One Logic to Use Them All

Deductive program verification is making fast progress these days. One of the reasons is a tremendous improvement of theorem provers in the last two decades. This includes various kinds of automated theorem provers, such as ATP systems and SMT solvers, and interactive proof assistants. Yet most tools for program verification are built around a single theorem prover. Instead, we defend the idea that a collaborative use of several provers is a key to easier and faster verification. This paper introduces a logic that is designed to target a wide set of theorem provers. It is an extension of first-order logic with polymorphism, algebraic data types, recursive definitions, and inductive predicates. It is implemented in the tool Why3, and has been successfully used in the verification of many non-trivial programs.

[1]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[2]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[3]  Frank Pfenning,et al.  Automated Deduction - CADE-21, 21st International Conference on Automated Deduction, Bremen, Germany, July 17-20, 2007, Proceedings , 2007, CADE.

[4]  Tobias Nipkow,et al.  Sledgehammer: Judgement Day , 2010, IJCAR.

[5]  Jean-Christophe Filliâtre,et al.  Verifying Two Lines of C with Why3: An Exercise in Program Verification , 2012, VSTTE.

[6]  Benjamin Grégoire,et al.  Computer-Aided Security Proofs for the Working Cryptographer , 2011, CRYPTO.

[7]  Damien Doligez,et al.  Zenon : An Extensible Automated Theorem Prover Producing Checkable Proofs , 2007, LPAR.

[8]  Claude Marché,et al.  The KRAKATOA tool for certificationof JAVA/JAVACARD programs annotated in JML , 2004, J. Log. Algebraic Methods Program..

[9]  Stephan Schulz,et al.  System Description: E 0.81 , 2004, IJCAR.

[10]  Jean-Christophe Filliâtre,et al.  Why3 - Where Programs Meet Provers , 2013, ESOP.

[11]  Toby Walsh,et al.  Automated Deduction—CADE-11 , 1992, Lecture Notes in Computer Science.

[12]  Joe Hurd An LCF-Style Interface between HOL and First-Order Logic , 2002, CADE.

[13]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[14]  Frank Wolter,et al.  Monodic fragments of first-order temporal logics: 2000-2001 A.D , 2001, LPAR.

[15]  Xavier Leroy,et al.  A Formally Verified Compiler Back-end , 2009, Journal of Automated Reasoning.

[16]  Larry Wos,et al.  What Is Automated Reasoning? , 1987, J. Autom. Reason..

[17]  Guillaume Melquiond,et al.  Certification of bounds on expressions involving rounded operators , 2007, TOMS.

[18]  T. Tammet 10th international conference on automated deduction , 1991 .

[19]  Jaime G. Carbonell,et al.  Automated Deduction — CADE-16 , 2002, Lecture Notes in Computer Science.

[20]  Frank Piessens,et al.  The VeriFast program verifier , 2008 .

[21]  K. Rustan M. Leino,et al.  Automating Induction with an SMT Solver , 2012, VMCAI.

[22]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[23]  William McCune,et al.  Automated Deduction—CADE-14 , 1997, Lecture Notes in Computer Science.

[24]  Jean-Christophe Filliâtre,et al.  Deductive software verification , 2011, International Journal on Software Tools for Technology Transfer.

[25]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.

[26]  Andrei Paskevich,et al.  TFF1: The TPTP Typed First-Order Form with Rank-1 Polymorphism , 2013, CADE.

[27]  María Manzano,et al.  Extensions of First-Order Logic , 1996 .

[28]  Andrei Voronkov,et al.  Automated Deduction—CADE-18 , 2002, Lecture Notes in Computer Science.

[29]  Jean-François Couchot,et al.  Handling Polymorphism in Automated Deduction , 2007, CADE.

[30]  Konstantin Korovin,et al.  iProver - An Instantiation-Based Theorem Prover for First-Order Logic (System Description) , 2008, IJCAR.

[31]  François Bobot,et al.  Expressing Polymorphic Types in a Many-Sorted Language , 2011, FroCoS.

[32]  Jean-Raymond Abrial,et al.  The B-book - assigning programs to meanings , 1996 .

[33]  Frank Piessens,et al.  A glimpse of a verifying C compiler , 2007 .

[34]  François Bobot,et al.  Preserving User Proofs across Specification Changes , 2013, VSTTE.

[35]  Sarfraz Khurshid,et al.  Proceedings of the Third international conference on Abstract State Machines, Alloy, B, VDM, and Z , 2012 .

[36]  K. Rustan M. Leino,et al.  A Polymorphic Intermediate Verification Language: Design and Logical Encoding , 2010, TACAS.

[37]  Sylvain Conchon,et al.  Implementing polymorphism in SMT solvers , 2008, SMT '08/BPR '08.

[38]  Hugo Herbelin,et al.  The Coq proof assistant : reference manual, version 6.1 , 1997 .

[39]  Elisabeth Oswald,et al.  A Comprehensive Evaluation of Mutual Information Analysis Using a Fair Evaluation Framework , 2011, CRYPTO.

[40]  Michael Norrish,et al.  seL4: formal verification of an operating-system kernel , 2010, Commun. ACM.

[41]  K. Rustan M. Leino,et al.  Dafny: An Automatic Program Verifier for Functional Correctness , 2010, LPAR.

[42]  Cyrille Comar,et al.  Integrating Formal Program Verication with Testing , 2012 .

[43]  David Detlefs,et al.  Simplify: a theorem prover for program checking , 2005, JACM.

[44]  Kurt Stenzel,et al.  Proving System Correctness with KIV 3.0 , 1997, CADE.

[45]  Lawrence C. Paulson,et al.  Translating Higher-Order Clauses to First-Order Clauses , 2007, Journal of Automated Reasoning.

[46]  Christoph Weidenbach,et al.  SPASS Version 3.5 , 2009, CADE.

[47]  Claude Marché,et al.  Discharging Proof Obligations from Atelier B Using Multiple Automated Provers , 2012, ABZ.

[48]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[49]  François Bobot,et al.  Why3: Shepherd Your Herd of Provers , 2011 .

[50]  Evelyne Contejean,et al.  Software - The Alt-Ergo theorem prover , 2010 .