Results 1  10
of
11
Automating the Meta Theory of Deductive Systems
, 2000
"... not be interpreted as representing the o cial policies, either expressed or implied, of NSF or the U.S. Government. This thesis describes the design of a metalogical framework that supports the representation and veri cation of deductive systems, its implementation as an automated theorem prover, a ..."
Abstract

Cited by 80 (17 self)
 Add to MetaCart
not be interpreted as representing the o cial policies, either expressed or implied, of NSF or the U.S. Government. This thesis describes the design of a metalogical framework that supports the representation and veri cation of deductive systems, its implementation as an automated theorem prover, and experimental results related to the areas of programming languages, type theory, and logics. Design: The metalogical framework extends the logical framework LF [HHP93] by a metalogic M + 2. This design is novel and unique since it allows higherorder encodings of deductive systems and induction principles to coexist. On the one hand, higherorder representation techniques lead to concise and direct encodings of programming languages and logic calculi. Inductive de nitions on the other hand allow the formalization of properties about deductive systems, such as the proof that an operational semantics preserves types or the proof that a logic is is a proof calculus whose proof terms are recursive functions that may be consistent.M +
Proofproducing Congruence Closure
 16th International Conference on Rewriting Techniques and Applications
, 2005
"... www.lsi.upc.es/{~roberto,~oliveras} Abstract. Many applications of congruence closure nowadays require the ability of recovering, among the thousands of input equations, the small subset that caused the equivalence of a given pair of terms. For this purpose, here we introduce an incremental congruen ..."
Abstract

Cited by 30 (2 self)
 Add to MetaCart
www.lsi.upc.es/{~roberto,~oliveras} Abstract. Many applications of congruence closure nowadays require the ability of recovering, among the thousands of input equations, the small subset that caused the equivalence of a given pair of terms. For this purpose, here we introduce an incremental congruence closure algorithm that has an additional Explain operation. First, two variations of unionfind data structures with Explain are introduced. Then, these are applied inside a congruence closure algorithm with Explain, whereakstep proof can be recovered in almost optimal time (quasilinear in k), without increasing the overall O(n log n)runtime of the fastest known congruence closure algorithms. This nontrivial (ground) equational reasoning result has been quite intensively sought after (see, e.g., [SD99, dMRS04, KS04]), and moreover has important applications to verification.
Fast Congruence Closure and Extensions
, 2006
"... Congruence closure algorithms for deduction in ground equational theories are ubiquitous in many (semi)decision procedures used for verification and automated deduction. In many of these applications one needs an incremental algorithm that is moreover capable of recovering, among the thousands of i ..."
Abstract

Cited by 18 (1 self)
 Add to MetaCart
Congruence closure algorithms for deduction in ground equational theories are ubiquitous in many (semi)decision procedures used for verification and automated deduction. In many of these applications one needs an incremental algorithm that is moreover capable of recovering, among the thousands of input equations, the small subset that explains the equivalence of a given pair of terms. In this paper we present an algorithm satisfying all these requirements. First, building on ideas from abstract congruence closure algorithms [Kapur (1997,RTA), Bachmair & Tiwari (2000,CADE)], we present a very simple and clean incremental congruence closure algorithm and show that it runs in the best known time O(n log n). After that, we introduce a proofproducing unionfind data structure that is then used for extending our congruence closure algorithm, without increasing the overall O(n log n) time, in order to produce a kstep explanation for a given equation in almost optimal time (quasilinear in k). Finally, we show that the previous algorithms can be smoothly extended, while still obtaining the same asymptotic time bounds, in order to support the interpreted functions symbols successor and predecessor, which have been shown to be very useful in applications such as microprocessor verification.
Translation Validation: From SIGNAL to C
 Proceedings of Conference on Correct System Design, E. R. Olderog and B. Steffen, (Eds.), LNCS 1710, SpringerVerlag
, 1999
"... . Translation validation is an alternative to the verification of translators (compilers, code generators). Rather than proving in advance that the compiler always produces a target code which correctly implements the source code (compiler verification), each individual translation (i.e. a run of th ..."
Abstract

Cited by 16 (1 self)
 Add to MetaCart
. Translation validation is an alternative to the verification of translators (compilers, code generators). Rather than proving in advance that the compiler always produces a target code which correctly implements the source code (compiler verification), each individual translation (i.e. a run of the compiler) is followed by a validation phase which verifies that the target code produced on this run correctly implements the submitted source program. In order to be a practical alternative to compiler verification, a key feature of this validation is its full automation. Since the validation process attempts to "unravel" the transformation effected by the translators, its task becomes increasingly more difficult (and necessary) with the increase of sophistication and variety of the optimizations methods employed by the translator. In this paper we address the practicability of translation validation for highly optimizing, industrial code generators from Signal, a widely used synchronous...
Proof Generation in the Touchstone Theorem Prover
 In Proceedings of the International Conference on Automated Deduction
, 2000
"... . The ability of a theorem prover to generate explicit derivations for the theorems it proves has major benets for the testing and maintenance of the prover. It also eliminates the need to trust the correctness of the prover at the expense of trusting a much simpler proof checker. However, it is ..."
Abstract

Cited by 16 (0 self)
 Add to MetaCart
. The ability of a theorem prover to generate explicit derivations for the theorems it proves has major benets for the testing and maintenance of the prover. It also eliminates the need to trust the correctness of the prover at the expense of trusting a much simpler proof checker. However, it is not always obvious how to generate explicit proofs in a theorem prover that uses decision procedures whose operation does not directly model the axiomatization of the underlying theories. In this paper we describe the modications that are necessary to support proof generation in a congruenceclosure decision procedure for equality and in a Simplexbased decision procedure for linear arithmetic. Both of these decision procedures have been integrated using a modied NelsonOppen cooperation mechanism in the Touchstone theorem prover, which we use to produce proofcarrying code. Our experience with designing and implementing Touchstone is that proof generation has a relatively low c...
Automated Techniques for Provably Safe Mobile Code
 THEOR. COMPUT. SCI
, 2000
"... We present a general framework for provably safe mobile code. It relies on a formal definition of a safety policy and explicit evidence for compliance with this policy which is attached to a binary. Concrete realizations of this framework are proofcarrying code (PCC), where the evidence for safety i ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
We present a general framework for provably safe mobile code. It relies on a formal definition of a safety policy and explicit evidence for compliance with this policy which is attached to a binary. Concrete realizations of this framework are proofcarrying code (PCC), where the evidence for safety is a formal proof generated by a certifying compiler, and typed assembly language (TAL), where the evidence for safety is given via type annotations propagated throughout the compilation process in typed intermediate languages. Validity of the evidence is established via a small trusted type checker, either directly on the binary or indirectly on proof representations in a logical framework (LF).
Intensionality, Extensionality, and Proof Irrelevance in Modal Type Theory
 Pages 221–230 of: Symposium on Logic in Computer Science
, 2001
"... We develop a uniform type theory that integrates intensionality, extensionality, and proof irrelevance as judgmental concepts. Any object may be treated intensionally (subject only to #conversion), extensionally (subject also to ##conversion), or as irrelevant (equal to any other object at the sam ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
We develop a uniform type theory that integrates intensionality, extensionality, and proof irrelevance as judgmental concepts. Any object may be treated intensionally (subject only to #conversion), extensionally (subject also to ##conversion), or as irrelevant (equal to any other object at the same type), depending on where it occurs. Modal restrictions developed in prior work for simple types are generalized and employed to guarantee consistency between these views of objects. Potential applications are in logical frameworks, functional programming, and the foundations of firstorder modal logics.
UnionFind and Congruence Closure Algorithms that Produce Proofs
 2nd International Workshop on Pragmatics of Decision Procedures in Automated Reasoning
, 2004
"... Congruence closure algorithms are nowadays central in many modern applications in automated deduction and verification, where it is frequently required to recover the set of merge operations that caused the equivalence of a given pair of terms. For this purpose we study, from the algorithmic point o ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Congruence closure algorithms are nowadays central in many modern applications in automated deduction and verification, where it is frequently required to recover the set of merge operations that caused the equivalence of a given pair of terms. For this purpose we study, from the algorithmic point of view, the problem of extracting such small proofs.
Automated Techniques for Provably Safe Mobile Code
 IN PROCEEDINGS OF THE DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION
, 2000
"... We present a general framework for provably safe mobile code. It relies on a formal definition of a safety policy and explicit evidence for compliance with this policy that is attached to a binary. Concrete realizations of this framework are proofcarrying code (PCC), where the evidence for safety i ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
We present a general framework for provably safe mobile code. It relies on a formal definition of a safety policy and explicit evidence for compliance with this policy that is attached to a binary. Concrete realizations of this framework are proofcarrying code (PCC), where the evidence for safety is a formal proof generated by a certifying compiler, and typed assembly language (TAL), where the evidence for safety is given via type annotations propagated throughout the compilation process in typed intermediate languages. Validity of the evidence is established via a small trusted type checker, either directly on the binary or indirectly on proof representations in a logical framework (LF).
Project Description
"... this document presents the details of our proposed research project. We organize this presentation into sections, with each section giving an overview of a specific major subproblem, its relationship to the overall research goal, and our plans for addressing it. These major subproblems are as follow ..."
Abstract
 Add to MetaCart
this document presents the details of our proposed research project. We organize this presentation into sections, with each section giving an overview of a specific major subproblem, its relationship to the overall research goal, and our plans for addressing it. These major subproblems are as follows: the development of resourcebound and accesscontrol policies and enforcement mechanisms, the design of programming languages for application development, the design and development of certifying compilers, and the use of logical frameworks for e#cient proof representation. We conclude the proposal with a brief discussion of our overall research plan and our approach to disseminating our software and research results