formal software development program
Post on 04-Jun-2018
216 Views
Preview:
TRANSCRIPT
-
8/13/2019 Formal Software Development Program
1/997
Formal Software Development
Adrian Zidaritz
zidaritz berkeley.edu
March 8, 2011
-
8/13/2019 Formal Software Development Program
2/997
Introduction
This is an overview of the Formal Software Development program. It iswritten for software professionals, and as such, it assumes some familiaritywith symbolic manipulation.
In this overview, we:
Explain what a mathematical formal system is
Show why formal systems are the foundation of software
Give some concrete examples of formal software developmentPresent the structure and the goals of the program
Formal Software Development Program Overview March 8, 2011 2 / 187
-
8/13/2019 Formal Software Development Program
3/997
Introduction
may
be
skip
ped
Some slides are marked with this gray sticker; they con-tain some fairly elementary mathematical concepts, es-sentially induction. These slides may be skipped.
may
be
skippe
dOther slides are marked with this red sticker; they as-sume knowledge of higher level algebra and treatinduc-tion at a more advanced level. These slides may alsobe skipped.
We include these optional slides because the program itself is a progressionfrom basic concepts to more advanced ones, and we want to give allprospective students a birds-eye view of the entire program and a roadmapto follow. Moreover, induction is the central proof technique of the program.
Formal Software Development Program Overview March 8, 2011 3 / 187
-
8/13/2019 Formal Software Development Program
4/997
What is formal software development
1 What is formal software development
2 Implementing formal systems
3 When are proofs used
4 What formal software development is not
5 Formal verification of programs
6 Mathematics and Software
7 Concrete examples of what we do in the program
8 Program goals and course structure
Formal Software Development Program Overview March 8, 2011 4 / 187
Wh i f l f d l M h i f d i
-
8/13/2019 Formal Software Development Program
5/997
What is formal software development Mathematics as foundation
The use of mathematical logic
Formal Software Development Program Overview March 8, 2011 5 / 187
Wh t i f l ft d l t M th ti f d ti
-
8/13/2019 Formal Software Development Program
6/997
What is formal software development Mathematics as foundation
The use of mathematical logic
Formal software development is the use ofmathematical logicto specify,design, build, analyze and test software.
Formal Software Development Program Overview March 8, 2011 5 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
7/997
What is formal software development Mathematics as foundation
What does it mean to use mathematical logic?
Formal Software Development Program Overview March 8, 2011 6 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
8/997
What is formal software development Mathematics as foundation
What does it mean to use mathematical logic?
It means that one has to
Formal Software Development Program Overview March 8, 2011 6 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
9/997
What is formal software development Mathematics as foundation
What does it mean to use mathematical logic?
It means that one has to
study mathematical logic
Formal Software Development Program Overview March 8, 2011 6 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
10/997
What is formal software development Mathematics as foundation
What does it mean to use mathematical logic?
It means that one has to
study mathematical logic
study the tools that implement various logics
Formal Software Development Program Overview March 8, 2011 6 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
11/997
p
What does it mean to use mathematical logic?
It means that one has to
study mathematical logic
study the tools that implement various logics
understand how to apply these tools to software engineering
Formal Software Development Program Overview March 8, 2011 6 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
12/997
p
How much mathematical logic?
Formal Software Development Program Overview March 8, 2011 7 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
13/997
How much mathematical logic?
Mathematical logic is a large field in itself; it consists of proof theory,model theory, and recursive functions (=computability); set theory isregarded by many as belonging to logic too
Formal Software Development Program Overview March 8, 2011 7 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
14/997
How much mathematical logic?
Mathematical logic is a large field in itself; it consists of proof theory,model theory, and recursive functions (=computability); set theory isregarded by many as belonging to logic too
Logic is also the basis of many fields of computer science: type theory,specification languages, theory of computation, term rewriting, various
program logics, automatic and interactive provers, etc . . .
Formal Software Development Program Overview March 8, 2011 7 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
15/997
How much mathematical logic?
Mathematical logic is a large field in itself; it consists of proof theory,model theory, and recursive functions (=computability); set theory isregarded by many as belonging to logic too
Logic is also the basis of many fields of computer science: type theory,specification languages, theory of computation, term rewriting, various
program logics, automatic and interactive provers, etc . . .Formal software development needs results from all these subfields ofmathematical logic and from many of its applications to computer science
Formal Software Development Program Overview March 8, 2011 7 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
16/997
How much mathematical logic?
Mathematical logic is a large field in itself; it consists of proof theory,model theory, and recursive functions (=computability); set theory isregarded by many as belonging to logic too
Logic is also the basis of many fields of computer science: type theory,specification languages, theory of computation, term rewriting, various
program logics, automatic and interactive provers, etc . . .Formal software development needs results from all these subfields ofmathematical logic and from many of its applications to computer science
So the answer to the title question would be: an awful lot
Formal Software Development Program Overview March 8, 2011 7 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
17/997
How much mathematical logic?
Mathematical logic is a large field in itself; it consists of proof theory,model theory, and recursive functions (=computability); set theory isregarded by many as belonging to logic too
Logic is also the basis of many fields of computer science: type theory,specification languages, theory of computation, term rewriting, various
program logics, automatic and interactive provers, etc . . .Formal software development needs results from all these subfields ofmathematical logic and from many of its applications to computer science
So the answer to the title question would be: an awful lot
Part of the motivation behind this overview is to show you the programsroad map through this large body of knowledge, a road that should leadto significant applications in software development
Formal Software Development Program Overview March 8, 2011 7 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
18/997
How much mathematical logic?
Mathematical logic is a large field in itself; it consists of proof theory,model theory, and recursive functions (=computability); set theory isregarded by many as belonging to logic too
Logic is also the basis of many fields of computer science: type theory,specification languages, theory of computation, term rewriting, various
program logics, automatic and interactive provers, etc . . .Formal software development needs results from all these subfields ofmathematical logic and from many of its applications to computer science
So the answer to the title question would be: an awful lot
Part of the motivation behind this overview is to show you the programsroad map through this large body of knowledge, a road that should leadto significant applications in software development
At the core of this use of logic are the formal systems
Formal Software Development Program Overview March 8, 2011 7 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
19/997
What is a mathematical formal system?
Formal Software Development Program Overview March 8, 2011 8 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
20/997
What is a mathematical formal system?
A (mathematical) formal system is a languageand a set ofrules
Formal Software Development Program Overview March 8, 2011 8 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
21/997
What is a mathematical formal system?
A (mathematical) formal system is a languageand a set ofrules
The word formal is meant to embody the rigidity and the precision oflanguage and rules
Formal Software Development Program Overview March 8, 2011 8 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
22/997
What is a mathematical formal system?
A (mathematical) formal system is a languageand a set ofrules
The word formal is meant to embody the rigidity and the precision oflanguage and rules
. . . in opposition to informal systems based on natural languages, whichare flexible and ambiguous
Formal Software Development Program Overview March 8, 2011 8 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
23/997
What is a mathematical formal system?
A (mathematical) formal system is a languageand a set ofrules
The word formal is meant to embody the rigidity and the precision oflanguage and rules
. . . in opposition to informal systems based on natural languages, whichare flexible and ambiguous
You may think of a formal system as a recipe, to be applied mechanically,without any creative thinking
Formal Software Development Program Overview March 8, 2011 8 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
24/997
What is a mathematical formal system?
A (mathematical) formal system is a languageand a set ofrules
The word formal is meant to embody the rigidity and the precision oflanguage and rules
. . . in opposition to informal systems based on natural languages, whichare flexible and ambiguous
You may think of a formal system as a recipe, to be applied mechanically,without any creative thinking
So by itself, a formal system is inert, it does not do anything
Formal Software Development Program Overview March 8, 2011 8 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
25/997
What is a mathematical formal system?
A (mathematical) formal system is a languageand a set ofrules
The word formal is meant to embody the rigidity and the precision oflanguage and rules
. . . in opposition to informal systems based on natural languages, whichare flexible and ambiguous
You may think of a formal system as a recipe, to be applied mechanically,without any creative thinking
So by itself, a formal system is inert, it does not do anythingWe are not concerned for now with a specific meaningof such a system
Formal Software Development Program Overview March 8, 2011 8 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
26/997
What can we do with such a system?
Formal Software Development Program Overview March 8, 2011 9 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
27/997
What can we do with such a system?
We can reason based on the rules
Formal Software Development Program Overview March 8, 2011 9 / 187
What is formal software development Mathematics as foundation
-
8/13/2019 Formal Software Development Program
28/997
What can we do with such a system?
We can reason based on the rules
Reason means nothing but the blind application of the rules to sentencesof the language in order to derive other sentences
Formal Software Development Program Overview March 8, 2011 9 / 187
What is formal software development Mathematics as foundation
?
-
8/13/2019 Formal Software Development Program
29/997
What can we do with such a system?
We can reason based on the rules
Reason means nothing but the blind application of the rules to sentencesof the language in order to derive other sentences
We begin with a look at a simple formal system
Formal Software Development Program Overview March 8, 2011 9 / 187
What is formal software development Mathematics as foundation
Wh d i h h ?
-
8/13/2019 Formal Software Development Program
30/997
What can we do with such a system?
We can reason based on the rules
Reason means nothing but the blind application of the rules to sentencesof the language in order to derive other sentences
We begin with a look at a simple formal system
The concepts introduced while looking at this simple system are the nutsand bolts of the program
Formal Software Development Program Overview March 8, 2011 9 / 187
What is formal software development Mathematics as foundation
Wh d i h h ?
-
8/13/2019 Formal Software Development Program
31/997
What can we do with such a system?
We can reason based on the rules
Reason means nothing but the blind application of the rules to sentencesof the language in order to derive other sentences
We begin with a look at a simple formal system
The concepts introduced while looking at this simple system are the nutsand bolts of the program
Try to understand this simple system as much as possible
Formal Software Development Program Overview March 8, 2011 9 / 187
What is formal software development Mathematics as foundation
Wh t d ith h t ?
-
8/13/2019 Formal Software Development Program
32/997
What can we do with such a system?
We can reason based on the rules
Reason means nothing but the blind application of the rules to sentencesof the language in order to derive other sentences
We begin with a look at a simple formal system
The concepts introduced while looking at this simple system are the nutsand bolts of the program
Try to understand this simple system as much as possible
Otherwise parts of the overview will sound gibberish
Formal Software Development Program Overview March 8, 2011 9 / 187
What is formal software development Example: a simple formal system
E l f f l t
-
8/13/2019 Formal Software Development Program
33/997
Example of a formal system
Formal Software Development Program Overview March 8, 2011 10 / 187
What is formal software development Example: a simple formal system
E l f f l s st
-
8/13/2019 Formal Software Development Program
34/997
Example of a formal system
The language
Formal Software Development Program Overview March 8, 2011 10 / 187
What is formal software development Example: a simple formal system
Example of a formal system
-
8/13/2019 Formal Software Development Program
35/997
Example of a formal system
The language
The alphabet of our language consists of three symbols: a,b, and*.
Formal Software Development Program Overview March 8, 2011 10 / 187
What is formal software development Example: a simple formal system
Example of a formal system
-
8/13/2019 Formal Software Development Program
36/997
Example of a formal system
The language
The alphabet of our language consists of three symbols: a,b, and*.
Symbol combinations are called formulas.
Formal Software Development Program Overview March 8, 2011 10 / 187
What is formal software development Example: a simple formal system
Example of a formal system
-
8/13/2019 Formal Software Development Program
37/997
Example of a formal system
The language
The alphabet of our language consists of three symbols: a,b, and*.
Symbol combinations are called formulas.
Soab,baa*,**a*bbbare examples of formulas.
Formal Software Development Program Overview March 8, 2011 10 / 187
What is formal software development Example: a simple formal system
Example of a formal system
-
8/13/2019 Formal Software Development Program
38/997
Example of a formal system
The language
The alphabet of our language consists of three symbols: a,b, and*.
Symbol combinations are called formulas.
Soab,baa*,**a*bbbare examples of formulas.
A language has a grammar: a way to specify which formulas are accept-able; the technical term is well-formed formulas, wffsin short.
Formal Software Development Program Overview March 8, 2011 10 / 187
What is formal software development Example: a simple formal system
Example of a formal system
-
8/13/2019 Formal Software Development Program
39/997
Example of a formal system
The language
The alphabet of our language consists of three symbols: a,b, and*.
Symbol combinations are called formulas.
Soab,baa*,**a*bbbare examples of formulas.
A language has a grammar: a way to specify which formulas are accept-able; the technical term is well-formed formulas, wffsin short.
The rules of the grammar are known as formation rules, as opposed tothe rules of system, which are known as rules of inference.
Formal Software Development Program Overview March 8, 2011 10 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
40/997
The grammar
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
41/997
The grammar
The grammar (or, the formation rules):
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
42/997
The grammar
The grammar (or, the formation rules):
1 *is a wff
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
43/997
The grammar
The grammar (or, the formation rules):
1 *is a wff
2 if X and Y are formulas containing no*, then X*Y is a wff
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
44/997
g
The grammar (or, the formation rules):
1 *is a wff
2 if X and Y are formulas containing no*, then X*Y is a wff
3 no other formulas are wffs
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
45/997
g
The grammar (or, the formation rules):
1 *is a wff
2 if X and Y are formulas containing no*, then X*Y is a wff
3 no other formulas are wffs
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
46/997
g
The grammar (or, the formation rules):
1 *is a wff
2 if X and Y are formulas containing no*, then X*Y is a wff
3 no other formulas are wffs
The symbols X and Y do not belong to the language, they are justplaceholders for arbitrary formulas. Well talk about them later.
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
47/997
g
The grammar (or, the formation rules):
1 *is a wff
2 if X and Y are formulas containing no*, then X*Y is a wff
3 no other formulas are wffs
The symbols X and Y do not belong to the language, they are justplaceholders for arbitrary formulas. Well talk about them later.
For example, if X stands foraand Y forb, since neither X nor Y containa*, then by the second formation rule,a*bis a wff
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
48/997
The grammar (or, the formation rules):
1 *is a wff
2 if X and Y are formulas containing no*, then X*Y is a wff
3 no other formulas are wffs
The symbols X and Y do not belong to the language, they are justplaceholders for arbitrary formulas. Well talk about them later.
For example, if X stands foraand Y forb, since neither X nor Y containa*, then by the second formation rule,a*bis a wff
Similarly, aa*bb,aba*bbbbb,baba*ababare wffs (think of what X andY are in these cases)
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
The grammar
-
8/13/2019 Formal Software Development Program
49/997
The grammar (or, the formation rules):
1 *is a wff
2 if X and Y are formulas containing no*, then X*Y is a wff
3 no other formulas are wffs
The symbols X and Y do not belong to the language, they are justplaceholders for arbitrary formulas. Well talk about them later.
For example, if X stands foraand Y forb, since neither X nor Y containa*, then by the second formation rule,a*bis a wff
Similarly, aa*bb,aba*bbbbb,baba*ababare wffs (think of what X andY are in these cases)
Whereas**, *aba*,a*b*bare not wffs, because we cannot find any Xand Y to fit the grammar requirements
Formal Software Development Program Overview March 8, 2011 11 / 187
What is formal software development Example: a simple formal system
Rules of inference, in general
-
8/13/2019 Formal Software Development Program
50/997
Formal Software Development Program Overview March 8, 2011 12 / 187
What is formal software development Example: a simple formal system
Rules of inference, in general
-
8/13/2019 Formal Software Development Program
51/997
The rules of inference dictate how a new wff, called a conclusion, can be
deduced (or inferred) from a set (possibly empty) of other wffs, calledpremises.
Formal Software Development Program Overview March 8, 2011 12 / 187
What is formal software development Example: a simple formal system
Rules of inference, in general
-
8/13/2019 Formal Software Development Program
52/997
The rules of inference dictate how a new wff, called a conclusion, can be
deduced (or inferred) from a set (possibly empty) of other wffs, calledpremises.
A rule with an empty set of premises is called an axiom.
Formal Software Development Program Overview March 8, 2011 12 / 187
What is formal software development Example: a simple formal system
Rules of inference, in general
-
8/13/2019 Formal Software Development Program
53/997
The rules of inference dictate how a new wff, called a conclusion, can be
deduced (or inferred) from a set (possibly empty) of other wffs, calledpremises.
A rule with an empty set of premises is called an axiom.
It is helpful to make this distinction because axioms are what get thesystem up and going, i.e. you have to start the deduction process some-where.
Formal Software Development Program Overview March 8, 2011 12 / 187
-
8/13/2019 Formal Software Development Program
54/997
What is formal software development Example: a simple formal system
Rules of inference, in general
-
8/13/2019 Formal Software Development Program
55/997
The rules of inference dictate how a new wff, called a conclusion, can be
deduced (or inferred) from a set (possibly empty) of other wffs, calledpremises.
A rule with an empty set of premises is called an axiom.
It is helpful to make this distinction because axioms are what get thesystem up and going, i.e. you have to start the deduction process some-where.
Otherwise, axioms are nothing but special rules.
Formal Software Development Program Overview March 8, 2011 12 / 187
What is formal software development Example: a simple formal system
Rules of inference, in general
-
8/13/2019 Formal Software Development Program
56/997
The rules of inference dictate how a new wff, called a conclusion, can be
deduced (or inferred) from a set (possibly empty) of other wffs, calledpremises.
A rule with an empty set of premises is called an axiom.
It is helpful to make this distinction because axioms are what get thesystem up and going, i.e. you have to start the deduction process some-where.
Otherwise, axioms are nothing but special rules.
A finite sequence of deductions is called a proof. If a proof uses no premises
other than axioms, then every wff in the sequence of the proof is a theorem.In particular, axioms are theorems, their proofs being sequences of length 1.Although the rules can be used to build proofs from any premises, we willnot be using this facility in these slides. For us, proofs begin with axiomsand dish out theorems.
Formal Software Development Program Overview March 8, 2011 12 / 187
What is formal software development Example: a simple formal system
The rules of our system
-
8/13/2019 Formal Software Development Program
57/997
Formal Software Development Program Overview March 8, 2011 13 / 187
What is formal software development Example: a simple formal system
The rules of our system
-
8/13/2019 Formal Software Development Program
58/997
Our system has the following rules:
Formal Software Development Program Overview March 8, 2011 13 / 187
What is formal software development Example: a simple formal system
The rules of our system
-
8/13/2019 Formal Software Development Program
59/997
Our system has the following rules:
(r1) we can always deduce*
Formal Software Development Program Overview March 8, 2011 13 / 187
What is formal software development Example: a simple formal system
The rules of our system
-
8/13/2019 Formal Software Development Program
60/997
Our system has the following rules:
(r1) we can always deduce*
(r2) from X we can deduce Xb
Formal Software Development Program Overview March 8, 2011 13 / 187
What is formal software development Example: a simple formal system
The rules of our system
-
8/13/2019 Formal Software Development Program
61/997
Our system has the following rules:
(r1) we can always deduce*
(r2) from X we can deduce Xb
(r3) from X*Ybwe can deduceaX*Yb
Formal Software Development Program Overview March 8, 2011 13 / 187
What is formal software development Example: a simple formal system
The rules of our system
-
8/13/2019 Formal Software Development Program
62/997
Our system has the following rules:
(r1) we can always deduce*
(r2) from X we can deduce Xb
(r3) from X*Ybwe can deduceaX*Yb(r4) from Xa*bY we can deduce X*Y
Formal Software Development Program Overview March 8, 2011 13 / 187
What is formal software development Example: a simple formal system
The rules of our system
-
8/13/2019 Formal Software Development Program
63/997
Our system has the following rules:
(r1) we can always deduce*
(r2) from X we can deduce Xb
(r3) from X*Ybwe can deduceaX*Yb(r4) from Xa*bY we can deduce X*Y
Formal Software Development Program Overview March 8, 2011 13 / 187
What is formal software development Example: a simple formal system
The rules of our system
-
8/13/2019 Formal Software Development Program
64/997
Our system has the following rules:
(r1) we can always deduce*
(r2) from X we can deduce Xb
(r3) from X*Ybwe can deduceaX*Yb(r4) from Xa*bY we can deduce X*Y
Since it has no premises, rule 1 is an axiom. You can apply the rules in anyorder you wish, you do not have to go 2-3-4. This feature of formal systemsis called nondeterminism; well review nondeterminism later, and a fewproofs that we build will also emphasize it.
Formal Software Development Program Overview March 8, 2011 13 / 187
What is formal software development Example: a simple formal system
The rules of our system
-
8/13/2019 Formal Software Development Program
65/997
Our system has the following rules:
(r1) we can always deduce*
(r2) from X we can deduce Xb
(r3) from X*Ybwe can deduceaX*Yb(r4) from Xa*bY we can deduce X*Y
Since it has no premises, rule 1 is an axiom. You can apply the rules in anyorder you wish, you do not have to go 2-3-4. This feature of formal systems
is called nondeterminism; well review nondeterminism later, and a fewproofs that we build will also emphasize it. Well call our example formalsystem DANS.
Formal Software Development Program Overview March 8, 2011 13 / 187
What is formal software development Example: a simple formal system
Proving theorems with our formal system
-
8/13/2019 Formal Software Development Program
66/997
Formal Software Development Program Overview March 8, 2011 14 / 187
What is formal software development Example: a simple formal system
Proving theorems with our formal system
-
8/13/2019 Formal Software Development Program
67/997
Lets look at some proofs in DANS; well number the steps of a proof as #1,
#2, and so on. Each step will contain the theorem proved at that step and,in parentheses, how we proved it (which must be a rule applied to previouslyproved steps).
Formal Software Development Program Overview March 8, 2011 14 / 187
What is formal software development Example: a simple formal system
Proving theorems with our formal system
-
8/13/2019 Formal Software Development Program
68/997
Lets look at some proofs in DANS; well number the steps of a proof as #1,
#2, and so on. Each step will contain the theorem proved at that step and,in parentheses, how we proved it (which must be a rule applied to previouslyproved steps).
Theorem: a*bb
Formal Software Development Program Overview March 8, 2011 14 / 187
What is formal software development Example: a simple formal system
Proving theorems with our formal system
-
8/13/2019 Formal Software Development Program
69/997
Lets look at some proofs in DANS; well number the steps of a proof as #1,
#2, and so on. Each step will contain the theorem proved at that step and,in parentheses, how we proved it (which must be a rule applied to previouslyproved steps).
Theorem: a*bb
Proof.
#1: *(r1)
Formal Software Development Program Overview March 8, 2011 14 / 187
What is formal software development Example: a simple formal system
Proving theorems with our formal system
-
8/13/2019 Formal Software Development Program
70/997
Lets look at some proofs in DANS; well number the steps of a proof as #1,
#2, and so on. Each step will contain the theorem proved at that step and,in parentheses, how we proved it (which must be a rule applied to previouslyproved steps).
Theorem: a*bb
Proof.
#1: *(r1)
#2: *b(#1,r2)
Formal Software Development Program Overview March 8, 2011 14 / 187
What is formal software development Example: a simple formal system
Proving theorems with our formal system
-
8/13/2019 Formal Software Development Program
71/997
Lets look at some proofs in DANS; well number the steps of a proof as #1,
#2, and so on. Each step will contain the theorem proved at that step and,in parentheses, how we proved it (which must be a rule applied to previouslyproved steps).
Theorem: a*bb
Proof.
#1: *(r1)
#2: *b(#1,r2)
#3: a*b(#2,r3)
Formal Software Development Program Overview March 8, 2011 14 / 187
What is formal software development Example: a simple formal system
Proving theorems with our formal system
-
8/13/2019 Formal Software Development Program
72/997
Lets look at some proofs in DANS; well number the steps of a proof as #1,
#2, and so on. Each step will contain the theorem proved at that step and,in parentheses, how we proved it (which must be a rule applied to previouslyproved steps).
Theorem: a*bb
Proof.
#1: *(r1)
#2: *b(#1,r2)
#3: a*b(#2,r3)
#4: a*bb(#2,r2)
Formal Software Development Program Overview March 8, 2011 14 / 187
What is formal software development Example: a simple formal system
Proof objects
-
8/13/2019 Formal Software Development Program
73/997
Formal Software Development Program Overview March 8, 2011 15 / 187
What is formal software development Example: a simple formal system
Proof objects
Thi f f f i k f bj
-
8/13/2019 Formal Software Development Program
74/997
This form of a proof is known as a proof object.
Formal Software Development Program Overview March 8, 2011 15 / 187
What is formal software development Example: a simple formal system
Proof objects
Thi f f f i k f bj S
-
8/13/2019 Formal Software Development Program
75/997
This form of a proof is known as a proof object. So
{#1: *(r1); #2: *b(#1,r2); #3: a*b(#2,r3); #4: a*bb(#2,r2)}
is a proof object.
Formal Software Development Program Overview March 8, 2011 15 / 187
What is formal software development Example: a simple formal system
Proof objects
Thi f f f i k f bj t S
-
8/13/2019 Formal Software Development Program
76/997
This form of a proof is known as a proof object. So
{#1: *(r1); #2: *b(#1,r2); #3: a*b(#2,r3); #4: a*bb(#2,r2)}
is a proof object. Proof objects are important because anyone who is giventhe language and rules of DANS could verify the steps of the proof.
Formal Software Development Program Overview March 8, 2011 15 / 187
What is formal software development Example: a simple formal system
Proof objects
This form of a proof is kno n as a proof object So
-
8/13/2019 Formal Software Development Program
77/997
This form of a proof is known as a proof object. So
{#1: *(r1); #2: *b(#1,r2); #3: a*b(#2,r3); #4: a*bb(#2,r2)}
is a proof object. Proof objects are important because anyone who is giventhe language and rules of DANS could verify the steps of the proof. Letsremark that a theorem can have many proofs; we could have proved a*bbwith this proof object:
{#1: *(r1); #2: *b(#1,r2);#3: *bb(#2,r2); #4: a*bb(#2,r3)}
Formal Software Development Program Overview March 8, 2011 15 / 187
What is formal software development Example: a simple formal system
Proof objects
This form of a proof is known as a proof object So
-
8/13/2019 Formal Software Development Program
78/997
This form of a proof is known as a proof object. So
{#1: *(r1); #2: *b(#1,r2); #3: a*b(#2,r3); #4: a*bb(#2,r2)}
is a proof object. Proof objects are important because anyone who is giventhe language and rules of DANS could verify the steps of the proof. Letsremark that a theorem can have many proofs; we could have proved a*bbwith this proof object:
{#1: *(r1); #2: *b(#1,r2);#3: *bb(#2,r2); #4: a*bb(#2,r3)}
A more complete description of a proof would include not just the proofobject, but the entire formal system attached. This is sometimes called a
proof certificate.
Formal Software Development Program Overview March 8, 2011 15 / 187
What is formal software development Example: a simple formal system
Proof objects
This form of a proof is known as a proof object So
-
8/13/2019 Formal Software Development Program
79/997
This form of a proof is known as a proof object. So
{#1: *(r1); #2: *b(#1,r2); #3: a*b(#2,r3); #4: a*bb(#2,r2)}
is a proof object. Proof objects are important because anyone who is giventhe language and rules of DANS could verify the steps of the proof. Letsremark that a theorem can have many proofs; we could have proved a*bbwith this proof object:
{#1: *(r1); #2: *b(#1,r2);#3: *bb(#2,r2); #4: a*bb(#2,r3)}
A more complete description of a proof would include not just the proofobject, but the entire formal system attached. This is sometimes called a
proof certificate. So {[DANS] #1: *(r1); #2: *b(#1,r2); #3: a*b(#2,r3); #4: a*bb(#2,r2)} would be a proof certificate. If you emailed methis proof certificate, I would know exactly what you proved.
Formal Software Development Program Overview March 8, 2011 15 / 187
-
8/13/2019 Formal Software Development Program
80/997
What is formal software development Metamathematics
Moving up a level
-
8/13/2019 Formal Software Development Program
81/997
Formal Software Development Program Overview March 8, 2011 16 / 187 What is formal software development Metamathematics
Moving up a level
We now know how to do proofs (in other words how to reason within
-
8/13/2019 Formal Software Development Program
82/997
We now know how to do proofs (in other words, how to reason withinthe system)
Formal Software Development Program Overview March 8, 2011 16 / 187 What is formal software development Metamathematics
Moving up a level
We now know how to do proofs (in other words how to reason within
-
8/13/2019 Formal Software Development Program
83/997
We now know how to do proofs (in other words, how to reason withinthe system)
There is a large variety of such formal systems
Formal Software Development Program Overview March 8 2011 16 / 187 What is formal software development Metamathematics
Moving up a level
We now know how to do proofs (in other words, how to reason within
-
8/13/2019 Formal Software Development Program
84/997
We now know how to do proofs (in other words, how to reason withinthe system)
There is a large variety of such formal systems
Most of the mathematics you ever learned can be cranked out by suchformal systems (see mizar.org)
Formal Software Development Program Overview March 8 2011 16 / 187 What is formal software development Metamathematics
Moving up a level
We now know how to do proofs (in other words, how to reason within
-
8/13/2019 Formal Software Development Program
85/997
p ( ,the system)
There is a large variety of such formal systems
Most of the mathematics you ever learned can be cranked out by suchformal systems (see mizar.org)
The foundations of software can also be cranked out by formal systems,
as well see soon
Formal Software Development Program Overview March 8 2011 16 / 187 What is formal software development Metamathematics
Moving up a level
We now know how to do proofs (in other words, how to reason within
-
8/13/2019 Formal Software Development Program
86/997
p ( ,the system)
There is a large variety of such formal systems
Most of the mathematics you ever learned can be cranked out by suchformal systems (see mizar.org)
The foundations of software can also be cranked out by formal systems,
as well see soonNow comes a big switch of perspective . . .
Formal Software Development Program Overview March 8 2011 16 / 187 What is formal software development Metamathematics
Moving up a level
We now know how to do proofs (in other words, how to reason within
-
8/13/2019 Formal Software Development Program
87/997
p (the system)
There is a large variety of such formal systems
Most of the mathematics you ever learned can be cranked out by suchformal systems (see mizar.org)
The foundations of software can also be cranked out by formal systems,
as well see soonNow comes a big switch of perspective . . .
These formal systems have some important properties, which can bestudied with the use of mathematics
Formal Software Development Program Overview March 8 2011 16 / 187 What is formal software development Metamathematics
Moving up a level
We now know how to do proofs (in other words, how to reason within
-
8/13/2019 Formal Software Development Program
88/997
the system)
There is a large variety of such formal systems
Most of the mathematics you ever learned can be cranked out by suchformal systems (see mizar.org)
The foundations of software can also be cranked out by formal systems,
as well see soonNow comes a big switch of perspective . . .
These formal systems have some important properties, which can bestudied with the use of mathematics
This study comes with a grand name: metamathematics, i.e. the studyof mathematics itself
Formal Software Development Program Overview March 8 2011 16 / 187
-
8/13/2019 Formal Software Development Program
89/997
What is formal software development Metamathematics
Moving up a level
We now know how to do proofs (in other words, how to reason within
-
8/13/2019 Formal Software Development Program
90/997
the system)
There is a large variety of such formal systems
Most of the mathematics you ever learned can be cranked out by suchformal systems (see mizar.org)
The foundations of software can also be cranked out by formal systems,
as well see soonNow comes a big switch of perspective . . .
These formal systems have some important properties, which can bestudied with the use of mathematics
This study comes with a grand name: metamathematics, i.e. the study
of mathematics itself
Well do a lot of metamathematics in this program
And metasoftware, if you wish
Formal Software Development Program Overview March 8 2011 16 / 187 What is formal software development Metamathematics
Moving up a level
We now know how to do proofs (in other words, how to reason within)
-
8/13/2019 Formal Software Development Program
91/997
the system)
There is a large variety of such formal systems
Most of the mathematics you ever learned can be cranked out by suchformal systems (see mizar.org)
The foundations of software can also be cranked out by formal systems,
as well see soonNow comes a big switch of perspective . . .
These formal systems have some important properties, which can bestudied with the use of mathematics
This study comes with a grand name: metamathematics, i.e. the study
of mathematics itself
Well do a lot of metamathematics in this program
And metasoftware, if you wish
Meta just means outside or about
Formal Software Development Program Overview March 8 2011 16 / 187 What is formal software development Metamathematics
Meta level and object level
-
8/13/2019 Formal Software Development Program
92/997
Formal Software Development Program Overview March 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formal
-
8/13/2019 Formal Software Development Program
93/997
system is called object levelmathematics; the language of the formal system
is the object language.
Formal Software Development Program Overview March 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formal
-
8/13/2019 Formal Software Development Program
94/997
system is called object levelmathematics; the language of the formal system
is the object language. Well use mostly informal language when working atthe meta level in this overview.
Formal Software Development Program Overview March 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formalf f
-
8/13/2019 Formal Software Development Program
95/997
system is called object levelmathematics; the language of the formal system
is the object language. Well use mostly informal language when working atthe meta level in this overview. But keep in mind that some of the tools westudy are able to do metamathematics formally, i.e. we can create andanalyze formal systems within another formal system.
Formal Software Development Program Overview March 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formali ll d bj l l h i h l f h f l
-
8/13/2019 Formal Software Development Program
96/997
system is called object levelmathematics; the language of the formal system
is the object language. Well use mostly informal language when working atthe meta level in this overview. But keep in mind that some of the tools westudy are able to do metamathematics formally, i.e. we can create andanalyze formal systems within another formal system. The ML (MetaLanguage) programming language was created precisely for the purpose of
doing metamathematics. OCaml and F# are its descendants.
Formal Software Development Program Overview March 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formalt i ll d bj t l l th ti th l f th f l t
-
8/13/2019 Formal Software Development Program
97/997
system is called object levelmathematics; the language of the formal system
is the object language. Well use mostly informal language when working atthe meta level in this overview. But keep in mind that some of the tools westudy are able to do metamathematics formally, i.e. we can create andanalyze formal systems within another formal system. The ML (MetaLanguage) programming language was created precisely for the purpose of
doing metamathematics. OCaml and F# are its descendants. Well studythem in the ML Languages and Provers course.
F l S ft D l t P O i M h 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formalt i ll d bj t l l th ti th l f th f l t
-
8/13/2019 Formal Software Development Program
98/997
system is called object levelmathematics; the language of the formal system
is the object language. Well use mostly informal language when working atthe meta level in this overview. But keep in mind that some of the tools westudy are able to do metamathematics formally, i.e. we can create andanalyze formal systems within another formal system. The ML (MetaLanguage) programming language was created precisely for the purpose of
doing metamathematics. OCaml and F# are its descendants. Well studythem in the ML Languages and Provers course. So lets get used to someof this meta terminology:
F l S ft D l t P O i M h 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formalsystem is called object level mathematics; the language of the formal system
-
8/13/2019 Formal Software Development Program
99/997
system is called object levelmathematics; the language of the formal system
is the object language. Well use mostly informal language when working atthe meta level in this overview. But keep in mind that some of the tools westudy are able to do metamathematics formally, i.e. we can create andanalyze formal systems within another formal system. The ML (MetaLanguage) programming language was created precisely for the purpose of
doing metamathematics. OCaml and F# are its descendants. Well studythem in the ML Languages and Provers course. So lets get used to someof this meta terminology:
metalanguage (the language in which we reason about the formal system)
F l S ft D l t P O i M h 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formalsystem is called object level mathematics; the language of the formal system
-
8/13/2019 Formal Software Development Program
100/997
system is called object levelmathematics; the language of the formal system
is the object language. Well use mostly informal language when working atthe meta level in this overview. But keep in mind that some of the tools westudy are able to do metamathematics formally, i.e. we can create andanalyze formal systems within another formal system. The ML (MetaLanguage) programming language was created precisely for the purpose of
doing metamathematics. OCaml and F# are its descendants. Well studythem in the ML Languages and Provers course. So lets get used to someof this meta terminology:
metalanguage (the language in which we reason about the formal system)
metavariables (variables that do not belong to the object language)
F l S ft D l t P O i M h 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formalsystem is called object level mathematics; the language of the formal system
-
8/13/2019 Formal Software Development Program
101/997
system is called object levelmathematics; the language of the formal system
is the object language. Well use mostly informal language when working atthe meta level in this overview. But keep in mind that some of the tools westudy are able to do metamathematics formally, i.e. we can create andanalyze formal systems within another formal system. The ML (MetaLanguage) programming language was created precisely for the purpose of
doing metamathematics. OCaml and F# are its descendants. Well studythem in the ML Languages and Provers course. So lets get used to someof this meta terminology:
metalanguage (the language in which we reason about the formal system)
metavariables (variables that do not belong to the object language)
metatheorem (a theorem about the system, not a theorem of the system)
F l S f D l P O i M h 8 2011 17 / 187 What is formal software development Metamathematics
Meta level and object level
To distinguish it from metamathematics, mathematics inside the formalsystem is called object level mathematics; the language of the formal system
-
8/13/2019 Formal Software Development Program
102/997
system is called object levelmathematics; the language of the formal system
is the object language. Well use mostly informal language when working atthe meta level in this overview. But keep in mind that some of the tools westudy are able to do metamathematics formally, i.e. we can create andanalyze formal systems within another formal system. The ML (MetaLanguage) programming language was created precisely for the purpose of
doing metamathematics. OCaml and F# are its descendants. Well studythem in the ML Languages and Provers course. So lets get used to someof this meta terminology:
metalanguage (the language in which we reason about the formal system)
metavariables (variables that do not belong to the object language)
metatheorem (a theorem about the system, not a theorem of the system)
metamathematics (study of formal systems themselves, from the outside)
F l S f D l P O i M h 8 2011 17 / 187 What is formal software development Metamathematics
The first big metamathematical question: Consistency
-
8/13/2019 Formal Software Development Program
103/997
Formal Software Development Program Overview March 8, 2011 18 / 187
What is formal software development Metamathematics
The first big metamathematical question: Consistency
-
8/13/2019 Formal Software Development Program
104/997
Lets do some metamathematics.
Formal Software Development Program Overview March 8, 2011 18 / 187
What is formal software development Metamathematics
The first big metamathematical question: Consistency
-
8/13/2019 Formal Software Development Program
105/997
Lets do some metamathematics. Lets say that allthe wffs of a formalsystem are theorems.
Formal Software Development Program Overview March 8, 2011 18 / 187
What is formal software development Metamathematics
The first big metamathematical question: Consistency
-
8/13/2019 Formal Software Development Program
106/997
Lets do some metamathematics. Lets say that allthe wffs of a formalsystem are theorems. In this case the formal system is worthless, the rules donot accomplish anything useful.
Formal Software Development Program Overview March 8, 2011 18 / 187
What is formal software development Metamathematics
The first big metamathematical question: Consistency
-
8/13/2019 Formal Software Development Program
107/997
Lets do some metamathematics. Lets say that allthe wffs of a formalsystem are theorems. In this case the formal system is worthless, the rules donot accomplish anything useful. So a formal system is said to be consistentif not all wffs are theorems.
Formal Software Development Program Overview March 8, 2011 18 / 187
What is formal software development Metamathematics
The first big metamathematical question: Consistency
-
8/13/2019 Formal Software Development Program
108/997
Lets do some metamathematics. Lets say that allthe wffs of a formalsystem are theorems. In this case the formal system is worthless, the rules donot accomplish anything useful. So a formal system is said to be consistentif not all wffs are theorems.
Metatheorem: DANS is a consistent system
Formal Software Development Program Overview March 8, 2011 18 / 187
What is formal software development Metamathematics
The first big metamathematical question: Consistency
-
8/13/2019 Formal Software Development Program
109/997
Lets do some metamathematics. Lets say that allthe wffs of a formalsystem are theorems. In this case the formal system is worthless, the rules donot accomplish anything useful. So a formal system is said to be consistentif not all wffs are theorems.
Metatheorem: DANS is a consistent system
Proof. We show thatb*is not a theorem. The axiom*has nobon the left.No rules allow the introduction of a bon the left of the*.
Formal Software Development Program Overview March 8, 2011 18 / 187
-
8/13/2019 Formal Software Development Program
110/997
What is formal software development Metamathematics
Decidability of grammar and rules
Lets look at the grammar and the inference rules of our example
-
8/13/2019 Formal Software Development Program
111/997
Formal Software Development Program Overview March 8, 2011 19 / 187
What is formal software development Metamathematics
Decidability of grammar and rules
Lets look at the grammar and the inference rules of our example
We see that the grammar is decidable i e there is an algorithm that
-
8/13/2019 Formal Software Development Program
112/997
We see that the grammar is decidable, i.e. there is an algorithm that,given a formula, it will answer YES if the formula is a wff and NO if itis not
Formal Software Development Program Overview March 8, 2011 19 / 187
-
8/13/2019 Formal Software Development Program
113/997
What is formal software development Metamathematics
Decidability of grammar and rules
Lets look at the grammar and the inference rules of our example
We see that the grammar is decidable, i.e. there is an algorithm that,
-
8/13/2019 Formal Software Development Program
114/997
g , g ,given a formula, it will answer YES if the formula is a wff and NO if itis not
Here is the grammar algorithm: given a formula X, count the number of*. If the count is 1, answer YES, otherwise answer NO.
The inference rules are also rigged in this special way, i.e. they are alsodecidable
Formal Software Development Program Overview March 8, 2011 19 / 187
What is formal software development Metamathematics
Decidability of grammar and rules
Lets look at the grammar and the inference rules of our example
We see that the grammar is decidable, i.e. there is an algorithm that,
-
8/13/2019 Formal Software Development Program
115/997
g , g ,given a formula, it will answer YES if the formula is a wff and NO if itis not
Here is the grammar algorithm: given a formula X, count the number of*. If the count is 1, answer YES, otherwise answer NO.
The inference rules are also rigged in this special way, i.e. they are alsodecidable
By this we mean that for each rule, there is an algorithm that, given afinite set of wffs, it will answer YES if the rule is applicable to them andNO if it is not
Formal Software Development Program Overview March 8, 2011 19 / 187
-
8/13/2019 Formal Software Development Program
116/997
What is formal software development Metamathematics
Decidability of grammar and rules
Lets look at the grammar and the inference rules of our example
We see that the grammar is decidable, i.e. there is an algorithm that,
-
8/13/2019 Formal Software Development Program
117/997
given a formula, it will answer YES if the formula is a wff and NO if itis not
Here is the grammar algorithm: given a formula X, count the number of*. If the count is 1, answer YES, otherwise answer NO.
The inference rules are also rigged in this special way, i.e. they are alsodecidable
By this we mean that for each rule, there is an algorithm that, given afinite set of wffs, it will answer YES if the rule is applicable to them andNO if it is not
For example, the algorithm for rule 4 is: find*. If we can find an aonits left and abon its right, then the answer is YES, otherwise it is NO.
Only one thing is left unclear: what exactly is an algorithm?
Formal Software Development Program Overview March 8, 2011 19 / 187
-
8/13/2019 Formal Software Development Program
118/997
What is formal software development Metamathematics
What is an algorithm?
Informally we know it is something that can be expressed in a finitenumber of steps, some sort of program maybe containing loops
-
8/13/2019 Formal Software Development Program
119/997
Formal Software Development Program Overview March 8, 2011 20 / 187
What is formal software development Metamathematics
What is an algorithm?
Informally we know it is something that can be expressed in a finitenumber of steps, some sort of program maybe containing loops
-
8/13/2019 Formal Software Development Program
120/997
Other informal ways to describe algorithms: computableor, the originalterm used by Hilbert, finitary
Formal Software Development Program Overview March 8, 2011 20 / 187
What is formal software development Metamathematics
What is an algorithm?
Informally we know it is something that can be expressed in a finitenumber of steps, some sort of program maybe containing loops
-
8/13/2019 Formal Software Development Program
121/997
Other informal ways to describe algorithms: computableor, the originalterm used by Hilbert, finitary
It took a lot of work to come up with a convincing formal definition
Formal Software Development Program Overview March 8, 2011 20 / 187
What is formal software development Metamathematics
What is an algorithm?
Informally we know it is something that can be expressed in a finitenumber of steps, some sort of program maybe containing loops
-
8/13/2019 Formal Software Development Program
122/997
Other informal ways to describe algorithms: computableor, the originalterm used by Hilbert, finitary
It took a lot of work to come up with a convincing formal definition
The astonishing thing is that many alternative definitions kept coming,and . . .
Formal Software Development Program Overview March 8, 2011 20 / 187
-
8/13/2019 Formal Software Development Program
123/997
What is formal software development Metamathematics
What is an algorithm?
Informally we know it is something that can be expressed in a finitenumber of steps, some sort of program maybe containing loops
O h f l d b l h bl h l
-
8/13/2019 Formal Software Development Program
124/997
Other informal ways to describe algorithms: computableor, the originalterm used by Hilbert, finitary
It took a lot of work to come up with a convincing formal definition
The astonishing thing is that many alternative definitions kept coming,and . . .
All formal definitions of algorithm were proven to be equivalent!
This equivalence theorem is one of the great accomplishments of the20th century mathematics
Formal Software Development Program Overview March 8, 2011 20 / 187
What is formal software development Metamathematics
What is an algorithm?
Informally we know it is something that can be expressed in a finitenumber of steps, some sort of program maybe containing loops
O h i f l d ib l i h bl h i i l
-
8/13/2019 Formal Software Development Program
125/997
Other informal ways to describe algorithms: computableor, the originalterm used by Hilbert, finitary
It took a lot of work to come up with a convincing formal definition
The astonishing thing is that many alternative definitions kept coming,and . . .
All formal definitions of algorithm were proven to be equivalent!
This equivalence theorem is one of the great accomplishments of the20th century mathematics
The best known definitions are: Godels recursive functions, Turing ma-
chines and Churchs Lambda Calculus
Formal Software Development Program Overview March 8, 2011 20 / 187
What is formal software development Metamathematics
What is an algorithm?
Informally we know it is something that can be expressed in a finitenumber of steps, some sort of program maybe containing loops
O h i f l d ib l i h bl h i i l
-
8/13/2019 Formal Software Development Program
126/997
Other informal ways to describe algorithms: computableor, the originalterm used by Hilbert, finitary
It took a lot of work to come up with a convincing formal definition
The astonishing thing is that many alternative definitions kept coming,and . . .
All formal definitions of algorithm were proven to be equivalent!
This equivalence theorem is one of the great accomplishments of the20th century mathematics
The best known definitions are: Godels recursive functions, Turing ma-
chines and Churchs Lambda Calculus Turing machines led to imperative languages like C, Java, C#
Formal Software Development Program Overview March 8, 2011 20 / 187
What is formal software development Metamathematics
What is an algorithm?
Informally we know it is something that can be expressed in a finitenumber of steps, some sort of program maybe containing loops
Oth i f l t d ib l ith t bl th i i l
-
8/13/2019 Formal Software Development Program
127/997
Other informal ways to describe algorithms: computableor, the originalterm used by Hilbert, finitary
It took a lot of work to come up with a convincing formal definition
The astonishing thing is that many alternative definitions kept coming,and . . .
All formal definitions of algorithm were proven to be equivalent!
This equivalence theorem is one of the great accomplishments of the20th century mathematics
The best known definitions are: Godels recursive functions, Turing ma-
chines and Churchs Lambda Calculus Turing machines led to imperative languages like C, Java, C# Churchs Lambda Calculus led to functional languages like Lisp,
ML, Haskell
Formal Software Development Program Overview March 8, 2011 20 / 187
What is formal software development Metamathematics
The Church-Turing thesis
-
8/13/2019 Formal Software Development Program
128/997
Formal Software Development Program Overview March 8, 2011 21 / 187
What is formal software development Metamathematics
The Church-Turing thesis
-
8/13/2019 Formal Software Development Program
129/997
The above equivalent formal definitions capture the informal notion ofcomputability or algorithm.
Formal Software Development Program Overview March 8, 2011 21 / 187
What is formal software development Metamathematics
The Church-Turing thesis
-
8/13/2019 Formal Software Development Program
130/997
The above equivalent formal definitions capture the informal notion ofcomputability or algorithm.
This is not a theorem, it is a thesis, so there is no question of proving it. Itcaptures the belief that humanity has nailed the concept of computability,that there exists no other mechanism that deserves to be called an algorithm.
Formal Software Development Program Overview March 8, 2011 21 / 187
What is formal software development Metamathematics
Formal systems are rigged in a very special way
-
8/13/2019 Formal Software Development Program
131/997
Formal Software Development Program Overview March 8, 2011 22 / 187
What is formal software development Metamathematics
Formal systems are rigged in a very special way
This overview is not the place to describe any of the above formal defiiti f t bilit
-
8/13/2019 Formal Software Development Program
132/997
This overview is not the place to describe any of the above formal defi-nitions of computability
Formal Software Development Program Overview March 8, 2011 22 / 187
What is formal software development Metamathematics
Formal systems are rigged in a very special way
This overview is not the place to describe any of the above formal defi-nitions of computability
-
8/13/2019 Formal Software Development Program
133/997
This overview is not the place to describe any of the above formal defi-nitions of computability
(well cover this in the Logic and Computation course)
Formal Software Development Program Overview March 8, 2011 22 / 187
What is formal software development Metamathematics
Formal systems are rigged in a very special way
This overview is not the place to describe any of the above formal defi-nitions of computability
-
8/13/2019 Formal Software Development Program
134/997
This overview is not the place to describe any of the above formal definitions of computability
(well cover this in the Logic and Computation course)
All we need to know for now is that such a rigorous definition exists
Formal Software Development Program Overview March 8, 2011 22 / 187
What is formal software development Metamathematics
Formal systems are rigged in a very special way
This overview is not the place to describe any of the above formal defi-nitions of computability
-
8/13/2019 Formal Software Development Program
135/997
nitions of computability
(well cover this in the Logic and Computation course)
All we need to know for now is that such a rigorous definition exists
Therefore, decidability, which lacked the rigorous definition of algorithm,is now rigorously defined
Formal Software Development Program Overview March 8, 2011 22 / 187
What is formal software development Metamathematics
Formal systems are rigged in a very special way
This overview is not the place to describe any of the above formal defi-nitions of computability
-
8/13/2019 Formal Software Development Program
136/997
nitions of computability
(well cover this in the Logic and Computation course)
All we need to know for now is that such a rigorous definition exists
Therefore, decidability, which lacked the rigorous definition of algorithm,is now rigorously defined
For all formal systems, the grammar is always rigged so that it is decidable
Formal Software Development Program Overview March 8, 2011 22 / 187
What is formal software development Metamathematics
Formal systems are rigged in a very special way
This overview is not the place to describe any of the above formal defi-nitions of computability
-
8/13/2019 Formal Software Development Program
137/997
nitions of computability
(well cover this in the Logic and Computation course)
All we need to know for now is that such a rigorous definition exists
Therefore, decidability, which lacked the rigorous definition of algorithm,is now rigorously defined
For all formal systems, the grammar is always rigged so that it is decidable
The inference rules are also rigged so that they are decidable
Formal Software Development Program Overview March 8, 2011 22 / 187
What is formal software development Metamathematics
Formal systems are rigged in a very special way
This overview is not the place to describe any of the above formal defi-nitions of computability
-
8/13/2019 Formal Software Development Program
138/997
nitions of computability
(well cover this in the Logic and Computation course)
All we need to know for now is that such a rigorous definition exists
Therefore, decidability, which lacked the rigorous definition of algorithm,is now rigorously defined
For all formal systems, the grammar is always rigged so that it is decidable
The inference rules are also rigged so that they are decidable
In one sentence, formal systems have computability built-in
Formal Software Development Program Overview March 8, 2011 22 / 187
What is formal software development Metamathematics
The power of formal systems
-
8/13/2019 Formal Software Development Program
139/997
Formal Software Development Program Overview March 8, 2011 23 / 187
What is formal software development Metamathematics
The power of formal systems
Not only do they have computability built-in
-
8/13/2019 Formal Software Development Program
140/997
y y p y
Formal Software Development Program Overview March 8, 2011 23 / 187
What is formal software development Metamathematics
The power of formal systems
Not only do they have computability built-in
-
8/13/2019 Formal Software Development Program
141/997
They do not have any morecomputational power than Turing machineshave, they are yet another formalism equivalent to the other three
Formal Software Development Program Overview March 8, 2011 23 / 187
What is formal software development Metamathematics
The power of formal systems
Not only do they have computability built-inh d h l h h
-
8/13/2019 Formal Software Development Program
142/997
They do not have any morecomputational power than Turing machineshave, they are yet another formalism equivalent to the other three
Just as in the case of Turing machines, nondeterminism does not addto this power, i.e. you can build an equivalent deterministic system thatproduces the same theorems
Formal Software Development Program Overview March 8, 2011 23 / 187
What is formal software development Metamathematics
The power of formal systems
Not only do they have computability built-inTh d h i l h T i hi
-
8/13/2019 Formal Software Development Program
143/997
They do not have any morecomputational power than Turing machineshave, they are yet another formalism equivalent to the other three
Just as in the case of Turing machines, nondeterminism does not addto this power, i.e. you can build an equivalent deterministic system thatproduces the same theorems
Formal Software Development Program Overview March 8, 2011 23 / 187
What is formal software development Metamathematics
The power of formal systems
Not only do they have computability built-inTh d t h t ti l th T i hi
-
8/13/2019 Formal Software Development Program
144/997
They do not have any morecomputational power than Turing machineshave, they are yet another formalism equivalent to the other three
Just as in the case of Turing machines, nondeterminism does not addto this power, i.e. you can build an equivalent deterministic system that
produces the same theorems
So, for any theory that can be described algorithmically (and thats all wereally need, but thats philosophy), whether a mathematical theory, asoftware theory, a physics theory, etc . . . , there is a formal system that can
describe it.
Formal Software Development Program Overview March 8, 2011 23 / 187
What is formal software development Metamathematics
Back to our formal system
-
8/13/2019 Formal Software Development Program
145/997
Formal Software Development Program Overview March 8, 2011 24 / 187
What is formal software development Metamathematics
Back to our formal system
Because DANS has computability built in, we can do two things
-
8/13/2019 Formal Software Development Program
146/997
Formal Software Development Program Overview March 8, 2011 24 / 187
What is formal software development Metamathematics
Back to our formal system
Because DANS has computability built in, we can do two things
We can design a mechanical strategy that builds all the theorems of the
system, one after the other (exercise)
-
8/13/2019 Formal Software Development Program
147/997
Formal Software Development Program Overview March 8, 2011 24 / 187
-
8/13/2019 Formal Software Development Program
148/997
What is formal software development Metamathematics
Back to our formal system
Because DANS has computability built in, we can do two things
We can design a mechanical strategy that builds all the theorems of the
system, one after the other (exercise)
-
8/13/2019 Formal Software Development Program
149/997
We can design a mechanical strategy that, given a proof, answers YESif the proof is correct, NO otherwise (exercise)
Notice that our formal system produces an infinite number of theorems,
so the procedure above potentially produces all the theorems, we cannever have all the theorems collected together as that set would be anactualinfinity, which is impossible to reach computationally
Formal Software Development Program Overview March 8, 2011 24 / 187
What is formal software development Metamathematics
Back to our formal system
Because DANS has computability built in, we can do two things
We can design a mechanical strategy that builds all the theorems of the
system, one after the other (exercise)
S
-
8/13/2019 Formal Software Development Program
150/997
We can design a mechanical strategy that, given a proof, answers YESif the proof is correct, NO otherwise (exercise)
Notice that our formal system produces an infinite number of theorems,
so the procedure above potentially produces all the theorems, we cannever have all the theorems collected together as that set would be anactualinfinity, which is impossible to reach computationally
In formal systems, the infinite is always understood as this potential, notactual, representation
Formal Software Development Program Overview March 8, 2011 24 / 187
What is formal software development Metamathematics
Back to our formal system
Because DANS has computability built in, we can do two things
We can design a mechanical strategy that builds all the theorems of the
system, one after the other (exercise)
W d i h i l h i f YES
-
8/13/2019 Formal Software Development Program
151/997
We can design a mechanical strategy that, given a proof, answers YESif the proof is correct, NO otherwise (exercise)
Notice that our formal system produces an infinite number of theorems,
so the procedure above potentially produces all the theorems, we cannever have all the theorems collected together as that set would be anactualinfinity, which is impossible to reach computationally
In formal systems, the infinite is always understood as this potential, notactual, representation
If this sounds difficult, think of the way natural numbers or lists are in-troduced in your favorite functional language. The constructors embodythis potential infinity.
Formal Software Development Program Overview March 8, 2011 24 / 187
What is formal software development Decidability
Decidability of our example
-
8/13/2019 Formal Software Development Program
152/997
Formal Software Development Program Overview March 8, 2011 25 / 187
What is formal software development Decidability
Decidability of our example
If we have a wff, how can we tell if it is a theorem or not?
-
8/13/2019 Formal Software Development Program
153/997
Formal Software Development Program Overview March 8, 2011 25 / 187
What is formal software development Decidability
Decidability of our example
If we have a wff, how can we tell if it is a theorem or not?
Does DANS have an algorithm that answers YES or NO to such a ques-tion?
-
8/13/2019 Formal Software Development Program
154/997
tion?
Formal Software Development Program Overview March 8, 2011 25 / 187
What is formal software development Decidability
Decidability of our example
If we have a wff, how can we tell if it is a theorem or not?
Does DANS have an algorithm that answers YES or NO to such a ques-tion?
-
8/13/2019 Formal Software Development Program
155/997
This is a big fork in the road for the formal systems we study in theprogram
Formal Software Development Program Overview March 8, 2011 25 / 187
What is formal software development Decidability
Decidability of our example
If we have a wff, how can we tell if it is a theorem or not?
Does DANS have an algorithm that answers YES or NO to such a ques-tion?
-
8/13/2019 Formal Software Development Program
156/997
This is a big fork in the road for the formal systems we study in theprogram
Some systems do admit such an algorithm (called a decision procedure),others dont
Formal Software Development Program Overview March 8, 2011 25 / 187
What is formal software development Decidability
Decidability of our example
If we have a wff, how can we tell if it is a theorem or not?
Does DANS have an algorithm that answers YES or NO to such a ques-tion?
-
8/13/2019 Formal Software Development Program
157/997
This is a big fork in the road for the formal systems we study in theprogram
Some systems do admit such an algorithm (called a decision procedure),others dont
Finding a decision procedure for a useful formal system (not a toy likeDANS) is a non-trivial effort
Formal Software Development Program Overview March 8, 2011 25 / 187
What is formal software development Decidability
Decidability of our example
If we have a wff, how can we tell if it is a theorem or not?
Does DANS have an algorithm that answers YES or NO to such a ques-tion?
-
8/13/2019 Formal Software Development Program
158/997
This is a big fork in the road for the formal systems we study in theprogram
Some systems do admit such an algorithm (called a decision procedure),others dont
Finding a decision procedure for a useful formal system (not a toy likeDANS) is a non-trivial effort
The more expressive the system (i.e. the more powerful its language andrules of inference are), the less likely it is that it has such a procedure
Formal Software Development Program Overview March 8, 2011 25 / 187
What is formal software development Decidability
DANS is decidable
may
be
skip
ped
-
8/13/2019 Formal Software Development Program
159/997
Formal Software Development Program Overview March 8, 2011 26 / 187
What is formal software development Decidability
DANS is decidable
Metatheorem: Dans is a decidable system
The proof is b ind ction Proofs b ind ction are t pical of the
may
be
skip
ped
-
8/13/2019 Formal Software Development Program
160/997
The proof is by induction. Proofs by induction are typical of themetamathematics of formal systems, thats why we include one here. Theywill be seen over and over during the program. Those unfamiliar withmathematical induction may skip the proof.
We treat induction at length in the course Formal semantics ofprogramming languages. We also give a more detailed presentation ofinduction and recursion, as they relate to categories, in a more advancedsection of this overview. For those who need a quick brush-up, we include
the definition of mathematical induction and one typical example of its use.
Formal Software Development Program Overview March 8, 2011 26 / 187
What is formal software development Decidability
Mathematical Induction
may
be
skip
ped
-
8/13/2019 Formal Software Development Program
161/997
Formal Software Development Program Overview March 8, 2011 27 / 187
What is formal software development Decidability
Mathematical Induction
Mathematical Induction
may
be
skip
ped
-
8/13/2019 Formal Software Development Program
162/997
LetP(n) be a predicate on the setN of natural numbers. Then
(P(0
) (kN.
P(k)P(k+1
))) nN.
P(n)
Formal Software Development Program Overview March 8, 2011 27 / 187
What is formal software development Decidability
A typical proof by mathematical induction
may
be
skip
ped
-
8/13/2019 Formal Software Development Program
163/997
Formal Software Development Program Overview March 8, 2011 28 / 187
-
8/13/2019 Formal Software Development Program
164/997
What is formal software development Decidability
A typical proof by mathematical inductionThe sum of the first n natural numbers is given by
n
i=0
i=n(n + 1)
2(1)
Proof:
may
be
skip
ped
-
8/13/2019 Formal Software Development Program
165/997
Formal Software Development Program Overview March 8, 2011 28 / 187
What is formal software development Decidability
A typical proof by mathematical inductionThe sum of the first n natural numbers is given by
n
i=0
i=n(n + 1)
2(1)
Proof:
1 Let P(n) be the property given by (1)
may
be
skip
ped
-
8/13/2019 Formal Software Development Program
166/997
( ) p p y g y ( )
top related