The Edinburgh Logical Framework (LF) provides a means to define (or present) logics. It is based on a general treatment of syntax, rules, and proofs by means of a typed -calculus with dependent types. Syntax is treated in a style similar to, but more general than, Martin-Lof's system of arities. The treatment of rules and proofs focuses on his notion of a judgement. Logics are represented in LF via a new principle, the judgements as types principle, whereby each judgement is identified with the type of its proofs. This allows for a smooth treatment of discharge and variable occurrence conditions and leads to a uniform treatment of rules and proofs whereby rules are viewed as proofs of higher-order judgements and proof checking is reduced to type checking. The practical benefit of our treatment of formal systems is that logic-independent tools such as proof editors and proof checkers can be constructed.

We sketch a methodology for the verification of compiler correctness based on the LF Logical Framework as realized within the Elf programming language. We have applied this technique to specify, implement, and verify a compiler from a simple functional programming language to a variant of the Categorical Abstract Machine (CAM). 1 Introduction Compiler correctness is an essential aspect of program verification as almost all programs are compiled before being executed. Unfortunately, even for small languages and simple compilers, proving their correctness can be an enormous task, and verifying these proofs becomes an equally difficult task. Our goal is to develop techniques for mechanizing proofs of compiler correctness. To this end we employ 1. the LF Logical Framework [13] to specify relationships between source and target languages; 2. the Elf programming language [21] to provide an operational semantics for these relationships; and 3. a related meta-theory [22] to reason about the ...

. Natural Deduction style presentations of program logics are useful in view of the implementation of such logics in interactive proof development environments, based on type theory, such as LEGO, Coq, etc. In fact, ND-style systems are the kind of systems which can take best advantage of the possibility of reasoning "under assumptions" o#ered by proof assistants generated by Logical Frameworks. In this paper we introduce and discuss sound and complete proof systems in Natural Deduction style for representing various "truth" consequence relations of Dynamic Logic. We discuss the design decisions which lead to adequate encodings of these logics in Coq. We derive in Dynamic Logic a set of rules representing a ND-style system for Hoare Logic.

. We explore the expressive power of the formalism called Natural Operational Semantics, NOS, introduced by Burstall and Honsell for defining the operational semantics of programming languages. This formalism is derived from the Natural Semantics of Despeyroux and Kahn. It arises if we take seriously the possibility of deriving assertions in Natural Semantics under assumptions, i.e. using hypothetico-general premises in the sense of Martin-Lof. We investigate to what extent we can reduce to hypothetical premises the notions of store and environment of Plotkin's Structural Operational Semantics. We use this formalism to define the semantics of a functional language which features commands, blocks, procedures, complex declarations, structures and Abstract Data Types. We give the NOS together with the denotational semantics and prove the adequacy of the former w.r.t. the latter. We discuss some other di#culties which arose in the previous treatment of variables in connection with procedures. Natural Operational Semantics can be easily encoded in formal systems based on #-calculus type-checking, such as the Edinburgh Logical Framework. We briefly investigate this and discuss some of the design choices. 1

Substitution plays an important role in Hoare Logic, as it is used in interpreting assignments. When writing a computer-based realization of Hoare Logic, it is therefore important to choose a good implementation for it. In this paper we compare di#erent definitions and implementations of substitution in a logical framework, in an e#ort to maximize e#ciency. We start by defining substitution as a logical formula. In a conventional approach, this is done by specifying the syntactic changes substitution performs on expressions. We choose instead a semantic definition that describes the behavioral relation between the original expression and its substituted counterpart. Next, we use this semantic definition as an abstract specification, and compare two of its concrete implementations. The first we consider is the usual one, that operates recursively over the structure of the term. This requires a number of inference steps proportional to the size of the expression, which is unacceptable ...

Abstract. We illustrate a methodology for formalizing and reasoning about Abadi and Cardelli’s object-based calculi, in (co)inductive type theory, such as the Calculus of (Co)Inductive Constructions, by taking advantage of Natural Deduction Semantics and coinduction in combination with weak Higher-Order Abstract Syntax and the Theory of Contexts. Our methodology allows to implement smoothly the calculi in the target metalanguage; moreover, it suggests novel presentations of the calculi themselves. In detail, we present a compact formalization of the syntax and semantics for the functional and the imperative variants of the ς-calculus. Our approach simplifies the proof of Subject Reduction theorems, which are proved formally in the proof assistant Coq with a relatively small overhead.

We discuss the formalization of Abadi and Cardelli's imp#, a paradigmatic object-based calculus with types and side e#ects, in (Co)Inductive Type Theories.

Syntax Alberto Ciaffaglione # ciaffagl@dimi.uniud.it Luigi Liquori Luigi.Liquori@inria.fr Marino Miculan miculan@dimi.uniud.it ABSTRACT We illustrate the benefits of using Natural Deduction in combination with weak Higher-Order Abstract Syntax for formalizing an object-based calculus with objects, cloning, method-update, types with subtyping, and side-e#ects, in inductive type theories such as the Calculus of Inductive Constructions. This setting suggests a clean and compact formalization of the syntax and semantics of the calculus, with an e#cient management of method closures. Using our formalization and the Theory of Contexts, we can prove formally the Subject Reduction Theorem in the proof assistant Coq, with a relatively small overhead.