Lecture Notes in Computer Science 9399

Commenced Publication in 1973Founding and Former Series Editors:Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen

Editorial Board

David HutchisonLancaster University, Lancaster, UK

Takeo KanadeCarnegie Mellon University, Pittsburgh, PA, USA

Josef KittlerUniversity of Surrey, Guildford, UK

Jon M. KleinbergCornell University, Ithaca, NY, USA

Friedemann MatternETH Zurich, Zürich, Switzerland

John C. MitchellStanford University, Stanford, CA, USA

Moni NaorWeizmann Institute of Science, Rehovot, Israel

C. Pandu RanganIndian Institute of Technology, Madras, India

Bernhard SteffenTU Dortmund University, Dortmund, Germany

Demetri TerzopoulosUniversity of California, Los Angeles, CA, USA

Doug TygarUniversity of California, Berkeley, CA, USA

Gerhard WeikumMax Planck Institute for Informatics, Saarbrücken, Germany

More information about this series at http://www.springer.com/series/7407

Martin Leucker • Camilo RuedaFrank D. Valencia (Eds.)

Theoretical Aspectsof Computing – ICTAC 201512th International ColloquiumCali, Colombia, October 29–31, 2015Proceedings

123

EditorsMartin LeuckerUniversity of LübeckLübeckGermany

Camilo RuedaPontificia Universidad Javeriana-CaliCaliColombia

Frank D. ValenciaCNRS LIXÉcole Polytechnique de ParisPalaiseauFrance

and

Pontificia Universidad Javeriana-CaliCaliColombia

ISSN 0302-9743 ISSN 1611-3349 (electronic)Lecture Notes in Computer ScienceISBN 978-3-319-25149-3 ISBN 978-3-319-25150-9 (eBook)DOI 10.1007/978-3-319-25150-9

Library of Congress Control Number: 2015950887

LNCS Sublibrary: SL1 – Theoretical Computer Science and General Issues

Springer Cham Heidelberg New York Dordrecht London© Springer International Publishing Switzerland 2015This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of thematerial is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,broadcasting, reproduction on microfilms or in any other physical way, and transmission or informationstorage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology nowknown or hereafter developed.The use of general descriptive names, registered names, trademarks, service marks, etc. in this publicationdoes not imply, even in the absence of a specific statement, that such names are exempt from the relevantprotective laws and regulations and therefore free for general use.The publisher, the authors and the editors are safe to assume that the advice and information in this book arebelieved to be true and accurate at the date of publication. Neither the publisher nor the authors or the editorsgive a warranty, express or implied, with respect to the material contained herein or for any errors oromissions that may have been made.

Printed on acid-free paper

Springer International Publishing AG Switzerland is part of Springer Science+Business Media(www.springer.com)

Preface

This volume contains the papers presented at ICTAC 2015: The 12th InternationalColloquium on Theoretical Aspects of Computing held during October 29–31, 2015, inCali, Colombia.

The International Colloquia on Theoretical Aspects of Computing (ICTAC) is aseries of annual events founded in 2003 by the United Nations University InternationalInstitute for Software Technology. Its purpose is to bring together practitioners andresearchers from academia, industry, and government to present research results andexchange experience and ideas. Beyond these scholarly goals, another main purpose isto promote cooperation in research and education between participants and theirinstitutions from developing and industrial regions.

The city of Cali, where this year’s ICTAC took place, is the third largest city ofColombia and the seat of six major universities of the country. The UniversidadJaveriana-Cali, host of the colloquium, has built a reputation on theoretical computerscience through the works of Avispa, a research team founded in the Cali-based uni-versities of Javeriana and Universidad del Valle, with active members in the univer-sities of Cork (Ireland), École Polytechnique-Paris (France), Oxford (UK), andGroningen (The Netherlands). The latter three institutions were co-organizers of thisyear’s colloquium, which was also sponsored by Microsoft Research Center, Inria,CNRS, CLEI, and the Colombian Computation Society.

We were honored to have seven distinguished guests as invited speakers:

– Jean-Raymond Abrial (consultant, France)– Volker Diekert (University of Stuttgart, Germany)– César Muñoz (NASA Langley, USA)– Catuscia Palamidessi (Inria and École Polytechnique, France)– Davide Sangiorgi (Inria and University of Bologna, Italy)– Moshe Vardi (Rice University, USA)– Glynn Winskel (University of Cambridge, UK)

Jean-Raymond Abrial’s talk undertook the study of a proof of a well-known theorem inplanar graphs to motivate the new discipline of mathematical engineering. VolkerDiekert discussed different monitor constructions for checking safety properties ofcomplex systems. César A. Muñoz’s talk concerned the application of formal methodsto the safety analysis of air traffic management systems. He described the detect andavoid (DAA) capability to address the challenge of NASA’s Unmanned AircraftSystems Integration project. Catuscia Palamidessi’s talk discussed the problem ofprotecting the privacy of the user when dealing with location-based services. DavideSangiorgi presented his work on refinements of co-inductive proof methods for func-tional and process languages. He discussed the contraction technique that refinesMilner’s unique solution of equations to reason about bisimilarity. Glynn Winskeldiscussed his work on optimal probabilistic strategies for distributed games. Moshe

Vardi’s talk described the rise and fall of mathematical logic in computer science andthen analyzed the quiet revolution in logic that has given rise again to modern appli-cations of logic to computing.

ICTAC 2015 received 93 submissions from 30 different countries. Each submissionwas reviewed by at least three members of the Program Committee, along with helpfrom external reviewers. Out of these 93 submissions, 25 full-length papers wereaccepted. The committee also accepted two short papers and three tool papers. Thiscorresponds approximately to a 1/3 acceptance ratio.

Apart from the paper presentations and invited talks, ICTAC 2015 continued thetradition of previous ICTAC conferences in holding a four-course school on threeimportant topics in theoretical aspects of computing: formal methods and verification,formal models of concurrency, and security in concurrency. These courses were:“Formal Modeling” given by Jean-Raymond Abrial (France), “Formal VerificationTechniques,” by Martin Leucker (University of Lübeck, Germany), “Security andInformation Flow,” by Kostas Chatzikokolakis (CNRS-École Polytechnique, France),and “Models for Concurrency” by Pawel Sobocinski (University of Southampton, UK).In addition, co-located for the first time with ICTAC, we hosted the 11th InternationalWorkshop on Developments in Computational Models (DCM 2015) chaired by CésarA. Muñoz (NASA) and Jorge A. Pérez (University of Groningen).

We thank all the authors for submitting their papers to the conference, and theProgram Committee members and external reviewers for their excellent work inthe review, discussion, and selection process. We are indebted to all the members of theOrganizing Committee for their hard work in all phases of the conference. We alsoacknowledge our gratitude to the Steering Committee for their constant support.

We are also indebted to EasyChair that greatly simplified the assignment andreviewing of the submissions as well as the production of the material for the pro-ceedings. Finally, we thank Springer for their cooperation in publishing theproceedings.

August 2015 Martin LeuckerCamilo Rueda

Frank D. Valencia

VI Preface

Organization

Program Committee

Nazareno Aguirre Universidad Nacional de Río Cuarto - CONICET,Argentina

Gerard Assayag IrcamMauricio Ayala-Rincon Universidade de Brasilia, BrazilPablo Barceló Universidad de Chile, ChileGustavo Betarte InCo, Facultad de Ingeniería, Universidad

de la República, UruguayFilippo Bonchi University of Pisa, ItalyMarco Carbone IT University of Copenhagen, DenmarkIlaria Castellani Inria Sophia Antipolis, FranceNéstor Cataño The University EAFIT, ColombiaGabriel Ciobanu Romanian Academy, Iasi, RomaniaSilvia Crafa Università di Padova, ItalyPedro R. D’Argenio Universidad Nacional de Córdoba - CONICET,

ArgentinaNicolas D’Ippolito Universidad de Buenos Aires, ArgentinaStefan Dantchev Durham University, UKRocco De Nicola IMT - Institute for Advanced Studies Lucca, ItalyYuxin Deng Shanghai Jiao Tong University, ChinaGilles Dowek Inria, FranceMoreno Falaschi University of Siena, ItalyJosé Luiz Fiadeiro Royal Holloway, University of London, UKWan Fokkink Vrije Universiteit Amsterdam, The NetherlandsFabio Gadducci Università di Pisa, ItalyKim Guldstrand Larsen Aalborg University, DenmarkJulian Gutierrez University of Oxford, UKStefan Haar Inria Saclay/LSV, ENS Cachan, FranceThomas Hildebrandt IT University of Copenhagen, DenmarkEinar Broch Johnsen University of Oslo, NorwayBartek Klin University of Warsaw, PolandMarta Kwiatkowska University of Oxford, UKMartin Leucker University of Lübeck, GermanyEtienne Lozes LSV, ENS Cachan, CNRS, FranceLarissa Meinicke The University of Queensland, AustraliaHernan Melgratti Universidad de Buenos Aires, ArgentinaDominique Mery Université de Lorraine, LORIA, FranceMatteo Mio University of Cambridge, UK

Andrzej Murawski University of Warwick, UKVivek Nigam Universidade Federal da Paraíba, BrazilMauricio Osorio UDLA, MéxicoPrakash Panangaden McGill University, CanadaElaine Pimentel UFMG, BrazilJorge A. Pérez University of Groningen, The NetherlandsAntónio Ravara Universidade Nova de Lisboa, PortugalCamilo Rocha Escuela Colombiana de Ingeniería, ColombiaCamilo Rueda Universidad Javeriana-Cali, ColombiaAugusto Sampaio Federal University of Pernambuco, BrazilVijay Saraswat IBM, USAVladimiro Sassone University of Southampton, UKGerardo Schneider Chalmers — University of Gothenburg, SewdenAlexandra Silva Radboud University Nijmegen, The NetherlandsJiri Srba Aalborg University, DenmarkJean-Bernard Stefani Inria, FrancePerdita Stevens University of Edinburgh, UKKohei Suenaga Graduate School of Informatics, JapanVasco T. Vasconcelos University of Lisbon, PortugalAlwen Tiu Nanyang Technological University, SingaporeKazunori Ueda Waseda University, JapanFrank D. Valencia CNRS LIX, École Polytechnique de Paris, France

and Universidad Javeriana-Cali, ColombiaKapil Vaswani Microsoft Research, IndiaBjörn Victor Uppsala University, SwedenIgor Walukiewicz CNRS, LaBRI, FranceFarn Wang National Taiwan University, TaiwanAlan Wassyng McMaster University, CanadaGianluigi Zavattaro University of Bologna, Italy

Organizing Committee

Gloria Inés Álvarez Universidad Javeriana-Cali, ColombiaJesús Aranda Universidad del Valle, ColombiaAntal Buss Universidad Javeriana-Cali, ColombiaJuan Francisco Díaz Universidad del Valle, ColombiaJuan Pablo García Universidad Javeriana-Cali, ColombiaMichell Guzmán Inria and LIX École Polytechnique, FranceJulian Gutierrez University of Oxford, UKJuan Carlos Martínez Universidad Javeriana-Cali, ColombiaAndrés Navarro Universidad Javeriana-Cali, ColombiaMaría Constanza Pabón Universidad Javeriana-Cali, ColombiaSalim Perchy Inria and LIX École Polytechnique, FranceJorge A. Pérez University of Groningen, The NetherlandsLuis Fernando Pino Inria and LIX École Polytechnique, FranceLuisa Fernanda Rincón Universidad Javeriana-Cali, Colombia

VIII Organization

Gerardo Sarria Universidad Javeriana-Cali, ColombiaCamilo Rueda Universidad Javeriana-Cali, ColombiaAlexander Valencia Universidad Javeriana-Cali, ColombiaFrank D. Valencia CNRS LIX, École Polytechnique de Paris, France

and Universidad Javeriana-Cali, Colombia

Additional Reviewers

Almeida Matos, AnaAman, BogdanÅman Pohjola, JohannesBallis, DemisBasold, HenningBianchni, MonicaBlankenburg, MartinBohorquez, JaimeBrodo, LindaBuss, AntalCampo, Juan DiegoCassel, SofiaCastellan, SimonCastellanos Joo, José AbelChimento, Jesus MauricioColombo, ChristianDardha, OrnelaDecker, NormannDezani-Ciancaglini,

MariangiolaDi Giusto, CinziaFauconnier, HuguesFontaine, GaelleForget, JulienGibson, J. PaulGroote, Jan FrisoGunadi, HendraGutkovas, RamūnasHeijltjes, WillemHoffmann, Guillaume

Horne, RossHuang, MingzhangIshii, DaisukeIwasaki, HideyaJensen, Peter GjølJovanovic, AleksandraKnight, SophiaKumar, SandeepKönig, BarbaraLanese, IvanLaursen, SimonLee, Matias DavidLehtinen, KaroliinaLin, Anthony WidjajaLong, HuanLuna, CarlosMarcial-Romero,

Jose-RaymundoMarkin, GrigoryMarques, Eduardo R.B.Mastroeni, IsabellaMelo de Sousa, SimãoMerz, StephanMezzina, Claudio AntaresMontesi, FabrizioMostrous, DimitrisNieves, Juan CarlosOlarte, CarlosPagano, MiguelParaskevas, Evripidis

Pardo, RaúlPerelli, GiuseppePun, Ka I.Rocha Oliveira,

Ana CristinaRoldan, ChristianSalamon, Andras Z.Salvati, SylvainSantini, FrancescoSasse, RalfScherer, GabrielSchlatte, RudolfSchmitz, MalteSingh, NeerajSobocinski, PawelSoncco-Álvarez, José LuisSong, LeiSteffen, MartinTasson, ChristineTer Beek, Maurice H.Thoma, DanielTiezzi, FrancescoTzameret, IddoVan Raamsdonk, FemkeVentura, Daniel LimaViera, MarcosWiltsche, ClemensWinter, JoostZepeda Cortes, Claudia

Organization IX

Invited Talks Abstracts

An Exercise in Mathematical Engineering:Stating and Proving Kuratowski Theorem

Jean-Raymond Abrial

Marseille, Francejrabrial@neuf.fr

Abstract. This paper contains the informal presentation of a well known the-orem on planar graphs: the theorem of Kuratowski (1930). This study is sup-posed to serve as an example for the proposed new discipline of MathematicalEngineering. The intend if this discipline is to show to informaticians, by meansof examples, that there must exist important connections between rigorousmathematics and rigorous computer science. Moreover, in both cases, themechanisation of proofs is becoming more and more fashionable these days.Such mechanisations cannot be performed without a clear understanding of themathematical context that has to be rigorously described before engaging in theproof itself.

Location Privacy via Geo-Indistinguishability

Konstantinos Chatzikokolakis1,2, Catuscia Palamidessi2,3,and Marco Stronati2

1 CNRS, France2 LIX, École Polytechnique, France

3 INRIA, Francecatuscia@lix.polytechnique.fr

Abstract. In this paper we report on the ongoing research of our team Comèteon location privacy. In particular, we focus on the problem of protecting theprivacy of the user when dealing with location-based services. The starting pointof our approach is the principle of geo-indistinguishability, a formal notion ofprivacy that protects the user’s exact location, while allowing approximateinformation – typically needed to obtain a certain desired service – to bereleased. Then, we discuss the problem that raise in the case of traces, when theuser makes consecutive uses of the location based system, while moving along apath: since the points of a trace are correlated, a simple repetition of themechanism would cause a rapid decrease of the level of privacy. We then showa method to limit such degradation, based on the idea of predicting a point frompreviously reported points, instead of generating a new noisy point. Finally, wediscuss a method to make our mechanism more flexible over space: we startfrom the observation that space is not uniform from the point of view of locationhiding, and we propose an approach to adapt the level of privacy to each zone.

A Note on Monitors and Büchi automata

Volker Diekert1 and Anca Muscholl2 and Igor Walukiewicz2

1 Universität Stuttgart, FMI, Germanydiekert@fmi.uni-stuttgart.de2 LaBRI, University of Bordeaux, France

Abstract. When a property needs to be checked against an unknown or verycomplex system, classical exploration techniques like model-checking are notapplicable anymore. Sometimes a monitor can be used, that checks a givenproperty on the underlying system at runtime. A monitor for a property L is adeterministic finite automaton ML that after each finite execution tells whether(1) every possible extension of the execution is in L, or (2) every possibleextension is in the complement of L, or neither (1) nor (2) holds. Moreover, Lbeing monitorable means that it is always possible that in some future themonitor reaches (1) or (2). Classical examples for monitorable properties aresafety and cosafety properties. On the other hand, deterministic liveness prop-erties like “infinitely many a’s” are not monitorable.

We discuss various monitor constructions with a focus on deterministicx-regular languages. We locate a proper subclass of deterministic x-regularlanguages but also strictly large than the subclass of languages which aredeterministic and codeterministic; and for this subclass there exists a canonicalmonitor which also accepts the language itself.

We also address the problem to decide monitorability in comparison withdeciding liveness. The state of the art is as follows. Given a Büchi automaton, itis PSPACE-complete to decide liveness or monitorability. Given an LTL for-mula, deciding liveness becomes EXPSPACE-complete, but the complexity todecide monitorability remains open.

Formal Methods in Air Traffic Management:The Case of Unmanned Aircraft Systems

(Invited Lecture)

César A. MuñozNASA Langley Research Center, Hampton, Virginia 23681-2199

Abstract. As the technological and operational capabilities of unmanned aircraftsystems (UAS) continue to grow, so too does the need to introduce these systemsinto civil airspace. Unmanned Aircraft Systems Integration in the National Air-space System is a NASA research project that addresses the integration of civilUAS into non-segregated airspace operations. One of the major challenges of thisintegration is the lack of an on-board pilot to comply with the legal requirementthat pilots see and avoid other aircraft. The need to provide an equivalent to thisrequirement for UAS has motivated the development of a detect and avoid(DAA) capability to provide the appropriate situational awareness and maneuverguidance in avoiding and remaining well clear of traffic aircraft. Formal methodshas played a fundamental role in the development of this capability. This talkreports on the formal methods work conducted under NASA’s Safe AutonomousSystem Operations project in support of the development of DAA for UAS. Thiswork includes specification of low-level and high-level functional requirements,formal verification of algorithms, and rigorous validation of software imple-mentations. The talk also discusses technical challenges in formal methodsresearch in the context of the development and safety analysis of advanced airtraffic management concepts.

This invited lecture reports on research conducted at NASA Langley Research Center at the Safety-Critical Avionics Systems Branch by several individuals including, in addition to the author, AnthonyNarkawicz, George Hagen, Jason Upchurch, and Aaron Dutle.

The Proof Technique of Unique Solutionsof Contractions

Davide Sangiorgi

Università di Bologna and INRIAdavide.sangiorgi@gmaol.com

This extended abstract summarises work conducted with Adrien Durier andDaniel Hirschkoff (ENS Lyon), initially reported in [38].

Bisimilarity is employed to define behavioural equivalences and reason aboutthem. Originated in concurrency theory, bisimilarity is now widely used also inother areas, as well as outside Computer Science. In this work, behaviouralequivalences, hence also bisimilarity, are meant to be weak because they abstractfrom internal moves of terms, as opposed to the strong ones, which make nodistinctions between the internal moves and the external ones (i.e., the interac-tions with the environment). Weak equivalences are, practically, the most rele-vant ones: e.g., two equal programs may produce the same result with differentnumbers of evaluation steps.

D. Sangiorgi—The authors are partially supported by the ANR project 12IS02001 PACE.

A Logical Revolution

Moshe Y. Vardi

Rice University, Department of Computer Science, Rice University,Houston, TX 77251-1892, USA

vardi@cs.rice.edu,

http://www.cs.rice.edu/*vardi

Abstract. Mathematical logic was developed in an effort to provide formalfoundations for mathematics. In this quest, which ultimately failed, logic begatcomputer science, yielding both computers and theoretical computer science.But then logic turned out to be a disappointment as foundations for computerscience, as almost all decision problems in logic are either unsolvable orintractable. Starting from the mid 1970s, however, there has been a quiet rev-olution in logic in computer science, and problems that are theoretically unde-cidable or intractable were shown to be quite feasible in practice. This talkdescribes the rise, fall, and rise of logic in computer science, describing severalmodern applications of logic to computing, include databases, hardware design,and software engineering.

References

1. Clarke, E.M., Emerson, E.A., Sifakis, J.: Model checking: algorithmic verification anddebugging. Commun. ACM 52(11), 74–84 (2009)

2. Codd, E.F.: A relational model for large shared data banks. Commun. ACM 13, 377–387(1970)

3. Codd, E.F.: Relational completeness of data base sublanguages. In: Rustin, R. (ed.) DatabaseSystems, pp. 33–64. Prentice-Hall (1972)

4. Cook, B., Podelski, A., Rybalchenko, A.: Proving program termination. Commun. ACM 54(5), 88–98 (2011)

5. de Moura, L.M., Bjørner, N.: Satisfiability modulo theories: introduction and applications.Commun. ACM 54(9), 69–77 (2011)

6. Malik, S., Zhang, L.: Boolean satisfiability from theoretical hardness to practical success.Commun. ACM 52(8), 76–82 (2009)

7. Pnueli, A.: The temporal logic of programs. In: Proceedings of 18th IEEE Symposium onFoundations of Computer Science, pp. 46–57 (1977)

8. Vardi, M.Y., Wolper, P.: An automata-theoretic approach to automatic program verification.In: Proceedings of 1st IEEE Symposium on Logic in Computer Science, pp. 332–344 (1986)

On Probabilistic Distributed Strategies

Glynn Winskel

Computer Laboratory, University of Cambridgegw104@cam.ac.uk

Abstract. In a distributed game we imagine a team Player engaging a teamOpponent in a distributed fashion. No longer can we assume that moves ofPlayer and Opponent alternate. Rather the history of a play more naturally takesthe form of a partial order of dependency between occurrences of moves. Howare we to define strategies within such a game, and how are we to adjoinprobability to such a broad class of strategies? The answer yields a surprisinglyrich language of probabilistic distributed strategies and the possibility of pro-gramming (optimal) probabilistic strategies. Along the way we shall encountersolutions to: the need to mix probability and nondeterminism; the problem ofparallel causes in which members of the same team can race to make the samemove, and why this leads us to invent a new model for the semantics of dis-tributed systems.

Contents

Invited Talks

An Exercise in Mathematical Engineering: Stating and ProvingKuratowski Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Jean-Raymond Abrial

Location Privacy via Geo-Indistinguishability . . . . . . . . . . . . . . . . . . . . . . . 28Konstantinos Chatzikokolakis, Catuscia Palamidessi,and Marco Stronati

A Note on Monitors and Büchi Automata . . . . . . . . . . . . . . . . . . . . . . . . . 39Volker Diekert, Anca Muscholl, and Igor Walukiewicz

Formal Methods in Air Traffic Management: The Case of UnmannedAircraft Systems (Invited Lecture) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

César A. Muñoz

The Proof Technique of Unique Solutions of Contractions . . . . . . . . . . . . . . 63Davide Sangiorgi

On Probabilistic Distributed Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69Glynn Winskel

Algebra and Category Theory

Newton Series, Coinductively . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91Henning Basold, Helle Hvid Hansen, Jean-Éric Pin, and Jan Rutten

Quotienting the Delay Monad by Weak Bisimilarity . . . . . . . . . . . . . . . . . . 110James Chapman, Tarmo Uustalu, and Niccolò Veltri

Inverse Monoids of Higher-Dimensional Strings . . . . . . . . . . . . . . . . . . . . . 126David Janin

A Functorial Bridge Between the Infinitary Affine Lambda-Calculusand Linear Logic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Damiano Mazza and Luc Pellissier

Automata and Formal Languages

Learning Register Automata with Fresh Value Generation . . . . . . . . . . . . . . 165Fides Aarts, Paul Fiterău-Broştean, Harco Kuppens,and Frits Vaandrager

Modeling Product Lines with Kripke Structures and Modal Logic . . . . . . . . . 184Zinovy Diskin, Aliakbar Safilian, Tom Maibaum,and Shoham Ben-David

Deterministic Regular Expressions with Interleaving . . . . . . . . . . . . . . . . . . 203Feifei Peng, Haiming Chen, and Xiaoying Mou

Concurrency

Rigid Families for CCS and the p-calculus. . . . . . . . . . . . . . . . . . . . . . . . . 223Ioana Domnina Cristescu, Jean Krivine, and Daniele Varacca

Quotients of Unbounded Parallelism . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241Nils Erik Flick

Higher-Order Dynamics in Event Structures . . . . . . . . . . . . . . . . . . . . . . . . 258David S. Karcher and Uwe Nestmann

Asynchronous Announcements in a Public Channel. . . . . . . . . . . . . . . . . . . 272Sophia Knight, Bastien Maubert, and François Schwarzentruber

A Totally Distributed Fair Scheduler for Population Protocolsby Randomized Handshakes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290

N. Ouled Abdallah, M. Jmaiel, M. Mosbah, and A. Zemmari

Constraints

Extending the Notion of Preferred Explanations for Quantified ConstraintSatisfaction Problems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309

Deepak Mehta, Barry O’Sullivan, and Luis Quesada

A Graphical Theorem of the Alternative for UTVPI Constraints . . . . . . . . . . 328K. Subramani and Piotr Wojciechowski

Logic and Semantic

Converging from Branching to Linear Metrics on Markov Chains . . . . . . . . . 349Giorgio Bacci, Giovanni Bacci, Kim G. Larsen, and Radu Mardare

MSO Logic and the Partial Order Semantics of Place/Transition-Nets . . . . . . 368Mateus de Oliveira Oliveira

A Resource Aware Computational Interpretation for Herbelin’s Syntax . . . . . 388Delia Kesner and Daniel Ventura

XXII Contents

Undecidability Results for Multi-Lane Spatial Logic . . . . . . . . . . . . . . . . . . 404Heinrich Ody

Software Architecture and Component-Based Design

Aspect-Oriented Development of Trustworthy Component-Based Systems . . . 425José Dihego and Augusto Sampaio

A Game of Attribute Decomposition for Software Architecture Design . . . . . 445Jiamou Liu and Ziheng Wei

Multi-rate System Design through Integrating Synchronous Components . . . . 464Ke Sun

Verification

Verifying Android’s Permission Model . . . . . . . . . . . . . . . . . . . . . . . . . . . 485Gustavo Betarte, Juan Diego Campo, Carlos Luna, and Agustín Romano

CSP and Kripke Structures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 505Ana Cavalcanti, Wen-ling Huang, Jan Peleska, and Jim Woodcock

Specifying and Analyzing the Kademlia Protocol in Maude . . . . . . . . . . . . . 524Isabel Pita and Adrián Riesco

Enforcement of (Timed) Properties with Uncontrollable Events. . . . . . . . . . . 542Matthieu Renard, Yliès Falcone, Antoine Rollet, Srinivas Pinisetty,Thierry Jéron, and Hervé Marchand

Tool Papers

A Tool Prototype for Model-Based Testing of Cyber-Physical Systems . . . . . 563Arend Aerts, Mohammad Reza Mousavi, and Michel Reniers

CAAL: Concurrency Workbench, Aalborg Edition . . . . . . . . . . . . . . . . . . . 573Jesper R. Andersen, Nicklas Andersen, Søren Enevoldsen,Mathias M. Hansen, Kim G. Larsen, Simon R. Olesen, Jiří Srba,and Jacob K. Wortmann

A Tool for the Automated Verification of Nash Equilibriain Concurrent Games. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583

Alexis Toumi, Julian Gutierrez, and Michael Wooldridge

Contents XXIII

Short Papers

A Mathematical Game Semantics of Concurrency and Nondeterminism . . . . . 597Julian Gutierrez

First Steps Towards Cumulative Inductive Types in CIC . . . . . . . . . . . . . . . 608Amin Timany and Bart Jacobs

Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 619

XXIV Contents