CS 245 Logic and Computation Lecture 1 Richard Trefler - - PowerPoint PPT Presentation

CS 245 Logic and Computation

Lecture 1

Richard Trefler trefler@cs.uwaterloo.ca DC 2336 http://www.student.math.uwaterloo.ca/˜cs245 uw.cs.se112cs245 cs245@student.uwaterloo.ca

– p.1/42

Today’s Agenda

What is this course about? Motivation Course Outline Course Resources Course Grade Questions

– p.2/42

CS 245: Logic and Computation

This course is about logic and its use in software engineering. In particular, we will study the use of logic for specification and checking the correctness of programs.

– p.3/42

Program Correctness

When you write a program: . . . how do you know what it’s supposed to do?

– p.4/42

Program Correctness

When you write a program: . . . how do you know what it’s supposed to do? (specification)

– p.4/42

Program Correctness

When you write a program: . . . how do you know what it’s supposed to do? (specification) . . . how do you know that it does what it’s supposed to do? (correctness)

– p.4/42

Program Correctness

When you write a program: . . . how do you know what it’s supposed to do? (specification) . . . how do you know that it does what it’s supposed to do? (correctness) inspection testing

– p.4/42

Program Correctness

When you write a program: . . . how do you know what it’s supposed to do? (specification) . . . how do you know that it does what it’s supposed to do? (correctness) inspection testing formal verification

– p.4/42

Formal Verification

In this course, we will learn a technique for doing a more thorough check of whether your program is correct. This is called formal verification (FV) and is based on logical

• reasoning. It’s also called “formal methods” or

“computer-aided verification”. Formal verification checks the correctness of your program for all possible inputs. However, these methods can require more effort, and therefore are complementary to testing and inspection.

– p.5/42

What is logical reasoning?

Example: If the train arrives late and there are no taxis at the station, then John is late for his meeting. John is not late for his meeting. The train did arrive

• late. Were there taxis at the station or not?

– p.6/42

What is logical reasoning?

Example: If the train arrives late and there are no taxis at the station, then John is late for his meeting. John is not late for his meeting. The train did arrive late. Therefore, there were taxis at the station. This argument has a structure. There are premises (facts). Then there is something we deduce from the facts called a

• conclusion. The conclusion logically follows from the facts.

– p.6/42

What is logic?

– p.7/42

What is logic?

According to Webster’s, logic is “the science of correct reasoning”.

– p.7/42

What is logic?

According to Webster’s, logic is “the science of correct reasoning”. According to the Free On-Line Dictionary of Computing, “logic is concerned with what is true and how we can know whether something is true”.

– p.7/42

What is logic?

According to Webster’s, logic is “the science of correct reasoning”. According to the Free On-Line Dictionary of Computing, “logic is concerned with what is true and how we can know whether something is true”. Using logic, we can reason about a system. We can determine whether a program behaves correctly for all possible input values. Testing can only check the program for some (carefully chosen) input values.

– p.7/42

Logical Arguments

Example 1: If the train arrives late and there are no taxis at the station, then John is late for his meeting. John is not late for his meeting. The train did arrive

• late. Therefore, there were taxis at the station.

Here’s another example of a logical argument: Example 2: If it is raining and Jane does not have her umbrella with her, then she will get wet. Jane is not

• wet. It is raining. Therefore, Jane has her umbrella

with her.

– p.8/42

Logical Arguments

Example 1: If the train arrives late and there are no taxis at the station, then John is late for his meeting. John is not late for his meeting. The train did arrive

• late. Therefore, there were taxis at the station.

Here’s another example of a logical argument: Example 2: If it is raining and Jane does not have her umbrella with her, then she will get wet. Jane is not

• wet. It is raining. Therefore, Jane has her umbrella

with her. These two arguments have the same structure, but use different sentence fragments.

– p.8/42

Logical Arguments

Example 1: If the train arrives late and there are no taxis at the station, then John is late for his meeting. John is not late for his meeting. The train did arrive

• late. Therefore, there were taxis at the station.

Example 2: If it is raining and Jane does not have her umbrella with her, then she will get wet. Jane is not

• wet. It is raining. Therefore, Jane has her umbrella

with her. Example 1 Example 2 the train is late it is raining there are taxis at the station Jane has her umbrella with her John is late for his meeting Jane gets wet

– p.9/42

Logical Arguments

The argument can be stated independently of Jane and John and umbrellas and trains and taxis by substituting letters for the sentences as in:

Letter Example 1 Example 2 p the train is late it is raining q there are taxis at the station Jane has her umbrella with her r John is late for his meeting Jane gets wet

The valid argument is then: If p and not q then r. Not r. p. (therefore) q

– p.10/42

Logic

Logic is concerned with the structure of the argument, not the meaning of the sentences. In a logic, there are rules about which structures of arguments are valid and which are not. A logical argument is very rigorous. Only certain rules (the rules of the logic) can be used in a logical argument. In logic, we use symbols to represent the sentences. It’s sometimes called symbolic logic.

– p.11/42

Logical Reasoning and Verification

Using logical reasoning, we can deduce properties of our software. We can view a program as a logical argument. Logic has many other applications within computer science: digital circuits artificial intelligence compilers database queries etc.

– p.12/42

Today’s Agenda

What is this course about? Motivation Course Outline Course Resources Course Grade Questions

– p.13/42

Motivation

It is widely agreed that the main obstacle to “help computers help us more” and relegate to these helpful partners even more complex and sensitive tasks is not inadequate speed and unsatisfactory raw computing power in the existing machines, but our limited ability to design and implement complex systems with sufficiently high degree of confidence in their correctness under all circumstances. – Amir Pnueli, Turing Award Winner This course is about the basics of techniques for ensuring that software works “correctly” in the environments of its intended use.

– p.14/42

Software Engineering

Because of the complexity of software, it can often have subtle bugs. When used in safety-critical applications, these bugs can cost lives or huge amounts of money. Because of these problems, most commercial software comes with no guarantees.

– p.15/42

Safety-critical software

In Britain, the use of techniques based on what you will learn in this course is required for some safety-critical applications. British Ministry of Defense Interim defense standard 00-55, is

• n “requirements for the procurement of safety critical

software in defense equipment”: 31.2.1 The Design Team shall construct the Proof Obligations that verify the source code with respect to its Formal Design, and discharge them by means of Formal Arguments, as laid down in 32.1. 32.1.1 Formal Arguments shall be constructed using Formal Proofs or Rigorous Arguments.

– p.16/42

Loss of Life: Therac-25

A computer-controlled radiation therapy machine called the Therac-25 made by Atomic Energy of Canada overdosed six people between June, 1985 and January 1987. Two of these people died because of the overdose. In some cases the only indication that something was wrong was the cryptic message:

malfunction 54

The error was a timing problem on data entry.

– p.17/42

Loss of Life: Therac-25 (cont’d)

The Therac-25 could deliver radiation as either a beam of electrons or a beam of X-rays. If the operator entered “x” for x rays, the setting of the magnets took 8 seconds. If the operator discovered she had made a mistake and fixed the entry to be “e” within that 8 seconds, even though the screen reflected the change, the change did not affect a part

• f the program.

– p.18/42

Banking

... February 1994, automated teller machines (ATMs) at Chemical Bank in New York City mistakenly deducted a total of approximately $15 million dollars from about a hundred thousand customer accounts . Until the problem was discovered, any customers making withdrawal were charged double the withdrawal’s actual amount on their accounts, although the printed transaction slip showed the correct amount. Only those people who later checked their balance – and knew what it should have been – realized there had been an error. The culprit proved to be a flawed instruction – a single line in updated computer program the company had installed the day before the problem surfaced. – Ivars Peterson, “Fatal Defect: Chasing Killer Computer Bugs”, Vintage Books, 1996, p. 17

– p.19/42

Windows XP

Microsoft released Windows XP on Oct. 25, 2001. That same day, in what may be a record, the company posted 18 megabytes of patches on its Web site: bug fixes, compatibility updates, and enhancements. Two patches fixed important security holes. Or rather, one of them did; the other patch didn’t

• work. Microsoft advised (and still advises) users to back up

critical files before installing the patches. Buyers of the home version of Windows XP , however, discovered that the system provided no way to restore these backup files if things went

• awry. As Microsoft’s online Knowledge Base blandly explained,

the special backup floppy disks created by Windows XP Home "do not work with Windows XP Home. – http://msnbc.com/news/ on the 17 Jun 2002

– p.20/42

Security: SmartCards

Smart cards, the size of a credit card, have a microprocessor and memory, along with a mini operating system. They can run multiple applications, which may be downloaded after the card is in use. These “applets” can carry out various functions such as being an “electronic wallet”, carry health information, etc. Because of the high security considerations, a European project is attempting to verify the code and operating system

• f these cards for “non-interference” between applications.

For these companies “security is their product”. See: Verificard: http://www.verificard.org

– p.21/42

Automobiles

The Cayenne has 40 electronic control units that manage and monitor such functions as engine, airbags, navigation system, sun- roof and seat controls. “The most time- consuming thing,” Kloesters adds, “is to test them with each other, to make sure a soft- ware change with one unit won’t affect the software in another. – Larry Edsall, “A True Porsche?”, Road &

Track, Jan 2003.

Image from: http://www2.us.porsche.com

– p.22/42

Future Applications

Consider the future applications of computers: free flight smart homes patient monitoring automated highways etc. Formal methods help us make sure the software in these kinds of systems is correct.

– p.23/42

Caveats

The use of formal methods does NOT solve all problems. Inspection, testing, and other software engineering practices are also important.

– p.24/42

Today’s Agenda

What is this course about? Motivation Course Outline Course Resources Course Grade Questions

– p.25/42

Course Outline

There are four main topics that we will cover in this course: propositional logic the smallest building block is a statement without connectives, such as “and”. The example with the trains was reasoning in propositional logic. predicate logic includes a means of describing relationships between

• bjects, for example, “every course has an instructor”.

specification ways of describing what a system is required to do Floyd-Hoare logic logic of programs

– p.26/42

Today’s Agenda

What is this course about? Motivation Course Outline Course Resources Course Grade Questions

– p.27/42

Lectures

There are three lecture hours per week for this course. The slides used in class will be available on the course web page. Not all topics covered in class are covered in the textbook. Sometimes information is left xout of the notes for you to fill in during class (particularly examples).

– p.28/42

Suggested Homework

Suggested homework exercises will be listed – most of these are from your text.

– p.29/42

Tutorials

The primary purpose of the tutorials is for you to work on problems. The tutorials will cover material discussed in the previous week’s lectures. The TAs will have some problems prepared for you to try, but this is also your opportunity to ask questions. Tutorials start the week of May 12th.

– p.30/42

Teaching Assistants

cs245 Shea Armstrong Ann Meade Gulay Unel se112 Course Tutor: Eric Gerlach egerlach@student.math

– p.31/42

Required Textbook

Introductory Logic and Sets for Computer Scientists, by Nimal Nissanke, (1999). Errors in the textbook will be listed on the course web page as they are identified. If you think you’ve encountered one, please post it to the newsgroup. Course pack – material from other textbooks for topics covered later in the course.

– p.32/42

Course Web Page and Newsgroup

http://www.student.math.uwaterloo.ca/~cs245 uw.cs.se112cs245 You are expected to read the course newsgroup and web pages regularly. Guidelines for use of the newsgroup are the same as those found in the cs134 course notes.

– p.33/42

Course Software

We have software to support the kind of logical reasoning that you will learn in this course. The advantage of the software is that it allows you to check your work. The software doesn’t allow you to make a mistake in your logical reasoning. The user interface is a simple GUI.

– p.34/42

Today’s Agenda

What is this course about? Motivation Course Outline Course Resources Course Grade Questions

– p.35/42

Evaluation

Component Weight Assignments (9) 27% Midterm Exam 23% Tues, June 10 4:30 – 6:30pm Final Exam 50% Students must pass the final exam to pass the course. Everything seen in class, done in assignments, or covered in the recommended readings, might be tested by exam questions.

– p.36/42

Assignments

Assignments will be approximately weekly, usually handed

• ut on Friday and due the following Friday.

All assignments are written (neatly handwritten or typed), unless you use the course software. Assignments are to be handed in at the drop box – mc 4065 – by 11am the day they are due. Assignments are to be completed individually. The policy on academic offenses is on the course web page.

– p.37/42

Late Policy for Assignments

Assignments can be turned in late until the Monday after they are due – turn in late assingments in class. You may turn in late assingments only twice in the term. For assignments due just before exams, the late policy will not apply so that solution sets can be handed out right away.

– p.38/42

Remarking Policy

Requests for remarks of assignments or exams will be accepted for two weeks after the assignment/exam has been returned. To request a remark, provide a written explanation indicating which question you would like remarked and what you think the problem is with the mark given.

– p.39/42

Help with Course Material

Ask questions in class. Check the lecture notes and textbook. Check the solution sets (assignments, suggested homework exercises). Ask questions in tutorial. Post to the newsgroup. Come to office hours: Instructor’s office hours: Mon 3-4, Wed 3-4. DC 2336. Tutor’s office hours: Send email to the course tutor (cs245@student.math.uwaterloo.ca) Send email to the instructor Look at previous years’ assignments and exams.

– p.40/42

Expectations

– p.41/42

Expectations

ASK QUESTIONS!

– p.41/42

Expectations

ASK QUESTIONS! In consideration of other students, only ONE person (me or you) should be talking at all times.

– p.41/42

Expectations

ASK QUESTIONS! In consideration of other students, only ONE person (me or you) should be talking at all times. This course is about details! We will be doing detailed proofs and listing all the justifications.

– p.41/42

Expectations

ASK QUESTIONS! In consideration of other students, only ONE person (me or you) should be talking at all times. This course is about details! We will be doing detailed proofs and listing all the justifications. We welcome feedback on how the course is going ! You can: Send me email Send a TA or the course tutor email Tell your class rep

– p.41/42

Next Lecture

Topic: Propositions and Propositional Connectives Reading: Nissanke, Ch. 1, 2, 3.1, 3.2 QUESTIONS?

– p.42/42