Customised induction rules for proving correctness of imperative programs

In this paper we develop a method for automatic construction of customised induction rules for use in a semi-interactive theorem prover. The induction rules are developed to prove the total correctness of loops in an imperative language. We concentrate on integers. First we compute a partition of the domain of the induction variable. Our method makes use of failed proof attempts in the theorem prover to gain information about the problem structure and create the partition. Then, based on this partition we create an induction rule, in destructor style, that is customised to make the proving of the loop simpler. Our concern is in user interaction, rather than in proof strength. Using the customised induction rules, we find that in comparison to standard (Peano) induction or Noetherian induction, the proofs become more modularised and simpler user interaction can be expected. Furthermore, by using destructor style induction we circumvent the problem of creating inverses of functions and we use the machinery of a theorem prover (with symbolic execution) to make the method automatic. We also show that the customised induction rules created by the method are sound.