Upcoming SlideShare
×

# Is it important to explain a theorem? A case study in UML and ALCQI

530 views

Published on

presented at Ethecom 2009 (workshop of ER 2009, Gramado, RS)

Published in: Education, Technology
0 Likes
Statistics
Notes
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

• Be the first to like this

Views
Total views
530
On SlideShare
0
From Embeds
0
Number of Embeds
16
Actions
Shares
0
5
0
Likes
0
Embeds 0
No embeds

No notes for slide

### Is it important to explain a theorem? A case study in UML and ALCQI

1. 1. Is It Important to Explain a Theorem? A Case Study on UML and ALCQI Edward Hermann Haeusler Alexandre Rademaker Departamento de Informática - PUC-Rio - Brasil Ethecom 2009
2. 2. Conceptual Modelling from a Logical Point of View Main Steps Additional Observations
3. 3. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. Additional Observations
4. 4. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. Additional Observations
5. 5. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Deﬁne your terminology (non-logical linguistic terms). Additional Observations
6. 6. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Deﬁne your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). Additional Observations
7. 7. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Deﬁne your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations
8. 8. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Deﬁne your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations Steps 1 and 2 may be facilitated by the use of an informal notation (UML, ER, FlowCharts, etc) and their respective methodology, but it is essentially “Black Art” (cf. Maibaum).
9. 9. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Deﬁne your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations Steps 1 and 2 may be facilitated by the use of an informal notation (UML, ER, FlowCharts, etc) and their respective methodology, but it is essentially “Black Art” (cf. Maibaum). Step 5 full-ﬁlling demands quite a lot of knowledge of the Model.
10. 10. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Deﬁne your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations Steps 1 and 2 may be facilitated by the use of an informal notation (UML, ER, FlowCharts, etc) and their respective methodology, but it is essentially “Black Art” (cf. Maibaum). Step 5 full-ﬁlling demands quite a lot of knowledge of the Model. Step 5 essentially provides ﬁnitely many tests as support for the correctness of an inﬁnite quantiﬁcation.
11. 11. The Validation Cycle Figure: Reﬁnements and Cascaded Validation
12. 12. Validation of (Formal?) Speciﬁcations The Scientiﬁc Basis of our approach
13. 13. Validation of (Formal?) Speciﬁcations The Scientiﬁc Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc].
14. 14. Validation of (Formal?) Speciﬁcations The Scientiﬁc Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Speciﬁcations as Scientiﬁc Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc.
15. 15. Validation of (Formal?) Speciﬁcations The Scientiﬁc Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Speciﬁcations as Scientiﬁc Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc. Popper’s Falseability Principle drives (formal) validation analysis.
16. 16. Validation of (Formal?) Speciﬁcations The Scientiﬁc Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Speciﬁcations as Scientiﬁc Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc. Popper’s Falseability Principle drives (formal) validation analysis. Correctness ⇔ Positives and False Positives.
17. 17. Validation of (Formal?) Speciﬁcations The Scientiﬁc Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Speciﬁcations as Scientiﬁc Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc. Popper’s Falseability Principle drives (formal) validation analysis. Correctness ⇔ Positives and False Positives. Completeness ⇔ Negatives and False Negatives.
18. 18. Positives, False Negatives, False Positives Is anything true about Truth ?? Is anything wrong with the Truth ?? Is anything true about Falsity ??
19. 19. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Is anything wrong with the Truth ?? Is anything true about Falsity ??
20. 20. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? Is anything true about Falsity ??
21. 21. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. Is anything true about Falsity ??
22. 22. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Is anything true about Falsity ??
23. 23. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Is anything true about Falsity ??
24. 24. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Explanations from counter-examples. Is anything true about Falsity ??
25. 25. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Explanations from counter-examples. Is anything true about Falsity ?? M |= φ, but Spec(M) φ.
26. 26. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Explanations from counter-examples. Is anything true about Falsity ?? M |= φ, but Spec(M) φ. Why does this false proposition hold ?? Provide me a proof of φ.
27. 27. Existing Deductive Systems Paradigms 1. Aristotle’s Syllogisms (300 B.C.) 2. Axiomatic (Frege1879, Hilbert, Russell). 3. Natural Deduction (Jaskowski1929,Gentzen1934-5, Prawitz1965) 4. Sequent Calculus (Gentzen1934-5) 5. Tableaux (Beth 1955, Smullyan1964) 6. Resolution-Based (A.Robinson1965)
28. 28. Conceptual Modelling: Some motivation on explaining a theorem Consider an ontology/KB containing: (Quad ∧ PissOnFireHydrant) → Dog
29. 29. Conceptual Modelling: Some motivation on explaining a theorem Consider an ontology/KB containing: (Quad ∧ PissOnFireHydrant) → Dog This KB draws (Quad → Dog) ∨ (PissOnFireHidrant → Dog)
30. 30. Conceptual Modelling: Some motivation on explaining a theorem Verifying this using Tableaux: V Quad ∧ PoFH → Dog F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F PoFH → Dog V Quad F Dog V PoFH F Dog F Quad ∧ PoFH V Dog F Quad F PoFH
33. 33. Conceptual Modelling: Some motivation on explaining a theorem Yet another Tableaux: V Quad ∧ PoFH → Dog and many more..... F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F PoFH → Dog F Quad ∧ PoFH V Dog V Quad F Quad F PoFH V Quad F Dog V Quad F Dog F Dog V PoFH F Dog
39. 39. In Natural Deduction THE other (normal) proof [Quad]a [PoFH]b Quad ∧ PoFH Quad ∧ PoFH → Dog Dog b PoFH → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ Dog a Quad → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ c (Quad → Dog) ∨ (PoFH → Dog)
40. 40. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP).
41. 41. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP). Cut-Elimination in S.C entails SFP. Haupsatz
42. 42. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP). Cut-Elimination in S.C entails SFP. Haupsatz Normalization in N.D. entails SFP. Normalization
43. 43. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP). Cut-Elimination in S.C entails SFP. Haupsatz Normalization in N.D. entails SFP. Normalization Strongly related to analytic Tableaux based procedures.
44. 44. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons Technical reasons
45. 45. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons “Fewer” proofs of a proposition when compared to other Deductive Systems. Technical reasons Natural Deduction reveals the computational content of a proof. CH-Isomorphism
46. 46. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons “Fewer” proofs of a proposition when compared to other Deductive Systems. “More” structure and existence of speciﬁc patterns to help paragraph construction in NL. Technical reasons Natural Deduction reveals the computational content of a proof. CH-Isomorphism The prover can choose the pattern it wants the proof should have. Seldin Prawitz
47. 47. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons “Fewer” proofs of a proposition when compared to other Deductive Systems. “More” structure and existence of speciﬁc patterns to help paragraph construction in NL. Working hypothesis: “Optimal explanations should be tailored from well-known proof patterns” Technical reasons Natural Deduction reveals the computational content of a proof. CH-Isomorphism The prover can choose the pattern it wants the proof should have. Seldin Prawitz
48. 48. Conceptual Modelling in UML and ER The Informal Side The Logical Side
49. 49. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. The Logical Side
50. 50. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. Lacking of a formal consistency checking. The Logical Side
51. 51. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. Lacking of a formal consistency checking. The Logical Side FOL cannot provide checking of KB consistency.
52. 52. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. Lacking of a formal consistency checking. The Logical Side FOL cannot provide checking of KB consistency. Decidable logics seems to be more adequate.
53. 53. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML
54. 54. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular.
55. 55. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ?
56. 56. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ? A Logical Language to express properties and their proofs (ALCQI)
57. 57. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ? A Logical Language to express properties and their proofs (ALCQI) A Good (Normalizable) Natural Deduction for ALCQI
58. 58. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ? A Logical Language to express properties and their proofs (ALCQI) A Good (Normalizable) Natural Deduction for ALCQI Proof Patterns that yield good explanation (to come...)
59. 59. ALCQI KB related to UML Class Diagram [BerCalvGiac2005] D. Berardi et al. / Artiﬁcial Intelligence 168 (2005) 70–118 81 Fig. 12. UML class diagram of Example 2.5. 2.4. General constraints Origin ∀place.String Origin ∃place. (≤ 1 place) Origin ∃call.PhoneCall (≤ 1 call) ∃from.Phone (≤ 1 from) Disjointness and covering constraints are 1call) ∃from.CellPhone commonly used con- MobileOrigin ∃call.MobileCall (≤ in practice the most (≤ 1 from) straints in UML class diagrams. However, UML allows for other forms of constraints, PhoneCall (≥ 1 call− .Origin) (≤ 1 call− .Origin) − specifying class identiﬁers, ∀reference .PhoneBill ∀reference.PhoneCall functional dependencies for associations, and, more generally PhoneBill (≥ 1 reference− ) through the use of OCL [8], any form of (≤ 1 reference) PhoneCall (≥ 1 reference) constraint expressible in FOL. Note that, due to their expressive power, OCL constraints could in fact be used to express the semantics MobileCall PhoneCall of the standard UML class Origin MobileOrigin CellPhone diagram constructs. This is an indication that a liberal use of Phone OCL constraints can actually compromise the understandability of the diagram. Hence, FixedPhone Phone CellPhone ¬FixedPhone the use of constraints is typically limited. Also, unrestricted use of OCL constraints makes Phone CellPhone FixedPhone reasoning on a class diagram undecidable, since it amounts to full FOL reasoning. In the following, we will not consider general constraints.
60. 60. Towards a Natural Deduction for ALCQI A Sequent Calculus for ALC (EDOC2007, AOW2007, etc) A Proof Theory for ALC (Sequent Calculus [RadeHaeuPere2008,2009]) A Deterministic Sequent Calculus for ALC [RadeHaeuSBIA2008] Maude Implementations of S.C. Provers for ALC and ALCQI [Rade2009] A Good Natural Deduction for ALC [RadeHaeu2008-9] A Natural Deduction for ALCQI [RadeHaeu2009]
61. 61. ALC, ALCQI and further DLs ALC C ::= ⊥ | | A | ¬C | C1 C2 | C1 C2 | ∃R.C | ∀R.C ALCQI C ::= ⊥ | A | ¬C | C1 C2 | C1 C2 | ∃R.C | ∀R.C |≤ nR.C |≥ nR.C R ::= P | P − UML with OCL constraints SecureUML needs ID(C) role for each concept C for specifying uniqueness of a default in a concept. [BragaHaeu2009] ∀ID( ).A ∃ID( ).A A ≡ (= 1isdefault.(= 1isdefault − .Role))
62. 62. Labeling formulas of ALC Labeling Grammar: LL ::= R, LL | ∅ LR ::= R, LR | R(LL ), LR | ∅ C ::= LL C LR The ALC formula: ∃R2 .∀Q2 .∃R1 .∀Q1 .α is represented by the labeled formula: Q2 ,Q1 αR1 (Q2 ),R2
63. 63. A Natural Deduction to ALC L L L L1 (α β) α β αL2 -e -i Gen L L R,L1 α (α β) αL 2 [αL ] [β L ] . . . . . . . . αL βL (α β)L γ γ -i -i γ -e (α β) L (α β)L [L1 αL2 ] . . . . L2 L1 ⊥ L1 L1 L2 α L1 ¬α L2 L2 L1 ¬-i ∃R.αL2 ¬-e ∃-e L1 ⊥ L1 ¬α L2 αR(L1 ),L2 L1 R(L1 ),L2 L1 α ∀R.αL2 L1 ,R αL 2 ∃-i ∀-e ∀-i L1 ∃R.αL2 L1 ,R αL 2 L1 ∀R.αL2 L2 L1 [L1 αL2 ] . [ L1 ¬α L2 ] . . . . . . L1 . αL2 L1 L2 α M1 M2 β M1 M2 β ⊥ -e -i ⊥c M1 M2 L1 β αL2 M1 M2 β L1 L2 α
64. 64. A Natural Deduction for ALCQI
65. 65. Main properties of NALC Theorem NALCQI is complete regarding the standard semantics of ALC. Theorem NALCQI is sound regarding the standard semantics of ALC. if Ω γ then Ω |= γ. Fact The NALCQI -rules and ∃-rules are derived in ALCQI − { , ∃} . Lemma (Moving ⊥c downwards on branches) If Ω α in ALCQI − { , ∃} then there is a deduction Π of α from Ω, such that, each branch in Π has at most one application of ⊥c -rule, which is the last rule in it. Theorem (Eliminating maximal -formulas) If Π is a deduction of α from Ω, in the restricted system, then reductions there is a deduction Π of α from Ω without any maximal formulas. Fact SFP holds in ALC.
66. 66. ALCQI KB related to UML Class Diagram [BerCalvGiac2005] D. Berardi et al. / Artiﬁcial Intelligence 168 (2005) 70–118 81 Fig. 12. UML class diagram of Example 2.5. 2.4. General constraints Origin ∀place.String Origin ∃place. (≤ 1 place) Origin ∃call.PhoneCall (≤ 1 call) ∃from.Phone (≤ 1 from) Disjointness and covering constraints are 1call) ∃from.CellPhone commonly used con- MobileOrigin ∃call.MobileCall (≤ in practice the most (≤ 1 from) straints in UML class diagrams. However, UML allows for other forms of constraints, PhoneCall (≥ 1 call− .Origin) (≤ 1 call− .Origin) − specifying class identiﬁers, ∀reference .PhoneBill ∀reference.PhoneCall functional dependencies for associations, and, more generally PhoneBill (≥ 1 reference− ) through the use of OCL [8], any form of (≤ 1 reference) PhoneCall (≥ 1 reference) constraint expressible in FOL. Note that, due to their expressive power, OCL constraints could in fact be used to express the semantics MobileCall PhoneCall of the standard UML class Origin MobileOrigin CellPhone diagram constructs. This is an indication that a liberal use of Phone OCL constraints can actually compromise the understandability of the diagram. Hence, FixedPhone Phone CellPhone ¬FixedPhone the use of constraints is typically limited. Also, unrestricted use of OCL constraints makes Phone CellPhone FixedPhone reasoning on a class diagram undecidable, since it amounts to full FOL reasoning. In the following, we will not consider general constraints.
67. 67. Example : A Negative Testing An (incorrect) generalization (a CellPhone is a FixedPhone) is introduced in the KB.
68. 68. Example : A Negative Testing An (incorrect) generalization (a CellPhone is a FixedPhone) is introduced in the KB. CellPhone FixedPhone is added to KB.
69. 69. Example : A Negative Testing An (incorrect) generalization (a CellPhone is a FixedPhone) is introduced in the KB. CellPhone FixedPhone is added to KB. CellPhone is empty (inconsistent) . Cell ¬Fixed [Cell]1 Cell Fixed [Cell]1 ¬Fixed Fixed ⊥ 1 Cell ⊥
70. 70. Example: A False Positive in the new KB In the modiﬁed diagram, Phone ≡ FixedPhone can be drawn. This is not directly proved from the inconsistency of CellPhone.
71. 71. Example: A False Positive in the new KB In the modiﬁed diagram, Phone ≡ FixedPhone can be drawn. This is not directly proved from the inconsistency of CellPhone. It is shown that Phone FixedPhone since FixedPhone Phone is already an axiom of KB.
72. 72. Example: A False Positive in the new KB In the modiﬁed diagram, Phone ≡ FixedPhone can be drawn. This is not directly proved from the inconsistency of CellPhone. It is shown that Phone FixedPhone since FixedPhone Phone is already an axiom of KB. Proof: [Phone]1 Phone Cell Fixed [Cell] Cell Fixed Cell Fixed Fixed [Fixed] Fixed 1 Phone Fixed
73. 73. ALCQI KB related to UML Class Diagram [BerCalvGiac2005] D. Berardi et al. / Artiﬁcial Intelligence 168 (2005) 70–118 81 Fig. 12. UML class diagram of Example 2.5. 2.4. General constraints Origin ∀place.String Origin ∃place. (≤ 1 place) Origin ∃call.PhoneCall (≤ 1 call) ∃from.Phone (≤ 1 from) Disjointness and covering constraints are 1call) ∃from.CellPhone commonly used con- MobileOrigin ∃call.MobileCall (≤ in practice the most (≤ 1 from) straints in UML class diagrams. However, UML allows for other forms of constraints, PhoneCall (≥ 1 call− .Origin) (≤ 1 call− .Origin) − specifying class identiﬁers, ∀reference .PhoneBill ∀reference.PhoneCall functional dependencies for associations, and, more generally PhoneBill (≥ 1 reference− ) through the use of OCL [8], any form of (≤ 1 reference) PhoneCall (≥ 1 reference) constraint expressible in FOL. Note that, due to their expressive power, OCL constraints could in fact be used to express the semantics MobileCall PhoneCall of the standard UML class Origin MobileOrigin CellPhone diagram constructs. This is an indication that a liberal use of Phone OCL constraints can actually compromise the understandability of the diagram. Hence, FixedPhone Phone CellPhone ¬FixedPhone the use of constraints is typically limited. Also, unrestricted use of OCL constraints makes Phone CellPhone FixedPhone reasoning on a class diagram undecidable, since it amounts to full FOL reasoning. In the following, we will not consider general constraints.
74. 74. A Natural Deduction for ALCQI
75. 75. Example: A False Positive yielding a reﬁning of KB
76. 76. Example: A False Positive yielding a reﬁning of KB MobileCall participates on the association MobileOrigin with multiplicity 0..1, instead of the 0..* presented in the UML diagram
77. 77. Example: A False Positive yielding a reﬁning of KB MobileCall participates on the association MobileOrigin with multiplicity 0..1, instead of the 0..* presented in the UML diagram Proof: [MC]1 MC PC MO O PC PC ≥ 1 c− .O ≤ 1 c− .O − 2 − − − − [≥ 2 c .MO] ≥ 2 c .MO ≥ 2 c .O ≥ 1 c .O ≤ 1 c .O ≥ 2 c− .O ≤ 1 c− .O ⊥ 2 ¬ ≥ 2 c− .MO 1 MC ¬ ≥ 2 c− .MO Sequent
78. 78. Conclusions Yes !! It is Important to explain a theorem !!! Advices
79. 79. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Advices
80. 80. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. Advices
81. 81. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices
82. 82. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices
83. 83. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices Conceptual Modeling in UML is not tractable (EXPTIME-complete)
84. 84. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices Conceptual Modeling in UML is not tractable (EXPTIME-complete) Unless CoNP = NP, proofs can be really huge !!! Introducing Cuts/Maximal formulas cannot reduce always the size of a proof.
85. 85. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices Conceptual Modeling in UML is not tractable (EXPTIME-complete) Unless CoNP = NP, proofs can be really huge !!! Introducing Cuts/Maximal formulas cannot reduce always the size of a proof.
86. 86. Curry-Howard Isomorphism The computational content of Intuitionistic Proofs Any Proof of α from γ1 , . . . , γn in IL corresponds to an algorithm that yields values of type α from any list of n values of types γ1 , . . . , γn , respectively IntuitionisticLogic Technically: Any proof π of α from γ1 , . . . , γn corresponds to a typed λ-term t(x1 , . . . , xn ) : α[x1 : γ1 , . . . , xn : γn ], such that any evaluation in t corresponds a normalization step in π, and vice-versa. return
87. 87. Seldin’s strategy to normalize Classical Proofs Moving the Classical Absurdity Rule towards the Conclusion of the proof Given any Classical derivation Π of α from Γ, one can transform Π into a derivation Π1 of α from Γ of the following form: Γ, [¬α]a Π1 a ⊥ α where Π1 is intuitionistic. reductions return
88. 88. Prawitz’s strategy to normalize Classical Proofs Moving the Classical Absurdity Rule towards atomic conclusions in the proof Given any Classical derivation Π of α from Γ, one can transform Π into a derivation Π1 of α from Γ where the Classical-⊥ has only atomic conclusions [¬(α ∧ β)]a Π ⊥ a α∧β Transforms into [α ∧ β]c [α ∧ β]a α [¬α] b β [¬β]d ⊥ ⊥ a c ¬(α ∧ β) ¬(α ∧ β) Π Π ⊥ ⊥ b d α β α∧β return
89. 89. Example of reduction [¬α]a [¬β]b Π1 Π2 ⊥ ⊥ a b α α α∧β Transforms into [α]a [β]b α∧β [¬(α ∧ β)]c ⊥ a ¬α Π1 ⊥ b ¬β Π2 ⊥ c α∧β other
90. 90. Normalizing reductions -reduction ∀-reduction Π1 Π2 Π1 L α Lβ L1 ,R αL2 L (α β) Π1 L1 ∀R.αL2 Π1 L L L1 ,R L2 L1 ,R α α α αL2 ¬-reduction -reduction L2 L1 L1 ¬α L2 [α] Π2 Π1 L2 L1 Π2 Π1 ⊥ Π2 L1 ¬α L2 β L2 L1 Π1 [α] L1 L2 α L1 ¬α L2 Π1 α α β Π2 ⊥ ⊥ β β return
91. 91. MC ¬ ≥ 2 c− .MO in Sequent Calculus MO ⇒ O MC ⇒ PC PC ⇒ ≥ 1 call− .O ≤ 1 call− .O ≥ 2 call− .MO ⇒ ≥ 2 call− .O MC ⇒ ≥ 1 call− .O ≤ 1 call− .O MC, ≥ 2 call− .MO ⇒ ≥ 2 call− .O MC, ≥ 2 call− .MO ⇒ ≥ 1 call− .O ≤ 1call− .O − − − − MC, ≥ 2 call .MO ⇒ ≥ 1 call .O ≤ 1call .O ≥ 2call .O MC, ≥ 2 call− .MO ⇒ ⊥ MC ⇒ ¬ ≥ 2 call− .MO return
92. 92. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 return
93. 93. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. return
94. 94. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. Corollary: Every formula in a proof of Γ ⇒ ∆ is subformula from at least one formula of Γ ∪ ∆. return
95. 95. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. Corollary: Every formula in a proof of Γ ⇒ ∆ is subformula from at least one formula of Γ ∪ ∆. Corollary: If the Haupsatz holds for a logic/theory L then this logic is consistent. (There is no proof of the empty sequent). return
96. 96. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. Corollary: Every formula in a proof of Γ ⇒ ∆ is subformula from at least one formula of Γ ∪ ∆. Corollary: If the Haupsatz holds for a logic/theory L then this logic is consistent. (There is no proof of the empty sequent). Gentzen proved that PA is consistent by means of Haupsatz. return
97. 97. Normalization and Normal Proofs A → B is maximal formula in a ND proof: [A] Π2 Π1 B A A→B B reduces to Π1 [A] Π2 B return
98. 98. Normalization and Normal Proofs A → B is maximal formula in a ND proof: [A] Π2 Π1 B A A→B B reduces to Π1 [A] Π2 B Normalization: Every derivation of α from ∆ can be transformed into a Normal derivation (without maximal formulas) of α from ∆ (∆ ⊆ ∆) return
99. 99. Normalization and Normal Proofs A → B is maximal formula in a ND proof: [A] Π2 Π1 B A A→B B reduces to Π1 [A] Π2 B Normalization: Every derivation of α from ∆ can be transformed into a Normal derivation (without maximal formulas) of α from ∆ (∆ ⊆ ∆) Corollary: Every formula in a proof of α from Γ is subformula of Γ or α. return
100. 100. Moving the ⊥ towards the conclusion of a derivation [Seldin1977] [¬A]a Π1 Π2 a ⊥ A B A∧B reduces to Π2 a [A] B A∧B [¬(A ∧ B)]b a ⊥ ¬A Π1 ⊥ b A∧B return
101. 101. Classical Logic × Intuitionistic Logic Theorem There are a, b ∈ R − Q, such that, ab ∈ Q A Classical Proof (Math Folklore) √ Consider a = b = 2. Then, either ab ∈ Q or ab ∈ √ In the ﬁrst case Q. √ 2 √ we are done. In the second case, consider a = 2 and b = 2, hence, ab = 2 ∈ Q. An Intuitionistic (constructive) proof (E. Bishop) √ Consider a = 2 and b = 2log2 (3). We have a, b ∈ Q and ab = 3 ∈ Q return