Implicit Definitions with Differential Equations for KeYmaera X (System Description)

James Gallicchio,Yong Kiam Tan,Stefan Mitsch,André Platzer
DOI: https://doi.org/10.1007/978-3-031-10769-6_42
2022-05-31
Abstract:Definition packages in theorem provers provide users with means of defining and organizing concepts of interest. This system description presents a new definition package for the hybrid systems theorem prover KeYmaera X based on differential dynamic logic (dL). The package adds KeYmaera X support for user-defined smooth functions whose graphs can be implicitly characterized by dL formulas. Notably, this makes it possible to implicitly characterize functions, such as the exponential and trigonometric functions, as solutions of differential equations and then prove properties of those functions using dL's differential equation reasoning principles. Trustworthiness of the package is achieved by minimally extending KeYmaera X's soundness-critical kernel with a single axiom scheme that expands function occurrences with their implicit characterization. Users are provided with a high-level interface for defining functions and non-soundness-critical tactics that automate low-level reasoning over implicit characterizations in hybrid system proofs.
Logic in Computer Science
What problem does this paper attempt to address?
The problem that this paper attempts to solve is: in the hybrid - system theorem prover KeYmaera X, how to support user - defined smooth functions (such as exponential functions and trigonometric functions), which can be implicitly characterized by differential equations. Specifically, the author proposes a new definition package that allows users to implicitly define these functions through differential dynamic logic (dL) formulas and use the differential equation reasoning principles of dL to prove the properties of these functions. ### Core of the problem 1. **Existing limitations**: In KeYmaera X, the previous definition mechanism was limited to non - recursive shorthands, which made some common mathematical functions (such as trigonometric functions and exponential functions) unavailable for direct use, although they could be uniquely characterized by dL formulas. 2. **Requirement for new mechanism**: To expand the functionality of KeYmaera X, a method is needed to enable users to define and reason about any function that can be characterized by the solutions of ordinary differential equations (ODEs). ### Solution The author introduces a new definition package that allows users to implicitly define functions through differential equations in dL. Specifically: - Users can implicitly characterize functions by defining differential equations. - The package provides a high - level interface that enables users to define functions and provides automated strategies to handle low - level reasoning in hybrid - system proofs. ### Theoretical contributions Theoretically, implicit definitions strictly extend the class of ODE invariants applicable to the dL complete ODE invariance proof principle. These invariants play a crucial role in ODE safety proofs. ### Practical applications In practice, arithmetic identities and other specifications involving user - defined functions can be proven by automatically expanding their implicit ODE characterizations and reusing the existing KeYmaera X ODE reasoning support. ### Example verification The package demonstrates its usability and seamless integration capabilities in several hybrid - system verification examples involving special functions from the literature. ### Summary This paper solves the problem of how to support user - defined smooth functions, which are implicitly characterized by differential equations, in KeYmaera X, thereby expanding the functionality and application scope of the system.