Pub Date : 2019-09-08DOI: 10.4230/LIPIcs.ITP.2019.13
Ran Chen, C. Cohen, J. Lévy, Stephan Merz, L. Théry
Comparing provers on a formalization of the same problem is always a valuable exercise. In thispaper, we present the formal proof of correctness of a non-trivial algorithm from graph theory thatwas carried out in three proof assistants: Why3,Coq, and Isabelle.
{"title":"Formal Proofs of Tarjan's Strongly Connected Components Algorithm in Why3, Coq and Isabelle","authors":"Ran Chen, C. Cohen, J. Lévy, Stephan Merz, L. Théry","doi":"10.4230/LIPIcs.ITP.2019.13","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITP.2019.13","url":null,"abstract":"Comparing provers on a formalization of the same problem is always a valuable exercise. In thispaper, we present the formal proof of correctness of a non-trivial algorithm from graph theory thatwas carried out in three proof assistants: Why3,Coq, and Isabelle.","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"201 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134150948","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-09-06DOI: 10.4230/LIPIcs.ITP.2019.10
M. Brun, Dmitriy Traytel
8 Authenticated data structures are a technique for outsourcing data storage and maintenance to an 9 untrusted server. The server is required to produce an efficiently checkable and cryptographically 10 secure proof that it carried out precisely the requested computation. Recently, Miller et al. [10] 11 demonstrated how to support a wide range of such data structures by integrating an authentication 12 construct as a first class citizen in a functional programming language. In this paper, we put this 13 work to the test of formalization in the Isabelle proof assistant. With Isabelle’s help, we uncover 14 and repair several mistakes and modify the small-step semantics to perform call-by-value evaluation 15 rather than requiring terms to be in administrative normal form. 16 2012 ACM Subject Classification Security and privacy → Logic and verification 17
{"title":"Generic Authenticated Data Structures, Formally","authors":"M. Brun, Dmitriy Traytel","doi":"10.4230/LIPIcs.ITP.2019.10","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITP.2019.10","url":null,"abstract":"8 Authenticated data structures are a technique for outsourcing data storage and maintenance to an 9 untrusted server. The server is required to produce an efficiently checkable and cryptographically 10 secure proof that it carried out precisely the requested computation. Recently, Miller et al. [10] 11 demonstrated how to support a wide range of such data structures by integrating an authentication 12 construct as a first class citizen in a functional programming language. In this paper, we put this 13 work to the test of formalization in the Isabelle proof assistant. With Isabelle’s help, we uncover 14 and repair several mistakes and modify the small-step semantics to perform call-by-value evaluation 15 rather than requiring terms to be in administrative normal form. 16 2012 ACM Subject Classification Security and privacy → Logic and verification 17","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121309312","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-09-06DOI: 10.4230/LIPIcs.ITP.2019.3
M. Dixon
{"title":"An Increasing Need for Formality (Invited Talk)","authors":"M. Dixon","doi":"10.4230/LIPIcs.ITP.2019.3","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITP.2019.3","url":null,"abstract":"","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114350727","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-09-06DOI: 10.4230/LIPIcs.ITP.2019.7
Guillaume Bertholon, Érik Martin-Dorel, P. Roux
16 Some mathematical proofs involve intensive computations, for instance: the four-color theorem, Hales’ 17 theorem on sphere packing (formerly known as the Kepler conjecture) or interval arithmetic. For 18 numerical computations, floating-point arithmetic enjoys widespread usage thanks to its efficiency, 19 despite the introduction of rounding errors. 20 Formal guarantees can be obtained on floating-point algorithms based on the IEEE 754 standard, 21 which precisely specifies floating-point arithmetic and its rounding modes, and a proof assistant 22 such as Coq, that enjoys efficient computation capabilities. Coq offers machine integers, however 23 floating-point arithmetic still needed to be emulated using these integers. 24 A modified version of Coq is presented that enables using the machine floating-point operators. 25 The main obstacles to such an implementation and its soundness are discussed. Benchmarks show 26 potential performance gains of two orders of magnitude. 27 2012 ACM Subject Classification Theory of computation→ Type theory; Mathematics of computing 28 → Numerical analysis; General and reference → Performance 29
{"title":"Primitive Floats in Coq","authors":"Guillaume Bertholon, Érik Martin-Dorel, P. Roux","doi":"10.4230/LIPIcs.ITP.2019.7","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITP.2019.7","url":null,"abstract":"16 Some mathematical proofs involve intensive computations, for instance: the four-color theorem, Hales’ 17 theorem on sphere packing (formerly known as the Kepler conjecture) or interval arithmetic. For 18 numerical computations, floating-point arithmetic enjoys widespread usage thanks to its efficiency, 19 despite the introduction of rounding errors. 20 Formal guarantees can be obtained on floating-point algorithms based on the IEEE 754 standard, 21 which precisely specifies floating-point arithmetic and its rounding modes, and a proof assistant 22 such as Coq, that enjoys efficient computation capabilities. Coq offers machine integers, however 23 floating-point arithmetic still needed to be emulated using these integers. 24 A modified version of Coq is presented that enables using the machine floating-point operators. 25 The main obstacles to such an implementation and its soundness are discussed. Benchmarks show 26 potential performance gains of two orders of magnitude. 27 2012 ACM Subject Classification Theory of computation→ Type theory; Mathematics of computing 28 → Numerical analysis; General and reference → Performance 29","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125967912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-09-06DOI: 10.4230/LIPIcs.ITP.2019.2
Kevin Buzzard
{"title":"What Makes a Mathematician Tick? (Invited Talk)","authors":"Kevin Buzzard","doi":"10.4230/LIPIcs.ITP.2019.2","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITP.2019.2","url":null,"abstract":"","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133189843","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-06-26DOI: 10.4230/LIPICS.ITP.2019.25
M. Mehta, W. Cook
{"title":"Binary-Compatible Verification of Filesystems with ACL2","authors":"M. Mehta, W. Cook","doi":"10.4230/LIPICS.ITP.2019.25","DOIUrl":"https://doi.org/10.4230/LIPICS.ITP.2019.25","url":null,"abstract":"","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114631321","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-23DOI: 10.4230/LIPIcs.ITP.2019.19
Jesse Michael Han, Floris van Doorn
We describe a formalization of forcing using Boolean-valued models in the Lean 3 theorem prover, including the fundamental theorem of forcing and a deep embedding of first-order logic with a Boolean-valued soundness theorem. As an application of our framework, we specialize our construction to the Boolean algebra of regular opens of the Cantor space $2^{omega_2 times omega}$ and formally verify the failure of the continuum hypothesis in the resulting model.
{"title":"A formalization of forcing and the unprovability of the continuum hypothesis","authors":"Jesse Michael Han, Floris van Doorn","doi":"10.4230/LIPIcs.ITP.2019.19","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITP.2019.19","url":null,"abstract":"We describe a formalization of forcing using Boolean-valued models in the Lean 3 theorem prover, including the fundamental theorem of forcing and a deep embedding of first-order logic with a Boolean-valued soundness theorem. As an application of our framework, we specialize our construction to the Boolean algebra of regular opens of the Cantor space $2^{omega_2 times omega}$ and formally verify the failure of the continuum hypothesis in the resulting model.","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115326114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-04DOI: 10.4230/LIPIcs.ITP.2019.5
Reynald Affeldt, Jacques Garrigue, Xuanrui Qi, Kazunari Tanaka
Succinct data structures give space-efficient representations of large amounts of data without sacrificing performance. They rely one cleverly designed data representations and algorithms. We present here the formalization in Coq/SSReflect of two different tree-based succinct representations and their accompanying algorithms. One is the Level-Order Unary Degree Sequence, which encodes the structure of a tree in breadth-first order as a sequence of bits, where access operations can be defined in terms of Rank and Select, which work in constant time for static bit sequences. The other represents dynamic bit sequences as binary balanced trees, where Rank and Select present a low logarithmic overhead compared to their static versions, and with efficient insertion and deletion. The two can be stacked to provide a dynamic representation of dictionaries for instance. While both representations are well-known, we believe this to be their first formalization and a needed step towards provably-safe implementations of big data.
{"title":"Proving tree algorithms for succinct data structures","authors":"Reynald Affeldt, Jacques Garrigue, Xuanrui Qi, Kazunari Tanaka","doi":"10.4230/LIPIcs.ITP.2019.5","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITP.2019.5","url":null,"abstract":"Succinct data structures give space-efficient representations of large amounts of data without sacrificing performance. They rely one cleverly designed data representations and algorithms. We present here the formalization in Coq/SSReflect of two different tree-based succinct representations and their accompanying algorithms. One is the Level-Order Unary Degree Sequence, which encodes the structure of a tree in breadth-first order as a sequence of bits, where access operations can be defined in terms of Rank and Select, which work in constant time for static bit sequences. The other represents dynamic bit sequences as binary balanced trees, where Rank and Select present a low logarithmic overhead compared to their static versions, and with efficient insertion and deletion. The two can be stacked to provide a dynamic representation of dictionaries for instance. While both representations are well-known, we believe this to be their first formalization and a needed step towards provably-safe implementations of big data.","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125885322","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-02DOI: 10.4230/LIPIcs.ITP.2019.28
Florian Steinberg, L. Théry, Holger Thies
We give a number of formal proofs of theorems from the field of computable analysis. Many of our results specify executable algorithms that work on infinite inputs by means of operating on finite approximations and are proven correct in the sense of computable analysis. The development is done in the proof assistant Coq and heavily relies on the Incone library for information theoretic continuity. This library is developed by one of the authors and the paper can be used as an introduction to the library as it describes many of its most important features in detail. While the ability to have full executability in a formal development of mathematical statements about real numbers and the like is not a feature that is unique to the Incone library, its original contribution is to adhere to the conventions of computable analysis to provide a general purpose interface for algorithmic reasoning on continuous structures. The results that provide complete computational content include that the algebraic operations and the efficient limit operator on the reals are computable, that certain countably infinite products are isomorphic to spaces of functions, compatibility of the enumeration representation of subsets of natural numbers with the abstract definition of the space of open subsets of the natural numbers, and that continuous realizability implies sequential continuity. We also formalize proofs of non-computational results that support the correctness of our definitions. These include that the information theoretic notion of continuity used in the library is equivalent to the metric notion of continuity on Baire space, a complete comparison of the different concepts of continuity that arise from metric and represented-space structures and the discontinuity of the unrestricted limit operator on the real numbers and the task of selecting an element of a closed subset of the natural numbers.
{"title":"Quantitative continuity and computable analysis in Coq","authors":"Florian Steinberg, L. Théry, Holger Thies","doi":"10.4230/LIPIcs.ITP.2019.28","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITP.2019.28","url":null,"abstract":"We give a number of formal proofs of theorems from the field of computable analysis. Many of our results specify executable algorithms that work on infinite inputs by means of operating on finite approximations and are proven correct in the sense of computable analysis. The development is done in the proof assistant Coq and heavily relies on the Incone library for information theoretic continuity. This library is developed by one of the authors and the paper can be used as an introduction to the library as it describes many of its most important features in detail. While the ability to have full executability in a formal development of mathematical statements about real numbers and the like is not a feature that is unique to the Incone library, its original contribution is to adhere to the conventions of computable analysis to provide a general purpose interface for algorithmic reasoning on continuous structures. The results that provide complete computational content include that the algebraic operations and the efficient limit operator on the reals are computable, that certain countably infinite products are isomorphic to spaces of functions, compatibility of the enumeration representation of subsets of natural numbers with the abstract definition of the space of open subsets of the natural numbers, and that continuous realizability implies sequential continuity. We also formalize proofs of non-computational results that support the correctness of our definitions. These include that the information theoretic notion of continuity used in the library is equivalent to the metric notion of continuity on Baire space, a complete comparison of the different concepts of continuity that arise from metric and represented-space structures and the discontinuity of the unrestricted limit operator on the real numbers and the task of selecting an element of a closed subset of the natural numbers.","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"26 6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128398598","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-01DOI: 10.4230/LIPIcs.ITP.2019.17
Y. Forster, F. Kunze
We provide a plugin extracting Coq functions of simple polymorphic types to the (untyped) call-by-value $lambda$-calculus L. The plugin is implemented in the MetaCoq framework and entirely written in Coq. We provide Ltac tactics to automatically verify the extracted terms w.r.t a logical relation connecting Coq functions with correct extractions and time bounds, essentially performing a certifying translation and running time validation. We provide three case studies: A universal L-term obtained as extraction from the Coq definition of a step-indexed self-interpreter for Ł, a many-reduction from solvability of Diophantine equations to the halting problem of L, and a polynomial-time simulation of Turing machines in L.
{"title":"A Certifying Extraction with Time Bounds from Coq to Call-By-Value Lambda Calculus","authors":"Y. Forster, F. Kunze","doi":"10.4230/LIPIcs.ITP.2019.17","DOIUrl":"https://doi.org/10.4230/LIPIcs.ITP.2019.17","url":null,"abstract":"We provide a plugin extracting Coq functions of simple polymorphic types to the (untyped) call-by-value $lambda$-calculus L. The plugin is implemented in the MetaCoq framework and entirely written in Coq. We provide Ltac tactics to automatically verify the extracted terms w.r.t a logical relation connecting Coq functions with correct extractions and time bounds, essentially performing a certifying translation and running time validation. We provide three case studies: A universal L-term obtained as extraction from the Coq definition of a step-indexed self-interpreter for Ł, a many-reduction from solvability of Diophantine equations to the halting problem of L, and a polynomial-time simulation of Turing machines in L.","PeriodicalId":296683,"journal":{"name":"International Conference on Interactive Theorem Proving","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124601931","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: