EMTST: Engineering the Meta-theory of Session Types

Abstract Session types provide a principled programming discipline for structured interactions. They represent a wide spectrum of type-systems for concurrency. Their type safety is thus extremely important. EMTST is a tool to aid in representing and validating theorems about session types in the Coq proof assistant. On paper, these proofs are often tricky, and error prone. In proof assistants, they are typically long and difficult to prove. In this work, we propose a library that helps validate the theory of session types calculi in proof assistants. As a case study, we study two of the most used binary session types systems: we show the impossibility of representing the first system in $$\alpha $$-equivalent representations, and we prove type preservation for the revisited system. We develop our tool in the Coq proof assistant, using locally nameless for binders and small scale reflection to simplify the handling of linear typing environments.

Download Full-text

Ownership and Immutability in Coq

10.26686/wgtn.17142734.v1 ◽

2021 ◽

Author(s):

◽

Julian Mackay

Keyword(s):

Programming Languages ◽

Management System ◽

Type Systems ◽

Formal Proof ◽

Proof Assistant ◽

Significant Issue ◽

The Coq Proof Assistant ◽

Coq Proof Assistant

<p>A significant issue in modern programming languages is unsafe aliasing. Modern type systems have attempted to address this in two prominent ways; immutability and ownership, and often a combination of the two [4][17]. The goal of this thesis is to formalise Immutability and Ownership using the Coq Proof Assistant, a formal proof management system [13]. We encode three type systems using Coq; Featherweight Immutable Java, Featherweight Generic Java and Featherweight Ownership Generic Java, and prove them sound. We describe the challenges presented in encoding immutability, ownership and type systems in general in Coq.</p>

Download Full-text

Ownership and Immutability in Coq

10.26686/wgtn.17142734 ◽

2021 ◽

Author(s):

◽

Julian Mackay

Keyword(s):

Programming Languages ◽

Management System ◽

Type Systems ◽

Formal Proof ◽

Proof Assistant ◽

Significant Issue ◽

The Coq Proof Assistant ◽

Coq Proof Assistant

Download Full-text

Defining and Reasoning About Recursive Functions: A Practical Tool for the Coq Proof Assistant

Functional and Logic Programming - Lecture Notes in Computer Science ◽

10.1007/11737414_9 ◽

2006 ◽

pp. 114-129 ◽

Cited By ~ 26

Author(s):

Gilles Barthe ◽

Julien Forest ◽

David Pichardie ◽

Vlad Rusu

Keyword(s):

Proof Assistant ◽

Recursive Functions ◽

The Coq Proof Assistant ◽

Coq Proof Assistant ◽

Practical Tool

Download Full-text

Homotopy limits in type theory

Mathematical Structures in Computer Science ◽

10.1017/s0960129514000498 ◽

2015 ◽

Vol 25 (5) ◽

pp. 1040-1070 ◽

Cited By ~ 11

Author(s):

JEREMY AVIGAD ◽

KRZYSZTOF KAPULKIN ◽

PETER LEFANU LUMSDAINE

Keyword(s):

Homotopy Type ◽

Systematic Study ◽

Type Theory ◽

Proof Assistant ◽

Classical Approach ◽

Homotopy Type Theory ◽

The Coq Proof Assistant ◽

Homotopy Limits ◽

Coq Proof Assistant

Working in homotopy type theory, we provide a systematic study of homotopy limits of diagrams over graphs, formalized in the Coq proof assistant. We discuss some of the challenges posed by this approach to the formalizing homotopy-theoretic material. We also compare our constructions with the more classical approach to homotopy limits via fibration categories.

Download Full-text

Every bit counts: The binary representation of typed data and programs

Journal of Functional Programming ◽

10.1017/s0956796812000263 ◽

2012 ◽

Vol 22 (4-5) ◽

pp. 529-573 ◽

Cited By ~ 4

Author(s):

ANDREW J. KENNEDY ◽

DIMITRIOS VYTINIOTIS

Keyword(s):

Binary Data ◽

General Framework ◽

Binary Representation ◽

Proof Assistant ◽

A Value ◽

The Coq Proof Assistant ◽

Binary Encoding ◽

Coq Proof Assistant ◽

Definition Of ◽

Formal Properties

AbstractWe show how the binary encoding and decoding of typed data and typed programs can be understood, programmed and verified with the help of question–answer games. The encoding of a value is determined by the yes/no answers to a sequence of questions about that value; conversely, decoding is the interpretation of binary data as answers to the same question scheme. We introduce a general framework for writing and verifying game-based codecs. We present games in Haskell for structured, recursive, polymorphic and indexed types, building up to a representation of well-typed terms in the simply-typed λ-calculus with polymorphic constants. The framework makes novel use of isomorphisms between types in the definition of games. The definition of isomorphisms together with additional simple properties make it easy to prove that codecs derived from games never encode two distinct values using the same code, never decode two codes to the same value and interpret any bit sequence as a valid code for a value or as a prefix of a valid code. Formal properties of the framework have been proved using the Coq proof assistant.

Download Full-text

Skipping the binder bureaucracy with mixed embeddings in a semantics course (functional pearl)

Proceedings of the ACM on Programming Languages ◽

10.1145/3473599 ◽

2021 ◽

Vol 5 (ICFP) ◽

pp. 1-28

Author(s):

Adam Chlipala

Keyword(s):

Order Reduction ◽

Separation Logic ◽

Variable Binding ◽

Type Checking ◽

Session Types ◽

The Coq Proof Assistant ◽

Reduction Program ◽

Coq Proof Assistant ◽

Big Ideas ◽

Concurrent Separation Logic

Rigorous reasoning about programs calls for some amount of bureaucracy in managing details like variable binding, but, in guiding students through big ideas in semantics, we might hope to minimize the overhead. We describe our experiment introducing a range of such ideas, using the Coq proof assistant, without any explicit representation of variables, instead using a higher-order syntax encoding that we dub "mixed embedding": it is neither the fully explicit syntax of deep embeddings nor the syntax-free programming of shallow embeddings. Marquee examples include different takes on concurrency reasoning, including in the traditions of model checking (partial-order reduction), program logics (concurrent separation logic), and type checking (session types) -- all presented without any side conditions on variables.

Download Full-text

A formal approach for the verification of the permission-based security model of Android

CLEI electronic journal ◽

10.19153/cleiej.21.2.3 ◽

2018 ◽

Vol 21 (2) ◽

Author(s):

Carlos Luna ◽

Gustavo Betarte ◽

Juan Campo ◽

Camila Sanz ◽

Maximiliano Cristiá ◽

...

Keyword(s):

Formal Specification ◽

Control Policy ◽

Proof Assistant ◽

Security Model ◽

Access Control Policy ◽

Formal Approach ◽

Fundamental Properties ◽

The Coq Proof Assistant ◽

Coq Proof Assistant ◽

Security Properties

This article reports on our experiences in applying formal methods to verify the security mechanisms of Android. We have developed a comprehensive formal specification of Android's permission model, which has been used to state and prove properties that establish expected behavior of the procedures that enforce the defined access control policy. We are also interested in providing guarantees concerning actual implementations of the mechanisms. Therefore we are following a verification approach that combines the use of idealized models, on which fundamental properties are formally verified, with testing of actual implementations using lightweight model-based techniques. We describe the formalized model, present security properties that have been proved using the Coq proof assistant and propose the use of a certified algorithm for performing verification activities such as monitoring of actual implementations of the platform and also as a testing oracle.

Download Full-text

TacticToe: Learning to Reason with HOL4 Tactics

10.29007/ntlb ◽

2018 ◽

Cited By ~ 1

Author(s):

Thibault Gauthier ◽

Cezary Kaliszyk ◽

Josef Urban

Keyword(s):

Machine Learning ◽

Automated Reasoning ◽

Formal Proof ◽

Small Scale ◽

Proof Assistant ◽

Proof Assistants ◽

A Algorithm ◽

Learning To Reason ◽

Traditional Proof ◽

Selection Of

Techniques combining machine learning with translation to automated reasoning have recently become an important component of formal proof assistants. Such “hammer” techniques complement traditional proof assistant automation as implemented by tactics and decision procedures. In this paper we present a unified proof assistant automation approach which attempts to automate the selection of appropriate tactics and tactic-sequences combined with an optimized small-scale hammering approach. We implement the technique as a tactic-level automation for HOL4: TacticToe. It implements a modified A*-algorithm directly in HOL4 that explores different tactic-level proof paths, guiding their selection by learning from a large number of previous tactic-level proofs. Unlike the existing hammer methods, TacticToe avoids translation to FOL, working directly on the HOL level. By combining tactic prediction and premise selection, TacticToe is able to re-prove 39% of 7902 HOL4 theorems in 5 seconds whereas the best single HOL(y)Hammer strategy solves 32% in the same amount of time.

Download Full-text

The Marriage of Univalence and Parametricity

Journal of the ACM ◽

10.1145/3429979 ◽

2021 ◽

Vol 68 (1) ◽

pp. 1-44

Author(s):

Nicolas Tabareau ◽

Éric Tanter ◽

Matthieu Sozeau

Keyword(s):

Type Theory ◽

Program Verification ◽

Proof Assistants ◽

Computationally Efficient ◽

Lightweight Framework ◽

The Coq Proof Assistant ◽

Coq Proof Assistant ◽

Efficient Representation ◽

Term Dependency ◽

Work First

Reasoning modulo equivalences is natural for everyone, including mathematicians. Unfortunately, in proof assistants based on type theory, which are frequently used to mechanize mathematical results and carry out program verification efforts, equality is appallingly syntactic, and as a result, exploiting equivalences is cumbersome at best. Parametricity and univalence are two major concepts that have been explored in the literature to transport programs and proofs across type equivalences, but they fall short of achieving seamless, automatic transport. This work first clarifies the limitations of these two concepts when considered in isolation and then devises a fruitful marriage between both. The resulting concept, called univalent parametricity , is an extension of parametricity strengthened with univalence that fully realizes programming and proving modulo equivalences. Our approach handles both type and term dependency, as well as type-level computation. In addition to the theory of univalent parametricity, we present a lightweight framework implemented in the Coq proof assistant that allows the user to transparently transfer definitions and theorems for a type to an equivalent one, as if they were equal. For instance, this makes it possible to conveniently switch between an easy-to-reason-about representation and a computationally efficient representation as soon as they are proven equivalent. The combination of parametricity and univalence supports transport à la carte : basic univalent transport, which stems from a type equivalence, can be complemented with additional proofs of equivalences between functions over these types, in order to be able to transport more programs and proofs, as well as to yield more efficient terms. We illustrate the use of univalent parametricity on several examples, including a recent integration of native integers in Coq. This work paves the way to easier-to-use proof assistants by supporting seamless programming and proving modulo equivalences.

Download Full-text

An experimental library of formalized Mathematics based on the univalent foundations

Mathematical Structures in Computer Science ◽

10.1017/s0960129514000577 ◽

2015 ◽

Vol 25 (5) ◽

pp. 1278-1294 ◽

Cited By ~ 19

Author(s):

VLADIMIR VOEVODSKY

Keyword(s):

Type Theory ◽

Proof Assistant ◽

Formalization Of Mathematics ◽

Constructive Type Theory ◽

Short Overview ◽

Formalized Mathematics ◽

The Coq Proof Assistant ◽

Constructive Type ◽

Coq Proof Assistant ◽

Univalent Foundations

This is a short overview of an experimental library of Mathematics formalized in the Coq proof assistant using the univalent interpretation of the underlying type theory of Coq. I started to work on this library in February 2010 in order to gain experience with formalization of Mathematics in a constructive type theory based on the intuition gained from the univalent models (see Kapulkin et al. 2012).

Download Full-text