Results 1  10
of
94
Isar  a Generic Interpretative Approach to Readable Formal Proof Documents
, 1999
"... We present a generic approach to readable formal proof documents, called Intelligible semiautomated reasoning (Isar). It addresses the major problem of existing interactive theorem proving systems that there is no appropriate notion of proof available that is suitable for human communication, or ..."
Abstract

Cited by 100 (16 self)
 Add to MetaCart
We present a generic approach to readable formal proof documents, called Intelligible semiautomated reasoning (Isar). It addresses the major problem of existing interactive theorem proving systems that there is no appropriate notion of proof available that is suitable for human communication, or even just maintenance. Isar's main aspect is its formal language for natural deduction proofs, which sets out to bridge the semantic gap between internal notions of proof given by stateoftheart interactive theorem proving systems and an appropriate level of abstraction for userlevel work. The Isar language is both human readable and machinecheckable, by virtue of the Isar/VM interpreter. Compared to existing declarative theorem proving systems, Isar avoids several shortcomings: it is based on a few basic principles only, it is quite independent of the underlying logic, and supports a broad range of automated proof methods. Interactive proof development is supported as well...
Proving Java Type Soundness
, 1997
"... This technical report describes a machine checked proof of the type soundness of a subset of the Java language called Java S . A formal semantics for this subset has been developed by Drossopoulou and Eisenbach, and they have sketched an outline of the type soundness proof. The formulation developed ..."
Abstract

Cited by 91 (2 self)
 Add to MetaCart
This technical report describes a machine checked proof of the type soundness of a subset of the Java language called Java S . A formal semantics for this subset has been developed by Drossopoulou and Eisenbach, and they have sketched an outline of the type soundness proof. The formulation developed here complements their written semantics and proof by correcting and clarifying significant details; and it demonstrates the utility of formal, machine checking when exploring a large and detailed proof based on operational semantics. The development also serves as a case study in the application of `declarative' proof techniques to a major property of an operational system. Contents 1 Introduction 2 1.1 Java . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2 What is Type Soundness for Java? . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.3 The Tool: DECLARE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.4 Outl...
Subtypes for Specifications: Predicate Subtyping in PVS
 IEEE Transactions on Software Engineering
, 1998
"... A specification language used in the context of an effective theorem prover can provide novel features that enhance precision and expressiveness. In particular, typechecking for the language can exploit the services of the theorem prover. We describe a feature called "predicate subtyping" ..."
Abstract

Cited by 47 (5 self)
 Add to MetaCart
(Show Context)
A specification language used in the context of an effective theorem prover can provide novel features that enhance precision and expressiveness. In particular, typechecking for the language can exploit the services of the theorem prover. We describe a feature called "predicate subtyping" that uses this capability and illustrate its utility as mechanized in PVS.
Structured Proofs in Isar/HOL
 Types for Proofs and Programs (TYPES 2002), LNCS 2646
, 2003
"... Abstract. Isar is an extension of the theorem prover Isabelle with a language for writing humanreadable structured proofs. This paper is an introduction to the basic constructs of this language. 1 ..."
Abstract

Cited by 43 (9 self)
 Add to MetaCart
Abstract. Isar is an extension of the theorem prover Isabelle with a language for writing humanreadable structured proofs. This paper is an introduction to the basic constructs of this language. 1
NonStandard Analysis in ACL2
, 2001
"... ACL2 refers to a mathematical logic based on applicative Common Lisp, as well as to an automated theorem prover for this logic. The numeric system of ACL2 reflects that of Common Lisp, including the rational and complexrational numbers and excluding the real and complex irrationals. In conjunction ..."
Abstract

Cited by 29 (12 self)
 Add to MetaCart
ACL2 refers to a mathematical logic based on applicative Common Lisp, as well as to an automated theorem prover for this logic. The numeric system of ACL2 reflects that of Common Lisp, including the rational and complexrational numbers and excluding the real and complex irrationals. In conjunction with the arithmetic completion axioms, this numeric type system makes it possible to prove the nonexistence of specific irrational numbers, such as √2. This paper describes ACL2(r), a version of ACL2 with support for the real and complex numbers. The modifications are based on nonstandard analysis, which interacts better with the discrete flavor of ACL2 than does traditional analysis.
A Refinement of de Bruijn’s Formal Language of Mathematics
 Journal of Logic, Language and Information
, 2004
"... Abstract. We provide a syntax and a derivation system for a formal language of mathematics called Weak Type Theory (WTT). We give the metatheory of WTT and a number of illustrative examples. WTT is a refinement of de Bruijn’s Mathematical Vernacular (MV) and hence: WTT is faithful to the mathematici ..."
Abstract

Cited by 29 (15 self)
 Add to MetaCart
(Show Context)
Abstract. We provide a syntax and a derivation system for a formal language of mathematics called Weak Type Theory (WTT). We give the metatheory of WTT and a number of illustrative examples. WTT is a refinement of de Bruijn’s Mathematical Vernacular (MV) and hence: WTT is faithful to the mathematician’s language yet is formal and avoids ambiguities. WTT is close to the usual way in which mathematicians express themselves in writing. ¡ WTT has a syntax based on linguistic categories instead of set/type theoretic constructs. More so than MV however, WTT has a precise abstract syntax whose derivation rules resemble those of modern type theory enabling us to establish important desirable properties of WTT such as strong normalisation, decidability of type checking and subject reduction. The derivation system allows one to establish that a book written in WTT is wellformed following the syntax of WTT, and has great resemblance with ordinary mathematics books. WTT (like MV) is weak as regards correctness: the rules of WTT only concern linguistic correctness, its types are purely linguistic so that the formal translation into WTT is satisfactory as a readable, wellorganized text. In WTT, logicomathematical aspects of truth are disregarded. This separates concerns and means that WTT can be easily understood by either a mathematician, a logician or a computer scientist. acts as an intermediary between the language of mathematicians and that of logicians.
HumanReadable MachineVerifiable Proofs for Teaching Constructive Logic
 IJCAR Workshop on Proof Transformations, Proof Presentations and Complexity of Proofs (PTP01), http: //www.tcs.informatik.unimuenchen.de/~abel/ptp01.ps.gz
, 2001
"... A linear syntax for natural deduction proofs in firstorder intuitionistic logic is presented, which has been an effective tool for teaching logic. The proof checking algorithm is also given, which is the core of the tutorial proof checker Tutch. This syntax is then extended to proofs on the ass ..."
Abstract

Cited by 29 (0 self)
 Add to MetaCart
A linear syntax for natural deduction proofs in firstorder intuitionistic logic is presented, which has been an effective tool for teaching logic. The proof checking algorithm is also given, which is the core of the tutorial proof checker Tutch. This syntax is then extended to proofs on the assertion level which resemble single inferences one would make in a rigorous proof. The resulting language has only four constructs.