Lecture Slides for MAT-60556 PART V: Temporal logic, with - - PowerPoint PPT Presentation

lecture slides for mat 60556 part v temporal logic with
SMART_READER_LITE
LIVE PREVIEW

Lecture Slides for MAT-60556 PART V: Temporal logic, with - - PowerPoint PPT Presentation

May 15, 2023 95 likes •376 views

Lecture Slides for MAT-60556 PART V: Temporal logic, with applications to program verification (and other sciences!) Henri Hansen October 10, 2013 1 Modal logics We have seen first order logic as an extension of propositional logic, to

slide-1
SLIDE 1

Lecture Slides for MAT-60556 PART V: Temporal logic, with applications to program verification (and other sciences!)

Henri Hansen October 10, 2013

1

slide-2
SLIDE 2

Modal logics

  • We have seen first order logic as an extension of

propositional logic, to make it more expressive

  • However, Herbrand theorem essentiall says that FOL

is reducible to propositional logic, albeit in an infi- nite manner

  • Another way to increase expressiveness is through

modalities, i.e., operators that need richer models than merely valuations of propositions

2

slide-3
SLIDE 3

Temporal Logic

  • Temporal logic is a modal logic intended as a formal

system for reasoning about “time”.

  • More accurately, the reasoning is about sequences
  • f events or propositions, not real-time
  • We focus here on propositional temporal logic
  • We can think of temporal logics talking about things

that can be expressed in propositional logic, but where propositions change their truth values over time

3

slide-4
SLIDE 4

Temporal Logic (contd.)

  • Consider the following statements:

– After the administration of sodium cyanide, cel- lular respiration halts – The output line maintains its value until the set-line is asserted. Afterwards they are com- plemented – The operating system never deadlocks

  • we use temporal modalities to express temporal ar-

rangements such as those mentioned above

4

slide-5
SLIDE 5

Syntax and Semantics (part I)

  • Propositional temporal logic (PTL) is defined with

the syntax of propositional logic, with the addition

  • f the following two operators

– , which means “always” – ⋄, which means “eventually”

  • p is true if p holds now and will never become

false, and ⋄p is true if p is true at any point in time in the future

5

slide-6
SLIDE 6

Interpretation of PTL formulas

  • Interpretations of PTL formulas could be given over

many different structures, but we restrict here to state-transition diagrams

  • An Interpretation for a formula A is a pair, (I, ρ)

where I = {s1, . . . , sn} is a set of states, each of which is an assignment to truth values of the propo- sitions in A, i.e., si : P → {T, F} and ρ is a binary relation ρ ⊆ S × S

  • we define ρ(s) = {s′ | (s, s′) ∈ ρ}

6

slide-7
SLIDE 7

Interpretation of PTL formulas (contd.)

  • Given an interpretation (I, ρ) and a state s, the

truth value of a PTL formula A in a state s is de- fined as follows – If A is p ∈ P, then ν(A, s) = s(p) – If A is ¬A′ then ν(A, s) = T iff ν(A′, s) = F (etc, just like in propositional logic) – If A is A′, then ν(A, s) = T iff ν(A′, s′) = T for all s′ ∈ ρ(s) – If A is ⋄A′, then ν(A, s) = T iff ν(A′, s′) = T for some s′ ∈ ρ(s)

7

slide-8
SLIDE 8

Satisfiability and validity

  • A PTL formula A is satisfiable iff there is an inter-

pretation (I, ρ) such that for some state s, s | = A.

  • The formula is valid iff it is true in all states of all

interpretations

  • Theorem (duality) A ⇔ ¬ ⋄ ¬A
  • Theorem: (p → q) ⇒ p → q

8

slide-9
SLIDE 9

Models of time

  • An interpretation (I, ρ) is said to be

– Reflexive, iff for all s ∈ I, s ∈ ρ(s) – Transitive, iff s2 ∈ ρ(s1) ∧ s3 ∈ ρ(s2) imples s3 ∈ ρ(s1) – Linear, iff for every s ∈ I, there is at most one s′ such that s′ = ρ(s)

  • Linearity may seem a strange property, but it will

become clear when we talk of LTL

9

slide-10
SLIDE 10

Linear Temporal Logic

  • Linear temporal logic (LTL) is PTL (possibly etended

with some operators) whose interpretations are lim- ited to transition functions that are reflexive, tran- sitive and linear

  • The interpretations of LTL can be represented as

paths ρ = s0s1 · · ·, where si : P → {T, F}, we write σi = sisi+1 · · ·

  • Truth value is defined similarly:

10

slide-11
SLIDE 11

– For propositional formula A, ν(A, σ) = T iff s0 | = A – If A is A′ then ν(A, σ) = T iff ν(A, σi) = T for i ≥ 0 – If A is ◦A′, then ν(A, σ) = T iff ν(A, σ1) = T, etc.

  • if ν(A, σ) = T we also write σ |

= A.

slide-12
SLIDE 12

Side note: Models of modal logics

  • A canonical model for temporal logics and also for

epistemic logic ∗ is a Kripke structure

  • A general Kripke structure is a tuple (S, L, R1, . . . , Rn)

where S is a set of states, L : S → 2P and each Ri ⊆ S × S are relations over states.

  • For temporal logics there is just one relation in the

model, but for instance in multi agent epistemic logics, each agent has its own relation.

∗see, e.g., Fagin, Halpern, Moses, Vardi: Reasoning about knowl-

edge MIT Press, 1995

11

slide-13
SLIDE 13

LTL (contd)

  • Even though semantics of LTL are given over paths,

we can extend them to Kripke structures, so that M = (S, L, R) is a model for A at state s, written (M, s) | = A if all paths σ that start at s have σ | = A.

  • Validity and satisfiability are not sensitive to whether

we think of models of formulas to be paths or Kripke structures, but it is possible that neither (M, s) | = A nor (M, s) | = ¬A holds for a given Kripke structure, even if it is true that σ | = A or σ | = ¬A does always hold.

12

slide-14
SLIDE 14

Tableaux for LTL

  • We can construct tableaux just like with proposi-

tional formulas, but we need new rules for temporal

  • perators
  • A is an α-formula, that results in A and ◦A: A

must hold here, and A must hold in the next state

  • ⋄A is a β-formula, whose descendants are A and
  • ⋄ A:

A must hold here, or ⋄A must hold in the next state

13

slide-15
SLIDE 15
  • ◦A has a new rule, the X-rule, which says that A

must hold in the next state, and ¬ ◦ A says that A must not hold in the next state.

slide-16
SLIDE 16

Tableaux for LTL (contd)

  • When a node in a tableaux contains only literals
  • r and X-formulas, then we say that the node is a

state node

  • A state node has a given set of literals, but when we

apply the X-rule, these literals are not copied; the application of the X-rule means that we are moving from one state to another

  • This breaks down the proof of completness and

soundness that were proven using Hintikka sets ear- lier.

14

slide-17
SLIDE 17

slide LTL Tableau algorithm for formula A

  • The root is labelled A.
  • At each iteration, choose a leaf that is not yet han-

dled and do one of the following:

  • 1. If it has a complementary pair of literals, mark it
  • closed. If the node consists of only literals, but

no complementary pairs, mark it open.

  • 2. Apply α or β rules accordingly, if possible
  • 3. If it is a state node, generate the successor: use

the X-rule on all X formulas simultaneously and

slide-18
SLIDE 18

remove all the other labels. If the resulting node is an existing state node, connect; otherwise cre- ate The tableau is closed if all leaves are closed and there are no cycles. Otherwise it is open.

slide-19
SLIDE 19

Hintikka Structure

  • A tableau structure for a given LTL Formula A is

like a Kripke structure, but its labels are sets of formulas built from the propositions of A

  • A state path is a path l0, . . . , lk through a tableau,

such that l0 is a state node (or the ruut) and lk is a state node, and none of l1, . . . , lk−1 are state nodes.

  • A tableau structure built from a tableau is defined

so that S is the set of state nodes of the tableau

15

slide-20
SLIDE 20
  • Each state s is labelled by the union of formulas that

appear on non-state nodes of a state path leading to s

  • (s, s′) ∈ R iff there is a state path leading from s to

s′ in the tableau

  • we say that s′ is reachable from s iff s′ = s or there

is some s′′ such that (s, s′′) ∈ R and s′ is reachable from s′′.

slide-21
SLIDE 21

Hintikka Structure (contd.)

  • A tableau structure is a Hintikka structure for A iff

A ∈ L(s0) and for all states si the following hold:

  • 1. For all propositions of A either p /

∈ L(si)or¬p / ∈ L(si)

  • 2. If α ∈ L(si) then α1 ∈ L(si) and α2 ∈ L(si)
  • 3. If β ∈ L(si) then β1 ∈ L(si) and β2 ∈ L(si)
  • 4. If X ∈ L(si) then for every sj such that (si, sj) ∈

R, X1 ∈ L(sj).

16

slide-22
SLIDE 22
  • Theorem:

The Structure created from an open tableau is a Hintikka structure

slide-23
SLIDE 23

Hintikka Structure (contd.)

  • A Hintikka structure (S, L, R) is linear iff for every

s there exists exactly one s′ such that (s, s′) ∈ R

  • Lemma: An infinite path through a Hintikka struc-

ture of A is itself a linear Hintikka structure

  • A linear Hintikka structure is fulfilling iff for all fu-

ture formulas ⋄A and for all states s of the structure, if ⋄A ∈ L(s) then A ∈ L(s′) for some state s′ such that s′ is reachable from s.

  • Theorem: If there exists a linear fulfilling Hintikka

structure for A then A is satisfiable

17

slide-24
SLIDE 24

Deduction in Temporal Logic

  • Valid propositional logic formulas and deducion rules

remain valid for temporal logic

  • Additional valid formulas can be taken as axioms:
  • 1. (A → B) → (A → B)
  • 2. ◦(A → B) → (◦A → ◦B)
  • 3. A → (A ∧ ◦A ∧ ◦A)
  • 4. (A → ◦A) → (A → A)

18

slide-25
SLIDE 25
  • 5. ◦A ↔ ¬ ◦ ¬A
  • The rules of inference are the standard Modus Po-

nens, and generalization: A ⇒ A, again with the same caveat as in FOL: A must be valid and not part of the assumptions

slide-26
SLIDE 26

Binary temporal operators

  • The unary temporal operators can be expressed with

the help of one binary operator U.

  • AUB means that A must be true until B becomes

true

  • A characterization of U is the following:

AUB ↔ (B ∨ (A ∧ ◦(AUB) ∧ ⋄B))

19