A locally nameless theory of objects

This paper presents the formalisation of an object calculus in Isabelle/HOL highlighting the binder technique called locally nameless1. This techniques has its origins already in a note at the end of de Bruijn’s paper [5] introducing the classical de Bruijn indices. In the last few years, with the advent of mechanized proofs in the domain of programming languages, e.g. [1], this technique attracted new attention. The most recent work on locally nameless technique [2] provides cofinite quantification, necessary for proving non-trivial properties. Indeed the de Bruijn indices are often criticised, as being too technical, that is why alternative techniques are investigated. The de Bruijn indices method, however, is known to be reliable, and is often chosen in order to focus on aspects of programming languages unrelated to variable bindings. With locally nameless techniques, one expects to spend less time proving auxiliary lemmas dealing with variable bind- ings, but also to obtain theorems that are more convincing because closer to the paper version. Our contributions are a formalisation in Isabelle/HOL of ς-calculus; and an in depth comparison of both locally nameless and de Bruijn complete mechanisations including specification and proofs

A dependent nominal type theory

Nominal abstract syntax is an approach to representing names and binding pioneered by Gabbay and Pitts. So far nominal techniques have mostly been studied using classical logic or model theory, not type theory. Nominal extensions to simple, dependent and ML-like polymorphic languages have been studied, but decidability and normalization results have only been established for simple nominal type theories. We present a LF-style dependent type theory extended with name-abstraction types, prove soundness and decidability of beta-eta-equivalence checking, discuss adequacy and canonical forms via an example, and discuss extensions such as dependently-typed recursion and induction principles

A coinductive semantics of the Unlimited Register Machine

We exploit (co)inductive specifications and proofs to approach the evaluation of low-level programs for the Unlimited Register Machine (URM) within the Coq system, a proof assistant based on the Calculus of (Co)Inductive Constructions type theory. Our formalization allows us to certify the implementation of partial functions, thus it can be regarded as a first step towards the development of a workbench for the formal analysis and verification of both converging and diverging computations

Formalisation de HOCore en Coq

National audienceNous présentons les premiers résultats de la formalisation de propriétés du calcul de processus d'ordre supérieur HOCore [I. Lanese, J. A. Pérez, D. Sangiorgi et A. Schmitt : On the expressiveness and decidability of higher-order process calculi. Information and Computation, 209(2):198-226, fév. 2011.] dans l'assistant de preuve Coq. Nous décrivons notre choix de représentation des lieurs de HOCore, nous basant sur l'approche canonique de Pollack et al .[R. Pollack, M. Sato et W. Ricciotti : A canonical locally named representation of binding. Journal of Automated Reasoning, p. 1-23, mai 2011. 10.1007/s10817-011-9229-y.] Nous donnons la représentation de différentes notions de bissimulations, puis la preuve formelle de la correction de l'IO-bissimilarité par rapport à l'équivalence contextuelle barbue, correspondant à un des théorèmes fondamentaux de [I. Lanese, J. A. Pérez, D. Sangiorgi et A. Schmitt : On the expressiveness and decidability of higher-order process calculi. Information and Computation, 209(2):198-226, fév. 2011.]. Nous montrons également que l'IO-bissimilarité est décidable. L'objectif de ce travail est de montrer l'utilité de Coq et de la représentation canonique pour prouver des propriétés de calculs d'ordre supérieur

ASPfun: a typed functional active object calculus

This paper provides a sound foundation for autonomous objects communicating by remote method invocations and futures. As a distributed extension of ς-calculus we define ASPfun, a calculus of functional objects, behaving autonomously and communicating by a request-reply mechanism: requests are method calls handled asynchronously and futures represent awaited results for requests. This results in an object language enabling a concise representation of a set of active objects interacting by asynchronous method invocations. This paper first presents the ASPfun calculus and its semantics. Then, we provide a type system for ASPfun which guarantees the “progress” property. Most importantly, ASPfun has been formalised; its properties have been formalised and proved using the Isabelle theorem prover and we consider this as an important step in the formalization of distributed languages. This work was also an opportunity to study different binder representations and experiment with two of them in the Isabelle/HOL theorem prover

Proof-relevant pi-calculus

Formalising the pi-calculus is an illuminating test of the expressiveness of logical frameworks and mechanised metatheory systems, because of the presence of name binding, labelled transitions with name extrusion, bisimulation, and structural congruence. Formalisations have been undertaken in a variety of systems, primarily focusing on well-studied (and challenging) properties such as the theory of process bisimulation. We present a formalisation in Agda that instead explores the theory of concurrent transitions, residuation, and causal equivalence of traces, which has not previously been formalised for the pi-calculus. Our formalisation employs de Bruijn indices and dependently-typed syntax, and aligns the "proved transitions" proposed by Boudol and Castellani in the context of CCS with the proof terms naturally present in Agda's representation of the labelled transition relation. Our main contributions are proofs of the "diamond lemma" for residuation of concurrent transitions and a formal definition of equivalence of traces up to permutation of transitions.Comment: In Proceedings LFMTP 2015, arXiv:1507.0759

Executable Structural Operational Semantics in Maude

This paper describes in detail how to bridge the gap between theory and practice when implementing in Maude structural operational semantics described in rewriting logic, where transitions become rewrites and inference rules become conditional rewrite rules with rewrites in the conditions, as made possible by the new features in Maude 2.0. We validate this technique using it in several case studies: a functional language Fpl (evaluation and computation semantics, including an abstract machine), imperative languages WhileL (evaluation and computation semantics) and GuardL with nondeterminism (computation semantics), Kahn’s functional language Mini-ML (evaluation or natural semantics), Milner’s CCS (with strong and weak transitions), and Full LOTOS (including ACT ONE data type specifications). In addition, on top of CCS we develop an implementation of the Hennessy-Milner modal logic for describing local capabilities of processes, and for LOTOS we build an entire tool where Full LOTOS specifications can be entered and executed (without user knowledge of the underlying implementation of the semantics). We also compare this method based on transitions as rewrites with another one based on transitions as judgements

pi-calculus in (Co)Inductive Type Theory

We present a large and we think also significant case-study in computer assisted formal reasoning. We start by giving a higher order abstract syntax encoding of #-calculus in the higher-order inductive/coinductive type theories CIC and CC (Co)Ind . This encoding gives rise to a full-fledged proof editor/proof assistant for the #-calculus, once we embed it in Coq, an interactive proof-development environment for CC (Co)Ind . Using this computerized assistant we prove formally a substantial chapter of the theory of strong late bisimilarity, which amounts essentially to Section 2 of A calculus of mobile processes by Milner, Parrow, and Walker. This task is greatly simplified by the use of higher order syntax. In fact, not only we can delegate conveniently to the metalanguage #-conversion and substitution, but, introducing a suitable axiomatization of the theory of contexts, we can accommodate also the machinery for generating new names. The axiomatization we introduce is quite general and should be easily portable to other formalizations based on higher order syntax. The use of coinductive types and corresponding tactics allows to give alternative, and possibly more natural, proofs of many properties of strong late bisimilarity, w.r.t. those originally given by Milner, Parrow, and Walker. Keywords: higher-order abstract syntax, #-calculus, proof checking, Logical Frameworks, typed #-calculus