Results 1  10
of
29
Reasoning Theories  Towards an Architecture for Open Mechanized Reasoning Systems
, 1994
"... : Our ultimate goal is to provide a framework and a methodology which will allow users, and not only system developers, to construct complex reasoning systems by composing existing modules, or to add new modules to existing systems, in a "plug and play" manner. These modules and systems might be ..."
Abstract

Cited by 47 (11 self)
 Add to MetaCart
: Our ultimate goal is to provide a framework and a methodology which will allow users, and not only system developers, to construct complex reasoning systems by composing existing modules, or to add new modules to existing systems, in a "plug and play" manner. These modules and systems might be based on different logics; have different domain models; use different vocabularies and data structures; use different reasoning strategies; and have different interaction capabilities. This paper makes two main contributions towards our goal. First, it proposes a general architecture for a class of reasoning systems called Open Mechanized Reasoning Systems (OMRSs). An OMRS has three components: a reasoning theory component which is the counterpart of the logical notion of formal system, a control component which consists of a set of inference strategies, and an interaction component which provides an OMRS with the capability of interacting with other systems, including OMRSs and hum...
Integrating Automated and Interactive Theorem Proving
, 1998
"... Machine code ((Schellhorn and Ahrendt, 1997) and Chapter III.2.6). We use it as a reference or benchmark. Parts of it are repeated every now and then to evaluate the success of our integration concepts, see Section 7. In realistic applications in software verification, proof attempts are more likel ..."
Abstract

Cited by 32 (8 self)
 Add to MetaCart
Machine code ((Schellhorn and Ahrendt, 1997) and Chapter III.2.6). We use it as a reference or benchmark. Parts of it are repeated every now and then to evaluate the success of our integration concepts, see Section 7. In realistic applications in software verification, proof attempts are more likely to fail than to go through. This is because specifications, programs, I_3_16mod_a.tex; 9/03/1998; 13:09; p.2 INTEGRATED THEOREM PROVING 549 or userdefined lemmas typically are erroneous. Correct versions usually are only obtained after a number of corrections and failed proof attempts. Therefore, the question is not only how to produce powerful theorem provers but also how to integrate proving and error correction. Current research on this and related topics is discussed in Section 8. There are different approaches of combining interactive methods with automated ones. Their relation to our approach is the subject of Section 9. Finally, in Section 10 we draw conclusions. 2. IDENTIFYING ...
NonStandard Analysis in ACL2
, 2001
"... ACL2 refers to a mathematical logic based on applicative Common Lisp, as well as to an automated theorem prover for this logic. The numeric system of ACL2 reflects that of Common Lisp, including the rational and complexrational numbers and excluding the real and complex irrationals. In conjunction ..."
Abstract

Cited by 18 (7 self)
 Add to MetaCart
ACL2 refers to a mathematical logic based on applicative Common Lisp, as well as to an automated theorem prover for this logic. The numeric system of ACL2 reflects that of Common Lisp, including the rational and complexrational numbers and excluding the real and complex irrationals. In conjunction with the arithmetic completion axioms, this numeric type system makes it possible to prove the nonexistence of specific irrational numbers, such as √2. This paper describes ACL2(r), a version of ACL2 with support for the real and complex numbers. The modifications are based on nonstandard analysis, which interacts better with the discrete flavor of ACL2 than does traditional analysis.
A Provably Correct Embedded Verifier for the Certification of Safety . . .
, 1997
"... vframe is one of Ansaldo's software driven vital architectures for safety critical products. This paper describes a project whose result is the development of an "embedded verifier", i.e. a system integrated within vframe and able to certify the correctness of one of vframe components, a compiler. ..."
Abstract

Cited by 14 (1 self)
 Add to MetaCart
vframe is one of Ansaldo's software driven vital architectures for safety critical products. This paper describes a project whose result is the development of an "embedded verifier", i.e. a system integrated within vframe and able to certify the correctness of one of vframe components, a compiler. The embedded verifier satisfies two precise requirements. First, the compiler must be certified in a fully automatic and efficient way. Second, the embedded verifier must be itself certified, in a way which can be easily understood and validated by end users.
Comparing Verification Systems: Interactive Consistency in ACL2
 PROCEEDINGS OF 11TH ANNUAL CONFERENCE ON COMPUTER ASSURANCE
, 1996
"... Achieving interactive consistency among processors in the presence of faults is an important problem in fault tolerant computing, first cleanly formulated by Lamport, Pease and Shostak and solved in selected cases with their Oral Messages (OM) Algorithm. Several machinesupported verifications of th ..."
Abstract

Cited by 13 (0 self)
 Add to MetaCart
Achieving interactive consistency among processors in the presence of faults is an important problem in fault tolerant computing, first cleanly formulated by Lamport, Pease and Shostak and solved in selected cases with their Oral Messages (OM) Algorithm. Several machinesupported verifications of this algorithm have been presented, including a particularly elegant formulation and proof by John Rushby using EHDM and PVS. Rushby proposes interactive consistency as a benchmark problem for specification and verification systems. We present a formalization of the OM algorithm in the ACL2 logic and compare our formalization and proof to his. We draw some conclusions concerning the range of desirable features for verification systems. In particular, while higherorder functions, strong typing, lambda abstraction and full quantification have some value they come with a cost; moreover, many uses of such feature can be easily translated into simpler logical constructs which facilitate more autom...
Rigorous Compiler Implementation Correctness: How to Prove the Real Thing Correct
 Applied Formal Methods  FMTrends 98, volume 1641 of Lecture Notes in Computer Science
, 1997
"... We give a comprehensive technical overview of our work on rigorous verification of compiling specification and compiler implementation of an initial correct binary compiler executable. We will concentrate on implementation verification. Machine program correctness is proved by a special bootstrappin ..."
Abstract

Cited by 11 (9 self)
 Add to MetaCart
We give a comprehensive technical overview of our work on rigorous verification of compiling specification and compiler implementation of an initial correct binary compiler executable. We will concentrate on implementation verification. Machine program correctness is proved by a special bootstrapping technique with a posteriori code inspection. Our contribution is to perform this work for compilers and, hence, to relieve the application programmer's burden to prove implementation correctness again and again, as this is done today for safety and security critical applications. Once our work has been finished conscientiously and is accepted to reach sucient mathematical certainty, compilers may be used for proved correct program implementation, safely in the sense that every result a target program execution returns is guaranteed to be correct with respect to the source program semantics.
A Precise Description of the ACL2 Logic
 Department of Computer Sciences, University of Texas at Austin
, 1998
"... The ACL2 logic is a firstorder, essentially quantifierfree logic of total recursive functions providing mathematical induction and several extension principles, including symbol package definition and recursive function definition. In this document we describe the logic more precisely. 1 Backgroun ..."
Abstract

Cited by 11 (4 self)
 Add to MetaCart
The ACL2 logic is a firstorder, essentially quantifierfree logic of total recursive functions providing mathematical induction and several extension principles, including symbol package definition and recursive function definition. In this document we describe the logic more precisely. 1 Background Naively speaking, a mathematical logic is given by a formal language, some axioms in that language, and some rules of inference that permit one to derive new formulas, called "theorems," from those axioms. To "prove" a theorem one shows how to derive it from the axioms using the rules of inference. This game is very challenging. Even for very simple sets of axioms and rules, the resulting theorems are often nonobvious. What prevents logic from being merely an academic game is that, like most of mathematics, it can be related to our ordinary experience. In particular, it is often possible to give meaning to the formulas in such a way that the axioms are all accepted as truths and the rule...
Towards Rigorous Compiler Implementation Verification
 Proc. of the 1997 Workshop on Programming Languages and Fundamentals of Programming
, 1998
"... This paper sketches a rigorous correctness proof of a compiler executable. We will emphasize the central role of partial program correctness and its preservation, which captures the intuitive correctness requirements for transformational programs and in particular for compilers on real machines. Alt ..."
Abstract

Cited by 10 (1 self)
 Add to MetaCart
This paper sketches a rigorous correctness proof of a compiler executable. We will emphasize the central role of partial program correctness and its preservation, which captures the intuitive correctness requirements for transformational programs and in particular for compilers on real machines. Although often left out of sight, implementation verification is definitely necessary, not only but also for compilers. We will show that a rigorous compiler correctness proof also for the final binary compiler machine program is possible and feasible. Verified compiler implementations guarantee correctness properties for generated executable program implementations; we need them, not only in safety critical systems, but also for security in e.g. network computing.
Defthms about zip and tie: Reasoning about powerlists in ACL2
 Univ. of Texas Comp. Sci. Tech. Rep
, 1997
"... In [Mis94], Misra introduced the powerlist data structure, which is well suited to express recursive, dataparallel algorithms. Moreover, Misra and other researchers have shown how powerlists can be used to prove the correctness of several algorithms. This success has encouraged some researchers to ..."
Abstract

Cited by 8 (3 self)
 Add to MetaCart
In [Mis94], Misra introduced the powerlist data structure, which is well suited to express recursive, dataparallel algorithms. Moreover, Misra and other researchers have shown how powerlists can be used to prove the correctness of several algorithms. This success has encouraged some researchers to pursue automated proofs of theorems about powerlists[Kap97, KS95a, KS95b]. In this paper, we show how ACL2 can be used to verify theorems about powerlists. We depart from previous approaches in two significant ways. First, the powerlists we use are not the regular structures defined by Misra; that is, we do not require powerlists to be balanced trees. As we will see, this complicates some of the proofs, but on the other hand it allows us to state theorems that are otherwise beyond the language of powerlists. Second, we wish to prove the correctness of powerlist algorithms as much as possible within the logic of powerlists. Previous approaches have relied
Integrating External Deduction Tools with ACL2
 Sutcliffe (Eds.), Proceedings of the 6th International Workshop on Implementation of Logics (IWIL 2006
, 2006
"... We present an interface connecting the ACL2 theorem prover with external deduction tools. The logic of ACL2 contains several constructs intended to facilitate structuring of interactive proof development, which complicates the design of such an interface. We discuss some of these complexities and de ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
We present an interface connecting the ACL2 theorem prover with external deduction tools. The logic of ACL2 contains several constructs intended to facilitate structuring of interactive proof development, which complicates the design of such an interface. We discuss some of these complexities and develop a precise specification of the requirements from external tools for sound connection with ACL2. We also develop constructs within ACL2 to enable the developers of external tools to satisfy our specifications. 1