Results 11  20
of
27
Termination of Isabelle functions via termination of rewriting
 IN PROCEEDING OF THE SECOND INTERNATIONAL CONFERENCE ON INTERACTIVE THEOREM PROVING (ITP
, 2011
"... We show how to automate termination proofs for recursive functions in (a firstorder subset of) Isabelle/HOL by encoding them as term rewrite systems and invoking an external termination prover. Our link to the external prover includes full proof reconstruction, where all necessary properties are ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
We show how to automate termination proofs for recursive functions in (a firstorder subset of) Isabelle/HOL by encoding them as term rewrite systems and invoking an external termination prover. Our link to the external prover includes full proof reconstruction, where all necessary properties are derived inside Isabelle/HOL without oracles. Apart from the certification of the imported proof, the main challenge is the formal reduction of the proof obligation produced by Isabelle/HOL to the termination of the corresponding term rewrite system. We automate this reduction via suitable tactics which we added to the IsaFoR library.
Efficiently Checking Propositional Resolution Proofs in Isabelle/HOL
"... This paper describes the integration of zChaff and MiniSat, currently two leading SAT solvers, with Isabelle/HOL. Both SAT solvers generate resolutionstyle proofs for (instances of) propositional tautologies. These proofs are verified by the theorem prover. The presented approach significantly impr ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
This paper describes the integration of zChaff and MiniSat, currently two leading SAT solvers, with Isabelle/HOL. Both SAT solvers generate resolutionstyle proofs for (instances of) propositional tautologies. These proofs are verified by the theorem prover. The presented approach significantly improves Isabelle’s performance on propositional problems, and exhibits counterexamples for unprovable conjectures. It is shown that an LCFstyle theorem prover can serve as a viable proof checker even for large SAT problems. An efficient representation of the propositional problem in the theorem prover turns out to be crucial; several possible solutions are discussed. 1
Strategic principles in the design of Isabelle
 In CADE15 Workshop on Strategies in Automated Deduction
, 1998
"... Abstract. Interactive proof assistants can support proof strategies, if the right primitives have been included. These include higherorder syntax, logical variables and a choice of search primitives. Such asystem allows experimentation with di erent automatic proof methods, even for constructive lo ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Interactive proof assistants can support proof strategies, if the right primitives have been included. These include higherorder syntax, logical variables and a choice of search primitives. Such asystem allows experimentation with di erent automatic proof methods, even for constructive logics, new variablebinding operators, etc. The builtin uni cation and search make proof procedures easy to implement, typically using tableau methods. Against subgoals that arise in practice, even straightforward heuristics turn out to be powerful. 1
Variations on an Alloycentric ToolChain in Verifying a Journaled File System Model
, 2010
"... Tool interoperability is among the main goals of the international Grand Challenge initiative. In the context of the Verifiable File System minichallenge put forward by Joshi and Holzmann, our work has been focused on the integration of different formal methods and tools in a toolchain for modelli ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Tool interoperability is among the main goals of the international Grand Challenge initiative. In the context of the Verifiable File System minichallenge put forward by Joshi and Holzmann, our work has been focused on the integration of different formal methods and tools in a toolchain for modelling and verification. The current paper shows how to adapt such a toolchain to the task in hands, aiming at reducing tool integration costs. The refinement of an abstract file store model into a journaled (flash) data model catering for wear leveling and recovery from power loss is taken as case study. This shows that refinement steps can be carried out within a shorter, reduced lifecycle where model checking in Alloy goes hand in hand with manual proofs carried out in the (pointfree) algebra of binary relations. This provides ample evidence of the positive impact of Alloy’s lemma ’everything is a relation’ on software verification, in particular in carrying out inductionfree proofs about data structures such as finite maps and lists.
Computer theorem proving in math
, 2004
"... Abstract—We give an overview of issues surrounding computerverified theorem proving in the standard puremathematical context. This is based on my talk at the PQR conference (Brussels, June 2003). ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract—We give an overview of issues surrounding computerverified theorem proving in the standard puremathematical context. This is based on my talk at the PQR conference (Brussels, June 2003).
LCFstyle for Secure Verification Platform based on Multiway Decision Graphs
"... Abstract. Formal verification of digital systems is achieved, today, using one of two main approaches: states exploration (mainly model checking and equivalence checking) or deductive reasoning (theorem proving). Indeed, the combination of the two approaches, states exploration and deductive reasoni ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. Formal verification of digital systems is achieved, today, using one of two main approaches: states exploration (mainly model checking and equivalence checking) or deductive reasoning (theorem proving). Indeed, the combination of the two approaches, states exploration and deductive reasoning promises to overcome the limitation and to enhance the capabilities of each. A comparison between both categories is discussed in details. In this paper, we are interested in presenting as an example a platform for Multiway Decision Graphs (MDGs) in LCFstyle theorem prover. Based on this platform, many conversions such as the reachability analysis and reduction techniques can be implemented that uses the MDG theory within the HOL theorem prover. The paper also questions the best formalization principle of decision graphs to build such a platform in theorem proving since a set of basic operations are used to efficiently manipulate the decision graphs which constitute the kernel of the model checking algorithms, by describing two alternatives to formalize these decision graphs. Then we contrast between them according to their efficiency, complexity and feasibility. Finally, we hope this paper to serve as an adequate introduction to the concepts involved in formalization and a survey of relevant work. 1
Inference Rules Plus ProofSearch Strategies Equals Programs
, 2009
"... In the programminglanguage community many authors communicate algorithms through the use of inference rules. To get from rules to working code requires careful thought and effort. If the rules change or the author wants to use a different algorithm, the effort required to fix the code can be dispro ..."
Abstract
 Add to MetaCart
(Show Context)
In the programminglanguage community many authors communicate algorithms through the use of inference rules. To get from rules to working code requires careful thought and effort. If the rules change or the author wants to use a different algorithm, the effort required to fix the code can be disproportionate to the size of the change in the rules. This thesis shows that it is possible to generate working code automatically from inference rules as they appear in publications. The method of this generation is found in the combination of two domainspecific languages: Ruletex and MonStr. Ruletex formally describes inference rules; MonStr connects the rules to an algorithm. Ruletex descriptions are embedded in LATEX, the language that researchers use to publish their work, so that the author commands complete control of the rules ’ appearance. Moreover the generated code enjoys several nice properties: Existing code written in a generalpurpose programming language can interoperate with Ruletex code, correctness of rules is decoupled from performance and termination of code, and implementations are conceptually simple, consisting only of λcalculus with pattern matching. The main technical contribution of this work is the design of MonStr, the executionstrategy language used to form an algorithm out of rules. MonStr specifications provide an important guarantee: a valid strategy cannot affect partial correctness, although it can affect termination, completeness, and efficiency. iii Contents
Abstract PLPV 2006 Lightweight static capabilities Oleg Kiselyov
"... We describe a modular programming style that harnesses modern type systems to verify safety conditions in practical systems. This style has three ingredients: (i) A compact kernel of trust that is specific to the problem domain. (ii) Unique names (capabilities) that confer rights and certify propert ..."
Abstract
 Add to MetaCart
We describe a modular programming style that harnesses modern type systems to verify safety conditions in practical systems. This style has three ingredients: (i) A compact kernel of trust that is specific to the problem domain. (ii) Unique names (capabilities) that confer rights and certify properties, so as to extend the trust from the kernel to the rest of the application. (iii) Static (type) proxies for dynamic values. We illustrate our approach using examples from the dependenttype literature, but our programs are written in Haskell and OCaml today, so our techniques are compatible with imperative code, native mutable arrays, and general recursion. The three ingredients of this programming style call for (1) an expressive core language, (2) higherrank polymorphism, and (3) phantom types. 1
Propositional Simplification With BDDs and SAT Solvers
"... Abstract. We show how LCFstyle interactive theorem provers might use BDD engines and SAT solvers to perform normalization, simplification of terms and theorems, and assist with interactive proof. The treatment builds on recent work integrating SAT solvers as nontrusted decision procedures for LCF ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. We show how LCFstyle interactive theorem provers might use BDD engines and SAT solvers to perform normalization, simplification of terms and theorems, and assist with interactive proof. The treatment builds on recent work integrating SAT solvers as nontrusted decision procedures for LCFstyle theorem provers. We limit ourselves to propositional logic, but briefly note that the results may be lifted to more expressive logics. 1
1. SOFTWARE AND HARDWARE CORRECTNESS
, 2013
"... While logic was once developed to serve philosophers and mathematicians, it is increasingly serving the varied needs of computer scientists. In fact, recent decades have witnessed the creation of the new discipline of Computational Logic. While Computation Logic can claim involvement in diverse area ..."
Abstract
 Add to MetaCart
While logic was once developed to serve philosophers and mathematicians, it is increasingly serving the varied needs of computer scientists. In fact, recent decades have witnessed the creation of the new discipline of Computational Logic. While Computation Logic can claim involvement in diverse areas of computing, little has been done to systematize the foundations of this new discipline. Here, we envision a unity for Computational Logic organized around the proof theory of the sequent calculus: recent results in the area of focused proof systems will play a central role in developing this unity.