A Language-Agnostic Logical Relation for Message-Passing Protocols

Today's computing landscape has been gradually shifting to applications targeting distributed and *heterogeneous* systems, such as cloud computing and Internet of Things (IoT) applications. These applications are predominantly *concurrent*, employ *message-passing*, and interface with *foreign objects*, ranging from externally implemented code to actual physical devices such as sensors. Verifying that the resulting systems adhere to the intended protocol of interaction is challenging -- the usual assumption of a common implementation language, let alone a type system, no longer applies, ruling out any verification method based on them. This paper develops a framework for certifying *protocol compliance* of heterogeneous message-passing systems. It contributes the first mechanization of a *language-agnostic logical relation*, asserting that its inhabitants comply with the protocol specified. This definition relies entirely on a labelled transition-based semantics, accommodating arbitrary inhabitants, typed and untyped alike, including foreign objects. As a case study, the paper considers two scenarios: (1) *per-instance verification* of a specific application or hardware device, and (2) *once-and-for-all verification* of well-typed applications for a given type system. The logical relation and both scenarios are mechanized in the Coq theorem prover.