## Extending the HOL theorem prover with a Computer Algebra System to Reason about the Reals (1993)

### Cached

### Download Links

- [www.cl.cam.ac.uk]
- [www.cl.cam.ac.uk]
- [www.cl.cam.ac.uk]
- DBLP

### Other Repositories/Bibliography

Venue: | Higher Order Logic Theorem Proving and its Applications (HUG `93 |

Citations: | 33 - 4 self |

### BibTeX

@INPROCEEDINGS{Harrison93extendingthe,

author = {John Harrison},

title = {Extending the HOL theorem prover with a Computer Algebra System to Reason about the Reals},

booktitle = {Higher Order Logic Theorem Proving and its Applications (HUG `93},

year = {1993},

pages = {174--184},

publisher = {Springer Verlag}

}

### OpenURL

### Abstract

In this paper we describe an environment for reasoning about the reals which combines the rigour of a theorem prover with the power of a computer algebra system. 1 Introduction Computer theorem provers are a topic of research interest in their own right. However much of their popularity stems from their application in computeraided verification, i.e. proving that designs of electronic or computer systems, programs, protocols and crypto-systems satisfy certain properties. Such proofs, as compared with the proofs one finds in mathematics books, usually involve less sophisticated central ideas, but contain far more technical Supported by the Science and Engineering Research Council, UK. y Supported by SERC grant GR/G 33837 and a grant from DSTO Australia. details and therefore tend to be much more difficult for humans to write or check without making mistakes. Hence it is appealing to let computers help. Some fundamental mathematical theories, such as arithmetic, are usually requi...

### Citations

39 | CAS/PI: A Portable and extensible interface for computer algebra systems
- Kajler
- 1992
(Show Context)
Citation Context ...ch specialize in different areas. In order to make the best features of these different CASs available inside HOL, a possible extension is to handle multiple connection via an auction mechanism as in =-=[14]-=-. In that system, all the requests are sent simultaneously to different CASs and then the auction mechanism is applied to select the best of all the answers. This extension and an alternative connecti... |

39 |
Generalized ordinary differential equations and continious dependence on a parameter
- Kurzweil
- 1957
(Show Context)
Citation Context ...y it was observed that a simple modification of the Riemann limit process could give an integral equivalent to the Denjoy and Perron integrals. This seems to have first been made explicit by Kurzweil =-=[17]-=-, but its later development, in particular the proof of Lebesgue-type convergence theorems, was mainly due to Henstock [11]. It is known as the `Kurzweil-Henstock gauge integral' or simply `gauge inte... |

27 |
The General Theory of Integration
- Henstock
- 1991
(Show Context)
Citation Context ...is integral following the terminology given in [18] and note some results that have already been proved in HOL. An fuller introduction may be found in the undergraduate textbook [8] or the definitive =-=[12]-=-. The limiting process involved in the gauge integral seems rather obscure at first sight, but the intuition can be seen quite clearly if we consider integrating a derivative. Suppose f is differentia... |

27 |
A System for doing Mathematics by Computer”, Addison-Wesley,ISBN 0-201-51502-4 σ x, n (m m 2
- Wolfram, ”Mathematica
(Show Context)
Citation Context ...se, they implement some extremely complicated algorithms to get their results, and it would be surprising if there were no bugs. For example Maple [6] evaluates R 1 \Gamma1 p x 2 dx to 0. Mathematica =-=[21]-=- gets this integral right and returns 1, but it returns 0 when given R 1 \Gamma1 1 p x 2 dx, forgetting the singularity at 0. Computer theorem provers can offer much greater reliability; this is parti... |

26 |
Introduction to Real Analysis
- Depree, Swartz
- 1988
(Show Context)
Citation Context ...f the definition of this integral following the terminology given in [18] and note some results that have already been proved in HOL. An fuller introduction may be found in the undergraduate textbook =-=[8]-=- or the definitive [12]. The limiting process involved in the gauge integral seems rather obscure at first sight, but the intuition can be seen quite clearly if we consider integrating a derivative. S... |

22 |
a private communication
- Gordon, Luecke
(Show Context)
Citation Context ...then the theorem prover has to accept the theorem ` A = B. Implementing this solution in HOL violates the usual strict principle of deriving all theorems from the axioms. However a technique given in =-=[9]-=- can be applied to get around this problem. This technique consists in defining a constant CAS logically equivalent to false. With this constant, it is then possible to produce theorems of the form CA... |

18 |
A Tutorial Introduction to MAPLE
- Char, Fee, et al.
- 1986
(Show Context)
Citation Context ... which are not always rigorously justified. In any case, they implement some extremely complicated algorithms to get their results, and it would be surprising if there were no bugs. For example Maple =-=[6]-=- evaluates R 1 \Gamma1 p x 2 dx to 0. Mathematica [21] gets this integral right and returns 1, but it returns 0 when given R 1 \Gamma1 1 p x 2 dx, forgetting the singularity at 0. Computer theorem pro... |

16 | Integrated software components: A paradigm for control integration
- Clément, Montagnac, et al.
- 1991
(Show Context)
Citation Context ... term representation to the CAS one is then straightforward and involves mostly minor syntactic modifications. The actual implementation of the link between HOL and the CAS follows the lines given in =-=[5]-=- and can be depicted by the following drawing: HOL BRIDGE Request Answer Request Answer CAS The organization involves three different processes: HOL, the CAS and a bridge. The communication between th... |

14 |
Constructing the real numbers
- Harrison
- 1994
(Show Context)
Citation Context ...tures, and the characterizing `axioms' are derived by formal proof. For example, the real numbers have been constructed in HOL using a version of Dedekind's construction; a brief overview is given in =-=[10]-=-, which sketches the procedure and discusses some significant parts of elementary analysis, including differentiation. Here we concentrate on the extension of this work to include integration, which w... |

6 |
A two-level formal verification methodology using HOL and COSMOS
- Seger, Joyce
- 1991
(Show Context)
Citation Context ...cure because a determined user may create any theorem with the assumption CAS. This sort of pragmatic approach has already been used to delegate some low-level parts of hardware proofs to other tools =-=[20]-=-. The second is primarily useful for simple arithmetic, where a wrong answer is almost inconceivable and the insistence on carrying the proof through in the theorem prover at all would be questioned b... |

5 |
Classical and modern integration theories
- Pesin
- 1970
(Show Context)
Citation Context ...opriate definitions are uncontroversial. However many areas of mathematics offer a range of subtly different approaches. Integration is a particularly difficult case (its history is traced in [7] and =-=[19]-=-). Many people think of integration as the opposite of differentiation. Undergraduate mathematics courses usually present the Riemann integral. At a more advanced level, Lebesgue theory seems dominant... |

4 |
A Lazy Approach to Fully-Expansive Theorem Proving. In Higher Order Logic Theorem Proving and Its Applications. North-Holland
- Boulton
- 1992
(Show Context)
Citation Context ...bine an efficient interaction with the theorem prover with the security of the result. The implementation of such a technique is a direct application of the lazy approach developed by Richard Boulton =-=[2]-=-. This approach gives a natural framework for delaying the proofs of some subgoals. The justification of these subgoals can then be postponed and handled by a batch process where the efficiency requir... |

4 |
A Riemann-type integral of Lebesgue power
- Henstock
- 1968
(Show Context)
Citation Context ...nd Perron integrals. This seems to have first been made explicit by Kurzweil [17], but its later development, in particular the proof of Lebesgue-type convergence theorems, was mainly due to Henstock =-=[11]-=-. It is known as the `Kurzweil-Henstock gauge integral' or simply `gauge integral'. In the following, we give a sketch of the definition of this integral following the terminology given in [18] and no... |

4 |
A unified theory of integration
- McShane
- 1973
(Show Context)
Citation Context ...nstock [11]. It is known as the `Kurzweil-Henstock gauge integral' or simply `gauge integral'. In the following, we give a sketch of the definition of this integral following the terminology given in =-=[18]-=- and note some results that have already been proved in HOL. An fuller introduction may be found in the undergraduate textbook [8] or the definitive [12]. The limiting process involved in the gauge in... |

3 |
Non-absolute integrals: a survey
- Bullen
- 1980
(Show Context)
Citation Context ...besgue integral, constructs a sequence of integrals by a process of transfinite recursion which Denjoy called `totalisation'. A very simple characterization of the Denjoy integral was given by Perron =-=[3]-=-, but it is not constructive and the development of the theory uses theorems about the Lebesgue integral. The Kurzweil-Henstock Gauge Integral Surprisingly recently it was observed that a simple modif... |

3 |
Integrating a first-order automatic prover
- Kumar, Kropf, et al.
- 1991
(Show Context)
Citation Context ...tes this idea. 4 Implementation Issues Connecting a theorem prover with other systems is not a new idea. Some experiments have already been done in linking HOL with other theorem provers (see [1] and =-=[16]-=- for example). Our application differs slightly from these previous experiments. First of all, the relation between HOL and the CAS is a clear master/slave relation: the use of the CAS is limited to s... |

2 |
The Lebesgue Integral, Cambridge Tracts
- Burkill
- 1965
(Show Context)
Citation Context ...as the opposite of differentiation. Undergraduate mathematics courses usually present the Riemann integral. At a more advanced level, Lebesgue theory seems dominant; consider the following quote from =-=[4]-=- It has long been clear that anyone who uses the integral calculus in the course of his work, whether it be in pure or applied mathematics, should normally interpret integration in the Lebesgue sense.... |

2 |
The Complexity of Antidifferentiation, Denjoy Totalization, and Hyperarithmetic Reals
- Kechris
(Show Context)
Citation Context ...never f is integrable, so is jf j. Other Integrals Various integrals have been proposed which extend the Lebesgue integral and for which the Fundamental Theorem is true. The first was Denjoy integral =-=[15]-=- which, starting with the Lebesgue integral, constructs a sequence of integrals by a process of transfinite recursion which Denjoy called `totalisation'. A very simple characterization of the Denjoy i... |

1 |
Linking Other Theorem Provers to HOL Using PM
- Archer, Fink, et al.
- 1993
(Show Context)
Citation Context ...illustrates this idea. 4 Implementation Issues Connecting a theorem prover with other systems is not a new idea. Some experiments have already been done in linking HOL with other theorem provers (see =-=[1]-=- and [16] for example). Our application differs slightly from these previous experiments. First of all, the relation between HOL and the CAS is a clear master/slave relation: the use of the CAS is lim... |