Using Extended Tactics to Do Proof Transformations

In this thesis we develop a comprehensive human-oriented theorem proving system that integrates several different proof systems. The main theorem proving environment centers around a natural Gentzen first-order logic system. This allows construction of natural proofs, encourages user involvement in the search for proofs, and facilitates understanding of the resulting proofs. We integrate more abstract automatically generated proofs such as resolution refutations by transforming them to proofs in the Gentzen system. Expansion trees are another proof system used as an intermediate stage in transformations between the abstract and natural systems. They are a compact representation useful for transformations and other computations. We develop a programming language approach to theorem proving based on tactics and tacticals. Our extended tactics provide a method for doing proof transformations, as well as facilitate interactive theorem proving, allowing full integration of interactive and automatic theorem proving. In the system, we explicitly represent proofs in each proof system and view expansion tree proofs as types for Gentzen proof terms. This explicit proof representation allows proofs to be manipulated as meaningful data objects and used in various computations. For example, the proof terms in the natural Gentzen system can be used to obtain natural language explanations of proofs. We foresee several applications for this kind of theorem proving system, such as use as a logic tutor, a tool for doing mathematics, or an enhanced reasoner and explanation facility for existing A1 systems

An Improved Implementation and Abstract Interface for Hybrid

Hybrid is a formal theory implemented in Isabelle/HOL that provides an interface for representing and reasoning about object languages using higher-order abstract syntax (HOAS). This interface is built around an HOAS variable-binding operator that is constructed definitionally from a de Bruijn index representation. In this paper we make a variety of improvements to Hybrid, culminating in an abstract interface that on one hand makes Hybrid a more mathematically satisfactory theory, and on the other hand has important practical benefits. We start with a modification of Hybrid's type of terms that better hides its implementation in terms of de Bruijn indices, by excluding at the type level terms with dangling indices. We present an improved set of definitions, and a series of new lemmas that provide a complete characterization of Hybrid's primitives in terms of properties stated at the HOAS level. Benefits of this new package include a new proof of adequacy and improvements to reasoning about object logics. Such proofs are carried out at the higher level with no involvement of the lower level de Bruijn syntax.Comment: In Proceedings LFMTP 2011, arXiv:1110.668

Bindings as bounded natural functors

We present a general framework for specifying and reasoning about syntax with bindings. Abstract binder types are modeled using a universe of functors on sets, subject to a number of operations that can be used to construct complex binding patterns and binding-aware datatypes, including non-well-founded and infinitely branching types, in a modular fashion. Despite not committing to any syntactic format, the framework is “concrete” enough to provide definitions of the fundamental operators on terms (free variables, alpha-equivalence, and capture-avoiding substitution) and reasoning and definition principles. This work is compatible with classical higher-order logic and has been formalized in the proof assistant Isabelle/HOL

A Tutorial Example of the Semantic Approach to Foundational Proof-Carrying Code

Proof-carrying code provides a mechanism for insuring that a host, or code consumer, can safely run code delivered by a code producer. The host specifies a safety policy as a set of axioms and inference rules. In addition to a compiled program, the code producer delivers a formal proof of safety expressed in terms of those rules that can be easily checked. Foundational proof-carrying code (FPCC) provides increased security and greater flexibility in the construction of proofs of safety. Proofs of safety are constructed from the smallest possible set of axioms and inference rules. For example, typing rules are not included. In our semantic approach to FPCC, we encode a semantics of types from first principles and the typing rules are proved as lemmas. In addition, we start from a semantic definition of machine instructions and safety is defined directly from this semantics. Since FPCC starts from basic axioms and low-level definitions, it is necessary to build up a library of lemmas and definitions so that reasoning about particular programs can be carried out at a higher level, and ideally, also be automated. We describe a high-level organization that involves Hoare-style reasoning about machine code programs. This organization is presented using a detailed example. The example, as well as illustrating the above mentioned approach to organizing proofs, is designed to provide a tutorial introduction to a variety of facets of our FPCC approach. For example, it illustrates how to prove safety of programs that traverse input data structures as well as allocate new ones

LIPIcs, Volume 228, FSCD 2022, Complete Volume

LIPIcs, Volume 228, FSCD 2022, Complete Volum