Hedman. A First Course in Logic, 2004 (Oxford)

So anything that can be proved using resolution can be given a formal proof. It then follows from Theorem 1.37 that resolution is sound. In particular, if R is the resolvent of two clauses of a formula F in CNF, then R is a consequence of F . Ostensibly, resolution is a fragment of our formal proof system. As we now show, resolution is just as powerful as formal proofs.

1.8.3 Completeness of resolution. We show that resolution can be used to determine whether or not any given formula is satisfiable. We may assume that the formula is in CNF. Given any formula F in CNF, let Res0(F ) =

finite set, there are only finitely many clauses that can be derived from F using resolvents. In fact, there are only finitely many clauses that use the same atomic formulas as F . So, eventually, we will find some m so that Resm(F ) = Resm+1(F ). Let Res (F ) denote such Resm(F ). This is the set of all clauses that can be derived from F using resolvents. Viewing it as a formula, Res (F ) is the conjunction of all consequences of F that can be derived by resolvents.

Proposition 1.72 Let F be a formula in CNF. If Res (F ), then F is unsatisfiable.

Proof If Res (F ), then Resn(F ) for some n. Since Res0(F ) ( is not a clause) there must be some m such Resm(F ) and Resm+1(F ) in which case is the resolvent of two clauses of Resm(F ). But can only be obtained as the resolvent of {A} and {¬A} for atomic A. Both {A} and {¬A} must be in Resm(F ). By the previous proposition, both A and ¬A are consequences of F . It follows that A ¬A is a consequence of F and F is unsatisfiable.

Example 1.73 Let F be the formula

{{A, B, ¬C}, {¬A}, {A, B, C}, {A, ¬B}}

We see that {A, B} Res(F ), {A} Res2(F ), and Res3(F ). By Proposition 1.72, F is unsatisfiable. We can arrange this as a two-column proof as follows.

We now consider the converse of Proposition 1.72. Let F be a formula in CNF. If F is unsatisfiable, then must be in Res (F )? We show that the answer is “yes.” Resolution is all we need to show unsatisfiability. This is not immediately apparent. After all, for the “Justification” column of these proofs, we have only two options. Either a clause is given, or it is a resolvent of two previously

derived clauses. It may seem that this method of proof is too restrictive. We prove that it is not.

Proposition 1.74 Let F be a formula in CNF. If F is unsatisfiable, then

Res (F ).

Proof Let F = {C1, . . . , Ck}. We assume that none of the Cis is a tautology (otherwise we just throw away these clauses and show that can be derived from what remains). We will prove this proposition by induction on the number n of atomic formulas that occur in F .

Let n = 1. Let A be the only atomic formula occurring in F . Then there are only three possible clauses in F . Each Ci is either {A}, {¬A}, or {A, ¬A}. The last clause is a tautology, and so, by our previous assumption, it is not a clause of F . So the only clauses in F are {A} and {¬A}. There are three possibilities, F = {{A}}, F = {{¬A}}, or F = {{A}, {¬A}}. The first two of these are satisfiable. So F must be {{A}, {¬A}}. Clearly, Res (F ).

Now suppose F has atomic subformulas A1, . . . , An+1. Suppose further thatRes (G) for any unsatisfiable formula G that uses only the atomic formulas

must contain both An+1 and ¬An+1. But then Ci is a tautology, contrary to our

ing formula is equivalent to F0. And if we replace An+1 in F with a tautology, then the resulting formula is equivalent to F1. We give an example to illustrate this, but leave the verification of this fact to the reader.

Example 1.75 Suppose n = 2 so that An+1 is A3.

Let F = {{A1, A3}, {A2}, {¬A1, ¬A2, A3}, {¬A2, ¬A3}}.

So F0 = {{A1}, {A2}, {¬A1, ¬A2}}

and F1 = {{A2}, {¬A2}}.

Now F is the formula (A1 A3) (A2) (¬A1 ¬A2 A3) (¬A2 ¬A3). If we know A3 has truth value 0, then this becomes

(A1 0) (A2) (¬A1 ¬A2 0) (1) which is equivalent to F0. If we know that A3 has truth value 1, then F reduces to

(1) (A2) (1) (¬A2 0) which is equivalent to F1.

Since An+1 must either have truth value 0 or 1, it follows that F ≡ F0 F1. Since F is unsatisfiable, F0 and F1 are each unsatisfiable. The formulas F0 and F1 only use the atomic formulas A1,. . . , An. By our induction hypothesis,Res (F0) and Res (F1). (Note that can easily be derived from both F0 and F1 in our example.)

˜

Now F0 was formed from F0 by throwing An+1 out of each clause. Since we

{ } ˜

can derive from F0, we can derive either or An+1 from F0 (by reinstating {An+1} in each clause of F0). Likewise we can derive either or {¬An+1} from

˜1. If we can derive {An+1} form F0 and {¬An+1} from F1, then we can derive

F

˜ ˜ ˜ ˜ from F0 F1. Since F = F0 F1, we conclude that Res (F ).

This yields an algorithm for the Satisfiability problem. Given any formula G, we first find a formula F in CNF that is equivalent to G (using the CNF algorithm). We then compute the finite set Res (F ). If Res (F ), then the algorithm concludes “No, G is not satisfiable.” Otherwise, it concludes “Yes, G is satisfiable.” By Propositions 1.72 and 1.74, this algorithm works. This algorithm is not necessarily quick. As we previously mentioned, there is no known polynomial-time algorithm for this decision problem. However, in certain instances, this algorithm can reach a quick conclusion. If F is unsatisfiable, then we do not necessarily have to compute all of Res (F ). As soon as makes an appearance, we know that it is not satisfiable. If F is satisfiable, on the other hand, then truth tables can reach a quick conclusion. We only need to compute the truth table until we find a truth value of 1.

We summarize the main results of this section in the following theorem. This theorem is a finite version of the Completeness theorem for propositional logic.

Theorem 1.76 Let F and G be formulas of propositional logic. Let H be the CNF formula obtained by applying the CNF algorithm to the formula F ¬G. The following are equivalent:

1.F |= G

2.{F } G

3.Res (H)

Proof (2) implies (1) by Theorem 1.37.

44 Propositional logic

(1) implies (3) by Proposition 1.74.

We must show that (3) implies (2). By Proposition 1.59, we have {F ¬G} H. By -Introduction, {F , ¬G} F ¬G.

It follows that {F , ¬G} H.

Since Res (H), there must exist an atomic formula A such that both {A} and {¬A} are in Res (H). It follows from Proposition 1.71 that both {H} A and {H} ¬A. Therefore, both

{F , ¬G} A and {F , ¬G} ¬A.

By proof by contradiction, we have {F } ¬¬G. Finally, {F } G by Double negation.

1.9 Completeness and compactness

Completeness and compactness are two properties that a logic may or may not possess. We conclude our study of propositional logic by showing that this logic does, in fact, have each of these properties.

A logic is a formal language that has rules for deducing the truth of one statement from that of another. If a sentence G can be deduced from a set of sentences F using these rules, then we write F G. The notation F |= G, on the other hand, means that whenever each sentence in F is true, G is also true. If

FG, then F |= G. The opposite, however, is not necessarily true. Put another way, F |= G means that F implies G and F G means that we can prove that

Fimplies G using the rules of the logic. But just because something is true does not mean we can prove it. Perhaps the rules of the logic are too weak to prove everything (or the expressive power of the logic is too strong). If we can prove everything that is true (that is, if F |= G does imply F G), then we say that the logic is complete.

(Completeness:) F |= G if and only ifF G.

In Section 1.4, we defined the notation F G for propositional logic by listing a bunch of rules. However, completeness should be understood not as a statement about these specific rules, but as a statement about the logic itself. Completeness asserts the existence of a list of rules that allows us to deduce every consequence from any set of formulas of the logic. To prove this we need to demonstrate such a list of rules. We show that the rules in Tables 1.5 and 1.6, as well as the rules for resolution, su ce for propositional logic. As we will see in Chapter 9, second-order logic does not have completeness. We cannot give a nice list of rules that allow us to deduce every consequence from any set of second-order sentences.

To prove that propositional logic has completeness, we must pass from finite to infinite sets of formulas. If F is finite, then F |= G if and only if F G by Theorem 1.76. Suppose now that F is infinite. If F is a set of formulas in CNF, then it can be viewed as a set of clauses. The set Resn(F ) is defined as it was for finite sets of clauses. Let Res (F ) denote the union of all of the sets Resn(F ) (for n N). Again, Res (F ) is the set of all clauses that can be derived from F using resolution. If F is infinite, then Res (F ) is infinite and cannot be viewed as a formula. Such an infinite set of clauses is satisfiable if and only if there exists an assignment that models each clause of the set. To prove that propositional logic has completeness, it su ces to prove the following.

Proposition 1.77 Let F be a set of formulas in CNF. Then Res (F ) if and only if F is unsatisfiable.

For finite F , this is a restatement of Propositions 1.72 and 1.74. Recall the proofs of these two statements. For Proposition 1.74, we assumed that F was unsatisfiable, and we proved that Res (F ) by induction on the number of atomic formulas occurring in F . But mathematical induction proves only that something is true for all finite n. So the method we used to prove Proposition 1.74 does not work if F involves infinitely many atomic formulas.

Consider the other direction of Proposition 1.77. Suppose Res (F ). Then Resn(F ) for some n. That is, we can derive from F in a finite number of steps. Therefore, we can derive from some finite subset F of F . By Proposition 1.72, F is unsatisfiable. Since F is a subset of F , F must be unsatisfiable also.

So one direction of Proposition 1.77 follows from the results of the previous section. We can deduce the infinite case from the finite case by observing that ifcan be derived from F , then it can be derived from some finite subset of F . To prove the other direction of Proposition 1.77 we need an analogous idea. We need to show that if F is unsatisfiable, then some finite subset of F is unsatisfiable. This is known as compactness.

Compactness: F is unsatisfiable if and only if some finite subset of F is unsatisfiable.

Put another way, compactness says that F is satisfiable if and only if every finite subset of F is satisfiable. As with completeness, one direction of compactness always holds. If F is satisfiable, then every finite subset of F must be satisfiable also. But just because every finite subset of a set is satisfiable does not necessarily mean that the set itself is satisfiable. Consider, for example, the following set of English sentences.

F0 = “There are finitely many objects in the universe.”

F1 = “There is at least one object in the universe.”

F2 = “There are at least two objects in the universe.”

F3 = “There are at least three objects in the universe.”

· · ·

Fn = “There are at least n objects in the universe.”

· · ·

Taken together, these sentences are contradictory. If there are more than n objects for each n, then there cannot possibly be finitely many objects as F0 asserts. However, if we take only finitely many of the above statements, then there is no problem. Any finite set of these sentences is satisfiable, but the collection as a whole is not. Any logic that can express these sentences does not have compactness.

We prove that propositional logic does have compactness in Theorem 1.79. First, we prove the following lemma. This lemma may not seem relevant at the moment, but it is the key to proving Theorem 1.79.

Lemma 1.78 Let X be an infinite set of finite binary strings. There exists an infinite binary string w¯ so that any prefix of w¯ is also prefix of infinitely many x¯ in X.

Proof A binary string is a sequence on 0s and 1s such as 1011. The strings 1, 10, 101, and 1011 are the prefixes of 1011. We have an infinite set X of such strings of finite length. We want to construct an infinite string w¯ of 0s and 1s so that each prefix of w¯ is also a prefix of infinitely many strings in X.

We construct w¯ step-by-step from left to right. In each step we will do two things. In the nth step, we not only decide what the nth digit of w¯ should be, we also delete strings from X that we do not like.

To determine what the first digit of w¯ should be, look at the first digits of all the strings in X. Of course, there are infinitely many strings and you cannot look at all these digits at once, but suppose that you are somehow omniscient. There are two possibilities. Either you see infinitely many 1s or you do not. If infinitely many strings in X start with 1, then we let the first digit of w¯ be a 1 and we delete all strings in X that begin with a 0 (we are still left with infinitely many). Otherwise, if only finitely many strings in X start 1, we delete these and let the first digit of w¯ be a 0.

Now suppose we have determined the first n digits of w¯. Suppose too that we have deleted all sequences from X that do not start with these same n digits and are left with an infinite subset X of X. To determine the (n + 1)th

entry in w¯ we look at the (n + 1)th digits of all the strings in X . Since X is infinite, X must have infinitely many strings of length n + 1 or greater. So again, there are two possibilities. If infinitely many strings in X have 1s in the (n + 1)th place, then we let the (n + 1)th digit of w¯ be 1. Otherwise, we let the (n + 1)th digit be 0. Either way, we delete all strings from X that do not share the same first n + 1 entries as w¯. We are still left with an infinite subset of X.

Continuing this procedure, we obtain an infinite sequence w¯ so that the first n digits of w¯ agrees with the first n digits of infinitely many sequences in X. We have not really given a practical way of constructing w¯, but we have proven that such a string exists.

We are ready now to prove propositional logic has compactness.

Theorem 1.79 (Compactness of propositional logic) A set of sentences of propositional logic is satisfiable if and only if every finite subset is satisfiable.

Proof As we remarked earlier, only one direction of this requires proof. Suppose F = {F1, F2, . . .} is a set of formulas and every finite subset of F is satisfiable. Let A1, A2, A3, . . . be a list without repetition of the atomic formulas occurring in F1 followed by the atomic formulas occurring in F2 (but not F1), and so on.

atomic formulas occurring in F1, . . . , Fn. For each n, the truth values An assigns to A1, A2, . . . forms a finite sequence of 0s and 1s. So X = {An|n = 1, 2,. . . } is an infinite set of finite binary sequences. By the previous lemma, there exists an infinite binary sequence w¯ so that every prefix of w¯ is a prefix of infinitely many sequences in X.

Define an assignment A on all the Ans as follows: let A(An) be the nth digit of w¯. We must show that every formula F in F holds under A. This follows from the fact that F holds under all but finitely many of the assignments in X. Let m be such that F contains no atomic formula past Am in our list. Then there is an An in X so that An |= F and the first m entries of An are the same as A. It follows that A also models F .

Proposition 1.77 follows from compactness. We can now prove that propositional logic has completeness. We could give a proof similar to that of Theorem 1.76 using Proposition 1.77 in place of Propositions 1.72 and 1.74. However, compactness yields a more direct proof.

Theorem 1.80 (Completeness of propositional logic) For any sentence G and set of sentences F , F |= G if and only if F G.

Proof By Theorem 1.37, if F G, then F |= G.

Conversely, suppose that F |= G. Then F {¬G} is unsatisfiable. By compactness, some finite subset of F {¬G} is unsatisfiable. So there exists finite F0 F such that F0 {¬G} is unsatisfiable and, equivalently, F0 |= G. Since F0 is finite, we can apply Theorem 1.76 to get F0 G. Finally, F G by Monotonicity.

Exercises

1.1.Show that ¬ and can be taken as primitive symbols in propositional logic. That is, show that each of the symbols , →, and ↔ can be defined in terms of ¬ and .

1.2.Show that ¬ and → can be taken as primitive symbols in propositional logic. That is, show that each of the symbols , , and ↔ can be defined in terms of ¬ and →.

1.3.Find the truth tables for each of the following formulas. State whether each is a tautology, a contradiction, or neither.

(a)(¬A → B) ((A ¬C) ↔ B)

(b)(A → B) (A → ¬B)

(c)(A → (B C)) (C → ¬A)

(d)((A → B) C) (A D) .

1.4.In each of the following, determine whether the two formulas are equivalent.

(a)(A B) C and (A → ¬B) → C

(b)(((A → B) → B) → B) and (A → B)

(c)(((A → B) → A) → A) and (C → D) C

(d)A ↔ ((¬A B) (A ¬B)) and ¬B.

1.5.Show that the following statements are equivalent.

1.F |= G,

2.|= F → G,

3.F ¬G is unsatisfiable, and

4.F ≡ F G.

1.6.Show that the following statements are equivalent.

1.F ≡ G,

2.|= F ↔ G, and

3.(F ¬G) (¬F G) is unsatisfiable.

1.7.(a) Find a formula F in CNF which has the following truth table.

(b)Find a formula in DNF having the above truth table.

1.8.Find formulas in CNF equivalent to each of the following.

(a)(A ↔ B) ↔ C

(b)(A → (B C)) (C → ¬A)

(c)(¬A ¬B C) (¬A ¬C) (B C) A.

1.9.The Cut rule states that from the formulas (F → G) and (G → H) we can derive the formula (F → H). Verify this rule by giving a formal proof.

1.10.(a) Let ↔-Symmetry be the following rule:

Premise: F (F ↔ G)

Conclusion: F (G ↔ F )

Verify this rule by giving a formal proof.

(b)Give a formal proof demonstrating that {(F ↔ G)} (¬F ↔ ¬G).

1.11.Give formal proofs demonstrating that the formulas (F (F G)) and (F (F G)) are provably equivalent.

1.12.If F → G is a consequence of F , then so is ¬G → ¬F . We refer to this rule as →-Contrapositive. Verify this rule by giving a formal proof.

1.13. Show that -Symmetry follows from the other rules of Tables 1.5 and 1.6.

1.14.Show that →-Elimination follows from the other rules of Tables 1.5 and 1.6.

1.15.Show that Double negation follows from Assumption, Monotonicity, and Proof by cases.