Results 1  10
of
25
The Theory of LEGO  A Proof Checker for the Extended Calculus of Constructions
, 1994
"... LEGO is a computer program for interactive typechecking in the Extended Calculus of Constructions and two of its subsystems. LEGO also supports the extension of these three systems with inductive types. These type systems can be viewed as logics, and as meta languages for expressing logics, and LEGO ..."
Abstract

Cited by 68 (10 self)
 Add to MetaCart
LEGO is a computer program for interactive typechecking in the Extended Calculus of Constructions and two of its subsystems. LEGO also supports the extension of these three systems with inductive types. These type systems can be viewed as logics, and as meta languages for expressing logics, and LEGO is intended to be used for interactively constructing proofs in mathematical theories presented in these logics. I have developed LEGO over six years, starting from an implementation of the Calculus of Constructions by G erard Huet. LEGO has been used for problems at the limits of our abilities to do formal mathematics. In this thesis I explain some aspects of the metatheory of LEGO's type systems leading to a machinechecked proof that typechecking is decidable for all three type theories supported by LEGO, and to a verified algorithm for deciding their typing judgements, assuming only that they are normalizing. In order to do this, the theory of Pure Type Systems (PTS) is extended and f...
Programming with Intersection Types and Bounded Polymorphism
, 1991
"... representing the official policies, either expressed or implied, of the U.S. Government. ..."
Abstract

Cited by 67 (4 self)
 Add to MetaCart
representing the official policies, either expressed or implied, of the U.S. Government.
Semantics of Types for Mutable State
, 2004
"... Proofcarrying code (PCC) is a framework for mechanically verifying the safety of machine language programs. A program that is successfully verified by a PCC system is guaranteed to be safe to execute, but this safety guarantee is contingent upon the correctness of various trusted components. For in ..."
Abstract

Cited by 55 (5 self)
 Add to MetaCart
Proofcarrying code (PCC) is a framework for mechanically verifying the safety of machine language programs. A program that is successfully verified by a PCC system is guaranteed to be safe to execute, but this safety guarantee is contingent upon the correctness of various trusted components. For instance, in traditional PCC systems the trusted computing base includes a large set of lowlevel typing rules. Foundational PCC systems seek to minimize the size of the trusted computing base. In particular, they eliminate the need to trust complex, lowlevel type systems by providing machinecheckable proofs of type soundness for real machine languages. In this thesis, I demonstrate the use of logical relations for proving the soundness of type systems for mutable state. Specifically, I focus on type systems that ensure the safe allocation, update, and reuse of memory. For each type in the language, I define logical relations that explain the meaning of the type in terms of the operational semantics of the language. Using this model of types, I prove each typing rule as a lemma. The major contribution is a model of System F with general references — that is, mutable cells that can hold values of any closed type including other references, functions, recursive types, and impredicative quantified types. The model is based on ideas from both possible worlds and the indexed model of Appel and McAllester. I show how the model of mutable references is encoded in higherorder logic. I also show how to construct an indexed possibleworlds model for a von Neumann machine. The latter is used in the Princeton Foundational PCC system to prove type safety for a fullfledged lowlevel typed assembly language. Finally, I present a semantic model for a region calculus that supports typeinvariant references as well as memory reuse. iii
Inductively Defined Types in the Calculus of Constructions
 IN: PROCEEDINGS OF THE FIFTH CONFERENCE ON THE MATHEMATICAL FOUNDATIONS OF PROGRAMMING SEMANTICS. SPRINGER VERLAG LNCS
, 1989
"... We define the notion of an inductively defined type in the Calculus of Constructions and show how inductively defined types can be represented by closed types. We show that all primitive recursive functionals over these inductively defined types are also representable. This generalizes work by Böhm ..."
Abstract

Cited by 43 (2 self)
 Add to MetaCart
We define the notion of an inductively defined type in the Calculus of Constructions and show how inductively defined types can be represented by closed types. We show that all primitive recursive functionals over these inductively defined types are also representable. This generalizes work by Böhm & Berarducci on synthesis of functions on term algebras in the secondorder polymorphiccalculus (F2). We give several applications of this generalization, including a representation of F2programs in F3, along with a definition of functions reify, reflect, and eval for F2 in F3. We also show how to define induction over inductively defined types and sketch some results that show that the extension of the Calculus of Construction by induction principles does not alter the set of functions in its computational fragment, F!. This is because a proof by induction can be realized by primitive recursion, which is already de nable in F!.
General recursion via coinductive types
 Logical Methods in Computer Science
"... Vol. 1 (2:1) 2005, pp. 1–28 ..."
Total Functional Programming
 Journal of Universal Computer Science
, 2004
"... We now define the notion, already discussed, of an effectively calculable function of positive integers by identifying it with the notion of a recursive function of positive integers (or of a lambdadefinable function of positive integers). The phrase in parentheses refers to the apparatus which Chur ..."
Abstract

Cited by 29 (1 self)
 Add to MetaCart
We now define the notion, already discussed, of an effectively calculable function of positive integers by identifying it with the notion of a recursive function of positive integers (or of a lambdadefinable function of positive integers). The phrase in parentheses refers to the apparatus which Church had developed to investigate this and other problems in the foundations of mathematics: the calculus of lambda conversion. Both the Thesis and the lambda calculus have been of seminal influence on the development of Computing Science. The main subject of this article is the lambda calculus but I will begin with a brief sketch of the emergence of the Thesis. The epistemological status of Church’s Thesis is not immediately clear from the above quotation and remains a matter of debate, as is explored in other papers of this volume. My own view, which I will state but not elaborate here, is that the thesis is empirical because it relies for its significance on a claim about what can be calculated by mechanisms. This becomes clearer in
Nested General Recursion and Partiality in Type Theory
 Theorem Proving in Higher Order Logics: 14th International Conference, TPHOLs 2001, volume 2152 of Lecture Notes in Computer Science
, 2000
"... We extend Bove's technique for formalising simple general recursive algorithms in constructive type theory to nested recursive algorithms. The method consists in defining an inductive specialpurpose accessibility predicate, that characterises the inputs on which the algorithm terminates. As a resul ..."
Abstract

Cited by 24 (10 self)
 Add to MetaCart
We extend Bove's technique for formalising simple general recursive algorithms in constructive type theory to nested recursive algorithms. The method consists in defining an inductive specialpurpose accessibility predicate, that characterises the inputs on which the algorithm terminates. As a result, the typetheoretic version of the algorithm can be defined by structural recursion on the proof that the input values satisfy this predicate. This technique results in definitions in which the computational and logical parts are clearly separated; hence, the typetheoretic version of the algorithm is given by its purely functional content, similarly to the corresponding program in a functional programming language. In the case of nested recursion, the special predicate and the typetheoretic algorithm must be defined simultaneously, because they depend on each other. This kind of definitions is not allowed in ordinary type theory, but it is provided in type theories extended wit...
Open Proofs and Open Terms: A Basis for Interactive Logic
 COMPUTER SCIENCE LOGIC: 16TH INTERNATIONAL WORKSHOP, CLS 2002, LECTURE NOTES IN COMPUTER SCIENCE 2471 (2002
, 2002
"... When proving a theorem, one makes intermediate claims, leaving parts temporarily unspecified. These `open' parts may be proofs but also terms. In interactive theorem proving systems, one prominently deals with these `unfinished proofs' and `open terms'. We study these `open phenomena' from the point ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
When proving a theorem, one makes intermediate claims, leaving parts temporarily unspecified. These `open' parts may be proofs but also terms. In interactive theorem proving systems, one prominently deals with these `unfinished proofs' and `open terms'. We study these `open phenomena' from the point of view of logic. This amounts to finding a correctness criterion for `unfinished proofs' (where some parts may be left open, but the logical steps that have been made are still correct). Furthermore we want to capture the notion of `proof state'. Proof states are the objects that interactive theorem provers operate on and we want to understand them in terms of logic. In this paper we define `open higher order predicate logic', an extension of higher order logic with unfinished (open) proofs and open terms. Then we define a type theoretic variant of this open higher order logic together with a formulasastypes embedding from open higher order logic to this type theory. We show how this type theory nicely captures the notion of `proof state', which is now a typetheoretic context.
A Coq formalization of a Type Checker for Object Initialization in the Java Virtual Machine
, 2000
"... We worked on a type system proposed in [11] to enforce a discipline for object initialization in the Java Virtual Machine language, to show how this type system could be implemented in the Coq proof and specification language. We used this description both to prove the theorems of [11] and to constr ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
We worked on a type system proposed in [11] to enforce a discipline for object initialization in the Java Virtual Machine language, to show how this type system could be implemented in the Coq proof and specification language. We used this description both to prove the theorems of [11] and to construct an effective verifier for this discipline.