Results 1 
7 of
7
Verification of Interlockings: from Control Tables to Ladder Logic Diagrams
 Proceedings of the 3rd Workshop on Formal Methods for Industrial Critical Systems  FMICS'98
, 1998
"... Dependency relations between objects in a railway yard are tabulated in control tables. An interlocking, which guarantees validity of these dependencies, can be implemented in ladder logic. We transform a ladder logic diagram into a Boolean formula, so that validity of the dependencies in the contro ..."
Abstract

Cited by 14 (0 self)
 Add to MetaCart
Dependency relations between objects in a railway yard are tabulated in control tables. An interlocking, which guarantees validity of these dependencies, can be implemented in ladder logic. We transform a ladder logic diagram into a Boolean formula, so that validity of the dependencies in the control tables can be verified using a theorem prover. Time copies and invariants are added to the formula, to relate it more firmly to its ladder logic diagram. Program slicing is applied to reduce the size of the formula. 1
A Notion of Classical Pure Type System
 Proc. of 13th Ann. Conf. on Math. Found. of Programming Semantics, MFPS'97
, 1997
"... We present a notion of classical pure type system, which extends the formalism of pure type system with a double negation operator. 1 Introduction It is an old idea that proofs in formal logics are certain functions and objects. The BrowerHeytingKolmogorov (BHK) interpretation [15,51,40], in the ..."
Abstract

Cited by 7 (5 self)
 Add to MetaCart
We present a notion of classical pure type system, which extends the formalism of pure type system with a double negation operator. 1 Introduction It is an old idea that proofs in formal logics are certain functions and objects. The BrowerHeytingKolmogorov (BHK) interpretation [15,51,40], in the form stated by Heyting [40], states that a proof of an implication P ! Q is a "construction " which transforms any proof of P into a proof of Q. This idea was formalized independently by Kleene's realizability interpretation [46,47] in which proofs of intuitionistic number theory are interpreted as numbers, by the CurryHoward (CH) isomorphism [21,43] in which proofs of intuitionistic implicational propositional logic are interpreted as simply typed terms, and by the LambekLawvere (LL) isomorphism [52,55] in which proofs of intuitionistic positive propositional logic are interpreted as morphisms in a cartesian closed category. In the latter cases, the interpretations have an inverse, in th...
Safety criteria for the vital processor interlocking at HoornKersenboogerd
 Proceedings of the 5th Conference on Computers in Railways (COMPRAIL'96), Volume I: Railway Systems and Management
, 1996
"... We formulate several classes of safety criteria for railway yards in terms of observable behaviour. These criteria are meant to protect trains from collisions and from derailments. We identify a number of safety criteria, and present instances of these classes for the case of the railway yard at sta ..."
Abstract

Cited by 7 (3 self)
 Add to MetaCart
We formulate several classes of safety criteria for railway yards in terms of observable behaviour. These criteria are meant to protect trains from collisions and from derailments. We identify a number of safety criteria, and present instances of these classes for the case of the railway yard at station Hoorn–Kersenboogerd. These criteria have all been checked by means of the St˚almarck theorem prover, using a methodology from Groote, Koorn and Van Vlijmen.
NonStrictly Positive FixedPoints for Classical Natural Deduction, accepted for publication in APAL
, 2004
"... Termination for classical natural deduction is difficult in the presence of commuting/permutative conversions for disjunction. An approach based on reducibility candidates is presented that uses nonstrictly positive inductive definitions. It covers secondorder universal quantification and also the ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
Termination for classical natural deduction is difficult in the presence of commuting/permutative conversions for disjunction. An approach based on reducibility candidates is presented that uses nonstrictly positive inductive definitions. It covers secondorder universal quantification and also the extension of the logic by fixedpoints of nonstrictly positive operators, which appears to be a new result. Finally, the relation to Parigot’s strictlypositive inductive definition of his set of reducibility candidates and to his notion of generalized reducibility candidates is explained. Key words: PACS:
Safety Criteria for HoornKersenboogerd Railway Station
 Utrecht University
, 1995
"... We formulate several classes of safety criteria for railway yards in terms of observable behaviour. These criteria are meant to protect trains from collisions and from derailments. We identify a number of safety criteria, and present instances of these classes for the case of the railway yard at sta ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
We formulate several classes of safety criteria for railway yards in terms of observable behaviour. These criteria are meant to protect trains from collisions and from derailments. We identify a number of safety criteria, and present instances of these classes for the case of the railway yard at station HoornKersenboogerd. These criteria have all been checked by means of the Stalmarck theorem prover, using a methodology from Groote, Koorn and Van Vlijmen. 1 Introduction At a growing number of Dutch railway stations, including HoornKersenboogerd, computer equipment based on a Vital Processor Interlocking 1 (VPI) is used in order to ensure safe movement of trains. Apart from a number of hardware checks, a VPI essentially executes a program that consists of a large number of assignments of the form v = OE with v a variable and OE a Boolean formula, which expresses dependencies between objects such as points, signals and level crossings, taking into account detailed information such...
Structural Properties of Proofs in Mathematical Theories.
"... Introduction to the research area Proof theory traditionally aims at completing Hilbert's program, as revised in the light of Godels incompleteness theorem. As a prerequisite of the progress made there are certain results concerning structural properties of proofs in basic mathematical theories. Th ..."
Abstract
 Add to MetaCart
Introduction to the research area Proof theory traditionally aims at completing Hilbert's program, as revised in the light of Godels incompleteness theorem. As a prerequisite of the progress made there are certain results concerning structural properties of proofs in basic mathematical theories. These results have more and more came to the front during the last few decades, since besides of their applications in Hilbert's program they are of considerable interest from a logical and mathematical point of view and have several applications in philosophy as well as in computer science. The project enter into this research on the structure of proofs. A certain normal form of a proof is taken as a central concept. The notion of a normal proof goes back to the works of the german mathematician Gerhard Gentzen and has been further developed by Swedish logicians, principally Per MartinL of and Dag Prawitz. A characteristic of a normal proof is the absence of certain detours in the pro
Niels Jakob Rehof Morten Heine Srensen
 Theoretical Aspects of Computer Software
, 1994
"... . By restriction of Felleisen's control operator F we obtain an operator \Delta and a fully compatible, ChurchRosser control calculus \Delta enjoying a number of desirable properties. It is shown that \Delta contains a strongly normalizing typed subcalculus with a reduction corresponding clos ..."
Abstract
 Add to MetaCart
. By restriction of Felleisen's control operator F we obtain an operator \Delta and a fully compatible, ChurchRosser control calculus \Delta enjoying a number of desirable properties. It is shown that \Delta contains a strongly normalizing typed subcalculus with a reduction corresponding closely to systems of proof normalization for classical logic. The calculus is more than strong enough to express a callbyname catch=throw programming paradigm. 1 Background and motivation The first subsection describes previous work in the CurryHoward Isomorphism. The second subsection describes our contribution: a typed calculus with a number of desirable properties, not all shared by the systems mentioned in the first subsection. The CurryHoward Isomorphism and classical logic. The socalled CurryHoward Isomorphism states a correspondence between typed calculi and systems of formal logic. 2 At the heart of the isomorphism is the perception of proofs as functions, as formalized ...