View
216
Download
1
Category
Tags:
Preview:
Citation preview
MURI Review Meeting, June, 2005 1
AS3: Adaptive, Situation-Aware and Secure Service-Based
Systems
Hasan DavulcuDepartment of Computer Science and Engineering
Arizona State University
Joint work with:Dr. Stephen S. Yau
Dr. Supratik Mukhopadhyay
MURI Review Meeting, June, 2005 2
Outline Introduction and Examples Our research goals on AS3 systems AS3 Calculus and Logic Secure and Adaptive Workflow Synthesis Conclusion and future work
MURI Review Meeting, June, 2005 3
Introduction Service-based systems (SBS):
Systems offering services which are well-defined functions used in different contexts and have interrelations and dependencies
Services are not restricted to Web services Individual services are usually
independently designed and implemented, and run on loosely coupled systems
Examples: Emergency response information systems e-Business …
MURI Review Meeting, June, 2005 4
An Example of SBS- Road Emergency Response
L
call 911
Police Dept. (PD)
Fire Dept.(FD)
AMS
Accident Report
Accid
ent
ReportA
ccid
ent
Rep
ort
Workflow Planning
& Scheduling
CAR
Send Patrol Car
FESend
Fire Engine
AMB
Send
Ambulance
Setup Perimeter
Passenger in critical condition
H
MURI Review Meeting, June, 2005 5
Coordination Constraints All the responders should arrive at the
accident site within fifteen minutes. Any CAR, FE, AMB, or H that are serving at
one accident site should not be dispatched to another accident site before completing their jobs at the accident site.
Injured passengers in critical conditions should be brought to a nearby hospital within fifteen minutes after they are rescued from their damaged vehicles.
Any coordination agent should only follow the commands from a trusted MP, being authenticated and delegated by a trusted party (the proper authority). Only after CARs leaves from L, ERC can end the road closure.
MURI Review Meeting, June, 2005 6
Dynamic reconfiguration Constraints
Since, it is almost impossible to identify all control and correction steps before execution time, the system must provide the capability to adapt the workflows at run-time with dynamic reconfiguration constraints:
Resource failure: An ambulance can transport at most two injured passengers at the same time, and hence the MP should send another ambulance within five minutes to carry additional injured passengers.
Service failure: If the police fail to set up a perimeter within fifteen minutes after the 911 call center gets an accident report, FE and AMB can enter the accident site regardless a police perimeter has been set up or not.
Exception Condition: If the paramedics determine that one of the injured passengers is in critical condition then, another helicopter (H1) is discovered and used to transport the passenger in critical condition to the hospital.
MURI Review Meeting, June, 2005 7
Requirements
Adaptability System adaptation to provide acceptable
performance in spite of system failures, overload, or damages
Rapid reconfiguration to achieve users’ new missions
Security Authentication for both users and service providers Protection of critical information and critical
operations of distributed services Enforcement of flexible security policies of
distributed services from joint/coalition operations
MURI Review Meeting, June, 2005 8
Objective of Our Project
Conduct basic research on generating techniques for rapid development, deployment and operations of AS3 Systems with high confidence and cost-effectiveness.
1. Hierarchical situation-awareness capability.2. Distributed trust management to ensure
policy-based security.3. Rapidly discovering, contracting with and
composing reliable and unreliable services into processes with situational and QoS constraints
4. Adapting these processes when situations, mission goals and/or security policies change
MURI Review Meeting, June, 2005 9
Our Approach
Provide a declarative unifying logic-based approach for extending service-oriented architecture with: Hierarchical situation-awareness for reactive
behavior Distributed trust management for managing and
enforcing security policies Adaptive workflow management for deliberative
actions, which are composed and coordinated automatically to achieve users’ goals
while preserving overall correctness and consistency.
MURI Review Meeting, June, 2005 10
Mission Planning Services (MP)
Workflow Scheduling
Services (WS)
Directories
Various Capabilities
Discovery Services
(DS)
Comp/Comm Resources
AS3 System Architecture
Services
Situation-Awareness
Agents (SAA)
SecurityAgents (SeA)
Formal Specification of Mission Goals
Workflow
MURI Review Meeting, June, 2005 11
Major Components of Our Approach
I. AS3 Calculus and LogicII. Distributed trust
managementIII. Adaptive workflow synthesisIV. Distributed workflow
scheduling
MURI Review Meeting, June, 2005 12
Our Approach to Rapid Development of AS3 Systems
Workflow AS3 Calculus(I)
Adaptive workflow synthesis (IV)Dynamic
Proof SystemModel and Type
CheckerModel-based Diagnosis
and Recovery
Distributed workflow scheduler
(V)
Security Agents(III)
SINS Virtual Machine
H-SAW Agents(II)
Compiler
Service specs
(IV)
Application independent properties
AS3 Logic(I)
Mission goal spec
(IV)
AS3 System specificationsQoS specs
H-SAW(II)
Securitypolicies
(III)
Real-time(V)
Online Fault Management for Hierarchical SAW
Agents(II)
MURI Review Meeting, June, 2005 13
Existing Standards for Service-based Systems
1. BPEL/BPEL4WS [21]: Industry standard For modeling and executing workflows Lacks formal semantics Does not provide automatic service composition
and adaptation
2. OWL-S, Web Components [36]: Provides constructs for unambiguously
describing the properties and capabilities of Web services
Provides limited formal guarantees Does not provide automatic service composition
MURI Review Meeting, June, 2005 14
Existing Formal Approaches Rule-based Modeling (SWORD) [28]:
Does not allow services having side effects Currently, no work is known that uses SWORD for
modeling situation-awareness or security policies Classical Process Calculi and Synchronous
Programming Languages: Pi calculus [33,34], Ambient Calculus [32], Chemical
Abstract Machine [35]: Does not provide facilities for processing situation information and reacting to it
SOL [37]: Does not provide facilities for automatic service composition
Provides ways for formal reasoning Linear Logic [29]:
Undecidable: provides only semi-automated service composition
MURI Review Meeting, June, 2005 15
A Simple Example
ShipBPlan: Ask ShipA to destroy enemy
Enemy
Exec: ShipA.Radar lock enemy
Commander
Monitoring Agent
Enemy detected
ShipA
Exec: ShipA.Missile fire missile
MURI Review Meeting, June, 2005 16
Our AS3 Calculus Provides a formal programming model
for AS3 systems Is based on classical process calculi,
and has operational semantics involving interactions between: external actions: communication, leaving
and joining groups internal computations: method calls of
named services Can model timeouts and failures Implements access control using
hierarchical domains
MURI Review Meeting, June, 2005 17
A Calculus for AS3 Systems(System) S::= fix I=P (recursion)
N[S] (named domain) S||S (Sys. Comp.)
N ::= x (variable) n (name)
(Process)P::=
(new n) P (name restriction) 0 (inactive process) P||P (par. composition) I (identifier) E.P (external action) C.P (int. computation) P1+P2 (nondet. choice) fail (failure) catch(n).P (failure handler)
time t.P (timeout)P{l1(x1),…;…ln(xn)} (method
export)
External action involves communication, leaving or joining groups, removing firewalls Internal computation takes place by calling methods of identified services
MURI Review Meeting, June, 2005 18
External ActionsE ::= M (Domain) K (Comm.)
K::= (comm.) (x) (input) <Z> (output)
M ::= in N (enter a
dom.) out N (exit a
dom.) open N (open
firewall) M.M’ (concat) ε (no action)
MURI Review Meeting, June, 2005 19
Internal ComputationC::= Let x=C instantiate P (beta reduction)
if C(x) then P else P’ (conditional) I:li(y) (method invocation for identified
service) I:li ← I’:lj (method replacement)
ρ (constraint evaluation) C.C (concatenation) ε (no-computation) true (constant true) false (constant false) ⊥ (failed computation)
I:li= pre::post(xi)
MURI Review Meeting, June, 2005 20
Security Model An AS3 system is secure iff only
two entities (processes) in the same domain can communicate.
When two entities are not in the same domain, they must move into the same domain for communication
Security (access control) model synthesized through formula rewriting using sound transformation rules in AS3 logic
MURI Review Meeting, June, 2005 21
Security Model (cont.)n
m
Is A allowed to communicate with B?--Is A currently authenticated to n ?--Can A currently move out from m to n to communicate with B ?
BA
MURI Review Meeting, June, 2005 22
AS3 Processes for the Example
System
Monitoring Agent Commander
ShipA ShipB
if MA:detect_intrusion() then let <x,y>=MA: get_enemy_coordinates() instantiate <x,y>.MA else MA
(x,y). In fleet.<x,y>.<destroy>.out fleet.CMD
Fleet = fleet[shipA || shipB]
shipA= (x,y).(d).
if d=“destroy” then (shipA:lock_radar(x,y).shipA:load_missile().(let z=shipA:fire() instantiate if z= enemy_destroyed then <z> ) then shipA)
else shipA
shipB ≌ shipA
Fleet
MURI Review Meeting, June, 2005 23
if MA:detect_intrusion() then let <x,y>= MA: get_enemy_coordinates()instantiate <x,y>MA
else MA
AS3 Processes for the Example (cont.)
Monitoring Agent
Enemy
Commander
<x,y>
MURI Review Meeting, June, 2005 24
AS3 Processes for the Example (cont.)
Commander
(x,y). In fleet.<x,y>.<destroy>.out fleet.CMD.
ShipA ShipB
Fleet
<x,y>.<destroy>
MURI Review Meeting, June, 2005 25
enemy destroyed
AS3 Processes for the Example (cont.)
ShipA ShipB
Fleet
Enemy
Fleet = fleet[shipA || shipB]shipA= (x,y).(d).if d=“destroy” then
shipA:lock_radar(x,y)shipA:load_missile()let z=shipA:fire() instantiate if z= enemy_destroyed then
<z> then shipA
else shipA
MURI Review Meeting, June, 2005 26
Synthesis of AS3 Processes Can we synthesize AS3 processes
automatically from declarative specifications? Yes, use our approach
MURI Review Meeting, June, 2005 27
Our Approach: Logic-based Synthesis of AS3 Processes1. Services described in AS3 logic along
with proof rules of the logic form a theory of AS3 systems
2. Functional requirements of the mission along with QoS (real-time, security, situation-awareness) described as formulae in AS3 logic
3. Synthesis amounts to a proof of the requirements using the AS3 theory
4. Executable calculus terms directly synthesized from the proof
MURI Review Meeting, June, 2005 28
Our AS3 Logic Modal Logic talking about both time
and space Sometime modality for temporal
evolution, somewhere modality for spatial location
Modalities for communication, leaving joining domains, knowledge
Atomic formulas for describing relations among variables
MURI Review Meeting, June, 2005 29
AS3 Logic Syntaxφ ::= 0 (inactivity) pred(x1,…,xn) (user defined atoms) t~c (atomic constraint)
φ1∨φ2 (disjunction) ┐φ (negation) ◊ φ (sometime) Θ φ (somewhere) I (identifier/nominal match) ~::=> | <| ≤| ≥c: Natural Number
MURI Review Meeting, June, 2005 30
AS3 Logic Syntax (Contd.) φ1|| φ2 (parallel composition) η[φ] (named domain) φ@η (behavior within domain) K(u; φ) (knowledge of an object) serv(u; φ) (recording of an object) n φ (quantification over names) t φ (quantification over real variables)
in(n) φ (behavior after entering domain) out(n) φ (behavior after leaving domain) <u> φ (behavior after sending message) T (constant true)
MURI Review Meeting, June, 2005 31
AS3 Logic: Properties Decidable when interpreted over
systems with image-finite processes
Model checking problem is also decidable for systems with image-finite processes
MURI Review Meeting, June, 2005 32
Proof Theory of AS3 Logic All axioms of propositional
modal logic and the following axioms:
T1: Θ(σ || n[φ]) next_hierarchy(σ,φ)
T2: next_hierarchy(φ,σ)→Θσ
T3: Θ◊φ→◊Θφ
T4: φ→Θφ
T5: ΘΘφφ
MURI Review Meeting, June, 2005 33
Transformation Rules for Synthesis of Access ControlSecurity (access control) model
synthesized through formula rewriting using sound transformation rules in AS3 logic
A1: restrict(I,φ) ┐Θ(I ||φ)
A2: restrict(I,J) ∧ Θ(J || K) →┐Θ(I || K)
and 7 other transformation rules for synthesis of access control
MURI Review Meeting, June, 2005 34
The Simple Example in AS3
LogicEntities: (Nominals/Identifiers)shipA, shipB, MA, CMDGoal: R1: detect_intrusion(MA) →◊Θserv(“enemy_destroyed”; T)If the MA detects an intrusion then eventually
somewhere there will be a process that will record “enemy_destroyed”
MURI Review Meeting, June, 2005 35
Service Coordination Descriptions in AS3 LogicS1: detect_intrusion(MA) → ◊serv(“enemy_ship”; MA)
S2: serv(“enemy_ship”;MA) →◊get_coordinates(u,v;MA)
S3: get_coordinates(u,v;MA) →◊ serv(u,v;MA) and two other axioms
MURI Review Meeting, June, 2005 36
Access Control Requirement: The Simple Example Only CMD is allowed to communicate to shipA
or shipB MA cannot directly communicate with shipA or shipB
AC1: U=shipA U=shipB →□restrict(MA,U)
AC2: System[MA || T]
AC3: □┐restrict(shipA,shipB)
AC4: ┐restrict(CMD, MA)
MURI Review Meeting, June, 2005 37
Deductive Proof and Process Synthesis
(1) ┐restrict(CMD, MA) …(AC4)(2) ┐restrict(I,σ)→Θ(I||σ) … (A3)(3) Θ(CMD || MA) … (MP 1,2)
(1) ┐restrict(CMD, MA) …(AC4)(2) ┐restrict(I,σ)→Θ(I||σ) … (A3)(3) Θ(MA || MA) … (MP 1,2)
(4) System[MA|| T] … (AC2)(5) φ→Θφ … (T4)(6) Θ System[MA || T] … (Sub. 4, 5)
(1) ┐restrict(CMD, MA) …(AC4)(2) ┐restrict(I,σ)→Θ(I||σ) … (A3)(3) Θ(MA || MA) … (MP 1,2)(4) System[MA|| T] … (AC2)(5) φ→Θφ … (T4)(6) Θ System[MA || T] … (Sub. 4, 5)
(7) Θn[σ || ρ] /\ Θ(φ || σ)→ Θ n[φ || σ || ρ] … (A4) (8) Θ System[MA|| CMD || T] …(MP 4,6,7)
(1) ┐restrict(CMD, MA) …(AC4)(2) ┐restrict(I,σ)→Θ(I||σ) … (A3)(3) Θ(MA || MA) … (MP 1,2)(4) System[MA|| T] … (AC2)(5) φ→Θφ … (T4)(6) Θ System[MA || T] … (Sub. 4, 5)(7) Θn[σ || ρ] /\ Θ(φ || σ)→ Θ n[φ || σ || ρ] … (A4) (8) Θ System[MA|| CMD || T] …(MP 4,6,7)
(9) restrict(shipA, MA) …(AC1)(10) □┐restrict(shipA,shipB) …(AC3)(11) restrict(φ,σ) /\ ┐restrict(φ,ρ) →restrict(φ || ρ,σ) …(A5)(12) restrict(shipA||shipB,MA) … (MP 9,10,11)
(1) ┐restrict(CMD, MA) …(AC4)(2) ┐restrict(I,σ)→Θ(I||σ) … (A3)(3) Θ(MA || MA) … (MP 1,2)(4) System[MA|| T] … (AC2)(5) φ→Θφ … (T4)(6) Θ System[MA || T] … (Sub. 4, 5)(7) Θn[σ || ρ] /\ Θ(φ || σ)→ Θ n[φ || σ || ρ] … (A4)
(8) Θ System[MA|| CMD || T] …(MP 4,6,7)(9) restrict(shipA, MA) …(AC1)(10) □┐restrict(shipA,shipB) …(AC3)(11) restrict(φ,σ) /\ ┐restrict(φ,ρ)→restrict(φ || ρ,σ) …(A5)
(12) restrict(shipA||shipB,MA) … (MP 9,10,11)(13) Θn[φ||J] restrict(K,J)→Θn[φ||m[K]||J] Θ(n[φ||J] || m[K]) …(A9)
(14) Θ System[CMD|| MA || m[shipA||shipB] || T] (MP 8,12,13)
AC4 A3
(3)
AC2 T4
(6)A4
AC3AC1 A5
(12) A9
(8)
(14)
MURI Review Meeting, June, 2005 38
Deductive Proof and Process Synthesis
S1: detect_intrusion(MA)→◊serv(“enemy_ship”; MA)
S2: serv(“enemy_ship”;MA)→◊get_coordinates(u,v;M
A)
…
fix MA=let x=MA:detect_intrusion()Instantiate
if x=“enemy_ship” then let (u,v)=MA:get_coordinates()
instantiate
…
Goal: R1: detect_intrusion(MA) →◊Θserv(“enemy_destroyed”; T)
MURI Review Meeting, June, 2005 40
Image Finiteness of Processes We impose the following restrictions on
processes Recursive processes are guarded Parallel composition through recursion is not
allowed (similar to Pi-calculus [Dam 93]) A type system can check for well-
formedness of processes Image Finiteness: A closed process term
can only evolve (in zero or more steps) into finitely many non-congruent process terms using the reduction rules
Restrictions ensure that every process is image finite
Back
MURI Review Meeting, June, 2005 41
Semantics of AS3 Logic Interpreted over systems decorated with
atomic formulasP ╞ I if fix I=P
P ╞ <u> φ if there exists Q, R,S,T P≌<u>Q,R ≌ (x).S,T= P||R and Q╞ φ
P ╞ pred(u1,…,un) if P is decorated with pred(u1,…,un)
P ╞ in(n) φ if there exists Q, n, R, S, P ≌ in n.Q, Q╞ φ @n, S ≌ P || n[R]
Back
MURI Review Meeting, June, 2005 42
Transformation Rules for Access Control (Cont.)
A3: ┐restrict(I,σ)→Θ(I ||σ)
A4: Θn[ρ || σ] ∧ Θ(φ || σ)→Θn[φ || σ || ρ]
A5: restrict(φ,σ)∧┐restrict(φ,ρ)→restrict(φ || ρ,σ)
A6: next_hierarchy(I,σ)→restrict(I,σ)
A7: restrict(I,σ) /\ Θ(I || J)→restrict(J,σ) A8: restrict(σ,φ)→restrict(φ,σ)
A9: Θn[φ || J] /\ restrict(K,J)→Θn[φ ||m[K] || J] V Θ(n[φ || J] || m[K])
[Back]
MURI Review Meeting, June, 2005 43
Service Descriptions in AS3 LogicS4: serv(u,v;MA)→◊K(u,v;CMD)
S5: K(u,v;CMD)→◊K(u,v;shipA)\/◊K(u,v;shipB)
Back
MURI Review Meeting, June, 2005 44
Policy Enforcement: Model-based Diagnosis and Recovery System was synthesized based on the
assumption that services do not behave maliciously: Unrealistic assumption
Runtime enforcement ensures diagnosis of malicious behavior on the part of services and subsequent recovery
Service specifications used to generate symptoms
Abduction based diagnosis uses the models (process terms) to diagnose breach of trust by services and ensure recovery
MURI Review Meeting, June, 2005 45
Requirements of AS3 Systems
Adaptability Provide acceptable performance in the presence of
system failures, overload, or damages Rapid reconfiguration to achieve users’ new
missions Security
Authentication for both users and service providers Protection of critical information infrastructure of
distributed services based on flexible security policies
For example, access control requirements Situation-Awareness (SAW) – capability of
being aware of complex situations for Service coordination Adapting workflows when situations change Enforcing situation-aware security policies
MURI Review Meeting, June, 2005 46
A Simple Example A simplified version of the ship
scenario in the overview slides Intrusion of enemy detected by
Monitoring Agent that reports to the CMD The CMD directly asks shipA (or shipB) to
destroy the enemy ship rather than sending a warning
We assume no failures take place The Combat System Agent has been
eliminated
MURI Review Meeting, June, 2005 47
AS3 Processes for the ExampleSystem = MA || CMD || fleet [shipA || shipB] fix MA =
if MA: detect_intrusion() then let <x,y>= MA: get_enemy_coordinates()
instantiate <x,y>.MA else
MA
fix CMD = (x,y). in fleet.<x,y>.<destroy>.out fleet.CMD
fix shipA= (x,y).(d). if d=“destroy” then
(shipA:lock_radar(x,y).shipA:load_missile().(let z=shipA:fire() instantiate if z= enemy_destroyed then <z> ) then shipA) else
shipAshipB ≌shipA
MURI Review Meeting, June, 2005 48
Synthesis of AS3 Processes Security (access control) model
synthesized through formula rewriting using sound transformation rules in AS3 logic
Service specifications including QoS properties axiomatized in AS3 logic
Functional as well as QoS goals of a mission expressed in AS3 logic
MURI Review Meeting, June, 2005 49
Papers, Theses and Reports Publications resulted from AS3 project[1] S. S. Yau, H. Davulcu, S. Mukhopadhyay, D. Huang and Y.
Yao, "Adaptable Situation-Aware Secure Service Based Systems", Proc. 8th IEEE Int'l Symp. on Object-oriented Real-time distributed Computing (ISORC2005), May 2005, pp.308-315.
[2] S. S. Yau, Y. Yao, Z. Chen and L. Zhu, “An Adaptable Security Framework for Service-based Systems,” Proc. 10th IEEE Int’l Workshop on Object-oriented Real-time Dependable Systems (WORDS2005), February 2005, pp. 28-35.
[3] S. S. Yau, D. Huang, H. Gong and H. Davulcu, “Situation-Awareness for Adaptable Service Coordination in Service-based Systems”, Proc. 29th Annual Int'l Computer Software and Application Conference (COMPSAC 2005), September 2005, to appear.
[4] S. S. Yau and D. Huang, “Mobile Middleware for Situation-Aware Service Discovery and Coordination”, Mobile Middleware, edited by Paolo Bellavista and Antonio Corradi, 2005, Chapter 5.g, to appear.
MURI Review Meeting, June, 2005 50
References(check against references in MURI book chapter)
[Abe04] D. Aberdeen, S. Thiébaux, L. Zhang. Decision-Theoretic Military Operations Planning. In ICAPS-04, 2004.
[Bac01] F. Bacchus and M. Ady, Planning with Resources and Concurrency: A Forward Chaining Approach, International Joint Conference on Artificial Intelligence (IJCAI-2001), pages 417-424, 2001.
[Bly93] Jim Blythe and W. Scott Reilly, “Integrating Reactive and Deliberative Planning in a Household Robot”, Technical Report CMU-CS-93-155, Carnegie Mellon University, School of Computer Science, May 1993.
[Bon01] A. Bonifati, S. Ceri, and S. Paraboschi. Pushing reactive services to XML repositories using active rules. In Proc. 10th World-Wide-Web Conference, 2001.
[Bon03] B. Bonet and H. Geffner. Labeled RTDP: Improving the Convergence of Real Time Dynamic Programming. 13th International Conference on Automated Planning and Scheduling (ICAPS-2003), Trento, Italy, June 2003.
[Bro91a] Rodney Brooks, "Integrated systems based on behaviors", In Proceedings of AAAI Spring Symposium on Integrated Intelligent Architectures, Stanford University, March 1991. Available in SIGART Bulletin, Volume 2, Number 4, August 1991.
[Bro91b] Rodney Brooks, “Intelligence without reason”, In Proc. of IJCAI-91. Morgan Kaufmann, San Mateo, 1991.
[Cha87] David Chapman. "Planning for conjunctive goals", Artificial Intelligence, 32:333–378, 1987.
[Dav94] Davidsson, P., "Concepts and autonomous agents", LU--CS--TR: 94--124, Department of computer science, Lund University, 1994
[Den03]G. Denker, L. Kagal, T. W. Finin, M. Paolucci, and K. P. Sycara. Security for DAML web services: Annotation and matchmaking. In International Semantic Web Conference,2003, pp. 335-350.
[Dor97] J. E. Doran, et al, "On Cooperation in Multi-Agent Systems", The Knowledge Engineering Review, 12(3), 1997.
[Feo95] T.A. Feo and M.G.C. Resende, “Greedy randomized adaptive search procedures,” Journal of Global Optimization, vol. 6, 1995, pp. 109--133.
MURI Review Meeting, June, 2005 51
References (cont.)[Fur02] D. Furcy S. Koenig and C. Bauer. Heuristic search-based replanning. In Proceedings of the
International Conference on Artificial Intelligence Planning and Scheduling, 2002.[Gar02] A.Garland and N. Lesh, Continuous Plan Evaluation with Incomplete Action Descriptions, Proc.
3rd Int'l NASA WS on Planning and Scheduling for Space, Houston, TX, 2002.[Gil04] Yolanda Gil, Ewa Deelman, Jim Blythe, Carl Kesselman and Hongsuda Tangmunarunkit,
“Artificial Intelligence and Grids: Workflow Planning and Beyond”, IEEE Intelligent Systems, special issue on e-science, Jan/Feb 2004.
[Liu04] Y. Liu S. Koenig, M. Likhachev and D. Furcy. Incremental heuristic search in artificial intelligence. Artificial Intelligence Magazine, 2004 (in press).
[Lu02] Chenyang Lu, John A. Stankovic, Gang Tao and Sang H. Son, "Feedback Control Real-Time Scheduling: Framework, Modeling, and Algorithms," Real-Time Systems Journal, vol. 23(1/2), 2002, pp. 85-126.
[Kro03] R. van der Krogt, M. de Weerdt, and C. Witteveen. A resource based framework for planning and replanning. Web Intelligence and Agent Systems, 1(3/4):173-186, 2003.
[Kro04] R. van der Krogt and M. de Weerdt. The two faces of plan repair. In Proceedings of the Sixteenth Belgium-Netherlands Conference on Artificial Intelligence (BNAIC-04), pages 147-154, 2004.
[Nam01] Brian Mac Namee, Pádraig Cunningham, "A Proposal for an Agent Architecture for Proactive Persistent Non Player Characters", Proceedings of the Twelfth Irish Conference on Artificial Intelligence and Cognitive Science pp. 221-232, 2001.
[Nie03] Niederberger C., Gross M. , "Hierarchical and Heterogeneous Reactive Agents for Real-Time Applications", Computer Graphics Forum, September 2003, vol. 22, no. 3, pp. 323-331
[Nou97] Nourredine Bensaid and Philippe Mathieu, "A hybrid architecture for hierarchical agents", pages 91-95. Griffith University, Gold-Coast, Australia, February 1997.
[Nwa96] Hyacinth S. Nwana, "Software Agents: An Overview", Knowledge Engineering Review, Vol. 11, No 3, pp. 205-244, October/November 1996.
[Res02] M. G. C. Resende and C. C. Ribeiro. Greedy randomized adaptive search procedures. In F. Glover and G. Kochenberger, editors, Handbook of Metaheuristics, pp. 219-249. Kluwer, 2002.
MURI Review Meeting, June, 2005 52
References (cont.)
[Sen02] P. Senkul, M. Kifer, and I. H. Toroslu, “A Logical Framework for Scheduling Workflows under Resource Allocation Constraints,” Proc. 28th Int’l Conf. on Very Large Data Bases (VLDB’02), 2002, pp. 694-705.
[Urd03] C. Urdiales, et al, "Hierarchical planning in a mobile robot for map learning and navigation", in Autonomous Robotic Systems - Soft Computing and Hard Computing Methodologies and Applications, D. Maravall, D. Ruan and C. Zhou (eds), Springer Verlag Pub pp. 165-188, 2003
[Vas04] Vasco Pires, Miguel Arroz, Luis Custódio, Logic Based Hybrid Decision System for a Multi-robot Team, 8th Conference on Intelligent Autonomous Systems, Amsterdam, The Netherlands, 2004
[Woo02] Mike Wooldridge, "An Introduction to Multiagent Systems by Michael Wooldridge", ISBN 0 47149691X, John Wiley & Sons (Chichester, England), February 2002
[Wu03] D. Wu, B. Parsia, E. Sirin, J. Hendler, and D. Nau. Automating DAML-S web services composition using SHOP2. Proceedings of the Second International Semantic Web Conference (ISWC2003), November 2003.
MURI Review Meeting, June, 2005 53
SINS and SOL SINS (Secure Infrastructure for Networked Systems)
An agent-based middleware Comprise SINS Virtual Machines for instantiating agents SVMs communicate using Agent Control Protocol Agents are specified using SOL and can be automatically
generated and verified SOL (Secure Operation Language)
A synchronous programming language SOL is secure SOL programs are amenable to fully automated static
analysis techniques, such as automatic theorem proving using decision procedures or model checking
SOL has the ability to express a wide class of enforceable safety and security policies
A set of design and analysis tools, including visual representation tool, verification tools and interpreters to other languages, are available for SOL
[Back]
MURI Review Meeting, June, 2005 54
Equational Theory An equational theory for AS3 calculus is provided by the
structural congruence relation defined below. It allows syntactic identification of two processes having identical behavior
A process is structurally congruent to its alpha-renamed variant
If P≌Q then 1. C.P ≌ C.Q2. A.P ≌ A.Q3. P||R ≌ Q||R4. R||P ≌ R||Q5. N[P] ≌ N[Q]6. (new n) P ≌ (new n) Q7. fix I=P ≌ fix I=Q8. P+R ≌ Q+R
[Back]
MURI Review Meeting, June, 2005 55
Normal Hybrid Modal Logic
“A normal modal logic is a set of formulas that contains all tautologies, □(→), (□→□), and ◊□, and is closed under uniform substitution, modus ponens, and generalization” [Blackburn]
“Hybrid logics use one sort of atoms called nominals to refer to states which are regarded as first class citizens” [Blackburn]
[Back]
Recommended