An Eclipse-based Integrated Environment for Developing Executable Structural Operational Semantics Specifications

The Structural Operational Semantics Development Tooling (SOSDT) Eclipse Plugin integrates the Relational Meta-Language (RML) compiler and debugger with the Eclipse Integrated Development Environment Framework. SOSDT, together with the RML compiler and debugger, provides an environment for developing and maintaining executable Structural Operational Semantics specifications, including the Natural Semantics big step variant of SOS specifications. The RML language is successfully used at our department for writing large specifications for a range of languages like Java, Modelica, Pascal, MiniML etc. The SOSDT environment includes support for browsing, code completion through menus or popups, code checking, automatic indentation, and debugging of specifications.     

Well-behaved Translations between Structural Operational Semantics

We examine two versions of maps between distributive laws as candidates for well-behaved translations between structural operational semantics, and validate that by using simple coalgebraic arguments. We give some concrete examples of well-behaved translations that are maps between distributive laws. The modelling of structural operational semantics uses Turi and Plotkin's categorical models of GSOS. These maps between distributive laws come from the previous work on 2-categories of distributive laws.     

基于逻辑的软件演化操作语言及结构化操作语义

由于使用环境和新技术的不断变化,软件演化的控制变得日趋复杂.为了提高软件演化活动的可视化和形式化支持程度,结合谓词逻辑和软件演化,提出了一种软件演化操作语言SEOL(Software Evolution Operational Language)描述软件演化,给出了SEOL的语法和结构化操作语义描述,并指出了软件演化操作语义等价分析方法.结合软件代码演化和软件模型演化实例,说明了SEOL的应用.与已有的软件演化操作描述相比,SEOL在易用性、可重用性和形式化分析方面有明显的改善,为软件演化的管理、分析和实施奠定了基础.     

Bi-inductive Structural Semantics: (Extended Abstract)

We propose a simple order-theoretic generalization of set-theoretic inductive definitions. This generalization covers inductive, co-inductive and bi-inductive definitions and is preserved by abstraction. This allows the structural operational semantics to describe simultaneously the finite/terminating and infinite/diverging behaviors of programs. This is illustrated on the structural bifinitary small/big-step trace/relational/operational semantics of the call-by-value λ-calculus.     

基于结构化操作语义的安全协议分析框架研究

操作语义模型是一种用来分析安全协议的新模型,它以操作语义学为基础,结合了多种协议分析模型的优点,能直接分析多个协议的组合问题.本文在对安全协议操作语义模型进行研究的基础上,构建了一个基于结构化操作语义的安全协议分析框架,给出了该框架中的协议规格,协议运行,威胁模型和安全性质等形式化定义.最后,以经典的Needham Schroeder Lowe 协议为例,用该分析框架分析了其机密性和认证性.     

一种适于硬件实现的快速模乘算法

RSA算法是目前应用最广泛的一种公钥加密算法,随着人们对加密安全性和加密速度要求的提高,硬件实现加密算法成了密码学应用的一个趋势。模乘算法是模幂算法的核心,基于Montgomery算法,结合Booth2算法的思想,文章给出了一种改进的高效算法,并且通过FPGA实现。对该算法和参考文献中算法的性能进行了比较,可以看出这一改进算法在速度和面积上优于现有的算法。     

Formal Foundations of Operational Semantics

In this paper we report on the results of a sophisticated and substantial use of PVS to establish a recent result in operational semantics. The result we establish is a context lemma for operational equivalence for very wide class of programming languages, known as the CIU theorem. The proof uses the annotated holes technique to represent contexts and compute with them. Thus this paper demonstrates that that it is possible to use PVS as a tool in the development of modern operational techniques, and a productive tool at that. The process of formalizing the CIU theorem revealed several gaps in published proof. The proof of the CIU theorem in PVS took approximately six months to develop. The actual machine checked proof involves the proving of around one thousand facts, and takes PVS slightly less than three hours of CPU time running on a Linux machine configured with 2 GBytes of main memory and four 550 MHz Xeon PIII processors.     

Modular robotic tiles: experiments for children with autism

We developed a modular robotic tile and a system composed of a number of these modular robotic tiles. The system composed of the modular robotic tiles engages the user in physical activities, e.g., physiotherapy, sports, fitness, and entertainment. The modular robotic tiles motivate the user to perform physical activities by providing immediate feedback based upon their physical interaction with the system. With the modular robotic tiles, the user is able to make new physical set-ups within less than a minute. The tiles are applicable for different forms of physical activities (e.g., therapeutic rehabilitation), and with the proper radio communication mechanism they may give unique possibilities for documentation of the physical activity (e.g., therapeutic treatment). A major point of concern in modular robotics is the connection mechanism, so we investigated different solutions for the connection between the modules, and outline their pros and cons for utilizing modules with different connection mechanisms as different kinds of playware. This kind of playware is highly motivating because of its immediate feedback and fun, interesting games. This work was presented in part at the 13th International Symposium on Artificial Life and Robotics, Oita, Japan, January 31–February 2, 2008     

一种新的加法型快速大数模乘算法

通过对目前常用的几类模乘方法的综合研究,充分吸取估商型模乘算法的估商思想,借助Montgomery型模乘算法中模2n易计算特性,采用窗口分段处理方式,给出了一种新的利用模N进行预计算的方法,进而提出了一种新的加法型模乘AB mod N快速实现算法。模N为1 024-bit、窗宽为6时,新算法平均仅需693次1 024-bit加法便可完成一次AB mod N模乘运算,与当前加法型模乘算法相比,较大幅度地降低了计算复杂度。     

命令的操作语义在类型系统中的一种表示

类型系统建立在一个小的规则集合基础上，易于实现，可理解性好，且具有计算完全性和足够的表达能力,在类型系统中可以重述推导规则，将其形式化为一些归纳关系，从而直接表示了命令的操作语义,类型理论不仅适合于函数式程序的证明，也是刻画和证明命令式程序的合适的框架。     

函数式逻辑语言的操作语义

函数式语言和逻辑语言在下列意义上是互补的,基于归约的函数式程序设计语言具有确定和懒惰求解等性质.但同时它又缺少诸如存在量化的变量以及部分数据结构等所希望的性质.相反,基于HORN子句逻辑和消解原理的逻辑程序设计语言允许存在量化的变量和部分数据结构但又缺少确定和懒惰求解的性质.从这个角度出发,把函数和逻辑程序设计语言结合成一种范型是很自然的,这种结合提供了一种比逻辑和函数语言表达能力更强的合一语言.提出了函数式逻辑语言的操作语义,同时表明这种操作语义在实践中是可见的.     

Trace-Based Abstract Interpretation of Operational Semantics

We present trace-based abstract interpretation, a unification of severallines of research on applying Cousot-Cousot-style abstract interpretation a.i. tooperational semantics definitions (such as flowchart, big-step, and small-step semantics)that express a programs semantics as a concrete computation tree of trace paths. Aprograms trace-based a.i. is also a computation tree whose nodes contain abstractions ofstate and whose paths simulate the paths in the programs concrete computation tree.Using such computation trees, we provide a simple explanation of the central concept of collecting semantics, and we distinguish concrete from abstract collectingsemantics and state-based from path-based collecting semantics. We also expose therelationship between collecting semantics extraction and results garnered from flow-analytic and model-checking-based analysis techniques. We adapt concepts fromconcurrency theory to formalize safe and live a.i.s for computation trees; in particular, coinduction techniques help extend fundamental results to infinite computation trees.Problems specific to the various operational semantics methodologies are discussed: Big-step semantics cannot express divergence, so we employ a mixture of induction andcoinduction in response; small-step semantics generate sequences of programconfigurations unbounded in size, so we abstractly interpret source language syntax.Applications of trace-based a.i. to data-flow analysis, model checking, closure analysis,and concurrency theory are demonstrated.     

单云服务器下的安全外包模幂运算

模幂运算是加密和签名系统中最基础的运算。由于模幂运算需要耗费很大的计算成本,因此很多方案提出将模幂运算安全外包给云服务器。但是,现存的大多方案都需要两个不共谋的服务器来实现安全的模幂运算,一旦服务器共谋,就会导致外包隐私数据泄露。此外,很多现有方案都假设底数和指数都是保密的,但这并不适合于大多数现实应用场景。通常来说,为了减轻计算负担,只有敏感消息才需要被保密。为了解决上述问题,分别提出了固定底数(底数公开、指数保密)和固定指数(指数公开、底数保密)的安全外包方案。在该方案中客户端只需要使用一个云服务器,从而避免了两个服务器的共谋攻击。理论分析及实验结果证明了该方案的安全性和高效性。     

Planning for Modular and Hybrid Fixtures

Fixturing encompasses the design and assembly of fixtures to locate and hold a workpiece during a manufacturing operation such as machining or assembly. We have implemented an automated design algorithm for a fixturing toolkit called the fixture vise; the fixture vise involves two fixture plates mounted on jaws of a vise and modular fixturing elements (pegs or flatted pegs). Generally, a fixture vise can handle appropriately sized prismatic workpieces in many different ways. The design algorithm runs in O(A) time, where A is the number of configurations achieving simultaneous contact between the modeled object and four fixture elements; since simultaneous contact is a necessary but not sufficient precondition for force closure, A provides an upper bound on the number of force closure fixture configurations. Received June 6, 1994; revised November 17, 1994, February 1, 1995, February 28, 1995, and July 11, 1995.     

Logical Semantics for the Rewriting Calculus

The Rewriting Calculus has been proposed as a language for defining term rewriting strategies. Rules are explicitly represented as terms, and are applied explicitly to other terms to transform them. Sets of rules may be applied to (sets of) terms non-deterministically to obtain sets of results. Strategies are implemented as rules which accept other rules as arguments and apply them in certain ways. This paper describes work in progress to strengthen the Rewriting Calculus by giving it a logical semantics. Such a semantics can provide crucial guidance for studying the language and increasing its expressive power. The latter is demonstrated by adding support to the Rewriting Calculus for what we call higher-form rewriting, where rules rewrite other rules. The logical semantics used is based on ordered linear logic. The paper develops the ideas through several examples.     

一种高性能大数模运算单元及其应用

为了加速公钥密码系统的实现速度,设计支持大教模乘和模加减运算的模运算单元是关键.目前的方法多关注于这两种运算的分别实现,为了改善这种方式导致的硬件单元吞吐量低的问题,提出了一种流水线结构的高性能大数模运算单元.基于改进的Montgomery模乘算法,采用流水线技术,把模乘电路分成3个流水线阶段,并把模加减电路结合到第3阶段,得到一种能同时计算模乘和模加减的模运算单元.仿真结果显示,模运算单元以较少的资源占用率获得了较高的吞吐量,非常适合做高性能的公钥密码系统的基本硬件运算单元.     

Modular supervisory control of discrete-event systems

A modular approach to the supervisory control of a class of discrete-event systems is formulated, and illustrated with an example. Discrete-event systems are modeled by automata together with a mechanism for enabling and disabling a subset of state transitions. The basic problem of interest is to ensure by appropriate supervision that the closed loop behavior of the system lies within a given legal behavior. Assuming this behavior can be decomposed into an intersection of component restrictions, we determine conditions under which it is possible to synthesize the appropriate control in a modular fashion. The work of this author was supported by NSERC (Canada) under Grant No. A-7399. The work of this author was supported by the National Science Foundation through Grant No. ECS-8504584.