SAT-based finite model generation for higher-order logic

This thesis presents two extensions to the theorem prover Isabelle/HOL, a logical framework based on higher-order logic. The main contribution is a model generator for higher-order logic that proceeds by translating the input formula to propositional logic, so that a standard SAT solver can be employed for the actual model search. The translation is proved correct. The model generator has been integrated with the Isabelle system, extended to support some of the definitional mechanisms provided by Isabelle/HOL, and applied to various case studies. Moreover, SAT solvers have been integrated with Isabelle in a proof-producing fashion: propositional tautologies can be proved by a SAT solver, and the resolution proof found by the solver is verified by Isabelle. An adequate representation of the problem allows to verify proofs with millions of resolution steps.

[1]  Annabelle McIver,et al.  Abstraction, Refinement and Proof for Probabilistic Systems , 2004, Monographs in Computer Science.

[2]  Tjark Weber,et al.  Using a SAT Solver as a Fast Decision Procedure for Propositional Logic in an LCF-style Theorem Prover? , 2005 .

[3]  Stephan Merz,et al.  Expressiveness + Automation + Soundness: Towards Combining SMT Solvers and Interactive Proof Assistants , 2006, TACAS.

[4]  John Harrison,et al.  Binary Decision Diagrams as a HOL Derived Rule , 1994, Comput. J..

[5]  Laurent Simon,et al.  Preface to the Special Volume on the SAT 2005 Competitions and Evaluations , 2006, J. Satisf. Boolean Model. Comput..

[6]  Karsten Konrad,et al.  Model Generation for Natural Language Interpretation and Analysis , 2004, Lecture Notes in Computer Science.

[7]  Edward D. Kim,et al.  Jahresbericht der deutschen Mathematiker-Vereinigung , 1902 .

[8]  Volker Sorge,et al.  Applying SAT Solving in Classification of Finite Algebras , 2005, Journal of Automated Reasoning.

[9]  Hans de Nivelle,et al.  Geometric Resolution: A Proof Procedure Based on Finite Model Search , 2006, IJCAR.

[10]  Hasan Amjad Shallow Lazy Proofs , 2005, TPHOLs.

[11]  Stefan Berghofer,et al.  Inductive Datatypes in HOL - Lessons Learned in Formal-Logic Engineering , 1999, TPHOLs.

[12]  Hantao Zhang,et al.  SEM: a System for Enumerating Models , 1995, IJCAI.

[13]  John K. Slaney,et al.  Combining Finite Model Generation with Theorem Proving: Problems and Prospects , 1996, FroCoS.

[14]  Carsten Schürmann,et al.  Disproving False Conjectures , 2003, LPAR.

[15]  C. Chree The times of , 1925 .

[16]  Franz Regensburger,et al.  HOLCF: Higher Order Logic of Computable Functions , 1995, TPHOLs.

[17]  Timothy J. Surendonk,et al.  Combining Finite Model Generation with Theorem Proving , 1996 .

[18]  Sergey Berezin,et al.  A proof-producing boolean search engine , 2003 .

[19]  Warren A. Hunt,et al.  A SAT-Based Decision Procedure for the Subclass of Unrollable List Formulas in ACL2 (SULFA) , 2006, IJCAR.

[20]  T. Yato,et al.  Complexity and Completeness of Finding Another Solution and Its Application to Puzzles , 2003, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[21]  Jaime G. Carbonell,et al.  Automated Deduction — CADE-16 , 2002, Lecture Notes in Computer Science.

[22]  Daniel Jackson,et al.  Automating first-order relational logic , 2000, SIGSOFT '00/FSE-8.

[23]  C. M. Sperberg-McQueen,et al.  Extensible Markup Language (XML) , 1997, World Wide Web J..

[24]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[25]  Sarfraz Khurshid,et al.  TestEra: Specification-Based Testing of Java Programs Using SAT , 2004, Automated Software Engineering.

[26]  Lawrence C. Paulson,et al.  Inductive analysis of the Internet protocol TLS , 1999, TSEC.

[27]  Tobias Nipkow,et al.  Verifying and Reflecting Quantifier Elimination for Presburger Arithmetic , 2005, LPAR.

[28]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .

[29]  Achim D. Brucker,et al.  Interactive Testing with HOL-TestGen , 2005, FATES.

[30]  Larry Wall,et al.  Programming Perl , 1991 .

[31]  Kim G. Larsen,et al.  A Tutorial on Uppaal , 2004, SFM.

[32]  Stephen A. Cook,et al.  The complexity of theorem-proving procedures , 1971, STOC.

[33]  N. J. A. Sloane,et al.  The On-Line Encyclopedia of Integer Sequences , 2003, Electron. J. Comb..

[34]  Hasan Amjad,et al.  Efficiently checking propositional refutations in HOL theorem provers , 2009, J. Appl. Log..

[35]  Thomas Scanlon,et al.  First-order Model Theory , 2001 .

[36]  Robert Sedgewick,et al.  Algorithms in C - parts 1-4: fundamentals, data structures, sorting, searching (3. ed.) , 1997 .

[37]  de Ng Dick Bruijn,et al.  Lambda calculus notation with nameless dummies, a tool for automatic formula manipulation, with application to the Church-Rosser theorem , 1972 .

[38]  C. Carathéodory Über den variabilitätsbereich der fourier’schen konstanten von positiven harmonischen funktionen , 1911 .

[39]  Luca Viganò,et al.  A Modular Presentation of Modal Logics in a Logical Framework , 1998 .

[40]  Tobias Nipkow,et al.  Structured Proofs in Isar/HOL , 2002, TYPES.

[41]  Thomas Stützle,et al.  SATLIB: An Online Resource for Research on SAT , 2000 .

[42]  Sharad Malik,et al.  Validating SAT solvers using an independent resolution-based checker: practical implementations and other applications , 2003, 2003 Design, Automation and Test in Europe Conference and Exhibition.

[43]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[44]  K. Claessen,et al.  New Techniques that Improve MACE-style Finite Model Finding , 2007 .

[45]  Joe Hurd Integrating Gandalf and HOL , 1999, TPHOLs.

[46]  Thomas A. Henzinger,et al.  Concurrent omega-regular games , 2000, Proceedings Fifteenth Annual IEEE Symposium on Logic in Computer Science (Cat. No.99CB36332).

[47]  Matthew W. Moskewicz,et al.  Cha : Engineering an e cient SAT solver , 2001, DAC 2001.

[48]  FreiburgAm Flughafen Combining Ws1s and Hol , 1998 .

[49]  Chen C. Chang,et al.  Model Theory: Third Edition (Dover Books On Mathematics) By C.C. Chang;H. Jerome Keisler;Mathematics , 1966 .

[50]  Tobias Nipkow,et al.  Order-sorted polymorphism in Isabelle , 1993 .

[51]  M.J.C. Gordon,et al.  The HOL Logic and System , 1994 .

[52]  Eugene Goldberg,et al.  BerkMin: A Fast and Robust Sat-Solver , 2002, Discret. Appl. Math..

[53]  Michael J. C. Gordon,et al.  Set Theory, Higher Order Logic or Both? , 1996, TPHOLs.

[54]  Gerard J. Holzmann,et al.  The SPIN Model Checker , 2003 .

[55]  Simon Colton,et al.  The TM System for Repairing Non-Theorems , 2005, D/PDPAR@IJCAR.

[56]  Lawrence C. Paulson,et al.  Set theory for verification. II: Induction and recursion , 1995, Journal of Automated Reasoning.

[57]  Ralph Matthes,et al.  Iteration and coiteration schemes for higher-order and nested datatypes , 2005, Theor. Comput. Sci..

[58]  Wolfgang Naraschewski,et al.  Object-Oriented Verification Based on Record Subtyping in Higher-Order Logic , 1998, TPHOLs.

[59]  Lawrence C. Paulson,et al.  A Generic Tableau Prover and its Integration with Isabelle , 1999, J. Univers. Comput. Sci..

[60]  Dexter Kozen,et al.  On Kleene Algebras and Closed Semirings , 1990, MFCS.

[61]  Gerard J. Holzmann,et al.  The SPIN Model Checker - primer and reference manual , 2003 .

[62]  Piergiorgio Bertoli,et al.  A SAT Based Approach for Solving Formulas over Boolean and Linear Mathematical Propositions , 2002, CADE.

[63]  Bertram Felgenhauer,et al.  Enumerating possible Sudoku grids , 2005 .

[64]  G. S. Tseitin On the Complexity of Derivation in Propositional Calculus , 1983 .

[65]  Lawrence Charles Paulson,et al.  Isabelle/HOL: A Proof Assistant for Higher-Order Logic , 2002 .

[66]  Emina Torlak,et al.  Kodkod: A Relational Model Finder , 2007, TACAS.

[67]  E. Steinitz Bedingt konvergente Reihen und konvexe Systeme. , 1913 .

[68]  Clemens Ballarin Locales and Locale Expressions in Isabelle/Isar , 2003, TYPES.

[69]  Daniel Jackson,et al.  Alloy: a lightweight object modelling notation , 2002, TSEM.

[70]  A. Tarski A LATTICE-THEORETICAL FIXPOINT THEOREM AND ITS APPLICATIONS , 1955 .

[71]  Clemens Ballarin,et al.  Interpretation of Locales in Isabelle: Theories and Proof Contexts , 2006, MKM.

[72]  Franz Regensburger,et al.  HOLCF: eine konservative Erweiterung von HOL um LCF , 1994 .

[73]  Koen Claessen,et al.  QuickCheck: a lightweight tool for random testing of Haskell programs , 2000, ICFP.

[74]  Dexter Kozen,et al.  Kleene Algebra with Tests and Commutativity Conditions , 1996, TACAS.

[75]  Annabelle McIver,et al.  Towards Automated Proof Support for Probabilistic Distributed Systems , 2005, LPAR.

[76]  Alonzo Church,et al.  A note on the Entscheidungsproblem , 1936, Journal of Symbolic Logic.

[77]  Tjark Weber Efficiently Checking Propositional Resolution Proofs in Isabelle / HOL , 2006 .

[78]  Armin Haken,et al.  The Intractability of Resolution , 1985, Theor. Comput. Sci..

[79]  Sten Agerholm,et al.  Experiments with ZF Set Theory in HOL and Isabelle , 1995, TPHOLs.

[80]  Steven K. Winker Generation and Verification of Finite Models and Counterexamples Using an Automated Theorem Prover Answering Two Open Questions , 1982, JACM.

[81]  Amir Pnueli,et al.  The small model property: how small can it be? , 2002 .

[82]  Stephan Merz,et al.  Practical Proof Reconstruction for First-order Logic and Set-Theoretical Constructions , 2006 .

[83]  J. Storer Induction and Recursion , 2002 .

[84]  A. Mostowski Review: B. A. Trahtenbrot, Impossibility of an Algorithm for the Decision Problem in Finite Classes , 1950, Journal of Symbolic Logic.

[85]  Adi Shamir,et al.  On Digital Signatures and Public-Key Cryptosystems. , 1977 .

[86]  Geoff Sutcliffe,et al.  The TPTP Problem Library , 1994, Journal of Automated Reasoning.

[87]  Lawrence C. Paulson,et al.  Set theory for verification: I. From foundations to functions , 1993, Journal of Automated Reasoning.

[88]  Joe Hurd An LCF-Style Interface between HOL and First-Order Logic , 2002, CADE.

[89]  Lawrence Charles Paulson,et al.  Isabelle: A Generic Theorem Prover , 1994 .

[90]  William McCune,et al.  OTTER 3.3 Reference Manual , 2003, ArXiv.

[91]  Lawrence C. Paulson,et al.  Translating higher-order problems to first-order clauses , 2006 .

[92]  Hasan Amjad Compressing Propositional Refutations , 2007, Electron. Notes Theor. Comput. Sci..

[93]  Steven Obua,et al.  Checking Conservativity of Overloaded Definitions in Higher-Order Logic , 2006, RTA.

[94]  Anna Philippou,et al.  Tools and Algorithms for the Construction and Analysis of Systems , 2018, Lecture Notes in Computer Science.

[95]  Alan Bundy,et al.  Finding Counterexamples to Inductive Conjectures and Discovering Security Protocol Attacks , 2002 .

[96]  Tobias Nipkow,et al.  The Isabelle Reference Manual , 2007 .

[97]  Kai Wirt,et al.  SHA1, RSA, PSS and more , 2005, Arch. Formal Proofs.

[98]  Annabelle McIver,et al.  Abstraction, Refinement And Proof For Probabilistic Systems (Monographs in Computer Science) , 2004 .

[99]  Amine Chaieb,et al.  Automated methods for formal proofs in simple arithmetics and algebra (Automatische Methoden für formale Beweise in einfachen Arithmetiken und Algebren) , 2008 .

[100]  Christoph Weidenbach,et al.  System Description: SpassVersion 3.0 , 2007, CADE.

[101]  Graham Wrightson,et al.  Automation of reasoning--classical papers on computational logic , 2012 .

[102]  Natarajan Shankar Automated verification using deduction, exploration, and abstraction , 2003 .

[103]  Sergey Berezin,et al.  CVC Lite: A New Implementation of the Cooperating Validity Checker Category B , 2004, CAV.

[104]  Markus Wenzel,et al.  Isabelle, Isar - a versatile environment for human readable formal proof documents , 2002 .

[105]  Sten Agerholm,et al.  Formalising a model of the λ-calculus in HOL-ST , 1994 .

[106]  D E Knuth,et al.  Mathematics and Computer Science: Coping with Finiteness , 1976, Science.

[107]  William McCune,et al.  OTTER 3.0 Reference Manual and Guide , 1994 .

[108]  Lawrence C. Paulson,et al.  A Fixedpoint Approach to Implementing (Co)Inductive Definitions , 1994, CADE.

[109]  Laurent Henocque,et al.  Finite Model Search for Equational Theories (FMSET) , 1998, AISC.

[110]  Andrew W. Appel,et al.  Standard ML of New Jersey , 1991, PLILP.

[111]  Marta Cialdea Mayer,et al.  Using Linear Temporal Logic to Model and Solve Planning Problems , 1998, AIMSA.

[112]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[113]  Tobias Nipkow,et al.  HOLCF = HOL + LCF , 1999, Journal of Functional Programming.

[114]  Ofer Strichman On Solving Presburger and Linear Arithmetic with SAT , 2002, FMCAD.

[115]  Achim D. Brucker,et al.  Symbolic Test Case Generation for Primitive Recursive Functions , 2004, FATES.

[116]  Anbu Anbulagan,et al.  Multiple preprocessing for systematic SAT solvers , 2006 .

[117]  Steven Obua Partizan Games in Isabelle/HOLZF , 2006, ICTAC.

[118]  Roberto Segala,et al.  Modeling and verification of randomized distributed real-time systems , 1996 .

[119]  Yves Bertot,et al.  Theorem Proving in Higher Order Logics: 12th International Conference, TPHOLs'99, Nice, France, September 14-17, 1999, Proceedings , 1999 .

[120]  Daniel Sheridan,et al.  The Optimality of a Fast CNF Conversion and its Use with SAT , 2004, SAT.

[121]  Sharad Malik,et al.  Chaff: engineering an efficient SAT solver , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[122]  Jia Meng Integration of Interactive and Automatic Provers , 2003 .

[123]  Jan Jürjens,et al.  Security Analysis of Crypto-based Java Programs using Automated Theorem Provers , 2006, 21st IEEE/ACM International Conference on Automated Software Engineering (ASE'06).

[124]  Reiner Hähnle,et al.  Tableaux and Related Methods , 2001, Handbook of Automated Reasoning.

[125]  Tobias Nipkow,et al.  Random testing in Isabelle/HOL , 2004, Proceedings of the Second International Conference on Software Engineering and Formal Methods, 2004. SEFM 2004..

[126]  W. McCune A Davis-Putnam program and its application to finite-order model search: Quasigroup existence problems , 1994 .

[127]  Stefan Klingenbeck Counter examples in semantic tableaux , 1997, DISKI.

[128]  Sharad Malik,et al.  The Quest for Efficient Boolean Satisfiability Solvers , 2002, CAV.

[129]  Jan Jürjens Sound methods and effective tools for model-based security engineering with UML , 2005, ICSE.

[130]  Michael J. C. Gordon,et al.  From LCF to HOL: a short history , 2000, Proof, Language, and Interaction.

[131]  M. F.,et al.  Bibliography , 1985, Experimental Gerontology.

[132]  Nils Klarlund,et al.  MONA Version 1.4 - User Manual , 2001 .

[133]  Melvin Fitting,et al.  Kleene's Three Valued Logics and Their Children , 1994, Fundam. Informaticae.

[134]  Donald W. Loveland,et al.  A machine program for theorem-proving , 2011, CACM.

[135]  Robin Milner,et al.  A Calculus of Communicating Systems , 1980, Lecture Notes in Computer Science.

[136]  Carroll Morgan,et al.  Programming from specifications , 1990, Prentice Hall International Series in computer science.

[137]  William McCune,et al.  Mace4 Reference Manual and Guide , 2003, ArXiv.

[138]  Kamel Barkaoui,et al.  Theoretical Aspects of Computing - ICTAC 2006, Third International Colloquium, Tunis, Tunisia, November 20-24, 2006, Proceedings , 2006, ICTAC.

[139]  J. A. Robinson,et al.  A Machine-Oriented Logic Based on the Resolution Principle , 1965, JACM.

[140]  Alonzo Church,et al.  A formulation of the simple theory of types , 1940, Journal of Symbolic Logic.

[141]  P. Bernays,et al.  Zum Entscheidungsproblem der mathematischen Logik , 1928 .

[142]  Peter B. Andrews An introduction to mathematical logic and type theory - to truth through proof , 1986, Computer science and applied mathematics.

[143]  John Harrison,et al.  Stålmarck's Algorithm as a HOL Derived Rule , 1996, TPHOLs.

[144]  Andreas Meier System description : TRAMP transformation of machine-found proofs into natural deduction proofs at the assertion level , 2000 .

[145]  John K. Slaney,et al.  FINDER: Finite Domain Enumerator - System Description , 1994, CADE.

[146]  Alexandr Andoni,et al.  Evaluating the “ Small Scope Hypothesis ” , 2002 .

[147]  F. Stephan,et al.  Set theory , 2018, Mathematical Statistics with Applications in R.

[148]  Carroll Morgan,et al.  The specification statement , 1988, TOPL.

[149]  Armin Biere,et al.  Effective Preprocessing in SAT Through Variable and Clause Elimination , 2005, SAT.

[150]  Tobias Nipkow Linear Quantifier Elimination , 2008, IJCAR.

[151]  Lawrence C. Paulson,et al.  Experiments on Supporting Interactive Proof Using Resolution , 2004, IJCAR.

[152]  Ernie Cohen,et al.  Separation and Reduction , 2000, MPC.

[153]  Annabelle McIver,et al.  Probabilistic predicate transformers , 1996, TOPL.

[154]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[155]  Tobias Nipkow,et al.  Proof Terms for Simply Typed Higher Order Logic , 2000, TPHOLs.

[156]  Tjark Weber,et al.  Integrating a SAT Solver with an LCF-style Theorem Prover , 2005, PDPAR@CAV.

[157]  William McCune,et al.  MACE 2.0 Reference Manual and Guide , 2001, ArXiv.

[158]  Gihwon Kwon,et al.  Optimized CNF Encoding for Sudoku Puzzles ? , 2006 .

[159]  W. Ackermann Zum Hilbertschen Aufbau der reellen Zahlen , 1928 .

[160]  Markus Wenzel,et al.  Type Classes and Overloading in Higher-Order Logic , 1997, TPHOLs.