## Faster Proof Checking in the Edinburgh Logical Framework (2002)

Venue: | In 18th International Conference on Automated Deduction |

Citations: | 17 - 3 self |

### BibTeX

@INPROCEEDINGS{Stump02fasterproof,

author = {Aaron Stump and David L. Dill},

title = {Faster Proof Checking in the Edinburgh Logical Framework},

booktitle = {In 18th International Conference on Automated Deduction},

year = {2002},

pages = {392--407},

publisher = {Springer}

}

### Years of Citing Articles

### OpenURL

### Abstract

This paper describes optimizations for checking proofs represented in the Edinburgh Logical Framework (LF). The optimizations allow large proofs to be checked eciently which cannot feasibly be checked using the standard algorithm for LF. The crucial optimization is a form of result caching. To formalize this optimization, a path calculus for LF is developed and shown equivalent to a standard calculus.

### Citations

1125 | Proof carrying code
- Necula
- 1997
(Show Context)
Citation Context ...s valuable (e.g., [23, 4]). Recently, applications like proof-carrying code and proof-carrying authentication have created a new need for proofs that can be eciently veried by a simple proof checker [=-=15, 2]-=-. The Edinburgh Logical Framework (LF) [10] is a widely used meta-language for representing proof systems for these applications. The representation is such that proof checking is reduced to LF type c... |

531 | Lambda-calculi with types
- Barendregt
- 1992
(Show Context)
Citation Context ...m 0 ; x : , then lookup(v; ) equals if v x, and lookup(v; 0 ) otherwise. If is the empty list, then lookup(v; ) is undened. Figure 1 presents a standard calculus for LF (cf. [17], Chapter 5 of [3]). The primary derivable objects are sequents of the form ` X : Y . It is required in all rules that ` Ctx is derivable. Symbols may be bound more than once by in sequents; the lookup function is used... |

317 | System description: Twelf — a meta-logical framework for deductive systems
- Pfenning, Schürmann
- 1999
(Show Context)
Citation Context ...e was handtranslated to remove the extensions, and common subexpressions were pulled out using abbreviations (see Section 4.2); dlx-pc.pure is the result. This example could then be run through Twelf =-=[18] and,-=- with a minor translation, LEGO [14]. 1 Figure 3 gives the results. Entries in the table show time and peak memory usage on a 850MHz Pentium III with 256M of main memory. \all optimizations" is t... |

241 |
Tree Automata Techniques and Applications. Available on: http://www.grappa
- Comon, Dauchet, et al.
- 2007
(Show Context)
Citation Context ...x) " to mean it is not. The domain of denition of e is denoted Def(e). Expressions are formalized as unary partial functions from the set of positions (Denition 2) to a set of symbols (as in, e.g=-=.,-=- [6]). This approach allows expressions and annotations of expressions to be treated uniformly. We assume a countably innite set Sym of symbols (disjoint from ftype; kind; ; ;@g.) Denition 2 (Pos : th... |

177 | Proof-carrying authentication
- Appel, Felten
- 1999
(Show Context)
Citation Context ...s valuable (e.g., [23, 4]). Recently, applications like proof-carrying code and proof-carrying authentication have created a new need for proofs that can be eciently veried by a simple proof checker [=-=15, 2]-=-. The Edinburgh Logical Framework (LF) [10] is a widely used meta-language for representing proof systems for these applications. The representation is such that proof checking is reduced to LF type c... |

150 |
LEGO proof development system: User’s manual
- Luo, Pollack
- 1992
(Show Context)
Citation Context ...ions, and common subexpressions were pulled out using abbreviations (see Section 4.2); dlx-pc.pure is the result. This example could then be run through Twelf [18] and, with a minor translation, LEGO =-=[14]. 1 F-=-igure 3 gives the results. Entries in the table show time and peak memory usage on a 850MHz Pentium III with 256M of main memory. \all optimizations" is thesea proof checker with all the optimiza... |

114 | Cvc: a cooperating validity checker
- Stump, Barrett, et al.
- 2002
(Show Context)
Citation Context ...ely used meta-language for representing proof systems for these applications. The representation is such that proof checking is reduced to LF type checking. The CVC (\a Cooperating Validity Checker&qu=-=ot;) [21-=-] system has the capability to produce proofs in a variant of LF for valid formulas in a quantier-free fragment ofsrst-order logic with background theories. During validity checking, CVC computes valu... |

109 |
An algorithm for testing conversion in type theory
- Coquand
(Show Context)
Citation Context ...cal, not just equivalent; they then use a separate rule of conversion to reclassifysN with type A, if indeed A = A 0 . The test used for equivalence is the term-directed, context-independent one of [=-=7-=-], whose description is omitted here. It should be possible to extend the results to a context-dependent test like that of [11]. I. Classications: (ax) ` v : A A = lookup(v; ) (type) ` type : kind (la... |

88 | On equivalence and canonical forms in the LF type theory
- Harper, Pfenning
- 2005
(Show Context)
Citation Context ...test used for equivalence is the term-directed, context-independent one of [7], whose description is omitted here. It should be possible to extend the results to a context-dependent test like that of [11]. I. Classications: (ax) ` v : A A = lookup(v; ) (type) ` type : kind (lam) ; x : A ` M : B ` x : A: B : ` x : A: M : x : A: B 2 ftype; kindg (app) ` M : x : A: B ` N : A 0 ` (M N) : B[x :... |

65 |
A framework for de logics
- Harper, Honsell, et al.
- 1987
(Show Context)
Citation Context ...ions like proof-carrying code and proof-carrying authentication have created a new need for proofs that can be eciently veried by a simple proof checker [15, 2]. The Edinburgh Logical Framework (LF) [=-=10]-=- is a widely used meta-language for representing proof systems for these applications. The representation is such that proof checking is reduced to LF type checking. The CVC (\a Cooperating Validity C... |

64 | Efcient representation and validation of proofs
- Necula, Lee
- 1998
(Show Context)
Citation Context ...t singly sorted, since unicity of classiers can fail (see Lemma 5.2.21 of [3]). For similar reasons, it is not clear to what extent context-dependent caching can be used in type-checking implicit LF [=-=16-=-] or systems of the Rho Cube [5]. 9 Acknowledgements This work was supported under ARPA/Air Force contract F33615-00-C-1693and NSF contract CCR-9806889. We thank Nikolaj Bjrner and Iliano Cervesato fo... |

38 | editors. Handbook of Automated Reasoning - Robinson, Voronkov - 2001 |

35 | Proof terms for simply typed higher order logic
- Berghofer, Nipkow
- 2000
(Show Context)
Citation Context ...F is developed and shown equivalent to a standard calculus. 1 Introduction The ability for automated reasoning systems to produce easily veriable proofs has been widely recognized as valuable (e.g., [=-=23, 4-=-]). Recently, applications like proof-carrying code and proof-carrying authentication have created a new need for proofs that can be eciently veried by a simple proof checker [15, 2]. The Edinburgh Lo... |

35 | Higher-order rewriting with dependent types
- Virga
- 1999
(Show Context)
Citation Context ... point in the derivation. This sets the stage for reusing computed classiers in Section 4. Similar technical machinery is used in [8]. There is also some resemblance to the marked calculus for LF of [22]. 6 Notation 1 (annotations) Suppose a is an annotation of e 2Exp with Def(a) = f 1 ; : : : ; n g. Then a may be denoted f 1 : a( 1 ); : : : ; n : a(n )g. Figure 2 presents the calculus. The pri... |

31 | The Rho Cube
- Cirstea, Kirchner, et al.
- 2001
(Show Context)
Citation Context ...f classiers can fail (see Lemma 5.2.21 of [3]). For similar reasons, it is not clear to what extent context-dependent caching can be used in type-checking implicit LF [16] or systems of the Rho Cube [=-=5-=-]. 9 Acknowledgements This work was supported under ARPA/Air Force contract F33615-00-C-1693and NSF contract CCR-9806889. We thank Nikolaj Bjrner and Iliano Cervesato for valuable discussion and criti... |

21 | Logical Frameworks - Huet, Plotkin, et al. - 1991 |

10 | A Set Theory with Support for Partial Functions
- Farmer, Guttman
(Show Context)
Citation Context ...breviation. 3.1 Preliminaries The standard set-theoretic notion of partial function is assumed, together with related set-theoretic operations such as union, which will be performed on functions (cf. =-=[9]). -=-For a unary partial function e, we use the notation e(x) # to mean e is dened at x and e(x) " to mean it is not. The domain of denition of e is denoted Def(e). Expressions are formalized as unary... |

10 |
Validation of HOL proofs by proof checking
- Wong
- 1999
(Show Context)
Citation Context ...F is developed and shown equivalent to a standard calculus. 1 Introduction The ability for automated reasoning systems to produce easily veriable proofs has been widely recognized as valuable (e.g., [=-=23, 4-=-]). Recently, applications like proof-carrying code and proof-carrying authentication have created a new need for proofs that can be eciently veried by a simple proof checker [15, 2]. The Edinburgh Lo... |

3 |
Logical Frameworks, chapter XXI
- Pfenning
(Show Context)
Citation Context ...s. If is of the form 0 ; x : , then lookup(v; ) equals if v x, and lookup(v; 0 ) otherwise. If is the empty list, then lookup(v; ) is undened. Figure 1 presents a standard calculus for LF (cf. [17]=-=-=-, Chapter 5 of [3]). The primary derivable objects are sequents of the form ` X : Y . It is required in all rules that ` Ctx is derivable. Symbols may be bound more than once by in sequents; the looku... |

2 |
The Inverse Method, chapter IV
- Degtyarev, Voronkov
- 2001
(Show Context)
Citation Context ... such annotations, we make all computed classiers available at every point in the derivation. This sets the stage for reusing computed classiers in Section 4. Similar technical machinery is used in [8]. There is also some resemblance to the marked calculus for LF of [22]. 6 Notation 1 (annotations) Suppose a is an annotation of e 2Exp with Def(a) = f 1 ; : : : ; n g. Then a may be denoted f 1 : ... |

2 |
Reviewing the classical and the de Bruijn notation for -calculus and pure type systems. Logic and Computation
- Kamareddine
(Show Context)
Citation Context ...timizations of safe substitution are described for the version of LF that uses named variables; this is what is implemented insea. An alternative is to use de Bruijn indices for variables (see, e.g., [13]). The optimization of returning e for e[] without actually applying the substitution in the case where FV (e) \ Def() = ; is still relevant with de Bruijn indices. The denition of FS( x : : M) ... |

1 |
Checking Validities and Proofs with CVC and
- Stump
- 2002
(Show Context)
Citation Context ...ence of the annotation calculus and the standard calculus of Section 2. This result may be proved from three lemmas about the annotation calculus, which are statedsrst. Omitted proofs may be found in =-=[-=-20]. Lemma 1 (monotonicity). Suppose j e ` a is derivable starting from a sequent j e ` a 0 (used as an assumption to which the inference rules are then applied). Then j e ` a [ X is derivable star... |