Is it important to explain a theorem? A case study in UML and ALCQI

530 views

Published on

presented at Ethecom 2009 (workshop of ER 2009, Gramado, RS)

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
530
On SlideShare
0
From Embeds
0
Number of Embeds
16
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Is it important to explain a theorem? A case study in UML and ALCQI

  1. 1. Is It Important to Explain a Theorem? A Case Study on UML and ALCQI Edward Hermann Haeusler Alexandre Rademaker Departamento de Informática - PUC-Rio - Brasil Ethecom 2009
  2. 2. Conceptual Modelling from a Logical Point of View Main Steps Additional Observations
  3. 3. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. Additional Observations
  4. 4. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. Additional Observations
  5. 5. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). Additional Observations
  6. 6. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). Additional Observations
  7. 7. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations
  8. 8. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations Steps 1 and 2 may be facilitated by the use of an informal notation (UML, ER, FlowCharts, etc) and their respective methodology, but it is essentially “Black Art” (cf. Maibaum).
  9. 9. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations Steps 1 and 2 may be facilitated by the use of an informal notation (UML, ER, FlowCharts, etc) and their respective methodology, but it is essentially “Black Art” (cf. Maibaum). Step 5 full-filling demands quite a lot of knowledge of the Model.
  10. 10. Conceptual Modelling from a Logical Point of View Main Steps 1. Observe the “World”. 2. Determine what is relevant. 3. Choose/Define your terminology (non-logical linguistic terms). 4. Write down the main laws governing your “World” (Axioms). 5. Verify the correctness (sometimes completeness too) of your set of Laws. Additional Observations Steps 1 and 2 may be facilitated by the use of an informal notation (UML, ER, FlowCharts, etc) and their respective methodology, but it is essentially “Black Art” (cf. Maibaum). Step 5 full-filling demands quite a lot of knowledge of the Model. Step 5 essentially provides finitely many tests as support for the correctness of an infinite quantification.
  11. 11. The Validation Cycle Figure: Refinements and Cascaded Validation
  12. 12. Validation of (Formal?) Specifications The Scientific Basis of our approach
  13. 13. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc].
  14. 14. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Specifications as Scientific Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc.
  15. 15. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Specifications as Scientific Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc. Popper’s Falseability Principle drives (formal) validation analysis.
  16. 16. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Specifications as Scientific Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc. Popper’s Falseability Principle drives (formal) validation analysis. Correctness ⇔ Positives and False Positives.
  17. 17. Validation of (Formal?) Specifications The Scientific Basis of our approach Results/analysis of the philosophy of science are compared to software validation [Haeberer98, Maibaum01, Cengarle98, C. George05, etc]. Formal Specifications as Scientific Theories ⇒ Observable terms, Theoretical terms, Evidences, Refutations, False Negatives, False positives, etc. Popper’s Falseability Principle drives (formal) validation analysis. Correctness ⇔ Positives and False Positives. Completeness ⇔ Negatives and False Negatives.
  18. 18. Positives, False Negatives, False Positives Is anything true about Truth ?? Is anything wrong with the Truth ?? Is anything true about Falsity ??
  19. 19. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Is anything wrong with the Truth ?? Is anything true about Falsity ??
  20. 20. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? Is anything true about Falsity ??
  21. 21. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. Is anything true about Falsity ??
  22. 22. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Is anything true about Falsity ??
  23. 23. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Is anything true about Falsity ??
  24. 24. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Explanations from counter-examples. Is anything true about Falsity ??
  25. 25. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Explanations from counter-examples. Is anything true about Falsity ?? M |= φ, but Spec(M) φ.
  26. 26. Positives, False Negatives, False Positives Is anything true about Truth ?? M |= φ and Spec(M) φ. Why is φ truth ?? Provide me a proof of φ. Is anything wrong with the Truth ?? M |= φ, but Spec(M) |= φ. A counter-model is found. Why is this a counter-model ?? Model-Checking based reasoning is of great help !! Explanations from counter-examples. Is anything true about Falsity ?? M |= φ, but Spec(M) φ. Why does this false proposition hold ?? Provide me a proof of φ.
  27. 27. Existing Deductive Systems Paradigms 1. Aristotle’s Syllogisms (300 B.C.) 2. Axiomatic (Frege1879, Hilbert, Russell). 3. Natural Deduction (Jaskowski1929,Gentzen1934-5, Prawitz1965) 4. Sequent Calculus (Gentzen1934-5) 5. Tableaux (Beth 1955, Smullyan1964) 6. Resolution-Based (A.Robinson1965)
  28. 28. Conceptual Modelling: Some motivation on explaining a theorem Consider an ontology/KB containing: (Quad ∧ PissOnFireHydrant) → Dog
  29. 29. Conceptual Modelling: Some motivation on explaining a theorem Consider an ontology/KB containing: (Quad ∧ PissOnFireHydrant) → Dog This KB draws (Quad → Dog) ∨ (PissOnFireHidrant → Dog)
  30. 30. Conceptual Modelling: Some motivation on explaining a theorem Verifying this using Tableaux: V Quad ∧ PoFH → Dog F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F PoFH → Dog V Quad F Dog V PoFH F Dog F Quad ∧ PoFH V Dog F Quad F PoFH
  31. 31. Conceptual Modelling: Some motivation on explaining a theorem Another tableaux proof of Quad ∧ PoFH → Dog (Quad → Dog) ∨ (PoFH → Dog): V Quad ∧ PoFH → Dog F Quad ∧ PoFH V Dog F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F (Quad → Dog) F PoFH → Dog F PoFH → Dog V Quad V Quad F Dog F Dog V PoFH F Dog F Quad F PoFH
  32. 32. Conceptual Modelling: Some motivation on explaining a theorem One more tableaux proof of Quad ∧ PoFH → Dog (Quad → Dog) ∨ (PoFH → Dog): V Quad ∧ PoFH → Dog F Quad ∧ PoFH V Dog F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F Quad F PoFH F PoFH → Dog F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) ∨ (PoFH → Dog) V Quad F (Quad → Dog) F (Quad → Dog) F Dog F PoFH → Dog F PoFH → Dog V Quad V PoFH F Dog F Dog
  33. 33. Conceptual Modelling: Some motivation on explaining a theorem Yet another Tableaux: V Quad ∧ PoFH → Dog and many more..... F (Quad → Dog) ∨ (PoFH → Dog) F (Quad → Dog) F PoFH → Dog F Quad ∧ PoFH V Dog V Quad F Quad F PoFH V Quad F Dog V Quad F Dog F Dog V PoFH F Dog
  34. 34. In Sequent Calculus A proof that KB (Quad → Dog) ∨ (PoFH → Dog) Quad ⇒ Quad PoFH ⇒ PoFH Quad, PoFH ⇒ Quad Quad, PoFH ⇒ PoFH Quad, PoFH ⇒ Quad ∧ PoFH Dog ⇒ Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog, Dog KB ⇒ PoFH ∧ Quad → Dog PoFH, PoFH ∧ Quad → Dog ⇒ (Quad → Dog), Dog PoFH, KB ⇒ (Quad → Dog), Dog KB ⇒ (Quad → Dog), (PoFH → Dog) KB ⇒ (Quad → Dog) ∨ (PoFH → Dog)
  35. 35. In Sequent Calculus Other proof that KB (Quad → Dog) ∨ (PoFH → Dog) Quad ⇒ Quad PoFH ⇒ PoFH Quad, PoFH ⇒ Quad Quad, PoFH ⇒ PoFH Quad, PoFH ⇒ Quad ∧ PoFH Dog ⇒ Dog KB ⇒ PoFH ∧ Quad → Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog KB, Quad, PoFH ⇒ Dog KB, Quad, PoFH ⇒ Dog, Dog KB, PoFH ⇒ (Quad → Dog), Dog KB ⇒ (Quad → Dog), (PoFH → Dog) KB ⇒ (Quad → Dog) ∨ (PoFH → Dog)
  36. 36. In Sequent Calculus One more proof that KB (Quad → Dog) ∨ (PoFH → Dog) Quad ⇒ Quad PoFH ⇒ PoFH Quad, PoFH ⇒ Quad Quad, PoFH ⇒ PoFH Quad, PoFH ⇒ Quad ∧ PoFH Dog ⇒ Dog KB ⇒ PoFH ∧ Quad → Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog KB, Quad, PoFH ⇒ Dog KB, PoFH ⇒ (Quad → Dog) KB, PoFH ⇒ (Quad → Dog), Dog KB ⇒ (Quad → Dog), (PoFH → Dog) KB ⇒ (Quad → Dog) ∨ (PoFH → Dog)
  37. 37. In Sequent Calculus Yet another proof that KB (Quad → Dog) ∨ (PoFH → Dog) Quad ⇒ Quad PoFH ⇒ PoFH Quad, PoFH ⇒ Quad Quad, PoFH ⇒ PoFH Dog ⇒ Dog Quad, PoFH ⇒ Quad ∧ PoFH Dog ⇒ Dog, Dog KB ⇒ PoFH ∧ Quad → Dog Quad, PoFH, PoFH ∧ Quad → Dog ⇒ Dog, Dog KB, Quad, PoFH ⇒ Dog, Dog KB, PoFH ⇒ (Quad → Dog), Dog KB, PoFH ⇒ (Quad → Dog), Dog KB ⇒ (Quad → Dog), (PoFH → Dog) KB ⇒ (Quad → Dog) ∨ (PoFH → Dog) and many more...
  38. 38. In Natural Deduction A (normal) proof [Quad]a [PoFH]b Quad ∧ PoFH Quad ∧ PoFH → Dog Dog b PoFH → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ a [Quad]d ¬Quad ⊥ Dog d Quad → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ c (Quad → Dog) ∨ (PoFH → Dog)
  39. 39. In Natural Deduction THE other (normal) proof [Quad]a [PoFH]b Quad ∧ PoFH Quad ∧ PoFH → Dog Dog b PoFH → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ Dog a Quad → Dog (Quad → Dog) ∨ (PoFH → Dog) [¬((Quad → Dog) ∨ (PoFH → Dog))]c ⊥ c (Quad → Dog) ∨ (PoFH → Dog)
  40. 40. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP).
  41. 41. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP). Cut-Elimination in S.C entails SFP. Haupsatz
  42. 42. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP). Cut-Elimination in S.C entails SFP. Haupsatz Normalization in N.D. entails SFP. Normalization
  43. 43. Fundamental facts on Automating S.C. and N.D. Analyticity Every proof of Γ α has only occurrences of sub-formulas of Γ and α (Sub-formula Principle SFP). Cut-Elimination in S.C entails SFP. Haupsatz Normalization in N.D. entails SFP. Normalization Strongly related to analytic Tableaux based procedures.
  44. 44. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons Technical reasons
  45. 45. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons “Fewer” proofs of a proposition when compared to other Deductive Systems. Technical reasons Natural Deduction reveals the computational content of a proof. CH-Isomorphism
  46. 46. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons “Fewer” proofs of a proposition when compared to other Deductive Systems. “More” structure and existence of specific patterns to help paragraph construction in NL. Technical reasons Natural Deduction reveals the computational content of a proof. CH-Isomorphism The prover can choose the pattern it wants the proof should have. Seldin Prawitz
  47. 47. Arguments in favour of Natural Deduction as a basis for theorem explanation Common Sense and Intuitive reasons “Fewer” proofs of a proposition when compared to other Deductive Systems. “More” structure and existence of specific patterns to help paragraph construction in NL. Working hypothesis: “Optimal explanations should be tailored from well-known proof patterns” Technical reasons Natural Deduction reveals the computational content of a proof. CH-Isomorphism The prover can choose the pattern it wants the proof should have. Seldin Prawitz
  48. 48. Conceptual Modelling in UML and ER The Informal Side The Logical Side
  49. 49. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. The Logical Side
  50. 50. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. Lacking of a formal consistency checking. The Logical Side
  51. 51. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. Lacking of a formal consistency checking. The Logical Side FOL cannot provide checking of KB consistency.
  52. 52. Conceptual Modelling in UML and ER The Informal Side Graphical notations seem to be adequate to the human being understanding and manipulation. Lacking of a formal consistency checking. The Logical Side FOL cannot provide checking of KB consistency. Decidable logics seems to be more adequate.
  53. 53. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML
  54. 54. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular.
  55. 55. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ?
  56. 56. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ? A Logical Language to express properties and their proofs (ALCQI)
  57. 57. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ? A Logical Language to express properties and their proofs (ALCQI) A Good (Normalizable) Natural Deduction for ALCQI
  58. 58. Explaining Theorems on the Conceptual Modelling Domain A Case Study in UML 1. Why UML ? ⇒ It is complex (UML consistency is EXPTIME-Complete), useful and popular. 2. What do we need ? A Logical Language to express properties and their proofs (ALCQI) A Good (Normalizable) Natural Deduction for ALCQI Proof Patterns that yield good explanation (to come...)
  59. 59. ALCQI KB related to UML Class Diagram [BerCalvGiac2005] D. Berardi et al. / Artificial Intelligence 168 (2005) 70–118 81 Fig. 12. UML class diagram of Example 2.5. 2.4. General constraints Origin ∀place.String Origin ∃place. (≤ 1 place) Origin ∃call.PhoneCall (≤ 1 call) ∃from.Phone (≤ 1 from) Disjointness and covering constraints are 1call) ∃from.CellPhone commonly used con- MobileOrigin ∃call.MobileCall (≤ in practice the most (≤ 1 from) straints in UML class diagrams. However, UML allows for other forms of constraints, PhoneCall (≥ 1 call− .Origin) (≤ 1 call− .Origin) − specifying class identifiers, ∀reference .PhoneBill ∀reference.PhoneCall functional dependencies for associations, and, more generally PhoneBill (≥ 1 reference− ) through the use of OCL [8], any form of (≤ 1 reference) PhoneCall (≥ 1 reference) constraint expressible in FOL. Note that, due to their expressive power, OCL constraints could in fact be used to express the semantics MobileCall PhoneCall of the standard UML class Origin MobileOrigin CellPhone diagram constructs. This is an indication that a liberal use of Phone OCL constraints can actually compromise the understandability of the diagram. Hence, FixedPhone Phone CellPhone ¬FixedPhone the use of constraints is typically limited. Also, unrestricted use of OCL constraints makes Phone CellPhone FixedPhone reasoning on a class diagram undecidable, since it amounts to full FOL reasoning. In the following, we will not consider general constraints.
  60. 60. Towards a Natural Deduction for ALCQI A Sequent Calculus for ALC (EDOC2007, AOW2007, etc) A Proof Theory for ALC (Sequent Calculus [RadeHaeuPere2008,2009]) A Deterministic Sequent Calculus for ALC [RadeHaeuSBIA2008] Maude Implementations of S.C. Provers for ALC and ALCQI [Rade2009] A Good Natural Deduction for ALC [RadeHaeu2008-9] A Natural Deduction for ALCQI [RadeHaeu2009]
  61. 61. ALC, ALCQI and further DLs ALC C ::= ⊥ | | A | ¬C | C1 C2 | C1 C2 | ∃R.C | ∀R.C ALCQI C ::= ⊥ | A | ¬C | C1 C2 | C1 C2 | ∃R.C | ∀R.C |≤ nR.C |≥ nR.C R ::= P | P − UML with OCL constraints SecureUML needs ID(C) role for each concept C for specifying uniqueness of a default in a concept. [BragaHaeu2009] ∀ID( ).A ∃ID( ).A A ≡ (= 1isdefault.(= 1isdefault − .Role))
  62. 62. Labeling formulas of ALC Labeling Grammar: LL ::= R, LL | ∅ LR ::= R, LR | R(LL ), LR | ∅ C ::= LL C LR The ALC formula: ∃R2 .∀Q2 .∃R1 .∀Q1 .α is represented by the labeled formula: Q2 ,Q1 αR1 (Q2 ),R2
  63. 63. A Natural Deduction to ALC L L L L1 (α β) α β αL2 -e -i Gen L L R,L1 α (α β) αL 2 [αL ] [β L ] . . . . . . . . αL βL (α β)L γ γ -i -i γ -e (α β) L (α β)L [L1 αL2 ] . . . . L2 L1 ⊥ L1 L1 L2 α L1 ¬α L2 L2 L1 ¬-i ∃R.αL2 ¬-e ∃-e L1 ⊥ L1 ¬α L2 αR(L1 ),L2 L1 R(L1 ),L2 L1 α ∀R.αL2 L1 ,R αL 2 ∃-i ∀-e ∀-i L1 ∃R.αL2 L1 ,R αL 2 L1 ∀R.αL2 L2 L1 [L1 αL2 ] . [ L1 ¬α L2 ] . . . . . . L1 . αL2 L1 L2 α M1 M2 β M1 M2 β ⊥ -e -i ⊥c M1 M2 L1 β αL2 M1 M2 β L1 L2 α
  64. 64. A Natural Deduction for ALCQI
  65. 65. Main properties of NALC Theorem NALCQI is complete regarding the standard semantics of ALC. Theorem NALCQI is sound regarding the standard semantics of ALC. if Ω γ then Ω |= γ. Fact The NALCQI -rules and ∃-rules are derived in ALCQI − { , ∃} . Lemma (Moving ⊥c downwards on branches) If Ω α in ALCQI − { , ∃} then there is a deduction Π of α from Ω, such that, each branch in Π has at most one application of ⊥c -rule, which is the last rule in it. Theorem (Eliminating maximal -formulas) If Π is a deduction of α from Ω, in the restricted system, then reductions there is a deduction Π of α from Ω without any maximal formulas. Fact SFP holds in ALC.
  66. 66. ALCQI KB related to UML Class Diagram [BerCalvGiac2005] D. Berardi et al. / Artificial Intelligence 168 (2005) 70–118 81 Fig. 12. UML class diagram of Example 2.5. 2.4. General constraints Origin ∀place.String Origin ∃place. (≤ 1 place) Origin ∃call.PhoneCall (≤ 1 call) ∃from.Phone (≤ 1 from) Disjointness and covering constraints are 1call) ∃from.CellPhone commonly used con- MobileOrigin ∃call.MobileCall (≤ in practice the most (≤ 1 from) straints in UML class diagrams. However, UML allows for other forms of constraints, PhoneCall (≥ 1 call− .Origin) (≤ 1 call− .Origin) − specifying class identifiers, ∀reference .PhoneBill ∀reference.PhoneCall functional dependencies for associations, and, more generally PhoneBill (≥ 1 reference− ) through the use of OCL [8], any form of (≤ 1 reference) PhoneCall (≥ 1 reference) constraint expressible in FOL. Note that, due to their expressive power, OCL constraints could in fact be used to express the semantics MobileCall PhoneCall of the standard UML class Origin MobileOrigin CellPhone diagram constructs. This is an indication that a liberal use of Phone OCL constraints can actually compromise the understandability of the diagram. Hence, FixedPhone Phone CellPhone ¬FixedPhone the use of constraints is typically limited. Also, unrestricted use of OCL constraints makes Phone CellPhone FixedPhone reasoning on a class diagram undecidable, since it amounts to full FOL reasoning. In the following, we will not consider general constraints.
  67. 67. Example : A Negative Testing An (incorrect) generalization (a CellPhone is a FixedPhone) is introduced in the KB.
  68. 68. Example : A Negative Testing An (incorrect) generalization (a CellPhone is a FixedPhone) is introduced in the KB. CellPhone FixedPhone is added to KB.
  69. 69. Example : A Negative Testing An (incorrect) generalization (a CellPhone is a FixedPhone) is introduced in the KB. CellPhone FixedPhone is added to KB. CellPhone is empty (inconsistent) . Cell ¬Fixed [Cell]1 Cell Fixed [Cell]1 ¬Fixed Fixed ⊥ 1 Cell ⊥
  70. 70. Example: A False Positive in the new KB In the modified diagram, Phone ≡ FixedPhone can be drawn. This is not directly proved from the inconsistency of CellPhone.
  71. 71. Example: A False Positive in the new KB In the modified diagram, Phone ≡ FixedPhone can be drawn. This is not directly proved from the inconsistency of CellPhone. It is shown that Phone FixedPhone since FixedPhone Phone is already an axiom of KB.
  72. 72. Example: A False Positive in the new KB In the modified diagram, Phone ≡ FixedPhone can be drawn. This is not directly proved from the inconsistency of CellPhone. It is shown that Phone FixedPhone since FixedPhone Phone is already an axiom of KB. Proof: [Phone]1 Phone Cell Fixed [Cell] Cell Fixed Cell Fixed Fixed [Fixed] Fixed 1 Phone Fixed
  73. 73. ALCQI KB related to UML Class Diagram [BerCalvGiac2005] D. Berardi et al. / Artificial Intelligence 168 (2005) 70–118 81 Fig. 12. UML class diagram of Example 2.5. 2.4. General constraints Origin ∀place.String Origin ∃place. (≤ 1 place) Origin ∃call.PhoneCall (≤ 1 call) ∃from.Phone (≤ 1 from) Disjointness and covering constraints are 1call) ∃from.CellPhone commonly used con- MobileOrigin ∃call.MobileCall (≤ in practice the most (≤ 1 from) straints in UML class diagrams. However, UML allows for other forms of constraints, PhoneCall (≥ 1 call− .Origin) (≤ 1 call− .Origin) − specifying class identifiers, ∀reference .PhoneBill ∀reference.PhoneCall functional dependencies for associations, and, more generally PhoneBill (≥ 1 reference− ) through the use of OCL [8], any form of (≤ 1 reference) PhoneCall (≥ 1 reference) constraint expressible in FOL. Note that, due to their expressive power, OCL constraints could in fact be used to express the semantics MobileCall PhoneCall of the standard UML class Origin MobileOrigin CellPhone diagram constructs. This is an indication that a liberal use of Phone OCL constraints can actually compromise the understandability of the diagram. Hence, FixedPhone Phone CellPhone ¬FixedPhone the use of constraints is typically limited. Also, unrestricted use of OCL constraints makes Phone CellPhone FixedPhone reasoning on a class diagram undecidable, since it amounts to full FOL reasoning. In the following, we will not consider general constraints.
  74. 74. A Natural Deduction for ALCQI
  75. 75. Example: A False Positive yielding a refining of KB
  76. 76. Example: A False Positive yielding a refining of KB MobileCall participates on the association MobileOrigin with multiplicity 0..1, instead of the 0..* presented in the UML diagram
  77. 77. Example: A False Positive yielding a refining of KB MobileCall participates on the association MobileOrigin with multiplicity 0..1, instead of the 0..* presented in the UML diagram Proof: [MC]1 MC PC MO O PC PC ≥ 1 c− .O ≤ 1 c− .O − 2 − − − − [≥ 2 c .MO] ≥ 2 c .MO ≥ 2 c .O ≥ 1 c .O ≤ 1 c .O ≥ 2 c− .O ≤ 1 c− .O ⊥ 2 ¬ ≥ 2 c− .MO 1 MC ¬ ≥ 2 c− .MO Sequent
  78. 78. Conclusions Yes !! It is Important to explain a theorem !!! Advices
  79. 79. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Advices
  80. 80. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. Advices
  81. 81. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices
  82. 82. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices
  83. 83. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices Conceptual Modeling in UML is not tractable (EXPTIME-complete)
  84. 84. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices Conceptual Modeling in UML is not tractable (EXPTIME-complete) Unless CoNP = NP, proofs can be really huge !!! Introducing Cuts/Maximal formulas cannot reduce always the size of a proof.
  85. 85. Conclusions Yes !! It is Important to explain a theorem !!! Proof explanations provide good and adequate support for formal validation of KB. It is as important as Model Checking based explanations. Under our Working Hyp., N.D. provides the adequate basis for explanation generation from formal proofs. N.D. for DLs is an important step towards good explanations in Conceptual Modeling. NALCQI provides a good basis regarding UML and ER reasoning explanation. Advices Conceptual Modeling in UML is not tractable (EXPTIME-complete) Unless CoNP = NP, proofs can be really huge !!! Introducing Cuts/Maximal formulas cannot reduce always the size of a proof.
  86. 86. Curry-Howard Isomorphism The computational content of Intuitionistic Proofs Any Proof of α from γ1 , . . . , γn in IL corresponds to an algorithm that yields values of type α from any list of n values of types γ1 , . . . , γn , respectively IntuitionisticLogic Technically: Any proof π of α from γ1 , . . . , γn corresponds to a typed λ-term t(x1 , . . . , xn ) : α[x1 : γ1 , . . . , xn : γn ], such that any evaluation in t corresponds a normalization step in π, and vice-versa. return
  87. 87. Seldin’s strategy to normalize Classical Proofs Moving the Classical Absurdity Rule towards the Conclusion of the proof Given any Classical derivation Π of α from Γ, one can transform Π into a derivation Π1 of α from Γ of the following form: Γ, [¬α]a Π1 a ⊥ α where Π1 is intuitionistic. reductions return
  88. 88. Prawitz’s strategy to normalize Classical Proofs Moving the Classical Absurdity Rule towards atomic conclusions in the proof Given any Classical derivation Π of α from Γ, one can transform Π into a derivation Π1 of α from Γ where the Classical-⊥ has only atomic conclusions [¬(α ∧ β)]a Π ⊥ a α∧β Transforms into [α ∧ β]c [α ∧ β]a α [¬α] b β [¬β]d ⊥ ⊥ a c ¬(α ∧ β) ¬(α ∧ β) Π Π ⊥ ⊥ b d α β α∧β return
  89. 89. Example of reduction [¬α]a [¬β]b Π1 Π2 ⊥ ⊥ a b α α α∧β Transforms into [α]a [β]b α∧β [¬(α ∧ β)]c ⊥ a ¬α Π1 ⊥ b ¬β Π2 ⊥ c α∧β other
  90. 90. Normalizing reductions -reduction ∀-reduction Π1 Π2 Π1 L α Lβ L1 ,R αL2 L (α β) Π1 L1 ∀R.αL2 Π1 L L L1 ,R L2 L1 ,R α α α αL2 ¬-reduction -reduction L2 L1 L1 ¬α L2 [α] Π2 Π1 L2 L1 Π2 Π1 ⊥ Π2 L1 ¬α L2 β L2 L1 Π1 [α] L1 L2 α L1 ¬α L2 Π1 α α β Π2 ⊥ ⊥ β β return
  91. 91. MC ¬ ≥ 2 c− .MO in Sequent Calculus MO ⇒ O MC ⇒ PC PC ⇒ ≥ 1 call− .O ≤ 1 call− .O ≥ 2 call− .MO ⇒ ≥ 2 call− .O MC ⇒ ≥ 1 call− .O ≤ 1 call− .O MC, ≥ 2 call− .MO ⇒ ≥ 2 call− .O MC, ≥ 2 call− .MO ⇒ ≥ 1 call− .O ≤ 1call− .O − − − − MC, ≥ 2 call .MO ⇒ ≥ 1 call .O ≤ 1call .O ≥ 2call .O MC, ≥ 2 call− .MO ⇒ ⊥ MC ⇒ ¬ ≥ 2 call− .MO return
  92. 92. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 return
  93. 93. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. return
  94. 94. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. Corollary: Every formula in a proof of Γ ⇒ ∆ is subformula from at least one formula of Γ ∪ ∆. return
  95. 95. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. Corollary: Every formula in a proof of Γ ⇒ ∆ is subformula from at least one formula of Γ ∪ ∆. Corollary: If the Haupsatz holds for a logic/theory L then this logic is consistent. (There is no proof of the empty sequent). return
  96. 96. The Haupsatz The cut rule: Γ1 ⇒ ∆ 1 , α α, Γ2 ⇒ ∆2 Γ1 , Γ2 ⇒ ∆1 , ∆2 Every proof of Γ ⇒ ∆ can be rewritten without the cut-rule. Corollary: Every formula in a proof of Γ ⇒ ∆ is subformula from at least one formula of Γ ∪ ∆. Corollary: If the Haupsatz holds for a logic/theory L then this logic is consistent. (There is no proof of the empty sequent). Gentzen proved that PA is consistent by means of Haupsatz. return
  97. 97. Normalization and Normal Proofs A → B is maximal formula in a ND proof: [A] Π2 Π1 B A A→B B reduces to Π1 [A] Π2 B return
  98. 98. Normalization and Normal Proofs A → B is maximal formula in a ND proof: [A] Π2 Π1 B A A→B B reduces to Π1 [A] Π2 B Normalization: Every derivation of α from ∆ can be transformed into a Normal derivation (without maximal formulas) of α from ∆ (∆ ⊆ ∆) return
  99. 99. Normalization and Normal Proofs A → B is maximal formula in a ND proof: [A] Π2 Π1 B A A→B B reduces to Π1 [A] Π2 B Normalization: Every derivation of α from ∆ can be transformed into a Normal derivation (without maximal formulas) of α from ∆ (∆ ⊆ ∆) Corollary: Every formula in a proof of α from Γ is subformula of Γ or α. return
  100. 100. Moving the ⊥ towards the conclusion of a derivation [Seldin1977] [¬A]a Π1 Π2 a ⊥ A B A∧B reduces to Π2 a [A] B A∧B [¬(A ∧ B)]b a ⊥ ¬A Π1 ⊥ b A∧B return
  101. 101. Classical Logic × Intuitionistic Logic Theorem There are a, b ∈ R − Q, such that, ab ∈ Q A Classical Proof (Math Folklore) √ Consider a = b = 2. Then, either ab ∈ Q or ab ∈ √ In the first case Q. √ 2 √ we are done. In the second case, consider a = 2 and b = 2, hence, ab = 2 ∈ Q. An Intuitionistic (constructive) proof (E. Bishop) √ Consider a = 2 and b = 2log2 (3). We have a, b ∈ Q and ab = 3 ∈ Q return

×