Introduction to Formal Proof · 2018-04-17 · Introduction to Formal Proof 3: Predicate Logic...

Introduction to Formal Proof

Bernard Sufrin

Trinity Term 2018

3: Predicate Logic Semantics

[03-folsemantics]

Introduction to Formal Proof 3: Predicate Logic Semantics Propositional logic has limits

Propositional logic has limits

▷ Consider these two arguments

S: All software systems are human artefacts

Some software systems are complex

All complex human artefacts are incomprehensible

∴ Some software systems are incomprehensible

L: All formalizations of logic are human artefacts

Some formalizations are complex

All complex human artefacts are incomprehensible

∴ Some formalizations of logic are incomprehensible

▷ What do they have in common?

▷ Are their conclusions justifiable from their premisses by Natural Deduction?

▷ Do you accept their premisses?

– 1 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Informal predicate language: variables, predicates, quantifiers

Informal predicate language: variables, predicates, quantifiers

▷ Atomic Propositions are insufficient to capture the details of the premisses/conclusions

▷ Propositional logic and language needs enriching

▷ Predicate Logic (sometimes called First Order Logic) is the simplest enrichment that isgenerally useful1

▷ It allows the formal expression of statements (sometimes involving “all” and “some”) aboutthe properties of things, and about individual things.

▷ We express these using variables, predicates (P ,HA,C , I ) and quantifiers (∃−⋅−,∀−⋅−)

1: All P things are HA things: ∀x ⋅P(x)→ HA(x)2: Some P things are C things: ∃x ⋅P(x) ∧C (x)3: All C things that are also HA things are I things: ∀x ⋅C (x) ∧HA(x)→ I (x)∴ Some P things are I things: ∴ ∃x ⋅P(x) ∧ I (x)

1 outside of the study of logic itself, that is.

L1 – 2 – 8th May, 2017@14:59 [715]


▷ A (unary) predicate is used to make statements about individual things.

○ Black(x), Strange(y), Incomprehensible(z)

▷ Binary predicates are used to make statements relating two individuals (they are sometimescalled binary relations)

○ MadeBy(x , y)○ i < j , k loves l , x = y (Binary predicates used with infix notation)

▷ The theory admits predicates/relations of other arities, e.g. CanFool(who,whom,when)

▷ The resulting language is quite expressive, e.g.

∀x ⋅ (Integer(x)→ ∃y ⋅ (Integer(y) ∧ x < y)))

∀p ⋅ (Person(p)→ ∃t ⋅ (Time(t) ∧ ∀p′ ⋅Person(p′)→ CanFool(p,p′, t)))

∀p ⋅ (Person(p)→ ∀t ⋅ (Time(t)→ ∃p′ ⋅Person(p′) ∧CanFool(p,p′, t)))

L2 – 3 – 8th May, 2017@14:59 [715]


▷ The variables introduced by quantifiers connect places in the text of a formula

▷ The textual region in which a name symbolizes the same connector is called its scope

(Person(∗)→ (Time(∗)→ Person(∗) ∧CanFool(∗,∗,∗)´¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¸¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¶

∃∗

)

´¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¸¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¶∀∗

)

´¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¸¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¶∀∗

▷ The names don’t matter formally

(Person(x)→ (Time(z)→ Person(y) ∧CanFool(x , y , z)´¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¸¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¶

∃y

)

´¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¸¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¶∀z

)

´¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¸¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¶∀x

▷ But it’s a good idea to use memorable ones

(Person(perp)→ (Time(t)→ Person(vict) ∧CanFool(perp, vict , t)´¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¸¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¶

∃vict

)

´¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¸¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¶∀t

)

´¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¸¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¹¶∀perp

– 4 – 8th May, 2017@14:59 [715]


▷ When we want to make a predicate calculus argument about a “real-world” situation, wefirst:

○ Say what our world is going to be

○ Choose names for (some) individual things that in our world

○ Choose names (or symbols) for predicates that (partly) describe the real world situation

▷ e.g. humans

○ ♀(x) means “x is genetically female”

○ ♂(x) means “x is genetically male”

○ Parent(x , y) means “x is a genetic parent of y .”

○ Ancestor(x , y) means “x is a genetic ancestor of y .”

– 5 – 8th May, 2017@14:59 [715]


▷ We can then encode statements about our world as predicate language statements, e.g.

○ Everybody is either genetically male or genetically female, not both:

∀b ⋅ (♂(b) ∨ ♀(b)) ∧ ¬(♂(b) ∧ ♀(b))

○ Somebody is an ancestor of p if they are a parent of p, or the parent of an ancestor of p.

∀b ⋅ ∀p ⋅Ancestor(b,p)↔ Parent(b,p) ∨ ∃a ⋅Parent(b,a) ∧Ancestor(a,p)

○ Nobody is their own ancestor:

¬∃b ⋅Ancestor(b, b)

○ Everybody has a unique genetic mother:

∀b ⋅ ∃m ⋅ (♀(m) ∧Parent(m, b) ∧

∀m ′ ⋅ (♀(m ′) ∧Parent(m ′, b)→ m = m ′) )

– 6 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Informal predicate language: functions

Informal predicate language: functions

▷ So far we have only used variables (and names of individuals) to denote things

▷ This leads to some unwieldy circumlocutions – esp. about uniqueness

▷ It is more convenient to use function application notation to denote unique things

– 7 – 8th May, 2017@14:59 [715]


▷ Humans revisited

○ ♀(x) means “x is genetically female”

○ ♂(x) means “x is genetically male”

○ Parent(x , y) means “x is a genetic parent of y”.

○ Ancestor(x , y) means “x is a genetic ancestor of y”.

○ ma(x) denotes the genetic mother of x .

○ pa(x) denotes the genetic father of x .

▷ Facts: (given our present state of knowledge)

○ ∀x ⋅Parent(ma(x), x)○ ∀x ⋅Parent(pa(x), x)○ ∀x ⋅♂(pa(x)) ∧ ♀(ma(x))○ ∀b ⋅ (♂(b) ∨ ♀(b)) ∧ ¬(♂(b) ∧ ♀(b))○ ∀b ⋅ ∀p ⋅Ancestor(b,p)↔ Parent(b,p) ∨ ∃a ⋅Parent(b,a) ∧Ancestor(a,p)

– 8 – 8th May, 2017@14:59 [715]


▷ We may not have coded enough facts to model the world completely enough to prove fromthem something that’s intuitively true, or that’s useful. For example in our world ofhumans as currently encoded:

○ Can we prove that everyone has two distinct parents?

○ Can we prove that everyone has no more than two parents?

– 9 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Inference systems for predicate logic

Inference systems for predicate logic

▷ The goal of an inference system for predicate logic is that if our coding of statementsabout the world is coherent and the encoded statements about the world are true, then anyvalid deductions we make from them should also be true in the world.

▷ Recall that the rigorous analysis of the soundness and completeness of propositional logicinference systems required us to characterise the truth of composite propositionsindependently of their provability in the inference system.

In the same way, a rigorous analysis of predicate logic inference systems will require us tocharacterise a notion of the truth of composite and quantified statements about a worldindependently of their provability in the inference system.

▷ Such independent characterizations are known as the semantics of the logics concerned.

– 10 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Formal predicate language: grammar

Formal predicate language: grammar

▷ There are two sorts of phrase in the language

○ Terms – denote objects / things

○ Formulæ – denote declarative statements about things

▷ We build phrases in the language from a given initial vocabulary2 of

○ constant symbols (“names for individual things”) C○ predicate symbols (“names of predicates”) P○ function symbols (“names of functions”) F

▷ Each function and predicate symbol has an arity (unary, binary, ternary, ...) and “fixity”that is usually indicated informally, e.g :C = {0,1}F = {s(⋅),p(⋅), ⋅ ⊕ ⋅}P = {⋅ = ⋅, ⋅ > ⋅,Even ⋅}

2Sometimes called a signature

– 11 – 8th May, 2017@14:59 [715]


▷ Terms

○ Any variable is a term3

○ Any constant is a term

○ If t1, ...tn are terms and f is an n-ary function symbol, then f (t1, ...tn) is a term4

○ Nothing else is a term5

▷ For example: with C,F ,P as on the previous page, the following are terms:

0 1 s(0) s(s(0)) p(s(1)) s(s(s(0))⊕ p(s(1)))x y0 z ′ s(s(y1)) s(z ′)⊕ (y1 ⊕ x) s(s(z ′))⊕ p(s(1))

but the following are not terms:

a > 0 Even(x)

and these are not well formed phrases of any kind:

x(x(y)) Even

3Here we use sequences of lowercase letters as variables – sometimes decorating them with subscripts and/or dashes.4x ⍟ y is syntactic sugar for ⍟(x , y) for every binary infix function symbol ⍟. The binding power of such symbols is specified with their fixity.5 We allow parentheses in written terms.

– 12 – 8th May, 2017@14:59 [715]


▷ Formulæ

○ If t1, ...tn are terms, and P is an n-ary predicate symbol, then P(t1, ...tn) is a formula6

(these are called atomic formulæ)

○ If φ is a formula then so is ¬φ○ If φ,ψ are formulæ then so are φ ∧ ψ,φ ∨ ψ,φ→ ψ,φ↔ ψ

(priority7 of the logical operators is as in propositional logic.

○ If α is a variable, and φ is a formula then ∀α ⋅ φ and ∃α ⋅ φ are formulae8

(these are called quantified formulæ)

○ Nothing else is a formula9

▷ Choose one of the notations for quantification and stick to it:

○ ∃α⋅ and ∀α⋅ take the largest well-formed formula (wff) that starts at the right of ⋅○ Without the “⋅” ∃ α and ∀ α take the smallest wff that starts at the right of α

6x ≒ y is syntactic sugar for ≒ (x , y) for every binary infix predicate symbol ≒7Huth and Ryan call it “binding power”8Huth and Ryan write (∀αφ) and (∃αφ). Others require a ⋅ between variable and formula.9 We allow parentheses in written formulæ.

L3 – 13 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Free Variables

Free Variables

▷ If t is a term then every variable v appearing in that term is free in t .

▷ If P(t1, ..., tn) is an atomic formula then the variables free in that formula are the variablesfree in the terms t1, ..., tn.

▷ If φ is a formula then the variables free in ¬φ are the variables free in φ

▷ If φ,ψ are formulæ then the variables free in φ ∧ ψ,φ ∧ ψ,φ→ ψ,φ↔ ψ, are the variablesfree in φ and the variables free in ψ.

▷ If φ is a formula, and α a variable, then the variables free in ∀α ⋅ φ and in ∃α ⋅ φ are thevariables, except α, that are free in φ.

– 14 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Free Variables

▷ Examples:Term Frees(s(0))s(s(z ′))⊕ p(s(1))⊕ x z ′, x

Formula Freex > y → y > z → x > z x , y , z∀x ⋅ y = s(s(z ′))⊕ p(s(1))⊕ x z ′, y∃y ⋅ ∀x ⋅ y = s(s(z ′))⊕ p(s(1))⊕ x z ′

∀z ′ ⋅ ∃y ⋅ ∀x ⋅ y = s(s(z ′))⊕ p(s(1))⊕ x∃x ⋅ y loves x ∧ (∃y ⋅ x loves y) y

▷ Definition: a term/formula with no free variables is called a closed term/formula.

– 15 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Substitution

Substitution

▷ Definition: if φ is a formula, ti are terms, and αi are variables, the notationφ[t1, ..., tn/α1, ..., αn] means the formula obtained by simultaneously substituting ti forevery free occurence of αi in φ. The phrase [t1, ..., tn/α1, ..., αn] represents a mappingfrom variables to terms and is called a substitution.

▷ Examples:

Formula Substitution Equivalent(x > y → y > z → x > z) [s(x)/x ] (s(x) > y → y > z → s(x) > z)(y = s(s(z ′))⊕ p(s(1))⊕ x) [y , x/x , y] (x = s(s(z ′))⊕ p(s(1))⊕ y)(y = s(s(z ′))⊕ p(s(1))⊕ x) [y/x ][x/y] (x = s(s(z ′))⊕ p(s(1))⊕ x)(∃y ⋅ z ′ = s(y) ∧ ∀z ′ ⋅ p(1)⊕ z ′ = z ′) [p(x)/z ′] (∃y ⋅ p(x) = s(y) ∧ ∀z ′ ⋅ p(1)⊕ z ′ = z ′)(∃x ⋅ z ′ = s(x) ∧ ∀z ′ ⋅ p(1)⊕ z ′ = z ′) [p(x)/z ′] (∃x ⋅ p(x) = s(x) ∧ ∀z ′ ⋅ p(1)⊕ z ′ = z ′)

▷ Notice that in the last example the x being substituted has been “captured” within thescope of ∃x ⋅ .... Such “captures” are explicitly prohibited by the formal definition ofsubstitution.

L4 – 16 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Models and Meanings

Models and Meanings

▷ Knowing only a signature C,F ,P can tell us nothing about the truth or falsehood of itsatomic formulæ.

▷ To establish the truth or falsehood of statements denoted by atomic formulæ we need tohave a model. This tells us:

○ what the domain of discourse10 is (what world the things come from)

○ what thing each constant symbol denotes in that world

○ what function each function symbol means in that world

○ what predicate each predicate symbol means in that world

▷ If M is a model for C,F ,P we will write here

○ Mconstant(c) to mean the thing the symbol c denotes in the model’s domain (c ∈ C)○ Mfunction(f ) to mean the function on the domain that the symbol f means (f ∈ F)○ Mpredicate(P) to mean the predicate on the domain that the symbol P means (P ∈ P)

10 Some authors use “Universe of Discourse”, many shorten to “Domain”

L5 – 17 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Models and Meanings

▷ Example: we are given: C = {0} F = {s(⋅),p(⋅), ⋅ ⊕ ⋅} P = {⋅ = ⋅, ⋅ > ⋅,Even}

▷ One obvious model (Int) has as its domain the integers, with:

0 denoting the number 0

s denoting the successor function, and p its inverse

⋅ ⊕ ⋅ denoting integer addition

⋅ = ⋅, ⋅ > ⋅,Even denoting the predicates they usually denote for integers

▷ Another model (Nat3) has as its domain the natural numbers modulo 3, with:

0 denoting the number 0

s denoting the successor function modulo 3 and p its inverse

⋅ ⊕ ⋅ denoting addition modulo 3

⋅ = ⋅, ⋅ > ⋅,Even denoting the predicates they usually denote for natural numbers

– 18 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics The 7PM Model

The 7PM Model

▷ Another model has as its domain the last seven Prime ministers of the UK11 with

0 denoting Cameron

s(x) denoting the Prime Minister who took office immediately after x , and p(x)denoting the Prime Minister who took office immediately before x , and x ⊕ y denotingthe Prime Minister who took office later.

⋅ = ⋅ meaning identity, ⋅ > ⋅ meaning “took office later than”, and Even being true ovv12

Prime Ministers educated in state schools.

▷ We present this to show that there is no particular reason why the symbols used in asignature should have a mnemonic relationship to the domain, constants, functions andpredicates assigned by a model.

11In reverse order of appointment they are: Camoron, Brown, Bliar, Major, Thatcher, Callaghan, Wilson.12 “Of and only of” (you read it here first, Virginia!)

– 19 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Evaluation of formulae without variables

Evaluation of formulae without variables

▷ To discover whether an atomic formula without variables is true:

○ First translate the formula into the model domain by translating:

∗ every constant symbol into what it denotes in the model

∗ every function symbol into the function it means for the model

∗ every predicate symbol into the predicate it means for the model

○ Then evaluate the translated atomic formula (in the model domain)

▷ For example, in 7PM:

0 > p (0)Cameron took office later than the immediate predecessor in office of CameronCameron took office later than Brown

▷ Composite non-quantified formulae without variables (¬φ,φ∨ψ,φ∧ψ, ...) are evaluated byevaluating their components, and combining the component values as they would becombined in propositional logic.

– 20 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Evaluation of Quantified Formulae in the 7PM model

Evaluation of Quantified Formulae in the 7PM model

▷ Is the formula ∃x ⋅ x > 0 true?

▷ In order to discover this we associate each thing in the 7PM domain with x , then evaluatethe formula: x > 0. If it is true for any of these formulæ, then the whole formula is true.

▷ Is the formula ∀y ⋅ y /= 0→ ∃x ⋅ x > y true?

▷ In order to discover this we associate each thing in the 7PM domain with y , then evaluatethe formula: y /= 0→ ∃x ⋅ x > y . If it is true for all of these formulæ, then the wholeformula is true..

– 21 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Formalizing “associate with”

Formalizing “associate with”

▷ One way to formalise the idea of “associate ... with x then evaluate ...” is:

○ invent a constant symbol (say DC ,GB ,AB ,JM ,MT ,JC ,HW ) for each thing

○ Substitute each constant symbol for x in x > 0, then evaluate the resultingformula-without-variables:

Formula Translation into the model ValueDC > 0 Cameron took office later than Cameron F

GB > 0 Brown took office later than Cameron F

AB > 0 Bliar took office later than Cameron F

JM > 0 Major took office later than Cameron F

MT > 0 Thatcher took office later than Cameron F

JC > 0 Callaghan took office later than Cameron F

HW > 0 Wilson took office later than Cameron F

○ So in 7PM, ∃x ⋅ φ(x) means the same as φ(DC ) ∨ φ(GB) ∨ ... ∨ φ(HW )and ∀x ⋅ φ(x) means the same as φ(DC ) ∧ φ(GB) ∧ ... ∧ φ(HW )

L6 L7 – 22 – 8th May, 2017@14:59 [715]


▷ To discover the value of ∀y ⋅ y /= 0→ ∃x ⋅ x > y we need to evaluate a substitution-for-yinstance of the formula y /= 0→ ∃x ⋅ x > y for each of our invented constant symbols.

DC /= 0→ ∃x ⋅ x > DCGB /= 0→ ∃x ⋅ x > GB

...HW /= 0→ ∃x ⋅ x > HW

▷ Writing [[ ... ]] for “value”, in the first of these we see

[[ DC /= 0→ ∃x ⋅ x > DC ]]; (Evaluation rules for composite non-quantified formulæ)

[[ DC /= 0 ]]→[[ ∃x ⋅ x > DC ]]; (Because Cameron = Cameron)

F→[[ ∃x ⋅ x > DC ]]; (Definition of →)

T

– 23 – 8th May, 2017@14:59 [715]


▷ As for the second (with subsequent formulæ similar) we have

[[ GB /= 0→∃x ⋅ x > GB ]]; [[ GB /= 0 ]]→[[ ∃x ⋅ x > GB ]]; T→[[ ∃x ⋅ x > GB ]]; [[ ∃x ⋅ x > GB ]]; [[ (DC > GB) ∨ (GB > GB) ∨ (AB > GB) ∨ ... ∨ (HW > GB) ]]; Cameron took office later than Brown ∨ ...; T

– 24 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Evaluation rules for formulae in a model M with domain Dom

Evaluation rules for formulae in a model M with domain Dom

▷ Our evaluation rules can be simplified if we assume that there is a distinct constant symbolcorresponding to every distinct thing v in the domain Dom. Here we use the notation ⟨⟨v⟩⟩for the constant symbol corresponding to v . In other words: Mconstant(⟨⟨v⟩⟩) is v .

▷ Our assumption effectively means that we need not give rules for the evaluation of terms inwhich variables appear.

▷ Any metalogical reasoning we do under this assumption can also be done with a slightlymore complex collection of rules that provide for the evaluation of terms with variables inthem.13

13 Note 9 on p37 gives a Haskell implementation of these rules.

– 25 – 8th May, 2017@14:59 [715]


▷ Domain values denoted by terms:

○ If c is a constant symbol, then the value denoted by the term c is Mconstant(c)(so the value denoted by the constant symbol ⟨⟨v⟩⟩ is v)

○ If f is a function symbol, and t1, ...tn are terms, then the value denoted by the termf (t1, ...tn) is the value of the n-ary function Mfunction(f ) at the arguments (v1, ...vn)where v1, ...vn are the domain values denoted by the terms t1, ...tn.

▷ Truth values of formulæ without variables

○ The formula P(t1, ...tn) is true iff the n-ary predicate Mpredicate(P) holds at the n-tuple(v1, ...vn) where v1, ...vn are the domain values denoted by the terms t1, ...tn.

▷ Truth values of quantified formulæ.

○ ∃α ⋅ φ is true iff φ[⟨⟨v⟩⟩/α] is true for some domain value v

○ ∀α ⋅ φ is true iff φ[⟨⟨v⟩⟩/α] is true for every domain value v

▷ Truth values of nonquantified composite formulæ are determined by the truth-valuedfunctions ∧,∨,→, ↔, ¬ at the truth values of their components.

– 26 – 8th May, 2017@14:59 [715]


▷ Writing [[ t ]] for “the domain value denoted by the term t”, and [[ φ ]] for “the truth valueof the formula φ” we can tabulate the evaluation rules for variable-free terms and formulæconcisely.

[[ c ]] Mconstant(c)[[ f (t1, ..., tn) ]] Mfunction(f )([[ t1 ]], ..., [[ tn ]])[[ P(t1, ..., tn) ]] T if and only if Mpredicate(P)([[ t1 ]], ..., [[ tn ]])[[ ¬φ ]] ¬[[ φ ]][[ φ ∧ ψ ]] [[ φ ]]∧[[ ψ ]][[ φ ∨ ψ ]] [[ φ ]]∨[[ ψ ]][[ φ→ ψ ]] [[ φ ]]→[[ ψ ]][[ φ↔ ψ ]] [[ φ ]]↔[[ ψ ]][[ ∀α ⋅ φ ]] T if and only if [[ φ[⟨⟨v⟩⟩/α] ]] is T for every domain value v[[ ∃α ⋅ φ ]] T if and only if [[ φ[⟨⟨v⟩⟩/α] ]] is T for some domain value v

▷ Note: here we call the constant terms ⟨⟨v⟩⟩ that correspond to domain values v , theconstant terms synthesized from the domain of M .

L8 L9 – 27 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Semantic Entailment

Semantic Entailment

Let φ1, ..., φn, ψ, be formulæ in the predicate language determined by the signature C,F ,Pand let M be a model for that signature.

▷ We defineφ1, ..., φn ⊧M

ψ

to mean that ψS is true in M for every substitution S of synthesized constant terms (fromthe domain of M ) that makes all of φ1S, ..., φnS true.

▷ We defineφ1, ..., φn ⊧ ψ

to mean that in every such model M φ1, ..., φn ⊧Mψ

– 28 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Semantic Entailment

▷ It can easily be proven that the only substitutions, S , that are relevant to the truth valueof a formula are those that assign only to its free variables. This permits the mechanicalchecking of ⊧M when M has a finite domain.

▷ For example ⊧Nat3s(i)⊕ j = s(i ⊕ j )

Here n = 2 and the free variables are i , j , so the relevant substitutions are:

[⟨⟨0⟩⟩, ⟨⟨0⟩⟩/i , j ], [⟨⟨0⟩⟩, ⟨⟨1⟩⟩/i , j ], [⟨⟨0⟩⟩, ⟨⟨2⟩⟩/i , j ], ...,[⟨⟨2⟩⟩, ⟨⟨0⟩⟩/i , j ], [⟨⟨2⟩⟩, ⟨⟨1⟩⟩/i , j ], [⟨⟨2⟩⟩, ⟨⟨2⟩⟩/i , j ]

▷ What about

○ i /= 0, j /= 0 ⊧7PM s(i)⊕ j = s(i ⊕ j )?

○ ⊧Int s(i)⊕ j = s(i ⊕ j )?

▷ ⊧M cannot be comprehensively checked mechanically for models over non-finite domains.

– 29 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Satisfiability

Satisfiability

▷ Definition: φ is satisfiable if there is some model M for which ⊧M φ

– 30 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics ASIDE: Partial Functions

ASIDE: Partial Functions

▷ In the 7PM model the predecessor/successor-in-office functions are partial.

▷ This raises the spectre of terms in the language that do not denote anything in the model

Two examples are:s(0),p(p(p(p(p(p(p(0)))))))

▷ This affects14 the semantics. For example:

○ what is the truth-value of ∀x ⋅ ¬(x = s(0))?

○ what is the truth-value of ∃y ⋅ ∀x ⋅ ¬(x = s(y))?

▷ Discussing the consequences of this in detail is beyond the scope of this course, so we willstick to models in which function symbols denote total functions.

14 Perhaps we should say infects!

L10 – 31 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Contents

Contents

Introduction: Predicate Language . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Propositional logic has limits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1Informal predicate language: variables, predicates, quantifiers . . . . . . 2Informal predicate language: functions . . . . . . . . . . . . . . . . . . . . . . . . . . . .7Inference systems for predicate logic . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

Predicate Calculus Semantics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Formal predicate language: grammar . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Free Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14Substitution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Models and Meanings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

The 7PM Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Evaluation of formulae without variables . . . . . . . . . . . . . . . . . . . . . . . . .20Evaluation of Quantified Formulae in the 7PM model . . . . . . . . . . . . 21Formalizing “associate with” . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22Evaluation rules for formulae in a model M with domain Dom . . . . 25Semantic Entailment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28Satisfiability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30ASIDE: Partial Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

– 32 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof 3: Predicate Logic Semantics Notes

Note 1: On being a “thing” 2RIn English natural language calling an entity a “thing” or “object” sometimes connotes materiality; i.e. that the entity has material substance. In these notesusing these words does not have such connotations: “234” is a much a “thing” as “my foot”; and “the set of linguistically adept penguins” is as much a“thing” as the paper or screen on which you are reading these notes, or the file(s) in which the pdf representations of the notes are stored in the Lab’sfilestore.15 What’s more, when we call a thing a thing it does not mean that we believe that it has no internal structure.

Note 2: 3RSome theoretical studies of predicate logic omit the equality/identity relation at first – considering its detailed study to be of interest in its own right. Wedon’t have sufficient time to do this, so when the time comes we shall simply write introduction and elimination rules for “=” that capture the consensus thatis shared by everybody who needs to use logic in a practical way.

Note 3: Terms and Formulae represented in Haskell 13RJust as we did for propositions, we can define Haskell types to represent formulæ and terms.

type Var = String

type Con = String

type Pred = String

type Fun = String

data Form = Absurd

| Sat Pred [Term]

| Not Form

| Form :/\ Form

| Form :\/ Form

| Form :-> Form

| Form :<-> Form

| Some Var Form

| All Var Form

deriving (Eq)

data Term = Var Var

| Con Con

| App Fun [Term]

deriving (Eq)

The construction Sat p [t1, ...tn] represents the formula p(t1, ...tn), and App f [t1, ...tn] represents the function application f (t1, ...tn). Absurd will be used torepresent a false formula. The intention of the other constructions should be clear.

15Incidentally, calling the Department of Computer Science “the Lab” is thought by some to be sentimental or archaic terminology, but the Lab is itself a “thing” despite somepeople being reluctant to use that name for it, and other people not knowing what “the Lab” refers to.

– 33 – 8th May, 2017@14:59 [715]


Notice that this representation has nothing to say about predicate (function) symbols being applied to the correct number of formulæ(terms). When we cometo build an evaluator in Haskell we will simply assume that they are.

Note 4: Formal definition of single-variable substitution 16RThe following table defines the substitution of t for x (for constant symbols c, function symbols f , predicate symbols P , variables α, x , and terms t , t1, ..., tn)

c [t/x ] ; c

α [t/x ] ; { t , if α is xα, if α is not x

f (t1, ..., tn) [t/x ] ; f (t1[t/x ], ..., tn[t/x ])P(t1, ..., tn) [t/x ] ; P(t1[t/x ], ..., tn[t/x ])φ ∧ ψ [t/x ] ; φ[t/x ] ∧ ψ[t/x ]...

∀α ⋅ φ [t/x ] ; { ∀α ⋅ φ, if x is not free in φ or α is x∀α.φ[t/x ], if x is free in φ, and α not free in t

∃α ⋅ φ [t/x ] ; { ∃α ⋅ φ, if x is not free in φ or α is x∃α.φ[t/x ], if x is free in φ, and α not free in t

The precondition: α is not free in t forbids variable capture when a substitution is taken through a quantifier. When this condition is met we (also) say that“α is fresh in t”.

Evidently a precondition for φ[t/x ] to be well-defined is that there is no quantified subformula of φ that breaks the freshness condition. In this case logicianssay that “t is free (to be substituted) for x in φ” – nearly always omitting the parenthesized phrase. This omission can startle the unwary – for the differentsenses of the word “free” are signalled in only a very subdued way in a phrase like: “t is free for x in ∀α ⋅ φ if α is not free in t or x is not free in φ”.

Note 5: 17RThe context frequently makes it clear which of Mconstant ,Mfunction ,Mpredicate we mean, and in those circumstances we will drop the subscript.

Many logicians (especially those writing only for logicians) use the notations cM, fM,PM for the denotations of c, f ,P in the model M. This convention hasthe virtue of conciseness, but brings little else to the party!

Note 6: 22RThe explanations of ∀ (and ∃) as a finite conjunction (and disjunction) of formulæ can only be used because the 7PM domain is finite. The precise meaningof the ellipsis (...) is evident to most people, and (because the domain is small enough) the ellipsis could be removed by writing the conjunction (disjunction)out in full. This mode of explanation doesn’t work for a non-finite domain, and we have to use a more elaborate way of “eliminating” variables fromquantified formulae.

– 34 – 8th May, 2017@14:59 [715]


Note 7: Models represented in Haskell 22RJust as we were able to define as a Haskell function the evaluation of propositions represented as Haskell data types, so we are able to define the evaluation offormulæ and terms as Haskell functions.

We first define a type class Model that captures the essence of a model. The type parameter, dom, will be instantiated in any particular model by the Haskelltype that represents things in the domain of discourse.

class Model dom where

constant:: Con -> dom

function:: Fun -> [dom] -> dom

predicate:: Pred -> [dom] -> Bool

universe:: [dom]

the constant , function,predicate functions map Con,Fun,Pred symbols to values, functions and predicates. The universe is represented by the list universe– a clue that our Haskell implementation of models will only be capable of computing effectively with models that havefinite universes.

Here’s the Nat3 model in this encoding

instance Model Int where

universe = [0,1,2]

constant "0" = 0

function "s" [n] = (n+1) ‘mod‘ 3

function "p" [n] = (n-1) ‘mod‘ 3

function "⊕" [x,y] = (x+y) ‘mod‘ 3

predicate ">" [x, y] = x>y

predicate "Even" [n] = even n

predicate "=" [x,y] = x==y

and here’s the 7PM model

data SevenPM = Wilson | Callaghan | Thatcher | Major |

Bliar | Brown | Cameron

deriving (Eq, Ord, Show, Enum)

instance Model SevenPM where

universe = [Wilson, Callaghan, Thatcher, Major,

Bliar, Brown, Cameron

]

constant "0" = Cameron

function "s" [n] = succ n

function "p" [n] = pred n

– 35 – 8th May, 2017@14:59 [715]


function "⊕" [x,y] = if x>y then x else y

predicate ">" [x, y] = x>y

predicate "Even" [n] = n /= Bliar || n /= Cameron

predicate "=" [x,y] = x==y

Note 8: From substitution to environment semantics 27RA well-known technique in the implementation of languages for which substitution for variables plays a role in the semantics is to avoid doing the work ofsubstitution. This work mostly consists of copying the parts of phrases that are not the variable being substituted for).

The technique that is used is to represent phrases by the usual data structures (in which variables can appear) together with an auxiliary structure (usuallycalled an environment) which records the substitutions that have been done so far.

Substitutions for variables appear in exactly two of the evaluation rules given in the main body of the text, namely:

▷ ∃α ⋅ φ is true iff φ[⟨⟨v⟩⟩/α] is true for some domain value v

▷ ∀α ⋅ φ is true iff φ[⟨⟨v⟩⟩/α] is true for every domain value v

If α occurs free in φ, then the recursive evaluation of φ[⟨⟨v⟩⟩/α] will eventually result in the application of the “quoted value” term rule:

▷ the value denoted by the constant symbol ⟨⟨v⟩⟩ is v

Following from this, our environments map variables directly to domain values. For if, while applying the evaluation rules, the formula φ is evaluated with ⟨⟨v⟩⟩substituted for the variable α, then that formula will eventually be evaluated in an environment in which α is mapped to the domain value v .

In what follows environments ρ are mappings from variables to domain values, and we write ρ⊕ {α ↦ v} (“extend ρ by mapping α to v”) to mean theenvironment that is identical to ρ except that it maps the variable α to the domain value v .

Writing [[ t ]]ρ for “the domain value denoted by the term t in environment ρ”, and [[ φ ]]ρ for “the truth value of the formula φ in environment ρ” we cantabulate the evaluation rules for all terms and formulæ concisely.

– 36 – 8th May, 2017@14:59 [715]


[[ α ]]ρ ρ(α) (for the variable α)[[ c ]]ρ Mconstant(c)[[ f (t1, ..., tn) ]]ρ Mfunction(f )([[ t1 ]]ρ, ..., [[ tn ]]ρ)[[ P(t1, ..., tn) ]]ρ T if and only if Mpredicate(P)([[ t1 ]]ρ, ..., [[ tn ]]ρ)[[ ¬φ ]]ρ ¬[[ φ ]]ρ[[ φ ∧ ψ ]]ρ [[ φ ]]ρ∧[[ ψ ]]ρ[[ φ ∨ ψ ]]ρ [[ φ ]]ρ∨[[ ψ ]]ρ[[ φ→ ψ ]]ρ [[ φ ]]ρ→[[ ψ ]]ρ[[ φ↔ ψ ]]ρ [[ φ ]]ρ↔[[ ψ ]]ρ[[ ∀α ⋅ φ ]]ρ T if and only if [[ φ ]]ρ⊕{α↦v} is T for every domain value v[[ ∃α ⋅ φ ]]ρ T if and only if [[ φ ]]ρ⊕{α↦v} is T for some domain value v

Note 9: Evaluation rules in Haskell 27RWe can easily translate our environment semantics into a partial Haskell implementation of the evaluation rules for predicate calculus formulæ and terms in amodel whose domain type is dom. The implementation is partial because it will not terminate for false existential quantifications (or true universalquantifications) over non-finite domains.

thingValue:: Model dom => Env dom -> Term -> dom

truthValue:: Model dom => Env dom -> Form -> Bool

thingValue ρ term =

case term of

Var α -> ρ αCon c -> constant c

App f terms -> (function f) (map (thingValue ρ) terms)

truthValue ρ form =

case form of

Sat p terms -> (predicate p) (map (thingValue ρ) terms)

Some α φ -> or (map (φ ‘asFunOf‘ α) universe)

All α φ -> and (map (φ ‘asFunOf‘ α) universe)

Not φ -> not(truthValue ρ φ)fl :/\ fr -> truthValue ρ fl && truthValue ρ fr

fl :\/ fr -> truthValue ρ fl || truthValue ρ fr

fl :-> fr -> truthValue ρ fl → truthValue ρ fr

fl :<-> fr -> truthValue ρ fl == truthValue ρ fr

where (φ ‘asFunOf‘ α) val = truthValue (extend ρ α val) φ

– 37 – 8th May, 2017@14:59 [715]


p → q = if p then q else True

An environment for a domain is a mapping from variables to domain values.

type Env dom = Var -> dom

The empty environment represents a situation in which no variables have been bound.

empty:: Env dom

empty α = error ("Trying to evaluate an unbound variable: "++α)

An environment ρ is extended to form a new environment by associating an additional variable with a domain value. The extended environment maps allother variables to the same values as the original did.

extend:: Env dom -> Var -> dom -> Env dom

extend ρ α v α’ = if α’==α then v else ρ α’

Note 10: 31R

There is a straightfoward method of transforming a model M in which some functions are partial into a model M̂ in which all functions are total.

▷ Augment the domain of M with a value: undef . Call the new domain D̂om

▷ Corresponding to each n-ary function f of the original model, define a “totalized” function f̂ over D̂omn

by

f̂ (v1, ..., vn) = f (v1, ..., vn), if f defined at (v1, ..., vn)f̂ (v1, ..., vn) = undef , otherwise

▷ Similarly, corresponding to each n-ary predicate P of the original model, define a predicate P̂ over D̂omn

by

P̂(v1, ..., vn) = P(v1, ..., vn), if (v1, ..., vn) ∈ Domn

P̂(v1, ..., vn) = F, otherwise

This straightfoward transformation will not, in general, preserve the truth values of formulae in the original model.

– 38 – 8th May, 2017@14:59 [715]

Introduction to Formal Proof · 2018-04-17 · Introduction to Formal Proof 3: Predicate Logic...

Documents

Transcript of Introduction to Formal Proof · 2018-04-17 · Introduction to Formal Proof 3: Predicate Logic...