this paper we describe Elf, a meta-language intended for environments dealing with deductive systems represented in LF. While this paper is intended to include a full description of the Elf core language, we only state, but do not prove here the most important theorems regarding the basic building blocks of Elf. These proofs are left to a future paper. A preliminary account of Elf can be found in [26]. The range of applications of Elf includes theorem proving and proof transformation in various logics, definition and execution of structured operational and natural semantics for programming languages, type checking and type inference, etc. The basic idea behind Elf is to unify logic definition (in the style of LF) with logic programming (in the style of Prolog, see [22, 24]). It achieves this unification by giving types an operational interpretation, much the same way that Prolog gives certain formulas (Horn-clauses) an operational interpretation. An alternative approach to logic programming in LF has been developed independently by Pym [28]. Here are some of the salient characteristics of our unified approach to logic definition and metaprogramming. First of all, the Elf search process automatically constructs terms that can represent object-logic proofs, and thus a program need not construct them explicitly. This is in contrast to logic programming languages where executing a logic program corresponds to theorem proving in a meta-logic, but a meta-proof is never constructed or used and it is solely the programmer's responsibility to construct object-logic proofs where they are needed. Secondly, the partial correctness of many meta-programs with respect to a given logic can be expressed and proved by Elf itself (see the example in Section 5). This creates the possibilit...

We describe Elf, a metalanguage for proof manipulation environments that are independent of any particular logical system. Elf is intended for meta-programs such as theorem provers, proof transformers, or type inference programs for programming languages with complex type systems. Elf unifies logic definition (in the style of LF, the Edinburgh Logical Framework) with logic programming (in the style of Prolog). It achieves this unification by giving types an operational interpretation, much the same way that Prolog gives certain formulas (Horn-clauses) an operational interpretation. Novel features of Elf include: (1) the Elf search process automatically constructs terms that can represent object-logic proofs, and thus a program need not construct them explicitly, (2) the partial correctness of meta-programs with respect to a given logic can be expressed and proved in Elf itself, and (3) Elf exploits Elliott's unification algorithm for a -calculus with dependent types. This research was...

In computer science we speak of implementing a logic; this is done in a programming language, such as Lisp, called here the implementation language. We also reason about the logic, as in understanding how to search for proofs; these arguments are expressed in the metalanguage and conducted in the metalogic of the object language being implemented. We also reason about the implementation itself, say to know it is correct; this is done in a programming logic. How do all these logics relate? This paper considers that question and more. We show that by taking the view that the metalogic is primary, these other parts are related in standard ways. The metalogic should be suitably rich so that the object logic can be presented as an abstract data type, and it must be suitably computational (or constructive) so that an instance of that type is an implementation. The data type abstractly encodes all that is relevant for metareasoning, i.e., not only the term constructing functions but also the...

Abstract. Mechanised reasoning systems and computer algebra systems have different objectives. Their integration is highly desirable, since formal proofs often involve both of the two di erent tasks, proving and calculating. Even more importantly, proof and computation are often interwoven and not easily separable. In this contribution we advocate an integration of computer algebra into mechanised reasoning systems at the proof plan level. This approach allows to view the computer algebra algorithms as methods, that is, declarative representations of the problem solving knowledge speci c to a certain mathematical domain. Automation can be achieved in many cases bysearching for a hierarchic proof plan at the methodlevel using suitable domain-speci c control knowledge about the mathematical algorithms. In other words, the uniform framework of proof planning allows to solve a large class of problems that are not automatically solvable by separate systems. Our approach also gives an answer to the correctness problems inherent insuch an integration. We advocate an approach where the computer algebra system produces high-level protocol information that can be processed by aninterface to derive proof plans. Such a proof plan in turn can be expanded to proofs at di erent levels of abstraction, so the approach iswell-suited for producing a high-level verbalised explication as well as for a low-level machine checkable calculus-level proof. We present an implementation of our ideas and exemplify them using an automatically solved example. Changes in the criterion of `rigour of the proof ' engender major revolutions in mathematics.

this article we will not attempt to describe all the dierent possible choices of type theories. Instead we want to discuss the main underlying ideas, with a special focus on the use of type theory as the formalism for the description of theories including proofs

The goal of this paper is to present a theorem prover where the underlying code has been written to behave as the procedural metalevel of the object logic. We have then defined a logical declarative metatheory MT which can be put in a one-to-one relation with the code and automatically generated from it. MT is proved correct and complete in the sense that, for any object level deduction, the wff representing it is a theorem of MT, and viceversa. Such theorems can be translated back in the underlying code. This opens up the possibility of deriving control strategies automatically by metatheoretic theorem proving, of mapping them into the code and thus of extending and modifying the system itself. This seems a first step towards "really" self-reflective systems, ie. systems able to reason deductively about and modify their underlying computation mechanisms. We show that the usual logical reflection rules (so called reflection up and down) are derived inference rules of the system.

In this paper we propose a metatheory, MT which represents the computation which implements its object theory, OT, and, in particular, the computation which implements deduction in OT. To emphasize this fact we say that MT is a metatheory of a mechanized object theory. MT has some "unusual" properties, e.g. it explicitly represents failure in the application of inference rules, and the fact that large amounts of the code implementing OT are partial, i.e. they work only for a limited class of inputs. These properties allow us to use MT to express and prove tactics, i.e. expressions which specify how to compose possibly failing applications of inference rules, to interpret them procedurally to assert theorems in OT, to compile them into the system implementation code, and, finally, to generate MT automatically from the system code. The definition of MT is part of a larger project which aims at the implementation of self-reflective systems, i.e. systems which are able to intros...

It is generally accepted that in principle it’s possible to formalize completely almost all of present-day mathematics. The practicability of actually doing so is widely doubted, as is the value of the result. But in the computer age we believe that such formalization is possible and desirable. In contrast to the QED Manifesto however, we do not offer polemics in support of such a project. We merely try to place the formalization of mathematics in its historical perspective, as well as looking at existing praxis and identifying what we regard as the most interesting issues, theoretical and practical.

In this paper we present a first order classical metatheory, called MT, with the following properties: (1) tactics are terms of the language of MT (we call these tactics, Logic Tactics); (2) there exists a mapping between Logic Tactics and the tactics developed as programs within the GETFOL theorem prover (we call these tactics, Program Tactics). MT is expressive enough to represent the most interesting tacticals, i.e. then, orelse, try, progress and repeat. repeat allows us to express Logic Tactics which correspond to Program Tactics which may not terminate. This work is part of a larger project which aims at the development and mechanization of a metatheory which can be used to reason about, extend and, possibly, modify the code implementing Program Tactics and the GETFOL basic inference rules.

Feferman has proposed a system, FS 0 , as an alternative framework for encoding logics and also for reasoning about those encodings. We have implemented a version of this framework and performed experiments that show that it is practical. Specifically, we describe a formalisation of predicate calculus and the development of an admissible rule that manipulates formulae with bound variables. This application will be of interest to researchers working with frameworks that use mechanisms based on substitution in the lambda calculus to implement variable binding and substitution in the declared logic directly. We suggest that meta-theoretic reasoning, even for a theory using bound variables, is not as difficult as is often supposed, and leads to more powerful ways of reasoning about the encoded theory. x 1 Introduction: why metamathematics? A logical framework is a formal theory that is designed for the purpose of describing other formal theories in a uniform way, and for making the work ...