--> ========================================================== --> Proof scores with [CITP for CafeOBJ] --> for verifications of properties --> including associativity and commutativity of _+_ and _*_ --> about Peano Style natural numbers --> kf151028 --> ========================================================== --> Peano style natural numbers mod! PNAT { [ Nat ] op 0 : -> Nat {constr} . op s_ : Nat -> Nat {constr} . -- equality over the natural numbers eq (0 = (s Y:Nat)) = false . eq ((s X:Nat) = (s Y:Nat)) = (X = Y) . } --> PNAT with plus _+_ operation mod! PNAT+ { pr(PNAT) op _+_ : Nat Nat -> Nat {r-assoc} . vars X Y : Nat . eq 0 + Y = Y . eq (s X) + Y = s (X + Y) . } --> ========================================================== --> Property of PNAT+: _+_ is associative (+assoc) --> eq[+assoc]: (X:Nat + Y:Nat) + Z:Nat = X + (Y + Z) . --> ========================================================== :verbose on . -- to see detailed information -- proof with CITP select PNAT+ . :goal{eq[+assoc]: (X:Nat + Y:Nat) + Z:Nat = X + (Y + Z) .} -- by induction on X :ind on (X:Nat) . -- check :apply (SI TC RD) . --> QED :show proof . -- to see structure of proof :verbose off . -- get back to normal mode --> ========================================================== --> ========================================================== --> Property of PNAT+: 0 is right identity of _+_ (+rz) --> eq[+ri]: X:Nat + 0 = X . --> ========================================================== -- proof with CITP select PNAT+ . :goal{eq[+ri]: X:Nat + 0 = X .} -- by induction on X :ind on (X:Nat) . -- check :apply (SI TC RD) . --> QED --> ========================================================== --> ========================================================== --> Property of PNAT+: right successor of _+_ (+rs) --> eq[+rs]: X:Nat + (s Y:Nat) = s (X + Y) . --> ========================================================== -- proof with CITP select PNAT+ . :goal{eq[+rs]: X:Nat + (s Y:Nat) = s (X + Y) .} -- by induction on X :ind on (X:Nat) . -- check :apply (SI TC RD) . --> QED --> ========================================================== --> ========================================================== --> Property of PNAT+: _+_ is commutative (+comm) --> eq[+comm]: X:Nat + Y:Nat = Y + X . --> ========================================================== -- proof with CITP mod PNAT+comm {pr(PNAT+) -- proved properties eq[+ri]: X:Nat + 0 = X . eq[+rs]: X:Nat + (s Y:Nat) = s (X + Y) . } select PNAT+comm . :goal{eq[+comm]: X:Nat + Y:Nat = Y + X .} -- by induction on X :ind on (X:Nat) . -- check :apply (SI TC RD) . --> QED --> ========================================================== --> ========================================================== --> PNAT with _+_ and _*_ operations mod! PNAT+* { pr(PNAT) vars X Y : Nat . -- notice that assoc and comm of _+_ are already proved op _+_ : Nat Nat -> Nat {assoc comm prec: 30} eq 0 + Y = Y . eq s(X) + Y = s(X + Y) . -- _*_ connects stronger than _+_ -- because it has smaller precedence (prec:) op _*_ : Nat Nat -> Nat {prec: 29 r-assoc} eq 0 * Y = 0 . eq s(X) * Y = Y + (X * Y) . } ** "{assoc comm prec: 30}" declares that the operator "_+_" ** is associative and commutative and parsing precedence 30. --> ========================================================== --> Property of PNAT+*: --> _*_ distributes over _+_ from right (*distr) --> eq[*distr]: (X:Nat + Y:Nat) * Z:Nat = X * Z + Y * Z . --> ========================================================== -- proof with CITP select PNAT+* . :goal{eq[*distr]: (X:Nat + Y:Nat) * Z:Nat = X * Z + Y * Z .} -- by induction on X :ind on (X:Nat) . -- check :apply (SI TC RD) . --> QED --> ========================================================== --> ========================================================== --> Property of PNAT+*: _*_ is associative (*assoc) --> eq[*assoc]: (X:Nat * Y:Nat) * Z:Nat = X * (Y * Z) . --> ========================================================== -- proof with CITP mod PNAT+*assoc {pr(PNAT+*) -- proved property eq[*distr]: (X:Nat + Y:Nat) * Z:Nat = (X * Z) + (Y * Z) . } select PNAT+*assoc . :goal{eq[*assoc]: (X:Nat * Y:Nat) * Z:Nat = X * (Y * Z) .} -- by induction on X :ind on (X:Nat) . -- check :apply (SI TC RD) . --> QED --> ========================================================== --> ========================================================== --> Property of PNAT+*: 0 is right-zero of _*_ (*rz) --> eq[*rz]: X:Nat * 0 = 0 . --> ========================================================== -- proof with CITP select PNAT+* . :goal{eq[*rz]: X:Nat * 0 = 0 .} -- by induction on X :ind on (X:Nat) . -- check :apply (SI TC RD) . --> QED --> ========================================================== --> ========================================================== --> Property of PNAT+*: right-successor of _*_ (*rs) --> eq[*rs]: X:Nat * (s Y:Nat) = X + (X * Y) . --> ========================================================== -- proof with CITP select PNAT+* . :goal{eq[*rs]: X:Nat * (s Y:Nat) = X + (X * Y) .} -- by induction on X :ind on (X:Nat) . -- check :apply (SI TC RD) . --> QED -- ========================================================== --> ========================================================== --> Property of PNAT+*: _*_ is commutative (*comm) --> eq[*comm]: X:Nat * Y:Nat = Y * X . --> ========================================================== -- proof with CITP mod PNAT+*comm {pr(PNAT+*) -- proved properties eq[*rz]: X:Nat * 0 = 0 . eq[*rs]: X:Nat * (s Y:Nat) = X + (X * Y) . } select PNAT+*comm . :goal{eq[*comm]: X:Nat * Y:Nat = Y * X .} -- by induction on X :ind on (X:Nat) . -- check :apply (SI TC RD) . --> QED --> ========================================================== -- ========================================================== -- end -- ==========================================================