CONTRIBUTI SCIENTIFICI AUTOMATED REASONING MARIA PAOLA BONACINA Dipartimento di Infor matica - Università degli Studi di Ver ona ALBERTO MARTELLI Dipartimento di Infor matica - Università degli Studi di Torino 1 Introduction counter-example,orcounter-model, that is, a model of S ∪{¬ϕ}. This branch of automated reasoning is called A central problem in automated reasoning is to determine automated model building. whether a conjecture ϕ, that represents a property to be In classical rst-order logic, deductive theorem proving veried, is a logical consequence of a set S of assump- is semi-decidable, while inductive theorem proving and tions, which express properties of the object of study (e.g., model building are not even semi-decidable.Itissignif- a system, a circuit, a program, a data type, a communica- icant that while books in theorem proving date from the tion protocol, a mathematical structure). early seventies [22, 48, 16, 27, 77, 44, 70], the rst book A conjoint problem is that of knowledge representation, on model building appeared only recently [21]. Most ap- or nding suitable formalisms for S and ϕ to represent as- proaches to automated model building belong to one of the pects of the real world, such as action, space, time, men- following three classes, or combine their principles: tal events and commonsense reasoning. While classical logic has been the principal formalism in automated rea- 1. Enumeration methods generate interpretations and soning, and many proof techniques have been studied and test whether they are models of the given set of for- implemented, non-classical logics, such as modal, tempo- mul; ral, description or nonmonotonic logics, have been widely 2. Saturation methods extract models from the nite set investigated to represent knowledge. of formul generated by a failed refutation attempt; and 2Automated reasoning in classical logic 3. Simultaneous methods search simultaneously for a Given the above central problem, one can try to answer af- refutation or a model of the given set of formul. ϕ S rmatively, by nding a proof of from . This problem In higher-order logics, that allow universal and existen- and the methods to approach it are called theorem prov- tial statements, not only on individuals, but also on func- ing. Theorem proving comprises both deductive theorem tions and predicates, even deductive theorem proving is no proving, which is concerned precisely with the entailment longer semi-decidable. Clearly, fully automated theorem S |= ϕ problem as stated above (in symbols: ), and induc- proving focuses on deductive theorem proving, while in- tive theorem proving, where the problem is to determine duction, model generation and reasoning in higher-order S ϕ whether entails all ground instances of (in symbols: logics resort to a larger extent to interactive theorem prov- S |= ϕσ σ , for all ground substitutions ). ing. Since the most important feature of higher-order logic In (fully) automated theorem proving, the machine alone for computer science are higher-order functions, that are is expected to nd a proof. In interactive theorem proving, a staple of functional programming languages, an inter- a proof is born out of the interaction between human and mediate solution is to develop a rst-order system, with machine. Since it is too difcult to nd a proof ignoring a functional programming language, used simultaneously the conjecture, the vast majority of theorem-proving meth- as programming language and as logical language [20, 43]. ods work refutationally, that is, they prove that ϕ follows logically from S,byshowing that S ∪{¬ϕ} generates a 2.1 Fully automated theorem proving contradiction, or is inconsistent. Otherwise, given assumptions S and conjecture ϕ, one Semi-decidability means that no algorithm is guaranteed to can try to answer negatively, disproving ϕ,bynding a halt, and return a proof, whenever S∪{¬ϕ} is inconsistent, 14 Anno III, N° 1/2, Marzo-Giugno 2006 CONTRIBUTI SCIENTIFICI or a model, whenever S ∪{¬ϕ} is consistent. The best one 1. the logic, can have is a semi-decision procedure, that is guaranteed to halt and return a proof, if S ∪{¬ϕ} is inconsistent. If 2. the form of admissible formulae for S or ϕ,or it halts without a proof, we can conclude that S ∪{¬ϕ} 3. the theory presented by the assumptions in S. is consistent, and try to extract a model from its output. However, if S ∪{¬ϕ} is consistent, the procedure is not An example of Case 1 is the guarded fragment of rst- guaranteed to halt. order logic, which propositional modal logic can be re- Intuitively, proofs of inconsistency of a given problem duced to. The most prominent instance is propositional S ∪{¬ϕ} are nite, if they exist, but there is an innite logic, whose decidable satisability problem is known as search space of logical consequences where to look for a SAT. Many problems in computer science can be encoded contradiction. A machine can explore only a nite part in propositional logic, reduced to SAT and submitted to of this innite space, and the challenge is to nd a proof SAT solvers.Asautomated reasoning is concerned primar- using as little resources as possible. A fundamental insight ily with complete SAT solvers, the dominating paradigm was the recognition that the ability to detect and discard is the DPLL procedure [25, 24, 79], implemented, among redundant formul is as crucial as the ability to generate others, in [78, 52]. consequences of given formul. In addition to standard As an example of Case 2, the Bernays-Schonnkel¬ class expansion inference rules of the form admits only sentences in the form A1 ... An (1) ∃x1,...xn.∀y1,...ym.P [x1,...xn,y1,...ym] B1 ... Bm where P is quantier-free. Decidable classes based on syn- which add inferred formul B1,...,Bm to the set of tactic restrictions are surveyed in [21]. known theorems, that already includes the premises Case 3 includes Presburger arithmetic or theories of data A1,...,An, contemporary inference systems feature con- structures, such as lists or arrays. For the latter, the typical traction rules, that delete or simplify already-inferred the- approach is to build a little engine of proof for each the- orems. The double-ruled inference rule form ory [66], by building the theorys axioms into a congruence A1 ... An closure algorithm to handle ground equalities [67, 54, 9]. (2) B1 ... Bm Little engines are combined to handle combinations of the- ories [53, 68, 31]. However, also generic theorem-proving means that the formul (Ai) above the rule are replaced by methods proved competitive on these problems [5]. those below (Bj). It is a deletion rule if the consequences Decidable does not mean pratical, and the decidable rea- are a proper subset of the premises; otherwise, it is a sim- soning problems are typically NP-complete. Since auto- plication rule. mated reasoning problems range from decidable, but NP- An expansion rule is sound if what is generated is complete,tosemi-decidable, or not even semi-decidable, logical consequence of the premises ({A1 ... An}|= automated reasoning relies pretty much universally on the {B1 ...Bm}). Classical examples are resolution and articial intelligence paradigm of search. paramodulation.Acontraction rule is sound if what is removed is logical consequence of what is left or added 2.3 Automated reasoning as a search problem ({B1 ...Bm}|= {A1 ... An}). Classical examples are subsumption and equational simplication from Knuth- Automated reasoning methods are strategies, composed Bendix completion.Aninference system is sound if all its of an inference system and a search plan. The inference rules are, and it is refutationally complete,ifitallows us to system is a non-deterministic set of inference rules, that derive a contradiction, whenever the initial set of formul denes a search space containing all possible inferences. is inconsistent. The challenge is dealing with contraction Describing formally the search space of a reasoning prob- without endangering completeness [36, 7, 8, 18]: a key lem is not obvious, and can be approached through differ- ingredient is to order the data (terms, literals, clauses, for- ent formalisms that capture different levels of abstraction mul, proofs) according to well-founded orderings. Infer- [62, 19]. The search plan guides the search and determines ence systems of this nature were applied successfully also the unique derivation to inductive theorem proving as in inductionless induction or proof by the lack of inconsistency [37, 40, 18]. S0 S1 ...Si Si+1 ... 2.2 Decision procedures and SAT solvers that the strategy computes from a given input S0 = S ∪ {¬ϕ}.Itisthe addition of the search plan that turns a non- Decidable instances of reasoning problems do exist. For deterministic inference system into a deterministic proof these problems, the search space is nite and decision pro- procedure. cedures are known. Decidability may stem from imposing The search plan decides, at each step, which inference restrictions on rule to apply to which data. If it selects an expansion rule, Anno III, N° 1/2, Marzo-Giugno 2006 15 CONTRIBUTI SCIENTIFICI the set of formul is expanded: guage understanding, symbolic computation, such as con- straint problem solving and computer algebra, compu- S tational logic, such as declarative programming and de- S ⊂ S S ductive databases, and mathematics, as witnessed by the If it selects a contraction rule, the set of formul is con- existence of databases of computer-checked mathematics tracted: [51]. Theorem provers are capable of proving non-trivial S mathematical theorems in theories such as Boolean alge- S ⊆ S S ≺mul S S bras, rings, groups, quasigroups and many-valued logic [3, 2, 41, 49, 75]. Last, the study of mechanical forms where ≺mul is the multiset extension of a well-founded of logical reasoning is part of the fundamental quest about ordering on clauses.