Presentation is loading. Please wait.

Presentation is loading. Please wait.

Isabelle / HOL Theorem Proving System Course: CAS760 Logic for Practical Use Instructor: Dr. William M. Farmer Department of Computing and Software McMaster.

Similar presentations


Presentation on theme: "Isabelle / HOL Theorem Proving System Course: CAS760 Logic for Practical Use Instructor: Dr. William M. Farmer Department of Computing and Software McMaster."— Presentation transcript:

1 Isabelle / HOL Theorem Proving System Course: CAS760 Logic for Practical Use Instructor: Dr. William M. Farmer Department of Computing and Software McMaster University, ON, Hamilton, Canada Quang M. Tran

2 Isabelle / HOL Outline History overview Isabelle / HOL first taste: screenshot + Prove: rev (rev list) = list Isabelle / HOL: big picture + terminologies Natural deduction: Prove P v Q => Q v P Isabelle classical reasoner References + Conclusion Conclusion

3 Isabelle / HOL British computer scientist. 1972: Milner developed proof checker for Scotts Logic for Computable Functions (LCF) at Stanford (known as Stanford LCF ). 1973: Milner moved to Edinburgh and started the successor project LCF Edinburgh. ML language is born in this time. 1981: Mike Gordon joined Cambridge and HOL was born. 1990s: Larry Paulson developed Isabelle. History: All started with Robin Milner Milner Paulson

4 Isabelle / HOL first taste : Fun with (Toy)List (*ToyList.thy*) theory ToyList imports Datatype begin (*Datatype of list*) datatype 'a list = Nil ("[]") | Cons 'a "'a list" (infixr ":" 65) … (contd. next slide) Isabelle / HOL CAS760: list as inductive data type, remember? Syntax annotationOfficial syntax []Nil 10 : []Cons 10 Nil 15 : 10 : []Cons 15 (Cons 10 Nil)

5 Isabelle / HOL first taste (contd.) (*Functions on lists*) primrec concat :: "'a list => 'a list => 'a list" (infixr ++" 65) where "[] ++ ys = ys" | "(x : xs) ++ ys = x : (xs ++ ys) primrec rev :: "'a list => 'a list" where "rev [] = [] " | "rev (x : xs) = (rev xs) ++ (x : [])" Isabelle / HOL ++ is defined by primitive recursion. Syntax annotationOfficial syntax (10 : []) ++ []concat (Cons 10 Nil) Nil (10 : []) ++ (5 : [])concat (Cons 10 Nil) (5 : Nil)

6 Proof: rev (rev list) = list Isabelle / HOL Main goal: rev(rev xs) = xs Subgoal 1: rev (rev []) = [] Simplifier can solve it: rev (rev []) = rev [] = [] Done! Subgoal 2: Forall a list. rev (rev list) = list => rev (rev (a : list)) = a : list Simplifier reduces to subgoal 2.1: Forall a list. rev (rev list) = list => rev (rev list ++ a : []) = a : list … theorem rev_rev [simp]: "rev(rev xs) = xs apply(induct_tac xs) (*Apply induction tactic*) apply(auto) (*Try to solve automatically using simplifier) … Generate subgoals Simplified

7 Proof (contd.) We need a lemma Isabelle / HOL Lemma: rev (xs ++ ys) = (rev ys) ++ (rev xs) Subgoal 1: rev ([] ++ ys) = rev ys ++ rev [] Subgoal 2: Forall a list. rev (list ++ ys) = rev ys ++ rev list => rev ((a : list) ++ ys) = rev ys ++ rev (a : list) Subgoal 2: a list. rev (list ++ ys) = rev ys ++ rev list => (rev ys ++ rev list) ++ a : [] = rev ys ++ rev list ++ a : [] … lemma rev_app [simp]: "rev(xs ++ ys) = (rev ys) ++ (rev xs)" apply(induct_tac xs) (*Apply induction tactic on xs*) apply(auto) (*Try to solve automatically using simplifier) … Find subgoals

8 Complete Proof: rev(rev list) = list … lemma app_assoc [simp]: "(xs ++ ys) ++ zs = xs ++ (ys ++ zs)" apply(induct_tac xs) apply(auto) done lemma app_Nil2 [simp]: "xs ++ [] = xs" apply(induct_tac xs) apply(auto) done lemma rev_app [simp]: "rev(xs ++ ys) = (rev ys) ++ (rev xs)" apply(induct_tac xs) apply(auto) done theorem rev_rev [simp]: "rev(rev xs) = xs" apply(induct_tac xs) apply(auto) done Isabelle / HOL This is the theorem what we want to prove We need to prove 3 supporting lemmas, i.e. Backward proof

9 Isabelle: big picture Isabelle / HOL Isabelle Isabelle / HOL Isabelle / ZF Isabelle / Your Logic Here (X)Emacs GUI for theorem provers Proof General For Isabelle Provides a generic infrastructure to develop theorem provers. A concrete Isabelle instance for Higher- Order-Logic (HOL)

10 Theorem proving terminologies Isabelle / HOL TerminologiesMeaningExamples TheoremThe formula we want to prove rev (rev list) = list LemmaSupporting (sub)theorems for proving the target theorem rev (xs ++ ys) = (rev ys) ++ (rev xs) TacticProduces subgoals from a goal apply(induct_tac) SimplificationThe process of simplifying a term / formula by repeated application of rewrite rules rev (rev []) = rev [] = []

11 Natural deduction Isabelle / HOL By the German mathematician and logician Gentzen. Motivation: Logical formalism that occurs naturally (closely to human reasoning). Assume: If pigs can fly, then there are green men on Mars is true. You see a pig flies in Hamilton? Then there are green men on Mars! Modus Ponens. This is true for arbitrary P, Q Gentzen

12 Natural deduction: Inference rules Introduction (intro.)Elimination (elim.) Isabelle / HOL Conjunction intro. Conjunction elim. Disjunction intro. Disjunction elim. Implication intro. Implication elim. (modus pones !)

13 Natural deduction (contd.) Isabelle / HOL Introduction (intro.)Elimination (elim.) Existential quantifier intro. Existential quantifier elim. Universal quantifier intro. Universal quantifier elim.

14 Applies disjunction elim. rule: Proof: P v Q => Q v P lemma disj_swap: "P v Q => Q v P" apply (erule disjE) Subgoals: P => Q v P (1) Q => Q v P (2) apply (rule disjI2) Subgoal: P => P apply assumption (*Likewise for (2)*) apply (rule disjI1) apply assumption done Isabelle / HOL Applies disjunction intro. rule (2) :

15 Isabelles classical reasoner Isabelle / HOL Working with primitive rules like before are tedious. Classical reasoner = a family of tools that perform proofs automatically. Examples: blast method. lemma disj_swap2: "P v Q => Q v P" apply (blast) No subgoals! Done! blast can solve this automatically

16 Proof: P v Q => Q v P Demo Isabelle / HOL

17 References Isabelle / HOL Isabelle newcomers: A Proof Assistant for Higher-Order Logic, written by Isabelle authors e.g. C. Paulson, online PDF available. Historical development: From LCF to HOL: a short history, Mike Gordon and The next 700 Theorem Provers, C. Paulson. Theorem prover design techniques: Design a Theorem Prover, C. Paulson.

18 Conclusion: Should I bother with Isabelle? Isabelle / HOL If you need computer-aided proofs, e.g. formal verification. If you want to deepen your knowledge in logics / mathematics / functional programming. If you have interest in mechanizing mathematics. … then the answer is Yes. Isabelle can be used as a tool to get work done or simply a platform to experiment and study.

19 Acknowledgements Create your first workbook The author is grateful to Tian Zhang, Eden Burton and Bojan Nokovic (ITB 206) for their very useful feedbacks while preparing this presentation.

20 The End Isabelle / HOL Comments? Questions?


Download ppt "Isabelle / HOL Theorem Proving System Course: CAS760 Logic for Practical Use Instructor: Dr. William M. Farmer Department of Computing and Software McMaster."

Similar presentations


Ads by Google