2,056 research outputs found
Automated Certification of Implicit Induction Proofs
International audienceTheorem proving is crucial for the formal validation of properties about user specifications. With the help of the Coq proof assistant, we show how to certify properties about conditional specifications that are proved using automated proof techniques like those employed by the Spike prover, a rewrite-based implicit induction proof system. The certification methodology is based on a new representation of the implicit induction proofs for which the underlying induction principle is an instance of Noetherian induction governed by an induction ordering over equalities. We propose improvements of the certification process and show that the certification time is reasonable even for industrial-size applications. As a case study, we automatically prove and certify more than 40% of the lemmas needed for the validation of a conformance algorithm for the ABR protocol
CoLoR: a Coq library on well-founded rewrite relations and its application to the automated verification of termination certificates
Termination is an important property of programs; notably required for
programs formulated in proof assistants. It is a very active subject of
research in the Turing-complete formalism of term rewriting systems, where many
methods and tools have been developed over the years to address this problem.
Ensuring reliability of those tools is therefore an important issue. In this
paper we present a library formalizing important results of the theory of
well-founded (rewrite) relations in the proof assistant Coq. We also present
its application to the automated verification of termination certificates, as
produced by termination tools
Confluence by Decreasing Diagrams -- Formalized
This paper presents a formalization of decreasing diagrams in the theorem
prover Isabelle. It discusses mechanical proofs showing that any locally
decreasing abstract rewrite system is confluent. The valley and the conversion
version of decreasing diagrams are considered.Comment: 17 pages; valley and conversion version; RTA 201
Using ACL2 to Verify Loop Pipelining in Behavioral Synthesis
Behavioral synthesis involves compiling an Electronic System-Level (ESL)
design into its Register-Transfer Level (RTL) implementation. Loop pipelining
is one of the most critical and complex transformations employed in behavioral
synthesis. Certifying the loop pipelining algorithm is challenging because
there is a huge semantic gap between the input sequential design and the output
pipelined implementation making it infeasible to verify their equivalence with
automated sequential equivalence checking techniques. We discuss our ongoing
effort using ACL2 to certify loop pipelining transformation. The completion of
the proof is work in progress. However, some of the insights developed so far
may already be of value to the ACL2 community. In particular, we discuss the
key invariant we formalized, which is very different from that used in most
pipeline proofs. We discuss the needs for this invariant, its formalization in
ACL2, and our envisioned proof using the invariant. We also discuss some
trade-offs, challenges, and insights developed in course of the project.Comment: In Proceedings ACL2 2014, arXiv:1406.123
Recursive Definitions of Monadic Functions
Using standard domain-theoretic fixed-points, we present an approach for
defining recursive functions that are formulated in monadic style. The method
works both in the simple option monad and the state-exception monad of
Isabelle/HOL's imperative programming extension, which results in a convenient
definition principle for imperative programs, which were previously hard to
define.
For such monadic functions, the recursion equation can always be derived
without preconditions, even if the function is partial. The construction is
easy to automate, and convenient induction principles can be derived
automatically.Comment: In Proceedings PAR 2010, arXiv:1012.455
On formal verification of arithmetic-based cryptographic primitives
Cryptographic primitives are fundamental for information security: they are
used as basic components for cryptographic protocols or public-key
cryptosystems. In many cases, their security proofs consist in showing that
they are reducible to computationally hard problems. Those reductions can be
subtle and tedious, and thus not easily checkable. On top of the proof
assistant Coq, we had implemented in previous work a toolbox for writing and
checking game-based security proofs of cryptographic primitives. In this paper
we describe its extension with number-theoretic capabilities so that it is now
possible to write and check arithmetic-based cryptographic primitives in our
toolbox. We illustrate our work by machine checking the game-based proofs of
unpredictability of the pseudo-random bit generator of Blum, Blum and Shub, and
semantic security of the public-key cryptographic scheme of Goldwasser and
Micali.Comment: 13 page
A Verified Certificate Checker for Finite-Precision Error Bounds in Coq and HOL4
Being able to soundly estimate roundoff errors of finite-precision
computations is important for many applications in embedded systems and
scientific computing. Due to the discrepancy between continuous reals and
discrete finite-precision values, automated static analysis tools are highly
valuable to estimate roundoff errors. The results, however, are only as correct
as the implementations of the static analysis tools. This paper presents a
formally verified and modular tool which fully automatically checks the
correctness of finite-precision roundoff error bounds encoded in a certificate.
We present implementations of certificate generation and checking for both Coq
and HOL4 and evaluate it on a number of examples from the literature. The
experiments use both in-logic evaluation of Coq and HOL4, and execution of
extracted code outside of the logics: we benchmark Coq extracted unverified
OCaml code and a CakeML-generated verified binary
- …