Papers by Alastair Telford
Accident reports are typically divided into chapters which reect the different per spectives of v... more Accident reports are typically divided into chapters which reect the different per spectives of various specialists It is sometimes the case that these alternative view points lead to inconsistencies and omissions where an incident covered at length by one specialist may be ignored by another This creates a problem in that the con clusions of the report may thus be muddled or incomplete and consequently lead to further errors of comprehension amongst those who need to understand the ndings Similarly several dierent reports of the same accident may be produced This creates problems for the companies and regulators which must act on the findings of these inconsistent accounts It is therefore desirable to have a rigorous method for checking consistency between different chapters and accounts We present the novel application of the idea of cross-viewpoint consistency typically used in software engineering to unify different accident perspectives Further more we propose a method of consi...
Accident reports are typically divided into chapters which reflect the different perspectives of ... more Accident reports are typically divided into chapters which reflect the different perspectives of various specialists. It is sometimes the case that these alternative viewpoints lead to inconsistencies and omissions where an incident covered at length by one specialist may be ignored by another. This creates a problem in that the conclusions of the report may thus be muddled or incomplete and consequently lead to further errors of comprehension amongst those who need to understand the findings. Similarly, several different reports of the same accident may be produced. This creates problems for the companies and regulators which must act on the findings of these inconsistent accounts. It is, therefore, desirable to have a rigorous method for checking consistency between different chapters and accounts. We present the novel application of the idea of cross-viewpoint consistency, typically used in software engineering, to unify different accident perspectives. Furthermore, we propose a ...
It is our aim to develop an elementary strong functional programming (ESFP) system. To be useful,... more It is our aim to develop an elementary strong functional programming (ESFP) system. To be useful, ESFP should include structures such as streams which can be computationally unwound infinitely often. We describe a syntactic analysis to ensure that infinitely proceeding structures, which we shall term codata, are productive. This analysis is an extension of the check for guardedness that has been used with definitions over coinductive types in Martin-Lof's type theory and in the calculus of constructions. Our analysis is presented as a form of abstract interpretation that allows a wider syntactic class of corecursive definitions to be recognised as productive than in previous work. Thus programmers will have fewer restrictions on their use of infinite streams within a strongly normalizing functional language. Contents 1 Introduction 1 2 Infinite Objects 2 2.1 Functional Programming and Infinite Data . . . . . . . . . . . . 3 2.2 Guarded Infinite Objects . . . . . . . . . . . . ....
Abstract: In previous papers we have proposed an elementary discipline of strong functional progr... more Abstract: In previous papers we have proposed an elementary discipline of strong functional programming (ESFP), in which all computations terminate. A key feature of the discipline is that we introduce a type distinction between data which is known to be nite, and codata which is (potentially) innite. To ensure termination, recursion over data must be well-founded, and corecursion (the denition schema for codata) must be productive, and both of these restrictions must be enforced automatically by the compiler. In our previous work we used abstract interpretation to establish the productivity of corecursive denitions in an elementary strong functional language. We show here that similar ideas can be applied in the dual case to check whether recursive function denitions are strongly normalising. We thus exhibit a powerful termination analysis technique which we demonstrate can be extended to partial functions.
A Hierarchy of Languages with Strong Termination Properties
In previous papers we have proposed an elementary discipline of strong functional programming (ES... more In previous papers we have proposed an elementary discipline of strong functional programming (ESFP), in which all computations terminate. A key feature of the discipline is that we introduce a type distinction between data which is known to be finite, and codata which is (potentially) infinite. To ensure termination, recursion over data must be wellfounded, and corecursion (the definition schema for codata) must be productive, and both of these restrictions must be enforced automatically by the compiler. In our previous work we used abstract interpretation to establish the productivity of corecursive definitions in an elementary strong functional language. We show here that similar ideas can be applied in the dual case to check whether recursive function definitions are strongly normalising. We thus exhibit a powerful termination analysis technique which we demonstrate can be extended to partial functions.
Constructive t ype theories, such as that of Martin-L of, allow program construction and veri cat... more Constructive t ype theories, such as that of Martin-L of, allow program construction and veri cation to take place within a single system: proofs may be read as programs and propositions as types. However, parts of proofs may be seen to be irrelevant from a computational viewpoint. We show h o w a form of abstract interpretation may be used to detect computational redundancy in a functional language based upon Martin-L of's type theory. T h us, without making any alteration to the system of type theory itself, we present a n automatic way of discovering and removing such redundancy. We also note that the strong normalisation property o f t ype theory means that proofs of correctness of the abstract interpretation are simpler, being based upon a set-theoretic rather than a domain-theoretic semantics.
It is our aim to produce an elementary strong functional programming (ESFP) system. To be useful,... more It is our aim to produce an elementary strong functional programming (ESFP) system. To be useful, ESFP should include structures such as streams which can be computationally unwound infinitely often. We describe a syntactic analysis to ensure that infinitely proceeding structures, which we shall term codata , are productive. This analysis is an extension of the check for guardedness that has been used with definitions over coinductive types in Martin-Lof's type theory and in the calculus of constructions. Our analysis is presented as a form of abstract interpretation that allows a wider syntactic class of corecursive definitions to be recognised as productive than in previous work. Thus programmers will have fewer restrictions on their use of infinite streams within a strongly normalizing functional language.
Cross-viewpoint Consistency in Accident Investigations
Accident reports are typically divided into chapters which reflect the different perspectives of ... more Accident reports are typically divided into chapters which reflect the different perspectives of various specialists. It is sometimes the case that these alternative viewpoints lead to inconsistencies and omissions where an incident covered at length by one specialist may be ignored by another. This creates a problem in that the conclusions of the report may thus be muddled or incomplete and consequently lead to further errors of comprehension amongst those who need to understand the findings. Similarly, several different reports of the same accident may be produced and it is desirable to have a rigorous method for checking consistency between them. This creates problems for the companies and regulators which must act on the findings of these inconsistent accounts. We present the novel application of the idea of cross-viewpoint consistency, typically used in software engineering, to unify different accident perspectives. Furthermore, we propose that the method of consistency checkin...
Constructive type theories, such as that of Martin-Lof, allow program construction and verificati... more Constructive type theories, such as that of Martin-Lof, allow program construction and verification to take place within a single system: proofs may be read as programs and propositions as types. However, parts of proofs may be seen to be irrelevant from a computational viewpoint. We show how a form of abstract interpretation may be used to detect computational redundancy in a functional language based upon Martin-Lof's type theory. Thus, without making any alteration to the system of type theory itself, we present an automatic way of discovering and removing such redundancy. We also note that the strong normalisation property of type theory means that proofs of correctness of the abstract interpretation are simpler, being based upon a set-theoretic rather than a domain-theoretic semantics. Keywords: Type theory, functional programming, computational redundancy, abstract interpretation.
Static analysis of Martin-Löf's intuitionistic type theory
Martin-Lof's intuitionistic type theory has been under investigation in recent years as a pot... more Martin-Lof's intuitionistic type theory has been under investigation in recent years as a potential source for future functional programming languages. This is due to its properties which greatly aid the derivation of provably correct programs. These include the Curry-Howard correspondence (whereby logical formulas may be seen as specifications and proofs of logical formulas as programs) and strong normalisation (i.e. evaluation of every proof/program must terminate). Unfortunately, a corollary of these properties is that the programs may contain computationally irrelevant proof objects: proofs which are not to be printed as part of the result of a program. We show how a series of static analyses may be used to improve the efficiency of type theory as a lazy functional programming language. In particular we show how variants of abstract interpretation may be used to eliminate unnecessary computations in the object code that results from a type theoretic program. After an informa...
Extending the application of formal methods to analyse human error and system failure during accident investigations
Software Engineering Journal, Nov 1, 1996
ABSTRACT
Cross-viewpoint Consistency in Accident Investigations
abstract Accident reports are typically divided into chapters which reflect the different perspec... more abstract Accident reports are typically divided into chapters which reflect the different perspectives of various specialists. It is sometimes the case that these alternative viewpoints lead to inconsistencies and omissions where an incident covered at length by one ...
A Hierarchy of Languages with Strong Termination Properties
Ensuring Termination in ESFP
J Ucs, 2000
Ensuring the Productivity of Infinite Structures
It is our aim to develop an elementary strong functional programming (ESFP)system. To be useful, ... more It is our aim to develop an elementary strong functional programming (ESFP)system. To be useful, ESFP should include structures such as streams which canbe computationally unwound infinitely often. We describe a syntactic analysisto ensure that infinitely proceeding structures, which we shall term codata, areproductive. This analysis is an extension of the check for guardedness that hasbeen used with definitions over coinductive types in Martin-Lof's type theoryand in the calculus of...
Constructive type theories, such as that of Martin-Lof, allow program construction and verificati... more Constructive type theories, such as that of Martin-Lof, allow program construction and verification to take place within a single system: proofs may be read as programs and propositions as types. However, parts of proofs may be seen to be irrelevant from a computational viewpoint. We show how a form of abstract interpretation may be used to detect computational redundancy in a functional language based upon Martin-Lof's type theory. Thus, without making any alteration to the system of type theory itself, we present ...
Lecture Notes in Computer Science, 1997
Uploads
Papers by Alastair Telford