lightweight proof by reflection using a posteriori
play

Lightweight proof by reflection using a posteriori simulation of - PowerPoint PPT Presentation

Mar 24, 2023 •251 likes •882 views

Lightweight proof by reflection using a posteriori simulation of effectful computation Guillaume Claret 1 Lourdes del Carmen Gonzlez Huesca 1 Yann Rgis-Gianas 1 Beta Ziliani 2 lgonzale@pps.univ-paris-diderot.fr 1 PPS, team r 2 (University

  1. Lightweight proof by reflection using a posteriori simulation of effectful computation Guillaume Claret 1 Lourdes del Carmen González Huesca 1 Yann Régis-Gianas 1 Beta Ziliani 2 lgonzale@pps.univ-paris-diderot.fr 1 PPS, team π r 2 (University Paris Diderot, CNRS, and INRIA) 2 Max Planck Institute for Software Systems (MPI-SWS) TYPES April 24, 2013 1 / 25

  2. Lightweight proof by reflection using a posteriori simulation of effectful computation 2 / 25

  3. Lightweight proof by reflection using a posteriori simulation of effectful computation 3 / 25

  4. Running example How should we prove the following equivalence? H 1 : A 11 „ A 12 A 21 „ A 22 H 2 : . . . A n 1 „ A n 2 H n : A 1 A „ 4 / 25

  5. Running example How should we prove the following equivalence? Manually using a script? H 1 : A 11 „ A 12 A 21 „ A 22 H 2 : . . . A n 1 „ A n 2 H n : A 1 A „ 4 / 25

  6. Running example How should we prove the following equivalence? Using a decision procedure ? H 1 : A 11 „ A 12 A 21 „ A 22 H 2 : . . . A n 1 „ A n 2 H n : A 1 A „ 4 / 25

  7. Running example : A decision procedure in pseudo-code let is_equivalent (hs, (i, j)) : bool = iter ( fun (i,j) -> union i j) hs; return (find i == find j) where " union i j merges the equivalence classes of i and j returns the unique representative of i find i 5 / 25

  8. How can we put this decision procedure in work? 6 / 25

  9. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 7 / 25

  10. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 7 / 25

  11. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. p hs , p i , j qq : list p atom ˆ atom q ˆ p atom ˆ atom q where atom is a type with decidable equality 7 / 25

  12. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 7 / 25

  13. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. I (hs, (i, j)) : Prop. 7 / 25

  14. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 7 / 25

  15. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. D p hs , p i , j qq : bool . Critical: How should we implement union and find ? 7 / 25

  16. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 4. Prove the soundness of D 7 / 25

  17. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 4. Prove the soundness of D sound : @ x : B , D x “ true Ñ I x. if D p hs , p i , j qq “ true then a „ a 1 Critical: The development cost of this proof depends on the implementation choice for union and find . 7 / 25

  18. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R sound Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 4. Prove the soundness of D For a specific instance b “ R p P q , the proof-term for I b has the form: ` ` ˘˘ sound b refl_eq D p b q 7 / 25

  19. Recipe for a proof by reflection D R p P q : B D p R p P qq : bool R sound Original Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write the decision procedure D : B Ñ bool in Coq. 4. Prove the soundness of D For a specific instance b “ R p P q , the proof-term for I b has the form: ` ` ˘˘ sound b refl_eq D p b q This term has type I b only if D b is convertible to true. 7 / 25

  20. Original proof by reflection A certified decision procedure written in a total language is a robust tool for the proof developer. But, it has a high cost of development , often leading to simplifications destroying efficiency. 8 / 25

  21. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 9 / 25

  22. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 9 / 25

  23. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 9 / 25

  24. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 9 / 25

  25. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. D : B Ñ C Critical: D gives a certificate that must be checked. 9 / 25

  26. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. 9 / 25

  27. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. check : @ x : B , C Ñ bool 9 / 25

  28. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. 5. Prove the soundness of the checker 9 / 25

  29. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R sound check . check Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. 5. Prove the soundness of the checker sound check : @ x : B , y : C , check x y “ true Ñ I x 9 / 25

  30. Recipe for a proof by reflection with an untrusted oracle D R p P q : B D p R p P qq : C in OCaml R sound check . check Oracle Proof by Reflection P : Prop I p R p P qq : Prop ” conv ? : P ∆ : P 1. Define a type B for the targeted class of problems in Coq. 2. Write an interpretation function I : B Ñ Prop. 3. Write an (untrusted) oracle D in ML. 4. Write a simple certificate checker in Coq. 5. Prove the soundness of the checker For a specific instance b “ R p P q , a proof-term for I b has the form: ` ` ˘˘ sound check b D p b q refl_eq check D p b q 9 / 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Type Theory Proof by reflection Marene Dimmendaal, Pleun Koldewijn Overview - What is proof

Type Theory Proof by reflection Marene Dimmendaal, Pleun Koldewijn Overview - What is proof

Type Theory Proof by reflection Marene Dimmendaal, Pleun Koldewijn Overview - What is proof by reflection? - The two main classes: - Direct computation proofs - Algebraic computation proofs - Example Direct proof - Example

483 views • 37 slides
Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1. About Think Lightweight 2. What are Lightweight Structures? 3. Industry Applications 4. Product Line Review 5. Think Lightweight Component

832 views • 43 slides
A Small Reflection On Group Automorphisms Franc ois Garillot Mathematical Components

A Small Reflection On Group Automorphisms Franc ois Garillot Mathematical Components

A Small Reflection On Group Automorphisms Franc ois Garillot Mathematical Components Microsoft Research - INRIA Joint Centre Orsay, France 1 The Coq Proof Assistant 2 The Coq Proof Assistant + SSReflect V 1.1 : Just released !

761 views • 40 slides
Reflection ranks and proof theoretic ordinals (based on joint work with James Walsh) Fedor

Reflection ranks and proof theoretic ordinals (based on joint work with James Walsh) Fedor

Reflection ranks and proof theoretic ordinals (based on joint work with James Walsh) Fedor Pakhomov Steklov Mathematical Institute, Moscow pakhf@mi.ras.ru Logic Colloquium 2018, Udine 24 July 2018 Con -Order def U proves consistence

407 views • 16 slides
Evidence for a posteriori security Alexander Hicks, Steven J. Murdoch University College London

Evidence for a posteriori security Alexander Hicks, Steven J. Murdoch University College London

Evidence for a posteriori security Alexander Hicks, Steven J. Murdoch University College London Evidence? Liability Accountability Law Due process Auditability Verifiability Integrity Proof

448 views • 15 slides
Topic 9: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 9: Lighting & Reflection models Lighting & reflection The Phong reflection

9/10/2016 Topic 9: Lighting & Reflection models Lighting & reflection The Phong reflection model diffuse component ambient component specular component Spot the differences Terminology Illumination The transport

339 views • 5 slides
The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will revolutionise the international high-rise construction industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight

417 views • 12 slides
Topic 10: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 10: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 10: Lighting & Reflection models Lighting & reflection The Phong reflection model diffuse component ambient component specular component Spot the differences Terminology Illumination The transport of

1.08k views • 30 slides
Topic 8: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 8: Lighting & Reflection models Lighting & reflection The Phong reflection

Topic 8: Lighting & Reflection models Lighting & reflection The Phong reflection model diffuse component ambient component specular component Showtime Logistics Welcome back Professor Singh is away for the

1.24k views • 87 slides
Scalable Semidefinite Relaxation for Maximum A Posteriori Estimation Qixing Huang, Yuxin Chen, and

Scalable Semidefinite Relaxation for Maximum A Posteriori Estimation Qixing Huang, Yuxin Chen, and

ICML 2014, Beijing Scalable Semidefinite Relaxation for Maximum A Posteriori Estimation Qixing Huang, Yuxin Chen, and Leonidas Guibas Stanford University Page 1 Maximum A Posteriori (MAP) Inference Markov Random Field (MRF) w i :

777 views • 33 slides
On the use of a Second Moment Equation for A Posteriori Error Estimate in CFD University of

On the use of a Second Moment Equation for A Posteriori Error Estimate in CFD University of

On the use of a Second Moment Equation for A Posteriori Error Estimate in CFD University of Manchester EngD Stuart Russant Supervisors: D. Laurence, H. Iacovides On the use of a Second Moment Equation for A Posteriori Error Estimate in CFD

388 views • 26 slides
The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept will revolutionise the aviation industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight applications Patent Applied For

479 views • 12 slides
Set-theoretical aspects of proof theory via Turing progressions Joost J. Joosten Universitat de

Set-theoretical aspects of proof theory via Turing progressions Joost J. Joosten Universitat de

A personal note Proof Theory Turing progressions and ordinal analysis Set-theoretical aspects of proof theory via Turing progressions Joost J. Joosten Universitat de Barcelona Saturday 17-11-2018 Reflections on Set-Theoretic Reflection,

1.12k views • 96 slides
3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof

Griffith University 3515ICT Theory of Computation Some sample proofs 4-0 Proof types 1. Proof by construction 2. Proof by equivalence 3. Proof by contradiction 4. Proof by case analysis 5. Proof by induction

549 views • 11 slides
Specular Reflection CS418 Computer Graphics John C. Hart Diffuse Reflection diffuse reflection

Specular Reflection CS418 Computer Graphics John C. Hart Diffuse Reflection diffuse reflection

Specular Reflection CS418 Computer Graphics John C. Hart Diffuse Reflection diffuse reflection Specular Reflection diffuse reflection diffuse + specular reflection Specular Reflection n v l Specular gleem is a diffused mirror

860 views • 19 slides
New Lightweight DES Variants Suited for RFID Applications G. Leander, C. Paar, A. Poschmann, K.

New Lightweight DES Variants Suited for RFID Applications G. Leander, C. Paar, A. Poschmann, K.

New Lightweight DES Variants Suited for RFID Applications G. Leander, C. Paar, A. Poschmann, K. Schramm Workshop on Fast Software Encryption 2007 Outline Introduction Why lightweight? Why choose DES? DESL: DES Lightweight Why change DES?

364 views • 12 slides
q t

q t

q t r Prr t tt r t q t

437 views • 11 slides
Cloudster K -means algorithm for cloud computing {stephane.caron, guillaume.claret,

Cloudster K -means algorithm for cloud computing {stephane.caron, guillaume.claret,

Cloudster ? Design User interaction Future enhancements Cloudster K -means algorithm for cloud computing {stephane.caron, guillaume.claret, anisse.ismaili, jacques-henri.jourdan, michael.mathieu, mathieu.prevot, guillaume.seguin,

525 views • 14 slides
Claret Using Data Types for High Contention Distributed Transactions Brandon Holt, Irene Zhang,

Claret Using Data Types for High Contention Distributed Transactions Brandon Holt, Irene Zhang,

Claret Using Data Types for High Contention Distributed Transactions Brandon Holt, Irene Zhang, Dan Ports, Mark Oskin, Luis Ceze PaPoC15 @ EuroSys Brandon Holt @holtbg At #EuroSys right now! EuroSys 2015 @EuroSys2015

1.05k views • 48 slides
using drupal to build customized tools for J.L.C. GRAPHIC DESIGNS & MARKETING CONCEPTS your

using drupal to build customized tools for J.L.C. GRAPHIC DESIGNS & MARKETING CONCEPTS your

using drupal to build customized tools for J.L.C. GRAPHIC DESIGNS & MARKETING CONCEPTS your clients LESS MORE HAPPY { time } { money } { clients } Drupal Camp Ohio 2011 | December 3rd | jenna lynn colbaugh Tuesday, December 6, 11

598 views • 35 slides
Compositional Computational Reflection Gregory Malecha Adam Chlipala Thomas Braibant

Compositional Computational Reflection Gregory Malecha Adam Chlipala Thomas Braibant

Compositional Computational Reflection Gregory Malecha Adam Chlipala Thomas Braibant gmalecha@cs.harvard.edu Harvard SEAS MIT CSAIL Inria July 17, 2014 MirrorShard (ITP14) 1 / 13 Program Verification in Bedrock [Chl11] Imperative

653 views • 52 slides
Tools for Scalable Data Mining XANDA SCHOFIELD CS 6410 11/13/2014 1. Astrolabe Large,

Tools for Scalable Data Mining XANDA SCHOFIELD CS 6410 11/13/2014 1. Astrolabe Large,

Tools for Scalable Data Mining XANDA SCHOFIELD CS 6410 11/13/2014 1. Astrolabe Large, eventually- consistent distributed system [Source: Wikipedia] ROBERT VAN RENESSE, KEN BIRMAN, WERNER VOGELS The Problem How do we quickly find out

823 views • 35 slides
Inclusion in Preschool Highlights of Key Considera;ons Ann

Inclusion in Preschool Highlights of Key Considera;ons Ann

12/7/17 Inclusion in Preschool Highlights of Key Considera;ons Ann Kremer & Emily Ropars www.eclre.org Evidenced Adapta;ons Based Collabora;on &

398 views • 4 slides
FE FE Minut inute! e! Cornell Design Standards and Details are available again! Here is

FE FE Minut inute! e! Cornell Design Standards and Details are available again! Here is

FE FE Minut inute! e! Cornell Design Standards and Details are available again! Here is the URL: https://fcs.cornell.edu/cornell- design-standards Log-in Now Required! Non- Cornell User: hit the second button! Login! (and

122 views • 8 slides

More recommend