Skip to Content.
Sympa Menu

coq-club - Re: [Coq-Club] [isabelle] Abandoned proof engineering efforts

coq-club AT inria.fr

Subject: The Coq mailing list

List archive

Re: [Coq-Club] [isabelle] Abandoned proof engineering efforts


Chronological Thread 
  • From: Christoph Sprenger <sprenger AT inf.ethz.ch>
  • To: Talia Ringer <tringer AT cs.washington.edu>
  • Cc: Coq-Club <coq-club AT inria.fr>, isabelle-users <isabelle-users AT cl.cam.ac.uk>
  • Subject: Re: [Coq-Club] [isabelle] Abandoned proof engineering efforts
  • Date: Tue, 18 Feb 2020 13:19:41 +0100
  • Authentication-results: mail3-smtp-sop.national.inria.fr; spf=None smtp.pra=sprenger AT inf.ethz.ch; spf=None smtp.mailfrom=sprenger AT inf.ethz.ch; spf=None smtp.helo=postmaster AT mailg110.ethz.ch
  • Ironport-phdr: 9a23:htlBARx6ikEXt33XCy+O+j09IxM/srCxBDY+r6Qd2ukeIJqq85mqBkHD//Il1AaPAdyHra0UwLGH+4nbGkU+or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQpFiCeybL9oLhi7rgrdu8cSjIB/Nqs/1xzFr2dHdOhR2W5mP0+YkQzm5se38p5j8iBQtOwk+sVdT6j0fLk2QKJBAjg+PG87+MPktR/YTQuS/XQcSXkZkgBJAwfe8h73WIr6vzbguep83CmaOtD2TawxVD+/4apnVAPkhSEaPDMi7mrZltJ/g75aoBK5phxw3YjUYJ2ONPFjeq/RZM4WSXZdUspUUSFOBZ6yb5YUD+oZI+lXs5X9qVUJrRu7HwasBeXvwSJMinL52aA21uIsGhzE0gM9BdIDqGjbo9roOqkSU++7wqrGzTvdYf1R2Dfw85LHfgwkofyWXbJ8bcjcxE8yHA3FlFWQronlMiuL2+QNqWib7vFgVf6oi24/qwF6vyWhxt82iobXgIIVxU7L9T9ky4syPt24UFR7bsCiEJtfqS6aLZB7QsIkQ2Fmoio11KEGuZ66fSQQ1JsnxwfSZvqaeIaG5RLjUfyeITZ+hH99ZbK/nAi98U6hyuzzTMW010xKriVdntnXqnACzRrT6saASvtn40itwyiA2B3O6u1cLkA0lLbbK548wrErjJYTsEPDEynrk0v1lK+bblgo9vas5uj9f7nrqIGQO5Vphgz/LKgigM2yDOUgPgQTW2WX5/6w2bPt8EHjRLhHgOc6nrfEvJzHI8kQu7S3DBVP0ok57hayFzem38ocnXkANF9FfQiIj4ntO1HBPfz0EOuzj06ynzd3x/DHP6ftDYnNLnTbkbfhe6hy61JExQYu09xS44hYBqwPLf7tQEP9qd3VAgEjPwG1wuvrENB92ZkfWWKLDK+ZKqTSsVqQ6+I0O+mMfpEauDDyK/c7/f7jln45mVkTfaWzw5QXdHC4H/V8L0qFYXrgms0BHnsSvgoiUOzqj0WPXiJUZ3arRq4z+jU7CJ+9AorYXYCsgLmB3D+hEZFMZ2BGDEqMEXbyeImeVfcMcnHaHsg0rjUAVLHpcY4n2hy0/Fvm0bthIefO0iYD843qz9h04eLPkhd0+DBpWZezyWaIGkp0hGITWzgu3OhEuVZwzFiOy+AsmORCGNpc6ulhUwE0c5PAz/48ANCkCVGJRcuAVFvzGobuOjo2VN9khoJXOhovK5CZlhnGmhGSLfoNjbXSX8419Kya0mTxNYB2yySejfRzvxwdWsJKcFaeqOt/+gzUXt6blkyYk6nzLPxa0TLN5iGIzTjW5RAKYEtLSazAGEsnSA7TpNX96FnFSub1W7UhPE1M1c6QbKBKOIXk
Dear Talia,

this is not my own proof effort, but I know Diego Ongaro formalized his Raft consensus protocol [1,3] in TLA and partially proved one of its properties in the TLA prover. He later abandoned the effort to prove further properties, since he “found it too tedious and time-consuming to use the TLA proof system at the scale of a complete proof” [2, Section 8.2], see also [1, Section 8.2].

Cheers, 
Christoph


[1] https://www.usenix.org/conference/atc14/technical-sessions/presentation/ongaro
[2] https://web.stanford.edu/~ouster/cgi-bin/papers/OngaroPhD.pdf
[3] https://raft.github.io/


On 16 Feb 2020, at 20:18, Talia Ringer <tringer AT cs.washington.edu> wrote:

To clarify: any size project in any proof assistant is fine. I'd actually
really love examples of projects of different sizes in different proof
assistants. The more examples, the better.

On Sat, Feb 15, 2020, 5:27 PM Talia Ringer <tringer AT cs.washington.edu>
wrote:

Hi all,

I'm curious if any of you have ever started to verify a system, but then
abandoned that system due to the difficulty of evolving and maintaining
your proofs. If so, I would love for you to share those proof efforts with
me, especially if the code is public.

Thanks!

Talia



Archive powered by MHonArc 2.6.18.

Top of Page