Dynamic logics INF5140 Specification and Verification of Parallel - - PowerPoint PPT Presentation

Dynamic logics

INF5140 – Specification and Verification of Parallel Systems

Dynamic logics, lecture 3 Spring 2015 February 24, 2015

2 / 21

Introduction

Problem

FOL is very (at leat relative) expressive but undecidable. Good for mathematics but not good for computers. !! FOL can talk about the state of the system. But how to talk about change of state in a natural way? modal logic: gives us the power to talk about changing of

• state. Modal logics is natural when one is interested in

systems that are essentially modeled as states and transitions between states.a !! We want to talk about programs, states of programs, and change of the state of the computer via executing programming instructions, like assignments.

aModal L can be seen as FOL with one free variable, but we loose the

beauty of ML.

3 / 21

Outline

• 1. Multi-modal logic
• 2. Dynamic logic

4 / 21

Multi-modal Logic

Consider a model (Kripke structure) (W , Ra, Rb) where Ra and Rb are two relations over W . Multi-modal logic has one modality for each relation: φ ::= p | ⊥ | φ → φ | ♦aφ | ♦bφ (1) where p is from a set of propositional constants (i.e., functional symbols of arity 0) and the other operators are derived as usual: φ ::= φ ∨ φ | φ ∧ φ | ¬φ | aφ | bφ (2) Semantics is natural: M, w | = ♦aφ iff ∃w′ : wRaw′ and M, w′ | = φ (3) The other modality ♦b: analogously for relation Rb

5 / 21

Remarks about Multi-modal logics

As seen: multi-model logic is an obvious generalization of the modal logic from before

• 1. The two relations can overlap; i.e., their intersection need not

be empty

• 2. of course: There may be more than two relations, for each

relation one modality.

• 3. There may be infinitely many relations and infinitely many

modalities.1

1One has to be careful then, though. 6 / 21

Dynamic logics

different variants special case of multi-model logics variants of Hoare-logics here PDL on regular programs

7 / 21

Regular programs

Dynamic logic is a multi-modal logic to talk about programs. Dynamic logic (here) talks about regular programs. Regular programs are formed syntactically from: atomic programs Π0 = {a, b, ...}, which are indivisible, single-step, basic programming constructs sequential composition α · β, which means that program α is executed/done first and then β. nondeterministic choice α + β, which nondeterministically chooses one of α and β and executes it. iteration α∗, which executes α some nondeterministically chosen finite number of times. the special skip and fail programs (denoted 1 resp. 0)

8 / 21

Tests

Programs are denoted α, β ∈ Π and are build according to the grammar:

Definition (Syntax)

α ::= a ∈ Π0 | 1 | 0 | α · α | α + α | α∗ | φ? (4) Where we added tests φ?. Tests can be seen as special atomic programs which may have logical structure, but their execution terminates in the same state iff the test succeeds (is true), otherwise fails if the test is deemed false in the current state. The logical structure of tests can be: simple Boolean tests: φ ::= ⊤ |⊥| φ → φ | φ ∨ φ | φ ∧ φ

• r complex tests: ϕ? where ϕ is a logical formula in Dynamic

Logic

9 / 21

Propositional Dynamic Logic: Syntax

Dynamic Logic formulas are build from two sets of symbols that are interdefined in a particular way:

• 1. Programs, which we denote α... ∈ Π
• 2. Formulas, which we denote ϕ... ∈ Φ

α ::= a ∈ Π0 | 1 | 0 | α · α | α + α | α∗ | ϕ? (5) ϕ ::= p, q ∈ Φ0 | ⊤ |⊥| ϕ → ϕ | [α]ϕ (6) where Φ0 is a set of propositional constants. What we defined now is called Propositional Dynamic Logic (PDL) because it is based on propositional logic only (i.e., the propositional constants).

10 / 21

PDL: remarks

Each program α: interpreted as a relation Rα ⇒ multi-modal logic. [α]ϕ defines many modalities, one modality for each program, each interpreted over the relation defined by the program α. The relations of the basic programs are just given. Operations on/composition of programs are interpreted as

• perations on relations.

∞ many complex programs ⇒ ∞ many relations/modalities But we think of a single modality [..]ϕ with programs inside. [..]ϕ is the universal one, with ..ϕ defined as usual.

Intiutive meaning/semantics of [α]ϕ

“If program α is started in the current state, then however (if at all) it terminates, in the final state, ϕ holds.”

11 / 21

Exercises

Programs

Define the following programming constructs in PDL:

skip

• 1 ↔ ⊤?

fail

• 0 ↔⊥?

if ϕ then α else β

• (ϕ? · α) + (¬ϕ? · β)

if ϕ then α

• (ϕ? · α) + (¬ϕ? · skip)

case ϕ1 then α1; . . .

• (ϕ1? · α1) + · · · + (ϕn? · αn)

case ϕn then αn while ϕ do α

• (ϕ? · α)∗ · ¬ϕ?

repeat α until ϕ

• α · (¬ϕ? · α)∗ · ϕ?

(General while loop) while ϕ1 then α1 | · · · | ϕn then αn od

• (ϕ1? · α1 + · · · + ϕn? · αn)∗·

·(¬ϕ1 ∧ · · · ∧ ϕn)?

12 / 21

Semantics: Regular Kripke structures

Definition (Labeled Kripke structures)

A labeled Kripke structure is a (W , R, Σ) where

R =

l∈Σ Rl is union of many relations indexed by the labels

• f Σ.

The labels of Σ can be thought as programs. A Regular Kripke structure is a Kripke str. labeled in a special way:

∀a ∈ Π0 basic programs choose some relation Ra; The other compound programs are interpreted as relations: for 1 take the identity relation R1 = I; for 0 take the empty relation R0 = ∅; α = α1 · α2 then Rα = Rα1 ◦ Rα2 (relation composition) α = α1 + α2 then Rα = Rα1 ∪ Rα2 (union of relations) α = α∗

1 then Rα = n≥0 Rn α1 where:

(refl-trans. closure) R0

α1 I

Rn+1

α1

Rα1 ◦ Rn

α1

13 / 21

Kripke models and interpreting PDL formulas

Now: adding valutions ⇒ Kripke model

Definition (Semantics)

A PDL formula ϕ is true in the world w of a regular Kripke model M, i.e., we have attached a valuation V also, written M, w | = ϕ, if: M, w | = pi iff pi ∈ V (w) for all propositional constants M, w | =⊥ and M, w | = ⊤ M, w | = ϕ1 → ϕ2 iff whenever M, w | = ϕ1 then also M, w | = ϕ2 M, w | = [α]ϕ iff M, w′ | = ϕ for all w′ such that wRαw′ M, w | = αϕ iff M, w′ | = ϕ for some w′ such that wRαw′

14 / 21

Test programs

Intuition: tests interpreted as subsets of the identity relation. Rϕ? = {(w, w) | w | = ϕ} ⊆ I (7) More precisely: for ⊤? the relation becomes R⊤? = I (testing ⊤ succeeds everywhere and is as the skip program) for ⊥? the relation becomes R⊥? = ∅ (⊥ is nowhere true and is as the fail program) R(ϕ1∧ϕ2)? = {(w, w) | w | = ϕ1 and w | = ϕ2} Testing a complex formula involving [α]ϕ is like looking in the future at the program and what it can do and then deciding on the action to take...

15 / 21

Exercises: Play with binary relations

Facts:

Composition of relations distributes over union of relations. R ◦ (

i Qi) = i(R ◦ Qi)

(

i Qi) ◦ R = i(Qi ◦ R)

R∗ I ∪ R ∪ R ◦ R ∪ · · · ∪ Rn ∪ . . .

n≥0 Rn

Show the following:

• 1. Rn ◦ Rm = Rn+m for n, m ≥ 0
• 2. R ◦ R∗ = R∗ ◦ R
• 3. R ◦ (Q ◦ R)∗ = (R ◦ Q)∗ ◦ R
• 4. (R ∪ Q)∗ = (R∗ ◦ Q)∗ ◦ Q∗
• 5. R∗ = I ∪ R ◦ R∗

16 / 21

Exercises

Play with programs in DL

Facts:

In DL we say that two programs α and β are equivalent iff they represent the same binary relation Rα = R = Rβ. Show:

• 1. Two programs α and β are equivalent iff for some arbitrary

propositional constant p the formula αp ↔ βp.

• 2. The two programs below are equivalent:

while φ1 do α; while φ2 do β if φ1 then α; while φ1 ∨ φ2 do if φ2 then β else α Hint: encode them in PDL and use (1) or work only with relations

17 / 21

Exercises

Play with programs in DL

Use a semantic argument to show that the following formula is valid: p ∧ [a∗]((p → [a]¬p) ∧ (¬p → [a]p)) ↔ [(a · a)∗]p ∧ [a · (a · a)∗]¬p What does the formula say (considering a as some atomic programming instruction)?

18 / 21

Axiomatic System of PDL

Take all tautologies of propositional logic (i.e., the axiom system of PL from Lecture 2) and add Axioms: [α](φ1 → φ2) → ([α]φ1 → [α]φ2) (1) [α](φ1 ∧ φ2) ↔ [α]φ1 ∧ [α]φ2 (2) [α + β]φ ↔ [α]φ ∧ [β]φ (3) [α · β]φ ↔ [α][β]φ (4) [φ?]ψ ↔ φ → ψ (5) φ ∧ [α][α∗]φ ↔ [α∗]φ (6) φ ∧ [α∗](φ → [α]φ) → [α∗]φ (IND) Rules: take the (MP) modus ponens and (G) generalization of Modal Logic.

19 / 21

Further reading

On Dynamic Logic, a book nicely written, with examples and easy presentation: David Harel, Dexter Kozen, and Jerzy Tiuryn: [Harel et al., 2000] – Chap. 3 for beginners, a general introduction to logic concepts – This lecture is based on Chap. 5 (which has some connections with Chap. 4 and is strongly based on mathematical notions which can be reviewed in Chap. 1)

20 / 21

References I

[Harel et al., 2000] Harel, D., Kozen, D., and Tiuryn, J. (2000). Dynamic Logic. Foundations of Computing. MIT Press. 21 / 21