lightweight proof by reflection using a posteriori
play

Lightweight proof by reflection using a posteriori simulation of - PowerPoint PPT Presentation

Mar 24, 2023 •251 likes •882 views

Lightweight proof by reflection using a posteriori simulation of effectful computation Guillaume Claret 1 Lourdes del Carmen Gonzlez Huesca 1 Yann Rgis-Gianas 1 Beta Ziliani 2 lgonzale@pps.univ-paris-diderot.fr 1 PPS, team r 2 (University

  1. Lightweight proof by reflection using a posteriori simulation of effectful computation Guillaume Claret 1 Lourdes del Carmen González Huesca 1 Yann Régis-Gianas 1 Beta Ziliani 2 lgonzale@pps.univ-paris-diderot.fr 1 PPS, team π r 2 (University Paris Diderot, CNRS, and INRIA) 2 Max Planck Institute for Software Systems (MPI-SWS) TYPES April 24, 2013 1 / 25

  2. Lightweight proof by reflection using a posteriori simulation of effectful computation 2 / 25

  3. Lightweight proof by reflection using a posteriori simulation of effectful computation 3 / 25

  4. Running example How should we prove the following equivalence? H 1 : A 11 „ A 12 A 21 „ A 22 H 2 : . . . A n 1 „ A n 2 H n : A 1 A „ 4 / 25

  5. Running example How should we prove the following equivalence? Manually using a script? H 1 : A 11 „ A 12 A 21 „ A 22 H 2 : . . . A n 1 „ A n 2 H n : A 1 A „ 4 / 25

  6. Running example How should we prove the following equivalence? Using a decision procedure ? H 1 : A 11 „ A 12 A 21 „ A 22 H 2 : . . . A n 1 „ A n 2 H n : A 1 A „ 4 / 25

  7. Running example : A decision procedure in pseudo-code let is_equivalent (hs, (i, j)) : bool = iter ( fun (i,j) -> union i j) hs; return (find i == find j) where " union i j merges the equivalence classes of i and j returns the unique representative of i find i 5 / 25

  8. How can we put this decision procedure in work? 6 / 25

  9. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 7 / 25

  10. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 7 / 25

  11. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. p hs , p i , j qq : list p atom ˆ atom q ˆ p atom ˆ atom q where atom is a type with decidable equality 7 / 25

  12. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 7 / 25

  13. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. I (hs, (i, j)) : Prop. 7 / 25

  14. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 7 / 25

  15. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. D p hs , p i , j qq : bool . Critical: How should we implement union and find ? 7 / 25

  16. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 4. Prove the soundness of D 7 / 25

  17. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 4. Prove the soundness of D sound : @ x : B , D x “ true Ñ I x. if D p hs , p i , j qq “ true then a „ a 1 Critical: The development cost of this proof depends on the implementation choice for union and find . 7 / 25

  18. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R sound Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 4. Prove the soundness of D For a specific instance b “ R p P q , the proof-term for I b has the form: ` ` ˘˘ sound b refl_eq D p b q 7 / 25

  19. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R sound Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 4. Prove the soundness of D For a specific instance b “ R p P q , the proof-term for I b has the form: ` ` ˘˘ sound b refl_eq D p b q This term has type I b only if D b is convertible to true. 7 / 25

  20. Original proof by reflection A certified decision procedure written in a total language is a robust tool for the proof developer. But, it has a high cost of development , often leading to simplifications destroying efficiency. 8 / 25

  21. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 9 / 25

  22. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 9 / 25

  23. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 9 / 25

  24. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 9 / 25

  25. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. D : B Ñ C Critical: D gives a certificate that must be checked. 9 / 25

  26. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. 9 / 25

  27. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. check : @ x : B , C Ñ bool 9 / 25

  28. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. 5. Prove the soundness of the checker 9 / 25

  29. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R sound check . check Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. 5. Prove the soundness of the checker sound check : @ x : B , y : C , check x y “ true Ñ I x 9 / 25

  30. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R sound check . check Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. 5. Prove the soundness of the checker For a specific instance b “ R p P q , a proof-term for I b has the form: ` ` ˘˘ sound check b D p b q refl_eq check D p b q 9 / 25

Recommend

Type Theory Proof by reflection Marene Dimmendaal, Pleun Koldewijn Overview - What is proof

Type Theory Proof by reflection Marene Dimmendaal, Pleun Koldewijn Overview - What is proof

Type Theory Proof by reflection Marene Dimmendaal, Pleun Koldewijn Overview - What is proof by reflection? - The two main classes: - Direct computation proofs - Algebraic computation proofs - Example Direct proof - Example

483 views • 37 slides
Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1. About Think Lightweight 2. What are Lightweight Structures? 3. Industry Applications 4. Product Line Review 5. Think Lightweight Component

832 views • 43 slides
A Small Reflection On Group Automorphisms Franc ois Garillot Mathematical Components

A Small Reflection On Group Automorphisms Franc ois Garillot Mathematical Components

A Small Reflection On Group Automorphisms Franc ois Garillot Mathematical Components Microsoft Research - INRIA Joint Centre Orsay, France 1 The Coq Proof Assistant 2 The Coq Proof Assistant + SSReflect V 1.1 : Just released !

761 views • 40 slides
Reflection ranks and proof theoretic ordinals (based on joint work with James Walsh) Fedor

Reflection ranks and proof theoretic ordinals (based on joint work with James Walsh) Fedor

Reflection ranks and proof theoretic ordinals (based on joint work with James Walsh) Fedor Pakhomov Steklov Mathematical Institute, Moscow pakhf@mi.ras.ru Logic Colloquium 2018, Udine 24 July 2018 Con -Order def U proves consistence

407 views • 16 slides
Evidence for a posteriori security Alexander Hicks, Steven J. Murdoch University College London

Evidence for a posteriori security Alexander Hicks, Steven J. Murdoch University College London

Evidence for a posteriori security Alexander Hicks, Steven J. Murdoch University College London Evidence? Liability Accountability Law Due process Auditability Verifiability Integrity Proof

448 views • 15 slides
Topic 9: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 9: Lighting & Reflection models Lighting & reflection The Phong reflection

9/10/2016 Topic 9: Lighting & Reflection models Lighting & reflection The Phong reflection model diffuse component ambient component specular component Spot the differences Terminology Illumination The transport

339 views • 5 slides
The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will revolutionise the international high-rise construction industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight

417 views • 12 slides
Topic 10: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 10: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 10: Lighting & Reflection models Lighting & reflection The Phong reflection model diffuse component ambient component specular component Spot the differences Terminology Illumination The transport of

1.08k views • 30 slides
Topic 8: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 8: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 8: Lighting & Reflection models Lighting & reflection The Phong reflection model diffuse component ambient component specular component Showtime Logistics Welcome back Professor Singh is away for the

1.24k views • 87 slides
Scalable Semidefinite Relaxation for Maximum A Posteriori Estimation Qixing Huang, Yuxin Chen, and

Scalable Semidefinite Relaxation for Maximum A Posteriori Estimation Qixing Huang, Yuxin Chen, and

ICML 2014, Beijing Scalable Semidefinite Relaxation for Maximum A Posteriori Estimation Qixing Huang, Yuxin Chen, and Leonidas Guibas Stanford University Page 1 Maximum A Posteriori (MAP) Inference Markov Random Field (MRF) w i :

777 views • 33 slides
On the use of a Second Moment Equation for A Posteriori Error Estimate in CFD University of

On the use of a Second Moment Equation for A Posteriori Error Estimate in CFD University of

On the use of a Second Moment Equation for A Posteriori Error Estimate in CFD University of Manchester EngD Stuart Russant Supervisors: D. Laurence, H. Iacovides On the use of a Second Moment Equation for A Posteriori Error Estimate in CFD

388 views • 26 slides
The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept will revolutionise the aviation industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight applications Patent Applied For

479 views • 12 slides
Set-theoretical aspects of proof theory via Turing progressions Joost J. Joosten Universitat de

Set-theoretical aspects of proof theory via Turing progressions Joost J. Joosten Universitat de

A personal note Proof Theory Turing progressions and ordinal analysis Set-theoretical aspects of proof theory via Turing progressions Joost J. Joosten Universitat de Barcelona Saturday 17-11-2018 Reflections on Set-Theoretic Reflection,

1.12k views • 96 slides
3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

Griffith University 3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof by construction 2. Proof by equivalence 3. Proof by contradiction 4. Proof by case analysis 5. Proof by induction

549 views • 11 slides
Specular Reflection CS418 Computer Graphics John C. Hart Diffuse Reflection diffuse reflection

Specular Reflection CS418 Computer Graphics John C. Hart Diffuse Reflection diffuse reflection

Specular Reflection CS418 Computer Graphics John C. Hart Diffuse Reflection diffuse reflection Specular Reflection diffuse reflection diffuse + specular reflection Specular Reflection n v l Specular gleem is a diffused mirror

860 views • 19 slides
New Lightweight DES Variants Suited for RFID Applications G. Leander, C. Paar, A. Poschmann, K.

New Lightweight DES Variants Suited for RFID Applications G. Leander, C. Paar, A. Poschmann, K.

New Lightweight DES Variants Suited for RFID Applications G. Leander, C. Paar, A. Poschmann, K. Schramm Workshop on Fast Software Encryption 2007 Outline Introduction Why lightweight? Why choose DES? DESL: DES Lightweight Why change DES?

364 views • 12 slides
Reflection is a way of thinking about learning and What is reflection? Employability skills The

Reflection is a way of thinking about learning and What is reflection? Employability skills The

Reflection is a way of thinking about learning and What is reflection? Employability skills The EURO Process How to access Advantage and the EE resources Q&A might take you Reflection is a way of thinking about learning and helping you to

457 views • 29 slides
CS 287 Advanced Robotics (Fall 2019) Lecture 13: Kalman Smoother, Maximum A Posteriori, Maximum

CS 287 Advanced Robotics (Fall 2019) Lecture 13: Kalman Smoother, Maximum A Posteriori, Maximum

CS 287 Advanced Robotics (Fall 2019) Lecture 13: Kalman Smoother, Maximum A Posteriori, Maximum Likelihood, Expectation Maximization Pieter Abbeel UC Berkeley EECS Outline n Kalman smoothing n Maximum a posteriori sequence n Maximum likelihood

865 views • 68 slides
VI. Using the Self-Reflection Rubric for Dialogue and Reflection Alicia Ausara, Senior Manager of

VI. Using the Self-Reflection Rubric for Dialogue and Reflection Alicia Ausara, Senior Manager of

VI. Using the Self-Reflection Rubric for Dialogue and Reflection Alicia Ausara, Senior Manager of Training, California Collaborative for Educational Excellence California English Learner Roadmap Launch Event Self-Reflection Rubric Purpose

274 views • 6 slides
FDP101X: Lab Assignment 2 REFLECTION SPOT ACTIVITY IMAGE ON ALU IN MICROPROCESSOR Reflection

FDP101X: Lab Assignment 2 REFLECTION SPOT ACTIVITY IMAGE ON ALU IN MICROPROCESSOR Reflection

FDP101X: Lab Assignment 2 REFLECTION SPOT ACTIVITY IMAGE ON ALU IN MICROPROCESSOR Reflection Spot time stamp : #Reflection Spot time: (12.12) Reflection Spot question What is ALU? Answer ALU is a temperory register used to hold

186 views • 15 slides
Semi-stationary reflection, stationary reflection and combinatorics Hiroshi Sakai (joint work

Semi-stationary reflection, stationary reflection and combinatorics Hiroshi Sakai (joint work

Semi-stationary reflection, stationary reflection and combinatorics Hiroshi Sakai (joint work with Boban Veli ckovi c) October 28, 2010 1.1 Stationary reflection For a cardinal 2 , the stationary reflection in [ ] is

157 views • 14 slides
s X reflecting hyperplane

s X reflecting hyperplane

Reflection groups and q -reflection groups Yuri Bazlov Geometry seminar 24 November 2009 Reflections vector space over k , is finite. s is a (pseudo) reflection if s is of finite order,

753 views • 23 slides
Advanced Java Course Reflection Reflection API What if you want to access information not

Advanced Java Course Reflection Reflection API What if you want to access information not

Advanced Java Course Reflection Reflection API What if you want to access information not just about the Object, but about that Objects Class? What if you want to access a method, field, or constructor whose name you dont know

574 views • 23 slides
Introduction to neutron reflection Adrian Rennie Outline Inteference of waves Refractive index

Introduction to neutron reflection Adrian Rennie Outline Inteference of waves Refractive index

Introduction to neutron reflection Adrian Rennie Outline Inteference of waves Refractive index Critical angle, total reflection Reflection Light oil water Reflection Light oil water Reflection and Refraction: Snells Law For

1.04k views • 66 slides

More recommend