In section 6.5 we showed that the removal of superfluous and redundant rules would not be harmful to invertibility. In section 6.6, we showed that removing combinable rules was
likewise not harmful to invertibility. Here, we formalise the results that the removal of such rules from a calculusL will create a new calculusL0 which is equivalent. In other words, if
a sequent is derivable inL, then it is derivable inL0. The results formalised in this section
are for uniprincipal multisuccedent calculi.
When dealing with lists of premisses, a ruleRwith premissesP will be redundant given a rule R0 with premisses P0 if there exists somep such that P = p#P0. There are other
ways in which a rule could be redundant; say if P = Q@P0, or if P = P0@Q, and so on. The order of the premisses is not really important, since the formalisation operates on the finite set based upon the list. The more general “append” lemma could be proved from the lemma we give; we prove the inductive step case in the proof of such an append lemma. This is a height preserving transformation. Some of the proof is shown:
lemmaremoveRedundant: assumes r1 = (p#ps,c)∧r1 ∈upRules and r2 = (ps,c)∧r2 ∈upRules and R1 ⊆upRules ∧R=Ax ∪ R1 and (T,n)∈derivable (R∪ {r1} ∪ {r2})∗ shows ∃ m≤n.(T,m)∈ derivable (R ∪ {r2})∗
proof (induct n rule:nat-less-induct) case0
have(T,0)∈derivable (R∪ {r1} ∪ {r2})∗bysimp then have([],T)∈(R∪ {r1} ∪ {r2})∗by(cases) auto then obtainS r whereext:extendRule S r = ([],T) and
r ∈(R ∪ {r1} ∪ {r2})by(rule extRules.cases)auto then haver ∈R∨r =r1 ∨r =r2 usingc byauto
It cannot be the case that r = r1 or r = r2, since those are uniprincipal rules, whereas
anything with an empty set of premisses must be an axiom. Since R contains the set of axioms, so willR ∪r2:
then haver ∈(R ∪ {r2}) usingc byauto then have(T,0)∈ derivable (R∪ {r2})∗byauto
then show∃ m≤n.(T,m)∈ derivable (R ∪ {r2})∗using hn=0ibyauto
next
case(Suc n0)
have(T,n0+1)∈derivable (R∪ {r1} ∪ {r2})∗bysimp then obtainPs wheree:Ps 6= []
and f: (Ps,T)∈(R ∪ {r1} ∪ {r2})∗
and g:∀ P ∈set Ps.∃ m≤n0.(P,m) ∈derivable (R ∪ {r1} ∪ {r2})∗
byauto
haveg0:∀ P ∈set Ps.∃ m≤n0.(P,m)∈derivable (R∪ {r2})∗
fromf obtainS r whereext:extendRule S r = (Ps,T) andr ∈(R∪ {r1} ∪ {r2}) by(rule extRules.cases) auto then haver ∈ (R∪ {r2})∨ r =r1 byauto
Eitherris in the new rule set orris the redundant rule. In the former case, there is nothing to do:
assumer ∈(R ∪ {r2})
then have(Ps,T)∈ (R ∪ {r2})∗ byauto
withg0have(T,n)∈ derivable (R ∪ {r2})∗using hn =Suc n0i byauto
In the latter case, the last inference was redundant. Therefore the premisses, which are derivable at a lower height than the conclusion, contain the premisses ofr2(these premisses
areextend S ps). This completes the proof:
assumer =r1
withext havemap (extend S) (p#ps) =Ps usinga by(auto) then have∀ P ∈set (map (extend S) (p#ps)).
∃ m≤n0.(P,m)∈derivable (R∪ {r2})∗
using g0bysimp
then haveh:∀ P ∈set (map (extend S) ps).
∃ m≤n0.(P,m)∈derivable (R∪ {r2})∗byauto
Recall that to remove superfluous rules, we must know thatCut is admissible in the original calculus (see lemma15, p. 93). Again, we add the two distinguished premisses at the head of the premiss list; general results about permutation of lists will achieve a more general result. Even so, the following result is a special case where a single Cut can be used to give the empty sequent. Since one usesCut in the proof, this will in general not be height-preserving: lemmaremoveSuperfluous: assumes r1 = ((∅ ⇒∗HAI) # ((HAI⇒∗ ∅) #ps),c)∧r1 ∈upRules and R1 ⊆upRules ∧R=Ax ∪ R1 and (T,n)∈derivable (R∪ {r1})∗ and CA:∀ Γ ∆A.((Γ⇒∗∆⊕A) ∈derivable0R∗ −→ (Γ⊕A⇒∗∆)∈derivable0R∗) −→ (Γ⇒∗∆)∈derivable0R∗ shows T ∈derivable0R∗
Combinable rules can also be removed (lemma 18, p. 97). We encapsulate the combinable criterion by saying that if (p#P, T) and (q#P, T) are rules in a calculus, then we get an equivalent calculus by replacing these two rules by ((extendp q)#P, T). Since theextend
function is commutative, the order of p and q in the new rule is not important. This transformation is height preserving:
lemmaremoveCombinable:
assumesa:r1 = (p#ps,c)∧r1 ∈upRules and b:r2 = (q #ps,c)∧r2 ∈upRules
and c:r3 = (extend p q #ps,c)∧r3 ∈upRules and d:R1 ⊆upRules ∧R =Ax ∪R1
and (T,n)∈derivable (R∪ {r1} ∪ {r2})∗
shows (T,n)∈derivable (R∪ {r3})∗
7.7
Conclusions
The results from the preceding chapters have been formalised. Since these results were new, the formalisation is new.
The formalisation is not exactly faithful. It was proved equivalent in the presence of some sane criteria, namely that one can decide which rules are normal and which are IW. For all sections except section7.5only normal rules were considered. The difference between metaformulae (and other metanotions) andIsabelle schematic variables is slight. In section
7.5, a restricted language was considered: we could not give use the full generality of section
6.4.
Only a portion of the formalisation was shown; a variety of intermediate lemmata were not made explicit. This was necessary, for the Isabelle theory files run to almost 8000 lines, but it is available in full at [Chapman, 2009]. However, these files do not have to be replicated for each new calculus. It takes very little effort to define a new calculus. Furthermore, proving invertibility is now a quick process; less than 25 lines of proof in most cases. As a direct comparison, the invertibility results of section4.4 (using the rigid3 calculus definitions) can be directly shown in the flexible framework of section7.2. To prove the same result (using the sameIsar vernacular) requires over 600 lines ofIsabellecode (see appendixCfor the full proof).
Conclusions
8.1
Applicability to the Field
The most obvious beneficiaries of this work are those working in an area closely related to that of this thesis. Either the theoretical results and framework could be re-used for other purposes, or theIsabellefiles could be used for a new formalisation of some result. The best case scenario would be for someone who wanted to formalise some proof theory, but thought it was unfeasible, reading this thesis and using the techniques contained herein.
The formal proofs, with their detailing of all cases, also serve as a pedagogical aid for both students of proof theory and students of formalisation. Just as writing coherent and elegant proofs should be the aim of every mathematician, so too the goal of the formaliser should be to write coherent and elegant formal proofs. Whether that has been achieved here is for each reader to decide, but either way something can be gained from reading the proofs.