Results 1  10
of
76
Higherorder logic programming
 HANDBOOK OF LOGIC IN AI AND LOGIC PROGRAMMING, VOLUME 5: LOGIC PROGRAMMING. OXFORD (1998
"... ..."
HOL Light: A tutorial introduction
 Proceedings of the First International Conference on Formal Methods in ComputerAided Design (FMCAD’96), volume 1166 of Lecture Notes in Computer Science
, 1996
"... HOL Light is a new version of the HOL theorem prover. While retaining the reliability and programmability of earlier versions, it is more elegant, lightweight, powerful and automatic; it will be the basis for the Cambridge component of the HOL2000 initiative to develop the next generation of HOL th ..."
Abstract

Cited by 70 (9 self)
 Add to MetaCart
HOL Light is a new version of the HOL theorem prover. While retaining the reliability and programmability of earlier versions, it is more elegant, lightweight, powerful and automatic; it will be the basis for the Cambridge component of the HOL2000 initiative to develop the next generation of HOL theorem provers. HOL Light is written in CAML Light, and so will run well even on small machines, e.g. PCs and Macintoshes with a few megabytes of RAM. This is in stark contrast to the resourcehungry systems which are the norm in this field, other versions of HOL included. Among the new features of this version are a powerful simplifier, effective first order automation, simple higherorder matching and very general support for inductive and recursive definitions.
Specifying and Implementing Theorem Provers in a HigherOrder Logic Programming Language
, 1989
"... We argue that a logic programming language with a higherorder intuitionistic logic as its foundation can be used both to naturally specify and implement theorem provers. The language extends traditional logic programming languages by replacing firstorder terms with simplytyped λterms, replacing ..."
Abstract

Cited by 46 (7 self)
 Add to MetaCart
We argue that a logic programming language with a higherorder intuitionistic logic as its foundation can be used both to naturally specify and implement theorem provers. The language extends traditional logic programming languages by replacing firstorder terms with simplytyped λterms, replacing firstorder unification with higherorder unification, and allowing implication and universal quantification in queries and the bodies of clauses. Inference rules for a variety of proof systems can be naturally specified in this language. The higherorder features of the language contribute to a concise specification of provisos concerning variable occurrences in formulas and the discharge of assumptions present in many proof systems. In addition, abstraction in metaterms allows the construction of terms representing object level proofs which capture the notions of abstractions found in many proof systems. The operational interpretations of the connectives of the language provide a set of basic search operations which describe goaldirected search for proofs. To emphasize the generality of the metalanguage, we compare it to another general specification language: the Logical Framework (LF). We describe a translation which compiles a specification of a logic in LF to a set of formulas of our metalanguage, and
Structured Proofs in Isar/HOL
 Types for Proofs and Programs (TYPES 2002), LNCS 2646
, 2003
"... Abstract. Isar is an extension of the theorem prover Isabelle with a language for writing humanreadable structured proofs. This paper is an introduction to the basic constructs of this language. 1 ..."
Abstract

Cited by 38 (7 self)
 Add to MetaCart
Abstract. Isar is an extension of the theorem prover Isabelle with a language for writing humanreadable structured proofs. This paper is an introduction to the basic constructs of this language. 1
A Notation for Lambda Terms I: A Generalization of Environments
 THEORETICAL COMPUTER SCIENCE
, 1994
"... A notation for lambda terms is described that is useful in contexts where the intensions of these terms need to be manipulated. This notation uses the scheme of de Bruijn for eliminating variable names, thus obviating ffconversion in comparing terms. This notation also provides for a class of terms ..."
Abstract

Cited by 33 (12 self)
 Add to MetaCart
A notation for lambda terms is described that is useful in contexts where the intensions of these terms need to be manipulated. This notation uses the scheme of de Bruijn for eliminating variable names, thus obviating ffconversion in comparing terms. This notation also provides for a class of terms that can encode other terms together with substitutions to be performed on them. The notion of an environment is used to realize this `delaying' of substitutions. The precise mechanism employed here is, however, more complex than the usual environment mechanism because it has to support the ability to examine subterms embedded under abstractions. The representation presented permits a ficontraction to be realized via an atomic step that generates a substitution and associated steps that percolate this substitution over the structure of a term. The operations on terms that are described also include ones for combining substitutions so that they might be performed simultaneously. Our notatio...
An industrially effective environment for formal hardware verification
 IEEE Transactions on ComputerAided Design of Integrated Circuits and Systems
, 2005
"... This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyrig ..."
Abstract

Cited by 32 (5 self)
 Add to MetaCart
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Floating point verification in HOL Light: the exponential function
 UNIVERSITY OF CAMBRIDGE COMPUTER LABORATORY
, 1997
"... Since they often embody compact but mathematically sophisticated algorithms, operations for computing the common transcendental functions in floating point arithmetic seem good targets for formal verification using a mechanical theorem prover. We discuss some of the general issues that arise in veri ..."
Abstract

Cited by 31 (6 self)
 Add to MetaCart
Since they often embody compact but mathematically sophisticated algorithms, operations for computing the common transcendental functions in floating point arithmetic seem good targets for formal verification using a mechanical theorem prover. We discuss some of the general issues that arise in verifications of this class, and then present a machinechecked verification of an algorithm for computing the exponential function in IEEE754 standard binary floating point arithmetic. We confirm (indeed strengthen) the main result of a previously published error analysis, though we uncover a minor error in the hand proof and are forced to confront several subtle issues that might easily be overlooked informally. The development described here includes, apart from the proof itself, a formalization of IEEE arithmetic, a mathematical semantics for the programming language in which the algorithm is expressed, and the body of pure mathematics needed. All this is developed logically from first prin...
A Trustworthy Proof Checker
 IN ILIANO CERVESATO, EDITOR, WORKSHOP ON THE FOUNDATIONS OF COMPUTER SECURITY
, 2002
"... ProofCarrying Code (PCC) and other applications in computer security require machinecheckable proofs of properties of machinelanguage programs. The main advantage of the PCC approach is that the amount of code that must be explicitly trusted is very small: it consists of the logic in which predic ..."
Abstract

Cited by 29 (7 self)
 Add to MetaCart
ProofCarrying Code (PCC) and other applications in computer security require machinecheckable proofs of properties of machinelanguage programs. The main advantage of the PCC approach is that the amount of code that must be explicitly trusted is very small: it consists of the logic in which predicates and proofs are expressed, the safety predicate, and the proof checker. We have built a minimal proof checker, and we explain its design principles, and the representation issues of the logic, safety predicate, and safety proofs. We show that the trusted computing base (TCB) in such a system can indeed be very small. In our current system the TCB is less than 2,700 lines of code (an order of magnitude smaller even than other PCC systems) which adds to our confidence of its correctness.
The Refinement Calculator: Proof Support for Program Refinement
 Formal Methods Pacific ’97
, 1997
"... . We describe the Refinement Calculator, a tool which supports ..."
Abstract

Cited by 27 (2 self)
 Add to MetaCart
. We describe the Refinement Calculator, a tool which supports
A FineGrained Notation for Lambda Terms and Its Use in Intensional Operations
 Journal of Functional and Logic Programming
, 1996
"... We discuss issues relevant to the practical use of a previously proposed notation for lambda terms in contexts where the intensions of such terms have to be manipulated. This notation uses the `nameless' scheme of de Bruijn, includes expressions for encoding terms together with substitutions to be p ..."
Abstract

Cited by 25 (9 self)
 Add to MetaCart
We discuss issues relevant to the practical use of a previously proposed notation for lambda terms in contexts where the intensions of such terms have to be manipulated. This notation uses the `nameless' scheme of de Bruijn, includes expressions for encoding terms together with substitutions to be performed on them and contains a mechanism for combining such substitutions so that they can be effected in a common structure traversal. The combination mechanism is a general one and consequently difficult to implement. We propose a simplification to it that retains its functionality in situations that occur commonly in fireduction. We then describe a system for annotating terms to determine if they can be affected by substitutions generated by external ficontractions. These annotations can lead to a conservation of space and time in implementations of reduction by permitting substitutions to be performed trivially in certain situations. The use of the resulting notation in the reduction...