Mechanizing Set Theory: Cardinal Arithmetic and the Axiom of Choice - PowerPoint PPT Presentation

Gra ¸bczewski & Paulson Mechanizing Set Theory 1 Mechanizing Set Theory: Cardinal Arithmetic and the Axiom of Choice Krzysztof Gra ¸bczewski , Copernicus University, Torun, Poland Lawrence C Paulson , Computer Laboratory, Cambridge University, UK Funding : EPSRC grant GR/H40570; TEMPUS Project JEP 3340; ESPRIT Project 6453

Gra ¸bczewski & Paulson Mechanizing Set Theory 2 The Generic Proof Assistant Isabelle many logics ⋆ higher-order syntax ⋆ unification • Expressions are typed λ -terms • Schematic rules are generalized Horn clauses (like λ Prolog’s) • Resolution applies rules for proof checking • Tactic language allows user-defined automation • Generic packages include simplifier, tableau prover, ...

Gra ¸bczewski & Paulson Mechanizing Set Theory 3 Some Isabelle Logics • FOL, Constructive Type Theory, modal logics, linear logic, ... • ZF set theory – Built upon FOL – Lamport’s Temporal Logic of Actions ( Sara Kalvala ) – Milner & Tofte’s co-induction example ( Jacob Frost ) • HOL – I/O Automata ( Nipkow & Slind ) – hardware examples ( Sara Kalvala ) – semantic equivalence ( L¨ otzbeyer & Sandner )

Gra ¸bczewski & Paulson Mechanizing Set Theory 4 The Cardinal Proofs • Aim : justify recursive definitions like D = 1 + D + (ω → D ) • Basis : theories of relations, functions, recursion, ordinals, ... • Method : mechanize most of Kunen, Set Theory , Chapter I. – orders – order-isomorphisms – order types – ordinal arithmetic – cardinality – infinite cardinals – AC

Gra ¸bczewski & Paulson Mechanizing Set Theory 5 Kunen’s Proof of κ ⊗ κ = κ “By transfinite induction on κ . Then for α < κ , | α × α | = | α | ⊗ | α | < κ . Define a wellordering ⊳ on κ × κ by � α, β � ⊳ � γ, δ � iff max (α, β) < max (γ, δ) ∨ [max (α, β) = max (γ, δ) ∧ � α, β � precedes � γ, δ � lexicographically]. Each � α, β � ∈ κ × κ has no more than | ( max (α, β)) + 1 × ( max (α, β)) + 1 | < κ predecessors in ⊳ , so type (κ × κ, ⊳ ) ≤ κ , whence | κ × κ | ≤ κ . Since clearly | κ × κ | ≥ κ , | κ × κ | = κ .” ⊓ ⊔

Gra ¸bczewski & Paulson Mechanizing Set Theory 6 Formulations of the Well-Ordering Theorem W O 1 : Every set can be well-ordered. W O 2 : Every set is equipollent to an ordinal number. . . . W O 6 : For every set x , there exists m ≥ 1, an ordinal α , and a function f defined on α such that f (β) � m for every β < α and � β<α f (β) = x . W O 7 : For every set A , A is finite ⇐ ⇒ for each well-ordering R of A , also R − 1 well-orders A . From Rubin & Rubin, Equivalents of the Axiom of Choice , Chapter 1

Gra ¸bczewski & Paulson Mechanizing Set Theory 7 Formulations of the Axiom of Choice AC 1 : If A is a set of non-empty sets then there exists f such that f ( B ) ∈ B for all B ∈ A . . . . AC 6 : The product of a set of non-empty sets is non-empty. . . . AC 16 ( n , k ) : If A is an infinite set then there is a set t n of n -element subsets of A such that each k -element subset of A is a subset of exactly one element of t n . (1 < k < n ) From Rubin & Rubin, Equivalents of the Axiom of Choice , Chapter 2

Gra ¸bczewski & Paulson Mechanizing Set Theory 8 Proof of W O 6 ⇒ W O 1 Lemma . If W O 6 and y × y ⊆ y then y can be well-ordered. Proof : by induction using Lemma (ii) below. ⊓ ⊔ Theorem . If W O 6 then every set x can be well-ordered. Proof : Define y such that x ⊆ y and y × y ⊆ y .  z 0 = x  � y = z n , where z n + 1 = z n ∪ ( z n × z n ) n ∈ ω  Hence x is a subset of a well-ordered set. ⊓ ⊔

Gra ¸bczewski & Paulson Mechanizing Set Theory 9 Lemma for W O 6 ⇒ W O 1 � � m : ∃ f ,α dom ( f ) = α, � Let N y = β<α f (β) = y , ∀ β<α f (β) � m Lemma (ii) : If m ∈ N y and m > 1 then m − 1 ∈ N y . Proof : Assume y × y ⊆ y and m ∈ N ( y ) . Then f and α exist. Put def u βγ δ = [ f (β) × f (γ ) ] ∩ f (δ) (β, γ, δ < α) Clearly u βγ δ � m , dom ( u βγ δ ) � m , rng ( u βγ δ ) � m . Case 1 : ∀ β<α . f (β) �= 0 → ∃ γ,δ<α . dom ( u βγ δ ) �= 0 ∧ dom ( u βγ δ ) ≺ m Case 2 : ∃ β<α . f (β) �= 0 ∧ ∀ γ,δ<α . dom ( u βγ δ ) �= 0 → dom ( u βγ δ ) ≈ m Complex reasoning reduces m (and doubles α ) in both cases. ⊓ ⊔

Gra ¸bczewski & Paulson Mechanizing Set Theory 10 Observations • Mechanisation of parts of two advanced texts – Kunen, Set Theory , most of Chapter I ( Paulson ) – Rubin & Rubin, Equivalents of AC , Chapters 1–2 ( Gra ¸bczewski ) • Obstacles to faithful mechanisation – unevenly-sized gaps in human proofs (intuitive leaps) – different definitions of standard concepts • Features for future systems? – type inclusions, e.g. naturals ⊆ cardinals ⊆ ordinals ⊆ sets – inheritance of structure (for algebra)