IntroductiontoIsabelle/HOL [| A 1 ; A 2 ; canbereadasif A 1 and A - - PDF document

introduction to isabelle hol
SMART_READER_LITE
LIVE PREVIEW

IntroductiontoIsabelle/HOL [| A 1 ; A 2 ; canbereadasif A 1 and A - - PDF document

Aug 16, 2022 366 likes •435 views

1 3 NotesonIsabelle/HOLNotation NotesonIsabelle/HOLNotation InIsabelle/HOL: ; A n |] G IntroductiontoIsabelle/HOL [| A 1 ; A 2 ;

slide-1
SLIDE 1

1

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9 AutomatedReasoning

1

IntroductiontoIsabelle/HOL

JacquesFleuriot

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9 AutomatedReasoning

2

Isabelle Isabelle

Isabelle

Isabelle/HOL

sets… Other logic…

e.g.Propositional, FOLetc.

Hasdecisionprocedures e.g.lineararithmetic Simplifierdoes rewriting Hasitsown connectivesand Quantifiers: e.g

✂✁☎✄✝✆ ✞✠✟☛✡ ☞☎✌✝✍ ✎✏✟✠✑✝✆ ☞☎✒ ✟☛✄✠✒ ✆ ✌☛✍
✓✕✔✝✍ ✆ ✖✗✌☎✒ ✆ ✘✝✄ ✙ ✖✠✘✝✄ ✚ ✁☎✄☎✖✗✒ ✆ ✘☛✄✜✛

Hasreasoningmethods

(basedonnaturaldeductionfor example)

Hierarchyoftheoriese.g. sets,natural numbers,realnumbers,securityprotocols… Prooftools: blast, auto, etc… Meta-logichas Universalquantifier Implication

Conjunction“;”

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

  • InIsabelle/HOL:

[| A1 ; A2 ; … ; An |]

  • G

canbereadas“ifA1 andA2 and...andAn thenG” Note:- P x (P x)standsforP (x) (P(x))

  • P(x,

y) canbeexpressedasP x y or(P x) y

  • recallthatinhigherorderlogic:functions,setsand

predicatescanbeidentifiedwitheachother.

  • ∀x.

P, ∃x. P arequantifiedsentences(whereP mayormaynotcontainx)

  • Ifandonlyifisexpressedusing“=“ e.g.(P ∧ Q)

= ¬ (¬P ∨ ¬Q) 3

NotesonIsabelle/HOLNotation NotesonIsabelle/HOLNotation

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

  • Forward andbackward proofs
  • NaturalDeduction
  • IntroductionRules
  • EliminationRules
  • Isabelletactics/methods

e.g.“rule”,“drule”,“auto”,…

  • Wewilllookatprocedural proofsi.e.proofswillhavesequencesof

apply (method theorem_name) 4

ReasoninginIsabelle ReasoninginIsabelle

slide-2
SLIDE 2

2

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

  • Sofar,wehaveseen(automatic)refutationproofsmainly
  • Isabelleusesmostlynatural

deduction

  • Naturaldeductionaimstocapturehumanreasoningpatternswhen

doingformallogic

  • Eachlogicalconnectivehastwokindsofrules:
  • IntroductionRules:allowconnectivetobeinferred
  • EliminationRules:allowconsequencesfromconnectivetobededuced
  • Ingeneral,ruleswillinvolveotherlogicalsymbolse.g.userdefinedones

5

TheRulesoftheGame TheRulesoftheGame

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

Forwardproof:“IfwehavePandwehaveQthenwehaveP∧ Q” 6

NaturalDeduction NaturalDeduction

Example:ConjunctionIntroduction enablesustointroducethe

✤ connective

Backwardproof:“ToproveP

✥ Q,provethatPistrueandprovethatQistrue”

P Q P

Q

conjI

introduced in conclusion premises conclusion Isabelle name for rule

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

7

NaturalDeduction(Cont.) NaturalDeduction(Cont.)

ConjunctionIntroductionrule: premises conjunction conclusion

[| ?P ; ?Q |]

  • ?P

?Q (conjI)

“fat brackets” group premises ?P, ?Q:schematic variables canbe substitutedfor Isabellesyntax:

Inproceduralstyle:mainly reasonbackwards

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

8

ASimpleProof ASimpleProof

GiventhatP istrueandthatQ istrueproveP

✦✩★ Q ✦ P ✪

branch is closed

Assumptions:P

  • Q

Q P (Q

✦ P)

P

assumption

conjI

assumption assumption

P

✦ (Q ✦ P)

conjI

slide-3
SLIDE 3

3

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

9

ASimple ASimpleBackward Backward ProofinIsabelle ProofinIsabelle

GiventhatP istrueandthatQ istrueproveP

✦✩★ Q ✦ P ✪

Isabelle commands Themethod/tacticcalledrule appliesitsargument(atheorem) backwards Isabelle keyword

lemma a_conj_theorem:“[|P ;Q |]

  • P
✦ (Q ✦ P)”

apply (ruleconjI) apply assumption apply (ruleconjI) apply assumption apply assumption qed

name given to resulting theorem AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

10

OtherIntroductionRules(I) OtherIntroductionRules(I)

Forward:“IfonthetheassumptionthatPistrue,Qcanbeshownto hold,thenwecanconcludeP→ Q “ Backward:“ ToproveP → Q ,assumePistrueandprovethatQ follows” Isabelle:(?P

✫ Q ✪ ✫ P → ✫ Q ★ impI ✪

Morerulestocome… P Q P → Q impI Q P → Q impI [P]

  • Common

notation:

  • ras

Note:[P]:assumption localtosub-proof

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

11

OtherIntroductionRules(II) OtherIntroductionRules(II)

Q P ∨ Q disjI2 P P ∨ Q disjI1 false ¬P notI [P]

  • Intuition:¬ P

= (P → false)

P = Q iffI Q [P]

  • P

[Q]

  • Isabelle:“[|?P
  • ?Q;

?Q

  • ?P |]
  • P = Q”

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

12

Substitution Substitution

s = t P[s / x] P[t / x] ssubst s = t s = s t = s s = t (x = s )[s / x] t = s InIsabelleliterature: P[t / x] isresultofreplacingx byt inP Note:thisissameasP ⋅ {t / x} thatwesawbefore

  • nlypositions designatedby

variable substitutedbythisrule

Example:provesymmetryofequalitypredicatei.e. s

= t

  • t

= s:

SubstitutionruleinIsabelle: [| ?t

= ?s ; ?P ?s |] ?P ?t (ssubst)

Justification:

slide-4
SLIDE 4

4

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

13

  • Quantifiers∀,∃: needsubstitutionandnotionofarbitraryvariable

UniversalQuantifier:

provided providedx x0

0 doesnot

doesnot occurin

  • ccurinP

x P x

  • ranypremise
  • ranypremise
  • n
  • nP

x P x0

0 whichmaydepend

whichmaydepend

x0 isarbitraryi.e.wemakenoassumptionsaboutit

InIsabelle:

useunderlyingformalismofIsabelle,themeta-logic,toexpress theprovisologically

don’t confusethiswithconjunction Isabelle’smeta-logical universalquantifier enables notionofarbitraryvalue

OtherIntroductionRules(III) OtherIntroductionRules(III)

allI P x0

✬ x.P

x ( x.?P x) ∀x.?P x

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

14 ExistentialQuantifier:

“Ifwecanexhibitsomea suchthat P(a)istruethen∃x.P(x)isalsotrue”

InIsabelle: ?P ?a

∃ ∃ ∃x.?P x

P a

✮ x.P x

OtherIntroductionRules(IV) OtherIntroductionRules(IV)

even 2

✮ x.even x

Example:

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

15

EliminationRules EliminationRules

  • Workinopposite directionfromintroductionrules
  • Conjunction rules:

P

Q Q

conjunct2

InIsabelle: ?P

?Q ?P ?P

?Q ?Q

Disjunction rule:

[|?P ∨ ?Q ; ?P ?R ;

  • ?Q

?R |] ?R (disjE) [P], [Q] local

to their subproofs have to prove “R” twice under different assumptions

R R R [P]

  • [Q]
  • P ∨ Q

disjE P

Q P

conjunct1 AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

16

EliminationRules(II) EliminationRules(II)

Usinganeliminationrulebackwards producesacase-split Example: Assume“A ∨ B” prove“B ∨ A” Note:canuse“erule” method,designedtoworkwitheliminationrules

“erule” enables this subgoal to be proved immediately from premise

  • f

goal

A B

disjI2

B

✱ A

A

✱ B

disjE disjI2 assum assum

[A] [B] B

✱ A

B

✱ A
slide-5
SLIDE 5

5

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

17

EliminationRules EliminationRules( (I III) II)

Assume“A ∨ B” prove“B ∨ A” Example: ApossibleIsabelleproof: lemma disj_swap:“A ∨ B B ∨ A” apply (eruledisjE) apply (ruledisjI2) apply assumption apply (ruledisjI1) apply assumption qed

couldhaveused “apply (ruledisjE)”. Thisneedextrastepthough.

TryitinIsabelle!

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

18

I Isabelle sabelle/HOL: /HOL:ASpecialEliminationRule ASpecialEliminationRule

  • Isabelleeliminationrulesfor∧ are:

P

✯ Q

Q

rulessimplyreturn 1st/2nd halfofconjunct

  • these arecalleddestruction rulesinIsabelle
  • theybreakanddestroyapremise(weloseinfowhenweapplythem)

conjunct1: conjunct2: P

✯ Q

P

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

19

  • Isabelleprovidesanalternativeconjunctioneliminationrule

R R [P]

  • [Q]

P ∧ Q conjE InIsabelle:[| ?P ∧ ?Q ; [| ?P ; ?Q |] ?R |] ?R (conjE)

I Isabelle sabelle/HOL /HOL ASpecialEliminationRuleforConjunction ASpecialEliminationRuleforConjunction

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

20

EliminationRules(IV) EliminationRules(IV)

Modus Ponens

P → Q P Q mp Example:

Prove P

→ (Q → R) P ∧ Q → R Implication:

InIsabelle: [|?P → ?Q ;?P |] ?Q

P

✯ Q R

P

✯ Q

Q R P ( Q R)

impI

R R

assum

Q

assum

P

assum assum conjE mp mp

2.[P ∧ Q] 3.[P] 4.[Q] 1.P → (Q → R)

slide-6
SLIDE 6

6

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

21

MoreEliminationRules(V) MoreEliminationRules(V)

eliminationrulededucesanyformulainthepresenceofbothP and¬P

¬ P P R

notE

Isabelle: [|¬ ?P ; ?P |]

  • ?R
  • (notE)
  • InIsabelle,therearemanyusefulprovedtheoremsaboutnegation

thatcanbeusedinproofs

  • Proofbycontradictionoftenusestheoremsinvolvingcontrapositives

suchas:P → Q and¬Q → ¬P Exampletheorem:

¬Q Q P [¬P]

. . .

[| ¬ ?Q ; ¬ ?P ?Q |] ?P Negation:

Isabelle: AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

22

EliminationRulesforQuantifiers EliminationRulesforQuantifiers

UniversalElimination: Isabelle:(∀x. ?P x ) ?P ?x

  • Note:InIsabelleterminology,thisisadestructionrule
  • Canprovideanalternativenon-destructiverule

Isabelle: [| ∀x. ?P x ; ?P ?x R |] R

  • (allE)

∀ x.P x P t spec

unknownvariablecanbefreely instantiatedtoanyterm

∀x.P x R R [P x]

. . .

allE

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

23

EliminationRulesforQuantifiers EliminationRulesforQuantifiers

ExistentialQuantifier: ExistentialQuantifier:

Provided Providedx x0

0 doesnotoccurin

doesnotoccurinP x P x or

  • rQ

Q oranyother

  • ranyother

premisesotherthan premisesotherthanP x P x0

0 onwhichderivationof

  • nwhichderivationofQ

Q from fromP x P x0

0 depends

depends

(exE) Thisis(onceagain)universalquantificationintheIsabelle meta-logic (cf.allI).Itensuresthattheprovisoisenforced. Q Q [P x0]

  • ∃x.P

x exE InIsabelle:[|∃x.?P x ; x.?P x ?Q |] ?Q

Thisprovisoispartoftheruledefinition andcannotbeomitted

AutomatedReasoning IntroductiontoIsabelle/HOLLecture8/9

24

Summary Summary

  • AfirstlookattheoremprovinginIsabelle/HOL
  • NaturalDeduction
  • introductionandeliminationrulesinIsabelle
  • someruleshaveprovisos
  • Proofscanbegivenasatreefornaturaldeduction
  • ReadChapter5oftutorialonIsabelle/HOL
  • availableviaARwebpage
  • Moretocome…