## A proof-centric approach to mathematical assistants (2005)

Venue: | Journal of Applied Logic: Special Issue on Mathematics Assistance Systems |

Citations: | 5 - 1 self |

### BibTeX

@ARTICLE{Dixon05aproof-centric,

author = {Lucas Dixon and Jacques Fleuriot},

title = {A proof-centric approach to mathematical assistants},

journal = {Journal of Applied Logic: Special Issue on Mathematics Assistance Systems},

year = {2005},

pages = {35}

}

### OpenURL

### Abstract

We present an approach to mathematical assistants which uses readable, executable proof scripts as the central language for interaction. We examine an implementation that combines the Isar language, the Isabelle theorem prover and the IsaPlanner proof planner. We argue that this synergy provides a flexible environment for the exploration, certification, and presentation of mathematical proof.

### Citations

1278 | Tarski Grothendieck set theory
- Trybulec
- 1990
(Show Context)
Citation Context ...use of a declarative, structured and readable representation. However unlike Isabelle/Isar, which is designed to be generic and extensible, the Mizar system is based on Tarski-Grothendieck set theory =-=[53]-=- and provides a fixed language. The Declare system also expresses proofs in a fixed declarative language but unlike Mizar it aims to be generic enough to be implemented for other proof systems [7]. A ... |

936 | A theory of type polymorphism in progra.mming - Milner - 1978 |

420 | Isabelle: A generic theorem prover
- Paulson
- 1994
(Show Context)
Citation Context ...ctive theorem provers to verify their soundness, and proof planners to automate their generation and aid proof-exploration. These are implemented in the Isar language [1], the Isabelle theorem prover =-=[2]-=-, and the IsaPlanner proof planner [3], respectively. We argue that the central requirement of proof-centred mathematical assistants does not lie in more powerful automation, but in automation that le... |

265 | The use of explicit plans to guide inductive proofs
- Bundy
- 1988
(Show Context)
Citation Context ...to address using proof planning. 93.3 Proof Planning: IsaPlanner Proof planning is a paradigm for proof automation that focuses on providing mechanisms for encoding heuristic and meta-level guidance =-=[18,19]-=-. It tries to capture common patterns of reasoning for families of similar proofs in terms of objects that we shall call reasoning techniques. Proof planning involves searching through the ways that t... |

142 | The principal type-scheme of an object in combinatory logic - Hindley - 1969 |

97 | Productive use of failure in inductive proof
- Ireland, Bundy
- 1995
(Show Context)
Citation Context ...evel of proof scripts provides proof planning with more information than is available to Isabelle’s tactics. This allows the enncoding of techniques, such as Ireland’s induction revision proof critic =-=[12]-=-, that cannot be expressed as Isabelle tactics. It also allows the interactive use of proof critics [13] to perform modifications to a proof plan, and opens up the possibility for a notion of proof by... |

92 | The zipper
- Huet
- 1997
(Show Context)
Citation Context ...lanning to be added without having to modify any existing proof tools. We make use of Huet’s zippers for tree representation and manipulation to provide an efficient tool for working with proof plans =-=[45]-=-. This is particularly useful as the most common operation on proof plans is a modification to gaps, expressed in leaf nodes of the proof plan. In order to allow proof planning techniques to annotate ... |

82 | An overview of the MIZAR project
- Rudnicki
- 1992
(Show Context)
Citation Context ...pproach This approach aims to support the interaction with and development of declarative, intelligible, and machine checkable proof. Such a representation of proof was initiated by the Mizar project =-=[4]-=- and several similar approaches to expressing proof have since been developed [1,5–10]. The main additions to Mizar’s approach have been to make the proof language: • generic in the sense of being ind... |

81 | Isar — a generic interpretative approach to readable formal proof documents
- Wenzel
- 1999
(Show Context)
Citation Context ...xts to present the proofs, interactive theorem provers to verify their soundness, and proof planners to automate their generation and aid proof-exploration. These are implemented in the Isar language =-=[1]-=-, the Isabelle theorem prover [2], and the IsaPlanner proof planner [3], respectively. We argue that the central requirement of proof-centred mathematical assistants does not lie in more powerful auto... |

70 | Type classes and overloading in higher-order logic
- Wenzel
- 1997
(Show Context)
Citation Context ...ed in this manner. Higher order unification then allows proof tools to match polymorphic theorems to any instance of the general type. Modularity is also provided by Isabelle’s axiomatic type classes =-=[28]-=-. These allow classes of types to be defined in terms of basic properties that hold for the class. From these, theorems can be proved about the objects within the type-class. Isabelle’s unification su... |

58 | System description: proof planning in higher-order logic with Lambda-Clam
- Richardson, Smaill, et al.
- 1998
(Show Context)
Citation Context ...d to combine existing techniques. However, it also supports constructs that cannot be expressed within most tactic languages, including that of Isabelle, or within other proof planners, such as λClam =-=[23]-=-. Such constructs include MAP and 10FOLD which apply functions over the lazily evaluated search space. By using reference variables, these can also support the sharing of information between both or ... |

58 |
eds.): Introduction to HOL: a theorem proving environment for higher order logic
- Gordon, Melham
- 1993
(Show Context)
Citation Context ...derlying representation. Tactic-Script Based Proof Assistants Tactic based interactive proof assistants provide support for the development of proof-checked mathematics. Systems such as Coq [57], HOL =-=[58]-=- and PVS [59], which employ procedural proof scripts as the primary means for interaction, support the exploration of proof through the application of tactics. However, the resulting proof scripts bea... |

53 | Proof-Planning with multiple strategies
- Meier
- 2003
(Show Context)
Citation Context ...nductively defined sets, inductive datatypes, types as sets, extensible records as well as the usual mechanisms for defining functions and types. One important feature of proof planners such as Omega =-=[17]-=- is their use of external tools to provide additional calculational and proof support. This raises the question of how to integrate external systems into a proof-centred mathematical assistant. This i... |

43 |
Rippling: Meta-level Guidance for Mathematical Reasoning
- Bundy, Basin, et al.
- 2005
(Show Context)
Citation Context ...interleaved with the proof plan’s execution and supports use of the powerful tactics already available in Isabelle. This has been used to develop an efficient implementation of the rippling technique =-=[21,22]-=-. This version of rippling has been combined with induction, lemma calculation, and a generalisation critic. This combination provides Isabelle with a powerful tool for inductive theorem proving that ... |

41 | Issues in the development of human-computer mixed-initiative planning
- Burstein, McDermott
- 1996
(Show Context)
Citation Context ...failure without showing the user the correct suggested conjecture. More generally, the problem of managing the 20user interaction with planning is examined by approaches to mixed initiative planning =-=[42]-=-. Returning to the above example, if the needed lemma is manually proved and supplied to rippling then the proof can be done fully automatically. By exploring the techniques unfolding we have explored... |

40 | Random testing in Isabelle/HOL
- Berghofer, Nipkow
- 2004
(Show Context)
Citation Context ... to prove than expected; for example because a lemma is needed. When the conjecture is 16trivially false, our proof assistant should be able to identify this. For example, Isabelle’s quickcheck tool =-=[39]-=- can be employed by IsaPlanner to prune false conjectures. 7.1 A Hierarchy for Proof Tools’ Behaviour Generally, we argue for focusing on making proof tools exhibit better behaviour, especially when i... |

38 | A Generic Tableau Prover and its Integration with Isabelle
- Paulson
- 1999
(Show Context)
Citation Context ...eorems. The user can customise its behaviour by temporarily or permanently adding theorems to the simplification set. Other generic automatic tactics provided by Isabelle include a classical reasoner =-=[15,16]-=- and the automatic tactic which attempts to prove all subgoals by a combination of simplification and classical reasoning. Another important requirement for practical theory development is the need fo... |

38 | Locales and locale expressions in Isabelle/Isar
- Ballarin
(Show Context)
Citation Context ...ly, type classes are limited in their expressivity. For instance, they can only be dependent on a single type variable. Isabelle’s Locales provide another infrastructure for modular proof development =-=[29]-=- that is more expressive than type classes. This supports modularity using Isabelle’s meta-logic in terms of parameters, that correspond to abstract constants, which are fixed over a collection of ass... |

37 | Towards an Evolutionary Formal Software Development Using Casl
- Autexier, Hutter, et al.
- 2000
(Show Context)
Citation Context ...d lookup is still needed. Another issue of of importance to the management of mathematical knowledge, especially when modifying existing theories, is the tracking of dependencies. Autexier and Hutter =-=[37]-=- describe an approach to the management of change in software verification. Such tools can also be useful to the identification of dependencies that are otherwise hidden by proof tools. We believe tha... |

33 | Order-sorted polymorphism in Isabelle - Nipkow - 1993 |

30 | Human-readable machine-verifiable proofs for teaching constructive logic - Abel, Chang, et al. - 2001 |

27 | A Mizar Mode for HOL - Harrison - 1996 |

22 |
Declarative Theorem Proving for Operational Semantics
- Syme
- 1998
(Show Context)
Citation Context ...oped [1,5–10]. The main additions to Mizar’s approach have been to make the proof language: • generic in the sense of being independent of the underlying logic, as implemented in Isar [1] and Declare =-=[7]-=-, • extensible in order to support the theory level additions to the basic proof language, as implemented in Isar [1] and SPL [5], • support underspecification, such as missing steps in a proof. This ... |

19 | The HOL logic extended with quantification over type variables
- Melham
- 1993
(Show Context)
Citation Context ...modularity using locales is not exactly equivalent to the use of axioms. One solution to regain this equivalence is to extend higher order logic with quantification over types, as described by Melham =-=[34]-=-. Recently, Johnsen and Luth have used Isabelle’s proof terms to provide a more expressive form of modularity than Isabelle’s Locales and which effectively allows modularity involving type variables [... |

15 | Assertion-level proof representation with under-specification
- Autexier, Benzmüller, et al.
(Show Context)
Citation Context ...[1] and SPL [5], • support underspecification, such as missing steps in a proof. This has been described by Wiedijk’s as a notion of proof-sketches [11], and by Autexier et al. as under specification =-=[6]-=-. 2Proof Planner Technique Developer An Encoded Reasoning Technique Writing/Encoding Reasoning Techniques Proof Planning Proof Planning Commands Mathematician Theorem Prover Proof Plan / Isar Proof S... |

15 |
Proof development in OMEGA: The irrationality of square root of 2
- Siekmann, Benzmuller, et al.
- 2003
(Show Context)
Citation Context ...e declarative proof scripts, as suggested by Syme [54]. 27Proof Planners Another closely related system is the Omega system which employs proof planning and aims to assist main stream mathematicians =-=[55,56]-=-. As mentioned earlier, Omega focuses on connecting and integrating external proof tools. It also provides a customised interface for interacting with the system and tools to support using it as an ed... |

14 | System description: Tps: A theorem proving system for type theory
- Andrews, Bishop, et al.
- 2000
(Show Context)
Citation Context ...he TPS system. This uses Church’s typed λcalculus as its underlying language for checking proofs but provides the user with a natural deduction based presentation and interface to working with proofs =-=[63,64]-=-. This makes the individual proof steps readable but does not allow a mathematical textbook-like presentation. In particular, 29it hides the structure of the proof and gives little flexibility in ter... |

13 | A Proof Planning Framework for Isabelle
- Dixon
(Show Context)
Citation Context ...sentation of a tactic tree that can be executed in a theorem prover to derive a fully formal proof. IsaPlanner is a generic proof planner for Isabelle that expresses proof plans as Isar proof scripts =-=[3,20]-=-. This allows the proof planning process to be interleaved with the proof plan’s execution and supports use of the powerful tactics already available in Isabelle. This has been used to develop an effi... |

13 | Modular reasoning in Isabelle
- Kammüller
- 2000
(Show Context)
Citation Context ...lle’s meta-logic, and can thus be part of formulae. This allows a certain amount of reasoning about the modules themselves, as was needed for instance in Kammuller’s formalisation of abstract algebra =-=[30]-=-. 13Although Locales provide a powerful tool for modularity and have been extensively used in many formalisations, they are still limited by Isabelle’s inherent lack of support for quantifying over t... |

12 |
User-adaptive proof explanation
- Fiedler
- 2001
(Show Context)
Citation Context ...f steps is because the proofs found by automatic methods, such as resolution, are generally considered unnatural. Although there have been attempts at dealing with such issues, such as Fiedler’s work =-=[38]-=-, generally, it is not clear that such proofs can be described in a concise and clear fashion. Unfortunately, the same tools often still fail to solve problems that the user considers trivial. This sh... |

11 |
I.: A query language for a metadata framework about mathematical resources
- Guidi, Schena
- 2003
(Show Context)
Citation Context ...ments as well as HTML files to support examining previously formalised theories. Semantic markup adds additional information to mathematical objects which can then be used for search and presentation =-=[36]-=-. A trivial example of such markup is the distinction between lemmas, theorems and corollaries. In general, semantic markup provides the most sophisticated approach to mathematical knowledge managemen... |

10 | TAS and IsaWin: Tools for transformational program developkment and theorem proving
- Lüth, Tej, et al.
- 1999
(Show Context)
Citation Context ...dow showing the proof system’s open goals, thus simplifying the interface. The IsaWin system is a graphical interface for Isabelle that provides an abstract visual presentation for theory development =-=[47]-=-. While it has helpful features such as proof by pointing, it lacks the sophisticated management of proof scripts. Aspinall and Lüth have recently proposed combining aspects of IsaWin with Proof gener... |

10 | DECLARE: A prototype declarative proof system for higher order logic
- Syme
- 1997
(Show Context)
Citation Context ...ncounters errors in the syntax. Our approach can be seen as an extension of this paradigm which tries to ease and automate the process of writing these declarative proof scripts, as suggested by Syme =-=[54]-=-. 27Proof Planners Another closely related system is the Omega system which employs proof planning and aims to assist main stream mathematicians [55,56]. As mentioned earlier, Omega focuses on connec... |

9 |
The Dynamic Creation of Induction Rules Using Proof Planning
- GOW
- 2004
(Show Context)
Citation Context ...epresents a kind of proof by analogy. Similarly, proof planning can be used to modify proof scripts by applying proof critics. For example, an implementation of the induction critics described by Gow =-=[44]-=- might change the variable on which induction is being applied. We have not yet implemented techniques that construct analogous proofs as needed to modify the style of a proof script. The main difficu... |

9 |
der Hoeven, “GNU TeXmacs: A free, structured, wysiwyg and technical text editor”, in “Le document au XXI-ième siècle
- van
(Show Context)
Citation Context ...ment by providing a suitable scripting language for the automatic formation and derivation of proof scripts. Recently, the TeXmacs tool has been used to provide interfaces to computer algebra systems =-=[49,50]-=- as well as proof assistants such as Coq [51]. This is a particularly interesting opportunity for mathematical assistants since TeXmacs provides a WYSIWYG typesetting environment that can interact wit... |

8 |
A science of reasoning, in: Computational Logic: Essays in Honour of Alan
- Bundy
- 1990
(Show Context)
Citation Context ...to address using proof planning. 93.3 Proof Planning: IsaPlanner Proof planning is a paradigm for proof automation that focuses on providing mechanisms for encoding heuristic and meta-level guidance =-=[18,19]-=-. It tries to capture common patterns of reasoning for families of similar proofs in terms of objects that we shall call reasoning techniques. Proof planning involves searching through the ways that t... |

8 | Theorem reuse by proof term transformation
- Johnsen, Lüth
- 2004
(Show Context)
Citation Context ...]. Recently, Johnsen and Luth have used Isabelle’s proof terms to provide a more expressive form of modularity than Isabelle’s Locales and which effectively allows modularity involving type variables =-=[35]-=-. This is a promising approach to modularity, although it requires the generation of the full proof terms and is not currently integrated into Isabelle. While these various mechanisms provide tools fo... |

7 |
On the Readability of Machine Checkable Formal Proofs
- Zammit
- 1999
(Show Context)
Citation Context ...endent of the underlying logic, as implemented in Isar [1] and Declare [7], • extensible in order to support the theory level additions to the basic proof language, as implemented in Isar [1] and SPL =-=[5]-=-, • support underspecification, such as missing steps in a proof. This has been described by Wiedijk’s as a notion of proof-sketches [11], and by Autexier et al. as under specification [6]. 2Proof Pl... |

7 | Interactive proof critics
- Ireland, Jackson, et al.
- 1999
(Show Context)
Citation Context ...ics. This allows the enncoding of techniques, such as Ireland’s induction revision proof critic [12], that cannot be expressed as Isabelle tactics. It also allows the interactive use of proof critics =-=[13]-=- to perform modifications to a proof plan, and opens up the possibility for a notion of proof by analogy to another proof script. In summary, this presents a novel approach to interactive proof planni... |

6 |
A Combination of Geometry Theorem Proving and Nonstandard Analysis, with Application to Newton’s Principia
- Fleuriot
- 2001
(Show Context)
Citation Context ...developed as conservative extensions of the object logic, which avoids introducing new axioms that otherwise weaken the guarantees of consistency. It includes developments within nonstandard analysis =-=[24]-=-, a formalisation of Hilbert’s axioms for geometry [25], and mechanisations of topology and vector spaces [26], among many other [27]. Recently, Isabelle has also successfully imported all the theorie... |

6 |
Proof General meets IsaWin
- Aspinall, Lüth
- 2003
(Show Context)
Citation Context ...hile it has helpful features such as proof by pointing, it lacks the sophisticated management of proof scripts. Aspinall and Lüth have recently proposed combining aspects of IsaWin with Proof general =-=[48]-=-. Our approach fits in with such a development by providing a suitable scripting language for the automatic formation and derivation of proof scripts. Recently, the TeXmacs tool has been used to provi... |

5 |
ISAPLANNER: A Prototype Proof Planner
- DIXON, FLEURIOT
- 2003
(Show Context)
Citation Context ...soundness, and proof planners to automate their generation and aid proof-exploration. These are implemented in the Isar language [1], the Isabelle theorem prover [2], and the IsaPlanner proof planner =-=[3]-=-, respectively. We argue that the central requirement of proof-centred mathematical assistants does not lie in more powerful automation, but in automation that leaves the user with a readable proof st... |

3 |
The AGDA Proof System Homepage
- Coquand
- 1998
(Show Context)
Citation Context ...ication based on an LCF kernel. Proof-Term Based Interactive Proof Assistants The Agda system presents the user directly with the proof term which they incrementally fill in to meet the specification =-=[62]-=-. This is similar in style to the approach we have presented, in that the user is working directly with a representation of the proof. However, large proof attempts in Agda can easily become unreadabl... |

2 |
Interactive and hierarchical tracing of techniques
- Dixon
(Show Context)
Citation Context ...se. 8.1 Tracing Proof Attempts Beyond the constructs in the technique language, we provide a tool to trace through IsaPlanner’s reasoning states to aid the development and introspection of techniques =-=[43]-=-. This tool allows the user to manually explore the or-branches in the search space and interact with the technique. Because the techniques are structured in a hierarchical manner, the user can also c... |

2 |
der Hoeven, Gnu TeXmacs, http://www.texmacs.org
- van
- 1998
(Show Context)
Citation Context ...ment by providing a suitable scripting language for the automatic formation and derivation of proof scripts. Recently, the TeXmacs tool has been used to provide interfaces to computer algebra systems =-=[49,50]-=- as well as proof assistants such as Coq [51]. This is a particularly interesting opportunity for mathematical assistants since TeXmacs provides a WYSIWYG typesetting environment that can interact wit... |

1 | Mizar light for HOL - Weidijk - 2001 |

1 |
Generic automatic proof tools, in: R. Veroff (Ed.), Automated Reasoning and Its Applications
- Paulson
- 1997
(Show Context)
Citation Context ...eorems. The user can customise its behaviour by temporarily or permanently adding theorems to the simplification set. Other generic automatic tactics provided by Isabelle include a classical reasoner =-=[15,16]-=- and the automatic tactic which attempts to prove all subgoals by a combination of simplification and classical reasoning. Another important requirement for practical theory development is the need fo... |

1 |
Higher order rippling
- Dixon, Fleuriot
(Show Context)
Citation Context ...interleaved with the proof plan’s execution and supports use of the powerful tactics already available in Isabelle. This has been used to develop an efficient implementation of the rippling technique =-=[21,22]-=-. This version of rippling has been combined with induction, lemma calculation, and a generalisation critic. This combination provides Isabelle with a powerful tool for inductive theorem proving that ... |

1 |
Formalizing Hilbert’s Grundlagen
- Meikle, Fleuriot
(Show Context)
Citation Context ...c, which avoids introducing new axioms that otherwise weaken the guarantees of consistency. It includes developments within nonstandard analysis [24], a formalisation of Hilbert’s axioms for geometry =-=[25]-=-, and mechanisations of topology and vector spaces [26], among many other [27]. Recently, Isabelle has also successfully imported all the theories from the HOL system. While the theories of Isabelle/H... |

1 | An idealistic formalization of Stokes’ theorem: Pedagogical math in Isabelle/Isar
- Laumann
- 2004
(Show Context)
Citation Context ...eaken the guarantees of consistency. It includes developments within nonstandard analysis [24], a formalisation of Hilbert’s axioms for geometry [25], and mechanisations of topology and vector spaces =-=[26]-=-, among many other [27]. Recently, Isabelle has also successfully imported all the theories from the HOL system. While the theories of Isabelle/HOL are large with respect to most systems, and are stil... |