Catálogo de publicaciones - libros

It is possible to represent the terms of a syntax with binding constructors by a family of types, indexed by the free variables that may occur. This approach has been used several times for the study of syntax and substitution, but never for the formalization of the metatheory of a typing system. We describe a recent formalization of the metatheory of Pure Type Systems in Coq as an example of such a formalization. In general, careful thought is required as to how each definition and theorem should be stated, usually in an unfamiliar ‘big-step’ form; but, once the correct form has been found, the proofs are very elegant and direct.

The prototype of a content based search engine for mathematical knowledge supporting a small set of queries requiring matching and/or typing operations is described. The prototype — called Whelp — exploits a metadata approach for indexing the information that looks far more flexible than traditional indexing techniques for structured expressions like substitution, discrimination, or context trees. The prototype has been instantiated to the standard library of the Coq proof assistant extended with many user contributions.

Most approaches to the formal analysis of cryptography protocols make the perfect cryptographic assumption, which entails for example that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to abandon the perfect cryptography hypothesis and reason about the computational cost of breaking a cryptographic scheme by achieving such goals as gaining information about the plaintext pertaining to a ciphertext without knowing the key. Such a view is permitted by non-standard computational models such as the Generic Model and the Random Oracle Model. Using the proof assistant Coq, we provide a machine-checked account of the Generic Model and the Random Oracle Model. We exploit this framework to prove the security of the ElGamal cryptosystem against adaptive chosen ciphertexts attacks.

We present a formalization of a constructive proof of weak normalization for the simply-typed -calculus in the theorem prover Isabelle/HOL, and show how a program can be extracted from it. Unlike many other proofs of weak normalization based on Tait’s strong computability predicates, which require a logic supporting strong eliminations and can give rise to dependent types in the extracted program, our formalization requires only relatively simple proof principles. Thus, the program obtained from this proof is typable in simply-typed higher-order logic as implemented in Isabelle/HOL, and a proof of its correctness can automatically be derived within the system.

This paper reports on the correctness proof of compiler optimizations based on data-flow analysis. We formulate the optimizations and analyses as instances of a general framework for data-flow analyses and transformations, and prove that the optimizations preserve the behavior of the compiled programs. This development is a part of a larger effort of certifying an optimizing compiler by proving semantic equivalence between source and compiled code.

We discuss two complete formalisations of bitonic sort in constructive type theory. Bitonic sort is one of the fastest sorting algorithms where the sequence of comparisons is not data-dependent. In addition, it is a general recursive algorithm. In the formalisation we face two main problems: only structural recursion is allowed in type theory, and a formal proof of the correctness of the algorithm needs to consider quite a number of cases. In our first formalisation we define bitonic sort over dependently-typed binary trees with information in the leaves and we make use of the 0-1-principle to prove that the algorithm sorts inputs of arbitrary types. In our second formalisation we use notions from linear orders, lattice theory and monoids. The correctness proof is directly performed for any ordered set and not only for Boolean values.

We propose a simple theory of monotone functions that is the basis for the implementation of a tactic that generalises one step conditional rewriting by “propagating” constraints of the form where the relation can be weaker than an equivalence relation. The constraints can be propagated only in goals whose conclusion is a syntactic composition of -ary functions that are monotone in each argument. The tactic has been implemented in the Coq system as a semi-reflexive tactic, which represents a novelty and an improvement over an earlier similar development for NuPRL.

A few interesting applications of the tactic are: reasoning in type theory about equivalence classes (by performing rewriting in well-defined goals); reasoning about reductions and properties preserved by reductions; reasoning about partial functions over equivalence classes (by performing rewriting in PERs); propagating inequalities by replacing a term with a smaller (greater) one in a given monotone context.

We give a formal model for a first order functional language to be executed on a stack machine and for a bytecode verifier that performs two kinds of static verifications : a type analysis and a shape analysis, that are part of a system used to ensure resource bounds. Both are instances of a general data flow analyzer due to Kildall. The generic algorithm and both of its instances are certified with the Coq proof assistant.

In the paper we show, based on two problems in general topology (Kuratowski closure-complement and Isomichi’s classification of condensed subsets), how typed objects can be used instead of untyped text to better represent mathematical content understandable both for human and computer checker. We present mechanism of attributes and clusters reimplemented in Mizar fairly recently to fit authors’ expectations. The problem of knowledge reusability which is crucial if we develop a large unified repository of mathematical facts, is also addressed.