ProofPeer: Collaborative Theorem Proving
Lead Research Organisation:
University of Edinburgh
Department Name: Sch of Informatics
Abstract
In today's computerised and scientific era, making our claims indefeasible is more critical and more relevant than ever. We need to make indefeasible claims about the stability of mission critical hardware and software components, e.g. about technology used in medicine where mistakes can be deadly, or about the security of computer systems in times where computer viruses are used as weapons of warfare.
In response to the challenge of making indefeasible claims, the fields of automated and interactive theorem proving have emerged. Automated theorem proving (ATP) is the mechanical checking of computerised proofs by mostly black box software components. Interactive theorem proving (ITP) builds on this by allowing human insight to guide and coordinate ATP systems in almost arbitrary ways. Interactive theorem proving has had noteworthy successes like the mechanisation of the proof of the four-colour theorem,
or the proof of the correctness of the seL4 operating system microkernel. These two examples show that verification problems in very different domains like pure mathematics and system level software can be successfully solved using the same technology, interactive theorem proving.
We believe that the time has come to reach even further and to be even more ambitious about the size of verification projects we are trying to tackle. But to be able to do so, we need a paradigm shift. The Linux operating system kernel consists of fifteen million lines of C program source code which has been contributed by over 1300 developers and over 200 companies. The verification of this kernel is completely out of reach for current ITP technology by several orders of magnitude.
While we manage to develop software at scale, it is as yet unknown how to do verification at scale. We therefore propose to expand the capabilities of ITP by creating collaborative theorem proving (CTP). We shall take the lessons and technologies of interactive theorem proving and integrate the lessons and technologies of the social web, in particular: 1) commons-based peer production and crowd-sourcing, 2) reputation systems, and 3) recommender systems. Sites like Wikipedia, Stack Overflow and Math Overflow have proven that these three components of the social web can result in unprecedented collaborative productivity. The focus of our research will be how to harness this productivity for the purpose of interactive theorem proving, establishing collaborative theorem proving as the social machine of ITP.
To this end, we will grow a online community called ProofPeer, which will be centrally hosted at http://proofpeer.net. After an initial phase of research and implementation, anyone will be able to become a proof peer and participate in this experiment of collaborative theorem proving.
In response to the challenge of making indefeasible claims, the fields of automated and interactive theorem proving have emerged. Automated theorem proving (ATP) is the mechanical checking of computerised proofs by mostly black box software components. Interactive theorem proving (ITP) builds on this by allowing human insight to guide and coordinate ATP systems in almost arbitrary ways. Interactive theorem proving has had noteworthy successes like the mechanisation of the proof of the four-colour theorem,
or the proof of the correctness of the seL4 operating system microkernel. These two examples show that verification problems in very different domains like pure mathematics and system level software can be successfully solved using the same technology, interactive theorem proving.
We believe that the time has come to reach even further and to be even more ambitious about the size of verification projects we are trying to tackle. But to be able to do so, we need a paradigm shift. The Linux operating system kernel consists of fifteen million lines of C program source code which has been contributed by over 1300 developers and over 200 companies. The verification of this kernel is completely out of reach for current ITP technology by several orders of magnitude.
While we manage to develop software at scale, it is as yet unknown how to do verification at scale. We therefore propose to expand the capabilities of ITP by creating collaborative theorem proving (CTP). We shall take the lessons and technologies of interactive theorem proving and integrate the lessons and technologies of the social web, in particular: 1) commons-based peer production and crowd-sourcing, 2) reputation systems, and 3) recommender systems. Sites like Wikipedia, Stack Overflow and Math Overflow have proven that these three components of the social web can result in unprecedented collaborative productivity. The focus of our research will be how to harness this productivity for the purpose of interactive theorem proving, establishing collaborative theorem proving as the social machine of ITP.
To this end, we will grow a online community called ProofPeer, which will be centrally hosted at http://proofpeer.net. After an initial phase of research and implementation, anyone will be able to become a proof peer and participate in this experiment of collaborative theorem proving.
Planned Impact
The main goal of our research on collaborative theorem proving is to scale interactive theorem proving such that it becomes possible to tackle much larger verification projects than currently possible. A further goal is to popularise collaborative theorem proving so that a wider audience is equipped with the tools for making indefeasible claims.
The medium and long-term beneficiaries of this research will therefore be parties who either have a stake in making certain claims indefeasible, or who benefit from the educational effect of collaborative theorem proving. This includes the private sector, students at University of Edinburgh, and UK citizens in general.
A critical basis for the success of our research will be to grow a community of peers we can experiment on. At the same time, a large community of peers would constitute substantial impact all by itself because these peers will have been familiarised with collaborative theorem proving and could spread this concept further. We intend to grow a community of peers in various ways, via teaching, student projects, a Ph.D. student fully funded by the University, the publicly accessible ProofPeer webpage, a proofathon, a University-sponsored video that explains our research in a nutshell, and via publications, seminars, and industry talks. We think that our association with the Flyspeck project will lead to increased visibility of ProofPeer and collaborative theorem proving especially among mathematicians.
We also hope that our study of collaborative theorem proving will lead to commercialisation opportunities in the form of a startup/spinoff. The University of Edinburgh holds the UK record for number of spinoff companies, and we aim to tap into this experience via Informatics Ventures, the local commercialisation team.
The medium and long-term beneficiaries of this research will therefore be parties who either have a stake in making certain claims indefeasible, or who benefit from the educational effect of collaborative theorem proving. This includes the private sector, students at University of Edinburgh, and UK citizens in general.
A critical basis for the success of our research will be to grow a community of peers we can experiment on. At the same time, a large community of peers would constitute substantial impact all by itself because these peers will have been familiarised with collaborative theorem proving and could spread this concept further. We intend to grow a community of peers in various ways, via teaching, student projects, a Ph.D. student fully funded by the University, the publicly accessible ProofPeer webpage, a proofathon, a University-sponsored video that explains our research in a nutshell, and via publications, seminars, and industry talks. We think that our association with the Flyspeck project will lead to increased visibility of ProofPeer and collaborative theorem proving especially among mathematicians.
We also hope that our study of collaborative theorem proving will lead to commercialisation opportunities in the form of a startup/spinoff. The University of Edinburgh holds the UK record for number of spinoff companies, and we aim to tap into this experience via Informatics Ventures, the local commercialisation team.
Organisations
Publications
Fleuriot Jacques
(2016)
Social Network Processes in the Isabelle and Coq Theorem Proving Communities
in arXiv e-prints
Narboux J
(2018)
Handbook of Geometric Constraint Systems Principles
Obua S
(2014)
ProofPeer: Collaborative Theorem Proving
Obua S
(2016)
Theoretical Aspects of Computing - ICTAC 2016
Obua Steven
(2017)
Local Lexing
in arXiv e-prints
Obua, S
(2014)
ProofPeer: Collaborative Theorem Proving
Papapanagiotou P
(2021)
Object-Level Reasoning with Logics Encoded in HOL Light
in Electronic Proceedings in Theoretical Computer Science
Papapanagiotou Petros
(2018)
Correct by Construction Resource-based Process Composition
in arXiv e-prints
| Description | We have created a prototype theorem prover called ProofPeer that incorporates novel concepts such as Local Lexing (LL), which enables lightweight error-handling directly as part of a language specification. We released concrete implementations as well as Isabelle proof libraries for LL, with the latter released as part of Isabelle's Archive of Formal Proof. We have demonstrated that the two main theorem proving communities -- Isabelle and Coq -- display social-network patterns both around users and theorem proving artefacts. We have produced new datasets from the libraries of the proof assistant HOL Light that are highly reliable and richer than any of those currently available. A prototype collaborative theorem proving interface for Isabelle based on version control (Git) was developed as a proof-of-concept (and led to a Master by Research for a student supervised by the PI). |
| Exploitation Route | Our new formal proof datasets should be valuable to the theorem proving community for more effective machine learning -- we are already using these as part of new research that goes beyond lemma selection for theorem proving e.g. inductive theorem proving, resulting in a paper on a novel approach that improves such proofs in HOL Light (published in 2018). Some of our findings about developing cloud-based theorem proving technology is being incorporated into a system is being used to reason formally about industrial workflows as part of a funded EIT Digital project (2018, renewed in 2019). Our fully-verified algorithm about Local Lexing makes it possible to include lightweight error-handling directly as part of a programming language specification instead of leaving it up to the implementation -- this could be useful to the programming language community as well as to the formal verification/theorem proving community. |
| Sectors | Digital/Communication/Information Technologies (including Software),Manufacturing, including Industrial Biotechology |
| Description | Some of the findings from this work is underpinning the theorem proving technology that is used for reasoning about industrial workflows in an EIT Digital project. Manufacturing companies managing complex shop floors have limited understanding and control of the execution of their industrial workflows. Some of our research solutions has informed the the cloud-based formal modelling technology that allows the collaborative development of rigorous industrial workflows which can monitor and check that the positions of workers and assets on shop floors. The new technology has now been piloted at two manufacturing companies in 2018 and 2019. |
| First Year Of Impact | 2018 |
| Sector | Manufacturing, including Industrial Biotechology |
| Impact Types | Economic |
| Description | Digitizing Industrial Workflows: Monitoring and Optimization |
| Amount | € 471,023 (EUR) |
| Funding ID | 18243-19 |
| Organisation | European Institute of Innovation and Technology (EIT) |
| Sector | Public |
| Country | Hungary |
| Start | 01/2019 |
| End | 12/2019 |
| Description | Digitizing Industrial Workflows: Monitoring and Optimization |
| Amount | € 390,422 (EUR) |
| Funding ID | 18243 |
| Organisation | European Institute of Innovation and Technology (EIT) |
| Sector | Public |
| Country | Hungary |
| Start | 01/2018 |
| End | 12/2018 |
| Title | Proofpeer: Local Lexing Prototype |
| Description | Scala/ScalaJS prototype for the novel concept of local flexing developed as part of the ProofPeer project |
| Type Of Material | Improvements to research infrastructure |
| Year Produced | 2017 |
| Provided To Others? | Yes |
| Impact | We are exploring the application of local flexing to programming language design and how it can allow lightweight error-handling directly as part of the language specification instead of leaving it up to the implementation. |
| URL | https://zenodo.org/record/322417 |
| Title | Local Lexing Formal Proof Library |
| Description | This formalisation accompanies the paper Local Lexing which introduces a novel parsing concept of the same name. The paper also gives a high-level algorithm for local lexing as an extension of Earley's algorithm. This formalisation proves the algorithm to be correct with respect to its local lexing semantics. As a special case, this formalisation thus also contains a proof of the correctness of Earley's algorithm. |
| Type Of Material | Computer model/algorithm |
| Year Produced | 2017 |
| Provided To Others? | Yes |
| Impact | This formal model of Local Lexing gives guarantees of correctness for the Scala local lexing library that was released as part of ProofPeer. Moreover, it is available as part of the Isabelle Archive of Formal Proof for anyone to use as part of their own research or improve as they wish. |
| URL | https://www.isa-afp.org/entries/LocalLexing.html |