Proof Planning Coinduction

Centre for Intelligent Systems and their ApplicationsCoinduction is a proof rule which is the dual of induction. It allows reasoning about non-well-founded sets and is of particular use for reasoning about equivalences.In this thesis I present an automation of coinductive theorem proving. This automation is based on the ideas of proof planning [Bundy 88]. Proof planning as the name suggests, plans the higher level steps in a proof without performing the formal checking which is also required for a verification. The automation has focused on the use of coinduction to prove the equivalence of programs in a small lazy functional language which is similar to Haskell.One of the hardest parts in a coinductive proof is the choice of a relation, called a bisimulation. The automation here described makes an initial simplified guess at a bisimulation and then uses critics, revisions based on failure, and generalisation techniques to refine this guess.The proof plan for coinduction and the critic have been implemented in CLAM [Bundy et al 90b] with encouraging results. The planner has been successfully tested on a number of theorems. Comparison of the proof planner for coinduction with the proof plan for induction implemented in CLAM has gighlighted a number of equivalences and dualities in the process of these proofs and has also suggested improvements to both systems.This work has demonstrated not only the possibility of fully automated theorem provers for coinduction but has also demonstrated the uses of proof planning for comparison of proof techniques.This work has demonstrated not only the possibility of fully automated theorem provers for coinduction but has also demonstrated the uses of proof planning for comparison of proof techniques

Proof planning with multiple strategies

This thesis presents proof planning with multiple stategies. Strategies are independent proof plan operations, and different strategies realize different plan refinements as well as plan modifications. Compared with the previous proof planning, multiple strategy proof planning introduces another hierarchical level and its heuristic control. Both, the strategies and the strategic control can encode (mathematcial) domain knowledge. We implemented proof planning with multiple strategies in the MULTI system. The evaluation of proof planning with multiple stratgeies and its implementation in MULTI is conducted with two large and two smaller case studies that are discussed in this thesis. The case studies illustrate the importance of domain knowledge at the strategy-level for proof planningDiese Arbeit stellt Beweisplanen mit mehreren Strategien vor. Strategien sind unabhängige Komponenten für das Beweisplanen, wobei verschiedene Strategien verschiedene Verfeinerungen oder Modifikationen eines Beweisplans realisieren können. Im Vergleich mit dem bisherigen Beweisplanen führt Beweisplanen mit mehreren Strategien eine neue Hierarchieebene und deren heuristische Kontrolle ein. Sowohl die Strategie selbst als auch ihre Kontrolle können (mathematisches) Wissen über eine Domäne kodieren. Beweisplanen mit mehren Strategien ist implementiert im MULTI System. Zur Evaluierung von Beweisplanen mit mehreren Strategien wurden mit MULTI zwei große und zwei kleinere Fallstudien durchgeführt, die in dieser Arbeit diskutiert werden. Die Fallstudien veranschaulichen das Domänenwissen, das auf der Ebene von Strategien vorliegt, und wie es im Beweisplanen benutzt werden kann