Journal of Automated Reasoning

, Volume 41, Issue 3–4, pp 219–249 | Cite as

An Extensible Encoding of Object-oriented Data Models in hol

with an Application to imp++
  • Achim D. BruckerEmail author
  • Burkhart Wolff


We present an extensible encoding of object-oriented data models into higher-order logic (hol). Our encoding is supported by a datatype package that leverages the use of the shallow embedding technique to object-oriented specification and programming languages. The package incrementally compiles an object-oriented data model, i. e., a class model, to a theory containing object-universes, constructors, accessor functions, coercions (casts) between static types (and providing a foundation for the notion of dynamic types), characteristic sets, and co-inductive class invariants. The package is conservative, i. e., all properties are derived entirely from constant definitions, including the constraints over object structures. As an application, we use the package for an object-oriented core-language called imp++, for which we formally prove the correctness of a Hoare logic with respect to a denotational semantics.


Object-oriented data models hol Theorem proving Verification 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ahrendt, W., Baar, T., Beckert, B., Bubel, R., Giese, M., Hähnle, R., Menzel, W., Mostowski, W., Roth, A., Schlager, S., Schmitt, P.H.: The KeY tool. Softw. Syst. Model. 4(1), 32–54 (2005). doi:10.1007/s10270-004-0058-x CrossRefGoogle Scholar
  2. 2.
    Andrews, P.B.: Introduction to Mathematical Logic and Type Theory: To Truth through Proof, 2nd edn. Kluwer, Dordrecht (2002)zbMATHGoogle Scholar
  3. 3.
    Barnett, M., Leino, K.R.M., Schulte, W.: The Spec# programming system: an overview. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.L., Muntean, T. (eds.) Construction and Analysis of Safe, Secure, and Interoperable Smart Devices (CASSIS). Lecture Notes in Computer Science, vol. 3362, pp. 49–69. Springer, Heidelberg (2005). doi:10.1007/b105030 Google Scholar
  4. 4.
    Basin, D.A., Kuruma, H., Takaragi, K., Wolff, B.: Verification of a signature architecture with HOL-Z. In: Fitzgerald, J., Hayes, I.J., Tarlecki, A. (eds.) FM 2005: Formal Methods. Lecture Notes in Computer Science, vol. 3582, pp. 269–285. Springer, Heidelberg (2005). doi:10.1007/11526841_19 Google Scholar
  5. 5.
    Beckert, B., Hähnle, R., Schmitt, P.H. (eds.): Verification of object-oriented software: the KeY approach. In: Lecture Notes in Computer Science, vol. 4334. Springer, Heidelberg (2007). doi:10.1007/978-3-540-69061-0
  6. 6.
    Berghofer, S., Wenzel, M.: Inductive datatypes in HOL—lessons learned in formal-logic engineering. In: Bertot, Y., Dowek, G., Hirschowitz, A., Paulin, C., Théry, L. (eds.) Theorem Proving in Higher Order Logics (TPHOLS). Lecture Notes in Computer Science, vol. 1690, pp. 19–36. Springer, Heidelberg (1999). doi:10.1007/3-540-48256-3_3 CrossRefGoogle Scholar
  7. 7.
    Böhme, S., Leino, K.R.M., Wolff, B.: HOL-Boogie—an interactive prover for the Boogie program-verifier. In: Mohamed, O.A., Muñoz, C., Tahar, S. (eds.) Theorem Proving in Higher Order Logics. Lecture Notes in Computer Science, vol. 5170, pp. 150–166. Springer, Heidelberg (2008). doi:10.1007/978-3-540-71067-7_15 CrossRefGoogle Scholar
  8. 8.
    Brucker, A.D.: An interactive proof environment for object-oriented specifications. PhD Thesis, ETH Zurich (2007). ETH Dissertation No. 17097Google Scholar
  9. 9.
    Brucker, A.D., Rittinger, F., Wolff, B.: HOL-Z 2.0: a proof environment for Z-specifications. J. Univers. Comput. Sci. 9(2), 152–172 (2003)Google Scholar
  10. 10.
    Brucker, A.D., Wolff, B.: The HOL-OCL book. Tech. Rep. 525. ETH, Zurich (2006)Google Scholar
  11. 11.
    Brucker, A.D., Wolff, B.: HOL-OCL—a formal proof environment for UML/OCL. In: Fiadeiro, J., Inverardi, P. (eds.) Fundamental Approaches to Software Engineering (FASE08). Lecture Notes in Computer Science, no. 4961, pp. 97–100. Springer, New York (2008). doi:10.1007/978-3-540-78743-3_8 CrossRefGoogle Scholar
  12. 12.
    Brucker, A.D., Wolff, B.: Extensible universes for object-oriented data models. In: Vitek, J. (ed.) ECOOP 2008—Object-Oriented Programming. no. 5142 in Lecture Notes in Computer Science, pp. 438–462. Springer, New York (2008). doi:10.1007/978-3-540-70592-5_19 Google Scholar
  13. 13.
    Drossopoulou, S., Eisenbach, S.: Describing the semantics of Java and proving type soundness. In: Alves-Foss, J. (ed.) Formal Syntax and Semantics of Java, Lecture Notes in Computer Science, vol. 1523, pp. 41–82. Springer, Heidelberg (1999). doi:10.1007/3-540-48737-9_2 CrossRefGoogle Scholar
  14. 14.
    Flatt, M., Krishnamurthi, S., Felleisen, M.: A programmer’s reduction semantics for classes and mixins. In: Alves-Foss, J. (ed.) Formal Syntax and Semantics of Java, pp. 241–269. Springer, Heidelberg (1999). doi:10.1007/3-540-48737-9_7 CrossRefGoogle Scholar
  15. 15.
    Huisman, M., Jacobs, B.: Inheritance in higher order logic: modeling and reasoning. In: Aagaard, M., Harrison, J. (eds.) Theorem Proving in Higher Order Logics (TPHOLS). Lecture Notes in Computer Science, vol. 1869, pp. 301–319. Springer, Heidelberg (2000). doi:10.1007/3-540-44659-1_19 CrossRefGoogle Scholar
  16. 16.
    Igarashi, A., Pierce, B.C., Wadler, P.: Featherweight java: a minimal core calculus for Java and GJ. ACM Trans. Program. Lang. Syst. 23(3), 396–450 (2001). doi:10.1145/503502.503505 CrossRefGoogle Scholar
  17. 17.
    Jacobs, B., Poll, E.: Java program verification at Nijmegen: developments and perspective. In: Futatsugi, K., Mizoguchi, F., Yonezaki, N. (eds.) Software Security—Theories and Systems (ISSS). Lecture Notes in Computer Science, vol. 3233, pp. 134–153. Springer, Heidelberg (2004). doi:10.1007/b102118 Google Scholar
  18. 18.
    Leavens, G.T., Baker, A.L., Ruby, C.: JML: a notation for detailed design. In: Kilov, H., Rumpe, B., Simmonds, I. (eds.) Behavioral Specifications of Businesses and Systems, pp. 175–188. Kluwer, Dordrecht (1999)Google Scholar
  19. 19.
    Leino, K.R.M., Müller, P.: Modular verification of static class invariants. In: Fitzgerald, J., Hayes, I.J., Tarlecki, A. (eds.) FM 2005: Formal Methods. Lecture Notes in Computer Science, vol. 3582, pp. 26–42. Springer, Heidelberg (2005). doi:10.1007/11526841_4 Google Scholar
  20. 20.
    Marché, C., Paulin-Mohring, C.: Reasoning about Java programs with aliasing and frame conditions. In: Hurd, J., Melham, T.F. (eds.) Theorem Proving in Higher Order Logics (TPHOLS), Lecture Notes in Computer Science, vol. 3603, pp. 179–194. Springer, Heidelberg (2005). doi:10.1007/11541868_12 Google Scholar
  21. 21.
    Melham, T.F.: A package for inductive relation definitions in HOL. In: Archer, M., Joyce, J.J., Levitt, K.N., Windley, P.J. (eds.) International Workshop on the HOL Theorem Proving System and Its Applications (TPHOLS), pp. 350–357. IEEE Computer Society, Los Alamitos (1992)Google Scholar
  22. 22.
    Meyer, J., Poetzsch-Heffter, A.: An architecture for interactive program provers. In: Graf, S., Schwartzbach, M.I. (eds.) Tools and Algorithms for the Construction and Analysis of Systems (TACAS). Lecture Notes in Computer Science, vol. 1785, pp. 63–77. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  23. 23.
    Müller, O., Nipkow, T., von Oheimb, D., Slotosch, O.: HOLCF = HOL + LCF. J. Funct. Program. 9(2), 191–223 (1999). doi:10.1017/S095679689900341X zbMATHCrossRefGoogle Scholar
  24. 24.
    Naraschewski, W., Wenzel, M.: Object-oriented verification based on record subtyping in higher-order logic. In: Grundy, J., Newey, M.C. (eds.) Theorem Proving in Higher Order Logics (TPHOLS). Lecture Notes in Computer Science, vol. 1479, pp. 349–366. Springer, Heidelberg (1998). doi:10.1007/BFb0055146 CrossRefGoogle Scholar
  25. 25.
    Nipkow, T.: Winskel is (almost) right: towards a mechanized semantics textbook. Form. Asp. Comput. 10(2), 171–186 (1998). doi:10.1007/s001650050009 zbMATHCrossRefGoogle Scholar
  26. 26.
    Nipkow, T., von Oheimb, D.: Javaight is type-safe—definitely. In: ACM Symp. Principles of Programming Languages (POPL), pp. 161–170. ACM, New York (1998). doi:10.1145/268946.268960 CrossRefGoogle Scholar
  27. 27.
    Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL—a proof assistant for higher-order logic. In: Lecture Notes in Computer Science, vol. 2283. Springer, Heidelberg (2002). doi:10.1007/3-540-45949-9 Google Scholar
  28. 28.
    OMG: UML 2.0 OCL specification (2003). ptc/03-10-14
  29. 29.
    OMG: Unified modeling language specification (version 1.5) (2003). formal/03-03-01
  30. 30.
    von Oheimb, D.: Analyzing Java in Isabelle/HOL: formalization, type safety and hoare logic. PhD Thesis, Technische Universität München (2001)Google Scholar
  31. 31.
    von Oheimb, D., Nipkow, T.: Hoare logic for NanoJava: auxiliary variables, side effects, and virtual methods revisited. In: Eriksson, L.H., Lindsay, P.A. (eds.) FME 2002: Formal Methods—Getting IT Right. Lecture Notes in Computer Science, vol. 2391, pp. 89–105. Springer, Heidelberg (2002). doi:10.1007/3-540-45614-7_6 CrossRefGoogle Scholar
  32. 32.
    Paulson, L.C.: A fixedpoint approach to (co)inductive and (co)datatype definitions. In: Plotkin, G., Stirling, C., Tofte M. (eds.) Proof, Language, and Interaction: Essays in Honour of Robin Milner, pp. 187–211. MIT, Cambridge (2000)Google Scholar
  33. 33.
    Smith, G., Kammüller, F., Santen, T.: Encoding Object-Z in Isabelle/HOL. In: Bert, D., Bowen, J.P., Henson, M.C., Robinson, K. (eds.) ZB 2002: Formal Specification and Development in Z and B. Lecture Notes in Computer Science, vol. 2272, pp. 82–99. Springer, Heidelberg (2002). doi:10.1007/3-540-45648-1_5 CrossRefGoogle Scholar
  34. 34.
    Winskel, G.: The Formal Semantics of Programming Languages. MIT, Cambridge (1993)zbMATHGoogle Scholar
  35. 35.
    Yatake, K., Aoki, T., Katayama, T.: Implementing application-specific object-oriented theories in HOL. In: Hung, D.V., Wirsing, M. (eds.) Theoretical Aspects of Computing—ICTAC 2005. Lecture Notes in Computer Science, vol. 3722, pp. 501–516. Springer, Heidelberg (2005). doi:10.1007/11560647_33 CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media B.V. 2008

Authors and Affiliations

  1. 1.SAP ResearchKarlsruheGermany
  2. 2.Université Paris-SudOrsay CedexFrance

Personalised recommendations