Programming Theory
Tutorial 1: Proof Theory
September 16, 2009
1
Proof Methods
Method 1: To prove
prove that
p
p
(or to “prove that
= T (i.e.
Example 1.1 Prove
is a tautology”),
= : : : = T ).
p
)
p
p
(p _ q ).
Proof:
p
)
=
(p _ q )
f Implication g
: _ _
f Excluded Middle g
_
f or-simplification g
2
p
=
T
=
p
q
q
T
Method 2: To prove that
p
Example 1.2 Prove
p
= q , prove that
)
F
p
= : : : = q (or
q
= : : : = p).
= :p.
Proof:
p
)
F
=
f Implication g
: _
f or-simplification g
: 2
p
=
F
p
Method 3: To prove
p1
^
Example 1.3 Prove
Assume
Assume
:::
p
^ n)
p
^ )
q
q
q
, assume
.
p
q
1
p1 ; : : : ; p
n and prove q .
Prove:
q
Proof:
q
f Assumption: “ ” g
2
Prove ( ^ ( ) ) ) ) ^ ^ )
^( ) ))
=
q
T
Example 1.4
Assume
Assume
Assume
Prove: r
p
p
p
p
q
q
r
p
q
r
.
r
p
q
Proof:
r
=
f Left identity of ) g
)
f and-simplification g
( ^ ) )
f Assumptions: “ ” and “ ” g
( ^ ) )
f Introduction of ) g
( ^ ( ) )) )
f Assumption: “( ^ ( ) )) )
2
T
=
T
=
p
=
T
r
p
p
=
r
q
p
q
r
q
r
p
p
q
r
”
g
T
1.1
2
Some Good Advice
Write lemmas! State your lemma, then prove it. Make sure to write it
separate from the main proof.
Clearly state your assumptions.
Do not perform any non-obvious steps and do not skip too many steps.
Think! Do not just randomly apply rules and see where they take you.
Always have a proof strategy strategy in mind, and always have a clear
goal that you work towards. It helps if you take the time to understand
the meaning of the expressions you are working with - to this end, it is
often helpful to first develop an informal proof, and then move on to a
formal proof which mimics the structure of your informal proof.
Transforming sentences (in english) to formulas and proving them
Example 2.1 Formulate and prove proof by contradiction,
2
“Assume
p
is false and derive a contradiction”
The sentence is transformed into the formula (p =
it using method 1:
F
)
)
F
)
p
. We prove
Proof:
(p = F ) ) F ) p
= f Definition of
:g
: ) )
f Example 1.2: )
:: )
f Negation g
)
f Implication g
: _
f Excluded Middle g
2
p
=
F
p
p
=
p
=
F
= :p
g
p
p
p
=
p
p
T
Example 2.2 Formulate and prove contrapositive/indirect proof,
“To prove
p
)
q
, prove that
: ):
q
p
”
The sentence is transformed into the formula (:p ) :q ) ) (q
prove the stronger version (:p ) :q ) = q ) p using method 2:
)
p
). We
Proof:
: ):
= f Implication g
:: _ :
= f Negation g
_:
= f Commutativity g
: _
= f Implication g
) 2
p
q
p
p
q
q
q
2.0.1
q
p
p
Formal Specification
Example 2.3
English Specification: “The array A of length N is indexed by 1..N. The
procedure searches this array for a value X. If it finds the element then Y
is set to be equal to the index of the array element that is equal to X. If
there is no element of the array equal to X then Y is set equal to 0.”
3
Formal Specification:
0
post-condition: @
pre-condition:
N >
0
^ 1 _
= 0 ^ 8 : (1 ) )
X
Y
3
= A[Y ]
Y
k
k
N
N
[ ] 6= X
1
A
A k
Predicate Logic & Arrays
Example 3.1 Prove
(m < n)
(m < n)
Lemma:
(m < n)
) ((P
) ((P
: m i < n : b[i]) = x)
=
i : m i < n
1 : b[i]) + b[n 1] = x)
0
)@ P
(
i
P
: m i < n : b[i]) = x
=
i : m i < n
1 : b[i]) + b[n 1] = x
(
i
1
A
Proof of lemma:
Assume
X
(
=
i
m < n
: m i < n : b[i]) = x
f and-simplification
g
X
^( : : [ ]) =
f Definition of0Σ g
P : : []
=
(
) ) @ P
(
: 1 : [ ]) + [
^
P : (
: [ ]) =
f Assumption:
0 “ P :” g 1
: []
A
=
)@ P
(
: 1 : [ ]) + [
1]
^
P : (
: [ ]) =
f0Left identity
1
P of: )g : [ ]
T
=
i
m
i < n
b i
x
i
m
i < n
1
A
b i
m < n
i
i
=
m
m
i < n
i < n
b i
b i
x
m < n
i
m
i < n
b i
T
i
m
i
=
@ P
(
i
i
m
m
:mi<n
P
(
i
i < n
i < n
i < n
b i
b i
b n
x
A
b i
=
^
1 : b[i]) + b[n
: m i < n : b[i]) = x
4
1]
b n
1]
=
f0Substitution
Pg
@ P
(
P : (
i
=
m
P
i
^
1 : b[i]) + b[n
”
m < n
)@ P
(
i
i
i
m
m
Main proof:
0
@
(m < n)
(m < n)
) ((P
1]
1] = x
1
A
i
^
1 : b[i]) + b[n
1 : b[i]) + b[n
i < n
[ ]) + b[n
i < n
) ((P
gP
:mi<n
(
1
A
: m i < n : b[i]
=
i : m i < n
1 : b[i]) + b[n
f Definition
X of Σ g
^( : fX
and-simplification g
(
: 1:
T
b i
1]
1] = x
1] = x
1] = x
2
: m i < n : b[i]) = x)
=
i : m i < n
1 : b[i]) + b[n 1] = x)
i
f Distributivity
=g
0 of ) over
P
(
: (
) ) @ P
(
: f Lemma g
2
i
m
m < n
i
=
1] = x
: m i < n : b[i]
=
i : m i < n
1 : b[i]) + b[n
:mi<n
P
=
1]
i
f Assumption:0“
(m < n)
=
1 : b[i]) + b[n
i < n
)@ P
(
(
=
^
f Left identity
0 of )P g
T
=
1
A
: m i < n : b[i]
=
i : m i < n
1 : b[i]) + b[n
i
m
i < n
i < n
1
A
1
A
: b[i]) = x
=
1 : b[i]) + b[n
1] = x
T
Example 3.2 The lemma from example 3.1 proved using conditional substitution:
Lemma:
(m < n)
0
)@ P
(
P
: m i < n : b[i]) = x
=
i : m i < n
1 : b[i]) + b[n 1] = x
(
i
5
1
A
Proof of lemma:
X
(
=
i
Assume
m < n
: m i < n : b[i]) = x
fX
Conditional Substitution: Assumption: “
(
: 1 : [ ]) + [
1] =
2
” and Definition of Σ
m < n
i
m
i < n
b i
b n
6
x
g