Sound Foundations for Effective Proofs of Programs

When considering the correctness of programs, the only absolute demonstration of quality is mathematical proof. Yet the complexity of these proofs makes them all but impossible both to construct and read, and the correctness of the proofs themselves come into question. We take an approach to the creation of these proofs based on specifying an axiomatic semantics for the programming language, and using that semantics to automatically create a Verification Condition Generator, a program that takes a general program written in the language and creates the proof of that program, modulo a set of verification conditions, to be proven by hand. This automates much of the detailed work of creating the proof. Yet even this VCG technique depends on the soundness of the axiomatic semantics, and in fact, many proposed axiomatic semantics have suffered from unsoundness. We take the difficult but secure approach of foundationally defining an operational semantics of the programming language, including concurrency, and then proving the axioms and rules of inference of the axiomatic semantics from the operational semantics as theorems. Once this is done, the correctness of the VCG function itself can be proven, so the proofs of concurrent programs as constructed by the VCG in a way that is known to be sound, modulo the truth of the verification conditions, which capture the features of the program proof that depend on the logic of the underlying data types.