Results 1  10
of
12
Static Prediction of Heap Space Usage for Firstorder Functional Programs
 in Symposium on Principles of Programming Languages (POPL’03
, 2003
"... Categories and Subject Descriptors We show how to efficiently obtain linear a priori bounds on the heap space consumption of firstorder functional programs. The analysis takes space reuse by explicit deallocation into account and also furnishes an upper bound on the heap usage in the presence of ga ..."
Abstract

Cited by 175 (31 self)
 Add to MetaCart
(Show Context)
Categories and Subject Descriptors We show how to efficiently obtain linear a priori bounds on the heap space consumption of firstorder functional programs. The analysis takes space reuse by explicit deallocation into account and also furnishes an upper bound on the heap usage in the presence of garbage collection. It covers a wide variety of examples including, for instance, the familiar sorting algorithms for lists, including quicksort. The analysis relies on a type system with resource annotations. Linear programming (LP) is used to automatically infer derivations in this enriched type system. We also show that integral solutions to the linear programs derived correspond to programs that can be evaluated without any operating system support for memory management. The particular integer linear programs arising in this way are shown to be feasibly solvable under mild assumptions.
Another Type System for inPlace Update
, 2002
"... Linear typing schemes guarantee singlethreadedness and so the soundness of inplace update with respect to a functional semantics. But linear ..."
Abstract

Cited by 44 (8 self)
 Add to MetaCart
(Show Context)
Linear typing schemes guarantee singlethreadedness and so the soundness of inplace update with respect to a functional semantics. But linear
Real number calculations and theorem proving
 Proceedings of the 18th International Conference on Theorem Proving in Higher Order Logics, TPHOLs 2005, volume 3603 of Lecture Notes in Computer Science
, 2005
"... Abstract. Wouldn’t it be nice to be able to conveniently use ordinary real number expressions within proof assistants? In this paper we outline how this can be done within a theorem proving framework. First, we formally establish upper and lower bounds for trigonometric and transcendental functions. ..."
Abstract

Cited by 20 (5 self)
 Add to MetaCart
(Show Context)
Abstract. Wouldn’t it be nice to be able to conveniently use ordinary real number expressions within proof assistants? In this paper we outline how this can be done within a theorem proving framework. First, we formally establish upper and lower bounds for trigonometric and transcendental functions. Then, based on these bounds, we develop a rational interval arithmetic where real number calculations can be performed in an algebraic setting. This pragmatic approach has been implemented as a strategy in PVS. The strategy provides a safe way to perform explicit calculations over real numbers in formal proofs. 1
Efficient execution in an automated reasoning environment
 Journal of Functional Programming
, 2006
"... Abstract We describe a method to permit the user of a mathematical logic to write elegant logical definitions while allowing sound and efficient execution. We focus on the ACL2 logic and automated reasoning environment. ACL2 is used by industrial researchers to describe microprocessor designs and ot ..."
Abstract

Cited by 10 (4 self)
 Add to MetaCart
(Show Context)
Abstract We describe a method to permit the user of a mathematical logic to write elegant logical definitions while allowing sound and efficient execution. We focus on the ACL2 logic and automated reasoning environment. ACL2 is used by industrial researchers to describe microprocessor designs and other complicated digital systems. Properties of the designs can be formally established with the theorem prover. But because ACL2 is also a functional programming language, the formal models can be executed as simulation engines. We implement features that afford these dual applications, namely formal proof and execution on industrial test suites. In particular, the features allow the user to install, in a logically sound way, alternative executable counterparts for logicallydefined functions. These alternatives are often much more efficient than the logically equivalent terms they replace. We discuss several applications of these features. 1 Introduction This paper is about a way to permit the functional programmer to prove efficientprograms correct. The idea is to allow the provision of two definitions of the program: an elegant definition that supports effective reasoning by a mechanizedtheorem prover, and an efficient definition for evaluation. A bridge of this sort,
Verified Real Number Calculations: A Library for Interval Arithmetic
, 2007
"... Real number calculations on elementary functions are remarkably difficult to handle in mechanical proofs. In this paper, we show how these calculations can be performed within a theorem prover or proof assistant in a convenient and highly automated as well as interactive way. First, we formally est ..."
Abstract

Cited by 10 (1 self)
 Add to MetaCart
(Show Context)
Real number calculations on elementary functions are remarkably difficult to handle in mechanical proofs. In this paper, we show how these calculations can be performed within a theorem prover or proof assistant in a convenient and highly automated as well as interactive way. First, we formally establish upper and lower bounds for elementary functions. Then, based on these bounds, we develop a rational interval arithmetic where real number calculations take place in an algebraic setting. In order to reduce the dependency effect of interval arithmetic, we integrate two techniques: interval splitting and taylor series expansions. This pragmatic approach has been developed, and formally verified, in a theorem prover. The formal development also includes a set of customizable strategies to automate proofs involving explicit calculations over real numbers. Our ultimate goal is to provide guaranteed proofs of numerical properties with minimal human theoremprover interaction.
Random testing in PVS
 In: Workshop on Automated Formal Methods (AFM
, 2006
"... Abstract. Formulas are difficult to formulate and to prove, and are often invalid during specification development. Testing formulas prior to attempting any proofs could potentially save a lot of effort. Here we describe an implementation of random testing in the PVS verification system. 1 ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Formulas are difficult to formulate and to prove, and are often invalid during specification development. Testing formulas prior to attempting any proofs could potentially save a lot of effort. Here we describe an implementation of random testing in the PVS verification system. 1
Modeling and verification of an air traffic concept of operations, in "ISSTA 2004
 Proceedings of International Symposium on Software Testing and Analysis, ISTTA 2004
"... A high level model of the concept of operations of NASA’s Small Aircraft Transportation System for Higher Volume Operations (SATSHVO) is presented. The model is a nondeterministic, asynchronous transition system. It provides a robust notion of safety that relies on the logic of the concept rather t ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
A high level model of the concept of operations of NASA’s Small Aircraft Transportation System for Higher Volume Operations (SATSHVO) is presented. The model is a nondeterministic, asynchronous transition system. It provides a robust notion of safety that relies on the logic of the concept rather than on physical constraints such as aircraft performances. Several safety properties were established on this model. The modeling and verification effort resulted in the identification of 9 issues, including one major flaw, in the original concept. Ten recommendations were made to the SATSHVO concept development working group. All the recommendations were accepted and incorporated into the current concept of operations. The model was written in PVS. The verification is performed using an explicit state exploration algorithm written and proven correct in PVS.
Using a singlethreaded object to speed a verified graph pathfinder
 UNIVERSITY OF TEXAS DEPT. OF CS TR
, 2000
"... We have written hardware simulators in ACL2 in order to unify highspeed simulators and formal analysis models [2, 7]. The techniques used for these simulators extend to other kinds of software, which we demonstrate in this paper by implementing a much faster version of an algorithm for graph pathfin ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
We have written hardware simulators in ACL2 in order to unify highspeed simulators and formal analysis models [2, 7]. The techniques used for these simulators extend to other kinds of software, which we demonstrate in this paper by implementing a much faster version of an algorithm for graph pathfinding previously verified by J Moore using ACL2 [5]. This exercise also highlights a weakness in ACL2: the occasional need to add computational complexity to functions in order to admit them to the logic.
N.: Formal verification of a combination decision procedure
 18th International Conference on Automated Deduction (CADE), Lecture Notes in Computer Science
, 2002
"... Abstract. Decision procedures for combinations of theories are at the core of many modern theorem provers such as ACL2, Ehdm, PVS, SIMPLIFY, the Stanford Pascal Verifier, STeP, SVC, and Z/Eves. Shostak, in 1984, published a decision procedure for the combination of canonizable and solvable theories ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
Abstract. Decision procedures for combinations of theories are at the core of many modern theorem provers such as ACL2, Ehdm, PVS, SIMPLIFY, the Stanford Pascal Verifier, STeP, SVC, and Z/Eves. Shostak, in 1984, published a decision procedure for the combination of canonizable and solvable theories. Recently, Ruess and Shankar showed Shostak’s method to be incomplete and nonterminating, and presented a correct version of Shostak’s algorithm along with informal proofs of termination, soundness, and completeness. We describe a formalization and mechanical verification of these proofs using the PVS verification system. The formalization itself posed significant challenges and the verification revealed some gaps in the informal argument. 1
From verified models to verifiable code
, 2009
"... science. The NASA scientific and technical ..."
(Show Context)