Dependent type theories [ML72] have a long history of being used for theorem proving. One
aspect of type theory which makes it very powerful as a proof language is that it mixes …

FUNCTIONAL PEARL Data types `a la carte Page 1 JFP 18 (4): 423–436, 2008. c 2008
Cambridge University Press doi:10.1017/S0956796808006758 First published online 18 March …

We describe an axiomatic extension to the Coq proof assistant, that supports writing,
reasoning about, and extracting higher-order, dependently-typed programs with side-effects …

One of the appeals of pure functional programming is that it is so amenable to equational
reasoning. One of the problems of pure functional programming is that it rules out …

We present a new approach for constructing and verifying higher-order, imperative
programs using the Coq proof assistant. We build on the past work on the Ynot system …

We describe a new programming idiom for concurrency, based on Applicative Functors,
where concurrency is implicit in the Applicative<*> operator. The result is that concurrent …

One can write dependently typed functional programs in Coq, and prove them correct in
Coq; one can write low-level programs in C, and prove them correct with a C verification tool …

Reasoning about programs that use effects can be much harder than reasoning about their
pure counterparts. This paper presents a predicate transformer semantics for a variety of …

To enforce non-interference, both Secure Multi-Execution (SME) and Multiple Facets (MF)
rely on the introduction of multi-executions. The attractiveness of these techniques is that …

We introduce SCIO*, a formally secure compilation framework for statically verified programs
performing input-output (IO). The source language is an F* subset in which a verified …