Formal Methods
A.Y. 2024/2025
Learning objectives
The course will address formal techniques to improve software reliability, in particular w.r.t. the specification and the proof of software properties. The techniques that we will present are symbolic model checking and theorem proving via proof assistants.
Expected learning outcomes
The student will be able to state and prove some simple properties of software using the tools presented in the course
Lesson period: First semester
Assessment methods: Esame
Assessment result: voto verbalizzato in trentesimi
Single course
This course can be attended as a single course.
Course syllabus and organization
Single session
Responsible
Lesson period
First semester
Course syllabus
We will explore mathematical techniques for improving software
reliability, namely for specifying and reasoning about properties of
software and tools for helping validate these properties.
(1) basic tools from logic for making and justifying precise claims
about programs;
(2) the use of proof assistants (hybrid tools that try to automate the
more routine aspects of building proofs while depending on human
guidance for more difficult aspects) to construct rigorous logical
arguments;
(3) the idea of functional programming, both as a method of
programming and as a bridge between programming and logic;
(4) formal techniques for reasoning about the properties of specific
programs (e.g., that a loop terminates on all inputs, or that a
sorting function actually fulfills its specification), using Hoare logics and
(5) the use of type systems for establishing well-behavedness
guarantees for all programs in a given programming language (e.g., the
fact that well-typed Java programs cannot be subverted at runtime). The system under study will be the simply-typed lambda calculus
Finally we will look at current research geared towards better automation
i. Connection with automated theorem provers (CoqHammer)
ii. machine learning
The specificity of this course is that is based around Coq which
provides a rich environment for interactive development of
machine-checked formal reasoning. The kernel of the Coq system is a
simple proof-checker which guarantees that only correct deduction
steps are performed. On top of this kernel, the Coq environment
provides high-level facilities for proof development. All the course
is formalized and machine-checked: It is intended to be read alongside
an interactive session with Coq.
reliability, namely for specifying and reasoning about properties of
software and tools for helping validate these properties.
(1) basic tools from logic for making and justifying precise claims
about programs;
(2) the use of proof assistants (hybrid tools that try to automate the
more routine aspects of building proofs while depending on human
guidance for more difficult aspects) to construct rigorous logical
arguments;
(3) the idea of functional programming, both as a method of
programming and as a bridge between programming and logic;
(4) formal techniques for reasoning about the properties of specific
programs (e.g., that a loop terminates on all inputs, or that a
sorting function actually fulfills its specification), using Hoare logics and
(5) the use of type systems for establishing well-behavedness
guarantees for all programs in a given programming language (e.g., the
fact that well-typed Java programs cannot be subverted at runtime). The system under study will be the simply-typed lambda calculus
Finally we will look at current research geared towards better automation
i. Connection with automated theorem provers (CoqHammer)
ii. machine learning
The specificity of this course is that is based around Coq which
provides a rich environment for interactive development of
machine-checked formal reasoning. The kernel of the Coq system is a
simple proof-checker which guarantees that only correct deduction
steps are performed. On top of this kernel, the Coq environment
provides high-level facilities for proof development. All the course
is formalized and machine-checked: It is intended to be read alongside
an interactive session with Coq.
Prerequisites for admission
We require the student to be acquainted with basic knowledge of logic, ideally having taken the graduate course of Logic. It would be useful, though not necessary, to be acquainted with functional programming.
Teaching methods
Lectures and lab sessions
Teaching Resources
web site:
https://amomiglianol2.ariel.ctu.unimi.it/v5/home/Default.aspx
A selection from : https://softwarefoundations.cis.upenn.edu/
A selection from: https://softwarefoundations.cis.upenn.edu/
https://amomiglianol2.ariel.ctu.unimi.it/v5/home/Default.aspx
A selection from : https://softwarefoundations.cis.upenn.edu/
A selection from: https://softwarefoundations.cis.upenn.edu/
Assessment methods and Criteria
The exam (on a 1--30 scale) consists of solving some problems using the PC in the lab. The test lasts 3 (three) hours. A small project can be agreed upon to improve the grade
INF/01 - INFORMATICS - University credits: 6
Lessons: 48 hours
Professor:
Momigliano Alberto Davide Adolfo
Shifts:
Turno
Professor:
Momigliano Alberto Davide AdolfoProfessor(s)