Course: Theorem Proving
Elementary set theory
Fadoua Ghourabi ([email protected])
December 7, 2016
1
Introduction
Sets are collections of things. A fruit bag that contains an apple, an orange
and a kiwi is a set denoted by fruit bag = {apple, orange, kiwi}. kiwi is an
element of the fruit bag. We write kiwi ∈ fruit bag. kaki is not an element
of the fruit bag. Namely, ¬(kaki ∈ fruit bag). A set that contains nothing
is called an empty set and denoted by {}. The order of the elements in a set
is unimportant. We can see that {apple, orange, kiwi} and {kiwi, apple,
orange} refer to the same fruit bag. We also disregard duplicate elements.
So, {apple, orange, orange, kiwi} is the same as {apple, orange, kiwi}. We
call the universe U the set of all the fruits. The fruit bag is a part of the
universe U as it contains some of the fruits.
A set may contain infinite elements. For instance, N is the set of natural
numbers {0, 1, 2, . . . }.
The intersection of two sets A and B is a set C that contains common
elements in A and B. We write C = A ∩ B. The union of two sets A and B is a
set C that contains all the elements of A and B. We write C = A ∪ B. When all
the elements of A are included in B, we say that A is a subset of B and write
A ⊆ B. The set difference between A and B, denoted by A \ B, is a set that
contains the elements of A that are not in B. If A is a part of a universe U than
the complement of A, denoted by − A, is the set of elements that are in U but
not in A.
Example 1.1 Let U = N. Let A and B be {3, 5, 2} and {1, 3, 5, 7}. We
have A ∩ B = {3, 5} and A ∪ B = {3, 5, 2, 1, 7}. We have ¬ (A ⊆ B) because
2 is in A but not in B. Furthermore A − B = {2}.
2
Natural deduction rules
We use a collection of natural deduction rules to introduce and eliminate set
equality, subset, set intersection, set union, set difference and set complement.
Table 1 includes the natural deduction rules for elementary set theory together
1
with Isabelle/HOL respective rules. Note that in Isabelle/HOL, “−” is used for
set complement as well as set difference.
Furthermore, all the natural deduction rules in propositional logic and predicate logic are valid.
3
Proofs
Prove in Isabelle/HOL the following sequent.
Example 3.1. A ⊆ B, ¬(c ∈ B) ` ¬(c ∈ A)
1.
A⊆B
premise
2.
¬(c ∈ B)
premise
3.
c∈A
assumption
4.
c∈B
⊆e 3, 1
5.
⊥
¬e 2, 4
6.
¬(c ∈ A)
¬i
Example 3.2 A ∪ B = B ∪ A
2
1.
a0
assumption
a0 ∈ A ∪ B
2.
a0 ∈ A
assumption
3.
a0 ∈ B ∪ A
∪i2 2
4.
a0 ∈ B
assumption
5.
a0 ∈ B ∪ A
∪i1 4
6.
a0 ∈ B ∪ A
7.
A∪B ⊆B∪A
8.
a0
∪e 2-3, 4-5
⊆i 1-6
assumption
a0 ∈ B ∪ A
9.
a0 ∈ A
assumption
10.
a0 ∈ A ∪ B
∪i1 2
11.
a0 ∈ B
assumption
12.
a0 ∈ A ∪ B
∪i2 4
∪e 2-3, 4-5
13.
a0 ∈ A ∪ B
14.
B∪A⊆A∪B
⊆i 1-6
15.
A∪B =B∪A
=s i 7, 14
Example 3.3 A = A − B ` A ∩ B = {}
1.
A=A−B
2.
a0
3.
a0 ∈ A
∩e1 2
4.
a0 ∈ B
∩e2 2
5.
a0 ∈ A − B
=e 1, 3
6.
⊥
\e2 5,4
7.
premise
assumption
a0 ∈ A ∩ B
A ∩ B = {}
{}i 2-6
We can regard elementary set theory as a predicate logic language where P = {∈, ⊆
3
, =, · · · } and F = {∩, ∪, \, −, · · · }. In line 5 of the above proof we apply elimination
rule for the equality predicate:
A=A−B
a0 ∈ A
a0 ∈ A − B
=e
,
where t1 = A, t2 = A − B, φ = a0 ∈ x.
In the following example, we use the rule “=i” for predicate logic.
Example 3.5 ` ∃x : nat ¬(x ∈ {})
1.
{} = {}
=i
2.
∀a. ¬(a ∈ {})
{}e 1
3.
¬(0 ∈ {}
∀e 2
4.
∃x : nat.¬(x ∈ {})
∃i 3
Example 3.6 −(A ∪ B) ⊆ (−A ∩ −B)
a0 ∈ −(A ∪ B)
1.
a0
2.
¬(a0 ∈ A ∪ B)
3.
a0 ∈ A
assumption
4.
a0 ∈ A ∪ B
∪i1 3
5.
⊥
¬e 2,4
6.
a0 ∈ −A
assumption
−e 1
−i 3 - 5
7.
a0 ∈ B
assumption
8.
a0 ∈ A ∪ B
∪i2 7
9.
⊥
¬e 2, 7
10.
a0 ∈ −B
−i 7 - 9
11.
a0 ∈ −A ∩ −B
∩i 6, 10
12.
4
−(A ∪ B) ⊆ (−A ∩ −B)
⊆i 1 - 11
Set definition
We have seen two notations of sets (a) Finite sets {2, 4, 6, 8} or {a, b, c}, (b) a pattern
{. . ., -2, -1, 0, 1, 2, . . .} for infinite sets. We also can define a set whose elements
satisfy a property. For instance, let E be the set of even natural numbers. Then E =
{x | ∀x (x ∈ N ∧ x is even)} or more precisely E = {x | ∀x (x ∈ N ∧ x mod 2 = 0)}.
Note that we use predicate logic to describe the properties of elements of E.
4
E is a set whose elements are natural numbers. Therefore, E is of type nat set.
Every e ∈ E is of type nat. E is a subset of N the set of all the natural numbers. We
call N the universe, U = N. We can thus write E = {x | ∀x : nat (x mod 2 = 0)}.
In Isabelle, we define the set E as follows.
definition E::“nat set”
where ”E = {x. x mod 2 = 0}”
Note that we omit ∀x :: nat because Isabelle can deduce that element x (i) is of
type nat and (ii) universally quantified.
The following is the set of pairs of integers (i, j) whose products is strictly positive.
definition Ipos::“(int × int) set”
where ”Ipos = {(i,j). i ∗ j > 0}”
The definition of a set S in Isabelle is a theorem named S def. You can use the
definition in your Isabelle proof:
. . . have . . . unfolding S def by . . .
or
apply/by (unfold S def)
We can also define set operations in the following way.
• A ∩ B = {x | ∀x (x ∈ A ∧ x ∈ B)}
• A ∪ B = {x | ∀x (x ∈ A ∨ x ∈ B)}
• A \ B = {x | ∀x (x ∈ A ∧ ¬(x ∈ B))}
• − A = {x | ∀x ¬(x ∈ A)}
4.1
Rules
The definition {x. P x} denotes the set of all elements that satisfy a formula P x.
There are two rules between set definition and set membership.
CollectI: ?P ?a =⇒ ?a ∈ {x. ?P x}
CollectD: a ∈ {x. ?P x} =⇒ ?P ?a
Examine the following proofs.
lemma
assumes “∀x::nat. (0 mod x = 0)”
shows “(0::nat) ∈ E”
proof from assms have mod 0:”0 mod (2::nat) = 0” by (rule spec)
thus ”(0::nat) ∈ E” unfolding E def by (rule CollectI)
qed
lemma
assumes “A ⊆ E” “2*x ∈ A”
5
shows “2*x mod 2 = 0”
proof from assms have “2*x ∈ E” by (rule subsetD)
hence setdef:“2*x ∈ {x::nat. x mod 2 = 0}” by (unfold E def)
thus “2*x mod 2 = 0” by (rule CollectD)
qed
5
5.1
Simplifications in Isabelle
Substitution
apply (subst theorem)
applies a substitution to the conclusion (theorem should be an equality).
apply (subst (asm) theorem)
applies a substitution to one of the premises (theorem should be an equality).
Consider the following equalities in Isabelle.
Un iff: (?c ∈ ?A ∪ ?B) = (?c ∈ ?A ∨ ?c ∈ ?B)
Int iff: (?c ∈ ?A ∩ ?B) = (?c ∈ ?A ∧ ?c ∈ ?B)
lemma “¬ (a ∈ A ∨ a ∈ B) =⇒ ¬ (a ∈ A ∪ B)”
apply (subst Un iff)
apply assumption
done
In the above proof, “apply (subst Un iff)” applies a substitution Un iff to the
conclusion “¬ (a ∈ A ∪ B)”. The expression “a ∈ A ∪ B” of the goal is replaced with
“a ∈ A ∨ a ∈ B”.
lemma “a ∈ A ∩ B =⇒ a ∈ A ∧ a ∈ B”
apply (subst (asm) Int iff)
apply assumption
done
In the above proof, “apply (subst (asm) Int iff)” applies a substitution Int iff to
the premise “a ∈ A ∩ B”. The expression “a ∈ A ∩ B” is replaced with “a ∈ A ∧ a
∈ B”.
By default the left side of the equality in theorem is matched with the conclusion
of the current goal (or one of the premise if (asm) is added) and then replaced by the
right side of the equality. To apply the symmetric equality, you can use:
apply (subset theorem[THEN sym])
apply (subst (asm) theorem[THEN sym])
5.2
simp
The simp method of Isabelle allows us to skip “trivial” proof steps. It invokes a
collection of Isabelle theorems and uses simplification heuristics.
Open the last exercises (231116) and check which lemma can be proved with simp.
6
Here are other possible applications of simp.
apply (simp add:theorem1 · · · theoremn )
apply (simp only:theorem1 · · · theoremn )
lemma “(0::nat) ∈ E”
by (simp add:E def)
5.3
Finding theorems
You can search for theorems of Isabelle using the query tab in jEdit. Use only schematic
variables for non-bound variables, and symbol “ ” for incomplete patterns. Search the
following theorems “0 mod ?a = ”, “?a ∈ {x. ?P x}”...
6
Quiz 301116
1. Define the set of pairs of natural numbers whose sum is even.
2. Prove in Isabelle: A ⊆ B ` ∀X (A ∩ X ⊆ B ∩ X)
7
Table 1: Natural deduction rules for elementary set theory
∩
∪
⊆
=
\
−
{}
Introduction
c∈A
c∈B
c∈A∩B
∪i1
∩i
∪i2
UnI2:?c ∈ ?B =⇒ ?c ∈ ?A ∪ ?B
c∈B
c∈A∪B
IntI: ?c ∈ ?A =⇒ ?c ∈ ?B =⇒ ?c ∈ ?A ∩ ?B
c∈A
c∈A∪B
UnI1: ?c ∈ ?A =⇒ ?c ∈ ?A ∪ ?B
a0 a.0 ∈ A
.
..
a0 ∈ B ⊆i
A⊆B
=s i
V
subsetI: ( x. x ∈ ?A =⇒ x ∈ ?B) =⇒ ?A ⊆ ?B
A⊆B
B⊆A
A =s B
\i
equalityI: ?A ⊆ ?B =⇒ ?B ⊆ ?A =⇒ ?A = ?B
c∈A
¬(c ∈ B)
c ∈ A\B
−i
DiffI:?c ∈ ?A =⇒ ?c ¬ ∈ ?B =⇒ ?c ∈ ?A − ?B
c ∈. A
.
..
⊥
c ∈ −A
ComplI:(?c ∈ ?A =⇒ False) =⇒ ?c ∈ ∈ ?A
c
c∈A
..
..
⊥
{}i
A = {}
V
equals0I:( y. y ∈ ?A =⇒ False) =⇒ ?A = {}
c∈A∩B
c∈A
Elimination
c∈A∩B
c∈B
∩e1
∩e2
c ∈. B
.
..
χ ∪e
IntD2: ?c ∈ ?A ∩ ?B −→ ?c ∈ ?B
c ∈. A
.
..
χ
χ
IntD1: ?c ∈ ?A ∩ ?B =⇒ ?c ∈ ?A
c∈A∪B
⊆e
UnE:?c ∈ ?A ∪ ?B =⇒ (?c ∈ ?A =⇒ ?P) =⇒ (?c ∈ ?B =⇒ ?P) =⇒ ?P
A⊆B c∈A
c∈B
=s e1
c ∈ A\B
⊥
=s e2
c∈B
\e2
equalityD2: ?A = ?B =⇒ ?B ⊆ ?A
A =s B
B⊆A
subsetD: ?A ⊆ ?B =⇒ ?c ∈ ?A =⇒ ?c ∈ ?B
A=B
A⊆B
\e1
equalityD1: ?A = ?B =⇒ ?A ⊆ ?B
c ∈ A\B
c∈A
DiffD2:?c ∈ ?A − ?B =⇒ ?c ∈ ?B =⇒ ?P
−e
{}e
equals0D:?A = {} =⇒ ?a 6∈ ?A
A = {}
∀a ¬(a ∈ A)
ComplD:?c ∈ − ?A =⇒ ?c ¬ 6 ?A
c ∈ −A
¬(c ∈ A)
DiffD1:?c ∈ ?A − ?B =⇒ ?c ∈ ?A
8