Proofs-Programs correspondance and Security

Similar documents
Measurable Preorders and Complexity

An Evolution of Mathematical Tools

Computer Science 190 (Autumn Term, 2010) Semantics of Programming Languages

EXTENSIONS OF FIRST ORDER LOGIC

Introductory logic and sets for Computer scientists

What if current foundations of mathematics are inconsistent? Vladimir Voevodsky September 25, 2010

LOGIC AND DISCRETE MATHEMATICS

type classes & locales

Lecture slides & distribution files:

Less naive type theory

Logical Verification Course Notes. Femke van Raamsdonk Vrije Universiteit Amsterdam

Introduction to dependent types in Coq

Modal Logic: Implications for Design of a Language for Distributed Computation p.1/53

Typed Lambda Calculus for Syntacticians

Dependent Types and Irrelevance

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter p. 1/27

A NEW PROOF-ASSISTANT THAT REVISITS HOMOTOPY TYPE THEORY THE THEORETICAL FOUNDATIONS OF COQ USING NICOLAS TABAREAU

Typed Lambda Calculus

Programming Proofs and Proving Programs. Nick Benton Microsoft Research, Cambridge

Chapter 2 & 3: Representations & Reasoning Systems (2.2)

A Typed Calculus Supporting Shallow Embeddings of Abstract Machines

Type raising, continuations, and classical logic

Mathematics for Computer Scientists 2 (G52MC2)

Reducibility method: an overview

Automata and Formal Languages - CM0081 Introduction to Agda

Negations in Refinement Type Systems

Contents. Chapter 1 SPECIFYING SYNTAX 1

Faith, Evolution, and Programming Languages. Philip Wadler University of Edinburgh

1.3. Conditional expressions To express case distinctions like

Theorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214

Com S 541. Programming Languages I

2.1 The λ-calculus Syntax

The three faces of homotopy type theory. Type theory and category theory. Minicourse plan. Typing judgments. Michael Shulman.

3.4 Deduction and Evaluation: Tools Conditional-Equational Logic

More Untyped Lambda Calculus & Simply Typed Lambda Calculus

Abstract Logic Programming

Implementing Constructive Logics with OCaml

On Agda JAIST/AIST WS CVS/AIST Yoshiki Kinoshita, Yoriyuki Yamagata. Agenda

CSE505, Fall 2012, Midterm Examination October 30, 2012

Inference rule for Induction

1. true / false By a compiler we mean a program that translates to code that will run natively on some machine.

Intuitionistic Type Theory

Lecture Notes on Computational Interpretations of Modalities

Refinement Types as Proof Irrelevance. William Lovas with Frank Pfenning

The Formal Semantics of Programming Languages An Introduction. Glynn Winskel. The MIT Press Cambridge, Massachusetts London, England

The Logical Basis of Evaluation Order & Pattern-Matching

COMPUTATIONAL SEMANTICS WITH FUNCTIONAL PROGRAMMING JAN VAN EIJCK AND CHRISTINA UNGER. lg Cambridge UNIVERSITY PRESS

Functional Logic Programming: From Theory to Curry

Meta-programming with Names and Necessity p.1

Trees and Tree Encodings

The Truth about Types. Bartosz Milewski

Program Calculus Calculational Programming

Linear Dependent Types

Programming with Dependent Types Interactive programs and Coalgebras

System Description: Twelf A Meta-Logical Framework for Deductive Systems

Comparing Cubes. Steffen van Bakel Luigi Liquori Simona Ronchi della Rocca Paweł Urzyczyn

Logic and Computation

Propositional Logic Formal Syntax and Semantics. Computability and Logic

Function compose, Type cut, And the Algebra of logic

Lecture 3: Typed Lambda Calculus and Curry-Howard

CIS 1.5 Course Objectives. a. Understand the concept of a program (i.e., a computer following a series of instructions)

Functional Programming

Program certification with computational

Type Theory. Lecture 2: Dependent Types. Andreas Abel. Department of Computer Science and Engineering Chalmers and Gothenburg University

Work Analysis with Resource-Aware Session Types

Martin-L f's Type Theory. B. Nordstr m, K. Petersson and J. M. Smith. Contents. 5.4 The set of functions (Cartesian product of a family of sets) 24

A MECHANIZATION OF TYPE THEORY. Gerard P. HUBT IRIA - LABORIA Rocquencourt FRANCE

Introduction to Coq Proof Assistant

Lambda Calculus. Concepts in Programming Languages Recitation 6:

An Annotated Language

Chapter 3: Propositional Languages

Coq projects for type theory 2018

FUZZY SPECIFICATION IN SOFTWARE ENGINEERING

Topic 3: Propositions as types

Higher-Order Recursive Path Orderings à la carte

Logic and its Applications

MPRI course 2-4 Functional programming languages Exercises

A Canonical 1 Locally Named Representation of Binding. α -equivalence is identity. Randy Pollack. Masahiko Sato. LFCS, University of Edinburgh

CLF: A logical framework for concurrent systems

Programming Languages Third Edition

Dynamic Logic David Harel, The Weizmann Institute Dexter Kozen, Cornell University Jerzy Tiuryn, University of Warsaw The MIT Press, Cambridge, Massac

Type Checking and Inference Are Equivalent in Lambda Calculi with Existential Types

Code BEAM SF Hype For Types. Using Dialyzer to bring type checking to your Elixir code

Types Summer School Gothenburg Sweden August Dogma oftype Theory. Everything has a type

Computational Higher-Dimensional Type Theory

A Rehabilitation of Message-Passing Concurrency

Universes. Universes for Data. Peter Morris. University of Nottingham. November 12, 2009

Lambda Calculus and Type Inference

An Introduction to Programming and Proving in Agda (incomplete draft)

Hoare Logic. COMP2600 Formal Methods for Software Engineering. Rajeev Goré

As Natural as 0, 1, 2. Philip Wadler University of Edinburgh

Intersection and Union Types in the

Kurt Gödel and Computability Theory

Encryption as an Abstract Datatype:

Towards a Conceptual Structure based on Type theory.

Solving Boolean Equations with BDDs and Clause Forms. Gert Smolka

Software Engineering Lecture Notes

Inductive Beluga: Programming Proofs

Type Systems. Today. 1. Organizational Matters. 1. Organizational Matters. Lecture 1 Oct. 20th, 2004 Sebastian Maneth. 1. Organizational Matters

ABriefOverviewofAgda A Functional Language with Dependent Types

Transcription:

Proofs-Programs correspondance and Security Jean-Baptiste Joinet Université de Lyon & Centre Cavaillès, École Normale Supérieure, Paris Third Cybersecurity Japanese-French meeting Formal methods session Keiô University 24/04/2017 Jean-Baptiste Joinet Keiô, 18/04/2017 1 / 9

Simple aims of this 15 minutes talk : to advocate the relevance of the Proofs as Programs paradigm to understand programs behavior with in view applications to security questions

Proofs-as-Programs paradigm 1969. Curry-Howard isomorphism : The process of analytization of Proofs in Intuitionistic Natural Deduction = The process of computation in Simply typed Lambda Calculus The conclusion of a proof = The type of the corresponding program

Proofs-as-Programs paradigm 1969. Curry-Howard isomorphism : The process of analytization of Proofs in Intuitionistic Natural Deduction = The process of computation in Simply typed Lambda Calculus The conclusion of a proof = The type of the corresponding program 2017. Generalized to almost all parts of Logic (including Set theory) Second-order quantification (Polymorphic types, Girard s System F...) Generalization to Classical Logic (e.g. Lambda-Mu-calculus...) Subsystems of Classical Logic with a lightened complexity (designed through Linear Logic s decomposition of computation), etc...

Propositions-as-Types : a first approach First approach of types (the external one) : types are given by an additional second level grammar used to externally submit the construction of programs to constraints

Propositions-as-Types : a first approach First approach of types (the external one) : types are given by an additional second level grammar used to externally submit the construction of programs to constraints Typing then is a way to avoid : some programs thus some particular computational dynamics thus some undesired properties of computation : typically non termination termination within a too long runtime

Propositions-as-Types : methodological use of the first approach The program extraction methodology (to guarantee to get a correct program wrt an equational specification) Data types : second order types whose shape determines all the terms of that type Define equationally a recursive function on data in first order logic Prove the formula that states that the function is terminating We then know that the program corresponding to the proof does satisfy the specification

Propositions-as-Types : methodological use of the first approach The program extraction methodology (to guarantee to get a correct program wrt an equational specification) Data types : second order types whose shape determines all the terms of that type Define equationally a recursive function on data in first order logic Prove the formula that states that the function is terminating We then know that the program corresponding to the proof does satisfy the specification What about other (non arithmetical functional) theorems?

Propositions-as-Types : a second approach Slogan : a type = a set of programs with some common behavior with respect to some set of tests

Propositions-as-Types : a second approach Slogan : a type = a set of programs with some common behavior with respect to some set of tests How to characterize abstractly which set of programs are types : idea : a type is a set of programs orthogonal to some set of programs (i.e. which is closed by bi-orthogonality) types constructors are operations on sets of programs that preserve the fact to be a type

Krivine s specification methodology Goal : prove that all programs of a given type have a given common behavior Krivine s classical realizability could be used as a device to infer behaviors from the type : a classical typing discipline is needed : second order (classical) predicate calculus, formalized by adding Peirce law to the intuitionistic natural deduction

Krivine s specification methodology Goal : prove that all programs of a given type have a given common behavior Krivine s classical realizability could be used as a device to infer behaviors from the type : a classical typing discipline is needed : second order (classical) predicate calculus, formalized by adding Peirce law to the intuitionistic natural deduction then, in order to realize classical proofs : a classical extension of Lambda-calculus (means : with control, exceptions treatment) Behaviors described in terms of three categories (coming from -translation of intuitionistic logic into itself!) : 1. terms, 2. stacks (of terms), 3. executables (pairs made of a term and a stack) and w.r.t. a particular evaluation strategy (Call-by-name weak head evaluation with a stack-save-and-restore abstract machine) which preserves this description in three categories.

Krivine s specification methodology Solving specification problems : Interpretation of atomic formulas by set of terms : X is a chosen set of executables closed by retro-reduction define A (orthogonal) as the set of stacks that will form nice executables when paired with terms in A with respect to define inductively the interpretation as usual, but through a translation adequacy theorem : for any {terms} {stacks} : it the term t is of type A and π is a stack in the orthogonal of A, then the executable (t, π) is in the interpretation of. adequacy theorem is then used to prove that a particular common behavior is shared by all terms : introduce a new combinator describe its postulated computational behavior in terms of stack-save-and-restore manipulations (within the frame of the chosen cbn evaluation) show that it is a realizer of the corresponding type, i.e. choose a relevant and show the combinator belongs to the interpretation of the corresponding type.

Fin

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback