Presentation is loading. Please wait.

Presentation is loading. Please wait.

VeriML DARPA CRASH Project Progress Report Antonis Stampoulis October 5 th, 2012 A language-based, dependently-typed, user-extensible approach to proof.

Published byScot O’Neal’ Modified over 9 years ago

Similar presentations

Presentation on theme: "VeriML DARPA CRASH Project Progress Report Antonis Stampoulis October 5 th, 2012 A language-based, dependently-typed, user-extensible approach to proof."— Presentation transcript:

1 VeriML DARPA CRASH Project Progress Report Antonis Stampoulis October 5 th, 2012 A language-based, dependently-typed, user-extensible approach to proof assistants

2 Software certification —CompCert [Leroy et al] —seL4 microkernel [Klein et al] Mathematical theorems —Four-color theorem [Gonthier et al] —Feit-Thompson (Odd Order Theorem) [same team] Proof – to – code size ratio: ~ 8 lines – to - 1 20 p.y. of proof for 2 p.y. of development Started May 2006 Finished last week! ~1.3 weeks per page Large formal proofs are possible and useful! require huge manual effort

3 —can use domain- specific automation —yet automation reconstructs full details —validity fixed —proofs and automation hard to write Informal proofs —use “trivially”, “similarly”, omit unnecessary details —require domain-specific intuition —validity extensible calculus reals basic reasoning Formal proofs

4 VeriML -easy to develop new automation and extend background reasoning -extensible notion of formal proof (no trivial details!) -novel programming language -focus on writing automation procedures -more generally: programs that construct proofs -serves as a novel proof assistant Rich types Rich programming model First-class support for logic Safety Expressiveness Convenience

5 Comparison of Architecture “ proof by juxtaposition ” Traditional proof assistants ML type- checking Tactic definition Tactic invocation Proof object Proof checking ? HOL4, HOL-Light Isabelle Coq NuPRL PVS, ACL2 don’t do that! (unsafe) Proof scripts invoke tactics Tactics contain proof scripts Every invocation can fail! Proof scripts invoke tactics Tactics contain proof scripts Every invocation can fail!

6 Comparison of Architecture Traditional proof assistants VeriML ML type- checking Tactic definition Tactic invocation Proof object Proof checking ?

7 Comparison of Architecture “ proof by juxtaposition ” Traditional proof assistants VeriML ML type- checking Tactic definition Tactic invocation Proof object Proof checking ? VeriML type checking Proof checking Tactic definition Tactic invocation Proof object OK! -Reduce possibility of error -Leverage information to help user while writing tactic -Extend traditional interactivity model -Don’t need to produce proof objects

8 Normal type-checking Stage one evaluation without producing proof objects Stage one evaluation without producing proof objects Normal evaluation Normal evaluation Background reasoning in VeriML VeriML proofs, tactics, etc. VeriML Type- & Proof- checking -smaller proof checker -can still generate full proof objects -soundness guaranteed -extensions to background reasoning are cheap -extensible static checking for proofs and tactics as well! arithmetic simplification equational reasoning normal conversion base VeriML typing

9 Recent progress -main milestone: wrote my dissertation on VeriML and defended it! (400 pages and counting…) -implementation milestones: VeriML 0.5 -completed new compilation-based backend for VeriML -proper staging support -separate compilation of VeriML modules -cleaned up various features in the implementation and the examples -technical milestones -cleaned-up presentation of metatheory -initial investigation of user-defined representations for VeriML pattern matching

10 VeriML proofs, tactics, etc. VeriML Type- & Proof- checking Recent progress: Compilation VeriML proofs, tactics, etc. VeriML Type- & Proof- checking VeriML to OCaml Residual program ~6mins ~15 sec

11 Example: Arithmetic simplification

12

13 Further extensions to type inference Figure out user-defined representations for pattern matching Pattern matching for inductive definitions SMT-like cooperating decision procedures Future work

Download ppt "VeriML DARPA CRASH Project Progress Report Antonis Stampoulis October 5 th, 2012 A language-based, dependently-typed, user-extensible approach to proof."

Similar presentations

Static and User-Extensible Proof Checking Antonis StampoulisZhong Shao Yale University POPL 2012.

Static and User-Extensible Proof Checking Antonis StampoulisZhong Shao Yale University POPL 2012.
Certified Typechecking in Foundational Certified Code Systems Susmit Sarkar Carnegie Mellon University.

Certified Typechecking in Foundational Certified Code Systems Susmit Sarkar Carnegie Mellon University.
Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.

Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
25 February 2009Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department.

25 February 2009Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department.
Foundational Certified Code in a Metalogical Framework Karl Crary and Susmit Sarkar Carnegie Mellon University.

Foundational Certified Code in a Metalogical Framework Karl Crary and Susmit Sarkar Carnegie Mellon University.
March 4, 2005Susmit Sarkar 1 A Cost-Effective Foundational Certified Code System Susmit Sarkar Thesis Proposal.

March 4, 2005Susmit Sarkar 1 A Cost-Effective Foundational Certified Code System Susmit Sarkar Thesis Proposal.
Towards a Practical Composition Language Oscar Nierstrasz Software Composition Group University of Bern.

Towards a Practical Composition Language Oscar Nierstrasz Software Composition Group University of Bern.
VIDE als voortzetting van Cocktail SET Seminar 11 september 2008 Dr. ir. Michael Franssen.

VIDE als voortzetting van Cocktail SET Seminar 11 september 2008 Dr. ir. Michael Franssen.
VeriML: Revisiting the Foundations of Proof Assistants Zhong Shao Yale University MacQueen Fest May 13, 2012 (Joint work with Antonis Stampoulis)

VeriML: Revisiting the Foundations of Proof Assistants Zhong Shao Yale University MacQueen Fest May 13, 2012 (Joint work with Antonis Stampoulis)
An Integration of Program Analysis and Automated Theorem Proving Bill J. Ellis & Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt.

An Integration of Program Analysis and Automated Theorem Proving Bill J. Ellis & Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt.
Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.
S EMINAL : Searching for ML Type-Error Messages Benjamin Lerner, Dan Grossman, Craig Chambers University of Washington.

S EMINAL : Searching for ML Type-Error Messages Benjamin Lerner, Dan Grossman, Craig Chambers University of Washington.
CLF: A Concurrent Logical Framework David Walker Princeton (with I. Cervesato, F. Pfenning, K. Watkins)

CLF: A Concurrent Logical Framework David Walker Princeton (with I. Cervesato, F. Pfenning, K. Watkins)
PROOF TRANSLATION AND SMT LIB CERTIFICATION Yeting Ge Clark Barrett SMT 2008 July 7 Princeton.

PROOF TRANSLATION AND SMT LIB CERTIFICATION Yeting Ge Clark Barrett SMT 2008 July 7 Princeton.
VIDE Integrated Environment for Development and Verification of Programs.

VIDE Integrated Environment for Development and Verification of Programs.
Architectural Reasoning in ArchJava Jonathan Aldrich Craig Chambers David Notkin University of Washington ECOOP ‘02, 13 June 2002.

Architectural Reasoning in ArchJava Jonathan Aldrich Craig Chambers David Notkin University of Washington ECOOP ‘02, 13 June 2002.
Extensibility, Safety and Performance in the SPIN Operating System Bershad et al Presentation by norm Slides shamelessly “borrowed” from Stefan Savage’s.

Extensibility, Safety and Performance in the SPIN Operating System Bershad et al Presentation by norm Slides shamelessly “borrowed” from Stefan Savage’s.
A Type System for Expressive Security Policies David Walker Cornell University.

A Type System for Expressive Security Policies David Walker Cornell University.
Chair of Software Engineering Automatic Verification of Computer Programs.

Chair of Software Engineering Automatic Verification of Computer Programs.

Similar presentations

Ads by Google