Rockwell Collins Typed ACL2 Records
نویسندگان
چکیده
We show a macro for introducing operations on typed records. The underlying theorems proved about these records include what is proved about records introduced using the standard ACL2 record book [2], as well as an additional theorem about the type of the elements. The standard ACL2 distribution contains a \records" book that provides an unconventional implementation of two functions: g (for \get") and s (for \set"). The implementation allows for the proof of a simple set of theorems that are useful for reasoning about records. 1. (equal (g a (s a v r)) v)) 2. (implies (not (equal a b)) (equal (g a (s b v r)) (g a r)))) 3. (equal (s a (g a r) r) r)) 4. (equal (s a y (s a x r)) (s a y r))) 5. (implies (not (equal a b)) (equal (s b y (s a x r)) (s a x (s b y r)))) These theorems have the desirable property that there are few hypotheses. In particular, nothing need be established about the record structure for these Rob Sumners rst suggested a records book with easy-to-use properties in discussions with Matt Kaufmann. Kaufmann solved the problem, as did others (including the authors) in response to his issuing a challenge to the ACL2 list. Panagiotis Manolios and Matt Kaufmann subsequently constructed a simpler version that exploits the total order added to ACL2 [2], which is the version that is distributed with ACL2.
منابع مشابه
Industrial hardware and software verification with ACL2.
The ACL2 theorem prover has seen sustained industrial use since the mid-1990s. Companies that have used ACL2 regularly include AMD, Centaur Technology, IBM, Intel, Kestrel Institute, Motorola/Freescale, Oracle and Rockwell Collins. This paper introduces ACL2 and focuses on how and why ACL2 is used in industry. ACL2 is well-suited to its industrial application to numerous software and hardware s...
متن کاملAdding a typing mechanism to ACL2
This paper summarizes an attempt to add a typing mechanism to ACL2. Types are only used to reject ill-typed functions, but it is argued that it would not be hard to modify the system to use type information for theorems as well. This requires modifying the ACL2 system code; the author argues that ACL2 could be modified to allow such experimentation without putting the soundness of the system in...
متن کاملEvaluatable, High-Assurance Microprocessors
The CAPS (Collins Adaptive Processing System) is a family of Rockwell Collins proprietary processors. In a multiyear IR&D effort, Rockwell Collins adapted and developed techniques that allow for formal code verification of the microcode running on members of this family. The motivation for this research was that CAPS microprocessors are used in some of the most safety-critical products that Roc...
متن کاملPolymorphic Types in ACL2
This paper describes a tool suite for the ACL2 programming language which incorporates certain ideas from the Hindley-Milner paradigm of functional programming (as exemplified in popular languages like ML and Haskell), including a “typed” style of programming with the ability to define polymorphic types. These ideas are introduced via macros into the language of ACL2, taking advantage of ACL2’s...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003