University of Cambridge Computer Laboratory Technical Reports
http://oaigateway.library.ucla.edu/gatewaynet/oai.aspx/www.cl.cam.ac.uk/techreports/UCAM-CL-TR-OAI-SR.xml
2.0
tech-reports@cl.cam.ac.uk
2003-01-01
no
YYYY-MM-DD
oai_dc
http://www.openarchives.org/OAI/2.0/oai_dc.xsd
http://www.openarchives.org/OAI/2.0/oai_dc/
cam.ac.uk//UCAM-CL-TR-1
2003-01-01
The JACKDAW database package
Challis, M.F.
University of Cambridge, Computer Laboratory
1974-10
en
Text
UCAM-CL-TR-1
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-1.pdf
This report describes a general database package which has been
implemented in BCPL on an IBM 370/165 at the University of
Cambridge. One current application is the provision of an
administrative database for the Computing Service.
Entries within a database may include (in addition to primitive
fields such as ‘salary’ and ‘address’) links to other entries:
each link represents a relationship between two entries and is
always two-way.
Generality is achieved by including within each database class
definitions which define the structure of the entries within it;
these definitions may be interrogated by program.
The major part of the package presents a procedural interface
between an application program and an existing database,
enabling entries and their fields to be created, interrogated,
updated and deleted. The creation of a new database (or
modification of an existing one) by specifying the class
definitions is handled by a separate program.
The first part of the report describes the database structure
and this is followed by an illustration of the procedural
interface. Finally, some of the implementation techniques used
to insure integrity of the database are described.
cam.ac.uk//UCAM-CL-TR-2
2008-12-18
Scheduling for a share of the machine
Larmouth, J.
University of Cambridge, Computer Laboratory
1974-10
en
Text
UCAM-CL-TR-2
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-2.pdf
This paper describes the mechanism used to schedule jobs and
control machine use on the IBM 370/165 at Cambridge University,
England. The same algorithm is currently being used in part at
the University of Bradford and implementations are in progress
or under study for a number of other British Universities.
The system provides computer management with a simple tool for
controlling machine use. The managerial decision allocates a
share of the total machine resources to each user of the system,
either directly, or via a hierarchial allocation scheme. The
system then undertakes to vary the turnaround of user jobs to
ensure that those decisions are effective, no matter what sort
of work the user is doing.
At the user end of the system we have great flexibility in the
way in which he uses the resources he has received, allowing him
to get a rapid turnaround for those (large or small) jobs which
require it, and a slower turnaround for other jobs. Provided he
does not work at a rate exceeding that appropriate to his share
of the machine, he can request, for every job he submits, the
‘deadline’ by which he wants it running, and the system will
usually succeed in running his job at about the requested time –
rarely later, and only occasionally sooner.
Every job in the machine has its own ‘deadline’, and the machine
is not underloaded. Within limits, each user can request his
jobs back when he wants them, and the system keeps his use to
within the share of the machine he has been given. The approach
is believed to be an original one and to have a number of
advantages over more conventional scheduling and controlling
algorithms.
cam.ac.uk//UCAM-CL-TR-3
2005-07-20
A replacement for the OS/360 disc space management
routines
Stoneley, A.J.M.
University of Cambridge, Computer Laboratory
1975-04
en
Text
UCAM-CL-TR-3
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-3.pdf
In the interest of efficiency, the IBM disc space management
routines (Dadsm) have been completely replaced in the Cambridge
370/165.
A large reduction in the disc traffic has been achieved by
keeping the lists of free tracks in a more compact form and by
keeping lists of free VTOC blocks. The real time taken in a
typical transaction has been reduced by a factor of twenty.
By writing the code in a more appropriate form than the
original, the size has been decreased by a factor of five, thus
making it more reasonable to keep it permanently resident. The
cpu requirement has decreased from 5% to 0.5% of the total time
during normal service.
The new system is very much safer than the old in the fact of
total system crashes. The old system gave little attention to
the consequences of being stopped in mid-flight, and it was
common to discover an area of disc allocated to two files. This
no longer happens.
cam.ac.uk//UCAM-CL-TR-4
2005-08-08
The dynamic creation of I/O paths under
OS/360-MVT
Stoneley, A.J.M.
University of Cambridge, Computer Laboratory
1975-04
en
Text
UCAM-CL-TR-4
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-4.pdf
In a large computer it is often desirable and convenient for an
ordinary program to be able to establish for itself a logical
connection to a peripheral device. This ability is normally
provided through a routine within the operating system which may
be called by any user program at any time. OS/360 lacks such a
routine. For the batch job, peripheral connections can only be
made through the job control language and this cannot be done
dynamically at run-time. In the restricted context of TSO (IBM’s
terminal system) a routine for establishing peripheral
connections does exist, but it is extremely inefficient and
difficult to use.
This paper describes how a suitable routine was written and
grafted into the operating system of the Cambridge 370/165.
cam.ac.uk//UCAM-CL-TR-5
2021-09-07
Parrot – A replacement for TCAM
Hazel, P.
Stoneley, A.J.M.
University of Cambridge, Computer Laboratory
1976-04
en
Text
UCAM-CL-TR-5
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-5.pdf
The terminal driving software and hardware for the Cambridge TSO
(Phoenix) system is described. TCAM and the IBM communications
controller were replaced by a locally written software system
and a PDP-11 complex. This provided greater flexibility,
reliability, efficiency and a better “end-user” interface than
was possible under a standard IBM system.
cam.ac.uk//UCAM-CL-TR-6
2022-04-01
System programming in a high level language
Birrell, Andrew D.
University of Cambridge, Computer Laboratory
1977-12
en
Text
UCAM-CL-TR-6
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-6.pdf
This thesis is concerned with the construction of a high level
language system suitable for the implementation of a general
purpose operating system for a computer. There are three aspects
to this task: firstly a suitable high level language must be
chosen or designed; secondly, a suitable implementation of this
language must be manufactured; thirdly, the operating system
itself must be written. These three aspects inevitably overlap
in time – experience in implementing the language may cause one
to review decisions taken in the design of the language, and
experience in constructing the operating system will bring to
light inadequacies, inconveniences and inelegancies in both the
implementation and design of the language.
Most previous work in this field has been concerned with the
first of these aspects, and has adopted the approach of
designing special ‘System Programming Languages’ (SPLs) or
‘Machine Oriented Languages’ (MOLs). Various such languages have
been developed, although few have achieved the elegance and
generality of general-purpose languages such as Pascal or
Algol68. Little or no investigation has previously been made
into the second of these aspects, the implementation of the
language. This aspect can have a considerable effect on the
practicability of using the resulting language for manufacturing
an operating system. The implementation, however suitable the
language makes the difference between the language being an aid
or an impediment to the system programmer. It is with aspects of
the implementation this this thesis is mainly concerned.
cam.ac.uk//UCAM-CL-TR-7
2018-03-22
Local area computer communication networks
Hopper, Andrew
University of Cambridge, Computer Laboratory
1978-04
en
Text
UCAM-CL-TR-7
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-7.pdf
In this thesis a number of local area network architectures are
studied and the feasibility of a LSI design for a universal
local network chip is considered. The thesis begins with a
survey of current network technologies and a discussion of some
of the problems encountered in local network design. Existing
implementations of local networks are then discussed, and their
performance compared. Ultimately the design considerations for a
general purpose, microprogrammed, LSI network chip is discussed.
Such a circuit is able to handle a range of network
architectures and can be reconfigured to suit various traffic
patterns. Finally some of the protocol requirements of local
networks are discussed, leading to a redesign of the Cambridge
ring to provide hardware support for protocol implementation.
cam.ac.uk//UCAM-CL-TR-9
2022-04-29
Evaluation of a protection system
Cook, Douglas John
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-9
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-9.pdf
The CAP research project was set up in 1969 to investigate
memory protection by designing and building a computer with
hardware support for a very detailed protection system based on
the use of capabilities. The computer has been built and an
operating system written which exploits its protection
facilities. It is time, therefore, to assess how successful the
project has been. A necessary component of such an assessment is
an evaluation of the CAP’s protection system and this thesis
presents the results of the author's research in this area.
Protection in computer systems is first introduced with a brief
description of various models of protection systems and
mechanisms for the provision of protection. There follows a
description in some detail of the CAP computer and the CAP
operating system with particular attention paid to those aspects
of the design which are relevant to the research reported. A
brief introduction to performance evaluation techniques is given
followed by a discussion of performance evaluation on the CAP
computer.
The need for measuring the benefits and costs of protection is
discussed and there is a detailed critical description of the
previous research in this area. A simple model of a protection
system is presented as is a protection measure based on this
model. There is then a discussion of how the services provided
by modules in the system fit into the model and the protection
measure. The application of the protection measure to the CAP
operating system is described. The results led to suggestions
for the improvement of the protection aspects of the operating
system and these are discussed in detail. The implications of
the results for operating system design in general are also
discussed.
The experiements to investiage the cost of using the protection
provided on the CAP are described next. Some performance
evaluation work was done in connection with the protection cost
experiments and this too is discussed.
cam.ac.uk//UCAM-CL-TR-10
2022-05-04
Prediction oriented description of database
systems
Pezarro, Mark Theodore
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-10
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-10.pdf
A descriptive model of database systems is presented. The model
is intended to provide a general framework for the description
of database systems which is not limited to any particular DBMS
or even any of the three mainstream approaches to DBMS
architecture. This generality is derived from a new analysis of
file organisation methods on which the model is based. The model
concentrates on the aspects of a database system relevant to
first-order performance prediction. These include database
structure, the hardware and software used in implementing the
system, the size of the database at various points in its
lifetime, and its known or anticipated usage. Particular
attention has been devoted to arriving at a general treatment of
the details of database systems at the physical level, including
access paths and their encoding, storage devices and their
operating characteristics, and the mapping of data
representations to storage devices.
A formal language has been devised in which to write textual
descriptions of a database system in terms of the model. In
addition an experimental prediction program has been written
which accepts a description of a database system expressed in
the language and produces performance estimates for the
described activity using computational methods based on expected
value formulae. Some preliminary results obtained by comparing
estimates given by the program with measurements of an
operational database system are presented. Further
experimentation that would allow a definitive evaluation of the
prediction program is outlined and a review is made of the
current limitations of the model and program with suggestions
for further research.
cam.ac.uk//UCAM-CL-TR-11
2018-03-27
Automatic resolution of linguistic
ambiguities
Boguraev, Branimir Konstatinov
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-11
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-11.pdf
The thesis describes the design, implementation and testing of a
natural language analysis system capable of performing the task
of generating paraphrases in a highly ambiguous environment. The
emphasis is on incorporating strong semantic judgement in an
augmented transition network grammar: the system provides a
framework for examining the relationship between syntax and
semantics in the process of text analysis, especially while
treating the related phenomena of lexical and structural
ambiguity. Word-sense selection is based on global analysis of
context within a semantically well-formed unit, with primary
emphasis on the verb choice. In building structures representing
text meaning, the analyser relies not on screening through many
alternative structures – intermediate, syntactic or partial
semantic – but on dynamically constructing only the valid ones.
The two tasks of sense selection and structure building are
procedurally linked by the application of semantic routines
derived from Y. Wilks’ preference semantics, which are invoked
at certain well chosen points of the syntactic constituent
analysis – this delimits the scope of their action and provides
context for a particular disambiguation technique. The
hierarchical process of sentence analysis is reflected in the
hierarchical organisation of application of these semantic
routines – this allows the efficient coordination of various
disambiguation techniques, and the reduction of syntactic
backtracking, non-determinism in the grammar, and semantic
parallelism. The final result of the analysis process is a
dependency structure providing a meaning representation of the
input text with labelled components centred on the main verb
element, each characterised in terms of semantic primitives and
expressing both the meaning of a constituent and its function in
the overall textual unit. The representation serves as an input
to the generator, organised around the same underlying principle
as the analyser – the verb is central to the clause. Currently
the generator works in paraphrase mode, but is specifically
designed so that with minimum effort and virtually no change in
the program control structure and code it could be switched over
to perform translation.
The thesis discusses the rationale for the approach adopted,
comparing it with others, describes the system and its machine
implementation, and presents experimental results.
cam.ac.uk//UCAM-CL-TR-12
2021-09-07
HASP “IBM 1130” multileaving remote job entry protocol
with extensions as used on the University of Cambridge IBM
370/165
Oakley, M.R.A.
Hazel, P.
University of Cambridge, Computer Laboratory
1979-09
en
Text
UCAM-CL-TR-12
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-12.pdf
This document brings together most of the information required
to design, write and operate a HASP Remote Job Entry Terminal
program. Most of the document describes facilities available
using any host computer supporting the HASP protocols. The
remainder of the document describes improvements to these
facilities which have been made in order to enhance the
reliability of the system, to make it easier to run, and to
provide for a wider range of peripherals than the basic system.
cam.ac.uk//UCAM-CL-TR-13
2021-09-07
Resource allocation and job scheduling
Hazel, Philip
University of Cambridge, Computer Laboratory
1980
en
Text
UCAM-CL-TR-13
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-13.pdf
The mechanisms for sharing the resources of the Cambridge IBM
370/165 computer system among many individual users are
described. File store is treated separately from other resources
such as central processor and channel time. In both cases,
flexible systems that provide incentives to thrifty behaviour
are used. The method of allocating resources directly to users
rather than in a hierarchical manner via faculties and
departments is described, and its social acceptability is
discussed.
cam.ac.uk//UCAM-CL-TR-14
2010-09-30
Store to store swapping for TSO under OS/MVT
Powers, J.S.
University of Cambridge, Computer Laboratory
1980-06
en
Text
UCAM-CL-TR-14
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-14.pdf
A system of store-to-store swapping incorporated into TSO on the
Cambridge IBM 370/165 is described. Unoccupied store in the
dynamic area is used as the first stage of a two-stage backing
store for swapping time-sharing sessions; a fixed-head disc
provides the second stage. The performance and costs of the
system are evaluated.
cam.ac.uk//UCAM-CL-TR-15
2021-04-15
The implementation of BCPL on a Z80 based
microcomputer
Wilson, I.D.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-15
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-15.pdf
The main aim of this project was to achieve as full an
implementation as possible of BCPL on a floppy disc based
microcomputer, running CP/M or CDOS (the two being esentially
compatible). On the face of it there seemed so many limiting
factors, that, when the project was started, it was not at all
clear which one (if any) would become a final stumbling block.
As it happened, the major problems that cropped up could be
programmed round, or altered in such a way as to make them
soluble.
The main body of the work splits comfortably into three
sections, and the writer hopes that, in covering each section
separately, to be able to show how the whole project fits
together into the finished implementation.
cam.ac.uk//UCAM-CL-TR-16
2018-03-27
Reliable storage in a local network
Dion, Jeremy
University of Cambridge, Computer Laboratory
1981-02
en
Text
UCAM-CL-TR-16
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-16.pdf
A recent development in computer science has been the advent of
local computer networks, collections of autonomous computers in
a small geographical area connected by a high-speed
communications medium. In such a situation it is natural to
specialise some of the computers to provide useful services to
others in the network. These server machines can be economically
advantageous if they provide shared access to expensive
mechanical devices such as discs.
This thesis discusses the problems involved in designing a file
server to provide a storage service in a local network. It is
based on experience gained from the design and implementation of
a file server for the Cambridge ring.
An important aspect of the design of a file server is the choice
of the service which is provided to client machines. The
spectrum of choice ranges from providing a simple remote disc
with operations such as read and write block, to a remote file
system with directories and textual names. The interface chosen
for the Cambridge file server is “universal” in that the
services it provides are intended to allow easy implementation
of both virtual memory systems and filing systems.
The second major aspect of the file server design concerns
reliability. If the server is to store important information for
clients, then it is essential that it be resistant to transient
errors such as communications or power failures. The general
problems of reliability and crash resistance are discussed in
terms of a model developed for this purpose. Different
reliability strategies used in current data base and filing
systems are related to the model, and a mechanism for providing
atomic transactions in the Cambridge file server is described in
detail. An improved mechanism which allows atomic transactions
on multiple files is also described and contrasted with the
first version. The revised design allows several file servers in
a local network to cooperate in atomic updates to arbitrary
collections of files.
cam.ac.uk//UCAM-CL-TR-17
2018-03-27
Three papers on parsing
Boguraev, B.K.
Spärck Jones, K.
Tait, J.I.
University of Cambridge, Computer Laboratory
1982
en
Text
UCAM-CL-TR-17
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-17.pdf
This collection of three papers examines current problems in the
parsing of natural language. The first paper investigates the
parsing of compound nouns, and suggests that the existing
strategies are inadequate. Accepting that better approaches are
needed, the paper then proceeds to examine the implications for
natural language processing systems.
The second paper in the collection examines the task of
recognising conjunctions within an ATN grammar. To do this only
through the grammar specification is difficult and results in a
bulky grammar. The paper therefore presents some ideas for
extending the ATN mechanism to better deal with conjunctions.
The final paper considers ways in which semantic parsers can
exploit syntactic constraints. Two specific semantic parsers are
considered: those of Cater and Boguraev which are regarded as
being representative of two styles of parsing. The main
conclusion to be drawn is that there are significant
disadvantages to semantic parsing without complete syntactic
processing of the input.
cam.ac.uk//UCAM-CL-TR-18
2003-01-01
Automatic mesh generation of 2 & 3 dimensional
curvilinear manifolds
Wördenweber, Burkard
University of Cambridge, Computer Laboratory
1981-11
en
Text
UCAM-CL-TR-18
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-19
2022-06-09
Analysis and inference for English
Cater, Arthur William Sebright
University of Cambridge, Computer Laboratory
1981-09
en
Text
UCAM-CL-TR-19
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-19.pdf
AD-HAC is a computer program which understands stories. Its
three principal components each deal with significant subareas
of the overall language-processing task: it has a sentence
analyser, which creates conceptual representations of the
meanings of individual sentences; an inferencer, which
assimilates these into the existing representation of a story,
determining pronoun referents and answering questions as a
byproduct of this activity; and a sentence generator, which
produces english sentences conveying the meaning of conceptual
representations. The research reported here has focussed on the
analyser and the inferencer.
The analyser uses an ATN to identify low-level syntactic
constituents, such as verb groups or prepositional phrases:
‘requests’ associated with words, particularly verbs, are then
applied in a nondeterministic preference-directed framework,
using the constituents as building blocks in the analysis of
phrases, clauses and sentences: the requests fall into five
distinct processing classes. The partial analyses which result
from the application or non-application of particular requests
are ordered by preference, and the most-preferred partial
analysis is persued first, giving a predominantly left-to-right
scan through the sentence. A surprising result is that the
analyser performs better if it is permitted to keep only a small
number of partial analyses.
The inferencer exploits the primitives of the conceptual
representation language, using these as the main indicator of
the appropriate set of inferences. The inferences are specified
by means of inference networks associated with the conceptual
primitives. Tests are applied to elementary propositions derived
from input sentence analyses, and select paths through the
networks where appropriate inferences are made. Inference
networks are also associated with ‘functions’ of objects,
permitting higher-level than can normally be made using the
primitives alone: the resulting system offers a synthesis of
low-level inference and script-like inference. The inferences
made by the networks are also used to determine the referents of
pronouns, and to provide the answers to questions: the program
takes an identical approach to these two tasks.
The performance of the system is illustrated by reference to
texts which have been successfully processed by AD-HAC.
cam.ac.uk//UCAM-CL-TR-20
2017-07-13
On using Edinburgh LCF to prove the correctness of a
parsing algorithm
Cohn, Avra
Milner, Robin
University of Cambridge, Computer Laboratory
1982-02
en
Text
UCAM-CL-TR-20
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-20.pdf
The methodology of Edinburgh LCF, a mechanized interactive proof
system is illustrated through a problem suggested by Gloess –
the proof of a simple parsing algorithm. The paper is
self-contained, giving only the relevant details of the LCF
proof system. It is shown how tactics may be composed in LCF to
yield a strategy which is appropriate for the parser problem but
which is also of a generally useful form. Also illustrated is a
general mechanized method of deriving structural induction rules
within the system.
cam.ac.uk//UCAM-CL-TR-21
2006-07-11
The correctness of a precedence parsing algorithm in
LCF
Cohn, A.
University of Cambridge, Computer Laboratory
1982-04
en
Text
UCAM-CL-TR-21
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-21.pdf
This paper describes the proof in the LCF system of a
correctness property of a precedence parsing algorithm. The work
is an extension of a simpler parser and proof by Cohn and Milner
(Cohn & Milner 1982). Relevant aspects of the LCF system are
presented as needed. In this paper, we emphasize (i) that
although the current proof is much more complex than the earlier
one, mqany of the same metalanguage strategies and aids
developed for the first proof are used in this proof, and (ii)
that (in both cases) a general strategy for doing some limited
forward search is incorporated neatly into the overall
goal-oriented proof framework.
cam.ac.uk//UCAM-CL-TR-22
2006-09-20
Constraints in CODD
Robson, M.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-22
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-22.pdf
The paper describes the implementation of the data structuring
concepts of domains, intra-tuple constraints and referential
constraints in the relational DBMS CODD. All of these
constraints capture some of the semantics of the database’s
application.
Each class of constraint is described briefly and it is shown
how each of them is specified. The constraints are stored in the
database giving a centralised data model, which contains
descriptions of procedures as well as of statistic structures.
Some extensions to the notion of referential constraint are
proposed and it is shown how generalisation hierarchies can be
expressed as sets of referential constraints. It is shown how
the stored data model is used in enforcement of the constraints.
cam.ac.uk//UCAM-CL-TR-23
2018-03-27
Two papers about the scrabble summarising
system
Tait, J.I.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-23
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-23.pdf
This report contains two papers which describe parts of the
Scrabble English summarizing system. The first, “Topic
identification techniques for predictive language analyzers” has
been accepted as a short communication for the 9th International
COnference on Computational Linguistics, in Prague. The second,
“General summaries using a predictive language analyser” is an
extended version of a discussion paper which will be presented
at the European Conference on Artificial Intelligence in Paris.
Both conferences will take place during July 1982.
The [second] paper describes a computer system capable of
producing coherent summaries of English texts even when they
contain sections which the system has not understood completely.
The system employs an analysis phase which is not dissimilar to
a script applier together with a rather more sophisticated
summariser than previous systems. Some deficiencies of earlier
systems are pointed out, and ways in which the current
implementation overcomes them are discussed.
cam.ac.uk//UCAM-CL-TR-24
2018-03-27
Steps towards natural language to data language
translation using general semantic information
Boguraev, B.K.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1982-03
en
Text
UCAM-CL-TR-24
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-24.pdf
The aim of the work reported here is to maximise the use of
general semantic information in an AI task processor,
specifically in a system front end for converting natural
language questions into formal database queries. The paper
describes the translation component of such a front end, which
is designed to work from the question meaning representation
produced by a language analyser exploiting only general
semantics and syntax, to a formal query relying on
database-specific semantics and syntax. Translation is effected
in three steps, and the paper suggests that the rich and
explicit meaning representations using semantic primitives
produced for input sentences by the analyser constitute a
natural and effective base for further processing.
cam.ac.uk//UCAM-CL-TR-25
2017-12-01
A clustering technique for semantic network
processing
Alshawi, Hiyan
University of Cambridge, Computer Laboratory
1982-05
en
Text
UCAM-CL-TR-25
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-25.pdf
This paper describes techniques for performing serial processing
on the type of semantic network exemplified by NETL. They make
use of an indexing scheme that can be based on semantic
clustering. The basic algorithm is aimed at performing fast
intersection operations. It is claimed that the scheme is
suitable for its current application in text processing. The
semantic criteria for clustering that have been tried are
briefly described. Extensions of the scheme are suggested for
use with large networks.
cam.ac.uk//UCAM-CL-TR-26
2022-06-09
Portable system software for personal computers on a
network
Knight, Brian James
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-26
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-26.pdf
This dissertation is concerned with the design of the portable
operating system TRIPOS, and its use as the basis for an
operating system to run in ‘single connection’ computers – that
is, computers whose only peripheral is an interface to a local
area network.
TRIPOS is a lightweight, yet powerful, multi-tasking operating
system aimed at personal minicomputers. It is designed to be
relatively straightforward to transport to new hardware,
providing an almost identical user interface and program
environment on each machine. Particular emphasis has been placed
on avoiding unnecessary complexity, in order to make it simple
to understand, explain, and adapt for special purposes. The
majority of the system and utilities are written in the language
BCPL, and can be moved without change to different computers.
They run on a kernel and device drivers written in assembly
language for each particular machine. The user’s view of the
system is presented first, with samples of console dialogue, and
then its internal structure is described.
The main part of the work described concerns the building of a
portable operating system presenting user and program interfaces
as similar as possible to ordinary TRIPOS, but running in
processors connected only to a local area network – the
Cambridge Ring. The system makes use of ‘server’ computers on
the ring in order to gain access to disc storage, terminals, and
printers. Several methods are investigated for using the
primitives provided by a universal file-server to construct a
filing system which can be shared by machines of different
types. Some conclusions are drawn on the effects of distributing
operating system functions in this way.
cam.ac.uk//UCAM-CL-TR-27
2022-04-01
Exception handling in domain based systems
Johnson, Martyn Alan
University of Cambridge, Computer Laboratory
1981-09
en
Text
UCAM-CL-TR-27
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-27.pdf
Modern operating systems allow the creation of protection
domains; these enable subsystems to cooperate whilst being
protected from each other. This creates a number of problems in
the handling of exceptions such as the expiry of time limits or
the receipt of console ‘quit’ signals. Particular problems arise
when parts of the operating system are implemented as protection
domains which cannot easily be distinguished from user programs
by the underlying protection system.
The dissertation surveys some traditional methods of dealing
with such problems, and explains why they are inadequate in a
domain based system. In addition, work done on related topics in
the operating system for the Cambridge CAP computer is
described.
The major part of the research described is concerned with a
class of exception not usually recognized by operating system
designers. This arises from the observation that protection
domains which implement subsystems can retain useful state
information between invocations, and care needs to be taken to
ensure that domains are given an opportunity to keep their
private data structures in a consistent state. In particular,
domains which fall into disuse need to be notified of the fact
so that they can tidy up the data structures they manage before
they are destroyed. An intuitively simple solution to the
problem is discussed, and its limitations and implementation
difficulties are noted. Refinements of the mechanism are
proposed which provide an improved treatment of the problem; and
it is suggested that the moderate run time overhead which these
revisions impose can be minimized by providing hardware or
microprogram support for the mechanism.
cam.ac.uk//UCAM-CL-TR-28
2006-09-20
Poly report
Matthews, D.C.J.
University of Cambridge, Computer Laboratory
1982-08
en
Text
UCAM-CL-TR-28
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-28.pdf
Poly was designed to provide a programming system with the same
flexibility as a dynamically typed language but without the
run-time oveheads. The type system, based on that of Russel
allows polymorpphic operations to be used to manipulate abstract
objects, but with all the type checking being done at
compile-time. Types may be passed explicitly or by inference as
parameters to procedures, and may be returned from procedures.
Overloading of names and generic types can be simulated by using
the general procedure mechanism. Despite the generality of the
language, or perhaps because of it, the type system is very
simple, consisting of only three classes of object. There is an
exception mechanism, similar to that of CLU, and the exceptions
raised in a procedure are considered as part of its ‘type’. The
construction of abstract objects and hiding of internal details
of the representation come naturally out of the type system.
cam.ac.uk//UCAM-CL-TR-29
2006-09-20
Introduction to Poly
Matthews, D.C.J.
University of Cambridge, Computer Laboratory
1982-05
en
Text
UCAM-CL-TR-29
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-29.pdf
This report is a tutorial introduction to the programming
language Poly. It describes how to write and run programs in
Poly using the VAX/UNIX implementation. Examples given include
polymorphic list functions, a double precision integer package
and a subrange type constructor.
cam.ac.uk//UCAM-CL-TR-30
2017-12-01
A portable BCPL library
Wilkes, John
University of Cambridge, Computer Laboratory
1982-10
en
Text
UCAM-CL-TR-30
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-30.pdf
Too often, programs written in BCPL are difficult to port from
one system to another, not because of the language, but because
of differences between ‘standard’ libraries. Almost without
exception, the definitions of these libraries are loose, woolly
and inaccurate – the proposed BCPL standards document being a
prime example. The author has developed and implemented a new
BCPL library which is explicitly designed to aid the portability
of programs between systems. In addition to being largely
portable itself, it has two other features of interest: it uses
an exception handling system instead of return codes, and it
makes no distinction between system and user defined stream
handlers. This paper defines the interface to the package.
cam.ac.uk//UCAM-CL-TR-31
2017-07-06
Ponder and its type system
Fairbairn, J.
University of Cambridge, Computer Laboratory
1982-11
en
Text
UCAM-CL-TR-31
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-31.pdf
This note describes the programming language “Ponder”, which is
designed according to the principles of referencial transparency
and “orthogonality” as in [vWijngaarden 75]. Ponder is designed
to be simple, being functional with normal order semantics. It
is intended for writing large programmes, and to be easily
tailored to a particular application. It has a simple but
powerful polymorphic type system.
The main objective of this note is to describe the type system
of Ponder. As with the whole of the language design, the
smallest possible number of primitives is built in to the type
system. Hence for example, unions and pairs are not built in,
but can be constructed from other primitives.
cam.ac.uk//UCAM-CL-TR-32
2018-03-27
How to drive a database front end using general semantic
information
Boguraev, B.K.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1982-11
en
Text
UCAM-CL-TR-32
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-32.pdf
This paper describes a front end for natural language access to
databases making extensive use of general, i.e.
domain-independent, semantic information for question
interpretation. In the interests of portability, initial
syntactic and semantic processing of a question is carried out
without any reference to the database domain, and
domain-dependent operations are confined to subsequent,
comparatively straightforward, processing of the initial
interpretation. The different modules of the front end are
described, and the system’s performance is illustrated by
examples.
cam.ac.uk//UCAM-CL-TR-33
2018-03-27
An island parsing interpreter for Augmented Transition
Networks
Carroll, John A.
University of Cambridge, Computer Laboratory
1982-10
en
Text
UCAM-CL-TR-33
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-33.pdf
This paper describes the implementation of an ‘island parsing’
interpreter for an Augmented Transition Network (ATN). The
interpreter provides more complete coverage of Woods’ original
ATM formalism than his later island parsing implementation; it
is written in LISP and has been modestly tested.
cam.ac.uk//UCAM-CL-TR-34
2017-12-11
Recent developments in LCF: examples of structural
induction
Paulson, Larry
University of Cambridge, Computer Laboratory
1983-01
en
Text
UCAM-CL-TR-34
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-34.pdf
Manna and Waldinger have outlined a large proof that probably
exceeds the power of current theorem-provers. The proof
establishes the unification algorithm for terms composed of
variables, constants, and other terms. Two theorems from this
proof, involving structural induction, are performed in the LCF
proof assistant. These theorems concern a function that searches
for an occurrence of one term inside another, and a function
that lists the variables in a term.
Formally, terms are regarded as abstract syntax trees. LCF
automatically builds the first-order theory, with equality, of
this recursive data structure.
The first theorem has a simple proof, induction followed by
rewriting. The second theorem requires a cases split and
substitution throughout the goal. Each theorem is proved by
reducing the initial goal to simpler and simpler subgoals. LCF
provides many standard proof strategies for attacking goals; the
user can program additional ones in LCF’s meta-language, ML.
This felxibility allows users to take ideas from such diverse
fields as denotational semantics and logic programming.
cam.ac.uk//UCAM-CL-TR-35
2017-07-13
Rewriting in Cambridge LCF
Paulson, Larry
University of Cambridge, Computer Laboratory
1983-02
en
Text
UCAM-CL-TR-35
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-35.dvi.gz
Many automatic theorem-provers rely on rewriting. Using theorems
as rewrite rules helps to simplify the subgoals that arise
during a proof.
LCF is an interactive theorem-prover intended for reasoning
about computation. Its implementation of rewriting is presented
in detail. LCF provides a family of rewriting functions, and
operators to combine them. A succession of functions is
described, from pattern matching primitives to the rewriting
tool that performs most inferences in LCF proofs.
The design is highly modular. Each function performs a basic,
specific task, such as recognizing a certain form of tautology.
Each operator implements one method of building a rewriting
function from simpler ones. These pieces can be put together in
numerous ways, yielding a variety of rewriting strategies.
The approach involves programming with higher-order functions.
Rewriting functions are data values, produced by computation on
other rewriting functions. The code is in daily use at
Cambridge, demonstrating the practical use of functional
programming.
cam.ac.uk//UCAM-CL-TR-36
2017-07-13
The revised logic PPLAMBDA : A reference
manual
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1983-03
en
Text
UCAM-CL-TR-36
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-36.pdf
PPLAMBDA is the logic used in the Cambridge LCF proof assistant.
It allows Natural Deduction proofs about computation, in Scott’s
theory of partial orderings. The logic’s syntax, axioms,
primitive inference rules, derived inference rules and standard
lemmas are described as are the LCF functions for building and
taking apart PPLAMBDA formulas.
PPLAMBDA’s rule of fixed-point induction admits a wide class of
inductions, particularly where flat or finite types are
involved. The user can express and prove these type properties
in PPLAMBDA. The induction rule accepts a list of theorems,
stating type properties to consider when deciding to admit an
induction.
cam.ac.uk//UCAM-CL-TR-37
2022-04-29
Representation and authentication on computer
networks
Girling, Christopher Gray
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-37
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-37.pdf
Controlling access to objects in a conventional operating system
is a well understood problem for which solutions are currently
in existence. Such solutions utilize mechanisms which accurately
and trivially provide the identity of an accessing subject. In
the context of a collection of computers communicating with each
other over a network, provision of this mechanism is more
complex. The design of such a mechanism and its implementation
on the Cambridge Ring at Cambridge University is described.
The vehicle used to prove the identity of an object irrefutably
is called a representation and the deduction of an object’s
identity is called authentication. Methods of authentication are
given which show that the mechanism can cope with identification
needs that arise in practice (even in a network where the
function asigned to each computer is constantly changing). These
generate representations for such important components of a
computer network as people, services and addresses. The
implementation of a representation system utilizing some of
these methods is described, including the incorporation of its
use into a real operating system. The place of representations
within the communication protocols that must transport them is
considered and some enhancements are proposed. in addition, some
interesting variations and extensions of the system are
explored.
cam.ac.uk//UCAM-CL-TR-38
2022-04-01
Views and imprecise information in databases
Gray, Mike
University of Cambridge, Computer Laboratory
1982-11
en
Text
UCAM-CL-TR-38
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-38.pdf
Providing user views of a database is an important way of
achieving data independence and ease of use of DBMSs. This
dissertation discusses one aspect of the problem of supporting
views. It is shown that a crucial factor in the support of views
is the richness of the data model used, and in particular its
ability to represent certain kinds of incomplete information.
This dissertation discusses various ways of handling incomplete
information, and the operations on views that can be supported.
The implementation of an experimental system which supports
views on a relational database is described.
The first chapter describes the problem of treating views as
first-class objects, that is allowing all the usual database
operations to be performed on data in views. It is shown how
this is related to the problem of representing incomplete
information in the conceptual schema. The second chapter
proposes the use of lattices to represent incomplete
information, and shows how this covers various particular kinds
of imprecise information. The third chapter reviews other work
relating to imprecise information in databases. The fourth
chapter discusses certain further implications of representing
imprecise information, and makes proposals regarding the
interpretation of keys, constraints, and the open-world
assumption in this environment. The fifth chapter discusses in
detail the relational operations that are appropriate with
imprecise data and proposes modified Join and Group-by
operations. The implementation of a system with these features
is discussed. Chapter six illustrates some of the points made by
considering an example database, and finally chapter seven
concludes this dissertation with a summary and examination of
further possibilities.
cam.ac.uk//UCAM-CL-TR-39
2017-12-12
Tactics and tacticals in Cambridge LCF
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1983-07
en
Text
UCAM-CL-TR-39
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-39.pdf
The tactics and tacticals of Cambridge LCF are described.
Tactics reason about logical connectives, substitution and
rewriting; tacticals combine tactics into more powerful tactics.
LCF’s package for managing an interactive proof is discussed.
This manages the subgoal tree, presenting the user with unsolved
goals and assembling the final proof.
While primarily a reference manual, the paper contains a brief
introduction to goal-directed proof. An example shows typical
use of the tactics and subgoal package.
cam.ac.uk//UCAM-CL-TR-40
2017-12-15
The SKIM microprogrammer’s guide
Stoye, W.
University of Cambridge, Computer Laboratory
1983-10
en
Text
UCAM-CL-TR-40
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-40.pdf
This paper describes the design and implementation of the SKIM
micorprocessor. The processor has a 24 bit ALU with 16 general
purpose registers. The main unique feature is a large microcode
store of up to 64K 40 bit words, with the intention that the
microcode could be used like the machine code on a conventional
processor, with operating system primitives being programmed in
microcode.
The processor has been constructed from TTL logic, with a
microcode assembler running on Phoenix. A debugger for both the
hardware and microcode programs runs on the host machine,
currently a BBC Microcomputer.
The processor architecture is discussed, with examples of
microcode programming. comparisons with other processors are
made, and some of the limitations of the present design are
noted.
cam.ac.uk//UCAM-CL-TR-41
2018-01-05
LCF_LSM, A system for specifying and verifying
hardware
Gordon, Mike
University of Cambridge, Computer Laboratory
1983-09
en
Text
UCAM-CL-TR-41
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-41.pdf
The LCF_LSM system is designed to show that it is practical to
prove the correctness of real hardware. The system consists of a
programming environment (LCF) and a specification language
(LSM). The environment contains tools for manipulating and
reasoning about the specifications. Verification consists in
proving that a lov-level (usually structural) description is
behaviourally equivalent to a high-level functional description.
Specifications can be fully hierarchical, and at any level
devices can be specified either functionally or structurally.
As a first case study a simple microcoded computer has been
verified. This proof is described in a companion report. In this
we also illustrate the use of the system for other kinds of
manipulation besides verification. For example, we show how to
derive an implementation of a hard-wired controller from a
microprogram and its decoding and sequencing logic. The
derivation is done using machine checked inference; this ensures
that the hard-wired controller is equivalent to the microcoded
one. We also show how to code a microassembler. These examples
illustrate our belief that LCF is a good environment for
implementing a wide range of tools for manipulating hardware
specifications.
This report has two aims: first to give an overview of the ideas
embodied in LCF_LSM, and second, to be a user manual for the
system. No prior knowledge of LCF is assumed.
cam.ac.uk//UCAM-CL-TR-42
2018-01-05
Proving a computer correct with the LCF_LSM hardware
verification system
Gordon, Mike
University of Cambridge, Computer Laboratory
1983-09
en
Text
UCAM-CL-TR-42
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-42.pdf
A machine generated correctness proof of a simple computer is
described.
At the machine code level the computer has a memory and two
registers: a 13 bit program counter and a 16-bit accumulator.
There are 8 machine instructions: halt, unconditional jump, jump
when the accumulator contains 0, add contents of a memory
location to accumulator, subtract contents of a location from
accumulator, load accumulator from memory, store contents of
accumulator in memory, and skip. The machine can be interrupted
by pushing a button on its front panel.
The implementation which we prove correct has 6 data registers,
and ALU, a memory, and a microcode controller. The controller
consists of a ROM holding 26 30-bit microinstructions, a
microprogram counter, and some combinatorial microinstruction
decode logic.
Formal specifications of the target and host machines are given,
and we describe the main steps in proving that the host
correctly fetches, decodes and executes machine instructions.
The utility of LCF_LSM for general manipulaton is illustrated in
two appendices. In appendix 1 we show how to code a
microassembler. In appendix 2 we use the LCF_LSM inference rules
to design a hard-wired controller equivalent to the original
microcoded one.
N.B. This report should be read in conjunction with LCF_LSM: A
system for specifying and verifying hardware. University of
Cambridge, Computer Laboratory technical report number 41.
cam.ac.uk//UCAM-CL-TR-43
2016-08-08
Extending the local area network
Leslie, Ian Malcom
University of Cambridge, Computer Laboratory
1983-02
en
Text
UCAM-CL-TR-43
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-43.pdf
This dissertation is concerned with the development of a large
computer network which has many properties associated with local
area computer networks, including high bandwidth and lower error
rates. The network is made up of component local area networks,
specifically Cambridge rings, which are connected either through
local ring-ring bridges or through a high capacity satellite
link. In order to take advantage of the characteristics of the
resulting network, the protocols used are the same simple
protocols as those used on a single Cambridge ring. This in turn
allows many applications, which might have been thought of as
local area network applications, to run on the larger network.
Much of this work is concerned with an interconnection strategy
which allows hosts of different component networks to
communicate in a flexible manner without building an extra
internetwork layer into protocol hierarchy. The strategy arrived
at is neither a datagram approach nor a system of concatenated
error and flow controlled virtual circuits. Rather, it is a
lightweight virtual circuit approach which preserves the order
of blocks sent on a circuit, but which makes no other guarantees
about the delivery of these blocks. An extra internetwork
protocol layer is avoided by modifying the system used on a
single Cambridge ring which binds service names to addresses so
that it now binds service names to routes across the network.
cam.ac.uk//UCAM-CL-TR-44
2022-04-01
Structural induction in LCF
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1983-11
en
Text
UCAM-CL-TR-44
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-44.pdf
The fixed-point theory of computation can express a variety of
recursive data types, including lazy types, conventional
first-order (strict) types, mutually recursive types, and types
with equational constraints. Lazy types contain infinite
objects, regarded as the limit of a chain of finite objects.
Structural induction for all these types follows from
fixed-point induction, though induction for lazy types is only
sound for a certain class of formulas.
The paper presents the derivation of structural induction for
each type, and justifies the necessary axioms by furnishing
models for them. It presents example type definitions of lazy
lists, strict lists, syntax trees for expressions and finite
sets. Strict data types are proved to be flat in their partial
ordering. Primitive recursion operators are introduced for each
type, providing theoretical insights as well as a concise
notation for defining total functions.
The research was done using LCF, an interactive theorem-prover
for the fixed-point theory. The paper documents the theory of
LCF data types, and surveys several LCF proofs involving
structural induction. In order to be self-contained, it makes
little reference to LCF details and includes a summary of the
fixed point theory.
cam.ac.uk//UCAM-CL-TR-45
2017-07-13
Compound noun interpretation problems
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1983-07
en
Text
UCAM-CL-TR-45
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-45.pdf
This paper discusses the problems of compound noun
interpretation in the context of automatic language processing.
Given that compound processing implies identifying the senses of
the words involved, determining their bracketing, and
establishing their underlying semantic relations, the paper
illustrates the need, even in comparatively favourable cases,
for inference using pragmatic information. This has consequences
for language processor architectures and, even more, for speech
processors.
cam.ac.uk//UCAM-CL-TR-46
2022-04-04
Intelligent network interfaces
Garnett, Nicholas Henry
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-46
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-46.pdf
Local Area Networks are now an accepted part of computing
research. The technology of the network itself and the hardware
to interface it to a computer is standard and in the cases of
networks like Ethernet and the Cambridge Ring is commercially
available. The next level up from the hardware is the software
interface between the host computer and the network. This
dissertation is concerned with one specific type of interface
where the host is not itself directly connected to the network,
but must access it via a second Network Interface Processor
(NIP).
The dissertation begins by describing the design and
implementation of the two low level interfaces for the Cambridge
Ring. The first of these, the type 2, is machine independent and
although based on a simple processor offers some sophisticated
facilities to its host. The second, Spectrum, is not so
sophisticated, but is customized to interface to just one
operating system. The difference between these two approaches is
discussed.
We go on to introduce the High Level Interface, which removes
all protocol and network related processing from the host
machine. This can benefit both the protocol implementation, by
reducing system overheads, and the host operating system, by
freeing CPU time for other tasks. This is particularly true in
the case of time-shared machines which rely on the network for
terminal connections. The design and implementation of such an
interface are described.
The dissertation concludes by considering the possible roles of
the NIP in the areas of security, protection and reliability.
Some thoughts are also given on the design of protocols which
exploit the features of a NIP.
cam.ac.uk//UCAM-CL-TR-47
2018-03-27
Automatic summarising of English texts
Tait, John Irving
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-47
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-47.pdf
This thesis describes a computer program called Scrabble which
can summarise short English texts. It uses large bodies of
predictions about the likely contents of texts about particular
topics to identify the commonplace material in an input text.
Pre-specified summary templates, each associated with a
different topic are used to condense the commonplace material in
the input. Filled-in summary templates are then used to form a
framework into which unexpected material in the input may be
fitted, allowing unexpected material to appear in output summary
texts in an essentially unreduced form. The system’s summaries
are in English.
The program is based on technology not dissimilar to a script
applier. However, Scrabble represents a significant advance over
previous script-based summarising systems. It is much less
likely to produce misleading summaries of an input text than
some previous systems and can operate with less information
about the subject domain of the input than others.
These improvements are achieved by the use of three main novel
ideas. First, the system incorporates a new method for
identifying the idea or topics of an input text. Second, it
allows a section of text to have more than one topic at a time,
or at least a composite topic which may be dealt with by the
computer program simultaneously applying the text predictions
associated with more than one simple topic. Third, Scrabble
incorporates new mechanisms for the incorporation of unexpected
material in the input into its output summary texts. The
incorporation of such material in the output summary is
motivated by the view that it is precisely unexpected material
which is likely to form the most salient matter in the input
text.
The performance of the system is illustrated by means of a
number of example input texts and their Scrabble summaries.
cam.ac.uk//UCAM-CL-TR-48
2005-12-05
A mechanism for the accumulation and application of
context in text processing
Alshawi, Hiyan
University of Cambridge, Computer Laboratory
1983-11
en
Text
UCAM-CL-TR-48
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-48.pdf
The paper describes a mechanism for the representation and
application of context information for automatic natural
language processing systems. Context information is gathered
gradually during the reading of the text, and the mechanism
gives a way of combining the effect of several different types
of context factors. Context factors can be managed
independently, while still allowing efficient access to entities
in focus. The mechanism is claimed to be more general than the
global focus mechanism used by Grosz for discourse
understanding. Context affects the interpretation process by
choosing the results, and restricting the processing, of a
number of important language interpretation operations,
including lexical disambiguation and reference resolution. The
types of context factors that have been implemented in an
experimental system are described, and examples of the
application of context are given.
cam.ac.uk//UCAM-CL-TR-49
2022-04-22
Programming language design with polymorphism
Matthews, David Charles James
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-49
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-49.pdf
This dissertation describes the design and implementation of a
programming language, Poly. By treating types as values,
procedures can be written which can be applied to objects of
many different types (polymorphism).
Poly was not designed specifically to investigate polymorphism,
rather it was designed to provide a simple yet powerful
alternative to large languages like Ada. The type system came
out of a desire to treat several different programming language
concepts by means of a single parameterisation mechanism, that
of procedure application. For example, generic types are
considered simply as procedures. Polymorphism as Poly can also
be used to provide the effect of overloading without building
resolution rules into the language. Unlike the language Russell,
Poly does not require that procedures be “variable free”.
However, it is still possible to statically type-check a Poly
program.
After an introduction to the principles behind modern languages,
in particular types and their relation to abstraction, there is
a survey of several languages. Adu, CLU, Russell, ML and the
Cedar Mesa Kernel illustrate different aspects of language
design. Poly is described by means of some examples and then the
background to the design is discussed. The rationale behind the
type system of Poly is considered and comparisons are made with
two other polymorphic languages, ML and Russell. The remainder
of the language is developed and some applications are
discussed. There is a description of some problems encountered
while implementing poly.
cam.ac.uk//UCAM-CL-TR-50
2017-07-13
Verifying the unification algorithm in LCF
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1984-03
en
Text
UCAM-CL-TR-50
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-50.pdf
Manna and Waldinger’s theory of substitutions and unification
has been verified using the Cambridge LCF theorem prover. A
proof of the monotonicity of substitution is presented in
detail, as an example of interaction with LCF. Translating the
theory into LCF’s domain-theoretic logic is largely
straightforward. Well-founded induction on a complex ordering is
translated into nested structural inductions. Correctness of
unification is expressed using predicates for such properties as
idempotence and most-generality. The verification is presented
as a series of lemmas. The LCF proofs are compared with the
original ones, and with other approaches. It appears difficult
to find a logic that is both simple and flexible, especially for
proving termination.
cam.ac.uk//UCAM-CL-TR-51
2018-01-16
Using information systems to solve recursive domain
equations effectively
Winskel, Glynn
Larsen, Kim Guldstrand
University of Cambridge, Computer Laboratory
1984-07
en
Text
UCAM-CL-TR-51
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-51.pdf
This paper aims to make two main contributions. One is to show
how to use the concrete nature of Scott’s information systems to
advantage in solving recursive domain equations. The method is
based on the substructure relation between information systems.
This essentially makes a complete partial order (cpo) of
information systems. Standard domain constructions like function
space can be made continuous on this cpo so the solution of
recursive domain equations reduces to the more familiar
construction of forming the least-fixed point of a continuous
function. The second contribution again relies on the concrete
nature of information systems, this time to develop a basic
theory of effectively given information systems and through this
present a simple treatment of effectively given domains.
cam.ac.uk//UCAM-CL-TR-52
2003-04-28
The design of a ring communication network
Temple, Steven
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-52
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-52.pdf
This dissertation describes the design of a high speed local
area network. Local networks have been in use now for over a
decade and there is a proliferation of different systems,
experimental ones which are not widely used and commercial ones
installed in hundreds of locations. For a new network design to
be of interest from the research point of view it must have a
feature or features which set it apart from existing networks
and make it an improvement over existing systems. In the case of
the network described, the research was started to produce a
network which was considerably faster than current designs, but
which retained a high degree of generality.
As the research progressed, other features were considered, such
as ways to reduce the cost of the network and the ability to
carry data traffic of many different types. The emphasis on high
speed is still present but other aspects were considered and are
discussed in the dissertation. The network has been named the
Cambridge Fast Ring and and the network hardware is currently
being implemented as an integrated circuit at the University of
Cambridge Computer Laboratory.
The aim of the dissertation is to describe the background to the
design and the decisions which were made during the design
process, as well as the design itself. The dissertation starts
with a survey of the uses of local area networks and examines
some established networks in detail. It then proceeds by
examining the characteristics of a current network installation
to assess what is required of the network in that and similar
applications. The major design considerations for a high speed
network controller are then discussed and a design is presented.
Finally, the design of computer interfaces and protocols for the
network is discussed.
cam.ac.uk//UCAM-CL-TR-53
2018-01-08
A new type-checker for a functional language
Fairbairn, Jon
University of Cambridge, Computer Laboratory
1984-07
en
Text
UCAM-CL-TR-53
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-53.pdf
A polymorphic type checker for the functional language Ponder
[Fairbairn 82] is described. The initial sections give an
overview of the syntax of Ponder, and some of the motivation
behind the design of the type system. This is followed by a
definition of the relation of ‘generality’ between these types,
and of the notion of type-validity of Ponder programs. An
algorithm to determine whether a Ponder program is type-valid is
then presented. The final sections give examples of useful types
which may be constructed within the type system, and describe
some of the areas in which it is thought to be inadequate.
cam.ac.uk//UCAM-CL-TR-54
2018-01-08
Lessons learned from LCF
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1984-08
en
Text
UCAM-CL-TR-54
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-54.pdf
The history and future prospects of LCF are discussed. The
introduction sketches basic concepts such as the language ML,
the logic PPLAMBDA, and backwards proof. The history discusses
LCF proofs about denotational semantics, functional programs,
and digital circuits, and describes the evolution of ideas about
structural induction, tactics, logics of computation, and the
use of ML. The biography contains thirty-five references.
cam.ac.uk//UCAM-CL-TR-55
2018-01-12
Executing temporal logic programs
Moszkowski, Ben
University of Cambridge, Computer Laboratory
1984-08
en
Text
UCAM-CL-TR-55
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-55.pdf
Over the last few years, temporal logic has been investigated as
a tool for reasoning about computer programs, digital circuits
and message-passing systems. In the case of programs, the
general feeling has been that temporal logic is an adjunct to
existing languages. For example, one might use temporal logic to
specify and prove properties about a program written in, say,
CSP. This leads to the annoyance of having to simultaneously use
two separate notations.
In earlier work we proposed that temporal logic itself directly
serve as the basis for a programming language. Since then we
have implemented an interpreter for such a language called
Tempura. We are developing Tempura as a tool for directly
executing suitable temporal logic specifications of digital
circuits and other discrete time systems. Since every Tempura
statement is also a temporal formula, we can use the entire
temporal logic formalism for our assertion language and
semantics. Tempura has the two seemingly contradictory
properties of being a logic programming langauge and having
imperative constructs such as assignment statements.
The presentation given here first describes the syntax of a
first order temporal logic having the operators ∘ (next) and ◻
(always). This serves as the basis for the Tempura programming
language. The lesser known temporal operator chop is
subsequently introduced, resulting in Interval Temporal Logic.
We then show how to incorporate chop and related constructs into
Tempura.
cam.ac.uk//UCAM-CL-TR-56
2018-01-15
A new scheme for writing functional operating
systems
Stoye, William
University of Cambridge, Computer Laboratory
1984-09
en
Text
UCAM-CL-TR-56
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-56.pdf
A scheme is described for writing nondeterministic programs in a
functional language. The scheme is based on message passing
between a number of expressions being evaluated in parallel. I
suggest that it represents a significant improvement over
previous methods employing a nondeterministic merge primitive,
and overcomes numerous drawbacks in that approach. The scheme
has been designed in a practical context, and is being used to
write an operating system for SKIM, a functionally programmed
machine. It is not yet well understood in a mathematical sense.
cam.ac.uk//UCAM-CL-TR-57
2017-07-13
Constructing recursion operators in intuitionistic type
theory
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1984-10
en
Text
UCAM-CL-TR-57
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-57.pdf
Martin-Löf’s Intuitionistic Theory of Types is becoming popular
for formal reasoning about computer programs. To handle
recursion schemes other than primitive recursion, a theory of
well-founded relations is presented. Using primitive recursion
over higher types, induction and recursion are formally derived
for a large class of well-founded relations. Included are <
on natural numbers, and relations formed by inverse images,
addition, multiplication, and exponentiation of other relations.
The constructions are given in full detail to allow their use in
theorem provers for Type Theory, such as Nuprl. The theory is
compared with work in the field of ordinal recursion over higher
types.
cam.ac.uk//UCAM-CL-TR-58
2018-04-10
Categories of models for concurrency
Winskel, Glynn
University of Cambridge, Computer Laboratory
1984-10
en
Text
UCAM-CL-TR-58
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-58.pdf
It is shown how a variety of models for concurrent processes can
be viewed as categories in which familiar constructions turn out
to be significant categorically. Constructions to represent
various parallel compositions are often based on a product
construction, for instance. In many cases different models can
be related by a pair of functors forming an adjunction between
the two categories. Because of the way in which such pairs of
functors preserve categorical constructions, the adjunction
serves to translate between the different models, so it is seen
how semantics expressed in terms of one model translate to
semantics in terms of another.
cam.ac.uk//UCAM-CL-TR-59
2018-04-10
On the composition and decomposition of
assertions
Winskel, Glynn
University of Cambridge, Computer Laboratory
1984-11
en
Text
UCAM-CL-TR-59
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-59.pdf
Recently there has been a great deal of interest in the problem
of how to compose modal assertions, in order to deduce the truth
of an assertion for a composition of processes in a parallel
programming language, from the truth of certain assertions for
its components.
This paper addresses that problem from a theoretical standpoint.
The programming language used is Robin Milner’s Synchronous
Calculus of Communicating Systems (called SCCS), while the
language of assertions is a fragment of dynamic logic which,
despite its simplicity, is expressive enough to characterise
observational equivalence. It is shown how, with respect to each
operation ‘op’ in SCCS, every assertion has a decomposition
which reduces the problem of proving the assertion holds of a
compound process built up using ‘op’ to proving assertions about
its components. These results provide the foundations of a proof
system for SCCS with assertions.
cam.ac.uk//UCAM-CL-TR-60
2022-04-29
Memory and context mechanisms for automatic text
processing
Alshawi, Hiyan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-60
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-60.pdf
The thesis describes memory and context mechanisms for natural
language text processing. The mechanisms were implemented as
part of a computer system that successfully processed a number
of short descriptive English texts producing output that can be
used to create a relational database. The memory mechanism is
concerned with representing and retrieving various kinds of
knowledge, while the context mechanism is concerned with
accumulating and applying information specifying which fragments
of knowledge are currently more salient.
The mechanisms are used in the implemented system by an
interpretation component dealing with common language
interpretation problems that cannot be handled by simple
sentence-level analysis. These problems include resolving
references, disambiguating word senses, and discovering implicit
relationships. The mechanisms are also used by a task-specific
component which carries out the database capture application
using database descriptions stored in memory. The choice and
handling of the particular application task, interpretation
operations, and types of context information, were designed to
check that the computational techniques developed for memory and
context provide appropriate apparatus for non-trivial text
processing involving a wide range of phenomena of language
interpretation in context.
The memory representation formalism is based on hierarchies for
classifying entities and the associations between them. It has
the advantage of simplicity and a well designed semantics.
Retrieval from memory is performed by marker processing on a
network structure. The context mechanism represents instances of
various types of context information as “context factors” which
can be combined to derive activation values for memory entities.
Context activation is used to choose the results of memory
operations and to restrict memory searches. Context factors are
created and modified as a result of text processing operations,
leading to a gradual alteration of the context representation.
Both the memory and context mechanisms utilize an indexing
scheme that uses semantic clustering criteria. This increases
the efficiency of retrieval from memory and allows efficient
access to entities with high activations derived from several
factors while individual factors can be managed independently.
cam.ac.uk//UCAM-CL-TR-61
2018-04-18
User models and expert systems
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1984-12
en
Text
UCAM-CL-TR-61
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-61.pdf
This paper analyses user models in expert systems in terms of
the many factors involved: user roles, user properties, model
types, model functions in relation to different aspects of
system performance, and sources, e.g. linguistic or
non-linguistic, of modelling information. The aim of the
detailed discussion, with extensive examples illustrating the
complexity of modelling, is to clarify the issues involved in
modelling, as a necessary preliminary to model building.
cam.ac.uk//UCAM-CL-TR-62
2022-04-04
Constraint enforcement in a relational database
management system
Robson, Michael
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-62
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-62.pdf
The dissertation describes the implementation of the data
structuring concept of domains, intra-tuple constraints and
referential constraints in a relational database management
system (DBMS). The need for constraints is discussed and it is
shown how they can be used to capture some of the semantics of
the database’s application. The implementation described was
done within the framework of the particular DBMS CODD, the main
features of which are presented.
Each class of constraint is described and it is shown how each
of them is specifed to the DBMS. The descriptions of the
constraints are stored in the database giving a centralised data
model, which is used in the enforcement of the constraints. This
data model contains descriptions not only of static structures
but also of procedures to be used to maintain constraints. A
detailed account is given of how each constraint is maintained.
The main focus of the dissertation is on referential constraints
since inter-relational structure is an area in which relational
systems are particularly weak. Referential constraints impose a
network structure on the database and it is shown how
referential constraints can be maintained by interpreting this
network, using the data-pipelining facilities provided by CODD.
It is also shown how referential constraints can be used to
construct generalisation hierarchies, themselves an important
data modelling tool. Further, some extensions to referential
constraints, which allow them to capture more semantics, are
suggested. The usefulness of referential constraints is
illustrated by presenting a real database example (that of the
University Computing Service), on which the ideas described in
the dissertation have been tested.
cam.ac.uk//UCAM-CL-TR-63
2018-04-23
Poly manual
Matthews, David C.J.
University of Cambridge, Computer Laboratory
1985-02
en
Text
UCAM-CL-TR-63
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-63.pdf
Poly is a general purpose, High-level programming language. It
has a simple type system which is also very powerful. Higher
order procedures, polymorphic operations, parameterised abstract
types and modules are all supported by a single mechanism.
Poly is strongly typed. All objects have a specification which
the compiler can use to check that operations applied to them
are sensible. Type errors cannot cause run time faults. The
language is safe, meaning that any faults occuring at run time
will result in exceptions which can be caught. All veriables
must be initialised before use, so faults due to undefined
variables cannot occur. Poly allows higher order procedures to
be declared and used; these take another procedure as a
parameter, or return a procedure as the result. Since Poly is
statically scoped, this may still refer to the arguments and
local variables of the procedure which returned it.
Poly allows polymorphic operations. Thus, it is possible to
write one program to perform an operation on data of any type,
provided only that the operation is available for the data type.
Abstract types may be created and manipulated. These can be
specified in such a way that only the functions to manipulate
these objects are available to the user. This has the advantage
that the implementation can easily be changed, provided that it
has the same external properties. Abstract types can be
parameterised so that a set of types can be defined in a single
definition. Types in Poly are similar to modules in other
languages. For example, types can be separately compiled. An
abstract type which makes use of other types can be written as
though it were polymorphic; it will work if it is given any type
which has the required operations. Its operation may be to
return a new type which may be used directly or as a parameter
to other polymorphic abstract types.
cam.ac.uk//UCAM-CL-TR-64
2018-03-27
A framework for inference in natural language front ends
to databases
Boguraev, Branimir K.
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1985-02
en
Text
UCAM-CL-TR-64
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-65
2018-03-27
Introduction to the programming language
“Ponder”
Tillotson, Mark
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-65
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-66
2019-03-01
A formal hardware verification methodology and its
application to a network interface chip
Gordon, M.J.C.
Herbert, J.
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-66
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-66.pdf
We describe how the functional correctness of a circuit design
can be verified by machine checked formal proof. The proof
system used is LCF_LSM [1], a version of Milner’s LCF [2] with a
different logical calculus called LSM. We give a tutorial
introduction to LSM in the paper.
Our main example is the ECL chip of the Cambridge Fast Ring
(CFR) [3]. Although the ECL chip is quite simple (about 360
gates) it is nevertheless real. Minor errors were discovered as
we performed the formal proof, but when the corrected design was
eventually fabricated it was functionally correct first time.
The main steps in verification were: (1) Writing a high-level
behavioural specification in the LSM notation. (2) Translating
the circuit design from its Modula-2 representation in the
Cambridge Design Automation System [4] to LSM. (3) Using the
LCF_LSM theorem proving system to mechanically generate a proof
that the behaviour determined by the design is equivalent to the
specified behaviour.
In order to accomplish the second of these steps, an interface
between the Cambridge Design Automation System and the LCF_LSM
system was constructed.
cam.ac.uk//UCAM-CL-TR-67
2019-03-01
Natural deduction theorem proving via higher-order
resolution
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-67
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-67.pdf
An experimental theorem prover is described. Like LCF it is
embedded in the metalanguage ML and supports backward proof
using tactics and tacticals. The prover allows a wide class of
logics to be introduced using Church’s representation of
quantifiers in the typed lambda-calculus. The inference rules
are expressed as a set of generalized Horn clauses containing
higher-order variables. Depth-first subgoaling along inference
rules is essentially linear resolution, but using higher-order
unification instead of first-order. This constitutes a
higher-order Prolog interpreter.
The rules of Martin Löf’s Constructive Type Theory have been
entered into the Prover. Special tactics inspect a goal and
decide which type theory rules may be appropriate, avoiding
excessive backtracking. These tactics can automatically derive
the types of many Type Theory expressions. Simple functions can
be derived interactively.
cam.ac.uk//UCAM-CL-TR-68
2019-03-05
HOL : A machine oriented formulation of higher order
logic
Gordon, Mike
University of Cambridge, Computer Laboratory
1985-07
en
Text
UCAM-CL-TR-68
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-68.pdf
In this paper we describe a formal language intended as a basis
for hardware specification and verification. The language is not
new; the only originality in what follows lies in the
presentation of the details. Considerable effort has gone into
making the formalism suitable for manipulation by computer.
The logic described here underlies an automated proof generator
called HOL. The HOL logic is derived from Church’s Simple Type
Theory by: making the syntax more readable, allowing types to
contain variables, and building in the Axiom of Choice via
Hilbert’s ε-operator.
The exact syntax of the logic is defined relative to a theory,
which determines the types and constants that are available.
Theories are developed incrementally starting from the standard
theories of truth-values or booleans, and of individuals. This
paper describes the logic underlying the HOL system.
cam.ac.uk//UCAM-CL-TR-69
2017-07-13
Proving termination of normalization functions for
conditional expressions
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1985-06
en
Text
UCAM-CL-TR-69
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-69.pdf
Boyer and Moore have discussed a recursive function that puts
conditional expressions into normal form. It is difficult to
prove that this function terminates on all inputs. Three
termination proofs are compared: (1) using a measure function,
(2) in domain theory using LCF, (3) showing that its “recursion
relation”, defined by the pattern of recursive calls, is
well-founded. The last two proofs are essentially the same
though conducted in markedly different logical frameworks. An
obviously total variant of the normalize function is presented
as the ‘computational meaning’ of those two proofs.
A related function makes nested recursive calls. The three
termination proofs become more complex: termination and
correctness must be proved simultaneously. The recursion
relation approach seems flexible enough to handle subtle
termination proofs where previously domain theory seemed
essential.
cam.ac.uk//UCAM-CL-TR-70
2022-04-04
A remote procedure call system
Hamilton, Kenneth Graham
University of Cambridge, Computer Laboratory
1984-12
en
Text
UCAM-CL-TR-70
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-70.pdf
The provision of a suitable means for communication between
software modules on different machines is a recognized problem
in distributed computing research. Recently the use of
language-level Remote Procedure Call (RPC) has been advocated as
a solution to this problem.
This thesis discusses the rationale, design, implementation and
supporting environment of a flexible RPC system for an extended
version of the CLU programming language. It is argued that
earlier RPC systems have adopted an undesirably rigid stance by
attempting to make remotre procedure calls look as similar as
possible to local procedure calls. It is suggested instead that
the inevitable differences in performance and failure properties
between local and remote calls should be regarded as being
essentially different from local calls. Following from this, it
is proposed that RPC systems should offer at least two
complementary call mechanisms. One of these should attempt to
recover from network errors and should only report unrecoverable
failures. The other should never attempt automatic recovery from
network errors, thereby giving implementors the convenience of a
language-level mechanism without losing sight of the underlying
network.
Other specific areas that are discussed include binding issues,
protocols, transmission mechanisms for standard data types, and
the particular problems posed by abstract data types. A new
transfer mechanism for abstract types is proposed which would
permit software using new representations to communicate with
software using earlier representations. The provision of special
operating system support for the CLU RPC mechanism is also
discussed.
cam.ac.uk//UCAM-CL-TR-71
2003-01-01
Executing temporal logic programs
Moszkowski, Ben
University of Cambridge, Computer Laboratory
1985-08
en
Text
UCAM-CL-TR-71
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-72
2019-09-25
Logic programming and the specification of
circuits
Clocksin, W.F.
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-72
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-72.pdf
Logic programming (see Kowalski, 1979) can be used for
specification and automatic reasoning about electrical circuits.
Although propositional logic has long been used for describing
the truth functions of combinational circuits, the more powerful
Predicate Calculus on which logic programming is based has seen
relatively little use in design automation. Previous researchers
have introduced a number of techniques similar to logic
programming, but many of the useful consequences of the logic
programming methodology have not been exploited. This paper
first reviews and compares three methods for representing
circuits, which will be called here the functional method, the
extensional method, and the definitional method. The latter
method, which conveniently admits arbitrary sequential circuits,
is then treated in detail. Some useful consequences of using
this method for writing directly executable specifications of
circuits are described. These include the use of quantified
variables, verification of hypothetical states, and sequential
simulation.
cam.ac.uk//UCAM-CL-TR-73
2020-11-05
Resource management in a distributed computing
system
Craft, Daniel Hammond
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-73
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-73.pdf
The Cambridge Distributed System, based on the Cambridge Ring
local area network, includes a heterogeneous collection of
machines known as the processor bank. These machines may run
network servers, or may be loaded with services and allocated to
users dynamically. The machines and the variety of services they
can support (eg. different operating systems, compilers,
formatters) are viewed as resources available to other
components of the distributed system.
By using a processor bank, two fundamental limitations of the
personal computer approach to distributed computing can be
overcome: responsiveness for computation-intensive tasks is not
limited by the single, personal machine because tasks may expand
into processor bank machines as necessary; and applications are
not limited to the operating system or languages available on
the personal computer because all of the systems or languages
which run on processor bank machines are at the users disposal,
both for implementing new applications and for importing
applications from other systems. Resource management is seen as
one of the four areas which must be addressed to realize these
advantages.
The resource management system must match client requirements
for resources to those resources which are available on the
network. To do this it maintains two data bases: one contains
information describing existing resources, and the other
contains information indicating how to obtain resources from
servers or have them constructed from existing subresources by
fabricators. The resource management system accepts resource
requirements from clients and picks from the alternatives in
these data bases the “best” match (as defined by the resource
management policy).
The resource management issues addressed include resource
description, location and allocation, construction, monitoring
and reclamation, authentication and protection, and policy. The
design and implementation of two resource management servers is
discussed.
cam.ac.uk//UCAM-CL-TR-74
2019-09-25
Hardware verification by formal proof
Gordon, Mike
University of Cambridge, Computer Laboratory
1985-08
en
Text
UCAM-CL-TR-74
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-74.pdf
The use of mathematical proof to verify hardware designs is
explained and motivated. The hierarchical verification of a
simple n-bit CMOS counter is used as an example. Some
speculations are made about when and how formal proof will
become used in industry.
cam.ac.uk//UCAM-CL-TR-75
2016-08-08
Design and implementation of a simple typed language
based on the lambda-calculus
Fairbairn, Jon
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-75
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-75.pdf
Despite the work of Landin and others as long ago as 1966,
almost all recent programming languages are large and difficult
to understand. This thesis is a re-examination of the
possibility of designing and implementing a small but practical
language based on very few primitive constructs.
The text records the syntax and informal semantics of a new
language called Ponder. The most notable features of the work
are a powerful type-system and an efficient implementation of
normal order reduction.
In contrast to Landin’s ISWIM, Ponder is statically typed, an
expedient that increases the simplicity of the language by
removing the requirement that operations must be defined for
incorrect arguments. The type system is a powerful extension of
Milner’s polymorphic type system for ML in that it allows local
quantification of types. This extension has the advantage that
types that would otherwise need to be primitive may be defined.
The criteria for the well-typedness of Ponder programmes are
presented in the form of a natural deduction system in terms of
a relation of generality between types. A new type checking
algorithm derived from these rules is proposed.
Ponder is built on the λ-calculus without the need for
additional computation rules. In spite of this abstract
foundation an efficient implementation based on Hughes’
super-combinator approach is described. Some evidence of the
speed of Ponder programmes is included.
The same strictures have been applied to the design of the
syntax of Ponder, which, rather than having many pre-defined
clauses, allows the addition of new constructs by the use of a
simple extension mechanism.
cam.ac.uk//UCAM-CL-TR-76
2019-10-02
Preserving abstraction in concurrent
programming
Cooper, R.C.B.
Hamilton, K.G.
University of Cambridge, Computer Laboratory
1985-08
en
Text
UCAM-CL-TR-76
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-76.pdf
Recent programming languages have attempted to provide support
for concurrency and for modular programming based on abstract
interfaces. Building on our experience of adding monitors to
CLU, a language orientated towards data abstraction, we explain
how these two goals conflict. In particular we discuss the clash
between conventional views on interface abstraction and the
programming style required for avoiding monitor deadlock. We
argue that the best compromise between these goals is a
combination of a fine grain locking mechanism together with a
method for explicitly defining concurrency properties for
selected interfaces.
cam.ac.uk//UCAM-CL-TR-77
2019-10-21
Why higher-order logic is a good formalisation for
specifying and verifying hardware
Gordon, Mike
University of Cambridge, Computer Laboratory
1985-09
en
Text
UCAM-CL-TR-77
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-77.pdf
Higher order logic was originally developed as a foundation for
mathematics. In this paper we show how it can be used as: 1. a
hardware description language, and 2. a formalism for proving
that designs meet their specifications.
Examples are given which illustrate various specification and
verification techniques. These include a CMOS inverter, a CMOS
full adder, an n-bit ripple-carry adder, a sequential multiplier
and an edge-triggered D-type register.
cam.ac.uk//UCAM-CL-TR-78
2019-10-21
A complete proof system for SCCS with model
assertions
Winskel, Glynn
University of Cambridge, Computer Laboratory
1985-09
en
Text
UCAM-CL-TR-78
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-78.pdf
This paper presents a proof system for Robin Milner’s
Synchronous Calculus of Communicating Systems (SCCS) with modal
assertions. The language of assertions is a fragment of dynamic
logic, sometimes called Hennessy-Milner logic after they brought
it to attention; while rather weak from a practical point of
view, its assertions are expressive enough to characterise
observation equivalence, central to the work of Milner et al. on
CCS and SCCS. The paper includes a completeness result and a
proof of equivalence between an operational and denotational
semantics for SCCS. Its emphasis is on the theoretical issues
involved in the construction of proof systems for parallel
programming langauges.
cam.ac.uk//UCAM-CL-TR-79
2017-07-06
Petri nets, algebras and morphisms
Winskel, Glynn
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-79
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-79.pdf
It is shown how a category of Petri nets can be viewed as a
subcategory of two sorted algebras over multisets. This casts
Petri nets in a familiar framework and provides a useful idea of
morphism on nets different from the conventional definition –
the morphisms here respect the behaviour of nets. The
categorical constructions with result provide a useful way to
synthesise nets and reason about nets in terms of their
components; for example various forms of parallel composition of
Petri nets arise naturally from the product in the category.
This abstract setting makes plain a useful functor from the
category of Petri nets to a category of spaces of invariants and
provides insight into the generalisations of the basic
definition of Petri nets – for instance the coloured and higher
level nets of Kurt Jensen arise through a simple modificationof
the sorts of the algebras underlying nets. Further it provides a
smooth formal relation with other models of concurrency such as
Milner’s Calculus of Communicating Systems (CCS) and Hoare’s
Communicating Sequential Processes (CSP).
cam.ac.uk//UCAM-CL-TR-80
2021-09-07
Interactive theorem proving with Cambridge LCF : A
user’s manual
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1985-11
en
Text
UCAM-CL-TR-80
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-81
2021-09-07
The implementation of functional languages using custom
hardware
Stoye, William Robert
University of Cambridge, Computer Laboratory
1985-12
en
Text
UCAM-CL-TR-81
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-81.pdf
In recent years functional programmers have produced a great
many good ideas but few results. While the use of functional
languages has been enthusiastically advocated, few real
application areas have been tackled and so the functional
programmer’s views and ideas are met with suspicion.
The prime cause of this state of affairs is the lack of widely
available, solid implementations of functional languages. This
in turn stems from two major causes: (1) Our understanding of
implementation techniques was very poor only a few years ago,
and so any implementation that is “mature” is also likely to be
unuseably slow. (2) While functional languages are excellent for
expressing algorithms, there is still considerable debate in the
functional programming community over the way in which input and
output operations should be represented to the programmer.
Without clear guiding principles implementors have tended to
produce ad-hoc, inadequate solutions.
My research is concerned with strengthening the case for
functional programming. To this end I constructed a specialised
processor, called SKIM, which could evaluate functional programs
quickly. This allowed experimentation with various
implementation methods, and provided a high performance
implementation with which to experiment with writing large
functional programs.
This thesis describes the resulting work and includes the
following new results: (1) Details of a practical turner-style
combinator reduction implementation featuring greatly improved
storage use compared with previous methods. (2) An
implementation of Kennaway’s director string idea that further
enhances performance and increases understanding of a variety of
reduction strategies. (3) Comprehensive suggestions concerning
the representation of input, output, and nondeterministic tasks
using functional languages, and the writing of operating
systems. Details of the implementation of these suggestions
developed on SKIM. (4) A number of observations concerning
fuctional programming in general based on considerable practical
experience.
cam.ac.uk//UCAM-CL-TR-82
2017-07-13
Natural deduction proof as higher-order
resolution
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1985-12
en
Text
UCAM-CL-TR-82
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-82.pdf
An interactive theorem prover, Isabelle, is under development.
In LCF, each inference rule is represented by one function for
forwards proof and another (a tactic) for backwards proof. In
Isabelle, each inference rule is represented by a Horn clause.
Resolution gives both forwards and backwards proof, supporting a
large class of logics. Isabelle has been used to prove theorems
in Martin-Löf’s Constructive Type Theory.
Quantifiers pose several difficulties: substitution, bound
variables, Skolemization. Isabelle’s representation of logical
syntax is the typed lambda-calculus, requiring higher-order
unification. It may have potential for logic programming.
Depth-first search using inference rules constitutes a
higher-order Prolog.
cam.ac.uk//UCAM-CL-TR-83
2022-05-10
Operating system design for large personal
workstations
Wilson, Ian David
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-83
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-83.pdf
With the advent of personal computers in the mid 1970s, the
design of operating systems has had to change in order to take
account of the new machines. Traditional problems such as
accounting and protection are no longer relevant, but
compactness, efficiency and pertability have all become
important issues as the number of these small systems has grown.
Since that time, due to the reductions in the costs of computer
components and manufacture, personal workstations have become
more common with not only the number of machines having
increased, but also their CPU power and memory capacity. The
work on software for the new machines has not kept pace with the
improvements in hardware design, and this is particularly true
in the area of operating systems, where there is a tendency to
treat the new machines as small, inferior mainframes.
This thesis investigates the possibility of enhancing work done
on the original personal computer operating systems, so that
better utilisation of the new machines can be obtained. The work
concentrates on two main areas of improvement: the working
environment as perceived by the user, and the underlying
primitives and algorithms used by the operating system kernel.
The work is illustrated by two case studies, the user
environment of the TRIPOS operating system is described, along
with a new command line interpreter and command programming
language, and a series of techniques to make better use of the
available hardware facilities is discussed. The kernel of the
TRIPOS operating system is examined critically, particularly
with respect to the way that machine resources are used, and
finally, a new set of kernel primitives and algorithms is
suggested, with reference to an experimental kernel for the real
time implementation of network protocol software.
cam.ac.uk//UCAM-CL-TR-84
2017-07-13
BSPL: a language for describing the behaviour of
synchronous hardware
Richards, Martin
University of Cambridge, Computer Laboratory
1986-04
en
Text
UCAM-CL-TR-84
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-85
2017-07-06
Category theory and models for parallel
computation
Winskel, Glynn
University of Cambridge, Computer Laboratory
1986-04
en
Text
UCAM-CL-TR-85
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-85.pdf
This report will illustrate two uses of category theory: Firstly
the use of category theory to define semantics in a particular
model. How semantic constructions can often be seen as
categorical ones, and, in particular, how parallel compositions
are derived from a categorical product and a nun-deterministic
sum. These categorical notions can provide a basis for reasoning
about computations and will be illustrated for the model of
Petri nets.
Secondly, the use of category theory to relate different
semantics will be examined; specifically, how the relations
between various concrete models like Petri nets, event
structures, trees and state machines are expressed as
adjunctions. This will be illustrated by showing the
coreflection between safe Petri nets and trees.
cam.ac.uk//UCAM-CL-TR-86
2004-10-04
The Entity System: an object based filing
system
Crawley, Stephen Christopher
University of Cambridge, Computer Laboratory
1986-04
en
Text
UCAM-CL-TR-86
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-87
2017-02-15
Computer-aided type face design
Carter, Kathleen Anne
University of Cambridge, Computer Laboratory
1986-05
en
Text
UCAM-CL-TR-87
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-87.pdf
This thesis tackles the problems encountered when trying to
carry out a creative and intuitive task, such as type face
design, on a computer. A brief history of printing and type
design sets the scene for a discussion of digital type. Existing
methods for generating and handling digital type are presented
and their relative merits are discussed. Consideration is also
given to the nature of designing, independent of the tools used.
The importance of intuition and experience in such a task is
brought out. Any new tools must allow the designer to exercise
his skills of hand and eye, and to judge the results visually.
The different abstractions that can be used to represent a
typeface in a computer are discussed with respect to the manner
of working that they force upon the designer.
In the light of this discussion some proposals are made for a
new system for computer-aided type face design. This system must
be highly interactive, providing rapid visual feedback in
response to the designer’s actions. Designing is a very
unstructured task, frequently with a number of activities being
pursued at once. Hence the system must also be able to support
multiple activities, with the user free to move between them at
any time.
The characteristics of various types of interactive graphical
environment are then considered. This discussion leads on to
proposals for an environment suitable for supporting type face
design. The proposed anvironment is based on the provision of a
number of windows on the screen, each supporting a different
activity. A mouse, graphics tablet and keyboard are all
continuously available for interection with the system. The rest
of the thesis discusses the implementation of this graphical
environment and the type face design system that makes use of
it. The final chapter evaluates the success of both the
underlying software and of the type face design system itself.
cam.ac.uk//UCAM-CL-TR-88
2022-05-05
A shallow processing approach to anaphor
resolution
Carter, David Maclean
University of Cambridge, Computer Laboratory
1986-05
en
Text
UCAM-CL-TR-88
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-88.pdf
The thesis describes an investigation of the faesibility of
resolving anaphors in natural language texts by means of a
“shallow processing” approach which exploits knowledge of
syntax, semantics and local focussing as heavily as possible; it
does not rely on the presence of large amounts of world or
domain knowledge, which are notoriously hard to process
accurately.
The ideas reported are implemented in a program called SPAR
(Shallow Processing Anaphor Resolver), which resolves anaphoric
and other linguistic ambiguities in simple English stories and
generates sentence-by-sentence paraphrases that show what
interpretations have been selected. Input to SPAR takes the form
of semantic structures for single sentences constructed by
Boguraev’s English analyser. These structures are integrated
into a network-style text representation as processing proceeds.
To achieve anaphor resolution, SPAR combines and develops
several existing techniques, most notably Sidner’s theory of
local focussing and Wilks’ “preference semantics” theory of
semantics and common sense inference.
Consideration of the need to resolve several anaphors in the
same sentence results in Sidner’s framework being modified and
extended to allow focus-based processing to ineract more
flexibly with processing based on other types of knowledge.
Wilks’ treatment of common sense inference is extended to
incorporate a wider range of types of inference without
jeopardizing its uniformity and simplicity. Further his
primitive-based formalism for word sense meanings is developed
in the interests of economy, accuracy and ease of use.
Although SPAR is geared mainly towards resolving anaphors, the
design of the system allows many non-anaphoric (lexical and
structural) ambiguities that cannot be resloved during sentence
analysis to be resolved as a by-product of anaphor resolution.
cam.ac.uk//UCAM-CL-TR-89
2016-08-08
Making form follow function : An exercise in functional
programming style
Fairbairn, Jon
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-89
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-89.pdf
The combined use of user-defined infix operators and higher
order functions allows the programmer to invent new control
structures tailored to a particular problem area.
This paper is to suggest that such a combination has beneficial
effects on the ease of both writing and reading programmes, and
hence can increase programmer productivity. As an example, a
parser for a simple language is presented in this style.
It is hoped that the presentation will be palatable to people
unfamiliar with the concepts of functional programming.
cam.ac.uk//UCAM-CL-TR-90
2018-03-20
The Cambridge Fast Ring networking system
(CFR)
Hopper, Andy
Needham, Roger M.
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-90
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-90.pdf
Local area networks have developed from slow systems operating
at below 1MBs to fast systems at 50MBs or more. We discuss the
choices facing a designer as faster speeds for networks are
contemplated. The 100MBs Cambridge Fast Ring is described. The
ring protocol allows one of a number of fixed size slots to be
used once or repeatedly. The network design allows sets of rings
to be constructed by pushing the bridge function to the lowest
hardware level. Low cost and ease of use is normally achieved by
design of special chips and we describe a two-chip VLSI
implementation. This VLSI hardware forms the basis of a
kit-of-parts from which many different network components can be
constructed.
cam.ac.uk//UCAM-CL-TR-91
2018-03-27
Hardware verification using higher-order
logic
Camilleri, Albert
Gordon, Mike
Melham, Tom
University of Cambridge, Computer Laboratory
1986-09
en
Text
UCAM-CL-TR-91
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-91.pdf
The Hardware Verification Group at the University of Cambridge
is investigating how various kinds of digital systems can be
verified by mechanised formal proof. This paper explains our
approach to representing behaviour and structure using higher
order logic. Several examples are described including a ripple
carry adder and a sequential device for computing the factorial
function. The dangers of inaccurate models are illustrated with
a CMOS exclusive-or gate.
cam.ac.uk//UCAM-CL-TR-92
2019-09-13
Implementation and programming techniques for functional
languages
Wray, Stuart Charles
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-92
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-92.pdf
In this thesis I describe a new method of strictness analysis
for lazily evaluated functional languages, and a method of code
generation making use of the information provided by this
analysis. I also describe techniques for practical programming
in lazily evaluated functional languages, based on my experience
of writing substantial functional programs.
My new strictness analyser is both faster and more powerful than
that of Mycroft. It can be used on any program expressed as
super-combinator definitions and it uses the additional
classifications absent and dangerous as well as strict and lazy.
This analyser assumes that functional arguments to higher order
functions are completely lazy.
I describe an extension of my analyser which discovers more
strictness in the presence of higher order functions, and I
compare this with higher order analysers based on Mycroft’s
work. I also describe an extension of my analyser to lazy pairs
and discuss strictness analysers for lazy lists.
Strictness analysis brings useful performance improvements for
programs running on conventional machines. I have implemented my
analyser in a compiler for Ponder, a lazily evaluated functional
language with polymorphic typing. Results are given, including
the surprising result that higher order strictness analysis is
no better than first order strictness analysis for speeding up
real programs on conventional machines.
I have written substantial programs in Ponder and describe in
some detail the largest of these which is about 2500 lines long.
This program is an interactive spreadsheet using a mouse and
bitmapped display. I discuss programming techniques and
practical problems facing functional languages with illustrative
examples from programs I have written.
cam.ac.uk//UCAM-CL-TR-93
2003-01-01
Automated design of an instruction set for
BCPL
Bennett, J.P.
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-93
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-94
2017-07-13
A mechanized proof of correctness of a simple
counter
Cohn, Avra
Gordon, Mike
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-94
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-95
2017-07-06
Event structures : Lecture notes for the Advanced Course
on Petri Nets
Winskel, Glynn
University of Cambridge, Computer Laboratory
1986-07
en
Text
UCAM-CL-TR-95
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-95.pdf
Event structures are a model of computational processes. They
represent a process as a set of event occurrences with relations
to express how events causally depend on others. This paper
introduces event structures, shows their relationship to Scott
domains and Petri nets, and surveys their role in denotational
semantics, both for modelling laguages like CCS and CSP and
languages with higher types.
cam.ac.uk//UCAM-CL-TR-96
2020-01-10
Models and logic of MOS circuits : Lectures for the
Marktoberdorf Summerschool, August 1986
Winskel, Glynn
University of Cambridge, Computer Laboratory
1986-10
en
Text
UCAM-CL-TR-96
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-96.pdf
Various models of hardware have been proposed though virtually
all of them do not model circuits adequately enough to support
and provide a formal basis for many of the informal arguments
used by designers of MOS circuits. Such arguments use rather
crude discrete notions of strength – designers cannot be too
finicky about precise resistances and capacitances when building
a chip – as well as subtle derived notions of information flow
between points in the circuit. One model, that of R.E. Bryant,
tackles such issues in reasonable generality and has been used
as the basis of several hardware simulators. However Bryant’s
model is not compositional. These lectures introduce Bryant’s
ideas and present a compositional model for the behaviour of MOS
circuits when the input is steady, show how this leads to a
logic, and indicate the difficulties in providing a full and
accurate treatment for circuits with changing inputs.
cam.ac.uk//UCAM-CL-TR-97
2019-11-01
A study on abstract interpretation and “validating
microcode algebraically”
Mycroft, Alan
University of Cambridge, Computer Laboratory
1986-10
en
Text
UCAM-CL-TR-97
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-97.pdf
This report attempts to perfrom two roles: the first part aims
to give a state-of-the-art introduction to abstract
interpretation with as little mathematics as possible. The
question of the ‘best’ meta-language for abstract interpretation
is, however, left open. The second part gives a tutorial
introduction to an application of abstract interpretation based
on the relational style of Mycroft and Jones (1985). This report
does not claim to have introduced any new techniques, but rather
aims to make the existing literature understandable to a wider
audience.
cam.ac.uk//UCAM-CL-TR-98
2010-04-27
Power-domains, modalities and the Vietoris
monad
Robinson, E.
University of Cambridge, Computer Laboratory
1986-10
en
Text
UCAM-CL-TR-98
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-98.pdf
It is possible to divide the syntax-directed approaches to
programming language semantics into two classes, “denotational”,
and “proof-theoretic”. This paper argues for a different
approach which also has the effect of linking the two methods.
Drawing on recent work on locales as formal spaces we show that
this provides a way in which we can hope to use a
proof-theoretical semantics to give us a denotational one. This
paper reviews aspects of the general theory, before developing a
modal construction on locales and discussing the view of
power-domains as free non-deterministic algebras. Finally, the
relationship between the present work and that of Winskel is
examined.
cam.ac.uk//UCAM-CL-TR-99
2019-11-01
An overview of the Poly programming language
Matthews, David C.J.
University of Cambridge, Computer Laboratory
1986-08
en
Text
UCAM-CL-TR-99
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-99.pdf
Poly is a general purpose programming language based on the idea
of treating types as first class values. It can support
polymorphic operations by passing types as parameters to
procedures, and abstract types and parameterised types by
returning types as results.
Although Poly is not intended specifically as a database
programming language it was convenient to implement it is a
persistent storage system. This allows the user to retain data
structures from one session to the next, and can support large
programming systems such as the Poly compiler and a Standard ML
system.
cam.ac.uk//UCAM-CL-TR-100
2022-10-03
Proving a computer correct in higher order
logic
Joyce, Jeff
Birtwistle, Graham
Gordon, Mike
University of Cambridge, Computer Laboratory
1986-12
en
Text
UCAM-CL-TR-100
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-100.pdf
Technical report no. 42, ‘Proving a computer correct using the
LSF_LSM hardware verification system’, describes the
specification and verification of a register-transfer level
implementation of a simple general purpose computer. The
computer has a microcoded control unit implementing eight user
level instructions. We have subsequently redone this example in
higher order logic using the HOL hardware verification system.
This report presents the specification and verification of
Gordon’s computer as an example of hardware specification and
verification in higher order logic. The report describes how the
structure and behaviour of digital circuits may be specified
using the formalism of higher order logic. The proof of
correctness also shows how digital behaviour at different
granularities of time may be related by means of a temporal
abstraction.
This report should be read with Technical report no. 68, ‘HOL, a
machine oriented formulation of higher order logic’, which
describes the logic underlying the HOL hardware verification
system.
cam.ac.uk//UCAM-CL-TR-101
2022-04-22
Binary routing networks
Milway, David Russel
University of Cambridge, Computer Laboratory
1986-12
en
Text
UCAM-CL-TR-101
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-101.pdf
Binary Routing Networks combine ideas from Wide Area Networks
and Interconnection Networks with the principles of Local Area
Networks. This results in a high performance network for use in
the local and wide area environment. Simulation of this form of
network shows that for certain structures the performance of the
network can approach or even exceed that obtained from a
cross-bar switch. This dissertation describes how network
structures based on Binary Routing Networks can be used in
applications where a network capable of high rates of throughput
with low delay is required.
Binary Routing Networks use a switching fabric constructed from
simple routing nodes to route packets from a source to a
destination. Some network topologies allow many packets to pass
through the network simultanously, giving the network an
aggregate throughput mugh greater than the basic bit rate.
Routing nodes do not require knowledge of the topology and are
thus simple to construct. They use routing information in the
packet to direct the packet through the network. Packets pass
through the nodes with little delay except where contention for
a link occurs when the packet needs to be buffered.
A design for a non-buffered routing node is described where
contention is resolved by discarding one of the packets.
Discarded packets are retried later by the sending station. This
form of network removes the buffers from the routing nodes
making them even simpler to construct. Simulations of a network
of 512 stations show that for loads per station of up to 20% of
the basic bit rate, a non-buffered network can outperform a
buffered network. This design allows the construction of a fault
tolerant network which can pass packets through any number of
different paths, avoiding broken links or congensted areas in
the network.
A prototype of a Binary Routing Network is discussed. This
network makes use of the non-buffered routing nodes and
measurements of its performance are compared with results
obtained from the simulations. A proposal for using this form of
network in an Integrated Service environment are also given.
Structures similar to Binary Routing Networks are fast becoming
the backbone of multiprocessor systems. Local Area Networks also
need to apply this technology to meet the requirements that they
are being asked to support.
cam.ac.uk//UCAM-CL-TR-102
2019-11-08
A persistent storage system for Poly and ML
Matthews, David C.J.
University of Cambridge, Computer Laboratory
1987-01
en
Text
UCAM-CL-TR-102
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-102.pdf
The conventional strategy for implementing interactive languages
has been based on the use of a “workspace” or “core-image” which
is read in at the start of a session and written out at the end.
While this is satisfactory for small systems it is inefficient
for large programs. This report describes how an idea originally
invented to simplify database programming, the persistent store,
was adapted to support program development in an interactive
language.
Poly and ML are both semi-functional languages in the sense that
they allow functions as first class objects but they have
variables (references) and use call-by-value semantics.
Implementing such languages in a persistent store poses some
problems but also allows optimisations which would not be
possible if their type systems did not apply certain
constraints.
The basic system is designed for single-users but the problems
of sharing data between users is discussed and an experimental
system for allowing this is described.
cam.ac.uk//UCAM-CL-TR-103
2022-09-16
HOL : A proof generating system for higher-order
logic
Gordon, Mike
University of Cambridge, Computer Laboratory
1987-01
en
Text
UCAM-CL-TR-103
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-103.pdf
HOL is a version of Robin Milner’s LCF theorem proving system
for higher-order logic. It is currently being used to
investigate: how various levels of hardware behaviour can be
rigorously modelled; and how the resulting behavioural
representations can be the basis for verification by mechanized
formal proof.
This paper starts with a tutorial introduction to the
meta-language ML. The version of higher-order logic implemented
in the HOL system is then described. This is followed by an
introduction to goal-directed proof with tactics and tacticals.
Finally, there is a little example showing the system in action.
This example illustrates how HOL can be used for hardware
verification.
cam.ac.uk//UCAM-CL-TR-104
2006-06-02
A proof of correctness of the Viper microprocessor: the
first level
Cohn, Avra
University of Cambridge, Computer Laboratory
1987-01
en
Text
UCAM-CL-TR-104
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-104.pdf
The Viper microprocessor designed at the Royal Signals and Radar
Establishment (RSRE) is one of the first commercially produced
computers to have been developed using modern formal methods.
Viper is specified in a sequence of decreasingly abstract
levels. In this paper a mechanical proof of the equivalence of
the first two of these levels is described. The proof was
generated using a version of Robin Milner’s LCF system.
cam.ac.uk//UCAM-CL-TR-105
2019-11-11
A compositional model of MOS circuits
Winskel, Glynn
University of Cambridge, Computer Laboratory
1987-04
en
Text
UCAM-CL-TR-105
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-105.pdf
This paper describes a compositional model for MOS circuits.
Like the model of Bryant (1984), it covers some of the effects
of capacitance and resistance used frequently in designs.
Although this has formed the basis of several hardware
simulators, it suffers from the inadequacy that it is not
compositional, making it difficult to reason in a structured
way.
The present paper restricts its attention to the static
behaviour of circuits, representing this as the set of possible
steady states the circuit can settle into. A good understanding
of such static behaviour is necessary to treat sequential
circuits. This paper further takes the view that it is useful to
have a language to describe the construction of circuits, and to
this end borrows ideas from Hoare’s Communicating Sequential
Processes, and Milner’s Calculus of Communicating Systems.
cam.ac.uk//UCAM-CL-TR-106
2019-11-11
Abstraction mechanisms for hardware
verification
Melham, Thomas F.
University of Cambridge, Computer Laboratory
1987-05
en
Text
UCAM-CL-TR-106
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-106.pdf
It is argued that techniques for proving the correctness of
hardware designs must use abstraction mechanisms for relating
formal descriptions at different levels of detail. Four such
abstraction mechanisms and their formalisation in higher order
logic are discussed.
cam.ac.uk//UCAM-CL-TR-107
2019-11-11
DI-domains as a model of polymorphism
Coquand, Thierry
Gunter, Carl
Winskel, Glynn
University of Cambridge, Computer Laboratory
1987-05
en
Text
UCAM-CL-TR-107
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-107.pdf
This paper investigates a model of the polymorphic lambda
calculus recently described by Girard (1985). This model differs
from earlier ones in that all the types are interpreted as
domains rather than closures or finitary projections on a
universal domain. The objective in this paper is to generalize
Girard’s construction to a larger category called dI-domains,
and secondly to show how Girard’s construction (and this
generalization) can be done abstractly. It demonstrates that the
generalized construction can be used to do denotational
semantics in the ordinary way, but with the added feature of
type polymorphism.
cam.ac.uk//UCAM-CL-TR-108
2010-03-11
Workstation design for distributed computing
Wilkes, Andrew John
University of Cambridge, Computer Laboratory
1987-06
en
Text
UCAM-CL-TR-108
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-108.pdf
This thesis discusses some aspects of the design of computer
systems for local area networks (LANs), with particular emphasis
on the way such systems present themselves to their users. Too
little attention to this issue frequently results in computing
environments that cannot be extended gracefully to accommodate
new hardware or software and do not present consistent, uniform
interfaces to either their human users or their programmatic
clients. Before computer systems can become truly ubiquitous
tools, these problems of extensibility and accessibility must be
solved. This dissertation therefore seeks to examine one
possible approach, emphasising support for program development
on LAN based systems.
cam.ac.uk//UCAM-CL-TR-109
2019-11-14
Hardware verification of VLSI regular
structures
Joyce, Jeffrey
University of Cambridge, Computer Laboratory
1987-07
en
Text
UCAM-CL-TR-109
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-109.pdf
Many examples of hardware specification focus on hierarchical
specification as a means of controlling structural complexity in
design. Another method is the use of iteration. This paper,
however, presents a third method, namely the mapping of
irregular combinational functions to regular structures.
Regular structures often result in solutions which are
economical in terms of area and design time. The automatic
generation of a regular structure such as a ROM or PLA from a
functional specification usually accommodates minor changes to
the functional specification.
The mapping of irregular combinational functions to a regular
structure separates function from circuit design. This paper
shows how this separation can be exploited to derive a
behavioural specification of a regular structure parameterized
by the functional specification.
cam.ac.uk//UCAM-CL-TR-110
2019-11-15
Relating two models of hardware
Winskel, Glynn
University of Cambridge, Computer Laboratory
1987-07
en
Text
UCAM-CL-TR-110
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-110.pdf
The idea of this note is to show how Winskel’s
static-configuration model of circuits is related formally to
Gordon’s relational model. Once so related, the simpler proofs
in the relational model can, for instance, be used to justify
results in terms of the static-configurations model. More
importantly, we can exhibit general conditions on circuits which
ensure that assertions which hold of a circuit according to the
simpler model are correct with respect to the more accurate
model. The formal translation makes use of a simple adjunction
between (partial order) categories associated with the two
models, in a way reminiscient of abstract interpretation.
Preliminary results suggest similar lines of approach may work
for other kinds of abstraction such as temporal abstraction used
in e.g. Melham’s work to reason about hardware, and, more
generally, make possible a formal algebraic treatment of the
relationship between different models of hardware.
cam.ac.uk//UCAM-CL-TR-111
2017-07-13
Realism about user modelling
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1987-06
en
Text
UCAM-CL-TR-111
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-111.pdf
This paper reformulates the framework for user modelling
presented in an earlier technical report, ‘User Models and
Expert Systems’, and considers the implications of the real
limitations on the knowledge likely to be available to a system
for the value and application of user models.
cam.ac.uk//UCAM-CL-TR-112
2019-11-25
Reducing thrashing by adaptive backtracking
Wolfram, D.A.
University of Cambridge, Computer Laboratory
1987-08
en
Text
UCAM-CL-TR-112
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-112.pdf
Adaptive backtracking dynamically reduces thrashing caused by
blind backtracking and recurring failures, by locating early
backtrack points and deleting choices which are not part of any
solution. Search problems with hereditary bounding properties
are soluble by this method. These problems include searches in
theorem proving, logic programming, reason maintenance, and
planning. The location of a backtrack point uses a particular
minimal inconsistent subset, which is called the cause set. A
rejection set is computed from the union of cause sets and
rejection sets at a failure are used to locate subsequent
backtrack points. A choice is deleted when a rejection set is a
singleton. The worst case overhead is O(nf(n)) in time if the
bounding property can be tested in O(f(n)) time, and O(n²) in
space. An implementation confirms the expected exponential
speed-ups for problems whose solution involves much thrashing.
cam.ac.uk//UCAM-CL-TR-113
2019-11-25
The representation of logics in higher-order
logic
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1987-08
en
Text
UCAM-CL-TR-113
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-113.pdf
Intuitionistic higher-order logic — the fragment comtaining
implication, universal quantification, and equality — can serve
as a meta-logic for formalizing various logics. As an example,
axioms formalizing first-order logic are presented, and proved
sound and complete by induction on proof trees.
Proofs in higher-order logic represent derivations of rules as
well as proofs of theorems. A proof develops by deriving rules
using higher-order resolutions. The discharge of assumptions
involves derived meta-rules for ‘lifting’ a proposition.
Quantifiers require a similar lifting rule or else Hilbert’s
ε-operator. The alternatives are contrasted through several
examples. Hilbert’s ε underlies Isabelle’s original treatment of
quantifiers, but the lifting rule is logically simpler.
The meta-logic is used in the latest version of the theorem
prover Isabelle. It extends the logic used in earlier versions.
Compared with other meta-logics, higher-order logic has a weaker
type system but seems easier to implement.
cam.ac.uk//UCAM-CL-TR-114
2007-01-18
An architecture for integrated services on the local
area network
Ades, Stephen
University of Cambridge, Computer Laboratory
1987-09
en
Text
UCAM-CL-TR-114
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-114.pdf
This dissertation concerns the provision of integrated services
in a local area context, e.g. on business premises. The term
integrated services can be understood at several levels. At the
lowest, one network may be used to carry traffic of several
media—voice, data, images etc. Above that, the telephone
exchange may be replaced by a more versatile switching system,
incorporating facilities such as stored voice messages. Its
facilities may be accessible to the user through the interface
of the workstation rather than a telephone. At a higher level
still, new services such as multi-media document manipulation
may be added to the capabilities of a workstation.
Most of the work to date has been at the lowest of these levels,
under the auspices of the Integrated Services Digital Network
(ISDN), which mainly concerns wide area communications systems.
The thesis presented here is that all of the above levels are
important in a local area context. In an office environment,
sophisticated data processing facilities in a workstation can
usefully be combined with highly available telecommunications
facilities such as the telephone, to offer the user new services
which make the working day more pleasant and productive. That
these facilities should be provided across one integrated
network, rather than by several parallel single medium networks
is an important organisational convenience to the system
builder.
The work described in this dissertation is relevant principally
in a local area context—in the wide area economics and traffic
balance dictate that the emphasis will be on only the network
level of integration for some time now. The work can be split
into three parts:
i) the use of a packet network to carry mixed media. This has
entailed design of packet voice protocols which produce delays
low enough for the network to interwork with national telephone
networks. The system has also been designed for minimal cost per
telephone—packet-switched telephone systems have traditionally
been more expensive than circuit-switched types. The network
used as a foundation for this work has been the Cambridge Fast
Ring.
ii) use of techniques well established in distributed computing
systems to build an ‘integrated services PABX (Private Automatic
Branch Exchange)’. Current PABX designs have a very short life
expectancy and an alarmingly high proportion of their costs is
due to software. The ideas presented here can help with both of
these problems, produce an extensible system and provide a basis
for new multi-media services.
iii) development of new user level Integrated Services. Work has
been done in three areas. The first is multi-media documents. A
voice editing interface is described along with the system
structure required to support it. Secondly a workstation display
has been built to support a variety of services based upon image
manipulation and transmission. Finally techniques have been
demonstrated by which a better interface to telephony functions
can be provided to the user, using methods of control typical of
workstation interfaces.
cam.ac.uk//UCAM-CL-TR-115
2019-11-27
Formal validation of an integrated circuit design
style
Dhingra, I.S.
University of Cambridge, Computer Laboratory
1987-08
en
Text
UCAM-CL-TR-115
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-115.pdf
In dynamic circuit design many rules must be followed which
govern the correctness of the design. In this paper a dynamic
CMOS design style using a two phase non-overlapping clock with
its intricate design rules is presented together with formal
means of showing that a circuit follows these rules.
cam.ac.uk//UCAM-CL-TR-116
2022-10-03
Domain theoretic models of polymorphism
Coquand, Thierry
Gunter, Carl
Winskel, Glynn
University of Cambridge, Computer Laboratory
1987-09
en
Text
UCAM-CL-TR-116
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-116.pdf
The main point of this paper is to give an illustration of a
construction useful in producing and describing models of Girard
and Reynolds’ polymorphic λ-calculus. The key unifying ideas are
that of a Grothendieck fibration and the category of continuous
sections associated with it, constructions used in indexed
category theory; the universal types of the calculus are
interpreted as the category of continuous sections of the
fibration. As a major example a new model for the polymorphic
λ-calculus is presented. In it a type is interpreted as a Scott
domain. The way of understanding universal types of the
polymorphic λ-calculus as categories of continuous sections
appears to be useful generally, and, as well as applying to the
new model introduced here, also applies, for instance, to the
retract models of McCracken and Scott, and a recent model of
Girard. It is hoped that by pin-pointing a key construction this
paper will help towards a deeper understanding of the models for
the polymorphic λ-calculus and the relations between them.
cam.ac.uk//UCAM-CL-TR-117
2017-07-06
Distributed computing with RPC: the Cambridge
approach
Bacon, J.M.
Hamilton, K.G.
University of Cambridge, Computer Laboratory
1987-10
en
Text
UCAM-CL-TR-117
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-117.pdf
The Cambridge Distributed Computing System (CDCS) is described
and its evolution outlined. The Mayflower project allowed CDCS
infrastructure, services and applications to be programmed in a
high level, object oriented, language, Concurrent CLU. The
Concurrent CLU RPC facility is described in detail. It is a
non-transparent, type checked, type safe system which employs
dynamic binding and passes objects of arbitrary graph structure.
Recent extensions accomodate a number of languages and transport
protocols. A comparison with other RPC schemes is given.
cam.ac.uk//UCAM-CL-TR-118
2019-11-28
Material concerning a study of cases
Boguraev, B.K.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1987-05
en
Text
UCAM-CL-TR-118
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-118.pdf
This note describes and illustrates a study of deep cases using
a large sample of sentences. We have used a language analyser
which builds meaning representations expressing semantic case
roles; specifically Boguraev’s (1979) analyser, which builds
dependency trees with word senses defined by semantic category
primitive formulae, and with case labels, i.e. semantic relation
primitives. This note highlights the importance of the source
material for those interested in case-based representations of
sentence meaning, and indicates the potential utility of the
study results.
cam.ac.uk//UCAM-CL-TR-119
2019-12-20
Pilgrim: a debugger for distributed systems
Cooper, Robert
University of Cambridge, Computer Laboratory
1987-07
en
Text
UCAM-CL-TR-119
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-119.pdf
Pilgrim is a source level debugger for concurrent CLU programs
which execute in a distributed environment. It integrates
conventional debugging facilities with features for debugging
remote procedure calls and critical region based process
interactions. Pilgrim is unusual in that it functions on
programs in the target environment under conditions of actual
use. This has caused a trade-off between providing rich and
detailed information to the programmer and avoiding any unwanted
alteration to the computation being debugged. Another
complication is debugging one client of a network server while
avoiding interference with the server’s other clients. A
successful methodology for this case requires assistance from
the server itself.
cam.ac.uk//UCAM-CL-TR-120
2017-07-06
Block encryption
Wheeler, D.
University of Cambridge, Computer Laboratory
1987-11
en
Text
UCAM-CL-TR-120
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-120.pdf
A fast and simple way of encrypting computer data is needed. The
UNIX crypt is a good way of doing this although the method is
not cryptographically sound for text. The method suggested here
is applied to larger blocks than the DES method which uses 64
bit blocks, so that the speed of encyphering is reasonable. The
algorithm is designed for software rather than hardware. This
forgoes two advantages of the crypt algorithm, namely that each
character can be encoded and decoded independently of other
characters and that the identical process is used both for
encryption and decryption. However this method is better for
coding blocks directly.
cam.ac.uk//UCAM-CL-TR-121
2019-12-20
A high-level petri net specification of the Cambridge
Fast Ring M-access service
Billington, Jonathan
University of Cambridge, Computer Laboratory
1987-12
en
Text
UCAM-CL-TR-121
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-121.pdf
Numerical Petri Nets (a high level inhibitor net) are used to
characterise the Cambridge Fast Ring Hardware at a high level of
abstraction. The NPN model describes the service provided to
users of the hardware (stations, monitors, bridges and ring
transmission plant), known as the M-Access service definition in
order to remove ambiguities and as a basis for the development
and verification of the protocols using the M-Access service.
cam.ac.uk//UCAM-CL-TR-122
2019-12-20
Temporal abstraction of digital designs
Herbert, John
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-122
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-122.pdf
Formal techniques have been used to verify the function of
reasonably large digital devices ([Hunt85], [Cohn87]), and also
to describe and reason about digital signal behaviour at a
detailed timing level [Hanna85], [Herbert86]. Different models
are used: simple synchronous models of components are the basis
for verifying high-level functional specifications; more
detailed models which capture the behaviour of signals in real
time are the basis of proofs about timing. The procedure called
temporal abstraction is a technique for formally relating these
two behavioural models.
The background to temporal abstraction is presented and the
details of its implementation in HOL. The HOL language
([Gordon85a]) is a computerised version of higher-order logic
which has an associated proof assistant also called HOL. In HOL
one may specify behaviour at both the functional and timing
levels. This work describes how the relationship between these
levels may also be described in HOL and reasoned about using the
HOL system.
The formal transformation of descriptions of behaviour at the
timing level to behaviour at the functional level involves
generating and verifying timing constraints. This process can be
identified with the conventional design activity of timing
analysis. This work shows that timing verification can be
viewed, not as a separate phase of design, but as part of a
single verification process which encompasses functional and
timing verification. A single formal language, HOL, is used to
describe all aspects of the behaviour and a single verification
system provides all the proofs of correctness. The use of
uniform, formal techniques is shown to have a number of
advantages.
cam.ac.uk//UCAM-CL-TR-123
2020-01-16
Case study of the Cambridge Fast Ring ECL chip using
HOL
Herbert, John
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-123
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-123.pdf
This article describes the formal specification and verification
of an integrated circuit which is part of a local area network
interface. A single formal language is used to describe the
structure and behaviour at all levels in the design hierarchy,
and an associated proof assistant is used to generate all formal
proofs. The implementation of the circuit, described as a
structure of gates and flip-flops, is verified via a number of
levels with respect to a high-level formal specification of
required behaviour. The high-level formal specification is shown
to be close to precise natural language description of the
circuit behaviour.
The specification language used, HOL [Gordon85a], has the
advantage of permitting partial specifications. It turns out
that partial specification has an important effect on the
specification and verification methodology and this is
presented. We have also evaluated aspects of conventional
design, such as techniques for locating errors and the use of
simulation, within the case study of formal methods. We assert
that proof strategies must assist error location and that
simulation has a role alongside formal verification.
cam.ac.uk//UCAM-CL-TR-124
2020-01-20
Formal verification of basic memory devices
Herbert, John
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-124
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-124.pdf
Formal methods have been used recently to verify high-level
functional specifications of digital systems. Such formal proofs
have used simple models of circuit components. In this article
we describe complementary work which uses a more detailed model
of components and demonstrates how hardware can be specified and
verified at this level.
In this model all circuits can be described as structures of
gates, each gate having an independent propagation delay. The
behaviour of digital signals in real time is captured closely.
The function and timing of asynchronous and synchronous memory
elements implemented using gates is derived. Formal proofs of
correctness show that, subject to certain constraints on gate
delays and signal timing parameters, these devices act as memory
elements and exhibit certain timing properties.
All the proofs have been mechanically generated using Gordon’s
HOL system.
cam.ac.uk//UCAM-CL-TR-125
2020-01-23
An operational semantics for Occam
Camilleri, Juanito
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-125
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-125.pdf
Occam is a programming language designed to support concurrent
applications, especially those implemented on networks of
communicating processors. The aim of this paper is to formulate
the meaning of the language constructs of Occam by semantic
definitions which are intended as a direct formalisation of the
natural language descriptions usually found in programming
language manuals [Inmos 3]. This is done by defining a syntax
directed transition system where the transitions associated to a
phrase are a function of the transitions associated to its
components. This method is by no means novel. The concepts here
were introduced in [Plotkin 8] and are applied in [Plotkin 9]
where an operational semantics for CSP [Hoare 2] was presented.
The operational semantics for a subset of Ada is defined in [Li
6], where tasking and exception handling are modelled. For
simplicity only a subset of Occam is defined. Timing, priority,
replicators and BYTE subscription are omitted. Other features of
Occam which deal with the associated components of an Occam
program with a set of physical resources (i.e. configurations)
are also omitted since they do not effect the semantic
interpretation of a program.
cam.ac.uk//UCAM-CL-TR-126
2022-10-03
Reasoning about the function and timing of integrated
circuits with Prolog and temporal logic
Leeser, M.E.
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-126
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-126.pdf
This article describes the application of formal methods to
transistor level descriptions of circuits. Formal hardware
verification uses techniques based on mathematical logic to
formally prove that a circuit correctly implements its
behavioral specification. In the approach described here, the
structure of circuits and their functional behavior are
described with Interval Temporal Logic. These specifications are
expressed in Prolog, and the logical manipulations of the proof
process are achieved with a Prolog system. To demonstrate the
approach, the bahavior of several example circuits is derived
from the behavior of their components down to the transistor
level. These examples include a dynamic latch which uses a
2-phase clocking scheme and exploits charge storage. Timing as
well as functional aspects of behavior are derived, and
constraints on the way a circuit interacts with its environment
are reasoned about formally.
cam.ac.uk//UCAM-CL-TR-127
2020-02-03
A development environment for large natural language
grammars
Carroll, John
Boguraev, Bran
Grover, Claire
Briscoe, Ted
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-127
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-127.pdf
The Grammar Development Environment (GDE) is a powerful software
tool designed to help a linguist or grammarian experiment with
and develop large natural language grammars. (It is also,
however, being used to help teach students on courses in
computational linguistics). This report describes the
grammatical formalism employed by the GDE, and contains detailed
instructions on how to use the system.
Source code for a Common Lisp version of the software is
available from the University of Edinburgh Artificial
Intelligence Applications Institute.
cam.ac.uk//UCAM-CL-TR-128
2015-05-11
Debugging concurrent and distributed programs
Cooper, Robert Charles Beaumont
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-128
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-128.pdf
This thesis aims to make one aspect of distributed programming
easier: debugging. The principles for designing and implementing
an interactive debugger for concurrent and distributed programs
are presented. These programs are written in a high-level
language with type-checked remote procedure calls. They execute
on the nodes of a local computer network and interact with the
other programs and services which exist on such a network.
The emphasis is on debugging programs in the environment in
which they will eventually operate, rather than some simulated
environment oriented specifically to the needs of debugging.
Thus the debugging facilities impose a low overhead on the
program and may be activated at any time.
Ideally the actions of the debugger should be transparent to the
execution of the program being debugged. The difficult problem
of avoiding any alteration to the relative ordering of
inter-process events is examined in detail. A method of
breakpointing a distributed computation is presented which
achieves a high degree of transparency in the face of arbitary
process interactions through shared memory.
The problems of debugging programs that interact with network
services, which are shared concurrently with other users of the
distributed environment, are examined. A range of debugging
techniques, some of which are directly supported by the
debugger, are discussed.
A set of facilities for debugging remote procedure calls is
presented, and the functions required of the operating system
kernel and runtime system to support debugging are also
discussed. A distributed debugger is itself an example of a
distributed program and so issues such as functional
distribution and authentication are addressed.
These ideas have been implemented in Pilgrim, a debugger for
Concurrent CLU programs running under the Mayflower supervisor
within the Cambridge Distributed Computing System.
cam.ac.uk//UCAM-CL-TR-129
2004-03-02
A methodology for automated design of computer
instruction sets
Bennett, Jeremy Peter
University of Cambridge, Computer Laboratory
1988-03
en
Text
UCAM-CL-TR-129
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-129.pdf
With semiconductor technology providing scope for increasingly
complex computer architectures, there is a need more than ever
to rationalise the methodology behind computer design. In the
1970’s, byte stream architectures offered a rationalisation of
computer design well suited to microcoded hardware. In the
1980’s, RISC technology has emerged to simplify computer design
and permit full advantage to be taken of very large scale
integration. However, such approaches achieve their aims by
simplifying the problem to a level where it is within the
comprehension of a simple human being. Such an effort is not
sufficient. There is a need to provide a methodology that takes
the burden of design detail away from the human designer,
leaving him free to cope with the underlying principles
involved.
In this dissertation I present a methodology for the design of
computer instruction sets that is capable of automation in large
part, removing the drudgery of individual instruction selection.
The methodology does not remove the need for the designer’s
skill, but rather allows precise refinement of his ideas to
obtain an optimal instruction set.
In developing this methodology a number of pieces of software
have been designed and implemented. Compilers have been written
to generate trial instruction sets. An instruction set generator
program has been written and the instruction set it proposes
evaluated. Finally a prototype language for instruction set
design has been devised and implemented.
cam.ac.uk//UCAM-CL-TR-130
2017-07-13
The foundation of a generic theorem prover
Paulson, Lawrence C
University of Cambridge, Computer Laboratory
1988-03
en
Text
UCAM-CL-TR-130
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-130.pdf
Isabelle is an interactive theorem prover that supports a
variety of logics. It represents rules as propositions (not as
functions) and builds proofs by combining rules. These
operations constitute a meta-logic (or ‘logical framework’) in
which the object-logics are formalized. Isabelle is now based on
higher-order logic – a precise and well-understood foundation.
Examples illustrate use of this meta-logic to formalize logics
and proofs. Axioms for first-order logic are shown sound and
complete. Backwards proof is formalized by meta-reasoning about
object-level entailment.
Higher-order logic has several practical advantages over other
meta-logics. Many proof techniques are known, such as Huet’s
higher-order unification procedure.
cam.ac.uk//UCAM-CL-TR-131
2020-01-23
Architecture problems in the construction of expert
systems for document retrieval
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1986-12
en
Text
UCAM-CL-TR-131
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-131.pdf
The idea of an expert system front end offering the user
effective direct accessto a document retrieval system is an
attractive one. The paper considers two specific approaches to
the construction of such an expert interface, Belkin and Brooks
and their colleagues’ treatment of the functions of such a front
end based on the analysis of human intermediaries, and Pollitt’s
experimental implementation of a query formulator for searching
Cancerline. The distributed expert system model proposed by
Belkin and Brooks is a plausable one, and Pollitt’s system can
be regarded as a first step towards it. But there are major
problems about this type of architecture, and the paper argues
in particular that in seeking to develop more powerful front
ends of the kind envisaged there is one important issue, the
nature of the language used for communication between the
contributing experts, that requires for attention than it has
hitherto received.
cam.ac.uk//UCAM-CL-TR-132
2022-05-05
Reasoning about the function and timing of integrated
circuits with Prolog and temporal logic
Leeser, Miriam Ellen
University of Cambridge, Computer Laboratory
1988-04
en
Text
UCAM-CL-TR-132
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-132.pdf
The structure of circuits is specified with Prolog; their
function and timing behaviour is specified with interval
temporal logic. These structural and behavioural specifications
are used to formally verify the functionality of circut elements
as well as their timing characteristics. A circuit is verified
by deriving its behaviour from the behaviour of its components.
The derived results can be abstracted to functional descriptions
with timing constraints. The functional descriptions can then be
used in proofs of more complex hardware circuits.
Verification is done hierarchically, with transistors as
primitive elements. Transistors are modelled as switch-level
devices with delay. In order to model delay, the direction of
signal flow through the transistor must be assigned. This is
done automatically by a set of Prolog routines which also
determine the inputs and outputs of each circuit component.
Interval temporal logic descriptions are expressed in Prolog and
manipulated using PALM: Prolog Assistant for Logic Manipulation.
With PALM the user specifies rewrite rules and uses these rules
to manipulate logical terms. In the case of reasoning about
circuits, PALM is used to manipulate the temporal logic
descriptions of the components to derive a temporal logic
description of the circuit.
These techniques are demonstrated by applying them to several
commonly used complementary metal oxide semiconductor (CMOS)
structures. Examples include a fully complementary dynamic latch
and a 1-bit adder. Both these circuits are implemented with
transistors and exploit 2-phase clocking and charge sharing. The
1-bit adder is a sophisticated full adder implemented with a
dynamic CMOS design style. The derived timing and functional
behaviour of the 1-bit adder is abstracted to a purely
functional behavior which can be used to derive the behaviour of
an arbitrary n-bit adder.
cam.ac.uk//UCAM-CL-TR-133
2017-07-13
A preliminary users manual for Isabelle
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1988-05
en
Text
UCAM-CL-TR-133
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-133.pdf
This is an early report on the theorem prover Isabelle and
several of its object-logics. It describes Isabelle’s
operations, commands, data structures, and organization. This
information is fairly low-level, but could benefit Isabelle
users and implementors of other systems.
cam.ac.uk//UCAM-CL-TR-134
2022-04-22
Correctness properties of the Viper black model: the
second level
Cohn, Avra
University of Cambridge, Computer Laboratory
1988-05
en
Text
UCAM-CL-TR-134
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-134.pdf
Viper [8,9,10,11,22] is a microprocessor designed by J. Cullyer,
C. Pygott and J. Kershaw at the Royal Signals and Radar
Establishment in Malvern (RSRE), and is now commericially
available. Viper is intended for use is safety-critical
applications such as aviation and nuclear power plant control.
To this end, Viper has a particularly simple design about which
it is relatively easy to reason using current techniques and
models. The designers at RSRE, who deserve much credit for the
promotion of formal methods, intended from the start that Viper
be formally verified. This report describes the partially
completed correctness proof, in the HOL system, of the Viper
‘block model’ with respect to Viper’s top level functional
specification. The (fully completed) correctness proof of the
Viper 'major state’ model has already been reported in [5]. This
paper describes the analysis of the block model in some detail
(in sections 6 to 9), so is necessarily rather long. A less
detailed account is to appear in future [6]. Section 2 is a
discussion of the scope and limits of the word ‘verification’,
and cautions against careless use of the term. The paper
includes a very brief introduction to HOL (section 4), but does
not attempt a description or rationalization of Viper’s design.
The possible uses of the paper are as follows:
It includes enough detail to support an attempt to repeat the
proof in HOL, or possibly in other theorem-proving systems.
It serves as a guide for future analyses of Viper;
It completes the existing Viper documentation;
It covers some general issues in hardware verification;
It illustrates the probelms in managing large HOL proofs.
cam.ac.uk//UCAM-CL-TR-135
2020-02-04
Using recursive types to reason about hardware in higher
order logic
Melham, Thomas F.
University of Cambridge, Computer Laboratory
1988-05
en
Text
UCAM-CL-TR-135
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-135.pdf
The expressive power of higher order logic makes it possible to
define a wide variety of data types within the logic and to
prove theorems that state the properties of these types
concisely and abstractly. This paper describes how such defined
data types can be used to support formal reasoning in higher
order logic about the behaviour of hardware designs.
cam.ac.uk//UCAM-CL-TR-136
2017-07-06
Formal specification and verification of asynchronous
processes in higher-order logic
Joyce, Jeffrey J.
University of Cambridge, Computer Laboratory
1988-06
en
Text
UCAM-CL-TR-136
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-136.pdf
We model the interaction of a synchronous process with an
asynchronous memory process using a four-phase “handshaking”
protocol. This example demonstrates the use of higher-order
logic to reason about the behaviour of synchronous systems such
as microprocessors which communicate requests to asynchronous
devices and then wait for unpredictably long periods until these
requests are answered. We also describe how our model could be
revised to include some of the detailed timing requirements
found in real systems such as the M68000 microprocessor. One
enhancement uses non-determinism to model minimum setup times
for asynchronous inputs. Experience with this example suggests
that higher-order logic may also be a suitable formalism for
reasoning about more abstract forms of concurrency.
cam.ac.uk//UCAM-CL-TR-137
2019-10-21
Mass terms and plurals: from linguistic theory to
natural language processing
Hasle, F.V.
University of Cambridge, Computer Laboratory
1988-06
en
Text
UCAM-CL-TR-137
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-137.pdf
Two linguistic theories within the tradition of formal semantics
are investigated. One is concerned with mass terms, and the
other with plurals.
Special attention is paid to the possibility of implementing the
theories on a computer. With this goal in mind their basic ideas
are examined, and the linguistic implications are discussed. In
the process, various features of the theories are made formally
precise. This leads to two formal systems, one for representing
the meanings of sentences with mass terms, and another similar
one for plurals. The systems are specified by machine-executable
translation relations from fragments of natural language into
logical representations.
The underlying model-theoretic semantics of each theory is
partially axiomatised. From the axiomatisations all of the
paradigmatic inferences of each theory can be proved in a purely
deductive manner. This is demanstrated by a number of rigorous
proofs of natural language inferences.
Finally some methodological issues are raised. Both theories
recommend a particular approach within formal semantics for
natural language. I explore the methodological views underlying
the theories, and discuss whether the authors actually follow
the methods which they recommend.
cam.ac.uk//UCAM-CL-TR-138
2020-02-05
Authentication: a practical study in belief and
action
Burrows, Michael
Abadi, Martín
Needham, Roger
University of Cambridge, Computer Laboratory
1988-06
en
Text
UCAM-CL-TR-138
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-138.pdf
Questions of belief and action are essential in the analysis of
protocols for the authentication of principals in distributed
computing systems. In this paper we motivate, set out and
exemplify a logic specifically designed for this analysis; we
show how protocols differ subtly with respect to the required
initial assumptions of the participants and their final beliefs.
Our fomalism has enabled us to isolate and express these
differences in a way that was not previously possible, and it
has drawn attention to features of the protocols of which we
were perviously unaware. The reasoning about particular
protocols has been mechanically verified.
This paper starts with an informal account of the problem, goes
on to explain the formalism to be used, and gives examples of
its application to real protocols from the literature. The final
sections deal with a formal semantics of the logic and
conclusions.
cam.ac.uk//UCAM-CL-TR-139
2005-12-12
Petri net theory: a survey
Manson, Paul R.
University of Cambridge, Computer Laboratory
1988-06
en
Text
UCAM-CL-TR-139
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-139.pdf
The intense interest in concurrent (or “parallel”) computation
over the past decade has given rise to a large number of
languages for concurrent programming, representing many
conflicting views of concurrency.
The discovery that concurrent programming is significantly more
difficult than sequential programming has prompted considerable
research into determining a tractable and flexible theory of
concurrency, with the aim of making concurrent processing more
accessible, and indeed the wide variety of concurrent languages
merely reflects the many different models of concurrency which
have also been developed.
This report, therefore introduces Petri nets, discussing their
behaviour, interpretation and relationship to other models of
concurrency. It defines and discusses several restrictions and
extensions of the Petri net model, showing how they relate to
basic Petri nets, while explaining why they have been of
historical importance. Finally it presents a survey of the
analysis methods applied to Petri nets in general and for some
of the net models introduced here.
cam.ac.uk//UCAM-CL-TR-140
2020-01-28
Executing behavioural definitions in higher order
logic
Camilleri, Albert John
University of Cambridge, Computer Laboratory
1988-07
en
Text
UCAM-CL-TR-140
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-140.pdf
Over the past few years, computer scientists have been using
formal verification techniques to show the correctness of
digital systems. The verification process, however, is
complicated and expensive. Even proofs of simple circuits can
involve thousands of logical steps. Often it can be extremely
difficult to find correct device specifications and it is
desirable that one sets off to prove a correct specification
from the start, rather than repeatedly backtrack from the
verification process to modify the original definitions after
discovering they were incorrect or inadequate.
The main idea presented in the thesis is to amalgamate the
techniques of simulation and verification, rather than have the
latter replace the former. The result is that behavioural
definitions can be simulated until one is reasonably sure that
the specification is correct. Furthermore, proving the
correctness with respect to these simulated specifications
avoids the inadequacies of simulation where it may not be
computationally feasible to demonstrate correctness by
exhaustive testing. Simulation here has a different purpose: to
get specifications correct as early as possible in the
verification process. Its purpose is not to demonstrate the
correctness of the implementation – this is done in the
verification stage when the very same specifications that were
simulated are proved correct.
The thesis discusses the implementation of an executable subset
of the HOL logic, the version of Higher Order Logic embedded in
the HOL theorem prover. It is shown that hardware can be
effectively described using both relations and functions;
relations being suitable for abstract specification and
functions being suitable for execution. The difference between
relational and functional specifications are discussed and
illustrated by the verification of an n-bit adder. Techniques
for executing functional specifications are presented and
various optimisation strategies are shown which make the
execution of the logic efficient. It is further shown that the
process of generating optimised functional definitions from
relational definitions can be automated. Example simulations of
three hardware devices (a factorial machine, a small computer
and a communications chip) are presented.
cam.ac.uk//UCAM-CL-TR-141
2006-05-30
Reliable management of voice in a distributed
system
Want, Roy
University of Cambridge, Computer Laboratory
1988-07
en
Text
UCAM-CL-TR-141
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-141.pdf
The ubiquitous personal computer has found its way into most
office environments. As a result, widespread use of the Local
Area Network (LAN) for the purposes of sharing distributed
computing resources has become common. Another technology, the
Private Automatic Branch Exchange (PABX), has benefited from
large research and development by the telephone companies. As a
consequence, it is cost effective and has widely infiltrated the
office world. Its primary purpose is to switch digitised voice
but, with the growing need for communication between computers
it is also being adapted to switch data. However, PABXs are
generally designed around a centralised switch in which
bandwidth is permanently divided between its subscribers.
Computing requirements need much larger bandwidths and the
ability to connect to several services at once, thus making the
conventional PABX unsuitable for this application.
Some LAN technologies are suitable for switching voice and data.
The additional requirement for voice is that point to point
delay for network packets should have a low upper-bound. The 10
Mb/s Cambridge Ring is an example of this type of network, but
is relatively low bandwidth gives it limited application in this
area. Networks with larger bandwidths (up to 100 Mb/s) are now
becoming available comercially and could support a realistic
population of clients requiring voice and data communication.
Transporting voice and data in the same network has two main
advantages. Firstly, from a practical point of view, wiring is
minimised. Secondly, applications which integrate both media are
made possible, and hence digitised voice may be controlled by
client programs in new and interesting ways.
In addition to the new applications, the original telephony
facilities must also be available. They should, at least by
default, appear to work in an identical way to our tried and
trusted impression of a telephone. However, the control and
management of a network telephone is now in the domain of
distributed computing. The voice connections between telephones
are virtual circuits. Control and data information can be freely
mixed with voice at a network interface. The new problems that
result are the management issues related to the distributed
control of real-time media.
This thesis describes the issues as a distributed computing
problem and proposes solutions, many of which have been
demonstrated in a real implementation. Particular attention has
been paid to the quality of service provided by the solutions.
This amounts to the design of helpful operator interfaces,
flexible schemes for the control of voice from personal
workstations and, in particular, a high reliability factor for
the backbone telephony service. This work demonstrates the
advantages and the practicality of integrating voice and data
services within the Local Area Network.
cam.ac.uk//UCAM-CL-TR-142
2020-02-05
A fast packet switch for the integrated services
backbone network
Newman, Peter
University of Cambridge, Computer Laboratory
1988-07
en
Text
UCAM-CL-TR-142
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-142.pdf
With the projected growth in demand for bandwidth and
telecommunications services, will come the reguirement for a
multi-service backbone network of far greater efficiency,
capacity and flexibility than the ISDN is able to satisfy. This
class of network has been termed the Broadband ISDN, and the
design of the switching node of such a network is the subject of
much current research. This paper investigates one possible
solution. The design and performance, for multi-service traffic,
is presented of a fast packet switch based upon a non-buffered,
multi-stage interconnection network. It is shown that for an
implementation in current CMOS technology, operating at 50 MHz,
switches with a total traffic capacity of up to 150 Gbit/sec may
be constructed. Furthermore, if the reserved service traffic
load is limited on each input port to a maximum of 80% of switch
port saturation, then a maximum delay across the switch of the
order of 100 μsecs may be guaranteed, for 99% of the reserved
service traffic, regardless of the unreserved service traffic
load.
cam.ac.uk//UCAM-CL-TR-143
2017-07-13
Experience with Isabelle : A generic theorem
prover
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1988-08
en
Text
UCAM-CL-TR-143
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-143.pdf
The theorem prover Isabelle is described briefly and informally.
Its historical development is traced from Edinburgh LCF to the
present day. The main issues are unification, quantifiers, and
the representation of inference rules. The Edinburgh Logical
Framework is also described, for a comparison with Isabelle. An
appendix presents several Isabelle logics, including set theory
and Constructive Type Theory, with examples of theorems.
cam.ac.uk//UCAM-CL-TR-144
2020-02-13
An operational semantics for occam
Camilleri, Juanito
University of Cambridge, Computer Laboratory
1988-08
en
Text
UCAM-CL-TR-144
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-144.pdf
Occam is a programming language designed to support concurrent
applications, especially those implemented on networks of
communicating processors. The aim of this paper is to formulate
the meaning of the language constructs of Occam by semantic
definitions which are intended as a direct formalisation of the
natural language descriptions usually found in programming
language manuals [Inmos 5]. This is done by defining a syntax
directed transition system where the transitions associated to a
phrase are a function of the transitions associated to its
components. This method is by no means novel. The concepts here
were introduced in [Plotkin 10] and are applied in [Plotkin 11]
where an operational semantics for CSP [Hoare 4] was presented.
The operational semantics for a subset of Ada is defined in [Li
6], where tasking and exception handling are modelled. For
simplicity only a subset of Occam is defined. Timing,
replicators and BYTE subscription are omitted. Other features of
Occam which deal with the association of components of an Occam
program with a set of physical resources (i.e. configurations)
are also omitted since they do not effect the semantic
interpretation of a program.
cam.ac.uk//UCAM-CL-TR-145
2018-04-10
Mechanizing programming logics in higher order
logic
Gordon, Michael J.C.
University of Cambridge, Computer Laboratory
1988-09
en
Text
UCAM-CL-TR-145
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-145.pdf
Formal reasoning about computer programs can be based directly
on the semantics of the programming language, or done in a
special purpose logic like Hoare logic. The advantage of the
first approach is that it guarantees that the formal reasoning
applies to the language being used (it is well known, for
example, that Hoare’s assignment axiom fails to hold for most
programming languages). The advantage of the second approach is
that the proofs can be more direct and natural.
In this paper, an attempt to get the advantages of both
approaches is described. The rules of Hoare logic are
mechanically derived from the semantics of a simple imperative
programming language (using the HOL system). These rules form
the basis for a simple program verifier in which verification
conditions are generated by LCF-style tactics whose validations
use the derived Hoare rules. Because Hoare logic is derived,
rather than postulated, it is straightforward to mix semantic
and axiomatic reasoning. It is also straightforward to combine
the constructs of Hoare logic with other application-specific
notations. This is briefly illustrated for various logical
constructs, including termination statements, VDM-style
‘relational’ correctness specifications, weakest precondition
statements and dynamic logic formulae.
The theory underlying the work presented here is well known. Our
contribution is to propose a way of mechanizing this theory in a
way that makes certain practical details work out smoothly.
cam.ac.uk//UCAM-CL-TR-146
2022-10-03
Automating recursive type definitions in higher order
logic
Melham, Thomas F.
University of Cambridge, Computer Laboratory
1988-09
en
Text
UCAM-CL-TR-146
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-146.pdf
The expressive power of higher order logic makes it possible to
define a wide variety of types within the logic and to prove
theorems that state the properties of these types concisely and
abstractly. This paper contains a tutorial introduction to the
logical basis for such type definitions. Examples are given of
the formal definitions in logic of several simple types. A
method is then described for systematically defining any
instance of a certain class of commonly-used recursive types.
The automation of this method in HOL, an interactive system for
generating proofs in higher order logic, is also discussed.
cam.ac.uk//UCAM-CL-TR-147
2020-02-14
Formal specification and verification of microprocessor
systems
Joyce, Jeffrey
University of Cambridge, Computer Laboratory
1988-09
en
Text
UCAM-CL-TR-147
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-147.pdf
This paper describes the use of formal methods to verify a very
simple microprocessor. The hierarchical structure of the
microprocessor implementation is formally specified in
higher-order logic. The behaviour of the microprocessor is then
derived from a switch level model of MOS (Metal Oxide
Semiconductor) behaviour using inference rules of higher-order
logic with assistance from a mechanical theorem proving system.
The complexity of the formal proof is controlled by a
multi-level approach based on increasingly abstract views of
time and data. While traditional methods such as multi-level
simulation may reveal errors or inconsistencies, formal
verification can provide greater certainty about the correctness
of a design. The main difference with formal verification, and
its strength, is that behaviour at one level is formally dervied
from lower levels with a precise statement of the conditions
under which one level accurately models lower levels.
cam.ac.uk//UCAM-CL-TR-148
2006-02-10
Extending coloured petri nets
Billington, Jonathan
University of Cambridge, Computer Laboratory
1988-09
en
Text
UCAM-CL-TR-148
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-148.pdf
Jensen’s Coloured Petri Nets (CP-nets) are taken as the starting
point for the development of a specification technique for
complex concurrent systems. To increase its expressive power
CP-nets are extended by including capacity and inhibitor
functions. A class of extended CP-nets, known as P-nets, is
defined that includes the capacity function and the threshold
inhibitor extension. The inhibitor extension is defined in a
totally symmetrical way to that of the usual pre place map (or
incidence function). Thus the inhibitor and pre place maps may
be equated by allowing a marking to be purged by a single
transition occurrence, useful when specifying the abortion of
various procedures. A chapter is devoted to developing the
theory and notation for the purging of a place’s marking or part
of its marking.
Two transformations from P-nets to CP-nets are presented and it
is proved that they preserve interleaving behaviour. These are
based on the notion of complementary places defined for PT-nets
and involve the definition and proof of a new extended
complementary place invariant for CP-nets
The graphical form of P-nets, known as a P-Graph, is presented
formally and draws upon the theories developed for algebraic
specification. Arc inscriptions are multiples of tuples of terms
generated by a many-sorted signature. Transition conditions are
Boolean expressions derived from the same signature. An
interpretation of the P-Graph is given in terms of a
corresponding P-net. The work is similar to that of Vautherin
but includes the inhibitor and capacity extension and a number
of significant differences. in the P-Graph concrete sets are
associated with places, rather than sorts and likewise there are
concrete initial marking and capacity functions. Vautherin
associates equations with transitions rather than the more
general Boolean expressions. P-Graphs are useful for
specification at a concrete level. Classes of the P-Graph, known
as Many-sorted Algebraic Nets and Many-sorted
Predicate/Transition nets, are defined and illustrated by a
number of examples. An extended place capacity notation is
developed to allow for the convenient representation of resource
bounds in the graphical form.
Some communications-oriented examples are presented including
queues and the Demon Game of international standards fame.
The report concludes with a discussion of future work. In
particular, an abstract P-Graph is defined that is very similar
to Vautherin’s Petri net-like schema, but including the capacity
and inhibitor extensions and associating boolean expressions
with transitions. This will be useful for more abstract
specifications (eg classes of communications protocols) and for
their analysis.
It is believed that this is the first coherent and formal
presentation of these extensions in the literature.
cam.ac.uk//UCAM-CL-TR-149
2018-11-15
Improving security and performance for capability
systems
Karger, Paul Ashley
University of Cambridge, Computer Laboratory
1988-10
en
Text
UCAM-CL-TR-149
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-149.pdf
This dissertation examines two major limitations of capability
systems: an inability to support security policies that enforce
confinement and a reputation for relatively poor performance
when compared with non-capability systems.
The dissertation examines why conventional capability systems
cannot enforce confinement and proposes a new secure capability
architecture, called SCAP, in which confinement can be enforced.
SCAP is based on the earlier Cambridge Capability System, CAP.
The dissertation shows how a non-discretionary security policy
can be implemented on the new architecture, and how the new
architecture can also be used to improve traceability of access
and revocation of access.
The dissertation also examines how capability systems are
vulnerable to discretionary Trojan horse attacks and proposes a
defence based on rules built into the command-language
interpreter. System-wide garbage collection, commonly used in
most capability systems, is examined in the light of the
non-discretionary security policies and found to be
fundamentally insecure. The dissertation proposes alternative
approaches to storage management to provide at least some of the
benefits of system-wide garbage collection, but without the
accompanying security problems.
Performance of capability systems is improved by two major
techniques. First, the doctrine of programming generality is
addressed as one major cause of poor performance. Protection
domains should be allocated only for genuine security reasons,
rather than at every subroutine boundary. Compilers can better
enforce modularity and good programming style without adding the
expense of security enforcement to every subroutine call.
Second, the ideas of reduced instruction set computers (RISC)
can be applied to capability systems to simplify the operations
required. The dissertation identifies a minimum set of hardware
functions needed to obtain good performance for a capability
system. This set is much smaller than previous research had
indicated necessary.
A prototype implementation of some of the capability features is
described. The prototype was implemented on a re-microprogrammed
VAX-11/730 computer. The dissertation examines the performance
and software compatibility implications of the new capability
architecture, both in the context of conventional computers,
such as the VAX, and in the context of RISC processors.
cam.ac.uk//UCAM-CL-TR-150
2017-07-06
Simulation as an aid to verification using the HOL
theorem prover
Camilleri, Albert John
University of Cambridge, Computer Laboratory
1988-10
en
Text
UCAM-CL-TR-150
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-150.pdf
The HOL theorem proving system, developed by Mike Gordon at the
University of Cambridge, is a mechanism of higher order logic,
primarily intended for conducting formal proofs of digital
system designs. In this paper we show that hardware
specifications written in HOL logic can be executed to enable
simulation as a means of supporting formal proof. Specifications
of a small microprocessor are described, showing how HOL logic
sentences can be transformed into executable code with minimum
risk of introducing inconsistencies. A clean and effective
optimisation strategy is recommended to make the executable
specifications practical.
cam.ac.uk//UCAM-CL-TR-151
2013-07-31
Formalising an integrated circuit design style in higher
order logic
Dhingra, Inderpreet-Singh
University of Cambridge, Computer Laboratory
1988-11
en
Text
UCAM-CL-TR-151
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-151.pdf
If the activities of an integrated circuit designer are
examined, we find that rather than keeping track of all the
details, he uses simple rules of thumb which have been refined
from experience. These rules of thumb are guidelines for
deciding which blocks to use and how they are to be connected.
This thesis gives a formal foundation, in higher order logic, to
the design rules of a dynamic CMOS integrated circuit design
style.
Correctness statements for the library of basic elements are
fomulated. These statements are based on a small number of
definitions which define the behaviour of transistors and
capacitors and the necessary axiomisation of the four valued
algebra for signals. The correctness statements of large and
complex circuits are then derived from the library of previously
proved correctness statements, using logical inference rules
instead of rules of thumb. For example, one gate from the
library can drive another only if its output constraints are
satisfied by the input constraints of the gate that it drives.
In formalising the design rules, these constraints are captured
as predicates and are part of the correctness statements of
these gates. So when two gates are to be connected, it is only
necessary to check that the predicates match. These ideas are
fairly general and widely applicable for formalising the rules
of many systems.
A number of worked examples are presented based on these formal
techniques. Proofs are presented at various stages of
development to show how the correctness statement for a device
evolves and how the proof is constructed. In particular it is
demonstrated how such formal techniques can help improve and
sharpen the final specifications.
As a major case study to test all these techniques, a new design
for a gigital phase-locked loop is presented. This has been
designed down to the gate level using the above dynamic design
style, and has been described and simulated using ELLA. Some of
the subcomponents have been formally verified down to the
detailed circuit level while others have merely been specified
without formal proofs of correctness. An informal proof of
correctness of this device is also presented based on the formal
specifications of the various submodules.
cam.ac.uk//UCAM-CL-TR-152
2022-04-22
Motion development for computer animation
Pullen, Andrew Mark
University of Cambridge, Computer Laboratory
1988-11
en
Text
UCAM-CL-TR-152
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-152.pdf
This thesis examines the problems posed by the use of computers
in the production of animated sequences, and suggests possible
solutions to some of them. Over the years increasing emphasis
has been placed on the quest for visual realism, with the result
that other considerations—such as ease of motion
specification—have been overshadowed. Many current techniques
put animation in the realm of the scientist programmer rather
than the animation artist. This thesis in the main ignores image
rendering issues but considers instead the motion specification
phase of generating an animated sequence.
The thesis begins by examining the traditional hand animation
process and asks whether speed or quality benefits can be
achieved by automating parts of it. My own experiences in this
area are described based on the design and implementation of
KAS, a computer-assisted animation system, which was then used
to produce parts of a short animated film for Channel 4
television.
In the light of this experience, other computer animation
techniques are considered—beginning with a survey of animation
systems developed by other researchers over the years and a
discussion of their relative merits. This survey identifies the
two techniques in most common use today as being (i) an
extension of the keyframing technique used for traditional hand
animation, and (ii) a scripting approach, which essentially
involves producing a textual description of the desired motion
in a specially developed animation language. Both of these
methods suffer from serious drawbacks—with keyframing it is
difficult to control complex motion, whereas scripting forces
artists into a style of working which does not exploit their
traditional intuition and experience and is more suited to
computer programmers than animators.
In an attempt to overcome these shortcomings, proposals are made
for a new style of motion development environment making heavy
use of interactive graphics and using computer simulation to
guide the motion of the objects being animated. Once suitable
simulation rules have been set up, the software becomes capable
of dealing with the majority of situations that an object will
encounter. This means that the animator need only intervene
occasionally in order to steer the animation to the desired
conclusion. Two major experiments aimed at determining the
usefulness of this idea were conducted: one uses fixed rules in
a simple environment (the game of snooker); the other considers
a more general realm (cellular automata) and gives the animator
the freedom to change the simulation rules at any time.
The conclusion drawn from these experiments is that the proposed
method is capable of development to the stage where a powerful
tool can be provided for animators to use in a novel but
intuitive way—one which exploits their capability as artists and
makes only minor demands on them to understand the underlying
technology.
cam.ac.uk//UCAM-CL-TR-153
2016-07-22
Efficient data sharing
Burrows, Michael
University of Cambridge, Computer Laboratory
1988-12
en
Text
UCAM-CL-TR-153
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-153.pdf
As distributed computing systems become widespread, the sharing
of data between people using a large number of computers becomes
more important. One of the most popular ways to facilitate this
sharing is to provide a common file system, accessible by all
the machines on the network. This approach is simple and
reasonably effective, but the performance of the system can
degrade significantly if the number of machines is increased. By
using a hierarchical network, and arranging that machines
typically access files stored in the same section of the network
it is possible to build very large systems. However, there is
still a limit on the number of machines that can share a single
file server and a single network effectively.
A good way to decrease network and server load is to cache file
data on client machines, so that data need not be fetched from
the centralized server each time it is accessed. This technique
can improve the performance of a distributed file system and is
used in a number of working systems. However, caching brings
with it the overhead of maintaining consistency, or cache
coherence. That is, each machine in the network must see the
same data in its cache, even though one machine may be modifying
the data as others are reading it. The problem is to maintain
consistency without dramatically increasing the number of
messages that must be passed between machines on the network.
Some existing file systems take a probabilistic approach to
consistency, some explicitly prevent the activities that can
cause inconsistency, while others provide consistency only at
the some cost in functionality or performance. In this
dissertation, I examine how distributed file systems are
typically used, and the degree to which caching might be
expected to improve performance. I then describe a new file
system that attempts to cache significantly more data than other
systems, provides strong consistency guarantees, yet requires
few additional messages for cache management.
This new file-system provides fine-grain sharing of a file
concurrently open on multiple machines on the network, at the
granularity of a single byte. It uses a simple system of
multiple-reader, single writer locks held in a centralized
server to ensure cache consistency. The problem of maintaining
client state in a centralized server are solved by using
efficient data structures and crash recovery techniques.
cam.ac.uk//UCAM-CL-TR-154
2020-02-19
A natural language interface to an intelligent planning
system
Crabtree, I.B.
Crouch, R.S.
Moffat, D.C.
Pirie, N.J.
Pulman, S.G.
Ritchie, G.D.
Tate, B.A.
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-154
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-154.pdf
An intelligent planning system is an example of a software aid
which, although developed by specialists, is intended to be used
by non-programmers for a wide variety of tasks. There is
therefore a need for a communication medium which allows the
application specialist, and the non-expert user to specify their
needs without knowing the details of the system.
This kind of system is one where the ‘mice and menus’ approach
is unlikely to be able to provide a very flexible interface
since the range and type of potential queries is not predictable
in advance. Clearly, therefore, some kind of language is a
necessity here. The aim of this project is to experiment with
the use of English language as the medium of communication. The
kind of system we would eventually be able to build would be one
where the user could use the planner to organise some external
activity, trying out alternative scenarios, and then interact
with the system during the execution of the resulting plans,
making adjustments where necessary.
cam.ac.uk//UCAM-CL-TR-155
2017-07-13
Computational morphology of English
Pulman, S.G.
Russell, G.J.
Ritchie, G.D.
Black, A.W.
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-155
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-155.pdf
This paper describes an implemented computer program which uses
various kinds of linguistic knowledge to analyse existing or
novel word forms in terms of their components. Three main types
of knowledge are required (for English): knowledge about
spelling or phonological changes consequent upon affixation
(notice we are only dealing with isolated word forms); knowledge
about the syntactic or semantic properties of affixation (i.e.
inflexional and derivational morphology), and knowledge about
the properties of the stored base forms of words (which in our
case are always themselves words, rather than more abstract
entities). These three types of information are stored as data
files, represented in exactly the form a linguist might employ.
These data files are then compiled by the system to produce a
run-time program which will analyse arbitrary word forms
presented to it in a way consistent with the original linguistic
description.
cam.ac.uk//UCAM-CL-TR-156
2020-02-19
Events and VP modifiers
Pulman, Steve
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-156
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-156.pdf
This paper concerns the anaysis of adverbial and PP modifiers of
VP suggested by Davidson, where verbs are regarded as
introducing reference to events, and such modifiers are
predicates of these events. Several problems raised by it are
described and a solution is presented. The paper then goes on to
suggest some extensions of the theory in order to be able to
cope with temporal and aspectual modification of VPs.
cam.ac.uk//UCAM-CL-TR-157
2020-02-26
Introducing a priority operator to CCS
Camilleri, Juanito
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-157
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-157.pdf
In this paper we augment the syntax of CCS by introducing a
priority operator. We present a syntax directed operational
semantics of the language as a labelled transition system. A new
equivalence relation which is based on Milner’s strong
observational equivalence [11] is defined and proved to be a
congruence. We also give some examples which illustrate the use
of the operator and emphasise the novelty of the approach used
to introduce the notion prior to process algebras.
cam.ac.uk//UCAM-CL-TR-158
2017-07-13
Tailoring output to the user: What does user modelling
in generation mean?
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1988-08
en
Text
UCAM-CL-TR-158
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-158.pdf
This paper examines the implications for linguistic output
generation tailored to the interactive system user, of earlier
analyses of the components of user modelling and of the
constraints realism imposes on modelling. Using a range of
detailed examples it argues that tailoring based only on the
actual dialogue and on the decision model required for the
system task is quite adequate, and that more ambitious modelling
is both dangerous and unnecessary.
cam.ac.uk//UCAM-CL-TR-159
2017-07-06
Non-trivial power types can’t be subtypes of polymorphic
types
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-159
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-159.ps.gz
This paper establishes a new, limitative relation between the
polymorphic lambda calculus and the kind of higher-order type
theory which is embodied in the logic of toposes. It is shown
that any embedding in a topos of the cartesian closed category
of (closed) types of a model of the polymorphic lambda calculus
must place the polymorphic types well away from the powertypes
σ→Ω of the topos, in the sense that σ→Ω is a subtype of a
polymorphic type only in the case that σ isempty (and hence σ→Ω
is terminal). As corollaries we obtain strengthenings of
Reynold’s result on the non-existence of set-theoretic models of
polymorphism.
cam.ac.uk//UCAM-CL-TR-160
2020-02-28
PFL+: A Kernal Scheme for Functions I/O
Gordon, Andrew
University of Cambridge, Computer Laboratory
1989-02
en
Text
UCAM-CL-TR-160
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-160.pdf
In place of the common separation of functional I/O into
continuation and stream based schemes, an alternative division
between Data Driven and Strictness Driven mechanisms for I/O is
proposed. The data driven mechanism determines I/O actions by
the Weak Head Normal Form of programs, while strictness driven
I/O is based on suspensions – I/O actions are triggered when
demand arises for the value of a suspension during normal order
reduction. The data driven and strictness driven I/O mechanisms
are exemplified by the output list and input list, respectively,
in Landin’s stream based I/O scheme.
PFL+ is a functional I/O scheme, able to express arbitary I/O
actions and both data driven and strictness driven constructs in
terms of a small kernel of primitives. PFL+ could be added to
any functional language. It is based on Holmström’s PFL [5], a
parallel functional language with embedded communication and
concurrency operators from CCS. PFL+ adds non-strict
communication, behaviours with results and primitives to make
suspensions.
Examples are given of how PFL+ can dervive from these primitives
both stream based I/O and the representation of the file system
as a function.
cam.ac.uk//UCAM-CL-TR-161
2022-10-06
Papers on Poly/ML
Matthews, D.C.J.
University of Cambridge, Computer Laboratory
1989-02
en
Text
UCAM-CL-TR-161
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-161.pdf
Various papers and research documents have been written while
the Poly/ML project was underway and now that the project is
completed it seemed appropriate to combine them into a single
document. Some of these papers have been published, while others
were written simply to help clarify thoughts on a particular
subject.
Although Poly and ML have different syntax and type-systems
their execution models are remarkably similar. A new parser and
type-checker had to be written, but the code-generator and
optimiser could be shared between Poly and ML. The same run-time
system was used. Poly turned out to be an excellent language for
the project, and modules based around Poly abstract types were
used extensively. The lack of low level operations of a systems
programming language was not a problem as, in practice,
compilers involve very few such operations.
The papers in this report have been grouped into sections
according to their likely audience. The first section describes
the Poly/ML system and the extensions for windows and processes.
Section two contains various discussion papers about Poly and
ML, although some of the ideas covered were never implemented.
The third section contains two papers on the persistent storage
system and its implementation. The final section covers the
implementation of Poly and ML and the run-time system.
cam.ac.uk//UCAM-CL-TR-162
2022-10-06
The Alvey natural language tools grammar (2nd
Release)
Grover, Claire
Briscoe, Ted
Carroll, John
Boguraev, Bran
University of Cambridge, Computer Laboratory
1989-04
en
Text
UCAM-CL-TR-162
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-162.pdf
The ANLT grammar is a wide-coverage syntactic description of
English expressed in a computationally-tractable unification
based formalism. We describe the formalism and give a detailed
account of the analyses adopted for different English syntactic
constructions in the current version of the grammar. Appendices
provide a complete listing of the grammar, sample lexical
entries, and a corpus of parsable sentences. The grammar is
fully compatible with the Grammar Development Environment
(Technical Report 127) which provides an integrated software
environment, supporting automated parsing, generation, and
modification of grammars expressed in the formalism described
here.
cam.ac.uk//UCAM-CL-TR-163
2017-07-13
Inference in a natural language front end for
databases
Copestake, Ann
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1989-02
en
Text
UCAM-CL-TR-163
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-163.pdf
This report describes the implementation and initial testing of
knowledge representation and inference capabilities within a
modular database front end designed for transportability.
cam.ac.uk//UCAM-CL-TR-164
2018-03-27
A matrix key distribution system
Gong, Li
Wheeler, David J.
University of Cambridge, Computer Laboratory
1988-10
en
Text
UCAM-CL-TR-164
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-164.pdf
A new key distribution scheme is presented. It is based on the
distinctive idea that lets each node have a set of keys of which
it shares a distinct subset with every other node. This has the
advantage that the numbers of keys that must be distributed and
maintained are reduced by a square root factor; moreover, two
nodes can start conversation with virtually no delay. Two
versions of the scheme are given. Their performance and security
analysis shows it is a practical solution to some key
distribution problems.
cam.ac.uk//UCAM-CL-TR-165
2022-04-22
Fast packet switching for integrated services
Newman, Peter
University of Cambridge, Computer Laboratory
1989-03
en
Text
UCAM-CL-TR-165
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-165.pdf
As the communications industry continues to expand two current
trends are becoming apparent: the desire to support an
increasing diversity of communications services (voice, video,
image, text, etc.) and the consequent requirement for increased
network capacity to handle the expected growth in such
multi-service traffic. This dissertation describes the design,
performance and implementation of a high capacity switch which
uses fast packet switching to offer the integrated support of
multi-service traffic. Applications for this switch are
considered within the public network, in the emerging
metropolitan area network and within local area networks.
The Cambridge Fast Packet Switch is based upon a non-buffered,
multi-path, switch fabric with packet buffers situated at the
input ports of the switch. This results in a very simple
implementation suitable for construction in current gate array
technology. A simulation study of the throughput at saturation
of the switch is first presented to select the most appropriate
switch parameters. Then follows an investigation of the swith
performance for multi-service traffic. It is shown, for example,
that for an implementation in current CMOS technology, operating
at 50 Mhz, switches with a total traffic capacity of up to 150
Gbits/sec may be constructed. Furthermore, if the high priority
traffic load is limited on each input port to a maximum of 80%
of switch port saturation, then a maximum delay across the
switch of the order of 100 µsecs may be guaranteed, for 99% of
the high priority traffic, regardless of the lower priority
traffic load.
An investigation of the implementation of the switch by the
construction of the two fundamental components of the design in
3 µm HCMOS gate arrays is presented and close agreement is
demonstrated between performance of the hardware implementation
and the simulation model. It is concluded that the most likely
area of application of this design is as a high capacity
multi-service local area network or in the interconnection of
such networks.
cam.ac.uk//UCAM-CL-TR-166
2020-03-09
Evolution of operating system structures
Bacon, Jean
University of Cambridge, Computer Laboratory
1989-03
en
Text
UCAM-CL-TR-166
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-166.pdf
The development of structuring within operating systems is
reviewed and related to the simultaneous evolution of concurrent
programming languages. First traditional, multi-user systems are
considered and their evolution from monolithic closed systems to
general domain structured systems is traced. Hardware support
for protected sharing is emphasised for this type of system.
The technology directed trend towards single user workstations
requires a different emphasis in system design. The requirement
for protection in such systems is less strong than in multi-user
systems and, in a single language system, may to some extent be
provided by software at compile time rather than hardware at run
time. Distributed systems comprising single user workstations
and dedicated server machines are considered and the special
requirements for efficient implementation of servers are
discussed.
The concepts of closed but structured and open system designs
are helpful. It is argued that the open approach is most suited
to the requirements of single user and distributed systems.
Experiences of attempting to implement systems over a closed
operating system base are presented.
Progress towards support for heterogeneity in distributed
systems, so that interacting components written in a range of
languages may interwork and may run on a variety of hardware, is
presented.
The benefits of taking an object orientated view for
system-level as well as language-level objects and for
specification, generation and design of systems are discussed
and work in this area is described.
An outline of formal approaches aimed at specification,
verification and automatic generation of software is given.
Finally, design issues are summarised and conclusions drawn.
cam.ac.uk//UCAM-CL-TR-167
2017-07-06
A verified compiler for a verified
microprocessor
Joyce, Jeffrey J.
University of Cambridge, Computer Laboratory
1989-03
en
Text
UCAM-CL-TR-167
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-168
2018-03-20
Distributed computing with a processor bank
Bacon, J.M.
Leslie, I.M.
Needham, R.M.
University of Cambridge, Computer Laboratory
1989-04
en
Text
UCAM-CL-TR-168
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-168.pdf
The Cambridge Distributed Computing System (CDCS) was designed
some ten years ago and was in everyday use at the Computer
Laboratory until December 1988. An overview of the basic design
of CDCS is given, an outline of its evolution and a description
of the distributed systems research projects that were based on
it. Experience has shown that a design based on a processor bank
leads to a flexible and extensible distributed system.
cam.ac.uk//UCAM-CL-TR-169
2020-11-06
Filing in a heterogeneous network
Seaborne, Andrew Franklin
University of Cambridge, Computer Laboratory
1989-04
en
Text
UCAM-CL-TR-169
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-169.pdf
Heterogeneity is becoming a common feature in local area
networks as the variety of equipment that is marketed increases.
Each such system will have its own mix of hardware and software
but it is still desirable to be able to bring in new
applications and machines and integrate them with the existing
equipment.
Careful design is required to be able to introduce new
subsystems into the network in a manner that reduces the
manpower needed. If binary compatibility for application
programs is achieved then new software can be introduced without
the need for source code alterations. If the design of the
computing environment is correctly constructed then the
introduction of new hardware will not require alterations or
cause disruption to the rest of the system.
There is a reduction in the ability to share information through
files being accessible to many people and from many locations
when there are a number of filing systems present in the
network. Ideally a single filing system spanning all operating
systems that exist in the distributed computing environment
would give maximum possible sharing.
Any existing file service will provide a set of facilities for
the construction of a name space by its client or enforce a
predefined naming structure which is not compatible with any
other. This thesis describes a single network filing system that
has been constructed by separating file storage from file
naming. By introducing a directory service to manage the name
space, and using file servers only for file storage, the need
for each client to be extended to take account of every file
service is avoided. A single network file transfer protocol
allows the directory service to authenticate each request and
allows for the introduction of new equipment with no disruption
to the existing system.
cam.ac.uk//UCAM-CL-TR-170
2022-10-06
Ordered rewriting and confluence
Martin, Ursula
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1989-05
en
Text
UCAM-CL-TR-170
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-170.pdf
One of the major problems in term rewriting theory is what to do
with an equation which cannot be ordered into a rule. Many
solutions have been proposed, including the use of special
unification algorithms or of unfailing completion procedures.
If an equation cannot be ordered we can still use any instances
of it which can be ordered for rewriting. Thus for example x ∗ y
= y ∗ x cannot be ordered, but if a, b are constants with b ∗ a
> a ∗ b we may rewrite b ∗ a → a ∗ b. This idea is used in
unfailing completion, and also appears in the Boyer-Moore
system. In this paper we define and investigate completeness
with respect to this notion of rewriting and show that many
familiar systems are complete rewriting systems in this sense.
This allows us to decide equality without the use of special
unification algorithms. We prove completeness by proving
termination and local confluence. We describe a confluence test
based on recursive properties of the ordering.
cam.ac.uk//UCAM-CL-TR-171
2016-08-08
Some types with inclusion properties in ∀, →,
μ
Fairbairn, Jon
University of Cambridge, Computer Laboratory
1989-06
en
Text
UCAM-CL-TR-171
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-171.pdf
This paper concerns the ∀, →, μ type system used in the
non-strict functional programming language Ponder. While the
type system is akin to the types of Second Order
Lambda-calculus, the absence of type application makes it
possible to construct types with useful inclusion relationships
between them.
To illustrate this, the paper contains definitions of a natural
numbers type with many definable subtypes, and of a record type
with inheritance.
cam.ac.uk//UCAM-CL-TR-172
2022-05-17
A theoretical framework for computer models of
cooperative dialogue, acknowledging multi-agent
conflict
Galliers, Julia Rose
University of Cambridge, Computer Laboratory
1989-07
en
Text
UCAM-CL-TR-172
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-172.pdf
This thesis describes a theoretical framework for modelling
cooperative dialogue. The linguistic theory is a version of
speech act theory adopted from Cohen and Levesque, in which
dialogue utterances are generated and interpreted pragmatically
in the context of a theory of rational interaction. The latter
is expressed as explicitly and formally represented principles
of rational agenthood and cooperative interaction. The focus is
the development of strategic principles of multi-agent
interaction as such a basis for cooperative dialogue. In
contrast to the majority of existing work, these acknowledge the
positive role of conflict to multi-agent cooperation, and make
no assumptions regarding the benevolence and sincerity of
agents. The result is a framework wherein agents can resolve
conflicts by negotiation. It is a preliminary stage to the
future building of computer models of cooperative dialogue for
both HCI and DAI, which will therefore be more widely and
generally applicable than those currently in existence.
The theory of conflict and cooperation is expressed in the
different patterns of mental states which characterise
multi-agent conflict, cooperation and indifference as three
alternative postural relations. Agents can recognise and
potentially create these. Dialogue actions are the strategic
tools with which mental states can be manipulated, whilst
acknowledging that agents are autonomous over their metal
states; they have control over what they acquire and reveal in
dialogue. Strategic principles of belief and goal adoption are
described in terms of the relationships between autonomous
agents’ beliefs, goals, preference and interests, and the
relation of these to action. Veracity, mendacity, concealing and
revealing are defined as properties of acts. The role of all
these elements in reasoning about dialogue action and conflict
resolution, is tested in analysis of two example dialogues; a
record of a real trade union negotiation and an extract from
“Othello” by Shakespeare.
cam.ac.uk//UCAM-CL-TR-173
2022-05-05
Programming in temporal logic
Hale, Roger William Stephen
University of Cambridge, Computer Laboratory
1989-07
en
Text
UCAM-CL-TR-173
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-173.pdf
The idea of writing computer programs in logic is an attractive
one, for such programs may be designed, verified, and
implemented using a single formal language. This brings a number
of practical benefits:
1. There is no room for ambiguity in the relationship between
specification and implementation, and no need to learn a
different language for each.
2. It is easy to test out specifications from the earliest
stages of development, which avoids attempting to implement or
verify an inapproptiate design.
3. Computerised tools can be applied directly to transform and
verify programs, using the established machinery of mathematical
logic.
4. Logic supports hierarchical design, so a large project can be
divided into smaller tasks which may be designed and verified
independently.
Similar benefits may be bestowed by any formal programming
language, but the idea only works if the language suits the
intended application. All too often the application is forced to
fit the language.
In this dissertation I describe an approach that suits the
development of parallel and real-time systems. The approach is
based on Tempura, a deterministic programming language developed
by Moszkowski from his work on hardware specification using
Interval Temporal Logic (ITL). I present the formal semantics of
ITL in higher-order logic, and show how programs can be
transformed and verified using the HOL theorem prover. Then I
show how to represent a number of familiar programming concepts
in ITL. First, I show that the language of while-programs can be
embedded in temporal logic; and that includes the destructive
assignment statement with the usual inertial assumption. An
interesting corollary is that a simple sequential program,
written in Pascal, say, becomes a logic program in Tempura. More
advanced concepts include parallel processes and message
passing, as well as real-time phenomena such as timeouts,
interrupts and traps. Each idea is experimentally tested on a
suitable example, using an interpreter for Tempura. The examples
range from matrix multiplication and parallel sorting, to a
pipelined parser and a real-time lift-controller.
cam.ac.uk//UCAM-CL-TR-174
2022-10-07
General theory relating to the implementation of
concurrent symbolic computation
Clarke, James Thomas Woodchurch
University of Cambridge, Computer Laboratory
1989-08
en
Text
UCAM-CL-TR-174
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-174.pdf
The central result of this work is the discovery of a new class
of architectures, which I call D-RISC, sharing some
characteristics of both dataflow and Von Neumann RISC computers,
for concurrent computation. This rests on an original and simple
theory which relates the demands of concurrent computation on
hardware resources to the fundamental performance constraints of
technology. I show that dataflow and Von Neumann architectures
have different fundamental hardware constraints to performance,
and that therefore and D-RISC architecture, which balances these
two constraints, is likely to be optimum for concurrent
computation.
The work forms four related sections:
A study of the nature of concurrent symbolic computation and the
demands which it makes from any implementation. Two new results
emerge from this. A model of computation which will be used
extensively in subsequent sections, and a way of incorporating
imperative updates in a functional language, similar but
superior to non-deterministic merge, which captures locally
sequential updates in a computation with minimum constraint on
global concurrency.
The computational model is udes to contrast different policies
for localising data near a CPU. A new type of cache is proposed
which renames all of its cached addresses in order to reduce CPU
word-length.
CPU design is examined and a new class of architectures for
concurrent computation, called D-RISCs, are proposed.
The multiple-thread implementation problems encountered in the
new architectures are examined. A new analysis of the
relationship between scheduling and intermediate store use in a
symbolic concurrent computation is presented.
cam.ac.uk//UCAM-CL-TR-175
2017-07-13
A formulation of the simple theory of types (for
Isabelle)
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1989-08
en
Text
UCAM-CL-TR-175
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-175.pdf
Simple type theory is formulated for use with the generic
theorem prover Isabelle. This requires explicit type inference
rules. There are function, product, and subset types, which may
be empty. Descriptions (the eta-operator) introduce the Axiom of
Choice. Higher-order logic is obtained through reflection
between formulae and terms of type bool. Recursive types and
functions can be formally constructed.
Isabelle proof procedures are described. The logic appears
suitable for general mathematics as well as computational
problems.
cam.ac.uk//UCAM-CL-TR-176
2021-01-29
Implementing aggregates in parallel functional
languages
Clarke, T.J.W.
University of Cambridge, Computer Laboratory
1989-08
en
Text
UCAM-CL-TR-176
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-176.pdf
Many constructions which are difficult to write efficiently in
pure functional languages have as underlying semantics an
aggregate. An aggregate is a collection of individual elements
whose order does not matter, it can thus be constructed
functionally using a commutative associative combining operator.
Equivalent and more efficient implementations for aggregates
exist which are operational. A new construction, the A-thread,
an aggregate specified operationally which introduces provably
local data indeterminacy, is defined. Operational specification
of an aggregate, in which each element is specified by a
separate function call, does not necessarily destroy referential
transparency in a functional language. Aggregates defined using
joins on partial orders allow early termination if an
operational implementation is used: Arvind’s ‘I-structures’ and
Burton’s ‘improving values’ are examples of this.
cam.ac.uk//UCAM-CL-TR-177
2021-01-29
Experimenting with Isabelle in ZF Set Theory
Noel, P.A.J.
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-177
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-177.pdf
The theorem prover Isabelle has been used to axiomatise ZF set
theory with natural deduction and to prove a number of theorems
concerning functions. In particular the axioms and inference
rules of four theories have been derived in the form of theorems
of set theory. The four theories are:
λ_βη, a form of typed lambda calculus with equality,
O_0, a form of simple type theory,
an intuitionistic first order theory with propositions
interpreted as the type of their proofs,
PPλ, the underlying theory of LCF.
Most of the theorems have deen derived using backward proofs,
with a small amount of automation.
cam.ac.uk//UCAM-CL-TR-178
2017-07-06
Totally verified systems: linking verified software to
verified hardware
Joyce, Jeffrey J.
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-178
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-178.pdf
We describe exploratory efforts to design and verify a compiler
for a formally verified microprocessor as one aspect of the
eventual goal of building totally verified systems. Together
with a formal proof of correctness for the microprocessor this
yields a precise and rigorously established link between the
semantics of the source language and the execution of compiled
code by the fabricated microchip. We describe in particular: (1)
how the limitations of real hardware influenced this proof; and
(2) how the general framework provided by higher order logic was
used to formalize the compiler correctness problem for a
hierarchically structured language.
cam.ac.uk//UCAM-CL-TR-179
2021-02-03
Automating Squiggol
Martin, Ursula
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-179
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-179.pdf
The Squiggol style of program development is shown to be readily
automated using LP, an equational reasoning theorem prover.
Higher-order functions are handled by currying and the
introduction of an application operator. We present an automated
version of Bird’s development of the maximum segment sum
algorithm, and a similar treatment of a proof of the binomial
theorem.
cam.ac.uk//UCAM-CL-TR-180
2021-02-03
Formal verification of data type refinement: Theory and
practice
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-180
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-180.pdf
This paper develops two theories of data abstraction and
refinement: one for applicative types, as they are found in
functional programming languages, and one for state-based types
found in imperative languages. The former are modelled by
algebraic structures, the latter by automata. The automaton
theoretic model covers not just data types but distributed
systems in general. Within each theory two examples of data
refinement are presented and formally verified with the theorem
prover Isabelle. The examples are an abstract specification and
two implementations of a memory system, and a mutual exclusion
algorithm.
cam.ac.uk//UCAM-CL-TR-181
2021-02-03
Proof transformations for equational theories
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-181
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-181.pdf
This paper contrasts two kinds of proof systems for equational
theories: the standard ones obtained by combining the axioms
with the laws of equational logic, and alternative systems
designed to yield decision procedures for equational problems.
Two new matching alogorithms for (among other theories)
associativity, associativity + commutativity, and associativity
+ commutativity + identity are presented, the emphasis is not so
much on individual theories but on the general method of proof
transformation as a tool for showing the equivalence of
different proof systems.
After studying proof translations defined by rewriting systems,
equivalence tests based on the notion of resolvant theories are
used to derive new matching and in some cases unification
procedures for a number of equational theories. Finally the
combination of resolvant systems is investigated.
cam.ac.uk//UCAM-CL-TR-182
2021-02-05
The theory and implementation of a bidirectional
question answering system
Levine, John M.
Fedder, Lee
University of Cambridge, Computer Laboratory
1989-10
en
Text
UCAM-CL-TR-182
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-182.pdf
This paper describes a question answering system which is a
limited instance of the general bidirectional architecture
suggested by Appelt (1987), The novel features of our approach
include the use of a linguistically well-motivated set of
functional features; a bidirectional grammar which encodes these
features directly; a question answering program which uses the
thematic organisation of the user’s input to construct a
cooperative reply; and a tactical generation component which can
be used with Montague semantics.
cam.ac.uk//UCAM-CL-TR-183
2021-02-05
The specification and verification of sliding window
protocols in higher order logic
Cardell-Oliver, Rachel
University of Cambridge, Computer Laboratory
1989-10
en
Text
UCAM-CL-TR-183
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-183.pdf
This report describes the formal specification and verification
of a class of sliding window protocols using higher order logic.
It is proved that a model for implementations of the protocol
locically implies safety and liveness invariants, and that these
invariants in turm imply an abstract specification of the
protocol. The specification and implementation models used in
the proof are based on techniques developed for hardware
verification in HOL at Cambridge. This model and proof will
eventually be used as the basis for a more general sliding
window protocol model.
cam.ac.uk//UCAM-CL-TR-184
2022-06-17
Site interconnection and the exchange
architecture
Tennenhouse, David Lawrence
University of Cambridge, Computer Laboratory
1989-10
en
Text
UCAM-CL-TR-184
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-184.pdf
The users of a site’s telecommunication facilities rely on a
colection of devices, transducers and computers, to provide the
primary communications interface. In the traditional approach to
site interconnection, some of these devices are directly
attached to specialised carrier networks. The remaining devices
are attached to local networks that are tailored to support
communication amongst compatible devices at remote sites. This
arrangement does not reap the full benefits of network and
service integration: each local network has its own common
carrier interfaces; and there is no provision for device
independent processing, storage, and forwarding elements.
This dissertation describes a layered approach to site
interconnection. Communication between peer sites is supported
by the lower layer carrier networks, and associations between
upper layer clients are supported by the local network layer.
The site interconnection layer, inserted between the lacal and
carrier layers, facilitates communication between peer local
networks. This layer is composed of independent subsystems that
offer the site interconnection service (SI-service) to their
upper layer clients. Each SI-subsystem is a funnel through which
various device-dependent symbol sets are encoded into a common
digital format. The symbol streams of concurrent upper layer
associations are multiplexed together for presentation at the
shared carrier interfaces. Service integration is achieved
through the encoding of many different styles of communication
(vioce, video, facsimilie, tile transfer, etc.) into a common
symbol set.
The first part of this dissertation develops the connected
argument sharing this layered architecture. The second part
describes the experimental development and analysis of the
exchange architecture, which provides an SI-service that
supports Asynchronous Transfer Mode (ATM) communication. The ATM
approach is characterized by the use of small packets in
conjunction with switch fabrics that provide comprable
performance to circuit switching, and permit much greater
variability in traffic patterns. The switch fabric of the pilot
implementation is based on the Cambridge Fast Ring: the CFR
packet structure is the basis of the ATM encoding; and the VLSI
ring technology has been used to construct the individual
SI-subsystems. In this application, the CFR provides ATM-based
switching and multiplexing facilities.
This work is distinguished by its emphasis on site independence
and universal access to telecommunication services. The
principal contributions to the thesis relate to site
interconnection; ATM encodings; out-of-band and non-invasive
network management; particular analysis methodologies; and the
design of multi-service networks.
cam.ac.uk//UCAM-CL-TR-185
2022-10-07
Logics of domains
Zhang, Guo Qiang
University of Cambridge, Computer Laboratory
1989-12
en
Text
UCAM-CL-TR-185
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-185.pdf
This dissertation studies the logical aspects of domains as used
in the denotational semantics of programming languages.
Frameworks of domain logics are introduced which serve as basic
tools for the systematic derivation of proof systems from the
denotational semantics of programming languages. The proof
systems so derived are guaranteed to agree with the denotational
semantics in the sense that the denotation of any program
coincides with the set of assertions true of it.
The study focuses on two frameworks for denotational semantics:
the SFP domains, and the less standard, but important, category
of dI-domains with stable functions.
An extended form of Scott’s information systems are introduced
to represent SFP objects. They provide better understanding of
the structure of finite elements and open sets of domains. These
systems generalise to a logic of SFP which uses inequational
formulae to axiomatise entailment and non-entailment of open-set
assertions. Soundness, completeness, and expressiveness results
of the logic are obtained, and possible applications are
investigated. A μ-calculus of Scott domains is introduced to
extend the expressive power of the assertion language.
Special kinds of open sets called stable neighbourhoods are
introduced and shown to determine stable functions in a similar
sense to that in which Scott-open sets determine continuous
functions. Properties and constructions of the stable
neighbourhoods on various categories of dI-domains are
investigated. Logical frameworks for Girard’s coherent spaces
and Berry’s dI-domains are given in which assertions are
interpreted as stable neighbourhoods. Various soundness,
completeness, and expressiveness results are provided.
cam.ac.uk//UCAM-CL-TR-186
2016-07-22
Protocol design for high speed networks
McAuley, Derek Robert
University of Cambridge, Computer Laboratory
1990-01
en
Text
UCAM-CL-TR-186
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-186.ps.gz
Improvements in fibre optic communication and in VLSI for
network switching components have led to the consideration of
building digital switched networks capable of providing point to
point communication in the gigabit per second range. Provision
of bandwidths of this magnitude allows the consideration of a
whole new range of telecommunications services, integrating
video, voice, image and text. These multi-service networks have
a range of requirements not met by traditional network
architectures designed for digital telephony or computer
applications. This dissertation describes the design, and an
implementation, of the Multi-Service Network architecture and
protocol family, which is aimed at supporting these services.
Asynchronous transfer mode networks provide the basic support
required for these integrated services, and the Multi-Service
Network architecture is designed primarily for these types of
networks. The aim of the Multi-Service protocol family is to
provide a complete architecture which allows use of the full
facilities of asynchronous transfer mode networks by multi-media
applications. To maintain comparable performance with the
underlying media, certain elements of the MSN protocol stack are
designed with implementation in hardware in mind. The
interconnection of heterogeneous networks, and networks
belonging to different security and administrative domains, is
considered vital, so the MSN architecture takes an
internetworking approach.
cam.ac.uk//UCAM-CL-TR-187
2017-07-13
Natural language interfaces to databases
Copestake, Ann
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-187
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-187.ps.gz
This paper reviews the state of the art in natural language
access to databases. This has been a long-standing area of work
in natural language processing. But though some commercial
systems are now available, providing front ends has proved much
harder than was expected, and the necessary limitations on front
ends have to be recognised. The paper discusses the issues, both
general to language and task-specific, involved in front end
design, and the way these have been addressed, concentrating on
the work of the last decade. The focus is on the central process
of translating a natural language question into a database
query, but other supporting functions are also covered. The
points are illustrated by the use of a single example
application. The paper concludes with an evaluation of the
current state, indicating that future progress will depend on
the one hand on general advances in natural language processing,
and on the other on expanding the capabilities of traditional
databases.
cam.ac.uk//UCAM-CL-TR-188
2021-01-27
Specification of computer architectures: a survey and
annotated bibliography
Leonard, Timothy E.
University of Cambridge, Computer Laboratory
1990-01
en
Text
UCAM-CL-TR-188
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-188.pdf
I first define computer architecture and architecture
specification, explain how the conflict between clarity and
ambiguity makes writing specifications difficult, and introduce
and consider the advantages and problems of formal
specifications. I then survey all the literature on architecture
specification, and introduce the literature on technical writing
and on formal specification in general. I close with an
annotated bibliography.
cam.ac.uk//UCAM-CL-TR-189
2018-03-27
Isabelle tutorial and user’s manual
Paulson, Lawrence C.
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1990-01
en
Text
UCAM-CL-TR-189
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-189.pdf
This (obsolete!) manual describes how to use the theorem prover
Isabelle. For beginners, it explains how to perform simple
single-step proofs in the built-in logics. These include
first-order logic, a classical sequent calculus, ZF set theory,
Constructie Type Theory, and higher-order logic. Each of these
logics is described. The manual then explains how to develop
advanced tactics and tacticals and how to derive rules. Finally,
it describes how to define new logics within Isabelle.
cam.ac.uk//UCAM-CL-TR-190
2017-07-13
Some notes on mass terms and plurals
Copestake, Ann
University of Cambridge, Computer Laboratory
1990-01
en
Text
UCAM-CL-TR-190
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-190.ps.gz
This report describes a short investigation into some possible
treatments of mass nouns and plurals. It aims to provide a
grammar and axiomatisation with a reasonable coverage of these
phenomena, so that a range of sentences can be parsed, and
inferences made automatically.
The previous work on the subject, mainly due to Hasle (1988) is
reviewed, and the limitations of both the original theories and
Hasle’s implementation are demonstrated. Some more recent work,
especially that relevant to Link’s theory, is also discussed.
The present grammar and axiomatisation is described. Although it
is not the implementation of any particular theory, it draws on
the work of Link, Krifka and Roberts. Some of the problems with
the present approach are discussed, although possible solutions
would need to be considered in a wider context. The aim is to
show what types of phenomena can be treated by a relatively
simple approach.
The implemented grammar covers everything that was treated by
Hasle’s implementation, and extends that coverage in a varietry
of ways, while providing a better integration of the treatment
of mass nouns and plurals than the earlier work. It was written
in the CFG+ formalism, and some parts of the axiomatisation have
been tested using the HOL system.
cam.ac.uk//UCAM-CL-TR-191
2017-07-13
An architecture for real-time multimedia communications
systems
Nicolaou, Cosmos
University of Cambridge, Computer Laboratory
1990-02
en
Text
UCAM-CL-TR-191
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-191.pdf
An architecture for real-time multimedia communications systems
is presented. A multimedia communication systems includes both
the communication protocols used to transport the real-time data
and also the Distributed Computing system (DCS) within which any
applications using these protocols must execute. The
architecture presented attempts to integrate these protocols
with the DCS in a smooth fashion in order to ease the writing of
multimedia applications. Two issues are identified as being
essential to the success of this integration: namely the
synchronisation of related real-time data streams, and the
management of heterogeneous multimedia hardware. The
synchronisation problem is tackled by defining explicit
synchronisation properties at the presentation level and by
providing control and synchronisation operations within the DCS
which operate in terms of these properties. The heterogeneity
problems are addressed by separating the data transport
semantics (protocols themselves) from the control semantics
(protocol interfaces). The control semantics are implemented
using a distributed, typed interface, scheme within the DCS
(i.e. above the presentation layer), whilst the protocols
themselves are implemented within the communication subsystem.
The interface between the DCS and communications subsystem is
referred to as the orchestration interface and can be considered
to lie in the presentation and session layers.
A conforming prototype implementation is currently under
construction.
cam.ac.uk//UCAM-CL-TR-192
2017-07-13
Designing a theorem prover
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1990-05
en
Text
UCAM-CL-TR-192
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-192.pdf
The methods and principles of theorem prover design are
presented through an extended example. Starting with a sequent
calculus for first-order logic, an automatic prover (called
Folderol) is developed. Folderol can prove quite a few
complicated theorems, although its search strategy is crude and
limited. Folderol is coded in Standard ML and consists largely
of pure functions. Its complete listing is included.
The report concludes with a survey of other research in theorem
proving: the Boyer/Moore theorem prover, Automath, LCF, and
Isabelle.
cam.ac.uk//UCAM-CL-TR-193
2021-02-10
Belief revision and a theory of communication
Galliers, Julia Rose
University of Cambridge, Computer Laboratory
1990-05
en
Text
UCAM-CL-TR-193
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-193.pdf
This report concerns choices about changing belief. It describes
research to establish and model a principled theoretical basis
by which rational agents autonomously choose whether, as well as
how to revise their beliefs. Aspects of the various problems in
belief revision are discussed, and solved in the context of an
AI tool for reason maintenance extended to cover situations of
new evidence as not assumed ‘truth’. Primarily this results from
the inclusion of a non numeric theory of strength of belief,
which relates strength to persistence in the context of
challenge. Such autonomous belief revision is presented as the
basis of a theory of communication, as a special case of
reasoning about change in an uncertain world with incomplete
information, comprising others similarly constrained.
cam.ac.uk//UCAM-CL-TR-194
2022-05-04
Proceedings of the First Belief Representation and Agent
Architectures Workshop
Galliers, Julia Rose
University of Cambridge, Computer Laboratory
1990-03
en
Text
UCAM-CL-TR-194
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-194.pdf
The first Belief Representation and Agent Architectures workshop
was organised by Cambridge University Computer Laboratory, and
held at SRI International in Cambridge on the 22nd and 23rd
March 1990. It was designed as a closed meeting of 15
researchers, all currently working in and familiar with this
subfield of AI. The purpose of the meeting was not so much to
present completed work, as to exchange ideas and explore issues
with others equally as aware of the relevant problems and
background. Each presenter was given 90 minutes in which to lead
a discussion on a topic related to their research interests.
Generally these were oriented around the presenter's current
research projects, outlines of which had been distributed prior
to the meeting.
These proceedings comprise eight sections, each including the
discussion report followed by copies of the presenter’s
overheads, followed by the summaries of the presenter’s and
rapporteur’s current research projects. The sections are as
follows: General introduction, different styles of agent
architectures, a minimalist approach to agent architectures,
models of belief revision, the value of formal approaches,
knowledge action chance and utility, different value systems,
and channels for dialogue.
cam.ac.uk//UCAM-CL-TR-195
2022-05-17
Multi-level verification of microprocessor-based
systems
Joyce, Jeffrey J.
University of Cambridge, Computer Laboratory
1990-05
en
Text
UCAM-CL-TR-195
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-195.pdf
The idea of using formal logic to reason about small fragments
or single layers of a software/hardware system is
well-established in computer science and computer engineering.
Recently, formal logic has been used to establish correctness
properties for several realistic systems including a
commercially-available microprocessor designed by the British
Ministry of Defence for life-critical applications. A
challenging area of new research is to verify a complete system
by linking correctness results for multiple layers of software
and hardware into a chain of logical dependencies.
This dissertation focuses specifically on the use of formal
proof and mechanical proof-generation techniques to verify
microprocessor-based systems. We have designed and verified a
complete system consisting of a simple compiler for a
hierarchically structured programming language and a simple
microprocessor which executes code generated by this compiler.
The main emphasis of our discussion is on the formal
verification of the microprocessor. The formal verification of
the compiler is described in a separate paper included as an
appendix to this dissertation.
Combining correctness results for the compiler with correctness
results for the microprocessor yields a precise and rigorously
established link between the formal semantics of the programming
language and the execution of compiled code by a model of the
hardware. The formal proof also links the hardware model to the
behavioural specification of an asynchronous memory interface
based on a four-phase handshaking protocol.
The main ideas of this research are (1) the use of generic
specification to filter out non-essential detail, (2) embedding
natural notations from special-purpose formalisations such as
temporal logic and denotational description, and (3) the use of
higher-order logic as a single unifying framework for reasoning
about complete systems.
Generic specification, in addition to supporting fundamental
principles of modularity, abstraction and reliable re-usability,
provides a mechanism for enforcing a sharp distinction between
what has and what has not been formally considered in a proof of
corectness. Furthermore, it is possible to create generic
specifications in a pure formalism with the expressive power of
higher-order logic without inventing new constructs.
Natural notations from special-purpose formalisms offer the
advantage of concise and meaningful specifications when applied
to particular areas of formal description. Semantic gaps between
different notations are avoided by embedding them in a single
logic. Special-purpose rules based on these notations can be
derived as theorems with the aim of implementing more efficient
proof strategies.
Finally it is argued that the primary purpose of using
mechanical proof generation techniques to reason about software
and hardware is to support the intelligent participation of a
human verifier in the rigorous analysis of a design at a level
which supports clear thinking.
cam.ac.uk//UCAM-CL-TR-196
2022-10-07
The semantics of VHDL with Val and Hol: towards
practical verification tools
Van Tassell, John Peter
University of Cambridge, Computer Laboratory
1990-06
en
Text
UCAM-CL-TR-196
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-196.pdf
The VHSIC Hardware Description Language (VHDL) is an emerging
standard for the design of Application Specific Integrated
Circuits. We examine the semantics of the language in the
context of the VHDL Annotation Language (VAL) and the Higher
Order Logic (HOL) system with the purpose of proposing methods
by which VHDL designs may be converted into these two forms for
further validation and verification. A translation program that
utilizes these methods is described, and several comprehensive
VHDL design examples are shown.
cam.ac.uk//UCAM-CL-TR-197
2021-02-10
The semantics and implementation of aggregates : or :
how to express concurrency without destroying
determinism
Clarke, Thomas
University of Cambridge, Computer Laboratory
1990-07
en
Text
UCAM-CL-TR-197
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-197.pdf
This paper investigates the relationship between declarative
semantics and concurrent computation. A fundamental programming
construction, the aggregate, is identified. Aggregates have a
simple declarative semantics, yet cannot be written in pure
functional languages. The addition of aggregates to a functional
language increases expressiveness without destroying determinism
or referential transparency. Specific aggregates can be used to
implememnt concurrent graph marking, time deterministic merge of
lazy lists, and write once locations.
cam.ac.uk//UCAM-CL-TR-198
2017-07-06
Evaluation Logic
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-198
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-198.ps.gz
A new typed, higher-order logic is described which appears
particularly well fitted to reasoning about forms of computation
whose operational behaviour can be specified using the Natural
Semantics style of structural operational semantics. The logic’s
underlying type system is Moggi’s computational metalanguage,
which enforces a distinction between computations and values via
the categorical structure of a strong monad. This is extended to
a (constructive) predicate logic with modal formulas about
evaluation of computations to values, called evaluation
modalities. The categorical structure corresponding to this kind
of logic is explained and a couple of examples of categorical
models given.
As a first example of the naturalness and applicability of this
new logic to program semantics, we investigate the translation
of a (tiny) fragment of Standard ML into a theory over the
logic, which is proved computationally adequate for ML’s Natural
Semantics. Whilst it is tiny, the ML fragment does however
contain both higher-order functional and imperative features,
about which the logic allows us to reason without having to
mention global states explicitly.
cam.ac.uk//UCAM-CL-TR-199
2018-03-27
The HOL verification of ELLA designs
Boulton, Richard
Gordon, Mike
Herbert, John
Van Tassel, John
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-199
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-199.ps.gz
HOL is a public domain system for generating proofs in higher
order predicate calculus. It has been in experimental and
commercial use in several countries for a number of years.
ELLA is a hardware design language developed at the Royal
Signals and Radar Establishment (RSRE) and marketed by Computer
General Electronic Design. It supports simulation models at a
variety of different abstraction levels.
A preliminary methodology for reasoning about ELLA designs using
HOL is described. Our approach is to semantically embed a subset
of the ELLA language in higher order logic, and then to make
this embedding convenient to use with parsers and
pretty-printers. There are a number of semantic issues that may
affect the ease of verification. We discuss some of these
briefly. We also give a simple example to illustrate the
methodology.
cam.ac.uk//UCAM-CL-TR-200
2021-02-10
Type classes and overloading resolution via order-sorted
unification
Nipkow, Tobias
Snelting, Gregor
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-200
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-200.pdf
We present a type inference algorithm for a haskell-like
language based on order-sorted unification. The language
features polymorphism, overloading, type classes and multiple
inheritance. Class and instance declarations give rise to an
order-sorted algebra of types. Type inference esentially reduces
to the Hindley/Milner algorithm where unification takes place in
this order-sorted algebra of types. The theory of order-sorted
unification provides simple sufficient conditions which ensure
the existence of principal types. The semantics of the language
is given by a translation into ordinary λ-calculus. We prove the
correctness of our type inference algorithm with respect to this
semantics.
cam.ac.uk//UCAM-CL-TR-201
2016-07-22
Formalizing abstraction mechanisms for hardware
verification in higher order logic
Melham, Thomas Frederick
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-201
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-201.pdf
Recent advances in microelectronics have given designers of
digital hardware the potential to build devices of remarkable
size and complexity. Along with this however, it becomes
increasingly difficult to ensure that such systems are free from
design errors, where complete simulation of even moderately
sized circuits is impossible. One solution to these problems is
that of hardware verification, where the functional behaviour of
the hardware is described mathematically and formal proof is
used to show that the design meets rigorous specifications of
the intended operation.
This dissertation therefore seeks to develop this, showing how
reasoning about the correctness of hardware using formal proof
can be achieved using fundamental abstraction mechanisms to
relate specifications of hardware at different levels. Therefore
a systematic method is described for defining any instance of a
wide class of concrete data types in higher order logic. This
process has been automated in the HOL theorem prover, and
provides a firm logical basis for representing data in formal
specifications.
Further, these abstractions have been developed into a new
technique for modelling the behaviour of entire classes of
hardware designs. This is based on a formal representation in
logic for the structure of circuit designs using the recursive
types defined by the above method. Two detailed examples are
presented showing how this work can be applied in practice.
Finally, some techniques for temporal abstraction are explained,
and the means for asserting the correctness of a model
containing time-dependent behaviour is described. This work is
then illustrated using a case study; the formal verification on
HOL of a simple ring communication network.
[Abstract by Nicholas Cutler (librarian), as none was submitted
with the report.]
cam.ac.uk//UCAM-CL-TR-202
2022-05-17
Three-dimensional integrated circuit layout
Harter, Andrew Charles
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-202
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-202.pdf
Some recent developments in semiconductor process technology
have made possible the construction of three-dimensional
integrated circuits. Unlike other technological developments in
two dimensional integration, these circuits present a new and
inherently richer connection topology. This offers potential for
improved layout in terms of increased density and reduced
interconnect length. These circuits will be difficult and
expensive to manufacture, at least in the short term, and the
scale of the improvement in layout is not apparent. This
dissertation presents a discussion of layout and design for
three-dimensional integrated circuits.
A number of materials and techniques can be used in the
manufacture of such circuits. This choice has a profound bearing
on the topology of circuit layout. A classification relating
process technolgy to layout topology is developed and
illustrated with the design of a number of circuits. A layout
system is presented as the vehicle for a series of experiments
in three-dimensional layout. It is shown that the system can be
constrained to perform circuit layout in a number of topologies
in the classification.
Finally, some attempt to quantify the benefits of
three-dimensional layout is made. The layout model is calibrated
by designing examples of basic circuit elements. This is done
using a set of design rules corresponding to a proposed
three-dimensional process technology. Circuit layouts produced
by the system are compared with conventional two-dimensional
layouts, and the variation in layout quality as a function of
the three-dimensionality of a layout is explored.
cam.ac.uk//UCAM-CL-TR-203
2018-03-27
Subtyping in Ponder (preliminary report)
de Paiva, Valeria C.V.
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-203
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-203.pdf
This note starts the formal study of the type system of the
functional language Ponder. Some of the problems of proving
soundness and completeness are discussed and some preliminary
results, about fragments of the type system, shown.
It consists of 6 sections. In section 1 we review briefly
Ponder’s syntax and describe its typing system. In section 2 we
consider a very restricted fragment of the language for which we
can prove soundness of the type inference mechanism, but not
completeness. Section 3 describes possible models of this
fragment and some related work. Section 4 describes the
type-inference algorithm for a larger fragment of Ponder and in
section 5 we come up against some problematic examples. Section
6 is a summary of further work.
cam.ac.uk//UCAM-CL-TR-204
2018-03-27
New foundations for fixpoint computations:
FIX-hyperdoctrines and the FIX-logic
Crole, Roy L.
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-204
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-204.ps.gz
This paper introduces a new higher-order typed constructive
predicate logic for fixpoint computations, which exploits the
categorical semantics of computations introduced by Moggi and
contains a strong version of Martin Löf’s ‘iteration type’. The
type system enforces a separation of computations from values.
The logic contains a novel form of fixpoint induction and can
express partial and total correctness statements about
evaluation of computations to values. The constructive nature of
the logic is witnessed by strong metalogical properties which
are proved using a category-theoretic version of the ‘logical
relations’ method.
cam.ac.uk//UCAM-CL-TR-205
2017-07-13
Logic programming, functional programming and inductive
definitions
Paulson, Lawrence C.
Smith, Andrew W.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-205
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-205.pdf
This paper reports an attempt to combine logic and functional
programming. It also questions the traditional view that logic
programming is a form of first-order logic, arguing instead that
the essential nature of a logic program is an inductive
definition. This revised view of logic programming suggests the
design of a combined logic/functional language. A slow but
working prototype is described.
cam.ac.uk//UCAM-CL-TR-206
2022-10-07
Formal verification of real-time protocols using higher
order logic
Cardell-Oliver, Rachel
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-206
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-206.pdf
A protocol is a distributed program which controls communication
between machines in a computer network. Two or more programs are
executed on different computers which communicate only via the
medium connecting them.Protocol implementations are difficult to
understand and write correctly because the interaction between
programs and their non-deterministic, real-time environment is
complex. For this reason protocols are often specified using an
abstract model. However few abstract specification techniques
model the problems which occur in real implementations. In
particular, the correctness of many protocols depends on
real-time issues such as the correct setting of timers and fast
responses to incoming messages.
This paper presents techniques for modelling real-time protocols
at different levels of abstraction, from implementation
behaviour to abstract requirements specifications. The language
used for these models is higher order logic. The techniques are
illustrated by the specification and verification of the class
of sliding window protocols. The HOL system, a machine
implementation of higher order logic [2], as used to both
specify and verify this example and a full listing of the HOL
theories for sliding window protocols is given in Appendix B.
cam.ac.uk//UCAM-CL-TR-207
2022-10-07
Video replay in computer animation
Hawkins, Stuart Philip
University of Cambridge, Computer Laboratory
1990-10
en
Text
UCAM-CL-TR-207
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-207.pdf
This dissertation presents a design for an animation system that
supports video-rate replay of frame sequences within a frame
buffer based graphics architecture.
In recent years framebuffer architectures have become dominant,
largely displacing other forms of graphics display system. But a
framebuffer representation is not well suited to the support of
animation. In particular, two main problems are faced: (1) the
generation of each new frame within a single frame time
(typically 40ms); and (2) the updating of the framebuffer with
the new frame representation, also within one frame time. Both
of these problems stem from the fact that the large amount of
data required to represent each frame has to be processed within
a strictly limited time. The difficulty with updating the frame
buffer representation has been largely addressed by the
development of powerful new display processor architectures,
made possible by developments in semiconductor technology. The
generation of frames at replay rates, however, represents a much
greater challenge and there are numerous situations for which
real time animation is simply inpracticable. In such cases an
alternative approach is that of frame-by-frame animation in
which the frame sequence is pre-calculated off-line and stored
for later replay at the correct speed. This technique is
commonly referred to as real-time playback.
In this dissertation the requirements of real-time playback are
discussed and a number of distinct approaches to the design of
such systems identified. For each approach examples of previous
real-time playback systems are examined and their individual
shortcomings noted. In light of these observations the design of
a new hardware-based animation system is proposed and its
implementation described. In this system frames are stored
digitally and image compression is used to address the
non-video-rate transfer rate and storage capacity limitations of
the frame storage device employed (an unmodified 5 1/4 inch
magnetic disc drive). Such an approach has previously received
little attention. Frame sequences are stored on the disc in a
compressed form and during replay are decompressed in real-time
using a hardware implementation of the coding algorithm. A
variety of image compression strategies are supported within a
generalised coding framework. This introduces operational
flexibility by allowing the system to be tailored according to
the needs of a particular application.
cam.ac.uk//UCAM-CL-TR-208
2022-10-17
Categorical combinators for the calculus of
constructions
Ritter, Eike
University of Cambridge, Computer Laboratory
1990-10
en
Text
UCAM-CL-TR-208
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-208.pdf
This report describes the derivation of a small and intuitive
set of categorical combinators for the Calculus of
Constructions. The choice of an appropriate categorical
semantics is the crucial step. A modification of Ehrhard’s
higher-order closed summable fibrations, yielding so called
CC-categories, turns out to be the appropriate underlying
categorical structure. Standard techniques can then be used to
derive the combinators. The combinators can be turned directly
into the classifying category for the Calculus of Constructions.
This establishes a precise connection between the calculus, the
combinators and the CC-categories.
cam.ac.uk//UCAM-CL-TR-209
2016-07-22
Efficient memory-based learning for robot
control
Moore, Andrew William
University of Cambridge, Computer Laboratory
1990-11
en
Text
UCAM-CL-TR-209
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-209.pdf
This dissertation is about the application of machine learning
to robot control. A system which has no initial model of the
robot/world dynamics should be able to construct such a model
using data received through its sensors—an approach which is
formalized here as the SAB (State-Action-Behaviour) control
cycle. A method of learning is presented in which all the
experiences in the lifetime of the robot are explicitly
remembered. The experiences are stored in a manner which permits
fast recall of the closest previous experience to any new
situation, thus permitting very quick predictions of the effects
of proposed actions and, given a goal behaviour, permitting fast
generation of a candidate action. The learning can take place in
high-dimensional non-linear control spaces with real-valued
ranges of variables. Furthermore, the method avoids a number of
shortcomings of earlier learning methods in which the controller
can become trapped in inadequate performance which does not
improve. Also considered is how the system is made resistant to
noisy inputs and how it adapts to environmental changes. A well
founded mechanism for choosing actions is introduced which
solves the experiment/perform dilemma for this domain with
adequate computational efficiency, and with fast convergence to
the goal behaviour. The dissertation explains in detail how the
SAB control cycle can be integrated into both low and high
complexity tasks. The methods and algorithms are evaluated with
numerous experiments using both real and simulated robot
domains. The final experiment also illustrates how a compound
learning task can be structured into a hierarchy of simple
learning tasks.
cam.ac.uk//UCAM-CL-TR-210
2021-02-19
Higher-order unification, polymorphism, and
subsorts
Nipkow, Tobias
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-210
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-210.pdf
This paper analyses the problems that arise in extending Huet’s
higher-order unification algorithm from the simply typed
λ-calculus to one with type variables. A simple, incomplete, but
in practice very useful extension to Huet’s algorithm is
discussed. This extension takes an abstract view of types. As a
particular instance we explore a type system with ML-style
polymorphism enriched with a notion of sorts. Sorts are
partially ordered and classify types, thus giving rise to an
order-sorted algebra of types. Type classes in the functional
language Haskell can be understood as sorts in this sense.
Sufficient conditions on the sort structure to ensure the
existence of principal types are discussed. Finally we suggest a
new type system for the λ-calculus which may pave the way to a
complete unification algorithm for polymorphic terms.
cam.ac.uk//UCAM-CL-TR-211
2021-02-19
The role of artificial intelligence in information
retrieval
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1990-11
en
Text
UCAM-CL-TR-211
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-211.pdf
This paper reviews four potential roles for artificial
intelligence in information retrieval, evaluating AI from a
realistic point of view and within a wide information management
context. The conclusion is that AI has limited potential, not
just because AI is itself insufficiently developed, but because
many information management tasks are properly shallow
information processing ones. There is nevertheless an important
place for specific applications of AI or AI-derived technology
when particular constraints can be placed on the information
management tasks involved.
cam.ac.uk//UCAM-CL-TR-212
2021-01-18
A distributed and-or parallel Prolog network
Wrench, K.L.
University of Cambridge, Computer Laboratory
1990-12
en
Text
UCAM-CL-TR-212
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-212.pdf
A model is proposed for the parallel execution of Prolog,
exploiting both dependent and- and full or-parallelism. The
model is implemented on a distributed network of loosely-coupled
processors and has no need of shared memory nor multiprocessor
hardware.
Known as APPNet, the model makes use of oracles to partition the
search space dynamically, thereby enabling processing elements
to be allocated a unique portion of the computation. No
communication takes place between processing elements. In
executing problems that do not exhibit any and-parallelism, all
solutions found represent final answers to the query. When an
and-parallel problem is executed, the solutions generated are
only partial solutions. The sets of partial solution are then
joined to produce consistent final solutions. Back-unification
is the process whereby partial solutions are unified according
to a template derived from the program.
Prolog source programs need not be modified by the user. Static
analysis is, however, carried out automatically on all programs
by a preprocessor before their execution in the APPNet to ensure
that clauses are not distributed before it is feasible to do so.
Side-effecting constructs are identified and the appropriate
restrictions are placed on the parallel execution strategy.
cam.ac.uk//UCAM-CL-TR-213
2018-03-27
The Dialectica categories
de Paiva, Valeria Correa Vaz
University of Cambridge, Computer Laboratory
1991-01
en
Text
UCAM-CL-TR-213
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-213.pdf
This work consists of two main parts. The first one, which gives
it its name, presents an internal categorical version of Gödel’s
“Dialectica interpretation” of higher-order arithmetic. The idea
is to analyse the Dialectica interpretation using a cetegory DC
where objects are relations on objects of a basic category C and
maps are pairs of maps of C satisfying a pullback condition. If
C is finitely complete, DC exists and has a very natural
symmetric monoidal structure. If C is locally cartesian closed
then DC is symmetric monoidal closed. If we assume C with stable
and disjoint coproducts, DC has cartesian products and
weak-coproducts and satisfies a weak form of distributivity.
Using the structure above, DC is a categorical model for
intuitionistic linear logic.
Moreover if C has free monoids then DC has cofree comonoids and
the corresponding comonad “!” on DC, which has some special
properties, can be used to model the exponential “of course!” in
Intuitionistic Linear Logic. The category of “!”-coalgebras is
isomorphic to the category of comonoids in DC and, if we assume
commutative monoids in C, the “!”-Kleisli category, which is
cartesian closed, corresponds to the Diller-Nahm variant of the
Dialectica interpretation.
The second part introduces the categories GC. The objects of GC
are the same objects of DC, but morphisms are easier to handle,
since they are maps in C in opposite directions. If C is
finitely complete, the category GC exists. If C is cartesian
closed, we can define a symmetric monoidal structure and if C is
locally cartesian closed as well, we can define inernal homs in
GC that make it a symmetric monoidal closed category. Supposing
C with stable and disjoint coproducts, we can define cartesian
products and coproducts in GC and, more interesting, we can
define a dual operation to the tensor product bifunctor, called
“par”. The operation “par” is a bifunctor and has a unit “⊥”,
which is a dualising object. Using the internal hom and ⊥ we
define a contravariant functor “(−)⊥” which behaves like
negation and thus it is used to model linear negation. We show
that the category GC, with all the structure above, is a
categorical model for Linear Logic, but not exactly the
classical one.
In the last chapter a comonad and a monad are defined to model
the exponentials “!” and “?”. To define these endofunctors, we
use Beck’s distributive laws in an interesting way. Finally, we
show that the Kleisli category GC! is cartesian closed and that
the categories DC and GC are related by a Kleisli construction.
cam.ac.uk//UCAM-CL-TR-214
2021-03-08
Integrating knowledge of purpose and knowledge of
structure for design evaluation
Bradshaw, J.A.
Young, R.M.
University of Cambridge, Computer Laboratory
1991-02
en
Text
UCAM-CL-TR-214
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-214.pdf
This paper describes a knowledge representation strategy, for
mechanical devices, which combines Knowledge of Structure and
Knowledge of Purpose. Knowledge of Purpose specifies how devices
are expected to behave and Knowledge of Structure details how
devices are connected. Knowing ‘correct’ behaviour (Knowledge of
Purpose) it is possible to usefully comment on any generated
behaviour, predicted or actual. Generation of behaviour is a
bottom up process (from components to systems) whereas behaviour
evaluation is top down (from systems to components). Common
purpose is used to group devices into systems.
The core evaluation activity is the generation of an
envisionment graph (similar to that described by deKleer and
Brown [deK84]). The complete graph represents the full set of
predicted behaviour states for the represented device. These
behaviour states are compared with the Knowledge of Purpose
behaviour descriptions; if conflicts are found then these are
described and the structure and purpose descriptions of the
device are scanned to establish the source of the conflict. The
ideas discussed in this paper are implemented in the Doris
system which is described.
cam.ac.uk//UCAM-CL-TR-215
2016-07-22
A structured approach to the verification of low level
microcode
Curzon, Paul
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-215
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-215.pdf
Errors in microprograms are especially serious since all higher
level programs on the machine depend on the microcode. Formal
verification presents one avenue which may be used to discover
such errors. Previous systems which have been used for formally
verifying microcode may be categorised by the form in which the
microcode is supplied. Some demand that it be written in a high
level microprogramming language. Conventional software
verification techniques are then applied. Other methods allow
the microcode to be supplied in the form of a memory image. It
is treated as data to an interpreter modelling the behaviour of
the microarchitecture. The proof is then performed by symbolic
execution. A third solution is for the code to be supplied in an
assembly language and modelled at that level. The assembler
instructions are converted to commands in a modelling language.
The resulting program is verified using traditional software
verification techniques.
In this dissertation I present a new universal microprogram
verification system. It achieves many of the advantages of the
other kinds of systems by adopting a hybrid approach. The
microcode is supplied as a memory image, but it is transformed
by the system to a high level program which may be verified
using standard software verification techniques. The structure
of the high level program is obtained from user supplied
documentation. I show that this allows microcode to be split
into small, independently validatable portions even when it was
not written in that way. I also demonstrate that the techniques
allow the complexity of detail due to the underlying
microarchitecture to be controlled at an early stage in the
validation process. I suggest that the system described would
combine well with other validation tools and provide help
throughout the firmware development cycle. Two case studies are
given. The first describes the verification of Gordon’s
computer. This example being fairly simple, provides a good
illustration of the techniques used by the system. The second
case study is concerned with the High Level Hardware Orion
computer which is a commercially produced machine with a fairly
complex microarchitecture. This example shows that the
techniques scale well to production microarchitectures.
cam.ac.uk//UCAM-CL-TR-216
2022-10-17
Exploiting OR-parallelism in Prolog using multiple
sequential machines
Klein, Carole Susan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-216
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-216.pdf
If the branches at each node of a tree are labelled, paths
through the tree can be represented by a sequence of labels
called an oracle. If an oracle leading to a node is followed,
all of the bindings and other state information associated with
a node will be recreated. Thus oracles are both a specification
for a path through the tree and a concide format for
representing the environment at a particular node.
This dissertation investigates the use of oracles for the
parallel execution of Prolog programs. The execution of a Prolog
program can be represented pictorially by an AND/OR tree. The
branches of OR nodes within this tree have no binding
dependencies so their evaluation can be performed on separate
processors. If one of more of these OR branches is explored in
parallel, OR-parallelism is exploited in the Prolog program.
A distributed system called the Delphi Machine has been designed
and implemented to exploit the OR-parallelism inherent in Prolog
programs. In the implementation described in this dissertation,
Delphi runs on a group of uniprocessors connected by Ethernet.
Various control strategies using oracles to control the parallel
search are investigated. The execution times for Prolog programs
run on the Delphi Machine are compared with those of a compiled
and an interpreted sequential Prolog system. The results show
that a distributed system using oracles to control the parallel
search can be an efficient way to exploit OR parallelism in
nondeterministic programs.
Because of overheads imposed by the Delphi algorithm, a program
executed on a single processor Delphi machine runs at
approximately one half the speed as the same program executed on
the unmodified prolog system. For a twenty processor
configuration, the speed ups obtained vary from approximately
two to nine times depending on the amount of OR-parallelism
which can be exploited by Delphi. Problems with large amounts of
OR-parallelism show a nearly linear speedup.
cam.ac.uk//UCAM-CL-TR-217
2022-10-17
Dynamic bandwidth management
Harita, Bhaskar Ramanathan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-217
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-217.pdf
Recent advances in semiconductor and optical technologies have
contributed greatly to the evolution of broadband integration of
multi-service traffic. The asynchronous transfer mode (ATM) has
been proposed as the target technique for broadband integrated
services digital networks (BISDNs) based on fast packet
switching and optical fibre transmission. A primary advantage of
ATM is that variable bit rate services can be supported
efficiently, which meets the basic needs of flexibility and
service independence required of integrated services networks.
In order to fully exploit this flexibility and enchance network
efficiency by statistical multiplexing it is important that
there be effective methods of bandwidth management and
congestion control.
This dissertation describes the use of dynamic bandwidth
management to support an ATM overlay superimposed on a public,
primary rate ISDN. The overlay architecture provides for the
flexible aggregation of switched circuits into larger bandwidth
channels. The channels are formatted into a common packet
encoding and packets from different sources are statistically
multiplexed onto them. In this work, different control schemes
that dynamically vary the bandwidth of the channels in a
transparent fashion, using out-of-band signalling, are
contrasted. The bandwidth is adjusted by adding or deleting
circuits in reaction to the traffic rates and the queue sizes at
the channels. Performance models of simple bandwidth control
schemes as queueing schemes are analysed by the use of moment
generating functions
Packet transfer on the overlay is virtual circuit based and
connection requests are accepted on the basis of their bandwidth
requirements. Dynamic bandwidth management is used to supplement
static bandwidth allocations in a congestion control framework
presented for the overlay. The cost effectiveness of dynamic
bandwidth control is examined for the tarrif structure
implemented by the underlying public ISDN.
The contributions of this dissertation are the development of
schemes for dynamic bandwidth management, their implementation
on an ATM testbed and the analysis of performance models for
bandwidth control validated by simulation and experiment.
cam.ac.uk//UCAM-CL-TR-218
2021-01-07
Higher-order critical pairs
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1991-04
en
Text
UCAM-CL-TR-218
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-218.pdf
We consider rewrite systems over simply typed λ-terms with
restricted left-hand sides. This gives rise to a one-step
reduction relation whose transitive, reflexive and symmetric
closure coincides with equality. The main result of this paper
is a decidable confluence criterion which extends the well-known
critical pairs to a higher-order setting. Several applications
to typed λ-calculi and proof theory are shown.
cam.ac.uk//UCAM-CL-TR-219
2021-01-07
Fairisle project working documents : Snapshot
1
Leslie, Ian M.
McAuley, Derek M.
Hayter, Mark
Black, Richard
Beller, Reto
Newman, Peter
Doar, Matthew
University of Cambridge, Computer Laboratory
1991-03
en
Text
UCAM-CL-TR-219
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-219.pdf
This report contains the current versions of the documents
associated with the fairisle project. These include both papers
and draft documents. This collection of documents was made on
March 21, 1991. Updated versions will be issued with later
snapshot numbers which will replace earlier versions. The
present collection includes the following documents:
Fairisle: Network architecture and components / Ian Leslie and
Derek McAuley.
Fairisle port controller: design and ideas / Mark Hayter and
Richard Black.
Fairisle VME interface (draft) / Reto Beeler.
A Slotted ring copy fabric for a multicast fast packet switch /
Peter Newman and Matthew Doar.
Universal Fairisle connector (proposed)
cam.ac.uk//UCAM-CL-TR-220
2022-10-18
A distributed architecture for multimedia communication
systems
Nicolaou, Cosmos Andrea
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-220
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-220.pdf
Technological advances in digital communications and in personal
computer workstations are beginning to allow the generation,
communication and presentation of multiple information media
simultaneously. In particular, the ability to support real-time
voice and video makes a new range of advanced and highly
interactive multimedia applications possible. These applications
are not restricted to the computer industry, but extend to other
technologically intensive industries which have some form of
multimedia communication requirement. Such industries include
medicine, conferencing, teaching, broadcasting, publishing and
printing. Each of these application areas has its own particular
set of requirements and makes corresponding demands on the
computer systems used.
Such a wide range of application areas leads to a
correspondingly large and diverse set of requirements of the
systems used to implement them. In addition, the real-time
nature of voice, and especially video, place heavy demands on
the underlying systems. Many of these requirements and demands
are not met by existing computer communication systems. This is
due to the fact that the architectural models used to design and
implement these systems were constructed before the
technological advances making multimedia communication possible
took place. As a result existing multimedia systems have tended
to concentrate either on low level implementation issues (e.g.
communication networks and protocols)or on a single restricted
application area, without paying any regard to their respective
problems and requirements. The inevitable consequence is that
there is a mismatch between the functions provided at the lower
levels and those actually required by higher level applications.
This dissertation presents an attempt to overcome these problems
by defining a new architecture for multimedia communication
systems which recognises and supports a wide range of
application requirements, in addition to satisfying the
requirements made by the information media themselves. A
thorough survey of existing multimedia systems was conducted in
order to identify and understand the requirements made by both
applications and information media led to the formulation of a
set of design principles. In recognition of the fact that any
multimedia communication system is inherently distributed in
nature, the architecture is presented as an extension of
existing distributed systems.
The resulting architecture is called the Integrated Multimedia
Applications Communication architecture (IMAC) and a prototype
implementation of IMAC has been constructed and used to evaluate
the utility and feasibility of the architecture and to identify
its strength and weaknesses.
cam.ac.uk//UCAM-CL-TR-221
2005-06-01
Transforming axioms for data types into sequential
programs
Milne, Robert
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-221
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-221.pdf
A process is proposed for refining specifications of abstract
data types into efficient sequential implementations. The
process needs little manual intervention. It is split into three
stages, not all of which need always be carried out. The three
stages entail interpreting equalities as behavioural
equivalences, converting functions into procedures and replacing
axioms by programs. The stages can be performed as automatic
transformations which are certain to produce results that meet
the specifications, provided that simple conditions hold. These
conditions describe the adequacy of the specifications, the
freedom from interference between the procedures, and the mode
of construction of the procedures. Sufficient versions of these
conditions can be checked automatically. Varying the conditions
could produce implementations for different classes of
specification. Though the transformations could be automated,
the intermediate results, in styles of specification which cover
both functions and procedures, have interest in their own right
and may be particularly appropriate to object-oriented design.
cam.ac.uk//UCAM-CL-TR-222
2022-10-18
Extensions to coloured petri nets and their application
to protocols
Billington, Jonathan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-222
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-222.pdf
This dissertation develops a net theoretic specification
technique for an area known as protocol engineering that covers
the life-cycle of protocols. After surveying the application of
net theory to protocol engineering, the fundamentals of the
specification technique are presented. The technique is based on
Jensen’s Coloured Petri Nets (CP-nets).
To increase their expressive power, CP-nets are extended by
including place capacities and an inhibitor function, leading to
the definition of a class of extended CP-nets, known as P-nets.
To allow the analysis techniques developed for CP-nets to be
applied to P-nets, a transformation from P-nets to CP-nets is
formalised and it is proved that it preserves interleaving
behaviour. The transformation is based on the notion of
contemporary places (known from Place/Transition-nets) and
involves the definition and proof of a new complementary place
invariant for CP-nets. A class of P-nets is defined where true
concurrency is preserved under the transformation.
A graphical form of P-nets, known as a P-graph, is formally
defined, drawing upon the notions developed for algebraic
specification of abstract data types. Arc inscriptions are
multisets of terms generated from a many-sorted signature.
Transition conditions are Boolean expressions derived from the
same signature. An interpretation of the P-Graph is given in
terms of a corresponding P-net. In the P-Graph, concrete sets
are associated with places, and likewise there are concrete
initial marking and capacity multisets. P-Graphs are useful for
specification at a concrete level, and allow classes of nets,
such as CP-Graphs, many-sorted Algebraic nets and many-sorted
Predicate/Transition nets, to be defined as special cases. They
also provide the basis for a comparison with other high-level
nets such as Predicate/Transition nets and Algebraic nets. An
extended place capacity notation is developed to allow for the
convenient representation of resource bounds in the graphical
form.
Abstract P-Graphs are defined in a similar way to P-Graphs, but
this time sorts are associated with places, and markings and
capacities are defined at the syntactic level. This is useful
for more abstract specifications (such as classes of
communication protocols) and for their analysis.
Part of the motivation for the extensions to CP-nets has been to
develop convenient constructs for the purging of a place’s
marking (or part of the marking), by the occurrence of a single
transition. This is achieved by equating the inscriptions of the
inhibitor and normal arc. Some convenient notation is developed
for the P-Graph for purging parts of a place’s marking.
Some simple communications-oriented examples are presented
including queues and the Demon Game developed by the
International Organisation for Standardisation as a test case
for formal description techniques. A major case study of the
M-Access service of the Cambridge Fast Ring is specified with
the P-Graph to illustrate the utility of a number of the
extensions developed for P-nets.
cam.ac.uk//UCAM-CL-TR-223
2021-01-18
Shallow processing and automatic summarising: a first
study
Gladwin, Philip
Pulman, Stephen
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1991-05
en
Text
UCAM-CL-TR-223
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-223.pdf
This report describes a study of ten simple texts, investigating
various discourse phenomena to see how they might be exploited,
in shallow text processing, for summarising purposes. The
processing involved was a simulation of automatic analysis which
is in principle within reach of the state of the art. Each text
was treated by a version of Sidner’s focusing algorithm. The
products of this were fed into subsidiary stages of analysis to
provide an assessment of the activity of the various discourse
entities within each text. A concurrent process examined the
occurrence of orthographically identical noun phrase forms.
Appendices give the ten texts, a complete specification of the
version of the focusing algorithm in use, and the full
experimental results. These suggest, especially when the brevity
of the test texts is taken into account, that the type of
information given by focusing has potential but limited value
for summarising.
cam.ac.uk//UCAM-CL-TR-224
2022-10-18
Generalised probabilistic LR parsing of natural language
(corpora) with unification-based grammars
Briscoe, Ted
Carroll, John
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-224
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-224.pdf
We describe work towards the construction of a very
wide-coverage probabilistic parsing system for natural language
(NL), based on LR parsing techniques. The system is intended to
rank the large number of syntactic analyses produced by NL
grammars according to the frequency of occurrence of the
individual rules deployed in each analysis. We discuss a fully
automatic procedure for constructing an LR parse table from a
unification-based grammar formalism, and consider the
suitability of alternative LALR(1) parse table construction
methods for large grammars. The parse table is used as the basis
for two parsers; a user-driven interactive system which provides
a computationally tractable and labour-efficient method of
supervised learning of the statistical information required to
drive the probabilistic parser. The latter is constructed by
associating probabilities with the LR parse table directly. This
technique is superior to parsers based on probabilistic lexical
tagging or probabilistic context-free grammar because it allows
for a more context dependent probabilistic language model, as
well as use of a more linguistically adequate grammar formalism.
We compare the performance of an optimised variant of Tomita’s
(1987) generalised LR parsing algorithm to an (efficiently
indexed and optimised) chart parser. We report promising results
of a pilot study training on 151 noun definitions from the
Longman Dictionary of Contemporary English (LDOCE) and retesting
on these plus a further 54 definitions. Finally we discuss
limitations of the current system and possible extensions to
deal with lexical (syntactic and semantic) frequency of
occurrence.
cam.ac.uk//UCAM-CL-TR-225
2018-03-27
Categorical multirelations, linear logic and petri nets
(draft)
de Paiva, Valeria
University of Cambridge, Computer Laboratory
1991-05
en
Text
UCAM-CL-TR-225
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-225.pdf
This note presents a categorical treatment of multirelations,
which is, in a loose sense a generalisation of both our previous
work on the categories GC, and of Chu’s construction A_NC
[Barr’79]. The main motivation for writing this note was the
utilisation of the category GC by Brown and Gurr [BG90] to model
Petri nets. We wanted to extend their work to deal with
multirelations, as Petri nets are usually modelled using
multirelations pre and post. That proved easy enough and people
interested mainly in concurrency theory should refer to our
joint work [BGdP’91], this note deals with the mathematics
underlying [BGdP’91]. The upshot of this work is that we build a
model of Intuitionistic Linear Logic (without modalities) over
any symmetric monoidal category C with a distinguished object
(N, ≤, ∘, e −∘) – a closed poset. Moreover, if the category C is
cartesian closed with free monoids, we build a model of
Intuitionistic Linear Logic with a non-trivial modality ‘!’ over
it.
cam.ac.uk//UCAM-CL-TR-226
2016-07-22
A new approach for improving system
availability
Lam, Kwok-yan
University of Cambridge, Computer Laboratory
1991-06
en
Text
UCAM-CL-TR-226
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-227
2016-07-22
Priority in process calculi
Camilleri, Juanito Albert
University of Cambridge, Computer Laboratory
1991-06
en
Text
UCAM-CL-TR-227
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-228
2018-03-27
The desk area network
Hayter, Mark
McAuley, Derek
University of Cambridge, Computer Laboratory
1991-05
en
Text
UCAM-CL-TR-228
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-228.ps.gz
A novel architecture for use within an end computing system is
described. This attempts to extend the concepts used in modern
high speed networks into computer system design. A multimedia
workstation is being built based on this concept to evaluate the
approach.
cam.ac.uk//UCAM-CL-TR-229
2003-01-01
Abstraction of image and pixel : The thistle display
system
Brown, David J.
University of Cambridge, Computer Laboratory
1991-08
en
Text
UCAM-CL-TR-229
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-230
2018-03-19
Proceedings of the Second Belief Representation and
Agent Architectures Workshop (BRAA ’91)
Galliers, J.
University of Cambridge, Computer Laboratory
1991-08
en
Text
UCAM-CL-TR-230
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-231
2016-07-22
Managing the order of transactions in widely-distributed
data systems
Yahalom, Raphael
University of Cambridge, Computer Laboratory
1991-08
en
Text
UCAM-CL-TR-231
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-232
2011-05-27
Mechanising set theory
Corella, Francisco
University of Cambridge, Computer Laboratory
1991-07
en
Text
UCAM-CL-TR-232
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-232.pdf
Set theory is today the standard foundation of mathematics, but
most proof development sysems (PDS) are based on type theory
rather than set theory. This is due in part to the difficulty of
reducing the rich mathematical vocabulary to the economical
vocabulary of the set theory. It is known how to do this in
principle, but traditional explanations of mathematical
notations in set theoretic terms do not lead themselves easily
to mechanical treatment.
We advocate the representation of mathematical notations in a
formal system consisting of the axioms of any version of
ordinary set theory, such as ZF, but within the framework of
higher-order logic with λ-conversion (H.O.L.) rather than
first-order logic (F.O.L.). In this system each notation can be
represented by a constant, which has a higher-order type when
the notation binds variables. The meaning of the notation is
given by an axiom which defines the representing constant, and
the correspondence between the ordinary syntax of the notation
and its representation in the formal language is specified by a
rewrite rule. The collection of rewrite rules comprises a
rewriting system of a kind which is computationally well
behaved.
The formal system is justified by the fact than set theory
within H.O.L. is a conservative extension of set theory within
F.O.L. Besides facilitating the representation of notations, the
formal system is of interestbecause it permits the use of
mathematical methods which do not seem to be available in set
theory within F.O.L.
A PDS, called Watson, has been built to demonstrate this
approach to the mechanization of mathematics. Watson embodies a
methodology for interactive proof which provides both
flexibility of use and a relative guarantee of correctness.
Results and proofs can be saved, and can be perused and modified
with an ordinary text editor. The user can specify his own
notations as rewrite rules and adapt the mix of notations to
suit the problem at hand; it is easy to switch from one set of
notations to another. As a case study, Watson has been used to
prove the correctness of a latch implemented as two
cross-coupled nor-gates, with an approximation of time as a
continuum.
cam.ac.uk//UCAM-CL-TR-233
2018-03-27
A development environment for large natural language
grammars
Carroll, John
Briscoe, Ted
Grover, Claire
University of Cambridge, Computer Laboratory
1991-07
en
Text
UCAM-CL-TR-233
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-234
2017-07-13
Two tutorial papers: Information retrieval &
Thesaurus
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1991-08
en
Text
UCAM-CL-TR-234
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-234.pdf
The first paper describes the characteristics of information
retrieval from documents or texts, the development and status of
automatic indexing and retrieval, and the actual and potential
relations between information retrieval and artificial
intelligence. The second paper discusses the properties,
construction and actual and potential uses of thesauri, as
semantic classifications or terminological knowledge bases, in
information retrieval and natural language processing.
cam.ac.uk//UCAM-CL-TR-235
2016-07-22
Modelling and image generation
Wang, Heng
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-235
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-236
2020-01-28
Using knowledge of purpose and knowledge of structure as
a basis for evaluating the behaviour of mechanical
systems
Bradshaw, John Anthony
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-236
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-237
2022-10-20
Computing presuppositions in an incremantal language
processing system
Bridge, Derek G.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-237
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-237.pdf
This thesis describes the design and implementation of a natural
language analysis system for the computation of presuppositions.
The system is one in which syntactic, semantic and pragmatic
processing are interleaved with feedback to syntactic analysis
from semantic and pragmatic processing. The thesis begins by
illustrating how the system processes definite noun phrases. The
mechanisms used for this are then shown to be easily extensible
to processing other parts of speech such as indefinite noun
phrases and verb phrases.
Definite noun phrases have been said to be presupposition
triggers. This means that traditionally they have been seen as
licensing certain inferences — presuppositions. In the system
described herein, presuppositions are treated as a special kind
of inference: preconditions. This treatment for definite noun
phrases can be extended to give a uniform account of all
presupposition triggers (e.g. factive verbs). It is a view that
makes it clear that presuppositions are not ‘optional extras’
that might or might not be derived once a semantic
representation of an utterance has been produced. Rather, they
play an essential role in driving the utterance analysis
process: the failure of a presupposition, i.e. failure to
satisfy a precondition, can direct the system to choose an
alternative reading of an utterance of an ambiguous sentence.
As it processes an utterance, the system builds and regularly
consults a representation of contextual knowledge referred to as
a discourse model. Importantly, the system checks whether
presuppositions are satisfied against the discourse model.
Presupposition failure, i.e. a presupposition not being
satisfied by the discourse model, is not necessarily the same as
a presupposition being false in, e.g., the ‘real’ world.
Checking presuppositions for satisfaction in a discourse model
and not for truth in a possible world offers new ideas on the
behaviour of presuppositions in utterances of negative and
complex sentences.
In utterances of negative sentences, presuppositions must still
be satisfied by the discourse model. Presuppositions cannot be
cancelled as they can in other accounts. Rather, presupposition
“cancellation” data is explained in terms of utterances that
make metalinguistic statements about the model-theoretic
interpretation of the discourse model. It is shown that
computing presuppositions in an incremental system gives a
simple account of most of the data relating to the behaviour of
presuppositions in utterancesof compound sentences and longer
stretches of text (the so-called “projection problem”).
Presuppositions must again be satisfied by the discourse model,
but they may be satisfied by virtue of changes made to the
discourse model by earlier parts of the utterance or text.
cam.ac.uk//UCAM-CL-TR-238
2022-10-20
Proceedings of the ACQUILEX Workshop on Default
Inheritance in the lexicon
Briscoe, Ted
Copestake, Ann
de Paiva, Valeria
University of Cambridge, Computer Laboratory
1991-10
en
Text
UCAM-CL-TR-238
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-238.pdf
The ACQUILEX Esprit BRA (Basic Research Action) research project
is concerned with the acquisition and representation of lexical
information from machine readable dictionaries for use in
Natural Language Processing. The Cambridge group of the ACQUILEX
project organised a Workshop on Default Inheritance in April
1991, the main purpose of which was to review approaches to
default inheritance for lexical organisation and representation.
The emphasis from ACQUILEX’s point of view was in implementing a
practical system capable of supporting substantial lexicons,
based on existing proposals to incorporate (default) inheritance
into a unification-based framework similar to DATR (Gazdar and
Evans, 1989) and HPSG (e.g. Carpenter, 1990).
The workshop consisted of two days of talks, where theoretical
and implementational issues on default inheritance were
discussed, as well as a last day of demonstrations of
implemented systems. Papers from several European colaborative
projects on the topic of the workshop were presented – see
enclosed list of titles and affiliations. The Cambridge ACQUILEX
group presented and demonstrated the ACQUILEX lexical knowledge
base (LKB) system and provided a tutorial on use of the
software. The TFS system of the project POLYGLOSS and the system
ELU of the group at ISSCO were also discussed and demonstrated.
Many thanks to all the participants for the lively discussions –
exactly what workshops are supposed to be for.
cam.ac.uk//UCAM-CL-TR-239
2016-09-19
Planning multisentential English text using
communicative acts
Maybury, Mark Thomas
University of Cambridge, Computer Laboratory
1991-12
en
Text
UCAM-CL-TR-239
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-239.pdf
The goal of this research is to develop explanation presentation
mechanisms for knowledge based systems which enable them to
define domain terminology and concepts, narrate events,
elucidate plans, processes, or propositions and argue to support
a claim or advocate action. This requires the development of
devices which select, structure, order and then linguistically
realize explanation content as coherent and cohesive English
text.
With the goal of identifying generic explanation presentation
strategies, a wide range of naturally occurring texts were
analyzed with respect to their communicative structure,
function, content and intended effects on the reader. This
motivated an integrated theory of communicative acts which
characterizes text at the level of rhetorical acts (e.g.
describe, define, narrate), illocutionary acts (e.g. inform,
request), and locutionary acts (ask, command). Taken as a whole,
the identified communicative acts characterize the structure,
content and intended effects of four types of text: description,
narration, exposition, argument. These text types have distinct
effects such as getting the reader to know about entities, to
know about events, to understand plans, processes, or
propositions, or to believe propositions or want to perform
actions. In addition to identifying the communicative function
and effect of text at multiple levels of abstraction, this
dissertation details a tripartite theory of focus of attention
(discourse focus, temporal focus and spatial focus) which
constrains the planning and linguistic realization of text.
To test the integrated theory of communicative acts and
tripartite theory of focus of attention, a text generation
system TEXPLAN (Textual EXplanation PLANner) was implemented
that plans and linguistically realizes multisentential and
multiparagraph explanations from knowledge based systems. The
communicative acts identified during text analysis were
formalized over sixty compositional and (in some cases)
recursive plan operators in the library of a hierarchical
planner. Discourse, temporal and spatial models were implemented
to track and use attentional information to guide the
organization and realization of text. Because the plan operators
distinguish between the communicative function (e.g. argue for a
proposition) and the expected effect (e.g. the reader believes
the proposition) of communicative acts, the system is able to
construct a discourse model of the structure and function of its
textual responses as well as a user model of the expected
effects of its responses on the reader’s knowledge, beliefs, and
desires. The system uses both the discourse model and user model
to guide subsequent utterances. To test its generality, the
system was interfaced to a variety of domain applications
including a neuropsychological diagnosis system, a mission
planning system, and a knowledge based mission simulator. The
system produces descriptions, narratives, expositions and
arguments from these applications, thus exhibiting a broader
ranger of rhetorical coverage then previous text generation
systems.
cam.ac.uk//UCAM-CL-TR-240
2021-03-08
Symbolic compilation and execution of programs by proof:
a case study in HOL
Camilleri, Juanito
University of Cambridge, Computer Laboratory
1991-12
en
Text
UCAM-CL-TR-240
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-240.pdf
This paper illustrates the symbolic compilation and execution of
programs by proof using the proof assistant HOL. We formalise
the operational semantics of an Occam-like programming language
oc and show how synchronous communication in oc compiles to an
intermediate programming language Safe, whose compilation yields
instructions intended to drive machines that communicate via
shared memory. We show how the symbolic formal manipulation of
terms of a programming language, subject to the definition of
its semantics, can animate a desired effect — be it compilation
or execution. Needless to say, such compilation and execution by
proof is rather slow, but it is fast enough to give vital
feedback about the compilation algorithm being used. Without
such animation it is hard to anticipate whether the compilation
algorithm is reasonable before attempting to verify it. This is
particularly true when attempting to find a plausible
handshaking protocol that implements synchronous communication.
cam.ac.uk//UCAM-CL-TR-241
2022-10-27
Learning in large state spaces with an application to
biped robot walking
Vogel, Thomas Ulrich
University of Cambridge, Computer Laboratory
1991-12
en
Text
UCAM-CL-TR-241
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-241.pdf
Autonomous robots must be able to operate in complex, obstacle
cluttered environments. To do this the robots must be able to
focus on the important aspects of their environment, create
basic strategies to carry out their operations, generalise these
strategies and finally learn from successful experiences.
Based on simulated dynamic biped robot walking, this thesis
investigates these issues. An algorithm is given which analyses
the state space of the robot and orders the dimensions of the
state space by their importance relative to the task of the
robot. Using this analysis of its state space, the robot is able
to generate a set of macros (gaits) which enable it to operate
in its immediate environment. We then present a control
algorithm which allows the robot to control the execution of its
gaits
Once the robot has learned to walk on an obstacle-free
horizontal surface, it uses its knowledge about gaits in order
to derive obstacle crossing gaits from existing gaits. A
strategy based on the qualitative equivalence between two
behaviours is introduces in order to derive new behavioural
patterns from previous ones. This enables the robot to reason
about its actions at a higher level of abstraction. This
facilitates the transfer and adaptation of existing knowledge to
new situations. As a result, the robot is able to derive
stepping over an obstacle from stepping on a horizontal surface.
Finally, the robot analyses its successful obstacle crossings in
order to generate a generic obstacle crossing strategy. The
concept of a virtual evaluation function is introduced in order
to describe how the robot has to change its search strategy in
order to search successfully for obstacle crossing behaviours.
This is done by comparing how the successful obstacle crossing
of the robot differs from its normal behaviour. By analysing and
operationalising these differences, the robot acquires the
capability to overcome previously unencountered obstacles. The
robot’s obstacle crossing capabilities are demonstrated by
letting the robot walk across randomly generated obstacle
combinations
cam.ac.uk//UCAM-CL-TR-242
2020-01-28
An object-oriented approach to virtual memory
management
Mapp, Glenford Ezra
University of Cambridge, Computer Laboratory
1992-01
en
Text
UCAM-CL-TR-242
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-242.pdf
Advances in computer technology are being pooled together to
form a new computing environment which is characterised by
powerful workstations with vast amounts of memory connected to
high speed networks. This environment will provide a large
number of diverse services such as multimedia communications,
expert systems and object-oriented databases. In order to
develop these complex applications in an efficient manner, new
interfaces are required which are simple, fast and flexible and
allow the programmer to use an object-oriented approach
throughout the design and implementation of an application.
Virtual memory techniques are increasingly being used to build
these new facilities.
In addition since CPU speeds continue to increase faster than
disk speeds, an I/O bottleneck may develop in which the CPU may
be idle for long periods waiting for paging requests to be
satisfied. To overcome this problem it is necessary to develop
new paging algorithms that better reflect how different objects
are used. Thus a facility to page objects on a per-object basis
is required and a testbed is also needed to obtain experimental
data on the paging activity of different objects.
Virtual memory techniques, previously only used in mainframe and
minicomputer architectures, are being employed in the memory
management units of modern microprocessors. With very large
address spaces becoming a standard feature of most systems, the
use of memory mapping is seen as an effective way of providing
greater flexibility as well as improved system efficiency.
This thesis presents an object-oriented interface for memory
mapped objects. Each object has a designated object type.
Handles are associated with different object types and the
interface allows users to define and manage new object types.
Moving data between the object and its backing store is done by
user-level processes called object managers. Object managers
interact with the kernel via a specified interface thus allowing
users to build their own object managers. A framework to compare
different algorithms was also developed and an experimental
testbed was designed to gather and analyse data on the paging
activity of various programs. Using the testbed, conventional
paging algorithms were applied to different types of objects and
the results were compared. New paging algorithms were designed
and implemented for objects that are accessed in a highly
sequential manner.
cam.ac.uk//UCAM-CL-TR-243
2021-09-07
Automating the librarian: a fundamental approach using
belief revision
Cawsey, Alison
Galliers, Julia
Reece, Steven
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1992-01
en
Text
UCAM-CL-TR-243
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-243.pdf
This paper describes a current research project investigating
belief revision in intelligent systems by modelling the
librarian in interaction with a literature-seeking user. The
work is designed to both test a theory of agent behaviour based
on belief revision proposed by Galliers, and to evaluate a model
of the librarian developed by Belkin, Brooks and Daniels,
through computational implementation. Agent communication is
seen as motivated by and motivating belief changes, where belief
revision is determined by coherence, combining endorsement,
connectivity and conservatism. The librarian is viewed as a
distributed expert system with many individual specialised
functions operating in particular belief domains. The paper
describes our first implementation of the belief revision
mechanism and of a very primative librarian, designed to test
the basic viability of our ideas and to allow us to explore
different forms of the distributed system architecture.
cam.ac.uk//UCAM-CL-TR-244
2021-03-08
A mechanized theory of the π-calculus in HOL
Melham, T.F.
University of Cambridge, Computer Laboratory
1992-01
en
Text
UCAM-CL-TR-244
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-244.pdf
The π-calculus is a process algebra developed at Edinburgh by
Milner, Parrow and Walker for modelling concurrent systems in
which the pattern of communication between processes may change
over time. This paper describes the results of preliminary work
on a mechanized formal theory of the π-calculus in higher order
logic using the HOL theorem prover.
cam.ac.uk//UCAM-CL-TR-245
2016-07-22
System support for multi-service traffic
Dixon, Michael J.
University of Cambridge, Computer Laboratory
1992-01
en
Text
UCAM-CL-TR-245
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-245.pdf
Digital network technology is now capable of supporting the
bandwidth requirements of diverse applications such as voice,
video and data (so called multi-service traffic). Some media,
for example voice, have specific transmission requirements
regarding the maximum packet delay and loss which they can
tolerate. Problems arise when attempting to multiplex such
traffic over a single channel. Traditional digital networks
based on the Packet- (PTM) and Synchronous- (STM) Transfer Modes
prove unsuitable due to their media access contention and
inflexible bandwidth allocation properties respectively. The
Asynchronous Transfer Mode (STM) has been proposed as a
compromise between the PTM and STM techniques. The current state
of multimedia research suggests that a significant amount of
multi-service traffic will be handled by computer operating
systems. Unfortunately conventional operating systems are
largely unsuited to such a task. This dissertation is concerned
with the system organisation necessary in order to extend the
benefits of ATM networking through the endpoint operating system
and up to the application level. A locally developed
micro-kernel, with ATM network protocol support, has been used
as a testbed for the ideas presented. Practical results over
prototype ATM networks, including the 512 MHz Cambridge Backbone
Network, are presented.
cam.ac.uk//UCAM-CL-TR-246
2016-07-22
A relevance-based utterance processing system
Poznański, Victor
University of Cambridge, Computer Laboratory
1992-02
en
Text
UCAM-CL-TR-246
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-246.pdf
This thesis presents a computational interpretation of Sperber
and Wilson’s relevance theory, based on the use of non-monotonic
logic supported by a reason maintenance system, and shows how
the theory, when given a specific form in this way, can provide
a unique and interesting account of discourse processing.
Relevance theory is a radical theory of natural language
pragmatics which attempts to explain the whole of human
cognition using a single maxim: the Principle of Optimal
Relevance. The theory is seen by its originators as a
computationally more adequate alternative to Gricean pragmatics.
Much as it claims to offer the advantage of a unified approach
to utterance comprehension, Relevance Theory is hard to evaluate
because Sperber and Wilson only provide vague, high-level
descriptions of vital aspects of their theory. For example, the
fundamental idea behind the whole theory is that, in trying to
understand an utterance, we attempt to maximise significant new
information obtained from the utterance whilst consuming as
little cognitive effort as possible. However, Sperber and Wilson
do not make the nature of information and effort sufficiently
clear.
Relevance theory is attractive as a general theory of human
language communication and as a potential framework for
computational language processing systems. The thesis seeks to
clarify and flesh out the problem areas in order to develop a
computational implementation which is used to evaluate the
theory.
The early chapters examine and criticise the important aspects
of the theory, emerging with a schema for an ideal
relevance-based system. Crystal, a computational implementation
of an utterance processing system based on this schema is then
described. Crystal performs certain types of utterance
disambiguation and reference resolution, and computes
implicatures according to relevance theory.
An adequate reasoning apparatus is a key component of a
relevance based discourse processor, so a suitable knowledge
representation and inference engine are required. Various
candidate formalisms are considered, and a knowledge
representation and inference engine based on autoepistemic logic
is found to be the most suitable. It is then shown how this
representation can be used to meet particular discourse
processing requirements, and how it provides a convenient
interface to a separate abduction system that supplies not
demonstrative inferences according to relevence theory.
Crystal’s powers are illustrated with examples, and the thesis
shows how the design not only implements the less precise areas
of Sperber and Wilson’s theory, but overcomes problems with the
theory itself.
Crystal uses rather crude heuristics to model notions such as
salience and degrees of belief. The thesis thefore presents a
proposal and outline for a new kind of reason maintenance system
that supports non-monotonic logic whose formulae re labelled
with upper/lower probability ranges intended to represent
strength of belief. This system should facilitate measurements
of change in semantic information and shed some light on notions
such as expected utility and salience.
The thesis concludes that the design and implementation of
crystal provide evidence that relevance theory, as a generic
theory of language processing, is a viable alternative theory of
pragmatics. It therefore merits a greater level of investigation
than has been applied to it to date.
cam.ac.uk//UCAM-CL-TR-247
2022-10-27
Programming metalogics with a fixpoint type
Crole, Roy Luis
University of Cambridge, Computer Laboratory
1992-02
en
Text
UCAM-CL-TR-247
ISSN 1476-2986
A programming metalogic is a formal system into which
programming languages can be translated and given meaning. The
translation should reflect both the structure of the language
and make it easy to prove properties of programs. This thesis
develops certain metalogics using techniques of category theory
and treats recursion in a new way.
The notion of a category with a fixpoint logic is defined.
Corresponding to this categorical structure there are type
theoretic equational rules which will be present in all of the
metalogics considered. These rules define the fixpoint type
which will allow the interpretation of recursive declarations.
With these core notions FIX categories are defined. These are
the categorical equivalent of an equational logic which can be
viewed as a very basic programming metalogic. Recursion is
treated both syntactically and categorically.
The expressive power of the equational logic is increased by
embedding it in an intuitionistic predicate calculus, giving
rise to the FIX logic. This contains propositions about the
evaluation of computations to values and an induction principle
which is derived from the definition of a fixpoint object as an
initial algebra. The categorical structure which accompanies the
FIX logic is defined, called a FIX hyperdoctrine, and certain
existence and disjunction properties of FIX are stated. A
particular FIX hyperdoctrine is constructed and used in the
proof of the above properties.
PCF-style languages are translated into the FIX logic and
computational adequacy results are proved. Two languages are
studied: both are similar to PCF except one has call by value
recursive function declarations and the other higher order
conditionals.
A dependently typed equational logic containing a fixpoint type
and a universal type is given together with its related
categorical structure, namely a FIX category with attributes. A
representation theorem for Scott predomains is proved, which
gives rise to a concrete example of such a FIX category with
attributes. Recursive domain equations give rise to
endofunctions on the universal type; using the fixpoint type we
may solve for fixpoints of such endofunctions and thus obtain a
solution the original domain as the type coded by the fixpoint.
cam.ac.uk//UCAM-CL-TR-248
2018-03-27
On efficiency in theorem provers which fully expand
proofs into primitive inferences
Boulton, Richard J.
University of Cambridge, Computer Laboratory
1992-02
en
Text
UCAM-CL-TR-248
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-248.dvi.gz
Theorem Provers which fully expand proofs into applications of
primitive inference rules can be made highly secure, but have
been criticized for being orders of magnitude slower than many
other theorem provers. We argue that much of this relative
inefficiency is due to the way proof procedures are typically
written and not all is inherent in the way the systems work. We
support this claim by considering a proof procedure for linear
arithmetic. We show that straightforward techniques can be used
to significantly cut down the computation required. An order of
magnitude improvement in the performance is shown by an
implementation of these techniques.
cam.ac.uk//UCAM-CL-TR-249
2021-09-07
A formalisation of the VHDL simulation cycle
Van Tassel, John P.
University of Cambridge, Computer Laboratory
1992-03
en
Text
UCAM-CL-TR-249
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-249.pdf
The VHSIC Hardware Description Language (VHDL) has been gaining
wide acceptance as a unifying HDL. It is, however, still a
language in which the only way of validating a design is by
careful simulation. With the aim of better understanding VHDL’s
particular simulation process and eventually reasoning about it,
we have developed a formalisation of VHDL’s simulation cycle for
a subset of the language. It has also been possible to embed our
semantics in the Cambridge Higher-Order Logic (HOL) system and
derive interesting properties about specific VHDL programs.
cam.ac.uk//UCAM-CL-TR-250
2021-09-07
TouringMachines: autonomous agents with
attitudes
Ferguson, Innes A.
University of Cambridge, Computer Laboratory
1992-04
en
Text
UCAM-CL-TR-250
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-250.ps.gz
It is becoming widely accepted that neither purely reactive nor
purely deliberative control techniques are capable of producing
the range of behaviours required of intelligent robotic agents
in dynamic, unpredictable, multi-agent worlds. We present a new
architecture for controlling autonomous, mobile agents –
building on previous work addressing reactive and deliberative
control methods. The proposed multi-layered control architecture
allows a resource-bounded, goal-directed agent to react
promptlyto unexpected changes in its environment; at the same
time it allows the agent to reason predictively about potential
conflicts by contrasting and projecting theories which
hypothesise other agents’ goals and intentions.
The line of research adopted is very much a pragmatic one. A
single common architecture has been implemented which, being
extensively parametrized allows an experimenter to study
functionally- and behaviourally-diverse agent configurations. A
principal aim of this research is to understand the role
different functional capabilities play in constraining an
agent’s behaviour under varying environmental conditions. To
this end, we have constructed an experimental testbed comprising
a simulated multi-agent world in which a variety of agent
configurations and bahaviours have been investigated. Some
experience with the new control architecture is described.
cam.ac.uk//UCAM-CL-TR-251
2022-10-27
Multipoint digital video communications
Jiang, Xiaofeng
University of Cambridge, Computer Laboratory
1992-04
en
Text
UCAM-CL-TR-251
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-251.pdf
Ever since the emergence of high-speed communication networks
and fast signal processing technology, digital video has been
attracting increased research interest. However, problems
associated with its use in a multipoint communication
environment have not been thouroughly investigated. In
particular, these include the avoidance of congestion on
multicast paths when multiple wideband sources are transmitting
simultaneously, and the ability to interchange different format
signals properly and efficiently. This dissertation addresses
these issues with a two-level communications architecture.
The congestion issue at the network level is dealt with by
several stream multicast path finding algorithms which are
either centralised or distributed to suit various application
environments. Different ways of integrating communication link
capacities are investigated for supporting simultaneous
transmission of broadband signals with minimum effect on network
traffic and maximum success in path finding. Simulation results
demonstrate performance improvements over conventional multicast
path finding algorithms.
The format issue at the presentation level is dealt with by an
intermediate format or general representation of digital video
streams. Signals under this scheme are organised in a form to
facilitate their interchange and scalable receiving in
multipoint communication applications. Issues including frame
segmentation and coding description are investigated. An
experimental system implementing a simple version of the scheme
is presented along with test results on picture quality
degredation from conversion of various types and related timing
characteristics.
cam.ac.uk//UCAM-CL-TR-252
2017-07-13
A co-induction principle for recursively defined
domains
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-252
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-252.ps.gz
This paper establishes a new property of predomains recursively
defined using the cartesian product, disjoint union, partial
function space and convex powerdomain constructors. We prove
that the partial order on such a recuirsive predomain D is the
greatest fixed point of a certain monotone operator associated
to D. This provides a structurally defined family of proof
principles for these recursive predomains: to show that one
element of D approximates another, it suffices to find a binary
relation containing the two elements that is a post-fixed point
for the associated monotone operator. The statement of the proof
principles is independent of any of the various methods
available for explicit construction of recursive predomains.
Following Milner and Tofte, the method of proof is called
co-induction. It closely resembles the way bisimulations are
used in concurrent process calculi.
Two specific instances of the co-induction principle already
occur in the work of Abramsky in the form of ‘internal full
abstraction’ theorems for denotational semantics of SCCS and the
lazy lambda calculus. In the first case post-fixed binary
relations are precisely Abramsky’s partial bisimulations,
whereas in the second case they are his applicative
bisimulations. The coinduction principle also provides an
apparently useful tool for reasoning about the equality of
elements of recursively defined datatypes in (strict or lazy)
higher order functional programming languages.
cam.ac.uk//UCAM-CL-TR-253
2003-01-01
The (other) Cambridge ACQUILEX papers
Sanfilippo, Antonio
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-253
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-254
2018-03-27
A HOL semantics for a subset of ELLA
Boulton, Richard J.
University of Cambridge, Computer Laboratory
1992-04
en
Text
UCAM-CL-TR-254
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-254.dvi.gz
Formal verification is an important tool in the design of
computer systems, especially when the systems are safety or
security critical. However, the formal techniques currently
available are not well integrated into the set of tools more
traditionally used by designers. This work is aimed at improving
the integration by providing a formal semantics for a subset of
the hardware description language ELLA, and by supporting this
semantics in the HOL theorem proving system, which has been used
extensively for hardware verification.
A semantics for a subset of ELLA is described, and an outline of
a proof of the equivalence of parallel and recursive
implementations of an n-bit adder is given as an illustration of
the semantics. The proof has been performed in an extension of
the HOL system. Some proof tools written to support the
verification are also described.
cam.ac.uk//UCAM-CL-TR-255
2016-07-22
The formal verification of hard real-time
systems
Cardell-Oliver, Rachel Mary
University of Cambridge, Computer Laboratory
1992
en
Text
UCAM-CL-TR-255
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-256
2021-03-17
MCPL programming manual
Richards, Martin
University of Cambridge, Computer Laboratory
1992-05
en
Text
UCAM-CL-TR-256
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-256.pdf
MCPL is a systems programming language having much in common
with BCPL but augmented by the pattern matching ideas of both ML
and Prolog. Unlike ML, MCPL is typeless, runs using a contiguous
runtime stack and has no built in garbage collector, but it does
make extensive use of ML-like pattern matching. The low level
aspects of the language resemble those of BCPL and C. For
efficiency, MCPL uses its own function calling sequence, however
a convenient mechanism for mixing MCPL and C programs is
provided.
Notable features of MCPL are its pattern matching facilities and
the simple way in which data structures are handled.
This document gives a complete definition of the language and
includes, at the end, several example programs to demonstrate
its capabilities.
cam.ac.uk//UCAM-CL-TR-257
2018-03-27
Cut-free sequent and tableau systems for propositional
normal modal logics
Goré, Rajeev Prakhakar
University of Cambridge, Computer Laboratory
1992-05
en
Text
UCAM-CL-TR-257
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-257.pdf
We present a unified treatment of tableau, sequent and axiomatic
formulations for many propositional normal modal logics, thus
unifying and extending the work of Hanson, Segerberg, Zeman,
Mints, Fitting, Rautenberg and Shvarts. The primary emphasis is
on tableau systems as the completeness proofs are easier in this
setting. Each tableau system has a natural sequent analogue
defining a finitary provability relation for each axiomatically
formulated logic L. Consequently, any tableau proof can be
converted into a sequent proof which can be read downwards to
obtain an axiomatic proof. In particular, we present cut-free
sequent systems for the logics S4.3, S4.3.1 and S4.14. These
three logics have important temporal interpretations and the
sequent systems appear to be new.
All systems are sound and (weakly) complete with respect to
their known finite frame Kripke semantics. By concentrating
almost exclusively on finite tree frames we obtain finer
characterisation results, particularly for the logics with
natural temporal interpretations. In particular, all proofs of
tableau completeness are constructive and yield the finite model
property and decidability for each logic.
Most of these systems are cut-free giving a Gentzen
cut-elimination theorem for the logic in question. But even when
the cut rule is required, all uses of it remain analytic. Some
systems do not possess the subformula property. But in all such
cases the class of “superformulae” remains bounded, giving an
analytic superformula property. Thus all systems remain totally
amenable to computer implementation and immediately serve as
nondeterministic decision procedures for the logics they
formulate. Furthermore, the constructive completeness proofs
yield deterministic decision procedures for all the logics
concerned.
In obtaining these systems we domonstrate that the subformula
property can be broken in a systematic and analytic way while
still retaining decidability. This should not be surprising
since it is known that modal logic is a form of second order
logic and that the subformula property does not hold for higher
order logics.
cam.ac.uk//UCAM-CL-TR-258
2021-03-17
Two papers on ATM networks
Greaves, David J.
McAuley, Derek
French, Leslie J.
University of Cambridge, Computer Laboratory
1992-05
en
Text
UCAM-CL-TR-258
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-258.pdf
Private ATM networks / by David J. Greaves and Derek McAuley.
This paper advocates the use of local area networks which use 48
byte ATM cells. Hosts connected to the network are fitted with
ATM interfaces and run a new protocol stack up to the network
level, which avoids multiplexing and efficiently handles the
out-of-band signalling used by ATM.
The private network may be of WAN, MAN or LAN dimensions and
contain several different network technologies, provided each is
able to perform the basic function of carrying ATM cells from
one point to another. The private network may be connected to
the B-ISDN at one or more points.
Protocol and interface for ATM LANs / by David J. Greaves, Derek
McAuley and Leslie J. French.
This paper advocates the use of local area networks using the
Asynchronous Transfer Mode, where data is carried in the
payloads of 48-byte cells. We describe the design and
performance of a simple ATM host interface for the DEC
Turbochannel together with the MSNA protocol architecture. We
describe how MSNA creates a homogeneous internet for ATM hosts
and devices. We discuss the implementation of an adaption layer
for computer data which is able to take full advantage of MSNA
semantics, and which makes use of the end-to-end ATM layer
header bit which has recently been accepted.
cam.ac.uk//UCAM-CL-TR-259
2017-07-06
Full abstraction in the Lazy Lambda Calculus
Abramsky, Samson
Ong, C.-H. Luke
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-259
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-260
2021-03-17
Local computation of alternating fixed-points
Anderson, Henrik Reif
University of Cambridge, Computer Laboratory
1992-06
en
Text
UCAM-CL-TR-260
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-260.pdf
In this paper we consider the problem of alternating
fixed-points of monotone functions on finite boolean lattices.
We describe a local (demand-driven, lazy) algorithm for
computing a boolean expression with two alternating
fixed-points, i.e. with a minimal and a maximal fixed-point
intertwined. Such expressions arise naturally in the modal
μ-calculus and are the main source of its expressive power – and
its difficult model checking problem. By a translation of the
model checking problem of the modal μ-calculus into a problem of
finding fixed-points on boolean lattices, we get a local model
checker for two alternating fixed-points which runs in time
O(|A|(|T|²)log(|A||T|)), where |A| is the size of the assertion
and |T| the size of the model, a labelled transition system.
This extends earlier results by the author and improves on
earlier published local algorithms. We also sketch how the
algorithm can be extended to arbitrary alternations.
Due to the generality of the algorithm it can be applied to
other (alternating or non-alternating) fixed-point problems.
cam.ac.uk//UCAM-CL-TR-261
2016-07-22
Image resampling
Dodgson, Neil Anthony
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-261
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-261.pdf
Image resampling is the process of geometrically transforming
digital images. This report considers several aspects of the
process.
We begin by decomposing the resampling process into three
simpler sub-processes: reconstruction of a continuous intensity
surface from a discrete image, transformation of that continuous
surface, and sampling of the transformed surface to produce a
new discrete image. We then consider the sampling process, and
the subsidiary problem of intensity quantisation. Both these are
well understood, and we present a summary of existing work,
laying a foundation for the central body of the report where the
sub-process of reconstruction is studied.
The work on reconstruction divides into four parts, two general
and two specific:
1. Piecewise local polynomials: the most studied group of
reconstructors. We examine these, and the criteria used in their
design. One new derivation is of two piecewise local quadratic
reconstructors.
2. Infinite extent reconstructors: we consider these and their
local approximations, the problem of finite image size, the
resulting edge effects, and the solutions to these problems.
Amongst the reconstructors discussed are the interpolating cubic
B-spline and the interpolating Bezier cubic. We derive the
filter kernels for both of these, and prove that they are the
same. Given this kernel we demonstrate how the interpolating
cubic B-spline can be extended from a one-dimensional to a
two-dimensional reconstructor, providing a considerable speed
improvement over the existing method of extension.
3. Fast Fourier transform reconstruction: it has long been known
that the fast Fourier transform (FFT) can be used to generate an
approximation to perfect scaling of a sample set. Donald Fraser
(in 1987) took this result and generated a hybrid FFT
reconstructor which can be used for general transformations, not
just scaling. We modify Fraser’s method to tackle two major
problems: its large time and storage requirements, and the edge
effects it causes in the reconstructed intensity surface.
4. A priori knowledge reconstruction: first considering what can
be done if we know how the original image was sampled, and then
considering what can be done with one particular class of image
coupled with one particular type of sampling. In this latter
case we find that exact reconstruction of the image is possible.
This is a surprising result as this class of images cannot be
exactly reconstructed using classical sampling theory.
The final section of the report draws all of the strands
together to discuss transformations and the resampling process
as a whole. Of particular note here is work on how the quality
of different reconstruction and resampling methods can be
assessed.
cam.ac.uk//UCAM-CL-TR-262
2019-03-11
Term assignment for intuitionistic linear logic
(preliminary report)
Benton, Nick
Bierman, Gavin
de Paiva, Valeria
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-262
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-262.pdf
In this paper we consider the problem of deriving a term
assignment system for Girard’s Intuitionistic Linear Logic for
both the sequent calculus and natural deduction proof systems.
Our system differs from previous calculi (e.g. that of Abramsky)
and has two important properties which they lack. These are the
substitution property (the set of valid deductions is closed
under substitution) and subject reduction (reduction on terms is
well typed).
We define a simple (but more general than previous proposals)
categorical model for Intuitionistic Linear Logic and show how
this can be used to derive the term assignment system.
We also consider term reduction arising from cut-elimination in
the sequent calculus and normalisation in natural deduction. We
explore the relationship between these, as well as with the
equations which follow from our categorical model.
cam.ac.uk//UCAM-CL-TR-263
2018-04-23
The Lazy Lambda Calculus: an investigation into the
foundations of functional programming
Ong, C.-H. Luke
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-263
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-264
2021-03-24
CCS with environmental guards
Camilleri, Juanito
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-264
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-264.pdf
This paper investigates an extension of Milner’s CCS with agents
guarded by propositions on the environment. The agent g ≫ E,
pronounced E in an environment of which g holds, depends on the
set of actions the environment in ready to perform. This
dependency is realised by an operational semantics in which
transitions carry ready-sets (of the environment) as well as the
normal action symbols from CCS. A notion of strong bisimulation
is defined on guarded agents via this semantics. It is a
congruence and satisfies new equational laws (including a new
expansion law) whicyh are shown to be complete for finite
guarded agents. The laws are conservative over agents of
traditional CCS. The guarding operator ≫ provides a dynamic,
local, and clean syntactic means of expressing the behaviour of
an agent depending on circumstance; it is more expressive than
the unless operator presented in [Cam91] and the priority choice
operator presented in [Cam90] and [CaW91], and yields a much
simpler expansion theorem.
cam.ac.uk//UCAM-CL-TR-265
2018-03-27
Reasoning with inductively defined relations in the HOL
theorem prover
Camilleri, Juanito
Melham, Tom
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-265
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-266
2021-03-24
Automatic exploitation of OR-parallelism in
Prolog
Klein, Carole
University of Cambridge, Computer Laboratory
1992-09
en
Text
UCAM-CL-TR-266
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-266.pdf
A path through a search space can be defined by a sequence of
integers called an oracle. The Delphi machine consists of a
network of individual workstations co-operating to execute a
Prolog program. Using oracles, these machines automatically
partition the search space between them, thereby exploiting
OR-parallelism. This report provides a brief description of the
tree-searching algorithms (control strategies) implemented in
the Delphi machine.
cam.ac.uk//UCAM-CL-TR-267
2021-03-24
Untyped strictness analysis
Ernoult, Christine
Mycroft, Alan
University of Cambridge, Computer Laboratory
1992-10
en
Text
UCAM-CL-TR-267
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-267.pdf
We re-express Hudak and Young’s higher-order strictness analysis
for the untyped λ-calculus in a conceptually simpler and more
semantically-based manner. We show our analysis to be a sound
abstraction of Hudak and Young’s whichis also complete in a
sense we make precise.
cam.ac.uk//UCAM-CL-TR-268
2003-01-01
Network file server design for continuous
media
Jardetzky, Paul W.
University of Cambridge, Computer Laboratory
1992-10
en
Text
UCAM-CL-TR-268
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-268.ps.gz
This dissertation concentrates on issues related to the
provision of a network based storage facility for digital audio
and video data. The goal is to demonstrate that a distributed
file service in support of these media may be built without
special purpose hardware. The main objective is to identify
those parameters that affect file system performance and provide
the criteria for making desirable design decisions.
cam.ac.uk//UCAM-CL-TR-269
2021-03-31
Optimising compilation
Mycroft, Alan
Norman, Arthur
University of Cambridge, Computer Laboratory
1992-10
en
Text
UCAM-CL-TR-269
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-269.pdf
This report consists of pre-prints of two tutorial lectures on
optimising compilation to be presented at the Czechoslovak
‘SOFSEM 92’ conference. The first discusses optimising compilers
based on dataflow analysis for classical imperative languages
like ‘C’. The second turns attention to optimisation of lazy
functional languages by ‘strictness analysis’.
Part 1: Classical imperative languages
This tutorial considers the design of modern machine-independent
optimising compilers for classical (C-like) languages. We draw
from two sources (1) the literature and lectures by the authors
at Cambridge and (2) the ‘Norcroft’ compiler suite jointly
constructed by the authors.
Part 2: Lazy functional languages
This lecture considers the optimisation of functional
programming languages (particularly ‘lazy’ languages) based on
‘strictness analysis’. Such optimisations alter evaluation order
to allow more efficient translation into von Neumann
architecture or to increase the parallelism in a sequentially
specified system (such as that implied by lazy-semantics).
cam.ac.uk//UCAM-CL-TR-270
2016-07-22
Designing a universal name service
Ma, Chaoying
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-270
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-270.pdf
Generally speaking, naming in computing systems deals with the
creation of object identifiers at all levels of system
architecture and the mapping among them. Two of the main
purposes of having names in computer systems are (a) to identify
objects; (b) to accomplish sharing. Without naming no computer
system design can be done.
The rapid development in the technology of personal workstations
and computer communication networks has placed a great number of
demands on designing large computer naming systems. In this
dissertation, issues of naming in large distributed computing
systems are addressed. Technical aspects as well as system
architecture are examined. A design of a Universal Name Service
(UNS) is proposed and its prototype implementation is described.
Three major issues on designing a global naming system are
studied. Firstly, it is observed that none of the existing name
services provides enough flexibility in restructuring name
spaces, more research has to be done. Secondly it is observed
that although using stale naming data (hints) at the application
level is acceptable in most cases as long as it is detectable
and recoverable, stronger naming data integrity should be
maintained to provide a better guarantee of finding objects,
especially when a high degree of availability is required.
Finally, configuring the name service is usually done in an ad
hoc manner, leading to unexpected interruptions or a great deal
of human intervention when the system is reconfigured. It is
necessary to make a systematic study of automatic configuration
and reconfiguration of name services.
This research is based on a distributed computing model, in
which a number of computers work cooperatively to provide the
service. The contributions include: (a) the construction of a
Globally Unique Directory Identifier (GUDI) name space. Flexible
name space restructuring is supported by allowing directories to
be added to or removed from the GUDI name space. (b) The
definition of a two class name service infrastructure which
exploits the semantics of naming. It makes the UNS replication
control more robust, reliable as well as highly available. (c)
The identification of two aspects in the name service
configuration: one is concerned with the replication
configuration, and the other is concerned with the server
configuration. It is notable that previous work only studied
these two aspects individually but not in combination. A
distinguishing feature of the UNS is that both issues are
considered at the design stage and novel methods are used to
allow dynamic service configuration to be done automatically and
safely.
cam.ac.uk//UCAM-CL-TR-271
2017-07-13
Set theory as a computational logic: I. from foundations
to functions
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1992-11
en
Text
UCAM-CL-TR-271
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-271.pdf
A logic for specification and verification is derived from the
axioms of Zermelo-Fraenkel set theory. The proofs are performed
using the proof assistant Isabelle. Isabelle is generic,
supporting several different logics. Isabelle has the
flexibility to adapt to variants of set theory. Its higher-order
syntax supports the definition of new binding operators.
Unknowns in subgoals can be instantiated incrementally. The
paper describes the derivation of rules for descriptions,
relations and functions, and discusses interactive proofs of
Cantor’s Theorem, the Composition of Homomorphisms challenge,
and Ramsey’s Theorem. A generic proof assistant can stand up
against provers dedicated to particular logics.
cam.ac.uk//UCAM-CL-TR-272
2016-07-22
Interactive program derivation
Coen, Martin David
University of Cambridge, Computer Laboratory
1992-11
en
Text
UCAM-CL-TR-272
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-272.pdf
As computer programs are increasingly used in safety critical
applications, program correctness is becoming more important; as
the size and complexity of programs increases, the traditional
approach of testing is becoming inadequate. Proving the
correctness of programs written in imperative languages is
awkward; functional programming languages, however, offer more
hope. Their logical structure is cleaner, and it is practical to
reason about terminating functional programs in an internal
logic.
This dissertation describes the development of a logical theory
called TPT for reasoning about the correctness of terminating
functional programs, its implementation using the theorem prover
Isabelle, and its use in proving formal correctness. The theory
draws both from Martin-Löf’s work in type theory and Manna and
Waldinger’s work in program synthesis. It is based on classical
first-order logic, and it contains terms that represent classes
of behaviourally equivalent programs, types that denote sets of
terminating programs and well-founded orderings. Well-founded
induction is used to reason about general recursion in a natural
way and to separate conditions for termination from those for
correctness.
The theory is implemented using the generic theorem prover
Isabelle, which allows correctness proofs to be checked by
machine and partially automated using tactics. In particular,
tactics for type checking use the structure of programs to
direct proofs. Type checking allows both the verification and
derivation of programs, reducing specifications of correctness
to sets of correctness conditions. These conditions can be
proved in typed first-order logic, using well-known techniques
of reasoning by induction and rewriting, and then lifted up to
TPT. Examples of program termination are asserted and proved,
using simple types. Behavioural specifications are expressed
using dependent types, and the correctness of programs asserted
and then proved. As a non-trivial example, a unification
algorithm is specified and proved correct by machine.
The work in this dissertation clearly shows how a classical
theory can be used to reason about program correctness, how
general recursion can be reasoned about, and how programs can
direct proofs of correctness.
cam.ac.uk//UCAM-CL-TR-273
2016-07-22
TouringMachines: an architecture for dynamic, rational,
mobile agents
Ferguson, Innes A.
University of Cambridge, Computer Laboratory
1992-11
en
Text
UCAM-CL-TR-273
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-273.pdf
It is becoming widely accepted that neither purely reactive nor
purely deliberative control techniques are capable of producing
the range of behaviours required of intelligent computational or
robotic agents in dynamic, unpredictable, multi-agent worlds. We
present a new architecture for controlling autonomous, mobile
agents – building on previous work addressing reactive and
deliberative control methods. The proposed multi-layered control
architecture allows a resource-bounded, goal-directed agent to
react promptly to unexpected changes in its environment; at the
same time it enables the agent to reason predictively about
potential conflicts by constructing and projecting causal models
or theories which hypothesise other agents’ goals and
intentions.
The line of research adopted is very much a pragmatic one. A
single, common architecture has been implemented which, being
extensively parametrized, allows an experimenter to study
functionally- and behaviourally-diverse agent configurations. A
principal aim of this research is to understand the role
different functional capabilities play in constraining an
agent’s behaviour under varying environmental conditions. To
this end, we have constructed an experimental testbed comprising
a simulated multi-agent world in which a variety of agent
configurations and behaviours have been investigated. Experience
with the new control architecture is described.
cam.ac.uk//UCAM-CL-TR-274
2021-03-31
Of what use is a verified compiler
specification?
Curzon, Paul
University of Cambridge, Computer Laboratory
1992-11
en
Text
UCAM-CL-TR-274
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-274.pdf
Program verification is normally performed on source code.
However, it is the object code which is executed and so which
ultimately must be correct. The compiler used to produce the
object code must not introduce bugs. The majority of the
compiler correctness literature is concerned with the
verification of compiler specifications rather than executable
implementations. We discuss different ways that verified
specifications can be used to obtain implementations with
varying degrees of security. In particular we describe how a
specification can be executed by proof. We discuss how this
method can be used in conjunction with an insecure production
compiler so as to retain security without slowing the
development cycle of application programs. A verified
implementation of a compiler in a high-level language is not
sufficient to obtain correct object code. The compiler must
itself be compiled into a low level language before it can be
executed. At first sight it appears we need an already verified
compiler to obtain a secure low-level implementation of a
compiler. We describe how a low-level implementation of a
compiler can be securely obtained from a verified compiler
implementation.
cam.ac.uk//UCAM-CL-TR-275
2018-03-27
Exploratory learning in the game of GO
Pell, Barney
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-275
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-275.ps.gz
This paper considers the importance of exploration to
game-playing programs which learn by playing against opponents.
The central question is whether a learning program should play
the move which offers the best chance of winning the present
game, or if it should play the move which has the best chance of
providing useful information for future games. An approach to
addressing this question is developed using probability theory,
and then implemented in two different learning methods. Initial
experiments in the game of Go suggest that a program which takes
exploration into account can learn better against a
knowledgeable opponent than a program which does not.
cam.ac.uk//UCAM-CL-TR-276
2018-03-27
METAGAME: a new challenge for games and
learning
Pell, Barney
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-276
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-276.ps.gz
In most current approaches to Computer Game-Playing, including
those employing some form of machine learning, the game analysis
mainly is performed by humans. Thus, we are sidestepping largely
the interesting (and difficult) questions. Human analysis also
makes it difficult to evaluate the generality and applicability
of different approaches.
To address these problems, we introduce a new challenge:
Metagame. The idea is to write programs which take as input the
rules of a set of new games within a pre-specified class,
generated by a program which is publicly available. The programs
compete against each other in many matches on each new game, and
they can then be evaluated based on their overall performance
and improvement through experience.
This paper discusses the goals, research areas, and general
concerns for the idea of Metagame.
cam.ac.uk//UCAM-CL-TR-277
2018-03-27
METAGAME in symmetric chess-like games
Pell, Barney
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-277
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-277.ps.gz
I have implemented a game generator that generates games from a
wide but still restricted class. This class is general enough to
include most aspects of many standard games, including Chess,
Shogi, Chinese Chess, Checkers, Draughts, and many variants of
Fairy Chess. The generator, implemented in Prolog is transparent
and publicly available, and generates games using probability
distributions for parameters such as piece complexity, types of
movement, board size, and locality.
The generator is illustrated by means of a new game it produced,
which is then subjected to a simple strategic analysis. This
form of analysis suggests that programs to play Metagame well
will either learn or apply very general game-playing principles.
But because the class is still restricted, it may be possible to
develop a naive but fast program which can outplay more
sophisticated opponents. Performance in a tournament between
programs is the deciding criterion.
cam.ac.uk//UCAM-CL-TR-278
2018-03-27
A formalization of the process algebra CCS in high order
logic
Nesi, Monica
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-278
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-278.pdf
This paper describes a mechanization in higher order logic of
the theory for a subset of Milner’s CCS. The aim is to build a
sound and effective tool to support verification and reasoning
about process algebra specifications. To achieve this goal, the
formal theory for pure CCS (no value passing) is defined in the
interactive theorem prover HOL, and a set of proof tools, based
on the algebraic presentation of CCS, is provided.
cam.ac.uk//UCAM-CL-TR-279
2021-04-07
The transition assertions specification
method
Carreño, Victor A.
University of Cambridge, Computer Laboratory
1992-12
en
Text
UCAM-CL-TR-279
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-279.pdf
A modelling and specification method for real-time, reactive
systems is described. Modelling is performed by constructing
time dependent relations of the system parameters. A textual
formal notation using higher order logic and a graphical
notation are presented. The formal notation allows the use of
rigorous mathematical methods on the specification, one of the
primary sources of design errors. A cruise control case example
is included in the paper and the HOL mechanised theorem prover
is used to show that the specification comply with some top
level requirements.
cam.ac.uk//UCAM-CL-TR-280
2017-07-13
Introduction to Isabelle
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-01
en
Text
UCAM-CL-TR-280
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-280.dvi.gz
Isabelle is a generic theorem prover, supporting formal proof in
a variety of logics. Through a variety of examples, this paper
explains the basic theory demonstrates the most important
commands. It serves as the introduction to other Isabelle
documentation.
cam.ac.uk//UCAM-CL-TR-281
2017-07-06
Pegasus project description
Mullender, Sape J.
Leslie, Ian M.
McAuley, Derek
University of Cambridge, Computer Laboratory
1992-09
en
Text
UCAM-CL-TR-281
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-282
2017-07-06
Pegasus – Operating system support for distributed
multimedia systems
Leslie, Ian M.
McAuley, Derek
Mullender, Sape J.
University of Cambridge, Computer Laboratory
1992-12
en
Text
UCAM-CL-TR-282
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-283
2017-07-13
The Isabelle reference manual
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-283
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-283.dvi.gz
This manual is a comprehensive description of Isabelle,
including all commands, functions and packages. It is intended
for reference rather than for reading through, and is certainly
not a tutorial. The manual assumes familiarity with the basic
concepts explained in Introduction to Isabelle. Functions are
organized by their purpose, by their operands (subgoals,
tactics, theorems), and by their usefulness. In each section,
basic functions appear first, then advanced functions, and
finally esoteric functions.
cam.ac.uk//UCAM-CL-TR-284
2018-03-27
The Alvey Natural Language Tools grammar (4th
Release)
Grover, Claire
Carroll, John
Briscoe, Ted
University of Cambridge, Computer Laboratory
1993-01
en
Text
UCAM-CL-TR-284
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-285
2016-07-22
Functional programming and input/output
Gordon, Andrew Donald
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-285
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-286
2017-07-13
Isabelle’s object-logics
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-286
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-286.dvi.gz
Several logics come with Isabelle. Many of them are sufficiently
developed to serve as comfortable reasoning environments. They
are also good starting points for defining new logics. Each
logic is distributed with sample proofs, some of which are
presented in the paper. The logics described include first-order
logic, Zermelo-Fraenkel set theory, higher-order logic,
constructive type theory, and the classical sequent calculus LK.
A final chapter explains the fine points of defining logics in
Isabelle.
cam.ac.uk//UCAM-CL-TR-287
2017-07-06
A mechanised definition of Silage in HOL
Gordon, Andrew D.
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-287
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-287.dvi.gz
If formal methods of hardware verification are to have any
impact on the practices of working engineers, connections must
be made between the languages used in practice to design
circuits, and those used for research into hardware
verification. Silage is a simple dataflow language marketed for
specifying digital signal processing circuits. Higher Order
Logic (HOL) is extensively used for research into hardware
verification. This paper presents a formal definition of a
substantial subset of Silage, by mapping Silage declarations
into HOL predicates. The definition has been mechanised in the
HOL theorem prover to support the transformational design of
Silage circuits as theorem proving in HOL.
cam.ac.uk//UCAM-CL-TR-288
2021-09-07
Cut-free sequent and tableau systems for propositional
Diodorean modal logics
Gore, Rajeev
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-288
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-288.pdf
We present sound, (weakly) complete and cut-free tableau systems
for the propositional normal modal logics S4.3, S4.3.1 and
S4.14. When the modality □ is given a temporal interpretation,
these logics respectively model time as a linear dense sequence
of points; as a linear discrete sequence of points; and as a
branching tree where each branch is a linear discrete sequence
of points.
Although cut-free, the last two systems do not possess the
subformula property. But for any given finite set of formulae X
the “superformulae” involved are always bounded by a finite set
of formulae X*L depending only on X and the logic L. Thus each
system gives a nondeterministic decision procedure for the logic
in question. The completeness proofs yield deterministic
decision procedures for each logic because each proof is
constructive.
Each tableau system has a cut-free sequent analogue proving that
Gentzen’s cut-elimination theorem holds for these logics. The
techniques are due to Hintikka and Rautenberg.
cam.ac.uk//UCAM-CL-TR-289
2016-07-22
The semantics of noun phrase anaphora
Elworthy, David Alan Howard
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-289
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-290
2021-04-07
Discourse modelling for automatic summarising
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-290
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-290.pdf
Automatic abstracting is a challenging task for natural language
processing. It depends not only on sentence interpretation and
the local context representation this requires, but also on the
recognition and use of large-scale discourse structure. This
paper describes research investigating the nature of different
approaches to discourse representation and their value for
summarising. This work is focussed on comparative analysis,
illustrated in the paper through the provision of different
forms of representation, and different strategies for summary
formation, for a short example text.
cam.ac.uk//UCAM-CL-TR-291
2017-07-13
Evaluating natural language processing
systems
Galliers, J.R.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-291
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-291.ps.gz
This report presents a detailed analysis and review of NLP
evaluation, in principle and in practice. Part 1 examines
evaluation concepts and establishes a framework for NLP system
evaluation. This makes use of experience in the related area of
information retrieval and the analysis also refers to evaluation
in speech processing. Part 2 surveys significant evaluation work
done so far, for instance in machine translation, and discusses
the particular problems of generic system evaluation. The
conclusion is that evaluation strategies and techniques for NLP
need much more development, in particular to take proper account
of the influence of system tasks and settings. Part 3 develops a
general approach to NLP evaluation, aimed at
methodologically-sound strategies for test and evaluation
motivated by comprehensive performance factor identification.
The analysis throughout the report is supported by extensive
illustrative examples.
cam.ac.uk//UCAM-CL-TR-292
2016-07-22
Synchronisation services for digital continuous
media
Sreenan, Cormac John
University of Cambridge, Computer Laboratory
1993-03
en
Text
UCAM-CL-TR-292
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-292.ps.gz
The development of broadband ATM networking makes it attractive
to use computer communication networks for the transport of
digital audio and motion video. Coupled with advances in
workstation technology, this creates the opportunity to
integrate these continuous information media within a
distributed computing system. Continuous media have an inherent
temporal dimension, resulting in a set of synchronisation
requirements which have real-time constraints. This dissertation
identifies the role and position of synchronisation, in terms of
the support which is necessary in an integrated distributed
system. This work is supported by a set of experiments which
were performed in an ATM inter-network using multi-media
workstations, each equipped with an Olivetti Pandora Box.
cam.ac.uk//UCAM-CL-TR-293
2021-04-09
Objects and transactions for modelling distributed
applications: concurrency control and commitment
Bacon, Jean
Moody, Ken
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-293
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-293.pdf
The concepts of object and transaction form an ideal basis for
reasoning about the behaviour of distributed applications. An
object model allows the semantics of an application to be used
to specify the required concurrency behaviour of each object. A
transaction model covers multi-component computations where the
components are distributed and therefore subject to concurrent
execution and partial failure.
This tutorial establishes an object model for a distributed
system in which transactions are used. It focusses on the
alternative methods of concurrency control that might be
employed and shows how each method might be appropriate for
certain application characteristics and system behaviour. The
background for this discussion is eatablished in [Bacon 1993].
cam.ac.uk//UCAM-CL-TR-294
2021-04-09
OPERA : Storage, programming and display of multimedia
objects
Moody, Ken
Bacon, Jean
Adly, Noha
Afshar, Mohamad
Bates, John
Feng, Huang
Hayton, Richard
Lo, Sai Lai
Schwiderski, Scarlet
Sultana, Robert
Wu, Zhixue
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-294
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-294.pdf
This project aims to support the interactive display of
synchronised multiple media types in workstation windows. This
style of application needs high speed ATM networks and suitable
protocols and operating systems; an infrastructure that exists
at the University of Cambridge Computer Laboratory. Above this
infrastructure we have designed and are building storage
services (MSSA), a platform to support the creation and display
of multimedia presentations (IMP) and a persistent programming
language (PC++), for reliable and convenient programming of
multimedia applications. This paper gives an overview of the
work of the OPERA project in these three areas.
cam.ac.uk//UCAM-CL-TR-295
2021-04-09
OPERA : Storage and presentation support for multimedia
applications in a distributed, ATM network
environment
Bacon, Jean
Bates, John
Lo, Sai Lai
Moody, Ken
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-295
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-295.pdf
We are building a display platform for multimedia applications
above a multi-service storage architecture (MSSA). This style of
application needs high speed ATM networks and suitable protocols
and operating systems; an infrastructure that exists at the
University of Cambridge Computer Laboratory.
An open storage architecture gives flexibility and
extensibility. Conventional files, audio, video and structured
objects are supported within a common architectural framework
and composite objects, such as a display representation, may
have components of any of these storage types. The two-level
hierarchy of servers provides storage media and a byte-segment
abstraction at the low level and a variety of abstractions at
the high level. Quality of service guarantees, which are
essential for continuous media file types, are supported by
sessions and tickets. These are arranged via the high level
servers and used directly with the low level servers.
A platform for the creation and interactive display of
multimedia presentations (IMP) is being developed. A script
language allows a multimedia presentation to be specified in
terms of objects, the relationships between them and the
(composite) events that drive it. Presentation data is stored on
the structured data service of MSSA and component objects are
stored on appropriate servers, and accepted and retrieved at
guaranteed rates. The presentation requirements of an
application are managed by applying a script to the data
representing the presentation to create a display.
cam.ac.uk//UCAM-CL-TR-296
2021-04-09
A persistent programming language for multimedia
databases in the OPERA project
Wu, Z.
Moody, K.
Bacon, J.
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-296
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-296.pdf
The advent of high bandwidth local area ATM networks has
transformed the potential of distributed computing systems. At
the Computer Laboratory we are moving towards a world in which
multimedia displays are managed by editing, browsing and
composing tools [Bates 93]. The recently completed Pandora
project [Hopper 90] has given us some experience of multimedia
applications, and an idea of their scope.
We have developed a persistent programming language PC++ [Wu
93], an extension of C++, to help programmers developing
multimedia applications to make use of the MSSA. In this paper
we present the design of PC++ and show how its special features
meet the requiremets to effectively manage data in a
distributed, real-time, context.
cam.ac.uk//UCAM-CL-TR-297
2022-09-16
Categorical abstract machines for higher-order typed
lambda calculi
Ritter, Eike
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-297
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-297.pdf
We define in this thesis categorical abstract machines for the
calculus of constructions, a special higher-order
lambda-calculus. We start with the derivation of categorical
combinators, i.e. an equational theory based on a categorical
structure for the calculus. It turns out that only a
generalization of Ehrhard’s D-categories can be used for this
purpose; all other categorical structures modelling the calculus
yield only conditional equations or no equations at all. Next we
orient the equations to obtain reduction rules. When we want to
show that this reduction corresponds to reduction in the
calculus, we run into difficulties in proving strong
normalization. We can only show that any reduction that leads
first to a combinator corresponding to a weak head-normal form
is finite. These results are the key to formulate an eager and a
lazy strategy for the reduction of a combinator to its normal
form.
We then construct abstract machines for the eager and lazy
strategy. Their correctness proof consists of an induction over
the definition of the reduction strategies. These machines
specialize to the CAM and Krivine’s machine in the first order
case respectively. The original construction of the CAM is based
on cartesian closed categories (CCCs). They model both
environments and terms by morphisms regardless of their
conceptual difference, whereas the D-categories separate these
two notions. Hence the correspondence between the D-categories
and the abstract machines described in this thesis is closer
than that between the CAM and the CCCs. We also obtain an
abstract machine for type checking of these combinators, which
uses the above reduction machines. Preliminary tests suggest
that the abstract machines are quite efficient compared to other
implementations.
cam.ac.uk//UCAM-CL-TR-298
2016-07-22
Multicast in the asynchronous transfer mode
environment
Doar, John Matthew Simon
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-298
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-298.ps.gz
In future multimedia communication networks, the ability to
multicast information will be useful for many new and existing
services. This dissertation considers the design of multicast
switches for Asynchronous Transfer Mode (ATM) networks and
proposes one design based upon a slotted ring. Analysis and
simulation studies of this design are presented and details of
its implementation for an experimental ATM network (Project
Fairisle) are described, together with the modifications to the
existing multi-service protocol architecture necessary to
provide multicast connections. Finally, a short study of the
problem of multicast routing is presented, together with some
simulations of the long-term effect upon the routing efficiency
of modifying the number of destinations within a multicast
group.
cam.ac.uk//UCAM-CL-TR-299
2018-03-27
Pragmatic reasoning in bridge
Gamback, Bjorn
Rayner, Manny
Pell, Barney
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-299
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-299.ps.gz
In this paper we argue that bidding in the game of Contract
Bridge can profitably be regarded as a micro-world suitable for
experimenting with pragmatics. We sketch an analysis in which a
“bidding system” is treated as the semantics of an artificial
language, and show how this “language”, despite its apparent
simplicity, is capable of supporting a wide variety of common
speech acts parallel to those in natural languages; we also
argue that the reason for the relatively unsuccessful nature of
previous attempts to write strong Bridge playing programs has
been their failure to address the need to reason explicitly
about knowledge, pragmatics, probabilities and plans. We give an
overview of Pragma, a system currently under development, which
embodies these ideas in concrete form, using a combination of
rule-based inference, stochastic simulation, and “neural-net”
learning. Examples are given illustrating the functionality of
the system in its current form.
cam.ac.uk//UCAM-CL-TR-300
2022-10-27
Formal verification of VIPER’s ALU
Wong, Wai
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-300
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-300.pdf
This research describes the formal verification of an arithmetic
logic unit of the VIPER microprocessor. VIPER is one of the
first processors designed using formal methods. A formal model
in HOL has been created which models the ALU at two levels: on
the higher level, the ALU is specified as a function taking two
32-bit operands and returning a result; on the lower level the
ALU is implemented by a number of 4-bit slices which should take
the same operands and return the same results. The ALU is
capable of performing thirteen different operations. A formal
proof of functional equivalence of these two levels has been
completed successfully. The complete HOL text of the ALU formal
model and details of the proof procedures are included in this
report. It has demonstrated that the HOL system is powerful and
efficient enough to perform formal verification of realistic
hardware design.
cam.ac.uk//UCAM-CL-TR-301
2021-04-21
The dual-level validation concurrency control
method
Wu, Zhixue
Moody, Ken
Bacon, Jean
University of Cambridge, Computer Laboratory
1993-06
en
Text
UCAM-CL-TR-301
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-301.pdf
Atomic data types permit maximum concurrency among transations
by exploiting the semantics of object operations. Concurrency
control is needed to ensure both object level atomicity and
transaction level atomicity. It must be possible to regard each
operation on an object as elementary. Recovery methods for
transactions which are based on atomic objects must take into
account that partial results of a transaction might be seen by
other transactions.
This paper presents, formalises and verifies a protocol called
the dual-level validation method which can be used to provide
atomicity for atomic data types. It is optimistic and has a
number of advantages over previous methods. It permits maximum
concurrency at the low level by allowing non-conflicting
operations to be scheduled concurrently. It allows applications
to cope with very large objects by supporting multi-granularity
shadowing. Transaction recovery is simple to implement. The
method performs well, particularly when different transactions
are unlikely to access the same (sub)objects concurrently.
Finally, it is well suited to a distributed environment since
validation and commit are not implemented atomically.
cam.ac.uk//UCAM-CL-TR-302
2018-03-27
Logic programming for general game-playing
Pell, Barney
University of Cambridge, Computer Laboratory
1993-06
en
Text
UCAM-CL-TR-302
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-302.ps.gz
Meta-Game Playing is a new approach to games in Artificial
Intelligence, where we construct programs to play new games in a
well-defined class, which are output by an automatic game
generator. As the specific games to be played are not known in
advance, a degree of human bias is eliminated, and playing
programs are required to perform any game-specific optimisations
without human assistance.
The attempt to construct a general game-playing program is made
difficult by the opposing goals of generality and efficiency.
This paper shows how application of standard techniques in
logic-programming (abstract interpretation and partial
evaluation) makes it possible to achieve both of these goals.
Using these techniques, we can represent the semantics of a
large class of games in a general and declarative way, but then
have the program transform this representation into a more
efficient version once it is presented with the rules of a new
game. This process can be viewed as moving some of the
responsibility for game analysis (that concerned with
efficiency) from the researcher to the program itself.
cam.ac.uk//UCAM-CL-TR-303
2021-04-21
Drawing trees — a case study in functional
programming
Kennedy, Andrew
University of Cambridge, Computer Laboratory
1993-06
en
Text
UCAM-CL-TR-303
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-303.pdf
This report describes the application of functional programming
techniques to a problem previously studied by imperative
programmers, that of drawing general trees automatically. We
first consider the nature of the problem and the ideas behind
its solution, independent of programming language
implementation. The functional language implementation is
described in a bottom up style starting with very general
functions over trees and then narrowing in on the particular
tree layout algorithm. Its correctness is considered informally.
Finally we discuss the implementation’s computational complexity
and possible improvements.
cam.ac.uk//UCAM-CL-TR-304
2017-07-13
Co-induction and co-recursion in higher-order
logic
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-07
en
Text
UCAM-CL-TR-304
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-304.pdf
A theory of recursive and corecursive definitions has been
developed in higher-order logic (HOL) and mechanised using
Isabelle. Least fixedpoints express inductive data types such as
strict lists; greatest fixedpoints express co-inductive data
types, such as lazy lists. Well-founded recursion expresses
recursive functions over inductive data types; co-recursion
expresses functions that yield elements of co-inductive data
types. The theory rests on a traditional formalization of
infinite trees. The theory is intended for use in specification
and verification. It supports reasoning about a wide range of
computable functions, but it does not formalize their
operational semantics and can express noncomputable functions
also. The theory is demonstrated using lists and lazy lists as
examples. The emphasis is on using co-recursion to define lazy
list functions, and on using co-induction to reason about them.
cam.ac.uk//UCAM-CL-TR-305
2021-04-21
Strong normalisation for the linear term
calculus
Benton, P.N.
University of Cambridge, Computer Laboratory
1993-07
en
Text
UCAM-CL-TR-305
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-305.pdf
We provide a strong normalisation result for the linear term
calculus which was introduced in (Benton et al. 1992). Rather
than prove the result from first principles, we give a
translation of linear terms into terms in the second order
polymorphic lambda calculus (λ2) which allows the result to be
proved by appealing to the well known strong normalisation
property of λ2. An interesting feature of the translation is
that it makes use of the λ2 coding of a coinductive datatype as
the translation of the !-types (exponentials) of the linear
calculus.
cam.ac.uk//UCAM-CL-TR-306
2022-10-27
Recording HOL proofs
Wong, Wai
University of Cambridge, Computer Laboratory
1993-07
en
Text
UCAM-CL-TR-306
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-306.pdf
This paper describes a text file format for recording HOL
proofs. It is intended to become an interface between HOL and
proof checkers. Modification to HOL-88 has been carried out to
incorporate a proof recorder to generate a proof file in this
format. The usage of this new feature is explained by a simple
example. A more substantial proof has been recorded, and
benchmark data is presented here.
cam.ac.uk//UCAM-CL-TR-307
2017-07-13
Natural language processing for information
retrieval
Lewis, David D.
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1993-07
en
Text
UCAM-CL-TR-307
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-307.ps.gz
The paper summarizes the essential properties of document
retrieval and reviews both conventional practice and research
findings, the latter suggesting that simple statistical
techniques can be effective. It then considers the new
opportunities and challenges presented by the ability to search
full text directly (rather than e.g. titles and abstracts), and
suggests appropriate approaches to doing this, with a focus on
the role of natural language processing. The paper also comments
on possible connections with data and knowledge retrieval, and
concludes by emphasizing the importance of rigorous performance
testing.
cam.ac.uk//UCAM-CL-TR-308
2003-01-01
A case study of co-induction in Isabelle HOL
Frost, Jacob
University of Cambridge, Computer Laboratory
1993-08
en
Text
UCAM-CL-TR-308
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-308.pdf
The consistency of the dynamic and static semantics for a small
functional programming language was informally proved by R.
Milner and M. Tofte. The notions of co-inductive definitions and
the associated principle of co-induction played a pivotal role
in the proof. With emphasis on co-induction, the work presented
here deals with the formalisation of this result in the
higher-order logic of the generic theorem prover Isabelle.
cam.ac.uk//UCAM-CL-TR-309
2022-11-07
Strictness analysis of lazy functional
programs
Benton, Peter Nicholas
University of Cambridge, Computer Laboratory
1993-08
en
Text
UCAM-CL-TR-309
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-309.pdf
Strictness analysis is a compile-time analysis for lazy
functional languages. The information gained by a strictness
analyser can be used to improve code generation for both
sequential and parallel implementations of such languages.
After reviewing the syntax and semantics of a simply typed
lambda calculus with constants, we describe previous work on
strictness analysis. We then give a new formulation of higher
order strictness analysis, called strictness logic. This is
inspired by previous work on static analysis by non-standard
type inference, and by work on logic of domains. We investigate
some proof theoretic and semantic properties of our logic, and
relate it to the conventional approach using abstract
interpretation. We also consider extending the logic with
disjunction.
We then describe how to extend the simply typed lambda calculus
with lazy algebraic datatyped. A new construction of lattices of
strictness properties of such datatypes is described. This
arises from the characterisation of the solutions to the
recursive domain equations associated with these types as
initial algebras.
Next we consider first order (ML-style) ploymorphism and show
how Wadler’s ‘theorems for free’ parametricity results may be
obtained from a simple extension of the semantics of monomorphic
language. We then prove a polymorphic invariance result relating
the derivable strictness properties of different substitution
instances of polymorphic terms.
cam.ac.uk//UCAM-CL-TR-310
2018-03-27
HARP: a hierarchical asynchronous replication protocol
for massively replicated systems
Adly, Noha
University of Cambridge, Computer Laboratory
1993-08
en
Text
UCAM-CL-TR-310
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-310.ps.gz
This paper presents a new asynchronous replication protocol that
is especially suitable for wide area and mobile systems, and
allows reads and writes to occur at any replica. Updates reach
other replicas using a propagation scheme based on nodes
organized into a logical hierarchy. The hierarchical structure
enables the scheme to scale well for thousands of replicas,
while ensuring reliable delivery. A new service interface is
proposed that provides different levels of asynchrony, allowing
strong consistency and weak consistency to be integrated into
the same framework. Further, due to the hierarchical pattern of
propagation, the scheme provides the ability to locate replicas
that are more up-to-date than others, depending on the needs of
various applications. Also, it allows a selection from a number
of reconciliation techniques based on delivery order mechanisms.
Restructuring operations are provided to build and reconfigure
the hierarchy dynamically without disturbing normal operations.
The scheme tolerates transmission failures and network
partitions.
cam.ac.uk//UCAM-CL-TR-311
2022-11-07
A verified Vista implementation
Curzon, Paul
University of Cambridge, Computer Laboratory
1993-09
en
Text
UCAM-CL-TR-311
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-311.pdf
We describe the formal verification of a simple compiler using
the HOL theorem proving system. The language and microprocessor
considered are a subset of the structured assembly language
Vista, and the Viper microprocessor, respectively. We describe
how our work is directly applicable to a family of languages and
compilers and discuss how the correctness theorem and verified
compiler fit into a wider context of ensuring that object code
is correct. We first show how the compiler correctness result
can be formally combined with a proof system for application
programs. We then show how our verified compiler, despite not
being written in a traditional programming language, can be used
to produce compiled code. We also discuss how a dependable
implementation might be obtained.
cam.ac.uk//UCAM-CL-TR-312
2017-07-13
Set theory for verification: II : Induction and
recursion
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-09
en
Text
UCAM-CL-TR-312
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-312.pdf
A theory of recursive definitions has been mechanized in
Isabelle’s Zermelo-Fraenkel (ZF) set theory. The objective is to
support the formalization of particular recursive definitions
for use in verification, semantics proofs and other
computational reasoning.
Inductively defined sets are expressed as least fixedpoints,
applying the Knaster-Tarski Theorem over a suitable set.
Recursive functions are defined by well-founded recursion and
its derivatives, such as transfinite recursion. Recursive data
structures are expressed by applying the Knaster-Tarski Theorem
to a set that is closed under Cartesian product and disjoint
sum.
Worked examples include the transitive closure of a relation,
lists, variable-branching trees and mutually recursive trees and
forests. The Schröder-Bernstein Theorem and the soundness of
propositional logic are proved in Isabelle sessions.
cam.ac.uk//UCAM-CL-TR-313
2021-04-27
Proof by pointing
Bertot, Yves
Kahn, Gilles
Théry, Laurent
University of Cambridge, Computer Laboratory
1993-10
en
Text
UCAM-CL-TR-313
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-313.pdf
A number of very powerful and elegant computer programs to
assist in making formal proofs have been developed. While these
systems incorporate ever more sophisticated tactics, proofs that
can be carried out without any user directions are the
exception. In this paper we present a principle called proof by
pointing that allows the user to guide the proof process using
the mouse in the user-interface. This idea is widely applicable
and has been implemented by the authors in user-interfaces for
several proof development systems.
cam.ac.uk//UCAM-CL-TR-314
2016-07-22
Practical unification-based parsing of natural
language
Carroll, John Andrew
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-314
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-314.ps.gz
The thesis describes novel techniques and algorithms for the
practical parsing of realistic Natural Language (NL) texts with
a wide-coverage unification-based grammar of English. The thesis
tackles two of the major problems in this area: firstly, the
fact that parsing realistic inputs with such grammars can be
computationally very expensive, and secondly, the observation
that many analyses are often assigned to an input, only one of
which usually forms the basis of the correct interpretation.
The thesis starts by presenting a new unification algorithm,
justifies why it is well-suited to practical NL parsing, and
describes a bottom-up active chart parser which employs this
unification algorithm together with several other novel
processing and optimisation techniques. Empirical results
demonstrate that an implementation of this parser has
significantly better practical performance than a comparable,
state-of-the-art unification-based parser. Next, techniques for
computing an LR table for a large unification grammar are
described, a context free non-deterministic LR parsing algorithm
is presented which has better time complexity than any
previously reported using the same approach, and a
unification-based version is derived. In experiments, the
performance of an implementation of the latter is shown to
exceed both the chart parser and also that of another efficient
LR-like algorithm recently proposed.
Building on these methods, a system for parsing text taken from
a given corpus is described which uses probabilistic techniques
to identify the most plausible syntactic analyses for an input
from the often large number licensed by the grammar. New
techniques implemented include an incremental approach to
semi-supervised training, a context-sensitive method of scoring
sub-analyses, the accurate manipulation of probabilities during
parsing, and the identification of the highest ranked analyses
without exhaustive search. The system attains a similar success
rate to approaches based on context-free grammar, but produces
analyses which are more suitable for semantic processing.
The thesis includes detailed analyses of the worst-case space
and time complexities of all the main algorithms described, and
discusses the practical impact of the theoretical complexity
results.
cam.ac.uk//UCAM-CL-TR-315
2016-07-22
Strategy generation and evaluation for meta-game
playing
Pell, Barney Darryl
University of Cambridge, Computer Laboratory
1993-11
en
Text
UCAM-CL-TR-315
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-315.ps.gz
Meta-Game Playing (METAGAME) is a new paradigm for research in
game-playing in which we design programs to take in the rules of
unknown games and play those games without human assistance.
Strong performance in this new paradigm is evidence that the
program, instead of its human designer, has performed the
analysis of each specific game.
SCL-METAGAME is a concrete METAGAME research problem based
around the class of symmetric chess-like games. The class
includes the games of chess, checkers, noughts and crosses,
Chinese-chess, and Shogi. An implemented game generator produces
new games in this class, some of which are objects of interest
in their own right.
METAGAMER is a program that plays SCL-METAGAME. The program
takes as input the rules of a specific game and analyses those
rules to construct for that game an efficient representation and
an evaluation function, both for use with a generic search
engine. The strategic analysis performed by the program relates
a set of general knowledge sources to the details of the
particular game. Among other properties, this analysis
determines the relative value of the different pieces in a given
game. Although METAGAMER does not learn from experience, the
values resulting from its analysis are qualitatively similar to
values used by experts on known games, and are sufficient to
produce competitive performance the first time the program
actually plays each game it is given. This appears to be the
first program to have derived useful piece values directly from
analysis of the rules of different games.
Experiments show that the knowledge implemented in METAGAMER is
useful on games unknown to its programmer in advance of the
competition and make it seem likely that future programs which
incorporate learning and more sophisticated active-analysis
techniques will have a demonstrable competitive advantage on
this new problem. When playing the known games of chess and
checkers against humans and specialised programs, METAGAMER has
derived from more general principles some strategies which are
familiar to players of those games and which are hard-wired in
many game-specific programs.
cam.ac.uk//UCAM-CL-TR-316
2017-07-06
The Compleat LKB
Copestake, Ann
University of Cambridge, Computer Laboratory
1993-08
en
Text
UCAM-CL-TR-316
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-316.ps.gz
This report is a full description of the lexical knowledge base
system (LKB) and the representation language (LRL) developed on
the Esprit ACQUILEX project. The LKB system is designed to allow
the representation of multilingual lexical information in a way
which integrates lexical semantics with syntax and formal
semantics. The LRL is a typed feature structure language which
makes it possible to represent the lexicon as a highly
structured object and to capture relationships between
individual word senses by (default) inheritance and by lexical
rules. The extension to multilingual representation allows a
concise and natural description of translation mismatches. Most
of this report consists of a detailed formal description of the
LRL — this is augmented with appendices containing the user
manual, an implementation outline and a discussion of some of
the algorithms used, and a bibliography of papers which describe
the LKB and its use within ACQUILEX. (Some of this material has
been published previously, but is included here to make this
report a convenient reference source.)
cam.ac.uk//UCAM-CL-TR-317
2022-07-29
Femto-VHDL: the semantics of a subset of VHDL and its
embedding in the HOL proof assistant
Van Tassel, John Peter
University of Cambridge, Computer Laboratory
1993-11
en
Text
UCAM-CL-TR-317
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-317.pdf
The design of digital devices now resembles traditional computer
programming. Components are specified in a specialised form of
programming language known as a Hardware Description Language.
Programs written in such languages are then executed to simulate
the behaviour of the hardware they describe. These simulations
cannot be exhaustive in most situations, so result in high, yet
incomplete, confidence that the proper behaviour has been
achieved.
The formal analysis of programming languages provides ways of
mathematically proving properties of programs. These properties
apply to behaviours resulting from all possible inputs rather
then just a subset of them. The prerequisite for such an
analysis is a formal understanding of the semantics of the
language.
The Very High Speed Hardware Description Language (VHDL) is
currently used to specify and simulate a wide range of digital
devices. The language has no formal mathematical semantics as
part of its definition, hence programs written in it have not
been amenable to formal analysis.
The work presented here defines a structural operational
semantics for a subset of VHDL. The semantics is then embedded
in a mechanical proof assistant. This mechanisation allows one
not only to reason about individual programs but also to express
equivalences between programs. Examples which highlight the
methodology used in this reasoning are provided as a series of
case studies.
cam.ac.uk//UCAM-CL-TR-318
2016-07-22
A method of program refinement
Grundy, Jim
University of Cambridge, Computer Laboratory
1993-11
en
Text
UCAM-CL-TR-318
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-318.ps.gz
A method of specifying the desired behaviour of a computer
program, and of refining such specifications into imperative
programs is proposed. The refinement method has been designed
with the intention of being amenable to tool support, and of
being applicable to real-world refinement problems.
Part of the refinement method proposed involves the use of a
style of transformational reasoning called ‘window inference’.
Window inference is particularly powerful because it allows the
information inherent in the context of a subexpression to be
used in its transformation. If the notion of transformational
reasoning is generalised to include transformations that
preserve relationships weaker than equality, then program
refinement can be regarded as a special case of transformational
reasoning. A generalisation of window inference is described
that allows non-equivalence preserving transformations. Window
inference was originally proposed independently from, and as an
alternative to, traditional styles of reasoning. A
correspondence between the generalised version of window
inference and natural deduction is described. This
correspondence forms the basis of a window inference tool that
has been built on top of the HOL theorem proving system.
This dissertation adopts a uniform treatment of specifications
and programs as predicates. A survey of the existing approaches
to the treatment of programs as predicates is presented. A new
approach is then developed based on using predicates of a
three-valued logic. This new approach can distinguish more
easily between specifications of terminating and nonterminating
behaviour than can the existing approaches.
A method of program refinement is then described by combining
the unified treatment of specifications and programs as
three-valued predicates with the window inference style of
transformational reasoning. The result is a simple method of
refinement that is well suited to the provision of tool support.
The method of refinement includes a technique for developing
recursive programs. The proof of such developments is usually
complicated because little can be assumed about the form and
termination properties of a partially developed program. These
difficulties are side-stepped by using a simplified meaning for
recursion that compels the development of terminating programs.
Once the development of a program is complete, the simplified
meaning for recursion is refined into the true meaning.
The dissertation concludes with a case study which presents the
specification and development of a simple line-editor. The case
study demonstrates the applicability of the refinement method to
real-world problems. The line editor is a nontrivial example
that contains features characteristic of large developments,
including complex data structures and the use of data
abstraction. Examination of the case study shows that window
inference offers a convenient way of structuring large
developments.
cam.ac.uk//UCAM-CL-TR-319
2016-07-22
A workstation architecture to support
multimedia
Hayter, Mark David
University of Cambridge, Computer Laboratory
1993-11
en
Text
UCAM-CL-TR-319
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-319.ps.gz
The advent of high speed networks in the wide and local area
enables multimedia traffic to be easily carried between
workstation class machines. The dissertation considers an
architecture for a workstation to support such traffic
effectively. In addition to presenting the information to a
human user the architecture allows processing to be done on
continuous media streams.
The proposed workstation architecture, known as the Desk Area
Network (DAN), extends ideas from Asynchronous Transfer Mode
(ATM) networks into the end-system. All processors and devices
are connected to an ATM interconnect. The architecture is shown
to be capable of supporting both multimedia data streams and
more traditional CPU cache line traffic. The advocated extension
of the CPU cache which allows caching of multimedia data streams
is shown to provide a natural programming abstraction and a
mechanism for synchronising the processor with the stream.
A prototype DAN workstation has been built. Experiments have
been done to demonstrate the features of the architecture. In
particular the use of the DAN as a processor-to-memory
interconnect is closely studied to show the practicality of
using ATM for cache line traffic in a real machine. Simple
demonstrations of the stream cache ideas are used to show its
utility in future applications.
cam.ac.uk//UCAM-CL-TR-320
2017-07-13
A fixedpoint approach to implementing (co)inductive
definitions (updated version)
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-320
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-320.pdf
Several theorem provers provide commands for formalizing
recursive datatypes or inductively defined sets. This paper
presents a new approach, based on fixedpoint definitions. It is
unusually general: it admits all monotone inductive definitions.
It is conceptually simple, which has allowed the easy
implementation of mutual recursion and other conveniences. It
also handles coinductive definitions: simply replace the least
fixedpoint by a greatest fixedpoint. This represents the first
automated support for coinductive definitions.
The method has been implemented in Isabelle’s formalization of
ZF set theory. It should be applicable to any logic in which the
Knaster-Tarski Theorem can be proved. The paper briefly
describes a method of formalizing non-well-founded data
structures in standard ZF set theory.
Examples include lists of n elements, the accessible part of a
relation and the set of primitive recursive functions. One
example of a coinductive definition is bisimulations for lazy
lists. Recursive datatypes are examined in detail, as well as
one example of a “codatatype”: lazy lists. The appendices are
simple user’s manuals for this Isabelle/ZF package.
cam.ac.uk//UCAM-CL-TR-321
2017-07-06
Relational properties of domains
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1993-12
en
Text
UCAM-CL-TR-321
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-321.ps.gz
New tools are presented for reasoning about properties of
recursively defined domains. We work within a general,
category-theoretic framework for various notions of ‘relation’
on domains and for actions of domain constructors on relations.
Freyd’s analysis of recursive types in terms of a property of
mixed initiality/finality is transferred to a corresponding
property of invariant relations. The existence of invariant
relations is proved under completeness assumptions about the
notion of relation. We show how this leads to simpler proofs of
the computational adequacy of denotational semantics for
functional programming languages with user-declared datatypes.
We show how the initiality/finality property of invariant
relations can be specialized to yield an induction principle for
admissible subsets of recursively defined domains, generalizing
the principle of structural induction for inductively defined
sets. We also show how the initiality/finality property gives
rise to the co-induction principle studied by the author (in
UCAM-CL-TR-252), by which equalities between elements of
recursively defined domains may be proved via an appropriate
notion of ‘bisimulation’.
cam.ac.uk//UCAM-CL-TR-322
2022-09-16
Supporting distributed realtime computing
Li, Guangxing
University of Cambridge, Computer Laboratory
1993-12
en
Text
UCAM-CL-TR-322
ISSN 1476-2986
Computers have been used for realtime systems for almost 50
years. However, it is only recently that computer research
institutions are becoming interested in realtime computing,
realizing the significance of realtime systems and their
increasing practical importance. Realtime systems engineering
still faces many challenges: current systems concepts and
functions are unfavourable for the development of a general and
consistent framework for realtime systems engineering. The
realtime problem domain has also been further complicated by the
rapid spread of distributed computing.
This dissertation is concerned with the design and construction
of a distributed system environment for supporting realtime
applications. The contributions range from high-level
programming abstractions down to an operating system kernel
interface through the detailed engineering tradeoffs required to
create, implement, and integrate the mechanisms within the
environment. The contributions consist of a realtime programming
model, a timed RPC protocol, a temporal synchronisation facility
and empirical validations.
The realtime programming model provides a framework to
facilitate the enforcement of the stringent timing constraints
found in distributed realtime applications. The model
incorporates tasks and communication channels as its basic
programming components. It synthesises aspects of resource
requirements, resource allocation and resource scheduling into
an object based programming paradigm.
The development of the timed RPC protocol allows a programmer to
express and enforce reasonable timing requirements (representing
different tradeoffs between consistency and strictness) with
object invocations.
The definition and infrastructure support of the timed automata
to provide a temporal synchronisation facility. This facility
contributes to the understanding of temporal synchronisations in
a distributed world.
A prototype implementation of the system environment has been
constructed and used to evaluate the feasibility of the
architectural concepts of the system.
cam.ac.uk//UCAM-CL-TR-323
2021-04-26
Representing higher-order logic proofs in HOL
von Wright, J.
University of Cambridge, Computer Laboratory
1994-01
en
Text
UCAM-CL-TR-323
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-323.pdf
When using a theorem prover based on classical logic, such as
HOL [2], we are generally interested in the facts that are
proved (the theorems) than in the way in which they were proved
(the proofs). However we may be interested in checking the
correctness of the proofs. Since machine-generated proofs are
generaly very long we need a computer program, a proof checker,
to do this. However, we would also want the correctness of the
proof checker to be verified formally. One way of doing this is
by specifying it in a mechanised logic (such as that of the HOL
system) and then doing a correctness proof in that logic. While
this may seem circular, it is acceptable provided we have a
theory of proofs embedded in the logic.
This paper describes an attempt to formalise the notion of HOL
proofs within HOL. The aim is to be able to verify (inside HOL)
that what is claimed to be a proof really is a proof.
cam.ac.uk//UCAM-CL-TR-324
2021-04-26
Verifying modular programs in HOL
von Wright, J.
University of Cambridge, Computer Laboratory
1994-01
en
Text
UCAM-CL-TR-324
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-324.pdf
This paper describes a methodology for verifying imperative
programs that are modular, i.e., built using separately defined
functions and procedures.
The verification methodology is based on a simple programming
notation with a weak precondition semantics. This notation has
been semantically embedded in the HOL theorem prover [3] and a
number of laws have been derived from the semantics.
These semantic laws are used to prove the correctness of
functional procedures, by showing that a call to the procedure
in question is equivalent to a call to the corresponding
function as it is defined in the logic. This makes it possible
to specify a program in an essentially functional style, but the
functions are then implemented as imperative procedures (like
user-defined functions in FORTRAN or Pascal).
We also show how to define non-functional procedures and calls
to such procedures. Procedures may be recursive. Altogether,
this gives us a basis for mechanical verification of modular
imperative programs.
cam.ac.uk//UCAM-CL-TR-325
2016-07-22
The temporal properties of English conditionals and
modals
Crouch, Richard
University of Cambridge, Computer Laboratory
1994-01
en
Text
UCAM-CL-TR-325
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-325.pdf
This thesis deals with the patterns of temporal reference
exhibited by conditional and modal sentences in English, and
specifically with the way that past and present tenses can
undergo deictic shift in these contexts. This shifting behaviour
has consequences both for the semantics of tense and for the
semantics of conditionals and modality.
Asymmetries in the behaviour of the past and present tenses
under deictic shift are explained by positing a primary and
secondary deictic centre for tenses. The two deictic centres,
the assertion time and the verification time, are given
independent motivation through an information based view of
tense. This holds that the tense system not only serves to
describe the way that the world changes over time, but also the
way that information about the world changes. Information change
takes place in two stages. First, it is asserted that some fact
holds. And then, either at the same time or later, it is
verified that is assertion is correct.
Typically, assertion and verification occur simultaneously, and
most sentences convey verified information. Modals and
conditionals allow delayed assertion and verification. “If A,
then B” means roughly: suppose you were now to assert A; if and
when A is verified, you will be in a position to assert B, and
in due course this assertion will also be verified. Since A and
B will both be tensed clauses, the shifting of the primary and
secondary deictic centres leads to shifted interpretations of
the two clauses.
The thesis presents a range of temporal properties of indicative
and subjunctive conditionals that have not previously been
discussed, and shows how they can be explained. A logic is
presented for indicative conditionals, based around an extension
of intuitionistic logic to allow for both verified and
unverified assertions. This logic naturally gives rise to three
forms of epistemic modality, corresponding to “must”, “may” and
“will”.
cam.ac.uk//UCAM-CL-TR-326
2016-07-22
A modular and extensible network storage
architecture
Lo, Sai-Lai
University of Cambridge, Computer Laboratory
1994-01
en
Text
UCAM-CL-TR-326
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-326.ps.gz
Most contemporary distributed file systems are not designed to
be extensible. This work asserts that the lack of extensibility
is a problem because:
– New data types, such as continuous-medium data and structured
data, are significantly different from conventional unstructured
data, such as text and binary, that contemporary distributed
file systems are built to support.
– Value-adding clients can provide functional enhancements, such
as convenient and reliable persistent programming and automatic
and transparent file indexing, but cannot be integrated smoothly
with contemporary distributed file systems.
– New media technologies, such as the optical jukebox and RAID
disk, can extend the scale and performance of a storage service
but contemporary distributed file systems do not have a clear
framework to incorporate these new technologies and to provide
the necessary user level transparency.
Motivated by these observations, the new network storage
architecture (MSSA) presented in this dissertation, is designed
to be extensible. Design modularity is taken as the key to
achieve service extensibility. This dissertation examines a
number of issues related to the design of the architecture. New
ideas, such as a flexible access control mechanism based on
temporary capabilities, a low level storage substrate that uses
non-volatile memory to provide atomic update semantics at high
performance, a concept of sessions to differentiate performance
requirements of different data types, are introduced. Prototype
implementations of the key components are evaluated.
cam.ac.uk//UCAM-CL-TR-327
2021-05-07
A new application for explanation-based generalisation
within automated deduction
Baker, Siani L.
University of Cambridge, Computer Laboratory
1994-02
en
Text
UCAM-CL-TR-327
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-327.pdf
Generalisation is currently a major theorem-proving problem.
This paper proposes a new method of generalisation, involving
the use of explanation-based generalisation within a new domain,
which may succeed when other methods fail. The method has been
implemented for simple arithmetical examples.
cam.ac.uk//UCAM-CL-TR-328
2022-09-16
The formal verification of the Fairisle ATM switching
element: an overview
Curzon, Paul
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-328
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-328.pdf
We give an overview of the formal verification of an
implementation of a self routing ATM switching element. This
verification was performed using the HOL90 theorem proving
system so is fully machine checked. The switching element is in
use in a real network, switching real data. Thus, this work
constitutes a realistic formal verification case study. We give
an informal overview of the switch and element and give a
tutorial on the methods used. We outline how these techniques
were applied to verify the switching element. We then discuss
the time spent on the verification. This was comparable to the
time spent designing and testing the element. Finally we
describe the errors discovered.
cam.ac.uk//UCAM-CL-TR-329
2022-09-16
The formal verification of the Fairisle ATM switching
element
Curzon, Paul
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-329
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-329.pdf
We describe the formal verification of an implementation of the
switching element of the fairisle ATM switch. This verification
was performed using the HOL90 theorem proving system so is fully
machine-checked. We give here all the definitions used in the
verification together with the main correctness theorems proved.
Fairisle switches are in use in a working network, switching
real data. Thus, this work constitutes a realistic formal
verification case study.
cam.ac.uk//UCAM-CL-TR-330
2016-07-22
Interacting with paper on the DigitalDesk
Wellner, Pierre David
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-330
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-330.pdf
In the 1970’s Xerox PARC developed the “desktop metaphor,” which
made computers easy to use by making them look and act like
ordinary desks and paper. This led visionaries to predict the
“paperless office” would dominate within a few years, but the
trouble with this prediction is that people like paper too much.
It is portable, tactile, universally accepted, and easier to
read than a screen. Today, we continue to use paper, and
computers produce more of it than they replace.
Instead of trying to use computers to replace paper, the
DigitalDesk takes the opposite approach. It keeps the paper, but
uses computers to make it more powerful. It provides a Computer
Augmented Environment for paper.
The DigitalDesk is built around an ordinary physical desk and
can be used as such, but it has extra capabilities. A video
camera is mounted above the desk, pointing down at the work
surface. This camera’s output is fed through a system that can
detect where the user is pointing, and it can read documents
that are placed on the desk. A computer-driven electronic
projector is also mounted above the desk, allowing the system to
project electronic objects onto the work surface and onto real
paper documents — something that can’t be done with flat display
panels or rear-projection. The system is called DigitalDesk
because it allows pointing with the fingers.
Several applications have been prototyped on the DigitalDesk.
The first was a calculator where a sheet of paper such as an
annual report can be placed on the desk allowing the user to
point at numbers with a finger or pen. The camera reads the
numbers off the paper, recognizes them, and enters them into the
display for further calculations. Another is a translation
system which allows users to point at unfamiliar French words to
get their English definitions projected down next to the paper.
A third is a paper-based paint program (PaperPaint) that allows
users to sketch on paper using traditional tools, but also be
able to select and paste these sketches with the camera and
projector to create merged paper and electronic documents. A
fourth application is the DoubleDigitalDesk, which allows remote
colleagues to “share” their desks, look at each other’s paper
documents and sketch on them remotely.
This dissertation introduces the concept of Computer Augmented
Environments, describes the DigitalDesk and applications for it,
and discusses some of the key implementation issues that need to
be addressed to make this system work. It describes a toolkit
for building DigitalDesk applications, and it concludes with
some more ideas for future work.
cam.ac.uk//UCAM-CL-TR-331
2021-01-04
HPP: a hierarchical propagation protocol for large scale
replication in wide area networks
Adly, Noha
Kumar, Akhil
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-331
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-331.pdf
This paper describes a fast, reliable, scalable and efficient
propagation protocol for weak-consistency replica management.
This protocol can be used to implement a bulletin board service
such as the Usenet news on the Internet. It is based on
organizing the nodes in a network into a logical hierarchy, and
maintaining a limited amount of state information at each node.
It ensures that messages are not lost due to failures or
partitions once they are repaired and minimizes redundancy.
Further the protocol allows messages to be diffused while nodes
are down provided the parent and child nodes of a failed node
are alive. Moreover the protocol allows nodes to be moved in the
logical hierarchy, and the network to be restructured
dynamically in order to improve performance while still ensuring
that no messages are lost while the switch takes place and
without disturbing normal operation.
cam.ac.uk//UCAM-CL-TR-332
2022-07-29
Distributed computing with objects
Evers, David Martin
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-332
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-332.pdf
Distributed systems and object-based programming are now
beginning to enter the mainstream of computing practice. These
developments have the potential to simplify the distributed
application programmer’s task considerably, but current systems
impose unnecessary burdens. Distributed operating systems
provide palatable message passing between remote processes but
leave the preparation and interpretation of the messages to
application code. Remote procedure call systems use familiar
language-level concepts to hide distribution, but the
awkwardness of service creation and binding discourages the use
of transient objects. Finally, object-based programming
languages which support distribution often ignore the
possibility of failures and do not efficiently accommodate
heterogeneity.
This dissertation discusses the design, implementation and
evaluation of a practical system for network objects which
addresses these problems for a representative programming
language (Modula-3) and distributed computing environment (the
ANSA testbench). We propose that language level objects should
explicitly represent bindings to potentially remote access
points (interfaces), which are sufficiently lightweight that
they can be used as transient handles for shared state. Our
system uses local objects to stand for remote services and local
method call to cause remote operation invocation. Within a
process, concurrency control is provided by familiar
language-level facilities. The local programming language’s
object type system is made to represent the global service type
system in a natural way. We support dynamic creation of service
interfaces and the transmission of network object references in
invocations. We allow the dynamic types of network object
references to propagate between separate programs. Finally we
provide automatic, fault-tolerant and efficient distributed
garbage collection of network objects. In each case, we discuss
the requirements of a useful design and the tradeoffs necessary
in a real implementation. Our implementation runs on stock
systems connected by standard local and wide area networks and
internetworking protocols. We believe our approach would support
additional library-level tools for security, stable storage,
distributed transactions and transparent service replication,
though we have not pursued this.
The dissertation demonstrates that it is practical to retain
many important amenities of modern programming languages when
providing support for the construction of applications in a
heterogeneous and evolving distributed system.
cam.ac.uk//UCAM-CL-TR-333
2021-05-07
What is a categorical model of intuitionistic linear
logic?
Bierman, G.M.
University of Cambridge, Computer Laboratory
1994-04
en
Text
UCAM-CL-TR-333
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-333.pdf
This paper re-addresses the old problem of providing a
categorical model for Intuitionistic Linear Logic (ILL). In
particular we compare the new standard model proposed by Seely
to the lesser known one proposed by Benton, Bierman, Hyland and
de Paiva. Surprisingly we find that Seely’s model is unsound in
that it does not preserve equality of proofs — we shall give
some examples of equal proofs which do not seem to be modelled
as equal morphisms in the category. We shall propose how to
adapt Seely’s definition so as to correct these problems and
consider how this compares with the model due to Benton et al.
cam.ac.uk//UCAM-CL-TR-334
2017-07-13
A concrete final coalgebra theorem for ZF set
theory
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-334
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-334.pdf
A special final coalgebra theorem, in the style of Aczel (1988),
is proved within standard Zermelo-Fraenkel set theory. Aczel’s
Anti-Foundation Axiom is replaced by a variant definition of
function that admits non-well-founded constructions. Variant
ordered pairs and tuples, of possibly infinite length, are
special cases of variant functions. Analogues of Aczel’s
Solution and Substitution Lemmas are proved in the style of
Rutten and Turi (1993).
The approach is less general than Aczel’s; non-well-founded
objects can be modelled only using the variant tuples and
functions. But the treatment of non-well-founded objects is
simple and concrete. The final coalgebra of a functor is its
greatest fixedpoint. The theory is intended for machine
implementation and a simple case of it is already implemented
using the theorem prover Isabelle.
cam.ac.uk//UCAM-CL-TR-335
2017-07-13
Video mail retrieval using voice: report on keyword
definition and data collection (deliverable report on VMR task
No. 1)
Jones, G.J.F.
Foote, J.T.
Spärck Jones, K.
Young, S.J.
University of Cambridge, Computer Laboratory
1994-04
en
Text
UCAM-CL-TR-335
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-335.pdf
This report describes the rationale, design, collection and
basic statistics of the initial training and test database for
the Cambridge Video Mail Retrieval (VMR) project. This database
is intended to support both training for the wordspotting
processes and testing for the document searching methods using
these that are being developed for the project’s message
retrieval task.
cam.ac.uk//UCAM-CL-TR-336
2021-05-07
Towards a proof theory of rewriting: the simply-typed
2-λ calculus
Hilken, Barnaby P.
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-336
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-336.pdf
This paper describes the simply typed 2-λ-calculus, a language
with three levels, types, terms and rewrites. The types and
terms are those of the simply typed λ-calculus, and the rewrites
are expressions denoting sequences of β-reductions and
η-expansions. An equational theory is imposed on the rewrites,
based on 2-categorical justifications, and the word problem for
this theory is solved by finding a canonical expression in each
equivalence class.
The canonical form of rewrites allows us to prove several
properties of the calculus, including a strong form of
confluence and a classification of the long-β-η-normal forms in
terms of their rewrites. Finally we use these properties as the
basic definitions of a theory of categorical rewriting, and find
that the expected relationships between confluence, strong
normalisation and normal forms hold.
cam.ac.uk//UCAM-CL-TR-337
2016-07-22
Efficiency in a fully-expansive theorem
prover
Boulton, Richard John
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-337
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-337.dvi.gz
The HOL system is a fully-expansive theorem prover: Proofs
generated in the system are composed of applications of the
primitive inference rules of the underlying logic. This has two
main advantages. First, the soundness of the system depends only
on the implementations of the primitive rules. Second, users can
be given the freedom to write their own proof procedures without
the risk of making the system unsound. A full functional
programming language is provided for this purpose. The
disadvantage with the approach is that performance is
compromised. This is partly due to the inherent cost of fully
expanding a proof but, as demonstrated in this thesis, much of
the observed inefficiency is due to the way the derived proof
procedures are written.
This thesis seeks to identify sources of non-inherent
inefficiency in the HOL system and proposes some general-purpose
and some specialised techniques for eliminating it. One area
that seems to be particularly amenable to optimisation is
equational reasoning. This is significant because equational
reasoning constitutes large portions of many proofs. A number of
techniques are proposed that transparently optimise equational
reasoning. Existing programs in the HOL system require little or
no modification to work faster.
The other major contribution of this thesis is a framework in
which part of the computation involved in HOL proofs can be
postponed. This enables users to make better use of their time.
The technique exploits a form of lazy evaluation. The critical
feature is the separation of the code that generates the
structure of a theorem from the code that justifies it
logically. Delaying the justification allows some non-local
optimisations to be performed in equational reasoning. None of
the techniques sacrifice the security of the fully-expansive
approach.
A decision procedure for a subset of the theory of linear
arithmetic is used to illustrate many of the techniques.
Decision procedures for this theory are commonplace in theorem
provers due to the importance of arithmetic reasoning. The
techniques described in the thesis have been implemented and
execution times are given. The implementation of the arithmetic
procedure is a major contribution in itself. For the first time,
users of the HOL system are able to prove many arithmetic lemmas
automatically in a practical amount of time (typically a second
or two).
The applicability of the techniques to other fully-expansive
theorem provers and possible extensions of the ideas are
considered.
cam.ac.uk//UCAM-CL-TR-338
2022-07-29
A new approach to implementing atomic data
types
Wu, Zhixue
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-338
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-338.pdf
Many researchers have suggested the atomic data type approach to
maintaining data consistency in a system. In this approach
atomicity is ensured by the data objects that are shared by
concurrent activities. By using the semantics of the operations
of the shared objects, greater concurrency among activities can
be permitted. In addition, by encapsulating synchronisation and
recovery in the implementation of the shared objects, modularity
can be enhanced. Existing systems support user-defined atomic
data types in an explicit approach. They either permit limited
semantics to be presented thus providing less concurrency, or
permit a high level of semantics to be presented but in an
encapsulated way, thus resulting in a complicated
implementation. This research was done to make the
implementation of user-defined atomic data types simple,
efficient, while still permitting great concurrency.
The research aims to lessen the programmer’s burden by
supporting an implicit approach for implementing atomic data
types. It permits a high level of semantics to be specified in a
declarative way, which makes the implementation of user defined
atomic data types as simple as in a sequential environment. A
special concurrency control mechanism is implemented by the
system. By using type inheritance, user-defined atomic data
types can use the mechanism directly to provide local atomicity
for their objects. A language has been developed for specifying
the conflicts between object operations. Since the concurrency
control mechanism can take operation semantics into account, the
approach permits great concurrency.
To support the implicit approach, an appropriate concurrency
control protocol must be proposed which can take advantage of
operation semantics to increase concurrency and which can be
implemented independently from user-defined atomic data types.
Such a protocol, called the dual-level validation method, is
presented and verified in this thesis. The method can make use
of the parameters and results of object operations to achieve
great concurrency. In addition, it also provides great internal
concurrency by permitting operations to take place on an object
concurrently.
The prototyping of the implicit approach in a persistent
programming language called PC++ is described. The feasibility
of the approach is shown by an application, namely a naming
database for an active badge system. Some related issues are
also addressed in the thesis such as remote object invocation,
distributed transaction commitment and data persistence.
cam.ac.uk//UCAM-CL-TR-339
2017-07-13
Belief revision and dialogue management in information
retrieval
Logan, Brian
Reece, Steven
Cawsey, Alison
Galliers, Julia
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-339
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-339.pdf
This report describes research to evaluate a theory of belief
revision proposed by Galliers in the context of
information-seeking interaction as modelled by Belkin, Brooks
and Daniels and illustrated by user-librarian dialogues. The
work covered the detailed assessment and development, and
computational implementation and testing, of both the belief
revision theory and the information retrieval model. Some
features of the belief theory presented problems, and the
original ‘multiple expert’ retrieval model had to be drastically
modified to support rational dialogue management. But the
experimental results showed that the characteristics of
literature seeking interaction could be successfully captured by
the belief theory, exploiting important elements of the
retrieval model. Thus, though the system’s knowledge and
dialogue performance were very limited, it provides a useful
base for further research. The report presents all aspects of
the research in detail, with particular emphasis on the
implementation of belief and intention revision, and the
integration of revision with domain reasoning and dialogue
interaction.
cam.ac.uk//UCAM-CL-TR-340
2016-07-22
Operating system support for quality of
service
Hyden, Eoin Andrew
University of Cambridge, Computer Laboratory
1994-06
en
Text
UCAM-CL-TR-340
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-340.pdf
The deployment of high speed, multiservice networks within the
local area has meant that it has become possible to deliver
continuous media data to a general purpose workstation. This, in
conjunction with the increasing speed of modern microprocessors,
means that it is now possible to write application programs
which manipulate continuous media in real-time. Unfortunately,
current operating systems do not provide the resource management
facilities which are required to ensure the timely execution of
such applications.
This dissertation presents a flexible resource management
paradigm, based on the notion of Quality of Service, with which
it is possible to provide the scheduling support required by
continuous media applications. The mechanisms which are required
within an operating system to support this paradigm are
described, and the design and implementation of a prototypical
kernel which implements them is presented.
It is shown that, by augmenting the interface between an
application and the operating system, the application can be
informed of varying resource availabilities, and can make use of
this information to vary the quality of its results. In
particular an example decoder application is presented, which
makes use of such information and exploits some of the
fundamental properties of continuous media data to trade video
image quality for the amount of processor time which it
receives.
cam.ac.uk//UCAM-CL-TR-341
2016-09-27
Presentation support for distributed multimedia
applications
Bates, John
University of Cambridge, Computer Laboratory
1994-06
en
Text
UCAM-CL-TR-341
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-341.ps.gz
Distributed computing environments can now support digital
continuous media (such as audio and video) in addition to still
media (such as text and pictures). The work presented in this
dissertation is motivated by the desire of application
developers to create applications which utilise these multimedia
environments. Many important application areas are emerging such
as Computer-Aided Instruction (CAI) and Computer-Supported
Cooperative Working (CSCW).
Building multimedia applications is currently a difficult and
time consuming process. At run-time, an application must manage
connections to a range of heterogeneous sevices to access data.
Building applications directly on top of environment specific
features roots them to those features. Continuous media
introduces new problems into application management such as
control of Quality of Service (QoS) and synchronisation of data
items. An application may also be required to analyse, process
or display data. Some multimedia applications are event-driven,
i.e. they must perform actions in response to asynchronous
run-time occurrences. They may also be required to control many
workspaces and involve multiple users.
The thesis of this dissertation is based on two principles.
Firstly, despite the heterogeneity between and within multimedia
environments, that their functionality should be provided in a
uniform way to application developers. By masking the control
differences with generic abstractions, applications can easily
be developed and ported. Secondly, that it is possible to
develop such abstractions to support a wide range of multimedia
applications. Extensible and configurable facilities can be
provided to access, and present multimedia data and to support
event-diven applications including cooperative ones.
The approach taken in this work is to provide a presentation
support platform. To application developers this platform offers
an authoring interface based on data modelling and specification
using a script language. Using these facilities, the parts of an
application involving interactive presentation of multimedia can
be specified. Services have been built to support the run-time
realisation of authored presentations on top of environments.
Experiments show that a wide range of applications can be
supported.
cam.ac.uk//UCAM-CL-TR-342
2016-07-22
An architecture for distributed user
interfaces
Freeman, Stephen Martin Guy
University of Cambridge, Computer Laboratory
1994-07
en
Text
UCAM-CL-TR-342
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-342.pdf
Computing systems have changed rapidly since the first graphical
user interfaces were developed. Hardware has become faster and
software architectures have become more flexible and more open;
a modern computing system consists of many communicating
machines rather than a central host. Understanding of
human-computer interaction has also become more sophisticated
and places new demands on interactive software; these include,
in particular, support for multi-user applications, continuous
media, and ‘ubiquitous’ computing. The layer which binds user
requirements and computing systems together, the user interface,
has not changed as quickly; few user interface architectures can
easily supportthe new requirements placed on them and few take
advantage of the facilities offered by advanced computing
systems.
Experiences of implementing systems with unusual user interfaces
has shown that current window system models are only a special
case of possible user interface architectures. These window
systems are too strongly tied to assumptions about how users and
computers interact to provide a suitable platform for further
evolution. Users and application builders may reasonably expect
to be able to use multiple input and output devices as their
needs arise. Experimental applications show that flexible user
interface architectures, which support multiple devices and
users, can be built without excessive implementation and
processing costs.
This dissertation describes Gemma, a model for a new generation
of interactive systems that are not confined to virtual
terminals but allows collections of independent devices to be
bound together for the task at hand. It provides mediated shared
access to basic devices and higher-level virtual devices so that
people can share computational facilities in the real world,
rather than in a virtual world. An example window system shows
how these features may be exploited to provide a flexible,
collaborative and mobile interactive environment.
cam.ac.uk//UCAM-CL-TR-344
2022-06-17
The contour tree image encoding technique and file
format
Turner, Martin John
University of Cambridge, Computer Laboratory
1994-07
en
Text
UCAM-CL-TR-344
ISSN 1476-2986
The process of contourization is presented which converts a
raster image into a discrete plateaux of contours. These
contours can be grouped into a hierarchical structure, defining
total spacial inclusion called a contour tree. A contour coder
has been developed which fully describes these contours in a
compact and efficient manner and is the basis for an image
compression method.
Simplification of the contour tree has been undertaken by
merging contour tree nodes thus lowering the contour tree’s
entropy. This can be exploited by the contour coder to increase
the image compression ratio. By applying general and simple
rules derived from physiological experiments on the human vision
system, lossy image compression can be achieved which minimises
noticable artifacts in the simplified image.
The contour merging technique offers a complementary lossy
compression system to the QDCT (Quantised Discrete Cosine
Transform). The artifacts introduced by the two methods are very
different; QDCT produces a general blurring and adds extra
highlights in the form of overshoots, whereas contour merging
sharpens edges, reduces highlights and introduces a degree of
false contouring.
A format based on the contourization technique which caters for
most image types is defined, called the contour tree image
format. Image operations directly on this compressed format have
been studied which for certain manipulations can offer
significant operational speed increases over using a standard
raster image format. A couple of examples of operations specific
to the contour tree format are presented showing some of the
features of the new format.
cam.ac.uk//UCAM-CL-TR-345
2021-05-10
A proof environment for arithmetic with the Omega
rule
Baker, Siani L.
University of Cambridge, Computer Laboratory
1994-08
en
Text
UCAM-CL-TR-345
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-345.pdf
An important technique for investigating the derivability in
formal systems of arithmetic has been to embed such systems into
semi-formal systems with the ω-rule. This paper exploits this
notion within the domain of automated theorem-proving and
discusses the implementation of such a proof environment, namely
the CORE system which implements a version of the primitive
recursive ω-rule. This involves providing an appropriate
representation for infinite proofs, and a means of verifying
properties of such objects. By means of the CORE system, from a
finite number of instances a conjecture of the proof of the
universally quantified formula is automatically derived by an
inductive inference algorithm, and checked for correctness. In
addition, candidates for cut formulae may be generated by an
explanation-based learning algorithm. This is an alternative
approach to reasoning about inductively defined domains from
traditionas structural induction, which may sometimes be more
intuitive.
cam.ac.uk//UCAM-CL-TR-346
2016-07-22
On intuitionistic linear logic
Bierman, G.M.
University of Cambridge, Computer Laboratory
1994-08
en
Text
UCAM-CL-TR-346
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-346.pdf
In this thesis we carry out a detailed study of the
(propositional) intuitionistic fragment of Girard’s linear logic
(ILL). Firstly we give sequent calculus, natural deduction and
axiomatic formulations of ILL. In particular our natural
deduction is different from others and has important properties,
such as closure under substitution, which others lack. We also
study the process of reduction in all three local formulations,
including a detailed proof of cut elimination. Finally, we
consider translations between Instuitionistic Logic (IL) and
ILL.
We then consider the linear term calculus, which arises from
applying the Curry-Howard correspondence to the natural
deduction formulation. We show how the various proof theoretic
formulations suggest reductions at the level of terms. The
properties of strong normalization and confluence are proved for
these reduction rules. We also consider mappings between the
extended λ-calculus and the linear term calculus.
Next we consider a categorical model for ILL. We show how by
considering the linear term calculus as an equational logic, we
can derive a model: a linear category. We consider two
alternative models: firstly, one due to Seely and then one due
to Lafont. Surprisingly, we find that Seely’s model is not
sound, in that equal terms are not modelled with equal
morphisms. We show how after adapting Seely’s model (by viewing
it in a more abstract setting) it becomes a particular instance
of a linear category. We show how Lafont’s model can also be
seen as another particular instance of a linear category.
Finally we consider various categories of coalgebras, whose
construction can be seen as a categorical equivalent of the
translation of IL into ILL.
cam.ac.uk//UCAM-CL-TR-347
2017-07-13
Reflections on TREC
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1994-07
en
Text
UCAM-CL-TR-347
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-347.ps.gz
This paper discusses the Text REtrieval Conferences (TREC)
programme as a major enterprise in information retrieval
research. It reviews its structure as an evaluation exercise,
characterises the methods of indexing and retrieval being tested
within it in terms of the approaches to system performance
factors these represent; analyses the test results for solid,
overall conclusions that can be drawn from them; and, in the
light of the particular features of the test data, assesses TREC
both for generally-applicable findings that emerge from it and
for directions it offers for future research.
cam.ac.uk//UCAM-CL-TR-348
2016-07-22
Integrated sound synchronisation for computer
animation
Hunter, Jane Louise
University of Cambridge, Computer Laboratory
1994-08
en
Text
UCAM-CL-TR-348
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-349
2018-03-27
A HOL interpretation of Noden
Graham, Brian
University of Cambridge, Computer Laboratory
1994-09
en
Text
UCAM-CL-TR-349
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-350
2021-05-10
Ten commandments of formal methods
Bowen, Jonathan P.
Hinchey, Michael G.
University of Cambridge, Computer Laboratory
1994-09
en
Text
UCAM-CL-TR-350
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-350.pdf
The formal methods community is in general very good at
undertaking research into the mathematical aspects of formal
methods, but not so good at promulgating the use of formal
methods in an engineering environment and at an industrial
scale. Technology transfer is an extremely important part of the
overall effort necessary in the acceptance of formal techniques.
This paper explores some of the more informal aspects of
applying formal methods and presents some maxims with associated
discussion that may help in the application of formal methods in
an industrial setting. A significant bibliography is included
providing pointers to more technical and detailed aspects.
cam.ac.uk//UCAM-CL-TR-351
2016-07-22
Handling realtime traffic in mobile networks
Biswas, Subir Kumar
University of Cambridge, Computer Laboratory
1994-09
en
Text
UCAM-CL-TR-351
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-351.ps.gz
The rapidly advancing technology of cellular communication and
wireless LAN makes ubiquitous computing feasible where the
mobile users can have access to the location independent
information and the computing resources. Multimedia networking
is another emerging technological trend of the 1990s and there
is an increasing demand for supporting continuous media traffic
in wireless personal communication environment. In order to
guarantee the strict performance requirements of realtime
traffic, the connection-oriented approaches are proving to be
more efficient compared to the conventional datagram based
networking. This dissertation deals with a network architecture
and its design issues for implementing the connection-oriented
services in a mobile radio environment.
The wired backbone of the proposed wireless LAN comprises of
high speed ATM switching elements, connected in a modular
fashion, where the new switches and the user devices can be
dynamically added and reconnected for maintaining a desired
topology. A dynamic reconfiguration protocol, which can cope
with these changing network topologies, is proposed for the
present network architecture. The details about a prototype
implementation of the protocol and a simulation model for its
performance evaluation are presented.
CSMA/AED, a single frequency and carrier sensing based protocol
is proposed for the radio medium access operations. A simulation
model is developed in order to investigate the feasibility of
this statistical and reliable access scheme for the proposed
radio network architecture. The effectiveness of a
per-connection window based flow control mechanism, for the
proposed radio LAN, is also investigated. A hybrid technique is
used, where the medium access and the radio data-link layers are
modelled using the mentioned simulator; an upper layer
end-to-end queueing model, involving flow dependent servers, is
solved using an approximate Mean Value Analysis technique which
is augmented for faster iterative convergence.
A distributed location server, for managing mobile users’
location information and for aiding the mobile connection
management tasks, is proposed. In order to hide the effects of
mobility from the non-mobile network entities, the concept of a
per-mobile software entity, known as a “representative”, is
introduced. A mobile connection management scheme is also
proposed for handling the end-to-end network layer connections
in the present mobile environment. The scheme uses the
representatives and a novel connection caching technique for
providing the necessary realtime traffic support
functionalities.
A prototype system, comprising of the proposed location and the
connection managers, has been built for demonstrating the
feasibility of the presented architecture for transporting
continuous media traffic. A set of experiments have been carried
out in order to investigate the impacts of various design
decisions and to identify the performance-critical parts of the
design.
cam.ac.uk//UCAM-CL-TR-352
2018-03-27
A mixed linear and non-linear logic: proofs, terms and
models
Benton, P.N.
University of Cambridge, Computer Laboratory
1994-10
en
Text
UCAM-CL-TR-352
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-353
2017-07-13
Merging HOL with set theory
Gordon, Mike
University of Cambridge, Computer Laboratory
1994-11
en
Text
UCAM-CL-TR-353
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-353.pdf
Set theory is the standard foundation for mathematics, but the
majority of general purpose mechanized proof assistants support
versions of type theory (higher order logic). Examples include
Alf, Automath, Coq, Ehdm, HOL, IMPS, Lambda, LEGO, Nuprl, PVS
and Veritas. For many applications type theory works well and
provides for specification the benefits of type-checking that
are well known in programming. However, there are areas where
types get in the way or seem unmotivated. Furthermore, most
people with a scientific or engineering background already know
set theory, whereas type theory may appear inaccessible and so
be an obstacle to the uptake of proof assistants based on it.
This paper describes some experiments (using HOL) in combining
set theory and type theory; the aim is to get the best of both
worlds in a single system. Three approaches have been tried, all
based on an axiomatically specified type V of ZF-like sets: (i)
HOL is used without any additions besides V; (ii) an embedding
of the HOL logic into V is provided; (iii) HOL axiomatic
theories are automatically translated into set-theoretic
definitional theories. These approaches are illustrated with two
examples: the construction of lists and a simple lemma in group
theory.
cam.ac.uk//UCAM-CL-TR-354
2018-05-10
Formalising a model of the λ-calculus in
HOL-ST
Agerholm, Sten
University of Cambridge, Computer Laboratory
1994-11
en
Text
UCAM-CL-TR-354
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-354.pdf
Many new theorem provers implement strong and complicated type
theories which eliminate some of the limitations of simple type
theories such as the HOL logic. A more accessible alternative
might be to use a combination of set theory and simple type
theory as in HOL-ST which is a version of the HOL system
supporting a ZF-like set theory in addition to higher order
logic. This paper presents a case study on the use of HOL-ST to
build a model of the λ-calculus by formalising the inverse limit
construction of domain theory. This construction is not possible
in the HOL system itself, or in simple type theories in general.
cam.ac.uk//UCAM-CL-TR-355
2017-07-13
Two cryptographic notes
Wheeler, David
Needham, Roger
University of Cambridge, Computer Laboratory
1994-11
en
Text
UCAM-CL-TR-355
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-355.pdf
A large block DES-like algorithm
DES was designed to be slow in software. We give here a DES type
of code which applies directly to single blocks comprising two
or more words of 32 bits. It is thought to be at least as secure
as performing DES separately on two word blocks, and has the
added advantage of not requiring chaining etc. It is about
8m/(12+2m) times as fast as DES for an m word block and has a
greater gain for Feistel codes where the number of rounds is
greater. We use the name GDES for the codes we discuss. The
principle can be used on any Feistel code.
TEA, a Tiny Encryption Algorithm
We design a short program which will run on most machines and
encypher safely. It uses a large number of iterations rather
than a complicated program. It is hoped that it can easily be
translated into most languages in a compatible way. The first
program is given below. It uses little set up time and does a
weak non linear iteration enough rounds to make it secure. There
are no preset tables or long set up times. It assumes 32 bit
words.
cam.ac.uk//UCAM-CL-TR-356
2017-07-13
Simple, proven approaches to text retrieval
Robertson, S.E.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1994-12
en
Text
UCAM-CL-TR-356
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-356.pdf
This technical note describes straightforward techniques for
document indexing and retrieval that have been solidly
established through extensive testing and are easy to apply.
They are useful for many different types of text material, are
viable for very large files, and have the advantage that they do
not require special skills or training for searching, but are
easy for end users.
cam.ac.uk//UCAM-CL-TR-357
2021-05-10
Seven more myths of formal methods
Bowen, Jonathan P.
Hinchey, Michael G.
University of Cambridge, Computer Laboratory
1994-12
en
Text
UCAM-CL-TR-357
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-357.pdf
For whatever reason, formal methods remain one of the more
contentious techniques in industrial software engineering.
Despite great increases in the number of organizations and
projects applying formal methods, it is still the case that the
vast majority of potential users of formal methods fail to
become actual users. A paper by Hall in 1990 examined a number
of ‘myths’ concerning formal methods, assumed by some to be
valid. This paper considers a few more beliefs held by many and
presents some counter examples.
cam.ac.uk//UCAM-CL-TR-358
2016-07-22
Multithreaded processor design
Moore, Simon William
University of Cambridge, Computer Laboratory
1995-02
en
Text
UCAM-CL-TR-358
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-359
2003-01-01
A case study of co-induction in Isabelle
Frost, Jacob
University of Cambridge, Computer Laboratory
1995-02
en
Text
UCAM-CL-TR-359
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-359.pdf
The consistency of the dynamic and static semantics for a small
functional programming language was informally proved by R.
Milner and M. Tofte. The notions of co-inductive definitions and
the associated principle of co-induction played a pivotal role
in the proof. With emphasis on co-induction, the work presented
here deals with the formalisation of this result in the generic
theorem prover Isabelle.
cam.ac.uk//UCAM-CL-TR-360
2017-07-13
On the calculation of explicit polymetres
Clocksin, W.F.
University of Cambridge, Computer Laboratory
1995-03
en
Text
UCAM-CL-TR-360
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-360.pdf
Computer scientists take an interest in objects or events which
can be counted, grouped, timed and synchronised. The
computational problems involved with the interpretation and
notation of musical rhythm are therefore of particular interest,
as the most complex time-stamped structures yet devised by
humankind are to be found in music notation. These problems are
brought into focus when considering explicit polymetric
notation, which is the concurrent use of different time
signatures in music notation. While not in common use the
notation can be used to specify complicated cross-rhythms,
simple versus compound metres, and unequal note values without
the need for tuplet notation. From a computational point of
view, explicit polymetric notation is a means of specifying
synchronisation relationships amongst multiple time-stamped
streams. Human readers of explicit polymetic notation use the
time signatures together with the layout of barlines and musical
events as clues to determine the performance. However, if the
aim is to lay out the notation (such as might be required by an
automatic music notation processor), the location of barlines
and musical events will be unknown, and it is necessary to
calculate them given only the information conveyed by the time
signatures. Similar problems arise when trying to perform the
notation (i.e. animate the specification) in real-time. Some
problems in the interpretation of explicit polymetric notation
are identified and a solution is proposed. Two different
interpretations are distinguished, and methods for their
automatic calculation are given. The solution given may be
applied to problems which involve the synchronisation or phase
adjustment of multiple independent threads of time-stamped
objects.
cam.ac.uk//UCAM-CL-TR-361
2016-07-22
Explicit network scheduling
Black, Richard John
University of Cambridge, Computer Laboratory
1995-04
en
Text
UCAM-CL-TR-361
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-361.ps.gz
This dissertation considers various problems associated with the
scheduling and network I/O organisation found in conventional
operating systems for effective support for multimedia
applications which require Quality of Service.
A solution for these problems is proposed in a micro-kernel
structure. The pivotal features of the proposed design are that
the processing of device interrupts is performed by user-space
processes which are scheduled by the system like any other, that
events are used for both inter- and intra-process
synchronisation, and the use of a specially developed high
performance I/O buffer management system.
An evaluation of an experimental implementation is included. In
addition to solving the scheduling and networking problems
addressed, the prototype is shown to out-perform the Wanda
system (a locally developed micro-kernel) on the same platform.
This dissertation concludes that it is possible to construct an
operating system where the kernel provides only the fundamental
job of fine grain sharing of the CPU between processes, and
hence synchronisation between those processes. This enables
processes to perform task specific optimisations; as a result
system performance is enhanced, both with respect to throughput
and the meeting of soft real-time guarantees.
cam.ac.uk//UCAM-CL-TR-362
2018-03-27
W-learning: competition among selfish
Q-learners
Humphrys, Mark
University of Cambridge, Computer Laboratory
1995-04
en
Text
UCAM-CL-TR-362
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-362.ps.gz
W-learning is a self-organising action-selection scheme for
systems with multiple parallel goals, such as autonomous mobile
robots. It uses ideas drawn from the subsumption architecture
for mobile robots (Brooks), implementing them with the
Q-learning algorithm from reinforcement learning (Watkins).
Brooks explores the idea of multiple sensing-and-acting agents
within a single robot, more than one of which is capable of
controlling the robot on its own if allowed. I introduce a model
where the agents are not only autonomous, but are in fact
engaged in direct competition with each other for control of the
robot. Interesting robots are ones where no agent achieves total
victory, but rather the state-space is fragmented among
different agents. Having the agents operate by Q-learning proves
to be a way to implement this, leading to a local, incremental
algorithm (W-learning) to resolve competition. I present a
sketch proof that this algorithm converges when the world is a
discrete, finite Markov decision process. For each state,
competition is resolved with the most likely winner of the state
being the agent that is most likely to suffer the most if it
does not win. In this way, W-learning can be viewed as ‘fair’
resolution of competition. In the empirical section, I show how
W-learning may be used to define spaces of agent-collections
whose action selection is learnt rather than hand-designed. This
is the kind of solution-space that may be searched with a
genetic algorithm.
cam.ac.uk//UCAM-CL-TR-363
2016-07-22
Names and higher-order functions
Stark, Ian
University of Cambridge, Computer Laboratory
1995-04
en
Text
UCAM-CL-TR-363
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-363.ps.gz
Many functional programming languages rely on the elimination of
‘impure’ features: assignment to variables, exceptions and even
input/output. But some of these are genuinely useful, and it is
of real interest to establish how they can be reintroducted in a
controlled way. This dissertation looks in detail at one example
of this: the addition to a functional language of dynamically
generated “names”. Names are created fresh, they can be compared
with each other and passed around, but that is all. As a very
basic example of “state”, they capture the graduation between
private and public, local and global, by their interaction with
higher-order functions.
The vehicle for this study is the “nu-calculus”, an extension of
the simply-typed lambda-calculus. The nu-calculus is equivalent
to a certain fragment of Standard ML, omitting side-effects,
exceptions, datatypes and recursion. Even without all these
features, the interaction of name creation with higher-order
functions can be complex and subtle.
Various operational and denotational methods for reasoning about
the nu-calculus are developed. These include a computational
metalanguage in the style of Moggi, which distinguishes in the
type system between values and computations. This leads to
categorical models that use a strong monad, and examples are
devised based on functor categories.
The idea of “logical relations” is used to derive powerful
reasoning methods that capture some of the distinction between
private and public names. These techniques are shown to be
complete for establishing contextual equivalence between
first-order expressions; they are also used to construct a
correspondingly abstract categorical model.
All the work with the nu-calculus extends cleanly to Reduced ML,
a larger language that introduces integer references: mutable
storage cells that are dynamically allocated. It turns out that
the step up is quite simple, and both the computational
metalanguage and the sample categorical models can be reused.
cam.ac.uk//UCAM-CL-TR-364
2003-01-01
The Church-Rosser theorem in Isabelle: a proof porting
experiment
Rasmussen, Ole
University of Cambridge, Computer Laboratory
1995-04
en
Text
UCAM-CL-TR-364
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-364.ps.gz
This paper describes a proof of the Church-Rosser theorem for
the pure lambda-calculus formalised in the Isabelle theorem
prover. The initial version of the proof is ported from a
similar proof done in the Coq proof assistant by Girard Huet,
but a number of optimisations have been performed. The
development involves the introduction of several inductive and
recursive definitions and thus gives a good presentation of the
inductive package of Isabelle.
cam.ac.uk//UCAM-CL-TR-365
2021-05-14
Computational types from a logical perspective
I
Benton, P.N.
Bierman, G.M.
de Paiva, V.C.V.
University of Cambridge, Computer Laboratory
1995-05
en
Text
UCAM-CL-TR-365
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-365.pdf
Moggi’s computational lambda calculus is a metalanguage for
denotational semantics which arose from the observation that
many different notions of computation have the categorical
structure of a strong monad on a cartesian closed category. In
this paper we show that the computational lambda calculus also
arises naturally as the term calculus corresponding (by the
Curry-Howard correspondence) to a novel intuitionistic modal
propositional logic. We give natural deduction, sequent calculus
and Hilbert-style presentations of this logic and prove a strong
normalisation result.
cam.ac.uk//UCAM-CL-TR-366
2017-07-13
Retrieving spoken documents: VMR Project
experiments
Spärck Jones, K.
Jones, G.J.F.
Foote, J.T.
Young, S.J.
University of Cambridge, Computer Laboratory
1995-05
en
Text
UCAM-CL-TR-366
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-367
2017-07-06
Categorical logic
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1995-05
en
Text
UCAM-CL-TR-367
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-367.ps.gz
This document provides an introduction to the interaction
between category theory and mathematical logic which is slanted
towards computer scientists. It will be a chapter in the
forthcoming Volume VI of: S. Abramsky, D. M. Gabbay, and T. S.
E. Maibaum (eds), “Handbook of Logic in Computer Science”,
Oxford University Press.
cam.ac.uk//UCAM-CL-TR-368
2003-01-01
CogPiT – configuration of protocols in TIP
Stiller, Burkhard
University of Cambridge, Computer Laboratory
1995-06
en
Text
UCAM-CL-TR-368
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-368.ps.gz
The variety of upcoming applications in terms of their
performance and Quality-of-Service (QoS) requirements is
increasing. Besides almost well-known applications, such as
teleconferencing, audio- and video-transmissions, even more
contemporary ones, such as medical imaging, Video-on-Demand, and
interactive tutoring systems, are introduced and applied to
existing networks. On the contrary, traditionally data-oriented
applications, such as file transfer and remote login, are
considerably different in terms of their QoS requirements.
Therefore, the consequences of this evolution effect the
architectures of end-systems, e.g., workstations that have to be
capable of maintaining all different kinds of multi-media data,
and intermediate-systems as well.
Therefore, a configuration approach of communication protocols
has been developed to support the variety of applications. This
approach offers the possibility to configure communication
protocols automatically depending on the application
requirements expressed in various QoS parameters. The result, an
application-tailored communication protocol, matches the
requested application requirements as far as possible.
Additionally, network and system resources (NSR) are taken into
account for a well-suited configuration.
The Configuration of Protocols in TIP is called CogPiT and is
part of the Transport and Internetworking Package (TIP). As an
example, in the TIP environment the transport protocol TEMPO is
used for configuration purposes.
cam.ac.uk//UCAM-CL-TR-369
2008-03-03
A comparison of HOL-ST and Isabelle/ZF
Agerholm, Sten
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-369
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-369.pdf
The use of higher order logic (simple type theory) is often
limited by its restrictive type system. Set theory allows many
constructions on sets that are not possible on types in higher
order logic. This paper presents a comparison of two theorem
provers supporting set theory, namely HOL-ST and Isabelle/ZF,
based on a formalization of the inverse limit construction of
domain theory; this construction cannot be formalized in higher
order logic directly. We argue that whilst the combination of
higher order logic and set theory in HOL-ST has advantages over
the first order set theory in Isabelle/ZF, the proof
infrastructure of Isabelle/ZF has better support for set theory
proofs than HOL-ST. Proofs in Isabelle/ZF are both considerably
shorter and easier to write.
cam.ac.uk//UCAM-CL-TR-370
2021-05-14
A package for non-primitive recursive function
definitions in HOL
Agerholm, Sten
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-370
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-370.pdf
This paper provides an approach to the problem of introducing
non-primitive recursive function definitions in the HOL system.
A recursive specification is translated into a domain theory
version, where the recursive calls are treated as potentially
non-terminating. Once we have proved termination, the original
specification can be derived easity. Automated tools implemented
in HOL88 are provided to support the definition of both partial
recursive functions and total recursive functions which have
well founded recursive specifications. There are constructions
for building well-founded relations easily.
cam.ac.uk//UCAM-CL-TR-371
2021-05-14
LIMINF convergence in Ω-categories
Wagner, Kim Ritter
University of Cambridge, Computer Laboratory
1995-06
en
Text
UCAM-CL-TR-371
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-371.pdf
The aim of this article is twofold. From a mathematical
perspective we present a notion of convergence which is suitably
general such as to include the convergence of chains to their
least upper bounds in preordered sets, and the convergence of
Cauchy sequences to their metric limits in metric spaces. Rather
than presenting this theory from a purely mathematical
perspective however, we will use it to introduce a simple-minded
domain theory based on a generic notion of approximation.
Although this is the use which motivated the development of
these concepts, it is hoped that this is not the only one.
cam.ac.uk//UCAM-CL-TR-372
2018-03-27
A brief history of mobile telephony
Hild, Stefan G.
University of Cambridge, Computer Laboratory
1995-01
en
Text
UCAM-CL-TR-372
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-372.pdf
Mobile telephony has gone through a decade of tremendous change
and progress. Today, mobile phones are an indispensable tool to
many professionals, and have great potential to become vital
components in mobile data communication applications. In this
survey we will attempt to present some of the milestones from
the route which mobile telephony has taken over the past decades
while developing from an experimental system with limited
capabilities with to a mature technology (section 1), followd by
a more detailed introduction into the modern pan-European GSM
standard (section 2). Section 3 is devoted to the data
communication services, covering two packet-oriented data only
networks as well as data services planned for the GSM system.
Section 4 covers some security issues and section 5 gives an
insight into the realities today with details of some networks
available in the UK. Finally, section 6 concludes this overview
with a brief look into the future.
cam.ac.uk//UCAM-CL-TR-373
2017-07-13
Natural-language processing and requirements
specifications
Macías, Benjamín
Pulman, Stephen G.
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-373
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-374
2003-01-01
A framework for QoS updates in a networking
environment
Stiller, Burkhard
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-374
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-374.ps.gz
The support of sufficient Quality-of-Service (QoS) for
applications residing in a distributed environment and running
on top of high performance networks is a demanding issue.
Currently, the areas to provide this support adequately include
communication protocols, operating systems support, and offered
network services. A configurable approach of communication
protocols offers the needed protocol flexibility to react
accordingly on various different requirements.
Communication protocols and operating systems have to be
parametrized using internal configuration parameters, such as
window sizes, retry counters, or scheduling mechanisms, that
rely closely on requested application-oriented or
network-dependent QoS, such as bandwidth or delay. Moreover,
these internal parameters have to be recalculated from time to
time due to network changes (such as congestion or line
break-down) or due to application-specific alterations (such as
enhanced bandwidth requirements or increased reliability) to
adjust a temporary or semi-permanent “out-of-tune” service
behavior.
Therefore, a rule-based evaluation and QoS updating framework
for configuration parameters in a networking environment has
been developed. The resulting “rulework” can be used within
highly dynamic environments in a communication subsystem that
offers the possibility to specify for every QoS parameter both a
bounding interval of values and an average value. As an example,
the framework has been integrated in the Function-based
Communication Subsystem (F-CSS). Especially, an enhanced
application service interface is offered, allowing for the
specification of various QoS-parameters that are used to
configure a sufficient application-tailored communication
protocol.
cam.ac.uk//UCAM-CL-TR-375
2022-04-25
Restructuring virtual memory to support distributed
computing environments
Huang, Feng
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-375
ISSN 1476-2986
This dissertation considers the limitations of conventional
memory and storage management approaches and proposes a coherent
memory-mapped object system architecture for emerging
distributed computing environments.
Conventionally, main memory and secondary storage management is
based on the two-level store architecture, which provides one
interface to access memory segments and another to access
secondary storage objects. The quality and productivity of
software development is impaired by two different views of
volatile data and persistent data. Operating system performance
is compromised because of mandatory data copying and unnecessary
user/kernel boundary crossings. This is exacerbated in
microkernel architectures, in which most of the user/kernel
boundary crossings become context switches. Double paging may
cause resources to be used inefficiently and the double paging
anomaly may occur if a database system is implemented on top of
this architecture. The work presented here seeks to tackle these
problems by integrating main memory with secondary storage by
using memory-mapping techniques. The different views of volatile
and persistent data are unified; mandatory information copying
and unnecessary user/kernel boundary crossings (or context
switches in microkernels) are avoided; and double paging is
eliminated.
Distributed Shared Memory (DSM) has been proposed as an
attractive abstraction for constructing distributed applications
bacause it is easier to program than the message-passing
abstraction. However, the overhead for maintaining memory
coherency in DSM systems is high. Also, existing DSM systems
typically provide only one coherence protocol and there exists a
potential mismatch between the supplied protocol and some
applications' requirements. This work explores the architectural
support for a flexible coherence mechanism, through which
clients can choose the most suitable protocols for their
applications to avoid coherency mismatch. Also low-level
coherency control is integrated with high level concurrency
control so that system-wide object coherency and synchronisation
are realised without sacrificing performance.
In this dissertation, an architectural framework is proposed;
various design issues are discussed and the design of a flexible
coherence mechanism, which accommodates multiple coherence
protocols, is detailed. A prototype implementation and
performance measurements are then presented; and the use of the
architecture is illustrated.
cam.ac.uk//UCAM-CL-TR-376
2016-07-22
The structure of a multi-service operating
system
Roscoe, Timothy
University of Cambridge, Computer Laboratory
1995-08
en
Text
UCAM-CL-TR-376
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-376.ps.gz
Increases in processor speed and network bandwidth have led to
workstations being used to process multimedia data in real time.
These applications have requirements not met by existing
operating systems, primarily in the area of resource control:
there is a need to reserve resources, in particular the
processor, at a fine granularity. Furthermore, guarantees need
to be dynamically renegotiated to allow users to reassign
resources when the machine is heavily loaded. There have been
few attempts to provide the necessary facilities in traditional
operating systems, and the internal structure of such systems
makes the implementation of useful resource control difficult.
This dissertation presents a way of structuring an operating
system to reduce crosstalk between applications sharing the
machine, and enable useful resource guarantees to be made:
instead of system services being located in the kernel or server
processes, they are placed as much as possible in client
protection domains and scheduled as part of the client, with
communication between domains only occurring when necessary to
enforce protection and concurrency control. This amounts to
multiplexing the service at as low a level of abstraction as
possible. A mechanism for sharing processor time between
resources is also described. The prototype Nemesis operating
system is used to demonstrate the ideas in use in a practical
system, and to illustrate solutions to several implementation
problems that arise.
Firstly, structuring tools in the form of typed interfaces
within a single address space are used to reduce the complexity
of the system from the programmer’s viewpoint and enable rich
sharing of text and data between applications.
Secondly, a scheduler is presented which delivers useful Quality
of Service guarantees to applications in a highly efficient
manner. Integrated with the scheduler is an inter-domain
communication system which has minimal impact on resource
guarantees, and a method of decoupling hardware interrupts from
the execution of device drivers.
Finally, a framework for high-level inter-domain and
inter-machine communication is described, which goes beyond
object-based RPC systems to permit both Quality of Service
negotiation when a communication binding is established, and
services to be implemented straddling protection domain
boundaries as well as locally and in remote processes.
cam.ac.uk//UCAM-CL-TR-377
2017-07-13
Mechanising set theory: cardinal arithmetic and the
axiom of choice
Paulson, Larry
Grabczewski, Krzysztof
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-377
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-377.pdf
Fairly deep results of Zermelo-Fraenkel (ZF) set theory have
been mechanised using the proof assistant Isabelle. The results
concern cardinal arithmetic and the Axiom of Choice (AC). A key
result about cardinal multiplication is K*K=K, where K is any
infinite cardinal. Proving this result required developing
theories of orders, order-isomorphisms, order types, ordinal
arithmetic, cardinals, etc.; this covers most of Kunen, Set
Theory, Chapter I. Furthermore, we have proved the equivalence
of 7 formulations of the Well-ordering Theorem and 20
formulations of AC; this covers the first two chapters of Rubin
and Rubin, Equivalents of the Axiom of Choice. The definitions
used in the proofs are largely faithful in style to the original
mathematics.
cam.ac.uk//UCAM-CL-TR-378
2018-03-27
Performance evaluation of HARP: a hierarchical
asynchronous replication protocol for large scale
system
Adly, Noha
University of Cambridge, Computer Laboratory
1995-08
en
Text
UCAM-CL-TR-378
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-378.ps.gz
This report evaluates the performance of HARP, a hierarchical
replication protocol based on nodes organised into a logical
hierarchy. The scheme is based on communication with nearby
replicas and scales well for thousands of replicas. It proposes
a new service interface that provides different levels of
asynchrony, allowing strong consistency and weak consistency to
be integrated into the same framework. Further, it provides the
ability to offer different levels of staleness, by querying from
different levels of the hierarchy. We present results from a
detailed simulation analysis evaluating the benefits and losses
in performance resulting from using synchronous versus
asynchronous operation within HARP under different system
configurations and load mixes. Further, the performance is
evaluated on different network topologies. An analytical
solution based on the Open Queueing Network Model with Multiple
Job Classes is carried out for the verification of the
simulation model and the results are presented.
cam.ac.uk//UCAM-CL-TR-379
2017-07-13
Proceedings of the First Isabelle Users
Workshop
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1995-09
en
Text
UCAM-CL-TR-379
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-380
2003-01-01
Quality-of-Service issues in networking
environments
Stiller, Burkhard
University of Cambridge, Computer Laboratory
1995-09
en
Text
UCAM-CL-TR-380
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-380.ps.gz
Quality-of-Service (QoS) issues in networking environments cover
various separate areas and topics. They include at least the
specification of applications requirements, the definition of
network services, QoS models, resource reservation methods,
negotiation and transformation methods for QoS, and operating
system support for guaranteed services. An embracing approach
for handling, dealing with, and supporting QoS in different
scenarios and technical set-ups is required to manage
sufficiently forthcoming communication and networking tasks.
Modern telecommunication systems require an integrated
architecture for applications, communication subsystems, and
network perspectives to overcome drawbacks of traditional
communication architectures, such as redundant protocol
functionality, weakly designed interfaces between the end-system
and a network adapter, or impossibility of specifying and
guaranteeing QoS parameter.
This work contains the discussion of a number of interconnected
QoS issues, e.g., QoS mapping, QoS negotiation, QoS-based
configuration of communication protocols, or QoS aspects in
Asynchronous Transfer Mode (ATM) signaling protocols, which have
been dealt with during a one-year research fellowship. This
report is not intended to be a complete description of every
technical detail, but tries to provide a brief overall picture
of the emerging and explosively developing QoS issues in
telecommunication systems. Additionally, investigations of some
of these issues are undertaken in a more closer detail. It is
mainly focussed on QoS mapping, negotiation, and updating in the
communication protocol area.
cam.ac.uk//UCAM-CL-TR-381
2016-07-22
Rendering for free form deformations
Nimscheck, Uwe Michael
University of Cambridge, Computer Laboratory
1995-10
en
Text
UCAM-CL-TR-381
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-382
2016-07-22
Synthetic image generation for a multiple-view
autostereo display
Castle, Oliver M.
University of Cambridge, Computer Laboratory
1995-10
en
Text
UCAM-CL-TR-382
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-383
2022-04-25
Management of replicated data in large scale
systems
Adly, Noha
University of Cambridge, Computer Laboratory
1995-11
en
Text
UCAM-CL-TR-383
ISSN 1476-2986
Data is replicated in distributed systems to imporve system
availability and performance. In recent years, the growth of
internetworks and distributed applications has increased the
need for large scale replicated systems. However, existing
replication protocols do not address scale and autonomy issues
adequately. Further, current applications require different
degrees of of consistency, and therefore they should be given
the ability to choose the level of consistency that is
appropriate for their particular semantics. This dissertation
presents a new scalable replication protocol (HARP) that is
based on organising the replicas into a logical hierarchy. It is
argues that adopting a hierarchical structure allows for
exploiting localised communication, which is taken as the key to
achieve scalability. Moreover it gives the ability to provide
different degrees of consistency.
HARP provides an efficient and scalable propagation scheme where
each node needs to communicate with a few nodes only while
ensuring reliable delivery. A new service interface is proposed
that gives the application the flexibility to choose between
strong and weak consistency. Further the scheme provides the
ability to offer different levels of staleness, depending on the
needs of various applications. Dynamic restructuring operations
are presented which allow the hierarchy to be built and
reconfigured, including the restarting of failed nodes and
re-merging partitioned networks. The operations produce low
message traffic by exploiting localised communication, and do
not disturb normal operations. This is achieved while ensuring
no loss of messages.
Reconciliation methods based on delivery order mechanisms are
provided to resolve temporary inconsistencies and an application
can choose from them. A new algorithm that supports casual order
delivery is proposed. The desirable characteristic of the
algorithm is that, by relying on the hierarchical propagation of
HARP, it cuts down the size of the timestamp required to verify
causality significantly, and thus enhances scalability.
A detailed simulation study was carried out to evaluate the
performance of HARP and to quantify the benefits and losses
resulting from moving from strong consistency to weak
consistency under different system configurations and load
mixes. Further, a simulation study was conducted to compare the
performance of HARP to another weak consistency replication
protocol, the Time Stamped Anti Entropy.
An alternative hierarchical propagation protocol is proposed as
an optimisation of HARP, called HPP. The main difference between
HPP and HARP is that HPP avoids the exchange of global state
information when reconfiguration or failiures occur. Therefore
HPP is more scalable; however, it can tolerate only special
patterns of failiure. The protocol is presented in detail and
its strengths and limitations are analysed.
cam.ac.uk//UCAM-CL-TR-384
2018-03-27
Securing ATM networks
Chuang, Shaw-Cheng
University of Cambridge, Computer Laboratory
1995-01
en
Text
UCAM-CL-TR-384
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-384.ps.gz
This is an interim report on the investigations into securing
Asynchronous Transfer Mode (ATM) networks. We look at the
challenge in providing such a secure ATM network and identify
the important issues in achieving such goal. In this paper, we
discuss the issues and problems involved and outline some
techniques to solving these problems. The network environment is
first examined and we also consider the correct placement of
security mechanism in such an environment. Following the
analysis of the security requirement, we introduce and describe
a key agile cryptographic device for ATM. The protection of the
ATM data plane is extremely important to provide data
confidentiality and data integrity. Techniques in providing
synchronisation, dynamic key change, dynamic initialisation
vector change and Message Authentication Code on ATM data, are
also being considered. Next, we discuss the corresponding
control functions. A few key exchange protocols are given as
possible candidates for the establishment of the session key.
The impact of such key exchange protocols on the design of an
ATM signalling protocol has also been examined and security
extension to an existing signalling protocol being discussed. We
also talk about securing other control plane functions such as
NNI routing, Inter-Domain Policy Routing, authorisation and
auditing, firewall and intrusion detection, Byzantine
robustness. Management plane functions are also being looked at,
with discussions on bootstrapping, authenticated neighbour
discovery, ILMI Security, PVC security, VPI security and ATM
Forum management model.
cam.ac.uk//UCAM-CL-TR-385
2016-07-22
Performance evaluation of the Delphi machine
Saraswat, Sanjay
University of Cambridge, Computer Laboratory
1995-12
en
Text
UCAM-CL-TR-385
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-386
2018-03-27
Bisimilarity for a first-order calculus of objects with
subtyping
Gordon, Andrew D.
Rees, Gareth D.
University of Cambridge, Computer Laboratory
1996-01
en
Text
UCAM-CL-TR-386
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-387
2021-05-17
Monitoring composite events in distributed
systems
Schwiderski, Scarlet
Herbert, Andrew
Moody, Ken
University of Cambridge, Computer Laboratory
1996-02
en
Text
UCAM-CL-TR-387
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-387.pdf
One way of integrating heterogeneous, autonomous and distributed
systems is to monitor their behaviour in terms of global
compostite events. In specific applications, for example
database, it is essential that global composite events can take
account of general conditions such as the timing constraints on
distributed system behaviour. In this paper the use of global
composite events incorporating time events for expressing
physical time is investigated. The detection of global composite
events is complicated by the inherent features of distributed
systems: lack of global time, message delays between sites and
independent failures. Global event detectors are distributed to
arbitrary sites. Relevant constituent events occur on remote
sites and are signalled to corresponding global event detectors,
where they are evaluated. Two different algorithms for the
detection of global composite events are introduced which are
based on the evaluation of trees: asynchronous and synchronous
evaluation. Asynchronous evaluation provides fast but unreliable
detection of global composite events, whereas synchronous
evaluation is characterized by reliability and unpredictable
delays.
cam.ac.uk//UCAM-CL-TR-388
2021-05-17
A unified approach to strictness analysis and optimising
transformations
Benton, P.N.
University of Cambridge, Computer Laboratory
1996-02
en
Text
UCAM-CL-TR-388
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-388.pdf
We present an inference system for translating programs in a
PCF-like source language into a variant of Moggi’s computational
lambda calculus. This translation combines a simple strictness
analysis with its associated optimising transformations into a
single system. The correctness of the translation is established
using a logical relation between the denotational semantics of
the source and target languages.
cam.ac.uk//UCAM-CL-TR-389
2003-01-01
A proof checked for HOL
Wong, Wai
University of Cambridge, Computer Laboratory
1996-03
en
Text
UCAM-CL-TR-389
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-390
2018-03-27
Syn: a single language for specifiying abstract syntax
tress, lexical analysis, parsing and pretty-printing
Boulton, Richard J.
University of Cambridge, Computer Laboratory
1996-03
en
Text
UCAM-CL-TR-390
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-390.ps.gz
A language called Syn is described in which all aspects of
context-free syntax can be specified without redundancy. The
language is essentially an extended BNF grammar. Unusual
features include high-level constructs for specifying lexical
aspects of a language and specification of precedence by textual
order. A system has been implemented for generating lexers,
parsers, pretty-printers and abstract syntax tree
representations from a Syn specification.
cam.ac.uk//UCAM-CL-TR-391
2016-07-22
Programming languages and dimensions
Kennedy, Andrew John
University of Cambridge, Computer Laboratory
1996-04
en
Text
UCAM-CL-TR-391
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-391.pdf
Scientists and engineers must ensure that the equations and
formulae which they use are dimensionally consistent, but
existing programming languages treat all numeric values as
dimensionless. This thesis investigates the extension of
programming languages to support the notion of physical
dimension.
A type system is presented similar to that of the programming
language ML but extended with polymorphic dimension types. An
algorithm which infers most general dimension types
automatically is then described and proved correct.
The semantics of the language is given by a translation into an
explicitlytyped language in which dimensions are passed as
arguments to functions. The operational semantics of this
language is specified in the usual way by an evaluation relation
defined by a set of rules. This is used to show that if a
program is well-typed then no dimension errors can occur during
its evaluation.
More abstract properties of the language are investigated using
a denotational semantics: these include a notion of invariance
under changes in the units of measure used, analogous to
parametricity in the polymorphic lambda calculus. Finally the
dissertation is summarised and many possible directions for
future research in dimension types and related type systems are
described.
cam.ac.uk//UCAM-CL-TR-392
2003-01-01
Decoding choice encodings
Nestmann, Uwe
Pierce, Benjamin C.
University of Cambridge, Computer Laboratory
1996-04
en
Text
UCAM-CL-TR-392
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-393
2016-07-22
Performance management in ATM networks
Crosby, Simon Andrew
University of Cambridge, Computer Laboratory
1996-04
en
Text
UCAM-CL-TR-393
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-393.ps.gz
The Asynchronous Transfer Mode (ATM) has been identified as the
technology of choice amongst high speed communication networks
for its potential to integrate services with disparate resource
needs and timing constraints. Before it can successfully deliver
integrated services, however, significant problems remain to be
solved. They centre around two major issues. First, there is a
need for a simple, powerful network service interface capable of
meeting the communications needs of new applications. Second,
within the network there is a need to dynamically control a mix
of diverse traffic types to ensure that they meet their
performance criteria.
Addressing the first concern, this dissertation argues that a
simple network control interface offers significant advantages
over the traditional, heavyweight approach of the
telecommunications industry. A network control architecture
based on a distributed systems approach is presented which
locates both the network control functions and its services
outside the network. The network service interface uses the
Remote Procedure Call (RPC) paradigm and enables more
complicated service offerings to be built from the basic
primitives. A formal specification and verification of the
user-network signalling protocol is presented. Implementations
of the architecture, both on Unix and the Wanda micro-kernel,
used on the Fairisle ATM switch, are described. The
implementations demonstrate the feasibility of the architecture,
and feature a high degree of experimental flexibility. This is
exploited in the balance of the dissertation, which presents the
results of a practical study of network performance under a
range of dynamic control mechanisms.
Addressing the second concern, results are presented from a
study of the cell delay variation suffered by ATM connections
when multiplexed with real ATM traffic in an uncontrolled
network, and from an investigation of the expansion of bursts of
ATM traffic as a result of multiplexing. The results are
compared with those of analytical models. Finally, results from
a study of the performance delivered to delay sensitive traffic
by priority and rate based cell scheduling algorithms, and the
loss experienced by different types of traffic under several
buffer allocation strategies are presented.
cam.ac.uk//UCAM-CL-TR-394
2017-07-13
A simple formalization and proof for the mutilated chess
board
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1996-04
en
Text
UCAM-CL-TR-394
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-394.pdf
The impossibility of tiling the mutilated chess board has been
formalized and verified using Isabelle. The formalization is
concise because it is expressed using inductive definitions. The
proofs are straightforward except for some lemmas concerning
finite cardinalities. This exercise is an object lesson in
choosing a good formalization. is applicable in a variety of
domains.
cam.ac.uk//UCAM-CL-TR-395
2021-05-21
Cut-elimination for full intuitionistic linear
logic
Bräuner, Torben
de Paiva, Valeria
University of Cambridge, Computer Laboratory
1996-05
en
Text
UCAM-CL-TR-395
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-395.pdf
We describe in full detail a solution to the problem of proving
the cut elimination theorem for FILL, a variant of
(multiplicative and exponential-free) Linear Logic introduced by
Hyland and de Paiva. Hyland and de Paiva’s work used a term
assignment system to describe FILL and barely sketched the proof
of cut elimination. In this paper, as well as correcting a small
mistake in their paper and extending the system to deal with
exponentials, we introduce a different formal system describing
the intuitionistic character of FILL and we provide a full proof
of the cut elimination theorem. The formal system is based on a
notion of dependency between formulae within a given proof and
seems of independent interest. The procedure for cut elimination
applies to (classical) multiplicative Linear Logic, and we can
(with care) restrict our attention to the subsystem FILL. The
proof, as usual with cut elimination proofs, is a little
involved and we have not seen it published anywhere.
cam.ac.uk//UCAM-CL-TR-396
2017-07-13
Generic automatic proof tools
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1996-05
en
Text
UCAM-CL-TR-396
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-396.pdf
This paper explores a synthesis between two distinct traditions
in automated reasoning: resolution and interaction. In
particular it discusses Isabelle, an interactive theorem prover
based upon a form of resolution. It aims to demonstrate the
value of proof tools that, compared with traditional resolution
systems, seem absurdly limited. Isabelle’s classical reasoner
searches for proofs using a tableau approach. The reasoner is
generic: it accepts rules proved in applied theories, involving
defined connectives. New constants are not reduced to
first-order logic; the reasoner
cam.ac.uk//UCAM-CL-TR-397
2003-01-01
Optimal routing in 2-jump circulant networks
Robič, Borut
University of Cambridge, Computer Laboratory
1996-06
en
Text
UCAM-CL-TR-397
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-397.ps.gz
An algorithm for routing a message along the shortest path
between a pair of processors in 2-jump circulant (undirected
double fixed step) network is given. The algorithm requires O(d)
time for preprocessing, and l = O(d) routing steps, where l is
the distance between the processors and d is the diameter of the
network.
cam.ac.uk//UCAM-CL-TR-398
2017-07-13
Design and implementation of an autostereoscopic camera
system
Dodgson, N.A.
Moore, J.R.
University of Cambridge, Computer Laboratory
1996-06
en
Text
UCAM-CL-TR-398
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-398.pdf
An autostereoscopic display provides the viewer with a
three-dimensional image without the need for special glasses,
and allows the user to look around objects in the image by
moving the head left-right. The time-multiplexed autostereo
display developed at the University of Cambridge has been in
operation since late 1991.
An autostereoscopic camera system has been designed and
implemented. It is capable of taking video input from up to
sixteen cameras, and multiplexing these into a video output
stream with a pixel rate an order of magnitude faster than the
individual input streams. Testing of the system with eight
cameras and a Cambridge Autostereo Display has produced
excellent live autostereoscopic video.
This report describes the design of this camera system which has
been successfully implemented and demonstrated. Problems which
arose during this process are discussed, and a comparison with
similar systems made.
cam.ac.uk//UCAM-CL-TR-399
2020-01-28
OASIS: An open architecture for secure interworking
services
Hayton, Richard
University of Cambridge, Computer Laboratory
1996-06
en
Text
UCAM-CL-TR-399
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-399.pdf
An emerging requirement is for applications and distributed
services to cooperate or inter-operate. Mechanisms have been
devised to hide the heterogeneity of the host operating systems
and abstract the issues of distribution and object location.
However, in order for systems to inter-operate securely there
must also be mechanisms to hide differences in security policy,
or at least negotiate between them.
This would suggest that a uniform model of access control is
required. Such a model must be extremely flexible with respect
to the specification of policy, as different applications have
radically different needs. In a widely distributed environment
this situation is exacerbated by the differing requirements of
different organisations, and in an open environment there is a
need to interwork with organisations using alternative security
mechanisms.
Other proposals for the interworking of security mechanisms have
concentrated on the enforcement of access policy, and neglected
the concerns of freedom of expression of this policy. For
example it is common to associate each request with a user
identity, and to use this as the only parameter when performing
access control. This work describes an architectural approach to
security. By reconsidering the role of the client and the
server, we may reformulate access control issues in terms of
client naming.
We think of a client as obtaining a name issued by a service;
either based on credentials already held by the client, or by
delegation from another client. A grammar has been devised that
allows the conditions under which a client may assume a name to
be specified, and the conditions under which use of the name
will be revoked. This allows complex security policies to be
specified that define how clients of a service may interact with
each other (through election, delegation and revocation), how
clients interact with a service (by invoking operations or
receiving events) and how clients and services may
inter-operate. (For example, a client of a Login service may
become a client of a file service.)
This approach allows great flexibility when integrating a number
of services, and reduces the mismatch of policies common in
heterogeneous systems. A flexible security definition is
meaningless if not backed by a robust and efficient
implementation. In this thesis we present a systems architecture
that can be implemented efficiently, but that allows individual
services to ‘fine tune’ the trade-offs between security,
efficiency and freedom of policy expression. The architecture is
inherently distributed and scalable, and includes mechanisms for
rapid and selective revocation of privileges which may cascade
between services and organisations.
cam.ac.uk//UCAM-CL-TR-400
2016-07-22
Monitoring the behaviour of distributed
systems
Schwiderski, Scarlet
University of Cambridge, Computer Laboratory
1996-07
en
Text
UCAM-CL-TR-400
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-400.pdf
Monitoring the behaviour of computing systems is an important
task. In active database systems, a detected system behaviour
leads to the triggering of an ECA (event-condition-action) rule.
ECA rules are employed for supporting database management system
functions as well as external applications. Although distributed
database systems are becoming more commonplace, active database
research has to date focussed on centralised systems. In
distributed debugging systems, a detected system behaviour is
compared with the expected system behaviour. Differences
illustrate erroneous behaviour. In both application areas,
system behaviours are specified in terms of events: primitive
events represent elementary occurrences and composite events
represent complex occurrence patterns. At system runtime,
specified primitive and composite events are monitored and event
occurrences are detected. However, in active database systems
events are monitored in terms of physical time and in
distributed debugging systems events are monitored in terms of
logical time. The notion of physical time is difficult in
distributed systems because of their special characteristics: no
global time, network delays, etc.
This dissertation is concerned with monitoring the behaviour of
distributed systems in terms of physical time, i.e. the syntax,
the semantics, the detection, and the implementation of events
are considered.
The syntax of primitive and composite events is derived from the
work of both active database systems and distributed debugging
systems; differences and necessities are highlighted.
The semantics of primitive and composite events establishes when
and where an event occurs; the semantics depends largely on the
notion of physical time in distributed systems. Based on the
model for an approximated global time base, the ordering of
events in distributed systems is considered, and the structure
and handling of timestamps are illustrated. In specific
applications, a simplified version of the semantics can be
applied which is easier and therefore more efficient to
implement.
Algorithms for the detection of composite events at system
runtime are developed; event detectors are distributed to
arbitrary sites and composite events are evaluated concurrently.
Two different evaluation policies are examined: asynchronous
evaluation and synchronous evaluation. Asynchronous evaluation
is characterised by the ad hoc consumption of signalled event
occurrences. However, since the signalling of events involves
variable delays, the events may not be evaluated in the
system-wide order of their occurrence. On the other hand,
synchronous evaluation enforces events to be evaluated in the
system-wide order of their occurrence. But, due to site failures
and network congestion, the evaluation may block on a fairly
long-term basis.
The prototype implementation realises the algorithms for the
detection of composite events with both asynchronous and
synchronous evaluation. For the purpose of testing, primitive
event occurrences are simulated by distributed event simulators.
Several tests are performed illustrating the differences between
asynchronous and synchronous evaluation: the first is ‘fast and
unreliable’ whereas the latter is ‘slow and reliable’.
cam.ac.uk//UCAM-CL-TR-401
2021-05-21
A classical linear λ-calculus
Bierman, Gavin
University of Cambridge, Computer Laboratory
1996-07
en
Text
UCAM-CL-TR-401
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-401.pdf
This paper proposes and studies a typed λ-calculus for classical
linear logic. I shall give an explanation of a
multiple-conclusion formulation for classical logic due to
Parigot and compare it to more traditional treatments by Prawitz
and others. I shall use Parigot’s method to devise a natural
deduction fomulation of classical linear logic. This formulation
is compared in detail to the sequent calculus formulation. In an
appendix I shall also demonstrate a somewhat hidden connection
with the paradigm of control operators for functional languages
which gives a new computational interpretation of Parigot’s
techniques.
cam.ac.uk//UCAM-CL-TR-402
2021-07-05
Video mail retrieval using voice: report on collection
of naturalistic requests and relevance assessments
Jones, G.J.F.
Foote, J.T.
Spärck Jones, K.
Young, S.J.
University of Cambridge, Computer Laboratory
1996-09
en
Text
UCAM-CL-TR-402
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-402.pdf
This report discusses the rationale, design, collection and
initial statistics of a message request and retrieved document
relevance assessment set for the Cambridge Video Mail Rewtrieval
(VMR) Project. This data set is designed to complement the VMR
Database 1 (VMR1) message set and was designed for the testing
of document searching methods being investigated in the VMR
project. The combined message and request set is referred to as
VMR1b.
cam.ac.uk//UCAM-CL-TR-403
2016-07-22
Devices in a multi-service operating system
Barham, Paul Ronald
University of Cambridge, Computer Laboratory
1996-10
en
Text
UCAM-CL-TR-403
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-403.ps.gz
Increases in processor speed and network and device bandwidth
have led to general purpose workstations being called upon to
process continuous media data in real time. Conventional
operating systems are unable to cope with the high loads and
strict timing constraints introduced when such applications form
part of a multi-tasking workload. There is a need for the
operating system to provide fine-grained reservation of
processor, memory and I/O resources and the ability to
redistribute these resources dynamically. A small group of
operating systems researchers have recently proposed a
“vertically-structured” architecture where the operating system
kernel provides minimal functionality and the majority of
operating system code executes within the application itself.
This structure greatly simplifies the task of accounting for
processor usage by applications. The prototype Nemesis operating
system embodies these principles and is used as the platform for
this work.
This dissertation extends the provision of Quality of Service
guarantees to the I/O system by presenting an architecture for
device drivers which minimises crosstalk between applications.
This is achieved by clearly separating the data-path operations,
which require careful accounting and scheduling, and the
infrequent control-path operations, which require protection and
concurrency control. The approach taken is to abstract and
multiplex the I/O data-path at the lowest level possible so as
to simplify accounting, policing and scheduling of I/O resources
and enable application-specific use of I/O devices.
The architecture is applied to several representative classes of
device including network interfaces, network connected
peripherals, disk drives and framestores. Of these, disks and
framestores are of particular interest since they must be shared
at a very fine granularity but have traditionally been presented
to the application via a window system or file-system with a
high-level and coarse-grained interface.
A device driver for the framestore is presented which abstracts
the device at a low level and is therefore able to provide each
client with guaranteed bandwidth to the framebuffer. The design
and implementation of a novel client-rendering window system is
then presented which uses this driver to enable rendering code
to be safely migrated into a shared library within the client.
A low-level abstraction of a standard disk drive is also
described which efficiently supports a wide variety of file
systems and other applications requiring persistent storage,
whilst providing guaranteed rates of I/O to individual clients.
An extent-based file system is presented which can provide
guaranteed rate file access and enables clients to optimise for
application-specific access patterns.
cam.ac.uk//UCAM-CL-TR-404
2016-07-22
Adaptive parallelism for computing on heterogeneous
clusters
Shum, Kam Hong
University of Cambridge, Computer Laboratory
1996-11
en
Text
UCAM-CL-TR-404
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-405
2018-03-27
A tool to support formal reasoning about computer
languages
Boulton, Richard J.
University of Cambridge, Computer Laboratory
1996-11
en
Text
UCAM-CL-TR-405
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-405.ps.gz
A tool to support formal reasoning about computer languages and
specific language texts is described. The intention is to
provide a tool that can build a formal reasoning system in a
mechanical theorem prover from two specifications, one for the
syntax of the language and one for the semantics. A parser,
pretty-printer and internal representations are generated from
the former. Logical representations of syntax and semantics, and
associated theorem proving tools, are generated from the
combination of the two specifications. The main aim is to
eliminate tedious work from the task of prototyping a reasoning
tool for a computer language, but the abstract specifications of
the language also assist the automation of proof.
cam.ac.uk//UCAM-CL-TR-406
2017-07-13
Tool support for logics of programs
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1996-11
en
Text
UCAM-CL-TR-406
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-406.pdf
Proof tools must be well designed if they are to be more
effective than pen and paper. Isabelle supports a range of
formalisms, two of which are described (higher-order logic and
set theory). Isabelle’s representation of logic is influenced by
logic programming: its “logical variables” can be used to
implement step-wise refinement. Its automatic proof procedures
are based on search primitives that are directly available to
users. While emphasizing basic concepts, the article also
discusses applications such as an approach to the analysis of
security protocols.
cam.ac.uk//UCAM-CL-TR-407
2003-01-01
The L4 microkernel on Alpha : Design and
implementation
Schoenberg, Sebastian
University of Cambridge, Computer Laboratory
1996-09
en
Text
UCAM-CL-TR-407
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-407.ps.gz
The purpose of a microkernel is to cover the lowest level of the
hardware and to provide a more general platform to operating
systems and applications than the hardware itself. This has made
microkernel development increasingly interesting. Different
types of microkernels have been developed, ranging from kernels
which merely deal with the hardware infterface (Windows NT HAL),
kernels especially for embedded systems (RTEMS), to kernels for
multimedia streams and real time support (Nemesis) and general
purpose kernels (L4, Mach).
The common opinion that microkernels lead to deterioration in
system performance has been disproved by recent research. L4 is
an example of a fast and small, multi address space,
message-based microkernel, developed originally for Intel
systems only. Based on the L4 interface, which should be as
similar as possible on different platforms, the L4 Alpha version
has been developed.
This work describes design decisions, implementation and
interfaces of the L4 version for 64-bit Alpha processors.
cam.ac.uk//UCAM-CL-TR-408
2016-07-22
Theorem proving with the real numbers
Harrison, John Robert
University of Cambridge, Computer Laboratory
1996-11
en
Text
UCAM-CL-TR-408
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-408.ps.gz
This thesis discusses the use of the real numbers in theorem
proving. Typically, theorem provers only support a few
‘discrete’ datatypes such as the natural numbers. However the
availability of the real numbers opens up many interesting and
important application areas, such as the verification of
floating point hardware and hybrid systems. It also allows the
formalization of many more branches of classical mathematics,
which is particularly relevant for attempts to inject more
rigour into computer algebra systems.
Our work is conducted in a version of the HOL theorem prover. We
describe the rigorous definitional construction of the real
numbers, using a new version of Cantor’s method, and the
formalization of a significant portion of real analysis. We also
describe an advanced derived decision procedure for the ‘Tarski
subset’ of real algebra as well as some more modest but
practically useful tools for automating explicit calculations
and routine linear arithmetic reasoning.
Finally, we consider in more detail two interesting application
areas. We discuss the desirability of combining the rigour of
theorem provers with the power and convenience of computer
algebra systems, and explain a method we have used in practice
to achieve this. We then move on to the verification of floating
point hardware. After a careful discussion of possible
correctness specifications, we report on two case studies, one
involving a transcendental function.
We aim to show that a theory of real numbers is useful in
practice and interesting in theory, and that the ‘LCF style’ of
theorem proving is well suited to the kind of work we describe.
We hope also to convince the reader that the kind of mathematics
needed for applications is well within the abilities of current
theorem proving technology.
cam.ac.uk//UCAM-CL-TR-409
2017-07-13
Proving properties of security protocols by
induction
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1996-12
en
Text
UCAM-CL-TR-409
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-409.pdf
Security protocols are formally specified in terms of traces,
which may involve many interleaved protocol runs. Traces are
defined inductively. Protocol descriptions model accidental key
losses as well as attacks. The model spy can send spoof messages
made up of components decrypted from previous traffic.
Correctness properties are verified using the proof tool
Isabelle/HOL. Several symmetric-key protocols have been studied,
including Needham-Schroeder, Yahalom and Otway-Rees. A new
attack has been discovered in a variant of Otway-Rees (already
broken by Mao and Boyd). Assertions concerning secrecy and
authenticity have been proved.
The approach rests on a common theory of messages, with three
operators. The operator “parts” denotes the components of a set
of messages. The operator “analz” denotes those parts that can
be decrypted with known keys. The operator “synth” denotes those
messages that can be expressed in terms of given components. The
three operators enjoy many algebraic laws that are invaluable in
proofs.
cam.ac.uk//UCAM-CL-TR-410
2018-03-27
Proof style
Harrison, John
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-410
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-410.ps.gz
We are concerned with how to communicate a mathematical proof to
a computer theorem prover. This can be done in many ways, while
allowing the machine to generate a completely formal proof
object. The most obvious choice is the amount of guidance
required from the user, or from the machine perspective, the
degree of automation provided. But another important
consideration, which we consider particularly significant, is
the bias towards a ‘procedural’ or ‘declarative’ proof style. We
will explore this choice in depth, and discuss the strengths and
weaknesses of declarative and procedural styles for proofs in
pure mathematics and for verification applications. We conclude
with a brief summary of our own experiments in trying to combine
both approaches.
cam.ac.uk//UCAM-CL-TR-411
2016-07-22
Formalising process calculi in Higher Order
Logic
Nesi, Monica
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-411
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-412
2021-05-21
Observations on a linear PCF (preliminary
report)
Bierman, G.M.
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-412
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-412.pdf
This paper considers some theoretical and practical issues
concerning the use of linear logic as a logical foundation of
functional programming languages such as Haskell and SML. First
I give an operational theory for a linear PCF: the (typed)
linear λ-calculus extended with booleans, conditional and
non-termination. An operational semantics is given which
corresponds in a precise way to the process of β-reduction which
originates from proof theory. Using this operational semantics I
define notions of observational equivalence (sometimes called
contextual equivalence). Surprisingly, the linearity of the
language forces a reworking of the traditional notion of a
context (the details are given in an appendix). A co-inductively
defined notion, applicative bi-simularity, is developed and
compared with observational equivalence using a variant of
Howe’s method. Interestingly the equivalence of these two
notions is greatly complicated by the linearity of the language.
These equivalences are used to study a call-by-name translation
of PCF into linear PCF. It is shown that this translation is
adequate but not fully abstract. Finally I show how Landin’s
SECD machine can be adpacted to execute linear PCF programs.
cam.ac.uk//UCAM-CL-TR-413
2017-07-13
Mechanized proofs of security protocols:
Needham-Schroeder with public keys
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-413
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-413.pdf
The inductive approach to verifying security protocols,
previously applied to shared-key encryption, is here applied to
the public key version of the Needham-Schroeder protocol. As
before, mechanized proofs are performed using Isabelle/HOL. Both
the original, flawed version and Lowe’s improved version are
studied; the properties proved highlight the distinctions
between the two versions. The results are compared with previous
analyses of the same protocol. The analysis reported below
required only 30 hours of the author’s time. The proof scripts
execute in under three minutes.
cam.ac.uk//UCAM-CL-TR-414
2017-07-06
A calculus for cryptographic protocols : The SPI
calculus
Abadi, Martín
Gordon, Andrew D.
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-414
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-414.ps.gz
We introduce the spi calculus, an extension of the pi calculus
designed for the description and analysis of cryptographic
protocols. We show how to use the spi calculus, particularly for
studying authentication protocols. The pi calculus (without
extension) suffices for some abstract protocols; the spi
calculus enables us to consider cryptographic issues in more
detail. We represent protocols as processes in the spi calculus
and state their security properties in terms of coarse-grained
notions of protocol equivalence.
cam.ac.uk//UCAM-CL-TR-415
2016-07-22
Application support for mobile computing
Pope, Steven Leslie
University of Cambridge, Computer Laboratory
1997-02
en
Text
UCAM-CL-TR-415
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-416
2021-07-05
DECLARE: a prototype declarative proof system for higher
order logic
Syme, Donald
University of Cambridge, Computer Laboratory
1997-02
en
Text
UCAM-CL-TR-416
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-416.pdf
This report describes DECLARE, a prototype implementation of a
declarative proof system for simple higher order logic. The
purpose of DECLARE is to explore mechanisms of specification and
proof that may be incorporated into other theorem provers. It
has been developed to aid with reasoning about operational
descriptions of systems and languages. Proofs in DECLARE are
expressed as proof outlines, in a language that approximates
written mathematics. The proof language includes specialised
constructs for (co-)inductive types and relations. The system
includes an abstract/article mechanism that provides a way of
isolating the process of formalisation from what results, and
simultaneously allow the efficient separate processing of work
units. After describing the system we discuss our approach on
two subsidiary issues: automation and the interactive
environment provided to the user.
cam.ac.uk//UCAM-CL-TR-417
2019-05-28
Selective mesh refinement for interactive terrain
rendering
Brown, Peter J.C.
University of Cambridge, Computer Laboratory
1997-02
en
Text
UCAM-CL-TR-417
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-417.pdf
Terrain surfaces are often approximated by geometric meshes to
permit efficient rendering. This paper describes how the
complexity of an approximating irregular mesh can be varied
across its domain in order to minimise the number of displayed
facets while ensuring that the rendered surface meets
pre-determined resolution requirements. We first present a
generalised scheme to represent a mesh over a continuous range
of resolutions using the output from conventional
single-resolution approximation methods. We then describe an
algorithm which extracts a surface from this representation such
that the resolution of the surface is enhanced only in specific
areas of interest. We prove that the extracted surface is
complete, minimal, satisfies the given resolution constraints
and meets the Delaunay triangulation criterion if possible. In
addition, we present a method of performing smooth visual
transitions between selectively-refined meshes to permit
efficient animation of a terrain scene.
A HTML version of that report is at
https://www.cl.cam.ac.uk/research/rainbow/publications/pjcb/tr417/
cam.ac.uk//UCAM-CL-TR-418
2017-07-13
Mechanized proofs for a recursive authentication
protocol
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-03
en
Text
UCAM-CL-TR-418
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-418.pdf
A novel protocol has been formally analyzed using the prover
Isabelle/HOL, following the inductive approach described in
earlier work. There is no limit on the length of a run, the
nesting of messages or the number of agents involved. A single
run of the protocol delivers session keys for all the agents,
allowing neighbours to perform mutual authentication. The basic
security theorem states that session keys are correctly
delivered to adjacent pairs of honest agents, regardless of
whether other agents in the chain are compromised. The
protocol’s complexity caused some difficulties in the
specification and proofs, but its symmetry reduced the number of
theorems to prove.
cam.ac.uk//UCAM-CL-TR-419
2016-07-22
Video-augmented environments
Stafford-Fraser, James Quentin
University of Cambridge, Computer Laboratory
1997-04
en
Text
UCAM-CL-TR-419
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-419.pdf
In the future, the computer will be thought of more as an
assistant than as a tool, and users will increasingly expect
machines to make decisions on their behalf. As with a human
assistant, a machine’s ability to make informed choices will
often depend on the extent of its knowledge of activities in the
world around it. Equipping personal computers with a large
number of sensors for monitoring their environment is, however,
expensive and inconvenient, and a preferable solution would
involve a small number of input devices with a broad scope of
application. Video cameras are ideally suited to many realworld
monitoring applications for this reason. In addition, recent
reductions in the manufacturing costs of simple cameras will
soon make their widespread deployment in the home and office
economically viable. The use of video as an input device also
allows the creation of new types of user-interface, more
suitable in some circumstances than those afforded by the
conventional keyboard and mouse.
This thesis examines some examples of these ‘Video-Augmented
Environments’ and related work, and then describes two
applications in detail. The first, a ‘software cameraman’, uses
the analysis of one video stream to control the display of
another. The second, ‘BrightBoard’, allows a user to control a
computer by making marks on a conventional whiteboard, thus
‘augmenting’ the board with many of the facilities common to
electronic documents, including the ability to fax, save, print
and email the image of the board. The techniques which were
found to be useful in the construction of these applications are
common to many systems which monitor real-world video, and so
they were combined in a toolkit called ‘Vicar’. This provides an
architecture for ‘video plumbing’, which allows standard
videoprocessing components to be connected together under the
control of a scripting language. It is a single application
which can be programmed to create a variety of simple
Video-Augmented Environments, such as those described above,
without the need for any recompilation, and so should simplify
the construction of such applications in the future. Finally,
opportunities for further exploration on this theme are
discussed.
cam.ac.uk//UCAM-CL-TR-420
2016-07-22
Managing complex models for computer graphics
Sewell, Jonathan Mark
University of Cambridge, Computer Laboratory
1997-04
en
Text
UCAM-CL-TR-420
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-420.pdf
Three-dimensional computer graphics is becoming more common as
increasing computational power becomes more readily available.
Although the images that can be produced are becoming more
complex, users’ expectations continue to grow. This dissertation
examines the changes in computer graphics software that will be
needed to support continuing growth in complexity, and proposes
techniques for tackling the problems that emerge.
Increasingly complex models will involve longer rendering times,
higher memory requirements, longer data transfer periods and
larger storage capacities. Furthermore, even greater demands
will be placed on the constructors of such models. This
dissertation aims to describe how to construct scalable systems
which can be used to visualise models of any size without
requiring dedicated hardware. This is achieved by controlling
the quality of the results, and hence the costs incurred. In
addition, the use of quality controls can become a tool to help
users handle the large volume of information arising from
complex models.
The underlying approach is to separate the model from the
graphics application which uses it, so that the model exists
independently. By doing this, an application is free to access
only the data which is required at any given time. For the
application to function in this manner, the data must be in an
appropriate form. To achieve this, approximation hierarchies are
defined as a suitable new model structure. These utilise
multiple representations of both objects and groups of objects
at all levels in the model.
In order to support such a structure, a novel method is proposed
for rapidly constructing simplified representations of groups of
complex objects. By calculating a few geometrical attributes, it
is possible to generate replacement objects that preserve
important aspects of the originals. Such objects, once placed
into an approximation hierarchy, allow rapid loading and
rendering of large portions of a model. Extensions to rendering
algorithms are described that take advantage of this structure.
The use of multiple representations encompasses not only
different quality levels, but also different storage formats and
types of objects. It provides a framework within which such
aspects are hidden from the user, facilitating the sharing and
re-use of objects. A model manager is proposed as a means of
encapsulating these mechanisms. This software gives, as far as
possible, the illusion of direct access to the whole complex
model, while at the same time making the best use of the limited
resources available.
cam.ac.uk//UCAM-CL-TR-421
2018-03-27
An abstract dynamic semantics for C
Norrish, Michael
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-421
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-421.pdf
This report is a presentation of a formal semantics for the C
programming language. The semantics has been defined
operationally in a structured semantics style and covers the
bulk of the core of the language. The semantics has been
developed in a theorem prover (HOL), where some expected
consequences of the language definition
cam.ac.uk//UCAM-CL-TR-422
2021-07-09
Using the BONITA primitives: a case study
Rowstron, Antony
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-422
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-422.pdf
The co-ordination language Linda has been used for parallel
processing for many years. Linda uses a shared tuple space and a
number of primitives to provide access to the tuple space and
thereby enabling communication between processes executing
concurrently. Linda provides asynchronous communication between
processes, but synchronous access between the processes and the
tuple spaces. The Bonita primitives are a different set of
primitives that provide asynchronous access to the tuple spaces.
The Bonita priomitives can emulate the primary Linda primitives
and therefore provides both asynchronous access and synchronous
access to tuple spaces. It has been previously claimed that
asynchronous tuple space access primitives are required to
provide new co-ordination constructs and to improve performance
for geographically distributed processes which are required to
co-ordinate distributed processes (or agents).
In this paper a talk program is used as an example to
demonstrate that the concept of tuple spaces are well suited for
process co-ordination for distributed processes (or agents), and
to provide a comparison between the use of Linda primitives and
the Bonita primitives. It is shown that asynchronous tuple space
access is essential for such process co-ordination.
cam.ac.uk//UCAM-CL-TR-423
2020-01-28
Symbol grounding: Learning categorical and sensorimotor
predictions for coordination in autonomous robots
MacDorman, Karl F.
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-423
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-424
2016-09-19
Simplification with renaming: a general proof technique
for tableau and sequent-based provers
Massacci, Fabio
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-424
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-424.dvi.gz
Tableau and sequent calculi are the basis for most popular
interactive theorem provers for hardware and software
verification.
Yet, when it comes to decision procedures or automatic proof
search, tableaux are orders of magnitude slower than
Davis-Putnam, SAT based procedures or other techniques based on
resolution.
To meet this challenge, this paper proposes a theoretical
innovation: the rule of simplification, which plays the same
role for tableaux as subsumption does for resolution, and unit
for Davis-Putman.
This technique gives a unifying view of a number of
tableaux-like calculi such as DPLL, KE, HARP, hyper-tableaux
etc. For instance the stand-alone nature of the first-order
Davis-Putnam-Longeman-Loveland procedure can be explained away
as a case of Smullyan tableau with propositional simplification.
Besides its computational effectiveness, the simplicity and
generality of simplification make its extension possible in a
uniform way. We define it for propositional and first order
logic and a wide range of modal logics. For a full-fledged first
order simplification we combine it with another technique,
renaming, which subsumes the use of free universal variables in
sequent and tableau calculi.
New experimental results are given for random SAT and the IFIP
benchmarks for hardware verification.
cam.ac.uk//UCAM-CL-TR-425
2017-07-13
Should your specification language be typed?
Lamport, Leslie
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-425
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-425.pdf
Most specification languages have a type system. Type systems
are hard to get right, and getting them wrong can lead to
inconsistencies. Set theory can serve as the basis for a
specification language without types. This possibility, which
has been widely overlooked, offers many advantages. Untyped set
theory is simple and is more flexible than any simple typed
formalism. Polymorphism, overloading, and subtyping can make a
type system more powerful, but at the cost of increased
complexity, and such refinements can never attain the
flexibility of having no types at all. Typed formalisms have
advantages too, stemming from the power of mechanical type
checking. While types serve little purpose in hand proofs, they
do help with mechanized proofs. In the absence of verification,
type checking can catch errors in specifications. It may be
possible to have the best of both worlds by adding typing
annotations to an untyped specification language.
We consider only specification languages, not programming
languages.
cam.ac.uk//UCAM-CL-TR-426
2016-07-22
Action selection methods using reinforcement
learning
Humphrys, Mark
University of Cambridge, Computer Laboratory
1997-06
en
Text
UCAM-CL-TR-426
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-426.ps.gz
The Action Selection problem is the problem of run-time choice
between conflicting and heterogenous goals, a central problem in
the simulation of whole creatures (as opposed to the solution of
isolated uninterrupted tasks). This thesis argues that
Reinforcement Learning has been overlooked in the solution of
the Action Selection problem. Considering a decentralised model
of mind, with internal tension and competition between selfish
behaviors, this thesis introduces an algorithm called
“W-learning”, whereby different parts of the mind modify their
behavior based on whether or not they are succeeding in getting
the body to execute their actions. This thesis sets W-learning
in context among the different ways of exploiting Reinforcement
Learning numbers for the purposes of Action Selection. It is a
‘Minimize the Worst Unhappiness’ strategy. The different methods
are tested and their strengths and weaknesses analysed in an
artificial world.
cam.ac.uk//UCAM-CL-TR-427
2020-12-04
Proving Java type soundness
Syme, Don
University of Cambridge, Computer Laboratory
1997-06
en
Text
UCAM-CL-TR-427
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-427.pdf
This technical report describes a machine checked proof of the
type soundness of a subset of the Java language called Java_s. A
formal semantics for this subset has been developed by
Drossopoulou and Eisenbach, and they have sketched an outline of
the type soundness proof. The formulation developed here
complements their written semantics and proof by correcting and
clarifying significant details; and it demonstrates the utility
of formal, machine checking when exploring a large and detailed
proof based on operational semantics. The development also
serves as a case study in the application of ‘declarative’ proof
techniques to a major property of an operational system.
cam.ac.uk//UCAM-CL-TR-428
2018-03-27
Floating point verification in HOL Light: the
exponential function
Harrison, John
University of Cambridge, Computer Laboratory
1997-06
en
Text
UCAM-CL-TR-428
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-428.ps.gz
In that they often embody compact but mathematically
sophisticated algorithms, operations for computing the common
transcendental functions in floating point arithmetic seem good
targets for formal verification using a mechanical theorem
prover. We discuss some of the general issues that arise in
verifications of this class, and then present a machine-checked
verification of an algorithm for computing the exponential
function in IEEE-754 standard binary floating point arithmetic.
We confirm (indeed strengthen) the main result of a previously
published error analysis, though we uncover a minor error in the
hand proof and are forced to confront several subtle issues that
might easily be overlooked informally.
Our main theorem connects the floating point exponential to its
abstract mathematical counterpart. The specification we prove is
that the function has the correct overflow behaviour and, in the
absence of overflow, the error in the result is less than 0.54
units in the last place (0.77 if the answer is denormalized)
compared against the exact mathematical exponential function.
The algorithm is expressed in a simple formalized programming
language, intended to be a subset of real programming and
hardware description languages. It uses underlying floating
point operations (addition, multiplication etc.) that are
assumed to conform to the IEEE-754 standard for binary floating
point arithmetic.
The development described here includes, apart from the proof
itself, a formalization of IEEE arithmetic, a mathematical
semantics for the programming language in which the algorithm is
expressed, and the body of pure mathematics needed. All this is
developed logically from first principles using the HOL Light
prover, which guarantees strict adherence to simple rules of
inference while allowing the user to perform proofs using
higher-level derived rules. We first present the main ideas and
conclusions, and then collect some technical details about the
prover and the underlying mathematical theories in appendices.
cam.ac.uk//UCAM-CL-TR-429
2018-03-27
Compilation and equivalence of imperative
objects
Gordon, Andrew D.
Hankin, Paul D.
Lassen, Søren B.
University of Cambridge, Computer Laboratory
1997-06
en
Text
UCAM-CL-TR-429
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-429.ps.gz
We adopt the untyped imperative object calculus of Abadi and
Cardelli as a minimal setting in which to study problems of
compilation and program equivalence that arise when compiling
object-oriented languages. We present both a big-step and a
small-step substitution-based operational semantics for the
calculus. Our first two results are theorems asserting the
equivalence of our substitution-based semantics with a
closure-based semantics like that given by Abadi and Cardelli.
Our third result is a direct proof of the correctness of
compilation to a stack-based abstract machine via a small-step
decompilation algorithm. Our fourth result is that contextual
equivalence of objects coincides with a form of Mason and
Talcott’s CIU equivalence; the latter provides a tractable means
of establishing operational equivalences. Finally, we prove
correct an algorithm, used in our prototype compiler, for
statically resolving method offsets. This is the first study of
correctness of an object-oriented abstract machine, and of
operational equivalence for the imperative object calculus.
cam.ac.uk//UCAM-CL-TR-430
2017-07-13
Video mail retrieval using voice : Report on topic
spotting
Jones, G.J.F.
Foote, J.T.
Sparck Jones, K.
Young, S.J.
University of Cambridge, Computer Laboratory
1997-07
en
Text
UCAM-CL-TR-430
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-431
2017-07-13
The MCPL programming manual and user guide
Richards, Martin
University of Cambridge, Computer Laboratory
1997-07
en
Text
UCAM-CL-TR-431
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-432
2017-07-13
On two formal analyses of the Yahalom
protocol
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-07
en
Text
UCAM-CL-TR-432
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-432.pdf
The Yahalom protocol is one of those analyzed by Burrows et al.
in the BAN paper. Based upon their analysis, they have proposed
modifications to make the protocol easier to understand and
analyze. Both versions of Yahalom have now been proved, using
Isabelle/HOL, to satisfy strong security goals. The mathematical
reasoning behind these machine proofs is presented informally.
The new proofs do not rely on a belief logic; they use an
entirely different formal model, the inductive method. They
confirm the BAN analysis and the advantages of the proposed
modifications. The new proof methods detect more flaws than BAN
and analyze protocols in finer detail, while remaining broadly
consistent with the BAN principles. In particular, the proofs
confirm the explicitness principle of Abadi and Needham.
cam.ac.uk//UCAM-CL-TR-433
2017-07-13
Backtracking algorithms in MCPL using bit patterns and
recursion
Richards, Martin
University of Cambridge, Computer Laboratory
1997-07
en
Text
UCAM-CL-TR-433
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-434
2021-07-12
Demonstration programs for CTL and μ-calculus symbolic
model checking
Richards, Martin
University of Cambridge, Computer Laboratory
1997-08
en
Text
UCAM-CL-TR-434
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-434.pdf
This paper presents very simple implementations of Symbolic
Model Checkers for both Computational Tree Logic (CTL) and
μ-calculus. They are intended to be educational rather than
practical. The first program discovers, for a given
non-deterministic finite state machine (NFSM), the states for
which a given CTL formula holds. The second program does the
same job for μ-calculus formulae.
For simplicity the number of states in the NFSM has been limited
to 32 and a bit pattern representation is used to represent the
boolean functions involved. It would be easy to extend both
programs to use ordered binary decision diagrams more normally
used in symbolic model checking.
The programs include lexical and syntax analysers for the
formulae, the model checking algorithms and drivers to exercise
them with respect to various simple machines. The programs are
implemented in MCPL. A brief summary of MCPL is given at the
end.
cam.ac.uk//UCAM-CL-TR-435
2017-07-13
Global/local subtyping for a distributed
π-calculus
Sewell, Peter
University of Cambridge, Computer Laboratory
1997-08
en
Text
UCAM-CL-TR-435
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-435.ps.gz
In the design of mobile agent programming languages there is a
tension between the implementation cost and the expressiveness
of the communication mechanisms provided. This paper gives a
static type system for a distributed π-calculus in which the
input and output of channels may be either global or local. This
allows compile-time optimization where possible but retains the
expressiveness of channel communication. Subtyping allows all
communications to be invoked uniformly. Recursive types and
products are included. The distributed π-calculus used
integrates location and migration primitives from the
Distributed Join Calculus with asynchronous π communication,
taking a simple reduction semantics. Some alternative calculi
are discussed.
cam.ac.uk//UCAM-CL-TR-436
2017-07-13
A new method for estimating optical flow
Clocksin, W.F.
University of Cambridge, Computer Laboratory
1997-11
en
Text
UCAM-CL-TR-436
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-436.pdf
Accurate and high density estimation of optical flow vectors in
an image sequence is accomplished by a method that estimates the
velocity distribution function for small overlapping regions of
the image. Because the distribution is multimodal, the method
can accurately estimate the change in velocity near motion
contrast borders. Large spatiotemporal support without
sacrificing spatial resolution is a feature of the method, so it
is not necessary to smooth the resulting flow vectors in a
subsequent operation, and there is a certain degree of
resistance to aperture and aliasing effects. Spatial support
also provides for the accurate estimation of long-range
displacements, and subpixel accuracy is achieved by a simple
weighted mean near the mode of the velocity distribution
function.
The method is demonstrated using image sequences obtained from
the analysis of ceramic and metal materials under stress. The
performance of the system under degenerate conditions is also
analysed to provide insight into the behaviour of optical flow
methods in general.
cam.ac.uk//UCAM-CL-TR-437
2016-07-22
Trusting in computer systems
Harbison, William S.
University of Cambridge, Computer Laboratory
1997-12
en
Text
UCAM-CL-TR-437
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-437.pdf
We need to be able to reason about large systems, and not just
about their components. For this we need new conceptual tools,
and this dissertation therefore indicates the need for a new
methodology which will allow us to better identify areas of
possible conflict or lack of knowledge in a system.
In particular, it examines at the concept of trust, and how this
can help us to understand the basic security aspects of a
system. The main proposal of this present work is that systems
are viewed in a manner which analyses the conditions under which
they have been designed to perform, and the circumstances under
which they have been implemented, and then compares the two.
This problem is then examined from the point of what is being
trusted in a system, or what it is being trusted for.
Starting from an approach developed in a military context, we
demonstrate how this can lead to unanticipated risks when
applied inappropriately. We further suggest that ‘trust’ be
considered a relative concept, in contast to the more usual
usage, and that it is not the result of knowledge but a
substitute for it. The utility of these concepts is in their
ability to quantify the risks associated with a specific
participant, whether these are explicitly accepted by them, or
not.
We finally propose a distinction between ‘trust’ and
‘trustworthy’ and demonstrate that most current uses of the term
‘trust’ are more appropriately viewed as statements of
‘trustworthiness’. Ultimately, therefore, we suggest that the
traditional “Orange Book” concept of trust resulting from
knowledge can violate the security policy of a system.
cam.ac.uk//UCAM-CL-TR-438
2016-07-22
An architecture for scalable and deterministic video
servers
Shi, Feng
University of Cambridge, Computer Laboratory
1997-11
en
Text
UCAM-CL-TR-438
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-438.pdf
A video server is a storage system that can provide a repository
for continuous media (CM) data and sustain CM stream delivery
(playback or recording) through networks. The voluminous nature
of CM data demands a video server to be scalable in order to
serve a large number of concurrent client requests. In addition,
deterministic services can be provided by a video server for
playback because the characteristics of variable bit rate (VBR)
video can be analysed in advance and used in run-time admission
control (AC) and data retrieval.
Recent research has made gigabit switches a reality, and the
cost/performance ratio of microprocessors and standard PCs is
dropping steadily. It would be more cost effective and flexible
to use off-the-shelf components inside a video server with a
scalable switched network as the primary interconnect than to
make a special purpose or massively parallel multiprocessor
based video server. This work advocates and assumes such a
scalable video server structure in which data is striped to
multiple peripherals attached directly to a switched network.
However, most contemporary distributed file systems do not
support data distribution across multiple networked nodes, let
alone providing quality of service (QoS) to CM applications at
the same time. It is the observation of this dissertation that
the software system framework for network striped video servers
is as important as the scalable hardware architecture itself.
This leads to the development of a new system architecture,
which is scalable, flexible and QoS aware, for scalable and
deterministic video servers. The resulting srchitecture is
called Cadmus from sCAlable and Deterministic MUlitmedia
Servers.
Cadmus also provides integrated solutions to AC and actual QoS
enforcement in storage nodes. This is achieved by considering
resources such as CPU buffer, disk, and network, simultaneously
but not independently and by including both real-time (RT) and
non-real-time (NRT) activities, In addition, the potential to
smooth the variability of VBR videos using read-ahead under
client buffer constraints is identified. A new smoothing
algorithm is presented, analysed, and incorporated into the
Cadmus architecture.
A prototype implementation of Cadmus has been constructed based
on distributed object computing and hardware modules directly
connected to an Asynchronous Transfer Mode (ATM) network.
Experiments were performed to evaluate the implementation and
demonstrate the utility and feasibility of the architecture and
its AC criteria.
cam.ac.uk//UCAM-CL-TR-439
2016-07-22
Applying mobile code to distributed systems
Halls, David A.
University of Cambridge, Computer Laboratory
1997-12
en
Text
UCAM-CL-TR-439
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-440
2017-07-13
Inductive analysis of the internet protocol
TLS
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-12
en
Text
UCAM-CL-TR-440
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-440.pdf
Internet browsers use security protocols to protect confidential
messages. An inductive analysis of TLS (a descendant of SSL 3.0)
has been performed using the theorem prover Isabelle. Proofs are
based on higher-order logic and make no assumptions concerning
beliefs or finiteness. All the obvious security goals can be
proved; session resumption appears to be secure even if old
session keys have been compromised. The analysis suggests modest
changes to simplify the protocol.
TLS, even at an abstract level, is much more complicated than
most protocols that researchers have verified. Session keys are
negotiated rather than distributed, and the protocol has many
optional parts. Nevertheless, the resources needed to verify TLS
are modest. The inductive approach scales up.
cam.ac.uk//UCAM-CL-TR-441
2017-07-13
A generic tableau prover and its integration with
Isabelle
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-01
en
Text
UCAM-CL-TR-441
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-441.pdf
A generic tableau prover has been implemented and integrated
with Isabelle. It is based on leantap but is much more
complicated, with numerous modifications to allow it to reason
with any supplied set of tableau rules. It has a higher-order
syntax in order to support the binding operators of set theory;
unification is first-order (extended for bound variables in
obvious ways) instead of higher-order, for simplicity.
When a proof is found, it is returned to Isabelle as a list of
tactics. Because Isabelle verifies the proof, the prover can cut
corners for efficiency’s sake without compromising soundness.
For example, it knows almost nothing about types.
cam.ac.uk//UCAM-CL-TR-442
2018-03-27
A combination of nonstandard analysis and geometry
theorem proving, with application to Newton’s
Principia
Fleuriot, Jacques
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-01
en
Text
UCAM-CL-TR-442
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-442.ps.gz
The theorem prover Isabelle is used to formalise and reproduce
some of the styles of reasoning used by Newton in his Principia.
The Principia’s reasoning is resolutely geometric in nature but
contains “infinitesimal” elements and the presence of motion
that take it beyond the traditional boundaries of Euclidean
Geometry. These present difficulties that prevent Newton’s
proofs from being mechanised using only the existing geometry
theorem proving (GTP) techniques.
Using concepts from Robinson’s Nonstandard Analysis (NSA) and a
powerful geometric theory, we introduce the concept of an
infinitesimal geometry in which quantities can be infinitely
small or infinitesimal. We reveal and prove new properties of
this geometry that only hold because infinitesimal elements are
allowed and use them to prove lemmas and theorems from the
Principia.
cam.ac.uk//UCAM-CL-TR-443
2017-07-13
The inductive approach to verifying cryptographic
protocols
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-02
en
Text
UCAM-CL-TR-443
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-443.pdf
Informal arguments that cryptographic protocols are secure can
be made rigorous using inductive definitions. The approach is
based on ordinary predicate calculus and copes with
infinite-state systems. Proofs are generated using Isabelle/HOL.
The human effort required to analyze a protocol can be as little
as a week or two, yielding a proof script that takes a few
minutes to run.
Protocols are inductively defined as sets of traces. A trace is
a list of communication events, perhaps comprising many
interleaved protocol runs. Protocol descriptions incorporate
attacks and accidental losses. The model spy knows some private
keys and can forge messages using components decrypted from
previous traffic. Three protocols are analyzed below: Otway-Rees
(which uses shared-key encryption), Needham-Schroeder (which
uses public-key encryption), and a recursive protocol (which is
of variable length).
One can prove that event ev always precedes event ev′ or that
property P holds provided X remains secret. Properties can be
proved from the viewpoint of the various principals: say, if A
receives a final message from B then the session key it conveys
is good.
cam.ac.uk//UCAM-CL-TR-444
2017-07-13
From rewrite rules to bisimulation
congruences
Sewell, Peter
University of Cambridge, Computer Laboratory
1998-05
en
Text
UCAM-CL-TR-444
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-444.ps.gz
The dynamics of many calculi can be most clearly defined by
reduction semantics. To work with a calculus, however, an
understanding of operational congruences is fundamental; these
can often be given tractable definitions or characterisations
using a labelled transition semantics. This paper considers
calculi with arbitary reduction semantics of three simple
classes, firstly ground term rewriting, then left-linear term
rewriting, and then a class which is esentially the action
calculi lacking substantive name binding. General definitions of
labelled transitions are given in each case, uniformly in the
set of rewrite rules, and without requiring the prescription of
additional notions of observation. They give rise to
bisimulation congruences. As a test of the theory it is shown
that bisimulation for a fragment of CCS is recovered. The
transitions generated for a fragment of the Ambient Calculus of
Cardelli and Gordon, and for SKI combinators, are also discussed
briefly.
cam.ac.uk//UCAM-CL-TR-445
2018-03-27
Secure sessions from weak secrets
Roe, Michael
Christianson, Bruce
Wheeler, David
University of Cambridge, Computer Laboratory
1998-07
en
Text
UCAM-CL-TR-445
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-445.pdf
Sometimes two parties who share a weak secret k (such as a
password) wish to share a strong secret s (such as a session
key) without revealing information about k to a (possibly
active) attacker. We assume that both parties can generate
strong random numbers and forget secrets, and present three
protocols for secure strong secret sharing, based on RSA,
Diffie-Hellman and El-Gamal. As well as being simpler and
quicker than their predecessors, our protocols also have
slightly stronger security properties: in particular, they make
no cryptographic use of s and so impose no subtle restrictions
upon the use which is made of s by other protocols.
cam.ac.uk//UCAM-CL-TR-446
2017-07-13
A probabilistic model of information and retrieval:
development and status
Spärck Jones, K.
Walker, S.
Robertson, S.E.
University of Cambridge, Computer Laboratory
1998-08
en
Text
UCAM-CL-TR-446
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-446.ps.gz
The paper combines a comprehensive account of the probabilistic
model of retrieval with new systematic experiments on TREC
Programme material. It presents the model from its foundations
through its logical development to cover more aspects of
retrieval data and a wider range of system functions. Each step
in the argument is matched by comparative retrieval tests, to
provide a single coherent account of a major line of research.
The experiments demonstrate, for a large test collection, that
the probabilistic model is effective and robust, and that it
responds appropriately, with major improvements in performance,
to key features of retrieval situations.
cam.ac.uk//UCAM-CL-TR-447
2017-07-13
Are timestamps worth the effort? A formal
treatment
Bella, Giampaolo
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-09
en
Text
UCAM-CL-TR-447
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-447.pdf
Theorem proving provides formal and detailed support to the
claim that timestamps can give better freshness guarantees than
nonces do, and can simplify the design of crypto-protocols.
However, since they rely on synchronised clocks, their benefits
are still debatable. The debate should gain from our formal
analysis, which is achieved through the comparison of a
nonce-based crypto-protocol, Needham-Schroeder, with its natural
modification by timestamps, Kerberos.
cam.ac.uk//UCAM-CL-TR-448
2020-12-01
A computational interpretation of the λμ
calculus
Bierman, G.M.
University of Cambridge, Computer Laboratory
1998-09
en
Text
UCAM-CL-TR-448
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-448.pdf
This paper proposes a simple computational interpretation of
Parigot’s λμ-calculus. The λμ-calculus is an extension of the
typed λ-calculus which corresponds via the Curry-Howard
correspondence to classical logic. Whereas other work has given
computational interpretations by translating the λμ-calculus
into other calculi, I wish to propose here that the λμ-calculus
itself has a simple computational interpretation: it is a typed
λ-calculus which is able to save and restore the runtime
environment. This interpretation is best given as a single-step
semantics which, in particular, leads to a relatively simple,
but powerful, operational theory.
cam.ac.uk//UCAM-CL-TR-449
2021-07-09
Locales : A sectioning concept for Isabelle
Kammüller, Florian
Wenzel, Markus
University of Cambridge, Computer Laboratory
1998-10
en
Text
UCAM-CL-TR-449
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-449.pdf
Locales are a means to define local scopes for the interactive
proving process of the theorem prover Isabelle. They delimit a
range in which fixed assumptions are made, and theorems are
proved which depend on these assumptions. A locale may also
contain constants and associated with pretty printing syntax.
Locales can be seen as a simple form of modules. They are
similar to sections as in Automath or Coq. Locales are used to
enhance abstract reasoning. It also discusses some
implementation issues.
cam.ac.uk//UCAM-CL-TR-450
2016-07-22
Open service support for ATM
van der Merwe, Jacobus Erasmus
University of Cambridge, Computer Laboratory
1998-11
en
Text
UCAM-CL-TR-450
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-451
2022-04-25
The structure of open ATM control
architectures
Rooney, Sean
University of Cambridge, Computer Laboratory
1998-11
en
Text
UCAM-CL-TR-451
ISSN 1476-2986
The design of networks capable of supporting a large number of
different services is one of the principal areas of network
research. ATM, by virtue of its ability to give resource
guarantees to arbitrary services, is likely to become the
transport protocol for high-speed service-independent networks.
The ATM control plane — handling as it does the needs of many
distinct services with diverse constraints — is necessarily
complex. The approach adopted by industry has been to try and
adopt the techniques used to control the telephony network to
ATM.
This dissertation argues that current monolithic ATM signalling
standards reduce the service support flexibility that was the
principal motivating factor behind the introduction of ATM. It
argues that a more open approach is required if ATM is to be
able to meet the demands of a decentralised, deregulated service
provision market.
A natural approach in handling complex systems is to divide them
into simpler elements. This dissertation considers two types of
separation. Firstly it shows how a clean separation can be made
between the ATM control plane and the switch, allowing them to
be implemented and evolve independently. Secondly, as a
consequence of the clear separation of the controller from the
switch, it demonstrates how several distinct control
architectures can coexist simultaneously on the same physical
network, removing the need for one single monolithic control
architecture and allowing network operators to choose the
control architecture most appropriate for their purposes.
The utility and practicality of this approach are demonstrated
through the description of the structure of a switch-independent
control architecture which efficiently implements a complete
range of ATM control operations. Such a control architecture is
more versatile than conventional signalling systems, while the
environment in which it executes allows both standard and
proprietary signalling systems to coexist.
Network robustness is of primary importance for large scale
commercial networks. This dissertation shows how management of
an open control network can be made less centralised and more
adaptive. These qualities are particularly important in an
environment in which there may be many network operators
managing distinct networks simultaneously.
cam.ac.uk//UCAM-CL-TR-452
2017-07-13
A formal proof of Sylow’s theorem : An experiment in
abstract algebra with Isabelle Hol
Kammüller, Florian
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-11
en
Text
UCAM-CL-TR-452
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-452.pdf
The theorem of Sylow is proved in Isabelle HOL. We follow the
proof by Wielandt that is more general than the original and
uses a non-trivial combinatorial identity. The mathematical
proof is explained in some detail leading on to the
mechanization of group theory and the necessary combinatorics in
Isabelle. We present the mechanization of the proof in detail
giving reference to theorems contained in an appendix. Some weak
points of the experiment with respect to a natural treatment of
abstract algebraic reasoning give rise to a discussion of the
use of module systems to represent abstract algebra in theorem
provers. Drawing from that, we present tentative ideas for
further research into a section concept for Isabelle.
cam.ac.uk//UCAM-CL-TR-453
2016-07-22
C formalised in HOL
Norrish, Michael
University of Cambridge, Computer Laboratory
1998-12
en
Text
UCAM-CL-TR-453
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-453.pdf
We present a formal semantics of the C programming language,
covering both the type system and the dynamic behaviour of
programs. The semantics is wide-ranging, covering most of the
language, with its most significant omission being the C
library. Using a structural operational semantics we specify
transition relations for C’s expressions, statements and
declarations in higher order logic.
The consistency of our definition is assured by its
specification in the HOL theorem prover. With the theorem
prover, we have used the semantics as the basis for a set of
proofs of interesting theorems about C. We investigate
properties of expressions and statements separately.
In our chapter of results about expressions, we begin with two
results about the interaction between the type system and the
dynamic semantics. We have both type preservation, that the
values produced by expressions conform to the type predicted for
them; and type safety, that typed expressions will not block,
but will either evaluate to a value, or cause undefined
behaviour. We then also show that two broad classes of
expression are deterministic. This last result is of
considerable practical value as it makes later verification
proofs significantly easier.
In our chapter of results about statements, we prove a series of
derived rules that provide C with Floyd-Hoare style “axiomatic”
rules for verifying properties of programs. These rules are
consequences of the original semantics, not independently stated
axioms, so we can be sure of their soundness. This chapter also
proves the correctness of an automatic tool for constructing
post-conditions for loops with break and return statements.
Finally, we perform some simple verification case studies, going
some way towards demonstrating practical utility for the
semantics and accompanying tools.
This technical report is substantially the same as the PhD
thesis I submitted in August 1998. The minor differences between
that document and this are principally improvements suggested by
my examiners Andy Gordon and Tom Melham, whom I thank for their
help and careful reading.
cam.ac.uk//UCAM-CL-TR-454
2020-11-30
Parametric polymorphism and operational
equivalence
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1998-12
en
Text
UCAM-CL-TR-454
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-454.pdf
Studies of the mathematical properties of impredicative
polymorphic types have for the most part focused on the
polymorphic lambda calculus of Girard-Reynolds, which is a
calculus of total polymorphic functions. This paper considers
polymorphic types from a functional programming perspective,
where the partialness arising from the presence of fixpoint
recursion complicates the nature of potentially infinite
(‘lazy’) datatypes. An approach to Reynolds’ notion of
relational parametricity is developed that works directly on the
syntax of a programming language, using a novel closure operator
to relate operational behaviour to parametricity properties of
types. Working with an extension of Plotkin’s PCF with ∀-types,
lazy lists and existential types, we show by example how the
resulting logical relation can be used to prove properties of
polymorphic types up to operational equivalence.
cam.ac.uk//UCAM-CL-TR-455
2020-12-04
Multiple modalities
Bierman, G.M.
University of Cambridge, Computer Laboratory
1998-12
en
Text
UCAM-CL-TR-455
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-455.pdf
Linear logic removes the structural rules of weakening and
contraction and adds an S4-like modality (written !). Only
formulae of the form !φ can be weakened or contracted. An
interesting question is whether these two capabilities can be
separated using two different modalities. This question was
studied semantically in a comprehensive paper by Jacobs. This
paper considers the question proof-theoretically, giving sequent
calculus, natural deduction and axiomatic formulations.
cam.ac.uk//UCAM-CL-TR-456
2016-07-22
An evaluation based approach to process
calculi
Ross, Joshua Robert Xavier
University of Cambridge, Computer Laboratory
1999-01
en
Text
UCAM-CL-TR-456
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-457
2021-08-16
A concurrent object calculus: reduction and
typing
Gordon, Andrew D.
Hankin, Paul D.
University of Cambridge, Computer Laboratory
1999-02
en
Text
UCAM-CL-TR-457
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-457.pdf
We obtain a new formalism for concurrent object-oriented
languages by extending Abadi abd Cardelli’s imperative object
calculus with operators for concurrency from the μ-calculus and
with operators for synchronisation based on mutexes. Our syntax
of terms is extremely expressive; in a precise sense it unifies
notions of expression, process, store, thread and configuration.
We present a chemical-style reduction semantics, and prove it
equivalent to a structural operational semantics. We identify a
deterministic fragment that is closed under reduction and show
that it includes the imperative object calculus. A collection of
type systems for object oriented constructs is at the heart of
Abadi and Cardelli’s work. We recast one of Abadi and Cardelli’s
first-order type systems with object types and subtyping in the
setting of our calculus and prove subject reduction. Since our
syntax of terms includes both stores and running expressions, we
avoid the need to separate store typing from typing of
expressions. We translate communication channels and choice-free
asynchronous μ-calculus into our calculus to illustrate its
expressiveness; the types of read-only and write-only channels
are supertypes of read-write channels.
cam.ac.uk//UCAM-CL-TR-458
2017-07-13
Final coalgebras as greatest fixed points in ZF set
theory
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1999-03
en
Text
UCAM-CL-TR-458
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-458.pdf
A special final coalgebra theorem, in the style of Aczel (1988),
is proved within standard Zermelo-Fraenkel set theory. Aczel’s
Anti-Foundation Axiom is replaced by a variant definition of
function that admits non-well-founded constructions. Variant
ordered pairs and tuples, of possibly infinite length, are
special cases of variant functions. Analogues of Aczel’s
solution and substitution lemmas are proved in the style of
Rutten and Turi (1993). The approach is less general than
Aczel’s, but the treatment of non-well-founded objects is simple
and concrete. The final coalgebra of a functor is its greatest
fixedpoint. Compared with previous work (Paulson, 1995a),
iterated substitutions and solutions are considered, as well as
final coalgebras defined with respect to parameters. The
disjoint sum construction is replaced by a smoother treatment of
urelements that simplifies many of the derivations. The theory
facilitates machine implementation of recursive definitions by
letting both inductive and coinductive definitions be
represented as fixedpoints. It has already been applied to the
theorem prover Isabelle (Paulson, 1994).
cam.ac.uk//UCAM-CL-TR-459
2016-07-22
An open parallel architecture for data-intensive
applications
Afshar, Mohamad
University of Cambridge, Computer Laboratory
1999-07
en
Text
UCAM-CL-TR-459
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-459.ps.gz
Data-intensive applications consist of both declarative
data-processing parts and imperative computational parts. For
applications such as climate modelling, scale hits both the
computational aspects which are typically handled in a
procedural programming language, and the data-processing aspects
which are handled in a database query language. Although
parallelism has been successfully exploited in the
data-processing parts by parallel evaluation of database queries
associated with the application, current database query
languages are poor at expressing the computational aspects,
which are also subject to scale.
This thesis proposes an open architecture that delivers
parallelism shared between the database, system and application,
thus enabling the integration of the conventionally separated
query and non-query components of a data-intensive application.
The architecture is data-model independent and can be used in a
variety of different application areas including
decision-support applications, which are query based, and
complex applications, which comprise procedural language
statements with embedded queries. The architecture encompasses a
unified model of parallelism and the realisation of this model
in the form of a language within which it is possible to
describe both the query and non-query components of
data-intensive applications. The language enables the
construction of parallel applications by the hierarchical
composition of platform-independent parallel forms, each of
which implements a form of task or data parallelism. These forms
may be used to determine both query and non-query actions.
Queries are expressed in a declarative language based on “monoid
comprehensions”. The approach of using monoids to model data
types and monoid homomorphisms to iterate over collection types
enables mathematically provable compile-time optimisations
whilst also facilitating multiple collection types and data type
extensibility. Monoid comprehension programs are automatically
transformed into parallel programs composed of applications of
the parallel forms, one of which is the “monoid homomorphism”.
This process involves identifying the parts of a query where
task and data parallelism are available and mapping that
parallelism onto the most suitable form. Data parallelism in
queries is mapped onto a form that implements combining tree
parallelism for query evaluation and dividing tree parallelism
to realise data partitioning. Task parallelism is mapped onto
two separate forms that implement pipeline and independent
parallelism. This translation process is applied to all
comprehension queries including those in complex applications.
The result is a skeleton program in which both the query and
non-query parts are expressed within a single language.
Expressions in this language are amenable to the application of
optimising skeleton rewrite rules.
A complete prototype of the decision-support architecture has
been constructed on a 128-cell MIMD parallel computer. A
demonstration of the utility of the query framework is performed
by modelling some of OQL and a substantial subset of SQL. The
system is evaluated for query speedup with a number of hardware
configurations using a large music catalogue database. The
results obtained show that the implementation delivers the
performance gains expected while offering a convenient
definition of the parallel environment.
cam.ac.uk//UCAM-CL-TR-460
2017-07-06
Message reception in the inductive approach
Bella, Giampaolo
University of Cambridge, Computer Laboratory
1999-03
en
Text
UCAM-CL-TR-460
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-460.pdf
Cryptographic protocols can be formally analysed in great detail
by means of Paulson’s Inductive Approach, which is mechanised by
the theorem prover Isabelle. The approach only relied on message
sending (and noting) in order to keep the models simple. We
introduce a new event, message reception, and show that the
price paid in terms of runtime is negligible because old proofs
can be reused. On the other hand, the new event enhances the
global expressiveness, and makes it possible to define an
accurate notion of agents’ knowledge, which extends and replaces
Paulson’s notion of spy’s knowledge. We have designed new
guarantees to assure each agent that the peer does not know the
crucial message items of the session. This work thus extends the
scope of the Inductive approach. Finally, we provide general
guidance on updating the protocols analysed so far, and give
examples for some cases.
cam.ac.uk//UCAM-CL-TR-461
2017-07-13
Integrating Gandalf and HOL
Hurd, Joe
University of Cambridge, Computer Laboratory
1999-03
en
Text
UCAM-CL-TR-461
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-461.pdf
Gandalf is a first-order resolution theorem-prover, optimized
for speed and specializing in manipulations of large clauses. In
this paper I describe GANDALF TAC, a HOL tactic that proves
goals by calling Gandalf and mirroring the resulting proofs in
HOL. This call can occur over a network, and a Gandalf server
may be set up servicing multiple HOL clients. In addition, the
translation of the Gandalf proof into HOL fits in with the LCF
model and guarantees logical consistency.
cam.ac.uk//UCAM-CL-TR-462
2018-03-27
Location-independent communication for mobile agents: a
two-level architecture
Sewell, Peter
Wojciechowski, Paweł T.
Pierce, Benjamin C.
University of Cambridg