In this talk, I will investigate the expressive power and the algorithmic properties of weighted expressions, which define functions from finite words to integers. First, I will consider a slight extension of an expression formalism, introduced by Chatterjee. et. al. in the context of infinite words (called Mean-Payoff expressions), by which to combine values given by unambiguous (max,+)-automata, using Presburger arithmetic. Important decision problems such as emptiness, universality and comparison are PSpace-Complete for these expressions. I will then investigate the extension of these expressions with Kleene star. This allows to iterate an expression over smaller fragments of the input word, and to combine the results by taking their iterated sum. Unfortunately, the decision problems turn out to be undecidable. So, the goal of this talk is to highlights a still expressive class of expression and sketch is decidability especially by considering a new class of automata: Weighted chop automata.
Symbolic executions (and their recent variants called dynamic symbolic
executions) are an important technique in automated testing. Instead
of analysing only concrete executions of a program, one could treat
such executions symbolically (i.e. with some variables that are not
bound to concrete values) and use constraint solvers to determine this
(symbolic) path feasibility so as to guide the path explorations of
the system under test, which in combination with dynamic analysis
gives the best possible path coverage. For string-manipulating
programs, solvers need to be able to handle constraints over the
string domain. This gives rise to the following natural question: what
is an ideal decidable logic over strings for reasoning about path
feasibility in a program with strings? This is a question that is
connected to a number of difficult results in theoretical computer
science (decidability of the theory of strings with concatenations,
a.k.a., word equations) and long-standing open problems (e.g.
decidability of word equations with length constraints). Worse yet,
recent examples from cross-site scripting vulnerabilities suggest that
more powerful string operations (e.g. finite-state transducers) might
be required as first class citizens in string constraints. Even though
putting all these string operations in a string logic leads to
undecidability, recent results show that there might be a way to
recover decidability while retaining expressivity for applications in
symbolic execution. In this talk, I will present one such result from
my POPL’16 paper (with P. Barcelo). The string logic admits
concatenations, regular constraints, finite-state transductions,
letter-counting and length constraints (which can consequently express
charAt operator, and string disequality). I will provide a number of
examples from the cross-site scripting literature that shows how a
string logic can, for the first time, be used to discover a bug in or
prove correctness of the programs. I will conclude by commenting on a
new decision procedure for the logic that leads to an efficient
implementation (POPL’18 with L. Holik, P. Janku, P. Ruemmer, and T.
Vojnar) and a recent attempt to incorporate the fully-fledged
replace-all operator into a string logic (POPL’18 with T. Chen, Y.
Chen, M. Hague, and Z. Wu).
Buggy and insecure software could have serious consequences including
the loss of human lives, financial losses, and confidential
information leakage, to name a few. Program analysis is a field that
concerns the problem of analysing the behaviour of programs especially
with respect to the issue of correctness. Over the years computational
logic has played an important role in program analysis particularly in
the development of precise automatic methods for verifying the
correctness and optimising the performance of programs. In this talk I
will illustrate how logic can help program analysis, drawing examples
from my own research inspired by challenges in web security (e.g. how
to detect/prevent cross-site scripting vulnerabilities), web
performance optimisation (e.g. how to remove code redundancies in web
pages), and verification of distributed protocols. A theme that will
emerge during the talk is that there is often a tight connection
between logic and automata that can be exploited when designing (often
theoretically optimal) algorithms.
The rapid growth in the size and scope of datasets in science and technology has created a need for novel foundational perspectives on data analysis that blendthe inferential and computational sciences. That classical perspectives from these fields are not adequate to address emerging problems in Data Science is apparent from their sharply divergent nature at an elementary level—in computer science, the growth of the number of data points is a source of “complexity” that must be tamed via algorithms or hardware, whereas in statistics, the growth of the number of data points is a source of “simplicity” in that inferences are generally stronger and asymptotic results can be invoked. On a formal level, the gap is made evident by the lack of a role for computational concepts such as “runtime” in core statistical theory and the lack of a role for statistical concepts such as “risk” in core computational theory. I present several research vignettes aimed at bridging computation and statistics, including the problem of inference under privacy and communication constraints, and including a surprising cameo role for symplectic geometry.