Optimizing a Certified Proof Checker for a Large-Scale Computer-Generated Proof

In recent work, we formalized the theory of optimal-size sorting networks with the goal of extracting a verified checker for the large-scale computer-generated proof that 25 comparisons are optimal when sorting 9 inputs, which required more than a decade of CPU time and produced 27 GB of proof witnesses. The checker uses an untrusted oracle based on these witnesses and is able to verify the smaller case of 8 inputs within a couple of days, but it did not scale to the full proof for 9 inputs. In this paper, we describe several non-trivial optimizations of the algorithm in the checker, obtained by appropriately changing the formalization and capitalizing on the symbiosis with an adequate implementation of the oracle. We provide experimental evidence of orders of magnitude improvements to both runtime and memory footprint for 8 inputs, and actually manage to check the full proof for 9 inputs.Comment: IMADA-preprint-c

Efficient Certified RAT Verification

Clausal proofs have become a popular approach to validate the results of SAT solvers. However, validating clausal proofs in the most widely supported format (DRAT) is expensive even in highly optimized implementations. We present a new format, called LRAT, which extends the DRAT format with hints that facilitate a simple and fast validation algorithm. Checking validity of LRAT proofs can be implemented using trusted systems such as the languages supported by theorem provers. We demonstrate this by implementing two certified LRAT checkers, one in Coq and one in ACL2

Efficient Certified Resolution Proof Checking

We present a novel propositional proof tracing format that eliminates complex processing, thus enabling efficient (formal) proof checking. The benefits of this format are demonstrated by implementing a proof checker in C, which outperforms a state-of-the-art checker by two orders of magnitude. We then formalize the theory underlying propositional proof checking in Coq, and extract a correct-by-construction proof checker for our format from the formalization. An empirical evaluation using 280 unsatisfiable instances from the 2015 and 2016 SAT competitions shows that this certified checker usually performs comparably to a state-of-the-art non-certified proof checker. Using this format, we formally verify the recent 200 TB proof of the Boolean Pythagorean Triples conjecture

A formally verified compiler back-end

This article describes the development and formal verification (proof of semantic preservation) of a compiler back-end from Cminor (a simple imperative intermediate language) to PowerPC assembly code, using the Coq proof assistant both for programming the compiler and for proving its correctness. Such a verified compiler is useful in the context of formal methods applied to the certification of critical software: the verification of the compiler guarantees that the safety properties proved on the source code hold for the executable compiled code as well

Conception of an anti-infectious and MRI visible mesh used for pelvic organs prolapse and abdominal hernias surgery

International audienceLa pose chirurgicale de prothèses afin de pallier les descentes d'organes de la zone pelvienne ou pariétale est une opération de plus en plus fréquente et requière l'implantation de plus de 1 200 000 dispositifs médicaux annuellement. Or, les cas de complications et de réinterventions chirurgicales restent très élevés, principalement dus aux infections associées à une réponse inflammatoire importante, ainsi qu'aux érosions, expositions et migrations des prothèses. Ces travaux présentent différentes stratégies permettant d'apporter des propriétés de résistance à l'infection et de suivi postopératoire à l'aide d'une visibilité en IRM à des treillis. Pour cela, un enrobage de polymères dégradables (polyesters) piégeant des antibiotiques est créé à l'aide d'un aérographe autour des filaments des treillis tout en conservant leurs aspects morphologiques et leurs propriétés mécaniques. Cet enrobage temporaire permet une libération prolongée de principes actifs inhibant l'adhésion bactérienne, la formation de biofilm et la prolifération bactérienne périprothétique pendant plus de trois jours in vitro. Parallèlement, des polymères contenant des agents de contraste greffés sur leur squelette carboné ont été utilisés comme agent d'enrobage, afin d'apporter des propriétés de visibilité en IRM aux treillis. In vitro, ces treillis enrobés induisent un signal significatif en IRM expérimentale (7 Tesla) et présentent une très bonne stabilité de l'agent de contraste, quelle que soit la technique de stérilisation employée. Surgical operations for soft tissue reinforcement (i.e. pelvic organs prolapse or abdominal hernias) are common procedures and require annually at least 1,200,000 of prostheses. Unfortunately, postoperatory complications and reinterventions are still important, mainly due to infection, inflammation, erosion, exposition or meshes migration. We present here several strategies to bring to meshes anti-infective resistance and clinical follow-up capability through an MRI visible material. A coating of the mesh by degradable polymers (polyesters) trapping antibiotics was created using an airbrushing technique, without modifying dramatically the morphology and the mechanical properties of the meshes. This temporary drug reservoir-coating allows a sustained release of the drugs and hamper in vitro bacterial contamination and biofilm formation on the meshes, associated to a large periprosthetic microorganism growth inhibition for a minimum of three days. Simultaneously, magnetic resonance contras

Wave Equation Numerical Resolution: a Comprehensive Mechanized Proof of a C Program

We formally prove correct a C program that implements a numerical scheme for the resolution of the one-dimensional acoustic wave equation. Such an implementation introduces errors at several levels: the numerical scheme introduces method errors, and floating-point computations lead to round-off errors. We annotate this C program to specify both method error and round-off error. We use Frama-C to generate theorems that guarantee the soundness of the code. We discharge these theorems using SMT solvers, Gappa, and Coq. This involves a large Coq development to prove the adequacy of the C program to the numerical scheme and to bound errors. To our knowledge, this is the first time such a numerical analysis program is fully machine-checked.Comment: No. RR-7826 (2011

Program Verification in the Presence of I/O

Software veri?cation tools that build machine-checked proofs of functional correctness usually focus on the algorithmic content of the code. Their proofs are not grounded in a formal semantic model of the environment that the program runs in, or the program’s interaction with that environment. As a result, several layers of translation and wrapper code must be trusted. In contrast, the CakeML project focuses on endto-end veri?cation to replace this trusted code with veri?ed code in a cost-e?ective manner. In this paper, we present infrastructure for developing and verifying impure functional programs with I/O and imperative ?le handling. Specifically, we extend CakeML with a low-level model of ?le I/O, and verify a high-level ?le I/O library in terms of the model. We use this library to develop and verify several Unix-style command-line utilities: cat, sort, grep, di? and patch. The work?ow we present is built around the HOL4 theorem prover, and therefore all our results have machine-checked proofs