Results 1  10
of
51
Inductive Definitions in the System Coq Rules and Properties
, 1992
"... In the pure Calculus of Constructions, it is possible to represent data structures and predicates using higherorder quantification. However, this representation is not satisfactory, from the point of view of both the efficiency of the underlying programs and the power of the logical system. For ..."
Abstract

Cited by 191 (2 self)
 Add to MetaCart
In the pure Calculus of Constructions, it is possible to represent data structures and predicates using higherorder quantification. However, this representation is not satisfactory, from the point of view of both the efficiency of the underlying programs and the power of the logical system. For these reasons, the calculus was extended with a primitive notion of inductive definitions [8]. This paper describes the rules for inductive definitions in the system Coq. They are general enough to be seen as one formulation of adding inductive definitions to a typed lambdacalculus. We prove strong normalization for a subsystem of Coq corresponding to the pure Calculus of Constructions plus Inductive Definitions with only weak nondependent eliminations.
Using Reflection to Build Efficient and Certified Decision Procedures
 TACS'97. SpringerVerlag LNCS 1281
, 1997
"... In this paper we explain how computational reflection can help build efficient certified decision procedure in reduction systems. We have developped a decision procedure on abelian rings in the Coq system but the approach we describe applies to all reduction systems that allow the definition of c ..."
Abstract

Cited by 72 (0 self)
 Add to MetaCart
(Show Context)
In this paper we explain how computational reflection can help build efficient certified decision procedure in reduction systems. We have developped a decision procedure on abelian rings in the Coq system but the approach we describe applies to all reduction systems that allow the definition of concrete types (or datatypes). We show that computational reflection is more efficient than an LCFlike approach to implement decision procedures in a reduction system. We discuss the concept of total reflection, which we have investigated in Coq using two facts: the extraction process available in Coq and the fact that the implementation language of the Coq system can be considered as a sublanguage of Coq. Total reflection is not yet implemented in Coq but we can test its performance as the extraction process is effective. Both reflection and total reflection are conservative extensions of the reduction system in which they are used. We also discuss performance and related approaches....
Verification of NonFunctional Programs using Interpretations in Type Theory
"... We study the problem of certifying programs combining imperative and functional features within the general framework of type theory. Type theory constitutes a powerful specification language, which is naturally suited for the proof of purely functional programs. To deal with imperative programs, we ..."
Abstract

Cited by 63 (4 self)
 Add to MetaCart
We study the problem of certifying programs combining imperative and functional features within the general framework of type theory. Type theory constitutes a powerful specification language, which is naturally suited for the proof of purely functional programs. To deal with imperative programs, we propose a logical interpretation of an annotated program as a partial proof of its specification. The construction of the corresponding partial proof term is based on a static analysis of the effects of the program, and on the use of monads. The usual notion of monads is refined in order to account for the notion of effect. The missing subterms in the partial proof term are seen as proof obligations, whose actual proofs are left to the user. We show that the validity of those proof obligations implies the total correctness of the program. We also establish a result of partial completeness. This work has been implemented in the Coq proof assistant. It appears as a tactic taking an ann...
Typing Algorithm in Type Theory with Inheritance
 Proc of POPL'97
, 1997
"... We propose and study a new typing algorithm for dependent type theory. This new algorithm typechecks more terms by using inheritance between classes. This inheritance mechanism turns out to be powerful: it supports multiple inheritance, classes with parameters and uses new abstract classes FUNCLASS ..."
Abstract

Cited by 54 (0 self)
 Add to MetaCart
(Show Context)
We propose and study a new typing algorithm for dependent type theory. This new algorithm typechecks more terms by using inheritance between classes. This inheritance mechanism turns out to be powerful: it supports multiple inheritance, classes with parameters and uses new abstract classes FUNCLASS and SORTCLASS (respectively classes of functions and sorts). We also defines classes as records, particularily suitable for the formal development of mathematical theories. This mechanism, implemented in the proof checker Coq, can be adapted to all typed calculus. 1 Introduction In the last years, proof checkers based on type theory appeared as convincing systems to formalize mathematics (especially constructive mathematics) and to prove correctness of software and hardware. In a proof checker, one can interactively build definitions, statements and proofs. The system is then able to check automatically whether the definitions are wellformed and the proofs are correct. Modern systems ar...
Inductively Defined Types in the Calculus of Constructions
 IN: PROCEEDINGS OF THE FIFTH CONFERENCE ON THE MATHEMATICAL FOUNDATIONS OF PROGRAMMING SEMANTICS. SPRINGER VERLAG LNCS
, 1989
"... We define the notion of an inductively defined type in the Calculus of Constructions and show how inductively defined types can be represented by closed types. We show that all primitive recursive functionals over these inductively defined types are also representable. This generalizes work by Böhm ..."
Abstract

Cited by 47 (3 self)
 Add to MetaCart
(Show Context)
We define the notion of an inductively defined type in the Calculus of Constructions and show how inductively defined types can be represented by closed types. We show that all primitive recursive functionals over these inductively defined types are also representable. This generalizes work by Böhm & Berarducci on synthesis of functions on term algebras in the secondorder polymorphiccalculus (F2). We give several applications of this generalization, including a representation of F2programs in F3, along with a definition of functions reify, reflect, and eval for F2 in F3. We also show how to define induction over inductively defined types and sketch some results that show that the extension of the Calculus of Construction by induction principles does not alter the set of functions in its computational fragment, F!. This is because a proof by induction can be realized by primitive recursion, which is already de nable in F!.
The Implementation of ALF  a Proof Editor based on MartinLöf's Monomorphic Type Theory with Explicit Substitution
, 1995
"... This thesis describes the implementation of ALF, which is an interactive proof editor based on MartinLöf's type theory with explicit substitutions. ALF is a general purpose proof assistant, in which different logics can be represented. Proof objects are manipulated directly, by the usual editi ..."
Abstract

Cited by 45 (0 self)
 Add to MetaCart
This thesis describes the implementation of ALF, which is an interactive proof editor based on MartinLöf's type theory with explicit substitutions. ALF is a general purpose proof assistant, in which different logics can be represented. Proof objects are manipulated directly, by the usual editing operations. A partial proof is represented as an incomplete proof object, i.e., a proof object containing placeholders. A modular type/proof checking algorithm for complete proof objects is presented, and it is proved sound and complete assuming some basic meta theory properties of the substitution calculus. The algorithm is extended to handle incomplete objects in such a way that the type checking problem is reduced to a unication problem, i.e., the problem of finding instantiations to the placeholders in the object. Placeholders are represented together with their expected type and local context. We show that checking the correctness of instantiations can be localised, which means that it is e...
Higher Order Logic
 In Handbook of Logic in Artificial Intelligence and Logic Programming
, 1994
"... Contents 1 Introduction : : : : : : : : : : : : : : : : : : : : : : : : : : : : 2 2 The expressive power of second order Logic : : : : : : : : : : : 3 2.1 The language of second order logic : : : : : : : : : : : : : 3 2.2 Expressing size : : : : : : : : : : : : : : : : : : : : : : : : 4 2.3 Definin ..."
Abstract

Cited by 24 (0 self)
 Add to MetaCart
Contents 1 Introduction : : : : : : : : : : : : : : : : : : : : : : : : : : : : 2 2 The expressive power of second order Logic : : : : : : : : : : : 3 2.1 The language of second order logic : : : : : : : : : : : : : 3 2.2 Expressing size : : : : : : : : : : : : : : : : : : : : : : : : 4 2.3 Defining data types : : : : : : : : : : : : : : : : : : : : : 6 2.4 Describing processes : : : : : : : : : : : : : : : : : : : : : 8 2.5 Expressing convergence using second order validity : : : : : : : : : : : : : : : : : : : : : : : : : 9 2.6 Truth definitions: the analytical hierarchy : : : : : : : : 10 2.7 Inductive definitions : : : : : : : : : : : : : : : : : : : : : 13 3 Canonical semantics of higher order logic : : : : : : : : : : : : 15 3.1 Tarskian semantics of second order logic : : : : : : : : : 15 3.2 Function and re
Synthesizing proofs from programs in the Calculus of Inductive Constructions
 In Proceedings of the International Conference on Mathematics for Programs Constructions. SpringerVerlag LNCS 947
, 1995
"... . We want to prove "automatically" that a program is correct with respect to a set of given properties that is a specification. Proofs of specifications contain logical parts and computational parts. Programs can be seen as computational parts of proofs. They can then be extracted from pro ..."
Abstract

Cited by 21 (1 self)
 Add to MetaCart
(Show Context)
. We want to prove "automatically" that a program is correct with respect to a set of given properties that is a specification. Proofs of specifications contain logical parts and computational parts. Programs can be seen as computational parts of proofs. They can then be extracted from proofs and be certified to be correct. We focus on the inverse problem : is it possible to reconstruct proof obligations from a program and its specification ? The framework is the type theory where a proof can be represented as a typed term [Con86, NPS90] and particularly the Calculus of Inductive Constructions [Coq85]. A notion of coherence is introduced between a specification and a program containing annotations as in the Hoare sense. This notion is based on the definition of an extraction function called the weak extraction. Such an annotated program can give a method to reconstruct a set of proof obligations needed to have a proof of the initial specification. This can be seen either as a method o...
A verified model checker for the modal µcalculus in Coq
 In TACAS, volume 1384 of LNCS
, 1998
"... . We report on the formalisation and correctness proof of a model checker for the modal calculus in Coq's constructive type theory. Using Coq's extraction mechanism we obtain an executable Caml program, which is added as a safe decision procedure to the system. An example illustrates ..."
Abstract

Cited by 14 (0 self)
 Add to MetaCart
. We report on the formalisation and correctness proof of a model checker for the modal calculus in Coq's constructive type theory. Using Coq's extraction mechanism we obtain an executable Caml program, which is added as a safe decision procedure to the system. An example illustrates its application in combination with deduction. 1 Introduction There is an obvious advantage in combining theorem proving and model checking techniques for the verification of reactive systems. The expressiveness of the theorem prover's (often higherorder) logic can be used to accommodate a variety of program modelling and verification paradigms, so infinite state and parametrised designs can be verified. However, using a theorem prover is not transparent and may require a fair amount of expertise. On the other hand, model checking is transparent, but exponential in the number of concurrent components. Its application is thus limited to systems with small state spaces. A combination of the two techn...