the magic of specifications and type systems
play

The Magic of Specifications and Type Systems Amin Bandali June 17, - PowerPoint PPT Presentation

Oct 14, 2023 •229 likes •850 views

The Magic of Specifications and Type Systems Amin Bandali June 17, 2017 Software Engineering Lab, EECS York University Outline 1. Introduction 2. Significance & Contributions 3. Type Checking 4. Well-definedness Checking 5. Conclusion

  1. The Magic of Specifications and Type Systems Amin Bandali June 17, 2017 Software Engineering Lab, EECS York University

  2. Outline 1. Introduction 2. Significance & Contributions 3. Type Checking 4. Well-definedness Checking 5. Conclusion 1

  3. Introduction

  4. Specifications Architects draw detailed plans before a brick is laid or a nail is hammered. Programmers and software engineers don’t. Can this be why houses seldom collapse and programs often crash? To designers of complex systems, the need for formal specifications should be as obvious as the need for blueprints of a skyscraper. But few software developers write specifications because they have little time to learn how on the job, and they are unlikely to have learned in school. — Leslie Lamport, Turing Award Winner, 2013 2

  5. Specifications Architects draw detailed plans before a brick is laid or a nail is hammered. Programmers and software engineers don’t. Can this be why houses seldom collapse and programs often crash? To designers of complex systems, the need for formal specifications should be as obvious as the need for blueprints of a skyscraper. But few software developers write specifications because they have little time to learn how on the job, and they are unlikely to have learned in school. — Leslie Lamport, Turing Award Winner, 2013 2

  6. Specifications Architects draw detailed plans before a brick is laid or a nail is hammered. Programmers and software engineers don’t. Can this be why houses seldom collapse and programs often crash? To designers of complex systems, the need for formal specifications should be as obvious as the need for blueprints of a skyscraper. But few software developers write specifications because they have little time to learn how on the job, and they are unlikely to have learned in school. — Leslie Lamport, Turing Award Winner, 2013 2

  7. Specifications Architects draw detailed plans before a brick is laid or a nail is hammered. Programmers and software engineers don’t. Can this be why houses seldom collapse and programs often crash? To designers of complex systems, the need for formal specifications should be as obvious as the need for blueprints of a skyscraper. But few software developers write specifications because they have little time to learn how on the job, and they are unlikely to have learned in school. — Leslie Lamport, Turing Award Winner, 2013 2

  8. Specifications Architects draw detailed plans before a brick is laid or a nail is hammered. Programmers and software engineers don’t. Can this be why houses seldom collapse and programs often crash? To designers of complex systems, the need for formal specifications should be as obvious as the need for blueprints of a skyscraper. But few software developers write specifications because they have little time to learn how on the job, and they are unlikely to have learned in school. — Leslie Lamport, Turing Award Winner, 2013 2

  9. Gaining Traction Formal methods used to be relegated to safety critical systems: • nuclear plants • avionics • medical devices 3

  10. Gaining Traction Some formal methods are now practical and adopted by technology leaders: • Amazon • Microsoft • Facebook • Dropbox 4

  11. Significance & Contributions

  12. Unit-B Unit-B [3] is a new framework for specifying and modelling systems that must satisfy both safety and liveness properties. 5

  13. Unit-B Logic Unit-B Logic supports arithmetic , sets , functions , relations , and intervals theories. 6

  14. Unit-B Logic & Related Work Unit-B vs Event-B [1] • record types • complete well-definedness • type checking • [static] well-definedness checking • quantification over infinite sets 1 Unit-B vs Logitext • support for higher-order logic in both predicate and sequent calculi 7 Unit-B vs TLA + [4]

  15. Unit-B Logic & Related Work Unit-B vs Event-B [1] • record types • complete well-definedness • type checking • [static] well-definedness checking • quantification over infinite sets 1 Unit-B vs Logitext • support for higher-order logic in both predicate and sequent calculi 1 limitation of the TLC tooling 7 Unit-B vs TLA + [4]

  16. Unit-B Logic & Related Work Unit-B vs Event-B [1] • record types • complete well-definedness • type checking • [static] well-definedness checking • quantification over infinite sets 1 Unit-B vs Logitext • support for higher-order logic in both predicate and sequent calculi 1 limitation of the TLC tooling 7 Unit-B vs TLA + [4]

  17. Unit-B Web Unit-B Web makes the Literate Unit-B prover available on the web. While Literate Unit-B supports both the Unit-B Logic and Unit-B’s computation models, Unit-B Web currently only supports Unit-B Logic. 8

  18. Unit-B Web Unit-B Web makes the Literate Unit-B prover available on the web. While Literate Unit-B supports both the Unit-B Logic and Unit-B’s computation models, Unit-B Web currently only supports Unit-B Logic. 8

  19. Unit-B Web Teaching • demonstrations • online evaluations • support for assignments Online Proof Environment • making specifications more accessible to casual users • proof of concept for a web IDE for full modelling capabilities of Unit-B 9

  20. Unit-B Web Teaching • demonstrations • online evaluations • support for assignments Online Proof Environment • making specifications more accessible to casual users • proof of concept for a web IDE for full modelling capabilities of Unit-B 9

  21. Technology Stack Prover • Predicate prover Z3 • Proof tactics • Well-definedness • Type checking Haskell • Yesod / Haskell Syntax • JSON • JavaScript Web EX -based A T • L 10

  22. Technology Stack Prover • Predicate prover Z3 • Proof tactics • Well-definedness • Type checking Haskell • Yesod / Haskell Syntax • JSON • JavaScript Web EX -based A T • L 10

  23. Technology Stack Prover • Predicate prover Z3 • Proof tactics • Well-definedness • Type checking Haskell • Yesod / Haskell Syntax • JSON • JavaScript Web EX -based A T • L 10

  24. Type Checking

  25. Type Checking • not meaningful • caught by Unit-B’s type checker 11 • { x } + 3 ≤ 7 • TLA + doesn’t recognize this as an error

  26. Type Checking • not meaningful • caught by Unit-B’s type checker 11 • { x } + 3 ≤ 7 • TLA + doesn’t recognize this as an error

  27. Type Checking • not meaningful • caught by Unit-B’s type checker 11 • { x } + 3 ≤ 7 • TLA + doesn’t recognize this as an error

  28. Figure 1: A type error — x is expected to be a set of numbers

  29. Type Checking • not meaningful • caught by Unit-B’s type checker 13 • { x } + 3 ≤ 7 • TLA + doesn’t recognize this as an error

  30. Type Checking • not meaningful • caught by Unit-B’s type checker 13 • { x } + 3 ≤ 7 • TLA + doesn’t recognize this as an error

  31. Challenges & Rewards • Event-B’s simple type system forbids this • ??? • subtyping to the rescue! 14 • TLA + ’s untyped logic allows { 3 , { 7 }} • type variables → polymorphic definitions

  32. Challenges & Rewards • Event-B’s simple type system forbids this • ??? 14 • TLA + ’s untyped logic allows { 3 , { 7 }} • subtyping to the rescue! • type variables → polymorphic definitions

  33. Challenges & Rewards • Event-B’s simple type system forbids this • ??? • subtyping to the rescue! 14 • TLA + ’s untyped logic allows { 3 , { 7 }} • type variables → polymorphic definitions

  34. Challenges & Rewards • Event-B’s simple type system forbids this 14 • TLA + ’s untyped logic allows { 3 , { 7 }} • ??? • subtyping to the rescue! • type variables → polymorphic definitions

  35. Challenges & Rewards • Event-B’s simple type system forbids this 14 • TLA + ’s untyped logic allows { 3 , { 7 }} • ??? • subtyping to the rescue! • type variables → polymorphic definitions

  36. Well-definedness Checking

  37. Well-definedness Checking Catches meaningless formulas that type checker can’t catch: • division by zero • array index out of bounds • more sophisticated errors 15

  38. Well-definedness Checking Catches meaningless formulas that type checker can’t catch: • division by zero • array index out of bounds • more sophisticated errors 15

  39. Well-definedness Checking Catches meaningless formulas that type checker can’t catch: • division by zero • array index out of bounds • more sophisticated errors 15

  40. Well-definedness Checking Catches meaningless formulas that type checker can’t catch: • division by zero • array index out of bounds • more sophisticated errors 15

  41. Figure 2: An ill-defined predicate — x is not in the domain of f

  42. Conclusion

  43. Summary • Unit-B Web , a web application for doing predicate calculus proofs, bringing the Literate Unit-B prover to the web. • Type Checking helps identify a certain class of meaningless formulas (i.e. type-incorrect formulas) efficiently. • Well-definedness Checking catches the rest of meaningless formulas that are not type errors. 17

Recommend

+ MAGIC results on X-ray binary systems Roberta Zanin (IFAE) on behalf of the MAGIC

+ MAGIC results on X-ray binary systems Roberta Zanin (IFAE) on behalf of the MAGIC

+ MAGIC results on X-ray binary systems Roberta Zanin (IFAE) on behalf of the MAGIC collaboration + 2 Outline Wind/wind or jets? GAMMA-RAY BINARIES: 1. LS I 61+303 2. HESS J0632 +057 MICROQUASARS: 1. Cygnus X-3 2. Scorpius X-1 3.

434 views • 29 slides
1 Type systems are the most widely used form of sta;c

1 Type systems are the most widely used form of sta;c

{HEADSHOT} This lesson introduces a popular kind of sta;c analysis called type systems. Type systems are o?en specified as part of the programming

923 views • 66 slides
The Mathemagic of Magic Squares History of Magic Squares Mathematics and Magic Squares

The Mathemagic of Magic Squares History of Magic Squares Mathematics and Magic Squares

The Mathemagic of Magic Squares Steven Klee Outline What is a Magic Square? The Mathemagic of Magic Squares History of Magic Squares Mathematics and Magic Squares Constructing Steven Klee Magic Squares Magic Circles University of

968 views • 86 slides
MAGIC II Project review by Thomas Schweizer MAGIC II in memory of Florian Thomas Schweizer The

MAGIC II Project review by Thomas Schweizer MAGIC II in memory of Florian Thomas Schweizer The

MAGIC II Project review by Thomas Schweizer MAGIC II in memory of Florian Thomas Schweizer The MAGIC Collaboration MAGIC goes stereo MAGIC-I: Discovered many new sources and lots of publications in refereed journals Many discoveries

611 views • 34 slides
Calibration chamber for thermometers (Liquid bath type) Specifications : 85 to 50

Calibration chamber for thermometers (Liquid bath type) Specifications : 85 to 50

Calibration chamber for thermometers (Liquid bath type) Specifications : 85 to 50 85 to 50 Range Range : Accuracy: 0.01 Dimensions (Internal): 300 H450mm Purpose of use

246 views • 6 slides
From Shang Gao Magic 15 If a 2 + b 2 = c 2 , then ( a , b , c ) is called to be a Background

From Shang Gao Magic 15 If a 2 + b 2 = c 2 , then ( a , b , c ) is called to be a Background

Magic 15 Magic 15 Background Two Square Theorem Galois Finite Fields Magic 15: A STORY OVER 380 YEARS Proofs of 2-Square Theorem Three Square Theorem Four Square Theorem Universal Polynomials Magic 15 Proof of Fifteen Theorem 15

1.31k views • 97 slides
INF 212/CS 253 Type Systems Instructors: Harry Xu Crista Lopes What is a Data Type? A type

INF 212/CS 253 Type Systems Instructors: Harry Xu Crista Lopes What is a Data Type? A type

INF 212/CS 253 Type Systems Instructors: Harry Xu Crista Lopes What is a Data Type? A type is a collection of computational entities that share some common property Programming languages are designed to help programmers organize

803 views • 32 slides
Type Systems Authored By Luca Cardelli ACM Computing Surveys, 1996 Type Systems - Why, What

Type Systems Authored By Luca Cardelli ACM Computing Surveys, 1996 Type Systems - Why, What

Type Systems Authored By Luca Cardelli ACM Computing Surveys, 1996 Type Systems - Why, What & How? (Informally) Why : to prevent forbidden(all untrapped and some trapped) errors OR to prove the absence of certain program behaviour

358 views • 11 slides
Hybrid Type Systems Jose A. Lopes Max Planck Institute for Software Systems (MPI-SWS) MOVEP 2012

Hybrid Type Systems Jose A. Lopes Max Planck Institute for Software Systems (MPI-SWS) MOVEP 2012

Hybrid Type Systems Jose A. Lopes Max Planck Institute for Software Systems (MPI-SWS) MOVEP 2012 Type systems Type systems are a lightweight verification method Common in programming languages Increase software reliability Verify

588 views • 21 slides
Teaching old type systems Teaching old type systems new tricks with type providers new tricks

Teaching old type systems Teaching old type systems new tricks with type providers new tricks

Teaching old type systems Teaching old type systems new tricks with type providers new tricks with type providers Tomas Petricek Tomas Petricek University of Kent and The Alan Turing Institute http://tomasp.net tomas@tomasp.net @tomaspetricek

839 views • 38 slides
Types of Formal Specifications for Assertions Concurrent and Reactive Systems Assertions

Types of Formal Specifications for Assertions Concurrent and Reactive Systems Assertions

Outline Formal specifications CISC422/853: Formal Methods Types of formal specifications: in Software Engineering: assertions invariants Computer-Aided Verification safety and liveness properties How to express safety

226 views • 22 slides
A magic particle machine Imagine this setup... Alice Magic Particle Machine Bob A magic

A magic particle machine Imagine this setup... Alice Magic Particle Machine Bob A magic

Pictures of non-locality in quantum mechanics 1 Aleks Kissinger Oxford University Department of Computer Science May 21, 2014 1 Joint work with Bob Coecke (Oxford), Ross Duncan (ULB), and Quanlong Wang (Beijing) A magic particle machine

1.66k views • 92 slides
File Systems Chi Zhang czhang@cs.fiu.edu 1 File Attributes Name only information kept

File Systems Chi Zhang czhang@cs.fiu.edu 1 File Attributes Name only information kept

COP 4225 Advanced Unix Programming File Systems Chi Zhang czhang@cs.fiu.edu 1 File Attributes Name only information kept in human-readable form. Type Extension-based Magic numbers stored at the beginning of a file (Unix)

251 views • 23 slides
Course Specifications/Detailed Course Outline Course code : STA 331 2.0 Course title :

Course Specifications/Detailed Course Outline Course code : STA 331 2.0 Course title :

Course Specifications/Detailed Course Outline Course code : STA 331 2.0 Course title : Stochastic Processes Course type : Core Batch : AS2017 Year : 2020 Semester : 2 No. of notional hours : 100 hours Pre-requisites : STA 114 2.0

316 views • 7 slides
TOGETHER TO MAGIC PLACES COLLABORATIVE VR SOLUTIONS TOGETHER TO MAGIC PLACES CHALLENGES

TOGETHER TO MAGIC PLACES COLLABORATIVE VR SOLUTIONS TOGETHER TO MAGIC PLACES CHALLENGES

TOGETHER TO MAGIC PLACES COLLABORATIVE VR SOLUTIONS TOGETHER TO MAGIC PLACES CHALLENGES & OPPORTUNITIES CHALLENGE B2C 90% of all VR applications are designed for single-player. High-end VR is not yet affordable for mass

608 views • 14 slides
Type Systems Lecture 3 Nov. 3rd, 2004 Sebastian Maneth

Type Systems Lecture 3 Nov. 3rd, 2004 Sebastian Maneth

Type Systems Lecture 3 Nov. 3rd, 2004 Sebastian Maneth http://lampwww.epfl.ch/teaching/typeSystems/2004 Today: into the types 1. A Type System for Arithmetic Expressions 2. Proving Type Safety 3. Simply Typed Lambda Calculus

988 views • 50 slides
Opportunities MAGIC PROFESSIONAL DEVELOPMENT SERIES 8 THE MAGIC 8 CLASSROOM PRACTICES

Opportunities MAGIC PROFESSIONAL DEVELOPMENT SERIES 8 THE MAGIC 8 CLASSROOM PRACTICES

Providing Early Math Opportunities MAGIC PROFESSIONAL DEVELOPMENT SERIES 8 THE MAGIC 8 CLASSROOM PRACTICES Reduce time spent in transition 1. Improving level of instruction 2. Creating a positive climate 3. Increasing teacher

343 views • 13 slides
Planning Sequential Activities MAGIC PROFESSIONAL DEVELOPMENT SERIES 8 THE MAGIC 8

Planning Sequential Activities MAGIC PROFESSIONAL DEVELOPMENT SERIES 8 THE MAGIC 8

Planning Sequential Activities MAGIC PROFESSIONAL DEVELOPMENT SERIES 8 THE MAGIC 8 CLASSROOM PRACTICES Reduce time spent in transition 1. Creating a positive climate 2. Increasing teacher listening to children 3. Improving level

133 views • 11 slides
. While several substructural type systems have been proposed and implemented, these either

. While several substructural type systems have been proposed and implemented, these either

. . Substructural logics provide a framework for designing resource-aware type systems. . While several substructural type systems have been proposed and implemented, these either have been developed for a special purpose or have been too

991 views • 74 slides
-Cygni -Cygni the GeV to TeV Morphology the GeV to TeV Morphology with with MAGIC and

-Cygni -Cygni the GeV to TeV Morphology the GeV to TeV Morphology with with MAGIC and

-Cygni -Cygni the GeV to TeV Morphology the GeV to TeV Morphology with with MAGIC and Fermi-LAT MAGIC and Fermi-LAT Marcel C. Strzys a I. Vovk a , C. Fruck a , S. Masuda b and T. Saito b for the MAGIC Collaboration a) Max Planck

107 views • 9 slides
An Invitation to Homotopy Type Theory Tingxiang Zou Type Theory Formal Systems: Churchs

An Invitation to Homotopy Type Theory Tingxiang Zou Type Theory Formal Systems: Churchs

An Invitation to Homotopy Type Theory Tingxiang Zou Type Theory Formal Systems: Churchs simply typed lambda calculus (1940); Martin L ofs dependent type theory (1971-1984) Origin: Russells theory of types The world is

848 views • 12 slides
Providing Early Math Opportunities MAGIC PROFESSIONAL DEVELOPMENT SERIES 8 THE MAGIC

Providing Early Math Opportunities MAGIC PROFESSIONAL DEVELOPMENT SERIES 8 THE MAGIC

Providing Early Math Opportunities MAGIC PROFESSIONAL DEVELOPMENT SERIES 8 THE MAGIC 8 CLASSROOM PRACTICES Reduce time spent in transition 1. Improving level of instruction 2. Creating a positive climate 3. Increasing teacher

830 views • 14 slides
Magic Wall (working title) David Croft SCOPE Sessions, 18.08.2011 Magic Wall THE PRINCIPLE

Magic Wall (working title) David Croft SCOPE Sessions, 18.08.2011 Magic Wall THE PRINCIPLE

Magic Wall (working title) David Croft SCOPE Sessions, 18.08.2011 Magic Wall THE PRINCIPLE Electromagnetic Spectrum Human Eye Model Magic Wall THE HARDWARE Its not a Kinect (Damnit) Has built in IR laser projector Only outline

859 views • 63 slides
On the Horizontal Dimension of Software Architecture in Formal Specifications of Reactive

On the Horizontal Dimension of Software Architecture in Formal Specifications of Reactive

On the Horizontal Dimension of Software Architecture in Formal Specifications of Reactive Systems Mika Katara, Reino Kurki-Suonio and Tommi Mikkonen Institute of Software Systems Tampere University of Technology Finland Outline 1.

1.03k views • 21 slides

More recommend