Cs245 F16 Part 1

Logic and Computation:
Propositional Logic
Jonathan Buss
November 1, 2016
Based in part on materials prepared by B. Bonakdarpour
from Huth & Ryans text.
Additional thanks to D. Maftuleac, R. Trefler, and P. Van Beek.
1/241
Broad Outline of Propositional Logic
Introduction to Propositional Logic

Syntax
Semantics
Proof Systems
2/241
Logic: What and Why

Logic is the systematic study of the principles of reasoning and
inference.
We use logic throughout computer science,
To model the computer hardware, software and embedded
systems we create or encounter, in order to reason about those

objects in a mathematically precise and rigorous manner.
To understand how to develop systems that can themselves
apply reason and make inferences (artificial intelligence).

Historically, logic and CS are closely linked.
To define and build a computer required deep ideas from logic.
Computer science gave the first real definition of rigorous
argument: an argument that may be checked by a machine.
Introduction to Logic
What is logic?
3/241
An Example Argument
Consider this example.
If the train arrives late and there are no taxis at the station,
then John is late for his meeting.
John is not late for his meeting.
The train did arrive late.
Therefore, there were taxis at the station.
Question. Is this argument valid? Why, or why not?
What is logic?
4/241
An Example Argument
Question. What is the structure of the argument?
What is logic?
4/241
An Example Argument
Question. What is the structure of the argument?
We can represent the structure symbolically as
If p and not q, then r. Not r. p. Therefore q.
What is logic?
4/241
An Example Argument (2)

The argument in the previous example has the form
where
p stands for the train arrives late.
q stands for there are taxis at the station.
r stands for John is late for his meeting.
What is logic?
5/241

The argument in the previous example has the form
where
p stands for the train arrives late.
q stands for there are taxis at the station.
r stands for John is late for his meeting.
What happens if we change our notion of p, q and r? Perhaps
p stands for It rains.
q stands for Jane takes her umbrella.
r stands for Jane gets very wet.
Then the argument changes. . .
What is logic?
5/241

The essential argument: If p and not q, then r. Not r. p. Therefore q.
New choices for p, q and r:
p stands for It rains.
q stands for Jane takes her umbrella.
r stands for Jane gets very wet.
The new argument is
If it rains, and Jane does not take her umbrella, then Jane
gets very wet. Jane does not get very wet. It rains.
Therefore, Jane takes her umbrella.
An equally valid argument!
What is logic?
6/241
What Is Logic?Reprise
In the example argument,
The factual content of the statements doesnt matter.
The relationships among the statements govern the argument.
Logic concerns careful reasoning about the process of reasoning.

As part of this care, we need to know
What, exactly, constitutes a statement?
What, precisely, do the logical relationships mean?
We shall start with a basic form of logic, called propositional logic.
What is logic?
7/241
Propositions
A proposition is a declarative sentence that is either true or false.

In other words, we make the following defining assumption:
For any particular proposition, in any particular situation (or
world), either the proposition is true, or the proposition is
false, and it is never the case that the proposition is both
true and false.
Propositional logic
8/241
Examples of Propositions
Each of the following is a proposition.
The sum of 3 and 5 is 8.
The sum of 3 and 5 is 35.
5.
Program p terminates.
If the input to program p is a non-negative integer , then
p outputs the value 2 .
If Kathleen Wynne is a Tory, then Justin Trudeau is a Liberal.

Every even number greater than 2 is the sum of two prime
numbers.
Jane reacted violently to Jacks accusations.
In some of the cases, we may not know whether the statement is

true or false, but its one or the otherand not both.
Propositional logic
9/241
Translating from English to propositional logic

English phrases for connectives
p
not p; p does not hold; p is false;

it is not the case that p
pq
p and q; p but q; not only p but q; p while q;

p despite q, p yet q, p although q
pq
p or q, p or q or both, p and/or q, p unless q
pq
if p then q; p implies q; q if p, p only if q, q when p,

p is sufficient for q, q is necessary for p,
p q
p if and only if q (p iff q);

p is equivalent to q; p exactly if q;
p is necessary and sufficient for q,
Propositional logic
10/241
Examples
1. She is clever and hard working.
2. He is clever but not hard working.
3. He didnt write the letter or the letter was lost.
4. If he does not study hard then he will fail.
5. He must study hard; otherwise he will fail.
6. He will fail unless he studies hard.
7. He will not fail only if he studies hard.
Propositional logic
11/241
Examples
1. If it rains, he will be at home; otherwise he will go to the market
or to school.
2. The sum of two numbers is even if and only if both numbers are
even or both numbers are odd.
3. If y is an integer then z is not real, provided that is rational.
Propositional logic
12/241
Propositions
Some sentences are not propositions. For example, a sentence

might be
Interrogative: Where shall we go to eat?
Imperative:
Please pass the salt.
Ambiguous:
Time flies like an arrow.
Nonsense:
The mome raths outgrabe.
Otherwise problematic:
This sentence is false.
In the field of artificial intelligence, one must deal with such
sentences. For this course, however, we shall ignore them.
Propositional logic
13/241
The Aspects of Logic
Propositional logic is a form of symbolic logic. That is, it uses strings

of symbols to represent propositions and to build arguments.
A symbolic logic is formalized by the following.
Syntax: What statements do we consider?
Semantics: What does a statement mean?
Proof procedures: Given a statement, can we prove it true?
We shall treat each part in detail.
Propositional logic
14/241
Syntax of
Propositional Logic
Syntax
15/241
Atomic and compound propositions

In propositional logic, simple atomic propositions are the basic
building blocks.
They cannot be broken up into smaller propositions.
We connect atomic propositions into compound propositions, and
then analyze sets of interrelated propositions.
Typical questions to consider:
Does a given sequence of propositions form a valid argument?
Can all propositions in a given set be true simultaneously?
First, however, we must answer the question,

What is the structure of a proposition?
Syntax
16/241
Symbols and expressions

Propositions are represented by formulas.
A formula consists of a sequence of symbols. There are three kinds
of symbols.
Propositional variables: Usually lowercase Latin letters;
e.g., p, q, r, etc., perhaps with subscripts (p1 , p2 , q27 , etc.),
Connectives: We shall use , , , and .
(Others are possible.)
Punctuation: ( and ).
Every formula is a sequence of symbols, but not every sequence of

symbols is a formula.
An arbitrary finite sequence of symbols is an expression (or string).
Syntax
Symbols, expressions and formulas
17/241
More on Expressions
An expression is a finite sequence (or string) of symbols.
The length of an expression is its number of symbols.
For example, ()()pq is an expression.
Questions:
What is its length of this expression?
Is it a formula?
We often use a letter that is not formally a symbol in order to name

an expression. For example, we might denote the expression above
by .
This is an example of a meta-symbol. It is NOT a symbol!
Syntax
18/241
Talking about expressions

Some terminology for expressions.
Two expressions and are equal, written as = , iff they are
of the same length, say n, and if n > 0 then for all [1..n] the
th symbol of is the same as the th symbol of .
We write to mean the concatenation of two expressions
and . For example, if

and
then
= ()()
= pq
= ()()pq .
Syntax
19/241
Concatenation, formally
Definition:
If is an expression of length and is an expression of
length j, then is an expression of length + j. We have
the k th symbol of
if k
th
The k symbol of is
th
the (k ) symbol of if k >
Syntax
20/241
Definition of well-formed formula

Let P be a set of propositional variables. We define the set of
well-formed formulas (or WFFs) over P inductively as follows.
1. An expression consisting of a single symbol of P is a well-formed
formula.
2. If is a well-formed formula, then () is a well-formed formula.
3. If is a well-formed formula and is a well-formed formula,
then each of
( ) ,
( ) ,
and
( ) ,
and
( )
is a well-formed formula.
4. Nothing else is a well-formed formula.
(Note the use of the meta-symbols and to refer to formulas.)
Syntax
21/241
Examples: well-formed formulas
Example: The following are well-formed formulas.

1. p, q, r, s
(rule 1)
2. (p)
(rule 2, from #1)
3. (r q)
(rule 3, from #1)
4. ((p) s)
(rule 3, from #2 and #1)
5. ((r q) ((p) s))
(rule 3, from #3 and #4)
6. ((r q))
(rule 2, from #3)
Syntax
22/241
The Kinds of Formulas

The definition implies that each formula has one of the following
kinds.
A propositional variable is called an atom.
A formula () is called a negation.
A formula ( ) is called a conjunction.
A formula ( ) is called a disjunction.
A formula ( ) is called an implication.
A formula ( ) is called an equivalence.
Question: Can a formula have two (or more) kinds? E.g., can it be
both a conjunction and an implication? Or both a negation and a
disjunction?
Syntax
23/241
Semantics of
Propositional Logic
Semantics
24/241
Semantics
The semantics of a logic describes how to interpret the well-formed
formulas of the logic.
The semantics of propositional logic is compositional; in other
words, the meaning of a whole formula derives from the meaning of
its parts.
In propositional logic, we need to give meaning to atoms,
connectives, and formulas.
For example, the interpretation of formula (p q) depends on three
things: the meaning of p, the meaning of q, and the meaning of .
Semantics
25/241
Valuations: the status of atoms
Definition:
A truth valuation is a function with the set of all proposition
symbols as domain and {F, T} as range.
In other words, a truth valuation assigns a value to every
propositional variable.
If t(p) = T, then we say/write, t makes p true.
If t(p) = F, then we say/write, t makes p false.
A propositional variable has no intrinsic meaning; it gets a meaning

only via a valuation.
Semantics
26/241
Compound formulas
Let and be two formulas that express propositions A and B.

Intuitively, we give the following meanings to combinations.
Not A
A and B
A or B
If A then B
A iff B
The English, however, can be ambiguous. We want precise

meanings for formulas.
Semantics
27/241
Semantics of Connectives
Formally, a connective represents a function from truth values to
truth values.
There are two types of connectives: unary and binary.
The connective is unary; it maps one value to one value. We can
show its function in a picture, known as a truth table:
T
F
()
F
T
The other connectives are binary; they map two values to one value.
Thus their truth tables require four lines to cover the possibilities.
Semantics
Connectives
28/241
Truth tables for connectives

The binary connectives:
T
T
F
F
T
F
T
F
( )
T
F
F
F
( )
T
T
T
F
( )
T
F
T
T
( )
T
F
F
T
is as expected: ( ) is true if and only if both and are true.

The column for shows that it means one or the other or both.
This version is called inclusive or (as opposed to exclusive or).
The column for may not match your intuition.
Semantics
Connectives
29/241
If-then??
Some people find the meaning of rather unintuitive. You may
want to think of as meaning truth is preserved.
The meaning of T T is T because truth is preserved.
The meaning of T F is F because truth is not preserved.
The meaning of F T and F F are both T, because there is no
truth to preserve.
For example, the following sentence comes out true:
If everyone is a child, then the moon is made of green
cheese.
Some people prefer to call that sentence non-sensical, rather than
true. But propositional logic gives every formula a meaning.
Semantics
Connectives
30/241
Summary: value of a formula

Fix a truth valuation t. Every formula has a value under t,
denoted t , determined as follows.
1. pt = t(p).

2. ()t =
3. ( )t =
4. ( )t =
T
F

6. (
)t
The value of a formula

comes from the values of
its variables, combined as
given by its connectives.
T
F
if t = t = T
otherwise
T
F
if t = T or t = T
otherwise
T
F
if
= F or
otherwise
T
F
5. ( )t =
if t = F
if t = T
The valuation t is
necessary.
Without a valuation, a
formula has no value.
=T
if t = t
otherwise
Semantics
Formulas
31/241
Unique Readability of Formulas

We have defined the semantics (meaning) of a formula from its
syntax (the succession of symbols).
Is this well-defined? Or can a formula get two different meanings?
Theorem. Every well-formed formula has a unique derivation as a

well-formed formula. That is, each well-formed formula has exactly
one of the following forms:
(1) an atom, (2) (), (3) ( ), (4) ( ), (5) ( ) ,
or (6) ( )
In each case, it is of that form in exactly one way.
Another way of thinking about it is to ask the question: which
connective do the outer parentheses correspond to?
Semantics
Properties of formulas
32/241
(Why) Is the Theorem True?

As an example, consider (p q) r . It can be formed from the
two formulas (p q) and r using the connective .
If we tried to form it using , the two parts would need to be (p and

q) r. But neither of those is a formula!
How can we be sure the theorem holds for every formula?
Semantics
33/241
Mathematical Induction
To prove the theorem, we will use mathematical induction.

Before doing the proof, we will review mathematical induction.
This starts with the natural numbers.
Semantics
34/241
Natural Numbers
The natural numbers are the numbers we use to count things.
Before we start, we count zero; as we find things we count one, two,
etc.
The natural numbers form an unbounded sequence
0, 1, 2, 3, 4, . . .
Suppose P names a property. We write P(2) to mean 2 has
property P, or P holds for 2.
A statement every natural number has property P corresponds to
a sequence of statements
P(0), P(1), P(2), P(3), P(4), . . .
Semantics
Mathematical induction
35/241
Mathematical Induction
Principle of mathematical induction:
Suppose we establish two things: that
0 has property P, and that
whenever any number has property P, then the next
number also has property P.
Then we may conclude that every natural number has
property P.
Example: Show that
n
P
=0
n(n+1)
2
for every natural number n.
Let P be the property; that is, let P(n) be
n
P
=0
Semantics
n(n+1)
.
2
36/241
Proof for the example

Step 1 (basis step): The property P(0) is
0
P
=0
0(0+1)
2
The left side of the equation is just 0. Also the right side evaluates
to 0.
Thus 0 has property P.
Step 2 (inductive step): hypothesize that some number has
property P; in other words, that
some P
number
=0
some number (some number+1)

2
Semantics
37/241
Proof for the example

Step 1 (basis step): The property P(0) is
0
P
=0
0(0+1)
2
The left side of the equation is just 0. Also the right side evaluates
to 0.
Thus 0 has property P.
Step 2 (inductive step): hypothesize that some number has
property P; in other words, that
some P
number
=0
some number (some number+1)

2
For simplicity, we give a name to the some number. I choose k.

Thus the hypothesis becomes
k
P
=0
Semantics
k(k+1)
2
37/241
Step 2 (inductive step), continued:

We hypothesize that k has property P; that is,
k
X
k(k + 1)
=0
We need to demonstrate that k + 1 has property P; that is,

k+1
X
=0
(k + 1) ((k + 1) + 1)
2
(k + 1) (k + 2)
2
We calculate:
k+1
X
=0
=
=
=
k
X
+ (k + 1)
=0
k(k+1)
+ (k + 1)
2

k
+ 1 (k + 1)
2
(k+1)(k+2)
2
Semantics
definition of
hypothesis
"algebra"
DONE!
38/241
Step 2 (inductive step), continued:

We hypothesize that k has property P; that is,
k
X
k(k + 1)
=0
We need to demonstrate that k + 1 has property P; that is,

k+1
X
=0
(k + 1) ((k + 1) + 1)
2
(k + 1) (k + 2)
2
We calculate:
k+1
X
=0
=
=
=
k
X
+ (k + 1)
=0
k(k+1)
+ (k + 1)
2

k
+ 1 (k + 1)
2
(k+1)(k+2)
2
Semantics
definition of
hypothesis
"algebra"
DONE!
38/241
Observations/Techniques
To talk about something, give it a name.
E.g., property P, number k, etc.
A formula is a textual object. In this text, we can substitute one
symbol or expression for another. For example, we put k + 1 in
place of k.
The induction principle gives a template for a proof:
The proof has two parts: the basis and the inductive step.
In the inductive step, hypothesize P(k) and prove P(k + 1) from
it.
But the induction principle does not say how to actually do either
step. We must invent the method ourselves.
Semantics
39/241
Simple Induction vs. Strong Induction

Simple Induction
Strong Induction
or Course of Values
Basis
Show P(0)
Show P(0)
Ind. Hypothesis P(k) holds
P(m) holds, for every m k
Ind. Step
Show P(k + 1) holds
Show P(k + 1) holds
Conclusion
P(k) holds for every k P(k) holds for every k
Simple induction is sometimes called weak induction.
What is the difference?
Semantics
40/241

Simple Induction
Strong Induction
or Course of Values
Basis
Show P(0)
Show P(0)
Ind. Step
Show P(k + 1) holds
Show P(k + 1) holds
Conclusion

Define Q(k) as the property P(m) holds, for every m k.
Semantics
40/241

Simple Induction
Strong Induction
or Course of Values
Basis
Show P(0)
Show P(0)
Ind. Step
Show P(k + 1) holds
Show P(k + 1) holds
Conclusion

Q(0) is equivalent to P(0).
Semantics
40/241

Simple Induction
Strong Induction
or Course of Values
Basis
Show Q(0)
Show P(0)
Ind. Step
Show P(k + 1) holds
Show P(k + 1) holds
Conclusion

Q(k + 1) is equivalent to Q(k) and P(k + 1).
To prove Q(k + 1) from Q(k), need only to prove P(k + 1).
Semantics
40/241

Simple Induction
Strong Induction
or Course of Values
Basis
Show Q(0)
Show P(0)
Ind. Hypothesis Q(k) holds
Ind. Step
Show Q(k + 1) holds
Show P(k + 1) holds
Conclusion

Q(k) for every k is equivalent to P(k) for every k.
Semantics
40/241

Simple Induction
Strong Induction
or Course of Values
Basis
Show Q(0)
Show P(0)
Ind. Hypothesis Q(k) holds
Ind. Step
Show Q(k + 1) holds
Show P(k + 1) holds
Conclusion
Q(k) holds for every k P(k) holds for every k
What is the difference? No difference!

Q(k) for every k is equivalent to P(k) for every k.
Semantics
40/241
Structural Induction
Goal: prove that every formula has property P.
How to prove such a statement? Can we use induction?
A formula is not a natural number. . . .
Semantics
41/241
Structural Induction
How to prove such a statement? Can we use induction?
A formula is not a natural number, but it suffices to prove any one of
the following.
For every natural number n, every formula with n or fewer
symbols has property P.
or
For every natural number n, every formula with n or fewer
connectives has property P.
or
Semantics
41/241
Structural Induction (2)

or
For every natural number n, every formula whose parse tree
has height n or less has property P.
or
For every natural number n, every formula producible with n
or fewer uses of the formation rules has property P.
In each of these formulations, the induction step requires showing
that

If P() and P(), then P () and P ( ? ) .
Formulas and have smaller n values than () and ( ? ) do,
where ? represents an arbitrary binary connective.
Semantics
42/241
The principle of Structural Induction
Theorem. Let R be a property. Suppose that

1. for each atomic formula p, we have R(p); and

2. for each formula , if R() then R () ; and
3. for each pair of formulas and , and each binary connective ?,
if R() and R() then R ( ? ) .
Then R() for every formula .
Use of this principle is called structural induction.
Structural induction is a special case of mathematical induction.
Semantics
43/241
Example: Parentheses in Formulas

For example, to illustrate structural induction, we shall prove the
following.
Lemma. Every well-formed formula has an equal number of
left and right parentheses.
Proof. We use structural induction. The property to prove is
R(): has an equal number of left and right parentheses
for every formula .
Base case: is an atom.

has no parenthesesonly a propositional variable. Thus R()
holds.
This completes the proof of the base case.
Semantics
44/241
Example, contd the Inductive Step

Inductive step:
Hypothesis: formulas and both have property R.
To prove: each of the formulas (), ( ), ( ), ( ) ,
and ( ) has property R.
Semantics
45/241

Inductive step:
W.l.o.g., we consider ( ).
Notation: For any formula , let op() denote the number
of ( in , and let c() denote the number of ) in .

We calculate op ( ) :

op ( ) = 1 + op() + op()
Semantics
inspection
45/241

Inductive step:


op ( ) = 1 + op() + op()
= 1 + c() + c()
Semantics
inspection
R() and R()
45/241

Inductive step:


op ( ) = 1 + op() + op()
= 1 + c() + c()

= c ( )
Semantics
inspection
R() and R()
inspection .
45/241
Back to the Unique Readability Theorem

Theorem. Every formula is exactly one of an atom, (),
( ), ( ), ( ) or ( ); and in each case it is of
that form in exactly one way.
We want to prove this using structural induction. How will it go?
Semantics
46/241

The proof will consider formulas of the form ( ). One such is our
previous example ((p q) r), which has (p q) for and r for .
Semantics
46/241

Is this the only way to write the formula ((p q) r)?
Semantics
46/241

Is this the only way to write the formula ((p q) r)? What about
((p q) r) = ( 0 0 ) ,
where 0 is the expression ((p and 0 is the expression q)r)?
Semantics
46/241

Is this the only way to write the formula ((p q) r)? What about
((p q) r) = ( 0 0 ) ,
where 0 is the expression ((p and 0 is the expression q)r)?
Fortunately, neither 0 nor 0 is a formula. (Why?)
Semantics
46/241
Does It Always Work?

The theorem worked out for one example.
How can we make sure the inductive step works for every formula?
That is, if ( 0 0 ) is the same expression as ( ), how can we
argue that neither 0 nor 0 can be a formula?
Can 0 (or 0 ) have an equal number of left and right parentheses?
If not, why not?
Semantics
47/241
Does It Always Work?

The theorem worked out for one example.
How can we make sure the inductive step works for every formula?
That is, if ( 0 0 ) is the same expression as ( ), how can we
argue that neither 0 nor 0 can be a formula?
Can 0 (or 0 ) have an equal number of left and right parentheses?
If not, why not?
To do the proof, we actually need to know more about formulas.

This illustrates a common feature of inductive proofs: they often
prove more than just the statement given in the theorem.
Semantics
47/241
Proving Unique Readability

Property P(n):
Every formula containing at most n connectives satisfies
all three of the following.
A: The first symbol of is either ( or a variable.
B: has an equal number of ( and ), and
each proper prefix of has more ( than ).
C: has a unique construction as a formula.
(A proper prefix of is a non-empty expression such that is y
for some non-empty expression y.
E.g. if = ((p q) r)) then could be any of the following (, ((,
((p, ((p , ((p q, ((p q), ((p q) ,((p q) r,
((p q) r).
We prove property P for all n by induction.
Semantics
48/241
A Key Case of the Inductive Step

Inductive hypothesis: P(k) holds for some natural number k.
To show P(k + 1), let formula have k + 1 connectives.
A key case: is ( ? ). For property C, we must show that if is
(0 ?0 0 ) for formulas 0 and 0 , then = 0 , ? = ?0 and = 0 .
If 0 has the same length as , then they must be the same string
(both start at the second symbol of ).
Otherwise, either 0 is a proper prefix of or is a proper prefix
of 0 . But since and 0 are formulas with at most k
connectives, the inductive hypothesis applies to them.
In particular, each has property B, and thus neither can be a
proper prefix of the other.
Thus has a unique derivation, as required by property C.
Semantics
49/241
Commentary
The goal of the proof is property Cunique formation.
However, properties A and B are required in order to prove C.
There are actually two equally good options for a proof:
1. Prove A, B and C simultaneously, as a single compound
property.
(As done here.)
2. Prove them separately: first A, then B, and finally C.
(The text uses this method.)
Two fundamental techniques:
1. If a proof doesnt work, go back and fix it
as often as necessary.
2. Start from the end and work backwards.
Semantics
50/241
Two consequences of unique formation

We will define the semantics (meaning) of a formula from its syntax.
Thus unique formation ensures unambiguous formulas.
..............................................................................
Given a formula, determine its sub-formulas by counting
parentheses.
...
( rest of subformula )
{z
}
|
To determine m: count
excess of ( over )
m+1
m+ 2 ... n 1
subformula 2
When the count returns to zero, the subformula has ended.

(For efficient parsing of more-complicated formulas/programs, see CS 241.)
Semantics
Consequences of unique formation
51/241
Working with Formulas
52/241
Evaluating formulas
Recall that propositional logic is compositional. The value of two
subformulas, determines the value of their composition using a
propositional connective. Given a valuation t:
pt = t(p)

T
()t =
F

T
( )t =
F
if t = F
if t = T
if t = t = T
otherwise
( ) =
( )t =
( )t =
T
F
if t = T or t = T
otherwise
T
F
if t = F or t = T
otherwise
T
F
if t = t
otherwise
Using these rules, we can build a truth table considering all

combinations.
For a formula with n variables, the full truth table has 2n lines.
Evaluation of Formulas
53/241
Example: evaluating a formula

Example. Consider ((p q) (q r)).
It has the following truth table.
p
F
F
F
F
T
T
T
T
q
F
F
T
T
F
F
T
T
r
F
T
F
T
F
T
F
T
(p q)
F
F
T
T
T
T
T
T
(q r)
F
F
F
T
F
F
F
T
(p q) (q r)
T
T
F
T
F
F
F
T
Columns: List all the propositional variables on left and all the
subformulas (in increasing order of the number of connectives) on
the right.
Rows: Create a row for every possible combination of truth
valuations for the propositional variables.
54/241
Exercises
Build the truth table for

i. q (p)

ii. (q) (p)

iii. p (q)) q (p)
55/241
Tautology, Satisfaction, Contradiction

Classifying Formulas
A formula is a tautology if and only if for every truth
valuation t, t = T.
(p (p)) is a tautology.
A formula is a contradiction if and only if for every truth

valuation t, t = F.
(p (p)) is a contradiction.
A formula is satisfiable if and only if there is some truth

valuation t such that t = T.
(p q) is satisfiable. Set both variables to T.
Note: a formula is satisfiable if and only if it is not a contradiction.

Semantic properties of formulas
56/241
A Tautology Example
Example. Is ((((p q) r) (p q)) (p r)) a tautology?
One method: Fill out a truth table.
For larger formulas, with more variables, this approach can take a
long time.
Can we do better? Is there some other method?

Basic Idea For a formula like (p q) ((p) r) , if we set t(p) = T

then the formula simplifies to (T q) (F r) which in turn
simplifies to q.
Clearly this formula is not a tautology. When you set t(p) = T and
t(q) = F it has the value F.
Clearly this formula is not a contradicton. When you set t(p) = T and
t(q) = T it has the value T.
57/241
Short-Cutting a Truth Table

Rather than fill out an entire truth table, we can observe what
happens if we set a variable to T (or F) in order to simplify the
formula.
Let A be a truth value; that is, A {F, T}. We can combine it with
other truth values as follows.
T
F
F
T
AT
AF
TA
FA
AA
A
F
A
F
A
AT
AF
TA
FA
AA
T
A
T
A
A
AT
AF
TA
FA
AA
T
A
A
T
T
We can use these rules to evaluate a formula, by using a valuation

tree. A valuation tree may sometimes be much smaller than the
corresponding truth table. Especially if one or two variables occur
frequently in a formula.
58/241
Example: Valuation trees

Example. Show that (p q) r) (p q) (p r) is a
tautology.
59/241

tautology.
Case 1: In valuations with t(p) = T, we put T in for p:

(T q) r (T q) (T r) .

From the previous table, this becomes (q r) q r.
59/241

tautology.

(T q) r (T q) (T r) .

If t(q) = T, this yields (r r) and then T. (Check!).

If t(q) = F, it yields (F r) and then T. (Check!).
59/241

tautology.

(T q) r (T q) (T r) .

If t(q) = T, this yields (r r) and then T. (Check!).

If t(q) = F, it yields (F r) and then T. (Check!).
Case 2: In valuations with t(p) = F, we get

((F q) r) (F q) (F r) ,

Simplification yields (F r) T T and eventually T.
Thus every valuation makes the formula true, as required.

59/241
Equivalence of Formulas
Suppose that a formula ( ) is a tautology.
Then and must have the same final column in their truth
tablesthey have the same value under any valuation.
E.g. if = (q (p)) and = (p q) we can see that their
corresponding columns are identical.
p
F
F
T
T
q
F
T
F
T
(q (p))
T
T
F
T
p
F
F
T
T
(p q)
T
T
F
T
q
F
T
F
T
In symbols: t = t , for every valuation t.

Such formulas are called equivalent formulas. We use the notation
to mean that and are equivalent.

Equivalence
60/241
Equivalent is Equivalent
Equivalent formulas are equivalent in any context.
Lemma. Suppose that . Then for any formula , and any
connective ?, the formulas ( ? ) and ( ? ) are equivalent:
( ? ) ( ? ) .
Proof idea: a value ( ? )t depends only on the values t and t ,
and the identity of ?.

Example: (p) p p. Check this with a truth table.
p
F
T
(p)
T
F
(p) p
F
T

Hence we get that (p p) q (p q).
Equivalence
61/241
Algebra of Formulas
Many equivalences of formulas look much like rules of ordinary
arithmetic.
Commutativity
( ) ( )
( ) ( )
Idempotence
( )
( )
Associativity
Double Negation
(())

( ) ( )
( ) ( )
Distributivity

( ) ( ) ( )
( ) ( ) ( )
Equivalence
De Morgans Laws
( ) ( )
( ) ( )
62/241
Algebra of Formulas, contd

Simplification I (Absorbtion)
( T)
( T) T
( F) F
( F)
Implication
( ) (() )
Simplification II

( )
( )
Equivalence
Contrapositive
( ) () ()
( ) ( ) ( )
Excluded Middle
( ()) T
Contradiction
( ) F
(T and F arent really formulas, but well pretend.)
Equivalence
63/241
Examples of Using Identities

Prove or disprove each of the following.
1.
2.
3.
4.
5.
6.
7.
8.

(p q) (q r)

(p r) (q s)

p (p q)

(p (r s))

((p q) p)
p
p

p ((q p) p)

q (p r)

(p q) (p s) (r q) (r s)
p (without using Simplification II)

(p r) (p s)
F

p (q p)

p (((q) (p)) p)
q
Note: Apply only one rule per line of your proof (but you may apply
the rule multiple times).
Equivalence
64/241
Application: Cards
We are given a deck of cards with a letter of the alphabet on one
side and a natural number on the other side.
Claim: For the four cards shown below, each card that has a vowel
on one side, has an even number on the other side.
Is the claim true?

How many cards must you turn over, in order to determine whether
or not the claim is true? Which ones?
Express the claim in propositon logic as a statement about four
cards and use the formulas on the previous slides to reduce it to a
statement about fewer cards.
Equivalence
65/241
Satisfiability of Sets of Formulas

Previously we talked about the notion that a single formula can be
satisfiable but satisfiability extends to sets of formulas.
Let denote a set of formulas and t a valuation. Define

T
if for each , t = T
t
=
F
otherwise
When t = T, we say that t satisfies .
A set is satisfiable iff there is some valuation t such that t = T.
Example: The set of formula = {, , } is satisfiable iff
( ) is satisfiable.
Example: The set {((p q) r), (p q s)} is satisfiable with the
valuation t(q) = T.
Entailment
66/241
Logical Consequence, a.k.a. Entailment

Let be a set of formulas, and let be a formula. We say that
is a logical consequence of , or
(semantically) entails , or
in symbols, |= ,
if and only if for any truth valuation t,

if t = T then also t = T.
We write 6|= for not |= . That is,
there exists a truth valuation t such that t = T and t = F.
Note that ( ) is a formula but |= is a statement about
formulas, specifically how a set of formulas is related to another
formula.
Entailment
67/241
Examples: Entailment
Example
{(p q), (q r)} |= (p r)
Entailment
68/241
Example
{(p q), (q r)} |= (p r)
Example

((p (q)) r), (q (r)), (p r) 6|= (p (q r))
Entailment
68/241
Example
{(p q), (q r)} |= (p r)
Example

((p (q)) r), (q (r)), (p r) 6|= (p (q r))
Example
|= means that is a tautology. Why?
Entailment
68/241
Example
{(p q), (q r)} |= (p r)
Example

((p (q)) r), (q (r)), (p r) 6|= (p (q r))
Example
|= means that is a tautology. Why?
Example
{, ()} |= is always true, whatever and are. Why?
Entailment
68/241
Equivalence and Entailment
Equivalence can be expressed using the notion of entailment.

Lemma. if and only if both {} |= and {} |= .
Entailment
69/241
A Code Example
if ( (input > 0) OR NOT output ) {
if ( NOT (output AND (queuelength < 100) ) ) {
P1
} else if ( output AND NOT (queuelength < 100) ) {
P2
} else { P3 }
} else { P4 }
When does each piece of code get executed?
Let :
:
q:
input > 0,
output,
queuelength < 100.
Conditional Code
70/241
A Code Example, contd

if ( ) {
if (( q)) {
P1
}
else if ( q) {
P2
}
else {
P3
}
} else {
P4
}
P4
P4
Conditional Code
( q)
Action
71/241

if ( ) {
if (( q)) {
P1
}
else if ( q) {
P2
}
else {
P3
}
} else {
P4
}
( q)
Action
P3
P1
P1
P1
P4
P4
P1
P1
Conditional Code
71/241

if ( ) {
if (( q)) {
P1
}
else if ( q) {
P2
}
else {
P3
}
} else {
P4
}
( q)
Action
P3
P1
P1
P1
P4
P4
P1
P1
P2 is never executed.
Conditional Code
71/241
Finding Dead Code
Prove that P2 is dead code.

The conditions leading to P2 can never be true.
To execute P2 , the condition for the first if stmt is T, for the second
if stmt it is F, and for the else if stmt it is T.
( ) ( q) ( q)
( ) ( q) ( q)
( ) ( q) (q )
( ) (q q)
( ) F
F
Negation
Commutativity
Associativity
Contradiction
Simplification I
Conditional Code
72/241
Finding Live Code

Prove that P3 is live code.
The conditions leading to P3 can be true.
To execute P3 , the condition for the first if stmt is T, for the second
if stmt it is F, and for the else if stmt it is F.
P3 is executed when the formula
( ) ( q) ( q)
is true.
Find a satisfying truth valuation for this formula.
For example: t() = T, t() = T, t(q) = T.
Conditional Code
73/241
Simplifying Code
Consider these two fragments of code. Are they equivalent?
Fragment 2:
Fragment 1:
if ( q ) {
P3
}
else if ( ) {
P4
}
else {
P1
}
if ( ) {
if ( ( q) ) {
P1
}
else if ( q ) {
P2
}
else {
P3
}
}
else {
P4
}
Conditional Code
74/241
Simplifying Code
To prove that the two fragments are equivalent, show that each
block of code P1 , P2 , P3 , and P4 is executed under equivalent
conditions.
Block
P1
P2
P3
P4
Fragment 1
( ) ( q)
( ) ( q) ( q)
( ) ( q) ( q)
( )
Fragment 2
( q) ( )
F
( q)
( q) ( )
Conditional Code
75/241
Definability of Connectives
Formulas and are equivalent.
Thus is said to be definable in terms of and .
There are actually sixteen possible binary connectives. (Why?)
Two of these are essentially nullary (they ignore the input).
1. one is always T no matter what the input
2. the other is always F no matter what the input
Four others are essentially unary (they ignore one value but not the
other).
E.g. a connective (p ? q) = p ignores the first value and always
returns the second value.

This leaves ten additional binary connectives.
Alternative Sets of Connectives
76/241
Adequate Sets
A set of connectives is said to be adequate iff any n-ary (n 1)
connective can be defined in terms of the ones in the set.
Lemma. {, , } is an adequate set of connectives.
Proof: see the equivalence rules Implication and Equivalence.
Lemma. Each of the sets {, }, {, }, and {, } is adequate.
Proof: For the first two, use De Morgans laws. For the third, . . . ?
Theorem. The set {, } is not an adequate set of connectives.
Proof: For both and : the output is always F if both inputs are F;
the output is always T if both the inputs are T. So you cannot
implement .
77/241
Some Questions about Adequate Sets

Question: Is there a binary connective such that the singleton
set {} is adequate?
Question: Are there binary connectives c1 , c2 and c3 such that

{c1 , c2 , c3 } is adequate, but none of {c1 , c2 }, {c1 , c3 }, or {c2 , c3 } is
adequate?
(Such a set is called a minimal adequate set.)
Question: Find all minimal adequate sets containing only binary,

unary and nullary connectives.
78/241
Proofs in Propositional Logic:

Resolution
Proofs in Propositional Logic
79/241
What Is a Proof?
A proof is a formal demonstration that a statement is true.
It must be mechanically checkable. A reader need not apply any
intuition or insight to verify that it is correct.

In fact, a computer could verify its correctness.
A proof is generally syntactic, (i.e. format) rather than semantic (i.e.

meaning.
Syntactic rules permit mechanical checking.
The rules are chosen for semantic reasons, but their use
remains purely syntactic.
Notions of Proof
80/241
What Makes a Proof?

Generically, a proof consists of a list of formulas.
The premises, if any, are listed first.
Each subsequent formula must be a valid inference from
preceding formulas.
That is, there is an inference rule (defined by the proof system)
that justifies the formula, based on the previous ones.
The final formula is the conclusion.
The key here is the set of inference rules. A set of inference rules
defines a proof system.
We notate there is a proof with premises and conclusion by
`
which can be read as proves .
Notions of Proof
81/241
Inference Rules
In general, an inference rule is written as
1
...
This notation means,

suppose that each of the formulas 1 , 2 , . . . , already
appears in the proof (either assumed or previously inferred).
Then one may infer the formula i.e. write it as the next
formula in the proof.
Examples of possible rules:

A kind of definition of .
Notions of Proof
Rules need not be

equivalences.
82/241
Approaches to Proofs
Direct proofs:
To establish ` , give a proof with 1 , 2 , . . . , n as
assumptions, and obtain as the conclusion.
Refutations (a.k.a. indirect proofs, or proofs by contradiction):
To establish ` , take as an assumption, in addition to
1 , 2 , . . . , n . Obtain a definitive contradiction (denoted )
as a conclusion.
In other words, give a direct proof of {} ` .
Why does the refutation approach work?
If {} is a contradiction, then any valuation t that makes
true must make false and thus make true. Therefore, |= .
Notions of Proof
83/241
Proofs and Entailment

Recall that
The following is a statement about truth valuations: |= iff for
any truth valuation t, if t = T then also t = T,
The following is a statement about proofs: ` iff there is a
proof with assumptions and conclusion .

We have outlined the following plan.
Goal: Show that |= .
Method: Show that ` (i.e., give a proof).
To justify this, we need to eventually show that
` implies |= .
More on this topic later (specifically slide 93). First let us consider a
proof system.
Notions of Proof
84/241
The Resolution System and Rule

Resolution is a refutation system, with the following inference rule:
p p
for any variable p and formulas and .

We consider the following as special cases:
Contradiction:
(refutation is complete)
Unit resolution:
(eliminate p)
p p
A proof is complete when one derives a contradiction .

In this case, the original assumptions are refuted.
Resolution
85/241
Example of Using Resolution

Example: prove {p, q} `Res p q.
Our aim: derive a contradiction from {p, q, (p q)}.
As a preliminary step, re-write the third formula as (p q).
We start the actual proof with the three formulas.
1.
premise
2.
premise
3.
p q
negated goal
Now, we recall the inference rule: p p .
Consider lines 1 and 3. . . .
Resolution
86/241
Example of Using Resolution, contd

The proof so far:
1.
premises
2.
premises
3.
p q
from negated goal
We have the formulas (1) p and (3) p q.

Apply unit resolution, yielding the formula q.
Resolution
87/241
1.
premises
2.
premises
3.
p q
from negated goal
4.
1, 3

We have the formulas (2) q and (4) q.
Apply the contradiction rule, yielding .
Resolution
87/241
1.
premises
2.
premises
3.
p q
from negated goal
4.
1, 3
5.
2, 4

We have the formulas (2) q and (4) q.
Apply the contradiction rule, yielding .
Done!
Resolution
87/241
Conjunctive Normal Form

The Resolution rule can only be used successfully on formulas of a
restricted form.
Conjunctive normal form (CNF):
A literal is a (propositional) variable or the negation of a variable.
A clause is a disjunction of literals.
A formula is in conjunctive normal form if it is a conjunction of
clauses.
In other words, a formula is in CNF if and only if
its only connectives are , and/or ,
applies only to variables, and
applies only to subformulas with no occurrence of .
Resolution
88/241
Converting to CNF
1. Eliminate implication and equivalence.
Replace ( ) by ( )
Replace ( ) by ( ) ( ).
Now only , and appear as connectives.
2. Apply De Morgans and double-negation laws as often as
possible.
Replace ( ) by .
Replace ( ) by .
Replace by .
Now negation only occurs in literals.
3. Transform into a conjunction
of clauses usingdistributivity.

Replace ( ) by ( ) ( ) .
4. Simplify using idempotence, contradiction, excluded middle and
Simplification I & II.
Resolution
89/241
The Resolution Proof Procedure
To prove from , via a Resolution refutation:

1. Convert each formula in to CNF.
2. Convert to CNF.
3. Split the CNF formulas at the s, yielding a set of clauses.
4. From the resulting set of clauses, keep applying the resolution
inference rule until either:
The empty clause results.
In this case, ` is a theorem.
The rule can no longer be applied to give a new formula.
In this case, ` is not a theorem.
Resolution
90/241
Example: Resolution
To show: {(p q), (q r)} `Res (p r).

Convert each premises formula to CNF.
We get (p q) and (q r).
Convert the negation of the goal formula to CNF:
Replacing the yields (p r); then
De Morgans law yields (p r).
Split the which yields four clauses: (p q), (q r), p and r.
Resolution
91/241
Example, contd
Now we can make inferences, starting from our premises.

1.
p q
premise
2.
q r
premise
3.
from negated conclusion
4.
Resolution
92/241
Example, contd

1.
p q
premise
2.
q r
premise
3.
4.
5.
1, 3 (variable p)
Resolution
92/241
Example, contd

1.
p q
premise
2.
q r
premise
3.
4.
5.
1, 3 (variable p)
6.
2, 5 (variable q)
Resolution
92/241
Example, contd

1.
p q
premise
2.
q r
premise
3.
4.
5.
1, 3 (variable p)
6.
2, 5 (variable q)
7.
4, 6 (variable r)
Refutation complete!
Resolution
92/241
Proofs and Entailment

Recall (from slide 84) that a proof is different from semantic
entailment.
The following is a statement about truth valuations: |= iff for
any truth valuation t, if t = T then also t = T,
The following is a statement about proofs: ` iff there is a
proof with assumptions and conclusion .

Resolution is a proof system but it is not entirely clear that `Res
has anything to do with |= .
We want to show
1. Soundness: `Res implies that |= , that is, if we prove
something using Resolution then it is true.
2. Completeness: |= implies that ` , that is, every
entailment has a proof.
Soundness and Completeness of Resolution
93/241
Resolution Is Sound
For resolution to be meaningful, we need the following.
Theorem. Suppose that {1 , . . . , n } `Res ; that is, there is a
resolution refutation with premises 1 , . . . , n and conclusion .
Then the set {1 , . . . , n } is unsatisfiable (contradictory).
That is, if {} `Res , then {} is a contradiction.
Therefore, |= .
In other words, the Resolution proof system is sound.
I.e. if we prove something, (with a method like resolution) then it is
true using a truth valuation.
We prove the theorem by induction on the length of the refutation.
94/241
Soundness: The central argument

Note: we are skipping the base case.
Claim: Suppose that a set = {1 , . . . , k } is satisfiable. Let k+1 be
a formula obtained from by one use of the resolution inference
rule. Then the set {k+1 } is satisfiable.
Proof: Let truth valuation t satisfy ; that is, t = T for each .
Let k+1 be 1 2 , obtained by resolving = p 1 and
j = p 2 i.e. we took two previous formulas and applied
Resolutions inference rule.
But p is either T or F, i.e. more formally
Case I: t(p) = F. Since t = T, we must have t1 = T. Thus tk+1 = T.
Case II: t(p) = T. Since tj = T, we must have t2 = T. Thus tk+1 = T.
In either of the two possible cases, we have tk+1 = T, as claimed.
95/241
The Claim Implies the Theorem

Using induction on n, the previous claim implies
Claim II: Suppose that the set = {1 , . . . , k } is satisfiable.
Let be a formula obtained from by n uses of the
resolution inference rule. Then the set {} is satisfiable.
(The previous claim is the inductive step of this one.)
Therefore, if a set of premises leads to after any number n of

resolution steps, the set must be unsatisfiablesince any set
containing is unsatisfiable.
Thus Resolution is a sound refutation system, as required.
96/241
Can Resolution Fail?

In some cases, there may be no way to obtain , using any number
of resolution steps. What then?
Definition. A proof system S is complete if every entailment has a
proof; that is, if
|= implies `S .
Here the subscript S refers to a particular proof system. So far we
have seen Resolution, but there are other proof systems such as
Natural Deduction (ND).
Theorem. Resolution is a complete refutation system for CNF
formulas. That is, if there is no proof of from a set of premises
in CNF, then is satisfiable.
97/241
Resolution Is Complete (Outline)

Claim. Suppose that a resolution proof reaches a dead endthat
is, no new clause can be obtained, and yet has not been derived.
Then the entire set of formulas (including the premises!) is
satisfiable.
Proof (outline): We use induction again. However, it is not an
induction on the length of the proof, nor on the number of formulas.
Instead, we use induction on the number of variables present in the
formulas.
Basis: only one variable occurs, say p.

After conversion to CNF and simplification, the only possible clauses
are p and p. If both occured, would be derivable. Thus at most
one does; we can satisfy it.
98/241
Completeness Proof, part II

Inductive hypothesis: The claim holds for sets having at most k
variables.
Consider a set of clauses using k + 1 variables, from which no
additional clause can be derived via the resolution rule. Suppose
that it does not contain . Select any one variable, say p, and
separate the clauses into three sets:
Sp : the clauses that contain the literal p.
Sp : the clauses that contain the literal p.
R: the remaining clauses, which do not contain p at all.
The remainder set R has at most k variables.

Thus the hypothesis applies: it has a satisfying valuation .
99/241
Completeness Proof, part III

We have a truth valuation t, on the variables other than p, that
satisfies set R, the clauses that do not contain p. We now must
satisfy the sets Sp and Sp .
Case I: Every clause in Sp , of the form p , has t = T.
In this case, the set Sp is already satisfied. Define t(p) = F,
which additionally makes every clause in Sp true.
Case II: Sp has some clause p with t = F.
In this case, set t(p) = T; this satisfies every formula in Sp .
What about a clause p in Sp ?
Consider the formula , obtained by resolution from
p and p . It must lie in R; thus t = T. Thus also
(p )t = T, as required.
Thus the full set of clauses Sp Sp R is satisfiable.
By induction, every set that cannot produce is satisfiable.
100/241
Resolution Provides an Algorithm
The resolution method yields an algorithm to determine whether a

given formula, or set of formulas, is satisfiable or contradictory.
Convert to CNF. A well-specified series of steps.
Form resolvents (the result of applying resolutions inference
rule) until either is derived, or no more derivations are

possible.
If is derived, the original formula/set is contradictory. Otherwise,
the preceding proof describes how to find a satisfying valuation.
101/241
The Algorithm Can Be Very Slow

The algorithm can be souped up in many ways.
Choosing a good order of doing resolution steps. (It matters!)
Sophisticated data structures, to handle large numbers of
clauses.
Additional techniques: setting variables, learning, etc.
However, it still has limitations.

Theorem (Haken, 1985): There is a number c > 1 such that
For every n, there is an unsatisfiable formula on n variables
(and about n1.5 total literals) whose smallest resolution
refutation contains more than cn steps.
Resolution is an exponential-time algorithm!
(And you thought quadratic was bad. . . .)
102/241
Resolution in Practice: Satisfiability (SAT)

solvers
Determining the satisfiability of a set of propositional formulas is a

fundamental problem in computer science.
Examples:
software and hardware verification
automatic test pattern generation
planning
scheduling
. . . many problems of practical importance can be formulated as

determining the satisfiability of a set of formulas.
103/241
Resolution in practice: SAT Solvers

Modern SAT solvers can often solve hard real-world instances with
over a million propositional variables and several million clauses.
Annual SAT competitions:

http://www.satcompetition.org/
Many are open source systems.
Best SAT solvers are based on backtracking search.
104/241
Satisfiability in Theory
If a formula is satisfiable, then there is a short demonstration of that:
simply give the valuation. Anyone can easily check that it is correct.
The class of problems with this property is known as NP.
The class of problems for which one can find a solution efficiently is
known as P.
(For a precise definition, we need to define efficiently. We wont,
here.)
A Fundamental Question: Is P = NP?
A partial answer: If SAT is in P (by any algorithm), then P = NP.
105/241
Proofs in Propositional Logic:

Natural Deduction
Natural Deduction
106/241
Why Another Proof System?

The Resolution system is both sound and complete. Why do we
need another proof system?
Resolutions Limitations
Resolution proofs are fine for computers, but people normally
reason quite differently. To model what people do, we must take

another approach.
Resolution is closely tied to propositional logic. Extending it to
other forms of logic requires significant additional techniques.
Thus we will consider a system called Natural Deduction (ND).
It closely follows how people (mathematicians, at least)
normally make formal arguments.

It extends easily to more-powerful forms of logic.
Natural Deduction
Introduction
107/241
Overview of Natural Deduction

As in Resolution, a proof in Natural Deduction consists of a collection
of formulas, in some order, each with a justification.
It has some contrasts, however.
It does a direct proof, rather than a refutation.
Assumptions (formulas without a justification) play a crucial role.
Using an assumption creates a sub-proof.
Formulas inside a sub-proof may not be used outside it.

An inference rule may refer to a completed sub-proof.
We use the same notation as before for existence of a proof. If there
is a proof of a formula from a set of assumptions, we write
`ND
or simply
Natural Deduction
Introduction
` .
108/241
The Basic Rules of Natural Deduction

The simplest rule is, if you have a formula in the proof already, you
may write it down again. This is called reflexivity.
We will write NDs rules in the following format:
Name
Reflexivity,
or Premise
`-notation
inference notation
{} `
The notation on the right is as we had before (on slide 82): if we

have the formula above the line available, we may write the formula
below the line in the proof.
The version in the center reminds us of the role of assumptions in
Natural Deduction. Other rules will make more use of it.
Natural Deduction
Basic Rules
109/241
A First Example
Recall the format of a proof from slides 80-82. For Natural Deduction
each line is identified with a line number,
followed by the formula,
followed by the justification.
Here is a proof of p, q ` p.
1. p
Premise
2. q
Premise
3. p
Reflexivity: 1
Alternatively, we could simply write

1. p
Premise
and be done.
Note: extra formulas never hurt anything.
Natural Deduction
Basic Rules
110/241
Rules for Conjunction: i

Each connective symbol has an introduction rule to conclude
formulas that contain it, and an elimination rule to conclude a
formula that removes it from an earlier formula.
We start with the -introduction rule.
Name
-introduction
(i)
`-notation
If ` and ` ,
then `
inference notation

Rule i means
If each of the formulas and already appear in the proof,
then we may write the formula as the next formula of
the proof.
Natural Deduction
Conjunction Rules
111/241
Rules for Conjunction: e
The -elimination rule basically undoes the -introduction rule.

Name
-elimination
(e)
`-notation
If ` ,
then ` and `
inference notation
Rule e means
If the formula already appears in the proof, then we
may write either or as the next formula of the proof.
Natural Deduction
Conjunction Rules
112/241
Example: Conjunction Rules

Example.
Show that p q ` q p.
1. p q
Premise
2. q
e: 1
3. p
e: 1
4. q p
i: 2, 3
Explanation
The second line of the proof is saying that the formula q was
obtained by applying the e rule to the formula that appears on

line 1 of the proof.
The same line/formula (e.g. line 1) can be referenced multiple
times (e.g. in lines 2 and 3).

Natural Deduction
Conjunction Rules
113/241
Example: Conjunction Rules (2)
Example. Show that p q, r ` q r.

1. p q
Premise
2. r
Premise
3. q
e: 1
4. q r
i: 3, 2
Explanation
The premise (or premises) are listed first.
The final formula is the conclusion.
Natural Deduction
Conjunction Rules
114/241
Rules for Implication: e

The -elimination rule requires two formulas earlier in the proof.
Name
-elimination
(e)
`-notation
If ` and ` ,
then `
inference notation
In words:
If each of the formulas and already appear in the
proof, then you may conclude .
This rule is sometimes referred to its Latin name, modus ponens.

(Rumours that modus ponens is the Latin equivalent of Duh! are untrue, however well justified.)
Natural Deduction
Implication Rules
115/241
Rules for Implication: i

The -introduction rule is our first to employ a sub-proof.
Name
`-notation
-introduction
(i)
If {} ` ,
then `
inference notation
..
..
The rule uses the formula as a hypothesis or assumption. The

assumption functions as a premise in the sub-proof, but it is not a
premise of the main proof.
The box around the sub-proof of {} ` reminds us that
nothing inside the sub-proof may come out (analogous to local
variables in a functions scope).
Outside of the sub-proof, we may use only the whole sub-proof, in a
rule (like -introduction) that specifies a sub-proof.
Natural Deduction
Implication Rules
116/241
Sub-Proof Rules
To use rule i, we must have a completed sub-proof.
Assumption Rule
A sub-proof may be opened at any point.
Its first line, labelled assumption, may be any formula.
Sub-proof Closure Rules

The most-recently opened sub-proof may be closed at any time.
No formula inside a closed sub-proof may be referenced outside
the closed sub-proof.

Once it is closed, only the entire sub-proof may be used.
Every sub-proof must be closed before the last line of the proof.
Because of the very specific format of the sub-proof (e.g. the

assumption at the beginning and the conclusion at the end for
the -introduction rule) you may have to use the reflexivity rule.
Natural Deduction
Implication Rules
117/241
Example: Rule i and sub-proofs

Example. Give a proof of
p q, q r ` p r.
To start, we write down the premises at the beginning, and the

conclusion at the end.
1.
pq
Premise
2.
qr
Premise
pr
What next?
???
Natural Deduction
Implication Rules
118/241

p q, q r ` p r.

1.
pq
Premise
2.
qr
Premise
3.
Assumption
What next?
The goal p r contains .
Lets try rule i. . .
4.
5.
6.
pr
i: ??
Natural Deduction
Implication Rules
118/241

p q, q r ` p r.

What next?
1.
pq
Premise
2.
qr
Premise
3.
Assumption

4.
5.
e: 2, 4
Inside the sub-proof, we can

use rule e.
6.
pr
i: ??
Natural Deduction
Implication Rules
118/241

p q, q r ` p r.

1.
pq
Premise
2.
qr
Premise
3.
Assumption
4.
e: 1, 3
5.
e: 2, 4
6.
pr
What next?
Inside the sub-proof, we can
use rule e.
i: 35
Done!
Note the use of the range 3-5 on line 6 to specify the beginning and
the end of the sub-proof.
In order to conclude p r on line 5 the box must begin with p (line
3) and end with r (line5).
Natural Deduction
Implication Rules
118/241
Rules of Disjunction: i and e

The -introducton rule is much like the -introduction rule;
however, the -elimination rule is more complicated.
Name
-introduction
(i)
-elimination
(e)
`-notation
If ` ,
then `
and `
If , 1 `
and , 2 ` ,
then
, 1 2 `
inference notation
1
..
..
1 2
2
..
..
For the -elimination rule, if you have 1 2 and you can show
both that 1 implies and that 2 implies , then you can conclude
.
Rule e is also known as proof by cases.
Natural Deduction
Disjunction Rules
119/241
Example: -Introduction and -Elimination

Example: Show that p q ` (p q) (q p).
1.
pq
Premise
2.
Assumption
3.
Assumption
4.
Reflexivity: 2
5.
qp
i: 34
6.
(p q) (q p)
i: 5
7.
Assumption
8.
Assumption
9.
Reflexivity: 7
10.
pq
i: 89
11.
(p q) (q p)
i: 10
12.
(p q) (q p)
e: 1, 26, 711
Natural Deduction
Disjunction Rules
120/241
Example: -Introduction and -Elimination

The overall format of the proof on the previous slides is an
-elimination.
The premise, p q, is stated on line 1.
The sub-proof for p implies (p q) (q p) runs from line 2 to 6.
The sub-proof for q implies (p q) (q p) runs from line 7 to 11.
Line 4 uses an assumption outside and prior to the box around lines
3 to 4.
Since line 3 is the beginning of a sub-proof, any formula can be the
assumption.
Since the first line in the box (line 3) is p and the last line in the box
(line 4) is q, the conclusion for this sub-proof is p q.
A very similar sub-proof happens in lines 7 to 11, except here the
assumption is q.
All the rules on slide 117 are followed.
Natural Deduction
Disjunction Rules
121/241
Negation
We shall treat negation by considering contradictions, such as
( ()).
The notation , sometimes called bottom or contradiction will be
used to represent any contradiction.
It may appear in proofs as if it were a formula.
The -elimination rule (a.k.a the -introduction rule).
Name
-introduction, or
-elimination (e)
`-notation
, , `
inference notation
The -elimination rule means

The formulas and cannot both be trueto have each
as a line in a proof means there is a contradiction.
Natural Deduction
Negation
122/241
Negation Introduction (i)
The -introduction rule also uses a sub-proof.

Name
`-notation
-introduction
(i)
If , ` ,
then `
inference notation
..
..
In words:
If the assumption of a sub-proof, , leads to a contradiction,
then derive .
Natural Deduction
Negation
123/241
Example: Negation
Example. Show that ` .
Natural Deduction
Negation
124/241
Example: Negation
1.
Natural Deduction
Premise
??
Negation
124/241
Example: Negation
1.
Premise
2.
Assumption
3.
4.
5.
Natural Deduction
??
i: 2?
Negation
124/241
Example: Negation
1.
Premise
2.
Assumption
3.
e: 1, 2
4.
5.
Natural Deduction
??
i: 2?
Negation
124/241
Example: Negation
1.
Premise
2.
Assumption
3.
e: 1, 2
4.
e: 2, 3
5.
i: 24
An assumption is made on the first line of the sub-proof (line 2).

A contradiction is reached at the end of the sub-proof (line 4).
So the negation of the assumption is derived on line 5.
Natural Deduction
Negation
124/241
Double-Negtion Elimination
The -elimination rule deals with a pair of negation symbols.

Name
-elimination
(e)
`notation
If ` ,
then `
inference notation
In words:
Two adjacent negation connectives can cancel each other
out.
Natural Deduction
Negation
125/241
Contradiction Elimination
The -elimination rule specifies what can be derived if there is a
contradiction.
Contradiction Elimination:
Name
`-notation
-elimination
(e)
If ` ,
then `
inference notation
In words:
Any formula, can be derived from a contradiction.
Natural Deduction
Negation
126/241
A Redundant Rule
Although the -elimination is quite useful is not actually needed.
Since it can be derived from other rules it is called a derived rule.
Suppose a proof has
We can replace line 28 by
27.
some rule
28.
e: 27.
27.
some rule
28.
Assumption
29.
Reflexivity: 27
30.
i: 2829
31.
e: 30.
Line 28 in the first proof can be replaced by lines 28 to 31 in the

second proof.
Thus any proof that uses e can be modified into a proof that does
not use it.
Natural Deduction
Negation
127/241
Example: Modus tollens

The principle of modus tollens: p q, q ` p.
Natural Deduction
Negation
128/241

1.
pq
Premise
2.
Premise
??

MT
Natural Deduction
Negation
128/241

1.
pq
Premise
2.
Premise
3.
Assumption
5.
??
6.
i: ??
4.

MT
Natural Deduction
Negation
128/241

1.
pq
Premise
2.
Premise
3.
Assumption
4.
e: 3, 1
5.
??
6.
i: ??

MT
Natural Deduction
Negation
128/241

1.
pq
Premise
2.
Premise
3.
Assumption
4.
e: 3, 1
5.
e: 2, 4
6.
i: 35
Modus tollens is sometimes taken as a derived rule:

MT
Natural Deduction
Negation
128/241
Derived Rules
Whenever we have a proof of the form ` , we can consider it as a
derived rule:
If we use this in a proof, it can be replaced by the original proof of

` .
The result is a proof using only the basic rules.
On the previous slide, with the set of rules = {e, e, i} we
derived the modus tollens rule.
Using derived rules does not expand the formulas that can be
proved. But they can make it easier to find and present a proof.
Natural Deduction
Negation
129/241
Some Useful Heuristics

Ideas to construct a proof:
1. Start with the premises at the top and the conclusion at the
bottom.
2. If you can apply an elimination rule to premises, do so.
(In the case of -elimination, open two sub-proofs.)
3. Next, work backwards from the end. If your target formula has a
connective, try its introduction rule.
This will yield a new target. Repeat steps 2 and 3 with the new
target, until you reach premises and/or available assumptions.
4. Treat a subproof as if it were a full proof (with a new premise).
Sometimes these ideas will lead you to a proof; sometimes they will
not.
If not, try something else instead of an introduction rule (idea 3).
Sometime nothing works. Take a break, and perhaps try again later.
Natural Deduction
Additional Examples and Techniques
130/241
Further Examples of Natural Deduction

Example. Show that p q ` (r p) (r q).
Write down premises and conclusion (step 1).
No elimination applies (step 2). Thus try i (step 3).
1.
pq
Premise
(r p) (r q)
??
Natural Deduction
131/241

In the sub-proof, try -elimination on the assumption
(step 2).
1.
pq
Premise
2.
rp
Assumption
rq
??
(r p) (r q)
??
9.
Natural Deduction
131/241

No elimination applies from the assumptions (step 2).
What about -introduction for the conclusion (step 3)?
1.
pq
Premise
2.
rp
Assumption
3.
Assumption
4.
rq
??
5.
Assumption
7.
rq
??
8.
rq
e: ??
9.
(r p) (r q)
i: 28
6.
Natural Deduction
131/241

It works!
1.
pq
Premise
2.
rp
Assumption
3.
Assumption
4.
rq
i: 3
5.
Assumption
6.
e: 5, 1
7.
rq
i: 6
8.
rq
e: 2, 34, 57
9.
(r p) (r q)
i: 28
Natural Deduction
131/241
Lifes Not Always So Easy. . .
Example. Show that

` (p q) p p.
1.

(p q) p p
Natural Deduction
Try i. . .
132/241
Example. Show that

` (p q) p p.
1.
(p q) p
5.
6.

(p q) p p
Natural Deduction
Assumption
Try i. . .
132/241
Example. Show that

1.

` (p q) p p.
(p q) p
Assumption
No elimination applies.
2.
3.
4.
?????
5.
6.
No connective.
(p q) p p
Natural Deduction
Try i. . .
132/241
Example. Show that

1.

` (p q) p p.
(p q) p
Assumption
No elimination applies.
2.
3.
4.
?????
5.
6.
No connective.
(p q) p p
Try i. . .
Time to try something ingenious. . . .
Natural Deduction
132/241
Some Common Derived Rules

Proof by contradiction (reductio ad absurdum):
if , `, then ` .
The Law of Excluded Middle (tertiam non datur):
`
Double-Negation Introduction:
if ` then `
You can try to prove these yourself, as exercises.

Hint: in the first two, the last step uses rule e: ` .
Or see pages 2426 of Huth and Ryan.
Natural Deduction
133/241
Soundness and
Completeness
of Natural Deduction
Natural Deduction
Soundness and Completeness
134/241
Soundness and Completeness of Natural

Deduction
As with Resolution, we want Natural Deduction to be both sound and
complete.
Soundness of Natural Deduction means that the conclusion
of a proof is always a logical consequence of the premises.
That is,
if `ND , then |= .
Completeness of Natural Deduction means that all logical
consequences in propositional logic are provable in Natural
Deduction. That is,
if |= , then `ND .
Natural Deduction
135/241
Proof of Soundness
To prove soundness, we use induction on the length of the proof:
For all deductions ` which have a proof of length n or
less, it is the case that |= .
That property, however, is not quite good enough to carry out the
induction, because of the issue of open sub-proofs.
We actually use the following property of a natural number n.
Suppose that a formula appears at line n of a partial
deduction, which may have one or more open sub-proofs.
Let be the set of premises used and be the set of
assumptions of open sub-proofs. Then |= .
Natural Deduction
136/241
Basis of the Induction

Base case. The shortest deductions have length 1, and thus are
either
1.
Premise.
or
1.
Assumption.
We have either (in the first case), or (in the second case).
Thus |= , as required.
Natural Deduction
137/241
Proof of Soundness: Inductive Step

Inductive step. Hypothesis: the property holds for each n < k; that
is,
If some formula appears at line k or earlier of some partial
deduction, with premises and un-closed assumptions ,
then |= .
To prove: if 0 appears at line k + 1, then 0 |= 0
(where 0 = 0 when 0 is an assumption, and 0 = otherwise).
Formula 0 must have a justification by some rule. We shall consider

each possible rule.
Natural Deduction
138/241
Inductive Step, Case I

Case I: 0 was justified by i.
We must have 0 = 1 2 , where each of 1 and 2
appear earlier in the proof, at steps m1 and m2 ,
respectively. Also, any sub-proof open at step m1 or m2 is
still open at step k + 1.
Thus the induction hypothesis applies to both; that is,
|= 1 and |= 2 .
By the definition of |=, this yields |= 0 , as required.
I.e. a valuation that makes true is also making 1
evaluate to T and 2 evaluate to T, so it is making the
formula 1 2 evaluate to T.
Natural Deduction
139/241
Inductive Step, Case II
Case II: 0 was justified by i.

We must have 0 = 1 2 and there is a closed sub-proof
with assumption 1 and conclusion 2 , ending by step k.
Also, any sub-proof open before the assumption of 1 is still
open at step k + 1.
The induction hypothesis thus implies ( 1 ) |= 2 .
Hence |= 1 2 , as required.
Natural Deduction
140/241
Inductive Step, Cases III ff.

Case III: 0 was justified by e.
This is not the case when a contradiction occurs inside a
sub-proof and so we negate the assumption.
We must have 0 be the pseudo-formula , and that the
proof contain formulas and for some , each using at
most k steps.
By the induction hypothesis, both |= and |= .
Thus is contradictory, and |= 0 for any 0 .
Cases IVXIII:
The other cases follow by similar reasoning.
This completes the inductive step, and the proof of soundness.
Natural Deduction
141/241
Completeness of Natural Deduction

We now turn to completeness.
Formally, completeness means the following.
Let be a set of formulas and be a formula.
If |= , then ` .
That is, every consequence has a proof.
How can we prove this?
Natural Deduction
Proof of Completeness
142/241
Proof of Completeness: Getting started
Suppose that |= , where = {1 , 2 , . . . , m }.

Thus the formula (1 2 . . . m ) is a tautology.
Lemma. Every tautology is provable in Natural Deduction.
Once we prove the Lemma, the result follows. Given a proof of
(1 2 . . . m ) , one can use i and e to complete a
proof of ` .
Natural Deduction
143/241
Tautologies Have Proofs

For a tautology, every line of its truth table ends with T.
We can mimic the construction of a truth table using inferences in
Natural Deduction.
Claim. Let have k variables p1 , . . . , pk . Let be a
valuation, and define 1 , 2 , . . . , k as
p
if (p ) = T
=
p if (p ) = F.
If = T, then {1 , . . . k } ` , and
if = F, then {1 , . . . k } ` .
To prove the claim, use structural induction on formulas
(which is induction on the column number of the truth table).
Once the claim is proven, we can prove a tautology as follows. . . .
Natural Deduction
144/241
Outline of the Proof of a Tautology

1.
p1 p1
L.E.M.
2.
p2 p2
L.E.M.
..
.
k.
k + 1.
m + 1. p1
pk pk
L.E.M.
p1
assumption
p2
assumption
..
.
n.
..
.
assumption
e: 1, (k + 1)m,
(m + 1)n
p2
assumption
..
.
m.
e: 2, . . .
Natural Deduction
Once each variable is

assumed true or false, the
previous claim provides a
proof.
145/241
Proving the Claim

Hypothesis: the following hold for formulas and :
If {1 , . . . , k } |= , then {1 , . . . , k } ` ;
If {1 , . . . , k } 6|= , then {1 , . . . , k } ` ;
If {1 , . . . , k } |= , then {1 , . . . , k } ` ; and
If {1 , . . . , k } 6|= , then {1 , . . . , k } ` .
If {1 , . . . , k } |= , put the two proofs of and together, and
then infer , by i.
If {1 , . . . , k } 6|= (and thus {1 , . . . , k } |= and
{1 , . . . , k } 6|= ),
Prove and .
Assume ; from it, conclude (e) and then (e).
From the sub-proof, conclude ( ), by i.
The other cases are similar.

Natural Deduction
146/241
First-Order Predicate Logic
First-Order Logic
147/241
What Propositional Logic Cannot Express

Recall: Propositional logic deals with logical forms of compound
propositions. It works well with relationships like not, and, or,
if/then.
A proposition is a declarative sentence that is either true or
false.
A compound proposition was made up of
propositional variables, e.g. p, q, r
connectives, e.g. , , ,
punctuation, e.g. (, )
We would like to have a way to talk about

individuals (also called objects) and
some object and all objects, without enumerating all objects in a
set.
This requires extensions to Propositional Logic.
First-Order Logic
Introduction and Motivation
148/241
Some Example Statements

Some example statements:
Not all birds can fly.
Every student is younger than some instructor.
These statements refer to things: birds, students, instructors. They
also refer to properties of things, either as individuals (ability to fly)
or in combination (relative age).
We would like to make such statements in our logic and to combine
them with the connectives of propositional logic.
Statements like those above require a context or world to be

meaningful.
First-Order Logic
149/241
Informal Introduction to Predicate Logic

We shall briefly discuss some contexts for predicate logic.
Arithmetic (the inspiration for formal predicate logic).
The blocks world (a classical AI example).
Graphs (a ubiquitous concept in CS).
Databases (the applied CS version of predicate logic).
In each, we shall see the following ingredients.

Domains: the set of objects; also called the universe.
Constants: objects with specific names.
Relations: properties of objects, alone or in combination.
Functions: association of objects to others.
First-Order Logic
150/241
Arithmetic, Etc.
In arithmetic, we have several possible domains, e.g.
N: The natural numbers
Z: The integers
Q: The rationals
Integers modulo n
Over these, we have predicates (or relations):

<: Less than
Has a square root
...
Recall, from English grammar, that a declarative sentence has a

subject and a predicate (which states something about the subject).
We also have functions such as: +, , , .

A sample formula: y(y < ) .
First-Order Logic
151/241
A Classic AI Example: Blocks Worlds

A blocks world consists of a set of blocks, and a table.
Each block may be on the table, or on one of the other blocks.
Each block may have a colour.
In the picture, there are three blocks.

B1
Two of them are blue (vertical stripes) and

one is red (diagonal stripes).
1111111111
0000000000
000000000
111111111
0000000000
1111111111
000000000
111111111
0000000000
1111111111
B3
000000000
111111111
0000000000
1111111111
000000000
111111111
0000000000
1111111111
000000000
111111111
0000000000
1111111111
11111
00000
00000
11111
00000
11111
0000
1111
00000
11111
0000
1111
00000
11111
0000
1111
00000
11111
0000
1111
00000
11111
0000
1111
00000
11111
0000
1111
00000
11111
0000
1111
00000
11111
0000
1111
B2
11111111
00000000
00000000
11111111
00000000
11111111
00000000
11111111
The domain (i.e. the set of objects) is {B1, B2, B3}.

We can describe this world with relations:
On, OnTable, Red, Blue, . . . .
First-Order Logic
152/241
Describing a Blocks World
The domain {B1, B2, B3} is a finite set.

Therefore, we can list all of the properties, in various ways:
OnTable(B1), OnTable(B2), OnTable(B3).
On:
B1 B2 B3
B1
F
F
F
B2
F
F
F
B3
T
F
F

The set b | Be(b) of blue boxes is {B2, B3}.
First-Order Logic
153/241
Properties in the Blocks World

Some properties are fundamental to the world.
No block is on itself"

(On(, )) .
A block on the table is not on any block:

OnTable() ( y On(, y) )
.
Some properties depend on the situation.
Every
red block has a block
on it:

Red() y On(y, ) .
Some block is on a block that is on the table:

y On(, y) OnTable(y)
.
First-Order Logic
154/241
Graphs
A graph is a binary relation.
A finite graph:
An infinite graph:
y
4
3
2
1 2 3 4 5

(The set , y | y = 1 + / 2 ).
A graph is undirected if the relation is symmetric; i.e., the formula

y E(, y) E(y, )
holds, i.e. for every vertex and y if there is an edge from to y
then there is an edge from y to .
First-Order Logic
155/241
Relational Databases
A relational database is a listing of one or more relations.
Example:
Person: The people (or their names).
NumberOf : An association between people and their phone
numbers, NumberOf (, y) means the phone number of person

is y.
Here the domain contains both people and phone numbers the
objects about which we have relations.
A sample statement: There exists a person who does not have a
phone number.

Person() ( y(NumberOf (, y) ) .
First-Order Logic
156/241
A Conundrum
Consider the statement, Only people have phone numbers.
How shall we represent it as a logical formula?
Whenever and y satisfy NumberOf (, y), then is a person.

y NumberOf (, y) Person()
.
Whenever has some phone number y, then is a person.

y NumberOf (, y) Person() .
Using equivalences for and for ( z ), they are equivalent
respectively to

y (NumberOf (, y)) Person()
and to

( y NumberOf (, y) ) Person() .
First-Order Logic
157/241
Domains
We now turn to general definitions.
A domain is a non-empty set. In principle, any non-empty set can be

a domain: e.g. the natural numbers, people now alive, {T, F}, etc.
A constant symbol refers to an object in the domain; e.g., 1, Justin
Trudeau, block B1, etc.
First-Order Logic
Concepts of First-Order Logic
158/241
Predicates/Relations
A predicate, or relation, represents a property that an individual, or
collection of individuals, may (or may not) have. In English, we
might express a predicate as
is a student.
In symbolic logic, we write S() to mean has property S.

Examples
If S is the property of being a student then Alex is a student
becomes S(Alex).
If is the property of being an instructor then Sam is an
instructor becomes (Sam).

Similarly we could use Y(Alex,Sam) to mean Alex is younger
than Sam.
First-Order Logic
159/241
Representing Relations
Mathematically, we represent a relation by the set of all things that
have the property.
E.g. if S is the set of all students, then S means is a student.
The only restriction on a relation is that it must be a subset of the
domain.
A k-ary relation is a set of k-tuples of domain elements. For
example, the binary relation less-than, over a domain D, is
represented by the set

, y D 2 | < y .
E.g., the On relation in the sample blocks world has just one pair:
{B3, B1}.
In a relational database, the listing of such a set is called a table.
First-Order Logic
160/241
Variables
Variables make statements more expressive.
You may think of a variable as a place holder or blank, that can be
replaced by a concrete object.
Alternatively, a variable is a name without a fixed referent (the
object the name refers to). The referent can vary from time to time.
A variable lets us refer to an object, without specifyingperhaps
without even knowingwhich particular object it is. Thus we can
express a relation in the abstract.
S():
is a student
():
is an instructor
Y(, y): is younger than y
First-Order Logic
161/241
Uses of Variables
In general, we use variables that range over the domain to make
general statements, such as
2 0 ,
and in expressing conditions which individuals may or may not
satisfy, such as
+ = .
This latter condition is satisfied by only two numbers: 0 and 2.
The meaning of such an expression will depend on the domain.
For example, the formula 2 < is always false over the domain of
integers, but not over the domain of rational numbers.
First-Order Logic
162/241
Quantifiers
What about Every student is younger than some professor y?
In math-speak, we say for all to express every and there exists to
express some.
A familiar(?) example from calculus:
For all > 0, there exists > 0 such that for all y,
if | y| < then | () (y)| < .
For all is denoted by , the universal quantifier symbol, and
there exists is denoted by , the existential quantifier symbol.
In First Order Logic (FOL), the above comes out as the formula

> 0 > 0 y(| y| < | () (y)| < ) .
First-Order Logic
163/241
Quantifiers: Examples
Quantifiers require a variable: (for all ) or z (there exists z).
For example, the statement Not all birds can fly can be written as
( (B() F())) .
Every student is younger than some instructor can become

(S() (y((y) Y(, y)))) .
Or should that be y ((y) (S() Y(, y))) ?
These two formulas are NOT equivalent!
First-Order Logic
164/241
Syntax of Predicate Logic
Syntax of First-Order Logic
165/241
The Language of First-Order Logic

There are seven kinds of symbols:
1.
2.
3.
4.
5.
6.
7.
Constant symbols
Variables
Function symbols
Predicate symbols
Connectives
Quantifiers
Punctuation
Usually c, d, c1 , c2 , . . . , d1 , d2 . . .
Usually , y, z, . . . 1 , 2 , . . . , y1 , y2 . . .
Usually , g, h, . . . 1 , 2 , . . . , g1 , g2 , . . .
P, Q, . . . P1 , P2 , . . . , Q1 , Q2 , . . .
, , ,
and
(, ), , and ,
Function symbols and predicate symbols have an assigned aritythe

number of arguments required. E.g. P() is unary, Q(, y) in binary
and R(t1 , . . . , tn ) is an n-ary predicate.
The first four kindsconstants, variables, functions, and
predicatesare not restricted. They may be assigned any meaning,
consistent with their kind and arity (e.g. unary, binary, etc).
The last three kinds of symbolsconnectives, quantifiers, and
punctuationwill have their meaning fixed by the syntax and
semantics of First-Order Logic.
166/241
Terms
In FOL, we need to consider two kinds of expressions:
those that can have a truth value, called formulas, and
those that refer to an object of the domain, called terms.
We start with terms.

Definition. The set of terms is defined inductively as follows.
1. Each constant symbol is a term, and each variable is a term.
Such terms are called atomic terms.
2. If t1 , . . . , tn are terms and is an n-ary function symbol,
then (t1 , . . . , tn ) is a term. If n = 2 (a binary function symbol),
we may write (t1 t2 ) instead of (t1 , t2 ).
E.g. we can write +(t1 , t2 ) as (t1 + t2 )
3. Nothing else is a term.
167/241
Examples of Terms
Example 1. If 0 is a constant symbol, and y are variables, and s(1)
and + (2) are function
symbols, then 0, , and y are terms, as are
s(0) and + , s(y) .
The expressions s(, y) is not a term since s is a unary function
symbol.
The expression s + is not a term since s is a unary function symbol.
Example 2. Suppose is a unary function symbol, g is a binary
function symbol, and is a constant symbol.

Then g( (), ) and g , () are terms.

The expressions g() and (), are not terms.
168/241
Atomic Formulas
As in propositional logic, a formula represents a proposition (a
true/false statement).
Relation symbols produce propositions.
Definition: An atomic formula (or atom) is an expression of the
form
P(t1 , . . . , tn )
where P is an n-ary relation symbol and each t is a term (1 n).
If P has arity 2, the atom P(t1 , t2 ) may alternatively be written
(t1 P t2 ).
E.g. < (t1 , t2 ) can be written as (t1 < t2 ).
169/241
General Formulas
We define the set of well-formed formulas of first-order logic
inductively as follows.
1. An atomic formula is a formula.
2. If is a formula, then () is a formula.
3. If and are formulas, and ? is a binary connective symbol,
then ( ? ) is a formula.
4. If is a formula and is a variable,
then each of ( ) and ( ) is a formula.
5. Nothing else is a formula.
In case 4, the formula is called the scope of the quantifier.
The quantifier keeps the same scope if it is included in a larger
formula.
170/241
Parse Trees
Parse trees for FOL formulas are similar to parse trees for
propositional formulas.
Quantifiers and y form nodes is the same way as negation
(i.e., only one sub-tree).

A predicate P(t1 , t2 , . . . , tn ) has a node labelled P with a sub-tree
for each of the terms t1 , t2 , . . . , tn .
171/241
Examples: Parse trees
Example: (((P() Q()) S(, y))).
172/241
Example: (((P() Q()) S(, y))).

Example: ((F(b) (y(z(G(y, z) H(, , y))))))
172/241
Example: (((P() Q()) S(, y))).

Example: ((F(b) (y(z(G(y, z) H(, , y))))))
Ordinarily, one would omit many of the parentheses in the second
formula, and write simply

F(b) y z G(y, z) H(, , y)
.
172/241
Semantics: Interpretations
We shall cover more about syntax later, but we first start the
discussion of semantics.
Definition: Fix a set L of constant symbols, function symbols, and
relation symbols.
An interpretation I (for the set L) consists of
A non-empty set dom(I), called the domain (or universe) of I.
For each constant symbol c, a member cI of dom(I).
For each function symbol () , an -ary function I .
For each relation symbol R() , an -ary relation RI .
Huth and Ryan use the term model instead of interpretation, which
is not a standard usage.
E.g. if L = {, (2) , R(1) } then the domain could be the natural
numbers, could be the constant 0, could be addition, and R could
be the set of prime numbers.
Variable-free semantics
173/241
Values of Variable-Free Terms

For terms and formulas that contain no variables or quantifiers, an
interpretation suffices to specify their meaning. The meaning arises
in the obvious(?) fashion from the syntax of the term or formula.
Definition: Fix an interpretation I. For each term t containing no
variables, the value of t under interpretation I, denoted t I , is as
follows.
If t is a constant c, the value t I is cI .
If t is (t1 , . . . , tn ), the value t I is I (t I , . . . , t I ).
1
n
The value of a term is always a member of the domain of I.

E.g. for the interpretation on the previous slide, if t is the constant
then the value t I is I which is 0. If t is (t1 , t2 ), the value t I is
I (t1I , t2I ) which is +(t1 , t2 ) which can also be written is (t1 + t2 ).
174/241
Formulas with Variable-Free Terms

Formulas get values in much the same fashion as terms,
except that values of formulas lie in {F, T}.
Definition: Fix an interpretation I. For each formula containing no
variables, the value of under interpretation I, denoted I , is as
follows.
If is R(t1 , . . . , tn ), then
(
I =
T if t1I , . . . , tnI RI
F otherwise.
E.g. if is PrmeNmber(t1 ) then is true if t1 is a prime

number.
If is () or ( ? ), then I is determined by I and I in the
same way as for propositional logic.
175/241
Examples
Let 0 be a constant symbol, (1) a function
symbol
and E(1) a

relation symbol. Thus E (0) and E (0) are both formulas.
Consider an interpretation I with
Domain:
0I :
I:
EI :
N, the natural numbers

zero

successor; , + 1 | N
is even; 2y | y N
I
Terms get numerical values: (0)I is 1 and (0) is 2.

I
Formula E (0) means 1 is even, and E (0) = F.

I
Formula E (0) means 2 is even, and E (0)
= T.
What about some other interpretation?

176/241
Example, Continued
Let J be the interpretation with
Domain:
0J :
J :
EJ :
Q, the rational numbers

two

halving; , / 2 | Q

is an integer; | Z

J
E (0) means 1 is an integer, and E (0)
is T.

J
E (0) means 1/2 is an integer, and E (0)
is F.

Exercise: in both I and J , the formula E (0) E (0) receives
value F. Find another interpretation which gives it the value T.
177/241
Gotchas
Two often-overlooked points about interpretations.
1. There is NO default meaning for relation, function or constant
symbols.
1 + 2 = 3 might mean that one plus two equals threebut only
if we specify that interpretation. Any interpretation of constants
1, 2, and 3, function symbol + (2) and relation symbol =(2) is
possible.
2. Functions must be defined at every point in the domain.
(I.e., they must be total.)
If we have language with a binary function symbol , we
cannot specify an interpretation with domain N and subtraction
for . Subtraction is not total on N.
178/241
Variables
To discuss the evaluation of formulas that contain variables, we

need a few more concepts from syntax.
We shall discuss
bound and free variables,
substitution of terms for variables.
Syntax, Continued
Free and Bound Variables
179/241

Recall: the scope of a quantifier in a sub-formula or is the
formula .
An occurrence of a variable in a formula is bound if it lies in the
scope of some quantifier of the same variable; otherwise it is free.
In other words, a quantifier binds its variable within its scope.
Example. In formula y( + y = z), is bound (by ), y is bound
(by y), and z is free.
Example. In formula P() Q(), the first occurrence of is
free and the last occurrence of is bound.
(The variable symbol immediately after or is neither free nor bound.)
Syntax, Continued
180/241

Formally, a variable occurs free in a formula if and only if it is a
member of the set FV(), i.e. free variables in defined as follows.

1. If is P(t1 , . . . , tk ), then FV() = | appears in some t .
2. If is (), then FV() = FV().
3. If is ( ? ), then FV() = FV() FV().
4. If is Q (for Q {, }), then FV() = FV() {}.
In summary: a formula has the same free variables as its parts,

except that a quantified variable becomes bound.
A formula with no free variables is called a closed formula, or a

sentence.
Syntax, Continued
181/241
Substitution
The notation [t/ ], for a variable , a term t, and a formula ,
denotes the formula obtained from by replacing each free
occurrence of with t. Intuitively, it is the formula that answers the
question,
What happens to if has the value specified by term t?
Examples.

If is the formula E () , then [y + y/ ] is E (y + y) .

[ ()/ ] is E () .

E ( + y) [y/ ] is E (y + y) .
Substitution does NOT affect bound occurrences of the variable.

If is E( ()) S(, y) , then [g(, y)/ ] is ,
because has no free occurrence of .
Syntax, Continued
Substitution
182/241
Examples: Substitution

Example 1: Let be P(, y) R(, y) .
Formula could be interpreted as If is a parent of y, then is a

relative of y.
What is [z/ y]? It is P(, z) R(, z).
This could be interpreted as If is a parent of z then is a relative
of z.
Here the substitution does not change the meaning. It does not
matter if you use y or z.
Syntax, Continued
Substitution
183/241
Examples: Substitution
Example 2: Let be y (y > ).
Formula could be interpreted as There exists a y such that y is
greater than .
What about [y/ ]?
Is it y (y > y)?
There is a problem.
Formula could now be interpreted as There exists a y such that y

is greater than y.
The free variable in the term (y > ) got captured by the
quantifier y.
Here the substitution changes the meaning. It matters whether you
use or y. We want to avoid this capture.
Syntax, Continued
Substitution
184/241
Avoiding Capture

Example. Formula = S() y P() Q(y) ; term t = (y, y).
The leftmost can be substituted by t since it is not in the scope of

any quantifier, but substituting in P() puts the variable y into the
scope of y.
We can prevent capture of variables in two ways.
1. Declare that a substitution is undefined in cases where capture
would occur.
One can often evade problems by a different choice of variable.
(Above, we might be able to substitute (z, z) instead of (y, y).
Or alter to quantify some other variable.)
2. Write the definition of substitution carefully, to prevent capture.
Huth and Ryan opt for the first method. We shall use the second.
Syntax, Continued
Substitution
185/241
SubstitutionFormal Definition
Let be a variable and t a term.
For a term , the term [t/ ] is with each occurrence of the
variable replaced by the term t.
For a formula ,

1. If is P(t1 , . . . , tk ), then [t/ ] is P t1 [t/ ], . . . , tk [t/ ] ,
i.e. apply the substitution to each term in the predicate.
2. If is (), then [t/ ] is ([t/ ]),

i.e. apply the substitution to the subformula .
3. If is ( ? ), then [t/ ] is ([t/ ] ? [t/ ]),
i.e. apply the substitution to the two subformulas and .
4. . . .
(Continued next page. . . )
Syntax, Continued
Substitution
186/241
SubstitutionFormal Definition (2)

For variable , term t and formula :
..
.
4. If is (Q ), then [t/ ] is ,
i.e. if is a bound variable then do not substitute it.
5. If is (Qy ) for some other variable y, then
(a) If y does not occur in t, then [t/ ] is (Qy [t/ ]),
i.e. if no variable in t is captured, then apply the substitution to the
subformula .
(b) Otherwise, select a variable z that occurs in neither nor t;
then [t/ ] is (Qz ([z/ y])[t/ ]),
i.e. prevent capture by renaming the quantified variable, i.e. y, to
something harmless, e.g. z
Huth and Ryan specify that the substitution is undefined if capture

would occurcase 5(b) above. With this more complex definition,
one never has to add a condition regarding undefined substitutions.
Substitution always behaves the way it should.
Syntax, Continued
Substitution
187/241
Example, Revisited
Example. If is y + y = z, what is [(y 1)/ z]?
This falls under case 5(b): the term to be substituted, namely y 1,
contains a variable y quantified in formula .
Let be + y = z; thus is y .
Syntax, Continued
Substitution
188/241
Example, Revisited
Example. If is y + y = z, what is [(y 1)/ z]?
This falls under case 5(b): the term to be substituted, namely y 1,
contains a variable y quantified in formula .
Let be + y = z; thus is y .
1. Select a new variable, say .
2. Then substitute it for the variable y bound in i.e.
[/ y]
is
+ = z,
3. and then do the required substitution [(y 1)/ z],

[/ y][(y 1)/ z]
is
+ = y 1.
Thus the required formula [(y 1)/ z] is

+ = y 1 .
Syntax, Continued
Substitution
188/241
Semantics of Predicate Logic
Semantics
189/241
FOL Adds to Propositional Logic
In propositional logic, semantics was described in terms of

valuations to propositional atoms, e.g. if t(p) = T and t(q) = F then
the truth valuation of (p q), i.e. (p q)t , evaluates to T.
FOL includes more ingredients (i.e., predicates, functions, variables,
terms, constants, etc.) and, hence, the semantics for FOL must
account for all of the ingredients.
We already saw the concept of an interpretation, which specifies the
domain and the identities of the constants, relations and functions.
Formulas that include variables, and perhaps quantifiers, require
additional information, known as an environment (or assignment).
Semantics
190/241
Environments
A first-order environment is a function that assigns a value in the
domain to each variable.
Example. With the domain N, we might have environment E1 given
by E1 () = 9 and E1 (y) = 2.
If the interpretation specifies < is less-than, then the formula
( < y), which is interpreted as (9 < 2), gets the value false.
Example. With the domain of fictional animals, we might have
E2 () = Tweety and E2 (y) = Nemo.
If the interpretation specifies < is was created before, then
( < y), which is interpreted as (Tweety was created before Nemo),
gets the value true.
Semantics
Environments
191/241
Constants Vs. Variables
Example: Let 1 an 2 be two formulas in FOL: 1 is P(c) (where c is

a constant) and 2 is P() (where is a variable).
Let I be the interpretation with domain N, cI = 2 and PI = is even.
Then 1I = T, but 2I is undefined.
To give 2 a value, we must also specify an environment. For
(I ,E)
example, if E() = 2, then 2
= T.
If we wish, we can consider a formula such as 2 that contains a free
variable as expressing a function: the function that maps E(), an
(I ,E)
environment, to 2
, which is either T or F.
Semantics
Environments
192/241
Meaning of Terms
The combination of an interpretation and an environment supplies a
value for every term.
Definition: Fix an interpretation I and environment E. For each
term t, the value of t under I and E, denoted t (I ,E) , is as follows.
If t is a constant c, the value t (I ,E) is cI .
If t is a variable , the value t (I ,E) is E .
(I ,E)
If t is (t1 , . . . , tn ), the value t (I ,E) is I (t1
, . . . , tn(I ,E) ).
To extend this definition to formulas, we must consider quantifiers.

But first, a few examples.
Semantics
Environments
193/241
Meaning of TermsExample
Example. Suppose a language has constant symbol 0, a unary
function s, and a binary function +. We shall write + in infix position:
( + y) instead of +(, y).

The expressions s s(0) + s() and s + s + s(0) are both
terms.
The following are examples of interpretations and environments.
dom{I} = {0, 1, 2, . . .}, 0I = 0, sI is the successor function (the
successor of is + 1) and + I is the addition operation.
(I ,E)
Then, if E() = 3, the terms get values s s(0) + s()
=6

(I ,E)
and s + s + s(0)
= 9.
Semantics
Environments
194/241
Meaning of TermsExample 2
dom{J } is the collection of all words over the alphabet {, b},
0J = ,
sJ appends to the end of a string, and
+ J is concatenation.
Let E() = b. Then
and
s s(0) + s()
(J ,E)
= b

(J ,E)
s + s + s(0)
= bb .
Semantics
Environments
195/241
Quantified Formulas
To evaluate the truthfulness of a formula , check whether
holds for every value d in the domain.
To evaluate the truthfulness of a formula , check whether
holds for some value d in the domain.
How can we express this precisely?
Definition: For any environment E and domain element d, the
environment E with re-assigned to d, denoted E[ 7 d],
is given by
(
d
if y is
E[ 7 d](y) =
E(y) if y is not .
Semantics
Environments
196/241
Values of Quantified Formulas
Definition: The values of and are given by

(
T if (I ,E[7d]) = T for every d in dom(I)
( )(I ,E) =
F otherwise
(
T if (I ,E[7d]) = T for some d in dom(I)
( )(I ,E) =
F otherwise
Note: The values of ( )(I ,E) and ( )(I ,E) do not depend on the
value of E().
The value E() only matters for free occurrences of .
Semantics
Environments
197/241
Examples: Value of a Quantified Formula

Example. Let dom(I) = {, b} and RI = {, , , b, b, b }.
Let E() = and E(y) = b. We have

R(, )(I ,E) = T, since E(), E() = , RI .

R(y, )(I ,E) = F, since E(y), E() = b,
/ RI .
(I ,E)
y R(y, )
= T, since R(y, )(I ,E[y7]) = T.

(That is, E[y 7 ](y), E[y 7 ]() = , RI ).
What is y R(, y)
(I ,E)
Semantics
Environments
198/241
Examples: Continued
Example. Let dom(I) = {, b} and RI = {, , , b, b, b}.
Let E() = and E(y) = b.
What is y R(, y)
(I ,E)
Since b,
/ RI , we have
R(, y)(I ,E[7b][y7]) = F ,
and thus
y R(, y)
Semantics
(I ,E)
Environments
=F .
199/241
Examples: Continued
Example. Let dom(I) = {, b} and RI = {, , , b, b, b}.
Let E() = and E(y) = b.
What is y R(, y)
(I ,E)
Since b,
/ RI , we have
R(, y)(I ,E[7b][y7]) = F ,
and thus
y R(, y)
What about y R(, y)
(I ,E)
Semantics
(I ,E)
=F .
Environments
199/241
A Question of Syntax
In the previous example, we wrote

R(, y)(I ,E[7b][y7]) = F .
Why did we not write simply
R(b, ) = F
or perhaps
R(b, )(I ,E) = F ?
Semantics
Environments
200/241
A Question of Syntax
In the previous example, we wrote

R(, y)(I ,E[7b][y7]) = F .
Why did we not write simply
R(b, ) = F
or perhaps
R(b, )(I ,E) = F ?
Because R(b, ) is not a formula. The elements and b of dom(I)

are not symbols in the language; they cannot appear in a formula.
Semantics
Environments
200/241
Satisfaction of Formulas
When an interpretation I and environment E satisfy a formula (i.e.
(I ,E) = T), we denoted it as I |=E ,
If they do not satisfy (i.e. (I ,E) = F), we denoted it as I 6|=E .
Form of
Condition for I |=E
R(t1 , . . . , tk )
E
(I ,E)
, . . . , tk
RI
I 6|=E
both I |=E and I |=E
either I |=E or I |=E (or both)
either I 6|=E or I |=E (or both)
for every dom(I), I |=E[7]
there is some dom(I) such that I |=E[7]
D
(I ,E)
t1
If I |=E for every E, then I satisfies , denoted I |= .
Semantics
201/241
Example: Satisfaction
Example. Consider the formula y R(, y y).

(For R a binary relation and a binary function.)
Suppose dom(I) = {1, 2, 3, . . .},
I is the addition operation, and
RI is the equality relation.
Then I |=E y R(, y y) iff E() is an even number.
Semantics
202/241
Validity and Satisfiability
Validity and satisfiability of FOL formulas have definitions analogous

to tautology and satisfiability for propositional logic.
Definition: A formula is
valid if every interpretation and environment satisfy ; that is, if
I |=E for every I and E,

satisfiable if some interpretation and environment satisfy ; that
is, if I |=E for some I and E, and

unsatisfiable if no interpretation and environment satisfy ; that
is, if I 6|=E for every I and E.

The term tautology is not used in predicate logic.
Semantics
203/241
Example: Satisfiability and Validity

Example: Let be the formula P g(), g(y) , g(z) . The formula is
satisfiable:
dom(I): N
I : summation
gI : squaring
PI : equality
E() = 3, E(y) = 4 and E(z) = 5.
is not valid. (Why?)
Semantics
204/241
Quantifiers Over Finite Domains
The universal and existential quantifiers may be understood

respectively as generalizations of conjunction and disjunction. If the
domain D = {1 , . . . , k } is finite then:
R(1 ) . . . R(k )
R()
iff
R()
iff R(1 ) . . . R(k )
where R is a property.
Semantics
205/241
Relevance Lemma
Lemma:
Let be a first-order formula, I be an interpretation, and E1 and E2
be two environments such that
E1 () = E2 () for every that occurs free in .
Then
I |=E1 if and only if I |=E2 .
Proof by induction on the structure of .
Semantics
206/241
Logical Consequence
Suppose is a set of formulas and is a formula. We say that is a

logical consequence of , written as |= , iff for any
interpretation I and environment E, we have I |=E implies I |=E .
|= means that is valid.
Semantics
207/241
Example

Example: Show that |= ( ) ( ) ( ) .
Proof by contradiction. Suppose there are I and E such that

I 6|=E ( ) ( ) ( ) .
For the implication to fail, we must have I |=E ( ) and
I 6|=E ( ) ( ).
For the second entailment to fail we must have I |=E and
I 6|=E .
Using the definition of |= for formulas with , we have for every
dom(I), I |=E[7] and I |=E[7] .
Thus also I |=E[7] for every dom(I).
Thus I |=E , a contradiction.
Semantics
208/241
Example
Example. Show that |= .
Semantics
209/241
Example
Example. Show that |= .
Suppose that I |=E . By definition, this means
for every dom(I), I |=E[7] .
Again by definition (for a formula with ), this is equivalent to
for every dom(I), I 6|=E[7]
and also
there is no dom(I) such that I |=E[7] .
This last is the definition of I |=E , as required.
Semantics
209/241
Example
Example: Show that, in general,
( ) ( ) 6|= ( ) .
That is, find and such that consequence does not hold.
Semantics
210/241
Example
( ) ( ) 6|= ( ) .
Key idea: yields true whenever is false. So have true in
some cases and so will be false.
Let be R(). Let I have domain {, b} and RI = {}, i.e. R is only
true for . Then I |= ( ) ( ) for any , because is false.
Semantics
210/241
Example
( ) ( ) 6|= ( ) .
Key idea: yields true whenever is false. So have true in
some cases and so will be false.
Let be R(). Let I have domain {, b} and RI = {}, i.e. R is only
true for . Then I |= ( ) ( ) for any , because is false.
To obtain M 6|= ( ), we can use R() for so will be false
when is true.

Thus ( ) ( ) 6|= ( ), as required.
Semantics
210/241
Example
Example: for any formula and term t,

|= ( ) [t/ ] .
That is, if is true for all then it must certainly be true when is
the term t.
Recall that functions must be total!
Semantics
211/241
Proofs in First-Order Logic

Using Natural Deduction
Natural Deduction
212/241
Natural Deduction for FOL
Natural Deduction for FOL extends Natural Deduction for

propositional logic by including rules for the introduction and
elimination of quantifiers.
Other proof techniques and tricks remain the same as natural
deduction for propositional logic.
Natural Deduction
213/241
e and i
Elimination of and introduction of are fairly straightforward.
Name
`-notation
inference notation
-elimination
(e)
If ` then
` [t/ ]

[t/ ]
-introduction
(i)
If ` [t/ ],
then `
[t/ ]

Given that a formula is true for every value of ,

conclude it is true for a particular value, such as that of t.
Given that a formula is true for a particular value (of t),
conclude it is true for some value.
Natural Deduction
-Elimination and -Introduction
214/241
Example: e
Consider the proof of the following statements.
All fish can swim. Nemo is a fish. Therefore, Nemo can swim.

In FOL: show that (F() S()), F(Nemo) ` S(Nemo)..
Proof:
1.
(F() S())
Premise
2.
F(Nemo)
Premise
3.
F(Nemo) S(Nemo)
e: 1
4.
S(Nemo)
e: 2, 3
The e rule allows us to go from talking about all the elements in the
domain (line 1) to talking about a specific element, Nemo (line 4).
The proof doesnt care what F and S mean. Fishiness and swimming
ability really have nothing to do with the argument.
Natural Deduction
215/241
Example: i

Example. Show P(y) ` P() Q(y) .
1.
P(y)
Premise
2.
P(y)
Assumption
3.
e: 2, 1
4.
Q(y)
e: 3
5.
P(y) Q(y)
6.
i: 24
P() Q(y)
i: 5
The i rule allows us to go from talking about a particular element in

the domain (lines 1-5) to talking about some element, (line 6).
If P(y) is true, then P(y) Q(y) is true because F T is true.
Natural Deduction
216/241
Note to the example

The general form of rule i:
Use in the previous example:

P(y) Q(y)
[t/ ]

P() Q(y)
We took P() Q(y) for .

However, knowing what [t/ ] is, does not determine what is, i.e.
other substitutions are possible.
We could also take P() Q() for ; thus the derivation step would
be
P(y) Q(y)
.
P() Q()

But the formula P() Q() is not what we wanted to prove.
Natural Deduction
217/241
Soundness of -Elimination and -Introduction

Claim I: For any formula , variable and term t,
|= [t/ ]
and
[t/ ] |= .
E.g. (for the 2nd claim) if [t/ ] ` ND , then any interpretation

and environment that makes [t/ ] true makes .
Proof: Suppose I |=E Q ; i.e., for (every/some) d dom(I),
(I ,E[7d]) = T .
Since d = t (I ,E) is a domain value, it suffices to show
Claim II: For every formula , variable and term t,
[t/ ] (I ,E) = (I ,E[7t
(I,E) ])
I.e. you can substitute first and then evaluate with I, E or evaluate
with the modified environment where 7 t (I ,E) .
To prove this, use the defn of substitution, Cases 4, 5(a) and 5(b).
Natural Deduction
218/241
Soundness of -Elimination, Contd

There are many cases (e.g. of the form (), ( ? ), ( )). One
of the cases (the others are an exercise): is a quantified formula,
say y .
We have (y )(I ,E[7t
(I,E) ])
= T iff for some d dom(I),
(I ,E[7t
(I,E) ][y7 d])
=T .
Likewise, we have (y [t/ ])(I ,E) = T iff for some d dom(I),

([t/ ])(I ,E[y7d]) = T .
In the first case, t is evaluated under environment E. In the second, t
is evaluated under environment E[y 7 d] (or a further modification).
If y is free in t, the difference matters!
Also, we have a problem if y is the same variable as .
Natural Deduction
219/241
Defining Substitution
The definition of substitution included the following.
For a variable and a term t:
4. If is (Q ), then [t/ ] is .
5. If is (Qy ) for some other variable y, then
If y does not occur in t, then [t/ ] is (Qy [t/ ]).
Otherwise, let z be a variable that occurs in neither nor t;
then [t/ ] is (Qz ([z/ y])[t/ ]).
With this definition, we always get that, as required,

(Qy )(I ,E[7t
(I,E) ])
= (Qy )[t/ ]
(I ,E)
Proof left to you.

(Note: (Qy )[t/ ]
(I ,E)
may differ from Qy([t/ ])
Natural Deduction
(I ,E)
!)
220/241
Proving a Universal
The -introduction rule follows ordinary mathematical usage. To
prove a property holds for all integers, one often starts with
Let be an integer. . . .
This means the same as
Assume that the variable refers to an integer.
Then one proves that has the property.
Since we know nothing about the value , except that it is an
integer, this justifies that every integer has the property.
One could also start the proof with
Let be anything. If is an integer, then. . . .
The conclusion is essentially the same.
Natural Deduction
-Introduction
221/241
Rule -Introduction
Definition: a variable is fresh in a subproof if it occurs nowhere
outside the subproof box (i.e. is not a free variable outside the
subproof).
Freshness captures the notion of know nothing about it.
Name
-introduction
(i)
`-notation
inference notation
If ` [y/ ] and
y not free in or ,
y fresh
..
.
[y/ ]
then `

In words: in order to prove (), prove (y) for an arbitrary y in
the domain.
Natural Deduction
-Introduction
222/241
Rule i Is Sound
To further clarify the rule i, we show that it is sound. That is,
Suppose that |= [y/ ] and y is not free in or .
Then |= .
Proof: Fix an arbitrary I and E with I |=E .
The supposition |= [y/ ] thus requires I |=E [y/ ].
We need to show that I |=E[7d] for every d dom(I).
Consider an arbitrary d dom(I).
Since y is not free in , the Relevance Lemma yields I |=E[y7d] ,
i.e. since y is not a free variable in any of and environments only
assign values to the free variables, this does not affect the truth of
any interpretation.
Since y is not free in , we have [y/ ] (I ,E[y7d]) = (I ,E[7d]) , i.e.
whether we set to d, or replace by y and set y to d, we get the
same result.
Therefore I |=E[7d] for every d, and thus I |=E as required.
Natural Deduction
-Introduction
223/241
Example: Use of i
Example. Show that ` , for any .
1.
2.
fresh
n.
Premise
[/ ]
??
i: 26
Approach: By picking an arbitrary , substituting it in , resulting in

a contradiction, then for an arbitrary cannot exist.
Note: fresh means we choose any variable not in , or more
generally, that does not occur outside the subproof box.
Natural Deduction
-Introduction
224/241
Example: Use of i
Example. Show that ` , for any .
1.
2.
fresh
3.
[/ ]
Assumption
4.
i: 3
5.
e: 1, 4
6.
[/ ]
i: 35
7.
i: 26
Premise
Approach: By picking an arbitrary , substituting it in , resulting in

a contradiction, then for an arbitrary cannot exist.
Note: fresh means we choose any variable not in , or more
generally, that does not occur outside the subproof box.
Natural Deduction
-Introduction
224/241
Example: Another use of i

Show that ( ) ` ( ) ( ).
1.
( )
Premise
( ) ( )
i??
Approach: Since ( ) and , pick an arbitrary case,

[/ ], and show how that assumption leads to [/ ].
Note: do not apply rule e until you know which term to use.
Natural Deduction
-Introduction
225/241

Show that ( ) ` ( ) ( ).
1.
( )
Premise
2.
Assumption
8.
i???
( ) ( )
i??

Natural Deduction
-Introduction
225/241

Show that ( ) ` ( ) ( ).
1.
( )
Premise
2.
Assumption
3.
fresh
6.
[/ ]
7.
i???
8.
( ) ( )
i??
??

Natural Deduction
-Introduction
225/241

Show that ( ) ` ( ) ( ).
1.
( )
Premise
2.
Assumption
3.
fresh
4.
[/ ] [/ ]
e: 1
5.
[/ ]
e: 2
6.
[/ ]
e: 4, 5
7.
i: 36
8.
( ) ( )
i: 27

Natural Deduction
-Introduction
225/241
Elimination of an Existential Quantifier

Name
-elimination
(e)
`-notation
If , [/ ] ` ,
with fresh,
then , `
inference notation
[/ ], fresh
..
.
This can be seen as a generalization of the -elimination rule: i.e. if

follows from any cases where [/ ] is true then the can be
eliminated.
In e, the variable should not occur free in , , or , or more
generally, anywhere outside the subproof box.
Of course, will normally be free in [/ ].
Natural Deduction
-Elimination
226/241
Rule e Is Sound
The rule e is sound. That is,

Suppose that , [/ ] |= and is not free in , , or .
Then , |= .
Proof: Exercise. Follow the proof of soundness of i, i.e. since is

not free in , or then, for example, it is not affected by different
environments.
Natural Deduction
-Elimination
227/241
Example: Use of e
Example. Show that R() ` y R(y).

1.
R()
Premise
2.
R(), fresh
Assumption
3.
y R(y)
i: 2 (term )
4.
y R(y)
e: 1, 23
It is as if you are giving the name to the value of such that

R() is true in the R() formula.
Natural Deduction
-Elimination
228/241
Extending the example?

Note: the previous proof did not depend on the particular relation R
that we used.
Idea: Can we do the same proof for arbitrary formulas?
Does ` y [y/ ] hold?
1.
Premise
2.
[/ ], fresh
Assumption
3.
[y/ ][/ y]
Is this step OK?
4.
y [y/ ]
i: 3 (term )
5.
y [y/ ]
e: 1, 24
Here [y/ ][/ y] (on line 3) means first substitute y for , then
substitute for y in forumula .
Is the formula on line 2 the same as the one on line 3?
Natural Deduction
-Elimination
229/241
Extending the example?

Note: the previous proof did not depend on the particular relation R
that we used.
Idea: Can we do the same proof for arbitrary formulas?
Does ` y [y/ ] hold?
1.
Premise
2.
[/ ], fresh
Assumption
3.
[y/ ][/ y]
Is this step OK?
4.
y [y/ ]
i: 3 (term )
5.
y [y/ ]
e: 1, 24
Here [y/ ][/ y] (on line 3) means first substitute y for , then
substitute for y in forumula .
Is the formula on line 2 the same as the one on line 3?
If y is free in , then no the derivation fails.
But otherwise, it works.
Natural Deduction
-Elimination
229/241
Example: and together

1.
Premise
e ??
Natural Deduction
-Elimination
230/241

1.
Premise
2.
[/ ], fresh
Assumption
i ??
e ??
7.
On line 2, it is as if you are giving the name to the value of

such that is true in the formula.
Natural Deduction
-Elimination
230/241

1.
Premise
2.
[/ ], fresh
Assumption
3.
Assumption
4.
[/ ]
e: 3
5.
e: 4, 2
6.
i: 35
7.
e: 1, 26

such that is true in the formula.
On line 3, assume is true and then derive a contradiction.
Natural Deduction
-Elimination
230/241
Example: e and i together, again

We can interchange the quantifiers in the previous deduction.
Example. Show ` .
1.
Premise
2.
Assumption
3.
[/ ] ( fresh)
Assumption
4.
[/ ]
e: 1
5.
e: 3, 4
6.
e: 2, 35
7.
i: 26
On line 2, assume is true and then derive a contradiction.

such that is true in the formula and then getting a
contradiction from on line 1.
Natural Deduction
-Elimination
231/241
Quantifiers and Negation: The final case

So far, we have shown ` ,
` , and
` .
1.
Premise
[t/ ]
??
i: ??
Natural Deduction
-Elimination
232/241

` , and
` .
1.
Premise
[t/ ]
??
i: ??
For what term t can we prove [t/ ]?
Natural Deduction
-Elimination
232/241

` , and
` .
1.
Premise
[t/ ]
??
i: ??
For what term t can we prove [t/ ]?

We wont try to show [t/ ] directly. Well do a proof by
contradiction, i.e. assume (on line 2).
Then show that [/ ] leads to a contradiction and so does
[/ ].
Natural Deduction
-Elimination
232/241
The Final Case: A full proof

1.
Premise
2.
Assumption
3.
fresh
4.
[/ ]
5.
i: 4
6.
e: 5, 2
7.
[/ ]
i: 46
8.
[/ ]
e: 7
9.
Assumption
i: 38
10.
e: 9, 1
11.
i: 210
12.
e: 11
Natural Deduction
-Elimination
233/241
Repeated Quantifiers
The rules for elimination and introduction of quantifiers (slides 214,

222 and 226) can be generalized to multiple quantifiers.
Let 1 , . . . , n be n distinct variables.
-elim If ` 1 n , then ` [t1 / 1 ] [tn / n ].
-intro If ` [t1 / 1 ] [tn / n ], for terms t1 , . . . , tn ,
then ` 1 n .
-intro If ` [1 / 1 ] [n / n ], with variables 1 , . . . , n fresh,
then ` 1 n .
-elim If ` 1 n and {[1 / 1 ] [n / n ] ` , with
1 , . . . , n fresh, then ` .
Natural Deduction
-Elimination
234/241
Example: Repeated universal quantifiers
Example. Show that y A(, y) ` y A(, y).

1.
y A(, y)
2.
, fresh
3.
A(, )
e (2): 1
4.
y A(, y)
i (2): 3
Natural Deduction
Premise
-Elimination
235/241
Exercise on Quantifier Rules
Exercise. Show that

Q() R() , P() Q() ` P() R() .
Left to you.
Natural Deduction
-Elimination
236/241
FOL with Equality

Generally, relation symbols have no mandated interpretation.
Sometimes, however, one makes an exception for the symbol =.
Definition: First-Order Logic with Equality is First-Order Logic with
the restriction that the symbol = must be interpreted as equality
on the domain:

(=)I = d, d | d dom(I) .
There are two ways to account for this restriction in our proofs.
1. Add deduction rules for symbol =:
Equals-Introduction:
Equals-Elimination:
t=t
=i
t1 = t2 [t1 / ]
=e
[t2 / ]
2. Alternatively, use axioms rather than deduction rules. . . .

Logic With Equality
237/241
Axioms for Equality

Instead of deduction rules for =, one can define axioms for equality.
An axiom is a permanent premise; it may be used at any time.
EQ1: = is an axiom.
EQ2: For each formula and variable z,

y = y [/ z] [y/ z]
is an axiom.
These axioms imply

Symmetry of =: ` y = y y = .

Transitivity of =: ` y = y (y = = ) .
Logic With Equality
238/241
Symmetry of Equality: Proof

Lemma (EQsymm): ` y = y y = .
Using Axioms EQ1 and EQ2.

1.
, fresh
= =
y = y y =
???
Logic With Equality
i (2): 1?
239/241


1.
, fresh
2.
Assumption
??
= =
y = y y =
i: 2?
Logic With Equality
i (2): 1?
239/241


1.
, fresh
2.
3.
y = y ( = y = )
4.
= ( = = )
e (2) [, ]: 3
5.
==
e: 2, 4
??
Assumption
= =
y = y y =
EQ2 [z = ]
i: 2?
Logic With Equality
i (2): 1?
239/241


1.
, fresh
2.
3.
y = y ( = y = )
4.
= ( = = )
e (2) [, ]: 3
5.
==
e: 2, 4
6.
EQ1
7.
e []: 6
8.
e: 7,5
9.
= =
10.
Assumption
y = y y =
EQ2 [z = ]
i: 24
Logic With Equality
i (2): 110
239/241
Transitivity of Equality: Proof

Lemma (EQtrans): ` y = y (y = = )
Using EQsymm (from previous slide), Axioms EQ1 and EQ2.

1.
, , fresh
2.
y ( = y) ( = y = )
3.
= ( = = )
4.
Assumption
5.
EqSymm
6.
==
e: 5, 3
7.
= ( = = )
i: 46
8.
y

= y (y = = )
i (3): 18
Logic With Equality
EQ2 [z = ]
e (2) [, ]: 2
240/241
Derived Proof Rules for Equality

Equality satisfies the following derived rules.
EQtrans(k):
t1 = t2
t2 = t3
t1 = tk+1
tk = tk+1
for any t1 , . . . , tk+1 .
EQtrans(k) results from k 1 uses of transitivity.
EQsubs(r):
and t2 .
t1 = t2
r[t1 / z] = r[t2 / z]
for any variable z and terms r, t1
Prove as an exercise.
Logic With Equality
241/241

Cs245 F16 Part 1

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Cs245 F16 Part 1

Transféré par

Droits d'auteur :

Formats disponibles

Logic and Computation:

Broad Outline of Propositional Logic

Introduction to Propositional Logic

Logic: What and Why

systems we create or encounter, in order to reason about those

apply reason and make inferences (artificial intelligence).

argument: an argument that may be checked by a machine.

An Example Argument (2)

An Example Argument (2)

An Example Argument (3)

Logic concerns careful reasoning about the process of reasoning.

We shall start with a basic form of logic, called propositional logic.

A proposition is a declarative sentence that is either true or false.

p outputs the value 2 .

If Kathleen Wynne is a Tory, then Justin Trudeau is a Liberal.

In some of the cases, we may not know whether the statement is

Translating from English to propositional logic

not p; p does not hold; p is false;

p and q; p but q; not only p but q; p while q;

p or q, p or q or both, p and/or q, p unless q

if p then q; p implies q; q if p, p only if q, q when p,

p if and only if q (p iff q);

Translating from English to propositional logic

Translating from English to propositional logic

Some sentences are not propositions. For example, a sentence

The Aspects of Logic

Propositional logic is a form of symbolic logic. That is, it uses strings

Atomic and compound propositions

First, however, we must answer the question,

Symbols and expressions

Every formula is a sequence of symbols, but not every sequence of

Symbols, expressions and formulas

We often use a letter that is not formally a symbol in order to name

Symbols, expressions and formulas

Talking about expressions

We write to mean the concatenation of two expressions

and . For example, if

Symbols, expressions and formulas

Symbols, expressions and formulas

Definition of well-formed formula

(Note the use of the meta-symbols and to refer to formulas.)

Symbols, expressions and formulas

Examples: well-formed formulas

Example: The following are well-formed formulas.

(rule 2, from #1)

(rule 3, from #1)

(rule 3, from #2 and #1)

5. ((r q) ((p) s))

(rule 3, from #3 and #4)

(rule 2, from #3)

Symbols, expressions and formulas

The Kinds of Formulas

Symbols, expressions and formulas

Valuations: the status of atoms

A propositional variable has no intrinsic meaning; it gets a meaning

Let and be two formulas that express propositions A and B.

The English, however, can be ambiguous. We want precise

Truth tables for connectives

is as expected: ( ) is true if and only if both and are true.

Summary: value of a formula

The value of a formula

Unique Readability of Formulas

Theorem. Every well-formed formula has a unique derivation as a

(Why) Is the Theorem True?