Dynamic logics INF5140 Specification and Verification of Parallel - PowerPoint PPT Presentation

Dynamic logics

INF5140 – Specification and Verification of Parallel Systems Dynamic logics, lecture 3 Spring 2015 February 24, 2015 2 / 21

Introduction Problem FOL is very (at leat relative) expressive but undecidable. Good for mathematics but not good for computers. !! FOL can talk about the state of the system. But how to talk about change of state in a natural way? modal logic: gives us the power to talk about changing of state . Modal logics is natural when one is interested in systems that are essentially modeled as states and transitions between states. a !! We want to talk about programs, states of programs, and change of the state of the computer via executing programming instructions, like assignments. a Modal L can be seen as FOL with one free variable, but we loose the beauty of ML. 3 / 21

Outline 1. Multi-modal logic 2. Dynamic logic 4 / 21

Multi-modal Logic Consider a model (Kripke structure) ( W , R a , R b ) where R a and R b are two relations over W . Multi-modal logic has one modality for each relation: φ ::= p | ⊥ | φ → φ | ♦ a φ | ♦ b φ (1) where p is from a set of propositional constants (i.e., functional symbols of arity 0) and the other operators are derived as usual: φ ::= φ ∨ φ | φ ∧ φ | ¬ φ | � a φ | � b φ (2) Semantics is natural: = ♦ a φ iff ∃ w ′ : wR a w ′ and M , w ′ | M , w | = φ (3) The other modality ♦ b : analogously for relation R b 5 / 21

Remarks about Multi- modal logics As seen: multi- model logic is an obvious generalization of the modal logic from before 1. The two relations can overlap; i.e., their intersection need not be empty 2. of course: There may be more than two relations, for each relation one modality. 3. There may be infinitely many relations and infinitely many modalities. 1 1 One has to be careful then, though. 6 / 21

Dynamic logics different variants special case of multi-model logics variants of Hoare-logics here PDL on regular programs 7 / 21

Regular programs Dynamic logic is a multi-modal logic to talk about programs. Dynamic logic (here) talks about regular programs. Regular programs are formed syntactically from: atomic programs Π 0 = { a , b , ... } , which are indivisible, single-step, basic programming constructs sequential composition α · β , which means that program α is executed/done first and then β . nondeterministic choice α + β , which nondeterministically chooses one of α and β and executes it. iteration α ∗ , which executes α some nondeterministically chosen finite number of times. the special skip and fail programs (denoted 1 resp. 0 ) 8 / 21

Tests Programs are denoted α, β ∈ Π and are build according to the grammar: Definition (Syntax) α ::= a ∈ Π 0 | 1 | 0 | α · α | α + α | α ∗ | φ ? (4) Where we added tests φ ? . Tests can be seen as special atomic programs which may have logical structure, but their execution terminates in the same state iff the test succeeds (is true), otherwise fails if the test is deemed false in the current state. The logical structure of tests can be: simple Boolean tests: φ ::= ⊤ |⊥| φ → φ | φ ∨ φ | φ ∧ φ or complex tests: ϕ ? where ϕ is a logical formula in Dynamic Logic 9 / 21

Propositional Dynamic Logic: Syntax Dynamic Logic formulas are build from two sets of symbols that are interdefined in a particular way: 1. Programs, which we denote α... ∈ Π 2. Formulas, which we denote ϕ... ∈ Φ α ::= a ∈ Π 0 | 1 | 0 | α · α | α + α | α ∗ | ϕ ? (5) ϕ ::= p , q ∈ Φ 0 | ⊤ |⊥| ϕ → ϕ | [ α ] ϕ (6) where Φ 0 is a set of propositional constants. What we defined now is called Propositional Dynamic Logic (PDL) because it is based on propositional logic only (i.e., the propositional constants). 10 / 21

PDL: remarks Each program α : interpreted as a relation R α ⇒ multi-modal logic. [ α ] ϕ defines many modalities, one modality for each program, each interpreted over the relation defined by the program α . The relations of the basic programs are just given. Operations on/composition of programs are interpreted as operations on relations. ∞ many complex programs ⇒ ∞ many relations/modalities But we think of a single modality [ .. ] ϕ with programs inside. [ .. ] ϕ is the universal one, with � .. � ϕ defined as usual. Intiutive meaning/semantics of [ α ] ϕ “If program α is started in the current state, then however (if at all) it terminates, in the final state, ϕ holds.” 11 / 21

Exercises Programs Define the following programming constructs in PDL: � 1 ↔ ⊤ ? skip � fail 0 ↔⊥ ? � if ϕ then α else β ( ϕ ? · α ) + ( ¬ ϕ ? · β ) � ( ϕ ? · α ) + ( ¬ ϕ ? · skip ) if ϕ then α � case ϕ 1 then α 1 ; . . . ( ϕ 1 ? · α 1 ) + · · · + ( ϕ n ? · α n ) case ϕ n then α n ( ϕ ? · α ) ∗ · ¬ ϕ ? � while ϕ do α α · ( ¬ ϕ ? · α ) ∗ · ϕ ? � repeat α until ϕ (General while loop) � ( ϕ 1 ? · α 1 + · · · + ϕ n ? · α n ) ∗ · while ϕ 1 then α 1 | · · · | ϕ n then α n od · ( ¬ ϕ 1 ∧ · · · ∧ ϕ n )? 12 / 21

Semantics: Regular Kripke structures Definition (Labeled Kripke structures) A labeled Kripke structure is a ( W , R , Σ) where R = � l ∈ Σ R l is union of many relations indexed by the labels of Σ . The labels of Σ can be thought as programs. A Regular Kripke structure is a Kripke str. labeled in a special way: ∀ a ∈ Π 0 basic programs choose some relation R a ; The other compound programs are interpreted as relations: for 1 take the identity relation R 1 = I ; for 0 take the empty relation R 0 = ∅ ; α = α 1 · α 2 then R α = R α 1 ◦ R α 2 (relation composition) α = α 1 + α 2 then R α = R α 1 ∪ R α 2 (union of relations) α = α ∗ n ≥ 0 R n 1 then R α = � α 1 where: (refl-trans. closure) R 0 α 1 � I R n + 1 � R α 1 ◦ R n α 1 α 1 13 / 21

Kripke models and interpreting PDL formulas Now: adding valutions ⇒ Kripke model Definition (Semantics) A PDL formula ϕ is true in the world w of a regular Kripke model M , i.e., we have attached a valuation V also, written M , w | = ϕ , if: M , w | = p i iff p i ∈ V ( w ) for all propositional constants M , w �| = ⊥ M , w | = ⊤ and M , w | = ϕ 1 → ϕ 2 iff whenever M , w | = ϕ 1 then also M , w | = ϕ 2 M , w ′ | = ϕ for all w ′ such that wR α w ′ M , w | = [ α ] ϕ iff M , w ′ | = ϕ for some w ′ such that wR α w ′ M , w | = � α � ϕ iff 14 / 21

Test programs Intuition: tests interpreted as subsets of the identity relation. R ϕ ? = { ( w , w ) | w | = ϕ } ⊆ I (7) More precisely: for ⊤ ? the relation becomes R ⊤ ? = I (testing ⊤ succeeds everywhere and is as the skip program) for ⊥ ? the relation becomes R ⊥ ? = ∅ ( ⊥ is nowhere true and is as the fail program) R ( ϕ 1 ∧ ϕ 2 )? = { ( w , w ) | w | = ϕ 1 and w | = ϕ 2 } Testing a complex formula involving [ α ] ϕ is like looking in the future at the program and what it can do and then deciding on the action to take... 15 / 21

Exercises: Play with binary relations Facts: Composition of relations distributes over union of relations. R ◦ ( � i Q i ) = � i ( R ◦ Q i ) ( � i Q i ) ◦ R = � i ( Q i ◦ R ) R ∗ � I ∪ R ∪ R ◦ R ∪ · · · ∪ R n ∪ . . . � � n ≥ 0 R n Show the following: 1. R n ◦ R m = R n + m for n , m ≥ 0 2. R ◦ R ∗ = R ∗ ◦ R 3. R ◦ ( Q ◦ R ) ∗ = ( R ◦ Q ) ∗ ◦ R 4. ( R ∪ Q ) ∗ = ( R ∗ ◦ Q ) ∗ ◦ Q ∗ 5. R ∗ = I ∪ R ◦ R ∗ 16 / 21

Exercises Play with programs in DL Facts: In DL we say that two programs α and β are equivalent iff they represent the same binary relation R α = R = R β . Show: 1. Two programs α and β are equivalent iff for some arbitrary propositional constant p the formula � α � p ↔ � β � p . 2. The two programs below are equivalent: while φ 1 do if φ 1 then α ; α ; while φ 2 do β while φ 1 ∨ φ 2 do if φ 2 then β else α Hint: encode them in PDL and use (1) or work only with relations 17 / 21

Exercises Play with programs in DL Use a semantic argument to show that the following formula is valid: p ∧ [ a ∗ ](( p → [ a ] ¬ p ) ∧ ( ¬ p → [ a ] p )) ↔ [( a · a ) ∗ ] p ∧ [ a · ( a · a ) ∗ ] ¬ p What does the formula say (considering a as some atomic programming instruction)? 18 / 21

Axiomatic System of PDL Take all tautologies of propositional logic (i.e., the axiom system of PL from Lecture 2) and add Axioms: [ α ]( φ 1 → φ 2 ) → ([ α ] φ 1 → [ α ] φ 2 ) (1) [ α ]( φ 1 ∧ φ 2 ) ↔ [ α ] φ 1 ∧ [ α ] φ 2 (2) [ α + β ] φ ↔ [ α ] φ ∧ [ β ] φ (3) [ α · β ] φ ↔ [ α ][ β ] φ (4) [ φ ?] ψ ↔ φ → ψ (5) φ ∧ [ α ][ α ∗ ] φ ↔ [ α ∗ ] φ (6) φ ∧ [ α ∗ ]( φ → [ α ] φ ) → [ α ∗ ] φ (IND) Rules: take the (MP) modus ponens and (G) generalization of Modal Logic. 19 / 21

Further reading On Dynamic Logic, a book nicely written, with examples and easy presentation: David Harel, Dexter Kozen, and Jerzy Tiuryn: [Harel et al., 2000] – Chap. 3 for beginners, a general introduction to logic concepts – This lecture is based on Chap. 5 (which has some connections with Chap. 4 and is strongly based on mathematical notions which can be reviewed in Chap. 1) 20 / 21

References I [Harel et al., 2000] Harel, D., Kozen, D., and Tiuryn, J. (2000). Dynamic Logic . Foundations of Computing. MIT Press. 21 / 21