Supporting ArcAngel in ProofPower

AbstractArcAngel is a specialised tactic language devised to facilitate and automate program developments using Morgan's refinement calculus. It is especially well-suited for the specification of high-level strategies to derive programs by construction, and equipped with a formal semantics that enables reasoning about tactics. In this paper, we present an implementation of ArcAngel for the ProofPower theorem prover. We discuss the underlying design, explain how it implements the semantics of ArcAngel, and examine differences in expressiveness and flexibility in comparison to ProofPower's in-built tactic language. ArcAngel supports backtracking through angelic choice; this is beyond the basic capabilities of ProofPower and many other main-stream theorem provers. The implementation is demonstrated with a non-trivial tactic example

A Refinement Calculus for Logic Programs

Existing refinement calculi provide frameworks for the stepwise development of imperative programs from specifications. This paper presents a refinement calculus for deriving logic programs. The calculus contains a wide-spectrum logic programming language, including executable constructs such as sequential conjunction, disjunction, and existential quantification, as well as specification constructs such as general predicates, assumptions and universal quantification. A declarative semantics is defined for this wide-spectrum language based on executions. Executions are partial functions from states to states, where a state is represented as a set of bindings. The semantics is used to define the meaning of programs and specifications, including parameters and recursion. To complete the calculus, a notion of correctness-preserving refinement over programs in the wide-spectrum language is defined and refinement laws for developing programs are introduced. The refinement calculus is illustrated using example derivations and prototype tool support is discussed.Comment: 36 pages, 3 figures. To be published in Theory and Practice of Logic Programming (TPLP

A UTP semantics for communicating processes with shared variables and its formal encoding in PVS

CSP# (communicating sequential programs) is a modelling language designed for specifying concurrent systems by integrating CSP-like compositional operators with sequential programs updating shared variables. In this work, we define an observation-oriented denotational semantics in an open environment for the CSP# language based on the UTP framework. To deal with shared variables, we lift traditional event-based traces into mixed traces which consist of state-event pairs for recording process behaviours. To capture all possible concurrency behaviours between action/channel-based communications and global shared variables, we construct a comprehensive set of rules on merging traces from processes which run in parallel/interleaving. We also define refinement to check process equivalence and present a set of algebraic laws which are established based on our denotational semantics. We further encode our proposed denotational semantics into the PVS theorem prover. The encoding not only ensures the semantic consistency, but also builds up a theoretic foundation for machine-assisted verification of CSP# specifications.Full Tex

Modelling the algebra of weakest preconditions

In expounding the notions of pre- and postconditions, of termination and nontermination, of correctness and of predicate transformers I found that the same trivalent distinction played a major role in all contexts. Namely: Initialisation properties: An execution of a program always, sometimes or never starts from an initial state. Termination/nontermination properties: If it starts, the execution always, sometimes or never terminates. Clean-/messy termination properties: A terminating execution always, sometimes or never terminates cleanly. Final state properties: All, some or no final states of α from s have a given property

A Dependently Typed Language with Nontermination

We propose a full-spectrum dependently typed programming language, Zombie, which supports general recursion natively. The Zombie implementation is an elaborating typechecker. We prove type saftey for a large subset of the Zombie core language, including features such as computational irrelevance, CBV-reduction, and propositional equality with a heterogeneous, completely erased elimination form. Zombie does not automatically beta-reduce expressions, but instead uses congruence closure for proof and type inference. We give a specification of a subset of the surface language via a bidirectional type system, which works up-to-congruence, and an algorithm for elaborating expressions in this language to an explicitly typed core language. We prove that our elaboration algorithm is complete with respect to the source type system. Zombie also features an optional termination-checker, allowing nonterminating programs returning proofs as well as external proofs about programs

Towards a UTP semantics for modelica

We describe our work on a UTP semantics for the dynamic systems modelling language Modelica. This is a language for modelling a system’s continuous behaviour using a combination of differential algebraic equations and an event-handling system. We develop a novel UTP theory of hybrid relations, inspired by Hybrid CSP and Duration Calculus, that is purely relational and provides uniform handling of continuous and discrete variables. This theory is mechanised in our Isabelle implementation of the UTP, Isabelle/UTP, with which we verify some algebraic properties. Finally, we show how a subset of Modelica models can be given semantics using our theory. When combined with the wealth of existing UTP theories for discrete system modelling, our work enables a sound approach to heterogeneous semantics for Cyber-Physical systems by leveraging the theory linking facilities of the UTP

Comparative Studies, Formal Semantics and PVS Encoding of CSP#

Ph.DDOCTOR OF PHILOSOPH