TWAM: A Certifying Abstract Machine for Logic Programs

Type-preserving (or typed) compilation uses typing derivations to certify correctness properties of compilation. We have designed and implemented a type-preserving compiler for a simply-typed dialect of Prolog we call T-Prolog. The crux of our approach is a new certifying abstract machine which we call the Typed Warren Abstract Machine (TWAM). The TWAM has a dependent type system strong enough to specify the semantics of a logic program in the logical framework LF. We present a soundness metatheorem which constitutes a partial correctness guarantee: well-typed programs implement the logic program specified by their type. This metatheorem justifies our design and implementation of a certifying compiler from T-Prolog to TWAM.Comment: 41 pages, under submission to ACM Transactions on Computational Logi

Applications of real number theorem proving in PVS

This work is supported by funding from the EPSRC under grants EP/H500162, EP/F02309X and GR/S31242Real number theorem proving has many uses, particularly for verification of safety critical systems and systems for which design errors may be costly. We discuss a chain of developments building on real number theorem proving in PVS. This leads from the verification of aspects of an air traffic control system, through work on the integration of computer algebra and automated theorem proving to a new tool, NRV, first presented here that builds on the capabilities of Maple and PVS to provide a verified and automatic analysis of Nichols plots. This automates a standard technique used by control engineers and greatly improves assurance compared with the traditional method of visual inspection of the Nichols plots.Publisher PDFPeer reviewe

A verified generational garbage collector for CakeML

This paper presents the verification of a generational copying garbage collector for the CakeML runtime system. The proof is split into an algorithm proof and an implementation proof. The algorithm proof follows the structure of the informal intuition for the generational collector’s correctness, namely, a partial collection cycle in a generational collector is the same as running a full collection on part of the heap, if one views pointers to old data as non-pointers. We present a pragmatic way of dealing with ML-style mutable state, such as references and arrays, in the proofs. The development has been fully integrated into the in-logic bootstrapped CakeML compiler, which now includes command-line arguments that allow configuration of the generational collector. All proofs were carried out in the HOL4 theorem prover

Neuronal correlates of encoding and retrieval in episodic memory during a paired-word association learning task : a functional magnetic resonance imaging study

The investigation of memory function using functional magnetic resonance imaging (fMRI) is an expanding field of research. The aim of this study was to demonstrate brain-activity patterns related to a word-pair association task employing a whole-brain EPI sequence. Six right-handed, healthy male volunteers (mean age: 27.5 years) took part in the study. fMRI was performed at a field strength of 1.5 Tesla with 26–32 slices parallel to the AC-PC line, depending on individual brain size. Distributed brain regions were activated in episodic encoding and retrieval with similarities, but also (distinct) differences in activation patterns. Bilateral prefrontal cortical areas were involved when comparing encoding as well as retrieval to the reference condition (nonsense words). Furthermore, activation was observed in cerebellar areas during encoding, and activation in bilateral parietal areas (precuneus and inferior parietal cortex) was differentially more pronounced during retrieval. The activation of left dorsomedial thalamus during retrieval of high imagery-content word-pair associates may point to the role of this structure in episodic retrieval. The direct cognitive subtraction of encoding minus retrieval yielded a differentially larger left prefrontal activation. There was a differentially higher right prefrontal activation during retrieval than during encoding, underlining the proposed right/left asymmetry for episodic memory processes

Proving the Correctness of a Complete Microprocessor

. This paper presents status results of a microprocessor verification project. The authors verify a complete 32-bit RISC microprocessor including the floating point unit and the control logic of the pipeline. The paper describes a formal definition of a "correct" microprocessor. This correctness criterion is proven for an implementation using formal methods. All proofs are verified mechanically by means of the theorem proving system PVS. 1 Introduction Microprocessor design is an error-prone process. With increasing complexity of current microprocessor designs, formal verification has become crucial. In order to achieve completely verified designs, adjusting the design process itself plays an important role: the more high-level information on the design is available, the faster the verification can be done. The authors re-designed a simple RISC processor, the DLX [1], with respect to verifiability. The design includes the complete pipe control and forwarding logic. The function..