Is it important to explain a theorem? A case study in UML and ALCQI
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Is it important to explain a theorem? A case study in UML and ALCQI

  • 486 views
Uploaded on

presented at Ethecom 2009 (workshop of ER 2009, Gramado, RS)

presented at Ethecom 2009 (workshop of ER 2009, Gramado, RS)

More in: Education , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
486
On Slideshare
476
From Embeds
10
Number of Embeds
3

Actions

Shares
Downloads
2
Comments
0
Likes
0

Embeds 10

http://www.linkedin.com 5
http://www.lmodules.com 3
https://www.linkedin.com 2

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Is It Important to Explain a Theorem? A Case Study on UML and ALCQI Edward Hermann Haeusler Alexandre Rademaker Departamento de Informática - PUC-Rio - Brasil Ethecom 2009
  • 2. Conceptual Modelling from a Logical Point of View Main Steps Additional Observations
  • 3. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. Additional Observations
  • 4. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. Additional Observations
  • 5. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). Additional Observations
  • 6. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). Additional Observations
  • 7. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations
  • 8. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations Steps 1 and 2 may be facilitated by the use of an informal notation (UML, ER, FlowCharts, etc) and their respective methodology, but it is essentially “Black Art” (cf. Maibaum).
  • 9. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations Steps 1 and 2 may be facilitated by the use of an informal notation (UML, ER, FlowCharts, etc) and their respective methodology, but it is essentially “Black Art” (cf. Maibaum). Step 5 full-filling demands quite a lot of knowledge of the Model.
  • 10. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations Steps 1 and 2 may be facilitated by the use of an informal notation (UML, ER, FlowCharts, etc) and their respective methodology, but it is essentially “Black Art” (cf. Maibaum). Step 5 full-filling demands quite a lot of knowledge of the Model. Step 5 essentially provides finitely many tests as support for the correctness of an infinite quantification.
  • 11. The Validation Cycle Figure: Refinements and Cascaded Validation
  • 12. Validation of (Formal?) Specifications The Scientific Basis of our approach
  • 13. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc].
  • 14. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Specifications as Scientific Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc.
  • 15. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Specifications as Scientific Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc. Popper’s Falseability Principle drives (formal) validation analysis.
  • 16. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Specifications as Scientific Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc. Popper’s Falseability Principle drives (formal) validation analysis. Correctness ⇔ Positives and False Positives.
  • 17. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Specifications as Scientific Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc. Popper’s Falseability Principle drives (formal) validation analysis. Correctness ⇔ Positives and False Positives. Completeness ⇔ Negatives and False Negatives.
  • 18. Positives, False Negatives, False Positives Is anything true about Truth ?? Is anything wrong with the Truth ?? Is anything true about Falsity ??
  • 19. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Is anything wrong with the Truth ?? Is anything true about Falsity ??
  • 20. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? Is anything true about Falsity ??
  • 21. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. Is anything true about Falsity ??
  • 22. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Is anything true about Falsity ??
  • 23. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Is anything true about Falsity ??
  • 24. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Explanations from counter-examples. Is anything true about Falsity ??
  • 25. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Explanations from counter-examples. Is anything true about Falsity ?? M |= φ, but Spec(M) φ.
  • 26. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Explanations from counter-examples. Is anything true about Falsity ?? M |= φ, but Spec(M) φ. Why does this false proposition hold ?? Provide me a proof of φ.
  • 27. Existing Deductive Systems Paradigms 1. Aristotle’s Syllogisms (300 B.C.) 2. Axiomatic (Frege1879, Hilbert, Russell). 3. Natural Deduction (Jaskowski1929,Gentzen1934-5, Prawitz1965) 4. Sequent Calculus (Gentzen1934-5) 5. Tableaux (Beth 1955, Smullyan1964) 6. Resolution-Based (A.Robinson1965)
  • 28. Conceptual Modelling: Some motivation on explaining a theorem Consider an ontology/KB containing: (Quad ∧ PissOnFireHydrant) → Dog
  • 29. Conceptual Modelling: Some motivation on explaining a theorem Consider an ontology/KB containing: (Quad ∧ PissOnFireHydrant) → Dog This KB draws (Quad → Dog) ∨ (PissOnFireHidrant → Dog)
  • 30. Conceptual Modelling: Some motivation on explaining a theorem Verifying this using Tableaux: V Quad ∧ PoFH → Dog F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F PoFH → Dog V Quad F Dog V PoFH F Dog F Quad ∧ PoFH V Dog F Quad F PoFH
  • 31. Conceptual Modelling: Some motivation on explaining a theorem Another tableaux proof of Quad ∧ PoFH → Dog (Quad → Dog) ∨ (PoFH → Dog): V Quad ∧ PoFH → Dog F Quad ∧ PoFH V Dog F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F (Quad → Dog) F PoFH → Dog F PoFH → Dog V Quad V Quad F Dog F Dog V PoFH F Dog F Quad F PoFH
  • 32. Conceptual Modelling: Some motivation on explaining a theorem One more tableaux proof of Quad ∧ PoFH → Dog (Quad → Dog) ∨ (PoFH → Dog): V Quad ∧ PoFH → Dog F Quad ∧ PoFH V Dog F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F Quad F PoFH F PoFH → Dog F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) ∨ (PoFH → Dog) V Quad F (Quad → Dog) F (Quad → Dog) F Dog F PoFH → Dog F PoFH → Dog V Quad V PoFH F Dog F Dog
  • 33. Conceptual Modelling: Some motivation on explaining a theorem Yet another Tableaux: V Quad ∧ PoFH → Dog and many more..... F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F PoFH → Dog F Quad ∧ PoFH V Dog V Quad F Quad F PoFH V Quad F Dog V Quad F Dog F Dog V PoFH F Dog
  • 34. In Sequent Calculus A proof that KB (Quad → Dog) ∨ (PoFH → Dog) Quad ⇒ Quad PoFH ⇒ PoFH Quad, PoFH ⇒ Quad Quad, PoFH ⇒ PoFH Quad, PoFH ⇒ Quad ∧ PoFH Dog ⇒ Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog, Dog KB ⇒ PoFH ∧ Quad → Dog PoFH, PoFH ∧ Quad → Dog ⇒ (Quad → Dog), Dog PoFH, KB ⇒ (Quad → Dog), Dog KB ⇒ (Quad → Dog), (PoFH → Dog) KB ⇒ (Quad → Dog) ∨ (PoFH → Dog)
  • 35. In Sequent Calculus Other proof that KB (Quad → Dog) ∨ (PoFH → Dog) Quad ⇒ Quad PoFH ⇒ PoFH Quad, PoFH ⇒ Quad Quad, PoFH ⇒ PoFH Quad, PoFH ⇒ Quad ∧ PoFH Dog ⇒ Dog KB ⇒ PoFH ∧ Quad → Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog KB, Quad, PoFH ⇒ Dog KB, Quad, PoFH ⇒ Dog, Dog KB, PoFH ⇒ (Quad → Dog), Dog KB ⇒ (Quad → Dog), (PoFH → Dog) KB ⇒ (Quad → Dog) ∨ (PoFH → Dog)
  • 36. In Sequent Calculus One more proof that KB (Quad → Dog) ∨ (PoFH → Dog) Quad ⇒ Quad PoFH ⇒ PoFH Quad, PoFH ⇒ Quad Quad, PoFH ⇒ PoFH Quad, PoFH ⇒ Quad ∧ PoFH Dog ⇒ Dog KB ⇒ PoFH ∧ Quad → Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog KB, Quad, PoFH ⇒ Dog KB, PoFH ⇒ (Quad → Dog) KB, PoFH ⇒ (Quad → Dog), Dog KB ⇒ (Quad → Dog), (PoFH → Dog) KB ⇒ (Quad → Dog) ∨ (PoFH → Dog)
  • 37. In Sequent Calculus Yet another proof that KB (Quad → Dog) ∨ (PoFH → Dog) Quad ⇒ Quad PoFH ⇒ PoFH Quad, PoFH ⇒ Quad Quad, PoFH ⇒ PoFH Dog ⇒ Dog Quad, PoFH ⇒ Quad ∧ PoFH Dog ⇒ Dog, Dog KB ⇒ PoFH ∧ Quad → Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog, Dog KB, Quad, PoFH ⇒ Dog, Dog KB, PoFH ⇒ (Quad → Dog), Dog KB, PoFH ⇒ (Quad → Dog), Dog KB ⇒ (Quad → Dog), (PoFH → Dog) KB ⇒ (Quad → Dog) ∨ (PoFH → Dog) and many more...
  • 38. In Natural Deduction A (normal) proof [Quad]a [PoFH]b Quad ∧ PoFH Quad ∧ PoFH → Dog Dog b PoFH → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ a [Quad]d ¬Quad ⊥ Dog d Quad → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ c (Quad → Dog) ∨ (PoFH → Dog)
  • 39. In Natural Deduction THE other (normal) proof [Quad]a [PoFH]b Quad ∧ PoFH Quad ∧ PoFH → Dog Dog b PoFH → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ Dog a Quad → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ c (Quad → Dog) ∨ (PoFH → Dog)
  • 40. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP).
  • 41. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP). Cut-Elimination in S.C entails SFP. Haupsatz
  • 42. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP). Cut-Elimination in S.C entails SFP. Haupsatz Normalization in N.D. entails SFP. Normalization
  • 43. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP). Cut-Elimination in S.C entails SFP. Haupsatz Normalization in N.D. entails SFP. Normalization Strongly related to analytic Tableaux based procedures.
  • 44. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons Technical reasons
  • 45. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons “Fewer” proofs of a proposition when compared to other Deductive Systems. Technical reasons Natural Deduction reveals the computational content of a proof. CH-Isomorphism
  • 46. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons “Fewer” proofs of a proposition when compared to other Deductive Systems. “More” structure and existence of specific patterns to help paragraph construction in NL. Technical reasons Natural Deduction reveals the computational content of a proof. CH-Isomorphism The prover can choose the pattern it wants the proof should have. Seldin Prawitz
  • 47. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons “Fewer” proofs of a proposition when compared to other Deductive Systems. “More” structure and existence of specific patterns to help paragraph construction in NL. Working hypothesis: “Optimal explanations should be tailored from well-known proof patterns” Technical reasons Natural Deduction reveals the computational content of a proof. CH-Isomorphism The prover can choose the pattern it wants the proof should have. Seldin Prawitz
  • 48. Conceptual Modelling in UML and ER The Informal Side The Logical Side
  • 49. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. The Logical Side
  • 50. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. Lacking of a formal consistency checking. The Logical Side
  • 51. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. Lacking of a formal consistency checking. The Logical Side FOL cannot provide checking of KB consistency.
  • 52. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. Lacking of a formal consistency checking. The Logical Side FOL cannot provide checking of KB consistency. Decidable logics seems to be more adequate.
  • 53. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML
  • 54. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular.
  • 55. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ?
  • 56. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ? A Logical Language to express properties and their proofs (ALCQI)
  • 57. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ? A Logical Language to express properties and their proofs (ALCQI) A Good (Normalizable) Natural Deduction for ALCQI
  • 58. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ? A Logical Language to express properties and their proofs (ALCQI) A Good (Normalizable) Natural Deduction for ALCQI Proof Patterns that yield good explanation (to come...)
  • 59. ALCQI KB related to UML Class Diagram [BerCalvGiac2005] D. Berardi et al. / Artificial Intelligence 168 (2005) 70–118 81 Fig. 12. UML class diagram of Example 2.5. 2.4. General constraints Origin ∀place.String Origin ∃place. (≤ 1 place) Origin ∃call.PhoneCall (≤ 1 call) ∃from.Phone (≤ 1 from) Disjointness and covering constraints are 1call) ∃from.CellPhone commonly used con- MobileOrigin ∃call.MobileCall (≤ in practice the most (≤ 1 from) straints in UML class diagrams. However, UML allows for other forms of constraints, PhoneCall (≥ 1 call− .Origin) (≤ 1 call− .Origin) − specifying class identifiers, ∀reference .PhoneBill ∀reference.PhoneCall functional dependencies for associations, and, more generally PhoneBill (≥ 1 reference− ) through the use of OCL [8], any form of (≤ 1 reference) PhoneCall (≥ 1 reference) constraint expressible in FOL. Note that, due to their expressive power, OCL constraints could in fact be used to express the semantics MobileCall PhoneCall of the standard UML class Origin MobileOrigin CellPhone diagram constructs. This is an indication that a liberal use of Phone OCL constraints can actually compromise the understandability of the diagram. Hence, FixedPhone Phone CellPhone ¬FixedPhone the use of constraints is typically limited. Also, unrestricted use of OCL constraints makes Phone CellPhone FixedPhone reasoning on a class diagram undecidable, since it amounts to full FOL reasoning. In the following, we will not consider general constraints.
  • 60. Towards a Natural Deduction for ALCQI A Sequent Calculus for ALC (EDOC2007, AOW2007, etc) A Proof Theory for ALC (Sequent Calculus [RadeHaeuPere2008,2009]) A Deterministic Sequent Calculus for ALC [RadeHaeuSBIA2008] Maude Implementations of S.C. Provers for ALC and ALCQI [Rade2009] A Good Natural Deduction for ALC [RadeHaeu2008-9] A Natural Deduction for ALCQI [RadeHaeu2009]
  • 61. ALC, ALCQI and further DLs ALC C ::= ⊥ | | A | ¬C | C1 C2 | C1 C2 | ∃R.C | ∀R.C ALCQI C ::= ⊥ | A | ¬C | C1 C2 | C1 C2 | ∃R.C | ∀R.C |≤ nR.C |≥ nR.C R ::= P | P − UML with OCL constraints SecureUML needs ID(C) role for each concept C for specifying uniqueness of a default in a concept. [BragaHaeu2009] ∀ID( ).A ∃ID( ).A A ≡ (= 1isdefault.(= 1isdefault − .Role))
  • 62. Labeling formulas of ALC Labeling Grammar: LL ::= R, LL | ∅ LR ::= R, LR | R(LL ), LR | ∅ C ::= LL C LR The ALC formula: ∃R2 .∀Q2 .∃R1 .∀Q1 .α is represented by the labeled formula: Q2 ,Q1 αR1 (Q2 ),R2
  • 63. A Natural Deduction to ALC L L L L1 (α β) α β αL2 -e -i Gen L L R,L1 α (α β) αL 2 [αL ] [β L ] . . . . . . . . αL βL (α β)L γ γ -i -i γ -e (α β) L (α β)L [L1 αL2 ] . . . . L2 L1 ⊥ L1 L1 L2 α L1 ¬α L2 L2 L1 ¬-i ∃R.αL2 ¬-e ∃-e L1 ⊥ L1 ¬α L2 αR(L1 ),L2 L1 R(L1 ),L2 L1 α ∀R.αL2 L1 ,R αL 2 ∃-i ∀-e ∀-i L1 ∃R.αL2 L1 ,R αL 2 L1 ∀R.αL2 L2 L1 [L1 αL2 ] . [ L1 ¬α L2 ] . . . . . . L1 . αL2 L1 L2 α M1 M2 β M1 M2 β ⊥ -e -i ⊥c M1 M2 L1 β αL2 M1 M2 β L1 L2 α
  • 64. A Natural Deduction for ALCQI
  • 65. Main properties of NALC Theorem NALCQI is complete regarding the standard semantics of ALC. Theorem NALCQI is sound regarding the standard semantics of ALC. if Ω γ then Ω |= γ. Fact The NALCQI -rules and ∃-rules are derived in ALCQI − { , ∃} . Lemma (Moving ⊥c downwards on branches) If Ω α in ALCQI − { , ∃} then there is a deduction Π of α from Ω, such that, each branch in Π has at most one application of ⊥c -rule, which is the last rule in it. Theorem (Eliminating maximal -formulas) If Π is a deduction of α from Ω, in the restricted system, then reductions there is a deduction Π of α from Ω without any maximal formulas. Fact SFP holds in ALC.
  • 66. ALCQI KB related to UML Class Diagram [BerCalvGiac2005] D. Berardi et al. / Artificial Intelligence 168 (2005) 70–118 81 Fig. 12. UML class diagram of Example 2.5. 2.4. General constraints Origin ∀place.String Origin ∃place. (≤ 1 place) Origin ∃call.PhoneCall (≤ 1 call) ∃from.Phone (≤ 1 from) Disjointness and covering constraints are 1call) ∃from.CellPhone commonly used con- MobileOrigin ∃call.MobileCall (≤ in practice the most (≤ 1 from) straints in UML class diagrams. However, UML allows for other forms of constraints, PhoneCall (≥ 1 call− .Origin) (≤ 1 call− .Origin) − specifying class identifiers, ∀reference .PhoneBill ∀reference.PhoneCall functional dependencies for associations, and, more generally PhoneBill (≥ 1 reference− ) through the use of OCL [8], any form of (≤ 1 reference) PhoneCall (≥ 1 reference) constraint expressible in FOL. Note that, due to their expressive power, OCL constraints could in fact be used to express the semantics MobileCall PhoneCall of the standard UML class Origin MobileOrigin CellPhone diagram constructs. This is an indication that a liberal use of Phone OCL constraints can actually compromise the understandability of the diagram. Hence, FixedPhone Phone CellPhone ¬FixedPhone the use of constraints is typically limited. Also, unrestricted use of OCL constraints makes Phone CellPhone FixedPhone reasoning on a class diagram undecidable, since it amounts to full FOL reasoning. In the following, we will not consider general constraints.
  • 67. Example : A Negative Testing An (incorrect) generalization (a CellPhone is a FixedPhone) is introduced in the KB.
  • 68. Example : A Negative Testing An (incorrect) generalization (a CellPhone is a FixedPhone) is introduced in the KB. CellPhone FixedPhone is added to KB.
  • 69. Example : A Negative Testing An (incorrect) generalization (a CellPhone is a FixedPhone) is introduced in the KB. CellPhone FixedPhone is added to KB. CellPhone is empty (inconsistent) . Cell ¬Fixed [Cell]1 Cell Fixed [Cell]1 ¬Fixed Fixed ⊥ 1 Cell ⊥
  • 70. Example: A False Positive in the new KB In the modified diagram, Phone ≡ FixedPhone can be drawn. This is not directly proved from the inconsistency of CellPhone.
  • 71. Example: A False Positive in the new KB In the modified diagram, Phone ≡ FixedPhone can be drawn. This is not directly proved from the inconsistency of CellPhone. It is shown that Phone FixedPhone since FixedPhone Phone is already an axiom of KB.
  • 72. Example: A False Positive in the new KB In the modified diagram, Phone ≡ FixedPhone can be drawn. This is not directly proved from the inconsistency of CellPhone. It is shown that Phone FixedPhone since FixedPhone Phone is already an axiom of KB. Proof: [Phone]1 Phone Cell Fixed [Cell] Cell Fixed Cell Fixed Fixed [Fixed] Fixed 1 Phone Fixed
  • 73. ALCQI KB related to UML Class Diagram [BerCalvGiac2005] D. Berardi et al. / Artificial Intelligence 168 (2005) 70–118 81 Fig. 12. UML class diagram of Example 2.5. 2.4. General constraints Origin ∀place.String Origin ∃place. (≤ 1 place) Origin ∃call.PhoneCall (≤ 1 call) ∃from.Phone (≤ 1 from) Disjointness and covering constraints are 1call) ∃from.CellPhone commonly used con- MobileOrigin ∃call.MobileCall (≤ in practice the most (≤ 1 from) straints in UML class diagrams. However, UML allows for other forms of constraints, PhoneCall (≥ 1 call− .Origin) (≤ 1 call− .Origin) − specifying class identifiers, ∀reference .PhoneBill ∀reference.PhoneCall functional dependencies for associations, and, more generally PhoneBill (≥ 1 reference− ) through the use of OCL [8], any form of (≤ 1 reference) PhoneCall (≥ 1 reference) constraint expressible in FOL. Note that, due to their expressive power, OCL constraints could in fact be used to express the semantics MobileCall PhoneCall of the standard UML class Origin MobileOrigin CellPhone diagram constructs. This is an indication that a liberal use of Phone OCL constraints can actually compromise the understandability of the diagram. Hence, FixedPhone Phone CellPhone ¬FixedPhone the use of constraints is typically limited. Also, unrestricted use of OCL constraints makes Phone CellPhone FixedPhone reasoning on a class diagram undecidable, since it amounts to full FOL reasoning. In the following, we will not consider general constraints.
  • 74. A Natural Deduction for ALCQI
  • 75. Example: A False Positive yielding a refining of KB
  • 76. Example: A False Positive yielding a refining of KB MobileCall participates on the association MobileOrigin with multiplicity 0..1, instead of the 0..* presented in the UML diagram
  • 77. Example: A False Positive yielding a refining of KB MobileCall participates on the association MobileOrigin with multiplicity 0..1, instead of the 0..* presented in the UML diagram Proof: [MC]1 MC PC MO O PC PC ≥ 1 c− .O ≤ 1 c− .O − 2 − − − − [≥ 2 c .MO] ≥ 2 c .MO ≥ 2 c .O ≥ 1 c .O ≤ 1 c .O ≥ 2 c− .O ≤ 1 c− .O ⊥ 2 ¬ ≥ 2 c− .MO 1 MC ¬ ≥ 2 c− .MO Sequent
  • 78. Conclusions Yes !! It is Important to explain a theorem !!! Advices
  • 79. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Advices
  • 80. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. Advices
  • 81. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices
  • 82. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices
  • 83. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices Conceptual Modeling in UML is not tractable (EXPTIME-complete)
  • 84. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices Conceptual Modeling in UML is not tractable (EXPTIME-complete) Unless CoNP = NP, proofs can be really huge !!! Introducing Cuts/Maximal formulas cannot reduce always the size of a proof.
  • 85. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices Conceptual Modeling in UML is not tractable (EXPTIME-complete) Unless CoNP = NP, proofs can be really huge !!! Introducing Cuts/Maximal formulas cannot reduce always the size of a proof.
  • 86. Curry-Howard Isomorphism The computational content of Intuitionistic Proofs Any Proof of α from γ1 , . . . , γn in IL corresponds to an algorithm that yields values of type α from any list of n values of types γ1 , . . . , γn , respectively IntuitionisticLogic Technically: Any proof π of α from γ1 , . . . , γn corresponds to a typed λ-term t(x1 , . . . , xn ) : α[x1 : γ1 , . . . , xn : γn ], such that any evaluation in t corresponds a normalization step in π, and vice-versa. return
  • 87. Seldin’s strategy to normalize Classical Proofs Moving the Classical Absurdity Rule towards the Conclusion of the proof Given any Classical derivation Π of α from Γ, one can transform Π into a derivation Π1 of α from Γ of the following form: Γ, [¬α]a Π1 a ⊥ α where Π1 is intuitionistic. reductions return
  • 88. Prawitz’s strategy to normalize Classical Proofs Moving the Classical Absurdity Rule towards atomic conclusions in the proof Given any Classical derivation Π of α from Γ, one can transform Π into a derivation Π1 of α from Γ where the Classical-⊥ has only atomic conclusions [¬(α ∧ β)]a Π ⊥ a α∧β Transforms into [α ∧ β]c [α ∧ β]a α [¬α] b β [¬β]d ⊥ ⊥ a c ¬(α ∧ β) ¬(α ∧ β) Π Π ⊥ ⊥ b d α β α∧β return
  • 89. Example of reduction [¬α]a [¬β]b Π1 Π2 ⊥ ⊥ a b α α α∧β Transforms into [α]a [β]b α∧β [¬(α ∧ β)]c ⊥ a ¬α Π1 ⊥ b ¬β Π2 ⊥ c α∧β other
  • 90. Normalizing reductions -reduction ∀-reduction Π1 Π2 Π1 L α Lβ L1 ,R αL2 L (α β) Π1 L1 ∀R.αL2 Π1 L L L1 ,R L2 L1 ,R α α α αL2 ¬-reduction -reduction L2 L1 L1 ¬α L2 [α] Π2 Π1 L2 L1 Π2 Π1 ⊥ Π2 L1 ¬α L2 β L2 L1 Π1 [α] L1 L2 α L1 ¬α L2 Π1 α α β Π2 ⊥ ⊥ β β return
  • 91. MC ¬ ≥ 2 c− .MO in Sequent Calculus MO ⇒ O MC ⇒ PC PC ⇒ ≥ 1 call− .O ≤ 1 call− .O ≥ 2 call− .MO ⇒ ≥ 2 call− .O MC ⇒ ≥ 1 call− .O ≤ 1 call− .O MC, ≥ 2 call− .MO ⇒ ≥ 2 call− .O MC, ≥ 2 call− .MO ⇒ ≥ 1 call− .O ≤ 1call− .O − − − − MC, ≥ 2 call .MO ⇒ ≥ 1 call .O ≤ 1call .O ≥ 2call .O MC, ≥ 2 call− .MO ⇒ ⊥ MC ⇒ ¬ ≥ 2 call− .MO return
  • 92. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 return
  • 93. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. return
  • 94. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. Corollary: Every formula in a proof of Γ ⇒ ∆ is subformula from at least one formula of Γ ∪ ∆. return
  • 95. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. Corollary: Every formula in a proof of Γ ⇒ ∆ is subformula from at least one formula of Γ ∪ ∆. Corollary: If the Haupsatz holds for a logic/theory L then this logic is consistent. (There is no proof of the empty sequent). return
  • 96. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. Corollary: Every formula in a proof of Γ ⇒ ∆ is subformula from at least one formula of Γ ∪ ∆. Corollary: If the Haupsatz holds for a logic/theory L then this logic is consistent. (There is no proof of the empty sequent). Gentzen proved that PA is consistent by means of Haupsatz. return
  • 97. Normalization and Normal Proofs A → B is maximal formula in a ND proof: [A] Π2 Π1 B A A→B B reduces to Π1 [A] Π2 B return
  • 98. Normalization and Normal Proofs A → B is maximal formula in a ND proof: [A] Π2 Π1 B A A→B B reduces to Π1 [A] Π2 B Normalization: Every derivation of α from ∆ can be transformed into a Normal derivation (without maximal formulas) of α from ∆ (∆ ⊆ ∆) return
  • 99. Normalization and Normal Proofs A → B is maximal formula in a ND proof: [A] Π2 Π1 B A A→B B reduces to Π1 [A] Π2 B Normalization: Every derivation of α from ∆ can be transformed into a Normal derivation (without maximal formulas) of α from ∆ (∆ ⊆ ∆) Corollary: Every formula in a proof of α from Γ is subformula of Γ or α. return
  • 100. Moving the ⊥ towards the conclusion of a derivation [Seldin1977] [¬A]a Π1 Π2 a ⊥ A B A∧B reduces to Π2 a [A] B A∧B [¬(A ∧ B)]b a ⊥ ¬A Π1 ⊥ b A∧B return
  • 101. Classical Logic × Intuitionistic Logic Theorem There are a, b ∈ R − Q, such that, ab ∈ Q A Classical Proof (Math Folklore) √ Consider a = b = 2. Then, either ab ∈ Q or ab ∈ √ In the first case Q. √ 2 √ we are done. In the second case, consider a = 2 and b = 2, hence, ab = 2 ∈ Q. An Intuitionistic (constructive) proof (E. Bishop) √ Consider a = 2 and b = 2log2 (3). We have a, b ∈ Q and ab = 3 ∈ Q return