Strong Type Checking Research Articles

Type inference and strong static type checking for Promela

The S pin model checker and its specification language Promela have been used extensively in industry and academia to check the logical properties of distributed algorithms and protocols. Model checking with S pin involves reasoning about a system via an abstract Promela specification, thus the technique depends critically on the soundness of this specification. Promela includes a rich set of data types including first-class channels, but the language syntax restricts the declaration of channel types so that it is not generally possible to deduce the complete type of a channel directly from its declaration. We present the design and implementation of E tch, an enhanced type checker for Promela, which uses constraint-based type inference to perform strong type checking of Promela specifications, allowing static detection of errors that S pin would not detect until simulation/verification time, or that S pin may miss completely. We discuss theoretical and practical problems associated with designing a type system and type checker for an existing language, and formalise our approach using a Promela-like calculus. To handle subtyping between base types, we present an extension to a standard unification algorithm to solve a system of equality and subtyping constraints, based on bounded substitutions.

Coping with Java programming stress

Despite Java attributes (memory management, strong type checking, and built-in support for exception handling) that promote reliable, bug-free software, some features contribute to, rather than alleviate, programmer stress because they create obscure places for bugs to hide. The authors have identified seven features that can lead to particularly resistant bugs. Their goal is not to indict Java-they are strong supporters, and their own organizations have adopted Java as their primary programming language. Rather, they want programmers to better understand Java's weaknesses and know how to cope with them. Being aware of these design weaknesses (Java's false sense of protection, constructor confusion, finalizer methods, subclass substitution, container limitations, final parameters, and initialization diffusion), programmers can make sure that Java's design flaws don't make implementation more difficult than it has to be.

The SwitchWare active network architecture

Active networks must balance the flexibility of a programmable network infrastructure against the safety and security requirements inherent in sharing that infrastructure. Furthermore, this balance must be achieved while maintaining the usability of the network. The SwitchWare active network architecture is a novel approach to achieving this balance using three layers: active packets, which contain mobile programs that replace traditional packets; active extensions, which provide services on the network elements and can be dynamically loaded; and a secure active router infrastructure, which forms a high-integrity base on which the security of the other layers depends. In addition to integrity checking and cryptography-based authentication, security in our architecture depends heavily on verification techniques from programming languages, such as strong type checking.

Active bridging

Active networks accelerate network evolution by permitting the network infrastructure to be programmable, on a per-user, per-packet, or other basis. This programmability must be balanced against the safety and security needs inherent in shared resources.This paper describes the design, implementation, and performance of a new type of network element, an Active Bridge. The active bridge can be reprogrammed "on the fly", with loadable modules called switchlets. To demonstrate the use of the active property, we incrementally extend what is initially a programmable buffered repeater with switchlets into a self-learning bridge, and then a bridge supporting spanning tree algorithms. To demonstrate the agility that active networking gives, we show how it is possible to upgrade a network from an "old" protocol to a "new" protocol on-the-fly. Moreover, we are able to take advantage of information unavailable to the implementors of either protocol to validate the new protocol and fall back to the old protocol if an error is detected. This shows that the Active Bridge can protect itself from some algorithmic failures in loadable modules.Our approach to safety and security favors static checking and prevention over dynamic checks when possible. We rely on strong type checking in the Caml language for the loadable module infrastructure, and achieve respectable performance. The prototype implementation on a Pentium-based HP Netserver LS running Linux with 100 Mbps Ethernet LANS achieves ttcp throughput of 16 Mbps between two PCs running Linux, compared with 76 Mbps unbridged. Measured frame rates are in the neighborhood of 1800 frames per second.

A message-passing class library C++ for portable parallel programming

An object-oriented message-passing class library in C++, called PPI++, for portable parallel programming has been developed. PPI++ (parallel portability interface in C++) is designed to serve as a stable (unchanging) interface between the client parallel code and the rapidly evolving distributed computing environments. By taking advantage of encapsulation, inheritance, and polymorphism supported by C++, PPI++ provides a clean and consistent programming interface, which helps improve the clarity and expressiveness of client parallel codes and hides implementation details and complexity from the user to ease parallel programming tasks. In addition, the use of strong type-checking in C++ allows the detection of potential misuses of the library at compile time, and thus promotes code reliability. This paper describes the object-oriented design and implementation of PPI++. Evaluation of PPI++ on important performance issues, such as portability, ease-of-use, extensibility, and efficiency, is also discussed.

Dynamic parsers and evolving grammars

We define "evolving grammars" as successions of static grammars and dynamic parsers as parsers able to follow the evolution of a grammar during the source program parsing. A growing context-free grammar will progressively incorporate production rules specific for the source program under parsing and will evolve following the context created by the source program itself toward a program specific context-free grammar. Dynamic parsers and growing grammars allow a syntactic-only parsing of programs written in powerful and problem adaptable programming languages. Moreover dynamic parsers easily perform purely syntactic strong type checking and operator overloading. The language used to specify grammar evolution and residual semantic actions can be the evolving language itself. The user can introduce new syntactic operators using a bootstrap procedure supported by the previously defined syntax.A dynamic parser ("ZzParser") has been developed by us and has been successfully employed by the APE 100 INFN group to develop a programming language ("ApeseLanguage") and other system software tools for the 100 GigaFlops SIMD parallel machine under development.

Adding an authorization dimension to strong type checking

Adding an authorization dimension to strong type checking

Turing Plus: a comparison with C and Pascal

It is desirable to do systems programming in a high-level language. C is attractive since it yields efficient machine code without placing many restrictions on the programmer. This lack of restrictions and language-supported checking, however, can make C code unreadable and unmaintainable. Pascal is attractive since it provides strong type checking in a relatively elegant package but Pascal compilers don't produce efficient code. Turing Plus offers the advantages of both these languages, including efficient machine code and strong type checking. It also has a number of other features that make it a very attractive alternative. For example, Turing Plus offers controlled access to machine-dependencies, type checked separate compilation, linkage to external routines, language-specified concurrency and exception handling. Portable compilers with replaceable code generators (allowing easy access to cross-compilation) are available and a Turing Plus to C translator is under construction to allow fast portability to all systems supporting C compilers.

A software environment for digital signal-processing simulations

A signal-processing software system is described which allows the simulation of systems described by block diagrams or signal-flow graphs. A high-level data-flow language describes the interconnection of the components. All configurations of interconnections are allowed, including those containing feedback. Component systems (blocks) are allowed to be multi-input, multi-output, and to be programmed in any language. Blocks are implemented as separate processes running under a UNIX2 operating system. Input and output signals are transferred between blocks via the UNIXpipe facility. Thedata type of a signal is arbitrary in the context of the compiler; within a component or system, signals and internal variables can be either floating point or fixed point. The compiler enforces strong or weak type checking of signals according to the characteristics of the blocks generating and receiving the signals. The invariance of the program to implementation data type is accomplished by the use of abstract data types. Fixed-point simulations having differing number of bits per signal and per internal variable in a block are supported. Special display software is used to allow any signal in the system to be displayed on any graphics device.

Experience with a High Order Programming Language on the Development of the Nova Distributed Control System

Interest in the impact of high order languages (HOL) on real time and process control applications development has intensified recently, due in part to the Ada language development effort sponsored by the U.S. Department of Defense. High order languages, such as Ada, incorporate state-of-the-art features in the areas of modularity, data abstraction, separate module compilation, strong type checking of data, multi-tasking, distributed processing and exception handling. The intent of such languages is to improve programmer productivity, software maintainability, and the effective management of software development in large real time systems.This paper explores the impact of an HOL on the development of the distributed computer control system for a large laser fusion facility called Nova. Nova utilizes fifty microcomputers and four VAX-11/780’s in its distributed process control computer system.Praxis, a high level real time computer language, was designed and implemented for Nova to support the control system development activity. Praxis is similar to Ada in its design goals, has many features comparable to those found in Ada, and has had operational compilers for over two years.The purpose of this paper is to assist readers who are beginning to evaluate the importance of HOL’s in small to medium scale process control applications. It includes a summary of the major design objectives and features of these HOL’s which is followed by a description of our experiences with Praxis. The article concludes with our preliminary expectations and concerns for the use of Ada within process control applications, based upon Praxis experience.

An alternative approach to arrays

AbstractThis paper presents a new approach to the treatment of arrays in Pascal and Pascal‐like languages. The proposed mechanisms allow arrays to be used flexibly in assignments and as parameters to procedures while at the same time preserving the benefits of strong type checking. Several examples to illustrate the mechanisms are presented. Their implementation is also described.

Mesa from the perspective of a designer turned user

The Mesa language and run-time environment were designed for the purpose of building systems programs such as compilers, operating systems, graphics software and so on. It is a relatively high-level language with strong type checking and supports the ideas of modular programming and abstract data types. Although the system is compiler-based, one can debug programs interactively in source-language terms. The language has been in rather heavy use since 1976 by a programming community of a few hundreds of professional programmers within the Xerox Corporation, and a large amount of code has been written in it. This talk will give a designer's retrospective view of Mesa from the vantage point of a serious user and will attempt to evaluate its strengths and weaknesses as a vehicle for systems programming.

A data abstraction approach to database modelling

Attempts have been made for some time to reconcile the notions of data base modelling and data abstraction. Considering the overlapping concepts of information hiding and encapsulation from the data abstraction world, and data independence from the database world, it should not be necessary to design yet another programming language as others have done, specialized to a particular data model. Instead, the starting point for our work has been the proposition that an extant general purpose language providing data abstractions should be able to accommodate the popular data models by serving both as a data definition and manipulation language. The criticism has been made that while abstract data types hide the representation details, they also suppress the semantic structure of the data. While this may be true for “programming in the small” [2], it is not the case for “programming in the large” [2]. We will briefly indicate how a CLU-like language [4] (hereafter called XPLS) with minor extensions, plus its supporting module interconnection language (hereafter called the External Structure) can be used as a data-base definition and manipulation language. XPLS has been designed as a front end to PL/I and is supported by a preprocessor to the PL/I compiler. It turns out that XPLS plus External Structure supports and meshes more smoothly with a semantic data model (for example: [1], [3],[5], [6]) than with the older data models. Our work differs from a number of recent specialized languages which exploit data abstractions and strong type checking but which are based on the relation as a primitive data type. Our approach is not based on any particular data model.

A data abstraction approach to database modelling

Attempts have been made for some time to reconcile the notions of data base modelling and data abstraction. Considering the overlapping concepts of information hiding and encapsulation from the data abstraction world, and data independence from the database world, it should not be necessary to design yet another programming language as others have done, specialized to a particular data model. Instead, the starting point for our work has been the proposition that an extant general purpose language providing data abstractions should be able to accommodate the popular data models by serving both as a data definition and manipulation language. The criticism has been made that while abstract data types hide the representation details, they also suppress the semantic structure of the data. While this may be true for “programming in the small” [2], it is not the case for “programming in the large” [2]. We will briefly indicate how a CLU-like language [4] (hereafter called XPLS) with minor extensions, plus its supporting module interconnection language (hereafter called the External Structure) can be used as a data-base definition and manipulation language. XPLS has been designed as a front end to PL/I and is supported by a preprocessor to the PL/I compiler. It turns out that XPLS plus External Structure supports and meshes more smoothly with a semantic data model (for example: [1], [3],[5], [6]) than with the older data models. Our work differs from a number of recent specialized languages which exploit data abstractions and strong type checking but which are based on the relation as a primitive data type. Our approach is not based on any particular data model.

A data abstraction approach to database modelling

Attempts have been made for some time to reconcile the notions of data base modelling and data abstraction. Considering the overlapping concepts of information hiding and encapsulation from the data abstraction world, and data independence from the database world, it should not be necessary to design yet another programming language as others have done, specialized to a particular data model. Instead, the starting point for our work has been the proposition that an extant general purpose language providing data abstractions should be able to accommodate the popular data models by serving both as a data definition and manipulation language. The criticism has been made that while abstract data types hide the representation details, they also suppress the semantic structure of the data. While this may be true for “programming in the small” [2], it is not the case for “programming in the large” [2]. We will briefly indicate how a CLU-like language [4] (hereafter called XPLS) with minor extensions, plus its supporting module interconnection language (hereafter called the External Structure) can be used as a data-base definition and manipulation language. XPLS has been designed as a front end to PL/I and is supported by a preprocessor to the PL/I compiler. It turns out that XPLS plus External Structure supports and meshes more smoothly with a semantic data model (for example: [1], [3],[5], [6]) than with the older data models. Our work differs from a number of recent specialized languages which exploit data abstractions and strong type checking but which are based on the relation as a primitive data type. Our approach is not based on any particular data model.