CML Theorem Prover Simon Foster 2nd Review Brussels, 21 November, 2013 Deliverable: D33.2 (m24) www.compass-research.eu
Theorem Prover Usage • CML specifications to be verified by the COMPASS tool • type-checking alone is insufficient to ensure correctness • further proof obligations need to be satisfied “does this function input satisfy the pre-condition?” “has variable x been assigned at this point?” “does my loop terminate?” • answering this requires use of a theorem prover • mechanically provides proof or counterexamples of these 20/11/2013 27
Approach Proof Tools • Interactive: Isabelle, Coq, PVS, Agda, ACL2 • Automated: E, Prover9, SPASS, Vampire, Z3 • Bespoke: KeY, Rodin, Boogie Our Approach • creating a theorem prover from scratch an onerous task • embed CML semantics (D23.4) into off-the-shelf tool • adapt and make use of existing native proof facilities • our tool of choice: Isabelle/HOL 20/11/2013 28
Isabelle/HOL • proof assistant for Higher Order Logic • the Eclipse of the theorem proving world Automated Proof � blast: automated classical deduction � sledgehammer: integration of automated theorem proving � nitpick: counterexample generator Dependable Technology � Over twenty years of development � Significant library of formal proofs (cf. AFP) � Secure – proofs are constructed against a small logical core 20/11/2013 29
Mechanised Theory Library • Isabelle/UTP: mechanised semantic proof framework for CML • > 250 algebraic laws of programming mechanised • standard first-order predicate theory • imperative programming (relations) – algebraic theories: Relation Algebra, Kleene Algebra, Complete Lattices • correctness: refinement, Hoare logic, wp calculus • designs: P ⊢ Q , basis for SoS contractual obligations • systems of systems: reactive processes, CSP, CML actions 20/11/2013 30
Integration with COMPASS tool 20/11/2013 31
Theorem Prover Demo Video 20/11/2013 32
Theorem Prover Conclusions Main Achievements • substantial theory library mechanised in Isabelle/UTP • theoretical underpinnings of CML made applicable • automated proof tactics for discharging conjectures • highly extensible – supports a variety of semantic theories Future Work • link to CML proof obligation generator underway • future basis for SoS verification through SysML translation • Formal underpinnings for CML contracts through refinement 20/11/2013 33
Recommend
More recommend
