Download Predicate Logic for Software Engineering

Predicate Logic for
Software Engineering
David Lorge Parnas
McMaster University, Ontario, Canada
Presentation for SwE
Readings Class
By: Sridhar Pentapati
About Dave Parnas
 His
insights have changed the way that we
specify, design, document, build, and
maintain software
 His techniques have changed modern
programming languages
 His
wisdom has steered software
engineering field
03/21/03
Progress in a scientific discipline can be measured by how quickly its founders are
Sri
forgotten
3
Abstract
Conventional interpretations of expressions
that describe predicates are not suitable for
use in software engineering because they
do not deal with partial functions. Parnas’
team defines an interpretation for predicate
expressions that is suitable for use in
software documentation
03/21/03
Sri
Logic is in the eye of the logician. *Gloria Steinem
4
Introduction
Predicate logic is a development of
propositional logic, which we’re all well
acquainted with

Sentences in predicate calculus are
built up from atomic sentences

03/21/03
'Contrariwise', continued Tweedledee, 'if it was so, it might be, and if it were so, it
would be; but as it isn't, it ain't. That's logic!' . *Lewis Carroll
5
Introduction contd...
Why logic in SwE?

1.
Engineers need mathematical tools
1. for the description and analysis of their products
2.
Mathematical logic is the basis of all proposed
tools
1. A solid foundation of logic notation will be essential
for anyone who hopes to be recognized as a software
engineer
03/21/03
Sri
Predicate Logic For Software Engineering
6
Introduction Contd...
 Focus

03/21/03
It is essential to have a precise meanings for
logical expressions, one that unambiguously
yields a value of true or false for every
statement of values to the variables that appear
in an expression
Logic is one thing, the human animal another. You can quite easily propose a logical
solution to something and at the same time hope in your heart of hearts it won't
Sri
work out. * Luigi Pirandello
7
Problems with Existing Logic
1.
2.
3.
4.
Logicians are conservative? Believes
Martin Van Emden
Lacks precise meaning for logical
expression (* values)
Complexity of expressions
Assumption of total functions
03/21/03
Logic: The art of thinking and reasoning in strict accordance with the limitations and
Sri
incapacities of the human misunderstanding. *Ambrose Bierce
8
Parnas Says:
1.
2.
Change predicate logic to allow functions
to be partial
To do away with the resulting truth value
“undefined”
03/21/03
The want of logic annoys. Too much logic bores. Life eludes logic, and everything
Sri
that logic alone constructs remains artificial and forced. * André Gide
9
Structure of The Paper
1.
2.
3.
4.
5.
6.
7.
Introduction
Basic definitions
Syntax of Logic Expressions
Meanings of Logical Expressions
Examples of the Use of This Logic in
Software Documentation
Conclusions
References
03/21/03
Sri
Predicate Logic For Software Engineering
10
Reasons and Goal
 Since
practitioners do not want to use
methods that require them to use many
symbols to say simple things
 They will not read expressions that are
lengthy or deeply nested
 A full, formal definition of a logic that
permits concise expressions is a
prerequisite for practical use
03/21/03
Sri
The fact that logic cannot satisfy us awakens an almost insatiable hunger for the
irrational. * A. N. Wilson
11
Introduction contd…

In one of his earlier papers’ Parnas
reminded us that
1. functions and relations can be viewed as sets of
ordered pairs,
2. sets can be characterized by predicates and
described by logical expressions,
3. predicates can be represented in more readable
way using multidimensional expressions, and
4. the meaning of these tables can be defined by
rules for translating those tables into more
conventional expressions
03/21/03
Sri
Predicate Logic For Software Engineering
12
Introduction Contd…

Many researchers are developing
mathematical methods for use by software
developers. It is hoped that these methods
would do for SwE, what differential and
integral calculus did for other areas of
engineering
03/21/03
From a drop of water a logician could infer the possibility of an Atlantic or a Niagara
Sri
without having seen or heard of one or the other. * Sir Arthur Conan Doyle
13
Introduction contd…
Crux of the problem
1.
2.
03/21/03
Conventional formal interpretations of logical
expressions (e.g. [Mendelson]) assume that
all functions are total, i.e. defined on a
domain that includes all possible values of
their arguments
Those interpretations are not intended to
deal with partial functions, functions whose
value has not been defined for certain
values of the argument
Sri
Predicate Logic For Software Engineering
14
Basics
partial function ƒ from a set A to a set B
is an assignment to each element a in a
subset of A, called the domain of definition
of ƒ, of a unique element b in B
 The sets A and B are called the domain
and codomain of ƒ, respectively
A
03/21/03
Sri
Predicate Logic For Software Engineering
15
Basics Contd…
say that ƒ is undefined for elements in
A that are not in the domain of definition of
ƒ
 We write ƒ : A  B to denote that ƒ is a
partial function from A to B
 When the domain of definitions equals A,
we say that ƒ is a total function
 We
03/21/03
Sri Logic is like the sword--those who appeal to it, shall perish by it. * Samuel Butler
16
Another interpretation of Predicate
Expressions!!!

But why?
 Since under conventional interpretations a logical
expression that includes partial functions will have a
defined value only when the values assigned to all function
arguments are within functions’ domains. Such
interpretations are of limited usefulness when describing
software because we frequently use partial functions to
describe the behavior of programs
03/21/03
Sri
Predicate Logic For Software Engineering
17
Motivating Example

Assume that  represents a function that is defined on
a domain containing only non-negative real numbers.
A s/w designer may write a boolean expression such
as:
((x > 0)  (y = x))  ((x  0)  (y = -x))
(1)
to describe the behavior of a computer program
03/21/03
Sri
Predicate Logic For Software Engineering
18
The writer’s intent seems to be to write an expression
that is equivalent to:
y = |x|
(2)
the usual rules for evaluating such expressions require
evaluation of all of the functions and relational operators
before application of the logical operators to the truthvalues that result. For every value of x other than 0,
some component of expression (1) is undefined. With
the standard interpretation of logical operators, which
are defined only for two-value logics, the value of (1) is
not defined except when x is assigned the value 0
03/21/03
Sri
Predicate Logic For Software Engineering
19
Comparison with Other Work





There is a huge and complex literature on the
subject of logic with partial functions
This paper presents a specific proposal and its
illustrated use
Confined to software engineering
Dijsktra’s cand
The interpretation for predicate expressions
proposed here neither specifies the order of
evaluation nor introduces new symbols into logic
03/21/03
Sri
Predicate Logic For Software Engineering
20
Basic Definitions

Predicate – A predicate is a characteristic or attribute
or property that the subject of the statement can have

“No lawyers are shysters ”
A function that returns true or false. Conceptually it
tests for a condition
The property that a bird is an eagle can be expressed
by the predicate:

eagle(x)
• This predicate holds for all birds x which are eagles. For other
birds, the predicate is false
03/21/03
Sri
Predicate Logic For Software Engineering
21
Propositional Logic

Proposition: A proposition is a statement that is
either true or false, but not both
1.
Washington, D.C., is the capital of the United
States of America
2.
2+2=3
Proposition 1 is true, whereas 2 is false
 More complex propositions can be formed by
applying the logical operators (¬, , , etc..)
 Propositional logic formula

Eg.
((p  q)  ¬c)
03/21/03
Sri
Predicate Logic For Software Engineering
22
Predicate Logic
 Predicate
logic allows us to represent fairly
complex facts about the world, and to
derive new facts in a way that guarantees
that, if the initial facts were true then so
are the conclusions. It is a well understood
formal language, with well-defined syntax,
semantics and rules of inference
03/21/03
Sri
Predicate Logic For Software Engineering
23
Predicate Logic contd…
Predicate logic is obtained by extending
propositional logic by using:

1.
2.
3.
03/21/03
Predicates
Variables
Quantifiers
Sri
Predicate Logic For Software Engineering
24
Quantifiers
Two types of Quantification:

1.
Universal quantification
 

2.
Existential quantification
 

03/21/03
x P(x) - P(x) is true for every x
Sri
x P(x) – There is an x for which P(x) is true
Predicate Logic For Software Engineering
25
Tuples

A tuple is an ordered list of one or more simple
tuples

U = {true, false}

Simple n-tuple

– Ordered list of n members of U

Eg. <true, false, true, false>

n-tuple

– Ordered list of n simple tuples
Eg. <<true, false>, true, false>
03/21/03
Sri
You can only find truth with logic if you have already found truth without it
26
Tuples Contd…

When representing specific tuples, we separate
the elements with commas and enclose tuples in
<brackets> to make their structure clear



03/21/03
E.G. <True, false, true, false> represents a simple 4tuple and <<true, false>, true, false> represents a 3tuple that is not a simple 3-tuple
Sk is the set of all simple k-tuples: S1 is U. S is the
union of S1, S2,…, Su ; u is the length of the longest
tuple needed to apply the semantic model developed
below
Tk is the set of all k-tuples. T1 is S. Tk includes Sk . T is
the union of T1, T2, …, Tu
Sri
Predicate Logic For Software Engineering
27
Relations, Functions
 Binary
relations represent relationships
between the elements of two sets
 Relations could be from one-to-many,
whereas functions can’t be from one-tomany
03/21/03
Sri
Predicate Logic For Software Engineering
28
Functions and Characteristic
Predicate

We refer to two types:



Partial functions: functions whose domain is a proper
subset of S
Total functions: functions whose domain includes all
the members of S
Characteristic predicate:

03/21/03
For any set of simple tuples, X, the characteristic
predicate of that set is a predicate whose domain is
S, and whose value, for a simple tuple b, is true if and
only if b is a member of X
Sri
Predicate Logic For Software Engineering
29
The Syntax of Logical Expressions
Built-in functions and Predicates:
1.

the strings f1, ………., fk are the names of
functions
 View functions as set of pairs

R1, …….., Rm are the names
characterizing sets of simple tuples
of
 View predicates as characterizing sets of simple
tuples
03/21/03
Sri
Predicate Logic For Software Engineering
30
Syntax contd…
Terms:
2.


03/21/03
A function application is a string of the form
fj(V). Nothing else is a function
A term is either a member of U, a variable,
or a function application. Nothing else is a
term
Sri
Predicate Logic For Software Engineering
31
Syntax contd…
Primitive Expressions:
3.

Primitive Expression is a string of the form
Rj(V)
 Rj is a characteristic predicate
 V is comma separated list of terms (called
arguments)
03/21/03
Sri
Predicate Logic For Software Engineering
32
Syntax contd…
Predicate Expressions
4.


03/21/03
All primitive expressions are predicate
expressions.
If P, Q: predicate expressions, x: variable,
then
following
are
also
predicate
expressions:
(x , P), (P), (P)  (Q), (P)  (Q), ¬(P)
Sri
There can never be surprises in logic
33
The Meaning of Logical
Expressions
Denotation

each predicate expression is denoted as a
set
subset of Su, where u is the number of
variables that may appear in the
expressions whose meaning is defined.


Assignment


03/21/03
simple u-tuple
Sri The mind has its own logic but does not often let others in on it. *Bernard Devoto
34
Meaning contd…
1.
Evaluating terms for a given assignment:
Mapping val for a term, t, and assignment, A:
1.
If t is a constant representing t’, val(t, A) is t’
2.
If t is a variable, xk, val(t, A) is the kth
element of the assignment A
3.
If t is a function application, ƒk(V), let
1. n be the length of V,
2. if V’ is in the domain of ƒk, val(t, A) is ƒk(V’)
3. if V’ is not in the domain of ƒk, val(t, A) is *
03/21/03
Sri
Predicate Logic For Software Engineering
35
Meaning contd…
Evaluating primitive expressions for a
given assignment:
2.

For a primitive
assignment A
expression
Rj(V),
and
 Let Xj be the set of simple tuples characterized
by Rj
 n be the length of V,
 Vi be the ith element of V, and V’ be simple tuple


03/21/03
Sri
If V’ is in Xj, tval(Rj(V), A) is true
If V’ is not in Xj, tval(Rj(V), A) is false
Predicate Logic For Software Engineering
36
Meaning contd…
The denotation of primitive expressions:
3.
tval(p, A) is true

The denotation of predicate expressions:
4.

If P and Q are predicate expressions:
1. (xk , P), is the set of all assignments, A,  if c is
any value in U, A[k  c] is in the denotation of P
2. (P)  (Q) is the union of P and Q
3. (P)  (Q) is the intersection of P and Q, and
4. ¬(P) is the set of all members of Su that are not in
P
03/21/03
Sri
Predicate Logic For Software Engineering
37
Meaning contd…
Satisfaction of an expression
5.



03/21/03
Expressions that denote empty set are said
to be false
Expressions that denote all of Su are said to
be true
An expression, e, is said to be satisfied by
an assignment, A, if A is a member of the
denotation of e
Sri
Logic is a poor guide compared with custom. *Winston Churchill
38
Meaning contd…
Notational conveniences:
6.

Specify values for some and not for others
 e.g. A list such as “x2 : x24” represents all
assignments in which the second element is 4
and the 24th element is 96
03/21/03
Man has such a predilection for systems and abstract deductions that he is ready to
distort the truth intentionally, he is ready to deny the evidence of his senses only to
Sri
justify his logic. * Fyodor Mikhailovich Dostoyevsky
39
Use in Documentation


Palindrome
(i, 0 ≤ I < n  (B[l+i]=B[l+n-1-i]))
•
03/21/03
Sri
This expression gives the desired results even
though the implication is evaluated outside the
domain of B; the domain is characterized by the
left-hand implication
Logic, like whiskey, loses its beneficial effect when taken in very large quantities.
* Lord Dunsany
40
Use in Documentation
(i, B[i] = x)
¬(i, B[i] = x)
j|
B[j] = x
true
present=
true
false
Relational description of a program that searches B for the value of x
41
Use in Documentation contd…

(i, B[i] = C[i])



03/21/03
Here we are looking for matching elements in
two arrays
When the value of i is outside the index set of
either B or C, the value of B[i] = C[i] is false
This is the logic which has been basically
presented in this paper
Sri
Predicate Logic For Software Engineering
42
Conclusions
1.
2.
Not necessary to introduce either a third
variable or conditional operators in order
to deal with partial functions
Not only is the “motivating example”, eq
(1), fully defined using the set-theoretic
operations but also greatly simplified:
(y = x)  (y = -x)
03/21/03
Sri
Predicate Logic For Software Engineering
43
Conclusions contd…
Compact readable formulation is crucial
Easier to comprehend
Drawbacks
with
some
complementary
predicates – price for allowing partial functions
3.
4.
5.
1.
2.
03/21/03
x > y would not denote the complement x ≤ y.
both evaluate to false if either x or y is assigned
negative value
a = a cannot be assigned a value of true if U
includes negative values
Sri
A mind all logic is like a knife all blade. It makes the hand bleed that uses it.
*Rabindranath Tagore
44
Conclusions contd…
6.
7.
8.
The properties of the functions used
should be stated precisely
Axiom of reflection does not hold in this
interpretation
Simplification is obtained by making
primitive predicates evaluate to false
whenever one or more of their
arguments are undefined
03/21/03
Sri
Logic is the art of going wrong with confidence
45
Conclusions contd…
Parnas believes that these are proper
decisions because:
1.
2.
3.
03/21/03
Keeping logic simple is essential to practical
application
The assigned meanings are consistent with
intuitive interpretations, and
The formulae that results are relatively
simple for cases arising frequently
Sri
Predicate Logic For Software Engineering
46
Questions And Suggestions!!!!!!!
03/21/03
Sri
Predicate Logic For Software Engineering
47
References
 http://www.cee.hw.ac.uk/~alison/ai3notes
 Discrete
Mathematics and Its Applications
- Kenneth Rosen, Fourth Edition
 Software
Fundamentals
- Collected Papers by David L. Parnas
03/21/03
Sri
Predicate Logic For Software Engineering
48