Results 1  10
of
13
Metatheory and Reflection in Theorem Proving: A Survey and Critique
, 1995
"... One way to ensure correctness of the inference performed by computer theorem provers is to force all proofs to be done step by step in a simple, more or less traditional, deductive system. Using techniques pioneered in Edinburgh LCF, this can be made palatable. However, some believe such an appro ..."
Abstract

Cited by 53 (2 self)
 Add to MetaCart
One way to ensure correctness of the inference performed by computer theorem provers is to force all proofs to be done step by step in a simple, more or less traditional, deductive system. Using techniques pioneered in Edinburgh LCF, this can be made palatable. However, some believe such an approach will never be efficient enough for large, complex proofs. One alternative, commonly called reflection, is to analyze proofs using a second layer of logic, a metalogic, and so justify abbreviating or simplifying proofs, making the kinds of shortcuts humans often do or appealing to specialized decision algorithms. In this paper we contrast the fullyexpansive LCF approach with the use of reflection. We put forward arguments to suggest that the inadequacy of the LCF approach has not been adequately demonstrated, and neither has the practical utility of reflection (notwithstanding its undoubted intellectual interest). The LCF system with which we are most concerned is the HOL proof ...
Reasoning Theories  Towards an Architecture for Open Mechanized Reasoning Systems
, 1994
"... : Our ultimate goal is to provide a framework and a methodology which will allow users, and not only system developers, to construct complex reasoning systems by composing existing modules, or to add new modules to existing systems, in a "plug and play" manner. These modules and systems might be ..."
Abstract

Cited by 47 (11 self)
 Add to MetaCart
: Our ultimate goal is to provide a framework and a methodology which will allow users, and not only system developers, to construct complex reasoning systems by composing existing modules, or to add new modules to existing systems, in a "plug and play" manner. These modules and systems might be based on different logics; have different domain models; use different vocabularies and data structures; use different reasoning strategies; and have different interaction capabilities. This paper makes two main contributions towards our goal. First, it proposes a general architecture for a class of reasoning systems called Open Mechanized Reasoning Systems (OMRSs). An OMRS has three components: a reasoning theory component which is the counterpart of the logical notion of formal system, a control component which consists of a set of inference strategies, and an interaction component which provides an OMRS with the capability of interacting with other systems, including OMRSs and hum...
Certifying Model Checkers
 In 13th International Conference Computer Aided Verification
, 2001
"... Model Checking is an algorithmic technique to determine whether a temporal property holds of a program. For linear time properties, a model checker produces a counterexample computation if the check fails. This computation acts as a "certificate" of failure, as it can be checked easily and indep ..."
Abstract

Cited by 34 (1 self)
 Add to MetaCart
Model Checking is an algorithmic technique to determine whether a temporal property holds of a program. For linear time properties, a model checker produces a counterexample computation if the check fails. This computation acts as a "certificate" of failure, as it can be checked easily and independently of the model checker by simulating it on the program. On the other hand, no such certificate is produced if the check succeeds. In this paper, we show how this asymmetry can be eliminated with a certifying model checker. The key idea is that, with some extra bookkeeping, a model checker can produce a deductive proof on either success or failure. This proof acts as a certificate of the result, as it can be checked mechanically by simple, nonfixpoint methods that are independent of the model checker. We develop a deductive proof system for verifying branching time properties expressed in the mucalculus, and show how to generate a proof in this system from a model checking run. Proofs for linear time properties form a special case. A model checker that generates proofs can be used for many interesting applications, such as better ways of exploring errors in a program, and a tight integration of model checking with automated theorem proving. 1
Integrating Automated and Interactive Theorem Proving
, 1998
"... Machine code ((Schellhorn and Ahrendt, 1997) and Chapter III.2.6). We use it as a reference or benchmark. Parts of it are repeated every now and then to evaluate the success of our integration concepts, see Section 7. In realistic applications in software verification, proof attempts are more likel ..."
Abstract

Cited by 32 (8 self)
 Add to MetaCart
Machine code ((Schellhorn and Ahrendt, 1997) and Chapter III.2.6). We use it as a reference or benchmark. Parts of it are repeated every now and then to evaluate the success of our integration concepts, see Section 7. In realistic applications in software verification, proof attempts are more likely to fail than to go through. This is because specifications, programs, I_3_16mod_a.tex; 9/03/1998; 13:09; p.2 INTEGRATED THEOREM PROVING 549 or userdefined lemmas typically are erroneous. Correct versions usually are only obtained after a number of corrections and failed proof attempts. Therefore, the question is not only how to produce powerful theorem provers but also how to integrate proving and error correction. Current research on this and related topics is discussed in Section 8. There are different approaches of combining interactive methods with automated ones. Their relation to our approach is the subject of Section 9. Finally, in Section 10 we draw conclusions. 2. IDENTIFYING ...
Programming a symbolic model checker in a fully expansive theorem prover
 Proceedings of the 16th International Conference on Theorem Proving in Higher Order Logics, volume 2758 of Lecture Notes in Computer Science
, 2003
"... Abstract. Model checking and theorem proving are two complementary approaches to formal verification. In this paper we show how binary decision diagram (BDD) based symbolic model checking algorithms may be embedded in a theorem prover to take advantage of the comparatively secure environment without ..."
Abstract

Cited by 16 (5 self)
 Add to MetaCart
Abstract. Model checking and theorem proving are two complementary approaches to formal verification. In this paper we show how binary decision diagram (BDD) based symbolic model checking algorithms may be embedded in a theorem prover to take advantage of the comparatively secure environment without incurring an unacceptable performance penalty. 1
Techniques For Efficient Formal Verification Using Binary Decision Diagrams
, 1995
"... The appeal of automatic formal verification is that it's automatic  minimal human labor and expertise should be needed to get useful results and counterexamples. BDD(binary decision diagram)based approaches have promised to allow automatic verification of complex, real systems. For large classes ..."
Abstract

Cited by 15 (0 self)
 Add to MetaCart
The appeal of automatic formal verification is that it's automatic  minimal human labor and expertise should be needed to get useful results and counterexamples. BDD(binary decision diagram)based approaches have promised to allow automatic verification of complex, real systems. For large classes of problems, however, (including many distributed protocols, multiprocessor systems, and network architectures) this promise has yet to be fulfilled. Indeed, the few successes have required extensive time and effort from sophisticated researchers in the field. Clearly, techniques are needed that are more sophisticated than the obvious direct implementation of theoretical results. This thesis addresses that need, emphasizing an application domain that has been particularly difficult for BDDbased methods  highlevel models of systems or distributed protocols  rather than gatelevel descriptions of circuits. Additionally, the emphasis is on providing useful debugging information for the...
Proof Search and Proof Check for Equational and Inductive Theorems
 Conference on Automated Deduction  CADE19
, 2003
"... Abstract. This paper presents ongoing researches on theoretical and practical issues of combining rewriting based automated theorem proving and userguided proof development, with the strong constraint of safe cooperation of both. In practice, we instantiate the theoretical study on the Coq proof a ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Abstract. This paper presents ongoing researches on theoretical and practical issues of combining rewriting based automated theorem proving and userguided proof development, with the strong constraint of safe cooperation of both. In practice, we instantiate the theoretical study on the Coq proof assistant and the ELAN rewriting based system, focusing first on equational and then on inductive proofs. Different concepts, especially rewriting calculus and deduction modulo, contribute to define and to relate proof search, proof representation and proof check.
Tracking Design Changes with Formal Verification
 International Workshop on Higher Order Logic Theorem Proving and its Applications, volume 859 of Lecture Notes in Computer Science
, 1994
"... . Designs are often modified for use in new circumstances. If formal proof is to be an acceptable verification methodology for industry, it must be capable of tracking design changes quickly. We describe our experiences formally verifying an implementation of an ATM network component, and on our sub ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
. Designs are often modified for use in new circumstances. If formal proof is to be an acceptable verification methodology for industry, it must be capable of tracking design changes quickly. We describe our experiences formally verifying an implementation of an ATM network component, and on our subsequent verification of modified designs. Three of the designs verified are in use in a working network. They were designed and implemented with no consideration for formal methods. This case study gives an indication of the difficulties in formally verifying a real design and of subsequently tracking design changes. 1 Introduction Designs are often modified as requirements change. Such modifications often take a fraction of the original design time to complete. Even if a design can initially be validated in an acceptable time scale, formal verification is unlikely to be accepted if a similar amount of time is required to validate subsequent modified designs. It has been suggested that this...
Formalizing the translation of CTL into Lµ
 Supplementary Proceedings of the 16th International Conference on Theorem Proving in Higher Order Logics, number 187 in Technical Reports
, 2003
"... Abstract. The translation of the temporal logic CTL [2] into the modal µcalculus Lµ [10] is formalised in the HOL theorem prover [8]. 1 ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
Abstract. The translation of the temporal logic CTL [2] into the modal µcalculus Lµ [10] is formalised in the HOL theorem prover [8]. 1
Formalizing UNITY with HOL
, 1996
"... T HIS paper has been written for the IPA workshop in Egmond aan Zee, 1620 october 1995. Despite its size, it is intended as an introduction a quick tour to the technology of mechanical verification and the formal design of distributed algorithms, and is not intended to be complete. Neverthel ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
T HIS paper has been written for the IPA workshop in Egmond aan Zee, 1620 october 1995. Despite its size, it is intended as an introduction a quick tour to the technology of mechanical verification and the formal design of distributed algorithms, and is not intended to be complete. Nevertheless it will provide the necessary information for the reader to understand the topics. For further reading on the topics, the reader can try the introduction book to HOL [GM93] and the book of UNITY [CM88]. Most of this paper is taken from my Ph.D. thesis. If the reader is interested in further technical details, my thesis is available through ftp at: ftp.cs.ruu.nl in directory pub/RUU/CS/phdtheses/Prasetya Chapter 1 Introduction T HE role of distributed programs has become increasingly important as more and more people hook their computers together, either locally or worldwide. The technology of computer networks advances rapidly and so is its availability. Today, it is no longer a lux...