Results 1  10
of
11
Solvable set/hyperset contexts: I. Some decision procedures for the pure, finite case
 Comm. Pure App. Math
, 1995
"... Hereditarily finite sets and hypersets are characterized both as an algorithmic data structure and by means of a firstorder axiomatization which, although rather weak, suffices to make the following two problems decidable: (1) Establishing whether a conjunction r of formulae of the form 8 y 1 \D ..."
Abstract

Cited by 13 (6 self)
 Add to MetaCart
Hereditarily finite sets and hypersets are characterized both as an algorithmic data structure and by means of a firstorder axiomatization which, although rather weak, suffices to make the following two problems decidable: (1) Establishing whether a conjunction r of formulae of the form 8 y 1 \Delta \Delta \Delta 8 y m ((y 1 2 w 1 & \Delta \Delta \Delta & y m 2 wm ) ! q), with q quantifierfree and involving only the relators =; 2 and propositional connectives, and each y i distinct from all w j 's, is satisfiable. (2) Establishing whether a formula of the form 8 y q, q quantifierfree, is satisfiable. Concerning (1), an explicit decision algorithm is provided; moreover, significantly broad subproblems of (1) are singled out in which a classification named the `syllogistic decomposition' of r of all possible ways of satisfying the input conjunction r can be obtained automatically. For one of these subproblems, carrying out the decomposition results in producing a fi...
STRUCTURAL EMBEDDINGS: MECHANIZATION WITH METHOD
, 1999
"... The most powerful tools for analysis of formal specifications are generalpurpose theorem provers and model checkers, but these tools provide scant methodological support. Conversely, those approaches that do provide a welldeveloped method generally have less powerful automation. It is natural, the ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
The most powerful tools for analysis of formal specifications are generalpurpose theorem provers and model checkers, but these tools provide scant methodological support. Conversely, those approaches that do provide a welldeveloped method generally have less powerful automation. It is natural, therefore, to try to combine the betterdeveloped methods with the more powerful generalpurpose tools. An obstacle is that the methods and the tools often employ very different logics. We argue that methods are separable from their logics and are largely concerned with the structure and organization of specifications. We propose a technique called structural embedding that allows the structural elements of a method to be supported by a generalpurpose tool, while substituting the logic of the tool for that of the method. We have found this technique quite e ective and we provide some examples of its application. We also suggest how generalpurpose systems could be restructured to support this activity better.
The Open Calculus of Constructions: An Equational Type Theory with Dependent Types for Programming, Specification, and Interactive Theorem Proving
"... The open calculus of constructions integrates key features of MartinLöf's type theory, the calculus of constructions, Membership Equational Logic, and Rewriting Logic into a single uniform language. The two key ingredients are dependent function types and conditional rewriting modulo equational t ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
The open calculus of constructions integrates key features of MartinLöf's type theory, the calculus of constructions, Membership Equational Logic, and Rewriting Logic into a single uniform language. The two key ingredients are dependent function types and conditional rewriting modulo equational theories. We explore the open calculus of constructions as a uniform framework for programming, specification and interactive verification in an equational higherorder style. By having equational logic and rewriting logic as executable sublogics we preserve the advantages of a firstorder semantic and logical framework and especially target applications involving symbolic computation and symbolic execution of nondeterministic and concurrent systems.
An operational approach to combining classical set theory and functional programming languages
 In Theoretical Aspects of Computer Software, Lecture Notes in Computer Science
, 1994
"... Abstract. We have designed a programming logic based on an integration of functional programming languages with classical set theory. The logic merges a classical view of equality with a constructive one by using equivalence classes, while at the same time allowing computation with representatives o ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
Abstract. We have designed a programming logic based on an integration of functional programming languages with classical set theory. The logic merges a classical view of equality with a constructive one by using equivalence classes, while at the same time allowing computation with representatives of equivalence classes. Given a programming language and its operational semantics, a logic is obtained by extending the language with the operators of set theory and classical logic, and extending the operational semantics with “evaluation ” rules for these new operators. This operational approach permits us to give a generic design. We give a general formalism for specifying evaluation semantics, and parameterize our design with respect to languages specifiable in this formalism. This allows us to prove, once and for all, important properties of the semantics such as the coherence of the treatment of equality. 1
Elementary constructive operational set theory. To appear in: Festschrift for Wolfram Pohlers, Ontos Verlag
"... Abstract. We introduce an operational set theory in the style of [5] and [17]. The theory we develop here is a theory of constructive sets and operations. One motivation behind constructive operational set theory is to merge a constructive notion of set ([1], [2]) with some aspects which are typical ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Abstract. We introduce an operational set theory in the style of [5] and [17]. The theory we develop here is a theory of constructive sets and operations. One motivation behind constructive operational set theory is to merge a constructive notion of set ([1], [2]) with some aspects which are typical of explicit mathematics [14]. In particular, one has nonextensional operations (or rules) alongside extensional constructive sets. Operations are in general partial and a limited form of self–application is permitted. The system we introduce here is a fully explicit, finitely axiomatised system of constructive sets and operations, which is shown to be as strong as HA. 1.
Realizability, Set Theory and Term Extraction
"... Applicative Structure : : : : : : : : : : : : : : : : : : : : : : : : : : : : 16 3.2 Realizability : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 17 3.3 Soundness for IZF : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 20 3.4 Term Extraction : : : ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Applicative Structure : : : : : : : : : : : : : : : : : : : : : : : : : : : : 16 3.2 Realizability : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 17 3.3 Soundness for IZF : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 20 3.4 Term Extraction : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 21 3.5 Strong Intuitionistic Counterexamples : : : : : : : : : : : : : : : : : : : : : : : : 24 3.6 Some famous "nonstandard" consistency results : : : : : : : : : : : : : : : : : : : 25 4 Forcing in Constructive Set Theory (Unramified) 26 4.1 Kripke models over V (K) : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 26 4.2 Soundness of IZF Axioms : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 28 4.3 Examples : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 30 5 \Omega sets,Categories and Sheaves 34 5.1 From Kripke Models to cHa's : : : : : : : : : : : : : : : :...
unknown title
"... We describe our experience with formal, machinechecked verification of algorithms for critical applications, concentrating on a Byzantine faulttolerant algorithm for synchronizing the clocks in the replicated computers of a digital flight control system. First, we explain the problems encountered ..."
Abstract
 Add to MetaCart
We describe our experience with formal, machinechecked verification of algorithms for critical applications, concentrating on a Byzantine faulttolerant algorithm for synchronizing the clocks in the replicated computers of a digital flight control system. First, we explain the problems encountered in unsynchronized systems and the necessity, and criticality, of faulttolerant synchronization. We give an overview of one such algorithm, and of the arguments for its correctness. Next, we describe a verification of the algorithm that we performed using our Ehdm system for formal specification and verification. We indicate the errors we found in the published analysis of the algorithm, and other benefits that we derived from the verification. Based on our experience, we derive some key requirements for a formal specification and verification system adequate to the task of verifying algorithms of the type considered. Finally, we summarize our conclusions regarding the benefits of formal verification in this domain, and the capabilities required of verification systems in order to realize those benefits. Index terms: Formal specification, formal verification, clock synchronization, faulttolerant systems.