Deduction Modulo, Supernatural Deduction, and Superdeduction

2.2 Interactive Theorem Proving and Proof Style

2.2.3 Deduction Modulo, Supernatural Deduction, and Superdeduction

Proofs are usually searched within a context of a specific theory, such as set theory or arithmetic. Therefore, it is crucial to support theory reasoning efficiently. Within interactive theorem proving, the standard approach consists of defining special decision and simplification procedures and to encode them as tactics. However, it is also possible to try to build theory reasoning in the underlying proof theory and to study its properties. One possibility is to apply the inference rules modulo a congruence_{≡ associated with a} term rewriting system, which is known as deduction modulo [DHK98]. This mechanism is calculus independent and can for example be employed for resolution or natural deduction. Consider for example the standard axiom rule in natural deduction and the correspondent inference rule in deduction modulo, which are shown below, where the equality in the side condition has been replaced by the congruence:

Γ_{⊢ ϕ} ψ∈ Γ ∧ ψ = ϕ Ax Γ_{⊢ ϕ} ψ∈ Γ ∧ ψ ≡ ϕ (2.1) For deduction rules with several premises, deduction modulo usually allows the use of the equivalence relation _{≡ either on the conclusion or a single premise. For example, given} the left identity of the neutral element e in group theory in the form of the rewrite rule e∗ x = x, uniqueness of the neutral element can be shown as follows:

∀y.y ∗ e′ = y _{⊢ ∀y.y ∗ e}′ = y Ax ∀y.(y ∗ e′ = y)_{⊢ e ∗ e}′ = e

∀y.y ∗ e′ = y _{⇒ e}′ = e ⇒I

∀E

Note the use of the rewrite rule e _{∗ x = x in the ⇒}I step. In practice, confluent and

terminating term rewrite systems are used to keep the congruence _{≡ decidable.}

Similarly, rewrite rules that rewrite propositions can be added to the congruence. For example, the equivalence _{∀A, B.A ⊂ B ⇔ ∀x.x ∈ A ⇒ x ∈ B might be formulated as} the rewrite rule A ⊂ B → ∀x.x ∈ A ⇒ x ∈ B. However, it has been pointed out that rewriting with propositions might be confusing (see [Wac05a] for details). This has lead to supernatural deduction, where the idea is to replace equivalences on predicate symbols by

new introduction and elimination rules. For example, for _{⊂, we obtain the two deduction} rules ⊂I Γ, x_{∈ X ⊢ x ∈ Y} Γ_{⊢ X ⊂ X} x /∈ FV(Γ) ⊂E Γ_{⊢ X ⊂ Y} Γ_{⊢ t ∈ X} Γ_{⊢ t ∈ Y} (2.2)

In [Wac05a], Wack shows soundness and completeness of this calculus and proves cut elimination with an extended notion of a cut: Cuts are the usual cuts; additional cuts are derivations in which a new introduction rule is immediately followed by an elimination rule. Superdeduction (see [BHK07a], [BHK07b]) carries over these ideas to the sequent calculus.

2.2.4 Proof Transformation and Presentation

To be able to explain a machine found proof in a natural style, but also to be able to integrate proofs in machine-oriented calculi in an interactive prover, researchers developed algorithms to transform proofs in machine-oriented calculi into ND proofs [And80, Mil84, Pfe87, Lin89, Wos90, And91, Mei00a]. Based on natural deduction, attempts have been made to present a proof even in natural language.

The χ-proof system [FM88] was one of the first theorem provers designed with a natural language output component. It has been recognized that the proof object used to generate the natural language output plays an essential role for the quality of the generated output: “Since the mechanism for translating a proof tree into a text is so simple1_{, much of the}

challenge in constructing natural text can be transferred to constructing proof trees: to first generate good text, generate good proof terms.” [FM88].

Several other systems have been equipped with modules to generate natural language or pseudo-natural language: Natural Language Explainer [McD83] was devised as a back end for the natural deduction theorem prover Thinker [Pel86, Pel98]. Ilf [Da97] uses templates with canned sentence chunks to verbalize proofs. The same is true for the pseudo-natural language presentation components of Coq [TCK95] and the proof system Theorema [BJD98].

However, even in the case of human-oriented calculi, such as natural deduction, proofs can become very complex and contain too much information. Huang [Hua96] realized that in human-written proofs, in contrast, an inference step is often described in terms of the application of a definition, axiom, lemma or theorem, which he collectively called assertions. More often than not there are constructs above at the so-called proof level, such as, e.g., “by analogy”. He developed techniques to detect assertion applications of a specific form and abstracted them to a single step. The assertion level proved to be much better suited for a subsequent verbalization of the proofs than a traditional calculus [Hua94a, HF96].

Still, even at the assertion level, humans often omit obvious inferences to further compress a proof. There has been the attempt to capture the notion of obvious inference in order to identify (and hide) obvious steps (see for example [Rud87, Dav81] for an early work). Most recently, Schiller has studied the problem in the context of assertion level proofs and presented an approach to automatically learn obvious inferences from users and to adapt a computer generated proof automatically [Sch10].

Another option to reduce the complexity is to structure the proof hierarchically and to present only the outline of the proof at first. Only on demand, a more detailed proof

of a specific step is shown. Hierarchical proofs have been advocated by several people, such as Lamport [Lam93] in the context of informal proofs. A similar idea is proposed by Back and colleagues for calculational proofs [BGvW96]. In the context of HOL, Grundy and Langbacka [GL97] developed an algorithm to present hierarchical proofs in a brows- able format. In the context of the Ωmega system, Cheikhrouhou and Sorge developed a hierarchical proof data structure, called PDS [CS00, ABD+_{06], which was not only used}

for proof presentation, but also for proof search. In particular, the _{PDS supports the} presentation of a proof plan or proof sketch (see the next section for details about proof planning), and refinement operations to close these gaps. The same idea has been picked up by Denney, who developed the notion of hiproof [DPT06]. Most recently, a tactic language for hiproofs has been proposed in [ADL10]. Another possibility for hierarchical proof construction is provided by a method called window inference [RS93]. Window inference allows the user to focus on a particular subformula of the proof state, transforming it and thereby making use of its context, as well as opening subwindows, resulting in a hierarchical structure.

In document Assertion level proof planning with compiled strategies (Page 35-37)