Results 1 
5 of
5
Set theory for verification: I. From foundations to functions
 J. Auto. Reas
, 1993
"... A logic for specification and verification is derived from the axioms of ZermeloFraenkel set theory. The proofs are performed using the proof assistant Isabelle. Isabelle is generic, supporting several different logics. Isabelle has the flexibility to adapt to variants of set theory. Its higherord ..."
Abstract

Cited by 45 (17 self)
 Add to MetaCart
A logic for specification and verification is derived from the axioms of ZermeloFraenkel set theory. The proofs are performed using the proof assistant Isabelle. Isabelle is generic, supporting several different logics. Isabelle has the flexibility to adapt to variants of set theory. Its higherorder syntax supports the definition of new binding operators. Unknowns in subgoals can be instantiated incrementally. The paper describes the derivation of rules for descriptions, relations and functions, and discusses interactive proofs of Cantor’s Theorem, the Composition of Homomorphisms challenge [9], and Ramsey’s Theorem [5]. A generic proof assistant can stand up against provers dedicated to particular logics. Key words. Isabelle, set theory, generic theorem proving, Ramsey’s Theorem,
A Fixedpoint Approach to (Co)Inductive and (Co)Datatype Definitions
, 1997
"... This paper presents a fixedpoint approach to inductive definitions. Instead of using a syntactic test such as "strictly positive," the approach lets definitions involve any operators that have been proved monotone. It is conceptually simple, which has allowed the easy implementation of ..."
Abstract

Cited by 20 (2 self)
 Add to MetaCart
This paper presents a fixedpoint approach to inductive definitions. Instead of using a syntactic test such as "strictly positive," the approach lets definitions involve any operators that have been proved monotone. It is conceptually simple, which has allowed the easy implementation of mutual recursion and iterated definitions. It also handles coinductive definitions: simply replace the least fixedpoint by a greatest fixedpoint. The method
STRUCTURAL EMBEDDINGS: MECHANIZATION WITH METHOD
, 1999
"... The most powerful tools for analysis of formal specifications are generalpurpose theorem provers and model checkers, but these tools provide scant methodological support. Conversely, those approaches that do provide a welldeveloped method generally have less powerful automation. It is natural, the ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
The most powerful tools for analysis of formal specifications are generalpurpose theorem provers and model checkers, but these tools provide scant methodological support. Conversely, those approaches that do provide a welldeveloped method generally have less powerful automation. It is natural, therefore, to try to combine the betterdeveloped methods with the more powerful generalpurpose tools. An obstacle is that the methods and the tools often employ very different logics. We argue that methods are separable from their logics and are largely concerned with the structure and organization of specifications. We propose a technique called structural embedding that allows the structural elements of a method to be supported by a generalpurpose tool, while substituting the logic of the tool for that of the method. We have found this technique quite e ective and we provide some examples of its application. We also suggest how generalpurpose systems could be restructured to support this activity better.
A Tutorial on EVES using sVerdi
, 1995
"... This paper provides a tutorial introduction to EVES. EVES is a formal methods tool consisting of a set theoreticbased language, called Verdi, and an automated deduction system, called NEVER. We provide a general introduction to EVES and demonstrate its capabilities using (i) some examples from set ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
This paper provides a tutorial introduction to EVES. EVES is a formal methods tool consisting of a set theoreticbased language, called Verdi, and an automated deduction system, called NEVER. We provide a general introduction to EVES and demonstrate its capabilities using (i) some examples from set theory, (ii) a small critical application (a railroad crossing), and (iii) a small program proof. Keywords: Automated deduction, EVES, Formal methods, Logic of programs, NEVER, sVerdi, Verdi. 1 Introduction The primary goal of the EVES project was to develop a "verification system" by integrating techniques from automated deduction, mathematics, language design and formal methods, such that the resulting system is useful and sound. In our parlance, a verification system has a specification and implementation language (e.g., Verdi), a proof obligation generator, and automated deduction support (e.g., NEVER). 1 To understand our perspective, some background is necessary. We believe that th...
A Review of EVES
, 1993
"... We review EVES, a tool for supporting formal mathematical reasoning in general and for the development of formally verified software in particular. The review concentrates on the following three aspects of EVES: its mathematical foundation, its software development method and its automated suppor ..."
Abstract
 Add to MetaCart
We review EVES, a tool for supporting formal mathematical reasoning in general and for the development of formally verified software in particular. The review concentrates on the following three aspects of EVES: its mathematical foundation, its software development method and its automated support. We discuss the strengths and weaknesses of EVES, as well as some issues related to interactive theorem proving and formal method support. 1 Introduction EVES (Environment for Verifying and Evaluating Software) is a tool for supporting formal mathematical reasoning in general and for the development of formally verified software in particular. It is being developed by ORA Canada. The primary goal of the EVES project is to develop a useful and sound verification system by integrating techniques from automated deduction, mathematics, language design and formal methods. EVES consists of the following two main components: ffl A specification and implementation language called Verdi. The s...