Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tool Support for proof Engineering Anne Mulhern Computer Sciences Department University of Wisconsin-Madison Madison, WI USA

Published byLeslie Simmons Modified over 9 years ago

Similar presentations

Presentation on theme: "Tool Support for proof Engineering Anne Mulhern Computer Sciences Department University of Wisconsin-Madison Madison, WI USA"— Presentation transcript:

1 Tool Support for proof Engineering Anne Mulhern Computer Sciences Department University of Wisconsin-Madison Madison, WI USA mulhern@cs.wisc.edu www.cs.wisc.edu/~mulhern Anne Mulhern Charles Fischer Ben Liblit

2 UITP 2006Tool Support for Proof Engineering2 Size of Proofs Certified C compiler in Coq [Leroy et al] –Compiler + proof that compiler preserves semantics –Back-end One man-year 35,000 lines of Coq scripts, definitions, and tactics –Front-end 3/4 man-year 6,000 lines of Coq scripts, definitions, and tactics

3 UITP 2006Tool Support for Proof Engineering3 Proof Material/Definitions Formal Certification of a Compiler Back-end or: Programming a Compiler with a Proof Assistant [Xavier Leroy, POPL 2006]

4 UITP 2006Tool Support for Proof Engineering4 Proof Objects/Proof Scripts Proof objects can be an order of magnitude larger than proof scripts Factors –Down Good modularization –Up Powerful tactics Good use of hints

5 UITP 2006Tool Support for Proof Engineering5 Size of Linux Kernel 1991 - 10,000 lines 1996 - 800,000 lines 2001 - 3 million lines 2006 - 7 million lines

6 UITP 2006Tool Support for Proof Engineering6 Integrated Proof Environment Abbreviated as IPE Similar to an IDE (Integrated Development Environment) Uncommon

7 UITP 2006Tool Support for Proof Engineering7 This is a position paper tools and techniques from IDEs can be transferred to IPEs tools and techniques from IDEs should be transferred to IPEs

8 UITP 2006Tool Support for Proof Engineering8 Outline Motivation Tools and Techniques Mechanisms

9 UITP 2006Tool Support for Proof Engineering9 Outline Motivation Tools and Techniques Mechanisms

10 UITP 2006Tool Support for Proof Engineering10 Motivation Programming languages are my specialty –Formal proofs of programming language properties The POPLmark challenge –Generation of certified programs by extraction Formal Certification of a Compiler Back-end or: Programming a Compiler with a Proof Assistant [Xavier Leroy, POPL 2006]

11 UITP 2006Tool Support for Proof Engineering11 PL Proofs are different Proofs should be easy to modify and reuse For certified programs: structure of the generated proof matters Proofs frequently proceed by induction –Inductive theorems are particularly challenging On Strategies for Inductive Theorem Proving [Bernhard Gramlich, Strategies 2004 Invited Talk]

12 UITP 2006Tool Support for Proof Engineering12 Proofs are Programs Theory –Curry-Howard isomorphism Practice –Extend –Refactor –Debug We can tackle similar problems with similar techniques

13 UITP 2006Tool Support for Proof Engineering13 “The Seventeen Provers of the World” [Wiedjik] HOL Miza r PVS Otter /Ivy Isabelle /Isar Alfa/ Agda ACL 2 Pho X IMPS Metamat h Theorem a Lego Nupr l Omega B method Minlog Coq

14 UITP 2006Tool Support for Proof Engineering14 Outline Motivation Tools and Techniques Mechanisms

15 UITP 2006Tool Support for Proof Engineering15 Tools and Techniques Common Conveniences Proof Visualization in the Large Navigation by Derivation

16 UITP 2006Tool Support for Proof Engineering16 Common Conveniences in IDEs Multiple Views for understanding and navigation –Collapsed and expanded text –Outline Views –And so forth Automatic Refactoring –Rewriting while preserving meaning or behavior

17 UITP 2006Tool Support for Proof Engineering17 Legend

18 UITP 2006Tool Support for Proof Engineering18

19 UITP 2006Tool Support for Proof Engineering19

20 UITP 2006Tool Support for Proof Engineering20 Common Conveniences in IPEs

21 UITP 2006Tool Support for Proof Engineering21 Make Variable Implicit Variables whose value can be inferred from the type of other variables may be made implicit If a variable is implicit its value must not be given To make a variable implicit –Make implicit in definition –Change all uses of definition

22 UITP 2006Tool Support for Proof Engineering22 Tools and Techniques Common Conveniences Proof Visualization in the Large Navigation by Derivation

23 UITP 2006Tool Support for Proof Engineering23 Software Visualization in the Large Ball and Eick, 1996 Unary properties Color Large projects Multiple files

24 UITP 2006Tool Support for Proof Engineering24 Software Visualization in the Large [Ball and Eick, 1996]

25 UITP 2006Tool Support for Proof Engineering25 Proof Visualization in the Large Lemma “hot spots” Revision information Proportion of proofs to definitions Goal depth

26 UITP 2006Tool Support for Proof Engineering26 Goal depth     {

27 UITP 2006Tool Support for Proof Engineering27 Tools and Techniques Common Conveniences Proof Visualization in the Large Navigation by Derivation

28 UITP 2006Tool Support for Proof Engineering28

29 UITP 2006Tool Support for Proof Engineering29 Navigation by Derivation No obvious analog currently in IDEs but… –Numerous instances where original line numbering is preserved Parsers map to grammar file line numbers gcc maps to source file line numbers –Source/assembly navigation tool desirable

30 UITP 2006Tool Support for Proof Engineering30 Outline Motivation Tools and Techniques Mechanisms

31 UITP 2006Tool Support for Proof Engineering31 Mechanisms Textual Analysis on proofs or scripts –Multiple Views Compiler/Debugger techniques –Navigation by derivation Both –Refactoring –Proof visualization in the large

32 UITP 2006Tool Support for Proof Engineering32 Summary IPEs non-existent Proofs must be managed Technology already exists Considerable theoretical possibilities

33 Tool Support for proof Engineering Anne Mulhern Computer Sciences Department University of Wisconsin-Madison Madison, WI USA mulhern@cs.wisc.edu www.cs.wisc.edu/~mulhern Anne Mulhern Charles Fischer Ben Liblit

Download ppt "Tool Support for proof Engineering Anne Mulhern Computer Sciences Department University of Wisconsin-Madison Madison, WI USA"

Similar presentations

Isabelle / HOL Theorem Proving System

Isabelle / HOL Theorem Proving System
Static and User-Extensible Proof Checking Antonis StampoulisZhong Shao Yale University POPL 2012.

Static and User-Extensible Proof Checking Antonis StampoulisZhong Shao Yale University POPL 2012.
Techniques for Proving the Completeness of a Proof System Hongseok Yang Seoul National University Cristiano Calcagno Imperial College.

Techniques for Proving the Completeness of a Proof System Hongseok Yang Seoul National University Cristiano Calcagno Imperial College.
Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.

Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.
Foundational Certified Code in a Metalogical Framework Karl Crary and Susmit Sarkar Carnegie Mellon University.

Foundational Certified Code in a Metalogical Framework Karl Crary and Susmit Sarkar Carnegie Mellon University.
Formal Semantics of Programming Languages 虞慧群 Topic 5: Axiomatic Semantics.

Formal Semantics of Programming Languages 虞慧群 Topic 5: Axiomatic Semantics.
Hydra (A General Framework for Formalizing UML with Formal Languages for Embedded Systems*) *from the Ph.D. thesis of William E. McUmber Software Engineering.

Hydra (A General Framework for Formalizing UML with Formal Languages for Embedded Systems*) *from the Ph.D. thesis of William E. McUmber Software Engineering.
Linking HOL Light to Mathematica using OpenMath Supervised by:Dr. Sofiène Tahar Department of Electrical and Computer Engineering Presented by:Ons Seddiki.

Linking HOL Light to Mathematica using OpenMath Supervised by:Dr. Sofiène Tahar Department of Electrical and Computer Engineering Presented by:Ons Seddiki.
Automated Soundness Proofs for Dataflow Analyses and Transformations via Local Rules Sorin Lerner* Todd Millstein** Erika Rice* Craig Chambers* * University.

Automated Soundness Proofs for Dataflow Analyses and Transformations via Local Rules Sorin Lerner* Todd Millstein** Erika Rice* Craig Chambers* * University.
VeriML: Revisiting the Foundations of Proof Assistants Zhong Shao Yale University MacQueen Fest May 13, 2012 (Joint work with Antonis Stampoulis)

VeriML: Revisiting the Foundations of Proof Assistants Zhong Shao Yale University MacQueen Fest May 13, 2012 (Joint work with Antonis Stampoulis)
May 11, 2009 1 ACL2 Panel: What is the Future of Theorem Proving? Arvind Computer Science & Artificial Intelligence Laboratory.

May 11, ACL2 Panel: What is the Future of Theorem Proving? Arvind Computer Science & Artificial Intelligence Laboratory.
Research topics Semantic Web - Spring 2007 Computer Engineering Department Sharif University of Technology.

Research topics Semantic Web - Spring 2007 Computer Engineering Department Sharif University of Technology.
Research and objectives Modern software is incredibly complex: for example, a modern OS has more than 10 millions lines of code, organized in 10s of layers!

Research and objectives Modern software is incredibly complex: for example, a modern OS has more than 10 millions lines of code, organized in 10s of layers!
School of Computing and Mathematics, University of Huddersfield Knowledge Engineering: Issues for the Planning Community Lee McCluskey Department of Computing.

School of Computing and Mathematics, University of Huddersfield Knowledge Engineering: Issues for the Planning Community Lee McCluskey Department of Computing.
Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space 03-640-760603-640-5358 html://www.cs.tau.ac.il/~msagiv/courses/sem03.html.

Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space html://
Semantics with Applications Mooly Sagiv Schrirber 317 03-640-7606 html://www.cs.tau.ac.il/~msagiv/courses/sem08.html Textbooks:Winskel The.

Semantics with Applications Mooly Sagiv Schrirber html:// Textbooks:Winskel The.
Bridging the Gap Between Theory and Hardware Mario D. Marino, G. Robins, K. Skadron and L. Wang {mdm9uw,robins,skadron,lw2aw}.cs.virginia.edu Department.

Bridging the Gap Between Theory and Hardware Mario D. Marino, G. Robins, K. Skadron and L. Wang {mdm9uw,robins,skadron,lw2aw}.cs.virginia.edu Department.
A practical approach to formal methods Lecturer: Ralph Back Place: A5059 Time:e very second Monday, 13 - 16 Dates: 28.1, 11.2, 25.2, 10.3, 31.3, 14.4,

A practical approach to formal methods Lecturer: Ralph Back Place: A5059 Time:e very second Monday, Dates: 28.1, 11.2, 25.2, 10.3, 31.3, 14.4,
OpenModelica Development Environment with Eclipse Integration Adrian Pop, Peter Fritzson, Andreas Remar, Elmir Jagudin, David Akhvlediani Programming Environment.

OpenModelica Development Environment with Eclipse Integration Adrian Pop, Peter Fritzson, Andreas Remar, Elmir Jagudin, David Akhvlediani Programming Environment.
Research in Compilers and How it Relates to Software Engineering Part III: Relation to SE Tomofumi Yuki EJCP 2015 June 22, Nancy.

Research in Compilers and How it Relates to Software Engineering Part III: Relation to SE Tomofumi Yuki EJCP 2015 June 22, Nancy.

Similar presentations

Ads by Google