In this class, we will consider how to use mathematics to specify and analyze models of programs; computer hardware and software; and physical processes such as phylogentics; algorithms; and rapid, single-flux, quantum circuits. This class will require careful thought as we will be pushing the boundaries of what the academic community considers to be an adequate specification and sufficient confirmation evidence that a program (or process) meets its specification. Typically, some form of testing is the only mechanism that is used to see if a program meets its specification; our focus will be proof-based methods.
We will use proof-based, confirmation techniques to determine the correctness of models of code, circuits, and analog/digital systems. At first, we will perform hand proofs; that is, we will use some informal notation to compare a specification to an implementation.. We will also convert the behavior of some programs into a form that will allow a mechanical comparison of the behavior of some process and its specification.
This class will be taught in an "inverted" style. That is, we will concentrate class time on examples, working through specifications, proofs, describing challenges, and exploring problems being faced by students. Thus, it is important that you bring your laptop to class. There will be lectures to introduce various topics, but primarily, we will use class time for problem solving, demonstrating how to use various tools, and exchanging information.
Exam(s) and quizzes are open-book, open-notes affairs -- however, no electronic devices (laptops, cell phones, tablets, PDAs, calculators) of any kind are allowed during exam and quiz events. As such, you may wish to have a physical copy of any materials that you believe will be helpful during quizzes and exams. Remember, cell phones are not allowed during exams or quizzes; during quizzes and exams the remaining time will be periodically announced.
Note: this course requires students write specifications and proof statements in a subset of Lisp.
Students will be expected to propose a class project using the specification and proof methods that this class entails. The content of a student project is pretty flexible -- so long as it has to do with specification and validation. For instance, I am interested in the development of an ISA model of IBM's Harvest computer (circa the 1950s), which was a extension of IBM's Stretch computer. A possible specification project might involve some microprocessor, such as RISC-V. Another project I'm looking for help with concerns booting FreeBSD on our evolving ACL2-based x86 ISA emulator; as of 2024, we are able to boot Linux. I work on rapid, single-flux, quantum computing where there are many questions that formal modeling and proof could help answer. I would like to see all UT undergraduate algorithms and data structures encoded in ACL2, and all proofs checked by ACL2. I would like a parser that accepts valid HTML. I would like to have a formal specification of the ZFS file system. I want a formal specification for all of the FreeBSD/Linux/MacOS system calls. I would like to see an ACL2-based specification for all basic Linux, user-level commands (e.g., od, tr, tar, ...). And so on. Other independent study projects are possible; please discuss your ideas with the instructor and/or TA.
The value you get from this class will be directly related to the effort you (as a student) put forward. This class will require that you work on your own, and this class may be less structured than other classes you have taken. You should bring your laptop computer to class. Note, if you do not have a laptop, it is possible to checkout a Linux-based laptop from the UTCS Department; check with the instructor if you wish to borrow such a laptop.
Students will be encouraged to give short (five- to ten-minutes) presentations in class on particular topics. When done well, these presentations can serve in place of a missed quiz or homework. In fact, any student may be called upon to give a two- or three-minute presentation on something being discussed in class or about their solution to a homework problem. Please come to class prepared to work; we will sometimes stop for a few minutes to make sure that everyone that has a chance to consolidate their thinking and to help students overcome problems with their understanding or with questions about the in-class presentations.
Our office hours are listed on the main class web-page. In addition, if you need help, you may certainly seek out and visit with the class TA and/or the instructor(s). You may arrange to meet us at other times than those listed, but you will need to send E-mail to arrange a time. If we become too busy during the scheduled office hours, we will expand our office hours to meet the needs of the students. If you cannot come to the scheduled office hours due to conflicts with other classes, let us know quickly so we can make arrangements to meet the needs of the entire class.
The following gives an outline of what we will discuss. We are open to discussing other related topics of general interest, and we will include some of our own experiences. The syllabus below is approximate; the exact rate at which we will cover some material will vary.
Schedule Below is Approximate, Lectures Dates May Change Slightly
*** NOTE: The Exam date is tentative until January 17, 2025 ***
*** NOTE: Quizzes are randomly given ***
Week Class Date Short Description
0 00 Jan 14 Course Content Introduction
Course Procedures and UT-required disclosures
0 01 Jan 16 Introduction to the ACL2 Logic, Data Types, Terms
1 02 Jan 21 Function Definitions, Axioms
1 03 Jan 23 Substitution and Abbreviations for Terms
Terms as Formulas
2 04 Jan 28 Basic ACL2 Definitions
Structural Recursion
2 05 Jan 30 Sorting Example and Challenge
Introduction to the ACL2 Proof Builder
3 06 Feb 4 Definition Problems
Structural Induction
3 07 Feb 6 List-based set operations
The General Induction Principle
Using the ACL2 Proof Builder
4 08 Feb 11 Lemmas about NTH and UPDATE-NTH, ISORT
Memory-based ISORT functions and proof
4 09 Feb 13 More ACL2 Proof Builder discussion
Algorithm specification and analysis
5 10 Feb 18 Tree-based set operations
5 11 Feb 20 Automating ACL2 Proofs, Class Projects
6 12 Feb 25 Relations between Recursion and Induction
ACL2 Arithmetic
6 13 Feb 27 Specifying and Embedding BDDs in the ACL2 Logic
Proving Correctness of a BDD package
7 14 Mar 4 Student Project-Proposal Presentations
7 15 Mar 6 Student Project-Proposal Presentations
8 16 Mar 11 Symbolic simulation of finite models
8 17 Mar 13 Automated verification of finite models
9 Mar 18 Spring Break
9 Mar 20 Spring Break
10 18 Mar 4 Tree-based set operations
Using the ACL2 theorem prover
10 19 Mar 6 Class Projects and Catch-up
11 20 Apr 1 Review, Problem solving -- bring your problems
* 11 21 Apr 3 Exam -- open notes, but no electronic devices
12 22 Apr 8 Problem solving -- bring your problems
12 23 Apr 10 y86 Presentation -- more problem solving
13 24 Apr 15 Student Presentations
13 25 Apr 17 Student Presentations
14 26 Apr 22 Student Presentations
14 27 Apr 24 Student Presentations
There will be six or so homework assignments given (primarily) during the first half of the semester. Homework will be assigned on Tuesdays and due nine days later (on Thursdays) by the start of class. No homework will be assigned during the last five weeks of class. The lowest homework grade will be dropped in the computation of the final homework grade. Homework will not be accepted late.
There will be one, in-class (70- to 80-minute) examination. The material on exam will be cumulative. See the above schedule (marked with a * above) for the date(s). There will no final exam. There will be a number of (five to eight) unannounced "pop quizzes". The lowest quiz grade will be dropped in the calculation of your class quizzes score. The examination must be taken at the scheduled time. Quizzes are offered at random times; each quiz will take 5 to 15 minutes.
The main result of this class will be student projects.
The weighting of the grades for the various aspects of the course are:
Component Percentage of Course Grade
Exam: 20%
Quizzes: 20%
Homework: 20%
Project: 40%
The grading for the entire course will be as follows:
Course Score Grade
[90 -- 100] A
[87 -- 90) A-
[85 -- 87) B+
[80 -- 85) B
[77 -- 80) B-
[75 -- 77) C+
[70 -- 75) C
[67 -- 70) C-
[65 -- 67) D+
[60 -- 65) D
[ 0 -- 60) F
Note the interval marks around the course-score column. For example,
a course grade of B will be assigned if your semester grade is greater
than or equal to 80 and less than 85. This also means that a course
grade of at least 67 needs to be achieved for this course to count
toward a UTCS degree.
This class is a fair amount of work, and it is important to keep current. The material in this class is cumulative; it can be hard to catch up if one falls behind. It is very important to keep doing and turning in your homework. Homework grades are our most reliable indicator of how well a student will do in this class. Note, it is important to show up for class, as pop quizzes will be given, and material not reproduced in any particular book or web page may be discussed.
Return to CS389r course homepage.