LTT: a type-theoretic frameworkfor foundational pluralism

Zhaohui Luo Dept of Computer Science Royal Holloway, Univ of

London

2

Type theory and applications

Proof assistants based on TTs Agda (Sweden/Japan) and NuPRL (USA)

implementing Martin-Löf’s type theory Coq (France), Lego/Plastic (UK)

implementing CIC (Calculus of Inductive Constructions) and ECC/UTT (Unifying Theory of dependent Types)

Application examples Computer science

Program verification (eg, analysis of security protocols) Dependently-typed programming

Formalisation of mathematics Four-colour Theorem in Coq

3

Foundational pluralism

Two extreme positions in FOM Neo-platonism (eg, set-theoretic foundation:

Gödel/Maddy) Revisionists (eg, intuitionism: Brouwer/Martin-Löf)

A pragmatic position – “pluralism” Various maths based on different logical foundations “Foundational pluralism”

Support in type theory and the associated tech? Theorem proving technology based on TTs is not just

for constructive reasoning! Eg, Classical logic as well as intuitionistic logic

4

Consider the “combinations” of the following and their “negations”:(C) Classical logic(I) Impredicative definitions

We would have (CI) Ordinary (classical, impredicative) math

Classical set theory/simple type theory, HOL/Isabelle (C°I°) Predicative constructive math

Martin-Löf’s TT, Agda/NuPRL (C°I) Impredicative constructive math

CIC/ECC/UTT, Coq/Lego/Plastic (CI°) Predicative classical math

Weyl, Feferman, Simpson, …

Uniform foundational framework for formalisation to support pluralism?

5

Set-theoretic reasoning in type theory?

Current type theories Strong in type-theoretic reasoning (eg, inductive types) Not so strong in set-theoretic reasoning Note: Types are NOT sets! (cf, non-inductive sets)

“a : A” – judgemental, meta-level “s S” – propositional

How should set-theoretic reasoning be supported? Traditional (untyped) ZF set theory? (cf, Isabelle/ZF) Combining with type-theoretic reasoning?

Two roles of (the usual notion of) sets: Domain/range of functions: f : AB Separation/selection from a domain: { x : A | P(x) }

Now, types for (i) and typed sets for (ii)!

6

Type-theoretic framework LTT: structure

LTT = LF + Logic-enriched TTs + Typed Sets LF – Logical framework (cf, Edin LF, Martin-Löf’s LF,

PAL+, …) Logic-enriched type theories [Aczel/Gambino02,06] Typed sets: sets with base types (see later)

LTT = Logics + Types Logic Types Logics – specified in LF \ / Types – inductive types + types of sets \ /

LF(Luo 2007, LNCS 4435.)

7

Key components of LTT (I): types & props

Types and propositions: Two worlds: objects in the “real world” and their

properties (cf, ECC/UTTLTT) Types

Eg, inductive types like N, x:A.B, List(A), Tree(A), … Eg, types of sets like Set(A)

Propositions: Describing properties of objects (x:A.P(x) with type A) Classical laws may be introduced

eg, double negation: DN[P,p] : Prf(P), if P : Prop and p : Prf(¬¬P).

Induction rules Linking the world of logical propositions and that of types Enabling proofs of properties about objects of types

8

Example of inductive types: natural numbers

Formation and introduction N : Type 0 : N succ(n) : N, for n : N

Elimination over types and computation: ElimT(C,c,f,n) : C(n), for C(n) : Type where n : N

Plus computational rules for ElimT: eg,

ElimT(C,c,f,0) = c

ElimT(C,c,f,succ(n)) = f(n,ElimT(C,c,f,n))

Induction over propositions: ElimP(P,c,f,n) : P(n), for P(n) : Prop where n : N

Key to prove logical properties of natural numbers

9

Key components of LTT (II): typed sets

Typed sets Set(A) : Type for A : Type { x:A | P(x) } : Set(A)

t { x:A | P(x) } means P(t)

(cf, de Bruijn’s use of this terminology)Impredicativity and predicativity

Impredicative sets (LTTi) A can be any type (e.g., Set(B)) P(x) can be any proposition

eg, P(x) = s:Set(N). sS & xs, for S : Set(Set(N)) Predicative sets (LTTp)

Universes of small types and small propositions A must be small (in particular, A is not Set(…)) P(x) must be small (not allowing quantifications over sets)

10

Implementations and case studies

Plastic (Callaghan/Luo 2001) Proof assistant Plastic implements LF and inductive types (UTT)

Implemention of LTT in Plastic (Callaghan) Simple extension of Plastic

Case studies Formalisation of Weyl’s predicative mathematics

(Adams/Luo 2007, LNCS 4502) Analysis of security protocols (Luo 2007, LNCS 4435) OO-modelling and verification (in progress)

11

Formalisation of Weyl’s predicative math

H. Weyl. The Continuum (Das Kontinuum), 1918. Historical development (paradox etc.) Predicative development of the real number system The notion of category Classical logic

Weyl/Feferman/Simpson’s work on predicativity Predicativity (E.g., { x | φ(x) } with φ being “arithmetical” –

without quantification over sets)

Formalisation of Weyl’s book in Plastic In LTT, use classical logic and predicative sets Weyl’s categories as types “Exact match” (and further research …)

12

OO-modelling in intensional type theory

Functional model Cf, work by Abadi, Bruce, Cardelli, Kamin, Pierce, …

OO F ?? Features such as bounded quantification (BQ) are problematic.

Modelling OO-features in intensional type theory (ITT) LTT with classical logic LTT is “intensional”: no problematic features such as BQ or

extensional features such as -like equalities. A model in an intensional TT will lead to, eg, verification of

programs with OO-features (eg, in Coq)OO ITT Coq/Plastic/…

Work in progress (S. Han) OO-model and verification of OO-programs in Coq

Future Work Eg, automatic translation (OO-programs models, properties

propositions, … )