Results 1  10
of
36
OTTER 3.3 Reference Manual
"... by the United States Government and operated by The University of Chicago under the provisions of a contract with the Department of Energy. DISCLAIMER This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any a ..."
Abstract

Cited by 44 (5 self)
 Add to MetaCart
by the United States Government and operated by The University of Chicago under the provisions of a contract with the Department of Energy. DISCLAIMER This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, nor The University of Chicago, nor any of their employees or officers, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privatelyowned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or any agency thereof. The views and opinions of document authors expressed herein do not necessarily state or reflect those of the United States Government or any agency thereof, Argonne National Laboratory, or The University of Chicago. ii
Towards Selfverification of HOL Light
 In International Joint Conference on Automated Reasoning
, 2006
"... Abstract. The HOL Light prover is based on a logical kernel consisting of about 400 lines of mostly functional OCaml, whose complete formal verification seems to be quite feasible. We would like to formally verify (i) that the abstract HOL logic is indeed correct, and (ii) that the OCaml code does c ..."
Abstract

Cited by 27 (0 self)
 Add to MetaCart
(Show Context)
Abstract. The HOL Light prover is based on a logical kernel consisting of about 400 lines of mostly functional OCaml, whose complete formal verification seems to be quite feasible. We would like to formally verify (i) that the abstract HOL logic is indeed correct, and (ii) that the OCaml code does correctly implement this logic. We have performed a full verification of an imperfect but quite detailed model of the basic HOL Light core, without definitional mechanisms, and this verification is entirely conducted with respect to a settheoretic semantics within HOL Light itself. We will duly explain why the obvious logical and pragmatic difficulties do not vitiate this approach, even though it looks impossible or useless at first sight. Extension to include definitional mechanisms seems straightforward enough, and the results so far allay most of our practical worries. 1 Introduction: quis custodiet ipsos custodes? Mathematical proofs are subjected to peer review before publication, but there
Short Single Axioms for Boolean Algebra
 J. Automated Reasoning
, 2002
"... We present short single equational axioms for Boolean algebra in terms of disjunction and negation and in terms of the Sheffer stroke. Previously known single axioms for these theories are much longer than the ones we present. We show that there is no shorter axiom in terms of the Sheffer stroke tha ..."
Abstract

Cited by 23 (11 self)
 Add to MetaCart
(Show Context)
We present short single equational axioms for Boolean algebra in terms of disjunction and negation and in terms of the Sheffer stroke. Previously known single axioms for these theories are much longer than the ones we present. We show that there is no shorter axiom in terms of the Sheffer stroke than the ones we present. Automated deduction techniques were used for several different aspects of the work. Keywords: Boolean algebra, Sheffer stroke, single axiom 1. Background and
Semantic Derivation Verification
 International Journal on Artificial Intelligence Tools
"... Automated Theorem Proving (ATP) systems are complex pieces of software, and thus may have bugs that make them unsound. In order to guard against such unsoundness, the derivations output by an ATP system may be semantically verified by a trusted system that checks the required semantic properties of ..."
Abstract

Cited by 10 (6 self)
 Add to MetaCart
Automated Theorem Proving (ATP) systems are complex pieces of software, and thus may have bugs that make them unsound. In order to guard against such unsoundness, the derivations output by an ATP system may be semantically verified by a trusted system that checks the required semantic properties of each inference step. Such verification may need to be augmented by structural verification that checks that inferences have been used correctly in the context of the overall derivation. This paper describes techniques for semantic verification of derivations, and reports on their implementation in the DVDV verifier. 1.
Formal proofs about rewriting using ACL2
 Annals of Mathematics and Artificial Intelligence
, 2002
"... We present an application of the ACL2 theorem prover to reason about rewrite systems theory. We describe the formalization and representation aspects of our work using the firstorder, quantifierfree logic of ACL2 and we sketch some of the main points of the proof effort. First, we present a formali ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
(Show Context)
We present an application of the ACL2 theorem prover to reason about rewrite systems theory. We describe the formalization and representation aspects of our work using the firstorder, quantifierfree logic of ACL2 and we sketch some of the main points of the proof effort. First, we present a formalization of abstract reduction systems and then we show how this abstraction can be instantiated to establish results about term rewriting. The main theorems we mechanically proved are Newman’s lemma (for abstract reductions) and Knuth–Bendix critical pair theorem (for term rewriting).
PRocH: Proof reconstruction for HOL Light
 Accepted for CADE
"... Abstract. PRocH3 is a proof reconstruction tool that imports in HOL Light proofs produced by ATPs on the recently developed translation of HOL Light and Flyspeck problems to ATP formats. PRocH combines several reconstruction methods in parallel, but the core improvement over previous methods is obt ..."
Abstract

Cited by 8 (6 self)
 Add to MetaCart
Abstract. PRocH3 is a proof reconstruction tool that imports in HOL Light proofs produced by ATPs on the recently developed translation of HOL Light and Flyspeck problems to ATP formats. PRocH combines several reconstruction methods in parallel, but the core improvement over previous methods is obtained by replaying in the HOL logic the detailed inference steps recorded in the ATP (TPTP) proofs, using several internal HOL Light inference methods. These methods range from fast variable matching and more involved rewriting, to full firstorder theorem proving using the MESON tactic. The system is described and its performance is evaluated here on a large set of Flyspeck problems. 1 Introduction, Motivation
Integrating External Deduction Tools with ACL2
 Sutcliffe (Eds.), Proceedings of the 6th International Workshop on Implementation of Logics (IWIL 2006
, 2006
"... We present an interface connecting the ACL2 theorem prover with external deduction tools. The logic of ACL2 contains several constructs intended to facilitate structuring of interactive proof development, which complicates the design of such an interface. We discuss some of these complexities and de ..."
Abstract

Cited by 7 (5 self)
 Add to MetaCart
(Show Context)
We present an interface connecting the ACL2 theorem prover with external deduction tools. The logic of ACL2 contains several constructs intended to facilitate structuring of interactive proof development, which complicates the design of such an interface. We discuss some of these complexities and develop a precise specification of the requirements from external tools for sound connection with ACL2. We also develop constructs within ACL2 to enable the developers of external tools to satisfy our specifications. 1
Practical Proof Checking for Program Certification
 Proceedings of the CADE20 Workshop on Empirically Successful Classical Automated Reasoning (ESCAR’05
, 2005
"... Program certification aims to provide explicit evidence that a program meets a specified level of safety. This evidence must be independently reproducible and verifiable. We have developed a system, based on theorem proving, that generates proofs that autogenerated aerospace code adheres to a numbe ..."
Abstract

Cited by 5 (4 self)
 Add to MetaCart
(Show Context)
Program certification aims to provide explicit evidence that a program meets a specified level of safety. This evidence must be independently reproducible and verifiable. We have developed a system, based on theorem proving, that generates proofs that autogenerated aerospace code adheres to a number of safety policies. For certification purposes, these proofs need to be verified by a proof checker. Here, we describe and evaluate a semantic derivation verification approach to proof checking. The evaluation is based on 109 safety obligations that are attempted by EP and SPASS. Our system is able to verify 129 out of the 131 proofs found by the two provers. The majority of the proofs are checked completely in less than 15 seconds wall clock time. This shows that the proof checking task arising from a substantial prover application is practically tractable. 1
System Description: IVY
 In Proc. 17th CADE, LNAI 1831
, 2000
"... . IVY is a verified theorem prover for firstorder logic with equality. It is coded in ACL2, and it makes calls to the theorem prover Otter to search for proofs and to the program MACE to search for countermodels. Verifications of Otter and MACE are not practical because they are coded in C. Ins ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
(Show Context)
. IVY is a verified theorem prover for firstorder logic with equality. It is coded in ACL2, and it makes calls to the theorem prover Otter to search for proofs and to the program MACE to search for countermodels. Verifications of Otter and MACE are not practical because they are coded in C. Instead, Otter and MACE give detailed proofs and models that are checked by verified ACL2 programs. In addition, the initial conversion to clause form is done by verified ACL2 code. The verification is done with respect to finite interpretations. 1 Introduction Our theorem provers Otter [6, 7, 10] and EQP [4, 8] and our model searcher MACE [3, 5] are being used for practical work in several areas. Therefore, we wish to have very high confidence that the proofs and models they produce are correct. However, these are highperformance programs, coded in C, with many tricks, hacks, and optimizations, so formal verification of the programs is not practical. Instead, our approach is to have the...