=Paper=
{{Paper
|id=Vol-3428/paper16
|storemode=property
|title=Proof Methods and Theorem Proving for Conditional Logics with Strong Centering
|pdfUrl=https://ceur-ws.org/Vol-3428/paper16.pdf
|volume=Vol-3428
|authors=Valentina Gliozzi,Gian Luca Pozzato,Alberto Valese
|dblpUrl=https://dblp.org/rec/conf/cilc/GliozziPV23
}}
==Proof Methods and Theorem Proving for Conditional Logics with Strong Centering==
https://ceur-ws.org/Vol-3428/paper16.pdf
Proof Methods and Theorem Proving for Conditional
Logics with Strong Centering
Valentina Gliozzi1 , Gian Luca Pozzato1,* and Alberto Valese1
1
Dipartimento di Informatica, UniversitΓ degli Studi di Torino, 10149, Turin, Italy
Abstract
In this work we continue our investigation on proof methods and theorem proving for Conditional Logics
with the selection function semantics. Conditional Logics recently have received a renewed attention
and have found several applications in knowledge representation and artificial intelligence. We present a
labelled sequent calculus for systems including the axiom of strong centering CS, as well as a theorem
prover implementing the sequent calculus in Prolog.
Keywords
Conditional logics, Sequent calculi, Proof methods, Prolog, Nonmonotonic reasoning, Theorem proving
1. Introduction
Conditional Logics have a long history, starting with the seminal works [1, 2, 3, 4, 5] in the
seventies. In the last decades, Conditional Logics have found a renewed interest in several fields
of artificial intelligence and knowledge representation, from hypothetical reasoning to belief
revision, from diagnosis to nonmonotonic reasoning and planning [6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16].
Conditional Logics are extensions of classical logic by a binary operator β, called conditional
operator, used in order to express formulas of the form π΄ β π΅. Similarly to modal logics,
the semantics of Conditional Logics can be defined in terms of possible world structures. In
this respect, Conditional Logics can be seen as a generalization of modal logics (or a type of
multi-modal logic) where the conditional operator is a sort of modality indexed by a formula
of the same language. However, as a difference with modal logics, the lack of a universally
accepted semantics led to a partial underdevelopment of proof methods and theorem provers
for these logics.
An attempt to fill this gap has been proposed in [17], where labelled sequent calculi for
conditional logics with the selection function semantics ([2]) are introduced. Intuitively, the
selection function π selects, for a world π€ and a formula π΄, the set of worlds π (π€, π΄) which
CILCβ23: 38th Italian Conference on Computational Logic, June 21β23, 2023, Udine, Italy
*
Corresponding author.
$ valentina.gliozzi@unito.it (V. Gliozzi); gianluca.pozzato@unito.it (G. L. Pozzato); alberto.valese@edu.unito.it
(A. Valese)
Β https://www.di.unito.it/~gliozzi (V. Gliozzi); https://www.di.unito.it/~pozzato (G. L. Pozzato);
https://www.di.unito.it/~valese (A. Valese)
� 0000-0003-1045-8018 (V. Gliozzi); 0000-0002-3952-4624 (G. L. Pozzato)
Β© 2023 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
CEUR
Workshop
Proceedings
http://ceur-ws.org
ISSN 1613-0073
CEUR Workshop Proceedings (CEUR-WS.org)
�are βmost-similar to π€" given the information π΄. In normal conditional logics, π depends on
the set of worlds satisfying π΄ rather than on π΄ itself, so that π (π€, π΄) = π (π€, π΄β² ) whenever π΄
and π΄β² are true in the same worlds. A conditional formula π΄ β π΅ is true in π€ whenever π΅ is
true in every world selected by π for π΄ and π€. Since we adopt the selection function semantics,
CK is the fundamental system, it has the same role as the system K (from which it derives
its name) in modal logic. Formulas valid in CK are exactly those ones that are valid in every
selection function model. Extensions are then obtained by imposing restrictions on the selection
function. In [17], CK and some standard extensions with conditions ID (conditional identity),
MP (conditional modus ponens), CEM (conditional third excluded middle), and CS (conditional
strong centering), as well as most of the combinations of them are investigated. The proposed
calculi, called SeqS, are modular, in some cases optimal and have been implemented by several
versions of a βleanβ style Prolog program called CondLean [18, 19, 20].
The original SeqS calculi, as well as their implementation CondLean, have two main draw-
backs: (i) they neglect all the systems including both the axioms CEM and MP: the reason is
that the proof of cut elimination, needed in order to prove the completeness of the calculi, does
not work when such axioms are considered together; (ii) the rules dealing with the conditions
CS and CEM are based on a label substitution mechanism that leads to a very inefficient imple-
mentation. A solution to (i) has been provided in [20, 21], where calculi for the whole cube of
the extensions of CK generated by the above axioms are proposed, including those with both
CEM and MP. The theorem prover implementing these calculi has better performance than
CondLean, however, the problem (ii) is far from being solved: indeed, the rule for CS is still
based on the label substitution mechanism, and the performances of the theorem prover are
just increased in systems with both MP and CEM where the rule for CS can be omitted since
the axiom (CS) is derivable (see Proposition 3). The relevance of strong centering is motivated
by the concept of similarity: if π΄ holds in a world π€, then the π΄-world which is more similar
to π€ is π€ itself. Moreover, strong centering is needed in order to perform inferences that are
plausible in several contexts, such as if π΄ β π΅ holds and π΄ holds, then also π΅ holds (a kind of
conditional modus ponens), as well as the principle that a subjunctive conditional is false if its
antecedent is true and its consequent is false, namely if π΄ β§ Β¬π΅ holds, then so is Β¬(π΄ β π΅).
In this work we try to provide a final solution to the problem of efficient theorem proving for
Conditional Logics with selection function semantics. We can identify two main contributions
of this work:
1. we further refine labelled sequent calculi for conditional logics in order to tackle question
(ii) above. To this aim, we introduce SeqS23 , labelled sequent calculi for CK and the whole
cube of the combinations of extensions with axioms CS, CEM, MP, and ID, where also
the rule for CS does no longer exploit label substitutions. We show that one can derive a
decision procedure from the cut-free calculi, providing a constructive proof of decidability
of the logics considered. By estimating the size of the finite derivations of a given sequent,
we also obtain a polynomial space complexity bound for these logics;
2. we introduce CondLean 4.0, a Prolog implementation of the proposed calculi SeqS23 : the
program is inspired by the βleanβ methodology, whose aim is to write short programs and
exploit the power of Prologβs engine as much as possible: in this respect, every clause
of a single predicate, called prove, implements an axiom or rule of the calculi and the
� proof search is provided for free by the mere depth-first search mechanism of Prolog,
without any additional ad hoc mechanism. We have tested the performances of SeqS23
and compared them with those of the most recent version of CondLean [21], obtaining
promising results that confirm that avoiding label substitution leads to a significant
improvement of the performances of the prover.
2. Conditional Logics and the Selection Function Semantics
In this section we recall Conditional Logics. We first define the language and the syntax of
Conditional Logics, then we present the semantics based on a selection function. Last, we
provide an axiomatization of the systems of Conditional Logics we consider.
Definition 1 (Syntax of Conditional Logics). A propositional conditional language β con-
tains:
β’ a set of propositional variables ATM ;
β’ the constants β₯ and β€;
β’ the set of connectives Β¬ (unary), β§, β¨, β, β (binary).
Formulas of β are inductively defined as follows:
β’ atomic formulas π β ATM , β₯ and β€ are formulas of β;
β’ given π΄ and π΅ formulas of β, complex formulas Β¬π΄, π΄ β§ π΅, π΄ β¨ π΅, π΄ β π΅, and π΄ β π΅
are formulas of β.
Let us now introduce the selection function semantics [2]. Intuitively, a conditional formula
π΄ β π΅ holds in a possible world π€ if π΅ holds in all the worlds that are most similar to π€ given
the information π΄. Such worlds are those selected by the selection function for π€ and π΄.
We define the selection function semantics as follows:
Definition 2 (Selection function semantics). A model is a triple
β³ = β¨π², π, [ ]β©
where:
β’ π² is a non-empty set of worlds;
β’ π is the selection function π : π² Γ 2π² ββ 2π²
β’ [ ] is the evaluation function, which assigns to an atom π β ATM the set of worlds where
π is true, and is extended to complex formulas as follows:
β [β₯] = β
β [β€] = π²
β [Β¬π΄] = π² β [π΄]
β [π΄ β§ π΅] = [π΄] β© [π΅]
β [π΄ β¨ π΅] = [π΄] βͺ [π΅]
� β [π΄ β π΅] = (π² β [π΄]) βͺ [π΅]
β [π΄ β π΅] = {π€ β π² | π (π€, [π΄]) β [π΅]}
As usual, a formula πΉ is valid in a model β³, written β³ |= πΉ , if it holds in all the worlds of β³,
i.e. β³ |= πΉ if and only if [πΉ ] = π². A formula πΉ is valid, written |= πΉ , if it is valid in all models,
i.e. |= πΉ if and only if β³ |= πΉ for all β³.
As mentioned above, the selection function π selects, for a world π€ and a formula π΄, the set
of worlds of π² which are closer/similar to π€ given the information π΄. A conditional formula
π΄ β π΅ holds in a world π€ if the formula π΅ holds in all the worlds selected by π for π€ and π΄. It
is worth noticing that we have defined π taking [π΄] rather than π΄ (i.e. π (π€, [π΄]) rather than
π (π€, π΄)) as an argument; this is equivalent to define π on formulas, i.e. π (π€, π΄) but imposing
β² β²
that if [π΄] = [π΄ ] in the model, then π (π€, π΄) = π (π€, π΄ ). This condition is called normality.
The semantics above characterizes the basic conditional logic CK. Formulas that are valid in
CK are valid in all selection function models.
An axiomatization of this system is given by:
β’ any axiomatization of classical propositional calculus;
π΄ π΄βπ΅
β’ (Modus Ponens)
π΅
π΄βπ΅ π΅βπ΄
β’ (RCEA)
(π΄ β πΆ) β (π΅ β πΆ)
(π΄1 β§ Β· Β· Β· β§ π΄π ) β π΅
β’ (RCK)
(πΆ β π΄1 β§ Β· Β· Β· β§ πΆ β π΄π ) β (πΆ β π΅)
As for modal logics, in order to perform useful inferences, we can consider extensions of CK
by assuming further properties on the selection function. Let us consider, for instance, the
conditional third excluded middle, namely the formula
(π΄ β π΅) β¨ (π΄ β Β¬π΅)
This formula is not valid: as an example, consider the model β³1 = β¨{π€, π’, π£}, π1 , [ ]1 β©, where
the selection function π1 is such that π1 (π€, [π΄]) = {π’, π£} and the evaluation is [π΅]1 = {π’}. We
have that β³1 ΜΈ|= (π΄ β π΅) β¨ (π΄ β Β¬π΅). Indeed, π€ ΜΈβ [(π΄ β π΅) β¨ (π΄ β Β¬π΅)], since neither
π€ β [π΄ β π΅] nor π€ β [π΄ β Β¬π΅]. π΄ β π΅ does not hold in π€, since there exists π£, which
is similar to π€ given π΄ (selected by π1 for π€ and π΄) where π΅ does not hold (π΅ holds only in
π’). Similarly, π΄ β Β¬π΅ does not hold in π€, since there exists π’, which is similar to π€ given
π΄ (selected by π1 for π€ and π΄) where π΅ holds. Such a formula is however valid if we restrict
our concern to models where the selection function can select at most one world, that is to say
imposing the condition:
| π (π€, [π΄]) | β€ 1
Obviously, the above counter model β³1 cannot be considered, in other words either π’ or π£ can
be the only world selected by π for π€ and π΄, then either π΄ β π΅ or π΄ β Β¬π΅ holds in π€.
We consider the following standard extensions of the basic system of Conditional Logics CK:
� Logic Axiom Model condition
ID π΄βπ΄ π (π€, [π΄]) β [π΄]
CS (π΄ β§ π΅) β (π΄ β π΅) π€ β [π΄] β π (π€, [π΄]) β {π€}
CEM (π΄ β π΅) β¨ (π΄ β Β¬π΅) | π (π€, [π΄]) |β€ 1
MP (π΄ β π΅) β (π΄ β π΅) π€ β [π΄] β π€ β π (π€, [π΄])
The above axiomatizations are complete with respect to the respective semantics [2]. We can
observe that:
Proposition 3. In systems with both axioms (CEM) and (MP), axiom (CS) is derivable.
Indeed, for (CEM) we have that | π (π€, [π΄]) |β€ 1. For (MP), we have that, if π€ β [π΄], then
π€ β π (π€, [π΄]). Therefore, it follows that if π€ β [π΄], then π (π€, [π΄]) = {π€}, satisfying the (CS)
condition.
3. Sequent Calculi for Conditional Logics with Strong Centering
In this section we introduce SeqS23 , a family of labelled sequent calculi for the conditional
systems under consideration. The calculi are modular and they are able to deal with the basic
system CK as well as with the whole cube of extensions with axioms ID, CS, CEM and MP.
The calculi make use of labels to represent possible worlds. We consider a language β and
a denumerable alphabet of labels π, whose elements are denoted by x, y, z, .... There are two
kinds of labelled formulas: world formulas, denoted by x: A, where x β π and π΄ β β, used to
π΄
represent that A holds in a world x; transition formulas, denoted by x ββ y, where x, y β π
π΄
and π΄ β β. A transition formula x ββ y represents that y β f (x, [A]).
A sequent is a pair β¨Ξ, Ξβ©, usually denoted with Ξ β’ Ξ, where Ξ and Ξ are multisets of
labelled formulas. The intuitive meaning of Ξ β’ Ξ is: every model that satisfies all labelled
formulas of Ξ in the respective worlds (specified by the labels) satisfies at least one of the
labelled formulas of Ξ (in those worlds).
Formally: G
Definition 4 (Validity of a sequent). Given a model β³ = β¨π², π, [ ]β© for β, and a label al-
phabet π, we consider any mapping πΌ : π β π². Let πΉ be a labelled formula, we define β³ |=πΌ πΉ
π΄
as β³ |=πΌ π₯: π΄ if and only if πΌ(π₯) β [π΄] and β³ |=πΌ π₯ ββ π¦ if and only if πΌ(π¦) β π (πΌ(π₯), [π΄]).
We say that Ξ β’ Ξ is valid in β³ if for every mapping πΌ : π β π², if β³ |=πΌ πΉ for every
πΉ β Ξ, then β³ |=πΌ πΊ for some πΊ β Ξ.
We say that Ξ β’ Ξ is valid in a system (CK or any extension of it) if it is valid in every β³
satisfying the specific conditions for that system.
We say that a sequent Ξ β’ Ξ is derivable if it admits a derivation in SeqS23 , i.e. a proof tree,
obtained by applying backwards the rules of the calculi, having Ξ β’ Ξ as a root and whose
leaves are all instances of closing rules, i.e. rules with valid sequents called (π΄π). As usual, the
idea is as follows: in order to prove that a formula πΉ is valid in a conditional logic, then one has
�to check whether the sequent β’ π₯ : πΉ is derivable in SeqS23 , i.e. if we can obtain a proof tree by
applying backwards the rules, starting from the root β’ π₯ : πΉ .
The novelty with respect to the calculi introduced in [17] and [20] is the following invertible
rule for CS, no longer exploiting a label substitution, whose principal formula is a conditional
π₯ : π΄ β π΅ on the right-hand side of the sequent:
Ξ β’ Ξ, π₯ : π΄ β π΅, π₯ : π΄ Ξ β’ Ξ, π₯ : π΄ β π΅, π₯ : π΅
(CS)
Ξ β’ Ξ, π₯ : π΄ β π΅
replacing the following one, introduced in [17]:
π΄ π΄
Ξ, π₯ ββ π¦ β’ Ξ, π₯ : π΄ Ξ[π₯/π’, π¦/π’], π’ ββ π’ β’ Ξ[π₯/π’, π¦/π’]
(CS)
π΄
Ξ, π₯ ββ π¦ β’ Ξ
where Ξ[π₯/π’, π¦/π’] (respectively, Ξ[π₯/π’, π¦/π’]) is obtained from Ξ (respectively, from Ξ) by
replacing every occurrence of π₯ and π¦ with a new label π’.
The basic idea is as follows: when a conditional π₯ : π΄ β π΅ belongs to the right-hand side
of a sequent, this means that there exists a world π€ selected by π for the world represented
by π₯ and π΄ such that π΅ does not hold in π€. By the strong centering condition, if the world
represented by π₯ is an π΄ world (left premise), then π€ is necessarily the world itself, then π΅ does
not hold in it, therefore π₯ : π΅ is added in the right-hand side of the sequent of the right premise.
As an example, consider the following valid sequent in systems with axiom (CS):
π₯ : π΄ β§ π΅ β’ π₯ : (π΄ β π΅) β¨ (π΄ β πΆ) β¨ (π΄ β π·)
In the calculi SeqS, the derivation could be as follows:
(π΄π) π΄
(π΄π)
π£:π΄β’π£:π΄ π€ : π΅, . . . , π€ ββ π€ β’ π€ : πΆ, π€ : π΅, π€ : π·
(π΄π) π΄ π΄ π΄
(CS)
π’:π΄β’π’:π΄ π£ : π΄, π£ : π΅, π£ ββ π£, π£ ββ π£, π£ ββ π¦ β’ π£ : πΆ, π¦ : π΅, π£ : π·
(π΄π) π΄ π΄ π΄
(CS)
π₯:π΄β’π₯:π΄ π’ : π΄, π’ : π΅, π’ ββ π’, π’ ββ π§, π’ ββ π¦ β’ π§ : πΆ, π¦ : π΅, π’ : π·
π΄ π΄ π΄
(CS)
π₯ : π΄, π₯ : π΅, π₯ ββ π€, π₯ ββ π§, π₯ ββ π¦ β’ π§ : πΆ, π¦ : π΅, π€ : π·
π΄ π΄
(β R)
π₯ : π΄, π₯ : π΅, π₯ ββ π§, π₯ ββ π¦ β’ π§ : πΆ, π¦ : π΅, π₯ : π΄ β π·
π΄
(β R)
π₯ : π΄, π₯ : π΅, π₯ ββ π¦ β’ π¦ : π΅, π₯ : π΄ β πΆ, π₯ : π΄ β π·
(β R)
π₯ : π΄, π₯ : π΅ β’ π₯ : π΄ β π΅, π₯ : π΄ β πΆ, π₯ : π΄ β π·
(β¨R)
π₯ : π΄, π₯ : π΅ β’ π₯ : π΄ β π΅, π₯ : (π΄ β πΆ) β¨ (π΄ β π·)
(β¨R)
π₯ : π΄, π₯ : π΅ β’ π₯ : (π΄ β π΅) β¨ (π΄ β πΆ) β¨ (π΄ β π·)
(β§L)
π₯ : π΄ β§ π΅ β’ π₯ : (π΄ β π΅) β¨ (π΄ β πΆ) β¨ (π΄ β π·)
whereas in the novel calculi SeqS23 one can obtain the following, shorter derivation:
� (π΄π) (π΄π)
π₯ : π΄, π₯ : π΅ β’ π₯ : π΄, . . . π₯ : π΄, π₯ : π΅ β’ π₯ : π΅, . . .
(CS)
π₯ : π΄, π₯ : π΅ β’ π₯ : π΄ β π΅, π₯ : π΄ β πΆ, π₯ : π΄ β π·
(β¨R)
π₯ : π΄, π₯ : π΅ β’ π₯ : π΄ β π΅, π₯ : (π΄ β πΆ) β¨ (π΄ β π·)
(β¨R)
π₯ : π΄, π₯ : π΅ β’ π₯ : (π΄ β π΅) β¨ (π΄ β πΆ) β¨ (π΄ β π·)
(β§L)
π₯ : π΄ β§ π΅ β’ π₯ : (π΄ β π΅) β¨ (π΄ β πΆ) β¨ (π΄ β π·)
Figure 1: Rules of sequent calculi SeqS23
.
The calculi SeqS23 are shown in Figure 1. They satisfy basic structural properties, namely
� (π΄π) (π΄π)
π₯ : π΄, π₯ : π΅ β’ π₯ : π΄ β π΅, π₯ : π΄ π₯ : π΄, π₯ : π΅ β’ π₯ : π΄ β π΅, π₯ : π΅
(CS)
π₯ : π΄, π₯ : π΅ β’ π₯ : π΄ β π΅
(β§L)
π₯:π΄β§π΅ β’π₯:π΄βπ΅
(β R)
β’ π₯ : (π΄ β§ π΅) β (π΄ β π΅)
Figure 2: A derivation of CS in SeqS23 .
height-preserving admissibility of weakening, height-preserving invertibility of the rules (with
the exception of (EQ)), height-preserving admissibility of contraction.
Moreover, the following properties are needed in order to prove the admissibility of the cut
rule (see Theorem 7 below), in turn needed to prove the completeness of the calculi:
π΄
Proposition 5. If Ξ β’ Ξ, π₯ ββ π¦ is derivable in SeqS23 in systems with the rule (CS), then
π΄β²
either (i) Ξ β’ Ξ is derivable in SeqS23 or (ii) π₯ = π¦ or (iii) there exists π₯ ββ π¦ β Ξ such that
π΄β² π΄
π₯ ββ π¦ β’ π₯ ββ π¦ is derivable in SeqS23 .
π΄
Proof. (sketch) By induction on the height of the derivation of Ξ β’ Ξ, π₯ ββ π¦. Intuitively, if
π΄
the transition formula π₯ ββ π¦ is used in the derivation, then either it is the principal formula
in a backward application of (MP), then it must be π₯ = π¦ and (ππ) holds, otherwise it is the
principal formula in a backward application of (EQ), therefore there exists another transition
π΄β² π΄β² π΄
formula π₯ ββ π¦ β Ξ such that π₯ ββ π¦ β’ π₯ ββ π¦ is derivable in SeqS23 , thus (πππ) holds. On
π΄
the contrary, if π₯ ββ π¦ is not used in the derivation, then we have that also Ξ β’ Ξ is derivable,
thus (π) holds.
β
The following proposition states that, given a derivable sequent Ξ β’ Ξ, the sequent obtained
π΄ π΄β²
by replacing in Ξ and/or Ξ one or more transition formulas π₯ ββ π¦ with π₯ ββ π¦, where π΄
π΄β¨π΅ π΄β¨π΅
and π΄β² are equivalent1 , is derivable too. For instance, if Ξ, π₯ ββ π¦, π₯ ββ π§ β’ Ξ is derivable,
π΄β¨π΅ Β¬π΄βπ΅ Β¬π΄βπ΅ Β¬π΄βπ΅
so are the sequents Ξ, π₯ ββ π¦, π₯ ββ π§ β’ Ξ and Ξ, π₯ ββ π¦, π₯ ββ π§ β’ Ξ.
π΄β² π΄
Proposition 6. If π₯ ββ π¦ β’ π₯ ββ π¦ and Ξ β’ Ξ are derivable in SeqS23 , then Ξβ² β’ Ξ is also
derivable in in SeqS23 , where Ξβ² is obtained by replacing in Ξ any number of transition formulas
π΄ π΄β²
π₯ ββ π¦ with π₯ ββ π¦.
The proof is by induction on the height of the derivation of Ξ β’ Ξ, is straightforward, therefore
left to the reader in order to save space.
As mentioned, we can show that the following cut rule is admissible:
1
As usual, this means that both π΄ β π΄β² and π΄β² β π΄ are valid.
�Theorem 7. The cut rule:
Ξ β’ Ξ, πΉ πΉ, Ξ β’ Ξ
(ππ’π‘)
Ξβ’Ξ
where πΉ is any labelled formula, is admissible in SeqS23 , i.e. if Ξ β’ Ξ, πΉ and πΉ, Ξ β’ Ξ are
derivable in SeqS23 , so is Ξ β’ Ξ.
Proof. We proceed in the standard way by a double induction over the complexity of the cut
formula and the sum of the heights of the derivations of the two premises of cut, namely we
replace one cut by one or several cuts on formulas of smaller complexity, or on sequents derived
by shorter derivations. To save space, we show the most interesting case involving the novel
rule (CS) and we left the other cases to the reader. Consider the case in which the proof is
ended as follows:
π΄
Ξ β’ Ξ, π₯ : π΄ β π΅, π₯ : π΄ (*) Ξ, π₯ : π΄ β π΅ β’ Ξ, π₯ ββ π¦
Ξ β’ Ξ, π₯ : π΄ β π΅, π₯ : π΅ Ξ, π₯ : π΄ β π΅, π¦ : π΅ β’ Ξ
(CS) (β πΏ)
(**) Ξ β’ Ξ, π₯ : π΄ β π΅ Ξ, π₯ : π΄ β π΅ β’ Ξ
(ππ’π‘)
Ξβ’Ξ
Since weakening is admissible and the fact that (**) is derivable, we have that also (β£) Ξ β’
π΄
Ξ, π₯ : π΄ β π΅, π₯ ββ π¦ is derivable. We can apply the inductive hypothesis on the sum of
π΄
the heights to cut (β£) and (*) to obtain a derivation of (β ) Ξ β’ Ξ, π₯ ββ π¦. By Proposition 5
we have that either (i) Ξ β’ Ξ is derivable, and we are done, or (ii) π₯ = π¦, or (iii) there exists
π΄β² π΄β² π΄
π₯ ββ π¦ β Ξ such that π₯ ββ π¦ β’ π₯ ββ π¦ is derivable. In case (ii), the proof is ended as follows:
π΄
(1) Ξ β’ Ξ, π₯ : π΄ β π΅, π₯ : π΄ (4) Ξ, π₯ : π΄ β π΅ β’ Ξ, π₯ ββ π₯
(2) Ξ β’ Ξ, π₯ : π΄ β π΅, π₯ : π΅ (5) Ξ, π₯ : π΄ β π΅, π₯ : π΅ β’ Ξ
(CS) (β πΏ)
(3) Ξ β’ Ξ, π₯ : π΄ β π΅ (6) Ξ, π₯ : π΄ β π΅ β’ Ξ
(ππ’π‘)
Ξβ’Ξ
Since weakening is height-preserving admissible, since (3) is derivable, so is (3β² ) Ξ, π₯ : π΅ β’
Ξ, π₯ : π΄ β π΅. We can apply the inductive hypothesis on the sum of the heights of the
derivations of the two premises to cut (3β² ) and (5), to obtain a derivation of (7) Ξ, π₯ : π΅ β’ Ξ.
Similarly, since (6) is derivable, then so is (6β² ) Ξ, π₯ : π΄ β π΅ β’ Ξ, π₯ : π΅, and we can apply
the inductive hypothesis on the sum of the heights to cut (6β² ) and (2) and obtain a proof of
(8) Ξ β’ Ξ, π₯ : π΅. We can the conclude that Ξ β’ Ξ is derivable by applying the inductive
hypothesis on the complexity of the cut formula to (7) and (8).
π΄ π΄β²
In case (iii), by Proposition 6 and the fact that also π₯ ββ π¦ β’ π₯ ββ π¦ is derivable, we have
π΄ π΄β²
that Ξβ² , π₯ ββ π¦ β’ Ξ is derivable, where Ξ = Ξβ² , π₯ ββ π¦. By applying the inductive hypothesis
� π΄
on the complexity of the cut formula, we conclude by cutting it with (β ) Ξ β’ Ξ, π₯ ββ π¦ and
we are done.
β
Theorem 8 (Soundness and completeness). Given a conditional formula πΉ , it is valid in a
conditional logic if and only if it is derivable in the corresponding calculus of SeqS23 , that is to say
|= πΉ if and only if β’ π₯ : πΉ is derivable in SeqS23 .
Proof. Concerning the soundness, we have to prove that, if a sequent Ξ β’ Ξ is derivable, then
the sequent is valid. This can be done by induction on the height of the derivation of Ξ β’ Ξ.
The basic cases are those corresponding to derivations of height 0, that is to say instances of
(π΄π). It is easy to see that, in all these cases, Ξ β’ Ξ is a valid sequent. As an example, consider
Ξ, π₯ : π β’ Ξ, π₯ : π : consider every model β³ and every mapping πΌ satisfying all formulas in
the left-hand side of the sequent, then also π₯ : π . This means that πΌ(π₯) β [π ], but then we
have that β³ satisfies via πΌ at least a formula in the right-hand side of the sequent, the same
π₯ : π . For the inductive step, we proceed by considering each rule of the calculi SeqS23 in order
to check that, if the premise(s) is (are) valid sequent(s), to which we can apply the inductive
hypothesis, so is the conclusion. To save space, we only present the case of the novel (CS), the
other ones are left to the reader. Let us consider a derivation ended as follows:
(1) Ξ β’ Ξ, π₯ : π΄ β π΅, π₯ : π΄ (2) Ξ β’ Ξ, π₯ : π΄ β π΅, π₯ : π΅
(CS)
(3) Ξ β’ Ξ, π₯ : π΄ β π΅
By inductive hypothesis, the sequents (1) and (2) are valid. By absurd, suppose that (3) is
not, that is to say there exists a model β³ and a mapping πΌ satisfying all formulas in Ξ but
falsifying all formulas in the right-hand side of the sequent, namely all formulas in Ξ and
π₯ : π΄ β π΅. Concerning the latter, there exists a world π€ such that (*) π€ β π (πΌ(π₯), [π΄]) and
(**) π€ ΜΈβ [π΅]. By the validity of (1), we have that, since β³ satisfies via πΌ all formulas in Ξ,
at least one formula in the right-hand side of the sequent must be satisfied by β³ via πΌ too.
Necessarily, we have that β³ satisfies π₯ : π΄ (all formulas in Ξ are falsified): this means that
πΌ(π₯) β [π΄]. By the strong centering condition, it turns out that π (πΌ(π₯), [π΄]) β {πΌ(π₯)}. Given
(*), we have that πΌ(π₯) = π€. By the validity of (2), reasoning in the same way we have that
πΌ(π₯) = π€ β [π΅], contradicting (**).
The completeness is an easy consequence of the admissibility of the cut rule (Theorem 7):
by induction on the complexity of the formulas we can prove that, if a formula πΉ is valid in a
conditional logic, then β’ π₯ : πΉ is derivable in SeqS23 . It can be shown that axioms are derivable
and that the set of derivable formulas is closed under (Modus Ponens), (RCEA), and (RCK). A
derivation of (CS) is provided in Figure 2. For the other axioms and rules, we remind the reader
to [17, 20] in order to save space.
β
The presence of labels and of the rules (β L), (β R), (ID), (MP), (CEM), and (CS), which
increase the complexity of the sequent in a backward proof search, is a potential cause of a
�non-terminating proof search. However, with a similar argument to the one proposed in [17],
we can define a procedure that can apply such rules in a controlled way and introducing a finite
number of labels, ensuring termination. Intuitively, it can be shown that it is useless to apply
(β L) and (β R) on π₯ : π΄ β π΅ by introducing (looking backward) the same transition formula
π΄
π₯ ββ π¦ more than once in each branch of a proof tree. Similarly, it is useless to apply (ID),
(MP), (CEM), and (CS) on the same formula more than once in a backward proof search on
each branch of a derivation. This leads to the decidability of the given logics:
Theorem 9 (Decidability). Conditional Logics CK and all its extensions with axioms ID, MP,
CS, CEM and all their combinations are decidable.
It can be shown that provability in all the Conditional Logics considered is decidable in
π(π2 log π) space, we omit the proof which is essentially the same as in [17].
4. The Theorem Prover CondLean 4.0
In this section we introduce CondLean 4.0, a Prolog implementation of the calculi SeqS23
introduced in the previous section. As already mentioned, the prover improves the existing
provers for that logics [19, 18, 21] and is inspired to the βleanβ methodology, introduced by
Beckert and Posegga in the middle of the 90s [22, 23, 24]: they have proposed a very elegant and
extremely efficient first-order theorem prover, called leanTAP, consisting of only five Prolog
clauses. The basic idea of the βleanβ methodology is βto achieve maximal efficiency from minimal
meansβ [22] by writing short programs and exploiting the power of Prologβs engine as much as
possible. Moreover, it is straightforward to prove soundness and completeness of the theorem
prover by exploiting the one to one correspondence between axioms/rules of SeqS23 and clauses
of CondLean 4.0.
Let us now describe the theorem prover CondLean 4.0 in detail.
Each component of a sequent is implemented by a list of formulas, partitioned into three
sub-lists: atomic formulas, transitions and complex formulas. Atomic and complex formulas are
implemented by a Prolog list of the form [x,a], where x is a Prolog constant and a is a formula.
π΄
A transition formula x ββ y is implemented by a Prolog list of the form [x,a,y]. Labels are
implemented by Prolog constants. The sequent calculi are implemented by the predicate
prove(Gamma, Delta, Labels, Rcond, LCond, Tree)
which succeeds if and only if Ξ β’ Ξ is derivable in SeqS23 , where Gamma and Delta are the lists
implementing the multisets Ξ and Ξ, respectively, and Labels is the list of labels introduced
in that branch. Each clause of the prove predicate implements one axiom or rule of SeqS23 .
Further arguments RCond and LCond are used in order to ensure the termination of the proof
search, essentially by restricting the application of rules (β L) and (β R), copying their
principal formulas in both the premises (more details are provided here below). Tree is an
output term: if the proof search succeeds, it matches a Prolog representation of the derivation
found by the theorem prover.
� The theorem prover proceeds as follows. First of all, if Ξ β’ Ξ is an axiom, then the goal will
succeed immediately by using the clauses for the axioms. If it is not, then the first applicable
rule is chosen. The ordering of the clauses is such that the application of the branching rules
is postponed as much as possible. Concerning the interplay among the rules dealing with
conditional formulas on the right-hand side of a sequent, the new rule (CS) rule is applied first:
intuitively, this is needed in order to check whether the conditional formula under consideration
can be handled by the current world itself, otherwise the rule (β R), which introduces a new
label in a backward proof search, it is first applied and, if this does not lead to a derivation, the
rule (CEM) β if available β is applied.
As mentioned here above, arguments RCond and LCond are used in order to ensure the
termination of the proof search by controlling the application of the rules (β L) and (β R):
indeed, these rules copy the conditional formula π₯ : π΄ β π΅ to which they are applied in their
premises, therefore we need to avoid redundant applications that, otherwise, would lead to
expand an infinite branch. As an example, RCond is a Prolog list containing all the formulas
π₯ : π΄ β π΅ to which the rule (β R) has been already applied on the current branch: such a
rule will be then applied to π₯ : π΄ β π΅ only if it does not belong to the list RCond. A similar
mechanism is implemented for extensions of CK, namely further suitable arguments are added
to the predicate prove to keep track of the information needed to avoid useless and uncontrolled
applications of the rules (MP), (ID), (CEM), and (CS), which copy their principal formulas
in their premise(s).
Let us now present some clauses of CondLean 4.0. As a first example, the clause for the axiom
checking whether the same atomic formula occurs in both the left and the right hand side of a
sequent is implemented as follows:
prove([LitGamma,_,_],[LitDelta,_,_],_,_,_,tree(ax)):-
member(F,LitGamma),member(F,LitDelta),!.
It is easy to observe that the rule succeeds when the same labelled formula πΉ belongs to both
the right and the left hand side of the sequent under investigation, completing the proof search:
indeed, no recursive call to the predicate prove is performed, and the output term Tree matches
a representation of a leaf in the derivation (tree(ax)).
As another example, here is the clause implementing (β L):
prove([LitGamma,TransGamma,ComplexGamma],[LitDelta,TransDelta,ComplexDelta],
Labels, RCond, LCond, CS, tree(condL,SubTree1,SubTree2)):-
member([X,A => B],ComplexGamma),
select([[X,A => B],Used],Cond,TempCond),
member(Y,Labels), (π)
β+member([Y,[X,A => B]],LCond),!, (ππ)
put([Y,B],LitGamma,ComplexGamma,NewLitGamma,NewComplexGamma),
prove([[[X, A => B],[[X,C,Y] | Used]] | TempCond],
[LitGamma,TransGamma,ComplexGamma],
� [LitDelta,[[X,A,Y]|TransDelta],ComplexDelta],Labels),
prove([[[X, A => B],[[X,C,Y] | Used]] | TempCond],
[NewLitGamma,TransGamma,NewComplexGamma],
[LitDelta,TransDelta,ComplexDelta],Labels).
The predicate put is used to put the labelled formula [Y,A] in the proper sub-list of the left-
hand side of the sequent. The recursive calls to prove implement the proof search on the two
premises. The output term Tree matches a Prolog term tree(condL,SubTree1,SubTree2),
representing a tree with two branches, corresponding to the subtrees of the two premises
SubTree1 and SubTree2 obtained by an application of the rule condL.
As mentioned, in order to ensure termination, in lines π and ππ the theorem prover checks
whether (β L) has been already applied on the current branch to the conditional formula
π΄
π₯ : π΄ β π΅ by using the label π¦, in other words by introducing π₯ ββ π¦ and π¦ : π΅ in the
premises. This avoids useless applications of the rule, by adopting the same label.
Let us now show the code of the novel rule (CS):
prove(Gamma,[LitDelta,TransDelta,ComplexDelta],
Labels, RCond, LCond, CS, tree(cs,SubTree1,SubTree2)):-
member([X,A => B],ComplexDelta),
β+member([X,A => B],CS),!, (πππ)
put([X,A],LitDelta,ComplexDelta,LitDelta1,ComplDelta1),
put([X,B],LitDelta,ComplexDelta,LitDelta2,ComplDelta2),
prove(Gamma, [LitDelta1,TransDelta,ComplexDelta1],
Labels, RCond, LCond, [ [X,A => B] | CS], SubTree1),
prove(Gamma, [LitDelta2,TransDelta,ComplexDelta2],
Labels, RCond, LCond, [ [X,A => B] | CS], SubTree2).
Also for this rule, in order to ensure termination, the theorem prover checks whether (CS) has
been already applied on the current branch to the conditional formula π₯ : π΄ β π΅, in order to
avoid further β useless β applications (line πππ).
In order to search a derivation of a sequent Ξ β’ Ξ, the theorem prover proceeds as follows.
First, if Ξ β’ Ξ is an axiom, the goal will succeed immediately by using the clauses for the axioms.
If it is not, then the first applicable rule is chosen, e.g. if ComplexGamma contains a formula
[X,A and B], then the clause implementing the rule (β§ L) is applied, invoking prove on its
unique premise. The prover proceeds in a similar way for the other rules. As already mentioned,
the ordering of the clauses is such that the application of the branching rules is postponed as
much as possible.
In order to check whether a formula is valid in one of the considered systems, one has just to
invoke the following auxiliary predicate:
pr(Formula) or pr(Formula,ProofTree)
which wraps the prove predicate by a suitable initialization of its arguments.
�5. Performance of CondLean 4.0
We have tested CondLean 4.0 and we have compared its performance with those of the last
version of CondLean [21]. We have tested the theorem prover over both:
β’ a set of valid formulas
β’ a set of randomly generated formulas, either valid or not.
We have observed that, over valid formulas, the performances of CondLean 4.0 are improved
of 12, 35% with respect to its predecessor. As an example, running both the provers over the
formula
(π΄ β§ π΅1 β§ π΅2 β§ . . . β§ π΅50 ) β ((π΄ β π΅1 ) β¨ (π΄ β π΅2 ) β¨ . . . β¨ (π΄ β π΅50 ))
CondLean 4.0 is able to build a derivation in 27 ms, against the 567 ms needed by the prover
adopting label substitution.
Over randomly generated formulas, the statistics are even better: CondLean 4.0 provides an
improvement of the performances of about 35%. We can then observe that its performance are
promising, especially concerning cases in which it has to provide a negative answer for a not
valid formula: this is justified by the fact that the previous implementations have to spend a lot
of time in computing the inefficient label substitution mechanism, needed to succeed.
CondLean 4.0 is available for free download at https://gitlab2.educ.di.unito.it/pozzato/
condlean-4.0.git, where one can also find Prolog source files used in order to evaluate the
performances described in this section.
6. Conclusions, Related Works, Future Issues
In this work we have introduced CondLean 4.0, a theorem prover for Conditional Logics
implementing labelled sequent calculi for the basic system CK and the whole cube of extensions
with well established axioms ID, MP, CEM, and CS. Concerning the last one, known as conditional
strong centering, the calculi considered are new, obtained from existing calculi [20] by replacing
a rule computing a label substitution with a standard one, and are of their own interest. The
performances of CondLean 4.0 seem promising and are better than those of its predecessors
[19, 18, 21]: this is quite obvious if we consider that, in the most recent version of the prover,
condition (CS) is handled either by a complicated and inefficient label substitution or by the
combination of the rules for (CEM) and (MP) in systems allowing both of them, since in these
logics (CS) is derivable (Proposition 3). Such better performances witness that avoiding label
substitution is a concrete step towards efficient theorem proving for Conditional Logics.
Concerning related works, we mention [17], where combinations of the conditional third
excluded middle (CEM) and conditional modus ponens (MP) are neglected, and [25], where
strong centering (CS) is replaced by the condition (CSO).
We plan to extend our work in several directions. First, we aim at extending the calculi and
the implementation to stronger Conditional Logics. Moreover, we aim at extending the prover
by adopting standard refinements, state of the art heuristics, and data structures, as well as by
a graphical web interface for it. We also aim at extending the set of formulas adopted in the
�performance evaluation, in order to provide a more detailed and structured comparison, for
instance parametrizing statistics with respect to the level of nesting of the conditional operator
β in formulas. Last, we are currently working on an extension of CondLean 4.0 which is able
to show a countermodel in case of a failed proof: in a XAI perspective, it is obviously crucial to
provide a derivation showing that a formula/a sequent is valid as our prover currently does,
however it is also important to show a counterexample when this is not the case.
References
[1] D. Lewis, Counterfactuals, Basil Blackwell Ltd (1973).
[2] D. Nute, Topics in Conditional Logic, Reidel, Dordrecht, 1980.
[3] R. Stalnaker, A theory of conditionals, in: N. Rescher (Ed.), Studies in Logical Theory,
Blackwell, 1968, pp. 98β112.
[4] B. F. Chellas, Basic conditional logics, Journal of Philosophical Logic 4 (1975) 133β153.
[5] J. P. Burgess, Quick completeness proofs for some logics of conditionals, Notre Dame
Journal of Formal Logic 22 (1981) 76β84.
[6] S. Kraus, D. Lehmann, M. Magidor, Nonmonotonic reasoning, preferential models and
cumulative logics, Artificial Intelligence 44 (1990) 167β207.
[7] J. P. Delgrande, A first-order conditional logic for prototypical properties, Artificial
Intelligence 33 (1987) 105β130.
[8] N. Friedman, J. Y. Halpern, Plausibility measures and default reasoning, Journal of the
ACM 48 (2001) 648β685.
[9] L. Giordano, V. Gliozzi, N. Olivetti, G. L. Pozzato, Analytic tableaux for KLM preferential
and cumulative logics, in: G. Sutcliffe, A. Voronkov (Eds.), Logic for Programming, Artificial
Intelligence, and Reasoning, 12th International Conference, LPAR 2005, Montego Bay,
Jamaica, December 2-6, 2005, Proceedings, volume 3835 of Lecture Notes in Computer
Science, Springer, 2005, pp. 666β681. URL: https://doi.org/10.1007/11591191_46. doi:10.
1007/11591191\_46.
[10] G. Grahne, Updates and counterfactuals, Journal of Logic and Computation 8 (1998)
87β117.
[11] L. Giordano, V. Gliozzi, N. Olivetti, Weak agm postulates and strong ramsey test: a logical
formalization, Artificial Intelligence 168 (2005) 1β37.
[12] L. Giordano, V. Gliozzi, N. Olivetti, Iterated belief revision and conditional logic, Studia
Logica 70 (2002) 23β47.
[13] D. M. Gabbay, L. Giordano, A. Martelli, N. Olivetti, M. L. Sapino, Conditional reasoning in
logic programming, Journal of Logic Programming 44 (2000) 37β74.
[14] C. B. Schwind, Causality in action theories, Electronic Transactions on Artificial Intelli-
gence (ETAI) 3 (1999) 27β50.
[15] L. Giordano, C. Schwind, Conditional logic of actions and causation, Artificial Intelligence
157 (2004) 239β279.
[16] V. Genovese, L. Giordano, V. Gliozzi, G. L. Pozzato, Logics in access control: a conditional
approach, Journal of Logic and Computation 24 (2014) 705β762. URL: https://doi.org/10.
1093/logcom/exs040. doi:10.1093/logcom/exs040.
�[17] N. Olivetti, G. L. Pozzato, C. B. Schwind, A Sequent Calculus and a Theorem Prover for
Standard Conditional Logics, ACM Transactions on Computational Logics (ToCL) 8 (2007).
[18] N. Olivetti, G. L. Pozzato, Condlean: A theorem prover for conditional logics, in:
M. C. Mayer, F. Pirri (Eds.), Automated Reasoning with Analytic Tableaux and Re-
lated Methods, International Conference, TABLEAUX 2003, Rome, Italy, September
9-12, 2003. Proceedings, volume 2796 of Lecture Notes in Computer Science, Springer,
2003, pp. 264β270. URL: https://doi.org/10.1007/978-3-540-45206-5_23. doi:10.1007/
978-3-540-45206-5\_23.
[19] N. Olivetti, G. L. Pozzato, Condlean 3.0: Improving condlean for stronger conditional
logics, in: B. Beckert (Ed.), Automated Reasoning with Analytic Tableaux and Related
Methods, International Conference, TABLEAUX 2005, Koblenz, Germany, September 14-17,
2005, Proceedings, volume 3702 of Lecture Notes in Computer Science, Springer, 2005, pp.
328β332. URL: https://doi.org/10.1007/11554554_27. doi:10.1007/11554554\_27.
[20] N. Panic, G. L. Pozzato, Efficient theorem proving for conditional logics with conditional
excluded middle, in: R. Calegari, G. Ciatto, A. Omicini (Eds.), Proceedings of the 37th
Italian Conference on Computational Logic, Bologna, Italy, June 29 - July 1, 2022, volume
3204 of CEUR Workshop Proceedings, CEUR-WS.org, 2022, pp. 217β231. URL: http://ceur-ws.
org/Vol-3204/paper_22.pdf.
[21] N. Olivetti, N. Panic, G. L. Pozzato, Labelled sequent calculi for conditional logics: Con-
ditional excluded middle and conditional modus ponens finally together, in: A. Dovier,
A. Montanari, A. Orlandini (Eds.), AIxIA 2022 - Advances in Artificial Intelligence - XXIst
International Conference of the Italian Association for Artificial Intelligence, AIxIA 2022,
Udine, Italy, November 28 - December 2, 2022, Proceedings, volume 13796 of Lecture
Notes in Computer Science, Springer, 2022, pp. 345β357. URL: https://doi.org/10.1007/
978-3-031-27181-6_24. doi:10.1007/978-3-031-27181-6\_24.
[22] B. Beckert, J. Posegga, leantap: Lean tableau-based deduction, Journal of Automated
Reasoning 15 (1995) 339β358.
[23] B. Beckert, J. Posegga, Logic programming as a basis for lean automated deduction.,
Journal of Logic Programming 28 (1996) 231β236.
[24] M. Fitting, leantap revisited, Journal of Logic and Computation 8 (1998) 33β47.
[25] R. Alenda, N. Olivetti, G. L. Pozzato, Nested sequent calculi for normal conditional logics,
Journal of Logic and Computation 26 (2016) 7β50. doi:10.1093/logcom/ext034.
�