- 87 Views
- Uploaded on
- Presentation posted in: General

MAT 7003 : Mathematical Foundations (for Software Engineering) J Paul Gibson, A207

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

MAT 7003 : Mathematical Foundations

(for Software Engineering)

J Paul Gibson, A207

http://www-public.it-sudparis.eu/~gibson/Teaching/MAT7003/

ProofsWith RODIN

http://www-public.it-sudparis.eu/~gibson/Teaching/MAT7003/L8-ProofsWithRodin.pdf

TSP: MSC SAI Mathematical Foundations

Working with RODIN: different proof techniques

Proof by exhaustion, establishes the conclusion by dividing it into a finite number of cases and proving each one separately.

Proof by contradiction (reductio ad absurdum) - it is shown that if some statement were true then a logical contradiction occurs, hence the statement must be false.

Proof by transposition (contrapositive) establishes the conclusion "if p then q" by proving the equivalent statement "if not q then not p".

Proof by mathematical induction establishes a "base case" and then an "induction rule" is used to prove a series of, possibly infinite, other cases

Proof by construction, or proof by example, is the construction of a concrete example with a property to show that something having that property exists

A nonconstructive proof establishes that a certain mathematical object must exist without explaining how such an object can be found. Often, this uses a proof by contradiction in which the nonexistence of the object is proven to be impossible.

TSP: MSC SAI Mathematical Foundations

The proving perspective (Rodin User Manual)

http://wiki.event-b.org/index.php/The_Proving_Perspective_(Rodin_User_Manual)

TSP: MSC SAI Mathematical Foundations

The proving perspective (Rodin User Manual)

http://wiki.event-b.org/index.php/The_Proving_Perspective_(Rodin_User_Manual)

Decoration

The leaves of the tree are decoratedwith one of threeicons:

- meansthatthisleafisdischarged,
- meansthatthisleafis not discharged,
- meansthatthisleaf has been reviewed.

TSP: MSC SAI Mathematical Foundations

The proving perspective (Rodin User Manual)

http://wiki.event-b.org/index.php/The_Proving_Perspective_(Rodin_User_Manual)

TSP: MSC SAI Mathematical Foundations

The proving perspective (Rodin User Manual)

http://wiki.event-b.org/index.php/The_Proving_Perspective_(Rodin_User_Manual)

TSP: MSC SAI Mathematical Foundations

The proving perspective (Rodin User Manual)

http://wiki.event-b.org/index.php/The_Proving_Perspective_(Rodin_User_Manual)

Proof Control View

TSP: MSC SAI Mathematical Foundations

The proving perspective (Rodin User Manual)

http://wiki.event-b.org/index.php/The_Proving_Perspective_(Rodin_User_Manual)

SearchHypothesesView

TSP: MSC SAI Mathematical Foundations

The proving perspective (Rodin User Manual)

http://wiki.event-b.org/index.php/The_Proving_Perspective_(Rodin_User_Manual)

TSP: MSC SAI Mathematical Foundations

Example 1: odd and evenintegers

How wouldyouspecify the sets of odd and evenintegers?

Whatinterestingpropertiesshouldwebe able to prove?

Does the structure of the specification help/hinder the proof process?

Wecan examine how to do thisusing Rodin

TSP: MSC SAI Mathematical Foundations

OddEven : proposed solution 1

Q: Can youexplain the axioms and theorems ?

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 2 iseven

Whycan’t the tool do thisautomatically?

Interactive proof – the red bits provide interaction points

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 2 iseven

A good startis to simplify by removing the axiomsthat are not relevant in the proof

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 2 iseven

We know 2 isevenbecause 2 = 1 + 1 … soweneed to tell the tool by using the forallaxiom.

But wecanseparate the <=> as weonlyneedit in 1 direction. This rewrites the equivalenceas 2 implications

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 2 iseven

NOTE: The proof treeisupdated

Which of twoforallaxioms do we no longer need?

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 2 iseven

Now, wewant to instantiate x with the value 2 and apply modus ponens (by clicking on the =>)

This gives a goal whichisimmediatelyprovable by instantiation of y to 1

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 2 iseven

Now, dont forget to save the proof

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 4 iseven

Follow the samereasoning as for proving 2 iseven

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 3 isodd

The goal seemsobvious, but whyisit not provenautomatically?

In order not to waste time wecan mark it as reviewed

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 3 isodd

TSP: MSC SAI Mathematical Foundations

OddEven 1: proving 5 isodd

Wecan do the same for 5

TSP: MSC SAI Mathematical Foundations

OddEven 1: provingeven+even = even

Can you do the proof yourselves?

TSP: MSC SAI Mathematical Foundations

OddEven : proposed solution 2

Q: Can youexplain the axioms and theorems ?

Think about why certain are more easilyproventhanothers … try to prove axm5 and review axiom7

TSP: MSC SAI Mathematical Foundations

OddEven : proposed solution 3

Q: Can youexplain the axioms and theorems ?

Think about why certain are more easilyproventhanothers … try to prove axm10

TSP: MSC SAI Mathematical Foundations

OddEven : proposed solution 3

Westart the proof by considering the simplest cases where a=0 or b = 0 …

dc a = 0

dc b = 0

TSP: MSC SAI Mathematical Foundations

OddEven : proposed solution 3

Wecanthenaddhypotheses to help in the proof

QUESTION: But, are wemissingsomethingcritical?

TSP: MSC SAI Mathematical Foundations

Arrays in Event-B

Some of youasked about specifyingarrays.

These are simply a functionfrominteger indexes to arrayelement values

TSP: MSC SAI Mathematical Foundations

Another Event-B Example : PurseBehaviour

TSP: MSC SAI Mathematical Foundations

Another Event-B Example : PurseBehaviour

TSP: MSC SAI Mathematical Foundations

Another Event-B Example : PurseBehaviour

Modelling a change of state to a Purse: adding a coin

Question: canyou model the removal of a coin?

TSP: MSC SAI Mathematical Foundations