Acl2: an Industrial Strength Version of Nqthm
نویسندگان
چکیده
ACL2 is a reimplemented extended version of Boyer and Moore's Nqthm and Kaufmann's Pc-Nqthm, intended for large scale veriication projects. However, the logic supported by ACL2 is compatible with the applicative subset of Common Lisp. The decision to use an \industrial strength" programming language as the foundation of the mathematical logic is crucial to our advocacy of ACL2 in the application of formal methods to large systems. However, one of the key reasons Nqthm has been so successful, we believe, is its insistence that functions be total. Common Lisp functions are not total and this is one of the reasons Common Lisp is so eecient. This paper explains how we scaled up Nqthm's logic to Common Lisp, preserving the use of total functions within the logic but achieving Common Lisp execution speeds.
منابع مشابه
An Industrial Strength Theorem Prover for a Logic Based on Common Lisp
ACL2 is a re-implemented extended version of Boyer and Moore’s Nqthm and Kaufmann’s Pc-Nqthm, intended for large scale verification projects. This paper deals primarily with how we scaled up Nqthm’s logic to an “industrial strength” programming language — namely, a large applicative subset of Common Lisp — while preserving the use of total functions within the logic. This makes it possible to r...
متن کاملGeneric Theories as Proof Strategies: A Case Study for Weakest Precondition Style Proofs
This paper presents several techniques, motivated by the study of weakest preconditions, for structuring proofs about recursive functions using generic theories. The theories can be implemented on a variety of theorem provers that support introduction and instantiation of partial functions (PVS, HOL, ACL2, NQTHM). The focus here is on the Boyer-Moore (NQTHM [1,2]) and Kaufmann-Moore (ACL2 [6]) ...
متن کاملModular ACL2
In the early 1980s, Boyer and Moore decided to re-build their Nqthm theorem prover [1] for a first-order, functional subset of a standardized, industrial programming language: Common Lisp [8]. The resulting system, ACL2, was an attempt to piggy-back theorem proving on the expected success of Lisp and functional programming. Although Common Lisp didn’t succeed, ACL2 became the most widely used t...
متن کاملProving Theorems about Java and the JVM with ACL2
We describe a methodology for proving theorems mechanically about Java methods. The theorem prover used is the ACL2 system, an industrial-strength version of the Boyer-Moore theorem prover. An operational semantics for a substantial subset of the Java Virtual Machine (JVM) has been defined in ACL2. Theorems are proved about Java methods and classes by compiling them with javac and then proving ...
متن کاملSingle-Threaded Objects in ACL2
ACL2 is a rst-order applicative programming language based on Common Lisp. It is also a mathematical logic for which a mechanical theorem-prover has been implemented in the style of the Boyer-Moore theorem prover. The ACL2 system is used primarily in the modeling and veriica-tion of computer hardware and software, where the executability of the language allows models to be used as prototype des...
متن کامل