Formal Analysis of

Symbolic Computation Systems for

Algebraic Topology

Julio Rubio

Universidad de La Rioja

(Spain)

The Systems

- EATEAT

Homology groups of iterated loop spaces

- KenzoKenzoBetter performanceObject-oriented

Formal Analysis

- Why?

- How?

First answer:

Why not?

Formal Analysis

- Why?

- How?

Second answer:

Increasing reliability

Formal Analysis

- Why?

- How?

Third answer:

Increasing knowledge

Formal Analysis

- How?

Two lines:

1. Algebraic Specifications

2. Computer-aided Theorem Proving

Formal Methods in Design

Implementation

SPECIFICATION

SOFTWARE PRODUCT

Formal Methods

Formal Methods in our problem

SOFTWARE PRODUCT

(MATHEMATICAL) MODEL OF THESOFTWARE PRODUCT

Formal Methods

A case-study: BPL

EAT and Kenzo implement theEAT and Kenzo implement the

Basic Perturbation Lemma (BPL)Basic Perturbation Lemma (BPL)

BPL, preliminaries:

- Chain complex- Chain complex

- Reduction- Reduction

- Perturbation- Perturbation

BPL, preliminaries: chain complex

BPL, preliminaries: reduction

BPL, preliminaries: reduction

H(C, d) H(C, d)

H(C, d)H(C, d)

(C, d) (C, d)f

g

h

Big CC Small CC

BPL, preliminaries: perturbation

BPL, statement:

(C, d) (C, d)f

g

h

Big CC Small CC

(C,d+) (C, ¿d´?)¿f ´?

¿g´?

¿h´?

Big CC Small CC

Now we introduce a perturbation and we obtain: BPL algorithm

f´,g´,d´,h´

BPL implementation, questions:

- How many reductions can be represented?- How many reductions can be represented?

- Is the implementation correct?Is the implementation correct?

BPL implementation, questions:

- How many reductions can be represented?- How many reductions can be represented?

(First line: algebraic specifications)(First line: algebraic specifications)

- Is the implementation correct?Is the implementation correct?

(Second line: ATPs)(Second line: ATPs)

First line:

ALGEBRAIC SPECIFICATIONSALGEBRAIC SPECIFICATIONS

Joint work with:

L. Lambán, V. Pascual, C. Domínguez

(Universidad de La Rioja)

Inspired by EAT syntax

Simp=S U { imp }

imp = { imp_ : imp s1 ... sn s}

S

= { : s1 ... sn s}

= S, imp = Simp, imp

- Storing operations

(make-grp :prd ... )

Real Common Lisp implementation

Sergeraert’s notions 1986

- Functional coding

f #’(lambda (x)

(integerp x))

- Decoding function

f Z

- Programs realizing operations

Real Common Lisp implementation

- Representation invariant

U Bool

- Abstraction function

U M

Hoare’s notions 1972

Real Common Lisp implementation

Sergeraert’s notions 1986

- Functional coding

f #’(lambda (x)

(integerp x))

- Decoding function

f Z

- Storing operations

(make-grp :prd ... )

- Representation invariant

U Bool

- Abstraction function

U M

- Programs realizing operations

Hoare’s notions 1972

DATUMIMPLEMENTATION OF A DATA TYPE

The implementation shift

Theorem

The implementations appearing in EAT define final objects in certain categories of Abstract Data Types implementations

Theorem

Thus: EAT implementations are

“as general as possible”

The implementations appearing in EAT define final objects in certain categories of Abstract Data Types implementations

Categories

EAT

implementing

Families of objects

modelling

Mathematics

Kenzo: dealing with inheritance

- explicit coercion- explicit coercion

(at the algebraic specification level)(at the algebraic specification level)

- similar kind of resultssimilar kind of results

(finality)(finality)

Second line:

MECHANISED THEOREM PROVINGMECHANISED THEOREM PROVING

Joint work with:

C. Ballarin (Technische Universität München)

J. Aransay (Universidad de La Rioja)

Certify the BPL EAT implementation

Certify the BPL EAT implementation

Choose a proof assistant

A Common Lisp assistant?

A Common Lisp assistant?

ACL2 (Boyer-Moore)Poor expressiveness

(no higher order functional programming)

An Assistant with other native language L?

An Assistant with other native language L?

Semantic gap between

L and Common Lisp

Give a mechanised proof of the BPL theorem

(as a previous step towards the proof of EAT implementation correctness)

To choose a (by hand) proof:

Sergeraert’s proofSergeraert’s proof

To choose a proof Assistant:

IsabelleIsabelle

In Isabelle:

- Algebraic structures:- Algebraic structures:

- dependent typesdependent types- extensible records (to reuse)extensible records (to reuse)

Lemma: Let f: C D a group homomorphism.

Then Im f is a subgroup of D.

In Isabelle:

...

Further work:

- Algebraic specifications:

More fragments

- Theorem proving:

The series

Statement of the BPL:

Further work:

- To relate more closely both lines

Further work:

- To relate more closely both lines

- To apply the acquired knowledge to other systems

Conclusions:

Starting from a very concrete problem ...

Conclusions:

- Symbolic Computation enriched with Formal Methods

Conclusions:

- Symbolic Computation enriched with Formal Methods

- Formal Methods enriched from our experiences with Symbolic Computation

Increasing

knowledgeConclusions:

- Symbolic Computation enriched with Formal Methods

- Formal Methods enriched from our experiences with Symbolic Computation