Lecture 2 First-Order Logic

Fermat’s Last Theorem. 8n:integer ... Most of the proof rules from PL carry ... If every branch of a semantic argument proof of I2 Fcloses, then Fis v...

0 downloads 221 Views 237KB Size
AAA615: Formal Methods Lecture 2 — First-Order Logic

Hakjoo Oh 2017 Fall

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

1 / 29

First-Order Logic An extension of propositional logic with predicates, functions, and quantifiers. First-order logic is also called predicate logic, first-order predicate calculus, and relational logic. First-order logic is expressive enough to make it suitable for reasoning about programs. However, it does not admit completely automated reasoning.

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

2 / 29

cf) First-Order Logic vs. Second-Order Logic In first-order logic, quantifications are allowed only for variables. In second-order logic, quantifers are allowed for sets, e.g., mathematical induction: ∀P.((0 ∈ P ∧ ∀i.(i ∈ P → i + 1 ∈ P )) → ∀n.(n ∈ P )) In third-order logic, quantifiers for sets of sets. In higher-order logic, quantifiers are allowed over arbitrarily nested sets.

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

3 / 29

Terms While formulas in PL evaluate to true or false, terms in FOL evaluate to values other than truth values such as integers, people, etc. Basic terms are variables (x, y, z, . . . ) and constants (a, b, c, . . . ). Composite terms include n-ary functions applied to n terms, i.e., f (t1 , . . . , tn ), where ti s are terms. A constant can be viewed as a 0-ary function. Examples: I I I

f (a), a unary function f applied to a constant g(x, b), a binary function g applied to a variable x and a constant b f (g(x, f (b)))

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

4 / 29

Predicates The propositional variables of PL are generalized to predicates in FOL, denoted p, q, r, . . . . An n-ary predicate takes n terms as arguments. A FOL propositional variable is a 0-ary predicate, denoted P , Q, R, .... Examples: I I

P , a propositional variable (or 0-ary predicate) p(f (x), g(x, f (x))), a binary predicate applied to two terms

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

5 / 29

Syntax Atom: basic elements I I

truth symbols ⊥ (“false”) and > (“true”) n-ary predicates applied to n terms

Literal: an atom α or its negation ¬α. Formula: a literal or the application of a logical connective (boolean connective) to formulas, or the application of a quantifier to a formula. F

→ | | | | | | |

Hakjoo Oh

⊥ | > | p(t1 , . . . , tn ) ¬F F1 ∧ F2 F1 ∨ F2 F1 → F2 F1 ↔ F2 ∃x.F [x] ∀x.F [x] AAA615 2017 Fall, Lecture 2

atom negation (”not”) conjunction (”and”) disjunction (”or”) implication (”implies”) iff (”if and only if”) existential quantification universal quantification September 24, 2017

6 / 29

Notations on Quantification In ∀x.F [x] and ∃x.F [x], x is the quantified variable and F [x] is the scope of the quantifier. We say x is bound in F [x]. ∀x.∀y.F [x, y] is often abbreviated by ∀x, y.F [x, y]. The scope of the quantified variable extends as far as possible: e.g., ∀x.p(f (x), x) → (∃y.p(f (g(x, y)), g(x, y))) ∧ q(x, f (x)) A variable is free in F [x] if it is not bound. free(F ) and bound(F ) denote the free and bound variables of F , respectively. A formula F is closed if F has no free variables. E.g., ∀x.p(f (x), y) → ∀y.p(f (x), y) If free(F ) = {x1 , . . . , xn }, then its universal closure is ∀x1 . . . ∀xn .F and its existential closure is ∃x1 . . . ∃xn .F . They are usually written ∀ ∗ .F and ∃ ∗ .F . Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

7 / 29

Example FOL Formulas Every dog has its day. ∀x.dog (x) → ∃y.day (y) ∧ itsDay (x, y) Some dogs have more days than others. ∃x, y.dog (x) ∧ dog (y) ∧ #days(x) > #days(y) The length of one side of a triangle is less than the sum of the lengths of the other two sides. ∀x, y, z.triangle(x, y, z) → length(x) < length(y)+length(z) Fermat’s Last Theorem. ∀n.integer (n) ∧ n > 2 → ∀x, y, z. integer (x) ∧ integer (y) ∧ integer (z) ∧ x > 0 ∧ y > 0 ∧ z > 0 → xn + y n 6= z n Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

8 / 29

Interpretation A FOL interpretation I : (DI , αI ) is a pair of a domain and an assignment. I

I

DI is a nonempty set of values such as integers, real numbers, dogs, people, etc. αI maps variables, constant, functions, and predicate symbols to elements, functions, and predicates over DI . F F

F

each variable x is assigned a value from DI each n-ary function symbol f is assigned an n-ary function fI : DIn → DI . each n-ary predicate symbol p is assigned an n-ary predicate pI : DIn → {true, false}.

Example: F : x + y > z → y > z − x I

Note +, −, > are just symbols: p(f (x, y), z) → p(y, g(z, x)). Domain: DI = Z = {. . . , −1, 0, 1, . . .}

I

Assignment:

I

αI = {+ 7→ +Z , − 7→ −Z , >7→>Z , x 7→ 13, y 7→ 42, z 7→ 1, . . .} Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

9 / 29

Semantics of First-Order Logic Given an interpretation I : (DI , αI ), I  F or I 2 F . I I I I I I I I I

        

>, I 2 ⊥, p(t1 , . . . , tn ) ¬F F1 ∧ F2 F1 ∨ F2 F1 → F2 F1 ↔ F2 ∀x.F ∃x.F

iff iff iff iff iff iff iff iff

αI [p(t1 , . . . , tn )] = true I2F I  F1 and I  F2 I  F1 or I  F2 I 2 F1 or I  F2 (I  F1 and I  F2 ) or (I 2 F1 and I 2 F2 ) for all v ∈ DI , I  {x 7→ v}  F there exists v ∈ DI , I  {x 7→ v}  F

where J : I  {x 7→ v} denotes an x-variant of I: DJ = DI αJ [y] = αI [y] for all constant, free variable, function, and predicate symbols y, except that αJ (x) = v. Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

10 / 29

Example F : ∃x.f (x) = g(x) Consider the interpretation I : (D : {v1 , v2 }, αI ): αI : {f (v1 ) 7→ v1 , f (v2 ) 7→ v2 , g(v1 ) 7→ v2 , g(v2 ) 7→ v1 } Compute the truth value of F under I as follows: 1. I  {x 7→ v} 2 f (x) = g(x) for v ∈ D 2. I 2 ∃x.f (x) = g(x) since v ∈ D is arbitrary

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

11 / 29

Satisfiability and Validity A formula F is satisfiable iff there exists an interpretation I such that I  F. A formula F is valid iff for all interpretations I, I  F . Satisfiability and validity only apply to closed FOL formulas. I

I

If we say that a formula F such that free(F ) 6= ∅ is valid, we mean that its universal closure ∀ ∗ .F is valid. If we say that F is satisfiable, we mean that its existential closure ∃ ∗ .F is satisfiable.

Duality still holds: ∀ ∗ .F is valid ⇐⇒ ∃ ∗ .¬F is unsatisfiable.

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

12 / 29

Extension of the Semantic Argument Method Most of the proof rules from PL carry over to FOL: I  ¬F I2F I F ∧G I  F, I  G

I 2F ∧G I2F |I2G

I F ∨G IF |IG

I 2F ∨G I 2 F, I 2 G

IF →G I2F |IG

I2F →G I  F, I 2 G

IF ↔G I  F ∧ G | I  ¬F ∧ ¬G

Hakjoo Oh

I 2 ¬F IF

I2F ↔G I  F ∧ ¬G | I  ¬F ∧ G

AAA615 2017 Fall, Lecture 2

September 24, 2017

13 / 29

Rules for Quantifiers Universal elimination I: I  ∀x.F I  {x 7→ v}  F

for any v ∈ DI

Existential elimination I:

I 2 ∃x.F I  {x 7→ v} 2 F

for any v ∈ DI

Existential elimination II:

I  ∃x.F I  {x 7→ v}  F

for a fresh v ∈ DI

Universal elimination II:

I 2 ∀x.F

Hakjoo Oh

I  {x 7→ v} 2 F

for a fresh v ∈ DI

AAA615 2017 Fall, Lecture 2

September 24, 2017

14 / 29

Contradiction Rule A contradiction exists if two variants of the original interpretation I disagree on the truth value of an n-ary predicate p for a given tuple of domain values: J : I  · · ·  p(s1 , . . . , sn ) K : I  · · · 2 p(t1 , . . . , tn ) I⊥

Hakjoo Oh

for i ∈ {1, . . . , n}, αJ [si ] = αK [ti ]

AAA615 2017 Fall, Lecture 2

September 24, 2017

15 / 29

Example 1 Prove that the formula is valid: F : (∀x.p(x)) → (∀y.p(y)) Suppose not; there is an interpretation I such that I 2 F . 1. 2. 3. 4. 5. 6.

I I I I I I

Hakjoo Oh

2F  ∀x.p(x) 2 ∀y.p(y)  {y 7→ v} 2 p(y)  {x 7→ v}  p(x) ⊥

assumption 1 and → 1 and → 3 and ∀, for some v ∈ DI 2 and ∀ 4 and 5

AAA615 2017 Fall, Lecture 2

September 24, 2017

16 / 29

Example 2 Prove that the formula is valid: F : (∀x.p(x)) ↔ (¬∃x.¬p(x)) We need to show both of forward and backward directions. F1 : (∀x.p(x)) → (¬∃x.¬p(x)), F2 : (∀x.p(x)) ← (¬∃x.¬p(x)) Suppose F1 is not valid; there is an interpretation I such that I 2 F1 . 1. 2. 3. 4. 5. 6.

I I I I I I

 ∀x.p(x) assumption 2 ¬∃x.¬p(x) assumption  ∃x.¬p(x) 2 and ¬  {x 7→ v}  ¬p(x) 3 and ∃, for some v ∈ DI  {x 7→ v}  p(x) 1 and ∀ ⊥ 4 and 5

Exercise) Prove that F2 is valid. Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

17 / 29

Example 3 Prove that the formula is invalid: F : (∀x.p(x, x)) → (∃x.∀y.p(x, y)) It suffices to find an interpretation I such that I  ¬F . Choose DI = {0, 1} and pI = {(0, 0), (1, 1)}. The interpretation falsifies F .

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

18 / 29

Soundness and Completeness of FOL A proof system is sound if every provable formula is valid. It is complete if every valid formula is provable.

Theorem (Sound) If every branch of a semantic argument proof of I 2 F closes, then F is valid.

Theorem (Complete) Each valid formula F has a semantic argument proof.

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

19 / 29

Substitution A substitution is a map from FOL formulas to FOL formulas: σ : {F1 7→ G1 , . . . , Fn 7→ Gn } To compute F σ, replace each occurrence of Fi in F by Gi simultaneously. For example, consider formula F : (∀x.p(x, y)) → q(f (y), x) and substitution σ : {x 7→ g(x), y 7→ f (x), q(f (y), x) 7→ ∃x.h(x, y)} Then, F σ : (∀x.p(g(x), f (x))) → ∃x.h(x, y) Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

20 / 29

Safe Substitution A restricted application of substitution, which has a useful semantic property. Idea: Before applying substitution, replace bound variables to fresh variables. For example, consider formula F : (∀x.p(x, y)) → q(f (y), x) and substitution σ : {x 7→ g(x), y 7→ f (x), q(f (y), x) 7→ ∃x.h(x, y)} Then, safe substitution proceeds 1 2

Renaming: (∀x0 .p(x0 , y)) → q(f (y), x) Substitution: (∀x0 .p(x0 , f (x))) → ∃x.h(x, y)

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

21 / 29

Safe Substitution A FOL version of Substitution of Equivalent Formulas:

Theorem Consider substitution σ : {F1 7→ G1 , . . . , Gn 7→ Gn } such that for each i, Fi ⇐⇒ Gi . Then F ⇐⇒ F σ when F σ is computed as a safe substitution. A FOL version of Valid Templates:

Theorem If H is a valid formula schema and σ is a substitution obeying H’s side conditions, then Hσ is also valid.

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

22 / 29

Examples on Valid Templates Consider valid formula schema: H : (∀x.F ) ↔ (¬∃x.¬F ) The formula G : (∀x.∃y.q(x, y) ↔ (¬∃x.¬∃y.q(x, y)) is valid because G = Hσ for σ : {F 7→ ∃y.q(x, y)}. Consider valid formula schema: H : (∀x.F ) ↔ F

provided x 6∈ free(F )

The formula G : (∀x.∃y.p(z, y)) ↔ ∃y.p(z, y) is valid because G = Hσ for σ : {F 7→ ∃y.p(z, y)}. Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

23 / 29

Negation Normal Form A FOL formula F can be transformed into NNF by using the following equivalences: ¬¬F1 ¬> ¬⊥ ¬(F1 ∧ F2 ) ¬(F1 ∨ F2 ) F1 → F2 F1 ↔ F2 ¬∀x.F [x] ¬∃x.F [x]

Hakjoo Oh

⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒ ⇐⇒

F1 ⊥ > ¬F1 ∨ ¬F2 ¬F1 ∧ ¬F2 ¬F1 ∨ F2 (F1 → F2 ) ∧ (F2 → F1 ) ∃x.¬F [x] ∀x.¬F [x]

AAA615 2017 Fall, Lecture 2

September 24, 2017

24 / 29

Example Convert the formula into NNF: G : ∀x.(∃y.p(x, y) ∧ p(x, z)) → ∃w.p(x, w)

1

Use the equivalence F1 → F2 ⇐⇒ ¬F1 ∨ F2 : ∀x.¬(∃y.p(x, y) ∧ p(x, z)) ∨ ∃w.p(x, w)

2

Use the equivalence ¬∃x.F [x] ⇐⇒ ∀x.¬F [x]: ∀x.(∀y.¬(p(x, y) ∧ p(x, z))) ∨ ∃w.p(x, w)

3

Use De Morgan’s Law: ∀x.(∀y.¬p(x, y) ∨ ¬p(x, z)) ∨ ∃w.p(x, w)

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

25 / 29

Prenex Normal Form (PNF) A formula is in prenex normal form (PNF) if all of its quantifiers appear at the beginning of the formula: Q1 x1 . . . . Qn xn .F [x1 , . . . , xn ] where Qi ∈ {∀, ∃} and F is quantifier-free. Every FOL F has an equivalent PNF. To convert F into PNF, 1 2 3 4

Convert F into NNF: F1 Rename quantified variables to unique names: F2 Remove all quantifiers from F2 : F3 Add the quantifiers before F3 : F4 : Q1 x1 . . . . Qn xn .F3 where Qi are the quantifiers such that if Qj is in the scope of Qi in F1 , then i < j.

A FOL formula is in CNF (DNF) if it is in PNF and its main quantifier-free subformula is in CNF (DNF). Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

26 / 29

Example F : ∀x.¬(∃y.p(x, y) ∧ p(x, z)) ∨ ∃y.p(x, y) 1

Conversion to NNF: F1 : ∀x.(∀y.¬p(x, y) ∨ ¬p(x, z)) ∨ ∃y.p(x, y)

2

Rename quantified variables: F2 : ∀x.(∀y.¬p(x, y) ∨ ¬p(x, z)) ∨ ∃w.p(x, w)

3

Remove all quantifiers: F3 : ¬p(x, y) ∨ ¬p(x, z) ∨ p(x, w)

4

Add the quantifiers before F3 : F4 : ∀x.∀y.∃w.¬p(x, y) ∨ ¬p(x, z) ∨ p(x, w) Note that ∀x.∃w.∀y.F3 is okay, but ∀y.∃w.∀x.F3 is not. Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

27 / 29

Additional Meta-Theorems Theorem (Compactness Theorem) A countable (possibly infinite) set of first-order formulas S is simultaneously satisfiable iff the conjunction of every finite subset is satisfiable.

Theorem (Craig Interpolation Lemma) If F → G is valid, then there exists a formula I (called interpolant) such that F → I and I → G are valid and whose predicates and free variables occur in both F and G. F : f (a) = b ∧ p(f (a)) G : (b = c) → p(c) I : p(b)

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

28 / 29

Summary Syntax and semantics of first-order logic Satisfiability and validity Substitution, Normal forms Meta-theorems: soundness, completeness, Craig interpolation

Hakjoo Oh

AAA615 2017 Fall, Lecture 2

September 24, 2017

29 / 29