Results 1 
5 of
5
HOL Light Tutorial (for version 2.20
, 2006
"... The HOL Light theorem prover can be difficult to get started with. While the manual is fairly detailed and comprehensive, the large amount of background information that has to be absorbed before the user can do anything interesting is intimidating. Here we give an alternative ‘quick start ’ guide, ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
The HOL Light theorem prover can be difficult to get started with. While the manual is fairly detailed and comprehensive, the large amount of background information that has to be absorbed before the user can do anything interesting is intimidating. Here we give an alternative ‘quick start ’ guide, aimed at teaching basic use of the system quickly by means of a graded set of examples. Some readers may find it easier to absorb; those who do not are referred after all to the standard manual. “Shouldn’t we read the instructions?”
HOL Light Tutorial (for version 2.20). http://www.cl.cam.ac.uk/ jrh13/hollight/tutorial 220.pdf
"... The HOL Light theorem prover can be difficult to get started with. While the manual is fairly detailed and comprehensive, the large amount of background information that has to be absorbed before the user can do anything interesting is intimidating. Here we give an alternative ‘quick start ’ guide, ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
The HOL Light theorem prover can be difficult to get started with. While the manual is fairly detailed and comprehensive, the large amount of background information that has to be absorbed before the user can do anything interesting is intimidating. Here we give an alternative ‘quick start ’ guide, aimed at teaching basic use of the system quickly by means of a graded set of examples. Some readers may find it easier to absorb; those who do not are referred after all to the standard manual. “Shouldn’t we read the instructions?”
Verified Calculations
, 2013
"... Abstract. Calculational proofs—proofs by stepwise formula manipulation—are praised for their rigor, readability, and elegance. It seems desirable to reuse this style, often employed on paper, in the context of mechanized reasoning, and in particular, program verification. This work leverages the pow ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Abstract. Calculational proofs—proofs by stepwise formula manipulation—are praised for their rigor, readability, and elegance. It seems desirable to reuse this style, often employed on paper, in the context of mechanized reasoning, and in particular, program verification. This work leverages the power of SMT solvers to machinecheck calculational proofs at the level of detail they are usually written by hand. It builds the support for calculations into the programming language and autoactive program verifier Dafny. The paper demonstrates that calculations integrate smoothly with other language constructs, producing concise and readable proofs in a wide range of problem domains: from mathematical theorems to correctness of imperative programs. The examples show that calculational proofs in Dafny compare favorably, in terms of readability and conciseness, with arguments written in other styles and proof languages. 0
Concepts and calculation in cryprography
, 2008
"... This is a study about applying ideas from mathematical methodology to problems in cryptography. It is not a study of cryptography per se, but rather a study of the type of concepts one finds in this area, how they are formulated, and how we reason about them. The motivation? Cryptography is a notori ..."
Abstract
 Add to MetaCart
This is a study about applying ideas from mathematical methodology to problems in cryptography. It is not a study of cryptography per se, but rather a study of the type of concepts one finds in this area, how they are formulated, and how we reason about them. The motivation? Cryptography is a notoriously difficult subject to reason about: it is acknowledged within the cryptography community that many of the existing proofs are so complicated that they are near impossible to verify. The question then, is why? What is the source of the difficulty, and what can be done about it? I claim that a large part of the difficulty arises from the nonavoidance of pitfalls such as overspecific and often ambiguous nomenclature, reliance on unstated domain specific knowledge and assumptions, and poorly structured, informal reasoning. The purpose of this study is to justify this claim, by exploring two fundamental cryptographic concepts (more accurately, two versions of a particular cryptographic concept) , and a proof of a theorem that relates them.
Unified Proof Style for Teaching Mathematics
"... Structured derivations were introduced by Back and von Wright as an extension of the calculational proof style originally proposed by E.W. Dijkstra and his colleagues. Structured derivations added nested subderivations and inherited assumptions to the original calculational style. This paper introdu ..."
Abstract
 Add to MetaCart
Structured derivations were introduced by Back and von Wright as an extension of the calculational proof style originally proposed by E.W. Dijkstra and his colleagues. Structured derivations added nested subderivations and inherited assumptions to the original calculational style. This paper introduces a further extension of the structured derivation format, and gives a precise syntax and semantics for the extended proof style. The extension provides a unification of the tree main proof styles used in mathematics today: Hilbertstyle forward chaining proofs, Gentzenstyle backward chaining proofs and algebraic derivations and calculations (in particular, Dijkstra’s calculational proof style). Each of these proof styles can be directly modelled as an extended structured derivation. Even more importantly, the three proof styles can be freely intermixed in a single structured derivation, allowing different proof styles to be used in different parts of the derivation, each time choosing the proof style that is most suitable for the (sub)problem at hand. We describe here (extended) structured derivations, feature by feature, and