Interactive Theorem Provers

Similar documents
NICTA Advanced Course. Theorem Proving Principles, Techniques, Applications. Gerwin Klein Formal Methods

Computer-Checked Meta-Logic

Anselm s God in Isabelle/HOL

Analyse et Conception Formelle. Lesson 4. Proofs with a proof assistant

Ramsey s Theorem in ProofPower (Draft)

Program-ing in Coq. Matthieu Sozeau under the direction of Christine Paulin-Mohring

An Introduction to Proof Assistants

07 Practical Application of The Axiomatic Method

Interactive Theorem Proving

Toward a new formalization of real numbers

Nunchaku: Flexible Model Finding for Higher-Order Logic

Interactive Theorem Proving in Industry

Computer Proof Assistants and Univalent Foundations of Mathematics

Lectures on Computational Type Theory

Automated Reasoning. Lecture 9: Isar A Language for Structured Proofs

A Machine Checked Model of Idempotent MGU Axioms For a List of Equational Constraints

LCF + Logical Frameworks = Isabelle (25 Years Later)

Interpretation of Locales in Isabelle: Theories and Proof Contexts

Formalizing Mathematics

02 The Axiomatic Method

Theorem Proving for Verification

Programming with Dependent Types in Coq

M a s t e r r e s e a rc h I n t e r n s h i p. Formalisation of Ground Inference Systems in a Proof Assistant

Miscellaneous Isabelle/Isar examples

Calculational reasoning revisited

The Curry-Howard Isomorphism

De Bruijn s ideas on the Formalization of Mathematics

Inductive Theorem Proving

VeriML: Typed Computation of Logical Terms inside a Language with Effects

Agent-Based HOL Reasoning 1

Proof assistants: History, ideas and future

The Formal Proof Susan Gillmor and Samantha Rabinowicz Project for MA341: Appreciation of Number Theory Boston University Summer Term

Code Generation for a Simple First-Order Prover

The LCF Approach to Theorem Proving

Beyond First-Order Logic

The Coq Proof Assistant

Arithmetic in Metamath. Case Study: Bertrand s Postulate

Proving in the Isabelle Proof Assistant that the Set of Real Numbers is not Countable

A New Look at Generalized Rewriting in Type Theory

Nominal Inversion Principles

Classical First-Order Logic

A Recursion Combinator for Nominal Datatypes Implemented in Isabelle/HOL

Formalization of Mathematics: why Algebraic Topology?

The TLA + proof system

Program Composition in Isabelle/UNITY

Formal methods in mathematics

NICTA Advanced Course. Theorem Proving Principles, Techniques, Applications

A New Look At Generalized Rewriting in Type Theory

Automated Reasoning Lecture 5: First-Order Logic

Formal Theorem Proving and Sum-of-Squares Techniques

Depending on equations

Write your own Theorem Prover

Extending higher-order logic with predicate subtyping: application to PVS

Formalized First-Order Logic. Andreas Halkjær From

Proof Reconstruction for Z3 in Isabelle/HOL

A proof checking kernel for the λπ-calculus modulo

Gerwin Klein, June Andronick, Ramana Kumar S2/2016

Automated Reasoning Lecture 17: Inductive Proof (in Isabelle)

Formal SOS-Proofs for the Lambda-Calculus

An Isabelle/HOL Formalization of the Textbook Proof of Huffman s Algorithm

Deductive Verification

Miscellaneous Isabelle/Isar examples

Formal proof: current progress and outstanding challenges

Classical First-Order Logic

An Overview of A Formal Framework For Managing Mathematics

- Introduction to propositional, predicate and higher order logics

Mining the Archive of Formal Proofs

Mechanized Proof of Buchberger s Algorithm in ACL2

FIRST EXPERIMENTS WITH NEURAL TRANSLATION

Homotopy Probability Theory in the Univalent Foundations

ArgoCaLyPso SAT-Inspired Coherent Logic Prover

Probabilistic Guarded Commands Mechanized in HOL

MP 5 Program Transition Systems and Linear Temporal Logic

Introduction to Isabelle/HOL

Majority Vote Algorithm Revisited Again

Lattices and Orders in Isabelle/HOL

Automated Proving in Geometry using Gröbner Bases in Isabelle/HOL

Local Representations of Binding

Structuring the verification of heap-manipulating programs

Interactive theorem proving, automated reasoning, and dynamical systems

Formal Verification of Mathematical Algorithms

Formalization and Automation of Euclidean Geometry

Theoretical Computer Science. Representing model theory in a type-theoretical logical framework

INDUCTIVE DEFINITION

Chapter 2 Background. 2.1 A Basic Description Logic

02 Propositional Logic

Modular Architecture for Proof Advice AITP Components

Automated Reasoning Lecture 2: Propositional Logic and Natural Deduction

Type Theory and Constructive Mathematics. Type Theory and Constructive Mathematics Thierry Coquand. University of Gothenburg

Automated Generation of Formal and Readable Proofs of Mathematical Theorems ongoing work

Human-Readable Machine-Verifiable Proofs for Teaching Constructive Logic

Inductive Definitions and Fixed Points

Towards Higher-Order Superposition and SMT. Jasmin Blanchette

A Qualitative Comparison of the Suitability of Four Theorem Provers for Basic Auction Theory

Reasoning with Higher-Order Abstract Syntax and Contexts: A Comparison

Introduction to Type Theory February 2008 Alpha Lernet Summer School Piriapolis, Uruguay. Herman Geuvers Nijmegen & Eindhoven, NL

Keywords: Proof simplification, coherent logic, readable proofs, automated theorem provers, reductio ad absurdum

The Calculus of Inductive Constructions

Syntax and semantics of a GPU kernel programming language

Examples for program extraction in Higher-Order Logic

Transcription:

Interactive Theorem Provers from the perspective of Isabelle/Isar Makarius Wenzel Univ. Paris-Sud, LRI July 2014 = Isabelle λ β Isar α

1 Introduction

Notable ITP systems LISP based: ACL2 http://www.cs.utexas.edu/users/moore/acl2 PVS http://pvs.csl.sri.com ML based: HOL family: HOL4, HOL-Light, ProofPower,... Coq http://coq.inria.fr Isabelle/Isar http://isabelle.in.tum.de Other: Mizar http://www.mizar.org Agda http://wiki.portal.chalmers.se/agda See also: The Seventeen Provers of the World, F. Wiedijk (ed.), LNAI 3600, 2006. 1 Introduction 2

The LCF family LCF Edinburgh LCF (1979) Cambridge LCF (1985) HOL (1984/1988) Coq Coc (1985/1988). Coq 8.4pl4 (May 2014) Isabelle Isabelle (1986/1989) Isabelle/Isar (1999). Isabelle2013-2 (December 2013) 1 Introduction 3

TTY interaction (Wikipedia: K. Thompson and D. Ritchie at PDP-11) Interaction model: manual copy-paste from editor window into prover process 1 Introduction 4

Proof General (and clones) Interaction model: automated copy-paste and undo in the editor, prover process in background 1 Introduction 5

Isabelle today: document-oriented interaction 1 Introduction 6

Example: functional specifications with proofs datatype a seq = Empty Seq a ( a seq) fun concat :: a seq a seq a seq where concat Empty ys = ys concat (Seq x xs) ys = Seq x (concat xs ys) theorem concat empty: concat xs Empty = xs by (induct xs) simp all theorem conc assoc: concat (concat xs ys) zs = concat xs (concat ys zs) by (induct xs) simp all 1 Introduction 7

Example: unstructured proof scripts theorem concat empty : concat xs Empty = xs apply (induct xs) apply simp apply simp done theorem conc assoc : concat (concat xs ys) zs = concat xs (concat ys zs) apply (induct xs) apply simp apply simp done 1 Introduction 8

Example: abstract specifications and calculations class group = times + one + inverse + assumes group assoc: (x y) z = x (y z) and group left one: 1 x = x and group left inverse: inverse x x = 1 theorem (in group) group right inverse: x inverse x = 1 proof theorem (in group) group right one: x 1 = x proof have x 1 = x (inverse x x) by (simp only: group left inverse) also have... = x inverse x x by (simp only: group assoc) also have... = 1 x by (simp only: group right inverse) also have... = x by (simp only: group left one) finally show?thesis. qed 1 Introduction 9

2 Proof Systems

Isabelle/Pure: formal context Logical judgement: Θ, Γ ϕ background theory Θ (polymorphic types, constants, axioms; global data) proof context Γ (fixed variables, assumptions; local data) Operations on theories: merge and extend: Θ 3 = Θ 1 Θ 2 + τ + c :: τ + c t symbolic sub-theory relation: Θ 1 Θ 2 transfer of results: if Θ 1 Θ 2 and Θ 1, Γ ϕ then Θ 2, Γ ϕ 2 Proof Systems 11

Isabelle/Pure: primitive inferences Syntax (types and terms): fun :: (type, type)type all :: ( a prop) prop imp :: prop prop prop Derivations (theorems): implicit theory Θ function space a b universal quantification x. B x implication A = B A Θ A (axiom) A A (assume) Γ B[x] x / Γ Γ x. B[x] ( -intro) Γ x. B[x] Γ B[a] ( -elim) Γ B Γ A A = B (= -intro) Γ 1 A = B Γ 2 A Γ 1 Γ 2 B (= -elim) 2 Proof Systems 12

Isabelle/Isar: block-structured reasoning Universal context: fix and assume { fix x have B x proof } have x. B x by fact Existential context: obtain { obtain a where B a proof have C proof } have C by fact { assume A have B proof } have A = B by fact 2 Proof Systems 13

3 Proof Search

Isabelle/HOL proof methods rule: generic Natural Deduction (with HO unification) cases: elimination, syntactic representation of datatypes, inversion of inductive sets and predicates induct and coinduct: induction and coinduction of types, sets, predicates simp: equational reasoning by the Simplifier (HO rewriting), with possibilities for add-on tools fast and blast: classical reasoning (tableau) auto and force: combined simplification and classical reasoning arith, presburger: specific theories smt: Z3 with proof reconstruction 3 Proof Search 15

Sledgehammer Idea: heavy external ATPs / SMTs for proof search light internal ATP (Metis) for proof reconstruction 3 Proof Search 16

Automated disprovers counter examples quickcheck based on random functional evaluation nitpick based on relational model finder 3 Proof Search 17

4 Proof Formats

Proof formats: open-ended, no standards De-facto formats: LCF and HOL: ML source as input and output Coq: tactic scripts, e.g. Ltac, SSReflect Isabelle/Isar: structured proof documents (Isar language) unstructured apply scripts (tactic emulation) General LCF approach: use ML to implement your own application-specific proof formats 4 Proof Formats 19

5 Proof Production

The LCF approach Correctness by construction: (R. Milner, 1979) 1. abstract datatype thm in ML (the meta language ), constructors are the rules of the logic (the object language ) 2. implementation of arbitrary proof tools in ML, with explicit thm construction at run-time Notes: need to distinguish proof search from actual thm inferences thm values are abstract: proofs are not stored in memory, but: optional proof trace or proof term goal-directed LCF-approach fits well to shared-memory multiprocessing (multicore hardware) 5 Proof Production 21

6 Proof Consumption

Proof consumption in Isabelle/HOL HOL-Light importer: replay of primitive inferences from other LCF-kernel (huge trace) SMT proof method: connection to Z3, with proof reconstruction by standard proof tools of Isabelle/HOL: simp, blast, auto etc. Sledgehammer: heavy external ATPs / SMTs for proof search light internal ATP (Metis) for proof reconstruction 6 Proof Consumption 23

7 Proof Applications

Big formalization projects Flyspeck https://code.google.com/p/flyspeck (T. Hales, HOL-Light): formal proof of Kepler s Conjecture L4.verified http://ertos.nicta.com.au/research/l4.verified (G. Klein, Isabelle/HOL): formally correct operating system kernel Feit-Thompson Odd Order Theorem http://www.msr-inria. fr/news/feit-thomson-proved-in-coq (G. Gonthier, Coq/SSReflect) CompCert verified compiler http://compcert.inria.fr/doc (X. Leroy, Coq): optimizing C-compiler for various assembly languages, written and proven in the functional language of Coq 7 Proof Applications 25

Libraries of formalized mathematics Archive of Formal Proofs (AFP) http://afp.sf.net Isabelle/HOL Mathematical Components http://www.msr-inria.fr/projects/mathematical-components-2 Coq/SSReflect Mizar Mathematical Library http://www.mizar.org/library Mizar 7 Proof Applications 26

8 Conclusions

What is ITP? What is Isabelle/Isar? Hanabusa Itcho : Blind monks examining an elephant 8 Conclusions 28

Helpful hints New users: Spend time to develop a sense for more than one accidental candidate, before making a commitment. Spend substantial time to become proficient with the system of your choice. Old users: Learn how other proof assistants work, and what are their specific strengths and weaknesses. Isabelle users: Submit your finished applications to AFP http://afp.sf.net Happy proving! 8 Conclusions 29

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback