User Interaction with the Matita Proof Assistant
 Journal of Automated Reasoning, Special
, 2006
Cited by 48 (14 self)
Abstract. Matita is a new, documentcentric, tacticbased interactive theorem prover. This paper focuses on some of the distinctive features of the user interaction with Matita, mostly characterized by the organization of the library as a searchable knowledge base, the emphasis on a highquality notational rendering, and the complex interplay between syntax, presentation, and semantics.
Inductive Data Type Systems
 THEORETICAL COMPUTER SCIENCE
, 1997
Cited by 43 (9 self)
In a previous work (“Abstract Data Type Systems”, TCS 173(2), 1997), the last two authors presented a combined language made of a (strongly normalizing) algebraic rewrite system and a typed λcalculus enriched by patternmatching definitions following a certain format, called the “General Schema”, which generalizes the usual recursor definitions for natural numbers and similar “basic inductive types”. This combined language was shown to be strongly normalizing. The purpose of this paper is to reformulate and extend the General Schema in order to make it easily extensible, to capture a more general class of inductive types, called “strictly positive”, and to ease the strong normalization proof of the resulting system. This result provides a computation model for the combination of an algebraic specification language based on abstract data types and of a strongly typed functional language with strictly positive inductive types.
Definitions by Rewriting in the Calculus of Constructions
, 2001
Cited by 36 (6 self)
The main novelty of this paper is to consider an extension of the Calculus of Constructions where predicates can be defined with a general form of rewrite rules.
The Calculus of Algebraic Constructions
 In Proc. of the 10th Int. Conf. on Rewriting Techniques and Applications, LNCS 1631
, 1999
Cited by 25 (9 self)
Abstract. In a previous work, we proved that an important part of the Calculus of Inductive Constructions (CIC), the basis of the Coq proof assistant, can be seen as a Calculus of Algebraic Constructions (CAC), an extension of the Calculus of Constructions with functions and predicates defined by higherorder rewrite rules. In this paper, we prove that almost all CIC can be seen as a CAC, and that it can be further extended with nonstrictly positive types and inductiverecursive types together with nonfree constructors and patternmatching on defined symbols. 1.
A constraintbased approach to guarded algebraic data types
 ACM Trans. Prog. Languages Systems
, 2007
Cited by 24 (0 self)
We study HMG(X), an extension of the constraintbased type system HM(X) with deep pattern matching, polymorphic recursion, and guarded algebraic data types. Guarded algebraic data types subsume the concepts known in the literature as indexed types, guarded recursive datatype constructors, (firstclass) phantom types, and equality qualified types, and are closely related to inductive types. Their characteristic property is to allow every branch of a case construct to be typechecked under different assumptions about the type variables in scope. We prove that HMG(X) is sound and that, provided recursive definitions carry a type annotation, type inference can be reduced to constraint solving. Constraint solving is decidable, at least for some instances of X, but prohibitively expensive. Effective type inference for guarded algebraic data types is left as an issue for future research.
ConstraintBased Type Inference for Guarded Algebraic Data Types
, 2003
Cited by 23 (3 self)
Guarded algebraic data types, which subsume the concepts known in the literature as indexed types, guarded recursive datatype constructors, and phantom types, and are closely related to inductive types, have the distinguishing feature that, when typechecking a function defined by cases, every branch must be checked under di#erent typing assumptions. This mechanism allows exploiting the presence of dynamic tests in the code to produce extra static type information.
A modular formalisation of finite group theory
 In TPHOLs
, 2007
Cited by 18 (6 self)
Abstract. In this paper, we present a formalisation of elementary group theory done in Coq. This work is the first milestone of a longterm effort to formalise FeitThompson theorem. As our further developments will heavily rely on this initial base, we took special care to articulate it in the most compositional way. 1
Formalizing Process Algebraic Verifications in the Calculus of Constructions
Cited by 18 (7 self)
This paper reports on the first steps towards the formal verification of correctness proofs of reallife protocols in process algebra. We show that proofs can be verified, and partly constructed, by a general purpose proof checker. The process algebra we use is µCRL, ACP augmented with data, which is small enough to make the verification feasible, and at the same time expressive enough for the specification of reallife protocols. The proof checker we use is Coq, which is based on the Calculus of Constructions, an extension of simply typed lambda calculus. The focus is on the translation of the proof theory of µCRL and µCRLspecifications to Coq. As a case study, we verified the Alternating Bit Protocol.
Inductive types in the calculus of algebraic constructions
 FUNDAMENTA INFORMATICAE 65(12) (2005) 61–86 JOURNAL VERSION OF TLCA’03
, 2005
Cited by 15 (4 self)
In a previous work, we proved that almost all of the Calculus of Inductive Constructions (CIC), the basis of the proof assistant Coq, can be seen as a Calculus of Algebraic Constructions (CAC), an extension of the Calculus of Constructions with functions and predicates defined by higherorder rewrite rules. In this paper, we prove that CIC as a whole can be seen as a CAC, and that it can be extended with nonstrictly positive types and inductiverecursive types together with nonfree constructors and patternmatching on defined symbols.
A Hoare Logic for CallbyValue Functional Programs
Cited by 14 (1 self)
Abstract. We present a Hoare logic for a callbyvalue programming language equipped with recursive, higherorder functions, algebraic data types, and a polymorphic type system in the style of Hindley and Milner. It is the theoretical basis for a tool that extracts proof obligations out of programs annotated with logical assertions. These proof obligations, expressed in a typed, higherorder logic, are discharged using offtheshelf automated or interactive theorem provers. Although the technical apparatus that we exploit is by now standard, its application to callbyvalue functional programming languages appears to be new, and (we claim) deserves attention. As a sample application, we check the partial correctness of a balanced binary search tree implementation. 1