Results 11 
19 of
19
Regaining Cut Admissibility in Deduction Modulo using Abstract Completion
, 2009
"... Deduction modulo is a way to combine computation and deduction in proofs, by applying the inference rules of a deductive system (e.g. natural deduction or sequent calculus) modulo some congruence that we assume here to be presented by a set of rewrite rules. Using deduction modulo is equivalent to p ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
Deduction modulo is a way to combine computation and deduction in proofs, by applying the inference rules of a deductive system (e.g. natural deduction or sequent calculus) modulo some congruence that we assume here to be presented by a set of rewrite rules. Using deduction modulo is equivalent to proving in a theory corresponding to the rewrite rules, and leads to proofs that are often shorter and more readable. However, cuts may be not admissible anymore. We define a new system, the unfolding sequent calculus, and prove its equivalence with the sequent calculus modulo, especially w.r.t. cutfree proofs. It permits to show that it is even undecidable to know if cuts can be eliminated in the sequent calculus modulo a given rewrite system. Then, to recover the cut admissibility, we propose a procedure to complete the rewrite system such that the sequent calculus modulo the resulting system admits cuts. This is done by generalizing the KnuthBendix completion in a nontrivial way, using the framework of abstract canonical systems. These
Type Theory with FirstOrder Data Types and SizeChange Termination
, 2004
"... We prove normalization for a dependently typed lambdacalculus extended with firstorder data types and computation schemata for firstorder sizechange terminating recursive functions. Sizechange termination, introduced by C.S. Lee, N.D. Jones and A.M. BenAmram, can be seen as a generalized form ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We prove normalization for a dependently typed lambdacalculus extended with firstorder data types and computation schemata for firstorder sizechange terminating recursive functions. Sizechange termination, introduced by C.S. Lee, N.D. Jones and A.M. BenAmram, can be seen as a generalized form of structural induction, which allows inductive computations and proofs to be defined in a straightforward manner. The language can be used as a proof system—an extension of MartinLöf’s Logical Framework.
Mechanized quantifier elimination for linear realarithmetic in Isabelle/HOL
"... Abstract. We integrate Ferrante and Rackoff’s quantifier elimination procedure for linear real arithmetic in Isabelle/HOL in two manners: (a) tacticstyle, i.e. for every problem instance a proof is generated by invoking a series of inference rules, and (b) reflection, where the whole algorithm is i ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Abstract. We integrate Ferrante and Rackoff’s quantifier elimination procedure for linear real arithmetic in Isabelle/HOL in two manners: (a) tacticstyle, i.e. for every problem instance a proof is generated by invoking a series of inference rules, and (b) reflection, where the whole algorithm is implemented and verified within Isabelle/HOL. We discuss the performance obtained for both integrations. 1
Checking foundational proof certificates for firstorder logic
"... We present the design philosophy of a proof checker based on a notion of foundational proof certificates. This checker provides a semantics of proof evidence using recent advances in the theory of proofs for classical and intuitionistic logic. That semantics is then performed by a (higherorder) log ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
We present the design philosophy of a proof checker based on a notion of foundational proof certificates. This checker provides a semantics of proof evidence using recent advances in the theory of proofs for classical and intuitionistic logic. That semantics is then performed by a (higherorder) logic program: successful performance means that a formal proof of a theorem has been found. We describe how the λProlog programming language provides several features that help guarantee such a soundness claim. Some of these features (such as strong typing, abstract datatypes, and higherorder programming) were features of the ML programming language when it was first proposed as a proof checker for LCF. Other features of λProlog (such as support for bindings, substitution, and backtracking search) turn out to be equally important for describing and checking the proof evidence encoded in proof certificates. Since trusting our proof checker requires trusting a programming language implementation, we discuss various avenues for enhancing one’s trust of such a checker. 1
Theorem Proving Modulo Based on Boolean Equational Procedures
, 2007
"... The moral of my story is that if we treat our formalisms with the care and respect that we pay to our other subtle artifacts, our care and respect will be more than rewarded. Calculemus! E.W. Dijkstra, “How computer science created a new mathematical style” EWD1073. II Table of Contents ..."
Abstract
 Add to MetaCart
The moral of my story is that if we treat our formalisms with the care and respect that we pay to our other subtle artifacts, our care and respect will be more than rewarded. Calculemus! E.W. Dijkstra, “How computer science created a new mathematical style” EWD1073. II Table of Contents
An Open Logical Framework ⋆
"... on the occasion of his 60th birthday Abstract. The LFP Framework is an extension of the HarperHonsellPlotkin’s Edinburgh Logical Framework LF with external predicates, hence the name Open Logical Framework. This is accomplished by defining lock type constructors, which are a sort of ⋄modality con ..."
Abstract
 Add to MetaCart
on the occasion of his 60th birthday Abstract. The LFP Framework is an extension of the HarperHonsellPlotkin’s Edinburgh Logical Framework LF with external predicates, hence the name Open Logical Framework. This is accomplished by defining lock type constructors, which are a sort of ⋄modality constructors, releasing their argument under the condition that a possibly external predicate is satisfied on an appropriate typed judgement. Lock types are defined using the standard pattern of constructive type theory, i.e. via introduction, elimination, and equality rules. Using LFP, one can factor out the complexity of encoding specific features of logical systems which would otherwise be awkwardly encoded in LF, e.g. sideconditions in the application of rules in Modal Logics, and substructural rules, as in noncommutative Linear Logic. The idea of LFP is that these conditions need only to be specified, while their verification can be delegated to an external proof engine, in the style of the Poincaré Principle or Deduction Modulo. Indeed such paradigms can be adequately formalized in LFP. We investigate and characterize the metatheoretical properties of the calculus underpinning LFP: strong normalization, confluence, and subject reduction. This latter property holds under the assumption that the predicates are wellbehaved, i.e. closed under weakening, permutation, substitution, and reduction in the arguments. Moreover, we
Author manuscript, published in "CPP 2011 First International Conference on Certified Proofs and Programs (2011)" A proposal for broad spectrum proof certificates
, 2013
"... Abstract. Recent developments in the theory of focused proof systems provide flexible means for structuring proofs within the sequent calculus. This structuring is organized around the construction of “macro” level inference rules based on the “micro ” inference rules which introduce single logical ..."
Abstract
 Add to MetaCart
Abstract. Recent developments in the theory of focused proof systems provide flexible means for structuring proofs within the sequent calculus. This structuring is organized around the construction of “macro” level inference rules based on the “micro ” inference rules which introduce single logical connectives. After presenting focused proof systems for firstorder classical logics (one with and one without fixed points and equality) we illustrate several examples of proof certificates formats that are derived naturally from the structure of such focused proof systems. In principle, a proof certificate contains two parts: the first part describes how macro rules are defined in terms of micro rules and the second part describes a particular proof object using the macro rules. The first part, which is based on the vocabulary of focused proof systems, describes a collection of macro rules that can be used to directly present the structure of proof evidence captured by a particular class of computational logic systems. While such proof certificates can capture a wide variety of proof structures, a proof checker can remain simple since it must only understand the microrules and the discipline of focusing. Since proofs and proof certificates are often likely to be large, there must be some flexibility in allowing proof certificates to elide subproofs: as a result, proof checkers will necessarily be required to perform (bounded) proof search in order to reconstruct missing subproofs. Thus, proof checkers will need to do unification and restricted backtracking search. 1
A Modular Integration of SAT/SMT Solvers to Coq through Proof Witnesses ⋆
"... Abstract We present a way to enjoy the power of SAT and SMT provers in Coq without compromising soundness. This requires these provers to return not only a yes/no answer, but also a proof witness that can be independently rechecked. We present such a checker, written and fully certified in Coq. It i ..."
Abstract
 Add to MetaCart
Abstract We present a way to enjoy the power of SAT and SMT provers in Coq without compromising soundness. This requires these provers to return not only a yes/no answer, but also a proof witness that can be independently rechecked. We present such a checker, written and fully certified in Coq. It is conceived in a modular way, in order to tame the proofs ’ complexity and to be extendable. It can currently check witnesses from the SAT solver ZChaff and from the SMT solver veriT. Experiments highlight the efficiency of this checker. On top of it, new reflexive Coq tactics have been built that can decide a subset of Coq’s logic by calling external provers and carefully checking their answers. 1