This paper describes the process of mechanically certifying a compiler with respect to the semantic specification of the source and target languages. The proofs are performed in type theory using the Coq system. These proofs introduce specific theoretical tools: fragmentation theorems and general induction principles.

This paper explains the setting of an extensive formalisation of the theory of sequences (finite and infinite lists of elements of some data type) in the Prototype Verification System pvs. This formalisation is based on the characterisation of sequences as a final coalgebra, which is used as an axiom. The resulting theories comprise standard operations on sequences like composition (or concatenation), filtering, flattening, and their properties. They also involve the prefix ordering and proofs that sequences form an algebraic complete partial order. The finality axiom gives rise to various reasoning principles, like bisimulation, simulation, invariance, and induction for admissible predicates. Most of the proofs of equality statements are based on bisimulations, and most of the proofs of prefix order statements use simulations. Some significant aspects of these theories are described in detail. This coalgebraic formalisation of sequences is presented as a concrete example that shows t...

The need to use partial functions arises frequently in formal descriptions of computer systems. However, most proof assistants are based on logics of total functions. One way to address this mismatch is to invent and mechanize a new logic. Another is to develop practical workarounds in existing settings. In this paper we take the latter course: we survey and compare methods used to support partiality in a mechanization of a higher order logic featuring only total functions. The techniques we discuss are generally applicable and are illustrated by relatively large examples. 1.

In this paper we specialize the notion of abstract computational procedure previously introduced for intensionally presented structures to those which are extensionally given. This is provided by a form of generalized recursion theory which uses schemata for explicit definition, conditional definition and least fixed point (LFP) recursion in functionals of type level ≤ 2 over any appropriate structure. It is applied here to the case of potentially infinite (and more general partial) streams as an abstract data type. 1

The consistency of the dynamic and static semantics for a small functional programming language was informally proved by R.Milner and M.Tofte. The notions of co-inductive definitions and the associated principle of co-induction played a pivotal role in the proof. With emphasis on co-induction, the work presented here deals with the formalisation of this result in the generic theorem prover Isabelle. Contents 1 Introduction 1 2 Co-induction in Relation Semantics 2 2.1 Notation : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 2 2.2 The Language : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 2 2.3 Dynamic Semantics : : : : : : : : : : : : : : : : : : : : : : : : : : 3 2.4 Static Semantics : : : : : : : : : : : : : : : : : : : : : : : : : : : 3 2.5 Consistency : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 5 3 Isabelle 7 3.1 Documentation : : : : : : : : : : : : : : : : : : : : : : : : : : : : 7 3.2 Notation : : : : : : : : : : : : : : : : : : : : : ...

Abstract not found

Reactive systems respond to concurrent, possibly unsynchronized streams of input events. Programming reactive systems is challenging without language support for event-triggered actions. It is even more challenging to reason about reactive systems. This paper explores a new conceptual basis for applying functional programming techniques to the design and formal veri#cation of reactive systems. The mathematical foundation for this approach is based upon signature coalgebras and derived proof rules for coinduction. The concepts are illustrated with an example that has been used with the language Esterel. 1 Introduction Reactive systems are characterized by sequences of history-determined reactions to external events. It is known that a non-strict functional programming language can provide a suitable linguistic vehicle for programming reactive systems because streams, modeling temporal sequences of values, can be represented. It is necessary to represent more than streams, however. Cur...

C'era una volta un re seduto in canap`e, che disse alla regina raccontami una storia. La regina cominci`o: "C'era una volta un re seduto in canap`e

The consistency of the dynamic and static semantics for a small functional programming language was informally proved by R.Milner and M.Tofte. The notions of co-inductive definitions and the associated principle of co-induction played a pivotal role in the proof. With emphasis on co-induction, the work presented here deals with the formalisation of this result in the higher-order logic of the generic theorem prover Isabelle. 1 Introduction In the paper Co-induction in Relational Semantics [1], R.Milner and M.Tofte prove the dynamic and static semantics for a small functional programming language consistent. The dynamic semantics associates a value to an expression of the language, while the static semantics associates a type. A value has a type. Consistency requires that the value of an expression has the type of the expression. Values can be infinite or non-well-founded because the language contains recursive functions. Non-well-founded values are handled using co-inductive def...

Using the notions of unique xed point, converging equivalence relation, and contracting function, we generalize the technique of well-founded recursion. We are able to de ne functions in the Isabelle theorem prover that recursively call themselves an in nite number of times. In particular, we can easily de ne recursive functions that operate over coinductively-de ned types, such as in nite lists. Previously in Isabelle such functions could only be de ned corecursively, or had to operate over types containing \extra" bottom-elements. We conclude the paper by showing that the functions for ltering and attening in nite lists have simple recursive de nitions. 1 Well-founded recursion Rather than specify recursive functions by possibly inconsistent axioms, several higher order logic (HOL) theorem provers[3, 9, 12] provide well-founded recursive function de nition packages, where new functions can be de ned conservatively. Recursive functions are de ned by giving a series of...