22 axioms uniform substitutions
play

22: Axioms & Uniform Substitutions 15-424: Foundations of - PowerPoint PPT Presentation

Apr 29, 2023 •164 likes •1.99k views

22: Axioms & Uniform Substitutions 15-424: Foundations of Cyber-Physical Systems Andr e Platzer aplatzer@cs.cmu.edu Computer Science Department Carnegie Mellon University, Pittsburgh, PA The Secret for Simpler Sound Hybrid Systems

  1. Axiom vs. Axiom Schema Axiom Schema [ a ∪ b ] p (¯ x ) ↔ [ a ] p (¯ x ) ∧ [ b ] p (¯ x ) [ α ∪ β ] φ ↔ [ α ] φ ∧ [ β ] φ Pattern Placeholder Same match α schema instance formulas variable of φ in for shape matcher all places α ∪ β Axiom Schema p → [ a ] p φ → [ α ] φ . . . x = 0 → [ y ′ = 5] x = 0 x = y → [ y ′ = 5] x = y x = z → [ y ′ = 5] x = z Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 11 / 44

  2. Axiom vs. Axiom Schema Axiom Schema [ a ∪ b ] p (¯ x ) ↔ [ a ] p (¯ x ) ∧ [ b ] p (¯ x ) [ α ∪ β ] φ ↔ [ α ] φ ∧ [ β ] φ Pattern Placeholder Same match α schema instance formulas variable of φ in for shape matcher all places α ∪ β Axiom Schema p → [ a ] p φ → [ α ] φ . . . � x = 0 → [ y ′ = 5] x = 0 special vs. rule out × x = y → [ y ′ = 5] x = y degenerate by side � x = z → [ y ′ = 5] x = z instances conditions Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 11 / 44

  3. Axiom vs. Axiom Schema: Formula vs. Algorithm Algorithm 1 Formula Axiom Schema [ a ∪ b ] p (¯ x ) ↔ [ a ] p (¯ x ) ∧ [ b ] p (¯ x ) [ α ∪ β ] φ ↔ [ α ] φ ∧ [ β ] φ Pattern Placeholder Generic formula. Same match α schema No exceptions. instance formulas variable of φ in for shape matcher all places α ∪ β Axiom Schema p → [ a ] p φ → [ α ] φ . . . � x = 0 → [ y ′ = 5] x = 0 special vs. rule out × x = y → [ y ′ = 5] x = y degenerate by side � x = z → [ y ′ = 5] x = z instances conditions Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 11 / 44

  4. Generic Formulas in Axioms are like Generic Points An analogy from algebraic geometry concrete points Axiom schemata with side conditions are like ∃ x ax 2 + bx + c = 0 iff b 2 ≥ 4 ac except a = 0 This Way Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 12 / 44

  5. Generic Formulas in Axioms are like Generic Points An analogy from algebraic geometry concrete points Axiom schemata with side conditions are like ∃ x ax 2 + bx + c = 0 iff b 2 ≥ 4 ac except a = 0 except b = 0 This Way Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 12 / 44

  6. Generic Formulas in Axioms are like Generic Points An analogy from algebraic geometry concrete points Axiom schemata with side conditions are like ∃ x ax 2 + bx + c = 0 iff b 2 ≥ 4 ac except a = 0 except b = 0 except c = 0 This Way Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 12 / 44

  7. Generic Formulas in Axioms are like Generic Points An analogy from algebraic geometry concrete points Axiom schemata with side conditions are like ∃ x ax 2 + bx + c = 0 iff b 2 ≥ 4 ac except a = 0 except b = 0 except c = 0 This Way generic points Axioms Generic formulas in axioms are like √ ax 2 + bx + c = 0 iff x = − b ± b 2 − 4 ac / (2 a ) Paying attention during substitutions to avoid degenerates (no /0, √− 1) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 12 / 44

  8. Axioms vs. Axiom Schemata: Philosophy Affects Provers � Soundness easier: literal formula, not instantiation mechanism � An axiom is one formula. Axiom schema is a decision algorithm. � Generic formula, not some shape with characterization of exceptions � No schema variable or meta variable algorithms � No matching mechanisms / unification in prover kernel � No side condition subtlety or occurrence pattern checks (per schema) × Need other means of instantiating axioms: uniform substitution (US) � US + renaming: isolate static semantics � US independent from axioms: modular logic vs. prover separation � More flexible by syntactic contextual equivalence × Extra proofs branches since instantiation is explicit proof step Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 13 / 44

  9. Axioms vs. Axiom Schemata: Philosophy Affects Provers � Soundness easier: literal formula, not instantiation mechanism � An axiom is one formula. Axiom schema is a decision algorithm. � Generic formula, not some shape with characterization of exceptions � No schema variable or meta variable algorithms � No matching mechanisms / unification in prover kernel � No side condition subtlety or occurrence pattern checks (per schema) × Need other means of instantiating axioms: uniform substitution (US) � US + renaming: isolate static semantics � US independent from axioms: modular logic vs. prover separation � More flexible by syntactic contextual equivalence × Extra proofs branches since instantiation is explicit proof step � Net win for soundness since significantly simpler prover Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 13 / 44

  10. KeYmaera X Kernel is a Microkernel for Soundness ≈ LOC KeYmaera X 1 677 hybrid KeYmaera 65 989 prover � KeY 51 328 Java HOL Light 396 Isabelle/Pure 8 113 general Nuprl 15 000 + 50 000 math Coq 20 000 HSolver 20 000 Flow ∗ 25 000 PHAVer 30 000 hybrid dReal 50 000 + millions verifier SpaceEx 100 000 HyCreate2 6 081 + user model analysis Disclaimer: These self-reported estimates of the soundness-critical lines of code + rules are to be taken with a grain of salt. Different languages, capabilities, styles Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 14 / 44 . . .

  11. Uniform Substitution Theorem (Soundness) replace all occurrences of p ( · ) φ US σ ( φ ) provided FV ( σ | Σ( θ ) ) ∩ BV ( ⊗ ( · )) = ∅ for each operation ⊗ ( θ ) in φ i.e. bound variables U = BV( ⊗ ( · )) of operator ⊗ are not free in the substitution on its argument θ ( U -admissible) [ a ∪ b ] p (¯ x ) ↔ [ a ] p (¯ x ) ∧ [ b ] p (¯ x ) US [ x := x + 1 ∪ x ′ = 1] x ≥ 0 ↔ [ x := x + 1] x ≥ 0 ∧ [ x ′ = 1] x ≥ 0 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 15 / 44

  12. Uniform Substitution Theorem (Soundness) replace all occurrences of p ( · ) φ US σ ( φ ) provided FV ( σ | Σ( θ ) ) ∩ BV ( ⊗ ( · )) = ∅ for each operation ⊗ ( θ ) in φ i.e. bound variables U = BV( ⊗ ( · )) of operator ⊗ are not free in the substitution on its argument θ ( U -admissible) Uniform substitution σ replaces all occurrences of p ( θ ) for any θ by ψ ( θ ) function f ( θ ) for any θ by η ( θ ) quantifier C ( φ ) for any φ by ψ ( θ ) program const. a by α [ a ∪ b ] p (¯ x ) ↔ [ a ] p (¯ x ) ∧ [ b ] p (¯ x ) US [ x := x + 1 ∪ x ′ = 1] x ≥ 0 ↔ [ x := x + 1] x ≥ 0 ∧ [ x ′ = 1] x ≥ 0 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 15 / 44

  13. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = def = σ ( θ + η ) = σ (( θ ) ′ ) = σ ( p ( θ )) ≡ for predicate symbol p ∈ σ σ ( C ( φ ) ) ≡ σ ( φ ∧ ψ ) ≡ σ ( ∀ x φ ) = σ ([ α ] φ ) = σ ( a ) ≡ for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  14. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ (( θ ) ′ ) = σ ( p ( θ )) ≡ for predicate symbol p ∈ σ σ ( C ( φ ) ) ≡ σ ( φ ∧ ψ ) ≡ σ ( ∀ x φ ) = σ ([ α ] φ ) = σ ( a ) ≡ for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  15. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = σ ( p ( θ )) ≡ for predicate symbol p ∈ σ σ ( C ( φ ) ) ≡ σ ( φ ∧ ψ ) ≡ σ ( ∀ x φ ) = σ ([ α ] φ ) = σ ( a ) ≡ for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  16. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ for predicate symbol p ∈ σ σ ( C ( φ ) ) ≡ σ ( φ ∧ ψ ) ≡ σ ( ∀ x φ ) = σ ([ α ] φ ) = σ ( a ) ≡ for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  17. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ σ ( C ( φ ) ) ≡ σ ( φ ∧ ψ ) ≡ σ ( ∀ x φ ) = σ ([ α ] φ ) = σ ( a ) ≡ for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  18. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( ∀ x φ ) = σ ([ α ] φ ) = σ ( a ) ≡ for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  19. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( φ ) ∧ σ ( ψ ) σ ( ∀ x φ ) = σ ([ α ] φ ) = σ ( a ) ≡ for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  20. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( φ ) ∧ σ ( ψ ) σ ( ∀ x φ ) = ∀ x σ ( φ ) if σ { x } -admissible for φ σ ([ α ] φ ) = σ ( a ) ≡ for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  21. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( φ ) ∧ σ ( ψ ) σ ( ∀ x φ ) = ∀ x σ ( φ ) if σ { x } -admissible for φ σ ([ α ] φ ) = [ σ ( α )] σ ( φ ) if σ BV( σ ( α ))-admissible for φ σ ( a ) ≡ for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  22. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( φ ) ∧ σ ( ψ ) σ ( ∀ x φ ) = ∀ x σ ( φ ) if σ { x } -admissible for φ σ ([ α ] φ ) = [ σ ( α )] σ ( φ ) if σ BV( σ ( α ))-admissible for φ σ ( a ) ≡ σ a for program constant a ∈ σ σ ( x := θ ) ≡ σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  23. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( φ ) ∧ σ ( ψ ) σ ( ∀ x φ ) = ∀ x σ ( φ ) if σ { x } -admissible for φ σ ([ α ] φ ) = [ σ ( α )] σ ( φ ) if σ BV( σ ( α ))-admissible for φ σ ( a ) ≡ σ a for program constant a ∈ σ σ ( x := θ ) ≡ x := σ ( θ ) σ ( x ′ = f ( x ) & Q ) ≡ σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  24. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( φ ) ∧ σ ( ψ ) σ ( ∀ x φ ) = ∀ x σ ( φ ) if σ { x } -admissible for φ σ ([ α ] φ ) = [ σ ( α )] σ ( φ ) if σ BV( σ ( α ))-admissible for φ σ ( a ) ≡ σ a for program constant a ∈ σ σ ( x := θ ) ≡ x := σ ( θ ) σ ( x ′ = f ( x ) & Q ) ≡ x ′ = σ ( f ( x )) & σ ( Q ) if σ { x , x ′ } -admissible for f ( x ) , Q σ ( α ∪ β ) ≡ σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  25. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( φ ) ∧ σ ( ψ ) σ ( ∀ x φ ) = ∀ x σ ( φ ) if σ { x } -admissible for φ σ ([ α ] φ ) = [ σ ( α )] σ ( φ ) if σ BV( σ ( α ))-admissible for φ σ ( a ) ≡ σ a for program constant a ∈ σ σ ( x := θ ) ≡ x := σ ( θ ) σ ( x ′ = f ( x ) & Q ) ≡ x ′ = σ ( f ( x )) & σ ( Q ) if σ { x , x ′ } -admissible for f ( x ) , Q σ ( α ∪ β ) ≡ σ ( α ) ∪ σ ( β ) σ ( α ; β ) ≡ σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  26. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( φ ) ∧ σ ( ψ ) σ ( ∀ x φ ) = ∀ x σ ( φ ) if σ { x } -admissible for φ σ ([ α ] φ ) = [ σ ( α )] σ ( φ ) if σ BV( σ ( α ))-admissible for φ σ ( a ) ≡ σ a for program constant a ∈ σ σ ( x := θ ) ≡ x := σ ( θ ) σ ( x ′ = f ( x ) & Q ) ≡ x ′ = σ ( f ( x )) & σ ( Q ) if σ { x , x ′ } -admissible for f ( x ) , Q σ ( α ∪ β ) ≡ σ ( α ) ∪ σ ( β ) σ ( α ; β ) ≡ σ ( α ); σ ( β ) if σ BV( σ ( α ))-admissible for β σ ( α ∗ ) ≡ Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  27. Uniform Substitution: Definition expanded explicitly for function symbol f ∈ σ σ ( f ( θ )) = ( σ ( f ))( σ ( θ )) def = { · �→ σ ( θ ) } ( σ f ( · )) σ ( θ + η ) = σ ( θ ) + σ ( η ) σ (( θ ) ′ ) = ( σ ( θ )) ′ if σ V ∪ V ′ -admissible for θ σ ( p ( θ )) ≡ ( σ ( p ))( σ ( θ )) for predicate symbol p ∈ σ if σ V ∪ V ′ -admissible for φ , C ∈ σ ( C ( φ ) ) ≡ σ ( C ) ( σ ( φ ) ) σ ( φ ∧ ψ ) ≡ σ ( φ ) ∧ σ ( ψ ) σ ( ∀ x φ ) = ∀ x σ ( φ ) if σ { x } -admissible for φ σ ([ α ] φ ) = [ σ ( α )] σ ( φ ) if σ BV( σ ( α ))-admissible for φ σ ( a ) ≡ σ a for program constant a ∈ σ σ ( x := θ ) ≡ x := σ ( θ ) σ ( x ′ = f ( x ) & Q ) ≡ x ′ = σ ( f ( x )) & σ ( Q ) if σ { x , x ′ } -admissible for f ( x ) , Q σ ( α ∪ β ) ≡ σ ( α ) ∪ σ ( β ) σ ( α ; β ) ≡ σ ( α ); σ ( β ) if σ BV( σ ( α ))-admissible for β σ ( α ∗ ) ≡ ( σ ( α )) ∗ if σ BV( σ ( α ))-admissible for α Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 16 / 44

  28. Uniform Substitution: Examples [ x := f ] p ( x ) ↔ p ( f ) σ = { f �→ x + 1 , p ( · ) �→ ( · � = x ) } [ x := x + 1] x � = x ↔ x + 1 � = x [ x := f ] p ( x ) ↔ p ( f ) [ x := x 2 ][( z := x + z ) ∗ ; z := x + yz ] y ≥ x ↔ [( z := x 2 + z ∗ ); z := x 2 + yz ] y ≥ x 2 with σ = { f �→ x 2 , p ( · ) �→ [( z := · + z ) ∗ ; z := · + yz ] y ≥ · } p → [ a ] p σ = { a �→ x ′ = − 1 , p �→ x ≥ 0 } x ≥ 0 → [ x ′ = − 1] x ≥ 0 ( − x ) 2 ≥ 0 p (¯ x ) σ = { a �→ x ′ = − 1 , p ( · ) �→ ( − · ) 2 ≥ 0 } by [ x ′ = − 1]( − x ) 2 ≥ 0 [ a ] p (¯ x ) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 17 / 44

  29. Uniform Substitution: Examples [ x := f ] p ( x ) ↔ p ( f ) σ = { f �→ x + 1 , p ( · ) �→ ( · � = x ) } [ x := x + 1] x � = x ↔ x + 1 � = x [ x := f ] p ( x ) ↔ p ( f ) [ x := x 2 ][( z := x + z ) ∗ ; z := x + yz ] y ≥ x ↔ [( z := x 2 + z ∗ ); z := x 2 + yz ] y ≥ x 2 with σ = { f �→ x 2 , p ( · ) �→ [( z := · + z ) ∗ ; z := · + yz ] y ≥ · } p → [ a ] p σ = { a �→ x ′ = − 1 , p �→ x ≥ 0 } x ≥ 0 → [ x ′ = − 1] x ≥ 0 ( − x ) 2 ≥ 0 p (¯ x ) σ = { a �→ x ′ = − 1 , p ( · ) �→ ( − · ) 2 ≥ 0 } by [ x ′ = − 1]( − x ) 2 ≥ 0 [ a ] p (¯ x ) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 17 / 44

  30. Uniform Substitution: Examples BV FV Clash [ x := f ] p ( x ) ↔ p ( f ) σ = { f �→ x + 1 , p ( · ) �→ ( · � = x ) } [ x := x + 1] x � = x ↔ x + 1 � = x [ x := f ] p ( x ) ↔ p ( f ) [ x := x 2 ][( z := x + z ) ∗ ; z := x + yz ] y ≥ x ↔ [( z := x 2 + z ∗ ); z := x 2 + yz ] y ≥ x 2 with σ = { f �→ x 2 , p ( · ) �→ [( z := · + z ) ∗ ; z := · + yz ] y ≥ · } p → [ a ] p σ = { a �→ x ′ = − 1 , p �→ x ≥ 0 } x ≥ 0 → [ x ′ = − 1] x ≥ 0 ( − x ) 2 ≥ 0 p (¯ x ) σ = { a �→ x ′ = − 1 , p ( · ) �→ ( − · ) 2 ≥ 0 } by [ x ′ = − 1]( − x ) 2 ≥ 0 [ a ] p (¯ x ) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 17 / 44

  31. Uniform Substitution: Examples Clash [ x := f ] p ( x ) ↔ p ( f ) σ = { f �→ x + 1 , p ( · ) �→ ( · � = x ) } [ x := x + 1] x � = x ↔ x + 1 � = x [ x := f ] p ( x ) ↔ p ( f ) [ x := x 2 ][( z := x + z ) ∗ ; z := x + yz ] y ≥ x ↔ [( z := x 2 + z ∗ ); z := x 2 + yz ] y ≥ x 2 with σ = { f �→ x 2 , p ( · ) �→ [( z := · + z ) ∗ ; z := · + yz ] y ≥ · } p → [ a ] p σ = { a �→ x ′ = − 1 , p �→ x ≥ 0 } x ≥ 0 → [ x ′ = − 1] x ≥ 0 ( − x ) 2 ≥ 0 p (¯ x ) σ = { a �→ x ′ = − 1 , p ( · ) �→ ( − · ) 2 ≥ 0 } by [ x ′ = − 1]( − x ) 2 ≥ 0 [ a ] p (¯ x ) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 17 / 44

  32. Uniform Substitution: Examples Clash [ x := f ] p ( x ) ↔ p ( f ) σ = { f �→ x + 1 , p ( · ) �→ ( · � = x ) } [ x := x + 1] x � = x ↔ x + 1 � = x Correct [ x := f ] p ( x ) ↔ p ( f ) [ x := x 2 ][( z := x + z ) ∗ ; z := x + yz ] y ≥ x ↔ [( z := x 2 + z ∗ ); z := x 2 + yz ] y ≥ x 2 with σ = { f �→ x 2 , p ( · ) �→ [( z := · + z ) ∗ ; z := · + yz ] y ≥ · } p → [ a ] p σ = { a �→ x ′ = − 1 , p �→ x ≥ 0 } x ≥ 0 → [ x ′ = − 1] x ≥ 0 ( − x ) 2 ≥ 0 p (¯ x ) σ = { a �→ x ′ = − 1 , p ( · ) �→ ( − · ) 2 ≥ 0 } by [ x ′ = − 1]( − x ) 2 ≥ 0 [ a ] p (¯ x ) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 17 / 44

  33. Uniform Substitution: Examples Clash [ x := f ] p ( x ) ↔ p ( f ) σ = { f �→ x + 1 , p ( · ) �→ ( · � = x ) } [ x := x + 1] x � = x ↔ x + 1 � = x Correct [ x := f ] p ( x ) ↔ p ( f ) [ x := x 2 ][( z := x + z ) ∗ ; z := x + yz ] y ≥ x ↔ [( z := x 2 + z ∗ ); z := x 2 + yz ] y ≥ x 2 with σ = { f �→ x 2 , p ( · ) �→ [( z := · + z ) ∗ ; z := · + yz ] y ≥ · } FV Clash BV p → [ a ] p σ = { a �→ x ′ = − 1 , p �→ x ≥ 0 } x ′ = − 1] x ≥ 0 x ≥ 0 → [ ( − x ) 2 ≥ 0 p (¯ x ) σ = { a �→ x ′ = − 1 , p ( · ) �→ ( − · ) 2 ≥ 0 } by [ x ′ = − 1]( − x ) 2 ≥ 0 [ a ] p (¯ x ) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 17 / 44

  34. Uniform Substitution: Examples Clash [ x := f ] p ( x ) ↔ p ( f ) σ = { f �→ x + 1 , p ( · ) �→ ( · � = x ) } [ x := x + 1] x � = x ↔ x + 1 � = x Correct [ x := f ] p ( x ) ↔ p ( f ) [ x := x 2 ][( z := x + z ) ∗ ; z := x + yz ] y ≥ x ↔ [( z := x 2 + z ∗ ); z := x 2 + yz ] y ≥ x 2 with σ = { f �→ x 2 , p ( · ) �→ [( z := · + z ) ∗ ; z := · + yz ] y ≥ · } Clash p → [ a ] p σ = { a �→ x ′ = − 1 , p �→ x ≥ 0 } x ≥ 0 → [ x ′ = − 1] x ≥ 0 ( − x ) 2 ≥ 0 Correct p (¯ x ) σ = { a �→ x ′ = − 1 , p ( · ) �→ ( − · ) 2 ≥ 0 } by [ x ′ = − 1]( − x ) 2 ≥ 0 [ a ] p (¯ x ) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 17 / 44

  35. Uniform Substitution: Contextual Congruence Example p (¯ x ) ↔ q (¯ x ) CE C ( p (¯ x ) ) ↔ C ( q (¯ x ) ) [ x := x 2 ] x ≤ 1 ↔ x 2 ≤ 1 CE [ x ′ = x 3 ∪ x ′ = − 1][ x := x 2 ] x ≤ 1 ↔ [ x ′ = x 3 ∪ x ′ = − 1] x 2 ≤ 1 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 18 / 44

  36. Uniform Substitution: Contextual Congruence Example p (¯ x ) ↔ q (¯ x ) CE C ( p (¯ x ) ) ↔ C ( q (¯ x ) ) [ x := x 2 ] x ≤ 1 ↔ x 2 ≤ 1 CE [ x ′ = x 3 ∪ x ′ = − 1][ x := x 2 ] x ≤ 1 ↔ [ x ′ = x 3 ∪ x ′ = − 1] x 2 ≤ 1 Theorem (Soundness) (FV( σ ) = ∅ ) φ 1 . . . φ n σ ( φ 1 ) . . . σ ( φ n ) locally sound implies locally sound ψ σ ( ψ ) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 18 / 44

  37. Uniform Substitution: Contextual Congruence Example p (¯ x ) ↔ q (¯ x ) CE C ( p (¯ x ) ) ↔ C ( q (¯ x ) ) [ x := x 2 ] x ≤ 1 ↔ x 2 ≤ 1 CE [ x ′ = x 3 ∪ x ′ = − 1][ x := x 2 ] x ≤ 1 ↔ [ x ′ = x 3 ∪ x ′ = − 1] x 2 ≤ 1 Theorem (Soundness) (FV( σ ) = ∅ ) φ 1 . . . φ n σ ( φ 1 ) . . . σ ( φ n ) locally sound implies locally sound ψ σ ( ψ ) Locally sound The conclusion is valid in any interpretation I in which the premises are. Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 18 / 44

  38. Correctness of Uniform Substitutions “Syntactic uniform substitution = semantic replacement” Lemma (Uniform substitution lemma) Uniform substitution σ and its adjoint interpretation σ ∗ u I to σ for I , u have the same semantics: ] σ ∗ [ [ σ ( θ )] ] Iu = [ [ θ ] u Iu ] σ ∗ u ∈ [ [ σ ( φ )] ] I iff u ∈ [ [ φ ] u I ] σ ∗ ( u , w ) ∈ [ [ σ ( α )] ] I iff ( u , w ) ∈ [ [ α ] u I θ σ ( θ ) [ [ σ ( θ )] ] Iu σ I σ ∗ u I ] σ ∗ [ [ θ ] u Iu Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 19 / 44

  39. Solving Differential Equations? By Axiom Schema? [ ′ ] [ x ′ = θ ] φ ↔ ∀ t ≥ 0 [ x := x ( t )] φ ( t fresh and x ′ ( t ) = θ ) LICS’12 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 20 / 44

  40. Solving Differential Equations? By Axiom Schema? [ ′ ] [ x ′ = θ ] φ ↔ ∀ t ≥ 0 [ x := x ( t )] φ ( t fresh and x ′ ( t ) = θ ) Axiom schema with side conditions: 1 Occurs check: t fresh 2 Solution check: x ( · ) solves the ODE x ′ ( t ) = θ with x ( · ) plugged in for x in θ 3 Initial value check: x ( · ) solves the symbolic IVP x (0) = x Quite nontrivial soundness-critical algorithms . . . LICS’12 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 20 / 44

  41. Solving Differential Equations? By Axiom Schema? [ ′ ] [ x ′ = θ ] φ ↔ ∀ t ≥ 0 [ x := x ( t )] φ ( t fresh and x ′ ( t ) = θ ) Axiom schema with side conditions: 1 Occurs check: t fresh 2 Solution check: x ( · ) solves the ODE x ′ ( t ) = θ with x ( · ) plugged in for x in θ 3 Initial value check: x ( · ) solves the symbolic IVP x (0) = x 4 x ( · ) covers all solutions parametrically Quite nontrivial soundness-critical algorithms . . . LICS’12 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 20 / 44

  42. Differential Equation Axioms & Differential Axioms DW [ x ′ = f ( x ) & q ( x )] q ( x ) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) DE [ x ′ = f ( x ) & q ( x )] p ( x , x ′ ) ↔ [ x ′ = f ( x ) & q ( x )][ x ′ := f ( x )] p ( x , x ′ ) � q ( x ) → p ( x ) ∧ [ x ′ = f ( x ) & q ( x )]( p ( x )) ′ � DI [ x ′ = f ( x ) & q ( x )] p ( x ) ← DG [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ ∃ y [ x ′ = f ( x ) , y ′ = a ( x ) y + b ( x ) & q ( x )] p ( x ) � � DS [ x ′ = f & q ( x )] p ( x ) ↔ ∀ t ≥ 0 ( ∀ 0 ≤ s ≤ t q ( x + fs )) → [ x := x + ft ] p ( x ) [ ′ :=] [ x ′ := f ] p ( x ′ ) ↔ p ( f ) + ′ ( f (¯ x )) ′ = ( f (¯ x )) ′ + ( g (¯ x )) ′ x ) + g (¯ · ′ ( f (¯ x )) ′ = ( f (¯ x )) ′ · g (¯ x )) ′ x ) · g (¯ x ) + f (¯ x ) · ( g (¯ ◦ ′ [ y := g ( x )][ y ′ := 1] � ( f ( g ( x ))) ′ = ( f ( y )) ′ · ( g ( x )) ′ � CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 21 / 44

  43. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost x x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  44. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost x x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  45. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost x x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  46. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost x x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  47. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost x x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  48. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost x x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  49. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost x x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  50. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost x x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  51. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost y ′ = g ( x , y ) x x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  52. Differential Invariants for Differential Equations Differential Invariant Differential Cut Differential Ghost y ′ = g ( x , y ) x inv x ′ = f ( x ) 0 t Logic Math DI ≥ DI ≥ , ∧ , ∨ DI ≥ , = , ∧ , ∨ Character- Provability DI = DI = , ∧ , ∨ DI theory istic PDE DI >, ∧ , ∨ DI >, = , ∧ , ∨ DI > JLogComput’10,CAV’08,FMSD’09,LMCS’12,LICS’12,ITP’12,CADE’15 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 22 / 44

  53. Differential Equation Axioms Axiom (Differential Weakening) (CADE’15) DW [ x ′ = f ( x ) & q ( x )] q ( x ) x ¬ q ( x ) w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) Differential equations cannot leave their evolution domains. Implies: [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x )] � � q ( x ) → p ( x ) Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  54. Differential Equation Axioms Axiom (Differential Cut) (CADE’15) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) x w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) DC is a cut for differential equations. DC is a differential modal modus ponens K. Can’t leave r ( x ), then might as well restrict state space to r ( x ). Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  55. Differential Equation Axioms Axiom (Differential Cut) (CADE’15) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) x w w q ( x ) q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) DC is a cut for differential equations. DC is a differential modal modus ponens K. Can’t leave r ( x ), then might as well restrict state space to r ( x ). Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  56. Differential Equation Axioms Axiom (Differential Cut) (CADE’15) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) x w w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) DC is a cut for differential equations. DC is a differential modal modus ponens K. Can’t leave r ( x ), then might as well restrict state space to r ( x ). Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  57. Differential Equation Axioms Axiom (Differential Cut) (CADE’15) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) x w w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) DC is a cut for differential equations. DC is a differential modal modus ponens K. Can’t leave r ( x ), then might as well restrict state space to r ( x ). Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  58. Differential Equation Axioms Axiom (Differential Cut) (CADE’15) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) x w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) DC is a cut for differential equations. DC is a differential modal modus ponens K. Can’t leave r ( x ), then might as well restrict state space to r ( x ). Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  59. Differential Equation Axioms Axiom (Differential Cut) (CADE’15) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) x w w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) DC is a cut for differential equations. DC is a differential modal modus ponens K. Can’t leave r ( x ), then might as well restrict state space to r ( x ). Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  60. Differential Equation Axioms Axiom (Differential Cut) (CADE’15) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) x w w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) DC is a cut for differential equations. DC is a differential modal modus ponens K. Can’t leave r ( x ), then might as well restrict state space to r ( x ). Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  61. Differential Equation Axioms Axiom (Differential Cut) (CADE’15) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) x w w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) DC is a cut for differential equations. DC is a differential modal modus ponens K. Can’t leave r ( x ), then might as well restrict state space to r ( x ). Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  62. Differential Equation Axioms Axiom (Differential Cut) (CADE’15) � [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ [ x ′ = f ( x ) & q ( x ) ∧ r ( x )] p ( x ) � DC ← [ x ′ = f ( x ) & q ( x )] r ( x ) x w w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) DC is a cut for differential equations. DC is a differential modal modus ponens K. Can’t leave r ( x ), then might as well restrict state space to r ( x ). Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  63. Differential Equation Axioms Axiom (Differential Invariant) (CADE’15) � q ( x ) → p ( x ) ∧ [ x ′ = f ( x ) & q ( x )]( p ( x )) ′ � DI [ x ′ = f ( x ) & q ( x )] p ( x ) ← x F w ¬ F ¬ F q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) Differential invariant: p ( x ) true now and its differential ( p ( x )) ′ true always What’s the differential of a formula??? What’s the meaning of a differential term . . . in a state??? Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  64. Differential Equation Axioms Axiom (Differential Effect) (CADE’15) DE [ x ′ = f ( x ) & q ( x )] p ( x , x ′ ) ↔ [ x ′ = f ( x ) & q ( x )][ x ′ := f ( x )] p ( x , x ′ ) f ( x ) x w x ′ q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) Effect of differential equation on differential symbol x ′ [ x ′ := f ( x )] instantly mimics continuous effect [ x ′ = f ( x )] on x ′ [ x ′ := f ( x )] selects vector field x ′ = f ( x ) for subsequent differentials Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  65. Differential Equation Axioms Axiom (Differential Ghost) (CADE’15) DG [ x ′ = f ( x ) & q ( x )] p ( x ) ↔ ∃ y [ x ′ = f ( x ) , y ′ = a ( x ) y + b ( x ) & q ( x )] p ( x ) x w q ( x ) u t r 0 x ′ = f ( x ) & q ( x ) y ′ = a ( x ) y + b ( x ) Differential ghost/auxiliaries: extra differential equations that exist Can cause new invariants “Dark matter” counterweight to balance conserved quantities Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  66. Differential Equation Axioms Axiom (Differential Solution) (CADE’15) � � DS [ x ′ = f & q ( x )] p ( x ) ↔ ∀ t ≥ 0 ( ∀ 0 ≤ s ≤ t q ( x + fs )) → [ x := x + ft ] p ( x ) x x w w q ( x ) u q ( x ) u t t r r 0 0 x ′ = f ( x ) & q ( x ) x ′ = f & q ( x ) Differential solutions: solve differential equations with DG,DC and inverse companions Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 23 / 44

  67. Example: Differential Invariants Don’t Solve. Prove! x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  68. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  69. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  70. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain 3 CE+CQ reason efficiently in Equivalence or eQuational context [ x ′ = x 3 ][ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ≥ 1) ′ ↔ x ′ · x + x · x ′ ≥ 0 G [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  71. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain 3 CE+CQ reason efficiently in Equivalence or eQuational context 4 G isolates postcondition [ ′ :=] [ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 [ x ′ = x 3 ][ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ≥ 1) ′ ↔ x ′ · x + x · x ′ ≥ 0 G [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  72. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain 3 CE+CQ reason efficiently in Equivalence or eQuational context 4 G isolates postcondition 5 [ ′ :=] differential substitution uses vector field x 3 · x + x · x 3 ≥ 0 R [ ′ :=] [ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 [ x ′ = x 3 ][ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ≥ 1) ′ ↔ x ′ · x + x · x ′ ≥ 0 G [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  73. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain 3 CE+CQ reason efficiently in Equivalence or eQuational context 4 G isolates postcondition 5 [ ′ :=] differential substitution uses vector field ∗ x 3 · x + x · x 3 ≥ 0 R [ ′ :=] [ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 [ x ′ = x 3 ][ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ≥ 1) ′ ↔ x ′ · x + x · x ′ ≥ 0 G [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  74. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain 3 CE+CQ reason efficiently in Equivalence or eQuational context 4 G isolates postcondition 5 [ ′ :=] differential substitution uses vector field ∗ x 3 · x + x · x 3 ≥ 0 R [ ′ :=] [ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ) ′ ≥ 0 ↔ x ′ · x + x · x ′ ≥ 0 CQ [ x ′ = x 3 ][ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ≥ 1) ′ ↔ x ′ · x + x · x ′ ≥ 0 G [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  75. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain 3 CE+CQ reason efficiently in Equivalence or eQuational context 4 G isolates postcondition 5 [ ′ :=] differential substitution uses vector field ∗ x 3 · x + x · x 3 ≥ 0 R ( x · x ) ′ = x ′ · x + x · x ′ [ ′ :=] [ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ) ′ ≥ 0 ↔ x ′ · x + x · x ′ ≥ 0 CQ [ x ′ = x 3 ][ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ≥ 1) ′ ↔ x ′ · x + x · x ′ ≥ 0 G [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  76. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain 3 CE+CQ reason efficiently in Equivalence or eQuational context 4 G isolates postcondition 5 [ ′ :=] differential substitution uses vector field ( x · x ) ′ = ( x ) ′ · x + x · ( x ) ′ ∗ US x 3 · x + x · x 3 ≥ 0 R ( x · x ) ′ = x ′ · x + x · x ′ [ ′ :=] [ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ) ′ ≥ 0 ↔ x ′ · x + x · x ′ ≥ 0 CQ [ x ′ = x 3 ][ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ≥ 1) ′ ↔ x ′ · x + x · x ′ ≥ 0 G [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  77. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain 3 CE+CQ reason efficiently in Equivalence or eQuational context 4 G isolates postcondition 5 [ ′ :=] differential substitution uses vector field 6 · ′ differential computations are axiomatic (US) · ′ ( f (¯ x )) ′ = ( f (¯ x )) ′ · g (¯ x )) ′ x ) · g (¯ x )+ f (¯ x ) · ( g (¯ ( x · x ) ′ = ( x ) ′ · x + x · ( x ) ′ ∗ US x 3 · x + x · x 3 ≥ 0 R ( x · x ) ′ = x ′ · x + x · x ′ [ ′ :=] [ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ) ′ ≥ 0 ↔ x ′ · x + x · x ′ ≥ 0 CQ [ x ′ = x 3 ][ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ≥ 1) ′ ↔ x ′ · x + x · x ′ ≥ 0 G [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  78. Example: Differential Invariants Don’t Solve. Prove! 1 DI proves a property of an ODE inductively by its differentials 2 DE exports vector field, possibly after DW exports evolution domain 3 CE+CQ reason efficiently in Equivalence or eQuational context 4 G isolates postcondition 5 [ ′ :=] differential substitution uses vector field 6 · ′ differential computations are axiomatic (US) ∗ · ′ ( f (¯ x )) ′ = ( f (¯ x )) ′ · g (¯ x )) ′ x ) · g (¯ x )+ f (¯ x ) · ( g (¯ ( x · x ) ′ = ( x ) ′ · x + x · ( x ) ′ ∗ US x 3 · x + x · x 3 ≥ 0 R ( x · x ) ′ = x ′ · x + x · x ′ [ ′ :=] [ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ) ′ ≥ 0 ↔ x ′ · x + x · x ′ ≥ 0 CQ [ x ′ = x 3 ][ x ′ := x 3 ] x ′ · x + x · x ′ ≥ 0 ( x · x ≥ 1) ′ ↔ x ′ · x + x · x ′ ≥ 0 G [ x ′ = x 3 ][ x ′ := x 3 ]( x · x ≥ 1) ′ CE [ x ′ = x 3 ]( x · x ≥ 1) ′ DE x · x ≥ 1 → [ x ′ = x 3 ] x · x ≥ 1 DI Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 24 / 44

  79. Example: Soundly Solving Differential Equations 1 DG introduces time t , DC cuts solution in, that DI proves and 2 DW exports to postcondition 3 inverse DC removes evolution domain constraints 4 inverse DG removes original ODE 5 DS solves remaining ODE for time ∗ R φ →∀ s ≥ 0 ( x 0 + a 2 s 2 + v 0 s ≥ 0) 2 t 2 + v 0 t ≥ 0 [:=] φ →∀ s ≥ 0 [ t := 0 + 1 s ] x 0 + a DS φ → [ t ′ = 1] x 0 + a 2 t 2 + v 0 t ≥ 0 DG φ → [ v ′ = a , t ′ = 1] x 0 + a 2 t 2 + v 0 t ≥ 0 DG φ → [ x ′ = v , v ′ = a , t ′ = 1] x 0 + a 2 t 2 + v 0 t ≥ 0 DC φ → [ x ′ = v , v ′ = a , t ′ = 1 & v = v 0 + at ] x 0 + a 2 t 2 + v 0 t ≥ 0 DC φ → [ x ′ = v , v ′ = a , t ′ = 1 & v = v 0 + at ∧ x = x 0 + a 2 t 2 + v 0 t ] x 0 + a 2 t 2 + v 0 t ≥ 0 G,K φ → [ x ′ = v , v ′ = a , t ′ = 1 & v = v 0 + at ∧ x = x 0 + a 2 t 2 + v 0 t ]( x = x 0 + a 2 t 2 + v 0 t → x ≥ 0) DW φ → [ x ′ = v , v ′ = a , t ′ = 1 & v = v 0 + at ∧ x = x 0 + a 2 t 2 + v 0 t ] x ≥ 0 DC φ → [ x ′ = v , v ′ = a , t ′ = 1 & v = v 0 + at ] x ≥ 0 DC φ → [ x ′ = v , v ′ = a , t ′ = 1] x ≥ 0 φ →∃ t [ x ′ = v , v ′ = a , t ′ = 1] x ≥ 0 DG φ → [ x ′ = v , v ′ = a ] x ≥ 0 Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 25 / 44

  80. The Meaning of Prime Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 26 / 44

  81. The Meaning of Prime [( θ ) ′ ] [ ] Iu = Semantics Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 26 / 44

  82. The Meaning of Prime [( θ ) ′ ] [ ] Iu = Semantics depends on the differential equation? Andr´ e Platzer (CMU) FCPS / 22: Axioms & Uniform Substitutions 26 / 44

Recommend

Logical Foundations of Cyber-Physical Systems Andr Platzer Andr Platzer (CMU) LFCPS/18:

Logical Foundations of Cyber-Physical Systems Andr Platzer Andr Platzer (CMU) LFCPS/18:

18: Axioms & Uniform Substitutions Logical Foundations of Cyber-Physical Systems Andr Platzer Logical Foundations of Cyber-Physical Systems Andr Platzer Andr Platzer (CMU) LFCPS/18: Axioms & Uniform Substitutions LFCPS/18 1

1.96k views • 170 slides
Science One Math Feb 4, 2019 Today Some more practice with trigonometric substitutions

Science One Math Feb 4, 2019 Today Some more practice with trigonometric substitutions

Science One Math Feb 4, 2019 Today Some more practice with trigonometric substitutions Partial fractions and other strategies to integrate rational functions Last time: Trigonometric substitutions When to use them? when the integrand

580 views • 44 slides
Curriculum on The Cadet Corps Uniform Class A Uniform Class A Uniform Agenda C1. Class A

Curriculum on The Cadet Corps Uniform Class A Uniform Class A Uniform Agenda C1. Class A

Curriculum on The Cadet Corps Uniform Class A Uniform Class A Uniform Agenda C1. Class A Uniform CLASS A UNIFORM C1. Wear the Class A Uniform to standard. Class A Uniform Known as Black Service Uniform or Class A Worn mainly

502 views • 14 slides
Optimizing DNN Computation with Relaxed Graph Substitutions Tim Lazarus 26 November, 2019 Graph

Optimizing DNN Computation with Relaxed Graph Substitutions Tim Lazarus 26 November, 2019 Graph

Optimizing DNN Computation with Relaxed Graph Substitutions Tim Lazarus 26 November, 2019 Graph Substitutions We can optimise DNNs if we replace subgraphs with equivalent ones that improve overall performance For a particular input I ,

293 views • 18 slides
Autosubst 2: Towards Reasoning with Multi-Sorted de Bruijn Terms and Vector Substitutions Jonas

Autosubst 2: Towards Reasoning with Multi-Sorted de Bruijn Terms and Vector Substitutions Jonas

Introduction Towards Autosubst 2 Interpreting HOAS Vector Substitutions Case Study Future Work Autosubst 2: Towards Reasoning with Multi-Sorted de Bruijn Terms and Vector Substitutions Jonas Kaiser, Steven Schfer, Kathrin Stark saarland

555 views • 22 slides
The theoretical study of the various substitutions effect in the conversion of 3-

The theoretical study of the various substitutions effect in the conversion of 3-

[G012] The theoretical study of the various substitutions effect in the conversion of 3- cyclopropylmethoxy-3-chloro diazirine to various products B. Sohrabi College of Chemistry, Iran University of Science and Technology, Tehran, 16846-13114,

280 views • 9 slides
Curriculum on The Cadet Corps Uniform Wear It WIth honor Class C Uniform Class C Uniform

Curriculum on The Cadet Corps Uniform Wear It WIth honor Class C Uniform Class C Uniform

Curriculum on The Cadet Corps Uniform Wear It WIth honor Class C Uniform Class C Uniform Agenda B1. Class C Uniform CLASS C UNIFORM B1. Wear the Class C Uniform to standard. Class C Uniform Fully described in CR 1-8, Chp. 8 Headgear

185 views • 14 slides
Winter Uniform If out of uniform students must present a note of explanation to their Year Level

Winter Uniform If out of uniform students must present a note of explanation to their Year Level

Student Presentation Policy February 01, 2018 Summer Uniform If out of uniform students must present a note of explanation to their Year Level Coordinator who will issue a uniform pass. Summer Uniform (Terms 1&4) - Academic The summer

421 views • 3 slides
ECE 730 Lectures 2 and 3 John A. Gubner UW-Madison ECE Dept. Jan. 26, 2009 Outline 1.4 Axioms

ECE 730 Lectures 2 and 3 John A. Gubner UW-Madison ECE Dept. Jan. 26, 2009 Outline 1.4 Axioms

ECE 730 Lectures 2 and 3 John A. Gubner UW-Madison ECE Dept. Jan. 26, 2009 Outline 1.4 Axioms and Properties of Probability Axioms Consequences of the Axioms 1.5 Conditional Probability The Law of Total Probability and Bayes Rule 1.4

312 views • 12 slides
OVERVIEW 1 What is the Uniform Guidance? Rules that set uniform standards for the award and

OVERVIEW 1 What is the Uniform Guidance? Rules that set uniform standards for the award and

Uniform Guidance Procurement Requirements for NC Local Governments Norma Houston NC State Treasurers Conference June 26, 2018 OVERVIEW 1 What is the Uniform Guidance? Rules that set uniform standards for the award and expenditure of

731 views • 28 slides
About different kinds of Substitutions Matthieu Deneufch atel S eminaire CALIN, 18 Janvier

About different kinds of Substitutions Matthieu Deneufch atel S eminaire CALIN, 18 Janvier

About different kinds of Substitutions Matthieu Deneufch atel S eminaire CALIN, 18 Janvier 2011 Outline Commutative case 1 Non commutative case 2 Language theory Case of a finite alphabet Case of an infinite alphabet Substitutions,

431 views • 25 slides
Forcing axioms in P max extensions Paul Larson Department of Mathematics Miami University

Forcing axioms in P max extensions Paul Larson Department of Mathematics Miami University

Forcing axioms in P max extensions Paul Larson Department of Mathematics Miami University Oxford, Ohio 45056 larsonpb@miamioh.edu March 12, 2014 Forcing axioms in P max extensions P.B. Larson Forcing axioms Large cardinals Martins

820 views • 39 slides
Uniform Guidance aka UG, UniGui HUGE: CSU Harnessing Uniform Guidance Effectively An update

Uniform Guidance aka UG, UniGui HUGE: CSU Harnessing Uniform Guidance Effectively An update

Uniform Guidance aka UG, UniGui HUGE: CSU Harnessing Uniform Guidance Effectively An update for SFSU Faculty and Staff Uniform Guidance Most significant change in research administration in 50 years Uniform Guidance Reform History Feb

673 views • 33 slides
Non-Uniform Computation Lecture 10 Non-Uniform Computational Models: Circuits 1 Non-Uniform

Non-Uniform Computation Lecture 10 Non-Uniform Computational Models: Circuits 1 Non-Uniform

Non-Uniform Computation Lecture 10 Non-Uniform Computational Models: Circuits 1 Non-Uniform Computation 2 Non-Uniform Computation Uniform: Same program for all (the infinitely many) inputs 2 Non-Uniform Computation Uniform: Same program

1.36k views • 107 slides
MAZENOD COLLEGE STUDENT PRESENTATION POLICY SUMMER UNIFORM If out of uniform students must

MAZENOD COLLEGE STUDENT PRESENTATION POLICY SUMMER UNIFORM If out of uniform students must

MAZENOD COLLEGE STUDENT PRESENTATION POLICY SUMMER UNIFORM If out of uniform students must present a note of explanation to their Year Level Coordinator who will issue a uniform pass. Summer Uniform (Terms 1 & 4) - Academic The summer

305 views • 3 slides
Definitions, Axioms, Postulates, Propositions, and Theorems from Euclidean and Non-Euclidean

Definitions, Axioms, Postulates, Propositions, and Theorems from Euclidean and Non-Euclidean

Definitions, Axioms, Postulates, Propositions, and Theorems from Euclidean and Non-Euclidean Geometries by Marvin Jay Greenberg Undefined Terms: Point, Line, Incident, Between, Congruent. Incidence Axioms: IA1: For every two distinct points there

444 views • 6 slides
UNIFORM PROPOSAL CONTENTS 4 UNIFORM REFLECTIVE TAPE 12 11 10 9 8 6 5 3 UNIFORM

UNIFORM PROPOSAL CONTENTS 4 UNIFORM REFLECTIVE TAPE 12 11 10 9 8 6 5 3 UNIFORM

Veronica Namane Director Cell: 0828212177 veronica @afriuniforms.co.za www.afriuniforms.co.za national number: 0861-4-32433 Admin and training: Blyvooruitzicht 116, LR Farm, Portion 4, Western Deep Levels, Carletonville UNIFORM PROPOSAL

139 views • 12 slides
JUST THE MATHS SLIDES NUMBER 12.8 INTEGRATION 8 (The tangent substitutions) by

JUST THE MATHS SLIDES NUMBER 12.8 INTEGRATION 8 (The tangent substitutions) by

JUST THE MATHS SLIDES NUMBER 12.8 INTEGRATION 8 (The tangent substitutions) by A.J.Hobson 12.8.1 The substitution t = tan x 12.8.2 The substitution t = tan( x/ 2) UNIT 12.8 - INTEGRATION 8 THE TANGENT SUBSTITUTIONS 12.8.1 THE

247 views • 7 slides
Course Substitutions & Learning Evals How One Institution is Addressing Barriers to Completion

Course Substitutions & Learning Evals How One Institution is Addressing Barriers to Completion

Course Substitutions & Learning Evals How One Institution is Addressing Barriers to Completion Presentation offered at AHEAD conference on July 20, 2017 By Portland Community College Disability Services Counselor Ruth McKenna and Director

356 views • 21 slides
Non-Uniform Computation & Circuits Lecture 10 Wherein every language can be decided 1

Non-Uniform Computation & Circuits Lecture 10 Wherein every language can be decided 1

Non-Uniform Computation & Circuits Lecture 10 Wherein every language can be decided 1 Non-Uniform Computation 2 Non-Uniform Computation Uniform: Same program for all (the infinitely many) inputs 2 Non-Uniform Computation Uniform: Same

1.25k views • 105 slides
Unification It is an algorithm for determining the substitutions needed to make two predicate

Unification It is an algorithm for determining the substitutions needed to make two predicate

Unification It is an algorithm for determining the substitutions needed to make two predicate calculus expressions match Examples of substitution ( ) 1. ( ) ( ) X man X mortal X substitute hassan for X =>

1.72k views • 27 slides
Hillgrove Hotel Ltd UNIFORM, WORKWEAR & PERSONAL PRESENTATION (i) Why we have a uniform

Hillgrove Hotel Ltd UNIFORM, WORKWEAR & PERSONAL PRESENTATION (i) Why we have a uniform

Hillgrove Hotel Ltd UNIFORM, WORKWEAR & PERSONAL PRESENTATION (i) Why we have a uniform Customers make judgments on our business on the basis of a number of factors, including the image conveyed by the look of our premises, the quality

397 views • 7 slides
College Uniform and Grooming Policy The wearing of the uniform is fundamental to reflecting the

College Uniform and Grooming Policy The wearing of the uniform is fundamental to reflecting the

College Uniform and Grooming Policy The wearing of the uniform is fundamental to reflecting the values and expectations of the College. Students are expected to arrive and depart each day in the appropriate full College uniform. This includes

216 views • 3 slides
Primary reference: Casella-Berger 2 nd Edition Presentation 1-2-1: Of Axioms and Algebras

Primary reference: Casella-Berger 2 nd Edition Presentation 1-2-1: Of Axioms and Algebras

Presentation 1-2-1: Of Axioms and Algebras Primary reference: Casella-Berger 2 nd Edition Presentation 1-2-1: Of Axioms and Algebras (the sample space) And in it were (of an experiment) dj vu? 2 Presentation 1-2-1: Of Axioms

278 views • 17 slides

More recommend