Download presentation

Presentation is loading. Please wait.

1
**Isabelle / HOL Theorem Proving System**

Quang M. Tran Isabelle / HOL Theorem Proving System Course: CAS760 Logic for Practical Use Instructor: Dr. William M. Farmer Department of Computing and Software McMaster University, ON, Hamilton, Canada

2
**Outline History overview**

Isabelle / HOL first taste: screenshot + Prove: rev (rev list) = list Isabelle / HOL: big picture + terminologies Natural deduction: Prove P v Q => Q v P Isabelle classical reasoner References + Conclusion Conclusion Isabelle / HOL

3
**History: All started with Robin Milner**

British computer scientist. 1972: Milner developed proof checker for Scott’s “Logic for Computable Functions” (LCF) at Stanford (known as “Stanford LCF” ). 1973: Milner moved to Edinburgh and started the successor project “LCF Edinburgh”. ML language is born in this time. 1981: Mike Gordon joined Cambridge and HOL was born. 1990s: Larry Paulson developed Isabelle. Milner Paulson Isabelle / HOL

4
**Isabelle / HOL first taste : Fun with (Toy)List**

(*ToyList.thy*) theory ToyList imports Datatype begin (*Datatype of list*) datatype 'a list = Nil ("[]") | Cons 'a "'a list" (infixr ":" 65) … (contd. next slide) CAS760: list as inductive data type, remember? Syntax annotation Official syntax [] Nil 10 : [] Cons 10 Nil 15 : 10 : [] Cons 15 (Cons 10 Nil) Isabelle / HOL

5
**Isabelle / HOL first taste (contd.)**

(*Functions on lists*) primrec concat :: "'a list => 'a list => 'a list" (infixr “++" 65) where "[] ++ ys = ys" | "(x : xs) ++ ys = x : (xs ++ ys)“ primrec rev :: "'a list => 'a list" where "rev [] = [] " | "rev (x : xs) = (rev xs) ++ (x : [])" “++” is defined by primitive recursion. Syntax annotation Official syntax (10 : []) ++ [] concat (Cons 10 Nil) Nil (10 : []) ++ (5 : []) concat (Cons 10 Nil) (5 : Nil) Isabelle / HOL

6
**Proof: rev (rev list) = list**

Main goal: rev(rev xs) = xs Subgoal 1: rev (rev []) = [] Simplifier can solve it: rev (rev []) = rev [] = [] Done! Subgoal 2: Forall a list. rev (rev list) = list => rev (rev (a : list)) = a : list Simplifier reduces to subgoal 2.1: Forall a list. rev (rev list) = list => rev (rev list ++ a : []) = a : list Generate subgoals Simplified Simplified … theorem rev_rev [simp]: "rev(rev xs) = xs” apply(induct_tac xs) (*Apply induction tactic*) apply(auto) (*Try to solve “automatically” using simplifier) Isabelle / HOL

7
**Proof (contd.) We need a lemma**

rev (xs ++ ys) = (rev ys) ++ (rev xs) Subgoal 1: rev ([] ++ ys) = rev ys ++ rev [] Subgoal 2: Forall a list. rev (list ++ ys) = rev ys ++ rev list => rev ((a : list) ++ ys) = rev ys ++ rev (a : list) a list. rev (list ++ ys) = rev ys ++ rev list => (rev ys ++ rev list) ++ a : [] = rev ys ++ rev list ++ a : [] Find subgoals … lemma rev_app [simp]: "rev(xs ++ ys) = (rev ys) ++ (rev xs)" apply(induct_tac xs) (*Apply induction tactic on xs*) apply(auto) (*Try to solve “automatically” using simplifier) Isabelle / HOL

8
**Complete Proof: rev(rev list) = list**

… lemma app_assoc [simp]: "(xs ++ ys) ++ zs = xs ++ (ys ++ zs)" apply(induct_tac xs) apply(auto) done lemma app_Nil2 [simp]: "xs ++ [] = xs" lemma rev_app [simp]: "rev(xs ++ ys) = (rev ys) ++ (rev xs)" theorem rev_rev [simp]: "rev(rev xs) = xs" We need to prove 3 supporting lemmas , i.e. “Backward” proof This is the theorem what we want to prove Isabelle / HOL

9
**Isabelle: big picture Proof General For Isabelle Isabelle / HOL**

(X)Emacs GUI for theorem provers A concrete Isabelle instance for Higher- Order-Logic (HOL) Proof General For Isabelle Isabelle / ZF Isabelle / HOL Isabelle / Your Logic Here Provides a generic infrastructure to develop theorem provers. Isabelle Isabelle / HOL

10
**Theorem proving terminologies**

Meaning Examples Theorem The formula we want to prove rev (rev list) = list Lemma Supporting (sub)theorems for proving the target theorem rev (xs ++ ys) = (rev ys) ++ (rev xs) Tactic Produces subgoals from a goal apply(induct_tac) Simplification The process of simplifying a term / formula by repeated application of rewrite rules rev (rev []) = rev [] = [] Isabelle / HOL

11
**Natural deduction By the German mathematician and logician Gentzen.**

Motivation: Logical formalism that occurs “naturally” (closely to human reasoning). Assume: “If pigs can fly, then there are green men on Mars” is true. You see a pig flies in Hamilton? Then there are green men on Mars! Gentzen Modus Ponens. This is true for arbitrary P, Q Isabelle / HOL

12
**Natural deduction: Inference rules**

Introduction (intro.) Elimination (elim.) Conjunction elim. Conjunction intro. Disjunction intro. Disjunction elim. Implication elim. (modus pones !) Implication intro. Isabelle / HOL

13
**Natural deduction (contd.)**

Introduction (intro.) Elimination (elim.) Existential quantifier intro. Existential quantifier elim. Universal quantifier intro. Universal quantifier elim. Isabelle / HOL

14
**Proof: P v Q => Q v P lemma disj_swap: "P v Q => Q v P"**

Applies disjunction elim. rule: lemma disj_swap: "P v Q => Q v P" apply (erule disjE) Subgoals: P => Q v P (1) Q => Q v P (2) apply (rule disjI2) Subgoal: P => P apply assumption (*Likewise for (2)*) apply (rule disjI1) done Applies disjunction intro. rule (2) : Isabelle / HOL

15
**Isabelle’s classical reasoner**

Working with primitive rules like before are tedious. Classical reasoner = a family of tools that perform proofs automatically. Examples: blast method. lemma disj_swap2: "P v Q => Q v P" apply (blast) No subgoals! Done! “blast“ can solve this automatically Isabelle / HOL

16
Proof: P v Q => Q v P Demo Isabelle / HOL

17
References Isabelle newcomers: A Proof Assistant for Higher-Order Logic, written by Isabelle authors e.g. C. Paulson, online PDF available. Historical development: From LCF to HOL: a short history , Mike Gordon and The next 700 Theorem Provers, C. Paulson. Theorem prover design techniques: Design a Theorem Prover, C. Paulson. Isabelle / HOL

18
**Conclusion: Should I bother with Isabelle?**

If you need computer-aided proofs, e.g. formal verification. If you want to deepen your knowledge in logics / mathematics / functional programming. If you have interest in mechanizing mathematics. … then the answer is Yes. Isabelle can be used as a tool to get work done or simply a platform to experiment and study. Isabelle / HOL

19
**Create your first workbook**

Acknowledgements The author is grateful to Tian Zhang, Eden Burton and Bojan Nokovic (ITB 206) for their very useful feedbacks while preparing this presentation. Create your first workbook

20
The End Comments? Questions? Isabelle / HOL

Similar presentations

OK

Case Study: Using PVS to Analyze Security Protocols Kyle Taylor.

Case Study: Using PVS to Analyze Security Protocols Kyle Taylor.

© 2018 SlidePlayer.com Inc.

All rights reserved.

To make this website work, we log user data and share it with processors. To use this website, you must agree to our Privacy Policy, including cookie policy.

Ads by Google