Results 1  10
of
26
A Trustworthy Proof Checker
 IN ILIANO CERVESATO, EDITOR, WORKSHOP ON THE FOUNDATIONS OF COMPUTER SECURITY
, 2002
"... ProofCarrying Code (PCC) and other applications in computer security require machinecheckable proofs of properties of machinelanguage programs. The main advantage of the PCC approach is that the amount of code that must be explicitly trusted is very small: it consists of the logic in which predic ..."
Abstract

Cited by 31 (7 self)
 Add to MetaCart
ProofCarrying Code (PCC) and other applications in computer security require machinecheckable proofs of properties of machinelanguage programs. The main advantage of the PCC approach is that the amount of code that must be explicitly trusted is very small: it consists of the logic in which predicates and proofs are expressed, the safety predicate, and the proof checker. We have built a minimal proof checker, and we explain its design principles, and the representation issues of the logic, safety predicate, and safety proofs. We show that the trusted computing base (TCB) in such a system can indeed be very small. In our current system the TCB is less than 2,700 lines of code (an order of magnitude smaller even than other PCC systems) which adds to our confidence of its correctness.
A recursion combinator for nominal datatypes implemented in Isabelle/HOL
 IN PROC. OF THE 3RD INTERNATIONAL JOINT CONFERENCE ON AUTOMATED REASONING (IJCAR), VOLUME 4130 OF LNAI
, 2006
"... The nominal datatype package implements an infrastructure in Isabelle/HOL for defining languages involving binders and for reasoning conveniently about alphaequivalence classes. Pitts stated some general conditions under which functions over alphaequivalence classes can be defined by a form of str ..."
Abstract

Cited by 21 (9 self)
 Add to MetaCart
The nominal datatype package implements an infrastructure in Isabelle/HOL for defining languages involving binders and for reasoning conveniently about alphaequivalence classes. Pitts stated some general conditions under which functions over alphaequivalence classes can be defined by a form of structural recursion and gave a clever proof for the existence of a primitiverecursion combinator. We give a version of this proof that works directly over nominal datatypes and does not rely upon auxiliary constructions. We further introduce proving tools and a heuristic that made the automation of our proof tractable. This automation is an essential prerequisite for the nominal datatype package to become useful.
A thread of HOL development
 Computer Journal
"... The HOL system is a mechanized proof assistant for higher order logic that has been under continuous development since the mid1980s, by an everchanging group of developers and external contributors. We give a brief overview of various implementations of the HOL logic before focusing on the evoluti ..."
Abstract

Cited by 13 (7 self)
 Add to MetaCart
The HOL system is a mechanized proof assistant for higher order logic that has been under continuous development since the mid1980s, by an everchanging group of developers and external contributors. We give a brief overview of various implementations of the HOL logic before focusing on the evolution of certain important features available in a recent implementation. We also illustrate how the module system of Standard ML provided security and modularity in the construction of the HOL kernel, as well as serving in a separate capacity as a useful representation medium for persistent, hierarchical logical theories.
A Programming Logic for Java Bytecode Programs
 In Proceedings of the 16th International Conference on Theorem Proving in Higher Order LOglCS, volume 2758 of Lecture Notes in Computer Science
, 2003
"... A copy can be downloaded for personal noncommercial research or study, without prior permission or charge This thesis cannot be reproduced or quoted extensively from without first obtaining permission in writing from the Author The content must not be changed in any way or sold commercially in any ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
A copy can be downloaded for personal noncommercial research or study, without prior permission or charge This thesis cannot be reproduced or quoted extensively from without first obtaining permission in writing from the Author The content must not be changed in any way or sold commercially in any format or medium without the formal permission of the Author When referring to this work, full bibliographic details including the author, title, awarding institution and date of the thesis must be given
Building formal method tools in the Isabelle/Isar framework
 THEOREM PROVING IN HIGHER ORDER LOGICS (TPHOLS 2007), LNCS
, 2007
"... We present the generic system framework of Isabelle/Isar underlying recent versions of Isabelle. Among other things, Isar provides an infrastructure for Isabelle plugins, comprising extensible state components and extensible syntax that can be bound to tactical ML programs. Thus the Isabelle/Isar ..."
Abstract

Cited by 10 (6 self)
 Add to MetaCart
We present the generic system framework of Isabelle/Isar underlying recent versions of Isabelle. Among other things, Isar provides an infrastructure for Isabelle plugins, comprising extensible state components and extensible syntax that can be bound to tactical ML programs. Thus the Isabelle/Isar architecture may be understood as an extension and refinement of the traditional “LCF approach”, with explicit infrastructure for building derivative systems. To demonstrate the technical potential of the framework, we apply it to a concrete formal methods tool: the HOLZ 3.0 environment, which is geared towards the analysis of Z specifications and formal proof of forwardrefinements.
Integrating a SAT Solver with an LCFstyle Theorem Prover
 Proceedings of the Third International Workshop on Pragmatical Aspects of Decision Procedures in Automated Reasoning (PDPAR 2005
, 2005
"... This paper describes the integration of a leading SAT solver with Isabelle/HOL, a popular interactive theorem prover. The SAT solver generates resolutionstyle proofs for (instances of) propositional tautologies. These proofs are verified by the theorem prover. The presented approach significantly i ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
This paper describes the integration of a leading SAT solver with Isabelle/HOL, a popular interactive theorem prover. The SAT solver generates resolutionstyle proofs for (instances of) propositional tautologies. These proofs are verified by the theorem prover. The presented approach significantly improves Isabelle’s performance on propositional problems, and furthermore exhibits counterexamples for unprovable conjectures. 1
Using a SAT solver as a fast decision procedure for propositional logic in an LCFstyle theorem prover
 In Proc. of 18th Int. Conf. on the Theorem Proving in Higher Order Logics
, 2005
"... Abstract. This paper describes the integration of a leading SAT solver with Isabelle/HOL, a popular interactive theorem prover. The SAT solver generates resolutionstyle proofs for (instances of) propositional tautologies. These proofs are verified by the theorem prover. The presented approach signi ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
Abstract. This paper describes the integration of a leading SAT solver with Isabelle/HOL, a popular interactive theorem prover. The SAT solver generates resolutionstyle proofs for (instances of) propositional tautologies. These proofs are verified by the theorem prover. The presented approach significantly improves Isabelle’s performance on propositional problems, and furthermore exhibits counterexamples for unprovable conjectures. 1
HOLCF ’11: A Definitional Domain Theory for Verifying Functional Programs
, 2012
"... HOLCF is an interactive theorem proving system that uses the mathematics of domain theory to reason about programs written in functional programming languages. This thesis introduces HOLCF ’11, a thoroughly revised and extended version of HOLCF that advances the state of the art in program verificat ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
HOLCF is an interactive theorem proving system that uses the mathematics of domain theory to reason about programs written in functional programming languages. This thesis introduces HOLCF ’11, a thoroughly revised and extended version of HOLCF that advances the state of the art in program verification: HOLCF ’11 can reason about many program definitions that are beyond the scope of other formal proof tools, while providing a high degree of proof automation. The soundness of the system is ensured by adhering to a definitional approach: New constants and types are defined in terms of previous concepts, without introducing new axioms. Major features of HOLCF ’11 include two highlevel definition packages: the Fixrec package for defining recursive functions, and the Domain package for defining recursive datatypes. Each of these uses the domaintheoretic concept of least fixed points to translate usersupplied recursive specifications into safe lowlevel definitions. Together, these tools make it easy for users to translate a wide variety of functional programs into the formalism of HOLCF. Theorems generated by the tools also make it easy for users to reason about their programs, with a very high level of confidence in the soundness of the results. As a case study, we present a fully mechanized verification of a model of concurrency based on powerdomains. The formalization depends on many features unique to HOLCF ’11, and is the first verification of such a model in a formal proof tool. ii ACKNOWLEDGMENTS I would like to thank my advisor, John Matthews, for having continued to devote so much time to working with me, even as a parttime professor; and for motivating me to keep studying domain theory (and enjoying it!) these past years. iii
Some considerations on the usability of Interactive Provers
"... Abstract. In spite of the remarkable achievements recently obtained in the field of mechanization of formal reasoning, the overall usability of interactive provers does not seem to be sensibly improved since the advent of the “second generation ” of systems, in the mid of the eighties. We try to ana ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
Abstract. In spite of the remarkable achievements recently obtained in the field of mechanization of formal reasoning, the overall usability of interactive provers does not seem to be sensibly improved since the advent of the “second generation ” of systems, in the mid of the eighties. We try to analyze the reasons of such a slow progress, pointing out the main problems and suggesting some possible research directions. 1
Finding Unity in Computational Logic
"... While logic was once developed to serve philosophers and mathematicians, it is increasingly serving the varied needs of computer scientists. In fact, recent decades have witnessed the creation of the new discipline of Computational Logic. While Computation Logic can claim involvement in many, divers ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
While logic was once developed to serve philosophers and mathematicians, it is increasingly serving the varied needs of computer scientists. In fact, recent decades have witnessed the creation of the new discipline of Computational Logic. While Computation Logic can claim involvement in many, diverse areas of computing, little has been done to systematize the foundations of this new discipline. Here, we envision a unity for Computational Logic organized around recent developments in the theory of sequent calculus proofs. We outline how new tools and methodologies can be developed around a boarder approach to computational logic. Computational logic, unity of logic, proof theory 1. SOFTWARE AND HARDWARE CORRECTNESS IS CRITICALLY IMPORTANT Computer systems are everywhere in our societies and their integration with all parts of our lives is constantly increasing. There are a host of computer systems—such as those in cars, airplanes, missiles, hospital equipment—where correctness of software is