Software Engineering Lecture Notes

Size: px
Start display at page:

Download "Software Engineering Lecture Notes"

Transcription

1 Software Engineering Lecture Notes Paul C. Attie August 30, 2013 c Paul C. Attie. All rights reserved.

2 2

3 Contents I Hoare Logic 11 1 Propositional Logic Introduction and Overview Combining Propositions: Logical Connectives Syntax and Semantics Universal Truth of Propositions Syntax Syntax of Propositions Propositional Formulae Deductive Systems, Proofs A Deductive System Example Proofs The Simplified Proof Format Semantics Truth-tables Evaluation of Propositions Satisfiability and Validity, Tautologies Semantic Entailment, Soundness, Completeness Normal Forms Predicate (First-order) Logic Predicates Precedence of Operators in a Predicate Arithmetic Inequalities Quantification Logical Quantifiers The Universal Quantifier Logical Quantifiers The Existential Quantifier

4 4 CONTENTS Arithmetic Expressions and Quantifiers Properties of Quantifiers Quantifying Over an Empty Range Quantifiers Bound Variable Laws Quantifiers Range Laws Quantifiers Function Laws Quantifiers Range and Function Interchange States Notation for Functions, Sets, and Predicates Semantics: Evaluation of Predicates Satisfiability and Validity, Semantic Entailment Translating English Into First-order Formulae Handling Predicates with Arguments Type Correctness in Writing Predicates Verification of Program Correctness: Hoare-Floyd Logic Our Programming Language Conditional Correctness of Programs: The Hoare Triple Notation {P} S {Q} Validity of {P } S {Q} Program Specification A Deductive System for Proving the Validity of Hoare Triples The Assignment Axiom The two-way-if Rule The one-way-if Rule The Rules of Consequence the left consequence-rule The Rules of Consequence the right consequence-rule The Rule of Sequential Composition The while Rule Proof Tableaux Extended Example: Summing an Array Another Extended Example: Finding the Minimum Element of an Array Total Correctness of Programs: The Notation P S Q Specifying Termination Only

5 CONTENTS Relating Total Correctness, Conditional Correctness, and Termination Proving Termination: The Proof Rule for Termination of while -loops Proof Tableaux for Termination Deriving Invariants from Postconditions Verification of Programs Containing Procedures Proving Conditional Correctness of Procedures Conditional Correctness of Nonrecursive Procedures Dealing with Initial Values of Parameters Conditional Correctness of Recursive Procedures Proving Termination of Procedures Proving Termination of Nonrecursive Procedures Proving Termination of Recursive Procedures II Software Engineering 77 5 Introduction The Software Construction Problem Decomposition and Abstraction Example Discussion Errrors in Programs and their Detection Review of OO Concepts Java Program Structure Packages Variables, references, objects, and mutability Mutability Equality and Identity Strings Aliasing Method call Type checking Procedural Abstraction 89

6 6 CONTENTS 7.1 Overview Abstraction by Parametrization Abstraction by Specification Specification of a Procedure Example Specification Initial and Final Values Methodology Example Implementation Contract View of Specifications Designing Procedural Abstractions Choosing which procedures to implement Desirable qualities of procedure abstractions Example of Functional Decomposition Another Example of Functional Decomposition Behavioral Equivalence of Implementations Data Abstraction Overview Abstract Data Type Specifying Data Abstractions Using Data Abstractions Implementing Data Abstractions Selecting a representation Implement constructors and methods The Abstraction Function The Representation Invariant Implementing the abstraction function and representation invariant Properties of Implementations Benevolent side effects Exposing the Representation Reasoning about data abstractions Example: IntSet Linked Lists

7 CONTENTS Binary Trees The Tree Traversal Problem Iterator Abstraction Overview Iteration in Java Specifying Iterators Using Iterators Implementing Iterators Testing Overview Black Box Testing Testing the cases of a specification Testing boundary conditions White Box Testing Testing Abstract Data Types Unit and Integration Testing Defensive Programming Requirements Specifications Overview The Data Model The Data Model Graph The Textual Information Requirements Specifications Interactive Programs Example Specification for a Web Search Engine The Specification The Data Model The derived relations The constraints The Operations

8 8 CONTENTS 13 Extended example: a student information system Operations Register and drop courses Check grade point averages Check courses needed for graduation Check probation status Check Deans honor list status Data Model Graph, Data Sets, and Basic Relations Data sets Basic Relations Defined Predicates Derived Functions and Relations Data Model Graph Example Requirements Specification for a File System Primitive Sets and Relations Derived relations Define parent in Terms of entries and contents Define pn in terms of entries, contents, first, rest Constraints Parent constraints File system is acyclic Reachability of directories from the Root Reachability of files Uniqueness of names within a subdirectory Uniqueness of FSObjects within a directory Basic and Implied Constraints File System Operations Operations within the current directory Operations that take an absolute pathname as input Operations that take a relative pathname as input Operations that take either kind of pathname as input Move and copy operations

9 CONTENTS 9 15 Design Overview Design Documentation The introductory section The abstraction sections The Design Process Starting the design Designing a target Continuing the design: how to select the next target for design Example Design for a Web Search Engine The Design The Module Specification for Engine The Design of Engine Implementation sketch of queryfirst(w) Implementation sketch of querymore(w) Implementation sketch of finddoc(t) Implementation sketch of adddocfromfile(f) Next major step: document and specify all the abstractions introduced so far Selecting the next target Design of TitleTable Design of Query Design of WordTable Design of Doc Canonical forms The Final Design Example: text justification Specification Design: Implementation sketch Code

10 10 CONTENTS Acknowledgments The material on propositional, predicate, and Hoare Logic is based on Program Construction and Verification [1] by Roland Backhouse, Prentice-Hall, Much of the material in this book is based on Program Development in Java [4], by Barbara Liskov and John Guttag, Addison-Wesley, 2001.

11 Part I Hoare Logic 11

12

13 Chapter 1 Propositional Logic 1.1 Introduction and Overview A proposition is a statement that can be either true or false. For example: it rains I ll stay at home On the other hand, statements such as: open the door why were you late? are not propositions. Propositions can be either simple or compound. A simple (or atomic) proposition is a proposition that contains no other proposition as a part. The two propositions given above are simple. A compound proposition is a proposition that is built up from two or more simple propositions. For example, the compound proposition if it rains then I ll stay at home is built up from the two simple propositions given above using if...then. compound proposition it is Tuesday and the sky is blue Likewise, the is built up from the two simple propositions it is Tuesday, the sky is blue using and. In order to translate such propositions into logical notation, we use symbols to represent propositions. it rains: ra I ll stay at home: st it is Tuesday: tu the sky is blue: bl Then, the compound proposition if it rains then I ll stay at home can be represented by: ra st where is the symbol for if... then. The compound proposition it is Tuesday and the sky 13

14 14 CHAPTER 1. PROPOSITIONAL LOGIC is blue is represented by: tu bl where is the symbol for and. Symbols such as ra, st, tu, bl that represent propositions are called propositional identifiers. When the context makes it clear, we shall use the abbreviated term identifiers instead Combining Propositions: Logical Connectives We saw above that compound propositions are formed from simple propositions using extra words such as if... then (or, in symbolic form, the symbol ). These extra words represent logical connectives or operators. We shall mainly be concerned with the following five logical connectives (it is possible to define others): symbol informal meaning conjunction both disjunction at least one of negation opposite implication if...then equivalence same All of the connectives take two propositions as input, except for negation, which takes one. conjunction represents the informal concept of and. disjunction represents the informal concept of inclusive or (one or the other or both). negation represents the informal concept of not, i.e., the logical opposite. implication represents the informal concept of if... then. This concept is very important in deducing a conclusion logically from a set of assumptions, or premises. Finally, equivalence represents the informal concept of logical sameness Syntax and Semantics There are two aspects to propositional logic: syntax and semantics. Syntax refers to the notation that we use to write propositions. Semantics refers to how we assign meaning to propositions. An analogy can be made with programming: syntax is the programming language in which we write programs (C++, Java, etc) while semantics is the behavior of the program when we run it, i.e., the programs meaning. A key point is that syntax can be technically defined entirely independent of semantics, as a symbol pushing game. Just as a porgramming language can be defined independently of any discussion of what executing the various statements will do, e.g.., just give a BNF grammar Universal Truth of Propositions The whole point of a system of logic is to prove statements (propositions for now). That is, we have some notion of universal truth: some statements are universally true and others are not. For example, by using informal reasoning based on the informal meanings of the propositinal connectives given above, we intuitively expect the following to be universally true:

15 1.2. SYNTAX 15 (p q) (q p) (p q) p p p while we do not expect (p q) (q p) (p q) p p p to be universally true. There are two main methods for formally proving that a proposition is universally true : Syntactic: devise a deductive system, which consists of axioms and rules of inference. A deductive systems povides a systematic method of constructing a proof that a proposition is universally true. We discuss deductive systems in Section below. Semantic: formalize the definition of universally true in a semantic system and then check the definition directly. 1.2 Syntax Syntax of Propositions Propositional Formulae A proposition in general is written as a propositional formula. In other words, a propositional formula is a particular syntactic way of expressing a proposition. Other ways are conceivable, e.g., parse tree, truth-table, etc. For our purposes, we can regard proposition and propositional formula as synonyms. Definition 1 (Proposition) Propositions are formed as follows: 1. true and false are propositions 2. A propositional identifier is a proposition 3. If p is a proposition, then so is ( p) 4. If p and q are propositions, then so are (p q), (p q), (p q), (p q) You are familiar with arithmetic expressions. We can make an analogy between propositions and arithmetic expressions as follows: 1. Any integer constant is an arithmetic expression (e.g., 5, 100) 2. An integer variable is an arithmetic expression 3. If x and y are arithmetic expressions, then so are (x + y), (x y), (x y), (x/y)

16 16 CHAPTER 1. PROPOSITIONAL LOGIC ((p q) r) p q r p q Figure 1.1: Parse tree for the proposition of example 1 Example 1 If p, q, r are propositions, then so is ((p q) r). Figure 1.1 depicts a parse tree for ((p q) r), showing how it is built up from p, q, r and (p q). These are called subpropositions of ((p q) r). Example 2 If p, q are propositions, then so is (( p) q). Precedence of Logical Connectives In definition 1, every logical connective has a pair of associated parentheses. These parentheses are necessary so that a given proposition has a single well-defined meaning. For example, ((p q) r) is different from (p (q r)); in the state s = {(p, F), (q, F), (r, T)}, the first proposition evaluates to T while the second evaluates to F (the notions of state and evaluate are defined formally later on). Note however, that the outer parentheses are redundant in both cases, e..g, ((p q) r) is equally well written as (p q) r. In general, having one pair of parentheses for each logical connective tends to result in propositions with many parentheses, which are consequently hard to read. Precedence rules establish a convention that allows us to omit many of these parentheses. These rules are: 1. Sequences of the same connective are evaluated left to right 2. The precedence of different connectives is as follows (highest precedence first):,,,,

17 1.2. SYNTAX 17 Example 3 ((p q) r) can be written as p q r (p (q r)) can be written as p (q r) ((p q) r) can be written as p q r (p (q r)) can be written as p (q r) ( (( p) ( q)) r) can be written as ( p q) r Deductive Systems, Proofs A deductive system, or calculus, is a symbolic manipulation system whose purpose is to prove statements that are universally true in some sense. It usually has two components: 1. A set of axioms: these are statements that are assumed to be universally true. 2. A set of rules of inference: these are rules that allow us to conclude that a particular statement q (the consequent) follows logically from some other statements p 1,..., p n (the premises). In particular, if p 1,..., p n have already been shown to be universally true, then we can conclude that q is also universally true. A rule of inference gives a deduction step: if we have already proven that the premises p 1,..., p n are universally true, then we can now deduce that the consequent q is universally true by applying the rule. An axiom can be viewed as an inference rule with no premises, since it states that some q is universally true per se. For the time being, we can think of a statement as being a proposition. However, the notion of proof applies to other kinds of statements, as we will see in the chapter on first-order logic. Now given that the axioms are universally true, and that the rules of inference preserve universal truth, it follows that: 1. if we start with the axioms, and 2. conclude new statements only by applying the rules of inference to statements that have previously been shown to be universally true then we will never incorrectly conclude that a statement is a universal truth when in fact it is not. This leads us to the following definition of proof: Definition 2 (Proof) A proof is a finite sequence e 1, e 2,..., e n of statements such that each e i (1 i n) is either an axiom, or follows from earlier statements (e j for 1 j < i) by application of a rule of inference. Remark 1 Every statement that occurs in some proof is a universal truth. Every prefix of a proof is also a proof. Suppose that, starting with some proposition p as an assumption, we can deduce another proposition q using both our proof system and in addition the assumption p. In other words, each e i in Definition 2 can be either an axiom, or follow from previous statements (e j for

18 18 CHAPTER 1. PROPOSITIONAL LOGIC 1 j < i) by applying a rule of inference, or can be just p itself, written as a statement in the proof without any justification whatsoever. Then, we have proven q using p as an assumption, and so, we have deduced q from p. The same reasoning applies if we replace the single statement p by a set of statements p 1,..., p n. This leads to notion of a deducibility relation between a set of statements p 1,..., p n, used as premises, and a statement q, used as a conclusion. We use the symbol for this relation, and write p 1,..., p n q if and only if q can be deduced from p 1,..., p n. Definition 3 ( ) p 1,..., p n q if and only if there exists a finite sequence e 1, e 2,..., e n of statements such that e n is q and each e i (1 i n) is either: an axiom, or follows from earlier statements (e j for 1 j < i) by application of a rule of inference, or is one of p 1,..., p n. Note that technically, the sequence of statements in the above definition is not necesarily a proof, since the p 1,..., p n are not necessarily axioms. When p 1,..., p n q, there may not be (in general) a single rule of inference whose premises match p 1,..., p n and whose conlcusion matches q. There will be a proof, of some length, of q from p 1,..., p n. When q occurs in a proof, and so is universally valid, it can be deduced from no assumptions, and so we write q, with an empty left hand side of the symbol. A rule of inference can now be formally written as p 1,..., p n q. An axiom is written as q. We regard axioms as statements whose universal truth is accepted on first principles, and so does not need to be proven. An alternative notation is p 1,...,p n q. The following is a definition of equivalent to the one given above, and which illustrates the inductive nature of proof. Definition 4 ( )-alternative p 1,..., p n q if and only if: q is an axiom, or there exist q 1,..., q m such that: q follows from q 1,..., q m by applying some rule of inference, and for all j from 1 to m : p 1,..., p n q j A Deductive System We now present a deductive system, i.e., a set of axioms and rules of inference. Our system consists of several axioms, and two rules of inference. All of our axioms, apart from the excluded middle, are equivalence statements, i.e., they give the equivalence of two propositions.

19 1.2. SYNTAX 19 The Axioms 0. Axiom of The Excluded Middle: p p 1. Commutative Axioms: (p q) (q p) (p q) (q p) (p q) (q p) 2. Associative Axioms: p (q r) (p q) r p (q r) (p q) r 3. Distributive Axioms: p (q r) (p q) (p r) p (q r) (p q) (p r) 4. De Morgans Axioms: (p q) p q (p q) p q 5. Axiom of Negation: ( p) p 6. Axiom of Contradiction: p p false 7. Axiom of Implication: p q p q 8. Axiom of equivalence: (p q) (p q) (q p) 9. Axioms of or-simplification: p p p p true true p false p p (p q) p 10. Axioms of and-simplification: p p p p true p p false false p (p q) p 11. Axiom of Identity: p p The Rules of Inference: the rules of Substitution and Transitivity 12. Rule of Substitution Let E(b) be a proposition, written as a function of one of its identifiers b. The rule of substitution is: p q E(p) E(q) The rule of substitution allows us to substitute one proposition for another if they have been previously shown to be equivalent, i.e., it is the logical version of the idea of substitution of eqauls for equals from arithmetic. Example 4 Let E(b) = b r. Now p q p q by the law of implication. Hence

20 20 CHAPTER 1. PROPOSITIONAL LOGIC (p q) r ( p q) r by the rule of substitution. The rule of transitivity allows us to string together two equivalences that have a common proposition. 13. Rule of Transitivity If p q and q r, then p r. Expressed formally, this is: p q, q r p r. Example 5 p q p q by the law of negation. Also, p q q p by the law of commutativity. Hence p q q p by the rule of transitivity. Both of these rules facilitate the decomposition of a proof problem into several simpler subproblems Example Proofs There are several different kinds of statement that can be established using our second deductive system. First, we show how a proposition can be proven universally true, i.e., how to show p. Proof. Proof of (p (q r)) ((p q) r) 1. ( p q r) ( p q r) axiom of excluded middle 2. ( p q r) ( (p q) r) (2), DeMorgan, substitution 3. ( p (q r)) ( (p q) r) (3), implication, substitution 4. (p (q r)) ((p q) r) (4), implication 2, substitution 5. (p (q r)) ((p q) r) (5), implication, substitution The above is a correct proof, according to Definition 2, and so we conclude (p (q r)) ((p q) r). Note our proof format. On the left, we number each line. In the middle, we write down a statement e i (see Definition 2). On the right, we include a comment that explains the reason we are able to append the associated statement to the proof. Typically, this will contain a number (or numbers) that refer(s) to previous statements, as well as the names of the rules of inference that are used. The rule of substitution is used very often in the above proof. This is because we often manipulate only part of a formula (using one of our rules to turn it into something equivalent) and leave the rest untouched. Hence, we will usually use the rule of subsititution implicitly, and omit reference to it. To prove sequents, i.e., statements of the form p 1,..., p n q, we just use the premises p 1,..., p n in the proof as if they were axioms (see Definition 3). Proof. Proof of p q q p

21 1.2. SYNTAX p q premise 2. p q (1), implication 3. q p (2), commutativity 4. q p (3), negation, substitution 5. q p (4), implication We now show how to prove statements of the form p q. Proof. Proof of p q q p. 1. p q p q implication 2. p q q p commutativity 3. q q negation 4. q p q p (3), substitution with E(b) = b p 5. q p q p implication 6. q p q p (5), symmetry of 7. p q q p (1), (2), transitivity of 8. p q q p (4), (7), transitivity of 9. p q q p (6), (8), transitivity of Because the direction of deduction in a proof is one way, from top to bottom, we are now obliged to carry the entire equivalence statement on every line. Thus there is a lot of repetition in the above proof. For example, many statements have a part p q that is never manipulated. If we use the above format, this will often be the case. The next section presents a more economical simplified proof format The Simplified Proof Format In the proof of (p (q r)) ((p q) r) above, every statement follows from the immediately preceding statement. Actually, every statement is equivalent to the immediately preceding statement. Hence we do not need to number the statements, but merely insert a sign between each succeeding pair to indicate that these are equivalent. We define this simplified proof format as follows. Definition 5 (Simplified Proof Format) A proof in simplified proof format of the statement e 1 e n is a finite sequence e 1, e 2,..., e n of statements where, for all i such that 1 i n 1, e i e i+1 can be proven using the axioms and rules of inference. To show that a proposition is valid using the simplified proof format, we show that it is equivalent to an axiom, or that it is equivalent to T. Here is Proof from Section rewritten in this format. Proof. Proof of t t (p (q r)) ((p q) r)

22 22 CHAPTER 1. PROPOSITIONAL LOGIC t t axiom of excluded middle ( p q r) ( p q r) substitution ( p q r) ( (p q) r) DeMorgan ( p (q r)) ( (p q) r) implication (p (q r)) ((p q) r) implication 2 (p (q r)) ((p q) r) implication In the above proof, it is difficult to see how the steps are being decided. Many times, it is easier to start with the proposition being proven, and to work backwards. With the simplified proof format, this is easy, since is symmetric. It is, in principle, possible to do this for proofs in the regular format, but much harder, and usually not useful. When we reverse the steps in Proof we get: Proof. Proof of true (p (q r)) ((p q) r) (p (q r)) ((p q) r) (p (q r)) ((p q) r) implication ( p (q r)) ( (p q) r) implication 2 ( p q r) ( (p q) r) implication ( p q r) ( p q r) DeMorgan t t substitution true axiom of excluded middle This works because we show equivalence with true. Here is a proof of p q q p in the simplified format. Compare it with Proof in Section above. Proof. Proof of p q q p p q p q implication q p commutativity q p negation, substitution q p implication Definition 6 (Simplified Proof Format with ) A proof in simplified proof format of the statement e 1 e n is a finite sequence e 1, e 2,..., e n of statements where, for all i such that 1 i n 1, either e i e i+1 or e i e i+1 can be proven using the axioms and rules of inference. This format lets us prove implications, which is very useful in program verification.

23 1.3. SEMANTICS Semantics Truth-tables The meaning of the logical connectives can be given using truth-tables. A truth-table for a logical connective gives the value of a compound proposition formed using the connective in terms of the values of the simple propositions that are the inputs. As we said above, propositions can have two values only: true (which will be written as T from now on), and false (which will be written as F from now on). T and F are called truth-values. The truth-table contains a number of rows, one for each possible combination of values of the inputs. Since true is the proposition that is universally true, its meaning is just the truth value T: true T Truth-table for true Since false is the proposition that is universally false, its meaning is just the truth value F: false F Truth-table for false The meaning of negation is given by the following table: p p T F F T Truth-table for negation Since negation takes one proposition p as input, this table has two rows, one for each possible value of the input p. The meaning of conjunction is given by the following table: p q p q T T T T F F F T F F F F Truth-table for conjunction Since conjunction takes two propositions p, q as input, this table has four rows. Each of the inputs p, q has two possible values, and so the number of combinations of values is 2 2 = 4. Likewise, the truth-tables for the remaining connectives are as follows:

24 24 CHAPTER 1. PROPOSITIONAL LOGIC p q p q T T T T F T F T T F F F Truth-table for disjunction p q p q T T T T F F F T T F F T Truth-table for implication p q p q T T T T F F F T F F F T Truth-table for equivalence Evaluation of Propositions Evaluation of Constant Propositions A constant proposition is a proposition that does not contain any identifiers. In other words, constant propositions are composed entirely of the truth values T, F and the logical connectives. You evaluate a constant proposition by executing the following steps: 1. The value of true is T, and the value of false is F. 2. Evaluate a constant proposition containing exactly one connective by using the truthtables given in subsection Evaluate a constant proposition containing n connectives (for any n > 1) inductively as follows: (a) Find all the subpropositions that contain exactly one connective and evaluate them using step 2. Replace each subproposition by the value obtained for it. (b) Repeat step 3a until you are left with either T or F. Example 6 The proposition ((T F) F) is evaluated as follows. First, the subproposition (T F) is evaluated using the truth table for conjunction (page 23). The result is F. Replacing (T F) by F, we obtain (F F). This is evaluated using the truth table for disjunction (page 24), obtaining the final result of F. Figure 1.2 shows this evaluation process depicted on the parse tree for ((T F) F).

25 1.3. SEMANTICS 25 F F F T F Figure 1.2: Parse tree depicting the evaluation of ((T F) F) Example 7 The proposition (( F) T) is evaluated as follows. First, the subproposition ( F) is evaluated using the truth table for negation (page 23). The result is T. Replacing ( F) by T, we obtain (T T). This is evaluated using the truth table for equivalence (page 24), obtaining the final result of T. Evaluation of (General) Propositions Now a proposition contains identifiers, in general. Hence, the proposition does not have a truth-value per se. This is because we cannot determine a truth-value for the proposition without knowing truth-values for all of the identifiers in the proposition first. For example, the proposition p q is neither true nor false in itself; it is true if p and q both happen to be true (but we don t know this yet), and false otherwise. Even though propositions do not have truth-values per se, they can be assigned truth-values. We assign a truth-value to a proposition by assigning truth-values to all of it s propositional identifiers. Once this is done, the truth-value of the proposition can be determined by replacing all the identifiers by their assigned values and then evaluating the resulting constant proposition as shown in subsection Propositional identifiers are assigned truth-values by means of a state: Definition 7 (State) A state is a function from identifiers to truth-values. For example, the state s = {(b, T), (c, F)} assigns T to b and F to c. We use the notation s(b) to denote the value that a state s assigns to an identifier b. If s assigns no value to b, then s(b) is

26 26 CHAPTER 1. PROPOSITIONAL LOGIC undefined A state is sometimes also called a truth-value assignment, or a valuation. We use the term state because it is more related to the application of logic to programming, which is the focus of this class. Note that a state is somewhat like a row of a truth-table in that it assigns a value to every propositional identifier listed in the truth-table. We say a proposition p is well-defined in state s iff s assigns a truth-value to every identifier in p. For example, the proposition b c is well-defined in the state s = {(b, T), (c, F)}, whereas the proposition b d is not. We will usually assume that p is well-defined in state s when we write s(p), and will not mention this assumption explicitly. If p is well-defined in s, then we use s(p) to denote the truth-value assigned to p by s. s(p) is evaluated as follows: 1. Replace every identifier b in p by its value s(b) in state s 2. You now have a constant proposition. Evaluate it as shown above in subsection Example 8 We evaluate the proposition ((p q) r) in the state s = {(p, T), (q, F), (r, F)}. Replacing p, q, r by their values T, F, F in state s, we obtain the constant proposition ((T F) F). From example 6, We see that this evaluates to F. We can construct a truth-table for an arbitrary proposition by evaluating it on all 2 n possible combinations of its input values (assuming it contains n propositional identifiers). Example 9 Truth-table for ((p q) r). The row within lines corresponds to example 8. p q r (p q) ((p q) r) T T T T T T T F T T T F T F T T F F F F F T T F T F T F F F F F T F T F F F F F Truth-table for ((p q) r) Example 10 We evaluate the proposition (( p) q) in the state s = {(p, F), (q, T)}. Replacing p, q by their values F, T in state s, we obtain the constant proposition (( F) T). From example 7, We see that this evaluates to T. We formally define the method of evaluating propositions as follows. Definition 8 (Evaluation of Propositions) Let p, q be propositions. Then, we have 1. s(true) = T, and s(false) = F

27 1.3. SEMANTICS s( p) = (s(p)) 3. s(p q) = (s(p) s(q)) 4. s(p q) = (s(p) s(q)) 5. s(p q) = (s(p) s(q)) 6. s(p q) = (s(p) s(q)) Since s(p), s(q) are truth-values, it is permissible to use them as inputs to logical connectives. An important point is that our method of evaluating propositions is compositional: once the value of the subformulae p, q has been determined we cau use the appropriate truth-table to find the value of p q, p q etc. Since the (truth) value of a proposition depends only on the (truth) value of its subpropositions, this is called truth-functional semantics. Example 11 We redo Example 8 using Definition 8 as follows. s((p q) r) = s(p q) s(r) = (s(p) s(q)) s(r) = (T F) F = F F = F Satisfiability and Validity, Tautologies Using a deductive system, we formalized the idea of universally true by the idea that any proposition that has a proof is universally true: if p then p is universally true. We justified this as follows: (1) axioms are universally true, and (2) rules of inference preserve universal truth, i.e., if the premises are universally true, then so is the conclusion. Then, a simple inductive argument (on the length of a proof) establishes the above assertion. However, the notion of universally true is still an informal one, so this is not completely satisfying. Now that we know how to evalulate propositions, we can formalize this notion. Intuitively, a proposition is universally true if it evaluates to true in every state (in which it is well-defined). We call this formal notion validity: Definition 9 (Valid) A proposition p is valid iff for every state s such that s(p) is well-defined, s(p) = T. We call a proposition that is valid a tautology. Notice that true is a tautology. Example 12 p p is a tautology. (p (q r)) ((p q) r) is a tautology. What about propositions that are universally false? The corresponding formal concept is that of a contradiction : Definition 10 (Contradiction) A proposition p is a contradiction iff for every state s such that s(p) is well-defined, s(p) = F.

28 28 CHAPTER 1. PROPOSITIONAL LOGIC Finally, what about propositions that are neither universally true nor universally false? These are called contingencies : Definition 11 (Contingency) A proposition p is a contingency iff there exists a state s in which p is well-defined such that s(p) = T, and there exists a state t in which p is well-defined such that t(p) = F. Example 13 p is a contingency. Finally, another important idea is that of satisfiable : Definition 12 (Satisfiable) A proposition p is satisfiable iff there exists a state s in which p is well-defined such that s(p) = T. Example 14 p p is a contradiction. Exercise 1 Show that p is valid iff p is not satisfiable, i.e., that satisfiability is the dual of validity. Show that p is not satisfiable iff p is a contradiction. Show that p is a contingency iff both p and p are satisfiable Semantic Entailment, Soundness, Completeness Returning now to our key idea: if p then p is universally true, we now replace universally true by its formal counterpart, valid : if p then p is valid. In other words, our deductive system admits only proofs of valid propositions. This is actually the main reason for having deductive systems, to be able to prove that some propositions are valid. This crucial property of a deductive system is called soundness. We show below that our two deductive systems presented above are sound. The converse property: if p is valid then p is called completeness. It states that if a proposition is valid, then there is proof of that proposition. Completeness is desirable: a complete deductive system is more useful than an incomplete one. However, completeness is not crucial in the way that soundness is; incomplete deductive systems can still be useful. Indeed some logics (e.g., second-order logic, Hoare logic for languages with procedure parameters) are inherently incomplete: it is known that no complete deductive system exists for such logics. In a deductive system that is both sound and complete, we have:

29 1.3. SEMANTICS 29 p iff p is valid. Thus, provability and validity coincide, and we see that validity is the semantic counterpart of the (syntactic notion of) proof. We would also like a semantic counterpart of p q, i.e., of deducibility. This is given by the relation of semantic entailment, which is denoted by the symbol =: Definition 13 (Semantic Entailment, =) p 1,..., p n = q if and only if, for every state s such that s(p i ) = T for all i = 1,..., n, we also have s(q) = T. We write = q when there are no p i, i.e., for every state s, s(q) = T. Clearly, = q just says that q is valid. We now generalize the above statements of soundness and completeness as follows: Soundness: if p 1,..., p n q then p 1,..., p n = q. Completeness: if p 1,..., p n = q then p 1,..., p n q. Definition 14 Semantic Equivalence If p = q and q = p then we say that p and q are semantically equivalent. Soundness of the Deductive Systems Theorem 1 The proof system given in Section is sound. For sake of simplicity, we will prove soundness in the restricted case only, and assume the simplified proof format, just to give you an idea of how such a proof is carried out. Theorem 2 In the proof system given in Section 1.2.3, if p then = p. Proof : For each axiom, check its validity by constructing its truth tableand checking that every row gives a result of T. For the rule of substitution, we argue that if p q, then E(p) E(q) by induction on the number of times that this rule has been used. Suppose that the first k uses of the rule are sound. Now suppose that p q is true. From the previous paragraph, and our inductive hypothesis, we have p q. Let s be any state whatsoever (we usually say: let s be an arbitrary state). By definition of how a proposition is evaluated (subsection 1.3.2), s(e(p)) and (E(q)) are computed by replacing all occurrences of p, q in E(p), E(q) by s(p), s(q) respectively. But s(p) = s(q) since p q. Hence s(e(p)) must have the same value as s(e(q)). Thus E(p) E(q) holds. Now suppose p. Thus p occurs in a proof. All proofs in the simplified proof format establish p t t, where t t is an instance of the axiom of excluded middle, since this is the only axiom. Thus p t t. Now = t t. Hence = p.

30 30 CHAPTER 1. PROPOSITIONAL LOGIC The rule of transitivity is left as an exercise. (end of proof) 1.4 Normal Forms It is occasionally very useful to be able to convert a proposition into an equivalent proposition that has a particular syntactic form. Two forms in particular shall concern us disjunctive normal form and conjunctive normal form. Definition 15 (Literal) A literal is either a propositional identifier or the negation of a propositional identifier. Definition 16 (Disjunctive Normal Form) A proposition is in disjunctive normal form iff it is a disjunction of conjunctions of literals. Definition 17 (Conjunctive Normal Form) A proposition is in conjunctive normal form iff it is a conjunction of disjunctions of literals. Theorem 3 For every proposition p, there is an equivalent proposition in disjunctive normal form. Proof : Left as an exercise. Theorem 4 For every proposition p, there is an equivalent proposition in conjunctive normal form. Proof : Left as an exercise. Example 15 The proposition p q can be expressed in disjunctive normal form as (p q) ( p q). It can be expressed in conjunctive normal form as ( p q) (p q).

31 Chapter 2 Predicate (First-order) Logic 2.1 Predicates A predicate is like a proposition, except that propositional identifiers may be replaced by any expression that has value T or F, e.g.: 1. Predicate symbols: P (v 1,..., v n ) expresses that a relation P holds among the n values v 1,..., v n. For example, the arithmetic inequalities =,, <,, >, are predicates, as in x 1 < x Logical quantifiers: these allow you to express for all and there exists in formal logic. These expressions are called atomic predicates. Atomic predicates play an analogous role in predicates that propositional identifiers do in propositions. They provide the expressions that are evaluated in a given state to provide truth-values. These truth-values are combined using the logical connectives to produce the final truth-value of a predicate. Notice that, predicates take values (over some domain) as arguments, e.g., x 1 < x 2. So, we need to enlarge our propositional language to be able to denote values. First, we admit constants, e.g., 21, 56, 0. Second, we admit variables, e.g., x, y, z. Finally, we admit function symbols, e.g., f(21), g(x, y), h(y, 56). Note that function (symbols) are applied to arguments, e.g, f is applied to 21, g is applied to x, y etc. A function can be applied (i.e., take as arguments) constants, variables, or the result of other function applications, e.g., f(g(x, y)), f(f(21)). Note that a function can be applied to the result from a previous application of the same functions, as in f(f(21)). This is just how a recursive function works. Each function symbol takes a fixed number n 0 of arguments, called its arity. When n = 0, the function symbol represents a constant, since a function with no arguments cannot change. Let F be the set of all function symbols in our language. This leads to the definition of the class of terms: Definition 18 (Term) The set of terms is built up as follows: A constant is a term. 31

32 32 CHAPTER 2. PREDICATE (FIRST-ORDER) LOGIC A variable is a term. If t 1,..., t n are terms and f F is a function symbol with arity n 1, then f(t 1,..., t n ) is a term. Nothing else is a term. We used P (v 1,..., v n ) above to indicate that relation P holds among the n values v 1,..., v n. P is a predicate symbol, which represents some relation. As with function symbols, each predicate symbol takes a fixed number n of arguments, i.e., has a fixed arity n. Also, since predicate symbols denote relations among values, they will take terms as arguments, since terms denote values. This leads to the definition of atomic prodicate. Let P be the set of all predicate symbols in our language. Definition 19 (Atomic Predicate) Atomic Predicates are formed as follows: 1. true and false are atomic predicates. 2. A propositional identifier is an atomic predicate. 3. If t 1,..., t n are terms and P P is a predicate symbol with arity n, then P (t 1,..., t n ) is an atomic predicate. The syntax of predicates is defined as follows. Definition 20 (Predicate) Predicates are formed as follows: 1. An atomic predicate is a predicate. 2. If p is a predicate, then so is ( p). 3. If p and q are predicates, then so are (p q), (p q), (p q), (p q). 4. If p is a predicate and x is a variable, then x p and x p are predicates 5. Nothing else is a predicate Predicates are also called formulas. Let x be a variable and r, p be predicates. We use ( x : r : p) as an abbreviation for x (r p), and ( x : r : p) as an abbreviation for x (r p). We call r the range and p the quantified predicate. We use x y p as an abbreviation for x y p, and similarly for more than two variables. Likewise x y p abbreviates x y p. We discuss quantification in much more detail below. Example 16 If i, j are integer variables and r is a proposition, then ((i < j) r) is a predicate.

33 2.1. PREDICATES 33 ((i < j) r) i < j r < i j Figure 2.1: Parse tree for ((i < j) r) Precedence of Operators in a Predicate The operators, such as <, =, used in atomic predicates have higher precedence than logical connectives. Example 17 ((i < j) r) can be rewritten as i < j r Arithmetic Inequalities We assume as axioms all the familiar properties of arithmetic inequalities. These can be used in proofs by giving arithmetic as the law used. Some typical properties that you might use are: i, j, k (i < j j < k i k) (i j j k i k) i, j, k (i j j i i = j) i, j, k (i < j i + k < j + k) (i j i + k j + k) i, j, k (k > 0 i < j k i < k j) (k 0 i j k i k j) i, j, k (k < 0 i < j k i > k j) (k 0 i j k i k j)

34 34 CHAPTER 2. PREDICATE (FIRST-ORDER) LOGIC 2.2 Quantification We use LQ to stand for either or. Let p be a formula not containing any quantifiers. In LQ x p: x is the bound variable. x is said to be bound to LQ. All occurrences of x in LQxp are bound occurrences, i.e., the occurrence of x immediately following LQ, and all occurrences of x in p. p is the quantified predicate. In LQ x p, the bound variable x is a place holder that can be replaced by another variable y provided that this does not cause capture: x(w = z x) and y(w = z y) mean the same thing, namely that w is a multiple of z, but w(w = z w) means T (i.e., it is valid), since the quantified predicate w = z w is true for w = 0. So, replacing x by y preserved meaning, while replacing x by w did not. Before defining capture, we need to define the notion of free and bound occurrences of variables. The discussion above gives a definition of bound occurrence that works only when the quantified predicate p does not itself contain any quantifiers. If p contains quantifiers over variables other than x, then this does not affect the binding status of occurrences of x in p. If however, p contains a quantifier over x, e.g., p is x p, and we have: x x p then, the x quantifier overrides the x quantifier. So, we define: Definition 21 Bound and free occrrence of a variable Let p be a formula. In LQ x p: The occurrence of x immediately following LQ is bound to LQ. Occurrences of x within p are bound to the first LQ x quantifier that is encountered when moving left in LQ x p from where the occurence is. An occurrence of a variable that is not bound is free. Notice that in LQ x p, the occurrences of x that are bound to LQ x are exactly those occurrences of x that are free in p (considered by itself). Definition 22 Scope of a quantifier Let p be a formula. In LQ x p, the scope of LQ x is all of p, excepting subformulae of p that themselves have the form LQ xp. In other words, the scope of LQ x is that part of p where any occurrence of x would be bound to LQ x. Definition 23 Capture, t is not free for x in p Let t be a term, x be a variable, and p be a formula. Then t is not free for x in p iff there is a variable y such that:

Programming Languages Third Edition

Programming Languages Third Edition Programming Languages Third Edition Chapter 12 Formal Semantics Objectives Become familiar with a sample small language for the purpose of semantic specification Understand operational semantics Understand

More information

STABILITY AND PARADOX IN ALGORITHMIC LOGIC

STABILITY AND PARADOX IN ALGORITHMIC LOGIC STABILITY AND PARADOX IN ALGORITHMIC LOGIC WAYNE AITKEN, JEFFREY A. BARRETT Abstract. Algorithmic logic is the logic of basic statements concerning algorithms and the algorithmic rules of deduction between

More information

Propositional Logic. Part I

Propositional Logic. Part I Part I Propositional Logic 1 Classical Logic and the Material Conditional 1.1 Introduction 1.1.1 The first purpose of this chapter is to review classical propositional logic, including semantic tableaux.

More information

Lecture 5 - Axiomatic semantics

Lecture 5 - Axiomatic semantics Program Verification March 2014 Lecture 5 - Axiomatic semantics Lecturer: Noam Rinetzky Scribes by: Nir Hemed 1.1 Axiomatic semantics The development of the theory is contributed to Robert Floyd, C.A.R

More information

LOGIC AND DISCRETE MATHEMATICS

LOGIC AND DISCRETE MATHEMATICS LOGIC AND DISCRETE MATHEMATICS A Computer Science Perspective WINFRIED KARL GRASSMANN Department of Computer Science University of Saskatchewan JEAN-PAUL TREMBLAY Department of Computer Science University

More information

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages Harvard School of Engineering and Applied Sciences CS 152: Programming Languages Lecture 19 Tuesday, April 3, 2018 1 Introduction to axiomatic semantics The idea in axiomatic semantics is to give specifications

More information

To prove something about all Boolean expressions, we will need the following induction principle: Axiom 7.1 (Induction over Boolean expressions):

To prove something about all Boolean expressions, we will need the following induction principle: Axiom 7.1 (Induction over Boolean expressions): CS 70 Discrete Mathematics for CS Spring 2005 Clancy/Wagner Notes 7 This lecture returns to the topic of propositional logic. Whereas in Lecture Notes 1 we studied this topic as a way of understanding

More information

To prove something about all Boolean expressions, we will need the following induction principle: Axiom 7.1 (Induction over Boolean expressions):

To prove something about all Boolean expressions, we will need the following induction principle: Axiom 7.1 (Induction over Boolean expressions): CS 70 Discrete Mathematics for CS Fall 2003 Wagner Lecture 7 This lecture returns to the topic of propositional logic. Whereas in Lecture 1 we studied this topic as a way of understanding proper reasoning

More information

AXIOMS FOR THE INTEGERS

AXIOMS FOR THE INTEGERS AXIOMS FOR THE INTEGERS BRIAN OSSERMAN We describe the set of axioms for the integers which we will use in the class. The axioms are almost the same as what is presented in Appendix A of the textbook,

More information

Logic and its Applications

Logic and its Applications Logic and its Applications Edmund Burke and Eric Foxley PRENTICE HALL London New York Toronto Sydney Tokyo Singapore Madrid Mexico City Munich Contents Preface xiii Propositional logic 1 1.1 Informal introduction

More information

Module 6. Knowledge Representation and Logic (First Order Logic) Version 2 CSE IIT, Kharagpur

Module 6. Knowledge Representation and Logic (First Order Logic) Version 2 CSE IIT, Kharagpur Module 6 Knowledge Representation and Logic (First Order Logic) 6.1 Instructional Objective Students should understand the advantages of first order logic as a knowledge representation language Students

More information

6. Hoare Logic and Weakest Preconditions

6. Hoare Logic and Weakest Preconditions 6. Hoare Logic and Weakest Preconditions Program Verification ETH Zurich, Spring Semester 07 Alexander J. Summers 30 Program Correctness There are many notions of correctness properties for a given program

More information

Propositional Logic Formal Syntax and Semantics. Computability and Logic

Propositional Logic Formal Syntax and Semantics. Computability and Logic Propositional Logic Formal Syntax and Semantics Computability and Logic Syntax and Semantics Syntax: The study of how expressions are structured (think: grammar) Semantics: The study of the relationship

More information

Program Verification & Testing; Review of Propositional Logic

Program Verification & Testing; Review of Propositional Logic 8/24: p.1, solved; 9/20: p.5 Program Verification & Testing; Review of Propositional Logic CS 536: Science of Programming, Fall 2018 A. Why Course guidelines are important. Active learning is the style

More information

[Ch 6] Set Theory. 1. Basic Concepts and Definitions. 400 lecture note #4. 1) Basics

[Ch 6] Set Theory. 1. Basic Concepts and Definitions. 400 lecture note #4. 1) Basics 400 lecture note #4 [Ch 6] Set Theory 1. Basic Concepts and Definitions 1) Basics Element: ; A is a set consisting of elements x which is in a/another set S such that P(x) is true. Empty set: notated {

More information

Propositional Calculus. Math Foundations of Computer Science

Propositional Calculus. Math Foundations of Computer Science Propositional Calculus Math Foundations of Computer Science Propositional Calculus Objective: To provide students with the concepts and techniques from propositional calculus so that they can use it to

More information

THREE LECTURES ON BASIC TOPOLOGY. 1. Basic notions.

THREE LECTURES ON BASIC TOPOLOGY. 1. Basic notions. THREE LECTURES ON BASIC TOPOLOGY PHILIP FOTH 1. Basic notions. Let X be a set. To make a topological space out of X, one must specify a collection T of subsets of X, which are said to be open subsets of

More information

Lecture 5. Logic I. Statement Logic

Lecture 5. Logic I. Statement Logic Ling 726: Mathematical Linguistics, Logic. Statement Logic V. Borschev and B. Partee, September 27, 2 p. Lecture 5. Logic I. Statement Logic. Statement Logic...... Goals..... Syntax of Statement Logic....2.

More information

An Annotated Language

An Annotated Language Hoare Logic An Annotated Language State and Semantics Expressions are interpreted as functions from states to the corresponding domain of interpretation Operators have the obvious interpretation Free of

More information

1.3. Conditional expressions To express case distinctions like

1.3. Conditional expressions To express case distinctions like Introduction Much of the theory developed in the underlying course Logic II can be implemented in a proof assistant. In the present setting this is interesting, since we can then machine extract from a

More information

Lectures 20, 21: Axiomatic Semantics

Lectures 20, 21: Axiomatic Semantics Lectures 20, 21: Axiomatic Semantics Polyvios Pratikakis Computer Science Department, University of Crete Type Systems and Static Analysis Based on slides by George Necula Pratikakis (CSD) Axiomatic Semantics

More information

CSC 501 Semantics of Programming Languages

CSC 501 Semantics of Programming Languages CSC 501 Semantics of Programming Languages Subtitle: An Introduction to Formal Methods. Instructor: Dr. Lutz Hamel Email: hamel@cs.uri.edu Office: Tyler, Rm 251 Books There are no required books in this

More information

Chapter 3. Describing Syntax and Semantics

Chapter 3. Describing Syntax and Semantics Chapter 3 Describing Syntax and Semantics Chapter 3 Topics Introduction The General Problem of Describing Syntax Formal Methods of Describing Syntax Attribute Grammars Describing the Meanings of Programs:

More information

Chapter 3. Set Theory. 3.1 What is a Set?

Chapter 3. Set Theory. 3.1 What is a Set? Chapter 3 Set Theory 3.1 What is a Set? A set is a well-defined collection of objects called elements or members of the set. Here, well-defined means accurately and unambiguously stated or described. Any

More information

Hoare Logic. COMP2600 Formal Methods for Software Engineering. Rajeev Goré

Hoare Logic. COMP2600 Formal Methods for Software Engineering. Rajeev Goré Hoare Logic COMP2600 Formal Methods for Software Engineering Rajeev Goré Australian National University Semester 2, 2016 (Slides courtesy of Ranald Clouston) COMP 2600 Hoare Logic 1 Australian Capital

More information

Foundations of AI. 9. Predicate Logic. Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution

Foundations of AI. 9. Predicate Logic. Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution Foundations of AI 9. Predicate Logic Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution Wolfram Burgard, Andreas Karwath, Bernhard Nebel, and Martin Riedmiller 09/1 Contents Motivation

More information

Definition: A context-free grammar (CFG) is a 4- tuple. variables = nonterminals, terminals, rules = productions,,

Definition: A context-free grammar (CFG) is a 4- tuple. variables = nonterminals, terminals, rules = productions,, CMPSCI 601: Recall From Last Time Lecture 5 Definition: A context-free grammar (CFG) is a 4- tuple, variables = nonterminals, terminals, rules = productions,,, are all finite. 1 ( ) $ Pumping Lemma for

More information

Part I Logic programming paradigm

Part I Logic programming paradigm Part I Logic programming paradigm 1 Logic programming and pure Prolog 1.1 Introduction 3 1.2 Syntax 4 1.3 The meaning of a program 7 1.4 Computing with equations 9 1.5 Prolog: the first steps 15 1.6 Two

More information

Going beyond propositional logic

Going beyond propositional logic Going beyond propositional logic Consider the following statements: p: Ling took CS245 q: Ling passed CS245 r: Ling failed CS245 Taken literally, these are all atomic statements, and formally they have

More information

6.001 Notes: Section 6.1

6.001 Notes: Section 6.1 6.001 Notes: Section 6.1 Slide 6.1.1 When we first starting talking about Scheme expressions, you may recall we said that (almost) every Scheme expression had three components, a syntax (legal ways of

More information

Introduction to Axiomatic Semantics

Introduction to Axiomatic Semantics Introduction to Axiomatic Semantics Meeting 10, CSCI 5535, Spring 2009 Announcements Homework 3 due tonight Homework 2 is graded 13 (mean), 14 (median), out of 21 total, but Graduate class: final project

More information

AXIOMS OF AN IMPERATIVE LANGUAGE PARTIAL CORRECTNESS WEAK AND STRONG CONDITIONS. THE AXIOM FOR nop

AXIOMS OF AN IMPERATIVE LANGUAGE PARTIAL CORRECTNESS WEAK AND STRONG CONDITIONS. THE AXIOM FOR nop AXIOMS OF AN IMPERATIVE LANGUAGE We will use the same language, with the same abstract syntax that we used for operational semantics. However, we will only be concerned with the commands, since the language

More information

Semantics via Syntax. f (4) = if define f (x) =2 x + 55.

Semantics via Syntax. f (4) = if define f (x) =2 x + 55. 1 Semantics via Syntax The specification of a programming language starts with its syntax. As every programmer knows, the syntax of a language comes in the shape of a variant of a BNF (Backus-Naur Form)

More information

(a) (4 pts) Prove that if a and b are rational, then ab is rational. Since a and b are rational they can be written as the ratio of integers a 1

(a) (4 pts) Prove that if a and b are rational, then ab is rational. Since a and b are rational they can be written as the ratio of integers a 1 CS 70 Discrete Mathematics for CS Fall 2000 Wagner MT1 Sol Solutions to Midterm 1 1. (16 pts.) Theorems and proofs (a) (4 pts) Prove that if a and b are rational, then ab is rational. Since a and b are

More information

An Evolution of Mathematical Tools

An Evolution of Mathematical Tools An Evolution of Mathematical Tools From Conceptualization to Formalization Here's what we do when we build a formal model (or do a computation): 0. Identify a collection of objects/events in the real world.

More information

3.4 Deduction and Evaluation: Tools Conditional-Equational Logic

3.4 Deduction and Evaluation: Tools Conditional-Equational Logic 3.4 Deduction and Evaluation: Tools 3.4.1 Conditional-Equational Logic The general definition of a formal specification from above was based on the existence of a precisely defined semantics for the syntax

More information

Introduction to dependent types in Coq

Introduction to dependent types in Coq October 24, 2008 basic use of the Coq system In Coq, you can play with simple values and functions. The basic command is called Check, to verify if an expression is well-formed and learn what is its type.

More information

Mathematical Logic Prof. Arindama Singh Department of Mathematics Indian Institute of Technology, Madras. Lecture - 37 Resolution Rules

Mathematical Logic Prof. Arindama Singh Department of Mathematics Indian Institute of Technology, Madras. Lecture - 37 Resolution Rules Mathematical Logic Prof. Arindama Singh Department of Mathematics Indian Institute of Technology, Madras Lecture - 37 Resolution Rules If some literals can be unified, the same algorithm should be able

More information

Propositional Logic. Andreas Klappenecker

Propositional Logic. Andreas Klappenecker Propositional Logic Andreas Klappenecker Propositions A proposition is a declarative sentence that is either true or false (but not both). Examples: College Station is the capital of the USA. There are

More information

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter p. 1/27

CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter p. 1/27 CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer Science (Arkoudas and Musser) Chapter 2.1-2.7 p. 1/27 CSCI.6962/4962 Software Verification Fundamental Proof Methods in Computer

More information

Introductory logic and sets for Computer scientists

Introductory logic and sets for Computer scientists Introductory logic and sets for Computer scientists Nimal Nissanke University of Reading ADDISON WESLEY LONGMAN Harlow, England II Reading, Massachusetts Menlo Park, California New York Don Mills, Ontario

More information

Proving Theorems with Athena

Proving Theorems with Athena Proving Theorems with Athena David R. Musser Aytekin Vargun August 28, 2003, revised January 26, 2005 Contents 1 Introduction 1 2 Proofs about order relations 2 3 Proofs about natural numbers 7 3.1 Term

More information

CS103 Spring 2018 Mathematical Vocabulary

CS103 Spring 2018 Mathematical Vocabulary CS103 Spring 2018 Mathematical Vocabulary You keep using that word. I do not think it means what you think it means. - Inigo Montoya, from The Princess Bride Consider the humble while loop in most programming

More information

1. true / false By a compiler we mean a program that translates to code that will run natively on some machine.

1. true / false By a compiler we mean a program that translates to code that will run natively on some machine. 1. true / false By a compiler we mean a program that translates to code that will run natively on some machine. 2. true / false ML can be compiled. 3. true / false FORTRAN can reasonably be considered

More information

Evaluation Trees for Proposition Algebra

Evaluation Trees for Proposition Algebra Evaluation Trees for Proposition Algebra Alban Ponse joined work with Jan A. Bergstra section Theory of Computer Science Informatics Institute, University of Amsterdam https://staff.fnwi.uva.nl/a.ponse/

More information

Bootcamp. Christoph Thiele. Summer An example of a primitive universe

Bootcamp. Christoph Thiele. Summer An example of a primitive universe Bootcamp Christoph Thiele Summer 2012 0.1 An example of a primitive universe A primitive universe consists of primitive objects and primitive sets. This allows to form primitive statements as to which

More information

Typed Lambda Calculus

Typed Lambda Calculus Department of Linguistics Ohio State University Sept. 8, 2016 The Two Sides of A typed lambda calculus (TLC) can be viewed in two complementary ways: model-theoretically, as a system of notation for functions

More information

Operational Semantics

Operational Semantics 15-819K: Logic Programming Lecture 4 Operational Semantics Frank Pfenning September 7, 2006 In this lecture we begin in the quest to formally capture the operational semantics in order to prove properties

More information

Binary Decision Diagrams

Binary Decision Diagrams Logic and roof Hilary 2016 James Worrell Binary Decision Diagrams A propositional formula is determined up to logical equivalence by its truth table. If the formula has n variables then its truth table

More information

Summary of Course Coverage

Summary of Course Coverage CS-227, Discrete Structures I Spring 2006 Semester Summary of Course Coverage 1) Propositional Calculus a) Negation (logical NOT) b) Conjunction (logical AND) c) Disjunction (logical inclusive-or) d) Inequalities

More information

Goals: Define the syntax of a simple imperative language Define a semantics using natural deduction 1

Goals: Define the syntax of a simple imperative language Define a semantics using natural deduction 1 Natural Semantics Goals: Define the syntax of a simple imperative language Define a semantics using natural deduction 1 1 Natural deduction is an instance of first-order logic; that is, it is the formal

More information

Program Analysis: Lecture 02 Page 1 of 32

Program Analysis: Lecture 02 Page 1 of 32 Program Analysis: Lecture 02 Page 1 of 32 Program Analysis/ Mooly Sagiv Lecture 1, 31/10/2012 Operational Semantics Notes by: Kalev Alpernas As background to the subject of Program Analysis, we will first

More information

Formal Predicate Calculus. Michael Meyling

Formal Predicate Calculus. Michael Meyling Formal Predicate Calculus Michael Meyling May 24, 2013 2 The source for this document can be found here: http://www.qedeq.org/0_04_07/doc/math/qedeq_formal_logic_v1.xml Copyright by the authors. All rights

More information

Propositional Calculus. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson

Propositional Calculus. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson Propositional Calculus CS 270: Mathematical Foundations of Computer Science Jeremy Johnson Propositional Calculus Objective: To provide students with the concepts and techniques from propositional calculus

More information

CS 3512, Spring Instructor: Doug Dunham. Textbook: James L. Hein, Discrete Structures, Logic, and Computability, 3rd Ed. Jones and Barlett, 2010

CS 3512, Spring Instructor: Doug Dunham. Textbook: James L. Hein, Discrete Structures, Logic, and Computability, 3rd Ed. Jones and Barlett, 2010 CS 3512, Spring 2011 Instructor: Doug Dunham Textbook: James L. Hein, Discrete Structures, Logic, and Computability, 3rd Ed. Jones and Barlett, 2010 Prerequisites: Calc I, CS2511 Rough course outline:

More information

3.7 Denotational Semantics

3.7 Denotational Semantics 3.7 Denotational Semantics Denotational semantics, also known as fixed-point semantics, associates to each programming language construct a well-defined and rigorously understood mathematical object. These

More information

== is a decent equivalence

== is a decent equivalence Table of standard equiences 30/57 372 TABLES FOR PART I Propositional Logic Lecture 2 (Chapter 7) September 9, 2016 Equiences for connectives Commutativity: Associativity: P Q == Q P, (P Q) R == P (Q R),

More information

Induction and Semantics in Dafny

Induction and Semantics in Dafny 15-414 Lecture 11 1 Instructor: Matt Fredrikson Induction and Semantics in Dafny TA: Ryan Wagner Encoding the syntax of Imp Recall the abstract syntax of Imp: a AExp ::= n Z x Var a 1 + a 2 b BExp ::=

More information

SOFTWARE ENGINEERING DESIGN I

SOFTWARE ENGINEERING DESIGN I 2 SOFTWARE ENGINEERING DESIGN I 3. Schemas and Theories The aim of this course is to learn how to write formal specifications of computer systems, using classical logic. The key descriptional technique

More information

Introduction to Automata Theory. BİL405 - Automata Theory and Formal Languages 1

Introduction to Automata Theory. BİL405 - Automata Theory and Formal Languages 1 Introduction to Automata Theory BİL405 - Automata Theory and Formal Languages 1 Automata, Computability and Complexity Automata, Computability and Complexity are linked by the question: What are the fundamental

More information

Treewidth and graph minors

Treewidth and graph minors Treewidth and graph minors Lectures 9 and 10, December 29, 2011, January 5, 2012 We shall touch upon the theory of Graph Minors by Robertson and Seymour. This theory gives a very general condition under

More information

Foundations of Computation

Foundations of Computation Foundations of Computation Second Edition (Version 2.3.2, Summer 2011) Carol Critchlow and David Eck Department of Mathematics and Computer Science Hobart and William Smith Colleges Geneva, New York 14456

More information

Towards a Logical Reconstruction of Relational Database Theory

Towards a Logical Reconstruction of Relational Database Theory Towards a Logical Reconstruction of Relational Database Theory On Conceptual Modelling, Lecture Notes in Computer Science. 1984 Raymond Reiter Summary by C. Rey November 27, 2008-1 / 63 Foreword DB: 2

More information

CSE 20 DISCRETE MATH. Fall

CSE 20 DISCRETE MATH. Fall CSE 20 DISCRETE MATH Fall 2017 http://cseweb.ucsd.edu/classes/fa17/cse20-ab/ Final exam The final exam is Saturday December 16 11:30am-2:30pm. Lecture A will take the exam in Lecture B will take the exam

More information

Warm-Up Problem. 1. What is the definition of a Hoare triple satisfying partial correctness? 2. Recall the rule for assignment: x (assignment)

Warm-Up Problem. 1. What is the definition of a Hoare triple satisfying partial correctness? 2. Recall the rule for assignment: x (assignment) Warm-Up Problem 1 What is the definition of a Hoare triple satisfying partial correctness? 2 Recall the rule for assignment: x (assignment) Why is this the correct rule and not the following rule? x (assignment)

More information

Propositional Calculus: Boolean Algebra and Simplification. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson

Propositional Calculus: Boolean Algebra and Simplification. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson Propositional Calculus: Boolean Algebra and Simplification CS 270: Mathematical Foundations of Computer Science Jeremy Johnson Propositional Calculus Topics Motivation: Simplifying Conditional Expressions

More information

This book is licensed under a Creative Commons Attribution 3.0 License

This book is licensed under a Creative Commons Attribution 3.0 License 6. Syntax Learning objectives: syntax and semantics syntax diagrams and EBNF describe context-free grammars terminal and nonterminal symbols productions definition of EBNF by itself parse tree grammars

More information

COSC252: Programming Languages: Semantic Specification. Jeremy Bolton, PhD Adjunct Professor

COSC252: Programming Languages: Semantic Specification. Jeremy Bolton, PhD Adjunct Professor COSC252: Programming Languages: Semantic Specification Jeremy Bolton, PhD Adjunct Professor Outline I. What happens after syntactic analysis (parsing)? II. Attribute Grammars: bridging the gap III. Semantic

More information

Theorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214

Theorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214 Theorem proving PVS theorem prover Abhik Roychoudhury National University of Singapore Both specification and implementation can be formalized in a suitable logic. Proof rules for proving statements in

More information

Homework 1. Due Date: Wednesday 11/26/07 - at the beginning of the lecture

Homework 1. Due Date: Wednesday 11/26/07 - at the beginning of the lecture Homework 1 Due Date: Wednesday 11/26/07 - at the beginning of the lecture Problems marked with a [*] are a littlebit harder and count as extra credit. Note 1. For any of the given problems make sure that

More information

Predicate Logic CHAPTER What This Chapter Is About

Predicate Logic CHAPTER What This Chapter Is About CHAPTER 14 Predicate Logic We now turn our attention to a generalization of propositional logic, called predicate, or first-order, logic. Predicates are functions of zero or more variables that return

More information

15-819M: Data, Code, Decisions

15-819M: Data, Code, Decisions 15-819M: Data, Code, Decisions 08: First-Order Logic André Platzer aplatzer@cs.cmu.edu Carnegie Mellon University, Pittsburgh, PA André Platzer (CMU) 15-819M/08: Data, Code, Decisions 1 / 40 Outline 1

More information

Automated Reasoning. Natural Deduction in First-Order Logic

Automated Reasoning. Natural Deduction in First-Order Logic Automated Reasoning Natural Deduction in First-Order Logic Jacques Fleuriot Automated Reasoning Lecture 4, page 1 Problem Consider the following problem: Every person has a heart. George Bush is a person.

More information

Lecture 5: Predicate Calculus. ffl Predicate Logic ffl The Language ffl Semantics: Structures

Lecture 5: Predicate Calculus. ffl Predicate Logic ffl The Language ffl Semantics: Structures Lecture 5: Predicate Calculus ffl Predicate Logic ffl The Language ffl Semantics: Structures 1 Why Predicate Logic? Propositional logic is not powerful enough to express statements such as ffl For every

More information

Introduction to Sets and Logic (MATH 1190)

Introduction to Sets and Logic (MATH 1190) Introduction to Sets and Logic () Instructor: Email: shenlili@yorku.ca Department of Mathematics and Statistics York University Dec 4, 2014 Outline 1 2 3 4 Definition A relation R from a set A to a set

More information

Hoare triples. Floyd-Hoare Logic, Separation Logic

Hoare triples. Floyd-Hoare Logic, Separation Logic Hoare triples Floyd-Hoare Logic, Separation Logic 1. Floyd-Hoare Logic 1969 Reasoning about control Hoare triples {A} p {B} a Hoare triple partial correctness: if the initial state satisfies assertion

More information

Handout 9: Imperative Programs and State

Handout 9: Imperative Programs and State 06-02552 Princ. of Progr. Languages (and Extended ) The University of Birmingham Spring Semester 2016-17 School of Computer Science c Uday Reddy2016-17 Handout 9: Imperative Programs and State Imperative

More information

2 Introduction to operational semantics

2 Introduction to operational semantics 2 Introduction to operational semantics This chapter presents the syntax of a programming language, IMP, a small language of while programs. IMP is called an "imperative" language because program execution

More information

CSE 20 DISCRETE MATH. Winter

CSE 20 DISCRETE MATH. Winter CSE 20 DISCRETE MATH Winter 2017 http://cseweb.ucsd.edu/classes/wi17/cse20-ab/ Final exam The final exam is Saturday March 18 8am-11am. Lecture A will take the exam in GH 242 Lecture B will take the exam

More information

Constructive Coherent Translation of Propositional Logic

Constructive Coherent Translation of Propositional Logic Constructive Coherent Translation of Propositional Logic JRFisher@cpp.edu (started: 2009, latest: January 18, 2016) Abstract Propositional theories are translated to coherent logic rules using what are

More information

THE FOUNDATIONS OF MATHEMATICS

THE FOUNDATIONS OF MATHEMATICS THE FOUNDATIONS OF MATHEMATICS By: Sterling McKay APRIL 21, 2014 LONE STAR - MONTGOMERY Mentor: William R. Brown, MBA Mckay 1 In mathematics, truth is arguably the most essential of its components. Suppose

More information

Module 11. Directed Graphs. Contents

Module 11. Directed Graphs. Contents Module 11 Directed Graphs Contents 11.1 Basic concepts......................... 256 Underlying graph of a digraph................ 257 Out-degrees and in-degrees.................. 258 Isomorphism..........................

More information

6.001 Notes: Section 8.1

6.001 Notes: Section 8.1 6.001 Notes: Section 8.1 Slide 8.1.1 In this lecture we are going to introduce a new data type, specifically to deal with symbols. This may sound a bit odd, but if you step back, you may realize that everything

More information

Automated Reasoning PROLOG and Automated Reasoning 13.4 Further Issues in Automated Reasoning 13.5 Epilogue and References 13.

Automated Reasoning PROLOG and Automated Reasoning 13.4 Further Issues in Automated Reasoning 13.5 Epilogue and References 13. 13 Automated Reasoning 13.0 Introduction to Weak Methods in Theorem Proving 13.1 The General Problem Solver and Difference Tables 13.2 Resolution Theorem Proving 13.3 PROLOG and Automated Reasoning 13.4

More information

Formally-Proven Kosaraju s algorithm

Formally-Proven Kosaraju s algorithm Formally-Proven Kosaraju s algorithm Laurent Théry Laurent.Thery@sophia.inria.fr Abstract This notes explains how the Kosaraju s algorithm that computes the strong-connected components of a directed graph

More information

Logic as a framework for NL semantics. Outline. Syntax of FOL [1] Semantic Theory Type Theory

Logic as a framework for NL semantics. Outline. Syntax of FOL [1] Semantic Theory Type Theory Logic as a framework for NL semantics Semantic Theory Type Theory Manfred Pinkal Stefan Thater Summer 2007 Approximate NL meaning as truth conditions. Logic supports precise, consistent and controlled

More information

CS Bootcamp Boolean Logic Autumn 2015 A B A B T T T T F F F T F F F F T T T T F T F T T F F F

CS Bootcamp Boolean Logic Autumn 2015 A B A B T T T T F F F T F F F F T T T T F T F T T F F F 1 Logical Operations 1.1 And The and operator is a binary operator, denoted as, &,, or sometimes by just concatenating symbols, is true only if both parameters are true. A B A B F T F F F F The expression

More information

Intro to semantics; Small-step semantics Lecture 1 Tuesday, January 29, 2013

Intro to semantics; Small-step semantics Lecture 1 Tuesday, January 29, 2013 Harvard School of Engineering and Applied Sciences CS 152: Programming Languages Lecture 1 Tuesday, January 29, 2013 1 Intro to semantics What is the meaning of a program? When we write a program, we use

More information

CS4215 Programming Language Implementation. Martin Henz

CS4215 Programming Language Implementation. Martin Henz CS4215 Programming Language Implementation Martin Henz Thursday 26 January, 2012 2 Chapter 4 The Language simpl In this chapter, we are exting the language epl in order to provide a more powerful programming

More information

Propositional Calculus. Math Foundations of Computer Science

Propositional Calculus. Math Foundations of Computer Science Propositional Calculus Math Foundations of Computer Science Propositional Calculus Objective: To provide students with the concepts and techniques from propositional calculus so that they can use it to

More information

Mathematical Logic Prof. Arindama Singh Department of Mathematics Indian Institute of Technology, Madras. Lecture - 9 Normal Forms

Mathematical Logic Prof. Arindama Singh Department of Mathematics Indian Institute of Technology, Madras. Lecture - 9 Normal Forms Mathematical Logic Prof. Arindama Singh Department of Mathematics Indian Institute of Technology, Madras Lecture - 9 Normal Forms In the last class we have seen some consequences and some equivalences,

More information

The Rule of Constancy(Derived Frame Rule)

The Rule of Constancy(Derived Frame Rule) The Rule of Constancy(Derived Frame Rule) The following derived rule is used on the next slide The rule of constancy {P } C {Q} {P R} C {Q R} where no variable assigned to in C occurs in R Outline of derivation

More information

Reasoning About Imperative Programs. COS 441 Slides 10

Reasoning About Imperative Programs. COS 441 Slides 10 Reasoning About Imperative Programs COS 441 Slides 10 The last few weeks Agenda reasoning about functional programming It s very simple and very uniform: substitution of equal expressions for equal expressions

More information

BOOLEAN ALGEBRA AND CIRCUITS

BOOLEAN ALGEBRA AND CIRCUITS UNIT 3 Structure BOOLEAN ALGEBRA AND CIRCUITS Boolean Algebra and 3. Introduction 3. Objectives 3.2 Boolean Algebras 3.3 Logic 3.4 Boolean Functions 3.5 Summary 3.6 Solutions/ Answers 3. INTRODUCTION This

More information

Fondamenti della Programmazione: Metodi Evoluti. Lezione 5: Invariants and Logic

Fondamenti della Programmazione: Metodi Evoluti. Lezione 5: Invariants and Logic Fondamenti della Programmazione: Metodi Evoluti Prof. Enrico Nardelli Lezione 5: Invariants and Logic versione originale: http://touch.ethz.ch Reminder: contracts Associated with an individual feature:

More information

CS40-S13: Functional Completeness

CS40-S13: Functional Completeness CS40-S13: Functional Completeness Victor Amelkin victor@cs.ucsb.edu April 12, 2013 In class, we have briefly discussed what functional completeness means and how to prove that a certain system (a set)

More information

logic with quantifiers (informally)

logic with quantifiers (informally) EDAA40 Discrete Structures in Computer Science 8: Quantificational logic Jörn W. Janneck, Dept. of Computer Science, Lund University logic with quantifiers (informally) Given a logical formula that depends

More information

FreePascal changes: user documentation

FreePascal changes: user documentation FreePascal changes: user documentation Table of Contents Jochem Berndsen February 2007 1Introduction...1 2Accepted syntax...2 Declarations...2 Statements...3 Class invariants...3 3Semantics...3 Definitions,

More information

Discrete Mathematics Lecture 4. Harper Langston New York University

Discrete Mathematics Lecture 4. Harper Langston New York University Discrete Mathematics Lecture 4 Harper Langston New York University Sequences Sequence is a set of (usually infinite number of) ordered elements: a 1, a 2,, a n, Each individual element a k is called a

More information

Notes. Notes. Introduction. Notes. Propositional Functions. Slides by Christopher M. Bourke Instructor: Berthe Y. Choueiry.

Notes. Notes. Introduction. Notes. Propositional Functions. Slides by Christopher M. Bourke Instructor: Berthe Y. Choueiry. Slides by Christopher M. Bourke Instructor: Berthe Y. Choueiry Spring 2006 1 / 1 Computer Science & Engineering 235 Introduction to Discrete Mathematics Sections 1.3 1.4 of Rosen cse235@cse.unl.edu Introduction

More information