Abstract
We formally prove correct a C program that implements a numerical scheme for the resolution of the one-dimensional acoustic wave equation. Such an implementation introduces errors at several levels: the numerical scheme introduces method errors, and floating-point computations lead to round-off errors. We annotate this C program to specify both method error and round-off error. We use Frama-C to generate theorems that guarantee the soundness of the code. We discharge these theorems using SMT solvers, Gappa, and Coq. This involves a large Coq development to prove the adequacy of the C program to the numerical scheme and to bound errors. To our knowledge, this is the first time such a numerical analysis program is fully machine-checked.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Achenbach, J.D.: Wave Propagation in Elastic Solids. North Holland, Amsterdam (1973)
Andrews, G.E., Askey, R., Roy, R.: Special Functions. Cambridge University Press, Cambridge (1999)
Askey, R., Gasper, G.: Certain rational functions whose power series have positive coefficients. Am. Math. Mon. 79, 327–341 (1972)
Avigad, J., Donnelly, K.: A decision procedure for linear “Big O” equations. J. Autom. Reason. 38(4), 353–373 (2007)
Barrett, C., Tinelli, C.: CVC3. In: 19th International Conference on Computer Aided Verification (CAV ’07), LNCS, vol. 4590, pp. 298–302. Springer, Berlin (2007)
Baudin, P., Cuoq, P., Filliâtre, J.C., Marché, C., Monate, B., Moy, Y., Prevosto, V.: ACSL: ANSI/ISO C specification language, version 1.5 (2009). URL http://frama-c.cea.fr/acsl.html
Bécache, E.: Étude de schémas numériques pour la résolution de l’équation des ondes. Master Modélisation et simulation, Cours ENSTA (2009). URL http://www-rocq.inria.fr/~becache/COURS-ONDES/Poly-num-0209.pdf
Bertot, Y., Castéran, P.: Interactive theorem proving and program development. Coq’Art: the calculus of inductive constructions. In: Texts in Theoretical Computer Science. Springer (2004)
Bertot, Y., Gonthier, G., Ould Biha, S., Pasca, I.: Canonical big operators. In: 21st International Conference on Theorem Proving in Higher Order Logics (TPHOLs’08), LNCS, vol. 5170, pp. 86–101. Springer, Montreal (2008)
Bobot, F., Conchon, S., Contejean, E., Iguernelala, M., Lescuyer, S., Mebsout, A.: The Alt-Ergo automated theorem prover (2008). URL http://alt-ergo.lri.fr/
Boldo, S.: Preuves formelles en arithmétiques à virgule flottante. Ph.D. thesis, École Normale Supérieure de Lyon (2004)
Boldo, S.: Floats & Ropes: a case study for formal numerical program verification. In: 36th International Colloquium on Automata, Languages and Programming, LNCS - ARCoSS, vol. 5556, pp. 91–102. Springer, Rhodos (2009)
Boldo, S., Filliâtre, J.C.: Formal verification of floating-point programs. In: 18th IEEE International Symposium on Computer Arithmetic, pp. 187–194. Montpellier, France (2007)
Boldo, S., Nguyen, T.M.T.: Proofs of numerical programs when the compiler optimizes. Innovations Syst. Softw. Eng. 7(2), 151–160 (2011)
Boldo, S., Filliâtre, J.C., Melquiond, G.: Combining Coq and Gappa for certifying floating-point programs. In: Carette, J., Dixon, L., Coen, C.S., Watt, S.M. (eds.) 16th Calculemus Symposium, Lecture Notes in Artificial Intelligence, vol. 5625, pp. 59–74. Grand Bend, ON, Canada (2009)
Boldo, S., Clément, F., Filliâtre, J.C., Mayero, M., Melquiond, G., Weis, P.: Formal proof of a wave equation resolution scheme: the method error. In: Kaufmann, M., Paulson, L.C. (eds.) 1st Interactive Theorem Proving Conference (ITP), LNCS, vol. 6172, pp. 147–162. Springer, Edinburgh (2010)
Boldo, S., Melquiond, G.: Flocq: A unified library for proving floating-point algorithms in Coq. In: Antelo, E., Hough, D., Ienne, P. (eds.) 20th IEEE Symposium on Computer Arithmetic, pp. 243–252. Tübingen, Germany (2011)
Brekhovskikh, L.M., Goncharov, V.: Mechanics of Continua and Wave Dynamics. Springer (1994)
Conchon, S., Contejean, E., Kanig, J., Lescuyer, S.: CC(X): semantical combination of congruence closure with solvable theories. In: Post-Proceedings of the 5th International Workshop on Satisfiability Modulo Theories (SMT 2007), Electronic Notes in Computer Science, vol. 198-2, pp. 51–69. Elsevier (2008)
Coquand, T., Paulin-Mohring, C.: Inductively defined types. In: Martin-Löf, P., Mints, G. (eds.) Colog’88, LNCS, vol. 417. Springer (1990)
Courant, R., Friedrichs, K., Lewy, H.: On the partial difference equations of mathematical physics. IBM J. Res. Develop. 11(2), 215–234 (1967)
Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: The ASTRÉE analyzer. In: ESOP, no. 3444 in LNCS, pp. 21–30 (2005)
Cruz-Filipe, L.: A constructive formalization of the fundamental theorem of calculus. In: Geuvers, H., Wiedijk, F. (eds.) 2nd International Workshop on Types for Proofs and Programs (TYPES 2002), LNCS, vol. 2646. Springer, Berg en Dal (2002)
Daumas, M., Melquiond, G.: Certification of bounds on expressions involving rounded operators. Trans. Math. Softw. 37(1), 1–20 (2010)
Daumas, M., Rideau, L., Théry, L.: A generic library for floating-point numbers and its application to exact computing. In: TPHOLs, pp. 169–184 (2001)
Delmas, D., Goubault, E., Putot, S., Souyris, J., Tekkal, K., Védrine, F.: Towards an industrial use of FLUCTUAT on safety-critical avionics software. In: FMICS, LNCS, vol. 5825, pp. 53–69. Springer (2009)
de Dinechin, F., Lauter, C., Melquiond, G.: Certifying the floating-point implementation of an elementary function using Gappa. IEEE Trans. Comput. 60(2), 242–253 (2011)
de Moura, L., Bjørner, N.: Z3, an efficient SMT solver. In: TACAS, Lecture Notes in Computer Science, vol. 4963, pp. 337–340. Springer (2008)
Dutertre, B.: Elements of mathematical analysis in PVS. In: von Wright, J., Grundy, J., Harrison, J. (eds.) 9th International Conference on Theorem Proving in Higher Order Logics (TPHOLs’96), LNCS, vol. 1125, pp. 141–156. Springer, Turku (1996)
Filliâtre, J.C., Marché, C.: The Why/Krakatoa/Caduceus platform for deductive program verification. In: 19th International Conference on Computer Aided Verification, LNCS, vol. 4590, pp. 173–177. Springer, Berlin (2007)
Fleuriot, J.D.: On the mechanization of real analysis in Isabelle/HOL. In: Aagaard, M., Harrison, J. (eds.) 13th International Conference on Theorem Proving and Higher-Order Logic (TPHOLs’00), LNCS, vol. 1869, pp. 145–161. Springer (2000)
Gamboa, R., Kaufmann, M.: Nonstandard analysis in ACL2. J. Autom. Reason. 27(4), 323–351 (2001)
Geuvers, H., Niqui, M.: Constructive reals in Coq: axioms and categoricity. In: Callaghan, P., Luo, Z., McKinna, J., Pollack, R. (eds.) 1st International Workshop on Types for Proofs and Programs (TYPES 2000), LNCS, vol. 2277, pp. 79–95. Springer, Durham (2002)
Harrison, J.: Theorem Proving with the Real Numbers. Springer (1998)
Harrison, J.: A HOL theory of Euclidean space. In: Hurd, J., Melham, T.F. (eds.) 18th International Conference on Theorem Proving and Higher-Order Logic (TPHOLs’05), LNCS, vol. 3603, pp. 114–129. Springer (2005)
John, F.: Partial Differential Equations. Springer (1986)
Krebbers, R., Spitters, B.: Type classes for efficient exact real arithmetic in Coq. arXiv:1106.3448v1 (2011). URL http://arXiv.org/abs/1106.3448
le Rond D’Alembert, J.: Recherches sur la courbe que forme une corde tendue mise en vibrations. In: Histoire de l’Académie Royale des Sciences et Belles Lettres (Année 1747), vol. 3, pp. 214–249. Haude et Spener, Berlin (1749)
Lee, G., Werner, B.: Proof-irrelevant model of CC with predicative induction and judgmental equality. Logical Methods in Computer Science 7(4) (2011)
Lelay, C., Melquiond, G.: Différentiabilité et intégrabilité en Coq. Application à la formule de d’Alembert. In: 23èmes Journées Francophones des Langages Applicatifs, pp. 119–133. Carnac, France (2012)
Letouzey, P.: A new extraction for Coq. In: Geuvers, H., Wiedijk, F. (eds.) 2nd International Workshop on Types for Proofs and Programs (TYPES 2002), LNCS, vol. 2646. Springer, Berg en Dal (2003)
Marché, C.: Jessie: an intermediate language for Java and C verification. In: Programming Languages meets Program Verification (PLPV), pp. 1–2. ACM, Freiburg (2007)
Mayero, M.: Formalisation et automatisation de preuves en analyses réelle et numérique. Ph.D. thesis, Université Paris VI (2001)
Mayero, M.: Using theorem proving for numerical analysis (correctness proof of an automatic differentiation algorithm). In: Carreño, V., Muñoz, C., Tahar, S. (eds.) 15th International Conference on Theorem Proving and Higher-Order Logic, LNCS, vol. 2410, pp. 246–262. Springer, Hampton (2002)
Microprocessor Standards Committee: IEEE Standard for Floating-Point Arithmetic. IEEE Std. 754-2008, pp. 1–58 (2008). doi:10.1109/IEEESTD.2008.4610935
Newton, I.: Axiomata, sive Leges Motus. In: Philosophiae Naturalis Principia Mathematica, vol. 1. London (1687)
O’Connor, R.: Certified exact transcendental real number computation in Coq. In: 21st International Conference on Theorem Proving in Higher Order Logics (TPHOLs’08), LNCS, vol. 5170, pp. 246–261. Springer (2008)
O’Connor, R., Spitters, B.: A computer-verified monadic functional implementation of the integral. Theor. Comp. Sci. 411(37), 3386–3402 (2010)
Rosinger, E.E.: Propagation of round-off errors and the role of stability in numerical methods for linear and nonlinear PDEs. Appl. Math. Model. 9(5), 331–336 (1985)
Rosinger, E.E.: L-convergence paradox in numerical methods for PDEs. Appl. Math. Model. 15(3), 158–163 (1991)
Roy, C.J., Oberkampf, W.L.: A comprehensive framework for verification, validation, and uncertainty quantification in scientific computing. Comput. Methods Appl. Mech. Eng. 200(25–28), 2131–2144 (2011)
Rudnicki, P.: An overview of the MIZAR project. In: Types for Proofs and Programs, pp. 311–332 (1992)
Szyszka, B.: An interval method for solving the one-dimensional wave equation. In: 7th EUROMECH Solid Mechanics Conference (ESMC2009). Lisbon, Portugal (2009)
The Coq reference manual. URL http://coq.inria.fr/refman/
The Frama-C platform for static analysis of C programs (2008). URL http://www.frama-c.cea.fr/
Thomas, J.W.: Numerical partial differential equations: finite difference methods. In: Texts in Applied Mathematics, no. 22. Springer (1995)
Zach, R.: Hilbert’s “Verunglueckter Beweis,” the first epsilon theorem, and consistency proofs. URL http://front.math.ucdavis.edu/math.LO/0204255
Zwillinger, D.: Handbook of Differential Equations. Academic Press (1998)
Author information
Authors and Affiliations
Corresponding author
Additional information
This research was supported by the ANR projects CerPAN (ANR-05-BLAN-0281-04) and Fost (ANR-08-BLAN-0246-01).
Rights and permissions
About this article
Cite this article
Boldo, S., Clément, F., Filliâtre, JC. et al. Wave Equation Numerical Resolution: A Comprehensive Mechanized Proof of a C Program. J Autom Reasoning 50, 423–456 (2013). https://doi.org/10.1007/s10817-012-9255-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10817-012-9255-4