1 / 12

Advanced Formal Methods Lecture 7: Isabelle – Sets

Course 2D1453, 2006-07. Advanced Formal Methods Lecture 7: Isabelle – Sets. Mads Dam KTH/CSC. Material from L. Paulson. Basic Constructions. types ’  set = ’  ! bool Note that HOL sets are always typed Easy to define basic set constructions: ; :: ’  set =  x. false

cutler
Download Presentation

Advanced Formal Methods Lecture 7: Isabelle – Sets

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Course 2D1453, 2006-07 Advanced Formal MethodsLecture 7: Isabelle – Sets Mads Dam KTH/CSC Material from L. Paulson

  2. Basic Constructions types ’ set = ’! bool Note that HOL sets are always typed Easy to define basic set constructions: ;:: ’ set = x. false {t} = x. x = t t 2 A = A t A µ B = 8x. A x ! B x A [ B = x. :(A x) ! B x 8x 2 A. P x = 8x. x 2 A ! P x 9x 2 A. P x = 9x. x 2 A Æ P x

  3. Exercises Exercise 1: Represent in Isabelle the following set operations: • A Å B • Åx2 A B x, [x2 A B x • insert :: ’) ’ set ) ’ set

  4. Proof Rules Prove lemmas following natural deduction-style introduction and elimination rules: subsetI: (Æ x. x 2 A ) x 2 B) ) A µ B subsetE: « A µ B; x 2 A ¬) x 2 B ballI: (Æ x. x 2 A ) P x) )8x 2 A. P x ballE: «8x 2 A. P x ; x 2 A ¬) P x etc. etc.

  5. Finite Sets Inductive definition: • The empty set is finite • Adding an element to a finite set produces a finite set • These are the only finite sets HOL encoding: consts Fin :: ’ set set inductive Fin Intros ;2 Fin A 2 Fin ) insert a A 2 Fin

  6. Example: Even Numbers Inductively: • 0 is even • If n is even then so is n + 2 • These are the only even numbers In Isabelle HOL: consts Ev :: nat set inductive Ev intros 0 2 Ev n 2 Ev ) n + 2 2 Ev

  7. Inductively Defined Sets Definition mechanism: • Define carrier set • Declare set to be inductively defined • Declare introduction methods Declaration inductive tells Isabelle to produce a number of proof rules: • Introduction rules • Induction rules • Elimination rules (case construction) • Rule inversion rules

  8. Example: Proof by Induction Definition of set Ev produces induction principle Goal: m 2 Ev ) m + m 2 Ev Proof: • m = 0 ! 0 + 0 2 Ev • m = n + 2 and n 2 Ev and m 2 Ev and n + n 2 Ev ) m + m = (n + 2) + (n + 2) = ((n + n) + 2) + 2 2 Ev

  9. Rule Induction for Ev To prove n 2 Ev ) P n by rule induction on n 2 Ev we must prove • P 0 • P n ) P (n + 2) Isabelle-generated induction principle: « n 2 Ev ; P 0 ; Æ n. P n ) P (n +2) ¬) P n An elimination rule for Ev!

  10. Rule Inversion Isabelle proves this by induction: ev.cases: «n 2 Ev; n = 0 ) P ; Æm. « n = Suc(Suc m); m 2 Ev¬) P ¬) P inductive cases <Name>: Suc(Suc n) 2 Ev Instantiates even.cases to produce: <Name>: « Suc(Suc n) 2 Ev ; n 2 Ev ) P ¬) P Equivalently: Suc(Suc n) 2 Ev ) n 2 Ev

  11. Mutual Induction Even and odd numbers: consts Ev :: nat set Odd :: nat set inductive Ev Odd intros zero: 0 2 Ev evenI: n 2 Odd ) Suc n 2 Ev oddI: n 2 Ev ) Suc n 2 Odd

  12. Exercise Exercise 2: Define a recursive datatype of implicational formulas containing constants tt and ff and binary constructor -> (infixed, probably, for readability). Define inductively the set of provable formulas as the least set containing, for all formulas F, G, H, the formulas F -> F F -> (G -> F) (F -> (G -> H)) -> (F -> G) -> (F -> H) and closed under modus ponens (F and F -> G in the set implies G in the set). Formulate a predicate ”valid” on formulas, and show, in Isabelle, that all provable formulas a valid.

More Related