Language support for fast and reliable message-based communication in singularity OS

Fähndrich, Manuel; Aiken, Mark; Hawblitzel, Chris; Hodson, Orion; Hunt, Galen; Larus, James R.; Levi, Steven

doi:10.1145/1218063.1217953

Cited by 112 publications

(180 citation statements)

References 32 publications

Supporting

Mentioning

180

Contrasting

Order By: Relevance

“…Both SmallfootRG and Chalice could encode our contracts and switch receive constructs, but this encoding, as well as being tedious, would be incomplete for non-deterministic contracts. SessionJ [5] and Sing# [4] are realistic programming languages that rely on contracts. The Sing# compiler uses a static analyzer to check some restricted form of copyless message-passing, but seemingly does not support ownership transfer of recursive data structures.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

Tracking Heaps That Hop with Heap-Hop

Villard

Lozes

Calcagno

2010

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

Abstract. Heap-Hop is a program prover for concurrent heap-manipulating programs that use Hoare monitors and message-passing synchronization. Programs are annotated with pre and post-conditions and loop invariants, written in a fragment of separation logic. Communications are governed by a form of session types called contracts. Heap-Hop can prove safety and race-freedom and, thanks to contracts, absence of memory leaks and deadlock-freedom. It has been used in several case studies, including concurrent programs for copyless list transfer, service provider protocols, and load-balancing parallel tree disposal.

show abstract

Section: Related Work and Conclusionmentioning

confidence: 99%

Tracking Heaps That Hop with Heap-Hop

Villard

Lozes

Calcagno

2010

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

show abstract

“…Session types focus on ensuring fidelity in systems where (single-threaded) protocols are carried out between two parties, such as, e.g., a client and a server. Session types are by now widely adopted as the basis of pragmatic typing disciplines, targeting operating system design [5], middleware communication protocols [16] and distributed object-oriented programming [7], just to mention a few. Session types have also been generalised so as to consider multiparty interactions [3,10].…”

Section: Introductionmentioning

confidence: 99%

Typing Progress in Communication-Centred Systems

Vieira

Vasconcelos

2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We present a type system for the analysis of progress in session-based communication centred systems. Our development is carried out in a minimal setting considering classic (binary) sessions, but building on and generalising previous work on progress analysis in the context of conversation types. Our contributions aim at underpinning forthcoming works on progress for session-typed systems, so as to support richer verification procedures based on a more foundational approach. Although this work does not target expressiveness, our approach already addresses challenging scenarios which are unaccounted for elsewhere in the literature, in particular systems that interleave communications on received session channels.

show abstract

“…Language-based support for sessions is the subject of active research [2,3,4,7,10,14,15]. Several of these works focus on developing type systems which statically ensure compliance to session specifications.…”

Section: Sessions For Distributed Programmingmentioning

confidence: 99%

“…Beyond simple abstractions for communications, distributed applications can often be structured as parties that exchange messages according to some fixed, prearranged patterns, called sessions (also named contracts, or workflows, or protocols). Sessions simplify distributed programming by specifying the behaviour of each network entity, or role: the parties can then resolve most of the programming complexity upfront.Language-based support for sessions is the subject of active research [2,3,4,7,10,14,15]. Several of these works focus on developing type systems which statically ensure compliance to session specifications.…”

mentioning

confidence: 99%

A Protocol Compiler for Secure Sessions in ML

Corin

Deniélou

Trustworthy Global Computing

View full text Add to dashboard Cite

Abstract. Distributed applications can be structured using sessions that specify flows of messages between roles. We design a small specific language to declare sessions. We then build a compiler, called s2ml, that transforms these declarations down to ML modules securely implementing the sessions. Every run of a well-typed program executing a session through its generated module is guaranteed to follow the session specification, despite any low-level attempt by coalitions of remote peers to deviate from their roles. We detail the inner workings of our compiler, along with our design choices, and illustrate the usage of s2ml with two examples: a simple remote procedure call session, and a complex session for a conference management system. Sessions for distributed programmingProgramming networked, independent systems is complex: when systems communicate through an untrusted network, and do not trust each other, enforcing security properties is hard. As a first step to simplify this task, programming languages and system libraries offer abstractions for common communication patterns (such as private channels or RPCs). Beyond simple abstractions for communications, distributed applications can often be structured as parties that exchange messages according to some fixed, prearranged patterns, called sessions (also named contracts, or workflows, or protocols). Sessions simplify distributed programming by specifying the behaviour of each network entity, or role: the parties can then resolve most of the programming complexity upfront.Language-based support for sessions is the subject of active research [2,3,4,7,10,14,15]. Several of these works focus on developing type systems which statically ensure compliance to session specifications. There, type safety implies that user code that instantiates a session role always behaves as prescribed in the session. Thus, assuming that every distributed program participating in a session is well-typed, any run of the session follows its specification. There, being well-typed implies that every session participant is benign, and therefore complies with the session specification. Moreover, the network is also assumed to behave as expected, (e.g., delivering messages correctly).However, in an adversarial setting, remote parties may not be trusted to play their role. Moreover, they may collude to attack compliant participants, and may also control the network, being able to eavesdrop, intercept, and modify en route messages. Hence, defensive implementations also have to monitor one another, in order to prevent any confusion between parallel sessions, to ensure authentication, correlation, and causal dependencies between messages, and to detect any deviation from the assigned roles of a session. Left to the programmer, this task involves delicate low-level coding below session abstractions, which defeats their purpose.In order to keep sessions being useful and safe abstractions, we consider their secure implementation in terms of cryptographic communication protocols, by developing ...

show abstract

Language support for fast and reliable message-based communication in singularity OS

Cited by 112 publications

References 32 publications

Tracking Heaps That Hop with Heap-Hop

Tracking Heaps That Hop with Heap-Hop

Typing Progress in Communication-Centred Systems

A Protocol Compiler for Secure Sessions in ML

Contact Info

Product

Resources

About