Results 1  10
of
123
HigherOrder Modules and the Phase Distinction
 In Seventeenth ACM Symposium on Principles of Programming Languages
, 1990
"... Typed λcalculus is an important tool in programming language research because it provides an extensible framework for studying language features both in isolation and in their relation to each other. In earlier work we introduced a predicative function calculus, XML, for modeling several ..."
Abstract

Cited by 136 (25 self)
 Add to MetaCart
Typed &lambda;calculus is an important tool in programming language research because it provides an extensible framework for studying language features both in isolation and in their relation to each other. In earlier work we introduced a predicative function calculus, XML, for modeling several aspects of the Standard ML type system. Following MacQueen, our study focused on the use of dependent types to represent the modularity constructs of Standard ML. In addition to shedding some light on the tradeoffs between language features, our analysis suggested that the firstorder modules system of ML could be naturally extended to higher orders. However, whereas ML maintains a clear distinction between compiletime and runtime in both its implementation and formal semantics, the XML calculus blurs this distinction. Since static type checking is, in our view, essential to the practical utility of ML, we introduce a refinement of the XML calculus for which type checking is decidable at compile time....
Using Typed Lambda Calculus to Implement Formal Systems on a Machine
 Journal of Automated Reasoning
, 1992
"... this paper and the LF. In particular the idea of having an operator T : Prop ! Type appears already in De Bruijn's earlier work, as does the idea of having several judgements. The paper [24] describes the basic features of the LF. In this paper we are going to provide a broader illustration of ..."
Abstract

Cited by 92 (16 self)
 Add to MetaCart
(Show Context)
this paper and the LF. In particular the idea of having an operator T : Prop ! Type appears already in De Bruijn's earlier work, as does the idea of having several judgements. The paper [24] describes the basic features of the LF. In this paper we are going to provide a broader illustration of its applicability and discuss to what extent it is successful. The analysis (of the formal presentation) of a system carried out through encoding often illuminates the system itself. This paper will also deal with this phenomenon.
A Type System for Certified Binaries
, 2002
"... A certified binary is a value together with a proof that the value satisfies a given specification. Existing compilers that generate certified code have focused on simple memory and controlflow safety rather than more advanced properties. In this paper, we present a general framework for explicitly ..."
Abstract

Cited by 86 (10 self)
 Add to MetaCart
(Show Context)
A certified binary is a value together with a proof that the value satisfies a given specification. Existing compilers that generate certified code have focused on simple memory and controlflow safety rather than more advanced properties. In this paper, we present a general framework for explicitly representing complex propositions and proofs in typed intermediate and assembly languages. The new framework allows us to reason about certified programs that involve effects while still maintaining decidable typechecking. We show how to integrate an entire proof system (the calculus of inductive constructions) into a compiler intermediate language and how the intermediate language can undergo complex transformations (CPS and closure conversion) while preserving proofs represented in the type system. Our work provides a foundation for the process of automatically generating certified binaries in a typetheoretic framework.
Abstract predicates and mutable ADTs in Hoare type theory
 In Proc. ESOP’07, volume 4421 of LNCS
, 2007
"... Hoare Type Theory (HTT) combines a dependently typed, higherorder language with monadicallyencapsulated, stateful computations. The type system incorporates pre and postconditions, in a fashion similar to Hoare and Separation Logic, so that programmers can modularly specify the requirements and e ..."
Abstract

Cited by 51 (22 self)
 Add to MetaCart
Hoare Type Theory (HTT) combines a dependently typed, higherorder language with monadicallyencapsulated, stateful computations. The type system incorporates pre and postconditions, in a fashion similar to Hoare and Separation Logic, so that programmers can modularly specify the requirements and effects of computations within types. This paper extends HTT with quantification over abstract predicates (i.e., higherorder logic), thus embedding into HTT the Extended Calculus of Constructions. When combined with the Hoarelike specifications, abstract predicates provide a powerful way to define and encapsulate the invariants of private state; that is, state which may be shared by several functions, but is not accessible to their clients. We demonstrate this power by sketching a number of abstract data types and functions that demand ownership of mutable memory, including an idealized custom memory manager. 1
Subset coercions in Coq
 SpringerVerlag LNCS
"... Abstract. We propose a new language for writing programs with dependent types which can be elaborated into partial Coq terms. This language permits to establish a phase distinction between writing and proving algorithms in the Coq environment. Concretely, this means allowing to write algorithms as ..."
Abstract

Cited by 49 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We propose a new language for writing programs with dependent types which can be elaborated into partial Coq terms. This language permits to establish a phase distinction between writing and proving algorithms in the Coq environment. Concretely, this means allowing to write algorithms as easily as in a practical functional programming language whilst giving them as rich a specification as desired and proving that the code meets the specification using the whole Coq proof apparatus. This is achieved by extending conversion to an equivalence which relates types and subsets based on them, a technique originating from the “Predicate subtyping ” feature of PVS and following mathematical convention. The typing judgements can be translated to the Calculus of (Co)Inductive Constructions (Cic) by means of an interpretation which inserts coercions at the appropriate places. These coercions can contain existential variables representing the propositional parts of the final term, corresponding to proof obligations (or PVS typechecking conditions). A prototype implementation of this process is integrated with the Coq environment. 1
Inductively Generated Formal Topologies
"... Formal topology aims at developing general topology in intuitionistic and predicative mathematics. Many classical results of general topology have been already brought into the realm of constructive mathematics by using formal topology and also new light on basic topological notions was gained w ..."
Abstract

Cited by 48 (10 self)
 Add to MetaCart
Formal topology aims at developing general topology in intuitionistic and predicative mathematics. Many classical results of general topology have been already brought into the realm of constructive mathematics by using formal topology and also new light on basic topological notions was gained with this approach which allows distinction which are not sensible in classical topology. Here we give a systematic exposition of one of the main tools in formal topology: inductive generation. In fact, many formal topologies can be presented in a predicative way by an inductive generation and thus their properties can be proved inductively. We show however that some natural complete Heyting algebra cannot be inductively defined. Contents 1 The notion of formal topology 3 1.1 Concrete topological spaces . . . . . . . . . . . . . . . . . . . . . 3 1.2 Formal topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2 Three problems and their solution 7 2.1 Formal topologies wi...
Wellfounded Trees and Dependent Polynomial Functors
 OF LECTURE NOTES IN COMPUTER SCIENCE
, 2004
"... We set out to study the consequences of the assumption of types of wellfounded trees in dependent type theories. We do so by investigating the categorical notion of wellfounded tree introduced in [16]. Our main result shows that wellfounded trees allow us to define initial algebras for a wide class ..."
Abstract

Cited by 44 (6 self)
 Add to MetaCart
We set out to study the consequences of the assumption of types of wellfounded trees in dependent type theories. We do so by investigating the categorical notion of wellfounded tree introduced in [16]. Our main result shows that wellfounded trees allow us to define initial algebras for a wide class of endofunctors on locally cartesian closed categories.
General recursion via coinductive types
 Logical Methods in Computer Science
"... Vol. 1 (2:1) 2005, pp. 1–28 ..."
(Show Context)
A languagebased approach to functionally correct imperative programming
 IN PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON FUNCTIONAL PROGRAMMING (ICFP05
, 2005
"... In this paper a languagebased approach to functionally correct imperative programming is proposed. The approach is based on a programming language called RSP1, which combines dependent types, general recursion, and imperative features in a typesafe way, while preserving decidability of type checki ..."
Abstract

Cited by 35 (8 self)
 Add to MetaCart
In this paper a languagebased approach to functionally correct imperative programming is proposed. The approach is based on a programming language called RSP1, which combines dependent types, general recursion, and imperative features in a typesafe way, while preserving decidability of type checking. The methodology used is that of internal verification, where programs manipulate programmersupplied proofs explicitly as data. The fundamental technical idea of RSP1 is to identify problematic operations as impure, and keep them out of dependent types. The resulting language is powerful enough to verify statically nontrivial properties of imperative and functional programs. The paper presents the ideas through the examples of statically verified merge sort, statically verified imperative binary search trees, and statically verified directed acyclic graphs. This paper is an extended version of [30].