Expressiveness + Automation + Soundness: Towards Combining SMT Solvers and Interactive Proof Assistants

Fontaine, Pascal; Marion, Jean-Yves; Merz, Stephan; Nieto, Leonor Prensa; Tiu, Alwen

doi:10.1007/11691372_11

Cited by 57 publications

(55 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This approach highlighted the difficulty for proof reconstruction. Independently Fontaine et al [15] have combined haRVey with Isabelle/HOL for quantifier free first-order formulae with equality and uninterpreted functions. In their scheme, Isabelle solves UF sub-proofs with hints provided by haRVey.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Modular SMT Proofs for Fast Reflexive Checking Inside Coq

Besson¹,

Cornilleau²,

Pichardie³

2011

Certified Programs and Proofs

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

“…The mainstream approach for validating SMT proofs [15,20,6] requires a tight integration with an explanation-producing SMT solver. The drawbacks are that explanations may contain too much or too little details and are solver specific.…”

Section: Introductionmentioning

confidence: 99%

Modular SMT Proofs for Fast Reflexive Checking Inside Coq

Besson¹,

Cornilleau²,

Pichardie³

2011

Certified Programs and Proofs

View full text Add to dashboard Cite

“…2). There are several works on increasing the degree of automation in interactive theorem provers by integrating external automated tools [15,26,14,24,19]. These works have in common that they integrate generic tools like SAT or SMT tools.…”

Section: Related and Future Workmentioning

confidence: 99%

Integrating Automated and Interactive Protocol Verification

Brucker¹,

Mödersheim

2010

Formal Aspects in Security and Trust

View full text Add to dashboard Cite

Abstract. A number of current automated protocol verification tools are based on abstract interpretation techniques and other over-approximations of the set of reachable states or traces. The protocol models that these tools employ are shaped by the needs of automated verification and require subtle assumptions. Also, a complex verification tool may suffer from implementation bugs so that in the worst case the tool could accept some incorrect protocols as being correct. These risks of errors are also present, but considerably smaller, when using an LCF-style theorem prover like Isabelle. The interactive security proof, however, requires a lot of expertise and time. We combine the advantages of both worlds by using the representation of the over-approximated search space computed by the automated tools as a "proof idea" in Isabelle. Thus, we devise proof tactics for Isabelle that generate the correctness proof of the protocol from the output of the automated tools. In the worst case, these tactics fail to construct a proof, namely when the representation of the search space is for some reason incorrect. However, when they succeed, the correctness only relies on the basic model and the Isabelle core.

show abstract

“…One approach to making such communications possible is to build a particular technological bridge between two specific provers so that proofs from one system can be exported to the other system in such a way it can be checked and trusted. See, for example, [8] where an SMT prover was modified to output its proof evidence as proof scripts that Isabelle could then execute and trust. A similar approach is done with SMTCoq [2] for the type-theory based proof assistant Coq.…”

Section: Introductionmentioning

confidence: 99%

Foundational Proof Certificates in First-Order Logic

Chihani

Miller

Renaud

2013

Automated Deduction – CADE-24

View full text Add to dashboard Cite

We present the design philosophy of a proof checker based on a notion of foundational proof certificates. At the heart of this design is a semantics of proof evidence that arises from recent advances in the theory of proofs for classical and intuitionistic logic. That semantics is then performed by a (higher-order) logic program: successful performance means that a formal proof of a theorem has been found. We describe how the λProlog programming language provides several features that help guarantee such a soundness claim. Some of these features (such as strong typing, abstract datatypes, and higher-order programming) were features of the ML programming language when it was first proposed as a proof checker for LCF. Other features of λProlog (such as support for bindings, substitution, and backtracking search) turn out to be equally important for describing and checking the proof evidence encoded in proof certificates. Since trusting our proof checker requires trusting a programming language implementation, we discuss various avenues for enhancing one's trust of such a checker.

show abstract

Expressiveness + Automation + Soundness: Towards Combining SMT Solvers and Interactive Proof Assistants

Cited by 57 publications

References 25 publications

Modular SMT Proofs for Fast Reflexive Checking Inside Coq

Modular SMT Proofs for Fast Reflexive Checking Inside Coq

Integrating Automated and Interactive Protocol Verification

Foundational Proof Certificates in First-Order Logic

Contact Info

Product

Resources

About