Tweet
Tweet

Slide 1

Slide 1 text

Mathematics The missing ingredient in modern software development Rahul Goma Phulore (@missingfaktor) 2014.11.22 XConf Bengaluru, 2014

Slide 2

Slide 2 text

Software Development Today —"Agile" —"TDD" —"Object oriented" —"Composition over inheritance" —"Too many private methods is a smell"

Slide 3

Slide 3 text

Throw away your buzzwords and blanket statements, and use some math!

Slide 4

Slide 4 text

There’s something about the culture of software that has impeded the use of specification. We have a wonderful way of describing things precisely that’s been developed over the last couple of millennia, called mathematics. I think that’s what we should be using as a way of thinking about what we build. -- Leslie Lamport

Slide 5

Slide 5 text

What comes to your mind when I say the word "mathematics"?

Slide 6

Slide 6 text

XConf Poster (See those numbers on the tree?)

Slide 7

Slide 7 text

But...

Slide 8

Slide 8 text

math·e·mat·ics (ˌmæθəˈmætɪks) —Mathematicians seek out patterns and use them to formulate new conjectures.

Slide 9

Slide 9 text

math·e·mat·ics (ˌmæθəˈmætɪks) —Mathematicians seek out patterns and use them to formulate new conjectures. —Mathematicians resolve the truth or falsity of conjectures by mathematical proof.

Slide 10

Slide 10 text

math·e·mat·ics (ˌmæθəˈmætɪks) —Mathematicians seek out patterns and use them to formulate new conjectures. —Mathematicians resolve the truth or falsity of conjectures by mathematical proof. —When mathematical structures are good models of real phenomena, then mathematical reasoning can provide insight or predictions about nature.

Slide 11

Slide 11 text

A Motivating Example

Slide 12

Slide 12 text

OpenSSL Heartbleed

Slide 13

Slide 13 text

Even these rookie crackers exploited it!

Slide 14

Slide 14 text

OpenSSL Heartbleed

Slide 15

Slide 15 text

Language used for the example: ATS

Slide 16

Slide 16 text

Why do we test our software?

Slide 17

Slide 17 text

We test because: —We want our software to be reliable and correct.

Slide 18

Slide 18 text

We test because: —We want our software to be reliable and correct. —Correctness matters.

Slide 19

Slide 19 text

We test because: —We want our software to be reliable and correct. —Correctness matters. —It's about basic professionalism.

Slide 20

Slide 20 text

What if I told you that there are better ways to verify your software?

Slide 21

Slide 21 text

Formal Methods In computer science, formal methods are a particular kind of mathematically based techniques for the specification, development and verification of software and hardware systems.

Slide 22

Slide 22 text

Type Systems A type system is a syntactic method for automatically checking the absence of certain erroneous behaviors by classifying program phrases according to the kinds of values they compute.

Slide 23

Slide 23 text

What types are not —Classes —Runtime tags

Slide 24

Slide 24 text

What types are —Types categorize terms, based on their properties and the kind of operations they can support —Types encode invariants/knowledge about your program —Intuition: sets

Slide 25

Slide 25 text

Curry-Howard Correspondence —Types ≅ Propositions —Programs ≅ Proofs

Slide 26

Slide 26 text

Not all type systems are created equal

Slide 27

Slide 27 text

Java ≈ Bat

Slide 28

Slide 28 text

Exhibit A

Slide 29

Slide 29 text

NullPointerException!

Slide 30

Slide 30 text

NullPointerException - Diagnosis null ∈ A

Slide 31

Slide 31 text

NullPointerException - Diagnosis f :: A -> B —f can accept a non-null A and return a non-null B. —f can accept a null A and return a non-null B. —f can accept a non-null A and return null B. —f can accept a null A and return a null B.

Slide 32

Slide 32 text

NullPointerException - Diagnosis —Check every single reference for null? Madness! —Have to rely on documentation or tribal knowledge.

Slide 33

Slide 33 text

NullPointerException - Broken solutions —Null object pattern —Elvis operator (?:) —Safe navigation operator (?.)

Slide 34

Slide 34 text

NullPointerException - Broken solutions

Slide 35

Slide 35 text

NullPointerException - Let's apply some math! —Ditch null.

Slide 36

Slide 36 text

NullPointerException - Let's apply some math! —Capture the algebra of "nullity". —Algebraic data types. data Option a = Some a | None -- inhabitants(Option a) = inhabitants(a) + 1

Slide 37

Slide 37 text

NullPointerException - Let's apply some math! f :: A -> B —f can accept an A and return a B.

Slide 38

Slide 38 text

NullPointerException - Let's apply some math! f :: A -> Option B —f can accept an A and optionally return a B.

Slide 39

Slide 39 text

NullPointerException - Let's apply some math! —No way to mistake an A for an Option A!

Slide 40

Slide 40 text

Algebraic data types + First class functions —Help in capturing constraints precisely. —Constraints propagate through program. —Patterns emerge easily. —Lead to algebraic patterns such as functors, applicatives, monads. —Better composability. Extremely high degree of code reuse.

Slide 41

Slide 41 text

We have barely scratched the surface! —Dependent types —Theorem provers —Substructural types —Effects —Coeffects —Region systems —Sequent calculus

Slide 42

Slide 42 text

When you don't have Math vs When you have Math —Callbacks - Monadic futures —Go error handling - Monadic error handling (Either) —AspectJ - Higher order functions and combinators —Spring DI - ML modules, Reader —Polymer - Elm

Slide 43

Slide 43 text

Other Benefits Excellent design tool (See my TyDD presentation)

Slide 44

Slide 44 text

Other Benefits Discoverability - Hoogle

Slide 45

Slide 45 text

Other Benefits Equational reasoning

Slide 46

Slide 46 text

Other Benefits Amazingly capable tools

Slide 47

Slide 47 text

Applications Reactive Extensions (Rx)

Slide 48

Slide 48 text

Applications Games

Slide 49

Slide 49 text

Applications Systems programming

Slide 50

Slide 50 text

Applications Functional reactive programming (FRP)

Slide 51

Slide 51 text

Applications Formally verified OS kernel - seL4

Slide 52

Slide 52 text

Applications Facebook's Hack and FlowType

Slide 53

Slide 53 text

Does this replace testing? No.

Slide 54

Slide 54 text

Does this replace testing? 1 + 1 = 2 proof

Slide 55

Slide 55 text

Does this replace testing? —Formalization has a cost; not always justified. You need to draw a line. —You can get a lot of mileage from the type systems of Scala, Haskell, F#. And even C# and Java. —Tests to cover what hasn't been formally verified.

Slide 56

Slide 56 text

Thank You!

Slide 57

Slide 57 text

References —See the source markdown. Credits —Many giants on whose shoulders us mortals stand. —Rahul Kavale, Shripad Agashe, and Priti Biyani for ideas and early feedback.