20 research outputs found
Capturing Hiproofs in HOL Light
Hierarchical proof trees (hiproofs for short) add structure to ordinary proof
trees, by allowing portions of trees to be hierarchically nested. The
additional structure can be used to abstract away from details, or to label
particular portions to explain their purpose. In this paper we present two
complementary methods for capturing hiproofs in HOL Light, along with a tool to
produce web-based visualisations. The first method uses tactic recording, by
modifying tactics to record their arguments and construct a hierarchical tree;
this allows a tactic proof script to be modified. The second method uses proof
recording, which extends the HOL Light kernel to record hierachical proof trees
alongside theorems. This method is less invasive, but requires care to manage
the size of the recorded objects. We have implemented both methods, resulting
in two systems: Tactician and HipCam
A Semantic Basis for Proof Queries and Transformations
We extend the query language PrQL, designed for inspecting machine representations of proofs, to also allow transformation of proofs. PrQL natively supports hiproofs which express proof structure using hierarchically nested labelled trees, which we claim is a natural way of taming the complexity of huge proofs. Query-driven transformations enable manipulation of this structure, in particular, to transform proofs produced by interactive theorem provers into forms that assist their understanding, or that could be consumed by other tools. In this paper we motivate and define basic transformation operations, using an abstract denotational semantics of hiproofs and queries. This extends our previous semantics for queries based on syntactic tree representations.We define update operations that add and remove sub-proofs, and manipulate the hierarchy to group and ungroup nodes. We show tha
Querying Proofs (Work in Progress)
We motivate and introduce the basis for a query language designed for inspecting electronic representations of proofs. We argue that there is much to learn from large proofs beyond their validity, and that a dedicated query language can provide a principled way of implementing a family of useful operations
Ideas for a high-level proof strategy language
ABSTRACT Finding ways to prove theorems mechanically was one of the earliest challenges tackled by the AI community. Notable progress has been made but there is still always a limit to any set of heuristic search techniques. From a proof done by human users, we wish to find out whether AI techniques can also be used to learn from a human user. AI4FM (Artificial Intelligence for Formal Methods) is a four-year project that starts officially in April 2010 (see www.AI4FM.org). It focuses on helping users of "formal methods" many of which give rise to proof obligations that have to be (mechanically) verified (by a theorem prover). In industrial-sized developments, there are often a large number of proof obligations and, whilst many of them succumb to similar proof strategies, those that remain can hold up engineers trying to use formal methods. The goal of AI4FM is to learn enough from one manual proof, to discharge proof obligations automatically that yield to similar proof strategies. To achieve this, a high-level (proof) strategy language is required, and in this paper we outline some ideas of such language, and towards extracting them. * During this work Gudmund Grov has been employed jointly by University of Edinburgh and Newcastle University. and constrained use of Z [FW08] -is the so-called "posit and prove" approach: a designer posits development steps and then justifies that they satisfy earlier specifications by discharging (often automatically generated) proof obligations (POs). A large proportion of these POs can be discharged by automatic theorem provers but "some" proofs require user interaction. Quantifying "some" is hard since it depends on many factors such as the domain, technology and methodology used -it could be as little as 3% or as much as 40%. For example, the Paris Metro line 14, developed in the Bmethod, generated 27, 800 POs (of which around 2, 250 required user-interaction) [Abr07] -the need for interactive proofs is clearly still a bottleneck in industrial application of FM, notwithstanding high degree of automation. THE FORMAL METHODS PROBLE
Refactoring proofs
Refactoring is an important Software Engineering technique for improving the structure
of a program after it has been written. Refactorings improve the maintainability,
readability, and design of a program without affecting its external behaviour. In analogy,
this thesis introduces proof refactoring to make structured, semantics preserving
changes to the proof documents constructed by interactive theorem provers as part
of a formal proof development.
In order to formally study proof refactoring, the first part of this thesis constructs
a proof language framework, Hiscript. The Hiscript framework consists of a procedural
tactic language, a declarative proof language, and a modular theory language. Each
level of this framework is equipped with a formal semantics based on a hierarchical
notion of proof trees. Furthermore, this framework is generic as it does not prescribe
an underlying logical kernel. This part contributes an investigation of semantics for
formal proof documents, which is proved to construct valid proofs. Moreover, in analogy
with type-checking, static well-formedness checks of proof documents are separated
from evaluation of the proof. Furthermore, a subset of the SSReflect language
for Coq, called eSSence, is also encoded using hierarchical proofs. Both Hiscript and
eSSence are shown to have language elements with a natural hierarchical representation.
In the second part, proof refactoring is put on a formal footing with a definition
using the Hiscript framework. Over thirty refactorings are formally specified and
proved to preserve the semantics in a precise way for the Hiscript language, including
traditional structural refactorings, such as rename item, and proof specific refactorings
such as backwards proof to forwards proof and declarative to procedural. Finally, a concrete,
generic refactoring framework, called Polar, is introduced. Polar is based on graph
rewriting and has been implemented with over ten refactorings and for two proof
languages, including Hiscript.
Finally, the third part concludes with some wishes for the future
A Graphical Language for Proof Strategies
Complex automated proof strategies are often difficult to extract, visualise,
modify, and debug. Traditional tactic languages, often based on stack-based
goal propagation, make it easy to write proofs that obscure the flow of goals
between tactics and are fragile to minor changes in input, proof structure or
changes to tactics themselves. Here, we address this by introducing a graphical
language called PSGraph for writing proof strategies. Strategies are
constructed visually by "wiring together" collections of tactics and evaluated
by propagating goal nodes through the diagram via graph rewriting. Tactic nodes
can have many output wires, and use a filtering procedure based on goal-types
(predicates describing the features of a goal) to decide where best to send
newly-generated sub-goals.
In addition to making the flow of goal information explicit, the graphical
language can fulfil the role of many tacticals using visual idioms like
branching, merging, and feedback loops. We argue that this language enables
development of more robust proof strategies and provide several examples, along
with a prototype implementation in Isabelle
Towards an Intelligent Tutor for Mathematical Proofs
Computer-supported learning is an increasingly important form of study since
it allows for independent learning and individualized instruction. In this
paper, we discuss a novel approach to developing an intelligent tutoring system
for teaching textbook-style mathematical proofs. We characterize the
particularities of the domain and discuss common ITS design models. Our
approach is motivated by phenomena found in a corpus of tutorial dialogs that
were collected in a Wizard-of-Oz experiment. We show how an intelligent tutor
for textbook-style mathematical proofs can be built on top of an adapted
assertion-level proof assistant by reusing representations and proof search
strategies originally developed for automated and interactive theorem proving.
The resulting prototype was successfully evaluated on a corpus of tutorial
dialogs and yields good results.Comment: In Proceedings THedu'11, arXiv:1202.453
Capturing proof process
PhD ThesisProof automation is a common bottleneck for industrial adoption of formal methods.
Heuristic search techniques fail to discharge every proof obligation (PO), and
significant effort is spent on proving the remaining ones interactively. Luckily,
they usually fall into several proof families, where a single idea is required to discharge
all similar POs. However, interactive formal proof requires expertise and
is expensive: repeating the ideas over multiple proofs adds up to significant costs.
The AI4FM research project aims to alleviate the repetitive effort by “learning”
from an expert doing interactive proof. The expert’s proof attempts can give rise
to reusable strategies, which capture the ideas necessary to discharge similar POs.
Automatic replay of these strategies would complete the remaining proof tasks
within the same family, enabling the expert to focus on novel proof ideas.
This thesis presents an architecture to capture the expert’s proof ideas as a highlevel
proof process. Expert insight is not reflected in low-level proof scripts, therefore
a generic ProofProcess framework is developed to capture high-level proof information,
such as proof intent and important proof features of the proof steps taken.
The framework accommodates branching to represent the actual proof structure
as well as layers of abstraction to accommodate different granularities. The full
history of how the proof was discovered is recorded, including multiple attempts
to capture alternative, failed or unfinished versions.
A prototype implementation of the ProofProcess framework is available, including
integrations with Isabelle and Z/EVES theorem provers. Two case studies illustrate
how the ProofProcess systems are used to capture high-level proof processes
in examples from industrial-style formal developments. Reuse of the captured
information to discharge similar proofs within the examples is also explored.
The captured high-level information facilitates extraction of reusable proof
strategies. Furthermore, the data could be used for proof maintenance, training,
proof metrics, and other use cases