Gluing together proof environments: Canonical extensions of LF type theories featuring locks

© F. Honsell, L. Liquori, P. Maksimovic, I. Scagnetto This work is licensed under the Creative Commons Attribution License.We present two extensions of the LF Constructive Type Theory featuring monadic locks. A lock is a monadic type construct that captures the effect of an external call to an oracle. Such calls are the basic tool for gluing together diverse Type Theories and proof development environments. The oracle can be invoked either to check that a constraint holds or to provide a suitable witness. The systems are presented in the canonical style developed by the CMU School. The first system, CLLF/p,is the canonical version of the system LLF p, presented earlier by the authors. The second system, CLLF p?, features the possibility of invoking the oracle to obtain a witness satisfying a given constraint. We discuss encodings of Fitch-Prawitz Set theory, call-by-value λ-calculi, and systems of Light Linear Logic. Finally, we show how to use Fitch-Prawitz Set Theory to define a type system that types precisely the strongly normalizing terms

The involutions-as-principal types/ application-as-unification analogy

In 2005, S. Abramsky introduced various universal models of computation based on Affine Combinatory Logic, consisting of partial involutions over a suitable formal language of moves, in order to discuss reversible computation in a game-theoretic setting. We investigate Abramsky\u2019s models from the point of view of the model theory of \u3bb-calculus, focusing on the purely linear and affine fragments of Abramsky\u2019s Combinatory Algebras. Our approach stems from realizing a structural analogy, which had not been hitherto pointed out in the literature, between the partial involution interpreting a combinator and the principal type of that term, with respect to a simple types discipline for \u3bb-calculus. This analogy allows for explaining as unification between principal types the somewhat awkward linear application of involutions arising from Geometry of Interaction (GoI). Our approach provides immediately an answer to the open problem, raised by Abramsky, of characterising those finitely describable partial involutions which are denotations of combinators, in the purely affine fragment. We prove also that the (purely) linear combinatory algebra of partial involutions is a (purely) linear \u3bb-algebra, albeit not a combinatory model, while the (purely) affine combinatory algebra is not. In order to check the complex equations involved in the definition of affine \u3bb-algebra, we implement in Erlang the compilation of \u3bb-terms as involutions, and their execution

LF+ in Coq for fast-and-loose reasoning

We develop the metatheory and the implementation, in Coq, of the novel logical framework LF+ and discuss several of its applications. LF+ generalises research work, carried out by the authors over more than a decade, on Logical Frameworks conservatively extending LF and featuring lock-type constructors L-P(N:sigma)[center dot]. Lock-types capture monadically the concept of inhabitability up-to. They were originally introduced for factoring-out, postponing, or delegating to external tools the verification of time-consuming judgments, which are morally proof-irrelevant, thus allowing for integrating different sources of epistemic evidence in a unique Logical Framework. Besides introducing LF+ and its "shallow" implementation in Coq, the main novelty of the paper is to show that lock-types are also a very flexible tool for expressing in Type Theory several diverse cognitive attitudes and mental strategies used in ordinary reasoning, which essentially amount to reasoning up-to, as in e.g. Typical Ambiguity provisos or co-inductive Coq proofs. In particular we address the encoding of the emerging paradigm of fast-and-loose reasoning, which trades off efficiency for correctness. This paradigm, implicitly used normally in naive Set Theory, is producing considerable impact also in computer architecture and distributed systems, when branch prediction and optimistic concurrency control are implemented

A dependent nominal type theory

Nominal abstract syntax is an approach to representing names and binding pioneered by Gabbay and Pitts. So far nominal techniques have mostly been studied using classical logic or model theory, not type theory. Nominal extensions to simple, dependent and ML-like polymorphic languages have been studied, but decidability and normalization results have only been established for simple nominal type theories. We present a LF-style dependent type theory extended with name-abstraction types, prove soundness and decidability of beta-eta-equivalence checking, discuss adequacy and canonical forms via an example, and discuss extensions such as dependently-typed recursion and induction principles

An integrated low-cost system for object detection in underwater environments

We propose a novel low-cost integrated system prototype able to recognize objects/lifeforms in underwater environments. The system has been applied to detect unexploded ordnance materials in shallow waters. Indeed, small and agile remotely controlled vehicles with cameras can be used to detect unexploded bombs in shallow waters, more effectively and freely than complex, costly and heavy equipment, requiring several human operators and support boats. Moreover, visual techniques can be easily combined with the traditional use of magnetometers and scanning imaging sonars, to improve the effectiveness of the survey. The proposed system can be easily adapted to other scenarios (e.g., underwater archeology or visual inspection of underwater pipelines and implants), by simply replacing the Convolutional Neural Network devoted to the visual identification task. As a final outcome of our work we provide a large dataset of images of explosive materials: it can be used to compare different visual techniques on a common basis

Ambient Calculus and its Logic in the Calculus of Inductive Constructions

The Ambient Calculus has been recently proposed as a model of mobility of agents in a dynamically changing hierarchy of domains. In this paper, we describe the implementation of the theory and metatheory of Ambient Calculus and its modal logic in the Calculus of Inductive Constructions. We take full advantage of Higher-Order Abstract Syntax, using the Theory of Contexts a fundamental tool for developing formally the metatheory of the object system. Among others, we have successfully proved a set of fresh renamings properties, and formalized the connection between the Theory of Contexts and Gabbay-Pitts' "new" quantifier. As a feedback, we introduce a new definition of satisfaction for the Ambients logic and derive some of the properties originally assumed as axioms in the Theory of Contexts. \ua9 2002 Published by Elsevier Science B. V

Internal Adequacy of Bookkeeping in Coq

We focus on a common problem encountered in encoding and formally reasoning about a wide range of formal systems, namely, the representation of a typing environment. In particular, we apply the bookkeeping technique to a well-known case study (i.e., System F<:'s type language), proving in Coq an internal correspondence with a more standard representation of the typing environment as a list of pairs. In order to keep the signature readable and concise, we make use of higher-order abstract syntax (HOAS), which allows us to deal smoothly with the representation of the universal binder of System F<: type language

An open logical framework

International audienceThe LFP Framework is an extension of the Harper-Honsell-Plotkin's Edinburgh Logical Framework LF with external predicates, hence the name Open Logical Framework. This is accomplished by defining lock type constructors, which are a sort of Star-modality constructors, releasing their argument under the condition that a possibly external predicate is satisfied on an appropriate typed judgement. Lock types are defined using the standard pattern of constructive type theory, i.e. via introduction, elimination, and equality rules. Using LFP, one can factor out the complexity of encoding specific features of logical systems which would otherwise be awkwardly encoded in LF, e.g. side-conditions in the application of rules in Modal Logics, and sub-structural rules, as in non-commutative Linear Logic. The idea of LFP is that these conditions need only to be specified, while their verification can be delegated to an external proof engine, in the style of the Poincaré Principle or Deduction Modulo. Indeed such paradigms can be adequately formalized in LFP. We investigate and characterize the meta-theoretical properties of the calculus underpinning LFP : strong normalization, confluence, and subject reduction. This latter property holds under the assumption that the predicates are well-behaved, i.e. closed under weakening, permutation, substitution, and reduction in the arguments. Moreover, we provide a canonical presentation of LFP, based on a suitable extension of the notion of βη-long normal form, allowing for smooth formulations of adequacy statements.On présente LFP, un Cadre Logique avec Prédicats Externes, en introduisant un mécanisme pour bloquer et débloquer les types et les termes dans LF, en permettant l'utilisation d' "Oracles" qui peuvent être appelés en dehors du cadre logique principale. On démontre que LFP satisfait tous les propriétés principales méta-théorétiques et on développe un Cadre Canonique correspondant, permettant de prouver facilement la propriété d' "Adéquation". On présente diverses encodages comme, par exemple, le λ-calcul non-typé avec une stratégie de réduction Call-by-Value, le paradigme de la "Programmation-par-Contrats", un petit langage impératif avec la Logique de Hoare, des Logiques Modales dans le styles de la Déduction Naturelle et de Hilbert, et la Logique Linéaire Non-Commutative (encodée pour la première fois dans un cadre logique à la LF), en montrant aussi qu'avec LFP on peut codifier aisément des side-conditions dans l'application des règles de typage ainsi qu'on peut atteindre, si nécessaire, une séparation entre "Vérification" et "Calcul", en obtenant au final des preuves plus claires et lisibles. On pense que les résultats présentés dans cette thèse pourront servir de base pour de futures recherches fructueuses. D'une part, les preuves de correction officiels obtenus rajoutent un niveau supplémentaire de sécurité quand il s'agit de la conception de Systèmes Experts utilisant les logiques vérifiées formellement, et ouvrent une voie à la vérification formelle à d'autres logiques probabilistes. D'autre part, des améliorations et des extensions sont possibles et envisageables comme une analyse plus profonde du cadre LFP, l'implémentation d'un Prototype de Démonstrateur Interactif basé sur LFP et la découverte de sa place dans la pléthore des assistants à la preuve

\u39b-symsym: An interactive tool for playing with involutions and types

We present the web portal \u39b-symsym, available at http://158.110.146.197:31780/automata/, for experimenting with game semantics of \u3bb!-calculus, and its normalizing elementary sub-calculus, the \u3bbEAL-calculus. The \u3bb!-calculus is a generalization of the \u3bb-calculus obtained by introducing a modal operator !, giving rise to a pattern \u3b2-reduction. Its sub-calculus corresponds to an applicatively closed class of terms normalizing in an elementary number of steps, in which all elementary functions can be encoded. The game model which we consider is the Geometry of Interaction model I introduced by Abramsky to study reversible computations, consisting of partial involutions over a very simple language of moves. Given a \u3bb!- or a \u3bbEAL-term, M, \u39b-symsym provides: an abstraction algorithm A!, for compiling M into a term, A!(M), of the linear combinatory logic CL!, or the normalizing combinatory logic CLEAL; an interpretation algorithm [[ ]]I yielding a specification of the partial involution [[A!(M)]]I in the model I; an algorithm, I2T, for synthesizing from [[A!(M)]]I a type, I2T ([[A!(M)]]I), in a multimodal, intersection type assignment discipline, \u370!. an algorithm, T 2I, for synthesizing a specification of a partial involution from a type in \u370!, which is an inverse to the former. We conjecture that \u370! M : I2T ([[A!(M)]]I). \u39b-symsym permits to investigate experimentally the fine structure of I, and hence the game semantics of the \u3bb!- and \u3bbEAL-calculi. For instance, we can easily verify that the model I is a \u3bb!-algebra in the case of strictly linear \u3bb-terms, by checking all the necessary equations, and find counterexamples in the general case. We make this tool available for readers interested to play with games (-semantics). The paper builds on earlier work by the authors, the type system being an improvement