Introduction

The goal of this note is to present a “modular” proof, for various type systems with η-conversion, of the completeness and correctness of an algorithm for testing the conversion of two terms. The proof of completeness is an application of the notion of logical relations (see Statman 1983, that uses also this notion for a proof of Church-Rosser for simply typed λ-calculus).

An application of our result will be the equivalence between two formulations of Type Theory, the one where conversions are judgement, like in the present version of Martin-Löf set theory, and the one where conversion is defined at the level of raw terms, like in the standard version of LF (for a “conversion-as-judgement” presentation of LF, see Harper 1988). Even if we don't include η-conversion, the equivalence between the “conversion-as-judgement” and “conversion defined on raw terms” formulation appears to be a non-trivial property.

In order to simplify the presentation we will limit ourselves to type theory with only Π, and one universe. This calculus contains LF. After some motivations, we present the algorithm, the proof of its completeness and, as a corollary, its correctness. As a corollary of our argument, we prove normalisation, Church-Rosser, and the equivalence between the two possible formulations of Type Theory.

Informal motivation

The algorithm

The idea is to compute the weak head-normal form of the two terms (in an untyped way), and, in order to take care of η-conversion, in the case where one weak-head normal form is an abstraction (λx:A)M and the other is N a variable or an application, to compare recursively apply(N,ξ) and M[ξ].

Summary

Introduction: Computational content

Informal practice

Sometimes we express computational ideas directly as when we say 2 + 2 reduces to 4 or when we specify an algorithm for solving a problem: “use Euclid's GCD (greatest common divisor) algorithm to reduce this fraction.” At other times we refer only indirectly to a method of computation, as in the following form of Euclid's proof that there are infinitely many primes:

This proof implicitly provides an algorithm to find a prime greater than n.

This book contains a collection of papers concerned with logical frameworks. Such frameworks arise in a number of ways when considering the relationship between logic and computation, and indeed the general structure of logical formalisms. In particular, in Computer Science, there is interest in the representation and organization of mathematical knowledge on the computer, and in obtaining computational assistance with its derivation. One would especially like to implement program logics and prove programs correct. Again, there is direct computational content in various logical formalisms, particularly constructive ones. Finally, such issues provoke interest in re-examining purely logical questions.

Logical frameworks arise in two distinct but related senses. First, very many logics are of interest in Computer Science, and great repetition of effort is involved in implementing each. It would therefore be helpful to create a single framework, a kind of meta-logic, which is itself implementable and in which the logics of interest can be represented. Putting the two together there results an implementation of any represented logic.

In the second sense, one chooses a particular “universal” logic which is strong enough to do all that is required, and sticks to it. For example, one might choose a set theory, and do mathematics within that. Both approaches have much in common. Even within a fixed logic there is the need for a descriptive apparatus for particular mathematical theories, notations, derived rules and so on. Providing such is rather similar to providing a framework in the first sense.

Introduction

In this paper, a method is presented for proof construction in Generalised Type Systems. An interactive system that implements the method has been developed. Generalised type systems (GTSs) provide a uniform way to describe and classify type theoretical systems, e.g. systems in the families of AUTOMATH, the Calculus of Constructions, LF. A method is presented to perform unification based top down proof construction for generalised type systems, thus offering a well-founded, elegant and powerful underlying formalism for a proof development system. It combines clause resolution with higher-order natural deduction style theorem proving. No theoretical contribution to generalised type systems is claimed.

A type theory presents a set of rules to derive types of objects in a given context with assumptions about the type of primitive objects. The objects and types are expressions in typed λ-calculus. The propositions as types paradigm provides a direct mapping between (higher-order) logic and type theory. In this interpretation, contexts correspond to theories, types correspond to propositions, and objects correspond to proofs of propositions. Type theory has successfully demonstrated its capabilities to formalise many parts of mathematics in a uniform and natural way. For many generalised type systems, like the systems in the so-called λ-cube, the typing relation is decidable. This permits automatic proof checking, and such proof checkers have been developed for specific type systems.

The problem addressed in this paper is to construct an object in a given context, given its type.

Abstract

Introduction

The design of languages that can express a wide variety of logics has been the focus of much recent work. Such languages attempt to provide a general theory of inference systems that captures uniformities across different logics, so that they can be exploited in implementing theorem provers and proof systems.

This book is a collection of papers presented at the first annual Workshop held under the auspices of the ESPRIT Basic Research Action 3245, “Logical Frameworks: Design, Implementation and Experiment”. It took place at Sophia-Antipolis, France from the 7th to the 11th of May, 1990. Seventy-four people attended the Workshop: one from Japan, six from the United States, and the rest from Europe.

We thank the European Community for the funding which made the Workshop possible. We also thank Gilles Kahn who, with the help of the Service des Relations Extérieures of INRIA, performed a most excellent job of organisation. Finally, we thank the following researchers who acted as referees: R. Constable, T. Coquand, N.G. deBruijn, P. de Groote, V. Donzeau-Gouge, G. Dowek, P. Dybjer, A. Felty, L. Hallnäs, R. Harper, L. Helmink, F. Honsell, Z. Luo, N. Mendler, C. Paulin, L. Paulson, R. Pollack, D. Pym, F. Rouaix, P. Schröder-Heister, A. Smaill, and B. Werner.

We cannot resist saying a word or two about how these proceedings came into being. Immediately after the Workshop, participants were invited to contribute papers by electronic mail, as LATEX sources. One of us (Huet) then collected the papers together, largely unedited, and the result was “published electronically” by making the collection a file available worldwide by ftp (a remote file transfer protocol). This seems to have been somewhat of a success, at least in terms of numbers of copies circulated, and perhaps had merit in terms of rapid and widespread availability of recent work.

Abstract

Introduction

In the notion of an open-ended framework of deductive interpreted languages is formulated, and in particular an example is given of a hierarchy of languages Li in the LTC framework. In the first part of this three part paper, sections 2 to 4, we review this hierarchy of languages and then discuss some issues concerning the framework, which lead to another hierarchy of languages, LTC0, LTC1, LTCW. In the second part, sections 5 and 6, we give three type theories, TT0, TT1, and TTW, and their interpretations in the corresponding LTC language. In the final part, sections 7 to 9, we document the implementation of the LTC hierarchy in the generic theorem prover, Isabelle, developed by Larry Paulson at Cambridge. We also describe a programme for verifying, in Isabelle, the interpretations of the type theories TT0, TT1 and TTW.

The basic LTC framework is one that runs parallel to the ITT framework. ITT stands for “Intuitionistic Theory of Types”, see. It is a particular language from the latter framework that has been implemented in the Cornell Nuprl System.

Abstract

Introduction

The Edinburgh Logical Framework (ELF) provides a formalism for defining Natural Deduction style logics. Natural Deduction is rather more powerful than the notation which is commonly used to define programming languages in “inference-style” Operational Semantics, following Plotkin and others, for example Kahn. So one may ask

We show here that, with a slight extension, it can, and hence that the ELF can be used as a formal meta-language for defining programming languages. However ELF employs the “judgements as types” paradigm and takes the form of a typed lambda calculus with dependent types. We do not need all this power here, and in this paper we present a slight extension of Natural Deduction as a semantic notation for programming language definition. This extension can itself be defined in ELF.

The inspiration for using a meta-logic for Natural Deduction proofs comes from Martin-Löf.

Abstract

Introduction

Verification systems

A verification system consists of

1. (i) a framework, to be called the frame, which defines how mathematical material (in the wide sense) can be written in the form of books, such that the correctness of those books is decidable by means of an algorithm (the checker),

2. (ii) a set of basic rules (axioms) that the user of the frame can proclaim in his books as a general basis for further work.

Abstract

Introduction

Over the last 25 years, a large number of logics and systems have been devised for machine verified mathematical development. These systems vary significantly in many important ways, including: underlying philosophy, object-level logic, support for meta-level reasoning, support for automated proof construction, and user interface. A summary of some of these systems, along with a number of interesting comments about issues (such as differences in logics, proof power, theory construction, and styles of user interaction), may be found in Lindsay's article. The Kemmerer study compares the use of four software verification systems (all based on classical logic) on particular programs.

In this report we compare two interactive systems for proof development and checking: The Boyer-Moore Theorem Prover and the Nuprl Proof Development System. We have based our comparison on similar proofs of a specific theorem: the finite exponent two version of Ramsey's theorem (explained in Section 2). The Boyer-Moore Theorem Prover is a powerful (by current standards) heuristic theorem prover for a quantifier-free variant of first order Peano arithmetic with additional data types.