Lecture Notes in Computer Science 1869 Edited by G. Goos, J. Hartmanis and J. van Leeuwen Springer Berlin Heidelberg New York Barcelona Hong Kong London Milan Paris Singapore Tokyo Mark Aagaard John Harrison (Eds.) Theorem Proving in Higher Order Logics 13th International Conference, TPHOLs 2000 Portland, OR, USA, August 14-18, 2000 Proceedings ^M Springer Series Editors Gerhard Goos, Karlsruhe University, Germany Juris Hartmanis, Cornell University, NY, USA Jan van Leeuwen, Utrecht University, The Netherlands Volume Editors Mark Aagaard John Harrison Intel Corporation 5200 NE Elam Young Parkway Hillsboro, OR 97124, USA E-mail: {johnh,maagaard}@ichips.Intel.com Cataloging-in-Publication Data applied for Die Deutsche Bibliothek - CIP-Einheitsaufnahme Theorem proving in higher order logics : 13th international conference ; proceedings / TPHOLs 2000, Portland, OR, USA, August 14-18, 2000. Mark Aagaard ; John Harrison (ed.). - Berlin ; Heidelberg ; New York ; Barcelona ; Hong Kong ; London ; Milan ; Paris ; Singapore ; Tokyo : Springer, 2000 (Lecture notes in computer science ; Vol. 1869) ISBN 3-540-67863-8 CR Subject Classification (1998): F.4.1,1.2.3, R3.1, D.2.4, B.6.3 ISSN 0302-9743 ISBN 3-540-67863-8 Springer-Veriag Berlin Heidelberg New York This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9,1965, in its current version, and permission for use must always be obtained from Springer-Veriag. Violations are liable for prosecution under the German Copyright Law. Springer-Veriag Berlin Heidelberg New York a member of BertelsmannSpringer Science-i-Business Media GmbH © Springer-Verlag BerUn Heidelberg 2000 Printed in Germany Typesetting: Camera-ready by author, data conversion by PTP-Berlin, Stefan Sossna Printed on acid-free paper SPIN: 10722303 06/3142 5432 10 Preface This volume is the proceedings of the 13th International Conference on Theo rem Proving in Higher Order Logics (TPHOLs 2000) held 14-18 August 2000 in Portland, Oregon, USA. Each of the 55 papers submitted in the full rese arch category was refereed by at least three reviewers who were selected by the program committee. Because of the limited space available in the program and proceedings, only 29 papers were accepted for presentation and publication in this volume. In keeping with tradition, TPHOLs 2000 also offered a venue for the presen tation of work in progress, where researchers invite discussion by means of a brief preliminary talk and then discuss their work at a poster session. A supplemen tary proceedings containing associated papers for work in progress was published by the Oregon Graduate Institute (OGI) as technical report CSE-00-009. The organizers are grateful to Bob Colwell, Robin Milner and Larry Wos for agreeing to give invited talks. Bob Colwell was the lead architect on the Intel P6 microarchitecture, which introduced a number of innovative techniques and achieved enormous commercial success. As such, he is ideally placed to offer an industrial perspective on the challenges for formal verification. Robin Milner contributed many key ideas to computer theorem proving, and to functional programming, through his leadership of the influential Edinburgh LCF project. In addition he is known for his work on general theories of concurrency, and his invited talk brings both these major themes together. Larry Wos was the developer of many of the fundamental approaches to automated proof in first order logic with equality. He also led the way in applying automated reasoning to solving open mathematical problems, and here he discusses some achievements of this project and future prospects. The TPHOLs conference traditionally changes continent each year in order to maximize the chances that researchers all over the world can attend. Starting in 1993, the proceedings of TPHOLs or its predecessor have been published in the following volumes of the Springer-Verlag Lecture Notes in Computer Science series: 1993 (Canada) 780 1997 (USA) 1275 1994 (Maha) 859 1998 (Australia) 1479 1995 (USA) 971 1999 (Prance) 1690 1996 (Finland) 1125 The 2000 conference was organized by a team from Intel Corporation and the Oregon Graduate Institute. Financial support came from Compaq, IBM, In tel, Levetate, Synopsys and OGI. A generous grant from the National Science Foundation allowed the organizers to offer student bursaries covering part of the cost of attending TPHOLs. The support of all these organizations is gratefully acknowledged. May 2000 Mark Aagaard, John Harrison VI Organization Conference Organization Mark Aagaard (General Chair) Kelly Atkinson Robert Beers Nancy Day John Harrison (Program Chair) Naren Narasimhan Tom Schubert Program Committee Mark Aagaard (Intel) Bart Jacobs (Nijmegen) Flemming Andersen (IBM) Paul Jackson (Edinburgh) David Basin (Freiburg) Steve Johnson (Indiana) Richard Boulton (Glasgow) Sara Kalvala (Warwick) Gilles Dowek (INRIA) Tom Melham (Glasgow) Harald Ganzinger (Saarbrucken) Paul Miner (NASA) Ganesh Gopalakrishnan (Utah) Tobias Nipkow (Miinchen) Mike Gordon (Cambridge) Sam Owre (SRI) Jim Grundy (ANU) Christine Paulin-Mohring (INRIA) Elsa Gunter (Bell Labs) Lawrence Paulson (Cambridge) John Harrison (Intel) Klaus Schneider (Karlsruhe) Doug Howe (Ottawa) Sofiene Tahar (Concordia) Warren Hunt (IBM) Ranga Vemuri (Cincinnati) Invited Speakers Bob Colwell (Intel Corporation) Robin Milner (University of Cambridge) Larry Wos (Argonne National Laboratory) Additional Reviewers Abdelwaheb Ayari, Stefan Berghofer, Witold Charatonik, Roy L. Crole, Paul Curzon, Nancy Day, Hans de Nivelle, Jean-Christophe Filliatre, Thomas For- ster, Stefan Friedrich, M. J. Gabbay, Raj Gore, Roope Kaivola, Felix Klaedtke, Skander Kort, Nazanin Mansouri, Yassine Mokhtari, Naren Narasimhan, Mal colm Newey, Claire Quigley, Rajesh Radhakrishnan, Harald Ruess, Hassen Saidi, Gerhard Schellhorn, M. K. Srivas, Elena Teica, Luca Vigano, Burkhart Wolff Contents Fix-Point Equations for Well-Founded Recursion in Type Theory Antonia Balaa and Yves Bertot 1 Programming and Computing in HOL Bruno Barms 17 Proof Terms for Simply Typed Higher Order Logic Stefan Berghofer and Tobias Nipkow 38 Routing Information Protocol in HOL/SPIN Karthikeyan Bhargavan, Carl A. Gunter and Davor Obradovic 53 Recursive Famihes of Inductive Types Venanzio Capretta 73 Aircraft Trajectory Modehng and Alerting Algorithm Verification Victor Carreno and Cesar Munoz 90 Intel's Formal Verification Experience on the Willamette Development (Invited Talk) Boh Colwell and Bob Brennan 106 A Prototype Proof Translator from HOL to Coq Ewen Denney 108 Proving ML Type Soundness Within Coq Catherine Dubois 126 On the Mechanization of Real Analysis in Isabelle/HOL Jacques D. Fleuriot 145 Equational Reasoning via Partial Reflection H. Geuvers, F. Wiedijk and J. Zwanenburg 162 Reachabihty Programming in HOL98 Using BDDs Michael J. C. Gordon 179 Transcendental Functions and Continuity Checking in PVS Hanne Gottliebsen 197 VIII Contents Verified Optimizations for the Intel IA-64 Architecture Jim Grundy 215 Formal Verification of IA-64 Division Algorithms John Harrison 233 Fast Tactic-Based Theorem Proving Jason Hickey and Aleksey Nogin 252 Implementing a Program Logic of Objects in a Higher-Order Logic Theorem Prover Martin Hofmann and Francis Tang 268 A Strong and Mechanizable Grand Logic M. Randall Holmes 283 Inheritance in Higher Order Logic: Modeling and Reasoning Marieke Huisman and Bart Jacobs 301 Total-Correctness Refinement for Sequential Reactive Systems Paul B. Jackson 320 Divider Circuit Verification with Model Checking and Theorem Proving Roope Kaivola and Mark D. Aagaard 338 Specification and Verification of a Steam-Boiler with Signal-Coq Mickael Kerboeuf, David Nowak and Jean-Pierre Talpin 356 Functional Procedures in Higher-Order Logic Linas Laihinis and Joakim von Wright 372 Formalizing Stalmarck's Algorithm in Coq Pierre Letouzey and Laurent Thery 388 TAS — A Generic Window Inference System Christoph Liith and Burkhart Wolff 406 Weak Alternating Automata in Isabelle/HOL Stephan Merz 424 Graphical Theories of Interactive Systems: Can a Proof Assistant Help? (Invited Talk) Robin Milner 442 Contents IX Formal Verification of the Alpha 21364 Network Protocol Abdel Mokkedem and Tim Leonard 443 Dependently Typed Records for Representing Mathematical Structure Robert Pollack 462 Towards a Machine-Checked Java Specification Book Bemhard Reus and Tatjana Hein 480 Another Look at Nested Recursion Konrad Slind 498 Automating the Search for Answers to Open Questions (Invited Talk) Larry Wos and Branden Fitelson 519 Appendix: Conjectures Concerning Proof, Design, and Verification Larry Wos 526 Author Index 535