Proof Trick: Small Inversions

International audienceWe show how an inductive hypothesis can be inverted with small proof terms, using just dependent elimination with a diagonal predicate. The technique works without any auxiliary type such as True, False, eq. It can also be used to discriminate, in some sense, the constructors of an inductive type of sort Prop in Coq

Gentzen-Prawitz Natural Deduction as a Teaching Tool

We report a four-years experiment in teaching reasoning to undergraduate students, ranging from weak to gifted, using Gentzen-Prawitz's style natural deduction. We argue that this pedagogical approach is a good alternative to the use of Boolean algebra for teaching reasoning, especially for computer scientists and formal methods practionners

Simulating Induction-Recursion for Partial Algorithms

International audienceWe describe a generic method to implement and extract partial recursive algorithms in Coq in a purely constructive way, using L. Paulson's if-then-else normalization as a running example

Designing a CPU model: from a pseudo-formal document to fast code

For validating low level embedded software, engineers use simulators that take the real binary as input. Like the real hardware, these full-system simulators are organized as a set of components. The main component is the CPU simulator (ISS), because it is the usual bottleneck for the simulation speed, and its development is a long and repetitive task. Previous work showed that an ISS can be generated from an Architecture Description Language (ADL). In the work reported in this paper, we generate a CPU simulator directly from the pseudo-formal descriptions of the reference manual. For each instruction, we extract the information describing its behavior, its binary encoding, and its assembly syntax. Next, after automatically applying many optimizations on the extracted information, we generate a SystemC/TLM ISS. We also generate tests for the decoder and a formal specification in Coq. Experiments show that the generated ISS is as fast and stable as our previous hand-written ISS.Comment: 3rd Workshop on: Rapid Simulation and Performance Evaluation: Methods and Tools (2011

Towards Verifying Declarative Netlog Protocols with Coq

Declarative languages, such as recursive rule based languages, have been proposed to program distributed applications over networks.It has been shown that they simplify greatly the code, while still offering efficient distributed execution. In this paper, we show that moreover they provide a promising approach to the verification of distributed protocols. We choose the Netlog language and use the Coq proof assistant. We first formalize the distributed computation model based on message passing with either synchronous or asynchronous behavior. We then see how the declarative rules of the protocols can be simply encoded in Coq. Finally, we develop the machine embedded on each node of the network which evaluates the rules. This framework enables us to formally verify distributed declarative protocols, as sketched on a concrete example, a breadth-first search tree construction in a distributed network

Simulating Induction-Recursion for Partial Algorithms

International audienceWe describe a generic method to implement and extract partial recursive algorithms in Coq in a purely constructive way, using L. Paulson's if-then-else normalization as a running example

A Generic Coq Proof of Typical Worst-Case Analysis

International audienceThis paper presents a generic proof of Typical Worst-Case Analysis (TWCA), an analysis technique for weakly-hard real-time uniprocessor systems. TWCA was originally introduced for systems with fixed priority preemptive (FPP) schedulers and has since been extended to fixed-priority nonpreemptive (FPNP) and earliest-deadline-first (EDF) schedulers. Our generic analysis is based on an abstract model that characterizes the exact properties needed to make TWCA applicable to any system model. Our results are formalized and checked using the Coq proof assistant along with the Prosa schedulability analysis library. Our experience with formalizing real-time systems analyses shows that this is not only a way to increase confidence in our claimed results: The discipline required to obtain machine checked proofs helps understanding the exact assumptions required by a given analysis, its key intermediate steps and how this analysis can be generalized

Work In Progress: Toward a Coq-certified Tool for the Schedulability Analysis of Tasks with Offsets

International audienceThis paper presents the first steps toward a formally proven tool for schedulability analysis of tasks with offsets. We formalize and verify the seminal response time analysis of Tindell by extending the Prosa proof library, which is based on the Coq proof assistant. Thanks to Coq’s extraction capabilities, this will allow us to easily obtain a certified analyzer. Additionally, we want to build a Coq certifier that can verify the correctness of results obtained using related (but uncertified), already existing analyzers. Our objective is to investigate the advantages and drawbacks of both approaches, namely the certified analysis and the certifier. The work described in this paper as well as its continuation is intended to enrich the Prosa library

Accretion and outflow-related X-rays in T Tauri stars

We report on accretion- and outflow-related X-rays from T Tauri stars, based on results from the "XMM-Newton Extended Survey of the Taurus Molecular Cloud.” X-rays potentially form in shocks of accretion streams near the stellar surface, although we hypothesize that direct interactions between the streams and magnetic coronae may occur as well. We report on the discovery of a "soft excess” in accreting T Tauri stars supporting these scenarios. We further discuss a new type of X-ray source in jet-driving T Tauri stars. It shows a strongly absorbed coronal component and a very soft, weakly absorbed component probably related to shocks in microjets. The excessive coronal absorption points to dust-depletion in the accretion stream