Extending SMTCoq, a Certified Checker for SMT (Extended Abstract)

This extended abstract reports on current progress of SMTCoq, a communication tool between the Coq proof assistant and external SAT and SMT solvers. Based on a checker for generic first-order certificates implemented and proved correct in Coq, SMTCoq offers facilities both to check external SAT and SMT answers and to improve Coq's automation using such solvers, in a safe way. Currently supporting the SAT solver zChaff, and the SMT solver veriT for the combination of the theories of congruence closure and linear integer arithmetic, SMTCoq is meant to be extendable with a reasonable amount of effort: we present work in progress to support the SMT solver CVC4 and the theory of bit vectors.Comment: In Proceedings HaTT 2016, arXiv:1606.0542

Neural Lyapunov Control

We propose new methods for learning control policies and neural network Lyapunov functions for nonlinear control problems, with provable guarantee of stability. The framework consists of a learner that attempts to find the control and Lyapunov functions, and a falsifier that finds counterexamples to quickly guide the learner towards solutions. The procedure terminates when no counterexample is found by the falsifier, in which case the controlled nonlinear system is provably stable. The approach significantly simplifies the process of Lyapunov control design, provides end-to-end correctness guarantee, and can obtain much larger regions of attraction than existing methods such as LQR and SOS/SDP. We show experiments on how the new methods obtain high-quality solutions for challenging control problems.Comment: NeurIPS 201

Sharing a Library between Proof Assistants: Reaching out to the HOL Family

We observe today a large diversity of proof systems. This diversity has the negative consequence that a lot of theorems are proved many times. Unlike programming languages, it is difficult for these systems to co-operate because they do not implement the same logic. Logical frameworks are a class of theorem provers that overcome this issue by their capacity of implementing various logics. In this work, we study the STTforall logic, an extension of Simple Type Theory that has been encoded in the logical framework Dedukti. We present a translation from this logic to OpenTheory, a proof system and interoperability tool between provers of the HOL family. We have used this translation to export an arithmetic library containing Fermat's little theorem to OpenTheory and to two other proof systems that are Coq and Matita.Comment: In Proceedings LFMTP 2018, arXiv:1807.0135

Rule-Based Unification in Combined Theories and the Finite Variant Property

International audienceWe investigate the unification problemin theories defined by rewrite systems which are both convergent andforward-closed. These theories are also known in the context ofprotocol analysis as theories with the finite variant property andadmit a variant-based unification algorithm. In this paper, wepresent a new rule-based unification algorithm which can be seen as analternative to the variant-based approach. In addition, we defineforward-closed combination to capture the union of a forward-closedconvergent rewrite system with another theory, such as theAssociativity-Commutativity, whose function symbols may occur inright-hand sides of the rewrite system. Finally, we present acombination algorithm for this particular class of non-disjoint unionsof theories

Building and Combining Matching Algorithms

International audienceThe concept of matching is ubiquitous in declarative programming and in automated reasoning. For instance, it is a key mechanism to run rule-based programs and to simplify clauses generated by theorem provers. A matching problem can be seen as a particular conjunction of equations where each equation has a ground side. We give an overview of techniques that can be applied to build and combine matching algorithms. First, we survey mutation-based techniques as a way to build a generic matching algorithm for a large class of equational theories. Second, combination techniques are introduced to get combined matching algorithms for disjoint unions of theories. Then we show how these combination algorithms can be extended to handle non-disjoint unions of theories sharing only constructors. These extensions are possible if an appropriate notion of normal form is computable

Terminating Non-Disjoint Combined Unification

International audienceThe equational unification problem, where the underlying equational theory may be given as the union of component equational theories, appears often in practice in many fields such as automated reasoning, logic programming, declarative programming, and the formal analysis of security protocols. In this paper, we investigate the unification problem in the non-disjoint union of equational theories via the combination of hierarchical unification procedures. In this context, a unification algorithm known for a base theory is extended with some additional inference rules to take into account the rest of the theory. We present a simple form of hierarchical unification procedure. The approach is particularly well-suited for any theory where a unification procedure can be obtained in a syntactic way using transformation rules to process the axioms of the theory. Hierarchical unification procedures are exemplified with various theories used in protocol analysis. Next, we look at modularity methods for combining theories already using a hierarchical approach. In addition, we consider a new complexity measure that allows us to obtain terminating (combined) hierarchical unification procedures

Internship report MPRI 2 Reverse engineering on arithmetic proofs

International audiencededukti is a logical framework that implements the λΠ− modulo theory, an extension of the simply typed lambda calculus with dependent types and rewriting rules. It aims to be a back-end for other proof checkers by compiling proofs from these proof checkers to dedukti. This may also increase re-usability of proofs between proof checkers. However if a logic is more powerful than an other, a theorem in the first logic may not be a theorem in the second. During this internship, we consider arithmetic theorems since many proof checker are able to check arithmetic proofs. One problem that we study in this master thesis is to translate arithmetic proofs coming from a powerful proof checker, -- in our casematita -- to a less powerful proof checker -- HOL-- . This translation needs to modify the logic used in proofs and that is why dedukti is handy here. But a lot of arithmetic theorems are proved also by automatic provers. Indeed, today a lot of easy arithmetic theorems are proved by this kind of tool. But most of them do not give a proof if it claims to prove a theorem. Since for these kind of tool, constructing a full proof may be tiresome, they prefer to give a certificate , a sketch of a proof. However, any automatic prover can implement its own certificate format. To answer this problem, Zakaria Chihani & Dale Miller proposed a certificate framework: Foundational Proof Certificate (FPC) [CMR13]. This framework aims to provide a certificate format shared by many automatic provers so that from the latter, a full proof might be reconstructed.However, for now, no certificate format is given for arithmetic proofs. A second problem addressed in this internship is to answer what kind of certificate is needed for arithmetic proofs (arithmetic without multiplication)