Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
ATZ-Fachkongress

Chassis.tech plus 2024


4 Kongresse in einer Veranstaltung

Treffen Sie in München die Fachleute von Chassis, Lenkung, Bremsen sowie Reifen/Räder.
Erweiterte Suche
Anmelden
nach oben

2002 | Buch

1. The Basics Kapitel lesen Erstes Kapitel lesen

Isabelle/HOL

A Proof Assistant for Higher-Order Logic

herausgegeben von: Tobias Nipkow, Markus Wenzel, Lawrence C. Paulson

Verlag: Springer Berlin Heidelberg

Buchreihe : Lecture Notes in Computer Science

Enthalten in: Professional Book Archive

Einloggen, um Zugang zu erhalten
insite
SUCHEN

Über dieses Buch

This volume is a self-contained introduction to interactive proof in high- order logic (HOL), using the proof assistant Isabelle 2002. Compared with existing Isabelle documentation, it provides a direct route into higher-order logic, which most people prefer these days. It bypasses ?rst-order logic and minimizes discussion of meta-theory. It is written for potential users rather than for our colleagues in the research world. Another departure from previous documentation is that we describe Markus Wenzel’s proof script notation instead of ML tactic scripts. The l- ter make it easier to introduce new tactics on the ?y, but hardly anybody does that. Wenzel’s dedicated syntax is elegant, replacing for example eight simpli?cation tactics with a single method, namely simp, with associated - tions. The book has three parts. – The ?rst part, Elementary Techniques, shows how to model functional programs in higher-order logic. Early examples involve lists and the natural numbers. Most proofs are two steps long, consisting of induction on a chosen variable followed by the auto tactic. But even this elementary part covers such advanced topics as nested and mutual recursion. – The second part, Logic and Sets, presents a collection of lower-level tactics that you can use to apply rules selectively. It also describes I- belle/HOL’s treatment of sets, functions, and relations and explains how to de?ne sets inductively. One of the examples concerns the theory of model checking, and another is drawn from a classic textbook on formal languages.

Inhaltsverzeichnis

Frontmatter

Elementary Techniques

1. The Basics
Abstract
This book is a tutorial on how to use the theorem prover Isabelle/HOL as a specification and verification system. Isabelle is a generic system for implementing logical formalisms, and Isabelle/HOL is the specialization of Isabelle for HOL,which abbreviates Higher-Order Logic. We introduce HOL step by step following the equation HOL = Functional Programming+ Logic.
We do not assume that you are familiar with mathematical logic. However,we do assume that you are used to logical and set theoretic notation,as covered in a good discrete mathematics course [31],and that you are familiar with the basic concepts of functional programming [5],[13],[27],[32] . Although this tutorial initially concentrates on functional programming, do not be misled: HOL can express most mathematical concepts, and functional programming is just one particularly simple and ubiquitous instance.
Isabelle [26] is implemented in ML [17]. This has influenced some of Isabelle/ HOL’s concrete syntax but is otherwise irrelevant for us: this tutorial is based on Isabelle/Isar [33],an extension of Isabelle which hides the implementation language almost completely. Thus the full name of the system should be Isabelle/Isar/HOL, but that is a bit of a mouthful.
There are other implementations of HOL,in particular the one by Mike Gordon et al.,which is usually referred to as “the HOL system” [10]. For us,HOL refers to the logical system, and sometimes its incarnation Isabelle/ HOL.
2. Functional Programming in HOL
Abstract
This chapter describes how to write functional programs in HOL and how to verify them. However, most of the constructs and proof procedures introduced are general and recur in any specification or verification task. We really should speak of functional modelling rather than functional programming: ou r primary aim is not to write programs but to design abstract models of systems. HOL is a specification language that goes well beyond what can be expressed as a program. However, for the time being we concentrate on the computable.
If you are a purist functional programmer, please note that all functions in HOL must be total:they must terminate for all inputs. Lazy data structures are not directly available.
3. More Functional Programming
Abstract
The purpose of this chapter is to deepen your understanding of the concepts encountered so far and to introduce advanced forms of datatypes and recursive functions. The first two sections give a structured presentation of theorem proving by simplification (Sect. 3.1) and discuss important heuristics for induction (Sect. 3.2). You can skip them if you are not planning to perform proofs yourself. We then present a case study: a compiler for expressions (Sect. 3.3). Advanced datatypes, including those involving function spaces, are covered in Sect. 3.4; it closes with another case study, search trees (“tries”). Finally we introduce recdef, a general form of recursive function definition that goes well beyond primrec (Sect. 3.5).
4. Presenting Theories
Abstract
By now the reader should have become su.ciently acquainted with elementary theory development in Isabelle/HOL. The followingin terlude describes how to present theories in a typographically pleasing manner. Isabelle provides a rich infrastructure for concrete syntax of the underlying π-calculus language (see Sect. 4.1), as well as document preparation of theory texts based on existingPD F-LATEX technology (see Sect. 4.2).
As pointed out by Leibniz more than 300 years ago, notions are in principle more important than notations, but suggestive textual representation of ideas is vital to reduce the mental effort to comprehend and apply them.

Logic and Sets

5. The Rules of the Game
Abstract
This chapter outlines the concepts and techniques that underlie reasoning in Isabelle. Until now, we have proved everything using only induction and simplification, but any serious verification project require more elaborate forms of inference. The chapter also introduces the fundamentals of predicate logic. The first examples in this chapter will consist of detailed, low-level proof steps. Later, we shall see how to automate such reasoning using the methods blast, auto and others. Backward or goal-directed proof is our usual style, but the chapter also introduces forward reasoning, where one theorem is transformed to yield another.
6. Sets, Functions, and Relations
Abstract
This chapter describes the formalization of typed set theory, which is the basis of much else in HOL. For example, an inductive definition yields a set, and the abstract theories of relations regard a relation as a set of pairs. The chapter introduces the well-known constants such as union and intersection, as well as the main operations on relations, such as converse, composition and transitive closure. Functions are also covered. They are not sets in HOL, but many of their properties concern sets: the range of a function is a set, and the inverse image of a function maps sets to sets.
This chapter will be useful to anybody who plans to develop a substantial proof. sets are convenient for formalizing computer science concepts such as grammars, logical calculi and state transition systems. Isabelle can prove many statements involving sets automatically.
This chapter ends with a case study concerning model checking for the temporal logic CTL. Most of the other examples are simple. The chapter presents a small selection of built-in theorems in order to point out some key properties of the various constants and to introduce you to the notation.
Natural deduction rules are provided for the set theory constants, but they are seldom used directly, so only a few are presented here.
7. Inductively Defined Sets
Abstract
This chapter is dedicated to the most important definition principle after recursive functions and datatypes: inductively defined sets.
We start with a simple example: the set of even numbers. A slightly more complicated example, the reflexive transitive closure, is the subject of Sect. 7.2. In particular, some standard induction heuristics are discussed. Advanced forms of inductive definitions are discussed in Sect. 7.3. To demonstrate the versatility of inductive definitions, the chapter closes with a case study from the realm of context-free grammars. The first two sections are required reading for anybody interested in mathematical modelling.

Advanced Material

8. More about Types
Abstract
So far we have learned about a few basic types (for example bool and nat), type abbreviations (types) and recursive datatypes (datatype). This chapter will introduce more advanced material:
More about basic types: numbers (Sect. 8.1), pairs (Sect. 8.2) and records (Sect. 8.3), and how to reason about them.
Type classes: how to specify and reason about axiomatic collections of types (Sect. 8.4).
Introducing your own types: how to introduce new types that cannot be constructed with any of the basic methods (Sect. 8.5). The material in this section goes beyond the needs of most novices. Serious users should at least skim the sections on basic types and on type classes. The latter material is fairly advanced; read the beginning to understand what it is about, but consult the rest only when necessary.
9. Advanced Simplification, Recursion, and Induction
Abstract
Although we have already learned a lot about simplification, recursion and induction, there are some advanced proof techniques that we have not covered yet and which are worth learning. The three sections of this chapter are almost independent of each other and can be read in any order. Only the notion of congruence rules, introduced in the section on simplification, is required for parts of the section on recursion.
10. Case Study: Verifying a Security Protocol
Abstract
Communications security is an ancient art. Julius Caesar is said to have encrypted his messages, shifting each letter three places along the alphabet. Mary Queen of Scots was convicted of treason after a cipher used in her letters was broken. Today’s postal system incorporates security features. The envelope provides a degree of secrecy. The signature provides authenticity (proof of origin), as do departmental stamps and letterheads. Networks are vulnerable: messages pass through many computers, any of which might be controlled by an adversary, who thus can capture or redirect messages. People who wish to communicate securely over such a network can use cryptography, but if they are to understand each other, they need to follow a protocol : a pre-arranged sequence of message formats. Protocols can be attacked in many ways, even if encryption is unbreakable. A splicing attack involves an adversary’s sending a message composed of parts of several old messages. This fake message may have the correct format, fooling an honest party. The adversary might be able to masquerade as somebody else, or he might obtain a secret key.
Backmatter
Metadaten
Titel
Isabelle/HOL
herausgegeben von
Tobias Nipkow
Markus Wenzel
Lawrence C. Paulson
Copyright-Jahr
2002
Verlag
Springer Berlin Heidelberg
Electronic ISBN
978-3-540-45949-1
Print ISBN
978-3-540-43376-7
DOI
https://doi.org/10.1007/3-540-45949-9