Results 11  20
of
80
The Warshall Algorithm and Dickson’s Lemma: Two Examples of Realistic Program Extraction
 Journal of Automated Reasoning
"... Abstract. By means of two wellknown examples it is demonstrated that the method of extracting programs from proofs is manageable in practice and may yield efficient programs. The Warshall algorithm computing the transitive closure of a relation is extracted from a constructive proof that repetition ..."
Abstract

Cited by 23 (7 self)
 Add to MetaCart
Abstract. By means of two wellknown examples it is demonstrated that the method of extracting programs from proofs is manageable in practice and may yield efficient programs. The Warshall algorithm computing the transitive closure of a relation is extracted from a constructive proof that repetitions in a path can always be avoided. Secondly, we extract a program from a classical (i.e. non constructive) proof of a special case of Dickson’s Lemma, by transforming the classical proof into a constructive one. These techniques (as well as the examples) are implemented in the interactive theorem prover Minlog developed at the University of Munich. 1.
Proof Transformations in HigherOrder Logic
, 1987
"... We investigate the problem of translating between different styles of proof systems in higherorder logic: analytic proofs which are well suited for automated theorem proving, and nonanalytic deductions which are well suited for the mathematician. Analytic proofs are represented as expansion proofs, ..."
Abstract

Cited by 21 (5 self)
 Add to MetaCart
We investigate the problem of translating between different styles of proof systems in higherorder logic: analytic proofs which are well suited for automated theorem proving, and nonanalytic deductions which are well suited for the mathematician. Analytic proofs are represented as expansion proofs, H, a form of the sequent calculus we define, nonanalytic proofs are represented by natural deductions. A nondeterministic translation algorithm between expansion proofs and Hdeductions is presented and its correctness is proven. We also present an algorithm for translation in the other direction and prove its correctness. A cutelimination algorithm for expansion proofs is given and its partial correctness is proven. Strong termination of this algorithm remains a conjecture for the full higherorder system, but is proven for the firstorder fragment. We extend the translations to a nonanalytic proof system which contains a primitive notion of equality, while leaving the notion of expansion proof unaltered. This is possible, since a nonextensional equality is definable in our system of type theory. Next we extend analytic and nonanalytic proof systems and the translations between them to include extensionality. Finally, we show how the methods and notions used so far apply to the problem of translating expansion proofs into natural deductions. Much care is taken to specify this translation in a
NuPRL’s class theory and its applications
 Foundations of Secure Computation, NATO ASI Series, Series F: Computer & System Sciences
, 2000
"... This article presents a theory of classes and inheritance built on top of constructive type theory. Classes are defined using dependent and very dependent function types that are found in the Nuprl constructive type theory. Inheritance is defined in terms of a general subtyping relation over the und ..."
Abstract

Cited by 15 (7 self)
 Add to MetaCart
This article presents a theory of classes and inheritance built on top of constructive type theory. Classes are defined using dependent and very dependent function types that are found in the Nuprl constructive type theory. Inheritance is defined in terms of a general subtyping relation over the underlying types. Among the basic types is the intersection type which plays a critical role in the applications because it provides a method of composing program components. The class theory is applied to defining algebraic structures such as monoids, groups, rings, etc. and relating them. It is also used to define communications protocols as infinite state automata. The article illustrates the role of these formal automata in defining the services of a distributed group communications system. In both applications the inheritance mechanisms allow reuse of proofs and the statement of general properties of system composition. 1
Presenting intuitive deductions via symmetric simplification
 In CADE10: Proceedings of the tenth international conference on Automated deduction
, 1990
"... In automated deduction systems that are intended for human use, the presentation of a proof is no less important than its discovery. For most of today’s automated theorem proving systems, this requires a nontrivial translation procedure to extract humanoriented deductions from machineoriented pro ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
In automated deduction systems that are intended for human use, the presentation of a proof is no less important than its discovery. For most of today’s automated theorem proving systems, this requires a nontrivial translation procedure to extract humanoriented deductions from machineoriented proofs. Previously known translation procedures, though complete, tend to produce unintuitive deductions. One of the major flaws in such procedures is that too often the rule of indirect proof is used where the introduction of a lemma would result in a shorter and more intuitive proof. We present an algorithm, symmetric simplification, for discovering useful lemmas in deductions of theorems in first and higherorder logic. This algorithm, which has been implemented in the TPS system, has the feature that resulting deductions may no longer have the weak subformula property. It is currently limited, however, in that it only generates lemmas of the form C ∨ ¬C ′ , where C and C ′ have the same negation normal form. 1
Reusing Software Developments
 In Proceedings of the 4th ACM SIGSOFT Symposium on Software Development Environments
, 1990
"... Software development environments of the future will be characterized by extensive reuse of previous work. This paper addresses the issue of reusability in the context in which design is achieved by the transformational development of formal specifications into efficient implementations. It explores ..."
Abstract

Cited by 14 (2 self)
 Add to MetaCart
Software development environments of the future will be characterized by extensive reuse of previous work. This paper addresses the issue of reusability in the context in which design is achieved by the transformational development of formal specifications into efficient implementations. It explores how an implementation of a modified specification can be realized by replaying the transformational derivation of the original and modifying it as required by changes made to the specification. Our approach is to structure derivations using the notion of tactics, and record derivation histories as an execution trace of the application of tactics. One key idea is that tactics are compositional: higher level tactics are constructed from more rudimentary using defined control primitives. This is similar to the approach used in LCF[12] and NuPRL[1, 8]. Given such a derivation history and a modified specification, the correspondence problem [21, 20] addresses how during replay a correspondence...
A MultiLevel Approach to program Synthesis
, 1998
"... We present an approach to a coherent program synthesis system which integrates a variety of interactively controlled and automated techniques from theorem proving and algorithm design at different levels of abstraction. Besides providing an overall view we summarize the individual research results ..."
Abstract

Cited by 13 (9 self)
 Add to MetaCart
We present an approach to a coherent program synthesis system which integrates a variety of interactively controlled and automated techniques from theorem proving and algorithm design at different levels of abstraction. Besides providing an overall view we summarize the individual research results achieved in the course of this development.
Foundations for the Implementation of HigherOrder Subtyping
, 1997
"... We show how to implement a calculus with higherorder subtyping and subkinding by replacing uses of implicit subsumption with explicit coercions. To ensure this can be done, a polymorphic function is adjusted to take, as an additional argument, a proof that its type constructor argument has the desi ..."
Abstract

Cited by 13 (6 self)
 Add to MetaCart
We show how to implement a calculus with higherorder subtyping and subkinding by replacing uses of implicit subsumption with explicit coercions. To ensure this can be done, a polymorphic function is adjusted to take, as an additional argument, a proof that its type constructor argument has the desired kind. Such a proof is extracted from the derivation of a kinding judgement and may in turn require proof coercions, which are extracted from subkinding judgements. This technique is formalized as a typedirected translation from a calculus of higherorder subtyping to a subtypingfree calculus. This translation generalizes an existing result for secondorder subtyping calculi (such as F ). We also discuss two interpretations of subtyping, one that views it as type inclusion and another that views it as the existence of a wellbehaved coercion, and we show, by a typetheoretic construction, that our translation is the minimum consequence of shifting from the inclusion interpretation to th...
Fundamentals of a TURING Test Approach to Validation
, 1997
"... This paper deals with the very fundamentals of a socalled "Turing Test Methodology" for expert system validation which was recently proposed by [KP96]. It is more intended to provide a firm basis for discussions among the engaged scientists than to become a conference contribution. For this purpose ..."
Abstract

Cited by 11 (7 self)
 Add to MetaCart
This paper deals with the very fundamentals of a socalled "Turing Test Methodology" for expert system validation which was recently proposed by [KP96]. It is more intended to provide a firm basis for discussions among the engaged scientists than to become a conference contribution. For this purpose, emphasis is put on a detailed and, perhaps, a little longwinded discussion, in some places. There might be future versions of this report to reflect the ongoing progress of the investigation. First, we survey several concepts of verification and validation. Our favoured concepts are lucidly characterized by the words that verification guarantees to build the system right whereas validation deals with building the right system. Next, we critically inspect the thoughtexperiment called the TURING test. It turns out that, although this approach may not be sufficient to reveal a system 's intelligence, it provides a suitable methodological background to certify a system's validity. The prin...
Program synthesis
 Automated Deduction  A Basis for Applications
, 1998
"... Since almost 30 years software production has to face two major problems: the cost of nonstandard software, caused by long development times and the constant need for maintenance, and a lack of confidence in the reliability of software. Recent accidents like the crash of KAL’s 747 in August 1997 or ..."
Abstract

Cited by 10 (1 self)
 Add to MetaCart
Since almost 30 years software production has to face two major problems: the cost of nonstandard software, caused by long development times and the constant need for maintenance, and a lack of confidence in the reliability of software. Recent accidents like the crash of KAL’s 747 in August 1997 or the
A logic of events
, 2003
"... There is a wellestablished theory and practice for creating correctbyconstruction functional programs by extracting them from constructive proofs of assertions of the form ∀x: A.∃y: B.R(x, y). There have been several efforts to extend this methodology to concurrent programs, say by using linear l ..."
Abstract

Cited by 10 (7 self)
 Add to MetaCart
There is a wellestablished theory and practice for creating correctbyconstruction functional programs by extracting them from constructive proofs of assertions of the form ∀x: A.∃y: B.R(x, y). There have been several efforts to extend this methodology to concurrent programs, say by using linear logic, but there is no practice and the results are limited. In this paper we define a logic of events that justifies the extraction of correct distributed processes from constructive proofs that system specifications are achievable, and we describe an implementation of an extraction process in the context of constructive type theory. We show that a class of message automata, similar to IO automata and to active objects, are realizers for this logic. We provide a relative consistency result for the logic. We show an example of protocol derivation in this logic, and show how to embed temporal logics such as T LA+ in the event logic. 1