Results 1 
9 of
9
Coinductive Axiomatization of a Synchronous Language
 In Proceedings of Theorem Proving in Higher Order Logics (TPHOLs'98), number 1479 in LNCS
, 1998
"... Over the last decade, the increasing demand for the validation of safety critical systems lead to the development of domainspecific programming languages (e.g. synchronous languages) and automatic verification tools (e.g. model checkers). Conventionally, the verification of a reactive system is imp ..."
Abstract

Cited by 10 (4 self)
 Add to MetaCart
Over the last decade, the increasing demand for the validation of safety critical systems lead to the development of domainspecific programming languages (e.g. synchronous languages) and automatic verification tools (e.g. model checkers). Conventionally, the verification of a reactive system is implemented by specifying a discrete model of the system (i.e. a finitestate machine) and then checking this model against temporal properties (e.g. using an automatabased tool). We investigate the use of a theorem prover, Coq, for the specification of infinite state systems and for the verification of coinductive properties.
Beating the Productivity Checker Using Embedded Languages
"... Abstract. Some total languages, like Agda and Coq, allow the use of guarded corecursion to construct infinite values and proofs. Guarded corecursion is a form of recursion in which arbitrary recursive calls are allowed, as long as they are guarded by a coinductive constructor. Guardedness ensures th ..."
Abstract

Cited by 10 (3 self)
 Add to MetaCart
Abstract. Some total languages, like Agda and Coq, allow the use of guarded corecursion to construct infinite values and proofs. Guarded corecursion is a form of recursion in which arbitrary recursive calls are allowed, as long as they are guarded by a coinductive constructor. Guardedness ensures that programs are productive, i.e. that every finite prefix of an infinite value can be computed in finite time. However, many productive programs are not guarded, and it can be nontrivial to put them in guarded form. This paper gives a method for turning a productive program into a guarded program. The method amounts to defining a problemspecific language as a data type, writing the program in the problemspecific language, and writing a guarded interpreter for this language. 1
The synchronous hypothesis and synchronous languages, in "Embedded Systems Handbook
, 2005
"... The design of electronic Embedded Systems relies on a number of different engineering disciplines. As the domain becomes ever more important, both in theoretical challenges and in industrial relevance, it has drawn a considerable attention in recent years, with a number of proposals for formalisms, ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
(Show Context)
The design of electronic Embedded Systems relies on a number of different engineering disciplines. As the domain becomes ever more important, both in theoretical challenges and in industrial relevance, it has drawn a considerable attention in recent years, with a number of proposals for formalisms, languages and models to help support the design flow. In this article we shall describe Synchronous Reactive languages, which emerged as early as the 1980’s decade, and are now gaining increasing recognition for their modeling adequacy to embedded systems. 1
ΠΣ: Dependent Types without the Sugar
"... Abstract. The recent success of languages like Agda and Coq demonstrates the potential of using dependent types for programming. These systems rely on many highlevel features like datatype definitions, pattern matching and implicit arguments to facilitate the use of the languages. However, these fe ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
Abstract. The recent success of languages like Agda and Coq demonstrates the potential of using dependent types for programming. These systems rely on many highlevel features like datatype definitions, pattern matching and implicit arguments to facilitate the use of the languages. However, these features complicate the metatheoretical study and are a potential source of bugs. To address these issues we introduce ΠΣ, a dependently typed core language. It is small enough for metatheoretical study and the type checker is small enough to be formally verified. In this language there is only one mechanism for recursion—used for types, functions and infinite objects— and an explicit mechanism to control unfolding, based on lifted types. Furthermore structural equality is used consistently for values and types; this is achieved by a new notion of αequality for recursive definitions. We show, by translating several highlevel constructions, that ΠΣ is suitable as a core language for dependently typed programming. 1
Mixing Induction and Coinduction
, 2009
"... Purely inductive definitions give rise to treeshaped values where all branches have finite depth, and purely coinductive definitions give rise to values where all branches are potentially infinite. If this is too restrictive, then an alternative is to use mixed induction and coinduction. This techn ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Purely inductive definitions give rise to treeshaped values where all branches have finite depth, and purely coinductive definitions give rise to values where all branches are potentially infinite. If this is too restrictive, then an alternative is to use mixed induction and coinduction. This technique appears to be fairly unknown. The aim of this paper is to make the technique more widely known, and to present several new applications of it, including a parser combinator library which guarantees termination of parsing, and a method for combining coinductively defined inference systems with rules like transitivity. The developments presented in the paper have been formalised and checked in Agda, a dependently typed programming language and proof assistant.
Subtyping, Declaratively An Exercise in Mixed Induction and Coinduction
"... Abstract. It is natural to present subtyping for recursive types coinductively. However, Gapeyev, Levin and Pierce have noted that there is a problem with coinductive definitions of nontrivial transitive inference systems: they cannot be “declarative”—as opposed to “algorithmic ” or syntaxdirected ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Abstract. It is natural to present subtyping for recursive types coinductively. However, Gapeyev, Levin and Pierce have noted that there is a problem with coinductive definitions of nontrivial transitive inference systems: they cannot be “declarative”—as opposed to “algorithmic ” or syntaxdirected—because coinductive inference systems with an explicit rule of transitivity are trivial. We propose a solution to this problem. By using mixed induction and coinduction we define an inference system for subtyping which combines the advantages of coinduction with the convenience of an explicit rule of transitivity. The definition uses coinduction for the structural rules, and induction for the rule of transitivity. We also discuss under what conditions this technique can be used when defining other inference systems. The developments presented in the paper have been mechanised using Agda, a dependently typed programming language and proof assistant. 1
A Complete Coinductive Logical System for Bisimulation Equivalence on Circular Objects
 in FoSSaCS'99 (ETAPS) Conf. Proc., W.Thomas ed., Springer LNCS 1578
, 1983
"... We introduce a coinductive logical system à la Gentzen for establishing bisimulation equivalences on circular nonwellfounded regular objects, inspired by work of Coquand, and of Brandt and Henglein. In order to describe circular objects, we utilize a typed language, whose coinductive types involve ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
We introduce a coinductive logical system à la Gentzen for establishing bisimulation equivalences on circular nonwellfounded regular objects, inspired by work of Coquand, and of Brandt and Henglein. In order to describe circular objects, we utilize a typed language, whose coinductive types involve disjoint sum, cartesian product, and finite powerset constructors. Our system is shown to be complete with respect to a maximal fixed point semantics. It is shown to be complete also with respect to an equivalent final semantics. In this latter semantics, terms are viewed as points of a coalgebra for a suitable endofunctor on the category Set of nonwellfounded sets. Our system subsumes an axiomatization of regular processes, alternative to the classical one given by Milner.
To My Parents
"... Written under the supervision of Professor JeanPierre Jouannaud and Professor Jerzy Tiuryn ..."
Abstract
 Add to MetaCart
(Show Context)
Written under the supervision of Professor JeanPierre Jouannaud and Professor Jerzy Tiuryn
Productive Infinite Objects via Copatterns
"... Inductive data such as lists and trees is modeled categorytheoretically as algebra where construction is the primary concept and elimination is obtained by initiality. In a more practical setting, functions are programmed by pattern matching on inductive data. Dually, coinductive structures such ..."
Abstract
 Add to MetaCart
(Show Context)
Inductive data such as lists and trees is modeled categorytheoretically as algebra where construction is the primary concept and elimination is obtained by initiality. In a more practical setting, functions are programmed by pattern matching on inductive data. Dually, coinductive structures such as streams and processes are modeled as coalgebras where destruction (or transition) is primary and construction rests on finality [Hag87]. Due to the coincidence of least and greatest fixedpoint types [SP82] in lazy languages such as Haskell, the distinction between inductive and coinductive types is blurred in partial functional programming. As a consequence, coinductive structures are treated just as infinitely deep (or, nonwellfounded) trees, and pattern matching on coinductive data is the dominant programming style. In total functional programming, which is underlying the dependentlytyped proof assistants Coq [INR12] and Agda [Nor07], the distinction between induction and coinduction is vital for the soundness, and pattern matching on coinductive data leads to the loss of subject reduction [Gim96]. Further, in terms of expressive power, the productivity checker for definitions by coinduction lacks behind the termination checker for inductively defined functions.