Computer Supported Modeling and Reasoning David Basin, Achim D. - PowerPoint PPT Presentation

Computer Supported Modeling and Reasoning David Basin, Achim D. Brucker, Jan-Georg Smaus, and Burkhart Wolff April 2005 http://www.infsec.ethz.ch/education/permanent/csmr/

Higer-Order Logic: Derived Rules David Basin

Higer-Order Logic: Derived Rules 653 Outline Last lecture: Introduction to HOL • Basic syntax and semantics • Basic eight (or nine) axioms • Definitions of True , False , ∧ , ∨ , ∀ . . . Today: • Deriving rules for the defined constants • Outlook on the rest of this course Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Higer-Order Logic: Derived Rules 654 Reminder: Different Syntaxes Conceptual vs. Isabelle/PG notation λx bool .P ( x ) λ x :: bool . P ∀ x. P ( x ) “ All ( λ x .P x ) ”=“ ∀ x.P ( x ) ” ιx. P ( x ) “ The ( λ x .P x ) ”=“ THE x.P ( x ) ” We will be using all those forms as convenient. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Higer-Order Logic: Derived Rules 655 Reminder: Definitions True def: True ≡ (( λ x::bool. x) = ( λ x. x)) All def : All(P) ≡ (P = ( λ x. True)) Ex def: Ex(P) ≡∀ Q. ( ∀ x. P x − → Q) − → Q False def : False ≡ ( ∀ P. P) not def : ¬ P ≡ P − → False and def: P ∧ Q ≡∀ R. (P − → Q − → R) − → R or def : P ∨ Q ≡∀ R. (P − → R) − → (Q − → R) − → R if def : If P x y ≡ THE z::’a. (P=True − → z=x) ∧ (P=False − → z=y) Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Higer-Order Logic: Derived Rules 656 Derived Rules The definitions can be understood as syntactic abbreviations. Later, we will see that they are in fact conservative constant definitions. We usually proceed as follows: first show a rule involving a constant, then replace the constant with its definition (if applicable), then show the derivation. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Equality 657 Equality • Rule sym and ND derivation refl s = t s = s sym subst t = s • HOL rule s=t = ⇒ t=s: Proof: lemma sym : ”s=t = ⇒ t=s”; apply ( erule subst ); ( ∗ P is λ x.x=s ∗ ) apply ( rule refl 1); ( ∗ s=s ∗ ) done Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Equality 658 Equality: Transitivity and Congruences • Rule trans and ND derivation s = t r = s trans subst r = t HOL rule [ [ r=s; s=t ] ] = ⇒ r=t • Congruences (only HOL forms): ◦ (f ::’ a ⇒ ’b) = g = ⇒ f(x)=g(x) (funcong) ◦ x=y = ⇒ f(x)=f(y) (argcong) HOL proofs using subst and refl . Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Equality 659 Equality of Booleans ( iffI ) Rule iffI and ND derivation [ P ] . . . . [ Q ] Q . . . . iff impI ( P → Q ) → ( Q → P ) → ( P = Q ) P → Q P mp impI ( Q → P ) → P = Q Q → P iffI mp P = Q HOL rule [ [ P = ⇒ Q; Q = ⇒ P ] ] = ⇒ P=Q. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Equality 660 Equality of Booleans ( iffD2 ) Rule iffD2 and ND derivation P = Q sym Q = P Q iffD2 subst P HOL rule [ [ P=Q; Q ] ]= ⇒ P. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

True 661 True True = (( λx bool .x ) = ( λx.x )) • Rule TrueI and ND derivation TrueI refl ( λx.x ) = ( λx.x ) True • Rule eqTrueE and ND derivation TrueI P = True True eqTrueE iffD2 P HOL rule P=True = ⇒ P. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

True 662 True (Cont.) • Rule eqTrueI and ND derivation TrueI True P eqTrueI iffI P = True Note that 0 assumptions were discharged. HOL rule P = ⇒ P=True. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Universal Quantification 663 Universal Quantification ∀ P = ( P = ( λx.True )) • Rule allI and ND derivation � x. P ( x ) � x. P ( x ) = True eqTrueI allI ext P = λx. True ∀ P HOL rule ( � x. P(x)) = ⇒ ∀ x. P(x). Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Universal Quantification 664 Universal Quantification (Cont.) • Rule spec and ND derivation P = λx.True ∀ P fun cong P ( x ) = True spec eqTrueE P ( x ) HOL rule ∀ x ::’ a. P(x) = ⇒ P(x). Note: Need universal quantification to reason about False (since False = ( ∀ P.P ) ). Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

False 665 False False = ( ∀ P.P ) • FalseI: No rule! • Rule FalseE and ND derivation False ∀ P. P FalseE spec P HOL rule False = ⇒ P. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

False 666 False (Cont.) • Rule False neq True and ND derivation False = True eqTrueE False FalseE False neq True P HOL rule False=True = ⇒ P. • Similar: True = False True neq False P Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Negation 667 Negation ¬ P = P → False • Rule notI and ND derivation [ P ] . . . . False notI impI P → False ¬ P HOL rule (P = ⇒ False) = ⇒ ¬ P. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Negation 668 Negation (Cont.) • Rule notE and ND derivation ¬ P P → False P mp False FalseE notE R HOL rule [ [ ¬ P; P [ [ = ⇒ R. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Negation 669 Negation (Cont.) • Rule True Not False and ND derivation [ True = False ] 1 True neq False False notI 1 True Not False ( True = False ) → False HOL rule True � = False. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Existential Quantification 670 Existential Quantification • Ex(P) ≡∀ Q. ( ∀ x. P x − → Q) − → Q • P(x) = ⇒ ∃ x ::’ a.P(x) ( exI ) [ ∀ y.P ( y ) → Q ] spec P ( x ) → Q Px mp Q impI ( ∀ y.P ( y ) → Q ) → Q ) allI ∀ Q. ( ∀ x.P ( x ) → Q ) → Q ) Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Existential Quantification 671 • [ [ ∃ x ::’ a.P(x); � x. P(x) = ⇒ Q ] ] = ⇒ Q ( exE ) [ P ( x )] impI � ∀ Q. (( ∀ y.P ( y ) → Q ) → Q ) x. Q spec allI ( ∀ y.P ( y ) → Q ) → Q ∀ y.P ( y ) → Q mp Q Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Conjunction 672 Conjunction P ∧ Q = ∀ R. ( P → Q → R ) → R • Rule conjI and ND derivation [ P → Q → R ] 1 P mp Q → R Q mp R impI 1 ( P → Q → R ) → R conjI allI ∀ R. ( P → Q → R ) → R P ∧ Q HOL rule [ [ P; Q ] ] = ⇒ P ∧ Q. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Conjunction 673 Conjunction (Cont.) • Rule conjEL and ND derivation [ P ] 1 impI ∀ R. ( P → Q → R ) → R P ∧ Q Q → P spec impI 1 ( P → Q → P ) → P P → Q → P conjEL mp P HOL rule P ∧ Q = ⇒ P. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Conjunction 674 Conjunction (Cont.) • P ∧ Q = ⇒ Q ” ( conjER ) • [ [ P ∧ Q ; [ [ P ; Q ] ] = ⇒ R ] ] = ( conjE ) (rule analogous ⇒ R to disjE ) Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Disjunction 675 Disjunction P ∨ Q = ∀ R. ( P → R ) → ( Q → R ) → R • Rule disjIL and ND derivation [ P → R ] 1 P mp R impI ( Q → R ) → R impI 1 ( P → R ) → ( Q → R ) → R disjIL allI ∀ R. ( P → R ) → ( Q → R ) → R P ∨ Q HOL rule P = ⇒ P ∨ Q. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Disjunction 676 Disjunction (Cont.) • Q = ⇒ P ∨ Q ( disjIR ) similar • Rule disjE and ND derivation P . . . . Q ∀ R. ( P → R ) → ( Q → R ) → R P ∨ Q R . . . . spec impI ( P → R ) → ( Q → R ) → R P → R R mp impI ( Q → R ) → R Q → R disjE mp R HOL rule [ [ P ∨ Q; P = ⇒ R; Q = ⇒ R ] ] = ⇒ R. • P ∨ ¬ P ( excluded middle ). Follows using tof . Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Miscellaneous Definitions 677 Miscellaneous Definitions Typical example (if-then-else): If P x y ≡ THE z. (P=True − → z=x) ∧ (P=False − → z=y) The way rules are derived should now be clear. E.g., P = True P = False If P x y = x If P x y = y Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)

Summary on Deriving Rules 678 Summary on Deriving Rules HOL is very powerful in terms of what we can represent/derive: • All well-known inference rules can be derived. • Other “logical” syntax (e.g. if-then-else) can be defined. • Rich theories can be obtained by a method we see next lecture. Basin: HOL: Derived Rules; http://www.infsec.ethz.ch/education/permanent/csmr/ (rev. 16802)