interactive theorem proving in industry
play

Interactive Theorem Proving in Industry John Harrison Intel - PowerPoint PPT Presentation

Oct 06, 2022 •335 likes •1.16k views

Interactive Theorem Proving in Industry John Harrison Intel Corporation 16 April 2012 1 Milner on automation and interaction I wrote an automatic theorem prover in Swansea for myself and became shattered with the difficulty of doing anything

  1. Interactive Theorem Proving in Industry John Harrison Intel Corporation 16 April 2012 1

  2. Milner on automation and interaction I wrote an automatic theorem prover in Swansea for myself and became shattered with the difficulty of doing anything interesting in that direction and I still am. I greatly admired Robinson’s resolution principle, a wonderful breakthrough; but in fact the amount of stuff you can prove with fully automatic theorem proving is still very small. So I was always more interested in amplifying human intelligence than I am in artificial intelligence. 2

  3. Automated theorem proving The 1970s and 1980s saw intense interest in purely automated theorem proving techniques: 3

  4. Automated theorem proving The 1970s and 1980s saw intense interest in purely automated theorem proving techniques: ◮ Robinson’s resolution method and other techniques for first-order logic ◮ Knuth-Bendix completion for equational logic ◮ Boyer-Moore style automation of inductive proof ◮ Shostak and Nelson-Oppen work on cooperating decision procedures, congruence closure 3

  5. Automated theorem proving The 1970s and 1980s saw intense interest in purely automated theorem proving techniques: ◮ Robinson’s resolution method and other techniques for first-order logic ◮ Knuth-Bendix completion for equational logic ◮ Boyer-Moore style automation of inductive proof ◮ Shostak and Nelson-Oppen work on cooperating decision procedures, congruence closure However, when the power of such methods began to plateau, it was hard to make further progress and the field stagnated somewhat. 3

  6. Interactive theorem proving Robin Milner was instrumental in emphasizing interactive techniques. 4

  7. Interactive theorem proving Robin Milner was instrumental in emphasizing interactive techniques. ◮ Milner’s original research on Edinburgh LCF spurred an explosion of LCF-stype theorem provers. 4

  8. Interactive theorem proving Robin Milner was instrumental in emphasizing interactive techniques. ◮ Milner’s original research on Edinburgh LCF spurred an explosion of LCF-stype theorem provers. ◮ Such systems could be extended by programming without compromising reliability. 4

  9. Interactive theorem proving Robin Milner was instrumental in emphasizing interactive techniques. ◮ Milner’s original research on Edinburgh LCF spurred an explosion of LCF-stype theorem provers. ◮ Such systems could be extended by programming without compromising reliability. ◮ With the development of HOL, the system presented a conservatively constructed mathematical world into which other formalisms could be soundly embedded. 4

  10. Interactive theorem proving Robin Milner was instrumental in emphasizing interactive techniques. ◮ Milner’s original research on Edinburgh LCF spurred an explosion of LCF-stype theorem provers. ◮ Such systems could be extended by programming without compromising reliability. ◮ With the development of HOL, the system presented a conservatively constructed mathematical world into which other formalisms could be soundly embedded. This led to a renaissance of formalization of all kinds, in pure mathematics and verification. 4

  11. Further research on automated techniques However, many important improvements have been made in automation too: 5

  12. Further research on automated techniques However, many important improvements have been made in automation too: ◮ Powerful new decision procedures in algebra and geometry (Gr¨ obner bases, Wu’s method). 5

  13. Further research on automated techniques However, many important improvements have been made in automation too: ◮ Powerful new decision procedures in algebra and geometry (Gr¨ obner bases, Wu’s method). ◮ Efficient model checking algorithms for tempoeral logic. 5

  14. Further research on automated techniques However, many important improvements have been made in automation too: ◮ Powerful new decision procedures in algebra and geometry (Gr¨ obner bases, Wu’s method). ◮ Efficient model checking algorithms for tempoeral logic. ◮ Dazzling efficiency improvements in SAT (and now SMT) solvers makes them surprisingly useful in practice. 5

  15. Further research on automated techniques However, many important improvements have been made in automation too: ◮ Powerful new decision procedures in algebra and geometry (Gr¨ obner bases, Wu’s method). ◮ Efficient model checking algorithms for tempoeral logic. ◮ Dazzling efficiency improvements in SAT (and now SMT) solvers makes them surprisingly useful in practice. We are actively trying to combine the power of automated techniques with the generality and reliablity of interactive ones to produce the smoothest and most effective synthesis. 5

  16. Sound integration of multiple tools Current applications in both formal verification and the formalization of mathematics most naturally draw on a wide variety of tools. 6

  17. Sound integration of multiple tools Current applications in both formal verification and the formalization of mathematics most naturally draw on a wide variety of tools. ◮ Formal verification uses a wide range of tools including SAT and SMT solvers, model checkers and theorem provers 6

  18. Sound integration of multiple tools Current applications in both formal verification and the formalization of mathematics most naturally draw on a wide variety of tools. ◮ Formal verification uses a wide range of tools including SAT and SMT solvers, model checkers and theorem provers ◮ Some proofs in mathematics use linear programming, nonlinear optimization, computer algebra systems and other more ad hoc algorithms 6

  19. Sound integration of multiple tools Current applications in both formal verification and the formalization of mathematics most naturally draw on a wide variety of tools. ◮ Formal verification uses a wide range of tools including SAT and SMT solvers, model checkers and theorem provers ◮ Some proofs in mathematics use linear programming, nonlinear optimization, computer algebra systems and other more ad hoc algorithms ◮ May want to combine work done in different theorem provers, e.g. ACL2, Coq, HOL, Isabelle. 6

  20. Sound integration of multiple tools Current applications in both formal verification and the formalization of mathematics most naturally draw on a wide variety of tools. ◮ Formal verification uses a wide range of tools including SAT and SMT solvers, model checkers and theorem provers ◮ Some proofs in mathematics use linear programming, nonlinear optimization, computer algebra systems and other more ad hoc algorithms ◮ May want to combine work done in different theorem provers, e.g. ACL2, Coq, HOL, Isabelle. Ideally, we want to be able to retain the soundness guarantees we have grown used to from LCF. 6

  21. Intel’s diverse activities Intel is best known as a hardware company, and hardware is still the core of the company’s business. However this entails much more: ◮ Microcode ◮ Firmware ◮ Protocols ◮ Software 7

  22. Intel’s diverse activities Intel is best known as a hardware company, and hardware is still the core of the company’s business. However this entails much more: ◮ Microcode ◮ Firmware ◮ Protocols ◮ Software If the Intel  Software and Services Group (SSG) were split off as a separate company, it would be in the top 10 software companies worldwide. 7

  23. Intel’s diverse verification problems This gives rise to a corresponding diversity of verification problems, and of verification solutions. ◮ Propositional tautology/equivalence checking (FEV) ◮ Symbolic simulation ◮ Symbolic trajectory evaluation (STE) ◮ Temporal logic model checking ◮ Combined decision procedures (SMT) ◮ First order automated theorem proving ◮ Interactive theorem proving Integrating all these is a challenge! 8

  24. The Flyspeck project Hales’s Flyspeck project to formally verify his proof of the Kepler conjecture gives rise to similar problems, since it involves many components: 9

  25. The Flyspeck project Hales’s Flyspeck project to formally verify his proof of the Kepler conjecture gives rise to similar problems, since it involves many components: ◮ A large amoung of ordinary mathematical formalization (formalized in HOL Light) 9

  26. The Flyspeck project Hales’s Flyspeck project to formally verify his proof of the Kepler conjecture gives rise to similar problems, since it involves many components: ◮ A large amoung of ordinary mathematical formalization (formalized in HOL Light) ◮ Nonlinear optimization (using interval arithmetic and subdivision) 9

  27. The Flyspeck project Hales’s Flyspeck project to formally verify his proof of the Kepler conjecture gives rise to similar problems, since it involves many components: ◮ A large amoung of ordinary mathematical formalization (formalized in HOL Light) ◮ Nonlinear optimization (using interval arithmetic and subdivision) ◮ Linear programming (using standard LP tools) 9

  28. The Flyspeck project Hales’s Flyspeck project to formally verify his proof of the Kepler conjecture gives rise to similar problems, since it involves many components: ◮ A large amoung of ordinary mathematical formalization (formalized in HOL Light) ◮ Nonlinear optimization (using interval arithmetic and subdivision) ◮ Linear programming (using standard LP tools) ◮ Graph enumeration (proved using Isabelle/HOL and run in ML) 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Visual theorem proving with the Incredible Proof Machine The idea Theorem Proving without

Visual theorem proving with the Incredible Proof Machine The idea Theorem Proving without

Interactive Theorem Proving, Nancy August 22, 2016 Joachim Breitner Karlsruhe Institute of Technology University of Pennsylvania, Philadelphia Visual theorem proving with the Incredible Proof Machine The idea Theorem Proving without Syntax

579 views • 43 slides
On Theorem Proving for Program Checking Historical perspective and recent developments Maria

On Theorem Proving for Program Checking Historical perspective and recent developments Maria

Outline Introduction Where is theorem proving in program checking Inside theorem proving Big and little engines together: a new theorem proving style Decision procedures with speculative inferences Current and future challenges On Theorem

944 views • 69 slides
Static Analysis and Interactive Theorem Proving - A Match Made in Heaven ? Jael E. Kriener

Static Analysis and Interactive Theorem Proving - A Match Made in Heaven ? Jael E. Kriener

Introduction Static Analysis by Example Interactive Theorem Proving in Coq Bliss? - Not Quite Yet... Static Analysis and Interactive Theorem Proving - A Match Made in Heaven ? Jael E. Kriener University of Kent, Canterbury November 18, 2011

429 views • 25 slides
A Parallelized Theorem Prover for Interactive Theorem Proving David L. Rager, Warren A. Hunt Jr.,

A Parallelized Theorem Prover for Interactive Theorem Proving David L. Rager, Warren A. Hunt Jr.,

Introduction Parallelism Primitives Parallelizing ACL2 Evaluate Approach Conclusion A Parallelized Theorem Prover for Interactive Theorem Proving David L. Rager, Warren A. Hunt Jr., and Matt Kaufmann ragerdl@defthm.com, hunt@cs.utexas.edu,

835 views • 59 slides
Collaborative Interactive Theorem Proving with Clide Martin Ring, Christoph Lth ITP 2014,

Collaborative Interactive Theorem Proving with Clide Martin Ring, Christoph Lth ITP 2014,

Collaborative Interactive Theorem Proving with Clide Martin Ring, Christoph Lth ITP 2014, 15.07.2014, Vienna 1 [18] Motivation Interactive theorem proving can be lonesome. . . 2 [18] Motivation . . . but mathematics is a social activity!

709 views • 58 slides
A survey on Interactive Theorem Proving Andrea Asperti Department of Computer Science, University

A survey on Interactive Theorem Proving Andrea Asperti Department of Computer Science, University

Interactive theorem proving First generation ITPs Second generation ITPs Conclusion A survey on Interactive Theorem Proving Andrea Asperti Department of Computer Science, University of Bologna Mura Anteo Zamboni 7, 40127, Bologna, ITALY

958 views • 91 slides
Mechanical Theorem Proving in Tarskis Geometry. Julien Narboux under the supervision of Hugo

Mechanical Theorem Proving in Tarskis Geometry. Julien Narboux under the supervision of Hugo

Mechanical Theorem Proving in Tarskis Geometry. Julien Narboux under the supervision of Hugo Herbelin LIX, INRIA Futurs, Ecole Polytechnique 31/08/2006, Pontevedra, Spain Outline 1 Interactive proof / Automated theorem proving 2

1.1k views • 73 slides
Asynchronous processing of proof documents rethinking interactive theorem proving Makarius

Asynchronous processing of proof documents rethinking interactive theorem proving Makarius

Asynchronous processing of proof documents rethinking interactive theorem proving Makarius November 2007 1. Motivation 2. Document processing 3. Main agents: provers, editors, users Motivation General aims Support interactive

380 views • 18 slides
Combining Automated and Interactive Theorem Proving in Agda Anton Setzer (Joint work with Karim

Combining Automated and Interactive Theorem Proving in Agda Anton Setzer (Joint work with Karim

Combining Automated and Interactive Theorem Proving in Agda Anton Setzer (Joint work with Karim Kanso) May 21, 2010 1/ 38 1. An Introduction to Agda 2. Integrating Automated Theorem Proving into Agda 3. Defining the Mini SAT Solver in Agda

556 views • 38 slides
Theorem Proving and the Real Numbers Applications and Challenges Lawrence C Paulson 1.

Theorem Proving and the Real Numbers Applications and Challenges Lawrence C Paulson 1.

Theorem Proving and the Real Numbers Applications and Challenges Lawrence C Paulson 1. Interactive Theorem Proving A partial, biased history A UTOMATH L. S. van Benthem Jutting, Checking Landaus Grundlagen in the A UTOMATH

920 views • 37 slides
Parallel and asynchronous interactive theorem proving in Isabelle from READ-EVAL-PRINT to

Parallel and asynchronous interactive theorem proving in Isabelle from READ-EVAL-PRINT to

Parallel and asynchronous interactive theorem proving in Isabelle from READ-EVAL-PRINT to continuous processing of proof documents Makarius Wenzel Univ. Paris-Sud, Laboratoire LRI September 2013 Project Paral-ITP (ANR-11-INSE-001)

488 views • 46 slides
Reinforcement Learning for Interactive Theorem Proving in HOL4 Minchao Wu 1 Michael Norrish 1,2

Reinforcement Learning for Interactive Theorem Proving in HOL4 Minchao Wu 1 Michael Norrish 1,2

Reinforcement Learning for Interactive Theorem Proving in HOL4 Minchao Wu 1 Michael Norrish 1,2 Christian Walder 1,2 Amir Dezfouli 2 1 Research School of Computer Science Australian National University 2 Data61, CSIRO September 14, 2020

698 views • 49 slides
Interactive and Automatic Theorem Proving in the First Order Theory of Combinators Ana Bove 1 ,

Interactive and Automatic Theorem Proving in the First Order Theory of Combinators Ana Bove 1 ,

Introduction Agda as LF for FOL FOTC Mirror ABP FOTC vs DTP Interactive and Automatic Theorem Proving in the First Order Theory of Combinators Ana Bove 1 , Peter Dybjer 1 , Andrs Sicard-Ramrez 2 1 Chalmers tekniska hgskola, Gteborg,

574 views • 36 slides
Automated Theorem Proving 1/4: Introduction and Propositional Theorem Proving A.L. Lamprecht

Automated Theorem Proving 1/4: Introduction and Propositional Theorem Proving A.L. Lamprecht

Automated Theorem Proving 1/4: Introduction and Propositional Theorem Proving A.L. Lamprecht Course Program Semantics and Verfication 2020, Utrecht University September 21, 2020 Lecture Notes Automated Reasoning by Gerard A.W. Vreeswijk.

609 views • 40 slides
A Typed C11 Semantics for Interactive Theorem Proving Freek Wiedijk Robbert Krebbers ICIS,

A Typed C11 Semantics for Interactive Theorem Proving Freek Wiedijk Robbert Krebbers ICIS,

A Typed C11 Semantics for Interactive Theorem Proving Freek Wiedijk Robbert Krebbers ICIS, Radboud University Nijmegen, The Netherlands January 13, 2015 @ CPP, Mumbai, India 1 What is this C program supposed to do? int x = 0, y = 0, *p =

389 views • 16 slides
Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program

Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program

Automated Theorem Proving 2/4: First-Order Theorem Proving A.L. Lamprecht Course Program Semantics and Verfication 2020, Utrecht University September 23, 2020 Lecture Notes Automated Reasoning by Gerard A.W. Vreeswijk. Available for

1.03k views • 54 slides
VIPR: Verifying Integer Programming Results Ambros Gleixner, Zuse Institute Berlin 21st

VIPR: Verifying Integer Programming Results Ambros Gleixner, Zuse Institute Berlin 21st

joint work with Kevin Cheung and Daniel Steffy VIPR: Verifying Integer Programming Results Ambros Gleixner, Zuse Institute Berlin 21st Combinatorial Optimization Workshop Aussois January 9, 2017 1. Motivation and background van der

672 views • 42 slides
ProgLog workshop: Formalization of Mathematics Anders M ortberg Mar 7, 2014 What is being

ProgLog workshop: Formalization of Mathematics Anders M ortberg Mar 7, 2014 What is being

ProgLog workshop: Formalization of Mathematics Anders M ortberg Mar 7, 2014 What is being done in the area? Mathematical components: Formalization of the four color theorem and Feit-Thompson theorem in Coq / SSReflect Flyspeck: Formal

830 views • 36 slides
Two Obstacles to Strong Computer Support for Math 1 Low reasoning power of automated reasoning

Two Obstacles to Strong Computer Support for Math 1 Low reasoning power of automated reasoning

P ROGRESS IN A UTOMATING F ORMALIZATION Josef Urban Ji r Vysko cil Czech Technical University in Prague AITP 2017, Obergurgl March 27, 2017 1 / 26 Two Obstacles to Strong Computer Support for Math 1 Low reasoning power of automated

452 views • 26 slides
Sound auction specification and implementation Marco Caminati 1 Manfred Kerber 1 Christoph Lange 2

Sound auction specification and implementation Marco Caminati 1 Manfred Kerber 1 Christoph Lange 2

Sound auction specification and implementation Marco Caminati 1 Manfred Kerber 1 Christoph Lange 2 Colin Rowat 3 1 Computer Science, University of Birmingham 2 Fraunhofer IAS and University of Bonn 3 Economics, University of Birmingham 18 June,

507 views • 24 slides
On the Cruelty of Really Doing Formal Proofs John Harrison Intel Corporation Principia

On the Cruelty of Really Doing Formal Proofs John Harrison Intel Corporation Principia

On the Cruelty of Really Doing Formal Proofs John Harrison Intel Corporation Principia Mathematica anniversary symposium 27th November 2010 0 Principia and its discontents Principia Mathematica was the first sustained and successful actual

873 views • 39 slides
r tst t r

r tst t r

r tst t r s P r r

722 views • 36 slides
15-251 Great Ideas in Theoretical Computer Science Lecture 1.5: On proofs + How to succeed in

15-251 Great Ideas in Theoretical Computer Science Lecture 1.5: On proofs + How to succeed in

15-251 Great Ideas in Theoretical Computer Science Lecture 1.5: On proofs + How to succeed in 251 August 30th, 2017 Piazza poll What is your favorite TV show? - Game of Thrones - Breaking Bad - Seinfeld - Friends - The Wire - Sherlock

1.18k views • 72 slides
Graph Theory in Coq: Minors, Treewidth and Isomorphisms Damien Pous Christian Doczkal CNRS /

Graph Theory in Coq: Minors, Treewidth and Isomorphisms Damien Pous Christian Doczkal CNRS /

Graph Theory in Coq: Minors, Treewidth and Isomorphisms Damien Pous Christian Doczkal CNRS / LIP, ENS de Lyon, France Coq Workshop 2019 - September 8, 2019 Background Graph library published as part ITP 2018 paper: simple graphs, directed

1.11k views • 52 slides

More recommend