Machine-checked reasoning about complex voting schemes using higher-order logic

Abstract

We describe how we first formally encoded the Englishlanguage Parliamentary Act for the Hare-Clark Single Transferable Vote-counting scheme used in the Australian state of Tasmania into higher-order logic, producing SPECHOL. Based on this logical specification, we then encoded an SML program to count ballots according to this specification inside the interactive theorem prover HOL4, giving us IMPHOL. We then manually transliterated the program as a real SML program IMP. We are currently verifying that the formalisation of the implementation implies the formalisation of the specification: that is, we are using the HOL4 interactive theorem prover to prove the implication IMPHOL→ SPECHOL. Show more