Verifikation reaktiver Systeme - Universität Kaiserslautern

222
Theories The HOL system is organised in theories. Each of them contains sets of
types, constants, definitions and axioms and a list of theorems that are proven
from the axioms and definitions. A theory is potentially expandable, and the
HOL system ensures that only well-formed theories are constructed by allowing
theorems to be created only by formal proof.
Defining what it means to be a theorem leads to the description of the proof
system of HOL. This is built with the help of the programming language ML,
being the meta language in this sense. The deductive system of the HOL system
is based on eight rules of inference that are as follows:
– Assumption introduction:
– Reflexivity:
t ⊢ t
⊢ t = t
– Beta conversion: Lett 1 [t 2 /x] be the result of substituting t 2 for x in t 1 ,with
suitable renaming of variables to prevent free variables in t 2 becoming bound
after substitution.
⊢ (λx. t 1 )t 2 = t 1 [t 2 /x]
– Substitution: Lett[t 1 ,...,t n ] denote a term t with some free occurrences
of subterms t 1 , ... , t n singled out, and let t[t ′ 1,...,t ′ n]denotetheresult
of replacing each selected occurrence of t i by t ′ i (for 1≤i≤n), with suitable
renaming of variables to prevent free variables in t ′ i becoming bound after
substitution.
Γ 1 ⊢ t 1 = t ′ 1 ··· Γ n ⊢ t n = t ′ n Γ ⊢ t[t 1 ,...,t n ]
Γ 1 ∪···∪Γ n ∪ Γ ⊢ t[t ′ 1,...,t ′ n]
– Abstraction: Letx be not free in Γ .
Γ ⊢ t 1 = t 2
Γ ⊢ (λx. t 1 )=(λx. t 2 )
– Type instantiation: Lett[σ 1 ,...,σ n /α 1 ,...,α n ] be the result of substituting
the types σ 1 , ..., σ n for type variables α 1 , ..., α n in t, and let none of the
type variables α 1 , ... , α n occur in Γ , and no distinct variables in t become
identified after the instantiation.
– Discharging an assumption:
Γ ⊢ t
Γ ⊢ t[σ 1 ,...,σ n /α 1 ,...,α n ]
Γ ⊢ t 2
Γ −{t 1 } ⊢ t 1 ⇒ t 2