Presentation is loading. Please wait.

Presentation is loading. Please wait.

Verifying the Four Colour Theorem Georges Gonthier Microsoft Research Cambridge.

Published byJayden Clark Modified over 10 years ago

Similar presentations

Presentation on theme: "Verifying the Four Colour Theorem Georges Gonthier Microsoft Research Cambridge."— Presentation transcript:

1 Verifying the Four Colour Theorem Georges Gonthier Microsoft Research Cambridge

2 150 years of history… 1852 Conjecture (Guthrie DeMorgan) 1878 Publication (Cayley) 1879 First proof (Kempe) 1880 Second proof (Tait) 1890 Rebuttal (Heawood) 1891 Second rebuttal (Petersen) 1913 Reducibility, connexity (Birkhoff) 1922 Up to 25 regions (Franklin) 1969 Discharging (Heesch) 1976 Computer proof (Appel & Haken) 1995 Streamlining (Robertson & al.) 2004 Self checking proof (Gonthier)

3 So what about it ? It shows software can be as reliable as math. Its been done by applying computer science to mathematics. The art of computer proving is maturing.

4 Outline The Four Colour Theorem what it says how its proved Formal proofs proving with programs thinking with programs Computer proofs how its done

5 The Theorem Every simple planar map can be colored with only four colors disjoint subsets of R x Ropen and connected good covering map with at most four regions adjacent regions covered with different colors have a common border point that is not a corner touches more than two regions

6 Record simple_map (m : map) : Prop := SimpleMap { simple_map_proper :> proper_map m; map_open : z, open (m z); map_connected : z, connected (m z) }. Record coloring (m, k : map) : Prop := Coloring { coloring_proper :> proper_map k; coloring_inmap : subregion (inmap k) (inmap m); coloring_covers : covers m k; coloring_adj : z 1 z 2, k z 1 z 2 adjacent m z 1 z 2 m z 1 z 2 }. Definition map_colorable n m := 2 k, coloring m k & size_at_most n k. Theorem four_color : m, simple_map m map_colorable 4 m. The formal theorem Definition covers (m, m' : map) := z : point, subregion (m z) (m' z). Definition size_at_most n m := f, z, inmap m z 2 i, i < n & m (f i). Definition border m z 1 z 2 := intersect (closure (m z 1 )) (closure (m z 2 )). Definition corner_map (m : map) z : map := fun z 1 z 2 m z 1 z 2 closure (m z 1 ) z. Definition not_corner m z := size_at_most 2 (corner_map m z). Definition adjacent m z 1 z 2 := meet (not_corner m) (border m z 1 z 2 ).

7 Outline The Four Colour Theorem what it says how its proved Formal proofs proving with programs thinking with programs Computer proofs how its done

8 Colouring by induction Configuration reducible ring

9 Cubic maps Euler formula R + N – E = 2 2E/R = 6 - 12/R the worlds a football #sides

10 Small rings Any non-trivial ring < 6 defines reducible configurations (Birkhoff, 1913) If there are no small rings, then all 2- neighborhoods are double rings look for configurations in 2-neighborhoods!

11 The proof in a nutshell Find a set of configurations such that: (A) reducibility: Each one can be coloured to match any planar ring colouring. (B) unavoidability: At least one appears in any planar map. Verify that the combinatorics fit the topology (graph theory + analysis). 10,000 cases 1,000,000,000 cases

12 Progress in verification 1976 A & H IBM 370 reducibility 2 books 1000s of figures 1995 RSST C program reducibility unavoidability 35-page paper 2005 MSR Gallina reducibility unavoidability graph theory topology data structures … 35 lines of definitions ? ?

13 Outline The Four Colour Theorem what it says how its proved Formal proofs proving with programs thinking with programs Computer proofs how its done

14 The Poincaré principle How do you prove: Given 2 1+ (1+ 0) 4 1+ (1+ (1+ (1+ 0))) n + m if n is 1+ n then 1+ (n + m) else m (a recursive program) 2 + 2 = 4 ? a: 0 + 2 = 2 (neutral left) b: (1 + 0) + 2 = 1 + (0 + 2) (associativity) c: 2 + 2 = 1 + ((1 + 0) + 2) (def, associativity) d: 2 + 2 = 1 + (1 + (0 + 2)) (replace b in c) e: (replace a in d, def) a: (def, calculation)

15 Reflecting reducibility Setup Variable cf : config. Definition cfreducible : Prop := … Definition check_reducible : bool := … Lemma check_reducible_valid : check_reducible -> cfreducible. Usage Lemma cfred232 : cfreducible (Config 11 33 37 H 2 H 13 Y 5 H 10 H 1 H 1 Y 3 H 11 Y 4 H 9 H 1 Y 3 H 9 Y 6 Y 1 Y 1 Y 3 Y 1 Y Y 1 Y). Proof. apply check_reducible_valid; by compute. Qed. 20,000,000 cases

16 Border colouring (Tait 1880)

17 Chord flips (Kempe 1879) ( )0)0 )1)1 ( chromogram colouring

18 Model checking colourings 1 Ξ0Ξ0 Λ0Λ0 ΛiΛi ΞiΞi Λ Ξ Λi+1Λi+1 Yes No Ξ i+1 Ξ, Λ restrict Λ decrement Ξ any ? No kempe

19 Chromogram twiddling Fixpoint gram_neg_rec (n : nat) (w : chromogram) {struct w} : chromogram := match w, n with | Adds Gpush w', _ => Adds Gpush (gram_neg_rec (S n) w') | Adds Gskip w', _ => Adds Gskip (gram_neg_rec n w') | Adds s w', S n => Adds s (gram_neg_rec n w') | Adds Gpop 0 w', O => Adds Gpop 1 w' | Adds Gpop 1 w', O => Adds Gpop 0 w' | seq0, _ => w end. Definition gram_neg := gram_neg_rec 0.

20 Correctness proof Lemma match_gram_neg : forall b 0 et w, matchg (Seq b 0 ) et (gram_neg w) = matchg (Seq (¬ b 0 )) et w. Proof. move=> b 0 et w; set sb : bitseq := seq 0. have Esb: forall b : bool, Adds b sb = add_last sb b by done. rewrite /gram_neg -[0]/(size sb) 2!{}Esb. elim: w et sb => [|s w IHw] et lb; first by case lb. case Ds: s; (case: et => [|e et]; first by case lb); first [ by case: e (IHw et (Adds _ lb)) => /= | by case: e; case: lb => [|b lb]; rewrite /= ?if_negb ?IHw ]. Qed.

21 Outline The Four Colour Theorem what it says how its proved Formal proofs proving with programs thinking with programs Computer proofs how its done

22 Formalizing maps n f node edge dart e

23 Rings and disks rest disk

24 Pasting configurations disk paste rest contour cycle full map

25 Folkloric proofs? (3.3) Let K be a configuration appearing in a triangulation T, and let S be the free completion of K. Then there is a projection ɸ of S into T such that ɸ (x) = x for all x V(G(K)) E(G(K)) F(G(K)). This is a folklore theorem, and we omit its [lengthy] proof… Definition phi x := if ac x then h x else if ac (edge x) then edge (h (edge x)) else if ac (node x) then face (edge (h (node x))) else edge (node (node (h (node (edge x))))).

26 Unavoidable pattern

27 Topology Euler: (n + 1) 2 + n 2 + 1 – 2n(n+1) = 2

28 Outline The Four Colour Theorem what it says how its proved Formal proofs proving with programs thinking with programs Computer proofs how its done

29 1 subgoal d : dataSet e : rel d ============================ forall (p : seq d) (x : d), cycle p -> p x -> e x (next p x) 1 subgoal d : dataSet e : rel d y0 : d p : seq d x : d Hp : path y0 (add_last p y0) ============================ setU1 y0 p x -> e x (next_at x y0 y0 p) 2 subgoals d : dataSet e : rel d y0 : d x : d y : d ============================ e y y0 && true -> (y =d x) || false -> e x (if y =d x then y0 else x) subgoal 2 is: e y y && path y (add_last p y0) -> or3b (y =d x) (y =d x) (p x) -> e x (if y =d x then y else next_at x y0 y p) 2 subgoals d : dataSet e : rel d y0 : d x : d y : d Hy : e y y0 Dy : y =d x ============================ e x (if y =d x then y0 else x) subgoal 2 is: e y y && path y (add_last p y0) -> or3b (y =d x) (y' =d x) (p x) -> e x (if y =d x then y else next_at x y0 y p) 1 subgoal d : dataSet e : rel d y0 : d x : d y : d p : seq d IHp : forall x0 : d, path x0 (add_last p y0) -> setU1 x0 p x -> e x (next_at x y0 x0 p) y : d ============================ e y y && path y (add_last p y0) -> or3b (y =d x) (y =d x) (p x) -> e x (if y =d x then y else next_at x y0 y p) 1 subgoal d : dataSet e : rel d y0 : d x : d y : d p : seq d IHp : forall x0 : d, path x0 (add_last p y0) -> setU1 x0 p x -> e x (next_at x y0 x0 p) y : d Hy : e y y Hp : path y (add_last p y0) ============================ or3b (y =d x) (y =d x) (p x) -> e x (if y =d x then y else next_at x y0 y p) 1 subgoal d : dataSet e : rel d y0 : d x : d y : d p : seq d IHp : forall x0 : d, path x0 (add_last p y0) -> setU1 x0 p x -> e x (next_at x y0 x0 p) y : d Hy : e y y Hp : path y (add_last p y0) ============================ or3b false (y =d x) (p x) -> e x (next_at x y0 y p) Subtree proved! Proof workbench Lemma next_cycle : p x, cycle p p x e x (next p x). Proof. move [ | y 0 p] x //= Hp. elim: p {1 3 5}y 0 Hp [ | y' p IHp] y /=; rewrite eqd sym /setU1. - rewrite andbT orbF Hy Dy. by rewrite Dy -(eq P Dy). move/and P [Hy Hp]. case: (y = P x) [ | _] //. exact: IHp Hp. Qed. proof script goal context other goal e e e e e e e x next p x cycle p p recursion assumption

30 Five tactic summary move: x y Hxy … => z t Hzt … bookkeeping : context goal moves case: x Hxy … => [a | b c] … decomposition, induction (with elim) rewrite /= orbF –[x]addn0 … partial evaluation, simplification apply: lemma… => [x y Hxy | n | …] … match goal (backward chaining) have label: conjecture by … set goal (forward chaining)

31 Some conclusions Proof assistants can give real proofs of real theorems Machine formalization can lead to new mathematical insights Formally proving programs can be easier than formally proving theorems

Download ppt "Verifying the Four Colour Theorem Georges Gonthier Microsoft Research Cambridge."

Similar presentations

Mathematical Preliminaries

Mathematical Preliminaries
Internal Deduction and Decision Procedures of the Four Colour Theorem Georges Gonthier Microsoft Research Cambridge Joint Inria-Microsoft Research Center.

Internal Deduction and Decision Procedures of the Four Colour Theorem Georges Gonthier Microsoft Research Cambridge Joint Inria-Microsoft Research Center.
INHERENT LIMITATIONS OF COMPUTER PROGRAMS CSci 4011.

INHERENT LIMITATIONS OF COMPUTER PROGRAMS CSci 4011.
Great Theoretical Ideas in Computer Science

Great Theoretical Ideas in Computer Science
15-251 Great Theoretical Ideas in Computer Science for Some.

Great Theoretical Ideas in Computer Science for Some.
Graphs, Planar graphs Graph coloring

Graphs, Planar graphs Graph coloring
NP-Hard Nattee Niparnan.

NP-Hard Nattee Niparnan.
Planar Graphs: Coloring and Drawing

Planar Graphs: Coloring and Drawing
Static and User-Extensible Proof Checking Antonis StampoulisZhong Shao Yale University POPL 2012.

Static and User-Extensible Proof Checking Antonis StampoulisZhong Shao Yale University POPL 2012.
Interval Graph Test.

Interval Graph Test.
Formalising the structure of extremal p-groups Georges Gonthier.

Formalising the structure of extremal p-groups Georges Gonthier.
Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.

Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.
22C:19 Discrete Math Graphs Fall 2014 Sukumar Ghosh.

22C:19 Discrete Math Graphs Fall 2014 Sukumar Ghosh.
Bayesian Networks, Winter 2009-2010 Yoav Haimovitch & Ariel Raviv 1.

Bayesian Networks, Winter Yoav Haimovitch & Ariel Raviv 1.
Graph coloring: From maps to wireless networks and job scheduling Magnús M. Halldórsson University of Iceland.

Graph coloring: From maps to wireless networks and job scheduling Magnús M. Halldórsson University of Iceland.
The Four Color Theorem (4CT)

The Four Color Theorem (4CT)
15-251 Great Theoretical Ideas in Computer Science for Some.

Great Theoretical Ideas in Computer Science for Some.
Some applications of graph theory. More on the Four Color Problem.

Some applications of graph theory. More on the Four Color Problem.
Applications of Euler’s Formula for Graphs Hannah Stevens.

Applications of Euler’s Formula for Graphs Hannah Stevens.
CompSci 102 Discrete Math for Computer Science April 19, 2012 Prof. Rodger Lecture adapted from Bruce Maggs/Lecture developed at Carnegie Mellon, primarily.

CompSci 102 Discrete Math for Computer Science April 19, 2012 Prof. Rodger Lecture adapted from Bruce Maggs/Lecture developed at Carnegie Mellon, primarily.

Similar presentations

Ads by Google