Results 21  30
of
67
On Extensibility of Proof Checkers
 in Dybjer, Nordstrom and Smith (eds), Types for Proofs and Programs: International Workshop TYPES'94, Bastad
, 1995
"... This paper is about mechanical checking of formal mathematics. Given some formal system, we want to construct derivations in that system, or check the correctness of putative derivations; our job is not to ascertain truth (that is the job of the designer of our formal system), but only proof. Howeve ..."
Abstract

Cited by 10 (2 self)
 Add to MetaCart
(Show Context)
This paper is about mechanical checking of formal mathematics. Given some formal system, we want to construct derivations in that system, or check the correctness of putative derivations; our job is not to ascertain truth (that is the job of the designer of our formal system), but only proof. However, we are quite rigid about this: only a derivation in our given formal system will do; nothing else counts as evidence! Thus it is not a collection of judgements (provability), or a consequence relation [Avr91] (derivability) we are interested in, but the derivations themselves; the formal system used to present a logic is important. This viewpoint seems forced on us by our intention to actually do formal mathematics. There is still a question, however, revolving around whether we insist on objects that are immediately recognisable as proofs (direct proofs), or will accept some metanotations that only compute to proofs (indirect proofs). For example, we informally refer to previously proved results, lemmas and theorems, without actually inserting the texts of their proofs in our argument. Such an argument could be made into a direct proof by replacing all references to previous results by their direct proofs, so it might be accepted as a kind of indirect proof. In fact, even for very simple formal systems, such an indirect proof may compute to a very much bigger direct proof, and if we will only accept a fully expanded direct proof (in a mechanical proof checker for example), we will not be able to do much mathematics. It is well known that this notion of referring to previous results can be internalized in a logic as a cut rule, or Modus Ponens. In a logic containing a cut rule, proofs containing cuts are considered direct proofs, and can be directly accepted by a proof ch...
Verifying mixed realinteger quantifier elimination
 IJCAR 2006, LNCS 4130
, 2006
"... We present a formally verified quantifier elimination procedure for the first order theory over linear mixed realinteger arithmetics in higherorder logic based on a work by Weispfenning. To this end we provide two verified quantifier elimination procedures: for Presburger arithmitics and for lin ..."
Abstract

Cited by 9 (5 self)
 Add to MetaCart
We present a formally verified quantifier elimination procedure for the first order theory over linear mixed realinteger arithmetics in higherorder logic based on a work by Weispfenning. To this end we provide two verified quantifier elimination procedures: for Presburger arithmitics and for linear real arithmetics.
Proof Synthesis and Reflection for Linear Arithmetic
 J. OF AUT. REASONING
"... This article presents detailed implementations of quantifier elimination for both integer and real linear arithmetic for theorem provers. The underlying algorithms are those by Cooper (for Z) and by Ferrante and Rackoff (for R). Both algorithms are realized in two entirely different ways: once in t ..."
Abstract

Cited by 9 (5 self)
 Add to MetaCart
(Show Context)
This article presents detailed implementations of quantifier elimination for both integer and real linear arithmetic for theorem provers. The underlying algorithms are those by Cooper (for Z) and by Ferrante and Rackoff (for R). Both algorithms are realized in two entirely different ways: once in tactic style, i.e. by a proofproducing functional program, and once by reflection, i.e. by computations inside the logic rather than in the metalanguage. Both formalizations are generic because they make only minimal assumptions w.r.t. the underlying logical system and theorem prover. An implementation in Isabelle/HOL shows that the reflective approach is between one and two orders of magnitude faster.
Formalised Cut Admissibility for Display Logic
 In Proc. TPHOLS'02, LNCS 2410, 131147
, 2002
"... We use a deep embedding of the display calculus for relation algebras RA in the logical framework Isabelle/HOL to formalise a machinechecked proof of cutadmissibility for RA. Unlike other "implementations ", we explicitly formalise the structural induction in Isabelle /HOL and believ ..."
Abstract

Cited by 8 (3 self)
 Add to MetaCart
We use a deep embedding of the display calculus for relation algebras RA in the logical framework Isabelle/HOL to formalise a machinechecked proof of cutadmissibility for RA. Unlike other "implementations ", we explicitly formalise the structural induction in Isabelle /HOL and believe this to be the first full formalisation of cutadmissibility in the presence of explicit structural rules.
Lightweight proof by reflection using a posteriori simulation of effectful computation
"... Abstract. Proofbyreflection is a wellestablished technique that employs decision procedures to reduce the size of proofterms. Currently, decision procedures can be written either in Type Theory—in a purely functional way that also ensures termination — or in an effectful programming language, ..."
Abstract

Cited by 6 (5 self)
 Add to MetaCart
(Show Context)
Abstract. Proofbyreflection is a wellestablished technique that employs decision procedures to reduce the size of proofterms. Currently, decision procedures can be written either in Type Theory—in a purely functional way that also ensures termination — or in an effectful programming language, where they are used as oracles for the certified checker. The first option offers strong correctness guarantees, while the second one permits more efficient implementations. We propose a novel technique for proofbyreflection that marries, in Type Theory, an effectful language with (partial) proofs of correctness. The key to our approach is to use simulable monads, where a monad is simulable if, for all terminating reduction sequences in its equivalent effectful computational model, there exists a witness from which the same reduction may be simulated a posteriori by the monad. We encode several examples using simulable monads and demonstrate the advantages of the technique over previous approaches. 1
A reflective extension of ELAN
 Electronic Notes in Theoretical Computer Science
, 1996
"... The expressivity of rewriting logic as metalogic has been already convincingly illustrated. The goal of this paper is to explore the reflective capabilities of ELAN, a language based on the concepts of computational systems and rewriting logic. We define a universal theory for the class of ELAN pro ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
(Show Context)
The expressivity of rewriting logic as metalogic has been already convincingly illustrated. The goal of this paper is to explore the reflective capabilities of ELAN, a language based on the concepts of computational systems and rewriting logic. We define a universal theory for the class of ELAN programs and the representation function associated to this universal theory. Then we detail the effective transformations to implement and propose the definition of two builtin modules that provide the last step to get the reflective capabilities we want for the ELAN system. 1
S.: Proofproducing synthesis of ML from higherorder logic
 International Conference on Functional Programming (ICFP). ACM (2012
"... The higherorder logic found in proof assistants such as Coq and various HOL systems provides a convenient setting for the development and verification of pure functional programs. However, to efficiently run these programs, they must be converted (or “extracted”) to functional programs in a program ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
(Show Context)
The higherorder logic found in proof assistants such as Coq and various HOL systems provides a convenient setting for the development and verification of pure functional programs. However, to efficiently run these programs, they must be converted (or “extracted”) to functional programs in a programming language such as ML or Haskell. With current techniques, this step, which must be trusted, relates similar looking objects that have very different semantic definitions, such as the settheoretic model of a logic and the operational semantics of a programming language. In this paper, we show how to increase the trustworthiness of this step with an automated technique. Given a functional program expressed in higherorder logic, our technique provides the corresponding program for a functional language defined with an operational semantics, and it provides a mechanically checked theorem relating the two. This theorem can then be used to transfer verified properties of the logical function to the program. We have implemented our technique in the HOL4 theorem prover, translating functions to a core subset of Standard ML, and have applied it to examples including functional data structures, a parser generator, cryptographic algorithms, and a garbage collector.
Generic proof synthesis for Presburger arithmetic
, 2003
"... We develop in complete detail an extension of Cooper’s decision procedure for Presburger arithmetic that returns a proof of the equivalence of the input formula to a quantifierfree formula. For closed input formulae this is a proof of their validity or unsatisfiability. The algorithm is formulated ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
(Show Context)
We develop in complete detail an extension of Cooper’s decision procedure for Presburger arithmetic that returns a proof of the equivalence of the input formula to a quantifierfree formula. For closed input formulae this is a proof of their validity or unsatisfiability. The algorithm is formulated as a functional program that makes only very minimal assumptions w.r.t. the underlying logical system and is therefore easily adaptable to specific theorem provers.
Directly reflective metaprogramming
 HigherOrder and Symbolic Computation
, 2010
"... Existing metaprogramming languages operate on encodings of programs as data. This paper presents a new metaprogramming language, based on an untyped lambda calculus, in which structurally reflective programming is supported directly, without any encoding. The language features callbyvalue and ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
(Show Context)
Existing metaprogramming languages operate on encodings of programs as data. This paper presents a new metaprogramming language, based on an untyped lambda calculus, in which structurally reflective programming is supported directly, without any encoding. The language features callbyvalue and callbyname lambda abstractions, as well as novel reflective features enabling the intensional manipulation of arbitrary program terms. The language is scope safe, in the sense that variables can neither be captured nor escape their scopes. The expressiveness of the language is demonstrated by showing how to implement quotation and evaluation operations, as proposed by Wand. The language’s utility for metaprogramming is further demonstrated through additional representative examples. A prototype implementation is described and evaluated.
Case Studies in MetaLevel Theorem Proving
 PROC. INTL. CONF. ON THEOREM PROVING IN HIGHER ORDER LOGICS (TPHOLS), LECTURE
, 1998
"... We describe an extension of the Pvs system that provides a reasonably efficient and practical notion of reflection and thus allows for soundly adding formalized and verified new proof procedures. These proof procedures work on representations of a part of the underlying logic and their correct ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
(Show Context)
We describe an extension of the Pvs system that provides a reasonably efficient and practical notion of reflection and thus allows for soundly adding formalized and verified new proof procedures. These proof procedures work on representations of a part of the underlying logic and their correctness is expressed at the object level using a computational reflection function. The implementation of the Pvs system has been extended with an efficient evaluation mechanism, since the practicality of the approach heavily depends on careful engineering of the core system, including efficient normalization of functional expressions. We exemplify the process of applying metalevel proof procedures with a detailed description of the encoding of cancellation in commutative monoids and of the kernel of a BDD package.