Results 11  20
of
58
S: A Machine Readable Specification Notation based on Higher Order Logic
 IN 7TH INTERNATIONAL WORKSHOP ON HIGHER ORDER LOGIC THEOREM PROVING AND ITS APPLICATIONS
, 1994
"... This paper introduces a new notation called S which is based on higher order logic. It has been developed specifically to support the practical application of formal methods in industrial scale projects. The development of S has occurred in the context of an investigation into the possibility of u ..."
Abstract

Cited by 11 (7 self)
 Add to MetaCart
This paper introduces a new notation called S which is based on higher order logic. It has been developed specifically to support the practical application of formal methods in industrial scale projects. The development of S has occurred in the context of an investigation into the possibility of using formal specification techniques in the development of a $400 million air traffic control system. We were motivated to develop this notation after reaching the conclusion that existing notations such as Z are not suitable for use in this particular project. In addition to providing an introduction to S, this paper describes a public domain software tool called Fuss" which has been implemented to support the use of S as a specification language.
Polytypic Proof Construction
, 1999
"... . This paper deals with formalizations and verifications in type theory that are abstracted with respect to a class of datatypes; i.e polytypic constructions. The main advantage of these developments are that they can not only be used to define functions in a generic way but also to formally st ..."
Abstract

Cited by 11 (0 self)
 Add to MetaCart
. This paper deals with formalizations and verifications in type theory that are abstracted with respect to a class of datatypes; i.e polytypic constructions. The main advantage of these developments are that they can not only be used to define functions in a generic way but also to formally state polytypic theorems and to synthesize polytypic proof objects in a formal way. This opens the door to mechanically proving many useful facts about large classes of datatypes once and for all. 1 Introduction It is a major challenge to design libraries for theorem proving systems that are both sufficiently complete and relatively easy to use in a wide range of applications (see e.g. [6, 26]). A library for abstract datatypes, in particular, is an essential component of every proof development system. The libraries of the Coq [1] and the Lego [13] system, for example, include a number of functions, theorems, and proofs for common datatypes like natural numbers or polymorphic lists. In th...
Proof styles in operational semantics
 Proceedings of the 5th International Conference on Formal Methods in ComputerAided Design (FMCAD 2004), volume 3312 of LNCS
, 2004
"... Abstract. We relate two wellstudied methodologies in deductive verification of operationally modeled sequential programs, namely the use of inductive invariants and clock functions. We show that the two methodologies are equivalent and one can mechanically transform a proof of a program in one meth ..."
Abstract

Cited by 9 (5 self)
 Add to MetaCart
Abstract. We relate two wellstudied methodologies in deductive verification of operationally modeled sequential programs, namely the use of inductive invariants and clock functions. We show that the two methodologies are equivalent and one can mechanically transform a proof of a program in one methodology to a proof in the other. Both partial and total correctness are considered. This mechanical transformation is compositional; different parts of a program can be verified using different methodologies to achieve a complete proof of the entire program. The equivalence theorems have been mechanically checked by the ACL2 theorem prover and we implement automatic tools to carry out the transformation between the two methodologies in ACL2.
M.: Verified, executable parsing
 In: European Symposium on Programming (ESOP
, 2009
"... Abstract. We describe the mechanisation of SLR parsing, covering background properties of contextfree languages and grammars, as well as the construction of an SLR automaton. Among the various properties proved about the parser we show, in particular, soundness: if the parser results in a parse tre ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
Abstract. We describe the mechanisation of SLR parsing, covering background properties of contextfree languages and grammars, as well as the construction of an SLR automaton. Among the various properties proved about the parser we show, in particular, soundness: if the parser results in a parse tree on a given input, then the parse tree is valid with respect to the grammar, and the leaves of the parse tree match the input; completeness: if the input is in the language of the grammar then the parser constructs the correct parse tree for the input with respect to the grammar; and nonambiguity: grammars successfully converted to SLR automata are unambiguous. We also develop versions of the algorithms that are executable by automatic translation from HOL to SML. These alternative versions of the algorithms require some interesting termination proofs. 1
Foundational, Compositional (Co)datatypes for HigherOrder Logic  Category Theory Applied to Theorem Proving
"... Higherorder logic (HOL) forms the basis of several popular interactive theorem provers. These follow the definitional approach, reducing highlevel specifications to logical primitives. This also applies to the support for datatype definitions. However, the internal datatype construction used in H ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
Higherorder logic (HOL) forms the basis of several popular interactive theorem provers. These follow the definitional approach, reducing highlevel specifications to logical primitives. This also applies to the support for datatype definitions. However, the internal datatype construction used in HOL4, HOL Light, and Isabelle/HOL is fundamentally noncompositional, limiting its efficiency and flexibility, and it does not cater for codatatypes. We present a fully modular framework for constructing (co)datatypes in HOL, with support for mixed mutual and nested (co)recursion. Mixed (co)recursion enables type definitions involving both datatypes and codatatypes, such as the type of finitely branching trees of possibly infinite depth. Our framework draws heavily from category theory. The key notion is that of a rich type constructor—a functor satisfying specific properties preserved by interesting categorical operations. Our ideas are formalized in Isabelle and implemented as a new definitional package, answering a longstanding user request.
A Mechanized Theory of the picalculus in HOL
, 1992
"... : The ßcalculus is a process algebra for modelling concurrent systems in which the pattern of communication between processes may change over time. This paper describes the results of preliminary work on a definitional formal theory of the ßcalculus in higher order logic using the HOL theorem prov ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
: The ßcalculus is a process algebra for modelling concurrent systems in which the pattern of communication between processes may change over time. This paper describes the results of preliminary work on a definitional formal theory of the ßcalculus in higher order logic using the HOL theorem prover. The ultimate goal of this work is to provide practical mechanized support for reasoning with the ßcalculus about applications. Introduction The ßcalculus [17, 18] is a process algebra proposed by Milner, Parrow and Walker for modelling concurrent systems in which the pattern of interconnection between processes may change over time. This paper describes work on a mechanized formal theory of the ßcalculus in higher order logic using the HOL theorem prover [8]. The main aim of this work is to construct a practical and sound theoremproving tool to support reasoning about applications using the ßcalculus, as well as metatheoretic reasoning about the ßcalculus itself. Four general prin...
Local theory specifications in Isabelle/Isar
"... Recent versions of the proof assistant Isabelle have acquired a “local theory” concept that integrates a variety of mechanisms for structured specifications into a common framework. We explicitly separate a local theory “target” from its “body”, i.e. a fixed axiomatic specification (parameters and a ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
Recent versions of the proof assistant Isabelle have acquired a “local theory” concept that integrates a variety of mechanisms for structured specifications into a common framework. We explicitly separate a local theory “target” from its “body”, i.e. a fixed axiomatic specification (parameters and assumptions) vs. arbitrary definitional extensions (conclusions) depending on it. Body elements may be added incrementally, and admit local polymorphism according to HindleyMilner. The foundations of our local theories rest firmly on existing Isabelle/Isar principles, without having to invent new logics or module calculi. Particular target contexts and body elements may be implemented within the generic infrastructure. This results in a large combinatorial space of specification idioms available to the enduser. Here we introduce targets for Isabelle locales, typeclasses, and class instantiations. The available selection of body elements covers primitive definitions and theorems, inductive predicates and sets, and recursive functions. Porting such existing definitional packages is reasonably simple, and enables to reuse sophisticated tools in a variety of target contexts without further ado. For example, a recursive function may be defined depending on locale parameters and assumptions, or an inductive predicate definition may provide the witness in a typeclass instantiation.
Problem Solving in Interactive Proof: A KnowledgeModelling Approach
 Proceedings of the European Conference on Artificial Intelligence 1996 (ECAI96) :335339, Edited by Wahlster W
, 1996
"... This paper presents a model of proof discovery derived from the proof attempts of subjects who carried out interactive proofs using the HOL or Isabelle provers. Techniques of knowledge modelling, from knowledgebasedsystem development, are used to derive a semiformal model of the knowledge utilised ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
This paper presents a model of proof discovery derived from the proof attempts of subjects who carried out interactive proofs using the HOL or Isabelle provers. Techniques of knowledge modelling, from knowledgebasedsystem development, are used to derive a semiformal model of the knowledge utilised by the subjects. The proposedmodel makes claims about the relation between the problem class, the proof plan and its implementation.
STRUCTURAL EMBEDDINGS: MECHANIZATION WITH METHOD
, 1999
"... The most powerful tools for analysis of formal specifications are generalpurpose theorem provers and model checkers, but these tools provide scant methodological support. Conversely, those approaches that do provide a welldeveloped method generally have less powerful automation. It is natural, the ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
The most powerful tools for analysis of formal specifications are generalpurpose theorem provers and model checkers, but these tools provide scant methodological support. Conversely, those approaches that do provide a welldeveloped method generally have less powerful automation. It is natural, therefore, to try to combine the betterdeveloped methods with the more powerful generalpurpose tools. An obstacle is that the methods and the tools often employ very different logics. We argue that methods are separable from their logics and are largely concerned with the structure and organization of specifications. We propose a technique called structural embedding that allows the structural elements of a method to be supported by a generalpurpose tool, while substituting the logic of the tool for that of the method. We have found this technique quite e ective and we provide some examples of its application. We also suggest how generalpurpose systems could be restructured to support this activity better.