├── .gitignore ├── Agda ├── Live8.lagda └── Prob │ └── SP.lagda ├── README.org ├── extra ├── Climate science and verified programming.pdf ├── Dimitri P. Bertsekas. Dynamic Programming and Optimal Control I (3rd ed. 2005).pdf ├── Hardin, Garret; The Tragedy of the Commons.pdf ├── Ikefuji et al. DICE simplified (2019).pdf ├── Joseph Y. Halpern. Actual Causality (2016).pdf ├── Marina Martínez Montero et al. SURFER v1.0: A flexible and simple model linking emissions to sea level rise.pdf ├── Mark Granovetter. Threshold models of collective behavior (1978).pdf ├── Matthew Braham, Martin van Hees. Voids or Fragmentation: Moral Responsibility For Collective Outcomes.pdf ├── Mort Webster. Incorporating path dependency into decision-analytic methods: an application to global climate-change policy.pdf ├── Nuria Brede, Nicola Botta. On the Correctness of Monadic Backward Induction (2021-09-01, final).pdf ├── README.org ├── Richard Bellman. Dynamic Programming and Stochastic Control Processes (1958).pdf ├── Richard Bellman. The theory of dynamic programming (1954).pdf ├── SEP, Don Ross. Game Theory.pdf ├── SEP, Matthew Talbert. Moral Responsibility (2014 edition).pdf └── TheThreeBridgesProblem.pdf └── ref ├── 2010_Vulnerability_Modelling.pdf ├── 2011_TestingVsProving.pdf ├── 2012_DepTy_SciComp_978-3-642-41582-1_9.pdf ├── 2014_Jansson-Patrik-Computational-Theory-of-GSS.pdf ├── 2017a_SeqDecProb1.pdf ├── 2017b_contributions-to-a-computational-theory-of-policy-advice-and-avoidability.pdf ├── 2018_esd-9-525-2018.pdf ├── 2023_MatterMost_s10666-022-09867-w.pdf ├── FPClimate_seminar_1.pdf ├── FPClimate_seminar_2.org ├── FPClimate_seminar_2.pdf ├── FPClimate_seminar_4 ├── FPClimate_seminar_4-1.pdf ├── FPClimate_seminar_4-2.pdf └── Monadic_part1.lagda ├── FPClimate_seminar_5 └── FPClimate_seminar_5-1.pdf ├── FPClimate_seminar_6 └── FPClimate_seminar_6.pdf ├── FPClimate_seminar_7 └── FPClimate_seminar_4-7.pdf ├── README.org ├── seminar_2_exercises.pdf └── test-vs-proof ├── Cezar ├── Bool.agda ├── Float.agda ├── Int.agda └── Logic.agda ├── README.org ├── Types10.agda └── Types10.hs /.gitignore: -------------------------------------------------------------------------------- 1 | *~ 2 | *.agdai 3 | -------------------------------------------------------------------------------- /Agda/Live8.lagda: -------------------------------------------------------------------------------- 1 | Just some live-coding examples from seminar 8. 2 | /Patrik Jansson 3 | \begin{code} 4 | module Live8 where 5 | open import Data.List using (List; []; _∷_; map; _++_) 6 | open import Data.Fin 7 | open import Data.Bool using (Bool; false; true; _∧_; _∨_; _xor_) 8 | open import Data.Nat using (zero; suc) renaming (ℕ to Nat) 9 | open import Data.Product 10 | open import Prob.SP 11 | \end{code} 12 | 13 | \begin{code} 14 | module BudgetExample (InnerX : Nat -> Set) (M : Set -> Set) where 15 | X : Nat -> Set 16 | X t = Nat × InnerX t -- your available budget, paired with another state component 17 | Y : (t : Nat) -> X t -> Set 18 | Y t (b , xi) = Fin (suc b) -- how much of your budget do you want to invest now 19 | -- then next will have to "subtract" the "action" from the budget 20 | next : (t : Nat) -> (x : X t) -> Y t x -> M (X (suc t)) 21 | next t (b , xi) y = {!!} 22 | 23 | \end{code} 24 | \begin{code} 25 | data InitialState : Set where 26 | initPos : InitialState 27 | 28 | X : Nat -> Set 29 | X zero = InitialState 30 | X (suc t) = Fin (suc (suc t)) 31 | -- Fin n ~= {0,1,2,...,n-1} 32 | ex0 : X 0 33 | ex0 = initPos 34 | ex1 : X 1 -- Fin 2 35 | ex1 = suc zero 36 | 37 | Y : (t : Nat) -> X t -> Set 38 | Y t x = Bool 39 | 40 | -- toFin : (t : Nat) -> Fin (suc t 41 | -- toFin = ? 42 | -- M = Id 43 | M : Set -> Set 44 | M A = A 45 | 46 | next2 : (t : Nat) -> (x : X t) -> (y : Y t x) -> M (X (suc t)) 47 | next2 t x y = zero 48 | 49 | stay : ∀ {n} -> Fin n -> Fin (suc n) 50 | stay zero = Fin.zero 51 | stay (suc {n} x) = Fin.suc {Nat.suc n} (stay x) 52 | 53 | next3 : (t : Nat) -> (x : X t) -> (y : Y t x) -> M (X (suc t)) 54 | next3 zero initPos false = zero 55 | next3 zero initPos true = suc zero 56 | next3 (suc t) x false = stay x 57 | next3 (suc t) x true = suc x 58 | 59 | ex3 = next3 0 initPos true -- = 1 60 | ex4 = next3 1 ex3 true -- = 2 61 | ex4' = next3 1 ex3 false -- = 1 62 | 63 | postulate Val : Set 64 | 65 | reward : (t : Nat) -> (x : X t) -> (y : Y t x) -> (nx : X (suc t)) -> Val 66 | reward = {!!} 67 | 68 | \end{code} 69 | 70 | -- false means "stay" and true means "+1" 71 | 72 | 73 | x : Fin (suc (suc t)) -- x : {0,1,2,...,t+1} 74 | 75 | Goal: Fin (suc (suc (suc t))) -- y : {0,1,2,...,t+2} 76 | -------------------------------------------------------------------------------- /Agda/Prob/SP.lagda: -------------------------------------------------------------------------------- 1 | \begin{code} 2 | {-# OPTIONS --without-K #-} 3 | 4 | module Prob.SP where 5 | 6 | open import Data.List using (List; []; _∷_; map; _++_) 7 | open import Data.Float using (Float; _+_; _÷_; _<ᵇ_) 8 | open import Data.Bool using (Bool; false; true; _∧_; _∨_; _xor_) 9 | open import Data.Product using (Σ; _×_; _,_) renaming (proj₁ to π₁ ; proj₂ to π₂) 10 | open import Relation.Binary.PropositionalEquality using (_≡_; refl; sym; trans; cong) 11 | open import Relation.Unary using (Pred; Decidable) 12 | open import Data.Nat using (ℕ; zero; suc) 13 | open import Data.Vec using (Vec) renaming ([] to []v; _∷_ to _∷v_) 14 | 15 | -- to be moved out 16 | 17 | if_then_else_ : {A : Set} → Bool → A → A → A 18 | if true then x else y = x 19 | if false then x else y = y 20 | 21 | filterByB : {A : Set} -> (A -> Bool) -> List A -> List A 22 | filterByB p [] = [] 23 | filterByB p (a ∷ as) with (p a) 24 | ... | false = filterByB p as 25 | ... | true = a ∷ filterByB p as 26 | 27 | 28 | -- Finite probability distributions (simple minded) 29 | 30 | SP : Set -> Set 31 | SP Ω = List (Ω × Float) 32 | 33 | -- The idea is that if all the weights of |sp : SP Ω| are non-negative 34 | -- and if their sum is positive |sp| represents a finite probability 35 | -- distribution on |Ω|. 36 | 37 | -- TODO implement a data type |VeriSP : Set -> Set| that fulfils these 38 | -- requirements by construction. Here is one possible step on the way: 39 | 40 | data VeriSP (Ω : Set) : Set where 41 | η : Ω -> VeriSP Ω 42 | _::_ : Σ (Ω × Float) (\ (ω , w) -> (0.0 <ᵇ w) ≡ true) -> VeriSP Ω -> VeriSP Ω 43 | 44 | -- and then translate to 45 | 46 | veriSPtoSP : ∀ {Ω} -> VeriSP Ω -> SP Ω 47 | veriSPtoSP (η ω) = (ω , 1.0) ∷ [] 48 | veriSPtoSP ((ωw , prf) :: vsp) = ωw ∷ (veriSPtoSP vsp) 49 | 50 | -- and apply the stuff that we are going to implement next, see below. 51 | 52 | 53 | -- Events (just an alias for characteristic functions) 54 | 55 | Event : Set -> Set 56 | Event Ω = Ω -> Bool 57 | 58 | _∈_ : ∀ {Ω} -> Ω -> Event Ω -> Bool 59 | ω ∈ e = e ω 60 | 61 | ∅ : ∀ {Ω} -> Event Ω 62 | ∅ = \ ω -> false 63 | 64 | ◯ : ∀ {Ω} -> Event Ω 65 | ◯ = \ ω -> true 66 | 67 | 68 | -- probability of an event according to a finite probability distribution 69 | 70 | sumws : ∀ {Ω} -> SP Ω -> Float 71 | sumws [] = 0.0 72 | sumws ((ω , w) ∷ ωws) = w + sumws ωws 73 | 74 | prob : ∀ {Ω} -> SP Ω -> Event Ω -> Float 75 | prob sp e = sumws (filterByB (\ (ω , w) -> ω ∈ e) sp) ÷ (sumws sp) 76 | 77 | -- For |prob sp e| to be the probability of |e| according to |sp|, all 78 | -- the weights of |sp| must be non-negative and their sum must be 79 | -- positive. 80 | 81 | -- TODO: test that under these assumption |prob| satisfies the 82 | -- probability laws, that is, fulfill 83 | -- 84 | -- 1) prob sp ∅ = 0 85 | -- 2) prob sp ◯ = 1 86 | -- 3) e1 ∩ e2 = ∅ => prob sp (e1 ∪ e2) = prob sp e1 + prob sp e2 87 | -- 88 | -- for arbitrary |sp|, |e1| and |e2|. 89 | 90 | -- Dice examples 91 | 92 | data Dice : Set where one two three four five six : Dice 93 | 94 | eq : Dice -> Dice -> Bool 95 | eq one one = true 96 | eq two two = true 97 | eq three three = true 98 | eq four four = true 99 | eq five five = true 100 | eq six six = true 101 | eq _ _ = false 102 | 103 | 104 | fairDice : SP Dice 105 | fairDice = (one , 1.0) ∷ (two , 1.0) ∷ (three , 1.0) ∷ (four , 1.0) ∷ (five , 1.0) ∷ (six , 1.0) ∷ [] 106 | 107 | biasedDice : SP Dice 108 | biasedDice = (one , 3.0) ∷ (two , 2.0) ∷ (three , 1.0) ∷ (four , 0.0) ∷ (five , 1.0) ∷ (six , 2.0) ∷ [] 109 | 110 | 111 | -- ... implement a few generic combinators for events 112 | 113 | _and_ : ∀ {Ω} -> Event Ω -> Event Ω -> Event Ω 114 | e1 and e2 = \ ω -> (ω ∈ e1) ∧ (ω ∈ e2) 115 | 116 | _or_ : ∀ {Ω} -> Event Ω -> Event Ω -> Event Ω 117 | e1 or e2 = \ ω -> (ω ∈ e1) ∨ (ω ∈ e2) 118 | 119 | -- TODO run some simple tests like 120 | -- 121 | -- prob fairDice ∅ 122 | -- prob fairDice (eq six) 123 | -- prob fairDice ((eq six) or (eq three)) 124 | 125 | 126 | -- monad SP 127 | 128 | fmapSP : {A B : Set} -> (A -> B) -> SP A -> SP B 129 | fmapSP f [] = [] 130 | fmapSP f ((ω , w) ∷ ωws) = (f ω , w) ∷ (fmapSP f ωws) 131 | 132 | ηSP : ∀ {Ω} -> Ω -> SP Ω 133 | ηSP ω = (ω , 1.0) ∷ [] 134 | 135 | -- TODO: implement a combinator embedding a list as a distribution 136 | -- (all of the same weight). 137 | 138 | 139 | -- TODO: specify and implemet |μSP| and point to 140 | -- https://en.wikipedia.org/wiki/Law_of_total_probability 141 | 142 | divBy : ∀ {Ω} -> Float -> SP Ω -> SP Ω 143 | divBy x = map (\ (ω , w) -> (ω , w ÷ x)) 144 | 145 | normalize : ∀ {Ω} -> SP Ω -> SP Ω 146 | normalize sp = divBy (sumws sp) sp 147 | 148 | μSP : ∀ {Ω} -> SP (SP Ω) -> SP Ω 149 | μSP [] = [] 150 | μSP ((sp , w) ∷ sps) = 151 | let sw = sumws sp 152 | p = w ÷ sw 153 | in divBy p sp ++ μSP sps 154 | 155 | _>>=SP_ : ∀ {Ω₁ Ω₂} -> SP Ω₁ -> (Ω₁ -> SP Ω₂) -> SP Ω₂ 156 | sp >>=SP cp = μSP (fmapSP cp sp) 157 | 158 | _>=>SP_ : ∀ {Ω₁ Ω₂ Ω₃ : Set} -> (Ω₁ -> SP Ω₂) -> (Ω₂ -> SP Ω₃) -> (Ω₁ -> SP Ω₃) 159 | f >=>SP cp = \ ω -> μSP (fmapSP cp (f ω)) 160 | 161 | 162 | -- With the monadic operators in place, we can start solving interesting 163 | -- problems. 164 | 165 | -- TODO: compute the trajectories of the uncontrolled random walk 166 | -- example from L5 ... 167 | 168 | rw : ℕ -> SP ℕ 169 | rw zero = (0 , 0.5) ∷ (1 , 0.5) ∷ [] 170 | rw (suc n) = (n , 1.0 ÷ 3.0) ∷ (suc n , 1.0 ÷ 3.0) ∷ (suc (suc n) , 1.0 ÷ 3.0) ∷ [] 171 | 172 | trjSP : {Ω : Set} -> (Ω -> SP Ω) -> (n : ℕ) -> Ω -> SP (Vec Ω (suc n)) 173 | trjSP f zero ω = fmapSP (ω ∷v_) (ηSP []v) 174 | trjSP f ( suc n) ω = fmapSP (ω ∷v_) (f ω >>=SP (trjSP f n)) 175 | 176 | -- normalize (trjSP rw 0 10) 177 | -- normalize (trjSP rw 1 10) 178 | -- normalize (trjSP rw 2 10) 179 | -- normalize (trjSP rw 3 10) 180 | -- ... 181 | 182 | -- TODO If you roll a fair dice and then, if the outcome is |one| or 183 | -- |five| stick to this outcome. Otherwise roll the biased dice. What 184 | -- is the probability of the outcome to be greater than |four|? 185 | 186 | r1 : SP Dice 187 | r1 = fairDice 188 | 189 | r2 : SP Dice 190 | r2 = biasedDice 191 | 192 | example : Dice -> SP Dice 193 | example one = ηSP one 194 | example two = r2 195 | example three = r2 196 | example four = r2 197 | example five = ηSP five 198 | example six = r2 199 | 200 | -- prob (r1 >>=SP example) ((eq five) or (eq six)) 201 | 202 | -- TODO: Implement the Monty Hall problem ... 203 | 204 | data Game : Set where 205 | Win : Game 206 | Lose : Game 207 | 208 | first : SP Game 209 | first = (Win , 1.0 ÷ 3.0) ∷ (Lose , 1.0 ÷ 3.0) ∷ (Lose , 1.0 ÷ 3.0) ∷ [] 210 | 211 | stick : Game -> SP Game 212 | stick Win = (Win , 1.0) ∷ [] 213 | stick Lose = (Lose , 1.0) ∷ [] 214 | 215 | switch : Game -> SP Game 216 | switch Win = (Lose , 1.0) ∷ [] 217 | switch Lose = (Win , 1.0) ∷ [] 218 | 219 | -- normalize (first >>=SP stick) 220 | -- normalize (first >>=SP switch) 221 | 222 | -- TODO: implement a simple SDP you like or one of the SDPs from the 223 | -- last two papers ... 224 | \end{code} 225 | -------------------------------------------------------------------------------- /README.org: -------------------------------------------------------------------------------- 1 | * FPClimate 2 | PhD course on "Functional Programming and Climate Impact Research", spring term 2024, study period 4. 3 | 4 | *Abstract*: This is a course aimed at PhD students or MSc students 5 | interested in the application of functional programming, 6 | domain-specific languages, and dependent types to climate impact 7 | research. 8 | 9 | *Note*. This course is run as a seminar / reading course. 10 | Therefore, you must have the motivation and capacity to digest material with limited teacher presence. 11 | 12 | ** Lecture / seminar / reading plan 13 | The course is based on material from the following research papers: 14 | + Week 15: read 2010: [[file:ref/2010_Vulnerability_Modelling.pdf][Vulnerability modelling with functional programming and dependent types]] 15 | + Week 16: read 2011: [[file:ref/2011_TestingVsProving.pdf][Testing versus proving in climate impact research]] 16 | + Week 17: read 2012: [[file:ref/2012_DepTy_SciComp_978-3-642-41582-1_9.pdf][Dependently-Typed Programming in Scientific Computing - Examples from Economic Modelling]] 17 | + Week 18: read 2014: [[file:ref/2014_Jansson-Patrik-Computational-Theory-of-GSS.pdf][Towards a Computational Theory of GSS: a Case for Domain-Specific Languages]] 18 | + Week 19: read 2017: [[file:ref/2017a_SeqDecProb1.pdf][Sequential decision problems, dependent types and generic solutions]] 19 | + Week 20: read 2017: [[file:ref/2017b_contributions-to-a-computational-theory-of-policy-advice-and-avoidability.pdf][Contributions to a computational theory of policy advice and avoidability]] 20 | + Week 21: read 2018: [[file:ref/2018_esd-9-525-2018.pdf][The impact of uncertainty on optimal emission policies]] 21 | + Week 22: read 2023: [[file:ref/2023_MatterMost_s10666-022-09867-w.pdf][Responsibility Under Uncertainty: Which Climate Decisions Matter Most?]] 22 | 23 | Good background reading is provided by 24 | the 2023 book "[[https://www.cambridge.org/core/books/computing-the-climate/64DAAC995DC84241F8D8605B3779C68A][Computing the Climate]]" by Steve M. Easterbrook and 25 | the 2022 book "[[https://www.adlibris.com/se/bok/domain-specific-languages-of-mathematics-9781848903883][Domain-Specific Languages of Mathematics]]" by Jansson, Ionescu, Bernardy. 26 | 27 | ** Examination 28 | 29 | The course is examined through 30 | 31 | + a sequence of graded hand-ins (solutions to exercises to be further specified during the course) 32 | + active participation in most of the weekly seminars 33 | 34 | The plan is to award 7.5 higher education credits ([[https://education.ec.europa.eu/education-levels/higher-education/inclusive-and-connected-higher-education/european-credit-transfer-and-accumulation-system][ECTS]]) upon 35 | successful completion of the course. 36 | 37 | ** Prerequisites 38 | + BSc degree in Computer Science and Engineering or equivalent. 39 | + Functional programming (ideally in Haskell, but other languages are also OK) 40 | + Formal methods (ideally using dependent types, but other methods are also OK) 41 | 42 | ** Learning outcomes (after completion of the course the student should be able to) 43 | + Use functional programming specification / implementation / formalisation as a way of understanding new domains 44 | + Understand a selection of topics in Climate Impact Research 45 | + Effectively use Haskell and Agda for formalisation 46 | 47 | *** Knowledge and understanding 48 | + Master the terminology, concepts and theories associated with the selected area; 49 | + Demonstrate deep knowledge and understanding in the area of the course, and insight into current research and development; 50 | + Demonstrate deep methodological knowledge in the area of the course; 51 | 52 | *** Skills and abilities 53 | + Demonstrate the ability to critically and systematically integrate knowledge and to analyse, assess, and deal with complex issues in the area of the course; 54 | 55 | *** Judgement and approach 56 | + Search for, and extract, necessary information from scientific publications in the selected area of the course, with the purpose of identifying strengths and weakness of solutions, approaches and methodologies. 57 | 58 | ** Scheduling 59 | + The course will start in March (2024-03-25) and end in May or June. 60 | + The schedule is available below: 61 | 62 | | Week | Date | Time | Event | Room | 63 | |------+----------------+-------------+-------------------------------------+-----------| 64 | | [[https://weeknumber.net/?q=13][13]] | Mon 2024-03-25 | 15.15-17.00 | FPClimate seminar 1 | EDIT 6128 | 65 | | [[https://weeknumber.net/?q=13][13]] | Tue 2024-03-26 | 14.15-15.15 | Talk by Anil Madhavapeddy | HB2 | 66 | | [[https://weeknumber.net/?q=14][14]] | (Patrik away) | | | | 67 | | [[https://weeknumber.net/?q=15][15]] | Mon 2024-04-08 | 15.15-17.00 | FPClimate seminar 2 (Cezar Ionescu) | EDIT 6128 | 68 | | [[https://weeknumber.net/?q=16][16]] | Mon 2024-04-15 | 15.15-17.00 | FPClimate seminar 3 | EDIT 6128 | 69 | | [[https://weeknumber.net/?q=17][17]] | Mon 2024-04-22 | 15.15-17.00 | FPClimate seminar 4 | EDIT 6128 | 70 | | [[https://weeknumber.net/?q=18][18]] | Mon 2024-04-29 | 15.15-17.00 | FPClimate seminar 5 (Nicola Botta) | EDIT 6128 | 71 | | [[https://weeknumber.net/?q=19][19]] | Mon 2024-05-06 | 15.15-17.00 | FPClimate seminar 6 | EDIT 6128 | 72 | | [[https://weeknumber.net/?q=20][20]] | Mon 2024-05-13 | 15.15-17.00 | FPClimate seminar 7 | EDIT 6128 | 73 | | [[https://weeknumber.net/?q=21][21]] | Mon 2024-05-20 | 15.15-17.00 | FPClimate seminar 8 (Nicola Botta) | EDIT 5128 | 74 | | [[https://weeknumber.net/?q=22][22]] | Mon 2024-05-27 | 15.15-17.00 | FPClimate seminar 9 | EDIT 6128 | 75 | 76 | + Time zone: CET (UTC+1) in week 13 (until 2024-03-30), then CEST (UTC+2) from week 14 onwards. 77 | + For local participants, the room is EDIT 6128 (at Chalmers campus 78 | Johanneberg) for most seminars. 79 | + For remote participants, the zoom link is almost https://chalmers.zoom.us/my/CUTpatrikja but without the upper case letters. 80 | 81 | * Week 13: 82 | ** FPClimate seminar 1 83 | + [[file:ref/FPClimate_seminar_1.pdf][Introduction slides (Patrik Jansson)]] including exercises 84 | + We did a round of introductions, followed by an introduction by 85 | Patrik to the course (prerequisites, contents, examination, learning 86 | outcomes, schedule, first few weeks). 87 | + Then Patrik presented some introductory material (see the slides) 88 | about equations, problems, solutions, specifications, 89 | domain-specific languages, etc. 90 | + In the course we use logic and functional programming notation 91 | (mostly Haskell and Agda) to specify, implement, and test concepts 92 | from Climate Impact Research. 93 | + Brief introduction to some relevant domain-specific notions: 94 | prisoner's dilemma, strategy profile, Nash equilibrium, policies, 95 | optimality, agent-based models, green growth, equational reasoning. 96 | + Homework for next seminar: 97 | + solve the exercises and 98 | + actively read [[file:ref/2010_Vulnerability_Modelling.pdf][Vulnerability modelling with functional programming and dependent types]] in preparation for the seminar by Cezar Ionescu. 99 | + Next up is an invited talk: 100 | ** Talk by [[https://4c.cst.cam.ac.uk/staff/professor-anil-madhavapeddy][Prof. Anil Madhavapeddy]] 101 | + [[https://intranet.chalmers.se/en/current/calendar/2024/03/26/functional-programming-for-the-planet---28373][Announced separately]] [will be in room HB2] 102 | + Title: (Functional) Programming for the Planet 103 | + Abstract: As simultaneous crises in emissions and biodiversity sweep the planet, computer systems that analyse the complex interplay of our globe’s health are ever more crucial to guiding policy decisions about how to get out of the mess we’re in. In this talk, we examine how functional programming can contribute to building systems that are more resilient, predictable and reproducible in the face of huge amounts of input data (such as from satellites and ground sensing) that demands precise access control (or else poachers and malicious actors go straight to the source) and requires interactive exploration from non-CS-experts at different levels of the software stack (to do climate science). We will also highlight how our ongoing cross-disciplinary research is having a real impact on conservation projects that are sorely underserved by current systems/PL infrastructure, and also how we went about forging these links. We hope to encourage some of you to form your own local collaborations with your colleagues working on the climate crisis! 104 | + For those who missed it, there is a closely related [[https://www.youtube.com/watch?v=RH1sKJMZI3g][recorded keynote from ICFP 2023]]. 105 | * Week 14: 106 | ** TODO solve W13 exercises ([[file:ref/FPClimate_seminar_1.pdf][FPClimate_seminar_1.pdf)]] and W15 preparation exercises ([[file:ref/seminar_2_exercises.pdf][ref/seminar_2_exercises.pdf]]) 107 | ** TODO read and prepare questions for "[[file:ref/2010_Vulnerability_Modelling.pdf][Vulnerability modelling ...]]" paper 108 | * Week 15: 109 | ** FPClimate seminar 2 110 | + Lecture ([[file:ref/FPClimate_seminar_2.pdf][slides]], [[file:ref/FPClimate_seminar_2.org][source]]) by [[https://www.th-deg.de/en/Cezar-Ionescu-Fakult%C3%A4t%20Angewandte%20Informatik-Professor:innen-1975][Prof. Cezar Ionescu]] about [[file:ref/2010_Vulnerability_Modelling.pdf][Vulnerability Modelling with Functional Programming and Dependent Types]] 111 | + (Prof. Ionescu very sadly passed away after severe illness in October 2024.) 112 | + Background: Algebra of Programming (the book, by Richard Bird and Ooge de Moor) 113 | - Category theory is an extensible language for precisely formulating mathematical theories (concepts, models, etc.). 114 | - One such extension is particularly well-suited for formulating /functional programs/. 115 | - Further extensions allow us to formulate /specifications/. 116 | - There are other frameworks with similar properties: higher-order logics (dependent types), Hoare logics, etc. 117 | - The categorical framework is good for /equational reasoning/. 118 | + Potsdam Institute for Climate *Impact* Research (PIK) 119 | + The work described in this lecture (and this course) started at PIK, around 2010. 120 | + Relation-based computations in a monadic BSP model [Botta, Ionescu, 2007] [[https://doi.org/10.1016/j.parco.2007.08.002][doi:10.1016/j.parco.2007.08.002]], [[https://publications.pik-potsdam.de/pubman/faces/ViewItemOverviewPage.jsp?itemId=item_14222][PIK page]] 121 | + Vulnerability modelling [the paper this seminar is about] 122 | + Motivated by a surge in "Vulnerability assessment" work in the climate change community. 123 | + Cezar's paper first submitted in 2010, published 2014, Journal version 2016! 124 | + [[doi:10.1017/S0960129514000139]["Vulnerability Modelling with Functional Programming and Dependent Types"]] [Ionescu, 2016] [[https://doi.org/10.1017/S0960129514000139][doi:10.1017/S0960129514000139]] 125 | + Definitions 126 | + There were _many_ attempts at defining "vulnerability" around 2000 [Thywissen 2006 lists 36!] 127 | + The Structure of Vulnerability (according to [Ionescu, 2016]) 128 | #+begin_src haskell 129 | possible :: Functor f => State -> f Evolution 130 | 131 | harm :: Preorder v => Evolution -> v 132 | 133 | measure :: Functor f, Preorder v, Preorder w => f v -> w 134 | 135 | vulnerability :: Preorder w => State -> w 136 | 137 | vulnerability = measure . fmap harm . possible 138 | #+end_src 139 | + The paper presents a few examples which fit this structure. 140 | + Vulnerability measures 141 | + should be monotonic 142 | + can be related by natural transformations between representations of possibility 143 | + should be "compatible" 144 | + Next stage: dependent types 145 | + (under the influence of Patrik Jansson) 146 | + moving the categorical machinery to the new framework 147 | + Conclusions 148 | + Main idea: formulate problems as programming correctness problems! 149 | + This can be useful in contexts where simulation is used to replace experiments (climate science, social science, political theory, etc.). 150 | + Type theory can formulate both correctness conditions and the programs themselves. 151 | + Moreover, the correctness proofs are then mechanically checked. 152 | 153 | ** TODO Present and discuss solutions to exercises from the previous seminar 154 | ** TODO (after the seminar) solve W15 exercises 155 | * Week 16: 156 | ** FPClimate seminar 3: Discussion about the current paper: [[file:ref/2011_TestingVsProving.pdf][Testing versus proving in climate impact research]] 157 | + Exercises: (informally: "re-implement the paper") 158 | *** Q1 (About definition 1): Consider the case 159 | #+BEGIN_SRC pseudocode 160 | F = Vec 3 (a vector of length 3); 161 | V = Rational; and 162 | x1, x2 : F V 163 | x1 = [1, 1, 1]; 164 | x2 = [1, 2, 1]; 165 | #+END_SRC 166 | + Q1a: What does Def. 1 say about m x1 in relation to m x2? 167 | + Q1b: What do you think it should say? 168 | + Q1c: Can you suggest another Def 1' (which is stronger / stricter 169 | than Def. 1) and captures this case? 170 | *** Q2: Implement some of the Haskell code in section 3 to get a feeling for what can go wrong. 171 | + Q2a: Find counterexamples to sumList and to supList being 172 | vulnerability measures. 173 | + Q2b: Re-implement with Rational instead of Float. Are they correct 174 | now? 175 | *** Q3: Implement (part of) the code for section 4 176 | + (starting from the paper or from the subdirectory 177 | file:ref/test-vs-proof/). 178 | + Q3a: To get started with Agda, implement a self-contained version 179 | of the code up to FunctorList (with minimal imports). 180 | + Q3b: Make the definition of VulnMeas work (type check) for a 181 | recent version of Agda and its standard library. 182 | + Q3c: Implement foldMeas based on a suitable number of postulates 183 | for the properties you need. 184 | * Week 17: 185 | ** FPClimate seminar 4 186 | * Week 18: 187 | ** FPClimate seminar 5 188 | + Lecture by Nicola Botta 189 | * Week 19: 190 | ** FPClimate seminar 6 191 | + [[file:ref/FPClimate_seminar_6/FPClimate_seminar_6.pdf][Lecture slides (by Nicola Botta)]] 192 | * Week 20: 193 | ** FPClimate seminar 7 194 | * Week 21: 195 | ** FPClimate seminar 8 196 | ** TODO new exercises for S8 / paper 8 197 | + implement Backwards induction in different languages (one per person) 198 | + Prel. plan: 199 | Agda (Oskar), 200 | Haskell (Janek), 201 | Python (Adrian), 202 | Purescript (Nicolas), 203 | Rust (Tobias), 204 | Julia (Jayson) 205 | + and apply it to 2-3 simple examples [generation problem, random walk, your favourite!] 206 | + More concretely: 207 | + compute an optimal policy sequence (for, say, n=3 steps) 208 | + compute all trajectories (or a sample) 209 | + sort them by probability 210 | + show the first few examples 211 | + say something about the computational cost (complexity) 212 | + You don't need to prove correctness, or implement the dependent 213 | types, but you need to have a "generic" (polymorphic / parametric) 214 | solver so that a user can supply a sequential decision problem (X, 215 | Y, next, reward, ...) and get a solution (a sequence of optimal 216 | policies). 217 | + You can assume that the state and action types are finite, so that 218 | the solution space also is finite. 219 | + Make sure to provide some test cases and expected outputs. 220 | * Week 22: 221 | ** FPClimate seminar 9 222 | + Lecture by Nicola Botta 223 | * Week 24: 224 | ** FPClimate seminar 10 (wrap-up) 225 | + Thu 2024-06-13, 13:00-15:00, in room EDIT-5128 226 | * How to register 227 | 228 | + If you do not need formal credits, you can just contact Patrik Jansson. 229 | + If you want credits for your local MSc degree, contact the examiner for (DAT235/DIT577): [Ana Bove](https://www.cse.chalmers.se/~bove/) 230 | + If you want credits for your local PhD degree, obtain the approval of your supervisor and examiner, then contact Patrik Jansson. 231 | 232 | * Other resources 233 | + TODO add links to talks, etc. online 234 | -------------------------------------------------------------------------------- /extra/Climate science and verified programming.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Climate science and verified programming.pdf -------------------------------------------------------------------------------- /extra/Dimitri P. Bertsekas. Dynamic Programming and Optimal Control I (3rd ed. 2005).pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Dimitri P. Bertsekas. Dynamic Programming and Optimal Control I (3rd ed. 2005).pdf -------------------------------------------------------------------------------- /extra/Hardin, Garret; The Tragedy of the Commons.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Hardin, Garret; The Tragedy of the Commons.pdf -------------------------------------------------------------------------------- /extra/Ikefuji et al. DICE simplified (2019).pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Ikefuji et al. DICE simplified (2019).pdf -------------------------------------------------------------------------------- /extra/Joseph Y. Halpern. Actual Causality (2016).pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Joseph Y. Halpern. Actual Causality (2016).pdf -------------------------------------------------------------------------------- /extra/Marina Martínez Montero et al. SURFER v1.0: A flexible and simple model linking emissions to sea level rise.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Marina Martínez Montero et al. SURFER v1.0: A flexible and simple model linking emissions to sea level rise.pdf -------------------------------------------------------------------------------- /extra/Mark Granovetter. Threshold models of collective behavior (1978).pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Mark Granovetter. Threshold models of collective behavior (1978).pdf -------------------------------------------------------------------------------- /extra/Matthew Braham, Martin van Hees. Voids or Fragmentation: Moral Responsibility For Collective Outcomes.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Matthew Braham, Martin van Hees. Voids or Fragmentation: Moral Responsibility For Collective Outcomes.pdf -------------------------------------------------------------------------------- /extra/Mort Webster. Incorporating path dependency into decision-analytic methods: an application to global climate-change policy.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Mort Webster. Incorporating path dependency into decision-analytic methods: an application to global climate-change policy.pdf -------------------------------------------------------------------------------- /extra/Nuria Brede, Nicola Botta. On the Correctness of Monadic Backward Induction (2021-09-01, final).pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Nuria Brede, Nicola Botta. On the Correctness of Monadic Backward Induction (2021-09-01, final).pdf -------------------------------------------------------------------------------- /extra/README.org: -------------------------------------------------------------------------------- 1 | * 2024-03-27: Nicola: Added 'extra' folder to the FPClimate repo 2 | Dear all, 3 | 4 | I have added an 'extra' folder to the FPClimate repo. It contains extra 5 | material that loosely relates to issues touched upon in the first 6 | meeting. 7 | 8 | This extra material is *not* part of the course and thus does *not* need 9 | to be looked at, let apart studied! But it might be of interest to some 10 | of us. 11 | 12 | As Patrik mentioned during the first seminar, the course offers a 13 | perspective on climate impact research from the viewpoint of computer 14 | science (CS) and functional programming (FP). 15 | 16 | We will do our best to motivate and explain how CS and FP contributes 17 | towards understanding and addressing important questions in climate 18 | policy making. 19 | 20 | But we will have little time to look at how these questions are 21 | addressed from the angle of other disciplines (say, game theory or 22 | social science) or at how they are dealt with in the application domain. 23 | 24 | The 'extra' folder provides pointers in these directions. Thus, for 25 | example, I have put into the folder Hardin's 1968 seminal paper "The 26 | tragedy of the commons". 27 | 28 | The paper was a cornerstone toward understanding the difficulty of 29 | collective action for achieving mutually beneficial outcomes. It 30 | reflects a viewpoint towards decision making that, in turn, motivates 31 | the Nash equilibrium exercises from the first meeting. 32 | 33 | The fact that rational decision makers *anticipate* each other's moves 34 | can lead to catastrophic outcomes (for example, a bank run when a 35 | *critical portion* of customers withdraw money from their accounts as 36 | they fear the bank might go out of business) and needs to be accounted 37 | for carefully in models of decision making. 38 | 39 | A crucial contribution towards understanding the role of *thresholds* in 40 | models of collective behavior was Mark Granovetter's 1978 paper, also in 41 | the 'extra' folder. 42 | 43 | A simple example for understanding how to deal with *anticipation* in 44 | decision making is the "three bridges problem". It is discussed in Don 45 | Ross' SEP article on game theory, also in that folder. 46 | 47 | I have also put there also a 'TheThreeBridgesProblem.pdf' file with an 48 | explicit computation of a (hopefully correct) "solution" of the problem. 49 | 50 | Again, this is not part of the course but if you happen to be a fan of 51 | the "three bridges problem" you might want to have a look at it. 52 | 53 | Have fun with the exercises from the first meeting and with reading and 54 | preparing questions for the 'Vulnerability modelling ...' paper. 55 | 56 | If you have questions or troubles with the exercises, please drop me a 57 | mail. 58 | 59 | Ciao, 60 | Nicola 61 | -------------------------------------------------------------------------------- /extra/Richard Bellman. Dynamic Programming and Stochastic Control Processes (1958).pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Richard Bellman. Dynamic Programming and Stochastic Control Processes (1958).pdf -------------------------------------------------------------------------------- /extra/Richard Bellman. The theory of dynamic programming (1954).pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/Richard Bellman. The theory of dynamic programming (1954).pdf -------------------------------------------------------------------------------- /extra/SEP, Don Ross. Game Theory.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/SEP, Don Ross. Game Theory.pdf -------------------------------------------------------------------------------- /extra/SEP, Matthew Talbert. Moral Responsibility (2014 edition).pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/SEP, Matthew Talbert. Moral Responsibility (2014 edition).pdf -------------------------------------------------------------------------------- /extra/TheThreeBridgesProblem.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/extra/TheThreeBridgesProblem.pdf -------------------------------------------------------------------------------- /ref/2010_Vulnerability_Modelling.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/2010_Vulnerability_Modelling.pdf -------------------------------------------------------------------------------- /ref/2011_TestingVsProving.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/2011_TestingVsProving.pdf -------------------------------------------------------------------------------- /ref/2012_DepTy_SciComp_978-3-642-41582-1_9.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/2012_DepTy_SciComp_978-3-642-41582-1_9.pdf -------------------------------------------------------------------------------- /ref/2014_Jansson-Patrik-Computational-Theory-of-GSS.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/2014_Jansson-Patrik-Computational-Theory-of-GSS.pdf -------------------------------------------------------------------------------- /ref/2017a_SeqDecProb1.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/2017a_SeqDecProb1.pdf -------------------------------------------------------------------------------- /ref/2017b_contributions-to-a-computational-theory-of-policy-advice-and-avoidability.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/2017b_contributions-to-a-computational-theory-of-policy-advice-and-avoidability.pdf -------------------------------------------------------------------------------- /ref/2018_esd-9-525-2018.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/2018_esd-9-525-2018.pdf -------------------------------------------------------------------------------- /ref/2023_MatterMost_s10666-022-09867-w.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/2023_MatterMost_s10666-022-09867-w.pdf -------------------------------------------------------------------------------- /ref/FPClimate_seminar_1.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/FPClimate_seminar_1.pdf -------------------------------------------------------------------------------- /ref/FPClimate_seminar_2.org: -------------------------------------------------------------------------------- 1 | #+title: Vulnerability Modelling with Functional Programming and Dependent Types 2 | #+subtitle: FPClimate, Chalmers 3 | #+date: 2024-04-08 4 | #+author: Cezar Ionescu 5 | #+email: cezar.ionescu@th-deg.de 6 | #+STARTUP: showeverything 7 | #+language: de 8 | #+OPTIONS: H:2 toc:t num:t 9 | #+LaTeX_CLASS: beamer 10 | #+LaTeX_CLASS_OPTIONS: [presentation, smaller] 11 | #+LaTeX_HEADER: \geometry{paperwidth=140mm,paperheight=105mm} 12 | #+LaTeX_HEADER: \setbeamertemplate{navigation symbols}{} 13 | #+LaTeX_HEADER: \setbeamercovered{transparent} 14 | #+LATEX_HEADER: \usepackage[T1]{fontenc} 15 | #+LATEX_HEADER: \usepackage{fontspec} 16 | #+LATEX_HEADER: \usepackage{xunicode} 17 | #+LATEX_HEADER: \usepackage{parskip} 18 | #+LATEX_HEADER: \usepackage{multirow} 19 | #+LATEX_HEADER: \usepackage{bussproofs} 20 | #+LATEX_HEADER: \usepackage{color, soul} 21 | #+LATEX_HEADER: \newcommand{\Real}{\mathbb{R}} 22 | #+LATEX_HEADER: \newcommand{\Nat}{\mathbb{N}} 23 | #+LATEX_HEADER: \newcommand{\Int}{\mathbb{Z}} 24 | #+LATEX_HEADER: \newcommand{\Rat}{\mathbb{Q}} 25 | #+LATEX_HEADER: \newcommand{\Pow}{\mathbb{P}} 26 | #+LATEX_HEADER: \newcommand{\Bool}{\mathbb{B}} 27 | #+LATEX_HEADER: \renewcommand{\SS}{\mathbb{S}} 28 | #+LATEX_HEADER: \newcommand{\Complex}{\mathbb{C}} 29 | #+LATEX_HEADER: \setmainfont[Mapping=tex-text,Scale=0.8]{DejaVuSans} 30 | #+LATEX_HEADER: \setmonofont[Mapping=tex-text,Scale=0.8]{DejaVuSansMono} 31 | #+latex_header: \AtBeginSection[]{\begin{frame}\frametitle{Topic}\tableofcontents[currentsection]\end{frame}} 32 | #+LATEX_HEADER: \usepackage{xpatch} 33 | #+LATEX_HEADER: \makeatletter\AtBeginEnvironment{minted}{\dontdofcolorbox}\def\dontdofcolorbox{\renewcommand\fcolorbox[4][]{##4}}\xpatchcmd{\inputminted}{\minted@fvset}{\minted@fvset\dontdofcolorbox}{}{}\makeatother 34 | #+BEAMER_THEME: Madrid 35 | #+BEAMER_HEADER: \titlegraphic{\includegraphics[height=0.5cm]{/home/ionescu/thd/images/thd.jpg}} 36 | #+BEAMER_HEADER: \author[]{Cezar Ionescu \newline \scriptsize{cezar.ionescu@th-deg.de}} 37 | #+COLUMNS: %45ITEM %10BEAMER_ENV(Env) %10BEAMER_ACT(Act) %4BEAMER_COL(Col) 38 | 39 | * Context 40 | 41 | ** Algebra of Programming 42 | 43 | | | 44 | 45 | *** Col left :BMCOL: 46 | :PROPERTIES: 47 | :BEAMER_col: 0.35 48 | :END: 49 | 50 | #+LATEX: \includegraphics[width=\textwidth]{/home/ionescu/thd/images/aop_cover.png} 51 | 52 | *** Col right :BMCOL: 53 | :PROPERTIES: 54 | :BEAMER_col: 0.5 55 | :END: 56 | 57 | #+LATEX: \includegraphics[width=\textwidth]{/home/ionescu/thd/images/bird.jpg} 58 | 59 | Richard Bird (1943-2022) (image from Wikipedia) 60 | 61 | ** Algebra of Programming 62 | 63 | Ideas: 64 | 65 | - /Category theory/ is an extensible language for precisely 66 | formulating mathematical theories (concepts, models, etc.). 67 | 68 | - One such extension is particularly well-suited for formulating 69 | /functional programs/. Further extensions allow us to formulate 70 | /specifications/. 71 | 72 | - There are other frameworks with similar properties: higher-order 73 | logics (dependent types), Hoare logics, etc. The categorical 74 | framework is good for /equational reasoning/. 75 | 76 | ** Potsdam Institute for Climate Impact Research 77 | 78 | #+begin_quote 79 | At PIK researchers in the natural and social sciences work together 80 | to study global change and its impacts on ecological, economic and 81 | social systems. They examine the Earth system's capacity for 82 | withstanding human interventions and devise strategies for a 83 | sustainable development of humankind and nature. 84 | 85 | PIK research projects are interdisciplinary and undertaken by 86 | scientists from the following Research Domains: Earth System 87 | Analysis, Climate Impacts and Vulnerabilities, Sustainable Solutions 88 | and Transdisciplinary Concepts and Methods. 89 | #+end_quote 90 | 91 | (PIK home page, cca 2010) 92 | 93 | ** Potsdam Institute for Climate *Impact* Research 94 | 95 | #+begin_quote 96 | At PIK researchers in the natural and social sciences work together 97 | to study global change and its impacts on ecological, economic and 98 | social systems. They examine *the Earth system's capacity for 99 | withstanding human interventions* and devise strategies for a 100 | *sustainable development* of humankind and nature. 101 | 102 | PIK research projects are *interdisciplinary* and undertaken by 103 | scientists from the following Research Domains: Earth System 104 | Analysis, Climate Impacts and Vulnerabilities, Sustainable Solutions 105 | and *Transdisciplinary* Concepts and Methods. 106 | #+end_quote 107 | 108 | (PIK home page, cca 2010) 109 | 110 | ** Parallel Computing 111 | 112 | A first attempt to apply the AoP ideas: 113 | 114 | #+begin_center 115 | #+LATEX: \includegraphics[width=0.8\textwidth]{/home/ionescu/thd/images/monadic_bsp.png} 116 | #+end_center 117 | 118 | ** Vulnerability 119 | 120 | #+begin_quote 121 | \ldots The complexity of the climate, ecological, social and 122 | economic systems that researchers are modelling means that the validity 123 | of scenario results will inevitably be subject to ongoing criticism. 124 | 125 | \ldots What this criticism does, however, is emphasize the need for 126 | a strong foundation upon which scenarios (\emph{i.e., modelling}) 127 | can be applied, a foundation that provides a basis for managing risk 128 | despite uncertainties associated with future climate changes. 129 | 130 | \emph{This foundation lies in the concept of vulnerability.} 131 | 132 | #+end_quote 133 | 134 | (from ``Climate Change Impacts and Adaptation: A Canadian 135 | Perspective'', 2004) 136 | 137 | ** DTP 10 138 | 139 | The paper was drafted for DTP10 /Dependently-Typed Programming/, 140 | Edinburgh. 141 | 142 | [[https://web.archive.org/web/20100611072508/http://sneezy.cs.nott.ac.uk/darcs/dtp10/][DTP10]] 143 | 144 | The first version was submitted in December 2010, the final version 145 | was published online in ...December 2014, and the paper journal 146 | version came out January 2016. 147 | 148 | * Vulnerability 149 | 150 | ** Definitions (or ``Definitions'') 151 | 152 | - UNDP Annual Report, 2004: 153 | 154 | #+begin_quote 155 | \ldots a human condition or process resulting from physical, social 156 | and environmental factors which determine the likelihood and damage 157 | from the impact of a given hazard 158 | #+end_quote 159 | 160 | - Cannon et al. 2004 161 | 162 | #+begin_quote 163 | Vulnerability [\ldots] is a way of conceptualizing what may happen 164 | to an identifiable population under conditions of particular risk 165 | and hazards. 166 | #+end_quote 167 | 168 | - The Intergovernmental Panel on Climate Change, 1995 169 | 170 | #+begin_quote 171 | \emph{vulnerability}: the extent to which climate change may damage 172 | or harm a system.'' 173 | #+end_quote 174 | 175 | - Institute for Environment and Security (United Nations University), 176 | 2004 177 | 178 | #+begin_quote 179 | Vulnerability is the intrinsic and dynamic feature of an element at 180 | risk (community, region, state, infrastructure, environment, etc.) 181 | that determines the expected damage or harm resulting from a given 182 | hazardous event, and is often affected by the harmful event itself. 183 | Vulnerability changes continuously over time and is driven by 184 | physical, social, economic and environmental factors. 185 | #+end_quote 186 | 187 | \ldots many, many others (Thywissen 2006 lists 32 more) 188 | 189 | ** ODE 190 | 191 | *vulnerable* (adj.): 192 | 193 | 1. exposed to the possibility of being attacked or harmed, either 194 | physically or emotionally: /we were in a vulnerable position/ | 195 | /small fish are *vulnerable* to predators/ 196 | 197 | 2. Bridge (of a partnership) liable to higher penalties, either by 198 | convention or through having won one game towards a rubber. 199 | 200 | (Oxford Dictionary of English, 2010) 201 | 202 | ** The Structure of Vulnerability 203 | 204 | #+begin_src haskell 205 | possible :: Functor f => State -> f Evolution 206 | 207 | harm :: Preorder v => Evolution -> v 208 | 209 | measure :: Functor f, Preorder v, Preorder w => f v -> w 210 | 211 | vulnerability :: Preorder w => State -> w 212 | 213 | vulnerability = measure . fmap harm . possible 214 | #+end_src 215 | 216 | ** Example 217 | 218 | Calvo and Dercon (2005): 219 | 220 | \begin{itemize} 221 | \item Vulnerability measures a set of outcomes across possible 222 | states of the world. These states of the world are assumed to be in 223 | finite number and come with associated probabilities. 224 | \item Poverty is defined in terms of a threshold, which has the same 225 | value in all states of the world. 226 | \item The states of the world in which the outcomes are above the 227 | threshold do not enter in the vulnerability measurement (this is 228 | called the ``axiom of focus''). 229 | \item Monotonicity requirements: the likelier the outcomes below the 230 | threshold, and the greater their distance to the threshold, the 231 | greater the vulnerability. 232 | \end{itemize} 233 | 234 | ** Example (from paper) 235 | 236 | #+begin_src haskell 237 | > V = sum [p i * v (x i) | i <- [1 .. n]] 238 | 239 | where 240 | 241 | > n :: Nat -- the number of possible states of the world 242 | > p :: Nat -> [0, 1] -- p i is the probability of state i 243 | > v :: Real -> Real -- a monotonically decreasing and convex function 244 | > x i = (y i) / z -- relative distance to threshold of outcome i 245 | > y :: Nat -> Real -- y i is the outcome in state i if below the 246 | > -- threshold, 0 otherwise 247 | > z :: Real -- the threshold 248 | #+end_src 249 | 250 | Exercise: Does this fit the structure of vulnerability? How / why not? 251 | 252 | * Applications 253 | 254 | ** Insight 255 | 256 | ``Small fish are vulnerable to predators.'' 257 | 258 | #+begin_src haskell 259 | possible :: State -> [Evolution] 260 | 261 | predators :: Evolution -> Bool 262 | wounded :: Evolution -> Bool 263 | 264 | harm :: Evolution -> Bool 265 | harm = wounded ∧ predators 266 | #+end_src 267 | 268 | - Vulnerability is here a predicate on /states/ (transferred 269 | epithtet) 270 | 271 | - Factors of interest (/predators/) and impacts to assess (/wounded/) 272 | play a symmetric role 273 | 274 | ** Monotonicity Condition for Vulnerability Measures 275 | 276 | Vulnerability measures should be ``monotonous''. If every harm value 277 | in the structure increases, the structure remaining the same, then 278 | the aggregated value should also increase (``increasing'' is 279 | *non-strict*). 280 | 281 | For all ~inc : V -> V~ increasing (~inc v ⊒ v~), we have for all ~v ∈ 282 | F V~ 283 | 284 | #+begin_src haskell 285 | measure (fmap inc v) ⊒ measure v 286 | #+end_src 287 | 288 | ``Most common harm value'' does not fulfil this condition! 289 | 290 | E.g., ~[1, 2, 3, 10, 10]~ worse than ~[4, 4, 4, 11, 11]~! 291 | 292 | ** Compatibility 293 | 294 | - natural transformation between representations of possibility 295 | 296 | #+begin_src haskell 297 | τ :: F1 a -> F2 a 298 | #+end_src 299 | 300 | - vulnerability measures of the ``same kind'' 301 | 302 | #+begin_src haskell 303 | m1 :: F1 V -> W 304 | 305 | m2 :: F2 V -> W 306 | #+end_src 307 | 308 | - compatibility w.r.t. ~τ~ 309 | 310 | #+begin_src haskell 311 | m1 v1 ⊒ m1 v2 ⇒ m2 (τ v1) ⊒ m2 (τ v2) 312 | #+end_src 313 | 314 | - reuse: ~m2 . τ~ is compatible with ~m2~ 315 | 316 | *Exercise:* What are the ``minimal'' categories involved? 317 | 318 | ** Software Correctness 319 | 320 | Enter dependent types (under the influence of Patrik Jansson). 321 | 322 | We started moving the categorical machinery to the new framework, 323 | leading to many developments (see the rest of the FPClimate papers). 324 | 325 | There is still a certain ``friction'' between categorical frameworks 326 | and the depedently typed ones which have largely superseded them, as 327 | illustrated by [[https://www.cs.ox.ac.uk/publications/books/adwh/][Richard Bird's last book]] (together with Jeremy 328 | Gibbons). 329 | 330 | * Conclusions 331 | 332 | ** Conclusions 333 | 334 | Main idea: formulate problems as programming correctness problems! 335 | 336 | This can be useful in contexts where simulation is used to replace 337 | experiments (climate science, social science, political theory, 338 | etc.). 339 | 340 | Type theory can formulate both correctness conditions and the 341 | programs themselves. Moreover, the correctness proofs are then 342 | mechanically checked. 343 | 344 | *Meta-exercise:* find and correct all the errors in the article. 345 | 346 | -------------------------------------------------------------------------------- /ref/FPClimate_seminar_2.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/FPClimate_seminar_2.pdf -------------------------------------------------------------------------------- /ref/FPClimate_seminar_4/FPClimate_seminar_4-1.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/FPClimate_seminar_4/FPClimate_seminar_4-1.pdf -------------------------------------------------------------------------------- /ref/FPClimate_seminar_4/FPClimate_seminar_4-2.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/FPClimate_seminar_4/FPClimate_seminar_4-2.pdf -------------------------------------------------------------------------------- /ref/FPClimate_seminar_4/Monadic_part1.lagda: -------------------------------------------------------------------------------- 1 | % -*-Latex-*- 2 | %if False 3 | 4 | \begin{code} 5 | 6 | {-# OPTIONS --without-K #-} 7 | 8 | module Monadic_part1 where 9 | 10 | open import Data.Nat using (zero; suc; ℕ; _+_) 11 | open import Data.Float using (Float) 12 | open import Data.Vec using (Vec; []; _∷_; map; head; tail; _++_) 13 | open import Data.Product using (_×_; _,_) 14 | open import Data.List using (List; []; _∷_) 15 | renaming ([_] to ηList; map to fmapList; concat to μList) 16 | import Agda.Primitive -- for Levels 17 | open Agda.Primitive using (Level; lsuc; _⊔_) public 18 | open import Relation.Binary.PropositionalEquality using (_≡_; refl; sym; trans; cong) 19 | 20 | -- data _≡_ {A : Set} : A -> A -> Set where 21 | -- refl : {a : A} -> a ≡ a 22 | 23 | -- trans : ∀ {A : Set} {x y z : A} -> (x ≡ y) -> (y ≡ z) -> (x ≡ z) 24 | -- trans refl refl = refl 25 | 26 | -- cong : ∀ {A B : Set} (f : A -> B) {x y : A} (p : x ≡ y) -> (f x ≡ f y) 27 | -- cong f refl = refl 28 | 29 | dom : {A B : Set} -> (A -> B) -> Set 30 | dom {A} f = A 31 | 32 | id : {A : Set} -> A -> A 33 | id a = a 34 | 35 | infixr 9 _∘_ 36 | _∘_ : {A B C : Set} -> (B -> C) -> (A -> B) -> A -> C 37 | (f ∘ g) a = f (g a) 38 | 39 | infixr 6 _<=>_ 40 | _<=>_ : {A B : Set} -> (A -> B) -> (A -> B) -> Set 41 | f <=> g = (x : dom f) -> f x ≡ g x 42 | 43 | _QED : {ℓ : Level} → {A : Set ℓ} → (x : A) → x ≡ x 44 | x QED = refl 45 | 46 | infixr 10 _=⟨_⟩=_ -- emacs agda-mode: \langle \rangle 47 | 48 | _=⟨_⟩=_ : {ℓ : Level} → {A : Set ℓ} (x : A) {y z : A} → x ≡ y → y ≡ z → x ≡ z 49 | x =⟨ p ⟩= q = trans p q 50 | 51 | \end{code} 52 | 53 | %endif 54 | 55 | 56 | \date{Part 1, 2024-04-22} 57 | 58 | \begin{frame} 59 | \maketitle 60 | \end{frame} 61 | 62 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 63 | 64 | \begin{frame}{Where we are} 65 | \end{frame} 66 | 67 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 68 | 69 | \begin{frame}{Where we are} 70 | 71 | % 72 | First half (mostly done): 73 | \begin{enumerate} 74 | \item[15] \href{https://github.com/DSLsofMath/FPClimate/blob/main/ref/2010_Vulnerability_Modelling.pdf}{Vulnerability modelling with functional programming and dependent types} 75 | \item[16] \href{https://github.com/DSLsofMath/FPClimate/blob/main/ref/2011_TestingVsProving.pdf}{Testing versus proving in climate impact research} 76 | \item[17] \href{https://github.com/DSLsofMath/FPClimate/blob/main/ref/2012_DepTy_SciComp_978-3-642-41582-1_9.pdf}{Dependently-Typed Programming in Scientific Computing - Examples from Economic Modelling} 77 | \item[18] \href{https://github.com/DSLsofMath/FPClimate/blob/main/ref/2014_Jansson-Patrik-Computational-Theory-of-GSS.pdf}{Towards a Computational Theory of GSS: a Case for Domain-Specific Languages} 78 | \end{enumerate} 79 | % 80 | \pause 81 | % 82 | \hl<2>{Second half (upcoming):} 83 | \begin{enumerate} 84 | \item[19] \href{https://github.com/DSLsofMath/FPClimate/blob/main/ref/2017a_SeqDecProb1.pdf}{\hl<3>{Sequential decision problems, dependent types and generic solutions}} 85 | \item[20] \href{https://github.com/DSLsofMath/FPClimate/blob/main/ref/2017b_contributions-to-a-computational-theory-of-policy-advice-and-avoidability.pdf}{\hl<3>{Contributions to a computational theory of policy advice and avoidability}} 86 | \item[21] \href{https://github.com/DSLsofMath/FPClimate/blob/main/ref/2018_esd-9-525-2018.pdf}{\hl<4->{The impact of uncertainty on optimal emission policies}} 87 | \item[22] \href{https://github.com/DSLsofMath/FPClimate/blob/main/ref/2023_MatterMost_s10666-022-09867-w.pdf}{\hl<4->{Responsibility Under Uncertainty: Which Climate Decisions Matter Most?}} 88 | \end{enumerate} 89 | \end{frame} 90 | 91 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 92 | 93 | \begin{frame}{Plan} 94 | \end{frame} 95 | 96 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 97 | 98 | \begin{frame}{Plan} 99 | 100 | \begin{block}{Today:} 101 | \begin{itemize} 102 | \item The computational structure of |possible|: Monadic dynamical systems 103 | \end{itemize} 104 | \end{block} 105 | 106 | \pause 107 | 108 | \begin{block}{Next week (18 or 19):} 109 | \begin{itemize} 110 | \item Background: climate science, climate policy under uncertainty 111 | \end{itemize} 112 | \end{block} 113 | 114 | \pause 115 | 116 | \begin{block}{Week 19 or 20:} 117 | \begin{itemize} 118 | \item Sequential decision problems 119 | \item Bellman's equation, backward induction 120 | \item Verified policy advice in a nutshell 121 | \end{itemize} 122 | \end{block} 123 | 124 | \end{frame} 125 | 126 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 127 | 128 | \begin{frame}{The computational structure of |possible|: Monadic dynamical systems} 129 | \end{frame} 130 | 131 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 132 | 133 | \begin{frame}{The computational structure of |possible|: Monadic dynamical systems} 134 | 135 | \begin{itemize} 136 | \vfill 137 | \item<1-> Recap vulnerability theory 138 | \vfill 139 | \item<2-> |State|, |Evolution| and deterministic systems 140 | \vfill 141 | \item<3-> Non-deterministic systems 142 | \vfill 143 | \item<4-> Monadic systems 144 | \end{itemize} 145 | % 146 | \vfill 147 | \end{frame} 148 | 149 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 150 | 151 | \begin{frame}{Recap vulnerability theory} 152 | \end{frame} 153 | 154 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 155 | 156 | \begin{frame}{Recap vulnerability theory} 157 | 158 | %format postulate = "\hl<1-2>{postulate}" 159 | \begin{code} 160 | postulate State Evolution V W : Set 161 | 162 | postulate F : Set -> Set 163 | 164 | postulate fmap : {A B : Set} -> (A -> B) -> F A -> F B 165 | 166 | postulate possible : State -> F Evolution 167 | 168 | postulate harm : Evolution -> V 169 | 170 | postulate measure : F V -> W 171 | \end{code} 172 | 173 | \pause 174 | 175 | \begin{code} 176 | vulnerability : State -> W 177 | 178 | vulnerability = measure ∘ fmap harm ∘ possible 179 | \end{code} 180 | 181 | \begin{itemize} 182 | \vfill 183 | \item<3-> The theory is \hl<2->{applied} (instantiated) by defining |State|, |Evolution|, etc. 184 | \end{itemize} 185 | 186 | \vfill 187 | \end{frame} 188 | 189 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 190 | 191 | \begin{frame}{|State|, |Evolution| and deterministic systems} 192 | \end{frame} 193 | 194 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 195 | 196 | \begin{frame}{|State|, |Evolution| and deterministic systems} 197 | 198 | \begin{itemize} 199 | \vfill 200 | \item<1-> Values of type |State| represent the state of a \hl<1>{system} 201 | \vfill 202 | \item<2-> Example 1: a \hl<2>{reduced} climate system as in \href{https://github.com/DSLsofMath/FPClimate/blob/main/extra/Marina Martínez Montero et al. SURFER v1.0: A flexible and simple model linking emissions to sea level rise.pdf}{\hl<2->{SURFER}} 203 | \vfill 204 | \item<3-> Example 2: a simplified \hl<3>{climate}-\hl<3>{economy} system as in \href{https://github.com/DSLsofMath/FPClimate/blob/main/extra/Ikefuji et al. DICE simplified (2019).pdf}{\hl<2->{DICE simplified}} 205 | \vfill 206 | \item<4-> Example 3: a detailed \hl<4>{climate} system like in EMICs, 207 | GCMs, etc. 208 | \vfill 209 | \item<5-> |possible s : F Evolution| are the \hl<5>{possible} evolutions starting in |s : State| 210 | \vfill 211 | \item<6-> Thus, either |State| or |possible| have to entail some 212 | representation of both \hl<6>{natural} and \hl<6>{anthropogenic} 213 | \hl<6>{forcing} on the system, for example global GHG emissions 214 | \end{itemize} 215 | 216 | \vfill 217 | \end{frame} 218 | 219 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 220 | 221 | \begin{frame}{|State|, |Evolution| and deterministic systems} 222 | 223 | \begin{itemize} 224 | \vfill 225 | \item<1-> Remember that |Evolution| is the type of evolutions or \hl<1>{scenarios} 226 | \vfill 227 | \item<2-> In a \hl<2>{deterministic}, \hl<2>{time} \hl<2>{continuous} 228 | setting, evolutions are \hl<2>{certain} 229 | \vfill 230 | \item<3-> Often, they can be described by differential equations, for example ODE 231 | 232 | \begin{equation*} 233 | \dot{x} \ t = f \ (x \ t) = (f \circ x) \ t 234 | \end{equation*} 235 | 236 | \vfill 237 | \item<4-> In this case |F = Id| and \hl<4>{the} evolution starting in $(t_0, x_0)$ 238 | is obtained by \hl<5-6>{integration}: 239 | 240 | \pause\pause\pause\pause 241 | 242 | \begin{equation*} 243 | \varphi \ t \ (t_0, x_0) 244 | = 245 | (t_0 + \int_{t_0}^{t_0 + t}\!\!\!\!\!\!\!\!\! d\tau, \ x_0 + \int_{t_0}^{t_0 + t}\!\!\!\!\!\!\!\!\! f \ (x \ \tau) \ d\tau) 246 | = 247 | (t_0 + t, \ x \ (t_0 + t)) 248 | \end{equation*} 249 | 250 | \end{itemize} 251 | 252 | \pause 253 | 254 | \begin{exercise} 255 | \label{exercise4.1} 256 | Let |x : Real -> Real|. What are the types of $\dot{x}$, $f$, $\varphi$ in the 257 | expressions above? 258 | \end{exercise} 259 | 260 | \vfill 261 | \end{frame} 262 | 263 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 264 | 265 | \begin{frame}{|State|, |Evolution| and deterministic systems} 266 | 267 | \vfill 268 | \begin{exercise} 269 | \label{exercise4.2} 270 | Which function is $\varphi \ 0$? Which function is $\varphi \ (t_1 + t_2)$? 271 | \end{exercise} 272 | 273 | \pause 274 | 275 | \begin{itemize} 276 | 277 | \vfill 278 | 279 | \item<2-> The evolution of time continuous, 280 | deterministic systems on \hl<2>{time} \hl<2>{discretizations} 281 | $\hat{t} : \mathbb{R}_{+} \rightarrow \mathbb{N} \rightarrow 282 | \mathbb{R}_{+}$, \ $\hat{t} \ \Delta t \ k = k * \Delta t$ is 283 | also described by endo-functions 284 | 285 | \begin{equation*} 286 | \hat{\varphi} \ \Delta t \ k = \varphi \ (\hat{t} \ \Delta t \ k) 287 | \end{equation*} 288 | 289 | \pause 290 | 291 | \begin{exercise} 292 | \label{exercise4.3} 293 | What is the type of $\hat{\varphi} \ \Delta t \ k$? 294 | \end{exercise} 295 | 296 | %if False 297 | 298 | \begin{code} 299 | postulate phi : Float → Float × Float → Float × Float 300 | postulate t' : Float → ℕ → Float 301 | phi' : Float → ℕ → Float × Float → Float × Float 302 | phi' Δt k = phi (t' Δt k) 303 | \end{code} 304 | 305 | %endif 306 | 307 | \item<4-> \dots and also that of time \hl<4>{time} \hl<4>{discrete} 308 | deterministic systems, e.g., given by difference equations 309 | 310 | \begin{equation*} 311 | x \ (t + 1) = x \ t + g \ (x \ t, x \ (t + 1)) 312 | \end{equation*} 313 | 314 | \end{itemize} 315 | 316 | \vfill 317 | \end{frame} 318 | 319 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 320 | 321 | \begin{frame}{|State|, |Evolution| and deterministic systems} 322 | 323 | \begin{itemize} 324 | 325 | \vfill 326 | \item<1-> In general, one can model \hl<1>{deterministic} \hl<1>{systems} as endo-functions 327 | 328 | \begin{code} 329 | DetSys : Set -> Set 330 | 331 | DetSys X = X -> X 332 | \end{code} 333 | 334 | \vfill 335 | \item<2-> The evolutions of a system is then obtained by \hl<2>{iterating} that system: 336 | 337 | \begin{code} 338 | detFlow : {X : Set} -> DetSys X -> ℕ -> DetSys X 339 | 340 | detFlow f zero = id 341 | 342 | detFlow f ( suc n) = detFlow f n ∘ f 343 | \end{code} 344 | 345 | \end{itemize} 346 | 347 | \pause\pause 348 | 349 | \begin{exercise} 350 | \label{exercise4.4} 351 | %format next⁴ = "next^4" 352 | Let |next : State -> State| and |Evolution = Vec State 5|. Define 353 | |possible : State -> Evolution| such that |possible s| is the 354 | trajectory under |next| starting in |s|: |possible s = [s, next s, ..., next⁴ s]|. 355 | \end{exercise} 356 | 357 | %if False 358 | \begin{code} 359 | postulate next1 : State -> State 360 | possible1 : State -> Vec State 5 361 | possible1 s = map (\ n -> detFlow next1 n s) (0 ∷ 1 ∷ 2 ∷ 3 ∷ 4 ∷ []) 362 | \end{code} 363 | %endif 364 | 365 | \vfill 366 | \end{frame} 367 | 368 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 369 | 370 | \begin{frame}{|State|, |Evolution| and deterministic systems} 371 | 372 | \vfill 373 | \begin{exercise} 374 | \label{exercise4.5} 375 | Encode the mathematical specification 376 | 377 | \quad |Forall (m, n ∈ ℕ) (Forall (f : DetSys X) (Forall (x ∈ X) (detFlow f (m + n) x = 378 | detFlow f n (detFlow f m x))| 379 | 380 | in Agda through a function |detFlowP1|. 381 | \end{exercise} 382 | 383 | \pause 384 | 385 | \vfill 386 | \begin{exercise} 387 | \label{exercise4.6} 388 | Implement (prove) |detFlowP1| by induction on |m|. 389 | \end{exercise} 390 | 391 | \vfill 392 | \end{frame} 393 | 394 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 395 | 396 | \begin{frame}{|State|, |Evolution| and deterministic systems} 397 | 398 | \begin{itemize} 399 | 400 | \vfill 401 | 402 | \item<1-> One can compute \hl<1>{the} trajectory obtained by iterating a 403 | system |n| times from an initial state: 404 | 405 | %format ∷ = :: 406 | \begin{code} 407 | detTrj : {X : Set} -> DetSys X -> (n : ℕ) -> X -> Vec X (suc n) 408 | 409 | detTrj f zero x = x ∷ [] 410 | 411 | detTrj f ( suc n) x = x ∷ detTrj f n (f x) 412 | \end{code} 413 | \end{itemize} 414 | 415 | \pause 416 | 417 | \vfill 418 | \begin{exercise} 419 | \label{exercise4.7} 420 | |detTrj| fulfills a specification similar to |detFlowP1|. Encode this 421 | specification in the type of a function |detTrjP1| using only |detTrj|, |detFlow|, 422 | |tail : Vec X (1 + n) -> Vec X n| and vector concatenation |++|. 423 | \end{exercise} 424 | 425 | 426 | \vfill 427 | \end{frame} 428 | 429 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 430 | 431 | \begin{frame}{|State|, |Evolution| and deterministic systems} 432 | 433 | \begin{itemize} 434 | 435 | \vfill 436 | 437 | \item<1-> Perhaps not surprisingly, the last element of the trajectory of length 438 | |1 + n| of |f : DetSys X| starting in |x| is just |detFlow f n x|: 439 | 440 | %if False 441 | \begin{code} 442 | last : {A : Set} -> {n : ℕ} -> Vec A (suc n) -> A 443 | last (a ∷ []) = a 444 | last (a ∷ a' ∷ as) = last (a' ∷ as) 445 | \end{code} 446 | %endif 447 | 448 | \begin{code} 449 | detFlowTrjP1 : {X : Set} -> (n : ℕ) -> (f : DetSys X) -> 450 | 451 | (x : X) -> last (detTrj f n x) ≡ detFlow f n x 452 | detFlowTrjP1 = {!!} 453 | \end{code} 454 | 455 | \end{itemize} 456 | 457 | \pause 458 | 459 | \vfill 460 | \begin{exercise} 461 | \label{exercise4.8} 462 | Implement |detFlowTrjP1| using 463 | 464 | \begin{code} 465 | lastLemma : {A : Set} -> {n : ℕ} -> 466 | (a : A) -> (as : Vec A (suc n)) -> last (a ∷ as) ≡ last as 467 | lastLemma a (x ∷ as) = refl 468 | \end{code} 469 | 470 | %if False 471 | \begin{spec} 472 | lastLemma a as = refl -- works with 2.6.4.1, 2.6.3 473 | lastLemma a (x ∷ as) = refl -- works with 2.6.2.2 474 | \end{spec} 475 | %endif 476 | 477 | \end{exercise} 478 | 479 | \vfill 480 | \end{frame} 481 | 482 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 483 | 484 | \begin{frame}{Non-deterministic systems} 485 | \end{frame} 486 | 487 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 488 | 489 | \begin{frame}{Non-deterministic systems} 490 | 491 | \begin{itemize} 492 | 493 | \vfill 494 | \item<1-> Remember that \hl<1>{uncertainty} can be represented 495 | \hl<1>{functorially}: |possible : State ->| \hl<1>{|F|} |Evolution| 496 | 497 | \vfill 498 | \item<2-> For |F| = \hl<2>{|List|}, we have \hl<2>{non}-\hl<2>{deterministic} uncertainty 499 | 500 | \vfill 501 | \item<3-> In this case, for a given initial state one can have \hl<3>{zero}, \hl<3>{one} 502 | or \hl<3>{more} possible \hl<3>{next} states 503 | 504 | \vfill 505 | \item<4-> One can \hl<4>{iterate} non-deterministic systems like deterministic ones 506 | 507 | %format >=>List = >=>"_{\!List}" 508 | %format fmapList = fmap"_{List}" 509 | %format ηList = "\eta_{List}" 510 | %format μList = "\mu_{List}" 511 | 512 | %if False 513 | \begin{code} 514 | infixr 1 _>=>List_ 515 | _>=>List_ : {A B C : Set} -> (A -> List B) -> (B -> List C) -> (A -> List C) 516 | f >=>List g = μList ∘ (fmapList g) ∘ f 517 | \end{code} 518 | %endif 519 | 520 | \begin{code} 521 | NonDetSys : Set -> Set 522 | 523 | NonDetSys X = X -> List X 524 | \end{code} 525 | 526 | \begin{code} 527 | nonDetFlow : {X : Set} -> NonDetSys X -> ℕ -> NonDetSys X 528 | 529 | nonDetFlow f zero = ηList 530 | 531 | nonDetFlow f ( suc n) = f >=>List nonDetFlow f n 532 | \end{code} 533 | 534 | \end{itemize} 535 | 536 | \vfill 537 | \end{frame} 538 | 539 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 540 | 541 | \begin{frame}{Non-deterministic systems} 542 | 543 | \vfill 544 | \begin{exercise} 545 | \label{exercise4.9} 546 | What are the types of |ηList| and |>=>List| in the definition of 547 | |nonDetFlow|? 548 | \end{exercise} 549 | 550 | \pause 551 | 552 | \vfill 553 | \begin{exercise} 554 | \label{exercise4.10} 555 | Define |>=>List| in terms of |fmapList| and |μList| with 556 | 557 | \begin{spec} 558 | fmapList : {A B : Set} -> (A -> B) -> List A -> List B 559 | μList : {A : Set} -> List (List A) -> List A 560 | \end{spec} 561 | 562 | \end{exercise} 563 | 564 | \pause 565 | 566 | \vfill 567 | %format [_] = [ "\un{}" ] 568 | \begin{exercise} 569 | \label{exercise4.11} 570 | Verify that, for arbitrary types |A| and |B|, |ηList = [_]| and |fmapList = map| fulfill 571 | 572 | %format ηListNatTrans = ηList NatTrans 573 | \begin{spec} 574 | (f : A -> B) -> (a : A) -> fmapList f (ηList a) ≡ ηList (f a) 575 | \end{spec} 576 | 577 | %if False 578 | \begin{code} 579 | ηListNatTrans : {A B : Set} -> (f : A -> B) -> (a : A) -> fmapList f (ηList a) ≡ ηList (f a) 580 | ηListNatTrans f a = refl 581 | \end{code} 582 | %endif 583 | \end{exercise} 584 | 585 | \vfill 586 | \end{frame} 587 | 588 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 589 | 590 | \begin{frame}{Non-deterministic systems} 591 | 592 | \begin{itemize} 593 | 594 | \vfill 595 | \item<1-> With \hl<1>{|fmapList|}, \hl<1>{|ηList|} and 596 | \hl<1>{|>=>List|}, one can also compute all the possible trajectories 597 | 598 | %format ∷_ = ∷"\un" 599 | \begin{code} 600 | nonDetTrj : {X : Set} -> NonDetSys X -> (n : ℕ) -> X -> List (Vec X (suc n)) 601 | 602 | nonDetTrj f zero x = fmapList (x ∷_) (ηList []) 603 | 604 | nonDetTrj f ( suc n) x = fmapList (x ∷_) ((f >=>List (nonDetTrj f n)) x) 605 | \end{code} 606 | 607 | \end{itemize} 608 | 609 | \pause 610 | 611 | \vfill 612 | \begin{exercise} 613 | \label{exercise4.12} 614 | Compute |nonDetFlow rw n zero| and |nonDetTrj rw n zero| for |n = 0,1,2| for the random walk 615 | 616 | \begin{code} 617 | rw : ℕ -> List ℕ 618 | 619 | rw zero = zero ∷ suc zero ∷ [] 620 | 621 | rw ( suc m) = m ∷ suc m ∷ suc (suc m) ∷ [] 622 | \end{code} 623 | 624 | \end{exercise} 625 | 626 | \vfill 627 | \end{frame} 628 | 629 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 630 | 631 | \begin{frame}{Non-deterministic systems} 632 | 633 | \begin{itemize} 634 | 635 | \vfill 636 | \item<1-> Every \hl<1>{deterministic} system can be \hl<1>{represented} by a 637 | \hl<1>{non-deterministic} one: 638 | 639 | \begin{code} 640 | detToNonDet : {X : Set} -> DetSys X -> NonDetSys X 641 | 642 | detToNonDet f = ηList ∘ f 643 | \end{code} 644 | 645 | \end{itemize} 646 | 647 | \pause 648 | 649 | \vfill 650 | \begin{exercise} 651 | \label{exercise4.13} 652 | Show that 653 | 654 | %format Det≡NonDet = Det"\!\!\equiv\!\!"NonDet 655 | \begin{code} 656 | Det≡NonDet : {X : Set} -> (f : DetSys X) -> (n : ℕ) -> (x : X) -> 657 | 658 | ηList (detFlow f n x) ≡ nonDetFlow (detToNonDet f) n x 659 | Det≡NonDet = {!!} 660 | \end{code} 661 | 662 | by induction on |n| and using |ηListNatTrans| and 663 | 664 | \begin{code} 665 | postulate triangleLeftList : {A : Set} -> (as : List A) -> μList (ηList as) ≡ as 666 | \end{code} 667 | 668 | \end{exercise} 669 | 670 | \vfill 671 | \end{frame} 672 | 673 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 674 | 675 | \begin{frame}{Non-deterministic systems} 676 | 677 | \begin{itemize} 678 | 679 | \vfill 680 | \item<1-> Perhaps surprisingly, the opposite is also true 681 | 682 | %if False 683 | \begin{code} 684 | infixr 1 _>>=List_ 685 | _>>=List_ : {A B : Set} -> List A -> (A -> List B) -> List B 686 | as >>=List f = μList (fmapList f as) 687 | \end{code} 688 | %endif 689 | 690 | \begin{code} 691 | nonDetToDet : {X : Set} -> NonDetSys X -> DetSys (List X) 692 | 693 | nonDetToDet f = μList ∘ (fmapList f) 694 | \end{code} 695 | 696 | \vfill 697 | \item<2-> But the \hl<2>{state} of the resulting deterministic system is now \hl<2>{much} \hl<2>{bigger}! 698 | 699 | \vfill 700 | %format >>=List = >>="_{List}" 701 | \item<3-> The function |\ xs -> \ f -> μList ∘ (fmapList f xs)| is usually 702 | denoted by the infix \hl<3>{|>>=List|} 703 | 704 | \begin{spec} 705 | nonDetToDet f xs = xs >>=List f 706 | \end{spec} 707 | 708 | \vfill 709 | \item<4-> Again, one has a representation theorem 710 | 711 | %format NonDet≡Det = NonDet"\!\!\equiv\!\!"Det 712 | \begin{code} 713 | NonDet≡Det : {X : Set} -> (f : NonDetSys X) -> (n : ℕ) -> (xs : List X) -> 714 | 715 | nonDetToDet (nonDetFlow f n) xs ≡ detFlow (nonDetToDet f) n xs 716 | \end{code} 717 | 718 | %if False 719 | \begin{code} 720 | module ListMonadLaws where 721 | variable A B : Set 722 | MapEtaList : (f : A -> B) -> (a : A) -> Set 723 | MapEtaList f a = fmapList f (ηList a) ≡ ηList (f a) 724 | TriangleLeftList : (as : List A) -> Set 725 | TriangleLeftList as = μList (ηList as) ≡ as 726 | TriangleRightList : (as : List A) -> Set 727 | TriangleRightList as = (μList ∘ fmapList ηList) as ≡ as 728 | 729 | postulate law1 : ∀ (f : A -> B) -> (a : A) -> MapEtaList f a 730 | postulate law2 : ∀ (as : List A) -> TriangleRightList as 731 | -- postulate : ∀ as -> TriangleLeftList as -- already postulated as triangleLeftList 732 | NonDet≡Det f zero xs = 733 | nonDetToDet ηList xs =⟨ refl ⟩= 734 | (μList ∘ fmapList ηList) xs =⟨ ListMonadLaws.law2 xs ⟩= 735 | id xs QED 736 | NonDet≡Det f (suc n) xs = 737 | nonDetToDet (f >=>List nonDetFlow f n) xs =⟨ {!!} ⟩= -- To be continued 738 | (detFlow (nonDetToDet f) n ∘ nonDetToDet f) xs QED 739 | \end{code} 740 | %endif 741 | 742 | \end{itemize} 743 | 744 | \vfill 745 | \end{frame} 746 | 747 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 748 | 749 | \begin{frame}{Monadic systems} 750 | \end{frame} 751 | 752 | -------------------------------------------------------------------------------- /ref/FPClimate_seminar_5/FPClimate_seminar_5-1.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/FPClimate_seminar_5/FPClimate_seminar_5-1.pdf -------------------------------------------------------------------------------- /ref/FPClimate_seminar_6/FPClimate_seminar_6.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/FPClimate_seminar_6/FPClimate_seminar_6.pdf -------------------------------------------------------------------------------- /ref/FPClimate_seminar_7/FPClimate_seminar_4-7.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/FPClimate_seminar_7/FPClimate_seminar_4-7.pdf -------------------------------------------------------------------------------- /ref/README.org: -------------------------------------------------------------------------------- 1 | * 2010_Vulnerability_Modelling.pdf: Vulnerability Modelling with Functional Programming and Dependent Types 2 | + Official source: https://www.cambridge.org/core/journals/mathematical-structures-in-computer-science/article/vulnerability-modelling-with-functional-programming-and-dependent-types/C68FE66F3730E7DA26F4FE2F6352EBC9 3 | + Commments below refer to the pre-print in this direcory. 4 | + Section 4, page 7: the definition of "harm = v . x" is confusing - 5 | the x and v were defined "long ago" (on page 4). 6 | + Section 5, page 9: "measure xs = 10" - there is no "xs" in scope? 7 | Perhaps ns in intended? 8 | + Section 5, page 9: "measure (fmap inc xs) = 1" This is worth some 9 | more explanation: the key is that "inc" collapses two inputs to one, 10 | and thus the joint probability ends up at 0.6 > 0.4. 11 | + Section 5, page 11: "xs" is not defined. Probably "as" in intended. 12 | -------------------------------------------------------------------------------- /ref/seminar_2_exercises.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DSLsofMath/FPClimate/6da7be5719b3ccac3293d7ef432e87d69bae179c/ref/seminar_2_exercises.pdf -------------------------------------------------------------------------------- /ref/test-vs-proof/Cezar/Bool.agda: -------------------------------------------------------------------------------- 1 | module Cezar.Bool where 2 | 3 | {- 4 | data Bool : Set where 5 | true : Bool 6 | false : Bool 7 | 8 | {-# BUILTIN BOOL Bool #-} 9 | {-# BUILTIN TRUE true #-} 10 | {-# BUILTIN FALSE false #-} 11 | -} 12 | open import Data.Bool public 13 | open import Cezar.Logic 14 | 15 | lift : Bool -> Set 16 | lift true = True 17 | lift false = False 18 | 19 | lift1 : {A : Set} -> (A -> Bool) -> A -> Set 20 | lift1 f a = lift (f a) 21 | 22 | lift2 : {A B : Set} -> (A -> B -> Bool) -> A -> B -> Set 23 | lift2 f a b = lift (f a b) 24 | 25 | liftDec : (b : Bool) -> lift b ⋁ (lift b -> False) 26 | liftDec true = inl * 27 | liftDec false = inr contradiction 28 | 29 | if_then_else : {A : Set} -> Bool -> A -> A -> A 30 | if true then a else a' = a 31 | if false then a else a' = a' 32 | 33 | _and_ : Bool -> Bool -> Bool 34 | false and b = false 35 | true and b = b 36 | 37 | _or_ : Bool -> Bool -> Bool 38 | false or b = b 39 | true or b = true 40 | 41 | {- 42 | not : Bool -> Bool 43 | not false = true 44 | not true = false 45 | -} -------------------------------------------------------------------------------- /ref/test-vs-proof/Cezar/Float.agda: -------------------------------------------------------------------------------- 1 | module Cezar.Float where 2 | 3 | --open import Cezar.Bool 4 | open import Data.Bool renaming (_∧_ to _and_) 5 | 6 | open import Cezar.Int renaming (_+_ to _+i_ ; 7 | _<_ to _ Float -> Float 17 | primFloatMinus : Float -> Float -> Float 18 | primFloatTimes : Float -> Float -> Float 19 | primFloatDiv : Float -> Float -> Float 20 | primFloatLess : Float -> Float -> Bool 21 | primExp : Float -> Float 22 | primLog : Float -> Float -- partial 23 | primSin : Float -> Float 24 | primIntegerToFloat : Int -> Float 25 | primRound : Float -> Int 26 | primFloor : Float -> Int 27 | primCeiling : Float -> Int 28 | 29 | _+_ : Float -> Float -> Float 30 | _+_ = primFloatPlus 31 | 32 | _-_ : Float -> Float -> Float 33 | _-_ = primFloatMinus 34 | 35 | _*_ : Float -> Float -> Float 36 | _*_ = primFloatTimes 37 | 38 | _/_ : Float -> Float -> Float 39 | _/_ = primFloatDiv 40 | 41 | exp : Float -> Float 42 | exp = primExp 43 | 44 | log : Float -> Float -- partial 45 | log = primLog 46 | 47 | sin : Float -> Float 48 | sin = primSin 49 | 50 | itof : Int -> Float 51 | itof = primIntegerToFloat 52 | 53 | round : Float -> Int 54 | round = primRound 55 | 56 | floor : Float -> Int 57 | floor = primFloor 58 | 59 | ceiling : Float -> Int 60 | ceiling = primCeiling 61 | 62 | _<_ : Float -> Float -> Bool 63 | _<_ = primFloatLess 64 | 65 | _==_ : Float -> Float -> Bool 66 | f1 == f2 = not (f1 < f2) and not (f2 < f1) 67 | 68 | _<=_ : Float -> Float -> Bool 69 | f1 <= f2 = not (f2 < f1) 70 | 71 | _>=_ : Float -> Float -> Bool 72 | f1 >= f2 = f2 <= f1 73 | 74 | -------------------------------------------------------------------------------- /ref/test-vs-proof/Cezar/Int.agda: -------------------------------------------------------------------------------- 1 | module Cezar.Int where 2 | 3 | -- open import Cezar.Bool 4 | open import Data.Bool 5 | 6 | postulate Int : Set 7 | 8 | {-# BUILTIN INTEGER Int #-} 9 | 10 | primitive 11 | primIntegerPlus : Int -> Int -> Int 12 | primIntegerMinus : Int -> Int -> Int 13 | primIntegerTimes : Int -> Int -> Int 14 | primIntegerDiv : Int -> Int -> Int -- partial 15 | primIntegerMod : Int -> Int -> Int -- partial 16 | primIntegerEquality : Int -> Int -> Bool 17 | primIntegerLess : Int -> Int -> Bool 18 | 19 | _+_ : Int -> Int -> Int 20 | _+_ = primIntegerPlus 21 | 22 | _<_ : Int -> Int -> Bool 23 | _<_ = primIntegerLess 24 | 25 | -------------------------------------------------------------------------------- /ref/test-vs-proof/Cezar/Logic.agda: -------------------------------------------------------------------------------- 1 | {-# OPTIONS --universe-polymorphism #-} 2 | 3 | module Cezar.Logic where 4 | 5 | open import Level 6 | 7 | -- more polimorphic versions of the Cezar.Logic module 8 | 9 | data False : Set where 10 | 11 | contradiction : {l : Level}{A : Set l} -> False -> A 12 | contradiction () 13 | 14 | data True : Set where 15 | * : True 16 | 17 | ¬ : {l : Level} -> Set l -> Set l 18 | ¬ A = A -> False 19 | 20 | data _⋁_ {lA lB : Level} (A : Set lA) (B : Set lB) : Set (lA ⊔ lB) where 21 | inl : A -> A ⋁ B 22 | inr : B -> A ⋁ B 23 | 24 | ⋁Elim : {lA lB lC : Level} {A : Set lA} {B : Set lB} -> {C : A ⋁ B -> Set lC} -> 25 | ((a : A) -> C (inl a)) -> 26 | ((b : B) -> C (inr b)) -> 27 | (s : A ⋁ B) -> C s 28 | ⋁Elim f g (inl a) = f a 29 | ⋁Elim f g (inr b) = g b 30 | 31 | data _⋀_ {lA lB : Level} (A : Set lA) (B : Set lB) : Set (lA ⊔ lB) where 32 | _,_ : A -> B -> A ⋀ B 33 | 34 | fst : {lA lB : Level} {A : Set lA} {B : Set lB} -> 35 | A ⋀ B -> A 36 | fst (a , b) = a 37 | 38 | snd : {lA lB : Level} {A : Set lA} {B : Set lB} -> 39 | A ⋀ B -> B 40 | snd (a , b) = b 41 | 42 | infixl 10 _⋀_ 43 | infixl 6 _,_ 44 | 45 | data ∃ {lA lB : Level} {A : Set lA} (B : A -> Set lB) : Set (lA ⊔ lB) where 46 | _,_ : (a : A) -> B a -> ∃ B 47 | 48 | outl : {lA lB : Level} {A : Set lA} {B : A -> Set lB} -> 49 | ∃ B -> A 50 | outl (a , b) = a 51 | 52 | outr : {lA lB : Level} {A : Set lA} {B : A -> Set lB} -> 53 | (p : ∃ B) -> B (outl p) 54 | outr (a , b) = b 55 | 56 | _<->_ : {l l' : Level}(A : Set l)(B : Set l') -> Set (l ⊔ l') 57 | A <-> B = A -> B ⋀ B -> A -------------------------------------------------------------------------------- /ref/test-vs-proof/README.org: -------------------------------------------------------------------------------- 1 | * Some code from the "tesing vs. proving" paper 2 | + Needs updates to work with current Agda. 3 | 4 | -------------------------------------------------------------------------------- /ref/test-vs-proof/Types10.agda: -------------------------------------------------------------------------------- 1 | module Types10 where 2 | 3 | open import Relation.Binary.PropositionalEquality 4 | open import Relation.Binary hiding (Rel) 5 | open import Function using (_on_) 6 | import Relation.Binary.On as On 7 | open import Relation.Nullary.Core 8 | 9 | open import Data.Nat hiding (fold ; _<_) 10 | renaming (_≤_ to _≤n_ ; 11 | _+_ to _+n_) 12 | 13 | open import Cezar.Float renaming (_<=_ to _≤F_ ; 14 | _+_ to _+f_ ; 15 | _*_ to _*f_ ; 16 | _<_ to _ Set -> Set 23 | _×_ = _⋀_ 24 | 25 | _≤f_ = lift2 _≤F_ 26 | 27 | id : {A : Set} -> A -> A 28 | id a = a 29 | 30 | _∘_ : {A B C : Set} -> (B -> C) -> (A -> B) -> (A -> C) 31 | g ∘ f = \ a → g (f a) 32 | 33 | _=f=_ : {A B : Set} -> (f g : A -> B) -> Set 34 | f =f= g = ∀ a -> f a ≡ g a 35 | -- Alternatives without forall notation: 36 | -- f =f= g = (a : _) -> f a ≡ g a 37 | -- _=f=_ {A} f g = (a : A) -> f a ≡ g a 38 | 39 | record Functor (F : Set -> Set) : Set1 where 40 | field 41 | fmap : {A B : Set} -> (A -> B) -> F A -> F B 42 | idLaw : {A : Set} -> 43 | fmap (id {A}) =f= id {F A} 44 | compLaw : {A B C : Set} -> (f : B -> C) -> (g : A -> B) -> 45 | fmap (f ∘ g) =f= (fmap f ∘ fmap g) 46 | 47 | data List (A : Set) : Set where 48 | [_] : A -> List A 49 | _::_ : A -> List A -> List A 50 | 51 | fold : {A B : Set} -> (A -> B) -> (A -> B -> B) -> List A -> B 52 | fold w c [ a ] = w a 53 | fold w c (a :: as) = c a (fold w c as) 54 | 55 | 56 | map : {A B : Set} -> (A -> B) -> (List A -> List B) 57 | map f = fold ([_] ∘ f) (\ a bs → f a :: bs) 58 | 59 | mapId' : {A : Set} -> 60 | map (id {A}) =f= id 61 | mapId' [ a ] = refl 62 | mapId' (a :: as) with mapId' as 63 | ... | indHyp = cong (\ as → a :: as) indHyp 64 | 65 | mapComp' : {A B C : Set} -> (f : B -> C) -> (g : A -> B) -> 66 | map (f ∘ g) =f= (map f ∘ map g) 67 | mapComp' f g [ a ] = refl 68 | mapComp' f g (a :: as) with mapComp' f g as 69 | ... | indHyp = cong (\ as → f (g a) :: as) indHyp 70 | 71 | mapId : {A : Set} -> 72 | map (id {A}) =f= id 73 | mapId [ a ] = refl 74 | mapId (a :: as) = cong (\ as → a :: as) (mapId as) 75 | 76 | mapComp : {A B C : Set} -> (f : B -> C) -> (g : A -> B) -> 77 | map (f ∘ g) =f= (map f ∘ map g) 78 | mapComp f g [ a ] = refl 79 | mapComp f g (a :: as) = cong (\ as → f (g a) :: as) (mapComp f g as) 80 | 81 | FunctorList : Functor List 82 | FunctorList = record { fmap = map; 83 | idLaw = mapId; 84 | compLaw = mapComp } 85 | 86 | -- the Haskell type system cannot ensure functoriality 87 | map' : {A B : Set} -> (A -> B) -> (List A -> List B) 88 | map' f [ a ] = [ f a ] 89 | map' f (a :: as) = map' f as 90 | 91 | module Old where 92 | 93 | IsIncreasing : {A : Set} {_≤_ : A -> A -> Set} -> 94 | IsPreorder _≡_ _≤_ -> (A -> A) -> Set 95 | IsIncreasing {A} {_≤_} p≤ f = (a : A) -> a ≤ f a 96 | 97 | VulnMeas : {F : Set -> Set} -> Functor F -> 98 | {V : Set} -> {_≤_ : V -> V -> Set} -> IsPreorder _≡_ _≤_ -> 99 | {W : Set} -> {_⊑_ : W -> W -> Set} -> IsPreorder _≡_ _⊑_ -> 100 | (m : F V -> W) -> Set 101 | VulnMeas {F} fF {V} {_≤_} p≤ {W} {_⊑_} p⊑ m = 102 | (i : V -> V) -> IsIncreasing p≤ i -> 103 | (x : F V) -> 104 | m x ⊑ (m (fmap i x)) 105 | where fmap = Functor.fmap fF 106 | 107 | module New where 108 | IsIncreasing : {A : Set} (_≤_ : A -> A -> Set) -> 109 | (A -> A) -> Set 110 | IsIncreasing _≤_ f = ∀ a -> a ≤ f a 111 | 112 | VulnMeas : {F : Set -> Set} -> Functor F -> 113 | {V : Set} -> {_≤_ : V -> V -> Set} -> IsPreorder _≡_ _≤_ -> 114 | {W : Set} -> {_⊑_ : W -> W -> Set} -> IsPreorder _≡_ _⊑_ -> 115 | (m : F V -> W) -> Set 116 | VulnMeas {F} fF {V} {_≤_} p≤ {W} {_⊑_} p⊑ m = 117 | (i : V -> V) -> IsIncreasing _≤_ i -> 118 | IsIncreasing _m⊑_ (fmap i) 119 | where fmap = Functor.fmap fF 120 | _m⊑_ : F V -> F V -> Set 121 | x m⊑ y = m x ⊑ m y 122 | 123 | module NewSimple where 124 | IsIncreasing : {A : Set} {_≤_ : A -> A -> Set} -> 125 | (A -> A) -> Set 126 | IsIncreasing {A} {_≤_} f = (a : A) -> a ≤ f a 127 | 128 | -- Why should we carry around the IsPreorder evidence? It is not needed for IsIncreasing anymore. 129 | VulnMeas : {F : Set -> Set} -> Functor F -> 130 | {V : Set} -> (_≤_ : V -> V -> Set) -> 131 | {W : Set} -> (_⊑_ : W -> W -> Set) -> 132 | (m : F V -> W) -> Set 133 | VulnMeas {F} fF {V} _≤_ {W} _⊑_ m = 134 | (i : V -> V) -> IsIncreasing {V} {_≤_} i -> 135 | IsIncreasing {F V} {_m⊑_} (fmap i) 136 | where fmap = Functor.fmap fF 137 | _m⊑_ = \ x y -> m x ⊑ m y 138 | -- alternative def.: 139 | 140 | -- open Old 141 | open New 142 | -- open NewSimple -- requires updates further down 143 | 144 | postulate X Y : Set -- harm values and vulnerability values 145 | postulate _≤_ : X -> X -> Set -- preorder on X 146 | postulate _⊑_ : Y -> Y -> Set -- preorder on Y 147 | postulate p≤ : IsPreorder _≡_ _≤_ 148 | postulate p⊑ : IsPreorder _≡_ _⊑_ 149 | postulate F : Set -> Set 150 | postulate fF : Functor F 151 | postulate v : F X -> Y 152 | 153 | module MoreComplex where 154 | -- Patrik: another version based on inclusion / implication. Not used. 155 | 156 | Rel : Set -> Set1 157 | Rel A = A -> A -> Set 158 | 159 | RelLift : (F : Set -> Set) -> Set1 160 | RelLift F = {A : Set} -> Rel A -> Rel (F A) 161 | 162 | PreorderPreserving : (F : Set -> Set) -> RelLift F -> Set1 163 | PreorderPreserving F liftOrd = 164 | {V : Set} -> {_≤_ : V -> V -> Set} -> IsPreorder _≡_ _≤_ -> 165 | IsPreorder _≡_ (liftOrd _≤_) 166 | 167 | VulnMeas' : {F : Set -> Set} -> 168 | Functor F -> 169 | (liftF : RelLift F) -> 170 | (F⊑ : PreorderPreserving F liftF) -> 171 | {V : Set} -> {_≤_ : V -> V -> Set} -> 172 | IsPreorder _≡_ _≤_ -> 173 | {W : Set} -> {_⊑_ : W -> W -> Set} -> 174 | IsPreorder _≡_ _⊑_ -> 175 | (m : F V -> W) -> Set 176 | VulnMeas' {F} fF liftF F⊑ 177 | {V} {_≤_} p≤ 178 | {W} {_⊑_} p⊑ 179 | m 180 | = (liftF _≤_) ⇒ (_⊑_ on m) 181 | -- (liftF _≤_) ⇒ (_⊑_ on m) 182 | -- == forall xF yF. (liftF _≤_) xF yF -> (_⊑_ on m) xF yF 183 | 184 | -- _on_ is from Function.agda 185 | -- many preservation laws are in Relation/Binary/On.agda 186 | 187 | 188 | record SemiLattice {A : Set}{_≤_ : A -> A -> Set} 189 | (p≤ : IsPreorder _≡_ _≤_) : Set where 190 | field 191 | sup : A -> A -> A 192 | supComm : (a₁ a₂ : A) -> sup a₁ a₂ ≡ sup a₂ a₁ 193 | supUpperBoundL : (a₁ a₂ : A) -> a₁ ≤ sup a₁ a₂ 194 | supUpperBoundR : (a₁ a₂ : A) -> a₂ ≤ sup a₁ a₂ 195 | supLowestUB : (a₁ a₂ a₃ : A) -> (a₁ ≤ a₃) -> (a₂ ≤ a₃) -> 196 | (sup a₁ a₂ ≤ a₃) 197 | 198 | supMonL : (a₁ a₂ a₃ : A) -> (a₁ ≤ a₂) -> a₁ ≤ sup a₂ a₃ 199 | supMonL a₁ a₂ a₃ a₁≤a₂ = trans≤ a₁≤a₂ (supUpperBoundL a₂ a₃) 200 | where trans≤ = IsPreorder.trans p≤ 201 | 202 | supMonR : (a₁ a₂ a₃ : A) -> (a₁ ≤ a₃) -> a₁ ≤ sup a₂ a₃ 203 | supMonR a₁ a₂ a₃ a₁≤a₃ = trans≤ a₁≤a₃ (supUpperBoundR a₂ a₃) 204 | where trans≤ = IsPreorder.trans p≤ 205 | 206 | supMon : (a₁ a₂ : A) -> (a₁ ≤ a₂) -> 207 | (a₃ a₄ : A) -> (a₃ ≤ a₄) -> 208 | sup a₁ a₃ ≤ sup a₂ a₄ 209 | supMon a₁ a₂ a₁≤a₂ a₃ a₄ a₃≤a₄ = 210 | supLowestUB a₁ a₃ (sup a₂ a₄) 211 | (supMonL a₁ a₂ a₄ a₁≤a₂) 212 | (supMonR a₃ a₂ a₄ a₃≤a₄) 213 | 214 | maximum : {A : Set} {_≤_ : A -> A -> Set} -> 215 | (p≤ : IsPreorder _≡_ _≤_) -> SemiLattice p≤ -> 216 | List A -> A 217 | maximum p≤ sl [ a ] = a 218 | maximum p≤ sl (a :: as) = sup a (maximum p≤ sl as) 219 | where sup = SemiLattice.sup sl 220 | 221 | {- 222 | maximum : {A : Set} {_≤_ : A -> A -> Set} -> 223 | IsPreorder _≡_ _≤_ -> Decidable _≤_ -> 224 | List A -> A 225 | maximum p≤ dec [ a ] = a 226 | maximum p≤ dec (a :: as) with dec a (maximum p≤ dec as) 227 | maximum p≤ dec (a :: as) | yes a≤max = maximum p≤ dec as 228 | maximum p≤ dec (a :: as) | no a⟩max = a 229 | -} 230 | 231 | maxMeas : {A : Set} {_≤_ : A -> A -> Set} -> 232 | (p≤ : IsPreorder _≡_ _≤_) -> 233 | (sl : SemiLattice p≤) -> 234 | VulnMeas FunctorList p≤ p≤ (maximum p≤ sl) 235 | maxMeas p≤ sl f nd [ a ] = nd a 236 | maxMeas p≤ sl f nd (a :: as) with maxMeas p≤ sl f nd as 237 | ... | m = supMon a (f a) (nd a) 238 | (maximum p≤ sl as) (maximum p≤ sl (map f as)) 239 | m 240 | where supMon = SemiLattice.supMon sl 241 | 242 | 243 | maximum' : {A : Set} {_≤_ : A -> A -> Set} -> 244 | (p≤ : IsPreorder _≡_ _≤_) -> SemiLattice p≤ -> 245 | List A -> A 246 | maximum' p≤ sl = fold (\ a -> a) sup 247 | where sup = SemiLattice.sup sl 248 | 249 | IsMonotonous : {A : Set} -> {_≤A_ : A -> A -> Set} -> (pA : IsPreorder _≡_ _≤A_) -> 250 | {B : Set} -> {_≤B_ : B -> B -> Set} -> (pB : IsPreorder _≡_ _≤B_) -> 251 | (A -> B) -> 252 | Set 253 | IsMonotonous {A}{_≤A_} pA {B}{_≤B_} pB f = 254 | (a₁ a₂ : A) -> (a₁ ≤A a₂) -> f a₁ ≤B f a₂ 255 | 256 | IsMonotonous₂ : {A : Set} -> {_≤A_ : A -> A -> Set} -> (pA : IsPreorder _≡_ _≤A_) -> 257 | {B : Set} -> {_≤B_ : B -> B -> Set} -> (pB : IsPreorder _≡_ _≤B_) -> 258 | {C : Set} -> {_≤C_ : C -> C -> Set} -> (pC : IsPreorder _≡_ _≤C_) -> 259 | (A -> B -> C) -> 260 | Set 261 | IsMonotonous₂ {A}{_≤A_} pA {B}{_≤B_} pB {C}{_≤C_} pC f = 262 | (a₁ a₂ : A) -> (a₁ ≤A a₂) -> 263 | (b₁ b₂ : B) -> (b₁ ≤B b₂) -> f a₁ b₁ ≤C f a₂ b₂ 264 | 265 | foldMeas : {A : Set} -> {_≤A_ : A -> A -> Set} -> (pA : IsPreorder _≡_ _≤A_) -> 266 | {B : Set} -> {_≤B_ : B -> B -> Set} -> (pB : IsPreorder _≡_ _≤B_) -> 267 | (w : A -> B) -> IsMonotonous pA pB w -> 268 | (c : A -> B -> B) -> IsMonotonous₂ pA pB pB c -> 269 | VulnMeas FunctorList pA pB (fold w c) 270 | foldMeas pA pB w monw c mon₂c i isInc [ a ] = monw a (i a) (isInc a) 271 | {- 272 | -- partially filled in: 273 | foldMeas pA pB w monw c mon₂c i isInc (a :: as) = mon₂c ? ? ? ? ? ? 274 | -- checked that Agsy (C-c C-a) fills in the holes up to this point: 275 | foldMeas pA pB w monw c mon₂c i isInc (a :: as) = 276 | mon₂c a (i a) (isInc a) 277 | (fold w c as) 278 | (fold w c (fold (λ x → [ i x ]) (λ x → _::_ (i x)) as)) 279 | ? 280 | -} 281 | foldMeas pA pB w monw c mon₂c i isInc (a :: as) = 282 | mon₂c a (i a) (isInc a) 283 | (fold w c as) (fold w c (map i as)) (foldMeas pA pB w monw c mon₂c i isInc as) 284 | 285 | maxMeas' : {A : Set} -> {_≤A_ : A -> A -> Set} -> (pA : IsPreorder _≡_ _≤A_) -> 286 | (sl : SemiLattice pA) -> 287 | VulnMeas FunctorList pA pA (maximum' pA sl) 288 | maxMeas' pA sl = foldMeas pA pA 289 | (\ a -> a) (\ a₁ a₂ a₁≤a₂ -> a₁≤a₂) 290 | (SemiLattice.sup sl) (SemiLattice.supMon sl) 291 | 292 | avg' : List Float -> Float × ℕ 293 | avg' = fold w c 294 | where w : Float -> Float × ℕ 295 | w x = (x , 1) 296 | c : Float -> Float × ℕ -> Float × ℕ 297 | c x (sum , len) = (x +f sum) , (1 +n len) 298 | 299 | 300 | primitive 301 | primNatToInteger : ℕ -> Int 302 | 303 | nat2float : ℕ -> Float 304 | nat2float n = primIntegerToFloat (primNatToInteger n) 305 | 306 | _≤fn_ : Float × ℕ -> Float × ℕ -> Set 307 | (x , m) ≤fn (y , n) = let nf = nat2float n 308 | mf = nat2float m 309 | in 310 | (x *f nf) ≤f (y *f mf) 311 | 312 | 313 | sumList : List (Float × Int) -> Float × Int 314 | sumList = fold id f 315 | where f : Float × Int -> Float × Int -> Float × Int 316 | f (x , n) (x' , n') = (x +f x' , n +i n') 317 | 318 | maxf : Float -> Float -> Float 319 | maxf x y = if x ℕ -> Bool 322 | zero < n = false 323 | (suc m) < zero = false 324 | (suc m) < (suc n) = m < n 325 | 326 | maxi : Int -> Int -> Int 327 | maxi m n = if m Float × Int 330 | supList = fold id f 331 | where f : Float × Int -> Float × Int -> Float × Int 332 | f (x , n) (x' , n') = (maxf x x' , maxi n n') 333 | 334 | postulate ≤fRefl : (x : Float) -> x ≤f x 335 | postulate ≤fTrans : (x y z : Float) -> 336 | x ≤f y -> y ≤f z -> x ≤f z 337 | 338 | postulate +fmon : (x y x' y' : Float) -> 339 | x ≤f x' -> y ≤f y' -> 340 | (x +f y) ≤f (x' +f y') 341 | -------------------------------------------------------------------------------- /ref/test-vs-proof/Types10.hs: -------------------------------------------------------------------------------- 1 | module Types10 where 2 | 3 | data List a = Wrap a | Cons a (List a) 4 | deriving (Ord, Eq, Show) 5 | 6 | fold :: (a -> b) -> (a -> b -> b) -> List a -> b 7 | fold w c (Wrap a) = w a 8 | fold w c (Cons a as) = c a (fold w c as) 9 | 10 | instance Functor List where 11 | fmap f = fold (Wrap . f) (\ a bs -> Cons (f a) bs) 12 | 13 | 14 | class POrd a where 15 | leq :: a -> a -> Bool 16 | 17 | instance (POrd a, POrd b) => POrd (a, b) where 18 | (a1, b1) `leq` (a2, b2) = a1 `leq` a2 && b1 `leq` b2 19 | 20 | sumList :: List (Float, Int) -> (Float, Int) 21 | sumList = fold id c 22 | where c (x, n) (x', n') = (x + x', n + n') 23 | 24 | maxList :: List (Float, Int) -> (Float, Int) 25 | maxList = fold id c 26 | where c (x, n) (x', n') = (max x x', max n n') 27 | 28 | testList :: List (Float, Int) 29 | testList = Cons (1.3, 10) 30 | ( Cons (3.7, 5) 31 | ( Cons (2.1, 2) 32 | ( Wrap (21.8, 15)))) 33 | 34 | 35 | 36 | 37 | --------------------------------------------------------------------------------