530 likes | 682 Views
Towards Natural Style for Resolution Proofs in Theorema. Diana Dubu West University of Timiş oara eAustria Research Institute Supervis o r Prof. Dr. Tudor Jebelean. Presentation Outline. Work context Motivation Tool support Approach Notions My work Example Future work.
E N D
Towards Natural Style for ResolutionProofs in Theorema Diana Dubu West University of Timişoara eAustria Research Institute Supervisor Prof. Dr. Tudor Jebelean
Presentation Outline • Work context • Motivation • Tool support • Approach • Notions • My work • Example • Future work...
Presentation Outline • Work context • Motivation • Tool support • Approach • Notions • My work • Example • Future work...
Research Environment • Scholarship at the Research Institute for Symbolic Computation (RISC), Johannes Kepler Universität, Linz, Austria • Program Coordinator: Prof. Dr. Tudor Jebelean • Attendance at the Automated Theorem Proving II lecture and Theorema Seminars • Further collaborations with Theorema Group members
Presentation Outline • Work context • Motivation • Tool support • Approach • Notions • My work • Example • Future work...
WhyNatural Style? • Problems with proofs generated by clausa reasoners • too long (intermediary steps) • machine-oriented formalism • hard to follow by the user (even if experienced) • different system representations • Solution: • construct a uniform machine-independent representation • translate machine-found proofs into a human-comprehensible format
WhyNatural Style? • Problems with proofs generated by clausa reasoners • too long (intermediary steps) • machine-oriented formalism • hard to follow by the user (even if experienced) • different system representations • Solution: • construct a uniform machine-independent representation • translate machine-found proofs into a human-comprehensible format
Presentation Outline • Work context • Motivation • Tool support • Approach • Notions • My work • Example • Future work...
Toolkit Theorema • built on top of Mathematica at RISC by the Theorema Research Group initiated by Prof. Dr. Bruno Buchberger • integrates the computing capabilities of a CAS with the deduction capabilities of ATPs • interacts with the user in the language of predicate logic (the natural language for expressing mathematical properties and algorithms)
Proving in Theorema • methods for several mathematical domains: • propositional logic • general predicate logic • induction over integers and over lists • set theory • boolean combinations of polynomial [in]equalities (using Groebner Bases) • combinatorial summation (using Paule–Schorn–Zeilberger) • PCS (proving–computing–solving) for proving in higher-order logic with equality [Buchberger]
Tma Proof Object • generated as a result of the proof • contains the proof tree - information about: • assumptions’ list • subgoals at each proof step • formulae used at each step • formulae generated at each step • status (proved, failed, pending)
Tma Proof Object • generated as a result of the proof • contains the proof tree - information about: • assumptions’ list • subgoals at each proof step • formulae used at each step • formulae generated at each step • status (proved, failed, pending)
Tma Proof Object • generated as a result of the proof • contains the proof tree - information about: • assumptions’ list • subgoals at each proof step • formulae used at each step • formulae generated at each step • status (proved, failed, pending)
Example - $TmaProofObject Theorema`Provers`Common`ProofObject`Private`AndNode[ Theorema`Provers`Common`ProofObject`Private`ProofInfo["DoneMatching", •usedFormulae[], •generatedFormulae[]], Theorema`Provers`Common`ProofObject`Private`Subgoals[ Theorema`Provers`Common`ProofObject`Private`AndNode[Theorema`Provers`Common`ProofObject`Private`ProofInfo[ "ConclusionIsAssumption", •usedFormulae[ "Proposition (3)", "Proposition (1)/1"], •generatedFormulae[]], Theorema`Provers`Common`ProofObject`Private`Subgoals[], Theorema`Provers`Common`ProofObject`Private`MainProofSituation[ •lf["Proposition (3)", MORTAL[Confucius], •finfo[]], •asml[•lf[ "Proposition (1)/1", MORTAL[Confucius], •finfo[""]], •lf["Proposition (1)", ™ForAll[•range[•simpleRange[•var[x]]], True, ™Implies[MAN[•var[x]], MORTAL[•var[x]]]], •finfo[""]], •lf["Proposition (2)", MAN[Confucius], •finfo[""]]], •lkTab[{{"ProversHistory", {PND}}, {"LastProver", PND}, {"PND", •lkTab[{{"ModusPonensFacts", •lkTab[{}]}, {"NewFormulae", {{}, Theorema`Provers`PredicateLogic`Auxiliary`Private`•oldForms[]}}, {"GoalHistory", {MORTAL[Confucius]}}, {"MatchingFacts", •lkTab[{{{"Proposition (1)", "Proposition (2)"}, True}}]}}]}}]], Theorema`Provers`Common`ProofObject`Private`Constraints[], "proved"]], Theorema`Provers`Common`ProofObject`Private`MainProofSituation[•lf["Proposition (3)", MORTAL[Confucius], •finfo[]], •asml[•lf["Proposition (1)", ™ForAll[ •range[•simpleRange[•var[x]]], True, ™Implies[MAN[•var[x]], MORTAL[ •var[x]]]], •finfo[""]], •lf["Proposition (2)", MAN[Confucius], •finfo[""]]], •lkTab[{{"ProversHistory", {}}, {"LastProver", PND}, {"PND", •lkTab[{{"ModusPonensFacts", •lkTab[{}]}, {"MatchingFacts", •lkTab[{}]}, {"NewFormulae", {{}, Theorema`Provers`PredicateLogic`Auxiliary`Private`•oldForms[]}}, {"GoalHistory", {MORTAL[Confucius]}}}]}}]], Theorema`Provers`Common`ProofObject`Private`Constr\ aints[], "proved"]]
Example - $TmaProofObject Theorema`Provers`Common`ProofObject`Private`AndNode[ Theorema`Provers`Common`ProofObject`Private`ProofInfo["DoneMatching", •usedFormulae[], •generatedFormulae[]], Theorema`Provers`Common`ProofObject`Private`Subgoals[ Theorema`Provers`Common`ProofObject`Private`AndNode[Theorema`Provers`Common`ProofObject`Private`ProofInfo[ "ConclusionIsAssumption", •usedFormulae[ "Proposition (3)", "Proposition (1)/1"], •generatedFormulae[]], Theorema`Provers`Common`ProofObject`Private`Subgoals[], Theorema`Provers`Common`ProofObject`Private`MainProofSituation[ •lf["Proposition (3)", MORTAL[Confucius], •finfo[]], •asml[•lf[ "Proposition (1)/1", MORTAL[Confucius], •finfo[""]], •lf["Proposition (1)", ™ForAll[•range[•simpleRange[•var[x]]], True, ™Implies[MAN[•var[x]], MORTAL[•var[x]]]], •finfo[""]], •lf["Proposition (2)", MAN[Confucius], •finfo[""]]], •lkTab[{{"ProversHistory", {PND}}, {"LastProver", PND}, {"PND", •lkTab[{{"ModusPonensFacts", •lkTab[{}]}, {"NewFormulae", {{}, Theorema`Provers`PredicateLogic`Auxiliary`Private`•oldForms[]}}, {"GoalHistory", {MORTAL[Confucius]}}, {"MatchingFacts", •lkTab[{{{"Proposition (1)", "Proposition (2)"}, True}}]}}]}}]], Theorema`Provers`Common`ProofObject`Private`Constraints[], "proved"]], Theorema`Provers`Common`ProofObject`Private`MainProofSituation[•lf["Proposition (3)", MORTAL[Confucius], •finfo[]], •asml[•lf["Proposition (1)", ™ForAll[ •range[•simpleRange[•var[x]]], True, ™Implies[MAN[•var[x]], MORTAL[ •var[x]]]], •finfo[""]], •lf["Proposition (2)", MAN[Confucius], •finfo[""]]], •lkTab[{{"ProversHistory", {}}, {"LastProver", PND}, {"PND", •lkTab[{{"ModusPonensFacts", •lkTab[{}]}, {"MatchingFacts", •lkTab[{}]}, {"NewFormulae", {{}, Theorema`Provers`PredicateLogic`Auxiliary`Private`•oldForms[]}}, {"GoalHistory", {MORTAL[Confucius]}}}]}}]], Theorema`Provers`Common`ProofObject`Private`Constr\ aints[], "proved"]]
Example - $TmaProofObject Theorema`Provers`Common`ProofObject`Private`AndNode[ Theorema`Provers`Common`ProofObject`Private`ProofInfo["DoneMatching", •usedFormulae[], •generatedFormulae[]], Theorema`Provers`Common`ProofObject`Private`Subgoals[ Theorema`Provers`Common`ProofObject`Private`AndNode[Theorema`Provers`Common`ProofObject`Private`ProofInfo[ "ConclusionIsAssumption", •usedFormulae[ "Proposition (3)", "Proposition (1)/1"], •generatedFormulae[]], Theorema`Provers`Common`ProofObject`Private`Subgoals[], Theorema`Provers`Common`ProofObject`Private`MainProofSituation[ •lf["Proposition (3)", MORTAL[Confucius], •finfo[]], •asml[•lf[ "Proposition (1)/1", MORTAL[Confucius], •finfo[""]], •lf["Proposition (1)", ™ForAll[•range[•simpleRange[•var[x]]], True, ™Implies[MAN[•var[x]], MORTAL[•var[x]]]], •finfo[""]], •lf["Proposition (2)", MAN[Confucius], •finfo[""]]], •lkTab[{{"ProversHistory", {PND}}, {"LastProver", PND}, {"PND", •lkTab[{{"ModusPonensFacts", •lkTab[{}]}, {"NewFormulae", {{}, Theorema`Provers`PredicateLogic`Auxiliary`Private`•oldForms[]}}, {"GoalHistory", {MORTAL[Confucius]}}, {"MatchingFacts", •lkTab[{{{"Proposition (1)", "Proposition (2)"}, True}}]}}]}}]], Theorema`Provers`Common`ProofObject`Private`Constraints[], "proved"]], Theorema`Provers`Common`ProofObject`Private`MainProofSituation[•lf["Proposition (3)", MORTAL[Confucius], •finfo[]], •asml[•lf["Proposition (1)", ™ForAll[ •range[•simpleRange[•var[x]]], True, ™Implies[MAN[•var[x]], MORTAL[ •var[x]]]], •finfo[""]], •lf["Proposition (2)", MAN[Confucius], •finfo[""]]], •lkTab[{{"ProversHistory", {}}, {"LastProver", PND}, {"PND", •lkTab[{{"ModusPonensFacts", •lkTab[{}]}, {"MatchingFacts", •lkTab[{}]}, {"NewFormulae", {{}, Theorema`Provers`PredicateLogic`Auxiliary`Private`•oldForms[]}}, {"GoalHistory", {MORTAL[Confucius]}}}]}}]], Theorema`Provers`Common`ProofObject`Private`Constr\ aints[], "proved"]]
A:\Link1\-home-info-www-people-knakagaw-ex-indexlnk2.htm Predicate Logic Prover Prove: (Proposition (6))¬((¬Q)\[Or](¬R)), under the assumptions: (Proposition (1))P\[Or]Q, (Proposition (2))Q\[Or]R, (Proposition (3))R\[Or]W, (Proposition (4))(¬R)\[Or](¬P), (Proposition (5))(¬W)\[Or](¬Q). We prove (Proposition (6)) by contradiction. We assume (1)(¬Q)\[Or](¬R), and show a contradiction. We prove (a contradiction) by case distinction using (1). Case (1.1) ¬Q: We delete (Proposition (5)) because it is subsumed by (1.1). From (1.1) and (Proposition (1)) we obtain by resolution (2)P. From (2) and (Proposition (4)) we obtain by resolution (3)¬R. From (1.1) and (Proposition (2)) we obtain by resolution (4)R. Formula (a contradiction) is proved because (4) and (3) are contradictory. Case (1.2) ¬R: We delete (Proposition (4)) because it is subsumed by (1.2). From (1.2) and (Proposition (2)) we obtain by resolution (5)Q. We delete (Proposition (1)) because it is subsumed by (5). From (5) and (Proposition (5)) we obtain by resolution (6)¬W. From (1.2) and (Proposition (3)) we obtain by resolution (7)W. Formula (a contradiction) is proved because (7) and (6) are contradictory. Additional Proof Generation Information The Proof Call Prove[Proposition["6"], using\[Rule]{Proposition["1"],Proposition["2"],Proposition["3"], Proposition["4"],Proposition["5"]},SearchDepth->35]; Formulae Occuring during the Proof (1)(¬Q)\[Or](¬R) (1.1)¬Q (1.2)¬R (2)P (3)¬R (4)R (5)Q (6)¬W (7)W (a contradiction)False (Proposition (1))P\[Or]Q (Proposition (2))Q\[Or]R (Proposition (3))R\[Or]W (Proposition (4))(¬R)\[Or](¬P) (Proposition (5))(¬W)\[Or](¬Q) (Proposition (6))¬((¬Q)\[Or](¬R)) Theorema Proof Notebook
and... Otter • a resolution-style theorem proving program for first order with equality • includes the inference rules: binary resolution, hyperresolution, UR-resolution and binary paramodulation • transforms formulae into normal form • there is a direct link with Theorema
Theorema and Otterblack box link Translating component T h e o r e m a Proof in a notebook a TranslatorStep 2 ExternalSystemStep 4 Theorema callProve[…] Step 1 Step 3 Step 5 Linking component to external system
Theorema and Otterwhite box link Translating component T h e o r e m a Proof in a notebook a TranslatorStep 2 ExternalSystemStep 4 Theorema callProve[…] Step 1 Step 3 BackTranslatorStep 6 Step 7 Step 5 Linking component to external system
Presentation Outline • Work context • Motivation • Tool support • Approach • Notions • My work • Example • Future work...
How? • Understand underlying mechanisms of proving in Theorema • Understand the interaction with external provers (i.e. Otter) of Theorema • Study the current status of research w.r.t. Natural Style (i.e. Transformation of Machine-Found Proofs into Assertion Level Proofs, Andreas Meier)
Other Approaches1. • Search for an optimal proof by applying the transformation rules on-the-fly: • Rewrite-rules (Buchberger, Jebelean) • S-decomposition in [Jebelean]
Other Approaches2. • Transform Resolution proofs into Natural Deduction proofs [Andrews, Miller, Schmitt & Kreitz, Lingenfelder] • Problems: • many levels of indirect parts • Cause: use of ND-rules for eliminating quantifiers and connectors • representation • Cause: a large number of low-level syntactical manipulations of logical quantifiers and connectives
This approach Andreas Meier -> perform transformations at the assertion level Assertions: theorems and definitions
Relevant information Refutation graphs Transformation algorithm Extract Transformationprocedures ND*rules Proof result (string) ND proof NaturalStyleProof Proof call Prove[…] Otter Schemata of the Approach Theorema §TmaProofObject Notebook
Which proofs? • Proofs obtained by resolution through refutation A set of clauses is unsatisfiable (inconsistent) iff there is a resolution deduction of the empty clause from S.
Refutation Definition A refutation of Δ is a derivation in which some finite subset of ground formulas is unsatisable. (Δ = a finite set of closed formulae in normal form) How? Add negated goal to the set of axioms and prove the inconsistency of the new set by producing the empty clause through a set of inferences.
Resolution Principle (Robinson, 1965) For any two clauses C and D, if there is a literal L1 in C that is complementary to a literal L2 in D, then delete L1 and L2 from C and D, respectively, and construct the disjunction of the remaining clauses. The constructed clause is a resolvent of C and D(Chang and Lee, Symbolic Logic and Mechanical TheoremProving)
Problem: Proofs’ format vary with the systeme (automated theorem prover) Solution: Find a common representation of machine-found proofs. Refutation Graphs (Transformation of Machine-Found Proofs into Assertion Level Proofs, Andreas Meier)
Presentation Outline • Work context • Motivation • Tool support • Approach • Notions • My work • Example • Future work...
Definitions Clause graph- a quadruple G = (L,C,MLit,), where • Lis a finite set; elements are literal nodes • C2L is a partition of the set of literal nodes; elements are clause nodes of G • MLit is a mapping from L to the set of literals, labelling literal nodes with literals • , the set of links, is a partition of a subset of L, s.t. for all the following hold: 1 All the literal nodes in one link are labeled with literals whos atoms are unifible 2 There must be at least one positive shore and one negative literal literal in a link
Literal nodes not belonging to any link are called pure • Each link has two opposite shores: a positive shore S+() and a negativeshore S-() (i.e. literal nodes with positive and negative literals, respectively) • trail- a walk in which all links are distrinct; joins start and end clause nodes; a trail to a link - a trail whose last clause has a literal in • cycle - a trail joining a clause node to itself; a graph with such a cicle is called cyclic
+A +B Example -B -A +B • Deduction graph- a non-empty, ground (i.e. all literals are ground) and acyclic clause graph • Refutation graph a deduction graph without pure literal nodes • Minimal deduction (refutation) graph - one containing no proper subgraph which is itself a deduction (refutation) graph)
Presentation Outline • Work context • Motivation • Tool support • Approach • Notions • My work • Example • Future work...
How to obtain refutation graphs? • Call Otter for proving by resolution (automatic transformation in normal form) • Retrieve the result in $TmaProofObject • Parse $TmaProofObject and extract relevant information (used formulae, generated formulae) • Build the data structure
Algorithm • C1;C2; :::;Cn - initial set of clauses - represent the nodes in the refutation graph • Identify the resolvents R1;R2; :::;Rm generated by the inference rules • Determine the links in the refutation graph: 1. Identify in each resolvent Ri from the set R1;R2; :::;Rm which original clause has been used. For the inferences using resolvents to generate new ones, identify from which original clauses have the former been generated 2. Extract from the initial clauses the literals remaining after the resolution step and connect them s. t. each link has a positive shore and a negative one.
Remarks • It is possible that a literal in Ri originates from more than one initial clause all labels are stored s.t. all possible links between the nodes of the refutation graph are established • Parsing has been performed on strings (black box link)
Presentation Outline • Work context • Motivation • Tool support • Approach • Notions • My work • Example • Future work...
Considering Simple example prove Q R, R (P Q), P (Q R) P Q
q q r -r -p p -q p -q -r -p q Refutation graph 1 6 1.1 1.2 4 6.2 6.1 2 4.1 4.2 2.1 2.2 3 5 r 3.2 3.1 5.3 5.1 5.2 Theorem A deduction graph is minimal iff it has one more clauses as links. [Eisinger]
Presentation Outline • Work context • Motivation • Tool support • Approach • Notions • My work • Example • Future work...
Future directions • Implementation of transformation procedure in Theorema • Extend the analysis to predicate logic • Analize proofs obtained from other provers or with other proving methods
What’s next? • Analyse and transform the refutation graphs s.t. proofs are simplified • How? The solution offered by Andreas Meier with possible(?) improvements
UC1 UC2 UC3 RLit AC Definitions • Unit Clause Step (UCS) G - refutation graph. {AC, {UC1,…, UCn}, Rlit} is a UCS in G if: • AC, UC1,…, UCn - clauses in G, Rlit - literal of AC • UC1,…, UCn - unit clauses, AC - not an unit clause • each literal of AC (except Rlit) - linked with the some unit clauses’s literal of UC1,…, Ucn • UC1,…, UCn} - unit clauses , AC - assertion clause, Rlit - result literal of the UCS
UCS - Replacement • G - refutation graph. {AC, {UC1,…, UCn}, Rlit} a UCS in G, UCnew a new unit clause consisting of Rlit. UCS-replacement: • Remove AC from G • Add UCnew to G • - link connecting Rlit of AC. If was removed at first step, add ’ connecting Rlit of UCnew and literals connected by . Otherwise, add Rlit of UCnew to . • Each of UC1,…, UCn, whose literal became pure at 1st step is removed
UCS-Decomposition Algorithm • G - refutation graph • Initialization-step: D(G)={} şi Gcurr=G • UCS - replacement step: While Gcurris not an end step: • Seek and UCS in Gcurr • Replace in Gcurr and assign Gcurr to the resulting refutation graph • Assign D(G)=D(G) {} If there is no UCS in Gcurr stop with error message • Final step: If Gcurr has the form of an end step S, assign D(G)=D(G) S and finish
Obtain UCS-decomposable graphs Liquidation-Strategy with the Direct-Decomposition Method Transformation rules Not minimal => is liquidated
Obtain UCS-decomposable graphs Separation Strategy with the Direct Decomposition Method Transformation rules