Results 1  10
of
11
Efficiency in a FullyExpansive Theorem Prover
, 1993
"... The HOL system is a fullyexpansive theorem prover: Proofs generated in the system are composed of applications of the primitive inference rules of the underlying logic. This has two main advantages. First, the soundness of the system depends only on the implementations of the primitive rules. Secon ..."
Abstract

Cited by 24 (1 self)
 Add to MetaCart
The HOL system is a fullyexpansive theorem prover: Proofs generated in the system are composed of applications of the primitive inference rules of the underlying logic. This has two main advantages. First, the soundness of the system depends only on the implementations of the primitive rules. Second, users can be given the freedom to write their own proof procedures without the risk of making the system unsound. A full functional programming language is provided for this purpose. The disadvantage with the approach is that performance is compromised. This is partly due to the inherent cost of fully expanding a proof but, as demonstrated in this thesis, much of the observed inefficiency is due to the way the derived proof procedures are written. This thesis seeks to identify sources of noninherent inefficiency in the HOL system and proposes some generalpurpose and some specialised techniques for eliminating it. One area that seems to be particularly amenable to optimisation is equational reasoning. This is significant because equational reasoning constitutes large portions of many proofs. A number of techniques are proposed that transparently optimise equational reasoning. Existing programs in the HOL system require little or no modification to work faster. The other major contribution of this thesis is a framework in which part of the computation involved in HOL proofs can be postponed. This enables users to make better use of their time. The technique exploits a form of lazy evaluation. The critical feature is the separation of the code that generates the structure of a theorem from the code that justifies it logically. Delaying the justification allows some nonlocal optimisations to be performed in equational reasoning. None of the techniques sacrifice the securit...
A Metatheory of a Mechanized Object Theory
, 1994
"... In this paper we propose a metatheory, MT which represents the computation which implements its object theory, OT, and, in particular, the computation which implements deduction in OT. To emphasize this fact we say that MT is a metatheory of a mechanized object theory. MT has some "unusual" prope ..."
Abstract

Cited by 22 (10 self)
 Add to MetaCart
In this paper we propose a metatheory, MT which represents the computation which implements its object theory, OT, and, in particular, the computation which implements deduction in OT. To emphasize this fact we say that MT is a metatheory of a mechanized object theory. MT has some "unusual" properties, e.g. it explicitly represents failure in the application of inference rules, and the fact that large amounts of the code implementing OT are partial, i.e. they work only for a limited class of inputs. These properties allow us to use MT to express and prove tactics, i.e. expressions which specify how to compose possibly failing applications of inference rules, to interpret them procedurally to assert theorems in OT, to compile them into the system implementation code, and, finally, to generate MT automatically from the system code. The definition of MT is part of a larger project which aims at the implementation of selfreflective systems, i.e. systems which are able to intros...
Program Tactics and Logic Tactics
 IN PROCEEDINGS 5TH INTNL. CONFERENCE ON LOGIC PROGRAMMING AND AUTOMATED REASONING (LPAR'94
, 1994
"... In this paper we present a first order classical metatheory, called MT, with the following properties: (1) tactics are terms of the language of MT (we call these tactics, Logic Tactics); (2) there exists a mapping between Logic Tactics and the tactics developed as programs within the GETFOL theor ..."
Abstract

Cited by 19 (10 self)
 Add to MetaCart
In this paper we present a first order classical metatheory, called MT, with the following properties: (1) tactics are terms of the language of MT (we call these tactics, Logic Tactics); (2) there exists a mapping between Logic Tactics and the tactics developed as programs within the GETFOL theorem prover (we call these tactics, Program Tactics). MT is expressive enough to represent the most interesting tacticals, i.e. then, orelse, try, progress and repeat. repeat allows us to express Logic Tactics which correspond to Program Tactics which may not terminate. This work is part of a larger project which aims at the development and mechanization of a metatheory which can be used to reason about, extend and, possibly, modify the code implementing Program Tactics and the GETFOL basic inference rules.
Towards Selfverification of HOL Light
 In International Joint Conference on Automated Reasoning
, 2006
"... Abstract. The HOL Light prover is based on a logical kernel consisting of about 400 lines of mostly functional OCaml, whose complete formal verification seems to be quite feasible. We would like to formally verify (i) that the abstract HOL logic is indeed correct, and (ii) that the OCaml code does c ..."
Abstract

Cited by 17 (0 self)
 Add to MetaCart
Abstract. The HOL Light prover is based on a logical kernel consisting of about 400 lines of mostly functional OCaml, whose complete formal verification seems to be quite feasible. We would like to formally verify (i) that the abstract HOL logic is indeed correct, and (ii) that the OCaml code does correctly implement this logic. We have performed a full verification of an imperfect but quite detailed model of the basic HOL Light core, without definitional mechanisms, and this verification is entirely conducted with respect to a settheoretic semantics within HOL Light itself. We will duly explain why the obvious logical and pragmatic difficulties do not vitiate this approach, even though it looks impossible or useless at first sight. Extension to include definitional mechanisms seems straightforward enough, and the results so far allay most of our practical worries. 1 Introduction: quis custodiet ipsos custodes? Mathematical proofs are subjected to peer review before publication, but there
Verification of the MDG Components Library in HOL
, 1998
"... The MDG system is a decision diagram based verification tool, primarily designed for hardware verification. It is based on Multiway decision diagramsan extension of the traditional ROBDD approach. In this paper we describe the formal verification of the component library of the MDG system, using ..."
Abstract

Cited by 7 (6 self)
 Add to MetaCart
The MDG system is a decision diagram based verification tool, primarily designed for hardware verification. It is based on Multiway decision diagramsan extension of the traditional ROBDD approach. In this paper we describe the formal verification of the component library of the MDG system, using HOL. The hardware component library, whilst relatively simple, has been a source of errors in an earlier developmental version of the MDG system. Thus verifying these aspects is of real utility towards the verification of a decision digram based verification system. This work demonstrates how machine assisted proof can be of practical utility when applied to a small focused problem.
A Deep Embedding of Z_C in Isabelle/HOL
, 2001
"... This report describes a deep embedding of the logic ZC [HR00] in Isabelle /HOL. The development is based on a general theory of de Bruijn terms. Wellformed terms, propositions and judgements are represented as inductive sets. The embedding is used to prove elementary properties of ZC such as uniquen ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
This report describes a deep embedding of the logic ZC [HR00] in Isabelle /HOL. The development is based on a general theory of de Bruijn terms. Wellformed terms, propositions and judgements are represented as inductive sets. The embedding is used to prove elementary properties of ZC such as uniqueness of types, type inhabitation and that elements of judgements are wellformed propositions 1 De Bruijn Terms The representation of logical syntax in Isabelle/HOL will be based on a polymorphic datatype dbterm of de Bruijn terms. This development follows the example of A. Gordon [Gor94] who constructed a similar theory for the HOL system. The datatype dbterm is independent of ZC and can be used as a foundation for deep embeddings in general. For other HOL representations of terms see [Owe95] and [Von95].
Sequent Style Proof Terms for HOL
"... Abstract. In this work we present proof terms for a Gentzen sequent style presentation of HOL. Existing implementations of proof terms for HOL are natural deduction style systems. Sequent style proof terms have many advantages over natural deduction style proof terms. For example, we can translate p ..."
Abstract
 Add to MetaCart
Abstract. In this work we present proof terms for a Gentzen sequent style presentation of HOL. Existing implementations of proof terms for HOL are natural deduction style systems. Sequent style proof terms have many advantages over natural deduction style proof terms. For example, we can translate proof terms directly into tactics, which we can execute at the tactic level of HOL implementations. We describe several applications of our work, such as an implementation of theory interpretation, and an approach to optimising proof terms by rewriting. 1
Representation and Validation of Mechanically Generated Proofs Final Report
"... Introduction The goal of this project was to demonstrate the feasibility of the independent and trusted validation of the proofs generated by existing theorem provers. Our intention was to design, implement and formally verify a proof checking program for HOL [5] generated proofs. A proof checker ..."
Abstract
 Add to MetaCart
Introduction The goal of this project was to demonstrate the feasibility of the independent and trusted validation of the proofs generated by existing theorem provers. Our intention was to design, implement and formally verify a proof checking program for HOL [5] generated proofs. A proof checker can be much simpler than a full theorem prover such as HOL as it is only concerned with checking existing proofs rather than searching for or generating them. Our work has clearly demonstrated the feasibility of this approach. In particular, the main achievements of the project are as follows. ffl We have developed a computer representation suitable for communicating large, formal, machine generated proofs. ffl We have modified the HOL system to allow primitive inference proofs to be recorded in the above format. ffl We have formalised, within the HOL theorem proving system, theories of higherorder logic, Hilb