Toward a Practical Module System for ACL2

Eastlund, Carl; Felleisen, Matthias

doi:10.1007/978-3-540-92995-6_4

Cited by 5 publications

(8 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since manually maintaining these patterns is a laborious and error-prone process, we have added a module system to Dracula [5]. The module system takes its inspiration from ML's functor system [10,16]; it separates modules from interfaces and introduces an external linking language.…”

Section: Programs and Proofsmentioning

confidence: 99%

“…In a recent report [5], we presented a module system for ACL2, providing a consolidated system for specification, abstraction, and the management of namespaces and components. Our new language, dubbed Modular ACL2, introduces interfaces and modules.…”

Section: Modular Reasoning In Acl2mentioning

confidence: 99%

“…Our previous report [5] skipped this step in favor of experiments concerning the pragmatics of our modules. In this section we supply a complete soundness theorem.…”

Section: Soundness and Expressivitymentioning

confidence: 99%

“…In our previous report [5], we describe a prototype implementation of Modular ACL2 and present experiments comparing modular proofs to the same proof in monolithic form. Since that writing, the implementation of Modular ACL2 has been updated with translucent interfaces and released for public download as part of Dracula.…”

Section: Implementation and Benchmarksmentioning

confidence: 99%

“…Packages are cumbersome and not lexically scoped; encapsulation comes at the cost of executability. As a result, researchers as well as students have to learn usage patterns to manually mimic modular organizations of programs and proofs.Since manually maintaining these patterns is a laborious and error-prone process, we have added a module system to Dracula [5]. The module system takes its inspiration from ML's functor system [10,16]; it separates modules from interfaces and introduces an external linking language.…”

mentioning

confidence: 99%

See 4 more Smart Citations

Making induction manifest in modular ACL2

Eastlund

Felleisen

2009

Proceedings of the 11th ACM SIGPLAN Conference on Principles and Practice of Declarative Programming

Self Cite

View full text Add to dashboard Cite

ACL2, a Common Lisp-based language for programming and theorem proving, has enjoyed industrial success despite lacking modern language features such as a module system. In previous work, we equipped ACL2 with modules, interfaces, and explicit linking and measured our system with a series of experiments. One experiment revealed a serious lack of expressivity; the interfaces cannot describe the induction schemes necessary to reason about exported functions with nontrivial patterns of recursion. In this paper we revise our language, Modular ACL2, to overcome this weakness. The first novelty is the inclusion of manifest function definitions in interfaces from which ACL2 can infer induction schemes. The second novelty consists of the first proofs of soundness and expressivity for Modular ACL2; we also reaffirm the usefulness of our system with updated benchmarks. Categories and Subject Descriptors Programs and ProofsOver the past two decades, a number of industrial labs have adopted ACL2 as a primary tool. The ACL2 system combines a purely functional, first-order subset of Common Lisp with the latest incarnation of the Boyer-Moore theorem prover [12,13]. Roughly speaking, it extends first-order logic with axioms based on the function definitions in a program. Industrial programmers use ACL2 primarily as a modeling language for hardware and low-level software components. A typical usage pattern is to model the component as an ACL2 program, to validate the model with the (very large) preexisting test suite for the component, and then to prove the desired theorems about the component via the model.Four years ago, we started supporting Rex Page's educational project of training software engineering students in high-assurance methods with ACL2 [21]. Page's year-long course sequence introduces students to unit testing, integration testing, random testing, and theorem proving-all available in Dracula, our dialect of * This research was partially supported by several grants from the National Science Foundation.Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. PPDP'09, September 7-9, 2009, Coimbra, Portugal. Copyright c 2009 ACM 978-1-60558-568-0/09/09. . . $10.00 ACL2 [22,26]. While Page's first course focuses on small, singleprogrammer projects, the second course applies these techniques in a team-programming context.The problem for both industrial and educational uses of ACL2 is that its programming language lacks a modern module system, and the theorem prover doesn't support modular reasoning. Modules and interfaces provide scope, abstraction, and specification boundaries, as well as reusable components. These principles are especially important for ACL2. Wit...

show abstract

Section: Programs and Proofsmentioning

confidence: 99%

Section: Modular Reasoning In Acl2mentioning

confidence: 99%

“…Our previous report [5] skipped this step in favor of experiments concerning the pragmatics of our modules. In this section we supply a complete soundness theorem.…”

Section: Soundness and Expressivitymentioning

confidence: 99%

Section: Implementation and Benchmarksmentioning

confidence: 99%

mentioning

confidence: 99%

See 3 more Smart Citations

Making induction manifest in modular ACL2

Eastlund

Felleisen

2009

Proceedings of the 11th ACM SIGPLAN Conference on Principles and Practice of Declarative Programming

Self Cite

View full text Add to dashboard Cite

show abstract

Computational logic in the undergraduate curriculum

Page

2009

Proceedings of the Eighth International Workshop on the ACL2 Theorem Prover and Its Applications

View full text Add to dashboard Cite

Logic provides the mathematical basis for hardware design and software development. In fact, digital circuits and computer programs are logic formulas expressed in a formal language. Accordingly, educated computer scientists should have experience in reasoning about the formulas that their digital circuits and programs represent. An exemplary way to get this experience is to use computational logic in support of such reasoning. This paper searches the typical undergraduate curriculum in computer science for opportunities to include material on computational logic in the context of hardware and software design and implementation. It explains how computational logic has been included as an element of two courses required in most computer science programs. It discusses some successes and a few missteps that the author has experienced over the past nine years in developing this material and using it in the classroom, and it suggests opportunities for similar efforts in other courses. Categories and Subject Descriptors General TermsDesign, Reliability, Languages, Verification. KeywordsFormal methods, theorem provers, ACL2, software engineering, computer science curriculum. RATIONALELogic provides the mathematical basis for hardware design and software development. In fact, digital circuits and computer programs are logic formulas expressed in a formal language.Accordingly, educated computer scientists should have experience in reasoning about the formulas that their digital circuits and programs represent. An exemplary way to get this experience is to use computational logic in support of such reasoning.Using ACL2 [10] as a computational logic engine for exposing students to this technology provides some advantages over other choices. It employs the widely used syntax of Common Lisp and smoothly integrates its theorem proving system within this syntax. This is important because it alleviates problems that come with introducing radically new elements into the curriculum. One such problem is resistance from students, computer science faculties, and outside advisors of academic programs. A programming notation in widespread use over a long period is easier to sell than one that has seen less use. Practical applications of ACL2 in industry and government are important in this regard.Another problem has to do with the steepness of the learning curve. Many computational logic systems require a substantial investment of intense study before they begin to pay off. ACL2 presents a relatively simple basis for stating properties of software (and of hardware models), one that most students recognize from their knowledge of predicate calculus. Furthermore, the reasoning engine of ACL2 automatically generates inductive proofs of many correctness properties. This makes it possible for students to succeed early. Once they understand how to state properties as formulas in logic, ACL2 delivers proofs of many of those properties without assistance.The following sections describe experience with computational logic in three cou...

show abstract

A module system independent of base languages

Park

2009

Proceedings of the 1st Workshop on Modules and Libraries for Proof Assistants

View full text Add to dashboard Cite

Toward a Practical Module System for ACL2

Cited by 5 publications

References 13 publications

Making induction manifest in modular ACL2

Making induction manifest in modular ACL2

Computational logic in the undergraduate curriculum

A module system independent of base languages

Contact Info

Product

Resources

About