Upload
glynis
View
57
Download
0
Embed Size (px)
DESCRIPTION
Formal Analysis of Symbolic Computation Systems for Algebraic Topology. Julio Rubio Universidad de La Rioja (Spain). The Systems EAT Homology groups of iterated loop spaces Kenzo Better performance Object-oriented. Formal Analysis. -Why?. First answer: Why not?. -How?. - PowerPoint PPT Presentation
Citation preview
Formal Analysis of
Symbolic Computation Systems for
Algebraic Topology
Julio Rubio
Universidad de La Rioja
(Spain)
The Systems
- EATEAT
Homology groups of iterated loop spaces
- KenzoKenzoBetter performanceObject-oriented
Formal Analysis
- Why?
- How?
First answer:
Why not?
Formal Analysis
- Why?
- How?
Second answer:
Increasing reliability
Formal Analysis
- Why?
- How?
Third answer:
Increasing knowledge
Formal Analysis
- How?
Two lines:
1. Algebraic Specifications
2. Computer-aided Theorem Proving
Formal Methods in Design
Implementation
SPECIFICATION
SOFTWARE PRODUCT
Formal Methods
Formal Methods in our problem
SOFTWARE PRODUCT
(MATHEMATICAL) MODEL OF THESOFTWARE PRODUCT
Formal Methods
A case-study: BPL
EAT and Kenzo implement theEAT and Kenzo implement the
Basic Perturbation Lemma (BPL)Basic Perturbation Lemma (BPL)
BPL, preliminaries:
- Chain complex- Chain complex
- Reduction- Reduction
- Perturbation- Perturbation
BPL, preliminaries: chain complex
BPL, preliminaries: reduction
BPL, preliminaries: reduction
H(C, d) H(C, d)
H(C, d)H(C, d)
(C, d) (C, d)f
g
h
Big CC Small CC
BPL, preliminaries: perturbation
BPL, statement:
(C, d) (C, d)f
g
h
Big CC Small CC
(C,d+) (C, ¿d´?)¿f ´?
¿g´?
¿h´?
Big CC Small CC
Now we introduce a perturbation and we obtain: BPL algorithm
f´,g´,d´,h´
BPL implementation, questions:
- How many reductions can be represented?- How many reductions can be represented?
- Is the implementation correct?Is the implementation correct?
BPL implementation, questions:
- How many reductions can be represented?- How many reductions can be represented?
(First line: algebraic specifications)(First line: algebraic specifications)
- Is the implementation correct?Is the implementation correct?
(Second line: ATPs)(Second line: ATPs)
First line:
ALGEBRAIC SPECIFICATIONSALGEBRAIC SPECIFICATIONS
Joint work with:
L. Lambán, V. Pascual, C. Domínguez
(Universidad de La Rioja)
Inspired by EAT syntax
Simp=S U { imp }
imp = { imp_ : imp s1 ... sn s}
S
= { : s1 ... sn s}
= S, imp = Simp, imp
- Storing operations
(make-grp :prd ... )
Real Common Lisp implementation
Sergeraert’s notions 1986
- Functional coding
f #’(lambda (x)
(integerp x))
- Decoding function
f Z
- Programs realizing operations
Real Common Lisp implementation
- Representation invariant
U Bool
- Abstraction function
U M
Hoare’s notions 1972
Real Common Lisp implementation
Sergeraert’s notions 1986
- Functional coding
f #’(lambda (x)
(integerp x))
- Decoding function
f Z
- Storing operations
(make-grp :prd ... )
- Representation invariant
U Bool
- Abstraction function
U M
- Programs realizing operations
Hoare’s notions 1972
DATUMIMPLEMENTATION OF A DATA TYPE
The implementation shift
Theorem
The implementations appearing in EAT define final objects in certain categories of Abstract Data Types implementations
Theorem
Thus: EAT implementations are
“as general as possible”
The implementations appearing in EAT define final objects in certain categories of Abstract Data Types implementations
Categories
EAT
implementing
Families of objects
modelling
Mathematics
Kenzo: dealing with inheritance
- explicit coercion- explicit coercion
(at the algebraic specification level)(at the algebraic specification level)
- similar kind of resultssimilar kind of results
(finality)(finality)
Second line:
MECHANISED THEOREM PROVINGMECHANISED THEOREM PROVING
Joint work with:
C. Ballarin (Technische Universität München)
J. Aransay (Universidad de La Rioja)
Certify the BPL EAT implementation
Certify the BPL EAT implementation
Choose a proof assistant
A Common Lisp assistant?
A Common Lisp assistant?
ACL2 (Boyer-Moore)Poor expressiveness
(no higher order functional programming)
An Assistant with other native language L?
An Assistant with other native language L?
Semantic gap between
L and Common Lisp
Give a mechanised proof of the BPL theorem
(as a previous step towards the proof of EAT implementation correctness)
To choose a (by hand) proof:
Sergeraert’s proofSergeraert’s proof
To choose a proof Assistant:
IsabelleIsabelle
In Isabelle:
- Algebraic structures:- Algebraic structures:
- dependent typesdependent types- extensible records (to reuse)extensible records (to reuse)
Lemma: Let f: C D a group homomorphism.
Then Im f is a subgroup of D.
In Isabelle:
...
Further work:
- Algebraic specifications:
More fragments
- Theorem proving:
The series
Statement of the BPL:
Further work:
- To relate more closely both lines
Further work:
- To relate more closely both lines
- To apply the acquired knowledge to other systems
Conclusions:
Starting from a very concrete problem ...
Conclusions:
- Symbolic Computation enriched with Formal Methods
Conclusions:
- Symbolic Computation enriched with Formal Methods
- Formal Methods enriched from our experiences with Symbolic Computation
Increasing
knowledgeConclusions:
- Symbolic Computation enriched with Formal Methods
- Formal Methods enriched from our experiences with Symbolic Computation