1. No category

Automated Theorem Proving - Prerequisites

Automated Theorem Proving
Prerequisites:
Introduction, First-Order Logic
Substitutions, Unification
Semantics, Meta Results, Normal Forms
Reiner Hähnle
Department of Computer Science
Technische Universität Darmstadt
25 April 2014
28 April 2014
5 May 2014
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
1 / 64
Course Team
Teachers
I Reiner Hähnle, S2|02/A204 (lectures)
I
Antonio Flores Montoya, S2|02/A223 (exercises)
Course Home Page
https://www.se.tu-darmstadt.de/teaching/courses/automated-theorem-proving
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
2 / 64
Organisational Stuff
D120 (Fachschaft) Forum Group
I
Register at http://d120.de/forum
I
Visit and participate at
http://d120.de/forum/viewforum.php?f=525
I
Changes, updates, questions, discussions
(please do not post complete solutions)
Passing Criteria
I Exam: oral, by individual agreement
I
Practical programming exercise (not graded)
I
Theoretical exercises (not graded)
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
3 / 64
Exercises
Exercises
I Exercises (linked on website; ca. 1 week in advance)
I
Feel free to discuss in D120 forum group (add spoiler alert)
I
Solutions discussed in exercise lectures
I
Try to solve exercises before coming to exercise class
I
Exercises not obligatory, but strongly recommended
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
4 / 64
Course Structure
Course Structure, see also course web page
Topic
Prerequisites
Basic Tableaux
Proof Procedures
Advanced Tableaux
Resolution
Term Memory
SAT/SMT
Instance-based Methods
ATP: Prerequisites
Lecture Nos.
1–3
4
5
6–7
8–9
10–11
12
13
Week
17–19
20
20
21, 23 + 7 Exercise Sessions
23–24
26–27
27
29
TU Darmstadt, Software Engineering Group
140425/140428/140505
5 / 64
Schedule
Go to course home page
Distribution of lectures/exercises irregular due to travel committments
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
6 / 64
Course Literature
[1]
Melvin C. Fitting.
First-Order Logic and Automated Theorem Proving.
Springer-Verlag, New York, second edition, 1996.
[2]
John Harrison.
Handbook of Practical Logic and Automated Reasoning.
Cambridge University Press, 2009.
[3]
Alan Robinson and Andrei Voronkov, editors.
Handbook of Automated Reasoning.
Elsevier Science B.V., 2001.
[4]
Leo Bachmair and Harald Ganzinger.
Resolution theorem proving.
In Robinson and Voronkov, chapter 2, pages 19–99.
[5]
Reiner Hähnle.
Tableaux and related methods.
In Robinson and Voronkov, chapter 3, pages 101–178.
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
7 / 64
2014-05-09
ATP
Organisation
Course Literature
Course Literature
[1]
Melvin C. Fitting.
First-Order Logic and Automated Theorem Proving.
Springer-Verlag, New York, second edition, 1996.
[2]
John Harrison.
Handbook of Practical Logic and Automated Reasoning.
Cambridge University Press, 2009.
[3]
Alan Robinson and Andrei Voronkov, editors.
Handbook of Automated Reasoning.
Elsevier Science B.V., 2001.
[4]
Leo Bachmair and Harald Ganzinger.
Resolution theorem proving.
In Robinson and Voronkov, chapter 2, pages 19–99.
[5]
Reiner Hähnle.
Tableaux and related methods.
In Robinson and Voronkov, chapter 3, pages 101–178.
1. Suitable as an introduction into the prerequisites part (first 3 lectures) of
the course. The book is out of print, but there is a copy in the library and I
have one myself. All concepts are illustrated by Prolog implementations.
Out of print. Will be made available to course participants as a copy.
2. Like Fitting’s book, this covers the prerequisites of the course. It is a
well-written, thorough (perhaps a slightly verbose) step-by-step intro into
all underlying concepts of ATP. Everything is illustrated with ML
implementations.
3. Collection of in-depth, state-of-art treatments of a comprehensive subject
list in ATP. Each chapter is usually written by the top experts for the area.
Hard and e-copies copies are available from me.
4. This is used as a basis for the lectures on Resolution.
5. This is used as a basis for the lectures on Tableaux.
Why Is Automated Theorem Proving of Interest?
Automated Theorem Proving used as service in many applications
I
Often “invisible” and users oblivious
I
I
I
I
I
I
SAT solvers used to infer package compatibility in Linux distributions
Indispensible in modern automated SWE tools
Static Driver Verifier part of Windows Driver Kit
Automated glass-box test generation (KeY-TestGen, PET, Pex)
Validation tools for Web Ontology Language OWL
New results in mathematics
Vision: comparable to compiler generator technology
I Learnable and usable with limited effort by average CS degree holder
I
Robust, predictable, and fully automatic
I
Clear API
Not quite there yet!
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
8 / 64
Learning Outcomes
Know enough about ATP technology to be “enlightened” user
I Understand main principles on which automated reasoning is based
I
Be able to judge their limitations, relative strengths and drawbacks
I
Judge suitability of a reasoning method for a given application
I
Understand documentation/usage of ATP tools and apply them
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
9 / 64
Framing Automated Deduction
Natural language
Mathematical problems
Program + specification
formalization
Syntax (formal language)
first-order logic
temporal logic, etc.
Modeling
s
tic on)
n
a
ti
m nc
Se
fu
h
ut
(tr
Valid Expressions
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
(d
Automated
er
Ca
lc
iva
ulu
tio
n)
s
Deduction
Provable Expressions
140425/140428/140505
10 / 64
2014-05-09
ATP
Framework
Framing Automated Deduction
Natural language
Mathematical problems
Program + specification
formalization
Framing Automated Deduction
Syntax (formal language)
first-order logic
temporal logic, etc.
Modeling
s
tic n)
io
an
m nct
Se
fu
h
ut
(tr
Valid Expressions
Automated
Ca
(d
er
lcu
iva
lus
Deduction
tio
n)
Provable Expressions
Completeness
Soundness
1. Real phenomena are formalised, i.e., expressed using a formal language.
2. As usual, the definition of that formal language is called syntax.
3. In the case of software verification, formalisation is comparatively easy as
the problem is already given in a formal language.
4. For natural language, formalisation is much more difficult. Mathematics is
somewhere in between.
5. Formulas are assigned a semantics using a truth function. Using the
semantics, the adequacy of the formalisation can be checked. This process
is called modelling.
6. Syntax + semantics = logic
7. When modelling has been done, the provability of formulas implies the
corresponding real phenomenon is true (provided that the formalisation is
adequate and up to the realized degree of granularity).
8. The truth function may not be computable.
9. Valid means: true in all models (not just satisfiable).
10. For many logics, the truth function can be characterised (or approximated)
Research in Automated Theorem Proving
From Theory to Applications
Applications
Implementation
I
Software
verification
I
Hardware
verification
I
Test case
generation
Calculi
I
Proof Theory
I
Meta results
about logics
and calculi
ATP: Prerequisites
I
Complete
and sound
sets of
proof rules
I
Proof
procedures
I
Automated
bug finding
I
Proof representations
I
Semantic
web
Optimized
proof rules
I
Data
structures
I
Pure mathematics
TU Darmstadt, Software Engineering Group
140425/140428/140505
11 / 64
Why First-Order Predicate Logic?
Logics that are less expressive than FOL
propositional logic
propositional temporal logic
propositional modal logic
Expressiveness vs. Automation/Performance
Logics that are more expressive than FOL
higher-order predicate logic
first-order temporal logic
program logics (f.o. dynamic logic, f.o. µ-calculus)
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
12 / 64
2014-05-09
ATP
Framework
Why First-Order Predicate Logic?
Logics that are less expressive than FOL
propositional logic
propositional temporal logic
propositional modal logic
Why First-Order Predicate Logic?
Expressiveness vs. Automation/Performance
Logics that are more expressive than FOL
higher-order predicate logic
first-order temporal logic
program logics (f.o. dynamic logic, f.o. µ-calculus)
1. First-order predicate logic is the most expressive logic for which AD works
reasonably well, i.e., interesting theorems can be deduced automatically.
2. Of course, AD in the less expressive logics is easier. Therefore, if possible,
modelling should be done in these less expressive logics.
3. They are often decidable and AD in particular logics are own areas of
research (CTL/model checking, PropLog/SAT). However, much of what is
said in this course holds for AD in these logics as well.
4. The more expressive logics can only to a certain extent be handled
automatically. The design of good interactive systems with a good user
interface etc. is important in that area.
5. Nevertheless AD techniques can be used to increase the degree of
automatisation of these interactive deduction systems. All competitive
interactive provers incorporate ATPs.
Why First-Order Predicate Logic? More Arguments
FOL is very well understood and can be restricted as well as extended:
I
Syntactically simpler fragments can be decidable
I
Extensions can increase expressivity
Bernays-Schönfinkel prefix class ∃∗ ∀∗
Range-restricted (guarded) first-order logic
First-order logic
First-order logic with reachability
Well-understood and efficient FOL ATP algorithms can be modified
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
13 / 64
Potted History of AD
-1950
1954
1955ff
1958
1960f
1963
1963ff
1963ff
1968
1971ff
1970ff
1985ff
1987
1988ff
1990ff
2001ff
2005ff
Proof-theory (basis of AD) by Skolem, Herbrand, Gentzen
First machine-generated proof
Semantic tableaux (Beth, Hintikka)
First prover for first-order logic (Prawitz)
Davis-Putnam-Logeman-Loveland procedure (basis for SAT solvers)
Term unification (J. A. Robinson)
Resolution, inverse method (Maslov)
Modern tableaux (Smullyan, Lis)
Model elimination (Loveland)
Connection method (Bibel), Matings (Andrews)
Prolog, Refinements of resolution
Deduction in non-classical logics, Renaissance of tableaux methods
Tableaux with unification
Saturation calculi FOL w/ equality, Term indexing
“Hybrid”, instance-based inference methods
Leap in efficiency of SAT solving
SMT (“Satisfiability modulo theories”) solvers trade off SAT, FOL
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
14 / 64
Organisation
Motivation
Framework
History
First-Order Logic
Syntax
Substitutions
Unification
Semantics
Formalisation
Meta Results
Normal Form
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
15 / 64
Syntax of First-Order Logic
Definition (First-order signature)
Σ = hFΣ , PΣ i, where FΣ , PΣ non-empty, disjoint, countable sets of
function/predicate symbols
I
I
I
Each element FΣ ∪ PΣ has non-negative arity
0-ary function symbols called constant (term)
Var is infinite set of object or individual variables
Example
Σ≤ = h{0, 1, 2, . . . , a, b, f }, {in iv, leq}i,
a, b, 0, 1, 2, . . . are 0-ary (constants)
f is unary
leq is binary — allow concrete syntax · ≤ ·
in iv is ternary — allow concrete syntax · ∈ [· , ·]
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
16 / 64
2014-05-09
ATP
First-Order Logic
Syntax of First-Order Logic
Definition (First-order signature)
Σ = hFΣ , PΣ i, where FΣ , PΣ non-empty, disjoint, countable sets of
function/predicate symbols
I
Syntax
Syntax of First-Order Logic
I
I
Each element FΣ ∪ PΣ has non-negative arity
0-ary function symbols called constant (term)
Var is infinite set of object or individual variables
Example
Σ≤ = h{0, 1, 2, . . . , a, b, f }, {in iv, leq}i,
a, b, 0, 1, 2, . . . are 0-ary (constants)
f is unary
leq is binary — allow concrete syntax · ≤ ·
in iv is ternary — allow concrete syntax · ∈ [· , ·]
The signature of a logic is analogous to the signature of a program:
predicate symbols correspond to boolean methods and function symbols
to others.
There are important differences, though: logic predicates and functions
never have side effects. In our simple version of FOL we also have no
types: functions can be arbitrarily composed. Only boolean predicates
have a special syntactic role.
Syntax of First-Order Logic Cont’d
Definition (Sets of Terms TΣ and Atoms AΣ over Σ)
Inductive definition
1. Var ⊆ TΣ
2. If t1 , . . . , tn ∈ TΣ , f ∈ FΣ n-ary, then f (t1 , . . . , tn ) ∈ TΣ
3. If t1 , . . . , tn ∈ TΣ , p ∈ PΣ n-ary, then p(t1 , . . . , tn ) ∈ AΣ
I
A variable-free term (atom) is called ground term (atom)
I
TΣ0 (A0Σ ) is the set of all ground terms (atoms) over Σ
Example
f (x), f (f (0)) ∈ TΣ≤
a, f (f (0)) ∈ TΣ0≤
a ≤ f (b), 3 ∈ [f (2), 4] ∈ A0Σ≤
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
17 / 64
2014-05-09
ATP
First-Order Logic
Syntax of First-Order Logic Cont’d
Definition (Sets of Terms TΣ and Atoms AΣ over Σ)
Inductive definition
1. Var ⊆ TΣ
2. If t1 , . . . , tn ∈ TΣ , f ∈ FΣ n-ary, then f (t1 , . . . , tn ) ∈ TΣ
Syntax
Syntax of First-Order Logic Cont’d
3. If t1 , . . . , tn ∈ TΣ , p ∈ PΣ n-ary, then p(t1 , . . . , tn ) ∈ AΣ
I
A variable-free term (atom) is called ground term (atom)
I
TΣ0 (A0Σ ) is the set of all ground terms (atoms) over Σ
Example
f (x), f (f (0)) ∈ TΣ≤
a, f (f (0)) ∈ TΣ0≤
a ≤ f (b), 3 ∈ [f (2), 4] ∈ A0Σ≤
1. “Inductive definition” means that we mean the smallest set of objects that
satisfies the generation principle.
2. In other words, no non-standard objects like cyclic terms or terms over a
larger signature.
3. When it is obvious “Inductive definition” not added explicitly.
Syntax of First-Order Logic Cont’d
I
I
I
true, false are logical constants
∨, ∧, ¬ are connectives
∀, ∃ are quantifiers
Definition (First-order formulas LΣ over Σ)
1. true, false ∈ LΣ
2. AΣ ⊂ LΣ
3. If ϕ ∈ LΣ then ¬ϕ ∈ LΣ
4. If ϕ1 , . . . , ϕn ∈ LΣ , n ≥ 2, ϕi no disjunction, then
(ϕ1 ∨ · · · ∨ ϕn ) ∈ LΣ is disjunction
If ϕ1 , . . . , ϕn ∈ LΣ , n ≥ 2, ϕi no conjunction, then
(ϕ1 ∧ · · · ∧ ϕn ) ∈ LΣ is conjunction
5. If ϕ ∈ LΣ , x ∈ Var then (∀x)ϕ ∈ LΣ , (∃x)ϕ ∈ LΣ
ϕ is scope of quantifier ∀x, resp., ∃x
Any occurrence of x in ϕ is called bound
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
18 / 64
2014-05-09
ATP
First-Order Logic
Syntax of First-Order Logic Cont’d
I
I
I
true, false are logical constants
∨, ∧, ¬ are connectives
∀, ∃ are quantifiers
Definition (First-order formulas LΣ over Σ)
Syntax
1. true, false ∈ LΣ
2. AΣ ⊂ LΣ
3. If ϕ ∈ LΣ then ¬ϕ ∈ LΣ
Syntax of First-Order Logic Cont’d
4. If ϕ1 , . . . , ϕn ∈ LΣ , n ≥ 2, ϕi no disjunction, then
(ϕ1 ∨ · · · ∨ ϕn ) ∈ LΣ is disjunction
If ϕ1 , . . . , ϕn ∈ LΣ , n ≥ 2, ϕi no conjunction, then
(ϕ1 ∧ · · · ∧ ϕn ) ∈ LΣ is conjunction
5. If ϕ ∈ LΣ , x ∈ Var then (∀x)ϕ ∈ LΣ , (∃x)ϕ ∈ LΣ
ϕ is scope of quantifier ∀x, resp., ∃x
Any occurrence of x in ϕ is called bound
1. Traditional short-hand symbols used instead of Java/JML-style.
2. Strictly speaking we have families of disjunctions and conjunctions for all
arities > 1, but we use the same symbol for all of them. It is no restriction
to exclude nested disjunctions and conjunctions, because these operators
are associative.
3. Analogy between quantified formulas and local variable declarations.
4. Scope is smallest formula following the variable declaration
Use brackets when scope needs to be extended.
Syntax Example
“Sticks and stones may break your bones,
but words will never hurt”
Signature
I weapon, word, hurts unary predicate symbols
I
stone, stick, blockhead constants
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
19 / 64
2014-05-09
ATP
First-Order Logic
Syntax Example
“Sticks and stones may break your bones,
but words will never hurt”
Syntax
Syntax Example
Signature
I weapon, word, hurts unary predicate symbols
I
stone, stick, blockhead constants
Formula that expresses the proverb
(∀ x)(weapon(x) → hurts(x)) ∧
(∀ x)(word(x) → ¬hurts(x)) ∧
weapon(stick) ∧ weapon(stone)
∧
word(blockhead)
1. Efficiency: subsumed sticks and stones under category “weapon” to avoid
repetition.
2. It is not necessary to give a concrete instance of the predicate word.
Note efficiency of the formalization :-)
Syntax of First-Order Logic Cont’d
Definition (Free variable, Sentence)
Occurrence of variable x in a formula is free when:
I
occurrence of x not bound
I
occurrence of x not of the form (∀x) or (∃x)
ϕ ∈ LΣ is a sentence if it has no free variable occurrences;
aka closed formula
Can assume variables don’t occur bound and free:
Replace
(∀x, y )p(y , z) ∨ (∃w )q(w , y )
with
(∀x, y 0 )p(y 0 , z) ∨ (∃w )q(w , y )
Renaming of bound variables aka α-conversion
Convention: use caps for free variable occurrences
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
20 / 64
2014-05-09
ATP
First-Order Logic
Syntax
Syntax of First-Order Logic Cont’d
Definition (Free variable, Sentence)
Occurrence of variable x in a formula is free when:
I
occurrence of x not bound
I
occurrence of x not of the form (∀x) or (∃x)
ϕ ∈ LΣ is a sentence if it has no free variable occurrences;
aka closed formula
Syntax of First-Order Logic Cont’d
Can assume variables don’t occur bound and free:
Replace (∀x, y )p(y , z) ∨ (∃w )q(w , y )
with
(∀x, y 0 )p(y 0 , z) ∨ (∃w )q(w , y )
Renaming of bound variables aka α-conversion
Convention: use caps for free variable occurrences
1. Can even assume that variables occur either bound or free or not at all:
Replace (∀x)p
with
p
Syntax of First-Order Logic Cont’d
Definition (Literals)
Formulas of the form ¬p, p, where p ∈ AΣ , are literals
Atoms are positive literals, negated atoms negative literals
Abbreviations
I Write (∀x1 , . . . , xn )ϕ for (∀x1 ) · · · (∀xn )ϕ, similar for ∃
I
ϕ → ψ for ¬ϕ ∨ ψ
I
ϕ ↔ ψ for (ϕ ∧ ψ) ∨ (¬ϕ ∧ ¬ψ)
Example
∈AΣ≤
scope of ∃z
z
}|
{
z }| {
¬ Y ≤ X → (∃z) (¬z ≤ X ∧ ¬Y ≤ z)
¬Y ≤ X is a (negative) literal
(∀x, y )(¬y ≤ x → (∃z)(¬z ≤ x ∧ ¬y ≤ z)) is a sentence —
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
Semantics?
140425/140428/140505
21 / 64
Syntax of First-Order Logic Cont’d
Definition (Ground, Size)
A formula w/o variable occurrences is ground (implies quantifier-free).
The size of a formula is its length as a string.
I
When parsing formulas use precedence: quantifiers > ∧ > ∨ > →
I
Can use brackets, but omit when unambiguous
Definition (Subformula)
If a formula is fully bracketed, then a subformula is any substring that is
itself a formula.
Definition (Complement)
The complement of a formula ϕ is ϕ =
ATP: Prerequisites
ψ
if ϕ of the form ¬ψ
¬ϕ otherwise
TU Darmstadt, Software Engineering Group
140425/140428/140505
22 / 64
2014-05-09
ATP
First-Order Logic
Syntax
Syntax of First-Order Logic Cont’d
Definition (Ground, Size)
A formula w/o variable occurrences is ground (implies quantifier-free).
The size of a formula is its length as a string.
I
When parsing formulas use precedence: quantifiers > ∧ > ∨ > →
I
Can use brackets, but omit when unambiguous
Definition (Subformula)
Syntax of First-Order Logic Cont’d
If a formula is fully bracketed, then a subformula is any substring that is
itself a formula.
Definition (Complement)
The complement of a formula ϕ is ϕ =
ψ
if ϕ of the form ¬ψ
¬ϕ otherwise
1. If a formula is not fully bracketed, then the subformula definition can give
unwanted results:
In (∀ x)p(x) ∧ q only p(x) is a subformula, but the above definition would
also admit p(x) ∧ q.
Where is Propositional Logic?
Obtain propositional logic as special case of FOL
A first-order formula is called propositional when
I
it is ground (no variables, no quantifiers)
I
it contains no function symbols
Consequence: only 0-ary predicate symbols
Example
p ∧ (q ∨ ¬r ) is propositional, but not p(a), p(X )
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
23 / 64
Substitutions
Definition (Substitution)
Substitution is mapping σ : Var → TΣ
Substitution domain dm(σ) = {x ∈ Var | σ(x) 6= x}
S
Substitution range rg (σ): variables occurring in x∈dm(σ) {σ(x)}
For substitution w/ finite domain {x1 , . . . , xn }: {x1 /σ(x1 ), . . . , xn /σ(xn )}
Definition (Extension of σ to terms and (sets of) formulas)
I
σ(s) = s, s 0-ary function or predicate symbol
I
σ(true) = true, σ(false) = false
I
σ(s(t1 , . . . , tn )) = s(σ(t1 ), . . . , σ(tn )), s ∈ FΣ ∪ PΣ , arity of s ≥ 1
I
σ(¬ϕ) = ¬σ(ϕ)
I
σ(ϕ1 • · · · • ϕn ) = σ(ϕ) • · · · • σ(ϕn ), • ∈ {∧, ∨}
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
24 / 64
2014-05-09
ATP
First-Order Logic
Substitutions
Substitutions
Substitutions
Definition (Substitution)
Substitution is mapping σ : Var → TΣ
Substitution domain dm(σ) = {x ∈ Var | σ(x) 6= x}
S
Substitution range rg (σ): variables occurring in x∈dm(σ) {σ(x)}
For substitution w/ finite domain {x1 , . . . , xn }: {x1 /σ(x1 ), . . . , xn /σ(xn )}
Definition (Extension of σ to terms and (sets of) formulas)
I
σ(s) = s, s 0-ary function or predicate symbol
I
σ(true) = true, σ(false) = false
I
σ(s(t1 , . . . , tn )) = s(σ(t1 ), . . . , σ(tn )), s ∈ FΣ ∪ PΣ , arity of s ≥ 1
I
σ(¬ϕ) = ¬σ(ϕ)
I
σ(ϕ1 • · · · • ϕn ) = σ(ϕ) • · · · • σ(ϕn ), • ∈ {∧, ∨}
1. At the core of ATP technology: replace parts of formulas
2. We want to replace, say, x in p(x) with a term t.
Usually, we want to do this in a minimalistic way, that is only change x but
not any other variable. Therefore, we need the technical notion domain
that tells which variables are affected by a given substitution.
Range is sometimes called variable range. It tells us which variables are
introduced by a substitution.
3. So far, substitutions are defined as homomorphisms on formulas, but . . .
Substitutions Cont’d
Quantified formula hides scope like local variable declaration
x
x =y
σx (y ) =
hence, dm(σx ) = dm(σ)\{x}
σ(y ) x 6= y
I
σ((Qx)ϕ) = (Qx)σx (ϕ), Q ∈ {∃, ∀}
I
σ({ϕ1 , . . . , ϕn }) = {σ(ϕ1 ), . . . , σ(ϕn )}
I
(σ ◦ τ )(x) = σ(τ (x)) = (τ σ)(x) (postfix: confusing, but customary)
Customary to write ϕσ instead of σ(ϕ)
Example
ϕ = ¬Y ≤ X → (∃z)(¬z ≤ X ∧ ¬Y ≤ z)
σ = {X /a, Y /W , z/c}
ϕσ = ¬W ≤ a → (∃z)(¬z ≤ a ∧ ¬W ≤ z)
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
25 / 64
Substitutions Cont’d
An unwanted effect
(∀x)p(x, Y ){Y /x} = (∀x)p(x, x)
Definition (Free substitution)
A substitution is free for ϕ, if for all occurrences Y of free variables in ϕ,
Y is not in the scope of a quantifier that binds a variable in σ(Y ).
Substitutions easily made free by renaming of bound variables
Composition of free substitutions easy to compute:
Theorem
If σ is free for ϕ and τ is free for ϕσ, then ϕ(στ ) = (ϕσ)τ .
Proof is exercise.
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
26 / 64
Three Special Cases of Substitutions
Definition (Grounding Substitution)
A grounding substitution σ for ϕ replaces all free variables in a formula
by ground terms: σ(x) ∈ TΣ0 for all free variables in ϕ.
Definition (Variable Renaming)
A variable renaming of a formula ϕ is a substitution ν with:
I
ν(x) ∈ Var for all x ∈ Var
I
ν is injective
I
ν(X ) does not occur in ϕ for free variables X of ϕ
Definition (Idempotent Substitution)
A substitution σ is idempotent if σσ = σ.
(This is the case iff vars in range and domain are disjoint.)
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
27 / 64
Unification
Definition (Unifier, Unifying Substitution, MGU)
A substitution σ is a unifier of a non-empty set of terms T if |T σ| = 1.
Moreover, σ is most general unifier (MGU) of T , if:
1. σ is unifier of T and
2. for all unifiers ν of T there is a substitution ρ such that ν = σρ
Example
{X /c, Y /a, Z /c} is a unifier of {f (X , a), f (Z , Y )}, but not an MGU
An MGU is {X /Z , Y /a}
{f (X , X ), f (Y , g (Y ))} not unifiable, because t 6= g (t) for all t ∈ TΣ
{f (X ), g (Y )} not unifiable, because f (t) 6= g (t 0 ) for all t, t 0 ∈ TΣ
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
28 / 64
2014-05-09
ATP
First-Order Logic
Unification
Unification
Unification
Definition (Unifier, Unifying Substitution, MGU)
A substitution σ is a unifier of a non-empty set of terms T if |T σ| = 1.
Moreover, σ is most general unifier (MGU) of T , if:
1. σ is unifier of T and
2. for all unifiers ν of T there is a substitution ρ such that ν = σρ
Example
{X /c, Y /a, Z /c} is a unifier of {f (X , a), f (Z , Y )}, but not an MGU
An MGU is {X /Z , Y /a}
{f (X , X ), f (Y , g (Y ))} not unifiable, because t 6= g (t) for all t ∈ TΣ
{f (X ), g (Y )} not unifiable, because f (t) 6= g (t 0 ) for all t, t 0 ∈ TΣ
1. An MGU does not loose any information when it is used to unify two
expressions, because any other unifier can be recovered from it.
2. There are (infinitely) many MGUs for each pair of unifiable terms with at
least one variable: obtain by adding suitable variable renaming.
Unification Cont’d
Theorem (Existence of MGU)
If two terms are unifiable, then they have an MGU.
Proof Sketch.
For t, t 0 ∈ TΣ , let t ≤ t 0 (“more general than”) iff tσ = t 0 for some σ
1. If t, t 0 are unifiable with u, then t ≤ u, t 0 ≤ u
2. Build a lattice over terms based on ≤
3. In a lattice the lub t t t 0 ≤ u always exists and yields MGU
Complications:
1.
2.
3.
4.
5.
6.
≤ is not partial order on TΣ
Must define t u t 0 in suitable way (“most specific generalisation”)
Must ensure that < (strict order derived from ≤) is well-founded
Show lattice property
Extract MGU for variable-disjoint t, t 0
Lift restriction on variable-disjointness
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
29 / 64
2014-05-09
ATP
First-Order Logic
Unification
Unification Cont’d
Unification Cont’d
Theorem (Existence of MGU)
If two terms are unifiable, then they have an MGU.
Proof Sketch.
For t, t 0 ∈ TΣ , let t ≤ t 0 (“more general than”) iff tσ = t 0 for some σ
1. If t, t 0 are unifiable with u, then t ≤ u, t 0 ≤ u
2. Build a lattice over terms based on ≤
3. In a lattice the lub t t t 0 ≤ u always exists and yields MGU
Complications:
1.
2.
3.
4.
5.
6.
≤ is not partial order on TΣ
Must define t u t 0 in suitable way (“most specific generalisation”)
Must ensure that < (strict order derived from ≤) is well-founded
Show lattice property
Extract MGU for variable-disjoint t, t 0
Lift restriction on variable-disjointness
Why is ≤ no partial order on TΣ ?
Anti-symmetry does not hold: x ≤ y & y ≤ x does not imply x = y .
Standard way to obtain PO:
condense non-identical elements into equivalence class
t ∼ t 0 iff t ≤ t 0 & t 0 ≤ t is ER on TΣ .
(t ∼ t 0 iff there is injective ν : Var → Var with tν = t 0 .)
≤ is now partial order on TΣ / ∼ (write [t] for t/ ∼) with:
[t] ≤ [t 0 ] iff t ≤ t 0 f.a. t ∈ [t], t 0 ∈ [t 0 ]
Proof this as an exercise!
What are the minimal and maximal elements of TΣ / ∼ wrt ≤?
Minimal: [x] = Var (just one, like anonymous variables in Prolog)
Maximal: {[t] | t ∈ TΣ0 } (no top element!)
f (t1 u t10 , . . . , tn u tn0 ) t = f (t1 , . . . , tn ), t 0 = f (t10 , . . . , tn0 )
t u t0 =
nv (t, t 0 )
else (nv : TΣ × TΣ → Var injective)
u on T / ∼ defined as: [t] u [t 0 ] = [t u t 0 ]
Properties of MGUs
Some Properties of MGUs
1. If σ is MGU and ν variable renaming, then σν is MGU
1.1 MGUs can be assumed to be idempotent
1.2 MGUs can be assumed to be in solved form:
In {x1 /t1 , . . . , xn /tn } each xi has single occurrence
1.3 MGU unique up to variable renaming
1.4 MGU for term set T can be composed in any sequence
2. If σ is MGU of T , then |T σ| can be exponential in |T |
Example
h(x1 , x2 , . . . , xn , f (y0 , y0 ), . . . , f (yn−1 , yn−1 ), yn )
h(f (x0 , x0 ), . . . , f (xn−1 , xn−1 ), y1 , . . . , yn , xn )
Any MGU in solved form contains
{y0 /x0 , y1 /f (x0 , x0 ), y2 /f (f (x0 , x0 ), f (x0 , x0 )), . . .}
Exponential size and time!
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
30 / 64
2014-05-09
ATP
First-Order Logic
Unification
Properties of MGUs
Properties of MGUs
Some Properties of MGUs
1. If σ is MGU and ν variable renaming, then σν is MGU
1.1 MGUs can be assumed to be idempotent
1.2 MGUs can be assumed to be in solved form:
In {x1 /t1 , . . . , xn /tn } each xi has single occurrence
1.3 MGU unique up to variable renaming
1.4 MGU for term set T can be composed in any sequence
2. If σ is MGU of T , then |T σ| can be exponential in |T |
Example
h(x1 , x2 , . . . , xn , f (y0 , y0 ), . . . , f (yn−1 , yn−1 ), yn )
h(f (x0 , x0 ), . . . , f (xn−1 , xn−1 ), y1 , . . . , yn , xn )
Any MGU in solved form contains
{y0 /x0 , y1 /f (x0 , x0 ), y2 /f (f (x0 , x0 ), f (x0 , x0 )), . . .}
Exponential size and time!
1. From the construction of an MGU in the last item of the previous slide, it
is obvious that one can add arbitrary variable renamings.
1.1: Idempotency equivalent to range and domain disjoint. This can
obviously be achieved by variable renaming.
1.2: Now solved form is trivial.
1.3: Structure of TΣ / ∼ makes clear that MGU is unique up to renaming
(injective ν : Var → Var), because non-renaming substitutions move up in
TΣ / ∼ and thus wouldn’t give lub.
1.4: Associativity of lattice operators imply that the MGU of a finite set of
terms can be composed from the MGUs of subsets in any desired sequence.
MGUs Cont’d
Triangular Form of Unifiers
Allow variables to appear both on left and right, but:
once a variable appears on the left it cannot appear on the right.
Example
h(x1 , x2 , . . . , xn , f (y0 , y0 ), . . . , f (yn−1 , yn−1 ), yn )
h(f (x0 , x0 ), . . . , f (xn−1 , xn−1 ), y1 , . . . , yn , xn )
MGU in triangular form has polynomial size
hy0 /x0 , yn /f (yn−1 , yn−1 ), . . . , y1 /f (x0 , x0 ), xn /f (xn−1 , xn−1 ), . . . , x1 /f (x0 , x0 )i
I
Still exponential time needed to check whether xn , yn unify
I
One solution: use DAGs to represent terms
I
Unification decidable in linear time
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
31 / 64
2014-05-09
ATP
First-Order Logic
Unification
MGUs Cont’d
MGUs Cont’d
Triangular Form of Unifiers
Allow variables to appear both on left and right, but:
once a variable appears on the left it cannot appear on the right.
Example
h(x1 , x2 , . . . , xn , f (y0 , y0 ), . . . , f (yn−1 , yn−1 ), yn )
h(f (x0 , x0 ), . . . , f (xn−1 , xn−1 ), y1 , . . . , yn , xn )
MGU in triangular form has polynomial size
hy0 /x0 , yn /f (yn−1 , yn−1 ), . . . , y1 /f (x0 , x0 ), xn /f (xn−1 , xn−1 ), . . . , x1 /f (x0 , x0 )i
I
Still exponential time needed to check whether xn , yn unify
I
One solution: use DAGs to represent terms
I
Unification decidable in linear time
Linear-time algorithms are technically involved.
Much effort was spent in late 1970s and early 80s to design low (worst
case) complexity unification algorithms. None of them is used in practice.
Why?
1. Having lower asymptotic complexity pays off only when unifying long terms
of a certain “bad” shape which do not occur frequently in practice. On the
other hand, higher constants are a disadvantage in all other cases.
2. Algorithms require complex datastructures to represent terms that are
incompatible with other representations in theorem provers.
3. Deciding non-unifiability is in practice the much more important and
common case. This led to hashing schemata for terms that proved very
effective, see lecture on Term Memory.
Computation of MGUs
A Rule Set to Compute MGUs
?
?
T = {s1 = t1 , . . . , sn = tn } unification problem, σ in solved form
?
{t = t} ∪ T
T
σ
σ
?
(Trivial)
{t = x} ∪ T
{x = t} ∪ T
?
{f (s1 , . . . , sn ) = f (t1 , . . . , tn )} ∪ T
?
?
{s1 = t1 , . . . , sn = tn } ∪ T
?
{f (s1 , . . . , sn ) = g (t1 , . . . , tm )} ∪ T
>
?
{x = t} ∪ T
>
σ
?
σ
σ
t 6∈ Var
(Orient)
σ
(Decompose)
σ
σ
x occurs in t
(Clash)
(Occur Check)
?
{x = t} ∪ T σ x occurs not in t
T {x/t} σ{x/t} ∪ {x/t}
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
(Variable Elimination)
140425/140428/140505
32 / 64
2014-05-09
ATP
First-Order Logic
Unification
Computation of MGUs
Computation of MGUs
A Rule Set to Compute MGUs
?
?
T = {s1 = t1 , . . . , sn = tn } unification problem, σ in solved form
?
{t = t} ∪ T
T
σ
σ
?
(Trivial)
{t = x} ∪ T
?
?
{s1 = t1 , . . . , sn = tn } ∪ T
?
{f (s1 , . . . , sn ) = g (t1 , . . . , tm )} ∪ T
>
?
{x = t} ∪ T
>
σ
?
{x = t} ∪ T
?
{f (s1 , . . . , sn ) = f (t1 , . . . , tn )} ∪ T
σ
t 6∈ Var
(Orient)
σ
σ
(Decompose)
σ
σ
(Clash)
x occurs in t
(Occur Check)
?
{x = t} ∪ T σ x occurs not in t
T {x/t} σ{x/t} ∪ {x/t}
(Variable Elimination)
How to prove that this rule set actually computes an MGU?
The idea is to add a third slot in the rules that maintains the set of those
positions where the terms differ (like t in the unification lattice) and for
which an MGU has been computed already. This is empty in the
beginning and increased in the (Variable Elimination) rule. All other rules
keep it as an invariant. Then, one argues that all difference pairs are
eventually reached. This is ensured, because the other rules either are
applied at most once or they move down the left-hand side term in the
well-founded lattice.
Computation of MGUs Cont’d
Theorem
Any sequence of rule applications terminates either with > or with {}|σ.
In the latter case, σ is an MGU for T in solved form.
Example
?
{f (g (x, y ), y ) = f (z, h(z))} {}
?
?
{g (x, y ) = z, y = h(z)} {}
?
?
{z = g (x, y ), y = h(z)} {}
?
{y = h(g (x, y ))} {z/g (x, y )}
>
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
33 / 64
2014-05-09
Computation of MGUs Cont’d
ATP
First-Order Logic
Theorem
Any sequence of rule applications terminates either with > or with {}|σ.
In the latter case, σ is an MGU for T in solved form.
Unification
Computation of MGUs Cont’d
Example
?
{f (g (x, y ), y ) = f (z, h(z))} {}
?
?
{g (x, y ) = z, y = h(z)} {}
?
?
{z = g (x, y ), y = h(z)} {}
?
{y = h(g (x, y ))} {z/g (x, y )}
>
?
{f (g (x, y ), y ) = f (z, h(w ))} {}
?
?
{g (x, y ) = z, y = h(w )} {}
?
?
{z = g (x, y ), y = h(w )} {}
?
{y = h(w )} {z/g (x, y )}
{} {z/g (x, h(w )), y /h(w )}
Robinson’s Algorithm (1963)
while s1 6= t1 { // ( Trivial )
let s 0 , t 0 be first sub-terms where s1 , t1
differ; // ( Trivial , Decompose )
i f (neither of s 0 , t 0 is variable) { return >; // ( Clash )
} else {
let x be a variable; // ( Orient )
let t be the other term;
i f (x occurs in t ) { return >; // ( Occur Check )
} e l s e { // ( Variable Elimination )
σ := σ{x/t} ∪ {x/t};
T := T {x/t};
}
}
}
Robinson’s algorithm is one particular rule application strategy
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
34 / 64
Organisation
Motivation
Framework
History
First-Order Logic
Syntax
Substitutions
Unification
Semantics
Formalisation
Meta Results
Normal Form
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
35 / 64
Semantics of First-Order Logic
Definition (First-Order Structure)
First-order structure M = hD, Ii over Σ consists of domain D 6= ∅ and
interpretation I such that:
I
I
for each n-ary f ∈ FΣ is I(f ) : Dn → D
for each n-ary p ∈ PΣ is I(p) ⊆ Dn
Example (M≤ over
D
I(0)
I(a)
I(b)
Σ = Σ≤
)
IR
0
−1
1
IR → IR
I(f )
=
x 7→ x 2
hr1 , r2 i ∈ I(≤)
iff r1 ≤IR r2
hr1 , r2 , r3 i ∈ I(· ∈ [· , ·]) iff r2 ∈ [r1 , r3 ] in IR
ATP: Prerequisites
=
=
=
=
TU Darmstadt, Software Engineering Group
140425/140428/140505
36 / 64
2014-05-09
ATP
First-Order Logic
Semantics of First-Order Logic
Definition (First-Order Structure)
First-order structure M = hD, Ii over Σ consists of domain D 6= ∅ and
interpretation I such that:
I
I
Semantics
Semantics of First-Order Logic
for each n-ary f ∈ FΣ is I(f ) : Dn → D
for each n-ary p ∈ PΣ is I(p) ⊆ Dn
Example (M≤ over
D
I(0)
I(a)
I(b)
Σ = Σ≤
)
=
=
=
=
IR
0
−1
1
IR → IR
I(f )
=
x 7→ x 2
hr1 , r2 i ∈ I(≤)
iff r1 ≤IR r2
hr1 , r2 , r3 i ∈ I(· ∈ [· , ·]) iff r2 ∈ [r1 , r3 ] in IR
1. A structure fixes a domain of discourse and an interpretation of the terms.
Domain also called universe.
Connectives and quantifier semantics is “built-in” and not variable.
The domain needs not be countable. Whether the intended domain can be
axiomatized by FOL is a different question.
2. What is the meaning of the formula on bottom of slide 29 in M≤ ?
Density of real numbers.
Semantics Cont’d
Definition (Variable Assignment with modification at x)
Variable assignment (for M): β : Var → D
d
x =y
βxd (y ) =
β(y ) otherwise
Extend M and β inductively to Terms/Formulas
x M,β
f (t1 , . . . , tn )M,β
M, β |= true
M, β |= p(t1 , . . . , tn )
M, β |= ¬ϕ
M, β |= ϕ1 ∧ · · · ∧ ϕn
M, β |= ϕ1 ∨ · · · ∨ ϕn
M, β |= (∀x)ϕ
M, β |= (∃x)ϕ
ATP: Prerequisites
=
=
for
iff
iff
iff
iff
iff
iff
β(x) for x ∈ Var
I (f )(t1 M,β , . . . , tn M,β )
all M and β
ht1 M,β , . . . , tn M,β i ∈ I(p)
not M, β |= ϕ
M, β |= ϕi f.a. 1 ≤ i ≤ n
M, β |= ϕi f.s. 1 ≤ i ≤ n
M, βxd |= ϕ f.a. d ∈ D
M, βxd |= ϕ f.s. d ∈ D
TU Darmstadt, Software Engineering Group
140425/140428/140505
37 / 64
2014-05-09
ATP
First-Order Logic
Semantics
Semantics Cont’d
Semantics Cont’d
Definition (Variable Assignment with modification at x)
Variable assignment (for M): β : Var → D
d
x =y
βxd (y ) =
β(y ) otherwise
Extend M and β inductively to Terms/Formulas
x M,β
f (t1 , . . . , tn )M,β
M, β |= true
M, β |= p(t1 , . . . , tn )
M, β |= ¬ϕ
M, β |= ϕ1 ∧ · · · ∧ ϕn
M, β |= ϕ1 ∨ · · · ∨ ϕn
M, β |= (∀x)ϕ
M, β |= (∃x)ϕ
=
=
for
iff
iff
iff
iff
iff
iff
β(x) for x ∈ Var
I (f )(t1 M,β , . . . , tn M,β )
all M and β
ht1 M,β , . . . , tn M,β i ∈ I(p)
not M, β |= ϕ
M, β |= ϕi f.a. 1 ≤ i ≤ n
M, β |= ϕi f.s. 1 ≤ i ≤ n
M, βxd |= ϕ f.a. d ∈ D
M, βxd |= ϕ f.s. d ∈ D
1. Variable assignment fixes the meaning of free variables.
The modified variable assignment is needed to handle quantifiers whose
scope is over a local variable x. This is analogous to a runtime stack with
values of local variables. We encountered this technicality already when
extending substitutions to quantified formulas.
2. Case for false not needed, because excluded by inductive definition:
M, β |= false for no M and β
Semantics Cont’d
Definition (Satisfaction, Validity)
M, β satisfy ϕ ∈ LΣ when M, β |= ϕ.
M is a model of ϕ when M, β |= ϕ for all β.
ϕ ∈ LΣ is valid if each Σ-structure is a model of ϕ: write |= ϕ.
Example
ψ = ∀x, y [¬y ≤ x → (∃z)(¬z ≤ x ∧ ¬y ≤ z)]
M≤ model of ψ (IR is dense); ψ not valid
∀x p(x) → ∃y p(y ) valid
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
38 / 64
2014-05-09
ATP
First-Order Logic
Semantics Cont’d
Definition (Satisfaction, Validity)
M, β satisfy ϕ ∈ LΣ when M, β |= ϕ.
M is a model of ϕ when M, β |= ϕ for all β.
Semantics
Semantics Cont’d
ϕ ∈ LΣ is valid if each Σ-structure is a model of ϕ: write |= ϕ.
Example
ψ = ∀x, y [¬y ≤ x → (∃z)(¬z ≤ x ∧ ¬y ≤ z)]
M≤ model of ψ (IR is dense); ψ not valid
∀x p(x) → ∃y p(y ) valid
Exercise in formalisation:
Intermediate Value Theorem:
Let f : IR → IR be a continuous function on [a, b] ⊂ IR.
Then f takes on every value in [min(f (a), f (b)), max(f (a), f (b))].
You can make simplifying assumptions, like f (a) < f (b).
There are many possibilities to define continuity of a function. Not all are
easy to express in FOL!
Try to use only the signature Σ≤ and the symbols occurring in the
statement of the theorem.
If you are ambitious, try to formalize a proof. You need total order,
density, and closedness of the reals.
Semantics Example
“Sticks and stones may break your bones, but words will never hurt”
I
I
weapon, word, hurts unary predicate symbols
stone, stick, blockhead constants
(∀ x)(weapon(x) → hurts(x)) ∧
(∀ x)(word(x) → ¬hurts(x)) ∧
weapon(stick) ∧ weapon(stone)
∧
word(blockhead)
Satisfiable? Valid?
D = {towel, rosebud}
I(stick) = I(stone) = towel
I(blockhead) = rosebud
I(word) = {hrosebudi}
I(weapon) = {htoweli}
I(hurts) = {htoweli}
Cannot access domain objects from formulas!
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
39 / 64
Semantic Relations
Definition (Logical Consequence, Equivalence)
ϕ ∈ LΣ is logical consequence of Ψ ⊂ LΣ if each structure that is a
model for all ψ ∈ Ψ is also model of ϕ.
Write Ψ |= ϕ
(note that |= is overloaded)
Two formulas are equivalent if they are consequences of each other.
Two formulas are satisfiability equivalent if they are either both
satisfiable (possibly in different structures) or both unsatisfiable.
Equivalence implies satisfiability equivalence
Example
(∃x)(∃y )p(x, y ) and (∃y )(∃x)p(x, y ) are equivalent.
(∃x)p(x) and p(c) are only satisfiability equivalent. — Why?
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
40 / 64
Expressiveness
Example (Abstract Data Type)
Σs = h{nil, push, pop}, {empty, stack}i
nil is constant
pop, empty, stack are unary
push is binary
Axs = {stack(nil), . . . , (∀e, x)(stack(x) → stack(push(e, x))), . . .}
What can be expressed in FOL?
I Formulas cannot directly specify structure of semantic domain
I
In general, this is not possible in FOL (Gödel’s results)
I
Certain data structures can be specified up to isomorphy in FOL
I
Incomplete specification can be desirable: Axs |= stack(pop(nil))?
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
41 / 64
Semantics of Propositional Logic
Propositional Logic
I No quantifiers
I
No function symbols
I
Only 0-ary predicates (propositional variables)
Consequence: domain is irrelevant, require only interpretation I of p
0
Represent I : Σ → 2D = {∅, {hi}} as I = {p ∈ Σ | I(p) 6= ∅} ⊆ Σ
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
42 / 64
2014-05-09
ATP
First-Order Logic
Semantics
Semantics of Propositional Logic
Semantics of Propositional Logic
Propositional Logic
I No quantifiers
I
No function symbols
I
Only 0-ary predicates (propositional variables)
Consequence: domain is irrelevant, require only interpretation I of p
0
Represent I : Σ → 2D = {∅, {hi}} as I = {p ∈ Σ | I(p) 6= ∅} ⊆ Σ
1. D0 = {hi} is the set consisting of the empty tuple.
2. A propositional interpretation is identified with the set of propositional
variables it makes true.
Example of Formalisation in FOL
A Theorem in Elementary Set Theory
(1) S ∩ Q = ∅
(2)
P ⊆ Q ∪R
(3) P = ∅ ; Q =
6 ∅ (4) Q ∪ R ⊆ S
(5)
P ∩ R 6= ∅
Formalisation of Set Theory in FOL
I
Atom p(x) models x ∈ P
Recall that M, β |= p(x) iff β(x) ∈ I(p) ⊆ D
I
conjunction ∼ intersection, disjunction ∼ union
I
implication ∼ subset relation, existential quantifier ∼ non-empty set
Example
(1) ¬∃x(s(x) ∧ q(x))
(2) ∀x(p(x) → (q(x) ∨ r (x)))
(3) ¬∃x(p(x)) → ∃y (q(y )) (4) ∀x((q(x) ∨ r (x)) → s(x))
(5)
∃x(p(x) ∧ r (x))
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
43 / 64
Organisation
Motivation
Framework
History
First-Order Logic
Syntax
Substitutions
Unification
Semantics
Formalisation
Meta Results
Normal Form
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
44 / 64
Meta Results: Complexity
Propositional Logic
I The relation is decidable and co-NP-complete
I
Deciding satisfiability of a formula is an NP-complete problem
First-Order Logic
I The relation is undecidable
I
The sets of valid and unsatisfiable formulas are recursively
enumerable
I
The set of satisfiable formulas is not recursively enumerable
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
45 / 64
Meta Results: Characterizing Logical Consequence
Theorem (Deduction Theorem)
For any ϕ ∈ LΣ and sentences Ψ ⊂ LΣ :
Ψ |= ϕ iff
Ψ ∪ {¬ϕ} is unsatisfiable.
V
If Ψ finite, this holds iff |= ψ∈Ψ ψ → ϕ.
Special case: ϕ is valid
iff
¬ϕ is unsatisfiable.
Example
Ψ must be sentences:
Ψ = {p(Y )}, ϕ = (∀x)p(x)
Ψ |= ϕ, but {p(Y ), ¬(∀x)p(x)} satisfiable
(use M = h{a, b}, Ii, where I(p) = {hbi}, β(Y ) = b)
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
46 / 64
2014-05-09
ATP
First-Order Logic
Meta Results: Characterizing Logical Consequence
Meta Results
Meta Results: Characterizing Logical Consequence
Theorem (Deduction Theorem)
For any ϕ ∈ LΣ and sentences Ψ ⊂ LΣ :
Ψ |= ϕ iff
Ψ ∪ {¬ϕ} is unsatisfiable.
V
iff |= ψ∈Ψ ψ → ϕ.
If Ψ finite, this holds
Special case: ϕ is valid
iff
¬ϕ is unsatisfiable.
Example
Ψ must be sentences:
Ψ = {p(Y )}, ϕ = (∀x)p(x)
Ψ |= ϕ, but {p(Y ), ¬(∀x)p(x)} satisfiable
(use M = h{a, b}, Ii, where I(p) = {hbi}, β(Y ) = b)
The Deduction Theorem is extremely important for ATP, because it
allows to reduce the meta-level consequence relation to the object level.
It is a purely syntactic version of the principle of proof by contradiction.
The second crucial reduction is discussed on the next slide.
Meta Results: Representing Structures Syntactically
Cannot Prove Validity Based on General Semantic Definitions
I Uncountably many structures
I
Content of domain inaccessible from formulas
Herbrand’s Idea: work with structures based on the formula signature
Definition (Term Structure)
Assume FΣ contains at least one constant: TΣ0 6= ∅.
A Σ-term structure is a structure whose domain is D = TΣ0 .
I
Now t M,β ∈ TΣ0 and β(x) ∈ TΣ0
I
Identify variable assignments with ground substitutions
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
47 / 64
Herbrand Structures
Interpretation in Σ-Term Structures
I
It is natural to fix t M,β = β(t)
Call Σ-term structures with this property Herbrand structure.
I
As in prop. logic, identify interpretations with sets of ground atoms:
{p(t1 , . . . , tn ) ∈ A0Σ | ht1 , . . . , tn i ∈ I(p)} ⊆ A0Σ
I
Semantics of propositional connectives unaffected
I
How to interpret quantified formulas?
Skolem Symbols
When does M, β |= (∃x)ϕ hold?
I
there must be some ground term t such that M, β |= ϕ{x/t}
I
but interpretation of t must not be “committed”: use fresh symbol
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
48 / 64
2014-05-09
ATP
First-Order Logic
Herbrand Structures
Interpretation in Σ-Term Structures
I
Meta Results
Herbrand Structures
It is natural to fix t M,β = β(t)
Call Σ-term structures with this property Herbrand structure.
I
As in prop. logic, identify interpretations with sets of ground atoms:
{p(t1 , . . . , tn ) ∈ A0Σ | ht1 , . . . , tn i ∈ I(p)} ⊆ A0Σ
I
Semantics of propositional connectives unaffected
I
How to interpret quantified formulas?
Skolem Symbols
When does M, β |= (∃x)ϕ hold?
I
there must be some ground term t such that M, β |= ϕ{x/t}
I
but interpretation of t must not be “committed”: use fresh symbol
1. For ground terms we have t M,β = t
2. The problem is to assign a domain element for the value of x that makes
(∃ x)ϕ(x) true. If we take a ground term t, then we cannot in general
assign t itself as the denotation of t anymore. Hence, this bijection will
not satisfy t M,β = β(t).
Herbrand Structures Cont’d
Definition (Skolem-Extension of Signature)
Given signature Σ for a set of first-order formulas.
Fsko has countably many function symbols for each arity disjoint with FΣ .
The Skolem-extension of Σ is Σ∗ = hPΣ∗ , FΣ∗ i, where:
PΣ∗ = PΣ and FΣ∗ = FΣ ∪ Fsko .
Later we will prove:
Theorem
Let Σ∗ be Skolem-extension of Σ for a LΣ -formula ϕ.
Then ϕ is satisfiable iff there is a Herbrand model H over Σ∗ of ϕ.
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
49 / 64
Herbrand Structures: Example
Example
ϕ = q ∧ p(0) ∧ (∀x)(p(x) → p(s(s(x))))
Ground terms over signature Σ of ϕ are TΣ0 = {0, s(0), s(s(0)), . . .}
A0Σ = {q, p(0), p(s(0)), p(s 2 (0)), . . .}
Define an Herbrand structure H = (TΣ0 , I):
Let I(q) = {q}
Let I(p) = {p(0), p(s 2 (0)), p(s 4 (0)), . . .}
Then I = I(p) ∪ I(q) = {q, p(0), p(s 2 (0)), p(s 4 (0)), . . .}
H is a model of ϕ
When the domain TΣ0 of an Herbrand structure is fixed, identify H with I
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
50 / 64
2014-05-09
ATP
First-Order Logic
Herbrand Structures: Example
Example
ϕ = q ∧ p(0) ∧ (∀x)(p(x) → p(s(s(x))))
Ground terms over signature Σ of ϕ are TΣ0 = {0, s(0), s(s(0)), . . .}
Meta Results
Herbrand Structures: Example
A0Σ = {q, p(0), p(s(0)), p(s 2 (0)), . . .}
Define an Herbrand structure H = (TΣ0 , I):
Let I(q) = {q}
Let I(p) = {p(0), p(s 2 (0)), p(s 4 (0)), . . .}
Then I = I(p) ∪ I(q) = {q, p(0), p(s 2 (0)), p(s 4 (0)), . . .}
H is a model of ϕ
When the domain TΣ0 of an Herbrand structure is fixed, identify H with I
Note that we do not need the extended signature to construct an
Herbrand model for ϕ. This is due to the fact that ϕ contains only
“universal” subformulas. This can be stated as a theorem.
Herbrand’s Theorem
Definition (Universal Formula)
A universal formula is a sentence of the form (∀x1 , . . . , xk )ϕ where ϕ is
quantifier-free.
For universal formulas Skolem-extensions are not required:
Theorem (Herbrand’s Theorem)
(i) A set Ψ of universal Σ-formulas has a model
(ii) Ψ has an Herbrand model over Σ
iff
iff
(iii) The set Σ(Ψ) of all ground instances of Ψ has an Herbrand model
Σ(Ψ) = {ϕ{x1 /t1 , . . . , xn /tn } | (∀x1 , . . . , xn )ϕ ∈ Ψ, ti ∈ TΣ0 , 1 ≤ i ≤ n}
Example
Σ(Ψ) for Ψ = {q, p(0), (∀x)(p(x) → p(s 2 (x)))}:
{q, p(0), p(0) → p(s 2 (0)), p(s(0)) → p(s 3 (0)), . . .}
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
51 / 64
2014-05-09
ATP
First-Order Logic
Herbrand’s Theorem
Definition (Universal Formula)
A universal formula is a sentence of the form (∀x1 , . . . , xk )ϕ where ϕ is
quantifier-free.
For universal formulas Skolem-extensions are not required:
Meta Results
Herbrand’s Theorem
Theorem (Herbrand’s Theorem)
(i) A set Ψ of universal Σ-formulas has a model
(ii) Ψ has an Herbrand model over Σ
iff
iff
(iii) The set Σ(Ψ) of all ground instances of Ψ has an Herbrand model
Σ(Ψ) = {ϕ{x1 /t1 , . . . , xn /tn } | (∀x1 , . . . , xn )ϕ ∈ Ψ, ti ∈ TΣ0 , 1 ≤ i ≤ n}
Example
Σ(Ψ) for Ψ = {q, p(0), (∀x)(p(x) → p(s 2 (x)))}:
{q, p(0), p(0) → p(s 2 (0)), p(s(0)) → p(s 3 (0)), . . .}
1. For universal formulas an even more restrictive class of structures than
term structures is sufficient: Herbrand structures.
2. Herbrand’s Theorem is extremely important for ATP, because it
reduces—in a sense—semantics to syntax. Only ground instances and
Herbrand structures need to be considered.
3. Proof sketch:
(i) to (iii): observe that any ground term denotes some value, therefore,
Σ(Ψ) has a model. Compute all ground atoms I that are consequences of
Σ(Ψ). This set, seen as an Herbrand interpretation, is easily shown to
satisfy Σ(Ψ) (eg, by structural induction).
(iii) to (ii): by definition of Herbrand model and the fact that variable
assignments are grounding substitutions in Herbrand models.
(ii) to (i): trivial.
Meta Results: Compactness
Definition (Compactness)
A logic (the relation |=) is compact provided that:
any set Φ of formulas has a model iff all finite subsets of Φ have a model.
Theorem (Compactness of First-Order Logic)
First-order logic is compact.
Corollary
A set Ψ of universal formulas is unsatisfiable iff
there is an unsatisfiable finite set Ψ ⊆ Σ(Ψ) of ground instances of Ψ.
This follows from compactness and Herbrand’s Theorem
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
52 / 64
2014-05-09
ATP
First-Order Logic
Meta Results
Meta Results: Compactness
Meta Results: Compactness
Definition (Compactness)
A logic (the relation |=) is compact provided that:
any set Φ of formulas has a model iff all finite subsets of Φ have a model.
Theorem (Compactness of First-Order Logic)
First-order logic is compact.
Corollary
A set Ψ of universal formulas is unsatisfiable iff
there is an unsatisfiable finite set Ψ ⊆ Σ(Ψ) of ground instances of Ψ.
This follows from compactness and Herbrand’s Theorem
1. The contraposition of Compactness (+ Deduction Theorem) says:
A set of formulas is unsatisfiable iff it has already a finite subset that is
unsatisfiable.
This yields the strong version of Herbrand’s Theorem (the Corollary). To
show unsatisfiability, we only need a finite number of ground substitutions.
These turn out to be obtainable from MGUs. It is sufficient to look at all
possible MGUs between all atoms of a large enough number of new
instances of universal formula. These are finitely many!
During this course we will proof several constructive versions of this
theorem.
2. Note that a satisfiable universal formula needs not have a finite Herbrand
model as ϕ on the previous slide shows.
In general a satisfiable formula needs not have a finite model at all.
Meta Results: Replacement Theorem
Theorem (Replacement Theorem)
Let ϕ, ψ, ψ 0 ∈ LΣ and ψ an occurrence of a subformula in ϕ, write ϕ[ψ].
Assume ψ and ψ 0 are equivalent.
Let ϕ0 be the result of replacing the occurrence of ψ in ϕ with ψ 0 , that
is, ϕ0 = ϕ[ψ 0 ].
Then ϕ and ϕ0 are equivalent.
Can be weakened to “logical consequence”.
Example
Cannot be weakened to “satisfiability equivalent”:
ϕ = p ∧ q, ψ = q, ψ 0 = ¬p, then ϕ0 = p ∧ ¬p
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
53 / 64
Normal Form
Normal Forms of Formulas, cf. Compilation
Rewrite formulas into (satisfiability) equivalent simpler form
I
Less connectives and quantifiers, more regular syntactic structure
I
Simpler datastructures often more efficient
I
Easier to define optimized proof rules
I
Caveat: preserve semantics, avoid information loss
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
54 / 64
Clauses
Definition (Clause)
A clause is one of the following universal formulas:
I
I
false, denoted with symbol 2
(∀x1 , . . . , xn )(L1 ∨ · · · ∨ Lm ), m ≥ 1, Li literals
Clause Notation
I Disjunction associative & commutative:
identify clause with multiset of literals {{L1 , . . . , Lm }}
I
Universal quantification over all free variables implicit
I
I
Empty multiset {{}} = empty clause 2 = false
I
Clause with exactly one literal occurrence: unit clause
Hence, notation C ⊆ D, L ∈ C , etc., well-defined
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
55 / 64
2014-05-09
ATP
First-Order Logic
Clauses
Definition (Clause)
A clause is one of the following universal formulas:
I
I
Normal Form
Clauses
false, denoted with symbol 2
(∀x1 , . . . , xn )(L1 ∨ · · · ∨ Lm ), m ≥ 1, Li literals
Clause Notation
I Disjunction associative & commutative:
identify clause with multiset of literals {{L1 , . . . , Lm }}
I
Universal quantification over all free variables implicit
I
I
Empty multiset {{}} = empty clause 2 = false
I
Clause with exactly one literal occurrence: unit clause
Hence, notation C ⊆ D, L ∈ C , etc., well-defined
Universal formulas played already a role in Herbrand’s Theorem.
Further syntactic restrictions are essential for efficient theorem proving
methods.
Normal Forms: Conjunctive Normal Form
Definition (CNF)
A formula ϕ is in conjunctive normal form (CNF) if it is of the form
r
^
Ci , where the Ci are clauses
i=1
Identify CNF formula with finite set of clauses {C1 , . . . , Cr }
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
56 / 64
Clause Instantiation
Definition (σ-Instance)
Let domain dm(σ) of substitution σ be variables of clause
C = {{L1 , . . . , Lm }}.
C σ = {{L1 σ, . . . , Lm σ}} σ-instance of C .
If σ is variable renaming: C σ new instance of C .
If σ is ground substitution: C σ ground instance of C .
σ-instance is not ((∀x1 , . . . , xn )(L1 ∨ · · · ∨ Lm ))σ, but
(∀y1 , . . . , yn )(L1 σ ∨ · · · ∨ Lm σ), where {y1 , . . . , yn } = rg (σ)
Theorem
Every LΣ -formula ϕ can be transformed into a LΣ∗ -formula ϕ∗ in CNF
that is satisfiability equivalent to ϕ.
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
57 / 64
2014-05-09
ATP
First-Order Logic
Clause Instantiation
Definition (σ-Instance)
Let domain dm(σ) of substitution σ be variables of clause
C = {{L1 , . . . , Lm }}.
C σ = {{L1 σ, . . . , Lm σ}} σ-instance of C .
Normal Form
Clause Instantiation
If σ is variable renaming: C σ new instance of C .
If σ is ground substitution: C σ ground instance of C .
σ-instance is not ((∀x1 , . . . , xn )(L1 ∨ · · · ∨ Lm ))σ, but
(∀y1 , . . . , yn )(L1 σ ∨ · · · ∨ Lm σ), where {y1 , . . . , yn } = rg (σ)
Theorem
Every LΣ -formula ϕ can be transformed into a LΣ∗ -formula ϕ∗ in CNF
that is satisfiability equivalent to ϕ.
In the resulting clause instances their quantifier prefix is implicitly still
present.
In the case of ground instances, of course, no quantifiers present, because
the range of a ground substitution is the empty set.
Computing CNF Step by Step
Example
(∀u)(∀x)(
((∀y )p(y , u) → p(x, Y )) ∧ (∀x)p(x, u)
)
Step 1: Expand → and ↔
(∀u)(∀x)(
(¬(∀y )p(y , u) ∨ p(x, Y )) ∧ (∀x)p(x, u)
)
Step 2: Renaming of Bound Variables
Any variable bound at most once and no variable appears bound and free
(∀u)(∀x)(
(¬(∀w )p(w , u) ∨ p(x, Y )) ∧ (∀z)p(z, u)
)
Step 3: Push ¬ inwards: Negation Normal Form (NNF)
Use De Morgan’s laws and ¬∃ ≡ ∀¬, ¬∀ ≡ ∃¬
(∀u)(∀x)(
ATP: Prerequisites
((∃w )¬p(w , u) ∨ p(x, Y )) ∧ (∀z)p(z, u)
TU Darmstadt, Software Engineering Group
)
140425/140428/140505
58 / 64
Computing CNF Step by Step Cont’d
Step 4: Eliminate ∃-formulas: Skolemization
M, β |= (∃x)ϕ iff M, βxd |= ϕ for some d ∈ D
I
use syntactic representation td of d to replace (∃x)ϕ with ϕ{x/td }
I
ensure existence of suitable interpretation by using fresh f ∈ Fsko
I
td depends on free variables in (∃x)ϕ, so take
td = f (x1 , . . . , xn ) where {x1 , . . . , xn } free vars of (∃x)ϕ
Replace subformula (∃x)ϕ (free vars {x1 , . . . , xn }) by ϕ{x/f (x1 , . . . , xn )}
∗ ,β
Preserves satisfiability over suitable Σ∗ -structure (f (x1 , . . . , xn )M
= d)
Example
(∀u)(∀x)( ((∃w )¬p(w , u) ∨ p(x, Y )) ∧ (∀z)p(z, u) )
(∀u)(∀x)( (¬p(f (u), u) ∨ p(x, Y )) ∧ (∀z)p(z, u) )
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
59 / 64
About Skolemization
Result of Skolemization depends on chosen subformula
y, z
(∀x)(∃y )(∃z)p(x, y , z)
z, y
(∀x)p(x, f (x), g (x))
(∀x)p(x, k(x), h(x, k(x)))
Pushing ∃ in first (“miniscoping”) can help
(∃x)(p(x) ∧ q(y ))
(∃x)p(x) ∧ q(y )
p(c) ∧ q(y )
p(f (y )) ∧ q(y )
Re-Using Skolem Symbols
Assume Skolem symbols of same arity are ordered f1 , f2 , . . .
When replacing subformula ψ = (∃x)ϕ of LΣ∗ -formula use fi s.th.:
1. i > j for all fj of same arity occurring in ψ
2. if fψ = fψ0 then ψ, ψ 0 are renamings of each other
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
60 / 64
2014-05-09
ATP
First-Order Logic
Normal Form
About Skolemization
About Skolemization
Result of Skolemization depends on chosen subformula
y, z
(∀x)(∃y )(∃z)p(x, y , z)
z, y
(∀x)p(x, f (x), g (x))
(∀x)p(x, k(x), h(x, k(x)))
Pushing ∃ in first (“miniscoping”) can help
(∃x)(p(x) ∧ q(y ))
(∃x)p(x) ∧ q(y )
p(c) ∧ q(y )
p(f (y )) ∧ q(y )
Re-Using Skolem Symbols
Assume Skolem symbols of same arity are ordered f1 , f2 , . . .
When replacing subformula ψ = (∃x)ϕ of LΣ∗ -formula use fi s.th.:
1. i > j for all fj of same arity occurring in ψ
2. if fψ = fψ0 then ψ, ψ 0 are renamings of each other
1. Working from outside in (that is, Skolemizing outermost quantifiers first)
tends to give better results.
2. Minimizing the scope can get rid of free variables in the scope.
“Miniscoping” also called “antiprenexing”.
It is not sound to “prenex” the existential quantifier over conjunctions in
general, but “antiprenexing” is ok.
3. It is enough when f is new in the context of the scope of its quantifier.
This relaxation is expressed in the second condition.
Associating Skolem symbols with subformulas also makes the
implementation more efficient, because they can be allocated up front.
Computing CNF Step by Step Cont’d
Step 5: Pull ∀ out: Prenex Normal Form (PNF)
(∀u)(∀x)(
(¬p(f (u), u) ∨ p(x, Y )) ∧ (∀z)p(z, u)
(∀u, x, z)(
(¬p(f (u), u) ∨ p(x, Y )) ∧ p(z, u)
)
)
This is sound, because of bound variable renaming (step 2)
Step 6: Compute CNF of Scope
Use distributivity of ∨, ∧
(∀u, x, z)(
(¬p(f (u), u) ∨ p(x, Y )) ∧ p(z, u)
)
Using clause notation:
{{{¬p(f (u), u), p(x, y )}}, {{p(z, u)}}}
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
61 / 64
Complexity of Normal Form Computation
Steps 1 (elimination of ↔) and 6 (propositional CNF) can lead to
“exponential blowup”
Example
(p1 ∧ q1 ) ∨ (p2 ∧ q2 ) ∨ · · · ∨ (pn ∧ qn )
is transformed into 2n clauses
(p1 ∨ p2 ∨ · · · ∨ pn ) ∧
(p1 ∨ p2 ∨ · · · ∨ qn ) ∧
···
(q1 ∨ q2 ∨ · · · ∨ qn )
Idea: introduce abbreviations for subformulas to render them “flat”
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
62 / 64
Structure Preserving CNF Translation
Theorem (Replacing complex subformulas by abbreviations)
Let ϕ, ψ ∈ LΣ and ψ an occurrence of a subformula in ϕ, write ϕ[ψ]
{x1 , . . . , xn } the free variables of ψ, p n-ary predicate symbol fresh for ϕ
Then ϕ satisfiability equivalent to:
(∀x1 , . . . , xn )(p(x1 , . . . , xn ) ↔ ψ) ∧ ϕ[p(x1 , . . . , xn )]
I
Follows directly from Replacement Theorem and definition of ↔
I
Apply whenever ψ is disjunction, conjunction, equivalence: nesting
depth of ϕ reduced
I
Linear # of logical connectives in ϕ:
after |ϕ| many steps fixed logical nesting depth of 3 obtained
I
Steps 1+6 now depth-bound, remaining steps 2–5 are polynomial
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
63 / 64
2014-05-09
ATP
First-Order Logic
Structure Preserving CNF Translation
Theorem (Replacing complex subformulas by abbreviations)
Let ϕ, ψ ∈ LΣ and ψ an occurrence of a subformula in ϕ, write ϕ[ψ]
{x1 , . . . , xn } the free variables of ψ, p n-ary predicate symbol fresh for ϕ
Then ϕ satisfiability equivalent to:
Normal Form
Structure Preserving CNF Translation
(∀x1 , . . . , xn )(p(x1 , . . . , xn ) ↔ ψ) ∧ ϕ[p(x1 , . . . , xn )]
I
Follows directly from Replacement Theorem and definition of ↔
I
Apply whenever ψ is disjunction, conjunction, equivalence: nesting
depth of ϕ reduced
I
Linear # of logical connectives in ϕ:
after |ϕ| many steps fixed logical nesting depth of 3 obtained
I
Steps 1+6 now depth-bound, remaining steps 2–5 are polynomial
1. Replacement theorem gives equivalence, but first have to extend signature
and fix suitable interpretation to accomodate new symbol.
Hence, only satisfiability equivalence. But this happens already for
skolemization.
2. There are a linear number of new abbreviations, each at most linear in size
of (free variables in) ϕ, hence result is at most quadratic.
3. Generating a “good” short CNF is difficult (for example choosing the right
Skolem term). One could give a course just on this problem.
Normal Forms: Summary
Potential problems
Benefits
I
Proofs hard to read for humans
I
Some uses (verification) need
proofs on non-clausal level:
information loss, decompilation
I
For some non-classical logics a
CNF is unknown
I
Simpler syntax helps to
detect new refinements
I
Efficient implementability
I
Completeness proofs stay
manageable
I
I
Comparability (most
deduction procedures
implemented on clauses)
Some uses (knowledge
compilation) require model
preservation: CNF exponential
I
Computing a “good” CNF is
difficult
ATP: Prerequisites
TU Darmstadt, Software Engineering Group
140425/140428/140505
64 / 64

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz