<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HEAD>
<TITLE>Homepage of Christian Urban</TITLE>
<BASE HREF="https://nms.kcl.ac.uk/christian.urban/">
<script type="text/javascript">

  var _gaq = _gaq || [];
  _gaq.push(['_setAccount', 'UA-4143458-4']);
  _gaq.push(['_trackPageview']);

  (function() {
    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
  })();
</script>
</HEAD>

<BODY TEXT="#000000" 
      BGCOLOR="#4169E1" 
      LINK="#0000EF" 
      VLINK="#51188E"  
      ALINK="#FF0000">
<font face='Tahoma'>

<TABLE WIDTH="100%" 
       BGCOLOR="#4169E1" 
       BORDER="0"   
       FRAME="border"  
       CELLPADDING="11"     
       CELLSPACING="2"
       RULES="all">

<!-- left column -->
<TR>
<TD BGCOLOR="#FFFFFF" 
    WIDTH="24%" 
    VALIGN="TOP" 
    ROWSPAN="9">

<B>Links</B><BR>
<A HREF="https://nms.kcl.ac.uk/christian.urban/index.html">Home</A><BR>
<A HREF="https://nms.kcl.ac.uk/christian.urban/publications.html">Publications</A><BR>
<A HREF="https://nms.kcl.ac.uk/christian.urban/teaching.html">Teaching</A><BR>
<A HREF="https://nms.kcl.ac.uk/christian.urban/travelling.html">Recent Talks</A><BR>
<A HREF="https://nms.kcl.ac.uk/christian.urban/Nominal/">Nominal Isabelle</A>
<BR>
<BR>

<B>Handy Information</B><BR>
<A HREF="https://nms.kcl.ac.uk/christian.urban/logic.html">People in Logic</A><BR> 
<A HREF="https://nms.kcl.ac.uk/christian.urban/programming.html">Programming Languages</A><BR> 
<A HREF="https://nms.kcl.ac.uk/christian.urban/misc.html">Miscellaneous</A>
<BR><BR>

<table border="0">
<tr>
<td>
<A HREF="https://nms.kcl.ac.uk/christian.urban/Nominal/">
<IMG SRC="nominal-logo.gif" ALT="" style="border-width: 0px;" align="left"></A>
</td>
</tr>
<tr>
<td>
<A HREF="https://nms.kcl.ac.uk/christian.urban/Cookbook/">
<IMG SRC="Cookbook/logo-documentation.gif" ALT="" style="border-width: 0px;" align="left"></A>
</td>
</tr>
</table>
</TD>



<!-- right column -->
<TD BGCOLOR="#FFFFFF" WIDTH="75%">
<A NAME="Home"></A>
<TABLE>
<TR>
<TD WIDTH="75%">
<H1>Christian Urban</H1>

<B>E-mail</B> 
christian.urban <I>at</I> kcl ac uk<BR>
<BR>

<B>Address</B> 
<A HREF="http://www.kcl.ac.uk/nms/depts/informatics/">Department of Informatics</A>,
<A HREF="http://www.kcl.ac.uk">King's College London</A>,
Bush House, 30 Aldwych, London WC2B 4BG, UK. My office is 7.07 on the 7th floor, North Wing, of the Bush House. 
<BR>

</TD>
<TD align="right" valign="top"> 
<A HREF="https://nms.kcl.ac.uk/christian.urban/picture-small.jpg"><IMG ALT="" SRC="picture-small.jpg" align="top"></A>
</TD>
</TR>
</TABLE>
<p>
  <IMG SRC="new.gif" ALT="" style="" align="left"><A HREF="https://nms.kcl.ac.uk/christian.urban/Cookbook" target="_top">Isabelle Programming Tutorial</A> (draft of a 200-page tutorial on Isabelle programming - updated to
    <A HREF="http://isabelle.in.tum.de">Isabelle 2019</A> thanks to Norbert Schirmer)<BR><BR>
</TD>
</TR>

<TR>
<TD BGCOLOR="#FFFFFF" WIDTH="75%">
<B>Current Position</B> 
Since 2011 I have been a lecturer in the Department of Informatics at King's College London.
This is similar to a position of an assistant professor in other places. In 2011,
I was also offered a lectureship 
<A HREF="http://www.it.uu.se/" TITLE="Uppsala">here</A>, an associate professorship 
<A HREF="http://en.itu.dk/" TITLE="ITU, Copenhagen">here</A>,
and full professorships 
<A HREF="https://en.wikipedia.org/wiki/University_of_Science_and_Technology_of_China" TITLE="IAS, Suzhou">here</A> and 
<A HREF="https://en.wikipedia.org/wiki/East_China_Normal_University" TITLE="Shanghai">here</A>. 
I thank all people involved for their efforts.
<P>

<B>Past Positions</B> 
In April 2006, I was awarded an <A HREF="http://en.wikipedia.org/wiki/Emmy_Noether">Emmy-Noether</A> 
<A HREF="https://www.dfg.de/en/research_funding/programmes/individual/emmy_noether/">fellowship</A>, which I held at the <A HREF="http://www.in.tum.de/en.html">TU Munich</A> until
September 2011.
Between September 2008 and February 2009, I was an invited research scientist in 
the <A HREF="http://www.cs.princeton.edu/">Department of Computer Science</A> in Princeton.
In 2004/05 I was an Alexander-von-Humboldt fellow in Munich and 
from 2000 until 2004 I was awarded a Research Fellowship in Cambridge. Before that
I did my PhD in Cambridge funded by two scholarships from the German Academic Exchange 
Service (<A HREF="http://www.daad.de/index.html">DAAD</A>).
<P>

<B>Skolem Award 2015</B> Together with
<A HREF="http://www.pps.univ-paris-diderot.fr/~tasson/">Christine Tasson</A>, I was awarded a
<A HREF="http://cadeinc.org/Skolem-Award">Thoralf Skolem Award</A>, a ten-year
  test-of-time award from CADE. This was for our
  <A HREF="https://nms.kcl.ac.uk/christian.urban/Publications/nom-cade-05.ps">paper</A>
  on Nominal Techniques in Isabelle/HOL from 2005. The Skolem Award award was given also
  to Nicolaas de Bruijn, Zohar Manna and
  Nachum Derschowitz, amongst others.
<P>
  
<B>Research Interests</B> theorem provers, verification, programming languages, compilers, 
algorithms, security, proof theory, type systems, concurrency, lambda calculus, unification, 
regular expressions, computability, complexity, functional and logic  programming.
<P>

<B>Teaching</B> I usually enjoy teaching. At King's my students nominated me for the Teaching
Excellence Award in
2012, 2015, 2016 and 2017, and for the best MSc Project supervisor in 2015.
In 2014 I received both prizes for Best UG Project Supervisor and for Best
MSc Project Supervisor in the <A HREF="http://www.kcl.ac.uk/nms/index.aspx">NMS Faculty</A>.<P>

  

<B>Conferences</B>
UNIF'06 (member of PC), 
<A HREF="http://www.cs.mcgill.ca/~bpientka/lfmtp07">LFMTP'07</A> (member of PC), 
LFMTP'08 (PC co-chair), 
<A HREF="http://www.cis.upenn.edu/~sweirich/wmm/">WMM'08</A> (member of PC),
LSFA'08 (invited speaker),
<A HREF="http://www.inf.kcl.ac.uk/staff/maribel/TAASN.html">TAASN'09</A> (member of PC),
<A HREF="http://lsfa09.cic.unb.br/">LSFA'09</A> (member of PC),
<A HREF="https://nms.kcl.ac.uk/christian.urban/Nominal/activities/tphols09/idw.html">IDW'09</A> (organiser),
<A HREF="http://www.seas.upenn.edu/~sweirich/wmm/wmm09.html">WMM'09</A> (PC chair),
<A HREF="https://nms.kcl.ac.uk/christian.urban/Nominal/activities/tphols09/">TPHOLs'09</A> (PC co-chair),
<A HREF="http://dream.inf.ed.ac.uk/events/automatheo-2010/">Automatheo'10</A> (member of PC),
<A HREF="http://www.floc-conference.org/">ITP'10</A> (member of PC),
UNIF'10 (invited speaker),
<A HREF="http://www.cis.upenn.edu/~bcpierce/wmm/">WMM'10</A> (invited speaker),
<A HREF="https://nms.kcl.ac.uk/christian.urban/Nominal/activities/idw10/idw.html">IDW'10</A> (co-organiser),
CPP'11 (member of PC),
<A HREF="http://www.rdp2011.uns.ac.rs/rta/">RTA'11</A> (member of PC),
<A HREF="http://lfmtp11.cs.umn.edu">LFMTP'11</A> (member of PC),
<A HREF="http://www.cs.uwyo.edu/~ruben/itp-2014">ITP'14</A> (member of PC),
<A HREF="http://www.cicm-conference.org/2015/cicm.php?event=mkm">MKM'15</A> (member of PC),
<A HREF="https://nms.kcl.ac.uk/christian.urban/itp-2015/">ITP'15</A> (PC co-chair),
<A HREF="https://itp2016.inria.fr">ITP'16</A> (member of PC)
<A HREF="http://lsfa.cic.unb.br">LSFA'17</A> (member of PC)
<A HREF="http://itp2017.cic.unb.br">ITP'17</A> (member of PC)
<A HREF="https://itp19.cecs.pdx.edu">ITP'19</A> (member of PC)
<A HREF="https://ijcar2020.org">IJCAR'20</A> (member of PC)
<P>

<A HREF="https://nms.kcl.ac.uk/christian.urban/itp-2015/">ITP'15</A> took place in Nanjing organised
by Xingyuan Zhang and me<BR>
<p>

<B>Current PhD</B> Chengsong Tan<BR>
<B>Former PhD</B> Fahad Ausaf (works at ARM in the VHDL compiler team)<BR>
<B>Former RAs</B> Chunhan Wu, <A HREF="http://cl-informatik.uibk.ac.at/users/cek/">Cezary Kaliszyk</A>, 
<A HREF="http://dpt-info.u-strasbg.fr/~narboux/">Julien Narboux</A><p>

  If I am not teaching or not doing any research, I am sometimes in the lavender
  <A HREF="https://nms.kcl.ac.uk/christian.urban/family.jpg">fields</A> of London, or I do
  <A HREF="https://nms.kcl.ac.uk/christian.urban/c.jpg">model-shoots</A> far away, or I am
  assistant to the resident
  <A HREF="https://nms.kcl.ac.uk/christian.urban/s1.jpg">chief</A>
  <A HREF="https://nms.kcl.ac.uk/christian.urban/s2.jpg">paleontologist</A>.
</TD>
</TR>

<TR>
<TD BGCOLOR="#FFFFFF" WIDTH="75%">
<B>Nominal Isabelle</B> 
I am the main developer of Nominal 
<A HREF="http://isabelle.in.tum.de">Isabelle</A>. This is joint work with 
<A HREF="http://www21.in.tum.de/~berghofe/">Dr Stefan Berghofer</A>,
<A HREF="http://sketis.net/">Dr Markus Wenzel</A>,
<A HREF="http://cl-informatik.uibk.ac.at/users/cek/">Dr Cezary Kaliszyk</A>,
<A HREF="http://user.it.uu.se/~tjawe125/">Dr Tjark Weber</A> and 
the Isabelle-team in Munich.
Many of the theoretical ideas originate from the nominal logic project - a wonderful project headed 
by <A HREF="http://www.cl.cam.ac.uk/~amp12/">Prof. Andrew Pitts</A>.  
The aim with this work is to make formal reasoning involving binders as simple as 
on paper and the hope is to lure  
<A HREF="http://alliance.seas.upenn.edu/~plclub/cgi-bin/poplmark/index.php?title=The_POPLmark_Challenge#Vision">masses</A> to automated
theorem proving. My funding for this work was provided in 2004 and 2005 by a research 
fellowship from the 
<A HREF="http://en.wikipedia.org/wiki/Alexander_von_Humboldt">Alexander-von-Humboldt</A>
<A HREF="http://www.humboldt-foundation.de/web/home.html">foundation</A>. During this time I was a visitor in the group of 
<A HREF="http://www.mathematik.uni-muenchen.de/~schwicht/">Prof. Helmut Schwichtenberg</A> in Munich.
Between 2006 and 2011 this work is supported by an
<A HREF="http://en.wikipedia.org/wiki/Emmy_Noether">Emmy-Noether</A> 
<A HREF="https://www.dfg.de/en/research_funding/programmes/individual/emmy_noether/">fellowship</A> at the TUM.
There is a <A HREF="https://nms.kcl.ac.uk/christian.urban/Nominal/">webpage</A> about Nominal
Isabelle, which also includes a list of projects that use Nominal Isabelle.
Users of Nominal Isabelle had their papers appearing at LICS, POPL, FOSSACS, SOS, TPHOLs, CPP, SEFM,
the Haskell Symposium and
in the Journal of Automated Reasoning. Nowadays, Nominal Isabelle 2 is part of the <A HREF="https://www.isa-afp.org">Archive of Formal Proofs</A>.
</TD>
</TR>

<TR>
<TD BGCOLOR="#FFFFFF" WIDTH="75%">
<B>Real-Time Scheduling and Priority Inheritance</B>
  In real-time operating systems with processes, resource locking and
  priority scheduling, one faces the problem of
  <A HREF="http://en.wikipedia.org/wiki/Priority_inversion">priority inversion</A> (processes
  with lower priority block processes with higher priority indefinitely). If you do not prevent this problem,
  then processes can behave erratically, as <A HREF="http://www.nasa.gov">NASA</A> found out the
  <A HREF="http://catless.ncl.ac.uk/Risks/19.54.html#subj6">hard</A> way with their first
  <A HREF="http://www.nasa.gov/mission_pages/mars-pathfinder/index.html">Mars Pathfinder mission</A>.
  The priority inheritance protocol is a widely used scheduling algorithm that prevents
  priority inversion. However, the <A HREF="http://dx.doi.org/10.1109/12.57058">original paper</A>
  describing this algorithm contains an incorrect algorithm and a bogus(!) correctness proof.

  We formalised our version of the priority inheritance protocol, including a generalisation
  of the original work (we allow overlapping critical sections) in the theorem prover
  <A HREF="http://isabelle.in.tum.de">Isabelle</A>.

  In our formalisation we use the inductive method we learned from
  <A HREF="https://www.cl.cam.ac.uk/~lp15/">Prof. Larry Paulson</A>.
  He used this method in order to prove the correctness of security
  protocols. We have implemented our algorithm on top of the
  the small <A HREF="https://en.wikipedia.org/wiki/Pintos">PINTOS</A>
  operating system used for teaching (we passed all their test cases and were
  faster than their reference implementation).

  
  While the problem with the original algorithm was already known for some time, the incorrect
  specification seems to be still widely in use and described in many textbooks on real-time operating systems,
  including famous and rather expensive
  ones. Feel free to decide whether they are worth your time and money. Task: Spot the problems in  
  <A href="https://www.amazon.com/Real-Time-Systems-Design-Analysis-Practitioner-ebook/dp/B0062LNOCW">here</A>,
  <A href="https://www.amazon.co.uk/Real-Time-Concepts-Embedded-Systems-Qing/dp/1578201241">here</A>,
  <A href="https://www.amazon.co.uk/Real-Time-Systems-Jane-W-Liu/dp/0130996513">here</A>,
  <A href="https://www.springer.com/gp/book/9780792392118">here</A> and
  <A href="https://www.os-book.com/OS9/">here</A>!
  Alternatively, you can look at the quotes and pointers in our
  <A HREF="http://nms.kcl.ac.uk/christian.urban/Publications/pip.pdf">paper</A>. A notable
  exception is the <A HREF="https://www.springer.com/gp/book/9781461406754">textbook</A>
  by Buttazzo, who gives the correct specification. Unfortunately, his work did not
  help us with proving the correctness of the priority inheritance protocol.
  
  This is joint work with Prof. Xingyuan Zhang and his student Chunhan Wu from the 
  PLA University of Science and Technology in Nanjing. 
</TD>
</TR>

<TR>
<TD BGCOLOR="#FFFFFF" WIDTH="75%">
<B>Myhill-Nerode and Regular Expressions</B> 
Out of frustration of having to teach reasoning in theorem provers with worn-out examples like
fib and even/odd, we implemented a large part of regular language theory in Isabelle/HOL.
This <A HREF="http://afp.sourceforge.net/devel-entries/Myhill-Nerode.shtml">implementation</A> 
gives rise to much more interesting examples, as shown 
<A HREF="http://www.cs.cmu.edu/~rwh/papers/regexp/jfp.pdf">here</A> and 
<A HREF="http://ropas.snu.ac.kr/~kwang/paper/06-jfp-yi.pdf">here</A>. It turns out that
formalisations of automata theory are a huge 
<A HREF="https://lists.cam.ac.uk/pipermail/cl-isabelle-users/2005-September/msg00012.html">pain</A> 
in theorem provers, especially in those that are based on HOL. 
We therefore went against the 
<A HREF="http://www.cs.cornell.edu/~kozen/papers/papers_by_year.htm#K97a">mainstream</A> 
and used in our formalisation regular expressions exclusively,
because they are much more convenient for formal reasoning. The results we
formalised include: the Myhill-Nerode theorem, the closure of regular languages
under complementation, finiteness of derivatives of regular expressions and a surprising 
result about Subseq, which according to 
this 
<A HREF="http://blog.computationalcomplexity.org/2006/01/theorem-that-should-be-better-known.html">blog</A> 
should be better known. We also answered a
<A HREF="http://blog.computationalcomplexity.org/2013/02/proving-dfa-langs-closed-under-concat.html">question</A> from the same blog about
"proving Reg-exp-langs [being] closed under complementation without using equiv to DFA's"....yes we can!
This is joint work with Prof. Xingyuan
Zhang and his student Chunhan Wu from the 
PLA University of Science and Technology in Nanjing. 
My funding for this work came from the 
<A HREF="http://sinogermanscience.dfg.nsfc.cn/de/index.html">Chinese-German Research Centre</A>. 
</TD>
</TR>

<TR>
<TD BGCOLOR="#FFFFFF" WIDTH="75%">
<B>Nominal Unification and Alpha-Prolog</B> 
<A HREF="https://nms.kcl.ac.uk/christian.urban/Unification">Nominal unification</A> is one outcome of 
my involvement in the nominal logic project in Cambridge. Another is the logic programming language 
alpha-Prolog (joint work with <A HREF="http://homepages.inf.ed.ac.uk/jcheney/">Dr James Cheney</A>), 
which uses nominal unification - click for details 
<A HREF="http://homepages.inf.ed.ac.uk/jcheney/programs/aprolog/">here</A>.
The nominal unification algorithm has been 
<A HREF="https://nms.kcl.ac.uk/christian.urban/Unification">formally verified</A> in Isabelle. This 
was possible  since this unification algorithm is formulated in a simple first-order language 
(unlike other algorithms for higher-order unification). 
<A HREF="https://nms.kcl.ac.uk/maribel.fernandez/">Prof. Maribel Fernandez</A> and her student
improved the nominal unification algorithm to be quadratic. 
  <A HREF="http://www.cs.indiana.edu/~dfried/">Prof. Daniel Friedman</A> and his group use nominal 
unification in their alpha-Kanren system implemented in Scheme. This work has also found its
  way into <A HREF="http://clojure.org">Clojure</A> as the <A HREF="https://github.com/clojure/core.logic/wiki/core.logic.nominal">core.logic.nominal</A> package.
My funding for this work was provided through a research fellowship from 
<A HREF="http://www.corpus.cam.ac.uk">Corpus Christi College</A>, Cambridge. 
</TD>
</TR>

<TR>
<TD BGCOLOR="#FFFFFF"  WIDTH="75%">
<B>Classical Logic</B>
I was Ph.D. student in the University of Cambridge 
<A HREF="http://www.cl.cam.ac.uk">Computer Laboratory</A>
and for three years 
called Gonville and Caius College my home. I was very lucky to have   
<A HREF="https://labs.oracle.com/pls/apex/f?p=labs:bio:0:2044">Dr Gavin Bierman</A>
as supervisor. My research in Cambridge was also very  much influenced by 
<A HREF="http://www.dpmms.cam.ac.uk/~martin/">Prof. Martin Hyland</A>.
Some details on my thesis "Classical Logic and Computation" are 
<A HREF="https://nms.kcl.ac.uk/christian.urban/PhD/index.html">elsewhere</A>, including
a <A HREF="https://nms.kcl.ac.uk/christian.urban/Cut/cutapplet.html">Java Applet</A> that 
'visualises' some of the results from the thesis. I completed the writing of
the thesis in  <A HREF="http://iml.univ-mrs.fr/ldp/">Marseille</A> in the group of 
<A HREF="http://girard.perso.math.cnrs.fr/Accueil.html">Prof. Jean-Yves Girard</A>. My study in 
Cambridge was funded by two <A HREF="http://www.daad.de/index.html">scholarships</a> 
from the German government; my year in Marseille by a TMR-fellowship from the EU. 
My PhD was also one starting point for the EPSRC Project on the Semantics of Classical 
Proofs. The strong normalisation result in the PhD has been used in 2007 by 
<A HREF="http://www.destineesnumeriques.com/speaker/aJZiZm5o/claude-kirchner">Prof. Claude Kirchner</A> and his 
students for proving consistency of their superdeduction system lemuridae.
</TD>
</TR>



<TR>
<TD BGCOLOR="#FFFFFF" WIDTH="75%">
<B>Forum</B> 
I implemented Forum, a programming language based on classical linear logic, 
as my M.Phil. thesis. This was joint work with 
<A HREF="https://rd.host.cs.st-andrews.ac.uk">Dr Roy Dyckhoff</A>. 
Details can be found  
<A HREF="https://rd.host.cs.st-andrews.ac.uk/logic/nonmac/">here</A> and
<A HREF="http://www.lix.polytechnique.fr/Labo/Dale.Miller/forum/">here</A>. During my
M.Phil study I spent one month in Philadelphia invited by 
<A HREF="http://www.lix.polytechnique.fr/~dale/">Prof. Dale Miller</A>.
</TD>
</TR>

<TR>
<TD BGCOLOR="#FFFFFF" WIDTH="75%">
<B>G4ip</B> An implementation of G4ip using the imperative language Pizza can be found 
<A HREF="https://nms.kcl.ac.uk/christian.urban/Prover/index.html">here</A>.
<A HREF="http://pizzacompiler.sourceforge.net">Pizza</A>, written around 1996, is a conservative 
extension of Java and a precursor of Scala. My implementation illustrates the technique of 
success continuations in proof search.
</TD>
</TR>
 

</TABLE>
<P>
<a href="https://validator.w3.org/check/referer">[Validate this page.]</a>
</font>
</BODY>
</HTML>