The Kell Calculus A Family of Higher-Order Distributed Process - PowerPoint PPT Presentation

The Kell Calculus A Family of Higher-Order Distributed Process Calculi MYTHS/MIKADO/DART Meeting Alan Schmitt Jean-Bernard Stefani

Introduction ◮ Calculus motivated by work in the Sardes project ◮ Goal: to model and simulate component-based programs and their environment ◮ Why the environment? ⊲ to model resource access and monitoring ⊲ to model different modes of failure MYTHS/MIKADO/DART Meeting, June 15th 2004, 2

Outline ◮ Design Choices for a Component Modelling Calculus ◮ The Calculus and some Examples ◮ Equivalences MYTHS/MIKADO/DART Meeting, June 15th 2004, 3

✓ ✡ ☛ ✡ ✌ ✠ ✍ ✎ ✏ ✠ ☛ ✡ ✌ ✑ ✍ ✄ ✄ ✏ ✌ ✠ ✏ ✒ ✠ ✏ ✂ ✡ ✆ ✎ ✎ ✆ ✌ ☛ ✠ ✠ ✡ ☛ ✡ � ✆ ✠ ✡ ✠ ☛ ✄ ✆ ✠ ☛ ✡ ✠ ✄ ☞ ✁ ☛ ✡ ✌ ✠ ✍ ✎ ✏ ✠ ☛ ✡ ✌ ✑ ✍ ✆ A component ✂☎✄ ✝✟✞ MYTHS/MIKADO/DART Meeting, June 15th 2004, 4

What we want to model Fractal ( http://fractal.objectweb.org ) ◮ Hierarchical components ◮ Dynamic component deployment and failure ◮ Dynamic interface binding between components ◮ Messaging through bound interfaces ◮ Control capabilities MYTHS/MIKADO/DART Meeting, June 15th 2004, 5

Why we want to model ◮ Play the role of a precise and formal semantics ⊲ Abstract machines ⊲ Implementations ◮ Build some verification tools Static Type systems, static analyses ⊲ Component binding ⊲ Checking dependencies ⊲ Equivalent components Dynamic Correct code instrumentation for ⊲ security properties ⊲ fault detection ⊲ causality and resource monitoring MYTHS/MIKADO/DART Meeting, June 15th 2004, 6

Design Principles ◮ π -calculus core ⊲ Parameterized on the input patterns ◮ Hiearchical localities (Kells) ⊲ Encapsulation ◮ Local actions ⊲ Tradeoff between implementation and of usability ⊲ Atomicity decisions left to programmer ⊲ Dynamic binding ◮ Higher-order communication and locality passivation ⊲ To model deployment, migration, and different failure modes ◮ Programmable membranes ⊲ To model control features and network failure MYTHS/MIKADO/DART Meeting, June 15th 2004, 7

Related work ◮ First order π -calculus with localities and migration primitives (D-Join, D π , Nomadic Pict, Seal, . . . ) ◮ Mobile Ambients and variants ◮ Distributed higher-order calculi ⊲ Facile, CHOCS, higher-order D π , Klaim, M-calculus Kell-calculus: simplification of the M-calculus: ◮ No routing rules built in ◮ Simpler localities MYTHS/MIKADO/DART Meeting, June 15th 2004, 8

Outline ◮ Design Choices for Component Modelling Calculus ◮ The Calculus and some Examples ◮ Equivalences MYTHS/MIKADO/DART Meeting, June 15th 2004, 9

Syntax P, Q ::= 0 | P | Q | νa.P | x | | ◮ π calculus core MYTHS/MIKADO/DART Meeting, June 15th 2004, 10

Syntax P, Q ::= 0 | P | Q | νa.P | x | a � P � .Q | a [ P ] .Q | ◮ π calculus core ◮ Higher-order output MYTHS/MIKADO/DART Meeting, June 15th 2004, 11

Syntax P, Q ::= 0 | P | Q | νa.P | x | a � P � .Q | a [ P ] .Q | ( ξ ⊲ P ) ◮ π calculus core ◮ Higher-order output ◮ Input parameterized by patterns ξ MYTHS/MIKADO/DART Meeting, June 15th 2004, 12

Syntax P, Q ::= 0 | P | Q | νa.P | x | a � P � .Q | a [ P ] .Q | ( ξ ⊲ P ) ◮ π calculus core ◮ Higher-order output ◮ Input parameterized by patterns ξ ◮ Simplest patterns (jK): ξ ↓ ξ ↑ | | M | ξ k | | | M | M ξ ::= ξ k M M ::= ξ m ξ ↓ ::= a � x � ↓ ξ ↑ ::= a � x � ↑ ξ k ::= a [ x ] ξ m ::= a � x � MYTHS/MIKADO/DART Meeting, June 15th 2004, 13

Reduction Examples a � Q � .T | ( a � x � ⊲ P ) − → T | P { Q/x } � � ( a � x � ↑ ⊲ P ) a � Q � .T | b .S − → T | b [ P { Q/x } ] .S b [ a � Q � .T | R ] .S | ( a � x � ↓ ⊲ P ) − → b [ T | R ] .S | P { Q/x } a [ Q ] .T | ( a � x � ⊲ P ) − → T | P { Q/x } MYTHS/MIKADO/DART Meeting, June 15th 2004, 14

Join patterns �   ( d � x � ↓ | u � y � ↑ | b [ z ] ⊲ x | y | z ) � �   �   � c [ d � P d � .Q d ] .Q c a  .Q a u � P u � .Q u − → �  � � b [ P b ] .Q b   � � P d | P u | P b �   �   � c [ Q d ] .Q c a  .Q a Q u  � � � Q b MYTHS/MIKADO/DART Meeting, June 15th 2004, 15

Join patterns �   ( d � x � ↓ | u � y � ↑ | b [ z ] ⊲ x | y | z ) � �   �   � c [ d � P d � .Q d ] .Q c a  .Q a u � P u � .Q u − → �  � � b [ P b ] .Q b   � � P d | P u | P b �   �   � c [ Q d ] .Q c a  .Q a Q u  � � � Q b MYTHS/MIKADO/DART Meeting, June 15th 2004, 16

Encoding recursion ∆ ( ξ � P ) = νt. ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � Assume that t and x are fresh in ξ , P , Q , and P ′ , and that → P ′ ( ξ ⊲ P ) | Q − ∆ ( ξ � P ) | Q = νt. ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � | Q MYTHS/MIKADO/DART Meeting, June 15th 2004, 17

Encoding recursion ∆ ( ξ � P ) = νt. ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � Assume that t and x are fresh in ξ , P , Q , and P ′ , and that → P ′ ( ξ ⊲ P ) | Q − ∆ ( ξ � P ) | Q = νt. ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � | Q MYTHS/MIKADO/DART Meeting, June 15th 2004, 18

Encoding recursion ∆ ( ξ � P ) = νt. ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � Assume that t and x are fresh in ξ , P , Q , and P ′ , and that → P ′ ( ξ ⊲ P ) | Q − ∆ ( ξ � P ) | Q = νt. ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � | Q → νt.P ′ | ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � − MYTHS/MIKADO/DART Meeting, June 15th 2004, 19

Encoding recursion ∆ ( ξ � P ) = νt. ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � Assume that t and x are fresh in ξ , P , Q , and P ′ , and that → P ′ ( ξ ⊲ P ) | Q − ∆ ( ξ � P ) | Q = νt. ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � | Q → νt.P ′ | ( ξ | t � x � ⊲ P | x | t � x � ) | t � ( ξ | t � x � ⊲ P | x | t � x � ) � − ∆ = ( ξ � P ) | P ′ MYTHS/MIKADO/DART Meeting, June 15th 2004, 20

Using passivation ◮ A kell a [ P ] is both an evaluation context and a resource ◮ One may ⊲ freeze a kell in a message: ( a [ x ] ⊲ a � x � ) ⊲ destroy a kell: ( a [ x ] ⊲ 0 ) ⊲ copy and rename a kell: ( a [ x ] ⊲ a [ x ] | b [ x ]) ⊲ insert new content into a kell: ( a [ x ] ⊲ a [ x | b [ P ]]) MYTHS/MIKADO/DART Meeting, June 15th 2004, 21

Matching and Parametric Patterns ◮ Generic matching ⊲ Outer shape of patterns fixed (Local Action) ⊲ Join patterns built in match ( ξ | ξ ′ , M | M ′ ) = match ( ξ, M ) ⊕ match ( ξ ′ , M ′ ) match ( ξ m , a � P � ) = match m ( ξ m , a � P � ) match ( ξ ↓ , a � P � ↓ b ) = match ↓ ( ξ ↓ , a � P � ↓ b ) match ( ξ ↑ , a � P � ↑ b ) = match ↑ ( ξ ↑ , a � P � ↑ b ) match ( ξ k , a [ P ]) = match k ( ξ k , a [ P ]) ◮ Instantiation with jK patterns match ↓ ( a � x � , ↓ a � P � ↓ b ) = { P / ∆ = { P / ∆ match m ( a � x � , a � P � ) x } x } match ↑ ( a � x � , ↑ a � P � ↑ b ) ∆ ∆ = { P / = { P / x } match k ( a [ x ] , a [ P ]) x } MYTHS/MIKADO/DART Meeting, June 15th 2004, 22

Outline ◮ Design Choices for Component Modelling Calculus ◮ The Calculus and some Examples ◮ Equivalences MYTHS/MIKADO/DART Meeting, June 15th 2004, 23

Context Bisimulation: a Tutorial In the setting of the Higher-order π -calculus: a ◮ An input evolves to an abstraction: a ( X ) .P − → ( X ) .P = F a ◮ An output evolves to a concretion: a � P 1 � P 2 − → � P 1 � P 2 = C τ → F @ C = P { P 1 / ◮ They communicate: a ( X ) .P | a � P 1 � P 2 − X } | P 2 MYTHS/MIKADO/DART Meeting, June 15th 2004, 24

Context Bisimulation: a Tutorial In the setting of the Higher-order π -calculus: a ◮ An input evolves to an abstraction: a ( X ) .P − → ( X ) .P = F a ◮ An output evolves to a concretion: a � P 1 � P 2 − → � P 1 � P 2 = C τ → F @ C = P { P 1 / ◮ They communicate: a ( X ) .P | a � P 1 � P 2 − X } | P 2 The relation R is a (early) context simulation iff P R Q implies → P ′ , there exists Q ′ such that τ ◮ For all P − → Q ′ and P ′ R Q ′ ; τ − Q a ◮ For all P − → F and for all C , there exists G such that a − → G and F @ C R G @ C ; Q a ◮ For all P − → C and for all F , there exists D such that a − → D and F @ C R F @ D . Q MYTHS/MIKADO/DART Meeting, June 15th 2004, 25