1 / 32

Tool Support for proof Engineering

Tool Support for proof Engineering. Anne Mulhern. Ben Liblit. Charles Fischer. Anne Mulhern Computer Sciences Department University of Wisconsin-Madison Madison, WI USA mulhern@cs.wisc.edu www.cs.wisc.edu/~mulhern. Size of Proofs. Certified C compiler in Coq [Leroy et al]

bryant
Download Presentation

Tool Support for proof Engineering

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Tool Support for proof Engineering Anne Mulhern Ben Liblit Charles Fischer Anne Mulhern Computer Sciences Department University of Wisconsin-Madison Madison, WI USA mulhern@cs.wisc.edu www.cs.wisc.edu/~mulhern

  2. Size of Proofs • Certified C compiler in Coq [Leroy et al] • Compiler + proof that compiler preserves semantics • Back-end • One man-year • 35,000 lines of Coq scripts, definitions, and tactics • Front-end • 3/4 man-year • 6,000 lines of Coq scripts, definitions, and tactics Tool Support for Proof Engineering

  3. Proof Material/Definitions Formal Certification of a Compiler Back-end or: Programming a Compiler with a Proof Assistant [Xavier Leroy, POPL 2006] Tool Support for Proof Engineering

  4. Proof Objects/Proof Scripts • Proof objects can be an order of magnitude larger than proof scripts • Factors • Down • Good modularization • Up • Powerful tactics • Good use of hints Tool Support for Proof Engineering

  5. Size of Linux Kernel • 1991 - 10,000 lines • 1996 - 800,000 lines • 2001 - 3 million lines • 2006 - 7 million lines Tool Support for Proof Engineering

  6. Integrated Proof Environment • Abbreviated as IPE • Similar to an IDE (Integrated Development Environment) • Uncommon Tool Support for Proof Engineering

  7. This is a position paper tools and techniques from IDEs can be transferred to IPEs tools and techniques from IDEs should be transferred to IPEs Tool Support for Proof Engineering

  8. Outline • Motivation • Tools and Techniques • Mechanisms Tool Support for Proof Engineering

  9. Outline • Motivation • Tools and Techniques • Mechanisms Tool Support for Proof Engineering

  10. Motivation • Programming languages are my specialty • Formal proofs of programming language properties • The POPLmark challenge • Generation of certified programs by extraction • Formal Certification of a Compiler Back-end or: Programming a Compiler with a Proof Assistant [Xavier Leroy, POPL 2006] Tool Support for Proof Engineering

  11. PL Proofs are different • Proofs should be easy to modify and reuse • For certified programs: structure of the generated proof matters • Proofs frequently proceed by induction • Inductive theorems are particularly challenging • On Strategies for Inductive Theorem Proving [Bernhard Gramlich, Strategies 2004 Invited Talk] Tool Support for Proof Engineering

  12. Proofs are Programs • Theory • Curry-Howard isomorphism • Practice • Extend • Refactor • Debug • We can tackle similar problems with similar techniques Tool Support for Proof Engineering

  13. PhoX Minlog HOL ACL2 Mizar Coq B method IMPS Theorema Alfa/Agda PVS Isabelle/Isar Otter/Ivy Metamath Lego Nuprl Omega “The Seventeen Provers of the World” [Wiedjik] Tool Support for Proof Engineering

  14. Outline • Motivation • Tools and Techniques • Mechanisms Tool Support for Proof Engineering

  15. Tools and Techniques • Common Conveniences • Proof Visualization in the Large • Navigation by Derivation Tool Support for Proof Engineering

  16. Common Conveniences in IDEs • Multiple Views for understanding and navigation • Collapsed and expanded text • Outline Views • And so forth • Automatic Refactoring • Rewriting while preserving meaning or behavior Tool Support for Proof Engineering

  17. Legend Tool Support for Proof Engineering

  18. Tool Support for Proof Engineering

  19. Common Conveniences in IPEs Tool Support for Proof Engineering

  20. Make Variable Implicit • Variables whose value can be inferred from the type of other variables may be made implicit • If a variable is implicit its value mustnot be given • To make a variable implicit • Make implicit in definition • Change all uses of definition Tool Support for Proof Engineering

  21. Tools and Techniques • Common Conveniences • Proof Visualization in the Large • Navigation by Derivation Tool Support for Proof Engineering

  22. Software Visualization in the Large • Ball and Eick, 1996 • Unary properties • Color • Large projects • Multiple files Tool Support for Proof Engineering

  23. Software Visualization in the Large [Ball and Eick, 1996] Tool Support for Proof Engineering

  24. Proof Visualization in the Large • Lemma “hot spots” • Revision information • Proportion of proofs to definitions • Goal depth Tool Support for Proof Engineering

  25. Goal depth {      Tool Support for Proof Engineering

  26. Tools and Techniques • Common Conveniences • Proof Visualization in the Large • Navigation by Derivation Tool Support for Proof Engineering

  27. Tool Support for Proof Engineering

  28. Navigation by Derivation • No obvious analog currently in IDEs but… • Numerous instances where original line numbering is preserved • Parsers map to grammar file line numbers • gcc maps to source file line numbers • Source/assembly navigation tool desirable Tool Support for Proof Engineering

  29. Outline • Motivation • Tools and Techniques • Mechanisms Tool Support for Proof Engineering

  30. Mechanisms • Textual Analysis on proofs or scripts • Multiple Views • Compiler/Debugger techniques • Navigation by derivation • Both • Refactoring • Proof visualization in the large Tool Support for Proof Engineering

  31. Summary • IPEs non-existent • Proofs must be managed • Technology already exists • Considerable theoretical possibilities Tool Support for Proof Engineering

  32. Tool Support for proof Engineering Anne Mulhern Ben Liblit Charles Fischer Anne Mulhern Computer Sciences Department University of Wisconsin-Madison Madison, WI USA mulhern@cs.wisc.edu www.cs.wisc.edu/~mulhern

More Related