Research in dependent type theories [M-L71a] has, in the past, concentrated on its use in the presentation of theorems and theorem-proving. This thesis is concerned mainly with the exploitation of the computational aspects of type theory for programming, in a context where the properties of programs may readily be specified and established. In particular, it develops technology for programming with dependent inductive families of datatypes and proving those programs correct. It demonstrates the considerable advantage to be gained by indexing data structures with pertinent characteristic information whose soundness is ensured by typechecking, rather than human effort. Type theory traditionally presents safe and terminating computation on inductive datatypes by means of elimination rules which serve as induction principles and, via their associated reduction behaviour, recursion operators [Dyb91]. In the programming language arena, these appear somewhat cumbersome and give rise to unappealing code, complicated by the inevitable interaction between case analysis on dependent types and equational reasoning on their indices which must appear explicitly in the terms. Thierry Coquand’s proposal [Coq92] to equip type theory directly with the kind of

This paper describes in detail how to bridge the gap between theory and practice when implementing in Maude structural operational semantics described in rewriting logic, where transitions become rewrites and inference rules become conditional rewrite rules with rewrites in the conditions, as made possible by the new features in Maude 2.0. We validate this technique using it in several case studies: a functional language Fpl (evaluation and computation semantics, including an abstract machine), imperative languages WhileL (evaluation and computation semantics) and GuardL with nondeterminism (computation semantics), Kahn's functional language Mini-ML (evaluation or natural semantics), Milner's CCS (with strong and weak transitions), and Full LOTOS (including ACT ONE data type specifications). In addition, on top of CCS we develop an implementation of the Hennessy-Milner modal logic for describing local capabilities of processes, and for LOTOS we build an entire tool where Full LOTOS specifications can be entered and executed (without user knowledge of the underlying implementation of the semantics). We also compare this method based on transitions as rewrites with another one based on transitions as judgements.

This paper describes the process of mechanically certifying a compiler with respect to the semantic specification of the source and target languages. The proofs are performed in type theory using the Coq system. These proofs introduce specific theoretical tools: fragmentation theorems and general induction principles.

. We develop a formal proof of the ML type inference algorithm, within the Coq proof assistant. We are much concerned with methodology and reusability of such a mechanization. This proof is also necessary to hope the certification of a complete ML compiler in the future. In this paper we present the Coq formalization of the typing system and its inference algorithm. We establish formally the correctness and the completeness of the type inference algorithm with respect to the typing rules of the language. We describe and comment the mechanized proofs. 1. Introduction Our goal is to realize a verified formal proof of the ML type inference algorithm, within the Coq proof assistant. Though this algorithm has been proved since quite a long time, this proof had never been mechanized entirely up to now. Simultaneously and independently of our work, D. Nazareth and T. Nipkow have carried out such a formal verification in the theorem prover Isabelle/HOL for simply-typed -terms [11] and then ...

Abstract. We verify within the Coq proof assistant that ML typing is sound with respect to the dynamic semantics. We prove this property in the framework of a big step semantics and also in the framework of a reduction semantics. For that purpose, we use a syntax-directed version of the typing rules: we prove mechanically its equivalence with the initial type system provided by Damas and Milner. This work is complementary to the certification of the ML type inference algorithm done previously by the author and Valérie Ménissier-Morain. 1