Firstorder logic
Firstorder logic—also known as predicate logic, quantificational logic, and firstorder predicate calculus—is a collection of formal systems used in mathematics, philosophy, linguistics, and computer science. Firstorder logic uses quantified variables over nonlogical objects, and allows the use of sentences that contain variables, so that rather than propositions such as "Socrates is a man", one can have expressions in the form "there exists x such that x is Socrates and x is a man", where "there exists" is a quantifier, while x is a variable.^{[1]} This distinguishes it from propositional logic, which does not use quantifiers or relations;^{[2]} in this sense, propositional logic is the foundation of firstorder logic.
A theory about a topic is usually a firstorder logic together with a specified domain of discourse (over which the quantified variables range), finitely many functions from that domain to itself, finitely many predicates defined on that domain, and a set of axioms believed to hold about them. Sometimes, "theory" is understood in a more formal sense as just a set of sentences in firstorder logic.
The adjective "firstorder" distinguishes firstorder logic from higherorder logic, in which there are predicates having predicates or functions as arguments, or in which quantification over predicates or functions, or both, are permitted.^{[3]}^{:56} In firstorder theories, predicates are often associated with sets. In interpreted higherorder theories, predicates may be interpreted as sets of sets.
There are many deductive systems for firstorder logic which are both sound (i.e., all provable statements are true in all models) and complete (i.e. all statements which are true in all models are provable). Although the logical consequence relation is only semidecidable, much progress has been made in automated theorem proving in firstorder logic. Firstorder logic also satisfies several metalogical theorems that make it amenable to analysis in proof theory, such as the Löwenheim–Skolem theorem and the compactness theorem.
Firstorder logic is the standard for the formalization of mathematics into axioms, and is studied in the foundations of mathematics. Peano arithmetic and Zermelo–Fraenkel set theory are axiomatizations of number theory and set theory, respectively, into firstorder logic. No firstorder theory, however, has the strength to uniquely describe a structure with an infinite domain, such as the natural numbers or the real line. Axiom systems that do fully describe these two structures (that is, categorical axiom systems) can be obtained in stronger logics such as secondorder logic.
The foundations of firstorder logic were developed independently by Gottlob Frege and Charles Sanders Peirce.^{[4]} For a history of firstorder logic and how it came to dominate formal logic, see José Ferreirós (2001).
Introduction
While propositional logic deals with simple declarative propositions, firstorder logic additionally covers predicates and quantification.
A predicate takes an entity or entities in the domain of discourse and evaluates to true or false. Consider the two sentences "Socrates is a philosopher" and "Plato is a philosopher". In propositional logic, these sentences are viewed as being unrelated, and might be denoted, for example, by variables such as p and q. The predicate "is a philosopher" occurs in both sentences, which have a common structure of "a is a philosopher". The variable a is instantiated as "Socrates" in the first sentence, and is instantiated as "Plato" in the second sentence. While firstorder logic allows for the use of predicates, such as "is a philosopher" in this example, propositional logic does not.^{[5]}
Relationships between predicates can be stated using logical connectives. Consider, for example, the firstorder formula "if a is a philosopher, then a is a scholar". This formula is a conditional statement with "a is a philosopher" as its hypothesis, and "a is a scholar" as its conclusion. The truth of this formula depends on which object is denoted by a, and on the interpretations of the predicates "is a philosopher" and "is a scholar".
Quantifiers can be applied to variables in a formula. The variable a in the previous formula can be universally quantified, for instance, with the firstorder sentence "For every a, if a is a philosopher, then a is a scholar". The universal quantifier "for every" in this sentence expresses the idea that the claim "if a is a philosopher, then a is a scholar" holds for all choices of a.
The negation of the sentence "For every a, if a is a philosopher, then a is a scholar" is logically equivalent to the sentence "There exists a such that a is a philosopher and a is not a scholar". The existential quantifier "there exists" expresses the idea that the claim "a is a philosopher and a is not a scholar" holds for some choice of a.
The predicates "is a philosopher" and "is a scholar" each take a single variable. In general, predicates can take several variables. In the firstorder sentence "Socrates is the teacher of Plato", the predicate "is the teacher of" takes two variables.
An interpretation (or model) of a firstorder formula specifies what each predicate means, and the entities that can instantiate the variables. These entities form the domain of discourse or universe, which is usually required to be a nonempty set. For example, in an interpretation with the domain of discourse consisting of all human beings and the predicate "is a philosopher" understood as "was the author of the Republic", the sentence "There exists a such that a is a philosopher" is seen as being true, as witnessed by Plato.
Syntax
There are two key parts of firstorder logic. The syntax determines which finite sequences of symbols are wellformed expressions in firstorder logic, while the semantics determines the meanings behind these expressions.
Alphabet
Unlike natural languages, such as English, the language of firstorder logic is completely formal, so that it can be mechanically determined whether a given expression is well formed. There are two key types of wellformed expressions: terms, which intuitively represent objects, and formulas, which intuitively express statements that can be true or false. The terms and formulas of firstorder logic are strings of symbols, where all the symbols together form the alphabet of the language. As with all formal languages, the nature of the symbols themselves is outside the scope of formal logic; they are often regarded simply as letters and punctuation symbols.
It is common to divide the symbols of the alphabet into logical symbols, which always have the same meaning, and nonlogical symbols, whose meaning varies by interpretation. For example, the logical symbol [math]\displaystyle{ \land }[/math] always represents "and"; it is never interpreted as "or", which is represented by the logical symbol [math]\displaystyle{ \lor }[/math]. However, a nonlogical predicate symbol such as Phil(x) could be interpreted to mean "x is a philosopher", "x is a man named Philip", or any other unary predicate depending on the interpretation at hand.
Logical symbols
Logical symbols are a set of characters that vary by author, but usually include the following:^{[6]}
 Quantifier symbols: ∀ for universal quantification, and ∃ for existential quantification
 Logical connectives: ∧ for conjunction, ∨ for disjunction, → for implication, ↔ for biconditional, ¬ for negation. Some authors^{[7]} use Cpq instead of → and Epq instead of ↔, especially in contexts where → is used for other purposes. Moreover, the horseshoe ⊃ may replace →; the triplebar ≡ may replace ↔; a tilde (~), Np, or Fp may replace ¬; a double bar [math]\displaystyle{ \ }[/math], [math]\displaystyle{ + }[/math], or Apq may replace ∨; and an ampersand &, Kpq, or the middle dot ⋅ may replace ∧, especially if these symbols are not available for technical reasons. (The aforementioned symbols Cpq, Epq, Np, Apq, and Kpq are used in Polish notation.)
 Parentheses, brackets, and other punctuation symbols. The choice of such symbols varies depending on context.
 An infinite set of variables, often denoted by lowercase letters at the end of the alphabet x, y, z, ... . Subscripts are often used to distinguish variables: x_{0}, x_{1}, x_{2}, ... .
 An equality symbol (sometimes, identity symbol) = (see § Equality and its axioms below).
Not all of these symbols are required in firstorder logic. Either one of the quantifiers along with negation, conjunction (or disjunction), variables, brackets, and equality suffices.
Other logical symbols include the following:
 Truth constants: T, V, or ⊤ for "true" and F, O, or ⊥ for "false" (V and O are from Polish notation). Without any such logical operators of valence 0, these two constants can only be expressed using quantifiers.
 Additional logical connectives such as the Sheffer stroke, Dpq (NAND), and exclusive or, Jpq.
Nonlogical symbols
Nonlogical symbols represent predicates (relations), functions and constants. It used to be standard practice to use a fixed, infinite set of nonlogical symbols for all purposes:
 For every integer n ≥ 0, there is a collection of nary, or nplace, predicate symbols. Because they represent relations between n elements, they are also called relation symbols. For each arity n, there is an infinite supply of them:
 P^{n}_{0}, P^{n}_{1}, P^{n}_{2}, P^{n}_{3}, ...
 For every integer n ≥ 0, there are infinitely many nary function symbols:
 f^{ n}_{0}, f^{ n}_{1}, f^{ n}_{2}, f^{ n}_{3}, ...
When the arity of a predicate symbol or function symbol is clear from context, the superscript n is often omitted.
In this traditional approach, there is only one language of firstorder logic.^{[8]} This approach is still common, especially in philosophically oriented books.
A more recent practice is to use different nonlogical symbols according to the application one has in mind. Therefore, it has become necessary to name the set of all nonlogical symbols used in a particular application. This choice is made via a signature.^{[9]}
Typical signatures in mathematics are {1, ×} or just {×} for groups, or {0, 1, +, ×, <} for ordered fields. There are no restrictions on the number of nonlogical symbols. The signature can be empty, finite, or infinite, even uncountable. Uncountable signatures occur for example in modern proofs of the Löwenheim–Skolem theorem.
Though signatures might in some cases imply how nonlogical symbols are to be interpreted, interpretation of the nonlogical symbols in the signature is separate (and not necessarily fixed). Signatures concern syntax rather than semantics.
In this approach, every nonlogical symbol is of one of the following types:
 A predicate symbol (or relation symbol) with some valence (or arity, number of arguments) greater than or equal to 0. These are often denoted by uppercase letters such as P, Q and R. Examples:
 In P(x), P is a predicate symbol of valence 1. One possible interpretation is "x is a man".
 In Q(x,y), Q is a predicate symbol of valence 2. Possible interpretations include "x is greater than y" and "x is the father of y".
 Relations of valence 0 can be identified with propositional variables, which can stand for any statement. One possible interpretation of R is "Socrates is a man".
 A function symbol, with some valence greater than or equal to 0. These are often denoted by lowercase roman letters such as f, g and h. Examples:
 f(x) may be interpreted as "the father of x". In arithmetic, it may stand for "x". In set theory, it may stand for "the power set of x".
 In arithmetic, g(x,y) may stand for "x+y". In set theory, it may stand for "the union of x and y".
 Function symbols of valence 0 are called constant symbols, and are often denoted by lowercase letters at the beginning of the alphabet such as a, b and c. The symbol a may stand for Socrates. In arithmetic, it may stand for 0. In set theory, it may stand for the empty set.
The traditional approach can be recovered in the modern approach, by simply specifying the "custom" signature to consist of the traditional sequences of nonlogical symbols.
Formation rules
BNF grammar  

<index> ::= ""  <index> "'" <variable> ::= "x" <index> <constant> ::= "c" <index> <unary function> ::= "f1" <index> <binary function> ::= "f2" <index> <ternary function> ::= "f3" <index> <unary predicate> ::= "p1" <index> <binary predicate> ::= "p2" <index> <ternary predicate> ::= "p3" <index> <term> ::= <variable>  <constant>  <unary function> "(" <term> ")"  <binary function> "(" <term> "," <term> ")"  <ternary function> "(" <term> "," <term> "," <term> ")" <atomic formula> ::= "TRUE"  "FALSE"  <term> "=" <term>  <unary predicate> "(" <term> ")"  <binary predicate> "(" <term> "," <term> ")"  <ternary predicate> "(" <term> "," <term> "," <term> ")" <formula> ::= <atomic formula>  "¬" <formula>  <formula> "∧" <formula>  <formula> "∨" <formula>  <formula> "⇒" <formula>  <formula> "⇔" <formula>  "(" <formula> ")"  "∀" <variable> <formula>  "∃" <variable> <formula>  
The above contextfree grammar in BackusNaur form defines the language of syntactically valid firstorder formulas with function symbols and predicate symbols up to arity 3. For higher arities, it needs to be adapted accordingly.^{[10]}Cite error: Closing </ref> missing for <ref> tag When terms and formulas are represented as strings of symbols, these rules can be used to write a formal grammar for terms and formulas. These rules are generally contextfree (each production has a single symbol on the left side), except that the set of symbols may be allowed to be infinite and there may be many start symbols, for example the variables in the case of terms.
TermsThe set of terms is inductively defined by the following rules:^{[11]}
Only expressions which can be obtained by finitely many applications of rules 1 and 2 are terms. For example, no expression involving a predicate symbol is a term. FormulasThe set of formulas (also called wellformed formulas^{[12]} or WFFs) is inductively defined by the following rules:
Only expressions which can be obtained by finitely many applications of rules 1–5 are formulas. The formulas obtained from the first two rules are said to be atomic formulas. For example,
is a formula, if f is a unary function symbol, P a unary predicate symbol, and Q a ternary predicate symbol. However, [math]\displaystyle{ \forall x\, x \rightarrow }[/math] is not a formula, although it is a string of symbols from the alphabet. The role of the parentheses in the definition is to ensure that any formula can only be obtained in one way—by following the inductive definition (i.e., there is a unique parse tree for each formula). This property is known as unique readability of formulas. There are many conventions for where parentheses are used in formulas. For example, some authors use colons or full stops instead of parentheses, or change the places in which parentheses are inserted. Each author's particular definition must be accompanied by a proof of unique readability. This definition of a formula does not support defining an ifthenelse function Notational conventionsFor convenience, conventions have been developed about the precedence of the logical operators, to avoid the need to write parentheses in some cases. These rules are similar to the order of operations in arithmetic. A common convention is:
Moreover, extra punctuation not required by the definition may be inserted—to make formulas easier to read. Thus the formula
might be written as
In some fields, it is common to use infix notation for binary relations and functions, instead of the prefix notation defined above. For example, in arithmetic, one typically writes "2 + 2 = 4" instead of "=(+(2,2),4)". It is common to regard formulas in infix notation as abbreviations for the corresponding formulas in prefix notation, cf. also term structure vs. representation. The definitions above use infix notation for binary connectives such as [math]\displaystyle{ \to }[/math]. A less common convention is Polish notation, in which one writes [math]\displaystyle{ \rightarrow }[/math], [math]\displaystyle{ \wedge }[/math] and so on in front of their arguments rather than between them. This convention is advantageous in that it allows all punctuation symbols to be discarded. As such, Polish notation is compact and elegant, but rarely used in practice because it is hard for humans to read. In Polish notation, the formula
becomes "∀x∀y→Pfx¬→ PxQfyxz". Free and bound variablesIn a formula, a variable may occur free or bound (or both). Intuitively, a variable occurrence is free in a formula if it is not quantified:^{[14]} in ∀y P(x, y), the sole occurrence of variable x is free while that of y is bound. The free and bound variable occurrences in a formula are defined inductively as follows.
For example, in ∀x ∀y (P(x) → Q(x,f(x),z)), x and y occur only bound,^{[15]} z occurs only free, and w is neither because it does not occur in the formula. Free and bound variables of a formula need not be disjoint sets: in the formula P(x) → ∀x Q(x), the first occurrence of x, as argument of P, is free while the second one, as argument of Q, is bound. A formula in firstorder logic with no free variable occurrences is called a firstorder sentence. These are the formulas that will have welldefined truth values under an interpretation. For example, whether a formula such as Phil(x) is true must depend on what x represents. But the sentence ∃x Phil(x) will be either true or false in a given interpretation. Example: ordered abelian groupsIn mathematics, the language of ordered abelian groups has one constant symbol 0, one unary function symbol −, one binary function symbol +, and one binary relation symbol ≤. Then:
The axioms for ordered abelian groups can be expressed as a set of sentences in the language. For example, the axiom stating that the group is commutative is usually written [math]\displaystyle{ (\forall x)(\forall y)[x+ y = y + x]. }[/math] SemanticsAn interpretation of a firstorder language assigns a denotation to each nonlogical symbol (predicate symbol, function symbol, or constant symbol) in that language. It also determines a domain of discourse that specifies the range of the quantifiers. The result is that each term is assigned an object that it represents, each predicate is assigned a property of objects, and each sentence is assigned a truth value. In this way, an interpretation provides semantic meaning to the terms, predicates, and formulas of the language. The study of the interpretations of formal languages is called formal semantics. What follows is a description of the standard or Tarskian semantics for firstorder logic. (It is also possible to define game semantics for firstorder logic, but aside from requiring the axiom of choice, game semantics agree with Tarskian semantics for firstorder logic, so game semantics will not be elaborated herein.) Firstorder structuresThe most common way of specifying an interpretation (especially in mathematics) is to specify a structure (also called a model; see below). The structure consists of a domain of discourse D and an interpretation function I mapping nonlogical symbols to predicates, functions, and constants. The domain of discourse D is a nonempty set of "objects" of some kind. Intuitively, given an interpretation, a firstorder formula becomes a statement about these objects; for example, [math]\displaystyle{ \exists x P(x) }[/math] states the existence of some object in D for which the predicate P is true (or, more precisely, for which the predicate assigned to the predicate symbol P by the interpretation is true). For example, one can take D to be the set of integers. Nonlogical symbols are interpreted as follows:
Evaluation of truth valuesA formula evaluates to true or false given an interpretation and a variable assignment μ that associates an element of the domain of discourse with each variable. The reason that a variable assignment is required is to give meanings to formulas with free variables, such as [math]\displaystyle{ y = x }[/math]. The truth value of this formula changes depending on whether x and y denote the same individual. First, the variable assignment μ can be extended to all terms of the language, with the result that each term maps to a single element of the domain of discourse. The following rules are used to make this assignment:
Next, each formula is assigned a truth value. The inductive definition used to make this assignment is called the Tschema.
If a formula does not contain free variables, and so is a sentence, then the initial variable assignment does not affect its truth value. In other words, a sentence is true according to M and [math]\displaystyle{ \mu }[/math] if and only if it is true according to M and every other variable assignment [math]\displaystyle{ \mu' }[/math]. There is a second common approach to defining truth values that does not rely on variable assignment functions. Instead, given an interpretation M, one first adds to the signature a collection of constant symbols, one for each element of the domain of discourse in M; say that for each d in the domain the constant symbol c_{d} is fixed. The interpretation is extended so that each new constant symbol is assigned to its corresponding element of the domain. One now defines truth for quantified formulas syntactically, as follows:
This alternate approach gives exactly the same truth values to all sentences as the approach via variable assignments. Validity, satisfiability, and logical consequenceIf a sentence φ evaluates to true under a given interpretation M, one says that M satisfies φ; this is denoted^{[16]} [math]\displaystyle{ M \vDash \varphi }[/math]. A sentence is satisfiable if there is some interpretation under which it is true. This is a bit different from the symbol [math]\displaystyle{ \vDash }[/math] from model theory, where [math]\displaystyle{ M\vDash\phi }[/math] denotes satisfiability in a model, i.e. "there is a suitable assignment of values in [math]\displaystyle{ M }[/math]'s domain to variable symbols of [math]\displaystyle{ \phi }[/math]".^{[17]} Satisfiability of formulas with free variables is more complicated, because an interpretation on its own does not determine the truth value of such a formula. The most common convention is that a formula with free variables is said to be satisfied by an interpretation if the formula remains true regardless which individuals from the domain of discourse are assigned to its free variables. This has the same effect as saying that a formula is satisfied if and only if its universal closure is satisfied. A formula is logically valid (or simply valid) if it is true in every interpretation.^{[18]} These formulas play a role similar to tautologies in propositional logic. A formula φ is a logical consequence of a formula ψ if every interpretation that makes ψ true also makes φ true. In this case one says that φ is logically implied by ψ. AlgebraizationsAn alternate approach to the semantics of firstorder logic proceeds via abstract algebra. This approach generalizes the Lindenbaum–Tarski algebras of propositional logic. There are three ways of eliminating quantified variables from firstorder logic that do not involve replacing quantifiers with other variable binding term operators:
These algebras are all lattices that properly extend the twoelement Boolean algebra. Tarski and Givant (1987) showed that the fragment of firstorder logic that has no atomic sentence lying in the scope of more than three quantifiers has the same expressive power as relation algebra.^{[19]}^{:32–33} This fragment is of great interest because it suffices for Peano arithmetic and most axiomatic set theory, including the canonical ZFC. They also prove that firstorder logic with a primitive ordered pair is equivalent to a relation algebra with two ordered pair projection functions.^{[20]}^{:803} Firstorder theories, models, and elementary classesA firstorder theory of a particular signature is a set of axioms, which are sentences consisting of symbols from that signature. The set of axioms is often finite or recursively enumerable, in which case the theory is called effective. Some authors require theories to also include all logical consequences of the axioms. The axioms are considered to hold within the theory and from them other sentences that hold within the theory can be derived. A firstorder structure that satisfies all sentences in a given theory is said to be a model of the theory. An elementary class is the set of all structures satisfying a particular theory. These classes are a main subject of study in model theory. Many theories have an intended interpretation, a certain model that is kept in mind when studying the theory. For example, the intended interpretation of Peano arithmetic consists of the usual natural numbers with their usual operations. However, the Löwenheim–Skolem theorem shows that most firstorder theories will also have other, nonstandard models. A theory is consistent if it is not possible to prove a contradiction from the axioms of the theory. A theory is complete if, for every formula in its signature, either that formula or its negation is a logical consequence of the axioms of the theory. Gödel's incompleteness theorem shows that effective firstorder theories that include a sufficient portion of the theory of the natural numbers can never be both consistent and complete. Empty domainsThe definition above requires that the domain of discourse of any interpretation must be nonempty. There are settings, such as inclusive logic, where empty domains are permitted. Moreover, if a class of algebraic structures includes an empty structure (for example, there is an empty poset), that class can only be an elementary class in firstorder logic if empty domains are permitted or the empty structure is removed from the class. There are several difficulties with empty domains, however:
Thus, when the empty domain is permitted, it must often be treated as a special case. Most authors, however, simply exclude the empty domain by definition. Deductive systemsA deductive system is used to demonstrate, on a purely syntactic basis, that one formula is a logical consequence of another formula. There are many such systems for firstorder logic, including Hilbertstyle deductive systems, natural deduction, the sequent calculus, the tableaux method, and resolution. These share the common property that a deduction is a finite syntactic object; the format of this object, and the way it is constructed, vary widely. These finite deductions themselves are often called derivations in proof theory. They are also often called proofs, but are completely formalized unlike naturallanguage mathematical proofs. A deductive system is sound if any formula that can be derived in the system is logically valid. Conversely, a deductive system is complete if every logically valid formula is derivable. All of the systems discussed in this article are both sound and complete. They also share the property that it is possible to effectively verify that a purportedly valid deduction is actually a deduction; such deduction systems are called effective. A key property of deductive systems is that they are purely syntactic, so that derivations can be verified without considering any interpretation. Thus a sound argument is correct in every possible interpretation of the language, regardless of whether that interpretation is about mathematics, economics, or some other area. In general, logical consequence in firstorder logic is only semidecidable: if a sentence A logically implies a sentence B then this can be discovered (for example, by searching for a proof until one is found, using some effective, sound, complete proof system). However, if A does not logically imply B, this does not mean that A logically implies the negation of B. There is no effective procedure that, given formulas A and B, always correctly decides whether A logically implies B. Rules of inferenceA rule of inference states that, given a particular formula (or set of formulas) with a certain property as a hypothesis, another specific formula (or set of formulas) can be derived as a conclusion. The rule is sound (or truthpreserving) if it preserves validity in the sense that whenever any interpretation satisfies the hypothesis, that interpretation also satisfies the conclusion. For example, one common rule of inference is the rule of substitution. If t is a term and φ is a formula possibly containing the variable x, then φ[t/x] is the result of replacing all free instances of x by t in φ. The substitution rule states that for any φ and any term t, one can conclude φ[t/x] from φ provided that no free variable of t becomes bound during the substitution process. (If some free variable of t becomes bound, then to substitute t for x it is first necessary to change the bound variables of φ to differ from the free variables of t.) To see why the restriction on bound variables is necessary, consider the logically valid formula φ given by [math]\displaystyle{ \exists x (x = y) }[/math], in the signature of (0,1,+,×,=) of arithmetic. If t is the term "x + 1", the formula φ[t/y] is [math]\displaystyle{ \exists x ( x = x+1) }[/math], which will be false in many interpretations. The problem is that the free variable x of t became bound during the substitution. The intended replacement can be obtained by renaming the bound variable x of φ to something else, say z, so that the formula after substitution is [math]\displaystyle{ \exists z ( z = x+1) }[/math], which is again logically valid. The substitution rule demonstrates several common aspects of rules of inference. It is entirely syntactical; one can tell whether it was correctly applied without appeal to any interpretation. It has (syntactically defined) limitations on when it can be applied, which must be respected to preserve the correctness of derivations. Moreover, as is often the case, these limitations are necessary because of interactions between free and bound variables that occur during syntactic manipulations of the formulas involved in the inference rule. Hilbertstyle systems and natural deductionA deduction in a Hilbertstyle deductive system is a list of formulas, each of which is a logical axiom, a hypothesis that has been assumed for the derivation at hand, or follows from previous formulas via a rule of inference. The logical axioms consist of several axiom schemas of logically valid formulas; these encompass a significant amount of propositional logic. The rules of inference enable the manipulation of quantifiers. Typical Hilbertstyle systems have a small number of rules of inference, along with several infinite schemas of logical axioms. It is common to have only modus ponens and universal generalization as rules of inference. Natural deduction systems resemble Hilbertstyle systems in that a deduction is a finite list of formulas. However, natural deduction systems have no logical axioms; they compensate by adding additional rules of inference that can be used to manipulate the logical connectives in formulas in the proof. Sequent calculusThe sequent calculus was developed to study the properties of natural deduction systems.^{[21]} Instead of working with one formula at a time, it uses sequents, which are expressions of the form
where A_{1}, ..., A_{n}, B_{1}, ..., B_{k} are formulas and the turnstile symbol [math]\displaystyle{ \vdash }[/math] is used as punctuation to separate the two halves. Intuitively, a sequent expresses the idea that [math]\displaystyle{ (A_1 \land \cdots\land A_n) }[/math] implies [math]\displaystyle{ (B_1\lor\cdots\lor B_k) }[/math]. Tableaux methodUnlike the methods just described, the derivations in the tableaux method are not lists of formulas. Instead, a derivation is a tree of formulas. To show that a formula A is provable, the tableaux method attempts to demonstrate that the negation of A is unsatisfiable. The tree of the derivation has [math]\displaystyle{ \lnot A }[/math] at its root; the tree branches in a way that reflects the structure of the formula. For example, to show that [math]\displaystyle{ C \lor D }[/math] is unsatisfiable requires showing that C and D are each unsatisfiable; this corresponds to a branching point in the tree with parent [math]\displaystyle{ C \lor D }[/math] and children C and D. ResolutionThe resolution rule is a single rule of inference that, together with unification, is sound and complete for firstorder logic. As with the tableaux method, a formula is proved by showing that the negation of the formula is unsatisfiable. Resolution is commonly used in automated theorem proving. The resolution method works only with formulas that are disjunctions of atomic formulas; arbitrary formulas must first be converted to this form through Skolemization. The resolution rule states that from the hypotheses [math]\displaystyle{ A_1 \lor\cdots\lor A_k \lor C }[/math] and [math]\displaystyle{ B_1\lor\cdots\lor B_l\lor\lnot C }[/math], the conclusion [math]\displaystyle{ A_1\lor\cdots\lor A_k\lor B_1\lor\cdots\lor B_l }[/math] can be obtained. Provable identitiesMany identities can be proved, which establish equivalences between particular formulas. These identities allow for rearranging formulas by moving quantifiers across other connectives, and are useful for putting formulas in prenex normal form. Some provable identities include:
Equality and its axiomsThere are several different conventions for using equality (or identity) in firstorder logic. The most common convention, known as firstorder logic with equality, includes the equality symbol as a primitive logical symbol which is always interpreted as the real equality relation between members of the domain of discourse, such that the "two" given members are the same member. This approach also adds certain axioms about equality to the deductive system employed. These equality axioms are:^{[22]}^{:198–200}
These are axiom schemas, each of which specifies an infinite set of axioms. The third schema is known as Leibniz's law, "the principle of substitutivity", "the indiscernibility of identicals", or "the replacement property". The second schema, involving the function symbol f, is (equivalent to) a special case of the third schema, using the formula
Many other properties of equality are consequences of the axioms above, for example:
Firstorder logic without equalityAn alternate approach considers the equality relation to be a nonlogical symbol. This convention is known as firstorder logic without equality. If an equality relation is included in the signature, the axioms of equality must now be added to the theories under consideration, if desired, instead of being considered rules of logic. The main difference between this method and firstorder logic with equality is that an interpretation may now interpret two distinct individuals as "equal" (although, by Leibniz's law, these will satisfy exactly the same formulas under any interpretation). That is, the equality relation may now be interpreted by an arbitrary equivalence relation on the domain of discourse that is congruent with respect to the functions and relations of the interpretation. When this second convention is followed, the term normal model is used to refer to an interpretation where no distinct individuals a and b satisfy a = b. In firstorder logic with equality, only normal models are considered, and so there is no term for a model other than a normal model. When firstorder logic without equality is studied, it is necessary to amend the statements of results such as the Löwenheim–Skolem theorem so that only normal models are considered. Firstorder logic without equality is often employed in the context of secondorder arithmetic and other higherorder theories of arithmetic, where the equality relation between sets of natural numbers is usually omitted. Defining equality within a theoryIf a theory has a binary formula A(x,y) which satisfies reflexivity and Leibniz's law, the theory is said to have equality, or to be a theory with equality. The theory may not have all instances of the above schemas as axioms, but rather as derivable theorems. For example, in theories with no function symbols and a finite number of relations, it is possible to define equality in terms of the relations, by defining the two terms s and t to be equal if any relation is unchanged by changing s to t in any argument. Some theories allow other ad hoc definitions of equality:
Metalogical propertiesOne motivation for the use of firstorder logic, rather than higherorder logic, is that firstorder logic has many metalogical properties that stronger logics do not have. These results concern general properties of firstorder logic itself, rather than properties of individual theories. They provide fundamental tools for the construction of models of firstorder theories. Completeness and undecidabilityGödel's completeness theorem, proved by Kurt Gödel in 1929, establishes that there are sound, complete, effective deductive systems for firstorder logic, and thus the firstorder logical consequence relation is captured by finite provability. Naively, the statement that a formula φ logically implies a formula ψ depends on every model of φ; these models will in general be of arbitrarily large cardinality, and so logical consequence cannot be effectively verified by checking every model. However, it is possible to enumerate all finite derivations and search for a derivation of ψ from φ. If ψ is logically implied by φ, such a derivation will eventually be found. Thus firstorder logical consequence is semidecidable: it is possible to make an effective enumeration of all pairs of sentences (φ,ψ) such that ψ is a logical consequence of φ. Unlike propositional logic, firstorder logic is undecidable (although semidecidable), provided that the language has at least one predicate of arity at least 2 (other than equality). This means that there is no decision procedure that determines whether arbitrary formulas are logically valid. This result was established independently by Alonzo Church and Alan Turing in 1936 and 1937, respectively, giving a negative answer to the Entscheidungsproblem posed by David Hilbert and Wilhelm Ackermann in 1928. Their proofs demonstrate a connection between the unsolvability of the decision problem for firstorder logic and the unsolvability of the halting problem. There are systems weaker than full firstorder logic for which the logical consequence relation is decidable. These include propositional logic and monadic predicate logic, which is firstorder logic restricted to unary predicate symbols and no function symbols. Other logics with no function symbols which are decidable are the guarded fragment of firstorder logic, as well as twovariable logic. The Bernays–Schönfinkel class of firstorder formulas is also decidable. Decidable subsets of firstorder logic are also studied in the framework of description logics. The Löwenheim–Skolem theoremThe Löwenheim–Skolem theorem shows that if a firstorder theory of cardinality λ has an infinite model, then it has models of every infinite cardinality greater than or equal to λ. One of the earliest results in model theory, it implies that it is not possible to characterize countability or uncountability in a firstorder language with a countable signature. That is, there is no firstorder formula φ(x) such that an arbitrary structure M satisfies φ if and only if the domain of discourse of M is countable (or, in the second case, uncountable). The Löwenheim–Skolem theorem implies that infinite structures cannot be categorically axiomatized in firstorder logic. For example, there is no firstorder theory whose only model is the real line: any firstorder theory with an infinite model also has a model of cardinality larger than the continuum. Since the real line is infinite, any theory satisfied by the real line is also satisfied by some nonstandard models. When the Löwenheim–Skolem theorem is applied to firstorder set theories, the nonintuitive consequences are known as Skolem's paradox. The compactness theoremThe compactness theorem states that a set of firstorder sentences has a model if and only if every finite subset of it has a model.^{[25]} This implies that if a formula is a logical consequence of an infinite set of firstorder axioms, then it is a logical consequence of some finite number of those axioms. This theorem was proved first by Kurt Gödel as a consequence of the completeness theorem, but many additional proofs have been obtained over time. It is a central tool in model theory, providing a fundamental method for constructing models. The compactness theorem has a limiting effect on which collections of firstorder structures are elementary classes. For example, the compactness theorem implies that any theory that has arbitrarily large finite models has an infinite model. Thus the class of all finite graphs is not an elementary class (the same holds for many other algebraic structures). There are also more subtle limitations of firstorder logic that are implied by the compactness theorem. For example, in computer science, many situations can be modeled as a directed graph of states (nodes) and connections (directed edges). Validating such a system may require showing that no "bad" state can be reached from any "good" state. Thus one seeks to determine if the good and bad states are in different connected components of the graph. However, the compactness theorem can be used to show that connected graphs are not an elementary class in firstorder logic, and there is no formula φ(x,y) of firstorder logic, in the logic of graphs, that expresses the idea that there is a path from x to y. Connectedness can be expressed in secondorder logic, however, but not with only existential set quantifiers, as [math]\displaystyle{ \Sigma_1^1 }[/math] also enjoys compactness. Lindström's theoremPer Lindström showed that the metalogical properties just discussed actually characterize firstorder logic in the sense that no stronger logic can also have those properties (Ebbinghaus and Flum 1994, Chapter XIII). Lindström defined a class of abstract logical systems, and a rigorous definition of the relative strength of a member of this class. He established two theorems for systems of this type:
LimitationsAlthough firstorder logic is sufficient for formalizing much of mathematics, and is commonly used in computer science and other fields, it has certain limitations. These include limitations on its expressiveness and limitations of the fragments of natural languages that it can describe. For instance, firstorder logic is undecidable, meaning a sound, complete and terminating decision algorithm for provability is impossible. This has led to the study of interesting decidable fragments, such as C_{2}: firstorder logic with two variables and the counting quantifiers [math]\displaystyle{ \exists^{\ge n} }[/math] and [math]\displaystyle{ \exists^{\le n} }[/math].^{[26]} ExpressivenessThe Löwenheim–Skolem theorem shows that if a firstorder theory has any infinite model, then it has infinite models of every cardinality. In particular, no firstorder theory with an infinite model can be categorical. Thus there is no firstorder theory whose only model has the set of natural numbers as its domain, or whose only model has the set of real numbers as its domain. Many extensions of firstorder logic, including infinitary logics and higherorder logics, are more expressive in the sense that they do permit categorical axiomatizations of the natural numbers or real numbers. This expressiveness comes at a metalogical cost, however: by Lindström's theorem, the compactness theorem and the downward Löwenheim–Skolem theorem cannot hold in any logic stronger than firstorder. Formalizing natural languagesFirstorder logic is able to formalize many simple quantifier constructions in natural language, such as "every person who lives in Perth lives in Australia". Hence, firstorder logic is used as a basis for knowledge representation languages, such as FO(.). Still, there are complicated features of natural language that cannot be expressed in firstorder logic. "Any logical system which is appropriate as an instrument for the analysis of natural language needs a much richer structure than firstorder predicate logic".^{[27]}
Restrictions, extensions, and variationsThere are many variations of firstorder logic. Some of these are inessential in the sense that they merely change notation without affecting the semantics. Others change the expressive power more significantly, by extending the semantics through additional quantifiers or other new logical symbols. For example, infinitary logics permit formulas of infinite size, and modal logics add symbols for possibility and necessity. Restricted languagesFirstorder logic can be studied in languages with fewer logical symbols than were described above.
Restrictions such as these are useful as a technique to reduce the number of inference rules or axiom schemas in deductive systems, which leads to shorter proofs of metalogical results. The cost of the restrictions is that it becomes more difficult to express naturallanguage statements in the formal system at hand, because the logical connectives used in the natural language statements must be replaced by their (longer) definitions in terms of the restricted collection of logical connectives. Similarly, derivations in the limited systems may be longer than derivations in systems that include additional connectives. There is thus a tradeoff between the ease of working within the formal system and the ease of proving results about the formal system. It is also possible to restrict the arities of function symbols and predicate symbols, in sufficiently expressive theories. One can in principle dispense entirely with functions of arity greater than 2 and predicates of arity greater than 1 in theories that include a pairing function. This is a function of arity 2 that takes pairs of elements of the domain and returns an ordered pair containing them. It is also sufficient to have two predicate symbols of arity 2 that define projection functions from an ordered pair to its components. In either case it is necessary that the natural axioms for a pairing function and its projections are satisfied. Manysorted logicOrdinary firstorder interpretations have a single domain of discourse over which all quantifiers range. Manysorted firstorder logic allows variables to have different sorts, which have different domains. This is also called typed firstorder logic, and the sorts called types (as in data type), but it is not the same as firstorder type theory. Manysorted firstorder logic is often used in the study of secondorder arithmetic.^{[29]} When there are only finitely many sorts in a theory, manysorted firstorder logic can be reduced to singlesorted firstorder logic.^{[30]}^{:296–299} One introduces into the singlesorted theory a unary predicate symbol for each sort in the manysorted theory, and adds an axiom saying that these unary predicates partition the domain of discourse. For example, if there are two sorts, one adds predicate symbols [math]\displaystyle{ P_1(x) }[/math] and [math]\displaystyle{ P_2(x) }[/math] and the axiom
Then the elements satisfying [math]\displaystyle{ P_1 }[/math] are thought of as elements of the first sort, and elements satisfying [math]\displaystyle{ P_2 }[/math] as elements of the second sort. One can quantify over each sort by using the corresponding predicate symbol to limit the range of quantification. For example, to say there is an element of the first sort satisfying formula φ(x), one writes
Additional quantifiersAdditional quantifiers can be added to firstorder logic.
Infinitary logicsInfinitary logic allows infinitely long sentences. For example, one may allow a conjunction or disjunction of infinitely many formulas, or quantification over infinitely many variables. Infinitely long sentences arise in areas of mathematics including topology and model theory. Infinitary logic generalizes firstorder logic to allow formulas of infinite length. The most common way in which formulas can become infinite is through infinite conjunctions and disjunctions. However, it is also possible to admit generalized signatures in which function and relation symbols are allowed to have infinite arities, or in which quantifiers can bind infinitely many variables. Because an infinite formula cannot be represented by a finite string, it is necessary to choose some other representation of formulas; the usual representation in this context is a tree. Thus formulas are, essentially, identified with their parse trees, rather than with the strings being parsed. The most commonly studied infinitary logics are denoted L_{αβ}, where α and β are each either cardinal numbers or the symbol ∞. In this notation, ordinary firstorder logic is L_{ωω}. In the logic L_{∞ω}, arbitrary conjunctions or disjunctions are allowed when building formulas, and there is an unlimited supply of variables. More generally, the logic that permits conjunctions or disjunctions with less than κ constituents is known as L_{κω}. For example, L_{ω1ω} permits countable conjunctions and disjunctions. The set of free variables in a formula of L_{κω} can have any cardinality strictly less than κ, yet only finitely many of them can be in the scope of any quantifier when a formula appears as a subformula of another.^{[31]} In other infinitary logics, a subformula may be in the scope of infinitely many quantifiers. For example, in L_{κ∞}, a single universal or existential quantifier may bind arbitrarily many variables simultaneously. Similarly, the logic L_{κλ} permits simultaneous quantification over fewer than λ variables, as well as conjunctions and disjunctions of size less than κ. Nonclassical and modal logics
Fixpoint logicFixpoint logic extends firstorder logic by adding the closure under the least fixed points of positive operators.^{[32]} Higherorder logicsThe characteristic feature of firstorder logic is that individuals can be quantified, but not predicates. Thus
is a legal firstorder formula, but
is not, in most formalizations of firstorder logic. Secondorder logic extends firstorder logic by adding the latter type of quantification. Other higherorder logics allow quantification over even higher types than secondorder logic permits. These higher types include relations between relations, functions from relations to relations between relations, and other highertype objects. Thus the "first" in firstorder logic describes the type of objects that can be quantified. Unlike firstorder logic, for which only one semantics is studied, there are several possible semantics for secondorder logic. The most commonly employed semantics for secondorder and higherorder logic is known as full semantics. The combination of additional quantifiers and the full semantics for these quantifiers makes higherorder logic stronger than firstorder logic. In particular, the (semantic) logical consequence relation for secondorder and higherorder logic is not semidecidable; there is no effective deduction system for secondorder logic that is sound and complete under full semantics. Secondorder logic with full semantics is more expressive than firstorder logic. For example, it is possible to create axiom systems in secondorder logic that uniquely characterize the natural numbers and the real line. The cost of this expressiveness is that secondorder and higherorder logics have fewer attractive metalogical properties than firstorder logic. For example, the Löwenheim–Skolem theorem and compactness theorem of firstorder logic become false when generalized to higherorder logics with full semantics. Automated theorem proving and formal methodsAutomated theorem proving refers to the development of computer programs that search and find derivations (formal proofs) of mathematical theorems.^{[33]} Finding derivations is a difficult task because the search space can be very large; an exhaustive search of every possible derivation is theoretically possible but computationally infeasible for many systems of interest in mathematics. Thus complicated heuristic functions are developed to attempt to find a derivation in less time than a blind search. The related area of automated proof verification uses computer programs to check that humancreated proofs are correct. Unlike complicated automated theorem provers, verification systems may be small enough that their correctness can be checked both by hand and through automated software verification. This validation of the proof verifier is needed to give confidence that any derivation labeled as "correct" is actually correct. Some proof verifiers, such as Metamath, insist on having a complete derivation as input. Others, such as Mizar and Isabelle, take a wellformatted proof sketch (which may still be very long and detailed) and fill in the missing pieces by doing simple proof searches or applying known decision procedures: the resulting derivation is then verified by a small core "kernel". Many such systems are primarily intended for interactive use by human mathematicians: these are known as proof assistants. They may also use formal logics that are stronger than firstorder logic, such as type theory. Because a full derivation of any nontrivial result in a firstorder deductive system will be extremely long for a human to write,^{[34]} results are often formalized as a series of lemmas, for which derivations can be constructed separately. Automated theorem provers are also used to implement formal verification in computer science. In this setting, theorem provers are used to verify the correctness of programs and of hardware such as processors with respect to a formal specification. Because such analysis is timeconsuming and thus expensive, it is usually reserved for projects in which a malfunction would have grave human or financial consequences. For the problem of model checking, efficient algorithms are known to decide whether an input finite structure satisfies a firstorder formula, in addition to computational complexity bounds: see Model checking § Firstorder logic. See also
Notes
References
External links
