Refinement to Imperative HOL

Many algorithms can be implemented most efficiently with imperative data structures. This paper presents Sepref, a stepwise refinement based tool chain for the verification of imperative algorithms in Isabelle/HOL. As a back end we use imperative HOL, which allows to generate verified imperative code. On top of imperative HOL, we develop a separation logic framework with powerful proof tactics. We use this framework to verify basic imperative data structures and to define a refinement calculus between imperative and functional programs. We provide a tool to automatically synthesize a concrete imperative program and a refinement proof from an abstract functional program, selecting implementations of abstract data types according to a user-provided configuration. As a front end to describe the abstract programs, we use the Isabelle Refinement Framework, for which many algorithms have already been formalized. Our tool chain is complemented by a large selection of verified imperative data structures. We have used Sepref for several verification projects, resulting in efficient verified implementations that are competitive with unverified ones in Java or C$$++$$++.

[1]  Javier Esparza,et al.  A Note on On-the-Fly Verification Algorithms , 2005, TACAS.

[2]  Alexander Krauss,et al.  Partial and Nested Recursive Function Definitions in Higher-order Logic , 2010, Journal of Automated Reasoning.

[3]  Lars Noschinski,et al.  Pattern-based Subterm Selection in Isabelle , 2021, ArXiv.

[4]  Lars Birkedal,et al.  Ynot: dependent types for imperative programs , 2008, ICFP 2008.

[5]  Rafal Kolanski,et al.  Mechanised Separation Algebra , 2012, ITP.

[6]  Niklaus Wirth,et al.  Program development by stepwise refinement , 1971, CACM.

[7]  Richard M. Karp,et al.  Theoretical Improvements in Algorithmic Efficiency for Network Flow Problems , 1972, Combinatorial Optimization.

[8]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[9]  Thomas Tuerk,et al.  A separation logic framework for HOL , 2011 .

[10]  Aleksandar Nanevski,et al.  Ynot : Reasoning with the Awkward Squad , 2008 .

[11]  Peter Lammich,et al.  Refinement based verification of imperative data structures , 2016, CPP.

[12]  Peter W. O'Hearn,et al.  Local Action and Abstract Separation Logic , 2007, 22nd Annual IEEE Symposium on Logic in Computer Science (LICS 2007).

[13]  Mihalis Yannakakis,et al.  On nested depth first search , 1996, The Spin Verification System.

[14]  Arthur Charguéraud,et al.  Characteristic formulae for the verification of imperative programs , 2011, ICFP.

[15]  René Neumann A Framework for Verified Depth-First Algorithms , 2012, ATx/WInG@IJCAR.

[16]  Peter Lammich The Imperative Refinement Framework , 2016, Arch. Formal Proofs.

[17]  Reynald Affeldt,et al.  A Certified Verifier for a Fragment of Separation Logic , 2009 .

[18]  P. Gács,et al.  Algorithms , 1992 .

[19]  Peter Lammich,et al.  Automatic Data Refinement , 2013, ITP.

[20]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[21]  Peter W. O'Hearn,et al.  Permission accounting in separation logic , 2005, POPL '05.

[22]  Adam Chlipala,et al.  Fiat , 2015, POPL.

[23]  Alexander Krauss,et al.  Recursive Definitions of Monadic Functions , 2010, PAR@ITP.

[24]  Arthur Charguéraud,et al.  Machine-Checked Verification of the Correctness and Amortized Complexity of an Efficient Union-Find Implementation , 2015, ITP.

[25]  Peter Lammich Refinement for Monadic Programs , 2012, Arch. Formal Proofs.

[26]  Radek Pelánek,et al.  BEEM: Benchmarks for Explicit Model Checkers , 2007, SPIN.

[27]  Rene Meis,et al.  A Separation Logic Framework for Imperative HOL , 2012, Arch. Formal Proofs.

[28]  Peter Lammich,et al.  Collections Framework , 2009, Arch. Formal Proofs.

[29]  Ralph-Johan Back,et al.  Refinement Calculus: A Systematic Introduction , 1998 .

[30]  Peter Lammich,et al.  Applying Data Refinement for Monadic Programs to Hopcroft's Algorithm , 2012, ITP.

[31]  Arthur Charguéraud Higher-order representation predicates in separation logic , 2016, CPP.

[32]  René Neumann,et al.  A Framework for Verifying Depth-First Search Algorithms , 2015, Arch. Formal Proofs.

[33]  Peter Lammich,et al.  Verified Efficient Implementation of Gabow's Strongly Connected Component Algorithm , 2014, ITP.

[34]  Peter Lammich,et al.  Formalizing the Edmonds-Karp Algorithm , 2016, ITP.

[35]  Tobias Nipkow,et al.  A Fully Verified Executable LTL Model Checker , 2013, CAV.