1
'
$
+
Problem-Oriented Applications of
Automated Theorem Proving
Wolfgang Bibel
D. Korn, C. Kreitz, S. Schmitt
Technical University Darmstadt
WB also affiliated with
University of British Columbia
+
&
%
+
2
'
$
+
The complementary roles of ATP
and SC systems
Use of Mathematica, Macsyma, Reduce, and Maple comparable
with formula collections
ATP solutions from first principles
Combination
- apply solutions in Mathematica within ATP
- guide Mathematica application with ATP
Similarly ATP in combination with software libraries
; cf. the Amphion system
+
&
%
+
3
'
$
+
Expertise in ATP
SETHEO
winner of CADE-96 competition
KoMeT
top-down prover like SETHEO
based on connection method
wider range of specific methods (eg equality)
prototypical PROLOG implementation
Interests for applications
applicability for non-classical logics
natural proof presentation
+
&
%
+
4
'
Extraction of
NuPRL
Mathematica
proof tasks
from application
$
+
Program–
synthesis
ISABELLE
SC for ATP
Identifying
Using
(preprocessing)
FOL specifications
modal logics
Classical
Intuitionis-
Modal
formula
tic formula
formula
Selection of
proof proce-
Combined ATP-system
dures,
strategies, and
presentation
Integration of
NK
LJ
NM
proof
proof
proof
ATP for
Integrating
Using
verifying SC
program terms
modal proofs
solutions
in application
+
&
NuPRL
Mathematica
Program–
synthesis
ISABELLE
%
+
5
'
Input
$
+
Classical formula
Intuitionistic
Logic morphism
(Korn)
formula
Modal formula
NFT
Transformation
(Rath,Egly)
NNF formula
NF formula
KoMeT
(Rath)
Proof
NNF Davis-
Uniform extension
Putnam
procedure
(Otten)
Inverse logic morphism (Korn)
process
NF proof
NNF proof
Proof pre-
Uniform transformation
sentation
KonSequenz (Korn)
and
procedure
(Schmitt)
(Genther)
output
+
&
NK
LK
NJ
LJ
LM
NM
proof
proof
proof
proof
proof
proof
%
+
6
'
$
+
The Halting Problem
(L. Dafa 1994)
D1
=
∃X(a(X) ∧ ∀Y (c(Y ) → ∀Zd(X, Y, Z)))) → ∃W (c(W ) ∧ ∀Y (c(Y ) → ∀Zd(W, Y, Z)))
D2
=
∀W ((c(W ) ∧ ∀U (c(U ) → ∀V d(W, U, V ))) → ∀Y, Z((c(Y ) ∧ h 2 (Y, Z) →
(h3 (W, Y, Z) ∧ o(W, g)) ∧ (c(Y ) ∧ ¬h2 (Y, Z) → (h3 (W, Y, Z) ∧ o(W, b))))))
D3
=
∀W ((c(W ) ∧ ∀Y, Z((c(Y ) ∧ h2 (Y, Z) → (h3 (W, Y, Z) ∧ o(W, g)) ∧
(c(Y ) ∧ ¬h2 (Y, Z) → (h3 (W, Y, Z) ∧ o(W, b)))) →
∃V (c(V ) ∧ ∀Y (((c(Y ) ∧ h3 (W, Y, Y ) ∧ o(W, g)) → ¬h2 (V, Y )) ∧
((c(Y ) ∧ h3 (W, Y, Y ) ∧ o(W, b)) → (h2 (V, Y ) ∧ o(V, b)))))))
D4
=
¬(∃X(a(X) ∧ ∀Y (c(Y ) → ∀Zd(X, Y, Z))))
The problem is to prove formula D1 ∧ D2 ∧ D3 → D4 .
predicate
+
&
meaning
a(X)
X is an algorithm
c(X)
X is a computer program in some programming language
d(X, Y, Z)
X is able to decide whether Y halts, given input Z
h2 (X, Y )
X halts on a given input Y
h3 (X, Y, Z)
X halts on a given input hY, Zi
o(X, Y )
X outputs Y
%
+
7
'
Experiences with the Halting Problem
$
+
Observations
• No proof obtained with ATP-systems using the standard translation
to normal form
• Provable with an optimized definitional translation to normal form
(integrated in KoMeT)
• Proof simulates sequent- or tableaux-style proofs with non-atomic
initial sequents
Future Activities
• Improved proof presentation techniques if definitional translation is
used
+
&
%
+
8
'
$
+
Classical proof presentation
ILF Output of a KoMeTproof (steamroller)
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
Axiom
1 (11) grain(c6).
2 (4) f ox(c2).
3 (3) f ox(A) → animal(A).
4 (6) bird(c3).
5 (5) bird(A) → animal(A).
6 (12) grain(A) → plant(A).
7 (10) snail(c5).
8 (9) snail(A) → animal(A).
9 (14) snail(A) ∧ bird(B) → smaller(A, B).
10 (24) snail(A) → plant(f 1(A)).
11 (25) snail(A) → eats(A, f 1(A)).
12 (21) snail(A) ∧ eats(B, A) → ¬ bird(B).
13 (13) animal(A) ∧ plant(B) ∧ animal(C) ∧ smaller(C, A) ∧ plant(D) ∧ eats(C, D)
→ eats(A, B) ∨ eats(A, C).
14 (2) wolf (c1).
15 (1) wolf (A) → animal(A).
16 (19) wolf (A) ∧ eats(A, B) → ¬ grain(B).
17 (17) f ox(A) ∧ wolf (B) → smaller(A, B).
18 (18) wolf (A) ∧ eats(A, B) → ¬ f ox(B).
19 (16) bird(A) ∧ f ox(B) → smaller(A, B).
&
Theorem 1 ∃ A, B, C (animal(B) ∧ animal(C) ∧ grain(A) ∧ eats(C, A) ∧ eats(B, C)).
+
%
+
9
'
$
+
Proof. We show that
∃ A, B, C (animal(B) ∧ animal(C) ∧ grain(A) ∧ eats(C, A) ∧ eats(B, C))
(1)
since A = c6, B = c2, C = c3 solves the problem.
We show directly that
eats(c2, c3) ∧ eats(c3, c6) ∧ animal(c3) ∧ animal(c2) ∧ grain(c6).
(2)
animal(c1).
(3)
Because of 1 and by 2
Because of 3 and by 4
.
.
.
Because of 9 and by 10 animal(c5).
Because of 12 and by 11
Therefore by 13, (9), (8), (7),
and by (6) and since animal(c3)
animal(c2).
.
.
.
(4)
.
.
.
plant(c6).
(10)
eats(c3, c6).
(11)
Because of 16, 6, and by 4
smaller(c3, c2).
(12)
Because of 18, 4, and by 2
¬ eats(c1, c2).
(13)
Because of 17, 4, and by 2
Because of 19, 11, and by 2
smaller(c2, c1).
¬ eats(c1, c6).
Therefore by 13, (10), and by (13)
and since animal(c1) and animal(c2)
¬ eats(c2, c6).
Hence by 13, (12), and by (11) and since
animal(c2), animal(c3), and plant(c6)
(14)
eats(c2, c3).
By (14) and by 11 and since animal(c2) , animal(c3) ,
and eats(c3, c6) we have completed the proof of (2).
&
Hence we have completed the proof of (1).
+
q.e.d.
%
+
'
10
$
+
Intuitionistic logic
The logic for the proofs-as-programs paradigm
Principle:
A ≡
A⇒B ≡
¬A ≡
“we possess a construction for A”
“we possess a construction, such that given one for A we can construct B”
“there cannot be a construction for A”
Idea: to “possess” a construction means not to have to consider any
future knowledge stage
6
+
&
L
A
T
E
R
Knowing now that B is contained in any
extension of current knowledge containing A
A, B
6
B
}
NOW
6
-
>
A⇒B
A, B
%
+
'
11
$
+
An example proof
Classical: TA ≡ A is true
FA ≡ A is false
FA, TA , FB
FA, FA ⇒ B
F⇒
TA, FA
T(A ⇒ B) ⇒ A, FA
F((A ⇒ B) ⇒ A) ⇒ A
T⇒
F⇒
Intuitionistic: TA ≡ A is known now
FA ≡ A is unknown now
T(A ⇒ B) ⇒ A, TA, FB
T(A ⇒ B) ⇒ A, FA, FA ⇒ B
F⇒
T(A ⇒ B) ⇒ A, FA
+
&
F((A ⇒ B) ⇒ A) ⇒ A
TA, FA
T⇒
F⇒
%
+
'
12
$
+
Decidability-preserving translation
Intuitionistic interpretation: Ij = hW, R, ιj i
W 6= ∅
R ⊆ W × W reflexive & transitive
ιj : W −→ sets of propositional variables
Intuitionistic forcing: w
1.
2.
3.
4.
F
F
F
F
F
iff
atomic and ∀v . wRv → F ∈ ιj (v)
= F1 ∧ F2 (F1 ∨ F 2) and w F1 & (or) w F2
= F1 ⇒ F2 and ∀v . wRv & v F1 → v F2
= ¬F1 and ∀v . wRv → v 6 F1
Relational translation: encode forcing conditions in PL1
Ψ(w0 , a ⇒ b) = R-axioms ⇒ ∀w1 . w0 Rw1 ⇒ (a(w1 ) ⇒ b(w1 ))
Decidability preserving translation:
V
replace ∀v . wRv with
v∈A(w) for finite A(w)
+
&
%
+
'
$
13
+
Infinite countermodels
Example: ((a ⇒ b) ⇒ c) ∧ ((d ⇒ c) ⇒ b) ⇒ c
F1111 : a F1112 : b F1211 : d F1212 : c
Y
Formula tree
*
Y
F111 :⇒ F112 : c F121 :⇒ F122 : b
Y
*
Y
F11 :⇒
Y
F11 , F12 , a, d, 6 b, d 6⇒ c
w
4
66c, a 6⇒ b
w111 (· · ·)1
Y
F
, F12 , a, d,
11
w3
1
w121 (w111 (w(w0 )))
Y
F11 , F12 , a, 6 b6
, d 6⇒ c
w
2
w111 (w(w0 ))1
Y
F
, F12 , 6 c6
, a 6⇒ b
11
w
1
)
w(w0 1
Y
F11 ∧ F1266⇒ c
w
w01 0
&
Note: w111 ∈ w121 (w111 (w(w0 ))) → (w3
+
*
F12 :⇒
i
···
*
1
F1 : ∧
Y
F2 : c
*
F :⇒
Infinite
countermodel
F111 = a ⇒ b) ↔ (w3
F1112 = b)
%
+
'
$
14
+
Finite countermodels
F11 , F12 , a, d, 6c, 6b
Y
F11 , F12 , a,6
6b, d 6⇒ c
w
2
w111 (w(w0 ))1
Y
F
, F12 , 6 c6
, a 6⇒ b
11
w
1
)
w(w0 1
Y
F11 ∧ F1266⇒ c
w
w01 0
w3
w121 (w111 (w(w0 )))1
Finite
countermodel
Construction of AF (w0 ):
W(F ) = {wp |op(Fp ) = “⇒”, pol(Fp ) = 0, . . .}
AF (w0 ) = {wp1 (· · · (wpn (w0 )))} with n ∈ IN0 , wi ∈ W(F ),
i 6= j → wpi 6= wpj and . . .
Specification morphism: ΨS (F ) = ΨF (w0 , F )
Formula morphism: ΨF (t, Fp )
Encodes within PL1 that “t Fp ”, if pol(Fp ) = 1 and “t 6
V
using t0 ∈A(t) instead of ∀t0 . tRt0
+
&
Fp ”, if pol(Fp ) = 0
%
+
'
$
15
+
Non-normal form theorem proving
Efficient normal form theorem provers for classical logic
- Otter (Resolution) / Setheo, KoMeT (connection method)
Efficient proof procedures for non-classical logics
- Extended matrix characterizations (Wallen 1990)
; Convert “machine proofs” into comprehensible form
⇓
Uniform conversion procedure for non-classical logics
- Non-normal form matrix proofs 7−→ sequent systems/calculi
+
&
%
+
'
$
16
+
Non-classical matrix proofs M
(I)
D-formula: F ≡ 2∃x. 2C(x) ∧ 3B ⇒ 3(B ∧ 3∃x. C(x))
a0 :⇒0
a1 : ∧ 1
+
&
a8 : 3 0
a2 : 2 1
a6 : 3 1
x9 : ∧ 0
x3 : ∃ 1
a7 : B 1 a10 : B 0 a11 : 30
a4 : 2 1
x12 : ∃0
x5 : C(a4 )1
x13 : C(x13 )0
%
+
'
$
17
+
Non-classical matrix proofs M
h
a0 x3 x5 : C(a4 )1 a0 a7 : B 1
i h
(II)
a0 x9 : B 0 a0 x9 x12 : C(x13 )0
i Substitutions
Induced relations
Irreflexive ordering
σM (x9 )=a7
<M ={(a7 , x3 ), (a7 , x9 )}
≡ ∪ < Q ∪ <M
σM (x3 )=a7
<Q ={(a4 , x13 )}
σM (x12 )=x5
σQ (x13 )=a4
+
&
%
+
'
$
18
+
Prefixed sequent systems LP
(I)
Prefixes encode Kripke-semantics of selected logic L
Prefix construction: respect accessibility relation pR0 q wrt. L
- Construction principles: new (π, ν-rules) and used (ν-rules)
- Reflects conditions on prefix unification in matrix-proof M
⇓
Conversion M 7−→ LP ≡ traverse reduction ordering - Use substitutions hσQ , σM i from matrix proof M
- Position ⇒ main-operator & polarity ⇒ unique LP -rule
+
&
%
+
'
$
19
+
Prefixed sequent systems LP
(II)
D-formula: F ≡ 2∃x. 2C(x) ∧ 3B ⇒ 3(B ∧ 3∃x. C(x))
a0 a7 x5 : C(a4 ), a0 a7 : B ` a0 a7 x5 : C(a4 )
a0 a7 x5 : C(a4 ), a0 a7 : B `
a0 a7 x5 : C(a4 ), a0 a7 : B ` a0 a7 : B
a0 a7 x5 : C(a4 ), a0 a7 : B `
∃–r
a0 a7 x5 : ∃x.C(x)
3–r
a0 a7 : 3∃x.C(x)
a0 a7 x5 : C(a4 ), a0 a7 : B ` a0 a7 : B ∧ 3∃x.C(x)
∧–r
3–r
a0 a7 x5 : C(a4 ), a0 a7 : B ` a0 : 3(B ∧ 3∃x.C(x))
∃–l , 2–l
a0 a7 : ∃x.2C(x), a0 a7 : B ` a0 : 3(B ∧ 3∃x.C(x))
2–l
a0 : 2∃x.2C(x), a0 a7 : B ` a0 : 3(B ∧ 3∃x.C(x))
3–l
a0 : 2∃x.2C(x), a0 : 3B ` a0 : 3(B ∧ 3∃x.C(x))
` a0 : 2∃x.2C(x) ∧ 3B ⇒ 3(B ∧ 3∃x.C(x))
+
&
⇒–l , ∧–l
%
+
'
20
$
+
Uniform Conversion M 7−→ LP
Divide logical calculi into invariant and variant parts wrt. logic L
invariant
variant
Characterization M connection method prefix unification σ M , R0
Sequent systems LP
sequent rules
prefix construction π, ν, R0
Represent variant parts in tables; define mappings between
invariant/variant parts of logical calculi
Invariant mapping: traverse reduction ordering Variant mapping: use hσQ , σM i wrt. L realized by table access
+
&
%
+
'
21
$
+
A future program development system
Components
- a combined proof system as described here
- a base with hundreds/thousands verified theorems
- including: theorems about the correctness of
program schemata
- a guiding system guaranteeing correctness for
program development
+
&
%
+
'
22
$
+
Conclusion
Already available
- KoMeT
- intuitionistic theorem prover
- intuitionistic decision procedure using logic morphism
and NNF Davis-Putnam
Future work
- uniform prover & conversion procedure for non-classical logics
- logic morphisms for first-order intuitionistic logic
- prover & conversion procedures for
induction/rewriting techniques
- extensions to (a subsystem of) linear logic
+
&
%
+
© Copyright 2026 Paperzz