The Space and Motion of Large Informatic Systems Visions of Computer Science, 2008 Robin Milner, University of Cambridge 1
PARTS OF THE TALK • What are Informatic Models? How do they fit together? • Ubiquitous Computing, and modelling it • Space and Motion in large systems • Conclusion 2
PARTS OF THE TALK • What are Informatic Models? How do they fit together? • Ubiquitous Computing, and modelling it • Space and Motion in large systems • Conclusion 3
An informatic model with behaviour and layers Entities in a model explain, or are realised by, entities in the physical world—as in natural science. behaviour ENTITIES valuation as sets & predicates action on memory, i/o PROGRAMS action on memory, i/o realised by voltage, bitmaps, switching COMPUTERS keyboard & screen events 4
An informatic model with behaviour and layers Entities and behaviour in a model explain, or are realised by, entities in the physical world—as in natural science. ENTITIES BEHAVIOUR valuation as sets & predicates action on memory, i/o PROGRAMS realised by COMPUTERS keyboard & screen events 5
Layered informatic models with behaviour Entities and behaviour in a model explain, or are realised by, entities in the physical world or in a lower model . ENTITIES BEHAVIOUR valuation as sets & predicates LOGICAL FORMULAE specify action on memory, i/o PROGRAMS interpret in action on memory, i/o ASSEMBLY CODE implement by voltage, bitmaps, switching HARDWARE DESIGN realised by COMPUTERS keyboard & screen events 6
Combining models Real systems combine interacting sub-systems ; we must also combine partial models . Thus, combine models of the electro- mechanical and informatic parts of an aircraft: ELECTRO-MECH EMBEDDED DESIGN SOFTWARE realised by realised by PHYSICAL EMBEDDED AIRCRAFT COMPUTERS 7
Combining models Real systems combine interacting sub-systems ; we must also combine partial models . Also, combine models of artifactual and natural systems: ELECTRO-MECH METEO- EMBEDDED DESIGN MODEL SOFTWARE realised by explains realised by PHYSICAL EMBEDDED WEATHER AIRCRAFT COMPUTERS 8
Combining models For a program, we may combine different explanatory models. INRIA did this for the Airbus using abstract interpretation , fol- lowing successful analysis of the failure of the Ariane-5 rocket: A-I-1 A-I-2 explains explains ELECTRO-MECH METEO- EMBEDDED DESIGN MODEL SOFTWARE explains realised by realised by PHYSICAL EMBEDDED WEATHER AIRCRAFT COMPUTERS 9
Models and their tower A model consists of some entities , and their behaviour . EXAMPLE: flowcharts, and how to execute them. A tower of models is built by explanation and combination : Model A explains model B if A abstracts from or specifies B, or if B implements or realises A. EXAMPLE: a specification logic specifies programs. Model C combines models A and B if its entities and behaviours combine those of A and B. EXAMPLE: combine distributed programs with a net- work model. 10
How do we validate an explanation? Natural science: Explanation of reality by a model can only be supported by ob- servation . Complete validation impossible (Karl Popper). Informatics at lowest level: Similar (e,g. realisation of circuit diagrams by a computer). Informatics at higher levels: Higher levels abound in the model tower. Can aspire to com- plete validation between precise models. PROPOSITION: Informatics is an science just to the extent that it aspires to complete validation. 11
Scientific status of the Tower of Models • Useful models, and validations, may well be informal • Different models suit different people, including non-experts • Many instances of models and validations exist • Can we derive languages from models , not vice-versa? 12
PARTS OF THE TALK • What are Informatic Models? How do they fit together? • Ubiquitous Computing, and modelling it • Space and Motion in large systems • Conclusion 13
Two visions of Ubiquitous Computing Populations of computing entities will be a significant part of our environment, performing tasks that support us, and we shall be largely unaware of them. (after Mark Weiser, 1994) In the next five to ten years the computer will be erased from our consciousness. We will simply not talk about it any longer, we will not read about it, apart from experts of course . Joseph Weizenbaum (2001) (my emphasis) . . . . . . and my vision: Ubiquitous computing will empower us , if we understand it. 14
Qualities of a ubiquitous computing system (UCS) What is new about a UCS? • It will continually make decisions hitherto made by us • It will be vast , maybe 100 times today’s systems • It must continually adapt , on-line, to new requirements • Individual UCSs will interact with one another Can traditional software engineering cope? 15
Concepts for Ubicomp Each ubicomp domain , hence each model , will involve several concepts. Here are a few: obligations provenance self-management intentions specification locality data-protection continuous space beliefs simulation authorisation mobility encapsulation role continuous time compilation failure policy delegation reflectivity verification stochastics negotiation connectivity trust security authenticity 16
Managing the conceptual overload provenance obligations self-management intentions specification locality locality data-protection continuous space beliefs authorisation mobility mobility simulation encapsulation B continuous time compilation failure role policy delegation verification reflectivity stochastics stochastics connectivity connectivity negotiation trust authenticity security • Define UAM , the Ubiquitous Abstract Machine , in terms of locality, connectivity, mobility, stochastics. • Build a model tower above UAM , layering the concepts. 17
PARTS OF THE TALK • What are Informatic Models? How do they fit together? • Ubiquitous Computing, and modelling it • Space and Motion in large systems • Conclusion 18
A fanciful system, seen as a bigraph M S M S K L R A R A K L Reaction rule: A A 19
A built environment G G x w B A - an agent A Each node has a A A B - a building A control , with arity , C C - a computer C C e.g. A has arity 2. R - a room R R R z B z . ( Roomfull xz | / G = / y A xy | Roomfull xz ) � Roomfull xw = R . / def y ( A xy | C yz ) . where Roomfull xz The signature K = { A : 2 , B : 1 . . . } gives controls with arities. 20
. . . . . . and a host H for G H x B R A C x w G w x B A – an agent A A A B – a building A C C – a computer C C R – a room R R R w B w . ( / y A xy | R . / H = id 1 | id x | / y C yw | id w | id 1 ) . 21
The complete system H ◦ G H ◦ G y B B A A A A R A C C C C R R R 22
. . . . . . and after one reaction H ◦ G y B B A A A A R A C C C C R R R y B B A A A A R A C C C C R R R 23
. . . . . . and after two reactions H ◦ G y B B A A A A R A C C C C R R R y B B A A A R A A C C C C R R R 24
. . . . . . and after three reactions H ◦ G y B B A A A A R A C C C C R R R y B B A A A R A A C C C C R R R 25
Three possible reaction rules (1) A A (2) R R A A (3) A A C C 26
The ‘bi-’ structure of a bigraph bigraph G x w B A A A A C C C R R R place graph G P link graph G L (a forest) x w (a hypergraph) 27
The variety of bigraphical models • A bigraphical reactive system (BRS) B G ( Σ , R ) is defined by a sorting Σ and a reaction regime R (reaction rules). . • Process calculi (CCS, CSP , π -calculus, Petri nets, Mobile Ambients) are represented faithfully by BRSs. • Transition systems and behavioural theory (e.g. bisimilarity) for these calculi are derived uniformly from reaction regimes. We now outline the maths of bigraphs. Then we sketch BRSs for a reflective building , a process cal- culus , and a biological phenomenon . 28
The mathematics of bigraphs • Each BRS is based on a symmetric partial monoidal (spm) category , plus dynamics. • The static algebra of BRSs is completely axiomatised . • The dynamics of BRSs involves graph matching, formally defined. Hence bigraphical programming language (BPL) under development at the ITU, Copenhagen. • The uniform dynamical theory of BRSs is based on a cate- gorical notion, relative pushouts . • Stochastic behaviour is uniformly derived. 29
Bigraph algebra: their interfaces and operations J = � 2 , { y, z, w }� J = � 2 , { y, z, w }� (two roots, three outer names) (two roots, three outer names) root (region) root (region) y y outer name outer name z z w w root (region) outer name 0 0 1 1 K K M M K K F : I → J F : I → J 2 2 1 1 0 0 site inner name site site inner name inner name x x y y I = � 3 , { x, y }� I = � 3 , { x, y }� (three sites, two inner names) (three sites, two inner names) Composition: Place F : I → J inside G : J → K to yield G ◦ F : I → K . Product: Place F : I → J alongside G : H → K to yield F ⊗ G : I ⊗ H → J ⊗ K . 30
Recommend
More recommend