Social processes and proofs of theorems and programs
Communications of the ACM
On the criteria to be used in decomposing systems into modules
Communications of the ACM
Formal verification of the ucla security kernel: abstract model, mapping functions, theorem generation, and proofs.
Hi-index | 0.00 |
This paper describes methods for decomposing large conjectures into smaller ones in order to make their proof easier and for limiting the amount of reproving that occurs when a specification is modified. It proposes a tool, based on these methods, for managing the proofs of conjectures about an evolving specification.