Capturing Hiproofs in HOL Light

Hierarchical proof trees (hiproofs for short) add structure to ordinary proof trees, by allowing portions of trees to be hierarchically nested. The additional structure can be used to abstract away from details, or to label particular portions to explain their purpose. In this paper we present two complementary methods for capturing hiproofs in HOL Light, along with a tool to produce web-based visualisations. The first method uses tactic recording, by modifying tactics to record their arguments and construct a hierarchical tree; this allows a tactic proof script to be modified. The second method uses proof recording, which extends the HOL Light kernel to record hierachical proof trees alongside theorems. This method is less invasive, but requires care to manage the size of the recorded objects. We have implemented both methods, resulting in two systems: Tactician and HipCam

Estimating seismic fragility of a semi-buried square RC water tank using expert judgement

The assessment of the seismic fragility of water networks is the key to characterizing their risk exposure to strong earthquakes. In the HORIZON2020 IMPROVER project, we focused our attention on the water network of Barreiro, a municipality close to Lisbon, Portugal. To determine vulnerability to ground shaking, the seismic fragility of each key component of the network needed to be determined. To exemplify our approach, we concentrate here on assessing the fragility of a semi-buried RC square water tank; previous studies have overwhelmingly focused on the seismic fragility of cylindrical (and mainly steel) water tanks. Relevant fragility parameters are inevitably uncertain, and our study made use of a sample of experts’ judgements, pooled using the Cooke’s Classical Model. This structured approach derives performance weights for experts’ abilities to quantify uncertainty in a statistically accurate sense and informatively, and then applies these weights to their uncertainty judgements on modelling parameters of concern. The unique empirical control in this procedure ensures an objective, rational consensus is obtained on the uncertainties to ascribe to different contributory factors. The main challenge in our study is to construct a suitable discrete damage scale, and to explore the possibility the tank might suffer liquefaction damage, given its proximity to the River Tagus and groundwater conditions at site. Provisional findings from the exercise are presented here and compared to existing fragility curves constructed for cylindrical RC tanks. The square tank was found to be more vulnerable than a cylindrical one

Amortised resource analysis with separation logic

Type-based amortised resource analysis following Hofmann and Jost—where resources are associated with individual elements of data structures and doled out to the programmer under a linear typing discipline—have been successful in providing concrete resource bounds for functional programs, with good support for inference. In this work we translate the idea of amortised resource analysis to imperative languages by embedding a logic of resources, based on Bunched Implications, within Separation Logic. The Separation Logic component allows us to assert the presence and shape of mutable data structures on the heap, while the resource component allows us to state the resources associated with each member of the structure. We present the logic on a small imperative language with procedures and mutable heap, based on Java bytecode. We have formalised the logic within the Coq proof assistant and extracted a certified verification condition generator. We demonstrate the logic on some examples, including proving termination of in-place list reversal on lists with cyclic tails

Integrating Systems around the User: Combining Isabelle, Maple, and QEPCAD in the Prover's Palette

AbstractWe describe the Proverʼs Palette, a general, modular architecture for combining tools for formal verification, with the key differentiator that the integration emphasises the role of the user. A concrete implementation combining the theorem prover Isabelle with the computer algebra systems Maple and QEPCAD-B is then presented. This illustrates that the design principles of the Proverʼs Palette simplify tool integrations while enhancing the power and usability of theorem provers

Bayesian Network Modeling and Expert Elicitation for Probabilistic Eruption Forecasting: Pilot Study for Whakaari/White Island, New Zealand

Bayesian Networks (BNs) are probabilistic graphical models that provide a robust and flexible framework for understanding complex systems. Limited case studies have demonstrated the potential of BNs in modeling multiple data streams for eruption forecasting and volcanic hazard assessment. Nevertheless, BNs are not widely employed in volcano observatories. Motivated by their need to determine eruption-related fieldwork risks, we have worked closely with the New Zealand volcano monitoring team to appraise BNs for eruption forecasting with the purpose, at this stage, of assessing the utility of the concept rather than develop a full operational framework. We adapted a previously published BN for a pilot study to forecast volcanic eruption on Whakaari/White Island. Developing the model structure provided a useful framework for the members of the volcano monitoring team to share their knowledge and interpretation of the volcanic system. We aimed to capture the conceptual understanding of the volcanic processes and represent all observables that are regularly monitored. The pilot model has a total of 30 variables, four of them describing the volcanic processes that can lead to three different types of eruptions: phreatic, magmatic explosive and magmatic effusive. The remaining 23 variables are grouped into observations related to seismicity, fluid geochemistry and surface manifestations. To estimate the model parameters, we held a workshop with 11 experts, including two from outside the monitoring team. To reduce the number of conditional probabilities that the experts needed to estimate, each variable is described by only two states. However, experts were concerned about this limitation, in particular for continuous data. Therefore, they were reluctant to define thresholds to distinguish between states. We conclude that volcano monitoring requires BN modeling techniques that can accommodate continuous variables. More work is required to link unobservable (latent) processes with observables and with eruptive patterns, and to model dynamic processes. A provisional application of the pilot model revealed several key insights. Refining the BN modeling techniques will help advance understanding of volcanoes and improve capabilities for forecasting volcanic eruptions. We consider that BNs will become essential for handling ever-burgeoning observations, and for assessing data's evidential meaning for operational eruption forecasting

Interleukin 7 from Maternal Milk Crosses the Intestinal Barrier and Modulates T- Cell Development in Offspring

Background Breastfeeding protects against illnesses and death in hazardous environments, an effect partly mediated by improved immune function. One hypothesis suggests that factors within milk supplement the inadequate immune response of the offspring, but this has not been able to account for a series of observations showing that factors within maternally derived milk may supplement the development of the immune system through a direct effect on the primary lymphoid organs. In a previous human study we reported evidence suggesting a link between IL-7 in breast milk and the thymic output of infants. Here we report evidence in mice of direct action of maternally-derived IL-7 on T cell development in the offspring. Methods and Findings  We have used recombinant IL-7 labelled with a fluorescent dye to trace the movement in live mice of IL-7 from the stomach across the gut and into the lymphoid tissues. To validate the functional ability of maternally derived IL- 7 we cross fostered IL-7 knock-out mice onto normal wild type mothers. Subsets of thymocytes and populations of peripheral T cells were significantly higher than those found in knock-out mice receiving milk from IL-7 knock-out mothers. Conclusions/Significance Our study provides direct evidence that interleukin 7, a factor which is critical in the development of T lymphocytes, when maternally derived can transfer across the intestine of the offspring, increase T cell production in the thymus and support the survival of T cells in the peripheral secondary lymphoid tissue