KEYMAERA X

KeYmaera X is built up from a small trusted core. The core contains a finite list of locally sound dL axioms that are instantiated using a uniform substitution proof rule. Isolating all soundness-critical reasoning in this axiomatic core obviates the otherwise intractable task of ensuring that proof search algorithms are implemented correctly. This enables advanced proof search features---such as aggressive, speculative proof search and user-defined tactics built using a flexible tactic language---without correctness concerns that could undermine the usefulness of automated analysis. KeYmaera X demonstrates that tactics on top of the axiomatic core provide a rich language for implementing novel and highly sophisticated automatic proof procedures... KeYmaera X is an aXiomatic Tactical Theorem Prover for Hybrid Systems with a minimal prover microkernel and a flexible tactics language for automatic proof search.