A Framework for Specifying, Prototyping, and Reasoning about Computational Systems

This thesis concerns the development of a framework that facilitates the design and analysis of formal systems. Specifically, this framework provides a specification language which supports the concise and direct description of formal systems, a mechanism for animating the specification language thereby producing prototypes of encoded systems, and a logic for proving properties of specifications and therefore of the systems they encode. A defining characteristic of the proposed framework is that it is based on two separate but closely intertwined logics: a specification logic that facilitates the description of computational structure and another logic that exploits the special characteristics of the specification logic to support reasoning about the computational behavior of systems that are described using it. Both logics embody a natural treatment of binding structure by using the lambda-calculus as a means for representing objects and by incorporating special mechanisms for working with such structure. By using this technique, they lift the treatment of binding from the object language into the domain of the relevant meta logic, thereby allowing the specification or analysis components to focus on the more essential logical aspects of the systems that are encoded. The primary contributions of these thesis are the development of a rich meta-logic called G with capabilities for sophisticated reasoning that includes induction and co-induction over high-level specifications of computations and with an associated cut-elimination result; an interactive reasoning system called Abella based on G; and several reasoning examples which demonstrate the expressiveness and naturalness of both G and Abella.Comment: PhD Thesis submitted September, 200

Proof planning for logic program synthesis

The area of logic program synthesis is attracting increased interest. Most efforts have concentrated on applying techniques from functional program synthesis to logic program synthesis. This thesis investigates a new approach: Synthesizing logic programs automatically via middle-out reasoning in proof planning.[Bundy et al 90a] suggested middle-out reasoning in proof planning. Middleout reasoning uses variables to represent unknown details of a proof. Unifica¬ tion instantiates the variables in the subsequent planning, while proof planning provides the necessary search control.Middle-out reasoning is used for synthesis by planning the verification of an unknown logic program: The program body is represented with a meta-variable. The planning results both in an instantiation of the program body and a plan for the verification of that program. If the plan executes successfully, the synthesized program is partially correct and complete.Middle-out reasoning is also used to select induction schemes. Finding an appropriate induction scheme in synthesis is difficult, because the recursion in the program, which is unknown at the outset, determines the induction in the proof. In middle-out induction, we set up a schematic step case by representing the constructors applied to the induction variables with meta-variables. Once the step case is complete, the instantiated variables correspond to an induction appropriate to the recursion of the program.The results reported in this thesis are encouraging. The approach has been implemented as an extension to the proof planner CUM [Bundy et al 90c], called Periwinkle, which has been used to synthesize a variety of programs fully automatically

The Dynamic Creation of Induction Rules Using Proof Planning

Centre for Intelligent Systems and their ApplicationsA key problem in automating proof by mathematical induction is choosing an induction rule suitable for a given conjecture. Since Boyer & Moore’s NQTHM system the standard approach has been based on recursion analysis, which uses a combination of induction rules based on the relevant recursive function definitions. However, there are practical examples on which such techniques are known to fail. Recent research has tried to improve automation by delaying the choice of inductive rule until later in the proof, but these techniques suffer from two serious problems. Firstly, a lack of search control: specifically, in controlling the application of ‘speculative’ proof steps that partially commit to a choice of induction rule. Secondly, a lack of generality: they place significant restrictions on the form of induction rule that can be chosen. In this thesis we describe a new delayed commitment strategy for inductive proof that addresses these problems. The strategy dynamically creates an appropriate induction rule by proving schematic proof goals, where unknown rule structure is represented by meta-variables which become instantiated during the proof. This is accompanied by a proof that the generated rule is valid. The strategy achieves improved control over speculative proof steps via a novel speculation critic. It also generates a wider range of useful induction rules than other delayed commitment techniques, partly because it removes unnecessary restrictions on the individual proof cases, and partly because of a new technique for generating the rule’s overall case structure. The basic version of the strategy has been implemented using the lamdaClam proof planner. The system was extended with a novel proof critics architecture for this purpose. An evaluation shows the strategy is a useful and practical technique, and demonstrates its advantages

Proof-theoretic Semantics for Intuitionistic Multiplicative Linear Logic

This work is the first exploration of proof-theoretic semantics for a substructural logic. It focuses on the base-extension semantics (B-eS) for intuitionistic multiplicative linear logic (IMLL). The starting point is a review of Sandqvist’s B-eS for intuitionistic propositional logic (IPL), for which we propose an alternative treatment of conjunction that takes the form of the generalized elimination rule for the connective. The resulting semantics is shown to be sound and complete. This motivates our main contribution, a B-eS for IMLL , in which the definitions of the logical constants all take the form of their elimination rule and for which soundness and completeness are established

Fresnel's Laws, ceteris paribus

This article is about structural realism, historical continuity, laws of nature, and \emph{ceteris paribus} clauses. Fresnel's Laws of optics support Structural Realism because they are a scientific structure that has survived theory change. However, the history of Fresnel's Laws which has been depicted in debates over realism since the 1980s is badly distorted. Specifically, claims that J.~C. Maxwell or his followers believed in an ontologically-subsistent electromagnetic field, and gave up the aether, before Einstein's \emph{annus mirabilis} in 1905 are indefensible. Related claims that Maxwell himself did not believe in a luminiferous aether are also indefensible. This paper corrects the record. In order to trace Fresnel's Laws across significant ontological changes, they must be followed past Einstein into modern physics and nonlinear optics. I develop the philosophical implications of a more accurate history, and analyze Fresnel's Laws' historical trajectory in terms of dynamic ceteris paribus clauses. Structuralists have not embraced ceteris paribus laws, but they continue to point to Fresnel's Laws to resist anti-realist arguments from theory change. Fresnel's Laws fit the standard definition of a ceteris paribus law as a law applicable only in particular circumstances. Realists who appeal to the historical continuity of Fresnel's Laws to combat anti-realists must incorporate ceteris paribus laws into their metaphysics

Reason Dethroned; Knowledge Regained

Hume held that we have no rational justification for our inductive beliefs. A more radical view is that we have no rational justification for any of our beliefs. This dissertation has two goals pertaining to this more radical view. // The first goal is to find a basis for constructive epistemology that is consistent with this view. This goal is first sought by considering externalist theories of knowledge since these do not require rational justification for knowledge. Externalist theories are defended against the usual objections, partly via a strategy of immunizing them from counterexample-based objections by arguing that epistemologies can be successful even if they fail to explicate ordinary epistemic notions. But a new objection to externalist theories is then brought to light. The objection begins as an attack against a dogma of contemporary epistemology, that the chief benefit of possessing knowledge is having a true belief. It is argued that there are many other benefits to having knowledge , and that externalist theories are defective because externalist knowledge lacks these benefits. A mixed internalist/externalist theory, bilevel reliabilism, is then presented as a solution to this difficulty. //The second goal is to provide an explanation of the function and origin of human epistemic practices that is consistent with the no-rational-justification view. Providing such an explanation is problematic for holders of this view because, if it is correct, it seems, prima facie, that there is no reason to have epistemic practices. This goal is achieved by arguing that epistemic practices, despite appearing to have rational justification as their goal, chiefly function to promote the existence of bilevel reliabilist knowledge, a very useful type of belief that is not rationally justified. It is then argued that the explanation of the origin of epistemic practices is that they arise from natural human inductive tendencies

Investigation, Development, and Evaluation of Performance Proving for Fault-tolerant Computers

A number of methodologies for verifying systems and computer based tools that assist users in verifying their systems were developed. These tools were applied to verify in part the SIFT ultrareliable aircraft computer. Topics covered included: STP theorem prover; design verification of SIFT; high level language code verification; assembly language level verification; numerical algorithm verification; verification of flight control programs; and verification of hardware logic