this document I will lay out a possible PhD project in Automated Reasoning, discussing the principle objectives, some implementation ideas, and alternative lines of research if unexpected obstacles arise. The aim is that this plan will be suciently detailed to serve as proof of concept for the project.

Today’s increasingly computer-based society is dependent on the correctness and reliability of crucial infrastructure, such as programming languages, compilers, networks, and microprocessors. One important way to achieve the required level of assurance is to use formal specification and proof, and tool support for this approach has steadily grown to the point where the specification and verification of important system infrastructure is now feasible. To survey the state of the art and discuss future possibilities and challenges, a two day research meeting entitled Tools and Techniques for Verification of System

We explore the use of QuickCheck-style randomized testing in programming languages metatheory, a methodology proposed to reduce development time by revealing shallow errors early, before a formal proof attempt. This exploration begins with the development of a randomized testing framework for PLT Redex, a domain-specific language for specifying and debugging operational semantics. In keeping with the spirit of Redex, the framework is as lightweight as possible—the user encodes a conjecture as a predicate over the terms of the language, and guided by the structure of the language’s grammar, reduction relation, and metafunctions, Redex attempts to falsify the conjecture automatically. In addition to the details of this framework, we present a tutorial demonstrating its use and two case studies applying it to large language specifications. The first study, a postmortem, applies randomized testing to the formal semantics published with the latest revision of the Scheme language standard. Despite a community review period and a comprehensive, manually-constructed test suite, randomized testing in Redex revealed four bugs in the semantics. The second study presents our experience applying the tool concurrently with the development of a formal model for the MzScheme virtual machine and bytecode verifier. In addition to many errors in our formalization, randomized testing revealed six bugs in the core bytecode verification algorithm in production use. The results of these studies suggest that randomized testing is a cheap and effective technique for finding bugs in large programming language metatheories.

We report the current state of the mechanisation, in Isabelle and HOL Light, of a paper [EM03] from the area of distributed algorithms. As well as the contribution of the mechanisation itself, we address several issues in theorem proving. For example, we have developed several tools which make the process of mechanisation easier, such as tools to handle context during a mechanisation, which greatly facilitates the expression of proofs.