Steps towards Verified Implementations of HOL Light

Myreen, Magnus O.; Owens, Scott; Kumar, Ramana

doi:10.1007/978-3-642-39634-2_38

Cited by 9 publications

(12 citation statements)

References 9 publications

(11 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our overall goal is to prove the soundness of a conventional stateful implementation, so we formalise a stateful version of HOL (our rough diamond contains a brief overview [11]) and give it semantics by translation into the stateless version. The only significant difference between the stateful and stateless versions is that the stateless carries definitions of constants as tags on the terms and types.…”

Section: From Stateful Back To Statelessmentioning

confidence: 99%

“…This work is part of a larger project, introduced in our rough diamond last year [11], to produce a verified machine-code implementation of a HOL prover. This paper represents the top half of the project: soundness of the logic, and a verified implementation of the logical kernel in CakeML [7].…”

Section: Introductionmentioning

confidence: 99%

“…As outlined in our rough diamond [11], we define shallowly-embedded HOL functions, using a state-exception monad, for each of the HOL Light kernel functions. These "monadic kernel functions" are written following the original OCaml code closely, then we prove that they implement the stateful inference rules.…”

mentioning

confidence: 99%

See 2 more Smart Citations

HOL with Definitions: Semantics, Soundness, and a Verified Implementation

Kumar

Arthan

Myreen

et al. 2014

Interactive Theorem Proving

Self Cite

View full text Add to dashboard Cite

Abstract. We present a mechanised semantics and soundness proof for the HOL Light kernel including its definitional principles, extending Harrison's verification of the kernel without definitions. Soundness of the logic extends to soundness of a theorem prover, because we also show that a synthesised implementation of the kernel in CakeML refines the inference system. Our semantics is the first for Wiedijk's stateless HOL; our implementation, however, is stateful: we give semantics to the stateful inference system by translation to the stateless. We improve on Harrison's approach by making our model of HOL parametric on the universe of sets. Finally, we prove soundness for an improved principle of constant specification, in the hope of encouraging its adoption. This paper represents the logical kernel aspect of our work on verified HOL implementations; the production of a verified machine-code implementation of the whole system with the kernel as a module will appear separately.

show abstract

Section: From Stateful Back To Statelessmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

HOL with Definitions: Semantics, Soundness, and a Verified Implementation

Kumar

Arthan

Myreen

et al. 2014

Interactive Theorem Proving

Self Cite

View full text Add to dashboard Cite

show abstract

“…We (Myreen et al [5]) are working on tools in HOL4 for verifying implementations of code derived from shallow embeddings. Harrison's soundness proof for HOL supports an excellent case study for our tools wherein we will verify an implementation of HOL Light, but it lives in a different prover.…”

Section: The Opentheory Vision: Reusable Theory Packagesmentioning

confidence: 99%

“…Harrison's work, especially the soundness proof, makes considerable use of sets as predicates 5 . We hope to port his proof, but doing so would be non-trivial because it has not been made to work with the proof-logging fork of HOL Light and makes extensive use of sets represented by predicates.…”

Section: ∀P Every P [ ] and ∀P H T Every P (H::t) = P H ∧ Every P Tmentioning

confidence: 99%

Challenges in Using OpenTheory to Transport Harrison's HOL Model from HOL Light to HOL4

Kumar

EPiC Series in Computing

Self Cite

View full text Add to dashboard Cite

OpenTheory is being used for the first time (in work to be described at ITP 2013) as a tool in a larger project, as opposed to in an example demonstrating OpenTheory's capability. The tool works, demonstrating its viability. But it does not work completely smoothly, because the use case is somewhat at odds with OpenTheory's primary design goals. In this extended abstract, we explore the tensions between the goals that OpenTheory-like systems might have, and question the relative importance of various kinds of use. My hope is that describing issues arising from work in progress will stimulate fruitful discussion relevant to the development of proof exchange systems. The OpenTheory Vision: Reusable Theory PackagesOpenTheory [3] is a format for representing theories in higher-order logic, inspired by an analogy: theories are software packages, which may depend on one another, and proofs are bytecode for a portable virtual machine. Just as a piece of software (especially a library) can be useful in the development of another (library or application), so can the definitions and theorems in one formal development be a useful component for another. For example, existing theories about floating-point numbers and finite words might both be used in the development a formal model of an instruction set architecture. The problem is that these theories may have been developed in different provers and may not be directly compatible.There are multiple HOL prover implementations, analogous to different platforms, including HOL Light, HOL4, ProofPower, and Isabelle/HOL, each with a broadly similar logic and architecture, but with significant differences in their libraries of native theories and their integrated proof development (e.g. automation) tools. The aim of OpenTheory is to support theory engineering across provers, akin to the software engineering applicable to large software developments. (OpenTheory does not yet support provers using different logics like Coq or Twelf: bridging the differences between HOL-based systems is enough of a challenge already.) Large formal developments that span multiple provers require methods of exchange, and benefit when those methods promote reuse of native theories as opposed to isolated duplications.OpenTheory's approach to exchange is based on a standard format for low-level proofs coupled with a standard library of theory packages. The standard format enables capture and replay of proof work in any prover supporting the format. The standard library factors out various core theories that are likely to be used by many developments and provides a standard interface for depending on such library theories by reusing a prover's native theories as opposed to rederiving them on import. (For example, if the standard library has some basic theorems about foo and HOL4 has an equivalent constant FOO, then we map foo to FOO on import and enable reuse of all of HOL4's FOO theorems, rather than importing foo theorems, proving foo = FOO, and mediating any combined reasoning through the equival...

show abstract

Towards a Formally Verified Proof Assistant

Anand

Rahli

2014

Interactive Theorem Proving

View full text Add to dashboard Cite

Where a licence is displayed above, please note the terms and conditions of the licence govern your use of this document. When citing, please reference the published version. Take down policy While the University of Birmingham exercises care and attention in making items available there are rare occasions when an item has been uploaded in error or has been deemed to be commercially or otherwise sensitive.

show abstract

Steps towards Verified Implementations of HOL Light

Cited by 9 publications

References 9 publications

HOL with Definitions: Semantics, Soundness, and a Verified Implementation

HOL with Definitions: Semantics, Soundness, and a Verified Implementation

Challenges in Using OpenTheory to Transport Harrison's HOL Model from HOL Light to HOL4

Towards a Formally Verified Proof Assistant

Contact Info

Product

Resources

About