Notes

General Computer Science
320201 GenCS I & II Lecture Notes

Fall 2011
Michael Kohlhase
School of Engineering & Science
Jacobs University, Bremen Germany
[email protected]
oce: Room 62, Research 1, phone: x3140
c : Michael Kohlhase 1
1
1 Preface
This document contains the course notes for the course General Computer Science I & II held at
Jacobs University Bremen
1
in the academic years 2003-2011.
1.1 This Document
Contents: The document mixes the slides presented in class with comments of the instructor to
give students a more complete background reference.
Caveat: This document is made available for the students of this course only. It is still a draft,
and will develop over the course of the current course and in coming academic years.
Licensing: This document is licensed under a Creative Commons license that requires attribution,
forbids commercial use, and allows derivative works as long as these are licensed under the same
license.
Knowledge Representation Experiment: This document is also an experiment in knowledge repre-
sentation. Under the hood, it uses the
S
T
E
X package [Koh08, Koh10], a T
E
X/L
A
T
E
X extension for
semantic markup, which allows to export the contents into the eLearning platform PantaRhei.
Comments and extensions are always welcome, please send them to the author.
Other Resources:
1 2
EdNote:1
EdNote:2
1.2 Course Concept
Aims: The course 320101/2 General Computer Science I/II (GenCS) is a two-semester course
that is taught as a mandatory component of the Computer Science and Electrical Engineering
& Computer Science majors (EECS) at Jacobs University. The course aims to give these students
a solid (and somewhat theoretically oriented) foundation of the basic concepts and practices of
computer science without becoming inaccessible to ambitious students of other majors.
Context: As part of the EECS curriculum GenCS is complemented with a programming lab that
teaches the basics of C and C
++ 3
from a practical perspective and a Computer Architecture EdNote:3
course in the rst semester. As the programming lab is taught in three ve-week blocks over the
rst semester, we cannot make use of it in GenCS.
In the second year, GenCS, will be followed by a standard Algorithms & Data structures
course and a Formal Languages & Logics course, which it must prepare.
Prerequisites: The student body of Jacobs University is extremely diverse in 2009, we have
students from over 100 nations on campus. In particular, GenCS students come from both sides
of the digital divide: Previous CS exposure ranges almost computer-illiterate to professional
Java programmer on the practical level, and from only calculus to solid foundations in dis-
crete Mathematics for the theoretical foundations. An important commonality of Jacobs students
however is that they are bright, resourceful, and very motivated.
As a consequence, the GenCS course does not make any assumptions about prior knowledge,
and introduces all the necessary material, developing it from rst principles. To compensate
for this, the course progresses very rapidly and leaves much of the actual learning experience to
homework problems and student-run tutorials.
1.3 Course Contents
To reach the aim of giving students a solid foundation of the basic concepts and practices of Com-
puter Science we try to raise awareness for the three basic concepts of CS: data/information,
1
International University Bremen until Fall 2006
1
EdNote: describe the discussions in Panta Rhei
2
EdNote: Say something about the problems
3
EdNote: Check: Java Lab as well?
2
algorithms/programs and machines/computational devices by studying various instances, ex-
posing more and more characteristics as we go along.
Computer Science: In accordance to the goal of teaching students to think rst and to bring
out the Science of CS, the general style of the exposition is rather theoretical; practical aspects
are largely relegated to the homework exercises and tutorials. In particular, almost all relevant
statements are proven mathematically to expose the underlying structures.
GenCS is not a programming course: even though it covers all three major programming paradigms
(imperative, functional, and declarative programming)
4
. The course uses SML as its primary pro- EdNote:4
gramming language as it oers a clean conceptualization of the fundamental concepts of recursion,
and types. An added benet is that SML is new to virtually all incoming Jacobs students and helps
equalize opportunities.
GenCS I (the rst semester): is somewhat oriented towards computation and representation. It
the rst half of the semester the course introduces the dual concepts of induction and recursion,
rst on unary natural numbers, and then on arbitrary abstract data types, and legitimizes them
by the Peano Axioms. The introduction and of the functional core of SML contrasts and explains
this rather abstract development. To highlight the role of representation, we turn to Boolean
expressions, propositional logic, and logical calculi in the second half of the semester. This gives
the students a rst glimpse at the syntax/semantics distinction at the heart of CS.
GenCS II (the second semester): is more oriented towards exposing students to the realization of
computational devices. The main part of the semester is taken up by a building an abstract com-
puter, starting from combinational circuits, via a register machine which can be programmed in
a simple assembler language, to a stack-based machine with a compiler for a bare-bones functional
programming language. In contrast to the computer architecture course in the rst semester,
the GenCS exposition abstracts away from all physical and timing issues and considers circuits
as labeled graphs. This reinforces the students grasp of the fundamental concepts and highlights
complexity issues. The course then progresses to a brief introduction of Turing machines and
discusses the fundamental limits of computation at a rather supercial level, which completes an
introductory tour de force through the landscape of Computer Science.
The remaining time, is spent on studying one class algorithms (search algorithms) in more detail
and introducing the notition of declarative programming that uses search and logical representation
as a model of computation.
1.4 Acknowledgments
Materials: Some of the material in this course is based on course notes prepared by Andreas Birk,
who held the course 320101/2 General Computer Science at IUB in the years 2001-03. Parts
of his course and the current course materials were based on the book Hardware Design (in
German [KP95]). The section on search algorithms is based on materials obtained from Bernhard
Beckert (Uni Koblenz), which in turn are based on Stuart Russell and Peter Norvigs lecture slides
that go with their book Articial Intelligence: A Modern Approach [RN95].
The presentation of the programming language Standard ML, which serves as the primary
programming tool of this course is in part based on the course notes of Gert Smolkas excellent
course Programming at Saarland University, which will appear as a book (in German) soon.
5
EdNote:5
Contributors: The preparation of the course notes has been greatly helped by Ioan Sucan, who
has done much of the initial editing needed for semantic preloading in
S
T
E
X. Herbert Jaeger,
Christoph Lange, and Normen M uller have given advice on the contents.
GenCS Students: The following students have submitted corrections and suggestions to this and
earlier versions of the notes: Saksham Raj Gautam, Anton Kirilov, Philipp Meerkamp, Paul
Ngana, Darko Pesikan, Stojanco Stamkov, Nikolaus Rath, Evans Bekoe, Marek Laska, Moritz
4
EdNote: termrefs!
5
EdNote: this should be out, check the reference
3
Beber, Andrei Aiordachioaie, Magdalena Golden, Andrei Eugeniu Ionit a, Semir Elezovic, Dimi-
tar Asenov, Alen Stojanov, Felix Schlesinger, Stefan Anca, Dante Stroe, Irina Calciu, Nemanja
Ivanovski, Abdulaziz Kivaza, Anca Dragan, Razvan Turtoi, Catalin Duta, Andrei Dragan, Dimitar
Misev, Vladislav Perelman, Milen Paskov, Kestutis Cesnavicius, Mohammad Faisal, Janis Beck-
ert, Karolis Uziela, Josip Djolonga, Flavia Grosan, Aleksandar Siljanovski, Iurie Tap, Barbara
Khalibinzwa, Darko Velinov, Anton Lyubomirov Antonov, Christopher Purnell, Maxim Rauwald,
Jan Brennstein, Irhad Elezovikj.
4
Contents
1 Preface 2
1.1 This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Course Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.3 Course Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.4 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2 Getting Started with General Computer Science 7
2.1 Overview over the Course . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2 Administrativa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.2.1 Grades, Credits, Retaking . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.2.2 Homeworks, Submission, and Cheating . . . . . . . . . . . . . . . . . . . . . 10
2.2.3 Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.3 Motivation and Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3 Elementary Discrete Math 23
3.1 Mathematical Foundations: Natural Numbers . . . . . . . . . . . . . . . . . . . . . 23
3.2 Talking (and writing) about Mathematics . . . . . . . . . . . . . . . . . . . . . . . 30
3.3 Naive Set Theory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.3.1 Denitions in Mathtalk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
3.4 Relations and Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
4 Computing with Functions over Inductively Dened Sets 41
4.1 Standard ML: Functions as First-Class Objects . . . . . . . . . . . . . . . . . . . . 41
4.2 Inductively Dened Sets and Computation . . . . . . . . . . . . . . . . . . . . . . . 51
4.3 Inductively Dened Sets in SML . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
4.4 A Theory of SML: Abstract Data Types and Term Languages . . . . . . . . . . . . 57
4.4.1 Abstract Data Types and Ground Constructor Terms . . . . . . . . . . . . 57
4.4.2 A First Abstract Interpreter . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
4.4.3 Substitutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
4.4.4 A Second Abstract Interpreter . . . . . . . . . . . . . . . . . . . . . . . . . 63
4.4.5 Evaluation Order and Termination . . . . . . . . . . . . . . . . . . . . . . . 65
4.5 More SML: Recursion in the Real World . . . . . . . . . . . . . . . . . . . . . . . . 68
4.6 Even more SML: Exceptions and State in SML . . . . . . . . . . . . . . . . . . . . 71
5 Encoding Programs as Strings 74
5.1 Formal Languages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
5.2 Elementary Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
5.3 Character Codes in the Real World . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
5.4 Formal Languages and Meaning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
6 Boolean Algebra 85
6.1 Boolean Expressions and their Meaning . . . . . . . . . . . . . . . . . . . . . . . . 85
6.2 Boolean Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
6.3 Complexity Analysis for Boolean Expressions . . . . . . . . . . . . . . . . . . . . . 92
6.4 The Quine-McCluskey Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
6.5 A simpler Method for nding Minimal Polynomials . . . . . . . . . . . . . . . . . . 104
7 Propositional Logic 107
7.1 Boolean Expressions and Propositional Logic . . . . . . . . . . . . . . . . . . . . . 107
7.2 Logical Systems and Calculi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
7.3 Proof Theory for the Hilbert Calculus . . . . . . . . . . . . . . . . . . . . . . . . . 114
7.4 A Calculus for Mathtalk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
5
8 Welcome and Administrativa 124
8.1 Recap from General CS I . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
9 Machine-Oriented Calculi 126
9.1 Calculi for Automated Theorem Proving: Analytical Tableaux . . . . . . . . . . . 126
9.1.1 Analytical Tableaux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
9.1.2 Practical Enhancements for Tableaux . . . . . . . . . . . . . . . . . . . . . 129
9.1.3 Correctness and Termination of Tableaux . . . . . . . . . . . . . . . . . . . 131
9.2 Resolution for Propositional Logic . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
10 Welcome and Administrativa 136
10.1 Recap from General CS I . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
11 Circuits 138
11.1 Graphs and Trees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
11.2 Introduction to Combinatorial Circuits . . . . . . . . . . . . . . . . . . . . . . . . . 145
11.3 Realizing Complex Gates Eciently . . . . . . . . . . . . . . . . . . . . . . . . . . 148
11.3.1 Balanced Binary Trees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
11.3.2 Realizing n-ary Gates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
11.4 Basic Arithmetics with Combinational Circuits . . . . . . . . . . . . . . . . . . . . 154
11.4.1 Positional Number Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
11.4.2 Adders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
11.5 Arithmetics for Twos Complement Numbers . . . . . . . . . . . . . . . . . . . . . 165
11.6 Towards an Algorithmic-Logic Unit . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
12 Sequential Logic Circuits and Memory Elements 174
13 Machines 179
13.1 How to build a Computer (in Principle) . . . . . . . . . . . . . . . . . . . . . . . . 179
13.2 How to build a SML-Compiler (in Principle) . . . . . . . . . . . . . . . . . . . . . . 184
13.2.1 A Stack-based Virtual Machine . . . . . . . . . . . . . . . . . . . . . . . . . 184
13.2.2 A Simple Imperative Language . . . . . . . . . . . . . . . . . . . . . . . . . 191
13.2.3 Compiling Basic Functional Programs . . . . . . . . . . . . . . . . . . . . . 201
13.3 A theoretical View on Computation . . . . . . . . . . . . . . . . . . . . . . . . . . 204
14 Problem Solving and Search 210
14.1 Problem Solving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
14.2 Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
14.3 Uninformed Search Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
14.4 Informed Search Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
14.5 Local Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
15 Logic Programming 246
15.1 Programming as Search: Introduction to Logic Programming and PROLOG . . . . 246
15.2 Logic Programming as Resolution Theorem Proving . . . . . . . . . . . . . . . . . 253
16 The Information and Software Architecture of the Internet and WWW 255
16.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
16.2 Internet Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
16.3 Basics Concepts of the World Wide Web . . . . . . . . . . . . . . . . . . . . . . . . 266
16.4 Introduction to Web Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
16.5 Security by Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
16.6 An Overview over XML Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . 281
16.7 More Web Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
16.8 The Semantic Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
6
2 Getting Started with General Computer Science
Jacobs University oers a unique CS curriculum to a special student body. Our CS curriculum
is optimized to make the students successful computer scientists in only three years (as opposed
to most US programs that have four years for this). In particular, we aim to enable students to
pass the GRE subject test in their fth semester, so that they can use it in their graduate school
applications.
The Course 320101/2 General Computer Science I/II is a one-year introductory course that
provides an overview over many of the areas in Computer Science with a focus on the foundational
aspects and concepts. The intended audience for this course are students of Computer Science,
and motivated students from the Engineering and Science disciplines that want to understand
more about the why than only the how of Computer Science, i.e. the science part.
2.1 Overview over the Course
Plot of General Computer Science
Today: Motivation, Admin, and nd out what you already know
What is Computer Science?
Information, Data, Computation, Machines
a (very) quick walk through the topics
Get a feeling for the math involved (
*
not a programming course!!!
*
)
learn mathematical language (so we can talk rigorously)
inductively dened sets, functions on them
elementary complexity analysis
Various machine models (as models of computation)
(primitive) recursive functions on inductive sets
combinational circuits and computer architecture
Programming Language: Standard ML (great equalizer/thought provoker)
Turing machines and the limits of computability
Fundamental Algorithms and Data structures
Overview: The purpose of this two-semester course is to give you an introduction to what the
Science in Computer Science might be. We will touch on a lot of subjects, techniques and
arguments that are of importance. Most of them, we will not be able to cover in the depth that
you will (eventually) need to know them. That will happen in your second year, where you will
see most of them again, with much more thorough treatment.
Computer Science: We are using the term Computer Science in this course, because it is the
traditional anglo-saxon term for our eld. It is a bit of a misnomer, as it emphasizes the computer
alone as a computational device, which is only one of the aspects of the eld. Other names that are
becoming increasingly popular are Information Science, Informatics or Computing, which
are broader, since they concentrate on the notion of information (irrespective of the machine basis:
hardware/software/wetware/alienware/vaporware) or on computation.
7
Denition 1 What we mean with Computer Science here is perhaps best represented by the
following quote from [Den00]:
The body of knowledge of computing is frequently described as the systematic study of
algorithmic processes that describe and transform information: their theory, analysis, de-
sign, eciency, implementation, and application. The fundamental question underlying all
of computing is, What can be (eciently) automated?
Not a Programming Course: Note General CS is not a programming course, but an attempt
to give you an idea about the Science of computation. Learning how to write correct, ecient,
and maintainable, programs is an important part of any education in Computer Science, but we
will not focus on that in this course (we have the Labs for that). As a consequence, we will not
concentrate on teaching how to program in General CS but introduce the SML language and
assume that you pick it up as we go along (however, the tutorials will be a great help; so go
there!).
Standard ML: We will be using Standard ML (SML), as the primary vehicle for programming in the
course. The primary reason for this is that as a functional programming language, it focuses more
on clean concepts like recursion or typing, than on coverage and libraries. This teaches students
to think rst rather than hack rst, which meshes better with the goal of this course. There
have been long discussions about the pros and cons of the choice in general, but it has worked well
at Jacobs University (even if students tend to complain about SML in the beginning).
A secondary motivation for SML is that with a student body as diverse as the GenCS rst-years
at Jacobs
2
we need a language that equalizes them. SML is quite successful in that, so far none
of the incoming students had even heard of the language (apart from tall stories by the older
students).
Algorithms, Machines, and Data: The discussion in General CS will go in circles around the
triangle between the three key ingredients of computation.
Algorithms are abstract representations of computation instructions
Data are representations of the objects the computations act on
Machines are representations of the devices the computations run on
The gure below shows that they all depend on each other; in the course of this course we will
look at various instantiations of this general picture.
Data
Machines
Algorithms
Figure 1: The three key ingredients of Computer Science
Representation: One of the primary focal items in General CS will be the notion of representa-
tion. In a nutshell the situation is as follows: we cannot compute with objects of the real world,
but be have to make electronic counterparts that can be manipulated in a computer, which we
will call representations. It is essential for a computer scientist to realize that objects and their
representations are dierent, and to be aware of their relation to each other. Otherwise it will
be dicult to predict the relevance of the results of computation (manipulating electronic objects
in the computer) for the real-world objects. But if cannot do that, computing loses much of its
utility.
Of course this may sound a bit esoteric in the beginning, but I will come back to this very
often over the course, and in the end you may see the importance as well.
2
traditionally ranging from students with no prior programming experience to ones with 10 years of semi-pro
Java
8
2.2 Administrativa
We will now go through the ground rules for the course. This is a kind of a social contract between
the instructor and the students. Both have to keep their side of the deal to make learning and
becoming Computer Scientists as ecient and painless as possible.
2.2.1 Grades, Credits, Retaking
Now we come to a topic that is always interesting to the students: the grading scheme. The
grading scheme I am using has changed over time, but I am quite happy with it.
Prerequisites, Requirements, Grades
Prerequisites: Motivation, Interest, Curiosity, hard work
you can do this course if you want!
Grades: (plan your work involvement carefully)
Monday Quizzes 30%
Graded Assignments 20%
Mid-term Exam 20%
Final Exam 30%
Note that for the grades, the percentages of achieved points are added with the weights
above, and only then the resulting percentage is converted to a grade.
Monday Quizzes: (Almost) every monday, we will use the rst 10 minutes for a brief quiz
about the material from the week before (you have to be there)
Rationale: I want you to work continuously (maximizes learning)
My main motivation in this grading scheme is that I want to entice you to learn continuously.
You cannot hope to pass the course, if you only learn in the reading week. Let us look at the
components of the grade. The rst is the exams: We have a mid-term exam relatively early, so
that you get feedback about your performance; the need for a nal exam is obvious and tradition
at Jacobs. Together, the exams make up 50% of your grade, which seems reasonable, so that you
cannot completely mess up your grade if you fail one.
In particular, the 50% rule means that if you only come to the exams, you basically have to
get perfect scores in order to get an overall passing grade. This is intentional, it is supposed to
encourage you to spend time on the other half of the grade. The homework assignments are a
central part of the course, you will need to spend considerable time on them. Do not let the 20%
part of the grade fool you. If you do not at least attempt to solve all of the assignments, you
have practically no chance to pass the course, since you will not get the practice you need to do
well in the exams. The value of 20% is attempts to nd a good trade-o between discouraging
from cheating, and giving enough incentive to do the homework assignments. Finally, the monday
quizzes try to ensure that you will show up on time on mondays, and are prepared.
9
Advanced Placement
Generally: AP lets you drop a course, but retain credit for it (sorry no grade!)
you register for the course, and take an AP exam
*
you will need to have very good results to pass
*
If you fail, you have to take the course or drop it!
Specically: AP exams (oral) some time next week (see me for a date)
Be prepared to answer elementary questions about: discrete mathematics, terms,
substitution, abstract interpretation, computation, recursion, termination, elemen-
tary complexity, Standard ML, types, formal languages, Boolean expressions
(possible subjects of the exam)
Warning: you should be very sure of yourself to try (genius in C
++
insucient)
Although advanced placement is possible, it will be very hard to pass the AP test. Passing an AP
does not just mean that you have to have a passing grade, but very good grades in all the topics
that we cover. This will be very hard to achieve, even if you have studied a year of Computer
Science at another university (dierent places teach dierent things in the rst year). You can still
take the exam, but you should keep in mind that this means considerable work for the instrutor.
2.2.2 Homeworks, Submission, and Cheating
Homework assignments
Goal: Reinforce and apply what is taught in class.
homeworks: will be small individual problem/programming/proof assignments
(but take time to solve)
admin: To keep things running smoothly
Homeworks will be posted on PantaRhei
Homeworks are handed in electronically in grader (plain text, Postscript, PDF,. . . )
go to the recitations, discuss with your TA (they are there for you!)
Homework discipline:
start early! (many assignments need more than one evenings work)
Dont start by sitting at a blank screen
Humans will be trying to understand the text/code/math when grading it.
Homework assignments are a central part of the course, they allow you to review the concepts
covered in class, and practice using them.
10
Homework Submissions, Grading, Tutorials
Submissions: We use Heinrich Stamerjohanns grader system
submit all homework assignments electronically to https://jgrader.de
you can login with you Jacobs account (should have one!)
feedback/grades to your submissions
get an overview over how you are doing! (do not leave to midterm)
Tutorials: select a tutorial group and actually go to it regularly
to discuss the course topics after class (GenCS needs pre/postparation)
to discuss your homework after submission (to see what was the problem)
to nd a study group (probably the most determining factor of success)
The next topic is very important, you should take this very seriously, even it you think that this
is just a self-serving regulation made by the faculty.
All societies have their rules, written and unwritten ones, which serve as a social contract
among its members, protect their interestes, and optimize the functioning of the society as a
whole. This is also true for the community of scientists worldwide. This society is special, since it
balances intense cooperation on joint issues with erce competition. Most of the rules are largely
unwritten; you are expected to follow them anyway. The code of academic integrity at Jacobs is
an attempt to put some of the aspects into writing.
It is an essential part of your academic education that you learn to behave like academics,
i.e. to function as a member of the academic community. Even if you do not want to become
a scientist in the end, you should be aware that many of the people you are dealing with have
gone through an academic education and expect that you (as a graduate of Jacobs) will behave
by these rules.
The Code of Academic Integrity
Jacobs has a Code of Academic Integrity
this is a document passed by the faculty (our law of the university)
you have signed it last week (we take this seriously)
It mandates good behavior and penalizes bad from both faculty and students
honest academic behavior (we dont cheat)
respect and protect the intellectual property of others (no plagiarism)
treat all Jacobs members equally (no favoritism)
this is to protect you and build an atmosphere of mutual respect
academic societies thrive on reputation and respect as primary currency
The Reasonable Person Principle (one lubricant of academia)
we treat each other as reasonable persons
the others requests and needs are reasonable until proven otherwise
11
To understand the rules of academic societies it is central to realize that these communities are
driven by economic considerations of their members. However, in academic societies, the the
primary good that is produced and consumed consists in ideas and knowledge, and the primary
currency involved is academic reputation
3
. Even though academic societies may seem as altruistic
scientists share their knowledge freely, even investing time to help their peers understand the
concepts more deeply it is useful to realize that this behavior is just one half of an economic
transaction. By publishing their ideas and results, scientists sell their goods for reputation. Of
course, this can only work if ideas and facts are attributed to their original creators (who gain
reputation by being cited). You will see that scientists can become quite erce and downright
nasty when confronted with behavior that does not respect others intellectual property.
One special case of academic rules that aects students is the question of cheating, which we will
cover next.
Cheating [adapted from CMU:15-211 (P. Lee, 2003)]
There is no need to cheat in this course!! (hard work will do)
cheating prevents you from learning (you are cutting your own esh)
if you are in trouble, come and talk to me (I am here to help you)
We expect you to know what is useful collaboration and what is cheating
you will be required to hand in your own original code/text/math for all assignments
you may discuss your homework assignments with others, but if doing so impairs your
ability to write truly original code/text/math, you will be cheating
copying from peers, books or the Internet is plagiarism unless properly attributed
(even if you change most of the actual words)
more on this as the semester goes on . . .
*
There are data mining tools that monitor the originality of text/code.
*
We are fully aware that the border between cheating and useful and legitimate collaboration is
dicult to nd and will depend on the special case. Therefore it is very dicult to put this into
rm rules. We expect you to develop a rm intuition about behavior with integrity over the course
of stay at Jacobs.
2.2.3 Resources
3
Of course, this is a very simplistic attempt to explain academic societies, and there are many other factors at
work there. For instance, it is possible to convert reputation into money: if you are a famous scientist, you may
get a well-paying job at a good university,. . .
12
Textbooks, Handouts and Information, Forum
No required textbook, but course notes, posted slides
Course notes in PDF will be posted at http://kwarc.info/teaching/GenCS1.html
Everything will be posted on Planet GenCS (Notes+assignments+course forum)
announcements, contact information, course schedule and calendar
discussion among your fellow students(careful, I will occasionally check for academic integrity!)
http://gencs.kwarc.info (follow instructions there)
if there are problems send e-mail to [email protected]
No Textbook: Due to the special circumstances discussed above, there is no single textbook that
covers the course. Instead we have a comprehensive set of course notes (this document). They
are provided in two forms: as a large PDF that is posted at the course web page and on the
Planet GenCS system. The latter is actually the preferred method of interaction with the course
materials, since it allows to discuss the material in place, to play with notations, to give feedback,
etc. The PDF le is for printing and as a fallback, if the Planet GenCS system, which is still under
development develops problems.
Software/Hardware tools
You will need computer access for this course
(come see me if you do not have a computer of your own)
we recommend the use of standard software tools
the emacs and vi text editor (powerful, exible, available, free)
UNIX (linux, MacOSX, cygwin) (prevalent in CS)
FireFox (just a better browser (for Math))
learn how to touch-type NOW (reap the benets earlier, not later)
Touch-typing: You should not underestimate the amount of time you will spend typing during
your studies. Even if you consider yourself uent in two-nger typing, touch-typing will give you
a factor two in speed. This ability will save you at least half an hour per day, once you master it.
Which can make a crucial dierence in your success.
Touch-typing is very easy to learn, if you practice about an hour a day for a week, you will
re-gain your two-nger speed and from then on start saving time. There are various free typing
tutors on the network. At http://typingsoft.com/all_typing_tutors.htm you can nd about
programs, most for windows, some for linux. I would probably try Ktouch or TuxType
Darko Pesikan recommends the TypingMaster program. You can download a demo version
from http://www.typingmaster.com/index.asp?go=tutordemo
You can nd more information by googling something like learn to touch-type. (goto http:
//www.google.com and type these search terms).
Next we come to a special project that is going on in parallel to teaching the course. I am using
the coures materials as a research object as well. This gives you an additional resource, but may
aect the shape of the coures materials (which now server double purpose). Of course I can use
all the help on the research project I can get.
13
Experiment: E-Learning with OMDoc/PantaRhei
My research area: deep representation formats for (mathematical) knowledge
Application: E-learning systems (represent knowledge to transport it)
Experiment: Start with this course (Drink my own medicine)
Re-Represent the slide materials in OMDoc (Open Math Documents)
Feed it into the PantaRhei system (http://trac.mathweb.org/planetary)
Try it on you all (to get feedback from you)
Tasks (Unfortunately, I cannot pay you for this; maybe later)
help me complete the material on the slides (what is missing/would help?)
I need to remember what I say, examples on the board. (take notes)
Benets for you (so why should you help?)
you will be mentioned in the acknowledgements (for all that is worth)
you will help build better course materials (think of next-years freshmen)
2.3 Motivation and Introduction
Before we start with the course, we will have a look at what Computer Science is all about. This
will guide our intuition in the rest of the course.
Consider the following situation, Jacobs University has decided to build a maze made of high
hedges on the the campus green for the students to enjoy. Of course not any maze will do, we
want a maze, where every room is reachable (unreachable rooms would waste space) and we want
a unique solution to the maze to the maze (this makes it harder to crack).
What is Computer Science about?
For instance: Software! (a hardware example would also work)
Example 2 writing a program to generate mazes.
We want every maze to be solvable. (should have path from entrance to exit)
Also: We want mazes to be fun, i.e.,
We want maze solutions to be unique
We want every room to be reachable
How should we think about this?
There are of course various ways to build such a a maze; one would be to ask the students from
biology to come and plant some hedges, and have them re-plant them until the maze meets our
criteria. A better way would be to make a plan rst, i.e. to get a large piece of paper, and draw
a maze before we plant. A third way is obvious to most students:
14
An Answer:
Lets hack
However, the result would probably be the following:
*
2am in the IRC Quiet Study Area
*
If we just start hacking before we fully understand the problem, chances are very good that we
will waste time going down blind alleys, and garden paths, instead of attacking problems. So the
main motto of this course is:
*
no, lets think
*
The GIGO Principle: Garbage In, Garbage Out ( ca. 1967)
Applets, Not Craplets
tm
( ca. 1997)
Thinking about a problem will involve thinking about the representations we want to use (after
all, we want to work on the computer), which computations these representations support, and
what constitutes a solutions to the problem.
This will also give us a foundation to talk about the problem with our peers and clients. Enabling
students to talk about CS problems like a computer scientist is another important learning goal
of this course.
15
We will now exemplify the process of thinking about the problem on our mazes example. It
shows that there is quite a lot of work involved, before we write our rst line of code. Of course,
sometimes, explorative programming sometimes also helps understand the problem , but we would
consider this as part of the thinking process.
Thinking about the problem
Idea: Randomly knock out walls until we get a good maze
Think about a grid of rooms separated by walls.
Each room can be given a name.
Mathematical Formulation:
a set of rooms: a, b, c, d, e, f, g, h, i, j, k, l, m, n, o, p
Pairs of adjacent rooms that have an open wall between them.
Example 3 For example, a, b and g, k are pairs.
Abstractly speaking, this is a mathematical structure called a graph.
Of course, the thinking process always starts with an idea of how to attack the problem. In our
case, this is the idea of starting with a grid-like structure and knocking out walls, until we have a
maze which meets our requirements.
Note that we have already used our rst representation of the problem in the drawing above: we
have drawn a picture of a maze, which is of course not the maze itself.
Denition 4 A representation is the realization of real or abstract persons, objects, circum-
stances, Events, or emotions in concrete symbols or models. This can be by diverse methods, e.g.
visual, aural, or written; as three-dimensional model, or even by dance.
Representations will play a large role in the course, we should always be aware, whether we are
talking about the real thing or a representation of it (chances are that we are doing the latter
in computer science). Even though it is important, to be able to always able to distinguish
representations from the objects they represent, we will often be sloppy in our language, and rely
on the ability of the reader to distinguish the levels.
From the pictorial representation of a maze, the next step is to come up with a mathematical
representation; here as sets of rooms (actually room names as representations of rooms in the
maze) and room pairs.
16
Why math?
Q: Why is it useful to formulate the problem so that mazes are room sets/pairs?
A: Data structures are typically dened as mathematical structures.
A: Mathematics can be used to reason about the correctness and eciency of data
structures and algorithms.
A: Mathematical structures make it easier to think to abstract away from unnecessary
details and avoid hacking.
The advantage of a mathematical representation is that it models the aspects of reality we are
interested in in isolation. Mathematical models/representations are very abstract, i.e. they have
very few properties: in the rst representational step we took we abstracted from the fact that
we want to build a maze made of hedges on the campus green. We disregard properties like maze
size, which kind of bushes to take, and the fact that we need to water the hedges after we planted
them. In the abstraction step from the drawing to the set/pairs representation, we abstracted
from further (accidental) properties, e.g. that we have represented a square maze, or that the
walls are blue.
As mathematical models have very few properties (this is deliberate, so that we can understand
all of them), we can use them as models for many concrete, real-world situations.
Intuitively, there are few objects that have few properties, so we can study them in detail. In our
case, the structures we are talking about are well-known mathematical objects, called graphs.
We will study graphs in more detail in this course, and cover them at an informal, intuitive level
here to make our points.
Mazes as Graphs
Denition 5 Informally, a graph consists of a set of nodes and a set of edges.
(a good part of CS is about graph algorithms)
Denition 6 A maze is a graph with two special nodes.
Interpretation: Each graph node represents a room, and an edge from node x to node
y indicates that rooms x and y are adjacent and there is no wall in between them.
The rst special node is the entry, and the second one the exit of the maze.
Can be represented as
_
_
_
a, e, e, i, i, j,
f, j, f, g, g, h,
d, h, g, k, a, b
m, n, n, o, b, c
k, o, o, p, l, p
_
_
, a, p
_
17
Mazes as Graphs (Visualizing Graphs via Diagrams)
Graphs are very abstract objects, we need a good, intuitive way of thinking about them.
We use diagrams, where the nodes are visualized as dots and the edges as lines between
them.
Our maze
can be visualized as
Note that the diagram is a visualization (a representation intended for humans to process
visually) of the graph, and not the graph itself.
Now that we have a mathematical model for mazes, we can look at the subclass of graphs that
correspond to the mazes that we are after: unique solutions and all rooms are reachable! We will
concentrate on the rst requirement now and leave the second one for later.
Unique solutions
Q: What property must the graph have for the maze to have a solution?
A: A path from a to p.
Q: What property must it have for the maze to have a unique solution?
A: The graph must be a tree.
Trees are special graphs, which we will now dene.
18
Mazes as trees
Denition 7 Informally, a tree is a graph:
with a unique root node, and
each node having a unique parent.
Denition 8 A spanning tree is a tree that includes all of the nodes.
Q: Why is it good to have a spanning tree?
A: Trees have no cycles! (needed for uniqueness)
A: Every room is reachable from the root!
So, we know what we are looking for, we can think about a program that would nd spanning
trees given a set of nodes in a graph. But since we are still in the process of thinking about the
problems we do not want to commit to a concrete program, but think about programs in the
abstract (this gives us license to abstract away from many concrete details of the program and
concentrate on the essentials).
The computer science notion for a program in the abstract is that of an algorithm, which we
will now dene.
Algorithm
Now that we have a data structure in mind, we can think about the algorithm.
Denition 9 An algorithm is a series of instructions to control a (computation) process
Example 10 (Kruskals algorithm, a graph algorithm for spanning trees)
Randomly add a pair to the tree if it wont create a cycle. (i.e. tear down a wall)
Repeat until a spanning tree has been created.
19
Denition 11 An algorithm is a collection of formalized rules that can be understood and exe-
cuted, and that lead to a particular endpoint or result.
Example 12 An example for an algorithm is a recipe for a cake, another one is a rosary a
kind of chain of beads used by many cultures to remember the sequence of prayers. Both the
recipe and rosary represent instructions that specify what has to be done step by step. The
instructions in a recipe are usually given in natural language text and are based on elementary
forms of manipulations like scramble an egg or heat the oven to 250 degrees Celsius. In
a rosary, the instructions are represented by beads of dierent forms, which represent dierent
prayers. The physical (circular) form of the chain allows to represent a possibly innite sequence
of prayers.
The name algorithm is derived from the word al-Khwarizmi, the last name of a famous Persian
mathematician. Abu Jafar Mohammed ibn Musa al-Khwarizmi was born around 780 and died
around 845. One of his most inuential books is Kitab al-jabr wal-muqabala or Rules of
Restoration and Reduction. It introduced algebra, with the very word being derived from a part
of the original title, namely al-jabr. His works were translated into Latin in the 12th century,
introducing this new science also in the West.
The algorithm in our example sounds rather simple and easy to understand, but the high-level
formulation hides the problems, so let us look at the instructions in more detail. The crucial one
is the task to check, whether we would be creating cycles.
Of course, we could just add the edge and then check whether the graph is still a tree, but this
would be very expensive, since the tree could be very large. A better way is to maintain some
information during the execution of the algorithm that we can exploit to predict cyclicity before
altering the graph.
Creating a spanning tree
When adding a wall to the tree, how do we detect that it wont create a cycle?
When adding wall x, y, we want to know if there is already a path from x to y in the
tree.
In fact, there is a fast algorithm for doing exactly this, called Union-Find.
Denition 13 (Union Find Algorithm) The Union Find Algorithm successively
puts nodes into an equivalence class if there is a path connecting them.
Before adding an edge x, y to the tree, it makes sure that x and y are not in the
same equivalence class.
Example 14 A partially constructed maze
Now that we have made some design decision for solving our maze problem. It is an important part
of thinking about the problem to determine whether these are good choices. We have argued
above, that we should use the Union-Find algorithm rather than a simple generate-and-test
20
approach based on the expense, by which we interpret temporally for the moment. So we ask
ourselves
How fast is our Algorithm?
Is this a fast way to generate mazes?
How much time will it take to generate a maze?
What do we mean by fast anyway?
In addition to nding the right algorithms, Computer Science is about analyzing the
performance of algorithms.
In order to get a feeling what we mean by fast algorithm, we to some preliminary computations.
Performance and Scaling
Suppose we have three algorithms to choose from. (which one to select)
Systematic analysis reveals performance characteristics.
For a problem of size n (i.e., detecting cycles out of n nodes) we have
n 100n s 7n
2
s 2
n
s
1 100 s 7 s 2 s
5 .5 ms 175 s 32 s
10 1 ms .7 ms 1 ms
45 4.5 ms 14 ms 1.1 years
100 . . . . . . . . .
1 000 . . . . . . . . .
10 000 . . . . . . . . .
1 000 000 . . . . . . . . .
What?! One year?
2
10
= 1 024 (1024 s)
2
45
= 35 184 372 088 832 (3.510
13
s = 3.510
7
s 1.1 years)
we denote all times that are longer than the age of the universe with
n 100n s 7n
2
s 2
n
s
1 100 s 7 s 2 s
5 .5 ms 175 s 32 s
10 1 ms .7 ms 1 ms
45 4.5 ms 14 ms 1.1 years
100 100 ms 7 s 10
16
years
1 000 1 s 12 min
10 000 10 s 20 h
1 000 000 1.6 min 2.5 mo
21
So it does make a dierence for larger problems what algorithm we choose. Considerations like
the one we have shown above are very important when judging an algorithm. These evaluations
go by the name of complexity theory.
We will now briey preview other concerns that are important to computer science. These are
essential when developing larger software packages. We will not be able to cover them in this
course, but leave them to the second year courses, in particular software engineering.
Modular design
By thinking about the problem, we have strong hints about the structure of our program
Grids, Graphs (with edges and nodes), Spanning trees, Union-nd.
With disciplined programming, we can write our program to reect this structure.
Modular designs are usually easier to get right and easier to understand.
Is it correct?
How will we know if we implemented our solution correctly?
What do we mean by correct?
Will it generate the right answers?
Will it terminate?
Computer Science is about techniques for proving the correctness of programs
Let us summarize!
The science in CS: not hacking, but
Thinking about problems abstractly.
Selecting good structures and obtaining correct and fast algorithms/machines.
Implementing programs/machines that are understandable and correct.
In particular, the course General Computer Science is not a programming course, it is about
being able to think about computational problems and to learn to talk to others about these
problems.
22
3 Elementary Discrete Math
3.1 Mathematical Foundations: Natural Numbers
We have seen in the last section that we will use mathematical models for objects and data struc-
tures throughout Computer Science. As a consequence, we will need to learn some math before
we can proceed. But we will study mathematics for another reason: it gives us the opportunity
to study rigorous reasoning about abstract objects, which is needed to understand the science
part of Computer Science.
Note that the mathematics we will be studying in this course is probably dierent from the
mathematics you already know; calculus and linear algebra are relatively useless for modeling
computations. We will learn a branch of math. called discrete mathematics, it forms the
foundation of computer science, and we will introduce it with an eye towards computation.
Lets start with the math!
Discrete Math for the moment
Kenneth H. Rosen Discrete Mathematics and Its Applications, McGraw-Hill,
1990 [Ros90].
Harry R. Lewis and Christos H. Papadimitriou, Elements of the Theory of Computation,
Prentice Hall, 1998. [LP98]
Paul R. Halmos, Naive Set Theory, Springer Verlag, 1974 [Hal74].
The roots of computer science are old, much older than one might expect. The very concept of
computation is deeply linked with what makes mankind special. We are the only animal that
manipulates abstract concepts and has come up with universal ways to form complex theories and
to apply them to our environments. As humans are social animals, we do not only form these
theories in our own minds, but we also found ways to communicate them to our fellow humans.
The most fundamental abstract theory that mankind shares is the use of numbers. This theory
of numbers is detached from the real world in the sense that we can apply the use of numbers to
arbitrary objects, even unknown ones. Suppose you are stranded on an lonely island where you
see a strange kind of fruit for the rst time. Nevertheless, you can immediately count these fruits.
Also, nothing prevents you from doing arithmetics with some fantasy objects in your mind. The
question in the following sections will be: what are the principles that allow us to form and apply
numbers in these general ways? To answer this question, we will try to nd general ways to specify
and manipulate arbitrary objects. Roughly speaking, this is what computation is all about.
23
Something very basic:
Numbers are symbolic representations of numeric quantities.
There are many ways to represent numbers (more on this later)
lets take the simplest one (about 8,000 to 10,000 years old)
we count by making marks on some surface.
For instance //// stands for the number four (be it in 4 apples, or 4 worms)
Let us look at the way we construct numbers a little more algorithmically,
these representations are those that can be created by the following two rules.
o-rule consider as an empty space.
s-xrule given a row of marks or an empty space, make another / mark at the right end
of the row.
Example 15 For ////, Apply the o-rule once and then the s-rule four times.
Denition 16 we call these representations unary natural numbers.
In addition to manipulating normal objects directly linked to their daily survival, humans also
invented the manipulation of place-holders or symbols. A symbol represents an object or a set
of objects in an abstract way. The earliest examples for symbols are the cave paintings showing
iconic silhouettes of animals like the famous ones of Cro-Magnon. The invention of symbols is not
only an artistic, pleasurable waste of time for mankind, but it had tremendous consequences.
There is archaeological evidence that in ancient times, namely at least some 8000 to 10000 years
ago, men started to use tally bones for counting. This means that the symbol bone was used to
represent numbers. The important aspect is that this bone is a symbol that is completely detached
from its original down to earth meaning, most likely of being a tool or a waste product from a
meal. Instead it stands for a universal concept that can be applied to arbitrary objects.
Instead of using bones, the slash / is a more convenient symbol, but it is manipulated in the same
way as in the most ancient times of mankind. The o-rule us to start with a blank slate or an
empty container like a bowl. The s- or successor-rule allows to put an additional bone into a bowl
with bones, respectively, to append a slash to a sequence of slashes. For instance //// stands for
the number four be it in 4 apples, or 4 worms. This representation is constructed by applying
24
the o-rule once and than the s-rule four times.
A little more sophistication (math) please

Denition 17 call /// the successor of //. (successors are created by s-rule)
Denition 18 The following set of axioms are called the Peano Axioms
(Giuseppe Peano (1858), (1932))
Axiom 19 (P1) (aka. zero) is a unary natural number.
Axiom 20 (P2) Every unary natural number has a successor that is a unary natural
number and that is dierent from it.
Axiom 21 (P3) Zero is not successor of any unary natural number.
Axiom 22 (P4) Dierent unary natural numbers have dierent successors.
Axiom 23 (P5: induction) Every unary natural number possesses property a P, if
If the zero has property P and (base condition)
the successor of every unary natural number that has property P also possesses prop-
erty P (step condition)
Question: Why is this a better way of saying things (why so complicated?)
Denition 24 In general, an axiom or postulate is a starting point in logical reasoning with
the aim to prove a mathematical statement or conjecture. A conjecture that is proven is called a
theorem. In addition, there are two subtypes of theorems. The lemma is an intermediate theorem
that serves as part of a proof of a larger theorem. The corollary is a theorem that follows directly
from an other theorem. A logical system consists of axioms and rules that allow inference, i.e., that
allow to form new formal statements out of already proven ones. So, a proof of a conjecture starts
from the axioms that are transformed via the rules of inference until the conjecture is derived.
25
Reasoning about Natural Numbers
The Peano axioms can be used to reason about natural numbers.
Denition 25 An axiom is a statement about mathematical objects that we assume to
be true.
Denition 26 A theorem is a statement about mathematical objects that we know to
be true.
We reason about mathematical objects by inferring theorems from axioms or other the-
orems, e.g.
1. is a unary natural number (axiom P1)
2. / is a unary natural number (axiom P2 and 1.)
3. // is a unary natural number (axiom P2 and 2.)
4. /// is a unary natural number (axiom P2 and 3.)
Denition 27 We call a sequence of inferences a derivation or a proof (of the last
statement).
Lets practice derivations and proofs
Example 28 //////////// is a unary natural number
Theorem 29 /// is a dierent unary natural number than //.
Theorem 30 ///// is a dierent unary natural number than //.
Theorem 31 There is a unary natural number of which /// is the successor
Theorem 32 There are at least 7 unary natural numbers.
Theorem 33 Every unary natural number is either zero or the successor of a unary
natural number. (we will come back to this later)
26
This seems awfully clumsy, lets introduce some notation
Idea: we allow ourselves to give names to unary natural numbers
(we use n, m, l, k, n
1
, n
2
, . . . as names for concrete unary natural numbers.)
Remember the two rules we had for dealing with unary natural numbers
Idea: represent a number by the trace of the rules we applied to construct it.
(e.g. //// is represented as s(s(s(s(o)))))
Denition 34 We introduce some abbreviations
we abbreviate o and by the symbol 0 (called zero)
we abbreviate s(o) and / by the symbol 1 (called one)
we abbreviate s(s(o)) and // by the symbol 2 (called two)
. . .
we abbreviate s(s(s(s(s(s(s(s(s(s(s(s(o)))))))))))) and //////////// by the sym-
bol 12 (called twelve)
. . .
Denition 35 We denote the set of all unary natural numbers with N
1
.
(either representation)
Induction for unary natural numbers
Theorem 36 Every unary natural number is either zero or the successor of a unary
natural number.
Proof: we make use of the induction axiom P5:
P.1 We use the property P of being zero or a successor and prove the statement by
convincing ourselves of the prerequisites of
P.2 is zero, so is zero or a successor.
P.3 Let n be a arbitrary unary natural number that is zero or a successor
P.4 Then its successor is a successor, so the successor of n is zero or a successor
P.5 Since we have taken n arbitrary (nothing in our argument depends on the choice)
we have shown that for any n, its successor has property P.
P.6 Property P holds for all unary natural numbers by P5, so we have proven the assertion
This is a very useful fact to know, it tells us something about the form of unary natural numbers,
which lets us streamline induction proofs and bring them more into the form you may know from
school: to show that some property P holds for every natural number, we analyze an arbitrary
number n by its form in two cases, either it is zero (the base case), or it is a successor of another
number (the spfstep case). In the rst case we prove the base condition and in the latter, we
prove thespfstep condition and use the induction axiom to conclude that all natural numbers have
property P. We will show the form of this proof in the domino-induction below.
27
The Domino Theorem
Theorem 37 Let S
0
, S
1
, . . . be a linear sequence of dominos, such that for any unary
natural number i we know that
1. the distance between S
i
and S
s(i)
is smaller than the height of S
i
,
2. S
i
is much higher than wide, so it is unstable, and
3. S
i
and S
s(i)
have the same weight.
If S
0
is pushed towards S
1
so that it falls, then all dominos will fall.

The Domino Induction
Proof: We prove the assertion by induction over i with the property P that S
i
falls in
the direction of S
s(i)
.
P.1 We have to consider two cases
P.1.1 base case: i is zero:
P.1.1.1 We have assumed that S
0
is pushed towards S
1
, so that it falls
P.1.2 step case: i = s(j) for some unary natural number j:
P.1.2.1 We assume that P holds for S
j
, i.e. S
j
falls in the direction of S
s(j)
= S
i
.
P.1.2.2 But we know that S
j
has the same weight as S
i
, which is unstable,
P.1.2.3 so S
i
falls into the direction opposite to S
j
, i.e. towards S
s(i)
(we have a linear
sequence of dominos)
P.2 We have considered all the cases, so we have proven that P holds for all unary natural
numbers i. (by induction)
P.3 Now, the assertion follows trivially, since if S
i
falls in the direction of S
s(i)
, then
in particular S
i
falls.
If we look closely at the proof above, we see another recurring pattern. To get the proof to go
through, we had to use a property P that is a little stronger than what we need for the assertion
alone. In eect, the additional clause ... in the direction ... in property P is used to make the
step condition go through: we we can use the stronger inductive hypothesis in the proof of step
case, which is simpler.
Often the key idea in an induction proof is to nd a suitable strengthening of the assertion to
get the step case to go through.
28
What can we do with unary natural numbers?
So far not much (lets introduce some operations)
Denition 38 (the addition function) We dene the addition operation pro-
cedurally (by an algorithm)
adding zero to a number does not change it (n o = n)
adding m to the successor of n yields the successor of mn (ms(n) = s(mn))
Q: Is this denition well-formed? (does it characterize a mathematical object?)
Q: May we dene functions by algorithms? (what is a function anyways?)
Addition on unary natural numbers is associative
Theorem 39 For all unary natural numbers n, m, and l, we have n (ml) =
(n m) l.
Proof: we prove this by induction on l
P.1 The property of l is that n (ml) = (n m) l holds.
P.2 We have to consider two cases base case:
P.2.1.1 n (mo) = n m = (n m) o
P.2.2 step case:
P.2.2.1 given arbitrary l, assume n (ml) = (n m) l, show n (ms(l)) =
(n m) s(l).
P.2.2.2 We have n (ms(l)) = n s(ml) = s(n (ml))
P.2.2.3 By inductive hypothesis s((n m) l) = (n m) s(l)
More Operations on Unary Natural Numbers
Denition 40 The summation operation can be dened by the equations
o
i=o
n
i
= o
and
s(m)
i=o
=
m
i=o
m
i
n
i
.
Denition 41 The multiplication operation can be dened by the equations n o = o
and n s(m) = n n m.
Denition 42 The product operation can be dened by the equations
o
i=o
n
i
= o
and
s(m)
i=o
=
m
i=o
m
i
n
i
.
Denition 43 The exponentiation operation can be dened by the equations
exp(n, o) = s(o) and exp(n, s(m)) = n exp(n, m).
Talking (and writing) about Mathematics
29
3.2 Talking (and writing) about Mathematics
Before we go on, we need to learn how to talk and write about mathematics in a succinct way.
This will ease our task of understanding a lot.
Talking about Mathematics (MathTalk)
Denition 44 Mathematicians use a stylized language that
uses formulae to represent mathematical objects,
6
uses math idioms for special situations (e.g. i, hence, let. . . be. . . , then. . . )
classies statements by role (e.g. Denition, Lemma, Theorem, Proof, Example)
We call this language mathematical vernacular.
Denition 45 Abbreviations for Mathematical statements
and are common notations for and and or
not is in mathematical statements often denoted with
x.P (x S.P) stands for condition P holds for all x (in S)
x.P (x S.P) stands for there exists an x (in S) such that proposition P holds
,x.P (,x S.P) stands for there exists no x (in S) such that proposition P holds

1
x.P (
1
x S.P) stands for there exists one and only one x (in S) such that
proposition P holds
i as abbreviation for if and only if, symbolized by
the symbol is used a as shortcut for implies
Observation: With these abbreviations we can use formulae for statements.
Example 46 x.y.x = y (x ,= y) reads
For all x, there is a y, such that x = y, i (if and only if) it is not the case
that x ,= y.
f
EdNote: think about how to reactivate this example
We will use mathematical vernacular throughout the remainder of the notes. The abbreviations
will mostly be used in informal communication situations. Many mathematicians consider it bad
style to use abbreviations in printed text, but approve of them as parts of formulae (see e.g.
Denition 3.3 for an example).
To keep mathematical formulae readable (they are bad enough as it is), we like to express mathe-
matical objects in single letters. Moreover, we want to choose these letters to be easy to remember;
e.g. by choosing them to remind us of the name of the object or reect the kind of object (is it a
number or a set, . . . ). Thus the 50 (upper/lowercase) letters supplied by most alphabets are not
sucient for expressing mathematics conveniently. Thus mathematicians use at least two more
alphabets.
30
The Greek, Curly, and Fraktur Alphabets Homework
Homework: learn to read, recognize, and write the Greek letters
A alpha B beta gamma
delta E epsilon Z zeta
H eta , theta I iota
K kappa lambda M mu
N nu Xi o O omicron
, Pi P rho sigma
T tau upsilon phi
X chi psi omega
we will need them, when the other alphabets give out.
BTW, we will also use the curly Roman and Fraktur alphabets:
/, B, c, T, c, T, (, , 1, , /, /, /, A, O, T, Q, 1, S, T , |, 1, V, ., ], ?
A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z
On our way to understanding functions
We need to understand sets rst.
Naive Set Theory
3.3 Naive Set Theory
We now come to a very important and foundational aspect in Mathematics: Sets. Their importance
comes from the fact that all (known) mathematics can be reduced to understanding sets. So it is
important to understand them thoroughly before we move on.
But understanding sets is not so trivial as it may seem at rst glance. So we will just represent
sets by various descriptions. This is called naive set theory, and indeed we will see that it leads
us in trouble, when we try to talk about very large sets.
31
Understanding Sets
Sets are one of the foundations of mathematics,
and one of the most dicult concepts to get right axiomatically
Denition 47 A set is everything that can form a unity in the face of God.
(Georg Cantor ((1845), (1918)))
For this course: no denition; just intuition (naive set theory)
To understand a set S, we need to determine, what is an element of S and what isnt.
Notations for sets (so we can write them down)
listing the elements within curly brackets: e.g. a, b, c
to describe the elements by a property: x [ x has property P
by stating element-hood (a S) or not (b , S).
Warning: Learn to distinguish between objects and their representations!
(a, b, c and b, a, a, c are dierent representations of the same set)
Now that we can represent sets, we want to compare them. We can simply dene relations between
sets using the three set description operations introduced above.
Relations between Sets
set equality: A B : x.x A x B
subset: A B : x.x A x B
proper subset: A B : (x.x A x B) (A ,= B)
superset: A B : x.x A x B
proper superset: A B : (x.x A x B) (A ,= B)
We want to have some operations on sets that let us construct new sets from existing ones. Again,
can dene them.
32
Operations on Sets
union: A B := x [ x A x B
union over a collection: Let I be a set and S
i
a family of sets indexed by I, then
iI
S
i
:= x [ i I.x S
i
. We write
n
i=1
S
i
for
i[1,n]
S
i
intersection: A B := x [ x A x B
intersection over a collection: Let I be a set and S
i
a family of sets indexed by I, then
iI
S
i
:= x [ i I.x S
i
. We write
n
i=1
S
i
for
i[1,n]
S
i
set dierence: AB := x [ x A x , B
the power set: T(A) := S [ S A
the empty set: x.x ,
Cartesian product: AB := a, b [ a A b B, call a, b pair.
n-fold Cartesian product: A
1
A
n
:= a
1
, . . . , a
n
[ i.a
i
A
i
,
call a
1
, . . . , a
n
an n-tuple
n-dim Cartesian space: A
n
:= a
1
, . . . , a
n
[ a
i
A,
call a
1
, . . . , a
n
a vector
7
EdNote:7
These operator denitions give us a chance to reect on how we do denitions in mathematics.
3.3.1 Denitions in Mathtalk
Mathematics uses a very eective technique for dealing with conceptual complexity. It usually
starts out with discussing simple, basic objects and their properties. These simple objects can be
combined to more complex, compound ones. Then it uses a denition to give a compound object
a new name, so that it can be used like a basic one. In particular, the newly dened object can be
used to form compound objects, leading to more and more complex objects that can be described
succinctly. In this way mathematics incrementally extends its vocabulary by add layers and layers
of denitions onto very simple and basic beginnings. We will now discuss four denition schemata
that will occur over and over in this course.
Denition 48 The simplest form of denition schema is the simple denition. This just intro-
duces a name (the deniendum) for a compound object (the deniens). Note that the name must
be new, i.e. may not have been used for anything else, in particular, the deniendum may not
occur in the deniens. We use the symbols := (and the inverse =:) to denote simple denitions in
formulae.
Example 49 We can give the unary natural number //// the name . In a formula we write
this as := //// or //// =: .
Denition 50 A somewhat more rened form of denition is used for operators on and relations
between objects. In this form, then deniendum is the operator or relation is applied to n distinct
variables v
1
, . . . , v
n
as arguments, and the deniens is an expression in these variables. When the
new operator is applied to arguments a
1
, . . . , a
n
, then its value is the deniens expression where
the v
i
are replaced by the a
i
. We use the symbol := for operator denitions and : for pattern
denitions.
8
EdNote:8
7
EdNote: need to dene the big operators for sets
8
EdNote: maybe better markup up pattern denitions as binding expressions, where the formal variables are bound.
33
Example 51 The following is a pattern denition for the set intersection operator :
A B := x [ x A x B
The pattern variables are Aand B, and with this denition we have e.g. = x [ x x .
Denition 52 We now come to a very powerful denition schema. An implicit denition (also
called denition by description) is a formula A, such that we can prove
1
n.A, where n is a new
name.
Example 53 x.x , is an implicit denition for the empty set . Indeed we can prove unique
existence of by just exhibiting and showing that any other set S with x.x , S we have S .
IndeedS cannot have elements, so it has the same elements ad , and thus S .
Sizes of Sets
We would like to talk about the size of a set. Let us try a denition
Denition 54 The size #(A) of a set A is the number of elements in A.
Intuitively we should have the following identities:
#(a, b, c) = 3
#(N) = (innity)
#(A B) #(A) + #(B) (
*
cases with )
#(A B) min(#(A), #(B))
#(AB) = #(A) #(B)
But how do we prove any of them? (what does number of elements mean anyways?)
Idea: We need a notion of counting, associating every member of a set with a unary
natural number.
Problem: How do we associate elements of sets with each other?
(wait for bijective functions)
But before we delve in to the notion of relations and functions that we need to associate set
members and counding let us now look at large sets, and see where this gets us.
Sets can be Mind-boggling
sets seem so simple, but are really quite powerful (no restriction on the elements)
There are very large sets, e.g. the set o of all sets
contains the , for each object O we have O, O, O, O, . . . o,. . .
contains all unions, intersections, power sets, . . .
contains itself: o o (scary!)
Lets make o less scary
34
A less scary o?
Idea: how about the set o
t
of all sets that do not contain themselves
Question: is o
t
o
t
? (were we successful?)
suppose it is, then then we must have o
t
, o
t
, since we have explicitly taken out the
sets that contain themselves
suppose it is not, then have o
t
o
t
, since all other sets are elements.
In either case, we have o
t
o
t
i o
t
, o
t
, which is a contradiction!
(Russells Antinomy [Bertrand Russell 03])
Does MathTalk help?: no: o
t
:= m [ m , m
MathTalk allows statements that lead to contradictions, but are legal wrt. vocabu-
lary and grammar.
We have to be more careful when constructing sets! (axiomatic set theory)
for now: stay away from large sets. (stay naive)
Even though we have seen that naive set theory is inconsistent, we will use it for this course.
But we will take care to stay away from the kind of large sets that we needed to constuct the
paradoxon.
3.4 Relations and Functions
Now we will take a closer look at two very fundamental notions in mathematics: functions and
relations. Intuitively, functions are mathematical objects that take arguments (as input) and
return a result (as output), whereas relations are objects that take arguments and state whether
they are related.
We have alread encountered functions and relations as set operations e.g. the elementhood
relation which relates a set to its elements or the powerset function that takes a set and produces
another (its powerset).
35
Relations
Denition 55 R AB is a (binary) relation between A and B.
Denition 56 If A = B then R is called a relation on A.
Denition 57 R AB is called total i x A.y B.x, y R.
Denition 58 (R)
1
:= y, x [ x, y R is the converse relation of R.
Note: (R)
1
B A.
The composition of R AB and S B C is dened as S R :=
a, c (AC) [ b B.a, b R b, c S
Example 59 relation , =, has color
Note: we do not really need ternary, quaternary, . . . relations
Idea: Consider AB C as A(B C) and a, b, c as a, b, c
we can (and often will) see a, b, c as a, b, c dierent representations of the same
object.
We will need certain classes of relations in following, so we introduce the necessary abstract
properties of relations.
Properties of binary Relations
Denition 60 A relation R AA is called
reexive on A, i a A.a, a R
symmetric on A, i a, b A.a, b R b, a R
antisymmetric on A, i a, b A.(a, b R b, a R) a = b
transitive on A, i a, b, c A.(a, b R b, c R) a, c R
equivalence relation on A, i R is reexive, symmetric, and transitive
partial order on A, i R is reexive, antisymmetric, and transitive on A.
a linear order on A, i R is transitive and for all x, y A with x ,= y either x, y R
or y, x R
Example 61 The equality relation is an equivalence relation on any set.
Example 62 The relation is a linear order on N (all elements are comparable)
Example 63 On sets of persons, the mother-of relation is an non-symmetric, non-
reexive relation.
Example 64 On sets of persons, the ancestor-of relation is a partial order that is not
linear.
36
Functions (as special relations)

Denition 65 f X Y , is called a partial function, i for all x X there is at most
one y Y with x, y f.
Notation 66 f : X Y ; x y if x, y f (arrow notation)
call X the domain (write dom(f)), and Y the codomain (codom(f))(come with f)
Notation 67 f(x) = y instead of x, y f (function application)
Denition 68 We call a partial function f : X Y undened at x X, i x, y , f
for all y Y . (write f(x) = )
Denition 69 If f : X Y is a total relation, we call f a total function and write
f : X Y . (x X.
1
y Y .x, y f)
Notation 70 f : x y if x, y f (arrow notation)
*
: this probably does not conform to your intuition about functions. Do not
worry, just think of them as two dierent things they will come together over time.
(In this course we will use function as dened here!)
Function Spaces
Denition 71 Given sets A and B We will call the set A B (A B) of all (partial)
functions from A to B the (partial) function space from A to B.
Example 72 Let B := 0, 1 be a two-element set, then
B B = 0, 0, 1, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1
B B = (B B) , 0, 0, 0, 1, 1, 0, 1, 1
as we can see, all of these functions are nite (as relations)
a = b
= c
e = f
37
Lambda-Notation for Functions
Problem: It is common mathematical practice to write things like f
a
(x) = ax
2
+
3x + 5, meaning e.g. that we have a collection f
a
[ a A of functions.
(is a an argument or jut a parameter?)
Denition 73 To make the role of arguments extremely clear, we write functions in
-notation. For f = x, E [ x X, where E is an expression, we write x X.E.
Example 74 The simplest function we always try everything on is the identity function:
n N.n = n, n [ n N = Id
N
= 0, 0, 1, 1, 2, 2, 3, 3, . . .
Example 75 We can also to more complex expressions, here we take the square function
x N.(x
2
) = x, x
2
[ x N
= 0, 0, 1, 1, 2, 4, 3, 9, . . .
Example 76 -notation also works for more complicated domains. In this case we have
tuples as arguments.
x, y N
2
.x +y = x, y, x +y [ x N y N
= 0, 0, 0, 0, 1, 1, 1, 0, 1,
1, 1, 2, 0, 2, 2, 2, 0, 2, . . .
9
EdNote:9
The three properties we dene next give us information about whether we can invert functions.
9
EdNote: dene Idon and Bool somewhere else and import it here
38
Properties of functions, and their converses
Denition 77 A function f : S T is called
injective i x, y S.f(x) = f(y) x = y.
surjective i y T.x S.f(x) = y.
bijective i f is injective and surjective.
Note: If f is injective, then the converse relation (f)
1
is a partial function.
Note: If f is surjective, then the converse (f)
1
is a total relation.
Denition 78 If f is bijective, call the converse relation (f)
1
the inverse function.
Note: if f is bijective, then the converse relation (f)
1
is a total function.
Example 79 The function : N
1
N with ( ) = 0 and (s(n)) = (n) + 1 is a
bijection between the unary natural numbers and the natural numbers from highschool.
Note: Sets that can be related by a bijection are often considered equivalent, and some-
times confused. We will do so with N
1
and N in the future
Cardinality of Sets
Now, we can make the notion of the size of a set formal, since we can associate members
of sets by bijective functions.
Denition 80 We say that a set A is nite and has cardinality #(A) N, i there is
a bijective function f : A n N [ n < #(A).
Denition 81 We say that a set A is countably innite, i there is a bijective function
f : A N.
Theorem 82 We have the following identities for nite sets A and B
#(a, b, c) = 3 (e.g. choose f = a, 0, b, 1, c, 2)
#(A B) #(A) + #(B)
#(A B) min(#(A), #(B))
#(AB) = #(A) #(B)
With the denition above, we can prove them (last three Homework)
Next we turn to a higher-order function in the wild. The composition function takes two functions
as arguments and yields a function as a result.
39
Operations on Functions
Denition 83 If f (A B) and g (B C) are functions, then we call
g f : A C; x g(f(x))
the composition of g and f (read g after f).
Denition 84 Let f (A B) and C A, then we call the relation c, b [
c C c, b f the restriction of f to C.
Denition 85 Let f : A B be a function, A
t
A and B
t
B, then we call
f(A
t
) := b B [ a A
t
.a, b f the image of A
t
under f and f
1
(B
t
) :=
a A [ b B
t
.a, b f the pre-image of B
t
under f.
40
4 Computing with Functions over Inductively Dened Sets
4.1 Standard ML: Functions as First-Class Objects
Enough theory, let us start computing with functions
We will use Standard ML for now
We will use the language SML for the course. This has three reasons
The mathematical foundations of the computational model of SML is very simple: it con-
sists of functions, which we have already studied. You will be exposed to an imperative
programming language (C) in the lab and later in the course.
We call programming languages where procedures can be fully described in terms of their
input/output behavior functional.
As a functional programming language, SML introduces two very important concepts in a
very clean way: typing and recursion.
Finally, SML has a very useful secondary virtue for a course at Jacobs University, where stu-
dents come from very dierent backgrounds: it provides a (relatively) level playing ground,
since it is unfamiliar to all students.
Generally, when choosing a programming language for a computer science course, there is the
choice between languages that are used in industrial practice (C, C++, Java, FORTRAN, COBOL,. . . )
and languages that introduce the underlying concepts in a clean way. While the rst category have
the advantage of conveying important practical skills to the students, we will follow the motto
No, lets think for this course and choose ML for its clarity and rigor. In our experience, if the
concepts are clear, adapting the particular syntax of a industrial programming language is not
that dicult.
Historical Remark: The name ML comes from the phrase Meta Language: ML was developed as
the scripting language for a tactical theorem prover
4
a program that can construct mathematical
proofs automatically via tactics (little proof-constructing programs). The idea behind this is the
following: ML has a very powerful type system, which is expressive enough to fully describe proof
data structures. Furthermore, the ML compiler type-checks all ML programs and thus guarantees
that if an ML expression has the type A B, then it implements a function from objects of
type A to objects of type B. In particular, the theorem prover only admitted tactics, if they were
type-checked with type T T, where T is the type of proof data structures. Thus, using ML as
a meta-language guaranteed that theorem prover could only construct valid proofs.
The type system of ML turned out to be so convenient (it catches many programming errors
before you even run the program) that ML has long transcended its beginnings as a scripting
language for theorem provers, and has developed into a paradigmatic example for functional
programming languages.
4
The Edinburgh LCF system
41
Standard ML (SML)
Why this programming language?
Important programming paradigm (Functional Programming (with static typing))
because all of you are unfamiliar with it (level playing ground)
clean enough to learn important concepts (e.g. typing and recursion)
SML uses functions as a computational model (we already understand them)
SML has an interpreted runtime system (inspect program state)
Book: SML for the working programmer by Larry Paulson
Web resources: see the post on the course forum
Homework: install it, and play with it at home!
Disclaimer: We will not give a full introduction to SML in this course, only enough to make the
course self-contained. There are good books on ML and various web resources:
A book by Bob Harper (CMU) http://www-2.cs.cmu.edu/
~
rwh/smlbook/
The Moscow ML home page, one of the MLs that you can try to install, it also has many
interesting links http://www.dina.dk/
~
sestoft/mosml.html
The home page of SML-NJ (SML of New Jersey), the standard ML http://www.smlnj.org/
also has a ML interpreter and links Online Books, Tutorials, Links, FAQ, etc. And of course
you can download SML from there for Unix as well as for Windows.
A tutorial from Cornell University. It starts with Hello world and covers most of the
material we will need for the course. http://www.cs.cornell.edu/gries/CSCI4900/ML/
gimlFolder/manual.html
and nally a page on ML by the people who originally invented ML: http://www.lfcs.
inf.ed.ac.uk/software/ML/
One thing that takes getting used to is that SML is an interpreted language. Instead of transform-
ing the program text into executable code via a process called compilation in one go, the SML
interpreter provides a run time environment that can execute well-formed program snippets in a
dialogue with the user. After each command, the state of the run-time systems can be inspected
to judge the eects and test the programs. In our examples we will usually exhibit the input to
the interpreter and the system response in a program block of the form
- input to the interpreter
system response
42
Programming in SML (Basic Language)
Generally: start the SML interpreter, play with the program state.
Denition 86 (Predened objects in SML) (SML comes with a basic inventory)
basic types int, real, bool, string , . . .
basic type constructors ->, *,
basic operators numbers, true, false, +, *, -, >, ^, . . . (
*
overloading)
control structures if then E
1
else E
2
;
comments (*this is a comment *)
One of the most conspicuous features of SML is the presence of types everywhere.
Denition 87 types are program constructs that classify program objects into categories.
In SML, literally every object has a type, and the rst thing the interpreter does is to determine
the type of the input and inform the user about it. If we do something simple like typing a number
(the input has to be terminated by a semicolon), then we obtain its type:
- 2;
val it = 2 : int
In other words the SML interpreter has determined that the input is a value, which has type
integer. At the same time it has bound the identier it to the number 2. Generally it will
always be bound to the value of the last successful input. So we can continue the interpreter
session with
- it;
val it = 2 : int
- 4.711;
val it = 4.711 : real
- it;
val it = 4.711 : real
Programming in SML (Declarations)
Denition 88 (Declarations) allow abbreviations for convenience
value declarations val pi = 3.1415;
type declarations type twovec = int * int;
function declarations fun square (x:real) = x*x;
(leave out type, if unambiguous)
SML functions that have been declared can be applied to arguments of the right type,
e.g. square 4.0, which evaluates to 4.0 * 4.0 and thus to 16.0.
Local declarations: allow abbreviations in their scope (delineated by in and end)
- val test = 4;
val it = 4 : int
- let val test = 7 in test * test end;
val it = 49 :int
- test;
val it = 4 : int
43
While the previous inputs to the interpreters do not change its state, declarations do: they bind
identiers to values. In the rst example, the identier twovec to the type int * int, i.e. the
type of pairs of integers. Functions are declared by the fun keyword, which binds the identier
behind it to a function object (which has a type; in our case the function type real -> real).
Note that in this example we annotated the formal parameter of the function declaration with a
type. This is always possible, and in this necessary, since the multiplication operator is overloaded
(has multiple types), and we have to give the system a hint, which type of the operator is actually
intended.
Programming in SML (Pattern Matching)
Component Selection: (very convenient)
- val unitvector = (1,1);
val unitvector = (1,1) : int * int
- val (x,y) = unitvector
val x = 1 : int
val y = 1 : int
Denition 89 anonymous variables (if we are not interested in one value)
- val (x,_) = unitvector;
val x = 1 :int
Example 90 We can dene the selector function for pairs in SML as
- fun first (p) = let val (x,_) = p in x end;
val first = fn : a * b -> a
Note the type: SML supports universal types with type variables a, b,. . . .
first is a function that takes a pair of type a*b as input and gives an object of type
a as output.
Another unusual but convenient feature realized in SML is the use of pattern matching. In
pattern matching we allow to use variables (previously unused identiers) in declarations with the
understanding that the interpreter will bind them to the (unique) values that make the declaration
true. In our example the second input contains the variables x and y. Since we have bound the
identier unitvector to the value (1,1), the only way to stay consistent with the state of the
interpreter is to bind both x and y to the value 1.
Note that with pattern matching we do not need explicit selector functions, i.e. functions that
select components from complex structures that clutter the namespaces of other functional lan-
guages. In SML we do not need them, since we can always use pattern matching inside a let
expression. In fact this is considered better programming style in SML.
Whats next?
More SML constructs and general theory of functional programming.
One construct that plays a central role in functional programming is the data type of lists. SML
has a built-in type constructor for lists. We will use list functions to acquaint ourselves with the
essential notion of recursion.
44
Using SML lists

SML has a built-in list type (actually a list type constructor)
given a type ty, list ty is also a type.
- [1,2,3];
val it = [1,2,3] : int list
constructors nil and :: (nil = empty list, :: = list constructor cons)
- nil;
val it = [] : a list
- 9::nil;
val it = [9] : int list
A simple recursive function: creating integer intervals
- fun upto (m,n) = if m>n then nil else m::upto(m+1,n);
val upto = fn : int * int -> int list
- upto(2,5);
val it = [2,3,4,5] : int list
Question: What is happening here, we dene a function by itself? (circular?)
A constructor is an operator that constructs members of an SML data type.
The type of lists has two constructors: nil that constructs a representation of the empty list,
and the list constructor :: (we pronounce this as cons), which constructs a new list h::l
from a list l by pre-pending an element h (which becomes the new head of the list).
Note that the type of lists already displays the circular behavior we also observe in the function
denition above: A list is either empty or the cons of a list. We say that the type of lists is
inductive or inductively dened.
In fact, the phenomena of recursion and inductive types are inextricably linked, we will explore
this in more detail below.
45
Dening Functions by Recursion
SML allows to call a function already in the function denition.
fun upto (m,n) = if m>n then nil else m::upto(m+1,n);
Evaluation in SML is call-by-value i.e. to whenever we encounter a function applied
to arguments, we compute the value of the arguments rst.
So we have the following evaluation sequence:
upto(2,4) 2::upto(3,4) 2::(3::upto(4,4)) 2::(3::(4::nil)) =
[2,3,4]
Denition 91 We call an SML function recursive, i the function is called in the func-
tion denition.
Note that recursive functions need not terminate, consider the function
fun diverges (n) n + diverges(n+1);
which has the evaluation sequence
diverges(1) 1 + diverges(2) a 1 + (2 + diverges(3)) . . .
Dening Functions by cases
Idea: Use the fact that lists are either nil or of the form X::Xs, where X is an element
and Xs is a list of elements.
The body of an SML function can be made of several cases separated by the operator |.
Example 92 Flattening lists of lists (using the inx append operator @)
- fun flat [] = [] (* base case *)
| flat (l::ls) = l @ flat ls; (* step case *)
val flat = fn : a list list -> a list
- flat [["When","shall"],["we","three"],["meet","again"]]
["When","shall","we","three","meet","again"]
Dening functions by cases and recursion is a very important programming mechanism in SML.
At the moment we have only seen it for the built-in type of lists. In the future we will see that it
can also be used for user-dened data types. We start out with another one of SMLs basic types:
strings.
We will now look at the the string type of SML and how to deal with it. But before we do, let
us recap what strings are. Strings are just sequences of characters.
Therefore, SML just provides an interface to lists for manipulation.
46
Lists and Strings
some programming languages provide a type for single characters
(strings are lists of characters there)
in SML, string is an atomic type
function explode converts from string to char list
function implode does the reverse
- explode "GenCS1";
val it = [#"G",#"e",#"n",#"C",#"S",#"",#"1"] : char list
- implode it;
val it = "GenCS1" : string
Exercise: Try to come up with a function that detects palindromes like otto or anna,
try also (more at [Pal])
Marge lets Norah see Sharons telegram, or (up to case, punct and space)
Ein Neger mit Gazelle zagt im Regen nie (for German speakers)
The next feature of SML is slightly disconcerting at rst, but is an essential trait of functional
programming languages: functions are rst-class objects. We have already seen that they have
types, now, we will see that they can also be passed around as argument and returned as values.
For this, we will need a special syntax for functions, not only the fun keyword that declares
functions.
Higher-Order Functions
Idea: pass functions as arguments (functions are normal values.)
Example 93 Mapping a function over a list
- fun f x = x + 1;
- map f [1,2,3,4];
[2,3,4,5] : int list
Example 94 We can program the map function ourselves!
fun mymap (f, nil) = nil
| mymap (f, h::t) = (f h) :: mymap (f,t);
Example 95 declaring functions (yes, functions are normal values.)
- val identity = fn x => x;
val identity = fn : a -> a
- identity(5);
val it = 5 : int
Example 96 returning functions: (again, functions are normal values.)
- val constantly = fn k => (fn a => k);
- (constantly 4) 5;
val it = 4 : int
- fun constantly k a = k;
47
One of the neat uses of higher-order function is that it is possible to re-interpret binary functions as
unary ones using a technique called Currying after the Logician Haskell Brooks Curry ((1900),
(1982)). Of course we can extend this to higher arities as well. So in theory we can consider
n-ary functions as syntactic sugar for suitable higher-order functions.
Cartesian and Cascaded Procedures

We have not been able to treat binary, ternary,. . . procedures directly
Workaround 1: Make use of (Cartesian) products (unary functions on tuples)
Example 97 +: Z Z Z with +(3, 2) instead of +(3, 2)
fun cartesian_plus (x:int,y:int) = x + y;
cartesian_plus : int * int -> int
Workaround 2: Make use of functions as results
Example 98 +: Z Z Z with +(3)(2) instead of +(3, 2).
fun cascaded_plus (x:int) = (fn y:int => x + y);
cascaded_plus : int -> (int -> int)
Note: cascaded_plus can be applied to only one argument: cascaded_plus 1 is the
function (fn y:int => 1 + y), which increments its argument.
SML allows both Cartesian- and cascaded functions, since we sometimes want functions to be
exible in function arities to enable reuse, but sometimes we want rigid arities for functions as
this helps nd programming errors.
48
Cartesian and Cascaded Procedures (Brackets)
Denition 99 Call a procedure Cartesian, i the argument type is a product type, call
it cascadedcascadedprocedure, i the result type is a function type.
Example 100 the following function is both Cartesian and cascading
- fun both_plus (x:int,y:int) = fn (z:int) => x + y + z;
val both_plus (int * int) -> (int -> int)
Convenient: Bracket elision conventions
e
1
e
2
e
3
(e
1
e
2
) e
3
10
(procedure application associates to the left)

1

2

3

1
(
2

3
) (function types associate to the right)
SML uses these elision rules
- fun both_plus (x:int,y:int) = fn (z:int) => x + y + z;
val both_plus int * int -> int -> int
cascaded_plus 4 5;
Another simplication (related to those above)
- fun cascaded_plus x y = x + y;
val cascaded_plus : int -> int -> int
j
EdNote: Generla Problem: how to mark up SML syntax?
Folding Procedures
Denition 101 SML provides the left folding operator to realize a recurrent computa-
tion schema
foldl : (a * b -> b) -> b -> a list -> b
foldl f s [x
1
,x
2
,x
3
] = f(x
3
,f(x
2
,f(x
1
,s)))
f
f
f
x
3
x
2
x
1 s
We call the procedure f the iterator and s the start value
Example 102 Folding the iterator op+ with start value 0:
foldl op+ 0 [x
1
,x
2
,x
3
] = x
3
+(x
2
+(x
1
+0))
+
+
+
x
3
x
2
x
1 0
Thus the procedure fun plus xs = foldl op+ 0 xs adds the
elements of integer lists.
49
Folding Procedures (continued)
Example 103 (Reversing Lists) foldl op:: nil [x
1
,x
2
,x
3
] = x
3
:: (x
2
:: (x
1
:: nil))
::
::
::
x
3
x
2
x
1 nil
Thus the procedure fun rev xs = foldl op:: nil xs reverses
a list
Folding Procedures (foldr)
Denition 104 The right folding operator foldr is a variant of foldl that processes
the list elements in reverse order.
foldr : (a * b -> b) -> b -> a list -> b
foldr f s [x
1
,x
2
,x
3
] = f(x
1
,f(x
2
,f(x
3
,s)))
f
f
f
x
1
x
2
x
3 s
Example 105 (Appending Lists) foldr op:: ys [x
1
,x
2
,x
3
] = x
1
:: (x
2
:: (x
3
:: ys))
::
::
::
x
1
x
2
x
3
ys
fun append(xs,ys) = foldr op:: ys xs
Now that we know some SML
SML is a functional Programming Language
What does this all have to do with functions?
Back to Induction, Peano Axioms and functions (to keep it simple)
50
4.2 Inductively Dened Sets and Computation
Let us now go back to looking at concrete functions on the unary natural numbers. We want to
convince ourselves that addition is a (binary) function. Of course we will do this by constructing
a proof that only uses the axioms pertinent to the unary natural numbers: the Peano Axioms.
But before we can prove function-hood of the addition function, we must solve a problem: addition
is a binary function (intuitively), but we have only talked about unary functions. We could solve
this problem by taking addition to be a cascaded function, but we will take the intuition seriously
that it is a Cartesian function and make it a function from N N to N.
What about Addition, is that a function?
Problem: Addition takes two arguments (binary function)
One solution: +: N N N is unary
+(n, o) = n (base) and +(m, s(n)) = s(+(m, n)) (step)
Theorem 106 + (N N) N is a total function.
We have to show that for all n, m (N N) there is exactly one l N with
n, m, l +.
We will use functional notation for simplicity
Addition is a total Function
Lemma 107 For all n, m (N N) there is exactly one l N with +(n, m) = l.
Proof: by induction on m. (what else)
P.1 we have two cases
P.1.1 base case (m = o):
P.1.1.1 choose l := n, so we have +(n, o) = n = l.
P.1.1.2 For any l
t
= +(n, o), we have l
t
= n = l.
P.1.2 step case (m = s(k)):
P.1.2.1 o assume that there is a unique r = +(n, k), choose l := s(r), so we have
+(n, s(k)) = s(+(n, k)) = s(r).
P.1.2.2 Again, for any l
t
= +(n, s(k)) we have l
t
= l.
Corollary 108 +: N
1
N
1
N
1
is a total function.
The main thing to note in the proof above is that we only needed the Peano Axioms to prove
function-hood of addition. We used the induction axiom (P5) to be able to prove something about
all unary natural numbers. This axiom also gave us the two cases to look at. We have used the
distinctness axioms (P3 and P4) to see that only one of the dening equations applies, which in
the end guaranteed uniqueness of function values.
51
Reection: How could we do this?
we have two constructors for N
1
: the base element o N
1
and the successor function
s: N
1
N
1
Observation: Dening Equations for +: +(n, o) = n (base) and +(m, s(n)) =
s(+(m, n)) (step)
the equations cover all cases: n is arbitrary, m = o and m = s(k)
(otherwise we could have not proven existence)
but not more (no contradictions)
using the induction axiom in the proof of unique existence.
Example 109 Dening equations (o) = o and (s(n)) = s(s((n)))
Example 110 Dening equations (l, o) = o and (l, s(r)) = +((l, r), l)
Idea: Are there other sets and operations that we can do this way?
the set should be built up by injective constructors and have an induction axiom
(abstract data type)
the operations should be built up by case-complete equations
The specic characteristic of the situation is that we have an inductively dened set: the unary nat-
ural numbers, and dening equations that cover all cases (this is determined by the constructors)
and that are non-contradictory. This seems to be the pre-requisites for the proof of functionality
we have looked up above.
As we have identied the necessary conditions for proving function-hood, we can now generalize
the situation, where we can obtain functions via dening equations: we need inductively dened
sets, i.e. sets with Peano-like axioms.
52
Peano Axioms for Lists L[N]
Lists of natural numbers: [1, 2, 3], [7, 7], [], . . .
nil-rule: start with the empty list []
cons-rule: extend the list by adding a number n N
1
at the front
two constructors: nil L[N] and cons: N
1
L[N] L[N]
Example 111 e.g. [3, 2, 1] = cons(3, cons(2, cons(1, nil))) and [] = nil
Denition 112 We will call the following set of axioms are called the Peano Axioms
for L[N] in analogy to the Peano Axioms in Denition 18
Axiom 113 (LP1) nil L[N] (generation axiom (nil))
Axiom 114 (LP2) cons: N
1
L[N] L[N] (generation axiom (cons))
Axiom 115 (LP3) nil is not a cons-value
Axiom 116 (LP4) cons is injective
Axiom 117 (LP5) If the nil possesses property P and (Induction Axiom)
for any list l with property P, and for any n N
1
, the list cons(n, l) has property P
then every list l L[N] has property P.
Note: There are actually 10 (Peano) axioms for lists of unary natural numbers the original ve
for N
1
they govern the constructors o and s, and the ones we have given for the constructors
nil and cons here.
Note that the Pi and the LPi are very similar in structure: they say the same things about the
constructors.
The rst two axioms say that the set in question is generated by applications of the constructors:
Any expression made of the constructors represents a member of N
1
and L[N] respectively.
The next two axioms eliminate any way any such members can be equal. Intuitively they can
only be equal, if they are represented by the same expression. Note that we do not need any
axioms for the relation between N
1
and L[N] constructors, since they are dierent as members of
dierent sets.
Finally, the induction axioms give an upper bound on the size of the generated set. Intuitively
the axiom says that any object that is not represented by a constructor expression is not a member
of N
1
and L[N].
53
Operations on Lists: Append
The append function @: L[N] L[N] L[N] concatenates lists
Dening equations: nil@l = l and cons(n, l)@r = cons(n, l@r)
Example 118 [3, 2, 1]@[1, 2] = [3, 2, 1, 1, 2] and []@[1, 2, 3] = [1, 2, 3] = [1, 2, 3]@[]
Lemma 119 For all l, r L[N], there is exactly one s L[N] with s = l@r.
Proof: by induction on l. (what does this mean?)
P.1 we have two cases
P.1.1 base case: l = nil: must have s = r.
P.1.2 step case: l = cons(n, k) for some list k:
P.1.2.1 Assume that here is a unique s
t
with s
t
= k@r,
P.1.2.2 then s = cons(n, k)@r = cons(n, k@r) = cons(n, s
t
).
Corollary 120 Append is a function (see, this just worked ne!)
You should have noticed that this proof looks exactly like the one for addition. In fact, wherever
we have used an axiom Pi there, we have used an axiom LPi here. It seems that we can do
anything we could for unary natural numbers for lists now, in particular, programming by recursive
equations.
Operations on Lists: more examples
Denition 121 (nil) = o and (cons(n, l)) = s((l))
Denition 122 (nil) = nil and (cons(n, l)) = (l)@cons(n, nil).
Now, we have seen that inductively dened sets are a basis for computation, we will turn to the
programming language see them at work in concrete setting.
4.3 Inductively Dened Sets in SML
We are about to introduce one of the most powerful aspects of SML, its ability to dene data
types. After all, we have claimed that types in SML are rst-class objects, so we have to have a
means of constructing them.
We have seen above, that the main feature of an inductively dened set is that it has Peano
Axioms that enable us to use it for computation. Note that specifying them, we only need to
know the constructors (and their types). Therefore the datatype constructor in SML only needs
to specify this information as well. Moreover, note that if we have a set of constructors of an
inductively dened set e.g. zero : mynat and suc : mynat -> mynat for the set mynat, then
their codomain type is always the same: mynat. Therefore, we can condense the syntax even
further by leaving that implicit.
54
Data Type Declarations
concrete version of abstract data types in SML
- datatype mynat = zero | suc of mynat;
datatype mynat = suc of mynat | zero
this gives us constructor functions zero : mynat and suc : mynat -> mynat.
dene functions by (complete) case analysis (abstract procedures)
fun num (zero) = 0 | num (suc(n)) = num(n) + 1;
val num = fn : mynat -> int
fun incomplete (zero) = 0;
stdIn:10.1-10.25 Warning: match nonexhaustive
zero => ...
val incomplete = fn : mynat -> int
fun ic (zero) = 1 | ic(suc(n))=2 | ic(zero)= 3;
stdIn:1.1-2.12 Error: match redundant
zero => ...
suc n => ...
zero => ...
So, we can re-dene a type of unary natural numbers in SML, which may seem like a somewhat
pointless exercise, since we have integers already. Let us see what else we can do.
Data Types Example (Enumeration Type)
a type for weekdays (nullary constructors)
datatype day = mon | tue | wed | thu | fri | sat | sun;
use as basis for rule-based procedure (rst clause takes precedence)
- fun weekend sat = true
| weekend sun = true
| weekend _ = false
val weekend : day -> bool
this give us
- weekend sun
true : bool
- map weekend [mon, wed, fri, sat, sun]
[false, false, false, true, true] : bool list
nullary constructors describe values, enumeration types nite sets
Somewhat surprisingly, nite enumeration types that are a separate constructs in most program-
ming languages are a special case of datatype declarations in SML. They are modeled by sets of
base constructors, without any functional ones, so the base cases form the nite possibilities in
this type. Note that if we imagine the Peano Axioms for this set, then they become very simple;
in particular, the induction axiom does not have step cases, and just species that the property
P has to hold on all base cases to hold for all members of the type.
55
Let us now come to a real-world examples for data types in SML. Say we want to supply a library
for talking about mathematical shapes (circles, squares, and triangles for starters), then we can
represent them as a data type, where the constructors conform to the three basic shapes they are
in. So a circle of radius r would be represented as the constructor term Circle $r$ (what else).
Data Types Example (Mathematical Shapes)
describe three kinds of geometrical forms as mathematical objects
r
Circle (r)
a
Square (a)
c
b
a
Triangle (a, b, c)
Mathematically: R
+
R
+
((R
+
R
+
R
+
))
In SML: approximate R
+
by the built-in type real.
datatype shape =
Circle of real
| Square of real
| Triangle of real * real * real
This gives us the constructor functions
Circle : real -> shape
Square : real -> shape
Triangle : real * real * real -> shape
some experiments
- Circle 4.0
Circle 4.0 : shape
- Square 3.0
Square 3.0 : shape
- Triangle(4.0, 3.0, 5.0)
Triangle(4.0, 3.0, 5.0) : shape
a procedure that computes the area of a shape:
- fun area (Circle r) = Math.pi*r*r
| area (Square a) = a*a
| area (Triangle(a,b,c)) = let val s = (a+b+c)/2.0
in Math.sqrt(s*(s-a)*(s-b)*(s-c))
end
val area : shape -> real
New Construct: Standard structure Math (see [SML10])
some experiments
- area (Square 3.0)
9.0 : real
- area (Triangle(6.0, 6.0, Math.sqrt 72.0))
18.0 : real
The beauty of the representation in user-dened types is that this aords powerful abstractions
that allow to structure data (and consequently program functionality). All three kinds of shapes
56
are included in one abstract entity: the type shape, which makes programs like the area function
conceptually simple it is just a function from type shape to type real. The complexity after
all, we are employing three dierent formulae for computing the area of the respective shapes
is hidden in the function body, but is nicely compartmentalized, since the constructor cases in
systematically correspond to the three kinds of shapes.
We see that the combination of user-denable types given by constructors, pattern matching, and
function denition by (constructor) cases give a very powerful structuring mechanism for hetero-
geneous data objects. This makes is easy to structure programs by the inherent qualities of the
data. A trait that other programming languages seek to achieve by object-oriented techniques.
Now, we have seen that inductively dened sets are a basis for computation, we will turn to the
programming language see them at work in concrete setting.
4.4 A Theory of SML: Abstract Data Types and Term Languages
Whats next?
Let us now look at representations
and SML syntax
in the abstract!
We will now develop a theory of the expressions we write down in functional programming lan-
guages.
4.4.1 Abstract Data Types and Ground Constructor Terms
Abstract data types are abstract objects that specify inductively dened sets by declaring their
constructors.
Abstract Data Types (ADT)
Denition 123 Let o
0
:= A
1
, . . . , A
n
be a nite set of symbols, then we call the set
o the set of sorts over the set o
0
, if
o
0
o (base sorts are sorts)
If A, B o, then (A B) o (product sorts are sorts)
If A, B o, then (A B) o (function sorts are sorts)
Denition 124 If c is a symbol and A o, then we call a pair [c: A] a constructor
declaration for c over o.
Denition 125 Let o
0
be a set of symbols and a set of constructor declarations over
o, then we call the pair o
0
, an abstract data type
Example 126 N, [o: N], [s: N N]
Example 127 |N, /(N), |[o: N], [s: N N], [nil : /(N)], [cons: N /(N) /(N)]) In
particular, the term cons(s(o), cons(o, nil)) represents the list [1, 0]
Example 128 o, [ : o], [: o o o], [: o o o]
57
In contrast to SML datatype declarations we allow more than one sort to be declared at one time.
So abstract data types correspond to a group of datatype declarations.
With this denition, we now have a mathematical object for (sequences of) data type declarations
in SML. This is not very useful in itself, but serves as a basis for studying what expressions we
can write down at any given moment in SML. We will cast this in the notion of constructor terms
that we will develop in stages next.
Ground Constructor Terms
Denition 129 Let / := o
0
, T be an abstract data type, then we call a representa-
tion t a ground constructor term of sort T, i
T o
0
and [t : T] T, or
T = AB and t is of the form a, b, where a and b are ground constructor terms of
sorts A and B, or
t is of the form c(a), where a is a ground constructor term of sort A and there is a
constructor declaration [c: A T] T.
We denote the set of all ground constructor terms of sort A with T
g
A
(/) and use T
g
(/) :=
AS
T
g
A
(/).
Denition 130 If t = c(t
t
) then we say that the symbol c is the head of t (write
head(t)). If t = a, then head(t) = a; head(t
1
, t
2
) is undened.
Notation 131 We will write c(a, b) instead of c(a, b) (cf. binary function)
The main purpose of ground constructor terms will be to represent data. In the data type from Ex-
ample 126 the ground constructor term s(s(o)) can be used to represent the unary natural number
2. Similarly, in the abstract data type from Example 127, the term cons(s(s(o)), cons(s(o), nil))
represents the list [2, 1].
Note: that to be a good data representation format for a set S of objects, ground constructor
terms need to
cover S, i.e. that for every object s S there should be a ground constructor term that
represents s.
be unambiguous, i.e. that we can decide equality by just looking at them, i.e. objects s S
and t S are equal, i their representations are.
But this is just what our Peano Axioms are for, so abstract data types come with specialized
Peano axioms, which we can paraphrase as
Peano Axioms for Abstract Data Types
Idea: Sorts represent sets!
Axiom 132 if t is a constructor term of sort T, then t T
Axiom 133 equality on constructor terms is trivial
Axiom 134 only constructor terms of sort T are in T (induction axioms)
58
Example 135 (An Abstract Data Type of Truth Values) We want to build an abstract
data type for the set T, F of truth values and various operations on it: We have looked at the ab-
breviations , , , for and, or, not, and implies. These can be interpreted as functions
on truth values: e.g. (T) = F, . . . . We choose the abstract data type B, [T : B], [F : B],
and have the abstract procedures
: ::B B B; (T, T) T, (T, F) F, (F, T) F, (F, F) F.
: ::B B B; (T, T) T, (T, F) T, (F, T) T, (F, F) F.
: ::B B; (T) F, (F) T,
: ::B B B; (
B
,
B
) ((
B
),
B
)
Note that A implies B, i A is false or B is true.
Subterms
Idea: Well-formed parts of constructor terms are constructor terms again
(maybe of a dierent sort)
Denition 136 Let / be an abstract data type and s and b be terms over /, then we
say that s is an immediate subterm of t, i t = f(s) or t = s, b or t = b, s.
Denition 137 We say that a s is a subterm of t, i s = t or there is an immediate
subterm t
t
of t, such that s is a subterm of t
t
.
Example 138 f(a) is a subterm of the terms f(a) and h((g((f(a)), (f(b))))), and an
immediate subterm of h((f(a))).
Now that we have established how to represent data, we will develop a theory of programs, which
will consist of directed equations in this case. We will do this as theories often are developed;
we start o with a very rst theory will not meet the expectations, but the test will reveal how
we have to extend the theory. We will iterate this procedure of theorizing, testing, and theory
adapting as often as is needed to arrive at a successful theory.
4.4.2 A First Abstract Interpreter
Let us now come up with a rst formulation of an abstract interpreter, which we will rene later
when we understand the issues involved. Since we do not yet, the notions will be a bit vague for
the moment, but we will see how they work on the examples.
59
But how do we compute?
Problem: We can dene functions, but how do we compute them?
Intuition: We direct the equations (l2r) and use them as rules.
Denition 139 If s, t T
g
T
(o
0
, ) are ground constructor terms and head(s) = f,
then we call s t a rule for f.
Example 140 turn (nil) = o and (cons(n, l)) = s((l))
to (nil) o and (cons(n, l)) s((l))
0
, T, then call a triple f::A R; 1 an abstract proce-
dure, i 1 is a set of rules for f. A is called the argument sort and R is called the result
sort of f::A R; 1.
Denition 142 A computation of an abstract procedure p is a sequence of ground
constructor terms t
1
t
2
. . . according to the rules of p. (whatever that means)
Denition 143 An abstract computation is a computation that we can perform in our
heads. (no real world constraints like memory size, time limits)
Denition 144 An abstract interpreter is an imagined machine that performs (abstract)
computations, given abstract procedures.
The central idea here is what we have seen above: we can dene functions by equations. But of
course when we want to use equations for programming, we will have to take some freedom of
applying them, which was useful for proving properties of functions above. Therefore we restrict
them to be applied in one direction only to make computation deterministic.
An Abstract Interpreter (preliminary version)
Denition 145 (Idea) Replace equals by equals! (this is licensed by the rules)
Input: an abstract procedure f::A R; 1 and an argument a T
g
A
(/).
Output: a result r T
g
R
(/).
Process: take the term t := f(a), for each rule (l r) 1, match t against l
If l matches a subterm s of t, instantiate r to r
t
, and replace s in t with r
t
. Take
the result as the new argument.
if not, proceed with the next rule.
Repeat this, until no rule applies
Denition 146 We say that an abstract procedure f::A R; 1 terminates (on a
T
g
A
(/)), i the computation (starting with f(a)) reaches a state, where no rule applies.
Let us now see how this works in an extended example; we use the abstract data type of lists from
Example 127 (only that we abbreviate unary natural numbers).
60
Example: the functions and @ on lists
Consider the abstract procedures ::1(N)1(N) ; (cons(n,l))@((l),cons(n,nil)),(nil)nil])
and @::1(N)1(N) ; @(cons(1,nil),cons(2,nil))cons(1,@(nil,cons(2,nil))),@(nil,l)l])
Then we have the following abstract computation
(cons(2, cons(1, nil))) @((cons(1, nil)), cons(2, nil))
((cons(n, l)) @((l), cons(n, nil)) with n = 2 and l = cons(1, nil))
@((cons(1, nil)), cons(2, nil)) @(@((nil), cons(1, nil)), cons(2, nil))
((cons(n, l)) @((l), cons(n, nil)) with n = 1 and l = nil)
@(@((nil), cons(1, nil)), cons(2, nil)) @(@(nil, cons(1, nil)), cons(2, nil))
((nil) nil)
@(@(nil, cons(1, nil)), cons(2, nil)) @(cons(1, nil), cons(2, nil))
(@(nil, l) l with l = cons(1, nil))
@(cons(1, nil), cons(2, nil)) cons(1, @(nil, cons(2, nil)))
(@(cons(n, l), r) cons(n, @(l, r)) with n = 1, l = nil, and r = cons(2, nil))
cons(1, @(nil, cons(2, nil))) cons(1, cons(2, nil)) (@(nil, l) l with l = cons(2, nil))
Aha: terminates on the argument cons(2, cons(1, nil))
Now lets get back to theory, unfortunately we do not have the means to write down rules: they
contain variables, which are not allowed in ground constructor rules. So what do we do in this
situation, we just extend the denition of the expressions we are allowed to write down.
Constructor Terms with Variables
Wait a minute!: what are these rules in abstract procedures?
Answer: pairs of constructor terms (really constructor terms?)
Idea: variables stand for arbitrary constructor terms (lets make this formal)
Denition 147 Let o
0
, T be an abstract data type. A (constructor term) variable is
a pair of a symbol and a base sort. E.g. x
A
, n
N1
, x
C
3,. . . .
Denition 148 We denote the current set of variables of sort A with 1
A
, and use
1 :=
AS
0 1
A
for the set of all variables.
Idea: add the following rule to the denition of constructor terms
variables of sort A o
0
are constructor terms of sort A.
Denition 149 If t is a constructor term, then we denote the set of variables occurring
in t with free(t). If free(t) = , then we say t is ground or closed.
To have everything at hand, we put the whole denition onto one slide.
61
Constr. Terms with Variables: The Complete Denition
Denition 150 Let o
0
, T be an abstract data type and 1 a set of variables, then we
call a representation t a constructor term (with variables from 1) of sort T, i
T o
0
and [t : T] T, or
t 1
T
is a variable of sort T o
0
, or
T = A B and t is of the form a, b, where a and b are constructor terms with
variables of sorts A and B, or
t is of the form c(a), where a is a constructor term with variables of sort A and there
is a constructor declaration [c: A T] T.
We denote the set of all constructor terms of sort A with T
A
(/; 1) and use T (/; 1) :=
AS
T
A
(/; 1).
Now that we have extended our model of terms with variables, we will need to understand how to
use them in computation. The main intuition is that variables stand for arbitrary terms (of the
right sort). This intuition is modeled by the action of instantiating variables with terms, which in
turn is the operation of applying a substitution to a term.
4.4.3 Substitutions
Substitutions are very important objects for modeling the operational meaning of variables: ap-
plying a substitution to a term instantiates all the variables with terms in it. Since a substitution
only acts on the variables, we simplify its representation, we can view it as a mapping from vari-
ables to terms that can be extended to a mapping from terms to terms. The natural way to dene
substitutions would be to make them partial functions from variables to terms, but the denition
below generalizes better to later uses of substitutions, so we present the real thing.
Substitutions
Denition 151 Let / be an abstract data type and (1 T (/; 1)), then we call
a substitution on /, i (x
A
) T
A
(/; 1), and supp() := x
A
1
A
[ (x
A
) ,= x
A
is nite. supp() is called the support of .

Notation 152 We denote the substitution with supp() = x
i
Ai
[ 1 i n and
(x
i
Ai
) = t
i
by [t
1
/x
1
A1
], . . ., [t
n
/x
n
An
].
Denition 153 (Substitution Application) Let / be an abstract data type, a
substitution on /, and t T (/; 1), then then we denote the result of systematically
replacing all variables x
A
in t by (x
A
) by (t). We call (t) the application of to t.
With this denition we extend a substitution from a function : 1 T (/; 1) to a
function : T (/; 1) T (/; 1).
Denition 154 Let s and t be constructor terms, then we say that s matches t, i
there is a substitution , such that (s) = t. is called a matcher that instantiates s to
t.
Example 155 [a/x], [(f(b))/y], [a/z] instantiates g(x, y, (h(z))) to
g(a, (f(b)), (h(a))). (sorts irrelevant here)
62
Note that we we have dened constructor terms inductively, we can write down substitution
application as a recursive function over the inductively dened set.
Substitution Application (The Recursive Denition)
We give the dening equations for substitution application
[t/x
A
](x) = t
[t/x
A
](y) = y if x ,= y.
[t/x
A
](a, b) = [t/x
A
](a), [t/x
A
](b)
[t/x
A
](f(a)) = f([t/x
A
](a))
this denition uses the inductive structure of the terms.
Denition 156 (Substitution Extension) Let be a substitution, then
we denote with , [t/x
A
] the function y
B
, t [ y
B
,= x
A
x
A
, t.
(, [t/x
A
] coincides with o x
A
, and gives the result t there.)
Note: If is a substitution, then , [t/x
A
] is also a substitution.
The extension of a substitution is an important operation, which you will run into from time to
time. The intuition is that the values right of the comma overwrite the pairs in the substitution
on the left, which already has a value for x
A
, even though the representation of may not show
it.
Note that the use of the comma notation for substitutions dened in Notation 152 is consistent with
substitution extension. We can view a substitution [a/x], [(f(b))/y] as the extension of the empty
substitution (the identity function on variables) by [f(b)/y] and then by [a/x]. Note furthermore,
that substitution extension is not commutative in general.
Now that we understand variable instantiation, we can see what it gives us for the meaning of rules:
we get all the ground constructor terms a constructor term with variables stands for by applying
all possible substitutions to it. Thus rules represent ground constructor subterm replacement
actions in a computations, where we are allowed to replace all ground instances of the left hand
side of the rule by the corresponding ground instance of the right hand side.
4.4.4 A Second Abstract Interpreter
Unfortunately, constructor terms are still not enough to write down rules, as rules also contain
the symbols from the abstract procedures.
63
Are Constructor Terms Really Enough for Rules?
Example 157 (cons(n, l)) @((l), cons(n, nil)). ( is not a constructor)
Idea: need to include dened functions.
0
, T be an abstract data type with A o, f , T be a
symbol, then we call a pair [f : A] a parameter declaration for f over o.
We call a nite set of parameter declarations a signature over /, if is a partial
function. (unique sorts)
add the following rules to the denition of constructor terms
T o
0
and [p: T] , or
t is of the form f(a), where a is a constructor term of sort A and there is a parameter
declaration [f : A T] .
we call the the resulting structures simply terms over /, , and 1 (the set of variables
we use). We denote the set of terms of sort A with T
A
(/, ; 1).
Again, we combine all of the rules for the inductive construction of the set of terms in one slide
for convenience.
Terms: The Complete Denition
Idea: treat parameters (from ) and constructors (from T) at the same time.
Denition 159 Let o
0
, T be an abstract data type, and a signature over /, then
we call a representation t a term of sort T (over / and ), i
T o
0
and [t : T] (T ), or
t 1
T
and T o
0
, or
T = A B and t is of the form a, b, where a and b are terms of sorts A and B, or
t is of the formc(a), where a is a term of sort A and there is a declaration [c: A T]
(T ).
We have to strengthen the restrictions on what we allow as rules, so that matching of rule heads
becomes unique (remember that we want to take the choice out of interpretation).
Furthermore, we have to get a grip on the signatures involved with programming. The intuition
here is that each abstract procedure introduces a new parameter declaration, which can be used in
subsequent abstract procedures. We formalize this notion with the concept of an abstract program,
i.e. a sequence of abstract procedures over the underlying abstract data type that behave well
with respect to the induced signatures.
64
Abstract Programs
Denition 160 (Abstract Procedures (nal version)) Let / := o
0
, T be an
abstract data type, a signature over /, and f , (dom(T) dom()) a symbol, then
we call l r a rule for [f : A B] over , if l = f(s) for some s T
A
(T; 1) that
has no duplicate variables and r T
B
(T, ; 1). We say that the parameter declaration
[f : A B] is induced by s t.
We call a quadruple T := f::A R; 1 an abstract procedure over , i 1 is a set of
rules for [f : A R]. We say that T induces the parameter declaration [f : A R].
Denition 161 (Abstract Programs) Let / := o
0
, T be an abstract data type,
and T := T
1
, . . . , T
n
a sequence of abstract procedures, then we call T an abstract
Program with signature over /, if the T
i
induce (the parameter declarations) in and
n = 0 and = or
T = T
t
, T
n
where T
t
is an abstract program over
t
and T
n
is an abstract procedure
over
t
.
Now, we have all the prerequisites for the full denition of an abstract interpreter.
An Abstract Interpreter (second version)
Denition 162 (Abstract Interpreter (second try)) Let a
0
:= a repeat the fol-
lowing as long as possible:
choose (l r) 1, a subterm s of a
i
and matcher , such that (l) = s.
let a
i+1
be the result of replacing s in a with (r).
Denition 163 We say that an abstract procedure T := f::A R; 1 terminates
(on a T
A
(/, ; 1)), i the computation (starting with a) reaches a state, where no rule
applies. Then a
n
is the result of T on a
Question: Do abstract procedures always terminate?
Question: Is the result a
n
always a constructor term?
4.4.5 Evaluation Order and Termination
To answer the questions remaining from the second abstract interpreter we will rst have to think
some more about the choice in this abstract interpreter: a fact we will use, but not prove here is
we can make matchers unique once a subterm is chosen. Therefore the choice of subterm is all
that we need wo worry about. And indeed the choice of subterm does matter as we will see.
65
Evaluation Order in SML
Remember in the denition of our abstract interpreter:
choose a subterm s of a
i
, a rule (l r) 1, and a matcher , such that (l) = s.
let a
i+1
Once we have chosen s, the choice of rule and matcher become unique
(under reasonable side-conditions we cannot express yet)
Example 164 sometimes there we can choose more than one s and rule.
fun problem n = problem(n)+2;
datatype mybool = true | false;
fun myif(true,a,_) = a | myif(false,_,b) = b;
myif(true,3,problem(1));
SML is a call-by-value language (values of arguments are computed rst)
As we have seen in the example, we have to make up a policy for choosing subterms in evaluation
to fully specify the behavior of our abstract interpreter. We will make the choice that corresponds
to the one made in SML, since it was our initial goal to model this language.
An abstract call-by-value Interpreter

Denition 165 (Call-by-Value Interpreter (nal)) We can now dene a ab-
stract call-by-value interpreter by the following process:
Let s be the leftmost (of the) minimal subterms s of a
i
, such that there is a rule
l r 1 and a substitution , such that (l) = s.
let a
i+1
Note: By this paragraph, this is a deterministic process, which can be implemented, once
we understand matching fully (not covered in GenCS)
The name call-by-value comes from the fact that data representations as ground constructor
terms are sometimes also called values and the act of computing a result for an (abstract)
procedure applied to a bunch of argument is sometimes referred to as calling an (abstract)
procedure. So we can understand the call-by-value policy as restricting computation to the
case where all of the arguments are already values (i.e. fully computed to ground terms).
Other programming languages chose another evaluation policy called call-by-reference, which
can be characterized by always choosing the outermost subterm that matches a rule. The most
notable one is the Haskell language [Hut07, OSG08]. These programming languages are sometimes
lazy languages, since they are uniquely suited for dealing with objects that are potentially innite
in some form. In our example above, we can see the function problem as something that computes
positive innity. A lazy programming language would not be bothered by this and return the value
3.
Example 166 A lazy language language can even quite comfortably compute with possibly in-
nite objects, lazily driving the computation forward as far as needed. Consider for instance the
following program:
66
myif(problem(1) > 999,"yes","no");
In a call-by-reference policy we would try to compute the outermost subterm (the whole expres-
sion in this case) by matching the myif rules. But they only match if there is a true or false as
the rst argument, which is not the case. The same is true with the rules for >, which we assume
to deal lazily with arithmetical simplication, so that it can nd out that x +1000 > 999. So the
outermost subterm that matches is problem(1), which we can evaluate 500 times to obtain true.
Then and only then, the outermost subterm that matches a rule becomes the myif subterm and
we can evaluate the whole expression to true.
Let us now turn to the question of termination of abstract procedures in general. Termination is
a very dicult problem as Example 167 shows. In fact all cases that have been tried (n) diverges
into the sequence 4, 2, 1, 4, 2, 1, . . ., and even though there is a huge literature in mathematics
about this problem, a proof that diverges on all arguments is still missing.
Another clue to the diculty of the termination problem is (as we will see) that there cannot be
a a program that reliably tells of any program whether it will terminate.
But even though the problem is dicult in full generality, we can indeed make some progress
on this. The main idea is to concentrate on the recursive calls in abstract procedures, i.e. the
arguments of the dened function in the right hand side of rules. We will see that the recursion
relation tells us a lot about the abstract procedure.
Analyzing Termination of Abstract Procedures
Example 167 : N
1
N
1
, where (n) 3(n) + 1 for n odd and (n) (n)/2
for n even. (does this procedure terminate?)
Denition 168 Let f::A R; 1 be an abstract procedure, then we call a pair a, b
a recursion step, i there is a rule f(x) y, and a substitution , such that (x) = a
and (y) contains a subterm f(b).
Example 169 4, 3 is a recursion step for : N
1
N
1
with (o) o and (s(n))
n +(n)
Denition 170 We call an abstract procedure T recursive, i it has a recursion step.
We call the set of recursion steps of T the recursion relation of T.
Idea: analyze the recursion relation for termination.
Now, we will dene termination for arbitrary relations and present a theorem (which we do not
really have the means to prove in GenCS) that tells us that we can reason about termination of ab-
stract procedures complex mathematical objects at best by reasoning about the termination
of their recursion relations simple mathematical objects.
67
Termination
Denition 171 Let R A
2
be a binary relation, an innite chain in R is a sequence
a
1
, a
2
, . . . in A, such that n N
1
.a
n
, a
n+1
R.
We say that R terminates (on a A), i there is no innite chain in R (that begins with
a). We say that T diverges (on a A), i it does not terminate on a.
Theorem 172 Let T = f::A R; 1 be an abstract procedure and a T
A
(/, ; 1),
then T terminates on a, i the recursion relation of T does.
Denition 173 Let T = f::A R; 1 be an abstract procedure, then we call the
function a, b [ a T
A
(/, ; 1) and T terminates for a with b in A B the result
function of T.
Theorem 174 Let T = f::A B; T be a terminating abstract procedure, then its
result function satises the equations in T.
We should read Theorem 174 as the nal clue that abstract procedures really do encode func-
tions (under reasonable conditions like termination). This legitimizes the whole theory we have
developed in this section.
Abstract vs. Concrete Procedures vs. Functions
An abstract procedure T can be realized as concrete procedure T
t
in a programming
language
Correctness assumptions (this is the best we can hope for)
If the T
t
terminates on a, then the T terminates and yields the same result on a.
If the T diverges, then the T
t
diverges or is aborted (e.g. memory exhaustion or
buer overow)
Procedures are not mathematical functions (diering identity conditions)
compare : N
1
N
1
with (o) o, (s(n)) n +(n)
with
t
: N
1
N
1
with
t
(o) 0,
t
(s(n)) ns(n)/2
these have the same result function, but is recursive while
t
is not!
Two functions are equal, i they are equal as sets, i they give the same results on
all arguments
4.5 More SML: Recursion in the Real World
We will now look at some concrete SML functions in more detail. The problem we will consider is
that of computing the n
th
Fibonacci number. In the famous Fibonacci sequence, the n
th
element
is obtained by adding the two immediately preceding ones.
This makes the function extremely simple and straightforward to write down in SML. If we look
at the recursion relation of this procedure, then we see that it can be visualized a tree, as each
natural number has two successors (as the the function fib has two recursive calls in the step
case).
68
Consider the Fibonacci numbers
Fibonacci sequence: 0, 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, 144, . . .
generally: f
n+1
:= f
n
+f
n1
plus start conditions
easy to program in SML:
fun fib (0) = 0 |fib (1) = 1 | fib (n:int) = fib (n-1) + fib(n-2);
Let us look at the recursion relation: n, n 1, n, n 2 [ n N (it is a tree!)
1 0
2 1 0
2
1 0
2
1 0
2 1 0
2
3
1
3
1
3
1
4
5 4
6
Another thing we see by looking at the recursion relation is that the value fib(k) is computed
nk+1 times while computing fib(k). All in all the number of recursive calls will be exponential
in n, in other words, we can only compute a very limited initial portion of the Fibonacci sequence
(the rst 41 numbers) before we run out of time.
The main problem in this is that we need to know the last two Fibonacci numbers to com-
pute the next one. Since we cannot remember any values in functional programming we take
advantage of the fact that functions can return pairs of numbers as values: We dene an auxiliary
function fob (for lack of a better name) does all the work (recursively), and dene the function
fib(n) as the rst element of the pair fob(n).
The function fob(n) itself is a simple recursive procedure with one! recursive call that returns
the last two values. Therefore, we use a let expression, where we place the recursive call in the
declaration part, so that we can bind the local variables a and b to the last two Fibonacci numbers.
That makes the return value very simple, it is the pair (b,a+b).
A better Fibonacci Function
Idea: Do not re-compute the values again and again!
keep them around so that we can re-use them.
(e.g. let fib compute the two last two numbers)
fun fob 0 = (0,1)
| fob 1 = (1,1)
| fob (n:int) =
let
val (a:int, b:int) = fob(n-1)
in
(b,a+b)
end;
fun fib (n) = let val (b:int,_) = fob(n) in b end;
Works in linear time! (unfortunately, we cannot see it, because SML Int are too small)
69
If we run this function, we see that it is indeed much faster than the last implementation. Unfor-
tunately, we can still only compute the rst 44 Fibonacci numbers, as they grow too fast, and we
reach the maximal integer in SML.
Fortunately, we are not stuck with the built-in integers in SML; we can make use of more
sophisticated implementations of integers. In this particular example, we will use the module
IntInf (innite precision integers) from the SML standard library (a library of modules that
comes with the SML distributions). The IntInf module provides a type IntINF.int and a set of
innite precision integer functions.
A better, larger Fibonacci Function
Idea: Use a type with more Integers (Fortunately, there is IntInf)
use "/usr/share/smlnj/src/smlnj-lib/Util/int-inf.sml";
val zero = IntInf.fromInt 0;
val one = IntInf.fromInt 1;
fun bigfob (0) = (zero,one)
| bigfob (1) = (one,one)
| bigfob (n:int) = let val (a, b) = bigfob(n-1) in (b,IntInf.+(a,b)) end;
fun bigfib (n) = let val (a, _) = bigfob(n) in IntInf.toString(a) end;
We have seen that functions are just objects as any others in SML, only that they have functional
type. If we add the ability to have more than one declaration at at time, we can combine function
declarations for mutually recursive function denitions. In a mutually recursive denition we
dene n functions at the same time; as an eect we can use all of these functions in recursive calls.
In our example below, we will dene the predicates even and odd in a mutual recursion.
Mutual Recursion
generally, we can make more than one declaration at one time, e.g.
- val pi = 3.14 and e = 2.71;
val pi = 3.14
val e = 2.71
this is useful mainly for function declarations, consider for instance:
fun even (zero) = true
| even (suc(n)) = odd (n)
and odd (zero) = false
| odd(suc(n)) = even (n)
trace: (even(4) odd(3) even(2) odd(1) even(0) true)
This mutually recursive denition is somewhat like the childrens riddle, where we dene the left
hand as that hand where the thumb is on the right side and the right hand as that where the
thumb is on the right hand. This is also a perfectly good mutual recursion, only in contrast to
the even/odd example above the base cases are missing.
70
4.6 Even more SML: Exceptions and State in SML
Programming with Eects
Until now, our procedures have been characterized entirely by their values on their
arguments (as a mathematical function behaves)
This is not enough, therefore SML also considers eects, e.g. for
input/output: the interesting bit about a print statement is the eect
mutation: allocation and modication of storage during evaluation
communication: data may be sent and received over channels
exceptions: abort evaluation by signaling an exceptional condition
Idea: An eect is any action resulting from an evaluation that is not returning a value
(formal denition dicult)
Documentation: should always address arguments, values, and eects!
Raising Exceptions
Idea: Exceptions are generalized error codes
Example 175 predened exceptions (exceptions have names)
- 3 div 0;
uncaught exception divide by zero
raised at: <file stdIn>
- fib(100);
uncaught exception overflow
raised at: <file stdIn>
Example 176 user-dened exceptions (exceptions are rst-class objects)
- exception Empty;
exception Empty
- Empty;
val it = Empty : exn
Example 177 exception constructors (exceptions are just like any other value)
- exception SysError of int;
exception SysError of int;
- SysError
val it = fn : int -> exn
71
Programming with Exceptions
Example 178 A factorial function that checks for non-negative arguments
(just to be safe)
exception Factorial;
- fun safe_factorial n =
if n < 0 then raise Factorial
else if n = 0 then 1
else n * safe_factorial (n-1)
val safe_factorial = fn : int -> int
- safe_factorial(~1);
uncaught exception Factorial
raised at: stdIn:28.31-28.40
unfortunately, this program checks the argument in every recursive call
Programming with Exceptions (next attempt)
Idea: make use of local function denitions that do the real work
- local
fun fact 0 = 1 | fact n = n * fact (n-1)
in
fun safe_factorial n =
if n >= 0 then fact n else raise Factorial
end
val safe_factorial = fn : int -> int
- safe_factorial(~1);
uncaught exception Factorial
raised at: stdIn:28.31-28.40
this function only checks once, and the local function makes good use of pattern matching
( standard programming pattern)
72
Handling Exceptions
Denition 179 (Idea) Exceptions can be raised (through the evaluation pattern) and
handled somewhere above (throw and catch)
Consequence: Exceptions are a general mechanism for non-local transfers of control.
Denition 180 (SML Construct) exception handler: exp handle rules
Example 181 Handling the Factorial expression
fun factorial_driver () =
let val input = read_integer ()
val result = toString (safe_factorial input)
in
print result
end
handle Factorial => print "Outofrange."
| NaN => print "NotaNumber!"
For more information on SML: RTFM (read the ne manuals)
Input and Output in SML
Input and Output is handled via streams (think of innite strings)
there are two predened streams TextIO.stdIn and TextIO.stdOut
( = keyboard input and screen)
Input: via {TextIO.inputLine : TextIO.instream -> string
- TextIO.inputLine(TextIO.stdIn);
sdflkjsdlfkj
val it = "sdflkjsdlfkj" : string
Example 182 the read_integer function (just to be complete)
exception NaN; (* Not a Number *)
fun read_integer () =
let
val in = TextIO.inputLine(TextIO.stdIn);
in
if is_integer(in) then to_int(in) else raise NaN
end;
73
5 Encoding Programs as Strings
With the abstract data types we looked at last, we studied term structures, i.e. complex mathe-
matical objects that were built up from constructors, variables and parameters. The motivation
for this is that we wanted to understand SML programs. And indeed we have seen that there is a
close connection between SML programs on the one side and abstract data types and procedures
on the other side. However, this analysis only holds on a very high level, SML programs are not
terms per se, but sequences of characters we type to the keyboard or load from les. We only
interpret them to be terms in the analysis of programs.
To drive our understanding of programs further, we will rst have to understand more about se-
quences of characters (strings) and the interpretation process that derives structured mathematical
objects (like terms) from them. Of course, not every sequence of characters will be interpretable,
so we will need a notion of (legal) well-formed sequence.
5.1 Formal Languages
We will now formally dene the concept of strings and (building on that) formal langauges.
The Mathematics of Strings
Denition 183 An alphabet A is a nite set; we call each element a A a character,
and an n-tuple of s A
n
a string (of length n over A).
Denition 184 Note that A
0
= , where is the (unique) 0-tuple. With the
denition above we consider as the string of length 0 and call it the empty string and
denote it with
Note: Sets ,= Strings, e.g. 1, 2, 3 = 3, 2, 1, but 1, 2, 3 , = 3, 2, 1.
Notation 185 We will often write a string c
1
, . . . , c
n
as c
1
. . . c
n
, for instance abc
for a, b, c
Example 186 Take A = h, 1, / as an alphabet. Each of the symbols h, 1, and / is
a character. The vector /, /, 1, h, 1 is a string of length 5 over A.
Denition 187 (String Length) Given a string s we denote its length with [s[.
Denition 188 The concatenation conc(s, t) of two strings s = s
1
, ..., s
n
A
n
and
t = t
1
, ..., t
m
A
m
is dened as s
1
, ..., s
n
, t
1
, ..., t
m
A
n+m
.
We will often write conc(s, t) as s +t or simply st
(e.g. conc(text, book) = text + book = textbook)
We have multiple notations for concatenation, since it is such a basic operation, which is used
so often that we will need very short notations for it, trusting that the reader can disambiguate
based on the context.
Now that we have dened the concept of a string as a sequence of characters, we can go on to
give ourselves a way to distinguish between good strings (e.g. programs in a given programming
language) and bad strings (e.g. such with syntax errors). The way to do this by the concept of a
formal language, which we are about to dene.
74
Formal Languages
Denition 189 Let A be an alphabet, then we dene the sets A
+
:=
iN
+ A
i
of
nonempty strings and A
:= A
+
of strings.
Example 190 If A = a, b, c, then A
= , a, b, c, aa, ab, ac, ba, . . ., aaa, . . ..

Denition 191 A set L A
is called a formal language in A.

Denition 192 We use c
[n]
for the string that consists of n times c.
Example 193 #
[5]
= #, #, #, #, #
Example 194 The set M = ba
[n]
[ n N of strings that start with character b
followed by an arbitrary numbers of as is a formal language in A = a, b.
Denition 195 The concatenation conc(L
1
, L
2
) of two languages L
1
and L
2
over the
same alphabet is dened as conc(L
1
, L
2
) := s
1
s
2
[ s
1
L
1
s
2
L
2
.
There is a common misconception that a formal language is something that is dicult to under-
stand as a concept. This is not true, the only thing a formal language does is separate the good
from the bad strings. Thus we simply model a formal language as a set of stings: the good
strings are members, and the bad ones are not.
Of course this denition only shifts complexity to the way we construct specic formal languages
(where it actually belongs), and we have learned two (simple) ways of constructing them by
repetition of characters, and by concatenation of existing languages.
Substrings and Prexes of Strings
Denition 196 Let A be an alphabet, then we say that a string s A
is a substring
of a string t A
(written s t), i there are strings v, w A
, such that t = vsw.

Example 197 conc(/, 1, h) is a substring of conc(/, /, 1, h, 1), whereas conc(/, 1, 1) is
not.
Denition 198 A string p is a called a prex of s (write p s), i there is a string t,
such that s = conc(p, t). p is a proper prex of s (write p s), i t ,= .
Example 199 text is a prex of textbook = conc(text, book).
Note: A string is never a proper prex of itself.
We will now dene an ordering relation for formal languages. The nice thing is that we can induce
an ordering on strings from an ordering on characters, so we only have to specify that (which is
simple for nite alphabets).
75
Lexical Order
Denition 200 Let A be an alphabet and <
A
a partial order on A, then we dene a
relation <
lex
on A
by
s <
lex
t : s t (u, v, w A
.a, b A.s = wau t = wbv (a <

A
b))
for s, t A
. We call <
lex
the lexical order induced by <
A
on A
.
Theorem 201 <
lex
is a partial order. If <
A
is dened as total order, then <
lex
is total.
Example 202 Roman alphabet with a<b<c <z telephone book order
((computer <
lex
text), (text <
lex
textbook))
Even though the denition of the lexical ordering is relatively involved, we know it very well, it is
the ordering we know from the telephone books.
The next task for understanding programs as mathematical objects is to understand the process
of using strings to encode objects. The simplest encodings or codes are mappings from strings
to strings. We will now study their properties.
5.2 Elementary Codes
The most characterizing property for a code is that if we encode something with this code, then
we want to be able to decode it again: We model a code as a function (every character should
have a unique encoding), which has a partial inverse (so we can decode). We have seen above,
that this is is the case, i the function is injective; so we take this as the dening characteristic of
a code.
Character Codes
Denition 203 Let A and B be alphabets, then we call an injective function c: A
B
+
a character code. A string c(w) c(a) [ a A := B
+
is called a codeword.
Denition 204 A code is a called binary i B = 0, 1.
Example 205 Let A = a, b, c and B = 0, 1, then c: A B
+
with c(a) = 0011,
c(b) = 1101, c(c) = 0110 c is a binary character code and the strings 0011, 1101, and
0110 are the codewords of c.
Denition 206 The extension of a code (on characters) c: A B
+
to a function
c
t
: A
is dened as c
t
(a
1
, . . . , a
n
= c(a
1
), . . . , c(a
n
)).
Example 207 The extension c
t
of c from the above example on the string bbabc
c
t
(bbabc) = 1101
..
c(b)
, 1101
..
c(b)
, 0011
..
c(a)
, 1101
..
c(b)
, 0110
..
c(c)
76
Morse Code
In the early days of telecommunication the Morse Code was used to transmit texts,
using long and short pulses of electricity.
Denition 208 (Morse Code) The following table gives the Morse code for the text
characters:
A .- B -... C -.-. D -.. E .
F ..-. G . H .... I .. J .
K -.- L .-.. M N -. O
P .. Q .- R .-. S ... T -
U ..- V ...- W . X -..- Y -.
Z ..
1 .- 2 .. 3 ... 4 ....- 5 .....
6 -.... 7 ... 8 .. 9 -. 0
Furthermore, the Morse code uses ... for full stop (sentence termination), ..
for comma, and .... for question mark.
Example 209 The Morse Code in the table above induces a character code : 1
., .
Codes on Strings
Denition 210 A function c
t
: A
is called a code on strings or short string code

if c
t
is an injective function.
Theorem 211 (
*
) There are character codes whose extensions are not string codes.
Proof: we give an example
P.1 Let A = a, b, c, B = 0, 1, c(a) = 0, c(b) = 1, and c(c) = 01.
P.2 The function c is injective, hence it is a character code.
P.3 But its extension c
t
is not injective as c
t
(ab) = 01 = c
t
(c).
Question: When is the extension of a character code a string code?
(so we can encode strings)
Denition 212 A (character) code c: A B
+
is a prex code i none of the code-
words is a proper prex to an other codeword, i.e.,
x, y A.x ,= y (c(x) , c(y) c(y) , c(x))
We will answer the question above by proving one of the central results of elementary coding
theory: prex codes induce string codes. This plays back the innite task of checking that a string
code is injective to a nite task (checking whether a character code is a prex code).
77
Prex Codes induce Codes on Strings
Theorem 213 The extension c
t
: A
of a prex code c: A B
+
is a string
code.
Proof: We will prove this theorem via induction over the string length n
P.1 We show that c
is injective (decodable) on strings of length n N.

P.1.1 n = 0 (base case): If [s[ = 0 then c
() = , hence c
is injective.
P.1.2 n = 1 (another): If [s[ = 1 then c
= c thus injective, as c is char. code.

P.1.3 Induction step (n = n + 1):
P.1.3.1 Let a = a0, . . ., an, and we only know c
(a) = c(a0), . . ., c(an).

P.1.3.2 It is easy to nd c(a0) in c
(a): It is the prex of c
(a) that is in c(A). This is uniquely

determined, since c is a prex code. If there were two distinct ones, one would have to be
a prex of the other, which contradicts our assumption that c is a prex code.
P.1.3.3 If we remove c(a0) from c(a), we only have to decode c(a1), . . ., c(an), which we can
do by inductive hypothesis.
P.2 Thus we have considered all the cases, and proven the assertion.
Now, checking whether a code is a prex code can be a tedious undertaking: the naive algorithm
for this needs to check all pairs of codewords. Therefore we will look at a couple of properties of
character codes that will ensure a prex code and thus decodeability.
Sucient Conditions for Prex Codes
Theorem 214 If c is a code with [c(a)[ = k for all a A for some k N, then c is
prex code.
Proof: by contradiction.
P.1 If c is not at prex code, then there are a, b A with c(a) c(b).
P.2 clearly [c(a)[ < [c(b)[, which contradicts our assumption.
Theorem 215 Let c: A B
+
be a code and , B be a character, then there is a
prex code c
: A (B )
+
, such that c(a) c
(a), for all a A.

Proof: Let c
(a) := c(a) + for all a A.

P.1 Obviously, c(a) c
(a).
P.2 If c
is not a prex code, then there are a, b A with c
(a) c
(b).
P.3 So, c
(b) contains the character not only at the end but also somewhere in the
middle.
P.4 This contradicts our construction c
(b) = c(b) + , where c(b) B

+
5.3 Character Codes in the Real World
We will now turn to a class of codes that are extremely important in information technology:
character encodings. The idea here is that for IT systems we need to encode characters from
78
our alphabets as bit strings (sequences of binary digist 0 and 1) for representation in computers.
Indeed the Morse code we have seen above can be seen as a very simple example of a character
encoding that is geared towards the manual transmission of natural languges over telegraph lines.
For the encoding of written texts we need more extensive codes that can e.g. distinguish upper
and lowercase letters.
The ASCII code we will introduce here is one of the rst standardized and widely used character
encodings for a complete alphabet. It is still widely used today. The code tries to strike a balance
between a being able to encode a large set of characters and the representational capabiligies
in the time of punch cards (cardboard cards that represented sequences of binary numbers by
rectangular arrays of dots).
11
EdNote:11
The ASCII Character Code
Denition 216 The American Standard Code for Information Interchange (ASCII)
code assigns characters to numbers 0-127
Code 0 1 2 3 4 5 6 7 8 9 A B C D E F
0 NUL SOH STX ETX EOT ENQ ACK BEL BS HT LF VT FF CR SO SI
1 DLE DC1 DC2 DC3 DC4 NAK SYN ETB CAN EM SUB ESC FS GS RS US
2 ! # $ % &

( ) + , . /
3 0 1 2 3 4 5 6 7 8 9 : ; < = > ?
4 @ A B C D E F G H I J K L M N O
5 P Q R S T U V W X Y Z [ \ ]
6 a b c d e f g h i j k l m n o
7 p q r s t u v w x y z ] ] DEL
The rst 32 characters are control characters for ASCII devices like printers
Motivated by punchcards: The character 0 (binary 000000) carries no information NUL,
(used as dividers)
Character 127 (binary 1111111) can be used for deleting (overwriting) last value
(cannot delete holes)
The ASCII code was standardized in 1963 and is still prevalent in computers today
(but seen as US-centric)
11
EdNote: is the 7-bit grouping really motivated by the cognitive limit?
79
A Punchcard
A punch card is a piece of sti paper that contains digital information represented by the
presence or absence of holes in predened positions.
Example 217 This punch card encoded the Fortran statement Z(1) = Y + W(1)
The ASCII code as above has a variety of problems, for instance that the control characters are
mostly no longer in use, the code is lacking many characters of languages other than the English
language it was developed for, and nally, it only uses seven bits, where a byte (eight bits) is the
preferred unit in information technology. Therefore there have been a whole zoo of extensions,
which due to the fact that there were so many of them never quite solved the encoding
problem.
Problems with ASCII encoding
Problem: Many of the control characters are obsolete by now (e.g. NUL,BEL, or DEL)
Problem: Many European characters are not represented (e.g. `e, n, u,,. . . )
European ASCII Variants: Exchange less-used characters for national ones
Example 218 (German ASCII) remap e.g. [

A, ]

U in German ASCII
(Apple ][ comes out as Apple

U
A)
Denition 219 (ISO-Latin (ISO/IEC 8859)) 16 Extensions of ASCII to 8-bit
(256 characters) ISO-Latin 1 = Western European, ISO-Latin 6 = Arabic,ISO-Latin 7 =
Greek. . .
Problem: No cursive Arabic, Asian, African, Old Icelandic Runes, Math,. . .
Idea: Do something totally dierent to include all the worlds scripts: For a scalable
architecture, separate
what characters are available from the (character set)
bit string-to-character mapping (character encoding)
80
The goal of the UniCode standard is to cover all the worlds scripts (past, present, and future) and
provide ecient encodings for them. The only scripts in regular use that are currently excluded
are ctional scripts like the elvish scripts from the Lord of the Rings or Klingon scripts from the
Star Trek series.
An important idea behind UniCode is to separate concerns between standardizing the character
set i.e. the set of encodable characters and the encoding itself.
Unicode and the Universal Character Set
Denition 220 (Twin Standards) A scalable Architecture for representing all the
worlds scripts
The Universal Character Set dened by the ISO/IEC 10646 International Standard,
is a standard set of characters upon which many character encodings are based.
The Unicode Standard denes a set of standard character encodings, rules for nor-
malization, decomposition, collation, rendering and bidirectional display order
Denition 221 Each UCS character is identied by an unambiguous name and an
integer number called its code point.
The UCS has 1.1 million code points and nearly 100 000 characters.
Denition 222 Most (non-Chinese) characters have code points in [1, 65536] (the basic
multilingual plane).
Notation 223 For code points in the Basic Multilingual Plane (BMP), four digits are
used, e.g. U+0058 for the character LATIN CAPITAL LETTER X;
Note that there is indeed an issue with space-ecient encoding here. UniCode reserves space for
2
32
(more than a million) characters to be able to handle future scripts. But just simply using
32 bits for every UniCode character would be extremely wasteful: UniCode-encoded versions of
ASCII les would be four times as large.
Therefore UniCode allows multiple encodings. UTF-32 is a simple 32-bit code that directly uses
the code points in binary form. UTF-8 is optimized for western languages and coincides with
the ASCII where they overlap. As a consequence, ASCII encoded texts can be decoded in UTF-8
without changes but in the UTF-8 encoding, we can also address all other UniCode characters
(using multi-byte characters).
81
Character Encodings in Unicode
Denition 224 A character encoding is a mapping from bit strings to UCS code points.
Idea: Unicode supports multiple encodings (but not character sets) for eciency
Denition 225 (Unicode Transformation Format) UTF-8, 8-bit, variable-
width encoding, which maximizes compatibility with ASCII.
UTF-16, 16-bit, variable-width encoding (popular in Asia)
UTF-32, a 32-bit, xed-width encoding (for safety)
Denition 226 The UTF-8 encoding follows the following encoding scheme
Unicode Byte1 Byte2 Byte3 Byte4
U+000000 U+00007F 0xxxxxxx
U+000080 U+0007FF 110xxxxx 10xxxxxx
U+000800 U+00FFFF 1110xxxx 10xxxxxx 10xxxxxx
U+010000 U+10FFFF 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
Example 227 $ = U+0024 is encoded as 00100100 (1 byte)
= U+00A2 is encoded as 11000010,10100010 (two bytes)
e = U+20AC is encoded as 11100010,10000010,10101100 (three bytes)
Note how the xed bit prexes in the encoding are engineered to determine which of the four cases
apply, so that UTF-8 encoded documents can be safely decoded..
5.4 Formal Languages and Meaning
After we have studied the elementary theory of codes for strings, we will come to string represen-
tations of structured objects like terms. For these we will need more rened methods.
As we have started out the course with unary natural numbers and added the arithmetical
operations to the mix later, we will use unary arithmetics as our running example and study
object.
82
A formal Language for Unary Arithmetics
Goal: We want to develop a formal language that means something.
Idea: Start with something very simple: Unary Arithmetics
(i.e. N with addition, multiplication, subtraction, and integer division)
E
un
is based on the alphabet
un
:= C
un
V F
2
un
B, where
C
un
:= /
is a set of constant names,

V := x 1, . . . , 9 0, . . . , 9
is a set of variable names,

F
2
un
:= add, sub, mul, div, mod is a set of (binary) function names, and
B := (, ) , is a set of structural characters. (
*
,,(,) characters!)
dene strings in stages: E
un
:=
iN
E
i
un
, where
E
1
un
:= C
un
V
E
i+1
un
:= |a, add(a,b), sub(a,b), mul(a,b), div(a,b), mod(a,b) [ a, b E
i
un
We call a string in E
un
an expression of unary arithmetics.
The rst thing we notice is that the alphabet is not just a at any more, we have characters
with dierent roles in the alphabet. These roles have to do with the symbols used in the complex
objects (unary arithmetic expressions) that we want to encode.
The formal language E
un
is constructed in stages, making explicit use of the respective roles of
the characters in the alphabet. Constants and variables form the basic inventory in E
1
un
, the
respective next stage is built up using the function names and the structural characters to encode
the applicative structure of the encoded terms.
Note that with this construction E
i
un
E
i+1
un
.
A formal Language for Unary Arithmetics (Examples)
Example 228 add(//////,mul(x1902,///)) E
un
Proof: we proceed according to the denition
P.1 We have ////// Cun, and x1902 V , and /// Cun by denition
P.2 Thus ////// E
1
un
, and x1902 E
1
un
and /// E
1
un
,
P.3 Hence, ////// E
2
un
and mul(x1902,///) E
2
un
P.4 Thus add(//////,mul(x1902,///)) E
3
un
P.5 And nally add(//////,mul(x1902,///)) Eun
other examples:
div(x201,add(////,x12))
sub(mul(///,div(x23,///)),///)
what does it all mean? (nothing, E
un
is just a set of strings!)
83
To show that a string is an expression s of unary arithmetics, we have to show that it is in the
formal language E
un
. As E
un
is the union over all the E
i
un
, the string s must already be a member
of a set E
j
un
for some j N. So we reason by the denintion establising set membership.
Of course, computer science has better methods for dening languages than the ones used here
(context free grammars), but the simple methods used here will already suce to make the relevant
points for this course.
Syntax and Semantics (a rst glimpse)
Denition 229 A formal language is also called a syntax, since it only concerns the
form of strings.
to give meaning to these strings, we need a semantics, i.e. a way to interpret these.
Idea (Tarski Semantics): A semantics is a mapping from strings to objects we already
know and understand (e.g. arithmetics).
e.g. add(//////,mul(x1902,///)) 6 + (x
1907
3) (but what does this mean?)
looks like we have to give a meaning to the variables as well, e.g. x1902 3, then
add(//////,mul(x1902,///)) 6 + (3 3) = 15
So formal languages do not mean anything by themselves, but a meaning has to be given to them
via a mapping. We will explore that idea in more detail in the following.
84
6 Boolean Algebra
We will now look a formal language from a dierent perspective. We will interpret the language
of Boolean expressions as formulae of a very simple logic: A logic is a mathematical construct
to study the association of meaning to strings and reasoning processes, i.e. to study how humans
5
derive new information and knowledge from existing one.
6.1 Boolean Expressions and their Meaning
In the following we will consider the Boolean Expressions as the language of Propositional Logic,
in many ways the simplest of logics. This means we cannot really express very much of interest,
but we can study many things that are common to all logics.
Let us try again (Boolean Expressions)
Denition 230 (Alphabet) E
bool
is based on the alphabet / :=
C
bool
V F
1
bool
F
2
bool
B, where C
bool
= 0, 1, F
1
bool
= and F
2
bool
= +, .
(V and B as in E
un
)
Denition 231 (Formal Language) E
bool
:=
iN
E
i
bool
, where E
1
bool
:= C
bool
V
and
E
i+1
bool
:= a, (a), (a+b), (ab) [ a, b E
i
bool
.
Denition 232 Let a E
bool
. The minimal i, such that a E
i
bool
is called the depth
of a.
e
1
:= ((x1)+x3) (depth 3)
e
2
:= (((x1x2))+(x3x4)) (depth 4)
e
3
:= ((x1+x2)+((((x1)x2))+(x3x4))) (depth 6)
5
until very recently, humans were thought to be the only systems that could come up with complex argumenta-
tions. In the last 50 years this has changed: not only do we attribute more reasoning capabilities to animals, but
also, we have developed computer systems that are increasingly capable of reasoning.
85
Boolean Expressions as Structured Objects.
Idea: As strings in in E
bool
are built up via the union-principle, we can think of them
as constructor terms with variables
Denition 233 The abstract data type
B := B, [1: B], [0: B], [: B B], [+: B B B], [: B B B]
via the translation
Denition 234 : E
bool
T
B
(B; 1) dened by
(1) := 1 (0) := 0
((A)) := ((A))
((AB)) := ((A), (B)) ((A+B)) := +((A), (B))
We will use this intuition for our treatment of Boolean expressions and treak the strings
and constructor terms synonymouslhy. ( is a (hidden) isomorphism)
Denition 235 We will write (A) as A and (A, B) as A B (and similarly for +).
Furthermore we will write variables such as x71 as x
71
and elide brackets for sums and
products according to their usual precedences.
Example 236 ((((x1x2))+(x3x4))) = x
1
x
2
+x
3
x
4
*
: Do not confuse + and (Boolean sum and product) with their arithmetic counterparts.
(as members of a formal language they have no meaning!)
Now that we have dened the formal language, we turn the process of giving the strings a meaning.
We make explicit the idea of providing meaning by specifying a function that assigns objects that
we already understand to representations (strings) that do not have a priori meaning.
The rst step in assigning meaning is to x a set of objects what we will assign as meanings: the
universe (of discourse). To specify the meaning mapping, we try to get away with specifying
as little as possible. In our case here, we assign meaning only to the constants and functions and
induce the meaning of complex expressions from these. As we have seen before, we also have to
assign meaning to variables (which have a dierent ontological status from constants); we do this
by a special meaning function: a variable assignment.
86
Boolean Expressions: Semantics via Models
Denition 237 A model |, J for E
bool
is a set | of objects (called the universe)
together with an interpretation function J on / with J(C
bool
) |, J(F
1
bool
) T(|; |),
and J(F
2
bool
) T(|
2
; |).
Denition 238 A function : V | is called a variable assignment.
Denition 239 Given a model |, J and a variable assignment , the evaluation func-
tion J
: E
bool
| is dened recursively: Let c C
bool
, a, b E
bool
, and x V , then
J
(c) = J(c), for c C

bool
J
(x) = (x), for x V

J
(a) = J()(J
(a))
J
(a +b) = J(+)(J
(a), J
(b)) and J
(a b) = J()(J
(a), J
(b))
| = T, F with 0 F, 1 T, + , , .
| = E
un
with 0 /, 1 //, + div, mod, x.5.
| = 0, 1 with 0 0, 1 1, + min, max, x.1 x.
Note that all three models on the bottom of the last slide are essentially dierent, i.e. there is
no way to build an isomorphism between them, i.e. a mapping between the universes, so that all
Boolean expressions have corresponding values.
To get a better intuition on how the meaning function works, consider the following example.
We see that the value for a large expression is calculated by calculating the values for its sub-
expressions and then combining them via the function that is the interpretation of the constructor
at the head of the expression.
Evaluating Boolean Expressions
Let := [T/x1], [F/x2], [T/x3], [F/x4], and 1 = |0 F, 1 T, + , , , then
1((x1 +x2) + (x1 x2 +x3 x4))
= 1(x1 +x2) 1(x1 x2 +x3 x4)
= 1(x1) 1(x2) 1(x1 x2) 1(x3 x4)
= (x1) (x2) (1(x1 x2)) 1(x3 x4)
= (T F) ((1(x1) 1(x2)) (1(x3) 1(x4)))
= T ((1(x1)) (x2)) ((x3) (x4))
= T (((x1)) F) (T F)
= T ((T) F) F
= T (F F) F
= T (F) F = T T F = T
What a mess!
87
A better mouse-trap: Truth Tables
Truth tables to visualize truth functions:
T F
F T
T F
T T F
F F F
+ T F
T T T
F T F
If we are interested in values for all assignments (e.g. of x
123
x
4
+x
123
x
72
)
assignments intermediate results full
x
4
x
72
x
123
e
1
:= x
123
x
72
e
2
:= e
1
e
3
:= x
123
x
4
e
3
+ e
2
F F F F T F T
F F T F T F T
F T F F T F T
F T T T F F F
T F F F T F T
T F T F T T T
T T F F T F T
T T T T F T T
Boolean Algebra
Denition 240 A Boolean algebra is E
bool
together with the models
T, F, 0 F, 1 T, + , , .
0, 1, 0 0, 1 1, + max, min, x.1 x.
BTW, the models are equivalent (0 =F, 1 =T)
Denition 241 We will use B for the universe, which can be either 0, 1 or T, F
Denition 242 We call two expressions e
1
, e
2
E
bool
equivalent (write e
1
e
2
), i
J
(e
1
) = J
(e
2
) for all J and .
Theorem 243 e
1
e
2
, i (e1 +e
2
) (e
1
+e
2
) is a theorem of Boolean Algebra.
As we are mainly interested in the interplay between form and meaning in Boolean Algebra, we
will often identify Boolean expressions, if they have the same values in all situations (as specied
by the variable assignments). The notion of equivalent formulae formalizes this intuition.
88
Boolean Equivalences
Given a, b, c E
bool
, +, , let :=
_
+ if =
else
We have the following equivalences in Boolean Algebra:
a b b a (commutativity)
(a b) c a (b c) (associativity)
a (bc) (a b)(a c) (distributivity)
a (ab) a (covering)
(a b)(a b) a (combining)
(a b)((a c)(b c)) (a b)(a c) (consensus)
a b ab (De Morgan)
6.2 Boolean Functions
We will now turn to semantical counterparts of Boolean expressions: Boolean functions. These
are just n-ary functions on the Boolean values.
Boolean functions are interesting, since can be used as computational devices; we will study
this extensively in the rest of the course. In particular, we can consider a computer CPU as
collection of Boolean functions (e.g. a modern CPU with 64 inputs and outputs can be viewed as
a sequence of 64 Boolean functions of arity 64: one function per output pin).
The theory we will develop now will help us understand how to implement Boolean functions
(as specications of computer chips), viewing Boolean expressions very abstract representations of
congurations of logic gates and wiring. We will study the issues of representing such congurations
in more detail later
12
EdNote:12
Boolean Functions
Denition 244 A Boolean function is a function from B
n
to B.
Denition 245 Boolean functions f, g : B
n
B are called equivalent, (write f g),
i f(c) = g(c) for all c B
n
. (equal as functions)
Idea: We can turn any Boolean expression into a Boolean function by ordering the
variables (use the lexical ordering on X 1, . . . , 9
+
0, . . . , 9
)
Denition 246 Let e E
bool
and x
1
, . . . , x
n
the set of variables in e, then call
V L(e) := x
1
, . . . , x
n
the variable list of e, i (x
i
<
lex
x
j
) where i j.
Denition 247 Let e E
bool
with V L(e) = x
1
, . . . , x
n
, then we call the function
f
e
: B
n
B with f
e
: c J
c
(e)
the Boolean function induced by e, where
c1,...,cn)
: x
i
c
i
.
Theorem 248 e
1
e
2
, i f
e1
= f
e2
.
12
EdNote: make a forward reference here.
89
The denition above shows us that in theory every Boolean Expression induces a Boolean function.
The simplest way to compute this is to compute the truth table for the expression and then read
o the function from the table.
Boolean Functions and Truth Tables
The truth table of a Boolean function is dened in the obvious way:
x
1
x
2
x
3
f
x
1
(x
2
+x
3
)
T T T T
T T F F
T F T T
T F F T
F T T F
F T F F
F F T F
F F F F
compute this by assigning values and evaluating
Question: can we also go the other way? (from function to expression?)
Idea: read expression of a special form from truth tables (Boolean Polynomials)
Computing a Boolean expression from a given Boolean function is more interesting there are
many possible candidates to choose from; after all any two equivalent expressions induce the same
function. To simplify the problem, we will restrict the space of Boolean expressions that realize a
given Boolean function by looking only for expressions of a given form.
Boolean Polynomials
special form Boolean Expressions
a literal is a variable or the negation of a variable
a monomial or product term is a literal or the product of literals
a clause or sum term is a literal or the sum of literals
a Boolean polynomial or sum of products is a product term or the sum of product
terms
a clause set or product of sums is a sum term or the product of sum terms
For literals x
i
, write x
1
i
, for x
i
write x
0
i
. (
*
not exponentials, but intended truth values)
Notation 249 Write x
i
x
j
instead of x
i
x
j
. (like in math)
Armed with this normal form, we can now dene an way of realizing
13
Boolean functions. EdNote:13
13
EdNote: dene that formally above
90
Normal Forms of Boolean Functions
Denition 250 Let f : B
n
B be a Boolean function and c B
n
, then M
c
:=
n
j=1
x
cj
j
and S
c
:=
n
j=1
x
1cj
j
Denition 251 The disjunctive normal form (DNF) of f is
cf
1
(1)
M
c
(also called the canonical sum (written as DNF(f)))
Denition 252 The conjunctive normal form (CNF) of f is
cf
1
(0)
S
c
(also called the canonical product (written as CNF(f)))
x
1
x
2
x
3
f monomials clauses
0 0 0 1 x
0
1
x
0
2
x
0
3
0 0 1 1 x
0
1
x
0
2
x
1
3
0 1 0 0 x
1
1
+ x
0
2
+ x
1
3
0 1 1 0 x
1
1
+ x
0
2
+ x
0
3
1 0 0 1 x
1
1
x
0
2
x
0
3
1 0 1 1 x
1
1
x
0
2
x
1
3
1 1 0 0 x
0
1
+ x
0
2
+ x
1
3
1 1 1 1 x
1
1
x
1
2
x
1
3
DNF of f: x
1
x
2
x
3
+x
1
x
2
x
3
+x
1
x
2
x
3
+x
1
x
2
x
3
+x
1
x
2
x
3
CNF of f: (x
1
+x
2
+x
3
) (x
1
+x
2
+x
3
) (x
1
+x
2
+x
3
)
Normal Boolean Expressions
Denition 253 A monomial or clause is called normal, i each variable appears at most
once.
Note: Any monomial or clause can be reduced to a constant or a normal term.
Given a monomial or clause T
1
x
c1
T
2
x
c2
T
3
( +, )
we can rewrite to T = (T
1
T
2
T
3
)
. .
T
x
c1
x
c2
(using commutativity and associativity)
simplify the subterm x
c1
x
c2
according to tables:
c
1
c
2
x
c1
x
c2
T
0 0 x
0
T
t
x
0
0 1 0 0
1 0 0 0
1 1 x
1
T
t
x
1
c
1
c
2
x
c1
+x
c2
T
0 0 x
0
T
t
x
0
0 1 1 1
1 0 1 1
1 1 x
1
T
t
x
1
91
MinTerms and MaxTerms
Denition 254 An n-variable minterm (maxterm) is a normal monomial (clause) with
n literals.
Note: each monomial in the DNF of a Boolean function f is a minterm and each clause
in the CNF of f is a maxterm.
Denition 255 Given a Boolean expression e with n variables and a vector x B
n
.
The expression e covers x i f
e
(x) = 1.
Example 256 The expression x
1
x
2
+x
3
covers 1, 1, 0.
Note: Each minterm in a DNF covers exactly one vector. Namely, m = x
c1
1
x
c2
2
. . . x
cn
n
covers the value c
1
, . . . , c
n
. So by denition of the DNF, each minterm m in the DNF
of a function f : B
n
B covers exactly one x B
n
with f(x) = 1.
In the light of the argument of understanding Boolean expressions as implementations of Boolean
functions, the process becomes interesting while realizing specications of chips. In particular it
also becomes interesting, which of the possible Boolean expressions we choose for realizing a given
Boolean function. We will analyze the choice in terms of the cost of a Boolean expression.
Costs of Boolean Expressions
Idea: Complexity Analysis is about the estimation of resource needs
if we have two expressions for a Boolean function, which one to choose?
Idea: Let us just measure the size of the expression(after all it needs to be written down)
Better Idea: count the number of operators (computation elements)
Denition 257 The cost C(e) of e E
bool
is the number of operators in e.
Example 258 C(x
1
+x
3
) = 2, C(x
1
x
2
+x
3
x
4
) = 4,
C((x
1
+x
2
) + (x
1
x
2
+x
3
x
4
)) = 7
n
B be a Boolean function, then C(f) :=
min(C(e) [ f = f
e
) is the cost of f.
Note: We can nd expressions of arbitrarily high cost for a given Boolean function.
(e e 1)
but how to nd such an e with minimal cost for f?
6.3 Complexity Analysis for Boolean Expressions
92
The Landau Notations (aka. big-O Notation)
Denition 260 Let f, g : N N, we say that f is asymptotically bounded by g, written
as (f
a
g), i there is an n
0
N, such that f(n) g(n) for all n > n
0
.
Denition 261 The three Landau sets O(g), (g), (g) are dened as
O(g) = f [ k > 0.f
a
k g
(g) = f [ k > 0.f
a
k g
(g) = O(g) (g)
Intuition: The Landau sets express the shape of growth of the graph of a function.
If f O(g), then f grows at most as fast as g. (f is in the order of g)
If f (g), then f grows at least as fast as g. (f is at least in the order of g)
If f (g), then f grows as fast as g. (f is strictly in the order of g)
Commonly used Landau Sets
Landau set class name rank Landau set class name rank
O(1) constant 1 O(n
2
) quadratic 4
O(log
2
(n)) logarithmic 2 O(n
k
) polynomial 5
O(n) linear 3 O(k
n
) exponential 6
Theorem 262 These -classes establish a ranking
(increasing rank increasing growth)
O(1)O(log
2
(n))O(n)O(n
2
)O(n
k
)O(k
n
)
where k
t
> 2 and k > 1. The reverse holds for the -classes
(1)(log
2
(n))(n)(n
2
)(n
k
)(k
n
)
Idea: Use O-classes for worst-case complexity analysis and -classes for best-case.
Examples
Idea: the fastest growth function in sum determines the O-class
Example 263 (n.263748) O(1)
Example 264 (n.26n + 372) O(n)
Example 265 (n.7(n
2
) 372n + 92) O(n
2
)
Example 266 (n.857(n
10
) + 7342(n
7
) + 26(n
2
) + 902) O(n
10
)
Example 267 (n.3 (2
n
) + 72) O(2
n
)
Example 268 (n.3 (2
n
) + 7342(n
7
) + 26(n
2
) + 722) O(2
n
)
93
With the basics of complexity theory well-understood, we can now analyze the cost-complexity of
Boolean expressions that realize Boolean functions. We will rst derive two upper bounds for the
cost of Boolean functions with n variables, and then a lower bound for the cost.
The rst result is a very naive counting argument based on the fact that we can always realize a
Boolean function via its DNF or CNF. The second result gives us a better complexity with a more
involved argument. Another dierence between the proofs is that the rst one is constructive,
i.e. we can read an algorithm that provides Boolean expressions of the complexity claimed by the
algorithm for a given Boolean function. The second proof gives us no such algorithm, since it is
non-constructive.
An Upper Bound for the Cost of BF with n variables
Idea: Every Boolean function has a DNF and CNF, so we compute its cost.
Example 269 Let us look at the size of the DNF or CNF for f (B
3
B).
x
1
x
2
x
3
f monomials clauses
0 0 0 1 x
0
1
x
0
2
x
0
3
0 0 1 1 x
0
1
x
0
2
x
1
3
0 1 0 0 x
1
1
+ x
0
2
+ x
1
3
0 1 1 0 x
1
1
+ x
0
2
+ x
0
3
1 0 0 1 x
1
1
x
0
2
x
0
3
1 0 1 1 x
1
1
x
0
2
x
1
3
1 1 0 0 x
0
1
+ x
0
2
+ x
1
3
1 1 1 1 x
1
1
x
1
2
x
1
3
Theorem 270 Any f : B
n
B is realized by an e E
bool
with C(e) O(n 2
n
).
Proof: by counting (constructive proof (we exhibit a witness))
P.1 either e
n
:= CNF(f) has
2
n
2
clauses or less or DNF(f) does monomials
P.2 take smaller one, multiply/sum the monomials/clauses at cost 2
n1
1
P.3 there are n literals per clause/monomial e
i
, so C(e
i
) 2n 1
P.4 so C(e
n
) 2
n1
1 + 2
n1
(2n 1) and thus C(e
n
) O(n 2
n
)
For this proof we will introduce the concept of a realization cost function : N N to save
space in the argumentation. The trick in this proof is to make the induction on the arity work
by splitting an n-ary Boolean function into two n1-ary functions and estimate their complexity
separately. This argument does not give a direct witness in the proof, since to do this we have to
decide which of these two split-parts we need to pursue at each level. This yields an algorithm for
determining a witness, but not a direct witness itself.
94
We can do better (if we accept complicated witness)
Theorem 271 Let (n) := max(C(f) [ f : B
n
B), then O(2
n
).
Proof: we show that (n) 2
n
+d by induction on n
P.1.1 base case: We count the operators in all members: B B = f
1
, f
0
, f
x1
, f
x1
,
so (1) = 1 and thus (1) 2
1
+d for d = 0.
P.1.2 step case:
P.1.2.1 given f (B
n
B), then f(a
1
, . . . , a
n
) = 1, i either
a
n
= 0 and f(a
1
, . . . , a
n1
, 0) = 1 or
a
n
= 1 and f(a
1
, . . . , a
n1
, 1) = 1
P.1.2.2 Let f
i
(a
1
, . . . , a
n1
) := f(a
1
, . . . , a
n1
, i) for i 0, 1,
P.1.2.3 then there are e
i
E
bool
, such that f
i
= f
ei
and C(e
i
) = 2
n1
+d. (IH)
P.1.2.4 thus f = f
e
, where e := x
n
e
0
+x
n
e
1
and (n) = 2 2
n1
+ 2d + 4.
The next proof is quite a lot of work, so we will rst sketch the overall structure of the proof,
before we look into the details. The main idea is to estimate a cleverly chosen quantity from
above and below, to get an inequality between the lower and upper bounds (the quantity itself is
irrelevant except to make the proof work).
A Lower Bound for the Cost of BF with n Variables
Theorem 272 (
2
n
log
2
(n)
)
Proof: Sketch (counting again!)
P.1 the cost of a function is based on the cost of expressions.
P.2 consider the set c
n
of expressions with n variables of cost no more than (n).
P.3 nd an upper and lower bound for #(c
n
): ((n) #(c
n
) ((n)))
P.4 in particular: (n) ((n))
P.5 solving for (n) yields (n) (n) so (
2
n
log
2
(n)
)
We will expand P.3 and P.5 in the next slides
95
A Lower Bound For (n)-Cost Expressions
Denition 273 c
n
:= e E
bool
[ e has n variables and C(e) (n)
Lemma 274 #(c
n
) #(B
n
B)
Proof:
P.1 For all f
n
(B
n
B) we have C(f
n
) (n)
P.2 C(f
n
) = min(C(e) [ f
e
= f
n
) choose e
fn
with C(e
fn
) = C(f
n
)
P.3 all distinct: if e
g
e
h
, then f
eg
= f
e
h
and thus g = h.
Corollary 275 #(c
n
) 2
(2
n
)
Proof: consider the n dimensional truth tables
P.1 2
n
entries that can be either 0 or 1, so 2
(2
n
)
possibilities
P.2 so #(B
n
B) = 2
(2
n
)
An Upper Bound For (n)-cost Expressions
Idea: Estimate the number of E
bool
strings that can be formed at a given cost by looking
at the length and alphabet size.
Denition 276 Given a cost c let (e) be the length of e considering variables as single
characters. We dene
(c) := max((e) [ e E
bool
(C(e) c))
Lemma 277 (n) 5n for n > 0.
Proof: by induction on n
P.1.1 base case: The cost 1 expressions are of the form (vw) and (v), where v and
w are variables. So the length is at most 5.
P.1.2 step case: (n) = ((e1e2)) = (e1) + (e2) + 3, where C(e1) +C(e2) n 1.
so (n) (i) +(j) + 3 5 C(e1) + 5 C(e2) + 3 5 n 1 + 5 = 5n
Corollary 278 max((e) [ e c
n
) 5 (n)
96
An Upper Bound For (n)-cost Expressions
Idea: e c
n
has at most n variables by denition.
Let /
n
:= x
1
, . . ., x
n
, 0, 1, , +, , (, ), then #(/
n
) = n + 7
Corollary 279 c
n

5(n)
i=0
/
n
i
and #(c
n
)
(n+7)
5(n)+1
1
n+7
Proof: Note that the /
j
are disjoint for distinct n.
#(
5(n)
i=0
An
i
) =
5(n)
i=0
#(An
i
) =
5(n)
i=0
#(An
i
) =
5(n)
i=0
(n + 7)
i
=
(n + 7)
5(n)+1
1
n + 7
Solving for (n)
(n+7)
5(n)+1
1
n+7
2
(2
n
)
(n + 7)
5(n)+1
2
(2
n
)
(as (n + 7)
5(n)+1
(n+7)
5(n)+1
1
n+7
)
5(n) + 1 log
2
(n + 7) 2
n
(as log
a
(x) = log
b
(x) log
a
(b))
5(n) + 1
2
n
log
2
(n+7)
(n) 1/5
(2
n
)
log
2
(n+7)
1
(n) (
2
n
log
2
(n)
)
6.4 The Quine-McCluskey Algorithm
After we have studied the worst-case complexity of Boolean expressions that realize given Boolean
functions, let us return to the question of computing realizing Boolean expressions in practice. We
will again restrict ourselves to the subclass of Boolean polynomials, but this time, we make sure
that we nd the optimal representatives in this class.
The rst step in the endeavor of nding minimal polynomials for a given Boolean function is to
optimize monomials for this task. We have two concerns here. We are interested in monomials
that contribute to realizing a given Boolean function f (we say they imply f or are implicants),
and we are interested in the cheapest among those that do. For the latter we have to look at a way
to make monomials cheaper, and come up with the notion of a sub-monomial, i.e. a monomial
that only contains a subset of literals (and is thus cheaper.)
97
Constructing Minimal Polynomials: Prime Implicants

Denition 280 We will use the following ordering on B: F T (remember 0 1)
and say that that a monomial M
t
dominates a monomial M, i f
M
(c) f
M
(c) for all
c B
n
. (write M M
t
)
Denition 281 A monomial M implies a Boolean function f : B
n
B (M is an
implicant of f; write M ~ f), i f
M
(c) f(c) for all c B
n
.
Denition 282 Let M = L
1
L
n
and M
t
= L
t
1
L
t
n
be monomials, then M
t
is
called a sub-monomial of M (write M
t
M), i M
t
= 1 or
for all j n
t
, there is an i n, such that L
t
j
= L
i
and
there is an i n, such that L
i
,= L
t
j
for all j n
In other words: M is a sub-monomial of M
t
, i the literals of M are a proper subset of
the literals of M
t
.
With these denitions, we can convince ourselves that sub-monomials are dominated by their
super-monomials. Intuitively, a monomial is a conjunction of conditions that are needed to make
the Boolean function f true; if we have fewer of them, then we cannot approximate the truth-
conditions of f suciently. So we will look for monomials that approximate f well enough and
are shortest with this property: the prime implicants of f.
Constructing Minimal Polynomials: Prime Implicants
Lemma 283 If M
t
M, then M
t
dominates M.
Proof:
P.1 Given c B
n
with f
M
(c) = T, we have, f
Li
(c) = T for all literals in M.
P.2 As M
t
is a sub-monomial of M, then f
L
j
(c) = T for each literal L
t
j
of M
t
.
P.3 Therefore, f
M
(c) = T.
Denition 284 An implicant M of f is a prime implicant of f i no sub-monomial of
M is an implicant of f.
The following Theorem veries our intuition that prime implicants are good candidates for con-
structing minimal polynomials for a given Boolean function. The proof is rather simple (if no-
tationally loaded). We just assume the contrary, i.e. that there is a minimal polynomial p that
contains a non-prime-implicant monomial M
k
, then we can decrease the cost of the of p while still
inducing the given function f. So p was not minimal which shows the assertion.
98
Prime Implicants and Costs
Theorem 285 Given a Boolean function f ,= x.F and a Boolean polynomial f
p
f
with minimal cost, i.e., there is no other polynomial p
t
p such that C(p
t
) < C(p).
Then, p solely consists of prime implicants of f.
Proof: The theorem obviously holds for f = x.T.
P.1 For other f, we have f f
p
where p :=
n
i=1
M
i
for some n 1 monomials M
i
.
P.2 Nos, suppose that M
i
is not a prime implicant of f, i.e., M
t
~ f for some M
t
M
k
with k < i.
P.3 Let us substitute M
k
by M
t
: p
t
:=
k1
i=1
M
i
+M
t
+
n
i=k+1
M
i
P.4 We have C(M
t
) < C(M
k
) and thus C(p
t
) < C(p) (def of sub-monomial)
P.5 Furthermore M
k
M
t
and hence that p p
t
by Lemma 283.
P.6 In addition, M
t
p as M
t
~ f and f = p.
P.7 similarly: M
i
p for all M
i
. Hence, p
t
p.
P.8 So p
t
p and f
p
f. Therefore, p is not a minimal polynomial.
This theorem directly suggests a simple generate-and-test algorithm to construct minimal poly-
nomials. We will however improve on this using an idea by Quine and McCluskey. There are of
course better algorithms nowadays, but this one serves as a nice example of how to get from a
theoretical insight to a practical algorithm.
The Quine/McCluskey Algorithm (Idea)
Idea: use this theorem to search for minimal-cost polynomials
Determine all prime implicants (sub-algorithm QMC
1
)
choose the minimal subset that covers f (sub-algorithm QMC
2
)
Idea: To obtain prime implicants,
start with the DNF monomials (they are implicants by construction)
nd submonomials that are still implicants of f.
Idea: Look at polynomials of the form p := mx
i
+mx
i
(note: p m)
Armed with the knowledge that minimal polynomials must consist entirely of prime implicants,
we can build a practical algorithm for computing minimal polynomials: In a rst step we compute
the set of prime implicants of a given function, and later we see whether we actually need all of
them.
For the rst step we use an important observation: for a given monomial m, the polynomials
mx +mx are equivalent, and in particular, we can obtain an equivalent polynomial by replace the
latter (the partners) by the former (the resolvent). That gives the main idea behind the rst part
of the Quine-McCluskey algorithm. Given a Boolean function f, we start with a polynomial for f:
the disjunctive normal form, and then replace partners by resolvents, until that is impossible.
99
The algorithm QMC
1
, for determining Prime Implicants
Denition 286 Let M be a set of monomials, then
1(M) := m [ (mx) M (mx) M is called the set of resolvents of M

1(M) := m M [ m has a partner in M (nx
i
and nx
i
are partners)
Denition 287 (Algorithm) Given f : B
n
B
let M
0
:= DNF(f) and for all j > 0 compute (DNF as set of monomials)
M
j
:= 1(M
j1
) (resolve to get sub-monomials)
P
j
:= M
j1
1(M
j1
) (get rid of redundant resolution partners)
terminate when M
j
= , return P
prime
:=
n
j=1
P
j
We will look at a simple example to fortify our intuition.
Example for QMC
1
x1 x2 x3 f monomials
F F F T x1
0
x2
0
x3
0
F F T T x1
0
x2
0
x3
1
F T F F
F T T F
T F F T x1
1
x2
0
x3
0
T F T T x1
1
x2
0
x3
1
T T F F
T T T T x1
1
x2
1
x3
1
P
prime
=
3
_
j=1
P
j
= x1 x3, x2
M
0
= {x1 x2 x3

=: e
0
1
, x1 x2 x3

=: e
0
2
, x1 x2 x3

=: e
0
3
, x1 x2 x3

=: e
0
4
, x1 x2 x3

=: e
0
5
}
M
1
= { x1 x2

R(e
0
1
,e
0
2
)
=: e
1
1
, x2 x3

R(e
0
1
,e
0
3
)
=: e
1
2
, x2 x3

R(e
0
2
,e
0
4
)
=: e
1
3
, x1 x2

R(e
0
3
,e
0
4
)
=: e
1
4
, x1 x3

R(e
0
4
,e
0
5
)
=: e
1
5
}
P
1
=
M
2
= { x2
R(e
1
1
,e
1
4
)
, x2
R(e
1
2
,e
1
3
)
}
P
2
= {x1 x3}
M
3
=
P
3
= {x2}
But: even though the minimal polynomial only consists of prime implicants, it need not
contain all of them
We now verify that the algorithm really computes what we want: all prime implicants of the
Boolean function we have given it. This involves a somewhat technical proof of the assertion
below. But we are mainly interested in the direct consequences here.
100
Properties of QMC
1
Lemma 288 (proof by simple (mutual) induction)
1. all monomials in M
j
have exactly n j literals.
2. M
j
contains the implicants of f with n j literals.
3. P
j
contains the prime implicants of f with n j + 1 for j > 0 . literals
Corollary 289 QMC
1
terminates after at most n rounds.
Corollary 290 P
prime
is the set of all prime implicants of f.
Note that we are not nished with our task yet. We have computed all prime implicants of a given
Boolean function, but some of them might be un-necessary in the minimal polynomial. So we
have to determine which ones are. We will rst look at the simple brute force method of nding
the minimal polynomial: we just build all combinations and test whether they induce the right
Boolean function. Such algorithms are usually called generate-and-test algorithms.
They are usually simplest, but not the best algorithms for a given computational problem. This
is also the case here, so we will present a better algorithm below.
Algorithm QMC
2
: Minimize Prime Implicants Polynomial
Denition 291 (Algorithm) Generate and test!
enumerate S
p
P
prime
, i.e., all possible combinations of prime implicants of f,
form a polynomial e
p
as the sum over S
p
and test whether f
ep
= f and the cost of
e
p
is minimal
Example 292 P
prime
= x1 x3, x2, so e
p
1, x1 x3, x2, x1 x3 +x2.
Only f
x1 x3+x2
f, so x1 x3 +x2 is the minimal polynomial
Complaint: The set of combinations (power set) grows exponentially
101
A better Mouse-trap for QMC

2
: The Prime Implicant Table
n
B be a Boolean function, then the PIT consists of
a left hand column with all prime implicants p
i
of f
a top row with all vectors x B
n
with f(x) = T
a central matrix of all f
pi
(x)
Example 294
FFF FFT TFF TFT TTT
x1 x3 F F F T T
x2 T T T T F
Denition 295 A prime implicant p is essential for f i
there is a c B
n
such that f
p
(c) = T and
f
q
(c) = F for all other prime implicants q.
Note: A prime implicant is essential, i there is a column in the PIT, where it has a T
and all others have F.
Essential Prime Implicants and Minimal Polynomials
Theorem 296 Let f : B
n
B be a Boolean function, p an essential prime implicant
for f, and p
min
a minimal polynomial for f, then p p
min
.
Proof: by contradiction: let p / p
min
P.1 We know that f = f
pmin
and p
min
=
n
j=1
p
j
for some n N and prime implicants
p
j
.
P.2 so for all c B
n
with f(c) = T there is a j n with f
pj
(c) = T.
P.3 so p cannot be essential
Let us now apply the optimized algorithm to a slightly bigger example.
A complex Example for QMC (Function and DNF)
x1 x2 x3 x4 f monomials
F F F F T x1
0
x2
0
x3
0
x4
0
F F F T T x1
0
x2
0
x3
0
x4
1
F F T F T x1
0
x2
0
x3
1
x4
0
F F T T F
F T F F F
F T F T T x1
0
x2
1
x3
0
x4
1
F T T F F
F T T T F
T F F F F
T F F T F
T F T F T x1
1
x2
0
x3
1
x4
0
T F T T T x1
1
x2
0
x3
1
x4
1
T T F F F
T T F T F
T T T F T x1
1
x2
1
x3
1
x4
0
T T T T T x1
1
x2
1
x3
1
x4
1
102
A complex Example for QMC (QMC
1
)
M
0
= x1
0
x2
0
x3
0
x4
0
, x1
0
x2
0
x3
0
x4
1
, x1
0
x2
0
x3
1
x4
0
,
x1
0
x2
1
x3
0
x4
1
, x1
1
x2
0
x3
1
x4
0
, x1
1
x2
0
x3
1
x4
1
,
x1
1
x2
1
x3
1
x4
0
, x1
1
x2
1
x3
1
x4
1
M
1
= x1
0
x2
0
x3
0
, x1
0
x2
0
x4
0
, x1
0
x3
0
x4
1
, x1
1
x2
0
x3
1
,
x1
1
x2
1
x3
1
, x1
1
x3
1
x4
1
, x2
0
x3
1
x4
0
, x1
1
x3
1
x4
0
P
1
=
M
2
= x1
1
x3
1
P
2
= x1
0
x2
0
x3
0
, x1
0
x2
0
x4
0
, x1
0
x3
0
x4
1
, x2
0
x3
1
x4
0
M
3
=
P
3
= x1
1
x3
1
P
prime
= x1 x2 x3, x1 x2 x4, x1 x3 x4, x2 x3 x4, x1 x3
1
: optimizing the data structure
Idea: Do the calculations directly on the DNF table
x1 x2 x3 x4 monomials
F F F F x1
0
x2
0
x3
0
x4
0
F F F T x1
0
x2
0
x3
0
x4
1
F F T F x1
0
x2
0
x3
1
x4
0
F T F T x1
0
x2
1
x3
0
x4
1
T F T F x1
1
x2
0
x3
1
x4
0
T F T T x1
1
x2
0
x3
1
x4
1
T T T F x1
1
x2
1
x3
1
x4
0
T T T T x1
1
x2
1
x3
1
x4
1
Note: the monomials on the right hand side are only for illustration
Idea: do the resolution directly on the left hand side
Find rows that dier only by a single entry. (rst two rows)
resolve: replace them by one, where that entry has an X (canceled literal)
Example 297 F, F, F, F and F, F, F, T resolve to F, F, F, X.
103
1
: optimizing the data structure
One step resolution on the table
F F F F x1
0
x2
0
x3
0
x4
0
F F F T x1
0
x2
0
x3
0
x4
1
F F T F x1
0
x2
0
x3
1
x4
0
F T F T x1
0
x2
1
x3
0
x4
1
T F T F x1
1
x2
0
x3
1
x4
0
T F T T x1
1
x2
0
x3
1
x4
1
T T T F x1
1
x2
1
x3
1
x4
0
T T T T x1
1
x2
1
x3
1
x4
1
F F F X x1
0
x2
0
x3
0
F F X F x1
0
x2
0
x4
0
F X F T x1
0
x3
0
x4
1
T F T X x1
1
x2
0
x3
1
T T T X x1
1
x2
1
x3
1
T X T T x1
1
x3
1
x4
1
X F T F x2
0
x3
1
x4
0
T X T F x1
1
x3
1
x4
0
Repeat the process until no more progress can be made
F F F X x1
0
x2
0
x3
0
F F X F x1
0
x2
0
x4
0
F X F T x1
0
x3
0
x4
1
T X T X x1
1
x3
1
X F T F x2
0
x3
1
x4
0
This table represents the prime implicants of f
A complex Example for QMC (QMC
1
)
The PIT:
FFFF FFFT FFTF FTFT TFTF TFTT TTTF TTTT
x1 x2 x3 T T F F F F F F
x1 x2 x4 T F T F F F F F
x1 x3 x4 F T F T F F F F
x2 x3 x4 F F T F T F F F
x1 x3 F F F F T T T T
x1 x2 x3 is not essential, so we are left with
x2 x3 x4 F F T F T F F F
here x2, x3, x4 is not essential, so we are left with
all the remaining ones (x1 x2 x4, x1 x3 x4, and x1 x3) are essential
So, the minimal polynomial of f is x1 x2 x4 +x1 x3 x4 +x1 x3.
*
The following section about KV-Maps was only taught until fall 2008, it is included here just
for reference
*
6.5 A simpler Method for nding Minimal Polynomials
104
Simple Minimization: Karnaugh-Veitch Diagram
The QMC algorithm is simple but tedious (not for the back of an envelope)
KV-maps provide an ecient alternative for up to 6 variables
Denition 298 A Karnaugh-Veitch map (KV-map) is a rectangular table lled with
truth values induced by a Boolean function. Minimal polynomials can be read of KV-
maps by systematically grouping equivalent table cells into rectangular areas of size 2
k
.
Example 299 (Common KV-map schemata)
2 vars 3 vars 4 vars
A A
B
B
AB AB AB AB
C
C
AB AB AB AB
CD m0 m4 m12 m8
CD m1 m5 m13 m9
CD m3 m7 m15 m11
CD m2 m6 m14 m10
square ring torus
2/4-groups 2/4/8-groups 2/4/8/16-groups
Note: Note that the values in are ordered, so that exactly one variable ips sign between
adjacent cells (Gray Code)
105
KV-maps Example: E(6, 8, 9, 10, 11, 12, 13, 14)
Example 300
# A B C D V
0 F F F F F
1 F F F T F
2 F F T F F
3 F F T T F
4 F T F F F
5 F T F T F
6 F T T F T
7 F T T T F
8 T F F F T
9 T F F T T
10 T F T F T
11 T F T T T
12 T T F F T
13 T T F T T
14 T T T F T
15 T T T T F
The corresponding KV-map:
AB AB AB AB
CD F F T T
CD F F T T
CD F F F T
CD F T T T
in the red/brown group
A does not change, so include A
B changes, so do not include it
C does not change, so include C
D changes, so do not include it
So the monomial is AC
in the green/brown group we have AB
in the blue group we have BC D
The minimal polynomial for E(6, 8, 9, 10, 11, 12, 13, 14) is AB +AC +BC D
KV-maps Caveats
groups are always rectangular of size 2
k
(no crooked shapes!)
a group of size 2
k
induces a monomial of size n k (the bigger the better)
groups can straddle vertical borders for three variables
groups can straddle horizontal and vertical borders for four variables
picture the the n-variable case as a n-dimensional hypercube!
106
7 Propositional Logic
Boolean Expressions and Propositional Logic
7.1 Boolean Expressions and Propositional Logic
We will now look at Boolean expressions from a dierent angle. We use them to give us a very
simple model of a representation language for
knowledge in our context mathematics, since it is so simple, and
argumentation i.e. the process of deriving new knowledge from older knowledge
Still another Notation for Boolean Expressions
Idea: get closer to MathTalk
Use , , , , and directly (after all, we do in MathTalk)
construct more complex names (propositions) for variables
(Use ground terms of sort B in an ADT)
Denition 301 Let = o, T be an abstract data type, such that B o and
[: B B], [: B B B] T, then we call the set T
g
B
() of ground -terms of
sort B a formulation of Propositional Logic.
We will also call this formulation Predicate Logic without Quantiers and denote it with
PLNQ.
Denition 302 Call terms in T
g
B
() without , , , , and atoms.(write /())
Note: Formulae of propositional logic are Boolean Expressions
replace A B by (A B) (B A) and A B by A B. . .
Build print routine with

A B =

A

B, and

A =

A and that turns atoms into
variable names. (variables and atoms are countable)
Conventions for Brackets in Propositional Logic
we leave out outer brackets: A B abbreviates (A B).
implications are right associative: A
1
A
n
C abbreviates A
1
( ( (A
n
C)))
a stands for a left bracket whose partner is as far right as is consistent with existing
brackets (A C D = A (C D))
We will now use the distribution of values of a Boolean expression under all (variable) assignments
to characterize them semantically. The intuition here is that we want to understand theorems,
examples, counterexamples, and inconsistencies in mathematics and everyday reasoning
6
.
6
Here (and elsewhere) we will use mathematics (and the language of mathematics) as a test tube for under-
standing reasoning, since mathematics has a long history of studying its own reasoning processes and assumptions.
107
The idea is to use the formal language of Boolean expressions as a model for mathematical
language. Of course, we cannot express all of mathematics as Boolean expressions, but we can at
least study the interplay of mathematical statements (which can be true or false) with the copula
and, or and not.
Semantic Properties of Boolean Expressions
Denition 303 Let / := |, J be our model, then we call e
true under in /, i J
(e) = T (write / [=
e)
false under in /, i J
(e) = F (write / ,[=
e)
satisable in /, i J
(e) = T for some assignment

valid in /, i / [=
e for all assignments (write / [= e)

falsiable in /, i J
(e) = F for some assignments

unsatisable in /, i J
(e) = F for all assignments

Example 304 x x is satisable and falsiable.
Example 305 x x is valid and x x is unsatisable.
Notation 306 (alternative) Write [[e]]
,
for J
(e), if / = |, J.
(and [[e]]
,
, if e is ground, and [[e]], if / is clear)
Denition 307 (Entailment) (aka. logical consequence)
We say that e entails f (e [= f), i J
(f) = T for all with J
(e) = T
(i.e. all assignments that make e true also make f true)
Let us now see how these semantic properties model mathematical practice.
In mathematics we are interested in assertions that are true in all circumstances. In our model
of mathematics, we use variable assignments to stand for circumstances. So we are interested
in Boolean expressions which are true under all variable assignments; we call them valid. We
often give examples (or show situations) which make a conjectured assertion false; we call such
examples counterexamples, and such assertions falsiable. We also often give examples for
certain assertions to show that they can indeed be made true (which is not the same as being
valid yet); such assertions we call satisable. Finally, if an assertion cannot be made true in any
circumstances we call it unsatisable; such assertions naturally arise in mathematical practice in
the form of refutation proofs, where we show that an assertion (usually the negation of the theorem
we want to prove) leads to an obviously unsatisable conclusion, showing that the negation of the
theorem is unsatisable, and thus the theorem valid.
108
Example: Propositional Logic with ADT variables
Idea: We use propositional logic to express things about the world
(PLNQ = Predicate Logic without Quantiers)
Abstract Data Type: B, I, . . ., [love: I I B], [bill : I], [mary: I], . . .
ground terms:
g
1
:= love(bill, mary) (how nice)
g
2
:= love(mary, bill) love(bill, mary) (how sad)
g3 := love(bill, mary) love(mary, john) hate(bill, john) (how natural)
Semantics: by mapping into known stu, (e.g. I to persons B to T, F)
Idea: Import semantics from Boolean Algebra (atoms are variables)
only need variable assignment : /() T, F
Example 308 J
(love(bill, mary) (love(mary, john) hate(bill, john))) = T if

(love(bill, mary)) = T, (love(mary, john)) = F, and (hate(bill, john)) = T
Example 309 g
1
g
3
love(mary, john) [= hate(bill, john)
What is Logic?
formal languages, inference and their relation with the world
Formal language TL: set of formulae (2 + 3/7, x.x +y = y +x)
Formula: sequence/tree of symbols (x, y, f, g, p, 1, , , , , )
Models: things we understand (e.g. number theory)
Interpretation: maps formulae into models ([[three plus ve]] = 8)
Validity: / [= A, i [[A]]
,
= T (ve greater three is valid)
Entailment: A [= B, i / [= B for all / [= A. (generalize to 1 [= A)
Inference: rules to transform (sets of) formulae (A, A B B)
Syntax: formulae, inference (just a bunch of symbols)
Semantics: models, interpr., validity, entailment (math. structures)
Important Question: relation between syntax and semantics?
So logic is the study of formal representations of objects in the real world, and the formal state-
ments that are true about them. The insistence on a formal language for representation is actually
something that simplies life for us. Formal languages are something that is actually easier to
understand than e.g. natural languages. For instance it is usually decidable, whether a string is
a member of a formal language. For natural language this is much more dicult: there is still
no program that can reliably say whether a sentence is a grammatical sentence of the English
language.
109
We have already discussed the meaning mappings (under the monicker semantics). Meaning
mappings can be used in two ways, they can be used to understand a formal language, when we
use a mapping into something we already understand, or they are the mapping that legitimize
a representation in a formal language. We understand a formula (a member of a formal language)
A to be a representation of an object O, i [[A]] = O.
However, the game of representation only becomes really interesting, if we can do something with
the representations. For this, we give ourselves a set of syntactic rules of how to manipulate the
formulae to reach new representations or facts about the world.
Consider, for instance, the case of calculating with numbers, a task that has changed from a dicult
job for highly paid specialists in Roman times to a task that is now feasible for young children.
What is the cause of this dramatic change? Of course the formalized reasoning procedures for
arithmetic that we use nowadays. These calculi consist of a set of rules that can be followed
purely syntactically, but nevertheless manipulate arithmetic expressions in a correct and fruitful
way. An essential prerequisite for syntactic manipulation is that the objects are given in a formal
language suitable for the problem. For example, the introduction of the decimal system has been
instrumental to the simplication of arithmetic mentioned above. When the arithmetical calculi
were suciently well-understood and in principle a mechanical procedure, and when the art of
clock-making was mature enough to design and build mechanical devices of an appropriate kind,
the invention of calculating machines for arithmetic by Wilhelm Schickard (1623), Blaise Pascal
(1642), and Gottfried Wilhelm Leibniz (1671) was only a natural consequence.
We will see that it is not only possible to calculate with numbers, but also with representations
of statements about the world (propositions). For this, we will use an extremely simple example;
a fragment of propositional logic (we restrict ourselves to only one logical connective) and a small
calculus that gives us a set of rules how to manipulate formulae.
Logical Systems and Calculi
7.2 Logical Systems and Calculi
110
A simple System: Prop. Logic with Hilbert-Calculus
Formulae: built from prop. variables: P, Q, R, . . . and implication:
Semantics: J
(P) = (P) and J
(A B) = T, i J
(A) = F or J
(B) = T.
K := P Q P, S := (P Q R) (P Q) P R
A B A
B
MP
A
[B/X](A)
Subst
Let us look at a 1
0
theorem (with a proof)
C C (Tertium non datur)
Proof:
P.1 (C (C C) C) (C C C) C C
(S with [C/P], [C C/Q], [C/R])
P.2 C (C C) C (K with [C/P], [C C/Q])
P.3 (C C C) C C (MP on P.1 and P.2)
P.4 C C C (K with [C/P], [C/Q])
P.5 C C (MP on P.3 and P.4)
P.6 We have shown that
)
0 C C (i.e. C C is a theorem) (is is also valid?)
This is indeed a very simple logic, that with all of the parts that are necessary:
A formal language: expressions built up from variables and implications.
A semantics: given by the obvious interpretation function
A calculus: given by the two axioms and the two inference rules.
The calculus gives us a set of rules with which we can derive new formulae from old ones. The
axioms are very simple rules, they allow us to derive these two formulae in any situation. The
inference rules are slightly more complicated: we read the formulae above the horizontal line as
assumptions and the (single) formula below as the conclusion. An inference rule allows us to derive
the conclusion, if we have already derived the assumptions.
Now, we can use these inference rules to perform a proof. A proof is a sequence of formulae that
can be derived from each other. The representation of the proof in the slide is slightly compactied
to t onto the slide: We will make it more explicit here. We rst start out by deriving the formula
(P Q R) (P Q) P R (1)
which we can always do, since we have an axiom for this formula, then we apply the rule subst,
where A is this result, B is C, and X is the variable P to obtain
(C Q R) (C Q) C R (2)
Next we apply the rule subst to this where B is C C and X is the variable Q this time to
obtain
(C (C C) R) (C C C) C R (3)
111
And again, we apply the rule subst this time, B is C and X is the variable R yielding the rst
formula in our proof on the slide. To conserve space, we have combined these three steps into one
in the slide. The next steps are done in exactly the same way.
The name MP comes from the Latin name modus ponens (the mode of putting [new facts]),
this is one of the classical syllogisms discovered by the ancient Greeks. The name Subst is just
short for substitution, since the rule allows to instantiate variables in formulae with arbitrary
other formulae.
We will now generalize what we have seen in the example so that we can talk about calculi and
proofs in other situations and see what was specic to the example.
Derivations and Proofs
Denition 310 A derivation of a formula C from a set 1 of hypotheses (write 1 C)
is a sequence A
1
, . . . , A
m
of formulae, such that
A
m
= C (derivation culminates in C)
for all (1 i m), either A
i
1 (hypothesis)
or there is an inference rule
A
l1
; A
l
k
A
i
, where l
j
< i for all j k.
Example 311 In the propositional calculus of natural deduction we have A B A:
the sequence is A B A, A, B A
Ax
A B A A
E
B A
Denition 312 A derivation
C
A is called a proof of A and if one exists (
C
A)
then A is called a (-theorem.
Denition 313 an inference rule J is called admissible in (, if the extension of ( by J
does not yield new theorems.
With formula schemata we mean representations of sets of formulae. In our example above, we
used uppercase boldface letters as (meta)-variables for formulae. For instance, the the modus
ponens inference rule stands for
As an axiom does not have assumptions, it can be added to a proof at any time. This is just
what we did with the axioms in our example proof.
In general formulae can be used to represent facts about the world as propositions; they have
a semantics that is a mapping of formulae into the real world (propositions are mapped to truth
values.) We have seen two relations on formulae: the entailment relation and the deduction
relation. The rst one is dened purely in terms of the semantics, the second one is given by a
calculus, i.e. purely syntactically.
The main question we must ask ourselves: is there any relation between these relations?
Ideally, both relations would be the same, then the calculus would allow us to infer all facts
that can be represented in the given formal language and that are true in the real world, and only
those. In other words, our representation and inference is faithful to the world.
A consequence of this is that we can rely on purely syntactical means to make predictions
about the world. Computers rely on formal representations of the world; if we want to solve a
problem on our computer, we rst represent it in the computer (as data structures, which can be
seen as a formal language) and do syntactic manipulations on these structures (a form of calculus).
Now, if the provability relation induced by the calculus and the validity relation coincide (this will
112
be quite dicult to establish in general), then the solutions of the program will be correct, and
we will nd all possible ones.
Of course, the logics we have studied so far are very simple, and not able to express interesting
facts about the world, but we will study them as a simple example of the fundamental problem of
Computer Science: How do the formal representations correlate with the real world.
Properties of Calculi (Theoretical Logic)
Correctness: (provable implies valid)
1 B implies 1 [= B (equivalent: A implies [=A)
Completeness: (valid implies provable)
1 [= B implies 1 B (equivalent: [=A implies A)
Goal: A i [=A (provability and validity coincide)
To TRUTH through PROOF (CALCULEMUS [Leibniz 1680])
Within the world of logics, one can derive new propositions (the conclusions, here: Socrates is
mortal) from given ones (the premises, here: Every human is mortal and Sokrates is human).
Such derivations are proofs.
Logics can describe the internal structure of real-life facts; e.g. individual things, actions, prop-
erties. A famous example, which is in fact as old as it appears, is illustrated in the slide below.
If a logic is correct, the conclusions one can prove are true (= hold in the real world) whenever
the premises are true. This is a miraculous fact (think about it!)
113
The miracle of logics
Purely formal derivations are true in the real world!
7.3 Proof Theory for the Hilbert Calculus
We now show one of the meta-properties (correctness) for the Hilbert calculus 1
0
. The statement
of the result is rather simple: it just says that the set of provable formulae is a subset of the set of
valid formulae. In other words: If a formula is provable, then it must be valid (a rather comforting
property for a calculus).
1
0
is correct (rst version)
Theorem 314 A implies [=A for all propositions A.
Proof: show by induction over proof length
P.1 Axioms are valid (we already know how to do this!)
P.2 inference rules preserve validity (lets think)
P.2.1 Subst: complicated, see next slide
P.2.2 MP:
P.2.2.1 Let A B be valid, and : 1
o
T, F arbitrary
P.2.2.2 then J
(A) = F or J
(B) = T (by denition of ).

P.2.2.3 Since A is valid, J
(A) = T ,= F, so J
(B) = T.
P.2.2.4 As was arbitrary, B is valid.
To complete the proof, we have to prove two more things. The rst one is that the axioms are
valid. Fortunately, we know how to do this: we just have to show that under all assignments, the
axioms are satised. The simplest way to do this is just to use truth tables.
114
1
0
axioms are valid
Lemma 315 The H
0
axioms are valid.
Proof: We simply check the truth tables
P.1
P Q Q P P Q P
F F T T
F T F T
T F T T
T T T T
P.2
P Q R A := P Q R B := P Q C := P R A B C
F F F T T T T
F F T T T T T
F T F T T T T
F T T T T T T
T F F T F F T
T F T T F T T
T T F F T F T
T T T T T T T
The next result encapsulates the soundness result for the substitution rule, which we still owe. We
will prove the result by induction on the structure of the formula that is instantiated. To get the
induction to go through, we not only show that validity is preserved under instantiation, but we
make a concrete statement about the value itself.
A proof by induction on the structure of the formula is something we have not seen before. It
can be justied by a normal induction over natural numbers; we just take property of a natural
number n to be that all formulae with n symbols have the property asserted by the theorem. The
only thing we need to realize is that proper subterms have strictly less symbols than the terms
themselves.
Substitution Value Lemma and Correctness
Lemma 316 Let A and B be formulae, then J
([B/X](A)) = J
(A), where =
, [J
(B)/X]
Proof: by induction on the depth of A (number of nested symbols)
P.1.1 depth=0, then A is a variable, say Y .:
P.1.1.1 We have two cases
P.1.1.1.1 X = Y : then 1([B/X](A)) = 1([B/X](X)) = 1(B) = (X) = 1
(X) =
1
(A).
P.1.1.1.2 X ,= Y : then 1([B/X](A)) = 1([B/X](Y )) = 1(Y ) = (Y ) = (Y ) =
1
(Y ) = 1
(A).
P.1.2 depth> 0, then A = C D:
P.1.2.1 We have 1([B/X](A)) = T, i 1([B/X](C)) = F or 1([B/X](D)) = T.
P.1.2.2 This is the case, i 1
(C) = F or 1
(D) = T by IH (C and D have smaller depth than

A).
P.1.2.3 In other words, 1
(A) = 1
(C D) = T, i 1([B/X](A)) = T by denition.
P.2 We have considered all the cases and proven the assertion.
Armed with the substitution value lemma, it is quite simple to establish the correctness of the
substitution rule. We state the assertion rather succinctly: Subst preservers validity, which
115
means that if the assumption of the Subst rule was valid, then the conclusion is valid as well, i.e.
the validity property is preserved.
Correctness of Substitution
Lemma 317 Subst preserves validity.
Proof: We have to show that [B/X](A) is valid, if A is.
P.1 Let A be valid, B a formula, : 1
o
T, F a variable assignment, and :=
, [J
(B)/X].
P.2 then J
([B/X](A)) = J
,[1(B)/X]
(A) = T, since A is valid.
P.3 As the argumentation did not depend on the choice of , [B/X](A) valid and we
have proven the assertion.
The next theorem shows that the implication connective and the entailment relation are closely
related: we can move a hypothesis of the entailment relation into an implication assumption in the
conclusion of the entailment relation. Note that however close the relationship between implication
and entailment, the two should not be confused. The implication connective is a syntactic formula
constructor, whereas the entailment relation lives in the semantic realm. It is a relation between
formulae that is induced by the evaluation mapping.
The Entailment Theorem
Theorem 318 If 1, A [= B, then 1 [= (A B).
Proof: We show that J
(A B) = T for all assignments with J
(1) = T whenever
1, A [= B
P.1 Let us assume there is an assignment , such that J
(A B) = F.
P.2 Then J
(A) = T and J
(B) = F by denition.
P.3 But we also know that J
(1) = T and thus J
(B) = T, since 1, A [= B.
P.4 This contradicts our assumption J
(B) = T from above.

P.5 So there cannot be an assignment that J
(A B) = F; in other words, A B
is valid.
Now, we complete the theorem by proving the converse direction, which is rather simple.
116
The Entailment Theorem (continued)
Corollary 319 1, A [= B, i 1 [= (A B)
Proof: In the light of the previous result, we only need to prove that 1, A [= B, whenever
1 [= (A B)
P.1 To prove that 1, A [= B we assume that J
(1, A) = T.
P.2 In particular, J
(A B) = T since 1 [= (A B).
P.3 Thus we have J
(A) = F or J
(B) = T.
P.4 The rst cannot hold, so the second does, thus 1, A [= B.
The entailment theorem has a syntactic counterpart for some calculi. This result shows a close
connection between the derivability relation and the implication connective. Again, the two should
not be confused, even though this time, both are syntactic.
The main idea in the following proof is to generalize the inductive hypothesis from proving A B
to proving A C, where C is a step in the proof of B. The assertion is a special case then, since
B is the last step in the proof of B.
The Deduction Theorem
Theorem 320 If 1, A B, then 1 A B
Proof: By induction on the proof length
P.1 Let C
1
, . . . , C
m
be a proof of B from the hypotheses 1.
P.2 We generalize the induction hypothesis: For all l (1 i m) we construct proofs
1 A C
i
. (get A B for i = m)
P.3 We have to consider three cases
P.3.1 Case 1: C
i
axiom or C
i
1:
P.3.1.1 Then 1 C
i
by construction and 1 C
i
A C
i
by Subst from Axiom 1.
P.3.1.2 So 1 A C
i
by MP.
P.3.2 Case 2: C
i
= A:
P.3.2.1 We have already proven A A, so in particular 1 A C
i
.
(more hypotheses do not hurt)
P.3.3 Case 3: everything else:
P.3.3.1 C
i
is inferred by MP from C
j
and C
k
= C
j
C
i
for j, k < i
P.3.3.2 We have 1 A C
j
and 1 A C
j
C
i
by IH
P.3.3.3 Furthermore, (A C
j
C
i
) (A C
j
) A C
i
by Axiom 2 and Subst
P.3.3.4 and thus 1 A C
i
by MP (twice).
P.4 We have treated all cases, and thus proven 1 A C
i
for (1 i m).
P.5 Note that C
m
= B, so we have in particular proven 1 A B.
117
In fact (you have probably already spotted this), this proof is not correct. We did not cover all
cases: there are proofs that end in an application of the Subst rule. This is a common situation,
we think we have a very elegant and convincing proof, but upon a closer look it turns out that
there is a gap, which we still have to bridge.
This is what we attempt to do now. The rst attempt to prove the subst case below seems to
work at rst, until we notice that the substitution [B/X] would have to be applied to A as well,
which ruins our assertion.
The missing Subst case
Oooops: The proof of the deduction theorem was incomplete
(we did not treat the Subst case)
Lets try:
Proof: C
i
is inferred by Subst from C
j
for j < i with [B/X].
P.1 So C
i
= [B/X](C
j
); we have 1 A C
j
by IH
P.2 so by Subst we have 1 [B/X](A C
j
). (Oooops! ,= A C
i
)
In this situation, we have to do something drastic, like come up with a totally dierent proof.
Instead we just prove the theorem we have been after for a variant calculus.
Repairing the Subst case by repairing the calculus
Idea: Apply Subst only to axioms (this was sucient in our example)
1
1
Axiom Schemata: (innitely many axioms)
A B A, (A B C) (A B) A C
Only one inference rule: MP.
Denition 321 1
1
introduces a (potentially) dierent derivability relation than 1
0
we
call them
)
0 and
)
1
Now that we have made all the mistakes, let us write the proof in its nal form.
118
Deduction Theorem Redone
Theorem 322 If 1, A
)
1 B, then 1
)
1 A B
Proof: Let C
1
, . . . , C
m
be a proof of B from the hypotheses 1.
P.1 We construct proofs 1
)
1 A C
i
for all (1 i n) by induction on i.
P.2.1 C
i
is an axiom or hypothesis:
P.2.1.1 Then 1
)
1 C
i
by construction and 1
)
1 C
i
A C
i
by Ax1.
P.2.1.2 So 1
)
1 C
i
by MP
P.2.2 C
i
= A:
P.2.2.1 We have proven
)
0 A A, (check proof in 1
1
)
We have
)
1 A C
i
, so in particular 1
)
1 A C
i
P.2.3 else:
P.2.3.1 C
i
is inferred by MP from C
j
and C
k
= C
j
C
i
for j, k < i
P.2.3.2 We have 1
)
1 A C
j
and 1
)
1 A C
j
C
i
by IH
P.2.3.3 Furthermore, (A C
j
C
i
) (A C
j
) A C
i
by Axiom 2
P.2.3.4 and thus 1
)
1 A C
i
by MP (twice). (no Subst)
The deduction theorem and the entailment theorem together allow us to understand the claim that
the two formulations of correctness (A B implies A [= B and A implies [=B) are equivalent.
Indeed, if we have A B, then by the deduction theorem A B, and thus [=A B by
correctness, which gives us A [= B by the entailment theorem. The other direction and the
argument for the corresponding statement about completeness are similar.
Of course this is still not the version of the proof we originally wanted, since it talks about the
Hilbert Calculus 1
1
, but we can show that 1
1
and 1
0
are equivalent.
But as we will see, the derivability relations induced by the two caluli are the same. So we can
prove the original theorem after all.
119
The Deduction Theorem for 1
0
Lemma 323
)
1 =
)
0
Proof:
P.1 All 1
1
axioms are 1
0
theorems. (by Subst)
P.2 For the other direction, we need a proof transformation argument:
P.3 We can replace an application of MP followed by Subst by two Subst applications
followed by one MP.
P.4 . . . A B. . . A. . . B. . . [C/X](B) . . . is replaced by
. . . A B. . . [C/X](A) [C/X](B) . . . A. . . [C/X](A) . . . [C/X](B) . . .
P.5 Thus we can push later Subst applications to the axioms, transforming a 1
0
proof
into a 1
1
proof.
Corollary 324 1, A
)
0 B, i 1
)
0 A B.
Proof Sketch: by MP and
)
1 =
)
0
We can now collect all the pieces and give the full statement of the correctness theorem for 1
0
1
0
is correct (full version)
Theorem 325 For all propositions A, B, we have A
)
0 B implies A [= B.
Proof:
P.1 By deduction theorem A
)
0 B, i A C,
P.2 by the rst correctness theorem this is the case, i [=A B,
P.3 by the entailment theorem this holds, i A [= C.
A Calculus for Mathtalk
7.4 A Calculus for Mathtalk
In our introduction to Subsection 7.1 we have positioned Boolean expressions (and proposition
logic) as a system for understanding the mathematical language mathtalk introduced in Sub-
section 3.2. We have been using this language to state properties of objects and prove them all
through this course without making the rules the govern this activity fully explicit. We will rectify
this now: First we give a calculus that tries to mimic the the informal rules mathematicians use
int their proofs, and second we show how to extend this calculus of natural deduction to the
full langauge of mathtalk.
We will now introduce the natural deduction calculus for propositional logic. The calculus was
created in order to model the natural mode of reasoning e.g. in everyday mathematical practice.
This calculus was intended as a counter-approach to the well-known Hilbert style calculi, which
were mainly used as theoretical devices for studying reasoning in principle, not for modeling
particular reasoning styles.
120
Rather than using a minimal set of inference rules, the natural deduction caluculus provides
two/three inference rules for every connective and quantier, one introduction rule (an inference
rule that derives a formula with that symbol at the head) and one elimination rule (an inference
rule that acts on a formula with this head and derives a set of subformulae).
Calculi: Natural Deduction (ND
0
) [Gentzen30]
Idea: ND
0
tries to mimic human theorem proving behavior (non- minimal)
Denition 326 The ND
0
calculus has rules for the introduction and elimination of
connectives
Introduction Elimination Axiom
A B
A B
I
A B
A
E
l
A B
B
E
r
A A
TND
[A]
1
B
A B
I
1
A B A
B
E
TND is used only in classical logic (otherwise constructive/intuitionistic)
The most characactersic rule in the natural deduction calculus is the I rule. It corresponds to
the mathematical way of proving an implication A B: We assume that A true and show B
from this assumption. When we can do this we discharge (get rid of) the assumption and conclude
A B. This mode of reasoning is called hypothetical reasoning.
Let us now consider an example of hypothetical reasoning in action.
Natural Deduction: Examples
Inference with local hypotheses
[A B]
1
E
r
B
[A B]
1
E
l
A
I
B A
I
1
A B B A
Another characteristic of the natural deduction calculus is that it has inference rules (introduction
and elimination rules) for all connectives. So we extend the set of rules from Denition 326 for
disjunction, negation and falsity.
121
More Rules for Natural Deduction
Denition 327 ND
0
has the following additional rules for the remaining connectives.
A
A B
I
l
B
A B
I
r
A B
[A]
.
.
.
C
[B]
.
.
.
C
C
E
[A]
.
.
.
F
A
I
A
A
E
A A
F
FI
F
A
FE
The next step now is to extend the language of propositional logic to include the quantiers
and . To do this, we will extend the language PLNQ with formulae of the form x A and x A,
where x is a variable and A is a formula. This system (which ist a little more involved than we
make believe now) is called rst-order logic.
14
EdNote:14
Building on the calculus ND
0
, we dene a rst-order calculus for mathtalk by providing intro-
duction and elimination rules for the quantiers.
First-Order Natural Deduction
Rules for propositional connectives just as always
Denition 328 (New Quantier Rules) The AT extends ND
0
by the following
four rules
A
X.A
I
X.A
[B/X](A)
E
[B/X](A)
X.A
I
X.A
[[c/X](A)]
.
.
.
C
C
E
means that A does not de-

pend on any hypothesis in which X is free.
The intuition behind the rule I is that a formula A with a (free) variable X can be generalized
to X.A, if X stands for an arbitrary object, i.e. there are no restricting assumptions about X.
The E rule is just a substitution rule that allows to instantiate arbitrary terms B for X in A.
The I rule says if we have a witness B for X in A (i.e. a concrete term B that makes A true),
then we can existentially close A. The E rule corresponds to the common mathematical practice,
where we give objects we know exist a new name c and continue the proof by reasoninb about this
concrete object c. Anything we can prove from the assumption [c/X](A) we can prove outright if
X.A is known.
With the AT calculus we have given a set of inference rules that are (empirically) complete for
all the proof we need for the General Computer Science courses. Indeed Mathematicians are
14
EdNote: give a forward reference
122
convinced that (if pressed hard enough) they could transform all (informal but rigorous) proofs
into (formal) AT proofs. This is however seldom done in practice because it is extremely tedious,
and mathematicians are sure that peer review of mathematical proofs will catch all relevant errors.
In some areas however, this quality standard is not safe enough, e.g. for programs that control nu-
clear power plants. The eld of Formal Methods which is at the intersection of mathematics and
Computer Science studies how the behavior of programs can be specied formally in special logics
and how fully formal proofs of safety properties of programs can be developed semi-automatically.
Note that given the discussion in Subsection 7.2 fully formal proofs (in correct calculi) can be that
can be checked by machines since their correctness only depends on the form of the formulae in
them.
123
8 Welcome and Administrativa
Happy new year! and Welcome Back!
I hope you have recovered over the last 6 weeks (slept a lot)
I hope that those of you who had problems last semester have caught up on the material
(We will need much of it this year)
I hope that you are eager to learn more about Computer Science (I certainly am!)
Your Evaluations
First: thanks for lling out the forms (to all 15/62 of you!)
Evaluations are a good tool for optimizing teaching/learning
Second: I have read all of them, and I will take action on some of them.
Change the instructor next year! (not your call)
nice course. SML rulez! I really learned recursion (thanks)
To improve this course, I would remove its ML part (let me explain,. . . )
He doesnnt care about teaching. He simply comes unprepared to the lectures
(have you ever attended?)
the slides tell simple things in very complicated ways (this is a problem)
The problem is with the workload, it is too much
(I agree, but we want to give you a chance to become Computer Scientists)
More examples should be provided, (will try to this; e.g. worked problems)
8.1 Recap from General CS I
124
Recap from GenCSI: Discrete Math and SML
MathTalk (Rigorous communication about sets, relations,functions)
unary natural numbers. (we have to start with something)
Axiomatic foundation, in particular induction (Peano Axioms)
constructors s, o, dened functions like +
Abstract Data Types (ADT) (generalize natural numbers)
sorts, constructors, (dened) parameters, variables, terms, substitutions
dene parameters by (sets of) recursive equations (rules)
abstract interpretation, termination,
Programming in SML (ADT on real machines)
strong types, recursive functions, higher-order syntax, exceptions, . . .
basic data types/algorithms: numbers, lists, strings,
Recap from GenCSI: Formal Languages and Boolean Algebra
Formal Languages and Codes (models of real programming languages)
string codes, prex codes, uniform length codes
formal language for unary arithmetics (onion architecture)
syntax and semantics (. . . by mapping to something we understand)
Boolean Algebra (special syntax, semantics, . . . )
Boolean functions vs. expressions (syntax vs. semantics again)
Normal forms (Boolean polynomials, clauses, CNF, DNF)
Complexity analysis (what does it cost in the limit?)
Landau Notations (aka. big-O) (function classes)
upper/lower bounds on costs for Boolean functions (all exponential)
Constructing Minimal Polynomials (simpler than general minimal expressions)
Prime implicants, Quine McCluskey (you really liked that. . . )
Propositional Logic and Theorem Proving (A simple Meta-Mathematics)
Models, Calculi (Hilbert,Tableau,Resolution,ND), Soundness, Completeness
125
9 Machine-Oriented Calculi
Now we have studied the Hilbert-style calculus in some detail, let us look at two calculi that work
via a totally dierent principle. Instead of deducing new formulae from axioms (and hypotheses)
and hoping to arrive at the desired theorem, we try to deduce a contradiction from the negation
of the theorem. Indeed, a formula A is valid, i A is unsatisable, so if we derive a contradiction
from A, then we have proven A. The advantage of such test-calculi (also called negative
calculi) is easy to see. Instead of nding a proof that ends in A, we have to nd any of a broad
class of contradictions. This makes the calculi that we will discuss now easier to control and
therefore more suited for mechanization.
9.1 Calculi for Automated Theorem Proving: Analytical Tableaux
9.1.1 Analytical Tableaux
Before we can start, we will need to recap some nomenclature on formulae.
Recap: Atoms and Literals
Denition 329 We call a formula atomic, or an atom, i it does not contain connec-
tives. We call a formula complex, i it is not atomic.
Denition 330 We call a pair A
a labeled formula, if T, F. A labeled atom is

called literal.
Denition 331 Let be a set of formulae, then we use
:= A
[ A .
The idea about literals is that they are atoms (the simplest formulae) that carry around their
intended truth value.
Now we will also review some propositional identities that will be useful later on. Some of
them we have already seen, and some are new. All of them can be proven by simple truth table
arguments.
126
Test Calculi: Tableaux and Model Generation
Idea: instead of showing Th, show Th trouble (use for trouble)
Example 332
Tableau Refutation (Validity) Model generation (Satisability)
[=P Q Q P [=P (Q R) Q
P Q Q P
F
P Q
T
Q P
F
P
T
Q
T
P
F
Q
F
P (Q R) Q
T
P (Q R)
T
Q
T
Q
F
P
T
Q R
T
Q
T
R
T
R
F
No Model Herbrand Model P
T
, Q
F
, R
F
:= P T, Q F, R F
Algorithm: Fully expand all possible tableaux, (no rule can be applied)
Satisable, i there are open branches (correspond to models)
Tableau calculi develop a formula in a tree-shaped arrangement that represents a case analysis on
when a formula can be made true (or false). Therefore the formulae are decorated with exponents
that hold the intended truth value.
On the left we have a refutation tableau that analyzes a negated formula (it is decorated with the
intended truth value F). Both branches contain an elementary contradiction .
On the right we have a model generation tableau, which analyzes a positive formula (it is
decorated with the intended truth value T. This tableau uses the same rules as the refutation
tableau, but makes a case analysis of when this formula can be satised. In this case we have a
closed branch and an open one, which corresponds a model).
Now that we have seen the examples, we can write down the tableau rules formally.
127
Analytical Tableaux (Formal Treatment of T
0
)
formula is analyzed in a tree to determine satisability
branches correspond to valuations (models)
one per connective
A B
T
A
T
B
T
T0
A B
F
A
F
B
F
T0
A
T
A
F
T0
T
A
F
A
T
T0
F
A
,=
T0cut
Use rules exhaustively as long as they contribute new material
Denition 333 Call a tableau saturated, i no rule applies, and a branch closed, i it
ends in , else open. (open branches in saturated tableaux yield models)
Denition 334 (T
0
-Theorem/Derivability) A is a T
0
-theorem (
(0
A), i there
is a closed tableau with A
F
at the root.
w
o
(1
o
) derives A in T
0
(
(0
A), i there is a closed tableau starting with A
F
and
T
.
These inference rules act on tableaux have to be read as follows: if the formulae over the line
appear in a tableau branch, then the branch can be extended by the formulae or branches below
the line. There are two rules for each primary connective, and a branch closing rule that adds the
special symbol (for unsatisability) to a branch.
We use the tableau rules with the convention that they are only applied, if they contribute new
material to the branch. This ensures termination of the tableau procedure for propositional logic
(every rule eliminates one primary connective).
Denition 335 We will call a closed tableau with the signed formula A
at the root a tableau

refutation for /
.
The saturated tableau represents a full case analysis of what is necessary to give A the truth value
; since all branches are closed (contain contradictions) this is impossible.
Denition 336 We will call a tableau refutation for A
F
a tableau proof for A, since it refutes the
possibility of nding a model where A evaluates to F. Thus A must evaluate to T in all models,
which is just our denition of validity.
Thus the tableau procedure can be used as a calculus for propositional logic. In contrast to the
calculus in section ?? it does not prove a theorem A by deriving it from a set of axioms, but
it proves it by refuting its negation. Such calculi are called negative or test calculi. Generally
negative calculi have computational advanages over positive ones, since they have a built-in sense
of direction.
We have rules for all the necessary connectives (we restrict ourselves to and , since the others
can be expressed in terms of these two via the propositional identities above. For instance, we can
write A B as (A B), and A B as A B,. . . .)
We will now look at an example. Following our introduction of propositional logic in in Exam-
ple 308 we look at a formulation of propositional logic with fancy variable names. Note that
love(mary, bill) is just a variable name like P or X, which we have used earlier.
128
A Valid Real-World Example
Example 337 Mary loves Bill and John loves Mary entails John loves Mary
love(mary, bill) love(john, mary) love(john, mary)
F
((love(mary, bill) love(john, mary)) love(john, mary))
F
(love(mary, bill) love(john, mary)) love(john, mary)
T
(love(mary, bill) love(john, mary))
T
F
love(mary, bill) love(john, mary)
T
love(john, mary)
T
love(mary, bill)
T
love(john, mary)
T
love(john, mary)
F
Then use the entailment theorem (Corollary 319)

We have used the entailment theorem here: Instead of showing that A [= B, we have shown that
A B is a theorem. Note that we can also use the tableau calculus to try and show entailment
(and fail). The nice thing is that the failed proof, we can see what went wrong.
A Falsiable Real-World Example
Example 338 Mary loves Bill or John loves Mary does not entail John loves Mary
Try proving the implication (this fails)
F
((love(mary, bill) love(john, mary)) love(john, mary))
F
T
love(john, mary)
T
love(john, mary)
F
T
F
T
love(mary, bill)
T
love(john, mary)
T
Then again the entailment theorem (Corollary 319) yields the assertion. Indeed we can
make J
(love(mary, bill) love(john, mary)) = T but J
(love(john, mary)) = F.
Obviously, the tableau above is saturated, but not closed, so it is not a tableau proof for our initial
entailment conjecture. We have marked the literals on the open branch green, since they allow us
to read of the conditions of the situation, in which the entailment fails to hold. As we intuitively
argued above, this is the situation, where Mary loves Bill. In particular, the open branch gives
us a variable assignment (marked in green) that satises the initial formula. In this case, Mary
loves Bill, which is a situation, where the entailment fails. Practical Enhancements for
TableauxPractical Enhancements for Tableaux
9.1.2 Practical Enhancements for Tableaux
129
Propositional Identities
Denition 339 Let and be new logical constants with J() = T and J() = F
for all assignments .
We have to following identities:
Name for for
Idenpotence = =
Identity = =
Absorption I = =
Commutativity = =
Associativity ( ) = ( ) ( ) = ( )
Distributivity ( ) = = ( ) ( )
Absorption II ( ) = =
De Morgans Laws ( ) = ( ) =
Double negation =
Denitions = = ( ) ( )
We have seen in the examples above that while it is possible to get by with only the connectives
and , it is a bit unnatural and tedious, since we need to eliminate the other connectives rst.
In this section, we will make the calculus less frugal by adding rules for the other connectives,
without losing the advantage of dealing with a small calculus, which is good making statements
about the calculus.
The main idea is to add the new rules as derived rules, i.e. inference rules that only abbreviate
deductions in the original calculus. Generally, adding derived inference rules does not change the
derivability relation of the calculus, and is therefore a safe thing to do. In particular, we will add
the following rules to our tableau system.
We will convince ourselves that the rst rule is a derived rule, and leave the other ones as an
exercise.
Derived Rules of Inference
Denition 340 Let ( be a calculus, a rule of inference
A
1
. . . A
n
C
is called a derived
inference rule in (, i there is a (-proof of A
1
, . . . , A
n
C.
Denition 341 We have th following derived rules of inference
A B
T
A
F
B
T
A B
F
A
T
B
F
A
T
A B
T
B
T
A B
T
A
T
B
T
A B
F
A
F
B
F
A B
T
A
T
B
T
A
F
B
F
A B
F
A
T
B
F
A
F
B
T
A
T
A B
T
A B
T
(A B)
T
A B
F
A
F
A
T
A
F
B
F
B
T
130
With these derived rules, theorem proving becomes quite ecient. With these rules, the tableau
(??) would have the following simpler form:
Tableaux with derived Rules (example)
Example 342
love(mary, bill) love(john, mary) love(john, mary)
F
T
love(john, mary)
F
love(mary, bill)
T
love(john, mary)
T

Another thing that was awkward in (??) was that we used a proof for an implication to prove
logical consequence. Such tests are necessary for instance, if we want to check consistency or
informativity of new sentences
15
. Consider for instance a discourse = D
1
, . . . , D
n
, where n is EdNote:15
large. To test whether a hypothesis 1 is a consequence of ( [= H) we need to show that
C := (D
1
. . .) D
n
H is valid, which is quite tedious, since ( is a rather large formula, e.g.
if is a 300 page novel. Moreover, if we want to test entailment of the form ( [= H) often,
for instance to test the informativity and consistency of every new sentence H, then successive
s will overlap quite signicantly, and we will be doing the same inferences all over again; the
entailment check is not incremental.
Fortunately, it is very simple to get an incremental procedure for entailment checking in the
model-generation-based setting: To test whether [= H, where we have interpreted in a model
generation tableau T , just check whether the tableau closes, if we add H to the open branches.
Indeed, if the tableau closes, then H is unsatisable, so (( H)) is valid
16
, but this is EdNote:16
equivalent to H, which is what we wanted to show.
Example 343 Consider for instance the following entailment in natural langauge.
Mary loves Bill. John loves Mary [= John loves Mary
17
We obtain the tableau EdNote:17
love(mary, bill)
T
love(john, mary)
T
(love(john, mary))
T
love(john, mary)
F
which shows us that the conjectured entailment relation really holds.

9.1.3 Correctness and Termination of Tableaux
As always we need to convince ourselves that the calculus is correct, otherwise, tableau proofs do
not guarantee validity, which we are after. Since we are now in a refutation setting we cannot just
show that the inference rules preserve validity: we care about unsatisability (which is the dual
notion to validity), as we want to show the initial labeled formula to be unsatisable. Before we
can do this, we have to ask ourselves, what it means to be (un)-satisable for a labeled formula
or a tableau.
15
EdNote: add reference to presupposition stu
16
EdNote: Fix precedence of negation
17
EdNote: need to mark up the embedding of NL strings into Math
131
Correctness (Tableau)
Idea: A test calculus is correct, i it preserves satisability and the goal formulae are
unsatisable.
Denition 344 A labeled formula A
is valid under , i J
(A) = .
Denition 345 A tableau T is satisable, i there is a satisable branch T in T , i.e.
if the set of formulae in T is satisable.
Lemma 346 Tableau rules transform satisable tableaux into satisable ones.
Theorem 347 (Correctness) A set of propositional formulae is valid, if there is a
closed tableau T for
F
.
Proof: by contradiction: Suppose is not valid.
P.1 then the initial tableau is satisable (
F
satisable)
P.2 T satisable, by our Lemma.
P.3 there is a satisable branch (by denition)
P.4 but all branches are closed (T closed)
Thus we only have to prove Lemma 1
18
, this is relatively easy to do. For instance for the rst EdNote:18
rule: if we have a tableau that contains A B
T
and is satisable, then it must have a satisable
branch. If A B
T
is not on this branch, the tableau extension will not change satisability, so we
can assue that it is on the satisable branch and thus J
(A B) = T for some variable assignment

. Thus J
(A) = T and J
(B) = T, so after the extension (which adds the formulae A

T
and B
T
to the branch), the branch is still satisable. The cases for the other rules are similar.
The next result is a very important one, it shows that there is a procedure (the tableau procedure)
that will always terminate and answer the question whether a given propositional formula is valid
or not. This is very important, since other logics (like the often-studied rst-order logic) does not
enjoy this property.
18
EdNote: how do we do assertion refs? (mind the type)
132
Termination for Tableaux
Lemma 348 The tableau procedure terminates, i.e. after a nite set of rule applications,
it reaches a tableau, so that applying the tableau rules will only add labeled formulae that
are already present on the branch.
Let us call a labeled formulae A
worked o in a tableau T , if a tableau rule has already

been applied to it.
Proof:
P.1 It is easy to see tahat applying rules to worked o formulae will only add formulae
that are already present in its branch.
P.2 Let (T ) be the number of connectives in a labeled formulae in T that are not
worked o.
P.3 Then each rule application to a labeled formula in T that is not worked o reduces
(T ) by at least one. (inspect the rules)
P.4 at some point the tableau only contains worked o formulae and literals.
P.5 since there are only nitely many literals in T , so we can only apply the tableau cut
rule a nite number of times.
The Tableau calculus basically computes the disjunctive normal form: every branch is a disjunct
that is a conjunct of literals. The method relies on the fact that a DNF is unsatisable, i each
monomial is, i.e. i each branch contains a contradiction in form of a pair of complementary
literals.
9.2 Resolution for Propositional Logic
The next calculus is a test calculus based on the conjunctive normal form. In contrast to the
tableau method, it does not compute the normal form as it goes along, but has a pre-processing
step that does this and a single inference rule that maintains the normal form. The goal of this
calculus is to derive the empty clause (the empty disjunction), which is unsatisable.
Another Test Calculus: Resolution
Denition 349 A clause is a disjunction of literals. We will use for the empty
disjunction (no disjuncts) and call it the empty clause.
Denition 350 (Resolution Calculus) The resolution calculus operates a clause
sets via a single inference rule:
P
T
A P
F
B
A B
This rule allows to add the clause below the line to a clause set which contains the two
clauses above.
Denition 351 (Resolution Refutation) Let S be a clause set, and T: S
1
T a
1 derivation then we call T resolution refutation, i T.
133
A calculus for CNF Transformation
Denition 352 (Transformation into Conjunctive Normal Form) The CNF
transformation calculus (AT consists of the following four inference rules on clause
sets.
C (A B)
T
C A
T
B
T
C (A B)
F
C A
F
; C B
F
C A
T
C A
F
C A
F
C A
T
Denition 353 We write CNF(A) for the set of all clauses derivable from A
F
via the
rules above.
Denition 354 (Resolution Proof ) We call a resolution refutation T: CNF(A)
1
T a resolution sproof for A w
o
(1
o
).
Note: Note that the C-terms in the denition of the resolution calculus are necesary, since we
assumed that the assumptions of the inference rule must match full formulae. The C-terms
are used with the convention that they are optional. So that we can also simplify (A B)
T
to
A
T
B
T
.
The background behind this notation is that A and T A are equivalent for any A. That
allows us to interpret the C-terms in the assumptions as T and thus leave them out.
The resolution calculus as we have formulated it here is quite frugal; we have left out rules for the
connectives , , and , relying on the fact that formulae containing these connectives can be
translated into ones without before CNF transformation. The advantage of having a calculus with
few inference rules is that we can prove meta-properties like soundness and completeness with
less eort (these proofs usually require one case per inference rule). On the other hand, adding
specialized inference rules makes proofs shorter and more readable.
Fortunately, there is a way to have your cake and eat it. Derived inference rules have the property
that they are formally redundant, since they do not change the expressive power of the calculus.
Therefore we can leave them out when proving meta-properties, but include them when actually
using the calculus.
134
Derived Rules of Inference
Denition 355 Let ( be a calculus, a rule of inference
A
1
. . . A
n
C
is called a derived
inference rule in (, i there is a (-proof of A
1
, . . . , A
n
C.
Example 356
C (A B)
T
C (A B)
T
C A
T
B
T
C A
F
B
T
C (A B)
T
C A
F
B
T
Others:
C (A B)
T
C A
F
B
T
C (A B)
F
C A
T
; C B
F
C A B
T
C A
T
; C B
T
C A B
F
C A
F
B
F
With these derived rules, theorem proving becomes quite ecient. To get a better understanding
of the calculus, we look at an example: we prove an axiom of the Hilbert Calculus we have studied
above.
Example: Proving Axiom S
Example 357 Clause Normal Form transformation
(P Q R) (P Q) P R
F
P Q R
T
; (P Q) P R
F
P
F
(Q R)
T
; P Q
T
; P R
F
P
F
Q
F
R
T
; P
F
Q
T
; P
T
; R
F
CNF = P
F
Q
F
R
T
, P
F
Q
T
, P
T
, R
F
Example 358 Resolution Proof 1 P

F
Q
F
R
T
initial
2 P
F
Q
T
initial
3 P
T
initial
4 R
F
initial
5 P
F
Q
F
resolve 1.3 with 4.1
6 Q
F
7 P
F
8 resolve 7.1 with 3.1
135
10 Welcome and Administrativa
Happy new year! and Welcome Back!
I hope you have recovered over the last 6 weeks (slept a lot)
I hope that those of you who had problems last semester have caught up on the material
(We will need much of it this year)
I hope that you are eager to learn more about Computer Science (I certainly am!)
Your Evaluations
First: thanks for lling out the forms (to all 15/62 of you!)
Evaluations are a good tool for optimizing teaching/learning
Second: I have read all of them, and I will take action on some of them.
Change the instructor next year! (not your call)
nice course. SML rulez! I really learned recursion (thanks)
To improve this course, I would remove its ML part (let me explain,. . . )
He doesnnt care about teaching. He simply comes unprepared to the lectures
(have you ever attended?)
the slides tell simple things in very complicated ways (this is a problem)
The problem is with the workload, it is too much
(I agree, but we want to give you a chance to become Computer Scientists)
More examples should be provided, (will try to this; e.g. worked problems)
10.1 Recap from General CS I
136
Recap from GenCSI: Discrete Math and SML
MathTalk (Rigorous communication about sets, relations,functions)
unary natural numbers. (we have to start with something)
Axiomatic foundation, in particular induction (Peano Axioms)
constructors s, o, dened functions like +
Abstract Data Types (ADT) (generalize natural numbers)
sorts, constructors, (dened) parameters, variables, terms, substitutions
dene parameters by (sets of) recursive equations (rules)
abstract interpretation, termination,
Programming in SML (ADT on real machines)
strong types, recursive functions, higher-order syntax, exceptions, . . .
basic data types/algorithms: numbers, lists, strings,
Recap from GenCSI: Formal Languages and Boolean Algebra
Formal Languages and Codes (models of real programming languages)
string codes, prex codes, uniform length codes
formal language for unary arithmetics (onion architecture)
syntax and semantics (. . . by mapping to something we understand)
Boolean Algebra (special syntax, semantics, . . . )
Boolean functions vs. expressions (syntax vs. semantics again)
Normal forms (Boolean polynomials, clauses, CNF, DNF)
Complexity analysis (what does it cost in the limit?)
Landau Notations (aka. big-O) (function classes)
upper/lower bounds on costs for Boolean functions (all exponential)
Constructing Minimal Polynomials (simpler than general minimal expressions)
Prime implicants, Quine McCluskey (you really liked that. . . )
Propositional Logic and Theorem Proving (A simple Meta-Mathematics)
Models, Calculi (Hilbert,Tableau,Resolution,ND), Soundness, Completeness
137
11 Circuits
We will now study a new model of computation that comes quite close to the circuits that ex-
ecute computation on todays computers. Since the course studies computation in the context
of computer science, we will abstract away from all physical issues of circuits, in particular the
construction of gats and timing issues. This allows to us to present a very mathematical view
of circuits at the level of annotated graphs and concentrate on qualitative complexity of circuits.
Some of the material in this section is inspired by [KP95].
We start out our foray into circuits by laying the mathematical foundations of graphs and trees in
Subsection 11.1, and then build a simple theory of combinational circuits in Subsection 11.2 and
study their time and space complexity in Subsection 11.3. We introduce combinational circuits for
computing with numbers, by introducing positional number systems and addition in Subsection
11.4 and covering 2s-complement numbers and subtraction in Subsection 11.5. A basic introduction
to sequential logic circuits and memory elements in Section 12 concludes our study of circuits.
Graphs and Trees
11.1 Graphs and Trees
Some more Discrete Math: Graphs and Trees
Remember our Maze Example from the Intro? (long time ago)
_
_
_
a, e, e, i, i, j,
f, j, f, g, g, h,
d, h, g, k, a, b
m, n, n, o, b, c
k, o, o, p, l, p
_
_
, a, p
_
We represented the maze as a graph for clarity.
Now, we are interested in circuits, which we will also represent as graphs.
Let us look at the theory of graphs rst (so we know what we are doing)
Graphs and trees are fundamental data structures for computer science, they will pop up in many
disguises in almost all areas of CS. We have already seen various forms of trees: formula trees,
tableaux, . . . . We will now look at their mathematical treatment, so that we are equipped to talk
and think about combinatory circuits.
We will rst introduce the formal denitions of graphs (trees will turn out to be special graphs),
and then fortify our intuition using some examples.
138
Basic Denitions: Graphs

Denition 359 An undirected graph is a pair V, E such that
V is a set of vertices (or nodes) (draw as circles)
E v, v
t
[ v, v
t
V (v ,= v
t
) is the set of its undirected edges(draw as lines)
Denition 360 A directed graph (also called digraph) is a pair V, E such that
V is a set of vertexes
E V V is the set of its directed edges
Denition 361 Given a graph G = V, E. The in-degree indeg(v) and the out-degree
outdeg(v) of a vertex v V are dened as
indeg(v) = #(w [ w, v E)
outdeg(v) = #(w [ v, w E)
Note: For an undirected graph, indeg(v) = outdeg(v) for all nodes v.
We will mostly concentrate on directed graphs in the following, since they are most important for
the applications we have in mind. Many of the notions can be dened for undirected graphs with
a little imagination. For instance the denitions for indeg and outdeg are the obvious variants:
indeg(v) = #(w [ w, v E) and outdeg(v) = #(w [ v, w E)
In the following if we do not specify that a graph is undirected, it will be assumed to be
directed.
This is a very abstract yet elementary denition. We only need very basic concepts like sets and
ordered pairs to understand them. The main dierence between directed and undirected graphs
can be visualized in the graphic representations below:
Examples
Example 362 An undirected graph G
1
= V
1
, E
1
, where V
1
= A, B, C, D, E and
E
1
= A, B, A, C, A, D, B, D, B, E
C D
A B E
Example 363 A directed graph G
2
= V
2
, E
2
, where V
2
= 1, 2, 3, 4, 5 and E
2
=
1, 1, 1, 2, 2, 3, 3, 2, 2, 4, 5, 4
1 2
3
4 5
139
In a directed graph, the edges (shown as the connections between the circular nodes) have a
direction (mathematically they are ordered pairs), whereas the edges in an undirected graph do
not (mathematically, they are represented as a set of two elements, in which there is no natural
order).
Note furthermore that the two diagrams are not graphs in the strict sense: they are only pictures
of graphs. This is similar to the famous painting by Rene Magritte that you have surely seen
before.
The Graph Diagrams are not Graphs
They are pictures of graphs (of course!)
If we think about it for a while, we see that directed graphs are nothing new to us. We have
dened a directed graph to be a set of pairs over a base set (of nodes). These objects we have seen
in the beginning of this course and called them relations. So directed graphs are special relations.
We will now introduce some nomenclature based on this intuition.
140
Directed Graphs
Idea: Directed Graphs are nothing else than relations
Denition 364 Let G = V, E be a directed graph, then we call a node v V
initial, i there is no w V such that w, v E. (no predecessor)
terminal, i there is no w V such that v, w E. (no successor)
In a graph G, node v is also called a source (sink) of G, i it is initial (terminal) in G.
Example 365 The node 2 is initial, and the nodes 1 and 6 are terminal in
1
2
3
4
5
6
For mathematically dened objects it is always very important to know when two representations
are equal. We have already seen this for sets, where a, b and b, a, b represent the same set:
the set with the elements a and b. In the case of graphs, the condition is a little more involved:
we have to nd a bijection of nodes that respects the edges.
Graph Isomorphisms
Denition 366 A graph isomorphism between two graphs G = V, E and G
t
=
V
t
, E
t
is a bijective function : V V
t
with
directed graphs undirected graphs
a, b E (a), (b) E
t
a, b E (a), (b) E
t
Denition 367 Two graphs G and G
t
are equivalent i there is a graph-isomorphism
between G and G
t
.
Example 368 G
1
and G
2
are equivalent as there exists a graph isomorphism :=
a 5, b 6, c 2, d 4, e 1, f 3 between them.
1
2
3
4
5
6
e c
f d
a
b
Note that we have only marked the circular nodes in the diagrams with the names of the elements
that represent the nodes for convenience, the only thing that matters for graphs is which nodes
are connected to which. Indeed that is just what the denition of graph equivalence via the
141
existence of an isomorphism says: two graphs are equivalent, i they have the same number of
nodes and the same edge connection pattern. The objects that are used to represent them are
purely coincidental, they can be changed by an isomorphism at will. Furthermore, as we have
seen in the example, the shape of the diagram is purely an artifact of the presentation; It does not
matter at all.
So the following two diagrams stand for the same graph, (it is just much more dicult to state
the graph isomorphism)
Note that directed and undirected graphs are totally dierent mathematical objects. It is easy
to think that an undirected edge a, b is the same as a pair a, b, b, a of directed edges in
both directions, but a priory these two have nothing to do with each other. They are certainly
not equivalent via the graph equivalent dened above; we only have graph equivalence between
directed graphs and also between undirected graphs, but not between graphs of diering classes.
Now that we understand graphs, we can add more structure. We do this by dening a labeling
function from nodes and edges.
Labeled Graphs
Denition 369 A labeled graph G is a triple V, E, f where V, E is a graph and
f : V E R is a partial function into a set R of labels.
Notation 370 write labels next to their vertex or edge. If the actual name of a vertex
does not matter, its label can be written into it.
Example 371 G = V, E, f with V = A, B, C, D, E, where
E = A, A, A, B, B, C, C, B, B, D, E, D
f : V E +, , 1, . . . , 9 with
f(A) = 5, f(B) = 3, f(C) = 7, f(D) = 4, f(E) = 8,
f(A, A) = 0, f(A, B) = 2, f(B, C) = +4,
f(C, B) = 4, f(B, D) = +1, f(E, D) = 4
5 3
7
4 8
-2 +1 -4
+4 -4
-0
Note that in this diagram, the markings in the nodes do denote something: this time the labels
given by the labeling function f, not the objects used to construct the graph. This is somewhat
confusing, but traditional.
Now we come to a very important concept for graphs. A path is intuitively a sequence of nodes
that can be traversed by following directed edges in the right direction or undirected edges.
142
Paths in Graphs
Denition 372 Given a directed graph G = V, E, then we call a vector
p = v
0
, . . . , v
n
V
n+1
a path in G i v
i1
, v
i
E for all (1 i n), n > 0.
v
0
is called the start of p (write start(p))
v
n
is called the end of p (write end(p))
n is called the length of p (write len(p))
Note: Not all v
i
-s in a path are necessarily dierent.
Notation 373 For a graph G = V, E and a path p = v
0
, . . . , v
n
V
n+1
, write
v p, i v V is a vertex on the path (i.v
i
= v)
e p, i e = v, v
t
E is an edge on the path (i.v
i
= v v
i+1
= v
t
)
Notation 374 We write (G) for the set of all paths in a graph G.
An important special case of a path is one that starts and ends in the same node. We call it a
cycle. The problem with cyclic graphs is that they contain paths of innite length, even if they
have only a nite number of nodes.
Cycles in Graphs
Denition 375 Given a graph G = V, E, then
a path p is called cyclic (or a cycle) i start(p) = end(p).
a cycle v
0
, . . . , v
n
is called simple, i v
i
,= v
j
for 1 i, j n with i ,= j.
graph G is called acyclic i there is no cyclic path in G.
Example 376 2, 4, 3 and 2, 5, 6, 5, 6, 5 are paths in
1
2
3
4
5
6
2, 4, 3, 1, 2 is not a path (no edge from vertex 1 to vertex 2)
The graph is not acyclic (5, 6, 5 is a cycle)
Of course, speaking about cycles is only meaningful in directed graphs, since undirected graphs
can only be acyclic, i they do not have edges at all. We will sometimes use the abbreviation
DAG for directed acyclic graph.
143
Graph Depth
Denition 377 Let G := V, E be a digraph, then the depth dp(v) of a vertex v V is
dened to be 0, if v is a source of G and suplen(p) [ indeg(start(p)) = 0 end(p) = v
otherwise, i.e. the length of the longest path from a source of G to v.(
*
can be innite)
Denition 378 Given a digraph G = V, E. The depth (dp(G)) of G is dened as
suplen(p) [ p (G), i.e. the maximal path length in G.
Example 379 The vertex 6 has depth two in the left graph and inne depth in the
right one.
1
2
3
4
5
6 1
2
3
4
5
6
The left graph has depth three (cf. node 1), the right one has innite depth (cf. nodes
5 and 6)
We now come to a very important special class of graphs, called trees.
Trees
Denition 380 A tree is a directed acyclic graph G = V, E such that
There is exactly one initial node v
r
V (called the root)
All nodes but the root have in-degree 1.
We call v the parent of w, i v, w E (w is a child of v). We call a node v a leaf of
G, i it is terminal, i.e. if it does not have children.
Example 381 A tree with root A and leaves D, E, F, H, and J.
A
B
D E F
C
G
H I
J
F is a child of B and G is the parent of H and I.
Lemma 382 For any node v V except the root v
r
, there is exactly one path p (G)
with start(p) = v
r
and end(p) = v. (proof by induction on the number of nodes)
In Computer Science trees are traditionally drawn upside-down with their root at the top, and
the leaves at the bottom. The only reason for this is that (like in nature) trees grow from the root
144
upwards and if we draw a tree it is convenient to start at the top of the page downwards, since we
do not have to know the height of the picture in advance.
Let us now look at a prominent example of a tree: the parse tree of a Boolean expression. In-
tuitively, this is the tree given by the brackets in a Boolean expression. Whenever we have an
expression of the form A B, then we make a tree with root and two subtrees, which are
constructed from A and B in the same manner.
This allows us to view Boolean expressions as trees and apply all the mathematics (nomencla-
ture and results) we will develop for them.
The Parse-Tree of a Boolean Expression
Denition 383 The parse-tree P
e
of a Boolean expression e is a labeled tree P
e
=
V
e
, E
e
, f
e
, which is recursively dened as
if e = e
then Ve := V
e
|v, Ee := E
e
|v, v
r), and fe := f
e
|v , where
P
e
= V
e
, E
e
) is the parse-tree of e
, v
r is the root of P
e
, and v is an object not in V
e
.
if e = e1 e2 with |, + then Ve := Ve
1
Ve
2
|v, Ee :=
Ee
1
Ee
2
|v, v
r
1
), v, v
r
2
), and fe := fe
1
fe
2
|v , where the Pe
i
= Ve
i
, Ee
i
)
are the parse-trees of ei and v
r
i
is the root of Pe
i
and v is an object not in Ve
1
Ve
2
.
if e (V C) then, Ve = |e and Ee = .
Example 384 the parse tree of (x
1
x
2
+x
3
) x
1
+x
4
is
*
+
*
x
1
x
2
x
3
+
x
1
x
4
Introduction to Combinatorial Circuits
11.2 Introduction to Combinatorial Circuits
We will now come to another model of computation: combinatorial circuits (also called combina-
tional circuits). These are models of logic circuits (physical objects made of transistors (or cathode
tubes) and wires, parts of integrated circuits, etc), which abstract from the inner structure for the
switching elements (called gates) and the geometric conguration of the connections. Thus, com-
binatorial circuits allow us to concentrate on the functional properties of these circuits, without
getting bogged down with e.g. conguration- or geometric considerations. These can be added to
the models, but are not part of the discussion of this course.
145
Combinatorial Circuits as Graphs
Denition 385 A combinatorial circuit is a labeled acyclic graph G = V, E, f
g
with
label set OR, AND, NOT, such that
indeg(v) = 2 and outdeg(v) = 1 for all nodes v (f
g
)
1
(AND, OR)
indeg(v) = outdeg(v) = 1 for all nodes v (f
g
)
1
(NOT)
We call the set I(G) (O(G)) of initial (terminal) nodes in G the input (output) vertexes,
and the set F(G) := V ((I(G) O(G))) the set of gates.
Example 386 The following graph G
cir1
= V, E is a combinatorial circuit
i1
g1
AND
g2
OR
i2 i3
g3
OR
g4
NOT
o1 o2
Denition 387 Add two special input nodes 0, 1 to a combinatorial circuit G to form
a combinatorial circuit with constants. (will use this from now on)
So combinatorial circuits are simply a class of specialized labeled directed graphs. As such, they
inherit the nomenclature and equality conditions we introduced for graphs. The motivation for
the restrictions is simple, we want to model computing devices based on gates, i.e. simple compu-
tational devices that behave like logical connectives: the AND gate has two input edges and one
output edge; the the output edge has value 1, i the two input edges do too.
Since combinatorial circuits are a primary tool for understanding logic circuits, they have their
own traditional visual display format. Gates are drawn with special node shapes and edges are
traditionally drawn on a rectangular grid, using bifurcating edges instead of multiple lines with
blobs distinguishing bifurcations from edge crossings. This graph design is motivated by readability
considerations (combinatorial circuits can become rather large in practice) and the layout of early
printed circuits.
146
Using Special Symbols to Draw Combinatorial Circuits
The symbols for the logic gates AND, OR, and NOT.
AND
OR
NOT
o1
o2
i1
i2
i3
Junction Symbols as shorthands for several edges
a
c
b
a
c
b
=
o1
o2
i1
i2
i3
In particular, the diagram on the lower right is a visualization for the combinatory circuit G
circ1
from the last slide.
To view combinatorial circuits as models of computation, we will have to make a connection
between the gate structure and their input-output behavior more explicit. We will use a tool for
this we have studied in detail before: Boolean expressions. The rst thing we will do is to annotate
all the edges in a combinatorial circuit with Boolean expressions that correspond to the values on
the edges (as a function of the input values of the circuit).
Computing with Combinatorial Circuits
Combinatorial Circuits and parse trees for Boolean expressions look similar
Idea: Lets annotate edges in combinatorial circuit with Boolean Expressions!
Denition 388 Given a combinatorial circuit G = V, E, f
g
and an edge e = v, w
E, the expression label f
L
(e) is dened as
f
L
(v, w) if
v v I(G)
f
L
(u, v) fg(v) = NOT
f
L
(u, v) f
L
(u
, v) fg(v) = AND
f
L
(u, v) + f
L
(u
, v) fg(v) = OR
o1
o2
i1
i2
i3
i1
i2
i3
( i1 * i2 )
( i2 + i3 )
(( i1 * i2 )+ i3 )
( i2 + i3 )
Armed with the expression label of edges we can now make the computational behavior of combi-
natory circuits explicit. The intuition is that a combinatorial circuit computes a certain Boolean
function, if we interpret the input vertices as obtaining as values the corresponding arguments
147
and passing them on to gates via the edges in the circuit. The gates then compute the result from
their input edges and pass the result on to the next gate or an output vertex via their output
edge.
Computing with Combinatorial Circuits
Denition 389 A combinatorial circuit G = V, E, f
g
with input vertices i
1
, . . . , i
n
and output vertices o
1
, . . . , o
m
computes an n-ary Boolean function
f : 0, 1
n
0, 1
m
; i
1
, . . . , i
n
f
e1
(i
1
, . . . , i
n
), . . . , f
em
(i
1
, . . . , i
n
)
where e
i
= f
L
(v, o
i
).
Example 390 The circuit example on the last slide denes the Boolean function
f : 0, 1
3
0, 1
2
; i
1
, i
2
, i
3
f
i1i2+i3
, f
i2i3
Denition 391 The cost C(G) of a circuit G is the number of gates in G.

Problem: For a given boolean function f, nd combinational circuits of minimal cost
and depth that compute f.
Note: The opposite problem, i.e., the conversion of a Boolean function into a combinatorial circuit,
can be solved by determining the related expressions and their parse-trees. Note that there is a
canonical graph-isomorphism between the parse-tree of an expression e and a combinatorial circuit
that has an output that computes f
e
.
Realizing Complex Gates Eciently
11.3 Realizing Complex Gates Eciently
The main properties of combinatory circuits we are interested in studying will be the the number
of gates and the depth of a circuit. The number of gates is of practical importance, since it is
a measure of the cost that is needed for producing the circuit in the physical world. The depth
is interesting, since it is an approximation for the speed with which a combinatory circuit can
compute: while in most physical realizations, signals can travel through wires at at (almost) the
speed of light, gates have nite computation times.
Therefore we look at special congurations for combinatory circuits that have good depth and cost.
These will become important, when we build actual combinatorial circuits with given input/output
behavior.
11.3.1 Balanced Binary Trees
148
Balanced Binary Trees
Denition 392 (Binary Tree) A binary tree is a tree where all nodes have out-
degree 2 or 0.
Denition 393 A binary tree G is called balanced i the depth of all leaves diers
by at most by 1, and fully balanced, i the depth dierence is 0.
Constructing a binary tree G
bbt
= V, E with n leaves
step 1: select some u V as root, (V
1
:= u, E
1
:= )
step 2: select v, w V not yet in G
bbt
and add them, (V
i
= V
i1
v, w)
step 3: add two edges u, v and u, w where u is the leftmost of the shallowest
nodes with outdeg(u) = 0, (E
i
:= E
i1
u, v, u, w)
repeat steps 2 and 3 until i = n (V = V
n
, E = E
n
)
Example 394 7 leaves
We will now establish a few properties of these balanced binary trees that show that they are good
building blocks for combinatory circuits.
Size Lemma for Balanced Trees
Lemma 395 Let G = V, E be a balanced binary tree of depthn > i, then the set
V
i
:= v V [ dp(v) = i of nodes at depth i has cardinality 2
i
.
Proof: via induction over the depth i.
P.1.1 i = 0: then V
i
= v
r
, where v
r
is the root, so #(V
0
) = #(v
r
) = 1 = 2
0
.
P.1.2 i > 0: then V
i1
contains 2
i1
vertexes (IH)
P.1.2.2 By the denition of a binary tree, each v V
i1
is a leaf or has two children
that are at depth i.
P.1.2.3 As G is balanced and dp(G) = n > i, V
i1
cannot contain leaves.
P.1.2.4 Thus #(V
i
) = 2 #(V
i1
) = 2 (2
i1
) = 2
i
.
Corollary 396 A fully balanced tree of depth d has 2
d+1
1 nodes.
Proof:
P.1 Let G := V, E be a fully balanced tree
P.2 Then #(V ) =
d
i=1
2
i
= 2
d+1
1.
149
This shows that balanced binary trees grow in breadth very quickly, a consequence of this is that
they are very shallow (and this compute very fast), which is the essence of the next result.
Depth Lemma for Balanced Trees
Lemma 397 Let G = V, E be a balanced binary tree, then dp(G) = log
2
(#(V ))|.
Proof: by calculation
P.1 Let V
t
:= V W, where W is the set of nodes at level d = dp(G)
P.2 By the size lemma, #(V
t
) = 2
d1+1
1 = 2
d
1
P.3 then #(V ) = 2
d
1 +k, where k = #(W) and (1 k 2
d
)
P.4 so #(V ) = c (2
d
) where c R and 1c<2, or 0log
2
(c)<1
P.5 thus log
2
(#(V )) = log
2
(c (2
d
)) = log
2
(c) +d and
P.6 hence d = log
2
(#(V )) log
2
(c) = log
2
(#(V ))|.
Leaves of Binary Trees
Lemma 398 Any binary tree with m leaves has 2m1 vertexes.
Proof: by induction on m.
P.1 We have two cases m = 1: then V = v
r
and #(V ) = 1 = 2 1 1.
P.1.2 m > 1:
P.1.2.1 then any binary tree G with m1 leaves has 2m3 vertexes (IH)
P.1.2.2 To get m leaves, add 2 children to some leaf of G. (add two to get one more)
P.1.2.3 Thus #(V ) = 2 m3 + 2 = 2 m1.
In particular, the size of a binary tree is independent of the its form if we x the number of leaves.
So we can optimimze the depth of a binary tree by taking a balanced one without a size penalty.
This will become important for building fast combinatory circuits.
11.3.2 Realizing n-ary Gates
We now use the results on balanced binary trees to build generalized gates as building blocks for
combinational circuits.
150
n-ary Gates as Subgraphs
Idea: Identify (and abbreviate) frequently occurring subgraphs
Denition 399 AND(x
1
, . . . , x
n
) := 1
n
i=1
x
i
and OR(x
1
, . . . , x
n
) := 1
n
i=1
x
i
Note: These can be realized as balanced binary trees G
n
Corollary 400 C(G
n
) = n 1 and dp(G
n
) = log
2
(n)|.
Notation 401
AND OR
Using these building blocks, we can establish a worst-case result for the depth of a combinatory
circuit computing a given Boolean function.
Worst Case Depth Theorem for Combinatorial Circuits
Theorem 402 The worst case depth dp(G) of a combinatorial circuit G which realizes
an k n-dimensional boolean function is bounded by dp(G) n +,log
2
(n)| + 1.
Proof: The main trick behind this bound is that AND and OR are associative and that
the according gates can be arranged in a balanced binary tree.
P.1 Function f corresponding to the output o
j
of the circuit G can be transformed in
DNF
P.2 each monomial consists of at most n literals
P.3 the possible negation of inputs for some literals can be done in depth 1
P.4 for each monomial the ANDs in the related circuit can be arranged in a balanced
binary tree of depth ,log
2
(n)|
P.5 there are at most 2
n
monomials which can be ORed together in a balanced binary
tree of depth ,log
2
(2
n
)| = n.
Of course, the depth result is related to the rst worst-case complexity result for Boolean expres-
sions (Theorem 272); it uses the same idea: to use the disjunctive normal form of the Boolean
function. However, instead of using a Boolean expression, we become more concrete here and use
a combinatorial circuit.
151
An example of a DNF circuit
=
if L
i
=X
i
if L
i
=X
i
X
1
X
2
X
3
X
n
O
j
M
1 M
2
M
3
M
k
In the circuit diagram above, we have of course drawn a very particular case (as an example
for possible others.) One thing that might be confusing is that it looks as if the lower n-ary
conjunction operators look as if they have edges to all the input variables, which a DNF does not
have in general.
Of course, by now, we know how to do better in practice. Instead of the DNF, we can always com-
pute the minimal polynomial for a given Boolean function using the Quine-McCluskey algorithm
and derive a combinatorial circuit from this. While this does not give us any theoretical mileage
(there are Boolean functions where the DNF is already the minimal polynomial), but will greatly
improve the cost in practice.
Until now, we have somewhat arbitrarily concentrated on combinational circuits with AND, OR,
and NOT gates. The reason for this was that we had already developed a theory of Boolean
expressions with the connectives , , and that we can use. In practical circuits often other
gates are used, since they are simpler to manufacture and more uniform. In particular, it is
sucient to use only one type of gate as we will see now.
152
Other Logical Connectives and Gates
Are the gates AND, OR, and NOT ideal?
Idea: Combine NOT with the binary ones to NAND, NOR (enough?)
NAND
NOR
NAND 1 0
1 0 1
0 1 1
and
NOR 1 0
1 0 0
0 0 1
Corresponding logical conectives are written as (NAND) and (NOR).
We will also need the exclusive or (XOR) connective that returns 1 i either of its
operands is 1.
XOR 1 0
1 1 0
0 0 1
The gate is written as , the logical connective as .
The Universality of NAND and NOR
Theorem 403 NAND and NOR are universal; i.e. any Boolean function can be ex-
pressed in terms of them.
Proof: express AND, OR, and NOT via NAND and NOR respectively
NOT(a) NAND(a, a) NOR(a, a)
AND(a, b) NAND(NAND(a, b), NAND(a, b)) NOR(NOR(a, a), NOR(b, b))
OR(a, b) NAND(NAND(a, a), NAND(b, b)) NOR(NOR(a, b), NOR(a, b))
here are the corresponding diagrams for the combinational circuits.
a
a
b
a
b
NOT(a)
(a OR b)
(a AND b)
a
a
b
a
b
NOT(a)
(a AND b)
(a OR b)
Of course, a simple substitution along these lines will blow up the cost of the circuits by a factor of
up to three and double the depth, which would be prohibitive. To get around this, we would have
to develop a theory of Boolean expressions and complexity using the NAND and NOR connectives,
along with suitable replacements for the Quine-McCluskey algorithm. This would give cost and
depth results comparable to the ones developed here. This is beyond the scope of this course.
Basic Arithmetics with Combinational Circuits
153
11.4 Basic Arithmetics with Combinational Circuits
We have seen that combinational circuits are good models for implementing Boolean functions:
they allow us to make predictions about properties like costs and depths (computation speed),
while abstracting from other properties like geometrical realization, etc.
We will now extend the analysis to circuits that can compute with numbers, i.e. that implement
the basic arithmetical operations (addition, multiplication, subtraction, and division on integers).
To be able to do this, we need to interpret sequences of bits as integers. So before we jump into
arithmetical circuits, we will have a look at number representations.
11.4.1 Positional Number Systems
Positional Number Systems
Problem: For realistic arithmetics we need better number representations than the unary
natural numbers ([
n
(unary)[ (n) [number of /])
Recap: the unary number system
build up numbers from /es (start with and add /)
addition as concatenation (, , exp, . . . dened from that)
Idea: build a clever code on the unary numbers
interpret sequences of /es as strings: stands for the number 0
Denition 404 A positional number system A is a triple A = D
b
,
b
,
b
with
D
b
is a nite alphabet of b digits. (b := #(D
b
) base or radix of A)

b
: D
b
, /, . . . , /
[b1]
is bijective (rst b unary numbers)

b
: D
b
+
/
; n
k
, . . . , n
1

k
i=1
b
(n
i
) exp(/
[b]
, /
[i1]
)
(extends
b
to string code)
In the unary number system, it was rather simple to do arithmetics, the most important oper-
ation (addition) was very simple, it was just concatenation. From this we can implement the
other operations by simple recursive procedures, e.g. in SML or as abstract procedures in abstract
data types. To make the arguments more transparent, we will use special symbols for the arith-
metic operations on unary natural numbers: (addition), (multiplication),
n
i=1
(sum over n
numbers), and
n
i=1
(product over n numbers).
The problem with the unary number system is that it uses enormous amounts of space, when
writing down large numbers. Using the Landau notation we introduced earlier, we see that for
writing down a number n in unary representation we need n slashes. So if [
n
(unary)[ is the cost
of representing n in unary representation, we get [
n
(unary)[ (n). Of course that will never
do for practical chips. We obviously need a better encoding.
If we look at the unary number system from a greater distance (now that we know more CS, we can
interpret the representations as strings), we see that we are not using a very important feature of
strings here: position. As we only have one letter in our alphabet (/), we cannot, so we should use
a larger alphabet. The main idea behind a positional number system A = D
b
,
b
,
b
is that we
encode numbers as strings of digits (characters in the alphabet D
b
), such that the position matters,
and to give these encoding a meaning by mapping them into the unary natural numbers via a
mapping
b
. This is the the same process we did for the logics; we are now doing it for number
154
systems. However, here, we also want to ensure that the meaning mapping
b
is a bijection, since
we want to dene the arithmetics on the encodings by reference to The arithmetical operators on
the unary natural numbers.
We can look at this as a bootstrapping process, where the unary natural numbers constitute
the seed system we build up everything from.
Just like we did for string codes earlier, we build up the meaning mapping
b
on characters from
D
b
rst. To have a chance to make bijective, we insist that the character code
b
is is a
bijection from D
b
and the rst b unary natural numbers. Now we extend
b
from a character code
to a string code, however unlike earlier, we do not use simple concatenation to induce the string
code, but a much more complicated function based on the arithmetic operations on unary natural
numbers. We will see later
19
that this give us a bijection between D
b
+
and the unary natural EdNote:19
numbers.
Commonly Used Positional Number Systems
Example 405 The following positional number systems are in common use.
name set base digits example
unary N
1
1 / /////
1
binary N
2
2 0,1 0101000111
2
octal N
8
8 0,1,. . . ,7 63027
8
decimal N
10
10 0,1,. . . ,9 162098
10
or 162098
hexadecimal N
16
16 0,1,. . . ,9,A,. . . ,F FF3A12
16
Notation 406 attach the base of A to every number from A. (default: decimal)
Trick: Group triples or quadruples of binary digits into recognizable chunks
(add leading zeros as needed)
110001101011100
2
= 0110
2

6
16
0011
2

3
16
0101
2

5
16
1100
2

C
16
= 635C
16
110001101011100
2
= 110
2

6
8
001
2

1
8
101
2

5
8
011
2

3
8
100
2

4
8
= 61534
8
F3A16 = F16
1111
2
316
0011
2
A16
1010
2
= 1111001110102, 47218 = 48
100
2
78
111
2
28
010
2
18
001
2
= 1001110100012
We have all seen positional number systems: our decimal system is one (for the base 10). Other
systems that important for us are the binary system (it is the smallest non-degenerate one) and
the octal- (base 8) and hexadecimal- (base 16) systems. These come from the fact that binary
numbers are very hard for humans to scan. Therefore it became customary to group three or four
digits together and introduce we (compound) digits for them. The octal system is mostly relevant
for historic reasons, the hexadecimal system is in widespread use as syntactic sugar for binary
numbers, which form the basis for circuits, since binary digits can be represented physically by
current/no current.
Now that we have dened positional number systems, we want to dene the arithmetic operations
on the these number representations. We do this by using an old trick in math. If we have
an operation f
T
: T T on a set T and a well-behaved mapping from a set S into T, then
we can pull-back the operation on f
T
to S by dening the operation f
S
: S S by f
S
(s) :=
()
1
(f
T
((s))) according to the following diagram.
19
EdNote: reference
155
S
S
T
T
()
1
fS = ()
1
fT fT
Obviously, this construction can be done in any case, where is bijective (and thus has an inverse
function). For dening the arithmetic operations on the positional number representations, we
do the same construction, but for binary functions (after we have established that is indeed a
bijection).
The fact that
b
is a bijection a posteriori justies our notation, where we have only indicated the
base of the positional number system. Indeed any two positional number systems are isomorphic:
they have bijections
b
into the unary natural numbers, and therefore there is a bijection between
them.
Arithmetics for PNS
Lemma 407 Let A := D
b
,
b
,
b
be a PNS, then
b
is bijective.
Proof: construct (
b
)
1
by successive division modulo the base of A.
Idea: use this to dene arithmetics on A.
Denition 408 Let A := D
b
,
b
,
b
be a PNS of base b, then we dene a binary
function +
b
: N
b
N
b
N
b
by x+
b
y := (
b
)
1
(
b
(x)
b
(y)).
Note: The addition rules (carry chain addition) generalize from the decimal system to
general PNS
Idea: Do the same for other arithmetic operations. (works like a charm)
Future: Concentrate on binary arithmetics. (implement into circuits)
11.4.2 Adders
The next step is now to implement the induced arithmetical operations into combinational circuits,
starting with addition. Before we can do this, we have to specify which (Boolean) function we
really want to implement. For convenience, we will use the usual decimal (base 10) representations
of numbers and their operations to argue about these circuits. So we need conversion functions
from decimal numbers to binary numbers to get back and forth. Fortunately, these are easy to
come by, since we use the bijections from both systems into the unary natural numbers, which
we can compose to get the transformations.
156
Arithmetic Circuits for Binary Numbers
Idea: Use combinational circuits to do basic arithmetics.
Denition 409 Given the (abstract) number a N, B(a) denotes from now on the
binary representation of a.
For the opposite case, i.e., the natural number represented by a binary string
a = a
n1
, . . . , a
0
B
n
, the notation a is used, i.e.,
a = a
n1
, . . . , a
0
=
n1
i=0
a
i
(2
i
)
Denition 410 An n-bit adder is a circuit computing the function f
n
+2
: B
n
B
n
B
n+1
with
f
n
+2
(a; b) := B(a +b)
If we look at the denition again, we see that we are again using a pull-back construction. These
will pop up all over the place, since they make life quite easy and safe.
Before we actually get a combinational circuit for an n-bit adder, we will build a very useful circuit
as a building block: the half adder (it will take two to build a full adder).
The Half-Adder
There are dierent ways to implement an adder. All of them build upon two basic
components, the half-adder and the full-adder.
Denition 411 A half adder is a circuit HA imple-

menting the function f
HA
in the truth table on the right.
f
HA
: B
2
B
2
a, b c, s
s is called the sum bit and c the carry bit.
a b c s
0 0 0 0
0 1 0 1
1 0 0 1
1 1 1 0
Note: The carry can be computed by a simple AND, i.e., c = AND(a, b), and the sum
bit by a XOR function.
157
Building and Evaluating the Half-Adder
a
b
s
c
So, the half-adder corresponds to the Boolean function f
HA
: B
2
B
2
; a, b
a b, a b
Note: f
HA
(a, b) = B(a +b), i.e., it is indeed an adder.
We count XOR as one gate, so C(HA) = 2 and dp(HA) = 1.
Now that we have the half adder as a building block it is rather simple to arrive at a full adder
circuit.
*
, in the diagram for the full adder, and in the following, we will sometimes use a variant gate
symbol for the OR gate: The symbol . It has the same outline as an AND gate, but the
input lines go all the way through.
The Full Adder
Denition 412 The 1-bit full adder is a circuit FA
1
that implements the function f
1
FA
: B B B B
2
with (FA
1
(a, b, c
t
)) = B(a +b +c
t
)
The result of the full-adder is also denoted with c, s,
i.e., a carry and a sum bit. The bit c
t
is called the input
carry.
the easiest way to implement a full adder is to use two
half adders and an OR gate.
Lemma 413 (Cost and Depth)
C(FA
1
) = 2C(HA) + 1 = 5 and
dp(FA
1
) = 2dp(HA) + 1 = 3
a b c
t
c s
0 0 0 0 0
0 0 1 0 1
0 1 0 0 1
0 1 1 1 0
1 0 0 0 1
1 0 1 1 0
1 1 0 1 0
1 1 1 1 1
HA
HA
s
c
b
a
c
s
c
c
s
158
Note: Note that in the right hand graphics, we use another notation for the OR gate.
20
EdNote:20
Of course adding single digits is a rather simple task, and hardly worth the eort, if this is all we
can do. What we are really after, are circuits that will add n-bit binary natural numbers, so that
we arrive at computer chips that can add long numbers for us.
Full n-bit Adder
Denition 414 An n-bit full adder (n > 1) is a circuit that corresponds to
f
n
FA
: B
n
B
n
B B B
n
; a, b, c
t
B(a +b +c
t
)
Notation 415 We will draw the n-bit full adder with the following symbol in circuit
diagrams.
Note that we are abbreviating n-bit input and output edges with a single one that has a
slash and the number n next to it.
There are various implementations of the full n-bit adder, we will look at two of them
This implementation follows the intuition behind elementary school addition (only for binary
numbers): we write the numbers below each other in a tabulated fashion, and from the least
signicant digit, we follow the process of
adding the two digits with carry from the previous column
recording the sum bit as the result, and
passing the carry bit on to the next column
until one of the numbers ends.
20
EdNote: Todo: introduce this earlier, or change the graphics here (or both)
159
The Carry Chain Adder
The inductively designed circuit of the carry chain adder.
n = 1: the CCA
1
consists of a full adder
n > 1: the CCA
n
consists of an (n 1)-bit carry chain adder CCA
n1
and a full
adder that sums up the carry of CCA
n1
and the last two bits of a and b
Denition 416 An n-bit carry chain adder CCA
n
is inductively dened as
(f
1
CCA
(a
0
, b
0
, c)) = (FA
1
(a
0
, b
0
, c))
(f
n
CCA
(a
n1
, . . . , a
0
, b
n1
, . . . , b
0
, c
t
)) = c, s
n1
, . . . , s
0
with
c, s
n1
= (FA
n1
(a
n1
, b
n1
, c
n1
))
c
n1
, . . . , c
s
0 = (f
n1
CCA
(a
n2
, . . . , a
0
, b
n2
, . . . , b
0
, c
t
))
Lemma 417 (Cost) C(CCA
n
) O(n)
Proof Sketch: C(CCA
n
) = C(CCA
n1
) +C(FA
1
) = C(CCA
n1
) + 5 = 5n
Lemma 418 (Depth) dp(CCA
n
) O(n)
Proof Sketch: dp(CCA
n
) dp(CCA
n1
) + dp(FA
1
) dp(CCA
n1
) + 3 3n
The carry chain adder is simple, but cost and depth are high. (depth is critical (speed))
Question: Can we do better?
Problem: the carry ripples up the chain (upper parts wait for carries from lower part)
A consequence of using the carry chain adder is that if we go from a 32-bit architecture to a 64-bit
architecture, the speed of additions in the chips would not increase, but decrease (by 50%). Of
course, we can carry out 64-bit additions now, a task that would have needed a special routine
at the software level (these typically involve at least 4 32-bit additions so there is a speedup for
such additions), but most addition problems in practice involve small (under 32-bit) numbers, so
we will have an overall performance loss (not what we really want for all that cost).
If we want to do better in terms of depth of an n-bit adder, we have to break the dependency on the
carry, let us look at a decimal addition example to get the idea. Consider the following snapshot of
an carry chain addition
rst summand 3 4 7 9 8 3 4 7 9 2
second summand 2
?
5
?
1
?
8
?
1
?
7
?
8
1
7
1
2
0
1
0
partial sum ? ? ? ? ? ? ? ? 5 1 3
We have already computed the rst three partial sums. Carry chain addition would simply go on
and ripple the carry information through until the left end is reached (after all what can we do?
we need the carry information to carry out left partial sums). Now, if we only knew what the
carry would be e.g. at column 5, then we could start a partial summation chain there as well.
160
The central idea in the conditional sum adder we will pursue now, is to trade time for space, and
just compute both cases (with and without carry), and then later choose which one was the correct
one, and discard the other. We can visualize this in the following schema.
rst summand 3 4 7 9 8 3 4 7 9 2
second summand 2
?
5
0
1
1
8
?
1
?
7
?
8
1
7
1
2
0
1
0
lower sum ? ? 5 1 3
upper sum. with carry ? ? ? 9 8 0
upper sum. no carry ? ? ? 9 7 9
Here we start at column 10 to compute the lower sum, and at column 6 to compute two upper
sums, one with carry, and one without. Once we have fully computed the lower sum, we will know
about the carry in column 6, so we can simply choose which upper sum was the correct one and
combine lower and upper sum to the result.
Obviously, if we can compute the three sums in parallel, then we are done in only ve steps not ten
as above. Of course, this idea can be iterated: the upper and lower sums need not be computed
by carry chain addition, but can be computed by conditional sum adders as well.
The Conditional Sum Adder
Idea: pre-compute both possible upper sums (e.g. upper half) for carries 0 and 1, then
choose (via MUX) the right one according to lower sum.
the inductive denition of the circuit of a conditional sum adder (CSA).
Denition 419 An n-bit conditional sum adder CSA
n
is recursively dened as
(f
n
CSA
(a
n1
, . . . , a
0
, b
n1
, . . . , b
0
, c
t
)) = c, s
n1
, . . . , s
0
where
c
n/2
, s
n/21
, . . . , s
0
= (f
n/2
CSA
(a
n/21
, . . . , a
0
, b
n/21
, . . . , b
0
, c
t
))
c, s
n1
, . . . , s
n/2
=
_
(f
n/2
CSA
(a
n1
, . . ., a
n/2
, b
n1
, . . . , b
n/2
, 0)) if c
n/2
= 0
(f
n/2
CSA
(a
n1
, . . ., a
n/2
, b
n1
, . . . , b
n/2
, 1)) if c
n/2
= 1
(f
1
CSA
(a
0
, b
0
, c)) = (FA
1
(a
0
, b
0
, c))
The only circuit that we still have to look at is the one that chooses the correct upper sums.
Fortunately, this is a rather simple design that makes use of the classical trick that if C, then A,
else B can be expressed as (C and A) or (not C and B).
161
The Multiplexer
Denition 420 An n-bit multiplexer MUX
n
is a circuit which implements the function
f
n
MUX
: B
n
B
n
B B
n
with
f(a
n1
, . . . , a
0
, b
n1
, . . . , b
0
, s) =
_
a
n1
, . . . , a
0
if s = 0
b
n1
, . . . , b
0
if s = 1
Idea: A multiplexer chooses between two n-bit input vectors A and B depending on the
value of the control bit s.
s
o
a b a b
...
o
0
0 0 n1 n1
n1
Cost and depth: C(MUX
n
) = 3n + 1 and dp(MUX
n
) = 3.
Now that we have completely implemented the conditional lookahead adder circuit, we can analyze
it for its cost and depth (to see whether we have really made things better with this design).
Analyzing the depth is rather simple, we only have to solve the recursive equation that combines
the recursive call of the adder with the multiplexer. Conveniently, the 1-bit full adder has the
same depth as the multiplexer.
The Depth of CSA
dp(CSA
n
) dp(CSA
n/2
) + dp(MUX
n/2+1
)
solve the recursive equation:
dp(CSA
n
) dp(CSA
n/2
) + dp(MUX
n/2+1
)
dp(CSA
n/2
) + 3
dp(CSA
n/4
) + 3 + 3
dp(CSA
n/8
) + 3 + 3 + 3
. . .
dp(CSA
n2
i
) + 3i
dp(CSA
1
) + 3log
2
(n)
3log
2
(n) + 3
The analysis for the cost is much more complex, we also have to solve a recursive equation, but a
more dicult one. Instead of just guessing the correct closed form, we will use the opportunity to
show a more general technique: using Masters theorem for recursive equations. There are many
162
similar theorems which can be used in situations like these, going into them or proving Masters
theorem would be beyond the scope of the course.
163
The Cost of CSA
C(CSA
n
) = 3C(CSA
n/2
) +C(MUX
n/2+1
).
Problem: How to solve this recursive equation?
Solution: Guess a closed formula, prove by induction. (if we are lucky)
Solution2: Use a general tool for solving recursive equations.
Theorem 421 (Masters Theorem for Recursive Equations) Given the recur-
sively dened function f : N R, such that f(1) = c R and f(b
k
) = af(b
k1
) +g(b
k
)
for some a R, 1 a, k N, and g : N R, then f(b
k
) = ca
k
+
k1
i=0
a
i
g(b
ki
)
We have C(CSA
n
) = 3C(CSA
n/2
) +C(MUX
n/2+1
) = 3C(CSA
n/2
) + 3(n/2 + 1) + 1 = 3C(CSA
n/2
) +
3
2
n + 4
So, C(CSA
n
) is a function that can be handled via Masters theorem with a = 3, b = 2,
n = b
k
, g(n) = 3/2n + 4, and c = C(f
1
CSA
) = C(FA
1
) = 5
thus C(CSA
n
) = 5 (3
log
2
(n)
) +
log
2
(n)1
i=0
(3
i
)
3
2
n (2
i
) + 4
Note: a
log
2
(n)
= (2
log
2
(a)
)
log
2
(n)
= 2
log
2
(a)log
2
(n)
= (2
log
2
(n)
)
log
2
(a)
= n
log
2
(a)
C(CSA
n
) = 5 (3
log
2
(n)
) +
log
2
(n)1
i=0
(3
i
)
3
2
n (2
i
) + 4
= 5(n
log
2
(3)
) +
log
2
(n)
i=1
n
3
2
i
n + 4
= 5(n
log
2
(3)
) +n
log
2
(n)
i=1
(
3
2
i
) + 4log
2
(n)
= 5(n
log
2
(3)
) + 2n (
3
2
log
2
(n)+1
) 1 + 4log
2
(n)
= 5(n
log
2
(3)
) + 3n (n
log
2
(
3
2
)
) 2n + 4log
2
(n)
= 8(n
log
2
(3)
) 2n + 4log
2
(n) O(n
log
2
(3)
)
Theorem 422 The cost and the depth of the conditional sum adder are in the following
complexity classes:
C(CSA
n
) O(n
log
2
(3)
) dp(CSA
n
) O(log
2
(n))
Compare with: C(CCA
n
) O(n) dp(CCA
n
) O(n)
So, the conditional sum adder has a smaller depth than the carry chain adder. This
smaller depth is paid with higher cost.
There is another adder that combines the small cost of the carry chain adder with the
low depth of the conditional sum adder. This carry lookahead adder CLA
n
has a cost
C(CLA
n
) O(n) and a depth of dp(CLA
n
) O(log
2
(n)).
164
Instead of perfecting the n-bit adder further (and there are lots of designs and optimizations out
there, since this has high commercial relevance), we will extend the range of arithmetic operations.
The next thing we come to is subtraction. Arithmetics for Twos Complement Numbers
11.5 Arithmetics for Twos Complement Numbers
This of course presents us with a problem directly: the n-bit binary natural numbers, we have
used for representing numbers are closed under addition, but not under subtraction: If we have
two n-bit binary numbers B(n), and B(m), then B(n +m) is an n+1-bit binary natural number.
If we count the most signicant bit separately as the carry bit, then we have a n-bit result. For
subtraction this is not the case: B(n m) is only a n-bit binary natural number, if m n
(whatever we do with the carry). So we have to think about representing negative binary natural
numbers rst. It turns out that the solution using sign bits that immediately comes to mind is
not the best one.
Negative Numbers and Subtraction
Note: So far we have completely ignored the existence of negative numbers.
Problem: Subtraction is a partial operation without them.
Question: Can we extend the binary number systems for negative numbers?
Simple Solution: Use a sign bit. (additional leading bit that indicates whether the number is positive)
Denition 423 ((n + 1)-bit signed binary number system)
a
n
, . . . , a
0
:=
_
a
n1
, . . . , a
0
if a
n
= 0
a
n1
, . . . , a
0
if a
n
= 1
Note: We need to x string length to identify the sign bit. (leading zeroes)
Example 424 In the 8-bit signed binary number system
10011001 represents -25 ((10011001
) = (2
4
+ 2
3
+ 2
0
))
00101100 corresponds to a positive number: 44
Here we did the naive solution, just as in the decimal system, we just added a sign bit, which
species the polarity of the number representation. The rst consequence of this that we have to
keep in mind is that we have to x the width of the representation: Unlike the representation for
binary natural numbers which can be arbitrarily extended to the left, we have to know which bit
is the sign bit. This is not a big problem in the world of combinational circuits, since we have a
xed width of input/output edges anyway.
165
Problems of Sign-Bit Systems
Generally: An n-bit signed binary number system allows to represent the integers from
2
n1
+ 1 to +2
n1
1.
2
n1
1 positive numbers, 2
n1
1 negative numbers, and the zero
Thus we represent #(s
[ s B
n
) = 2 ((2
n1
) 1) + 1 = 2
n
1 numbers all in
all
One number must be represented twice (But there are 2
n
strings of length n.)
10 . . . 0 and 00 . . . 0 both represent the zero as 1 0 = 1 0.
signed binary Z
0 1 1 1 7
0 1 1 0 6
0 1 0 1 5
0 1 0 0 4
0 0 1 1 3
0 0 1 0 2
0 0 0 1 1
0 0 0 0 0
1 0 0 0 -0
1 0 0 1 -1
1 0 1 0 -2
1 0 1 1 -3
1 1 0 0 -4
1 1 0 1 -5
1 1 1 0 -6
1 1 1 1 -7
We could build arithmetic circuits using this, but there is a more elegant way!
All of these problems could be dealt with in principle, but together they form a nuisance, that at
least prompts us to look for something more elegant. The twos complement representation also
uses a sign bit, but arranges the lower part of the table in the last slide in the opposite order,
freeing the negative representation of the zero. The technical trick here is to use the sign bit (we
still have to take into account the width n of the representation) not as a mirror, but to translate
the positive representation by subtracting 2
n
.
166
The Twos Complement Number System
Denition 425 Given the binary string a = a
n
, . . . , a
0
B
n+1
, where n > 1. The
integer represented by a in the (n+1)-bit twos complement, written as a
2s
n
, is dened
as
a
2s
n
= a
n
(2
n
) +a
n1
, . . . , a
0
= a
n
(2
n
) +
n1
i=0
a
i
(2
i
)
Notation 426 Write B
2s
n
(z) for the binary string that represents z in the twos com-
plement number system, i.e., B
2s
n
(z)
2s
n
= z.
2s compl. Z
0 1 1 1 7
0 1 1 0 6
0 1 0 1 5
0 1 0 0 4
0 0 1 1 3
0 0 1 0 2
0 0 0 1 1
0 0 0 0 0
1 1 1 1 -1
1 1 1 0 -2
1 1 0 1 -3
1 1 0 0 -4
1 0 1 1 -5
1 0 1 0 -6
1 0 0 1 -7
1 0 0 0 -8
We will see that this representation has much better properties than the naive sign-bit representa-
tion we experimented with above. The rst set of properties are quite trivial, they just formalize
the intuition of moving the representation down, rather than mirroring it.
Properties of Twos Complement Numbers (TCN)
Let b = b
n
, . . . , b
0
be a number in the n + 1-bit twos complement system, then
Positive numbers and the zero have a sign bit 0, i.e., b
n
= 0 (b
2s
n
0).
Negative numbers have a sign bit 1, i.e., b
n
= 1 b
2s
n
< 0.
For positive numbers, the twos complement representation corresponds to the normal
binary number representation, i.e., b
n
= 0 b
2s
n
= b
There is a unique representation of the number zero in the n-bit twos complement
system, namely B
2s
n
(0) = 0, . . ., 0.
This number system has an asymmetric range 1
2s
n
:= 2
n
, . . . , 2
n
1.
The next property is so central for what we want to do, it is upgraded to a theorem. It says that
the mirroring operation (passing from a number to its negative sibling) can be achieved by two
very simple operations: ipping all the zeros and ones, and incrementing.
167
The Structure Theorem for TCN
Theorem 427 Let a B
n+1
be a binary string, then a
2s
n
= a
2s
n
+ 1, where a is
the pointwise bit complement of a.
Proof: by calculation using the denitions
a
n
, a
n1
, . . . , a
0
2s
n
= a
n
(2
n
) +a
n1
, . . . , a
0
= a
n
(2
n
) +
n1
i=0
a
i
(2
i
)
= 1 a
n
(2
n
) +
n1
i=0
1 a
i
(2
i
)
= 1 a
n
(2
n
) +
n1
i=0
2
i
n1
i=0
a
i
(2
i
)
= 2
n
+a
n
(2
n
) + 2
n1
a
n1
, . . . , a
0
= (2
n
+ 2
n
) +a
n
(2
n
) a
n1
, . . . , a
0
1
= (a
n
(2
n
) +a
n1
, . . . , a
0
) 1
= a
2s
n
1
A rst simple application of the TCN structure theorem is that we can use our existing conversion
routines (for binary natural numbers) to do TCN conversion (for integers).
Application: Converting from and to TCN?
to convert an integer z Z with z N into an n-bit TCN
generate the n-bit binary number representation B(z) = b
n1
, . . . , b
0
complement it to B(z), i.e., the bitwise negation b

i
of B(z)
increment (add 1) B(z), i.e. compute B(B(z) + 1)
to convert a negative n-bit TCN b = b
n1
, . . . , b
0
, into an integer
decrement b, (compute B(b 1))
complement it to B(b 1)
compute the decimal representation and negate it to B(b 1)
168
Subtraction and Twos Complement Numbers
Idea: With negative numbers use our adders directly
Denition 428 An n-bit subtracter is a circuit that implements the function
f
n
SUB
: B
n
B
n
B B B
n
such that
f
n
SUB
(a, b, b
t
) = B
2s
n
(a
2s
n
b
2s
n
b
t
)
for all a, b B
n
and b
t
B. The bit b
t
is called the input borrow bit.
Note: We have a
2s
n
b
2s
n
= a
2s
n
+ (b
2s
n
) = a
2s
n
+b
2s
n
+ 1
Idea: Can we implement an n-bit subtracter as f
n
SUB
(a, b, b
t
) = (FA
n
(a, b, b
t
))?
not immediately: We have to make sure that the full adder plays nice with twos comple-
ment numbers
In addition to the unique representation of the zero, the twos complement system has an additional
important property. It is namely possible to use the adder circuits introduced previously without
any modication to add integers in twos complement representation.
Addition of TCN
Idea: use the adders without modication for TCN arithmetic
Denition 429 An n-bit twos complement adder (n > 1) is a circuit that cor-
responds to the function f
n
TCA
: B
n
B
n
B B B
n
, such that f
n
TCA
(a, b, c
t
) =
B
2s
n
(a
2s
n
+b
2s
n
+c
t
) for all a, b B
n
and c
t
B.
Theorem 430 f
n
TCA
= f
n
FA
(rst prove some Lemmas)
It is not obvious that the same circuits can be used for the addition of binary and twos complement
numbers. So, it has to be shown that the above function TCAcircFNn and the full adder function
f
n
FA
from denition?? are identical. To prove this fact, we rst need the following lemma stating
that a (n + 1)-bit twos complement number can be generated from a n-bit twos complement
number without changing its value by duplicating the sign-bit:
169
TCN Sign Bit Duplication Lemma
Idea: An n +1-bit TCN can be generated from a n-bit TCN without changing its value
by duplicating the sign-bit.
Lemma 431 Let a = a
n
, . . . , a
0
B
n+1
be a binary string, then a
n
, . . . , a
0
2s
n+1
=
a
n1
, . . . , a
0
2s
n
.
Proof: by calculation
a
n
, . . . , a
0
2s
n+1
= a
n
(2
n+1
) +a
n
, . . . , a
0
= a
n
(2
n+1
) +a
n
(2
n
) +a
n1
, . . . , a
0
= a
n
((2
n+1
) + (2
n
)) +a
n1
, . . . , a
0
= a
n
(2 (2
n
) + (2
n
)) +a
n1
, . . . , a
0
= a
n
(2
n
) +a
n1
, . . . , a
0
= a
n1
, . . . , a
0
2s
n
We will now come to a major structural result for twos complement numbers. It will serve two
purposes for us:
1. It will show that the same circuits that produce the sum of binary numbers also produce
proper sums of twos complement numbers.
2. It states concrete conditions when a valid result is produced, namely when the last two
carry-bits are identical.
The TCN Main Theorem
Denition 432 Let a, b B
n+1
and c B with a = a
n
, . . . , a
0
and b = b
n
, . . . , b
0
,
then we call (ic
k
(a, b, c)), the k-th intermediate carry of a, b, and c, i
ic
k
(a, b, c), s
k1
, . . . , s
0
= a
k1
, . . . , a
0
+b
k1
, . . . , b
0
+c
for some s
i
B.
Theorem 433 Let a, b B
n
and c B, then
1. a
2s
n
+b
2s
n
+c 1
2s
n
, i (ic
n+1
(a, b, c)) = (ic
n
(a, b, c)).
2. If (ic
n+1
(a, b, c)) = (ic
n
(a, b, c)), then a
2s
n
+ b
2s
n
+ c = s
2s
n
, where
ic
n+1
(a, b, c), s
n
, . . . , s
0
= a +b +c.
Unfortunately, the proof of this attractive and useful theorem is quite tedious and technical
170
Proof of the TCN Main Theorem
Proof: Let us consider the sign-bits a
n
and b
n
separately from the value-bits a
t
=
a
n1
, . . . , a
0
and b
t
= b
n1
, . . . , b
0
.
P.1 Then
a
t
+b
t
+c = a
n1
, . . . , a
0
+b
n1
, . . . , b
0
+c
= ic
n
(a, b, c), s
n1
, . . . , s
0
and a
n
+b
n
+ (ic
n
(a, b, c)) = ic
n+1
(a, b, c), s
n
.
P.2.1 a
n
= b
n
= 0:
P.2.1.1 a
2s
n
and b
2s
n
are both positive, so (ic
n+1
(a, b, c)) = 0 and furthermore
(ic
n
(a, b, c)) = 0 a
t
+b
t
+c 2
n
1
a
2s
n
+b
2s
n
+c 2
n
1
P.2.1.2 Hence,
a
2s
n
+b
2s
n
+c = a
t
+b
t
+c
= s
n1
, . . . , s
0
= 0, s
n1
, . . . , s
0
= s
2s
n
P.2.2 a
n
= b
n
= 1:
P.2.2.1 a
2s
n
and b
2s
n
are both negative, so (ic
n+1
(a, b, c)) = 1 and furthermore
(ic
n
(a, b, c)) = 1, i a
t
+b
t
+c 2
n
, which is the case, i a
2s
n
+b
2s
n
+c =
2
n+1
+a
t
+b
t
+c 2
n
P.2.2.2 Hence,
a
2s
n
+b
2s
n
+c = 2
n
+a
t
+2
n
+b
t
+c
= 2
n+1
+a
t
+b
t
+c
= 2
n+1
+1, s
n1
, . . . , s
0
= 2
n
+s
n1
, . . . , s
0
= s
2s
n
P.2.3 a
n
,= b
n
:
P.2.3.1 Without loss of generality assume that a
n
= 0 and b
n
= 1.
(then (ic
n+1
(a, b, c)) = (ic
n
(a, b, c)))
P.2.3.2 Hence, the sum of a
2s
n
and b
2s
n
is in the admissible range 1
2s
n
as
a
2s
n
+b
2s
n
+c = a
t
+b
t
+c 2
n
and (0 a
t
+b
t
+c 2
n+1
1)
P.2.3.3 So we have
a
2s
n
+b
2s
n
+c = 2
n
+a
t
+b
t
+c
= 2
n
+ic
n
(a, b, c), s
n1
, . . . , s
0
= (1 (ic
n
(a, b, c))) (2
n
) +s
n1
, . . . , s
0
= ic
n
(a, b, c), s
n1
, . . . , s
0
2s
n
P.2.3.4 Furthermore, we can conclude that ic
n
(a, b, c), s
n1
, . . . , s
0
2s
n
= s
2s
n
as s
n
=
a
n
b
n
(ic
n
(a, b, c)) = 1 (ic
n
(a, b, c)) = ic
n
(a, b, c).
P.3 Thus we have considered all the cases and completed the proof.
171
The Main Theorem for TCN again
Given two (n + 1)-bit twos complement numbers a and b. The above theorem tells
us that the result s of an (n + 1)-bit adder is the proper sum in twos complement
representation i the last two carries are identical.
If not, a and b were too large or too small. In the case that s is larger than 2
n
1, we
say that an overow occurred.In the opposite error case of s being smaller than 2
n
, we
say that an underow occurred.
11.6 Towards an Algorithmic-Logic Unit
The most important application of the main TCN theorem is that we can build a combinatorial
circuit that can add and subtract (depending on a control bit). This is actually the rst instance
of a concrete programmable computation device we have seen up to date (we interpret the control
bit as a program, which changes the behavior of the device). The fact that this is so simple, it
only runs two programs should not deter us; we will come up with more complex things later.
172
Building an Add/Subtract Unit
Idea: Build a Combinational Circuit that can add and subtract (sub = 1 subtract)
If sub = 0, then the circuit acts like an adder (a 0 = a)
If sub = 1, let S := a
2s
n
+b
n1
, . . . , b
0
2s
n
+ 1 (a 0 = 1 a)
For s 1
2s
n
the TCN main theorem and the TCN structure theorem together guarantee
s = a))
2s
n
+bn1, . . . , b0))
2s
n
+ 1
= a))
2s
n
b))
2s
n
1 + 1
n
A
n+1
n
n
s
sub
a b b
n1 0
Summary: We have built a combinational circuit that can perform 2 arithmetic operations
depending on a control bit.
Idea: Extend this to a arithmetic logic unit (ALU) with more operations
(+, -, *, /, n-AND, n-OR,. . . )
In fact extended variants of the very simple Add/Subtract unit are at the heart of any computer.
These are called arithmetic logic units.
173
12 Sequential Logic Circuits and Memory Elements
So far we have considered combinatorial logic, i.e. circuits for which the output depends only
on the inputs. In many instances it is desirable to have the next output depend on the current
output.
Sequential Logic Circuits
In combinational circuits, outputs only depend on inputs (no state)
We have disregarded all timing issues (except for favoring shallow circuits)
Denition 434 Circuits that remember their current output or state are often called
sequential logic circuits.
Example 435 A counter , where the next number to be output is determined by the
current number stored.
Sequential logic circuits need some ability to store the current state
Clearly, sequential logic requires the ability to store the current state. In other words, memory
is required by sequential logic circuits. We will investigate basic circuits that have the ability to
store bits of data. We will start with the simplest possible memory element, and develop more
elaborate versions from it.
The circuit we are about to introduce is the simplest circuit that can keep a state, and thus act
as a (precursor to) a storage element. Note that we are leaving the realm of acyclic graphs here.
Indeed storage elements cannot be realized with combinational circuits as dened above.
RS Flip-Flop
Denition 436 A RS-ipop (or RS-latch)is constructed by feeding the outputs
of two NOR gates back to the other NOR gates input. The inputs R and S
are referred to as the Reset and Set inputs, respectively.
R S Q Q
Comment
0 1 1 0 Set
1 0 0 1 Reset
0 0 Q Q
Hold state
1 1 ? ? Avoid
Note: the output Q is simply the inverse of Q. (supplied for convenience)
Note: An RS ipop can also be constructed from NAND gates.
T F
0 1 0
1 0 0
To understand the operation of the RS-ipop we rst reminde ourselves of the
truth table of the NOR gate on the right: If one of the inputs is 1, then the output
is 0, irrespective of the other. To understand the RS-ipop, we will go through
the input combinations summarized in the table above in detail. Consider the
following scenarios:
174
S = 1 and R = 0 The output of the bottom NOR gate is 0, and thus Q
t
= 0 irrespective of the
other input. So both inputs to the top NOR gate are 0, thus, Q = 1. Hence, the input
combination S = 1 and R = 0 leads to the ipop being set to Q = 1.
S = 0 and R = 1 The argument for this situation is symmetric to the one above, so the outputs
become Q = 0 and Q
t
= 1. We say that the ipop is reset.
S = 0 and R = 0 Assume the ipop is set (Q = 1 and Q
t
= 0), then the output of the top
NOR gate remains at Q = 1 and the bottom NOR gate stays at Q
t
= 0. Similarly, when
the ipop is in a reset state (Q = 0 and Q
t
= 1), it will remain there with this input
combination. Therefore, with inputs S = 0 and R = 0, the ipop remains in its state.
S = 1 and R = 1 This input combination will be avoided, we have all the functionality (set, reset,
and hold) we want from a memory element.
An RS-ipop is rarely used in actual sequential logic. However, it is the fundamental building
block for the very useful D-ipop.
The D-Flipop: the simplest memory device
Recap: A RS-ipop can store a state (set Q to 1 or reset Q to 0)
Problem: We would like to have a single data input and avoid R = S states.
Idea: Add interface logic to do just this
Denition 437 A D-Flipop is an RS-ipop with interface logic as below.
E D R S Q Comment
1 1 0 1 1 set Q to 1
1 0 1 0 0 reset Q to 0
0 D 0 0 Q hold Q
The inputs D and E
are called the data and enable inputs.
When E = 1 the value of D determines the value of the output Q, when E returns to
0, the most recent input D is remembered.
Sequential logic circuits are constructed from memory elements and combinatorial logic gates.
The introduction of the memory elements allows these circuits to remember their state. We will
illustrate this through a simple example.
175
Example: On/O Switch
Problem: Pushing a button toggles a LED between on and o.
(rst push switches the LED on, second push o,. . . )
Idea: Use a D-ipop (to remember whether the LED is currently on or o) connect its
Q
t
ouput to its D input (next state is inverse of current state)
In the on/o circuit, the external inputs (buttons) were connected to the E input.
Denition 438 Such circuits are often called asynchronous as they keep track of events that
occur at arbitrary instants of time, synchronous circuits in contrast operate on a periodic basis
and the Enable input is connected to a common clock signal.
Random Access Memory Chips
Random access memory (RAM) is used for storing a large number of bits.
RAM is made up of storage elements similar to the D-ipops we discussed.
Principally, each storage element has a unique number or address represented in binary
form.
When the address of the storage element is provided to the RAM chip, the corresponding
memory element can be written to or read from.
We will consider the following questions:
What is the physical structure of RAM chips?
How are addresses used to select a particular storage element?
What do individual storage elements look like?
How is reading and writing distinguished?
176
Address Decoder Logic
Idea: Need a circuit that activates the storage element given the binary address:
At any time, only 1 output line is on and all others are o.
The line that is on species the desired element
Denition 439 The n-bit address decoder ADL
n
has a n inputs and 2
n
outputs.
f
m
ADL
(a) = b
1
, . . . , b
2
n, where b
i
= 1, i i = a.
Example 440 (Address decoder logic for 2-bit addresses)
Storage Elements
Idea (Input): Use a D-ipop connect its E input to the ADL output.
Connect the D-input to the common RAM data input line. (input only if addressed)
Idea (Output): Connect the ipop output to common RAM output line. But rst AND
with ADL output (output only if addressed)
Problem: The read process should leave the value of the gate unchanged.
Idea: Introduce a write enable signal(protect data during read) AND it with the ADL
output and connect it to the ipops E input.
Denition 441 A Storage Element is given by the foolowing diagram
177
Remarks
The storage elements are often simplied to reduce the number of transistors.
For example, with care one can replace the ipop by a capacitor.
Also, with large memory chips it is not feasible to connect the data input and output
and write enable lines directly to all storage elements.
Also, with care one can use the same line for data input and data output.
Today, multi-gigabyte RAM chips are on the market.
The capacity of RAM chips doubles approximately every year.
Layout of Memory Chips
To take advantage of the two-dimensional nature of the chip, storage elements are ar-
ranged on a square grid. (columns and rows of storage elements)
For example, a 1 Megabit RAM chip has of 1024 rows and 1024 columns.
identy storage element by its row and column coordinates.(AND them for addressing)
Hence, to select a particular storage location the address information must be translated
into row and column specication.
The address information is divided into two halfs; the top half is used to select the row
and the bottom half is used to select the column.
178
13 Machines
13.1 How to build a Computer (in Principle)
In this part of the course, we will learn how to use the very simple computational devices we
built in the last section and extend them to fully programmable devices using the von Neumann
Architecture. For this, we need random access memory (RAM).
For our purposes, we just understand n-bit memory cells as devices that can store n binary
values. They can be written to, (after which they store the n values at their n input edges), and
they can be queried: then their output edges have the n values that were stored in the memory
cell. Querying a memory cell does not change the value stored in it.
Our notion of time is similarly simple, in our analysis we assume a series of discrete clock ticks
that synchronize all events in the circuit. We will only observe the circuits on each clock tick and
assume that all computational devices introduced for the register machine complete computation
before the next tick. Real circuits, also have a clock that synchronizes events (the clock frequency
(currently around 3 GHz for desktop CPUs) is a common approximation measure of processor
performance), but the assumption of elementary computations taking only one click is wrong in
production systems.
How to Build a Computer (REMA; the Register Machine)
Take an n-bit arithmetic logic unit (ALU)
add registers: few (named) n-bit memory cells near the ALU
program counter (PC) (points to current command in program store)
accumulator (ACC) (the a input and output of the ALU)
add RAM: lots of random access memory (elsewhere)
program store: 2n-bit memory cells (addressed by P : N B
2n
)
data store: n-bit memory cells (words addressed by D: N B
n
)
add a memory management unit(MMU) (move values between RAM and registers)
program it in assembler language (lowest level of programming)
We have three kinds of memory areas in the REMA register machine: The registers (our architecture
has two, which is the minimal number, real architectures have more for convenience) are just simple
n-bit memory cells.
The programstore is a sequence of up to 2
n
memory 2n-bit memory cells, which can be accessed
(written to and queried) randomly i.e. by referencing their position in the sequence; we do not have
to access them by some xed regime, e.g. one after the other, in sequence (hence the name random
access memory: RAM). We address the Program store by a function P : N B
2n
. The data store
is also RAM, but a sequence or n-bit cells, which is addressed by the function D: N B
n
.
The value of the program counter is interpreted as a binary number that addresses a 2n-bit cell
in the program store. The accumulator is the register that contains one of the inputs to the ALU
before the operation (the other is given as the argument of the program instruction); the result of
the ALU is stored in the accumulator after the instruction is carried out.
179
Memory Plan of a Register Machine
ACC (accumulator)
IN1 (index register 1)
IN2 (index register 2)
PC (program counter)
save
load
P
r
o
g
r
a
m
Addresses
Program Store
2nbit Cells
Data Store
CPU
Addresses
2
3
1
0 Operation Argument
nbit Cells
3
2
1
0
The ALU and the MMU are control circuits, they have a set of n-bit inputs, and n-bit outputs,
and an n-bit control input. The prototypical ALU, we have already seen, applies arithmetic or
logical operator to its regular inputs according to the value of the control input. The MMU is
very similar, it moves n-bit values between the RAM and the registers according to the value at
the control input. We say that the MMU moves the (n-bit) value from a register R to a memory
cell C, i after the move both have the same value: that of R. This is usually implemented as a
query operation on R and a write operation to C. Both the ALU and the MMU could in principle
encode 2
n
operators (or commands), in practice, they have fewer, since they share the command
space.
Circuit Overview over the CPU
ALU
Operation Argument
ACC
Program Store
Logic
Address
PC
In this architecture (called the register machine architecture), programs are sequences of 2n-
bit numbers. The rst n-bit part encodes the instruction, the second one the argument of the
instruction. The program counter addresses the current instruction (operation + argument).
We will now instantiate this general register machine with a concrete (hypothetical) realization,
which is sucient for general programming, in principle. In particular, we will need to identify a
set of program operations. We will come up with 18 operations, so we need to set n 5. It is
possible to do programming with n = 4 designs, but we are interested in the general principles
more than optimization.
180
The main idea of programming at the circuit level is to map the operator code (an n-bit binary
number) of the current instruction to the control input of the ALU and the MMU, which will then
perform the action encoded in the operator.
Since it is very tedious to look at the binary operator codes (even it we present them as hexadecimal
numbers). Therefore it has become customary to use a mnemonic encoding of these in simple word
tokens, which are simpler to read, the assembler language.
Assembler Language
Idea: Store program instructions as n-bit values in program store, map these to control
inputs of ALU, MMU.
Denition 442 assembler language (ASM)as mnemonic encoding of n-bit binary codes.
instruction eect PC comment
LOAD i ACC: = D(i) PC: = PC +1 load data
STORE i D(i): = ACC PC: = PC +1 store data
ADD i ACC: = ACC +D(i) PC: = PC +1 add to ACC
SUB i ACC: = ACC D(i) PC: = PC +1 subtract from ACC
LOADI i ACC: = i PC: = PC +1 load number
ADDI i ACC: = ACC +i PC: = PC +1 add number
SUBI i ACC: = ACC i PC: = PC +1 subtract number
Denition 443 The meaning of the program instructions are specied in their ability to change
the state of the memory of the register machine. So to understand them, we have to trace the
state of the memory over time (looking at a snapshot after each clock tick; this is what we do
in the comment elds in the tables on the next slide). We speak of an imperative programming
language, if this is the case.
Example 444 This is in contrast to the programming language SML that we have looked at
before. There we are not interested in the state of memory. In fact state is something that we
want to avoid in such functional programming languages for conceptual clarity; we relegated all
things that need state into special constructs: eects.
To be able to trace the memory state over time, we also have to think about the initial state of the
register machine (e.g. after we have turned on the power). We assume the state of the registers
and the data store to be arbitrary (who knows what the machine has dreamt). More interestingly,
we assume the state of the program store to be given externally. For the moment, we may assume
(as was the case with the rst computers) that the program store is just implemented as a large
array of binary switches; one for each bit in the program store. Programming a computer at that
time was done by ipping the switches (2n) for each instructions. Nowadays, parts of the initial
program of a computer (those that run, when the power is turned on and bootstrap the operating
system) is still given in special memory (called the rmware) that keeps its state even when power
is shut o. This is conceptually very similar to a bank of switches.
181
Example Programs
Example 445 Exchange the values of cells 0 and 1 in the data store
P instruction comment
0 LOAD 0 ACC: = D(0) = x
1 STORE 2 D(2): = ACC = x
2 LOAD 1 ACC: = D(1) = y
3 STORE 0 D(0): = ACC = y
4 LOAD 2 ACC: = D(2) = x
5 STORE 1 D(1): = ACC = x
Example 446 Let D(1) = a, D(2) = b, and D(3) = c, store a +b +c in data cell 4
0 LOAD 1 ACC: = D(1) = a
1 ADD 2 ACC: = ACC +D(2) = a +b
2 ADD 3 ACC: = ACC +D(3) = a +b +c
3 STORE 4 D(4): = ACC = a +b +c
use LOADI i, ADDI i, SUBI i to set/increment/decrement ACC (impossible otherwise)
So far, the problems we have been able to solve are quite simple. They had in common that we had
to know the addresses of the memory cells we wanted to operate on at programming time, which
is not very realistic. To alleviate this restriction, we will now introduce a new set of instructions,
which allow to calculate with addresses.
Index Registers
Problem: Given D(0) = x and D(1) = y, how to we store y into cell x of the data store?
(impossible, as we have only absolute addressing)
Denition 447 (Idea) introduce more registers and register instructions
(IN1, IN2 suce)
LOADIN j i ACC: = D(INj +i) PC: = PC +1 relative load
STOREIN j i D(INj +i): = ACC PC: = PC +1 relative store
MOVE S T T : = S PC: = PC +1 move register S (source)
to register T (target)
Problem Solution:
0 LOAD 0 ACC: = D(0) = x
1 MOVE ACC IN1 IN1: = ACC = x
2 LOAD 1 ACC: = D(1) = y
3 STOREIN 1 0 D(x) = D(IN1 +0): = ACC = y
Note that the LOADIN are not binary instructions, but that this is just a short notation for unary
instructions LOADIN 1 and LOADIN 2 (and similarly for MOVE S T).
Note furthermore, that the addition logic in LOADIN j is simply for convenience (most assembler
182
languages have it, since working with address osets is commonplace). We could have always
imitated this by a simpler relative load command and an ADD instruction.
A very important ability we have to add to the language is a set of instructions that allow us to
re-use program fragments multiple times. If we look at the instructions we have seen so far, then
we see that they all increment the program counter. As a consequence, program execution is a
linear walk through the program instructions: every instruction is executed exactly once. The
set of problems we can solve with this is extremely limited. Therefore we add a new kind of
instruction. Jump instructions directly manipulate the program counter by adding the argument
to it (note that this partially invalidates the circuit overview slide above
21
, but we will not worry EdNote:21
about this).
Another very important ability is to be able to change the program execution under certain
conditions. In our simple language, we will only make jump instructions conditional (this is
sucient, since we can always jump the respective instruction sequence that we wanted to make
conditional). For convenience, we give ourselves a set of comparison relations (two would have
suced, e.g. = and <) that we can use to test.
Jump Instructions
Problem: Until now, we can only write linear programs
(A program with n steps executes n instructions)
Idea: Need instructions that manipulate the PC directly
Denition 448 Let 1 <, =, >, , ,=, be a comparison relation
JUMP i PC: = PC +i jump forward i steps
JUMPR i PC: =
PC +i if 1(ACC, 0)
PC +1 else
conditional jump
Denition 449 (Two more)
NOP i PC: = PC +1 no operation
STOP i stop computation
The nal addition to the language are the NOP (no operation) and STOP operations. Both do not
look at their argument (we have to supply one though, so we t our instruction format). the NOP
instruction is sometimes convenient, if we keep jump osets rational, and the STOP instruction
terminates the program run (e.g. to give the user a chance to look at the results.)
21
EdNote: reference
183
Example Program
Now that we have completed the language, let us see what we can do.
Example 450 Let D(0) = n, D(1) = a, and D(2) = b, copy the values of cells
a, . . . , a +n 1 to cells b, . . . , b +n 1, while a, b 3 and [a b[ n.
P instruction comment P instruction comment
0 LOAD 1 ACC: = a 10 MOVE ACC IN1 IN1: = IN1 +1
1 MOVE ACC IN1 IN1: = a 11 MOVE IN2 ACC
2 LOAD 2 ACC: = b 12 ADDI 1
3 MOVE ACC IN2 IN2: = b 13 MOVE ACC IN2 IN2: = IN2 +1
4 LOAD 0 ACC: = n 14 LOAD 0
5 JUMP= 13 if n = 0 then stop 15 SUBI 1
6 LOADIN 1 0 ACC: = D(IN1) 16 STORE 0 D(0): = D(0) 1
7 STOREIN 2 0 D(IN2): = ACC 17 JUMP 12 goto step 5
8 MOVE IN1 ACC 18 STOP 0 Stop
9 ADDI 1
Lemma 451 We have D(0) = n (i 1), IN1 = a +i 1, and IN2 = b +i 1 for
all (1 i n + 1). (the program does what we want)
proof by induction on n.
Denition 452 The induction hypotheses are called loop invariants.
13.2 How to build a SML-Compiler (in Principle)
13.2.1 A Stack-based Virtual Machine
In this part of the course, we will build a compiler for a simple functional programming language.
A compiler is a program that examines a program in a high-level programming language and
transforms it into a program in a language that can be interpreted by an existing computation
engine, in our case, the register machine we discussed above.
We have seen that our register machine runs programs written in assembler, a simple machine
language expressed in two-word instructions. Machine languages should be designed such that on
the processors that can be built machine language programs can execute eciently. On the other
hand machine languages should be built, so that programs in a variety of high-level programming
languages can be transformed automatically (i.e. compiled) into ecient machine programs. We
have seen that our assembler language ASM is a serviceable, if frugal approximation of the rst goal
for very simple processors. We will now show that it also satises the second goal by exhibiting a
compiler for a simple SML-like language.
In the last 20 years, the machine languages for state-of-the art processors have hardly changed.
This stability was a precondition for the enormous increase of computing power we have witnessed
during this time. At the same time, high-level programming languages have developed consider-
ably, and with them, their needs for features in machine-languages. This leads to a signicant
mismatch, which has been bridged by the concept of a virtual machine.
Denition 453 A virtual machine is a simple machine-language program that interprets a slightly
higher-level program the byte code and simulates it on the existing processor.
Byte code is still considered a machine language, just that it is realized via software on a real
computer, instead of running directly on the machine. This allows to keep the compilers simple
while only paying a small price in eciency.
In our compiler, we will take this approach, we will rst build a simple virtual machine (an ASM
program) and then build a compiler that translates functional programs into byte code.
184
Virtual Machines
Question: How to run high-level programming languages (like SML) on REMA?
Answer: By providing a compiler, i.e. an ASM program that reads SML programs (as
data) and transforms them into ASM programs.
But: ASM is optimized for building simple, ecient processors, not as a translation target!
Idea: Build an ASM program VM that interprets a better translation target language
(interpret REMA+VM as a virtual machine)
Denition 454 An ASM program VM is called a virtual machine for L(VM), i VM inputs
a L(VM) program (as data) and runs it on REMA.
Plan: Instead of building a compiler for SML to ASM, build a virtual machine VM for REMA
and a compiler from SML to L(VM). (simpler and more transparent)
A Virtual Machine for Functional Programming
We will build a stack-based virtual machine; this will have four components
Command Interpreter
Stack Program Store
VPC
The stack is a memory segment operated as a last-in-rst-out LIFO sequence
The program store is a memory segment interpreted as a sequence of instructions
The command interpreter is a ASM program that interprets commands from the pro-
gram store and operates on the stack.
The virtual program counter (VPC) is a register that acts as a the pointer to the
current instruction in the program store.
The virtual machine starts with the empty stack and VPC at the beginning of the
program.
185
A Stack-Based VM language (Arithmetic Commands)
Denition 455 VM Arithmetic Commands act on the stack
instruction eect VPC
con i pushes i onto stack VPC: = VPC + 2
add pop x, pop y, push x +y VPC: = VPC + 1
sub pop x, pop y, push x y VPC: = VPC + 1
mul pop x, pop y, push x y VPC: = VPC + 1
leq pop x, pop y, if x y push 1, else push 0 VPC: = VPC + 1
Example 456 The L(VM) program con 4 con 7 add pushes 7 +4 = 11 to the stack.
Example 457 Note the order of the arguments: the program con 4 con 7 sub rst
pushes 4, and then 7, then pops x and then y (so x = 7 and y = 4) and nally pushes
x y = 7 4 = 3.
Stack-based operations work very well with the recursive structure of arithmetic expres-
sions: we can compute the value of the expression 4 3 7 2 with
con 2 con 7 mul 7 2
con 3 con 4 mul 4 3
sub 4 3 7 2
Note: A feature that we will see time and again is that every (syntactically well-formed) expression
leaves only the result value on the stack. In the present case, the computation never touches the
part of the stack that was present before computing the expression. This is plausible, since the
computation of the value of an expression is purely functional, it should not have an eect on the
state of the virtual machine VM (other than leaving the result of course).
A Stack-Based VM language (Control)
Denition 458 Control operators
jp i VPC: = VPC +i
cjp i pop x if x = 0, then VPC: = VPC +i else VPC: = VPC + 2
halt
cjp is a jump on false-type expression.(if the condition is false, we jump else we continue)
Example 459 For conditional expressions we use the conditional jump expressions: We
can express if 1 2 then 4 3 else 7 5 by the program
con 2 con 1 leq cjp 9 if 1 2
con 3 con 4 sub jp 7 then 4 3
con 5 con 7 mul else 7 5
halt
In the example, we rst push 2, and then 1 to the stack. Then leq pops (so x = 1), pops again
186
(making y = 2) and computes x y (which comes out as true), so it pushes 1, then it continues
(it would jump to the else case on false).
Note: Again, the only eect of the conditional statement is to leave the result on the stack. It
does not touch the contents of the stack at and below the original stack pointer.
A Stack-Based VM language (Imperative Variables)
Denition 460 Imperative access to variables: Let o(i) be the number at stack position
i.
peek i push S(i) VPC: = VPC + 2
poke i pop x S(i): = x VPC: = VPC + 2
Example 461 The program con 5 con 7 peek 0 peek 1 add poke 1 mul halt
computes 5 (7 + 5) = 60.
Of course the last example is somewhat contrived, this is certainly not the best way to compute
5 (7 + 5) = 60, but it does the trick.
Extended Example: A while Loop
Example 462 Consider the following program that computes (12)! and the correspond-
ing L(VM) program:
var n := 12; var a := 1; con 12 con 1
while 2 <= n do ( peek 0 con 2 leq cjp 18
a := a * n; peek 0 peek 1 mul poke 1
n := n - 1; con 1 peek 0 sub poke 0
) jp 21
return a; peek 1 halt
Note that variable declarations only push the values to the stack, (memory allocation)
they are referenced by peeking the respective stack position
they are assigned by pokeing the stack position (must remember that)
We see that again, only the result of the computation is left on the stack. In fact, the code snippet
consists of two variable declarations (which extend the stack) and one while statement, which
does not, and the return statement, which extends the stack again. In this case, we see that
even though the while statement does not extend the stack it does change the stack below by the
variable assignments (implemented as poke in L(VM)). We will use the example above as guiding
intuition for a compiler from a simple imperative language to L(VM) byte code below. But rst we
build a virtual machine for L(VM).
We will now build a virtual machine for L(VM) along the specication above.
187
A Virtual Machine for L(VM)
We need to build a concrete ASM program that acts as a virtual machine for L(VM).
Choose a concrete register machine size: e.g. 32-bit words (like in a PC)
Choose memory layout in the data store
the VM stack: D(8) to D(2
24
1), and (need the rst 8 cells for VM data)
the L(VM) program store: D(2
24
) to D(2
32
1)
We represent the virtual program counter VPC by the index register IN1 and the
stack pointer by the index register IN2 (with oset 8).
We will use D(0) as an argument store.
choose a numerical representation for the L(VM) instructions: (have lots of space)
halt 0, add 1, sub 2, . . .
Recall that the virtual machine VM is a ASM program, so it will reside in the REMA program store.
This is the program executed by the register machine. So both the VM stack and the L(VM) program
have to be stored in the REMA data store (therefore we treat L(VM) programs as sequences of words
and have to do counting acrobatics for instructions of diering length). We somewhat arbitrarily
x a boundary in the data store of REMA at cell number 2
24
1. We will also need a little piece
of scratch-pad memory, which we locate at cells 0-7 for convenience (then we can simply address
with absolute numbers as addresses).
Memory Layout for the Virtual Machine
Scratch Area
Program
Stack
Program Store
2nbit Cells
CPU
Operation Argument
Data Store
ACC (accumulator)
IN1 (VM prog. cnt.)
PC (program counter)
IN3 (frame pointer)
IN2 (stack pointer)
for VM
ASM Program
nbit Cells
188
Extending REMA and ASM
Give ourselves another register IN3 (and LOADIN 3, STOREIN 3, MOVE IN3,
MOVE IN3 )
We will use a syntactic variant of ASM for transparency
JUMP and JUMP
1
with labels of the form foo
(compute relative jump distances automatically)
inc R for MOVE R ACC, ADDI 1, MOVE ACC R (dec R similar)
note that inc R and dec R overwrite the current ACC (take care of it)
All additions can be eliminated by substitution.
With these extensions, it is quite simple to write the ASM code that implements the virtual machine
VM. The rst part is a simple jump table, a piece of code that does nothing else than distributing
the program ow according to the (numerical) instruction head. We assume that this program
segment is located at the beginning of the program store, so that the REMA program counter points
to the rst instruction. This initializes the VM program counter and its stack pointer to the rst
cells of their memory segments. We assume that the L(VM) program is already loaded in its proper
location, since we have not discussed input and output for REMA.
Starting VM: the Jump Table
label instruction eect comment
LOADI 2
24
ACC: = 2
24
load VM start address
MOVE ACC IN1 VPC: = ACC set VPC
LOADI 7 ACC: = 7 load top of stack address
MOVE ACC IN2 SP: = ACC set SP
jt) LOADIN 1 0 ACC: = D(IN1) load instruction
JUMP= halt) goto halt)
SUBI 1 next instruction code
JUMP= add) goto add)
SUBI 1 next instruction code
JUMP= sub) goto sub)
.
.
.
.
.
.
.
.
.
halt) STOP 0 stop
.
.
.
.
.
.
.
.
.
Now it only remains to present the ASM programs for the individual L(VM) instructions. We
will start with the arithmetical operations. The code for con is absolutely straightforward: we
increment the VM program counter to point to the argument, read it, and store it to the cell the
(suitably incremented) VM stack pointer points to. Once procedure has been executed we increment
the VM program counter again, so that it points to the next L(VM) instruction, and jump back to
the beginning of the jump table.
For the add instruction we have to use the scratch pad area, since we have to pop two values
from the stack (and we can only keep one in the accumulator). We just cache the rst value in
cell 0 of the program store.
189
Implementing Arithmetic Operators
con) inc IN1 VPC: = VPC + 1 point to arg
inc IN2 SP: = SP + 1 prepare push
LOADIN 1 0 ACC: = D(VPC) read arg
STOREIN 2 0 D(SP): = ACC store for push
inc IN1 VPC: = VPC + 1 point to next
JUMP jt) jump back
add) LOADIN 2 0 ACC: = D(SP) read arg 1
STORE 0 D(0): = ACC cache it
dec IN2 SP: = SP 1 pop
LOADIN 2 0 ACC: = D(SP) read arg 2
ADD 0 ACC: = ACC +D(0) add cached arg 1
STOREIN 2 0 D(SP): = ACC store it
inc IN1 VPC: = VPC + 1 point to next
JUMP jt) jump back
sub, mul, and leq similar to add.
For example, mul could be implemented as follows:
mul dec IN2 SP: = SP 1
LOADI 0
STORE 1 D(1): = 0 initialize result
LOADIN 2 1 ACC: = D(SP + 1) read arg 1
STORE 0 D(0): = ACC initialize counter to arg 1
loop JUMP
=
end if counter=0, we are nished
LOADIN 2 0 ACC: = D(SP) read arg 2
ADD 1 ACC: = ACC +D(1) current sum increased by arg 2
STORE 1 D(1): = ACC cache result
LOAD 0
SUBI 1
STORE 0 D(0): = D(0) 1 decrease counter by 1
JUMP loop repeat addition
end LOAD 1 load result
STOREIN 2 0 push it on stack
inc IN1
JUMP jt back to jump table
Note that mul is the only instruction whose corresponding piece of code is not of the unit
complexity. For the jump instructions, we do exactly what we would expect, we load the jump
distance, add it to the register IN1, which we use to represent the VM program counter VPC.
Incidentally, we can use the code for jp for the conditional jump cjp.
190
Control Instructions
jp) MOVE IN1 ACC ACC: = VPC
STORE 0 D(0): = ACC cache VPC
LOADIN 1 1 ACC: = D(VPC + 1) load i
ADD 0 ACC: = ACC +D(0) compute new VPC value
MOVE ACC IN1 IN1: = ACC update VPC
JUMP jt) jump back
cjp) dec IN2 SP: = SP 1 update for pop
LOADIN 2 1 ACC: = D(SP + 1) pop value to ACC
JUMP= jp) perform jump if ACC = 0
MOVE IN1 ACC otherwise, go on
ADDI 2
MOVE ACC IN1 VPC: = VPC + 2 point to next
JUMP jt) jump back
Imperative Stack Operations: peek
peek) MOVE IN1 ACC ACC: = IN1
MOVE ACC IN1 IN1: = ACC
inc IN2 prepare push
LOADIN 1 8 ACC: = D(IN1 +8) load S(i)
STOREIN 2 0 push S(i)
LOAD 0 ACC: = D(0) load old VPC
ADDI 2 compute new value
MOVE ACC IN1 update VPC
JUMP jt) jump back
Imperative Stack Operations: poke
poke) MOVE IN1 ACC ACC: = IN1
MOVE ACC IN1 IN1: = ACC
LOADIN 2 0 ACC: = S(i) pop to ACC
STOREIN 1 8 D(IN1 +8): = ACC store in S(i)
dec IN2 IN2: = IN2 1
LOAD 0 ACC: = D(0) get old VPC
ADD 2 ACC: = ACC +2 add 2
MOVE ACC IN1 update VPC
JUMP jt) jump back
13.2.2 A Simple Imperative Language
We will now build a compiler for a simple imperative language to warm up to the task of building
one for a functional one. We will write this compiler in SML, since we are most familiar with this.
The rst step is to dene the language we want to talk about.
191
A very simple Imperative Programming Language
Plan: Only consider the bare-bones core of a language.
(we are only interested in principles)
We will call this language SW (Simple While Language)
no types: all values have type int, use 0 for false all other numbers for true.
only worry about abstract syntax (we do not want to build a parser) We will realize
this as an SML data type.
The following slide presents the SML data types for SW programs.
Abstract Syntax of SW
Denition 463 type id = string (* identifier *)
datatype exp = (* expression *)
Con of int (* constant *)
| Var of id (* variable *)
| Add of exp* exp (* addition *)
| Sub of exp * exp (* subtraction *)
| Mul of exp * exp (* multiplication *)
| Leq of exp * exp (* less or equal test *)
datatype sta = (* statement *)
Assign of id * exp (* assignment *)
| If of exp * sta * sta (* conditional *)
| While of exp * sta (* while loop *)
| Seq of sta list (* sequentialization *)
type declaration = id * exp
type program = declaration list * sta * exp
A SW program (see the next slide for an example) rst declares a set of variables (type declaration),
executes a statement (type sta), and nally returns an expression (type exp). Expressions of SW
can read the values of variables, but cannot change them. The statements of SW can read and
change the values of variables, but do not return values (as usual in imperative languages). Note
that SW follows common practice in imperative languages and models the conditional as a state-
ment.
Concrete vs. Abstract Syntax of a SW Program
var n:= 12; var a:= 1;
while 2<=n do
a:= a*n;
n:= n-1
end
return a
([ ("n", Con 12), ("a", Con 1) ],
While(Leq(Con 2, Var"n"),
Seq [Assign("a", Mul(Var"a", Var"n")),
Assign("n", Sub(Var"n", Con 1))]
),
Var"a")
192
As expected, the program is represented as a triple: the rst component is a list of declarations, the
second is a statement, and the third is an expression (in this case, the value of a single variable).
We will use this example as the guiding intuition for building a compiler.
Before we can come to the implementation of the compiler, we will need an infrastructure for
environments.
Needed Infrastructure: Environments
Need a structure to keep track of the values of declared identiers.
(take shadowing into account)
Denition 464 An environment is a nite partial function from keys (identiers) to
values.
We will need the following operations on environments:
creation of an empty environment ( the empty function)
insertion of a key/value pair k, v into an environment : (, [v/k])
lookup of the value v for a key k in ((k))
Realization in SML by a structure with the following signature
type a env (* a is the value type *)
exception Unbound of id (* Unbound *)
val empty : a env
val insert : id * a * a env -> a env (* id is the key type *)
val lookup : id * a env -> a
We will also need an SML type for L(VM) programs. Fortunately, this is very simple.
An SML Data Type for L(VM) Programs
type index = int
type noi = int (* number of instructions *)
datatype instruction =
con of int
| add | sub | mul (* addition, subtraction, multiplication *)
| leq (* less or equal test *)
| jp of noi (* unconditional jump *)
| cjp of noi (* conditional jump *)
| peek of index (* push value from stack *)
| poke of index (* update value in stack *)
| halt (* halt machine *)
type code = instruction list
fun wlen (xs:code) = foldl (fn (x,y) => wln(x)+y) 0 xs
fun wln(con _)=2 | wln(add)=1 | wln(sub)=1 | wln(mul)=1 | wln(leq)=1
| wln(jp _)=2 | wln(cjp _)=2
| wln(peek _)=2 | wln(poke _)=2 | wln(halt)=1
The next slide has the main SML function for compiling SW programs. Its argument is a SW program
(type program) and its result is an expression of type code, i.e. a list of L(VM) instructions. From
193
there, we only need to apply a simple conversion (which we omit) to numbers to obtain L(VM)
byte code.
Compiling SW programs
SML function from SW programs (type program) to L(VM) programs (type code).
uses three auxiliary functions for compiling declarations (compileD), statements
(compileS), and expressions (compileE).
these use an environment to relate variable names with their stack index.
the initial environment is created by the declarations.
(therefore compileD has an environment as return value)
type env = index env
fun compile ((ds,s,e) : program) : code =
let
val (cds, env) = compileD(ds, empty, ~1)
in
cds @ compileS(s,env) @ compileE(e,env) @ [halt]
end
The next slide has the function for compiling SW expressions. It is realized as a case statement
over the structure of the expression.
Compiling SW Expressions
constants are pushed to the stack.
variables are looked up in the stack by the index determined by the environment (and
pushed to the stack).
arguments to arithmetic operations are pushed to the stack in reverse order.
fun compileE (e:exp, env:env) : code =
case e of
Con i => [con i]
| Var i => [peek (lookup(i,env))]
| Add(e1,e2) => compileE(e2, env) @ compileE(e1, env) @ [add]
| Sub(e1,e2) => compileE(e2, env) @ compileE(e1, env) @ [sub]
| Mul(e1,e2) => compileE(e2, env) @ compileE(e1, env) @ [mul]
| Leq(e1,e2) => compileE(e2, env) @ compileE(e1, env) @ [leq]
Compiling SW statements is only slightly more complicated: the constituent statements and ex-
pressions are compiled rst, and then the resulting code fragments are combined by L(VM) control
instructions (as the fragments already exist, the relative jump distances can just be looked up).
For a sequence of statements, we just map compileS over it using the respective environment.
194
Compiling SW Statements
fun compileS (s:sta, env:env) : code =
case s of
Assign(i,e) => compileE(e, env) @ [poke (lookup(i,env))]
| If(e,s1,s2) =>
let
val ce = compileE(e, env)
val cs1 = compileS(s1, env)
val cs2 = compileS(s2, env)
in
ce @ [cjp (wlen cs1 + 4)] @ cs1 @ [jp (wlen cs2 + 2)] @ cs2
end
| While(e, s) =>
let
val ce = compileE(e, env)
val cs = compileS(s, env)
in
ce @ [cjp (wlen cs + 4)] @ cs @ [jp (~(wlen cs + wlen ce + 2))]
end
| Seq ss => foldr (fn (s,c) => compileS(s,env) @ c) nil ss
As we anticipated above, the compileD function is more complex than the other two. It gives
L(VM) program fragment and an environment as a value and takes a stack index as an additional
argument. For every declaration, it extends the environment by the key/value pair k/v, where k
is the variable name and v is the next stack index (it is incremented for every declaration). Then
the expression of the declaration is compiled and prepended to the value of the recursive call.
Compiling SW Declarations
fun compileD (ds: declaration list, env:env, sa:index): code*env =
case ds of
nil => (nil,env)
| (i,e)::dr => let
val env = insert(i, sa+1, env)
val (cdr,env) = compileD(dr, env, sa+1)
in
(compileE(e,env) @ cdr, env)
end
This completes the compiler for SW (except for the byte code generator which is trivial and an
implementation of environments, which is available elsewhere). So, together with the virtual
machine for L(VM) we discussed above, we can run SW programs on the register machine REMA.
If we now use the REMA simulator from exercise
22
, then we can run SW programs on our com- EdNote:22
puters outright.
One thing that distinguishes SW from real programming languages is that it does not support
procedure declarations. This does not make the language less expressive in principle, but makes
structured programming much harder. The reason we did not introduce this is that our virtual
machine does not have a good infrastructure that supports this. Therefore we will extend L(VM)
with new operations next.
Note that the compiler we have seen above produces L(VM) programs that have what is often
called memory leaks. Variables that we declare in our SW program are not cleaned up before the
program halts. In the current implementation we will not x this (We would need an instruction
22
EdNote: include the exercises into the course materials and reference the right one here
195
for our VM that will pop a variable without storing it anywhere or that will simply decrease
virtual stack pointer by a given value.), but we will get a better understanding for this when we
talk about the static procedures next.
Compiling the Extended Example: A while Loop
Example 465 Consider the following program that computes (12)! and the correspond-
ing L(VM) program:
var n := 12; var a := 1; con 12 con 1
while 2 <= n do ( peek 0 con 2 leq cjp 18
a := a * n; peek 0 peek 1 mul poke 1
n := n - 1; con 1 peek 0 sub poke 0
) jp 21
return a; peek 1 halt
Note that variable declarations only push the values to the stack, (memory allocation)
they are referenced by peeking the respective stack position
they are assigned by pokeing the stack position (must remember that)
Denition 466 In general, we need an environment and an instruction sequence to represent a
procedure, but in many cases, we can get by with an instruction sequence alone. We speak of
static procedures in this case.
Example 467 Some programming languages like C or Pascal are designed so that all procedures
can be represented as static procedures. SML and Java do not restrict themselves in this way.
We will now extend the virtual machine by four instructions that allow to represent static proce-
dures with arbitrary numbers of arguments. We will explain the meaning of these extensions via
an example: the procedure on the next slide, which computes 10
2
.
Adding (Static) Procedures
We have a full compiler for a very simple imperative programming language
Problem: No support for subroutines/procedures.
(no support for structured programming)
Extensions to the Virtual Machine
type index = int
type noi = int (* number of instructions *)
type noa = int (* number of arguments *)
type ca = int (* code address *)
datatype instruction =

| proc of noa*noi (* begin of procedure code *)
| arg of index (* push value from frame *)
| call of ca (* call procedure *)
| return (* return from procedure call *)
196
New Commands for L(VM)
Denition 468 proc a l contains information about the number a of arguments and
the length l of the procedure in the number of words needed to store it, together with
the length of proc a l itself (3).
Denition 469 arg i pushes the i
th
argument from the current frame to the stack.
Denition 470 call p pushes the current program address (opens a new frame), and
jumps to the program address p.
Denition 471 return takes the current frame from the stack, jumps to previous
program address.
Translation of a Static Procedure
Example 472
[proc 2 26, (* fun exp(x,n) = *)
con 0, arg 2, leq, cjp 5, (*
if n<=0 3 *)
con 1, return, (* then 1 *)
con 1, arg 2, sub, arg 1, (*
else x*exp(x,n-1) *)
call 0, arg 1, mul,
return, (* in *)
con 2, con 10, call 0, (*
exp(10,2) *)
halt] (* end *)
197
Static Procedures (Simulation)
Example 473
proc 2 26,
[con 0, arg 2, leq, cjp 5,
con 1, return,
con 1, arg 2, sub, arg 1,
call 0, arg 1, mul,
return,
con 2, con 10, call 0,
halt]
empty stack
proc jumps over the body of the procedure declaration
(with the help of its second argument.)
[proc 2 26,
con 0, arg 2, leq, cjp 5,
con 1, jp 13,
call 0, arg 1, mul,
return,
halt]
2
10
We push the arguments onto the stack
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
-2
10
-1
32
0
call pushes the return address (of the call statement in the L(VM) program)
then it jumps to the rst body instruction.
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
-2
10
-1
32
0
0
2
arg i pushes the i
th
argument onto the stack
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
-2
10
-1
32
0
0
Comparison turns out false, so we push 0.
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
-2
10
-1
32
0
cjp pops the truth value and jumps (on false).
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
-2
10
-1
32
0
1
2
we rst push 1
then we push the second argument (from the call frame position 2)
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
-2
10
-1
32
0
1
we subtract
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
-2
10
-1
32
0
1
10
then we push the second argument (from the call frame position 1)
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
-2
10
-1
22
0
call jumps to the rst body instruction,
and pushes the return address (22 this time) onto the stack.
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
-2
10
-1
22
0
0
1
we augment the stack
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
-2
10
-1
22
0
we compare the qtop two, and jump ahead (on false)
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
-2
10
-1
22
0
1
1
we augment the stack again
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
-2
10
-1
22
0
0
10
subtract and push the rst argument
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
10
22
0
-2
10
-1
22
0
call pushes the return address and moves the current frame up
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
10
22
0
-2
10
-1
22
0
0
0
we augment the stack again,
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
10
22
0
-2
10
-1
22
0
leq compares the top two numbers, cjp pops the result and does not jump.
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
10
22
0
-2
10
-1
22
0
1
we push the result value 1
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
-2
10
-1
22
0
1
return interprets the top of the stack as the result,
it jumps to the return address memorized right below the top of the stack,
deletes the current frame
and puts the result back on top of the remaining stack.
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
-2
10
-1
22
0
1
10
arg pushes the rst argument from the (new) current frame
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
10
32
1
-2
10
-1
22
0
10
mul multiplies, pops the arguments and pushes the result.
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
-2
10
-1
32
0
10
it jumps to the return address,
and puts the result back on top of the remaining stack.
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
2
-2
10
-1
32
0
100
we push argument 1 (in this case 10), multiply the top two numbers, and push the
result to the stack
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
100
it jumps to the return address (32 this time),
and puts the result back on top of the remaining stack (which is empty here).
[proc 2 26,
con 1, return,
call 0, arg 1, mul,
return,
halt]
100
we are nally done; the result is on the top of the stack. Note that the stack below
has not changed.
198
What have we seen?
The four new VM commands allow us to model static procedures.
proc a l contains information about the number a of arguments and the length l of the
procedure
arg i pushes the i
th
(Note that arguments are stored in reverse order on the stack)
call p pushes the current program address (opens a new frame), and jumps to the pro-
gram address p
return takes the current frame from the stack, jumps to previous program address.
(which is cached in the frame)
call and return jointly have the eect of replacing the arguments by the result of the
procedure.
We will now extend our implementation of the virtual machine by the new instructions.
Realizing Call Frames on the Stack
Problem: How do we know what the current frame is? (after all, return has to pop it)
Idea: Maintain another register: the frame pointer (FP), and cache information about
the previous frame and the number of arguments in the frame.
last argument -n
rst argument
-1
argument number
previous frame
return address
0
frame pointer
Add two internal cells to the frame, that are hidden to the outside. The upper one is
called the anchor cell.
In the anchor cell we store the stack address of the anchor cell of the previous frame.
The frame pointer points to the anchor cell of the uppermost frame.
199
Realizing proc
proc a l jumps over the procedure with the help of the length l of the procedure.
proc) MOVE IN1 ACC ACC: = VPC
LOADIN 1 2 ACC: = D(VPC + 2) load length
ADD 0 ACC: = ACC +D(0) compute new VPC value
MOVE ACC IN1 IN1: = ACC update VPC
JUMP jt) jump back
Realizing arg
arg i pushes the i
th
use the register IN3 for the frame pointer. (extend for rst frame)
arg LOADIN 1 1 ACC: = D(VPC + 1) load i
STORE 0 D(0): = ACC cache i
MOVE IN3 ACC
STORE 1 D(1): = FP cache FP
SUBI 1
SUB 0 ACC: = FP 1 i load argument position
MOVE ACC IN3 FP: = ACC move it to FP
LOADIN 3 0 ACC: = D(FP) load arg i
STOREIN 2 0 D(SP): = ACC push arg i
LOAD 1 ACC: = D(1) load FP
MOVE ACC IN3 FP: = ACC recover FP
MOVE IN1 ACC
ADDI 2
MOVE ACC IN1 VPC: = VPC + 2 next instruction
JUMP jt jump back
Realizing call
call p pushes the current program address, and jumps to the program address p
(pushes the internal cells rst!)
call MOVE IN1 ACC
STORE 0 D(0): = IN1 cache current VPC
inc IN2 SP: = SP + 1 prepare push for later
LOADIN 1 1 ACC: = D(VPC + 1) load argument
ADDI 2
24
+ 3 ACC: = ACC +2
24
+ 3 add displacement and skip proc a l
MOVE ACC IN1 VPC: = ACC point to the rst instruction
LOADIN 1 2 ACC: = D(VPC 2) stealing a from proc a l
STOREIN 2 0 D(SP): = ACC push the number of arguments
MOVE IN3 ACC ACC: = IN3 load FP
STOREIN 2 0 D(SP): = ACC create anchor cell
MOVE IN2 IN3 FP: = SP update FP
LOAD 0 ACC: = D(0) load VPC
ADDI 2 ACC: = ACC +2 point to next instruction
STOREIN 2 0 D(SP): = ACC push the return address
JUMP jt jump back
200
Note that with these instructions we have maintained the linear quality. Thus the virtual machine
is still linear in the speed of the underlying register machine REMA.
Realizing return
return takes the current frame from the stack, jumps to previous program address.
(which is cached in the frame)
return) LOADIN 2 0 ACC: = D(SP) load top value
STORE 0 D(0): = ACC cache it
LOADIN 2 1 ACC: = D(SP 1) load return address
MOVE ACC IN1 IN1: = ACC set VPC to it
LOADIN 3 1 ACC: = D(FP 1) load the number n of arguments
STORE 1 D(1): = D(FP 1) cache it
MOVE IN3 ACC ACC: = FP ACC = FP
SUBI 1 ACC: = ACC 1 ACC = FP 1
SUB 1 ACC: = ACC D(1) ACC = FP 1 n
MOVE ACC IN2 IN2: = ACC SP = ACC
LOADIN 3 0 ACC: = D(FP) load anchor value
MOVE ACC IN3 IN3: = ACC point to previous frame
LOAD 0 ACC: = D(0) load cached return value
STOREIN 2 0 D(IN2): = ACC pop return value
JUMP jt) jump back
Note that all the realizations of the L(VM) instructions are linear code segments in the assembler
code, so they can be executed in linear time. Thus the virtual machine language is only a constant
factor slower than the clock speed of REMA. This is a characteristic of most virtual machines.
13.2.3 Compiling Basic Functional Programs
We now have the prerequisites to model procedures calls in a programming language. Instead of
adding them to a imperative programming language, we will study them in the context of a func-
tional programming language. For this we choose a minimal core of the functional programming
language SML, which we will call ML. For this language, static procedures as we have seen them
above are enough.
ML, a very simple Functional Programming Language
Plan: Only consider the bare-bones core of a language (we only interested in principles)
We will call this language ML (micro ML)
no types: all values have type int, use 0 for false all other numbers for true.
only worry about abstract syntax (we do not want to build a parser) We will realize
this as an SML data type.
201
Abstract Syntax of ML
type id = string (* identifier
*)
datatype exp = (* expression
*)
Con of int (* constant
*)
| Id of id (* argument
*)
| Add of exp * exp (* addition
*)
| Sub of exp * exp (* subtraction
*)
| Mul of exp * exp (* multiplication
*)
| Leq of exp * exp (* less or equal test *)
| App of id * exp list (* application
*)
| If of exp * exp * exp (* conditional
*)
type declaration = id * id list * exp
type program = declaration list * exp
Concrete vs. Abstract Syntax of ML
A ML program rst declares procedures, then evaluates expression for the return value.
let
fun exp(x,n) =
if n<=0
then 1
else x*exp(x,n-1)
in
exp(2,10)
end
([
("exp", ["x", "n"],
If(Leq(Id"n", Con 0),
Con 1,
Mul(Id"x", App("exp", [Id"x", Sub(Id"n", Con 1)]))))
],
App("exp", [Con 2, Con 10])
)
The next step is to build a compiler for ML into programs in the extended L(VM). Just as above,
we will write this compiler in SML.
202
Compiling ML Expressions
exception Error of string
datatype idType = Arg of index | Proc of ca
type env = idType env
fun compileE (e:exp, env:env, tail:code) : code =
case e of
Con i => [con i] @ tail
| Id i => [arg((lookupA(i,env)))] @ tail
| Add(e1,e2) => compileEs([e1,e2], env) @ [add] @ tail
| Sub(e1,e2) => compileEs([e1,e2], env) @ [sub] @ tail
| Mul(e1,e2) => compileEs([e1,e2], env) @ [mul] @ tail
| Leq(e1,e2) => compileEs([e1,e2], env) @ [leq] @ tail
| If(e1,e2,e3) => let
val c1 = compileE(e1,env,nil)
val c2 = compileE(e2,env,tail)
val c3 = compileE(e3,env,tail)
in if null tail
then c1 @ [cjp (4+wlen c2)] @ c2
@ [jp (2+wlen c3)] @ c3
else c1 @ [cjp (2+wlen c2)] @ c2 @ c3
end
| App(i, es) => compileEs(es,env) @ [call (lookupP(i,env))] @ tail
Compiling ML Expressions (Continued)
and (* mutual recursion with compileE *)
fun compileEs (es : exp list, env:env) : code =
foldl (fn (e,c) => compileE(e, env, nil) @ c) nil es
fun lookupA (i,env) =
case lookup(i,env) of
Arg i => i
| _ => raise Error("Argumentexpected:" \^ i)
fun lookupP (i,env) =
case lookup(i,env) of
Proc ca => ca
| _ => raise Error("Procedureexpected:" \^ i)
203
Compiling ML Expressions (Continued)
fun insertArgs (i, (env, ai)) = (insert(i,Arg ai,env), ai+1)
fun insertArgs (is, env) = (foldl insertArgs (env,1) is)
fun compileD (ds: declaration list, env:env, ca:ca) : code*env =
case ds of
nil => (nil,env)
| (i,is,e)::dr =>
let
val env = insert(i, Proc(ca+1), env)
val env = insertArgs(is, env)
val ce = compileE(e, env, [return])
val cd = [proc (length is, 3+wlen ce)] @ ce
(* 3+wlen ce = wlen cd *)
val (cdr,env) = compileD(dr, env, ca + wlen cd)
in
(cd @ cdr, env)
end
Compiling ML
fun compile ((ds,e) : program) : code =
let
val (cds,env) = compileD(ds, empty, ~1)
in
cds @ compileE(e,env,nil) @ [halt]
end
handle
Unbound i => raise Error("Unboundidentifier:" \^ i)
Where To Go Now?
We have completed a ML compiler, which generates L(VM) code from ML programs.
ML is minimal, but Turing-Complete (has conditionals and procedures)
13.3 A theoretical View on Computation
Now that we have seen a couple of models of computation, computing machines, programs, . . . ,
we should pause a moment and see what we have achieved.
204
What have we achieved
what have we done? We have sketched
a concrete machine model (combinatory circuits)
a concrete algorithm model (assembler programs)
Evaluation: (is this good?)
how does it compare with SML on a laptop?
Can we compute all (string/numerical) functions in this model?
Can we always prove that our programs do the right thing?
Towards Theoretical Computer Science (as a tool to answer these)
look at a much simpler (but less concrete) machine model (Turing Machine)
show that TM can [encode/be encoded in] SML, assembler, Java,. . .
Conjecture 474 [Church/Turing] (unprovable, but accepted)
All non-trivial machine models and programming languages are equivalent
The idea we are going to pursue here is a very fundamental one for Computer Science: The Turing
Machine. The main idea here is that we want to explore what the simplest (whatever that
may mean) computing machine could be. The answer is quite surprising, we do not need wires,
electricity, silicon, etc; we only need a very simple machine that can write and read to a tape
following a simple set of rules.
Of course such machines can be built (and have been), but this is not the important aspect here.
Turing machines are mainly used for thought experiments, where we simulate them in our heads.
Note that the physical realization of the machine as a box with a (paper) tape is immaterial, it
is inspired by the technology at the time of its inception (in the late 1940ties; the age of ticker-tape
commuincation).
205
Turing Machines
Idea: Simulate a machine by a person executing a well-dened procedure!
Setup: Person changes the contents of an innite amount of ordered paper sheets that
can contain one of a nite set of symbols.
Memory: The person needs to remember one of a nite set of states
Procedure: If your state is 42 and the symbol you see is a 0 then replace this with a
1, remember the state 17, and go to the following sheet.
More Precisely: Turing machine

Denition 475 A Turing Machine consists of
An innite tape which is divided into cells, one next to the other
(each cell contains a symbol from a nite alphabet L with #(L) 2 and 0 L)
A head that can read/write symbols on the tape and move left/right.
A state register that stores the state of the Turing machine.
(nite set of states, register initialized with a special start state)
An action table (or transition function) that tells the machine what sym-
bol to write, how to move the head and what its new state will be, given
the symbol it has just read on the tape and the state it is currently in.
(If no entry applicable the machine will halt)
Note: every part of the machine is nite, but it is the potentially unlimited amount of
tape that gives it an unbounded amount of storage space.
206
Turing Machine
Example 476 with Alphabet 0, 1
Given: a series of 1s on the tape (with head initially on the leftmost)
Computation: doubles the 1s with a 0 in between, i.e., 111 becomes 1110111.
The set of states is s
1
, s
2
, s
3
, s
4
, s
5
(s
1
start state)
actions:
Old Read Wr. Mv. New Old Read Wr. Mv. New
s
1
1 0 R s
2
s
4
1 1 L s
4
s
2
1 1 R s
2
s
4
0 0 L s
5
s
2
0 0 R s
3
s
5
1 1 L s
5
s
3
1 1 R s
3
s
5
0 1 R s
1
s
3
0 1 L s
4
state machine:
5
1 2 3
4
1 0 0
0
0
0,R 0,R
1,L 0,L
1,R
1,R
1,R
1,L 1,L
1
1 1 1
Example Computation
T starts out in s1, replaces
the rst 1 with a 0, then
uses s2 to move to the right,
skipping over 1s and the rst
0 encountered.
s3 then skips over the next
sequence of 1s (initially there
are none) and replaces the
rst 0 it nds with a 1.
s4 moves back left, skipping
over 1s until it nds a 0 and
switches to s5.
Step State Tape Step State Tape
1 s
1
1 1 9 s
2
10 0 1
2 s
2
0 1 10 s
3
100 1
3 s
2
01 0 11 s
3
1001 0
4 s
3
010 0 12 s
4
100 1 1
5 s
4
01 0 1 13 s
4
10 0 11
6 s
5
0 1 01 14 s
5
1 0 011
7 s
5
0 101 15 s
1
11 0 11
8 s
1
1 1 01 halt
s5 then moves to the left, skipping over 1s until it nds the 0 that was originally written by s1.
It replaces that 0 with a 1, moves one position to the right and enters s1 again for another round
of the loop.
This continues until s1 nds a 0 (this is the 0 right in the middle between the two strings of 1s)
at which time the machine halts
207
What can Turing Machines compute?
Empirically: anything any other program can also compute
Memory is not a problem (tape is innite)
Eciency is not a problem (purely theoretical question)
Data representation is not a problem (we can use binary, or whatever symbols we like)
All attempts to characterize computation have turned out to be equivalent
primitive recursive functions ([Godel, Kleene])
lambda calculus ([Church])
Post production systems ([Post])
Turing machines ([Turing])
Random-access machine
Conjecture 477 ([Church/Turing]) (unprovable, but accepted)
Anything that can be computed at all, can be computed by a Turing Machine
Is there anything that cannot be computed by a TM
Theorem 478 No Turing machine can infallibly tell if another Turing machine will get
stuck in an innite loop on some given input.
Coded description
of some TM
Input for TM
Loopdetector
Turing Machine
"yes, it will halt"
"no, it will not halt"
Proof:
P.1 lets do the argument with SML instead of a TM
assume that there is a loop detector program written in SML
"yes, it will halt"
"no, it will not halt"
SML Program
Loopdetector
SML Program
Input for Program
208
Testing the Loop Detector Program Proof:
P.1 The general shape of the Loop detector program
fun will_halt(program,data) =
... lots of complicated code ...
if ( ... more code ...) then true else false;
will_halt : (int -> int) -> int -> bool
test programs behave exactly as we anticipated
fun halter (n) = 1;
halter : int -> int
fun looper (n) = looper(n+1);
looper : int -> int
will_halt(halter,1);
val true : bool
will_halt(looper,1);
val false : bool
P.2 Consider the following Program
function turing (prog) = if will_halt(prog,prog) then looper(1) else 1;
P.3 Yeah, so what? what happens, if we feed the turing function to itself?
What happens indeed? Proof:
P.1 function turing (prog) = if will\_halt(prog,prog) then looper(1) else 1;
the turing function uses will_halt to analyze the function given to it.
If the function halts when fed itself as data, the turing function goes into an innite
loop.
If the function goes into an innite loop when fed itself as data, the turing function
immediately halts.
P.2 But if the function happens to be the turing function itself, then
the turing function goes into an innite loop if the turing function halts
(when fed itself as input)
the turing function halts if the turing function goes into an innite loop
(when fed itself as input)
P.3 This is a blatant logical contradiction! Thus there cannot be a will_halt function
209
Universal Turing machines
Note: A Turing machine computes a xed partial string function.
In that sense it behaves like a computer with a xed program.
Idea: we can encode the action table of any Turing machine in a string.
try to construct a Turing machine that expects on its tape
a string describing an action table followed by
a string describing the input tape, and then
computes the tape that the encoded Turing machine would have computed.
Theorem 479 such a Turing machine is indeed possible(e.g. with 2 states, 18 symbols)
Denition 480 call it a universal Turing machine. (it can simulate any TM)
UTM accepts a coded description of a Turing machine and simulates the behavior of
the machine on the input data.
The coded description acts as a program that the UTM executes, the UTMs own
internal program is xed.
The existence of the UTM is what makes computers fundamentally dierent from other
machines such as telephones, CD players, VCRs, refrigerators, toaster-ovens, or cars.
14 Problem Solving and Search
14.1 Problem Solving
In this section, we will look at a class of algorithms called search algorithms. These are algorithms
that help in quite general situations, where there is a precisely described problem, that needs to
be solved.
Before we come to the algorithms, we need to get a grip on the problems themselves, and the
problem solving process.
The rst step is to classify the problem solving process by the amount of knowledge we have
available. It makes a dierence, whether we know all the factors involved in the problem before
we actually are in the situation. In this case, we can solve the problem in the abstract, i.e. make
a plan before we actually enter the situation (i.e. oine), and then when the problem arises, only
execute the plan. If we do not have complete knowledge, then we can only make partial plans, and
210
have to be in the situation to obtain new knowledge (e.g. by observing the eects of our actions or
the actions of others). As this is much more dicult we will restrict ourselves to oine problem
solving.
Problem solving
Problem: Find algorithms that help solving problems in general
Idea: If we can describe/represent problems in a standardized way, we may have a chance
to nd general algorithms.
We will use the following two concepts to describe problems
States A set of possible situations in in our problem domain
Actions A set of possible actions that get us from one state to another.
Using these, we can view a sequence of actions as a solution, if it brings us into a situation,
where the problem is solved.
Denition 481 Oine problem solving: Acting only with complete knowledge of prob-
lem and solution
Denition 482 Online problem solving: Acting without complete knowledge
Here: we are concerned with oine problem solving only.
We will use the following problem as a running example. It is simple enough to t on one slide
and complex enough to show the relevant features of the problem solving algorithms we want to
talk about.
Example: Traveling in Romania
Scenario: On holiday in Romania; currently in Arad, Flight leaves tomorrow from
Bucharest.
Formulate problem: States: various cities Actions: drive between cities
Solution: Appropriate sequence of cities, e.g.: Arad, Sibiu, Fagaras, Bucharest
211
Problem Formulation
The problem formulation models the situation at an appropriate level of abstraction.
(do not model things like put on my left sock, etc.)
it describes the initial state (we are in Arad)
it also limits the objectives. (excludes, e.g. to stay another couple of weeks.)
Finding the right level of abstraction and the required (not more!) information is often
the key to success.
Denition 483 A problem (formulation) T := o, O, J, ( consists of a set o of states
and a set O of operators that specify how states can be accessed from each other. Certain
states in o are designated as goal states (( o) and there is a unique initial state J.
Denition 484 A solution for a problem T consists of a sequence of actions that bring
us from J to a goal state.
Problem types
Single-state problem
observable (at least the initial state)
deterministic (i.e. the successor of each state is determined)
static (states do not change other than by our own actions)
discrete (a countable number of states)
Multiple-state problem:
initial state not/partially observable (multiple initial states?)
deterministic, static, discrete
Contingency problem:
non-deterministic (solution can branch, depending on contingencies)
unknown state space (like a baby, agent has to learn about states and actions)
We will explain these problem types with another example. The problem T is very simple: We
have a vacuum cleaner and two rooms. The vacuum cleaner is in one room at a time. The oor
can be dirty or clean.
The possible states are determined by the position of the vacuum cleaner and the information,
whether each room is dirty or not. Obviously, there are eight states: o = 1, 2, 3, 4, 5, 6, 7, 8 for
simplicity.
The goal is to have both rooms clean, the vacuum cleaner can be anywhere. So the set ( of
goal states is 7, 8. In the single-state version of the problem, [right, suck] shortest solution, but
[suck, right, suck] is also one. In the multiple-state version we have [right(2, 4, 6, 8), suck(4, 8), left(3, 7), suck(7)].
212
Example: vacuum-cleaner world
Single-state Problem:
Start in 5
Solution: [right, suck]
Multiple-state Problem:
Start in 1, 2, 3, 4, 5, 6, 7, 8
Solution: [right, suck, left, suck] right 2, 4, 6, 8
suck 4, 8
left 3, 7
suck 7
Example: vacuum-cleaner world (continued)
Contingency Problem:
Murphys Law: suck can dirty a clean carpet
Local sensing: dirty / notdirty at location only
Start in: 1, 3
Solution: [suck, right, suck] suck 5, 7
right 6, 8
suck 6, 8
better: [suck, right, if dirt then suck] (decide whether in 6 or 8 using local sensing)
213
In the contingency version of T a solution is the following: [suck(5, 7), right (6, 8), suck (6, 8)],
[suck(5, 7)], etc. Of course, local sensing can help: narrow 6, 8 to 6 or 8, if we are in the
rst, then suck.
Single-state problem formulation
Dened by the following four items
1. Initial state: (e.g. Arad)
2. Successor function S: (e.g. S(Arad) = goZer, Zerind, goSib, Sibiu, . . .)
3. Goal test: (e.g. x = Bucharest (explicit test)
noDirt(x) (implicit test)
)
4. Path cost (optional): (e.g. sum of distances, number of operators executed, etc.)
Solution: A sequence of operators leading from the initial state to a goal state
Path cost: There may be more than one solution and we might want to have the best one in
a certain sense.
Selecting a state space
Abstraction: Real world is absurdly complex
State space must be abstracted for problem solving
(Abstract) state: Set of real states
(Abstract) operator: Complex combination of real actions
Example: Arad Zerind represents complex set of possible routes
(Abstract) solution: Set of real paths that are solutions in the real world
State: e.g., we dont care about tourist attractions found in the cities along the way. But this is
problem dependent. In a dierent problem it may well be appropriate to include such information
in the notion of state.
Realizability: one could also say that the abstraction must be sound wrt. reality.
214
Example: The 8-puzzle
States integer locations of tiles
Actions left, right, up, down
Goal test = goal state?
Path cost 1 per move
How many states are there? N factorial, so it is not obvious that the problem is in NP. One
needs to show, for example, that polynomial length solutions do always exist. Can be done by
combinatorial arguments on state space graph (really ?).
Example: Vacuum-cleaner
States integer dirt and robot locations
Actions left, right, suck, noOp
Goal test notdirty?
Path cost 1 per operation (0 for noOp)
215
Example: Robotic assembly
States real-valued coordinates of
robot joint angles and parts of the object to be assembled
Actions continuous motions of robot joints
Goal test assembly complete?
Path cost time to execute
14.2 Search
Tree search algorithms
Simulated exploration of state space in a search tree by generating successors of already-
explored states (Oine Algorithm)
procedure Tree-Search (problem, strategy) : <a solution or failure>
<initialize the search tree using the initial state of problem>
loop
if <there are no candidates for expansion> <return failure> end if
<choose a leaf node for expansion according to strategy>
if <the node contains a goal state> return <the corresponding solution>
else <expand the node and add the resulting nodes to the search tree>
end if
end loop
end procedure
Tree Search: Example
Arad
Sibiu Timisoara Zerind
Arad Fagaras Oradea R. Vilcea Arad Lugoj Oradea Arad
216
Arad
Arad
Arad
Implementation: States vs. nodes
A (representation of) a physical conguration
A data structure constituting part of a search tree
(includes parent, children, depth, path cost, etc.)
217
Implementation of search algorithms
procedure Tree_Search (problem,strategy)
fringe := insert(make_node(initial_state(problem)))
loop
if fringe <is empty> fail end if
node := first(fringe,stratety)
if NodeTest(State(node)) return State(node)
else fringe := insert_all(expand(node,problem),strategy)
end if
end loop
end procedure
Denition 485 The fringe is a list nodes not yet considered. It is ordered by the search
strategy (see below)
State gives the state that is represented by node
Expand = creates new nodes by applying possible actions to node
A node is a data structure representing states, will be explained in a moment.
Make-Queue creates a queue with the given elements.
fringe holds the queue of nodes not yet considered.
Remove-First returns rst element of queue and as a side eect removes it from fringe.
State gives the state that is represented by node.
Expand applies all operators of the problem to the current node and yields a set of new nodes.
Insert inserts an element into the current fringe queue. This can change the behavior of the
search.
Insert-All Perform Insert on set of elements.
Search strategies
Strategy: Denes the order of node expansion
Important properties of strategies:
completeness does it always nd a solution if one exists?
time complexity number of nodes generated/expanded
space complexity maximum number of nodes in memory
optimality does it always nd a least-cost solution?
Time and space complexity measured in terms of:
b maximum branching factor of the search tree
d depth of a solution with minimal distance to root
m maximum depth of the state space (may be )
Complexity means here always worst-case complexity.
Note that there can be innite branches, see the search tree for Romania.
14.3 Uninformed Search Strategies
218
Uninformed search strategies
Denition 486 (Uninformed search) Use only the information available in the
problem denition
Frequently used strategies:
Breadth-rst search
Uniform-cost search
Depth-rst search
Depth-limited search
Iterative deepening search
The opposite of uninformed search is informed or heuristic search. In the example, one could add,
for instance, to prefer cities that lie in the general direction of the goal (here SE).
Uninformed search is important, because many problems do not allow to extract good heuris-
tics.
Breadth-rst search
Idea: Expand shallowest unexpanded node
Implementation: fringe is a FIFO queue, i.e. successors go in at the end of the queue
A
B C
D E F G
H I J K L M N O
219
Breadth-First Search
A
B C
D E F G
H I J K L M N O
A
B C
D E F G
H I J K L M N O
A
B C
D E F G
H I J K L M N O
220
A
B C
D E F G
H I J K L M N O
A
B C
D E F G
H I J K L M N O
We will now apply the breadth-rst search strategy to our running example: Traveling in Romania.
Note that we leave out the green dashed nodes that allow us a preview over what the search tree
will look like (if expanded). This gives a much
Breadth-First Search: Romania
Arad
221
Arad
Arad
Arad Fagaras Oradea R. Vilcea
Breadth-First Search:Romania
Arad
Arad Fagaras Oradea R. Vilcea Arad Lugoj
Breadth-First Search:Romania
Arad
222
Breadth-rst search: Properties
Complete Yes (if b is nite)
Time 1 +b + (b
2
) + (b
3
) +. . . + (b
d
) +b((b
d
) 1) O(b
d+1
)
i.e. exponential in d
Space O(b
d+1
) (keeps every node in memory)
Optimal Yes (if cost = 1 per step), not optimal in general
Disadvantage: Space is the big problem(can easily generate nodes at 5MB/sec so 24hrs = 430GB)
Optimal?: if cost varies for dierent steps, there might be better solutions below the
level of the rst solution.
An alternative is to generate all solutions and then pick an optimal one. This works only,
if m is nite.
The next idea is to let cost drive the search. For this, we will need a non-trivial cost function: we
will take the distance between cities, since this is very natural. Alternatives would be the driving
time, train ticket cost, or the number of tourist attractions along the way.
Of course we need to update our problem formulation with the necessary information.
Romania with Step Costs as Distances
Uniform-cost search
Idea: Expand least-cost unexpanded node
Implementation: fringe is queue ordered by increasing path cost.
Note: Equivalent to breadth-rst search if all step costs are equal (DFS: see below)
Arad
223
Uniform Cost Search: Romania
Arad
Sibiu
140
Timisoara
118
Zerind
75
Arad
Sibiu
140
Timisoara
118
Zerind
75
Oradea
71
Arad
75
Arad
Sibiu
140
Timisoara
118
Zerind
75
Arad
118
Lugoj
111
Oradea
71
Arad
75
224
Arad
Sibiu
140
Timisoara
118
Zerind
75
Arad
140
Fagaras
99
Oradea
151
R. Vilcea
80
Arad
118
Lugoj
111
Oradea
71
Arad
75
Note that we must sum the distances to each leaf. That is, we go back to the rst level after step
3.
Uniform-cost search: Properties
Complete Yes (if step costs > 0)
Time number of nodes with past-cost less than that of optimal solution
Space number of nodes with past-cost less than that of optimal solution
Optimal Yes
If step cost is negative, the same situation as in breadth-rst search can occur: later solutions may
be cheaper than the current one.
If step cost is 0, one can run into innite branches. UC search then degenerates into depth-rst
search, the next kind of search algorithm. Even if we have innite branches, where the sum of
step costs converges, we can get into trouble
23
EdNote:23
Worst case is often worse than BF search, because large trees with small steps tend to be
searched rst. If step costs are uniform, it degenerates to BF search.
Depth-rst search
Idea: Expand deepest unexpanded node
Implementation: fringe is a LIFO queue (a stack), i.e. successors go in at front of queue
Note: Depth-rst search can perform innite cyclic excursions
Need a nite, non-cyclic search space (or repeated-state checking)
23
EdNote: say how
225
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
226
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
227
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
228
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search
A
B C
D E F G
H I J K L M N O
Depth-First Search: Romania
Arad
Arad
Arad
229
Arad
Depth-rst search: Properties
Complete Yes: if state space nite
No: if state contains innite paths or loops
Time O(b
m
)
(we need to explore until max depth m in any case!)
Space O(b m) (i.e. linear space)
(need at most store m levels and at each level at most b nodes)
Optimal No (there can be many better solutions in the
unexplored part of the search tree)
Disadvantage: Time terrible if m much larger than d.
Advantage: Time may be much less than breadth-rst search if solutions are dense.
Iterative deepening search
Depth-limited search: Depth-rst search with depth limit
Iterative deepening search: Depth-limit search with ever increasing limits
procedure Tree_Search (problem)
<initialize the search tree using the initial state of problem>
for depth = 0 to
result := Depth_Limited_search(problem,depth)
if depth ,= cutoff return result end if
end for
end procedure
Iterative Deepening Search at Limit Depth 0
A A
230
A
B C
A
B C
A
B C
A
B C
A
B C
D E F G
A
B C
D E F G
A
B C
D E F G
A
B C
D E F G
A
B C
D E F G
A
B C
D E F G
A
B C
D E F G
A
B C
D E F G
231
Iterative deepening search: Properties
Complete Yes
Time (d + 1)(b
0
) +d(b
1
) + (d 1)(b
2
) +. . . + (b
d
) O(b
d+1
)
Space O(bd)
Optimal Yes (if step cost = 1)
(Depth-First) Iterative-Deepening Search often used in practice for search spaces of large,
innite, or unknown depth.
Comparison:
Criterion
Breadth-
rst
Uniform-
cost
Depth-
rst
Iterative
deepening
Complete? Yes
Yes
No Yes
Time b
d+1
b
d
b
m
b
d
Space b
d+1
b
d
bm bd
Optimal? Yes
Yes No Yes
Note: To nd a solution (at depth d) we have to search the whole tree up to d. Of course since we
do not save the search state, we have to re-compute the upper part of the tree for the next level.
This seems like a great waste of resources at rst, however, iterative deepening search tries to be
complete without the space penalties.
However, the space complexity is as good as depth-rst search, since we are using depth-rst
search along the way. Like in breadth-rst search, the whole tree on level d (of optimal solution)
is explored, so optimality is inherited from there. Like breadth-rst search, one can modify this
to incorporate uniform cost search.
As a consequence, variants of iterative deepening search are the method of choice if we do not
have additional information.
Comparison
Breadth-rst search Iterative deepening search
14.4 Informed Search Strategies
232
Summary: Uninformed Search/Informed Search
Problem formulation usually requires abstracting away real-world details to dene a state
space that can feasibly be explored
Variety of uninformed search strategies
Iterative deepening search uses only linear space and not much more time than other
uninformed algorithms
Next Step: Introduce additional knowledge about the problem (informed search)
Best-rst-, A
-search (guide the search by heuristics)

Iterative improvement algorithms
Best-rst search
Idea: Use an evaluation function for each node (estimate of desirability) Expand
most desirable unexpanded node
Implementation: fringe is a queue sorted in decreasing order of desirability
Special cases: Greedy search, A
search
This is like UCS, but with evaluation function related to problem at hand replacing the path cost
function.
If the heuristics is arbitrary, we expect incompleteness!
Depends on how we measure desirability.
Concrete examples follow.
Romania with step costs in km
233
Greedy search
Denition 487 A heuristic is an evaluation function h on nodes that estimates of cost
from n to the nearest goal state.
Idea: Greedy search expands the node that appears to be closest to goal
Example 488 h
SLD
(n) = straight-line distance from n to Bucharest
Note: Unlike uniform-cost search the node evaluation function has nothing to do with
the nodes explored so far
internal search control external search control
partial solution cost goal cost estimation
In greedy search we replace the objective cost to construct the current solution with a heuristic or
subjective measure from which we think it gives a good idea how far we are from a solution. Two
things have shifted:
we went from internal (determined only by features inherent in the search space) to an
external/heuristic cost
instead of measuring the cost to build the current partial solution, we estimate how far we
are from the desired goal
Greedy Search: Romania
Arad
366
Arad
366
Sibiu
253
Timisoara
329
Zerind
374
Arad
366
Sibiu
253
Timisoara
329
Zerind
374
Arad
366
Fagaras
176
Oradea
380
R. Vilcea
193
234
Arad
366
Sibiu
253
Timisoara
329
Zerind
374
Arad
366
Fagaras
176
Oradea
380
R. Vilcea
193
Sibiu
253
Bucharest
0
Greedy search: Properties
Complete No: Can get stuck in loops
Complete in nite space with repeated-state checking
Time O(b
m
)
Space O(b
m
)
Optimal No
Example 489 Greedy search can get stuck going from Iasi to Oradea:
Iasi Neamt Iasi Neamt
Worst-case time same as depth-rst search,
Worst-case space same as breadth-rst
But a good heuristic can give dramatic improvement
Greedy Search is similar to UCS. Unlike the latter, the node evaluation function has nothing to
do with the nodes explored so far. This can prevent nodes from being enumerated systematically
as they are in UCS and BFS.
For completeness, we need repeated state checking as the example shows. This enforces complete
enumeration of state space (provided that it is nite), and thus gives us completeness.
Note that nothing prevents from all nodes nodes being searched in worst case; e.g. if the
heuristic function gives us the same (low) estimate on all nodes except where the heuristic mis-
estimates the distance to be high. So in the worst case, greedy search is even worse than BFS,
where d (depth of rst solution) replaces m.
The search procedure cannot be optional, since actual cost of solution is not considered.
For both, completeness and optimality, therefore, it is necessary to take the actual cost of
partial solutions, i.e. the path cost, into account. This way, paths that are known to be expensive
are avoided.
235
A
search
Idea: Avoid expanding paths that are already expensive (make use of actual cost)
The simplest way to combine heuristic and path cost is to simply add them.
Denition 490 The evaluation function for A
-search is given by f(n) = g(n) +h(n),

where g(n) is the path cost for n and h(n) is the estimated cost to goal from n.
Thus f(n) is the estimated total cost of path through n to goal
Denition 491 Best-First-Search with evaluation function g +h is called astarSearch
search.
This works, provided that h does not overestimate the true cost to achieve the goal. In other
words, h must be optimistic wrt. the real cost h
. If we are too pessimistic, then non-optimal

solutions have a chance.
A
search: Admissibility
Denition 492 (Admissibility of heuristic) h(n) is called admissible if (0
h(n) h
(n)) for all nodes n, where h
(n) is the true cost from n to goal.

(In particular: h(G) = 0 for goal G)
Example 493 Straight-line distance never overestimates the actual road distance
(triangle inequality)
Thus h
SLD
(n) is admissible.
A
Search: Admissibility
Theorem 494 A
search with admissible heuristic is optimal

Proof: We show that sub-optimal nodes are never selected by A
P.1 Suppose a suboptimal goal G has been generated then we are in the following situ-
ation:
start
n
O G
P.2 Let n be an unexpanded node on a path to an optimal goal O, then
f(G) = g(G) since h(G) = 0
g(G) > g(O) since G suboptimal
g(O) = g(n) +h
(n) n on optimal path

g(n) +h
(n) g(n) +h(n) since h is admissible

g(n) +h(n) = f(n)
P.3 Thus, f(G) > f(n) and astarSearch never selects G for expansion.
236
A
Search Example
Arad
366=0+366
A
Search Example
Arad
Sibiu
393=140+253
Timisoara
447=118+329
Zerind
449=75+374
A
Search Example
Arad
Sibiu Timisoara
447=118+329
Zerind
449=75+374
Arad
646=280+366
Fagaras
415=239+176
Oradea
671=291+380
R. Vilcea
413=220+193
A
Search Example
Arad
Sibiu Timisoara
447=118+329
Zerind
449=75+374
Arad
646=280+366
Fagaras
415=239+176
Oradea
671=291+380
R. Vilcea
Craiova
526=366+160
Pitesti
417=317+100
Sibiu
553=300+253
237
A
Search Example
Arad
Sibiu Timisoara
447=118+329
Zerind
449=75+374
Arad
646=280+366
Fagaras Oradea
671=291+380
R. Vilcea
Craiova
526=366+160
Pitesti
417=317+100
Sibiu
553=300+253
Sibiu
591=338+253
Bucharest
450=450+0
A
Search Example
Arad
Sibiu Timisoara
447=118+329
Zerind
449=75+374
Arad
646=280+366
Fagaras Oradea
671=291+380
R. Vilcea
Craiova
526=366+160
Pitesti Sibiu
553=300+253
Sibiu
591=338+253
Bucharest
450=450+0
Bucharest
418=418+0
Craiova
615=455+160
Sibiu
607=414+193
A
search: f-contours
A
gradually adds f-contours of nodes

238
A
search: Properties
Complete Yes (unless there are innitely many nodes n with f(n) f(0))
Time Exponential in [relative error in h length of solution]
Space Same as time (variant of BFS)
Optimal Yes
A
expands all (some/no) nodes with f(n) < h
(n)
The run-time depends on how good we approximated the real cost h
with h.
Since the availability of admissible heuristics is so important for informed search (particularly for
A
), let us see how such heuristics can be obtained in practice. We will look at an example, and
then derive a general procedure from that.
Admissible heuristics: Example 8-puzzle
Example 495 Let h
1
(n) be the number of misplaced tiles in node n (h
1
(S) = 6)
Example 496 Let h
2
(n) be the total manhattan distance from desired location of each
tile. (h
2
(S) = 2 + 0 + 3 + 1 + 0 + 1 + 3 + 4 = 14)
Observation 497 (Typical search costs) (IDS = iterative deepening search)
nodes explored IDS A
(h
1
) A
(h
2
)
d = 14 3,473,941 539 113
d = 24 too many 39,135 1,641
Dominance
Denition 498 Let h
1
and h
2
be two admissible heuristics we say that h
2
dominates
h
1
if h
2
(n) h
1
(n) or all n.
Theorem 499 If h
2
dominates h
1
, then h
2
is better for search than h
1
.
239
Relaxed problems
Finding good admissible heuristics is an art!
Idea: Admissible heuristics can be derived from the exact solution cost of a relaxed
version of the problem.
Example 500 If the rules of the 8-puzzle are relaxed so that a tile can move anywhere,
then we get heuristic h
1
.
Example 501 If the rules are relaxed so that a tile can move to any adjacent square,
then we get heuristic h
2
.
Key point: The optimal solution cost of a relaxed problem is not greater than the optimal
solution cost of the real problem
Relaxation means to remove some of the constraints or requirements of the original problem, so
that a solution becomes easy to nd. Then the cost of this easy solution can be used as an
optimistic approximation of the problem.
14.5 Local Search
Local Search Problems
Idea: Sometimes the path to the solution is irrelevant
Example 502 (8 Queens Problem) Place 8 queens on a chess board, so that no
two queens threaten each other.
This problem has various solutions, e.g. the one on the right
Denition 503 A local search algorithm is a search algorithm that operates on a single
state, the current state (rather than multiple paths). (advantage: constant space)
Typically local search algorithms only move to successors of the current state, and do
not retain search paths.
Applications include: integrated circuit design, factory-oor layout, job-shop scheduling,
portfolio management, eet deployment,. . .
240
Local Search: Iterative improvement algorithms
Denition 504 (Traveling Salesman Problem) Find shortest trip through set of
cities such that each city is visited exactly once.
Idea: Start with any complete tour, perform pairwise exchanges
Denition 505 (n-queens problem) Put n queens on nn board such that no two
queens in the same row, columns, or diagonal.
Idea: Move a queen to reduce number of conicts
Hill-climbing (gradient ascent/descent)
Idea: Start anywhere and go in the direction of the steepest ascent.
Depth-rst search with heuristic and w/o memory
procedure Hill-Climbing (problem) (* a state that is a local minimum *)
local current, neighbor (* nodes *)
current := Make-Node(Initial-State[problem])
loop
neighbor := <a highestvalued successor of current>
if Value[neighbor] < Value[current]
return [current]
current := neighbor
end if
end loop
end procedure
Like starting anywhere in search tree and making a heuristically guided DFS.
Works, if solutions are dense and local maxima can be escaped.
In order to understand the procedure on a more intuitive level, let us consider the following
scenario: We are in a dark landscape (or we are blind), and we want to nd the highest hill. The
search procedure above tells us to start our search anywhere, and for every step rst feel around,
and then take a step into the direction with the steepest ascent. If we reach a place, where the
next step would take us down, we are nished.
Of course, this will only get us into local maxima, and has no guarantee of getting us into
global ones (remember, we are blind). The solution to this problem is to re-start the search at
random (we do not have any information) places, and hope that one of the random jumps will get
us to a slope that leads to a global maximum.
241
Example Hill-Climbing with 8 Queens
Idea: Heuristic function h is number of queens that threaten each other.
Example 506 An 8-queens state with heuristic cost estimate h = 17 showing h-values
for moving a queen within its column
Problem: The state space has local minima. e.g. the board on the right has h = 1 but
every successor has h > 1.
Hill-climbing
Problem: Depending on initial state, can get stuck on local maxima/minima and plateaux
Hill-climbing search is like climbing Everest in thick fog with amnesia
Idea: Escape local maxima by allowing some bad or random moves.
Example 507 local search, simulated annealing. . .
Properties: All are incomplete, non-optimal.
Sometimes performs well in practice (if (optimal) solutions are dense)
Recent work on hill-climbing algorithms tries to combine complete search with randomization to
escape certain odd phenomena occurring in statistical distribution of solutions.
242
Simulated annealing (Idea)
Denition 508 Ridges are ascending successions of local maxima
Problem: They are extremely dicult to navigate for local search algorithms
Idea: Escape local maxima by allowing some bad moves, but gradually decrease their
size and frequency
Annealing is the process of heating steel and let it cool gradually to give it time to grow
an optimal cristal structure.
Simulated Annealing is like shaking a ping-pong ball occasionally on a bumpy surface to
free it. (so it does not get stuck)
Devised by Metropolis et al., 1953, for physical process modelling
Widely used in VLSI layout, airline scheduling, etc.
Simulated annealing (Implementation)
procedure Simulated-Annealing (problem,schedule) (* a solution state *)
local node, next (* nodes*)
local T (*a temperature controlling prob.~of downward steps *)
current := Make-Node(Initial-State[problem])
for t :=1 to
T := schedule[t]
if T = 0 return current end if
next := <a randomly selected successor of current>
(E) := Value[next]-Value[current]
if (E) > 0 current := next
else
current := next <only with probability> e
(E)/T
end if
end for
end procedure
a problem schedule is a mapping from time to temperature
243
Properties of simulated annealing
At xed temperature T, state occupation probability reaches Boltzman distribution
p(x) = e
E(x)
kT
T decreased slowly enough =always reach best state x
because
e
E(x
)
kT
e
E(x)
kT =e
E(x
)E(x)
kT
1
for small T.
Is this necessarily an interesting guarantee?
Local beam search
Idea: Keep k states instead of 1; choose top k of all their successors
Not the same as k searches run in parallel!
(Searches that nd good states recruit other searches to join them)
Problem: quite often, all k states end up on same local hill
Idea: Choose k successors randomly, biased towards good ones.
(Observe the close analogy to natural selection!)
Genetic algorithms (very briey)
Idea: Use local beam search (keep a population of k) randomly modify population
(mutation) generate successors from pairs of states (sexual reproduction) optimize a
tness function (survival of the ttest)

244
Genetic algorithms (continued)
Problem: Genetic Algorithms require states encoded as strings (GPs use programs)
Crossover helps i substrings are meaningful components
Example 509 (Evolving 8 Queens)
GAs ,= evolution: e.g., real genes encode replication machinery!
245
15 Logic Programming
15.1 Programming as Search: Introduction to Logic Programming and
PROLOG
We will now learn a new programming paradigm: logic programming (also called Declarative
Programming), which is an application of the search techniques we looked at last, and the logic
techniques. We are going to study ProLog (the oldest and most widely used) as a concrete example
of the ideas behind logic programming.
Logic Programming is a programming style that diers from functional and imperative program-
ming in the basic procedural intuition. Instead of transforming the state of the memory by issuing
instructions (as in imperative programming), or comupting the value of a function on some ar-
guments, logic programming interprets the program as a body of knowledge about the respective
situation, which can be queried for consequences. This is actually a very natural intuition; after
all we only run (imperative or functional) programs if we want some question answered.
Logic Programming
Idea: Use logic as a programming language!
We state what we know about a problem (the program) and then ask for results (what
the program would compute)
Example 510
Program Leibniz is human x + 0 = x
Sokrates is is human If x +y = z then x +s(y) = s(z)
Sokrates is a greek 3 is prime
Every human is fallible
Query Are there fallible greeks? is there a z with s(s(0)) +s(0) = z
Answer Yes, Sokrates! yes s(s(s(0)))
How to achieve this?: Restrict the logic calculus suciently that it can be used as
computational procedure.
Slogan: Computation = Logic + Control ([Kowalski 73])
We will use the programming language ProLog as an example
ProLog is a simple logic programming language that exemplies the ideas we want to discuss quite
nicely. We will not introduce the language formally, but in concrete examples as we explain the
theortical concepts. For a complete reference, please consult the online book by Blackburn & Bos
& Striegnitz http://www.coli.uni-sb.de/
~
kris/learn-prolog-now/.
Of course, this the whole point of writing down a knowledge base (a program with knowledge about
the situation), if we do not have to write down all the knowledge, but a (small) subset, from which
the rest follows. We have already seen how this can be done: with logic. For logic programming
we will use a logic called rst-order logic which we will not formally introduce here. We have
already seen that we can formulate propositional logic using terms from an abstract data type
instead of propositional variables. For our purposes, we will just use terms with variables instead
of the ground terms used there.
24
EdNote:24
24
EdNote: reference
246
Representing a Knowledge base in ProLog
A knowledge base is represented (symbolically) by a set of facts and rules.
Denition 511 A fact is a statement written as a term that is unconditionally true of
the domain of interest. (write with a term followed by a .)
Example 512 We can state that Mia is a woman as woman(mia).
Denition 513 A rule states information that is conditionally true in the domain.
Example 514 Write something is a car if it has a motor and four wheels as
(car(X) : has motor(X), has wheels(X, 4)) (variables are upper-case)
this is just an ASCII notation for m(x) w(x, 4) car(x)
Denition 515 The knowledge base given by a set of facts and rules is that set of facts
that can be derived from it by Modus Ponens (MP) and I.
A A B
B
MP
A B
A B
I
A
[B/X](A)
Subst
Knowledge Base (Example)
Example 516 car(c). is in the knowlege base generated by
has_motor(c).
has_wheels(c,4).
car(X):- has_motor(X),has_wheels(X,4).
m(c) w(c, 4)
I
m(c) w(c, 4)
m(x) w(x, 4) car(x)
Subst
m(c) w(c, 4) car(c)
MP
car(c)
247
Querying the Knowledge base
Idea: We want to see whether a fact is in the knowledge base.
Denition 517 A query or goal is a statement of which we want to know whether it is
in the knowledge base. (write as ? A., if A statement)
Problem: Knowledge bases can be big and even innite.
Example 518 The the knowledge base induced by the program
nat(zero).
nat(s(X)) :- nat(X).
is the set nat(zero), nat(s(zero)), nat(s(s(zero))), . . ..
Idea: interpret this as a search problem.
state = tuple of goals; goal state = empty list (of goals).
next(G, R
1
, . . . R
l
) := (B
1
), . . ., (B
m
), R
1
, . . ., R
l
(backchaining) if there is a
rule H : B
1
, . . . B
m
. and a substitution with (H) = (G).
?- nat(s(s(zero))).
?- nat(s(zero)).
?- nat(zero).
Yes
If a query contains variables, then ProLog will return an answer substitution.
has_wheels(mybmw,4).
has_motor(mybmw).
car(X):-has_wheels(X,4),has_motor(X).
?- car(Y)
?- has_wheels(Y,4),has_motor(Y).
Y = mybmw
?- has_motor(mybmw).
Y = mybmw
Yes
If no instance of the statement in a query can be derived from the knowledge base, then
the ProLog interpreter reports failure.
?- nat(s(s(0))).
?- nat(s(0)).
?- nat(0).
FAIL
No
248
PROLOG: Are there Fallible Greeks?
Program:
human(sokrates).
human(leibniz).
greek(sokrates).
fallible(X) :- human(X).
Example 519 (Query) ? fallible(X), greek(X).
Answer substitution: [sokrates/X]
We will now discuss how to use a ProLog interpreter to get to know the language. The SWI
ProLog interpreter can be downloaded from http://www.swi-prolog.org/. To start the ProLog
interpreter with pl or prolog or swipl from the shell. The SWI manual is available at http:
//gollem.science.uva.nl/SWI-Prolog/Manual/
We will introduce working with the interpreter using unary natural numbers as examples: we rst
add the fact
7
to the knowledge base
unat(zero).
which asserts that the predicate unat
8
is true on the term zero. Generally, we can add a fact to
the knowledge base either by writing it into a le (e.g. example.pl) and then consulting it by
writing one of the following commands into the interpreter:
[example]
consult(example.pl).
or by directly typing
assert(unat(zero)).
into the ProLog interpreter. Next tell ProLog about the following rule
assert(unat(suc(X)) :- unat(X)).
which gives the ProLog runtime an initial (innite) knowledge base, which can be queried by
?- unat(suc(suc(zero))).
Yes
Running ProLog in an emacs window is incredibly nicer than at the command line, because you
can see the whole history of what you have done. Its better for debugging too. If youve never
used emacs before, it still might be nicer, since its pretty easy to get used to the little bit of emacs
that you need. (Just type emacs \& at the UNIX command line to run it; if you are on a remote
terminal like putty, you can use emacs -nw.).
If you dont already have a le in your home directory called .emacs (note the dot at the front),
create one and put the following lines in it. Otherwise add the following to your existing .emacs
le:
(autoload run-prolog "prolog" "Start a Prolog sub-process." t)
(autoload prolog-mode "prolog" "Major mode for editing Prolog programs." t)
(setq prolog-program-name "swipl") ; or whatever the prolog executable name is
(add-to-list auto-mode-alist ("\\pl$" . prolog-mode))
7
for unary natural numbers; we cannot use the predicate nat and the constructor functions here, since their
meaning is predened in ProLog
8
for unary natural numbers.
249
The le prolog.el, which provides prolog-mode should already be installed on your machine,
otherwise download it at http://turing.ubishops.ca/home/bruda/emacs-prolog/
Now, once youre in emacs, you will need to gure out what your meta key is. Usually its the
alt key. (Type control key together with h to get help on using emacs). So youll need a
meta-X command, then type run-prolog. In other words, type the meta key, type x, then
there will be a little window at the bottom of your emacs window with M-x, where you type
run-prolog
9
. This will start up the SWI ProLog interpreter, . . . et voil`a!
The best thing is you can have two windows within your emacs window, one where youre
editing your program and one where youre running ProLog. This makes debugging easier.
Depth-First Search with Backtracking
So far, all the examples led to direct success or to failure. (simpl. KB)
Search Procedure: top-down, left-right depth-rst search
Work on the queries in left-right order.
match rst query with the head literals of the clauses in the program in top-down
order.
if there are no matches, fail and backtrack to the (chronologically) last point.
otherwise backchain on the rst match , keep the other matches in mind for
backtracking. (backtracking points)
Note: We have seen before
25
that depth-rst search has the problem that it can go into loops. EdNote:25
And in fact this is a necessary feature and not a bug for a programming language: we need to
be able to write non-terminating programs, since the langugage would not be Turing-complete
ogtherwise. The argument can be sketched as follows: we have seen that for Turing machines the
halting problem
26
is undecidable. So if all ProLog programs were terminating, then ProLog would EdNote:26
be weaker than Turing machines and thus not Turing complete.
Backtracking by Example
has_wheels(mytricycle,3).
has_wheels(myrollerblade,3).
has_wheels(mybmw,4).
has_motor(mybmw).
car(X):-has_wheels(X,3),has_motor(X). % cars sometimes have 3 wheels
car(X):-has_wheels(X,4),has_motor(X).
?- car(Y).
?- has_wheels(Y,3),has_motor(Y). % backtrack point 1
Y = mytricycle % backtrack point 2
?- has_motor(mytricycle).
FAIL % fails, backtrack to 2
Y = myrollerblade % backtrack point 2
?- has_motor(myrollerblade).
FAIL % fails, backtrack to 1
?- has_wheels(Y,4),has_motor(Y).
Y = mybmw
?- has_motor(mybmw).
Y=mybmw
Yes
9
Type control key together with h then press m to get an exhaustive mode help.
25
EdNote: reference
26
EdNote: reference
250
Can We Use This For Programming?
Question: What about functions? E.g. the addition function?
Question: We do not have (binary) functions, in ProLog
Idea (back to math): use a three-place predicate.
Example 520 add(X,Y,Z) stands for X+Y=Z
Now we can directly write the recursive equations X+0 = X (base case) and X+s(Y ) =
s(X +Y ) into the knowledge base.
add(X,zero,X).
add(X,s(Y),s(Z)) :- add(X,Y,Z).
similarly with multiplication and exponentiation.
mult(X,o,o).
mult(X,s(Y),Z) :- mult(X,Y,W), add(X,W,Z).
expt(X,o,s(o)).
expt(X,s(Y),Z) :- expt(X,Y,W), mult(X,W,Z).
Note: Viewed through the right glasses logic programming is very similar to functional program-
ming; the only dierence is that we are using n+1-ary relations rather than n-ary functions. To see
how this works let us consider the addition function/relation example above: instead of a binary
function + we program a ternary relation add, where relation add(X, Y, Z) means X + Y = Z.
We start with the same dening equations for addition, rewriting them to relational style.
The rst equation is straight-foward via our correspondance and we get the ProLog fact
add(X, zero, X).. For the equation X + s(Y ) = s(X + Y ) we have to work harder, the straight-
forward relational translation add(X, s(Y ), s(X + Y )) is impossible, since we have only partially
replaced the function + with the relation add. Here we take refuge in a very simple trick that we
can always do in logic (and mathematics of course): we introduce a new name Z for the oending
expression X + Y (using a variable) so that we get the fact add(X, s(Y ), s(Z)). Of course this
is not universally true (remember that this fact would say that X + s(Y ) = s(Z) for all X, Y ,
and Z), so we have to extend it to a ProLog rule (add(X, s(Y ), s(Z)) : add(X, Y, Z)) which
relativizes to mean X +s(Y ) = s(Z) for all X, Y , and Z with X +Y = Z.
Indeed the rule implements addition as a recursive predicate, we can see that the recursion
relation is terminating, since the left hand sides are have one more constructor for the successor
function. The examples for multiplication and exponentiation can be developed analogously, but
we have to use the naming trick twice.
251
More Examples from elementary Arithmetics
Example 521 We can also use the add relation for subtraction without changing the
implementation. We just use variables in the input positions and ground terms in the
other two (possibly very inecient since generate-and-test approach)
?-add(s(zero),X,s(s(s(zero)))).
X = s(s(zero))
Yes
Example 522 Computing the the n
th
Fibonacci Number (0,1,1,2,3,5,8,13,. . . ; add the
last two to get the next), using the addition predicate above.
fib(zero,zero).
fib(s(zero),s(zero)).
fib(s(s(X)),Y):-fib(s(X),Z),fib(X,W),add(Z,W,Y).
Example 523 using ProLogs internal arithmetic: a goal of the form ? D is e. where
e is a ground arithmetic expression binds D to the result of evaluating e.
fib(0,0).
fib(1,1).
fib(X,Y):- D is X - 1, E is X - 2,fib(D,Z),fib(E,W), Y is Z + W.
Note: Note that the is relation does not allow generate-and-test inversion as it insists on the
right hand being ground. In our example above, this is not a problem, if we call the fib with the
rst (input) argument a ground term. Indeed, if match the last rule with a goal ? fib(g, Y).,
where g is a ground term, then g 1 and g 2 are ground and thus D and E are bound to the
(ground) result terms. This makes the input arguments in the two recursive calls ground, and
we get ground results for Z and W, which allows the last goal to succeed with a ground result for
Y. Note as well that re-ordering the body literals of the rule so that the recursive calls are called
before the computation literals will lead to failure.
Adding Lists to ProLog
Lists are represented by terms of the form [a,b,c,. . .]
rst/rest representation [F|R], where R is a rest list.
predicates for member, append and reverse of lists in default ProLog representation.
member(X,[X|_]).
member(X,[_|R]):-member(X,R).
append([],L,L).
append([X|R],L,[X|S]):-append(R,L,S).
reverse([],[]).
reverse([X|R],L):-reverse(R,S),append(S,[X],L).
252
Relational Programming Techniques
Parameters have no unique direction in or out
:- rev(L,[1,2,3]).
:- rev([1,2,3],L1).
:- rev([1,X],[2,Y]).
Symbolic programming by structural induction
rev([],[]).
rev([X,Xs],Ys) :- ...
Generate and test
sort(Xs,Ys) :- perm(Xs,Ys), ordered(Ys).
15.2 Logic Programming as Resolution Theorem Proving
We know all this already
Goals, goal-sets, rules, and facts are just clauses. (called Horn clauses)
Observation 524 (rule) H : B
1
, . . . , B
n
. corresponds to H B
1
. . . B
n
(head the only positive literal)
Observation 525 (goal setid) ? G
1
, . . . , G
n
. corresponds to G
1
, . . . , G
n
Observation 526 (fact) F. corresponds to the unit clause F.
Denition 527 A Horn clause is a clause with at most one positive literal.
Note: backchaining becomes (hyper)-resolution (special case for rule with facts)
P
T
A P
F
B
A B
H : B
1
, . . . , B
n
. B
1
. . . B
n
H
positive unit-resulting hyperresolution (PURR)
PROLOG (Horn clauses)
Denition 528 Each clause contains at most one positive literal
B
1
. . . B
n
A ((A : B1, . . ., Bn))
Rule clause: (fallible(X) : human(X))
Fact clause: human(sokrates).
Program: set of rule and fact clauses
Query: ? fallible(X), greek(X).
253
PROLOG: Our Example
Program:
human(sokrates).
human(leibniz).
greek(sokrates).
fallible(X) :- human(X).
Example 529 (Query) ? fallible(X), greek(X).
Answer substitution: [sokrates/X]
Three Principal Modes of Inference
Deduction: knowledge extension
rains wet street rains
wet street
D
Abduction explanation
rains wet street wet street
rains
A
Induction learning rules
wet street rains
rains wet street
I
254
16 The Information and Software Architecture of the In-
ternet and WWW
We will now look at the information and software architecture of the Internet and the World Wide
Web (WWW) from the ground up.
16.1 Overview
The Internet and the Web
Denition 530 The Internet is a worldwide computer network that connects hundreds
of thousands of smaller networks. (The mother of all networks)
Denition 531 The World Wide Web is the interconnected system of servers that
support multimedia documents, i.e. the multimedia part of the Internet.
The Internet and WWWeb form critical infrastructure for modern society and commerce.
The Internet/WWW is huge:
Year Web Deep Web eMail
1999 21 TB 100 TB 11TB
2003 167 TB 92 PB 447 PB
2010 ???? ????? ?????
We want to understand how it works (services and scalability issues)
.
255
Units of Information
Bit (b) binary digit 0/1
Byte (B) 8 bit
2 Bytes A Unicode character.
10 Bytes your name.
Kilobyte (KB) 1,000 bytes OR 10
3
bytes
2 Kilobytes A Typewritten page.
100 Kilobytes A low-resolution photograph.
Megabyte (MB) 1,000,000 bytes OR 10
6
bytes
1 Megabyte A small novel OR a 3.5 inch oppy disk.
2 Megabytes A high-resolution photograph.
5 Megabytes The complete works of Shakespeare.
10 Megabytes A minute of high-delity sound.
100 Megabytes 1 meter of shelved books.
500 Megabytes A CD-ROM.
Gigabyte (GB) 1,000,000,000 bytes or 10
9
bytes
1 Gigabyte a pickup truck lled with books.
20 Gigabytes A good collection of the works of Beethoven.
100 Gigabytes A library oor of academic journals.
Terabyte (TB) 1,000,000,000,000 bytes or 10
12
bytes
1 Terabyte 50000 trees made into paper and printed.
2 Terabytes An academic research library.
10 Terabytes The print collections of the U.S. Library of Congress.
400 Terabytes National Climactic Data Center (NOAA) database.
Petabyte (PB) 1,000,000,000,000,000 bytes or 10
15
bytes
1 Petabyte 3 years of EOS data (2001).
2 Petabytes All U.S. academic research libraries.
20 Petabytes Production of hard-disk drives in 1995.
200 Petabytes All printed material (ever).
Exabyte (EB) 1,000,000,000,000,000,000 bytes or 10
18
bytes
2 Exabytes Total volume of information generated in 1999.
5 Exabytes All words ever spoken by human beings ever.
300 Exabytes All data stored digitally in 2007.
Zettabyte (EB) 1,000,000,000,000,000,000,000 bytes or 10
21
bytes
2 Zettabytes Total volume digital data transmitted in 2011
100 Zettabytes Data equivalent to the human Genome in one body.
The information in this table is compiled from various studies, most recently [HL11].
256
A Timeline of the Internet and the Web
Early 1960s: introduction of the network concept
1970: ARPANET, scholarly-aimed networks
62 computers in 1974
1975: Ethernet developed by Robert Metcalf
1980: TCP/IP
1982: The rst computer virus, Elk Cloner, spread via Apple II oppy disks
500 computers in 1983
28,000 computers in 1987
1989: Web invented by Tim Berners-Lee
1990: First Web browser based on HTML developed by Berners-Lee
Early 1990s: Andreesen developed the rst graphical browser (Mosaic)
1993: The US White House launches its Web site
1993 : commercial/public web explodes
We will now look at the information and software architecture of the Internet and the World Wide
Web (WWW) from the ground up.
16.2 Internet Basics
We will show aspects of how the Internet can cope with this enormous growth of numbers of
computers, connections and services.
The growth of the Internet rests on three design decisions taken very early on. The Internet
1. is a packet-switched network rather than a network, where computers communicate via
dedicated physical communication lines.
2. is a network, where control and administration are decentralized as much as possible.
3. is an infrastructure that only concentrates on transporting packets/datagrams between com-
puters. It does not provide special treatment to any packets, or try to control the content
of the packets.
The rst design decision is a purely technical one that allows the existing communication lines to
be shared by multiple users, and thus save on hardware resources. The second decision allows the
administrative aspects of the Internet to scale up. Both of these are crucial for the scalability of
the Internet. The third decision (often called net neutrality) is hotly debated. The defenders
cite that net neutrality keeps the Internet an open market that fosters innovation, where as
the attackers say that some uses of the network (illegal le sharing) disprortionately consum
resources.
257
Package-Switched Networks
Denition 532 A packet-switched network divides messages into small network packets
that are transported separately and re-assembled at the target.
Advantages:
many users can share the same physical communication lines.
packets can be routed via dierent paths. (bandwidth utilization)
bad packets can be re-sent, while good ones are sent on. (network reliability)
packets can contain information about their sender, destination.
no central management instance necessary (scalability, resilience)
These ideas are implemented in the Internet Protocol Suite, which we will present in the rest of the
section. A main idea of this set of protocols is its layered design that allows to separate concerns
and implement functionality separately.
258
The Intenet Protocol Suite
Denition 533 The Internet Protocol Suite (commonly known as TCP/IP) is the set of
communications protocols used for the Internet and other similar networks. It structured
into 4 layers.
Layer e.g.
Application Layer HTTP, SSH
Transport Layer UDP,TCP
Internet Layer IPv4, IPsec
Link Layer Ethernet, DSL
Layers in TCP/IP: TCP/IP uses encapsulation to provide abstraction of protocols and
services.
An application (the highest level of the model) uses a set of protocols
to send its data down the layers, being further encapsulated at each level.
Example 534 (TCP/IP Scenario) Consider a situation with two Internet host
computers communicate across local network boundaries.
network boundaries are constituted by internetworking gateways (routers).
Denition 535 A router is a purposely customized computer used to forward data
among computer networks beyond directly connected devices.
A router implements the link and internet layers only and has two network connections.
259
We will now take a closer look at each of the layers shown above, starting with the lowest one.
Instead of going into network topologies, protocols, and their implementation into physical signals
that make up the link layer, we only discuss the devices that deal with them. Network Interface
controllers are specialized hardware that encapsulate all aspects of link-level communication, and
we take them as black boxes for the purposes of this course.
Network Interfaces
The nodes in the Internet are computers, the edges communication channels
Denition 536 A network interface controller (NIC) is a hardware device that handles
an interface to a computer network and thus allows a network-capable device to access
that network.
Denition 537 Each NIC contains a unique number, the media access control address
(MAC address), identies the device uniquely on the network.
MAC addresses are usually 48-bit numbers issued by the manufacturer, they are usually
displayed to humans as six groups of two hexadecimal digits, separated by hyphens (-) or
colons (:), in transmission order, e.g. 01-23-45-67-89-AB, 01:23:45:67:89:AB.
Denition 538 A network interface is a software component in the operating system
that implements the higher levels of the network protocol (the NIC handles the lower
ones).
Layer e.g.
Application Layer HTTP, SSH
Transport Layer TCP
Internet Layer IPv4, IPsec
Link Layer Ethernet, DSL
A computer can have more than one network interface. (e.g. a router)
The next layer ist he Internet Layer.
260
Internet Protocol and IP Addresses
Denition 539 The Internet Protocol (IP) is a protocol used for communicating data
across a packet-switched internetwork. The Internet Protocol denes addressing methods
and structures for datagram encapsulation. The Internet Protocol also routes data packets
between networks
Denition 540 An Internet Protocol (IP) address is a numerical label that is assigned
to devices participating in a computer network, that uses the Internet Protocol for com-
munication between its nodes.
An IP address serves two principal functions: host or network interface identication and
location addressing.
Denition 541 The global IP address space allocations are managed by the Internet
Assigned Numbers Authority (IANA), delegating allocate IP address blocks to ve Re-
gional Internet Registries (RIRs) and further to Internet service providers (ISPs).
Denition 542 The Internet mainly uses Internet Protocol Version 4 (IPv4) [RFC80],
which uses 32-bit numbers (IPv4 addresses) for identication of network interfaces of
Computers.
IPv4 was standardized in 1980, it provides 4,294,967,296 (2
32
) possible unique addresses.
With the enormous growth of the Internet, we are fast running out of IPv4 addresses
Denition 543 Internet Protocol Version 6 (IPv6) [DH98], which uses 128-bit numbers
(IPv6 addresses) for identication.
Although IP addresses are stored as binary numbers, they are usually displayed in human-
readable notations, such as 208.77.188.166 (for IPv4), and 2001:db8:0:1234:0:567:1:1 (for
IPv6).
The Internet infrastructure is currently undergoing a dramatic retooling, because we are moving
from IPv4 to IPv6 to counter the depletion of IP addresses. Note that this means that all routers
and switches in the Internet have to be upgraded. At rst glance, it would seem that that this
problem could have been avoided if we had only anticipated the need for more the 4 million
computers. But remember that TCP/IP was developed at a time, where the Internet did not exist
yet, and its precursor had about 100 computers. Also note that the IP addresses are part of every
packet, and thus reserving more space for them would have wasted bandwidth in a time when it
was scarce.
261
The Transport Layer
Denition 544 The transport layer is responsible for delivering data to the appropriate
application process on the host computers by forming data packets, and adding source
and destination port numbers in the header.
Denition 545 The internet protocol mainly suite uses the Transmission Control Pro-
tocol (TCP) and User Datagram Protocol (UDP) protocols at the transport layer.
TCP is used for communication, UDP for multicasting and broadcasting.
TCP supports virtual circuits, i.e. provide connection oriented communication over an
underlying packet oriented datagram network. (hide/reorder packets)
TCP provides end-to-end reliable communication (error detection & automatic repeat)
The Application Layer
Denition 546 The application layer of the internet protocol suite contains all protocols
and methods that fall into the realm of process-to-process communications via an Internet
Protocol (IP) network using the Transport Layer protocols to establish underlying host-
to-host connections.
Example 547 (Some Application Layer Protocols and Services)
BitTorrent Peer-to-peer Atom Syndication
DHCP Dynamic Host Conguration DNS Domain Name System
FTP File Transfer Protocol HTTP HyperText Transfer
IMAP Internet Message Access IRCP Internet Relay Chat
NFS Network File System NNTP Network News Transfer
NTP Network Time Protocol POP Post Oce Protocol
RPC Remote Procedure Call SMB Server Message Block
SMTP Simple Mail Transfer SSH Secure Shell
TELNET Terminal Emulation WebDAV Write-enabled Web
Domain Names
Denition 548 The DNS (Domain Name System) is a distributed set of servers that
provides the mapping between (static) IP addresses and domain names.
Example 549 e.g. www.kwarc.info stands for the IP address 212.201.49.189.
networked computers can have more than one DNS name. (virtual servers)
Domain names must be registered to ensure uniqueness
(registration fees vary, cybersquatting)
Denition 550 ICANN is a non-prot organization was established to regulate human-
friendly domain names. It approves domain name registrars and delegates the actual
registration to them.
262
Domain Name Top-Level Domains
.com (.commercial) is a generic top-level domain. It was one of the original top-level
domains, and has grown to be the largest in use.
.org (organization) is a generic top-level domain, and is mostly associated with non-
prot organizations. It is also used in the charitable eld, and used by the open-source
movement. Government sites and Political parties in the US have domain names ending
in .org
.net (network) is a generic top-level domain and is one of the original top-level do-
mains. Initially intended to be used only for network providers (such as Internet service
providers). It is still popular with network operators, it is often treated as a second .com.
It is currently the third most popular top-level domain.
.edu (education) is the generic top-level domain for educational institutions, primarily
those in the United States. One of the rst top-level domains, .edu was originally intended
for educational institutions anywhere in the world. Only post-secondary institutions that
are accredited by an agency on the U.S. Department of Educations list of nationally
recognized accrediting agencies are eligible to apply for a .edu domain.
.info (information) is a generic top-level domain intended for informative websites,
although its use is not restricted. It is an unrestricted domain, meaning that anyone can
obtain a second-level domain under .info. The .info was one of many extension(s) that
was meant to take the pressure o the overcrowded .com domain.
.gov (government) a generic top-level domain used by government entities in the
United States. Other countries typically use a second-level domain for this purpose, e.g.,
.gov.uk for the United Kingdom. Since the United States controls the .gov Top Level
Domain, it would be impossible for another country to create a domain ending in .gov.
.biz (business) the name is a phonetic spelling of the rst syllable of business. A
generic top-level domain to be used by businesses. It was created due to the demand for
good domain names available in the .com top-level domain, and to provide an alternative
to businesses whose preferred .com domain name which had already been registered by
another.
.xxx (porn) the name is a play on the verdict X-rated for movies. A generic top-level
domain to be used for sexually explicit material. It was created in 2011 in the hope to
move sexually explicit material from the normal web. But there is no mandate for porn
to be restricted to the .xxx domain, this would be dicult due to problems of denition,
dierent jurisdictions, and free speech issues.
263
Ports
Denition 551 To separate the services and protocols of the network application layer,
network interfaces assign them specic port, referenced by a number.
Port use comment

22 SSH remote shell
53 DNS Domain Name System
80 HTTP World Wide Web
443 HTTPS HTTP over SSL
264
A Protocol Example: SMTP over telnet
We call up the telnet service on the Jacobs mail server
telnet exchange.jacobs-university.de 25
it identies itself (have some patience, it is very busy)
Trying 10.70.0.128...
Connected to exchange.jacobs-university.de.
Escape character is ^].
220 SHUBCAS01.jacobs.jacobs-university.de
Microsoft ESMTP MAIL Service ready at Tue, 3 May 2011 13:51:23 +0200
We introduce ourselves politely (but we lie about our identity)
helo mailhost.domain.tld
It is really very polite.
250 SHUBCAS04.jacobs.jacobs-university.de Hello [10.222.1.5]
We start addressing an e-mail (again, we lie about our identity)
mail from: [email protected]
this is acknowledged
250 2.1.0 Sender OK
We set the recipient (the real one, so that we really get the e-mail)
rcpt to: [email protected]
250 2.1.0 Recipient OK
we tell the mail server that the mail data comes next
data
354 Start mail input; end with <CRLF>.<CRLF>
Now we can just type the a-mail, optionally with Subject, date,...
Subject: Test via SMTP
and now the mail body itself
.
And a dot on a line by itself sends the e-mail o
250 2.6.0 <ed73c3f3-f876-4d03-98f2-e5ad5bbb6255@SHUBCAS04.jacobs.jacobs-university.de>
[InternalId=965770] Queued mail for delivery
That was almost all, but we close the connection (this is a telnet command)
quit
our terminal server (the telnet program) tells us
221 2.0.0 Service closing transmission channel
Connection closed by foreign host.
265
Internet Governance
The Internet is a critical infrastructure for world society and commerce.
(by far the biggest marketplace on the world)
Someone has to regulate what goes on there. (to keep users safe)
One of the main services of the Internet nowadays is the facilitation of the World Wide Web, a
vast document storage and retrieval service at the application layer.
16.3 Basics Concepts of the World Wide Web
The world wide web is a service on the Internet based on specic protocols and markup formats
for documents.
Uniform Resource Identier (URI), Plumbing of the Web

Denition 552 A uniform resource identier is a global identiers of network-retrievable
documents (web resources). URIs adhere a uniform syntax (grammar) dened in RFC-
3986 [BLFM05]. Rules contain: URI :== scheme,
, hierPart, [
query], [
fragment]
hier part :==

//
(pathAbempty [ pathAbsolute [ pathRootless [ pathEmpty)

Example 553 The following are two example URIs and their component parts:
http :// example.com :8042/ over/there?name=ferret#nose
\__/ \______________ /\ _________/ \_________/ \__/
| | | | |
scheme authority path query fragment
|___ __________________|__________
/ \ / \
mailto:m.kohlhase@jacobs -university.de
Note: URIs only identify documents, they do not have to be provide access to them (e.g.
in a browser).
266
Uniform Resource Locators and relative URIs
Denition 554 A uniform resource locator is a URI that that gives access to a web
resource via the http protocol.
Example 555 The following URI is a URL (try it in your browser)
http: //kwarc.info/kohlhase/index.html
Note: URI/URLs are one of the core features of the web infrastructure, they are consid-
ered to be the plumbing of the WWWeb. (direct the ow of data)
Denition 556 URIs can be abbreviated to relative URIs; missing parts are lled in
from the context
Example 557
relative URI abbreviates in context
#foo current le#foo curent le
../bar.txt file : ///home/kohlhase/foo/bar.txt le system
../bar.html http : //example.org/foo/bar.html on the web
Web Browsers
Denition 558 A web Browser is a software application for retrieving, presenting, and
traversing information resources on the World Wide Web, enabling users to view Web
pages and to jump from one page to another.
Practical Browser Tools:
Status Bar: security info, page load progress
Favorites (bookmarks)
View Source: view the code of a Web page
Tools/Internet Options, history, temporary Internet les, home page, auto complete,
security settings, programs, etc.
Example 559 e.g. IE, Mozilla Firefox, Safari, etc.
Denition 560 A web page is a document on the Web that can include multimedia
data
Denition 561 A web site is a collection of related Web pages usually designed or
controlled by the same individual or company.
a web site generally shares a common domain name.
267
HTTP: Hypertext Transfer Protocol
Denition 562 The Hypertext Transfer Protocol (HTTP) is an application layer pro-
tocol for distributed, collaborative, hypermedia information systems.
June 1999: HTTP/1.1 is dened in RFC 2616 [FGM
+
99]
Denition 563 HTTP is used by a client (called user agent) to access web resources
(addressed by Uniform Resource Locators (URLs)) via a http request. The web server
answers by supplying the resource
Most important HTTP requests (5 more less prominent)
GET Requests a representation of the specied resource. safe
PUT Uploads a representation of the specied resource. idempotent
DELETE Deletes the specied resource. idempotent
POST Submits data to be processed (e.g., from a web
form) to the identied resource.
Denition 564 We call a HTTP request safe, i it does not change the state in the
web server. (except for server logs, counters,. . . ; no side eects)
Denition 565 We call a HTTP request idempotent, i executing it twice has the
same eect as executing it once.
HTTP is a stateless protocol (very memory-ecient for the server.)
Overview: A http request in the browser
268
Example: An http request in real life
Connect to the web server (port 80) (so that we can see what is happening)
telnet www.kwarc.info 80
Send o the GET request
GET /teaching/GenCS2.html http/1.1
Host: www.kwarc.info
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.4)
Gecko/20100413 Firefox/3.6.4
Response from the server
HTTP/1.1 200 OK
Date: Mon, 03 May 2010 06:48:36 GMT
Server: Apache/2.2.9 (Debian) DAV/2 SVN/1.5.1 mod_fastcgi/2.4.6 PHP/5.2.6-1+lenny8 with
Suhosin-Patch mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g
Last-Modified: Sun, 02 May 2010 13:09:19 GMT
ETag: "1c78b-db1-4859c2f221dc0"
Accept-Ranges: bytes
Content-Length: 3505
Content-Type: text/html

<html xmlns="http://www.w3.org/1999/xhtml"><head>...</head></html>
269
HTML: Hypertext Markup Language
Denition 566 The HyperText Markup Language (HTML), is a representation format
for web pages. Current version 4.01 is dened in [RHJ98].
Denition 567 (Main markup tagsof HTML) HTML marks up the structure
and apearance of text with tags of the form <el> (begin) and </el> (end), where el is
one of the following
structure html,head, body metadata title, link, meta
headings h1, h2, . . . , h6 paragraphs p, br
lists ul, ol, dl, . . . , li hyperlinks a
images img tables table, th, tr, td, . . .
CSS style style, div, span old style b, u, tt, i, . . .
interaction script forms form, input, button
Example 568 A (very simple) HTML le.
<html>
<body>
<p>Hello GenCSII!</p>
</body>
</html>
Example 569 Forms contain input elds and explanations.
<form name="input" action="html_form_submit.asp" method="get">
Username: <input type="text" name="user" />
<input type="submit" value="Submit" />
</form>
The result is a form with three elements: a text, an input eld, and a submit button, that
will trigger a HTTP GET request.
HTML5: The Next Generation HTML
Denition 570 The HyperText Markup Language (HTML5), is believed to be the next
generation of HTML. It is dened by the W3C and the WhatWG.
HTML5 includes support for video and MathML (without namespaces).
270
CSS: Cascading Style Sheets
Idea: Separate structure/function from appearance.
Denition 571 The Cascading Style Sheets (CSS), is a style sheet language that allows
authors and users to attach style (e.g., fonts and spacing) to structured documents.
Current version 2.1 is dened in [BCHL09].
Example 572 Our text le from Example 568 with embedded CSS
<html>
<head>
<style type="text/css">
body {background-color:#d0e4fe;}
h1 {color:orange;
text-align:center;}
p {font-family:"Verdana";
font-size:20px;}
</style>
</head>
<body>
<h1>CSS example</h1>
<p>Hello GenCSII!.</p>
</body>
</html>
Dynamic HTML
Idea: generate some of the web page dynamically. (embed interpreter into browser)
Denition 573 JavaScript is an object-oriented scripting language mostly used to en-
able programmatic access to the document object model in a web browser, providing en-
hanced user interfaces and dynamic websites. Current version is standardized by ECMA
in [ECM09].
Example 574 We write the some text into a HTML document object (the document
API)
<html>
<head>
<script type="text/javascript">document.write("ThisismyfirstJavaScript!");</script>
</head>
<body>

</body>
</html>
271
Applications and useful tricks in Dynamic HTML
hide document parts by setting CSS style attributes to display:none
<html>
<head>
<style type="text/css">#dropper { display: none; }</style>
<script language="JavaScript" type="text/javascript">
function toggleDiv(element){
if(document.getElementById(element).style.display = none)
{document.getElementById(element).style.display = block}
else if(document.getElementById(element).style.display = block)
{document.getElementById(element).style.display = none}}
</script>
</head>
<body>
<div onClick="toggleDiv(dropper);">...more </div>
<div id="dropper">
<p>Now you see it!</p>
</div>
</body>
</html>
precompute input elds from browser caches and cookies
write gmail or google docs in JavaScript web applicaitions.
Cookies
Denition 575 A cookie is a little text les left on your hard disk by some websites
you visit.
cookies are data not programs, they do not generate pop-ups or behave like viruses, but
they can include your log-in name and browser preferences
cookies can be convenient, but they can be used to gather information about you and
your browsing habits
Denition 576 third party cookies are used by advertising companies to track users
across multiple sites
We have now seen the basic architecture and protocols of the World Wide Web. This covers basic
interaction with web pages via browsing of links, as has been prevalent until around 1995. But
this is not now we interact with the web nowadays; instead of browsing we use web search engines
like Google or Yahoo, we will cover next how they work.
16.4 Introduction to Web Search
272
Web Search Engines
Denition 577 A web search engine is a web application designed to search for infor-
mation on the World Wide Web.
Web search engines usually operate in four phases/components
1. Data Acquisition: a web crawler nds and retrieves (changed) web pages
2. Search in Index: write an index and search there.
3. Sort the hits: e.g. by importance
4. Answer composition: present the hits (and add advertisement)
273
Data Acquisition for Web Search Engines: Web Crawlers
Denition 578 A web crawler or spider is a computer probram that browses the
WWWebin an automated, orderly fashion for the purpose of information gathering.
Web crawlers are mostly used for data acquisition of web search engines, but can also
automate web maintenance jobs (e.g. link checking).
The WWWeb changes: 20% daily, 30% monthly, 50% never
A Web crawler cycles over the following actions
1. reads web page
2. reports it home
3. nds hyperlinks
4. follows them
Types of Search Engines
Human-organized Documents are categorized by subject-area experts, smaller databases,
more accurate search results, e.g. Open Directory, About
Computer-created Software spiders crawl the web for documents and categorize pages,
larger databases, ranking systems, e.g. Google
Hybrid Combines the two categories above
Metasearch or clustering Direct queries to multiple search engines and cluster results,
e.g. Copernic, Vivisimo, Mamma Topic-specic e.g. WebMD
274
Searching for Documents
Problem: We cannot search the WWWeb linearly (even with 10
6
compuers: 10
15
B)
Idea: Write an index and search that instead. (like the index in a book)
Denition 579 Search engine indexing analyzes data and stores key/data pairs in a
special data structure (the search index to facilitate ecient and accurate information
retrieval.
Idea: Use the words of a document as index (multiword index) The key
for a document is the vector of word frequencies.
term 1
term 2
term 3
D
1
(t
1,1
, t
1,2
, t
1,3
)
D
2
(t
2,1
, t
2,2
, t
2,3
)
Ranking Search Hits: e.g. Googles Pagerank
Problem: There are many hits, need to sort them by some criterion (e.g. importance)
Idea: A web site is important, . . . if many other hyperlink to it.
Renement: . . . , if many important web pages hyperlink to it.
Denition 580 Let A be a web page that is hyperlinkef from web pages S
1
, . . . , S
n
,
then
PR(A) = 1 d +d
_
PR(S
1
)
C(S
1
)
+
PR(S
n
)
C(S
n
)
_
where C(W) is the number of links in a page W and d = 0.85.
275
Answer Composition in Search Engines
Answers: To present the search results we need to address:
Hits and their context
format conversion
caching
Advertizing: to nance the service
advertizer can buy search terms
ads correspond to search interest
advertizer pays by click.
Web Search: Advanced Search Options:
Searches for various information formats & types, e.g. image search, scholarly search
Advanced query operators and wild cards
? (e.g. science? means search for the keyword science but I am not
sure of the spelling)
* (wildcard, e.g. comput* searches for keywords starting with comput
combined with any word ending)
AND (both terms must be present)
OR (at least one of the terms must be esent)
276
How to run
Google Hardware: estimated 2003
79,112 Computers (158,224 CPUs)
316,448 Ghz computation power
158,224 GB RAM
6,180 TB Hard disk space
2010 Estimate: 2 MegaCPU
Google Software: Custom Linux Distribution
16.5 Security by Encryption
277
Security by Encryption
Problem: In open packet-switched networks like the Internet, anyone
can inspect the packets (and see their contents via packet sniers)
create arbitrary packets (and forge their metadata)
can combine both to falsify communication (man-in-the-middle attack)
In dedicated line networks (e.g. old telephone) you needed switch room access.
But there are situations where we want our communication to be condential,
Internet Banking (obviously, other criminals would like access to your account)
Whistle-blowing (your employer should not know what you sent to WikiLeaks)
Login to Campus.net (wouldnt you like to know my password to correct grades?)
Idea: Encrypt packet content (so that only the recipients can decrypt)
an build this into the fabric of the Internet (so that users dont have to know)
Denition 581 Encryption is the process of transforming information (referred to as
plaintext) using an algorithm to make it unreadable to anyone except those possessing
special knowledge, usually referred to as a key. The result of encryption is called cypher-
text, and the reverse process that transforms cyphertext to plaintext: decryption.
Symmetric Key Encryption
Denition 582 Symmetric-key algorithms are a class of cryptographic algorithms that
use essentially identical keys for both decryption and encryption.
Example 583 Permute the ASCII table by a bijective function : 0, . . . , 127
0, . . . , 127 ( is the shared key)
Example 584 The AES algorithm (Advanced Encryption Standard [AES01]) is a widely
used symmetric-key algorithm that is approved by US government organs for transmitting
top-secret information.
Note: For trusted communication sender and recipient need access to shared key.
Problem: How to initiate safe communication over the internet?(far, far apart) Need to
exchange shared key (chicken and egg problem)
Pipe dream: Wouldnt it be nice if I could just publish a key publicly and use that?
Actually: this works, just (obviously) not with symmetric-key encryption.
278
Public Key Encryption
Denition 585 In an asymmetric-key encryption method, the key needed to encrypt a
message is dierent from the key for decryption. Such a method is called a public-key
encryption if the encryption key (called the public key) is very dicult to reconstruct from
the decryption key (the private key).
Preparation: The person who anticipates receiving messages rst creates both a public
key and an associated private key, and publishes the public key.
Application: Condential Messaging: To send a condential message the sender encrypts
it using the intended recipients public key; to decrypt the message, the recipient uses the
private key.
Application: Digital Signatures: A message signed with a senders private key can be
veried by anyone who has access to the senders public key, thereby proving that the
sender had access to the private key (and therefore is likely to be the person associated
with the public key used), and the part of the message that has not been tampered with.
The condential messaging is analogous to a locked mailbox with a mail slot. The mail slot is
exposed and accessible to the public; its location (the street address) is in essence the public key.
Anyone knowing the street address can go to the door and drop a written message through the
slot; however, only the person who possesses the key can open the mailbox and read the message.
An analogy for digital signatures is the sealing of an envelope with a personal wax seal. The
message can be opened by anyone, but the presence of the seal authenticates the sender.
Encryption by Trapdoor Functions
Idea: Mathematically, encryption can be seen as an injective function. Use functions for
which the inverse (decryption) is dicult to compute.
Denition 586 A one-way function is a function that is easy to compute on every
input, but hard to invert given the image of a random input.
In theory: easy and hard are understood wrt. computational complexity theory,
specically the theory of polynomial time problems. E.g. easy = O(n) and hard =
(2
n
)
Remark: It is open whether one-way functions exist ( to P = NP conjecture)
In practice: easy is typically interpreted as cheap enough for the legitimate users
and prohibitively expensive for any malicious agents.
Denition 587 A trapdoor function is a one-way function that is easy to invert given
a piece of information called the trapdoor.
Example 588 Consider a padlock, it is easy to change from open to closed, but very
dicult to change from closed to open unless you have a key (trapdoor).
279
Candidates for one-way/trapdoor functions
Multiplication and Factoring: The function f takes as inputs two prime numbers p and
q in binary notation and returns their product. This function can be computed in O(n
2
)
time where n is the total length (number of digits) of the inputs. Inverting this function
requires nding the factors of a given integer N. The best factoring algorithms known
for this problem run in time 2
O((log(N)
1
3 )(log(log(N))
2
3 ))
.
Modular squaring and square roots: The function f takes two positive integers x and N,
where N is the product of two primes p and q, and outputs x
2
div N. Inverting this func-
tion requires computing square roots modulo N; that is, given y and N, nd some x such
that x
2
mod N = y. It can be shown that the latter problem is computationally equivalent
to factoring N (in the sense of polynomial-time reduction) (used in RSA encryption)
Discrete exponential and logarithm: The function f takes a prime number p and an
integer x between 0 and p 1; and returns the 2
x
div p. This discrete exponential
function can be easily computed in time O(n
3
) where n is the number of bits in p.
Inverting this function requires computing the discrete logarithm modulo p; namely, given
a prime p and an integer y between 0 and p 1, nd x such that 2
x
= y.
Example: RSA-129 problem
280
Classical- and Quantum Computers for RSA-129
16.6 An Overview over XML Technologies
Excursion: XML (EXtensible Markup Language)
XML is language family for the Web
tree representation language (begin/end brackets)
restrict instances by Doc. Type Def. (DTD) or Schema (Grammar)
Presentation markup by style les (XSL: XML Style Language)
XML is extensible HTML & simplied SGML
logic annotation (markup) instead of presentation!
many tools available: parsers, compression, data bases, . . .
conceptually: transfer of directed graphs instead of strings.
details at http://www.w3c.org
281
XML is Everywhere (E.g. document metadata)
Example 589 Open a PDF le in AcrobatReader, then cklick on
File DocumentProperties DocumentMetadata V iewSource, you get
the following text: (showing only a small part)
<rdf:RDF xmlns:rdf=http://www.w3.org/1999/02/22-rdf-syntax-ns#
xmlns:iX=http://ns.adobe.com/iX/1.0/>
<rdf:Description xmlns:pdf=http://ns.adobe.com/pdf/1.3/>
<pdf:CreationDate>2004-09-08T16:14:07Z</pdf:CreationDate>
<pdf:ModDate>2004-09-08T16:14:07Z</pdf:ModDate>
<pdf:Producer>Acrobat Distiller 5.0 (Windows)</pdf:Producer>
<pdf:Author>Herbert Jaeger</pdf:Author>
<pdf:Creator>Acrobat PDFMaker 5.0 for Word</pdf:Creator>
<pdf:Title>Exercises for ACS 1, Fall 2003</pdf:Title>
</rdf:Description>
. . .
<rdf:Description xmlns:dc=http://purl.org/dc/elements/1.1/>
<dc:creator>Herbert Jaeger</dc:creator>
<dc:title>Exercises for ACS 1, Fall 2003</dc:title>
</rdf:Description>
</rdf:RDF>
This is an excerpt from the document metadata which AcrobatDistiller saves along with each
PDF document it creates. It contains various kinds of information about the creator of the doc-
ument, its title, the software version used in creating it and much more. Document metadata is
useful for libraries, bookselling companies, all kind of text databases, book search engines, and
generally all institutions or persons or programs that wish to get an overview of some set of books,
documents, texts. The important thing about this document metadata text is that it is not written
in an arbitrary, PDF-proprietary format. Document metadata only make sense if these metadata
are independent of the specic format of the text. The metadata that MSWord saves with each
Word document should be in the same format as the metadata that Amazon saves with each of
its book records, and again the same that the British library uses, etc.
XML is Everywhere (E.g. Web Pages)
Example 590 Open web page le in FireFox, then click on V iew PageSource,
you get the following text: (showing only a small part and reformatting)
<!DOCTYPE html PUBLIC "-//W3C//DTDXHTML1.0Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Michael Kohlhase</title>
<meta name="generator"
content="PagegeneratedfromXMLsourceswiththeWSMLpackage"/>
</head>
<body>. . .
<p>
<i>Professor of Computer Science</i><br/>
Jacobs University<br/><br/>
<strong>Mailing address - Jacobs (except Thursdays)</strong><br/>
<a href="http://www.jacobs-university.de/schools/ses">
School of Engineering & Science
</a><br/>. . .
</p>. . .
</body>
</html>
282
XML Documents as Trees

Idea: An XML Document is a Tree
<omtext xml:id="foo"
xmlns=". . ."
xmlns:om=". . .">
<CMP xml:lang=en>
The number
<om:OMOBJ>
<om:OMS cd="nums1"
name="pi"/>
<om:OMOBJ>
is irrational.
</CMP>
</omtext>
omtext
CMP
xml:id foo
xml:lang en
text
The number
text
is irrational.
om:OMOBJ
om:OMS
cd nums1 name pi
xmlns . . .
xmlns:om . . .
Denition 591 The XML document tree is made up of element nodes, attribute nodes,
text nodes (and namespace declarations, comments,. . . )
Denition 592 For communication this tree is serialized into a balanced bracketing
structure, where
an element el is represented by the brackets <el> (called the opening tag) and </el>
(called the closing tag).
The leaves of the tree are represented by empty elements (serialized as <el></el>,
which can be abbreviated as <el/>
and text nodes (serialized as a sequence of UniCode characters).
An element node can be annotated by further information using attribute nodes
serialized as an attribute in its opening tag
Note: As a document is a tree, the XML specication mandates that there must be a
unique document root.
283
UniCode, the Alphabet of the Web
Denition 593 The unicode standard (UniCode) is an industry standard allowing com-
puters to consistently represent and manipulate text expressed in any of the worlds writing
systems. (currently about 100.000 characters)
Denition 594 For each character UniCode denes a code point (a number writting
in hexadecimal as U+ABCD), a character name, and a set of character properties.
Denition 595 UniCode denes various encoding schemes for characters, the most
important is UTF-8.
Example 596
char point name UTF-8 Web
A U+0041 CAPITAL A 41 A
U+03B1 GREEK SMALL LETTER ALPHA 03 B1 α
UniCode also supplies rules for text normalization, decomposition, collation (sorting),
rendering and bidirectional display order (for the correct display of text containing both
right-to-left scripts, such as Arabic or Hebrew, and left-to-right scripts).
Denition 597 The UTF-8 encoding encodes each character in one to four octets
(8-bit bytes):
1. One byte is needed to encode the 128 US-ASCII characters (Unicode range U+0000
to U+007F).
2. Two bytes are needed for Latin letters with diacritics and for characters from Greek,
Cyrillic, Armenian, Hebrew, Arabic, Syriac and Thaana alphabets (Unicode range
U+0080 to U+07FF).
3. Three bytes are needed for the rest of the Basic Multilingual Plane (which contains
virtually all characters in common use).
4. Four bytes are needed for characters in the other planes of Unicode, which are rarely
used in practice.
284
XPath, A Language for talking about XML Tree Fragments
Denition 598 The XML path language (XPath) is a language framework for specifying
fragments of XML trees.
Example 599
omtext
CMP
xml:id foo
xml:lang en
text
The number
text
is irrational.
om:OMOBJ
om:OMS
cd nums1 name pi
xmlns . . .
xmlns:om . . .
XPath exp. fragment
/ root
omtext/CMP/ all CMP children
//@name the name attribute
on the om:OMS ele-
ment
//CMP/ [1] the rst child of all
OMS elements
// [@cd =
nums1
] all elements whose

cd has value
nums1
The Dual Role of Grammar in XML (I)
The XML specication [XML] contains a large character-level grammar.(81 productions)
NameChar :== Letter [ Digit [

.
[

[

:
[ CombiningChar [ Extender
Name :== (Letter [

[

:
) (NameChar)
element :== EmptyElementTag [ STag content ETag

STag :==

<
(S)
Name (S)
attribute (S)

>
ETag :==

< /
(S)
Name (S)

>
EmptyElementTag :==

<
(S)
Name (S)
attribute (S)

/ >
use these to parse well-formed XML document into a tree data structure
use these to serialize a tree data structure into a well-formed XML document
Idea: Integrate XML parsers/serializers into all programming languages to communicate
trees instead of strings. (more structure = better CS)
285
The Dual Role of Grammar in XML (II)
Idea: We can dene our own XML language by dening our own elements and attributes.
Validation: Specify your language with a tree grammar (works like a charm)
Denition 600 Document Type Denitions (DTDs) are grammars that are built into
the XML framework.
Put <!DOCTYPE foo PUBLIC "foo.dtd"> into the second line of the document to val-
idate.
Denition 601 RelaxNG is a modern XML grammar/schema framework on top of the
XML framework.
RelaxNG, A tree Grammar for XML
Denition 602 Relax NG (RelaxNG: Regular Language for XML Next Generation) is
a tree grammar framework for XML documents.
A RelaxNG schema is itself an XML document; however, RelaxNG also oers a popular,
non-XML compact syntax.
Example 603 The RelaxNG grammars validate the left document
document RelaxNG in XML RelaxNG compact
<lecture>
<slide id="foo">
first slide
</slide>
<slide id="bar">
second one
</slide>
</lecture>
<grammar>
<start>
<element name="lecture">
<oneOrMore>
<ref name="slide"/>
</oneOrMore>
</element>
</start>
<define name="slide">
<element name="slide">
<text/>
</element>
<attribute name="id">
<text/>
</attribute>
</define>
</grammar>
start = element lecture
{slide+}
slide = element slide
{attribute id {text}
text}
16.7 More Web Resources
Wikis
Denition 604 (Wikis) A Wiki is a website on which authoring and editing can be
done by anyone at anytime using a simple browser.
Example 605 Wikipedia, Wikimedia, Wikibooks, Citizendium, etc.(accuracy concerns)
Allow individuals to edit content to facilitate
286
Internet Telephony (VoIP)
Denition 606 VoIP uses the Internet to make phone calls, videoconferences
Example 607 Providers include Vonage, Verizon, Skype, etc.
Long-distance calls are either very inexpensive or free
(Quality, security, and reliability concerns)
Social Networks
Denition 608 A social network service is an Internet service that focuses on building
and reecting of social networks or social relations among people, e.g., who share interests
and/or activities.
A social network service essentially consists of a representation of each user (often a
prole), his/her social links, and a variety of additional services. Most social network
services provide means for users to interact over the internet, such as e-mail and instant
messaging.
Example 609 MySpace, Facebook, Friendster, Orkut, etc.
Really Simple Syndication (RSS)
FireAnt, i-Fetch, RSS Captor, etc.
Built-in Web browser RSS features
Instant messaging (IM) and real-time chat (RTC)
Multi-protocol IM clients (AIM)
Web-based IM systems (Forum, chat room)
Podcasting, Blogs
Blogger, Xanga, LiveJournal, etc.
Types: Microblog, vlog, photoblog, sketchblog, linklog, etc.
Blog search engines
Blogs and advertising, implications of ad blocking software
Do bloggers have the same rights as journalists?
16.8 The Semantic Web
287
The Current Web
Resources: identied by URIs, untyped
Links: href, src, . . . limited, non-descriptive
User: Exciting world - semantics of the resource, however, gleaned from content
Machine: Very little information available - signicance of the links only evident from
the context around the anchor.
The Semantic Web
Resources: Globally Identied by URIs or Locally scoped (Blank), Extensible, Relational
Links: Identied by URIs, Extensible, Relational
User: Even more exciting world, richer user experience
Machine: More processable information is available (Data Web)
Computers and people: Work, learn and exchange knowledge eectively
288
What is the Information a User sees?
WWW2002
The eleventh international world wide web conference
Sheraton waikiki hotel
Honolulu, hawaii, USA
7-11 may 2002
1 location 5 days learn interact
Registered participants coming from
australia, canada, chile denmark, france, germany, ghana, hong kong, india,
ireland, italy, japan, malta, new zealand, the netherlands, norway,
singapore, switzerland, the united kingdom, the united states, vietnam, zaire
On the 7th May Honolulu will provide the backdrop of the eleventh
international world wide web conference. This prestigious event ?
Speakers conrmed
Tim Berners-Lee: Tim is the well known inventor of the Web, ?
Ian Foster: Ian is the pioneer of the Grid, the next generation internet ?
What the machine sees
JJJ//
T|||_|..|./_/,_,|_||/||||
o|./_||/.|
1//_|o/
//
1|.||,.|.|//
.|,||,|||||/|/,
|,.[.|_|,.||.|,/_
/|_.|,.|.|,|,/.|.|,..|_|.|
O.|./1//_/_,|.|||,//.|||_|.
.|./_/,_,|_||/||||T|./|_|.
o||||/|,
T||||T.|_||/__|.//.|J|
JT/.|J.|/||/.|(,.||.||./.||.
289
Solution: XML markup with meaningful Tags
<title>JJJ//T|||_|..|./_/,_,|_||/||||</title>
<place>o|./J||/.|1//_|o/</place>
<date>//</date>
<participants>1|.||,.|.|//
.|,||,|||||/|/,
|,.[.|_|,.||.|,/_
/|_.|,.|.|,|,/.|.|,..|_|.
|</participants>
</introduction>O.|./1//_/_,|.|||,//.|||_|.
.|./_/,_,|_||/||||</introduction>
<program>o||||/|,
<speaker>T||||T.|_||/__|.//.|J|</speaker>
<speaker>JT/.|J.|/||/.|(,.||.||./.|
|.<speaker></program>
What the machine sees of the XML
<..|>JJJ//T|||_|..|./_/,_,|_||/||||</..|>
<||>o|./J||/.|1//_|o/</||>
<,.|>//</,.|>
<.|.>1|.||,.|.|//
.|,||,|||||/|/,
|,.[.|_|,.||.|,/_
/|_.|,.|.|,|,/.|.|,..|_|.
|</.|.>
</./,|./>O.|./1//_/_,|.|||,//.|||_|..|
./_/,_,|_||/||||</./,|./>
</>o||||/|,
<|||>T||||T.|_||/__|.//.|J|</|||>
<|||>JT/.|J.|/||/.|(,.||.||./.|
|.<|||><//>
290
Need to add Semantics
External agreement on meaning of annotations E.g., Dublin Core
Agree on the meaning of a set of annotation tags
Problems with this approach: Inexible, Limited number of things can be expressed
Use Ontologies to specify meaning of annotations
Ontologies provide a vocabulary of terms
New terms can be formed by combining existing ones
Meaning (semantics) of such terms is formally specied
Can also specify relationships between terms in multiple ontologies
291
References
[AES01] Announcing the ADVANCED ENCRYPTION STANDARD (AES), 2001.
[BCHL09] Bert Bos, Tantek Celik, Ian Hickson, and Hakon Wium Lie. Cascading style sheets
level 2 revision 1 (CSS 2.1) specication. W3C Candidate Recommendation, World
Wide Web Consortium (W3C), 2009.
[BLFM05] Tim Berners-Lee, Roy T. Fielding, and Larry Masinter. Uniform resource identier
(URI): Generic syntax. RFC 3986, Internet Engineering Task Force (IETF), 2005.
[Den00] Peter Denning. Computer science: The discipline. In A. Ralston and D. Hem-
mendinger, editors, Encyclopedia of Computer Science, pages 405419. Nature Pub-
lishing Group, 2000.
[DH98] S. Deering and R. Hinden. Internet protocol, version 6 (IPv6) specication. RFC 2460,
Internet Engineering Task Force (IETF), 1998.
[ECM09] ECMAScript language specication, December 2009. 5
th
Edition.
[FGM
+
99] R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-
Lee. Hypertext transfer protocol HTTP/1.1. RFC 2616, Internet Engineering Task
Force (IETF), 1999.
[Hal74] Paul R. Halmos. Naive Set Theory. Springer Verlag, 1974.
[HL11] Martin Hilbert and Priscila Lopez. The worlds technological capacity to store, com-
municate, and compute information. Science, 331, feb 2011.
[Hut07] Graham Hutton. Programming in Haskell. Cambridge University Press, 2007.
[Koh08] Michael Kohlhase. Using L
A
T
E
X as a semantic markup format. Mathematics in Com-
puter Science, 2(2):279304, 2008.
[Koh10] Michael Kohlhase. sTeX: Semantic markup in T
E
X/L
A
T
E
X. Technical report, Compre-
hensive T
E
X Archive Network (CTAN), 2010.
[KP95] Paul Keller and Wolfgang Paul. Hardware Design. Teubner Leibzig, 1995.
[LP98] Harry R. Lewis and Christos H. Papadimitriou. Elements of the Theory of Computa-
tion. Prentice Hall, 1998.
[OSG08] Bryan OSullivan, Don Stewart, and John Goerzen. Real World Haskell. OReilly,
2008.
[Pal] Neil/Freds gigantic list of palindromes. web page at http://www.derf.net/
palindromes/.
[RFC80] DOD standard internet protocol, 1980.
[RHJ98] Dave Raggett, Arnaud Le Hors, and Ian Jacobs. HTML 4.0 Specication. W3C
Recommendation REC-html40, World Wide Web Consortium (W3C), April 1998.
[RN95] Stuart J. Russell and Peter Norvig. Articial Intelligence A Modern Approach.
Prentice Hall, Upper Saddle River, NJ, 1995.
[Ros90] Kenneth H. Rosen. Discrete Mathematics and Its Applications. McGraw-Hill, 1990.
[SML10] The Standard ML basis library, 2010.
[XML] Extensible Markup Language (XML) 1.0 (Fourth Edition). Web site at http://www.
w3.org/TR/REC-xml/.
292
Index
-notation, 38
abstract
call-by-value
interpreter, 66
computation, 60
data
type, 57
interpreter, 60
procedure, 65
Program, 65
access
random (), 179
accumulator, 179
acyclic, 143
directed (), 143
adder, 157
carry chain, 160
conditional sum, 161
full, 158
half, 157
twos-complement, 169
addition
carry chain, 156
operation, 29
rules, 156
address
decoder, 177
IPv4, 261
IPv6, 261
MAC, 260
admissible, 112, 236
agent
user, 268
algebra
Boolean, 88
algorithm, 19
generate-and-test, 101
search, 210
algorithm, 20
alphabet, 74
ALU, 173, 179181
anchor
cell, 199
anonymous
variables, 44
answer
substitution, 248
antisymmetric, 36
append
function, 54
application
layer, 262
argument, 60
arithmetic, 110
logic
unit, 173
American Standard Code for Information Inter-
change, 79
assembler, 184
language, 179, 181
assignment
variable, 87
astarSearch search, 236
asymptotically
bounded, 93
asynchronous, 176
atom, 107, 126
atomic, 126
attribute, 279
node, 279
axiom, 26
Axioms
Peano, 58
balanced
binary
tree, 149
bracketing
structure, 279
fully (), 149
base, 154
case, 27
condition, 25, 27
knowledge, 247
sort, 57
basic
multilingual
plane, 81
operator, 43
type, 43
constructor, 43
bijection, 155
bijective, 39
binary, 76
balanced (), 149
natural
number, 165
tree, 149
bit
carry, 157
most signicant, 165
293
sign, 165
sum, 157
Blaise Pascal, 110
Boolean
algebra, 88
expressions, 147
function, 89
polynomial, 90
sum, 86
bootstrapping
process, 155
borrow
input (), 169
bounded
asymptotically, 93
bracketing
balanced (), 279
branch
closed, 128
open, 128
Browser
web, 267
by description
denition, 34
byte
code, 184, 194
C, 196
calculus
complete, 113
correct, 113
resolution, 133
call-by-value
abstract (), 66
canonical
product, 91
sum, 91
card
punch, 80
cardinality, 39
carry
bit, 157
input, 158
intermediate, 170
carry chain
adder, 160
addition, 156
Cartesian
n-dim (nCartSpace), 33
n-fold (nCartProd), 33
procedure, 49
product, 33
case
base, 27
spfstep, 27
cell
anchor, 199
internal, 199
chain
innite, 68
character, 74
code, 76, 155
encoding, 82
name, 280
properties, 280
structural, 83
child, 144
circuit
combinational, 145
combinatorial, 145, 146
clause, 90, 133
empty, 133
fact, 253
Horn, 253
rule, 253
set, 90
clock, 176
closed, 61
branch, 128
closing
tag, 279
CNF, 91
code
byte, 184, 194
character, 76, 155
Morse, 77
on strings, 77
point, 81, 280
prex, 77
string, 77, 155
codeword, 76
codomain, 37
combinational
circuit, 145
combinatorial
circuit, 145, 146
command interpreter, 185
compact
syntax, 282
compiler, 184, 185
complete
calculus, 113
complex, 126
complexity
theory, 22
composition, 36
computation, 60
abstract, 60
294
Computer
Science, 8
computes, 148
concatenation, 74, 75
condition
base, 25, 27
spfstep, 27
step, 25, 28
conditional sum
adder, 161
conjecture, 25
conjunctive
normal
form, 91, 133
constant
name, 83
constructive
proof, 94
constructor, 45
declaration, 57
ground (), 58
term, 62
control, 162
structure, 43
converse, 36
cookie, 272
cookies
third party, 272
corollary, 25
correct
calculus, 113
cost, 148
countably
innite, 39
counter
program, 179, 180
counterexamples, 108
covers, 92
CPU, 179
crawler
web, 274
Cascading Style Sheets, 271
current
instruction, 180
state, 240
Currying, 48
cycle, 143
cyclic, 143
DAG, 143
data
abstract (), 57
store, 179
declaration
constructor, 57
function, 43
namespace, 279
parameter, 64
type, 43
value, 43
decoder
address, 177
dened
inductively, 45
deniendum, 33
deniens, 33
denition
implicit, 34
simple, 33
denition
by description, 34
depth, 85
derivation, 26, 112
derived
inference
rule, 130, 135
rule, 130
derives, 128
dierence
set, 33
digit, 154
digraph, 139
directed
acyclic
graph, 143
edge, 139
graph, 139, 140
disjunctive
normal
form, 91, 133
diverges, 68
DNF, 91, 133, 152
DNS, 262
document
root, 279
XML (), 279
Document Type Denition, 282
domain, 37
Domain Name System, 262
dominates, 98, 239
DTD, 282
edge, 140
directed, 139
undirected, 139
edges, 17
element
empty, 279
295
node, 279
empty
clause, 133
element, 279
set, 33
string, 74
encoding
character, 82
scheme, 280
end, 143
environment, 193
equality
set, 32
equivalence
relation, 36
equivalence class, 20
equivalent, 88, 89
graph, 141
essential, 102
evaluation
function, 87, 236
exception
handler, 73
exclusive
or, 153
expression, 83
label, 147
cost, 92
expressions
Boolean, 147
extension, 76
fact, 247
clause, 253
falsiable, 108
Fibonacci
number, 68
sequence, 68
nite, 39
rmware, 181
folding
left (), 49
right (), 50
formal
language, 75
formula
labeled, 126
frame
pointer, 199
fringe, 218
full
n-bit (nbitfulladder), 159
adder, 158
fully
balanced
tree, 149
function
append, 54
Boolean, 89
declaration, 43
evaluation, 87, 236
interpretation, 87
inverse, 39
name, 83
partial, 37
result, 68
selector, 44
sort, 57
space, 37
total, 37
composition, 40
cost, 92
functional
programming
language, 41, 181
gate, 146
generate-and-test, 20
algorithm, 101
goal, 248
state, 212
Gottfried Wilhelm Leibniz, 110
graph, 16
directed, 139, 140
equivalent, 141
isomorphism, 141
labeled, 142
undirected, 139, 140
depth, 144
greedy
search, 234
ground, 61
constructor
term, 58
half
adder, 157
handled, 73
handler
exception, 73
head, 58
heuristic, 234
hexadecimal
numbers, 181
Horn
clause, 253
HyperText Markup Language, 270
HyperText Markup Language, 270
296
HTTP, 268
Hypertext Transfer Protocol, 268
http
request, 268
hypothetical
reasoning, 121
IANA, 261
Internet Assigned Numbers Authority, 261
ICANN, 262
idempotent, 268
idiom
math, 30
image, 40
immediate
subterm, 59
imperative
programming
language, 181
implicant, 98
prime, 98
implicit
denition, 34
implies, 98
in-degree, 139
index
search, 275
indexing, 275
induced, 89
induced by, 65
inductive, 45
inductively
dened, 45
inference, 25, 26
derived (), 130, 135
rule, 133
innite
chain, 68
countably, 39
innite precision
integers, 70
initial, 141
node, 141
state, 212
injective, 39
input
borrow
bit, 169
carry, 158
vertex, 146
instantiates, 62
instruction
current, 180
program, 181
integers
innite precision, 70
interface
network, 260
intermediate
carry, 170
internal
cell, 199
Internet, 255
Internet Protocol, 261
interpretation
function, 87
interpreter
abstract, 60
intersection, 33
intersection over a collection, 33
invariants
loop, 184
inverse
function, 39
IP, 261
IPv4, 261
address, 261
Internet Protocol Version 4, 261
IPv6, 261
address, 261
Internet Protocol Version 6, 261
isomorphism
graph, 141
iterator, 49
Java, 196
jump
table, 189
Karnaugh-Veitch
map, 105
key, 193, 275
knowledge
base, 247
KV-map, 105
label, 142
expression, 147
labeled
formula, 126
graph, 142
-notation, 38
Landau
set, 93
language
assembler, 179, 181
formal, 75
layer
297
application, 262
transport, 262
leaf, 144
leak
memory, 195
left
folding
operator, 49
lemma, 25
length, 143
lexical
order, 76
LIFO, 185
linear
order, 36
list
variable, 89
literal, 90, 126, 129
local
search, 240
logic
arithmetic (), 173
sequential (), 174
logical
program, 253
reasoning, 25
system, 25
loop
invariants, 184
MAC
address, 260
media access control address, 260
machine, 184
register, 179, 180, 184
virtual, 184, 185
management
memory (), 179
map
Karnaugh-Veitch, 105
matcher, 62
matching
pattern, 44
math
idiom, 30
mathematical
vernacular, 30
maxterm, 92
maze, 17
memory
leak, 195
management
unit, 179
random access, 179
minimal
polynomial, 152
minterm, 92
MMU, 179181
model, 87
monomial, 90, 133
Morse
code, 77
most signicant
bit, 165
multilingual
basic (), 81
multiplexer, 162
n-tuple, 33
name
character, 280
constant, 83
function, 83
variable, 83
namespace
declaration, 279
natural
binary (), 165
unary (), 24
n-bit
full
adder, 159
n-fold
Cartesian
product, 33
n-dim
Cartesian
space, 33
negative, 128
network
interface, 260
packet-switched, 258
packets, 258
NIC, 260
network interface controller, 260
node, 139, 140
attribute, 279
element, 279
initial, 141
root, 19
terminal, 141
text, 279
nodes, 17
nonempty
string, 75
normal, 91
conjunctive (), 91, 133
disjunctive (), 91, 133
298
number
Fibonacci, 68
positional (), 154
numbers
hexadecimal, 181
o
worked, 133
oine
problem
solving, 211
on
relation, 36
on strings
code, 77
one, 27
open
branch, 128
opening
tag, 279
operation
addition, 29
operator, 212
basic, 43
or
exclusive, 153
order
lexical, 76
linear, 36
partial, 36
ordered
pair, 139, 140
out-degree, 139
output
vertex, 146
overow, 172
packet-switched
network, 258
packets
network, 258
page
web, 267
pair, 33, 139
ordered, 139, 140
parameter
declaration, 64
parent, 144
parse-tree, 145
partial
function, 37
order, 36
Pascal, 196
path, 143
XML (), 281
pattern
matching, 44
Peano
Axioms, 58
point
code, 81, 280
pointer
frame, 199
stack, 188
polarity, 165
polynomial
Boolean, 90
minimal, 152
port, 264
positional
number
system, 154
positive
unit-resulting
hyperresolution, 253
postulate, 25
power
set, 33
pre-image, 40
prex, 75
code, 77
proper, 75
abstract
procedure, 60
argument
sort, 60
result
sort, 60
rule, 60
prime
implicant, 98
problem
oine (), 211
procedure
abstract, 60, 65
Cartesian, 49
static, 196
process
bootstrapping, 155
product, 86
canonical, 91
Cartesian, 33
sort, 57
term, 90
product of
sums, 90
products
sum of, 90
299
Program
abstract, 65
program, 179
counter, 179, 180
instruction, 181
logical, 253
store, 179
program store, 185
programming
functional (), 41, 181
imperative (), 181
proof, 25, 26, 112
constructive, 94
tableau, 128
proper
prex, 75
proper subset, 32
proper superset, 32
properties
character, 280
proposition, 107
pull-back, 155, 157
punch
card, 80
query, 248, 253
Quine-McCluskey, 152
radix, 154
raised, 73
RAM, 179, 180
random access
memory, 179
random
access
memory, 179
random access
memory, 179
reasoning
hypothetical, 121
logical, 25
recipe, 20
recursion
relation, 67
step, 67
recursive, 46, 67
reexive, 36
refutation
resolution, 133
tableau, 128
register, 179, 180
machine, 179, 180, 184
relation, 36, 140
equivalence, 36
on, 36
recursion, 67
relative
URI, 267
Relax NG, 282
RelaxNG, 282
schema, 282
representation, 16
request
http, 268
resolution
calculus, 133
refutation, 133
sproof, 134
resolvent, 100
resource
uniform (), 266, 267
web, 266
restriction, 40
result, 60
function, 68
Ridge, 243
right
folding
operator, 50
root, 144
document, 279
node, 19
rosary, 20
router, 259
RS-ipop, 174
RS-latch, 174
rule, 247
clause, 253
derived, 130
inference, 133
rule, 65
rules
addition, 156
safe, 268
satisable, 108
saturated, 128
schema
RelaxNG, 282
scheme
encoding, 280
Science
Computer, 8
search
algorithm, 210
greedy, 234
index, 275
local, 240
300
strategy, 218
web (), 273
selector
function, 44
semantics, 84
sequence
Fibonacci, 68
sequential
logic
circuit, 174
server
web, 268
set, 139
clause, 90
dierence, 33
empty, 33
equality, 32
Landau, 93
power, 33
sign
bit, 165
signature, 64
simple
denition, 33
sink, 141
site
web, 267
size, 34
solution, 212
sort
argument, 60
base, 57
function, 57
product, 57
result, 60
sorts, 57
source, 141
space
function, 37
spanning
tree, 19
spfstep
case, 27
condition, 27
sproof
resolution, 134
stack, 185
pointer, 188
Standard
Unicode, 81
standard
unicode, 280
start, 143
value, 49
state, 212
current, 240
goal, 212
initial, 212
static
procedure, 196
step
condition, 25, 28
recursion, 67
store
data, 179
program, 179
strategy
search, 218
String, 46
string, 74, 75
code, 77, 155
empty, 74
nonempty, 75
structural
character, 83
structure
control, 43
sub-monomial, 98
subset, 32
substitution, 62
answer, 248
substring, 75
subterm, 59
immediate, 59
subtracter, 169
successor, 25
sum
bit, 157
Boolean, 86
canonical, 91
term, 90
sum of
products, 90
sums
product of, 90
superset, 32
support, 62
surjective, 39
symmetric, 36
synchronous, 176
syntax, 84
compact, 282
system
logical, 25
table
jump, 189
tableau
301
proof, 128
refutation, 128
tag
closing, 279
opening, 279
TCP, 262
Transmission Control Protocol, 262
Internet Protocol Suite, 259
TCP/IP, 259
term, 64
constructor, 62
product, 90
sum, 90
terminal, 141
node, 141
terminates, 60, 65
terminates, 68
test calculi, 128
text
node, 279
theorem, 25, 26, 112
theory
complexity, 22
third party
cookies, 272
total, 36
function, 37
transitive, 36
transport
layer, 262
tree, 18, 144
binary, 149
spanning, 19
Turing
universal (), 210
twelve, 27
two, 27
twos-complement
adder, 169
twos complement, 167
type, 43
basic, 43
basic (), 43
declaration, 43
universal, 44
Universal Character Set, 81
UDP, 262
User Datagram Protocol, 262
unary
natural
numbers, 24
underow, 172
undirected
edge, 139
graph, 139, 140
Unicode
Standard, 81
unicode
standard, 280
uniform
resource
identier, 266
locator, 267
union, 33
union over a collection, 33
Union-Find, 20
unit-resulting
positive (), 253
universal
Turing
machine, 210
type, 44
universe, 87
unsatisable, 108, 133
URI
relative, 267
user
agent, 268
UTF-8, 280
valid, 108
value
declaration, 43
start, 49
variable, 61
assignment, 87
list, 89
name, 83
variables
anonymous, 44
vector, 33
vernacular
mathematical, 30
vertex, 139
input, 146
output, 146
depth, 144
virtual
machine, 184
virtual program counter, 185
visualization, 18
virtual
machine, 185
VPC, 185
web
Browser, 267
302
crawler, 274
page, 267
resource, 266
search
engine, 273
server, 268
site, 267
spider, 274
Wilhelm Schickard, 110
word, 179, 184
worked
o, 133
World Wide Web, 255
XML
document
tree, 279
path
language, 281
zero, 27
303

Notes

Uploaded by

Copyright:

Available Formats

Notes

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Notes

Uploaded by

Copyright:

Available Formats

General Computer Science

320201 GenCS I & II Lecture Notes

A little more sophistication (math) please

Functions (as special relations)

Using SML lists

Cartesian and Cascaded Procedures

is nite. supp() is called the support of .

An abstract call-by-value Interpreter

= , a, b, c, aa, ab, ac, ba, . . ., aaa, . . ..

is called a formal language in A.

(written s t), i there are strings v, w A

, such that t = vsw.

.a, b A.s = wau t = wbv (a <

is called a code on strings or short string code

is injective (decodable) on strings of length n N.

= c thus injective, as c is char. code.

(a) = c(a0), . . ., c(an).

(a): It is the prex of c

(a) that is in c(A). This is uniquely

(a), for all a A.

(a) := c(a) + for all a A.

is not a prex code, then there are a, b A with c

(b) = c(b) + , where c(b) B

is a set of constant names,

is a set of variable names,

(c) = J(c), for c C

(x) = (x), for x V

Constructing Minimal Polynomials: Prime Implicants

A better Mouse-trap for QMC

(e) = F (write / ,[=

(e) = T for some assignment

e for all assignments (write / [= e)

(e) = F for some assignments

(e) = F for all assignments

(f) = T for all with J

(love(bill, mary) (love(mary, john) hate(bill, john))) = T if

(P) = (P) and J

(B) = T (by denition of ).

(D) = T by IH (C and D have smaller depth than

(A B) = T for all assignments with J

(1) = T and thus J

(B) = T from above.

means that A does not de-

a labeled formula, if T, F. A labeled atom is

at the root a tableau

Then use the entailment theorem (Corollary 319)

(love(mary, bill) love(john, mary)) = T but J

c : Michael Kohlhase 211

which shows us that the conjectured entailment relation really holds.

(A B) = T for some variable assignment

(B) = T, so after the extension (which adds the formulae A

worked o in a tableau T , if a tableau rule has already

Example 358 Resolution Proof 1 P

Basic Denitions: Graphs

Denition 391 The cost C(G) of a circuit G is the number of gates in G.

Denition 411 A half adder is a circuit HA imple-

complement it to B(z), i.e., the bitwise negation b

More Precisely: Turing machine

-search (guide the search by heuristics)

-search is given by f(n) = g(n) +h(n),