How Efficient Can Fully Verified Functional Programs Be - A Case Study of Graph Traversal Algorithms
|
|
- Victoria Bradford
- 6 years ago
- Views:
Transcription
1 How Efficient Can Fully Verified Functional Programs Be - A Case Study of Graph Traversal Algorithms Mirko Stojadinović Faculty of Mathematics, University of Belgrade Abstract. One approach in achieving fully verified software is formalizing the software within a proof assistant, proving its total correctness, and exporting executable code in a functional programming language by means of code generation. In order to be applicable for the real world applications, the generated code must be efficient. In this work we evaluate how efficient can verified programs be, by doing a case study of graph algorithms. We focus on BFS (Breadth first search) and specify it in Isabelle/HOL proof assistant in several ways: a purely functional recursive specification, and an imperative specification within the Imperative/HOL framework. The exported SML programs are compared to the unverified version implemented in C, and, although an order of magnitude slower, the Imperative/HOL version can still successfully handle very large graphs. 1 Introduction Software verification is a discipline whose goal is to assure that software fully satisfies all of the indicated requirements. Two main approaches to verification exist. Dynamic verification also known as testing or experimentation is performed during the execution of software and dynamically checks its behavior. By testing software in many possible situations, errors can be discovered. However, number of possible situations is usually so large, that only a small fraction of them can be checked. For example, testing whether a program has expected output for all double precision floating point numbers is impossible, and is not going to be possible in near future. The alternative is static verification that proves correctness of software. This assures that the program will have expected output for all inputs, or more generally, that the program will function as specified. Static verification includes different types of verifications, and in this work we are focused on formal verification. It uses formal mathematical methods to prove correctness of programs. A detailed description of the subject can be found in [5] and [6]. Two main approaches to formal verification exist. In the first approach, one is trying to prove that the already implemented program is correct. However, due to complexity of real programming languages, this task is difficult and usually only some properties of the program are shown. The second approach relies on using code generation. A program is specified in a higher order logic
2 How Efficient Can Fully Verified Functional Programs Be? 201 (treated as a purely functional programming language), usually as a set of recursive functions within a theorem prover and its correctness is proved (usually by induction). This is called the shallow embedding to HOL. From the specification, executable code can be obtained by means of code generation [3]. The main drawback of this approach is inefficiency of generated functional programs. Program (C, Java,...) Specification in HOL theorem prover and proof of its correctness proof code generation (Partially) verified program Fully verified program Fig. 1: Two main approaches to formal verification Isabelle is a generic proof assistant [1]. It allows mathematical statements to be expressed in a formal language and provides tools for proving them in a logical calculus. The most widespread instance of Isabelle nowadays is Isabelle/HOL, providing a higher-order logic theorem proving environment ready to use for sizable applications. Proofs can be written in Isabelle/Isar. Isar is a declarative proof language used in Isabelle/HOL. Proofs written in Isar in structure and style correspond to classic mathematical proofs. Still, they are readable for both human and machine. Imperative/HOL [2] is a new framework included in the latest version of Isabelle/HOL. This framework formalizes using imperative data structures within HOL and within functional program specifications. This can significantly improve efficiency of generated programs. The main motivation for this work is to see if efficiency of fully verified functional programs (potentially using imperative data structures) can be comparable to efficiency of unverified imperative programs. If this is the case, then we can have functional programs that are proven to work correctly and are fast enough to be used in real-world industrial applications. It further means that in some software applications demanding high levels of reliability companies could implement programs, prove their correctness within a proof assistant and then export executable code. This is the alternative to debugging software which requires a lot of time and money and even after thorough checking does not assure that the program will behave as expected. In order to make efficiency comparison, we decided to formalize, verify and evaluate different versions of graph algorithms. The current state of our formalization is available at 2 Formalization of Graph Algorithms Our main goal is to create a formally verified library of graph algorithms that are as efficient as possible, and to compare efficiency of different approaches
3 202 Mirko Stojadinović to standard unverified implementations. Currently, we have implemented algorithms that check various graph properties (e.g., reflexivity, symmetry, transitivity) and we have created different specifications of graph traversal algorithms (BFS (Breadth First Search) and DFS (Depth First Search) [7]). In the following, we will present formalization of the BFS algorithm as a typical example of what has been done so far. Four different specifications/implementations of the BFS algorithm have been created. First three versions are written in Isabelle/HOL and executable code is exported from their specifications. The first(second) version is implemented as a purely functional program using sets(lists). The third version is a program based on the Imperative/HOL framework employing imperative data structures within a functional program. The fourth version is written in C and is used only for efficiency comparison with previous three programs. Due to limited space, we present only the third version in detail. 2.1 BFS First Two Versions (Purely Functional) The first and the second version are written in Isabelle/HOL and are using sets and lists respectively. We do not expect from this programs to be efficient. The reason is recreation of structure (set, list) in each situation in which even one of its elements changes. For example, at each level of traversal the set of visited vertices is updated and that means this set is recreated many times, which is a very expensive operation. Recreation of structures has been the main reason for not using classical functional programing in modeling real world problems. 2.2 BFS Imperative/HOL Data structures. The third specification of the BFS algorithm is also written in Isabelle/HOL, but uses imperative data structures (arrays) that are not used in classical functional programing. The framework Imperative/HOL allows usage of arrays and references. It uses a concept of monads, that were first introduced in Haskell [4]. A monad is a kind of abstract data type constructor, used to represent computations. We now show central definitions used in the third BFS specification. Adjacency list representation of graphs is used, and lists are linked together in a single array. The definition of a graph is: record graph al = nv :: nat /* number of vertices in a graph */ ne :: nat /* number of edges in a graph */ nbrs :: "vertex array" /* list of all neighbours */ inds :: "(nat nat) array" /* each pair represents the index in the array nbrs where the neighbours of a vertex start from and the number of these neighbours. */ For example, the graph given in Fig. 2 is represented as
4 How Efficient Can Fully Verified Functional Programs Be? 203 Fig. 2: An example of a graph nv = 8 ne = 12 nbrs = 2, 4, 5, 2, 3, 5, 2, 8, 5, 6, 1, 7 inds = (0,3), (3,0), (3,1), (4,2), (6,2), (8,1), (9,1), (10,2) The neighbours of a vertex 1 start from index 0, and as it has 3 neighbours, they are on positions 0, 1, 2 (the neighbours are 2, 4, 5). The neighbours of a vertex 2 start from index 3 and it has 0 neighbours. Within our third BFS specification, queues are used as an auxiliary data structure. Queues are also implemented with arrays record a queue = q elements :: " a array" q front :: nat q back :: nat Algorithm specification. The definition of bfs function is: function bfs aux where "bfs aux g s = (if empty (queue s) then return s else do { (v, q) dequeue (queue s); (from, n) Array.nth (inds g) v; s enqueue nonvisited nbrs (nbrs g) from n (s ( queue := q )); bfs aux g s } )" definition bfs where "bfs g v = do { vst Array.new (nv g) False; q alloc (nv g) 0; q enqueue v q; Array.upd v True vst; bfs aux g ( visited = vst, queue = q ) }" During execution of the algorithms queue and visited change and they represent the current state of the traversal. In bfs aux this ordered pair is denoted with s. The idea is: as the new vertices are being visited they are added to the end of the queue and marked as visited. The function bfs resembles the code written in the imperative languages. Function Array.new is used for allocation of boolean array that keeps information about which vertices are visited and which are not and then queue q is allocated. Vertex v is added to the beginning of the queue and function Array.upd that changes element of the array is used to mark v as visited. Then function bfs aux is called with the second argument representing the current state.
5 204 Mirko Stojadinović Function bfs aux removes the first element from the queue, and adds all of its neighbours to the end of the queue. Function dequeue returns two values: vertex v from the front of the queue and the queue q without this vertex. This function only changes index q front that points to the first element of the queue. Elements with indices smaller than q front are kept intact and they can later be printed if we want to see the order in which vertices were visited. Search is finished when there are no more vertices in the queue (indices q front and q back become the same). Function Array.nth is used to get the element with index v from the array inds g. Function enqueue nonvisited nbrs adds neighbours of vertex v to the end of the queue and marks them as visited. Correctness. We have proved correctness of the first version, and currently we are proving that it is equivalent to the third BFS specification, meaning that they traverse the same vertices of a graph. That way, we will show that the third version is correct (it turns out that this is much simpler then directly proving correctness of the third version). 2.3 BFS C The fourth BFS implementation is done in C. It is intended for efficiency comparison between previous versions and a program implemented in an imperative language. We do not aim to prove the correctness of this program. The code uses arrays and is really similar to the code of the third version of BFS. This provides a fair efficiency comparison. 2.4 Experimental Evaluation. From logical specification in Isabelle/HOL code can be exported to functional languages SML, OCaml, Haskell and Scala [3]. From the specifications of the first three version, codes are exported to SML and their execution times are compared to the execution time of the version implemented in C. We computed the times needed only for execution of algorithms. Times needed for input parsing and printing results are not included. Measuring the execution time for C programs is done by using Unix command time, and Isabelle allows us to export each function to SML and measure its execution time directly within the system. All programs have been ran on PC Pentium (R) Dual-Core E GHz with 2GB RAM, running under Linux. Although many instances of graphs in DIMACS format are available on-line, third and fourth program finished most of them in less then 0.01 seconds. So we have written our own generator of random graphs (in C), and tested programs on more then 30 generated instances. We present results only for six graphs that we find most representative. The following results are obtained:
6 How Efficient Can Fully Verified Functional Programs Be? 205 Vertices Edges SML (sets) SML (lists) SML (arrays) C s 8.2s 0.003s s s 320s 0.003s s * * 0.7s 0.02s * * 0.15s 0.03s * * 0.5s 0.05s * * 0.7s 0.07s First two rows show that even for very small graphs, first two versions are very inefficient. Sign * denotes that time consumption is greater then 10 minutes and in that case we have not waited for a program to finish. Next two rows represent results for rare graphs where every vertex has 5-10 neighbours. Last 2 rows represent results for dense graphs. The time needed for graph traversal in SML version using arrays is in average times greater then one needed in C (average time is calculated based on all generated instances). 3 Conclusions and Future Work. From the table above, we see that graph traversal for graphs containing thousands of vertices and millions of edges is done within a second in the verified SML program exported from Isabelle. These results are encouraging. SML program is slower than the program written in C, but this is a price that needs to be paid if we want software that is proven to work correctly (e.g., verified program is using big numbers instead of integers to ensure that overflows will not happen). All measured times are small, and very large graph instances must be used in order to make a comparison. We hope that good efficiency can be also obtained for some other graph algorithms. Hopefully, verified functional implementations will show even better results if algorithms require more computations and less data-structure manipulation (contrary to BFS). We plan to address this matter in our future work and to implement, verify and evaluate several other graph algorithms. As much bigger task, we plan to compare different approaches to verification by implementing and proving correctness of graph algorithms in other systems, e.g. Coq, ACL2, Microsoft Boogie. References 1. Nipkow T., Paulson C. L., Wenzel M. Isabelle/HOL: A Proof Assistant for Higher- Order Logic, volume 2283 of Lecture Notes. In Computer Science. Springer-Verlag, Bulwahn, L., Krauss, A., Haftmann, F., Erkok, L., Matthews, J. Imperative Functional Programming with Isabelle/HOL. In: TPHOLs Haftmann F., Nipkow T.. A code generator framework for Isabelle/HOL. In K. Schneider and J. Brandt, editors, TPHOL: Emerging Trends. Department of Computer Science, University of Kaiserslautern
7 206 Mirko Stojadinović 4. Learn You a Haskell for Great Good! available at 5. Harrison J., Formal proof theory and practice. In: Notices of the American Mathematical Society, 55(11): , December Woodcock J. C. P., Davies J. Using Z: Specification, Refinement, and Proof. Prentice-Hall, Cormen T., Lesierson C., Rivest L., Stein C. Introduction to Algorithms. MIT Press, Cambridge, MA, 2nd edition, 2001.
Formalization of Incremental Simplex Algorithm by Stepwise Refinement
Formalization of Incremental Simplex Algorithm by Stepwise Refinement Mirko Spasić, Filip Marić Faculty of Mathematics, University of Belgrade FM2012, 30. August 2012. Overview 1 Introduction 2 Approach
More informationPrograms and Proofs in Isabelle/HOL
Programs and Proofs in Isabelle/HOL Makarius Wenzel http://sketis.net March 2016 = Isabelle λ β α Introduction What is Isabelle? Hanabusa Itcho : Blind monks examining an elephant Introduction 2 History:
More informationA Framework for Verified Depth-First Algorithms
René Neumann Technische Universität München Garching, Germany rene.neumann@in.tum.de Abstract We present a framework in Isabelle/HOL for formalizing variants of depth-first search. This framework allows
More informationProof Pearl: The Termination Analysis of Terminator
Proof Pearl: The Termination Analysis of Terminator Joe Hurd Computing Laboratory Oxford University joe.hurd@comlab.ox.ac.uk Abstract. Terminator is a static analysis tool developed by Microsoft Research
More informationFunctional Programming with Isabelle/HOL
Functional Programming with Isabelle/HOL = Isabelle λ β HOL α Florian Haftmann Technische Universität München January 2009 Overview Viewing Isabelle/HOL as a functional programming language: 1. Isabelle/HOL
More informationTheorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214
Theorem proving PVS theorem prover Abhik Roychoudhury National University of Singapore Both specification and implementation can be formalized in a suitable logic. Proof rules for proving statements in
More informationIsabelle/HOL:Selected Features and Recent Improvements
/: Selected Features and Recent Improvements webertj@in.tum.de Security of Systems Group, Radboud University Nijmegen February 20, 2007 /:Selected Features and Recent Improvements 1 2 Logic User Interface
More informationHi everyone. I hope everyone had a good Fourth of July. Today we're going to be covering graph search. Now, whenever we bring up graph algorithms, we
Hi everyone. I hope everyone had a good Fourth of July. Today we're going to be covering graph search. Now, whenever we bring up graph algorithms, we have to talk about the way in which we represent the
More informationTurning inductive into equational specifications
Turning inductive into equational specifications Stefan Berghofer and Lukas Bulwahn and Florian Haftmann Technische Universität München Institut für Informatik, Boltzmannstraße 3, 85748 Garching, Germany
More informationTurning proof assistants into programming assistants
Turning proof assistants into programming assistants ST Winter Meeting, 3 Feb 2015 Magnus Myréen Why? Why combine proof- and programming assistants? Why proofs? Testing cannot show absence of bugs. Some
More informationDocument-oriented Prover Interaction with Isabelle/PIDE
Document-oriented Prover Interaction with Isabelle/PIDE Makarius Wenzel Univ. Paris-Sud, Laboratoire LRI December 2013 Project Paral-ITP ANR-11-INSE-001 Abstract LCF-style proof assistants like Coq, HOL,
More informationMobile Robot Path Planning Software and Hardware Implementations
Mobile Robot Path Planning Software and Hardware Implementations Lucia Vacariu, Flaviu Roman, Mihai Timar, Tudor Stanciu, Radu Banabic, Octavian Cret Computer Science Department, Technical University of
More informationApplying Data Refinement for Monadic Programs to Hopcroft s Algorithm
Applying Data Refinement for Monadic Programs to Hopcroft s Algorithm Peter Lammich, Thomas Tuerk ITP 2012, 13th August 2012 Background Peter Lammich (lammich@in.tum.de) Isabelle Collection Framework (ICF)
More informationLecture 8: PATHS, CYCLES AND CONNECTEDNESS
Discrete Mathematics August 20, 2014 Lecture 8: PATHS, CYCLES AND CONNECTEDNESS Instructor: Sushmita Ruj Scribe: Ishan Sahu & Arnab Biswas 1 Paths, Cycles and Connectedness 1.1 Paths and Cycles 1. Paths
More informationType Theory meets Effects. Greg Morrisett
Type Theory meets Effects Greg Morrisett A Famous Phrase: Well typed programs won t go wrong. 1. Describe abstract machine: M ::= 2. Give transition relation: M 1 M 2
More informationFunctional Programming
The Meta Language (ML) and Functional Programming Daniel S. Fava danielsf@ifi.uio.no Department of informatics University of Oslo, Norway Motivation ML Demo Which programming languages are functional?
More informationCS 206 Introduction to Computer Science II
CS 206 Introduction to Computer Science II 04 / 06 / 2018 Instructor: Michael Eckmann Today s Topics Questions? Comments? Graphs Definition Terminology two ways to represent edges in implementation traversals
More information3.4 Deduction and Evaluation: Tools Conditional-Equational Logic
3.4 Deduction and Evaluation: Tools 3.4.1 Conditional-Equational Logic The general definition of a formal specification from above was based on the existence of a precisely defined semantics for the syntax
More informationCS2 Algorithms and Data Structures Note 10. Depth-First Search and Topological Sorting
CS2 Algorithms and Data Structures Note 10 Depth-First Search and Topological Sorting In this lecture, we will analyse the running time of DFS and discuss a few applications. 10.1 A recursive implementation
More informationFormal Methods of Software Design, Eric Hehner, segment 24 page 1 out of 5
Formal Methods of Software Design, Eric Hehner, segment 24 page 1 out of 5 [talking head] This lecture we study theory design and implementation. Programmers have two roles to play here. In one role, they
More informationLecture 10: Strongly Connected Components, Biconnected Graphs
15-750: Graduate Algorithms February 8, 2016 Lecture 10: Strongly Connected Components, Biconnected Graphs Lecturer: David Witmer Scribe: Zhong Zhou 1 DFS Continued We have introduced Depth-First Search
More informationEmbedding Cryptol in Higher Order Logic
Embedding Cryptol in Higher Order Logic Joe Hurd Computer Laboratory Cambridge University joe.hurd@cl.cam.ac.uk 10 March 2007 Abstract This report surveys existing approaches to embedding Cryptol programs
More informationMeta programming on the proof level
Acta Univ. Sapientiae, Informatica, 1, 1 (2009) 15 34 Meta programming on the proof level Gergely Dévai Eötvös Loránd University, Faculty of Informatics, Department of Programming Languages and Compilers
More information1. true / false By a compiler we mean a program that translates to code that will run natively on some machine.
1. true / false By a compiler we mean a program that translates to code that will run natively on some machine. 2. true / false ML can be compiled. 3. true / false FORTRAN can reasonably be considered
More informationThe Isabelle/HOL type-class hierarchy
= Isabelle λ β Isar α The Isabelle/HOL type-class hierarchy Florian Haftmann 8 October 2017 Abstract This primer introduces corner stones of the Isabelle/HOL type-class hierarchy and gives some insights
More informationAlgorithm Design and Analysis
Algorithm Design and Analysis LECTURE 4 Graphs Definitions Traversals Adam Smith 9/8/10 Exercise How can you simulate an array with two unbounded stacks and a small amount of memory? (Hint: think of a
More informationComputing Fundamentals 2 Introduction to CafeOBJ
Computing Fundamentals 2 Introduction to CafeOBJ Lecturer: Patrick Browne Lecture Room: K408 Lab Room: A308 Based on work by: Nakamura Masaki, João Pascoal Faria, Prof. Heinrich Hußmann. See notes on slides
More informationFormalization of Incremental Simplex Algorithm by Stepwise Refinement
Formalization of Incremental Simplex Algorithm by Stepwise Refinement Mirko Spasić and Filip Marić Faculty of Mathematics, University of Belgrade Abstract. We present an Isabelle/HOL formalization and
More informationDirections in ISA Specification. Anthony Fox. Computer Laboratory, University of Cambridge, UK
Directions in ISA Specification Anthony Fox Computer Laboratory, University of Cambridge, UK Abstract. This rough diamond presents a new domain-specific language (DSL) for producing detailed models of
More informationAlgorithm Design and Analysis
Algorithm Design and Analysis LECTURE 5 Exploring graphs Adam Smith 9/5/2008 A. Smith; based on slides by E. Demaine, C. Leiserson, S. Raskhodnikova, K. Wayne Puzzles Suppose an undirected graph G is connected.
More informationA Simplified Correctness Proof for a Well-Known Algorithm Computing Strongly Connected Components
A Simplified Correctness Proof for a Well-Known Algorithm Computing Strongly Connected Components Ingo Wegener FB Informatik, LS2, Univ. Dortmund, 44221 Dortmund, Germany wegener@ls2.cs.uni-dortmund.de
More informationProvably Correct Software
Provably Correct Software Max Schäfer Institute of Information Science/Academia Sinica September 17, 2007 1 / 48 The Need for Provably Correct Software BUT bugs are annoying, embarrassing, and cost gazillions
More informationQuo Vadis Program Verification
Quo Vadis Program Verification p. 1/2 Quo Vadis Program Verification Krzysztof R. Apt CWI, Amsterdam, the Netherlands, University of Amsterdam We would like to use correct programs. Quo Vadis Program Verification
More informationTool Presentation: Isabelle/HOL for Reachability Analysis of Continuous Systems
EPiC Series in Computer Science Volume 34, 2015, Pages 180 187 ARCH14-15. 1st and 2nd International Workshop on Applied verification for Continuous and Hybrid Systems Tool Presentation: Isabelle/HOL for
More informationFigure 1: A directed graph.
1 Graphs A graph is a data structure that expresses relationships between objects. The objects are called nodes and the relationships are called edges. For example, social networks can be represented as
More informationCom S 541. Programming Languages I
Programming Languages I Lecturer: TA: Markus Lumpe Department of Computer Science 113 Atanasoff Hall http://www.cs.iastate.edu/~lumpe/coms541.html TR 12:40-2, W 5 Pramod Bhanu Rama Rao Office hours: TR
More informationWhy. an intermediate language for deductive program verification
Why an intermediate language for deductive program verification Jean-Christophe Filliâtre CNRS Orsay, France AFM workshop Grenoble, June 27, 2009 Jean-Christophe Filliâtre Why tutorial AFM 09 1 / 56 Motivations
More informationIntegration of SMT Solvers with ITPs There and Back Again
Integration of SMT Solvers with ITPs There and Back Again Sascha Böhme and University of Sheffield 7 May 2010 1 2 Features: SMT-LIB vs. Yices Translation Techniques Caveats 3 4 Motivation Motivation System
More informationIntroduction to Graphs. CS2110, Spring 2011 Cornell University
Introduction to Graphs CS2110, Spring 2011 Cornell University A graph is a data structure for representing relationships. Each graph is a set of nodes connected by edges. Synonym Graph Hostile Slick Icy
More informationWe Trusted What We Proved! Greatest Common Divisors: Theorem, Proof and Algorithm in PowerEpsilon
We Trusted What We Proved! Greatest Common Divisors: Theorem, Proof and Algorithm in PowerEpsilon Ming-Yuan Zhu CoreTek Systems, Inc. 11 th Floor, 1109, CEC Building 6 South Zhongguancun Street Beijing
More informationAn LCF-Style Interface between HOL and First-Order Logic
An LCF-Style Interface between HOL and First-Order Logic Joe Hurd Computer Laboratory University of Cambridge, joe.hurd@cl.cam.ac.uk 1 Introduction Performing interactive proof in the HOL theorem prover
More informationA Functional Graph Library
A Functional Graph Library Christian Doczkal Universität des Saarlandes Abstract. Algorithms on graphs are of great importance, both in teaching and in the implementation of specific problems. Martin Erwig
More information7. Introduction to Denotational Semantics. Oscar Nierstrasz
7. Introduction to Denotational Semantics Oscar Nierstrasz Roadmap > Syntax and Semantics > Semantics of Expressions > Semantics of Assignment > Other Issues References > D. A. Schmidt, Denotational Semantics,
More informationFrom Event-B Models to Dafny Code Contracts
From Event-B Models to Dafny Code Contracts Mohammadsadegh Dalvandi, Michael Butler, Abdolbaghi Rezazadeh Electronic and Computer Science School, University of Southampton Southampton, United Kingdom {md5g11,mjb,ra3}@ecs.soton.ac.uk
More informationIntrinsically Typed Reflection of a Gallina Subset Supporting Dependent Types for Non-structural Recursion of Coq
Intrinsically Typed Reflection of a Gallina Subset Supporting Dependent Types for Non-structural Recursion of Coq Akira Tanaka National Institute of Advanced Industrial Science and Technology (AIST) 2018-11-21
More informationVerified compilers. Guest lecture for Compiler Construction, Spring Magnus Myréen. Chalmers University of Technology
Guest lecture for Compiler Construction, Spring 2015 Verified compilers Magnus Myréen Chalmers University of Technology Mentions joint work with Ramana Kumar, Michael Norrish, Scott Owens and many more
More informationImperative Functional Programming with Isabelle/HOL
Imperative Functional Programming with Isabelle/HOL Lukas Bulwahn 1, Alexander Krauss 1, Florian Haftmann 1, Levent Erkök 2, John Matthews 2 1 Technische Universität München, Institut für Informatik, Boltzmannstraße
More informationAlgorithms and Data Structures, or
Algorithms and Data Structures, or... Classical Algorithms of the 50s, 60s and 70s Mary Cryan A&DS Lecture 1 1 Mary Cryan Our focus Emphasis is Algorithms ( Data Structures less important). Most of the
More informationCSE 100: GRAPH ALGORITHMS
CSE 100: GRAPH ALGORITHMS 2 Graphs: Example A directed graph V5 V = { V = E = { E Path: 3 Graphs: Definitions A directed graph V5 V6 A graph G = (V,E) consists of a set of vertices V and a set of edges
More information4.1 Review - the DPLL procedure
Applied Logic Lecture 4: Efficient SAT solving CS 4860 Spring 2009 Thursday, January 29, 2009 The main purpose of these notes is to help me organize the material that I used to teach today s lecture. They
More informationLECTURE 17 GRAPH TRAVERSALS
DATA STRUCTURES AND ALGORITHMS LECTURE 17 GRAPH TRAVERSALS IMRAN IHSAN ASSISTANT PROFESSOR AIR UNIVERSITY, ISLAMABAD STRATEGIES Traversals of graphs are also called searches We can use either breadth-first
More informationFrom Types to Sets in Isabelle/HOL
From Types to Sets in Isabelle/HOL Extented Abstract Ondřej Kunčar 1 and Andrei Popescu 1,2 1 Fakultät für Informatik, Technische Universität München, Germany 2 Institute of Mathematics Simion Stoilow
More informationW4231: Analysis of Algorithms
W4231: Analysis of Algorithms 10/21/1999 Definitions for graphs Breadth First Search and Depth First Search Topological Sort. Graphs AgraphG is given by a set of vertices V and a set of edges E. Normally
More informationImplementing Algorithms
Implementing Algorithms 1 Data Structures implementing algorithms arrays and linked lists 2 Implementing the Gale-Shapley algorithm selecting data structures overview of the selected data structures 3
More informationCS3110 Spring 2017 Lecture 6 Building on Problem Set 1
CS3110 Spring 2017 Lecture 6 Building on Problem Set 1 Robert Constable 1 Lecture Plan 1. Repeating schedule of remaining five problem sets and prelim. 2. Expressing PS1 related concepts in type theory.
More informationIsabelle Tutorial: System, HOL and Proofs
Isabelle Tutorial: System, HOL and Proofs Burkhart Wolff, Makarius Wenzel Université Paris-Sud What we will talk about What we will talk about Isabelle with: its System Framework the Logical Framework
More informationNote that in this definition, n + m denotes the syntactic expression with three symbols n, +, and m, not to the number that is the sum of n and m.
CS 6110 S18 Lecture 8 Structural Operational Semantics and IMP Today we introduce a very simple imperative language, IMP, along with two systems of rules for evaluation called small-step and big-step semantics.
More informationCS3110 Spring 2017 Lecture 9 Inductive proofs of specifications
CS3110 Spring 2017 Lecture 9 Inductive proofs of specifications Robert Constable 1 Lecture Plan 1. Repeating schedule of remaining five problem sets and prelim. 2. Comments on tautologies and the Coq logic.
More informationA Refinement Framework for Monadic Programs in Isabelle/HOL
A Refinement Framework for Monadic Programs in Isabelle/HOL Peter Lammich TU Munich, Institut für Informatik, Theorem Proving Group Easter 2013 Peter Lammich (TUM) Refinement Framework Easter 2013 1 /
More informationChapter 13: Reference. Why reference Typing Evaluation Store Typings Safety Notes
Chapter 13: Reference Why reference Typing Evaluation Store Typings Safety Notes References Computational Effects Also known as side effects. A function or expression is said to have a side effect if,
More informationCoq, a formal proof development environment combining logic and programming. Hugo Herbelin
Coq, a formal proof development environment combining logic and programming Hugo Herbelin 1 Coq in a nutshell (http://coq.inria.fr) A logical formalism that embeds an executable typed programming language:
More informationRefinement to Imperative HOL
Journal of Automated Reasoning manuscript No. (will be inserted by the editor) Refinement to Imperative HOL Peter Lammich Received: date / Accepted: date Abstract Many algorithms can be implemented most
More informationCSCE 750, Fall 2002 Notes 6 Page Graph Problems ffl explore all nodes (breadth first and depth first) ffl find the shortest path from a given s
CSCE 750, Fall 2002 Notes 6 Page 1 10 Graph Algorithms (These notes follow the development in Cormen, Leiserson, and Rivest.) 10.1 Definitions ffl graph, directed graph (digraph), nodes, edges, subgraph
More informationUnderstand graph terminology Implement graphs using
raphs Understand graph terminology Implement graphs using djacency lists and djacency matrices Perform graph searches Depth first search Breadth first search Perform shortest-path algorithms Disjkstra
More informationProperty-Based Testing for Coq. Cătălin Hrițcu
Property-Based Testing for Coq Cătălin Hrițcu Prosecco Reading Group - Friday, November 29, 2013 The own itch I m trying to scratch hard to devise correct safety and security enforcement mechanisms (static
More informationAnalysis of dependent types in Coq through the deletion of the largest node of a binary search tree
Analysis of dependent types in Coq through the deletion of the largest node of a binary search tree Sneha Popley and Stephanie Weirich August 14, 2008 Abstract Coq reflects some significant differences
More informationFormally-Proven Kosaraju s algorithm
Formally-Proven Kosaraju s algorithm Laurent Théry Laurent.Thery@sophia.inria.fr Abstract This notes explains how the Kosaraju s algorithm that computes the strong-connected components of a directed graph
More informationFunctional Programming Lecture 1: Introduction
Functional Programming Lecture 1: Introduction Viliam Lisý Artificial Intelligence Center Department of Computer Science FEE, Czech Technical University in Prague viliam.lisy@fel.cvut.cz Acknowledgements
More informationTopics in Software Testing
Dependable Software Systems Topics in Software Testing Material drawn from [Beizer, Sommerville] Software Testing Software testing is a critical element of software quality assurance and represents the
More informationGraph Algorithms. Chapter 22. CPTR 430 Algorithms Graph Algorithms 1
Graph Algorithms Chapter 22 CPTR 430 Algorithms Graph Algorithms Why Study Graph Algorithms? Mathematical graphs seem to be relatively specialized and abstract Why spend so much time and effort on algorithms
More informationA Certified Reduction Strategy for Homological Image Processing
A Certified Reduction Strategy for Homological Image Processing M. Poza, C. Domínguez, J. Heras, and J. Rubio Department of Mathematics and Computer Science, University of La Rioja 19 September 2014 PROLE
More informationThe Formal Semantics of Programming Languages An Introduction. Glynn Winskel. The MIT Press Cambridge, Massachusetts London, England
The Formal Semantics of Programming Languages An Introduction Glynn Winskel The MIT Press Cambridge, Massachusetts London, England Series foreword Preface xiii xv 1 Basic set theory 1 1.1 Logical notation
More informationCS1114 Assignment 3. 1 Previously, on Assignment 2. 2 Linked lists
CS1114 Assignment 3 out: February 25, 2013 due: March 8, 2013 by 5pm 1 Previously, on Assignment 2 In the last assignment we implemented several robust ways of finding the lightstick center. In this assignment,
More informationLecture 26: Graphs: Traversal (Part 1)
CS8 Integrated Introduction to Computer Science Fisler, Nelson Lecture 6: Graphs: Traversal (Part ) 0:00 AM, Apr, 08 Contents Introduction. Definitions........................................... Representations.......................................
More informationIntroduction. Problem Solving on Computer. Data Structures (collection of data and relationships) Algorithms
Introduction Problem Solving on Computer Data Structures (collection of data and relationships) Algorithms 1 Objective of Data Structures Two Goals: 1) Identify and develop useful high-level data types
More informationMutable References. Chapter 1
Chapter 1 Mutable References In the (typed or untyped) λ-calculus, or in pure functional languages, a variable is immutable in that once bound to a value as the result of a substitution, its contents never
More informationAn OCaml-based automated theorem-proving textbook
0 An OCaml-based automated theorem-proving textbook John Harrison, Intel Corporation Portland Functional Programming Study Group Mon 11th May 2009 (19:00) 1 Book plug Surveys many parts of automated reasoning,
More informationHomework Assignment #3 Graph
CISC 4080 Computer Algorithms Spring, 2019 Homework Assignment #3 Graph Some of the problems are adapted from problems in the book Introduction to Algorithms by Cormen, Leiserson and Rivest, and some are
More informationMaster Thesis Project Plan. Reusable Mathematical Models
Master Thesis Project Plan Reusable Mathematical Models Tobias K. Widmer widmer@id.ethz.ch Supervisors: Prof. Dr. B. Meyer B. Schoeller Chair of Software Engineering Department of Computer Science, ETH
More informationLecture 3 of 42. Lecture 3 of 42
Search Problems Discussion: Term Projects 3 of 5 William H. Hsu Department of Computing and Information Sciences, KSU KSOL course page: http://snipurl.com/v9v3 Course web site: http://www.kddresearch.org/courses/cis730
More informationFunctional Programming Principles in Scala. Martin Odersky
Functional Programming Principles in Scala Martin Odersky Programming Paradigms Paradigm: In science, a paradigm describes distinct concepts or thought patterns in some scientific discipline. Main programming
More informationCIS 1.5 Course Objectives. a. Understand the concept of a program (i.e., a computer following a series of instructions)
By the end of this course, students should CIS 1.5 Course Objectives a. Understand the concept of a program (i.e., a computer following a series of instructions) b. Understand the concept of a variable
More informationCOMP 4161 Data61 Advanced Course. Advanced Topics in Software Verification. Gerwin Klein, June Andronick, Christine Rizkallah, Miki Tanaka
COMP 4161 Data61 Advanced Course Advanced Topics in Software Verification Gerwin Klein, June Andronick, Christine Rizkallah, Miki Tanaka 1 COMP4161 c Data61, CSIRO: provided under Creative Commons Attribution
More informationimplementing the breadth-first search algorithm implementing the depth-first search algorithm
Graph Traversals 1 Graph Traversals representing graphs adjacency matrices and adjacency lists 2 Implementing the Breadth-First and Depth-First Search Algorithms implementing the breadth-first search algorithm
More informationThe Substitution Model
The Substitution Model Prof. Clarkson Fall 2017 Today s music: Substitute by The Who Review Previously in 3110: simple interpreter for expression language abstract syntax tree (AST) evaluation based on
More informationCS2 Algorithms and Data Structures Note 9
CS2 Algorithms and Data Structures Note 9 Graphs The remaining three lectures of the Algorithms and Data Structures thread will be devoted to graph algorithms. 9.1 Directed and Undirected Graphs A graph
More informationDetecting negative cycles with Tarjan s breadth-first scanning algorithm
Detecting negative cycles with Tarjan s breadth-first scanning algorithm Tibor Ásványi asvanyi@inf.elte.hu ELTE Eötvös Loránd University Faculty of Informatics Budapest, Hungary Abstract The Bellman-Ford
More informationTowards a Practical, Verified Kernel
Towards a Practical, Verified Kernel Kevin Elphinstone and Gerwin Klein, National ICT Australia and the University of New South Wales Philip Derrin, National ICT Australia Timothy Roscoe, ETH Zürich Gernot
More informationOrganisatorials. About us. Binary Search (java.util.arrays) When Tue 9:00 10:30 Thu 9:00 10:30. COMP 4161 NICTA Advanced Course
Organisatorials COMP 4161 NICTA Advanced Course When Tue 9:00 10:30 Thu 9:00 10:30 Where Tue: Law 163 (F8-163) Thu: Australian School Business 205 (E12-205) Advanced Topics in Software Verification Rafal
More informationAn Appropriate Search Algorithm for Finding Grid Resources
An Appropriate Search Algorithm for Finding Grid Resources Olusegun O. A. 1, Babatunde A. N. 2, Omotehinwa T. O. 3,Aremu D. R. 4, Balogun B. F. 5 1,4 Department of Computer Science University of Ilorin,
More informationLYREBIRD David Cock
davec@cse.unsw.edu.aullyrebird LYREBIRD David Cock λ What is the Motivation? Program proof is important, but there s more to do. NICTA Copyright c 2011 From Imagination to Impact 2 What is the Motivation?
More informationVISUALIZING NP-COMPLETENESS THROUGH CIRCUIT-BASED WIDGETS
University of Portland Pilot Scholars Engineering Faculty Publications and Presentations Shiley School of Engineering 2016 VISUALIZING NP-COMPLETENESS THROUGH CIRCUIT-BASED WIDGETS Steven R. Vegdahl University
More informationFaculty of Science FINAL EXAMINATION
Faculty of Science FINAL EXAMINATION COMPUTER SCIENCE COMP 250 INTRODUCTION TO COMPUTER SCIENCE Examiner: Prof. Michael Langer April 20, 2009 Associate Examiner: Mr. Joseph Vybihal 9 A.M. 12 P.M. Instructions:
More informationThe design of a programming language for provably correct programs: success and failure
The design of a programming language for provably correct programs: success and failure Don Sannella Laboratory for Foundations of Computer Science School of Informatics, University of Edinburgh http://homepages.inf.ed.ac.uk/dts
More informationFUNCTIONAL PEARLS The countdown problem
To appear in the Journal of Functional Programming 1 FUNCTIONAL PEARLS The countdown problem GRAHAM HUTTON School of Computer Science and IT University of Nottingham, Nottingham, UK www.cs.nott.ac.uk/
More informationIsabelle/jEdit as IDE for domain-specific formal languages and informal text documents
Isabelle/jEdit as IDE for domain-specific formal languages and informal text documents Makarius Wenzel http://sketis.net June 2018 λ = Isabelle β PIDE α Isabelle/jEdit as Formal IDE Abstract Isabelle/jEdit
More informationFormally Certified Satisfiability Solving
SAT/SMT Proof Checking Verifying SAT Solver Code Future Work Computer Science, The University of Iowa, USA April 23, 2012 Seoul National University SAT/SMT Proof Checking Verifying SAT Solver Code Future
More informationThe Java Type System (continued)
Object-Oriented Design Lecture 5 CSU 370 Fall 2007 (Pucella) Friday, Sep 21, 2007 The Java Type System (continued) The Object Class All classes subclass the Object class. (By default, this is the superclass
More informationLecture Notes on Induction and Recursion
Lecture Notes on Induction and Recursion 15-317: Constructive Logic Frank Pfenning Lecture 7 September 19, 2017 1 Introduction At this point in the course we have developed a good formal understanding
More informationB vs. Coq to prove a Garbage Collector
B vs. Coq to prove a Garbage Collector L. Burdy GEMPLUS Avenue du Pic de Bertagne - 13881 Gémenos Cedex - France lilian.burdy@gemplus.com Abstract. This paper presents a comparison between two formal methods
More information