1,472 research outputs found
Computation calculus bridging a formalization gap
AbstractWe present an algebra that is intended to bridge the gap between programming formalisms that have a high level of abstraction and the operational interpretations these formalisms have been designed to capture. In order to prove a high-level formalism sound for its intended operational interpretation, one needs a mathematical handle on the latter. To this end we design the computation calculus. As an expression mechanism, it is sufficiently transparent to avoid begging the question. As an algebra, it is quite powerful and relatively simple
Proof Generation from Delta-Decisions
We show how to generate and validate logical proofs of unsatisfiability from
delta-complete decision procedures that rely on error-prone numerical
algorithms. Solving this problem is important for ensuring correctness of the
decision procedures. At the same time, it is a new approach for automated
theorem proving over real numbers. We design a first-order calculus, and
transform the computational steps of constraint solving into logic proofs,
which are then validated using proof-checking algorithms. As an application, we
demonstrate how proofs generated from our solver can establish many nonlinear
lemmas in the the formal proof of the Kepler Conjecture.Comment: Appeared in SYNASC'1
EasyUC: using EasyCrypt to mechanize proofs of universally composable security
We present a methodology for using the EasyCrypt proof assistant (originally designed for mechanizing the generation of proofs of game-based security of cryptographic schemes and protocols) to mechanize proofs of security of cryptographic protocols within the universally composable (UC) security framework. This allows, for the first time, the mechanization and formal verification of the entire sequence of steps needed for proving simulation-based security in a modular way: Specifying a protocol and the desired ideal functionality; Constructing a simulator and demonstrating its validity, via reduction to hard computational problems; Invoking the universal composition operation and demonstrating that it indeed preserves security. We demonstrate our methodology on a simple example: stating and proving the security of secure message communication via a one-time pad, where the key comes from a Diffie-Hellman key-exchange, assuming ideally authenticated communication. We first put together EasyCrypt-verified proofs that: (a) the Diffie-Hellman protocol UC-realizes an ideal key-exchange functionality, assuming hardness of the Decisional Diffie-Hellman problem, and (b) one-time-pad encryption, with a key obtained using ideal key-exchange, UC-realizes an ideal secure-communication functionality. We then mechanically combine the two proofs into an EasyCrypt-verified proof that the composed protocol realizes the same ideal secure-communication functionality. Although formulating a methodology that is both sound and workable has proven to be a complex task, we are hopeful that it will prove to be the basis for mechanized UC security analyses for significantly more complex protocols and tasks.Accepted manuscrip
Efficient Certified Resolution Proof Checking
We present a novel propositional proof tracing format that eliminates complex
processing, thus enabling efficient (formal) proof checking. The benefits of
this format are demonstrated by implementing a proof checker in C, which
outperforms a state-of-the-art checker by two orders of magnitude. We then
formalize the theory underlying propositional proof checking in Coq, and
extract a correct-by-construction proof checker for our format from the
formalization. An empirical evaluation using 280 unsatisfiable instances from
the 2015 and 2016 SAT competitions shows that this certified checker usually
performs comparably to a state-of-the-art non-certified proof checker. Using
this format, we formally verify the recent 200 TB proof of the Boolean
Pythagorean Triples conjecture
Catala: A Programming Language for the Law
Law at large underpins modern society, codifying and governing many aspects
of citizens' daily lives. Oftentimes, law is subject to interpretation, debate
and challenges throughout various courts and jurisdictions. But in some other
areas, law leaves little room for interpretation, and essentially aims to
rigorously describe a computation, a decision procedure or, simply said, an
algorithm. Unfortunately, prose remains a woefully inadequate tool for the job.
The lack of formalism leaves room for ambiguities; the structure of legal
statutes, with many paragraphs and sub-sections spread across multiple pages,
makes it hard to compute the intended outcome of the algorithm underlying a
given text; and, as with any other piece of poorly-specified critical software,
the use of informal language leaves corner cases unaddressed. We introduce
Catala, a new programming language that we specifically designed to allow a
straightforward and systematic translation of statutory law into an executable
implementation. Catala aims to bring together lawyers and programmers through a
shared medium, which together they can understand, edit and evolve, bridging a
gap that often results in dramatically incorrect implementations of the law. We
have implemented a compiler for Catala, and have proven the correctness of its
core compilation steps using the F* proof assistant. We evaluate Catala on
several legal texts that are algorithms in disguise, notably section 121 of the
US federal income tax and the byzantine French family benefits; in doing so, we
uncover a bug in the official implementation. We observe as a consequence of
the formalization process that using Catala enables rich interactions between
lawyers and programmers, leading to a greater understanding of the original
legislative intent, while producing a correct-by-construction executable
specification reusable by the greater software ecosystem
On Modelling and Analysis of Dynamic Reconfiguration of Dependable Real-Time Systems
This paper motivates the need for a formalism for the modelling and analysis
of dynamic reconfiguration of dependable real-time systems. We present
requirements that the formalism must meet, and use these to evaluate well
established formalisms and two process algebras that we have been developing,
namely, Webpi and CCSdp. A simple case study is developed to illustrate the
modelling power of these two formalisms. The paper shows how Webpi and CCSdp
represent a significant step forward in modelling adaptive and dependable
real-time systems.Comment: Presented and published at DEPEND 201
Lazy Kleene Algebra
We propose a relaxation of Kleene algebra by giving up strictness and right-distributivity of composition. This allows the subsumption of Dijkstra's computation calculus, Cohen's omega algebra and von Wright's demonic refinement algebra. Moreover, by adding domain and codomain operators we can also incorporate modal operators. Finally, it is shown that the predicate transformers form lazy Kleene algebras again, the disjunctive and conjunctive ones even lazy Kleene algebras with an omega operation
- …