An axiomatic basis for computer programming
 COMMUNICATIONS OF THE ACM
, 1969
"... In this paper an attempt is made to explore the logical foundations of computer programming by use of techniques which were first applied in the study of geometry and have later been extended to other branches of mathematics. This involves the elucidation of sets of axioms and rules of inference w ..."
In this paper an attempt is made to explore the logical foundations of computer programming by use of techniques which were first applied in the study of geometry and have later been extended to other branches of mathematics. This involves the elucidation of sets of axioms and rules of inference which can be used in proofs of the properties of computer programs. Examples are given of such axioms and rules, and a formal proof of a simple theorem is displayed. Finally, it is argued that important advantages, both theoretical and practical, may follow from a pursuance of these topics.
A new approach to abstract syntax with variable binding
 Formal Aspects of Computing
, 2002
"... Abstract. The permutation model of set theory with atoms (FMsets), devised by Fraenkel and Mostowski in the 1930s, supports notions of ‘nameabstraction ’ and ‘fresh name ’ that provide a new way to represent, compute with, and reason about the syntax of formal systems involving variablebinding op ..."
Abstract. The permutation model of set theory with atoms (FMsets), devised by Fraenkel and Mostowski in the 1930s, supports notions of ‘nameabstraction ’ and ‘fresh name ’ that provide a new way to represent, compute with, and reason about the syntax of formal systems involving variablebinding operations. Inductively defined FMsets involving the nameabstraction set former (together with Cartesian product and disjoint union) can correctly encode syntax modulo renaming of bound variables. In this way, the standard theory of algebraic data types can be extended to encompass signatures involving binding operators. In particular, there is an associated notion of structural recursion for defining syntaxmanipulating functions (such as capture avoiding substitution, set of free variables, etc.) and a notion of proof by structural induction, both of which remain pleasingly close to informal practice in computer science. 1.
A New Approach to Abstract Syntax Involving Binders
 In 14th Annual Symposium on Logic in Computer Science
, 1999
"... Syntax Involving Binders Murdoch Gabbay Cambridge University DPMMS Cambridge CB2 1SB, UK M.J.Gabbay@cantab.com Andrew Pitts Cambridge University Computer Laboratory Cambridge CB2 3QG, UK ap@cl.cam.ac.uk Abstract The FraenkelMostowski permutation model of set theory with atoms (FMsets) ..."
Syntax Involving Binders Murdoch Gabbay Cambridge University DPMMS Cambridge CB2 1SB, UK M.J.Gabbay@cantab.com Andrew Pitts Cambridge University Computer Laboratory Cambridge CB2 3QG, UK ap@cl.cam.ac.uk Abstract The FraenkelMostowski permutation model of set theory with atoms (FMsets) can serve as the semantic basis of metalogics for specifying and reasoning about formal systems involving name binding, ffconversion, capture avoiding substitution, and so on. We show that in FMset theory one can express statements quantifying over `fresh' names and we use this to give a novel settheoretic interpretation of name abstraction. Inductively defined FMsets involving this nameabstraction set former (together with cartesian product and disjoint union) can correctly encode objectlevel syntax modulo ffconversion. In this way, the standard theory of algebraic data types can be extended to encompass signatures involving binding operators. In particular, there is an associated n...
Views: A way for pattern matching to cohabit with data abstraction
, 1986
"... Pattern matching and dta abstraction are important concepts in designing programs, but they do not it well together. Pattern matching depend on making public a free data type mpresentaiion, while data abstraction depends on hiding the repreentaiion. This paper proposes the vdws mechanism at a means ..."
Pattern matching and dta abstraction are important concepts in designing programs, but they do not it well together. Pattern matching depend on making public a free data type mpresentaiion, while data abstraction depends on hiding the repreentaiion. This paper proposes the vdws mechanism at a means of reconc'dlng this conflict. A view allows any type to be viewed at a free data type, thus combining the clarity of pattern matching with the eiclency of data abstraction.
Pattern matching with dependent types
 In Proceedings of the Workshop on Types for Proofs and Programs
, 1992
"... ..."
Natural termination
 Theoretical Computer Science
"... Abstract. We generalize the various path orderings and the conditions under which they work, and describe an implementation of this general ordering. We look at methods for proving termination of orthogonal systems and give a new solution to a problem of Zantema's. 1 ..."
Abstract. We generalize the various path orderings and the conditions under which they work, and describe an implementation of this general ordering. We look at methods for proving termination of orthogonal systems and give a new solution to a problem of Zantema's. 1
A Typed Pattern Calculus
 ACM Trans. Program. Lang. Syst
, 1996
"... The theory of programming with patternmatching function definitions has been studied mainly in the framework of firstorder rewrite systems. We present a typed functional calculus that emphasizes the strong connection between the structure of whole pattern definitions and their types. In this calcu ..."
The theory of programming with patternmatching function definitions has been studied mainly in the framework of firstorder rewrite systems. We present a typed functional calculus that emphasizes the strong connection between the structure of whole pattern definitions and their types. In this calculus typechecking guarantees the absence of runtime errors caused by nonexhaustive patternmatching definitions. Its operational semantics is deterministic in a natural way, without the imposition of adhoc solutions such as clause order or "best fit". In the spirit of the CurryHoward isomorphism, we design the calculus as a computational interpretation of the Gentzen sequent proofs for the intuitionistic propositional logic. We prove the basic properties connecting typing and evaluation: subject reduction and strong normalization. We believe that this calculus offers a rational reconstruction of the patternmatching features found in successful functional languages. CNRS and Laboratoire...
The origins of structural operational semantics
 Journal of Logic and Algebraic Programming
, 2004
"... We review the origins of structural operational semantics. The main publication ‘A Structural Approach to Operational Semantics, ’ also known as the ‘Aarhus Notes, ’ appeared in 1981 [G.D. Plotkin, A structural approach to operational semantics, DAIMI FN19, Computer Science Department, Aarhus Unive ..."
We review the origins of structural operational semantics. The main publication ‘A Structural Approach to Operational Semantics, ’ also known as the ‘Aarhus Notes, ’ appeared in 1981 [G.D. Plotkin, A structural approach to operational semantics, DAIMI FN19, Computer Science Department, Aarhus University, 1981]. The development of the ideas dates back to the early 1970s, involving many people and building on previous work on programming languages and logic. The former included abstract syntax, the SECD machine, and the abstract interpreting machines of the Vienna school; the latter included the λcalculus and formal systems. The initial development of structural operational semantics was for simple functional languages, more or less variations of the λcalculus; after that the ideas were gradually extended to include languages with parallel features, such as Milner’s CCS. This experience set the ground for a more systematic exposition, the subject of an invited course of lectures at Aarhus University; some of these appeared in print as the 1981 Notes. We discuss the content of these lectures and some related considerations such as ‘small state’ versus ‘grand state, ’ structural versus compositional semantics, the influence of the Scott–Strachey approach to denotational semantics, the treatment of recursion and jumps, and static semantics. We next discuss relations with other work and some immediate further development. We conclude with an account of an old, previously unpublished, idea: an alternative, perhaps more readable, graphical presentation of systems of rules for operational semantics.
Proving Theorems about LISP Functions
, 1975
"... Program verification is the idea that properties of programs can be precisely stated and proved in the mathematical sense. In this paper, some simple heuristics combining evaluation and mathematical induction are described, which the authors have implemented in a program that automatically proves a ..."
Program verification is the idea that properties of programs can be precisely stated and proved in the mathematical sense. In this paper, some simple heuristics combining evaluation and mathematical induction are described, which the authors have implemented in a program that automatically proves a wide variety of theorems about recursive LISP functions. The method the program uses to generate induction formulas is described at length. The theorems proved by the program include that REVERSE is its own inverse and that a particular SORT program is correct. A list of theorems proved by the program is given. key words and phrases: LISP, automatic theoremproving, structural induction, program verification cr categories: 3.64, 4.22, 5.21 1 Introduction We are concerned with proving theorems in a firstorder theory of lists, akin to the elementary theory of numbers. We use a subset of LISP as our language because recursive list processing functions are easy to write in LISP and because ...
Mechanizing structural induction
, 1976
"... A theorem proving system has been programmed for automating mildly complex proofs by structural induction. One purpose was to prove properties of simple functional programs without loops or assignments. One can see the formal system as a generalization of number theory: the formal language is typed ..."
A theorem proving system has been programmed for automating mildly complex proofs by structural induction. One purpose was to prove properties of simple functional programs without loops or assignments. One can see the formal system as a generalization of number theory: the formal language is typed and the induction rule is valid for all types. Proofs are generated by working backward from the goal. The induction strategy splits into two parts: (1) the selection of induction variables, which is claimed to be linked to the useful generalization of terms to variables, and (2) the generation of induction subgoals, in particular, the selection and specialization of hypotheses. Other strategies include a fast simplification algorithm. The prover can cope with situations as complex as the definition and correctness proof of a simple compiling algorithm for expressions. Descriptive Terms Program proving, theorem proving, data type, structural induction, generalization, simplification.