Letterio Galletta

Types for coordinating secure behavioural variations

Context-Oriented programming languages provide us with primitive constructs to adapt program behaviour depending on the evolution of their operational environment. We are interested here in software components, the behaviour of which depend on the following: their actual operating context; the security policies that control accesses to their resources and the potential interactions with the external environment. For that, we extend a core functional language with mechanisms to program behavioural variations, to manipulate resources and to enforce security policies over both variations and resource usages. Additionally, there are message passing primitives to interact with the environment, also subject to a simple policy. Changes of the operational context are triggered both by the program and by the exchanged messages. Besides a definition of the dynamic semantics, we introduce a static analysis for guaranteeing programs to safely operate in any admissible context, and to correctly interact with the environment they comply with.

Where Do Your IoT Ingredients Come From

The Internet of Things (IoT) is here: smart objects are pervading our everyday life. Smart devices automatically collect and exchange data of various kinds, directly gathered from sensors or generated by aggregations. Suitable coordination primitives and analysis mechanisms are in order to design and reason about IoT systems, and to intercept the implied technology shifts. We address these issues by defining IoT-LySa, a process calculus endowed with a static analysis that tracks the provenance and the route of IoT data, and detects how they affect the behaviour of smart objects.

A Two-Component Language for Adaptation: Design, Semantics and Program Analysis

Adaptive systems are designed to modify their behaviour in response to changes of their operational environment. We propose a two-component language for adaptive programming, within the Context-Oriented Programming paradigm. It has a declarative constituent for programming the context and a functional one for computing. We equip our language with a dynamic formal semantics. Since wrong adaptation could severely compromise the correct behaviour of applications and violate their properties, we also introduce a two-phase verification mechanism. It is based on a type and effect system that type-checks programs and computes, as an effect, a sound approximation of their behaviour. The effect is exploited at load time to mechanically verify that programs correctly adapt themselves to all possible running environments.

A Two-Component Language for COP

Adaptive applications are designed and programmed to dynamically adjust their behaviour to respond to changes of their execution environment. This paper introduces MLCoDa, a new COP language, made of two components: a declarative one for the context and a functional constituent for computing. Here we concentrate on the rational behind the design of MLCoDa and on its dynamic semantics. We also sketch a verification mechanism based on static analysis to prevent wrong adaptations which could compromise the correct behaviour of applications.

Linguistic Mechanisms for Context-Aware Security

Adaptive systems improve their efficiency, by modifying their behaviour to respond to changes in their operational environment. Also, security must adapt to these changes and policy enforcement becomes dependent on the dynamic contexts. We extend (the core of) an adaptive functional language with primitives to enforce security policies on the code execution, and we exploit a static analysis to instrument programs. The introduced checks guarantee that no violation of the required security policies occurs.

A Step Towards Checking Security in IoT

The Internet of Things (IoT) is smartifying our everyday life. Our starting point is IoT-LySa, a calculus for describing IoT systems, and its static analysis, which will be presented at Coordination 2016. We extend the mentioned proposal in order to begin an investigation about security issues, in particular for the static verification of secrecy and some other security properties.

Context-aware security: Linguistic mechanisms and static analysis

Adaptive systems improve their efficiency by modifying their behaviour to respond to changes in their operational environment. Also, security must adapt to these changes and policy enforcement becomes dependent on the dynamic contexts. We study these issues within MLCoDa, (the core of) an adaptive declarative language proposed recently. A main characteristic of MLCoDa is to have two components: a logical one for handling the context and a functional one for computing. We extend this language with security policies that are expressed in logical terms. They are of two different kinds: context and application policies. The first, unknown ap riorito an application, protect the context from unwanted changes. The others protect the applications from malicious actions of the context, can be nested and can be activated and deactivated according to their scope. An execution step can only occur if all the policies in force hold, under the control of an execution monitor. Beneficial to this is a type and effect system, which safely approximates the behaviour of an application, and a further static analysis, based on the computed effect. The last analysis can only be carried on at load time, when the execution context is known, and it enables us to efficiently enforce the security policies on the code execution, by instrumenting applications. The monitor is thus implemented within MLCoDa, and it is only activated on those policies that may be infringed, and switched off otherwise.

A Context-Oriented Extension of F#

Context-Oriented programming languages provide us with primitive constructs to adapt program behaviour depending on the evolution of their operational environment, namely the context. In previous work we proposed ML_CoDa, a context-oriented language with two-components: a declarative constituent for programming the context and a functional one for computing. This paper describes the implementation of ML_CoDa as an extension of F#.

Formalising security in ubiquitous and cloud scenarios

We survey some critical issues arising in the ubiquitous computing paradigm, in particular the interplay between context-awareness and security. We then overview a language-based approach that addresses these problems from the point of view of Formal Methods. More precisely, we briefly describe a core functional language extended with mechanisms to express adaptation to context changes, to manipulate resources and to enforce security policies. In addition, we shall outline a static analysis for guaranteeing programs to securely behave in the digital environment they are part of.

Event-driven adaptation in COP

PLACES 2016 (full title: Programming Language Approaches to Concurrency- and Communication-Centric Software) is the ninth edition of the PLACES workshop series. After the first PLACES, which was affiliated to DisCoTec in 2008, the workshop has been part of ETAPS every year since 2009 and is now an established part of the ETAPS satellite events. PLACES 2016 was held on 8th April in Eindhoven, The Netherlands. The workshop series was started in order to promote the application of novel programming language ideas to the increasingly important problem of developing software for systems in which concurrency and communication are intrinsic aspects. This includes software for both multi-core systems and large-scale distributed and/or service-oriented systems. The scope of PLACES includes new programming language features, whole new programming language designs, new type systems, new semantic approaches, new program analysis techniques, and new implementation mechanisms. This volume consists of the papers accepted for presentation at the workshop.