Results 1  10
of
10
Imperative functional programming with isabelle/hol
 In TPHOLs ’08: Proceedings of the 21st International Conference on Theorem Proving in Higher Order Logics
, 2008
"... Abstract. We introduce a lightweight approach for reasoning about programs involving imperative data structures using the proof assistant Isabelle/HOL. It is based on shallow embedding of programs, a polymorphic heap model using enumeration encodings and type classes, and a stateexception monad sim ..."
Abstract

Cited by 17 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We introduce a lightweight approach for reasoning about programs involving imperative data structures using the proof assistant Isabelle/HOL. It is based on shallow embedding of programs, a polymorphic heap model using enumeration encodings and type classes, and a stateexception monad similar to known counterparts from Haskell. Existing proof automation tools are easily adapted to provide a verification environment. The framework immediately allows for correct code generation to ML and Haskell. Two case studies demonstrate our approach: An arraybased checker for resolution proofs, and a more efficient bytecode verifier. 1
A code generator framework for Isabelle/HOL
 Department of Computer Science, University of Kaiserslautern
, 2007
"... Abstract. We present a code generator framework for Isabelle/HOL. It formalizes the intermediate stages between the purely logical description in terms of equational theorems and a programming language. Correctness of the translation is established by giving the intermediate languages (a subset of H ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
(Show Context)
Abstract. We present a code generator framework for Isabelle/HOL. It formalizes the intermediate stages between the purely logical description in terms of equational theorems and a programming language. Correctness of the translation is established by giving the intermediate languages (a subset of Haskell) an equational semantics and relating it back to the logical level. To allow code generation for SML, we present and prove correct a (dictionarybased) translation eliminating type classes. The design of our framework covers different functional target languages. 1 Introduction and related work Executing formal specifications is a wellestablished topic and many theorem provers support this activity by generating code in a standard programming language from a logical description, typically by translating an internal functional language to an external one:
Efficient execution in an automated reasoning environment
 Journal of Functional Programming
, 2006
"... Abstract We describe a method to permit the user of a mathematical logic to write elegant logical definitions while allowing sound and efficient execution. We focus on the ACL2 logic and automated reasoning environment. ACL2 is used by industrial researchers to describe microprocessor designs and ot ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
(Show Context)
Abstract We describe a method to permit the user of a mathematical logic to write elegant logical definitions while allowing sound and efficient execution. We focus on the ACL2 logic and automated reasoning environment. ACL2 is used by industrial researchers to describe microprocessor designs and other complicated digital systems. Properties of the designs can be formally established with the theorem prover. But because ACL2 is also a functional programming language, the formal models can be executed as simulation engines. We implement features that afford these dual applications, namely formal proof and execution on industrial test suites. In particular, the features allow the user to install, in a logically sound way, alternative executable counterparts for logicallydefined functions. These alternatives are often much more efficient than the logically equivalent terms they replace. We discuss several applications of these features. 1 Introduction This paper is about a way to permit the functional programmer to prove efficientprograms correct. The idea is to allow the provision of two definitions of the program: an elegant definition that supports effective reasoning by a mechanizedtheorem prover, and an efficient definition for evaluation. A bridge of this sort,
Tracebased Verification of Imperative Programs with I/O
"... In this paper we demonstrate how to prove the correctness of systems implemented using lowlevel imperative features like pointers, files, and socket I/O with respect to high level I/O protocol descriptions by using the Coq proof assistant. We present a webbased course gradebook application develope ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
(Show Context)
In this paper we demonstrate how to prove the correctness of systems implemented using lowlevel imperative features like pointers, files, and socket I/O with respect to high level I/O protocol descriptions by using the Coq proof assistant. We present a webbased course gradebook application developed with Ynot, a Coq library for verified imperative programming. We add a dialogbased I/O system to Ynot, and we extend Ynot’s underlying Hoare logic with event traces to reason about I/O and protocol behavior. Expressive abstractions allow the modular verification of both high level specifications like privacy guarantees and low level properties like data structure pointer invariants.
Proof pearl: Dijkstra’s shortest path algorithm verified with ACL2
 18th International Conference on Theorem Proving in Higher Order Logics, Lecture Notes in Computer Science
, 2005
"... Abstract. We briefly describe a mechanically checked proof of Dijkstra's shortest path algorithm for finite directed graphs with nonnegative edge lengths. The algorithm and proof are formalized in ACL2. ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Abstract. We briefly describe a mechanically checked proof of Dijkstra's shortest path algorithm for finite directed graphs with nonnegative edge lengths. The algorithm and proof are formalized in ACL2.
Attaching Efficient Executability to Partial Functions in ACL2
 5th International Workshop on the ACL2 Theorem Prover and Its Applications (ACL2 2004
, 2004
"... We describe a macro called defpunexec to attach executable bodies to partial functions in ACL2. The macro makes use of two features mbe and defexec introduced in ACL2 from version 2.8, that afford a clean separation of execution efficiency from logical elegance. 1 ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
We describe a macro called defpunexec to attach executable bodies to partial functions in ACL2. The macro makes use of two features mbe and defexec introduced in ACL2 from version 2.8, that afford a clean separation of execution efficiency from logical elegance. 1
Mechanized Certification of Secure Hardware Designs
, 2007
"... We develop a framework for mechanized certification of secure hardware systems built out of commercial offtheshelf (COTS) components purchased from untrusted vendors. Certification requires a guarantee that the fabricated system satisfies the requisite safety and security properties. Our framewor ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
We develop a framework for mechanized certification of secure hardware systems built out of commercial offtheshelf (COTS) components purchased from untrusted vendors. Certification requires a guarantee that the fabricated system satisfies the requisite safety and security properties. Our framework facilitates this by (1) providing an unambiguous description of the requirements specification in a formal, computational logic, (2) a formalized hardware description language (HDL) to describe the implementation, and (3) mechanical tools and techniques for providing a certification of correctness and security. We illustrate the use of the framework in certifying the correctness and security properties of the netlist implementation of a voting machine using the ACL2 theorem prover.
Formal Reasoning About Efficient Data Structures: A Case Study in ACL2
 In Logic Based Program Synthesis and Transformation, LNCS 3018
, 2004
"... Abstract. We describe in this paper the formal verification, using the ACL2 system, of a syntactic unification algorithm where terms are represented as directed acyclic graphs (dags) and these graphs are stored in a singlethreaded object (stobj). The use of stobjs allows destructive operations on d ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We describe in this paper the formal verification, using the ACL2 system, of a syntactic unification algorithm where terms are represented as directed acyclic graphs (dags) and these graphs are stored in a singlethreaded object (stobj). The use of stobjs allows destructive operations on data (thus improving the performance of the algorithm), while maintaining the applicative semantics of ACL2. We intend to show how ACL2 provides an environment where execution of algorithms with efficient data structures and formal reasoning about them can be carried out. 1