Abstract. We provide a package of strategies for automation of non-linear arithmetic in PVS. Inparticular, we describe a simplification procedure for the field of real numbers and a strategy for cancellationof common terms.Key words, non-linear arithmetic, PVS strategies, real number automationSubject classification. Computer Science1. Introduction. While conducting research on the formal safety analysis of Air Traffic Management(ATM) systems at the NASA Langley Research Center [2, 3, 6], we have found the verification system PVS[7] very well suited for specifying avionics systems. Avionics systems are hybrid systems, that is, they aredigital systems that interact with the continuous physical environment where they are deployed. These twolevels of dynamics, discrete and continuous, can be easily modeled using PVS higher-order logic. Despitethat, deductive methods, such as theorem proving, are not usually the first approach for modeling andverification of hybrid systems. Most of the literature on verification of hybrid systems concerns variationsof algorithmic methods, such as model checking, on restricted sub-classes of the general problem. This canbe explained by the fact that although theorem provers based on higher-order logic, e.g., PVS [7], Coq [1],Isabelle-HOL [8], integrate expressive specification languages with powerful theorem provers, they lack ofadequate support for continuous mathematics.The PVS system, for instance, incorporates a rich type system supporting predicate sub-typing anddependent types. It also comes with a set of decision procedures that solve problems in a broad range ofdecidable fields. Moreover, it includes in the prelude library a large collection of properties for real numbers(for example, real_props and real_axioms) that are applied automatically by the decision procedures.This is true except for non-linear ones, i.e., those involving multiplication or division of non-numeric terms.Indeed, the PVS command (GRIND :theories "real_props"), although useful in several cases, fails todischarge a simple non-linear formula such as(1.1) aa+_+ 1 - b -- 1
[1]
Munoz Cesar,et al.
Tactical conflict detection and resolution in a 3-d airspace
,
2001
.
[2]
Hugo Herbelin,et al.
The Coq proof assistant : reference manual, version 6.1
,
1997
.
[3]
Ben L. Di Vito.
A PVS Prover Strategy Package for Common Manipulations
,
2002
.
[4]
David Delahaye,et al.
Field, une procédure de décision pour les nombres réels en Coq
,
2001,
JFLA.
[5]
Cdsar,et al.
Aircraft Trajectory Modeling and Alerting Algorithm Verification
,
.
[6]
Lawrence C. Paulson,et al.
Isabelle: The Next 700 Theorem Provers
,
2000,
ArXiv.
[7]
George E. Collins,et al.
Quantifier elimination for real closed fields by cylindrical algebraic decomposition
,
1975
.
[8]
Victor Carreño,et al.
Formal Verification of Conflict Detection Algorithms
,
2001,
CHARME.
[9]
Victor Carreño,et al.
Aircraft Trajectory Modeling and Altering Algorithm Verification
,
2000,
TPHOLs.
[10]
Natarajan Shankar,et al.
PVS: A Prototype Verification System
,
1992,
CADE.
[11]
J. van Leeuwen,et al.
Theorem Proving in Higher Order Logics
,
1999,
Lecture Notes in Computer Science.
[12]
G. G. Stokes.
"J."
,
1890,
The New Yale Book of Quotations.