Robin Sharp

The T-Ruby design system

This paper describes the T-Ruby system for designing VLSI circuits, starting from formal specifications in which they are described in terms of relational abstractions of their behaviour. The design process involves correctness-preserving transformations based on proved equivalences between relations, together with the addition of constraints. A class of implementable relations is defined. The tool enables such relations to be simulated or translated into a circuit description in VHDL. The design process is illustrated by the derivation of a circuit for 2-dimensional convolution.

A timed semantics for SDL

An alternative formal semantics for describing the temporal aspects for the ITU-T specification language SDL is proposed, based on the interval logic Duration Calculus (DC). It is shown how DC can be used to give an SDL semantics with a precise treatment of temporal phenomena. The semantics allows true concurrency. We show how it can be used to address issues such as the verification of temporal properties, process scheduling, and the nature of viewed (shared) variables.

Transformational Rewriting with Ruby

Abstract This paper describes a tool for use in user-directed synthesis of circuits specified using the relational VLSI description language Ruby. The synthesis method is based on transformational rewriting of Ruby terms in accordance with previously defined term equivalences. The tool permits the introduction of constraints into the specification, thus enhancing the usefulness of the rewrite system in relation to simple rewriting.

Using interval logics for temporal analysis of security protocols

This paper presents an approach to the analysis of real-time properties of security protocols, based on the use of Interval Logic with durations to express and reason about temporal phenomena. We focus on the analysis of availability, where time is known to play a significant role, illustrate how relevant timing requirements can be formulated and show how Interval Logic can be used to prove that a system can fulfil these requirements in the presence of attackers of a given strength. We link this logic-based approach to more operational approaches.

Using a language of functions and relations for VLSI specification

This paper describes the T-Ruby language for specifying VLSI circuits in terms of relational abstractions of their behaviour. The language is based on a typed lambda calculus with a type system closely related to that of Edinburgh LF. Terms in the language may have simple, non-parameterised types or types which are constructed from other types, possibly together with terms. The dependent types which can be constructed in this way are useful for describing parameterised regular structures which commonly appear in VLSI circuits. The language forms the basis for a tool which permits term rewriting in a user-directed transformational style according to a set of proved term equivalences. Terms which describe causal relations may then be translated into a VLSI specification in a standard VLSI description language. The rewriting process is illustrated by the derivation of a relation describing a circuit for 2-dimensional convolution.

Timed Traces and Strand Spaces

This paper presents an approach to the analysis of real-time properties of security protocols, based on the Strand Space formalism for describing the behaviour of the participants in the protocol. The approach is compared with a trace-based analysis introduced by Pilegaard et al. [14]. Interval Logic with durations is used to express and reason about temporal phenomena. Strand Spaces were chosen as the starting point for our approach, since the causalities between important events in protocols are revealed in an illustrative manner by this formalism. The advantage of the trace-based approach is that it supports inductive reasoning in connection with the analysis of untimed properties. Interval Logic is chosen as the real-time formalism, as timing requirements and timing properties of security protocols are often expressible as interval properties. As an example, the Kerberos authentication protocol, which is based on concepts like timestamps and lifetimes, and which requires freshness of certain messages, is analysed.

Designing a secure point-of-sale system

This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology when designing secure systems. As an example, the design process for a point-of-sale (POS) system is described

Quantitative Analysis of Probabilistic BPMN Workflows

We present a framework for modelling and analysis of real-world business workflows. We present a formalised core subset of the Business Process Modelling and Notation (BPMN) and then proceed to extend this language with probabilistic non-deterministic branching and general-purpose reward annotations. We present an algorithm for the translation of such models into Markov Decision processes expressed in the syntax of the PRISM model checker. This enables analysis of business processes for the following properties: transient and steady-state probabilities, the timing, occurrence and ordering of events, reward-based properties and best- and worst- case scenarios. We develop a simple example of medical workflow and demonstrate the utility of this analysis in accurate provisioning of drug stocks. Finally, we suggest a path to building upon these techniques to cover the entire BPMN language, allow for more complex annotations and ultimately to automatically synthesise workflows by composing predefined sub-processes, in order to achieve a configuration that is optimal for parameters of interest.Copyright

Rewriting with Constraints in T-Ruby

This paper describes a tool for use in user-directed synthesis of circuits specified using the relational VLSI description language Ruby. The synthesis method is based on syntactic rewriting of Ruby terms, combined with the introduction of constraints into the specification. The rewriting process is described in a meta-language based on the use of tactics and tacticals, which makes it possible to develop complex specialised strategies for the refinement of specifications.

Analysis of channel access schemes for high-speed LANs

A series of simulation studies into channel access protocols suitable for use in local area networks operating in baseband mode at bit rates of 100 Mbit/s or more is presented, and the usefulness of these protocols for supporting data transmission with mixed traffic is discussed.