The HOL system is a mechanized proof assistant for higher order logic that has been under continuous development since the mid-1980s, by an ever-changing group of developers and external contributors. We give a brief overview of various implementations of the HOL logic before focusing on the evolution of certain important features available in a recent implementation. We also illustrate how the module system of Standard ML provided security and modularity in the construction of the HOL kernel, as well as serving in a separate capacity as a useful representation medium for persistent, hierarchical logical theories.

: The ß-calculus is a process algebra for modelling concurrent systems in which the pattern of communication between processes may change over time. This paper describes the results of preliminary work on a definitional formal theory of the ß-calculus in higher order logic using the HOL theorem prover. The ultimate goal of this work is to provide practical mechanized support for reasoning with the ß-calculus about applications. Introduction The ß-calculus [17, 18] is a process algebra proposed by Milner, Parrow and Walker for modelling concurrent systems in which the pattern of interconnection between processes may change over time. This paper describes work on a mechanized formal theory of the ß-calculus in higher order logic using the HOL theorem prover [8]. The main aim of this work is to construct a practical and sound theorem-proving tool to support reasoning about applications using the ß-calculus, as well as metatheoretic reasoning about the ß-calculus itself. Four general prin...

A proof system is described which is capable of handling processes with valuepassing. It implements inference systems that treats data and boolean expressions symbolically. Users are allowed to define the syntax and axioms for their own calculi. Proofs are performed by either invoking proof rules or applying equational axioms as rewrite rules. Help facilities are provided to make it easier to conduct proofs. Keyword Codes: D.1.3; D.2.2; D.2.4 Keywords: Programming Techniques, Concurrent Programming; Software Engineering, Tools and Techniques; Program Verification 1 Introduction Both CSP [Hoa85] and CCS [Mil89] were originally proposed as languages for describing systems of processes which can run in parallel and cooperate with each other by transmitting data through communication channels. But in the subsequent years the aspect of data transmition has been somewhat neglected, and "pure" versions of these calculi, so-called process algebras, have been studied extensively, in wh...

We present a realizability interpretation of co-inductive types based on partial equivalence relations (per's). We extract from the per's interpretation sound rules to type recursive definitions. These recursive definitions are needed to introduce "infinite" and "total" objects of co-inductive type such as an infinite stream or a non-terminating process. We show that the proposed type system enjoys the basic syntactic properties of subject reduction and strong normalization with respect to a confluent rewriting system first studied by Gimenez. We also compare the proposed type system with those studied by Coquand and Gimenez. In particular, we provide a semantic reconstruction of Gimenez's system which suggests a rule to type nested recursive definitions.

Recently the use of formal methods in describing and analysing the behaviour of (computer) systems has become more common. This has resulted in the proliferation of a wide variety of different specification formalisms, together with analytical techniques and methodologies for specification development. The particular specification formalism adopted for this study is LOTOS, an ISO standard formal description technique. Although there are many works dealing with how to write LOTOS specifications and how to develop a LOTOS specification from the initial abstract requirements specification to concrete implementation, relatively few works are concerned with the problems of expressing and proving the correctness of LOTOS specifications, i.e. verification. The main objective of this thesis is to address this shortfall by investigating the meaning of verification as it relates to concurrent systems in general, and in particular to those systems described using LOTOS. Further goals are to autom...

We explore several ways to formalize the algebraic laws of CSP-like languages in HOL. The intent of the paper is to show how HOL can be tailored to acting as a proof assistant. The emphasis is therefore on the consequences of various choices to be made during the formalization for writing tactics. We end up with a proof assistant that allows a user to make steps of the granularity of an algebraic law. It is not the purpose of this paper to show in HOL that the algebraic laws of some CSP-like language are sound; the purpose is to show how HOL can be used to apply the algebraic laws and act as a rewrite system. 0 Introduction We report on our attempts to tailor the automated proof checker HOL [GM93] to the verification of proofs in CSP-like process algebras. Although it is technically feasible to prove the correctness of processes operating in parallel, this is often a long and tedious, and therefore extremely error-prone task. Reliable tools that can assist in proving concurrent progra...

We have created a calculus for reasoning about hardware and firmware at the algorithmic state machine (ASM) and instructionset processor (ISP) levels of description. The calculus is a value-passing process algebra that extends the Mealy machine model to include parallel composition. It supports reasoning about the composed behavior of synchronous ASM and ISP components and microcode. We present an overview of the calculus and its application including an example showing the equivalence of a microcoded machine to its target instruction set specified by both ASM and ISP descriptions. The calculus, its properties, and the examples have been deeply embedded, proved, and verified as conservative extensions to the logic of the Higher Order Logic (HOL90) theorem prover.