Proof Strategy Graphs (PSGraphs)

• Proof Strategy Graphs are a graphical formalism that represents and controls proof tactics using nodes and goal-type annotated edges for modular, type-safe strategy composition.
• They utilize controlled graph rewriting and dedicated strategy languages to manage focus positions and iterative tactic applications, enhancing debuggability.
• PSGraphs enable interactive, visual proof development and integration with tools like PORGY, supporting robust automation in theorem proving.

Proof Strategy Graphs (PSGraphs) are a graphical formalism for representing and controlling proof strategies, enabling the explicit encoding, visualization, manipulation, and evaluation of automated and interactive proof tactics through graph-based structures and rewritings. PSGraphs provide an alternative to traditional linear, combinator-based tactic languages by wiring together tactic nodes with goal-type annotated edges, supporting robust, type-safe, modular, and debuggable development of complex proof strategies.

1. Concept and Structure of PSGraphs

A Proof Strategy Graph (PSGraph) is a directed, open graph in which nodes represent tactics (atomic or graph tactics), and edges represent goal flow—conditions and transformations applied to logical goals throughout proof search (Grov et al., 2013, Grov et al., 2014). Edges are annotated with goal types, which are predicates characterizing the class of goals permitted to traverse each edge; this enforces type safety and robustness of tactic composition, as only precisely specified kinds of goals can reach a given tactic node.

Key structural features:

• Nodes: Represent atomic tactics, graph tactics (nested subgraphs), identity tactics (for merging/splitting flows), or goal nodes with optional environment information.
• Edges: Directed and possibly "open" (corresponding to inputs/output interfaces). Each is labeled by a goal type predicate controlling admissible goal propagation.
• Goal Nodes: Circulate through the graph, representing open goals/subgoals to which tactics are to be applied.
• Hierarchy: PSGraphs can be composed hierarchically—subgraphs may be abstracted as higher-level graph tactics, promoting modularity and code reuse.

During evaluation, a goal is injected into the input edges, flows through tactic nodes as dictated by the wiring and goal types, and is eventually consumed if fully solved, or output if unresolved. The process is governed by graphical rewrite rules parameterized by the underlying tactic semantics.

2. Control and Rewriting via Strategy Languages

PSGraphs are executed and transformed using a dedicated strategy language compatible with graph rewriting environments such as PORGY (Fernández et al., 2010, Andrei et al., 2011, Fernández et al., 2014). Essential concepts include:

• Located Graphs: PSGraphs maintain a current focus position $P$ in the overall graph $G$, written $G[P]$. This allows strategies to restrict rule applications to specific subgraphs, such as open subgoals or proof substructures.
• Controlled Rewriting: A rewrite rule $L \to R$ can be controlled and focused via $(L \to R)_M$, where $M \subseteq R$ designates the new focus post-rewrite. Application is restricted if $g(L) \cap P \neq \varnothing$, ensuring relevance to the selected proof region.
• Strategy Constructs: The language supports:
  • Repeat/Iteration: $$\mathtt{repeat}_+(S) \triangleq \mathit{while}\,(S)\,\mathit{do}\,(S)\,\mathit{min}(1)\,\mathit{max}(-1)$$ applies $S$ repeatedly until fixpoint.
  • Conditionals: $$\mathit{Try}(S) \triangleq \mathit{if}\,(S)\,\mathit{then}\,(S)\,\mathit{else}\,(Id)$$ tries $S$ and falls back to the identity if not applicable.
  • Position Manipulation: Operations such as $\mathit{CrtPos}$, $\mathit{AllSuc}$, and $\mathit{SetPos}(P')$ select or update the focus position for the next rewrite.
• Algorithmic Template: Typical algorithms specify an initial focus, repeatedly check for rewrite applicability via matching against $L$ within $P$, apply rewrite rules updating focus to $M$, and sequence or branch according to proof progress.

Example (for a weakening strategy): $\begin{array}{l} \textbf{Algorithm PSGraphWeakening:} \ \quad \text{Input: PSGraph } G[P] \ \quad \text{while } P \neq \varnothing \text{ do} \ \quad\quad \text{if } \exists g: g(L) \cap P \neq \varnothing \text{ then} \ \quad\quad\quad \sema{ (L \Rightarrow R)_M, G[P] } \ \quad\quad \text{else break;} \ \quad \text{end while} \ \quad \text{Output: Transformed proof } G'[P'] \end{array}$ This formalism tightly couples graph rewriting with explicit, navigable proof strategy control.

3. Interactive Visual Environments and Tool Support

The PSGraph paradigm is supported by graph rewriting and visualization environments such as PORGY (Fernández et al., 2010, Andrei et al., 2011, Fernández et al., 2014). Key features are:

• Interactive Editing: Users build, edit, and compose PSGraphs interactively, drawing tactic nodes, connecting wires, and annotating with goal types.
• Visualization of Focus and Rewriting: The explicit maintenance of a current position $P$ is represented by graphical highlighting, enabling the user to observe and manipulate proof focus and subgoal propagation visually.
• Strategy Trees: The strategy language is compiled into a tree structure for execution, whose traversal corresponds to the application of tactic and control operators.
• Derivation Traces: The entire sequence of rewritings and focus shifts can be traced and visualized, facilitating debugging and analysis.
• Integration with TULIP: PORGY’s integration with TULIP provides scalable rendering for large or complex PSGraphs, with detail-on-demand, zooming, panning, and selection support.
• Benefits: Enhanced debugging (via step-by-step traces), direct manipulation of focus and subgoals (e.g., via $\mathit{SetPos}$), modular combinatorial construction of strategies, and interactive error tracking.

These features collectively support both the construction and the live evaluation/animation of complex proof strategies, efficiently linking logical tactics with their operational effects.

4. Graphical and Declarative Proof Development

PSGraphs fundamentally enable a declarative, visual paradigm for constructing proof strategies (Grov et al., 2013, Lin et al., 2016). This is characterized by:

• Robust Proof Plans: Tactic composition becomes explicit and type-safe, as wires enforce that only goals of the appropriate type are passed between tactics. This removes brittleness with respect to subgoal order and number, a major weakness in stack-based tactic languages.
• Declarativity: The graphical representation allows high-level plans to be made explicit. Strategic operators such as branching, merging, feedback loops (e.g., “repeat until done”), and hierarchies (via graph tactics) are all made manifest in the structure.
• Debuggability: Errors such as type mismatches or unsolvable subgoals can be immediately localized to specific nodes or edges. The evaluation fails “as soon as” a goal cannot proceed along an admissible wire.
• Extensibility: Strategies can be refactored modularly (e.g., substituting or replacing subgraphs), and graph tactics can be parameterized for reuse.
• Integration with Higher-Level Proof Infrastructure: PSGraphs are designed to interoperate with tactic-based proof assistants such as Isabelle and ProofPower, and are realized in toolchains such as Tinker (Grov et al., 2014, Lin et al., 2016), with support for breakpoints, environment passing, and stepwise animation.

This approach clarifies and exposes the “strategy” by emphasizing goal movement and tactical responsibility, in contrast to the procedural opacity of nested combinator scripts.

5. Applications, Benefits, and Limitations

PSGraphs find utility in a variety of automated and interactive theorem proving scenarios:

Applications:

• Proof Automation: Encoding high-level proof strategies, such as induction with goal-sensitive tactic routing (e.g., “rippling” for inductive reasoning (Grov et al., 2013)).
• Large-Scale and Domain-Specific Strategies: Modular construction and debugging of industrial-scale tactics, transfer to verification case studies (e.g., security properties, control system design).
• Tool Integration: Seamless combination of graphical strategy design with prover backends, supporting interactive refactoring and exploration.

Benefits:

• Enhanced Debugging and Maintenance: Interactive execution traces, immediate feedback for errors, visual explanation of proof structure, and modular, parameterized construction.
• Modularity and Compositionality: Strategies are built from smaller units, enable code reuse, and facilitate maintenance.
• Explicitness and Robustness: Flow and control are explicit, reducing accidental dependencies; type-annotated edges enforce correct routing and fail early on mismatches.
• Scalability of Visualization: Environments like PORGY and TULIP allow practical manipulation of large, complex proof strategies.
• Alignment with Graph Rewriting Advances: Techniques from port graph rewriting and position-aware strategies (e.g., located graphs, controlled application via $G[P]$) naturally transfer to PSGraphs.

Limitations:

• Scalability of Focus Visualization: For very large graphs, maintaining clarity of the current focus ($P$) may be challenging even with sophisticated visualization.
• Learning Curve: Mastery of the expressive strategy language and correspondence between proof theoretic and graph rewriting concepts requires nontrivial expertise, particularly in crafting property-based or parallel position updates.
• Mapping Between Logical and Graphical Concepts: The user must define the mapping between logical inference, subgoal shaping, and graphical rewriting explicitly; not every logical environment provides direct analogues.
• Tooling and Ecosystem Maturation: While advanced, the ecosystem around PSGraphs is newer and less mature than traditional, text-based tactic scripting environments.

6. Theoretical Foundations and Generalization

The PSGraph approach is grounded in graph rewriting theory and benefits from advances in strategic programming on graphs (Fernández et al., 2010). Key theoretical constructs include:

• Located Graphs and Positions: The idea of focusing on explicit positions in the graph ($G[P]$), with rewrites constrained to overlaps in $P$ and morphisms $g(L)$.
• Strategy Grammars: Fine-grained syntax for rule application ($A$), position updating ($T$), and full strategies ($S$), including sequential composition, conditionals, iteration, and parallelism.
• Operational Semantics: Evaluation and rewriting progress by transitions over configurations $(S, G[P])$ subject to strategy grammar.
• Algorithmic Computation: Standard proof-strategy patterns—such as looping until no further rewrites are possible, or fallback choice (if-then-else)—have graphical analogues allowing for algorithmic composition (see “Algorithm PSGraphWeakening”).
• Relation to Port Graph Rewriting and General Graph Transformation: Reusing notions of arrow nodes, black hole ports, and focusing operations as defined in port graph rewriting systems (Fernández et al., 2014, Andrei et al., 2011).
• Decidability and Matching: For certain classes of graphs and rules, the application of rewriting steps and verification of applicability is algorithmically tractable (e.g., via variations of subgraph isomorphism and matching algorithms).

This theoretical grounding supports the sound, expressive, and general manipulation of proof strategies through graph-based control, informing their compositional design, execution semantics, and debugging paradigms.

---

By synthesizing high-level strategic control, explicit flow typing, modular composition, and interactive visual environments, Proof Strategy Graphs provide a robust foundation for the construction, maintenance, and understanding of proof strategies in contemporary theorem proving and automated reasoning workflows (Fernández et al., 2010, Grov et al., 2013, Grov et al., 2014, Lin et al., 2016, Fernández et al., 2014, Andrei et al., 2011).