University of Cambridge Computer Laboratory Technical Reports
http://oaigateway.library.ucla.edu/gatewaynet/oai.aspx/www.cl.cam.ac.uk/techreports/UCAM-CL-TR-OAI-SR.xml
2.0
tech-reports@cl.cam.ac.uk
2003-01-01
no
YYYY-MM-DD
oai_dc
http://www.openarchives.org/OAI/2.0/oai_dc.xsd
http://www.openarchives.org/OAI/2.0/oai_dc/
cam.ac.uk//UCAM-CL-TR-1
2003-01-01
The JACKDAW database package
Challis, M.F.
University of Cambridge, Computer Laboratory
1974-10
en
Text
UCAM-CL-TR-1
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-1.pdf
This report describes a general database package which has been
implemented in BCPL on an IBM 370/165 at the University of
Cambridge. One current application is the provision of an
administrative database for the Computing Service.
Entries within a database may include (in addition to primitive
fields such as ‘salary’ and ‘address’) links to other entries:
each link represents a relationship between two entries and is
always two-way.
Generality is achieved by including within each database class
definitions which define the structure of the entries within it;
these definitions may be interrogated by program.
The major part of the package presents a procedural interface
between an application program and an existing database,
enabling entries and their fields to be created, interrogated,
updated and deleted. The creation of a new database (or
modification of an existing one) by specifying the class
definitions is handled by a separate program.
The first part of the report describes the database structure
and this is followed by an illustration of the procedural
interface. Finally, some of the implementation techniques used
to insure integrity of the database are described.
cam.ac.uk//UCAM-CL-TR-2
2008-12-18
Scheduling for a share of the machine
Larmouth, J.
University of Cambridge, Computer Laboratory
1974-10
en
Text
UCAM-CL-TR-2
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-2.pdf
This paper describes the mechanism used to schedule jobs and
control machine use on the IBM 370/165 at Cambridge University,
England. The same algorithm is currently being used in part at
the University of Bradford and implementations are in progress
or under study for a number of other British Universities.
The system provides computer management with a simple tool for
controlling machine use. The managerial decision allocates a
share of the total machine resources to each user of the system,
either directly, or via a hierarchial allocation scheme. The
system then undertakes to vary the turnaround of user jobs to
ensure that those decisions are effective, no matter what sort
of work the user is doing.
At the user end of the system we have great flexibility in the
way in which he uses the resources he has received, allowing him
to get a rapid turnaround for those (large or small) jobs which
require it, and a slower turnaround for other jobs. Provided he
does not work at a rate exceeding that appropriate to his share
of the machine, he can request, for every job he submits, the
‘deadline’ by which he wants it running, and the system will
usually succeed in running his job at about the requested time –
rarely later, and only occasionally sooner.
Every job in the machine has its own ‘deadline’, and the machine
is not underloaded. Within limits, each user can request his
jobs back when he wants them, and the system keeps his use to
within the share of the machine he has been given. The approach
is believed to be an original one and to have a number of
advantages over more conventional scheduling and controlling
algorithms.
cam.ac.uk//UCAM-CL-TR-3
2005-07-20
A replacement for the OS/360 disc space management
routines
Stoneley, A.J.M.
University of Cambridge, Computer Laboratory
1975-04
en
Text
UCAM-CL-TR-3
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-3.pdf
In the interest of efficiency, the IBM disc space management
routines (Dadsm) have been completely replaced in the Cambridge
370/165.
A large reduction in the disc traffic has been achieved by
keeping the lists of free tracks in a more compact form and by
keeping lists of free VTOC blocks. The real time taken in a
typical transaction has been reduced by a factor of twenty.
By writing the code in a more appropriate form than the
original, the size has been decreased by a factor of five, thus
making it more reasonable to keep it permanently resident. The
cpu requirement has decreased from 5% to 0.5% of the total time
during normal service.
The new system is very much safer than the old in the fact of
total system crashes. The old system gave little attention to
the consequences of being stopped in mid-flight, and it was
common to discover an area of disc allocated to two files. This
no longer happens.
cam.ac.uk//UCAM-CL-TR-4
2005-08-08
The dynamic creation of I/O paths under
OS/360-MVT
Stoneley, A.J.M.
University of Cambridge, Computer Laboratory
1975-04
en
Text
UCAM-CL-TR-4
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-4.pdf
In a large computer it is often desirable and convenient for an
ordinary program to be able to establish for itself a logical
connection to a peripheral device. This ability is normally
provided through a routine within the operating system which may
be called by any user program at any time. OS/360 lacks such a
routine. For the batch job, peripheral connections can only be
made through the job control language and this cannot be done
dynamically at run-time. In the restricted context of TSO (IBM’s
terminal system) a routine for establishing peripheral
connections does exist, but it is extremely inefficient and
difficult to use.
This paper describes how a suitable routine was written and
grafted into the operating system of the Cambridge 370/165.
cam.ac.uk//UCAM-CL-TR-5
2006-07-11
Parrot – A replacement for TCAM
Hazel, P.
Stoneley, A.J.M.
University of Cambridge, Computer Laboratory
1976-04
en
Text
UCAM-CL-TR-5
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-5.pdf
The terminal driving software and hardware for the Cambridge TSO
(Phoenix) system is described. TCAM and the IBM communications
controller were replaced by a locally written software system
and a PDP-11 complex. This provided greater flexibility,
reliability, efficiency and a better “end-user” interface than
was possible under a standard IBM system.
cam.ac.uk//UCAM-CL-TR-6
2003-01-01
System programming in a high level language
Birrell, Andrew D.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-6
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-7
2018-03-22
Local area computer communication networks
Hopper, Andrew
University of Cambridge, Computer Laboratory
1978-04
en
Text
UCAM-CL-TR-7
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-7.pdf
In this thesis a number of local area network architectures are
studied and the feasibility of a LSI design for a universal
local network chip is considered. The thesis begins with a
survey of current network technologies and a discussion of some
of the problems encountered in local network design. Existing
implementations of local networks are then discussed, and their
performance compared. Ultimately the design considerations for a
general purpose, microprogrammed, LSI network chip is discussed.
Such a circuit is able to handle a range of network
architectures and can be reconfigured to suit various traffic
patterns. Finally some of the protocol requirements of local
networks are discussed, leading to a redesign of the Cambridge
ring to provide hardware support for protocol implementation.
cam.ac.uk//UCAM-CL-TR-9
2003-01-01
Evaluation of a protection system
Cook, Douglas John
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-9
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-10
2003-01-01
Prediction oriented description of database
systems
Pezarro, Mark Theodore
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-10
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-11
2018-03-27
Automatic resolution of linguistic
ambiguities
Boguraev, Branimir Konstatinov
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-11
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-11.pdf
The thesis describes the design, implementation and testing of a
natural language analysis system capable of performing the task
of generating paraphrases in a highly ambiguous environment. The
emphasis is on incorporating strong semantic judgement in an
augmented transition network grammar: the system provides a
framework for examining the relationship between syntax and
semantics in the process of text analysis, especially while
treating the related phenomena of lexical and structural
ambiguity. Word-sense selection is based on global analysis of
context within a semantically well-formed unit, with primary
emphasis on the verb choice. In building structures representing
text meaning, the analyser relies not on screening through many
alternative structures – intermediate, syntactic or partial
semantic – but on dynamically constructing only the valid ones.
The two tasks of sense selection and structure building are
procedurally linked by the application of semantic routines
derived from Y. Wilks’ preference semantics, which are invoked
at certain well chosen points of the syntactic constituent
analysis – this delimits the scope of their action and provides
context for a particular disambiguation technique. The
hierarchical process of sentence analysis is reflected in the
hierarchical organisation of application of these semantic
routines – this allows the efficient coordination of various
disambiguation techniques, and the reduction of syntactic
backtracking, non-determinism in the grammar, and semantic
parallelism. The final result of the analysis process is a
dependency structure providing a meaning representation of the
input text with labelled components centred on the main verb
element, each characterised in terms of semantic primitives and
expressing both the meaning of a constituent and its function in
the overall textual unit. The representation serves as an input
to the generator, organised around the same underlying principle
as the analyser – the verb is central to the clause. Currently
the generator works in paraphrase mode, but is specifically
designed so that with minimum effort and virtually no change in
the program control structure and code it could be switched over
to perform translation.
The thesis discusses the rationale for the approach adopted,
comparing it with others, describes the system and its machine
implementation, and presents experimental results.
cam.ac.uk//UCAM-CL-TR-12
2017-11-30
HASP “IBM 1130” multileaving remote job entry protocol
with extensions as used on the University of Cambridge IBM
370/165
Oakley, M.R.A.
Hazel, P.
University of Cambridge, Computer Laboratory
1979-09
en
Text
UCAM-CL-TR-12
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-12.pdf
This document brings together most of the information required
to design, write and operate a HASP Remote Job Entry Terminal
program. Most of the document describes facilities available
using any host computer supporting the HASP protocols. The
remainder of the document describes improvements to these
facilities which have been made in order to enhance the
reliability of the system, to make it easier to run, and to
provide for a wider range of peripherals than the basic system.
cam.ac.uk//UCAM-CL-TR-13
2010-09-30
Resource allocation and job scheduling
Hazel, Philip
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-13
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-13.pdf
The mechanisms for sharing the resources of the Cambridge IBM
370/165 computer system among many individual users are
described. File store is treated separately from other resources
such as central processor and channel time. In both cases,
flexible systems that provide incentives to thrifty behaviour
are used. The method of allocating resources directly to users
rather than in a hierarchical manner via faculties and
departments is described, and its social acceptability is
discussed.
cam.ac.uk//UCAM-CL-TR-14
2010-09-30
Store to store swapping for TSO under OS/MVT
Powers, J.S.
University of Cambridge, Computer Laboratory
1980-06
en
Text
UCAM-CL-TR-14
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-14.pdf
A system of store-to-store swapping incorporated into TSO on the
Cambridge IBM 370/165 is described. Unoccupied store in the
dynamic area is used as the first stage of a two-stage backing
store for swapping time-sharing sessions; a fixed-head disc
provides the second stage. The performance and costs of the
system are evaluated.
cam.ac.uk//UCAM-CL-TR-15
2018-03-27
The implementation of BCPL on a Z80 based
microcomputer
Wilson, I.D.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-15
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-15.pdf
The main aim of this project was to achieve as full an
implementation as possible of BCPL on a floppy disc based
microcomputer, running CP/M or CDOS (the two being esentially
compatible). On the face of it there seemed so many limiting
factors, that, when the project was started, it was not at all
clear which one (if any) would become a final stumbling block.
As it happened, the major problems that cropped up could be
programmed round, or altered in such a way as to make them
soluble.
The main body of the work splits comfortably into three
sections, and the writer hopes that, in covering each section
separately, to be able to show how the whole project fits
together into the finished implementation.
cam.ac.uk//UCAM-CL-TR-16
2018-03-27
Reliable storage in a local network
Dion, Jeremy
University of Cambridge, Computer Laboratory
1981-02
en
Text
UCAM-CL-TR-16
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-16.pdf
A recent development in computer science has been the advent of
local computer networks, collections of autonomous computers in
a small geographical area connected by a high-speed
communications medium. In such a situation it is natural to
specialise some of the computers to provide useful services to
others in the network. These server machines can be economically
advantageous if they provide shared access to expensive
mechanical devices such as discs.
This thesis discusses the problems involved in designing a file
server to provide a storage service in a local network. It is
based on experience gained from the design and implementation of
a file server for the Cambridge ring.
An important aspect of the design of a file server is the choice
of the service which is provided to client machines. The
spectrum of choice ranges from providing a simple remote disc
with operations such as read and write block, to a remote file
system with directories and textual names. The interface chosen
for the Cambridge file server is “universal” in that the
services it provides are intended to allow easy implementation
of both virtual memory systems and filing systems.
The second major aspect of the file server design concerns
reliability. If the server is to store important information for
clients, then it is essential that it be resistant to transient
errors such as communications or power failures. The general
problems of reliability and crash resistance are discussed in
terms of a model developed for this purpose. Different
reliability strategies used in current data base and filing
systems are related to the model, and a mechanism for providing
atomic transactions in the Cambridge file server is described in
detail. An improved mechanism which allows atomic transactions
on multiple files is also described and contrasted with the
first version. The revised design allows several file servers in
a local network to cooperate in atomic updates to arbitrary
collections of files.
cam.ac.uk//UCAM-CL-TR-17
2018-03-27
Three papers on parsing
Boguraev, B.K.
Spärck Jones, K.
Tait, J.I.
University of Cambridge, Computer Laboratory
1982
en
Text
UCAM-CL-TR-17
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-17.pdf
This collection of three papers examines current problems in the
parsing of natural language. The first paper investigates the
parsing of compound nouns, and suggests that the existing
strategies are inadequate. Accepting that better approaches are
needed, the paper then proceeds to examine the implications for
natural language processing systems.
The second paper in the collection examines the task of
recognising conjunctions within an ATN grammar. To do this only
through the grammar specification is difficult and results in a
bulky grammar. The paper therefore presents some ideas for
extending the ATN mechanism to better deal with conjunctions.
The final paper considers ways in which semantic parsers can
exploit syntactic constraints. Two specific semantic parsers are
considered: those of Cater and Boguraev which are regarded as
being representative of two styles of parsing. The main
conclusion to be drawn is that there are significant
disadvantages to semantic parsing without complete syntactic
processing of the input.
cam.ac.uk//UCAM-CL-TR-18
2003-01-01
Automatic mesh generation of 2 & 3 dimensional
curvilinear manifolds
Wördenweber, Burkard
University of Cambridge, Computer Laboratory
1981-11
en
Text
UCAM-CL-TR-18
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-19
2003-01-01
Analysis and inference for English
Cater, Arthur William Sebright
University of Cambridge, Computer Laboratory
1981-09
en
Text
UCAM-CL-TR-19
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-20
2017-07-13
On using Edinburgh LCF to prove the correctness of a
parsing algorithm
Cohn, Avra
Milner, Robin
University of Cambridge, Computer Laboratory
1982-02
en
Text
UCAM-CL-TR-20
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-20.pdf
The methodology of Edinburgh LCF, a mechanized interactive proof
system is illustrated through a problem suggested by Gloess –
the proof of a simple parsing algorithm. The paper is
self-contained, giving only the relevant details of the LCF
proof system. It is shown how tactics may be composed in LCF to
yield a strategy which is appropriate for the parser problem but
which is also of a generally useful form. Also illustrated is a
general mechanized method of deriving structural induction rules
within the system.
cam.ac.uk//UCAM-CL-TR-21
2006-07-11
The correctness of a precedence parsing algorithm in
LCF
Cohn, A.
University of Cambridge, Computer Laboratory
1982-04
en
Text
UCAM-CL-TR-21
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-21.pdf
This paper describes the proof in the LCF system of a
correctness property of a precedence parsing algorithm. The work
is an extension of a simpler parser and proof by Cohn and Milner
(Cohn & Milner 1982). Relevant aspects of the LCF system are
presented as needed. In this paper, we emphasize (i) that
although the current proof is much more complex than the earlier
one, mqany of the same metalanguage strategies and aids
developed for the first proof are used in this proof, and (ii)
that (in both cases) a general strategy for doing some limited
forward search is incorporated neatly into the overall
goal-oriented proof framework.
cam.ac.uk//UCAM-CL-TR-22
2006-09-20
Constraints in CODD
Robson, M.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-22
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-22.pdf
The paper describes the implementation of the data structuring
concepts of domains, intra-tuple constraints and referential
constraints in the relational DBMS CODD. All of these
constraints capture some of the semantics of the database’s
application.
Each class of constraint is described briefly and it is shown
how each of them is specified. The constraints are stored in the
database giving a centralised data model, which contains
descriptions of procedures as well as of statistic structures.
Some extensions to the notion of referential constraint are
proposed and it is shown how generalisation hierarchies can be
expressed as sets of referential constraints. It is shown how
the stored data model is used in enforcement of the constraints.
cam.ac.uk//UCAM-CL-TR-23
2018-03-27
Two papers about the scrabble summarising
system
Tait, J.I.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-23
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-23.pdf
This report contains two papers which describe parts of the
Scrabble English summarizing system. The first, “Topic
identification techniques for predictive language analyzers” has
been accepted as a short communication for the 9th International
COnference on Computational Linguistics, in Prague. The second,
“General summaries using a predictive language analyser” is an
extended version of a discussion paper which will be presented
at the European Conference on Artificial Intelligence in Paris.
Both conferences will take place during July 1982.
The [second] paper describes a computer system capable of
producing coherent summaries of English texts even when they
contain sections which the system has not understood completely.
The system employs an analysis phase which is not dissimilar to
a script applier together with a rather more sophisticated
summariser than previous systems. Some deficiencies of earlier
systems are pointed out, and ways in which the current
implementation overcomes them are discussed.
cam.ac.uk//UCAM-CL-TR-24
2018-03-27
Steps towards natural language to data language
translation using general semantic information
Boguraev, B.K.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1982-03
en
Text
UCAM-CL-TR-24
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-24.pdf
The aim of the work reported here is to maximise the use of
general semantic information in an AI task processor,
specifically in a system front end for converting natural
language questions into formal database queries. The paper
describes the translation component of such a front end, which
is designed to work from the question meaning representation
produced by a language analyser exploiting only general
semantics and syntax, to a formal query relying on
database-specific semantics and syntax. Translation is effected
in three steps, and the paper suggests that the rich and
explicit meaning representations using semantic primitives
produced for input sentences by the analyser constitute a
natural and effective base for further processing.
cam.ac.uk//UCAM-CL-TR-25
2017-12-01
A clustering technique for semantic network
processing
Alshawi, Hiyan
University of Cambridge, Computer Laboratory
1982-05
en
Text
UCAM-CL-TR-25
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-25.pdf
This paper describes techniques for performing serial processing
on the type of semantic network exemplified by NETL. They make
use of an indexing scheme that can be based on semantic
clustering. The basic algorithm is aimed at performing fast
intersection operations. It is claimed that the scheme is
suitable for its current application in text processing. The
semantic criteria for clustering that have been tried are
briefly described. Extensions of the scheme are suggested for
use with large networks.
cam.ac.uk//UCAM-CL-TR-26
2003-01-01
Portable system software for personal computers on a
network
Knight, Brian James
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-26
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-27
2016-08-08
Exception handling in domain based systems
Johnson, Martyn Alan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-27
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-28
2006-09-20
Poly report
Matthews, D.C.J.
University of Cambridge, Computer Laboratory
1982-08
en
Text
UCAM-CL-TR-28
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-28.pdf
Poly was designed to provide a programming system with the same
flexibility as a dynamically typed language but without the
run-time oveheads. The type system, based on that of Russel
allows polymorpphic operations to be used to manipulate abstract
objects, but with all the type checking being done at
compile-time. Types may be passed explicitly or by inference as
parameters to procedures, and may be returned from procedures.
Overloading of names and generic types can be simulated by using
the general procedure mechanism. Despite the generality of the
language, or perhaps because of it, the type system is very
simple, consisting of only three classes of object. There is an
exception mechanism, similar to that of CLU, and the exceptions
raised in a procedure are considered as part of its ‘type’. The
construction of abstract objects and hiding of internal details
of the representation come naturally out of the type system.
cam.ac.uk//UCAM-CL-TR-29
2006-09-20
Introduction to Poly
Matthews, D.C.J.
University of Cambridge, Computer Laboratory
1982-05
en
Text
UCAM-CL-TR-29
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-29.pdf
This report is a tutorial introduction to the programming
language Poly. It describes how to write and run programs in
Poly using the VAX/UNIX implementation. Examples given include
polymorphic list functions, a double precision integer package
and a subrange type constructor.
cam.ac.uk//UCAM-CL-TR-30
2017-12-01
A portable BCPL library
Wilkes, John
University of Cambridge, Computer Laboratory
1982-10
en
Text
UCAM-CL-TR-30
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-30.pdf
Too often, programs written in BCPL are difficult to port from
one system to another, not because of the language, but because
of differences between ‘standard’ libraries. Almost without
exception, the definitions of these libraries are loose, woolly
and inaccurate – the proposed BCPL standards document being a
prime example. The author has developed and implemented a new
BCPL library which is explicitly designed to aid the portability
of programs between systems. In addition to being largely
portable itself, it has two other features of interest: it uses
an exception handling system instead of return codes, and it
makes no distinction between system and user defined stream
handlers. This paper defines the interface to the package.
cam.ac.uk//UCAM-CL-TR-31
2017-07-06
Ponder and its type system
Fairbairn, J.
University of Cambridge, Computer Laboratory
1982-11
en
Text
UCAM-CL-TR-31
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-31.pdf
This note describes the programming language “Ponder”, which is
designed according to the principles of referencial transparency
and “orthogonality” as in [vWijngaarden 75]. Ponder is designed
to be simple, being functional with normal order semantics. It
is intended for writing large programmes, and to be easily
tailored to a particular application. It has a simple but
powerful polymorphic type system.
The main objective of this note is to describe the type system
of Ponder. As with the whole of the language design, the
smallest possible number of primitives is built in to the type
system. Hence for example, unions and pairs are not built in,
but can be constructed from other primitives.
cam.ac.uk//UCAM-CL-TR-32
2018-03-27
How to drive a database front end using general semantic
information
Boguraev, B.K.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1982-11
en
Text
UCAM-CL-TR-32
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-32.pdf
This paper describes a front end for natural language access to
databases making extensive use of general, i.e.
domain-independent, semantic information for question
interpretation. In the interests of portability, initial
syntactic and semantic processing of a question is carried out
without any reference to the database domain, and
domain-dependent operations are confined to subsequent,
comparatively straightforward, processing of the initial
interpretation. The different modules of the front end are
described, and the system’s performance is illustrated by
examples.
cam.ac.uk//UCAM-CL-TR-33
2018-03-27
An island parsing interpreter for Augmented Transition
Networks
Carroll, John A.
University of Cambridge, Computer Laboratory
1982-10
en
Text
UCAM-CL-TR-33
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-33.pdf
This paper describes the implementation of an ‘island parsing’
interpreter for an Augmented Transition Network (ATN). The
interpreter provides more complete coverage of Woods’ original
ATM formalism than his later island parsing implementation; it
is written in LISP and has been modestly tested.
cam.ac.uk//UCAM-CL-TR-34
2017-12-11
Recent developments in LCF: examples of structural
induction
Paulson, Larry
University of Cambridge, Computer Laboratory
1983-01
en
Text
UCAM-CL-TR-34
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-34.pdf
Manna and Waldinger have outlined a large proof that probably
exceeds the power of current theorem-provers. The proof
establishes the unification algorithm for terms composed of
variables, constants, and other terms. Two theorems from this
proof, involving structural induction, are performed in the LCF
proof assistant. These theorems concern a function that searches
for an occurrence of one term inside another, and a function
that lists the variables in a term.
Formally, terms are regarded as abstract syntax trees. LCF
automatically builds the first-order theory, with equality, of
this recursive data structure.
The first theorem has a simple proof, induction followed by
rewriting. The second theorem requires a cases split and
substitution throughout the goal. Each theorem is proved by
reducing the initial goal to simpler and simpler subgoals. LCF
provides many standard proof strategies for attacking goals; the
user can program additional ones in LCF’s meta-language, ML.
This felxibility allows users to take ideas from such diverse
fields as denotational semantics and logic programming.
cam.ac.uk//UCAM-CL-TR-35
2017-07-13
Rewriting in Cambridge LCF
Paulson, Larry
University of Cambridge, Computer Laboratory
1983-02
en
Text
UCAM-CL-TR-35
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-35.dvi.gz
Many automatic theorem-provers rely on rewriting. Using theorems
as rewrite rules helps to simplify the subgoals that arise
during a proof.
LCF is an interactive theorem-prover intended for reasoning
about computation. Its implementation of rewriting is presented
in detail. LCF provides a family of rewriting functions, and
operators to combine them. A succession of functions is
described, from pattern matching primitives to the rewriting
tool that performs most inferences in LCF proofs.
The design is highly modular. Each function performs a basic,
specific task, such as recognizing a certain form of tautology.
Each operator implements one method of building a rewriting
function from simpler ones. These pieces can be put together in
numerous ways, yielding a variety of rewriting strategies.
The approach involves programming with higher-order functions.
Rewriting functions are data values, produced by computation on
other rewriting functions. The code is in daily use at
Cambridge, demonstrating the practical use of functional
programming.
cam.ac.uk//UCAM-CL-TR-36
2017-07-13
The revised logic PPLAMBDA : A reference
manual
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1983-03
en
Text
UCAM-CL-TR-36
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-36.pdf
PPLAMBDA is the logic used in the Cambridge LCF proof assistant.
It allows Natural Deduction proofs about computation, in Scott’s
theory of partial orderings. The logic’s syntax, axioms,
primitive inference rules, derived inference rules and standard
lemmas are described as are the LCF functions for building and
taking apart PPLAMBDA formulas.
PPLAMBDA’s rule of fixed-point induction admits a wide class of
inductions, particularly where flat or finite types are
involved. The user can express and prove these type properties
in PPLAMBDA. The induction rule accepts a list of theorems,
stating type properties to consider when deciding to admit an
induction.
cam.ac.uk//UCAM-CL-TR-37
2003-01-01
Representation and authentication on computer
networks
Girling, Christopher Gray
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-37
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-38
2003-01-01
Views and imprecise information in databases
Gray, Mike
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-38
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-39
2017-12-12
Tactics and tacticals in Cambridge LCF
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1983-07
en
Text
UCAM-CL-TR-39
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-39.pdf
The tactics and tacticals of Cambridge LCF are described.
Tactics reason about logical connectives, substitution and
rewriting; tacticals combine tactics into more powerful tactics.
LCF’s package for managing an interactive proof is discussed.
This manages the subgoal tree, presenting the user with unsolved
goals and assembling the final proof.
While primarily a reference manual, the paper contains a brief
introduction to goal-directed proof. An example shows typical
use of the tactics and subgoal package.
cam.ac.uk//UCAM-CL-TR-40
2017-12-15
The SKIM microprogrammer’s guide
Stoye, W.
University of Cambridge, Computer Laboratory
1983-10
en
Text
UCAM-CL-TR-40
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-40.pdf
This paper describes the design and implementation of the SKIM
micorprocessor. The processor has a 24 bit ALU with 16 general
purpose registers. The main unique feature is a large microcode
store of up to 64K 40 bit words, with the intention that the
microcode could be used like the machine code on a conventional
processor, with operating system primitives being programmed in
microcode.
The processor has been constructed from TTL logic, with a
microcode assembler running on Phoenix. A debugger for both the
hardware and microcode programs runs on the host machine,
currently a BBC Microcomputer.
The processor architecture is discussed, with examples of
microcode programming. comparisons with other processors are
made, and some of the limitations of the present design are
noted.
cam.ac.uk//UCAM-CL-TR-41
2018-01-05
LCF_LSM, A system for specifying and verifying
hardware
Gordon, Mike
University of Cambridge, Computer Laboratory
1983-09
en
Text
UCAM-CL-TR-41
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-41.pdf
The LCF_LSM system is designed to show that it is practical to
prove the correctness of real hardware. The system consists of a
programming environment (LCF) and a specification language
(LSM). The environment contains tools for manipulating and
reasoning about the specifications. Verification consists in
proving that a lov-level (usually structural) description is
behaviourally equivalent to a high-level functional description.
Specifications can be fully hierarchical, and at any level
devices can be specified either functionally or structurally.
As a first case study a simple microcoded computer has been
verified. This proof is described in a companion report. In this
we also illustrate the use of the system for other kinds of
manipulation besides verification. For example, we show how to
derive an implementation of a hard-wired controller from a
microprogram and its decoding and sequencing logic. The
derivation is done using machine checked inference; this ensures
that the hard-wired controller is equivalent to the microcoded
one. We also show how to code a microassembler. These examples
illustrate our belief that LCF is a good environment for
implementing a wide range of tools for manipulating hardware
specifications.
This report has two aims: first to give an overview of the ideas
embodied in LCF_LSM, and second, to be a user manual for the
system. No prior knowledge of LCF is assumed.
cam.ac.uk//UCAM-CL-TR-42
2018-01-05
Proving a computer correct with the LCF_LSM hardware
verification system
Gordon, Mike
University of Cambridge, Computer Laboratory
1983-09
en
Text
UCAM-CL-TR-42
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-42.pdf
A machine generated correctness proof of a simple computer is
described.
At the machine code level the computer has a memory and two
registers: a 13 bit program counter and a 16-bit accumulator.
There are 8 machine instructions: halt, unconditional jump, jump
when the accumulator contains 0, add contents of a memory
location to accumulator, subtract contents of a location from
accumulator, load accumulator from memory, store contents of
accumulator in memory, and skip. The machine can be interrupted
by pushing a button on its front panel.
The implementation which we prove correct has 6 data registers,
and ALU, a memory, and a microcode controller. The controller
consists of a ROM holding 26 30-bit microinstructions, a
microprogram counter, and some combinatorial microinstruction
decode logic.
Formal specifications of the target and host machines are given,
and we describe the main steps in proving that the host
correctly fetches, decodes and executes machine instructions.
The utility of LCF_LSM for general manipulaton is illustrated in
two appendices. In appendix 1 we show how to code a
microassembler. In appendix 2 we use the LCF_LSM inference rules
to design a hard-wired controller equivalent to the original
microcoded one.
N.B. This report should be read in conjunction with LCF_LSM: A
system for specifying and verifying hardware. University of
Cambridge, Computer Laboratory technical report number 41.
cam.ac.uk//UCAM-CL-TR-43
2016-08-08
Extending the local area network
Leslie, Ian Malcom
University of Cambridge, Computer Laboratory
1983-02
en
Text
UCAM-CL-TR-43
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-43.pdf
This dissertation is concerned with the development of a large
computer network which has many properties associated with local
area computer networks, including high bandwidth and lower error
rates. The network is made up of component local area networks,
specifically Cambridge rings, which are connected either through
local ring-ring bridges or through a high capacity satellite
link. In order to take advantage of the characteristics of the
resulting network, the protocols used are the same simple
protocols as those used on a single Cambridge ring. This in turn
allows many applications, which might have been thought of as
local area network applications, to run on the larger network.
Much of this work is concerned with an interconnection strategy
which allows hosts of different component networks to
communicate in a flexible manner without building an extra
internetwork layer into protocol hierarchy. The strategy arrived
at is neither a datagram approach nor a system of concatenated
error and flow controlled virtual circuits. Rather, it is a
lightweight virtual circuit approach which preserves the order
of blocks sent on a circuit, but which makes no other guarantees
about the delivery of these blocks. An extra internetwork
protocol layer is avoided by modifying the system used on a
single Cambridge ring which binds service names to addresses so
that it now binds service names to routes across the network.
cam.ac.uk//UCAM-CL-TR-44
2017-07-13
Structural induction in LCF
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1983-11
en
Text
UCAM-CL-TR-44
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-45
2017-07-13
Compound noun interpretation problems
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1983-07
en
Text
UCAM-CL-TR-45
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-45.pdf
This paper discusses the problems of compound noun
interpretation in the context of automatic language processing.
Given that compound processing implies identifying the senses of
the words involved, determining their bracketing, and
establishing their underlying semantic relations, the paper
illustrates the need, even in comparatively favourable cases,
for inference using pragmatic information. This has consequences
for language processor architectures and, even more, for speech
processors.
cam.ac.uk//UCAM-CL-TR-46
2003-01-01
Intelligent network interfaces
Garnett, Nicholas Henry
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-46
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-47
2018-03-27
Automatic summarising of English texts
Tait, John Irving
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-47
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-47.pdf
This thesis describes a computer program called Scrabble which
can summarise short English texts. It uses large bodies of
predictions about the likely contents of texts about particular
topics to identify the commonplace material in an input text.
Pre-specified summary templates, each associated with a
different topic are used to condense the commonplace material in
the input. Filled-in summary templates are then used to form a
framework into which unexpected material in the input may be
fitted, allowing unexpected material to appear in output summary
texts in an essentially unreduced form. The system’s summaries
are in English.
The program is based on technology not dissimilar to a script
applier. However, Scrabble represents a significant advance over
previous script-based summarising systems. It is much less
likely to produce misleading summaries of an input text than
some previous systems and can operate with less information
about the subject domain of the input than others.
These improvements are achieved by the use of three main novel
ideas. First, the system incorporates a new method for
identifying the idea or topics of an input text. Second, it
allows a section of text to have more than one topic at a time,
or at least a composite topic which may be dealt with by the
computer program simultaneously applying the text predictions
associated with more than one simple topic. Third, Scrabble
incorporates new mechanisms for the incorporation of unexpected
material in the input into its output summary texts. The
incorporation of such material in the output summary is
motivated by the view that it is precisely unexpected material
which is likely to form the most salient matter in the input
text.
The performance of the system is illustrated by means of a
number of example input texts and their Scrabble summaries.
cam.ac.uk//UCAM-CL-TR-48
2005-12-05
A mechanism for the accumulation and application of
context in text processing
Alshawi, Hiyan
University of Cambridge, Computer Laboratory
1983-11
en
Text
UCAM-CL-TR-48
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-48.pdf
The paper describes a mechanism for the representation and
application of context information for automatic natural
language processing systems. Context information is gathered
gradually during the reading of the text, and the mechanism
gives a way of combining the effect of several different types
of context factors. Context factors can be managed
independently, while still allowing efficient access to entities
in focus. The mechanism is claimed to be more general than the
global focus mechanism used by Grosz for discourse
understanding. Context affects the interpretation process by
choosing the results, and restricting the processing, of a
number of important language interpretation operations,
including lexical disambiguation and reference resolution. The
types of context factors that have been implemented in an
experimental system are described, and examples of the
application of context are given.
cam.ac.uk//UCAM-CL-TR-49
2003-01-01
Programming language design with polymorphism
Matthews, David Charles James
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-49
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-50
2017-07-13
Verifying the unification algorithm in LCF
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1984-03
en
Text
UCAM-CL-TR-50
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-50.pdf
Manna and Waldinger’s theory of substitutions and unification
has been verified using the Cambridge LCF theorem prover. A
proof of the monotonicity of substitution is presented in
detail, as an example of interaction with LCF. Translating the
theory into LCF’s domain-theoretic logic is largely
straightforward. Well-founded induction on a complex ordering is
translated into nested structural inductions. Correctness of
unification is expressed using predicates for such properties as
idempotence and most-generality. The verification is presented
as a series of lemmas. The LCF proofs are compared with the
original ones, and with other approaches. It appears difficult
to find a logic that is both simple and flexible, especially for
proving termination.
cam.ac.uk//UCAM-CL-TR-51
2018-01-16
Using information systems to solve recursive domain
equations effectively
Winskel, Glynn
Larsen, Kim Guldstrand
University of Cambridge, Computer Laboratory
1984-07
en
Text
UCAM-CL-TR-51
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-51.pdf
This paper aims to make two main contributions. One is to show
how to use the concrete nature of Scott’s information systems to
advantage in solving recursive domain equations. The method is
based on the substructure relation between information systems.
This essentially makes a complete partial order (cpo) of
information systems. Standard domain constructions like function
space can be made continuous on this cpo so the solution of
recursive domain equations reduces to the more familiar
construction of forming the least-fixed point of a continuous
function. The second contribution again relies on the concrete
nature of information systems, this time to develop a basic
theory of effectively given information systems and through this
present a simple treatment of effectively given domains.
cam.ac.uk//UCAM-CL-TR-52
2003-04-28
The design of a ring communication network
Temple, Steven
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-52
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-52.pdf
This dissertation describes the design of a high speed local
area network. Local networks have been in use now for over a
decade and there is a proliferation of different systems,
experimental ones which are not widely used and commercial ones
installed in hundreds of locations. For a new network design to
be of interest from the research point of view it must have a
feature or features which set it apart from existing networks
and make it an improvement over existing systems. In the case of
the network described, the research was started to produce a
network which was considerably faster than current designs, but
which retained a high degree of generality.
As the research progressed, other features were considered, such
as ways to reduce the cost of the network and the ability to
carry data traffic of many different types. The emphasis on high
speed is still present but other aspects were considered and are
discussed in the dissertation. The network has been named the
Cambridge Fast Ring and and the network hardware is currently
being implemented as an integrated circuit at the University of
Cambridge Computer Laboratory.
The aim of the dissertation is to describe the background to the
design and the decisions which were made during the design
process, as well as the design itself. The dissertation starts
with a survey of the uses of local area networks and examines
some established networks in detail. It then proceeds by
examining the characteristics of a current network installation
to assess what is required of the network in that and similar
applications. The major design considerations for a high speed
network controller are then discussed and a design is presented.
Finally, the design of computer interfaces and protocols for the
network is discussed.
cam.ac.uk//UCAM-CL-TR-53
2018-01-08
A new type-checker for a functional language
Fairbairn, Jon
University of Cambridge, Computer Laboratory
1984-07
en
Text
UCAM-CL-TR-53
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-53.pdf
A polymorphic type checker for the functional language Ponder
[Fairbairn 82] is described. The initial sections give an
overview of the syntax of Ponder, and some of the motivation
behind the design of the type system. This is followed by a
definition of the relation of ‘generality’ between these types,
and of the notion of type-validity of Ponder programs. An
algorithm to determine whether a Ponder program is type-valid is
then presented. The final sections give examples of useful types
which may be constructed within the type system, and describe
some of the areas in which it is thought to be inadequate.
cam.ac.uk//UCAM-CL-TR-54
2018-01-08
Lessons learned from LCF
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1984-08
en
Text
UCAM-CL-TR-54
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-54.pdf
The history and future prospects of LCF are discussed. The
introduction sketches basic concepts such as the language ML,
the logic PPLAMBDA, and backwards proof. The history discusses
LCF proofs about denotational semantics, functional programs,
and digital circuits, and describes the evolution of ideas about
structural induction, tactics, logics of computation, and the
use of ML. The biography contains thirty-five references.
cam.ac.uk//UCAM-CL-TR-55
2018-01-12
Executing temporal logic programs
Moszkowski, Ben
University of Cambridge, Computer Laboratory
1984-08
en
Text
UCAM-CL-TR-55
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-55.pdf
Over the last few years, temporal logic has been investigated as
a tool for reasoning about computer programs, digital circuits
and message-passing systems. In the case of programs, the
general feeling has been that temporal logic is an adjunct to
existing languages. For example, one might use temporal logic to
specify and prove properties about a program written in, say,
CSP. This leads to the annoyance of having to simultaneously use
two separate notations.
In earlier work we proposed that temporal logic itself directly
serve as the basis for a programming language. Since then we
have implemented an interpreter for such a language called
Tempura. We are developing Tempura as a tool for directly
executing suitable temporal logic specifications of digital
circuits and other discrete time systems. Since every Tempura
statement is also a temporal formula, we can use the entire
temporal logic formalism for our assertion language and
semantics. Tempura has the two seemingly contradictory
properties of being a logic programming langauge and having
imperative constructs such as assignment statements.
The presentation given here first describes the syntax of a
first order temporal logic having the operators ∘ (next) and ◻
(always). This serves as the basis for the Tempura programming
language. The lesser known temporal operator chop is
subsequently introduced, resulting in Interval Temporal Logic.
We then show how to incorporate chop and related constructs into
Tempura.
cam.ac.uk//UCAM-CL-TR-56
2018-01-15
A new scheme for writing functional operating
systems
Stoye, William
University of Cambridge, Computer Laboratory
1984-09
en
Text
UCAM-CL-TR-56
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-56.pdf
A scheme is described for writing nondeterministic programs in a
functional language. The scheme is based on message passing
between a number of expressions being evaluated in parallel. I
suggest that it represents a significant improvement over
previous methods employing a nondeterministic merge primitive,
and overcomes numerous drawbacks in that approach. The scheme
has been designed in a practical context, and is being used to
write an operating system for SKIM, a functionally programmed
machine. It is not yet well understood in a mathematical sense.
cam.ac.uk//UCAM-CL-TR-57
2017-07-13
Constructing recursion operators in intuitionistic type
theory
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1984-10
en
Text
UCAM-CL-TR-57
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-57.pdf
Martin-Löf’s Intuitionistic Theory of Types is becoming popular
for formal reasoning about computer programs. To handle
recursion schemes other than primitive recursion, a theory of
well-founded relations is presented. Using primitive recursion
over higher types, induction and recursion are formally derived
for a large class of well-founded relations. Included are <
on natural numbers, and relations formed by inverse images,
addition, multiplication, and exponentiation of other relations.
The constructions are given in full detail to allow their use in
theorem provers for Type Theory, such as Nuprl. The theory is
compared with work in the field of ordinal recursion over higher
types.
cam.ac.uk//UCAM-CL-TR-58
2018-04-10
Categories of models for concurrency
Winskel, Glynn
University of Cambridge, Computer Laboratory
1984-10
en
Text
UCAM-CL-TR-58
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-58.pdf
It is shown how a variety of models for concurrent processes can
be viewed as categories in which familiar constructions turn out
to be significant categorically. Constructions to represent
various parallel compositions are often based on a product
construction, for instance. In many cases different models can
be related by a pair of functors forming an adjunction between
the two categories. Because of the way in which such pairs of
functors preserve categorical constructions, the adjunction
serves to translate between the different models, so it is seen
how semantics expressed in terms of one model translate to
semantics in terms of another.
cam.ac.uk//UCAM-CL-TR-59
2018-04-10
On the composition and decomposition of
assertions
Winskel, Glynn
University of Cambridge, Computer Laboratory
1984-11
en
Text
UCAM-CL-TR-59
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-59.pdf
Recently there has been a great deal of interest in the problem
of how to compose modal assertions, in order to deduce the truth
of an assertion for a composition of processes in a parallel
programming language, from the truth of certain assertions for
its components.
This paper addresses that problem from a theoretical standpoint.
The programming language used is Robin Milner’s Synchronous
Calculus of Communicating Systems (called SCCS), while the
language of assertions is a fragment of dynamic logic which,
despite its simplicity, is expressive enough to characterise
observational equivalence. It is shown how, with respect to each
operation ‘op’ in SCCS, every assertion has a decomposition
which reduces the problem of proving the assertion holds of a
compound process built up using ‘op’ to proving assertions about
its components. These results provide the foundations of a proof
system for SCCS with assertions.
cam.ac.uk//UCAM-CL-TR-60
2003-01-01
Memory and context mechanisms for automatic text
processing
Alshawi, Hiyan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-60
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-61
2018-04-18
User models and expert systems
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1984-12
en
Text
UCAM-CL-TR-61
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-61.pdf
This paper analyses user models in expert systems in terms of
the many factors involved: user roles, user properties, model
types, model functions in relation to different aspects of
system performance, and sources, e.g. linguistic or
non-linguistic, of modelling information. The aim of the
detailed discussion, with extensive examples illustrating the
complexity of modelling, is to clarify the issues involved in
modelling, as a necessary preliminary to model building.
cam.ac.uk//UCAM-CL-TR-62
2003-01-01
Constraint enforcement in a relational database
management system
Robson, Michael
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-62
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-63
2018-04-23
Poly manual
Matthews, David C.J.
University of Cambridge, Computer Laboratory
1985-02
en
Text
UCAM-CL-TR-63
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-63.pdf
Poly is a general purpose, High-level programming language. It
has a simple type system which is also very powerful. Higher
order procedures, polymorphic operations, parameterised abstract
types and modules are all supported by a single mechanism.
Poly is strongly typed. All objects have a specification which
the compiler can use to check that operations applied to them
are sensible. Type errors cannot cause run time faults. The
language is safe, meaning that any faults occuring at run time
will result in exceptions which can be caught. All veriables
must be initialised before use, so faults due to undefined
variables cannot occur. Poly allows higher order procedures to
be declared and used; these take another procedure as a
parameter, or return a procedure as the result. Since Poly is
statically scoped, this may still refer to the arguments and
local variables of the procedure which returned it.
Poly allows polymorphic operations. Thus, it is possible to
write one program to perform an operation on data of any type,
provided only that the operation is available for the data type.
Abstract types may be created and manipulated. These can be
specified in such a way that only the functions to manipulate
these objects are available to the user. This has the advantage
that the implementation can easily be changed, provided that it
has the same external properties. Abstract types can be
parameterised so that a set of types can be defined in a single
definition. Types in Poly are similar to modules in other
languages. For example, types can be separately compiled. An
abstract type which makes use of other types can be written as
though it were polymorphic; it will work if it is given any type
which has the required operations. Its operation may be to
return a new type which may be used directly or as a parameter
to other polymorphic abstract types.
cam.ac.uk//UCAM-CL-TR-64
2018-03-27
A framework for inference in natural language front ends
to databases
Boguraev, Branimir K.
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1985-02
en
Text
UCAM-CL-TR-64
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-65
2018-03-27
Introduction to the programming language
“Ponder”
Tillotson, Mark
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-65
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-66
2019-03-01
A formal hardware verification methodology and its
application to a network interface chip
Gordon, M.J.C.
Herbert, J.
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-66
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-66.pdf
We describe how the functional correctness of a circuit design
can be verified by machine checked formal proof. The proof
system used is LCF_LSM [1], a version of Milner’s LCF [2] with a
different logical calculus called LSM. We give a tutorial
introduction to LSM in the paper.
Our main example is the ECL chip of the Cambridge Fast Ring
(CFR) [3]. Although the ECL chip is quite simple (about 360
gates) it is nevertheless real. Minor errors were discovered as
we performed the formal proof, but when the corrected design was
eventually fabricated it was functionally correct first time.
The main steps in verification were: (1) Writing a high-level
behavioural specification in the LSM notation. (2) Translating
the circuit design from its Modula-2 representation in the
Cambridge Design Automation System [4] to LSM. (3) Using the
LCF_LSM theorem proving system to mechanically generate a proof
that the behaviour determined by the design is equivalent to the
specified behaviour.
In order to accomplish the second of these steps, an interface
between the Cambridge Design Automation System and the LCF_LSM
system was constructed.
cam.ac.uk//UCAM-CL-TR-67
2019-03-01
Natural deduction theorem proving via higher-order
resolution
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-67
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-67.pdf
An experimental theorem prover is described. Like LCF it is
embedded in the metalanguage ML and supports backward proof
using tactics and tacticals. The prover allows a wide class of
logics to be introduced using Church’s representation of
quantifiers in the typed lambda-calculus. The inference rules
are expressed as a set of generalized Horn clauses containing
higher-order variables. Depth-first subgoaling along inference
rules is essentially linear resolution, but using higher-order
unification instead of first-order. This constitutes a
higher-order Prolog interpreter.
The rules of Martin Löf’s Constructive Type Theory have been
entered into the Prover. Special tactics inspect a goal and
decide which type theory rules may be appropriate, avoiding
excessive backtracking. These tactics can automatically derive
the types of many Type Theory expressions. Simple functions can
be derived interactively.
cam.ac.uk//UCAM-CL-TR-68
2019-03-05
HOL : A machine oriented formulation of higher order
logic
Gordon, Mike
University of Cambridge, Computer Laboratory
1985-07
en
Text
UCAM-CL-TR-68
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-68.pdf
In this paper we describe a formal language intended as a basis
for hardware specification and verification. The language is not
new; the only originality in what follows lies in the
presentation of the details. Considerable effort has gone into
making the formalism suitable for manipulation by computer.
The logic described here underlies an automated proof generator
called HOL. The HOL logic is derived from Church’s Simple Type
Theory by: making the syntax more readable, allowing types to
contain variables, and building in the Axiom of Choice via
Hilbert’s ε-operator.
The exact syntax of the logic is defined relative to a theory,
which determines the types and constants that are available.
Theories are developed incrementally starting from the standard
theories of truth-values or booleans, and of individuals. This
paper describes the logic underlying the HOL system.
cam.ac.uk//UCAM-CL-TR-69
2017-07-13
Proving termination of normalization functions for
conditional expressions
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1985-06
en
Text
UCAM-CL-TR-69
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-69.pdf
Boyer and Moore have discussed a recursive function that puts
conditional expressions into normal form. It is difficult to
prove that this function terminates on all inputs. Three
termination proofs are compared: (1) using a measure function,
(2) in domain theory using LCF, (3) showing that its “recursion
relation”, defined by the pattern of recursive calls, is
well-founded. The last two proofs are essentially the same
though conducted in markedly different logical frameworks. An
obviously total variant of the normalize function is presented
as the ‘computational meaning’ of those two proofs.
A related function makes nested recursive calls. The three
termination proofs become more complex: termination and
correctness must be proved simultaneously. The recursion
relation approach seems flexible enough to handle subtle
termination proofs where previously domain theory seemed
essential.
cam.ac.uk//UCAM-CL-TR-70
2003-01-01
A remote procedure call system
Hamilton, Kenneth Graham
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-70
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-71
2003-01-01
Executing temporal logic programs
Moszkowski, Ben
University of Cambridge, Computer Laboratory
1985-08
en
Text
UCAM-CL-TR-71
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-72
2019-09-25
Logic programming and the specification of
circuits
Clocksin, W.F.
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-72
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-72.pdf
Logic programming (see Kowalski, 1979) can be used for
specification and automatic reasoning about electrical circuits.
Although propositional logic has long been used for describing
the truth functions of combinational circuits, the more powerful
Predicate Calculus on which logic programming is based has seen
relatively little use in design automation. Previous researchers
have introduced a number of techniques similar to logic
programming, but many of the useful consequences of the logic
programming methodology have not been exploited. This paper
first reviews and compares three methods for representing
circuits, which will be called here the functional method, the
extensional method, and the definitional method. The latter
method, which conveniently admits arbitrary sequential circuits,
is then treated in detail. Some useful consequences of using
this method for writing directly executable specifications of
circuits are described. These include the use of quantified
variables, verification of hypothetical states, and sequential
simulation.
cam.ac.uk//UCAM-CL-TR-73
2003-01-01
Resource management in a distributed computing
system
Craft, Daniel Hammond
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-73
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-74
2019-09-25
Hardware verification by formal proof
Gordon, Mike
University of Cambridge, Computer Laboratory
1985-08
en
Text
UCAM-CL-TR-74
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-74.pdf
The use of mathematical proof to verify hardware designs is
explained and motivated. The hierarchical verification of a
simple n-bit CMOS counter is used as an example. Some
speculations are made about when and how formal proof will
become used in industry.
cam.ac.uk//UCAM-CL-TR-75
2016-08-08
Design and implementation of a simple typed language
based on the lambda-calculus
Fairbairn, Jon
University of Cambridge, Computer Laboratory
1985-05
en
Text
UCAM-CL-TR-75
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-75.pdf
Despite the work of Landin and others as long ago as 1966,
almost all recent programming languages are large and difficult
to understand. This thesis is a re-examination of the
possibility of designing and implementing a small but practical
language based on very few primitive constructs.
The text records the syntax and informal semantics of a new
language called Ponder. The most notable features of the work
are a powerful type-system and an efficient implementation of
normal order reduction.
In contrast to Landin’s ISWIM, Ponder is statically typed, an
expedient that increases the simplicity of the language by
removing the requirement that operations must be defined for
incorrect arguments. The type system is a powerful extension of
Milner’s polymorphic type system for ML in that it allows local
quantification of types. This extension has the advantage that
types that would otherwise need to be primitive may be defined.
The criteria for the well-typedness of Ponder programmes are
presented in the form of a natural deduction system in terms of
a relation of generality between types. A new type checking
algorithm derived from these rules is proposed.
Ponder is built on the λ-calculus without the need for
additional computation rules. In spite of this abstract
foundation an efficient implementation based on Hughes’
super-combinator approach is described. Some evidence of the
speed of Ponder programmes is included.
The same strictures have been applied to the design of the
syntax of Ponder, which, rather than having many pre-defined
clauses, allows the addition of new constructs by the use of a
simple extension mechanism.
cam.ac.uk//UCAM-CL-TR-76
2019-10-02
Preserving abstraction in concurrent
programming
Cooper, R.C.B.
Hamilton, K.G.
University of Cambridge, Computer Laboratory
1985-08
en
Text
UCAM-CL-TR-76
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-76.pdf
Recent programming languages have attempted to provide support
for concurrency and for modular programming based on abstract
interfaces. Building on our experience of adding monitors to
CLU, a language orientated towards data abstraction, we explain
how these two goals conflict. In particular we discuss the clash
between conventional views on interface abstraction and the
programming style required for avoiding monitor deadlock. We
argue that the best compromise between these goals is a
combination of a fine grain locking mechanism together with a
method for explicitly defining concurrency properties for
selected interfaces.
cam.ac.uk//UCAM-CL-TR-77
2019-10-21
Why higher-order logic is a good formalisation for
specifying and verifying hardware
Gordon, Mike
University of Cambridge, Computer Laboratory
1985-09
en
Text
UCAM-CL-TR-77
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-77.pdf
Higher order logic was originally developed as a foundation for
mathematics. In this paper we show how it can be used as: 1. a
hardware description language, and 2. a formalism for proving
that designs meet their specifications.
Examples are given which illustrate various specification and
verification techniques. These include a CMOS inverter, a CMOS
full adder, an n-bit ripple-carry adder, a sequential multiplier
and an edge-triggered D-type register.
cam.ac.uk//UCAM-CL-TR-78
2019-10-21
A complete proof system for SCCS with model
assertions
Winskel, Glynn
University of Cambridge, Computer Laboratory
1985-09
en
Text
UCAM-CL-TR-78
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-78.pdf
This paper presents a proof system for Robin Milner’s
Synchronous Calculus of Communicating Systems (SCCS) with modal
assertions. The language of assertions is a fragment of dynamic
logic, sometimes called Hennessy-Milner logic after they brought
it to attention; while rather weak from a practical point of
view, its assertions are expressive enough to characterise
observation equivalence, central to the work of Milner et al. on
CCS and SCCS. The paper includes a completeness result and a
proof of equivalence between an operational and denotational
semantics for SCCS. Its emphasis is on the theoretical issues
involved in the construction of proof systems for parallel
programming langauges.
cam.ac.uk//UCAM-CL-TR-79
2017-07-06
Petri nets, algebras and morphisms
Winskel, Glynn
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-79
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-79.pdf
It is shown how a category of Petri nets can be viewed as a
subcategory of two sorted algebras over multisets. This casts
Petri nets in a familiar framework and provides a useful idea of
morphism on nets different from the conventional definition –
the morphisms here respect the behaviour of nets. The
categorical constructions with result provide a useful way to
synthesise nets and reason about nets in terms of their
components; for example various forms of parallel composition of
Petri nets arise naturally from the product in the category.
This abstract setting makes plain a useful functor from the
category of Petri nets to a category of spaces of invariants and
provides insight into the generalisations of the basic
definition of Petri nets – for instance the coloured and higher
level nets of Kurt Jensen arise through a simple modificationof
the sorts of the algebras underlying nets. Further it provides a
smooth formal relation with other models of concurrency such as
Milner’s Calculus of Communicating Systems (CCS) and Hoare’s
Communicating Sequential Processes (CSP).
cam.ac.uk//UCAM-CL-TR-80
2017-07-13
Interactive theorem proving with Cambridge LCF : A
user's manual
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1985-11
en
Text
UCAM-CL-TR-80
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-81
2011-04-27
The implementation of functional languages using custom
hardware
Stoye, William Robert
University of Cambridge, Computer Laboratory
1985-12
en
Text
UCAM-CL-TR-81
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-81.pdf
In recent years functional programmers have produced a great
many good ideas but few results. While the use of functional
languages has been enthusiastically advocated, few real
application areas have been tackled and so the functional
programmer's views and ideas are met with suspicion.
The prime cause of this state of affairs is the lack of widely
available, solid implementations of functional languages. This
in turn stems from two major causes: (1) Our understanding of
implementation techniques was very poor only a few years ago,
and so any implementation that is “mature” is also likely to be
unuseably slow. (2) While functional languages are excellent for
expressing algorithms, there is still considerable debate in the
functional programming community over the way in which input and
output operations should be represented to the programmer.
Without clear guiding principles implementors have tended to
produce ad-hoc, inadequate solutions.
My research is concerned with strengthening the case for
functional programming. To this end I constructed a specialised
processor, called SKIM, which could evaluate functional programs
quickly. This allowed experimentation with various
implementation methods, and provided a high performance
implementation with which to experiment with writing large
functional programs.
This thesis describes the resulting work and includes the
following new results: (1) Details of a practical turner-style
combinator reduction implementation featuring greatly improved
storage use compared with previous methods. (2) An
implementation of Kennaway’s director string idea that further
enhances performance and increases understanding of a variety of
reduction strategies. (3) Comprehensive suggestions concerning
the representation of input, output, and nondeterministic tasks
using functional languages, and the writing of operating
systems. Details of the implementation of these suggestions
developed on SKIM. (4) A number of observations concerning
fuctional programming in general based on considerable practical
experience.
cam.ac.uk//UCAM-CL-TR-82
2017-07-13
Natural deduction proof as higher-order
resolution
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1985-12
en
Text
UCAM-CL-TR-82
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-82.pdf
An interactive theorem prover, Isabelle, is under development.
In LCF, each inference rule is represented by one function for
forwards proof and another (a tactic) for backwards proof. In
Isabelle, each inference rule is represented by a Horn clause.
Resolution gives both forwards and backwards proof, supporting a
large class of logics. Isabelle has been used to prove theorems
in Martin-Löf’s Constructive Type Theory.
Quantifiers pose several difficulties: substitution, bound
variables, Skolemization. Isabelle’s representation of logical
syntax is the typed lambda-calculus, requiring higher-order
unification. It may have potential for logic programming.
Depth-first search using inference rules constitutes a
higher-order Prolog.
cam.ac.uk//UCAM-CL-TR-83
2018-03-27
Operation system design for large personal
workstations
Wilson, Ian David
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-83
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-84
2017-07-13
BSPL: a language for describing the behaviour of
synchronous hardware
Richards, Martin
University of Cambridge, Computer Laboratory
1986-04
en
Text
UCAM-CL-TR-84
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-85
2017-07-06
Category theory and models for parallel
computation
Winskel, Glynn
University of Cambridge, Computer Laboratory
1986-04
en
Text
UCAM-CL-TR-85
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-85.pdf
This report will illustrate two uses of category theory: Firstly
the use of category theory to define semantics in a particular
model. How semantic constructions can often be seen as
categorical ones, and, in particular, how parallel compositions
are derived from a categorical product and a nun-deterministic
sum. These categorical notions can provide a basis for reasoning
about computations and will be illustrated for the model of
Petri nets.
Secondly, the use of category theory to relate different
semantics will be examined; specifically, how the relations
between various concrete models like Petri nets, event
structures, trees and state machines are expressed as
adjunctions. This will be illustrated by showing the
coreflection between safe Petri nets and trees.
cam.ac.uk//UCAM-CL-TR-86
2004-10-04
The Entity System: an object based filing
system
Crawley, Stephen Christopher
University of Cambridge, Computer Laboratory
1986-04
en
Text
UCAM-CL-TR-86
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-87
2017-02-15
Computer-aided type face design
Carter, Kathleen Anne
University of Cambridge, Computer Laboratory
1986-05
en
Text
UCAM-CL-TR-87
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-87.pdf
This thesis tackles the problems encountered when trying to
carry out a creative and intuitive task, such as type face
design, on a computer. A brief history of printing and type
design sets the scene for a discussion of digital type. Existing
methods for generating and handling digital type are presented
and their relative merits are discussed. Consideration is also
given to the nature of designing, independent of the tools used.
The importance of intuition and experience in such a task is
brought out. Any new tools must allow the designer to exercise
his skills of hand and eye, and to judge the results visually.
The different abstractions that can be used to represent a
typeface in a computer are discussed with respect to the manner
of working that they force upon the designer.
In the light of this discussion some proposals are made for a
new system for computer-aided type face design. This system must
be highly interactive, providing rapid visual feedback in
response to the designer’s actions. Designing is a very
unstructured task, frequently with a number of activities being
pursued at once. Hence the system must also be able to support
multiple activities, with the user free to move between them at
any time.
The characteristics of various types of interactive graphical
environment are then considered. This discussion leads on to
proposals for an environment suitable for supporting type face
design. The proposed anvironment is based on the provision of a
number of windows on the screen, each supporting a different
activity. A mouse, graphics tablet and keyboard are all
continuously available for interection with the system. The rest
of the thesis discusses the implementation of this graphical
environment and the type face design system that makes use of
it. The final chapter evaluates the success of both the
underlying software and of the type face design system itself.
cam.ac.uk//UCAM-CL-TR-88
2004-06-12
A shallow processing approach to anaphor
resolution
Carter, David Maclean
University of Cambridge, Computer Laboratory
1986-05
en
Text
UCAM-CL-TR-88
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-89
2016-08-08
Making form follow function : An exercise in functional
programming style
Fairbairn, Jon
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-89
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-89.pdf
The combined use of user-defined infix operators and higher
order functions allows the programmer to invent new control
structures tailored to a particular problem area.
This paper is to suggest that such a combination has beneficial
effects on the ease of both writing and reading programmes, and
hence can increase programmer productivity. As an example, a
parser for a simple language is presented in this style.
It is hoped that the presentation will be palatable to people
unfamiliar with the concepts of functional programming.
cam.ac.uk//UCAM-CL-TR-90
2018-03-20
The Cambridge Fast Ring networking system
(CFR)
Hopper, Andy
Needham, Roger M.
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-90
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-90.pdf
Local area networks have developed from slow systems operating
at below 1MBs to fast systems at 50MBs or more. We discuss the
choices facing a designer as faster speeds for networks are
contemplated. The 100MBs Cambridge Fast Ring is described. The
ring protocol allows one of a number of fixed size slots to be
used once or repeatedly. The network design allows sets of rings
to be constructed by pushing the bridge function to the lowest
hardware level. Low cost and ease of use is normally achieved by
design of special chips and we describe a two-chip VLSI
implementation. This VLSI hardware forms the basis of a
kit-of-parts from which many different network components can be
constructed.
cam.ac.uk//UCAM-CL-TR-91
2018-03-27
Hardware verification using higher-order
logic
Camilleri, Albert
Gordon, Mike
Melham, Tom
University of Cambridge, Computer Laboratory
1986-09
en
Text
UCAM-CL-TR-91
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-91.pdf
The Hardware Verification Group at the University of Cambridge
is investigating how various kinds of digital systems can be
verified by mechanised formal proof. This paper explains our
approach to representing behaviour and structure using higher
order logic. Several examples are described including a ripple
carry adder and a sequential device for computing the factorial
function. The dangers of inaccurate models are illustrated with
a CMOS exclusive-or gate.
cam.ac.uk//UCAM-CL-TR-92
2019-09-13
Implementation and programming techniques for functional
languages
Wray, Stuart Charles
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-92
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-92.pdf
In this thesis I describe a new method of strictness analysis
for lazily evaluated functional languages, and a method of code
generation making use of the information provided by this
analysis. I also describe techniques for practical programming
in lazily evaluated functional languages, based on my experience
of writing substantial functional programs.
My new strictness analyser is both faster and more powerful than
that of Mycroft. It can be used on any program expressed as
super-combinator definitions and it uses the additional
classifications absent and dangerous as well as strict and lazy.
This analyser assumes that functional arguments to higher order
functions are completely lazy.
I describe an extension of my analyser which discovers more
strictness in the presence of higher order functions, and I
compare this with higher order analysers based on Mycroft’s
work. I also describe an extension of my analyser to lazy pairs
and discuss strictness analysers for lazy lists.
Strictness analysis brings useful performance improvements for
programs running on conventional machines. I have implemented my
analyser in a compiler for Ponder, a lazily evaluated functional
language with polymorphic typing. Results are given, including
the surprising result that higher order strictness analysis is
no better than first order strictness analysis for speeding up
real programs on conventional machines.
I have written substantial programs in Ponder and describe in
some detail the largest of these which is about 2500 lines long.
This program is an interactive spreadsheet using a mouse and
bitmapped display. I discuss programming techniques and
practical problems facing functional languages with illustrative
examples from programs I have written.
cam.ac.uk//UCAM-CL-TR-93
2003-01-01
Automated design of an instruction set for
BCPL
Bennett, J.P.
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-93
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-94
2017-07-13
A mechanized proof of correctness of a simple
counter
Cohn, Avra
Gordon, Mike
University of Cambridge, Computer Laboratory
1986-06
en
Text
UCAM-CL-TR-94
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-95
2017-07-06
Event structures : Lecture notes for the Advanced Course
on Petri Nets
Winskel, Glynn
University of Cambridge, Computer Laboratory
1986-07
en
Text
UCAM-CL-TR-95
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-95.pdf
Event structures are a model of computational processes. They
represent a process as a set of event occurrences with relations
to express how events causally depend on others. This paper
introduces event structures, shows their relationship to Scott
domains and Petri nets, and surveys their role in denotational
semantics, both for modelling laguages like CCS and CSP and
languages with higher types.
cam.ac.uk//UCAM-CL-TR-96
2020-01-10
Models and logic of MOS circuits : Lectures for the
Marktoberdorf Summerschool, August 1986
Winskel, Glynn
University of Cambridge, Computer Laboratory
1986-10
en
Text
UCAM-CL-TR-96
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-96.pdf
Various models of hardware have been proposed though virtually
all of them do not model circuits adequately enough to support
and provide a formal basis for many of the informal arguments
used by designers of MOS circuits. Such arguments use rather
crude discrete notions of strength – designers cannot be too
finicky about precise resistances and capacitances when building
a chip – as well as subtle derived notions of information flow
between points in the circuit. One model, that of R.E. Bryant,
tackles such issues in reasonable generality and has been used
as the basis of several hardware simulators. However Bryant’s
model is not compositional. These lectures introduce Bryant’s
ideas and present a compositional model for the behaviour of MOS
circuits when the input is steady, show how this leads to a
logic, and indicate the difficulties in providing a full and
accurate treatment for circuits with changing inputs.
cam.ac.uk//UCAM-CL-TR-97
2019-11-01
A study on abstract interpretation and “validating
microcode algebraically”
Mycroft, Alan
University of Cambridge, Computer Laboratory
1986-10
en
Text
UCAM-CL-TR-97
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-97.pdf
This report attempts to perfrom two roles: the first part aims
to give a state-of-the-art introduction to abstract
interpretation with as little mathematics as possible. The
question of the ‘best’ meta-language for abstract interpretation
is, however, left open. The second part gives a tutorial
introduction to an application of abstract interpretation based
on the relational style of Mycroft and Jones (1985). This report
does not claim to have introduced any new techniques, but rather
aims to make the existing literature understandable to a wider
audience.
cam.ac.uk//UCAM-CL-TR-98
2010-04-27
Power-domains, modalities and the Vietoris
monad
Robinson, E.
University of Cambridge, Computer Laboratory
1986-10
en
Text
UCAM-CL-TR-98
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-98.pdf
It is possible to divide the syntax-directed approaches to
programming language semantics into two classes, “denotational”,
and “proof-theoretic”. This paper argues for a different
approach which also has the effect of linking the two methods.
Drawing on recent work on locales as formal spaces we show that
this provides a way in which we can hope to use a
proof-theoretical semantics to give us a denotational one. This
paper reviews aspects of the general theory, before developing a
modal construction on locales and discussing the view of
power-domains as free non-deterministic algebras. Finally, the
relationship between the present work and that of Winskel is
examined.
cam.ac.uk//UCAM-CL-TR-99
2019-11-01
An overview of the Poly programming language
Matthews, David C.J.
University of Cambridge, Computer Laboratory
1986-08
en
Text
UCAM-CL-TR-99
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-99.pdf
Poly is a general purpose programming language based on the idea
of treating types as first class values. It can support
polymorphic operations by passing types as parameters to
procedures, and abstract types and parameterised types by
returning types as results.
Although Poly is not intended specifically as a database
programming language it was convenient to implement it is a
persistent storage system. This allows the user to retain data
structures from one session to the next, and can support large
programming systems such as the Poly compiler and a Standard ML
system.
cam.ac.uk//UCAM-CL-TR-100
2017-07-13
Proving a computer correct in higher order
logic
Joyce, Jeff
Birtwistle, Graham
Gordon, Mike
University of Cambridge, Computer Laboratory
1986-12
en
Text
UCAM-CL-TR-100
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-101
2003-01-01
Binary routing networks
Milway, David Russel
University of Cambridge, Computer Laboratory
1986-12
en
Text
UCAM-CL-TR-101
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-102
2019-11-08
A persistent storage system for Poly and ML
Matthews, David C.J.
University of Cambridge, Computer Laboratory
1987-01
en
Text
UCAM-CL-TR-102
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-102.pdf
The conventional strategy for implementing interactive languages
has been based on the use of a “workspace” or “core-image” which
is read in at the start of a session and written out at the end.
While this is satisfactory for small systems it is inefficient
for large programs. This report describes how an idea originally
invented to simplify database programming, the persistent store,
was adapted to support program development in an interactive
language.
Poly and ML are both semi-functional languages in the sense that
they allow functions as first class objects but they have
variables (references) and use call-by-value semantics.
Implementing such languages in a persistent store poses some
problems but also allows optimisations which would not be
possible if their type systems did not apply certain
constraints.
The basic system is designed for single-users but the problems
of sharing data between users is discussed and an experimental
system for allowing this is described.
cam.ac.uk//UCAM-CL-TR-103
2017-07-13
HOL : A proof generating system for higher-order
logic
Gordon, Mike
University of Cambridge, Computer Laboratory
1987-01
en
Text
UCAM-CL-TR-103
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-104
2006-06-02
A proof of correctness of the Viper microprocessor: the
first level
Cohn, Avra
University of Cambridge, Computer Laboratory
1987-01
en
Text
UCAM-CL-TR-104
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-104.pdf
The Viper microprocessor designed at the Royal Signals and Radar
Establishment (RSRE) is one of the first commercially produced
computers to have been developed using modern formal methods.
Viper is specified in a sequence of decreasingly abstract
levels. In this paper a mechanical proof of the equivalence of
the first two of these levels is described. The proof was
generated using a version of Robin Milner’s LCF system.
cam.ac.uk//UCAM-CL-TR-105
2019-11-11
A compositional model of MOS circuits
Winskel, Glynn
University of Cambridge, Computer Laboratory
1987-04
en
Text
UCAM-CL-TR-105
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-105.pdf
This paper describes a compositional model for MOS circuits.
Like the model of Bryant (1984), it covers some of the effects
of capacitance and resistance used frequently in designs.
Although this has formed the basis of several hardware
simulators, it suffers from the inadequacy that it is not
compositional, making it difficult to reason in a structured
way.
The present paper restricts its attention to the static
behaviour of circuits, representing this as the set of possible
steady states the circuit can settle into. A good understanding
of such static behaviour is necessary to treat sequential
circuits. This paper further takes the view that it is useful to
have a language to describe the construction of circuits, and to
this end borrows ideas from Hoare’s Communicating Sequential
Processes, and Milner’s Calculus of Communicating Systems.
cam.ac.uk//UCAM-CL-TR-106
2019-11-11
Abstraction mechanisms for hardware
verification
Melham, Thomas F.
University of Cambridge, Computer Laboratory
1987-05
en
Text
UCAM-CL-TR-106
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-106.pdf
It is argued that techniques for proving the correctness of
hardware designs must use abstraction mechanisms for relating
formal descriptions at different levels of detail. Four such
abstraction mechanisms and their formalisation in higher order
logic are discussed.
cam.ac.uk//UCAM-CL-TR-107
2019-11-11
DI-domains as a model of polymorphism
Coquand, Thierry
Gunter, Carl
Winskel, Glynn
University of Cambridge, Computer Laboratory
1987-05
en
Text
UCAM-CL-TR-107
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-107.pdf
This paper investigates a model of the polymorphic lambda
calculus recently described by Girard (1985). This model differs
from earlier ones in that all the types are interpreted as
domains rather than closures or finitary projections on a
universal domain. The objective in this paper is to generalize
Girard’s construction to a larger category called dI-domains,
and secondly to show how Girard’s construction (and this
generalization) can be done abstractly. It demonstrates that the
generalized construction can be used to do denotational
semantics in the ordinary way, but with the added feature of
type polymorphism.
cam.ac.uk//UCAM-CL-TR-108
2010-03-11
Workstation design for distributed computing
Wilkes, Andrew John
University of Cambridge, Computer Laboratory
1987-06
en
Text
UCAM-CL-TR-108
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-108.pdf
This thesis discusses some aspects of the design of computer
systems for local area networks (LANs), with particular emphasis
on the way such systems present themselves to their users. Too
little attention to this issue frequently results in computing
environments that cannot be extended gracefully to accommodate
new hardware or software and do not present consistent, uniform
interfaces to either their human users or their programmatic
clients. Before computer systems can become truly ubiquitous
tools, these problems of extensibility and accessibility must be
solved. This dissertation therefore seeks to examine one
possible approach, emphasising support for program development
on LAN based systems.
cam.ac.uk//UCAM-CL-TR-109
2019-11-14
Hardware verification of VLSI regular
structures
Joyce, Jeffrey
University of Cambridge, Computer Laboratory
1987-07
en
Text
UCAM-CL-TR-109
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-109.pdf
Many examples of hardware specification focus on hierarchical
specification as a means of controlling structural complexity in
design. Another method is the use of iteration. This paper,
however, presents a third method, namely the mapping of
irregular combinational functions to regular structures.
Regular structures often result in solutions which are
economical in terms of area and design time. The automatic
generation of a regular structure such as a ROM or PLA from a
functional specification usually accommodates minor changes to
the functional specification.
The mapping of irregular combinational functions to a regular
structure separates function from circuit design. This paper
shows how this separation can be exploited to derive a
behavioural specification of a regular structure parameterized
by the functional specification.
cam.ac.uk//UCAM-CL-TR-110
2019-11-15
Relating two models of hardware
Winskel, Glynn
University of Cambridge, Computer Laboratory
1987-07
en
Text
UCAM-CL-TR-110
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-110.pdf
The idea of this note is to show how Winskel’s
static-configuration model of circuits is related formally to
Gordon’s relational model. Once so related, the simpler proofs
in the relational model can, for instance, be used to justify
results in terms of the static-configurations model. More
importantly, we can exhibit general conditions on circuits which
ensure that assertions which hold of a circuit according to the
simpler model are correct with respect to the more accurate
model. The formal translation makes use of a simple adjunction
between (partial order) categories associated with the two
models, in a way reminiscient of abstract interpretation.
Preliminary results suggest similar lines of approach may work
for other kinds of abstraction such as temporal abstraction used
in e.g. Melham’s work to reason about hardware, and, more
generally, make possible a formal algebraic treatment of the
relationship between different models of hardware.
cam.ac.uk//UCAM-CL-TR-111
2017-07-13
Realism about user modelling
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1987-06
en
Text
UCAM-CL-TR-111
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-111.pdf
This paper reformulates the framework for user modelling
presented in an earlier technical report, ‘User Models and
Expert Systems’, and considers the implications of the real
limitations on the knowledge likely to be available to a system
for the value and application of user models.
cam.ac.uk//UCAM-CL-TR-112
2019-11-25
Reducing thrashing by adaptive backtracking
Wolfram, D.A.
University of Cambridge, Computer Laboratory
1987-08
en
Text
UCAM-CL-TR-112
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-112.pdf
Adaptive backtracking dynamically reduces thrashing caused by
blind backtracking and recurring failures, by locating early
backtrack points and deleting choices which are not part of any
solution. Search problems with hereditary bounding properties
are soluble by this method. These problems include searches in
theorem proving, logic programming, reason maintenance, and
planning. The location of a backtrack point uses a particular
minimal inconsistent subset, which is called the cause set. A
rejection set is computed from the union of cause sets and
rejection sets at a failure are used to locate subsequent
backtrack points. A choice is deleted when a rejection set is a
singleton. The worst case overhead is O(nf(n)) in time if the
bounding property can be tested in O(f(n)) time, and O(n²) in
space. An implementation confirms the expected exponential
speed-ups for problems whose solution involves much thrashing.
cam.ac.uk//UCAM-CL-TR-113
2019-11-25
The representation of logics in higher-order
logic
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1987-08
en
Text
UCAM-CL-TR-113
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-113.pdf
Intuitionistic higher-order logic — the fragment comtaining
implication, universal quantification, and equality — can serve
as a meta-logic for formalizing various logics. As an example,
axioms formalizing first-order logic are presented, and proved
sound and complete by induction on proof trees.
Proofs in higher-order logic represent derivations of rules as
well as proofs of theorems. A proof develops by deriving rules
using higher-order resolutions. The discharge of assumptions
involves derived meta-rules for ‘lifting’ a proposition.
Quantifiers require a similar lifting rule or else Hilbert’s
ε-operator. The alternatives are contrasted through several
examples. Hilbert’s ε underlies Isabelle’s original treatment of
quantifiers, but the lifting rule is logically simpler.
The meta-logic is used in the latest version of the theorem
prover Isabelle. It extends the logic used in earlier versions.
Compared with other meta-logics, higher-order logic has a weaker
type system but seems easier to implement.
cam.ac.uk//UCAM-CL-TR-114
2007-01-18
An architecture for integrated services on the local
area network
Ades, Stephen
University of Cambridge, Computer Laboratory
1987-09
en
Text
UCAM-CL-TR-114
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-114.pdf
This dissertation concerns the provision of integrated services
in a local area context, e.g. on business premises. The term
integrated services can be understood at several levels. At the
lowest, one network may be used to carry traffic of several
media—voice, data, images etc. Above that, the telephone
exchange may be replaced by a more versatile switching system,
incorporating facilities such as stored voice messages. Its
facilities may be accessible to the user through the interface
of the workstation rather than a telephone. At a higher level
still, new services such as multi-media document manipulation
may be added to the capabilities of a workstation.
Most of the work to date has been at the lowest of these levels,
under the auspices of the Integrated Services Digital Network
(ISDN), which mainly concerns wide area communications systems.
The thesis presented here is that all of the above levels are
important in a local area context. In an office environment,
sophisticated data processing facilities in a workstation can
usefully be combined with highly available telecommunications
facilities such as the telephone, to offer the user new services
which make the working day more pleasant and productive. That
these facilities should be provided across one integrated
network, rather than by several parallel single medium networks
is an important organisational convenience to the system
builder.
The work described in this dissertation is relevant principally
in a local area context—in the wide area economics and traffic
balance dictate that the emphasis will be on only the network
level of integration for some time now. The work can be split
into three parts:
i) the use of a packet network to carry mixed media. This has
entailed design of packet voice protocols which produce delays
low enough for the network to interwork with national telephone
networks. The system has also been designed for minimal cost per
telephone—packet-switched telephone systems have traditionally
been more expensive than circuit-switched types. The network
used as a foundation for this work has been the Cambridge Fast
Ring.
ii) use of techniques well established in distributed computing
systems to build an ‘integrated services PABX (Private Automatic
Branch Exchange)’. Current PABX designs have a very short life
expectancy and an alarmingly high proportion of their costs is
due to software. The ideas presented here can help with both of
these problems, produce an extensible system and provide a basis
for new multi-media services.
iii) development of new user level Integrated Services. Work has
been done in three areas. The first is multi-media documents. A
voice editing interface is described along with the system
structure required to support it. Secondly a workstation display
has been built to support a variety of services based upon image
manipulation and transmission. Finally techniques have been
demonstrated by which a better interface to telephony functions
can be provided to the user, using methods of control typical of
workstation interfaces.
cam.ac.uk//UCAM-CL-TR-115
2019-11-27
Formal validation of an integrated circuit design
style
Dhingra, I.S.
University of Cambridge, Computer Laboratory
1987-08
en
Text
UCAM-CL-TR-115
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-115.pdf
In dynamic circuit design many rules must be followed which
govern the correctness of the design. In this paper a dynamic
CMOS design style using a two phase non-overlapping clock with
its intricate design rules is presented together with formal
means of showing that a circuit follows these rules.
cam.ac.uk//UCAM-CL-TR-116
2017-07-06
Domain theoretic models of polymorphism
Coquand, Thierry
Gunter, Carl
Winskel, Glynn
University of Cambridge, Computer Laboratory
1987-09
en
Text
UCAM-CL-TR-116
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-117
2017-07-06
Distributed computing with RPC: the Cambridge
approach
Bacon, J.M.
Hamilton, K.G.
University of Cambridge, Computer Laboratory
1987-10
en
Text
UCAM-CL-TR-117
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-117.pdf
The Cambridge Distributed Computing System (CDCS) is described
and its evolution outlined. The Mayflower project allowed CDCS
infrastructure, services and applications to be programmed in a
high level, object oriented, language, Concurrent CLU. The
Concurrent CLU RPC facility is described in detail. It is a
non-transparent, type checked, type safe system which employs
dynamic binding and passes objects of arbitrary graph structure.
Recent extensions accomodate a number of languages and transport
protocols. A comparison with other RPC schemes is given.
cam.ac.uk//UCAM-CL-TR-118
2019-11-28
Material concerning a study of cases
Boguraev, B.K.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1987-05
en
Text
UCAM-CL-TR-118
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-118.pdf
This note describes and illustrates a study of deep cases using
a large sample of sentences. We have used a language analyser
which builds meaning representations expressing semantic case
roles; specifically Boguraev’s (1979) analyser, which builds
dependency trees with word senses defined by semantic category
primitive formulae, and with case labels, i.e. semantic relation
primitives. This note highlights the importance of the source
material for those interested in case-based representations of
sentence meaning, and indicates the potential utility of the
study results.
cam.ac.uk//UCAM-CL-TR-119
2019-12-20
Pilgrim: a debugger for distributed systems
Cooper, Robert
University of Cambridge, Computer Laboratory
1987-07
en
Text
UCAM-CL-TR-119
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-119.pdf
Pilgrim is a source level debugger for concurrent CLU programs
which execute in a distributed environment. It integrates
conventional debugging facilities with features for debugging
remote procedure calls and critical region based process
interactions. Pilgrim is unusual in that it functions on
programs in the target environment under conditions of actual
use. This has caused a trade-off between providing rich and
detailed information to the programmer and avoiding any unwanted
alteration to the computation being debugged. Another
complication is debugging one client of a network server while
avoiding interference with the server’s other clients. A
successful methodology for this case requires assistance from
the server itself.
cam.ac.uk//UCAM-CL-TR-120
2017-07-06
Block encryption
Wheeler, D.
University of Cambridge, Computer Laboratory
1987-11
en
Text
UCAM-CL-TR-120
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-120.pdf
A fast and simple way of encrypting computer data is needed. The
UNIX crypt is a good way of doing this although the method is
not cryptographically sound for text. The method suggested here
is applied to larger blocks than the DES method which uses 64
bit blocks, so that the speed of encyphering is reasonable. The
algorithm is designed for software rather than hardware. This
forgoes two advantages of the crypt algorithm, namely that each
character can be encoded and decoded independently of other
characters and that the identical process is used both for
encryption and decryption. However this method is better for
coding blocks directly.
cam.ac.uk//UCAM-CL-TR-121
2019-12-20
A high-level petri net specification of the Cambridge
Fast Ring M-access service
Billington, Jonathan
University of Cambridge, Computer Laboratory
1987-12
en
Text
UCAM-CL-TR-121
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-121.pdf
Numerical Petri Nets (a high level inhibitor net) are used to
characterise the Cambridge Fast Ring Hardware at a high level of
abstraction. The NPN model describes the service provided to
users of the hardware (stations, monitors, bridges and ring
transmission plant), known as the M-Access service definition in
order to remove ambiguities and as a basis for the development
and verification of the protocols using the M-Access service.
cam.ac.uk//UCAM-CL-TR-122
2019-12-20
Temporal abstraction of digital designs
Herbert, John
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-122
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-122.pdf
Formal techniques have been used to verify the function of
reasonably large digital devices ([Hunt85], [Cohn87]), and also
to describe and reason about digital signal behaviour at a
detailed timing level [Hanna85], [Herbert86]. Different models
are used: simple synchronous models of components are the basis
for verifying high-level functional specifications; more
detailed models which capture the behaviour of signals in real
time are the basis of proofs about timing. The procedure called
temporal abstraction is a technique for formally relating these
two behavioural models.
The background to temporal abstraction is presented and the
details of its implementation in HOL. The HOL language
([Gordon85a]) is a computerised version of higher-order logic
which has an associated proof assistant also called HOL. In HOL
one may specify behaviour at both the functional and timing
levels. This work describes how the relationship between these
levels may also be described in HOL and reasoned about using the
HOL system.
The formal transformation of descriptions of behaviour at the
timing level to behaviour at the functional level involves
generating and verifying timing constraints. This process can be
identified with the conventional design activity of timing
analysis. This work shows that timing verification can be
viewed, not as a separate phase of design, but as part of a
single verification process which encompasses functional and
timing verification. A single formal language, HOL, is used to
describe all aspects of the behaviour and a single verification
system provides all the proofs of correctness. The use of
uniform, formal techniques is shown to have a number of
advantages.
cam.ac.uk//UCAM-CL-TR-123
2020-01-16
Case study of the Cambridge Fast Ring ECL chip using
HOL
Herbert, John
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-123
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-123.pdf
This article describes the formal specification and verification
of an integrated circuit which is part of a local area network
interface. A single formal language is used to describe the
structure and behaviour at all levels in the design hierarchy,
and an associated proof assistant is used to generate all formal
proofs. The implementation of the circuit, described as a
structure of gates and flip-flops, is verified via a number of
levels with respect to a high-level formal specification of
required behaviour. The high-level formal specification is shown
to be close to precise natural language description of the
circuit behaviour.
The specification language used, HOL [Gordon85a], has the
advantage of permitting partial specifications. It turns out
that partial specification has an important effect on the
specification and verification methodology and this is
presented. We have also evaluated aspects of conventional
design, such as techniques for locating errors and the use of
simulation, within the case study of formal methods. We assert
that proof strategies must assist error location and that
simulation has a role alongside formal verification.
cam.ac.uk//UCAM-CL-TR-124
2020-01-20
Formal verification of basic memory devices
Herbert, John
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-124
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-124.pdf
Formal methods have been used recently to verify high-level
functional specifications of digital systems. Such formal proofs
have used simple models of circuit components. In this article
we describe complementary work which uses a more detailed model
of components and demonstrates how hardware can be specified and
verified at this level.
In this model all circuits can be described as structures of
gates, each gate having an independent propagation delay. The
behaviour of digital signals in real time is captured closely.
The function and timing of asynchronous and synchronous memory
elements implemented using gates is derived. Formal proofs of
correctness show that, subject to certain constraints on gate
delays and signal timing parameters, these devices act as memory
elements and exhibit certain timing properties.
All the proofs have been mechanically generated using Gordon’s
HOL system.
cam.ac.uk//UCAM-CL-TR-125
2020-01-23
An operational semantics for Occam
Camilleri, Juanito
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-125
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-125.pdf
Occam is a programming language designed to support concurrent
applications, especially those implemented on networks of
communicating processors. The aim of this paper is to formulate
the meaning of the language constructs of Occam by semantic
definitions which are intended as a direct formalisation of the
natural language descriptions usually found in programming
language manuals [Inmos 3]. This is done by defining a syntax
directed transition system where the transitions associated to a
phrase are a function of the transitions associated to its
components. This method is by no means novel. The concepts here
were introduced in [Plotkin 8] and are applied in [Plotkin 9]
where an operational semantics for CSP [Hoare 2] was presented.
The operational semantics for a subset of Ada is defined in [Li
6], where tasking and exception handling are modelled. For
simplicity only a subset of Occam is defined. Timing, priority,
replicators and BYTE subscription are omitted. Other features of
Occam which deal with the associated components of an Occam
program with a set of physical resources (i.e. configurations)
are also omitted since they do not effect the semantic
interpretation of a program.
cam.ac.uk//UCAM-CL-TR-126
2018-03-27
Reasoning about the function and timing of integrated
circuits with Prolog and temporal logic
Leeser, M.E.
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-126
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-127
2020-02-03
A development environment for large natural language
grammars
Carroll, John
Boguraev, Bran
Grover, Claire
Briscoe, Ted
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-127
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-127.pdf
The Grammar Development Environment (GDE) is a powerful software
tool designed to help a linguist or grammarian experiment with
and develop large natural language grammars. (It is also,
however, being used to help teach students on courses in
computational linguistics). This report describes the
grammatical formalism employed by the GDE, and contains detailed
instructions on how to use the system.
Source code for a Common Lisp version of the software is
available from the University of Edinburgh Artificial
Intelligence Applications Institute.
cam.ac.uk//UCAM-CL-TR-128
2015-05-11
Debugging concurrent and distributed programs
Cooper, Robert Charles Beaumont
University of Cambridge, Computer Laboratory
1988-02
en
Text
UCAM-CL-TR-128
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-128.pdf
This thesis aims to make one aspect of distributed programming
easier: debugging. The principles for designing and implementing
an interactive debugger for concurrent and distributed programs
are presented. These programs are written in a high-level
language with type-checked remote procedure calls. They execute
on the nodes of a local computer network and interact with the
other programs and services which exist on such a network.
The emphasis is on debugging programs in the environment in
which they will eventually operate, rather than some simulated
environment oriented specifically to the needs of debugging.
Thus the debugging facilities impose a low overhead on the
program and may be activated at any time.
Ideally the actions of the debugger should be transparent to the
execution of the program being debugged. The difficult problem
of avoiding any alteration to the relative ordering of
inter-process events is examined in detail. A method of
breakpointing a distributed computation is presented which
achieves a high degree of transparency in the face of arbitary
process interactions through shared memory.
The problems of debugging programs that interact with network
services, which are shared concurrently with other users of the
distributed environment, are examined. A range of debugging
techniques, some of which are directly supported by the
debugger, are discussed.
A set of facilities for debugging remote procedure calls is
presented, and the functions required of the operating system
kernel and runtime system to support debugging are also
discussed. A distributed debugger is itself an example of a
distributed program and so issues such as functional
distribution and authentication are addressed.
These ideas have been implemented in Pilgrim, a debugger for
Concurrent CLU programs running under the Mayflower supervisor
within the Cambridge Distributed Computing System.
cam.ac.uk//UCAM-CL-TR-129
2004-03-02
A methodology for automated design of computer
instruction sets
Bennett, Jeremy Peter
University of Cambridge, Computer Laboratory
1988-03
en
Text
UCAM-CL-TR-129
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-129.pdf
With semiconductor technology providing scope for increasingly
complex computer architectures, there is a need more than ever
to rationalise the methodology behind computer design. In the
1970’s, byte stream architectures offered a rationalisation of
computer design well suited to microcoded hardware. In the
1980’s, RISC technology has emerged to simplify computer design
and permit full advantage to be taken of very large scale
integration. However, such approaches achieve their aims by
simplifying the problem to a level where it is within the
comprehension of a simple human being. Such an effort is not
sufficient. There is a need to provide a methodology that takes
the burden of design detail away from the human designer,
leaving him free to cope with the underlying principles
involved.
In this dissertation I present a methodology for the design of
computer instruction sets that is capable of automation in large
part, removing the drudgery of individual instruction selection.
The methodology does not remove the need for the designer’s
skill, but rather allows precise refinement of his ideas to
obtain an optimal instruction set.
In developing this methodology a number of pieces of software
have been designed and implemented. Compilers have been written
to generate trial instruction sets. An instruction set generator
program has been written and the instruction set it proposes
evaluated. Finally a prototype language for instruction set
design has been devised and implemented.
cam.ac.uk//UCAM-CL-TR-130
2017-07-13
The foundation of a generic theorem prover
Paulson, Lawrence C
University of Cambridge, Computer Laboratory
1988-03
en
Text
UCAM-CL-TR-130
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-130.pdf
Isabelle is an interactive theorem prover that supports a
variety of logics. It represents rules as propositions (not as
functions) and builds proofs by combining rules. These
operations constitute a meta-logic (or ‘logical framework’) in
which the object-logics are formalized. Isabelle is now based on
higher-order logic – a precise and well-understood foundation.
Examples illustrate use of this meta-logic to formalize logics
and proofs. Axioms for first-order logic are shown sound and
complete. Backwards proof is formalized by meta-reasoning about
object-level entailment.
Higher-order logic has several practical advantages over other
meta-logics. Many proof techniques are known, such as Huet’s
higher-order unification procedure.
cam.ac.uk//UCAM-CL-TR-131
2020-01-23
Architecture problems in the construction of expert
systems for document retrieval
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1986-12
en
Text
UCAM-CL-TR-131
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-131.pdf
The idea of an expert system front end offering the user
effective direct accessto a document retrieval system is an
attractive one. The paper considers two specific approaches to
the construction of such an expert interface, Belkin and Brooks
and their colleagues’ treatment of the functions of such a front
end based on the analysis of human intermediaries, and Pollitt’s
experimental implementation of a query formulator for searching
Cancerline. The distributed expert system model proposed by
Belkin and Brooks is a plausable one, and Pollitt’s system can
be regarded as a first step towards it. But there are major
problems about this type of architecture, and the paper argues
in particular that in seeking to develop more powerful front
ends of the kind envisaged there is one important issue, the
nature of the language used for communication between the
contributing experts, that requires for attention than it has
hitherto received.
cam.ac.uk//UCAM-CL-TR-132
2016-07-22
Reasoning about the function and timing of integrated
circuits with Prolog and temporal logic
Leeser, Miriam Ellen
University of Cambridge, Computer Laboratory
1988-04
en
Text
UCAM-CL-TR-132
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-133
2017-07-13
A preliminary users manual for Isabelle
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1988-05
en
Text
UCAM-CL-TR-133
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-133.pdf
This is an early report on the theorem prover Isabelle and
several of its object-logics. It describes Isabelle’s
operations, commands, data structures, and organization. This
information is fairly low-level, but could benefit Isabelle
users and implementors of other systems.
cam.ac.uk//UCAM-CL-TR-134
2004-10-12
Correctness properties of the Viper black model: the
second level
Cohn, Avra
University of Cambridge, Computer Laboratory
1988-05
en
Text
UCAM-CL-TR-134
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-135
2020-02-04
Using recursive types to reason about hardware in higher
order logic
Melham, Thomas F.
University of Cambridge, Computer Laboratory
1988-05
en
Text
UCAM-CL-TR-135
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-135.pdf
The expressive power of higher order logic makes it possible to
define a wide variety of data types within the logic and to
prove theorems that state the properties of these types
concisely and abstractly. This paper describes how such defined
data types can be used to support formal reasoning in higher
order logic about the behaviour of hardware designs.
cam.ac.uk//UCAM-CL-TR-136
2017-07-06
Formal specification and verification of asynchronous
processes in higher-order logic
Joyce, Jeffrey J.
University of Cambridge, Computer Laboratory
1988-06
en
Text
UCAM-CL-TR-136
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-136.pdf
We model the interaction of a synchronous process with an
asynchronous memory process using a four-phase “handshaking”
protocol. This example demonstrates the use of higher-order
logic to reason about the behaviour of synchronous systems such
as microprocessors which communicate requests to asynchronous
devices and then wait for unpredictably long periods until these
requests are answered. We also describe how our model could be
revised to include some of the detailed timing requirements
found in real systems such as the M68000 microprocessor. One
enhancement uses non-determinism to model minimum setup times
for asynchronous inputs. Experience with this example suggests
that higher-order logic may also be a suitable formalism for
reasoning about more abstract forms of concurrency.
cam.ac.uk//UCAM-CL-TR-137
2019-10-21
Mass terms and plurals: from linguistic theory to
natural language processing
Hasle, F.V.
University of Cambridge, Computer Laboratory
1988-06
en
Text
UCAM-CL-TR-137
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-137.pdf
Two linguistic theories within the tradition of formal semantics
are investigated. One is concerned with mass terms, and the
other with plurals.
Special attention is paid to the possibility of implementing the
theories on a computer. With this goal in mind their basic ideas
are examined, and the linguistic implications are discussed. In
the process, various features of the theories are made formally
precise. This leads to two formal systems, one for representing
the meanings of sentences with mass terms, and another similar
one for plurals. The systems are specified by machine-executable
translation relations from fragments of natural language into
logical representations.
The underlying model-theoretic semantics of each theory is
partially axiomatised. From the axiomatisations all of the
paradigmatic inferences of each theory can be proved in a purely
deductive manner. This is demanstrated by a number of rigorous
proofs of natural language inferences.
Finally some methodological issues are raised. Both theories
recommend a particular approach within formal semantics for
natural language. I explore the methodological views underlying
the theories, and discuss whether the authors actually follow
the methods which they recommend.
cam.ac.uk//UCAM-CL-TR-138
2020-02-05
Authentication: a practical study in belief and
action
Burrows, Michael
Abadi, Martín
Needham, Roger
University of Cambridge, Computer Laboratory
1988-06
en
Text
UCAM-CL-TR-138
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-138.pdf
Questions of belief and action are essential in the analysis of
protocols for the authentication of principals in distributed
computing systems. In this paper we motivate, set out and
exemplify a logic specifically designed for this analysis; we
show how protocols differ subtly with respect to the required
initial assumptions of the participants and their final beliefs.
Our fomalism has enabled us to isolate and express these
differences in a way that was not previously possible, and it
has drawn attention to features of the protocols of which we
were perviously unaware. The reasoning about particular
protocols has been mechanically verified.
This paper starts with an informal account of the problem, goes
on to explain the formalism to be used, and gives examples of
its application to real protocols from the literature. The final
sections deal with a formal semantics of the logic and
conclusions.
cam.ac.uk//UCAM-CL-TR-139
2005-12-12
Petri net theory: a survey
Manson, Paul R.
University of Cambridge, Computer Laboratory
1988-06
en
Text
UCAM-CL-TR-139
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-139.pdf
The intense interest in concurrent (or “parallel”) computation
over the past decade has given rise to a large number of
languages for concurrent programming, representing many
conflicting views of concurrency.
The discovery that concurrent programming is significantly more
difficult than sequential programming has prompted considerable
research into determining a tractable and flexible theory of
concurrency, with the aim of making concurrent processing more
accessible, and indeed the wide variety of concurrent languages
merely reflects the many different models of concurrency which
have also been developed.
This report, therefore introduces Petri nets, discussing their
behaviour, interpretation and relationship to other models of
concurrency. It defines and discusses several restrictions and
extensions of the Petri net model, showing how they relate to
basic Petri nets, while explaining why they have been of
historical importance. Finally it presents a survey of the
analysis methods applied to Petri nets in general and for some
of the net models introduced here.
cam.ac.uk//UCAM-CL-TR-140
2020-01-28
Executing behavioural definitions in higher order
logic
Camilleri, Albert John
University of Cambridge, Computer Laboratory
1988-07
en
Text
UCAM-CL-TR-140
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-140.pdf
Over the past few years, computer scientists have been using
formal verification techniques to show the correctness of
digital systems. The verification process, however, is
complicated and expensive. Even proofs of simple circuits can
involve thousands of logical steps. Often it can be extremely
difficult to find correct device specifications and it is
desirable that one sets off to prove a correct specification
from the start, rather than repeatedly backtrack from the
verification process to modify the original definitions after
discovering they were incorrect or inadequate.
The main idea presented in the thesis is to amalgamate the
techniques of simulation and verification, rather than have the
latter replace the former. The result is that behavioural
definitions can be simulated until one is reasonably sure that
the specification is correct. Furthermore, proving the
correctness with respect to these simulated specifications
avoids the inadequacies of simulation where it may not be
computationally feasible to demonstrate correctness by
exhaustive testing. Simulation here has a different purpose: to
get specifications correct as early as possible in the
verification process. Its purpose is not to demonstrate the
correctness of the implementation – this is done in the
verification stage when the very same specifications that were
simulated are proved correct.
The thesis discusses the implementation of an executable subset
of the HOL logic, the version of Higher Order Logic embedded in
the HOL theorem prover. It is shown that hardware can be
effectively described using both relations and functions;
relations being suitable for abstract specification and
functions being suitable for execution. The difference between
relational and functional specifications are discussed and
illustrated by the verification of an n-bit adder. Techniques
for executing functional specifications are presented and
various optimisation strategies are shown which make the
execution of the logic efficient. It is further shown that the
process of generating optimised functional definitions from
relational definitions can be automated. Example simulations of
three hardware devices (a factorial machine, a small computer
and a communications chip) are presented.
cam.ac.uk//UCAM-CL-TR-141
2006-05-30
Reliable management of voice in a distributed
system
Want, Roy
University of Cambridge, Computer Laboratory
1988-07
en
Text
UCAM-CL-TR-141
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-141.pdf
The ubiquitous personal computer has found its way into most
office environments. As a result, widespread use of the Local
Area Network (LAN) for the purposes of sharing distributed
computing resources has become common. Another technology, the
Private Automatic Branch Exchange (PABX), has benefited from
large research and development by the telephone companies. As a
consequence, it is cost effective and has widely infiltrated the
office world. Its primary purpose is to switch digitised voice
but, with the growing need for communication between computers
it is also being adapted to switch data. However, PABXs are
generally designed around a centralised switch in which
bandwidth is permanently divided between its subscribers.
Computing requirements need much larger bandwidths and the
ability to connect to several services at once, thus making the
conventional PABX unsuitable for this application.
Some LAN technologies are suitable for switching voice and data.
The additional requirement for voice is that point to point
delay for network packets should have a low upper-bound. The 10
Mb/s Cambridge Ring is an example of this type of network, but
is relatively low bandwidth gives it limited application in this
area. Networks with larger bandwidths (up to 100 Mb/s) are now
becoming available comercially and could support a realistic
population of clients requiring voice and data communication.
Transporting voice and data in the same network has two main
advantages. Firstly, from a practical point of view, wiring is
minimised. Secondly, applications which integrate both media are
made possible, and hence digitised voice may be controlled by
client programs in new and interesting ways.
In addition to the new applications, the original telephony
facilities must also be available. They should, at least by
default, appear to work in an identical way to our tried and
trusted impression of a telephone. However, the control and
management of a network telephone is now in the domain of
distributed computing. The voice connections between telephones
are virtual circuits. Control and data information can be freely
mixed with voice at a network interface. The new problems that
result are the management issues related to the distributed
control of real-time media.
This thesis describes the issues as a distributed computing
problem and proposes solutions, many of which have been
demonstrated in a real implementation. Particular attention has
been paid to the quality of service provided by the solutions.
This amounts to the design of helpful operator interfaces,
flexible schemes for the control of voice from personal
workstations and, in particular, a high reliability factor for
the backbone telephony service. This work demonstrates the
advantages and the practicality of integrating voice and data
services within the Local Area Network.
cam.ac.uk//UCAM-CL-TR-142
2020-02-05
A fast packet switch for the integrated services
backbone network
Newman, Peter
University of Cambridge, Computer Laboratory
1988-07
en
Text
UCAM-CL-TR-142
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-142.pdf
With the projected growth in demand for bandwidth and
telecommunications services, will come the reguirement for a
multi-service backbone network of far greater efficiency,
capacity and flexibility than the ISDN is able to satisfy. This
class of network has been termed the Broadband ISDN, and the
design of the switching node of such a network is the subject of
much current research. This paper investigates one possible
solution. The design and performance, for multi-service traffic,
is presented of a fast packet switch based upon a non-buffered,
multi-stage interconnection network. It is shown that for an
implementation in current CMOS technology, operating at 50 MHz,
switches with a total traffic capacity of up to 150 Gbit/sec may
be constructed. Furthermore, if the reserved service traffic
load is limited on each input port to a maximum of 80% of switch
port saturation, then a maximum delay across the switch of the
order of 100 μsecs may be guaranteed, for 99% of the reserved
service traffic, regardless of the unreserved service traffic
load.
cam.ac.uk//UCAM-CL-TR-143
2017-07-13
Experience with Isabelle : A generic theorem
prover
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1988-08
en
Text
UCAM-CL-TR-143
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-143.pdf
The theorem prover Isabelle is described briefly and informally.
Its historical development is traced from Edinburgh LCF to the
present day. The main issues are unification, quantifiers, and
the representation of inference rules. The Edinburgh Logical
Framework is also described, for a comparison with Isabelle. An
appendix presents several Isabelle logics, including set theory
and Constructive Type Theory, with examples of theorems.
cam.ac.uk//UCAM-CL-TR-144
2020-02-13
An operational semantics for occam
Camilleri, Juanito
University of Cambridge, Computer Laboratory
1988-08
en
Text
UCAM-CL-TR-144
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-144.pdf
Occam is a programming language designed to support concurrent
applications, especially those implemented on networks of
communicating processors. The aim of this paper is to formulate
the meaning of the language constructs of Occam by semantic
definitions which are intended as a direct formalisation of the
natural language descriptions usually found in programming
language manuals [Inmos 5]. This is done by defining a syntax
directed transition system where the transitions associated to a
phrase are a function of the transitions associated to its
components. This method is by no means novel. The concepts here
were introduced in [Plotkin 10] and are applied in [Plotkin 11]
where an operational semantics for CSP [Hoare 4] was presented.
The operational semantics for a subset of Ada is defined in [Li
6], where tasking and exception handling are modelled. For
simplicity only a subset of Occam is defined. Timing,
replicators and BYTE subscription are omitted. Other features of
Occam which deal with the association of components of an Occam
program with a set of physical resources (i.e. configurations)
are also omitted since they do not effect the semantic
interpretation of a program.
cam.ac.uk//UCAM-CL-TR-145
2018-04-10
Mechanizing programming logics in higher order
logic
Gordon, Michael J.C.
University of Cambridge, Computer Laboratory
1988-09
en
Text
UCAM-CL-TR-145
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-145.pdf
Formal reasoning about computer programs can be based directly
on the semantics of the programming language, or done in a
special purpose logic like Hoare logic. The advantage of the
first approach is that it guarantees that the formal reasoning
applies to the language being used (it is well known, for
example, that Hoare’s assignment axiom fails to hold for most
programming languages). The advantage of the second approach is
that the proofs can be more direct and natural.
In this paper, an attempt to get the advantages of both
approaches is described. The rules of Hoare logic are
mechanically derived from the semantics of a simple imperative
programming language (using the HOL system). These rules form
the basis for a simple program verifier in which verification
conditions are generated by LCF-style tactics whose validations
use the derived Hoare rules. Because Hoare logic is derived,
rather than postulated, it is straightforward to mix semantic
and axiomatic reasoning. It is also straightforward to combine
the constructs of Hoare logic with other application-specific
notations. This is briefly illustrated for various logical
constructs, including termination statements, VDM-style
‘relational’ correctness specifications, weakest precondition
statements and dynamic logic formulae.
The theory underlying the work presented here is well known. Our
contribution is to propose a way of mechanizing this theory in a
way that makes certain practical details work out smoothly.
cam.ac.uk//UCAM-CL-TR-146
2018-03-27
Automating recursive type definitions in higher order
logic
Melham, Thomas F.
University of Cambridge, Computer Laboratory
1988-09
en
Text
UCAM-CL-TR-146
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-147
2020-02-14
Formal specification and verification of microprocessor
systems
Joyce, Jeffrey
University of Cambridge, Computer Laboratory
1988-09
en
Text
UCAM-CL-TR-147
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-147.pdf
This paper describes the use of formal methods to verify a very
simple microprocessor. The hierarchical structure of the
microprocessor implementation is formally specified in
higher-order logic. The behaviour of the microprocessor is then
derived from a switch level model of MOS (Metal Oxide
Semiconductor) behaviour using inference rules of higher-order
logic with assistance from a mechanical theorem proving system.
The complexity of the formal proof is controlled by a
multi-level approach based on increasingly abstract views of
time and data. While traditional methods such as multi-level
simulation may reveal errors or inconsistencies, formal
verification can provide greater certainty about the correctness
of a design. The main difference with formal verification, and
its strength, is that behaviour at one level is formally dervied
from lower levels with a precise statement of the conditions
under which one level accurately models lower levels.
cam.ac.uk//UCAM-CL-TR-148
2006-02-10
Extending coloured petri nets
Billington, Jonathan
University of Cambridge, Computer Laboratory
1988-09
en
Text
UCAM-CL-TR-148
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-148.pdf
Jensen’s Coloured Petri Nets (CP-nets) are taken as the starting
point for the development of a specification technique for
complex concurrent systems. To increase its expressive power
CP-nets are extended by including capacity and inhibitor
functions. A class of extended CP-nets, known as P-nets, is
defined that includes the capacity function and the threshold
inhibitor extension. The inhibitor extension is defined in a
totally symmetrical way to that of the usual pre place map (or
incidence function). Thus the inhibitor and pre place maps may
be equated by allowing a marking to be purged by a single
transition occurrence, useful when specifying the abortion of
various procedures. A chapter is devoted to developing the
theory and notation for the purging of a place’s marking or part
of its marking.
Two transformations from P-nets to CP-nets are presented and it
is proved that they preserve interleaving behaviour. These are
based on the notion of complementary places defined for PT-nets
and involve the definition and proof of a new extended
complementary place invariant for CP-nets
The graphical form of P-nets, known as a P-Graph, is presented
formally and draws upon the theories developed for algebraic
specification. Arc inscriptions are multiples of tuples of terms
generated by a many-sorted signature. Transition conditions are
Boolean expressions derived from the same signature. An
interpretation of the P-Graph is given in terms of a
corresponding P-net. The work is similar to that of Vautherin
but includes the inhibitor and capacity extension and a number
of significant differences. in the P-Graph concrete sets are
associated with places, rather than sorts and likewise there are
concrete initial marking and capacity functions. Vautherin
associates equations with transitions rather than the more
general Boolean expressions. P-Graphs are useful for
specification at a concrete level. Classes of the P-Graph, known
as Many-sorted Algebraic Nets and Many-sorted
Predicate/Transition nets, are defined and illustrated by a
number of examples. An extended place capacity notation is
developed to allow for the convenient representation of resource
bounds in the graphical form.
Some communications-oriented examples are presented including
queues and the Demon Game of international standards fame.
The report concludes with a discussion of future work. In
particular, an abstract P-Graph is defined that is very similar
to Vautherin’s Petri net-like schema, but including the capacity
and inhibitor extensions and associating boolean expressions
with transitions. This will be useful for more abstract
specifications (eg classes of communications protocols) and for
their analysis.
It is believed that this is the first coherent and formal
presentation of these extensions in the literature.
cam.ac.uk//UCAM-CL-TR-149
2018-11-15
Improving security and performance for capability
systems
Karger, Paul Ashley
University of Cambridge, Computer Laboratory
1988-10
en
Text
UCAM-CL-TR-149
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-149.pdf
This dissertation examines two major limitations of capability
systems: an inability to support security policies that enforce
confinement and a reputation for relatively poor performance
when compared with non-capability systems.
The dissertation examines why conventional capability systems
cannot enforce confinement and proposes a new secure capability
architecture, called SCAP, in which confinement can be enforced.
SCAP is based on the earlier Cambridge Capability System, CAP.
The dissertation shows how a non-discretionary security policy
can be implemented on the new architecture, and how the new
architecture can also be used to improve traceability of access
and revocation of access.
The dissertation also examines how capability systems are
vulnerable to discretionary Trojan horse attacks and proposes a
defence based on rules built into the command-language
interpreter. System-wide garbage collection, commonly used in
most capability systems, is examined in the light of the
non-discretionary security policies and found to be
fundamentally insecure. The dissertation proposes alternative
approaches to storage management to provide at least some of the
benefits of system-wide garbage collection, but without the
accompanying security problems.
Performance of capability systems is improved by two major
techniques. First, the doctrine of programming generality is
addressed as one major cause of poor performance. Protection
domains should be allocated only for genuine security reasons,
rather than at every subroutine boundary. Compilers can better
enforce modularity and good programming style without adding the
expense of security enforcement to every subroutine call.
Second, the ideas of reduced instruction set computers (RISC)
can be applied to capability systems to simplify the operations
required. The dissertation identifies a minimum set of hardware
functions needed to obtain good performance for a capability
system. This set is much smaller than previous research had
indicated necessary.
A prototype implementation of some of the capability features is
described. The prototype was implemented on a re-microprogrammed
VAX-11/730 computer. The dissertation examines the performance
and software compatibility implications of the new capability
architecture, both in the context of conventional computers,
such as the VAX, and in the context of RISC processors.
cam.ac.uk//UCAM-CL-TR-150
2017-07-06
Simulation as an aid to verification using the HOL
theorem prover
Camilleri, Albert John
University of Cambridge, Computer Laboratory
1988-10
en
Text
UCAM-CL-TR-150
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-150.pdf
The HOL theorem proving system, developed by Mike Gordon at the
University of Cambridge, is a mechanism of higher order logic,
primarily intended for conducting formal proofs of digital
system designs. In this paper we show that hardware
specifications written in HOL logic can be executed to enable
simulation as a means of supporting formal proof. Specifications
of a small microprocessor are described, showing how HOL logic
sentences can be transformed into executable code with minimum
risk of introducing inconsistencies. A clean and effective
optimisation strategy is recommended to make the executable
specifications practical.
cam.ac.uk//UCAM-CL-TR-151
2013-07-31
Formalising an integrated circuit design style in higher
order logic
Dhingra, Inderpreet-Singh
University of Cambridge, Computer Laboratory
1988-11
en
Text
UCAM-CL-TR-151
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-151.pdf
If the activities of an integrated circuit designer are
examined, we find that rather than keeping track of all the
details, he uses simple rules of thumb which have been refined
from experience. These rules of thumb are guidelines for
deciding which blocks to use and how they are to be connected.
This thesis gives a formal foundation, in higher order logic, to
the design rules of a dynamic CMOS integrated circuit design
style.
Correctness statements for the library of basic elements are
fomulated. These statements are based on a small number of
definitions which define the behaviour of transistors and
capacitors and the necessary axiomisation of the four valued
algebra for signals. The correctness statements of large and
complex circuits are then derived from the library of previously
proved correctness statements, using logical inference rules
instead of rules of thumb. For example, one gate from the
library can drive another only if its output constraints are
satisfied by the input constraints of the gate that it drives.
In formalising the design rules, these constraints are captured
as predicates and are part of the correctness statements of
these gates. So when two gates are to be connected, it is only
necessary to check that the predicates match. These ideas are
fairly general and widely applicable for formalising the rules
of many systems.
A number of worked examples are presented based on these formal
techniques. Proofs are presented at various stages of
development to show how the correctness statement for a device
evolves and how the proof is constructed. In particular it is
demonstrated how such formal techniques can help improve and
sharpen the final specifications.
As a major case study to test all these techniques, a new design
for a gigital phase-locked loop is presented. This has been
designed down to the gate level using the above dynamic design
style, and has been described and simulated using ELLA. Some of
the subcomponents have been formally verified down to the
detailed circuit level while others have merely been specified
without formal proofs of correctness. An informal proof of
correctness of this device is also presented based on the formal
specifications of the various submodules.
cam.ac.uk//UCAM-CL-TR-152
2003-01-01
Motion development for computer animation
Pullen, Andrew Mark
University of Cambridge, Computer Laboratory
1988-11
en
Text
UCAM-CL-TR-152
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-153
2016-07-22
Efficient data sharing
Burrows, Michael
University of Cambridge, Computer Laboratory
1988-12
en
Text
UCAM-CL-TR-153
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-153.pdf
As distributed computing systems become widespread, the sharing
of data between people using a large number of computers becomes
more important. One of the most popular ways to facilitate this
sharing is to provide a common file system, accessible by all
the machines on the network. This approach is simple and
reasonably effective, but the performance of the system can
degrade significantly if the number of machines is increased. By
using a hierarchical network, and arranging that machines
typically access files stored in the same section of the network
it is possible to build very large systems. However, there is
still a limit on the number of machines that can share a single
file server and a single network effectively.
A good way to decrease network and server load is to cache file
data on client machines, so that data need not be fetched from
the centralized server each time it is accessed. This technique
can improve the performance of a distributed file system and is
used in a number of working systems. However, caching brings
with it the overhead of maintaining consistency, or cache
coherence. That is, each machine in the network must see the
same data in its cache, even though one machine may be modifying
the data as others are reading it. The problem is to maintain
consistency without dramatically increasing the number of
messages that must be passed between machines on the network.
Some existing file systems take a probabilistic approach to
consistency, some explicitly prevent the activities that can
cause inconsistency, while others provide consistency only at
the some cost in functionality or performance. In this
dissertation, I examine how distributed file systems are
typically used, and the degree to which caching might be
expected to improve performance. I then describe a new file
system that attempts to cache significantly more data than other
systems, provides strong consistency guarantees, yet requires
few additional messages for cache management.
This new file-system provides fine-grain sharing of a file
concurrently open on multiple machines on the network, at the
granularity of a single byte. It uses a simple system of
multiple-reader, single writer locks held in a centralized
server to ensure cache consistency. The problem of maintaining
client state in a centralized server are solved by using
efficient data structures and crash recovery techniques.
cam.ac.uk//UCAM-CL-TR-154
2020-02-19
A natural language interface to an intelligent planning
system
Crabtree, I.B.
Crouch, R.S.
Moffat, D.C.
Pirie, N.J.
Pulman, S.G.
Ritchie, G.D.
Tate, B.A.
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-154
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-154.pdf
An intelligent planning system is an example of a software aid
which, although developed by specialists, is intended to be used
by non-programmers for a wide variety of tasks. There is
therefore a need for a communication medium which allows the
application specialist, and the non-expert user to specify their
needs without knowing the details of the system.
This kind of system is one where the ‘mice and menus’ approach
is unlikely to be able to provide a very flexible interface
since the range and type of potential queries is not predictable
in advance. Clearly, therefore, some kind of language is a
necessity here. The aim of this project is to experiment with
the use of English language as the medium of communication. The
kind of system we would eventually be able to build would be one
where the user could use the planner to organise some external
activity, trying out alternative scenarios, and then interact
with the system during the execution of the resulting plans,
making adjustments where necessary.
cam.ac.uk//UCAM-CL-TR-155
2017-07-13
Computational morphology of English
Pulman, S.G.
Russell, G.J.
Ritchie, G.D.
Black, A.W.
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-155
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-155.pdf
This paper describes an implemented computer program which uses
various kinds of linguistic knowledge to analyse existing or
novel word forms in terms of their components. Three main types
of knowledge are required (for English): knowledge about
spelling or phonological changes consequent upon affixation
(notice we are only dealing with isolated word forms); knowledge
about the syntactic or semantic properties of affixation (i.e.
inflexional and derivational morphology), and knowledge about
the properties of the stored base forms of words (which in our
case are always themselves words, rather than more abstract
entities). These three types of information are stored as data
files, represented in exactly the form a linguist might employ.
These data files are then compiled by the system to produce a
run-time program which will analyse arbitrary word forms
presented to it in a way consistent with the original linguistic
description.
cam.ac.uk//UCAM-CL-TR-156
2020-02-19
Events and VP modifiers
Pulman, Steve
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-156
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-156.pdf
This paper concerns the anaysis of adverbial and PP modifiers of
VP suggested by Davidson, where verbs are regarded as
introducing reference to events, and such modifiers are
predicates of these events. Several problems raised by it are
described and a solution is presented. The paper then goes on to
suggest some extensions of the theory in order to be able to
cope with temporal and aspectual modification of VPs.
cam.ac.uk//UCAM-CL-TR-157
2020-02-26
Introducing a priority operator to CCS
Camilleri, Juanito
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-157
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-157.pdf
In this paper we augment the syntax of CCS by introducing a
priority operator. We present a syntax directed operational
semantics of the language as a labelled transition system. A new
equivalence relation which is based on Milner’s strong
observational equivalence [11] is defined and proved to be a
congruence. We also give some examples which illustrate the use
of the operator and emphasise the novelty of the approach used
to introduce the notion prior to process algebras.
cam.ac.uk//UCAM-CL-TR-158
2017-07-13
Tailoring output to the user: What does user modelling
in generation mean?
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1988-08
en
Text
UCAM-CL-TR-158
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-158.pdf
This paper examines the implications for linguistic output
generation tailored to the interactive system user, of earlier
analyses of the components of user modelling and of the
constraints realism imposes on modelling. Using a range of
detailed examples it argues that tailoring based only on the
actual dialogue and on the decision model required for the
system task is quite adequate, and that more ambitious modelling
is both dangerous and unnecessary.
cam.ac.uk//UCAM-CL-TR-159
2017-07-06
Non-trivial power types can’t be subtypes of polymorphic
types
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1989-01
en
Text
UCAM-CL-TR-159
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-159.ps.gz
This paper establishes a new, limitative relation between the
polymorphic lambda calculus and the kind of higher-order type
theory which is embodied in the logic of toposes. It is shown
that any embedding in a topos of the cartesian closed category
of (closed) types of a model of the polymorphic lambda calculus
must place the polymorphic types well away from the powertypes
σ→Ω of the topos, in the sense that σ→Ω is a subtype of a
polymorphic type only in the case that σ isempty (and hence σ→Ω
is terminal). As corollaries we obtain strengthenings of
Reynold’s result on the non-existence of set-theoretic models of
polymorphism.
cam.ac.uk//UCAM-CL-TR-160
2020-02-28
PFL+: A Kernal Scheme for Functions I/O
Gordon, Andrew
University of Cambridge, Computer Laboratory
1989-02
en
Text
UCAM-CL-TR-160
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-160.pdf
In place of the common separation of functional I/O into
continuation and stream based schemes, an alternative division
between Data Driven and Strictness Driven mechanisms for I/O is
proposed. The data driven mechanism determines I/O actions by
the Weak Head Normal Form of programs, while strictness driven
I/O is based on suspensions – I/O actions are triggered when
demand arises for the value of a suspension during normal order
reduction. The data driven and strictness driven I/O mechanisms
are exemplified by the output list and input list, respectively,
in Landin’s stream based I/O scheme.
PFL+ is a functional I/O scheme, able to express arbitary I/O
actions and both data driven and strictness driven constructs in
terms of a small kernel of primitives. PFL+ could be added to
any functional language. It is based on Holmström’s PFL [5], a
parallel functional language with embedded communication and
concurrency operators from CCS. PFL+ adds non-strict
communication, behaviours with results and primitives to make
suspensions.
Examples are given of how PFL+ can dervive from these primitives
both stream based I/O and the representation of the file system
as a function.
cam.ac.uk//UCAM-CL-TR-161
2003-01-01
Papers on Poly/ML
Matthews, D.C.J.
University of Cambridge, Computer Laboratory
1989-02
en
Text
UCAM-CL-TR-161
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-162
2018-03-27
The Alvey natural language tools grammar (2nd
Release)
Grover, Claire
Briscoe, Ted
Carroll, John
Boguraev, Bran
University of Cambridge, Computer Laboratory
1989-04
en
Text
UCAM-CL-TR-162
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-163
2017-07-13
Inference in a natural language front end for
databases
Copestake, Ann
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1989-02
en
Text
UCAM-CL-TR-163
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-163.pdf
This report describes the implementation and initial testing of
knowledge representation and inference capabilities within a
modular database front end designed for transportability.
cam.ac.uk//UCAM-CL-TR-164
2018-03-27
A matrix key distribution system
Gong, Li
Wheeler, David J.
University of Cambridge, Computer Laboratory
1988-10
en
Text
UCAM-CL-TR-164
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-164.pdf
A new key distribution scheme is presented. It is based on the
distinctive idea that lets each node have a set of keys of which
it shares a distinct subset with every other node. This has the
advantage that the numbers of keys that must be distributed and
maintained are reduced by a square root factor; moreover, two
nodes can start conversation with virtually no delay. Two
versions of the scheme are given. Their performance and security
analysis shows it is a practical solution to some key
distribution problems.
cam.ac.uk//UCAM-CL-TR-165
2016-07-22
Fast packet switching for integrated services
Newman, Peter
University of Cambridge, Computer Laboratory
1989-03
en
Text
UCAM-CL-TR-165
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-166
2020-03-09
Evolution of operating system structures
Bacon, Jean
University of Cambridge, Computer Laboratory
1989-03
en
Text
UCAM-CL-TR-166
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-166.pdf
The development of structuring within operating systems is
reviewed and related to the simultaneous evolution of concurrent
programming languages. First traditional, multi-user systems are
considered and their evolution from monolithic closed systems to
general domain structured systems is traced. Hardware support
for protected sharing is emphasised for this type of system.
The technology directed trend towards single user workstations
requires a different emphasis in system design. The requirement
for protection in such systems is less strong than in multi-user
systems and, in a single language system, may to some extent be
provided by software at compile time rather than hardware at run
time. Distributed systems comprising single user workstations
and dedicated server machines are considered and the special
requirements for efficient implementation of servers are
discussed.
The concepts of closed but structured and open system designs
are helpful. It is argued that the open approach is most suited
to the requirements of single user and distributed systems.
Experiences of attempting to implement systems over a closed
operating system base are presented.
Progress towards support for heterogeneity in distributed
systems, so that interacting components written in a range of
languages may interwork and may run on a variety of hardware, is
presented.
The benefits of taking an object orientated view for
system-level as well as language-level objects and for
specification, generation and design of systems are discussed
and work in this area is described.
An outline of formal approaches aimed at specification,
verification and automatic generation of software is given.
Finally, design issues are summarised and conclusions drawn.
cam.ac.uk//UCAM-CL-TR-167
2017-07-06
A verified compiler for a verified
microprocessor
Joyce, Jeffrey J.
University of Cambridge, Computer Laboratory
1989-03
en
Text
UCAM-CL-TR-167
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-168
2018-03-20
Distributed computing with a processor bank
Bacon, J.M.
Leslie, I.M.
Needham, R.M.
University of Cambridge, Computer Laboratory
1989-04
en
Text
UCAM-CL-TR-168
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-168.pdf
The Cambridge Distributed Computing System (CDCS) was designed
some ten years ago and was in everyday use at the Computer
Laboratory until December 1988. An overview of the basic design
of CDCS is given, an outline of its evolution and a description
of the distributed systems research projects that were based on
it. Experience has shown that a design based on a processor bank
leads to a flexible and extensible distributed system.
cam.ac.uk//UCAM-CL-TR-169
2016-07-22
Filing in a heterogeneous network
Seaborne, Andrew Franklin
University of Cambridge, Computer Laboratory
1989-04
en
Text
UCAM-CL-TR-169
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-170
2018-03-27
Ordered rewriting and confluence
Martin, Ursula
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1989-05
en
Text
UCAM-CL-TR-170
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-171
2016-08-08
Some types with inclusion properties in ∀, →,
μ
Fairbairn, Jon
University of Cambridge, Computer Laboratory
1989-06
en
Text
UCAM-CL-TR-171
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-171.pdf
This paper concerns the ∀, →, μ type system used in the
non-strict functional programming language Ponder. While the
type system is akin to the types of Second Order
Lambda-calculus, the absence of type application makes it
possible to construct types with useful inclusion relationships
between them.
To illustrate this, the paper contains definitions of a natural
numbers type with many definable subtypes, and of a record type
with inheritance.
cam.ac.uk//UCAM-CL-TR-172
2003-01-01
A theoretical framework for computer models of
cooperative dialogue, acknowledging multi-agent
conflict
Galliers, Julia Rose
University of Cambridge, Computer Laboratory
1989-07
en
Text
UCAM-CL-TR-172
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-173
2003-01-01
Programming in temporal logic
Hale, Roger William Stephen
University of Cambridge, Computer Laboratory
1989-07
en
Text
UCAM-CL-TR-173
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-174
2003-01-01
General theory relating to the implementation of
concurrent symbolic computation
Clarke, James Thomas Woodchurch
University of Cambridge, Computer Laboratory
1989-08
en
Text
UCAM-CL-TR-174
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-175
2017-07-13
A formulation of the simple theory of types (for
Isabelle)
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1989-08
en
Text
UCAM-CL-TR-175
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-175.pdf
Simple type theory is formulated for use with the generic
theorem prover Isabelle. This requires explicit type inference
rules. There are function, product, and subset types, which may
be empty. Descriptions (the eta-operator) introduce the Axiom of
Choice. Higher-order logic is obtained through reflection
between formulae and terms of type bool. Recursive types and
functions can be formally constructed.
Isabelle proof procedures are described. The logic appears
suitable for general mathematics as well as computational
problems.
cam.ac.uk//UCAM-CL-TR-176
2018-03-27
Implementing aggregates in parallel functional
languages
Clarke, T.J.W.
University of Cambridge, Computer Laboratory
1989-08
en
Text
UCAM-CL-TR-176
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-177
2003-01-01
Experimenting with Isabelle in ZF Set Theory
Noel, P.A.J.
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-177
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-178
2017-07-06
Totally verified systems: linking verified software to
verified hardware
Joyce, Jeffrey J.
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-178
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-178.pdf
We describe exploratory efforts to design and verify a compiler
for a formally verified microprocessor as one aspect of the
eventual goal of building totally verified systems. Together
with a formal proof of correctness for the microprocessor this
yields a precise and rigorously established link between the
semantics of the source language and the execution of compiled
code by the fabricated microchip. We describe in particular: (1)
how the limitations of real hardware influenced this proof; and
(2) how the general framework provided by higher order logic was
used to formalize the compiler correctness problem for a
hierarchically structured language.
cam.ac.uk//UCAM-CL-TR-179
2018-03-27
Automating Squiggol
Martin, Ursula
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-179
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-180
2018-03-27
Formal verification of data type refinement : Theory and
practice
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-180
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-181
2018-03-27
Proof transformations for equational theories
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-181
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-182
2018-03-27
The theory and implementation of a bidirectional
question answering system
Levine, John M.
Fedder, Lee
University of Cambridge, Computer Laboratory
1989-10
en
Text
UCAM-CL-TR-182
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-183
2018-03-27
The specification and verification of sliding window
protocols in higher order logic
Cardell-Oliver, Rachel
University of Cambridge, Computer Laboratory
1989-10
en
Text
UCAM-CL-TR-183
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-184
2016-09-19
Site interconnection and the exchange
architecture
Tennenhouse, David Lawrence
University of Cambridge, Computer Laboratory
1989-10
en
Text
UCAM-CL-TR-184
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-185
2020-01-28
Logics of domains
Zhang, Guo Qiang
University of Cambridge, Computer Laboratory
1989-12
en
Text
UCAM-CL-TR-185
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-186
2016-07-22
Protocol design for high speed networks
McAuley, Derek Robert
University of Cambridge, Computer Laboratory
1990-01
en
Text
UCAM-CL-TR-186
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-186.ps.gz
Improvements in fibre optic communication and in VLSI for
network switching components have led to the consideration of
building digital switched networks capable of providing point to
point communication in the gigabit per second range. Provision
of bandwidths of this magnitude allows the consideration of a
whole new range of telecommunications services, integrating
video, voice, image and text. These multi-service networks have
a range of requirements not met by traditional network
architectures designed for digital telephony or computer
applications. This dissertation describes the design, and an
implementation, of the Multi-Service Network architecture and
protocol family, which is aimed at supporting these services.
Asynchronous transfer mode networks provide the basic support
required for these integrated services, and the Multi-Service
Network architecture is designed primarily for these types of
networks. The aim of the Multi-Service protocol family is to
provide a complete architecture which allows use of the full
facilities of asynchronous transfer mode networks by multi-media
applications. To maintain comparable performance with the
underlying media, certain elements of the MSN protocol stack are
designed with implementation in hardware in mind. The
interconnection of heterogeneous networks, and networks
belonging to different security and administrative domains, is
considered vital, so the MSN architecture takes an
internetworking approach.
cam.ac.uk//UCAM-CL-TR-187
2017-07-13
Natural language interfaces to databases
Copestake, Ann
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1989-09
en
Text
UCAM-CL-TR-187
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-187.ps.gz
This paper reviews the state of the art in natural language
access to databases. This has been a long-standing area of work
in natural language processing. But though some commercial
systems are now available, providing front ends has proved much
harder than was expected, and the necessary limitations on front
ends have to be recognised. The paper discusses the issues, both
general to language and task-specific, involved in front end
design, and the way these have been addressed, concentrating on
the work of the last decade. The focus is on the central process
of translating a natural language question into a database
query, but other supporting functions are also covered. The
points are illustrated by the use of a single example
application. The paper concludes with an evaluation of the
current state, indicating that future progress will depend on
the one hand on general advances in natural language processing,
and on the other on expanding the capabilities of traditional
databases.
cam.ac.uk//UCAM-CL-TR-188
2018-03-27
Specification of computer architectures: a survey and
annotated bibliography
Leonard, Timothy E.
University of Cambridge, Computer Laboratory
1990-01
en
Text
UCAM-CL-TR-188
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-189
2018-03-27
Isabelle tutorial and user’s manual
Paulson, Lawrence C.
Nipkow, Tobias
University of Cambridge, Computer Laboratory
1990-01
en
Text
UCAM-CL-TR-189
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-189.pdf
This (obsolete!) manual describes how to use the theorem prover
Isabelle. For beginners, it explains how to perform simple
single-step proofs in the built-in logics. These include
first-order logic, a classical sequent calculus, ZF set theory,
Constructie Type Theory, and higher-order logic. Each of these
logics is described. The manual then explains how to develop
advanced tactics and tacticals and how to derive rules. Finally,
it describes how to define new logics within Isabelle.
cam.ac.uk//UCAM-CL-TR-190
2017-07-13
Some notes on mass terms and plurals
Copestake, Ann
University of Cambridge, Computer Laboratory
1990-01
en
Text
UCAM-CL-TR-190
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-190.ps.gz
This report describes a short investigation into some possible
treatments of mass nouns and plurals. It aims to provide a
grammar and axiomatisation with a reasonable coverage of these
phenomena, so that a range of sentences can be parsed, and
inferences made automatically.
The previous work on the subject, mainly due to Hasle (1988) is
reviewed, and the limitations of both the original theories and
Hasle’s implementation are demonstrated. Some more recent work,
especially that relevant to Link’s theory, is also discussed.
The present grammar and axiomatisation is described. Although it
is not the implementation of any particular theory, it draws on
the work of Link, Krifka and Roberts. Some of the problems with
the present approach are discussed, although possible solutions
would need to be considered in a wider context. The aim is to
show what types of phenomena can be treated by a relatively
simple approach.
The implemented grammar covers everything that was treated by
Hasle’s implementation, and extends that coverage in a varietry
of ways, while providing a better integration of the treatment
of mass nouns and plurals than the earlier work. It was written
in the CFG+ formalism, and some parts of the axiomatisation have
been tested using the HOL system.
cam.ac.uk//UCAM-CL-TR-191
2017-07-13
An architecture for real-time multimedia communications
systems
Nicolaou, Cosmos
University of Cambridge, Computer Laboratory
1990-02
en
Text
UCAM-CL-TR-191
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-191.pdf
An architecture for real-time multimedia communications systems
is presented. A multimedia communication systems includes both
the communication protocols used to transport the real-time data
and also the Distributed Computing system (DCS) within which any
applications using these protocols must execute. The
architecture presented attempts to integrate these protocols
with the DCS in a smooth fashion in order to ease the writing of
multimedia applications. Two issues are identified as being
essential to the success of this integration: namely the
synchronisation of related real-time data streams, and the
management of heterogeneous multimedia hardware. The
synchronisation problem is tackled by defining explicit
synchronisation properties at the presentation level and by
providing control and synchronisation operations within the DCS
which operate in terms of these properties. The heterogeneity
problems are addressed by separating the data transport
semantics (protocols themselves) from the control semantics
(protocol interfaces). The control semantics are implemented
using a distributed, typed interface, scheme within the DCS
(i.e. above the presentation layer), whilst the protocols
themselves are implemented within the communication subsystem.
The interface between the DCS and communications subsystem is
referred to as the orchestration interface and can be considered
to lie in the presentation and session layers.
A conforming prototype implementation is currently under
construction.
cam.ac.uk//UCAM-CL-TR-192
2017-07-13
Designing a theorem prover
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1990-05
en
Text
UCAM-CL-TR-192
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-192.pdf
The methods and principles of theorem prover design are
presented through an extended example. Starting with a sequent
calculus for first-order logic, an automatic prover (called
Folderol) is developed. Folderol can prove quite a few
complicated theorems, although its search strategy is crude and
limited. Folderol is coded in Standard ML and consists largely
of pure functions. Its complete listing is included.
The report concludes with a survey of other research in theorem
proving: the Boyer/Moore theorem prover, Automath, LCF, and
Isabelle.
cam.ac.uk//UCAM-CL-TR-193
2003-01-01
Belief revision and a theory of communication
Galliers, Julia Rose
University of Cambridge, Computer Laboratory
1990-05
en
Text
UCAM-CL-TR-193
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-194
2003-01-01
Proceedings of the First Belief Representation and Agent
Architectures Workshop
Galliers, Julia Rose
University of Cambridge, Computer Laboratory
1990-03
en
Text
UCAM-CL-TR-194
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-195
2016-07-22
Multi-level verification of microprocessor-based
systems
Joyce, Jeffrey J.
University of Cambridge, Computer Laboratory
1990-05
en
Text
UCAM-CL-TR-195
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-196
2018-03-27
The semantics of VHDL with Val and Hol: towards
practical verification tools
Van Tassell, John Peter
University of Cambridge, Computer Laboratory
1990-06
en
Text
UCAM-CL-TR-196
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-197
2003-01-01
The semantics and implementation of aggregates : or :
how to express concurrency without destroying
determinism
Clarke, Thomas
University of Cambridge, Computer Laboratory
1990-07
en
Text
UCAM-CL-TR-197
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-198
2017-07-06
Evaluation Logic
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-198
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-198.ps.gz
A new typed, higher-order logic is described which appears
particularly well fitted to reasoning about forms of computation
whose operational behaviour can be specified using the Natural
Semantics style of structural operational semantics. The logic’s
underlying type system is Moggi’s computational metalanguage,
which enforces a distinction between computations and values via
the categorical structure of a strong monad. This is extended to
a (constructive) predicate logic with modal formulas about
evaluation of computations to values, called evaluation
modalities. The categorical structure corresponding to this kind
of logic is explained and a couple of examples of categorical
models given.
As a first example of the naturalness and applicability of this
new logic to program semantics, we investigate the translation
of a (tiny) fragment of Standard ML into a theory over the
logic, which is proved computationally adequate for ML’s Natural
Semantics. Whilst it is tiny, the ML fragment does however
contain both higher-order functional and imperative features,
about which the logic allows us to reason without having to
mention global states explicitly.
cam.ac.uk//UCAM-CL-TR-199
2018-03-27
The HOL verification of ELLA designs
Boulton, Richard
Gordon, Mike
Herbert, John
Van Tassel, John
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-199
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-199.ps.gz
HOL is a public domain system for generating proofs in higher
order predicate calculus. It has been in experimental and
commercial use in several countries for a number of years.
ELLA is a hardware design language developed at the Royal
Signals and Radar Establishment (RSRE) and marketed by Computer
General Electronic Design. It supports simulation models at a
variety of different abstraction levels.
A preliminary methodology for reasoning about ELLA designs using
HOL is described. Our approach is to semantically embed a subset
of the ELLA language in higher order logic, and then to make
this embedding convenient to use with parsers and
pretty-printers. There are a number of semantic issues that may
affect the ease of verification. We discuss some of these
briefly. We also give a simple example to illustrate the
methodology.
cam.ac.uk//UCAM-CL-TR-200
2018-03-27
Type classes and overloading resolution via order-sorted
unification
Nipkow, Tobias
Snelting, Gregor
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-200
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-201
2016-07-22
Formalizing abstraction mechanisms for hardware
verification in higher order logic
Melham, Thomas Frederick
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-201
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-201.pdf
Recent advances in microelectronics have given designers of
digital hardware the potential to build devices of remarkable
size and complexity. Along with this however, it becomes
increasingly difficult to ensure that such systems are free from
design errors, where complete simulation of even moderately
sized circuits is impossible. One solution to these problems is
that of hardware verification, where the functional behaviour of
the hardware is described mathematically and formal proof is
used to show that the design meets rigorous specifications of
the intended operation.
This dissertation therefore seeks to develop this, showing how
reasoning about the correctness of hardware using formal proof
can be achieved using fundamental abstraction mechanisms to
relate specifications of hardware at different levels. Therefore
a systematic method is described for defining any instance of a
wide class of concrete data types in higher order logic. This
process has been automated in the HOL theorem prover, and
provides a firm logical basis for representing data in formal
specifications.
Further, these abstractions have been developed into a new
technique for modelling the behaviour of entire classes of
hardware designs. This is based on a formal representation in
logic for the structure of circuit designs using the recursive
types defined by the above method. Two detailed examples are
presented showing how this work can be applied in practice.
Finally, some techniques for temporal abstraction are explained,
and the means for asserting the correctness of a model
containing time-dependent behaviour is described. This work is
then illustrated using a case study; the formal verification on
HOL of a simple ring communication network.
[Abstract by Nicholas Cutler (librarian), as none was submitted
with the report.]
cam.ac.uk//UCAM-CL-TR-202
2016-07-22
Three-dimensional integrated circuit layout
Harter, Andrew Charles
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-202
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-203
2018-03-27
Subtyping in Ponder (preliminary report)
de Paiva, Valeria C.V.
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-203
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-203.pdf
This note starts the formal study of the type system of the
functional language Ponder. Some of the problems of proving
soundness and completeness are discussed and some preliminary
results, about fragments of the type system, shown.
It consists of 6 sections. In section 1 we review briefly
Ponder’s syntax and describe its typing system. In section 2 we
consider a very restricted fragment of the language for which we
can prove soundness of the type inference mechanism, but not
completeness. Section 3 describes possible models of this
fragment and some related work. Section 4 describes the
type-inference algorithm for a larger fragment of Ponder and in
section 5 we come up against some problematic examples. Section
6 is a summary of further work.
cam.ac.uk//UCAM-CL-TR-204
2018-03-27
New foundations for fixpoint computations:
FIX-hyperdoctrines and the FIX-logic
Crole, Roy L.
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-204
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-204.ps.gz
This paper introduces a new higher-order typed constructive
predicate logic for fixpoint computations, which exploits the
categorical semantics of computations introduced by Moggi and
contains a strong version of Martin Löf’s ‘iteration type’. The
type system enforces a separation of computations from values.
The logic contains a novel form of fixpoint induction and can
express partial and total correctness statements about
evaluation of computations to values. The constructive nature of
the logic is witnessed by strong metalogical properties which
are proved using a category-theoretic version of the ‘logical
relations’ method.
cam.ac.uk//UCAM-CL-TR-205
2017-07-13
Logic programming, functional programming and inductive
definitions
Paulson, Lawrence C.
Smith, Andrew W.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-205
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-205.pdf
This paper reports an attempt to combine logic and functional
programming. It also questions the traditional view that logic
programming is a form of first-order logic, arguing instead that
the essential nature of a logic program is an inductive
definition. This revised view of logic programming suggests the
design of a combined logic/functional language. A slow but
working prototype is described.
cam.ac.uk//UCAM-CL-TR-206
2018-04-02
Formal verification of real-time protocols using higher
order logic
Cardell-Oliver, Rachel
University of Cambridge, Computer Laboratory
1990-08
en
Text
UCAM-CL-TR-206
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-207
2016-07-22
Video replay in computer animation
Hawkins, Stuart Philip
University of Cambridge, Computer Laboratory
1990-10
en
Text
UCAM-CL-TR-207
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-208
2017-07-06
Categorical combinators for the calculus of
constructions
Ritter, Eike
University of Cambridge, Computer Laboratory
1990-10
en
Text
UCAM-CL-TR-208
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-209
2016-07-22
Efficient memory-based learning for robot
control
Moore, Andrew William
University of Cambridge, Computer Laboratory
1990-11
en
Text
UCAM-CL-TR-209
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-209.pdf
This dissertation is about the application of machine learning
to robot control. A system which has no initial model of the
robot/world dynamics should be able to construct such a model
using data received through its sensors—an approach which is
formalized here as the SAB (State-Action-Behaviour) control
cycle. A method of learning is presented in which all the
experiences in the lifetime of the robot are explicitly
remembered. The experiences are stored in a manner which permits
fast recall of the closest previous experience to any new
situation, thus permitting very quick predictions of the effects
of proposed actions and, given a goal behaviour, permitting fast
generation of a candidate action. The learning can take place in
high-dimensional non-linear control spaces with real-valued
ranges of variables. Furthermore, the method avoids a number of
shortcomings of earlier learning methods in which the controller
can become trapped in inadequate performance which does not
improve. Also considered is how the system is made resistant to
noisy inputs and how it adapts to environmental changes. A well
founded mechanism for choosing actions is introduced which
solves the experiment/perform dilemma for this domain with
adequate computational efficiency, and with fast convergence to
the goal behaviour. The dissertation explains in detail how the
SAB control cycle can be integrated into both low and high
complexity tasks. The methods and algorithms are evaluated with
numerous experiments using both real and simulated robot
domains. The final experiment also illustrates how a compound
learning task can be structured into a hierarchy of simple
learning tasks.
cam.ac.uk//UCAM-CL-TR-210
2018-03-27
Higher-order unification, polymorphism, and
subsorts
Nipkow, Tobias
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-210
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-211
2017-07-13
The role of artificial intelligence in information
retrieval
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1990-11
en
Text
UCAM-CL-TR-211
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-212
2018-03-27
A distributed and-or parallel Prolog network
Wrench, K.L.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-212
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-213
2018-03-27
The Dialectica categories
de Paiva, Valeria Correa Vaz
University of Cambridge, Computer Laboratory
1991-01
en
Text
UCAM-CL-TR-213
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-213.pdf
This work consists of two main parts. The first one, which gives
it its name, presents an internal categorical version of Gödel’s
“Dialectica interpretation” of higher-order arithmetic. The idea
is to analyse the Dialectica interpretation using a cetegory DC
where objects are relations on objects of a basic category C and
maps are pairs of maps of C satisfying a pullback condition. If
C is finitely complete, DC exists and has a very natural
symmetric monoidal structure. If C is locally cartesian closed
then DC is symmetric monoidal closed. If we assume C with stable
and disjoint coproducts, DC has cartesian products and
weak-coproducts and satisfies a weak form of distributivity.
Using the structure above, DC is a categorical model for
intuitionistic linear logic.
Moreover if C has free monoids then DC has cofree comonoids and
the corresponding comonad “!” on DC, which has some special
properties, can be used to model the exponential “of course!” in
Intuitionistic Linear Logic. The category of “!”-coalgebras is
isomorphic to the category of comonoids in DC and, if we assume
commutative monoids in C, the “!”-Kleisli category, which is
cartesian closed, corresponds to the Diller-Nahm variant of the
Dialectica interpretation.
The second part introduces the categories GC. The objects of GC
are the same objects of DC, but morphisms are easier to handle,
since they are maps in C in opposite directions. If C is
finitely complete, the category GC exists. If C is cartesian
closed, we can define a symmetric monoidal structure and if C is
locally cartesian closed as well, we can define inernal homs in
GC that make it a symmetric monoidal closed category. Supposing
C with stable and disjoint coproducts, we can define cartesian
products and coproducts in GC and, more interesting, we can
define a dual operation to the tensor product bifunctor, called
“par”. The operation “par” is a bifunctor and has a unit “⊥”,
which is a dualising object. Using the internal hom and ⊥ we
define a contravariant functor “(−)⊥” which behaves like
negation and thus it is used to model linear negation. We show
that the category GC, with all the structure above, is a
categorical model for Linear Logic, but not exactly the
classical one.
In the last chapter a comonad and a monad are defined to model
the exponentials “!” and “?”. To define these endofunctors, we
use Beck’s distributive laws in an interesting way. Finally, we
show that the Kleisli category GC! is cartesian closed and that
the categories DC and GC are related by a Kleisli construction.
cam.ac.uk//UCAM-CL-TR-214
2018-03-27
Integrating knowledge of purpose and knowledge of
structure for design evaluation
Bradshaw, J.A.
Young, R.M.
University of Cambridge, Computer Laboratory
1991-02
en
Text
UCAM-CL-TR-214
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-215
2016-07-22
A structured approach to the verification of low level
microcode
Curzon, Paul
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-215
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-215.pdf
Errors in microprograms are especially serious since all higher
level programs on the machine depend on the microcode. Formal
verification presents one avenue which may be used to discover
such errors. Previous systems which have been used for formally
verifying microcode may be categorised by the form in which the
microcode is supplied. Some demand that it be written in a high
level microprogramming language. Conventional software
verification techniques are then applied. Other methods allow
the microcode to be supplied in the form of a memory image. It
is treated as data to an interpreter modelling the behaviour of
the microarchitecture. The proof is then performed by symbolic
execution. A third solution is for the code to be supplied in an
assembly language and modelled at that level. The assembler
instructions are converted to commands in a modelling language.
The resulting program is verified using traditional software
verification techniques.
In this dissertation I present a new universal microprogram
verification system. It achieves many of the advantages of the
other kinds of systems by adopting a hybrid approach. The
microcode is supplied as a memory image, but it is transformed
by the system to a high level program which may be verified
using standard software verification techniques. The structure
of the high level program is obtained from user supplied
documentation. I show that this allows microcode to be split
into small, independently validatable portions even when it was
not written in that way. I also demonstrate that the techniques
allow the complexity of detail due to the underlying
microarchitecture to be controlled at an early stage in the
validation process. I suggest that the system described would
combine well with other validation tools and provide help
throughout the firmware development cycle. Two case studies are
given. The first describes the verification of Gordon’s
computer. This example being fairly simple, provides a good
illustration of the techniques used by the system. The second
case study is concerned with the High Level Hardware Orion
computer which is a commercially produced machine with a fairly
complex microarchitecture. This example shows that the
techniques scale well to production microarchitectures.
cam.ac.uk//UCAM-CL-TR-216
2016-07-22
Exploiting OR-parallelism in Prolog using multiple
sequential machines
Klein, Carole Susan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-216
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-217
2016-07-22
Dynamic bandwidth management
Harita, Bhaskar Ramanathan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-217
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-218
2018-03-27
Higher-order critical pairs
Nipkow, Tobias
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-218
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-219
2018-03-27
Fairisle project working documents : Snapshot
1
Leslie, Ian M.
McAuley, Derek M.
Hayter, Mark
Black, Richard
Beller, Reto
Newman, Peter
Doar, Matthew
University of Cambridge, Computer Laboratory
1991-03
en
Text
UCAM-CL-TR-219
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-220
2016-07-22
A distributed architecture for multimedia communication
systems
Nicolaou, Cosmos Andrea
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-220
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-221
2005-06-01
Transforming axioms for data types into sequential
programs
Milne, Robert
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-221
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-221.pdf
A process is proposed for refining specifications of abstract
data types into efficient sequential implementations. The
process needs little manual intervention. It is split into three
stages, not all of which need always be carried out. The three
stages entail interpreting equalities as behavioural
equivalences, converting functions into procedures and replacing
axioms by programs. The stages can be performed as automatic
transformations which are certain to produce results that meet
the specifications, provided that simple conditions hold. These
conditions describe the adequacy of the specifications, the
freedom from interference between the procedures, and the mode
of construction of the procedures. Sufficient versions of these
conditions can be checked automatically. Varying the conditions
could produce implementations for different classes of
specification. Though the transformations could be automated,
the intermediate results, in styles of specification which cover
both functions and procedures, have interest in their own right
and may be particularly appropriate to object-oriented design.
cam.ac.uk//UCAM-CL-TR-222
2003-01-01
Extensions to coloured petri nets and their application
to protocols
Billington, Jonathan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-222
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-223
2017-07-13
Shallow processing and automatic summarising: a first
study
Gladwin, Philip
Pulman, Stephen
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1991-05
en
Text
UCAM-CL-TR-223
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-224
2018-03-27
Generalised probabilistic LR parsing of natural language
(corpora) with unification-based grammars
Briscoe, Ted
Carroll, John
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-224
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-225
2018-03-27
Categorical multirelations, linear logic and petri nets
(draft)
de Paiva, Valeria
University of Cambridge, Computer Laboratory
1991-05
en
Text
UCAM-CL-TR-225
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-225.pdf
This note presents a categorical treatment of multirelations,
which is, in a loose sense a generalisation of both our previous
work on the categories GC, and of Chu’s construction A_NC
[Barr’79]. The main motivation for writing this note was the
utilisation of the category GC by Brown and Gurr [BG90] to model
Petri nets. We wanted to extend their work to deal with
multirelations, as Petri nets are usually modelled using
multirelations pre and post. That proved easy enough and people
interested mainly in concurrency theory should refer to our
joint work [BGdP’91], this note deals with the mathematics
underlying [BGdP’91]. The upshot of this work is that we build a
model of Intuitionistic Linear Logic (without modalities) over
any symmetric monoidal category C with a distinguished object
(N, ≤, ∘, e −∘) – a closed poset. Moreover, if the category C is
cartesian closed with free monoids, we build a model of
Intuitionistic Linear Logic with a non-trivial modality ‘!’ over
it.
cam.ac.uk//UCAM-CL-TR-226
2016-07-22
A new approach for improving system
availability
Lam, Kwok-yan
University of Cambridge, Computer Laboratory
1991-06
en
Text
UCAM-CL-TR-226
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-227
2016-07-22
Priority in process calculi
Camilleri, Juanito Albert
University of Cambridge, Computer Laboratory
1991-06
en
Text
UCAM-CL-TR-227
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-228
2018-03-27
The desk area network
Hayter, Mark
McAuley, Derek
University of Cambridge, Computer Laboratory
1991-05
en
Text
UCAM-CL-TR-228
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-228.ps.gz
A novel architecture for use within an end computing system is
described. This attempts to extend the concepts used in modern
high speed networks into computer system design. A multimedia
workstation is being built based on this concept to evaluate the
approach.
cam.ac.uk//UCAM-CL-TR-229
2003-01-01
Abstraction of image and pixel : The thistle display
system
Brown, David J.
University of Cambridge, Computer Laboratory
1991-08
en
Text
UCAM-CL-TR-229
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-230
2018-03-19
Proceedings of the Second Belief Representation and
Agent Architectures Workshop (BRAA ’91)
Galliers, J.
University of Cambridge, Computer Laboratory
1991-08
en
Text
UCAM-CL-TR-230
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-231
2016-07-22
Managing the order of transactions in widely-distributed
data systems
Yahalom, Raphael
University of Cambridge, Computer Laboratory
1991-08
en
Text
UCAM-CL-TR-231
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-232
2011-05-27
Mechanising set theory
Corella, Francisco
University of Cambridge, Computer Laboratory
1991-07
en
Text
UCAM-CL-TR-232
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-232.pdf
Set theory is today the standard foundation of mathematics, but
most proof development sysems (PDS) are based on type theory
rather than set theory. This is due in part to the difficulty of
reducing the rich mathematical vocabulary to the economical
vocabulary of the set theory. It is known how to do this in
principle, but traditional explanations of mathematical
notations in set theoretic terms do not lead themselves easily
to mechanical treatment.
We advocate the representation of mathematical notations in a
formal system consisting of the axioms of any version of
ordinary set theory, such as ZF, but within the framework of
higher-order logic with λ-conversion (H.O.L.) rather than
first-order logic (F.O.L.). In this system each notation can be
represented by a constant, which has a higher-order type when
the notation binds variables. The meaning of the notation is
given by an axiom which defines the representing constant, and
the correspondence between the ordinary syntax of the notation
and its representation in the formal language is specified by a
rewrite rule. The collection of rewrite rules comprises a
rewriting system of a kind which is computationally well
behaved.
The formal system is justified by the fact than set theory
within H.O.L. is a conservative extension of set theory within
F.O.L. Besides facilitating the representation of notations, the
formal system is of interestbecause it permits the use of
mathematical methods which do not seem to be available in set
theory within F.O.L.
A PDS, called Watson, has been built to demonstrate this
approach to the mechanization of mathematics. Watson embodies a
methodology for interactive proof which provides both
flexibility of use and a relative guarantee of correctness.
Results and proofs can be saved, and can be perused and modified
with an ordinary text editor. The user can specify his own
notations as rewrite rules and adapt the mix of notations to
suit the problem at hand; it is easy to switch from one set of
notations to another. As a case study, Watson has been used to
prove the correctness of a latch implemented as two
cross-coupled nor-gates, with an approximation of time as a
continuum.
cam.ac.uk//UCAM-CL-TR-233
2018-03-27
A development environment for large natural language
grammars
Carroll, John
Briscoe, Ted
Grover, Claire
University of Cambridge, Computer Laboratory
1991-07
en
Text
UCAM-CL-TR-233
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-234
2017-07-13
Two tutorial papers: Information retrieval &
Thesaurus
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1991-08
en
Text
UCAM-CL-TR-234
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-234.pdf
The first paper describes the characteristics of information
retrieval from documents or texts, the development and status of
automatic indexing and retrieval, and the actual and potential
relations between information retrieval and artificial
intelligence. The second paper discusses the properties,
construction and actual and potential uses of thesauri, as
semantic classifications or terminological knowledge bases, in
information retrieval and natural language processing.
cam.ac.uk//UCAM-CL-TR-235
2016-07-22
Modelling and image generation
Wang, Heng
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-235
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-236
2020-01-28
Using knowledge of purpose and knowledge of structure as
a basis for evaluating the behaviour of mechanical
systems
Bradshaw, John Anthony
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-236
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-237
2003-01-01
Computing presuppositions in an incremantal language
processing system
Bridge, Derek G.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-237
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-238
2018-03-27
Proceedings of the ACQUILEX Workshop on Default
Inheritance in the lexicon
Briscoe, Ted
Copestake, Ann
de Paiva, Valeria
University of Cambridge, Computer Laboratory
1991-10
en
Text
UCAM-CL-TR-238
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-239
2016-09-19
Planning multisentential English text using
communicative acts
Maybury, Mark Thomas
University of Cambridge, Computer Laboratory
1991-12
en
Text
UCAM-CL-TR-239
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-239.pdf
The goal of this research is to develop explanation presentation
mechanisms for knowledge based systems which enable them to
define domain terminology and concepts, narrate events,
elucidate plans, processes, or propositions and argue to support
a claim or advocate action. This requires the development of
devices which select, structure, order and then linguistically
realize explanation content as coherent and cohesive English
text.
With the goal of identifying generic explanation presentation
strategies, a wide range of naturally occurring texts were
analyzed with respect to their communicative structure,
function, content and intended effects on the reader. This
motivated an integrated theory of communicative acts which
characterizes text at the level of rhetorical acts (e.g.
describe, define, narrate), illocutionary acts (e.g. inform,
request), and locutionary acts (ask, command). Taken as a whole,
the identified communicative acts characterize the structure,
content and intended effects of four types of text: description,
narration, exposition, argument. These text types have distinct
effects such as getting the reader to know about entities, to
know about events, to understand plans, processes, or
propositions, or to believe propositions or want to perform
actions. In addition to identifying the communicative function
and effect of text at multiple levels of abstraction, this
dissertation details a tripartite theory of focus of attention
(discourse focus, temporal focus and spatial focus) which
constrains the planning and linguistic realization of text.
To test the integrated theory of communicative acts and
tripartite theory of focus of attention, a text generation
system TEXPLAN (Textual EXplanation PLANner) was implemented
that plans and linguistically realizes multisentential and
multiparagraph explanations from knowledge based systems. The
communicative acts identified during text analysis were
formalized over sixty compositional and (in some cases)
recursive plan operators in the library of a hierarchical
planner. Discourse, temporal and spatial models were implemented
to track and use attentional information to guide the
organization and realization of text. Because the plan operators
distinguish between the communicative function (e.g. argue for a
proposition) and the expected effect (e.g. the reader believes
the proposition) of communicative acts, the system is able to
construct a discourse model of the structure and function of its
textual responses as well as a user model of the expected
effects of its responses on the reader’s knowledge, beliefs, and
desires. The system uses both the discourse model and user model
to guide subsequent utterances. To test its generality, the
system was interfaced to a variety of domain applications
including a neuropsychological diagnosis system, a mission
planning system, and a knowledge based mission simulator. The
system produces descriptions, narratives, expositions and
arguments from these applications, thus exhibiting a broader
ranger of rhetorical coverage then previous text generation
systems.
cam.ac.uk//UCAM-CL-TR-240
2018-03-27
Symbolic compilation and execution of programs by proof:
a case study in HOL
Camilleri, Juanito
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-240
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-241
2016-07-22
Learning in large state spaces with an application to
biped robot walking
Vogel, Thomas Ulrich
University of Cambridge, Computer Laboratory
1991-12
en
Text
UCAM-CL-TR-241
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-242
2020-01-28
An object-oriented approach to virtual memory
management
Mapp, Glenford Ezra
University of Cambridge, Computer Laboratory
1992-01
en
Text
UCAM-CL-TR-242
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-242.pdf
Advances in computer technology are being pooled together to
form a new computing environment which is characterised by
powerful workstations with vast amounts of memory connected to
high speed networks. This environment will provide a large
number of diverse services such as multimedia communications,
expert systems and object-oriented databases. In order to
develop these complex applications in an efficient manner, new
interfaces are required which are simple, fast and flexible and
allow the programmer to use an object-oriented approach
throughout the design and implementation of an application.
Virtual memory techniques are increasingly being used to build
these new facilities.
In addition since CPU speeds continue to increase faster than
disk speeds, an I/O bottleneck may develop in which the CPU may
be idle for long periods waiting for paging requests to be
satisfied. To overcome this problem it is necessary to develop
new paging algorithms that better reflect how different objects
are used. Thus a facility to page objects on a per-object basis
is required and a testbed is also needed to obtain experimental
data on the paging activity of different objects.
Virtual memory techniques, previously only used in mainframe and
minicomputer architectures, are being employed in the memory
management units of modern microprocessors. With very large
address spaces becoming a standard feature of most systems, the
use of memory mapping is seen as an effective way of providing
greater flexibility as well as improved system efficiency.
This thesis presents an object-oriented interface for memory
mapped objects. Each object has a designated object type.
Handles are associated with different object types and the
interface allows users to define and manage new object types.
Moving data between the object and its backing store is done by
user-level processes called object managers. Object managers
interact with the kernel via a specified interface thus allowing
users to build their own object managers. A framework to compare
different algorithms was also developed and an experimental
testbed was designed to gather and analyse data on the paging
activity of various programs. Using the testbed, conventional
paging algorithms were applied to different types of objects and
the results were compared. New paging algorithms were designed
and implemented for objects that are accessed in a highly
sequential manner.
cam.ac.uk//UCAM-CL-TR-243
2017-07-13
Automating the librarian: a fundamental approach using
belief revision
Cawsey, Alison
Galliers, Julia
Reece, Stenev
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1992-01
en
Text
UCAM-CL-TR-243
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-244
2018-03-27
A mechanized theory of the π-calculus in HOL
Melham, T.F.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-244
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-245
2016-07-22
System support for multi-service traffic
Dixon, Michael J.
University of Cambridge, Computer Laboratory
1992-01
en
Text
UCAM-CL-TR-245
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-245.pdf
Digital network technology is now capable of supporting the
bandwidth requirements of diverse applications such as voice,
video and data (so called multi-service traffic). Some media,
for example voice, have specific transmission requirements
regarding the maximum packet delay and loss which they can
tolerate. Problems arise when attempting to multiplex such
traffic over a single channel. Traditional digital networks
based on the Packet- (PTM) and Synchronous- (STM) Transfer Modes
prove unsuitable due to their media access contention and
inflexible bandwidth allocation properties respectively. The
Asynchronous Transfer Mode (STM) has been proposed as a
compromise between the PTM and STM techniques. The current state
of multimedia research suggests that a significant amount of
multi-service traffic will be handled by computer operating
systems. Unfortunately conventional operating systems are
largely unsuited to such a task. This dissertation is concerned
with the system organisation necessary in order to extend the
benefits of ATM networking through the endpoint operating system
and up to the application level. A locally developed
micro-kernel, with ATM network protocol support, has been used
as a testbed for the ideas presented. Practical results over
prototype ATM networks, including the 512 MHz Cambridge Backbone
Network, are presented.
cam.ac.uk//UCAM-CL-TR-246
2016-07-22
A relevance-based utterance processing system
Poznański, Victor
University of Cambridge, Computer Laboratory
1992-02
en
Text
UCAM-CL-TR-246
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-246.pdf
This thesis presents a computational interpretation of Sperber
and Wilson’s relevance theory, based on the use of non-monotonic
logic supported by a reason maintenance system, and shows how
the theory, when given a specific form in this way, can provide
a unique and interesting account of discourse processing.
Relevance theory is a radical theory of natural language
pragmatics which attempts to explain the whole of human
cognition using a single maxim: the Principle of Optimal
Relevance. The theory is seen by its originators as a
computationally more adequate alternative to Gricean pragmatics.
Much as it claims to offer the advantage of a unified approach
to utterance comprehension, Relevance Theory is hard to evaluate
because Sperber and Wilson only provide vague, high-level
descriptions of vital aspects of their theory. For example, the
fundamental idea behind the whole theory is that, in trying to
understand an utterance, we attempt to maximise significant new
information obtained from the utterance whilst consuming as
little cognitive effort as possible. However, Sperber and Wilson
do not make the nature of information and effort sufficiently
clear.
Relevance theory is attractive as a general theory of human
language communication and as a potential framework for
computational language processing systems. The thesis seeks to
clarify and flesh out the problem areas in order to develop a
computational implementation which is used to evaluate the
theory.
The early chapters examine and criticise the important aspects
of the theory, emerging with a schema for an ideal
relevance-based system. Crystal, a computational implementation
of an utterance processing system based on this schema is then
described. Crystal performs certain types of utterance
disambiguation and reference resolution, and computes
implicatures according to relevance theory.
An adequate reasoning apparatus is a key component of a
relevance based discourse processor, so a suitable knowledge
representation and inference engine are required. Various
candidate formalisms are considered, and a knowledge
representation and inference engine based on autoepistemic logic
is found to be the most suitable. It is then shown how this
representation can be used to meet particular discourse
processing requirements, and how it provides a convenient
interface to a separate abduction system that supplies not
demonstrative inferences according to relevence theory.
Crystal’s powers are illustrated with examples, and the thesis
shows how the design not only implements the less precise areas
of Sperber and Wilson’s theory, but overcomes problems with the
theory itself.
Crystal uses rather crude heuristics to model notions such as
salience and degrees of belief. The thesis thefore presents a
proposal and outline for a new kind of reason maintenance system
that supports non-monotonic logic whose formulae re labelled
with upper/lower probability ranges intended to represent
strength of belief. This system should facilitate measurements
of change in semantic information and shed some light on notions
such as expected utility and salience.
The thesis concludes that the design and implementation of
crystal provide evidence that relevance theory, as a generic
theory of language processing, is a viable alternative theory of
pragmatics. It therefore merits a greater level of investigation
than has been applied to it to date.
cam.ac.uk//UCAM-CL-TR-247
2016-07-22
Programming metalogics with a fixpoint type
Crole, Roy Luis
University of Cambridge, Computer Laboratory
1992-02
en
Text
UCAM-CL-TR-247
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-248
2018-03-27
On efficiency in theorem provers which fully expand
proofs into primitive inferences
Boulton, Richard J.
University of Cambridge, Computer Laboratory
1992-02
en
Text
UCAM-CL-TR-248
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-248.dvi.gz
Theorem Provers which fully expand proofs into applications of
primitive inference rules can be made highly secure, but have
been criticized for being orders of magnitude slower than many
other theorem provers. We argue that much of this relative
inefficiency is due to the way proof procedures are typically
written and not all is inherent in the way the systems work. We
support this claim by considering a proof procedure for linear
arithmetic. We show that straightforward techniques can be used
to significantly cut down the computation required. An order of
magnitude improvement in the performance is shown by an
implementation of these techniques.
cam.ac.uk//UCAM-CL-TR-249
2018-03-27
A formalisation of the VHDL simulation cycle
Van Tassel, John P.
University of Cambridge, Computer Laboratory
1992-03
en
Text
UCAM-CL-TR-249
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-249.pdf
The VHSIC Hardware Description Language (VHDL) has been gaining
wide acceptance as a unifying HDL. It is, however, still a
language in which the only way of validating a design is by
careful simulation. With the aim of better understanding VHDL's
particular simulation process and eventually reasoning about it,
we have developed a formalisation of VHDL's simulation cycle for
a subset of the language. It has also been possible to embed our
semantics in the Cambridge Higher-Order Logic (HOL) system and
derive interesting properties about specific VHDL programs.
cam.ac.uk//UCAM-CL-TR-250
2017-07-06
TouringMachines: autonomous agents with
attitudes
Ferguson, Innes A.
University of Cambridge, Computer Laboratory
1992-04
en
Text
UCAM-CL-TR-250
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-250.ps.gz
It is becoming widely accepted that neither purely reactive nor
purely deliberative control techniques are capable of producing
the range of behaviours required of intelligent robotic agents
in dynamic, unpredictable, multi-agent worlds. We present a new
architecture for controlling autonomous, mobile agents –
building on previous work addressing reactive and deliberative
control methods. The proposed multi-layered control architecture
allows a resource-bounded, goal-directed agent to react
promptlyto unexpected changes in its environment; at the same
time it allows the agent to reason predictively about potential
conflicts by contrasting and projecting theories which
hypothesise other agents’ goals and intentions.
The line of research adopted is very much a pragmatic one. A
single common architecture has been implemented which, being
extensively parametrized allows an experimenter to study
functionally- and behaviourally-diverse agent configurations. A
principal aim of this research is to understand the role
different functional capabilities play in constraining an
agent's behaviour under varying environmental conditions. To
this end, we have constructed an experimental testbed comprising
a simulated multi-agent world in which a variety of agent
configurations and bahaviours have been investigated. Some
experience with the new control architecture is described.
cam.ac.uk//UCAM-CL-TR-251
2020-01-28
Multipoint digital video communications
Jiang, Xiaofeng
University of Cambridge, Computer Laboratory
1992-04
en
Text
UCAM-CL-TR-251
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-252
2017-07-13
A co-induction principle for recursively defined
domains
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-252
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-252.ps.gz
This paper establishes a new property of predomains recursively
defined using the cartesian product, disjoint union, partial
function space and convex powerdomain constructors. We prove
that the partial order on such a recuirsive predomain D is the
greatest fixed point of a certain monotone operator associated
to D. This provides a structurally defined family of proof
principles for these recursive predomains: to show that one
element of D approximates another, it suffices to find a binary
relation containing the two elements that is a post-fixed point
for the associated monotone operator. The statement of the proof
principles is independent of any of the various methods
available for explicit construction of recursive predomains.
Following Milner and Tofte, the method of proof is called
co-induction. It closely resembles the way bisimulations are
used in concurrent process calculi.
Two specific instances of the co-induction principle already
occur in the work of Abramsky in the form of ‘internal full
abstraction’ theorems for denotational semantics of SCCS and the
lazy lambda calculus. In the first case post-fixed binary
relations are precisely Abramsky’s partial bisimulations,
whereas in the second case they are his applicative
bisimulations. The coinduction principle also provides an
apparently useful tool for reasoning about the equality of
elements of recursively defined datatypes in (strict or lazy)
higher order functional programming languages.
cam.ac.uk//UCAM-CL-TR-253
2003-01-01
The (other) Cambridge ACQUILEX papers
Sanfilippo, Antonio
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-253
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-254
2018-03-27
A HOL semantics for a subset of ELLA
Boulton, Richard J.
University of Cambridge, Computer Laboratory
1992-04
en
Text
UCAM-CL-TR-254
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-254.dvi.gz
Formal verification is an important tool in the design of
computer systems, especially when the systems are safety or
security critical. However, the formal techniques currently
available are not well integrated into the set of tools more
traditionally used by designers. This work is aimed at improving
the integration by providing a formal semantics for a subset of
the hardware description language ELLA, and by supporting this
semantics in the HOL theorem proving system, which has been used
extensively for hardware verification.
A semantics for a subset of ELLA is described, and an outline of
a proof of the equivalence of parallel and recursive
implementations of an n-bit adder is given as an illustration of
the semantics. The proof has been performed in an extension of
the HOL system. Some proof tools written to support the
verification are also described.
cam.ac.uk//UCAM-CL-TR-255
2016-07-22
The formal verification of hard real-time
systems
Cardell-Oliver, Rachel Mary
University of Cambridge, Computer Laboratory
1992
en
Text
UCAM-CL-TR-255
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-256
2017-07-13
MCPL programming manual
Richards, Martin
University of Cambridge, Computer Laboratory
1992-05
en
Text
UCAM-CL-TR-256
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-257
2018-03-27
Cut-free sequent and tableau systems for propositional
normal modal logics
Goré, Rajeev Prakhakar
University of Cambridge, Computer Laboratory
1992-05
en
Text
UCAM-CL-TR-257
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-257.pdf
We present a unified treatment of tableau, sequent and axiomatic
formulations for many propositional normal modal logics, thus
unifying and extending the work of Hanson, Segerberg, Zeman,
Mints, Fitting, Rautenberg and Shvarts. The primary emphasis is
on tableau systems as the completeness proofs are easier in this
setting. Each tableau system has a natural sequent analogue
defining a finitary provability relation for each axiomatically
formulated logic L. Consequently, any tableau proof can be
converted into a sequent proof which can be read downwards to
obtain an axiomatic proof. In particular, we present cut-free
sequent systems for the logics S4.3, S4.3.1 and S4.14. These
three logics have important temporal interpretations and the
sequent systems appear to be new.
All systems are sound and (weakly) complete with respect to
their known finite frame Kripke semantics. By concentrating
almost exclusively on finite tree frames we obtain finer
characterisation results, particularly for the logics with
natural temporal interpretations. In particular, all proofs of
tableau completeness are constructive and yield the finite model
property and decidability for each logic.
Most of these systems are cut-free giving a Gentzen
cut-elimination theorem for the logic in question. But even when
the cut rule is required, all uses of it remain analytic. Some
systems do not possess the subformula property. But in all such
cases the class of “superformulae” remains bounded, giving an
analytic superformula property. Thus all systems remain totally
amenable to computer implementation and immediately serve as
nondeterministic decision procedures for the logics they
formulate. Furthermore, the constructive completeness proofs
yield deterministic decision procedures for all the logics
concerned.
In obtaining these systems we domonstrate that the subformula
property can be broken in a systematic and analytic way while
still retaining decidability. This should not be surprising
since it is known that modal logic is a form of second order
logic and that the subformula property does not hold for higher
order logics.
cam.ac.uk//UCAM-CL-TR-258
2017-07-06
Private ATM networks
Greaves, David J.
McAuley, Derek
University of Cambridge, Computer Laboratory
1992-05
en
Text
UCAM-CL-TR-258
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-259
2017-07-06
Full abstraction in the Lazy Lambda Calculus
Abramsky, Samson
Ong, C.-H. Luke
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-259
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-260
2003-01-01
Local computation of alternating fixed-points
Anderson, Henrik Reif
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-260
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-261
2016-07-22
Image resampling
Dodgson, Neil Anthony
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-261
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-261.pdf
Image resampling is the process of geometrically transforming
digital images. This report considers several aspects of the
process.
We begin by decomposing the resampling process into three
simpler sub-processes: reconstruction of a continuous intensity
surface from a discrete image, transformation of that continuous
surface, and sampling of the transformed surface to produce a
new discrete image. We then consider the sampling process, and
the subsidiary problem of intensity quantisation. Both these are
well understood, and we present a summary of existing work,
laying a foundation for the central body of the report where the
sub-process of reconstruction is studied.
The work on reconstruction divides into four parts, two general
and two specific:
1. Piecewise local polynomials: the most studied group of
reconstructors. We examine these, and the criteria used in their
design. One new derivation is of two piecewise local quadratic
reconstructors.
2. Infinite extent reconstructors: we consider these and their
local approximations, the problem of finite image size, the
resulting edge effects, and the solutions to these problems.
Amongst the reconstructors discussed are the interpolating cubic
B-spline and the interpolating Bezier cubic. We derive the
filter kernels for both of these, and prove that they are the
same. Given this kernel we demonstrate how the interpolating
cubic B-spline can be extended from a one-dimensional to a
two-dimensional reconstructor, providing a considerable speed
improvement over the existing method of extension.
3. Fast Fourier transform reconstruction: it has long been known
that the fast Fourier transform (FFT) can be used to generate an
approximation to perfect scaling of a sample set. Donald Fraser
(in 1987) took this result and generated a hybrid FFT
reconstructor which can be used for general transformations, not
just scaling. We modify Fraser’s method to tackle two major
problems: its large time and storage requirements, and the edge
effects it causes in the reconstructed intensity surface.
4. A priori knowledge reconstruction: first considering what can
be done if we know how the original image was sampled, and then
considering what can be done with one particular class of image
coupled with one particular type of sampling. In this latter
case we find that exact reconstruction of the image is possible.
This is a surprising result as this class of images cannot be
exactly reconstructed using classical sampling theory.
The final section of the report draws all of the strands
together to discuss transformations and the resampling process
as a whole. Of particular note here is work on how the quality
of different reconstruction and resampling methods can be
assessed.
cam.ac.uk//UCAM-CL-TR-262
2019-03-11
Term assignment for intuitionistic linear logic
(preliminary report)
Benton, Nick
Bierman, Gavin
de Paiva, Valeria
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-262
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-262.pdf
In this paper we consider the problem of deriving a term
assignment system for Girard’s Intuitionistic Linear Logic for
both the sequent calculus and natural deduction proof systems.
Our system differs from previous calculi (e.g. that of Abramsky)
and has two important properties which they lack. These are the
substitution property (the set of valid deductions is closed
under substitution) and subject reduction (reduction on terms is
well typed).
We define a simple (but more general than previous proposals)
categorical model for Intuitionistic Linear Logic and show how
this can be used to derive the term assignment system.
We also consider term reduction arising from cut-elimination in
the sequent calculus and normalisation in natural deduction. We
explore the relationship between these, as well as with the
equations which follow from our categorical model.
cam.ac.uk//UCAM-CL-TR-263
2018-04-23
The Lazy Lambda Calculus: an investigation into the
foundations of functional programming
Ong, C.-H. Luke
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-263
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-264
2018-03-27
CCS with environmental guards
Camilleri, Juanito
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-264
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-265
2018-03-27
Reasoning with inductively defined relations in the HOL
theorem prover
Camilleri, Juanito
Melham, Tom
University of Cambridge, Computer Laboratory
1992-08
en
Text
UCAM-CL-TR-265
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-266
2017-07-13
Automatic exploitation of OR-parallelism in
Prolog
Klein, Carole
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-266
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-267
2017-07-06
Untyped strictness analysis
Ernoult, Christine
Mycroft, Alan
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-267
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-268
2003-01-01
Network file server design for continuous
media
Jardetzky, Paul W.
University of Cambridge, Computer Laboratory
1992-10
en
Text
UCAM-CL-TR-268
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-268.ps.gz
This dissertation concentrates on issues related to the
provision of a network based storage facility for digital audio
and video data. The goal is to demonstrate that a distributed
file service in support of these media may be built without
special purpose hardware. The main objective is to identify
those parameters that affect file system performance and provide
the criteria for making desirable design decisions.
cam.ac.uk//UCAM-CL-TR-269
2017-07-06
Optimising compilation
Mycroft, Alan
Norman, Arthur
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-269
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-270
2016-07-22
Designing a universal name service
Ma, Chaoying
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-270
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-270.pdf
Generally speaking, naming in computing systems deals with the
creation of object identifiers at all levels of system
architecture and the mapping among them. Two of the main
purposes of having names in computer systems are (a) to identify
objects; (b) to accomplish sharing. Without naming no computer
system design can be done.
The rapid development in the technology of personal workstations
and computer communication networks has placed a great number of
demands on designing large computer naming systems. In this
dissertation, issues of naming in large distributed computing
systems are addressed. Technical aspects as well as system
architecture are examined. A design of a Universal Name Service
(UNS) is proposed and its prototype implementation is described.
Three major issues on designing a global naming system are
studied. Firstly, it is observed that none of the existing name
services provides enough flexibility in restructuring name
spaces, more research has to be done. Secondly it is observed
that although using stale naming data (hints) at the application
level is acceptable in most cases as long as it is detectable
and recoverable, stronger naming data integrity should be
maintained to provide a better guarantee of finding objects,
especially when a high degree of availability is required.
Finally, configuring the name service is usually done in an ad
hoc manner, leading to unexpected interruptions or a great deal
of human intervention when the system is reconfigured. It is
necessary to make a systematic study of automatic configuration
and reconfiguration of name services.
This research is based on a distributed computing model, in
which a number of computers work cooperatively to provide the
service. The contributions include: (a) the construction of a
Globally Unique Directory Identifier (GUDI) name space. Flexible
name space restructuring is supported by allowing directories to
be added to or removed from the GUDI name space. (b) The
definition of a two class name service infrastructure which
exploits the semantics of naming. It makes the UNS replication
control more robust, reliable as well as highly available. (c)
The identification of two aspects in the name service
configuration: one is concerned with the replication
configuration, and the other is concerned with the server
configuration. It is notable that previous work only studied
these two aspects individually but not in combination. A
distinguishing feature of the UNS is that both issues are
considered at the design stage and novel methods are used to
allow dynamic service configuration to be done automatically and
safely.
cam.ac.uk//UCAM-CL-TR-271
2017-07-13
Set theory as a computational logic: I. from foundations
to functions
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1992-11
en
Text
UCAM-CL-TR-271
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-271.pdf
A logic for specification and verification is derived from the
axioms of Zermelo-Fraenkel set theory. The proofs are performed
using the proof assistant Isabelle. Isabelle is generic,
supporting several different logics. Isabelle has the
flexibility to adapt to variants of set theory. Its higher-order
syntax supports the definition of new binding operators.
Unknowns in subgoals can be instantiated incrementally. The
paper describes the derivation of rules for descriptions,
relations and functions, and discusses interactive proofs of
Cantor’s Theorem, the Composition of Homomorphisms challenge,
and Ramsey’s Theorem. A generic proof assistant can stand up
against provers dedicated to particular logics.
cam.ac.uk//UCAM-CL-TR-272
2016-07-22
Interactive program derivation
Coen, Martin David
University of Cambridge, Computer Laboratory
1992-11
en
Text
UCAM-CL-TR-272
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-272.pdf
As computer programs are increasingly used in safety critical
applications, program correctness is becoming more important; as
the size and complexity of programs increases, the traditional
approach of testing is becoming inadequate. Proving the
correctness of programs written in imperative languages is
awkward; functional programming languages, however, offer more
hope. Their logical structure is cleaner, and it is practical to
reason about terminating functional programs in an internal
logic.
This dissertation describes the development of a logical theory
called TPT for reasoning about the correctness of terminating
functional programs, its implementation using the theorem prover
Isabelle, and its use in proving formal correctness. The theory
draws both from Martin-Löf’s work in type theory and Manna and
Waldinger’s work in program synthesis. It is based on classical
first-order logic, and it contains terms that represent classes
of behaviourally equivalent programs, types that denote sets of
terminating programs and well-founded orderings. Well-founded
induction is used to reason about general recursion in a natural
way and to separate conditions for termination from those for
correctness.
The theory is implemented using the generic theorem prover
Isabelle, which allows correctness proofs to be checked by
machine and partially automated using tactics. In particular,
tactics for type checking use the structure of programs to
direct proofs. Type checking allows both the verification and
derivation of programs, reducing specifications of correctness
to sets of correctness conditions. These conditions can be
proved in typed first-order logic, using well-known techniques
of reasoning by induction and rewriting, and then lifted up to
TPT. Examples of program termination are asserted and proved,
using simple types. Behavioural specifications are expressed
using dependent types, and the correctness of programs asserted
and then proved. As a non-trivial example, a unification
algorithm is specified and proved correct by machine.
The work in this dissertation clearly shows how a classical
theory can be used to reason about program correctness, how
general recursion can be reasoned about, and how programs can
direct proofs of correctness.
cam.ac.uk//UCAM-CL-TR-273
2016-07-22
TouringMachines: an architecture for dynamic, rational,
mobile agents
Ferguson, Innes A.
University of Cambridge, Computer Laboratory
1992-11
en
Text
UCAM-CL-TR-273
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-273.pdf
It is becoming widely accepted that neither purely reactive nor
purely deliberative control techniques are capable of producing
the range of behaviours required of intelligent computational or
robotic agents in dynamic, unpredictable, multi-agent worlds. We
present a new architecture for controlling autonomous, mobile
agents – building on previous work addressing reactive and
deliberative control methods. The proposed multi-layered control
architecture allows a resource-bounded, goal-directed agent to
react promptly to unexpected changes in its environment; at the
same time it enables the agent to reason predictively about
potential conflicts by constructing and projecting causal models
or theories which hypothesise other agents’ goals and
intentions.
The line of research adopted is very much a pragmatic one. A
single, common architecture has been implemented which, being
extensively parametrized, allows an experimenter to study
functionally- and behaviourally-diverse agent configurations. A
principal aim of this research is to understand the role
different functional capabilities play in constraining an
agent’s behaviour under varying environmental conditions. To
this end, we have constructed an experimental testbed comprising
a simulated multi-agent world in which a variety of agent
configurations and behaviours have been investigated. Experience
with the new control architecture is described.
cam.ac.uk//UCAM-CL-TR-274
2018-03-27
Of what use is a verified compiler
specification?
Curzon, Paul
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-274
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-275
2018-03-27
Exploratory learning in the game of GO
Pell, Barney
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-275
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-275.ps.gz
This paper considers the importance of exploration to
game-playing programs which learn by playing against opponents.
The central question is whether a learning program should play
the move which offers the best chance of winning the present
game, or if it should play the move which has the best chance of
providing useful information for future games. An approach to
addressing this question is developed using probability theory,
and then implemented in two different learning methods. Initial
experiments in the game of Go suggest that a program which takes
exploration into account can learn better against a
knowledgeable opponent than a program which does not.
cam.ac.uk//UCAM-CL-TR-276
2018-03-27
METAGAME: a new challenge for games and
learning
Pell, Barney
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-276
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-276.ps.gz
In most current approaches to Computer Game-Playing, including
those employing some form of machine learning, the game analysis
mainly is performed by humans. Thus, we are sidestepping largely
the interesting (and difficult) questions. Human analysis also
makes it difficult to evaluate the generality and applicability
of different approaches.
To address these problems, we introduce a new challenge:
Metagame. The idea is to write programs which take as input the
rules of a set of new games within a pre-specified class,
generated by a program which is publicly available. The programs
compete against each other in many matches on each new game, and
they can then be evaluated based on their overall performance
and improvement through experience.
This paper discusses the goals, research areas, and general
concerns for the idea of Metagame.
cam.ac.uk//UCAM-CL-TR-277
2018-03-27
METAGAME in symmetric chess-like games
Pell, Barney
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-277
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-277.ps.gz
I have implemented a game generator that generates games from a
wide but still restricted class. This class is general enough to
include most aspects of many standard games, including Chess,
Shogi, Chinese Chess, Checkers, Draughts, and many variants of
Fairy Chess. The generator, implemented in Prolog is transparent
and publicly available, and generates games using probability
distributions for parameters such as piece complexity, types of
movement, board size, and locality.
The generator is illustrated by means of a new game it produced,
which is then subjected to a simple strategic analysis. This
form of analysis suggests that programs to play Metagame well
will either learn or apply very general game-playing principles.
But because the class is still restricted, it may be possible to
develop a naive but fast program which can outplay more
sophisticated opponents. Performance in a tournament between
programs is the deciding criterion.
cam.ac.uk//UCAM-CL-TR-278
2018-03-27
A formalization of the process algebra CCS in high order
logic
Nesi, Monica
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-278
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-278.pdf
This paper describes a mechanization in higher order logic of
the theory for a subset of Milner’s CCS. The aim is to build a
sound and effective tool to support verification and reasoning
about process algebra specifications. To achieve this goal, the
formal theory for pure CCS (no value passing) is defined in the
interactive theorem prover HOL, and a set of proof tools, based
on the algebraic presentation of CCS, is provided.
cam.ac.uk//UCAM-CL-TR-279
2003-01-01
The transition assertions specification
method
Carreño, Victor A.
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-279
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-280
2017-07-13
Introduction to Isabelle
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-01
en
Text
UCAM-CL-TR-280
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-280.dvi.gz
Isabelle is a generic theorem prover, supporting formal proof in
a variety of logics. Through a variety of examples, this paper
explains the basic theory demonstrates the most important
commands. It serves as the introduction to other Isabelle
documentation.
cam.ac.uk//UCAM-CL-TR-281
2017-07-06
Pegasus project description
Mullender, Sape J.
Leslie, Ian M.
McAuley, Derek
University of Cambridge, Computer Laboratory
1992-09
en
Text
UCAM-CL-TR-281
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-282
2017-07-06
Pegasus – Operating system support for distributed
multimedia systems
Leslie, Ian M.
McAuley, Derek
Mullender, Sape J.
University of Cambridge, Computer Laboratory
1992-12
en
Text
UCAM-CL-TR-282
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-283
2017-07-13
The Isabelle reference manual
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-283
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-283.dvi.gz
This manual is a comprehensive description of Isabelle,
including all commands, functions and packages. It is intended
for reference rather than for reading through, and is certainly
not a tutorial. The manual assumes familiarity with the basic
concepts explained in Introduction to Isabelle. Functions are
organized by their purpose, by their operands (subgoals,
tactics, theorems), and by their usefulness. In each section,
basic functions appear first, then advanced functions, and
finally esoteric functions.
cam.ac.uk//UCAM-CL-TR-284
2018-03-27
The Alvey Natural Language Tools grammar (4th
Release)
Grover, Claire
Carroll, John
Briscoe, Ted
University of Cambridge, Computer Laboratory
1993-01
en
Text
UCAM-CL-TR-284
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-285
2016-07-22
Functional programming and input/output
Gordon, Andrew Donald
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-285
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-286
2017-07-13
Isabelle’s object-logics
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-286
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-286.dvi.gz
Several logics come with Isabelle. Many of them are sufficiently
developed to serve as comfortable reasoning environments. They
are also good starting points for defining new logics. Each
logic is distributed with sample proofs, some of which are
presented in the paper. The logics described include first-order
logic, Zermelo-Fraenkel set theory, higher-order logic,
constructive type theory, and the classical sequent calculus LK.
A final chapter explains the fine points of defining logics in
Isabelle.
cam.ac.uk//UCAM-CL-TR-287
2017-07-06
A mechanised definition of Silage in HOL
Gordon, Andrew D.
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-287
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-287.dvi.gz
If formal methods of hardware verification are to have any
impact on the practices of working engineers, connections must
be made between the languages used in practice to design
circuits, and those used for research into hardware
verification. Silage is a simple dataflow language marketed for
specifying digital signal processing circuits. Higher Order
Logic (HOL) is extensively used for research into hardware
verification. This paper presents a formal definition of a
substantial subset of Silage, by mapping Silage declarations
into HOL predicates. The definition has been mechanised in the
HOL theorem prover to support the transformational design of
Silage circuits as theorem proving in HOL.
cam.ac.uk//UCAM-CL-TR-288
2003-01-01
Cut-free sequent and tableau systems for propositional
Diodorean modal logics
Gore, Rajeev
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-288
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-289
2016-07-22
The semantics of noun phrase anaphora
Elworthy, David Alan Howard
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-289
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-290
2017-07-13
Discourse modelling for automatic summarising
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-290
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-291
2017-07-13
Evaluating natural language processing
systems
Galliers, J.R.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1993-02
en
Text
UCAM-CL-TR-291
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-291.ps.gz
This report presents a detailed analysis and review of NLP
evaluation, in principle and in practice. Part 1 examines
evaluation concepts and establishes a framework for NLP system
evaluation. This makes use of experience in the related area of
information retrieval and the analysis also refers to evaluation
in speech processing. Part 2 surveys significant evaluation work
done so far, for instance in machine translation, and discusses
the particular problems of generic system evaluation. The
conclusion is that evaluation strategies and techniques for NLP
need much more development, in particular to take proper account
of the influence of system tasks and settings. Part 3 develops a
general approach to NLP evaluation, aimed at
methodologically-sound strategies for test and evaluation
motivated by comprehensive performance factor identification.
The analysis throughout the report is supported by extensive
illustrative examples.
cam.ac.uk//UCAM-CL-TR-292
2016-07-22
Synchronisation services for digital continuous
media
Sreenan, Cormac John
University of Cambridge, Computer Laboratory
1993-03
en
Text
UCAM-CL-TR-292
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-292.ps.gz
The development of broadband ATM networking makes it attractive
to use computer communication networks for the transport of
digital audio and motion video. Coupled with advances in
workstation technology, this creates the opportunity to
integrate these continuous information media within a
distributed computing system. Continuous media have an inherent
temporal dimension, resulting in a set of synchronisation
requirements which have real-time constraints. This dissertation
identifies the role and position of synchronisation, in terms of
the support which is necessary in an integrated distributed
system. This work is supported by a set of experiments which
were performed in an ATM inter-network using multi-media
workstations, each equipped with an Olivetti Pandora Box.
cam.ac.uk//UCAM-CL-TR-293
2017-07-13
Objects and transactions for modelling distributed
applications: concurrency control and commitment
Bacon, Jean
Moody, Ken
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-293
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-294
2018-03-27
OPERA : Storage, programming and display of multimedia
objects
Moody, Ken
Bacon, Jean
Adly, Noha
Afshar, Mohamad
Bates, John
Feng, Huang
Hayton, Richard
Lo, Sai Lai
Schwiderski, Scarlet
Sultana, Robert
Wu, Zhixue
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-294
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-295
2018-03-27
OPERA : Storage and presentation support for multimedia
applications in a distributed, ATM network
environment
Bacon, Jean
Bates, John
Lo, Sai Lai
Moody, Ken
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-295
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-296
2018-03-27
A persistent programming language for multimedia
databases in the OPERA project
Wu, Z.
Moody, K.
Bacon, J.
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-296
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-297
2020-01-28
Categorical abstract machines for higher-order typed
lambda calculi
Ritter, Eike
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-297
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-298
2016-07-22
Multicast in the asynchronous transfer mode
environment
Doar, John Matthew Simon
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-298
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-298.ps.gz
In future multimedia communication networks, the ability to
multicast information will be useful for many new and existing
services. This dissertation considers the design of multicast
switches for Asynchronous Transfer Mode (ATM) networks and
proposes one design based upon a slotted ring. Analysis and
simulation studies of this design are presented and details of
its implementation for an experimental ATM network (Project
Fairisle) are described, together with the modifications to the
existing multi-service protocol architecture necessary to
provide multicast connections. Finally, a short study of the
problem of multicast routing is presented, together with some
simulations of the long-term effect upon the routing efficiency
of modifying the number of destinations within a multicast
group.
cam.ac.uk//UCAM-CL-TR-299
2018-03-27
Pragmatic reasoning in bridge
Gamback, Bjorn
Rayner, Manny
Pell, Barney
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-299
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-299.ps.gz
In this paper we argue that bidding in the game of Contract
Bridge can profitably be regarded as a micro-world suitable for
experimenting with pragmatics. We sketch an analysis in which a
“bidding system” is treated as the semantics of an artificial
language, and show how this “language”, despite its apparent
simplicity, is capable of supporting a wide variety of common
speech acts parallel to those in natural languages; we also
argue that the reason for the relatively unsuccessful nature of
previous attempts to write strong Bridge playing programs has
been their failure to address the need to reason explicitly
about knowledge, pragmatics, probabilities and plans. We give an
overview of Pragma, a system currently under development, which
embodies these ideas in concrete form, using a combination of
rule-based inference, stochastic simulation, and “neural-net”
learning. Examples are given illustrating the functionality of
the system in its current form.
cam.ac.uk//UCAM-CL-TR-300
2003-01-01
Formal verification of VIPER’s ALU
Wong, Wai
University of Cambridge, Computer Laboratory
1993-04
en
Text
UCAM-CL-TR-300
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-301
2018-03-27
The dual-level validation concurrency control
method
Wu, Zhixue
Moody, Ken
Bacon, Jean
University of Cambridge, Computer Laboratory
1993-06
en
Text
UCAM-CL-TR-301
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-302
2018-03-27
Logic programming for general game-playing
Pell, Barney
University of Cambridge, Computer Laboratory
1993-06
en
Text
UCAM-CL-TR-302
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-302.ps.gz
Meta-Game Playing is a new approach to games in Artificial
Intelligence, where we construct programs to play new games in a
well-defined class, which are output by an automatic game
generator. As the specific games to be played are not known in
advance, a degree of human bias is eliminated, and playing
programs are required to perform any game-specific optimisations
without human assistance.
The attempt to construct a general game-playing program is made
difficult by the opposing goals of generality and efficiency.
This paper shows how application of standard techniques in
logic-programming (abstract interpretation and partial
evaluation) makes it possible to achieve both of these goals.
Using these techniques, we can represent the semantics of a
large class of games in a general and declarative way, but then
have the program transform this representation into a more
efficient version once it is presented with the rules of a new
game. This process can be viewed as moving some of the
responsibility for game analysis (that concerned with
efficiency) from the researcher to the program itself.
cam.ac.uk//UCAM-CL-TR-303
2003-01-01
Drawing trees — a case study in functional
programming
Kennedy, Andrew
University of Cambridge, Computer Laboratory
1993-06
en
Text
UCAM-CL-TR-303
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-304
2017-07-13
Co-induction and co-recursion in higher-order
logic
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-07
en
Text
UCAM-CL-TR-304
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-304.pdf
A theory of recursive and corecursive definitions has been
developed in higher-order logic (HOL) and mechanised using
Isabelle. Least fixedpoints express inductive data types such as
strict lists; greatest fixedpoints express co-inductive data
types, such as lazy lists. Well-founded recursion expresses
recursive functions over inductive data types; co-recursion
expresses functions that yield elements of co-inductive data
types. The theory rests on a traditional formalization of
infinite trees. The theory is intended for use in specification
and verification. It supports reasoning about a wide range of
computable functions, but it does not formalize their
operational semantics and can express noncomputable functions
also. The theory is demonstrated using lists and lazy lists as
examples. The emphasis is on using co-recursion to define lazy
list functions, and on using co-induction to reason about them.
cam.ac.uk//UCAM-CL-TR-305
2018-03-27
Strong normalisation for the linear term
calculus
Benton, P.N.
University of Cambridge, Computer Laboratory
1993-07
en
Text
UCAM-CL-TR-305
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-306
2003-01-01
Recording HOL proofs
Wong, Wai
University of Cambridge, Computer Laboratory
1993-07
en
Text
UCAM-CL-TR-306
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-307
2017-07-13
Natural language processing for information
retrieval
Lewis, David D.
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1993-07
en
Text
UCAM-CL-TR-307
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-307.ps.gz
The paper summarizes the essential properties of document
retrieval and reviews both conventional practice and research
findings, the latter suggesting that simple statistical
techniques can be effective. It then considers the new
opportunities and challenges presented by the ability to search
full text directly (rather than e.g. titles and abstracts), and
suggests appropriate approaches to doing this, with a focus on
the role of natural language processing. The paper also comments
on possible connections with data and knowledge retrieval, and
concludes by emphasizing the importance of rigorous performance
testing.
cam.ac.uk//UCAM-CL-TR-308
2003-01-01
A case study of co-induction in Isabelle HOL
Frost, Jacob
University of Cambridge, Computer Laboratory
1993-08
en
Text
UCAM-CL-TR-308
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-308.pdf
The consistency of the dynamic and static semantics for a small
functional programming language was informally proved by R.
Milner and M. Tofte. The notions of co-inductive definitions and
the associated principle of co-induction played a pivotal role
in the proof. With emphasis on co-induction, the work presented
here deals with the formalisation of this result in the
higher-order logic of the generic theorem prover Isabelle.
cam.ac.uk//UCAM-CL-TR-309
2016-07-22
Strictness analysis of lazy functional
programs
Benton, Peter Nicholas
University of Cambridge, Computer Laboratory
1993-08
en
Text
UCAM-CL-TR-309
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-310
2018-03-27
HARP: a hierarchical asynchronous replication protocol
for massively replicated systems
Adly, Noha
University of Cambridge, Computer Laboratory
1993-08
en
Text
UCAM-CL-TR-310
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-310.ps.gz
This paper presents a new asynchronous replication protocol that
is especially suitable for wide area and mobile systems, and
allows reads and writes to occur at any replica. Updates reach
other replicas using a propagation scheme based on nodes
organized into a logical hierarchy. The hierarchical structure
enables the scheme to scale well for thousands of replicas,
while ensuring reliable delivery. A new service interface is
proposed that provides different levels of asynchrony, allowing
strong consistency and weak consistency to be integrated into
the same framework. Further, due to the hierarchical pattern of
propagation, the scheme provides the ability to locate replicas
that are more up-to-date than others, depending on the needs of
various applications. Also, it allows a selection from a number
of reconciliation techniques based on delivery order mechanisms.
Restructuring operations are provided to build and reconfigure
the hierarchy dynamically without disturbing normal operations.
The scheme tolerates transmission failures and network
partitions.
cam.ac.uk//UCAM-CL-TR-311
2018-03-27
A verified Vista implementation
Curzon, Paul
University of Cambridge, Computer Laboratory
1993-09
en
Text
UCAM-CL-TR-311
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-312
2017-07-13
Set theory for verification: II : Induction and
recursion
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1993-09
en
Text
UCAM-CL-TR-312
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-312.pdf
A theory of recursive definitions has been mechanized in
Isabelle’s Zermelo-Fraenkel (ZF) set theory. The objective is to
support the formalization of particular recursive definitions
for use in verification, semantics proofs and other
computational reasoning.
Inductively defined sets are expressed as least fixedpoints,
applying the Knaster-Tarski Theorem over a suitable set.
Recursive functions are defined by well-founded recursion and
its derivatives, such as transfinite recursion. Recursive data
structures are expressed by applying the Knaster-Tarski Theorem
to a set that is closed under Cartesian product and disjoint
sum.
Worked examples include the transitive closure of a relation,
lists, variable-branching trees and mutually recursive trees and
forests. The Schröder-Bernstein Theorem and the soundness of
propositional logic are proved in Isabelle sessions.
cam.ac.uk//UCAM-CL-TR-313
2003-01-01
Proof by pointing
Bertot, Yves
Kahn, Gilles
Théry, Laurent
University of Cambridge, Computer Laboratory
1993-10
en
Text
UCAM-CL-TR-313
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-314
2016-07-22
Practical unification-based parsing of natural
language
Carroll, John Andrew
University of Cambridge, Computer Laboratory
en
Text
UCAM-CL-TR-314
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-314.ps.gz
The thesis describes novel techniques and algorithms for the
practical parsing of realistic Natural Language (NL) texts with
a wide-coverage unification-based grammar of English. The thesis
tackles two of the major problems in this area: firstly, the
fact that parsing realistic inputs with such grammars can be
computationally very expensive, and secondly, the observation
that many analyses are often assigned to an input, only one of
which usually forms the basis of the correct interpretation.
The thesis starts by presenting a new unification algorithm,
justifies why it is well-suited to practical NL parsing, and
describes a bottom-up active chart parser which employs this
unification algorithm together with several other novel
processing and optimisation techniques. Empirical results
demonstrate that an implementation of this parser has
significantly better practical performance than a comparable,
state-of-the-art unification-based parser. Next, techniques for
computing an LR table for a large unification grammar are
described, a context free non-deterministic LR parsing algorithm
is presented which has better time complexity than any
previously reported using the same approach, and a
unification-based version is derived. In experiments, the
performance of an implementation of the latter is shown to
exceed both the chart parser and also that of another efficient
LR-like algorithm recently proposed.
Building on these methods, a system for parsing text taken from
a given corpus is described which uses probabilistic techniques
to identify the most plausible syntactic analyses for an input
from the often large number licensed by the grammar. New
techniques implemented include an incremental approach to
semi-supervised training, a context-sensitive method of scoring
sub-analyses, the accurate manipulation of probabilities during
parsing, and the identification of the highest ranked analyses
without exhaustive search. The system attains a similar success
rate to approaches based on context-free grammar, but produces
analyses which are more suitable for semantic processing.
The thesis includes detailed analyses of the worst-case space
and time complexities of all the main algorithms described, and
discusses the practical impact of the theoretical complexity
results.
cam.ac.uk//UCAM-CL-TR-315
2016-07-22
Strategy generation and evaluation for meta-game
playing
Pell, Barney Darryl
University of Cambridge, Computer Laboratory
1993-11
en
Text
UCAM-CL-TR-315
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-315.ps.gz
Meta-Game Playing (METAGAME) is a new paradigm for research in
game-playing in which we design programs to take in the rules of
unknown games and play those games without human assistance.
Strong performance in this new paradigm is evidence that the
program, instead of its human designer, has performed the
analysis of each specific game.
SCL-METAGAME is a concrete METAGAME research problem based
around the class of symmetric chess-like games. The class
includes the games of chess, checkers, noughts and crosses,
Chinese-chess, and Shogi. An implemented game generator produces
new games in this class, some of which are objects of interest
in their own right.
METAGAMER is a program that plays SCL-METAGAME. The program
takes as input the rules of a specific game and analyses those
rules to construct for that game an efficient representation and
an evaluation function, both for use with a generic search
engine. The strategic analysis performed by the program relates
a set of general knowledge sources to the details of the
particular game. Among other properties, this analysis
determines the relative value of the different pieces in a given
game. Although METAGAMER does not learn from experience, the
values resulting from its analysis are qualitatively similar to
values used by experts on known games, and are sufficient to
produce competitive performance the first time the program
actually plays each game it is given. This appears to be the
first program to have derived useful piece values directly from
analysis of the rules of different games.
Experiments show that the knowledge implemented in METAGAMER is
useful on games unknown to its programmer in advance of the
competition and make it seem likely that future programs which
incorporate learning and more sophisticated active-analysis
techniques will have a demonstrable competitive advantage on
this new problem. When playing the known games of chess and
checkers against humans and specialised programs, METAGAMER has
derived from more general principles some strategies which are
familiar to players of those games and which are hard-wired in
many game-specific programs.
cam.ac.uk//UCAM-CL-TR-316
2017-07-06
The Compleat LKB
Copestake, Ann
University of Cambridge, Computer Laboratory
1993-08
en
Text
UCAM-CL-TR-316
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-316.ps.gz
This report is a full description of the lexical knowledge base
system (LKB) and the representation language (LRL) developed on
the Esprit ACQUILEX project. The LKB system is designed to allow
the representation of multilingual lexical information in a way
which integrates lexical semantics with syntax and formal
semantics. The LRL is a typed feature structure language which
makes it possible to represent the lexicon as a highly
structured object and to capture relationships between
individual word senses by (default) inheritance and by lexical
rules. The extension to multilingual representation allows a
concise and natural description of translation mismatches. Most
of this report consists of a detailed formal description of the
LRL — this is augmented with appendices containing the user
manual, an implementation outline and a discussion of some of
the algorithms used, and a bibliography of papers which describe
the LKB and its use within ACQUILEX. (Some of this material has
been published previously, but is included here to make this
report a convenient reference source.)
cam.ac.uk//UCAM-CL-TR-317
2016-07-22
Femto-VHDL: the semantics of a subset of VHDL and its
embedding in the HOL proof assistant
Van Tassel, John Peter
University of Cambridge, Computer Laboratory
1993-11
en
Text
UCAM-CL-TR-317
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-318
2016-07-22
A method of program refinement
Grundy, Jim
University of Cambridge, Computer Laboratory
1993-11
en
Text
UCAM-CL-TR-318
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-318.ps.gz
A method of specifying the desired behaviour of a computer
program, and of refining such specifications into imperative
programs is proposed. The refinement method has been designed
with the intention of being amenable to tool support, and of
being applicable to real-world refinement problems.
Part of the refinement method proposed involves the use of a
style of transformational reasoning called ‘window inference’.
Window inference is particularly powerful because it allows the
information inherent in the context of a subexpression to be
used in its transformation. If the notion of transformational
reasoning is generalised to include transformations that
preserve relationships weaker than equality, then program
refinement can be regarded as a special case of transformational
reasoning. A generalisation of window inference is described
that allows non-equivalence preserving transformations. Window
inference was originally proposed independently from, and as an
alternative to, traditional styles of reasoning. A
correspondence between the generalised version of window
inference and natural deduction is described. This
correspondence forms the basis of a window inference tool that
has been built on top of the HOL theorem proving system.
This dissertation adopts a uniform treatment of specifications
and programs as predicates. A survey of the existing approaches
to the treatment of programs as predicates is presented. A new
approach is then developed based on using predicates of a
three-valued logic. This new approach can distinguish more
easily between specifications of terminating and nonterminating
behaviour than can the existing approaches.
A method of program refinement is then described by combining
the unified treatment of specifications and programs as
three-valued predicates with the window inference style of
transformational reasoning. The result is a simple method of
refinement that is well suited to the provision of tool support.
The method of refinement includes a technique for developing
recursive programs. The proof of such developments is usually
complicated because little can be assumed about the form and
termination properties of a partially developed program. These
difficulties are side-stepped by using a simplified meaning for
recursion that compels the development of terminating programs.
Once the development of a program is complete, the simplified
meaning for recursion is refined into the true meaning.
The dissertation concludes with a case study which presents the
specification and development of a simple line-editor. The case
study demonstrates the applicability of the refinement method to
real-world problems. The line editor is a nontrivial example
that contains features characteristic of large developments,
including complex data structures and the use of data
abstraction. Examination of the case study shows that window
inference offers a convenient way of structuring large
developments.
cam.ac.uk//UCAM-CL-TR-319
2016-07-22
A workstation architecture to support
multimedia
Hayter, Mark David
University of Cambridge, Computer Laboratory
1993-11
en
Text
UCAM-CL-TR-319
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-319.ps.gz
The advent of high speed networks in the wide and local area
enables multimedia traffic to be easily carried between
workstation class machines. The dissertation considers an
architecture for a workstation to support such traffic
effectively. In addition to presenting the information to a
human user the architecture allows processing to be done on
continuous media streams.
The proposed workstation architecture, known as the Desk Area
Network (DAN), extends ideas from Asynchronous Transfer Mode
(ATM) networks into the end-system. All processors and devices
are connected to an ATM interconnect. The architecture is shown
to be capable of supporting both multimedia data streams and
more traditional CPU cache line traffic. The advocated extension
of the CPU cache which allows caching of multimedia data streams
is shown to provide a natural programming abstraction and a
mechanism for synchronising the processor with the stream.
A prototype DAN workstation has been built. Experiments have
been done to demonstrate the features of the architecture. In
particular the use of the DAN as a processor-to-memory
interconnect is closely studied to show the practicality of
using ATM for cache line traffic in a real machine. Simple
demonstrations of the stream cache ideas are used to show its
utility in future applications.
cam.ac.uk//UCAM-CL-TR-320
2017-07-13
A fixedpoint approach to implementing (co)inductive
definitions (updated version)
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-320
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-320.pdf
Several theorem provers provide commands for formalizing
recursive datatypes or inductively defined sets. This paper
presents a new approach, based on fixedpoint definitions. It is
unusually general: it admits all monotone inductive definitions.
It is conceptually simple, which has allowed the easy
implementation of mutual recursion and other conveniences. It
also handles coinductive definitions: simply replace the least
fixedpoint by a greatest fixedpoint. This represents the first
automated support for coinductive definitions.
The method has been implemented in Isabelle’s formalization of
ZF set theory. It should be applicable to any logic in which the
Knaster-Tarski Theorem can be proved. The paper briefly
describes a method of formalizing non-well-founded data
structures in standard ZF set theory.
Examples include lists of n elements, the accessible part of a
relation and the set of primitive recursive functions. One
example of a coinductive definition is bisimulations for lazy
lists. Recursive datatypes are examined in detail, as well as
one example of a “codatatype”: lazy lists. The appendices are
simple user’s manuals for this Isabelle/ZF package.
cam.ac.uk//UCAM-CL-TR-321
2017-07-06
Relational properties of domains
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1993-12
en
Text
UCAM-CL-TR-321
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-321.ps.gz
New tools are presented for reasoning about properties of
recursively defined domains. We work within a general,
category-theoretic framework for various notions of ‘relation’
on domains and for actions of domain constructors on relations.
Freyd’s analysis of recursive types in terms of a property of
mixed initiality/finality is transferred to a corresponding
property of invariant relations. The existence of invariant
relations is proved under completeness assumptions about the
notion of relation. We show how this leads to simpler proofs of
the computational adequacy of denotational semantics for
functional programming languages with user-declared datatypes.
We show how the initiality/finality property of invariant
relations can be specialized to yield an induction principle for
admissible subsets of recursively defined domains, generalizing
the principle of structural induction for inductively defined
sets. We also show how the initiality/finality property gives
rise to the co-induction principle studied by the author (in
UCAM-CL-TR-252), by which equalities between elements of
recursively defined domains may be proved via an appropriate
notion of ‘bisimulation’.
cam.ac.uk//UCAM-CL-TR-322
2016-07-22
Supporting distributed realtime computing
Li, Guangxing
University of Cambridge, Computer Laboratory
1993-12
en
Text
UCAM-CL-TR-322
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-323
2003-01-01
Representing higher-order logic proofs in HOL
von Wright, J.
University of Cambridge, Computer Laboratory
1994-01
en
Text
UCAM-CL-TR-323
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-324
2003-01-01
Verifying modular programs in HOL
von Wright, J.
University of Cambridge, Computer Laboratory
1994-01
en
Text
UCAM-CL-TR-324
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-325
2016-07-22
The temporal properties of English conditionals and
modals
Crouch, Richard
University of Cambridge, Computer Laboratory
1994-01
en
Text
UCAM-CL-TR-325
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-325.pdf
This thesis deals with the patterns of temporal reference
exhibited by conditional and modal sentences in English, and
specifically with the way that past and present tenses can
undergo deictic shift in these contexts. This shifting behaviour
has consequences both for the semantics of tense and for the
semantics of conditionals and modality.
Asymmetries in the behaviour of the past and present tenses
under deictic shift are explained by positing a primary and
secondary deictic centre for tenses. The two deictic centres,
the assertion time and the verification time, are given
independent motivation through an information based view of
tense. This holds that the tense system not only serves to
describe the way that the world changes over time, but also the
way that information about the world changes. Information change
takes place in two stages. First, it is asserted that some fact
holds. And then, either at the same time or later, it is
verified that is assertion is correct.
Typically, assertion and verification occur simultaneously, and
most sentences convey verified information. Modals and
conditionals allow delayed assertion and verification. “If A,
then B” means roughly: suppose you were now to assert A; if and
when A is verified, you will be in a position to assert B, and
in due course this assertion will also be verified. Since A and
B will both be tensed clauses, the shifting of the primary and
secondary deictic centres leads to shifted interpretations of
the two clauses.
The thesis presents a range of temporal properties of indicative
and subjunctive conditionals that have not previously been
discussed, and shows how they can be explained. A logic is
presented for indicative conditionals, based around an extension
of intuitionistic logic to allow for both verified and
unverified assertions. This logic naturally gives rise to three
forms of epistemic modality, corresponding to “must”, “may” and
“will”.
cam.ac.uk//UCAM-CL-TR-326
2016-07-22
A modular and extensible network storage
architecture
Lo, Sai-Lai
University of Cambridge, Computer Laboratory
1994-01
en
Text
UCAM-CL-TR-326
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-326.ps.gz
Most contemporary distributed file systems are not designed to
be extensible. This work asserts that the lack of extensibility
is a problem because:
– New data types, such as continuous-medium data and structured
data, are significantly different from conventional unstructured
data, such as text and binary, that contemporary distributed
file systems are built to support.
– Value-adding clients can provide functional enhancements, such
as convenient and reliable persistent programming and automatic
and transparent file indexing, but cannot be integrated smoothly
with contemporary distributed file systems.
– New media technologies, such as the optical jukebox and RAID
disk, can extend the scale and performance of a storage service
but contemporary distributed file systems do not have a clear
framework to incorporate these new technologies and to provide
the necessary user level transparency.
Motivated by these observations, the new network storage
architecture (MSSA) presented in this dissertation, is designed
to be extensible. Design modularity is taken as the key to
achieve service extensibility. This dissertation examines a
number of issues related to the design of the architecture. New
ideas, such as a flexible access control mechanism based on
temporary capabilities, a low level storage substrate that uses
non-volatile memory to provide atomic update semantics at high
performance, a concept of sessions to differentiate performance
requirements of different data types, are introduced. Prototype
implementations of the key components are evaluated.
cam.ac.uk//UCAM-CL-TR-327
2003-01-01
A new application for explanation-based generalisation
within automated deduction
Baker, Siani L.
University of Cambridge, Computer Laboratory
1994-02
en
Text
UCAM-CL-TR-327
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-328
2018-03-27
The formal verification of the Fairisle ATM switching
element: an overview
Curzon, Paul
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-328
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-329
2018-03-27
The formal verification of the Fairisle ATM switching
element
Curzon, Paul
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-329
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-330
2016-07-22
Interacting with paper on the DigitalDesk
Wellner, Pierre David
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-330
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-330.pdf
In the 1970’s Xerox PARC developed the “desktop metaphor,” which
made computers easy to use by making them look and act like
ordinary desks and paper. This led visionaries to predict the
“paperless office” would dominate within a few years, but the
trouble with this prediction is that people like paper too much.
It is portable, tactile, universally accepted, and easier to
read than a screen. Today, we continue to use paper, and
computers produce more of it than they replace.
Instead of trying to use computers to replace paper, the
DigitalDesk takes the opposite approach. It keeps the paper, but
uses computers to make it more powerful. It provides a Computer
Augmented Environment for paper.
The DigitalDesk is built around an ordinary physical desk and
can be used as such, but it has extra capabilities. A video
camera is mounted above the desk, pointing down at the work
surface. This camera’s output is fed through a system that can
detect where the user is pointing, and it can read documents
that are placed on the desk. A computer-driven electronic
projector is also mounted above the desk, allowing the system to
project electronic objects onto the work surface and onto real
paper documents — something that can’t be done with flat display
panels or rear-projection. The system is called DigitalDesk
because it allows pointing with the fingers.
Several applications have been prototyped on the DigitalDesk.
The first was a calculator where a sheet of paper such as an
annual report can be placed on the desk allowing the user to
point at numbers with a finger or pen. The camera reads the
numbers off the paper, recognizes them, and enters them into the
display for further calculations. Another is a translation
system which allows users to point at unfamiliar French words to
get their English definitions projected down next to the paper.
A third is a paper-based paint program (PaperPaint) that allows
users to sketch on paper using traditional tools, but also be
able to select and paste these sketches with the camera and
projector to create merged paper and electronic documents. A
fourth application is the DoubleDigitalDesk, which allows remote
colleagues to “share” their desks, look at each other’s paper
documents and sketch on them remotely.
This dissertation introduces the concept of Computer Augmented
Environments, describes the DigitalDesk and applications for it,
and discusses some of the key implementation issues that need to
be addressed to make this system work. It describes a toolkit
for building DigitalDesk applications, and it concludes with
some more ideas for future work.
cam.ac.uk//UCAM-CL-TR-331
2018-03-27
HPP: a hierarchical propagation protocol for large scale
replication in wide area networks
Adly, Noha
Kumar, Akhil
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-331
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-332
2016-07-22
Distributed computing with objects
Evers, David Martin
University of Cambridge, Computer Laboratory
1994-03
en
Text
UCAM-CL-TR-332
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-333
2017-07-06
What is a categorical model of intuitionistic linear
logic?
Bierman, G.M.
University of Cambridge, Computer Laboratory
1994-04
en
Text
UCAM-CL-TR-333
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-334
2017-07-13
A concrete final coalgebra theorem for ZF set
theory
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-334
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-334.pdf
A special final coalgebra theorem, in the style of Aczel (1988),
is proved within standard Zermelo-Fraenkel set theory. Aczel’s
Anti-Foundation Axiom is replaced by a variant definition of
function that admits non-well-founded constructions. Variant
ordered pairs and tuples, of possibly infinite length, are
special cases of variant functions. Analogues of Aczel’s
Solution and Substitution Lemmas are proved in the style of
Rutten and Turi (1993).
The approach is less general than Aczel’s; non-well-founded
objects can be modelled only using the variant tuples and
functions. But the treatment of non-well-founded objects is
simple and concrete. The final coalgebra of a functor is its
greatest fixedpoint. The theory is intended for machine
implementation and a simple case of it is already implemented
using the theorem prover Isabelle.
cam.ac.uk//UCAM-CL-TR-335
2017-07-13
Video mail retrieval using voice: report on keyword
definition and data collection (deliverable report on VMR task
No. 1)
Jones, G.J.F.
Foote, J.T.
Spärck Jones, K.
Young, S.J.
University of Cambridge, Computer Laboratory
1994-04
en
Text
UCAM-CL-TR-335
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-335.pdf
This report describes the rationale, design, collection and
basic statistics of the initial training and test database for
the Cambridge Video Mail Retrieval (VMR) project. This database
is intended to support both training for the wordspotting
processes and testing for the document searching methods using
these that are being developed for the project’s message
retrieval task.
cam.ac.uk//UCAM-CL-TR-336
2003-01-01
Towards a proof theory of rewriting: the simply-typed
2-λ calculus
Hilken, Barnaby P.
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-336
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-337
2016-07-22
Efficiency in a fully-expansive theorem
prover
Boulton, Richard John
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-337
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-337.dvi.gz
The HOL system is a fully-expansive theorem prover: Proofs
generated in the system are composed of applications of the
primitive inference rules of the underlying logic. This has two
main advantages. First, the soundness of the system depends only
on the implementations of the primitive rules. Second, users can
be given the freedom to write their own proof procedures without
the risk of making the system unsound. A full functional
programming language is provided for this purpose. The
disadvantage with the approach is that performance is
compromised. This is partly due to the inherent cost of fully
expanding a proof but, as demonstrated in this thesis, much of
the observed inefficiency is due to the way the derived proof
procedures are written.
This thesis seeks to identify sources of non-inherent
inefficiency in the HOL system and proposes some general-purpose
and some specialised techniques for eliminating it. One area
that seems to be particularly amenable to optimisation is
equational reasoning. This is significant because equational
reasoning constitutes large portions of many proofs. A number of
techniques are proposed that transparently optimise equational
reasoning. Existing programs in the HOL system require little or
no modification to work faster.
The other major contribution of this thesis is a framework in
which part of the computation involved in HOL proofs can be
postponed. This enables users to make better use of their time.
The technique exploits a form of lazy evaluation. The critical
feature is the separation of the code that generates the
structure of a theorem from the code that justifies it
logically. Delaying the justification allows some non-local
optimisations to be performed in equational reasoning. None of
the techniques sacrifice the security of the fully-expansive
approach.
A decision procedure for a subset of the theory of linear
arithmetic is used to illustrate many of the techniques.
Decision procedures for this theory are commonplace in theorem
provers due to the importance of arithmetic reasoning. The
techniques described in the thesis have been implemented and
execution times are given. The implementation of the arithmetic
procedure is a major contribution in itself. For the first time,
users of the HOL system are able to prove many arithmetic lemmas
automatically in a practical amount of time (typically a second
or two).
The applicability of the techniques to other fully-expansive
theorem provers and possible extensions of the ideas are
considered.
cam.ac.uk//UCAM-CL-TR-338
2016-07-22
A new approach to implementing atomic data
types
Wu, Zhixue
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-338
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-339
2017-07-13
Belief revision and dialogue management in information
retrieval
Logan, Brian
Reece, Steven
Cawsey, Alison
Galliers, Julia
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1994-05
en
Text
UCAM-CL-TR-339
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-339.pdf
This report describes research to evaluate a theory of belief
revision proposed by Galliers in the context of
information-seeking interaction as modelled by Belkin, Brooks
and Daniels and illustrated by user-librarian dialogues. The
work covered the detailed assessment and development, and
computational implementation and testing, of both the belief
revision theory and the information retrieval model. Some
features of the belief theory presented problems, and the
original ‘multiple expert’ retrieval model had to be drastically
modified to support rational dialogue management. But the
experimental results showed that the characteristics of
literature seeking interaction could be successfully captured by
the belief theory, exploiting important elements of the
retrieval model. Thus, though the system’s knowledge and
dialogue performance were very limited, it provides a useful
base for further research. The report presents all aspects of
the research in detail, with particular emphasis on the
implementation of belief and intention revision, and the
integration of revision with domain reasoning and dialogue
interaction.
cam.ac.uk//UCAM-CL-TR-340
2016-07-22
Operating system support for quality of
service
Hyden, Eoin Andrew
University of Cambridge, Computer Laboratory
1994-06
en
Text
UCAM-CL-TR-340
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-340.pdf
The deployment of high speed, multiservice networks within the
local area has meant that it has become possible to deliver
continuous media data to a general purpose workstation. This, in
conjunction with the increasing speed of modern microprocessors,
means that it is now possible to write application programs
which manipulate continuous media in real-time. Unfortunately,
current operating systems do not provide the resource management
facilities which are required to ensure the timely execution of
such applications.
This dissertation presents a flexible resource management
paradigm, based on the notion of Quality of Service, with which
it is possible to provide the scheduling support required by
continuous media applications. The mechanisms which are required
within an operating system to support this paradigm are
described, and the design and implementation of a prototypical
kernel which implements them is presented.
It is shown that, by augmenting the interface between an
application and the operating system, the application can be
informed of varying resource availabilities, and can make use of
this information to vary the quality of its results. In
particular an example decoder application is presented, which
makes use of such information and exploits some of the
fundamental properties of continuous media data to trade video
image quality for the amount of processor time which it
receives.
cam.ac.uk//UCAM-CL-TR-341
2016-09-27
Presentation support for distributed multimedia
applications
Bates, John
University of Cambridge, Computer Laboratory
1994-06
en
Text
UCAM-CL-TR-341
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-341.ps.gz
Distributed computing environments can now support digital
continuous media (such as audio and video) in addition to still
media (such as text and pictures). The work presented in this
dissertation is motivated by the desire of application
developers to create applications which utilise these multimedia
environments. Many important application areas are emerging such
as Computer-Aided Instruction (CAI) and Computer-Supported
Cooperative Working (CSCW).
Building multimedia applications is currently a difficult and
time consuming process. At run-time, an application must manage
connections to a range of heterogeneous sevices to access data.
Building applications directly on top of environment specific
features roots them to those features. Continuous media
introduces new problems into application management such as
control of Quality of Service (QoS) and synchronisation of data
items. An application may also be required to analyse, process
or display data. Some multimedia applications are event-driven,
i.e. they must perform actions in response to asynchronous
run-time occurrences. They may also be required to control many
workspaces and involve multiple users.
The thesis of this dissertation is based on two principles.
Firstly, despite the heterogeneity between and within multimedia
environments, that their functionality should be provided in a
uniform way to application developers. By masking the control
differences with generic abstractions, applications can easily
be developed and ported. Secondly, that it is possible to
develop such abstractions to support a wide range of multimedia
applications. Extensible and configurable facilities can be
provided to access, and present multimedia data and to support
event-diven applications including cooperative ones.
The approach taken in this work is to provide a presentation
support platform. To application developers this platform offers
an authoring interface based on data modelling and specification
using a script language. Using these facilities, the parts of an
application involving interactive presentation of multimedia can
be specified. Services have been built to support the run-time
realisation of authored presentations on top of environments.
Experiments show that a wide range of applications can be
supported.
cam.ac.uk//UCAM-CL-TR-342
2016-07-22
An architecture for distributed user
interfaces
Freeman, Stephen Martin Guy
University of Cambridge, Computer Laboratory
1994-07
en
Text
UCAM-CL-TR-342
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-342.pdf
Computing systems have changed rapidly since the first graphical
user interfaces were developed. Hardware has become faster and
software architectures have become more flexible and more open;
a modern computing system consists of many communicating
machines rather than a central host. Understanding of
human-computer interaction has also become more sophisticated
and places new demands on interactive software; these include,
in particular, support for multi-user applications, continuous
media, and ‘ubiquitous’ computing. The layer which binds user
requirements and computing systems together, the user interface,
has not changed as quickly; few user interface architectures can
easily supportthe new requirements placed on them and few take
advantage of the facilities offered by advanced computing
systems.
Experiences of implementing systems with unusual user interfaces
has shown that current window system models are only a special
case of possible user interface architectures. These window
systems are too strongly tied to assumptions about how users and
computers interact to provide a suitable platform for further
evolution. Users and application builders may reasonably expect
to be able to use multiple input and output devices as their
needs arise. Experimental applications show that flexible user
interface architectures, which support multiple devices and
users, can be built without excessive implementation and
processing costs.
This dissertation describes Gemma, a model for a new generation
of interactive systems that are not confined to virtual
terminals but allows collections of independent devices to be
bound together for the task at hand. It provides mediated shared
access to basic devices and higher-level virtual devices so that
people can share computational facilities in the real world,
rather than in a virtual world. An example window system shows
how these features may be exploited to provide a flexible,
collaborative and mobile interactive environment.
cam.ac.uk//UCAM-CL-TR-344
2016-07-22
The contour tree image encoding technique and file
format
Turner, Martin John
University of Cambridge, Computer Laboratory
1994-07
en
Text
UCAM-CL-TR-344
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-345
2003-01-01
A proof environment for arithmetic with the Omega
rule
Baker, Siani L.
University of Cambridge, Computer Laboratory
1994-08
en
Text
UCAM-CL-TR-345
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-346
2016-07-22
On intuitionistic linear logic
Bierman, G.M.
University of Cambridge, Computer Laboratory
1994-08
en
Text
UCAM-CL-TR-346
ISSN 1476-2986
In this thesis we carry out a detailed study of the
(propositional) intuitionistic fragment of Girard’s linear logic
(ILL). Firstly we give sequent calculus, natural deduction and
axiomatic formulations of ILL. In particular our natural
deduction is different from others and has important properties,
such as closure under substitution, which others lack. We also
study the process of reduction in all three local formulations,
including a detailed proof of cut elimination. Finally, we
consider translations between Instuitionistic Logic (IL) and
ILL.
We then consider the linear term calculus, which arises from
applying the Curry-Howard correspondence to the natural
deduction formulation. We show how the various proof theoretic
formulations suggest reductions at the level of terms. The
properties of strong normalization and confluence are proved for
these reduction rules. We also consider mappings between the
extended λ-calculus and the linear term calculus.
Next we consider a categorical model for ILL. We show how by
considering the linear term calculus as an equational logic, we
can derive a model: a linear category. We consider two
alternative models: firstly, one due to Seely and then one due
to Lafont. Surprisingly, we find that Seely’s model is not
sound, in that equal terms are not modelled with equal
morphisms. We show how after adapting Seely’s model (by viewing
it in a more abstract setting) it becomes a particular instance
of a linear category. We show how Lafont’s model can also be
seen as another particular instance of a linear category.
Finally we consider various categories of coalgebras, whose
construction can be seen as a categorical equivalent of the
translation of IL into ILL.
cam.ac.uk//UCAM-CL-TR-347
2017-07-13
Reflections on TREC
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
1994-07
en
Text
UCAM-CL-TR-347
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-347.ps.gz
This paper discusses the Text REtrieval Conferences (TREC)
programme as a major enterprise in information retrieval
research. It reviews its structure as an evaluation exercise,
characterises the methods of indexing and retrieval being tested
within it in terms of the approaches to system performance
factors these represent; analyses the test results for solid,
overall conclusions that can be drawn from them; and, in the
light of the particular features of the test data, assesses TREC
both for generally-applicable findings that emerge from it and
for directions it offers for future research.
cam.ac.uk//UCAM-CL-TR-348
2016-07-22
Integrated sound synchronisation for computer
animation
Hunter, Jane Louise
University of Cambridge, Computer Laboratory
1994-08
en
Text
UCAM-CL-TR-348
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-349
2018-03-27
A HOL interpretation of Noden
Graham, Brian
University of Cambridge, Computer Laboratory
1994-09
en
Text
UCAM-CL-TR-349
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-350
2018-03-27
Ten commandments of formal methods
Bowen, Jonathan P.
Hinchey, Michael G.
University of Cambridge, Computer Laboratory
1994-09
en
Text
UCAM-CL-TR-350
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-351
2016-07-22
Handling realtime traffic in mobile networks
Biswas, Subir Kumar
University of Cambridge, Computer Laboratory
1994-09
en
Text
UCAM-CL-TR-351
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-351.ps.gz
The rapidly advancing technology of cellular communication and
wireless LAN makes ubiquitous computing feasible where the
mobile users can have access to the location independent
information and the computing resources. Multimedia networking
is another emerging technological trend of the 1990s and there
is an increasing demand for supporting continuous media traffic
in wireless personal communication environment. In order to
guarantee the strict performance requirements of realtime
traffic, the connection-oriented approaches are proving to be
more efficient compared to the conventional datagram based
networking. This dissertation deals with a network architecture
and its design issues for implementing the connection-oriented
services in a mobile radio environment.
The wired backbone of the proposed wireless LAN comprises of
high speed ATM switching elements, connected in a modular
fashion, where the new switches and the user devices can be
dynamically added and reconnected for maintaining a desired
topology. A dynamic reconfiguration protocol, which can cope
with these changing network topologies, is proposed for the
present network architecture. The details about a prototype
implementation of the protocol and a simulation model for its
performance evaluation are presented.
CSMA/AED, a single frequency and carrier sensing based protocol
is proposed for the radio medium access operations. A simulation
model is developed in order to investigate the feasibility of
this statistical and reliable access scheme for the proposed
radio network architecture. The effectiveness of a
per-connection window based flow control mechanism, for the
proposed radio LAN, is also investigated. A hybrid technique is
used, where the medium access and the radio data-link layers are
modelled using the mentioned simulator; an upper layer
end-to-end queueing model, involving flow dependent servers, is
solved using an approximate Mean Value Analysis technique which
is augmented for faster iterative convergence.
A distributed location server, for managing mobile users’
location information and for aiding the mobile connection
management tasks, is proposed. In order to hide the effects of
mobility from the non-mobile network entities, the concept of a
per-mobile software entity, known as a “representative”, is
introduced. A mobile connection management scheme is also
proposed for handling the end-to-end network layer connections
in the present mobile environment. The scheme uses the
representatives and a novel connection caching technique for
providing the necessary realtime traffic support
functionalities.
A prototype system, comprising of the proposed location and the
connection managers, has been built for demonstrating the
feasibility of the presented architecture for transporting
continuous media traffic. A set of experiments have been carried
out in order to investigate the impacts of various design
decisions and to identify the performance-critical parts of the
design.
cam.ac.uk//UCAM-CL-TR-352
2018-03-27
A mixed linear and non-linear logic: proofs, terms and
models
Benton, P.N.
University of Cambridge, Computer Laboratory
1994-10
en
Text
UCAM-CL-TR-352
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-353
2017-07-13
Merging HOL with set theory
Gordon, Mike
University of Cambridge, Computer Laboratory
1994-11
en
Text
UCAM-CL-TR-353
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-353.pdf
Set theory is the standard foundation for mathematics, but the
majority of general purpose mechanized proof assistants support
versions of type theory (higher order logic). Examples include
Alf, Automath, Coq, Ehdm, HOL, IMPS, Lambda, LEGO, Nuprl, PVS
and Veritas. For many applications type theory works well and
provides for specification the benefits of type-checking that
are well known in programming. However, there are areas where
types get in the way or seem unmotivated. Furthermore, most
people with a scientific or engineering background already know
set theory, whereas type theory may appear inaccessible and so
be an obstacle to the uptake of proof assistants based on it.
This paper describes some experiments (using HOL) in combining
set theory and type theory; the aim is to get the best of both
worlds in a single system. Three approaches have been tried, all
based on an axiomatically specified type V of ZF-like sets: (i)
HOL is used without any additions besides V; (ii) an embedding
of the HOL logic into V is provided; (iii) HOL axiomatic
theories are automatically translated into set-theoretic
definitional theories. These approaches are illustrated with two
examples: the construction of lists and a simple lemma in group
theory.
cam.ac.uk//UCAM-CL-TR-354
2018-05-10
Formalising a model of the λ-calculus in
HOL-ST
Agerholm, Sten
University of Cambridge, Computer Laboratory
1994-11
en
Text
UCAM-CL-TR-354
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-354.pdf
Many new theorem provers implement strong and complicated type
theories which eliminate some of the limitations of simple type
theories such as the HOL logic. A more accessible alternative
might be to use a combination of set theory and simple type
theory as in HOL-ST which is a version of the HOL system
supporting a ZF-like set theory in addition to higher order
logic. This paper presents a case study on the use of HOL-ST to
build a model of the λ-calculus by formalising the inverse limit
construction of domain theory. This construction is not possible
in the HOL system itself, or in simple type theories in general.
cam.ac.uk//UCAM-CL-TR-355
2017-07-13
Two cryptographic notes
Wheeler, David
Needham, Roger
University of Cambridge, Computer Laboratory
1994-11
en
Text
UCAM-CL-TR-355
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-355.pdf
A large block DES-like algorithm
DES was designed to be slow in software. We give here a DES type
of code which applies directly to single blocks comprising two
or more words of 32 bits. It is thought to be at least as secure
as performing DES separately on two word blocks, and has the
added advantage of not requiring chaining etc. It is about
8m/(12+2m) times as fast as DES for an m word block and has a
greater gain for Feistel codes where the number of rounds is
greater. We use the name GDES for the codes we discuss. The
principle can be used on any Feistel code.
TEA, a Tiny Encryption Algorithm
We design a short program which will run on most machines and
encypher safely. It uses a large number of iterations rather
than a complicated program. It is hoped that it can easily be
translated into most languages in a compatible way. The first
program is given below. It uses little set up time and does a
weak non linear iteration enough rounds to make it secure. There
are no preset tables or long set up times. It assumes 32 bit
words.
cam.ac.uk//UCAM-CL-TR-356
2017-07-13
Simple, proven approaches to text retrieval
Robertson, S.E.
Spärck Jones, K.
University of Cambridge, Computer Laboratory
1994-12
en
Text
UCAM-CL-TR-356
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-356.pdf
This technical note describes straightforward techniques for
document indexing and retrieval that have been solidly
established through extensive testing and are easy to apply.
They are useful for many different types of text material, are
viable for very large files, and have the advantage that they do
not require special skills or training for searching, but are
easy for end users.
cam.ac.uk//UCAM-CL-TR-357
2018-03-27
Seven more myths of formal methods
Bowen, Jonathan P.
Hinchey, Michael G.
University of Cambridge, Computer Laboratory
1994-12
en
Text
UCAM-CL-TR-357
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-358
2016-07-22
Multithreaded processor design
Moore, Simon William
University of Cambridge, Computer Laboratory
1995-02
en
Text
UCAM-CL-TR-358
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-359
2003-01-01
A case study of co-induction in Isabelle
Frost, Jacob
University of Cambridge, Computer Laboratory
1995-02
en
Text
UCAM-CL-TR-359
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-359.pdf
The consistency of the dynamic and static semantics for a small
functional programming language was informally proved by R.
Milner and M. Tofte. The notions of co-inductive definitions and
the associated principle of co-induction played a pivotal role
in the proof. With emphasis on co-induction, the work presented
here deals with the formalisation of this result in the generic
theorem prover Isabelle.
cam.ac.uk//UCAM-CL-TR-360
2017-07-13
On the calculation of explicit polymetres
Clocksin, W.F.
University of Cambridge, Computer Laboratory
1995-03
en
Text
UCAM-CL-TR-360
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-360.pdf
Computer scientists take an interest in objects or events which
can be counted, grouped, timed and synchronised. The
computational problems involved with the interpretation and
notation of musical rhythm are therefore of particular interest,
as the most complex time-stamped structures yet devised by
humankind are to be found in music notation. These problems are
brought into focus when considering explicit polymetric
notation, which is the concurrent use of different time
signatures in music notation. While not in common use the
notation can be used to specify complicated cross-rhythms,
simple versus compound metres, and unequal note values without
the need for tuplet notation. From a computational point of
view, explicit polymetric notation is a means of specifying
synchronisation relationships amongst multiple time-stamped
streams. Human readers of explicit polymetic notation use the
time signatures together with the layout of barlines and musical
events as clues to determine the performance. However, if the
aim is to lay out the notation (such as might be required by an
automatic music notation processor), the location of barlines
and musical events will be unknown, and it is necessary to
calculate them given only the information conveyed by the time
signatures. Similar problems arise when trying to perform the
notation (i.e. animate the specification) in real-time. Some
problems in the interpretation of explicit polymetric notation
are identified and a solution is proposed. Two different
interpretations are distinguished, and methods for their
automatic calculation are given. The solution given may be
applied to problems which involve the synchronisation or phase
adjustment of multiple independent threads of time-stamped
objects.
cam.ac.uk//UCAM-CL-TR-361
2016-07-22
Explicit network scheduling
Black, Richard John
University of Cambridge, Computer Laboratory
1995-04
en
Text
UCAM-CL-TR-361
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-361.ps.gz
This dissertation considers various problems associated with the
scheduling and network I/O organisation found in conventional
operating systems for effective support for multimedia
applications which require Quality of Service.
A solution for these problems is proposed in a micro-kernel
structure. The pivotal features of the proposed design are that
the processing of device interrupts is performed by user-space
processes which are scheduled by the system like any other, that
events are used for both inter- and intra-process
synchronisation, and the use of a specially developed high
performance I/O buffer management system.
An evaluation of an experimental implementation is included. In
addition to solving the scheduling and networking problems
addressed, the prototype is shown to out-perform the Wanda
system (a locally developed micro-kernel) on the same platform.
This dissertation concludes that it is possible to construct an
operating system where the kernel provides only the fundamental
job of fine grain sharing of the CPU between processes, and
hence synchronisation between those processes. This enables
processes to perform task specific optimisations; as a result
system performance is enhanced, both with respect to throughput
and the meeting of soft real-time guarantees.
cam.ac.uk//UCAM-CL-TR-362
2018-03-27
W-learning: competition among selfish
Q-learners
Humphrys, Mark
University of Cambridge, Computer Laboratory
1995-04
en
Text
UCAM-CL-TR-362
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-362.ps.gz
W-learning is a self-organising action-selection scheme for
systems with multiple parallel goals, such as autonomous mobile
robots. It uses ideas drawn from the subsumption architecture
for mobile robots (Brooks), implementing them with the
Q-learning algorithm from reinforcement learning (Watkins).
Brooks explores the idea of multiple sensing-and-acting agents
within a single robot, more than one of which is capable of
controlling the robot on its own if allowed. I introduce a model
where the agents are not only autonomous, but are in fact
engaged in direct competition with each other for control of the
robot. Interesting robots are ones where no agent achieves total
victory, but rather the state-space is fragmented among
different agents. Having the agents operate by Q-learning proves
to be a way to implement this, leading to a local, incremental
algorithm (W-learning) to resolve competition. I present a
sketch proof that this algorithm converges when the world is a
discrete, finite Markov decision process. For each state,
competition is resolved with the most likely winner of the state
being the agent that is most likely to suffer the most if it
does not win. In this way, W-learning can be viewed as ‘fair’
resolution of competition. In the empirical section, I show how
W-learning may be used to define spaces of agent-collections
whose action selection is learnt rather than hand-designed. This
is the kind of solution-space that may be searched with a
genetic algorithm.
cam.ac.uk//UCAM-CL-TR-363
2016-07-22
Names and higher-order functions
Stark, Ian
University of Cambridge, Computer Laboratory
1995-04
en
Text
UCAM-CL-TR-363
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-363.ps.gz
Many functional programming languages rely on the elimination of
‘impure’ features: assignment to variables, exceptions and even
input/output. But some of these are genuinely useful, and it is
of real interest to establish how they can be reintroducted in a
controlled way. This dissertation looks in detail at one example
of this: the addition to a functional language of dynamically
generated “names”. Names are created fresh, they can be compared
with each other and passed around, but that is all. As a very
basic example of “state”, they capture the graduation between
private and public, local and global, by their interaction with
higher-order functions.
The vehicle for this study is the “nu-calculus”, an extension of
the simply-typed lambda-calculus. The nu-calculus is equivalent
to a certain fragment of Standard ML, omitting side-effects,
exceptions, datatypes and recursion. Even without all these
features, the interaction of name creation with higher-order
functions can be complex and subtle.
Various operational and denotational methods for reasoning about
the nu-calculus are developed. These include a computational
metalanguage in the style of Moggi, which distinguishes in the
type system between values and computations. This leads to
categorical models that use a strong monad, and examples are
devised based on functor categories.
The idea of “logical relations” is used to derive powerful
reasoning methods that capture some of the distinction between
private and public names. These techniques are shown to be
complete for establishing contextual equivalence between
first-order expressions; they are also used to construct a
correspondingly abstract categorical model.
All the work with the nu-calculus extends cleanly to Reduced ML,
a larger language that introduces integer references: mutable
storage cells that are dynamically allocated. It turns out that
the step up is quite simple, and both the computational
metalanguage and the sample categorical models can be reused.
cam.ac.uk//UCAM-CL-TR-364
2003-01-01
The Church-Rosser theorem in Isabelle: a proof porting
experiment
Rasmussen, Ole
University of Cambridge, Computer Laboratory
1995-04
en
Text
UCAM-CL-TR-364
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-364.ps.gz
This paper describes a proof of the Church-Rosser theorem for
the pure lambda-calculus formalised in the Isabelle theorem
prover. The initial version of the proof is ported from a
similar proof done in the Coq proof assistant by Girard Huet,
but a number of optimisations have been performed. The
development involves the introduction of several inductive and
recursive definitions and thus gives a good presentation of the
inductive package of Isabelle.
cam.ac.uk//UCAM-CL-TR-365
2018-03-27
Computational types from a logical perspective
I
Benton, P.N.
Bierman, G.M.
de Paiva, V.C.V.
University of Cambridge, Computer Laboratory
1995-05
en
Text
UCAM-CL-TR-365
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-366
2017-07-13
Retrieving spoken documents: VMR Project
experiments
Spärck Jones, K.
Jones, G.J.F.
Foote, J.T.
Young, S.J.
University of Cambridge, Computer Laboratory
1995-05
en
Text
UCAM-CL-TR-366
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-367
2017-07-06
Categorical logic
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1995-05
en
Text
UCAM-CL-TR-367
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-367.ps.gz
This document provides an introduction to the interaction
between category theory and mathematical logic which is slanted
towards computer scientists. It will be a chapter in the
forthcoming Volume VI of: S. Abramsky, D. M. Gabbay, and T. S.
E. Maibaum (eds), “Handbook of Logic in Computer Science”,
Oxford University Press.
cam.ac.uk//UCAM-CL-TR-368
2003-01-01
CogPiT – configuration of protocols in TIP
Stiller, Burkhard
University of Cambridge, Computer Laboratory
1995-06
en
Text
UCAM-CL-TR-368
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-368.ps.gz
The variety of upcoming applications in terms of their
performance and Quality-of-Service (QoS) requirements is
increasing. Besides almost well-known applications, such as
teleconferencing, audio- and video-transmissions, even more
contemporary ones, such as medical imaging, Video-on-Demand, and
interactive tutoring systems, are introduced and applied to
existing networks. On the contrary, traditionally data-oriented
applications, such as file transfer and remote login, are
considerably different in terms of their QoS requirements.
Therefore, the consequences of this evolution effect the
architectures of end-systems, e.g., workstations that have to be
capable of maintaining all different kinds of multi-media data,
and intermediate-systems as well.
Therefore, a configuration approach of communication protocols
has been developed to support the variety of applications. This
approach offers the possibility to configure communication
protocols automatically depending on the application
requirements expressed in various QoS parameters. The result, an
application-tailored communication protocol, matches the
requested application requirements as far as possible.
Additionally, network and system resources (NSR) are taken into
account for a well-suited configuration.
The Configuration of Protocols in TIP is called CogPiT and is
part of the Transport and Internetworking Package (TIP). As an
example, in the TIP environment the transport protocol TEMPO is
used for configuration purposes.
cam.ac.uk//UCAM-CL-TR-369
2008-03-03
A comparison of HOL-ST and Isabelle/ZF
Agerholm, Sten
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-369
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-369.pdf
The use of higher order logic (simple type theory) is often
limited by its restrictive type system. Set theory allows many
constructions on sets that are not possible on types in higher
order logic. This paper presents a comparison of two theorem
provers supporting set theory, namely HOL-ST and Isabelle/ZF,
based on a formalization of the inverse limit construction of
domain theory; this construction cannot be formalized in higher
order logic directly. We argue that whilst the combination of
higher order logic and set theory in HOL-ST has advantages over
the first order set theory in Isabelle/ZF, the proof
infrastructure of Isabelle/ZF has better support for set theory
proofs than HOL-ST. Proofs in Isabelle/ZF are both considerably
shorter and easier to write.
cam.ac.uk//UCAM-CL-TR-370
2003-01-01
A package for non-primitive recursive function
definitions in HOL
Agerholm, Sten
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-370
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-371
2003-01-01
LIMINF convergence in Ω-categories
Wagner, Kim Ritter
University of Cambridge, Computer Laboratory
1995-06
en
Text
UCAM-CL-TR-371
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-372
2018-03-27
A brief history of mobile telephony
Hild, Stefan G.
University of Cambridge, Computer Laboratory
1995-01
en
Text
UCAM-CL-TR-372
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-372.pdf
Mobile telephony has gone through a decade of tremendous change
and progress. Today, mobile phones are an indispensable tool to
many professionals, and have great potential to become vital
components in mobile data communication applications. In this
survey we will attempt to present some of the milestones from
the route which mobile telephony has taken over the past decades
while developing from an experimental system with limited
capabilities with to a mature technology (section 1), followd by
a more detailed introduction into the modern pan-European GSM
standard (section 2). Section 3 is devoted to the data
communication services, covering two packet-oriented data only
networks as well as data services planned for the GSM system.
Section 4 covers some security issues and section 5 gives an
insight into the realities today with details of some networks
available in the UK. Finally, section 6 concludes this overview
with a brief look into the future.
cam.ac.uk//UCAM-CL-TR-373
2017-07-13
Natural-language processing and requirements
specifications
Macías, Benjamín
Pulman, Stephen G.
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-373
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-374
2003-01-01
A framework for QoS updates in a networking
environment
Stiller, Burkhard
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-374
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-374.ps.gz
The support of sufficient Quality-of-Service (QoS) for
applications residing in a distributed environment and running
on top of high performance networks is a demanding issue.
Currently, the areas to provide this support adequately include
communication protocols, operating systems support, and offered
network services. A configurable approach of communication
protocols offers the needed protocol flexibility to react
accordingly on various different requirements.
Communication protocols and operating systems have to be
parametrized using internal configuration parameters, such as
window sizes, retry counters, or scheduling mechanisms, that
rely closely on requested application-oriented or
network-dependent QoS, such as bandwidth or delay. Moreover,
these internal parameters have to be recalculated from time to
time due to network changes (such as congestion or line
break-down) or due to application-specific alterations (such as
enhanced bandwidth requirements or increased reliability) to
adjust a temporary or semi-permanent “out-of-tune” service
behavior.
Therefore, a rule-based evaluation and QoS updating framework
for configuration parameters in a networking environment has
been developed. The resulting “rulework” can be used within
highly dynamic environments in a communication subsystem that
offers the possibility to specify for every QoS parameter both a
bounding interval of values and an average value. As an example,
the framework has been integrated in the Function-based
Communication Subsystem (F-CSS). Especially, an enhanced
application service interface is offered, allowing for the
specification of various QoS-parameters that are used to
configure a sufficient application-tailored communication
protocol.
cam.ac.uk//UCAM-CL-TR-375
2016-07-22
Restructuring virtual memory to support distributed
computing environments
Huang, Feng
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-375
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-376
2016-07-22
The structure of a multi-service operating
system
Roscoe, Timothy
University of Cambridge, Computer Laboratory
1995-08
en
Text
UCAM-CL-TR-376
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-376.ps.gz
Increases in processor speed and network bandwidth have led to
workstations being used to process multimedia data in real time.
These applications have requirements not met by existing
operating systems, primarily in the area of resource control:
there is a need to reserve resources, in particular the
processor, at a fine granularity. Furthermore, guarantees need
to be dynamically renegotiated to allow users to reassign
resources when the machine is heavily loaded. There have been
few attempts to provide the necessary facilities in traditional
operating systems, and the internal structure of such systems
makes the implementation of useful resource control difficult.
This dissertation presents a way of structuring an operating
system to reduce crosstalk between applications sharing the
machine, and enable useful resource guarantees to be made:
instead of system services being located in the kernel or server
processes, they are placed as much as possible in client
protection domains and scheduled as part of the client, with
communication between domains only occurring when necessary to
enforce protection and concurrency control. This amounts to
multiplexing the service at as low a level of abstraction as
possible. A mechanism for sharing processor time between
resources is also described. The prototype Nemesis operating
system is used to demonstrate the ideas in use in a practical
system, and to illustrate solutions to several implementation
problems that arise.
Firstly, structuring tools in the form of typed interfaces
within a single address space are used to reduce the complexity
of the system from the programmer’s viewpoint and enable rich
sharing of text and data between applications.
Secondly, a scheduler is presented which delivers useful Quality
of Service guarantees to applications in a highly efficient
manner. Integrated with the scheduler is an inter-domain
communication system which has minimal impact on resource
guarantees, and a method of decoupling hardware interrupts from
the execution of device drivers.
Finally, a framework for high-level inter-domain and
inter-machine communication is described, which goes beyond
object-based RPC systems to permit both Quality of Service
negotiation when a communication binding is established, and
services to be implemented straddling protection domain
boundaries as well as locally and in remote processes.
cam.ac.uk//UCAM-CL-TR-377
2017-07-13
Mechanising set theory: cardinal arithmetic and the
axiom of choice
Paulson, Larry
Grabczewski, Krzysztof
University of Cambridge, Computer Laboratory
1995-07
en
Text
UCAM-CL-TR-377
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-377.pdf
Fairly deep results of Zermelo-Fraenkel (ZF) set theory have
been mechanised using the proof assistant Isabelle. The results
concern cardinal arithmetic and the Axiom of Choice (AC). A key
result about cardinal multiplication is K*K=K, where K is any
infinite cardinal. Proving this result required developing
theories of orders, order-isomorphisms, order types, ordinal
arithmetic, cardinals, etc.; this covers most of Kunen, Set
Theory, Chapter I. Furthermore, we have proved the equivalence
of 7 formulations of the Well-ordering Theorem and 20
formulations of AC; this covers the first two chapters of Rubin
and Rubin, Equivalents of the Axiom of Choice. The definitions
used in the proofs are largely faithful in style to the original
mathematics.
cam.ac.uk//UCAM-CL-TR-378
2018-03-27
Performance evaluation of HARP: a hierarchical
asynchronous replication protocol for large scale
system
Adly, Noha
University of Cambridge, Computer Laboratory
1995-08
en
Text
UCAM-CL-TR-378
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-378.ps.gz
This report evaluates the performance of HARP, a hierarchical
replication protocol based on nodes organised into a logical
hierarchy. The scheme is based on communication with nearby
replicas and scales well for thousands of replicas. It proposes
a new service interface that provides different levels of
asynchrony, allowing strong consistency and weak consistency to
be integrated into the same framework. Further, it provides the
ability to offer different levels of staleness, by querying from
different levels of the hierarchy. We present results from a
detailed simulation analysis evaluating the benefits and losses
in performance resulting from using synchronous versus
asynchronous operation within HARP under different system
configurations and load mixes. Further, the performance is
evaluated on different network topologies. An analytical
solution based on the Open Queueing Network Model with Multiple
Job Classes is carried out for the verification of the
simulation model and the results are presented.
cam.ac.uk//UCAM-CL-TR-379
2017-07-13
Proceedings of the First Isabelle Users
Workshop
Paulson, Lawrence
University of Cambridge, Computer Laboratory
1995-09
en
Text
UCAM-CL-TR-379
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-380
2003-01-01
Quality-of-Service issues in networking
environments
Stiller, Burkhard
University of Cambridge, Computer Laboratory
1995-09
en
Text
UCAM-CL-TR-380
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-380.ps.gz
Quality-of-Service (QoS) issues in networking environments cover
various separate areas and topics. They include at least the
specification of applications requirements, the definition of
network services, QoS models, resource reservation methods,
negotiation and transformation methods for QoS, and operating
system support for guaranteed services. An embracing approach
for handling, dealing with, and supporting QoS in different
scenarios and technical set-ups is required to manage
sufficiently forthcoming communication and networking tasks.
Modern telecommunication systems require an integrated
architecture for applications, communication subsystems, and
network perspectives to overcome drawbacks of traditional
communication architectures, such as redundant protocol
functionality, weakly designed interfaces between the end-system
and a network adapter, or impossibility of specifying and
guaranteeing QoS parameter.
This work contains the discussion of a number of interconnected
QoS issues, e.g., QoS mapping, QoS negotiation, QoS-based
configuration of communication protocols, or QoS aspects in
Asynchronous Transfer Mode (ATM) signaling protocols, which have
been dealt with during a one-year research fellowship. This
report is not intended to be a complete description of every
technical detail, but tries to provide a brief overall picture
of the emerging and explosively developing QoS issues in
telecommunication systems. Additionally, investigations of some
of these issues are undertaken in a more closer detail. It is
mainly focussed on QoS mapping, negotiation, and updating in the
communication protocol area.
cam.ac.uk//UCAM-CL-TR-381
2016-07-22
Rendering for free form deformations
Nimscheck, Uwe Michael
University of Cambridge, Computer Laboratory
1995-10
en
Text
UCAM-CL-TR-381
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-382
2016-07-22
Synthetic image generation for a multiple-view
autostereo display
Castle, Oliver M.
University of Cambridge, Computer Laboratory
1995-10
en
Text
UCAM-CL-TR-382
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-383
2016-07-22
Management of replicated data in large scale
systems
Adly, Noha
University of Cambridge, Computer Laboratory
1995-11
en
Text
UCAM-CL-TR-383
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-384
2018-03-27
Securing ATM networks
Chuang, Shaw-Cheng
University of Cambridge, Computer Laboratory
1995-01
en
Text
UCAM-CL-TR-384
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-384.ps.gz
This is an interim report on the investigations into securing
Asynchronous Transfer Mode (ATM) networks. We look at the
challenge in providing such a secure ATM network and identify
the important issues in achieving such goal. In this paper, we
discuss the issues and problems involved and outline some
techniques to solving these problems. The network environment is
first examined and we also consider the correct placement of
security mechanism in such an environment. Following the
analysis of the security requirement, we introduce and describe
a key agile cryptographic device for ATM. The protection of the
ATM data plane is extremely important to provide data
confidentiality and data integrity. Techniques in providing
synchronisation, dynamic key change, dynamic initialisation
vector change and Message Authentication Code on ATM data, are
also being considered. Next, we discuss the corresponding
control functions. A few key exchange protocols are given as
possible candidates for the establishment of the session key.
The impact of such key exchange protocols on the design of an
ATM signalling protocol has also been examined and security
extension to an existing signalling protocol being discussed. We
also talk about securing other control plane functions such as
NNI routing, Inter-Domain Policy Routing, authorisation and
auditing, firewall and intrusion detection, Byzantine
robustness. Management plane functions are also being looked at,
with discussions on bootstrapping, authenticated neighbour
discovery, ILMI Security, PVC security, VPI security and ATM
Forum management model.
cam.ac.uk//UCAM-CL-TR-385
2016-07-22
Performance evaluation of the Delphi machine
Saraswat, Sanjay
University of Cambridge, Computer Laboratory
1995-12
en
Text
UCAM-CL-TR-385
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-386
2018-03-27
Bisimilarity for a first-order calculus of objects with
subtyping
Gordon, Andrew D.
Rees, Gareth D.
University of Cambridge, Computer Laboratory
1996-01
en
Text
UCAM-CL-TR-386
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-387
2017-07-13
Monitoring composite events in distributed
systems
Schwiderski, Scarlet
Herbert, Andrew
Moody, Ken
University of Cambridge, Computer Laboratory
1996-02
en
Text
UCAM-CL-TR-387
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-388
2018-03-27
A unified approach to strictness analysis and optimising
transformations
Benton, P.N.
University of Cambridge, Computer Laboratory
1996-02
en
Text
UCAM-CL-TR-388
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-389
2003-01-01
A proof checked for HOL
Wong, Wai
University of Cambridge, Computer Laboratory
1996-03
en
Text
UCAM-CL-TR-389
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-390
2018-03-27
Syn: a single language for specifiying abstract syntax
tress, lexical analysis, parsing and pretty-printing
Boulton, Richard J.
University of Cambridge, Computer Laboratory
1996-03
en
Text
UCAM-CL-TR-390
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-390.ps.gz
A language called Syn is described in which all aspects of
context-free syntax can be specified without redundancy. The
language is essentially an extended BNF grammar. Unusual
features include high-level constructs for specifying lexical
aspects of a language and specification of precedence by textual
order. A system has been implemented for generating lexers,
parsers, pretty-printers and abstract syntax tree
representations from a Syn specification.
cam.ac.uk//UCAM-CL-TR-391
2016-07-22
Programming languages and dimensions
Kennedy, Andrew John
University of Cambridge, Computer Laboratory
1996-04
en
Text
UCAM-CL-TR-391
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-391.pdf
Scientists and engineers must ensure that the equations and
formulae which they use are dimensionally consistent, but
existing programming languages treat all numeric values as
dimensionless. This thesis investigates the extension of
programming languages to support the notion of physical
dimension.
A type system is presented similar to that of the programming
language ML but extended with polymorphic dimension types. An
algorithm which infers most general dimension types
automatically is then described and proved correct.
The semantics of the language is given by a translation into an
explicitlytyped language in which dimensions are passed as
arguments to functions. The operational semantics of this
language is specified in the usual way by an evaluation relation
defined by a set of rules. This is used to show that if a
program is well-typed then no dimension errors can occur during
its evaluation.
More abstract properties of the language are investigated using
a denotational semantics: these include a notion of invariance
under changes in the units of measure used, analogous to
parametricity in the polymorphic lambda calculus. Finally the
dissertation is summarised and many possible directions for
future research in dimension types and related type systems are
described.
cam.ac.uk//UCAM-CL-TR-392
2003-01-01
Decoding choice encodings
Nestmann, Uwe
Pierce, Benjamin C.
University of Cambridge, Computer Laboratory
1996-04
en
Text
UCAM-CL-TR-392
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-393
2016-07-22
Performance management in ATM networks
Crosby, Simon Andrew
University of Cambridge, Computer Laboratory
1996-04
en
Text
UCAM-CL-TR-393
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-393.ps.gz
The Asynchronous Transfer Mode (ATM) has been identified as the
technology of choice amongst high speed communication networks
for its potential to integrate services with disparate resource
needs and timing constraints. Before it can successfully deliver
integrated services, however, significant problems remain to be
solved. They centre around two major issues. First, there is a
need for a simple, powerful network service interface capable of
meeting the communications needs of new applications. Second,
within the network there is a need to dynamically control a mix
of diverse traffic types to ensure that they meet their
performance criteria.
Addressing the first concern, this dissertation argues that a
simple network control interface offers significant advantages
over the traditional, heavyweight approach of the
telecommunications industry. A network control architecture
based on a distributed systems approach is presented which
locates both the network control functions and its services
outside the network. The network service interface uses the
Remote Procedure Call (RPC) paradigm and enables more
complicated service offerings to be built from the basic
primitives. A formal specification and verification of the
user-network signalling protocol is presented. Implementations
of the architecture, both on Unix and the Wanda micro-kernel,
used on the Fairisle ATM switch, are described. The
implementations demonstrate the feasibility of the architecture,
and feature a high degree of experimental flexibility. This is
exploited in the balance of the dissertation, which presents the
results of a practical study of network performance under a
range of dynamic control mechanisms.
Addressing the second concern, results are presented from a
study of the cell delay variation suffered by ATM connections
when multiplexed with real ATM traffic in an uncontrolled
network, and from an investigation of the expansion of bursts of
ATM traffic as a result of multiplexing. The results are
compared with those of analytical models. Finally, results from
a study of the performance delivered to delay sensitive traffic
by priority and rate based cell scheduling algorithms, and the
loss experienced by different types of traffic under several
buffer allocation strategies are presented.
cam.ac.uk//UCAM-CL-TR-394
2017-07-13
A simple formalization and proof for the mutilated chess
board
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1996-04
en
Text
UCAM-CL-TR-394
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-394.pdf
The impossibility of tiling the mutilated chess board has been
formalized and verified using Isabelle. The formalization is
concise because it is expressed using inductive definitions. The
proofs are straightforward except for some lemmas concerning
finite cardinalities. This exercise is an object lesson in
choosing a good formalization. is applicable in a variety of
domains.
cam.ac.uk//UCAM-CL-TR-395
2018-03-27
Cut-elimination for full intuitionistic linear
logic
Bräuner, Torben
de Paiva, Valeria
University of Cambridge, Computer Laboratory
1996-05
en
Text
UCAM-CL-TR-395
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-396
2017-07-13
Generic automatic proof tools
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1996-05
en
Text
UCAM-CL-TR-396
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-396.pdf
This paper explores a synthesis between two distinct traditions
in automated reasoning: resolution and interaction. In
particular it discusses Isabelle, an interactive theorem prover
based upon a form of resolution. It aims to demonstrate the
value of proof tools that, compared with traditional resolution
systems, seem absurdly limited. Isabelle’s classical reasoner
searches for proofs using a tableau approach. The reasoner is
generic: it accepts rules proved in applied theories, involving
defined connectives. New constants are not reduced to
first-order logic; the reasoner
cam.ac.uk//UCAM-CL-TR-397
2003-01-01
Optimal routing in 2-jump circulant networks
Robič, Borut
University of Cambridge, Computer Laboratory
1996-06
en
Text
UCAM-CL-TR-397
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-397.ps.gz
An algorithm for routing a message along the shortest path
between a pair of processors in 2-jump circulant (undirected
double fixed step) network is given. The algorithm requires O(d)
time for preprocessing, and l = O(d) routing steps, where l is
the distance between the processors and d is the diameter of the
network.
cam.ac.uk//UCAM-CL-TR-398
2017-07-13
Design and implementation of an autostereoscopic camera
system
Dodgson, N.A.
Moore, J.R.
University of Cambridge, Computer Laboratory
1996-06
en
Text
UCAM-CL-TR-398
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-398.pdf
An autostereoscopic display provides the viewer with a
three-dimensional image without the need for special glasses,
and allows the user to look around objects in the image by
moving the head left-right. The time-multiplexed autostereo
display developed at the University of Cambridge has been in
operation since late 1991.
An autostereoscopic camera system has been designed and
implemented. It is capable of taking video input from up to
sixteen cameras, and multiplexing these into a video output
stream with a pixel rate an order of magnitude faster than the
individual input streams. Testing of the system with eight
cameras and a Cambridge Autostereo Display has produced
excellent live autostereoscopic video.
This report describes the design of this camera system which has
been successfully implemented and demonstrated. Problems which
arose during this process are discussed, and a comparison with
similar systems made.
cam.ac.uk//UCAM-CL-TR-399
2020-01-28
OASIS: An open architecture for secure interworking
services
Hayton, Richard
University of Cambridge, Computer Laboratory
1996-06
en
Text
UCAM-CL-TR-399
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-399.pdf
An emerging requirement is for applications and distributed
services to cooperate or inter-operate. Mechanisms have been
devised to hide the heterogeneity of the host operating systems
and abstract the issues of distribution and object location.
However, in order for systems to inter-operate securely there
must also be mechanisms to hide differences in security policy,
or at least negotiate between them.
This would suggest that a uniform model of access control is
required. Such a model must be extremely flexible with respect
to the specification of policy, as different applications have
radically different needs. In a widely distributed environment
this situation is exacerbated by the differing requirements of
different organisations, and in an open environment there is a
need to interwork with organisations using alternative security
mechanisms.
Other proposals for the interworking of security mechanisms have
concentrated on the enforcement of access policy, and neglected
the concerns of freedom of expression of this policy. For
example it is common to associate each request with a user
identity, and to use this as the only parameter when performing
access control. This work describes an architectural approach to
security. By reconsidering the role of the client and the
server, we may reformulate access control issues in terms of
client naming.
We think of a client as obtaining a name issued by a service;
either based on credentials already held by the client, or by
delegation from another client. A grammar has been devised that
allows the conditions under which a client may assume a name to
be specified, and the conditions under which use of the name
will be revoked. This allows complex security policies to be
specified that define how clients of a service may interact with
each other (through election, delegation and revocation), how
clients interact with a service (by invoking operations or
receiving events) and how clients and services may
inter-operate. (For example, a client of a Login service may
become a client of a file service.)
This approach allows great flexibility when integrating a number
of services, and reduces the mismatch of policies common in
heterogeneous systems. A flexible security definition is
meaningless if not backed by a robust and efficient
implementation. In this thesis we present a systems architecture
that can be implemented efficiently, but that allows individual
services to ‘fine tune’ the trade-offs between security,
efficiency and freedom of policy expression. The architecture is
inherently distributed and scalable, and includes mechanisms for
rapid and selective revocation of privileges which may cascade
between services and organisations.
cam.ac.uk//UCAM-CL-TR-400
2016-07-22
Monitoring the behaviour of distributed
systems
Schwiderski, Scarlet
University of Cambridge, Computer Laboratory
1996-07
en
Text
UCAM-CL-TR-400
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-400.pdf
Monitoring the behaviour of computing systems is an important
task. In active database systems, a detected system behaviour
leads to the triggering of an ECA (event-condition-action) rule.
ECA rules are employed for supporting database management system
functions as well as external applications. Although distributed
database systems are becoming more commonplace, active database
research has to date focussed on centralised systems. In
distributed debugging systems, a detected system behaviour is
compared with the expected system behaviour. Differences
illustrate erroneous behaviour. In both application areas,
system behaviours are specified in terms of events: primitive
events represent elementary occurrences and composite events
represent complex occurrence patterns. At system runtime,
specified primitive and composite events are monitored and event
occurrences are detected. However, in active database systems
events are monitored in terms of physical time and in
distributed debugging systems events are monitored in terms of
logical time. The notion of physical time is difficult in
distributed systems because of their special characteristics: no
global time, network delays, etc.
This dissertation is concerned with monitoring the behaviour of
distributed systems in terms of physical time, i.e. the syntax,
the semantics, the detection, and the implementation of events
are considered.
The syntax of primitive and composite events is derived from the
work of both active database systems and distributed debugging
systems; differences and necessities are highlighted.
The semantics of primitive and composite events establishes when
and where an event occurs; the semantics depends largely on the
notion of physical time in distributed systems. Based on the
model for an approximated global time base, the ordering of
events in distributed systems is considered, and the structure
and handling of timestamps are illustrated. In specific
applications, a simplified version of the semantics can be
applied which is easier and therefore more efficient to
implement.
Algorithms for the detection of composite events at system
runtime are developed; event detectors are distributed to
arbitrary sites and composite events are evaluated concurrently.
Two different evaluation policies are examined: asynchronous
evaluation and synchronous evaluation. Asynchronous evaluation
is characterised by the ad hoc consumption of signalled event
occurrences. However, since the signalling of events involves
variable delays, the events may not be evaluated in the
system-wide order of their occurrence. On the other hand,
synchronous evaluation enforces events to be evaluated in the
system-wide order of their occurrence. But, due to site failures
and network congestion, the evaluation may block on a fairly
long-term basis.
The prototype implementation realises the algorithms for the
detection of composite events with both asynchronous and
synchronous evaluation. For the purpose of testing, primitive
event occurrences are simulated by distributed event simulators.
Several tests are performed illustrating the differences between
asynchronous and synchronous evaluation: the first is ‘fast and
unreliable’ whereas the latter is ‘slow and reliable’.
cam.ac.uk//UCAM-CL-TR-401
2017-07-06
A classical linear λ-calculus
Bierman, Gavin
University of Cambridge, Computer Laboratory
1996-07
en
Text
UCAM-CL-TR-401
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-402
2017-07-13
Video mail retrieval using voice: report on collection
of naturalistic requests and relevance assessments
Jones, G.J.F.
Foote, J.T.
Spärck Jones, K.
Young, S.J.
University of Cambridge, Computer Laboratory
1996-09
en
Text
UCAM-CL-TR-402
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-403
2016-07-22
Devices in a multi-service operating system
Barham, Paul Ronald
University of Cambridge, Computer Laboratory
1996-10
en
Text
UCAM-CL-TR-403
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-403.ps.gz
Increases in processor speed and network and device bandwidth
have led to general purpose workstations being called upon to
process continuous media data in real time. Conventional
operating systems are unable to cope with the high loads and
strict timing constraints introduced when such applications form
part of a multi-tasking workload. There is a need for the
operating system to provide fine-grained reservation of
processor, memory and I/O resources and the ability to
redistribute these resources dynamically. A small group of
operating systems researchers have recently proposed a
“vertically-structured” architecture where the operating system
kernel provides minimal functionality and the majority of
operating system code executes within the application itself.
This structure greatly simplifies the task of accounting for
processor usage by applications. The prototype Nemesis operating
system embodies these principles and is used as the platform for
this work.
This dissertation extends the provision of Quality of Service
guarantees to the I/O system by presenting an architecture for
device drivers which minimises crosstalk between applications.
This is achieved by clearly separating the data-path operations,
which require careful accounting and scheduling, and the
infrequent control-path operations, which require protection and
concurrency control. The approach taken is to abstract and
multiplex the I/O data-path at the lowest level possible so as
to simplify accounting, policing and scheduling of I/O resources
and enable application-specific use of I/O devices.
The architecture is applied to several representative classes of
device including network interfaces, network connected
peripherals, disk drives and framestores. Of these, disks and
framestores are of particular interest since they must be shared
at a very fine granularity but have traditionally been presented
to the application via a window system or file-system with a
high-level and coarse-grained interface.
A device driver for the framestore is presented which abstracts
the device at a low level and is therefore able to provide each
client with guaranteed bandwidth to the framebuffer. The design
and implementation of a novel client-rendering window system is
then presented which uses this driver to enable rendering code
to be safely migrated into a shared library within the client.
A low-level abstraction of a standard disk drive is also
described which efficiently supports a wide variety of file
systems and other applications requiring persistent storage,
whilst providing guaranteed rates of I/O to individual clients.
An extent-based file system is presented which can provide
guaranteed rate file access and enables clients to optimise for
application-specific access patterns.
cam.ac.uk//UCAM-CL-TR-404
2016-07-22
Adaptive parallelism for computing on heterogeneous
clusters
Shum, Kam Hong
University of Cambridge, Computer Laboratory
1996-11
en
Text
UCAM-CL-TR-404
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-405
2018-03-27
A tool to support formal reasoning about computer
languages
Boulton, Richard J.
University of Cambridge, Computer Laboratory
1996-11
en
Text
UCAM-CL-TR-405
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-405.ps.gz
A tool to support formal reasoning about computer languages and
specific language texts is described. The intention is to
provide a tool that can build a formal reasoning system in a
mechanical theorem prover from two specifications, one for the
syntax of the language and one for the semantics. A parser,
pretty-printer and internal representations are generated from
the former. Logical representations of syntax and semantics, and
associated theorem proving tools, are generated from the
combination of the two specifications. The main aim is to
eliminate tedious work from the task of prototyping a reasoning
tool for a computer language, but the abstract specifications of
the language also assist the automation of proof.
cam.ac.uk//UCAM-CL-TR-406
2017-07-13
Tool support for logics of programs
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1996-11
en
Text
UCAM-CL-TR-406
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-406.pdf
Proof tools must be well designed if they are to be more
effective than pen and paper. Isabelle supports a range of
formalisms, two of which are described (higher-order logic and
set theory). Isabelle’s representation of logic is influenced by
logic programming: its “logical variables” can be used to
implement step-wise refinement. Its automatic proof procedures
are based on search primitives that are directly available to
users. While emphasizing basic concepts, the article also
discusses applications such as an approach to the analysis of
security protocols.
cam.ac.uk//UCAM-CL-TR-407
2003-01-01
The L4 microkernel on Alpha : Design and
implementation
Schoenberg, Sebastian
University of Cambridge, Computer Laboratory
1996-09
en
Text
UCAM-CL-TR-407
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-407.ps.gz
The purpose of a microkernel is to cover the lowest level of the
hardware and to provide a more general platform to operating
systems and applications than the hardware itself. This has made
microkernel development increasingly interesting. Different
types of microkernels have been developed, ranging from kernels
which merely deal with the hardware infterface (Windows NT HAL),
kernels especially for embedded systems (RTEMS), to kernels for
multimedia streams and real time support (Nemesis) and general
purpose kernels (L4, Mach).
The common opinion that microkernels lead to deterioration in
system performance has been disproved by recent research. L4 is
an example of a fast and small, multi address space,
message-based microkernel, developed originally for Intel
systems only. Based on the L4 interface, which should be as
similar as possible on different platforms, the L4 Alpha version
has been developed.
This work describes design decisions, implementation and
interfaces of the L4 version for 64-bit Alpha processors.
cam.ac.uk//UCAM-CL-TR-408
2016-07-22
Theorem proving with the real numbers
Harrison, John Robert
University of Cambridge, Computer Laboratory
1996-11
en
Text
UCAM-CL-TR-408
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-408.ps.gz
This thesis discusses the use of the real numbers in theorem
proving. Typically, theorem provers only support a few
‘discrete’ datatypes such as the natural numbers. However the
availability of the real numbers opens up many interesting and
important application areas, such as the verification of
floating point hardware and hybrid systems. It also allows the
formalization of many more branches of classical mathematics,
which is particularly relevant for attempts to inject more
rigour into computer algebra systems.
Our work is conducted in a version of the HOL theorem prover. We
describe the rigorous definitional construction of the real
numbers, using a new version of Cantor’s method, and the
formalization of a significant portion of real analysis. We also
describe an advanced derived decision procedure for the ‘Tarski
subset’ of real algebra as well as some more modest but
practically useful tools for automating explicit calculations
and routine linear arithmetic reasoning.
Finally, we consider in more detail two interesting application
areas. We discuss the desirability of combining the rigour of
theorem provers with the power and convenience of computer
algebra systems, and explain a method we have used in practice
to achieve this. We then move on to the verification of floating
point hardware. After a careful discussion of possible
correctness specifications, we report on two case studies, one
involving a transcendental function.
We aim to show that a theory of real numbers is useful in
practice and interesting in theory, and that the ‘LCF style’ of
theorem proving is well suited to the kind of work we describe.
We hope also to convince the reader that the kind of mathematics
needed for applications is well within the abilities of current
theorem proving technology.
cam.ac.uk//UCAM-CL-TR-409
2017-07-13
Proving properties of security protocols by
induction
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1996-12
en
Text
UCAM-CL-TR-409
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-409.pdf
Security protocols are formally specified in terms of traces,
which may involve many interleaved protocol runs. Traces are
defined inductively. Protocol descriptions model accidental key
losses as well as attacks. The model spy can send spoof messages
made up of components decrypted from previous traffic.
Correctness properties are verified using the proof tool
Isabelle/HOL. Several symmetric-key protocols have been studied,
including Needham-Schroeder, Yahalom and Otway-Rees. A new
attack has been discovered in a variant of Otway-Rees (already
broken by Mao and Boyd). Assertions concerning secrecy and
authenticity have been proved.
The approach rests on a common theory of messages, with three
operators. The operator “parts” denotes the components of a set
of messages. The operator “analz” denotes those parts that can
be decrypted with known keys. The operator “synth” denotes those
messages that can be expressed in terms of given components. The
three operators enjoy many algebraic laws that are invaluable in
proofs.
cam.ac.uk//UCAM-CL-TR-410
2018-03-27
Proof style
Harrison, John
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-410
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-410.ps.gz
We are concerned with how to communicate a mathematical proof to
a computer theorem prover. This can be done in many ways, while
allowing the machine to generate a completely formal proof
object. The most obvious choice is the amount of guidance
required from the user, or from the machine perspective, the
degree of automation provided. But another important
consideration, which we consider particularly significant, is
the bias towards a ‘procedural’ or ‘declarative’ proof style. We
will explore this choice in depth, and discuss the strengths and
weaknesses of declarative and procedural styles for proofs in
pure mathematics and for verification applications. We conclude
with a brief summary of our own experiments in trying to combine
both approaches.
cam.ac.uk//UCAM-CL-TR-411
2016-07-22
Formalising process calculi in Higher Order
Logic
Nesi, Monica
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-411
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-412
2017-07-06
Observations on a linear PCF (preliminary
report)
Bierman, G.M.
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-412
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-413
2017-07-13
Mechanized proofs of security protocols:
Needham-Schroeder with public keys
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-413
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-413.pdf
The inductive approach to verifying security protocols,
previously applied to shared-key encryption, is here applied to
the public key version of the Needham-Schroeder protocol. As
before, mechanized proofs are performed using Isabelle/HOL. Both
the original, flawed version and Lowe’s improved version are
studied; the properties proved highlight the distinctions
between the two versions. The results are compared with previous
analyses of the same protocol. The analysis reported below
required only 30 hours of the author’s time. The proof scripts
execute in under three minutes.
cam.ac.uk//UCAM-CL-TR-414
2017-07-06
A calculus for cryptographic protocols : The SPI
calculus
Abadi, Martín
Gordon, Andrew D.
University of Cambridge, Computer Laboratory
1997-01
en
Text
UCAM-CL-TR-414
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-414.ps.gz
We introduce the spi calculus, an extension of the pi calculus
designed for the description and analysis of cryptographic
protocols. We show how to use the spi calculus, particularly for
studying authentication protocols. The pi calculus (without
extension) suffices for some abstract protocols; the spi
calculus enables us to consider cryptographic issues in more
detail. We represent protocols as processes in the spi calculus
and state their security properties in terms of coarse-grained
notions of protocol equivalence.
cam.ac.uk//UCAM-CL-TR-415
2016-07-22
Application support for mobile computing
Pope, Steven Leslie
University of Cambridge, Computer Laboratory
1997-02
en
Text
UCAM-CL-TR-415
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-416
2018-03-27
DECLARE: a prototype declarative proof system for higher
order logic
Syme, Donald
University of Cambridge, Computer Laboratory
1997-02
en
Text
UCAM-CL-TR-416
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-417
2019-05-28
Selective mesh refinement for interactive terrain
rendering
Brown, Peter J.C.
University of Cambridge, Computer Laboratory
1997-02
en
Text
UCAM-CL-TR-417
ISSN 1476-2986
Terrain surfaces are often approximated by geometric meshes to
permit efficient rendering. This paper describes how the
complexity of an approximating irregular mesh can be varied
across its domain in order to minimise the number of displayed
facets while ensuring that the rendered surface meets
pre-determined resolution requirements. We first present a
generalised scheme to represent a mesh over a continuous range
of resolutions using the output from conventional
single-resolution approximation methods. We then describe an
algorithm which extracts a surface from this representation such
that the resolution of the surface is enhanced only in specific
areas of interest. We prove that the extracted surface is
complete, minimal, satisfies the given resolution constraints
and meets the Delaunay triangulation criterion if possible. In
addition, we present a method of performing smooth visual
transitions between selectively-refined meshes to permit
efficient animation of a terrain scene.
A HTML version of that report is at
https://www.cl.cam.ac.uk/research/rainbow/publications/pjcb/tr417/
cam.ac.uk//UCAM-CL-TR-418
2017-07-13
Mechanized proofs for a recursive authentication
protocol
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-03
en
Text
UCAM-CL-TR-418
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-418.pdf
A novel protocol has been formally analyzed using the prover
Isabelle/HOL, following the inductive approach described in
earlier work. There is no limit on the length of a run, the
nesting of messages or the number of agents involved. A single
run of the protocol delivers session keys for all the agents,
allowing neighbours to perform mutual authentication. The basic
security theorem states that session keys are correctly
delivered to adjacent pairs of honest agents, regardless of
whether other agents in the chain are compromised. The
protocol’s complexity caused some difficulties in the
specification and proofs, but its symmetry reduced the number of
theorems to prove.
cam.ac.uk//UCAM-CL-TR-419
2016-07-22
Video-augmented environments
Stafford-Fraser, James Quentin
University of Cambridge, Computer Laboratory
1997-04
en
Text
UCAM-CL-TR-419
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-419.pdf
In the future, the computer will be thought of more as an
assistant than as a tool, and users will increasingly expect
machines to make decisions on their behalf. As with a human
assistant, a machine’s ability to make informed choices will
often depend on the extent of its knowledge of activities in the
world around it. Equipping personal computers with a large
number of sensors for monitoring their environment is, however,
expensive and inconvenient, and a preferable solution would
involve a small number of input devices with a broad scope of
application. Video cameras are ideally suited to many realworld
monitoring applications for this reason. In addition, recent
reductions in the manufacturing costs of simple cameras will
soon make their widespread deployment in the home and office
economically viable. The use of video as an input device also
allows the creation of new types of user-interface, more
suitable in some circumstances than those afforded by the
conventional keyboard and mouse.
This thesis examines some examples of these ‘Video-Augmented
Environments’ and related work, and then describes two
applications in detail. The first, a ‘software cameraman’, uses
the analysis of one video stream to control the display of
another. The second, ‘BrightBoard’, allows a user to control a
computer by making marks on a conventional whiteboard, thus
‘augmenting’ the board with many of the facilities common to
electronic documents, including the ability to fax, save, print
and email the image of the board. The techniques which were
found to be useful in the construction of these applications are
common to many systems which monitor real-world video, and so
they were combined in a toolkit called ‘Vicar’. This provides an
architecture for ‘video plumbing’, which allows standard
videoprocessing components to be connected together under the
control of a scripting language. It is a single application
which can be programmed to create a variety of simple
Video-Augmented Environments, such as those described above,
without the need for any recompilation, and so should simplify
the construction of such applications in the future. Finally,
opportunities for further exploration on this theme are
discussed.
cam.ac.uk//UCAM-CL-TR-420
2016-07-22
Managing complex models for computer graphics
Sewell, Jonathan Mark
University of Cambridge, Computer Laboratory
1997-04
en
Text
UCAM-CL-TR-420
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-420.pdf
Three-dimensional computer graphics is becoming more common as
increasing computational power becomes more readily available.
Although the images that can be produced are becoming more
complex, users’ expectations continue to grow. This dissertation
examines the changes in computer graphics software that will be
needed to support continuing growth in complexity, and proposes
techniques for tackling the problems that emerge.
Increasingly complex models will involve longer rendering times,
higher memory requirements, longer data transfer periods and
larger storage capacities. Furthermore, even greater demands
will be placed on the constructors of such models. This
dissertation aims to describe how to construct scalable systems
which can be used to visualise models of any size without
requiring dedicated hardware. This is achieved by controlling
the quality of the results, and hence the costs incurred. In
addition, the use of quality controls can become a tool to help
users handle the large volume of information arising from
complex models.
The underlying approach is to separate the model from the
graphics application which uses it, so that the model exists
independently. By doing this, an application is free to access
only the data which is required at any given time. For the
application to function in this manner, the data must be in an
appropriate form. To achieve this, approximation hierarchies are
defined as a suitable new model structure. These utilise
multiple representations of both objects and groups of objects
at all levels in the model.
In order to support such a structure, a novel method is proposed
for rapidly constructing simplified representations of groups of
complex objects. By calculating a few geometrical attributes, it
is possible to generate replacement objects that preserve
important aspects of the originals. Such objects, once placed
into an approximation hierarchy, allow rapid loading and
rendering of large portions of a model. Extensions to rendering
algorithms are described that take advantage of this structure.
The use of multiple representations encompasses not only
different quality levels, but also different storage formats and
types of objects. It provides a framework within which such
aspects are hidden from the user, facilitating the sharing and
re-use of objects. A model manager is proposed as a means of
encapsulating these mechanisms. This software gives, as far as
possible, the illusion of direct access to the whole complex
model, while at the same time making the best use of the limited
resources available.
cam.ac.uk//UCAM-CL-TR-421
2018-03-27
An abstract dynamic semantics for C
Norrish, Michael
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-421
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-421.pdf
This report is a presentation of a formal semantics for the C
programming language. The semantics has been defined
operationally in a structured semantics style and covers the
bulk of the core of the language. The semantics has been
developed in a theorem prover (HOL), where some expected
consequences of the language definition
cam.ac.uk//UCAM-CL-TR-422
2003-01-09
Using the BONITA primitives: a case study
Rowstron, Antony
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-422
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-423
2020-01-28
Symbol grounding: Learning categorical and sensorimotor
predictions for coordination in autonomous robots
MacDorman, Karl F.
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-423
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-424
2016-09-19
Simplification with renaming: a general proof technique
for tableau and sequent-based provers
Massacci, Fabio
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-424
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-424.dvi.gz
Tableau and sequent calculi are the basis for most popular
interactive theorem provers for hardware and software
verification.
Yet, when it comes to decision procedures or automatic proof
search, tableaux are orders of magnitude slower than
Davis-Putnam, SAT based procedures or other techniques based on
resolution.
To meet this challenge, this paper proposes a theoretical
innovation: the rule of simplification, which plays the same
role for tableaux as subsumption does for resolution, and unit
for Davis-Putman.
This technique gives a unifying view of a number of
tableaux-like calculi such as DPLL, KE, HARP, hyper-tableaux
etc. For instance the stand-alone nature of the first-order
Davis-Putnam-Longeman-Loveland procedure can be explained away
as a case of Smullyan tableau with propositional simplification.
Besides its computational effectiveness, the simplicity and
generality of simplification make its extension possible in a
uniform way. We define it for propositional and first order
logic and a wide range of modal logics. For a full-fledged first
order simplification we combine it with another technique,
renaming, which subsumes the use of free universal variables in
sequent and tableau calculi.
New experimental results are given for random SAT and the IFIP
benchmarks for hardware verification.
cam.ac.uk//UCAM-CL-TR-425
2017-07-13
Should your specification language be typed?
Lamport, Leslie
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-05
en
Text
UCAM-CL-TR-425
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-425.pdf
Most specification languages have a type system. Type systems
are hard to get right, and getting them wrong can lead to
inconsistencies. Set theory can serve as the basis for a
specification language without types. This possibility, which
has been widely overlooked, offers many advantages. Untyped set
theory is simple and is more flexible than any simple typed
formalism. Polymorphism, overloading, and subtyping can make a
type system more powerful, but at the cost of increased
complexity, and such refinements can never attain the
flexibility of having no types at all. Typed formalisms have
advantages too, stemming from the power of mechanical type
checking. While types serve little purpose in hand proofs, they
do help with mechanized proofs. In the absence of verification,
type checking can catch errors in specifications. It may be
possible to have the best of both worlds by adding typing
annotations to an untyped specification language.
We consider only specification languages, not programming
languages.
cam.ac.uk//UCAM-CL-TR-426
2016-07-22
Action selection methods using reinforcement
learning
Humphrys, Mark
University of Cambridge, Computer Laboratory
1997-06
en
Text
UCAM-CL-TR-426
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-426.ps.gz
The Action Selection problem is the problem of run-time choice
between conflicting and heterogenous goals, a central problem in
the simulation of whole creatures (as opposed to the solution of
isolated uninterrupted tasks). This thesis argues that
Reinforcement Learning has been overlooked in the solution of
the Action Selection problem. Considering a decentralised model
of mind, with internal tension and competition between selfish
behaviors, this thesis introduces an algorithm called
“W-learning”, whereby different parts of the mind modify their
behavior based on whether or not they are succeeding in getting
the body to execute their actions. This thesis sets W-learning
in context among the different ways of exploiting Reinforcement
Learning numbers for the purposes of Action Selection. It is a
‘Minimize the Worst Unhappiness’ strategy. The different methods
are tested and their strengths and weaknesses analysed in an
artificial world.
cam.ac.uk//UCAM-CL-TR-427
2018-03-27
Proving Java type soundness
Syme, Don
University of Cambridge, Computer Laboratory
1997-06
en
Text
UCAM-CL-TR-427
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-428
2018-03-27
Floating point verification in HOL Light: the
exponential function
Harrison, John
University of Cambridge, Computer Laboratory
1997-06
en
Text
UCAM-CL-TR-428
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-428.ps.gz
In that they often embody compact but mathematically
sophisticated algorithms, operations for computing the common
transcendental functions in floating point arithmetic seem good
targets for formal verification using a mechanical theorem
prover. We discuss some of the general issues that arise in
verifications of this class, and then present a machine-checked
verification of an algorithm for computing the exponential
function in IEEE-754 standard binary floating point arithmetic.
We confirm (indeed strengthen) the main result of a previously
published error analysis, though we uncover a minor error in the
hand proof and are forced to confront several subtle issues that
might easily be overlooked informally.
Our main theorem connects the floating point exponential to its
abstract mathematical counterpart. The specification we prove is
that the function has the correct overflow behaviour and, in the
absence of overflow, the error in the result is less than 0.54
units in the last place (0.77 if the answer is denormalized)
compared against the exact mathematical exponential function.
The algorithm is expressed in a simple formalized programming
language, intended to be a subset of real programming and
hardware description languages. It uses underlying floating
point operations (addition, multiplication etc.) that are
assumed to conform to the IEEE-754 standard for binary floating
point arithmetic.
The development described here includes, apart from the proof
itself, a formalization of IEEE arithmetic, a mathematical
semantics for the programming language in which the algorithm is
expressed, and the body of pure mathematics needed. All this is
developed logically from first principles using the HOL Light
prover, which guarantees strict adherence to simple rules of
inference while allowing the user to perform proofs using
higher-level derived rules. We first present the main ideas and
conclusions, and then collect some technical details about the
prover and the underlying mathematical theories in appendices.
cam.ac.uk//UCAM-CL-TR-429
2018-03-27
Compilation and equivalence of imperative
objects
Gordon, Andrew D.
Hankin, Paul D.
Lassen, Søren B.
University of Cambridge, Computer Laboratory
1997-06
en
Text
UCAM-CL-TR-429
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-429.ps.gz
We adopt the untyped imperative object calculus of Abadi and
Cardelli as a minimal setting in which to study problems of
compilation and program equivalence that arise when compiling
object-oriented languages. We present both a big-step and a
small-step substitution-based operational semantics for the
calculus. Our first two results are theorems asserting the
equivalence of our substitution-based semantics with a
closure-based semantics like that given by Abadi and Cardelli.
Our third result is a direct proof of the correctness of
compilation to a stack-based abstract machine via a small-step
decompilation algorithm. Our fourth result is that contextual
equivalence of objects coincides with a form of Mason and
Talcott’s CIU equivalence; the latter provides a tractable means
of establishing operational equivalences. Finally, we prove
correct an algorithm, used in our prototype compiler, for
statically resolving method offsets. This is the first study of
correctness of an object-oriented abstract machine, and of
operational equivalence for the imperative object calculus.
cam.ac.uk//UCAM-CL-TR-430
2017-07-13
Video mail retrieval using voice : Report on topic
spotting
Jones, G.J.F.
Foote, J.T.
Sparck Jones, K.
Young, S.J.
University of Cambridge, Computer Laboratory
1997-07
en
Text
UCAM-CL-TR-430
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-431
2017-07-13
The MCPL programming manual and user guide
Richards, Martin
University of Cambridge, Computer Laboratory
1997-07
en
Text
UCAM-CL-TR-431
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-432
2017-07-13
On two formal analyses of the Yahalom
protocol
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-07
en
Text
UCAM-CL-TR-432
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-432.pdf
The Yahalom protocol is one of those analyzed by Burrows et al.
in the BAN paper. Based upon their analysis, they have proposed
modifications to make the protocol easier to understand and
analyze. Both versions of Yahalom have now been proved, using
Isabelle/HOL, to satisfy strong security goals. The mathematical
reasoning behind these machine proofs is presented informally.
The new proofs do not rely on a belief logic; they use an
entirely different formal model, the inductive method. They
confirm the BAN analysis and the advantages of the proposed
modifications. The new proof methods detect more flaws than BAN
and analyze protocols in finer detail, while remaining broadly
consistent with the BAN principles. In particular, the proofs
confirm the explicitness principle of Abadi and Needham.
cam.ac.uk//UCAM-CL-TR-433
2017-07-13
Backtracking algorithms in MCPL using bit patterns and
recursion
Richards, Martin
University of Cambridge, Computer Laboratory
1997-07
en
Text
UCAM-CL-TR-433
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-434
2017-07-13
Demonstration programs for CTL and μ-calculus symbolic
model checking
Richards, Martin
University of Cambridge, Computer Laboratory
1997-08
en
Text
UCAM-CL-TR-434
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-435
2017-07-13
Global/local subtyping for a distributed
π-calculus
Sewell, Peter
University of Cambridge, Computer Laboratory
1997-08
en
Text
UCAM-CL-TR-435
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-435.ps.gz
In the design of mobile agent programming languages there is a
tension between the implementation cost and the expressiveness
of the communication mechanisms provided. This paper gives a
static type system for a distributed π-calculus in which the
input and output of channels may be either global or local. This
allows compile-time optimization where possible but retains the
expressiveness of channel communication. Subtyping allows all
communications to be invoked uniformly. Recursive types and
products are included. The distributed π-calculus used
integrates location and migration primitives from the
Distributed Join Calculus with asynchronous π communication,
taking a simple reduction semantics. Some alternative calculi
are discussed.
cam.ac.uk//UCAM-CL-TR-436
2017-07-13
A new method for estimating optical flow
Clocksin, W.F.
University of Cambridge, Computer Laboratory
1997-11
en
Text
UCAM-CL-TR-436
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-436.pdf
Accurate and high density estimation of optical flow vectors in
an image sequence is accomplished by a method that estimates the
velocity distribution function for small overlapping regions of
the image. Because the distribution is multimodal, the method
can accurately estimate the change in velocity near motion
contrast borders. Large spatiotemporal support without
sacrificing spatial resolution is a feature of the method, so it
is not necessary to smooth the resulting flow vectors in a
subsequent operation, and there is a certain degree of
resistance to aperture and aliasing effects. Spatial support
also provides for the accurate estimation of long-range
displacements, and subpixel accuracy is achieved by a simple
weighted mean near the mode of the velocity distribution
function.
The method is demonstrated using image sequences obtained from
the analysis of ceramic and metal materials under stress. The
performance of the system under degenerate conditions is also
analysed to provide insight into the behaviour of optical flow
methods in general.
cam.ac.uk//UCAM-CL-TR-437
2016-07-22
Trusting in computer systems
Harbison, William S.
University of Cambridge, Computer Laboratory
1997-12
en
Text
UCAM-CL-TR-437
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-437.pdf
We need to be able to reason about large systems, and not just
about their components. For this we need new conceptual tools,
and this dissertation therefore indicates the need for a new
methodology which will allow us to better identify areas of
possible conflict or lack of knowledge in a system.
In particular, it examines at the concept of trust, and how this
can help us to understand the basic security aspects of a
system. The main proposal of this present work is that systems
are viewed in a manner which analyses the conditions under which
they have been designed to perform, and the circumstances under
which they have been implemented, and then compares the two.
This problem is then examined from the point of what is being
trusted in a system, or what it is being trusted for.
Starting from an approach developed in a military context, we
demonstrate how this can lead to unanticipated risks when
applied inappropriately. We further suggest that ‘trust’ be
considered a relative concept, in contast to the more usual
usage, and that it is not the result of knowledge but a
substitute for it. The utility of these concepts is in their
ability to quantify the risks associated with a specific
participant, whether these are explicitly accepted by them, or
not.
We finally propose a distinction between ‘trust’ and
‘trustworthy’ and demonstrate that most current uses of the term
‘trust’ are more appropriately viewed as statements of
‘trustworthiness’. Ultimately, therefore, we suggest that the
traditional “Orange Book” concept of trust resulting from
knowledge can violate the security policy of a system.
cam.ac.uk//UCAM-CL-TR-438
2016-07-22
An architecture for scalable and deterministic video
servers
Shi, Feng
University of Cambridge, Computer Laboratory
1997-11
en
Text
UCAM-CL-TR-438
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-438.pdf
A video server is a storage system that can provide a repository
for continuous media (CM) data and sustain CM stream delivery
(playback or recording) through networks. The voluminous nature
of CM data demands a video server to be scalable in order to
serve a large number of concurrent client requests. In addition,
deterministic services can be provided by a video server for
playback because the characteristics of variable bit rate (VBR)
video can be analysed in advance and used in run-time admission
control (AC) and data retrieval.
Recent research has made gigabit switches a reality, and the
cost/performance ratio of microprocessors and standard PCs is
dropping steadily. It would be more cost effective and flexible
to use off-the-shelf components inside a video server with a
scalable switched network as the primary interconnect than to
make a special purpose or massively parallel multiprocessor
based video server. This work advocates and assumes such a
scalable video server structure in which data is striped to
multiple peripherals attached directly to a switched network.
However, most contemporary distributed file systems do not
support data distribution across multiple networked nodes, let
alone providing quality of service (QoS) to CM applications at
the same time. It is the observation of this dissertation that
the software system framework for network striped video servers
is as important as the scalable hardware architecture itself.
This leads to the development of a new system architecture,
which is scalable, flexible and QoS aware, for scalable and
deterministic video servers. The resulting srchitecture is
called Cadmus from sCAlable and Deterministic MUlitmedia
Servers.
Cadmus also provides integrated solutions to AC and actual QoS
enforcement in storage nodes. This is achieved by considering
resources such as CPU buffer, disk, and network, simultaneously
but not independently and by including both real-time (RT) and
non-real-time (NRT) activities, In addition, the potential to
smooth the variability of VBR videos using read-ahead under
client buffer constraints is identified. A new smoothing
algorithm is presented, analysed, and incorporated into the
Cadmus architecture.
A prototype implementation of Cadmus has been constructed based
on distributed object computing and hardware modules directly
connected to an Asynchronous Transfer Mode (ATM) network.
Experiments were performed to evaluate the implementation and
demonstrate the utility and feasibility of the architecture and
its AC criteria.
cam.ac.uk//UCAM-CL-TR-439
2016-07-22
Applying mobile code to distributed systems
Halls, David A.
University of Cambridge, Computer Laboratory
1997-12
en
Text
UCAM-CL-TR-439
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-440
2017-07-13
Inductive analysis of the internet protocol
TLS
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1997-12
en
Text
UCAM-CL-TR-440
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-440.pdf
Internet browsers use security protocols to protect confidential
messages. An inductive analysis of TLS (a descendant of SSL 3.0)
has been performed using the theorem prover Isabelle. Proofs are
based on higher-order logic and make no assumptions concerning
beliefs or finiteness. All the obvious security goals can be
proved; session resumption appears to be secure even if old
session keys have been compromised. The analysis suggests modest
changes to simplify the protocol.
TLS, even at an abstract level, is much more complicated than
most protocols that researchers have verified. Session keys are
negotiated rather than distributed, and the protocol has many
optional parts. Nevertheless, the resources needed to verify TLS
are modest. The inductive approach scales up.
cam.ac.uk//UCAM-CL-TR-441
2017-07-13
A generic tableau prover and its integration with
Isabelle
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-01
en
Text
UCAM-CL-TR-441
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-441.pdf
A generic tableau prover has been implemented and integrated
with Isabelle. It is based on leantap but is much more
complicated, with numerous modifications to allow it to reason
with any supplied set of tableau rules. It has a higher-order
syntax in order to support the binding operators of set theory;
unification is first-order (extended for bound variables in
obvious ways) instead of higher-order, for simplicity.
When a proof is found, it is returned to Isabelle as a list of
tactics. Because Isabelle verifies the proof, the prover can cut
corners for efficiency’s sake without compromising soundness.
For example, it knows almost nothing about types.
cam.ac.uk//UCAM-CL-TR-442
2018-03-27
A combination of nonstandard analysis and geometry
theorem proving, with application to Newton’s
Principia
Fleuriot, Jacques
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-01
en
Text
UCAM-CL-TR-442
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-442.ps.gz
The theorem prover Isabelle is used to formalise and reproduce
some of the styles of reasoning used by Newton in his Principia.
The Principia’s reasoning is resolutely geometric in nature but
contains “infinitesimal” elements and the presence of motion
that take it beyond the traditional boundaries of Euclidean
Geometry. These present difficulties that prevent Newton’s
proofs from being mechanised using only the existing geometry
theorem proving (GTP) techniques.
Using concepts from Robinson’s Nonstandard Analysis (NSA) and a
powerful geometric theory, we introduce the concept of an
infinitesimal geometry in which quantities can be infinitely
small or infinitesimal. We reveal and prove new properties of
this geometry that only hold because infinitesimal elements are
allowed and use them to prove lemmas and theorems from the
Principia.
cam.ac.uk//UCAM-CL-TR-443
2017-07-13
The inductive approach to verifying cryptographic
protocols
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-02
en
Text
UCAM-CL-TR-443
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-443.pdf
Informal arguments that cryptographic protocols are secure can
be made rigorous using inductive definitions. The approach is
based on ordinary predicate calculus and copes with
infinite-state systems. Proofs are generated using Isabelle/HOL.
The human effort required to analyze a protocol can be as little
as a week or two, yielding a proof script that takes a few
minutes to run.
Protocols are inductively defined as sets of traces. A trace is
a list of communication events, perhaps comprising many
interleaved protocol runs. Protocol descriptions incorporate
attacks and accidental losses. The model spy knows some private
keys and can forge messages using components decrypted from
previous traffic. Three protocols are analyzed below: Otway-Rees
(which uses shared-key encryption), Needham-Schroeder (which
uses public-key encryption), and a recursive protocol (which is
of variable length).
One can prove that event ev always precedes event ev′ or that
property P holds provided X remains secret. Properties can be
proved from the viewpoint of the various principals: say, if A
receives a final message from B then the session key it conveys
is good.
cam.ac.uk//UCAM-CL-TR-444
2017-07-13
From rewrite rules to bisimulation
congruences
Sewell, Peter
University of Cambridge, Computer Laboratory
1998-05
en
Text
UCAM-CL-TR-444
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-444.ps.gz
The dynamics of many calculi can be most clearly defined by
reduction semantics. To work with a calculus, however, an
understanding of operational congruences is fundamental; these
can often be given tractable definitions or characterisations
using a labelled transition semantics. This paper considers
calculi with arbitary reduction semantics of three simple
classes, firstly ground term rewriting, then left-linear term
rewriting, and then a class which is esentially the action
calculi lacking substantive name binding. General definitions of
labelled transitions are given in each case, uniformly in the
set of rewrite rules, and without requiring the prescription of
additional notions of observation. They give rise to
bisimulation congruences. As a test of the theory it is shown
that bisimulation for a fragment of CCS is recovered. The
transitions generated for a fragment of the Ambient Calculus of
Cardelli and Gordon, and for SKI combinators, are also discussed
briefly.
cam.ac.uk//UCAM-CL-TR-445
2018-03-27
Secure sessions from weak secrets
Roe, Michael
Christianson, Bruce
Wheeler, David
University of Cambridge, Computer Laboratory
1998-07
en
Text
UCAM-CL-TR-445
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-445.pdf
Sometimes two parties who share a weak secret k (such as a
password) wish to share a strong secret s (such as a session
key) without revealing information about k to a (possibly
active) attacker. We assume that both parties can generate
strong random numbers and forget secrets, and present three
protocols for secure strong secret sharing, based on RSA,
Diffie-Hellman and El-Gamal. As well as being simpler and
quicker than their predecessors, our protocols also have
slightly stronger security properties: in particular, they make
no cryptographic use of s and so impose no subtle restrictions
upon the use which is made of s by other protocols.
cam.ac.uk//UCAM-CL-TR-446
2017-07-13
A probabilistic model of information and retrieval:
development and status
Spärck Jones, K.
Walker, S.
Robertson, S.E.
University of Cambridge, Computer Laboratory
1998-08
en
Text
UCAM-CL-TR-446
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-446.ps.gz
The paper combines a comprehensive account of the probabilistic
model of retrieval with new systematic experiments on TREC
Programme material. It presents the model from its foundations
through its logical development to cover more aspects of
retrieval data and a wider range of system functions. Each step
in the argument is matched by comparative retrieval tests, to
provide a single coherent account of a major line of research.
The experiments demonstrate, for a large test collection, that
the probabilistic model is effective and robust, and that it
responds appropriately, with major improvements in performance,
to key features of retrieval situations.
cam.ac.uk//UCAM-CL-TR-447
2017-07-13
Are timestamps worth the effort? A formal
treatment
Bella, Giampaolo
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-09
en
Text
UCAM-CL-TR-447
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-447.pdf
Theorem proving provides formal and detailed support to the
claim that timestamps can give better freshness guarantees than
nonces do, and can simplify the design of crypto-protocols.
However, since they rely on synchronised clocks, their benefits
are still debatable. The debate should gain from our formal
analysis, which is achieved through the comparison of a
nonce-based crypto-protocol, Needham-Schroeder, with its natural
modification by timestamps, Kerberos.
cam.ac.uk//UCAM-CL-TR-448
2017-07-06
A computational interpretation of the λμ
calculus
Bierman, G.M.
University of Cambridge, Computer Laboratory
1998-09
en
Text
UCAM-CL-TR-448
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-449
2017-07-06
Locales : A sectioning concept for Isabelle
Kammüller, Florian
Wenzel, Markus
University of Cambridge, Computer Laboratory
1998-10
en
Text
UCAM-CL-TR-449
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-450
2016-07-22
Open service support for ATM
van der Merwe, Jacobus Erasmus
University of Cambridge, Computer Laboratory
1998-11
en
Text
UCAM-CL-TR-450
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-451
2016-07-22
The structure of open ATM control
architectures
Rooney, Sean
University of Cambridge, Computer Laboratory
1998-11
en
Text
UCAM-CL-TR-451
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-452
2017-07-13
A formal proof of Sylow’s theorem : An experiment in
abstract algebra with Isabelle Hol
Kammüller, Florian
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1998-11
en
Text
UCAM-CL-TR-452
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-452.pdf
The theorem of Sylow is proved in Isabelle HOL. We follow the
proof by Wielandt that is more general than the original and
uses a non-trivial combinatorial identity. The mathematical
proof is explained in some detail leading on to the
mechanization of group theory and the necessary combinatorics in
Isabelle. We present the mechanization of the proof in detail
giving reference to theorems contained in an appendix. Some weak
points of the experiment with respect to a natural treatment of
abstract algebraic reasoning give rise to a discussion of the
use of module systems to represent abstract algebra in theorem
provers. Drawing from that, we present tentative ideas for
further research into a section concept for Isabelle.
cam.ac.uk//UCAM-CL-TR-453
2016-07-22
C formalised in HOL
Norrish, Michael
University of Cambridge, Computer Laboratory
1998-12
en
Text
UCAM-CL-TR-453
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-453.pdf
We present a formal semantics of the C programming language,
covering both the type system and the dynamic behaviour of
programs. The semantics is wide-ranging, covering most of the
language, with its most significant omission being the C
library. Using a structural operational semantics we specify
transition relations for C’s expressions, statements and
declarations in higher order logic.
The consistency of our definition is assured by its
specification in the HOL theorem prover. With the theorem
prover, we have used the semantics as the basis for a set of
proofs of interesting theorems about C. We investigate
properties of expressions and statements separately.
In our chapter of results about expressions, we begin with two
results about the interaction between the type system and the
dynamic semantics. We have both type preservation, that the
values produced by expressions conform to the type predicted for
them; and type safety, that typed expressions will not block,
but will either evaluate to a value, or cause undefined
behaviour. We then also show that two broad classes of
expression are deterministic. This last result is of
considerable practical value as it makes later verification
proofs significantly easier.
In our chapter of results about statements, we prove a series of
derived rules that provide C with Floyd-Hoare style “axiomatic”
rules for verifying properties of programs. These rules are
consequences of the original semantics, not independently stated
axioms, so we can be sure of their soundness. This chapter also
proves the correctness of an automatic tool for constructing
post-conditions for loops with break and return statements.
Finally, we perform some simple verification case studies, going
some way towards demonstrating practical utility for the
semantics and accompanying tools.
This technical report is substantially the same as the PhD
thesis I submitted in August 1998. The minor differences between
that document and this are principally improvements suggested by
my examiners Andy Gordon and Tom Melham, whom I thank for their
help and careful reading.
cam.ac.uk//UCAM-CL-TR-454
2017-07-06
Parametric polymorphism and operational
equivalence
Pitts, Andrew M.
University of Cambridge, Computer Laboratory
1998-12
en
Text
UCAM-CL-TR-454
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-455
2017-07-06
Multiple modalities
Bierman, G.M.
University of Cambridge, Computer Laboratory
1998-12
en
Text
UCAM-CL-TR-455
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-456
2016-07-22
An evaluation based approach to process
calculi
Ross, Joshua Robert Xavier
University of Cambridge, Computer Laboratory
1999-01
en
Text
UCAM-CL-TR-456
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-457
2018-03-27
A concurrent object calculus: reduction and
typing
Gordon, Andrew D.
Hankin, Paul D.
University of Cambridge, Computer Laboratory
1999-02
en
Text
UCAM-CL-TR-457
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-458
2017-07-13
Final coalgebras as greatest fixed points in ZF set
theory
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1999-03
en
Text
UCAM-CL-TR-458
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-458.pdf
A special final coalgebra theorem, in the style of Aczel (1988),
is proved within standard Zermelo-Fraenkel set theory. Aczel’s
Anti-Foundation Axiom is replaced by a variant definition of
function that admits non-well-founded constructions. Variant
ordered pairs and tuples, of possibly infinite length, are
special cases of variant functions. Analogues of Aczel’s
solution and substitution lemmas are proved in the style of
Rutten and Turi (1993). The approach is less general than
Aczel’s, but the treatment of non-well-founded objects is simple
and concrete. The final coalgebra of a functor is its greatest
fixedpoint. Compared with previous work (Paulson, 1995a),
iterated substitutions and solutions are considered, as well as
final coalgebras defined with respect to parameters. The
disjoint sum construction is replaced by a smoother treatment of
urelements that simplifies many of the derivations. The theory
facilitates machine implementation of recursive definitions by
letting both inductive and coinductive definitions be
represented as fixedpoints. It has already been applied to the
theorem prover Isabelle (Paulson, 1994).
cam.ac.uk//UCAM-CL-TR-459
2016-07-22
An open parallel architecture for data-intensive
applications
Afshar, Mohamad
University of Cambridge, Computer Laboratory
1999-07
en
Text
UCAM-CL-TR-459
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-459.ps.gz
Data-intensive applications consist of both declarative
data-processing parts and imperative computational parts. For
applications such as climate modelling, scale hits both the
computational aspects which are typically handled in a
procedural programming language, and the data-processing aspects
which are handled in a database query language. Although
parallelism has been successfully exploited in the
data-processing parts by parallel evaluation of database queries
associated with the application, current database query
languages are poor at expressing the computational aspects,
which are also subject to scale.
This thesis proposes an open architecture that delivers
parallelism shared between the database, system and application,
thus enabling the integration of the conventionally separated
query and non-query components of a data-intensive application.
The architecture is data-model independent and can be used in a
variety of different application areas including
decision-support applications, which are query based, and
complex applications, which comprise procedural language
statements with embedded queries. The architecture encompasses a
unified model of parallelism and the realisation of this model
in the form of a language within which it is possible to
describe both the query and non-query components of
data-intensive applications. The language enables the
construction of parallel applications by the hierarchical
composition of platform-independent parallel forms, each of
which implements a form of task or data parallelism. These forms
may be used to determine both query and non-query actions.
Queries are expressed in a declarative language based on “monoid
comprehensions”. The approach of using monoids to model data
types and monoid homomorphisms to iterate over collection types
enables mathematically provable compile-time optimisations
whilst also facilitating multiple collection types and data type
extensibility. Monoid comprehension programs are automatically
transformed into parallel programs composed of applications of
the parallel forms, one of which is the “monoid homomorphism”.
This process involves identifying the parts of a query where
task and data parallelism are available and mapping that
parallelism onto the most suitable form. Data parallelism in
queries is mapped onto a form that implements combining tree
parallelism for query evaluation and dividing tree parallelism
to realise data partitioning. Task parallelism is mapped onto
two separate forms that implement pipeline and independent
parallelism. This translation process is applied to all
comprehension queries including those in complex applications.
The result is a skeleton program in which both the query and
non-query parts are expressed within a single language.
Expressions in this language are amenable to the application of
optimising skeleton rewrite rules.
A complete prototype of the decision-support architecture has
been constructed on a 128-cell MIMD parallel computer. A
demonstration of the utility of the query framework is performed
by modelling some of OQL and a substantial subset of SQL. The
system is evaluated for query speedup with a number of hardware
configurations using a large music catalogue database. The
results obtained show that the implementation delivers the
performance gains expected while offering a convenient
definition of the parallel environment.
cam.ac.uk//UCAM-CL-TR-460
2017-07-06
Message reception in the inductive approach
Bella, Giampaolo
University of Cambridge, Computer Laboratory
1999-03
en
Text
UCAM-CL-TR-460
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-460.pdf
Cryptographic protocols can be formally analysed in great detail
by means of Paulson’s Inductive Approach, which is mechanised by
the theorem prover Isabelle. The approach only relied on message
sending (and noting) in order to keep the models simple. We
introduce a new event, message reception, and show that the
price paid in terms of runtime is negligible because old proofs
can be reused. On the other hand, the new event enhances the
global expressiveness, and makes it possible to define an
accurate notion of agents’ knowledge, which extends and replaces
Paulson’s notion of spy’s knowledge. We have designed new
guarantees to assure each agent that the peer does not know the
crucial message items of the session. This work thus extends the
scope of the Inductive approach. Finally, we provide general
guidance on updating the protocols analysed so far, and give
examples for some cases.
cam.ac.uk//UCAM-CL-TR-461
2017-07-13
Integrating Gandalf and HOL
Hurd, Joe
University of Cambridge, Computer Laboratory
1999-03
en
Text
UCAM-CL-TR-461
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-461.pdf
Gandalf is a first-order resolution theorem-prover, optimized
for speed and specializing in manipulations of large clauses. In
this paper I describe GANDALF TAC, a HOL tactic that proves
goals by calling Gandalf and mirroring the resulting proofs in
HOL. This call can occur over a network, and a Gandalf server
may be set up servicing multiple HOL clients. In addition, the
translation of the Gandalf proof into HOL fits in with the LCF
model and guarantees logical consistency.
cam.ac.uk//UCAM-CL-TR-462
2018-03-27
Location-independent communication for mobile agents: a
two-level architecture
Sewell, Peter
Wojciechowski, Paweł T.
Pierce, Benjamin C.
University of Cambridge, Computer Laboratory
1999-04
en
Text
UCAM-CL-TR-462
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-462.ps.gz
We study communication primitives for interaction between mobile
agents. They can be classified into two groups. At a low level
there are location dependent primitives that require a
programmer to know the current site of a mobile agent in order
to communicate with it. At a high level there are location
independent primitives that allow communication with a mobile
agent irrespective of its current site and of any migrations.
Implementation of these requires delicate distributed
infrastructure. We propose a simple calculus of agents that
allows implementation of such distributed infrastructure
algorithms to be expressed as encodings, or compilations, of the
whole calculus into the fragment with only location dependent
communication. These encodings give executable descriptions of
the algorithms, providing a clean implementation strategy for
prototype languages. The calculus is equipped with a precise
semantics, providing a solid basis for understanding the
algorithms and reasoning about their correctness and robustness.
Two sample infrastructure algorithms are presented as encodings.
cam.ac.uk//UCAM-CL-TR-463
2017-07-13
Secure composition of insecure components
Sewell, Peter
Vitek, Jan
University of Cambridge, Computer Laboratory
1999-04
en
Text
UCAM-CL-TR-463
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-463.ps.gz
Software systems are becoming heteroheneous: instead of a small
number of large programs from well-established sources, a user’s
desktop may now consist of many smaller components that interact
in intricate ways. Some components will be downloaded from the
network from sources that are only partially trusted. A user
would like to know that a number of security properties hold,
e.g. that personal data is not leaked to the net, but it is
typically infaesible to verify that such components are
well-behaved. Instead they must be executed in a secure
environment, or wrapper, that provides fine-grain control of the
allowable interactions between them, and between components and
other system resources.
In this paper we study such wrappers, focussing on how they can
be expressed in a way that enables their security properties to
be stated and proved rigorously. We introduce a model
programming language, the box-π calculus, that supports
composition of software components and the enforcement of
security policies. Several example wrappers are expressed using
the calculus; we explore the delicate security properties they
guarantee.
cam.ac.uk//UCAM-CL-TR-464
2017-07-13
Feature representation for the automatic analysis of
fluorescence in-situ hybridization images
Lerner, Boaz
Clocksin, William
Dhanjal, Seema
Hultén, Maj
Bishop, Christipher
University of Cambridge, Computer Laboratory
1999-05
en
Text
UCAM-CL-TR-464
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-465
2017-07-06
Gelfish – graphical environment for labelling FISH
images
Lerner, Boaz
Dhanjal, Seema
Hultén, Maj
University of Cambridge, Computer Laboratory
1999-05
en
Text
UCAM-CL-TR-465
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-466
2017-07-13
Automatic signal classification in fluorescence in-situ
hybridization images
Lerner, Boaz
Clocksin, William
Dhanjal, Seema
Hultén, Maj
Bishop, Christipher
University of Cambridge, Computer Laboratory
1999-05
en
Text
UCAM-CL-TR-466
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-467
2017-07-13
Mechanizing UNITY in Isabelle
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
1999-06
en
Text
UCAM-CL-TR-467
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-467.pdf
UNITY is an abstract formalism for proving properties of
concurrent systems, which typically are expressed using guarded
assignments [Chandy and Misra 1988]. UNITY has been mechanized
in higher-order logic using Isabelle, a proof assistant. Safety
and progress primitives, their weak forms (for the substitution
axiom) and the program composition operator (union) have been
formalized. To give a feel for the concrete syntax, the paper
presents a few extracts from the Isabelle definitions and
proofs. It discusses a small example, two-process mutual
exclusion. A mechanical theory of unions of programs supports a
degree of compositional reasoning. Original work on extending
program states is presented and then illustrated through a
simple example involving an array of processes.
cam.ac.uk//UCAM-CL-TR-468
2016-07-22
Synthesis of asynchronous circuits
Wilcox, Stephen Paul
University of Cambridge, Computer Laboratory
1999-07
en
Text
UCAM-CL-TR-468
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-468.pdf
The majority of integrated circuits today are synchronous: every
part of the chip times its operation with reference to a single
global clock. As circuits become larger and faster, it becomes
progressively more difficult to coordinate all actions of the
chip to the clock. Asynchronous circuits do not suffer from this
problem, because they do not require global synchronization;
they also offer other benefits, such as modularity, lower power
and automatic adaptation to physical conditions.
The main disadvantage of asynchronous circuits is that there are
few tools to help with design. This thesis describes a new
synthesis tool for asynchronous modules, which combines a number
of novel ideas with existing methods for finite state machine
synthesis. Connections between modules are assumed to have
unbounded finite delays on all wires, but fundamental mode is
used inside modules, rather than the pessimistic
speed-independent or quasi-delay-insensitive models. Accurate
technology-specific verification is performed to check that
circuits work correctly.
Circuits are described using a language based upon the Signal
Transition Graph, which is a well-known method for specifying
asynchronous circuits. Concurrency reduction techniques are used
to produce a large number of circuits that conform to a given
specification. Circuits are verified using a simulation
algorithm derived from the work of Brzozowski and Seger, and
then performance estimations are obtained by a gate-level
simulator utilising a new estimation of waveform slopes.
Circuits can be ranked in terms of high speed, low power
dissipation or small size, and then the best circuit for a
particular task chosen.
Results are presented that show significant improvements over
most circuits produced by other synthesis tools. Some circuits
are twice as fast and dissipate half the power of equivalent
speed-independent circuits. Specification examples are provided
which show that the front-end specification is easier to use
than current specification approaches. The price that must be
paid for the improved performance is decreased reliability and
technology dependence of the circuits produced; the proposed
tool can also can a very long time to produce a result.
cam.ac.uk//UCAM-CL-TR-469
2016-07-22
A combination of geometry theorem proving and
nonstandard analysis, with application to Newton’s
Principia
Fleuriot, Jacques Désiré
University of Cambridge, Computer Laboratory
1999-08
en
Text
UCAM-CL-TR-469
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-470
2016-07-22
Modular reasoning in Isabelle
Kammüller, Florian
University of Cambridge, Computer Laboratory
1999-08
en
Text
UCAM-CL-TR-470
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-471
2017-07-13
Murphy’s law, the fitness of evolving species, and the
limits of software reliability
Brady, Robert M.
Anderson, Ross J.
Ball, Robin C.
University of Cambridge, Computer Laboratory
1999-09
en
Text
UCAM-CL-TR-471
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-471.pdf
We tackle two problems of interest to the software assurance
community. Firstly, existing models of software development
(such as the waterfall and spiral models) are oriented towards
one-off software development projects, while the growth of mass
market computing has led to a world in which most software
consists of packages which follow an evolutionary development
model. This leads us to ask whether anything interesting and
useful may be said about evolutionary development. We answer in
the affirmative. Secondly, existing reliability growth models
emphasise the Poisson distribution of individual software bugs,
while the empirically observed reliability growth for large
systems is asymptotically slower than this. We provide a
rigorous explanation of this phenomenon. Our reliability growth
model is inspired by statistical thermodynamics, but also
applies to biological evolution. It is in close agreement with
experimental measurements of the fitness of an evolving species
and the reliability of commercial software products. However, it
shows that there are significant differences between the
evolution of software and the evolution of species. In
particular, we establish maximisation properties corresponding
to Murphy’s law which work to the advantage of a biological
species, but to the detriment of software reliability.
cam.ac.uk//UCAM-CL-TR-472
2016-07-22
Simulating music learning with autonomous listening
agents: entropy, ambiguity and context
Reis, Ben Y.
University of Cambridge, Computer Laboratory
1999-09
en
Text
UCAM-CL-TR-472
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-473
2016-07-22
Computer algebra and theorem proving
Ballarin, Clemens
University of Cambridge, Computer Laboratory
1999-10
en
Text
UCAM-CL-TR-473
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-474
2017-07-06
A Bayesian methodology and probability density
estimation for fluorescence in-situ hybridization signal
classification
Lerner, Boaz
University of Cambridge, Computer Laboratory
1999-10
en
Text
UCAM-CL-TR-474
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-475
2018-03-27
A comparison of state-of-the-art classification
techniques with application to cytogenetics
Lerner, Boaz
Lawrence, Neil D.
University of Cambridge, Computer Laboratory
1999-10
en
Text
UCAM-CL-TR-475
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-476
2018-03-27
Linking ACL2 and HOL
Staples, Mark
University of Cambridge, Computer Laboratory
1999-11
en
Text
UCAM-CL-TR-476
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-477
2017-07-06
Presheaf models for CCS-like languages
Cattani, Gian Luca
Winskel, Glynn
University of Cambridge, Computer Laboratory
1999-11
en
Text
UCAM-CL-TR-477
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-478
2017-07-13
Secure composition of untrusted code: wrappers and
causality types
Sewell, Peter
Vitek, Jan
University of Cambridge, Computer Laboratory
1999-11
en
Text
UCAM-CL-TR-478
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-478.ps.gz
We consider the problem of assembling concurrent software
systems from untrusted or partially trusted off-the-shelf
components, using wrapper programs to encapsulate components and
enforce security policies. In previous work we introduced the
box-π process calculus with constrained interaction to express
wrappers and discussed the rigorous formulation of their
security properties. This paper addresses the verification of
wrapper information flow properties. We present a novel causal
type system that statically captures the allowed flows between
wrapped possibly-badly-typed components; we use it to prove that
a unidirectional-flow wrapper enforces a causal flow property.
cam.ac.uk//UCAM-CL-TR-479
2016-07-22
The interaction between fault tolerance and
security
Price, Geraint
University of Cambridge, Computer Laboratory
1999-12
en
Text
UCAM-CL-TR-479
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-479.pdf
This dissertation studies the effects on system design when
including fault tolerance design principles within security
services.
We start by looking at the changes made to the trust model
within protocol design, and how moving away from trusted server
design principles affects the structure of the protocol. Taking
the primary results from this work, we move on to study how
control in protocol execution can be used to increase assurances
in the actions of legitimate participants. We study some
examples, defining two new classes of attack, and note that by
increasing client control in areas of protocol execution, it is
possible to overcome certain vulnerabilities.
We then look at different models in fault tolerance, and how
their adoption into a secure environment can change the design
principles and assumptions made when applying the models.
We next look at the application of timing checks in protocols.
There are some classes of timing attack that are difficult to
thwart using existing techniques, because of the inherent
unreliability of networked communication. We develop a method of
converting the Quality of Service mechanisms built into ATM
networks in order to achieve another layer of protection against
timing attacks.
We then study the use of primary-backup mechanisms within server
design, as previous work on server replication in security
centres on the use of the state machine approach for
replication, which provides a higher degree of assurance in
system design, but adds complexity.
We then provide a design for a server to reliably and securely
store objects across a loosely coupled, distributed environment.
The main goal behind this design was to realise the ability for
a client to exert control over the fault tolerance inherent in
the service.
The main conclusions we draw from our research are that fault
tolerance has a wider application within security than current
practices, which are primarily based on replicating servers, and
clients can exert control over the protocols and mechanisms to
achieve resilience against differing classes of attack. We
promote some new ideas on how, by challenging the prevailing
model for client-server architectures in a secure environment,
legitimate clients can have greater control over the services
they use. We believe this to be a useful goal, given that the
client stands to lose if the security of the server is
undermined.
cam.ac.uk//UCAM-CL-TR-480
2017-07-13
Programming combinations of deduction and BDD-based
symbolic calculation
Gordon, Mike
University of Cambridge, Computer Laboratory
1999-12
en
Text
UCAM-CL-TR-480
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-481
2018-03-27
Combining the Hol98 proof assistant with the BuDDy BDD
package
Gordon, Mike
Larsen, Ken Friis
University of Cambridge, Computer Laboratory
1999-12
en
Text
UCAM-CL-TR-481
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-482
2017-07-13
Biometric decision landscapes
Daugman, John
University of Cambridge, Computer Laboratory
2000-01
en
Text
UCAM-CL-TR-482
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-482.pdf
This report investigates the “decision landscapes” that
characterize several forms of biometric decision making. The
issues discussed include: (i) Estimating the degrees-of-freedom
associated with different biometrics, as a way of measuring the
randomness and complexity (and therefore the uniqueness) of
their templates. (ii) The consequences of combining more than
one biometric test to arrive at a decision. (iii) The
requirements for performing identification by large-scale
exhaustive database search, as opposed to mere verification by
comparison against a single template. (iv) Scenarios for
Biometric Key Cryptography (the use of biometrics for encryption
of messages). These issues are considered here in abstract form,
but where appropriate, the particular example of iris
recognition is used as an illustration. A unifying theme of all
four sets of issues is the role of combinatorial complexity, and
its measurement, in determining the potential decisiveness of
biometric decision making.
cam.ac.uk//UCAM-CL-TR-483
2016-07-22
Elastic network control
Bos, Hendrik Jaap
University of Cambridge, Computer Laboratory
2000-01
en
Text
UCAM-CL-TR-483
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-484
2016-07-22
Automatic summarising and the CLASP system
Tucker, Richard
University of Cambridge, Computer Laboratory
2000-01
en
Text
UCAM-CL-TR-484
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-484.pdf
This dissertation discusses summarisers and summarising in
general, and presents CLASP, a new summarising system that uses
a shallow semantic representation of the source text called a
“predication cohesion graph”.
Nodes in the graph are “simple predications” corresponding to
events, states and entities mentioned in the text; edges
indicate related or similar nodes. Summary content is chosen by
selecting some of these predications according to criteria of
“importance”, “representativeness” and “cohesiveness”. These
criteria are expressed as functions on the nodes of a weighted
graph. Summary text is produced either by extracting whole
sentences from the source text, or by generating short,
indicative “summary phrases” from the selected predications.
CLASP uses linguistic processing but no domain knowledge, and
therefore does not restrict the subject matter of the source
text. It is intended to deal robustly with complex texts that it
cannot analyse completely accurately or in full. Experiments in
summarising stories from the Wall Street Journal suggest there
may be a benefit in identifying important material in a semantic
representation rather than a surface one, but that, despite the
robustness of the source representation, inaccuracies in CLASP’s
linguistic analysis can dramatically affect the readability of
its summaries. I discuss ways in which this and other problems
might be overcome.
cam.ac.uk//UCAM-CL-TR-485
2017-07-13
Three notes on the interpretation of Verilog
Stewart, Daryl
VanInwegen, Myra
University of Cambridge, Computer Laboratory
2000-01
en
Text
UCAM-CL-TR-485
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-486
2016-07-22
Stretching a point: aspect and temporal
discourse
Thomas, James Richard
University of Cambridge, Computer Laboratory
2000-02
en
Text
UCAM-CL-TR-486
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-487
2003-01-09
Sequential program composition in UNITY
Vos, Tanja
Swierstra, Doaitse
University of Cambridge, Computer Laboratory
2000-03
en
Text
UCAM-CL-TR-487
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-488
2017-07-13
Formal verification of card-holder registration in
SET
Bella, Giampaolo
Massacci, Fabio
Paulson, Lawrence
Tramontano, Piero
University of Cambridge, Computer Laboratory
2000-03
en
Text
UCAM-CL-TR-488
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-489
2016-07-22
Designing a reliable publishing framework
Lee, Jong-Hyeon
University of Cambridge, Computer Laboratory
2000-04
en
Text
UCAM-CL-TR-489
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-489.pdf
Due to the growth of the Internet and the widespread adoption of
easy-to use web browsers, the web provides a new environment for
conventional as well as new businesses. Publishing on the web is
a fundamental and important means of supporting various
activities on the Internet such as commercial transactions,
personal home page publishing, medical information distribution,
public key certification and academic scholarly publishing.
Along with the dramatic growth of the web, the number of
reported frauds is increasing sharply. Since the Internet was
not originally designed for web publishing, it has some
weaknesses that undermine its reliability.
How can we rely on web publishing? In order to resolve this
question, we need to examine what makes people confident when
reading conventional publications printed on paper, to
investigate what attacks can erode confidence in web publishing,
and to understand the nature of publishing in general.
In this dissertation, we examine security properties and policy
models, and their applicability to publishing. We then
investigate the nature of publishing so that we can extract its
technical requirements. To help us understand the practical
mechanisms which might satisfy these requirements, some
applications of electronic publishing are discussed and some
example mechanisms are presented.
We conclude that guaranteed integrity, verifiable authenticity
and persistent availability of publications are required to make
web publishing more reliable. Hence we design a framework that
can support these properties. To analyse the framework, we
define a security policy for web publishing that focuses on the
guaranteed integrity and authenticity of web publications, and
then describe some technical primitives that enable us to
achieve our requirements. Finally, the Jikzi publishing
system—an implementation of our framework—is presented with
descriptions of its architecture and possible applications.
cam.ac.uk//UCAM-CL-TR-490
2019-05-28
Selective mesh refinement for rendering
Brown, Peter John Cameron
University of Cambridge, Computer Laboratory
2000-04
en
Text
UCAM-CL-TR-490
ISSN 1476-2986
A key task in computer graphics is the rendering of complex
models. As a result, there exist a large number of schemes for
improving the speed of the rendering process, many of which
involve displaying only a simplified version of a model. When
such a simplification is generated selectively, i.e. detail is
only removed in specific regions of a model, we term this
selective mesh refinement.
Selective mesh refinement can potentially produce a model
approximation which can be displayed at greatly reduced cost
while remaining perceptually equivalent to a rendering of the
original. For this reason, the field of selective mesh
refinement has been the subject of dramatically increased
interest recently. The resulting selective refinement methods,
though, are restricted in both the types of model which they can
handle and the form of output meshes which they can generate.
Our primary thesis is that a selectively refined mesh can be
produced by combining fragments of approximations to a model
without regard to the underlying approximation method. Thus we
can utilise existing approximation techniques to produce
selectively refined meshes in n-dimensions. This means that the
capabilities and characteristics of standard approximation
methods can be retained in our selectively refined models.
We also show that a selectively refined approximation produced
in this manner can be smoothly geometrically morphed into
another selective refinement in order to satisfy modified
refinement criteria. This geometric morphing is necessary to
ensure that detail can be added and removed from models which
are selectively refined with respect to their impact on the
current view frustum. For example, if a model is selectively
refined in this manner and the viewer approaches the model then
more detail may have to be introduced to the displayed mesh in
order to ensure that it satisfies the new refinement criteria.
By geometrically morphing this introduction of detail we can
ensure that the viewer is not distracted by “popping” artifacts.
We have developed a novel framework within which these proposals
have been verified. This framework consists of a generalised
resolution-based model representation, a means of specifying
refinement criteria and algorithms which can perform the
selective refinement and geometric morphing tasks. The framework
has allowed us to demonstrate that these twin tasks can be
performed both on the output of existing approximation
techniques and with respect to a variety of refinement criteria.
A HTML version of this thesis is at
https://www.cl.cam.ac.uk/research/rainbow/publications/pjcb/thesis/
cam.ac.uk//UCAM-CL-TR-491
2017-07-06
Is hypothesis testing useful for subcategorization
acquisition?
Korhonen, Anna
Gorrell, Genevive
McCarthy, Diana
University of Cambridge, Computer Laboratory
2000-05
en
Text
UCAM-CL-TR-491
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-492
2016-07-22
Nomadic Pict: language and infrastructure design for
mobile computation
Wojciechowski, Paweł Tomasz
University of Cambridge, Computer Laboratory
2000-06
en
Text
UCAM-CL-TR-492
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-492.pdf
Mobile agents – units of executing computation that can migrate
between machines – are likely to become an important enabling
technology for future distributed systems. We study the
distributed infrastructures required for location-independent
communication between migrating agents. These infrastructures
are problematic: the choice or design of an infrastructure must
be somewhat application-specific – any given algorithm will only
have satisfactory performance for some range of migration and
communication behaviour; the algorithms must be matched to the
expected properties (and robustness demands) of applications and
the failure characteristic of the communication medium. To study
this problem we introduce an agent programming language –
Nomadic Pict. It is designed to allow infrastructure algorithms
to be expressed clearly, as translations from a high-level
language to a lower level. The levels are based on
rigorously-defined process calculi, which provide sharp levels
of abstraction. In this dissertation we describe the language
and use it to develop a distributed infrastructure for an
example application. The language and examples have been
implemented; we conclude with a description of the compiler and
runtime system.
cam.ac.uk//UCAM-CL-TR-493
2016-07-22
Inductive verification of cryptographic
protocols
Bella, Giampaolo
University of Cambridge, Computer Laboratory
2000-07
en
Text
UCAM-CL-TR-493
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-493.pdf
The dissertation aims at tailoring Paulson’s Inductive Approach
for the analysis of classical cryptographic protocols towards
real-world protocols. The aim is pursued by extending the
approach with new elements (e.g. timestamps and smart cards),
new network events (e.g. message reception) and more expressive
functions (e.g. agents’ knowledge). Hence, the aim is achieved
by analysing large protocols (Kerberos IV and Shoup-Rubin), and
by studying how to specify and verify their goals.
More precisely, the modelling of timestamps and of a discrete
time are first developed on BAN Kerberos, while comparing the
outcomes with those of the BAN logic. The machinery is then
applied to Kerberos IV, whose complicated use of session keys
requires a dedicated treatment. Three new guarantees limiting
the spy’s abilities in case of compromise of a specific session
key are established. Also, it is discovered that Kerberos IV is
subject to an attack due to the weak guarantees of
confidentiality for the protocol responder.
We develop general strategies to investigate the goals of
authenticity, key distribution and non-injective agreement,
which is a strong form of authentication. These strategies
require formalising the agents’ knowledge of messages. Two
approaches are implemented. If an agent creates a message, then
he knows all components of the message, including the
cryptographic key that encrypts it. Alternatively, a broad
definition of agents’ knowledge can be developed if a new
network event, message reception, is formalised.
The concept of smart card as a secure device that can store
long-term secrets and perform easy computations is introduced.
The model cards can be stolen and/or cloned by the spy. The
kernel of their built-in algorithm works correctly, so they spy
cannot acquire unlimited knowledge from their use. However,
their functional interface is unreliable, so they send correct
outputs in an unspecified order. The provably secure protocol
based on smart cards designed by Shoup & Rubin is
mechanised. Some design weaknesses (unknown to the authors’
treatment by Bellare & Rogaway’s approach) are unveiled,
while feasible corrections are suggested and verified.
We realise that the evidence that a protocol achieves its goals
must be available to the peers. In consequence, we develop a new
a principle of prudent protocol design, goal availability, which
holds of a protocol when suitable guarantees confirming its
goals exist on assumptions that both peers can verify. Failure
to observe our principle raises the risk of attacks, as is the
case, for example, of the attack on Kerberos IV.
cam.ac.uk//UCAM-CL-TR-494
2016-07-22
An architecture for the notification, storage and
retrieval of events
Spiteri, Mark David
University of Cambridge, Computer Laboratory
2000-07
en
Text
UCAM-CL-TR-494
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-495
2016-07-22
Automatic recognition of words in Arabic
manuscripts
Khorsheed, Mohammad S.M.
University of Cambridge, Computer Laboratory
2000-07
en
Text
UCAM-CL-TR-495
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-495.pdf
The need to transliterate large numbers of historic Arabic
documents into machine-readable form has motivated new work on
offline recognition of Arabic script. Arabic script presents two
challenges: orthography is cursive and letter shape is context
sensitive.
This dissertation presents two techniques to achieve high word
recognition rates: the segmentation-free technique and the
segmentation-based technique. The segmentation-free technique
treats the word as a whole. The word image is first transformed
into a normalised polar image. The two-dimensional Fourier
transform is then applied to the polar image. This results in a
Fourier spectrum that is invariant to dilation, translation, and
rotation. The Fourier spectrum is used to form the word
template, or train the word model in the template-based and the
multiple hidden Markov model (HMM) recognition systems,
respectively. The recognition of an input word image is based on
the minimum distance measure from the word templates and the
maximum likelihood probability for the word models.
The segmentation-based technique uses a single hidden Markov
model, which is composed of multiple character-models. The
technique implements the analytic approach in which words are
segmented into smaller units, not necessarily characters. The
word skeleton is decomposed into a number of links in
orthographic order, it is then transferred into a sequence of
discrete symbols using vector quantisation. the training of each
character-model is performed using either: state assignment in
the lexicon-driven configuration or the Baum-Welch method in the
lexicon-free configuration. The observation sequence of the
input word is given to the hidden Markov model and the Viterbi
algorithm is applied to provide an ordered list of the candidate
recognitions.
cam.ac.uk//UCAM-CL-TR-496
2017-07-13
Contexts and embeddings for closed shallow action
graphs
Cattani, Gian Luca
Leifer, James J.
Milner, Robin
University of Cambridge, Computer Laboratory
2000-07
en
Text
UCAM-CL-TR-496
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-496.ps.gz
Action calculi, which have a graphical presentation, were
introduced to develop a theory shared among different calculi
for interactive systems. The π-calculus, the λ-calculus, Petri
nets, the Ambient calculus and others may all be represented as
action calculi. This paper develops a part of the shared theory.
A recent paper by two of the authors was concerned with the
notion of reactive system, essentially a category of process
contexts whose behaviour is presented as a reduction relation.
It was shown that one can, for any reactive system, uniformly
derive a labelled transition system whose associated behavioural
equivalence relations (e.g. trace equivalence or bisimilarity)
will be congruential, under the condition that certain relative
pushouts exist in the reactive system. In the present paper we
treat closed, shallow action calculi (those with no free names
and no nested actions) as a generic application of these
results. We define a category of action graphs and embeddings,
closely linked to a category of contexts which forms a reactive
system. This connection is of independent interest; it also
serves our present purpose, as it enables us to demonstrate that
appropriate relative pushouts exist.
Complemented by work to be reported elsewhere, this
demonstration yields labelled transition systems with
behavioural congruences for a substantial class of action
calculi. We regard this work as a step towards comparable
results for the full class.
cam.ac.uk//UCAM-CL-TR-497
2017-07-06
Towards a formal type system for ODMG OQL
Bierman, G.M.
Trigoni, A.
University of Cambridge, Computer Laboratory
2000-09
en
Text
UCAM-CL-TR-497
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-498
2017-07-13
Applied π – a brief tutorial
Sewell, Peter
University of Cambridge, Computer Laboratory
2000-07
en
Text
UCAM-CL-TR-498
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-498.pdf
This note provides a brief introduction to π-calculi and their
application to concurrent and distributed programming. Chapter 1
introduces a simple π-calculus and discusses the choice of
primitives, operational semantics (in terms of reductions and of
indexed early labelled transitions), operational equivalences,
Pict-style programming and typing. Chapter 2 goes on to discuss
the application of these ideas to distributed systems, looking
informally at the design of distributed π-calculi with grouping
and interaction primitives. Chapter 3 returns to typing, giving
precise definitions for a simple type system and soundness
results for the labelled transition semantics. Finally, Chapters
4 and 5 provide a model development of the metatheory, giving
first an outline and then detailed proofs of the results stated
earlier. The note can be read in the partial order 1.(2+3+4.5).
cam.ac.uk//UCAM-CL-TR-499
2016-07-22
Enhancing spatial deformation for virtual
sculpting
Gain, James Edward
University of Cambridge, Computer Laboratory
2000-08
en
Text
UCAM-CL-TR-499
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-499.pdf
The task of computer-based free-form shape design is fraught
with practical and conceptual difficulties. Incorporating
elements of traditional clay sculpting has long been recognised
as a means of shielding a user from the complexities inherent in
this form of modelling. The premise is to deform a
mathematically-defined solid in a fashion that loosely simulates
the physical moulding of an inelastic substance, such as
modelling clay or silicone putty. Virtual sculpting combines
this emulation of clay sculpting with interactive feedback.
Spatial deformations are a class of powerful modelling
techniques well suited to virtual sculpting. They indirectly
reshape an object by warping the surrounding space. This is
analogous to embedding a flexible shape within a lump of jelly
and then causing distortions by flexing the jelly. The user
controls spatial deformations by manipulating points, curves or
a volumetric hyperpatch. Directly Manipulated Free-Form
Deformation (DMFFD), in particular, merges the hyperpatch- and
point-based approaches and allows the user to pick and drag
object points directly.
This thesis embodies four enhancements to the versatility and
validity of spatial deformation:
1. We enable users to specify deformations by manipulating the
normal vector and tangent plane at a point. A first derivative
frame can be tilted, twisted and scaled to cause a corresponding
distortion in both the ambient space and inset object. This
enhanced control is accomplished by extending previous work on
bivariate surfaces to trivariate hyperpatches.
2. We extend DMFFD to enable curve manipulation by exploiting
functional composition and degree reduction. Although the
resulting curve-composed DMFFD introduces some modest and
bounded approximation, it is superior to previous curve-based
schemes in other respects. Our technique combines all three
forms of spatial deformation (hyperpatch, point and curve), can
maintain any desired degree of derivative continuity, is
amenable to the automatic detection and prevention of
self-intersection, and achieves interactive update rates over
the entire deformation cycle.
3. The approximation quality of a polygon-mesh object frequently
degrades under spatial deformation to become either
oversaturated or undersaturated with polygons. We have devised
an efficient adaptive mesh refinement and decimation scheme. Our
novel contributions include: incorporating fully symmetrical
decimation, reducing the computation cost of the
refinement/decimation trigger, catering for boundary and crease
edges, and dealing with sampling problems.
4. The potential self-intersection of an object is a serious
weakness in spatial deformation. We have developed a variant of
DMFFD which guards against self-intersection by subdividing
manipulations into injective (one-to-one) mappings. This depends
on three novel contributions: analytic conditions for
identifying self-intersection, and two injectivity tests (one
exact but computationally costly and the other approximate but
efficient).
cam.ac.uk//UCAM-CL-TR-500
2018-03-27
The memorability and security of passwords – some
empirical results
Yan, Jianxin
Blackwell, Alan
Anderson, Ross
Grant, Alasdair
University of Cambridge, Computer Laboratory
2000-09
en
Text
UCAM-CL-TR-500
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-500.pdf
There are many things that are ‘well known’ about passwords,
such as that uers can’t remember strong passwords and that the
passwords they can remember are easy to guess. However, there
seems to be a distinct lack of research on the subject that
would pass muster by the standards of applied psychology.
Here we report a controlled trial in which, of four sample
groups of about 100 first-year students, three were recruited to
a formal experiment and of these two were given specific advice
about password selection. The incidence of weak passwords was
determined by cracking the password file, and the number of
password resets was measured from system logs. We observed a
number of phenomena which run counter to the established wisdom.
For example, passwords based on mnemonic phrases are just as
hard to crack as random passwords yet just as easy to remember
as naive user selections.
cam.ac.uk//UCAM-CL-TR-501
2016-07-22
Integrated quality of service management
Ingram, David
University of Cambridge, Computer Laboratory
2000-09
en
Text
UCAM-CL-TR-501
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-502
2018-03-27
Formalizing basic number theory
Rasmussen, Thomas Marthedal
University of Cambridge, Computer Laboratory
2000-09
en
Text
UCAM-CL-TR-502
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-503
2018-03-27
Hardware/software co-design using functional
languages
Mycroft, Alan
Sharp, Richard
University of Cambridge, Computer Laboratory
2000-09
en
Text
UCAM-CL-TR-503
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-503.pdf
In previous work we have developed and prototyped a silicon
compiler which translates a functional language (SAFL) into
hardware. Here we present a SAFL-level program transformation
which: (i) partitions a specification into hardware and software
parts and (ii) generates a specialised architecture to execute
the software part. The architecture consists of a number of
interconnected heterogeneous processors. Our method allows a
large design space to be explored by systematically transforming
a single SAFL specification to investigate different points on
the area-time spectrum.
cam.ac.uk//UCAM-CL-TR-504
2016-07-22
Word sense selection in texts: an integrated
model
Kwong, Oi Yee
University of Cambridge, Computer Laboratory
2000-09
en
Text
UCAM-CL-TR-504
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-504.ps.gz
Early systems for word sense disambiguation (WSD) often depended
on individual tailor-made lexical resources, hand-coded with as
much lexical information as needed, but of severely limited
vocabulary size. Recent studies tend to extract lexical
information from a variety of existing resources (e.g.
machine-readable dictionaries, corpora) for broad coverage.
However, this raises the issue of how to combine the information
from different resources.
Thus while different types of resource could make different
contribution to WSD, studies to date have not shown what
contribution they make, how they should be combined, and whether
they are equally relevant to all words to be disambiguated. This
thesis proposes an Integrated Model as a framework to study the
inter-relatedness of three major parameters in WSD: Lexical
Resource, Contextual Information, and Nature of Target Words. We
argue that it is their interaction which shapes the
effectiveness of any WSD system.
A generalised, structurally-based sense-mapping algorithm was
designed to combine various types of lexical resource. This
enables information from these resources to be used
simultaneously and compatibly, while respecting their
distinctive structures. In studying the effect of context on
WSD, different semantic relations available from the combined
resources were used, and a recursive filtering algorithm was
designed to overcome combinatorial explosion. We then
investigated, from two directions, how the target words
themselves could affect the usefulness of different types of
knowledge. In particular, we modelled WSD with the cloze test
format, i.e. as texts with blanks and all senses for one
specific word as alternative choices for filling the blank.
A full-scale combination of WordNet and Roget’s Thesaurus was
done, linking more than 30,000 senses. Using these two resources
in combination, a range of disambiguation tests was done on more
than 60,000 noun instances from corpus texts of different types,
and 60 blanks from real cloze texts. Results show that combining
resources is useful for enriching lexical information, and hence
making WSD more effective though not completely. Also, different
target words make different demand on contextual information,
and this interaction is closely related to text types. Future
work is suggested for expanding the analysis on target nature
and making the combination of disambiguation evidence sensitive
to the requirements of the word being disambiguated.
cam.ac.uk//UCAM-CL-TR-505
2017-07-13
Models for name-passing processes: interleaving and
causal
Cattani, Gian Luca
Sewell, Peter
University of Cambridge, Computer Laboratory
2000-09
en
Text
UCAM-CL-TR-505
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-505.pdf
We study syntax-free models for name-passing processes. For
interleaving semantics, we identify the indexing structure
required of an early labelled transition system to support the
usual π-calculus operations, defining Indexed Labelled
Transition Systems. For noninterleaving causal semantics we
define Indexed Labelled Asynchronous Transition Systems,
smoothly generalizing both our interleaving model and the
standard Asynchronous Transition Systems model for CCS-like
calculi. In each case we relate a denotational semantics to an
operational view, for bisimulation and causal bisimulation
respectively. We establish completeness properties of, and
adjunctions between, categories of the two models. Alternative
indexing structures and possible applications are also
discussed. These are first steps towards a uniform understanding
of the semantics and operations of name-passing calculi.
cam.ac.uk//UCAM-CL-TR-506
2017-07-13
Modules, abstract types, and distributed
versioning
Sewell, Peter
University of Cambridge, Computer Laboratory
2000-09
en
Text
UCAM-CL-TR-506
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-506.pdf
In a wide-area distributed system it is often impractical to
synchronise software updates, so one must deal with many
coexisting versions. We study static typing support for modular
wide-area programming, modelling separate compilation/linking
and execution of programs that interact along typed channels.
Interaction may involve communication of values of abstract
types; we provide the developer with fine-grain versioning
control of these types to support interoperation of old and new
code. The system makes use of a second-class module system with
singleton kinds; we give a novel operational semantics for
separate compilation/linking and execution and prove soundness.
cam.ac.uk//UCAM-CL-TR-507
2017-07-13
Mechanizing a theory of program composition for
UNITY
Paulson, Lawrence
University of Cambridge, Computer Laboratory
2000-11
en
Text
UCAM-CL-TR-507
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-507.pdf
Compositional reasoning must be better understood if non-trivial
concurrent programs are to be verified. Chandy and Sanders
[2000] have proposed a new approach to reasoning about
composition, which Charpentier and Chandy [1999] have
illustrated by developing a large example in the UNITY
formalism. The present paper describes extensive experiments on
mechanizing the compositionality theory and the example, using
the proof tool Isabelle. Broader issues are discussed, in
particular, the formalization of program states. The usual
representation based upon maps from variables to values is
contrasted with the alternatives, such as a signature of typed
variables. Properties need to be transferred from one program
component’s signature to the common signature of the system.
Safety properties can be so transferred, but progress properties
cannot be. Using polymorphism, this problem can be circumvented
by making signatures sufficiently flexible. Finally the proof of
the example itself is outlined.
cam.ac.uk//UCAM-CL-TR-508
2017-07-13
Shallow linear action graphs and their
embeddings
Leifer, James
Milner, Robin
University of Cambridge, Computer Laboratory
2000-10
en
Text
UCAM-CL-TR-508
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-508.ps.gz
In previous work, action calculus has been presented in terms of
action graphs. Many calculi, or at least their salient features,
can be expressed as specific action calculi; examples are Petri
nets, λ-calculus, π-calculus, fusion calculus, ambient calculus
and spi calculus.
We here offer linear action graphs as a primitive basis for
action calculi. Linear action graphs have a simpler theory than
the non-linear variety. This paper presents the category of
embeddings of shallow linear action graphs (those without
nesting), using a novel form of graphical reasoning which
simplifies some otherwise complex manipulations in regular
algebra. The work is done for undirected graphs, and adapted in
a few lines to directed graphs.
The graphical reasoning used here will be applied in future work
to develop behavioural congruences for action calculi.
cam.ac.uk//UCAM-CL-TR-509
2016-07-22
Proximity visualisation of abstract data
Basalaj, Wojciech
University of Cambridge, Computer Laboratory
2001-01
en
Text
UCAM-CL-TR-509
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-509.pdf
Data visualisation is an established technique for exploration,
analysis and presentation of data. A graphical presentation is
generated from the data content, and viewed by an observer,
engaging vision – the human sense with the greatest bandwidth,
and the ability to recognise patterns subconciously. For
instance, a correlation present between two variables can be
elucidated with a scatter plot. An effective visualisation can
be difficult to achieve for an abstract collection of objects,
e.g. a database table with many attributes, or a set of
multimedia documents, since there is no immediately obvious way
of arranging the objects based on their content. Thankfully,
similarity between pairs of elements of such a collection can be
measured, and a good overview picture should respect this
proximity information, by positioning similar elements close to
one another, and far from dissimilar objects. The resulting
proximity visualisation is a topology preserving map of the
underlying data collection, and this work investigates various
methods for generating such maps. A number of algorithms are
devised, evaluated quantitatively by means of statistical
inference, and qualitatively in a case study for each type of
data collection. Other graphical representations for abstract
data are surveyed and compared to proximity visualisation.
A standard method for modelling prximity relations is
multidimensional scaling (MDS) analysis. The result is usually a
two- or three-dimensional configuration of points – each
representing a single element from a collection., with
inter-point distances approximating the corresponding
proximities. The quality of this approximation can be expressed
as a loss function, and the optimal arrangement can be found by
minimising it numerically – a procedure known as least-squares
metric MDS. This work presents a number of algorithmic instances
of this problem, using established function optimisation
heuristics: Newton-Raphson, Tabu Search, Genetic Algorithm,
Iterative Majorization, and Stimulated annealing. Their
effectiveness at minimising the loss function is measured for a
representative sample of data collections, and the relative
ranking established. The popular classical scaling method serves
as a benchmark for this study.
The computational cost of conventional MDS makes it unsuitable
for visualising a large data collection. Incremental
multidimensional scaling solves this problem by considering only
a carefully chosen subset of all pairwise proximities. Elements
that make up cluster diameters at a certain level of the single
link cluster hierarchy are identified, and are subject to
standard MDS, in order to establish the overall shape of the
configuration. The remaining elements are positioned
independently of one another with respect to this skeleton
configuration. For very large collections the skeleton
configuration can itself be built up incrementally. The
incremental method is analysed for the compromise between
solution quality and the proportion of proximities used, and
compared to Principal Components Analysis on a number of large
database tables.
In some applications it is convenient to represent individual
objects by compact icons of fixed size, for example the use of
thumbnails when visualising a set of images. Because the MDS
analysis only takes the position of icons into account, and not
their size, its direct use for visualisation may lead to partial
or complete overlap of icons. Proximity grid – an analogue of
MDS in a discrete domain – is proposed to overcome this
deficiency. Each element of an abstract data collection is
represented within a single cell of the grid, and thus
considerable detail can be shown without overlap. The proximity
relationships are preserved by clustering similar elements in
the grid, and keeping dissimilar ones apart. Algorithms for
generating such an arrangement are presented and compared in
terms of output quality to one another as well as standard MDS.
cam.ac.uk//UCAM-CL-TR-510
2017-07-13
Switchlets and resource-assured MPLS networks
Mortier, Richard
Isaacs, Rebecca
Fraser, Keir
University of Cambridge, Computer Laboratory
2000-05
en
Text
UCAM-CL-TR-510
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-510.pdf
MPLS (Multi-Protocol Label Switching) is a technology with the
potential to support multiple control systems, each with
guaranteed QoS (Quality of Service), on connectionless
best-effort networks. However, it does not provide all the
capabilities required of a multi-service network. In particular,
although resource-assured VPNs (Virtual Private Networks) can be
created, there is no provision for inter-VPN resource
management. Control flexibility is limited because resources
must be pinned down to be guaranteed, and best-effort flows in
different VPNs compete for the same resources, leading to QoS
crosstalk.
The contribution of this paper is an implementation on MPLS of a
network control framework that supports inter-VPN resource
management. Using resource partitions known as switchlets, it
allows the creation of multiple VPNs with guaranteed resource
allocations, and maintains isolation between these VPNs.
Devolved control techniques permit each VPN a customised control
system.
We motivate our work by discussing related efforts and example
scenarios of effective deployment of our system. The
implementation is described and evaluated, and we address
interoperability with external IP control systems, in addition
to interoperability of data across different layer 2
technologies.
cam.ac.uk//UCAM-CL-TR-511
2016-07-22
Software visualization in Prolog
Grant, Calum
University of Cambridge, Computer Laboratory
1999-12
en
Text
UCAM-CL-TR-511
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-511.pdf
Software visualization (SV) uses computer graphics to
communicate the structure and behaviour of complex software and
algorithms. One of the important issues in this field is how to
specify SV, because existing systems are very cumbersome to
specify and implement, which limits their effectiveness and
hinders SV from being integrated into professional software
development tools.
In this dissertation the visualization process is decomposed
into a series of formal mappings, which provides a formal
foundation, and allows separate aspects of visualization to be
specified independently. The first mapping specifies the
information content of each view. The second mapping specifies a
graphical representation of the information, and a third mapping
specifies the graphical components that make up the graphical
representation. By combining different mappings, completely
different views can be generated.
The approach has been implemented in Prolog to provide a very
high level specification language for information visualization,
and a knowledge engineering environment that allows data queries
to tailor the information in a view. The output is generated by
a graphical constraint solver that assembles the graphical
components into a scene.
This system provides a framework for SV called Vmax. Source code
and run-time data are analyzed by Prolog to provide access to
information about the program structure and run-time data for a
wide range of highly interconnected browsable views. Different
views and means of visualization can be selected from menus. An
automatic legend describes each view, and can be interactively
modified to customize how data is presented. A text window for
editing source code is synchronized with the graphical view.
Vmax is a complete Java development environment and end user SV
system.
Vmax compares favourably to existing SV systems in many
taxonometric criteria, including automation, scope, information
content, graphical output form, specification, tailorability,
navigation, granularity and elision control. The performance and
scalability of the new approach is very reasonable.
We conclude that Prolog provides a formal and high level
specification language that is suitable for specifying all
aspects of a SV system.
cam.ac.uk//UCAM-CL-TR-512
2017-07-06
An algebraic framework for modelling and verifying
microprocessors using HOL
Fox, Anthony
University of Cambridge, Computer Laboratory
2001-03
en
Text
UCAM-CL-TR-512
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-512.pdf
This report describes an algebraic approach to the specification
and verification of microprocessor designs. Key results are
expressed and verified using the HOL proof tool. Particular
attention is paid to the models of time and temporal
abstraction, culminating in a number of one-step theorems. This
work is then explained with a small but complete case study,
which verifies the correctness of a datapath with microprogram
control.
cam.ac.uk//UCAM-CL-TR-513
2018-03-27
Generic summaries for indexing in information retrieval
– Detailed test results
Sakai, Tetsuya
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
2001-05
en
Text
UCAM-CL-TR-513
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-513.ps.gz
This paper examines the use of generic summaries for indexing in
information retrieval. Our main observations are that:
– With or without pseudo-relevance feedback, a summary index may
be as effective as the corresponding fulltext index for
precision-oriented search of highly relevant documents. But a
reasonably sophisticated summarizer, using a compression ratio
of 10–30%, is desirable for this purpose.
– In pseudo-relevance feedback, using a summary index at initial
search and a fulltext index at final search is possibly
effective for precision-oriented search, regardless of relevance
levels. This strategy is significantly more effective than the
one using the summary index only and probably more effective
than using summaries as mere term selection filters. For this
strategy, the summary quality is probably not a critical factor,
and a compression ratio of 5–10% appears best.
cam.ac.uk//UCAM-CL-TR-514
2020-01-28
Nomadic π-calculi: expressing and verifying
communication infrastructure for mobile computation
Unyapoth, Asis
University of Cambridge, Computer Laboratory
2001-06
en
Text
UCAM-CL-TR-514
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-514.pdf
This thesis addresses the problem of verifying distributed
infrastructure for mobile computation. In particular, we study
language primitives for communication between mobile agents.
They can be classified into two groups. At a low level there are
“location dependent” primitives that require a programmer to
know the current site of a mobile agent in order to communicate
with it. At a high level there are “location independent”
primitives that allow communication with a mobile agent
irrespective of any migrations. Implementation of the high level
requires delicate distributed infrastructure algorithms. In
earlier work of Sewell, Wojciechowski and Pierce, the two levels
were made precise as process calculi, allowing such algorithms
to be expressed as encodings of the high level into the low
level; a distributed programming language “Nomadic Pict” has
been built for experimenting with such encodings.
This thesis turns to semantics, giving a definition of the core
language (with a type system) and proving correctness of an
example infrastructure. This involves extending the standard
semantics and proof techniques of process calculi to deal with
the new notions of sites and agents. The techniques adopted
include labelled transition semantics, operational equivalences
and preorders (e.g., expansion and coupled simulation), “up to”
equivalences, and uniform receptiveness. We also develop two
novel proof techniques for capturing the design intuitions
regarding mobile agents: we consider “translocating” versions of
operational equivalences that take migration into account,
allowing compositional reasoning; and “temporary immobility”,
which captures the intuition that while an agent is waiting for
a lock somewhere in the system, it will not migrate.
The correctness proof of an example infrastructure is
non-trivial. It involves analysing the possible reachable states
of the encoding applied to an arbitrary high-level source
program. We introduce an intermediate language for factoring out
as many ‘house-keeping’ reduction steps as possible, and
focusing on the partially-committed steps.
cam.ac.uk//UCAM-CL-TR-515
2018-03-27
The UDP calculus: rigorous semantics for real
networking
Serjantov, Andrei
Sewell, Peter
Wansbrough, Keith
University of Cambridge, Computer Laboratory
2001-07
en
Text
UCAM-CL-TR-515
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-515.ps.gz
Network programming is notoriously hard to understand: one has
to deal with a variety of protocols (IP, ICMP, UDP, TCP, etc.),
concurrency, packet loss, host failure, timeouts, the complex
sockets interface to the protocols, and subtle protability
issues. Moreover, the behavioural properties of operating
systems and the network are not well documented.
A few of these issues have been addressed in the process
calculus and distributed algorithm communities, but there
remains a wide gulf between what has been captured in semantic
models and what is required for a precise understanding of the
behaviour of practical distributed programs that use these
protocols.
In this paper we demonstrate (in a preliminary way) that the
gulf can be bridged. We give an operational model for socket
programming with a substantial fraction of UDP and ICMP,
including loss and failure. The model has been validated by
experiment against actual systems. It is not tied to a
particular programming language, but can be used with any
language equipped with an operational semantics for system calls
– here we give such a language binding for an OCaml fragment. We
illustrate the model with a few small network programs.
cam.ac.uk//UCAM-CL-TR-516
2016-07-22
Dynamic provisioning of resource-assured and
programmable virtual private networks
Isaacs, Rebecca
University of Cambridge, Computer Laboratory
2001-09
en
Text
UCAM-CL-TR-516
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-516.ps.gz
Virtual Private Networks (VPNs) provide dedicated connectivity
to a closed group of users on a shared network. VPNs have
traditionally been deployed for reasons of economy of scale, but
have either been statically defined, requiring manual
configuration, or else unable to offer any quality of service
(QoS) guarantees.
This dissertation describes VServ, a service offering dynamic
and resource-assured VPNs that can be acquired and modified on
demand. In VServ, a VPN is both a subset of physical resources,
such as bandwidth and label space, together with the means to
perform fine-grained management of those resources. This network
programmability, combined with QoS guarantees, enables the
multiservice network – a single universal network that can
support all types of service and thus be efficient,
cost-effective and flexible.
VServ is deployed over a network control framework known as
Tempest. The Tempest explicitly distinguishes between inter- and
intra-VPN resource management mechanisms. This makes the dynamic
resource reallocation capabilities of VServ viable, whilst
handling highly dynamic VPNs or a large number of VPNs.
Extensions to the original implementation of the Tempest to
support dynamically reconfigurable QoS are detailed.
A key part of a dynamic and responsive VPN service is fully
automated VPN provisioning. A notation for VPN specification is
described, together with mechanisms for incorporating policies
of the service provider and the current resource availability in
the network into the design process. The search for a suitable
VPN topology can be expressed as a optimisation problem that is
not computationally tractable except for very small networks.
This dissertation describes how the search is made practical by
tailoring it according to the characteristics of the desired
VPN.
Availability of VServ is addressed with a proposal for
distributed VPN creation. A resource revocation protocol
exploits the dynamic resource management capabilities of VServ
to allow adaptation in the control plane on a per-VPN basis.
Managed resource revocation supports highly flexible resource
allocation and reallocation policies, allowing VServ to
efficiently provision for short-lived or highly dynamic VPNs.
cam.ac.uk//UCAM-CL-TR-517
2018-03-27
The Cambridge Multimedia Document Retrieval Project:
summary of experiments
Spärck Jones, Karen
Jourlin, P.
Johnson, S.E.
Woodland, P.C.
University of Cambridge, Computer Laboratory
2001-07
en
Text
UCAM-CL-TR-517
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-517.ps.gz
This report summarises the experimental work done under the
Multimedia Document Retrieval (MDR) project at Cambridge from
1997-2000, with selected illustrations. The focus is primarily
on retrieval studies, and on speech tests directly related to
retrieval, not on speech recognition itself. The report draws on
the many and varied tests done during the project, but also
presents a new series of results designed to compare strategies
across as many different data sets as possible by using
consistent system parameter settings.
The project tests demonstrate that retrieval from files of audio
news material transcribed using a state of the art speech
recognition system can match the reference level defined by
human transcriptions; and that expansion techniques, especially
when applied to queries, can be very effective means for
improving basic search performance.
cam.ac.uk//UCAM-CL-TR-518
2017-07-06
An attack on a traitor tracing scheme
Yan, Jeff Jianxin
Wu, Yongdong
University of Cambridge, Computer Laboratory
2001-07
en
Text
UCAM-CL-TR-518
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-518.pdf
In Crypto’99, Boneh and Franklin proposed a public key traitor
tracing scheme, which was believed to be able to catch all
traitors while not accusing any innocent users (i.e.,
full-tracing and error-free). Assuming that Decision
Diffie-Hellman problem is unsolvable in Gq, Boneh and Franklin
proved that a decoder cannot distinguish valid ciphertexts from
invalid ones that are used for tracing. However, our novel
pirate decoder P3 manages to make some invalid ciphertexts
distinguishable without violating their assumption, and it can
also frame innocent user coalitions to fool the tracer. Neither
the single-key nor arbitrary pirate tracing algorithm presented
in [1] can identify all keys used by P3 as claimed. Instead, it
is possible for both algorithms to catch none of the traitors.
We believe that the construction of our novel pirate also
demonstrates a simple way to defeat some other black-box traitor
tracing schemes in general.
cam.ac.uk//UCAM-CL-TR-519
2016-07-22
Local evidence in document retrieval
Choquette, Martin
University of Cambridge, Computer Laboratory
2001-08
en
Text
UCAM-CL-TR-519
ISSN 1476-2986
cam.ac.uk//UCAM-CL-TR-520
2017-07-13
Ternary and three-point univariate subdivision
schemes
Hassan, Mohamed
Dodgson, Neil A.
University of Cambridge, Computer Laboratory
2001-09
en
Text
UCAM-CL-TR-520
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-520.pdf
The generating function formalism is used to analyze the
continuity properties of univariate ternary subdivision schemes.
These are compared with their binary counterparts.
cam.ac.uk//UCAM-CL-TR-521
2016-09-07
Operational congruences for reactive systems
Leifer, James
University of Cambridge, Computer Laboratory
2001-09
en
Text
UCAM-CL-TR-521
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-521.ps.gz
The dynamics of process calculi, eg. CCS, have often been
defined using a labelled transaction system (LTS). More recently
it has become common when defining dynamics to use reaction
rules –ie. unlabelled transition rules– together with a
structural congruence. This form, which I call a reactive
system, is highly expressive but is limited in an important way:
LTSs lead more naturally to operational equivalences and
preorders.
So one would like to derive from reaction rules a suitable LTS.
This dissertation shows how to derive an LTS for a wide range of
reactive systems. A label for an agent (process), a, is defined
to be any context, F, which intuitively is just large enough so
that the agent Fa (“a in context F”) is able to perform a
reaction. The key contribution of my work is the precise
definition of “just large enough”, in terms of the categorical
notation of relative pushout (RPO), which ensures that several
operational equivalences and preorders (strong bisimulation,
weak bisimulation, the traces preorder, and the failures
preorder) are congruences when sufficient RPOs exist.
I present a substantial example of a family of reactive systems
based on closed, shallow action calculi (those with no free
names and no nesting). I prove that RPOs exist for a category of
such contexts. The proof is carried out indirectly in terms of a
category of action graphs and embeddings and gives precise
(necessary and sufficient) conditions for the existance of RPOs.
I conclude by arguing that these conditions are satisfied for a
wide class of reaction rules. The thrust of this dissertation
is, therefore, towards easing the burden of exploring new models
of computation by providing a general method for achieving
useful operational congruences.
cam.ac.uk//UCAM-CL-TR-522
2018-03-27
Practical behavioural animation based on vision and
attention
Gillies, Mark F.P.
University of Cambridge, Computer Laboratory
2001-09
en
Text
UCAM-CL-TR-522
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-522.pdf
The animation of human like characters is a vital aspect of
computer animation. Most animations rely heavily on characters
of some sort or other. This means that one important aspect of
computer animation research is to improve the animation of these
characters both by making it easier to produce animations and by
improving the quality of animation produced. One approach to
animating characters is to produce a simulation of the behaviour
of the characters which will automatically animate the
character.
The dissertation investigates the simulation of behaviour in
practical applications. In particular it focuses on models of
visual perception for use in simulating human behaviour. A
simulation of perception is vital for any character that
interacts with its surroundings. Two main aspects of the
simulation of perception are investigated:
– The use of psychology for designing visual algorithms.
– The simulation of attention in order to produce both behaviour
and gaze patterns.
Psychological theories are a useful starting point for designing
algorithms for simulating visual perception. The dissertation
investigates their use and presents some algorithms based on
psychological theories.
Attention is the focusing of a person’s perception on a
particular object. The dissertation presents a simulation of
what a character is attending to (looking at). This is used to
simulate behaviour and for animating eye movements.
The algorithms for the simulation of vision and attention are
applied to two tasks in the simulation of behaviour. The first
is a method for designing generic behaviour patterns from simple
pieces of motion. The second is a behaviour pattern for
navigating a cluttered environment. The simulation of vision and
attention gives advantages over existing work on both problems.
The approaches to the simulation of perception will be evaluated
in the context of these examples.
cam.ac.uk//UCAM-CL-TR-523
2017-07-13
Bigraphical reactive systems: basic theory
Milner, Robin
University of Cambridge, Computer Laboratory
2001-09
en
Text
UCAM-CL-TR-523
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-523.pdf
A notion of bigraph is proposed as the basis for a model of
mobile interaction. A bigraph consists of two independent
structures: a topograph representing locality and a monograph
representing connectivity. Bigraphs are equipped with reaction
rules to form bigraphical reactive systems (BRSs), which include
versions of the π-calculus and the ambient calculus. Bigraphs
are shown to be a special case of a more abstract notion, wide
reactive systems (WRSs), not assuming any particular graphical
or other structure but equipped with a notion of width, which
expresses that agents, contexts and reactions may all be widely
distributed entities.
A behavioural theory is established for WRSs using the
categorical notion of relative pushout; it allows labelled
transition systems to be derived uniformly, in such a way that
familiar behavioural preorders and equivalences, in particular
bisimilarity, are congruential under certain conditions. Then
the theory of bigraphs is developed, and they are shown to meet
these conditions. It is shown that, using certain functors,
other WRSs which meet the conditions may also be derived; these
may, for example, be forms of BRS with additional structure.
Simple examples of bigraphical systems are discussed; the theory
is developed in a number of ways in preparation for deeper
application studies.
cam.ac.uk//UCAM-CL-TR-524
2017-07-13
Verifying the SET purchase protocols
Bella, Giampaolo
Massacci, Fabio
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
2001-11
en
Text
UCAM-CL-TR-524
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-524.pdf
The Secure Electronic Transaction (SET) protocol has been
proposed by a consortium of credit card companies and software
corporations to guarantee the authenticity of e-commerce
transactions and the confidentiality of data. When the customer
makes a purchase, the SET dual signature keeps his account
details secret from the merchant and his choice of goods secret
from the bank. This paper reports verification results for the
purchase step of SET, using the inductive method. The credit
card details do remain confidential. The customer, merchant and
bank can confirm most details of a transaction even when some of
those details are kept from them. The usage of dual signatures
requires repetition in protocol messages, making proofs more
difficult but still feasible. The formal analysis has revealed a
significant defect. The dual signature lacks explicitness,
giving rise to potential vulnerabilities.
cam.ac.uk//UCAM-CL-TR-525
2016-07-22
Extensible virtual machines
Harris, Timothy L.
University of Cambridge, Computer Laboratory
2001-12
en
Text
UCAM-CL-TR-525
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-525.pdf
Virtual machines (VMs) have enjoyed a resurgence as a way of
allowing the same application program to be used across a range
of computer systems. This flexibility comes from the abstraction
that the provides over the native interface of a particular
computer. However, this also means that the application is
prevented from taking the features of particular physical
machines into account in its implementation.
This dissertation addresses the question of why, where and how
it is useful, possible and practicable to provide an application
with access to lower-level interfaces. It argues that many
aspects of implementation can be devolved safely to untrusted
applications and demonstrates this through a prototype which
allows control over run-time compilation, object placement
within the heap and thread scheduling. The proposed architecture
separates these application-specific policy implementations from
the application itself. This allows one application to be used
with different policies on different systems and also allows
naïve or premature optimizations to be removed.
cam.ac.uk//UCAM-CL-TR-526
2016-07-22
Extending lossless image compression
Penrose, Andrew J.
University of Cambridge, Computer Laboratory
2001-12
en
Text
UCAM-CL-TR-526
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-526.pdf
“It is my thesis that worthwhile improvements can be made to
lossless image compression schemes, by considering the
correlations between the spectral, temporal and interview
aspects of image data, in extension to the spatial correlations
that are traditionally exploited.”
Images are an important part of today’s digital world. However,
due to the large quantity of data needed to represent modern
imagery the storage of such data can be expensive. Thus, work on
efficient image storage (image compression) has the potential to
reduce storage costs and enable new applications.
Many image compression schemes are lossy; that is they sacrifice
image informationto achieve very compact storage. Although this
is acceptable for many applications, some environments require
that compression not alter the image data. This lossless image
compression has uses in medical, scientific and professional
video processing applications.
Most of the work on lossless image compression has focused on
monochrome images and has made use of the spatial smoothness of
image data. Only recently have researchers begun to look
specifically at the lossless compression of colour images and
video. By extending compression schemes for colour images and
video, the storage requirements for these important classes of
image data can be further reduced.
Much of the previous research into lossless colour image and
video compression has been exploratory. This dissertation
studies the problem in a structured way. Spatial, spectral and
temporal correlations are all considered to facilitate improved
compression. This has lead to a greater data reduction than many
existing schemes for lossless colour image and colour video
compression.
Furthermore, this work has considered the application of
extended lossless image coding to more recent image types, such
as multiview imagery. Thus, systems that use multiple views of
the same scene to provide 3D viewing, have beenprovided with a
completely novel solution for the compression of multiview
colour video.
cam.ac.uk//UCAM-CL-TR-527
2016-07-22
Architectures for ubiquitous systems
Saif, Umar
University of Cambridge, Computer Laboratory
2002-01
en
Text
UCAM-CL-TR-527
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-527.pdf
Advances in digital electronics over the last decade have made
computers faster, cheaper and smaller. This coupled with the
revolution in communication technology has led to the
development of sophisticated networked appliances and handheld
devices. “Computers” are no longer boxes sitting on a desk, they
are all around us, embedded in every nook and corner of our
environment. This increasing complexity in our environment leads
to the desire to design a system that could allow this pervasive
functionality to disappear in the infrastructure, automatically
carrying out everyday tasks of the users.
Such a system would enable devices embedded in the environment
to cooperate with one another to make a wide range of new and
useful applications possible, not originally conceived by the
manufacturer, to achieve greater functionality, flexibility and
utility.
The compelling question then becomes “what software needs to be
embedded in these devices to enable them to participate in such
a ubiquitous system”? This is the question addressed by the
dissertation.
Based on the experience with home automation systems, as part of
the AutoHAN project, the dissertation presents two compatible
but different architectures; one to enable dumb devices to be
controlled by the system and the other to enable intelligent
devices to control, extend and program the system.
Control commands for dumb devices are managed using an
HTTP-based publish/subscribe/notify architecture; devices
publish their control commands to the system as XML-typed
discrete messages, applications discover and subscribe interest
in these events to send and receive control commands from these
devices, as typed messages, to control their behavior. The
architecture handles mobility and failure of devices by using
soft-state, redundent subscriptions and “care-of” nodes. The
system is programmed with event scripts that encode automation
rules as condition-action bindings. Finally, the use of XML and
HTTP allows devices to be controlled by a simple Internet
browser.
While the publish/subscribe/notify defines a simple architecture
to enable interoperability of limited capability devices,
intelligent devices can afford more complexity that can be
utilized to support user applications and services to control,
manage and program the system. However, the operating system
embedded in these devices needs to address the heterogeneity,
longevity, mobility and dynamism of the system.
The dissertation presents the architecture of an embedded
distributed operating system that lends itself to safe
context-driven adaptation. The operating system is instrumented
with four artifacts to address the challenges posed by a
ubiquitous system. 1) An XML-based directory service captures
and notifies the applications and services about changes in the
device context, as resources move, fail, leave or join the
system, to allow context-driven adaptation. 2) A Java-based
mobile agent system allows new software to be injected in the
system and moved and replicated with the changing
characteristics of the system to define a self-organizing
system. 3) A subscribe/notify interface allows context-specific
extensions to be dynamically added to the operating system to
enable it to efficiently interoperate in its current context
according to application requirements. 4) Finally, a Dispatcher
module serves as the context-aware system call interface for the
operating system; when requested to invoke a service, the
Dispatcher invokes the resource that best satisfies the
requirements given the characteristics of the system.
Definition alone is not sufficient to prove the validity of an
architecture. The dissertation therefore describes a prototype
implementation of the operating system and presents both a
quantitative comparison of its performance with related systems
and its qualitative merit by describing new applications made
possible by its novel architecture.
cam.ac.uk//UCAM-CL-TR-528
2016-07-22
Measurement-based management of network
resources
Moore, Andrew William
University of Cambridge, Computer Laboratory
2002-04
en
Text
UCAM-CL-TR-528
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-528.pdf
Measurement-Based Estimators are able to characterise data
flows, enabling improvements to existing management techniques
and access to previously impossible management techniques. It is
the thesis of this dissertation that in addition to making
practical adaptive management schemes, measurement-based
estimators can be practical within current limitations of
resource.
Examples of network management include the characterisation of
current utilisation for explicit admission control and the
configuration of a scheduler to divide link-capacity among
competing traffic classes. Without measurements, these
management techniques have relied upon the accurate
characterisation of traffic – without accurate traffic
characterisation, network resources may be under or over
utilised.
Embracing Measurement-Based Estimation in admission control,
Measurement-Based Admission Control (MBAC) algorithms have
allowed characterisation of new traffic flows while adapting to
changing flow requirements. However, there have been many MBAC
algorithms proposed, often with no clear differentiation between
them. This has motivated the need for a realistic,
implementation-based comparison in order to identify an ideal
MBAC algorithm.
This dissertation reports on an implementation-based comparison
of MBAC algorithms conducted using a purpose built test
environment. The use of an implementation-based comparison has
allowed the MBAC algorithms to be tested under realistic
conditions of traffic load and realistic limitations on memory,
computational resources and measurements. Alongside this
comparison is a decomposition of a group of MBAC algorithms,
illustrating the relationship among MBAC algorithm components,
as well as highlighting common elements among different MBAC
algorithms.
The MBAC algorithm comparison reveals that, while no single
algorithm is ideal, the specific resource demands, such as
computation overheads, can dramatically impact on the MBAC
algorithm’s performance. Further, due to the multiple timescales
present in both traffic and management, the estimator of a
robust MBAC algorithm must base its estimate on measurements
made over a wide range of timescales. Finally, a reliable
estimator must account for the error resulting from random
properties of measurements.
Further identifying that the estimator components used in MBAC
algorithms need not be tied to the admission control problem,
one of the estimators (originally constructed as part of an MBAC
algorithm) is used to continuously characterise resource
requirements for a number of classes of traffic. Continuous
characterisation of traffic, whether requiring similar or
orthogonal resources, leads to the construction and
demonstration of a network switch that is able to provide
differentiated service while being adaptive to the demands of
each traffic class. The dynamic allocation of resources is an
approach unique to a measurement-based technique that would not
be possible if resources were based upon static declarations of
requirement.
cam.ac.uk//UCAM-CL-TR-529
2018-03-27
The triVM intermediate language reference
manual
Johnson, Neil
University of Cambridge, Computer Laboratory
2002-02
en
Text
UCAM-CL-TR-529
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-529.pdf
The triVM intermediate language has been developed as part of a
research programme concentrating on code space optimization. The
primary aim in developing triVM is to provide a language that
removes the complexity of high-level languages, such as C or ML,
while maintaining sufficient detail, at as simple a level as
possible, to support reseach and experimentation into code size
optimization. The basic structure of triVM is a notional Static
Single Assignment-based three-address machine. A secondary aim
is to develop an intermediate language that supports graph-based
translation, using graph rewrite rules, in a textual,
human-readable format. Experience has shown that text-format
intermediate files are much easier to use for experimentation,
while the penalty in translating this human-readable form to the
internal data structures used by the software is negligible.
Another aim is to provide a flexible language in which features
and innovations can be evaluated; for example, this is one of
the first intermediate languages directly based on the Static
Single Assignment technique, and which explicitly exposes the
condition codes as a result of arithmetic operations. While this
paper is concerned solely with the description of triVM, we
present a brief summary of other research-orientated
intermediate languages.
cam.ac.uk//UCAM-CL-TR-530
2016-07-22
Subcategorization acquisition
Korhonen, Anna
University of Cambridge, Computer Laboratory
2002-02
en
Text
UCAM-CL-TR-530
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-530.pdf
Manual development of large subcategorised lexicons has proved
difficult because predicates change behaviour between
sublanguages, domains and over time. Yet access to a
comprehensive subcategorization lexicon is vital for successful
parsing capable of recovering predicate-argument relations, and
probabilistic parsers would greatly benefit from accurate
information concerning the relative likelihood of different
subcategorisation frames SCFs of a given predicate. Acquisition
of subcategorization lexicons from textual corpora has recently
become increasingly popular. Although this work has met with
some success, resulting lexicons indicate a need for greater
accuracy. One significant source of error lies in the
statistical filtering used for hypothesis selection, i.e. for
removing noise from automatically acquired SCFs.
This thesis builds on earlier work in verbal subcategorization
acquisition, taking as a starting point the problem with
statistical filtering. Our investigation shows that statistical
filters tend to work poorly because not only is the underlying
distribution zipfian, but there is also very little correlation
between conditional distribution of SCFs specific to a verb and
unconditional distribution regardless of the verb. More accurate
back-off estimates are needed for SCF acquisition than those
provided by unconditional distribution.
We explore whether more accurate estimates could be obtained by
basing them on linguistic verb classes. Experiments are reported
which show that in terms of SCF distributions, individual verbs
correlate more closely with syntactically similar verbs and even
more closely with semantically similar verbs, than with all
verbs in general. On the basis of this result, we suggest
classifying verbs according to their semantic classes and
obtaining back-off estimates specific to these classes.
We propose a method for obtaining such semantically based
back-off estimates, and a novel approach to hypothesis selection
which makes use of these estimates. This approach involves
automatically identifying the semantic class of a predicate,
using subcategorization acquisition machinery to hypothesise
conditional SCF distribution for the predicate, smoothing the
conditional distribution with the back-off estimates of the
respective semantic verb class, and employing a simple method
for filtering, which uses a threshold on the estimates from
smoothing. Adopting Briscoe and Carroll’s (1997) system as a
framework, we demonstrate that this semantically-driven approach
to hypothesis selection can significantly improve the accuracy
of large-scale subcategorization acquisition.
cam.ac.uk//UCAM-CL-TR-531
2017-07-13
Verifying the SET registration protocols
Bella, Giampaolo
Massacci, Fabio
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
2002-03
en
Text
UCAM-CL-TR-531
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-531.pdf
SET (Secure Electronic Transaction) is an immense e-commerce
protocol designed to improve the security of credit card
purchases. In this paper we focus on the initial bootstrapping
phases of SET, whose objective is the registration of customers
and merchants with a SET certification authority. The aim of
registration is twofold: getting the approval of the
cardholder’s or merchant’s bank, and replacing traditional
credit card numbers with electronic credentials that customers
can present to the merchant, so that their privacy is protected.
These registration sub-protocols present a number of challenges
to current formal verification methods. First, they do not
assume that each agent knows the public keys of the other
agents. Key distribution is one of the protocols’ tasks. Second,
SET uses complex encryption primitives (digital envelopes) which
introduce dependency chains: the loss of one secret key can lead
to potentially unlimited losses. Building upon our previous
work, we have been able to model and formally verify SET’s
registration with the inductive method in Isabelle/HOL solving
its challenges with very general techniques.
cam.ac.uk//UCAM-CL-TR-532
2016-07-22
Internet traffic engineering
Mortier, Richard
University of Cambridge, Computer Laboratory
2002-04
en
Text
UCAM-CL-TR-532
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-532.pdf
Due to the dramatically increasing popularity of the services
provided over the public Internet, problems with current
mechanisms for control and management of the Internet are
becoming apparent. In particular, it is increasingly clear that
the Internet and other networks built on the Internet protocol
suite do not provide sufficient support for the efficient
control and management of traffic, i.e. for Traffic Engineering.
This dissertation addresses the problem of traffic engineering
in the Internet. It argues that traffic management techniques
should be applied at multiple timescales, and not just at data
timescales as is currently the case. It presents and evaluates
mechanisms for traffic engineering in the Internet at two
further timescales: flow admission control and control of
per-flow packet marking, enabling control timescale traffic
engineering; and support for load based inter-domain routeing in
the Internet, enabling management timescale traffic engineering.
This dissertation also discusses suitable policies for the
application of the proposed mechanisms. It argues that the
proposed mechanisms are able to support a wide range of policies
useful to both users and operators. Finally, in a network of the
size of the Internet consideration must also be given to the
deployment of proposed solutions. Consequently, arguments for
and against the deployment of these mechanisms are presented and
the conclusion drawn that there are a number of feasible paths
toward deployment.
The work presented argues the following: firstly, it is possible
to implement mechanisms within the Internet framework that
enable traffic engineering to be carried out by operators;
secondly, that applying these mechanisms with suitable policies
can ease the management problems faced by operators and at the
same time improve the efficiency with which the network can be
run; thirdly, that these improvements can correspond to
increased network performance as viewed by the user; and
finally, that not only the resulting deployment but also the
deployment process itself are feasible.
cam.ac.uk//UCAM-CL-TR-533
2016-07-22
The acquisition of a unification-based generalised
categorial grammar
Villavicencio, Aline
University of Cambridge, Computer Laboratory
2002-04
en
Text
UCAM-CL-TR-533
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-533.pdf
The purpose of this work is to investigate the process of
grammatical acquisition from data. In order to do that, a
computational learning system is used, composed of a Universal
Grammar with associated parameters, and a learning algorithm,
following the Principles and Parameters Theory. The Universal
Grammar is implemented as a Unification-Based Generalised
Categorial Grammar, embedded in a default inheritance network of
lexical types. The learning algorithm receives input from a
corpus of spontaneous child-directed transcribed speech
annotated with logical forms and sets the parameters based on
this input. This framework is used as a basis to investigate
several aspects of language acquisition. In this thesis I
concentrate on the acquisition of subcategorisation frames and
word order information, from data. The data to which the learner
is exposed can be noisy and ambiguous, and I investigate how
these factors affect the learning process. The results obtained
show a robust learner converging towards the target grammar
given the input data available. They also show how the amount of
noise present in the input data affects the speed of convergence
of the learner towards the target grammar. Future work is
suggested for investigating the developmental stages of language
acquisition as predicted by the learning model, with a thorough
comparison with the developmental stages of a child. This is
primarily a cognitive computational model of language learning
that can be used to investigate and gain a better understanding
of human language acquisition, and can potentially be relevant
to the development of more adaptive NLP technology.
cam.ac.uk//UCAM-CL-TR-534
2016-07-22
Resource control in network elements
Donnelly, Austin
University of Cambridge, Computer Laboratory
2002-04
en
Text
UCAM-CL-TR-534
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-534.pdf
Increasingly, substantial data path processing is happening on
devices within the network. At or near the edges of the network,
data rates are low enough that commodity workstations may be
used to process packet flows. However, the operating systems
such machines use are not suited to the needs of data-driven
processing. This dissertation shows why this is a problem, how
current work fails to address it, and proposes a new approach.
The principal problem is that crosstalk occurs in the processing
of different data flows when they contend for a shared resource
and their accesses to this resource are not scheduled
appropriately; typically the shared resource is located in a
server process. Previous work on vertically structured operating
systems reduces the need for such shared servers by making
applications responsible for performing as much of their own
processing as possible, protecting and multiplexing devices at
the lowest level consistent with allowing untrusted user access.
However, shared servers remain on the data path in two
circumstances: firstly, dumb network adaptors need non-trivial
processing to allow safe access by untrusted user applications.
Secondly, shared servers are needed wherever trusted code must
be executed for security reasons.
This dissertation presents the design and implementation of
Expert, an operating system which avoids crosstalk by removing
the need for such servers.
This dissertation describes how Expert handles dumb network
adaptors to enable applications to access them via a low-level
interface which is cheap to implement in the kernel, and retains
application responsibility for the work involved in running a
network stack.
Expert further reduces the need for application-level shared
servers by introducing paths which can trap into protected
modules of code to perform actions which would otherwise have to
be implemented within a server.
Expert allows traditional compute-bound tasks to be freely mixed
with these I/O-driven paths in a single system, and schedules
them in a unified manner. This allows the processing performed
in a network element to be resource controlled, both for
background processing tasks such as statistics gathering, and
for data path processing such as encryption.
cam.ac.uk//UCAM-CL-TR-535
2003-01-09
Designs, disputes and strategies
Faggian, Claudia
Hyland, Martin
University of Cambridge, Computer Laboratory
2002-05
en
Text
UCAM-CL-TR-535
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-535.pdf
Important progresses in logic are leading to interactive and
dynamical models. Geometry of Interaction and Games Semantics
are two major examples. Ludics, initiated by Girard, is a
further step in this direction.
The objects of Ludics which correspond to proofs are designs. A
design can be described as the skeleton of a sequent calculus
derivation, where we do not manipulate formulas, but their
location (the address where the formula is stored). To study the
traces of the interactions between designs as primitive leads to
an alternative presentation, which is to describe a design as
the set of its possible interactions, called disputes. This
presentation has the advantage to make precise the
correspondence between the basic notions of Ludics (designs,
disputes and chronicles) and the basic notions of Games
semantics (strategies, plays and views).
cam.ac.uk//UCAM-CL-TR-536
2017-07-13
Low temperature data remanence in static RAM
Skorobogatov, Sergei
University of Cambridge, Computer Laboratory
2002-06
en
Text
UCAM-CL-TR-536
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-536.pdf
Security processors typically store secret key material in
static RAM, from which power is removed if the device is
tampered with. It is commonly believed that, at temperatures
below −20 °C, the contents of SRAM can be ‘frozen’; therefore,
many devices treat temperatures below this threshold as
tampering events. We have done some experiments to establish the
temperature dependency of data retention time in modern SRAM
devices. Our experiments show that the conventional wisdom no
longer holds.
cam.ac.uk//UCAM-CL-TR-537
2016-07-22
Parallel systems in symbolic and algebraic
computation
Matooane, Mantsika
University of Cambridge, Computer Laboratory
2002-06
en
Text
UCAM-CL-TR-537
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-537.pdf
This report describes techniques to exploit distributed memory
massively parallel supercomputers to satisfy the peak memory
demands of some very large computer algebra problems (over 10
GB). The memory balancing is based on a randomized hashing
algorithm for dynamic data distribution. Fine grained
partitioning is used to provide flexibility in the memory
allocation, at the cost of higher communication cost. The main
problem areas are multivariate polynomial algebra, and linear
algebra with polynomial matrices. The system was implemented and
tested on a Hitachi SR2201 supercomputer.
cam.ac.uk//UCAM-CL-TR-538
2018-03-27
The Escritoire: A personal projected display for
interacting with documents
Ashdown, Mark
Robinson, Peter
University of Cambridge, Computer Laboratory
2002-06
en
Text
UCAM-CL-TR-538
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-538.pdf
The Escritoire is a horizontal desk interface that uses two
projectors to create a foveal display. Items such as images,
documents, and the interactive displays of other conventional
computers, can be manipulated on the desk using pens in both
hands. The periphery covers the desk, providing ample space for
laying out the objects relevant to a task, allowing them to be
identified at a glance and exploiting human spatial memory for
rapid retrieval. The fovea is a high resolution focal area that
can be used to view any item in detail. The projected images are
continuously warped with commodity graphics hardware before
display, to reverse the effects of misaligned projectors and
ensure registration between fovea and periphery. The software is
divided into a hardware-specific client driving the display, and
a platform-independent server imposing control.
cam.ac.uk//UCAM-CL-TR-539
2018-03-27
Towards a ternary interpolating subdivision scheme for
the triangular mesh
Dodgson, N.A.
Sabin, M.A.
Barthe, L.
Hassan, M.F.
University of Cambridge, Computer Laboratory
2002-07
en
Text
UCAM-CL-TR-539
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-539.pdf
We derive a ternary interpolating subdivision scheme which works
on the regular triangular mesh. It has quadratic precision and
fulfils the standard necessary conditions for C2 continuity.
Further analysis is required to determine its actual continuity
class and to define its behaviour around extraordinary points.
cam.ac.uk//UCAM-CL-TR-540
2017-07-13
The use of computer graphics rendering software in the
analysis of a novel autostereoscopic display design
Dodgson, N.A.
Moore, J.R.
University of Cambridge, Computer Laboratory
2002-08
en
Text
UCAM-CL-TR-540
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-540.pdf
Computer graphics ‘ray tracing’ software has been used in the
design and evaluation of a new autostereoscopic 3D display. This
software complements the conventional optical design software
and provides a cost-effective method of simulating what is
actually seen by a viewer of the display. It may prove a useful
tool in similar design problems.
cam.ac.uk//UCAM-CL-TR-541
2018-03-27
Different applications of two-dimensional potential
fields for volume modeling
Barthe, L.
Dodgson, N.A.
Sabin, M.A.
Wyvill, B.
Gaildrat, V.
University of Cambridge, Computer Laboratory
2002-08
en
Text
UCAM-CL-TR-541
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-541.pdf
Current methods for building models using implicit volume
techniques present problems defining accurate and controllable
blend shapes between implicit primitives. We present new methods
to extend the freedom and controllability of implicit volume
modeling. The main idea is to use a free-form curve to define
the profile of the blend region between implicit primitives.
The use of a free-form implicit curve, controlled point-by-point
in the Euclidean user space, allows us to group boolean
composition operators with sharp transitions or smooth free-form
transitions in a single modeling metaphor. This idea is
generalized for the creation, sculpting and manipulation of
volume objects, while providing the user with simplicity,
controllability and freedom in volume modeling.
Bounded volume objects, known as “Soft objects” or “Metaballs”,
have specific properties. We also present binary Boolean
composition operators that gives more control on the form of the
transition when these objects are blended.
To finish, we show how our free-form implicit curves can be used
to build implicit sweep objects.
cam.ac.uk//UCAM-CL-TR-542
2017-07-13
A generative classification of mesh refinement rules
with lattice transformations
Ivrissimtzis, I.P.
Dodgson, N.A.
Sabin, M.A.
University of Cambridge, Computer Laboratory
2002-09
en
Text
UCAM-CL-TR-542
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-542.pdf
We give a classification of the subdivision refinement rules
using sequences of similar lattices. Our work expands and
unifies recent results in the classification of primal
triangular subdivision [Alexa, 2001], and results on the
refinement of quadrilateral lattices [Sloan, 1994, 1989]. In the
examples we concentrate on the cases with low ratio of
similarity and find new univariate and bivariate refinement
rules with the lowest possible such ratio, showing that this
very low ratio usually comes at the expense of symmetry.
cam.ac.uk//UCAM-CL-TR-543
2016-07-22
Evaluating similarity-based visualisations as interfaces
for image browsing
Rodden, Kerry
University of Cambridge, Computer Laboratory
2002-09
en
Text
UCAM-CL-TR-543
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-543.pdf
Large collections of digital images are becoming more and more
common, and the users of these collections need computer-based
systems to help them find the images they require. Digital
images are easy to shrink to thumbnail size, allowing a large
number of them to be presented to the user simultaneously.
Generally, current image browsing interfaces display thumbnails
in a two-dimensional grid, in some default order, and there has
been little exploration of possible alternatives to this model.
With textual document collections, information visualisation
techniques have been used to produce representations where the
documents appear to be clustered according to their mutual
similarity, which is based on the words they have in common. The
same techniques can be applied to images, to arrange a set of
thumbnails according to a defined measure of similarity. In many
collections, the images are manually annotated with descriptive
text, allowing their similarity to be measured in an analogous
way to textual documents. Alternatively, research in
content-based image retrieval has made it possible to measure
similarity based on low-level visual features, such as colour.
The primary goal of this research was to investigate the
usefulness of such similarity-based visualisations as interfaces
for image browsing. We concentrated on visual similarity,
because it is applicable to any image collection, regardless of
the availability of annotations. Initially, we used conventional
information retrieval evaluation methods to compare the relative
performance of a number of different visual similarity measures,
both for retrieval and for creating visualisations.
Thereafter, our approach to evaluation was influenced more by
human-computer interaction: we carried out a series of user
experiments where arrangements based on visual similarity were
compared to random arrangements, for different image browsing
tasks. These included finding a given target image, finding a
group of images matching a generic requirement, and choosing
subjectively suitable images for a particular purpose (from a
shortlisted set). As expected, we found that similarity-based
arrangements are generally more helpful than random
arrangements, especially when the user already has some idea of
the type of image she is looking for.
Images are used in many different application domains; the ones
we chose to study were stock photography and personal
photography. We investigated the organisation and browsing of
personal photographs in some depth, because of the inevitable
future growth in usage of digital cameras, and a lack of
previous research in this area.
cam.ac.uk//UCAM-CL-TR-544
2017-07-13
On the support of recursive subdivision
Ivrissimtzis, I.P.
Sabin, M.A.
Dodgson, N.A.
University of Cambridge, Computer Laboratory
2002-09
en
Text
UCAM-CL-TR-544
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-544.pdf
We study the support of subdivision schemes, that is, the area
of the subdivision surface that will be affected by the
displacement of a single control point. Our main results cover
the regular case, where the mesh induces a regular Euclidean
tessellation of the parameter space. If n is the ratio of
similarity between the tessellation at step k and step k−1 of
the subdivision, we show that this number determines if the
support is polygonal or fractal. In particular if n=2, as it is
in the most schemes, the support is a polygon whose vertices can
be easily determined. If n is not equal to two as, for example,
in the square root of three scheme, the support is usually
fractal and on its boundary we can identify sets like the
classic ternary Cantor set.
cam.ac.uk//UCAM-CL-TR-545
2017-07-06
A HOL specification of the ARM instruction set
architecture
Fox, Anthony C.J.
University of Cambridge, Computer Laboratory
2001-06
en
Text
UCAM-CL-TR-545
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-545.pdf
This report gives details of a HOL specification of the ARM
instruction set architecture. It is shown that the HOL proof
tool provides a suitable environment in which to model the
architecture. The specification is used to execute fragments of
ARM code generated by an assembler. The specification is based
primarily around the third version of the ARM architecture, and
the intent is to provide a target semantics for future
microprocessor verifications.
cam.ac.uk//UCAM-CL-TR-546
2016-07-22
Depth perception in computer graphics
Pfautz, Jonathan David
University of Cambridge, Computer Laboratory
2002-09
en
Text
UCAM-CL-TR-546
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-546.pdf
With advances in computing and visual display technology, the
interface between man and machine has become increasingly
complex. The usability of a modern interactive system depends on
the design of the visual display. This dissertation aims to
improve the design process by examining the relationship between
human perception of depth and three-dimensional
computer-generated imagery (3D CGI).
Depth is perceived when the human visual system combines various
different sources of information about a scene. In Computer
Graphics, linear perspective is a common depth cue, and systems
utilising binocular disparity cues are of increasing interest.
When these cues are inaccurately and inconsistently presented,
the effectiveness of a display will be limited. Images generated
with computers are sampled, meaning they are discrete in both
time and space. This thesis describes the sampling artefacts
that occur in 3D CGI and their effects on the perception of
depth. Traditionally, sampling artefacts are treated as a Signal
Processing problem. The approach here is to evaluate artefacts
using Human Factors and Ergonomics methodology; sampling
artefacts are assessed via performance on relevant visual tasks.
A series of formal and informal experiments were performed on
human subjects to evaluate the effects of spatial and temporal
sampling on the presentation of depth in CGI. In static images
with perspective information, the relative size of an object can
be inconsistently presented across depth. This inconsistency
prevented subjects from making accurate relative depth
judgements. In moving images, these distortions were most
visible when the object was moving slowly, pixel size was large,
the object was located close to the line of sight and/or the
object was located a large virtual distance from the viewer.
When stereo images are presented with perspective cues, the
sampling artefacts found in each cue interact. Inconsistencies
in both size and disparity can occur as the result of spatial
and temporal sampling. As a result, disparity can vary
inconsistently across an object. Subjects judged relative depth
less accurately when these inconsistencies were present. An
experiment demonstrated that stereo cues dominated in conflict
situations for static images. In moving imagery, the number of
samples in stereo cues is limited. Perspective information
dominated the perception of depth for unambiguous (i.e.,
constant in direction and velocity) movement.
Based on the experimental results, a novel method was developed
that ensures the size, shape and disparity of an object are
consistent as it moves in depth. This algorithm manipulates the
edges of an object (at the expense of positional accuracy) to
enforce consistent size, shape and disparity. In a
time-to-contact task using only stereo and perspective depth
cues, velocity was judged more accurately using this method. A
second method manipulated the location and orientation of the
viewpoint to maximise the number of samples of perspective and
stereo depth in a scene. This algorithm was tested in a
simulated air traffic control task. The experiment demonstrated
that knowledge about where the viewpoint is located dominates
any benefit gained in reducing sampling artefacts.
This dissertation provides valuable information for the visual
display designer in the form of task-specific experimental
results and computationally inexpensive methods for reducing the
effects of sampling.
cam.ac.uk//UCAM-CL-TR-547
2016-07-22
Semantic optimization of OQL queries
Trigoni, Agathoniki
University of Cambridge, Computer Laboratory
2002-10
en
Text
UCAM-CL-TR-547
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-547.pdf
This work explores all the phases of developing a query
processor for OQL, the Object Query Language proposed by the
Object Data Management Group (ODMG 3.0). There has been a lot of
research on the execution of relational queries and their
optimization using syntactic or semantic transformations.
However, there is no context that has integrated and tested all
the phases of processing an object query language, including the
use of semantic optimization heuristics. This research is
motivated by the need for query execution tools that combine two
valuable properties: i) the expressive power to encompass all
the features of the object-oriented paradigm and ii) the
flexibility to benefit from the experience gained with
relational systems, such as the use of semantic knowledge to
speed up query execution.
The contribution of this work is twofold. First, it establishes
a rigorous basis for OQL by defining a type inference model for
OQL queries and proposing a complete framework for their
translation into calculus and algebraic representations. Second,
in order to enhance query execution it provides algorithms for
applying two semantic optimization heuristics: constraint
introduction and constraint elimination techniques. By taking
into consideration a set of association rules with exceptions,
it is possible to add or remove predicates from an OQL query,
thus transforming it to a more efficient form.
We have implemented this framework, which enables us to measure
the benefits and the cost of exploiting semantic knowledge
during query execution. The experiments showed significant
benefits, especially in the application of the constraint
introduction technique. In contexts where queries are optimized
once and are then executed repeatedly, we can ignore the cost of
optimization, and it is always worth carrying out the proposed
transformation. In the context of adhoc queries the cost of the
optimization becomes an important consideration. We have
developed heuristics to estimate the cost as well as the
benefits of optimization. The optimizer will carry out a
semantic transformation only when the overhead is less than the
expected benefit. Thus transformations are performed safely even
with adhoc queries. The framework can often speed up the
execution of an OQL query to a considerable extent.
cam.ac.uk//UCAM-CL-TR-548
2017-07-06
Formal verification of the ARM6
micro-architecture
Fox, Anthony
University of Cambridge, Computer Laboratory
2002-11
en
Text
UCAM-CL-TR-548
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-548.pdf
This report describes the formal verification of the ARM6
micro-architecture using the HOL theorem prover. The correctness
of the microprocessor design compares the micro-architecture
with an abstract, target instruction set semantics. Data and
temporal abstraction maps are used to formally relate the state
spaces and to capture the timing behaviour of the processor. The
verification is carried out in HOL and one-step theorems are
used to provide the framework for the proof of correctness. This
report also describes the formal specification of the ARM6’s
three stage pipelined micro-architecture.
cam.ac.uk//UCAM-CL-TR-549
2017-07-13
Two remarks on public key cryptology
Anderson, Ross
University of Cambridge, Computer Laboratory
2002-12
en
Text
UCAM-CL-TR-549
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-549.pdf
In some talks I gave in 1997-98, I put forward two observations
on public-key cryptology, concerning forward-secure signatures
and compatible weak keys. I did not publish a paper on either of
them as they appeared to be rather minor footnotes to public key
cryptology. But the work has occasionally been cited, and I’ve
been asked to write a permanent record.
cam.ac.uk//UCAM-CL-TR-550
2017-07-13
Computer security – a layperson’s guide, from the bottom
up
Spärck Jones, Karen
University of Cambridge, Computer Laboratory
2002-06
en
Text
UCAM-CL-TR-550
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-550.pdf
Computer security as a technical matter is complex, and opaque
for those who are not themselves computer professionals but who
encounter, or are ultimately responsible for, computer systems.
This paper presents the essentials of computer security in
non-technical terms, with the aim of helping people affected by
computer systems to understand what security is about and to
withstand the blinding with science mantras that too often
obscure the real issues.
cam.ac.uk//UCAM-CL-TR-551
2017-07-13
The relative consistency of the axiom of choice —
mechanized using Isabelle/ZF
Paulson, Lawrence C.
University of Cambridge, Computer Laboratory
2002-12
en
Text
UCAM-CL-TR-551
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-551.pdf
The proof of the relative consistency of the axiom of choice has
been mechanized using Isabelle/ZF. The proof builds upon a
previous mechanization of the reflection theorem. The heavy
reliance on metatheory in the original proof makes the
formalization unusually long, and not entirely satisfactory: two
parts of the proof do not fit together. It seems impossible to
solve these problems without formalizing the metatheory.
However, the present development follows a standard textbook,
Kunen’s “Set Theory”, and could support the formalization of
further material from that book. It also serves as an example of
what to expect when deep mathematics is formalized.
cam.ac.uk//UCAM-CL-TR-552
2017-07-13
The Xenoserver computing infrastructure
Fraser, Keir A.
Hand, Steven M.
Harris, Timothy L.
Leslie, Ian M.
Pratt, Ian A.
University of Cambridge, Computer Laboratory
2003-01
en
Text
UCAM-CL-TR-552
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-552.pdf
The XenoServer project will build a public infrastructure for
wide-area distributed computing. We envisage a world in which
XenoServer execution platforms will be scattered across the
globe and available for any member of the public to submit code
for execution. Crucially, the code’s sponsor will be billed for
all the resources used or reserved during its execution. This
will encourage load balancing, limit congestion, and make the
platform self-financing.
Such a global infrastructure is essential to address the
fundamental problem of communication latency. By enabling
principals to run programs at points throughout the network they
can ensure that their code executes close to the entities with
which it interacts. As well as reducing latency this can be used
to avoid network bottlenecks, to reduce long-haul network
charges and to provide a network presence for
transiently-connected mobile devices.
This project will build and deploy a global XenoServer test-bed
and make it available to authenticated external users; initially
members of the scientific community and ultimately of the
general public. In this environment accurate resource accounting
and pricing is critical – whether in an actual currency or one
that is fictitious. As with our existing work on OS resource
management, pricing provides the feedback necessary for
applications that can adapt, and prevents over-use by
applications that cannot.
cam.ac.uk//UCAM-CL-TR-553
2018-03-27
Xen 2002
Barham, Paul R.
Dragovic, Boris
Fraser, Keir A.
Hand, Steven M.
Harris, Timothy L.
Ho, Alex C.
Kotsovinos, Evangelos
Madhavapeddy, Anil V.S.
Neugebauer, Rolf
Pratt, Ian A.
Warfield, Andrew K.
University of Cambridge, Computer Laboratory
2003-01
en
Text
UCAM-CL-TR-553
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-553.pdf
This report describes the design of Xen, the hypervisor
developed as part of the XenoServer wide-area computing project.
Xen enables the hardware resources of a machine to be
virtualized and dynamically partitioned such as to allow
multiple different ‘guest’ operating system images to be run
simultaneously.
Virtualizing the machine in this manner provides flexibility,
allowing different users to choose their preferred operating
system (Windows, Linux, NetBSD), and also enables use of the
platform as a testbed for operating systems research.
Furthermore, Xen provides secure partitioning between these
‘domains’, and enables better resource accounting and QoS
isolation than can be achieved within a conventional operating
system. We show these benefits can be achieved at negligible
performance cost.
We outline the design of Xen’s main sub-systems, and the
interface exported to guest operating systems. Initial
performance results are presented for our most mature guest
operating system port, Linux 2.4. This report covers the initial
design of Xen, leading up to our first public release which we
plan to make available for download in April 2003. Further
reports will update the design as our work progresses and
present the implementation in more detail.
cam.ac.uk//UCAM-CL-TR-554
2017-07-13
Towards a field theory for networks
Crowcroft, Jon
University of Cambridge, Computer Laboratory
2003-01
en
Text
UCAM-CL-TR-554
ISSN 1476-2986
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-554.p