On the Formalization of Network Topology Matrices in HOL

On the F ormalization of Net w ork T op ology Matrices in HOL Kubra Akso y 1 , A dnan Rashid 1 , 2 , Osman Hasan 2 and Sofiène T ahar 1 1 Departmen t of Electrical and Computer Engineering, Concordia Universit y , Montreal, QC, Canada {k_aksoy, rashid, tahar}@ece.concordia.ca 2 Sc ho ol of Electrical Engineering and Computer Science National Universit y of Sciences and T ec hnology , Islamabad, Pakistan osman.hasan@seecs.nust.edu.pk Abstract. Net work top ology matrices are algebraic representations of graphs that are widely used in mo deling and analysis of v arious appli- cations including electrical circuits, comm unication netw orks and trans- p ortation systems. In this paper, we propose to use Higher-Order-Logic (HOL) based in teractive theorem pro ving to formalize netw ork top ol- ogy matrices. In particular, we formalize adjacency , degree, Laplacian and incidence matrices in the Isab elle/HOL proof assistan t. Our formal- ization is based on mo delling systems as netw orks using the notion of directed graphs (un w eighted and w eighted), where nodes act as com- p onen ts of the system and weigh ted edges capture the interconnection b et w een them. Then, we formally verify v arious classical prop erties of these matrices, suc h as indexing and degree. W e also prov e the relation- ships b et ween these matrices in order to pro vide a comprehensive formal reasoning supp ort for analyzing systems mo deled using netw ork top ol- ogy matrices. T o illustrate the effectiveness of the prop osed approach, w e formally analyze the Kron reduction of the Laplacian matrix and verify the total p o wer dissipation in a generic resistiv e electrical netw ork, both commonly used in p o wer flo w analysis. 1 In tro duction Net work systems are interconnected structures widely used to mo del and analyze real-w orld problems encoun tered in v arious domains including biology , so ciology , computer science, mathematics and engineering [ 1 ]. The foundational purp ose of netw orks is to facilitate the transmission of ph ysical en tities (e.g., electric- it y , w ater and mass) and information (e.g., digital signals and gene regulatory) according to systems’ gov erning laws, suc h as conserv ation laws [ 2 ] or netw ork proto cols [ 3 ]. The analysis of these net works inv olv es an examination of the structural prop erties, commonly kno wn as netw ork topology , which helps to un- derstand the b eha vior of net works based on the arrangement of these en tities and their in terrelationships (physical or logical). 2 K. Aksoy et al. In net work top ology , graphs are employ ed to construct the mathematical foundation for the visualization of different comp onen ts, whic h v ary from one system to another. F or instance, electrical net works [ 2 ] can b e mo deled as sys- tems comprising in terconnected elemen ts, such as resistors, conductors, inductors and current/v oltage sources. In the corresp onding graph representation, these elemen ts are depicted as edges, while their connection p oin ts are represented b y no des. In addition, weigh ts can b e assigned to the edges to reflect sp ecific information regarding these elemen ts, such as v alues of resistors, capacitors, etc. Similarly , transp ortation systems [ 4 ], such as airp ort and road netw orks, can b e captured using the notion of graphs, where terminals or cities are represen ted b y no des and their interconnection through routes are mo delled as edges, often incorp orating additional information, such as cost and distance for eac h connec- tion, represen ted by weigh ts of the edges. The top ology analysis of net work systems often requires establishing a con- nection b et ween graphs and matrices. Matrices [ 5 ], as compact algebraic repre- sen tations, pro vide a p o werful framew ork for efficiently analyzing netw ork sys- tems. This algebraic formulation allo ws us to lev erage linear algebraic methods, suc h as Gauss elimination, Kron reduction and matrix op erations [ 5 ], esp ecially when dealing with complex and large-scale systems. There are several net work top ology matrices [ 6 ], such as the adjacency , the incidence, the lo op, the degree and the Laplacian matrices, that can b e derived from graphs to capture v arious structural and fundamen tal prop erties of the systems. In the analysis of electrical netw orks, Kirchhoff was among the first to employ top ology matrices to form ulate Kirchhoff’s Current Law (KCL) and Kirc hhoff ’s V oltage La w (KVL) [ 7 ]. Similarly , the topological analysis of multibo dy systems also relies on using top ology matrices, whic h greatly facilitate in understanding their kinematic b eha vior [ 8 ]. In mathematical chemistry , Laplacian matrices are used to analyze complex molecular graphs and to determine their top ological indexes [ 9 ]. Motiv ated by the widespread use of such matrices across diverse applications, particularly in safety-critical domains, it is essential to establish a rigorous formal foundation for this field. Mathematically , the adjac ency matrix [ 10 ] enco des information ab out the connectivit y b et ween nodes in a netw ork, represen ting the presence or absence of edges b etw een every pair of no des. The de gr e e matric es of w eighted graphs are c haracterized b y the in (out) degree of each no de, whic h is equal to the total n umber of incoming (outgoing) weigh ts of edges relative to the no de. Similarly , the incidenc e matrix provides a relationship b et ween the no des and edges of a netw ork system [ 10 ], while the lo op matrix presents a relationship b et w een lo ops and edges [ 10 ]. On the other hand, the L aplacian matrix , often asso ci- ated with w eigh ted directed graphs, captures the ov erall effect of the interaction b et w een no des, incorp orating their connectivity and w eights of the asso ciated edges. Moreov er, a Laplacian matrix can b e constructed using adjacency and degree matrices, which are also asso ciated with the incidence matrices. While there are other top ological matrices that can represen t different types of graphs, our focus in this pap er is primarily on the Laplacian matrix and its closely re- On the F ormalization of Net work T op ology Matrices in HOL 3 lated top ological matrices. Con ven tionally , these net work top ology matrices hav e b een analyzed using pap er-and-pencil pro ofs and computer-based simulation approaches. How ev er, the former tends to b e error-prone, esp ecially for large and complex systems. As discussed in [ 11 ], computer-based sim ulation methods do not pro vide sound guaran tees, as they typically rely on trial-and-error pro cesses and may skip some v ery safet y-critical cases. Moreo ver, their accuracy cannot b e ensured due to the presence of un verified algorithms existing within the underlying computational to ols. In contrast, formal metho ds, particularly interactiv e theorem proving, of- fer a rigorous, logic-based framework for the computer-assisted mathematical mo deling and analysis. These approaches support deductiv e reasoning grounded in first- or higher-order logics. In this context, HOL-based interactiv e theorem pro vers are particularly well-suited for analyzing netw ork top ology matrices, of- fering high expressiveness and rich mathematical libraries that facilitate precise and trust worth y analysis. In this pap er, we use the Isabelle/HOL pro of assistant to formalize netw ork top ology matrices. W e b egin by developing a formal net work top ology system using a mo dular approach in Isab elle/HOL. This system extends our previous w ork [ 12 ] by systematically declaring new lo cales that describ e different classes, including weigh ted and symmetric net works , inheriting from the existing locales. A key contribution of this pap er is the formalization of the adjacency , degree and Laplacian matrices deriv ed from the netw ork mo deled as a weigh ted directed graph, together with rigorous pro ofs of their fundamen tal prop erties suc h as de- gree and indexing relations. F urthermore, we introduce and formalize b oth the in-incidence and out-incidence matrices and establish their relationships with the incidence matrix previously defined in [ 12 ]. Collectively , these extensions en- able the formal verification of the interrelationships among all these matrices, ensuring the consistency and soundness of our framew ork. T o demonstrate the practical applicability of our proposed approac h, w e apply our formalization to t wo ma jor structures: undirected we ighted graphs and weigh ted directed graphs. Sp ecifically , w e formally analyze the Kron reduction [ 13 ] of the Laplacian matrix for weigh ted directed graphs. Kron reduction is a widely used algebraic metho d in p o wer system analysis. W e also formalize a generalized version of Ohm’s law for resistive circuits and use it to formally verify total p o w er dissipation using Laplacian matrices in Isab elle/HOL. The choice of Isab elle/HOL is motiv ated b y its robust reasoning capabilities and comprehensiv e library supp ort for ma- trices and graph theory . The complete Isab elle/HOL co de for our formalization is publicly a v ailable at [ 14 ]. The rest of the pap er is organized as follo ws: W e discuss related work in Section 2 . Section 3 provides an ov erview of the Isab elle/HOL pro of assistant and introduces some fundamental sym b ols/notations, definitions and lemmas of matrix theory in Isab elle/HOL that are necessary for understanding the rest of the pap er. Section 4 presents the formalization of the net work system, while Sec- tion 5 details the formalization of the adjacency , degree and Laplacian matrices, along with the verification of their classical prop erties. Section 6 describ es the 4 K. Aksoy et al. formalization of the incidence matrices and explores their relationships with the previously formalized netw ork top ology matrices. Next, w e provide t wo applica- tions of the Laplacian matrices in Section 7 . Section 8 discusses the exp eriences and challenges encountered during the formalization pro cess. Finally , w e con- clude the pap er in Section 9 . 2 Related W ork In this section, we discuss the most relev ant contributions regarding the for- malization of net works, graphs and the topology matrices. F or instance, Butler et al. [ 15 ] used PVS [ 16 ] to formalize a graph theory library with fundamental concepts based on directed graphs. Noschinski [ 17 ] used Isab elle/HOL to de- v elop a generic graph theory using record+lo cale structure, with a ma jor fo cus on directed graph notions. Koutsouk ou-Argyraki et al. [ 18 ] formalized the Ba- log–Szemerédi–Go wers theorem using a general library for undirected graphs in Isab elle/HOL. Similarly , Do czkal et al. [ 19 ] formalized a graph library in the Co q/SSReflect theorem pro ver [ 20 ]. More recen tly , Narváez et al. [ 21 ] used Lean 4 [ 22 ] to formalize the finite Ramsey theorem that is built up on Mathlib’s graph theory . How ever, these contributions mostly fo cus on generic formalizations of notions and theorems in graph theory . Some contributions on the formalization of netw orks fo cus on graph algo- rithms and their verification of some netw ork systems, without addressing net- w ork top ology matrices. F or instance, W ong [ 23 ] formally analyzed the railwa y trac k netw orks based on simple graphs using HOL [ 24 ]. Similarly , Lee [ 25 ] used the Mizar theorem prov er [ 26 ] to v erify several graph algorithms, such as Prim, Dijkstra, etc. Diekmann et al. [ 27 ] used Isab elle/HOL to formalize graphs and used it for formally v erifying v arious net work security p olicies. Similarly , Lam- mic h et al. [ 28 ] formalized netw ork flow algorithms in Isab elle/HOL b y using their own formalization of graph theory and formally verified their correctness and time complexity . Building up on the work in [ 17 ], Ko v ács et al. [ 29 ] veri- fied an algorithm to compute the longest strictly decreasing ordered graph trail. Similarly , Lo c hbihler [ 30 ] formally prov ed the maximum-flo w minimum-cut the- orem by formalizing finite net works with flows and cuts in Isab elle/HOL. More recen tly , T ekriwal et al. [ 31 ] formalized the weigh ted-mean subsequence reduced (W-MSR) algorithm to address the problem of consensus in a netw ork mo d- eled by a directed graph in the Co q theorem pro ver. Whilst the aforementioned con tributions are able to v erify certain graphs and net work related algorithms and formalize imp ortan t mathematical concepts, they do not consider topology matrices in analyzing systems that require algebraic represen tations. There hav e been a few efforts to formalize the netw ork topology matri- ces in v arious interactiv e theorem prov ers. F or example, Heras et al. [ 32 ] used Co q/SSReflect to formalize undirected graphs and their coresp onding incidence matrices to formally analyze 2D digital image pro cessing systems. Similarly , Ed- monds et al. [ 33 ] used Isab elle/HOL to formalize incidence matrices of design, whic h are an algebraic representation of a more general com binatorial structure On the F ormalization of Net work T op ology Matrices in HOL 5 than undirected graphs, and further used them to prov e Fisher’s inequalit y . In the Lean 4 mathlib library [ 34 ], basic formalizations of the adjacency , incidence and Laplacian matrices are av ailable, but only for simple graphs. More recently , w e developed a basic formalization of incidence and lo op matrices to formally analyze electrical circuit netw ork top ologies in Isabelle/HOL [ 12 ]. Unlik e the w ork in [ 33 ], we formalized the incidence matrices for directed graphs by in- corp orating the direction asp ect and considering the entries of the matrix as 0 , 1 and − 1 . W e also employ ed the formalization of lo op matrices for the formal kinematic analysis of epicyclic b ev el gear trains in Isab elle/HOL [ 35 ]. How ever, to the best of our kno wledge, none of these existing works provide a comprehen- siv e formalization of the Laplacian, adjacency , and degree matrices for netw orks represen ted as weigh ted directed graphs, which constitutes the primary fo cus of this pap er. 3 Preliminaries In this section, we provide a brief o verview of the Isab elle/HOL pro of assistan t and some definitions, lemmas from the existing matrix theory that are used in our formalization of the netw ork topology matrices and are necessary for understanding the rest of the pap er. 3.1 Isab elle/HOL Pro of Assistan t Isab elle/HOL [ 36 ] is a higher-order-logic (HOL) based interactiv e pro of assistan t used for the formalization of mathematics (e.g., [ 37 ] and [ 38 ]) and the verification of algorithms (e.g., [ 39 ] and [ 40 ]), soft ware (e.g., [ 41 ]) and hardware systems (e.g., [ 42 ]). The core of the to ol relies on a small trusted kernel consisting of basic axioms and primitive inference rules. All lemmas and theorems are v erified based on either these inference rules or already verified lemmas. An Isabelle/HOL theory consists of a collection of definitions, data t yp es, functions and theorems. Isab elle includes the Isab elle/Isar pro of language [ 43 ], which enables pro ofs to b e written in a human-readable wa y . One of the key features of Isab elle/HOL is its integration with automation to ols through Sle dgehammer [ 44 ], which offers the supp ort of A utomatic The- orem Prov ers (A TP) and Satisfiability-Modulo-Theories (SMT) [ 45 ] solvers to pro ve statements of lemmas/theorems, automatically . Isab elle/HOL also has a ric h collection of theories that are stored in the related Archiv e of F ormal Pro of (AFP). T able 1 pro vides some commonly used Isabelle/HOL symbols and func- tions that app ear in the subsequent sections. Isab elle/HOL also has a p o werful mo dule system of pro of contexts called lo c ales , an extension of the Isar language. Lo cales [ 46 ] can b e used to mo dularly mo del different algebraic structures, whic h are based on c ontexts , and their con- nections. A context sp ecifies parameters and assumptions using the keyw ords fixes and assumes [ 46 ]. Lo cales also supp ort a hierarchical structure, allo wing new contexts to b e constructed by comp osing existing ones. Consequen tly , defi- nitions and theorems formalized within one lo cale can b e reused through lo cale 6 K. Aksoy et al. inheritance, enhancing extensibility . Moreov er, lo cales can b e manipulated us- ing interpr etation command, e.g., it enables an instantiation of a generic locale with a sp ecific parameters, whic h in turn may be of a sp ecific t yp e lik e int or complex . In this work, we adopt a lo cale-based approac h to formalize netw ork systems, whic h is presented in Section 4 . Isab elle Sym b ols/Notions Meaning V Univ ersal quantification in meta-logic = ⇒ Implication in meta-logic ∧ Logical and [ ] Empt y list ′ a :: x Generic data t yp e v ariable belongs to type class x λx.f F unction that maps x to f ( x ) es!i i th elemen t of the list es length es F unction that computes the size of the list es A T T ransp ose of matrix A v $ i i th elemen t of the vector v A $$ (i,j) i th ro w and j th column elemen t of the matrix A in JNF* * JNF is an abbr eviation of Jor dan Normal F orm libr ary in Isab el le/HOL T able 1: Isab elle/HOL Symbols 3.2 Matrix Libraries in Isab elle/HOL There are several matrix libraries av ailable in Isabelle/HOL, such as HOL- Analysis (HA) and Jordan Normal F orm (JNF) matrix libraries. The theory of v ectors and matrices is formalized by Chaieb et al. [ 47 ] as a part of the HA library that was primarily inspired by the Harrison’s formalizations av ailable in the HOL Light theorem prov er [ 48 ]. Similarly , the JNF matrix library devel- op ed b y Thiemann et al. [ 49 ], which includes the foundation of blo c k matrices for formally verifying JNF. Moreo ver, the JNF library provides many formally v erified properties of matrix and linear algebra. While the HA library offers v aluable functionality in many mathematical mo dels, its current implementation presen ts challenges for the use of blo c k matrices with v arying dimension due to t yp e restriction on ro w and column dimensions. This limitation can reduce its applicabilit y for p otential applications, such as sp ectral analysis of net works [ 6 ]. Therefore, w e utilize the JNF library to develop our prop osed formalization. W e now present some of the common Isab elle/HOL functions that are used in the prop osed formalization. All matrices in JNF are defined via the type ′ a mat in the form of a triple (nr,nc,f) that is formalized as follows [ 49 ]: t yp edef ′ a mat = { (nr,nc,mk_mat nr nc f) | nr nc f :: nat × nat ⇒ ′ a. True } The following introduction rule is employ ed to prov e matrix equality , which is frequen tly used in our prop osed formalization. lemma e q_matI[intro] : V i j. i < dim_row B = ⇒ j < dim_col B = ⇒ A $$ (i,j) = B $$ (i,j) = ⇒ dim_row A = dim_row B = ⇒ dim_col A = dim_col B = ⇒ A = B On the F ormalization of Net work T op ology Matrices in HOL 7 W e also extend the JNF library by formalizing additional matrix concepts and identities that supp ort b oth the mo deling and v erification of our prop osed formalization. F or instance, we formalize diagonal and symmetric matrices as follo ws: definition d iag_matrix :: ′ a :: zero mat ⇒ ′ a mat where d iag_matrix A ≡ ( l et m = dim_row A i n mat m m ( λ (i,j). if i = j then A $$ (i,j) else 0)) It is worth noting that in the JNF library , a diagonal matrix ( diagonal_mat ) is formalized as a predicate, whic h w e use to verify necessary matrix iden tities. In contrast, w e adopt a functional representation here, whic h is required for the formalization of degree matrices, as discussed in subsequent sections. Similarly , w e formally define is_symmetric , a square matrix whose transp ose equals itself, as follo ws: definition i s_symmetric :: ′ a mat ⇒ bool where i s_symmetric A ≡ (A = transpose_mat A) ∧ square_mat A More details ab out the JNF matrix library and its extended v ersion can be found in Isab elle’s AFP [ 33 , 50 ]. 4 F ormalization of Net w ork Systems In this section, we in tro duce net work systems capturing v arious graph represen- tations using lo c ales in Isab elle/HOL. In particular, we provide the formalization of several fundamental graph types based on their top ological characteristics, whic h is further used to formalize their matrix representation. Moreo ver, w e ex- plore the connection betw een our system with the most relev ant existing graph theory in Isab elle/HOL. A netw ork system captured by a directed graph is represented as an ordered pair G =( N , E ), where N is the set of no des and E is the set of directed edges. Eac h directed edge, denoted by ( n i , n j ) , represents a pair of no des, where n i is the head (starting no de) and n j is the tail (ending no de) of the edge. A w eighted directed graph G ω =( N , E , ω ) is an extension of a directed graph b y adding a w eight function denoted b y ω . Graphs exhibit sev eral k ey structural c haracteris- tics, suc h as self-lo opness, symmetry and weigh t-balanced. F or instance, an edge that connects a no de to itself, denoted by ( n i , n i ) , is known as a self-lo op. Like- wise, a graph is said to b e w eight-balanced if the weigh ted out- and in-degrees of every no de are the same. These prop erties facilitate the understanding of the mo del’s structural b eha vior, which can b e further analyzed algebraically using matrix represen tations. T o formalize netw ork systems, we employ lo c ales in Isab elle/HOL, as in tro- duced in Section 3 , which enables a mo dular transition from generic to spe- cialized structures. W e b egin by defining generic netw ork systems with minimal constrain ts (e.g., allo wing self-lo ops, symmetry , etc.) and subsequently extend 8 K. Aksoy et al. the lo cale to represen t v arious sp ecialized net work t yp es. This approach enables eac h sp ecialized system to inherit definitions and theorems established in the more general locales. While our formalization leverages existing locale-based approac hes in Isabelle/HOL, including [ 17 ], [ 51 ] and [ 18 ], it differs in struc- ture and ob jectiv es. F or example, in [ 17 ], directed graphs are formalized using a record + lo cale structure, without incorp orating w eighted directed graphs. In [ 29 ], w eighted undirected graphs are formalized via a locale restricted to lo opless and symmetric structures, with no de t yp es constrained to linear or- ders and edge w eights limited to [0 , q 2 ] ⊂ Z , where q is the num b er of edges. In con trast, our netw ork system formalization generalizes the structure, allowing self-lo ops and supp orting b oth asymmetric and symmetric relationships, with generic no de and edge types and p ositiv e real edge weigh ts. Similarly , in [ 51 ], designs (generalizations of undirected graphs) are formalized using a core lo cale incidence system, with p oin ts as sets and blo c ks as multisets. The ordered inci- dence system lo cale further represents blo c ks as lists, facilitating the verification of incidence matrix prop erties in [ 33 ]. Inspired by this approach, we use lists to mo del netw ork systems, as their ordered elements simplify the verification of netw ork top ology matrices deriv ed from the graph representation and their classical prop erties in Isab elle/HOL. W e start formalization of net work systems captured by directed graphs with the lo cale netw_sys which is comp osed of the parameters of the graph (the list of no des ( N s) and edges ( E s)) and their relationships presen ted as well-formed assumptions. This lo cale ensures that all edges are pairs of no des and the netw ork has a distinct no de list. The former is provided in the assumption network_wf of the lo cale, while the latter is formalized in the assumption distincts . lo cale n etw_sys = fixes nodes_list :: ′ a nodes ( N s) and edges_list :: ′ a edges ( E s) assumes network_wf: V e. e ∈ set E s = ⇒ fst e ∈ set N s ∧ snd e ∈ set N s and distincts: distinct N s where the function set accepts a list and returns a set. Similarly , the function distinct takes a list and ensures that elements of the list are disjoint. F urther- more, the functions fst and snd extract the first and second elements of a pair, resp ectiv ely . F or a better readabilit y and usability in our prop osed formalization of netw ork topology matrices, w e define the follo wing t yp e synonyms for nodes and edges: t yp e_synon ym ′ a node = ′ a t yp e_synon ym ′ a nodes = ′ a list t yp e_synon ym ′ a edge = ′ a × ′ a t yp e_synon ym ′ a edges = ( ′ a × ′ a) list Here, the type v ariable ′ a allo ws for a generic representation of graphs. It can be instan tiated with any type, such as nat or char list , to lab el no des and edges of the graph. W e also pro vide some useful abbreviations for the set of no des and edges and their cardinalit y . abbreviation m ≡ length N s abbreviation N ≡ set N s abbreviation n ≡ length E s abbreviation E ≡ set E s On the F ormalization of Net work T op ology Matrices in HOL 9 T o obtain a v alid netw ork system, we assume that lists of no des and edges of the net work should b e nonempt y . W e formalize this condition in Isabelle/HOL as follo ws: lo cale n onempty_netw_sys = netw_sys + assumes edges_nempty: E s  = [ ] Building up on the lo cale nonempty_netw_sys , the lo cale sym_netw_sys is formalized to ensure the existence of a reverse connection for every edge within the system. lo cale s ym_netw_sys = nonempty_netw_sys + assumes symmetric: ∀ e ∈ E . (snd e, fst e) ∈ E Similarly , a netw ork system with no multi-edges is formalized as the following lo cale: lo cale n omulti_netw_sys = noempty_netw_sys+ assumes no_multi_edg: distinct E s Here, w e add the assumption that all edges in the netw ork system are distinct. A simple net work is then defined as a no-self lo op netw ork without m ulti-edges, whic h is formalized in the following lo cale as: lo cale s imple_netw_sys = nomulti_netw_sys + assumes no_self_loop: V e. e ∈ E = ⇒ fst e  = snd e This is ac hieved by incorporating the no_self_loop assumption, which as- serts that the head and tail of eac h edge in the graph are distinct. No w, we formally develop a weigh ted directed graph structure, defined b y a lo cale wdg_sys , as follows: lo cale w dg_sys = nomulti_netw_sys + fixes weight :: ′ a weig ("wei") assumes positive: ∀ e ∈ E . wei e > 0 and zero: ∀ x y. (x,y) / ∈ E ← → wei (x,y) = 0 Here, the parameter ′ a weig is defined as a new type synonym for the w eight function that tak es each edge and returns its corresponding real v alue. The assumption positive asserts the condition that all w eights are p ositiv e. W e also in tro duce the assumption zero , whic h ensures that the weigh ts of non-existent edges are assigned a v alue of zero. It is imp ortan t to note that wdg_sys lo cale allo ws self-lo ops in the graph, providing a more general form ulation. Moreo ver, w e can also define a self-lo op-free v arian t, which will b e used in Section 6 . A weigh ted directed graph in whic h all edges hav e unit weigh t, commonly referred to as an unw eighted directed graph or simply a directed graph, is for- malized as follo ws: lo cale b inary_wdg_sys = wdg_sys + assumes wei_1: ∀ e ∈ E . wei e = 1 10 K. Aksoy et al. Next, w e formalize a weigh ted directed graph with partitioned nodes , which enables the definition and analysis of subsystems o v er subsets of nodes. The utilit y of this formalization is further demonstrated in a relev ant application in Section 7 . This is sp ecified in the following lo cale: lo cale p artitioned_wdg_sys = wdg_sys + fixes N1 N2 assumes subnodes: N s = N1 @ N2 and sub_ge2: length N1 ≥ 2 and n2_ne: N2  = [] Similarly , the symmetric w eigh ted directed graph, also refers to w eigh ted undirected graph, is established through the follo wing lo cale in Isab elle/HOL: lo cale s ym_wdg_sys = wdg_sys + sym_netw_sys + assumes sym_weight: ∀ e ∈ E . wei e = wei (snd e, fst e) Figure 1 illustrates the o verall lo cale inheritance developmen t, where lo cales are represented as rectangular b o xes and their direct relationships with blue ar- ro ws. F or example, the lo cale simple_wdg_sys inherits all definitions, assump- tions and lemmas from the lo cales wdg_sys and simple_netw_sys , allowing us to reuse verified lemmas from these locales. Similarly , the lo cale wdg_sys is also extended to the lo cales binary_wdg_sys and sym_wdg_sys , representing the w eighted directed and weigh ted undirected graphs, resp ectiv ely . F urthermore, it should be noted that we mo dified and extended the netw ork systems lo cales building up on our previous work [ 12 ]. In this pap er, we introduce new graph concepts, e.g., weighte d, symmetric, binary and p artitione d as extensions of the earlier framew ork, which included only the lo cales netw_sys , nonempty_netw_ sys , nomulti_netw_sys , and noself_netw_sys . Fig. 1: Lo cales Developmen t of Netw ork Systems 5 F ormalization of Adjacency , Degree and Laplacian Matrices In this section, we formalize several netw ork top ology matrices, including the adjacency , degree and Laplacian matrices for weighte d directed graphs. These On the F ormalization of Net work T op ology Matrices in HOL 11 matrices can also represent other types of graphs, such as undirected and or un weigh ted graphs, and can be defined ov er real or complex n umbers dep ending on the application. T o achiev e a more generic formalization and enhance ap- plicabilit y , w e define the matrices o ver a field, indep enden tly of any lo cale, and then demonstrate their equiv alent definitions within the w eigh ted directed graph lo cale. 5.1 A djacency Matrices A djacency matrices are used to represent the relationships b et ween nodes in a graph and to determine the existence of edges. Different v ariations of adjacency matrices exist in the literature, dep ending on the type of graph. F or instance, an adjacency matrix of a netw ork captured by a weigh ted directed graph with m no des and no multi-edges is defined as follows: Definition 1. A djac ency Matrix of a W eighte d Dir e cte d Gr aph [ 6 ] Consider a net work with a set of no des N = { x 1 , x 2 , . . . , x m } and a set of edges E ⊆ N × N , the corresp onding adjacency matrix A = [ a ij ] is defined by an m × m matrix: a ij =  ω ( x i , x j ) , if there is an edge directed from no de x i to no de x j 0 , otherwise (1) for i, j ∈ { 1 , 2 , . . . , m } . Here, ω : E → R is a weigh t function accepting an edge as an input and returns its corresp onding weigh t as an output. When the weigh t function is equal to one, i.e., ω ( x i , x j ) = 1 , if there is an edge directed from no de x i to no de x j , the ab o ve-presen ted w eighted adjacency matrix is transformed to a binary adjacency matrix. Figure 2 depicts the concept of represen ting a pow er system as a graph and its adjacency matrix using the IEEE 5-Bus test system, a standard b enc hmark widely used in p o wer flow analysis. The graph consists of no des { 1 , 2 , . . . , 5 } and edges with weigh ts { w 1 , w 2 , . . . , w 7 } , while the non-zero en tries of the adjacency matrix indicate the presence of edges and their asso ciated w eights (e.g., w 1 represen ts the weigh t of the directed edge from no de 1 to no de 2). (a) IEEE 5-Bus System (b) W eighted Directed Graph (c) Adjacency Matrix Fig. 2: IEEE 5-Bus System with its W eighted Directed Graph Representation and A djacency Matrix 12 K. Aksoy et al. W e first formalize the adjacency matrix ov er a field in Isab elle/HOL as fol- lo ws: definition a djacency_mat :: ′ a nodes ⇒ ′ a edges ⇒ ( ′ a edge ⇒ ′ b) ⇒ ′ b :: field mat where a djacency_mat Ns Es wei ≡ mat (length Ns) (length Ns) ( λ (i,j). if (Ns!i, Ns!j) ∈ set Es then wei (Ns!i, Ns!j) else 0) Here, wei represen ts the weigh t function with t yp e ′ a edge ⇒ ′ b . T o ensure gen- eralit y and reusabilit y , the matrix t yp e ′ b mat is an instance of the field t yp e class, allo wing instantiation with common matrix types such as real n umbers ( R ) and complex num b ers ( C ). F or instance, within the lo cale wdg_sys , we use A to abbreviate the adjacency matrix o ver real n umbers corresp onding to a w eighted directed graph (Definition 1 ) as follo ws: abbreviation A :: real mat where A ≡ adjacency_mat N s E s wei W e can then quickly verify an explicit representation of the adjacency matrix within the lo cale wdg_sys as follows: lemma a dj_alt : A ≡ mat m m ( λ (i,j). wei ( N s!i, N s!j)) This exemplifies ho w lo cale assumptions enable us to simplify the definitions within the lo cale contexts, which in turn leads to easier pro ofs. W e can also formally verify a binary adjacency matrix that represen ts an un weigh ted graph as a 0-1 matrix within the lo cale binary_wdg_sys , as follows: lemma b inary_is_wei_1 : A = mat m m ( λ (i,j). if ( N s!i, N s!j) ∈ E then 1 else 0) Moreo ver, we verify the symmetry prop erty of the adjacency matrix corre- sp onding to an undirected weigh ted graph within the lo cale sym_wdg_sys . lemma a djmat_sym : is_symmetric A The adjacency matrix also provides a basis to obtain weigh ted out- and in- degrees. Mathematically , the weigh ted out-degree of a node is defined as the sum of w eights of edges that are outgoing from that no de, while weigh ted in-degree of a no de is the sum of w eights of edges that are incoming to that no de. An edge can b e represented by a pair of no des ( N s ! i, N s ! j ) or through an element of the edge list ( E s ! k ). W e refer to the former as explicit representation, while the latter is an implicit representation. F or instance, the out-degree notion, based on the explicit representation of edges, is formalized in Isab elle/HOL as follo ws: definition w ei_outdegree :: ′ a ⇒ real where w ei_outdegree u ≡ P j ∈ { j ∈ { 0.. < m } . (u, N s!j) ∈ E } . wei (u, N s!j) Here, wei_outdegree accepts a node u as an input and returns the sum of w eights of edges, where u represents the first element of eac h of the edges, cap- tured as pair of no des. On the F ormalization of Net work T op ology Matrices in HOL 13 Similarly , wei_outdegree tak es a no de v as an input and returns the sum of w eights of edges that are incoming to the no de v . Alternatively , we also formalize the w eighted degrees (out- and in-degrees) using the implicit form of the edges, whic h can b e found in the " Network_Systems " theory [ 14 ]. This concept can mak e the reasoning easier when dealing with the mo dels constructed through the no de-edge relationships. W e now verify t wo imp ortant lemmas, where the weigh ted in- and out-degrees are obtained using the adjacency matrix in Isab elle/HOL. lemma w ei_out_adj : i < m = ⇒ wei_outdegree ( N s!i) = P j ∈ { 0.. < m } . A $$ (i,j) The v erification of the ab o v e lemma is based on the definitions of wei_outdegree and adjacency_mat alongside the matrix indexing and summation reasoning. lemma w ei_in_adj : i < m = ⇒ wei_indegree ( N s!i) = P j ∈ { 0.. < m } . A T $$ (i,j) The pro of pro cess of the ab o v e lemma is very similar to that of the previous lemma. 5.2 Degree Matrices Degree matrices are diagonal matrices that c haracterize no de connectivity in a w eighted directed graph. They include the out-degree and in-degree matrices, whose diagonal elements represent the corresp onding degree of each no de. F or a w eighted directed graph with m nodes, these matrices are defined in terms of the adjacency matrix as follo ws: Definition 2. De gr e e Matric es of a W eighte d Dir e cte d Gr aph [ 6 ] The out-degree D out and in-degree D in matrices are defined as m × m diagonal matrices: D out = diag ( A ∗ J m ) D in = diag ( A T ∗ J m ) Here, the function diag : R → R m × m maps the real-v alued weigh ts to the di- agonal elements of an m × m matrix with non-diagonal elements set to zero. A dditionally , J m represen ts an m × m matrix with all elements equal to 1. Figure 3 provides the in-degree and out-degree matrices of the weigh ted di- rected graph representing the IEEE 5 -Bus system, shown in Figure 2 . These matrices are diagonal, with each diagonal elemen t computed as the sum of the corresp onding row or column of the adjacency matrix. F or example, no de 1 has t wo outgoing edges with w eights, w 1 and w 2 , so its corresp onding en try in the out-degree matrix is the sum of these weigh ts, whic h corresp onds to the sum of the entries in first row of the adjacency matrix. Conv ersely , since no de 1 has no incoming w eighted edges, its corresp onding entry in the in-degree matrix is 0 , 14 K. Aksoy et al. (a) Out-degree Matrix (b) In-degree Matrix (c) Laplacian Matrix Fig. 3: Degree and Laplacian Matrices of the Graph in Figure 2 (b) matc hing the sum of first column. F rom this matrices, it can also b e observed that the system is neither w eight-balanced nor symmetric. W e now formalize the out-degree matrix for an arbitrary list of no des and edges with w eights using Isab elle/HOL as follows: definition o ut_degree_mat where o ut_degree_mat Ns Es wei ≡ diag_matrix (outhelper Ns Es wei) where outhelper is defined as the product of the adjacency matrix and J m matrix, and is formalized as follo ws: definition o uthelper where o uthelper ≡ (adjacency_mat Ns Es wei) * ( J m (length Ns)) where J m is an Isab elle/HOL function that accepts a dimension (e.g., length Ns ) and constructs a square matrix of that dimension, where all elements are equal to one. Similarly , the in-degree matrix for an arbitrary num ber of no des and edges is formalized as: definition i n_degree_mat where i n_degree_mat Ns Es wei ≡ diag_matrix (inhelper Ns Es wei) where inhelper represen ts the product of the transp ose of the adjacency matrix and J m matrices. These definitions are globally accessible and used within the relev an t netw ork system lo cales. In the lo cale wdg_sys , w e abbreviate them as D out and D in , corresponding to Definition 2 . W e can formally verify that the diagonal entries of the out-degree matrix equal the w eighted out-degree of the corresp onding no des: lemma o ut_deg_mat_wei_out : assumes i < m and i = j sho ws D out $$ (i,j) = wei_outdegree ( N s!i) The proof of this lemma lev erages the previously verified wei_out_adj prop- ert y , which establishes the relationship b etw een adjacency matrix and out-degree v alues, along with degree index relationships. Lik ewise, we verify that the diagonal elements of the in-degree matrix are equal to the weigh ted in-degree of the corresponding no des, as stated in the follo wing lemma: lemma i n_deg_mat_wei_in : assumes i < m and i = j sho ws D in $$ (i,j) = wei_indegree ( N s!i) On the F ormalization of Net work T op ology Matrices in HOL 15 It is worth noting that the degree matrices are alternatively formalized using the implicit version of the degree concept [ 14 ], which is particularly useful when v erifying relationships b et ween incidence and degree matrices, as discussed in the next section. Another useful top ological characteristic for weigh ted graphs is weigh t-balance, where each no de has equal w eighted out- and in-degrees. That is, for a graph ha ving w eight-balanced no des, its asso ciated out-degree and in-degree matrices are iden tical. This result is verified as the following lemma: lemma w ei_balanced_in_out_deg : assumes V i. i < m = ⇒ weight_balanced ( N s!i) sho ws D out = D in The pro of of the ab o ve lemma pro ceeds by verifying three subgoals generated from the eq_matI introduction rule. After establishing the matrix size equality , elemen t-wise equalit y is verified by considering the cases i=j and i  = j , using the formerly stated lemmas out_deg_mat_wei_out and in_deg_mat_wei_in . A dditionally , for binary weigh ted directed graphs, eac h diagonal entry of the out-degree (or in-degree) matrix equals the sum of ones in the corresp onding row (or column). More details about these formalizations are av ailable in our pro of script [ 14 ]. 5.3 Laplacian Matrices F or a netw ork modeled as a w eighted directed graph with m no des and n edges, a Laplacian matrix is mathematically defined as follo ws: Definition 3. L aplacian Matrix of a W eighte d Dir e cte d Gr aph [ 6 ] The Laplacian matrix L = [ ℓ ij ] of a weigh ted directed graph is defined by an m × m matrix, such that L = D out − A (2) An ( i, j ) -th entry of the Laplacian matrix is given by: ℓ ij = ( − a ij , if i  = j P n h =1 ,h  = i a ih , if i = j (3) where a ij represen ts the ( i, j ) -th entry of the adjacency matrix. In this definition, if an edge is directed from no de i to node j , the corresp onding off-diagonal en try is the negative of its w eight, whereas the diagonal en tries are equal to the sum of the w eights of all edges outgoing from no de i . F or instance, Figure 3 ( c) illustrates the Laplacian matrix of the w eigh ted directed graph corresp onding to the IEEE 5-Bus system (depicted in Figure 2 ). Using the formal definitions of the adjacency and the out-degree matrices, we formalize the Laplacian matrix for arbitrary lists of no des and edges with a w eight function in Isab elle/HOL as follo ws: 16 K. Aksoy et al. definition l aplacian_mat where l aplacian_mat Ns Es wei ≡ out_degree_mat Ns Es wei - adjacency_mat Ns Es wei Within the lo cale wdg_sys , the Laplacian matrix is denoted as L , and the fol- lo wing lemma corresp onds to Equation ( 2 ) o ver reals: lemma L _mat : L = D out - A Next, we v erify the indexing prop erties, based on Equation ( 3 ), as the follo wing lemma in Isab elle/HOL: lemma l aplacian_index : assumes i < m and j < m sho ws i  = j = ⇒ L $$ (i,j)= - A $$ (i,j) and i=j = ⇒ L $$ (i,j) = P h ∈ { 0.. 0 . The injected current at no de i is mo deled via KCL and Ohm’s law as follows: c inj = m X j =1 ,j  = i ( c ij ) = m X j =1 ,j  = i a ij ( v i − v j ) (15) The total p o w er dissipation in the electrical netw ork is given, as follows: P dissipated = v T L v (16) where v = [ v 1 , v 2 , . . . , v m ] T represen ts the vector of v oltages at no des, and L refers to the Laplacian matrix of given netw ork. W e now formalize the current flo wing b et ween no de i and node j , whic h describ es Ohm’s law along the corre- sp onding edge (Equation ( 14 )), as follows: definition c ur_flow_btw_nodes where c ur_flow_btw_nodes v i j ≡ A $$ (i,j) * (v $ i - v $ j) The function cur_flow_btw_nodes accepts the v ector of voltages v and the indices i and j as inputs, and returns the result of the multiplication of the v oltage difference and conductance. Here, the conductance is modeled as an en try of the adjacency matrix. Next, we formalize the sum of current flo ws (using K CL) for each no de i , whic h giv es the injected curren t at no de i (Equation ( 15 )) as: definition K CL_cinj :: real vec ⇒ nat ⇒ real where K CL_cinj v i ≡ ( P j ∈ ( { 0.. < m } - { i } ). cur_flow_btw_nodes v i j) Here, w e exclude the case “ i=j ” since it do es not contribute to the summation. In the next step, we verify that the vector of injected currents and the v oltages at the no des v i satisfy the follo wing equality , which is formalized as: lemma l ap_c_inj : assumes v ∈ carier_vec m and i < dim_vec v sho ws KCL_cinj v i = ( L * v v) $ i The ab o ve lemma pro vides an alternative formulation of Equation ( 15 ) using the Laplacian matrix. Its v erification primarily relies on the following equality: ( L v ) i = m X j =1 ,j  = i a ij ( v i − v j ) ∀ v ∈ R m W e v erify the ab o ve equality in Isab elle/HOL as follows: lemma u seful_eq1 : assumes v ∈ carrier_vec m sho ws i < dim_vec v = ⇒ ( L * v v) $ i = ( P j ∈ { j. j < m ∧ j  = i } . A $$ (i,j) * (v $ i - v $ j)) 26 K. Aksoy et al. The ab o v e lemma is verified by leveraging the indexing and dimension prop erties of the Laplacian matrix, along with some reasoning on sets and summations. Subsequen tly , the pow er dissipated on an edge (i.e., a resistor) is formalized as follo ws: definition p ower_dissipated where p ower_dissipated v i j ≡ (cur_flow_btw_nodes v i j) 2 * (1/ A $$ (i,j)) The ab o ve definition mimics the p o wer computation based on Ohm’s law, i.e., P = I 2 R , where I refers to the current and R represents the resistance of a net work. The total p o wer dissipated across the resistors is indep enden t of the direction of the current flo w. Hence, we v erify the total p o wer dissipation of the resistiv e electrical netw ork within the lo cale sym_wdg_sys , as follows: lemma t otal_pow_dissp : assumes v ∈ carier_vec m sho ws 1/2 * ( P i ∈ { 0.. < m } . P j ∈ { 0.. < m } . power_dissipated v i j) = inner_prod v ( L * v v) where the function inner_prod takes t wo vectors as input and returns the pro d- uct of the transp ose of the first v ector with the second v ector. The v erification of the ab o ve lemma is based on the definition power_dissipated and the follo wing equalit y: L = L T = ⇒ v T L v = 1 2 m X i,j =1 a ij ( v i − v j ) 2 W e utilize some results on inner product in [ 59 ] to establish this equation, and it is formally v erified as the following lemma: lemma u seful_eq2 : assumes v ∈ carrier_vec m sho ws inner_prod v ( L * v v) = 1/2 * ( P i ∈ { 0.. < m } . P j ∈ { 0.. < m } . A $$ (i,j) * (v $ i - v $ j) 2 ) The ab o ve lemma is pro ven based on the generalization of lemma useful_eq1 , i.e., summation is taken o ver m , and laplacian_mat_sym (presented in Sec- tion 5.3 ), along with some set, summation and arithmetic reasoning. This con- cludes the formal verification of the total p ow er dissipation in resistiv e circuits, using the Laplacian matrix, demonstrating the applicabilit y of the prop osed theorem pro ving-based approach in reasoning about netw ork top ology matrices. More details ab out the ab o ve formalization and pro of pro cesses can b e found in [ 14 ]. 8 Discussion W e ha ve successfully formalized the netw ork top ology matrices, including the adjacency , degree, Laplacian and incidence matrices of weigh ted directed graphs and verified their prop erties in Isabelle/HOL. T o the b est of our kno wledge, On the F ormalization of Net work T op ology Matrices in HOL 27 these formalizations are not a v ailable in other theorem prov ers. Our develop- men t ensures the correctness of the underlying structure by rigorously verifying the relationships b et w een these matrices. In particular, we hav e established the inheren t connection b et ween graphs and matrices, where matrices are derived from net work system parameters (e.g., no des N s and edges E s). The formalization is generic, making the theorems and lemmas applicable to an y finite num b er of no des and edges (e.g., i = 1 , 2 , . . . , m and j = 1 , 2 , . . . , n denote indices for nodes and edges, resp ectively). Such generalit y is t ypically not ac hiev able through simulation-based analysis of netw ork topology matrices. One of the main challenges in this formalization was the informal and in tuitive nature of some pro ofs in the literature. F or instance, while the proof of the relationship b et w een the adjacency and incidence matrices is t ypically condensed to five lines in textbo oks (e.g., [ 6 ]), our Isab elle/HOL pro ofs (see the lemma rel_adj_Iout_ Iin in Section 6 ) required approximately 73 lines of co de. Although this approach demands more effort, it ensures rigorous reasoning, capturing every in termediate step, thereb y ac hieving a level of precision that is often o verlooked in traditional mathematical treatmen ts. F urthermore, in this pap er, we established the simpler equiv alence of the matrices and verified classical and structural prop erties within an appropri- ate lo cale. F or some fundamental lemmas inv olving indexing and dimensional prop erties, we lev eraged the pow erful Sledgehammer automation to ol [ 44 ] in Is- ab elle/HOL, which allows the deriv ation of concise one-line pro ofs. Theorems suc h as rel_adj_Iout_Iin and rel_lap_inc are prov en under lo cale assump- tions encapsulated within simple_wdg_sys , eliminating the need for rep etitiv e assumptions in theorem statements. This mo deling strategy not only reduces re- dundancy but also enhances mo dularit y and extensibility , allowing for seamless in tegration with previous or future formalizations. Another example is that we established new lo cales, such as wdg_sys and sym_netw_sys , by utilizing the lo cale inheritance from our prior netw ork system formalization [ 12 ]. The formalizations dev elop ed in this w ork were designed to be as generic and reusable as p ossible, given the broad applicabilit y of net work top ology matrices (as discussed in Section 1 ). T o this end, we first constructed the matrices out- side the lo cales and then addressed their simpler instances within the lo cales. Although this approac h may initially seem restrictive, integrating the matrices within net work system lo cales is a necessary trade-off to achiev e generality . F or example, complex-v alued netw ork top ology matrices can b e readily defined by instan tiating the matrix t yp e as complex within the lo cale, thereby enhancing reusabilit y and eliminating redundancy outside the lo cale. W e adopted this design choice (similiar to [ 33 ]) primarily to address chal- lenges in defining the Laplacian matrix ov er a field within the lo cale wdg_sys . Sp ecifically , it is not feasible to instan tiate b oth real-v alued and complex-v alued Laplacian matrices simultaneously , as complex num b ers cannot b e ordered in a w ay consistent with their algebraic prop erties. Instead of providing multiple definitions of the Laplacian matrix, one may establish a dedicated lo cale for com- plex netw ork systems and pro ve the equiv alence of the definitions within that 28 K. Aksoy et al. lo cale. Accordingly , netw ork systems formalized through a p olymorphic t yp e ′ a , supp orting extensions, such as subgraphs, in which no de and index types (e.g., nat ) ma y differ. While this abstraction ma y increase pro of complexity , Isab elle/HOL’s in terpretation mechanism would be an effective w ay to instanti- ate lo cale parameters and manage this complexit y . Moreo ver, adopting a generic no de t yp e facilitates the future integration of this formalization with other Is- ab elle/HOL libraries, many of which follow a similar parametric design. W e also presen ted practical applications to illustrate the usabilit y of our for- malization. F or instance, we formalized the Kron reduction algebraic metho d for Laplacian matrices. Since the matrix formalizations in this paper w as built upon the JNF matrix library , it w as quite conv enient to manipulate blo c k and subma- trices, whic h is crucial for the Kron reduction. How ever, verifying the properties of the Kron-reduced Laplacian prop erties required a detailed blo c k-wise analy- sis. T o address this, we utilized previously verified prop erties of the Laplacian matrix, suc h as row-sum and sign constrain ts, and derived sev eral auxiliary iden- tities inv olving blo c k matrix–vector equations and blo ck-specific diagonal/off- diagonal entries, which greatly facilitated verification. W e also demonstrated a case study on the p o w er dissipation in a resistive electrical netw ork. This ex- ample underscored the imp ortance of symmetry to ensure that the total p ow er dissipation is w ell-defined and ph ysically meaningful. One challenge encountered during this verification was the handling of double summation terms, although scalar–summation m ultiplication identities app ear straightforw ard, their formal treatmen t required significant effort in the Isab elle/HOL pro of assistant. 9 Conclusion In this pap er, we prop osed to use a HOL-based interactiv e theorem prov er to formalize significan t netw ork topology matrices. In particular, w e formalized the adjacency , degree and Laplacian matrices of weigh ted directed graphs in Is- ab elle/HOL and verified their classical prop erties, including indexing and weigh t- balanced. Moreov er, w e formalized the in-incidence and out-incidence matrices and v erified several fundamen tal prop erties, suc h as dimensional consistency and indexing. Subsequently , we established the formal relationships b et ween the in- cidence matrices, and the adjacency , degree and Laplacian matrices, thereb y ensuring the ov erall correctness and coherence of the formalization. T o demon- strate the effectiv eness of our formalization, we formally analyzed Kron-reduced Laplacian matrices and v erified the p ow er dissipation of a generic resistiv e elec- trical netw ork using the Laplacian matrix. As future w ork, from a formalization p oin t of view, it w ould b e interesting to explore the connection b etw een our formalization and other graph libraries in Isab elle/HOL. Moreo ver, a promis- ing direction is to extend this formalization tow ard the analysis of dynamical systems [ 6 ] across v arious domains, particularly in verifying their stability and con trollability . Another av enue for future w ork inv olves dev eloping complex- v alued net work systems and their corresp onding matrix represen tations, which are extensiv ely employ ed in graph signal pro cessing [ 60 ]. On the F ormalization of Net work T op ology Matrices in HOL 29 References 1. Newman, M.: Netw orks. Oxford Universit y Press (2018) 2. Sesh u, S., Reed, M.B.: Linear Graphs and Electrical Net works. Addison-W esley Publishing Company (1961) 3. Karl, H., Willig, A.: Proto cols and Architectures for Wireless Sensor Netw orks. John Wiley & Sons (2007) 4. Cascetta, E.: T ransp ortation Systems Analysis: Mo dels and Applications, vol. 29. Springer Science & Business Media (2009) 5. Hohn, F.E.: Elementary Matrix Algebra. Courier Corp oration (2013) 6. Bullo, F., Cortés, J., Dörfler, F., Martínez, S.: Lectures on Net work Systems. Cre- ateSpace (2018) 7. Kirc hhoff, G.: On the Solution of the Equations Obtained from the Inv estigation of the Linear Distribution of Galv anic Curren ts. IRE T ransactions on Circuit Theory 5(1), 4–7 (1958) 8. Uic ker, J.J., Rav ani, B., Sheth, P .N.: Matrix Metho ds in the Design Analysis of Mec hanisms and Multib ody Systems. Cambridge Univ ersity Press (2013) 9. Merris, R.: Laplacian Matrices of Graphs: A Surv ey . Linear Algebra and its Ap- plications 197, 143–176 (1994) 10. Chen, W.K.: Graph Theory and its Engineering Applications. W orld Scientific (1997) 11. Qadir, J., Hasan, O.: Applying F ormal Metho ds to Net working: Theory , T ech- niques, and Applications. IEEE Communications Surv eys & T utorials 17(1), 256– 291 (2014) 12. Akso y , K., Rashid, A., Hasan, O., T ahar, S.: F ormal Analysis of Electrical Cir- cuit Netw ork T op ologies Using Theorem Proving. In: 2025 In ternational Systems Conference. pp. 1–8. IEEE (2025) 13. Dorfler, F., Bullo, F.: Kron Reduction of Graphs with Applications to Electrical Net works. IEEE T ransactions on Circuits and Systems I 60(1), 150–163 (2012) 14. Akso y , K.: Proof Script: The F ormalization of the Net work T op ology Matrices in Isab elle/HOL. h ttps://hvg.ece.concordia.ca/code/Isab elle- hol/n tm.zip (2025) 15. Butler, R.W., Sjogren, J.A.: A PVS Graph Theory Library. T ech. Rep. NASA/TM- 1998-206923, NASA Langley (1998) 16. PVS Theorem Prov er. https://p vs.csl.sri.com/ (2025) 17. Nosc hinski, L.: A Graph Library for Isab elle. Mathematics in Computer Science 9(1), 23–39 (2015) 18. K osaian, K., T an, Y.K., Platzer, A.: A First Complete Algorithm for Real Quan- tifier Elimination in Isabelle/HOL. In: Pro ceedings of the 12th ACM SIGPLAN In ternational Conference on Certified Programs and Pro ofs. pp. 211–224 (2023) 19. Do czkal, C., P ous, D.: Graph Theory in Coq: Minors, Treewidth, and Isomor- phisms. Journal of Automated Reasoning 64, 795–825 (2020) 20. R OCQ Theorem Pro ver. h ttps://ro cq- prov er.org/ (2025) 21. Narváez, D.E., Song, C., Zhang, N.: F ormalizing Finite Ramsey Theory in Lean 4. In: Intelligen t Computer Mathematics, LNCS. vol. 14960, pp. 91–108. Springer (2024) 22. Lean 4 Theorem Prov er. https://gith ub.com/leanprov er/lean4 (2025) 23. W ong, W.: A Simple Graph Theory and its Application in Railwa y Signaling. In: HOL Theorem Pro ving System and Its Applications. pp. 395–396. IEEE Computer So ciet y (1991) 24. HOL Theorem Prov er. https://hol- theorem- pro ver.org/ (2025) 30 K. Aksoy et al. 25. Lee, G.: Correctnesss of Ford-Fulkerson’s Maximum Flow Algorithm. F ormalized Mathematics 13(2), 305–314 (2005) 26. Mizar Theorem Prov er. https://mizar.u wb.edu.pl/ (2025) 27. Diekmann, C., Hup el, L., Carle, G.: Directed Security Policies: A Stateful Netw ork Implemen tation. arXiv:1405.1114 (2014) 28. Lammic h, P ., Sefidgar, S.R.: F ormalizing Netw ork Flow Algorithms: A Refinement Approac h in Isab elle/HOL. Journal of A utomated Reasoning 62, 261–280 (2019) 29. K ovács, L., Lachnitt, H., Szeider, S.: F ormalizing Graph T rail Prop erties in Is- ab elle/HOL. In: Intelligen t Computer Mathematics, LNCS. vol. 12236, pp. 190– 205. Springer (2020) 30. Lo c h bihler, A.: A Mechanized Pro of of the Max-Flow Min-Cut Theorem for Count- able Net works with Applications to Probabilit y Theory . Journal of Automated Reasoning 66(4), 585–610 (2022) 31. T ekriwal, M., T ac hna-F ram, A., Jeannin, J.B., Kapritsos, M., Panagou, D.: F or- mally verified asymptotic consensus in robust net works. In: T o ols and Algorithms for the Construction and Analysis of Systems, LNCS. v ol. 14570, pp. 248–267. Springer (2024) 32. Heras, J., Poza, M., Dénès, M., Rideau, L.: Incidence Simplicial Matrices F ormal- ized in Co q/SSReflect. In: Intelligen t Computer Mathematics, LNCS. vol. 6824, pp. 30–44. Springer (2011) 33. Edmonds, C., P aulson, L.C.: F ormalising Fisher’s Inequality: F ormal Linear Alge- braic Pro of T echniques in Com binatorics. In: Interactiv e Theorem Proving, LIPIcs. v ol. 237, pp. 11:1–11:19 (2022) 34. Lean 4, Mathlib Library . https://gith ub.com/leanprov er- communit y/mathlib4/ tree/master/Mathlib/Com binatorics/SimpleGraph (2025) 35. Akso y , K., Rashid, A., T ahar, S.: F ormal Kinematic Analysis of Epicyclic Bevel Gear T rains. In: F ormal Engineering Metho ds, LNCS. vol. 15394, pp. 162–180. Springer (2024) 36. Nipk ow, T., W enzel, M., Paulson, L.C.: Isabelle/HOL: A Pro of Assistant for Higher-Order Logic. Springer (2002) 37. P aulson, L.C.: A Mec hanised Proof of Gödel’s Incompleteness Theorems using Nominal Isab elle. Journal of Automated Reasoning 55, 1–37 (2015) 38. Ab dulaziz, M., Paulson, L.C.: An Isab elle/HOL Formalisation of Green’s Theorem. Journal of Automated Reasoning 63, 763–786 (2019) 39. Sc harager, M., Cordwell, K., Mitsch, S., Platzer, A.: V erified Quadratic Virtual Substitution for Real Arithmetic. In: F ormal Metho ds, LNCS. vol. 13047, pp. 200– 217. Springer (2021) 40. Huerta y Munive, J.J.: Algebraic Verification of Hybrid Systems in Isab elle/HOL. Ph.D. thesis, Universit y of Sheffield, UK (2020) 41. Lammic h, P ., Wimmer, S.: Imp2-Simple Program Verification in Isab elle/HOL. h ttps://isa- afp.org/entries/IMP2.h tml (2019) 42. V erb eek, F., Bharadwaj, A., Bo ck enek, J., Ro essle, I., W eerwag, T., Ra vindran, B.: X86 Instruction Seman tics and Basic Blo c k Symbolic Execution. https://isa- afp. org/en tries/X86_ Seman tics.html (2021) 43. W enzel, M.: Isab elle/Isar—A Generic F ramew ork for Human-Readable Pro of Doc- umen ts. F rom Insigh t to Proof—F estschrift in Honour of Andrzej T rybulec 10(23), 277–298 (2007) 44. Blanc hette, J.C., Kaliszyk, C., P aulson, L.C., Urban, J.: Hammering tow ards QED. Journal of F ormalized Reasoning 9(1), 101–148 (2016) 45. Barrett, C., Tinelli, C.: Satisfiability Mo dulo Theories. Springer (2018) On the F ormalization of Net work T op ology Matrices in HOL 31 46. Ballarin, C.: Locales: A Module System for Mathematical Theories. Journal of A utomated Reasoning 52(2), 123–153 (2014) 47. Isab elle/HOL: HOL-Analysis Library . https://isabelle.in.tum.de/library/HOL/ HOL- Analysis/do cumen t.p df (2025) 48. Harrison, J.: The HOL Light Theory of Euclidean Space. Journal of Automated Reasoning 50, 173–190 (2013) 49. Thiemann, R., Y amada, A.: F ormalizing Jordan Normal Forms in Isabelle/HOL. In: Certified Programs and Pro ofs. pp. 88–99. ACM (2016) 50. Thiemann, R., Y amada, A., Bentkamp, A.: Matrices, Jordan Normal F orms, and Sp ectral Radius Theory. https://www.isa- afp.org/entries/Jordan_Normal_ F orm. h tml (2015) 51. Edmonds, C., P aulson, L.C.: A Mo dular First Formalisation of Com binatorial Design Theory . In: Intelligen t Computer Mathematics, LNCS. v ol. 12833, pp. 3– 18. Springer (2021) 52. Kron, G.: T ensor Analysis of Netw orks. J. Wiley & Sons New Y ork (1939) 53. Sugiy ama, T., Sato, K.: Kron Reduction and Effectiv e Resistance of Directed Graphs. SIAM Journal on Matrix Analysis and Applications 44(1), 270–292 (2023) 54. Mey er, C.D.: Sto c hastic Complemen tation, Uncoupling Marko v c hains, and the Theory of Nearly Reducible Systems. SIAM review 31(2), 240–272 (1989) 55. P erk, J.H., A u-Y ang, H.: Y ang-Baxter Equations. arXiv preprint math-ph/0606053 (2006) 56. T osatto, A., W eck esser, T., Chatziv asileiadis, S.: A Mo dified V ersion of the IEEE 3- Area R TS’96 T est Case for Time Series Analysis. arXiv preprint (2019) 57. W ang, R., Sun, Z.: Modelling and Kron Reduction of P ow er Flow Netw orks in Directed Graphs. arXiv preprint arXiv:2302.08896 (2023) 58. Monier, C.J.: Electric Circuit Analysis. P earson (2001) 59. Liu, J., Zhan, B., W ang, S., Ying, S., Liu, T., Li, Y., Ying, M., Zhan, N.: F ormal V erification of Quantum Algorithms using Quantum Hoare Logic. In: Computer Aided V erification, LNCS. vol. 11561, pp. 187–207. Springer (2019) 60. F urutani, S., Shibahara, T., Akiyama, M., Hato, K., Aida, M.: Graph signal Pro cessing for Directed Graphs based on the Hermitian Laplacian. In: Machine Learning and Knowledge Disco very in Databases, LNAI. v ol. 11906, pp. 447–463. Springer (2019)