-
Active External Calls for Blockchain and Distributed Ledger Technologies: Debunking cited inability of Blockchain and DLT to make external calls
Authors:
Joshua Ellul,
Gordon J Pace
Abstract:
Blockchain and other distributed ledger technologies have enabled peer-to-peer networks to maintain ledgers with an immutable history and guaranteed computation, all carried out without the need of trusted parties. In practice, few applications of blockchain are closed i.e. do not interact with the world outside the blockchain, and various techniques have been proposed and used to handle such inte…
▽ More
Blockchain and other distributed ledger technologies have enabled peer-to-peer networks to maintain ledgers with an immutable history and guaranteed computation, all carried out without the need of trusted parties. In practice, few applications of blockchain are closed i.e. do not interact with the world outside the blockchain, and various techniques have been proposed and used to handle such interaction. One problem is that it is widely accepted that, due to the decentralised nature of blockchain networks and constraints to ensure trust and determinism, such communication can only flow into the blockchain, and that blockchain systems cannot initiate and execute calls to external systems or services. In this paper we show that this misconception is preconceived by building on our previously presented solution to demonstrate that such calls can be directly initiated from the blockchain itself in a feasible and efficient manner.
△ Less
Submitted 10 January, 2023;
originally announced February 2023.
-
Towards External Calls for Blockchain and Distributed Ledger Technology
Authors:
Joshua Ellul,
Gordon J. Pace
Abstract:
It is widely accepted that blockchain systems cannot execute calls to external systems or services due to each node having to reach a deterministic state. However, in this paper we show that this belief is preconceived by demonstrating a method that enables blockchain and distributed ledger technologies to perform calls to external systems initiated from the blockchain/DLT itself.
It is widely accepted that blockchain systems cannot execute calls to external systems or services due to each node having to reach a deterministic state. However, in this paper we show that this belief is preconceived by demonstrating a method that enables blockchain and distributed ledger technologies to perform calls to external systems initiated from the blockchain/DLT itself.
△ Less
Submitted 24 May, 2021; v1 submitted 13 May, 2021;
originally announced May 2021.
-
A Pragmatic Approach to Regulating Artificial Intelligence: A Technology Regulator's Perspective
Authors:
Joshua Ellul,
Stephen McCarthy,
Trevor Sammut,
Juanita Brockdorff,
Matthew Scerri,
Gordon J. Pace
Abstract:
Artificial Intelligence (AI) and the regulation thereof is a topic that is increasingly being discussed within various fora. Various proposals have been made in literature for defining regulatory bodies and/or related regulation. In this paper, we present a pragmatic approach for providing a technology assurance regulatory framework. To the best knowledge of the authors this work presents the firs…
▽ More
Artificial Intelligence (AI) and the regulation thereof is a topic that is increasingly being discussed within various fora. Various proposals have been made in literature for defining regulatory bodies and/or related regulation. In this paper, we present a pragmatic approach for providing a technology assurance regulatory framework. To the best knowledge of the authors this work presents the first national AI technology assurance legal and regulatory framework that has been implemented by a national authority empowered through law to do so. In aim of both providing assurances where required and not stifling innovation yet supporting it, herein it is proposed that such regulation should not be mandated for all AI-based systems and that rather it should primarily provide a voluntary framework and only be mandated in sectors and activities where required and as deemed necessary by other authorities for regulated and critical areas.
△ Less
Submitted 15 April, 2021;
originally announced May 2021.
-
Blockchain and the Common Good Reimagined
Authors:
Joshua Ellul,
Gordon Pace
Abstract:
Blockchain, Smart Contracts and Distributed Ledger Technology (DLT) are being touted to revolutionise digital services - through decentralisation. Cryptocurrencies, self-sovereign identities, decentralised certificate registries, and transparent voting systems are but a few applications which promise to empower endusers and provide assurances that neither data nor the associated computational logi…
▽ More
Blockchain, Smart Contracts and Distributed Ledger Technology (DLT) are being touted to revolutionise digital services - through decentralisation. Cryptocurrencies, self-sovereign identities, decentralised certificate registries, and transparent voting systems are but a few applications which promise to empower endusers and provide assurances that neither data nor the associated computational logic have been tampered with.
Decentralisation, disintermediation, transparency, verifiability, auditability, openness, inclusion, tamper-proof, immutability are just some of the buzz words that continue to be swung around in the promotion of the benefits brought about by Blockchain-based systems to the users. The rhetoric used creates parallels between the features brought about through blockchains and values that many try to uphold, for example honesty, openness, transparency, teamwork and unchanging truth.
In this paper a number of blockchain applications aimed at supporting initiatives for common good are highlighted. This is followed by a discussion on technology de/centralisation and a thought experiment used to raise questions regarding the use of decentralised technology in terms of social implications.
△ Less
Submitted 31 October, 2019;
originally announced October 2019.
-
Proceedings of the Second Workshop on Verification of Objects at RunTime EXecution
Authors:
Davide Ancona,
Gordon Pace
Abstract:
This volume contains the post-proceedings of the second Workshop on Verification of Objects at RunTime EXecution (VORTEX 2018) that was held in Amsterdam, co-located with the European Conference on Object-Oriented Programming (ECOOP 2018) and the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2018).
Runtime verification is an approach to software verification which i…
▽ More
This volume contains the post-proceedings of the second Workshop on Verification of Objects at RunTime EXecution (VORTEX 2018) that was held in Amsterdam, co-located with the European Conference on Object-Oriented Programming (ECOOP 2018) and the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2018).
Runtime verification is an approach to software verification which is concerned with monitoring and analysis of software and hardware system executions. Recently, it has gained more consensus as an effective and promising approach to ensure software reliability, bridging a gap between formal verification, and conventional testing; monitoring a system during runtime execution offers additional opportunities for addressing error recovery, self-adaptation, and other issues that go beyond software reliability. The goal of VORTEX is to bring together researchers working on runtime verification for topics covering either theoretical, or practical aspects, or, preferably, both, with emphasis on object-oriented languages, and systems.
△ Less
Submitted 25 August, 2019;
originally announced August 2019.
-
A Survey of Challenges for Runtime Verification from Advanced Application Domains (Beyond Software)
Authors:
César Sánchez,
Gerardo Schneider,
Wolfgang Ahrendt,
Ezio Bartocci,
Domenico Bianculli,
Christian Colombo,
Yliés Falcone,
Adrian Francalanza,
Srđan Krstić,
JoHao M. Lourenço,
Dejan Nickovic,
Gordon J. Pace,
Jose Rufino,
Julien Signoles,
Dmitriy Traytel,
Alexander Weiss
Abstract:
Runtime verification is an area of formal methods that studies the dynamic analysis of execution traces against formal specifications. Typically, the two main activities in runtime verification efforts are the process of creating monitors from specifications, and the algorithms for the evaluation of traces against the generated monitors. Other activities involve the instrumentation of the system t…
▽ More
Runtime verification is an area of formal methods that studies the dynamic analysis of execution traces against formal specifications. Typically, the two main activities in runtime verification efforts are the process of creating monitors from specifications, and the algorithms for the evaluation of traces against the generated monitors. Other activities involve the instrumentation of the system to generate the trace and the communication between the system under analysis and the monitor. Most of the applications in runtime verification have been focused on the dynamic analysis of software, even though there are many more potential applications to other computational devices and target systems. In this paper we present a collection of challenges for runtime verification extracted from concrete application domains, focusing on the difficulties that must be overcome to tackle these specific challenges. The computational models that characterize these domains require to devise new techniques beyond the current state of the art in runtime verification.
△ Less
Submitted 16 November, 2018;
originally announced November 2018.
-
Control-Flow Residual Analysis for Symbolic Automata
Authors:
Shaun Azzopardi,
Christian Colombo,
Gordon J. Pace
Abstract:
Where full static analysis of systems fails to scale up due to system size, dynamic monitoring has been increasingly used to ensure system correctness. The downside is, however, runtime overheads which are induced by the additional monitoring code instrumented. To address this issue, various approaches have been proposed in the literature to use static analysis in order to reduce monitoring overhe…
▽ More
Where full static analysis of systems fails to scale up due to system size, dynamic monitoring has been increasingly used to ensure system correctness. The downside is, however, runtime overheads which are induced by the additional monitoring code instrumented. To address this issue, various approaches have been proposed in the literature to use static analysis in order to reduce monitoring overhead. In this paper we generalise existing work which uses control-flow static analysis to optimise properties specified as automata, and prove how similar analysis can be applied to more expressive symbolic automata - enabling reduction of monitoring instrumentation in the system, and also monitoring logic. We also present empirical evidence of the effectiveness of this approach through an analysis of the effect of monitoring overheads in a financial transaction system.
△ Less
Submitted 23 August, 2017;
originally announced August 2017.
-
Proceedings Second International Workshop on Pre- and Post-Deployment Verification Techniques
Authors:
Adrian Francalanza,
Gordon J. Pace
Abstract:
This volume contains the proceedings of PrePost 2017 (the Second International Workshop on Pre- and Post-Deployment Verification Techniques), taking place on 19th September 2017 in Torino, Italy, as a satellite event of the 13th International Conference on integrated Formal Methods (iFM 2017).
PrePost aims to bridge two areas of research and academic communities: on one hand techniques for analy…
▽ More
This volume contains the proceedings of PrePost 2017 (the Second International Workshop on Pre- and Post-Deployment Verification Techniques), taking place on 19th September 2017 in Torino, Italy, as a satellite event of the 13th International Conference on integrated Formal Methods (iFM 2017).
PrePost aims to bridge two areas of research and academic communities: on one hand techniques for analysis of systems prior to deployment, on the other techniques for the analysis of systems once they have already been deployed. The workshop brings together researchers working in the field of computer-aided validation, programming languages and verification to discuss the connections and interplay between pre- and post-deployment verification techniques. This includes exploring relationships between techniques such as classic model checking and testing, with ones such as runtime verification and statistical model checking, between type systems that may be checked either statically or dynamically through techniques such as runtime monitoring, gradual typing and contracts.
△ Less
Submitted 23 August, 2017;
originally announced August 2017.
-
Device-Centric Monitoring for Mobile Device Management
Authors:
Luke Chircop,
Christian Colombo,
Gordon J. Pace
Abstract:
The ubiquity of computing devices has led to an increased need to ensure not only that the applications deployed on them are correct with respect to their specifications, but also that the devices are used in an appropriate manner, especially in situations where the device is provided by a party other than the actual user. Much work which has been done on runtime verification for mobile devices an…
▽ More
The ubiquity of computing devices has led to an increased need to ensure not only that the applications deployed on them are correct with respect to their specifications, but also that the devices are used in an appropriate manner, especially in situations where the device is provided by a party other than the actual user. Much work which has been done on runtime verification for mobile devices and operating systems is mostly application-centric, resulting in global, device-centric properties (e.g. the user may not send more than 100 messages per day across all applications) being difficult or impossible to verify. In this paper we present a device-centric approach to runtime verify the device behaviour against a device policy with the different applications acting as independent components contributing to the overall behaviour of the device. We also present an implementation for Android devices, and evaluate it on a number of device-centric policies, reporting the empirical results obtained.
△ Less
Submitted 29 March, 2016;
originally announced March 2016.
-
Explaining Violation Traces with Finite State Natural Language Generation Models
Authors:
Gordon J. Pace,
Michael Rosner
Abstract:
An essential element of any verification technique is that of identifying and communicating to the user, system behaviour which leads to a deviation from the expected behaviour. Such behaviours are typically made available as long traces of system actions which would benefit from a natural language explanation of the trace and especially in the context of business logic level specifications. In th…
▽ More
An essential element of any verification technique is that of identifying and communicating to the user, system behaviour which leads to a deviation from the expected behaviour. Such behaviours are typically made available as long traces of system actions which would benefit from a natural language explanation of the trace and especially in the context of business logic level specifications. In this paper we present a natural language generation model which can be used to explain such traces. A key idea is that the explanation language is a CNL that is, formally speaking, regular language susceptible transformations that can be expressed with finite state machinery. At the same time it admits various forms of abstraction and simplification which contribute to the naturalness of explanations that are communicated to the user.
△ Less
Submitted 9 June, 2014;
originally announced June 2014.
-
Comprehensive Monitor-Oriented Compensation Programming
Authors:
Christian Colombo,
Gordon J. Pace
Abstract:
Compensation programming is typically used in the programming of web service compositions whose correct implementation is crucial due to their handling of security-critical activities such as financial transactions. While traditional exception handling depends on the state of the system at the moment of failure, compensation programming is significantly more challenging and dynamic because it is d…
▽ More
Compensation programming is typically used in the programming of web service compositions whose correct implementation is crucial due to their handling of security-critical activities such as financial transactions. While traditional exception handling depends on the state of the system at the moment of failure, compensation programming is significantly more challenging and dynamic because it is dependent on the runtime execution flow - with the history of behaviour of the system at the moment of failure affecting how to apply compensation. To address this dynamic element, we propose the use of runtime monitors to facilitate compensation programming, with monitors enabling the modeller to be able to implicitly reason in terms of the runtime control flow, thus separating the concerns of system building and compensation modelling. Our approach is instantiated into an architecture and shown to be applicable to a case study.
△ Less
Submitted 3 April, 2014;
originally announced April 2014.
-
Extensible Technology-Agnostic Runtime Verification
Authors:
Christian Colombo,
Adrian Francalanza,
Ruth Mizzi,
Gordon J. Pace
Abstract:
With numerous specialised technologies available to industry, it has become increasingly frequent for computer systems to be composed of heterogeneous components built over, and using, different technologies and languages. While this enables developers to use the appropriate technologies for specific contexts, it becomes more challenging to ensure the correctness of the overall system. In this pap…
▽ More
With numerous specialised technologies available to industry, it has become increasingly frequent for computer systems to be composed of heterogeneous components built over, and using, different technologies and languages. While this enables developers to use the appropriate technologies for specific contexts, it becomes more challenging to ensure the correctness of the overall system. In this paper we propose a framework to enable extensible technology agnostic runtime verification and we present an extension of polyLarva, a runtime-verification tool able to handle the monitoring of heterogeneous-component systems. The approach is then applied to a case study of a component-based artefact using different technologies, namely C and Java.
△ Less
Submitted 20 February, 2013;
originally announced February 2013.
-
Contracts for Interacting Two-Party Systems
Authors:
Gordon J. Pace,
Fernando Schapachnik
Abstract:
This article deals with the interrelation of deontic operators in contracts -- an aspect often neglected when considering only one of the involved parties. On top of an automata-based semantics we formalise the onuses that obligations, permissions and prohibitions on one party impose on the other. Such formalisation allows for a clean notion of contract strictness and a derived notion of contract…
▽ More
This article deals with the interrelation of deontic operators in contracts -- an aspect often neglected when considering only one of the involved parties. On top of an automata-based semantics we formalise the onuses that obligations, permissions and prohibitions on one party impose on the other. Such formalisation allows for a clean notion of contract strictness and a derived notion of contract conflict that is enriched with issues arising from party interdependence.
△ Less
Submitted 11 September, 2012;
originally announced September 2012.
-
Proceedings Sixth Workshop on Formal Languages and Analysis of Contract-Oriented Software
Authors:
Gordon J. Pace,
Anders P. Ravn
Abstract:
The ability to negotiate contracts for a wide range of aspects and to provide services conforming to them is a most pressing need in service-oriented architectures. High-level models of contracts are making their way into the area, but application developers are still left to their own devices when it comes to writing code that will comply with a contract concluded before service provision. At the…
▽ More
The ability to negotiate contracts for a wide range of aspects and to provide services conforming to them is a most pressing need in service-oriented architectures. High-level models of contracts are making their way into the area, but application developers are still left to their own devices when it comes to writing code that will comply with a contract concluded before service provision. At the programming language level, contracts appear as separate concerns that crosscut through application logic. Therefore there is a need for contract analysis tools that extract abstracted models from applications so they become amenable to formal reasoning using formal language techniques.
Since its inception, the aim of of FLACOS has been that of bringing together researchers and practitioners working on language- or application-based solutions to these problems through the formalization of contracts, the design of appropriate abstraction mechanisms, and tools and techniques for analysis of contracts, and analysis, testing and monitoring of conformance to contracts by applications.
△ Less
Submitted 8 September, 2012;
originally announced September 2012.