informatique et preuve
play

Informatique et preuve Une br` eve histoire du raisonnement - PowerPoint PPT Presentation

Oct 19, 2023 •27 likes •1.17k views

Informatique et preuve Une br` eve histoire du raisonnement automatis e Charles Pecheur Universit e catholique de Louvain S eminaire fondements et notions fondamentales 12 mars 2012 Replacing Scholars by Programs? From to ?

  1. Paris M´ etro Ligne 14: Proof T. Lecomte, T. Servat, G. Pouzancre. Formal Methods in Satefy Critical Railway Systems. SBMF 2007. • Safety-critical code written in B • Includes formal safety properties • Supports formal refinement (from design to implementation) • Large project • 115,000 lines of B • 1,000 proof obligations, 92% fully automatic compiled March 12, 2012— c � Charles Pecheur 2012 13 / 51

  2. Paris M´ etro Ligne 14: Proof T. Lecomte, T. Servat, G. Pouzancre. Formal Methods in Satefy Critical Railway Systems. SBMF 2007. • Safety-critical code written in B • Includes formal safety properties • Supports formal refinement (from design to implementation) • Large project • 115,000 lines of B • 1,000 proof obligations, 92% fully automatic • Seems to work! • No bug found after 9 years of operation compiled March 12, 2012— c � Charles Pecheur 2012 13 / 51

  3. Before AR

  4. The Early Days • Mesopotamia, since 2500 BC • Add, multiply, divide, area of rectangles, triangles, disks, . . . • With given numbers: computing compiled March 12, 2012— c � Charles Pecheur 2012 15 / 51

  5. The Early Days • Mesopotamia, since 2500 BC • Add, multiply, divide, area of rectangles, triangles, disks, . . . • With given numbers: computing • Pythagoras, 500 BC: For all rectangle triangles ( a, b, c ) : a 2 + b 2 = c 2 • • Infinitely many ( a, b, c ) : reasoning (images from Wikipedia) compiled March 12, 2012— c � Charles Pecheur 2012 15 / 51

  6. And Then Logics All men are mortal. • Aristote, 350 BC: Socrates is a man. Therefore, Socrates is mortal. • Syllogisms : First general reasoning rules compiled March 12, 2012— c � Charles Pecheur 2012 16 / 51

  7. And Then Logics All men are mortal. • Aristote, 350 BC: Socrates is a man. Therefore, Socrates is mortal. • Syllogisms : First general reasoning rules If Socrates is a man, then Socrates is mortal. • Sto¨ ıcians 300 BC: Socrates is a man. Therefore, Socrates is mortal. • Modus ponens : roots of propositional logic compiled March 12, 2012— c � Charles Pecheur 2012 16 / 51

  8. And Then Logics All men are mortal. • Aristote, 350 BC: Socrates is a man. Therefore, Socrates is mortal. • Syllogisms : First general reasoning rules If Socrates is a man, then Socrates is mortal. • Sto¨ ıcians 300 BC: Socrates is a man. Therefore, Socrates is mortal. • Modus ponens : roots of propositional logic • Seen as philosophy , not mathematics! • Euclid’s Elements did not (explicitly) use them! • Too crude: needs functions, predicates compiled March 12, 2012— c � Charles Pecheur 2012 16 / 51

  9. Reasoning as Computing? • Reducing reasoning to computing is an old idea • “Reason [. . . ] is nothing but reckoning [= calculating]” (T. Hobbes, 1651) compiled March 12, 2012— c � Charles Pecheur 2012 17 / 51

  10. Reasoning as Computing? • Reducing reasoning to computing is an old idea • “Reason [. . . ] is nothing but reckoning [= calculating]” (T. Hobbes, 1651) • Characteristica Universalis (Leibniz, 1646–1716) • An (unrealized) universal language to express mathematical, scientific, and philosophic concepts • Calculus ratiocinator (calculus of reasoning): an (unrealized) universal logical calculation compiled March 12, 2012— c � Charles Pecheur 2012 17 / 51

  11. Characteristica Universalis (image from Wikipedia) compiled March 12, 2012— c � Charles Pecheur 2012 18 / 51

  12. Formalizing Logics • Calculus of logic (Boole, 1815–1864) • Propositional (Boolean!) logic, set-theoretic reasoning • Formal rules without interpretation compiled March 12, 2012— c � Charles Pecheur 2012 19 / 51

  13. Formalizing Logics • Calculus of logic (Boole, 1815–1864) • Propositional (Boolean!) logic, set-theoretic reasoning • Formal rules without interpretation • Begriffsschrift (Frege, 1879) • “A formula language, modelled on that of arithmetic, of pure thought” First-order logic, Quantifiers , sets • • Russell’s paradox ( { x | x / ∈ x } ) compiled March 12, 2012— c � Charles Pecheur 2012 19 / 51

  14. Formalizing Logics • Calculus of logic (Boole, 1815–1864) • Propositional (Boolean!) logic, set-theoretic reasoning • Formal rules without interpretation • Begriffsschrift (Frege, 1879) • “A formula language, modelled on that of arithmetic, of pure thought” First-order logic, Quantifiers , sets • • Russell’s paradox ( { x | x / ∈ x } ) • Principia Mathematica (Whitehead and Russell, 1910) • Type theory • Formal foundations of mathematics compiled March 12, 2012— c � Charles Pecheur 2012 19 / 51

  15. Frege’s Begriffsschrift (image from Wikipedia) compiled March 12, 2012— c � Charles Pecheur 2012 20 / 51

  16. Reasoning as Computing. . . or Not? • Hilbert’s program (Hilbert, 1922) • (Science program, not computer!) • Goal: formalize all of mathematics • Goal: prove completeness, consistency, . . . • Reduce everything (integers, reals, functions, integration, geometry, . . . ) to logic with (few) axioms compiled March 12, 2012— c � Charles Pecheur 2012 21 / 51

  17. Reasoning as Computing. . . or Not? • Hilbert’s program (Hilbert, 1922) • (Science program, not computer!) • Goal: formalize all of mathematics • Goal: prove completeness, consistency, . . . • Reduce everything (integers, reals, functions, integration, geometry, . . . ) to logic with (few) axioms The incompleteness theorems (G¨ • odel, 1931) • Any “rich enough” formal system is incomplete • i.e. some valid statements cannot be proven • Essential limit to Hilbert’s goal compiled March 12, 2012— c � Charles Pecheur 2012 21 / 51

  18. Deciding is Computing • Formalization of computation = decidability • . . . before creation of computers! • Turing machines (Turing, 1936) • λ -calculus (Church, 1936) • Halting problem is not decidable • First-order logic is not decidable compiled March 12, 2012— c � Charles Pecheur 2012 22 / 51

  19. Deciding is Computing • Formalization of computation = decidability • . . . before creation of computers! • Turing machines (Turing, 1936) • λ -calculus (Church, 1936) • Halting problem is not decidable • First-order logic is not decidable Then came the computers (1940’s, WWII) • • . . . and the first attempts to compute proofs • Artificial intelligence (McCarthy, 1956) • Lisp (1956), Prolog (1972) compiled March 12, 2012— c � Charles Pecheur 2012 22 / 51

  20. The AR Problem

  21. Logics What’s logic ? • Facts : logic formulae φ (syntax) ∀ a, b, c, n ∈ N : n ≥ 3 ⇒ a n + b n � = c n • Reasoning : logic proofs φ 1 , . . . , φ n ⊢ φ Generally from an initial set of axioms Ax (aka theory) • • A theorem is a φ such that Ax ⊢ φ compiled March 12, 2012— c � Charles Pecheur 2012 24 / 51

  22. Logics What’s logic ? • Facts : logic formulae φ (syntax) ∀ a, b, c, n ∈ N : n ≥ 3 ⇒ a n + b n � = c n • Reasoning : logic proofs φ 1 , . . . , φ n ⊢ φ Generally from an initial set of axioms Ax (aka theory) • • A theorem is a φ such that Ax ⊢ φ • A proof system defines allowable proofs • Using rules, tableaux, truth tables, . . . • Synthetic (from Ax to φ ) or analytic (from φ to Ax ) • Many allowed choices : which rule, axiom, lemma, . . . • Needs strategies , may stray away compiled March 12, 2012— c � Charles Pecheur 2012 24 / 51

  23. Logics What’s logic ? • Facts : logic formulae φ (syntax) ∀ a, b, c, n ∈ N : n ≥ 3 ⇒ a n + b n � = c n • Reasoning : logic proofs φ 1 , . . . , φ n ⊢ φ Generally from an initial set of axioms Ax (aka theory) • • A theorem is a φ such that Ax ⊢ φ • A proof system defines allowable proofs • Using rules, tableaux, truth tables, . . . • Synthetic (from Ax to φ ) or analytic (from φ to Ax ) • Many allowed choices : which rule, axiom, lemma, . . . • Needs strategies , may stray away Proof = Rules + Strategy = Computing + Reasoning • compiled March 12, 2012— c � Charles Pecheur 2012 24 / 51

  24. Models What’s a useful logic? • Means something: interpretations M (aka models) • Propositions, predicates, functions, sets, numbers, programs, ... • Semantics : M | = φ if φ is true in/about/for M • Consequence : φ 1 , . . . , φ n | = φ Validity : Ax | • = φ Satisfiability : Ax � • | = ¬ φ • Reasons properly • Soundness : all proofs are valid Ax ⊢ φ ⇒ Ax | = φ • Completeness : all valid facts can be proven Ax | = φ ⇒ Ax ⊢ φ compiled March 12, 2012— c � Charles Pecheur 2012 25 / 51

  25. Computing What’s computing ? • An effective way to produce outputs from inputs • Many models: Turing machines, Lambda calculus, recursive functions, . . . • All equivalent (Turing-complete) • Nothing better (Church thesis) • Also Lisp, C, Java, Mathlab, ... compiled March 12, 2012— c � Charles Pecheur 2012 26 / 51

  26. Computing What’s computing ? • An effective way to produce outputs from inputs • Many models: Turing machines, Lambda calculus, recursive functions, . . . • All equivalent (Turing-complete) • Nothing better (Church thesis) • Also Lisp, C, Java, Mathlab, ... What’s deciding a problem? • Computing a yes-or-no answer to (any instance of) the problem • Some things are undecidable • Does a program terminate? • Is a (context-free) grammar unambiguous? • Does a Diophantine equation have solutions? • Is a logic formula valid ? (Entscheidungsproblem) compiled March 12, 2012— c � Charles Pecheur 2012 26 / 51

  27. Computing Proofs • Proofs systems can be used to enumerate proofs • E.g.: all proofs of length 0 (axioms), then length 1, etc. • Fair: will find a proof if there is one. . . • . . . but will go forever if there isn’t • Very dumb and inefficient, but we can be smarter We have at least a semi-decision procedure • (for theorems at least, for validity if complete ) compiled March 12, 2012— c � Charles Pecheur 2012 27 / 51

  28. Computing Proofs • Proofs systems can be used to enumerate proofs • E.g.: all proofs of length 0 (axioms), then length 1, etc. • Fair: will find a proof if there is one. . . • . . . but will go forever if there isn’t • Very dumb and inefficient, but we can be smarter We have at least a semi-decision procedure • (for theorems at least, for validity if complete ) • Common approaches • Reduce formulae to normal forms (easier for computing) • Part of the theory “built-in” the method (e.g. equality), the rest provided as ordinary formulae Ax • Proof by refutation : (un) satisfiability of Ax ∧ ¬ φ compiled March 12, 2012— c � Charles Pecheur 2012 27 / 51

  29. Some Decidability Results • Propositional logic is decidable • Finitely many cases (exponentially many: NP-complete) • SAT solvers compiled March 12, 2012— c � Charles Pecheur 2012 28 / 51

  30. Some Decidability Results • Propositional logic is decidable • Finitely many cases (exponentially many: NP-complete) • SAT solvers • First-order logic is only semi-decidable • Related to halting problem (Church, 1936; Turing, 1937) compiled March 12, 2012— c � Charles Pecheur 2012 28 / 51

  31. Some Decidability Results • Propositional logic is decidable • Finitely many cases (exponentially many: NP-complete) • SAT solvers • First-order logic is only semi-decidable • Related to halting problem (Church, 1936; Turing, 1937) Arithmetics (on integers) is not decidable • • No complete, consistent, effective proof system (G¨ odel, 1931) • Can’t even enumerate valid facts • Inductive reasoning can’t be effectively mechanized • Arithmetics on reals is decidable ! compiled March 12, 2012— c � Charles Pecheur 2012 28 / 51

  32. Some Decidability Results • Propositional logic is decidable • Finitely many cases (exponentially many: NP-complete) • SAT solvers • First-order logic is only semi-decidable • Related to halting problem (Church, 1936; Turing, 1937) Arithmetics (on integers) is not decidable • • No complete, consistent, effective proof system (G¨ odel, 1931) • Can’t even enumerate valid facts • Inductive reasoning can’t be effectively mechanized • Arithmetics on reals is decidable ! • Many quantifier-free fragments are decidable • Enough for many applications compiled March 12, 2012— c � Charles Pecheur 2012 28 / 51

  33. Decidability and Complexity of Some Theories Theory full CQFF propositional NP-comp. Θ( n ) Θ( n ) first-order no O ( n log n ) equality (uninterpreted fct.) no N , + , × (Peano) no no O (2 2 2 kn N , + (Pressburger) ) NP-comp. O (2 2 kn ) O (2 2 kn ) R , + , × O (2 2 kn ) R , + (or Q , + ) PTIME recursive data structures no O ( n log n ) acyclic recursive data struct. not elementary Θ( n ) arrays no NP-comp. (CQFF = conjunctive quantifier-free formulae) compiled March 12, 2012— c � Charles Pecheur 2012 29 / 51

  34. Using Computed Proofs • Finding mathematical proofs • Is this conjecture a theorem? • Compute the mundane parts, guide strategic choices compiled March 12, 2012— c � Charles Pecheur 2012 30 / 51

  35. Using Computed Proofs • Finding mathematical proofs • Is this conjecture a theorem? • Compute the mundane parts, guide strategic choices • Checking existing proofs • Detect human mistakes, document, re-organize, simplify • Experimental mathematics compiled March 12, 2012— c � Charles Pecheur 2012 30 / 51

  36. Using Computed Proofs • Finding mathematical proofs • Is this conjecture a theorem? • Compute the mundane parts, guide strategic choices • Checking existing proofs • Detect human mistakes, document, re-organize, simplify • Experimental mathematics • Verifying artifacts • Ax models the artifact, φ the specification compiled March 12, 2012— c � Charles Pecheur 2012 30 / 51

  37. Using Computed Proofs • Finding mathematical proofs • Is this conjecture a theorem? • Compute the mundane parts, guide strategic choices • Checking existing proofs • Detect human mistakes, document, re-organize, simplify • Experimental mathematics • Verifying artifacts • Ax models the artifact, φ the specification • Synthesizing artifacts • Constructive proof of ∃ x.φ ( x ) compiled March 12, 2012— c � Charles Pecheur 2012 30 / 51

  38. AR Milestones

  39. Before Computers • Deciding linear arithmetics (Presburger 1929) • Decision algorithm for first-order formulae over ( N , +) • By quantifier elimination Very inefficient! ( O (2 2 2 cn • ) ) compiled March 12, 2012— c � Charles Pecheur 2012 32 / 51

  40. Before Computers • Deciding linear arithmetics (Presburger 1929) • Decision algorithm for first-order formulae over ( N , +) • By quantifier elimination Very inefficient! ( O (2 2 2 cn • ) ) • Along the same lines: • Decision algorithm for ( N , × ) (Skolem 1930) • Decision algorithm for ( R , + , × ) (Tarski 1931) • NB: Euclidean geometry reducible to ( R , + , × ) • NB: ( N , + , × ) (Peano) is not decidable (G¨ odel 1931) compiled March 12, 2012— c � Charles Pecheur 2012 32 / 51

  41. Before Computers • Deciding linear arithmetics (Presburger 1929) • Decision algorithm for first-order formulae over ( N , +) • By quantifier elimination Very inefficient! ( O (2 2 2 cn • ) ) • Along the same lines: • Decision algorithm for ( N , × ) (Skolem 1930) • Decision algorithm for ( R , + , × ) (Tarski 1931) • NB: Euclidean geometry reducible to ( R , + , × ) • NB: ( N , + , × ) (Peano) is not decidable (G¨ odel 1931) • Reasoning reduced to computing ! compiled March 12, 2012— c � Charles Pecheur 2012 32 / 51

  42. Computer Proofs: First Steps • Logic Theory Machine (Newell, Shaw, Simon 1957) • Proofs from Principia Mathematica • Natural deduction in propositional logic, heuristic • (though propositional logic is decidable!) compiled March 12, 2012— c � Charles Pecheur 2012 33 / 51

  43. Computer Proofs: First Steps • Logic Theory Machine (Newell, Shaw, Simon 1957) • Proofs from Principia Mathematica • Natural deduction in propositional logic, heuristic • (though propositional logic is decidable!) • Geometry Machine (Gelertner 1963) • Proofs for elementary geometry • Similar approach • (decidable but impractical) compiled March 12, 2012— c � Charles Pecheur 2012 33 / 51

  44. Computer Proofs: First Steps • Logic Theory Machine (Newell, Shaw, Simon 1957) • Proofs from Principia Mathematica • Natural deduction in propositional logic, heuristic • (though propositional logic is decidable!) • Geometry Machine (Gelertner 1963) • Proofs for elementary geometry • Similar approach • (decidable but impractical) • Symbolic Integrator (Slagle 1963) • Symbolic resolution of integrals • First “expert system” compiled March 12, 2012— c � Charles Pecheur 2012 33 / 51

  45. Computer Proofs: First Steps • Logic Theory Machine (Newell, Shaw, Simon 1957) • Proofs from Principia Mathematica • Natural deduction in propositional logic, heuristic • (though propositional logic is decidable!) • Geometry Machine (Gelertner 1963) • Proofs for elementary geometry • Similar approach • (decidable but impractical) • Symbolic Integrator (Slagle 1963) • Symbolic resolution of integrals • First “expert system” • Human-like proofs! compiled March 12, 2012— c � Charles Pecheur 2012 33 / 51

  46. SAT Solving • Solving propositional logic satisfiability (SAT) • Computationally hard (NP-complete) • The heart of proof search compiled March 12, 2012— c � Charles Pecheur 2012 34 / 51

  47. SAT Solving • Solving propositional logic satisfiability (SAT) • Computationally hard (NP-complete) • The heart of proof search • Davis-Putnam-Logemann-Loveland ( DPLL ) algorithm (1962) compiled March 12, 2012— c � Charles Pecheur 2012 34 / 51

  48. SAT Solving • Solving propositional logic satisfiability (SAT) • Computationally hard (NP-complete) • The heart of proof search • Davis-Putnam-Logemann-Loveland ( DPLL ) algorithm (1962) • Basic principle: • Put problem in clausal form (CNF) ℓ 1 ∨ . . . ∨ ℓ n While possible, apply Boolean Constraint Propagation : • ℓ ¬ ℓ ∨ ℓ 1 ∨ . . . ∨ ℓ n ℓ 1 ∨ . . . ∨ ℓ n • Otherwise, choose a literal ℓ and try ℓ then ¬ ℓ ( case-split ) compiled March 12, 2012— c � Charles Pecheur 2012 34 / 51

  49. SAT Solving • Solving propositional logic satisfiability (SAT) • Computationally hard (NP-complete) • The heart of proof search • Davis-Putnam-Logemann-Loveland ( DPLL ) algorithm (1962) • Basic principle: • Put problem in clausal form (CNF) ℓ 1 ∨ . . . ∨ ℓ n While possible, apply Boolean Constraint Propagation : • ℓ ¬ ℓ ∨ ℓ 1 ∨ . . . ∨ ℓ n ℓ 1 ∨ . . . ∨ ℓ n • Otherwise, choose a literal ℓ and try ℓ then ¬ ℓ ( case-split ) • Computer-like proofs, not intuitive but efficient! compiled March 12, 2012— c � Charles Pecheur 2012 34 / 51

  50. SAT Solvers Today • DPLL-based SAT solvers widely used today • Lots of improvements, very efficient implementations • Berkmin, Chaff, zChaff, Minisat, . . . • Inside many applications • Often good performance in practice images from http://www.isi.edu/ szekely/antsebook/ebook/ compiled March 12, 2012— c � Charles Pecheur 2012 35 / 51

  51. The Resolution Method The Resolution method (Robinson 1965) • Key idea: unification mgu ( x + 0 , a 2 + y ) = { x �→ a 2 , y �→ 0) compiled March 12, 2012— c � Charles Pecheur 2012 36 / 51

  52. The Resolution Method The Resolution method (Robinson 1965) • Key idea: unification mgu ( x + 0 , a 2 + y ) = { x �→ a 2 , y �→ 0) • Binary resolution rule: ¬ ℓ ′ ∨ ℓ ′ ℓ 1 ∨ . . . ∨ ℓ n ∨ ℓ 1 ∨ . . . ∨ ℓ ′ m σ = mgu ( ℓ, ℓ ′ ) ℓ 1 σ ∨ . . . ∨ ℓ n σ ∨ ℓ ′ 1 σ ∨ . . . ∨ ℓ ′ m σ compiled March 12, 2012— c � Charles Pecheur 2012 36 / 51

  53. The Resolution Method The Resolution method (Robinson 1965) • Key idea: unification mgu ( x + 0 , a 2 + y ) = { x �→ a 2 , y �→ 0) • Binary resolution rule: ¬ ℓ ′ ∨ ℓ ′ ℓ 1 ∨ . . . ∨ ℓ n ∨ ℓ 1 ∨ . . . ∨ ℓ ′ m σ = mgu ( ℓ, ℓ ′ ) ℓ 1 σ ∨ . . . ∨ ℓ n σ ∨ ℓ ′ 1 σ ∨ . . . ∨ ℓ ′ m σ • This single rule (+ factoring) provides a complete proof method for first-order logic ! compiled March 12, 2012— c � Charles Pecheur 2012 36 / 51

  54. The Resolution Method The Resolution method (Robinson 1965) • Key idea: unification mgu ( x + 0 , a 2 + y ) = { x �→ a 2 , y �→ 0) • Binary resolution rule: ¬ ℓ ′ ∨ ℓ ′ ℓ 1 ∨ . . . ∨ ℓ n ∨ ℓ 1 ∨ . . . ∨ ℓ ′ m σ = mgu ( ℓ, ℓ ′ ) ℓ 1 σ ∨ . . . ∨ ℓ n σ ∨ ℓ ′ 1 σ ∨ . . . ∨ ℓ ′ m σ • This single rule (+ factoring) provides a complete proof method for first-order logic ! • Limitations of Resolution • Clauses, generic rule ⇒ inefficient, lacks guidance • Need more: equality, numbers, sets, induction, . . . compiled March 12, 2012— c � Charles Pecheur 2012 36 / 51

  55. Equational Reasoning Paramodulation (Robinson, Wos, 1969) another Robinson! • For proofs with equational theories e.g. 0 + x = x ( x + y ) + z = x + ( y + z ) − x + x = 0 • Combines resolution and replacing equals by equals compiled March 12, 2012— c � Charles Pecheur 2012 37 / 51

  56. Equational Reasoning Paramodulation (Robinson, Wos, 1969) another Robinson! • For proofs with equational theories e.g. 0 + x = x ( x + y ) + z = x + ( y + z ) − x + x = 0 • Combines resolution and replacing equals by equals • Paramodulation rule : ℓ 1 ∨ . . . ∨ ℓ n ∨ s = t ℓ ′ [ u ] ∨ ℓ ′ 1 ∨ . . . ∨ ℓ ′ m σ = mgu ( s, u ) ℓ 1 σ ∨ . . . ∨ ℓ n σ ∨ ℓ ′ σ [ tσ ] ∨ ℓ ′ 1 σ ∨ . . . ∨ ℓ ′ m σ compiled March 12, 2012— c � Charles Pecheur 2012 37 / 51

  57. Equational Reasoning Paramodulation (Robinson, Wos, 1969) another Robinson! • For proofs with equational theories e.g. 0 + x = x ( x + y ) + z = x + ( y + z ) − x + x = 0 • Combines resolution and replacing equals by equals • Paramodulation rule : ℓ 1 ∨ . . . ∨ ℓ n ∨ s = t ℓ ′ [ u ] ∨ ℓ ′ 1 ∨ . . . ∨ ℓ ′ m σ = mgu ( s, u ) ℓ 1 σ ∨ . . . ∨ ℓ n σ ∨ ℓ ′ σ [ tσ ] ∨ ℓ ′ 1 σ ∨ . . . ∨ ℓ ′ m σ • Used for proof of Robbins conjecture compiled March 12, 2012— c � Charles Pecheur 2012 37 / 51

  58. Rewrite Systems • Term Rewriting • Rules s → t used to reduce (= rewrite) s into t • Repeat until irreducible normal form s ↓ e.g. 0 + x → x ( x + y ) + z → x + ( y + z ) − x + x → 0 ⇒ ( a + 0) + b becomes a + (0 + b ) becomes a + b compiled March 12, 2012— c � Charles Pecheur 2012 38 / 51

  59. Rewrite Systems • Term Rewriting • Rules s → t used to reduce (= rewrite) s into t • Repeat until irreducible normal form s ↓ e.g. 0 + x → x ( x + y ) + z → x + ( y + z ) − x + x → 0 ⇒ ( a + 0) + b becomes a + (0 + b ) becomes a + b • Used for reasoning in equational theories • Turn equations into rewrite rules • If the rules are convergent , then s = t iff s ↓ and t ↓ are identical • Knuth-Bendix procedure (1970) for checking convergence • Also at the core of functional programming compiled March 12, 2012— c � Charles Pecheur 2012 38 / 51

  60. Logic Programming Prolog (Colmerauer 1972) ancestor(X,X). ancestor(X,Z) :- parent(X,Y), ancestor(Y,Z). parent(albertII,philippe). parent(philippe,elisabeth). ?- ancestor(albertII,X), ancestor(X,elisabeth). X = albertII compiled March 12, 2012— c � Charles Pecheur 2012 39 / 51

  61. Logic Programming Prolog (Colmerauer 1972) ancestor(X,X). ancestor(X,Z) :- parent(X,Y), ancestor(Y,Z). parent(albertII,philippe). parent(philippe,elisabeth). ?- ancestor(albertII,X), ancestor(X,elisabeth). X = albertII • Logic clauses as program statements , logic reasoning as program execution ! compiled March 12, 2012— c � Charles Pecheur 2012 39 / 51

  62. Logic Programming Prolog (Colmerauer 1972) ancestor(X,X). ancestor(X,Z) :- parent(X,Y), ancestor(Y,Z). parent(albertII,philippe). parent(philippe,elisabeth). ?- ancestor(albertII,X), ancestor(X,elisabeth). X = albertII • Logic clauses as program statements , logic reasoning as program execution ! • Based on SLD-resolution (Kowalski 1973) • Resolution specialized on definite clauses • Prolog adds many programming language features! compiled March 12, 2012— c � Charles Pecheur 2012 39 / 51

  63. Richer Logics • Higher-Order Logics • Functions, sets, relations • Type systems • Numbers, lists, trees, . . . • and functions/sets/relations thereof • Inductive reasoning Forces interactive approaches = proof assistants • • Most problems are undecidable, huge search spaces • Proof tactics and tacticals, proof planning • Proof editors and browsers compiled March 12, 2012— c � Charles Pecheur 2012 40 / 51

  64. Some Proof Assistants LCF (Milner, 1972) • • Based on functional programming language ML • Several descendants: HOL (Gordon, 88), Isabelle (Paulson, 1989) compiled March 12, 2012— c � Charles Pecheur 2012 41 / 51

  65. Some Proof Assistants LCF (Milner, 1972) • • Based on functional programming language ML • Several descendants: HOL (Gordon, 88), Isabelle (Paulson, 1989) • Coq (Coquand, Huet, 1984) • Based on constructive logic • Used to check the 4-colour theorem (Gonthier, Werner, 2004) compiled March 12, 2012— c � Charles Pecheur 2012 41 / 51

  66. Some Proof Assistants LCF (Milner, 1972) • • Based on functional programming language ML • Several descendants: HOL (Gordon, 88), Isabelle (Paulson, 1989) • Coq (Coquand, Huet, 1984) • Based on constructive logic • Used to check the 4-colour theorem (Gonthier, Werner, 2004) PVS (Owre, Rushby, Shankar, 1992) • • Based on sequent calculus compiled March 12, 2012— c � Charles Pecheur 2012 41 / 51

  67. Example: PVS Proof compiled March 12, 2012— c � Charles Pecheur 2012 42 / 51

  68. Decision Procedures • Automated decision procedures (DPs) for specific theories • Quantifier-free fragments • (QF) Linear integers/reals ⇒ simplex algorithm (QF) Polynomials ⇒ Gr¨ • obner bases • (QF) Equality on uninterpreted functions ⇒ congruence closure • (QF) arrays, data structures ⇒ reduce to previous case compiled March 12, 2012— c � Charles Pecheur 2012 43 / 51

  69. Decision Procedures • Automated decision procedures (DPs) for specific theories • Quantifier-free fragments • (QF) Linear integers/reals ⇒ simplex algorithm (QF) Polynomials ⇒ Gr¨ • obner bases • (QF) Equality on uninterpreted functions ⇒ congruence closure • (QF) arrays, data structures ⇒ reduce to previous case Nelson-Oppem method (1979) • • Solve (QF) problems over multiple theories by combining DPs • Split the problem and coordinate solutions • Intuition: proof = logic (SAT) + theories (DP) compiled March 12, 2012— c � Charles Pecheur 2012 43 / 51

  70. Decision Procedures • Automated decision procedures (DPs) for specific theories • Quantifier-free fragments • (QF) Linear integers/reals ⇒ simplex algorithm (QF) Polynomials ⇒ Gr¨ • obner bases • (QF) Equality on uninterpreted functions ⇒ congruence closure • (QF) arrays, data structures ⇒ reduce to previous case Nelson-Oppem method (1979) • • Solve (QF) problems over multiple theories by combining DPs • Split the problem and coordinate solutions • Intuition: proof = logic (SAT) + theories (DP) • Inside many tools: embedded automated reasoning compiled March 12, 2012— c � Charles Pecheur 2012 43 / 51

  71. Proving Programs • Principle: reduce programs to logic • Base case: { x × x > 0 } y := x × x { y > 0 } • Program properties reduce to (first-order) verification conditions • Prove with standard proof tools (solvers) • Needs guidance: loop invariants, pre/post conditions, . . . compiled March 12, 2012— c � Charles Pecheur 2012 44 / 51

  72. Proving Programs • Principle: reduce programs to logic • Base case: { x × x > 0 } y := x × x { y > 0 } • Program properties reduce to (first-order) verification conditions • Prove with standard proof tools (solvers) • Needs guidance: loop invariants, pre/post conditions, . . . Floyd’s inductive assertions (1967) • • Decompose a program in sequential basic paths • Specify assertions at connection points • Prove that each path preserves the assertions compiled March 12, 2012— c � Charles Pecheur 2012 44 / 51

  73. Proving Programs • Principle: reduce programs to logic • Base case: { x × x > 0 } y := x × x { y > 0 } • Program properties reduce to (first-order) verification conditions • Prove with standard proof tools (solvers) • Needs guidance: loop invariants, pre/post conditions, . . . Floyd’s inductive assertions (1967) • • Decompose a program in sequential basic paths • Specify assertions at connection points • Prove that each path preserves the assertions • Hard problem: loops, recursion, pointers, objects, concurrency, ... • Lots of conditions to check (thousands) but “easy” proofs • Example: B method applied to Paris metro line compiled March 12, 2012— c � Charles Pecheur 2012 44 / 51

  74. Example: Inductive Assertions !"#$%&'$%&()*%+,$- Begin ;; i := 1 i ≥ 1 ∀ 1 ≤ j ≤ i;1 : a[j] ≠ e i ≤ size(a) ? ! " a[i] = e ? " ! i := i + 1 result := true result := false result ≡ ∃ 1 ≤ j ≤ size(a) : a[j] = e End compiled March 12, 2012— c � Charles Pecheur 2012 45 / 51

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Techniques de preuve formelle en science : le dfi. Victor Magron 1 Bonjour, je suis Victor

Techniques de preuve formelle en science : le dfi. Victor Magron 1 Bonjour, je suis Victor

Techniques de preuve formelle en science : le dfi. Victor Magron 1 Bonjour, je suis Victor Magron. Jai fini ma thse de doctorat il y a un an et depuis, je suis chercheur Postdoc en mathmatiques et en informatique. Un de mes thmes de

275 views • 3 slides
5 Intgration continue 625-1.1 Industrialisation du logiciel Bachelor en informatique de

5 Intgration continue 625-1.1 Industrialisation du logiciel Bachelor en informatique de

5 Intgration continue 625-1.1 Industrialisation du logiciel Bachelor en informatique de gestion 3IGPT/4IGTP ulysse.rosselet@he-arc.ch Analyse Conception Production Dploiement Build tools, rcapitulation Jusquici

748 views • 21 slides
Master Informatique - Universit Paris-Sud 06/10/16 Outline What is a theory? a model?

Master Informatique - Universit Paris-Sud 06/10/16 Outline What is a theory? a model?

Master Informatique - Universit Paris-Sud 06/10/16 Outline What is a theory? a model? Theories and Models Perception, action for Human-Computer Interaction Cognition, behavior Michel Beaudouin-Lafon - mbl@lri.fr Laboratoire de Recherche

238 views • 10 slides
BEYOND MEAN-FIELD APPROXIMATION AURLIEN DECELLE LABORATOIRE DE RECHERCHE EN INFORMATIQUE

BEYOND MEAN-FIELD APPROXIMATION AURLIEN DECELLE LABORATOIRE DE RECHERCHE EN INFORMATIQUE

BEYOND MEAN-FIELD APPROXIMATION AURLIEN DECELLE LABORATOIRE DE RECHERCHE EN INFORMATIQUE UNIVERSIT PARIS SUD MOTIVATIONS Why inverse problems ? In Machine Learning online recognition tasks In Physics understanding a

754 views • 40 slides
About contingency and ignorance Philippe Balbiani Institut de recherche en informatique de

About contingency and ignorance Philippe Balbiani Institut de recherche en informatique de

About contingency and ignorance Philippe Balbiani Institut de recherche en informatique de Toulouse CNRS Toulouse University, France with a little help from Hans van Ditmarsch and Jie Fan Introduction Modal logic Study of principles of

828 views • 58 slides
Ins GAM Dr. Camille SALINESI Centre de Recherche en Informatique Universit Paris1

Ins GAM Dr. Camille SALINESI Centre de Recherche en Informatique Universit Paris1

Ins GAM Dr. Camille SALINESI Centre de Recherche en Informatique Universit Paris1 Panthon Sorbonne 1 A Requirement-driven Approach for Designing Data Warehouses RE/WS RE/WS Strategies RE/DW Strategies cu_DW systems 2

418 views • 17 slides
RIStAL Centre de Recherche en Informatique, Signal et Automatique de Lille 1 Outline

RIStAL Centre de Recherche en Informatique, Signal et Automatique de Lille 1 Outline

Temporal Interfaces for Adaptive Real-Time Components Giuseppe Lipari, University of Lille CRTS Workshop @ RTSS, 5 december 2017 RIStAL Centre de Recherche en Informatique, Signal et Automatique de Lille 1 Outline Introduction 1 2

559 views • 44 slides
Cyberguerre informatique une r ealit e Pascal Lafourcade Octobre 2017 1 / 19 Computers

Cyberguerre informatique une r ealit e Pascal Lafourcade Octobre 2017 1 / 19 Computers

Cyberguerre informatique une r ealit e Pascal Lafourcade Octobre 2017 1 / 19 Computers are everywhere! 2 / 19 5 Famillies of Cyber Criminality Phishing Espionnage Ransomwares Sabotage Destabilisation 3 / 19

465 views • 29 slides
FEU STOP Dpartement Gnie lectrique et Informatique Industrielle 2007/2008 Ancienne

FEU STOP Dpartement Gnie lectrique et Informatique Industrielle 2007/2008 Ancienne

Guillaume Lematre et Nicolas Chapelle prsentent FEU STOP Dpartement Gnie lectrique et Informatique Industrielle 2007/2008 Ancienne interface Fonctionnement ancien systme Surface < Niveau 1 Capture dune image

320 views • 16 slides
TRECVID-2010 Semantic Indexing task: Overview Georges Qunot Laboratoire d'Informatique de

TRECVID-2010 Semantic Indexing task: Overview Georges Qunot Laboratoire d'Informatique de

TRECVID-2010 Semantic Indexing task: Overview Georges Qunot Laboratoire d'Informatique de Grenoble George Awad NIST also with Franck Thollard, Andy Tseng, Bahjat Safadi (LIG) and Stphane Ayache (LIF) and support from the Quaero Programme

632 views • 37 slides
TRECVID-2011 Semantic Indexing task: Overview Georges Qunot Laboratoire d'Informatique de

TRECVID-2011 Semantic Indexing task: Overview Georges Qunot Laboratoire d'Informatique de

TRECVID-2011 Semantic Indexing task: Overview Georges Qunot Laboratoire d'Informatique de Grenoble George Awad NIST also with Franck Thollard, Bahjat Safadi (LIG) and Stphane Ayache (LIF) and support from the Quaero Programme Outline

484 views • 33 slides
Higher-order parity automata Paul-Andr Mellis Institut de Recherche en Informatique

Higher-order parity automata Paul-Andr Mellis Institut de Recherche en Informatique

Higher-order parity automata Paul-Andr Mellis Institut de Recherche en Informatique Fondamentale (IRIF) CNRS Universit de Paris Cyclic Syntax and Semantics University of Gothenburg 20 22 November 2019 Linear logic Seen through

1.3k views • 105 slides
TRECVID 2019 Ad-hoc Video Search Task : Overview Georges Qunot Laboratoire d'Informatique de

TRECVID 2019 Ad-hoc Video Search Task : Overview Georges Qunot Laboratoire d'Informatique de

TRECVID 2019 Ad-hoc Video Search Task : Overview Georges Qunot Laboratoire d'Informatique de Grenoble George Awad Georgetown University; National Institute of Standards and Technology Disclaimer The identification of any commercial product

697 views • 38 slides
TRECVID 2017 AD-HOC VIDEO SEARCH TASK : OVERVIEW Georges Qunot Laboratoire d'Informatique de

TRECVID 2017 AD-HOC VIDEO SEARCH TASK : OVERVIEW Georges Qunot Laboratoire d'Informatique de

TRECVID 2017 AD-HOC VIDEO SEARCH TASK : OVERVIEW Georges Qunot Laboratoire d'Informatique de Grenoble George Awad Dakota Consulting, Inc National Institute of Standards and Technology Disclaimer The identification of any commercial product

448 views • 27 slides
RIStAL Centre de Recherche en Informatique, Signal et Automatique de Lille 1 Parametric WCET

RIStAL Centre de Recherche en Informatique, Signal et Automatique de Lille 1 Parametric WCET

JNP : Symbolic WCET Computation Clment Ballabriga, Julien Forget, Giuseppe Lipari Real-Time System Symposium, Paris, December 2017 RIStAL Centre de Recherche en Informatique, Signal et Automatique de Lille 1 Parametric WCET Parametric

231 views • 4 slides
Kerberos Nicolas Gren` eche Centre de Ressources Informatique (CRI) - Universit e dOrl

Kerberos Nicolas Gren` eche Centre de Ressources Informatique (CRI) - Universit e dOrl

Kerberos Nicolas Gren` eche Centre de Ressources Informatique (CRI) - Universit e dOrl eans Projet SDS - LIFO et ENSI de Bourges nicolas.greneche@univ-orleans.fr 11/07/2011 Sommaire Pourquoi Kerberos ? 1 Les acteurs 2 Le

497 views • 22 slides
Description logics, ontologies, and automated reasoning: an introduction Day 1, Part 1

Description logics, ontologies, and automated reasoning: an introduction Day 1, Part 1

Basics DLs and other logics Ontologies OWL Description logics, ontologies, and automated reasoning: an introduction Day 1, Part 1 Uli Sattler 1 1 School of Computer Science, University of Manchester, UK Logic Colloqium 2018, Udine,

329 views • 28 slides
Listen to me! Public announcements to agents that pay attention or not Hans van Ditmarsch 1 ,

Listen to me! Public announcements to agents that pay attention or not Hans van Ditmarsch 1 ,

Our logic ABAL Embedding in Dynamic Epistemic Logic Automated reasoning Joint attention and attention change Conclusion Listen to me! Public announcements to agents that pay attention or not Hans van Ditmarsch 1 , Andreas Herzig 2 ,

679 views • 53 slides
First Order Logic: Resolution-based Automated Theorem Proving Valentin Goranko DTU Informatics

First Order Logic: Resolution-based Automated Theorem Proving Valentin Goranko DTU Informatics

First Order Logic: Resolution-based Automated Theorem Proving Valentin Goranko DTU Informatics September 2010 V Goranko Resolution for first-order logic with equality Additional rules for equational reasoning are needed. Paramodulation:

107 views • 8 slides
Logics for Data and Knowledge Representation Application of DLs: RelBAC Outline New

Logics for Data and Knowledge Representation Application of DLs: RelBAC Outline New

Logics for Data and Knowledge Representation Application of DLs: RelBAC Outline New Challenges for Access Control Model and Logic Automated Reasoning Reasoning tasks SoD 2 NEW CHALLENGES FOR ACCESS CONTROL :: MODEL AND

540 views • 19 slides
Lecture 1: CS440 / ECE 448 Introduction Introduction to Artificial Intelligence

Lecture 1: CS440 / ECE 448 Introduction Introduction to Artificial Intelligence

Welcome to Lecture 1: CS440 / ECE 448 Introduction Introduction to Artificial Intelligence CS440/ECE448 Introduction to Artificial Intelligence Prof. Julia Hockenmaier Prof. Julia Hockenmaier

286 views • 9 slides
Individuals and Relations It is useful to view the world as consisting of individuals (objects,

Individuals and Relations It is useful to view the world as consisting of individuals (objects,

Individuals and Relations It is useful to view the world as consisting of individuals (objects, things) and relations among individuals. Often features are made from relations among individuals and functions of individuals. Reasoning in terms

432 views • 19 slides
Sound Reasoning about Integral Data Types with a Reusable SMT Solver Interface R egis Blanc

Sound Reasoning about Integral Data Types with a Reusable SMT Solver Interface R egis Blanc

Sound Reasoning about Integral Data Types with a Reusable SMT Solver Interface R egis Blanc Viktor Kuncak Laboratory for Automated Reasoning and Analysis Ecole Polytechnique F ed erale de Lausanne June 13, 2015 The Leon

277 views • 17 slides
SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University

SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University

SMT Techniques and Solvers in Automated Termination Analysis Carsten Fuhs Birkbeck, University of London 2 nd July 2016 14 th Workshop on SAT Modulo Theories (SMT) Coimbra, Portugal Why analyze termination? 2/25 Why analyze termination? 1

1.83k views • 113 slides

More recommend