Skip to main content
SpringerLink
Log in

Whither Specifications as Programs

  • Conference paper
  • First Online:
Unifying Theories of Programming (UTP 2019)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 11885))

Included in the following conference series:

Abstract

Unifying theories distil common features of programming languages and design methods by means of algebraic operators and their laws. Several practical concerns—e.g., improvement of a program, conformance of code with design, correctness with respect to specified requirements—are subsumed by the beautiful notion that programs and designs are special forms of specification and their relationships are instances of logical implication between specifications. Mathematical development of this idea has been fruitful but limited to an impoverished notion of specification: trace properties. Some mathematically precise properties of programs, dubbed hyperproperties, refer to traces collectively. For example, confidentiality involves knowledge of possible traces. This article reports on both obvious and surprising results about lifting algebras of programming to hyperproperties, especially in connection with loops, and suggests directions for further research. The technical results are: a compositional semantics, at the hyper level, of imperative programs with loops, and proof that this semantics coincides with the direct image of a standard semantics, for subset closed hyperproperties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    This paper was written with the UTP [19] community in mind, but our use of the term “design” is informal and does not refer to the technical notion in UTP.

  2. 2.

    Fusion rules, also called fixpoint transfer, can be found in many sources, e.g., [1, 4]. We need the form in Theorem 3 of [12], for Kleene approximation of fixpoints.

  3. 3.

    It is well known that loops are expressible in terms of recursion: \(\mathsf {while}\ {b}\ \mathsf {do}\ {c}\) can be expressed as and this is the form we use in semantics. A well known law is which factors out the termination condition.

  4. 4.

    In [10], other reasons are given for using \(\{\emptyset \}\) rather than \(\emptyset \) as the false hyperproperty.

  5. 5.

    Assaf et al. use fixpoint fusion in the inequational form mentioned following (2), to prove soundness of the derived abstract semantics. Their inequational result corresponding to our Theorem is proved, in the loop case, using explicit induction on approximation chains. See the proof of Theorem 1 in [3].

  6. 6.

    Displayed formula following Theorem 1 of [3].

References

  1. Aarts, C., et al.: Fixed-point calculus. Inf. Process. Lett. 53(3), 131–136 (1995)

    Article  MathSciNet  Google Scholar 

  2. Assaf, M., Naumann, D.A.: Calculational design of information flow monitors. In: Computer Security Foundations (2016)

    Google Scholar 

  3. Assaf, M., Naumann, D.A., Signoles, J., Totel, É., Tronel, F.: Hypercollecting semantics and its application to static analysis of information flow. In: POPL (2017)

    Google Scholar 

  4. Back, R.J., von Wright, J.: Refinement Calculus: A Systematic Introduction. Springer, New York (1998). https://doi.org/10.1007/978-1-4612-1674-2

    Book  MATH  Google Scholar 

  5. Balliu, M., Dam, M., Guernic, G.L.: Epistemic temporal logic for information flow security. In: Programming Languages and Analysis for Security (2011)

    Google Scholar 

  6. Banks, M.J., Jacob, J.L.: Unifying theories of confidentiality. In: Qin, S. (ed.) UTP 2010. LNCS, vol. 6445, pp. 120–136. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16690-7_5

    Chapter  MATH  Google Scholar 

  7. Banks, M.J., Jacob, J.L.: On integrating confidentiality and functionality in a formal method. Formal Aspects Comput. 26(5), 963–992 (2014)

    Article  MathSciNet  Google Scholar 

  8. Bird, R., de Moor, O.: Algebra of Programming. Prentice-Hall, Upper Saddle River (1996)

    Book  Google Scholar 

  9. Clarkson, M.R., Finkbeiner, B., Koleini, M., Micinski, K.K., Rabe, M.N., Sánchez, C.: Temporal logics for hyperproperties. In: Abadi, M., Kremer, S. (eds.) POST 2014. LNCS, vol. 8414, pp. 265–284. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54792-8_15

    Chapter  Google Scholar 

  10. Clarkson, M.R., Schneider, F.B.: Hyperproperties. J. Comput. Secur. 18(6), 1157–1210 (2010)

    Article  Google Scholar 

  11. Cousot, P.: The calculational design of a generic abstract interpreter. In: Broy, M., SteinbrĂĽggen, R. (eds.) Calculational System Design. NATO ASI Series F, vol. 173. IOS Press, Amsterdam (1999)

    MATH  Google Scholar 

  12. Cousot, P.: Constructive design of a hierarchy of semantics of a transition system by abstract interpretation. Theor. Comput. Sci. 277(1–2), 47–103 (2002)

    Article  MathSciNet  Google Scholar 

  13. Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: POPL (1979)

    Google Scholar 

  14. Gardiner, P.H., Martin, C.E., de Moor, O.: An algebraic construction of predicate transformers. Sci. Comput. Program. 22, 21–44 (1994)

    Article  MathSciNet  Google Scholar 

  15. Gotliboym, M., Naumann, D.A.: Some observations on hypercollecting semantics and subset closed hyperproperties. https://www.cs.stevens.edu/~naumann/pub/noteSSC.pdf

  16. Halpern, J.Y., Fagin, R., Moses, Y., Vardi, M.Y.: Reasoning About Knowledge. MIT Press, Cambridge (1995)

    MATH  Google Scholar 

  17. He, J., Hoare, C.A.R., Sanders, J.W.: Data refinement refined resume. In: Robinet, B., Wilhelm, R. (eds.) ESOP 1986. LNCS, vol. 213, pp. 187–196. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-16442-1_14

    Chapter  Google Scholar 

  18. Hoare, C.A.R., Lauer, P.E.: Consistent and complementary formal theories of the semantics of programming languages. Acta Inf. 3, 135–153 (1974)

    MathSciNet  MATH  Google Scholar 

  19. Hoare, C., He, J.: Unifying Theories of Programming. Prentice-Hall, Upper Saddle River (1998)

    MATH  Google Scholar 

  20. Hoare, T., Möller, B., Struth, G., Wehrman, I.: Concurrent Kleene algebra and its foundations. J. Log. Algebr. Program. 80(6), 266–296 (2011)

    Article  MathSciNet  Google Scholar 

  21. Jacob, J.: Security specifications. In: IEEE Symposium on Security and Privacy (1988)

    Google Scholar 

  22. Joshi, R., Leino, K.R.M.: A semantic approach to secure information flow. Sci. Comput. Program. 37(1–3), 113–138 (2000)

    Article  MathSciNet  Google Scholar 

  23. Kozen, D.: On Hoare logic and Kleene algebra with tests. ACM Trans. Comput. Log. 1(1), 60–76 (2000)

    Article  MathSciNet  Google Scholar 

  24. Mantel, H.: On the composition of secure systems. In: IEEE Symposium on Security and Privacy (2002)

    Google Scholar 

  25. Martin, C.E., Curtis, S.A., Rewitzky, I.: Modelling angelic and demonic nondeterminism with multirelations. Sci. Comput. Program. 65(2), 140–158 (2007)

    Article  MathSciNet  Google Scholar 

  26. Mastroeni, I., Pasqua, M.: Hyperhierarchy of semantics - a formal framework for hyperproperties verification. In: Ranzato, F. (ed.) SAS 2017. LNCS, vol. 10422, pp. 232–252. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66706-5_12

    Chapter  Google Scholar 

  27. Mastroeni, I., Pasqua, M.: Verifying bounded subset-closed hyperproperties. In: Podelski, A. (ed.) SAS 2018. LNCS, vol. 11002, pp. 263–283. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99725-4_17

    Chapter  Google Scholar 

  28. Morgan, C.: Programming from Specifications, 2nd edn. Prentice Hall, Upper Saddle River (1994)

    MATH  Google Scholar 

  29. Morgan, C.: The shadow knows: refinement and security in sequential programs. Sci. Comput. Program. 74(8), 629–653 (2009)

    Article  MathSciNet  Google Scholar 

  30. Morgan, C., Gardiner, P.: Data refinement by calculation. Acta Inf. 27, 481–503 (1990)

    Article  MathSciNet  Google Scholar 

  31. Morris, J.M., Bunkenburg, A., Tyrrell, M.: Term transformers: a new approach to state. ACM Trans. Program. Lang. Syst. 31(4), 16 (2009)

    Article  Google Scholar 

  32. Naumann, D.A.: Data refinement, call by value, and higher order programs. Formal Aspects Comput. 7, 652–662 (1995)

    Article  Google Scholar 

  33. Naumann, D.A.: A categorical model for higher order imperative programming. Math. Struct. Comput. Sci. 8(4), 351–399 (1998)

    Article  MathSciNet  Google Scholar 

  34. Naumann, D.A.: Towards patterns for heaps and imperative lambdas. J. Log. Algebraic Methods Program. 85(5), 1038–1056 (2016)

    Article  MathSciNet  Google Scholar 

  35. Roscoe, A.W., Woodcock, J.C.P., Wulf, L.: Non-interference through determinism. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875, pp. 31–53. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-58618-0_55

    Chapter  Google Scholar 

  36. Sabelfeld, A., Sands, D.: Dimensions and principles of declassification. J. Comput. Secur. 17, 517–548 (2007)

    Article  Google Scholar 

  37. Sampaio, A.: An Algebraic Approach to Compiler Design. AMAST Series in Computing, vol. 4. World Scientific, Singapore (1997)

    Book  Google Scholar 

  38. Struth, G.: On the expressive power of Kleene algebra with domain. Inf. Process. Lett. 116(4), 284–288 (2016)

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgements

Anonymous reviewers offered helpful suggestions and pointed out errors, omissions, and infelicities in an earlier version.

The authors were partially supported by NSF award 1718713.

Author information

Authors and Affiliations

  1. Stevens Institute of Technology, Hoboken, USA

    David A. Naumann & Minh Ngo

Authors
  1. David A. Naumann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Minh Ngo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to David A. Naumann .

Editor information

Editors and Affiliations

  1. University of York, York, UK

    Pedro Ribeiro

  2. Universidade Federal de Pernambuco, Recife, Brazil

    Augusto Sampaio

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Naumann, D.A., Ngo, M. (2019). Whither Specifications as Programs. In: Ribeiro, P., Sampaio, A. (eds) Unifying Theories of Programming. UTP 2019. Lecture Notes in Computer Science(), vol 11885. Springer, Cham. https://doi.org/10.1007/978-3-030-31038-7_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-31038-7_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-31037-0

  • Online ISBN: 978-3-030-31038-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation