- Inductively defined sets
- inductively defined functions
- proof by structural induction

- Language of an automaton
- key terms: extended transition function δ^, language, language of a machine
*L*(*M*), M recognizes L

- key terms: extended transition function δ^, language, language of a machine

An inductively defined set is a set where the elements are constructed by a finite number of applications of a given set of rules.

Examples:

- the set ℕ of natural numbers is the set of elements defined by the following rules:
- 0 ∈ ℕ
- If
*n*∈ ℕ then*S**n*∈ ℕ.

thus the elements of ℕ are {0,

*S*0,*S**S*0,*S**S**S*0, …}.*S*stands for successor. You can then define 1 as*S*0, 2 as*S**S*0, and so on. - the set
*Σ*^{*}of strings with characters in*Σ*is defined by*ϵ*∈*Σ*^{*}- If
*a*∈*Σ*and*x*∈*Σ*^{*}then*x**a*∈*Σ*^{*}.

thus the elements of

*Σ*^{*}are {*ε*,*ε*0,*ε*1,*ε*00,*ε*01, …,*ε*1010101, …}. we usually leave off the*ε*at the beginning of strings of length 1 or more. - the set
*T*of binary trees with integers in the nodes is given by the rules- the empty tree (, written
*n**i**l*) is a tree - if
*t*_{1}and*t*_{2}are trees, then , written*n**o**d**e*(*a*,*t*_{1},*t*_{2})) is a tree.

thus the elements of

*T*are things like the picture to the right (click for tex), which might be written textually as*n**o**d**e*(3,*n**o**d**e*(0,*n**i**l*,*n**i**l*),*n**o**d**e*(1,*n**o**d**e*(2,*n**i**l*,*n**i**l*),*n**i**l*)) - the empty tree (, written

Compact way of writing down inductively defined sets: BNF (Backus Naur Form)

Only the name of the set and the rules are written down; they are separated by a "::=", and the rules are separated by vertical bar (|).

Examples (from above):

*n*∈ ℕ : :=0 |*S**n**x*∈*Σ*^{*}: :=*ϵ*|*x**a**a*∈*Σ**t*∈*T*: :=*n**i**l*|*n**o**d**e*(*a*,*t*_{1},*t*_{2})*a*∈*Z*(basic mathematical expresssions)

*e*∈*E*: :=*n*|*e*_{1}+*e*_{2}|*e*_{1}**e*_{2}| −*e*|*e*_{1}/*e*_{2}

*n*∈*Z*

Here, the variables to the left of the ∈ indicate *metavariables*. When the same characters appear in the rules on the right-hand side of the ::=, they indicate an arbitrary element of the set being defined. For example, the *e*_{1} and *e*_{2} in the *e*_{1} + *e*_{2} rule could be arbitrary elements of the set *E*, but + is just the symbol +.

If *X* is an inductively defined set, you can define a function from *X* to *Y* by defining the function on each of the types of elements of *X*; i.e. for each of the rules. In the inductive rules (i.e. the ones containing the metavariable being defined), you can assume the function is already defined on the subterms.

Examples:

*a**d**d*2 : ℕ → ℕ is given by*a**d**d*2 : 0 ↦*S**S*0 and*a**d**d*2 :*S**n*↦*S*(*a**d**d*2(*n*)).*p**l**u**s*: ℕ × ℕ → ℕ given by*p**l**u**s*: (0,*n*)↦*n*and*p**l**u**s*: (*S**n*,*n*′) ↦*S*(*p**l**u**s*(*n*,*n*′)). Note that we don't need to use induction on both of the inputs.$\hat{\delta} : Q \times \Sigma^* → Q$

If *X* is an inductively defined set, then you can prove statements of the form ∀*x* ∈ *X*, *P*(*x*) by giving a separate proof for each rule. For the inductive/recursive rules (i.e. the ones containing metavariables), you can assume that *P* holds on all subexpressions of *x*.

Examples:

Proof that

*M*is correct (see homework solutions) can be simplified using structural inductionA proof by structural induction on the natural numbers as defined above is the same thing as a proof by weak induction. You must prove

*P*(0) and also prove*P*(*S**n*) assuming*P*(*n*).

Extended transition function (Note: because this doesn't render nicely in HTML, I will write *δ*^ for "delta-hat")

*δ*^:*Q*×*Σ*^{*}→*Q*- informally:
*δ*^(*q*,*x*) tells you where you end up after processing the string*x*starting in state*q*. - compare with
*δ*:*Q*×*Σ*→*Q*:*δ*^ processes strings, while*δ*processes single characters - domain of
*δ*is finite, so description of*δ*is finite; it is part of the machine. - domain of
*δ*is infinite, it is not part of the description of the machine (but is built from the description of the machine).

- informally:
*δ*^:(*q*,*ε*)↦*q*, and*δ*^:(*q*,*x**a*)↦*δ*(*δ*^(*q*,*x*),*a*)- informally: to process
*x**a*, first process*x*; starting there, take a single step with the (non-extended) transition function*δ* - Note: the
*δ*in this definition cannot be*δ*^

- informally: to process

Language - A **language** is a set of strings

Language of a machine - *L*(*M*) stands for the "language of *M*". - contains all (and only) strings that *M* accepts - Informally, a string *x* is accepted by a machine *M* if, after processing *x* starting at the start state, the machine ends in a final state. - formal definition: ** L(M)={x ∈ Σ^{*} | δ^(q_{0}, x)∈F}**, where

Given a language *L*, we may wish to build a machine that recognizes *L*, and prove that it is correct.

In other words, we wish to prove that *L* = *L*(*M*).

In other words, we wish to prove that ∀*x* ∈ *Σ*^{*}, *x* ∈ *L* if and only if *x* ∈ *L*(*M*).

In other words, we wish to prove that ∀*x* ∈ *Σ*^{*}, *x* ∈ *L* if and only if *δ*^(*q*_{0}, *x*)∈*F*.

A straightforward approach is induction on the structure of *x*; however the induction hypothesis usually needs to be strengthened to describe all of the states (and not just the final state); essentially you want to prove that each state "satisfies its specification".

For example: we may want to build a machine that recognizes strings that contain at least two ones. We might build a machine with three states: *q*_{0} represents strings with no 1's, *q*_{1} represents strings with one 1, and *q*_{2} represents strings with two or more 1's.

A proof of correctness for this machine might go as follows:

Let

P(x) be the statement "δ^(q_{0},x)=q_{0}if and only ifxhas no 1s,andδ^(q_{0},x)=q_{1}if and only ifxhas exactly one 1,andδ^(q_{0},x)=q_{2}if and only ifxhas two or more 1's. I claim that ∀x∈Σ^{*},P(x) holds.We will prove this claim by induction on the structure of

x. We must showP(ε) and, assumingP(x),P(xa).To prove

P(ε), note thatδ^(q_{0},ε)=q_{0}. Thus only the first part ofP(x) makes any claim (it is vacuously true thatifδ^(q_{0},ε)=q_{1},thenεcontains one 1, because the statement says nothing).Now, to prove

P(xa), assumeP(x).acan be either 0 or 1, andδ^(q_{0},x) could be any ofq_{0},q_{1}, andq_{2}. We consider each case:

If

a= 0, then note thatδ(q_{i},a)=q_{i}. Moreover, note thatxahas the same number of 1's asx. Thus in this case,P(xa) follows directly fromP(x).If

a= 1 andδ^(q_{0},x)=q_{0}, then byP(x),xmust have no 1's. Thusxahas exactly one 1. Moreover,δ^(q_{0},xa)=δ(δ^(q_{0},x),a)=δ(q_{0}, 1)=q_{1}, so $P(xa) holds in this case.- If
a= 1 andδ^(q_{0},x)=q_{1}, then by $P(x),xmust have oneThus

xahas two ones. Moreover,δ^(q_{0},xa)=δ(δ^(q_{0},x),a)=δ(q_{1}, 1)=q_{2}, so $P(xa) holds in this case.If

a= 1 andδ^(q_{0},x)=q_{2}, then by $P(x),xmust have two or more 1's. Thusxahas more than two ones. Moreover,δ^(q_{0},xa)=δ(δ^(q_{0},x),a)=δ(q_{2}, 1)=q_{2}, so $P(xa) holds in this case.In all possible cases, we have shown

P(xa). This concludes the inductive proof.

Note that the framework provided by the inductive proof forces you to write down a specification for each state, and then reason about each transition.