Academia Europaea 18th Annual Conference events
Grand Challenges of Informatics and Computer Mathematics
Budapest, September 20, 2006
From Computable Functions
to Definable Systems
Theory of
Programming
Wolfgang Reisig
1
The scope of concern
focus of
so far
future
programming
systems engineering
elevator system
accident preventing car
automatic business processes
informatics
theoretical
basis
computable
functions
“definable systems”
formal models of
discrete real world systems
2
This talk
picks three aspects of a theory of “definable systems”:
1. A model should be trustworthy !
2. A model should be compositional !
3. A model should solicit invariants !
3
1. A model should be trustworthy!
•
Each elementary item to be modeled
is an elementary item of the model.
•
Each elementary operation to be modeled
is an elementary operation of the model .
•
Each state to be modeled is a state of the model.
•
Each step to be modeled is a step of the model.
•
… and vice versa!
4
1. 1 Example: a geometrical algorithm
Given: A circle C with center p,
… certainly an algorithm.
and a point q outside C.
but not computable
The problem:
by a Turing Machine!
Construct a tangent at C through q
How write this
algorithm down?
The solution:
s
D
q
l
p
r
C
s‘
5
Pseudocode P with a formal meaning
input(p, C, q);
Fix a signature (alphabet), .
r := halfway(p,q);
Write down P, using –terms.
D := circle(r,p);
Some –structure, S0 , is the initial state:
M := intersect(C,D);
pS0 = p, CS0 = C, etc.
s := pick(M);
Construct steps S  S’ of P as obvious.
l := makeline(q,s);
E.g. r := halfway(p,q); applied to a state S
output(l);
yields rS’ = halfwayS(pS,qS).
s
D
q
l
This algorithm defines
a sequence of states.
p
r
s‘
C Each state
6
is a  – structure.
1.2 Example: pebble game
Given: an urn, contanig a finite set of pebbles.
Each pebble is either white or black.
Step: Take 2 pebbles out of the urn.
If their colors are different: put a white pebble back.
If colors are equal: put a black pebble back
(You may have to blacken a white one)
How model this?
conventionally: a nondeterministic program, including e.g.
if white > 2 then white := white – 2; black := black + 1
calculating numbers of black and white pebbles.
initial numbers of pebbles must be known before starting7
more adequate: a Petri net
a distributed run
8
more adequate: a Petri net
a distributed run
9
1.3 No hidden idealization!
Resources are finite !
Clocks are by no means precise !
There is no global time scale to order independent events !
Reading may prevent writing !
(This reveals the myth of mutex algorithms)
10
2. A model should be compositional!
Frege, 1892: Essential properties of a composed system
are derivable from properties of its components.
Sequential composition of sequential programs:
A;B terminates iff both A and B terminate.
Problem:
reactive and distributed systems are usually not
compositional
CCS, parallel programs, …
11
How gain compositionality?
guideline:
“a specification is a logical expression”
“Composition is conjunction”
equally important:
“Implementation (refinement) is implication”
Techniques in this line:
TLA, FOCUS
stuttering sequences,
streams
distributed runs
12
How formulate steps ?
guideline:
“a specification is a logical expression”
Replace program variables by logical variables,
and assignment statements by mathematical equations.
Replace x := x+1 by x’ = x+1.
Good for verification: x’ –1 = x.
13
3. A model should solicit invariants!
Chemistry:
A chemical process:
A chemist calculates its “balance of material” .
Physics:
A physical process:
A physicist calculates its “balance of energy” .
Banking:
A banking process:
A banker calculates its “balance of money” .
Good science has deep invariants.
Scientific notions are designed with the intent for deep
invariants.
14
Invariants in informatics
Informatics constructs its objects of interest itself;
hence, informatics has much freedom to fix its basic notions.
… a particularly good chance for deep invariants!
Informatics:
An information transforming process:
An information scientist calculates its “balance of
information” … ? …
Our problem: We don’t know what to balance.
What really is “information” ?
15
What might help
• Elementary actions should be reversible:
Let P a S be a step.
Classical observation: One can compute S from P and a.
Def.:
a is reversible iff one also can compute P from S and a.
Petri Net transitions are reversible;
x := 1 is not reversible.
• “Information is what you need to decide alternatives”
16
Final remark: all this is not entirely new
Carl Adam Petri, 1966: formal pragmatics, communication disciplines
Don Knuth, 1968: “[the next state function f of a transition system]
might involve operations that mortal man can not always perform.”
Edsger W. Dijkstra: “Progress is possible only if we train ourselves to
think about programs without thinking of them as pieces of
executable code.”
Yuri Gurevich, 1985 “[Compared to Turing Machies,] we define a more
general kind of abstract computational device …”
Robin Milner, 2006: “ … we should have achieved a mathematical
model of computation, perhaps highly abstract in contrast with the
concrete nature of paper and register machines, but such that
programming languages are merely executable fragments of the
17
theory …”
Academia Europaea 18th Annual Conference events
Grand Challenges of Informatics and Computer Mathematics
Budapest, September 20, 2006
From Computable Functions
to Definable Systems
Theory of
Programming
Wolfgang Reisig
18