Finitary Deduction Systems

Cryptographic protocols are the cornerstone of security in distributed systems. The formal analysis of their properties is accordingly one of the focus points of the security community, and is usually split among two groups. In the first group, one focuses on trace-based security properties such as confidentiality and authentication, and provides decision procedures for the existence of attacks for an on-line attackers. In the second group, one focuses on equivalence properties such as privacy and guessing attacks, and provides decision procedures for the existence of attacks for an offline attacker. In all cases the attacker is modeled by a deduction system in which his possible actions are expressed. We present in this paper a notion of finitary deduction systems that aims at relating both approaches. We prove that for such deduction systems, deciding equivalence properties for on-line attackers can be reduced to deciding reachability properties in the same setting.Comment: 30 pages. Work begun while in the CASSIS Project, INRIA Nancy Grand Es

Partial Horn logic and cartesian categories

A logic is developed in which function symbols are allowed to represent partial functions. It has the usual rules of logic (in the form of a sequent calculus) except that the substitution rule has to be modified. It is developed here in its minimal form, with equality and conjunction, as “partial Horn logic”. Various kinds of logical theory are equivalent: partial Horn theories, “quasi-equational” theories (partial Horn theories without predicate symbols), cartesian theories and essentially algebraic theories. The logic is sound and complete with respect to models in , and sound with respect to models in any cartesian (finite limit) category. The simplicity of the quasi-equational form allows an easy predicative constructive proof of the free partial model theorem for cartesian theories: that if a theory morphism is given from one cartesian theory to another, then the forgetful (reduct) functor from one model category to the other has a left adjoint. Various examples of quasi-equational theory are studied, including those of cartesian categories and of other classes of categories. For each quasi-equational theory another, , is constructed, whose models are cartesian categories equipped with models of . Its initial model, the “classifying category” for , has properties similar to those of the syntactic category, but more precise with respect to strict cartesian functors

How functional programming mattered

In 1989 when functional programming was still considered a niche topic, Hughes wrote a visionary paper arguing convincingly ‘why functional programming matters’. More than two decades have passed. Has functional programming really mattered? Our answer is a resounding ‘Yes!’. Functional programming is now at the forefront of a new generation of programming technologies, and enjoying increasing popularity and influence. In this paper, we review the impact of functional programming, focusing on how it has changed the way we may construct programs, the way we may verify programs, and fundamentally the way we may think about programs

Theorem proving with built-in hybrid theories

A growing number of applications of automated reasoning exhibits the necessity of flexible deduction systems. A deduction system should be able to execute inference rules which are appropriate to the given problem. One way to achieve this behavior is the integration of different calculi. This led to so called hybrid reasoning [22, 1, 10, 20] which means the integration of a general purpose foreground reasoner with a specialized background reasoner. A typical task of a background reasoner is to perform special purpose inference rules according to a built-in theory. The aim of this paper is to go a step further, i.e. to treat the background reasoner as a hybrid system itself. The paper formulates sufficient criteria for the construction of complete calculi which enable reasoning under hybrid theories combined from sub-theories. For this purpose we use a generic approach described in [20]. This more detailed view on built-in theories is not covered by the known general approaches [1, 3, 6, 20] for building in theories into theorem provers. The approach is demonstrated by its application to the target calculi of the algebraic translation [9] of multi-modal and extended multi-modal [7] logic to first-order logic

New Equations for Neutral Terms: A Sound and Complete Decision Procedure, Formalized

The definitional equality of an intensional type theory is its test of type compatibility. Today's systems rely on ordinary evaluation semantics to compare expressions in types, frustrating users with type errors arising when evaluation fails to identify two `obviously' equal terms. If only the machine could decide a richer theory! We propose a way to decide theories which supplement evaluation with `$\nu$-rules', rearranging the neutral parts of normal forms, and report a successful initial experiment. We study a simple -calculus with primitive fold, map and append operations on lists and develop in Agda a sound and complete decision procedure for an equational theory enriched with monoid, functor and fusion laws

Institutionalising Ontology-Based Semantic Integration

We address what is still a scarcity of general mathematical foundations for ontology-based semantic integration underlying current knowledge engineering methodologies in decentralised and distributed environments. After recalling the first-order ontology-based approach to semantic integration and a formalisation of ontological commitment, we propose a general theory that uses a syntax-and interpretation-independent formulation of language, ontology, and ontological commitment in terms of institutions. We claim that our formalisation generalises the intuitive notion of ontology-based semantic integration while retaining its basic insight, and we apply it for eliciting and hence comparing various increasingly complex notions of semantic integration and ontological commitment based on differing understandings of semantics

On the practical value of Herbrand disjunctions

Herbrand disjunctions are a means for reducing the problem of whether a first-oder formula is valid in an open theory T or not to the problem whether an open formula, one of the so called Herbrand disjunctions, is T -valid or not. Nevertheless, the set of Herbrand disjunctions, which has to be examined, is undecidable in general. Fore this reason the practical value of Herbrand disjunctions has been estimated negatively (cf. [30]). Relying on completeness proofs which are based on the algebraization technique presented in [30], but taking a more optimistic view, we show how Herbrand disjunctions become the base of a method for building in theories into automatic theorem provers [26]. Surveying newer results we discuss how to treat heterogeneous theories [29] as well as practical implications of different normal form transformations