I was hoping someone can help me with the following questions, answers would be best but if you can point me in the right direction that will be helpful also.
I am a final year uni student and these questions are from a previous exam on Formal Methods and I could do with knowing the answers ready for this years paper. Our lecturer does not seem the best and has not covered a lot of this and so finding the exact answer has been proving impossible. Google has not been much of a help nor has the recommended books.
1 - Given that ∃x • P (x) is logically equivalent to ¬∀x • ¬P (x) and that
∀x ∈ S • P (x) means ∀x • x ∈ S ⇒ P (x), deduce that ∃x ∈ S • P (x)
means ∃x • x ∈ S ∧ P (x)
2 - Describe the two statements that would have to be proved to show that
the definition:
max(i, j)
if i>j
then i
else j
is a correct implementation of the specification:
max(i : Z, j : Z)r : Z
pre true
post (r = i ∨ r = j) ∧ i ≤ r ∧ j ≤ r
The first is really just manipulation of symbols using the given and two other well-known logical equivalences:
(1) ∃x • P(x) is logically equivalent to ¬∀x • ¬P(x)
(2) ∀x∈S • P(x) means ∀x • x∈S ⇒ P(x)
∃x∈S • P(x)
== ¬∀x∈S • ¬P(x) (from (1))
== ¬∀x • x∈S ⇒ ¬P(x) (from (2))
== ¬∀x • ¬x∈S v ¬P(x) (from def. of ⇒)
== ¬∀x • ¬(x∈S ∧ P(x)) (from ¬A v ¬B == ¬(A ∧ B))
== ∃x • x∈S ∧ P(x) (from (1) -- the other way around)
For the second, you need to recognize that the outcome of max(i, j) will be computed along one of two paths: one, when i<j and the other when i>=j (the logical negation of i<j)
So you need to show that
if true ∧ i<j (precondition), then (r=i ∨ r=j) ∧ i≤r ∧ j≤r (post condition), and
if true ∧ i>=j (precond.) then (r=i ∨ r=j) ∧ i≤r ∧ j≤r (post cond.),
where r is the result of max(i, j)
But section 2 of your question does not make sense since any implementation that returns either i or j is correct.
The specification is wrong.
A correct postcondition is
post (i > j => r = i) v (i <= j => r = j)
Related
So I got this homework question and we are asked to reduce a k-independent set satisfiability problem to a 3-SAT set of clauses under the conjunctive normal form.
So for G(V, E) we have verticies set V = {x1, x2, x3, x4, x5, x6} and edges set E = { e1 = (x1,x3), e2 = (x1,x5), e3 = (x1,x6), e4 = (x2,x5), e5 = (x2,x6), e6 = (x3,x4), e7 = (x3,x5), e8 = (x5,x6) }
My first approach to this is to have a clause per edge as we can't have an edge between two vertex in the independent set :
e1: (¬x1 v ¬x3)
e2: (¬x1 v ¬x5)
e3: (¬x1 v ¬x6)
e4: (¬x2 v ¬x5)
e5: (¬x2 v ¬x6)
e6: (¬x3 v ¬x4)
e7: (¬x3 v ¬x5)
e8: (¬x5 v ¬x6)
But the problem is, for k = 3 for example, how to write clauses to ensure that at least 3 different variables (xi) are set to true ?
This is achievable using Weighted-2-satisfiability, but seems hard to achieve just using good old 3-SAT.
Any hints to how to proceed ?
If it's this G and k = 3 that you care about, it's probably easiest to write clauses (xi ∨ xj ∨ xk ∨ xℓ) for all {i, j, k, ℓ} ⊆ V and then reduce them to 3-CNF, e.g., (x ∨ y ∨ z ∨ w) becomes (v ∨ x ∨ y) ∧ (¬v ∨ z ∨ w), where v is a new variable.
In general, you're going to want to
Define a Boolean circuit to compute x1 + … + xn ≥ k (you can evaluate x1 + … + xn − k in two's complement arithmetic using ripple-carry adders and then invert the sign bit).
Translate this circuit into a 3-CNF formula. First, replace gates with more than two inputs with several two-input gates. Then for each node in the circuit create a variable. For each gate write four clauses constraining the output, one for each possible input, e.g., if there's an AND gate with inputs x and y and output z, then write clauses (x ∨ y ∨ ¬z) ∧ (x ∨ ¬y ∧ ¬z) ∧ (¬x ∨ y ∨ ¬z) ∧ (¬x ∨ ¬y ∨ z). A XOR gate would be (x ∨ y ∨ ¬z) ∧ (x ∨ ¬y ∧ z) ∧ (¬x ∨ y ∨ z) ∧ (¬x ∨ ¬y ∨ ¬z).
I have these in my lecture notes, its about the rules where knights always tell the truth and knaves always lie:
If A says “The statement ‘there is gold on the island’ and the statement ‘I
am a knight’ are either both true or both false” he is asserting A ≡ G
where A is the assertion A is a knight and G the assertion there is gold
on the Island.
Any assertion by a knave has the same truth value as A therefore:
A ≡ (A ≡ G)
(A ≡ A) ≡ G
true ≡ G
Since A ≡ (A ≡ G), it can only be the first case or third case. Hence, G is
true and A can be true or false
The notes end here, I just don't understand why is it not possible for A to lie about being a knight and about gold being on the island, I mean it just shows that A is a knave, it should still be legal, even though the truth table says its illegal for the that to happen(last row), I just can't internalize why.
I'm working with an exercise where I need to show that KB |= ~D.
And I know that the Knowledge Base is:
- (B v ¬C) => ¬A
- (¬A v D) => B
- A ∧ C
After converting to CNF:
A ∧ C ∧ (¬A v ¬B) ∧ (¬A v C) ∧ (A v B) ∧ (B v ¬D)
So now I have converted to CNF but from there, I don't know how to go any further. Would appreciate any help. Thanks!
The general resolution rule is that, for any two clauses
(that is, disjunctions of literals)
P_1 v ... v P_n
and
Q_1 v ... v Q_m
in your CNF such that there is i and j with P_i and Q_j being the negation of each other,
you can add a new clause
P_1 v ... v P_{i-1} v P_{i+1} ... v P_n v Q_1 v ... v Q_{j-1} v Q_{j+1} ... v Q_m
This is just a rigorous way to say that you can form a new clause by joining two of them, minus a literal with opposite "signs" in each.
For example
(A v ¬B)∧(B v ¬C)
is equivalent to
(A v ¬B)∧(B v ¬C)∧(A v ¬C),
by joining the two clauses while removing the opposites B and ¬B, obtaining A v ¬C.
Another example is
A∧(¬A v ¬C)
which is equivalent to
A∧(¬A v ¬C) ∧ ¬C.
since A counts as a clause with a single literal (A itself). So the two clauses are joined, while A and ¬A are removed, yielding a new clause ¬C.
Applying this to your problem, we can resolve A and ¬A v ¬B, obtaining ¬B.
We then resolve this new clause ¬B with B v ¬D, obtaining ¬D.
Because the CNF is a conjunction, the fact that it holds means that every clause in it holds. That is to say, the CNF implies all of its clauses. Since ¬D is one of its clauses, ¬D is implied by the CNF. Since the CNF is equivalent to the original KB, the KB implies ¬D.
I just come up with this question. As written in the book of Logic in Computer Science, one of the important equivalence of LTL is this:
Fp=TUp. And the T means no constraints.
Yet what if I replace the T with (not p)? Does Fp=(not p)Up hold? Since in this case I actually put some constraints (not p) in the formula, but in the meantime there could be no state can satisfy (not p) and p together. And I tried with different LTL formula as p, and as long as p is satisfiable, then for every path with p, it must satisfy Fp and (not p)Up as well.
Does it means that I can rewrite F in this way or there is some counter example?
The short answer:
Yes, both formulas are equivalent and you can rewrite Fp also with (¬p)Up.
and a proof:
We can investigate the problem by looking at the definition of pUq (I think it's defined this way in the book Model Checking by Clarke, Grumberg, Peled).
A path s is a model for the formula (written s ⊨ pUq):
s ⊨ pUq <=> ∃k: s^k ⊨ q
∧ ∀i: 0<=i<k => s^i ⊨ q
(With s^i being the path s with the first i steps removed.)
We have (1):
s ⊨ (¬p)Up <=> ∃k: s^k ⊨ p
∧ ∀i: 0<=i<k => s^i ⊨ ¬p
and (2):
s ⊨ TUp <=> ∃k: s^k ⊨ p
∧ ∀i: 0<=i<k => s^i ⊨ true
<=> ∃k: s^k ⊨ p
We want to show (1) <=> (2) (I renamed the ks to k1 and k2 to avoid confusion):
∃k1: s^k1 ⊨ p
∧ ∀i: 0<=i<k1 => s^i ⊨ ¬p
<=>
∃k2: s^k2 ⊨ p
The direction (1) => (2) is trivial.
For (2) => (1) we have to show that from
∃k2: s^k2 ⊨ p
follows
∃k1: s^k1 ⊨ p ∧ ∀i: 0<=i<k1 => s^i ⊨ ¬p
We know that there exists a value for k1 (namely k2) such that s^k1 ⊨ p holds. But what about the second part? We can now just use for k1 the smallest value such that s^i ⊨ p holds. Then the second part is true, because if there would be an i such that s^i ⊨ not p does not hold, we know that s^i |= p holds. But in that case we would have choosen i for k1 because i is strictly smaller then k1.
So both formulas (1) and (2) are equivalent.
I need help proving the following:
(a ∨ b) ∨ c = a ∨ (b ∨ c)
I don't want the answer... just a hint that will help me understand the process of proving this.
Thank you.
Why not just prove it by doing all possible values of a, b and c = True, False? -- there are only 2^3 = 8 different cases.
Here's a start, for a=T, b=F, c=T
(a v b) v c = a ∨ (b ∨ c)
(T v F) v T = T v (F v T)
T v T = T v T
T = T
(However, this isn't really a programming question...)
What is your axiom set?
Not knowing the set, you could build a truth table