A Synthesis of the Procedural and Declarative Styles of Interactive Theorem Proving

We propose a synthesis of the two proof styles of interactive theorem proving: the procedural style (where proofs are scripts of commands, like in Coq) and the declarative style (where proofs are texts in a controlled natural language, like in Isabelle/Isar). Our approach combines the advantages of the declarative style - the possibility to write formal proofs like normal mathematical text - and the procedural style - strong automation and help with shaping the proofs, including determining the statements of intermediate steps. Our approach is new, and differs significantly from the ways in which the procedural and declarative proof styles have been combined before in the Isabelle, Ssreflect and Matita systems. Our approach is generic and can be implemented on top of any procedural interactive theorem prover, regardless of its architecture and logical foundations. To show the viability of our proposed approach, we fully implemented it as a proof interface called miz3, on top of the HOL Light interactive theorem prover. The declarative language that this interface uses is a slight variant of the language of the Mizar system, and can be used for any interactive theorem prover regardless of its logical foundations. The miz3 interface allows easy access to the full set of tactics and formal libraries of HOL Light, and as such has "industrial strength". Our approach gives a way to automatically convert any procedural proof to a declarative counterpart, where the converted proof is similar in size to the original. As all declarative systems have essentially the same proof language, this gives a straightforward way to port proofs between interactive theorem provers

From LCF to Isabelle/HOL

Interactive theorem provers have developed dramatically over the past four decades, from primitive beginnings to today's powerful systems. Here, we focus on Isabelle/HOL and its distinctive strengths. They include automatic proof search, borrowing techniques from the world of first order theorem proving, but also the automatic search for counterexamples. They include a highly readable structured language of proofs and a unique interactive development environment for editing live proof documents. Everything rests on the foundation conceived by Robin Milner for Edinburgh LCF: a proof kernel, using abstract types to ensure soundness and eliminate the need to store proofs. Compared with the research prototypes of the 1970s, Isabelle is a practical and versatile tool. It is used by system designers, mathematicians and many others

A partial translation path from MathLang to Isabelle

This dissertation describes certain developments in computer techniques formanagingmathematical knowledge. Computers currently assistmathematicians in presenting and archiving mathematics, as well as performing calculation and verification tasks. MathLang is a framework for computerising mathematical documents which features new approaches to these issues. In this dissertation, several extensions to MathLang are described: a system and notation for annotating text; improved methods for annotating complex mathematical expressions; and a method for creating rules to translate document annotations. A typical MathLang work flow for document annotation and computerisation is demonstrated, showing how writing style can complicate the annotation process and how these may be resolved. This workflow is compared with the standard process for producing formal computer theories in a computer proof assistant (Isabelle is the system we choose). The rules for translation are further discussed as a way of producing text in the syntax of Isabelle (without a deep knowledge of the system), with possible use cases of providing a text which can be used either as an aid to learning Isabelle, or as a skeleton framework to be used as a starting point for a formal document

Calculational Proofs in ACL2s

Teaching college students how to write rigorous proofs is a critical objective in courses that introduce formal reasoning. Over the course of several years, we have developed a mechanically-checkable style of calculational reasoning that we used to teach over a thousand freshman-level undergraduate students how to reason about computation in our "Logic and Computation" class at Northeastern University. We were inspired by Dijkstra, who advocated the use of calculational proofs, writing "calculational proofs are almost always more effective than all informal alternatives, ..., the design of calculational proofs seems much more teachable than the elusive art of discovering an informal proof." Our calculational proof checker is integrated into ACL2s and is available as an Eclipse IDE plugin, via a Web interface, and as a stand-alone tool. It automatically checks proofs for correctness and provides useful feedback. We describe the architecture of the checker, its proof format, its underlying algorithms, its correctness and provide examples using proofs from our undergraduate class and from Dijkstra. We also describe our experiences using the proof checker to teach undergraduates how to formally reason about computation

Toward Structured Proofs for Dynamic Logics

We present Kaisar, a structured interactive proof language for differential dynamic logic (dL), for safety-critical cyber-physical systems (CPS). The defining feature of Kaisar is *nominal terms*, which simplify CPS proofs by making the frequently needed historical references to past program states first-class. To support nominals, we extend the notion of structured proof with a first-class notion of *structured symbolic execution* of CPS models. We implement Kaisar in the theorem prover KeYmaera X and reproduce an example on the safe operation of a parachute and a case study on ground robot control. We show how nominals simplify common CPS reasoning tasks when combined with other features of structured proof. We develop an extensive metatheory for Kaisar. In addition to soundness and completeness, we show a formal specification for Kaisar's nominals and relate Kaisar to a nominal variant of dL

A language for mathematical knowledge management

We argue that the language of Zermelo Fraenkel set theory with definitions and partial functions provides the most promising bedrock semantics for communicating and sharing mathematical knowledge. We then describe a syntactic sugaring of that language that provides a way of writing remarkably readable assertions without straying far from the set-theoretic semantics. We illustrate with some examples of formalized textbook definitions from elementary set theory and point-set topology. We also present statistics concerning the complexity of these definitions, under various complexity measures