Vérification de typage pour le lambda-Pi-Calcul Modulo : théorie et pratique / Typechecking in the lambda-Pi-Calculus Modulo : Theory and Practice

Saillard, Ronan

25 September 2015

La vérification automatique de preuves consiste à faire vérifier par un ordinateur la validité de démonstrations d'énoncés mathématiques. Cette vérification étant purement calculatoire, elle offre un haut degré de confiance. Elle est donc particulièrement utile pour vérifier qu'un logiciel critique, c'est-à-dire dont le bon fonctionnement a un impact important sur la sécurité ou la vie des personnes, des entreprises ou des biens, correspond exactement à sa spécification. DEDUKTI est l'un de ces vérificateurs de preuves. Il implémente un système de type, le lambda-Pi-Calcul Modulo, qui est une extension du lambda-calcul avec types dépendants avec des règles de réécriture du premier ordre. Suivant la correspondance de Curry-Howard, DEDUKTI implémente à la fois un puissant langage de programmation et un système logique très expressif. Par ailleurs, ce langage est particulièrement bien adapté à l'encodage d'autres systèmes logiques. On peut, par exemple, importer dans DEDUKTI des théorèmes prouvés en utilisant d'autres outils tels que COQ, HOL ou encore ZENON, ouvrant ainsi la voie à l'interopérabilité entre tous ces systèmes. Le lambda-Pi-Calcul Modulo est un langage très expressif. En contrepartie, certaines propriétés fondamentales du système, telles que l'unicité des types ou la stabilité du typage par réduction, ne sont pas garanties dans le cas général et dépendent des règles de réécriture considérées. Or ces propriétés sont nécessaires pour garantir la cohérence des systèmes de preuve utilisés, mais aussi pour prouver la correction et la complétude des algorithmes de vérification de types implémentés par DEDUKTI. Malheureusement, ces propriétés sont indécidables. Dans cette thèse, nous avons donc cherché à concevoir des critères garantissant la stabilité du typage par réduction et l'unicité des types et qui soient décidables, de manière à pouvoir être implémentés par DEDUKTI. Pour cela, nous donnons une nouvelle définition du lambda-Pi-Calcul Modulo qui rend compte de l'aspect itératif de l'ajout des règles de réécriture dans le système en les explicitant dans le contexte. Une étude détaillée de ce nouveau calcul permet de comprendre qu'on peut ramener le problème de la stabilité du typage par réduction et de l'unicité des types à deux propriétés plus simples, qui sont la compatibilité du produit et le bon typage des règles de réécriture. Nous étudions donc ces deux propriétés séparément et en donnons des conditions suffisantes effectives. Ces idées ont été implémentées dans DEDUKTI, permettant d'augmenter grandement sa généralité et sa fiabilité. / Automatic proof checking is about using a computer to check the validity of proofs of mathematical statements. Since this verification is purely computational, it offers a high degree of confidence. Therefore, it is particularly useful for checking that a critical software, i.e., a software that when malfunctioning may result in death or serious injury to people, loss or severe damage to equipment or environmental harm, corresponds to its specification. DEDUKTI is such a proof checker. It implements a type system, the lambda-Pi-Calculus Modulo, that is an extension of the dependently-typed lambda-calculus with first-order rewrite rules. Through the Curry-Howard correspondence, DEDUKTI implements both a powerful programming language and an expressive logical system. Furthermore, this language is particularly well suited for encoding other proof systems. For instance, we can import in DEDUKTI theorems proved using other tools such as COQ, HOL or ZENON, a first step towards creating interoperability between these systems.The lambda-Pi-Calculus Modulo is a very expressive language. On the other hand, some fundamental properties such as subject reduction (i.e., the stability of typing by reduction) and uniqueness of types are not guaranteed in general and depend on the rewrite rules considered. Yet, these properties are necessary for guaranteeing the coherence of the proof system, but also for provingthe soundness and completeness of the type-checking algorithms implemented in DEDUKTI. Unfortunately, these properties are undecidable. In this thesis, we design new criteria for subject reduction and uniqueness of types that are decidable in order to be implemented in DEDUKTI.For this purpose, we give a new definition of the lambda-Pi-Calculus Modulo that takes into account the iterative aspect of the addition of rewrite rules in the typing context. A detailed study of this new system shows that the problems of subject reduction and uniqueness of types can be reduced to two simpler properties that we call product compatibility and well-typedness of rewrite rules.Hence, we study these two properties separately and give effective sufficient conditions for them to hold.These ideas have been implemented in DEDUKTI, increasing its generality and reliability.

Théorie de la preuve

Outils formels

Théorie des types

Proof theory

Formal tools

Type theory

005.1

A rigorous methodology for developing GUI-based DSL formal tools

Silva, Robson dos Santos e

23 August 2013

Submitted by Luiz Felipe Barbosa (luiz.fbabreu2@ufpe.br) on 2015-03-12T14:30:39Z No. of bitstreams: 2 Dissertacao Robson Santos Silva.pdf: 2657380 bytes, checksum: e8bfe7912e7136af0fbf6082153115fd (MD5) license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5) / Approved for entry into archive by Daniella Sodre (daniella.sodre@ufpe.br) on 2015-03-13T12:57:10Z (GMT) No. of bitstreams: 2 Dissertacao Robson Santos Silva.pdf: 2657380 bytes, checksum: e8bfe7912e7136af0fbf6082153115fd (MD5) license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5) / Made available in DSpace on 2015-03-13T12:57:10Z (GMT). No. of bitstreams: 2 Dissertacao Robson Santos Silva.pdf: 2657380 bytes, checksum: e8bfe7912e7136af0fbf6082153115fd (MD5) license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5) Previous issue date: 2013-08-23 / It is well-known that model-driven engineering (MDE) is a software development methodology that focuses on creating and exploiting (specific) domain models. Domain models (conceptually) capture all the topics (for instance, entities and their attributes, roles, and relationships as well as more specific constraints) related to a particular problem. It is common to use domain-specific languages (DSL) to describe the concrete elements of such models. MDE tools can easily build domain-specific languages (DSL), capturing syntactic as well as static semantic information. However, we still do not have a clear way of capturing the dynamic semantics of a DSL as well as checking the domain properties prior to generating the implementation code. Formal methods are a well-known solution for providing correct software, where we can guarantee the satisfaction of desired properties. Unfortunately the available formal methods tools focus almost exclusively on semantics whereas human-machine interaction is "left to the user". Several industries, and in particular the safety-critical industries, use mathematical representations to deal with their problem domains. Historically, such mathematical representations have a graphical appeal. For example, Markov chains and fault-trees are used in safety assessment processes to guarantee that airplanes, trains, and other safety-critical systems work within allowed safety margins. In general, due to the difficulty to obtain correct software, such industries use Commercial Off-The-Shelf (COTS) software or build them specifically to satisfy their needs with a related testing campaign effort. Such DSLs are difficult to capture, using just MDE tools for instance, because they have specific semantics to provide the desired (core) information for the industries that use them. In this sense, given a DSL (L) composed of a syntax and static semantics (SSL), and dynamic semantics (DSL) parts, our work proposes a rigorous methodology for combining the easiness of MDE tools, to capture SSL, with the correctness assured by formal methods, to capture DSL as well and check its properties. This combination is specifically handled in the following way, we capture all aspects of L using formal methods, check the desired properties and adjust if necessary. After that, we automatically translate part of it in terms of constructs of a MDE tool, from which we can build a user-friendly (GUI) front-end very easily (automatically). Finally, we link the front-end code to the automatically synthesized code from the formal dynamic semantics back-end. Although we require the use of a formal methods tool, the distance from the mathematical representations used in industry and the formal methods notation is very close. With this proposed methodology we intend that safety-critical industries create their domain specific software as easy as possible and with the desired static and dynamic properties formally checked. / A Engenharia Dirigida a Modelos ou (MDE—Model-Driven Engineering) é uma metodologia de desenvolvimento de software que se concentra na criação e manipulação de modelos específicos de domínio. É comum o uso de linguagens específicas de domínio (DSL) para descrever os elementos concretos de tais modelos. Ferramentas de MDE podem facilmente construir linguagens específicas de domínio (DSL), capturando seus aspectos sintáticos assim como sua semântica estática. No entanto, ainda não possuem uma forma clara de capturar a semântica dinâmica de uma DSL, assim como a verificação de propriedades de domínio antes da geração de código executável. Métodos formais são tidos como uma solução para prover software correto, onde podemos garantir que desejadas propriedades são satisfeitas. Infelizmente, as ferramentas de métodos formais disponíveis concentram-se quase que exclusivamente na semântica enquanto que a interação homem-computador é "deixada para o usuário". Indústrias em que a segurança é crítica, usam representações matemáticas para lidar com os seus domínios de problemas. Historicamente, essas representações matemáticas têm um apelo gráfico. Por exemplo, Cadeias de Markov e Árvores de Falha. Em geral, devido à dificuldade em obter softwares formalmente verificados, essas indústrias utilizam sistemas comerciais prontos para uso (Commercial Off-the-shelf - COTS) ou os constróem especificamente para satisfazerem as suas necessidades com um esforço considerável em testes. Tais DSLs são difíceis de capturar, usando apenas ferramentas MDE por exemplo, porque possuem uma semântica particular para prover as informações específicas desejadas para as indústrias que as utilizam. Neste sentido, dada uma DSL (L), composta por sintaxe e semântica estática (SSL), e semântica dinâmica (DSL), este trabalho propõe uma metodologia rigorosa para combinar a facilidade de ferramentas MDE em capturar SSL, com a corretude assegurada por métodos formais para capturar DSL e verificar suas propriedades. Esta combinação é especificamente tratada da seguinte maneira: captura-se todos os aspectos de L utilizando métodos formais, verificam-se as propriedades desejadas e as ajustam caso necessário. Em seguida, parte de L é traduzida automaticamente em termos de artefatos para uma ferramenta MDE, a partir da qual é possível construir uma interface amigável (front-end) facilmente (automaticamente). Por fim, o código do front-end é integrado com o código sintetizado automaticamente a partir da semântica dinâmica formal (back-end).

Engenharia Dirigida a Modelos (MDE)

Métodos Formais

Linguagens específicas de domínio

Model-Driven Engineering

Formal Methods

Domain-Specific Languages

GUI-based formal tools

Modern kontra traditionell styrning : - en studie av traditionellt tillverkande företag / Modern vs. traditional management control : - a study of traditional manufacturing companies

Byberg, Anna, Hedelin, Karin

January 2006

<p>Bakgrund: Traditionell styrning har kritiserats av en rad olika författare och en modern verksamhetsstyrning har utvecklats. Vi menar att traditionella tillverkande företag är intressanta ur den aspekten att traditionella ekonomistyrningsmodeller är uppbyggda kring dessa typer av företag. Frågan vi ställer oss är alltså huruvida modern verksamhetsstyrning är ändamålsenlig i traditionella tillverkande företag.</p><p>Syfte och metod: Syftet med den här uppsatsen är, att beskriva och analysera tillämpningen av traditionella och modernare verksamhetsstyrningsmetoder i traditionella, tillverkande företag. Vår empiri är baserad på sex olika kvalitativa intervjuer på företagen Cloetta Fazer, Milko och Skånemejerier.</p><p>Resultat: Traditionellt tillverkande företag möter inte samma förutsättningar som tidigare och behöver därför på många plan anpassa sin styrning.</p> / <p>Background: Many authors have criticised traditional methods of management control which has triggered the development of modern management control methods. We believe that an interesting aspect of traditional companies from the manufacturing sector is that traditional management control models spring from demands from these types of companies. We want to find out whether modern management control is fit-to-purpose solution for traditional manufacturing companies.</p><p>Purpose and methods: The purpose of this thesis is to describe and analyse the use of traditional and more modern operations management control methods, in traditional manufacturing companies. Empirical work is based on six qualitative interviews with representants from the three companies Cloetta Fazer, Milko and Skånemejerier.</p><p>Results: Traditional manufacturing companies do not face the same conditions compared with yesterday, and must in many areas change their management control.</p>

traditional management control

modern management control of operations

formal tools

informal management control tools

control

empowerment

Anders Parment

traditionell styrning

modern verksamhetsstyrning

kontroll

hierarki

empowerment

Anders Parment.

Business studies

Företagsekonomi

Modern kontra traditionell styrning : - en studie av traditionellt tillverkande företag / Modern vs. traditional management control : - a study of traditional manufacturing companies

Byberg, Anna, Hedelin, Karin

January 2006

Bakgrund: Traditionell styrning har kritiserats av en rad olika författare och en modern verksamhetsstyrning har utvecklats. Vi menar att traditionella tillverkande företag är intressanta ur den aspekten att traditionella ekonomistyrningsmodeller är uppbyggda kring dessa typer av företag. Frågan vi ställer oss är alltså huruvida modern verksamhetsstyrning är ändamålsenlig i traditionella tillverkande företag. Syfte och metod: Syftet med den här uppsatsen är, att beskriva och analysera tillämpningen av traditionella och modernare verksamhetsstyrningsmetoder i traditionella, tillverkande företag. Vår empiri är baserad på sex olika kvalitativa intervjuer på företagen Cloetta Fazer, Milko och Skånemejerier. Resultat: Traditionellt tillverkande företag möter inte samma förutsättningar som tidigare och behöver därför på många plan anpassa sin styrning. / Background: Many authors have criticised traditional methods of management control which has triggered the development of modern management control methods. We believe that an interesting aspect of traditional companies from the manufacturing sector is that traditional management control models spring from demands from these types of companies. We want to find out whether modern management control is fit-to-purpose solution for traditional manufacturing companies. Purpose and methods: The purpose of this thesis is to describe and analyse the use of traditional and more modern operations management control methods, in traditional manufacturing companies. Empirical work is based on six qualitative interviews with representants from the three companies Cloetta Fazer, Milko and Skånemejerier. Results: Traditional manufacturing companies do not face the same conditions compared with yesterday, and must in many areas change their management control.

traditional management control

modern management control of operations

formal tools

informal management control tools

control

empowerment

Anders Parment

traditionell styrning

modern verksamhetsstyrning

kontroll

hierarki

empowerment

Anders Parment.

Business studies

Företagsekonomi