We begin to lay the foundations for reasoning about proofs whose steps include both invocations of programs to build subproofs (tactics) and references to representations of proofs themselves (reflected proofs). The main result is the definition of a single type of proof which can mention itself, using a new technique which finds a fixed point of a mapping between metalanguage and object language. This single type contrasts with hierarchies of types used in other approaches to accomplish the same classification. We show that these proofs are valid, and that every proof can be reduced to a proof involving only primitive inference rules. We also show how to extend the results to proofs from which programs (such as tactics) can be derived, and to proofs that can refer to a library of definitions and previously proven theorems. We believe that the mechanism of reflection is fundamental in building proof development systems, and we illustrate its power with applications to automating reasoning and describing modes of computation.

Abstract not found

Proofs in the Nuprl system, an implementation of a constructive type theory, yield “correct-by-construction ” programs. In this paper a new methodology is presented for extracting efficient and readable programs from inductive proofs. The resulting extracted programs are in a form suitable for use in hierarchical verifications in that they are amenable to clean partial evaluation via extensions to the Nuprl rewrite system. The method is based on two elements: specifications written with careful use of the Nuprl set-type to restrict the extracts to strictly computational content; and on proofs that use induction tactics that generate extracts using familiar fixed-point combinators of the untyped lambda calculus. In this paper the methodology is described and its application is illustrated by example. 1.

The system Coq is an environment for proof development based on the Calculus of Constructions extended by inductive definitions. Functional programs can be extracted from constructive proofs written in Coq. The extracted program and its corresponding proof are strongly related. The idea in this paper is to use this link to have another approach: to give a program and to generate automatically the proof from which it could be extracted. Moreover, we introduce a notion of annotated programs.

Based on a representation of primitive proof objects as - terms, which has been built into the theorem prover Isabelle recently, we propose a generic framework for program extraction. We show how this framework can be used to extract functional programs from proofs conducted in a constructive fragment of the object logic Isabelle/HOL. A characteristic feature of our implementation of program extraction is that it produces both a program and a correctness proof. Since the extracted program is available as a function within the logic, its correctness proof can be checked automatically inside Isabelle.

This paper highlights a methodology of Nuprl proof that results in efficient programs that are more readable than those produced by other established methods for extracting programs from proofs. We describe a formal constructive proof of the decidability of a sequent calculus for classical propositional logic. The proof is implemented in the Nuprl system and the resulting proof object yields a "correct-by-construction" program for deciding propositional sequents. If the sequent is valid, the program reports that fact; otherwise, the program returns a counterexample in the form of a falsifying assignment. We employ Kleene's strong three-valued logic to give more informativecounter-examples, it is also shown how this semantics agrees with the standard two-valued presentation.

The topic of this thesis is the extraction of efficient and readable programs from formal constructive proofs of decidability. The proof methods employed to generate the efficient code are new and result in clean and readable Nuprl extracts for two non-trivial programs. They are based on the use of Nuprl's set type and techniques for extracting efficient programs from induction principles. The constructive formal theories required to express the decidability theorems are of independent interest. They formally circumscribe the mathematical knowledge needed to understand the derived algorithms. The formal theories express concepts that are taught at the senior college level. The decidability proofs themselves, depending on this material, are of interest and are presented in some detail. The proof of decidability of classical propositional logic is relative to a semantics based on Kleene's strong three-valued logic. The constructive proof of intuitionistic decidability presented here is the first machine formalization of this proof. The exposition reveals aspects of the Nuprl tactic collection relevant to the creation of readable proofs; clear extracts and efficient code are illustrated in the discussion of the proofs.

. This paper presents a formalization of a sequent presentation of intuitionisitic propositional logic and proof of decidability.The proof is implemented in the Nuprl system and the resulting proof object yields a "correct-by-construction" program for deciding intuitionisitc propositional sequents. The extracted program turns out to be an implementation of the tableau algorithm. If the argument to the resulting decision procedure is a valid sequent, a formal proof of that fact is returned, otherwise a counter-example in the form of a Kripke Countermodel is returned. The formalization roughly follows Aitken, Constable and Underwood's presentation in [1] but a number of adjustments and corrections have been made to ensure the extracted program is clean( no non-computational junk) and efficient. 1