Vous êtes sur la page 1sur 32

| 






 

 

Course V231
Department of Computing
Imperial College

Jeremy Gow


 

þ If Unify(Pj, ¬Qk) = ë (¬ makes them unifiable)

P1 « Pm, Q1 « Qn
Subst(ë, P1 « (no Pj) « Pm Q1 « (no Qk) ... Qn)

þ Pj and Qk are resolved


þ Arbitrary number of disjuncts
þ Relies on preprocessing into CNF
|
 



r.g. for A = {1, 2, 7} first clause is L1 L2 L7



  

þ ånowledge base of clauses


± Start with the axioms and negation of theorem in CNF
þ Resolve pairs of clauses
± Using single rule of inference (full resolution)
± Resolved sentence contains fewer literals
þ Proof ends with the empty clause
± Signifies a contradiction
± Must mean the negated theorem is false
þ (Because the axioms are consistent)
± Therefore the original theorem was true
r

 

þ Resolution theorem proving ends


± When the resolved clause has no literals (empty)
þ This can only be because:
± Two  
 were resolved
þ one was the negation of the other (after substitution)
± rxample: q(X) and ¬q(X) or: p(X) and ¬p(bob)
þ Hence if we see the empty clause
± This was because there was an inconsistency
± Hence the proof by refutation

 
 

þ  
: ånowledge base (åB) of axioms
and negated theorem in CNF
þ o
 : Resolution rule picks 2 clauses
and adds new clause
þ ï
: Does åB contain the empty clause?

þ Search space of åB states


þ We want proof (path) or just checking (artefact)
| 
r 
|  

þ Socrates is a man and all men are mortal


Therefore Socrates is mortal
þ Initial state
1) is_man(socrates)
2) is_man(X) is_mortal(X)
3) ¬is_mortal(socrates) (negation of theorem)

þ Resolving (1) & (2) gives new state


(1)-(3) & 4) is_mortal(socrates)
| 
r 
!
 

1) is_man(socrates)
2) is_man(X) is_mortal(X)
3) ¬is_mortal(socrates)

1) is_man(socrates) 1) is_man(socrates)
2) is_man(X) is_mortal(X) 2) ¬is_man(X) is_mortal(X)
3) ¬is_mortal(socrates) 3) ¬is_mortal(socrates)
4) is_mortal(socrates) 4) ¬is_man(socrates)

1) is_man(socrates) 1) is_man(socrates)
2) is_man(X) is_mortal(X) 2) is_man(X) is_mortal(X)
3) ¬is_mortal(socrates) 3) ¬is_mortal(socrates)
4) is_mortal(socrates) 4) ¬is_man(socrates)
5) False 5) False

  

 "

  

 #

$  

#

Vou said that all men were mortal. That means


that for all things X, either X is not a man, or X
is mortal [CNF step]. If we assume that
Socrates is not mortal, then, given your
previous statement, this means Socrates is not
a man [first resolution step]. But you said that
Socrates ? a man, which means that our
assumption was false [second resolution step],
so Socrates must be mortal.

%&  r 


 $
!'()&

þ Can reintroduce  to CNF, e.g.


¬A ¬C B becomes (A  C)  B
þ '() normal form
(A1 « An)  (B1 « Bn)
þ Resolve in åNF using µåNF style¶ rules
± e.g. Binary resolution«
AB, BC
AC
%&r 
!'()&
%&r 
! 

%&r 
! 
 
%&r 
! 
 
r| 

þ is_pres(obama) and is_pres(b_obama)


± will not unify (syntactically different)
þ unification algorithm does not allow this
± rven if we add to the knowledge base:
þ obama = b_obama

þ  ! add
  to åB
± X=X, X=ViV=X, etc.
± Special axiom for

 predicate/function:
þ X = V  P(X) = P(V)
r%*
$

þ |

 : rewrite with equalities
þ Demodulation inference rule
X=V, A[S] Unify(X, S) = ë
Subst(ë, A[V])

± Two input clauses (one an equality X=V)


± Unify X with a subterm S of other
± Apply unifier to clause with subterm V (not S)
± Also works unifying with V and putting in X
´
  



þ Pure resolution search tends to be slow


þ For interesting problems
± Many clauses in the initial knowledge base
± rach step adds a new clause (which can be used)
± Num. of possible resolution combinations
$

þ 

 ´
 
± Intelligently choose which pair to resolve
þ    ´
 
± Forbid certain pairs
ë 



 


þ Prefer to resolve unit clauses


± Contain only a single literal
± Selection heuristic
þ Searching for smallest (empty) clause
± Resolving with the unit clauses keeps small

þ Very effective early on for simple problems


± Doesn¶t reduce branching rate for medium problems

  


þ Distinguished subset of åB clauses


± Set of support (SoS) clauses
± rvery step must involve SoS (pruning heuristic)
þ Must be careful not to lose completeness

þ rxample SoS strategy:


± Initial SoS is negated theorem
± Add new clauses to SoS
± Hence False will be deduced (strategy is complete)
þ Many provers use SoS, e.g. Prover9
 
  


þ Special case of SoS strategy


± SoS = clauses in the initial knowledge base
þ Clearly reduces search space
± rvery resolution must involve an original clause
± So number of possible resolutions grows slowly

þ Not complete for first order logic


þ But complete for Horn-clauses, e.g. Prolog
+

þ Clause C +
 clause D
± if C is more µgeneral¶ (D is more specific)
þ Naive check for subsumption
± Select C2, a subset of literals of C
± Find Unify(C2, D) = ë
± ë does not add anything to D (only renames vars)
þ rxample:
± p(george) Ú q(X) subsumed by p(A) Ú q(B) Ú r(C)
± Substitution: {A/george, X/B}
± Second clause is more general
+  


þ Check each new clause is not subsumed by åB


þ Complete strategy
± Specific clauses can be inferred from general ones
± So we can throw specific clauses away
± Reduced search space still contains False
þ Can be inefficient
± expense must be outweighed by the reduction in the
search space
| !|  |
+ 

þ Bill McCune and Larry Wos


± Argonne National Laboratories
± Fo resolution provers: rQP, otter, Prover9
þ ++  +
 (axioms of Boolean algebras)
± Stated 60+ years ago, mathematicians failed
± 1996: rQP solved in 8 days in 1996 (+human work)
þ General application to algebraic axiomatisations
± Generate possible axioms for algebras
± Prove new axioms equivalent to old
| !
  

þ Simon¶s HR system: Automated Theory Formation


± Used in mathematical (and bioinformatics) domains
þ Theories = concepts, examples, conjectures, proofs
þ HR uses otter to prove conjectures it makes
þ rffective in algebraic domains
± See notes for anti-associative algebra results
þ otter not so effective in number theory
± Used as a µtriviality¶ filter (discard theorems it can prove)
± rxample conjectures made by HR (and proved by Simon):
þ Sum of divisors is prime ĺ number of divisors is prime
þ Sum of divisors of a square is an odd number
þ Perfect numbers are pernicious [and many more«..]
 $


 

þ Deduction by 
 $

þ Induction over many different structures


þ Allows reasoning about recursion/iteration
± Useful for hardware/software verification
þ *  
inductive learning (next lecture)
 



 

þ Necessary to interact with humans in order to


prove theorems of any difficulty

þ 
  
± Let a theorem prover do simple tasks while you
develop a theory (e.g., Buchberger¶s Theorema)
þ ï$
$

 

± User follows and guides computer proof attempt


± Needs visualisation tools for proof trees
´ 
o $


 

þ Deduction in higher order logics


± See lecture 4
± Allows more natural and succinct statements
± Logics much less well-behaved
þ HoL theorem prover
± Larry Paulson¶s group in Cambridge
± Has been used for verification tasks
þ r.g. verification of crytographic protocols
± Uses induction and interactive control
  

þ Initially Alan Bundy¶s group in rdinburgh


þ Human proofs often follow a similar structure
± rxpress this as a 

± 
$ represent a patterns of deduction
þ outline plan $
 proof search
± Results in specific plan for theorem
± Critics deal with common problems
þ Particularly useful for inductive theorems
± Proof of base case and step case follow pattern
*+
%
 

þ TPTP library (Sutcliffe & Suttner)


± Thousands of Problems for Theorem Provers
± Benchmarks for first order provers
± HR is only non-human to add to this library
þ Annual CASC competition (Sutcliffe et al.)
± Which is fastest/most accurate Fo prover on planet?
± Uses blind selection from the TPTP library
± 2002-08 champion: Vampire (Voronkov & Riazonov)

Vous aimerez peut-être aussi