Logic for Computer Science 06 Proof strategies Wouter Swierstra - - PowerPoint PPT Presentation

Logic for Computer Science

06 – Proof strategies

Wouter Swierstra

University of Utrecht 1

Last time

Proof strategies

2

This lecture

Wrap-up Review

3

Proofs

There is no single defjnition of ‘what is a proof’ – it depends on context.

• Who are you trying to convince? Fellow experts? A machine?
• How much detail can you omit?
• Are you working in a very formal setting?

And many other factors contribute to what might be considered a valid proof.

4

Proof strategies

One way to teach formal thinking in an intuitive way is by giving proof strategies. These proof strategies correspond to ‘templates’ that can be used to break a large proof into smaller pieces. They may not cover every step in every proof (oftentimes there is some creativity, specifjc defjnitions or properties involved) – but they give you somewhere to start. For each logical operator there are two proof strategies:

• one stating how to use an assumption of a certain form (elimination strategy);
• one stating how to prove a goal of a certain form (introduction strategy).

5

Proof strategies for quantifjers

6

Proof strategies – universal quantifjcation introduction

Let a be arbitrary. Proof of P(a) Therefore, ∀x P(x) holds.

7

Proof strategies – universal quantifjcation elimination

Proof of ∀x P(x) Therefore, P(a) holds. Both strategies seem reasonable. The book argues that they generalise the strategies for conjunction. We have already used them implicitly in previous proofs… Subsets Theorem Let A, B, and C be sets. Then A ⊆ C ∧ B ⊆ C ⇒ A ∪ B ⊆ C

8

Exercise

Question Prove that for all sets A and B, if A ∩ B = A then A ⊆ B. Where did you need to apply the strategies for the universal quantifjer?

9

Proof strategies – universal quantifjcation introduction

Let a be arbitrary. Proof of P(a) Therefore, ∀x P(x) holds.

10

Proof strategies – universal quantifjcation elimination

Proof of ∀x P(x) Therefore, P(a) holds. Both strategies seem reasonable. The book argues that they generalise the strategies for conjunction. We have already used them implicitly in previous proofs… Subsets Theorem Let A, B, and C be sets. Then A ⊆ C ∧ B ⊆ C ⇒ A ∪ B ⊆ C

11

Proof strategies – existential quantifjcation introduction

We choose a to be some value. Proof of P(a) Therefore, ∃x P(x) holds.

12

Example: existential quantifjcation introduction

Lemma The function f(x) = x2 − 2x + 1 intersects the x-axis. Proof We need to show that a f a If we choose a 1, we have f 1 1 2 1 0 as required.

13

Example: existential quantifjcation introduction

Lemma The function f(x) = x2 − 2x + 1 intersects the x-axis. Proof We need to show that ∃a f(a) = 0 If we choose a = 1, we have f(1) = 1 − 2 + 1 = 0 as required.

13

Proof strategies – universal quantifjcation elimination

Proof of ∃x P(x) Let a be some arbitrary value and assume P(a) holds. Proof of R Hence R holds. Like we saw for the universal quantifjer, these strategies generalise the strategy for disjunction.

14

A wrong proof

Proof of ∃x P(x) Let a be some arbitrary value and assume P(a) holds. Proof of R Hence R holds. Question Use the proof strategies to try to give a proof that (∃x P(x)) ⇒ (∀x P(x)) What is wrong with the proof?

15

Derived proof strategies

16

Derived proof strategies: contraposition

We have already seen a few examples of derived proof strategies, that capture some recurring pattern of usage of the more primitive strategies. For example, there is the special case of the disjunction elimination rule where the disjunction being eliminated was of the form P ∨ ¬P. Another example is a so-called proof by contraposition that relies on (P ⇒ Q) ⇔ (¬Q ⇒ ¬P). Instead of assuming P and deriving Q, we can also assume ¬Q and derive ¬P to conclude that P ⇒ Q.

17

Contraposition

Assume ¬Q. . . . Proof of ¬P . . . Hence P ⇒ Q holds. A similar proof strategy exists for implication elimination that is sometimes called modus tollens.

18

Modus tollens

. . . Proof of P ⇒ Q. . . . . . . Proof of ¬Q. . . . Therefore, we can conclude ¬P □.

19

A wrong proof

Theorem: All numbers are equal to 0. Proof: Let n be a natural number. If n = 0, then are goal holds. If n ̸= 0 – this contradicts our assumption that n = 0. Hence, n = 0. Question What is wrong with this proof?

20

Other proof steps

These proof strategies give you the basic steps to help you break down a problem into smaller parts. But there are many other steps in a proof that are not covered by these strategies:

• Unfolding defjnitions, for example replacing A ⊆ B with ∀x

x ∈ A ⇒ x ∈ B

• Folding back defjnitions, for example replacing ∀x

x ∈ A ⇒ x ∈ B with A ⊆ B.

• Arithmetic calculations.
• Algebraic properties, such as a + b = b + a.
• Choosing the right witness when trying to prove a property starting with an existential

quantifjer.

• Choosing the right property R when eliminating a disjunction;
• Any creative steps that require insight somehow.
• …

21

Proof strategies: semi-formal

These proof strategies are means to teach proofs. They give you enough of a formal framework to understand how to write proofs, identify which steps are allowed and which are not. But they do not nail down exactly what constitutes a proof and what doesn’t. And they are not formal enough that they can be automatically checked by a computer, for instance. But that’s a story for another lecture…

22

Proof strategies: semi-formal

These proof strategies are means to teach proofs. They give you enough of a formal framework to understand how to write proofs, identify which steps are allowed and which are not. But they do not nail down exactly what constitutes a proof and what doesn’t. And they are not formal enough that they can be automatically checked by a computer, for instance. But that’s a story for another lecture…

22

What is a proof?

• We can prove a given propositional logic formula is always true using a truth table;
• We can establish an equality between two terms in a Boolean algebra using an equational

proof, showing how the two terms are equal using the laws and theorems of Boolean algebras.

• We can prove more general statements using proof strategies.
• … but there are many more logics or domains where we study proofs!

23

Are proofs unique?

Exercise: Prove that n2 − n is even for all natural numbers. (This example is taken from Joel David Hamkins’s book on Proof and the art of mathematics) Lets look at several difgerent proofs…

24

Are proofs unique?

Exercise: Prove that n2 − n is even for all natural numbers. (This example is taken from Joel David Hamkins’s book on Proof and the art of mathematics) Lets look at several difgerent proofs…

24

The proof by cases

• If n is even, then n2 is even (why?). But then n2 − n is the difgerence of two even numbers,

which is always even (why?).

• If n is odd, then n2 is odd (why?). But then n2 − n is the difgerence of two odd numbers,

which is always even (why?). Regardless of whether n is even or odd, n2 − n is always even.

25

The proof by high-school algebra

We can write n2 − n as n × (n − 1), that is, n2 − n is always the product of two consecutive numbers, one of which must be even. But any product of an even number is also even (why?). Hence n2 − n must be even.

26

The proof by diagram

27

A machine checked proof

28

And more

And then there are several other possible proofs:

• using induction;
• combinatorial proofs;
• using the fact that the sum of the fjrst n − 1 natural numbers is equal to n(n − 1)/2;
• and many others…

Each of these proofs highlights some particular aspect or property. Each proof provides a difgerent insight!

29

Review

30

Review

• Introduction
• Propositions
• Sets
• Boolean algebra
• Predicate logic
• Proof strategies

31

Exam practical matters

Come on time I will provide you with scrap paper. Be sure to bring a photo ID, Solis login credentials, and pen or pencil. The exam lasts for 2 hours, which should be plenty of time.

32

Extra time

Students entitled to extra time should come to the exam 15 minutes in advance. They can start the exam earlier and continue working for an additional 10 minutes, if necessary.

33

Introduction

• What is logic?
• Why study logic?
• What is an invariant?

34

Propositions – material

• Propositional logic formulas
• Truth tables
• Proofs and properties (commutativity, associativity, de Morgan’s laws, etc.)

35

Propositions – questions

Possible questions may include:

• Complete this truth table…
• Draw a syntax tree/understand the precedence of operators….
• Prove these two formulas are equivalent….
• Give the defjnition of commutativity…

But a solid understanding of propositional logic is necessary to understand the more complicated proofs in later chapters.

36

Sets – material

• Notions such as sets, elements, singletons, empty set, cardinality, powersets, …
• Various operations for combining sets, such as unions, complement, intersections, cartesian

products, …

• Venn diagrams
• The subset relation, A ⊆ B when ∀x (x ∈ A ⇒ x ∈ B)
• Equality between sets, A = B if and only if ∀x (x ∈ A ⇔ x ∈ B)

37

Sets – questions

• Prove that the sets X and Y are equal.
• Complete this Venn diagram.
• Given a proof, identify why certain proof steps are valid;
• Model some structure as a set – similar to the model of the computer screen that we saw in

the lectures.

38

Boolean algebra and circuits – material

• Boolean algebras & their properties
• Duality
• Circuit diagrams & their relation with boolean algebras
• Binary numbers and adders

39

Boolean algebras – questions

• Prove an equality in any boolean algebra;
• Understand or optimize a given circuit;
• Apply duality;
• Add or convert binary numbers.

40

Duality

Given any expression in a boolean algebra we can convert it to its dual by:

• replacing all the occurrences of + with ·;
• replacing all the occurrences of · with +;
• replacing all the zero’s with ones;
• and replacing all the ones with zeros.

Theorem The dual of any theorem is also a theorem. Let’s consider Theorem 3.4 from the book and try to understand how the dual proof works.

41

Predicate logic – material

• Predicates, universal and existential quantifjer.

But also…

• Scope, free variables and bound variables
• Modelling natural language statements using predicate logic
• Laws for manipulating formulas in predicate logic

42

Predicate logic – material

• Predicates, universal and existential quantifjer.

But also…

• Scope, free variables and bound variables
• Modelling natural language statements using predicate logic
• Laws for manipulating formulas in predicate logic

42

Predicate logic – questions

• Understand a predicate logic formula;
• Formalize some notion from some domain – such as a family tree – using predicate logic;
• Reproduce and apply the rules for manipulating formulas using predicate logic, such as:

¬∀x P(x) ⇔ ∃x ¬P(x) ∀x (P(x) ∧ Q(x)) ⇔ (∀x P(x)) ∧ (∀x Q(x))

…

43

Modelling with predicate logic

Given some description in natural language, such as the specifjcation of a Sudoku puzzle, how to I turn this into a formula in predicate logic? There is unfortunately no ‘recipe’ of steps that I can give you that always works.

• Study examples, such as those covered in class or in the book;
• Do you want to make a statement about all things? Then typically start with a universal

quantifjer;

• Do you want to make a statement about some thing? Then typically start with a existential

quantifjer;

• If the statement makes some conditions,

n 3 the property P n holds – this is typically translated to logical implication.

• Try to break the statement into smaller pieces;
• Re-use other predicates/formulas you may have already defjned (such as using the Sister(x,y)

predicate to defjne Aunt(x,y)).

44

Modelling with predicate logic

Given some description in natural language, such as the specifjcation of a Sudoku puzzle, how to I turn this into a formula in predicate logic? There is unfortunately no ‘recipe’ of steps that I can give you that always works.

• Study examples, such as those covered in class or in the book;
• Do you want to make a statement about all things? Then typically start with a universal

quantifjer;

• Do you want to make a statement about some thing? Then typically start with a existential

quantifjer;

• If the statement makes some conditions, ∀n > 3 the property P(n) holds – this is typically

translated to logical implication.

• Try to break the statement into smaller pieces;
• Re-use other predicates/formulas you may have already defjned (such as using the Sister(x,y)

predicate to defjne Aunt(x,y)).

44

Proof strategies

• Introduction and elimination strategies for logical operators
• Introduction and elimination strategies for quantifjers
• ‘Derived’ proof strategies, such as contraposition, that can be justifjed using these strategies.

45

Proof strategies – questions

• What is the introduction/elimination strategy for X?
• Identify the proof strategies used in this proof;
• Which step in the following proof is wrong?
• Writing proofs using strategies

46

How to write proofs

Once again, it is undecidable in general how to prove a given formula in predicate logic – there’s no recipe I can give you. For most of the exercises, however, the following approach can help:

• Start by stating precisely what assumptions you are making and what you aim to prove.
• Try to apply the introduction strategies on the goal you are trying to prove.
• If you’re lucky, this is all you need to do.
• If you get stuck, look at your assumptions. What elimination strategy can you apply to your

assumptions? Does this teach you anything new?

• There’s no shame in being stuck – some proofs require creativity!
• An unfjnished proof can still be worth partial credit!

47

Disjunction elimination

One of the hardest strategies to understand is that of disjunction elimination. Question Prove that if A ⊂ B and x ∈ A ∪ B then x ∈ B.

48

Existence proofs

• Existential introduction is fairly straightforward: to proven ∃x P(x) you get to invent some

element a, but need to show that P(a). Example ∃x x − 7 = 0 (and variations on this theme using quadratic equations in the book).

• Existential elimination is harder: if you know ∃x P(x) how can you use this?

You’re allowed to assume that there is some arbitary a for which P(a) holds… … but you don’t know anything about a except that P(a) holds.

49

Material for the exam

• Modelling Computing Systems Chapter 0 – 5
• Excluding the new material from this lecture, such as the derived proof strategies

(e.g. contraposition and modus tollens) and proof strategies for the existential quantifjer.

50