Certified Programs and Proofs (CPP) is an international conference on practical and theoretical topics in all areas that consider formal verification and certification as an essential paradigm for their work. CPP spans areas of computer science, mathematics, logic, and education. CPP is sponsored by ACM SIGPLAN, in cooperation with ACM SIGLOG.
CPP 2022 will be held on 17-18 January 2022 and will be co-located with POPL 2022 in Philadelphia, Pennsylvania, United States. Additional details will be published as they become available.
Call for Papers
Certified Programs and Proofs (CPP) is an international conference on practical and theoretical topics in all areas that consider formal verification and certification as an essential paradigm for their work. CPP spans areas of computer science, mathematics, logic, and education.
CPP 2022 (https://popl22.sigplan.org/home/CPP-2022) will be held on 17-18 January 2022 and will be co-located with POPL 2022. CPP 2022 is sponsored by ACM SIGPLAN, in cooperation with ACM SIGLOG.
CPP 2022 will welcome contributions from all members of the community. The CPP 2022 organizers will strive to enable both in-person and remote participation, in cooperation with the POPL 2022 organizers.
If the authors of a CPP 2022 accepted paper will be unable or unwilling to travel to the conference, the organizers can confirm that this will not affect the paper’s publication in the proceedings, and the authors will be able to upload recorded talks that will be made publicly available.
- June Andronick (Proofcraft, UNSW and seL4 Foundation, Australia)
- Andrew Appel (Princeton University, USA)
- César Muñoz (Formerly at NASA, USA)
- Abstract Submission Deadline: 16 September 2021 at 23:59 AoE (UTC-12h)
- Paper Submission Deadline: 22 September 2021 at 23:59 AoE (UTC-12h)
- Notification (tentative): 22 November 2021
- Camera Ready Deadline: 10 December 2021
- Conference: 17-18 January 2022
Deadlines expire at the end of the day, anywhere on earth. Abstract and submission deadlines are strict and there will be no extensions.
Around 10% of the accepted papers at CPP 2022 will be designated as Distinguished Papers. This award highlights papers that the CPP program committee thinks should be read by a broad audience due to their relevance, originality, significance and clarity.
We welcome submissions in research areas related to formal certification of programs and proofs. The following is a non-exhaustive list of topics of interest to CPP:
- certified or certifying programming, compilation, linking, OS kernels, runtime systems, security monitors, and hardware;
- certified mathematical libraries and mathematical theorems;
- proof assistants (e.g, ACL2, Agda, Coq, Dafny, F*, HOL4, HOL Light, Idris, Isabelle, Lean, Mizar, Nuprl, PVS, etc);
- new languages and tools for certified programming;
- program analysis, program verification, and program synthesis;
- program logics, type systems, and semantics for certified code;
- logics for certifying concurrent and distributed systems;
- mechanized metatheory, formalized programming language semantics, and logical frameworks;
- higher-order logics, dependent type theory, proof theory, logical systems, separation logics, and logics for security;
- verification of correctness and security properties;
- formally verified blockchains and smart contracts;
- certificates for decision procedures, including linear algebra, polynomial systems, SAT, SMT, and unification in algebras of interest;
- certificates for semi-decision procedures, including equality, first-order logic, and higher-order unification;
- certificates for program termination;
- formal models of computation;
- mechanized (un)decidability and computational complexity proofs;
- formally certified methods for induction and coinduction;
- integration of interactive and automated provers;
- logical foundations of proof assistants;
- applications of AI and machine learning to formal certification;
- user interfaces for proof assistants and theorem provers;
- teaching mathematics and computer science with proof assistants.
Prior to the paper submission deadline, the authors should upload their anonymized paper in PDF format through the HotCRP system at
The submissions must be written in English and provide sufficient detail to allow the program committee to assess the merits of the contribution. They must be formatted following the ACM SIGPLAN Proceedings format using the acmart style with the sigplan option, which provides a two-column style, using 10 point font for the main text, and a header for double blind review submission, i.e.,
The submitted papers should not exceed 12 pages, including tables and figures, but excluding bibliography and clearly marked appendices. The papers should be self-contained without the appendices. Shorter papers are welcome and will be given equal consideration. Submissions not conforming to the requirements concerning format and maximum length may be rejected without further consideration.
CPP 2022 will employ a lightweight double-blind reviewing process. To facilitate this, the submissions must adhere to two rules:
(1) author names and institutions must be omitted, and
(2) references to authors’ own related work should be in the third person (e.g., not “We build on our previous work …” but rather “We build on the work of …”).
The purpose of this process is to help the PC and external reviewers come to an initial judgment about the paper without bias, not to make it impossible for them to discover the authors if they were to try. Nothing should be done in the name of anonymity that weakens the submission or makes the job of reviewing it more difficult. In particular, important background references should not be omitted or anonymized. In addition, authors are free to disseminate their ideas or draft versions of their papers as usual. For example, authors may post drafts of their papers on the web or give talks on their research ideas. POPL has answers to frequently asked questions addressing many common concerns: https://popl20.sigplan.org/track/POPL-2020-Research-Papers#Submission-and-Reviewing-FAQ
We strongly encourage the authors to provide any supplementary material that supports the claims made in the paper, such as proof scripts or experimental data. This material must be uploaded at submission time, as an archive, not via a URL. Two forms of supplementary material may be submitted:
(1) Anonymous supplementary material is made available to the reviewers before they submit their first-draft reviews.
(2) Non-anonymous supplementary material is made available to the reviewers after they have submitted their first-draft reviews and have learned the identity of the authors.
Please use anonymous supplementary material whenever possible, so that it can be taken into account from the beginning of the reviewing process.
The submitted papers must adhere to the SIGPLAN Republication Policy (https://www.sigplan.org/Resources/Policies/Republication/) and the ACM Policy on Plagiarism (https://www.acm.org/publications/policies/plagiarism). Concurrent submissions to other conferences, journals, workshops with proceedings, or similar forums of publication are not allowed. The PC chairs should be informed of closely related work submitted to a conference or journal in advance of submission. One author of each accepted paper is expected to present it at the (possibly virtual) conference.
The CPP 2022 proceedings will be published by the ACM, and authors of accepted papers will be required to choose one of the following publication options:
(1) Author retains copyright of the work and grants ACM a non-exclusive permission-to-publish license and, optionally, licenses the work under a Creative Commons license.
(2) Author retains copyright of the work and grants ACM an exclusive permission-to-publish license.
(3) Author transfers copyright of the work to ACM.
For authors who can afford it, we recommend option (1), which will make the paper Gold Open Access, and also encourage such authors to license their work under the CC-BY license. ACM will charge you an article processing fee for this option (currently, US$700), which you have to pay directly with the ACM. You don’t need to pay this fee if the corresponding author’s affiliating institution is part of ACM OPEN.
For everyone else, we recommend option (2), which is free and allows you to achieve Green Open Access, by uploading a preprint of your paper to a repository that guarantees permanent archival such as arXiv or HAL. This is anyway a good idea for timely dissemination even if you chose option 1. Ensuring timely dissemination is particularly important for this edition, since, because of the very tight schedule, the official proceedings might not be available in time for CPP.
The official CPP 2022 proceedings will also be available via SIGPLAN OpenTOC (http://www.sigplan.org/OpenTOC/#cpp).
For ACM’s take on this, see their Copyright Policy (http://www.acm.org/publications/policies/copyright-policy) and Author Rights (http://authors.acm.org/main.html).
For any questions please contact the two PC chairs:
The ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP) covers all areas that consider formal verification and certification as an essential paradigm for their work. CPP spans areas of computer science, mathematics, logic, and education and brings together 100+ researchers and practitioners to present the latest developments in formal verification.
CPP welcomes corporate donations to help maintain and improve the overall experience at the conference. The money we get from corporate sponsors will generally be used to subsidize student attendance (e.g., registration waiving, which generally increases student participation), to pay for live streaming and recording CPP, facilitate online interaction, and introduce a new distinguished paper award. This will also allow us explore new ideas such as covering the fees that would make CPP open access for everyone.
- CPP 2022 (https://popl22.sigplan.org/home/CPP-2022) will be held on 16-18 January 2022 and will be co-located with POPL 2022 in Philadelphia, Pennsylvania, United States.
- company name and logo prominently displayed on the CPP website
- acknowledgment in the CPP PC chairs’ statement for the proceedings
- acknowledgment in the CPP chairs’ report talk
- online conference: video room for interacting with conference participants during breaks
- physical conference: opportunity to display information material on a shared table near the registration desk or the conference room
- one complimentary registration to CPP
Bronze benefits plus
- acknowledgement as a sponsor of one invited talk
- logo will be displayed on the screen before each session
- in-person conference: dedicated table space for interacting with participants for one day of CPP
- one additional complimentary registration to CPP (2 total)
Silver benefits plus:
- acknowledgment as a sponsor of all invited talks
- in-person conference: dedicated table space for interacting with participants for all days of CPP
- one additional complimentary registrations to CPP (3 total)
Gold benefits plus:
- sponsor of the CPP dinner (in case of a physical conference)
- an opportunity for a representative from the company to address the attendees for 10 minutes, immediately before or after the chairs’ report (virtual conference) or at the conference dinner (physical conference)
- potential to accommodate alternative arrangements, in coordination with POPL and subject to ACM guidelines
- one additional complimentary registration to CPP (4 total)
Sponsors help offset the considerable expense involved in staging the conference, reducing the financial barriers to participation and enhancing inclusivity. We aim to foster a diverse community with participants from varied disciplines, organizations, and geographic locations. We value and encourage participation from across academia, industry, government, and civil society. At the same time, outside contributions can raise concerns about the independence of the conference and the legitimacy the conference may confer on sponsors. We take these concerns seriously and have taken steps to maintain a transparent and appropriate relationship with our sponsors:
- We acknowledge all sources of financial support.
- We disclose all benefits that sponsors receive in exchange for their contribution.
- We ensure that sponsors have no say over the paper selection process, the composition of the program committees, the choice of invited speakers, or the selection of award winners. The substance and structure of the conference are determined independently by the program committee using a rigorous, lightweight double-blind peer review process.
- We only allow sponsors to contribute to a general fund and do not allow sponsors to further specify how their contributions should be spent.
We are grateful to receive financial support from organizations that respect our twin goals of inclusivity and independence.
Questions about how to support CPP may be directed to the conference chairs.
The CPP Series
- CPP 2021, Online, January 17-19, 2021 (co-located with POPL’21)
- CPP 2020, New Orleans, Louisiana, USA, January 20-21, 2020 (co-located with POPL’20)
- CPP 2019, Cascais/Lisbon, Portugal, January 14-15, 2019 (co-located with POPL’19)
- CPP 2018, Los Angeles, USA, January 8-9, 2018 (co-located with POPL’18)
- CPP 2017, Paris, France, January 16-17, 2017 (co-located with POPL’17)
- CPP 2016, Saint Petersburg, Florida, USA, January 18-19, 2016 (co-located with POPL’16)
- CPP 2015, Mumbai, India, January 13-14, 2015 (co-located with POPL’15)
- CPP 2013, Melbourne, Australia, December 11-13, 2013 (co-located with APLAS’13)
- CPP 2012, Kyoto, Japan, December 13-15, 2012 (collocation with APLAS’12)
- CPP 2011, Kenting, Taiwan, December 7-9, 2011 (co-located with APLAS’11)
The official CPP proceedings since 2015 are also available via SIGPLAN OpenTOC.
- CPP 2021: A Minimalistic Verified Bootstrapped Compiler (Proof Pearl). Magnus O. Myreen.
- CPP 2021: Formalizing the Ring of Witt Vectors. Johan Commelin and Robert Y. Lewis.
- CPP 2021: Machine-Checked Semantic Session Typing. Jonas Kastberg Hinrichsen, Daniël Louwrink, Robbert Krebbers, and Jesper Bengtson.
In this manifesto, we advocate for the creation of a new international conference in the area of formal methods and programming languages, called Certified Programs and Proofs (CPP). Certification here means formal, mechanized verification of some sort, preferably with the production of independently checkable certificates. CPP would target any research promoting formal development of certified software and proofs, that is:
- The development of certified or certifying programs
- The development of certified mathematical theories
- The development of new languages and tools for certified programming
- New program logics, type systems, and semantics for certified code
- New automated or interactive tools and provers for certification
- Results assessed by an original open source formal development
- Original teaching material based on a proof assistant
Software today is still developed without precise specification. A developer often starts the programming task with a rather informal specification. After careful engineering, the developer delivers a program that may not fully satisfy the specification. Extensive testing and debugging may shrink the gap between the two, but there is no assurance that the program accurately follows the specification. Such inaccuracy may not always be significant, but when a developer links a large number of such modules together, these “noises” may multiply, leading to a system that nobody can understand and manage. System software built this way often contains hard-to-find “zero-day vulnerabilities” that become easy targets for Stuxnet-like attacks. CPP aims to promote the development of new languages and tools for building certified programs and for making programming precise.
Certified software consists of an executable program plus a formal proof that the software is free of bugs with respect to a particular dependability claim. With certified software, the dependability of a software system is measured by the actual formal claim that it is able to certify. Because the claim comes with a mechanized proof, the dependability can be checked independently and automatically in an extremely reliable way. The formal dependability claim can range from making almost no guarantee, to simple type safety property, or all the way to deep liveness, security, and correctness properties. It provides a great metric for comparing different techniques and making steady progress in constructing dependable software.
The conventional wisdom is that certified software will never be practical because any real software must also rely on the underlying runtime system which is too low-level and complex to be verifiable. In recent years, however, there have been many advances in the theory and engineering of mechanized proof systems applied to verification of low-level code, including proof-carrying code, certified assembly programming, local reasoning and separation logic, certified linking of heterogeneous components, certified protocols, certified garbage collectors, certified or certifying compilation, and certified OS-kernels. CPP intends to be a driving force that would facilitate the rapid development of this exciting new area, and be a natural international forum for such work.
The recent development in several areas of modern mathematics requires mathematical proofs containing enormous computation that cannot be verified by mathematicians in an entire lifetime. Such development has puzzled the mathematical community and prompted some of our colleagues in mathematics and computer science to start developing a new paradigm, formal mathematics, which requires proofs to be verified by a reliable theorem prover. As particular examples, such an effort has been made for the four-color theorem and has started for the sphere packing problem and the classification of finite groups. We believe that this emerging paradigm is the beginning of a new era. No essential existing theorem in computer science has yet been considered worth a similar effort, but it could well happen in the very near future. For example, existing results in security would often benefit from a formal development allowing us to exhibit the essential hypotheses under which the result really holds. CPP would again be a natural international forum for this kind of work, either in mathematics or in computer science, and would participate strongly in the emergence of this paradigm.
On the other hand, there is a recent trend in computer science to formally prove new results in highly technical subjects such as computational logic, at least in part. In whichever scientific area, formal proofs have three major advantages: no assumption can be missing, as is sometimes the case; the result cannot be disputed by a wrong counterexample, as sometimes happens; and more importantly, a formal development often results in a better understanding of the proof or program, and hence results in easier and better implementation. This new trend is becoming strong in computer science work, but is not recognized yet as it should be by traditional conferences. CPP would be a natural forum promoting this trend.
There are not many proof assistants around. There should be more, because progress benefits from competition. On the other hand, there is much theoretical work that could be implemented in the form of a proof assistant, but this does not really happen. One reason is that it is hard to publish a development work, especially when this requires a long-term effort as is the case for a proof assistant. It is even harder to publish work about libraries which, we all know, are fundamental for the success of a proof assistant. CPP would pay particular attention in publishing, publicizing, and promoting this kind of work.
Finally, CPP also aims to be a publication arena for innovative teaching experiences, in computer science or mathematics, using proof assistants in an essential way. These experiences could be submitted in an innovative format to be defined.