TTIT07 Discrete Structures
LABORATORY EXERCISE 2
in Discrete Mathematics and Logic
Ulf Nilsson
2000-10-16
The objective of this lab is to deepen your understanding of logic and how to
use logic to model simple switching circuits and to verify properties of the circuits. We will use a system called Sat which is implemented in SICStus Prolog.
Below you will find an introduction on how to get started with Sat. The actual
lab exercises (two of them) are then described. You should read all of this before
coming to the laboratory classes.
You may solve this exercises in pairs or in groups of three, but each
group must come up with its own solution. To pass this lab you have to
demonstrate your solutions for the teaching assistant during the labs, or
hand in your solutions on paper. Solutions will not be accepted after the
2nd of November.
1 The Syntax of Sat
Sat is a tool that checks the satisfiability of a propositional logic formula (and
Boolean expressions). The syntax of Sat is based on propositional logic, extended with a simple form of definitions. The most primitive type of expression is the propositional constants, 0 and 1, representing falsity and truth, and
the propositional variable. The propositional variables, Var, are alphanumeric
identifiers starting with an uppercase letter. E.g. X, X1 and Xs (just like variables
in Prolog).
Using variables and the standard connectives we may construct compound
formulas; negations, conjunctions, disjunctions, implications and equivalences.
The syntax of formulas (Formula) is summarized in the following, so-called,
1
context-free grammar:1
Formula
::=
j
j
j
j
j
0 j 1 j Var
not(Formula)
and(Formula,Formula)
or(Formula,Formula)
implies(Formula,Formula)
eq(Formula,Formula)
Formulas can also be written in infix and prefix notation; that is, instead of writing e.g. “and(A,B)” or “not(A)” it is possible to write also “A and B” and “not
A”. Negation binds harder than the other connectives, followed by conjunction/disjunction and finally implication/equivalence. That is, “not A and B
implies C” really means “implies(and(not(A),B),C)”. In case of e.g. nested
conjunctions and disjunctions it is best to use parantheses to disambiguate formulas.
As explained above Sat takes a formula and checks if the formula is satisfiable. That is, if there is a valuation where the formula is true. If we, for instance,
give the system the formula implies(A,not(B)) the system computes all valuations that satisfy the formula. In our case there are three valuations that satisfy
the formula:
SAT?- implies(A,not(B)).
[A=0,B=0]
[A=1,B=0]
[A=0,B=1]
SAT?(Here SAT?- is the system prompt.) If we give an unsatisfiable formula, such
as and(A,not(A)), the system will be unable to find a valuation that satisfies
the formula:
SAT?- and(A,not(A)).
SAT?Note that the formulas must be terminated by a period (just like in Prolog).
Sat can be used to model and reason about switching/combinatorial circuits. Consider the 2-to-1 multiplexer in Figure 1. The circuit describes a relation between the inputs A; B; C and the output D. This relation can be inspected by checking the valuations that satisfy the following formula:
SAT?- eq(D,or(and(A,C),and(B,not(C)))).
[A=0,B=0,C=0,D=0]
1 A context-free grammar is a collection of rules of the form L ::= R. Rules with the same lefthand-side are usually grouped together as L ::= R1 j : : : jRn . A rule L ::= R is saying that R is one
way of constructing an expression of type L. Hence, the first rule is saying that the propositional
constants and the propositional variables are formulas. The second rule is saying that if we have a
formula, say F , then not(F ) is also a formula, etc.
2
A
&
B
1
&
D
C
Figure 1: A 2-to-1-mux
[A=0,B=0,C=1,D=0]
[A=0,B=1,C=0,D=1]
[A=0,B=1,C=1,D=0]
[A=1,B=0,C=0,D=0]
[A=1,B=0,C=1,D=1]
[A=1,B=1,C=0,D=1]
[A=1,B=1,C=1,D=1]
SAT?We see that when C = 1 then A = D, and when C = 0 then B = D; which is
what we expect from a 2-to-1 multiplexer.
As pointed out above we may use Sat to describe the relation between inputs and output(s) of a switching circuit. We may also give a name to such a
relation in an external file. This is called a definition. The general form of a
definition is the following:
Def
Rel
::=
::=
Rel := Formula
id(Var,...,Var)
Here id is the name of the relation being defined. The name must be an alphanumeric identifier starting with a lowercase letter. We may for example
write the following definition:
mux(A,B,C,D) :=
eq(D,or(and(A,C),and(B,not(C)))).
Given such a definition we may write the left-hand-side of the definition instead of the (usually longer) right-hand-side.
SAT?- mux(A,B,C,D).
[A=0,B=0,C=0,D=0]
[A=0,B=0,C=1,D=0]
[A=0,B=1,C=0,D=1]
[A=0,B=1,C=1,D=0]
[A=1,B=0,C=0,D=0]
[A=1,B=0,C=1,D=1]
[A=1,B=1,C=0,D=1]
[A=1,B=1,C=1,D=1]
3
We may also mix definitions with standard formulas (here infix notation is
used):
SAT?- mux(A,B,C,D) and C.
[A=0,B=0,C=1,D=0]
[A=0,B=1,C=1,D=0]
[A=1,B=0,C=1,D=1]
[A=1,B=1,C=1,D=1]
Definitions provide a means of modularization and abstraction. They make it
possible to assign a name to a certain well-defined relation. The relation can
then be reused. For instance, if we want to define a 4-to-1 multiplexer we may
use the existing 2-to-1 multiplexer as shown in Figure 2. In Sat this can be
A
MUX
B
C
MUX
MUX
G
D
F
E
Figure 2: A 4-to-1-mux
expressed with the following definition (again using infix notation):
bigmux(A,B,C,D,E,F,G) :=
mux(A,B,E,T1) and mux(C,D,E,T2) and mux(T1,T2,F,G).
Our definition states that a certain relation (bigmux) holds between the boolean
variables when the “mux-relation” holds three times on different combinations
of the variables, corresponding to how they are inter-connected. Note that the
internal connections are represented by the “temporary” variables T1 and T2.
2 Using Sat
Sat is a program running on top of SICStus Prolog, and the user environment
is quite similar. In order to run Sat you must first load the Sat module
mir-61% module add /home/TTIT07/modulefiles/sat
To remove the module you should use the command
mir-62% module rm sat
4
Note that it is necessary to remove the module in case you want to run SICStus
Prolog.
You may run Sat either from the shell or from within emacs (recommended).
To start Sat from a shell you give the command sat:
mir-65% sat
{restoring /home/TTIT07/bin/sat...}
{/home/TTIT07/bin/sat restored in 10 msec 132064 bytes}
Sat V1.0, (c) 2000 Ulf Nilsson
SAT?You can now check the satisfiability of formulas. Note that the formula must
be terminated by a period:
SAT?- A and not B.
[A=1,B=0]
SAT?Also note that definitions (if you use them) must be defined in a text file and
loaded into Sat. It is not possible to definie a relation directly. of course, once a
definition has been loaded it can be used in expressions. Assume that we have
defined a multiplexer in a text file named mux.pl:
% File mux.pl
mux(A,B,C,D) :=
D eq (A and C) or (B and not C).
The file can be loaded into the system e.g. by writing:
SAT?- [mux].
{consulting mux.pl...}
{consulted mux.pl in module user, 15 msec -80 bytes}
SAT?Once loaded you may use the definitions in formulas:
SAT?- mux(1,0,1,D).
[D=1]
SAT?To list the definitions currently loaded into the system, write:
SAT?- listing.
mux(A,B,C,D):=D eq(A and C)or B and not C.
SAT?To quit from the system write:
SAT?- halt.
You may also interact with Sat through emacs in the same way as with SICStus
Prolog. That is, start emacs, edit the file mux.pl, and then load the file into Sat
using the emacs menues.
5
3 Analysis of Circuits
As discussed above Sat checks the satisfiability of propositional formulas. This
can be used both to test switching circuits and, more generally, to prove properties of circuits. Testing basically amounts to inspecting the valuations that
satisfy a circuit. For instance, an exhaustive test of the 2-to-1 mux is given
below:
SAT?- eq(D,or(and(A,C),and(B,not(C)))).
[A=0,B=0,C=0,D=0]
[A=0,B=0,C=1,D=0]
[A=0,B=1,C=0,D=1]
[A=0,B=1,C=1,D=0]
[A=1,B=0,C=0,D=0]
[A=1,B=0,C=1,D=1]
[A=1,B=1,C=0,D=1]
[A=1,B=1,C=1,D=1]
SAT?There are 8 cases corresponding to the 8 possible inputs to the circuit. We see
that if C = 1 then A = D, and if C = 0 then B = D, as expected. It is also
possible to test individual test cases. For instance, to see what may happen
when A = C = 1 we may write:
SAT?- mux(A,B,C,D) and A and C.
[A=1,B=0,C=1,D=1]
[A=1,B=1,C=1,D=1]
SAT?Or simply:
SAT?- mux(1,B,1,D).
[B=0,D=1]
[B=1,D=1]
SAT?More generally we may prove that a certain design has a certain property by
proving that the property is a logical consequence of the design. However, proving logical consequence is not directly supported by Sat. On the other hand we
can use the following well-known theorem:
F
j= G iff F ^ :G is unsatisfiable.
That is, if we want to prove that if C = 1 then D
satisfiability of the following formula:
=
A
we may check instead the
SAT?- mux(A,B,C,D) and not (C implies (D eq A)).
SAT?The formula is not satisfiable, and therefore we know that the property is a
logical consequence of the design.
6
4 Problem 1: An XOR-Gate
In this first exercise we will design an XOR-gate using MOS-technology2 and
then verify that it actually is an XOR-gate. The basic building blocks in this
case are MOS-transistors of which there are two kinds: N-switch and P-switch
MOS transistors. A MOS-transistor defines a relation between three Boolean
connectors called gate (G), source (S) and drain (D), see Figure 3. The gate acts
source
source
gate
gate
drain
drain
Figure 3: N-switch and P-switch MOS
as a switch. In case of an N-switch MOS transistor the gate short-circuits the
source and the drain when the gate is 1. In the case of a P-switch MOS the
gate short-circuits the source and drain when the gate is 0. That is, logically we
have the following relationships:
! (D $ S )
: G ! (D $ S )
N-switch MOS
P-switch MOS
G
Figure 4 describes the design of an XOR-gate with inputs X , Y and the output
Z
0
W
Y
1
X
Figure 4: Design of XOR-gate
2 Metal
Oxide Semiconductor.
7
. Prove (without testing) that the design indeed implements an XOR-gate.
That is, formulate what is expected from an XOR-gate and prove using Sat that
this is a logical consequence of the design.
Z
5 Problem 2: A Full Adder
A half adder is a switching circuit for adding binary numbers. It has two inputs
A and B , and two outputs C and D . The output D should be be the sum of the
two inputs, but since the sum may be either 0, 1 or 2, we need an additional bit
C (carry) to take care of the overflow. The expected relation between A; B; C; D
is as follows:
A
0
0
1
1
B
C
0
1
0
1
0
0
0
1
D
0
1
1
0
One possible implementation of this is the switching circuit in Figure 5.
A
1
&
B
D
&
C
Figure 5: Design of half-adder
If we want to build an adder to sum binary numbers consisting of more
than one bit, we need as input not only the two numbers to add (A and B ), but
also the carry C1 from the less significant positions of the number. However,
we still need only two outputs: the sum D and the carry C2 required when
adding the more significant bits. Such a circuit is called a full adder. One way
of implementing a full adder is to use two half adders as shown in Figure 6.
Prove (without testing) the following properties of the full adder using Sat:
The output C2 is 1 iff at least two of A; B; C1 are 1.
The output D is 1 iff an odd number of A; B; C1 are 1.
8
C1
D
H.A.
1
A
B
H.A.
Figure 6: Design of a full adder
9
C2