In the context of the rewriting calculus, we introduce and study an exception mechanism that allows us to express in a simple way rewriting strategies and that is therefore also useful for expressing theorem proving tactics. This gives us the ability to simply express the semantics of the first tactical and to describe in full details the expression of conditional rewriting.

Fully automatic decision procedures are used to improve performance in many different applications of formal verification. In most cases, the decision procedures are treated as trusted components of the verification system. Because the decision procedures may be experimental and highly complex tools, it is desirable to have a way of independently confirming their results.

. This paper presents a method for translating a subset of VDM-SL to higher order logic, more specifically the PVS specification language. This method has been used in an experiment where we have taken three existing, relatively large specifications written in VDM-SL, hand-translated these to PVS and then tried to type check the results. This is not as simple as it may sound since the specifications make extensive use of subtypes, via type invariants and pre- and postconditions, and therefore type checking necessarily involves some theorem proving. In trying to prove some of these type checking conditions, a worrying number of errors were identified in the specifications. 1 Introduction In a research project entitled "Towards industrially applicable proof support for VDM-SL", we aim at developing tool support for proving theorems about specifications written in the VDM Specification Language (VDM-SL) [6]. We would like to base our work on available theorem proving technology. The goal...

The HOL Light theorem prover can be difficult to get started with. While the manual is fairly detailed and comprehensive, the large amount of background information that has to be absorbed before the user can do anything interesting is intimidating. Here we give an alternative ‘quick start ’ guide, aimed at teaching basic use of the system quickly by means of a graded set of examples. Some readers may find it easier to absorb; those who do not are referred after all to the standard manual. “Shouldn’t we read the instructions?”

Tools for a specification language can be implemented directly (by building a special purpose theorem prover) or by a conservative embedding into a typed meta-logic, which allows their safe and logically consistent implementation and the reuse of existing theorem prover engines.

Theorem provers were also called 'proof checkers' because that is what they were in the beginning. They have grown powerful, however, capable in many cases to automatically produce complicated proofs. In particular, higher order logic based theorem provers such as HOL and PVS became popular because the logic is well known and very expressive. They are generally considered to be potential platforms to embed a programming logic for the purpose of formal verification. In this paper we investigate a number of most commonly used methods of embedding programming logics in such theorem provers and expose problems we discover. We will also propose an alternative approach: hybrid embedding.

Logical frameworks are computer systems which allow a user to formalise mathematics using specially designed languages based upon mathematical logic and Church's theory of types. They can be used to derive programs from logical specifications, thereby guaranteeing the correctness of the resulting programs. They can also be used to formalise rigorous proofs about logical systems. We compare several methods of implementing the display (sequent) calculus #RA for relation algebra in the logical frameworks Isabelle and Twelf. We aim for an implementation enabling us to formalise, within the logical framework, proof-theoretic results such as the cut-elimination theorem for #RA and any associated increase in proof length. We discuss issues arising from this requirement. Key words: logical frameworks, higher-order logics, proof systems for relation algebra, non-classical logics, automated deduction, display logic. 1 Supported by an Australian Research Council Small Research Grant. 2 Sup...

Abstract Individual pieces to support hierarchical verification have existed for several years but have not been integrated into one tool. The tool for creating abstract libraries described in this paper ties the various techniques into one package designed to support hierarchical verification among collaborating researchers. In these libraries, predicate types organize specification information, abstract theories model modular components and public key encryption increases the trustworthiness of externally proven theorems. A prototype tool for creating libraries called Alexandria has been implemented in the HOL90 proof assistant for use with the BOLT HDL using PGP encryption to sign verified theorems. 1 Introduction Useful hardware modules are complex and often designed by teams using existing components. Hardware verification on the other hand is typically performed by one person making no use of pre-verified modules-even if other modules exist. Hierarchical verification of large-scale designs is impeded by several obstacles:

Abstract We have previously proposed an expressive UML-based language for constructing and transforming security-design models, which are models that combine design specifications for distributed systems with specifications of their security policies. Here we show how the same framework can be used to analyze these models: queries about properties of the security policy modeled are expressed as formulas in UML’s Object Constraint Language and evaluated over the metamodel of the security-design language. We show how this can be done in a semantically precise and meaningful way and demonstrate, through examples, that this approach can be used to formalize and check non-trivial security properties of security-design models. The approach and examples presented have all been implemented and checked in the SecureMOVA tool. 1

. A tool to support formal reasoning about computer languages and specific language texts is described. The intention is to provide a tool that can build a formal reasoning system in a mechanical theorem prover from two specifications, one for the syntax of the language and one for the semantics. A parser, pretty-printer and internal representations are generated from the former. Logical representations of syntax and semantics, and associated theorem proving tools, are generated from the combination of the two specifications. The main aim is to eliminate tedious work from the task of prototyping a reasoning tool for a computer language, but the abstract specifications of the language also assist the automation of proof. 1 Introduction For several decades theorem proving systems have been used to reason about computer languages. A common approach has been to define the semantics of a language in the logic of the theorem prover. This may be done by defining new constants in t...