Conference on Advanced Information Systems Engineering, 2006
We describe the formal models of two standards related to airport security: one at the internatio... more We describe the formal models of two standards related to airport security: one at the international level and the other at the European level. These models are expressed using the Focal environment, which is an object-oriented specication and proof system. We show how Focal is appropriate for building a clean hierarchical specication for our case study using, in particular, object-oriented features to rene the international level into the European level and parameterization to modularize the development.
egalement g en er ee en Focalize. ABSTRACT. We propose a method of generation of functional code ... more egalement g en er ee en Focalize. ABSTRACT. We propose a method of generation of functional code from inductive specications in the framework of the Focalize environment. This method consists of
We propose a new tactic language for the system goq, which is intended to enrich the current tact... more We propose a new tactic language for the system goq, which is intended to enrich the current tactic combinators (tacticals). This language is based on a functional core with recursors and matching operators for goq terms but also for proof contexts. It can be used directly in proof scripts or in toplevel denitions (tactic denitions). We show that the implementation of this language involves considerable changes in the interpretation of proof scripts, essentially due to the matching operators. We give some examples which solve small proof parts locally and some others which deal with non-trivial problems. Finally, we discuss the status of this meta-language with respect to the goq language and the implementation language of goq.
2008 2nd IFIP/IEEE International Symposium on Theoretical Aspects of Software Engineering, 2008
We propose an automatic transformation of Focal specifications to UML class diagrams. The main mo... more We propose an automatic transformation of Focal specifications to UML class diagrams. The main motivation for this work lies within the framework of the EDEMOI project, which aims to integrate and apply several requirements engineering and formal methods techniques to analyze regulations in the domain of airport security. The idea is to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities. The transformation is formally described and an implementation has been designed. We also provide a concrete example coming from the EDEMOI project.
This paper describes the Integrated Development Environ- ment Focal together with a brief proof o... more This paper describes the Integrated Development Environ- ment Focal together with a brief proof of usability on the formal devel- opment of access control policies. Focal is an IDE providing powerful functional and object-oriented features that allow to formally express specification and to go step by step (in an incremental approach) to design and implement while proving that the implementation meets its specification or design requirements. These features are particularly well- suited to develop libraries for secure applications.
In this article, we present the use of the Coq proof assistant with DESS (Master thesis) students... more In this article, we present the use of the Coq proof assistant with DESS (Master thesis) students. First, in the framework of a course of programming language semantics, Coq greatly helps the students to understand formal and abstract notions, such as induction, by binding them to more concrete terms. Next, a computer science project shows that Coq is also appropriate when dealing with larger problems. Last, we show how proofs developed by means of the Focal toolbox made it possible to get very valuable hints on the development of that system.
We propose a method to extract purely functional contents from logical inductive types in the con... more We propose a method to extract purely functional contents from logical inductive types in the context of the Calculus of Inductive Constructions. This method is based on a mode consistency analysis, which verifies if a computation is possible w.r.t. the selected inputs/outputs, and the code generation itself. We prove that this extraction is sound w.r.t. the Calculus of Inductive Constructions.
Second International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (isola 2006), 2006
We present the validation of regulations intended to ensure airport security in the framework of ... more We present the validation of regulations intended to ensure airport security in the framework of civil aviation. In particular, we describe the proofs of correctness/completeness for two standards, one at the international level and the other at the European level, and we show how the properties of the European level refines those of the international level. These models are expressed using the Focal environment, an objectoriented specification and proof system, and the proofs described by means of a declarative-like language are processed by the automated theorem prover Zenon. We show how Zenon appears quite appropriate when dealing with abstract specifications like our case study, but also how it should be controlled to present readable proofs.
We present the formalization of regulations intended to ensure airport security in the framework ... more We present the formalization of regulations intended to ensure airport security in the framework of civil aviation. In particular, we describe the formal models of two standards, one at the international level and the other at the European level. These models are expressed using the Focal environment, which is an object-oriented specification and proof system. In addition, we show that these models are correct and complete thanks to the Zenon automated theorem prover, which is the dedicated reasoning support of Focal. Finally, we propose an automatic transformation of Focal specifications to UML class diagrams, in order to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities.
Proceedings of the 1st Workshop on Modules and Libraries for Proof Assistants - MLPA '09, 2009
We introduce the Focal environment, which is an integrated development environment, offering func... more We introduce the Focal environment, which is an integrated development environment, offering functional and objectoriented features, and designed to build certified components using theorem proving. In Focal, inheritance provides a suitable notion of refinement, allowing us to go step by step (in an incremental approach) from abstract specifications to concrete implementations while proving that these implementations meet their specifications or design requirements. In addition, inheritance and parameterization offer a high level of reusability. To highlight these features, we present a survey of Focal, with a complete example of formalization in support. Finally, Focal is equipped with a compiler producing OCaml code for execution and Coq code for certification, and we also propose a compilation scheme based on modules, which is supposed to be an alternative to the current scheme using records and aims to provide a higher level view of compiled specifications supplying in particular traceability. This compilation scheme is not only described through an example, but also formally.
Innovations in Systems and Software Engineering, 2008
We propose an automatic transformation of Focal specifications to UML class diagrams. The main mo... more We propose an automatic transformation of Focal specifications to UML class diagrams. The main motivation for this work lies within the framework of the EDEMOI project, which aims to integrate and apply several requirements engineering and formal methods techniques to analyze airport security regulations. The idea is to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities. The transformation is formally described and an implementation has been designed. We also show how the soundness of our approach can be achieved.
We present Zenon, an automated theorem prover for first order classical logic (with equality), ba... more We present Zenon, an automated theorem prover for first order classical logic (with equality), based on the tableau method. Zenon is intended to be the dedicated prover of the Focal environment, an objectoriented algebraic specification and proof system, which is able to produce OCaml code for execution and Coq code for certification. Zenon can directly generate Coq proofs (proof scripts or proof terms), which can be reinserted in the Coq specifications produced by Focal. Zenon can also be extended, which makes specific (and possibly local) automation possible in Focal.
We present the proof of Diophantus' 20th problem (book VI of Diophantus' Arithmetica), wh... more We present the proof of Diophantus' 20th problem (book VI of Diophantus' Arithmetica), which consists in wondering if there exist right triangles whose sides may be measured as integers and whose sur- face may be a square. This problem was negatively solved by Fermat in the 17th century, who used the wonderful method (ipse dixit Fermat) of infinite descent. This
We present the proof of Diophantus' 20th problem (book VI of Diophantus' Arithmetica), wh... more We present the proof of Diophantus' 20th problem (book VI of Diophantus' Arithmetica), which consists in wondering if there exist right triangles whose sides may be measured as integers and whose surface may be a square. This problem was negatively solved by Fermat in the 17th century, who used the "wonderful" method (ipse dixit Fermat) of infinite descent. This method,
We propose a formal and mechanized framework which consists in verifying proof rules of the B met... more We propose a formal and mechanized framework which consists in verifying proof rules of the B method, which cannot be automatically proved by the elementary prover of Atelier B and using an external automated theorem prover called Zenon. This framework contains in particular a set of tools, named BCARe and developed by Siemens SAS I MO, which relies on a deep embedding of the B theory within the logic of the Coq proof assistant and allows us to automatically generate the required properties to be checked for a given proof rule. Currently, this tool chain is able to automatically verify a part of the derived rules of the B-Book, as well as some added rules coming from Atelier B and the rule database maintained by Siemens SAS I MO.
Coq en utilisant la théorie des corps commutatifs. L'idée de l'algorithme consiste à se débarrass... more Coq en utilisant la théorie des corps commutatifs. L'idée de l'algorithme consiste à se débarrasser des inverses an de pouvoir se brancher sur la procédure de décision déjà existante sur les anneaux abéliens (Ring). L'élimination des inverses se fait de manière complètement réexive et la réexion est réalisée au moyen d'un nouveau langage de tactiques intégré au système Coq (version V7).
We describe an interface between the Coq proof assistant and the Maple symbolic computation syste... more We describe an interface between the Coq proof assistant and the Maple symbolic computation system, which mainly consists in importing, in Coq, Maple computations regarding algebraic expressions over fields. These can either be pure computations, which do not require any validation, or computations used during proofs, which must be proved (to be correct) within Coq. These correctness proofs are completed automatically thanks to the tactic Field, which deals with equalities over fields. This tactic, which may generate side conditions (regarding the denominators) that must be proved by the user, has been implemented in a reflexive way, which ensures both efficiency and certification. The implementation of this interface is quite light and can be very easily extended to get other Maple functions (in addition to the four functions we have imported and used in the examples given here).
Electronic Notes in Theoretical Computer Science, 2006
We propose a decision procedure for algebraically closed fields based on a quantifier elimination... more We propose a decision procedure for algebraically closed fields based on a quantifier elimination method. The procedure is intended to build proofs for systems of polynomial equations and inequations. We describe how this procedure can be carried out in a proof assistant using a Computer Algebra system in a purely skeptical way. We present an implementation in the particular framework of Coq and Maple giving some details regarding the interface between the two tools. This allows us to show that a Computer Algebra system can be used not only to bring additional computational power to a proof assistant but also to enhance the automation of such tools.
Conference on Advanced Information Systems Engineering, 2006
We describe the formal models of two standards related to airport security: one at the internatio... more We describe the formal models of two standards related to airport security: one at the international level and the other at the European level. These models are expressed using the Focal environment, which is an object-oriented specication and proof system. We show how Focal is appropriate for building a clean hierarchical specication for our case study using, in particular, object-oriented features to rene the international level into the European level and parameterization to modularize the development.
egalement g en er ee en Focalize. ABSTRACT. We propose a method of generation of functional code ... more egalement g en er ee en Focalize. ABSTRACT. We propose a method of generation of functional code from inductive specications in the framework of the Focalize environment. This method consists of
We propose a new tactic language for the system goq, which is intended to enrich the current tact... more We propose a new tactic language for the system goq, which is intended to enrich the current tactic combinators (tacticals). This language is based on a functional core with recursors and matching operators for goq terms but also for proof contexts. It can be used directly in proof scripts or in toplevel denitions (tactic denitions). We show that the implementation of this language involves considerable changes in the interpretation of proof scripts, essentially due to the matching operators. We give some examples which solve small proof parts locally and some others which deal with non-trivial problems. Finally, we discuss the status of this meta-language with respect to the goq language and the implementation language of goq.
2008 2nd IFIP/IEEE International Symposium on Theoretical Aspects of Software Engineering, 2008
We propose an automatic transformation of Focal specifications to UML class diagrams. The main mo... more We propose an automatic transformation of Focal specifications to UML class diagrams. The main motivation for this work lies within the framework of the EDEMOI project, which aims to integrate and apply several requirements engineering and formal methods techniques to analyze regulations in the domain of airport security. The idea is to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities. The transformation is formally described and an implementation has been designed. We also provide a concrete example coming from the EDEMOI project.
This paper describes the Integrated Development Environ- ment Focal together with a brief proof o... more This paper describes the Integrated Development Environ- ment Focal together with a brief proof of usability on the formal devel- opment of access control policies. Focal is an IDE providing powerful functional and object-oriented features that allow to formally express specification and to go step by step (in an incremental approach) to design and implement while proving that the implementation meets its specification or design requirements. These features are particularly well- suited to develop libraries for secure applications.
In this article, we present the use of the Coq proof assistant with DESS (Master thesis) students... more In this article, we present the use of the Coq proof assistant with DESS (Master thesis) students. First, in the framework of a course of programming language semantics, Coq greatly helps the students to understand formal and abstract notions, such as induction, by binding them to more concrete terms. Next, a computer science project shows that Coq is also appropriate when dealing with larger problems. Last, we show how proofs developed by means of the Focal toolbox made it possible to get very valuable hints on the development of that system.
We propose a method to extract purely functional contents from logical inductive types in the con... more We propose a method to extract purely functional contents from logical inductive types in the context of the Calculus of Inductive Constructions. This method is based on a mode consistency analysis, which verifies if a computation is possible w.r.t. the selected inputs/outputs, and the code generation itself. We prove that this extraction is sound w.r.t. the Calculus of Inductive Constructions.
Second International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (isola 2006), 2006
We present the validation of regulations intended to ensure airport security in the framework of ... more We present the validation of regulations intended to ensure airport security in the framework of civil aviation. In particular, we describe the proofs of correctness/completeness for two standards, one at the international level and the other at the European level, and we show how the properties of the European level refines those of the international level. These models are expressed using the Focal environment, an objectoriented specification and proof system, and the proofs described by means of a declarative-like language are processed by the automated theorem prover Zenon. We show how Zenon appears quite appropriate when dealing with abstract specifications like our case study, but also how it should be controlled to present readable proofs.
We present the formalization of regulations intended to ensure airport security in the framework ... more We present the formalization of regulations intended to ensure airport security in the framework of civil aviation. In particular, we describe the formal models of two standards, one at the international level and the other at the European level. These models are expressed using the Focal environment, which is an object-oriented specification and proof system. In addition, we show that these models are correct and complete thanks to the Zenon automated theorem prover, which is the dedicated reasoning support of Focal. Finally, we propose an automatic transformation of Focal specifications to UML class diagrams, in order to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities.
Proceedings of the 1st Workshop on Modules and Libraries for Proof Assistants - MLPA '09, 2009
We introduce the Focal environment, which is an integrated development environment, offering func... more We introduce the Focal environment, which is an integrated development environment, offering functional and objectoriented features, and designed to build certified components using theorem proving. In Focal, inheritance provides a suitable notion of refinement, allowing us to go step by step (in an incremental approach) from abstract specifications to concrete implementations while proving that these implementations meet their specifications or design requirements. In addition, inheritance and parameterization offer a high level of reusability. To highlight these features, we present a survey of Focal, with a complete example of formalization in support. Finally, Focal is equipped with a compiler producing OCaml code for execution and Coq code for certification, and we also propose a compilation scheme based on modules, which is supposed to be an alternative to the current scheme using records and aims to provide a higher level view of compiled specifications supplying in particular traceability. This compilation scheme is not only described through an example, but also formally.
Innovations in Systems and Software Engineering, 2008
We propose an automatic transformation of Focal specifications to UML class diagrams. The main mo... more We propose an automatic transformation of Focal specifications to UML class diagrams. The main motivation for this work lies within the framework of the EDEMOI project, which aims to integrate and apply several requirements engineering and formal methods techniques to analyze airport security regulations. The idea is to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities. The transformation is formally described and an implementation has been designed. We also show how the soundness of our approach can be achieved.
We present Zenon, an automated theorem prover for first order classical logic (with equality), ba... more We present Zenon, an automated theorem prover for first order classical logic (with equality), based on the tableau method. Zenon is intended to be the dedicated prover of the Focal environment, an objectoriented algebraic specification and proof system, which is able to produce OCaml code for execution and Coq code for certification. Zenon can directly generate Coq proofs (proof scripts or proof terms), which can be reinserted in the Coq specifications produced by Focal. Zenon can also be extended, which makes specific (and possibly local) automation possible in Focal.
We present the proof of Diophantus' 20th problem (book VI of Diophantus' Arithmetica), wh... more We present the proof of Diophantus' 20th problem (book VI of Diophantus' Arithmetica), which consists in wondering if there exist right triangles whose sides may be measured as integers and whose sur- face may be a square. This problem was negatively solved by Fermat in the 17th century, who used the wonderful method (ipse dixit Fermat) of infinite descent. This
We present the proof of Diophantus' 20th problem (book VI of Diophantus' Arithmetica), wh... more We present the proof of Diophantus' 20th problem (book VI of Diophantus' Arithmetica), which consists in wondering if there exist right triangles whose sides may be measured as integers and whose surface may be a square. This problem was negatively solved by Fermat in the 17th century, who used the "wonderful" method (ipse dixit Fermat) of infinite descent. This method,
We propose a formal and mechanized framework which consists in verifying proof rules of the B met... more We propose a formal and mechanized framework which consists in verifying proof rules of the B method, which cannot be automatically proved by the elementary prover of Atelier B and using an external automated theorem prover called Zenon. This framework contains in particular a set of tools, named BCARe and developed by Siemens SAS I MO, which relies on a deep embedding of the B theory within the logic of the Coq proof assistant and allows us to automatically generate the required properties to be checked for a given proof rule. Currently, this tool chain is able to automatically verify a part of the derived rules of the B-Book, as well as some added rules coming from Atelier B and the rule database maintained by Siemens SAS I MO.
Coq en utilisant la théorie des corps commutatifs. L'idée de l'algorithme consiste à se débarrass... more Coq en utilisant la théorie des corps commutatifs. L'idée de l'algorithme consiste à se débarrasser des inverses an de pouvoir se brancher sur la procédure de décision déjà existante sur les anneaux abéliens (Ring). L'élimination des inverses se fait de manière complètement réexive et la réexion est réalisée au moyen d'un nouveau langage de tactiques intégré au système Coq (version V7).
We describe an interface between the Coq proof assistant and the Maple symbolic computation syste... more We describe an interface between the Coq proof assistant and the Maple symbolic computation system, which mainly consists in importing, in Coq, Maple computations regarding algebraic expressions over fields. These can either be pure computations, which do not require any validation, or computations used during proofs, which must be proved (to be correct) within Coq. These correctness proofs are completed automatically thanks to the tactic Field, which deals with equalities over fields. This tactic, which may generate side conditions (regarding the denominators) that must be proved by the user, has been implemented in a reflexive way, which ensures both efficiency and certification. The implementation of this interface is quite light and can be very easily extended to get other Maple functions (in addition to the four functions we have imported and used in the examples given here).
Electronic Notes in Theoretical Computer Science, 2006
We propose a decision procedure for algebraically closed fields based on a quantifier elimination... more We propose a decision procedure for algebraically closed fields based on a quantifier elimination method. The procedure is intended to build proofs for systems of polynomial equations and inequations. We describe how this procedure can be carried out in a proof assistant using a Computer Algebra system in a purely skeptical way. We present an implementation in the particular framework of Coq and Maple giving some details regarding the interface between the two tools. This allows us to show that a Computer Algebra system can be used not only to bring additional computational power to a proof assistant but also to enhance the automation of such tools.
Uploads
Papers by David Delahaye