DOCSLIB.ORG

Formal Proof—Theory and Practice John Harrison

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Formal Proof—Theory and Practice John Harrison Formal Proof—Theory and Practice John Harrison formal proof is a proof written in a lacking obvious logical justification. Yet many precise artificial language that admits great mathematicians like Newton and Euler were only a fixed repertoire of stylized clearly self-conscious about a lack of rigor in steps. This formal language is usual- their work [24]. Following the waves of innovation, ly designed so that there is a purely there have always followed corresponding peri- Amechanical process by which the correctness of a ods of retrenchment, analyzing foundations and proof in the language can be verified. Nowadays, increasingly adopting a strict axiomatic-deductive there are numerous computer programs known as style, either to resolve apparent problems or just proof assistants that can check, or even partially to make the material easier to teach convincingly construct, formal proofs written in their preferred [11]; the “ǫ-δ” explanation of limits in calculus proof language. These can be considered as practi- is a classic example. Complete formalization is a cal, computer-based realizations of the traditional natural further step in this process of evolution systems of formal symbolic logic and set theory towards greater clarity and precision. To be more proposed as foundations for mathematics. concrete, our own hopes for formalization are Why should we wish to create formal proofs? focused on two specific goals: Of course, one may consider it just a harmless and • Supplementing, or even partly replacing, satisfying intellectual activity like solving cross- the process of peer review for mainstream words or doing Sudoku puzzles and not seek a mathematical papers with an objective and deeper justification. But we can identify two more mechanizable criterion for the correctness substantial reasons: of proofs. • Toestablish or refute a thesis about the na- • Extending rigorous proof from pure math- ture of mathematics or related questions ematics to the verification of computer sys- in philosophy. tems (programs, hardware systems, proto- • To improve the actual precision, explicit- cols, etc.), a process that presently relies ness, and reliability of mathematics. largely on testing. Philosophical goals played an important role in It is of course debatable whether, in either case, the development of logic and indeed of computer there is a serious problem with the existing status science too [7]. But we’re more interested in the quo and whether formal proofs can really offer actual use of formalization in mathematics, which a solution if so. But we will argue in this paper we think is not such a radical departure from that the answer is a resounding yes in both cases. existing practice as it might appear. In some of Recent decades have seen substantial advances, its most fertile periods, mathematics has been with proof assistants becoming easier to use and developed in speculative and imaginative ways more powerful and getting applied to ever more challenging problems. John Harrison is principal engineer at Intel Corporation A significant early milestone in formalization in Hillsboro, Oregon. His email address is johnh@ichips. of mathematics was Jutting’s 1970s formalization intel.com. of Landau’s very detailed proof of the complete December 2008 Notices of the AMS 1395 ordered field axioms for the real numbers con- differences can then be performed using quite sim- structed by Dedekind cuts. Today we can point to ple fixed procedures that require no mathematical formalizations starting from similarly basic foun- insight or understanding and are therefore even dations that reach nontrivial results in topology, amenable to automation in mechanical calculating analysis, and number theory such as the Jordan machines or their modern electronic counterparts. Curve Theorem, Cauchy’s integral theorem, and Symbolic logic extends the use of symbolism, the Prime Number Theorem. Perhaps most spec- featuring not only expressions called terms denot- tacularly, Gonthier has completely formalized the ing mathematical objects, but also formulas, which proof of the Four-Color Theorem, as described are corresponding expressions denoting mathe- elsewhere in this issue. matical propositions. Just as there are operators Similar progress can be discerned in formal like addition or set intersection on mathemati- proofs of computer systems. The first proof of cal objects, symbolic logic uses logical connectives compiler correctness by McCarthy and Painter like “and” that can be considered as operators from 1967 was for a compiler from a simple ex- on propositions. The most important have corre- pression language into an invented machine code sponding symbolic forms; for example as we write with four instructions. Recently, Leroy has pro- “x + y” to denote the mathematical object “x plus duced a machine-checked correctness proof for y”, we can use “p ∧q” to denote the proposition “p a compiler from a significant fragment of C to and q”. The basic logical connectives were already a real current microprocessor. In some parts of used by Boole, and modern symbolic logic also the computer industry, especially in critical areas features the universal quantifier “for all” and the such as avionics, formal methods are becoming an existential quantifier “there exists”, whose intro- increasingly important part of the landscape. duction is usually credited independently to Frege, The present author has been responsible for Peano, and Peirce. The following table summarizes developing the HOL Light theorem prover, with its one common notation for the logical constants, many special algorithms and decision procedures, connectives and quantifiers: and applying it to the formalization of mathemat- English Symbolic ics, pure and applied. In his present role, he has false ⊥ been responsible at Intel for the formal verifica- true ⊤ tion of a number of algorithms implementing basic not p ¬p floating-point operations [13]. Work of this kind p and q p ∧ q indicates that formalization of pure mathematics p or q p ∨ q and verification applications are not separate ac- p implies q p ⇒ q tivities, one undertaken for fun and the other for p iff q p ⇔ q profit, but are intimately connected. For example, for all x, p ∀x. p in order to prove quite concrete results about there exists x such that p ∃x. p floating-point operations, we need nontrivial re- For example, an assertion of continuity of a sults from mainstream real analysis and number function f : R → R at a point x, which we might theory, even before we consider all the special state in words as properties of floating-point rounding. For all ǫ > 0, there exists a δ > 0 ′ ′ Formal Symbolic Logic such that for all x with |x−x | < δ, we also have |f (x) − f (x′)| < ǫ The use of symbolic expressions denoting math- ematical objects (numbers, sets, matrices, etc.) is could be written as a logical formula well established. We normally write “(x+y)(x−y)” ∀ǫ.ǫ > 0 ⇒ ∃δ. δ > 0 ∧ ∀x′. |x − rather than “the product of, on the one hand the x′| < δ ⇒|f (x) − f (x′)| < ǫ sum of the first unknown and the second unknown, The use of logical symbolism is already bene- and on the other hand the difference of the first ficial for its brevity and clarity when expressing and the second unknown”. In ancient times such complicated assertions. For example, we can make longwinded natural-language renderings were the systematic use of bracketing, e.g., to distinguish norm, but over time more and more of mathemat- between “p ∧ (q ∨ r)” and “(p ∧ q) ∨ r”, while in- ics has come to be expressed in symbolic notation. dicating precedences in English is more awkward. Symbolism is usually shorter, is generally clear- But logical symbolism really comes into its own er in complicated cases, and avoids some of the in concert with formal rules of manipulation, i.e., clumsiness and ambiguity inherent in natural lan- symbolic transformations on formulas that can guage. Perhaps most importantly, a well-chosen be applied mechanically without returning to the notation can contribute to making mathematical underlying meanings. For example, one sees at a reasoning itself easier, or even purely mechanical. glance that x = 2y and x/2 = y are equivalent, The positional base-n representation of numbers and applies corresponding manipulations with- is a good example: problems like finding sums and out thinking about why. Logical notation creates a 1396 Notices of the AMS Volume 55, Number 11 new vista of such mechanical transformations, e.g., This idealized style of mathematical develop- from (∃x. P(x)) ⇒ q to ∀x. (P(x) ⇒ q). Symbolism ment was already established in Euclid’s Elements and formal rules of manipulation: of Geometry. However, its later critical examina- […] have invariably been intro- tion raised numerous philosophical difficulties. duced to make things easy. […] by If mathematics is a purely deductive discipline, the aid of symbolism, we can make what is its relationship with empirical reality? Are transitions in reasoning almost the axioms actually true of the real world? Can mechanically by the eye, which some axioms be deduced purely logically from otherwise would call into play the others, or are they all independent? Would it make higher faculties of the brain. […] sense to use different axioms that contradict the Civilization advances by extending usual ones? What are the incontrovertible logical the number of important oper- steps admissible in a mathematical proof, and how ations which can be performed are they to be distinguished from the substantial without thinking about them. [27] mathematical assumptions that we call axioms? Foundational questions of this sort have preoc- In modern formal logic, the emphasis on formal, cupied philosophers for millennia. Now and again, mechanical manipulation is taken to its natural ex- related worries have reached a broader communi- treme. We not only make use of logical symbolism, ty, often as a reaction to disquiet at certain mathe- but precisely circumscribe the permissible terms matical developments, such as irrational numbers, and formulas and define a precise counterpart infinitesimal calculus, and non-Euclidean geom- to the informal notion of proof based purely on etry.
Load more

Recommended publications
  • COMPSCI 501: Formal Language Theory Insights on Computability Turing Machines Are a Model of Computation Two (No Longer) Surpris
    Insights on Computability Turing machines are a model of computation COMPSCI 501: Formal Language Theory Lecture 11: Turing Machines Two (no longer) surprising facts: Marius Minea Although simple, can describe everything [email protected] a (real) computer can do. University of Massachusetts Amherst Although computers are powerful, not everything is computable! Plus: “play” / program with Turing machines! 13 February 2019 Why should we formally define computation? Must indeed an algorithm exist? Back to 1900: David Hilbert’s 23 open problems Increasingly a realization that sometimes this may not be the case. Tenth problem: “Occasionally it happens that we seek the solution under insufficient Given a Diophantine equation with any number of un- hypotheses or in an incorrect sense, and for this reason do not succeed. known quantities and with rational integral numerical The problem then arises: to show the impossibility of the solution under coefficients: To devise a process according to which the given hypotheses or in the sense contemplated.” it can be determined in a finite number of operations Hilbert, 1900 whether the equation is solvable in rational integers. This asks, in effect, for an algorithm. Hilbert’s Entscheidungsproblem (1928): Is there an algorithm that And “to devise” suggests there should be one. decides whether a statement in first-order logic is valid? Church and Turing A Turing machine, informally Church and Turing both showed in 1936 that a solution to the Entscheidungsproblem is impossible for the theory of arithmetic. control To make and prove such a statement, one needs to define computability. In a recent paper Alonzo Church has introduced an idea of “effective calculability”, read/write head which is equivalent to my “computability”, but is very differently defined.
    [Show full text]
  • Use Formal and Informal Language in Persuasive Text
    Author’S Craft Use Formal and Informal Language in Persuasive Text 1. Focus Objectives Explain Using Formal and Informal Language In this mini-lesson, students will: Say: When I write a persuasive letter, I want people to see things my way. I use • Learn to use both formal and different kinds of language to gain support. To connect with my readers, I use informal language in persuasive informal language. Informal language is conversational; it sounds a lot like the text. way we speak to one another. Then, to make sure that people believe me, I also use formal language. When I use formal language, I don’t use slang words, and • Practice using formal and informal I am more objective—I focus on facts over opinions. Today I’m going to show language in persuasive text. you ways to use both types of language in persuasive letters. • Discuss how they can apply this strategy to their independent writing. Model How Writers Use Formal and Informal Language Preparation Display the modeling text on chart paper or using the interactive whiteboard resources. Materials Needed • Chart paper and markers 1. As the parent of a seventh grader, let me assure you this town needs a new • Interactive whiteboard resources middle school more than it needs Old Oak. If selling the land gets us a new school, I’m all for it. Advanced Preparation 2. Last month, my daughter opened her locker and found a mouse. She was traumatized by this experience. She has not used her locker since. If you will not be using the interactive whiteboard resources, copy the Modeling Text modeling text and practice text onto chart paper prior to the mini-lesson.
    [Show full text]
  • Experiments in Validating Formal Semantics for C
    Experiments in validating formal semantics for C Sandrine Blazy ENSIIE and INRIA Rocquencourt [email protected] Abstract. This paper reports on the design of adequate on-machine formal semantics for a certified C compiler. This compiler is an optimiz- ing compiler, that targets critical embedded software. It is written and formally verified using the Coq proof assistant. The main structure of the compiler is very strongly conditioned by the choice of the languages of the compiler, and also by the kind of semantics of these languages. 1 Introduction C is still widely used in industry, especially for developing embedded software. The main reason is the control by the C programmer of all the resources that are required for program execution (e.g. memory layout, memory allocation) and that affect performance. C programs can therefore be very efficient, but the price to pay is a programming effort. For instance, using C pointer arithmetic may be required in order to compute the address of a memory cell. However, a consequence of this freedom given to the C programmer is the presence of run-time errors such as buffer overflows and dangling pointers. Such errors may be difficult to detect in programs, because of C type casts and more generally because the C type system is unsafe. Many static analysis tools attempt to detect such errors in order to ensure safety properties that may be ensured by more recent languages such as Java. For instance, CCured is a program transformation system that adds memory safety guarantees to C programs by verifying statically that memory errors cannot oc- cur and by inserting run-time checks where static verification is insufficient [1].
    [Show full text]
  • Introduction to Model Checking and Temporal Logic¹
    Formal Verification Lecture 1: Introduction to Model Checking and Temporal Logic¹ Jacques Fleuriot [email protected] ¹Acknowledgement: Adapted from original material by Paul Jackson, including some additions by Bob Atkey. I Describe formally a specification that we desire the model to satisfy I Check the model satisfies the specification I theorem proving (usually interactive but not necessarily) I Model checking Formal Verification (in a nutshell) I Create a formal model of some system of interest I Hardware I Communication protocol I Software, esp. concurrent software I Check the model satisfies the specification I theorem proving (usually interactive but not necessarily) I Model checking Formal Verification (in a nutshell) I Create a formal model of some system of interest I Hardware I Communication protocol I Software, esp. concurrent software I Describe formally a specification that we desire the model to satisfy Formal Verification (in a nutshell) I Create a formal model of some system of interest I Hardware I Communication protocol I Software, esp. concurrent software I Describe formally a specification that we desire the model to satisfy I Check the model satisfies the specification I theorem proving (usually interactive but not necessarily) I Model checking Introduction to Model Checking I Specifications as Formulas, Programs as Models I Programs are abstracted as Finite State Machines I Formulas are in Temporal Logic 1. For a fixed ϕ, is M j= ϕ true for all M? I Validity of ϕ I This can be done via proof in a theorem prover e.g. Isabelle. 2. For a fixed ϕ, is M j= ϕ true for some M? I Satisfiability 3.
    [Show full text]
  • The Corcoran-Smiley Interpretation of Aristotle's Syllogistic As
    November 11, 2013 15:31 History and Philosophy of Logic Aristotelian_syllogisms_HPL_house_style_color HISTORY AND PHILOSOPHY OF LOGIC, 00 (Month 200x), 1{27 Aristotle's Syllogistic and Core Logic by Neil Tennant Department of Philosophy The Ohio State University Columbus, Ohio 43210 email [email protected] Received 00 Month 200x; final version received 00 Month 200x I use the Corcoran-Smiley interpretation of Aristotle's syllogistic as my starting point for an examination of the syllogistic from the vantage point of modern proof theory. I aim to show that fresh logical insights are afforded by a proof-theoretically more systematic account of all four figures. First I regiment the syllogisms in the Gentzen{Prawitz system of natural deduction, using the universal and existential quantifiers of standard first- order logic, and the usual formalizations of Aristotle's sentence-forms. I explain how the syllogistic is a fragment of my (constructive and relevant) system of Core Logic. Then I introduce my main innovation: the use of binary quantifiers, governed by introduction and elimination rules. The syllogisms in all four figures are re-proved in the binary system, and are thereby revealed as all on a par with each other. I conclude with some comments and results about grammatical generativity, ecthesis, perfect validity, skeletal validity and Aristotle's chain principle. 1. Introduction: the Corcoran-Smiley interpretation of Aristotle's syllogistic as concerned with deductions Two influential articles, Corcoran 1972 and Smiley 1973, convincingly argued that Aristotle's syllogistic logic anticipated the twentieth century's systematizations of logic in terms of natural deductions. They also showed how Aristotle in effect advanced a completeness proof for his deductive system.
    [Show full text]
  • Chapter 6 Formal Language Theory
    Chapter 6 Formal Language Theory In this chapter, we introduce formal language theory, the computational theories of languages and grammars. The models are actually inspired by formal logic, enriched with insights from the theory of computation. We begin with the definition of a language and then proceed to a rough characterization of the basic Chomsky hierarchy. We then turn to a more de- tailed consideration of the types of languages in the hierarchy and automata theory. 6.1 Languages What is a language? Formally, a language L is defined as as set (possibly infinite) of strings over some finite alphabet. Definition 7 (Language) A language L is a possibly infinite set of strings over a finite alphabet Σ. We define Σ∗ as the set of all possible strings over some alphabet Σ. Thus L ⊆ Σ∗. The set of all possible languages over some alphabet Σ is the set of ∗ all possible subsets of Σ∗, i.e. 2Σ or ℘(Σ∗). This may seem rather simple, but is actually perfectly adequate for our purposes. 6.2 Grammars A grammar is a way to characterize a language L, a way to list out which strings of Σ∗ are in L and which are not. If L is finite, we could simply list 94 CHAPTER 6. FORMAL LANGUAGE THEORY 95 the strings, but languages by definition need not be finite. In fact, all of the languages we are interested in are infinite. This is, as we showed in chapter 2, also true of human language. Relating the material of this chapter to that of the preceding two, we can view a grammar as a logical system by which we can prove things.
    [Show full text]
  • PROGRAM VERIFICATION Robert S. Boyer and J
    PROGRAM VERIFICATION Robert S. Boyer and J Strother Moore To Appear in the Journal of Automated Reasoning The research reported here was supported by National Science Foundation Grant MCS-8202943 and Office of Naval Research Contract N00014-81-K-0634. Institute for Computing Science and Computer Applications The University of Texas at Austin Austin, Texas 78712 1 Computer programs may be regarded as formal mathematical objects whose properties are subject to mathematical proof. Program verification is the use of formal, mathematical techniques to debug software and software specifications. 1. Code Verification How are the properties of computer programs proved? We discuss three approaches in this article: inductive invariants, functional semantics, and explicit semantics. Because the first approach has received by far the most attention, it has produced the most impressive results to date. However, the field is now moving away from the inductive invariant approach. 1.1. Inductive Assertions The so-called Floyd-Hoare inductive assertion method of program verification [25, 33] has its roots in the classic Goldstine and von Neumann reports [53] and handles the usual kind of programming language, of which FORTRAN is perhaps the best example. In this style of verification, the specifier "annotates" certain points in the program with mathematical assertions that are supposed to describe relations that hold between the program variables and the initial input values each time "control" reaches the annotated point. Among these assertions are some that characterize acceptable input and the desired output. By exploring all possible paths from one assertion to the next and analyzing the effects of intervening program statements it is possible to reduce the correctness of the program to the problem of proving certain derived formulas called verification conditions.
    [Show full text]
  • Axiomatic Set Teory P.D.Welch
    Axiomatic Set Teory P.D.Welch. August 16, 2020 Contents Page 1 Axioms and Formal Systems 1 1.1 Introduction 1 1.2 Preliminaries: axioms and formal systems. 3 1.2.1 The formal language of ZF set theory; terms 4 1.2.2 The Zermelo-Fraenkel Axioms 7 1.3 Transfinite Recursion 9 1.4 Relativisation of terms and formulae 11 2 Initial segments of the Universe 17 2.1 Singular ordinals: cofinality 17 2.1.1 Cofinality 17 2.1.2 Normal Functions and closed and unbounded classes 19 2.1.3 Stationary Sets 22 2.2 Some further cardinal arithmetic 24 2.3 Transitive Models 25 2.4 The H sets 27 2.4.1 H - the hereditarily finite sets 28 2.4.2 H - the hereditarily countable sets 29 2.5 The Montague-Levy Reflection theorem 30 2.5.1 Absoluteness 30 2.5.2 Reflection Theorems 32 2.6 Inaccessible Cardinals 34 2.6.1 Inaccessible cardinals 35 2.6.2 A menagerie of other large cardinals 36 3 Formalising semantics within ZF 39 3.1 Definite terms and formulae 39 3.1.1 The non-finite axiomatisability of ZF 44 3.2 Formalising syntax 45 3.3 Formalising the satisfaction relation 46 3.4 Formalising definability: the function Def. 47 3.5 More on correctness and consistency 48 ii iii 3.5.1 Incompleteness and Consistency Arguments 50 4 The Constructible Hierarchy 53 4.1 The L -hierarchy 53 4.2 The Axiom of Choice in L 56 4.3 The Axiom of Constructibility 57 4.4 The Generalised Continuum Hypothesis in L.
    [Show full text]
  • Does Reductive Proof Theory Have a Viable Rationale?
    DOES REDUCTIVE PROOF THEORY HAVE A VIABLE RATIONALE? Solomon Feferman Abstract The goals of reduction and reductionism in the natural sciences are mainly explanatory in character, while those in mathematics are primarily foundational. In contrast to global reductionist programs which aim to reduce all of mathematics to one supposedly “univer- sal” system or foundational scheme, reductive proof theory pursues local reductions of one formal system to another which is more jus- tified in some sense. In this direction, two specific rationales have been proposed as aims for reductive proof theory, the constructive consistency-proof rationale and the foundational reduction rationale. However, recent advances in proof theory force one to consider the viability of these rationales. Despite the genuine problems of foun- dational significance raised by that work, the paper concludes with a defense of reductive proof theory at a minimum as one of the principal means to lay out what rests on what in mathematics. In an extensive appendix to the paper, various reduction relations between systems are explained and compared, and arguments against proof-theoretic reduction as a “good” reducibility relation are taken up and rebutted. 1 1 Reduction and reductionism in the natural sciencesandinmathematics. The purposes of reduction in the natural sciences and in mathematics are quite different. In the natural sciences, one main purpose is to explain cer- tain phenomena in terms of more basic phenomena, such as the nature of the chemical bond in terms of quantum mechanics, and of macroscopic ge- netics in terms of molecular biology. In mathematics, the main purpose is foundational. This is not to be understood univocally; as I have argued in (Feferman 1984), there are a number of foundational ways that are pursued in practice.
    [Show full text]
  • Formal Verification, Model Checking
    Introduction Modeling Specification Algorithms Conclusions Formal Verification, Model Checking Radek Pel´anek Introduction Modeling Specification Algorithms Conclusions Motivation Formal Methods: Motivation examples of what can go wrong { first lecture non-intuitiveness of concurrency (particularly with shared resources) mutual exclusion adding puzzle Introduction Modeling Specification Algorithms Conclusions Motivation Formal Methods Formal Methods `Formal Methods' refers to mathematically rigorous techniques and tools for specification design verification of software and hardware systems. Introduction Modeling Specification Algorithms Conclusions Motivation Formal Verification Formal Verification Formal verification is the act of proving or disproving the correctness of a system with respect to a certain formal specification or property. Introduction Modeling Specification Algorithms Conclusions Motivation Formal Verification vs Testing formal verification testing finding bugs medium good proving correctness good - cost high small Introduction Modeling Specification Algorithms Conclusions Motivation Types of Bugs likely rare harmless testing not important catastrophic testing, FVFV Introduction Modeling Specification Algorithms Conclusions Motivation Formal Verification Techniques manual human tries to produce a proof of correctness semi-automatic theorem proving automatic algorithm takes a model (program) and a property; decides whether the model satisfies the property We focus on automatic techniques. Introduction Modeling Specification Algorithms Conclusions
    [Show full text]
  • Notes on Proof Theory
    Notes on Proof Theory Master 1 “Informatique”, Univ. Paris 13 Master 2 “Logique Mathématique et Fondements de l’Informatique”, Univ. Paris 7 Damiano Mazza November 2016 1Last edit: March 29, 2021 Contents 1 Propositional Classical Logic 5 1.1 Formulas and truth semantics . 5 1.2 Atomic negation . 8 2 Sequent Calculus 10 2.1 Two-sided formulation . 10 2.2 One-sided formulation . 13 3 First-order Quantification 16 3.1 Formulas and truth semantics . 16 3.2 Sequent calculus . 19 3.3 Ultrafilters . 21 4 Completeness 24 4.1 Exhaustive search . 25 4.2 The completeness proof . 30 5 Undecidability and Incompleteness 33 5.1 Informal computability . 33 5.2 Incompleteness: a road map . 35 5.3 Logical theories . 38 5.4 Arithmetical theories . 40 5.5 The incompleteness theorems . 44 6 Cut Elimination 47 7 Intuitionistic Logic 53 7.1 Sequent calculus . 55 7.2 The relationship between intuitionistic and classical logic . 60 7.3 Minimal logic . 65 8 Natural Deduction 67 8.1 Sequent presentation . 68 8.2 Natural deduction and sequent calculus . 70 8.3 Proof tree presentation . 73 8.3.1 Minimal natural deduction . 73 8.3.2 Intuitionistic natural deduction . 75 1 8.3.3 Classical natural deduction . 75 8.4 Normalization (cut-elimination in natural deduction) . 76 9 The Curry-Howard Correspondence 80 9.1 The simply typed l-calculus . 80 9.2 Product and sum types . 81 10 System F 83 10.1 Intuitionistic second-order propositional logic . 83 10.2 Polymorphic types . 84 10.3 Programming in system F ...................... 85 10.3.1 Free structures .
    [Show full text]
  • Classical First-Order Logic Software Formal Verification
    Classical First-Order Logic Software Formal Verification Maria Jo~aoFrade Departmento de Inform´atica Universidade do Minho 2008/2009 Maria Jo~aoFrade (DI-UM) First-Order Logic (Classical) MFES 2008/09 1 / 31 Introduction First-order logic (FOL) is a richer language than propositional logic. Its lexicon contains not only the symbols ^, _, :, and ! (and parentheses) from propositional logic, but also the symbols 9 and 8 for \there exists" and \for all", along with various symbols to represent variables, constants, functions, and relations. There are two sorts of things involved in a first-order logic formula: terms, which denote the objects that we are talking about; formulas, which denote truth values. Examples: \Not all birds can fly." \Every child is younger than its mother." \Andy and Paul have the same maternal grandmother." Maria Jo~aoFrade (DI-UM) First-Order Logic (Classical) MFES 2008/09 2 / 31 Syntax Variables: x; y; z; : : : 2 X (represent arbitrary elements of an underlying set) Constants: a; b; c; : : : 2 C (represent specific elements of an underlying set) Functions: f; g; h; : : : 2 F (every function f as a fixed arity, ar(f)) Predicates: P; Q; R; : : : 2 P (every predicate P as a fixed arity, ar(P )) Fixed logical symbols: >, ?, ^, _, :, 8, 9 Fixed predicate symbol: = for \equals" (“first-order logic with equality") Maria Jo~aoFrade (DI-UM) First-Order Logic (Classical) MFES 2008/09 3 / 31 Syntax Terms The set T , of terms of FOL, is given by the abstract syntax T 3 t ::= x j c j f(t1; : : : ; tar(f)) Formulas The set L, of formulas of FOL, is given by the abstract syntax L 3 φ, ::= ? j > j :φ j φ ^ j φ _ j φ ! j t1 = t2 j 8x: φ j 9x: φ j P (t1; : : : ; tar(P )) :, 8, 9 bind most tightly; then _ and ^; then !, which is right-associative.
    [Show full text]