dTL 2 : Differential Temporal Dynamic Logic with Nested Modalities - - PowerPoint PPT Presentation

1

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems

• Jean-Baptiste Jeannin and André Platzer


Carnegie Mellon University

• IJCAR, July 21st, 2014

2

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Hybrid Systems

¢ Continuous Evolutions


(differential equations,
 e.g. flight dynamics)

¢ Discrete Jumps


(control decisions,
 e.g. pilot actions)

3

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Differential Dynamic Logic

x t φ φ

¢ used to reason about (nondeterministic) hybrid systems ¢ comes with a (relatively) complete axiomatization ¢ proves properties about the end state of the execution

[α]φ

No guarantee on intermediate states … No guarantee on infinite executions hybrid system all behaviors of satisfy at the end

α φ

4

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Differential Temporal Dynamic Logic

x t φ φ

¢ What about property


“these airplanes never collide”?

¢ We need some temporal reasoning

Guarantees on intermediate states … Guarantees on infinite executions

[α]⇤φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ

5

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Nested Alternating Modalities

x t φ

¢ What about property “this satellite can


reach its orbit and then stay there”?

¢ We need nested alternating modalities ¢ A step towards dTL*, handling

temporal formulas of CTL* …

φ φ φ φ φ hαi⌃⇤φ

6

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Temporal Properties of Hybrid Systems

State Property

¢ ¢ for all traces of ¢ there is a trace of

Trace property

¢ ¢ for all suffix of ¢ there is a suffix of

φ, ψ ≤, ¬, ∧, ∨, ∀, ∃ [α]π hαiπ α α π φ ⇤π σ σ ♦π x t x t x t x t [α]⇤φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ

… … … …

φ φ φφ hαi⌃⇤φ [α]⇤⌃φ φ φ φ φ [α]♦φ φ φ

7

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Hybrid Programs

They model systems and are non deterministic. They are:

¢ Discrete variable assignment ¢ Test ¢ Differential Equation ¢ Nondeterministic choice ¢ Sequential composition ¢ Nondeterministic repetition

x := θ ?χ x0 = θ & χ α ∪ β α; β α∗

8

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Trace Semantics of Hybrid Programs

A trace represents the evolution of the variable over time, consisting of continuous evolutions and discrete jumps The trace semantics of a hybrid program is a set of traces

x t σ

9

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Trace Semantics of Hybrid Programs

Variable assignment

x t x := θ x1 x2 val(x1, θ) val(x2, θ)

10

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Trace Semantics of Hybrid Programs

Test

x t ?χ x1 χ x2

no state change error

11

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Trace Semantics of Hybrid Programs

Differential equation

• x

t x1 χ x0 = θ & χ x2 x3

can continue forever

12

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Trace Semantics of Hybrid Programs

x t

Nondeterministic choiceα ∪ β

in α in β

13

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Trace Semantics of Hybrid Programs

x t

Sequential composition α; β

in α in β

The intermediate state has to match

in α

…

14

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Trace Semantics of Hybrid Programs

x t

Nondeterministic repetition

in α α∗ in α in α

15

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Simplification of Trace Formulas

x t φ φ φ ⇤⇤π ≡ ⇤π ♦♦π ≡ ♦π ⌃⇤⌃φ ≡ ⇤⌃φ ⇤⌃⇤φ ≡ ⌃⇤φ ⌃⌃⌃⇤⌃⇤⇤φ ≡ ⌃⇤⌃⇤φ ≡ ⌃⌃⇤φ ≡ ⌃⇤φ x t φ ⇤⇤π ≡ ⇤π ⇤⌃⇤φ ≡ ⌃⇤φ π π π π π π π π π π π π

16

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Simplification of Trace Formulas

The only interesting temporal properties thus are

• and this corresponds to modal system S4.2
• We focus on the study of and particularly onhαi⇤φ

⇤φ ⇤φ ⌃φ ⌃⇤φ ⇤⌃φ ⇤⇤π ≡ ⇤π ♦♦π ≡ ♦π ⌃⇤⌃φ ≡ ⇤⌃φ ⇤⌃⇤φ ≡ ⌃⇤φ ⌃⌃⌃⇤⌃⇤⇤φ ≡ ⌃⇤⌃⇤φ ≡ ⌃⌃⇤φ ≡ ⌃⇤φ

17

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

A Technical Issue: the Composition

x t

counterexample

⇤φ ⇤φ in α in β in β hαi⇤φ ^ hαihβi⇤φ hα; βi⇤φ hαi(⇤φ ^ hβi⇤φ)

(unsound) (OK if the trace of terminates)

α x t in α

infinite trace in , thus in

α α; β hα; βi⇤φ hαi⇤φ

(if the trace of does not terminate)

α ⇤φ

18

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Solution: Introducing

x t ⇤φ ⇤φ

in α

in α in β in β

φ u ⇤ψ

hαi(hβi⇤φ u ⇤φ) hα; βi⇤φ h;i⇤

if and only if

¢ and

• if terminates

¢

• therwise (infinite or error)

and

σ ✏ φ u ⇤ψ σ ✏ ⇤ψ σ ⇤φ ⌘ true u ⇤φ last σ ✏ φ σ ✏ ⇤ψ in α ⇤φ

…

19

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Solution: Introducing

t

in α

in β in β

φ u ⇤ψ

hαi(hβi⇤φ u ⇤φ) hα; βi⇤φ h;i⇤ hαi(hβi(φ u ⇤ψ) u ⇤ψ) hα; βi(φ u ⇤ψ) h;iu φ ⇤ψ ⇤ψ

if and only if

¢ and

• if terminates

¢

• therwise (infinite or error)

and

σ ✏ φ u ⇤ψ σ ✏ ⇤ψ σ ⇤φ ⌘ true u ⇤φ last σ ✏ φ σ ✏ ⇤ψ x in α in α ⇤ψ

…

20

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

New Rules for

ψ ^ hx := θi(φ ^ ψ) hx := θi(φ u ⇤ψ) h:=iu x t ψ φ ∧ ψ

φ u ⇤ψ

21

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

New Rules for

x t

φ u ⇤ψ

χ ψ ψ ψ ψ ψ ψ φ (¬χ ^ ψ) _ hx0 = θ & (χ ^ ψ)iφ _ [x0 = θ](χ ^ ψ) hx0 = θ & χi(φ u ⇤ψ) ψ ψ ψ ψ

…

22

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

New Rules for

φ u ⇤ψ

8α8r > 0 (ϕ(r) ! hαi(ϕ(r 1) u ⇤ψ)) (9r ϕ(r)) ^ ψ ! hα∗i((9r  0 ϕ(r)) u ⇤ψ) x t in α in α in α in α ⇤ψ ⇤ψ ⇤ψ ⇤ψ ϕ(2) ϕ(1) ϕ(0) ϕ(−1) ϕ(−2)

23

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Remember: if and only if

¢ and

• if terminates

¢

• therwise (infinite or error)
• if and only if

¢ or

• if terminates

¢

• therwise (infinite or error)

if and only if

¢

• if terminates

¢

• therwise (infinite or error)

is defined similarly

Similarly , ,

σ ✏ φ u ⇤ψ σ ✏ ⇤ψ σ

φ t ♦ψ φ ⇣ ⇤⌃ψ φ ⇣ ⌃⇤ψ

last σ ✏ φ σ ✏ ⇤ψ last σ ✏ φ σ ✏ ⌃ψ σ σ ✏ ⌃ψ σ ✏ φ t ⌃ψ last σ ✏ φ σ σ ✏ ⇤⌃ψ σ ✏ φ ⇣ ⇤⌃ψ σ ✏ φ ⇣ ⌃⇤ψ

24

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Meta-Results

The dTL2 calculus is sound, i.e., derivable state formulas are valid The dTL2 calculus restricted to star-free programs is complete relative to FOD, i.e., every valid dTL2 formula with only star-free programs can be derived from FOD tautology FOD = first order real arithmetic augmented with formulas expressing properties of differential equations Theorem Theorem

25

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Related work

¢ [Beckert and Schlager 2001, Platzer 2007]

§ the basis for this work § only formulas of the form and

¢ Process logic [Parikh 1978, Pratt 1979, Harel et al. 1982]

§ well-studied but limited to the discrete case § different approach: is a trace formula rather

than a state formula


• ¢ [Davoren and Nerode 2000, Davoren et al. 2004]

§ calculi for temporal reasoning of hybrid systems § propositional only § but no specific rule for differential equations

[α]⇤φ hαi♦φ [α]♦φ

26

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Conclusion and Future Work

¢ We have extended Differential Temporal Dynamic

Logic to handle formulas of the form
 
 
 solving open problems posed in
 [Beckert and Schleger 2001] and [Platzer 2007]

¢ We prove soundness and relative completeness for

star-free expressions Future work:

¢ Extensions: Until operator, nested and ¢ This is a step towards dTL*, handling formulas of CTL*

• [α]⌃φ

hαi⇤φ [α]⇤⌃φ hαi⇤⌃φ ∧ ♦

27

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

New Rules for

x t

φ u ⇤ψ

(¬χ _ φ) ^ ψ h?χi(φ u ⇤ψ) h?iu χ ψ φ ∧ ψ

28

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

New Rules for

x t

φ u ⇤ψ

hαi(φ u ⇤ψ) _ hβi(φ u ⇤ψ) hα [ βi(φ u ⇤ψ) h[iu in α in β φ u ⇤ψ

29

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Differential (Temporal) Dynamic Logic

¢ is based on dynamic logic augmented with continuous

evolutions, and has been used to verify trains, highways and airplanes. It can express properties
 


• ¢ has been extended with differential temporal dynamic

logic, expressing properties
 


• ¢ but we would like to be able to express more powerful

properties, for example

[α]φ hαiφ [α]⇤φ hαi♦φ [α]⌃φ hαi⇤φ [α]⇤⌃φ hαi⇤⌃φ

30

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Temporal Properties of Hybrid Programs

x t

State Property

¢ ¢ for all traces of ¢ there is a trace of

Trace property

¢ ¢ for all suffix of ¢ there is a suffix of

φ, ψ ≤, ¬, ∧, ∨, ∀, ∃ [α]π hαiπ α α π φ ⇤π σ σ ♦π [α]⇤φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ φ

31

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Temporal Properties of Hybrid Programs

x t

State Property

¢ ¢ for all traces of ¢ there is a trace of

Trace property

¢ ¢ for all suffix of ¢ there is a suffix of

φ, ψ ≤, ¬, ∧, ∨, ∀, ∃ [α]π hαiπ α α π φ ⇤π σ σ ♦π φ φ [α]♦φ

32

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Temporal Properties of Hybrid Programs

x t

State Property

¢ ¢ for all traces of ¢ there is a trace of

Trace property

¢ ¢ for all suffix of ¢ there is a suffix of

φ, ψ ≤, ¬, ∧, ∨, ∀, ∃ [α]π hαiπ α α π φ ⇤π σ σ ♦π hαi⌃⇤φ φ φ φ

33

• dTL2: Differential Temporal Dynamic Logic with Nested Modalities for Hybrid Systems
• Jeannin & Platzer

Temporal Properties of Hybrid Programs

x t

State Property

¢ ¢ for all traces of ¢ there is a trace of

Trace property

¢ ¢ for all suffix of ¢ there is a suffix of

φ, ψ ≤, ¬, ∧, ∨, ∀, ∃ [α]π hαiπ α α π φ ⇤π σ σ ♦π hαi(⌃⇤φ ^ ⇤ψ)

Not expressible