Abstract. In this paper, we present a formalisation of elementary group theory done in Coq. This work is the first milestone of a long-term effort to formalise Feit-Thompson theorem. As our further developments will heavily rely on this initial base, we took special care to articulate it in the most compositional way. 1

Inequalities involving functions such as sines, exponentials and logarithms lie outside the scope of decision procedures, and can only be solved using heuristic methods. Preliminary investigations suggest that many such problems can be solved by reduction to algebraic inequalities, which can then be decided by a decision procedure for the theory of real closed fields (RCF). The reduction involves replacing each occurrence of a function by a lower or upper bound (as appropriate) typically derived from a power series expansion. Typically this requires splitting the domain of the function being replaced, since most bounds are only valid for specific intervals. 1

Abstract. Interactive proof assistants should verify the proofs they receive from automatic theorem provers. Normally this proof reconstruction takes place internally, forming part of the integration between the two tools. We have implemented source-level proof reconstruction: resolution proofs are automatically translated to Isabelle proof scripts. Users can insert this text into their proof development or (if they wish) examine it manually. Each step of a proof is justified by calling Hurd’s Metis prover, which we have ported to Isabelle. A recurrent issue in this project is the treatment of Isabelle’s axiomatic type classes. 1

We address the general problem of determining the validity of boolean combinations of equalities and inequalities between real-valued expressions. In particular, we consider methods of establishing such assertions using only restricted forms of distributivity. At the same time, we explore ways in which “local ” decision or heuristic procedures for fragments of the theory of the reals can be amalgamated into global ones. Let Tadd[Q] be the first-order theory of the real numbers in the language with symbols 0, 1, +, −, <,..., fa,... where for each a ∈ Q, fa denotes the function fa(x) = ax. Let Tmult[Q] be the analogous theory for the language with symbols 0, 1, ×, ÷, <,..., fa,.... We show that although T [Q] = Tadd[Q]∪Tmult[Q] is undecidable, the universal fragment of T [Q] is decidable. We also show that terms of T [Q] can fruitfully be put in a normal form. We prove analogous results for theories in which Q is replaced, more generally, by suitable subfields F of the reals. Finally, we consider practical methods of establishing quantifier-free validities that approximate our (impractical) decidability results. 1

Abstract. We discuss the formalization, in the Matita Interactive Theorem Prover, of a famous result by Chebyshev concerning the distribution of prime numbers, essentially subsuming, as a corollary, Bertrand’s postulate. Even if Chebyshev’s result has been later superseded by the stronger prime number theorem, his machinery, and in particular the two functions ψ and θ still play a central role in the modern development of number theory. Differently from other recent formalizations of other results in number theory, our proof is entirely arithmetical. It makes use of most part of the machinery of elementary arithmetics, and in particular of properties of prime numbers, factorization, products and summations, providing a natural benchmark for assessing the actual development of the arithmetical knowledge base. 1

Abstract. Experiments show that many inequalities involving exponentials and logarithms can be proved automatically by combining a resolution theorem prover with a decision procedure for the theory of real closed fields (RCF). The method should be applicable to any functions for which polynomial upper and lower bounds are known. Most bounds only hold for specific argument ranges, but resolution can automatically perform the necessary case analyses. The system consists of a superposition prover (Metis) combined with John Harrison’s RCF solver and a small amount of code to simplify literals with respect to the RCF theory. 1

In this paper we will discuss the fundamental ideas behind proof assistants: What are they and what is a proof anyway? We give a short history of the main ideas, emphasizing the way they ensure the correctness of the mathematics formalized. We will also briefly discuss the places where proof assistants are used and how we envision their extended use in the future. While being an introduction into the world of proof assistants and the main issues behind them, this paper is also a position paper that pushes the further use of proof assistants. We believe that these systems will become the future of mathematics, where definitions, statements, computations and proofs are all available in a computerized form. An important application is and will be in computer supported modelling and verification of systems. But their is still along road ahead and we will indicate what we believe is needed for the further proliferation of proof assistants.

Let F be the set of functions from an infinite set, S, to an ordered ring, R. For f, g, and h in F, the assertion f = g + O(h) means that for some constant C, |f(x) − g(x) | ≤ C|h(x) | for every x in S. Let L be the first-order language with variables ranging over such functions, symbols for 0,+, −,min,max, and absolute value, and a ternary relation f = g + O(h). We show that the set of quantifier-free formulas in this language that are valid in the intended class of interpretations is decidable, and does not depend on the underlying set, S, or the ordered ring, R. If R is a subfield of the real numbers, we can add a constant 1 function, as well as multiplication by constants from any computable subfield. We obtain further decidability results for certain situations in which one adds symbols denoting the elements of a fixed sequence of functions of strictly increasing rates of growth. 1

... mostly motivating their position by an analogy with proofs in mathematics, and in particular with the impracticality of a strictly formalist approach to this discipline. The recent, impressive achievements in the field of interactive theorem proving provide an interesting ground for a critical revisiting of those theses. We believe that the social nature of proof and program development is uncontroversial and ineluctable but formal verification is not antithetical to it. Formal verification should strive not only to cope, but to ease and enhance the collaborative, organic nature of this process, eventually helping to master the growing complexity of scientific knowledge.

Abstract. In spite of the remarkable achievements recently obtained in the field of mechanization of formal reasoning, the overall usability of interactive provers does not seem to be sensibly improved since the advent of the “second generation ” of systems, in the mid of the eighties. We try to analyze the reasons of such a slow progress, pointing out the main problems and suggesting some possible research directions. 1