CHURCHS SYNTHESIS PROBLEM and its EXTENSIONS Alexander Rabinovich - - PowerPoint PPT Presentation

CHURCH’S SYNTHESIS PROBLEM and its EXTENSIONS

Alexander Rabinovich Tel-Aviv University, Israel

http://www.tau.ac.il/∼rabinoa

4-th ISLA January, 2012

Plan of the Course

1 The Church problem - logic and automata. 2 Games - basic notions. 3 Memoryless determinacy. 4 Finite memory determinacy 5 Applications and trends.

Sources

1 D. Perrin, J.E. Pin. Infinite Words, Elsevier, Amsterdam

2004.

2 E. Gr¨

adel, W. Thomas, Th. Wilke (Eds). Automata, Logics, and Infinite Games, Springer LNCS 2500 (2002).

3 Publications in “Game training network”.

Sources

1 D. Perrin, J.E. Pin. Infinite Words, Elsevier, Amsterdam

2004.

2 E. Gr¨

adel, W. Thomas, Th. Wilke (Eds). Automata, Logics, and Infinite Games, Springer LNCS 2500 (2002).

3 Publications in “Game training network”.

Synthesis Problem

Input: A specification S(I, O) Task: Find a program P which implements S, i.e., ∀I(S(I, P(I)).

Synthesis Problem

Input: A specification S(I, O) Task: Find a program P which implements S, i.e., ∀I(S(I, P(I)). Formal and Expressive Specification and Implementation languages.

Church’s Problem

Consider a bit by bit transformation of bit streams: F …It…I3I2I1 …Ot…O3O2O1 Church’s Problem: For a given I-O specification fill the box.

Church’s Problem

Consider a bit by bit transformation of bit streams: F …It…I3I2I1 …Ot…O3O2O1 Church’s Problem: For a given I-O specification fill the box. Given a logical specification of the input-output relation R find a causal mapping (implementation) F : I → F(I) such that (I, F(I)) ∈ R for all I.

Church’s Problem

Consider a bit by bit transformation of bit streams: F …It…I3I2I1 …Ot…O3O2O1 Church’s Problem: For a given I-O specification fill the box. Given a logical specification of the input-output relation R find a causal mapping (implementation) F : I → F(I) such that (I, F(I)) ∈ R for all I. Causal-operator - the output bit Ot at moment t depends

• nly on I1I2 . . . It.

Church’s Problem

Consider a bit by bit transformation of bit streams: F …It…I3I2I1 …Ot…O3O2O1 Church’s Problem: For a given I-O specification fill the box. Given a logical specification of the input-output relation R find a causal mapping (implementation) F : I → F(I) such that (I, F(I)) ∈ R for all I. Causal-operator - the output bit Ot at moment t depends

• nly on I1I2 . . . It.

Synthesis ∼ games; Causal operators ∼ strategies.

Example

F …It…I3I2I1 …Ot…O3O2O1 Consider R defined by If all I(t) = 0 then all O(t) = 0; otherwise all O(t) = 1.

Example

F …It…I3I2I1 …Ot…O3O2O1 Consider R defined by If all I(t) = 0 then all O(t) = 0; otherwise all O(t) = 1. It is impossible to implement this R by a causal operator.

Example

Consider R defined by the conjunction of three conditions on the input-output stream (I, O):

1 ∀t(I(t) = 1 → O(t) = 1) 2 never O(t) = O(t + 1) = 0 3 If infinitely often I(t) = 0 then infinitely often O(t) = 0

Example

Consider R defined by the conjunction of three conditions on the input-output stream (I, O):

1 ∀t(I(t) = 1 → O(t) = 1) 2 never O(t) = O(t + 1) = 0 3 If infinitely often I(t) = 0 then infinitely often O(t) = 0

Common-Sense Solution

1 for input 1 produce

• utput 1

2 for input 0 produce

• utput 1 if last output

was 0

• utput 0 if last output

was 1

Example

Consider R defined by the conjunction of three conditions on the input-output stream (I, O):

1 ∀t(I(t) = 1 → O(t) = 1) 2 never O(t) = O(t + 1) = 0 3 If infinitely often I(t) = 0 then infinitely often O(t) = 0

Common-Sense Solution

1 for input 1 produce

• utput 1

2 for input 0 produce

• utput 1 if last output

was 0

• utput 0 if last output

was 1

Last 0 Last 1 1/1 1/1 0/0 0/1

Can be described by a finite state automaton with output.

B¨ uchi-Landweber Theorem

In the examples the input-output specification R(I, O) can be formalized in the Monadic second-order logic of order (MLO).

B¨ uchi-Landweber Theorem

In the examples the input-output specification R(I, O) can be formalized in the Monadic second-order logic of order (MLO). B¨ uchi-Landweber(69) proved that the Church synthesis problem is computable for MLO specification.

• Theorem. For every MLO formula ψ(X, Y ) it is decidable

whether there is causal operator F which implements ψ, i.e. Nat | = ∀Xψ(X, F(X))

B¨ uchi-Landweber Theorem

In the examples the input-output specification R(I, O) can be formalized in the Monadic second-order logic of order (MLO). B¨ uchi-Landweber(69) proved that the Church synthesis problem is computable for MLO specification.

• Theorem. For every MLO formula ψ(X, Y ) it is decidable

whether there is causal operator F which implements ψ, i.e. Nat | = ∀Xψ(X, F(X)) If such an operator exists then there is a finite state operator which implements ψ. Moreover, this finite state operator is computable from ψ.

Techniques

Rich interplay of

1 Mathematical logic - Monadic Second-Order Logics 2 Automata theory - automata on infinite objects . 3 Games of infinite length.

The language for specifying temporal behavior

MLO (Monadic second-order Logic of Order ) 1st-order variables x,y,z,. . . ranging over elements 2nd-order monadic variables X,Y,Z,. . . ranging over sets of elements Formulas x < y x ∈ X x ∈ Pa φ ∧ φ′ ¬φ ∃xφ ∃Xφ FOMLO No second-order quantifiers ∃Xφ

The language for specifying temporal behavior

MLO (Monadic second-order Logic of Order ) 1st-order variables x,y,z,. . . ranging over elements 2nd-order monadic variables X,Y,Z,. . . ranging over sets of elements Formulas x < y x ∈ X x ∈ Pa φ ∧ φ′ ¬φ ∃xφ ∃Xφ FOMLO No second-order quantifiers ∃Xφ Models - Discrete Linear Time: T = (N, <)

The language for specifying temporal behavior

MLO (Monadic second-order Logic of Order ) 1st-order variables x,y,z,. . . ranging over elements 2nd-order monadic variables X,Y,Z,. . . ranging over sets of elements Formulas x < y x ∈ X x ∈ Pa φ ∧ φ′ ¬φ ∃xφ ∃Xφ FOMLO No second-order quantifiers ∃Xφ Models - Discrete Linear Time: T = (N, <) Other models - Rationals, Reals, Tree order, etc. A monadic predicate P on Nat - an ω-sequence over {0, 1}. A formula ψ(X, Y ) defines a binary relation - on ω-sequences.

The language for specifying temporal behavior

MLO (Monadic second-order Logic of Order ) 1st-order variables x,y,z,. . . ranging over elements 2nd-order monadic variables X,Y,Z,. . . ranging over sets of elements Formulas x < y x ∈ X x ∈ Pa φ ∧ φ′ ¬φ ∃xφ ∃Xφ FOMLO No second-order quantifiers ∃Xφ Models - Discrete Linear Time: T = (N, <) Other models - Rationals, Reals, Tree order, etc. A monadic predicate P on Nat - an ω-sequence over {0, 1}. A formula ψ(X, Y ) defines a binary relation - on ω-sequences. Fundamental connection between MLO and automata theory - B¨ uchii, Trakhtenbrot, Rabin.

Examples - Formalization over (N, <)

1 X is infinite: Inf(X) := ∀t∃t′(t′ > t ∧ X(t′))

Examples - Formalization over (N, <)

1 X is infinite: Inf(X) := ∀t∃t′(t′ > t ∧ X(t′)) 2 t2 is a successor of t1:

ϕ(t1, t2) := t1 < t2 ∧ ¬∃t3(t1 < t3 < t2)

Examples - Formalization over (N, <)

1 X is infinite: Inf(X) := ∀t∃t′(t′ > t ∧ X(t′)) 2 t2 is a successor of t1:

ϕ(t1, t2) := t1 < t2 ∧ ¬∃t3(t1 < t3 < t2)

3 X is the set of even numbers

X(0) ∧ ∀tX(t) ↔ ¬X(t + 1)

Examples - Formalization over (N, <)

1 X is infinite: Inf(X) := ∀t∃t′(t′ > t ∧ X(t′)) 2 t2 is a successor of t1:

ϕ(t1, t2) := t1 < t2 ∧ ¬∃t3(t1 < t3 < t2)

3 X is the set of even numbers

X(0) ∧ ∀tX(t) ↔ ¬X(t + 1)

4 t1 is an even number:

Even(t1) := ∃X(X(t1) ∧ X(0) ∧ ∀tX(t) ↔ ¬X(t + 1))

Examples - Formalization over (N, <)

1 X is infinite: Inf(X) := ∀t∃t′(t′ > t ∧ X(t′)) 2 t2 is a successor of t1:

ϕ(t1, t2) := t1 < t2 ∧ ¬∃t3(t1 < t3 < t2)

3 X is the set of even numbers

X(0) ∧ ∀tX(t) ↔ ¬X(t + 1)

4 t1 is an even number:

Even(t1) := ∃X(X(t1) ∧ X(0) ∧ ∀tX(t) ↔ ¬X(t + 1))

5 After every occurrence of X there is an occurrence of Y

ϕ(X, Y ) := ∀tX(t) → ∃t1(t1 > t ∧ Y (t1))

Examples - Formalization over (N, <)

1 X is infinite: Inf(X) := ∀t∃t′(t′ > t ∧ X(t′)) 2 t2 is a successor of t1:

ϕ(t1, t2) := t1 < t2 ∧ ¬∃t3(t1 < t3 < t2)

3 X is the set of even numbers

X(0) ∧ ∀tX(t) ↔ ¬X(t + 1)

4 t1 is an even number:

Even(t1) := ∃X(X(t1) ∧ X(0) ∧ ∀tX(t) ↔ ¬X(t + 1))

5 After every occurrence of X there is an occurrence of Y

ϕ(X, Y ) := ∀tX(t) → ∃t1(t1 > t ∧ Y (t1)) S1S - Second order theory of One Successor is expressive equivalent to MLO over (N, <).

Examples - Formalization over (N, <)

1 X is infinite: Inf(X) := ∀t∃t′(t′ > t ∧ X(t′)) 2 t2 is a successor of t1:

ϕ(t1, t2) := t1 < t2 ∧ ¬∃t3(t1 < t3 < t2)

3 X is the set of even numbers

X(0) ∧ ∀tX(t) ↔ ¬X(t + 1)

4 t1 is an even number:

Even(t1) := ∃X(X(t1) ∧ X(0) ∧ ∀tX(t) ↔ ¬X(t + 1))

5 After every occurrence of X there is an occurrence of Y

ϕ(X, Y ) := ∀tX(t) → ∃t1(t1 > t ∧ Y (t1)) S1S - Second order theory of One Successor is expressive equivalent to MLO over (N, <). t1 < t2 if every set X that contains t1 and is closed under +1 contains also t2.

Decidability of MLO

Theorem (B¨ uchi, Elgot, Trakhtenbrot) Validity problem is decidable over the class of finite orders. Theorem (B¨ uchi) Validity problem is decidable over the Natural Numbers (N, <). Theorem (B¨ uchi) Validity problem is decidable over the class

• f countable ordinals.

Theorem (Rabin) Validity problem is decidable over the full binary tree.

Decidability of MLO

Theorem (B¨ uchi, Elgot, Trakhtenbrot) Validity problem is decidable over the class of finite orders. Theorem (B¨ uchi) Validity problem is decidable over the Natural Numbers (N, <). Theorem (B¨ uchi) Validity problem is decidable over the class

• f countable ordinals.

Theorem (Rabin) Validity problem is decidable over the full binary tree. Proof Technique: Reduction to finite automata.

Finite state Automata

A nondeterministic automaton is Q, Σ, δ, q0, Acc Q - a set of states Σ - an alphabet δ ⊆ Q × Σ × Q - a transition relation q0 - initial state Acc - an acceptance condition.

Runs over strings

A string a1a2 . . . an - a finite sequence of letters over the alphabet Σ. A run over a1a2 . . . an from a state q0: a sequence q0a1q1a2 . . . anqn such that qi, ai, qi+1 ∈ δ. Acceptance condition: F ⊆ Q. A run is accepted iff its last state is in F. A string is accepted iff there is an accepting run over this string. The language of an automaton is the set of strings it accepts.

Runs over ω-strings

An ω-string a1a2 . . . an . . . A run over a1a2 . . . an . . . from a state q0: a sequence ρ = q0a1q1a2 . . . qiaiqi+1 . . . such that qi, ai, qi+1 ∈ δ. No last state! Infinitely visited states: Inf(ρ) = {q ∈ Q : q appears infinitely often in ρ} Acceptance condition (Muller): Instead of a subset F of Q

• a family F = {F1, F2, . . . Fm} of subsets of Q.

A run ρ is accepted iff Inf(ρ) is one of Fi ∈ F An ω-string is accepted iff there is an accepting run over this string. The ω-language of an automaton is the set of ω-strings it accepts.

Two equivalent specification formalisms

Theorem

1 There is an algorithm which for every ϕ(X, Y ) constructs

an equivalent Muller automaton over the alphabet {0, 1} × {0, 1}.

2 There is an algorithm which for every Muller automaton

• ver the alphabet {0, 1} × {0, 1} constructs an equivalent

formula ϕ(X, Y ).

Two equivalent specification formalisms

Theorem

1 There is an algorithm which for every ϕ(X, Y ) constructs

an equivalent Muller automaton over the alphabet {0, 1} × {0, 1}.

2 There is an algorithm which for every Muller automaton

• ver the alphabet {0, 1} × {0, 1} constructs an equivalent

formula ϕ(X, Y ). The letter (0, 1) corresponds to X(t) = 1 and Y (t) = 0. An ω-string (1, 1)(0, 1)(0, 0)(1, 1)(0, 1)(0, 0)(1, 1)(0, 1)(0, 0) . . . corresponds to the interpretation X = {0, 3, 6, . . . } Y = {0, 1, 3, 4 . . . }.

From automaton to MLO

The translation from automata to Logic is straightforward.

From automaton to MLO

The translation from automata to Logic is straightforward. Let A be an automaton with m states over {0, 1} × {0, 1}

From automaton to MLO

The translation from automata to Logic is straightforward. Let A be an automaton with m states over {0, 1} × {0, 1} Run(Q0, . . . , Qm−1, X, Y ) - formalizes the runs of automata.

From automaton to MLO

The translation from automata to Logic is straightforward. Let A be an automaton with m states over {0, 1} × {0, 1} Run(Q0, . . . , Qm−1, X, Y ) - formalizes the runs of automata. Q0, . . . , Qm−1 is a partition, i.e., every t belongs exactly to

• ne of Q0, . . . , Qm−1 and

From automaton to MLO

The translation from automata to Logic is straightforward. Let A be an automaton with m states over {0, 1} × {0, 1} Run(Q0, . . . , Qm−1, X, Y ) - formalizes the runs of automata. Q0, . . . , Qm−1 is a partition, i.e., every t belongs exactly to

• ne of Q0, . . . , Qm−1 and

for every t if Qi(t) and Qj(t + 1) then this agrees with the transition relation of A.

From automaton to MLO

The translation from automata to Logic is straightforward. Let A be an automaton with m states over {0, 1} × {0, 1} Run(Q0, . . . , Qm−1, X, Y ) - formalizes the runs of automata. Q0, . . . , Qm−1 is a partition, i.e., every t belongs exactly to

• ne of Q0, . . . , Qm−1 and

for every t if Qi(t) and Qj(t + 1) then this agrees with the transition relation of A. An accepting run from q0: Run(Q0, . . . , Qm−1, X, Y ) and 0 ∈ Q0 and the set of states that occur infinitely often in Acc.

From automaton to MLO

The translation from automata to Logic is straightforward. Let A be an automaton with m states over {0, 1} × {0, 1} Run(Q0, . . . , Qm−1, X, Y ) - formalizes the runs of automata. Q0, . . . , Qm−1 is a partition, i.e., every t belongs exactly to

• ne of Q0, . . . , Qm−1 and

for every t if Qi(t) and Qj(t + 1) then this agrees with the transition relation of A. An accepting run from q0: Run(Q0, . . . , Qm−1, X, Y ) and 0 ∈ Q0 and the set of states that occur infinitely often in Acc. The ω-language definable by A: ∃Q0 . . . ∃Qm−1AccRun

Automata Closure Properties

The translation from MLO to automata is based on closure properties.

Automata Closure Properties

The translation from MLO to automata is based on closure properties.

• Theorem. The set of ω-languages accepted by automata are

closed under ∧ (intersection), ∨ (union), ¬ (complementation) and ∃ (projection).

Automata Closure Properties

The translation from MLO to automata is based on closure properties.

• Theorem. The set of ω-languages accepted by automata are

closed under ∧ (intersection), ∨ (union), ¬ (complementation) and ∃ (projection). All these constructions are effective.

Automata Closure Properties

The translation from MLO to automata is based on closure properties.

• Theorem. The set of ω-languages accepted by automata are

closed under ∧ (intersection), ∨ (union), ¬ (complementation) and ∃ (projection). All these constructions are effective. Projection: s = (a1, b1)(a2, b2) . . . over an alphabet Σ1 × Σ2. Proj1(s) is a1a2 . . . over Σ1.

Automata Closure Properties

The translation from MLO to automata is based on closure properties.

• Theorem. The set of ω-languages accepted by automata are

closed under ∧ (intersection), ∨ (union), ¬ (complementation) and ∃ (projection). All these constructions are effective. Projection: s = (a1, b1)(a2, b2) . . . over an alphabet Σ1 × Σ2. Proj1(s) is a1a2 . . . over Σ1. Determinization: Every Muller automaton is equivalent to a deterministic Muller automaton.

Automata Closure Properties

The translation from MLO to automata is based on closure properties.

• Theorem. The set of ω-languages accepted by automata are

closed under ∧ (intersection), ∨ (union), ¬ (complementation) and ∃ (projection). All these constructions are effective. Projection: s = (a1, b1)(a2, b2) . . . over an alphabet Σ1 × Σ2. Proj1(s) is a1a2 . . . over Σ1. Determinization: Every Muller automaton is equivalent to a deterministic Muller automaton.

• Remarks. The constructions for automata over ω-strings are

more subtle than the constructions for automata over strings.

B¨ uchi Acceptance conditions

B¨ uchi automata are defined like Muller automata, but the acceptance condition is given by a set F ⊆ Q.

B¨ uchi Acceptance conditions

B¨ uchi automata are defined like Muller automata, but the acceptance condition is given by a set F ⊆ Q. A run of A is accepted if it visits F infinitely often.

B¨ uchi Acceptance conditions

B¨ uchi automata are defined like Muller automata, but the acceptance condition is given by a set F ⊆ Q. A run of A is accepted if it visits F infinitely often. A run ρ of A is accepted by a B¨ uchi condition F iff it is accepted by Muller condition F = {Fi ⊆ Q : Fi ∩ F is not empty }.

B¨ uchi Acceptance conditions

B¨ uchi automata are defined like Muller automata, but the acceptance condition is given by a set F ⊆ Q. A run of A is accepted if it visits F infinitely often. A run ρ of A is accepted by a B¨ uchi condition F iff it is accepted by Muller condition F = {Fi ⊆ Q : Fi ∩ F is not empty }. A translation from Muller automata to (non-deterministic) B¨ uchi automata is more subtle and requires to enlarge the set of states and change the transition relation of automaton.

B¨ uchi Acceptance conditions

B¨ uchi automata are defined like Muller automata, but the acceptance condition is given by a set F ⊆ Q. A run of A is accepted if it visits F infinitely often. A run ρ of A is accepted by a B¨ uchi condition F iff it is accepted by Muller condition F = {Fi ⊆ Q : Fi ∩ F is not empty }. A translation from Muller automata to (non-deterministic) B¨ uchi automata is more subtle and requires to enlarge the set of states and change the transition relation of automaton. Unlike Muller automata, B¨ uchi automata are not closed under determinization.

Succinctness Gap

MLO is expressive equivalent to automata.

Succinctness Gap

MLO is expressive equivalent to automata. The translation from automata to MLO is linear.

Succinctness Gap

MLO is expressive equivalent to automata. The translation from automata to MLO is linear. The translation from MLO to automata is non-elementary, i.e. is not bounded by a fixed tower of 2. Tower(1, x) = 2x; Tower(i + 1, x) = 2Tower(i,x). A function F is elementary if there is i such that F(x) < C + Tower(i, x).