Journal of Automated Reasoning

, Volume 11, Issue 3, pp 353–389 | Cite as

Set theory for verification: I. From foundations to functions

  • Lawrence C. Paulson


A logic for specification and verification is derived from the axioms of Zermelo-Fraenkel set theory. The proofs are performed using the proof assistant Isabelle. Isabelle is generic, supporting several different logics. Isabelle has the flexibility to adapt to variants of set theory. Its higher-order syntax supports the definition of new binding operators. Unknowns in subgoals can be instantiated incrementally. The paper describes the derivation of rules for descriptions, relations, and functions and discusses interactive proofs of Cantor's Theorem, the Composition of Homomorphisms challenge [9], and Ramsey's Theorem [5]. A generic proof assistant can stand up against provers dedicated to particular logics.

Key words

Isabelle set theory generic theorem proving Ramsey's Theorem higher-order syntax 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aczel, Peter,Non-Well-Founded Sets, CSLI (1988).Google Scholar
  2. 2.
    Andrews, Peter B., Miller, Dale A., Cohen, Eve L. and Pfenning, Frank, ‘Automating higher-order logic’, in W. W. Bledsoe and D. W. Loveland (Eds.),Automated Theorem Proving: After 25 Years, pp. 169–192, American Mathematical Society (1984).Google Scholar
  3. 3.
    Bailin, Sidney C., ‘A λ-unifiability test for set theory’,J. Automated Reasoning,4(3), 269–286 (1988).Google Scholar
  4. 4.
    Bailin, Sidney C. and Barker-Plummer, Dave, ‘ℒ-match: An inference rule for incrementally elaborating set instantiations’, Technical report, Swarthmore College, second revision (1993).Google Scholar
  5. 5.
    Basin, David and Kaufmann, Matt, ‘The Boyer-Moore prover and Nuprl: An experimental comparison’, in Gérard Huet and Gordon Plotkin (Eds.),Logical Frameworks, pp. 89–119, Cambridge University Press (1991).Google Scholar
  6. 6.
    Bledsoe, W. W., ‘Non-resolution theorem proving’,Artificial Intelligence,9 1–35 (1977).Google Scholar
  7. 7.
    Bledsoe, W. W., ‘A maximal method for set variables in automatic theorem-proving’, in J. E. Hayes, D. Michie, and L. I. Mikulich (Eds.),Machine Intelligence 9, pp. 53–100, Ellis Horwood Ltd (1979).Google Scholar
  8. 8.
    Bledsoe, W. W. and Feng, Guohui, ‘Set-var’, Technical report, University of Texas at Austin, March (1993);J. Automated Reasoning (forthcoming).Google Scholar
  9. 9.
    Boyer, Robert, Lusk, Ewing, McCune, William, Overbeek, Ross, Stickel, Mark and Wos, Lawrence, ‘Set theory in first-order logic: Clauses for Gödel's axioms’,J. Automated Reasoning,2(3), 287–327 (1986).Google Scholar
  10. 10.
    Brown, Frank Malloy, ‘Toward the automation of set theory and its logic’,Artificial Intelligence,10 281–316 (1978).Google Scholar
  11. 11.
    Cantone, D., ‘Decision procedures for elementary sublanguages of set theory: X. Multilevel syllogistic extended by the singleton and powerset operators’,J. Automated Reasoning,7(2), 193–230 (1991).Google Scholar
  12. 12.
    Claesen, L. J. M. and Gordon, M. J. C., (Eds.),Higher Order Logic Theorem Proving and Its Applications, North-Holland (1993).Google Scholar
  13. 13.
    Corella, Francisco, ‘Mechanizing set theory’, Technical Report RC 14706 (#65927), IBM Watson Research Center (1989).Google Scholar
  14. 14.
    Devlin, Keith J.,Fundamentals of Contemporary Set Theory, Springer (1979).Google Scholar
  15. 15.
    Felty, Amy, ‘A logic program for transforming sequent proofs to natural deduction proofs’, in Peter Schroeder-Heister (Ed.),Extensions of Logic Programming, pp. 157–178, Springer (1991). LNAI 475.Google Scholar
  16. 16.
    Givan, R., McAllester, D., Witty, C. and Zalondek, K., ‘Ontic: Language specification and user's manual’, Technical report, MIT, 1992. Draft 4.Google Scholar
  17. 17.
    Gödel, Kurt, ‘The consistency of the axiom of choice and of the generalized continuum hypothesis with the axioms of set theory’, In S. Fefermanet al. (Eds.),Kurt Gödel: Collected Works, Vol. II, Oxford University Press (1990). Paper first published in 1940.Google Scholar
  18. 18.
    Gordon, Michael J. C., ‘Why higher-order logic is a good formalism for specifying and verifying hardware’, in G. Milne and P. A. Subrahmanyam (Eds.),Formal Aspects of VLSI Design, pp. 153–177, North-Holland (1986).Google Scholar
  19. 19.
    Gordon, Michael J. C., ‘HOL: A proof generating system for higher-order logic’, in Graham Birtwistle and P. A. Subrahmanyam (Eds.),VLSI Specification, Verification and Synthesis, pp. 73–128, Kluwer Academic Publishers (1988).Google Scholar
  20. 20.
    Graham, Brian T.,The SECD Microprocessor: A Verification Case Study, Kluwer Academic Publishers (1992).Google Scholar
  21. 21.
    Halmos, Paul R.,Naive Set Theory, Van Nostrand (1960).Google Scholar
  22. 22.
    Huet, G. P., ‘A unification algorithm for typed λ-calculus’,Theor. Computer Sci.,1 27–57 (1975).Google Scholar
  23. 23.
    Kaufmann, Matt, ‘An extension of the Boyer-Moore theorem prover to support first-order quantification’,J. Automated Reasoning,9(3), 355–372 (1992).Google Scholar
  24. 24.
    Kunen, Kenneth,Set Theory: An Introduction to Independence Proofs, North-Holland (1980).Google Scholar
  25. 25.
    Lamport, Leslie, ‘The temporal logic of actions’, Technical report, DEC Systems Research Center (1991).Google Scholar
  26. 26.
    Lamport, Leslie, ‘Types considered harmful’, Technical report, DEC Systems Research Center (1992). Draft.Google Scholar
  27. 27.
    Leclerc, F. and Paulin-Mohring, Ch., ‘Programming with streams in Coq. A case study: the sieve of Eratosthenes’, in B. Nordström, K. Petersson, and G. Plotkin (Eds.),Workshop of Types for Proofs and Programs, pp. 245–261 (June, 1992). Båstad, Sweden.Google Scholar
  28. 28.
    McCarty, David C., ‘Realizability and recursive mathematics’, Technical Report CMU-CS-84-131, Carnegie-Mellon University (1984).Google Scholar
  29. 29.
    McDonald, James and Suppes, Patrick, ‘Student use of an interactive theorem prover’, in W. W. Bledsoe and D. W. Loveland (Eds.),Automated Theorem Proving: After 25 Years, pp. 315–360, American Mathematical Society (1984).Google Scholar
  30. 30.
    Miller, Dale, ‘Unification under a mixed prefix’,J. Symbolic Computation,14(4), 321–358 (1992).Google Scholar
  31. 31.
    Nipkow, Tobias, ‘Constructive rewriting’,Computer J.,34 34–41 (1991).Google Scholar
  32. 32.
    Noël, Philippe, ‘Experimenting with Isabelle in ZF set theory,J. Automated Reasoning,10(1), 15–58 (1993).Google Scholar
  33. 33.
    Nordström, Bengt, Petersson, Kent and Smith, Jan,Programming in Martin-Löf's Type Theory. An Introduction, Oxford University Press (1990).Google Scholar
  34. 34.
    Pastre, Dominque, ‘Automatic theorem proving in set theory’,Artificial Intelligence,10 1–27 (1978).Google Scholar
  35. 35.
    Paulson, Lawrence C., ‘The foundation of a generic theorem prover’,J. Automated Reasoning,5(3), 363–397 (1989).Google Scholar
  36. 36.
    Paulson, Lawrence C., ‘Isabelle: The next 700 theorem provers’, in P. Odifreddi (Ed.),Logic and Computer Science, pp. 361–386, Academic Press (1990).Google Scholar
  37. 37.
    Paulson, Lawrence C., ‘Introduction to Isabelle’, Technical Report 280, University of Cambridge Computer Laboratory (1993).Google Scholar
  38. 38.
    Paulson, Lawrence C., ‘The Isabelle reference manual’, Technical Report 283, University of Cambridge Computer Laboratory (1993).Google Scholar
  39. 39.
    Paulson, Lawrence C., ‘Isabelle's object-logics’, Technical Report 286, University of Cambridge Computer Laboratory (1993).Google Scholar
  40. 40.
    Paulson, Lawrence C., ‘Set theory for verification: II. Induction and recursion’, Technical Report 312, University of Cambridge Computer Laboratory (1993).Google Scholar
  41. 41.
    Pelletier, F. J., ‘Seventy-five problems for testing automatic theorem provers’,J. Automated Reasoning,2 191–216 (1986). Errata,Loc. cit.,4, 235–236 (1988).Google Scholar
  42. 42.
    Plaisted, David A. and Potter, Richard C., ‘Term rewriting: Some experimental results’,J. Symbolic Computation,11 149–180 (1991).Google Scholar
  43. 43.
    Prawitz, Dag, ‘Ideas and results in proof theory’, in J. E. Fenstad (Ed.),Proceedings of the Second Scandinavian Logic Symposium, pp. 235–308, North Holland (1971).Google Scholar
  44. 44.
    Quaife, Art, ‘Automated deduction in von Neumann-Bernays-Gödel set theory,J. Automated Reasoning,8(1), 91–147 (1992).Google Scholar
  45. 45.
    Ryser, Herbert John,Combinatorial Mathematics, Mathematical Association of America (1963).Google Scholar
  46. 46.
    Saaltink, Mark, ‘TheEves library’, Technical Report TR-91-5449-03, ORA Canada, 265 Carling Avanue, Suite 506, Ottawa, Ontario (1992).Google Scholar
  47. 47.
    Saaltink, Mark, ‘TheEves library models’, Technical Report TR-91-5449-04, ORA Canada, 265 Carling Avanue, Suite 506, Ottawa, Ontario (1992).Google Scholar
  48. 48.
    Saaltink, Mark, Kromodimoeljo, Sentot, Pase, Bill, Craigen, Dan and Meisels, Irwin, ‘AnEves data abstraction example’, in J. C. P. Woodcock and P. G. Larsen (Eds.),FME '93: Industrial-Strength Formal Methods, pp. 578–596, Springer (1993), LNCS 670.Google Scholar
  49. 49.
    Schmidt, David, ‘Natural deduction theorem proving in set theory’, Technical Report CSR-142-83, Department of Computer Science, University of Edinburgh (1983).Google Scholar
  50. 50.
    Shoenfield, J. R., ‘Axioms of set theory’, in J. Barwise (Ed.),Handbook of Mathematical Logic, pp. 321–344, North-Holland (1977).Google Scholar
  51. 51.
    Suppes, Patrick,Axiomatic Set Theory, Dover (1972).Google Scholar
  52. 52.
    Thompson, Simon,Type Theory and Functional Programming, Addison-Wesley (1991).Google Scholar

Copyright information

© Kluwer Academic Publishers 1993

Authors and Affiliations

  • Lawrence C. Paulson
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeCambridgeUK

Personalised recommendations