Results 1 
8 of
8
HOL  A Machine Oriented Formulation of Higher Order Logic
, 2001
"... HOL is a computer system for generating proofs in a version of higher order logic derived from Church's simple theory of types. This paper is the original description of the logic underlying the HOL system. Since it was written the system has changed enormously, but the logic has been relatively sta ..."
Abstract

Cited by 63 (1 self)
 Add to MetaCart
HOL is a computer system for generating proofs in a version of higher order logic derived from Church's simple theory of types. This paper is the original description of the logic underlying the HOL system. Since it was written the system has changed enormously, but the logic has been relatively stable. The main changes have been in the organisation of theories and some enhancements to the syntactic resources of the logic (e.g. records and userdefined mixfix syntax are now supported)...
Natural Deduction as HigherOrder Resolution
 Journal of Logic Programming
, 1986
"... An interactive theorem prover, Isabelle, is under development. In LCF, each inference rule is represented by one function for forwards proof and another (a tactic) for backwards proof. In Isabelle, each inference rule is represented by a Horn clause. ..."
Abstract

Cited by 54 (8 self)
 Add to MetaCart
An interactive theorem prover, Isabelle, is under development. In LCF, each inference rule is represented by one function for forwards proof and another (a tactic) for backwards proof. In Isabelle, each inference rule is represented by a Horn clause.
Metatheory and Reflection in Theorem Proving: A Survey and Critique
, 1995
"... One way to ensure correctness of the inference performed by computer theorem provers is to force all proofs to be done step by step in a simple, more or less traditional, deductive system. Using techniques pioneered in Edinburgh LCF, this can be made palatable. However, some believe such an appro ..."
Abstract

Cited by 53 (2 self)
 Add to MetaCart
One way to ensure correctness of the inference performed by computer theorem provers is to force all proofs to be done step by step in a simple, more or less traditional, deductive system. Using techniques pioneered in Edinburgh LCF, this can be made palatable. However, some believe such an approach will never be efficient enough for large, complex proofs. One alternative, commonly called reflection, is to analyze proofs using a second layer of logic, a metalogic, and so justify abbreviating or simplifying proofs, making the kinds of shortcuts humans often do or appealing to specialized decision algorithms. In this paper we contrast the fullyexpansive LCF approach with the use of reflection. We put forward arguments to suggest that the inadequacy of the LCF approach has not been adequately demonstrated, and neither has the practical utility of reflection (notwithstanding its undoubted intellectual interest). The LCF system with which we are most concerned is the HOL proof ...
Towards Selfverification of HOL Light
 In International Joint Conference on Automated Reasoning
, 2006
"... Abstract. The HOL Light prover is based on a logical kernel consisting of about 400 lines of mostly functional OCaml, whose complete formal verification seems to be quite feasible. We would like to formally verify (i) that the abstract HOL logic is indeed correct, and (ii) that the OCaml code does c ..."
Abstract

Cited by 17 (0 self)
 Add to MetaCart
Abstract. The HOL Light prover is based on a logical kernel consisting of about 400 lines of mostly functional OCaml, whose complete formal verification seems to be quite feasible. We would like to formally verify (i) that the abstract HOL logic is indeed correct, and (ii) that the OCaml code does correctly implement this logic. We have performed a full verification of an imperfect but quite detailed model of the basic HOL Light core, without definitional mechanisms, and this verification is entirely conducted with respect to a settheoretic semantics within HOL Light itself. We will duly explain why the obvious logical and pragmatic difficulties do not vitiate this approach, even though it looks impossible or useless at first sight. Extension to include definitional mechanisms seems straightforward enough, and the results so far allay most of our practical worries. 1 Introduction: quis custodiet ipsos custodes? Mathematical proofs are subjected to peer review before publication, but there
Verifying the Unification Algorithm in LCF
 Science of Computer Programming
, 1985
"... Manna and Waldinger's theory of substitutions and unification has been verified using the Cambridge LCF theorem prover. A proof of the monotonicity of substitution is presented in detail, as an example of interaction with LCF. Translating the theory into LCF's domaintheoretic logic is largely st ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
Manna and Waldinger's theory of substitutions and unification has been verified using the Cambridge LCF theorem prover. A proof of the monotonicity of substitution is presented in detail, as an example of interaction with LCF. Translating the theory into LCF's domaintheoretic logic is largely straightforward. Wellfounded induction on a complex ordering is translated into nested structural inductions. Correctness of unification is expressed using predicates for such properties as idempotence and mostgenerality. The verification is presented as a series of lemmas. The LCF proofs are compared with the original ones, and with other approaches. It appears di#cult to find a logic that is both simple and flexible, especially for proving termination.
HOL Light Tutorial (for version 2.20
, 2006
"... The HOL Light theorem prover can be difficult to get started with. While the manual is fairly detailed and comprehensive, the large amount of background information that has to be absorbed before the user can do anything interesting is intimidating. Here we give an alternative ‘quick start ’ guide, ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
The HOL Light theorem prover can be difficult to get started with. While the manual is fairly detailed and comprehensive, the large amount of background information that has to be absorbed before the user can do anything interesting is intimidating. Here we give an alternative ‘quick start ’ guide, aimed at teaching basic use of the system quickly by means of a graded set of examples. Some readers may find it easier to absorb; those who do not are referred after all to the standard manual. “Shouldn’t we read the instructions?”
HOL Light Tutorial (for version 2.20). http://www.cl.cam.ac.uk/ jrh13/hollight/tutorial 220.pdf
"... The HOL Light theorem prover can be difficult to get started with. While the manual is fairly detailed and comprehensive, the large amount of background information that has to be absorbed before the user can do anything interesting is intimidating. Here we give an alternative ‘quick start ’ guide, ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
The HOL Light theorem prover can be difficult to get started with. While the manual is fairly detailed and comprehensive, the large amount of background information that has to be absorbed before the user can do anything interesting is intimidating. Here we give an alternative ‘quick start ’ guide, aimed at teaching basic use of the system quickly by means of a graded set of examples. Some readers may find it easier to absorb; those who do not are referred after all to the standard manual. “Shouldn’t we read the instructions?”
A Reference Version of HOL
"... . The second author has implemented a reference version of the HOL logic (henceforth called gtt). This version, written in Standard ML, is as simple as possible, making as few assumptions as necessary to present the essence of HOL. This simplicity makes the implementation easy to understand, to port ..."
Abstract
 Add to MetaCart
. The second author has implemented a reference version of the HOL logic (henceforth called gtt). This version, written in Standard ML, is as simple as possible, making as few assumptions as necessary to present the essence of HOL. This simplicity makes the implementation easy to understand, to port, to develop, to change, and to informally reason about. The first author has ported gtt to another dialect of ML, and developed the parsing, prettyprinting, and typechecking support needed to take gtt beyond its initial rudimentary conception. The implementation of gtt has already been of use in developing a variant of the HOL logic. As of this writing, there are at least four or five extant implementations of the HOL logic. These have been intensively developed, in some cases over decades, which leads us to an overwhelming question: why another? In particular, why gtt? There are several answers to this, stemming from different desires and needs in the HOL community. Changing the logic a ...