Results 1  10
of
16
A type system for certified binaries
 In ACM Symposium on Principles of Programming Languages
, 2002
"... A certified binary is a value together with a proof that the value satisfies a given specification. Existing compilers that generate certified code have focused on simple memory and controlflow safety rather than more advanced properties. In this paper, we present a general framework for explicitly ..."
Abstract

Cited by 86 (12 self)
 Add to MetaCart
(Show Context)
A certified binary is a value together with a proof that the value satisfies a given specification. Existing compilers that generate certified code have focused on simple memory and controlflow safety rather than more advanced properties. In this paper, we present a general framework for explicitly representing complex propositions and proofs in typed intermediate and assembly languages. The new framework allows us to reason about certified programs that involve effects while still maintaining decidable typechecking. We show how to integrate an entire proof system (the calculus of inductive constructions) into a compiler intermediate language and how the intermediate language can undergo complex transformations (CPS and closure conversion) while preserving proofs represented in the type system. Our work provides a foundation for the process of automatically generating certified binaries in a typetheoretic framework. 1
Program Specification and Data Refinement in Type Theory
 Mathematical Structures in Computer Science
, 1991
"... We develop a typetheoretic approach to program specification and data refinement and show that a type theory with a strong logical power and nice structural mechanisms provides an adequate formalism for modular development of programs and specifications. Specification of abstract data types is c ..."
Abstract

Cited by 28 (10 self)
 Add to MetaCart
(Show Context)
We develop a typetheoretic approach to program specification and data refinement and show that a type theory with a strong logical power and nice structural mechanisms provides an adequate formalism for modular development of programs and specifications. Specification of abstract data types is considered and a notion of abstract implementation between specifications is defined in the type theory and studied as a basis for correct and modular development of programs by stepwise refinement. The higherorder structural mechanisms in the type theory provide useful and flexible tools (specification operations and parameterized specifications) for modular design and structured specification. Refinement maps (programs and design decisions) and proofs of implementation correctness can be developed by means of the existing proof development systems based on type theories. 1 Introduction Program specification and modular program development by stepwise refinement has been an interes...
Deliverables: A Categorical Approach to Program Development in Type Theory
, 1992
"... This thesis considers the problem of program correctness within a rich theory of dependent types, the Extended Calculus of Constructions (ECC). This system contains a powerful programming language of higherorder primitive recursion and higherorder intuitionistic logic. It is supported by Pollack&a ..."
Abstract

Cited by 24 (1 self)
 Add to MetaCart
This thesis considers the problem of program correctness within a rich theory of dependent types, the Extended Calculus of Constructions (ECC). This system contains a powerful programming language of higherorder primitive recursion and higherorder intuitionistic logic. It is supported by Pollack's versatile LEGO implementation, which I use extensively to develop the mathematical constructions studied here. I systematically investigate Burstall's notion of deliverable, that is, a program paired with a proof of correctness. This approach separates the concerns of programming and logic, since I want a simple program extraction mechanism. The \Sigmatypes of the calculus enable us to achieve this. There are many similarities with the subset interpretation of MartinLof type theory. I show that deliverables have a rich categorical structure, so that correctness proofs may be decomposed in a principled way. The categorical combinators which I define in the system package up much logical bo...
Inductive Data Types: Wellordering Types Revisited
 Logical Environments
, 1992
"... We consider MartinLof's wellordering type constructor in the context of an impredicative type theory. We show that the wellordering types can represent various inductive types faithfully in the presence of the fillingup equality rules or jrules. We also discuss various properties of the ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
We consider MartinLof's wellordering type constructor in the context of an impredicative type theory. We show that the wellordering types can represent various inductive types faithfully in the presence of the fillingup equality rules or jrules. We also discuss various properties of the fillingup rules. 1 Introduction Type theory is on the edge of two disciplines, constructive logic and computer science. Logicians see type theory as interesting because it offers a foundation for constructive mathematics and its formalization. For computer scientists, type theory promises to provide a uniform framework for programs, proofs, specifications, and their development. From each perspective, incorporating a general mechanism for inductively defined data types into type theory is an important next step. Various typetheoretic approaches to inductive data types have been considered in the literature, both in MartinLof's predicative type theories (e.g., [ML84, Acz86, Dyb88, Dyb91, B...
A TypeTheoretic Analysis of Modular Specifications
, 1996
"... We study the problem of representing a modular specification language in a typetheory based theorem prover. Our goals are: to provide mechanical support for reasoning about specifications and about the specification language itself; to clarify the semantics of the specification language by formalis ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
We study the problem of representing a modular specification language in a typetheory based theorem prover. Our goals are: to provide mechanical support for reasoning about specifications and about the specification language itself; to clarify the semantics of the specification language by formalising them fully; to augment the specification language with a programming language in a setting where they are both part of the same formal environment, allowing us to define a formal implementation relationship between the two. Previous work on similar issues has given rise to a dichotomy between “shallow ” and “deep ” embedding styles when representing one language within another. We show that the expressiveness of type theory, and the high degree of reflection that it permits, allow us to develop embedding techniques which lie between the “shallow ” and “deep ” extremes. We consider various possible embedding strategies and then choose one of them to explore more fully. As our object of study we choose a fragment of the Z specification language, which we encode in the type theory UTT, as implemented in the LEGO proofchecker. We use the encoding to study some of the operations on schemas provided by Z. One of our main concerns is whether it is possible to reason about Z specifications at the level of these operations. We prove some theorems about Z showing that, within certain constraints, this kind of reasoning is indeed possible. We then show how these metatheorems can be used to carry out formal reasoning about Z specifications. For this we make use of an example taken from the Z Reference Manual (ZRM). Finally, we exploit the fact that type theory provides a programming language as well as a logic to define a notion of implementation for Z specifications. We illustrate this by encoding some example programs taken from the ZRM. ii Declaration I declare that this thesis was composed by myself, and that the work contained in it is my own except where otherwise stated. Some of this work has been published previously [Mah94]. iii
An operational approach to program extraction in the calculus of constructions
 In 12th International Workshop on Logic Based Program Synthesis and Tranformation
, 2002
"... ..."
Internal Program Extraction in the Calculus of Inductive Constructions
 In 6th Argentinian Workshop in Theoretical Computer Science (WAIT'02), 31st JAIIO
, 2002
"... Based on the Calculus of Constructions extended with inductive definitions we present a Theory of Specifications with rules for simultaneously constructing programs and their correctness proofs. The theory contains types for representing specifications, whose corresponding notion of implementation i ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Based on the Calculus of Constructions extended with inductive definitions we present a Theory of Specifications with rules for simultaneously constructing programs and their correctness proofs. The theory contains types for representing specifications, whose corresponding notion of implementation is that of a pair formed by a program and a correctness proof. The rules of the theory are such that in implementations the program parts appear mixed together with the proof parts. A reduction relation performs the task of separating programs from proofs. Consequently, every implementation computes to a pair composed of a program and a proof of its correctness, and so the program extraction procedure is immediate. 1
Machine Assisted Proofs for Generic Semantics to Compiler Transformation Correctness Theorems
"... This thesis investigates the issues involved in the creation of a “general theory of operational semantics ” in LEGO, a typetheoretic theorem proving environment implementing a constructionist logic. Such a general theory permits the ability to manipulate and reason about operational semantics both ..."
Abstract
 Add to MetaCart
This thesis investigates the issues involved in the creation of a “general theory of operational semantics ” in LEGO, a typetheoretic theorem proving environment implementing a constructionist logic. Such a general theory permits the ability to manipulate and reason about operational semantics both individually and as a class. The motivation for this lies in the studies of semantics directed compiler generation in which a set of generic semantics transforming functions can help convert arbitrary semantic definitions to abstract machines. Such transformations require correctness theorems that quantify over the class of operational semantics. In implementation terms this indicates the need to ensure both the class of operational semantics and the means of inferring results thereon remain at the theorem prover level. The endeavour of this thesis can be seen as assessing both the requirements that general theories of semantics impose on proof assistants and the efficacy of proof assistants in modelling such theories. Acknowledgements First and foremost I would like to thank Kevin Mitchell who supervised me for my first four years, supplying me with many helpful hints and constructive criticisms. He also bore with me at a period of my life when my mental health deteriorated for which I am eternally grateful. Secondly I would like to thank Stuart Anderson an ever present of my life at the University since I first arrived in 1988, for taking over the supervision of my work when it was seemingly near its conclusion. The help and encouragement I received meant I was able to (finally!) complete this thesis. Special mention must go to Rod Burstall, my mentor through the entirety of my postgraduate studies. My all too brief encounters with him lifted my spirits at a time when they were desperately in need of a boost. I would also like to especially thank Thomas Kleymann (formerly Schreiber) for the many times he aided me in my Lego miseries. I also thank James Hugh McKinna, Randy Pollack and other members of the Lego club for their helpful ideas, various helpful officemates