407 research outputs found
SEPIA: Search for Proofs Using Inferred Automata
This paper describes SEPIA, a tool for automated proof generation in Coq.
SEPIA combines model inference with interactive theorem proving. Existing proof
corpora are modelled using state-based models inferred from tactic sequences.
These can then be traversed automatically to identify proofs. The SEPIA system
is described and its performance evaluated on three Coq datasets. Our results
show that SEPIA provides a useful complement to existing automated tactics in
Coq.Comment: To appear at 25th International Conference on Automated Deductio
Computer Aided Verification
This open access two-volume set LNCS 13371 and 13372 constitutes the refereed proceedings of the 34rd International Conference on Computer Aided Verification, CAV 2022, which was held in Haifa, Israel, in August 2022. The 40 full papers presented together with 9 tool papers and 2 case studies were carefully reviewed and selected from 209 submissions. The papers were organized in the following topical sections: Part I: Invited papers; formal methods for probabilistic programs; formal methods for neural networks; software Verification and model checking; hyperproperties and security; formal methods for hardware, cyber-physical, and hybrid systems. Part II: Probabilistic techniques; automata and logic; deductive verification and decision procedures; machine learning; synthesis and concurrency. This is an open access book
Learning to Prove Theorems via Interacting with Proof Assistants
Humans prove theorems by relying on substantial high-level reasoning and
problem-specific insights. Proof assistants offer a formalism that resembles
human mathematical reasoning, representing theorems in higher-order logic and
proofs as high-level tactics. However, human experts have to construct proofs
manually by entering tactics into the proof assistant. In this paper, we study
the problem of using machine learning to automate the interaction with proof
assistants. We construct CoqGym, a large-scale dataset and learning environment
containing 71K human-written proofs from 123 projects developed with the Coq
proof assistant. We develop ASTactic, a deep learning-based model that
generates tactics as programs in the form of abstract syntax trees (ASTs).
Experiments show that ASTactic trained on CoqGym can generate effective tactics
and can be used to prove new theorems not previously provable by automated
methods. Code is available at https://github.com/princeton-vl/CoqGym.Comment: Accepted to ICML 201
Action Codes
We provide a new perspective on the problem how high-level state machine models with abstract actions can be related to low-level models in which these actions are refined by sequences of concrete actions. We describe the connection between high-level and low-level actions using action codes, a variation of the prefix codes known from coding theory. For each action code ?, we introduce a contraction operator ?_? that turns a low-level model ? into a high-level model, and a refinement operator ?_? that transforms a high-level model ? into a low-level model. We establish a Galois connection ?_?(?) ? ? ? ? ? ?_?(?), where ? is the well-known simulation preorder. For conformance, we typically want to obtain an overapproximation of model ?. To this end, we also introduce a concretization operator ?_?, which behaves like the refinement operator but adds arbitrary behavior at intermediate points, giving us a second Galois connection ?_?(?) ? ? ? ? ? ?_?(?). Action codes may be used to construct adaptors that translate between concrete and abstract actions during learning and testing of Mealy machines. If Mealy machine ? models a black-box system then ?_?(?) describes the behavior that can be observed by a learner/tester that interacts with this system via an adaptor derived from code ?. Whenever ?_?(?) implements (or conforms to) ?, we may conclude that ? implements (or conforms to) ?_? (?).
Almost all results, examples, and counter-examples are formalized in Coq
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
A Fast Compiler for NetKAT
High-level programming languages play a key role in a growing number of
networking platforms, streamlining application development and enabling precise
formal reasoning about network behavior. Unfortunately, current compilers only
handle "local" programs that specify behavior in terms of hop-by-hop forwarding
behavior, or modest extensions such as simple paths. To encode richer "global"
behaviors, programmers must add extra state -- something that is tricky to get
right and makes programs harder to write and maintain. Making matters worse,
existing compilers can take tens of minutes to generate the forwarding state
for the network, even on relatively small inputs. This forces programmers to
waste time working around performance issues or even revert to using
hardware-level APIs.
This paper presents a new compiler for the NetKAT language that handles rich
features including regular paths and virtual networks, and yet is several
orders of magnitude faster than previous compilers. The compiler uses symbolic
automata to calculate the extra state needed to implement "global" programs,
and an intermediate representation based on binary decision diagrams to
dramatically improve performance. We describe the design and implementation of
three essential compiler stages: from virtual programs (which specify behavior
in terms of virtual topologies) to global programs (which specify network-wide
behavior in terms of physical topologies), from global programs to local
programs (which specify behavior in terms of single-switch behavior), and from
local programs to hardware-level forwarding tables. We present results from
experiments on real-world benchmarks that quantify performance in terms of
compilation time and forwarding table size
Completeness of Tree Automata Completion
We consider rewriting of a regular language with a left-linear term rewriting system. We show a completeness theorem on equational tree automata completion stating that, if there exists a regular over-approximation of the set of reachable terms, then equational completion can compute it (or safely under-approximate it). A nice corollary of this theorem is that, if the set of reachable terms is regular, then equational completion can also compute it. This was known to be true for some term rewriting system classes preserving regularity, but was still an open question in the general case. The proof is not constructive because it depends on the regularity of the set of reachable terms, which is undecidable. To carry out those proofs we generalize and improve two results of completion: the Termination and the Upper-Bound theorems. Those theoretical results provide an algorithmic way to safely explore regular approximations with completion. This has been implemented in Timbuk and used to verify safety properties, automatically and efficiently, on first-order and higher-order functional programs
- …