Abstract not found

This paper describes a calculus of partial recursive functions that range over arbitrary and possibly higher-order objects in LF [HHP93]. Its most novel features include recursion under lambda-binders and matching against dynamically introduced parameters.

We present a meta-logic that contains a new quantifier (for encoding "generic judgment") and inference rules for reasoning within fixed points of a given specification. We then specify the operational semantics and bisimulation relations for the finite π-calculus within this meta-logic. Since we

The adoption of the Dolev-Yao model, an abstraction of security protocols that supports symbolic reasoning, is responsible for many successes in protocol analysis. In particular, it has enabled using logic effectively to reason about protocols. One recent framework for expressing the basic assumptions of the Dolev-Yao model is given by strand spaces, certain directed graphs whose structure reflects causal interactions among protocol participants. We represent strand constructions as relatively simple formulas in first-order linear logic, a refinement of traditional logic known for an intrinsic and natural accounting of process states, events, and resources. The proposed encoding is shown to be sound and complete. Interestingly, this encoding differs from the multiset rewriting definition of the Dolev-Yao model, which is also based on linear logic. This raises the possibility that the multiset rewriting framework may differ from strand spaces in some subtle way, although the two settings are known to agree on the basic secrecy property. 1 Introduction In recent years, a variety of methods have been developed for analyzing and reasoning about protocols based on cryptographic primitives. Although there are many differences among these proposals, most current formal approaches use the so-called "Dolev-Yao" model of adversary capabilities, which appears to be drawn from positions taken in [34] and from a simplified model presented in [11]. In this idealized setting, a protocol adversary is allowed to nondeterministically choose among possible actions. Messages are composed of indivisible abstract values, not sequences of bits, and encryption is modeled in an idealized way. The adversary may only send messages comprised of data it "knows" as the result of overhearing past transmissions.

Abstract. Proof search has been used to specify a wide range of computation systems. In order to build a framework for reasoning about such specifications, we make use of a sequent calculus involving induction and co-induction. These proof principles are based on a proof theoretic (rather than set-theoretic) notion of definition [13, 20, 25, 51]. Definitions are akin to (stratified) logic programs, where the left and right rules for defined atoms allow one to view theories as “closed ” or defining fixed points. The use of definitions makes it possible to reason intensionally about syntax, in particular enforcing free equality via unification. We add in a consistent way rules for pre and post fixed points, thus allowing the user to reason inductively and co-inductively about properties of computational system making full use of higher-order abstract syntax. Consistency is guaranteed via cut-elimination, where we give the first, to our knowledge, cut-elimination procedure in the presence of general inductive and co-inductive definitions. 1

This paper presents an extension of the simple-typed lambda-calculus allowing iteration and case...

Bedwyr is a generalization of logic programming that allows model checking directly on syntactic expressions possibly containing bindings. This system, written in OCaml, is a direct implementation of two recent advances in the theory of proof search. The first is centered on the fact that both finite success and finite failure can be captured in the sequent calculus by incorporating inference rules for definitions that allow fixed points to be explored. As a result, proof search in such a sequent calculus can capture simple model checking problems as well as may and must behavior in operational semantics. The second is that higherorder abstract syntax is directly supported using term-level λ-binders and the quantifier known as ∇. These features allow reasoning directly on expressions containing bound variables. 2

The Theory of Contexts is a type-theoretic axiomatization which has been recently proposed by some of the authors for giving a metalogical account of the fundamental notions of variable and context as they appear in Higher Order Abstract Syntax. In this paper, we prove that this theory is consistent by building a model based on functor categories. By means of a suitable notion of forcing, we prove that this model validates Classical Higher Order Logic, the Theory of Contexts, and also (parametrised) structural induction and recursion principles over contexts. The approach we present in full detail should be useful also for reasoning on other models based on functor categories. Moreover, the construction could be adopted, and possibly generalized, also for validating other theories of names and binders. Contents 1 The object language 4 2 The metalanguage (Framework System #) 6 2.1 Syntax 6 2.2 Typing and logical judgements 7 2.3 Adequacy of the encoding 8 2.4 Remarks on the design of # 9 3 Category-theoretic preliminaries 11 4.1 The ambient categories 4.2 Interpreting types 16 4.3 Interpreting environments 18 4.4 Interpreting the typing judgement of terms 19 4.5 Interpreting logical judgements 21 is a model of # 22 5.1 Forcing 22 5.2 Characterisation of Leibniz equality 23 models logical axioms and rules 26 models the Theory of Contexts 27 6 Recursion 28 6.1 First-order recursion 28 6.2 Higher-order recursion 31 7 Induction 33 7.1 First-order induction 34 7.2 Higher-order induction 37 8 Connections with tripos theory 38 9 Related work 41 9.1 Semantics based on functor categories 41 9.2 Logics for nominal calculi 44 10 Conclusions 45 A Proofs 46 A.1 Proof of Proposition 4.2 46 A.2 Proof of Proposition 4.3 47 A.3 Proof of Theorem 5.1 48 A.4 Proof of...

Abstract. The use of higher-order abstract syntax is an important approach for the representation of binding constructs in encodings of languages and logics in a logical framework. Formal meta-reasoning about such object languages is a particular challenge. We present a mechanism for such reasoning, formalized in Coq, inspired by the Hybrid tool in Isabelle. At the base level, we define a de Bruijn representation of terms with basic operations and a reasoning framework. At a higher level, we can represent languages and reason about them using higher-order syntax. We take advantage of Coq’s constructive logic by formulating many definitions as Coq programs. We illustrate the method on two examples: the untyped lambda calculus and quantified propositional logic. For each language, we can define recursion and induction principles that work directly on the higher-order syntax. 1

Abstract. Combining Higher Order Abstract Syntax (HOAS) and (co)induction is well known to be problematic. In previous work [1] we have described the implementation of a tool called Hybrid, within Isabelle HOL, which allows object logics to be represented using HOAS, and reasoned about using tactical theorem proving and principles of (co)induction. Moreover, it is definitional, which guarantees consistency within a classical type theory. In this paper we describe how to use it in a multi-level reasoning fashion, similar in spirit to other meta-logics such F Oλ ∆IN and Twelf. By explicitly referencing provability, we solve the problem of reasoning by (co)induction in presence of non-stratifiable hypothetical judgments, which allow very elegant and succinct specifications. We demonstrate the method by formally verifying the correctness of a compiler for (a fragment) of Mini-ML, following [10]. To further exhibit the flexibility of our system, we modify the target language with a notion of non-well-founded closure, inspired by Milner & Tofte [19] and formally verify via co-induction a subject reduction theorem for this modified language. 1