Report on the formal specification and partial verification of the VIPER microprocessor

The formal specification and partial verification of the VIPER microprocessor is reviewed. The VIPER microprocessor was designed by RSRE, Malvern, England, for safety critical computing applications (e.g., aircraft, reactor control, medical instruments, armaments). The VIPER was carefully specified and partially verified in an attempt to provide a microprocessor with completely predictable operating characteristics. The specification of VIPER is divided into several levels of abstraction, from a gate-level description up to an instruction execution model. Although the consistency between certain levels was demonstrated with mechanically-assisted mathematical proof, the formal verification of VIPER was never completed

Plato on the foundations of Modern Theorem Provers

Is it possible to achieve such a proof that is independent of both acts and dispositions of the human mind? Plato is one of the great contributors to the foundations of mathematics. He discussed, 2400 years ago, the importance of clear and precise definitions as fundamental entities in mathematics, independent of the human mind. In the seventh book of his masterpiece, The Republic, Plato states “arithmetic has a very great and elevating effect, compelling the soul to reason about abstract number, and rebelling against the introduction of visible or tangible objects into the argument” (525c). In the light of this thought, I will discuss the status of mathematical entities in the twentieth first century, an era when it is already possible to demonstrate theorems and construct formal axiomatic derivations of remarkable complexity with artificial intelligent agents --- the modern theorem provers

A Case Study on Computational Hermeneutics: E. J. Lowe’s Modal Ontological Argument

Computers may help us to better understand (not just verify) arguments. In this article we defend this claim by showcasing the application of a new, computer-assisted interpretive method to an exemplary natural-language ar- gument with strong ties to metaphysics and religion: E. J. Lowe’s modern variant of St. Anselm’s ontological argument for the existence of God. Our new method, which we call computational hermeneutics, has been particularly conceived for use in interactive-automated proof assistants. It aims at shedding light on the meanings of words and sentences by framing their inferential role in a given argument. By employing automated theorem reasoning technology within interactive proof assistants, we are able to drastically reduce (by several orders of magnitude) the time needed to test the logical validity of an argu- ment’s formalization. As a result, a new approach to logical analysis, inspired by Donald Davidson’s account of radical interpretation, has been enabled. In computational hermeneutics, the utilization of automated reasoning tools ef- fectively boosts our capacity to expose the assumptions we indirectly commit ourselves to every time we engage in rational argumentation and it fosters the explicitation and revision of our concepts and commitments

Making proofs without Modus Ponens: An introduction to the combinatorics and complexity of cut elimination

This paper is intended to provide an introduction to cut elimination which is accessible to a broad mathematical audience. Gentzen's cut elimination theorem is not as well known as it deserves to be, and it is tied to a lot of interesting mathematical structure. In particular we try to indicate some dynamical and combinatorial aspects of cut elimination, as well as its connections to complexity theory. We discuss two concrete examples where one can see the structure of short proofs with cuts, one concerning feasible numbers and the other concerning "bounded mean oscillation" from real analysis

How do teachers characterise their teaching for conceptual understanding and procedural fluency?: a case study of two teachers

Over many years the practice or art of teaching Mathematics posed itself as, not only being different from the practice of teaching any other subject, but to have many challenges and opportunities that ask for exploration and understanding. Just after independence in 1990, Namibia has embarked upon a reform process for the entire education system. Many changes were brought about to create a uniform, equal system for all. However, many challenges still remain to be addressed. Mathematics education remains one of the key areas where Namibian teachers can contribute towards the improvement of the subject. Unsatisfactory results, under-qualified teachers, and a negative disposition towards Mathematics are some of the challenges. These challenges are not unique to Namibia. Across the globe psychologists, philosophers and educators continue to engage in debates and research projects in search of answers and solutions for the improvement of Mathematics education. Despite encountering numerous obstacles, many teachers are dedicated and achieve outstanding results with their learners. This thesis reports on a research project that focused on the Mathematics teaching practice of two teachers whose experiences can make a positive contribution to the improvement of Mathematics teaching in Namibia. Furthermore, this case study investigated and attempted to understand the Mathematics teaching practices of two proficient teachers who each claimed to have a specific and unique approach to teaching Mathematics. The one claimed to be mainly procedural in her Mathematics teaching, while the other one claimed to teach mainly in a conceptual manner. Both achieve very good results with their classes and attribute their own teaching orientations to a process of several experiences they went through as students and in their careers. The study revealed that both claims are substantiated and that each teacher was consistent in her claimed approach. Many challenges and constraints were encountered by both teachers, but in their unique and specific ways each teacher’s chosen teaching approach supported them to overcome these. It was evident from the findings that each teacher’s practice came about as an evolutionary process over an extended period of time. As many challenges and limitations are universal, it is believed that in sharing experiences, teachers can benefit from each other by improving their practice. It was clearly stated by both participants that the re-thinking of and reflecting on their own practices provided them with new insights and motivation. Peer support and sharing of practices contribute positively towards the improvement of the teachers’ classroom practices

The Pros and Cons of Politically Reversible Semisubstantive Constitutional Rules

Most observers of constitutional adjudication believe that it works in an all-or-nothing way. On this view, the substance of challenged rules is of decisive importance, so that political decision makers may resuscitate invalidated laws only by way of constitutional amendment. This conception of constitutional law is incomplete. In fact, courts often use so-called “semisubstantive” doctrines that focus on the processes that nonjudicial officials have used in adopting constitutionally problematic rules. When a court strikes down a rule by using a motive-centered or legislative-findings doctrine, for example, political decision makers may revive that very rule without need for a constitutional amendment. For such an effort to succeed, however, those decision makers must comply with special, deliberation-enhancing procedural requirements crafted by courts to ensure that constitutional concerns receive fair attention in the lawmaking process. Is semisubstantive review legitimate and sensible? In this Article, the author disentangles—and then responds to—each of ten critiques that judges and scholars have directed at semisubstantive decision making. While acknowledging that most of these critiques have some merit, the author concludes that courts should continue to deploy semisubstantive doctrines as one, but not the only, tool of constitutional review. This approach, it is argued, serves a worthy aim. It protects constitutional values in a meaningful way, while taking due account of the salience of republican self-rule

A Mechanized Proof of Kleene’s Theorem in Why3

In this dissertation we present a mathematically minded development of the correction proof of Kleene’s theorem conversion of regular expressions into finite automata, on the basis of equivalent expressive power. We formalise a functional implementation of the algorithm and prove, in full detail, the soundness of its mathematical definition, working within the Why3 framework to develop a mechanically verified implementation of the conversion algorithm. The motivation for this work is to test the feasibility of the deductive approach to the verification of software and pave the way to do similar proofs in the context of a static analysis approach to (object-oriented) programming. In particular, on the subject of behavioural types in typestate settings, whose expressiveness stands between regular and context-free languages and, therefore, can greatly benefit from mechanically certified implementations.Nesta dissertação apresentamos um desenvolvimento matemático da prova de correcção da conversão de expressões regulares em autómatos finitos do teorema de Kleene, com base no seu poder expressivo equivalente. Formalizamos uma implementação funcional do algoritmo e provamos, em detalhe, a correcção da sua definição matemática. Trabalhando no framework Why3 para desenvolver uma implementação mecanicamente certificada do algoritmo de conversão. A motivação para este trabalho é testar a viabilidade da metodologia e preparar o caminho para fazer provas semelhantes no contexto de uma abordagem de análise estática na programação (orientada para objectos). Em particular, no tópico dos tipos comportamentais com typestates, cuja expressividade está entre a das linguagens regulares e livres-de-contexto. Podendo, por isso, beneficiar enormemente de implementações mecanicamente certificada