Part of the Lecture Notes in Computer Science book series (LNCS, volume 9195)
KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems
KeYmaera X is a theorem prover for differential dynamic logic (), a logic for specifying and verifying properties of hybrid systems. Reasoning about complicated hybrid systems models requires support for sophisticated proof techniques, efficient computation, and a user interface that crystallizes salient properties of the system. KeYmaera X allows users to specify custom proof search techniques as tactics, execute these tactics in parallel, and interface with partial proofs via an extensible user interface.
Advanced proof search features—and user-defined tactics in particular—are difficult to check for soundness. To admit extension and experimentation in proof search without reducing trust in the prover, KeYmaera X is built up from a small trusted kernel. The prover kernel contains a list of sound axioms that are instantiated using a uniform substitution proof rule. Isolating all soundness-critical reasoning to this prover kernel obviates the intractable task of ensuring that each new proof search algorithm is implemented correctly. Preliminary experiments suggest that a single layer of tactics on top of the prover kernel provides a rich language for implementing novel and sophisticated proof search techniques.
KeywordsSequent Calculus Adaptive Cruise Control Hybrid Automaton Proof Tree Proof Rule
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
The authors thank the anonymous reviewers for their helpful feedback, and Ran Ji for help with testing and extending KeYmaera X.
- 2.Alur, R., Courcoubetis, C., Henzinger, T.A., Ho, P.-H.: Hybrid automata: an algorithmic approach to the specification and verification of hybrid systems. In: Grossman, R.L., Ravn, A.P., Rischel, H., Nerode, A. (eds.) HS 1991 and HS 1992. LNCS, vol. 736, pp. 209–229. Springer, Heidelberg (1993) CrossRefGoogle Scholar
- 3.Beckert, B., Hähnle, R., Schmitt, P.H. (eds.): Verification of Object-Oriented Software. LNCS (LNAI), vol. 4334, pp. 453–479. Springer, Heidelberg (2007) Google Scholar
- 7.The Coq development team: The Coq proof assistant reference manual. LogiCal project, version 8.0 (2004). http://coq.inria.fr
- 8.Mitsch, S., Platzer, A.: ModelPlex: verified runtime validation of verified cyber-physical system models. In: Bonakdarpour, B., Smolka, S.A. (eds.) RV 2014. LNCS, vol. 8734, pp. 199–214. Springer, Heidelberg (2014) Google Scholar
- 9.Nipkow, T., Paulson, L.C., Wenzel, M. (eds.): Isabelle/HOL: A Proof Assistant for Higher-Order Logic. LNCS, vol. 2283. Springer, Heidelberg (2002) Google Scholar
- 12.Platzer, A.: Logics of Dynamical Systems. In: LICS, pp. 13–24. IEEE (2012)Google Scholar
- 13.Platzer, A.: Differential Game Logic. CoRR abs/1408.1980 (2014)Google Scholar
- 14.Platzer, A.: A uniform substitution calculus for differential dynamic logic. In: Felty, A.P., Middeldorp, A. (eds.) CADE-25. LNCS, vol. 9195, pp. xx–yy. Springer, Heidelberg (2015)Google Scholar
- 16.Quesel, J.D., Mitsch, S., Loos, S., Aréchiga, N., Platzer, A.: How to model and prove hybrid systems with KeYmaera: a tutorial on safety. STTT (2015)Google Scholar
© Springer International Publishing Switzerland 2015