A Logic of Proofs for Differential Dynamic Logic
|
|
- Candace Simmons
- 5 years ago
- Views:
Transcription
1 1 A Logic of Proofs for Differential Dynamic Logic Toward Independently Checkable Proof Certificates for Differential Dynamic Logic Nathan Fulton Andrè Platzer Carnegie Mellon University CPP 16 February 10, 2016
2 Motivation Strong evidence that Cyber-Physical Systems are safe.
3 Motivation Strong evidence that Cyber-Physical Systems are safe.
4 KeYmaera X 3
5 4 Criteria for Evidence of a Successful Verification Effort Hybrid Systems Proofs (via KeYmaera X) Persistent truth-preservation is insufficient! Permanent Tactics are not proofs Portable Between machines, between logics
6 5 Approach e : φ
7 5 Approach e : φ Outline: The Language of Differential Dynamic Logic Uniform Substitution Calculus of dl LPdL
8 6 Hybrid Programs Model Cyber-Physical Systems Definition (Hybrid Programs) Assign x := θ Test?ϕ Sequence α; β Choice α β Iteration α
9 6 Hybrid Programs Model Cyber-Physical Systems Definition (Hybrid Programs) Assign x := θ Test?ϕ Sequence α; β Choice α β Iteration α ODEs {x 1 = θ 1,..., x n = θ n &ϕ}
10 7 dl Example [ ( (acc := A acc := 0) }{{} Control ; {pos = vel, vel ) ] = acc} }{{} Physical System Model
11 7 dl FOL over Real Closed Fields + [α]ϕ + α ϕ Example vel 0 A > 0 }{{} initial condition [ ( (acc := A acc := 0) }{{} ctrl ; {pos = vel, vel ) ] = acc} vel 0 }{{}}{{} plant postcondition
12 8 Deduction in Differential Dynamic Logic v 0, z < m t 0[z := b 2 t2 + vt + z]z m v 0, z < m [z = v, v DiffSolve = b]z m
13 9 Uniform Substitution Isolates Binding Structure DiffSolve as a single axiom: [x = f &q(x)]p(x) t 0(( 0 s tq(x+fs)) [x := x+ft]p(x)) Sound uniform substitutions are used in deductions: ϕ σ(ϕ) US
14 10 Significant Features of dl BoxChoice Γ [α]ϕ Γ [α β]ϕ Γ [β]ϕ
15 10 Significant Features of dl BoxChoice Γ [α]ϕ Γ [α β]ϕ Γ [β]ϕ Γ [x := 4 x := 5]x > 3 }{{} ψ
16 Significant Features of dl BoxChoice Γ [α]ϕ Γ [α β]ϕ Γ [β]ϕ [a b]p(?) [a]p(?) [b]p(?) Γ [x := 4 x := 5]x > 3 }{{} ψ σ = a x := 4 b x := 5 p(?) x > 3 10
17 10 Significant Features of dl BoxChoice Γ [α]ϕ Γ [α β]ϕ Γ [β]ϕ [a b]p(?) [a]p(?) [b]p(?) ψ [x := 4]x > 3 [x := 5]x > 3 σ = Γ [x := 4 x := 5]x > 3 }{{} ψ a x := 4 b x := 5 p(?) x > 3
18 Significant Features of dl BoxChoice Γ [α]ϕ Γ [α β]ϕ Γ [β]ϕ [a b]p(?) [a]p(?) [b]p(?) ψ [x := 4]x > 3 [x := 5]x > 3 σ = Γ, ψ [x := 4]x > 3 [x := 5]x > 3 ψ Γ [x := 4 x := 5]x > 3 }{{} ψ a x := 4 b x := 5 p(?) x > 3
19 10 Significant Features of dl BoxChoice Γ [α]ϕ Γ [α β]ϕ Γ [β]ϕ [a b]p(?) [a]p(?) [b]p(?) ψ [x := 4]x > 3 [x := 5]x > 3 σ = Γ, [x := 4]x > 3 [x := 5]x > 3 Γ, ψ [x := 4]x > 3 [x := 5]x > 3 ψ Γ [x := 4 x := 5]x > 3 }{{} ψ a x := 4 b x := 5 p(?) x > 3
20 Significant Features of dl BoxChoice Γ [α]ϕ Γ [α β]ϕ Γ [β]ϕ [a b]p(?) [a]p(?) [b]p(?) ψ [x := 4]x > 3 [x := 5]x > 3 σ = Γ [x := 4]x > 3 [x := 5]x > 3 Γ, [x := 4]x > 3 [x := 5]x > 3 Γ, ψ [x := 4]x > 3 [x := 5]x > 3 ψ Γ [x := 4 x := 5]x > 3 }{{} ψ a x := 4 b x := 5 p(?) x > 3
21 Significant Features of dl BoxChoice Γ [α]ϕ Γ [α β]ϕ Γ [β]ϕ [a b]p(?) [a]p(?) [b]p(?) ψ [x := 4]x > 3 [x := 5]x > 3 σ = Γ [x := 4]x > 3 Γ [x := 5]x > 3 Γ [x := 4]x > 3 [x := 5]x > 3 Γ, [x := 4]x > 3 [x := 5]x > 3 Γ, ψ [x := 4]x > 3 [x := 5]x > 3 ψ Γ [x := 4 x := 5]x > 3 }{{} ψ a x := 4 b x := 5 p(?) x > 3
22 Contribution: A Logic of Proofs for dl LPdL extends the grammar of dl with formulas of the form e }{{} : ϕ }{{} LPdL proof term dlformula
23 Contribution: A Logic of Proofs for dl LPdL extends the grammar of dl with formulas of the form e }{{} : ϕ }{{} LPdL proof term dlformula e, d ::= c φ Example (Proof Constants) (i [:=] ) : ([x := t]p(x) p(t)) (j x>y y>z x>z ) : (x > y y > z x > z)
24 11 Contribution: A Logic of Proofs for dl LPdL extends the grammar of dl with formulas of the form e }{{} : ϕ }{{} LPdL proof term dlformula e, d ::= c φ e d Example (Conjunctions) (i := j x>0 ) : (([x := t]p(x) p(t)) x > 0)
25 Contribution: A Logic of Proofs for dl LPdL extends the grammar of dl with formulas of the form e, d ::= c φ e d e d e d e d e }{{} : ϕ }{{} LPdL proof term dlformula Example ( ) If e : ϕ ψ (1) d : ϕ (2) Then e d : ψ. Directional application performs a similar operation on equivalences.
26 Contribution: A Logic of Proofs for dl LPdL extends the grammar of dl with formulas of the form e }{{} : ϕ }{{} LPdL proof term dlformula e, d ::= c φ e d e d e d e d σe Be Example (Uniform Substitution of Axiom [x := t]p(x) p(t)) σ {t 0, p( ) 0} (i [:=] ) : [x := 0]x 0 0 0
27 Contribution: A Logic of Proofs for dl LPdL extends the grammar of dl with formulas of the form e }{{} : ϕ }{{} LPdL proof term dlformula e, d ::= c φ e d e d e d e d σe Be CT σ e CQ σ e CE σ e Example (US Instances of Proof Rules) CE {t 0, p( ) 0} i [x:=t]p(t) p(x) : ([{z = a}][x := 0]x 0) ([{z = a}]0 0)
28 Sampling of Axioms and Proof Rules φ i A : A e : φ d : ψ (e d) : (φ ψ) e : (φ ψ) d : φ e d : ψ e : φ σe : σ(φ) σe : σ(p( x) q( x)) CE σ e : σ(c(p( x) C(q( x))) (dl Axiom) (dl Constants) (And) (Application) (US Proof Term) (CE σ ) Only side-condition: admissibility of σs.
29 13 Semantics of LPdL i A : A φ I = φ I dl i A : A I = S for dl axioms A α j T : T = S for FOL R tautologies T i A : A α i A : A e d : φ ψ I = e : φ I d : ψ I e d : φ I = ψ e : (ψ φ) I d : ψ I α... i A : A
30 14 Correctness Properties Theorem (Proof terms justify theorems) Let e be a proof term and φ a dl formula. If LPdL e : φ then φ.
31 Correctness Properties Theorem (Proof terms justify theorems) Let e be a proof term and φ a dl formula. If LPdL e : φ then φ. HyDRA Server User Interface Proof View REST-API Proof Tree Simplification Tactical Prover Axiomatic Core Scala-API Proof Tree manages KeYmaera X Web UI (JavaScript) Simplified Proof Tree View Tactics Execution Proof Strategies uses dl Tactics Combinators Models Wrappers for Kernel Primitives KeYmaera X Kernel (soundness-critical, Scala) Proof Certificates Axioms Searching start/stop/pause/resume controls Uniform Substitution Bound Renaming Propositional Sequent Calculus with Skolemization Proof Log Proof Storing stores observes executes combines Scheduler executes tactics on tools/ CPU cores Real Quantifier Elimination Differential Equation Solving... 14
32 Correctness Properties Theorem (Proof terms justify theorems) Let e be a proof term and φ a dl formula. If LPdL e : φ then φ. HyDRA Server User Interface Proof View REST-API Proof Tree Simplification Tactical Prover Axiomatic Core Scala-API Proof Tree manages KeYmaera X Web UI (JavaScript) Simplified Proof Tree View Tactics Execution Proof Strategies uses dl Tactics Combinators Models Wrappers for Kernel Primitives KeYmaera X Kernel (soundness-critical, Scala) Proof Certificates Axioms Searching start/stop/pause/resume controls Uniform Substitution Bound Renaming Propositional Sequent Calculus with Skolemization Proof Log Proof Storing stores observes executes combines Scheduler executes tactics on tools/ CPU cores Real Quantifier Elimination Differential Equation Solving... 14
33 Adding Proof Terms Without Adding Soundness-Critical Code Proof. Case σe. Suppose that LPdL σe : φ. By [a lemma], φ = σ(φ ) and LPdL e : φ for some φ. The induction hypothesis for the smaller proof term e gives dl φ. Therefore, dl σ(φ ) (i.e., φ) is provable by US. 1 def ProofChecker ( e : ProofTerm, phi : Formula ) =... 2 case UsubstTerm (e, phiprime, usubst ) => { 3 val phiprimecert = ProofChecker (e, phiprime ) 4 Provable. startproof ( phi ) 5.( UniformSubstitutionRule ( 6 usubst, 7 phiprime ), 0) 8.( phiprimecert, 0) 9 }
34 Ongoing Work Controller Synthesis from Non-deterministic Models A proof term construction semantics for the Bellerophon tactics language of KeYmaera X
35 Conclusion LPdL provides persistent permanent portable proofs 17
36 17 Conclusion LPdL provides persistent permanent portable proofs and furthermore reifies the structure of proofs
37 Conclusion LPdL provides persistent permanent portable proofs and furthermore reifies the structure of proofs by parsimoniously extending existing theory and implementation. keymaerax.org github.com/ls-lab/keymaerax-release 17
KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems
KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems Nathan Fulton, Stefan Mitsch, Jan-David Quesel, Marcus Völp, André Platzer Presented at CADE-25 August 9, 2015 Milieu Safety-critical
More informationKeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems
KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems Nathan Fulton 1, Stefan Mitsch 1, Jan-David Quesel 1, Marcus Völp 1,2, and André Platzer 1 1 Computer Science Department, Carnegie Mellon
More information15-819M: Data, Code, Decisions
15-819M: Data, Code, Decisions 08: First-Order Logic André Platzer aplatzer@cs.cmu.edu Carnegie Mellon University, Pittsburgh, PA André Platzer (CMU) 15-819M/08: Data, Code, Decisions 1 / 40 Outline 1
More informationA Theorem Prover for Differential Dynamic Logic
A Theorem Prover for Differential Dynamic Logic Deductive Verification of Hybrid Systems April 17, 2007 Jan-David Quesel Carl von Ossietzky Universität Oldenburg Fakultät II Department für Informatik Abteilung
More informationTyped Lambda Calculus for Syntacticians
Department of Linguistics Ohio State University January 12, 2012 The Two Sides of Typed Lambda Calculus A typed lambda calculus (TLC) can be viewed in two complementary ways: model-theoretically, as a
More informationFrom OCL to Propositional and First-order Logic: Part I
22c181: Formal Methods in Software Engineering The University of Iowa Spring 2008 From OCL to Propositional and First-order Logic: Part I Copyright 2007-8 Reiner Hähnle and Cesare Tinelli. Notes originally
More informationFormal Systems II: Applications
Formal Systems II: Applications Functional Verification of Java Programs: Java Dynamic Logic Bernhard Beckert Mattias Ulbrich SS 2017 KIT INSTITUT FÜR THEORETISCHE INFORMATIK KIT University of the State
More informationModule 6. Knowledge Representation and Logic (First Order Logic) Version 2 CSE IIT, Kharagpur
Module 6 Knowledge Representation and Logic (First Order Logic) 6.1 Instructional Objective Students should understand the advantages of first order logic as a knowledge representation language Students
More informationPolarized Rewriting and Tableaux in B Set Theory
Polarized Rewriting and Tableaux in B Set Theory SETS 2018 Olivier Hermant CRI, MINES ParisTech, PSL Research University June 5, 2018 O. Hermant (MINES ParisTech) Polarized Tableaux Modulo in B June 5,
More informationTyped Lambda Calculus
Department of Linguistics Ohio State University Sept. 8, 2016 The Two Sides of A typed lambda calculus (TLC) can be viewed in two complementary ways: model-theoretically, as a system of notation for functions
More informationRevisiting Kalmar completeness metaproof
Revisiting Kalmar completeness metaproof Angélica Olvera Badillo 1 Universidad de las Américas, Sta. Catarina Mártir, Cholula, Puebla, 72820 México angelica.olverabo@udlap.mx Abstract In this paper, I
More informationLecture 5 - Axiomatic semantics
Program Verification March 2014 Lecture 5 - Axiomatic semantics Lecturer: Noam Rinetzky Scribes by: Nir Hemed 1.1 Axiomatic semantics The development of the theory is contributed to Robert Floyd, C.A.R
More informationHigher-Order Logic. Specification and Verification with Higher-Order Logic
Higher-Order Logic Specification and Verification with Higher-Order Logic Arnd Poetzsch-Heffter (Slides by Jens Brandt) Software Technology Group Fachbereich Informatik Technische Universität Kaiserslautern
More informationPropositional Logic Formal Syntax and Semantics. Computability and Logic
Propositional Logic Formal Syntax and Semantics Computability and Logic Syntax and Semantics Syntax: The study of how expressions are structured (think: grammar) Semantics: The study of the relationship
More informationFormal Predicate Calculus. Michael Meyling
Formal Predicate Calculus Michael Meyling May 24, 2013 2 The source for this document can be found here: http://www.qedeq.org/0_04_07/doc/math/qedeq_formal_logic_v1.xml Copyright by the authors. All rights
More informationPackaging Theories of Higher Order Logic
Packaging Theories of Higher Order Logic Joe Hurd Galois, Inc. joe@galois.com Theory Engineering Workshop Tuesday 9 February 2010 Joe Hurd Packaging Theories of Higher Order Logic 1 / 26 Talk Plan 1 Introduction
More informationTheorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214
Theorem proving PVS theorem prover Abhik Roychoudhury National University of Singapore Both specification and implementation can be formalized in a suitable logic. Proof rules for proving statements in
More informationFoundations of AI. 9. Predicate Logic. Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution
Foundations of AI 9. Predicate Logic Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution Wolfram Burgard, Andreas Karwath, Bernhard Nebel, and Martin Riedmiller 09/1 Contents Motivation
More informationDynamic Logic with Non-rigid Functions
Dynamic Logic with Non-rigid Functions A Basis for Object-oriented Program Verification Bernhard Beckert 1 André Platzer 2 1 University of Koblenz-Landau, Department of Computer Science beckert@uni-koblenz.de
More informationIsabelle/HOL:Selected Features and Recent Improvements
/: Selected Features and Recent Improvements webertj@in.tum.de Security of Systems Group, Radboud University Nijmegen February 20, 2007 /:Selected Features and Recent Improvements 1 2 Logic User Interface
More informationEXTENSIONS OF FIRST ORDER LOGIC
EXTENSIONS OF FIRST ORDER LOGIC Maria Manzano University of Barcelona CAMBRIDGE UNIVERSITY PRESS Table of contents PREFACE xv CHAPTER I: STANDARD SECOND ORDER LOGIC. 1 1.- Introduction. 1 1.1. General
More informationHOL DEFINING HIGHER ORDER LOGIC LAST TIME ON HOL CONTENT. Slide 3. Slide 1. Slide 4. Slide 2 WHAT IS HIGHER ORDER LOGIC? 2 LAST TIME ON HOL 1
LAST TIME ON HOL Proof rules for propositional and predicate logic Safe and unsafe rules NICTA Advanced Course Forward Proof Slide 1 Theorem Proving Principles, Techniques, Applications Slide 3 The Epsilon
More informationSituation Calculus and YAGI
Situation Calculus and YAGI Institute for Software Technology 1 Progression another solution to the projection problem does a sentence hold for a future situation used for automated reasoning and planning
More informationFinite Model Generation for Isabelle/HOL Using a SAT Solver
Finite Model Generation for / Using a SAT Solver Tjark Weber webertj@in.tum.de Technische Universität München Winterhütte, März 2004 Finite Model Generation for / p.1/21 is a generic proof assistant: Highly
More informationImproving Coq Propositional Reasoning Using a Lazy CNF Conversion
Using a Lazy CNF Conversion Stéphane Lescuyer Sylvain Conchon Université Paris-Sud / CNRS / INRIA Saclay Île-de-France FroCoS 09 Trento 18/09/2009 Outline 1 Motivation and background Verifying an SMT solver
More informationFrom Types to Sets in Isabelle/HOL
From Types to Sets in Isabelle/HOL Extented Abstract Ondřej Kunčar 1 and Andrei Popescu 1,2 1 Fakultät für Informatik, Technische Universität München, Germany 2 Institute of Mathematics Simion Stoilow
More informationHandling Integer Arithmetic in the Verification of Java Programs
Handling Integer Arithmetic in the Verification of Java Programs Steffen Schlager 1st Swedish-German KeY Workshop Göteborg, Sweden, June 2002 KeY workshop, June 2002 p.1 Introduction UML/OCL specification
More informationKripke-Style Contextual Modal Type Theory
Kripke-Style Contextual Modal Type Theory YUITO MURASE THE UNIVERSITY OF TOKYO Agenda Background Logic Type System Future Plan/Related Work Background: Syntactical Metaprogramming Extend the syntax of
More informationRefinement Types as Proof Irrelevance. William Lovas with Frank Pfenning
Refinement Types as Proof Irrelevance William Lovas with Frank Pfenning Overview Refinement types sharpen existing type systems without complicating their metatheory Subset interpretation soundly and completely
More informationComputer-supported Modeling and Reasoning. First-Order Logic. 1 More on Isabelle. 1.1 Isabelle System Architecture
Dipl-Inf Achim D Brucker Dr Burkhart Wolff Computer-supported Modeling and easoning http://wwwinfsecethzch/ education/permanent/csmr/ (rev 16814) Submission date: First-Order Logic In this lecture you
More informationMeta-programming with Names and Necessity p.1
Meta-programming with Names and Necessity Aleksandar Nanevski Carnegie Mellon University ICFP, Pittsburgh, 05 October 2002 Meta-programming with Names and Necessity p.1 Meta-programming Manipulation of
More informationTyped First-order Logic
22c181: Formal Methods in Software Engineering The University of Iowa Spring 2008 Typed First-order Logic Copyright 2007-8 Reiner Hähnle and Cesare Tinelli. Notes originally developed by Reiner Hähnle
More informationCOMP 4161 NICTA Advanced Course. Advanced Topics in Software Verification. Toby Murray, June Andronick, Gerwin Klein
COMP 4161 NICTA Advanced Course Advanced Topics in Software Verification Toby Murray, June Andronick, Gerwin Klein λ 1 Last time... λ calculus syntax free variables, substitution β reduction α and η conversion
More informationKnowledge Representation and Reasoning Logics for Artificial Intelligence
Knowledge Representation and Reasoning Logics for Artificial Intelligence Stuart C. Shapiro Department of Computer Science and Engineering and Center for Cognitive Science University at Buffalo, The State
More informationModule 6. Knowledge Representation and Logic (First Order Logic) Version 2 CSE IIT, Kharagpur
Module 6 Knowledge Representation and Logic (First Order Logic) Lesson 15 Inference in FOL - I 6.2.8 Resolution We have introduced the inference rule Modus Ponens. Now we introduce another inference rule
More informationIntegration of SMT Solvers with ITPs There and Back Again
Integration of SMT Solvers with ITPs There and Back Again Sascha Böhme and University of Sheffield 7 May 2010 1 2 Features: SMT-LIB vs. Yices Translation Techniques Caveats 3 4 Motivation Motivation System
More informationFormally Certified Satisfiability Solving
SAT/SMT Proof Checking Verifying SAT Solver Code Future Work Computer Science, The University of Iowa, USA April 23, 2012 Seoul National University SAT/SMT Proof Checking Verifying SAT Solver Code Future
More informationVS 3 : SMT Solvers for Program Verification
VS 3 : SMT Solvers for Program Verification Saurabh Srivastava 1,, Sumit Gulwani 2, and Jeffrey S. Foster 1 1 University of Maryland, College Park, {saurabhs,jfoster}@cs.umd.edu 2 Microsoft Research, Redmond,
More informationHoare Logic. COMP2600 Formal Methods for Software Engineering. Rajeev Goré
Hoare Logic COMP2600 Formal Methods for Software Engineering Rajeev Goré Australian National University Semester 2, 2016 (Slides courtesy of Ranald Clouston) COMP 2600 Hoare Logic 1 Australian Capital
More informationDatabase Theory VU , SS Codd s Theorem. Reinhard Pichler
Database Theory Database Theory VU 181.140, SS 2011 3. Codd s Theorem Reinhard Pichler Institut für Informationssysteme Arbeitsbereich DBAI Technische Universität Wien 29 March, 2011 Pichler 29 March,
More informationFundamentals of Software Engineering
Fundamentals of Software Engineering Reasoning about Programs with Dynamic Logic - Part I Ina Schaefer Institute for Software Systems Engineering TU Braunschweig, Germany Slides by Wolfgang Ahrendt, Richard
More informationIntroduction to Axiomatic Semantics
Introduction to Axiomatic Semantics Meeting 10, CSCI 5535, Spring 2009 Announcements Homework 3 due tonight Homework 2 is graded 13 (mean), 14 (median), out of 21 total, but Graduate class: final project
More informationλ calculus is inconsistent
Content Rough timeline COMP 4161 NICTA Advanced Course Advanced Topics in Software Verification Gerwin Klein, June Andronick, Toby Murray λ Intro & motivation, getting started [1] Foundations & Principles
More informationLogic and its Applications
Logic and its Applications Edmund Burke and Eric Foxley PRENTICE HALL London New York Toronto Sydney Tokyo Singapore Madrid Mexico City Munich Contents Preface xiii Propositional logic 1 1.1 Informal introduction
More informationThe design of a programming language for provably correct programs: success and failure
The design of a programming language for provably correct programs: success and failure Don Sannella Laboratory for Foundations of Computer Science School of Informatics, University of Edinburgh http://homepages.inf.ed.ac.uk/dts
More informationChapter 6. Curves and Surfaces. 6.1 Graphs as Surfaces
Chapter 6 Curves and Surfaces In Chapter 2 a plane is defined as the zero set of a linear function in R 3. It is expected a surface is the zero set of a differentiable function in R n. To motivate, graphs
More informationAlgebraic Processors
Algebraic Processors Algebraic Processors By Pouya Larjani, B.Sc. A Thesis Submitted to the School of Graduate Studies in partial fulfilment of the requirements for the degree of Master of Science Department
More informationThe Rule of Constancy(Derived Frame Rule)
The Rule of Constancy(Derived Frame Rule) The following derived rule is used on the next slide The rule of constancy {P } C {Q} {P R} C {Q R} where no variable assigned to in C occurs in R Outline of derivation
More informationAutomatic Reasoning (Section 8.3)
Automatic Reasoning (Section 8.3) Automatic Reasoning Can reasoning be automated? Yes, for some logics, including first-order logic. We could try to automate natural deduction, but there are many proof
More informationHoare logic. A proof system for separation logic. Introduction. Separation logic
Introduction Hoare logic Lecture 6: Examples in separation logic In the previous lecture, we saw how reasoning about pointers in Hoare logic was problematic, which motivated introducing separation logic.
More informationHw 4 Due Feb 22. D(fg) x y z (
Hw 4 Due Feb 22 2.2 Exercise 7,8,10,12,15,18,28,35,36,46 2.3 Exercise 3,11,39,40,47(b) 2.4 Exercise 6,7 Use both the direct method and product rule to calculate where f(x, y, z) = 3x, g(x, y, z) = ( 1
More informationPreuves Interactives et Applications
Preuves Interactives et Applications Christine Paulin & Burkhart Wolff http://www.lri.fr/ paulin/preuvesinteractives Université Paris-Saclay HOL and its Specification Constructs 10/12/16 B. Wolff - M2
More informationLambda Logic. Michael Beeson. San José State University, San Jose, CA, USA. Abstract
Michael Beeson San José State University, San Jose, CA, USA Abstract Lambda logic is the union of first order logic and lambda calculus. We prove basic metatheorems for both total and partial versions
More informationVerification and Validation
Cycle Ingénieur 2 ème année Département Informatique Verification and Validation Part IV : Proof-based Verification (I) Burkhart Wolff Département Informatique Université Paris-Sud / Orsay 2013-2014 What
More informationVerification and Validation
2017-2018 Cycle Ingénieur 2 ème année Département Informatique Verification and Validation Part IV : Proof-based Verification (I) Burkhart Wolff Département Informatique Université Paris-Sud / Orsay Difference
More informationCompositional Software Model Checking
Compositional Software Model Checking Dan R. Ghica Oxford University Computing Laboratory October 18, 2002 Outline of talk program verification issues the semantic challenge programming languages the logical
More informationCLF: A logical framework for concurrent systems
CLF: A logical framework for concurrent systems Thesis Proposal Kevin Watkins Carnegie Mellon University Committee: Frank Pfenning, CMU (Chair) Stephen Brookes, CMU Robert Harper, CMU Gordon Plotkin, University
More informationHoare Logic: Proving Programs Correct
Hoare Logic: Proving Programs Correct 17-654/17-765 Analysis of Software Artifacts Jonathan Aldrich Reading: C.A.R. Hoare, An Axiomatic Basis for Computer Programming Some presentation ideas from a lecture
More informationMathematics for Computer Scientists 2 (G52MC2)
Mathematics for Computer Scientists 2 (G52MC2) L03 : More Coq, Classical Logic School of Computer Science University of Nottingham October 8, 2009 The cut rule Sometimes we want to prove a goal Q via an
More informationLee Pike. June 3, 2005
Proof NASA Langley Formal Methods Group lee.s.pike@nasa.gov June 3, 2005 Proof Proof Quantification Quantified formulas are declared by quantifying free variables in the formula. For example, lem1: LEMMA
More informationLogic and Computation
Logic and Computation From Conceptualization to Formalization Here's what we do when we build a formal model (or do a computation): 0. Identify a collection of objects/events in the real world. This is
More informationA Typed Lambda Calculus for Input Sanitation
A Typed Lambda Calculus for Input Sanitation Nathan Fulton Carthage College nfulton@carthage.edu April 11, 2013 Abstract Programmers often wish to validate or sanitize user input. One common approach to
More informationA First-Order Logic with First-Class Types
A First-Order Logic with First-Class Types joint work with Peter H. Schmitt and Mattias Ulbrich Institute for Theoretical Computer Science The 8th KeY Symposium, Speyer, 2009 Java Card DL modal logic based
More informationLogical Verification Course Notes. Femke van Raamsdonk Vrije Universiteit Amsterdam
Logical Verification Course Notes Femke van Raamsdonk femke@csvunl Vrije Universiteit Amsterdam autumn 2008 Contents 1 1st-order propositional logic 3 11 Formulas 3 12 Natural deduction for intuitionistic
More informationPropositional Calculus: Boolean Algebra and Simplification. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson
Propositional Calculus: Boolean Algebra and Simplification CS 270: Mathematical Foundations of Computer Science Jeremy Johnson Propositional Calculus Topics Motivation: Simplifying Conditional Expressions
More informationDATABASE THEORY. Lecture 11: Introduction to Datalog. TU Dresden, 12th June Markus Krötzsch Knowledge-Based Systems
DATABASE THEORY Lecture 11: Introduction to Datalog Markus Krötzsch Knowledge-Based Systems TU Dresden, 12th June 2018 Announcement All lectures and the exercise on 19 June 2018 will be in room APB 1004
More informationA Pronominal Account of Binding and Computation
A Pronominal Account of Binding and Computation Robert Harper Carnegie Mellon University TAASN March 2009 Thanks Thanks to Daniel R. Licata and Noam Zeilberger, my collaborators on this work. Thanks to
More informationSoftware Engineering Lecture Notes
Software Engineering Lecture Notes Paul C. Attie August 30, 2013 c Paul C. Attie. All rights reserved. 2 Contents I Hoare Logic 11 1 Propositional Logic 13 1.1 Introduction and Overview..............................
More informationConstructive Coherent Translation of Propositional Logic
Constructive Coherent Translation of Propositional Logic JRFisher@cpp.edu (started: 2009, latest: January 18, 2016) Abstract Propositional theories are translated to coherent logic rules using what are
More informationTowards a Logical Reconstruction of Relational Database Theory
Towards a Logical Reconstruction of Relational Database Theory On Conceptual Modelling, Lecture Notes in Computer Science. 1984 Raymond Reiter Summary by C. Rey November 27, 2008-1 / 63 Foreword DB: 2
More informationVerifying Java Programs Verifying Java Programs with KeY
Verifying Java Programs Verifying Java Programs with KeY Wolfgang Schreiner Wolfgang.Schreiner@risc.jku.at Research Institute for Symbolic Computation (RISC) Johannes Kepler University, Linz, Austria http://www.risc.jku.at
More informationApplication: Programming Language Semantics
Chapter 8 Application: Programming Language Semantics Prof. Dr. K. Madlener: Specification and Verification in Higher Order Logic 527 Introduction to Programming Language Semantics Programming Language
More informationHarvard School of Engineering and Applied Sciences CS 152: Programming Languages
Harvard School of Engineering and Applied Sciences CS 152: Programming Languages Lecture 19 Tuesday, April 3, 2018 1 Introduction to axiomatic semantics The idea in axiomatic semantics is to give specifications
More informationThe Formal Semantics of Programming Languages An Introduction. Glynn Winskel. The MIT Press Cambridge, Massachusetts London, England
The Formal Semantics of Programming Languages An Introduction Glynn Winskel The MIT Press Cambridge, Massachusetts London, England Series foreword Preface xiii xv 1 Basic set theory 1 1.1 Logical notation
More information1.3 Primitive Recursive Predicates and Bounded Minimalization
12 1 Primitive Recursive Functions 1.3 Primitive Recursive Predicates and Bounded Minimalization 1.3.1 Case discrimination function The case discrimination function D is defined by D(x, y, z) = v x 0 v
More informationLOGIC AND DISCRETE MATHEMATICS
LOGIC AND DISCRETE MATHEMATICS A Computer Science Perspective WINFRIED KARL GRASSMANN Department of Computer Science University of Saskatchewan JEAN-PAUL TREMBLAY Department of Computer Science University
More informationCS 6110 S11 Lecture 25 Typed λ-calculus 6 April 2011
CS 6110 S11 Lecture 25 Typed λ-calculus 6 April 2011 1 Introduction Type checking is a lightweight technique for proving simple properties of programs. Unlike theorem-proving techniques based on axiomatic
More informationLecture 17 of 41. Clausal (Conjunctive Normal) Form and Resolution Techniques
Lecture 17 of 41 Clausal (Conjunctive Normal) Form and Resolution Techniques Wednesday, 29 September 2004 William H. Hsu, KSU http://www.kddresearch.org http://www.cis.ksu.edu/~bhsu Reading: Chapter 9,
More informationVerifying Program Invariants with Refinement Types
Verifying Program Invariants with Refinement Types Rowan Davies and Frank Pfenning Carnegie Mellon University Princeton and Yale Colloquium Talks February, 2001 Acknowledgments: Robert Harper 1 Overview
More informationSimplification. Chapter General Comments. 5.2 Typical simplification steps
Chapter 5 Simplification 5.1 General Comments Deduction on algebraic specifications in KIV is mainly based on the idea that most proof steps of predicate logic proofs (especially the steps that can be
More informationFundamentals of Software Engineering
Fundamentals of Software Engineering Reasoning about Programs - Selected Features Ina Schaefer Institute for Software Systems Engineering TU Braunschweig, Germany Slides by Wolfgang Ahrendt, Richard Bubel,
More informationProgram Verification. Program Verification 307/434
Program Verification Program Verification 307/434 Outline Introduction: What and Why? Pre- and Postconditions Conditionals while-loops and Total Correctness Arrays Program Verification Introduction 308/434
More informationF. Brief review of classical predicate logic (PC)
F. Brief review of classical predicate logic (PC) F.I. Syntax (LfP 4.1) F.I.1. Primitive symbols Primitive vocabulary of PC (LfP 90): connectives: Ñ,, @ variables: x, y,... (with or without numerical subscripts)
More informationWhere Can We Draw The Line?
Where Can We Draw The Line? On the Hardness of Satisfiability Problems Complexity 1 Introduction Objectives: To show variants of SAT and check if they are NP-hard Overview: Known results 2SAT Max2SAT Complexity
More informationAutomated Theorem Proving in a First-Order Logic with First Class Boolean Sort
Thesis for the Degree of Licentiate of Engineering Automated Theorem Proving in a First-Order Logic with First Class Boolean Sort Evgenii Kotelnikov Department of Computer Science and Engineering Chalmers
More informationKAT and PHL in Coq. 1 Introduction. 2 Revision of KAT and PHL concepts. David Pereira 1 and Nelma Moreira 1
KAT and PHL in Coq David Pereira 1 and Nelma Moreira 1 LIACC University of Porto {dpereira,nam}@ncc.up.pt Abstract. In this paper we describe an implementation of Kleene Algebras with Tests (KAT) in the
More informationToward explicit rewrite rules in the λπ-calculus modulo
Toward explicit rewrite rules in the λπ-calculus modulo Ronan Saillard (Olivier Hermant) Deducteam INRIA MINES ParisTech December 14th, 2013 1 / 29 Motivation Problem Checking, in a trustful way, that
More informationMechanized metatheory revisited
Mechanized metatheory revisited Dale Miller Inria Saclay & LIX, École Polytechnique Palaiseau, France TYPES 2016, Novi Sad 25 May 2016 Theory vs Metatheory When formalizing programming languages, we often
More informationBasic Foundations of Isabelle/HOL
Basic Foundations of Isabelle/HOL Peter Wullinger May 16th 2007 1 / 29 1 Introduction into Isabelle s HOL Why Type Theory Basic Type Syntax 2 More HOL Typed λ Calculus HOL Rules 3 Example proof 2 / 29
More informationPhysics 235 Chapter 6. Chapter 6 Some Methods in the Calculus of Variations
Chapter 6 Some Methods in the Calculus of Variations In this Chapter we focus on an important method of solving certain problems in Classical Mechanics. In many problems we need to determine how a system
More informationFrom Hoare Logic to Matching Logic Reachability
From Hoare Logic to Matching Logic Reachability Grigore Roşu 1,2 and Andrei Ştefănescu 1 1 University of Illinois at Urbana-Champaign, USA 2 Alexandru Ioan Cuza University, Iaşi, Romania {grosu, stefane1}@illinois.edu
More informationBeluga: A Framework for Programming and Reasoning with Deductive Systems (System Description)
Beluga: A Framework for Programming and Reasoning with Deductive Systems (System Description) Brigitte Pientka and Joshua Dunfield McGill University, Montréal, Canada {bpientka,joshua}@cs.mcgill.ca Abstract.
More informationLecture Note: Types. 1 Introduction 2. 2 Simple Types 3. 3 Type Soundness 6. 4 Recursive Types Subtyping 17
Jens Palsberg Sep 24, 1999 Contents Lecture Note: Types 1 Introduction 2 2 Simple Types 3 3 Type Soundness 6 4 Recursive Types 12 5 Subtyping 17 6 Decision Procedure for Subtyping 19 7 First-Order Unification
More informationType Classes and Overloading in Higher-Order Logic
Type Classes and Overloading in Higher-Order Logic Markus Wenzel Technische Universität München Institut für Informatik, Arcisstraße 21, 80290 München, Germany http://www4.informatik.tu-muenchen.de/~wenzelm/
More informationType Safety. Java and ML are type safe, or strongly typed, languages. C and C++ are often described as weakly typed languages.
Java and ML are type safe, or strongly typed, languages. CMPSCI 630: Programming Languages Spring 2009 (with thanks to Robert Harper) C and C++ are often described as weakly typed languages. What does
More information3.4 Deduction and Evaluation: Tools Conditional-Equational Logic
3.4 Deduction and Evaluation: Tools 3.4.1 Conditional-Equational Logic The general definition of a formal specification from above was based on the existence of a precisely defined semantics for the syntax
More informationAn LCF-Style Interface between HOL and First-Order Logic
An LCF-Style Interface between HOL and First-Order Logic Joe Hurd Computer Laboratory University of Cambridge, joe.hurd@cl.cam.ac.uk 1 Introduction Performing interactive proof in the HOL theorem prover
More informationSubstitution in Structural Operational Semantics and value-passing process calculi
Substitution in Structural Operational Semantics and value-passing process calculi Sam Staton Computer Laboratory University of Cambridge Abstract Consider a process calculus that allows agents to communicate
More informationFirst-Class Type Classes
First-Class Type Classes Matthieu Sozeau Joint work with Nicolas Oury LRI, Univ. Paris-Sud - Démons Team & INRIA Saclay - ProVal Project Gallium Seminar November 3rd 2008 INRIA Rocquencourt Solutions for
More informationOverview of the KeY System
22c181: Formal Methods in Software Engineering The University of Iowa Spring 2008 Overview of the KeY System Copyright 2007-8 Reiner Hähnle and Cesare Tinelli. Notes originally developed by Reiner Hähnle
More information