1<HTML>
2<HEAD>
3<TITLE>HolBddLib</TITLE>
4
5
6
7<LINK rel   = stylesheet type="text/css"
8      href  = "http://www.cl.cam.ac.uk/users/mjcg/style.css"
9      title = "style.css">
10
11
12
13</HEAD>
14
15<BODY>
16
17
18<IMG ALT="Picture of Lake Kananaskis + a picture of a BDD"
19     SRC="doc/HolBdd.jpg">
20
21<H1>HolBddLib</H1>
22
23<UL>
24
25<LI> <A HREF="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/hol/hol98/src/HolBdd/">
26<TT>HolBddLib</TT> Version 2</A> is now available as part
27of <A HREF="http://www.cl.cam.ac.uk/~mjcg/InstallKananaskis.html">HOL98 [Kananaskis 0]</A>.
28
29<LI><A HREF="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/~checkout~/hol/hol98/src/HolBdd/doc/HolBdd.ps.gz">
30Compressed postscript documentation</A> from the
31<A HREF="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/hol/hol98/src/HolBdd/doc/">
32Documentation directory for <TT>HolBddLib</TT> Version 2</A>
33
34</UL>
35
36<P>
37<HR>
38<P>
39
40
41<H1>Edited extracts from the preface to the Version 2 documentation</H1>
42
43<p>
44In the fully expansive (or LCF-style) approach to theorem proving, theorems are represented by an abstract type
45whose primitive operations are the axioms and inference rules of a
46logic.  Theorem proving tools are implemented by composing together
47the inference rules using ML programs.
48
49<p>
50This idea can be generalised to computing valid judgements that
51represent other kinds of information. In particular, consider
52judgements <FONT color="red">(a,<font face="symbol">r</font>,t,b)</FONT>, 
53where <FONT color="red">a</FONT> is a set of boolean terms
54(assumptions) that are assumed true, <FONT color="red"><font face="symbol">r</font></FONT> represents a variable
55order, <FONT color="red">t</FONT> is a boolean term all of whose free variables are boolean
56and <FONT color="red">b</FONT> is a BDD. Such a judgement is valid if under the assumptions
57<FONT color="red">a</FONT>, the BDD representing <FONT color="red">t</FONT> 
58with respect to <FONT color="red"><font face="symbol">r</font></FONT> is <FONT color="red">b</FONT>, 
59and we will write <FONT color="red">a&nbsp;<font face="symbol">r</font>&nbsp;t&nbsp;-->&nbsp;b</FONT> 
60when this is the case.
61
62<p>
63The derivation of "theorems" like <FONT color="red">a&nbsp;<font face="symbol">r</font>&nbsp;t&nbsp;-->&nbsp;b</FONT> can be viewed
64as "proof" in the style of LCF by defining an abstract type <tt>term_bdd</tt>
65that models
66judgements 
67<FONT color="red"><span class="roman">a</span>&nbsp;<font face="symbol">r</font>&nbsp;
68<span class="roman">t</span>&nbsp;-->&nbsp;<span class="roman">b</span></FONT> analogously
69to the way the type <tt>thm</tt> models theorems <FONT color="red"><tt>|-</tt> t</FONT>.
70
71<p>
72<tt>HolBddLib</tt> Version&nbsp;2 provides a
73kernel of representation judgement rules as 
74infrastructure for building fully-expansive
75combinations of HOL theorem proving and BDD-based symbolic calculation
76algorithms, like model checkers.
77<p>
78<tt>HolBddLib</tt> currently contains two main structures: <tt>PrimitiveBddRules</tt>
79which defines a protected type <tt>term_bdd</tt> and rules for generating
80values of this type, and <tt>DerivedBddRules</tt> that contains derived
81rules for performing simple fixed-point calculations.  There is also a
82theory <tt>DerivedBddRulesTheory</tt> containing the theorems on
83reachability and fixed points needed by the derived rules,
84and two small subsidiary structures <tt>Varmap</tt> and <tt>PrintBdd</tt>.
85
86<p>
87The development of <tt>HolBddLib</tt> has gone through two phases.  The
88first phase consisted in experiments with different ways of linking
89higher order logic terms to binary decision diagrams.
90These are described in the paper 
91<A HREF="http://www.cl.cam.ac.uk/~mjcg/TPHOLs2000/TPHOLs2000Final.ps.gz">
92<i>Reachability programming in HOL98 using BDDs</i></A>. 
93
94<p>
95
96<tt>HolBddLib</tt> Version&nbsp;2 provides a less developed interactive
97programming environment than 
98<A HREF="http://www.cl.cam.ac.uk/users/mjcg/HolBddLib/index.version1.html">Version&nbsp;1</A>.
99It is more oriented to
100providing a clean and simple API allowing implementers to create their
101own combinations of model checking and theorem
102proving. Such a combination could be a Voss-like verification
103platform.
104
105<P>
106<HR>
107<P>
108
109<ADDRESS>
110MICHAEL J. C. GORDON<BR>
111
112University of Cambridge<BR>
113<A HREF="http://www.cl.cam.ac.uk/home.html">Computer Laboratory</A><BR>
114<A HREF="http://www.cl.cam.ac.uk/site-maps/gates2.html">Room FE19</A><BR>
115<A HREF="http://www.cl.cam.ac.uk/site-maps/gates.html">William Gates Building</A><BR>
116JJ Thomson Avenue<BR>
117Cambridge CB3 0FD<BR>
118United Kingdom<BR>
119work phone: +44 1223 334627<BR>
120work fax:   +44 1223 334678<BR>
121UK <A HREF="http://www.efax.com">eFax</A>: +44 870 1612485<BR>
122US <A HREF="http://www.efax.com">eFax</A>: (509) 692-9378<BR>
123home: +44 1223 362123<BR>
124email: <A HREF = "mailto:mjcg&#64;cl.cam.ac.uk"><KBD>mjcg&#64;cl.cam.ac.uk</KBD></A>
125</ADDRESS>
126
127
128
129</BODY>
130</HTML>
131
132
133