![Isabelle/HOL encoding of FFOL\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$${\text {FFOL}} $$\end{document} (with ⋆\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\star $$\end{document} and definite description)](https://www.researchgate.net/profile/Christoph-Benzmueller/publication/330071648/figure/fig4/AS:961691319812100@1606296486594/Isabelle-HOL-encoding-of-FFOLdocumentclass12ptminimal-usepackageamsmath_Q320.jpg)
![Encoding of Axioms Set V in Isabelle/HOL utilizing the embedded logic FFOL\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$${\text {FFOL}} $$\end{document}; Axioms Set V is proven equivalent to Axioms Set IV](https://www.researchgate.net/profile/Christoph-Benzmueller/publication/330071648/figure/fig5/AS:961691323998211@1606296487127/Encoding-of-Axioms-Set-V-in-Isabelle-HOL-utilizing-the-embedded-logic_Q320.jpg)
Content uploaded by Christoph Benzmüller
Author content
All content in this area was uploaded by Christoph Benzmüller on Jan 14, 2019
Content may be subject to copyright.
Noname manuscript No.
(will be inserted by the editor)
Automating Free Logic in HOL, with an
Experimental Application in Category Theory
Christoph Benzm¨uller and Dana S. Scott
Received: date / Accepted: date
Abstract A shallow semantical embedding of free logic in classical higher-
order logic is presented, which enables the off-the-shelf application of higher-
order interactive and automated theorem provers for the formalisation and
verification of free logic theories. Subsequently, this approach is applied to a
selected domain of mathematics: starting from a generalization of the standard
axioms for a monoid we present a stepwise development of various, mutually
equivalent foundational axiom systems for category theory. As a side-effect of
this work some (minor) issues in a prominent category theory textbook have
been revealed.
The purpose of this article is not to claim any novel results in category the-
ory, but to demonstrate an elegant way to “implement” and utilize interactive
and automated reasoning in free logic, and to present illustrative experiments.
Keywords Free Logic ·Classical Higher-Order Logic ·Category Theory ·
Interactive and Automated Theorem Proving
1 Introduction
Partiality and undefinedness are prominent challenges in various areas of math-
ematics and computer science. Unfortunately, however, modern proof assistant
systems and automated theorem provers based on traditional classical or intu-
itionistic logics provide rather inadequate support for these challenge concepts.
Benzm¨uller received funding from the German National Research Foundation DFG under
Heisenberg grant Towards Computational Metaphysics (BE 2501/9-2) and from Volkswa-
genStiftung under grant Consistent Rational Argumentation in Politics (CRAP).
Christoph Benzm¨uller
Freie Universit¨at Berlin, Berlin, Germany & University of Luxembourg, Luxembourg
E-mail: c.benzmueller@gmail.com
Dana S. Scott
Visiting Scholar at University of California, Berkeley, USA
E-mail: dana.scott@cs.cmu.edu
2 Christoph Benzm¨uller and Dana S. Scott
Free logic [24,25,30,32] offers a theoretically appealing solution, but it has been
considered as rather unsuited towards practical utilization.
In the first part of this article (§2 and §3) we show how free logic can be
elegantly “implemented” in any theorem proving system for classical higher-
order logic (HOL) [8]. The proposed solution employs a semantic embedding of
free logic in HOL. We present, as an example, one implementation of this idea
in the proof assistant Isabelle/HOL [29]. Various state-of-the-art first-order
and higher-order automated theorem provers and model finders are integrated
(modulo suitable logic translations) with Isabelle via the Sledgehammer tool
[15], so that our solution can be utilized, via Isabelle as foreground system, with
a whole range of other background reasoners, such as SMT solvers and first-
order and higher-order automated theorem provers.1As a result we obtain an
elegant and powerful implementation of an interactive and automated theorem
proving (and model finding) system for free logic.
To demonstrate the practical relevance of our new system, we present in
§4 a stepwise development of axioms systems for category theory by general-
izing the standard axioms for a monoid to a partial composition operation.
Our purpose is not to make or claim any contribution to category theory but
rather to show how formalizations involving the kind of logic required (free
logic) can be implemented and validated within modern proof assistants such
as Isabelle/HOL. We also address the relation of our axiom systems to al-
ternative proposals from the literature, including an axiom set proposed by
Freyd and Scedrov in their textbook “Categories, Allegories” [22] for which
we reveal a technical flaw: either all operations, e.g. morphism composition,
are total or their axiom system is inconsistent. The repair for this problem is
quite straightforward, however. The solution essentially corresponds to a set
of axioms proposed by Scott [33] in the 1970s.
Our exploration has been significantly supported by series of experiments
in which automated reasoning tools have been called from within the proof as-
sistant Isabelle/HOL via the Sledgehammer tool. Moreover, we have obtained
very useful feedback at various stages from the model finder Nitpick [16], sav-
ing us from making several mistakes.
At the conceptual level this paper exemplifies a new style of explorative
mathematics which rests on a significant amount of human-machine interac-
tion with integrated interactive-automated theorem proving technology. The
experiments we have conducted are such that the required reasoning is of-
ten too tedious and time-consuming for humans to be carried out repeatedly
with highest level of precision. It is here where cycles of formalization and
experimentation efforts in Isabelle/HOL provided significant support. More-
over, the technical inconsistency issue for axiom system VII was discovered
by automated theorem provers, which further emphasizes the added value of
automated theorem proving in this area.
The content of article is based on the contributions reported in two previous
papers [9, 10].
1Cf. §4.4 for further information.
Automating Free Logic in HOL 3
2 Preliminaries
2.1 Free Logic
Free logic (respectively inclusive logic) [24,25,30,32] refers to a class of logic for-
malisms that are free of basic existence assumptions regarding the denotation
of terms.2Remember that terms in e.g. traditional classical and intuitionistic
predicate logics always denote an (existing) object in a given (non-empty) do-
main D, and that Dis also exactly the set the quantifiers range over. In free
logic these basic assumptions are abolished. Terms do still denote objects in a
(non-empty) domain D, but a (possibly empty) set E⊂Dis chosen to charac-
terize the subdomain of “existing” resp. “defined” objects in D. Quantification
is now restricted to set Eof existing/defined objects only.
It is obvious how this can be used to model undefideness and partiality:
problematic terms, e.g. division by zero or improper definite descriptions, still
denote, but they refer to undefined objects, that is, objects din D\Elying
outside of the scope of quantification. Moreover, a function fis total if and
only if for all xwe have Ex−→ E(fx).3For partial functions fwe may have
some xsuch that Exbut not E(fx). A function fis called strict if and only
if for all x∈Dwe have E(f x)−→ Ex.
The particular version of free logic as exploited in the remainder of this
article was proposed by Scott [32]. A graphical illustration of this notion of
free logic is presented in Fig. 1. It employs a distinguished undefined object
?.4
We next formally introduce the syntax and semantics of free logic as to be
used in the remainder of this article. We refer to this logic as FFOL.
Definition 1 (Syntax of FFOL) We start with a denumerable set V of
variable symbols, a denumerable set F of n-ary function symbols (n≥0),
and a denumerable set P of n-ary predicate symbols (n≥0).
The terms and formulas of FFOL are formally defined as the smallest sets
such that:
1. each variable x∈V is a term of FFOL,
2. given any n-ary (n≥0) function symbol f∈F and terms t1, . . . , tnof
FFOL, then f(t1, . . . , tn)is a term of FFOL,
3. given terms t1and t2of FFOL, then t1=t2is an (atomic) formula of
FFOL,
4. given any n-ary (n≥0) predicate symbol p∈P and terms t1, . . . , tnof
FFOL, then p(t1, . . . , tn)is an (atomic) formula of FFOL,
5. given formulas rand sof FFOL, then ¬r,r→sand ∀x r are (compound)
formulas of FFOL, and
6. given a formula rof FFOL, then
ι
x r is a term of FFOL (definite descrip-
tion).
2Calculi for free logic are presented in [30]; see also the references therein.
3The predication Exrepresents that xis a member of E.
4The ?symbol is not to be confused with any other symbol in Isabelle/HOL.
4 Christoph Benzm¨uller and Dana S. Scott
E: existing objects
values of bound variables
D: raw objects
values of free variables
?
undefined
Fig. 1 Illustration of the Semantical Domains of Free Logic
Further terms and formulas of FFOL, including various defined notions of
equality, can be introduced as abbreviations.
Avariable assignment gmaps variables x∈Vto elements in D.g[d/x]
denotes the assignment that is identical to g, except for variable x, which is
now mapped to d.
Regarding the semantics different options have been proposed in the liter-
ature. For example, instead of a possible empty set of existing objects E, we
could postulate non-emptiness of E. In fact, our approach below can be easily
adapted for different variants of free and inclusive logic. Here we closely follow
the notion of free logic as proposed by Scott [32].
Definition 2 (Model of FFOL) Amodel (structure) for FFOL consists of
a quadruple M=hD, E, I , ?i, where Dis a non-empty raw domain of objects,
E⊂Da possible empty set of existing/defined objects, and Ian interpretation
function mapping 0-ary function symbols (constants) to defined objects d∈
E, 0-ary predicate symbols (propositions) to True or False, n-ary function
symbols (for n≥1) to n-ary functions D× · · · × D−→ Dand n-ary predicate
symbols (for n≥1) to n-ary relations D× · · · × D. True or False denote
truth and falsehood respectively. Finally, ?∈D\E is a designated (non-
existing/undefined) object.
Definition 3 (Evaluation Function for FFOL) The value kskM,g of a
term or formula s∈FFOL in a model M=hD, E, I , ?iunder assignment
gdefined in the following way:
Terms
1. kxkM,g =g(x)for variable symbols x∈V
2. kckM,g =I(c), where c∈F is an 0-ary function symbol
Automating Free Logic in HOL 5
3. kf(t1, . . . , tn)kM,g =I(f)(kt1kM,g ,...,ktnkM,g), where f∈F is an
n-ary (n≥1) function symbol
4. k
ι
x rkM,g =d∈E , such that krkM,g[d/x]=True and krkM,g[d0/x]=
False for all d06=d∈E (i.e. dis the unique existing object for which r
holds); if there is no such d∈E, then k
ι
x rkM,g =?
Formulas
5. kqkM,g =I(q), where q∈P is an 0-ary predicate symbol
6. kt1=t2kM,g =True if and only if kt1kM,g =kt2kM ,g (this basic notion
of primitive equality on Dimplies that equations between “undefined”
terms such as 1/0=1/0are evaluated to True; later, in §4, we will
define and utilize further notions of equality, including Kleene equality
and existing equality, which behave differently).
7. kp(t1, . . . , tn)kM,g =True if and only if (kt1kM,g ,...,ktnkM,g)∈I(p)
for n-ary (n≥1) predicate symbols p∈P
8. k¬rkM,g =True if and only if krkM,g =False
9. kr→skM,g =True if and only if krkM,g =False or kskM ,g =True
10. k∀x rkM,g =True if and only if for all d∈E we have krkM ,g[d/x]=
True
Definition 4 (Validity) A formula sois true in model Munder assignment
gif and only if ksokM,g =T rue; this is also denoted as M, g |=FFOL so. A
formula sois called valid in M, which is denoted as M|=FFOL so, if and only
if M, g |=FFOL sofor all assignments g. Finally, a formula sois called valid,
which we denote by |=FFOL so, if and only if sois valid for all M.
2.2 Classical Higher-Order Logic
Simple type theory, also referred to as classical higher-order logic (HOL) [2], is
an expressive logic formalism which is based on the simply typed λ-calculus [3].
HOL has its origin in the work of Church [19].
For a detailed discussion of the syntax, semantics and automation of HOL
we refer to the literature (see e.g. [2,6, 8] and the references therein). Below we
introduce a variant of HOL with primitive equality and definite descriptions.
Definition 5 (Types) The set Tof simple types is freely generated from a
set of basic types {o,i}using the function type constructor .ois the type
of Booleans and iis the type of individuals. We may avoid parentheses if the
structure of a complex type is clear in context.
Definition 6 (Syntax of HOL) The terms of HOL with primitive equality
and definite description are defined by the following grammar:5
s,t::= pα|Xα|(λXαsβ)αβ|(sαβtα)β|sα=tα|¬ooso|
((∨oooso)to)|∀(αo)o(λXαso)|
ι
(αo)α(λXαso)
5It is well known that we could work with a much smaller set of logical connectives, see
e.g. §1.4 of Andrews’s overview article [2]. The choice here closely reflects the set of primitive
connectives as chosen in higher-order automated theorem provers such as LEO-II [13], Leo-
III [12], and Satallax [18].
6 Christoph Benzm¨uller and Dana S. Scott
where α,β∈T.pαdenotes typed constants and Xαtyped variables (distinct
from pα). Complex typed terms are constructed via abstraction and applica-
tion. The type of each term is given as a subscript. Terms soof type oare called
formulas. The logical connectives of choice are ¬oo,∨ooo,=ααo,
∀(αo)oand
ι
(αo)α(where α∈T). Type subscripts may be dropped if
irrelevant or obvious. Similarly, parentheses may be avoided. Binder notation
∀Xαsoand
ι
Xαsois used as shorthand for ∀(λXαso)and
ι
(λXαso),
and infix notation s∨tis employed instead of ((∨s)t). From the above con-
nectives, other logical connectives, such as >,⊥,∧,→,≡and ∃, can be de-
fined in the usual way. For example, →can be defined as λXoλYo¬X∨Y
and ∧as λXoλYo¬(¬X∨ ¬Y).
We assume familiarity with λ-conversion (e.g. α-renaming and βη-
reduction) and βη-normal forms [3].
Avariable assignment gmaps variables Xαto elements in Dα.g[d/W ]
denotes the assignment that is identical to g, except for variable W, which is
now mapped to d.
Definition 7 (Frame for HOL) Aframe Dis a collection {Dα}α∈Tof
nonempty sets Dα, such that Do={True,False}(where, as before, True
and False denote truth and falsehood). The Dαβare collections of functions
mapping Dαinto Dβ.
Definition 8 (Model for HOL) Amodel (structure) for HOL is a tuple
M=hD, Ii, where Dis a frame, and Iis a family of typed interpretation
functions mapping constant symbols pαto appropriate elements of Dα, called
the denotation of pα(the logical connectives ¬,∨, and ∀are always given
the standard denotations, see below). Moreover, we assume that the domains
Dααocontain the respective identity relations.
Definition 9 (Evaluation Function for HOL) The value ksαkM,g of a
HOL term sαon a model M=hD, Iiunder assignment gis an element
d∈Dαdefined in the following way:
1. kpαkM,g =I(pα)
2. kXαkM,g =g(Xα)
3. k(sαβtα)βkM,g =ksαβkM,g (ktαkM,g)
4. k(λXαsβ)αβkM,g =the function ffrom Dαto Dβsuch that f(d)=
ksβkM,g[d/Xα]for all d∈Dα
5. ksα=tαkM,g =True if and only if ksαkM,g =ktαkM,g
6. k(¬ooso)okM,g =True if and only if ksokM,g =False
7. k((∨oooso)to)okM,g =True if and only if ksokM,g =True or
ktokM,g =True
8. k(∀(αo)o(λXαso))okM,g =True if and only if for all d∈Dαwe
have ksokM,g[d/Xα]=True
9. k(
ι
(αo)α(λXαso))okM,g =dif there exists a unique d∈Dαsuch
that ksokM,g[d/Xα]=True, otherwise k(
ι
(αo)α(λXαso))okM,g =e
for an arbitrary element e∈Dα
Automating Free Logic in HOL 7
Definition 10 (Standard and Henkin models) A model M=hD, Iiis
called a standard model if and only if for all α, β ∈Twe have Dαβ=
{f|f:Dα−→ Dβ}. In a Henkin model function spaces are not necessarily
full. Instead it is only required that Dαβ⊆ {f|f:Dα−→ Dβ}(for all
α, β ∈T) and that the valuation function k · kM,g from above is total (i.e.,
every term denotes). Any standard model is obviously also a Henkin model.
We consider Henkin models in the remainder. For more details on Henkin
semantics, its proof theory and examples of sound and complete calculi we
refer to the literature (e.g. [6, 7]).
Definition 11 (Validity) A formula sois true in model Munder assign-
ment gif and only if ksokM,g =True; this is also denoted as M, g |=HOL so.
A formula sois called valid in M, which is denoted as M|=HOL so, if and
only if M, g |=HOL sofor all assignments g. Finally, a formula sois called
valid, which we denote by |=HOL so, if and only if sois valid for all M.
3 Shallow Semantical Embedding of FFOL in HOL
We now present a shallow embedding of FFOL in HOL by identifying the
language constructs of FFOL with corresponding terms of HOL. In this em-
bedding the raw domain Dof a FFOL model is identified with the domain of
individuals Diin a corresponding HOL model. The subdomain Eof existing
objects is characterized in the embedding by a HOL predicate Eof type io.
Hence, we assume in the remainder that a respective uninterpreted constant
symbol Eiois given in the signature of HOL. Moreover, we assume that an
uninterpreted constant symbol ?of type iis in the signature of HOL. Finally,
we assume that kE ?ikM,g =Ffor all M, g, i.e. that the element denoted
by ?iis not an element of the domain of existing objects denoted by Eio
(technically this can be achieved by postulating a respective axiom).
Definition 12 (Embedding of FFOL in HOL) Given a formula s∈
FFOL. We map sto a corresponding term bsof HOL. This mapping is de-
fined as follows:
8 Christoph Benzm¨uller and Dana S. Scott
bx:= Xifor all x∈V
d
f(t1, . . . , tn):= (b
fb
t1. . . b
tn)for all n-ary f∈F(n≥0)
where b
f=fis an uninterpreted
constant symbol of type i. . . i
| {z }
n≥o
i
d
s=t:= bs=b
t
d
p(t1, . . . , tn):= (bpb
t1. . . b
tn)for all n-ary p∈P(n≥0)
where bp=pis an uninterpreted
constant symbol of type i. . . i
| {z }
n≥o
o
c¬s:= ¬bs
ds→r:= bs→br
d
∀x r := ∀XiEXi→br
d
ι
x r := IfThenElse
(∃XiEX∧br∧(∀Yi(EY∧((λXibr)Y)) →Y=X))
(
ι
Xibr)
?
where IfThenElse is an abbreviation for the term
λSoλXiλYi
ι
Zi(So∧Z=X)∨(¬So∧Z=Y)
The above mapping induces mappings from the sets b
V,b
Fand b
Pof FFOL
to corresponding variables (of type i), uninterpreted function symbols and
uninterpreted predicate symbols in HOL, respectively.
To prove soundness and completeness6for the embedding, a mapping from
FFOL models into Henkin models is employed. This mapping utilizes a map-
ping of F F OL variable assignments ginto corresponding HOL variable assign-
ments g(remember that FFOL domains Dare identified with HOL domains
Di, i.e. b
D=Di): let gbe a variable assignment for FFOL. Then bg:b
V7→ b
Dfor
HOL is defined such that bg(Xi) = bg(bx) = g(x) for all Xi∈b
V. Finally, bgis ex-
tended to an assignment for arbitrary variables by choosing bg(Yα) = d∈Dα
arbitrary whenever Yα/∈b
V.
Definition 13 (Henkin model c
Mfor FFOL model M)Given a FFOL
model M=hD, E, I, ?i. The Henkin model c
M=h{Dα}α∈T, Iifor Mis
defined as follows:
–Di=D
–Do={True,False}
–Dαβare chosen as (not necessarily full) collections of functions from Dα
to Dβ. Remember, however, that the choice of Dαβmust always ensure
that the evaluation function k · k
c
M,b
gbelow remains total, i.e. that all terms
denote. In particular, it is required that Diocontains the element IEio
as characterized below.
–The interpretation function Iof c
Mis chosen as follows:
6Similar soundness and completeness proofs for shallow semantical embeddings have been
presented in [4] and [5].
Automating Free Logic in HOL 9
–I?i=?∈Di
–For all d∈Diwe have: (IEio)(d) = Tif and only if d∈E. Note
that this implies (IEio)(?i) = F.
–For all f=b
f∈b
Fwe have: (If)(d1,...,dn)=(If)(d1,...,dn)for
all di∈Di(i= 1, . . . , n and n≥0).
–For all p=bp∈b
Pwe have: (Ip)(d1,...,dn) = Tif and only if
(d1,...,dn)∈(Ip)for all di∈Di(i= 1, . . . , n and n≥0).
–For all other constants cα, choose Icα∈Dαarbitrary.7
It is not hard to verify that c
Mis a Henkin model.8
Lemma 14 Let c
Mbe a Henkin model for FFOL model M. For all terms and
formulas s∈FFOL and variable assignments gwe have kskM,g =kbsk
c
M,bg.
Proof The proof is by induction on the structure of s.
For s=x∈Vthe claim follows from the definition of bg. For s=c∈F,
where cis 0-ary, we get the claim by the choice of Iin c
M, and for s=
f(t1, . . . , tn), where f∈Fis n-ary (n≥1), we additionally need to apply the
induction hypothesis. The arguments for s=q∈P, where qis 0-ary, and
for s=p(t1, . . . , tn), where p∈Pis n-ary (n≥1), are similar. The most
complicated case is when s=
ι
x r. We here consider two cases. We either have
d∈Ewith krkM,g[d/x]=True and krkM,g[d0/x]=False for all d06=d∈E (i.e.
dis the unique existing object for which rholds) or there is no such d∈E . In
the former case we have k
ι
x rkM,g =d∈E . By the definition of the embedding
b
·, definition of c
Mand bg,λ-conversion, induction hypothesis and a series of
evaluation steps in HOL we get kd
ι
x rk
c
M,bg=k
ι
xbrk
c
M,bg=d∈E (for the very
same das above). In the second case we have k
ι
x rkM,g =?. Again we apply
the definition of the embedding b
·, the definition of c
Mand bg,λ-conversion,
induction hypothesis and a series of tedious evaluation steps in HOL to verify
that kd
ι
x rk
c
M,bg=?=?. The remaining cases are similar (actually simpler)
and left to the reader. 2
Theorem 15 (Soundness and Completeness of the Embedding)
For all formulas s∈F F OL we have |=FFOL sif and only if |=HOL bs.
Proof (Soundness, ←) The proof is by contraposition. Assume 6|=FFOL s, i.e,
there is a FFOL model Mand an assignment gsuch that kskM,g =False. By
Lemma 14 we have kbsk
c
M,bg=False. Hence, we get 6|=HOL bs.
(Completeness, →) Analogous to above by contraposition and Lemma 14.
7In fact, it may be safely assumed that there are no other constant symbols given in a
HOL signature, except for the symbols in
b
Fand
b
P, the symbols Eioand ?iand the logical
connectives.
8The fixings introduced in
c
Mare not in conflict with any of the requirements regarding
frames and interpretations. The existence of a valuation function Vfor an HOL inter-
pretation crucially depends on how sparse the function spaces have been chosen in frame
{Dα}α∈T. Andrews [1] discusses criteria that are sufficient to ensure the existence of a
valuation function; in
c
Mthese requirements are met.
10 Christoph Benzm¨uller and Dana S. Scott
The above results enable the employment of any theorem prover that sup-
ports HOL with definite description to reason with FFOL, including TPTP
THF [34] compliant systems such as Satallax, Nitpick, LEO-II and Leo-III.
Alternatively, this theory can be encoded in interactive proof assistants such
as Isabelle/HOL, which is the option we have chosen here. We thereby sig-
nificantly benefit from the powerful proof automation means as provided in
Isabelle/HOL, in particular, from the integrated model finder Nitpick, the
SMT solvers CVC4 [20] and Z3 [28], and the first-order theorem provers E [31]
and Spass [17].
The different properties of FFOL could now be experimentally explored
with automated reasoning tools for HOL. We have conducted such experiments
in an earlier paper [9]. These experiments confirm the illustrative examples
discussed in Scott’s paper [32].
4 Exploring Axioms Systems for Category Theory
In an experimental theory-exploration study, utilizing the free logic reasoning
framework from above, we have shown how Scott’s [33] axiom system for cat-
egory theory can be derived from a notion of partial monoids. These axioms
systems are presented in Table 1.
The stepwise evolution has been described in detail in [10]. Below we sum-
marize these experiments. However, first we describe some basic modeling
decisions for the technical encoding in Isabelle/HOL.
The sources of our experiments as conducted here are avail-
able at http://christoph-benzmueller.de/papers/2018-JAR-sources.
zip. These sources contain an embedding of full free logic in Isabelle/HOL,
that is, with ?and definite description (cf. Fig. 2). In [10], ?and definite
description were still avoided; they are in fact not really relevant for the con-
ducted experiments.
Figure 2 displays (parts of) the embedding of FFOL in HOL, encoded in
Isabelle/HOL, that we have employed in our experiments.9An excerpt of these
experiments is shown in Fig. 3.
4.1 Modeling of basic concepts
Morphisms in the category are modeled as objects in D(respectively, Di). We
introduce three partial functions, dom (domain), cod (codomain), and ·(mor-
phism composition). Partiality of composition is handled exactly as expected:
we generally may have non-existing compositions x·y(i.e. ¬(E(x·y))) for
some existing morphisms xand y(i.e. Exand Ey).
9In the remainder of this article, and inline with our text so far, we present the formulas
of FFOL in non-boldface font. These formulas have been encoded in Isabelle/HOL using the
abbreviations as introduced in Fig. 2. In the actual source encoding, however, the usage of
boldface and non-boldface is (for technical reasons) reversed.
Automating Free Logic in HOL 11
Axioms Set I
SiE(x·y)−→ (Ex∧Ey)
EiE(x·y)←− (Ex∧Ey∧(∃z z ·z∼
=z∧x·z∼
=x∧z·y∼
=y))
Aix·(y·z)∼
=(x·y)·z
Ci∀y∃iIi∧i·y∼
=y
Di∀x∃jIj∧x·j∼
=x
Axioms Set II
Sii E(x·y)−→ (Ex∧Ey)∧(E(dom x)−→ Ex)∧(E(cod y)−→ Ey)
Eii E(x·y)←− (Ex∧Ey∧(∃z z ·z∼
=z∧x·z∼
=x∧z·y∼
=y))
Aii x·(y·z)∼
=(x·y)·z
Cii Ey−→ (I(cod y)∧(cod y)·y∼
=y)
Dii Ex−→ (I(dom x)∧x·(dom x)∼
=x)
Axioms Set III
Siii E(x·y)−→ (Ex∧Ey)∧(E(dom x)−→ Ex)∧(E(cod y)−→ Ey)
Eiii E(x·y)←− (dom x∼
=cod y∧E(cod y)))
Aiii x·(y·z)∼
=(x·y)·z
Ciii Ey−→ (I(cod y)∧(cod y)·y∼
=y)
Diii Ex−→ (I(dom x)∧x·(dom x)∼
=x)
Axioms Set IV
Siv E(x·y)−→ (Ex∧Ey)∧(E(dom x)−→ Ex)∧(E(cod y)−→ Ey)
Eiv E(x·y)←→ (dom x∼
=cod y∧E(cod y)))
Aiv x·(y·z)∼
=(x·y)·z
Civ (cod y)·y∼
=y
Div x·(dom x)∼
=x
Axioms Set V (Scott 79, [33])
S1E(dom x)−→ Ex
S2E(cod y)−→ Ey
S3E(x·y)←→ dom x'cod y
S4x·(y·z)∼
=(x·y)·z
S5 (cod y)·y∼
=y
S6x·(dom x)∼
=x
Table 1 Stepwise evolution of Scott’s [33] axiom system for category theory from partial
monoids. The axiom names are motivated as follows: Sstands for strictness, Efor existence,
Afor associativity, Cfor codomain, Dfor Domain. The free variables x,y,zrange over the
raw domain D. The quantifiers in Axioms Sets I and II are free logic quantifiers, that is,
they range over the domain Eof existing objects.
12 Christoph Benzm¨uller and Dana S. Scott
Fig. 2 Isabelle/HOL encoding of FFOL (with ?and definite description).
For composition ·we assume set-theoretical composition here (i.e., func-
tional composition from right to left). This means that
(cod x)·(x·(dom x)) ∼
=x
and that
(x·y)a∼
=x(ya) when dom x'cod y
The equality symbol ∼
=denotes Kleene equality and it is defined as follows
(where = is identity on all objects, existing or non-existing, of type i):
x∼
=y:= (Ex∨Ey)−→ x=y
Existing identity 'is defined as:
x'y:= Ex∧Ey∧x=y
Automating Free Logic in HOL 13
Fig. 3 Encoding of Axioms Set V in Isabelle/HOL utilizing the embedded logic FFOL;
Axioms Set V is proven equivalent to Axioms Set IV.
∼
=is an equivalence relation. ', in contrast, is only symmetric and transi-
tive, and lacks reflexivity. These observations are quickly confirmed by Sledge-
hammer in Isabelle.
Next, we define the identity morphism predicate Ias follows:
Ii:= (∀xE(i·x)−→ i·x∼
=x)∧(∀xE(x·i)−→ x·i∼
=x)
This definition was suggested by an exercise in the textbook by Freyd and
Scedrov [22] on p. 4. In earlier experiments we used a longer definition which
can be proved equivalent on the basis of the other axioms. For monoids, where
composition is total, Iimeans iis a two-sided identity — and such are unique.
For categories the property is much weaker.
14 Christoph Benzm¨uller and Dana S. Scott
4.2 Consistency
The model finder Nitpick confirms consistency for all of the axioms sets from
Table 1. For example, when asked to consider at least one defined and one un-
defined object, then Nitpick generates for all cases the following model (called
M1in the remainder): D={ii, i2}and E={i1};i1·i1is i1, and i2in all other
cases; cod and dom are identity on D. Without constraining the request, Nit-
pick generates an even simpler model (called M0in the remainder): D={ii}
and E=∅;i1·i1is i1;cod and dom are identity on D. It is trivial to check that
these models indeed confirm the consistency of all axioms sets from Table 1.
4.3 Axioms Sets I and II
Axioms Set I is our most basic set of axioms for category theory generalizing
the axioms for a monoid to a partial composition operation. Remember that
a monoid is an algebraic structure (S, ◦), where ◦is a binary operator on set
S, satisfying the following properties:
Closure: ∀a, b ∈S a ◦b∈S
Associativity: ∀a, b, c ∈S a ◦(b◦c)=(a◦b)◦c
Identity: ∃idS∈S∀a∈S idS◦a=a=a◦idS
That is, a monoid is a semigroup with a two-sided identity element.
Axioms Set I generalizes the notion of a monoid by introducing a partial,
strict binary composition operation ·. The existence of left and right identity
elements is addressed in the last two axioms. The notions of dom (domain)
and cod (codomain) abstract from their common meaning in the context of
sets. In category theory we work with just a single type of objects (the type
iin our setting) and therefore identity morphisms are employed to suitably
characterize their meanings.
We can prove that the iin axiom Ciand the jin axiom Diare unique. The
proofs and the dependencies can be found automatically by Sledgehammer.
∀y∃iIi∧i·y∼
=y∧(∀j(Ij∧j·y∼
=y)−→ i∼
=j) (by Ai, Ci, Si)
∀x∃jIj∧x·j∼
=x∧(∀i(Ii∧x·i∼
=x)−→ j∼
=i) (by Ai, Di, Si)
However, the iand jneed not be equal. Using existential variables Cand
D, this can be encoded in our formalization as follows:
∃C∃D(∀yI(Cy)∧(Cy)·y∼
=y)∧(∀xI(Dx)∧x·(Dx)∼
=x)∧D6=C
The model finder Nitpick confirms that this formula is satisfiable: e.g.
choose domain D={i1, i2}and E={i2};i2·i2returns i2, and i1in all
other cases; variable Dis identity on domain D, but Cmaps both i1and i2
to i2.
Axioms Set II is developed from Axioms Set I by Skolemization of the
existentially quantified variables iand jin axioms Ciand Di. We can argue
Automating Free Logic in HOL 15
semantically that every model of Axioms Set I has such functions. Hence, we
get a conservative extension of Axioms Set I. This could be done for any theory
with an “∀x∃i”-axiom. The strictness axiom Sis extended, so that strictness
is now also postulated for the new Skolem functions dom and cod. Note that
the values of Skolem functions outside Ecan just be given by the identity
function.
The left-to-right direction of existence axiom Eii is implied.
E(x·y)−→ (E x ∧Ey ∧(∃z z ·z∼
=z∧x·z∼
=x∧z·y∼
=y)) (by Aii, Cii, Sii )
Axioms Cii and Dii, together with Sii , show that dom and cod are total
functions, as intended:
Ex −→ E(dom x) (by Dii, Sii)
Ex −→ E(cod x) (by Cii, Sii )
The proofs are found by the Sledgehammer tool and automatically re-
constructed in Isabelle/HOL. Further information on these experiments are
provided in §4.4 below. Using Sledgehammer we have also shown that Axioms
Set II implies Axioms Set I. Vice versa, Axioms Set I also implies Axioms Set
II. This can easily be shown by semantical means on the meta-level.
4.4 Remark on the Experiments
All proofs above and all proofs in the rest of this paper (unless stated other-
wise) have been obtained fully automatically in very reasonable time (typically
just a few seconds) with the Sledgehammer tool in Isabelle/HOL (version Is-
abelle2017). This tool interfaces to prominent first-order automated theorem
provers such as CVC4 [20], Z3 [28], E [31] and Spass [17]. Remotely, also
provers such as Vampire [23], or the higher-order provers Satallax [18] and
LEO-II [13] can be reached. For example, to prove axiom Eiii from Axioms
Set II, we have called Sledgehammer on all axioms of Axioms Set II. The
provers then, via Sledgehammer, suggested to call trusted/verified tools in Is-
abelle/HOL with the exactly required dependencies they detected, in this case
Cii,Dii ,Eii and Sii. With the provided dependency information the trusted
tools in Isabelle/HOL were then able to reconstruct the external proofs on
their own. This way we obtain a verification of our claims in Isabelle/HOL, in
which all the proofs have nevertheless been contributed by automated theorem
provers. For further information on the use and functioning of Sledgehammer
we refer to the literature [14,15].
In our experiments we have also made use of the Isabelle/HOL’s smt
method, which “translates the conjecture and any user-supplied facts to the
SMT solvers’ many-sorted first-order logic, invokes a solver, and (depending
on the solver) either trusts the result or attempts to reconstruct the proof in
16 Christoph Benzm¨uller and Dana S. Scott
Isabelle.” [15, p. 5].10 For quite some time the use of the smt method has been
controversially discussed in the Isabelle/HOL community, and there is in fact
a significant difference between using the smt method in combination with Z3
or with CVC4, as we prefer. When setting the solver to CVC4, the contributed
proofs are accepted and being trusted without replaying them in the Isabelle
kernel. Proofs contributed by Z3, in contrast, are never trusted and always
replayed in Isabelle’s kernel. For the work presented here this community in-
ternal discussion is of minor relevance, so that we decided to continue working
with CVC4 in order to keep our formalisation concise and also because CVC4
performed surprisingly well in our experiments.11
4.5 Axioms Sets III, IV and V
In Axioms Set III the existence axiom Eii from Axioms Set II is simplified by
taking advantage of the two new Skolem functions dom and cod.
The left-to-right direction of existence axiom Eiii is implied.
E(x·y)−→ (dom x∼
=cod y∧E(cod y)) (by Aiii, Ciii , Diii, Siii)
Axioms Set IV simplifies the axioms Ciii and Diii. However, as it turned
out, these simplifications also require the existence axiom Eiii to be strength-
ened into an equivalence.
Axioms Set V has been proposed by Scott [33] in the 1970s. This set of
axioms is equivalent to the axioms set presented by Freyd and Scedrov in
their textbook “Categories, Allegories” [22], when encoded in free logic, cor-
rected/adapted and further simplified. Their axioms set is technically flawed
when encoded in our given context. This issue has been detected by automated
theorem provers with the same technical infrastructure as employed so far. See
§5 for more details.
Axioms Sets II, III, IV and V are equivalent; this has been automatically
confirmed by the automated theorem provers and verified in Isabelle/HOL.
5 Assessment of the Axiom System by Freyd and Scedrov
In this section we study the axioms set of Freyd and Scedrov from their text-
book “Categories, Allegories” [22]. In §5.1 we show that their axioms set,
replicated in Table 2 as Axioms Set FS-I, becomes inconsistent in our free
logic setting if we assume non-existing objects in D, respectively, if we assume
that the operations are non-total.
10 Technical remark: We have selected CVC4 in our experiments as the default SMT solver,
since we did run into errors when working with Z3. These errors can easily be reconstructed
in the provided source files when switching back to Z3 as default.
11 An expert reviewer of this article, to whom we are very grateful, provided alternative
proofs which can be fully replayed in the kernel of Isabelle.
Automating Free Logic in HOL 17
Axioms Set FS-I: Freyd and Scedrov in original notation (with issues)
A1E(x◦y)←→ (x2∼
=2y)
A2a((2x)2)∼
=2x
A2b2(x2)∼
=2x
A3a(2x)◦x∼
=x
A3b x ◦(x2)∼
=x
A4a2(x◦y)∼
=2(x◦(2y))
A4b(x◦y)2∼
=((x2)◦y)2
A5x◦(y◦z)∼
=(x◦y)◦z
Axioms Set FS-II: Freyd and Scedrov in our notation (with issues)
A1E(x·y)←→ dom x∼
=cod y
A2acod (dom x)∼
=dom x
A2bdom (cod y)∼
=cod y
A3a x ·(dom x)∼
=x
A3b(cod y)·y∼
=y
A4adom (x·y)∼
=dom ((dom x)·y)
A4bcod (x·y)∼
=cod (x·(cod y))
A5x·(y·z)∼
=(x·y)·z
Axioms Set VI: Freyd and Scedrov in our notation (corrected)
A10E(x·y)←→ dom x'cod y
A2acod (dom x)∼
=dom x
A2bdom (cod y)∼
=cod y
A3a x ·(dom x)∼
=x
A3b(cod y)·y∼
=y
A4adom (x·y)∼
=dom ((dom x)·y)
A4bcod (x·y)∼
=cod (x·(cod y))
A5x·(y·z)∼
=(x·y)·z
Table 2 The axioms set of Freyd and Scedrov in their and our notation, together with a
proposed correction.
Note, however, that the free variables in this first study range over the
existing and non-existing objects in D. One may argue, that this is not the
intention of Freyd and Scedrov. Therefore, we add a second study in §5.2,
in which we restrict the variables to range only over existing objects in E.
However, also in this case the axiom system of Freyd and Scedrov remains
18 Christoph Benzm¨uller and Dana S. Scott
unsatisfactory. Now it turns out incomplete, since strictness conditions/axioms
are required which are not mentioned in the textbook.
Freyd and Scedrov employ a different notation for dom xand cod x. They
denote these operations by 2xand x2. Moreover, they employ diagrammatic
composition (f◦g)x∼
=g(fx) (functional composition from left to right) instead
of the set-theoretic definition (f·g)x∼
=f(gx) (functional composition from
right to left) used so far. We leave it to the reader to verify that their Axioms
Set FS-I corresponds to Axioms Set FS-II modulo an appropriate conversion
of notation.12
5.1 Constricted Inconsistency in Free Logic Setting
A main difference in the system by Freyd and Scedrov to our Axioms Set V
from Table 1 concerns axiom S3, respectively A1. Namely, instead of the non-
reflexive existing identity ', they use Kleene equality ∼
=, cf. definition 1.11 on
page 3 of their textbook [22].13 The difference seems minor, but in our free
logic setting it has the effect to cause the mentioned constricted inconsistency
issue.14
The (constricted) inconsistency of Axioms Set FS-I, respectively Axioms
Set FS-II, from Table 2 has been detected first by the model finder Nitpick.
When we asked Nitpick to generate a model with at least one non-existing
object, it claimed that there is no such model. However, a model can still be
constructed if we do not make any assumptions about non-existing objects.15
In fact, the model presented by Nitpick for this case consists of a single, existing
morphism.
However, one can see directly that Axiom A1 is problematic as written: If
xand yare undefined, then (presumably) dom xand cod yare undefined as
well, and by the definition of Kleene equality, dom x∼
=cod y.A1 stipulates
that x·yshould be defined in this case, which appears unintended.
As we will demonstrate now, the consequences of this version of the axiom
are even stronger. It implies that all objects are defined, that is, composition
(as well as dom and cod) become total operations. The theory described by
these axioms “collapses” to the theory of monoids: If all objects are defined,
then one can conclude from A1 that dom x∼
=dom y(resp. dom x∼
=cod y
12 A recipe for this translation is as follows: (i) replace all x◦yby y·x, (ii) rename the
variables to get them again in alphabetical order, (iii) replace ϕ2by cod ϕand 2ϕby
dom ϕ, and finally (iv) replace cod y∼
=dom x(resp. cod y'dom x) by dom x∼
=cod y
(resp. dom x'cod y).
13 Def. 1.11 in Freyd Scedrov: “The ordinary equality sign = [i.e., our ∼
=] will be used in
the symmetric sense, to wit: if either side is defined then so is the other and they are equal.
...”
14 This could perhaps be an oversight, or it could indicate that Freyd and Scedrov actually
mean the Axioms Set discussed in §5.2 below.
15 For this we have to inactivate the axiom that postulates that ?is an undefined/non-
existing object.
Automating Free Logic in HOL 19
and cod x∼
=cod y), and according to 1.14 of [22], the category reduces to a
monoid provided that it is not empty.
In fact, the automated theorem provers, via Sledgehammer, quickly prove
falsity from Axioms Sets FS-II and FS-I when assuming a non-existing object
of type i:
(∃x¬Ex)−→ F alse
The provers identify the axioms A1, A2aand A3ato cause the problem
under this assumption. A corresponding human-intuitive proof argument is as
follows:
Let a∈Dbe an undefined object, that is, assume ¬Ea. By instantiating
axiom A3awith awe have a·(dom a)∼
=a. From this and definition of ∼
=we
know that a·(dom a) is not defined. This is easy to see, since if a·(dom a) were
defined, we also had that ais defined, which is not the case by assumption.
Hence, ¬E(a·(dom a)). Next, we instantiate A1 with aand dom ato obtain
E(a·(dom a)) ←→ dom a∼
=cod (dom a). Moreover, by instantiating A2a
with awe obtain cod (dom a)∼
=dom a, which we use (modulo symmetry and
transitivity of ∼
=) to rewrite the former result into E(a·(dom a)) ←→ dom a∼
=
dom a. By reflexivity of ∼
=we thus get E(a·(dom a)), i.e. that a·(dom a) is
defined, which contradicts ¬E(a·(dom a)). 2
As a corollary from the above constricted inconsistency result we get that
all morphisms (objects in D) must be defined: ∀x Ex.
Obviously Axioms Sets FS-I and FS-II are also redundant, and we have
previously reported on respective redundancies [9].16 For the corrected Axioms
Set VI we still get redundancies. The different options to reduce this system
are reported in Table 3.
Attempts to remove axioms A1’, A3a, A3b, and A5 from Axiom Set VI
failed. Nitpick shows that they are independent.
However, when assuming strictness of dom and cod , the axioms A2a, A2b,
A4a and A4b are all implied. Hence, under this assumptions, the reasoning
tools quickly identify (A1’ A3a A3b A5) as a minimal axiom set, which then
exactly matches the Axioms Set V of Scott from Table 1.17
5.2 Missing Strictness Axioms in Alternative Setting
We study the axiom system by Freyd and Scedrov once again. However, this
time we restrict the free variables in their system to range over existing objects
only. In the context of algebraic theories, it could be argued that this is the
16 The discussion in our releated conference paper [9] was before the discovery of the above
constricted inconsistency issue, which tells us that the system (in our setting) can even be
reduced to axioms A1, A2a, and A3a (when we assume undefined objects).
17 This minimal set of axioms has also been mentioned by Freyd in a note [21] and at-
tributed to Martin Knopman. However, the proof sketch presented there seems to fail when
the adapted version of A1 (with ') is employed.
20 Christoph Benzm¨uller and Dana S. Scott
Freyd and Scedrov in our notation (corrected and reduced I)
A10E(x·y)←→ dom x'cod y
A3a x ·(dom x)∼
=x
A3b(cod y)·y∼
=y
A4adom (x·y)∼
=dom ((dom x)·y)
A4bcod (x·y)∼
=cod (x·(cod y))
A5x·(y·z)∼
=(x·y)·z
Freyd and Scedrov in our notation (corrected and reduced II)
A10E(x·y)←→ dom x'cod y
A2acod (dom x)∼
=dom x
A2bdom (cod y)∼
=cod y
A3a x ·(dom x)∼
=x
A3b(cod y)·y∼
=y
A5x·(y·z)∼
=(x·y)·z
Freyd and Scedrov in our notation (corrected and reduced III)
S1
vE(dom x)−→ Ex
S2
vE(cod y)−→ Ey
A10E(x·y)←→ dom x'cod y
A3a x ·(dom x)∼
=x
A3b(cod y)·y∼
=y
A5x·(y·z)∼
=(x·y)·z
Table 3 Reduced variants of Axioms Set VI.
preferred reading of free variables. By employing the free logic universal quan-
tifier ∀, which realizes such a restriction, we thus modify Axioms Set FS-II
into Axioms-Set FS-III as displayed in Table 4.
For Axioms Set FS-III the consistency checks with Nitpick succeed, even
if we assume undefined objects. However, this axioms set is obviously weaker
than Axioms Set V from Table 1. In fact, as has been shown by Nitpick, none
of the axioms of this set are implied. The situation changes when we explicitly
postulate strictness of dom,cod and ·. Doing so we obtain Axioms Set FS-
IV from Table 4, which, as Nitpick confirms, is consistent even if we assume
undefined objects. And the automated theorem provers via Sledgehammer
confirm that Axioms Set FS-IV is equivalent to Axioms Set V, as intended.
Automating Free Logic in HOL 21
Axioms Set FS-III: Freyd and Scedrov in our notation (with issues)
B1∀x∀yE(x·y)←→ dom x∼
=cod y
B2a∀xcod (dom x)∼
=dom x
B2b∀ydom (cod y)∼
=cod y
B3a∀x x ·(dom x)∼
=x
B3b∀y(cod y)·y∼
=y
B4a∀x∀ydom (x·y)∼
=dom ((dom x)·y)
B4b∀x∀ycod (x·y)∼
=cod (x·(cod y))
B5∀x∀y∀z x ·(y·z)∼
=(x·y)·z
Axioms Set FS-IV: Freyd and Scedrov in our notation (without issues)
B0aE(x·y)−→ (Ex∧Ey)
B0bE(dom x)−→ Ex
B0bE(cod x)−→ Ex
B1∀x∀yE(x·y)←→ dom x∼
=cod y
B2a∀xcod (dom x)∼
=dom x
B2b∀ydom (cod y)∼
=cod y
B3a∀x x ·(dom x)∼
=x
B3b∀y(cod y)·y∼
=y
B4a∀x∀ydom (x·y)∼
=dom ((dom x)·y)
B4b∀x∀ycod (x·y)∼
=cod (x·(cod y))
B5∀x∀y∀z x ·(y·z)∼
=(x·y)·z
Table 4 The axioms set of Freyd and Scedrov in our notation and with variable restriction
to existing objects only.
Unfortunately, however, respective strictness conditions are not mentioned in
the textbook by Freyd and Scedrov.
6 Summary and Further Work
We have developed a new reasoning framework for free logic, and we have
experimentally applied it for some first experiments in category theory. We
have demonstrated how modern proof assistants and theorem provers for clas-
sical higher-order logic may well support the reasoning in free logic. More
concretely, we have applied our new free logic reasoning framework for the
systematic exploration of axiom systems for category theory. Without tools,
support of such experiments would be extremely tedious and error prone. In
the course of our experiments, automated theorem provers have revealed some
(minor) issue in the textbook of Freyd and Scedrov [22], which we were able to
22 Christoph Benzm¨uller and Dana S. Scott
correct. The correction essentially corresponds to the axiom system by Scott
proposed earlier [32]. All our findings were achieved directly by or in close
interaction with automated reasoning tools. Perhaps the lesson to be learned
here is that, when working with partial functions, it is natural — out of caution
— to assume too much, and the automated reasoning tools, as we have shown
here, can help find in what ways the axioms might be reduced or simplified.
Comparisons with other theorem provers for free logic are not possible at
this stage, since we are not aware of any other existing systems.
Further work includes the extension of our work towards an embedding of
free higher-order logic, the continuation of our formalization studies in cate-
gory theory (especially extensions of the theory involving functors) and the
application of free logic to various other mathematical domains, including, for
example, projective geometry. Regarding extensions towards free higher-order
logic some first steps have already been taken [27,35], and a recent continua-
tion of our formalisation studies [11] now also includes an early axiom system
for category theory by Saunders MacLane [26].
Moreover, as an alternative to always unfolding the mapping from FFOL
to HOL, abstract level proof tactics could be provided e.g. in Isabelle/HOL
to support intuitive interaction (and even automation) in FFOL on top the
semantical embedding.
Acknowledgements We thank G¨unter Rote, Lutz Schr¨oder and and Emil Weydert for
their comments to [10], which together with [9] forms the basis for this article.
We also want to express our gratitude to the reviewers of this article. Their fruitful
feedback definitely helped to improve the final version.
References
1. Andrews, P.: General models and extensionality. Journal of Symbolic Logic 37(2),
395–397 (1972)
2. Andrews, P.: Church’s type theory. In: E. Zalta (ed.) The Stanford Encyclopedia of
Philosophy, spring 2014 edn. (2014)
3. Barendregt, H., Dekkers, W., Statman, R.: Lambda Calculus with Types. Perspectives
in Logic. Cambridge University Press (2013)
4. Benzm¨uller, C.: Automating quantified conditional logics in HOL. In: F. Rossi (ed.)
Proc. of IJCAI-23. Beijing, China (2013)
5. Benzm¨uller, C.: Cut-elimination for quantified conditional logic. Journal of Philosoph-
ical Logic (2016)
6. Benzm¨uller, C., Brown, C., Kohlhase, M.: Higher-order semantics and extensionality.
Journal of Symbolic Logic 69(4), 1027–1088 (2004)
7. Benzm¨uller, C., Brown, C., Kohlhase, M.: Cut-simulation and impredicativity. Logical
Methods in Computer Science 5(1:6), 1–21 (2009)
8. Benzm¨uller, C., Miller, D.: Automation of higher-order logic. In: J. Siekmann, D. Gab-
bay, J. Woods (eds.) Handbook of the History of Logic, Volume 9 — Logic and Com-
putation. Elsevier (2014)
9. Benzm¨uller, C., Scott, D.: Automating free logic in Isabelle/HOL. In: G.M. Greuel,
T. Koch, P. Paule, A. Sommese (eds.) Mathematical Software – ICMS 2016, 5th Inter-
national Congress, Proceedings, LNCS, vol. 9725, pp. 43–50. Springer, Berlin, Germany
(2016)
10. Benzm¨uller, C., Scott, D.S.: Axiomatizing category theory in free logic. CoRR
abs/1609.01493 (2016)
Automating Free Logic in HOL 23
11. Benzm¨uller, C., Scott, D.S.: Axiom systems for category theory in free logic.
Archive of Formal Proofs (2018). URL https://www.isa-afp.org/entries/
AxiomaticCategoryTheory.html
12. Benzm¨uller, C., Steen, A., Wisniewski, M.: Leo-III version 1.1 (system description). In:
T. Eiter, D. Sands (eds.) Logic for Programming, Artificial Intelligence, and Reasoning
(LPAR) — Short Papers, Kalpa Puplications. EasyChair, Maun, Botswana (2017). To
appear
13. Benzm¨uller, C., Sultana, N., Paulson, L.C., Theiss, F.: The higher-order prover Leo-II.
Journal of Automated Reasoning 55(4), 389–404 (2015)
14. Blanchette, J.C.: Hammering Away – A User’s Guide to Sledgehammer for Is-
abelle/HOL. Institut f¨ur Informatik, Technische Universit¨at M¨unchen (2018).
URL https://isabelle.in.tum.de/doc/sledgehammer.pdf. With contributions from
Lawrence C. Paulson
15. Blanchette, J.C., B¨ohme, S., Paulson, L.C.: Extending Sledgehammer with SMT solvers.
Journal of Automated Reasoning 51(1), 109–128 (2013)
16. Blanchette, J.C., Nipkow, T.: Nitpick: A counterexample generator for higher-order logic
based on a relational model finder. In: M. Kaufmann, L.C. Paulson (eds.) Interactive
Theorem Proving, First International Conference, ITP 2010, Edinburgh, UK, July 11-14,
2010. Proceedings, Lecture Notes in Computer Science, vol. 6172, pp. 131–146. Springer
(2010)
17. Blanchette, J.C., Popescu, A., Wand, D., Weidenbach, C.: More SPASS with Isabelle –
Superposition with Hard Sorts and Configurable Simplification. In: L. Beringer, A.P.
Felty (eds.) Interactive Theorem Proving - Third International Conference, ITP 2012,
Princeton, NJ, USA, August 13-15, 2012. Proceedings, Lecture Notes in Computer Sci-
ence, vol. 7406, pp. 345–360. Springer (2012)
18. Brown, C.E.: Satallax: An automatic higher-order prover. In: B. Gramlich, D. Miller,
U. Sattler (eds.) Automated Reasoning - 6th International Joint Conference, IJCAR
2012, Manchester, UK, June 26-29, 2012. Proceedings, Lecture Notes in Computer Sci-
ence, vol. 7364, pp. 111–117. Springer (2012)
19. Church, A.: A formulation of the simple theory of types. Journal of Symbolic Logic 5,
56–68 (1940)
20. Deters, M., Reynolds, A., King, T., Barrett, C.W., Tinelli, C.: A tour of CVC4: How
it works, and how to use it. In: K. Claessen, V. Kuncak (eds.) Formal Methods in
Computer-Aided Design, FMCAD 2014, Lausanne, Switzerland, October 21-24, 2014,
p. 7. IEEE (2014)
21. Freyd, P.: Amplifications, Diminutions, Subscorings for Categories, Allegories (2016).
University of Pennsylvania. Unpublished. Available at https://www.math.upenn.edu/
~pjf/amplifications.pdf; (accessed in August 2016)
22. Freyd, P., Scedrov, A.: Categories, Allegories. North Holland (1990)
23. Kov´acs, L., Voronkov, A.: First-Order Theorem Proving and Vampire. In: N. Sharygina,
H. Veith (eds.) Computer Aided Verification - 25th International Conference, CAV 2013,
Saint Petersburg, Russia, July 13-19, 2013. Proceedings, Lecture Notes in Computer
Science, vol. 8044, pp. 1–35. Springer (2013)
24. Lambert, K.: The definition of e(xistence)! in free logic. In: Abstracts: The Interna-
tional Congress for Logic, Methodology and Philosophy of Science. Stanford: Stanford
University Press (1960)
25. Lambert, K.: Free Logic: Selected Essays. Cambridge: Cambridge University Press
(2002)
26. MacLane, S.: Groups, categories and duality. Proceedings of the National Academy of
Sciences 34(6), 263–267 (1948)
27. Makarenko, I.: Automatisierung von Freier Logik in Logik h¨oherer Stufe (2016). Bach-
elorarbeit, Institut f¨ur Informatik, Freie Universit¨at Berlin
28. de Moura, L.M., Bjørner, N.: Z3: An Efficient SMT Solver. In: C.R. Ramakrishnan,
J. Rehof (eds.) Tools and Algorithms for the Construction and Analysis of Systems,
14th International Conference, TACAS 2008, Held as Part of the Joint European Con-
ferences on Theory and Practice of Software, ETAPS 2008, Budapest, Hungary, March
29-April 6, 2008. Proceedings, Lecture Notes in Computer Science, vol. 4963, pp. 337–
340. Springer (2008)
24 Christoph Benzm¨uller and Dana S. Scott
29. Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL: A Proof Assistant for Higher-
Order Logic. No. 2283 in LNCS. Springer (2002)
30. Nolt, J.: Free logic. In: E.N. Zalta (ed.) The Stanford Encyclopedia of Philosophy,
winter 2014 edn. (2014)
31. Schulz, S.: System description: E 1.8. In: K.L. McMillan, A. Middeldorp, A. Voronkov
(eds.) Logic for Programming, Artificial Intelligence, and Reasoning - 19th International
Conference, LPAR-19, Stellenbosch, South Africa, December 14-19, 2013. Proceedings,
Lecture Notes in Computer Science, vol. 8312, pp. 735–743. Springer (2013). DOI
10.1007/978-3- 642-45221- 5. URL http://dx.doi.org/10.1007/978- 3-642- 45221-5
32. Scott, D.: Existence and description in formal logic. In: R. Schoenman (ed.) Bertrand
Russell: Philosopher of the Century, pp. 181–200. George Allen & Unwin, London (1967).
(Reprinted with additions in: Philosophical Application of Free Logic, edited by K.
Lambert. Oxford Universitry Press, 1991, pp. 28 - 48)
33. Scott, D.: Identity and existence in intuitionistic logic. In: M. Fourman, C. Mulvey,
D. Scott (eds.) Applications of Sheaves: Proceedings of the Research Symposium on
Applications of Sheaf Theory to Logic, Algebra, and Analysis, Durham, July 9–21,
1977, Lecture Notes in Mathematics, vol. 752, pp. 660–696. Springer Berlin Heidelberg
(1979)
34. Sutcliffe, G., Benzm¨uller, C.: Automated reasoning in higher-order logic using the TPTP
THF infrastructure. Journal of Formalized Reasoning 3(1), 1–27 (2010)
35. Wisniewski, M., Steen, A., Benzm¨uller, C.: TPTP and beyond: Representation of quan-
tified non-classical logics. In: C. Benzm¨uller, J. Otten (eds.) ARQNL 2016. Automated
Reasoning in Quantified Non-Classical Logics, vol. 1770, pp. 51–65. CEUR Workshop
Proceedings, http://ceur-ws.org (2016)
- A preview of this full-text is provided by Springer Nature.
- Learn more
Preview content only
Content available from Journal of Automated Reasoning
This content is subject to copyright. Terms and conditions apply.
