#
CSci 8980, Fall 2012

Specifying and Reasoning

About Computational Systems

Class Presentations

Information about the class presentations is provided below in the
reverse order in which they are to occur and as this information
becomes available.

## Specification in Linear Logic: Why and How

Dan DaCosta

### Location and Time

Keller Hall 3-111, Dec 11, 2012, 11:15 a.m. - 12:30 p.m.
### Papers to Look At

- An Overview of
Linear Logic Programming, Dale Miller
- Forum: A
Multi-Conclusion Specification Logic, Dale Miller

### Abstract

Reasoning about computational systems is critical to the formal
methods subfield of computer science. Computational systems often have
physical system analogs resulting in the need to encode state. In
earlier presentations (i.e., Jason's and Ted's), we observed
complexities arising from specifications where state must be encoded
using non-logical constants. In this talk I will motivate by example
the need for a specification logic with improved state encoding
capabilities. This will lead to a presentation of Forum, a sequent
calculus for linear logic. Forum is sound and complete with respect to
linear logic and, perhaps surprisingly, can be viewed as an abstract
logical programming language. An encoding of the original motivating
example in Forum will be given that better captures state using
logical constants. My talk will conclude with notable proof search
issues when using the Forum presentation of linear logic.

## Proving Properties of PLEXIL in Abella

Jason Biatek

### Location and Time

Keller Hall 3-111, Dec 6, 2012, 11:15 a.m. - 12:30 p.m.
### Paper to Look At

A
Small-Step Semantics of PLEXIL, G. Dowek, C. Munoz and
C. Pasareanu.
### Abstract

PLEXIL is a planning language in development at NASA. It consists of a
hierarchy of nodes, each with a small state machine that dictates its
behavior. My research involves work on a PLEXIL to Java translator so
that it can be run in Java PathFinder, and one aspect of this is
optimizing the final code for analysis. We have a planned optimization
involving combining state machines, and we would like to prove its
correctness. I will present a brief introduction to PLEXIL, how I
specified it in λProlog, and how Abella can prove useful
properties about PLEXIL for purposes of optimization.

## Formalizing attribute grammars using Lambda Prolog and Abella

Ted Kaminski

### Location and Time

Keller Hall 5-212, Dec 5, 2012, 5:00 - 6:15 p.m.
### Paper to Look At

Semantics
of context-free languages, Donald Knuth.
My talk will draw on Knuth's definition of attribute grammars and a
similar presentation from a paper I wrote recently, and
going through the transformation of these into a λProlog
specification that can be reasoned about.

### Abstract

Attribute grammars (AGs) are a useful formalism for describing
computations over trees, especially the syntax trees resulting from a
grammar. We formalize a small AG language, and prove several
properties about it.
Particular attention will be paid to the task of developing the
specification of the AG language. We focus on three broad classes of
challenges: (a) design choices made to be able to specify the language
(in λProlog) at all, (b) design choices made to keep the
specification small and reasonably elegant, and (c) design choices
made to keep proofs possible and practical.

## Proving Equivalence of Intuitionistic Natural Deduction and
Sequent Calculus

Kevin Williams

### Location and Time

Keller Hall 3-111, Dec 4, 2012, 11:15 a.m. - 12:30 p.m.
### Paper to Look At

Take a look at the Abella walkthrough at
http://abella.cs.umn.edu/walkthrough.html
and also the Abella mini example of the equivalence between NJ, LJ and
a Hilbert calculus
at http://abella.cs.umn.edu/examples/logic/equiv.html.
It would also help to be familiar with the proof of equivalence in
Gentzen's "Investigations into Logical Deduction" paper. For this,
look at section V.1. Gentzen's paper is available
in part one
and part two from the
course resources page.

### Abstract

In Gentzen's "Investigations into Logical Deduction", he
describes calculi for logical deduction in two different styles known
as Natural Deduction and Sequent Calculus.
Both of these styles can be used in either intuitionistic or classical
settings. I will discuss how to prove the equivalence between NJ,
intuitionistic natural deduction, and LJ, intuitionistic sequent
calculus using Abella. Some key points to be covered are: the
conversion of natural deduction to a context-based format,
specification of the two logic systems, and a walkthrough of the
many-step proof showing equivalence.

## Translating Totality Checking in Twelf to M^{2} Proofs

Yuting Wang

### Location and Time

Keller Hall 3-111, November 29, 2012, 11:15 a.m. - 12:30 p.m.
### Material to Look At

First, check out the discussion of totality checking on the Twelf
website: http://twelf.org/wiki/Proving_metatheorems:Proving_totality_assertions_about_the_natural_numbers.
Then look up the following paper on
M^{2}: An Automated Theorem
Proving in a Simple Meta Logic for LF, Carsten Scheurmann and
Frank Pfenning.

### Abstract

The Edinburgh Logical Framework(LF) provides a means to encode formal
systems in a dependent typed λcalculus. The higher order
abstract syntax in LF enables elegant specifications of logic
systems. It also imposes difficulties in reasoning about the
specifications. One way to state and prove meta-theorems of LF
specifications is by representing the meta-theorem as a type family in
LF itself which defines the relation on its subjects. A correct proof
consists of constants inhabiting the type family which defines a total
relation. A totality checking algorithm is used to check the
correctness of proofs defined by users. Theorems can also be stated
and proved in a meta-logic M^{2} which is based on a constructive
sequent calculus with proof terms. M^{2} allows case analysis and
induction for reasoning LF specifications. Although the form of
theorems stated in it is limited, significant automation is achieved
by applying a proof strategy.
The `proof' of totality checking is not constructive in the sense that
we only get back a yes/no answer from the totality checker. I will
describe a method of translating the totality checking of user
specifications into proofs in M^{2} sequent calculus, which is
realized by translating operations in totality checking algorithm to
M^{2} proof rules and instantiating user defined constants to
fill up `holes' in the proof. Since proofs in M^{2} are constructive,
the proof terms we get from the translation can be presented to other
systems as certificates of the totality checking algorithm.

I will first describe the totality checking of LF specifications with
an emphasis on the coverage checking. Then follows an introduction of
M^{2} logic and finally the translation. I will present an example
of translating the subject reduction proof in LF into a M^{2} proof.

## Translating LF Specification into Lambda Prolog

Mary Southern

### Location and Time

Keller Hall 5-212, Nov 28, 2012, 5:00 - 6:15 p.m.
### Paper to Look At

A
Meta-Programming Approach to Realizing Dependently Types Logic
Programming, Zachary Snow, David Baelde and Gopalan Nadathur
### Abstract

The Logical Framework (LF) is a framework for describing logics using
a dependently typed λ-calulus, while λProlog is a simply
typed higher order logic programming language which utilizes the logic
of higher-order hereditary harrop formulas. Using a dependently typed
λ-calculus allows for encoding relationships and dependencies
between types and proofs. This benefit may be desirable within a logic
programming language such as λProlog, where we can more
efficiently execute or reason about the specifications, and so a
translation between these two forms of specifications becomes of
interest. Beginning with a description of LF, I
will discuss a naive translation from LF specifications into
λProlog specifications. From this I will highlight how
utilizing knowledge about the LF specifications can improve the
translation not only in efficiency but also in clarity of the
λProlog programs and derivations.

Last modified: Nov 24, 2012 by gopalan atsign cs dot umn dot edu