order to improve their efficiency and strengthen customer confidence. In parallel, hyperconnected logistics promise more efficient and sustainable goods handling and delivery. This chapter shows how the Ethereum blockchain and smart contracts can be used to implement a shareable and secured tracking system for hyperconnected logistics. A simulation using the well-known AnyLogic software tool provides insights on the monitoring of properties depicting shipment lifecycle constraints through a stream of blockchain log events processed by BeepBeep 3, an open source stream processing engine.
Test Suite Generation for Boolean Conditions with Equivalence Class PartitioningSylvain Hallé
Boolean test input generation is the process of finding sets of values for variables of a logical expression such that a given coverage criterion is achieved. This paper presents a formal framework in which evaluating an expression produces a tree structure, and where a coverage criterion is expressed as equivalence classes induced by a particular transformation over these trees. It then defines many well-known coverage criteria as particular cases of this framework. The paper describes an algorithm to generate test suites by a reduction through a graph problem; this algorithm works in the same way regardless of the criterion considered. An experimental evaluation of this technique shows that it produces test suites that are in many cases smaller than existing tools.
Synthia: a Generic and Flexible Data Structure Generator (Long Version)Sylvain Hallé
Synthia is a versatile, modular and extensible Java-based data structure generation library. It is centered on the notion of "pickers", which are objects producing values of a given type on demand. Pickers are stateful and can be given as input to other pickers; this chaining principle can generate objects whose structure follows a complex pattern. The paper describes the core principles and key features of the library, including test input shrinking, provenance tracking, and object mutation.
Test Sequence Generation with Cayley Graphs (Talk @ A-MOST 2021)Sylvain Hallé
The paper presents a theoretical foundation for test sequence generation based on an input specification. The set of possible test sequences is first partitioned according to a generic "triaging" function, which can be created from a state-machine specification in various ways. The notion of coverage metric is then expressed in terms of the categories produced by this function. Many existing test generation problems, such as t-way state or transition coverage, become particular cases of this generic framework. We then present algorithms for generating sets of test sequences providing guaranteed full coverage with respect to a metric, by building and processing a special type of graph called a Cayley graph. An implementation of these concepts is then experimentally evaluated against existing techniques, and shows it provides better performance in terms of running time and test suite size.
Efficient Offline Monitoring of LTL with Bit Vectors (Talk at SAC 2021)Sylvain Hallé
We describe an extension of the BeepBeep stream processing library for the offline verification of arbitrary expressions of Linear Temporal Logic using bitmap manipulations. Experimental results show that, for complex LTL formulæ containing up to 20 operators, event traces can be evaluated at a throughput of millions of events per second and provide a considerable speed-up compared to the current implementation of the tool.
A Generic Explainability Framework for Function CircuitsSylvain Hallé
The document describes a framework for explaining the output of function circuits. It introduces the concept of functions as basic processing units that take inputs and produce outputs. Functions can be composed into circuits where the output of one function is the input of another. The framework represents circuits using designation graphs that trace the propagation of values between function inputs and outputs. It defines derivation operators that take a designation graph and reconstruct the derivation of an output value from input values through the functions in the circuit. This allows explaining how a circuit produced a particular output from its inputs.
Detecting Responsive Web Design Bugs with Declarative SpecificationsSylvain Hallé
Responsive Web Design (RWD) is a concept that is born from the need to provide users with a positive and intuitive experience, no matter what device they use. Complex Cascading Style Sheets (CSS) are used in RWD to smoothly change the appearance of a website based on the window width of the device being used. The paper presents an automated approach for testing these dynamic web applications, where a combination of dynamic crawling and back-end testing is used to automatically detect RWD bugs.
Streamlining the Inclusion of Computer Experiments in Research PapersSylvain Hallé
To run experiments on a computer, you probably write command-line scripts for various tasks: generate your data, save it into files, process and display them as plots or tables to include in a paper. But soon enough, your handful of “quick and dirty” files becomes a bunch of poorly documented scripts that generate and pass around all kinds of obscure temporary files. LabPal is a library that allows you to set up an environment for running experiments, collating their results and processing them.
Writing Domain-Specific Languages for BeepBeepSylvain Hallé
This paper describes a plug-in extension of the BeepBeep 3 event stream processing engine. The extension allows one to write a custom grammar defining a particular specification language on event traces. A built-in interpreter can then convert expressions of the language into chains of BeepBeep processors through just a few lines of code, making it easy for users to create their own domain-specific languages.
Real-Time Data Mining for Event StreamsSylvain Hallé
Information systems produce different types of event logs; in many situations, it may be desirable to look for trends inside these logs. We show how trends of various kinds can be computed over such logs in real time, using a generic framework called the trend distance workflow. Many common computations on event streams turn out to be special cases of this workflow, depending on how a handful of workflow parameters are defined. This process has been implemented and tested in a real-world event stream processing tool, called BeepBeep.
Technologies intelligentes d'aide au développement d'applications web (WAQ 2018)Sylvain Hallé
Surfez sur le web quelques heures, et vous trouverez sûrement un site ou une application qui contient un bogue dans son interface graphique. Que ce soit un bouton qui ne fonctionne pas, un rectangle partiellement caché ou mal positionné, il semble que les problèmes d’interface soient notoirement difficiles à traquer! Des technologies intelligentes pourraient-elles aider les concepteurs et les développeurs à mieux tester leurs interfaces? Au Laboratoire d’informatique formelle de l’Université du Québec à Chicoutimi, nous le croyons. Nous avons développé Cornipickle, un logiciel permettant à un développeur d’énoncer, dans un langage simple et lisible, une foule de contraintes sur le positionnement et le contenu des éléments d’une interface web. Nous verrons comment Cornipickle peut s’intégrer à une application existante, détecter des problèmes, identifier les éléments qui sont fautifs et même suggérer des correctifs. Ceci permet donc à un développeur de gagner beaucoup de temps lors de la recherche des problèmes.
This document provides an overview of BeepBeep 3, an open source event stream query engine developed for processing and analyzing event streams. It describes some key concepts including events, traces, functions, processors, synchronous processing, and various built-in processors like Filter, Window, and Cumulative. Processors can be composed together to perform multi-step queries on event streams. The engine aims to combine strengths from rule-based and complex event processing systems while providing extensibility through additional processor and function palettes.
A "Do-It-Yourself" Specification Language with BeepBeep 3 (Talk @ Dagstuhl 2017)Sylvain Hallé
This talk reviews the basic principles behind the BeepBeep 3 event stream processing engine, and the facilities it provides to help you design you own, domain-specific query language.
Event Stream Processing with Multiple ThreadsSylvain Hallé
The document discusses event stream processing using multiple threads. It presents the problem of processing an input event stream through a computation P to produce an output event stream as a single task. The solution involves splitting the computation P into parts that can be processed in parallel by multiple threads to improve efficiency.
The system is based on connecting simple computing units called processors into a pipeline. New thread-aware processors are introduced, including ones for non-blocking pushing of events, pull pipelines, and preemptive pulling. These allow existing queries to gain multi-threading capabilities with minimal changes. Experimental results on sample queries show speedups from 5% to 400% by adding just one thread-aware processor.
A Few Things We Heard About RV Tools (Position Paper)Sylvain Hallé
This document discusses feedback received about RV tools from various sources. It includes comments on making a profit from clicking buttons, whether the tools can already do certain things, if tasks only require a boolean, writing properties, how long tasks take, and if the data can be considered big data. The document also notes that some of the feedback is not specific to RV tools.
Solving Equations on Words with Morphisms and AntimorphismsSylvain Hallé
Word equations are combinatorial equalities between strings of symbols, variables and functions, which can be used to model problems in a wide range of domains. While some complexity results for the solving of specific classes of equations are known, currently there does not exist a systematic equation solver. We present in this paper a reduction of the problem of solving word equations to Boolean satisfiability, and describe the implementation of a general-purpose tool that leverages existing SAT solvers for this purpose. Our solver will prove useful in the resolution of word equations, and in the computer-based exploration of various combinatorial conjectures.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Realizability Analysis for Message-based Interactions Using Shared-State Projections (Talk @ FSE 2010)
1. Sylvain Hallé
Sylvain Hallé and Tevfik Bultan
Realizability Analysis for
Message-Based Interactions
Using Shared-State Projections
Université du Québec à Chicoutimi
CANADA
University of California Santa Barbara
USA
3. Sylvain Hallé
Coordination problem in Service-Oriented
Architecture (SOA)
?Choreography specification and analysis
Choreography and orchestration conformance
Process isolation in Operating Systems
Message-based communication instead of shared data
Channel contracts in Singularity OS
Channel contract analysis and conformance
Session types
?
?
?
?
?
Motivation for message-based communication
4. Sylvain Hallé
Conversation protocol ( )C
Finite-state machine describing global sequences of messages
sent between peers
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
Context
5. Sylvain Hallé
Examples of conversation protocols:
Web service choreographies
Channel contracts in Microsoft Singularity OS
Context
C S : GetTpmStatus®C S : GetTpmStatus®
ReadyStateS0
ReadyStateS1
ReadyState
C S : Send®
S C : AckStartSend®
S C : SendComplete®
S C : TpmStatus®
IO_RUNNINGS0
IO_RUNNING
S C : TpmStatus®
6. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
C
C C ... C
7. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C p( )A C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
Let’s compute the projection of for Alice ( )
C
C C ... C
Cp
8. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
{ }0
C p( )A C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
Let’s compute the projection of for Alice ( )
C
C C ... C
Cp
9. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
A®B: m1
{ }1
{0}
C p( )A C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
Let’s compute the projection of for Alice ( )
C
C C ... C
Cp
10. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
A®B: m1
{1, }3
{0}
C p( )A C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
Let’s compute the projection of for Alice ( )
C
C C ... C
Cp
11. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
A®B: m1 B®A: m2
{1,3} { }2
{0}
C p( )A C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
Let’s compute the projection of for Alice ( )
C
C C ... C
Cp
12. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
A®B: m1
A®C: m4
B®A: m2
{ }4
{1,3} {2}
{0}
C p( )A C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
Let’s compute the projection of for Alice ( )
C
C C ... C
Cp
13. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
A®B: m1
A®C: m4
B®A: m2
{4, }5
{1,3} {2}
{0}
C p( )A C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
Let’s compute the projection of for Alice ( )
C
C C ... C
Cp
14. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
C p( )A C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
Let’s compute the projection of for Alice ( )
C
C C ... C
Cp
15. Sylvain Hallé
Problem
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
C
From a conversation protocol and peers A, B, ..., synthesize
‘‘local’’ protocols , , whose composition produces L( )A B
Let’s compute the projection of for Alice ( )
C
C C ... C
Cp
p( )A C
16. Sylvain Hallé
Composing the projections
Alice
Bob
Carl
p( )A C
p( )B C
p( )C C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0} A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
17. Sylvain Hallé
Alice
Bob
Carl
p( )A C
p( )B C
p( )C C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0} A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
Composing the projections
18. Sylvain Hallé
Alice
Bob
Carl
p( )A C
p( )B C
p( )C C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0} A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m3
Composing the projections
19. Sylvain Hallé
Alice
Bob
Carl
p( )A C
p( )B C
p( )C C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0} A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m5
Composing the projections
24. Sylvain Hallé
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
Channel system
25. Sylvain Hallé
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
Channel system
26. Sylvain Hallé
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
Channel system
27. Sylvain Hallé
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m2
Channel system
28. Sylvain Hallé
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m2
Channel system
29. Sylvain Hallé
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m2
?m2
Channel system
30. Sylvain Hallé
What happened?
It is easy to show that
L( ) ÍL( )
i.e. each peer p follows its projection ( ), but the resultingp
interaction may not be part of !
A protocol is realizable when L( ) =L( )
C
C
C
C
C
C
p
Realizability
.
.
31. Sylvain Hallé
What happened?
It is easy to show that
L( ) ÍL( )
i.e. each peer p follows its projection ( ), but the resultingp
interaction may not be part of !
A protocol is realizable when L( ) =L( )
How can we determine if a conversation protocol is
realizable?
C
C
C
C
C
C
p
Realizability
.
.
?
?
32. Sylvain Hallé
How can we determine (un)realizability?
Solution A
Compute the from the projections; look for a
‘‘bad sequence’’
channel system
A B : m1®, !
A B : m1®, ?
A B : m1®, ?A B : m1®, !
A B : m4®, !
A B : m4®, ? B C : m3®, !
B C : m3®, !
B C : m3®, ?
C A : m , !2®
C A : m2®, !
C A : m2®, !
C A : m2®, !
C A : m2®, ?
({0},{0,2},{0,1}), ((A,e),(B, ),(C, ))ee
({1,3},{3},{3}), ((A,e),(B, ),(C, ))ee
({2},{0,2},{2,4}), ((A,e),(B, ),(C, ))ee
({4},{4},{2,4}), ((A,e),(B, ),(C, ))ee
({1,3},{1},{0,1}), ((A,e),(B, ),(C, ))ee
({0},{0,2},{2,4}), ((A, ),(B, ),(C, ))C A : m ee2®
({4},{0,2},{2,4}), ((A, ),(B, ),(C, ))eA B : m e4® ({1,3},{1},{2,4}), ((A, ),(B, ),(C, ))C A : m ee2®
({1,3},{0,2},{2,4}), ((A, ),(B, ),(C, ))C A : m A B : m e2 1®®
({1,3},{3},{2,4}), ((A, ),(B, ),(C, ))C A : m eB C : m2 3® ®
({1,3},{0,2},{0,1}), ((A, ),(B, ),(C, ))eA B : m e1®
({1,3},{3},{0,1}), ((A, ),(B, ),(C, ))eeB C : m3®
33. Sylvain Hallé
How can we determine (un)realizability?
Solution A
Compute the from the projections; look for a
‘‘bad sequence’’
channel system
A B : m1®, !
A B : m1®, ?
A B : m1®, ?A B : m1®, !
A B : m4®, !
A B : m4®, ? B C : m3®, !
B C : m3®, !
B C : m3®, ?
C A : m , !2®
C A : m2®, !
C A : m2®, !
C A : m2®, !
C A : m2®, ?
({0},{0,2},{0,1}), ((A,e),(B, ),(C, ))ee
({1,3},{3},{3}), ((A,e),(B, ),(C, ))ee
({2},{0,2},{2,4}), ((A,e),(B, ),(C, ))ee
({4},{4},{2,4}), ((A,e),(B, ),(C, ))ee
({1,3},{1},{0,1}), ((A,e),(B, ),(C, ))ee
({0},{0,2},{2,4}), ((A, ),(B, ),(C, ))C A : m ee2®
({4},{0,2},{2,4}), ((A, ),(B, ),(C, ))eA B : m e4® ({1,3},{1},{2,4}), ((A, ),(B, ),(C, ))C A : m ee2®
({1,3},{0,2},{2,4}), ((A, ),(B, ),(C, ))C A : m A B : m e2 1®®
({1,3},{3},{2,4}), ((A, ),(B, ),(C, ))C A : m eB C : m2 3® ®
({1,3},{0,2},{0,1}), ((A, ),(B, ),(C, ))eA B : m e1®
({1,3},{3},{0,1}), ((A, ),(B, ),(C, ))eeB C : m3®
34. Sylvain Hallé
How can we determine (un)realizability?
Solution A
Compute the from the projections; look for a
‘‘bad sequence’’
Problem: in some cases, the channel system is
channel system
infinite
A B : m1®, !
A B : m1®, ?
A B : m1®, ?A B : m1®, !
A B : m4®, !
A B : m4®, ? B C : m3®, !
B C : m3®, !
B C : m3®, ?
C A : m , !2®
C A : m2®, !
C A : m2®, !
C A : m2®, !
C A : m2®, ?
({0},{0,2},{0,1}), ((A,e),(B, ),(C, ))ee
({1,3},{3},{3}), ((A,e),(B, ),(C, ))ee
({2},{0,2},{2,4}), ((A,e),(B, ),(C, ))ee
({4},{4},{2,4}), ((A,e),(B, ),(C, ))ee
({1,3},{1},{0,1}), ((A,e),(B, ),(C, ))ee
({0},{0,2},{2,4}), ((A, ),(B, ),(C, ))C A : m ee2®
({4},{0,2},{2,4}), ((A, ),(B, ),(C, ))eA B : m e4® ({1,3},{1},{2,4}), ((A, ),(B, ),(C, ))C A : m ee2®
({1,3},{0,2},{2,4}), ((A, ),(B, ),(C, ))C A : m A B : m e2 1®®
({1,3},{3},{2,4}), ((A, ),(B, ),(C, ))C A : m eB C : m2 3® ®
({1,3},{0,2},{0,1}), ((A, ),(B, ),(C, ))eA B : m e1®
({1,3},{3},{0,1}), ((A, ),(B, ),(C, ))eeB C : m3®
35. Sylvain Hallé
How can we determine (un)realizability?
Solution B: devise on the original protocol
1. Three realizability conditions (Fu, Bultan, Su, TSE 2005)
1) Synchronous compatible
Every time a peer can send a message m, its recipient
must be in (or reach) a state where m can be received
2) Autonomous
At any moment, a peer cannot be both sender and
receiver
3) Lossless-join
The ‘‘Cartesian product’’ of the ( ) produces L( )p
conditions
.
.
pC C
3
36. Sylvain Hallé
How can we determine (un)realizability?
Solution B: devise on the original protocol
2. Session types (Honda et al., ESOP 1998, POPL 2008)
A programmer describes a scenario as a type G
Each component of the interaction is developed
independently and periodically checked to make sure it is
typable against its projection on G
conditions
3
37. Sylvain Hallé
How can we determine (un)realizability?
Problem: both sets are sufficient, but not necessary for
realizability
3
C S : c®
C S : c®S C : f®
S C : f®
C S : s®
0
1
2 3
4
38. Sylvain Hallé
How can we determine (un)realizability?
Problem: both sets are sufficient, but not necessary for
realizability
3
C S : c®
C S : c®S C : f®
S C : f®
C S : s®
0
1
2 3
4
Fu et al.: ‘‘fails
autonomous
condition’’
Honda et al.:
‘‘not typable’’
39. Sylvain Hallé
How can we determine (un)realizability?
Problem: both sets are sufficient, but not necessary for
realizability
3
C S : c®
C S : c®S C : f®
S C : f®
C S : s®
0
1
2 3
4
Realizable!
Fu et al.: ‘‘fails
autonomous
condition’’
Honda et al.:
‘‘not typable’’
40. Sylvain Hallé
How can we determine (un)realizability?
Problem: both sets are sufficient, but not necessary for
realizability
Both approaches incorrectly classify all protocols with an
arbitrary initiator
3
C S : c®
C S : c®S C : f®
S C : f®
C S : s®
0
1
2 3
4
Fu et al.: ‘‘fails
autonomous
condition’’
Honda et al.:
‘‘not typable’’
Realizable!
41. Sylvain Hallé
How can we determine (un)realizability?
Problem: both sets are sufficient, but not necessary for
realizability
Both approaches incorrectly classify all protocols with an
arbitrary initiator
3
C S : c®
C S : c®S C : f®
S C : f®
C S : s®
0
1
2 3
4
Fu et al.: ‘‘fails
autonomous
condition’’
Honda et al.:
‘‘not typable’’
Realizable!
43. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
44. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
Is there a state that every peer can accept as
the current global state of ?C
45. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
Is there a state that every peer can accept as
the current global state of ?C
{0}
46. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
Is there a state that every peer can accept as
the current global state of ?C
{0} {0}
47. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
Is there a state that every peer can accept as
the current global state of ?C
{0} {0} {0,1,2}
48. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
Is there a state that every peer can accept as
the current global state of ?C
{0} {0} {0,1,2} = {0}ÇÇ
49. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m1
50. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m2
m2
51. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m2
m2
Is there a state that every peer can accept as
the current global state of ?C
52. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m2
m2
Is there a state that every peer can accept as
the current global state of ?C
{1,3}
53. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m2
m2
Is there a state that every peer can accept as
the current global state of ?C
{1,3} {2,4}
54. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m2
m2
Is there a state that every peer can accept as
the current global state of ?C
{1,3} {2,4} {0,1,2}
55. Sylvain Hallé
Key observation
Alice
Bob
Carl
p( )A C
A®B: m1
A®C: m4C®A: m5
B®A: m2
{4,5}
{1,3} {2}
{0}
p( )B C
A®B: m1
C®B: m6B®C: m3
B®A: m2
{3,5}
{1} {2,4}
{0}
p( )C C
B®C: m3
C®B: m6C®A: m5
A®C: m4
{5}
{3} {4}
{0,1,2}
m1
m2
m2
Is there a state that every peer can accept as
the current global state of ?C
{1,3} {2,4} {0,1,2} = ÆÇÇ
57. Sylvain Hallé
Key observation
3
Alice Bob, &
don't agree on a common
global protocol state
"problems"
Intuitively...
When computing a projection for Alice, let’s keep track of the
possible state that Bob and Carl be in...can
Carl
58. Sylvain Hallé
Key observation
3
Alice Bob, &
don't agree on a common
global protocol state
"problems"
Intuitively...
When computing a projection for Alice, let’s keep track of the
possible state that Bob and Carl be in...
...and check if we ever reach a moment where they
disagree
can
might
Carl
59. Sylvain Hallé
Key observation
3
Alice Bob, &
don't agree on a common
global protocol state
"problems"
Intuitively...
When computing a projection for Alice, let’s keep track of the
possible state that Bob and Carl be in...
...and check if we ever reach a moment where they
disagree
can
might
shared-state projections
Carl
60. Sylvain Hallé
Key observation
3
Alice Bob, &
don't agree on a common
global protocol state
"problems"
Intuitively...
When computing a projection for Alice, let’s keep track of the
possible state that Bob and Carl be in...
...and check if we ever reach a moment where they
disagree
can
might
shared-state projections
Carl
conservative
approximations
62. Sylvain Hallé
Proof sketch
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
C
C
.
p^ finite
63. Sylvain Hallé
Proof sketch
^
^
finite
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
3. Show that ( ) is an over-approximation of thep
‘‘standard’’ projection ( ).p
C
C
C
C
.
.
.
p
p
p
64. Sylvain Hallé
Proof sketch
. .^
^
^
finite
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
3. Show that ( ) is an over-approximation of thep
‘‘standard’’ projection ( ). ÞL( ) ÍL( )p
C
C
C
C
.
.
.
p
p
Cp C
65. Sylvain Hallé
Proof sketch
. .^
^
^
^
finite
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
3. Show that ( ) is an over-approximation of thep
‘‘standard’’ projection ( ). ÞL( ) ÍL( )p
4. Define a condition for ‘‘bad’’ states of ( )p
C
C
C
C
C
.
.
.
p
p
C
p
p C
66. Sylvain Hallé
Proof sketch
. .^
^
^
^
finite
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
3. Show that ( ) is an over-approximation of thep
‘‘standard’’ projection ( ). ÞL( ) ÍL( )p
4. Define a condition for ‘‘bad’’ states of ( )p
5. Show that no trace in L( ) ever visits a bad state
C
C
C
C
C
C
.
.
.
.
p
p
C
p
p C
67. Sylvain Hallé
Proof sketch
. .^
^
^
^
finite
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
3. Show that ( ) is an over-approximation of thep
‘‘standard’’ projection ( ). ÞL( ) ÍL( )p
4. Define a condition for ‘‘bad’’ states of ( )p
5. Show that no trace in L( ) ever visits a bad state
6. Consequence: if no bad state is ever generated, then
C
C
C
C
C
C
.
.
.
.
.
p
p
C
p
p C
68. Sylvain Hallé
Proof sketch
.
.
.^
^
^
^
L( ) ÍL( ) ÍL( )C C C
{
already
seen
{
by 3
.^
finite
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
3. Show that ( ) is an over-approximation of thep
‘‘standard’’ projection ( ). ÞL( ) ÍL( )p
4. Define a condition for ‘‘bad’’ states of ( )p
5. Show that no trace in L( ) ever visits a bad state
6. Consequence: if no bad state is ever generated, then
C
C
C
C
C
C
.
.
.
.
.
p
p
C
p
p C
69. Sylvain Hallé
Proof sketch
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
3. Show that ( ) is an over-approximation of thep
‘‘standard’’ projection ( ). ÞL( ) ÍL( )p
4. Define a condition for ‘‘bad’’ states of ( )p
5. Show that no trace in L( ) ever visits a bad state
6. Consequence: if no bad state is ever generated, then
C
C
C
C
C
C
.
.
.
.
.
p
p
C
p
p C
.
.
.^
^
^
^
L( ) ÍL( ) ÍL( ) ÍL( )C CC C
{
already
seen
{
by 3
{
by 5
.^
finite
70. Sylvain Hallé
Proof sketch
.
. .
.^
^
^
^
L( ) ÍL( ) ÍL( ) ÍL( )C CC C
{
already
seen
{
by 3
{
by 5
ÞL( ) =L( )C C
.^
finite
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
3. Show that ( ) is an over-approximation of thep
‘‘standard’’ projection ( ). ÞL( ) ÍL( )p
4. Define a condition for ‘‘bad’’ states of ( )p
5. Show that no trace in L( ) ever visits a bad state
6. Consequence: if no bad state is ever generated, then
C
C
C
C
C
C
.
.
.
.
.
p
p
C
p
p C
71. Sylvain Hallé
Proof sketch
.
. .
.^
^
^
^
L( ) ÍL( ) ÍL( ) ÍL( )C CC C
{
already
seen
{
by 3
{
by 5
ÞL( ) =L( )
Þis realizable!
C
C
C
.^
finite
1. Start from a conversation protocol
2. For each peer p, define a projection ( )p
3. Show that ( ) is an over-approximation of thep
‘‘standard’’ projection ( ). ÞL( ) ÍL( )p
4. Define a condition for ‘‘bad’’ states of ( )p
5. Show that no trace in L( ) ever visits a bad state
6. Consequence: if no bad state is ever generated, then
C
C
C
C
C
C
.
.
.
.
.
p
p
C
p
p C
73. Sylvain Hallé
A realizability condition
Workflow for evaluating realizability of :
1. For some peer p, compute the shared-state projection.
Guaranteed to terminate, as ( ) is finitep
C
Cp^
74. Sylvain Hallé
A realizability condition
Workflow for evaluating realizability of :
1. For some peer p, compute the shared-state projection.
Guaranteed to terminate, as ( ) is finitep
2. In that projection, look for a bad state. Answer
‘ might be unrealizable’ as soon as one is found
C
C
C
p^
75. Sylvain Hallé
A realizability condition
Workflow for evaluating realizability of :
1. For some peer p, compute the shared-state projection.
Guaranteed to terminate, as ( ) is finitep
2. In that projection, look for a bad state. Answer
‘ might be unrealizable’ as soon as one is found
3. Otherwise, repeat 1-2 for another peer
C
C
C
p^
76. Sylvain Hallé
A realizability condition
Workflow for evaluating realizability of :
1. For some peer p, compute the shared-state projection.
Guaranteed to terminate, as ( ) is finitep
2. In that projection, look for a bad state. Answer
‘ might be unrealizable’ as soon as one is found
3. Otherwise, repeat 1-2 for another peer
4. Answer ‘ is realizable’ if no conflict state could be found for
any of the peers
C
C
C
C
p^
77. Sylvain Hallé
Shared-state projection
3
Shared-state projection
focus peer
one one
( )p
Let P be a set of peers and a conversation protocol with states
S. Select one peer p as the .
S
?A state of ( ) is a mapping P ®2 that defines onep
subset of S for each peer: the possible states of
?A transition from to , sending message m, is taken
whenever of the peers can send m from of its
current possible states of
?The consequences of that transition yield the next possible
states of for each peer
p
p
C
C
C
C
C
C
s
s s’
.
.
^
^
^ ^
78. Sylvain Hallé
Shared-state projection
3
If A is the focus peer and the conversation has just started, what
state can B be in, in addition to 0?
: since A cannot distinguish
between them
: since for B it is merged with 0
: since B may have already
sent A a message
: this would require
A to send a message
: also depends on A to be reachable
3, 5
2
4
Not 1
Not 6
.
.
.
.
A B : m1® A C : m2®
C B : m6®
B C : m5®
B C : m3®B A : m4®0
6
534
21
79. Sylvain Hallé
Shared-state projection
3
With a similar reasoning for C, we can deduce that, from A’s
point of view in state 0...
{0,2,3,4,5} are possible states for B
{0,1,3,4,5} are possible states for C
The initial state of ( )p
is therefore:
A:{0,3,5} B:{0,2,3,4,5} C:{0,1,3,4,5}
pC
A B : m1® A C : m2®
C B : m6®
B C : m5®
B C : m3®B A : m4®0
6
534
21
^
80. Sylvain Hallé
Shared-state projection
3
Conflict state (i.e. ‘‘bad’’ state)
In a shared-state projection, take the intersection of the set of
states for each peer. A state is a conflict state if this intersection
is empty.
Intuition: the peers have reached a point where they have
diverging views of the current state of the conversation (and of
what to do next)
Exact construction in the paper!
{1,3} {2,4} {0,1,2} = ÆÇÇ
81. Sylvain Hallé 3
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )C C^
Back to Alice and Bob
82. Sylvain Hallé 3
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )C C^
A:{0,1,2,3,4} B:{0,1,2,3,4}
C:{0,1,2}
Back to Alice and Bob
83. Sylvain Hallé 3
B®C: m3
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )C C^
A:{0,1,2,3,4} B:{0,1,2,3,4}
C:{0,1,2}
A:{3} B:{3} C:{3}
Back to Alice and Bob
84. Sylvain Hallé 3
B®C: m3
A:{3,5} B:{3,5} C:{5}
A®B: m1
B®C: m3 A®C: m4
C®A: m5
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )C C^
A:{0,1,2,3,4} B:{0,1,2,3,4}
C:{0,1,2}
A:{3} B:{3} C:{3}
Back to Alice and Bob
85. Sylvain Hallé 3
B®C: m3 A®C: m4
A:{3,5} B:{3,5} C:{5}
A®B: m1
B®C: m3 A®C: m4
C®A: m5
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )C C^
A:{0,1,2,3,4} B:{0,1,2,3,4}
C:{0,1,2}
A:{3} B:{3} C:{3} A:{4} B:{4} C:{4}
Back to Alice and Bob
86. Sylvain Hallé 3
B®C: m3 A®C: m4
A:{3,5} B:{3,5} C:{5} A:{4,5} B:{4,5} C:{5}
A®B: m1
B®C: m3 A®C: m4
C®A: m5
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )C C^
A:{0,1,2,3,4} B:{0,1,2,3,4}
C:{0,1,2}
A:{3} B:{3} C:{3} A:{4} B:{4} C:{4}
C®B: m6
Back to Alice and Bob
87. Sylvain Hallé 3
B®C: m3 A®C: m4
A:{3,5} B:{3,5} C:{5} A:{4,5} B:{4,5} C:{5}
A®B: m1
B®C: m3 A®C: m4
C®A: m5
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )C C^
A:{0,1,2,3,4} B:{0,1,2,3,4}
C:{0,1,2}
A:{3} B:{3} C:{3} A:{4} B:{4} C:{4}
C®B: m6
Carl cannot be the cause of a
violation
Back to Alice and Bob
88. Sylvain Hallé
Back to Alice and Bob
3
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )A C^
89. Sylvain Hallé 3
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )A C^
A:{0} B:{0,2} C:{0,2}
Back to Alice and Bob
90. Sylvain Hallé 3
A®B: m1
A:{1,3} B:{0,1,2,3,5,#}
C:{0,1,2,3,5}
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )A C^
A:{0} B:{0,2} C:{0,2}
Back to Alice and Bob
91. Sylvain Hallé 3
A®B: m1 B®A: m2
A:{2} B:{2} C:{2}
A:{1,3} B:{0,1,2,3,5,#}
C:{0,1,2,3,5}
A®B: m1
B®C: m3 A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )A C^
A:{0} B:{0,2} C:{0,2}
Back to Alice and Bob
92. Sylvain Hallé 3
A®B: m1 B®A: m2
A:{2} B:{2} C:{2}
A:{1,3} B:{0,1,2,3,5,#}
C:{0,1,2,3,5}
A:{4,5} B:{2,4,5} C:{2,4,5}
A®B: m1
B®C: m3 A®C: m4
A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )A C^
A:{0} B:{0,2} C:{0,2}
Back to Alice and Bob
93. Sylvain Hallé 3
A®B: m1 B®A: m2
A:{2} B:{2} C:{2}
A:{1,3} B:{0,1,2,3,5,#}
C:{0,1,2,3,5}
A:{4,5} B:{2,4,5} C:{2,4,5}
A®B: m1
B®C: m3 A®C: m4
A®C: m4
C®B: m6C®A: m5
B®A: m2
0
1 2
5
3 4
C
p( )A C^
A:{0} B:{0,2} C:{0,2}
If Alice waits for Bob, she
cannot cause a violation
Back to Alice and Bob
95. Sylvain Hallé
Experimental results
3
Tool tested on 100 real-world protocols taken from web service
specifications and Singularity OS channel contracts
?91% of protocols
analyzed in less
than 1 s
?95% in less than 10 s
2
?Time µstate space
104
10-3
100 101
101
100
10-1
10-2
102
103
104
102 103
Number of explored states
Validationtime(s)
96. Sylvain Hallé
Experimental results
3
With P peers and S states in , the shared-state projection has a
2 S
maximal size of P ?2 states.
?Bound seldom
reached in practice
?Very few protocols
required more than
10,000 states
C
1010
108
106
104
104
102
100
100 101 102 103
Number of explored states
Theoreticalupperbound y x=
97. Sylvain Hallé
Experimental results
3
Provides on protocols with arbitrary initiator.
Example: Singularity OS’ TPMContract.
Original version: unrealizable.
tighter conditions
C S : GetTpmStatus®C S : GetTpmStatus®
ReadyStateS0
ReadyStateS1
ReadyState
C S : Send®
S C : AckStartSend®
S C : SendComplete®
S C : TpmStatus®
IO_RUNNINGS0
IO_RUNNING
S C : TpmStatus®
98. Sylvain Hallé
Experimental results
3
IO_RUNNINGS1
C S : GetTpmStatus®C S : GetTpmStatus®
ReadyStateS0
ReadyStateS1
ReadyState
C S : Send®
S C : AckStartSend®
S C : SendComplete®
S C : SendComplete®
S C : TpmStatus®
S C : TpmStatus® IO_RUNNINGS0
IO_RUNNING
S C : TpmStatus®
Provides on protocols with arbitrary initiator.
Example: Singularity OS’ TPMContract.
Corrected version: realizable, yet existing conditions still yield
false positive!
tighter conditions
99. Sylvain Hallé
Conclusion
3
?
?
?
?
Asychronous communication can make a conversation
protocol
No and condition for realizability is currently
known
A (SSP) is a projection of that
keeps track of the possible state for the remaining peers
The absence of a conflict state in an SSP is a sufficient
condition for realizability of ; the computation is guaranteed
to terminate
C
C
C
unrealizable
exact universal
shared-state projection
100. Sylvain Hallé
Conclusion
3
Open questions:
?Do SSPs define an over queue
contents?
The paper presents a method for producing
of sufficient realizability conditions. What other
conditions could we devise?
Is the condition for a restricted subset, e.g.
two-party protocols?
Can we unrealizable protocols automatically
using SSPs?
equivalence relation
families
necessary
repair
.
?
?
?
.
.