coq-club AT inria.fr
Subject: The Coq mailing list
List archive
- From: Benoît Viguier <beviguier AT gmail.com>
- To: coq-club AT inria.fr
- Subject: Re: [Coq-Club] meaning of formal specifications
- Date: Mon, 25 Jan 2021 17:03:08 +0100
- Authentication-results: mail3-smtp-sop.national.inria.fr; spf=None smtp.pra=beviguier AT gmail.com; spf=Pass smtp.mailfrom=beviguier AT gmail.com; spf=None smtp.helo=postmaster AT mail-ej1-f51.google.com
- Ironport-phdr: 9a23:h690zR3SjhikzrKesmDT+DRfVm0co7zxezQtwd8ZseMQLfad9pjvdHbS+e9qxAeQG9mCurQe0KGK7+igATVGvc/e9ihaMdRlbFwssY0uhQsuAcqIWwXQDcXBSGgEJvlET0Jv5HqhMEJYS47UblzWpWCuv3ZJQk2sfQV6Kf7oFYHMks+5y/69+4HJYwVPmTGxfa5+IA+5oAnMssQam5VuJ6g+xhbGrXZDZuBayX91KV6JkBvw+8W98IR//yhMvv4q6tJNX7j9c6kkV7JTES4oM3oy5M3ltBnDSRWA634BWWgIkRRGHhbI4gjiUpj+riX1uOx92DKHPcLtVrA7RS6i76ZwRxD2jioMKiM0/3vWisx0i6JbvQ6hqhliyIPafI2ZKPxzdb7bcNgHR2ROQ9xRWjRcDI2iYYsBD+kPM+hWoIbypVQBsQCzChOwCO710DJEmnH70K883u88EQ/GxgsgH9cWvXnJstr1MqASSe6pzKbQwjrDbvxW2Sr86IfWaBAqvPaBUqlufsrPyEkvGB7FjlSOpoz/JD6V2eENvHKa7+pkT+6gl2knqwRorzWp28wjhZXHiJgPxVDY6SV23pw1JdugRUB0ZdOqHpReuj+EO4doQM4vQmBltSc7x7AYtpO3YCsHxIgpyRPeb/GKd5WF7x3iWeqNPTp0mnJrda+hihux80WtzPD3WMez0FZPtCVFk9/Mu2gV1xzJ68iHTOdy8Vm92TaI0QDf8P9LLl0plabDNp4h2qA/lpwVsUjZACD5hVj2gamLfUsn4uil8/rrbqniq5OGNIJ5ihvyProzlsG8G+g1MhUCU3CF9eumyLHv40j0T69Fg/A5naTUtZLXKtkUq6KnBgJZz4Mu5wihADqpzdgVmH0KIE9Ydx+DioXmJ03CL+7lAvq6gVmgjTdmyv/AM7b8GJvCNGLDn63kfbtl605T1g4zzddH6pJREL4BIfbzVlbvu9zaExM1KgK0zub6BNln2YMeXmWPAqCdMKzMq1OH+uUvI+yUaI8UvjbyNeQl6ubwgXMlnVIRZ6qk0JsNZHymA/hrIF+VbHrxjtsZFGcFpAs+TOjkiF2YVj5TYm6/ULki6TElCYKmAprDRoGzj7ybxyq7EZhWaXpHClCIC3vna4KEW/IUZCKIPsBhiiAEVaSmS4I5yR6usxb6x6N7IerQ5y0Xronu1MN15u3WjRE97yZ4D8Wb02GXTmF7hHkERzEs3PM3nUsowVCalKN8nvZwFNpJ5voPXB1pG4TbyrlQBtb13B72QNaGVVerWJ3yCzwvT90swtIUS0l4EtSmyBvE2nz5UPcui7WXCclsoern1H/rKpMlkieU5Owal1AjB/B3Gyijj697+RLUAteQwUqcnqeuM68b2XyUrTrR/S+1pEhdFTVIf+DFUHQYPBaEqN344gbPTebrB+l+dARGzsGGJ+1Bbdi71QwaFsemA8zXZieKo0n1HQyBn+reY4/jemFb1yLYWhAJ
Hi Fritjof,
If you put everything in Coq, it makes it harder to see the
separation and blurs the lines.
For example, in the case of using Coq & VST
(https://vst.cs.princeton.edu/) you have:
- Implementation = your C code
- Formal Specification = your Hoare tripple which also includes
the functional definition of the function.
- Contructed proof = the proof of your Hoare triple correctness.
Personally I would argue that piece of software generated from a formal specification are not "verified" but "proven by construction/synthesized", as opposed to an existing fragment of code that is later verified to match the formal specification.
Do note that a formal specification does not necessarily have to be originally written in Coq, e.g. RFC 7748.
Kind Regards.
On 1/25/21 4:51 PM, Ian Atol wrote:
Hi Fritjof,
My understanding is that in the context of inside a Coq program, formal specification is mostly used as you say (the definition of theorems that we intend to construct a value to occupy - #2 on your list). But outside of that context, some refer to entire Coq programs as formal specifications, since they are a formal specification of the behavior of another program or some mathematical construct.
Ian
My understanding is that in the context of inside a Coq program, formal specification is mostly used as you say (the definition of theorems that we intend to construct a value to occupy - #2 on your list). But outside of that context, some refer to entire Coq programs as formal specifications, since they are a formal specification of the behavior of another program or some mathematical construct.
Ian
On Jan 25, 2021, 7:39 AM -0800,
Fritjof <fritjof AT uni-bremen.de>, wrote:
Hi,
I have a question regarding what formal specification exactly means in the
proof assistant context.
First *formal verification* means an implementation satisfies its formal specification.
The satisfiability is shown using formal methods of mathematics, e.g., a constructed proof
in Coq.
So we have the following terms:
1) implementation
2) formal specification
3) constructed proofs
In the context of proof assistants, e.g., Coq, I would describe:
1) implementation - as the *program*, collection of function definitions and data types
2) formal specification - as the properties that argue about the program, e.g., theorems, lemmas or axioms
3) constructed proofs - statements of the LTac language
However, I have also read that the implementation part is referred to as a formal specification:
- https://www.cis.upenn.edu/~bcpierce/papers/pierce-etaps2018.pdf
or the combination of 1,2 and 3 is referred to as a formal specification, like in: a program in haskell
is extracted from this formal specification.
Am I right, that the term *formal specification* often donetes the combination of 1,2 and 3, or just 1
or am I missing something?
Kind Regards,
fritjof
Hi,
I have a question regarding what formal specification exactly means in the
proof assistant context.
First *formal verification* means an implementation satisfies its formal specification.
The satisfiability is shown using formal methods of mathematics, e.g., a constructed proof
in Coq.
So we have the following terms:
1) implementation
2) formal specification
3) constructed proofs
In the context of proof assistants, e.g., Coq, I would describe:
1) implementation - as the *program*, collection of function definitions and data types
2) formal specification - as the properties that argue about the program, e.g., theorems, lemmas or axioms
3) constructed proofs - statements of the LTac language
However, I have also read that the implementation part is referred to as a formal specification:
- https://www.cis.upenn.edu/~bcpierce/papers/pierce-etaps2018.pdf
or the combination of 1,2 and 3 is referred to as a formal specification, like in: a program in haskell
is extracted from this formal specification.
Am I right, that the term *formal specification* often donetes the combination of 1,2 and 3, or just 1
or am I missing something?
Kind Regards,
fritjof
- [Coq-Club] meaning of formal specifications, Fritjof, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Ian Atol, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Benoît Viguier, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Abhishek Anand, 01/26/2021
- Re: [Coq-Club] meaning of formal specifications, Benoît Viguier, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Agnishom Chattopadhyay, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Adam Chlipala, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Michael Soegtrop, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Adam Chlipala, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Michael Soegtrop, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Xavier Leroy, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Vincent Semeria, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Adam Chlipala, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Vincent Semeria, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Fritjof, 01/29/2021
- Re: [Coq-Club] meaning of formal specifications, Vincent Semeria, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Adam Chlipala, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Vincent Semeria, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Ian Atol, 01/25/2021
Archive powered by MHonArc 2.6.19+.