The Kell Calculus A Family of Higher-Order Distributed Process - - PowerPoint PPT Presentation

The Kell Calculus A Family of Higher-Order Distributed Process Calculi

MYTHS/MIKADO/DART Meeting Alan Schmitt Jean-Bernard Stefani

MYTHS/MIKADO/DART Meeting, June 15th 2004, 2

Introduction

◮ Calculus motivated by work in the Sardes project ◮ Goal: to model and simulate component-based programs and

their environment

◮ Why the environment? ⊲ to model resource access and monitoring ⊲ to model different modes of failure

MYTHS/MIKADO/DART Meeting, June 15th 2004, 3

Outline

◮ Design Choices for a Component Modelling Calculus ◮ The Calculus and some Examples ◮ Equivalences

MYTHS/MIKADO/DART Meeting, June 15th 2004, 4

A component

• ✁

MYTHS/MIKADO/DART Meeting, June 15th 2004, 5

What we want to model

Fractal (http://fractal.objectweb.org)

◮ Hierarchical components ◮ Dynamic component deployment and failure ◮ Dynamic interface binding between components ◮ Messaging through bound interfaces ◮ Control capabilities

MYTHS/MIKADO/DART Meeting, June 15th 2004, 6

Why we want to model

◮ Play the role of a precise and formal semantics ⊲ Abstract machines ⊲ Implementations ◮ Build some verification tools

Static Type systems, static analyses

⊲ Component binding ⊲ Checking dependencies ⊲ Equivalent components

Dynamic Correct code instrumentation for

⊲ security properties ⊲ fault detection ⊲ causality and resource monitoring

MYTHS/MIKADO/DART Meeting, June 15th 2004, 7

Design Principles

◮ π-calculus core ⊲ Parameterized on the input patterns ◮ Hiearchical localities (Kells) ⊲ Encapsulation ◮ Local actions ⊲ Tradeoff between implementation and of usability ⊲ Atomicity decisions left to programmer ⊲ Dynamic binding ◮ Higher-order communication and locality passivation ⊲ To model deployment, migration, and different failure modes ◮ Programmable membranes ⊲ To model control features and network failure

MYTHS/MIKADO/DART Meeting, June 15th 2004, 8

Related work

◮ First order π-calculus with localities and migration primitives

(D-Join, Dπ, Nomadic Pict, Seal, . . . )

◮ Mobile Ambients and variants ◮ Distributed higher-order calculi ⊲ Facile, CHOCS, higher-order Dπ, Klaim, M-calculus

Kell-calculus: simplification of the M-calculus:

◮ No routing rules built in ◮ Simpler localities

MYTHS/MIKADO/DART Meeting, June 15th 2004, 9

Outline

◮ Design Choices for Component Modelling Calculus ◮ The Calculus and some Examples ◮ Equivalences

MYTHS/MIKADO/DART Meeting, June 15th 2004, 10

Syntax

P, Q ::= 0 | P | Q | νa.P | x | | ◮ π calculus core

MYTHS/MIKADO/DART Meeting, June 15th 2004, 11

Syntax

P, Q ::= 0 | P | Q | νa.P | x | aP.Q | a [P] .Q | ◮ π calculus core ◮ Higher-order output

MYTHS/MIKADO/DART Meeting, June 15th 2004, 12

Syntax

P, Q ::= 0 | P | Q | νa.P | x | aP.Q | a [P] .Q | (ξ ⊲ P) ◮ π calculus core ◮ Higher-order output ◮ Input parameterized by patterns ξ

MYTHS/MIKADO/DART Meeting, June 15th 2004, 13

Syntax

P, Q ::= 0 | P | Q | νa.P | x | aP.Q | a [P] .Q | (ξ ⊲ P) ◮ π calculus core ◮ Higher-order output ◮ Input parameterized by patterns ξ ◮ Simplest patterns (jK): ξ ::= ξk | M | M | ξk M ::= ξm | ξ↓ | ξ↑ | M | M ξk ::= a [x] ξm ::= ax ξ↓ ::= ax↓ ξ↑ ::= ax↑

MYTHS/MIKADO/DART Meeting, June 15th 2004, 14

Reduction Examples

aQ.T | (ax ⊲ P) − → T | P{Q/x} aQ.T | b

• (ax↑ ⊲ P)
• .S −

→ T | b [P{Q/x}] .S b [aQ.T | R] .S | (ax↓ ⊲ P) − → b [T | R] .S | P{Q/x} a [Q] .T | (ax ⊲ P) − → T | P{Q/x}

MYTHS/MIKADO/DART Meeting, June 15th 2004, 15

Join patterns

a     (dx↓ | uy↑ | b [z] ⊲ x | y | z) c [dPd.Qd] .Qc b [Pb] .Qb     .Qa

• uPu.Qu −

→ a     Pd | Pu | Pb c [Qd] .Qc Qb     .Qa

• Qu

MYTHS/MIKADO/DART Meeting, June 15th 2004, 16

Join patterns

a     (dx↓ | uy↑ | b [z] ⊲ x | y | z) c [dPd.Qd] .Qc b [Pb] .Qb     .Qa

• uPu.Qu −

→ a     Pd | Pu | Pb c [Qd] .Qc Qb     .Qa

• Qu

MYTHS/MIKADO/DART Meeting, June 15th 2004, 17

Encoding recursion

(ξ P)

∆

= νt.(ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx)

Assume that t and x are fresh in ξ, P, Q, and P ′, and that

(ξ ⊲ P) | Q − → P ′ (ξ P) | Q

∆

= νt.(ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx) | Q

MYTHS/MIKADO/DART Meeting, June 15th 2004, 18

Encoding recursion

(ξ P)

∆

= νt.(ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx)

Assume that t and x are fresh in ξ, P, Q, and P ′, and that

(ξ ⊲ P) | Q − → P ′ (ξ P) | Q

∆

= νt.(ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx) | Q

MYTHS/MIKADO/DART Meeting, June 15th 2004, 19

Encoding recursion

(ξ P)

∆

= νt.(ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx)

Assume that t and x are fresh in ξ, P, Q, and P ′, and that

(ξ ⊲ P) | Q − → P ′ (ξ P) | Q

∆

= νt.(ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx) | Q − → νt.P ′ | (ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx)

MYTHS/MIKADO/DART Meeting, June 15th 2004, 20

Encoding recursion

(ξ P)

∆

= νt.(ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx)

Assume that t and x are fresh in ξ, P, Q, and P ′, and that

(ξ ⊲ P) | Q − → P ′ (ξ P) | Q

∆

= νt.(ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx) | Q − → νt.P ′ | (ξ | tx ⊲ P | x | tx) | t(ξ | tx ⊲ P | x | tx)

∆

= (ξ P) | P ′

MYTHS/MIKADO/DART Meeting, June 15th 2004, 21

Using passivation

◮ A kell a [P] is both an evaluation context and a resource ◮ One may ⊲ freeze a kell in a message: (a [x] ⊲ ax) ⊲ destroy a kell: (a [x] ⊲ 0) ⊲ copy and rename a kell: (a [x] ⊲ a [x] | b [x]) ⊲ insert new content into a kell: (a [x] ⊲ a [x | b [P]])

MYTHS/MIKADO/DART Meeting, June 15th 2004, 22

Matching and Parametric Patterns

◮ Generic matching ⊲ Outer shape of patterns fixed (Local Action) ⊲ Join patterns built in match(ξ | ξ′, M | M ′) = match(ξ, M) ⊕ match(ξ′, M ′) match(ξm, aP) = matchm(ξm, aP) match(ξ↓, aP↓b) = match↓(ξ↓, aP↓b) match(ξ↑, aP↑b) = match↑(ξ↑, aP↑b) match(ξk, a [P]) = matchk(ξk, a [P]) ◮ Instantiation with jK patterns matchm(ax, aP)

∆

= {P/

x}

match↓(ax,↓ aP↓b)

∆

= {P/

x}

match↑(ax,↑ aP↑b)

∆

= {P/

x}

matchk(a [x] , a [P])

∆

= {P/

x}

MYTHS/MIKADO/DART Meeting, June 15th 2004, 23

Outline

◮ Design Choices for Component Modelling Calculus ◮ The Calculus and some Examples ◮ Equivalences

MYTHS/MIKADO/DART Meeting, June 15th 2004, 24

Context Bisimulation: a Tutorial

In the setting of the Higher-order π-calculus:

◮ An input evolves to an abstraction: a(X).P

a

− → (X).P = F ◮ An output evolves to a concretion: aP1P2

a

− → P1P2 = C ◮ They communicate: a(X).P | aP1P2

τ

− → F@C = P{P1/

X} | P2

MYTHS/MIKADO/DART Meeting, June 15th 2004, 25

Context Bisimulation: a Tutorial

In the setting of the Higher-order π-calculus:

◮ An input evolves to an abstraction: a(X).P

a

− → (X).P = F ◮ An output evolves to a concretion: aP1P2

a

− → P1P2 = C ◮ They communicate: a(X).P | aP1P2

τ

− → F@C = P{P1/

X} | P2

The relation R is a (early) context simulation iff P R Q implies

◮ For all P

τ

− → P ′, there exists Q′ such that Q

τ

− → Q′ and P ′ R Q′; ◮ For all P

a

− → F and for all C, there exists G such that Q

a

− → G and F@C R G@C; ◮ For all P

a

− → C and for all F, there exists D such that Q

a

− → D and F@C R F@D.

MYTHS/MIKADO/DART Meeting, June 15th 2004, 26

Context Bisimulation for the Kell-calculus

Approach similar to the Higher-order π calculus Abstractions We need to remember the whole pattern

◮ join patterns ◮ message source (local, up, down) or nature (message, kell) ◮ (ξ ⊲ P)

α

− → (ξ)P

Concretions We need to make sure that every case of message source is covered (see next slide)

◮ aP.Q

a

− → aP Q

Congruence properties are harder to prove, as some processes in concretions are also in evaluation context

MYTHS/MIKADO/DART Meeting, June 15th 2004, 27

What labels?

◮ Complex labels and concretions, but simple bisimulations

a

− → aP Q = C1 and F@C1 aP.Q

a↓b

− → aP↓b Q = C2 and F@C2

a↑b

− → aP↑b Q = C3 and F@C3 ◮ Simple labels and concretions, but complex bisimulations

and F@C

aP.Q

a

− → aP Q = C and F@b [C]

and b [F] @C

◮ Our current choice: very simple labels (sets of names)

MYTHS/MIKADO/DART Meeting, June 15th 2004, 28

Observables

Like labels, observables ↓a are very simple:

P ↓a

iff

P ≡ ν c.a [Pa] .Qa | Q

with a ∈

c

• r P ≡ ν

c.aPa.Qa | Q

with a ∈

c

• r P ≡ ν

c.b [aPa.Qa | Pb] .Qb | Q

with a ∈

c P ↓ξ.sk

iff

P ≡ ν c.(ξ ⊲ Q) | R

with ξ.sk ∩

c = ∅

• r P ≡ ν

c.b [(ξ ⊲ Q) | Pb] .Qb | R

with ξ.sk ∩

c = ∅ ξ.sk is the multiset on names used for input. For instance: aP.sk = aP↓.sk = aP↑.sk = a [P] .sk = a (M | M ′).sk = M.sk | M ′.sk

MYTHS/MIKADO/DART Meeting, June 15th 2004, 29

Theorems

◮ Strong context bisimilarity ∼c is based on the LTS

α

− → ◮ Strong barbed bisimilarity ∼b is based on the reduction − → and

a definition for observables We have:

◮ For all P and Q, P

τ

− → ≡ Q iff P − → Q. ◮ Under some conditions for the pattern languages (matching

may not distinguish bisimilar messages), ∼c is a congruence.

◮ If the pattern language also contains the jK simple patterns,

the largest congruence included in ∼b coincides with ∼c. Technical details in LNCS volume on Global Computing 2004

MYTHS/MIKADO/DART Meeting, June 15th 2004, 30

Current and Future work

◮ Equivalences ⊲ Tractable Bisimulations (no universal quantification on

concretions and abstractions)

⊲ Weak approach ◮ Type systems ⊲ Inspired by the M-calculus and Dπ type systems ◮ Testing the calculus expressivity ⊲ Complete modelisation of Fractal ⊲ Application to Dream (http://dream.objectweb.org) ◮ Locality sharing ⊲ In Fractal, a component may have more than one parent ⊲ Very useful feature to represent shared resources ⊲ Joint work with ENS Lyon

MYTHS/MIKADO/DART Meeting, June 15th 2004, 31

Bonus slide: Complex patterns

ξ ::= J | ξk | J | ξk J ::= ξm | ξ↓ | ξ↑ | J | J ξm ::= aρ ξ↑ ::= aρ↑ ξ↓ ::= aρ↓ ξk ::= a [x] ρ ::= aρ | ρ | ρ ρ ::= x | ρ | (a)ρ | aρ | ((m) = a)ρ |