Nominal/users.html
author Christian Urban <christian.urban@kcl.ac.uk>
Fri, 19 Apr 2024 11:15:39 +0100
changeset 648 43c14c691a63
parent 638 bc23b95d3b2d
permissions -rw-r--r--
updated

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <title>Nominal Methods Group</title>
  <link rel="stylesheet" href="nominal.css">
</head>

<body>

<div align="right" style="position:relative; left:15%; width:80%">
<P>
<small>
<SCRIPT LANGUAGE="JAVASCRIPT" type="text/javascript">
<!--
var r_text = new Array ();
r_text[0] = "<em>\"Proving theorems about substitutions (and related operations such as alpha-conversion) required far more time and HOL code than any other variety of theorem.\"<br><\/em>M. VanInwegen using a concrete representation for binders in her PhD-thesis, 1996";

r_text[1] = "<em>\"When doing the formalization, I discovered that the core part of the proof... is fairly straightforward and only requires a good understanding of the paper version. However, in completing the proof I observed that in certain places I had to invest much more work than expected, e.g. proving lemmas about substitution and weakening.\"<\/em><br>T. Altenkirch using de Bruijn indices in Proc. of TLCA, 1993";

r_text[2] = "<em>\"Technical work, however, still represents the biggest part of our implementation, mainly due to the managing of de Bruijn indexes...Of our 800 proved lemmas, about 600 are concerned with operators on free names.\"<\/em><br>D. Hirschkoff in Proc. of TPHOLs, 1997";

r_text[3] = "<em>\"It took the author many long months to complete the work on this formalization...The part concerning substitution is by far the largest part of the whole development.\"<\/em><br>A. Koprowski using de Bruijn indices in a draft paper, 2006";

r_text[4] = "<em>\"We thank T. Thacher Robinson for showing us on August 19, 1962 by a counterexample the existence of an error in our handling of bound variables.\"<\/em><br>S. Kleene in J. of Symbolic Logic 27(1):11-18, 1962";

r_text[5] = "<em>\"The main drawback in HOAS is the difficulty of dealing with metatheoretic issues concerning names in processes...As a consequence, some metatheoretic properties involving substitution and freshness of names inside proofs and processes cannot be proved inside the framework and instead have to be postulated.\"<\/em><br>F. Honsell, M. Miculan and I. Scagnetto in Theoretical Computer Science, 253(2):239-285, 2001";

r_text[6] = "<em>\"Because Twelf metatheorems are proved using totality assertions about LF type families, the class of metatheorems that can be mechanized is restricted to All/Exists-statements over LF types. On the one hand, as the successful Twelf formalizations cited in Section 5 demonstrate, these All/Exists-statements have proved to be sufficient for formalizing a wide variety of metatheorems about programming languages and logics. On the other hand, we have no way to quantify when metatheorems of this form will be sufficient, and there are some well-known examples of proofs that cannot be formalized directly using Twelf as metatheorem language. For example, proofs by logical relations often require more quantifier complexity than All/Exists-statements afford.\"<\/em><br>Robert Harper and Daniel Licata in a paper on Twelf, 2007";

r_text[7] = "<em>\"So we cannot, hand-on-heart, recommend the vanilla LN style for anything but small, kernel language developments. \"<\/em><br>in F-ing Modules by Rossberg, Russo and Dreyer, TLDI 2010";

r_text[8] = "<em>\"Higher-order abstract syntax is a convenient way to approach languages with binding, but it is possible to imagine a problem where manipulating a fully concrete object without binding is simpler. In these cases, it is possible to establish a bijection between your HOAS terms and de Bruijn versions of the same terms. \"<\/em><br>Interesting responses from the <A HREF=\"http://twelf.plparty.org/wiki/Ask_Twelf_Elf\">Twelf wiki.</A> (To be honest, the same comment applies to Nominal. --cu)";

r_text[9] = "<em>\"I wonder if de Bruijn was any good at remembering names. \"<\/em><br>Darius Jahandarie according to Haskell Digest, Vol 97, Issue 1";

var i = Math.floor(r_text.length * Math.random());
document.write(r_text[i]);
//-->
</SCRIPT>
</small>
</P>
</div>


<H1>Users of Nominal Isabelle</H1>


<P>
If you want to see a simple example illustrating our results on Nominal Isabelle click
<A HREF="example.html">here</A>. For more interesting results, we already
completed formalisations of Church-Rosser and strong-normalisation proofs as
well as the first part of the <A
HREF="https://www.seas.upenn.edu/~plclub/poplmark/" target="_top">PoplMark
Challenge</A>.  We also formalised some typical proofs from SOS, <A
HREF="http://www.cs.cmu.edu/~crary/" target="_top">Karl Crary</A>'s chapter on
logical relations from <A
HREF="http://www.cis.upenn.edu/~bcpierce/attapl/index.html"
target="_top">Advanced Topics in Types and Programming Languages</A>, and also
a paper on LF by <A HREF="http://www.cs.cmu.edu/~rwh/" target="_top">Harper</A> and 
<A HREF="http://www.cs.cmu.edu/~fp/" target="_top">Pfenning</A>. In the latter paper we found a gap in
the soundness proof and corrected it (we actually gave three solutions to the problem [6]). Urban 
formalised and also corrected the main result of his PhD, a logical relation argument for
establishing strong normalisation of cut-elimination in classical logic. Other
people have used Nominal Isabelle too:

<H3>PhD Theses using Nominal Isabelle</H3>

<ul>
<li>
<A HREF="http://www.itu.dk/people/jebe/">Jesper Bengtson</A> (now professor at ITU in Copenhagen)   
finished his PhD in 2010 with a large formalisation of the Psi-Calculus in Nominal Isabelle
(see <a href="https://www.isa-afp.org/entries/Psi_Calculi.html">here</a>).
The Psi-calculus is a parametric framework for reasoning about process calculi.
He also formalised CCS (<a href="http://afp.sourceforge.net/entries/CCS.shtml">here</a>) using Nominal Isabelle. 
</li>
</ul>


<H3>Journal and Conference Papers using Nominal Isabelle</H3>

<ul>
<li>
<A HREF="http://www.itu.dk/people/jebe/">Jesper Bengtson</A>
and <A HREF="http://user.it.uu.se/~joachim/" target="_top">Joachim Parrow</A>
used Nominal Isabelle to verify the theory of the
pi-calculus. They formalised the proof that bisimulation is a congruence (both
for late and early operational semantics) available 
<a href="http://afp.sourceforge.net/entries/Pi_Calculus.shtml">here</a>.  Moreover they formalised the proof
that all late bisimilar processes are early bisimilar. The corresponding
papers were presented at FOSSACS'07 and SOS'07. They also used Nominal Isabelle
to formalise their work on Psi-calculi, available 
<a href="http://afp.sourceforge.net/entries/Psi_Calculi.shtml">here</a>. This was 
presented at LICS 2009 and LICS 2010.

All formalisations are part of the <A HREF="http://afp.sourceforge.net/">AFP</A>.
<li>
  
<A HREF="http://www.ccs.neu.edu/home/samth/" target="_top">Sam Tobin-Hochstadt</A>, a student
of <A HREF="http://www.ccs.neu.edu/home/matthias/" target="_top">Matthias Felleisen</A>, used 
Nominal Isabelle to formalise their work on Typed Scheme. This was presented at POPL'08. 

<li>
<A HREF="http://homepages.inf.ed.ac.uk/ldixon/" target="_top">Lucas Dixon</A>,
Alan Smaill and <A HREF="http://homepages.inf.ed.ac.uk/bundy/"
target="_top">Alan Bundy</A> used Nominal Isabelle to formalise
proof terms of ILL and studied proof planning with this formalisation
(EDI-INF-RR-0786). 

<li>
<A HREF="http://www.cs.swan.ac.uk/~csteme/" target="_top">Temesghen Kahsai</A>
and <A HREF="http://users.dimi.uniud.it/~marino.miculan/" target="_top">Marino Miculan</A> formalised
the spi-calculus using our work - see 
<A HREF="http://www.cs.swan.ac.uk/~csteme/SpiInIsabelle/SpiInIsabelle.html" target="_top">here</A>.

<li>
Ayesha Yasmeen, a student of  
<A HREF="http://www-faculty.cs.uiuc.edu/~egunter/" target="_top">Elsa Gunter</A>,
formalised an extension of the ambient calculus using Nominal Isabelle. This
was presented in the Emerging Trends section of TPHOLs'08. 

<li>
<A HREF="http://www.ps.uni-saarland.de/~doczkal/" target="_top">Christian Doczkal</A>,
a student of <A HREF="http://www.ps.uni-saarland.de/~smolka/">Gert Smolka</A>, 
finished in 2009 his 
<A HREF="http://www.ps.uni-saarland.de/~doczkal/master/master.php" target="_top">master thesis</A> 
at Saarbr&uuml;cken University using 
Nominal Isabelle. He formalised the TT-lifting technique in order to prove 
strong normalisation of Moggi's computational metalanguage. This is part of
the <A HREF="http://afp.sourceforge.net/entries/Lam-ml-Normalization.shtml">AFP repository</A>.

<li>
Armin Heller finished his master thesis at the TU Munich in 2010 with a simple compiler verification
using Nominal Isabelle.

<li>
<A HREF="http://homepages.inf.ed.ac.uk/jcheney/" target="_top">James Cheney</A> 
formalised a number of properties of the meta-theory of mini-XQuery in Nominal Isabelle.
The plan is to extend this work to full XQuery. The preliminary results appeared at CPP'11.

<li>
<A HREF="http://cl-informatik.uibk.ac.at/users/cek/" target="_top">Cezary Kaliszyk</A> 
with input from Henk Barendregt formalised the second fixed point theorem
of the lambda calculus using Nominal Isabelle 2. This work appeared at CPP'11.

<li>
<A HREF="http://www.joachim-breitner.de/blog/" target="_top">Joachim Breitner</A> 
used Nominal2 for formalising Launchbury's natural semantics for lazy evaluation. This is part
of the <A HREF="http://afp.sourceforge.net/entries/Launchbury.shtml">AFP</A>. 

<li>
<A HREF="http://www.cl.cam.ac.uk/~lp15/" target="_top">Larry Paulson</A> 
formalised G&ouml;del's Incompletness Theorems using Nominal2. This work
appeared in the Journal of Automated Reasoning in 2015 and is part of the
<A HREF="https://www.isa-afp.org/browser_info/current/AFP/Incompleteness/SyntaxN.html">AFP</A>.

<li>
<A HREF="http://www.cl.cam.ac.uk/~lp15/" target="_top">Larry Paulson</A> 
formalised a second Part of G&ouml;del's Incompletness Theorems using Nominal2. This is part of the
<A HREF="https://www.isa-afp.org/browser_info/current/AFP/Goedel_HFSet_Semanticless/SyntaxN.html">AFP</A>.


<li>
<A HREF="http://www.joachim-breitner.de/blog/" target="_top">Joachim Breitner</A>
proved the correctness of a GHC compiler transformation using Nominal2.
This work appeared at the
<A HREF="https://www.haskell.org/haskell-symposium/2015/">Haskell Symposium 2015</A>.

<li>
  <A HREF="https://www.isa-afp.org/authors/brun">Matthias Brun</A> and
  <A HREF="https://traytel.bitbucket.io/">Dmitriy Traytel</A> formalised
  Generic Authenticated Data Structures using Nominal Isabelle.
  The AFP entry is <a href="https://www.isa-afp.org/entries/Modal_Logics_for_NTS.html">here</a>.
  This work appeared in the Proceedings of the International Conference on Concurrency Theory (CONCUR 2015).  

<li>
  <A HREF="https://www.isa-afp.org/authors/weber/">Tjark Weber</A> et al formalise a uniform
  semantic substrate for a wide variety of process calculi where states and action labels can be from
  arbitrary nominal sets. This includes a Hennessy-Milner logic for these systems.
  The AFP entry is <a href="https://www.isa-afp.org/entries/Modal_Logics_for_NTS.html">here</a>.
  This work appeared in the Proceedings of the International Conference on Concurrency Theory (CONCUR 2015).

<li>
  <A HREF="https://www.andreipopescu.uk">Andrei Popescu</A> and
  <A HREF="https://traytel.bitbucket.io/">Dmitriy Traytel</A>
  gave a Formally Verified Abstract Account of Gödel's Incompleteness Theorems using Nominal Isabelle.
  The AFP entries are
  <a href="https://www.isa-afp.org/entries/Goedel_Incompleteness.html">here</a>,
  <a href="https://www.isa-afp.org/entries/Goedel_HFSet_Semantic.html">here</a> and
  <a href="https://www.isa-afp.org/entries/Goedel_HFSet_Semanticless.html">here</a>.
  This work appeared in the Proceedings of the International Conference on Automated Deduction (CADE 2019).  

<li>
  <A HREF="https://www.isa-afp.org/authors/brun">Matthias Brun</A> and
  <A HREF="https://traytel.bitbucket.io/">Dmitriy Traytel</A> formalised
  Generic Authenticated Data Structures using Nominal Isabelle.
  The AFP entry is <a href="https://www.isa-afp.org/entries/LambdaAuth.html">here</a>.
  This work appeared in the Proceedings of International Conference on Interactive Theorem Proving (ITP 2019).


<li>
  <A HREF="https://www.andreipopescu.uk">Andrei Popescu</A> and
  <A HREF="https://traytel.bitbucket.io/">Dmitriy Traytel</A>
  formalise Robinson Arithmetic. This includes unary term-for-var substitution for two syntactic
  categories (terms and formulas) and proves 15 delicate theorems: compositionality of substitution
  w.r.t. itself, freshness, constructors. The AFP entry is
  <a href="https://www.isa-afp.org/entries/Robinson_Arithmetic.html">here</a>.
  This work appeared in the Proceedings of the International Conference on Automated Deduction (CADE 2019).  
  
</ul>
</P>


<H3>Entries in the Archive of Formal Proofs (AFP) using Nominal Isabelle</H3>

<ul>
<li>
<A HREF="http://www.joachim-breitner.de/blog/" target="_top">Joachim Breitner</A>
proved the correctness of a GHC compiler transformation using Nominal2.
The AFP
entry
is <a href="https://www.isa-afp.org/entries/Call_Arity.html">here</a>.
This work appeared at the
<A HREF="https://www.haskell.org/haskell-symposium/2015/">Haskell Symposium 2015</A>.  

  
<li>
<A HREF="https://www.cl.cam.ac.uk/~mpew2/">Mark Wassell</A>, Alasdair
Armstrong, Neel Krishnaswami and Peter Sewell mechanised the
Metatheory for the MiniSail ISA Specification Language using Nominal
Isabelle. They needed Nominal Isabelle for handling binding.  The AFP
entry
is <a href="https://www.isa-afp.org/entries/MiniSail.html">here</a>.
This work appeared in the Proceedings of the 48th International
Symposium on Microarchitecture MICRO-48 (2015) and at the Automated
Reasoning Workshop (ARW 2018).


<li>
  <A HREF="https://www.isa-afp.org/authors/felgenhauer/">Bertram Felgenhauer</A> et al formalise the
  Z property introduced by Dehornoy and van Oostrom using Nominal 2.
  The AFP entry is <a href="https://www.isa-afp.org/entries/Rewriting_Z.html">here</a>.


  

</ul>
</P>

<H3>Entries in the Archive of Formal that had to work around the current limitations of Nominal</H3>

<ul>
<li>
<A HREF="https://www.isa-afp.org/authors/felgenhauer">Bertram Felgenhauer</A>
formalised a higher-order term algebra, generalizing the notions of free variables, matching, and substitution.
The Nominal framework provides support for reasoning over fresh names, but unfortunately,
its definitions are not executable. The AFP entry
is <a href="https://www.isa-afp.org/entries/Higher_Order_Terms.html">here</a>.
</ul>
</P>

</TABLE>
</CENTER>

<P>
<a href="http://validator.w3.org/check/referer" target="_top">[Validate this page.]</a>

</body>
</html>