to correctness through proof
play

To Correctness through Proof Dale Miller (Team Leader) and Kaustuv - PowerPoint PPT Presentation

Jan 26, 2024 •338 likes •785 views

Parsifal 1 To Correctness through Proof Dale Miller (Team Leader) and Kaustuv Chaudhuri, Jo elle Despeyroux, St ephane Lengrand, Lutz Straburger plus 5 PhD students and a postdoc INRIA-Saclay & LIX/ Ecole Polytechnique

  1. Parsifal 1 “To Correctness through Proof” Dale Miller (Team Leader) and Kaustuv Chaudhuri, Jo¨ elle Despeyroux, St´ ephane Lengrand, Lutz Straßburger plus 5 PhD students and a postdoc INRIA-Saclay & LIX/ ´ Ecole Polytechnique Palaiseau, France INRIA Evaluation Seminar, Paris, 23 March 2011 1 Preuves Automatiques et Raisonnement sur des Sp´ ecIFicAtions Logiques 1 / 44

  2. Outline Vision and methodology What are we doing? Two-levels logic: reasoning about operational semantics Focused proof systems: a chemistry for inference Representations of proof What do we plan to do next? Improve theorem proving capabilities Broad spectrum proof certificates Proof theory research topics 2 / 44

  3. Vision Peter Andrews selected the subtitle “To Truth through Proof” to his textbook 3 / 44

  4. Vision Peter Andrews selected the subtitle “To Truth through Proof” to his textbook because “in mathematics the primary and ultimate tool for establishing truth is logic.” ⊢ A | implies = A 4 / 44

  5. Vision Peter Andrews selected the subtitle “To Truth through Proof” to his textbook because “in mathematics the primary and ultimate tool for establishing truth is logic.” ⊢ A | implies = A For the Information Age, we have fashioned the slogan “To Correctness through Proof” 5 / 44

  6. Vision Peter Andrews selected the subtitle “To Truth through Proof” to his textbook because “in mathematics the primary and ultimate tool for establishing truth is logic.” ⊢ A | implies = A For the Information Age, we have fashioned the slogan “To Correctness through Proof” ◮ Various artifacts ( i.e. , programming languages, type systems, programs, computation traces, protocols, etc. ) are our focus. ◮ Proofs relate in various ways to their correctness . ⊢ P : A 6 / 44

  7. Vision Peter Andrews selected the subtitle “To Truth through Proof” to his textbook because “in mathematics the primary and ultimate tool for establishing truth is logic.” ⊢ A | implies = A For the Information Age, we have fashioned the slogan “To Correctness through Proof” ◮ Various artifacts ( i.e. , programming languages, type systems, programs, computation traces, protocols, etc. ) are our focus. ◮ Proofs relate in various ways to their correctness . ⊢ P : A We exploit and develop structural proof theory ( a la Gentzen, Girard, . . . ) to provide rich properties of syntactic systems. 7 / 44

  8. Outline Vision and methodology What are we doing? Two-levels logic: reasoning about operational semantics Focused proof systems: a chemistry for inference Representations of proof What do we plan to do next? Improve theorem proving capabilities Broad spectrum proof certificates Proof theory research topics 8 / 44

  9. From the 2007 Parsifal proposal 9 / 44

  10. From the 2007 Parsifal proposal “ The Parsifal project will exploit recent developments in proof search, logic programming, and type theory 10 / 44

  11. From the 2007 Parsifal proposal “ The Parsifal project will exploit recent developments in proof search, logic programming, and type theory to make the specification of operational semantics more expressive and declarative 11 / 44

  12. From the 2007 Parsifal proposal “ The Parsifal project will exploit recent developments in proof search, logic programming, and type theory to make the specification of operational semantics more expressive and declarative and will develop techniques and tools for animating and reasoning directly on logic-based specifications. ” 12 / 44

  13. The two-level logic approach to reasoning ✎ ☞ computational artifacts e.g. λ -calculus, π -calculus, PCF ✍ , . . . ✌ 13 / 44

  14. The two-level logic approach to reasoning ✞ ☎ Example: A few operational semantic rules taken from Milner, Parrow & Walker, “A Calculus of Mobile Processes, Part II” (1989) ✝ ✆ ✎ ☞ computational artifacts e.g. λ -calculus, π -calculus, PCF ✍ , . . . ✌ 14 / 44

  15. The two-level logic approach to reasoning ✞ ☎ Example: ✄ � We wish to formalize and prove strong properties: - reachability, model-checking A few operational semantic rules taken from Milner, Parrow & Walker, - subject-reduction (type preservation) “A Calculus of Mobile Processes, Part II” (1989) ✝ ✆ - bisimulation is a congruence ✂ ✁ ✎ ☞ ւ computational artifacts e.g. λ -calculus, π -calculus, PCF ✍ , . . . ✌ 15 / 44

  16. The two-level logic approach to reasoning ✄ � We wish to formalize and prove strong properties: - reachability, model-checking - subject-reduction (type preservation) - bisimulation is a congruence ✂ ✁ ✎ ☞ ւ computational artifacts e.g. λ -calculus, π -calculus, PCF ✍ , . . . ✌ 16 / 44

  17. The two-level logic approach to reasoning ✄ � We wish to formalize and ✎ ☞ prove strong properties: specification (object) logic - reachability, model-checking e.g. Horn clauses, linear logic, . . . ✍ ✌ - subject-reduction (type preservation)   - bisimulation is a � encodes   congruence ✂ ✁ ✎ ☞ ւ computational artifacts e.g. λ -calculus, π -calculus, PCF ✍ , . . . ✌ 17 / 44

  18. The two-level logic approach to reasoning ✓ ✏ reasoning (meta) logic employs: induction and co-induction, the ∇ -quantifier, . . . ✒ ✑   � reasons about  ✄ �  We wish to formalize and ✎ ☞ prove strong properties: specification (object) logic - reachability, model-checking e.g. Horn clauses, linear logic, . . . ✍ ✌ - subject-reduction (type preservation)   - bisimulation is a � encodes   congruence ✂ ✁ ✎ ☞ ւ computational artifacts e.g. λ -calculus, π -calculus, PCF ✍ , . . . ✌ 18 / 44

  19. The two-level logic approach to reasoning ✓ ✏ reasoning (meta) logic employs: induction and co-induction, the ∇ -quantifier, . . . ✒ ✑ ց   � reasons about  ✄ �  We can formalize and ✎ ☞ prove strong properties: specification (object) logic - reachability, model-checking e.g. Horn clauses, linear logic, . . . ✍ ✌ - subject-reduction (type preservation)   - bisimulation is a � encodes   congruence ✂ ✁ ✎ ☞ ւ computational artifacts e.g. λ -calculus, π -calculus, PCF ✍ , . . . ✌ 19 / 44

  20. Bedwyr: a model checker Bedwyr is a completely automatic implementation of a fragment of the “reasoning logic.” ◮ It implements the ∇ -quantifier and proof search via the unfolding of fixed points. ◮ It can be used as a model checker for linguistic expressions, possibly containing bound variables. ◮ Implemented by Baelde (Parsifal PhD student) and Gacek (Parsifal intern). Bedwyr provides an entirely declarative model checker for the (finite) π -calculus. Collaborators: Gacek & Nadathur (U. Minnesota), Tiu (Australian National University) Funding: INRIA Associate Team Slimmer, NSF . Pubs: CADE07, CSL07, LFMTP08, Tableaux09 20 / 44

  21. Abella: an interactive, two-level logic prover Abella is an interactive theorem prover for the full reasoning logic and for one specific specification logic. Implemented by Gacek (PhD, U. Minnesota; postdoc, Parsifal). Examples (many contributed by users): ◮ POPLmark challenge: Part 1a and Part 2a ◮ Church-Rosser theorem ◮ weak and strong normalization of the simply-typed λ -calculus ◮ strong normalization for a variant of the λσ -calculus ◮ some of the π -calculus meta-theory ◮ correctness of a compiler from an Esterel-like language to C Collaborators: Abel (LMU Munich), Pollack (Edinburgh), Schack-Nielsen (ITU, Copenhagen), Tiu (Australian National University), Wilson (California State University) Funding: INRIA Associate Team Slimmer, NSF . Pubs: LICS08, LFMTP08, PPDP10, APLAS10, JAR 2010, I&C 2011 21 / 44

  22. Outline Vision and methodology What are we doing? Two-levels logic: reasoning about operational semantics Focused proof systems: a chemistry for inference Representations of proof What do we plan to do next? Improve theorem proving capabilities Broad spectrum proof certificates Proof theory research topics 22 / 44

  23. Focusing: the chemistry behind inference Complete (focused) proof search involves alternating between two phases. ◮ In logic programming : “goal-reduction” and “backchaining” (1987). ◮ In linear logic : “invertible” and “non-invertible” phases (Andreoli, 1991). Focusing provides a “chemistry” for inference. ◮ Gentzen’s introduction rules are the atoms of inference . ◮ Focusing provides the rules of chemistry : some atoms can stick together; others cannot go together. ◮ The result yields new molecules of inference (sometimes big phases). ◮ This chemistry is flexible and allows a range of engineering possibilities. 23 / 44

  24. Focusing: new systems The team has embraced “focused proof systems” in a strong way. ◮ focused proofs systems for classical (LKF) and intuitionistic (LJF) logics: these account for all previous focusing systems (LJT, LJQ, λ RCC, etc. ) ◮ maximal multi-focusing: capturing parallelism in proofs: e.g. , abstracting sequent calculus to obtain proof nets ◮ Focused proof system fixed points: a new approach to mixing computation with deduction . Collaborators: Liang (Hofstra University, NY), Funding: FP6 Mobius; INRIA Associate Team Slimmer. Pubs: CSL07/10, LICS08/09, JAR 2008/2010, IJCAR08, PPDP09, TCS 2009, LPAR10 24 / 44

Recommend

Verifying the seL4 Microkernel Formal Proof in Mathematics and Computer Science Lukas Stevens

Verifying the seL4 Microkernel Formal Proof in Mathematics and Computer Science Lukas Stevens

Verifying the seL4 Microkernel Formal Proof in Mathematics and Computer Science Lukas Stevens 21st June 2018 Outline 2. Design process of seL4 3. Formal methods of the correctness proof 4. Layers of the correctness proof 5. Conclusion 1 1.

754 views • 64 slides
08Program Verification II CS 5209: Foundation in Logic and AI Martin Henz and Aquinas Hobor

08Program Verification II CS 5209: Foundation in Logic and AI Martin Henz and Aquinas Hobor

Review Hoare Triples; Partial and Total Correctness Practical Aspects of Correctness Proofs Correctness of the Factorial Function Proof Calculus for Total Correctness 08Program Verification II CS 5209: Foundation in Logic and AI Martin

778 views • 39 slides
Computational Geometry Exercise session #5: Quadtrees Proof of correctness for monotone

Computational Geometry Exercise session #5: Quadtrees Proof of correctness for monotone

Computational Geometry Exercise session #5: Quadtrees Proof of correctness for monotone partitioning Quadtrees Mesh generation for VSLI circuits QuadTrees Octrees and applications Homework 3 handed 1 Yaron

670 views • 9 slides
Infeasible Paths Elimination by Symb. Execution Techniques: Proof of Correctness and Preservation

Infeasible Paths Elimination by Symb. Execution Techniques: Proof of Correctness and Preservation

Infeasible Paths Elimination by Symb. Execution Techniques: Proof of Correctness and Preservation of Paths Romain Aissat, Frederic Voisin and Burkhart Wolff Univ - Paris-Sud / LRI 1 Abstract TRACER [8] is a tool for verifying safety

361 views • 21 slides
Proving Preservation of Partial Correctness with ACL2: A Mechanical Compiler Source Level

Proving Preservation of Partial Correctness with ACL2: A Mechanical Compiler Source Level

Proving Preservation of Partial Correctness with ACL2: A Mechanical Compiler Source Level Correctness Proof Wolfgang Goerigk Christian-Albrechts-Universit at zu Kiel, Germany wg@informatik.uni-kiel.de wg/

297 views • 28 slides
CS70: Lecture 8. Outline. Extended GCD Algorithm. Correctness. Proof: Strong Induction. 1 Base:

CS70: Lecture 8. Outline. Extended GCD Algorithm. Correctness. Proof: Strong Induction. 1 Base:

CS70: Lecture 8. Outline. Extended GCD Algorithm. Correctness. Proof: Strong Induction. 1 Base: ext-gcd ( x , 0 ) returns ( d = x , 1 , 0 ) with x = ( 1 ) x +( 0 ) y . 1. Finish Up Extended Euclid. Induction Step: Returns ( d , A , B ) with d =

259 views • 5 slides
Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

3/10/10 Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness: partial correctness + termination Partial correctness: Program implements its specification 1 3/10/10 Proving Partial Correctness

420 views • 13 slides
Proof of Correctness By induction. Base: n 1 = y [ 0 : 0 ] 1 y [ 0 ] 1 x

Proof of Correctness By induction. Base: n 1 = y [ 0 : 0 ] 1 y [ 0 ] 1 x

Encoders, Decoders & Shifters Encoder F Specification: input : x , weight ( x ) 1 =

380 views • 9 slides
Generation of Verification Conditions (contd) Andreas Podelski November 21, 2011

Generation of Verification Conditions (contd) Andreas Podelski November 21, 2011

Generation of Verification Conditions (contd) Andreas Podelski November 21, 2011 mechanization of correctness proof given a Hoare triple { } C { } , mechanization of correctness proof given a Hoare triple { } C { } ,

633 views • 18 slides
Computational Geometry Monotone partitioning proof Exercise session #5: Quadtrees Lemma 1 : a

Computational Geometry Monotone partitioning proof Exercise session #5: Quadtrees Lemma 1 : a

Computational Geometry Monotone partitioning proof Exercise session #5: Quadtrees Lemma 1 : a polygon is y -monotone if it has no split or merge vertices (proven in lecture). Proof of correctness for monotone partitioning Lemma 2 :

45 views • 3 slides
3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

Griffith University 3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof by construction 2. Proof by equivalence 3. Proof by contradiction 4. Proof by case analysis 5. Proof by induction

549 views • 11 slides
Mathematical Induction n The inductive proof will sometimes point out an algorithmic solution to a

Mathematical Induction n The inductive proof will sometimes point out an algorithmic solution to a

2/28/16 Why induction? n Prove algorithm correctness Mathematical Induction n The inductive proof will sometimes point out an algorithmic solution to a problem n Strongly connected to recursion Rosen Chapter 5 Motivation Motivation n A group

524 views • 8 slides
Program Correctness Assert formal correctness statements about

Program Correctness Assert formal correctness statements about

Program Correctness Assert formal correctness statements about cri4cal parts of a program and reason effec4vely A program is intended to carry out a

1.01k views • 57 slides
A Mathematical Proof When referring to a proof in logic we usually mean: 1. A sequence of

A Mathematical Proof When referring to a proof in logic we usually mean: 1. A sequence of

A Mathematical Proof When referring to a proof in logic we usually mean: 1. A sequence of statements. 2. Based on axioms. 3. Each statement is derived via the derivation rules. Zero Knowledge Protocols 4. The proof is fixed, i.e, in any time,

642 views • 14 slides
The Correctness of a Code Generator for a Functional Language Nathana el Courant September 8,

The Correctness of a Code Generator for a Functional Language Nathana el Courant September 8,

The Correctness of a Code Generator for a Functional Language Nathana el Courant September 8, 2017 Nathana el Courant Verified code generation September 8, 2017 1 / 21 Context PVS: interactive proof assistant Specification language

383 views • 27 slides
How much is CompCerts proof worth, qualification-wise? Xavier Leroy Inria Paris-Rocquencourt

How much is CompCerts proof worth, qualification-wise? Xavier Leroy Inria Paris-Rocquencourt

How much is CompCerts proof worth, qualification-wise? Xavier Leroy Inria Paris-Rocquencourt Dagstuhl seminar Qualification of FM tools, April 2015 1 / 29 In this talk Some thoughts on taking advantage of CompCerts correctness

348 views • 32 slides
Reducing Total Correctness to Partial Correctness by a Transformation of the Language Semantics a

Reducing Total Correctness to Partial Correctness by a Transformation of the Language Semantics a

Reducing Total Correctness to Partial Correctness by a Transformation of the Language Semantics a 1 a 2 Sebastian Buruian S , tefan Ciob ac 1 Alexandru Ioan Cuza University Bitedefender 2 Alexandru Ioan Cuza University WPTE 2018

435 views • 21 slides
Proving Correctness of Graph Programs Relative to Recursively Nested Conditions Nils Erik Flick

Proving Correctness of Graph Programs Relative to Recursively Nested Conditions Nils Erik Flick

Proving Correctness of Graph Programs Relative to Recursively Nested Conditions Nils Erik Flick Universitt Oldenburg February 2017 Intro Correctness Results Rel. Work Conclusion Extras Outline Correctness and Graph Programs 1

354 views • 24 slides
Recalling Our Intro to the Course 1 The Program Correctness Problem ? Conventional models of

Recalling Our Intro to the Course 1 The Program Correctness Problem ? Conventional models of

Recalling Our Intro to the Course 1 The Program Correctness Problem ? Conventional models of using computers not easy to determine correctness! Has become a very important issue, not just in safety-critical apps. Components with

534 views • 36 slides
Correctness of Program Transformations as a Termination Problem Conrad Rau, David Sabel and

Correctness of Program Transformations as a Termination Problem Conrad Rau, David Sabel and

Correctness of Program Transformations as a Termination Problem Conrad Rau, David Sabel and Manfred Schmidt-Schau Goethe-University, Frankfurt am Main, Germany IJCAR 2012, Manchester, UK 1 Introduction & Motivation Automate correctness

345 views • 34 slides
Proofs, disproofs, and their duals Heinrich Wansing Advances in Modal Logic 2010 1 / 49 Syntax

Proofs, disproofs, and their duals Heinrich Wansing Advances in Modal Logic 2010 1 / 49 Syntax

Syntax and relational semantics of HB and extensions Proof-theoretic interpretation Display calculi Correctness of ( I i , C j ) wrt the proof-theoretic semantics Proofs, disproofs, and their duals Heinrich Wansing Advances in Modal Logic 2010

1.03k views • 78 slides
CS 671 Automated Reasoning Proof Automation in First Order Logic 1. Tactic-based proof search 2.

CS 671 Automated Reasoning Proof Automation in First Order Logic 1. Tactic-based proof search 2.

CS 671 Automated Reasoning Proof Automation in First Order Logic 1. Tactic-based proof search 2. Complete proof search with JProver Tactic-based proof search Sort rule applications by cost of induced proof search let simple prover = Repeat (

562 views • 9 slides
PROOF installation/usage Attila Krasznahorkay for the Tier3 PROOF WG Wednesday, June 9, 2010

PROOF installation/usage Attila Krasznahorkay for the Tier3 PROOF WG Wednesday, June 9, 2010

PROOF installation/usage Attila Krasznahorkay for the Tier3 PROOF WG Wednesday, June 9, 2010 Overview PROOF recap The work done in the WG WG Recommendations PROOF installation/configuration Using PROOF efficiently Usage

773 views • 28 slides
Proving Correctness of a KRK Chess Endgame Strategy by SAT-based Constraint Solving Marko

Proving Correctness of a KRK Chess Endgame Strategy by SAT-based Constraint Solving Marko

Introduction Reduction to SAT and URSA system Chess Endgame Strategies and Bratkos Strategy for KRK URSA Specification of KRK Endgame and of Strategy Correctness of Strategy Discussion and Conclusions Proving Correctness of a KRK Chess

390 views • 27 slides

More recommend