Modularisation is important for managing the complex structures that arise in large theorem proving problems, and in large software and/or hardware development projects. This paper studies some properties of logical systems that support the definition, combination, parameterisation and reuse of modules. Our results show some new connections among: (1) the preservation of various kinds of conservative extension under pushouts; (2) various distributive laws for information hiding over sums; and (3) (Craig style) interpolation properties. In addition, we study differences between syntactic and semantic formulations of conservative extension properties, and of distributive laws. A model theoretic property that we call exactness plays an important role in some results. This paper explores the interplay between syntax and semantics, and thus lies in the tradition of abstract model theory. We represent logical systems as institutions. An important technical foundation is a new ...

not be interpreted as representing the o cial policies, either expressed or implied, of NSF or the U.S. Government. This thesis describes the design of a meta-logical framework that supports the representation and veri cation of deductive systems, its implementation as an automated theorem prover, and experimental results related to the areas of programming languages, type theory, and logics. Design: The meta-logical framework extends the logical framework LF [HHP93] by a meta-logic M + 2. This design is novel and unique since it allows higher-order encodings of deductive systems and induction principles to coexist. On the one hand, higher-order representation techniques lead to concise and direct encodings of programming languages and logic calculi. Inductive de nitions on the other hand allow the formalization of properties about deductive systems, such as the proof that an operational semantics preserves types or the proof that a logic is is a proof calculus whose proof terms are recursive functions that may be consistent.M +

this paper and the LF. In particular the idea of having an operator T : Prop ! Type appears already in De Bruijn's earlier work, as does the idea of having several judgements. The paper [24] describes the basic features of the LF. In this paper we are going to provide a broader illustration of its applicability and discuss to what extent it is successful. The analysis (of the formal presentation) of a system carried out through encoding often illuminates the system itself. This paper will also deal with this phenomenon.

We present a higher-order calculus ECC which can be seen as an extension of the calculus of constructions [CH88] by adding strong sum types and a fully cumulative type hierarchy. ECC turns out to be rather expressive so that mathematical theories can be abstractly described and abstract mathematics may be adequately formalized. It is shown that ECC is strongly normalizing and has other nice proof-theoretic properties. An !\GammaSet (realizability) model is described to show how the essential properties of the calculus can be captured set-theoretically.

We describe Elf, a metalanguage for proof manipulation environments that are independent of any particular logical system. Elf is intended for meta-programs such as theorem provers, proof transformers, or type inference programs for programming languages with complex type systems. Elf unifies logic definition (in the style of LF, the Edinburgh Logical Framework) with logic programming (in the style of Prolog). It achieves this unification by giving types an operational interpretation, much the same way that Prolog gives certain formulas (Horn-clauses) an operational interpretation. Novel features of Elf include: (1) the Elf search process automatically constructs terms that can represent object-logic proofs, and thus a program need not construct them explicitly, (2) the partial correctness of meta-programs with respect to a given logic can be expressed and proved in Elf itself, and (3) Elf exploits Elliott's unification algorithm for a -calculus with dependent types. This research was...

We present an overview of the program transformation methodology, focusing our attention on the so-called `rules + strategies' approach in the case of functional and logic programs. The paper is intended to offer an introduction to the subject. The various techniques we present are illustrated via simple examples. A preliminary version of this report has been published in: Moller, B., Partsch, H., and Schuman, S. (eds.): Formal Program Development. Lecture Notes in Computer Science 755, Springer Verlag (1993) 263--304. Also published in: ACM Computing Surveys, Vol 28, No. 2, June 1996. 3 1 Introduction The program transformation approach to the development of programs has first been advocated by [Burstall-Darlington 77], although the basic ideas were already presented in previous papers by the same authors [Darlington 72, Burstall-Darlington 75]. In that approach the task of writing a correct and efficient program is realized in two phases: the first phase consists in writing an in...

We study the typing properties of CPS conversion for an extension of F ! with control operators. Two classes of evaluation strategies are considered, each with call-by-name and call-by-value variants. Under the "standard" strategies, constructor abstractions are values, and constructor applications can lead to non-trivial control effects. In contrast, the "ML-like" strategies evaluate beneath constructor abstractions, reflecting the usual interpretation of programs in languages based on implicit polymorphism. Three continuation passing style sub-languages are considered, one on which the standard strategies coincide, one on which the ML-like strategies coincide, and one on which all the strategies coincide. Compositional, type-preserving CPS transformation algorithms are given for the standard strategies, resulting in terms on which all evaluation strategies coincide. This has as a corollary the soundness and termination of well-typed programs under the standard evaluation strategies. A similar result is obtained for the ML-like call-by-name strategy. In contrast, such results are obtained for the call-by value ML-like strategy only for a restricted sub-language in which constructor abstractions are limited to values.

representing the official policies, either expressed or implied, of the U.S. Government.

This is a description of TPS, a theorem proving system for classical type theory (Church’s typed λ-calculus). TPS has been designed to be a general research tool for manipulating wffs of first- and higher-order logic, and searching for proofs of such wffs interactively or automatically, or in a combination of these modes. An important feature of TPS is the ability to translate between expansion proofs and natural deduction proofs. Examples of theorems which TPS can prove completely automatically are given to illustrate certain aspects of TPS’s behavior and problems of theorem proving in higher-order logic. 7

An informal tutorial is presented for program synthesis, with an emphasis on deductive methods. According to this approach, to construct a program meeting a given specification, we prove the existence of an object meeting the specified conditions. The proof is restricted to be sufficiently constructive, in the sense that, in establishing the existence of the desired output, the proof is forced to indicate a computational method for finding it. That method becomes the basis for a program that can be extracted from the proof. The exposition is based on the deductive-tableau system, a theorem-proving framework particularly suitable for program synthesis. The system includes a nonclausal resolution rule, facilities for reasoning about equality, and a well-founded induction rule. INTRODUCTION This is an introduction to program synthesis, the derivation of a program to meet a given specification. It focuses on the deductive approach, in which the derivation task is regarded as a problem of ...