coq-club AT inria.fr
Subject: The Coq mailing list
List archive
- From: Milad Ketabii <ketabii.math AT gmail.com>
- To: coq-club AT inria.fr
- Subject: Re: [Coq-Club] meaning of formal specifications
- Date: Tue, 26 Jan 2021 05:21:28 +1100
- Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=ketabii.math AT gmail.com; spf=Pass smtp.mailfrom=ketabii.math AT gmail.com; spf=None smtp.helo=postmaster AT mail-pg1-f182.google.com
- Ironport-phdr: 9a23:BkMBfBw8M3IiXrDXCy+O+j09IxM/srCxBDY+r6Qd2+ISIJqq85mqBkHD//Il1AaPAdyKragfwLOO7eigATVGvc/e9ihaMdRlbFwssY0uhQsuAcqIWwXQDcXBSGgEJvlET0Jv5HqhMEJYS47UblzWpWCuv3ZJQk2sfQV6Kf7oFYHMks+5y/69+4HJYwVPmTGxfa5+IA+5oAnMssQam5VuJ6g+xhfUvndFevldyWd0KV6OhRrx6dq88Zx5/yhMp/4t8tNLXLnncag/UbFWFiktPXov5M3suxnDTA+P6WUZX24LjBdGABXL4Q/jUJvpvST0quRy2C+BPc3rVr80Qiit771qSBDzligKMSMy/XzNhcxxiKJbpw+hpwB6zoXJboyZKOZyc6XAdt4cWGFPXNteVzZZD4yzYYsADeoPM+hboYfguVUBsQCzChOwCO710DJEmmP60K883u88EQ/GxgsgH9cWvXrTrdX1ML0dXv2ox6fN0zrDc+lZ1iz86IjJbxsspvKMUqxsccXL0kYvFgLFgk+VqYP/IzOV1v8As2ee7+V6VOKvj3QrpB12ojiq38ohjJTCiY0JxF7e7yp53Jo1KsOiSE59edOpEoZcuS+aOodqQM4vQX9ktSgnx7AYpJO1cjYHxZslyhLBZfGJc4yF7wznWeieIDp1mW5oda6/iRuy8Uas1u/xW8+p21hEqSpFl8PDtnEL1xHL98iHUuVy/kGn2TqVyQ/c9/xELEYpnqTYM54s2qA8moYXvEjZHSL7mF/6gLGLekgk4OSk9ufqbqvgq5SBLYF7kBv+Pb4rmsGnAeQ3LAwOX2+D9OS5zrLj/En5TKxSjv05j6XVqZ7aKdkYq6KnGQNV3YEj6xGwDzeiztsUh2UILFVAeB6fjojpPU/BIOzgAPuhn1ihlC1nyvPGM7H7HJnBM3jOnK38cbt+9UJQ0A8zwspe55JQBLEBOvXzWkrpudzbEBA5Lxa7zP3mCNV8zI8eXHiAArOZMK7Jvl+I4/ggI+iIZIMPpDn9LP0l6+b0jXAlgV8dYbWp3ZwPZX+kGfRmOlyVbmbogtccCmgHpRE+TezviF2aSzFffXeyX6Qm5jE6Eo2qF4nDRpr+yICGiSy8B9hdYn1MIlGKC3bhMYueCNkWbyfHB85lmzBMdrW9QoUg1Fn6twLmwrBmL6zR8zEYnZ3m3dlxoebUkEdhpnRPE82B3jTVHClPlWQSSmpuhfwtkQlG0l6GlJNArblAD9UKvqFGVw47MdjXyOkoU4mjCDKERc+ATROdevvjBDgwStwrxNpXOhRyHtyjilbI2C/4WuZIxYzOP4Q99+fn51a0J8t5zCyYhqwojl1jWsQWcGP/1vQ5+A/UCIrE1U6ekvTyeA==
Hi Feitjov,
When I was doing my PhD, I faced questions similar to yours. It emerged from my encounter of HOL4 for completing a project after having used Coq for another.
Given your question is on the meaning of a word, I would like to refer to a philosophical doctrine on how words acquire their meaning in a system of signs. Using that doctrine, I put forward how I came to an answer for myself!
So turns out that a text can be perceived as a construct made around elemental "oppositions". Accordingly, textual constructs only produce meaning through their interplay of DIFFERENCES (mostly emergingin in form of binary contrasts) inside a system of distinct signs. This doctrine was first introduced by Ferdinand Saussure on which J. Derrida drew for introducing his notion of difference.
Considering the above explanation, instead of hard wiring the words "specification" and "implementation" to predetermined functionality or referents, we can perceive them in a contrasting interplay whose connection is established via the proof game. The "specification" is something used by a "proof" to demonstrate "the correctness " of an "implementation ".
Now going for the Saussurian doctrine, there is no problem for an _expression_ to be specification for an implementation, but itself being an implementation for something else. Therefore, I would definitely hesitate to say it is meaningless (or even misguiding) to use the word specification in the context of formal verification.
Hopefully that was useful!
Best
On Tue, Jan 26, 2021, 2:39 AM Fritjof <fritjof AT uni-bremen.de> wrote:
Hi,
I have a question regarding what formal specification exactly means in the
proof assistant context.
First *formal verification* means an implementation satisfies its formal specification.
The satisfiability is shown using formal methods of mathematics, e.g., a constructed proof
in Coq.
So we have the following terms:
1) implementation
2) formal specification
3) constructed proofs
In the context of proof assistants, e.g., Coq, I would describe:
1) implementation - as the *program*, collection of function definitions and data types
2) formal specification - as the properties that argue about the program, e.g., theorems, lemmas or axioms
3) constructed proofs - statements of the LTac language
However, I have also read that the implementation part is referred to as a formal specification:
- https://www.cis.upenn.edu/~bcpierce/papers/pierce-etaps2018.pdf
or the combination of 1,2 and 3 is referred to as a formal specification, like in: a program in haskell
is extracted from this formal specification.
Am I right, that the term *formal specification* often donetes the combination of 1,2 and 3, or just 1
or am I missing something?
Kind Regards,
fritjof
- Re: [Coq-Club] meaning of formal specifications, (continued)
- Re: [Coq-Club] meaning of formal specifications, Abhishek Anand, 01/26/2021
- Re: [Coq-Club] meaning of formal specifications, Agnishom Chattopadhyay, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Adam Chlipala, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Michael Soegtrop, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Adam Chlipala, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Michael Soegtrop, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Xavier Leroy, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Vincent Semeria, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Adam Chlipala, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Vincent Semeria, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Fritjof, 01/29/2021
- Re: [Coq-Club] meaning of formal specifications, Vincent Semeria, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Adam Chlipala, 01/27/2021
- Re: [Coq-Club] meaning of formal specifications, Vincent Semeria, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Milad Ketabii, 01/25/2021
- Re: [Coq-Club] meaning of formal specifications, Pierre Courtieu, 01/26/2021
Archive powered by MHonArc 2.6.19+.