A Linear Logical Framework
, 1996
Cited by 217 (44 self)
We present the linear type theory LLF as the forAppeared in the proceedings of the Eleventh Annual IEEE Symposium on Logic in Computer Science  LICS'96 (E. Clarke editor), pp. 264275, New Brunswick, NJ, July 2730 1996. mal basis for a conservative extension of the LF logical framework. LLF combines the expressive power of dependent types with linear logic to permit the natural and concise representation of a whole new class of deductive systems, namely those dealing with state. As an example we encode a version of MiniML with references including its type system, its operational semantics, and a proof of type preservation. Another example is the encoding of a sequent calculus for classical linear logic and its cut elimination theorem. LLF can also be given an operational interpretation as a logic programming language under which the representations above can be used for type inference, evaluation and cutelimination. 1 Introduction A logical framework is a formal system desig...
Set Theory for Verification: II  Induction and Recursion
 Journal of Automated Reasoning
, 2000
Cited by 43 (21 self)
A theory of recursive definitions has been mechanized in Isabelle's ZermeloFraenkel (ZF) set theory. The objective is to support the formalization of particular recursive definitions for use in verification, semantics proofs and other computational reasoning.
Mechanizing Coinduction and Corecursion in Higherorder Logic
 Journal of Logic and Computation
, 1997
Cited by 41 (5 self)
A theory of recursive and corecursive definitions has been developed in higherorder logic (HOL) and mechanized using Isabelle. Least fixedpoints express inductive data types such as strict lists; greatest fixedpoints express coinductive data types, such as lazy lists. Wellfounded recursion expresses recursive functions over inductive data types; corecursion expresses functions that yield elements of coinductive data types. The theory rests on a traditional formalization of infinite trees. The theory is intended for use in specification and verification. It supports reasoning about a wide range of computable functions, but it does not formalize their operational semantics and can express noncomputable functions also. The theory is illustrated using finite and infinite lists. Corecursion expresses functions over infinite lists; coinduction reasons about such functions. Key words. Isabelle, higherorder logic, coinduction, corecursion Copyright c fl 1996 by Lawrence C. Paulson Content...
A generic tableau prover and its integration with Isabelle
 Journal of Universal Computer Science
, 1999
Cited by 38 (10 self)
Abstract: A generic tableau prover has been implemented and integrated with Isabelle [Paulson, 1994]. Compared with classical rstorder logic provers, it has numerous extensions that allow it to reason with any supplied set of tableau rules. It has a higherorder syntax in order to support userde ned binding operators, such as those of set theory. The uni cation algorithm is rstorder instead of higherorder, but it includes modi cations to handle bound variables. The proof, when found, is returned to Isabelle as a list of tactics. Because Isabelle veri es the proof, the prover can cut corners for e ciency's sake without compromising soundness. For example, the prover can use type information to guide the search without storing type information in full. Categories: F.4, I.1
A Fixedpoint Approach to (Co)Inductive and (Co)Datatype Definitions
, 1997
Cited by 20 (2 self)
This paper presents a fixedpoint approach to inductive definitions. Instead of using a syntactic test such as "strictly positive," the approach lets definitions involve any operators that have been proved monotone. It is conceptually simple, which has allowed the easy implementation of mutual recursion and iterated definitions. It also handles coinductive definitions: simply replace the least fixedpoint by a greatest fixedpoint. The method
Three Years of Experience with Sledgehammer, a Practical Link between Automatic and Interactive Theorem Provers
Cited by 19 (5 self)
Sledgehammer is a highly successful subsystem of Isabelle/HOL that calls automatic theorem provers to assist with interactive proof construction. It requires no user configuration: it can be invoked with a single mouse gesture at any point in a proof. It automatically finds relevant lemmas from all those currently available. An unusual aspect of its architecture is its use of unsound translations, coupled with its delivery of results as Isabelle/HOL proof scripts: its output cannot be trusted, but it does not need to be trusted. Sledgehammer works well with Isar structured proofs and allows beginners to prove challenging theorems. 1
Mechanizing set theory: Cardinal arithmetic and the axiom of choice
 Journal of Automated Reasoning
, 1996
Cited by 16 (9 self)
Abstract. Fairly deep results of ZermeloFrænkel (ZF) set theory have been mechanized using the proof assistant Isabelle. The results concern cardinal arithmetic and the Axiom of Choice (AC). A key result about cardinal multiplication is κ ⊗ κ = κ, where κ is any infinite cardinal. Proving this result required developing theories of orders, orderisomorphisms, order types, ordinal arithmetic, cardinals, etc.; this covers most of Kunen, Set Theory, Chapter I. Furthermore, we have proved the equivalence of 7 formulations of the Wellordering Theorem and 20 formulations of AC; this covers the first two chapters of Rubin and Rubin, Equivalents of the Axiom of Choice, and involves highly technical material. The definitions used in the proofs are
Un Calcul De Constructions Infinies Et Son Application A La Verification De Systemes Communicants
, 1996
Cited by 16 (0 self)
m networks and the recent works of Thierry Coquand in type theory have been the most important sources of motivation for the ideas presented here. I wish to specially thank Roberto Amadio, who read the manuscript in a very short delay, providing many helpful comments and remarks. Many thanks also to Luc Boug'e, who accepted to be my oficial supervisor, and to the chair of the jury, Michel Cosnard, who opened to me the doors of the LIP. During these last three years in Lyon I met many wonderful people, who then become wonderful friends. Miguel, Nuria, Veronique, Patricia, Philippe, Pia, Rodrigo, Salvador, Sophie : : : with you I have shared the happiness and sadness of everyday life, those little things which make us to remember someone forever. I also would like to thank the people from "Tango de Soie", for all those funny nights at the Caf'e Moulin Joly. Thanks too to the Uruguayan research community in Computer Science (specially to Cristina Cornes and Alberto Pardo) w