But anyhow, the purpose of this note/@& is to draw attention to a number of features of computer programs that support formal reasoning, and especially to share some observations regarding the importance of these features. My hope is that the occasional consideration of the differences among various such programs, and their ramifications, has beneficial effects on the development and enhancement of such systems. I’ll consider here various mechanized reasoning systems, i.e. computer programs that support formal (or even seemingly formal) reasoning. These can be either what are generally called “proof-checkers’’ or else “theorem provers,” though it seems to me that these terms are just vague descriptions of the amount of automated reasoning and user control allowed by the system. (Note that these are not necessarily opposites! -more on that later.)
{"title":"An Informal Discussion Of Issues In Mechanically-assisted Reasoning","authors":"Matt Kaufmann","doi":"10.1109/HOL.1991.596297","DOIUrl":"https://doi.org/10.1109/HOL.1991.596297","url":null,"abstract":"But anyhow, the purpose of this note/@& is to draw attention to a number of features of computer programs that support formal reasoning, and especially to share some observations regarding the importance of these features. My hope is that the occasional consideration of the differences among various such programs, and their ramifications, has beneficial effects on the development and enhancement of such systems. I’ll consider here various mechanized reasoning systems, i.e. computer programs that support formal (or even seemingly formal) reasoning. These can be either what are generally called “proof-checkers’’ or else “theorem provers,” though it seems to me that these terms are just vague descriptions of the amount of automated reasoning and user control allowed by the system. (Note that these are not necessarily opposites! -more on that later.)","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121441377","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A simple programming language is use8d to demonstrate the feasibility of mechanical proof of the validity of program transformation rules. The language is formally defined using natural semantics and the system relies on a knowledge base that captures the properties of environments, memories and predicates that are suitable for expressing applicability conditions. The verification system used is HOL. The proofs that were developed in this study were aided by high level tactics described in the paper. This project is a pilot study for proving the rules which underpin the implementation of the executable specification, language REFINE.
{"title":"Proof Of Program Transformations","authors":"R. Roxas, M. Newey","doi":"10.1109/HOL.1991.596289","DOIUrl":"https://doi.org/10.1109/HOL.1991.596289","url":null,"abstract":"A simple programming language is use8d to demonstrate the feasibility of mechanical proof of the validity of program transformation rules. The language is formally defined using natural semantics and the system relies on a knowledge base that captures the properties of environments, memories and predicates that are suitable for expressing applicability conditions. The verification system used is HOL. The proofs that were developed in this study were aided by high level tactics described in the paper. This project is a pilot study for proving the rules which underpin the implementation of the executable specification, language REFINE.","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114647511","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Proofs of program correctness are usually large and complex. This advocates mechanical assistance for managing the complexity and details of proofs. This paper presents a program verifier for imperative programs based on the HOL system. We describe a formalization of the weakest precondition semantics of a small programming language, a verification condition generator for total correctness specafications, and a number of simplification tools for proving subparts of verification conditions, automatically. Examples are considered an order to evaluate the usability of the program verifier.
{"title":"Mechanizing Program Verification in HOL","authors":"Sten Agerholm","doi":"10.1109/HOL.1991.596288","DOIUrl":"https://doi.org/10.1109/HOL.1991.596288","url":null,"abstract":"Proofs of program correctness are usually large and complex. This advocates mechanical assistance for managing the complexity and details of proofs. This paper presents a program verifier for imperative programs based on the HOL system. We describe a formalization of the weakest precondition semantics of a small programming language, a verification condition generator for total correctness specafications, and a number of simplification tools for proving subparts of verification conditions, automatically. Examples are considered an order to evaluate the usability of the program verifier.","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125860868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The combination of declarative functional languages, formal logic, and mechanical theorem-provers offers the opportunity to extend current CAD tools dealing with finite-state machine synthesis and verification. Theorems are proved showing equivalence between machines under certain correctness conditions. Implementations are related to one another and to specifications where the state, input, and output alphabets are viewed as data types.
{"title":"Implementing And Verifying Finite-state Machines Using Types In Higher-order Logic","authors":"Shiu-Kai Chin, G. Birtwistle","doi":"10.1109/HOL.1991.596279","DOIUrl":"https://doi.org/10.1109/HOL.1991.596279","url":null,"abstract":"The combination of declarative functional languages, formal logic, and mechanical theorem-provers offers the opportunity to extend current CAD tools dealing with finite-state machine synthesis and verification. Theorems are proved showing equivalence between machines under certain correctness conditions. Implementations are related to one another and to specifications where the state, input, and output alphabets are viewed as data types.","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"132 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131042592","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The HOL system supports mechanized verification of specifications in polymorphic Higher Order Logic. Ht3L has facilities for defining primitive recursive fuiactions, but no support for defining functions that are not primitive recursive. This paper presents a package for defining recursive boolean functions in HOL as the minimal or maximal fixed point of a boolean function transformer. The implt?mentation of the package is based on the results on fixed points in complete lattices by Tarski. Two examples on how to use the package are given. Both examples describe the definition of recursive botolean functions for specifying properties of parallel pnograms.
{"title":"Recursive Boolean Functions In HOL","authors":"Flemming Andersen, K. D. Petersen","doi":"10.1109/HOL.1991.596301","DOIUrl":"https://doi.org/10.1109/HOL.1991.596301","url":null,"abstract":"The HOL system supports mechanized verification of specifications in polymorphic Higher Order Logic. Ht3L has facilities for defining primitive recursive fuiactions, but no support for defining functions that are not primitive recursive. This paper presents a package for defining recursive boolean functions in HOL as the minimal or maximal fixed point of a boolean function transformer. The implt?mentation of the package is based on the results on fixed points in complete lattices by Tarski. Two examples on how to use the package are given. Both examples describe the definition of recursive botolean functions for specifying properties of parallel pnograms.","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"193 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123012248","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The use of higher-order logic and an associated interactive theorem proving environment for hardware verification has established itself as an important technique for formal hardware validation [CaGM 86, FFFH 89]. In spite of the fact that such techniques are powerful and can be used for validation of complex systems, they continue to remain purely within the purview of theorem proving specialists. The only way to bring such a system closer to circuit designers is to augment the degree of automation and provide a camouflaged environment which mirrors the designer's view of hardware. The first step in this direction is to automate the proofs of all first-order and simple higher-order statements, within such systems, which has been achieved by the tool FAUST [KuKS 91, ScKK 91a]. Further automation requires the use of domain specific knowledge. Our experiences in hardware verification using HOL [Gord 88] have shown that most proofs follow a definite pattern. This observation can be exploited to isolate the creative and mechanical steps in proofs, so as to aid the normal circuit designer in executing the creative steps, and to automate the remaining mechanical steps. A tool called MEPHISTO (M anaging Exhaustive Proofs of Hardware for Integrated circuit designers by Structuring Theorem proving Operations) has been embedded in HOL, so as to disguise the complexity of hardware proofs and to allow the designer to concentrate on design creativity. This extended abstract summarizes the work presented in [ScKK 91b] and is organized as follows: In section 2, we briefly outline the structure of hardware proofs in HOL and indicate the steps which can be automated. Section 3 deals with the details of some of the steps illustrated via an example. This is then followed by some results and conclusions.
{"title":"First Steps Towards Automating Hardware Proofs In HOL","authors":"Ramayya Kumar, T. Kropf, K. Schneider","doi":"10.1109/HOL.1991.596286","DOIUrl":"https://doi.org/10.1109/HOL.1991.596286","url":null,"abstract":"The use of higher-order logic and an associated interactive theorem proving environment for hardware verification has established itself as an important technique for formal hardware validation [CaGM 86, FFFH 89]. In spite of the fact that such techniques are powerful and can be used for validation of complex systems, they continue to remain purely within the purview of theorem proving specialists. The only way to bring such a system closer to circuit designers is to augment the degree of automation and provide a camouflaged environment which mirrors the designer's view of hardware. The first step in this direction is to automate the proofs of all first-order and simple higher-order statements, within such systems, which has been achieved by the tool FAUST [KuKS 91, ScKK 91a]. Further automation requires the use of domain specific knowledge. Our experiences in hardware verification using HOL [Gord 88] have shown that most proofs follow a definite pattern. This observation can be exploited to isolate the creative and mechanical steps in proofs, so as to aid the normal circuit designer in executing the creative steps, and to automate the remaining mechanical steps. A tool called MEPHISTO (M anaging Exhaustive Proofs of Hardware for Integrated circuit designers by Structuring Theorem proving Operations) has been embedded in HOL, so as to disguise the complexity of hardware proofs and to allow the designer to concentrate on design creativity. This extended abstract summarizes the work presented in [ScKK 91b] and is organized as follows: In section 2, we briefly outline the structure of hardware proofs in HOL and indicate the steps which can be automated. Section 3 deals with the details of some of the steps illustrated via an example. This is then followed by some results and conclusions.","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"1993 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128629126","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We coin a term for a novel paradigm for the communication of a method of computation of a function from a researcher who knows the mathematics of the function to the user who does not want to know the details of algorithm. An example, the one which motivated this research, as presented an suficient detail to show that the paradigm is the only sensible approach, in at least one case. It is suggested that for a range of problems involving heuristic search, the paradigm would be very suitable.
{"title":"Proof Based Computation","authors":"M. Newey","doi":"10.1109/HOL.1991.596302","DOIUrl":"https://doi.org/10.1109/HOL.1991.596302","url":null,"abstract":"We coin a term for a novel paradigm for the communication of a method of computation of a function from a researcher who knows the mathematics of the function to the user who does not want to know the details of algorithm. An example, the one which motivated this research, as presented an suficient detail to show that the paradigm is the only sensible approach, in at least one case. It is suggested that for a range of problems involving heuristic search, the paradigm would be very suitable.","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116124399","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper we present a generalization of McCullough's restrictiveness model as the basis for proving security properties about distributed system designs. We mechanize this generalization for an event-based model of computer systems in the HOL (Higher Order Logic) system to prove the composability of the model and several other properties about the model. We then develop a set of generalized classes of system components and show for which families of user views they satisfy the model. Using these classes we develop a collection of general system components that are specializations of one of these classes and show that the specializations also satisfy the security property. We then conclude with a sample distributed secure system, based on the Rushby and Randell distributed system design and designed using our collection of components, and show how our mechanized verification system can be used to verify such designs.
{"title":"Mechanical Verification Of Secure Distributed systems In Higher Order Logic","authors":"J. Alves-Foss, K. Levitt","doi":"10.1109/HOL.1991.596293","DOIUrl":"https://doi.org/10.1109/HOL.1991.596293","url":null,"abstract":"In this paper we present a generalization of McCullough's restrictiveness model as the basis for proving security properties about distributed system designs. We mechanize this generalization for an event-based model of computer systems in the HOL (Higher Order Logic) system to prove the composability of the model and several other properties about the model. We then develop a set of generalized classes of system components and show for which families of user views they satisfy the model. Using these classes we develop a collection of general system components that are specializations of one of these classes and show that the specializations also satisfy the security property. We then conclude with a sample distributed secure system, based on the Rushby and Randell distributed system design and designed using our collection of components, and show how our mechanized verification system can be used to verify such designs.","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128759869","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the refinement calculus, programs are developed in a stepwise fashion by repeated application of transformation rules that preserve total comxtness. We show how such rules can be formalised and proved using the HOL theorem prover. We also show how hierarchies of rules can be built e.g., for parallelising algorithms, and how application of these rules can be automated in HOL. The basis for this work is a formalisation of weakest precondition semantics in higher order logic.
{"title":"Program Transformations And Refinements In HOL","authors":"Joakim von Wright, K. Sere","doi":"10.1109/HOL.1991.596290","DOIUrl":"https://doi.org/10.1109/HOL.1991.596290","url":null,"abstract":"In the refinement calculus, programs are developed in a stepwise fashion by repeated application of transformation rules that preserve total comxtness. We show how such rules can be formalised and proved using the HOL theorem prover. We also show how hierarchies of rules can be built e.g., for parallelising algorithms, and how application of these rules can be automated in HOL. The basis for this work is a formalisation of weakest precondition semantics in higher order logic.","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129043496","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Two case studies in mechanized compiler specification correctness using the HOL System are presented. These case studies are the initial part of a larger and more comprehensive project, the purpose of which is to investigate the development of systematic methodologies for verifying the correctness of compiler specifications and implementations. The source language used in the case studies is a sample imperative sequential language. The target machine as abstract, stackbased, and executes tree-structured code. The compiler correctness criterion as expressed via commutative diagrams. In the first case study, the source and target language semantics are direct denotational, and the compiler correctness proof is done by structural induction supplemented by computation induction where necessary. In the second case study, the source and target languages are given a structural operational semantics, and the compiler correctness proof is done by rule induction. Extension of the techniques to more complex source languages and target machines as discussed.
{"title":"Case Studies In Compiler Correctness Using HOL","authors":"David F. Martin, R. Toal","doi":"10.1109/HOL.1991.596291","DOIUrl":"https://doi.org/10.1109/HOL.1991.596291","url":null,"abstract":"Two case studies in mechanized compiler specification correctness using the HOL System are presented. These case studies are the initial part of a larger and more comprehensive project, the purpose of which is to investigate the development of systematic methodologies for verifying the correctness of compiler specifications and implementations. The source language used in the case studies is a sample imperative sequential language. The target machine as abstract, stackbased, and executes tree-structured code. The compiler correctness criterion as expressed via commutative diagrams. In the first case study, the source and target language semantics are direct denotational, and the compiler correctness proof is done by structural induction supplemented by computation induction where necessary. In the second case study, the source and target languages are given a structural operational semantics, and the compiler correctness proof is done by rule induction. Extension of the techniques to more complex source languages and target machines as discussed.","PeriodicalId":213603,"journal":{"name":"1991., International Workshop on the HOL Theorem Proving System and Its Applications","volume":"206 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1991-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122441240","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: