Results 11  20
of
43
A Hoare Logic for CallbyValue Functional Programs
"... Abstract. We present a Hoare logic for a callbyvalue programming language equipped with recursive, higherorder functions, algebraic data types, and a polymorphic type system in the style of Hindley and Milner. It is the theoretical basis for a tool that extracts proof obligations out of programs ..."
Abstract

Cited by 14 (1 self)
 Add to MetaCart
Abstract. We present a Hoare logic for a callbyvalue programming language equipped with recursive, higherorder functions, algebraic data types, and a polymorphic type system in the style of Hindley and Milner. It is the theoretical basis for a tool that extracts proof obligations out of programs annotated with logical assertions. These proof obligations, expressed in a typed, higherorder logic, are discharged using offtheshelf automated or interactive theorem provers. Although the technical apparatus that we exploit is by now standard, its application to callbyvalue functional programming languages appears to be new, and (we claim) deserves attention. As a sample application, we check the partial correctness of a balanced binary search tree implementation. 1
A Natural Deduction Approach to Dynamic Logic
 Proceedings of TYPES'95, LNCS 1158
, 1996
"... . Natural Deduction style presentations of program logics are useful in view of the implementation of such logics in interactive proof development environments, based on type theory, such as LEGO, Coq, etc. In fact, NDstyle systems are the kind of systems which can take best advantage of the possib ..."
Abstract

Cited by 13 (5 self)
 Add to MetaCart
. Natural Deduction style presentations of program logics are useful in view of the implementation of such logics in interactive proof development environments, based on type theory, such as LEGO, Coq, etc. In fact, NDstyle systems are the kind of systems which can take best advantage of the possibility of reasoning "under assumptions" o#ered by proof assistants generated by Logical Frameworks. In this paper we introduce and discuss sound and complete proof systems in Natural Deduction style for representing various "truth" consequence relations of Dynamic Logic. We discuss the design decisions which lead to adequate encodings of these logics in Coq. We derive in Dynamic Logic a set of rules representing a NDstyle system for Hoare Logic.
The Implicit Calculus of Constructions  Extending Pure Type Systems with an Intersection Type Binder and Subtyping
 Proc. of 5th Int. Conf. on Typed Lambda Calculi and Applications, TLCA'01, Krakow
, 2001
"... In this paper, we introduce a new type system, the Implicit Calculus of Constructions, which is a Currystyle variant of the Calculus of Constructions that we extend by adding an intersection type binder called the implicit dependent product. Unlike the usual approach of Type Assignment Systems ..."
Abstract

Cited by 13 (0 self)
 Add to MetaCart
In this paper, we introduce a new type system, the Implicit Calculus of Constructions, which is a Currystyle variant of the Calculus of Constructions that we extend by adding an intersection type binder called the implicit dependent product. Unlike the usual approach of Type Assignment Systems, the implicit product can be used at every place in the universe hierarchy. We study syntactical properties of this calculus such as the subject reduction property, and we show that the implicit product induces a rich subtyping relation over the type system in a natural way. We also illustrate the specicities of this calculus by revisitting the impredicative encodings of the Calculus of Constructions, and we show that their translation into the implicit calculus helps to reect the computational meaning of the underlying terms in a more accurate way.
Building decision procedures in the calculus of inductive constructions
 of Lecture Notes in Computer Science
, 2007
"... It is commonly agreed that the success of future proof assistants will rely on their ability to incorporate computations within deduction in order to mimic the mathematician when replacing the proof of a proposition P by the proof of an equivalent proposition P ’ obtained from P thanks to possibly c ..."
Abstract

Cited by 11 (1 self)
 Add to MetaCart
It is commonly agreed that the success of future proof assistants will rely on their ability to incorporate computations within deduction in order to mimic the mathematician when replacing the proof of a proposition P by the proof of an equivalent proposition P ’ obtained from P thanks to possibly complex calculations. In this paper, we investigate a new version of the calculus of inductive constructions which incorporates arbitrary decision procedures into deduction via the conversion rule of the calculus. The novelty of the problem in the context of the calculus of inductive constructions lies in the fact that the computation mechanism varies along proofchecking: goals are sent to the decision procedure together with the set of user hypotheses available from the current context. Our main result shows that this extension of the calculus of constructions does not compromise its main properties: confluence, subject reduction, strong normalization and consistency are all preserved.
From formal proofs to mathematical proofs: A safe, incremental way for building in firstorder decision procedures
 In TCS 2008: 5th IFIP International Conference on Theoretical Computer Science
, 2008
"... (CIC) on which the proof assistant Coq is based: the Calculus of Congruent Inductive Constructions, which truly extends CIC by building in arbitrary firstorder decision procedures: deduction is still in charge of the CIC kernel, while computation is outsourced to dedicated firstorder decision proc ..."
Abstract

Cited by 11 (0 self)
 Add to MetaCart
(CIC) on which the proof assistant Coq is based: the Calculus of Congruent Inductive Constructions, which truly extends CIC by building in arbitrary firstorder decision procedures: deduction is still in charge of the CIC kernel, while computation is outsourced to dedicated firstorder decision procedures that can be taken from the shelves provided they deliver a proof certificate. The soundness of the whole system becomes an incremental property following from the soundness of the certificate checkers and that of the kernel. A detailed example shows that the resulting style of proofs becomes closer to that of the working mathematician. 1
A verified model checker for the modal µcalculus in Coq
 In TACAS, volume 1384 of LNCS
, 1998
"... . We report on the formalisation and correctness proof of a model checker for the modal calculus in Coq's constructive type theory. Using Coq's extraction mechanism we obtain an executable Caml program, which is added as a safe decision procedure to the system. An example illustrates its applic ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
. We report on the formalisation and correctness proof of a model checker for the modal calculus in Coq's constructive type theory. Using Coq's extraction mechanism we obtain an executable Caml program, which is added as a safe decision procedure to the system. An example illustrates its application in combination with deduction. 1 Introduction There is an obvious advantage in combining theorem proving and model checking techniques for the verification of reactive systems. The expressiveness of the theorem prover's (often higherorder) logic can be used to accommodate a variety of program modelling and verification paradigms, so infinite state and parametrised designs can be verified. However, using a theorem prover is not transparent and may require a fair amount of expertise. On the other hand, model checking is transparent, but exponential in the number of concurrent components. Its application is thus limited to systems with small state spaces. A combination of the two techn...
Coinductive Axiomatization of a Synchronous Language
 In Proceedings of Theorem Proving in Higher Order Logics (TPHOLs'98), number 1479 in LNCS
, 1998
"... Over the last decade, the increasing demand for the validation of safety critical systems lead to the development of domainspecific programming languages (e.g. synchronous languages) and automatic verification tools (e.g. model checkers). Conventionally, the verification of a reactive system is imp ..."
Abstract

Cited by 9 (4 self)
 Add to MetaCart
Over the last decade, the increasing demand for the validation of safety critical systems lead to the development of domainspecific programming languages (e.g. synchronous languages) and automatic verification tools (e.g. model checkers). Conventionally, the verification of a reactive system is implemented by specifying a discrete model of the system (i.e. a finitestate machine) and then checking this model against temporal properties (e.g. using an automatabased tool). We investigate the use of a theorem prover, Coq, for the specification of infinite state systems and for the verification of coinductive properties.
CoLoR: a Coq library on wellfounded rewrite relations and its application to the automated verification of termination certificates
, 2010
"... ..."
Coq Modulo Theory
, 2010
"... Abstract. Coq Modulo Theory (CoqMT) is an extension of the Coq proof assistant incorporating, in its computational mechanism, validity entailment for userdefined firstorder equational theories. Such a mechanism strictly enriches the system (more terms are typable), eases the use of dependent types ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
Abstract. Coq Modulo Theory (CoqMT) is an extension of the Coq proof assistant incorporating, in its computational mechanism, validity entailment for userdefined firstorder equational theories. Such a mechanism strictly enriches the system (more terms are typable), eases the use of dependent types and provides more automation during the development of proofs. CoqMT improves over the Calculus of Congruent Inductive Constructions by getting rid of various restrictions and simplifying the typechecking algorithm and the integration of firstorder decision procedures. We present here CoqMT, and outline its metatheoretical study. We also give a brief description of our CoqMT implementation. 1