Results 1 
7 of
7
A Proof Planning Framework for Isabelle
, 2005
"... Proof planning is a paradigm for the automation of proof that focuses on encoding intelligence to guide the proof process. The idea is to capture common patterns of reasoning which can be used to derive abstract descriptions of proofs known as proof plans. These can then be executed to provide fully ..."
Abstract

Cited by 13 (9 self)
 Add to MetaCart
Proof planning is a paradigm for the automation of proof that focuses on encoding intelligence to guide the proof process. The idea is to capture common patterns of reasoning which can be used to derive abstract descriptions of proofs known as proof plans. These can then be executed to provide fully formal proofs. This thesis concerns the development and analysis of a novel approach to proof planning that focuses on an explicit representation of choices during search. We embody our approach as a proof planner for the generic proof assistant Isabelle and use the Isar language, which is humanreadable and machinecheckable, to represent proof plans. Within this framework we develop an inductive theorem prover as a case study of our approach to proof planning. Our prover uses the difference reduction heuristic known as rippling to automate the step cases of the inductive proofs. The development of a flexible approach to rippling that supports its various modifications and extensions is the second major focus of this thesis. Here, our inductive theorem prover provides a context in which to evaluate rippling experimentally. This work results in an efficient and powerful inductive theorem prover for Isabelle as well as proposals for further improving the efficiency of rippling. We also draw observations in order
Proof Representations in Theorem Provers
, 1998
"... This is a survey of some of the proof representations used by current theorem provers. The aim of the survey is to ascertain the range of mechanisms used to represent proofs and the purposes to which these representations are put. This is done within a simple framework. It examines both internal an ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
This is a survey of some of the proof representations used by current theorem provers. The aim of the survey is to ascertain the range of mechanisms used to represent proofs and the purposes to which these representations are put. This is done within a simple framework. It examines both internal and external representations, although the focus is on representations that could be exported to an external proof checker. A number of examples from various provers are given in a series of appendices.
VeriML: A dependentlytyped, userextensible and languagecentric approach to proof assistants
, 2013
"... Software certification is a promising approach to producing programs which are virtually free of bugs. It requires the construction of a formal proof which establishes that the code in question will behave according to its specification – a higherlevel description of its functionality. The construc ..."
Abstract
 Add to MetaCart
Software certification is a promising approach to producing programs which are virtually free of bugs. It requires the construction of a formal proof which establishes that the code in question will behave according to its specification – a higherlevel description of its functionality. The construction of such formal proofs is carried out in tools called proof assistants. Advances in the current stateoftheart proof assistants have enabled the certification of a number of complex and realistic systems software. Despite such success stories, largescale proof development is an arcane art that requires significant manual effort and is extremely timeconsuming. The widely accepted best practice for limiting this effort is to develop domainspecific automation procedures to handle all but the most essential steps of proofs. Yet this practice is rarely followed or needs comparable development effort as well. This is due to a profound architectural shortcoming of existing proof assistants: developing automation procedures is currently overly complicated and errorprone. It involves the use of an amalgam of extension languages, each with a different programming model and a set of limitations, and with significant interfacing problems between them. This thesis posits that this situation can be significantly improved by designing a proof assistant with extensibility as the central focus. Towards that effect, I have designed a novel programming language called
This document in subdirectoryRS/97/18/ How to Believe a MachineChecked Proof 1
, 909
"... Reproduction of all or part of this work is permitted for educational or research use on condition that this copyright notice is included in any copy. See back inner page for a list of recent BRICS Report Series publications. Copies may be obtained by contacting: BRICS ..."
Abstract
 Add to MetaCart
Reproduction of all or part of this work is permitted for educational or research use on condition that this copyright notice is included in any copy. See back inner page for a list of recent BRICS Report Series publications. Copies may be obtained by contacting: BRICS
and
, 2014
"... Effective support for custom proof automation is essential for largescale interactive proof development. However, existing languages for automation via tactics either (a) provide no way to specify the behavior of tactics within the base logic of the accompanying theorem prover, or (b) rely on adva ..."
Abstract
 Add to MetaCart
Effective support for custom proof automation is essential for largescale interactive proof development. However, existing languages for automation via tactics either (a) provide no way to specify the behavior of tactics within the base logic of the accompanying theorem prover, or (b) rely on advanced typetheoretic machinery that is not easily integrated into established theorem provers. We present Mtac, a lightweight but powerful extension to Coq that supports dependentlytyped tactic programming. Mtac tactics have access to all the features of ordinary Coq programming, as well as a new set of typed tactical primitives. We avoid the need to touch the trusted kernel typechecker of Coq by encapsulating uses of these new tactical primitives in a monad, and instrumenting Coq so that it executes monadic tactics during type inference. 1