

 Agnes McGee
 1 years ago
 Views:
Transcription
1 Coninuous Veriæcaion by Discree Reasoning Luca de Alfaro and Zohar Manna æ Absrac Two semanics are commonly used for he behavior of realime and hybrid sysems: a discree semanics, in which he emporal evoluion is represened as a sequence of snapshos describing he sae of he sysem a cerain imes, and a coninuous semanics, in which he emporal evoluion is represened by a series of ime inervals, and herefore corresponds more closely o he physical realiy. Powerful veriæcaion rules are known for emporal logic formulas based on he discree semanics. This paper shows how o ransfer he veriæcaion echniques of he discree semanics o he coninuous one. We show ha if a emporal logic formula has he propery of ænie variabiliy, is validiy in he discree semanics implies is validiy in he coninuous one. This leads o a veriæcaion mehod based on hree componens: veriæcaion rules for he discree semanics, axioms abou ime, and some emporal reasoning o bring he resuls ogeher. This approach enables he veriæcaion of properies of realime and hybrid sysems wih respec o he coninuous semanics. æ This research was suppored in par by he Naional Science Foundaion under gran CCR , by he Defense Advanced Research Projecs Agency under conrac NAG2892, and, by he Unied Saes Air Force Oæce of Scieniæc Research under conrac F
2 1 Inroducion In order o use emporal logic o specify and verify properies of realime and hybrid sysems, some semanics mus be chosen for he emporal behavior of he sysems. There are wo common choices ë2, 18ë. The ærs is a coninuous semanics, in which he sysem evoluion is represened by a series of ime inervals, ogeher wih a mapping ha associaes o each poin in ime a sae of he sysem. The second is a discree semanics, in which he emporal evoluion of he sysem is represened as an enumerable sequence of snapshos, each describing he sae of he sysem a a cerain ime. Each of hese semanics has is advanages and weaknesses. The coninuous semanics corresponds closely o he physical behavior of he sysem ë8, 18ë. Sysem speciæcaions describe he physical behavior, and herefore refer more direcly o he coninuous semanics han o he discree one. The discree semanics enables he use of powerful veriæcaion rules o draw conclusions abou he behavior of he sysem from premisses abou is srucure ë6, 20ë. The proof of he soundness of hese rules depends in an essenial way on he discreeness of he semanics, and in paricular on reasoning by inducion on he enumerable sequence of saes. On he oher hand, he discree semanics corresponds less direcly o he physical behavior of he sysem, and is relevance is in is relaionship o he coninuous semanics ë8ë. This paper shows ha he advanages of he discree semanics can be ransferred o he coninuous one. We show ha if a emporal logic formula has he propery of ænie variabiliy, is validiy in he discree semanics implies is validiy in he coninuous one. Mos of he formulas ha arise in pracice have his propery, and we give a series of simple crieria o characerize hem. This allows us o adap he veriæcaion rules for emporal logic on he discree semanics o he coninuous one: if he conclusion of he veriæcaion rule is a formula wih he ænie variabiliy propery, i will also holds in he coninuous semanics. In his way, we are spared he work of devising new veriæcaion rules for he coninuous semanics. We herefore propose a recipe for he veriæcaion of emporal logic properies of realime and hybrid sysems ha consiss of hree ingrediens: veriæcaion rules coming from he discree semanics, axioms saing some basic properies of ime, and a small amoun of emporal reasoning o bring he wo ogeher. Temporal reasoning in he coninuous semanics can be kep o a minimum, if desired. In our represenaion, we follow closely he approach of ë20ë, modeling realime and hybrid sysems by imed and phase ransiion sysems respecively, and using a emporal logic conaining boh explici ime and age funcions. As clocks are closely relaed o age funcions, he resuls can be easily ransferred o logics ha use clocks as he basic iming consruc. We ærs presen he case for realime sysems in some deail, and hen we show he changes needed o adap he resuls o hybrid sysems. 2
3 2 RealTime Sysems Realime sysems will be modeled by imed ransiion sysems ë7, 18ë. A imed ransiion sysem S = hv; æ; æ; T ; L; Ui consiss of he following componens. 1. A se V of variables called sae variables, each wih is ype. 2. A se æ of saes: each sae s 2 æ is a ypeconsisen inerpreaion of all he variables in V: we indicae wih sèxè he value a sae s of x, for x 2V. 3. A se æ æ of iniial saes. æ has an associaed asserion æ f èvè, such ha æ = fs j s j= æ f g, where s inerpres x 2V as sèxè. 4. A se T of ransiions, where æ æ æ for all 2 T. Each ransiion 2 T has an associaed asserion èv; V 0 è such ha = fès; s 0 è j ès; s 0 è j= g, where ès; s 0 è inerpres x 2V as sèxè and x 0 as s 0 èxè. 5. Two ses L, U of minimum and maximum delays of ransiions. For all 2T i is 0 l u 1. We denoe wih c he enabling condiion of ransiion, deæned by c = fs j9s 0 :ès; s 0 è 2 g. For simpliciy, we will assume ha ransiions are selfdisabling: ès; s 0 è 2! s 0 62 c. The emporal behavior of a realime sysem will be represened by races. Corresponding o he discree and he coninuous views of he semanics, he formal represenaion of he behavior is given in erms of discree and coninuous races. 2.1 Discree Semanics In he discree semanics, each behavior is represened by a discree race, which is an enumerable sequence of observaions. Each observaion is a pair consising of a snapsho of he sysem sae and a imesamp indicaing he ime a which he snapsho was aken ë8, 18, 7, 20ë. Deæniion 1 èdiscree raceè A discree race d is an enumerable sequence ofobservaions hs 0 ; 0 i;hs 1 ; 1 i;hs 2 ; 2 i;:::, wih sn 2 æ, n 2 IR + for n 2 IN, such ha 0 =0; lim n!1 n = 1; 8n 2 IN : nn+1: A posiion of a race is simply an ineger n 2 IN. If a race represens a possible behavior of a sysem, we say ha he sysem admis he race. Deæniion 2 èadmission, discree racesè A imed ransiion sysem S admis a discree race d : hs 0 ; 0 i, hs 1 ; 1 i, hs 2 ; 2 i, :::, wrien S. d,if he following condiions are saisæed. 1. All he sae changes are due o ransiions ha have been enabled a leas for heir minimum delay: for all n 2 IN, sn = sn+1_ n = n+1^9 2T h èsn;sn+1è 2 ^8k k n^ k én,l!s k 2ci : 3
4 2. Transiions are never enabled for longer han heir maximum delay: for all 2 T, n; k 2 IN wih kén, 2.2 Coninuous Semanics h i k,nu_9j njk^s k 62 c : In he coninuous semanics, he behavior of he sysem is represened by a mapping from inervals of ime o saes of he sysem, and ime is modelled by he se of real numbers. A race is no more a sequence of snapshos, bu a coninuous represenaion of he evoluion of he sae of he sysem. Here, he word ëconinuous" is used in a diæeren way han in calculus: i means ha here are no gaps in he emporal descripion of he sysems, such as he gaps beween snapshos of he discree semanics. I is his absence of gaps ha makes he coninuous semanics closer o physical realiy. Formally, aconinuous race is a sequence of pairs consising of a sae of he sysem and an inerval of ime spen by he sysem in ha sae. The inervals of ime can overlap a mos a he endpoins ë8, 10, 2ë. This semanics closely resembles he superdense semanics of ë18ë. If A is a linearly ordered se, we will indicae wih In A he se of inervals èi.e. convex sesè of A. Deæniion 3 èconinuous raceè Aconinuous race c is a sequence ofpairs c: hr 0 ;I 0 i, hr 1 ;I 1 i, hr 2 ;I 2 i, :::, wih In 2 In IR and rn 2 æ for all n 2 IN, such ha: 8n sup In = inf In+1 ; ë n2in In =IR + : Aconinuous race is closed if all is inervals I 0, I 1, I 2, :::are; i is open oherwise. Deæniion 4 èmomenè A momen of a race c: hr 0 ;I 0 i, hr 1 ;I 1 i, hr 2 ;I 2 i, ::: èn; è such ha 2 In ë18ë. The ordering of momens is he expeced one: is a pair èn; è èn 0 ; 0 è iæ nén 0 _èn=n 0^ 0 è: In he following, when we wrie a pair èn; è relaive o a race c we will always assume ha i is a momen of c. We give he deæniion of admission only for closed races. We deæne I è n = inf I n, I! n = sup I n. The deæniion of admission is hen similar o he one given for discree races. Deæniion 5 èadmission, coninuous racesè We say ha a imed ransiion sysem S admis a race c: hr 0 ;I 0 i, hr 1 ;I 1 i, hr 2 ;I 2 i, ::: if c is closed, and he following condiions are saisæed. 1. All he sae changes are due o ransiions ha have been enabled a leas for heir minimum delay: for all n 2 IN, h kn^i! k éi! n,l!r k 2ci : rn = rn+1 _9 2T èrn;rn+1è 2 ^8k 2. Transiions are never enabled for longer han heir maximum delay: for all 2 T, n; k 2 IN wih k n, h i I! k, I è n u _9j njk^r k 62 c : 4
5 3 Temporal Logic To express emporal properies of he behavior of he sysem, we use a mulisored emporal logic similar o he one proposed in ë5, 6, 20ë. Synax. Our language conains æexible and rigid consans, rigid variables, rigid funcion symbols and predicaes, he proposiional connecives :,!, he fuure emporal operaors 2, U and he pas ones 2í, S, and he symbols = for equaliy and 8 for quaniæcaion. From his basic se of symbols, addiional ones can be deæned as usual. Noe ha here is no nexime e operaor in he logic. The variables of he logic are rigid, meaning ha hey have he same value a all imes; hus, quaniæcaion is allowed on rigid variables only ë4ë. The sae variables of he sysem, whose value can change in ime, are represened insead by æexible consans. This is diæeren from he approach followed by ë19ë, where quaniæcaion is allowed also on æexible variables, and where æexible variables èinsead of æexible consansè are used o represen he sae variables of he sysem. The approach followed here is such ha a race of he sysem will deermine he model, and he variable assignmen is used o deal wih variables and quaniæcaion. To avoid confusion, for he rigid variables of he logic we use greek leers like,, and for he æexible sae variables of he sysem lain ones like x, y. Our language also conains he special æexible consan T of ype real, whose value represens he ime, and he inerpreed predicae é over he reals. Moreover, he language includes he age funcion,. For a formula, he erm,èè indicaes he lengh of he mos recen inerval in which has been coninuously rue ë20ë. We will assume ha he argumen of,èè does no conain occurrences T or nesed age funcions. Semanics. The ruh of emporal logic formulas is evaluaed wih respec o a model M and a variable assignmen I. A model M = hw; ;ai is composed of a frame F = hw; i and an assignmen funcion a. The frame is a se W of worlds ogeher wih a relaion of reæexive linear order. Each world represens an insan of ime, and he order relaion represens he emporal succession of worlds. We assume ha here is a leas world w 0 in he ordering, called he iniial world. The funcion a is a ypeconsisen assignmen of values o predicaes, funcions and consans. We indicae wih aèwèèæè he value of he symbol æ a world w 2 W. The assignmen o rigid symbols does no depend on he world w. We indicae wih I; Mj= w he fac ha he formula is rue a world w of model M wih variable assignmen I. Truh is compued by inducion on he srucure of in he usual way; as an example, he cases for 2 and 8 are: I; Mj= w2 iæ 8w 0 2 W : w w 0!I;Mj= w 0, I;Mj= w 8 iæ 8d 2 D : Iëd=ë; Mj= w, where D is he domain corresponding o he ype of, and Iëd=ë is he variable assignmen obained from I by assigning he value d o. 5
6 Temporal logic and races. We can use emporal logic o specify properies of races by associaing a model o each race. We assume ha funcions and predicaes have some predeæned assignmen. To he discree race d : hs 0 ; 0 i, hs 1 ; 1 i, hs 2 ; 2 i, ::: we associae he model M d = hin; ;a d i, where a d is he assignmen deæned by, for x 2V and n 2 IN: aènèèxè =snèxè; aènèèt è=n: Insead of I; M d j= n,we will usually wrie I; d j= n. In he model M c corresponding o a coninuous race c: hr 0 ;I 0 i, hr 1 ;I 1 i, hr 2 ;I 2 i, :::, we ake as frame hw; i he se of momens of c ogeher wih heir linear ordering; he iniial world is è0; 0è. The assignmen is hen deæned, for x 2V and n 2 IN, by aèn; èèxè =rnèxè; aèn; èèè =: Again, we usually wrie I;c j= èn;è insead of I; M c j= èn;è. We can hus deæne wo emporal logics: TL D over discree races, and TL C over coninuous ones. A formula is valid in TL D, wrien j= D, if I; d j= n for all I, d, n. Similarly, is valid in TL C, wrien j= C,ifI;c j= èn;è for all I, all c, and all momens èn; è of c. In general, if one or more of he symbols I,, w are omied from I; j= w, he ruh of is required for all possible values of he omied symbols. Thus, j= means ha is rue in all he worlds of all he models. This semanics is called æoaing semanics, and is diæeren from he anchored semanics presened in ë19ë, in which j= means ha is rue in he ærs world of all models. This semanics has been chosen as i has simpler proofheoreical properies, in he absence of a nexime operaor. We can also deæne he validiy of formulas wih respec o a sysem S by resricing he se of races considered in he above deæniions o hose admied by S. Correspondingly, we have he noions of a formula being Svalid in TL D or TL C, indicaed respecively wih S j= D, S j= C. 3.1 Speciæcaion and Veriæcaion The logics TL D and TL C have diæeren properies, reæecing he diæerence in he wo underlying semanics. Example 1 èdensiy of imeè The wo logics TL D, TL C have diæeren ses of valid formulas. For example, he formula : 8 8 3èT = è ^ 3èT = è! 3 T = + 2 expressing he densiy of ime is such ha j= C, j= D :. While he coninuous semanics corresponds closely o he physical behavior of he sysem, he discree semanics gives only an approximae descripion in erms of a series of snapshos. Sysem speciæcaions, being ulimaely a speciæcaion of he physical behavior, can be more faihfully expressed in he coninuous semanics. For hybrid sysems his is 6
7 even ruer, as he sae can change coninuously in ime and coninuous changes are no represened in he discree semanics ë18ë. However, he veriæcaion of he properies of a sysem is simpler in he discree semanics. The mehods proposed in ë7, 18, 20ë o verify properies wrien in TL D rely on wo conceps: veriæcaion condiions and veriæcaion rules. If and è are arbirary pas formulas, ha is, formulas no conaining fuure emporal operaors, i is possible o deæne he veriæcaion condiions fg fèg, fg ick fèg having he following inuiive readings. fg fèg: if is rue, and he ransiion can be aken, è will be rue in he resuling sae. fg ick fèg: if is rue, and he ime advances, è will be rue in he resuling sae. The veriæcaion condiions allow in urn he saemen of veriæcaion rules ha relae he srucure of he sysem o is emporal properies. An example of veriæcaion rule is he ubiquious invariance rule: S `D n fg fg o 2T S `D S `D! 2 fg ick fg : The proof of he soundness of he veriæcaion condiions and of he veriæcaion rules makes an essenial use of he discreeness of he semanics, so ha he approach canno be easily ransferred o he coninuous semanics. 3.2 Veriæcaion in he Coninuous Semanics In his paper we will show how he advanages of he discree semanics can be ransferred o he coninuous one. The key idea consiss in deæning a propery, ænie variabiliy, or FV, and showing ha if is FV, hen S j= D implies S j= C. To verify ha a sysem saisæes a speciæcaion wrien in TL C,we herefore propose a mehodology consising of hree main ingrediens. The ærs one consiss in he use of veriæcaion rules for TL D, whose conclusion can be ransferred o TL C. This will enable us o go from he descripion of he srucure of he sysem in erms of ransiions o he properies i saisæes, expressed in emporal logic. The second one is a series of axioms abou ime. These axioms sae properies ha are a he same ime fundamenal and no derivable in TL D. The hird ingredien is a deducive sysem for TL C. This will enable us o bring ogeher he resuls of he veriæcaion in TL D and of he axioms abou ime, leading o he desired realime properies of a sysem. If i is desired, emporal reasoning in TL C can ofen be kep o a minimum. A relaed approach o proving S j= C has been proposed in ë8ë for similar semanics and logics. I consiss in rephrasing he propery ino a form 0 beer suied o he discree semanics. If he rephrasing is perfec, hen S j= D 0 $ S j= C ; oherwise, i is someimes possible o ænd a sronger propery 0 such ha S j= D 0! S j= C. In ë8ë i is explained how o rephrase some formulas, and how o approximae ohers wih sronger condiions. Our approach exends he one based on rephrasing by considering general formulas. Moreover, since emporal reasoning in TL C is allowed, we can prove he validiy of formulas 7
8 ha have no useful rephrasing. Our sraegy applies also o hybrid sysems, where no only ime bu also oher parameers of he sae of he sysem can vary in a coninuous way. To show he soundness of our approach, we need a careful analysis of he relaionship beween he discree and coninuous semanics, o which we will now urn our aenion. 4 From Discree o Coninuous Reasoning 4.1 Reænemen Each behavior of he sysem can be represened in more han one way by discree or coninuous races, corresponding o he diæeren ways of sampling he sae of he sysem in ime. Example 2 The wo discree races d : 0 1 z í í z í í hx=0;=0i; hx=1;=0i; 2 z í í hx=1;=10i; æææ 0 d : hx=0;=0i ; hx=1;=0i; hx=1;=5i; hx=1;=10i íz í íz í íz í íz í ; æææ inuiively represen he same behavior of he sysem, bu 0 d of he sae of he sysem, hx=1;=5i. conains one more sampling Speciæcally, we say ha a race is a reænemen of anoher if i has been obained by sampling he sae of he sysem more frequenly in ime ë15, 16, 2ë. To give a formal deæniion of reænemen, we inroduce pariioning funcions, ha are closely relaed o he evensreching funcions of ë13, 12ë. Deæniion 6 èpariioning funcionè Apariioning funcion is a funcion IN 7! In IN such ha he inervals 0 ; 1 ; 2 ::: are adjacen and disjoin. Formally, S n2in n =IN, and 8n 2 IN : max i = min i+1, 1. Inuiively, a race 0 d : hs0 0 ;0 0i,hs 0 1 ;0 1i, hs 0 2 ;0 2i, ::: is a reænemen of d :hs 0 ; 0 i,hs 1 ; 1 i, hs 2 ; 2 i, ::: if many observaions of 0 d correspond o a single observaion of d. We use he pariioning funcion o specify he correspondence: all he pairs hs 0 j ;0 ji wih j 2 i will correspond o hsi;ii. Similarly, if c: hr 0 0 ;I0 0i, hr 0 1 ;I0 1i, hr 0 2 ;I0 2i, ::: is a reænemen of c: hr 0 ;I 0 i, hr 1 ;I 1 i, hr 2 ;I 2 i, :::, all he inervals Ij wih j 2 i will correspond o he single inerval Ii. Deæniion 7 èreænemenè A discree race 0 d : hs0 0 ;0 0i, hs 0 1 ;0 1i, hs 0 2 ;0 2i, ::: is a reænemen of d : hs 0 ; 0 i,hs 1 ; 1 i,hs 2 ; 2 i, ::: by he pariioning funcion, indicaed by 0 d d, if for all i: 0 min i = i, and 8j 2 i : s 0 j = s i. A coninuous race c: hr 0 0 ;I0 0i, hr 0 1 ;I0 1i, hr 0 2 ;I0 2i, ::: is a reænemen of c: hr 0 ;I 0 i, hr 1 ;I 1 i, hr 2 ;I 2 i, ::: by he pariioning funcion, denoed 0 c c, iffor all i 2 IN: ë Ii = 8j j 2 i! r 0 j = r i : j2 i I 0 j ; 8
9 c: x =0 x=1 I 0 I 2 I 1 x=3 0 c : x=0 I 0 0 x=1 I 0 1 x=1 x=3 I 0 3 I 0 2 =0 =1 =2 = p 10 =4 Figure 1: A closed coninuous race c and one of is open reænemens 0 c : 0 c c. Example 3 For d, 0 d as in Example 2, we have 0 d d wih 0 = f0g, 1 = f1; 2g, 2 = f3g, :::. Figure 1 gives an example of reænemen ofconinuous compuaions. Noe ha he deæniion for coninuous races is independen of he fac ha he race is closed or no. In he following, we wrie o denoe a generic race, eiher discree or coninuous. We call sample equivalen wo races ha have a common reænemen ë12ë. Deæniion 8 èsample equivalenceè Two discree èresp. coninuousè races, 0 are sample equivalen, wrien 0, if here is a discree èresp. coninuousè race 00 such ha 00, Two sample equivalen races are wo diæeren represenaions of he same behavior of he sysem. I is no surprise hen ha we have he following heorem, saing ha sysems do no disinguish beween sample equivalen races ë15, 16ë. Theorem 1 If d 0 d, hen S. d iæ S. 0 d. If c and 0 c are boh closed, and c 0 c, hen S.c iæ S. 0 c. In fac, i could be argued ha a beer represenaion of he behavior of he sysem can be obained by considering equivalence classes of admied races modulo sampling equivalence. This equivalence classes, called sample equivalence classes, would be similar o he closure under suering of ë2ë. This is generally no done, as reasoning abou equivalence classes of races can be harder han reasoning abou a single race a a ime. Since sample equivalen races correspond o he same behavior of he sysem, i is desirable ha emporal logic does no disinguish among hem. We say ha a emporal logic is sample invarian if 0 implies I; j= $ I; 0 j= ë15ë. The logic TL C is sample invarian, TL D is no. The resul for TL C is given by he following heorem, ha esablishes ha if a race is a reænemen of anoher, he same formulas hold a corresponding momens. Theorem 2 èsample invariance of TL C è If 0 c c and j 2 i, hen If 0 c c, hen 0 c j= $ c j=. I; 0 c j= èj;è $ I;c j= èi;è : 9
10 d : hx =0; =0i íz í 0 æè d è: I 0 x=0 ; hx =1; =0i; hx =1; =5i; hx =1; =10i;::: íz í 1 x=1 íz í 2 x=1 I I 1 2 íz í 3 =0 =5 =10 Figure 2: A discree race d and is coninuous ranslaion æècè. 4.2 Translaions beween Discree and Coninuous Semanics To se up a correspondence beween discree and coninuous races ha represen he same behavior of he sysem, we will use wo ranslaion funcions: from discree races o coninuous ones, and vice versa. These ranslaions are uniquely deermined beween sample equivalence classes of races, bu we have some freedom o choose he race ha corresponds o a given one wihin a sample equivalence class. The ranslaion æ from discree races o closed coninuous races associaes o each hsn;ni a closed inerval sreching from n o n+1. Deæniion 9 èæ : d 7! cè We deæne he ranslaion funcion æ from discree races o coninuous ones as he funcion associaing o d : hs 0 ; 0 i, hs 1 ; 1 i, hs 2 ; 2 i, ::: he closed race c: hr 0 ;I 0 i, hr 1 ;I 1 i, hr 2 ;I 2 i, ::: deæned by, for all n 2 IN: rn = sn, I è n = n, I! n = n+1. In he opposie ranslaion, æ, he idea is ha each inerval of he coninuous race is represened in he discree race by wo observaions, one for each endpoin. We deæne he ranslaion so ha also nonclosed races can be ranslaed, and some care mus be aken o handle he case of open and halfopen inervals. Deæniion 10 èæ :c7! d è The ranslaion funcion æ associaes o c: hr 0 ;I 0 i, hr 1 ;I 1 i, hr 2 ;I 2 i, ::: he discree race d : hs 0 ; 0 i, hs 1 ; 1 i, hs 2 ; 2 i, ::: deæned in he following way, for all n 2 IN. 1. s 2n = s 2n+1 = rn. 2. èaè If In is closed, 2n = I è n, 2n+1 = I! n. èbè If In is lef open, 2n = 2n+1 = I! n. ècè If In is righ open, 2n = 2n+1 = I è n. èdè If In is open, 2n = 2n+1 =èi è n +I! n è=2. Figures 2 and 3 show examples of races and heir ranslaions. The following lemma shows ha he ranslaions are one he inverse of he oher, modulo sampling equivalence, 10
11 æècè : hx=0;=0i; hx=0;=1i; hx=1;=4i; hx=1;=4i; hx=7;=5i; hx=7;=5i; hx=2;=6i íz í íz í íz í íz í íz í íz í íz í ;::: c : x=0 x=3 I 1 x=7 x=2 I 3 =0 I 0 =1 =4 =6 I 2 Figure 3: An open race c and is discree ranslaion æècè. Noe ha c is no he reænemen of any closed race. and ha hey preserve for closed races he parial order of reænemen of races. I also suggess ha races relaed by he ranslaion funcions represen he same behavior of he sysem. Lemma 1 1. For any d, 0 d, c, 0 c, wih c closed, we have: 0 d d! æè 0 d è æè dè; æèæè d èè d ; 0 c c! æè 0 c è æè cè; æèæècèè c: 2. For any S, d and closed c, S. d iæ S.æè d è, and S.c iæ S.æècè. 3. If S.c and 0 c c, hen S.æè 0 c è. 4.3 Finie Variabiliy Consider he formula T é 3 _ x =4. In every ænie inerval of a coninuous race, he ruh value of is subformulas can change a mos a ænie number of imes. Thus, given a race c, i seems possible o reæne i ino a èpossibly openè race c: hr 0 0 ;I0 0i, hr 0 1 ;I0 1i, hr 0 2 ;I0 2i, ::: such ha each subformula has consan ruh value hroughou all inervals I 0 j, j 2 IN. This is he idea underlying he deæniion of ænie variabiliy. The se of subformulas of, denoed by sbèè, is deæned by inducion on he srucure of : sbèp u 1 :::unè=fpu 1 :::ungë S n i=1 sbèuiè sbèu 1 = u 2 è=fu 1 =u 2 gësbèu 1 è ë sbèu 2 è sbè:è =f:gësbèè sbè! èè = f! èg ë sbèè ë sbèèè sbè2è =f2gësbèè 11
12 sbè U èè = f U èg ësbèè ë sbèèè sbè8xè=f8xgësbèè and similarly for he oher proposiional connecives and emporal operaors. The se of subformulas of a erm is deæned by: sbècè =; sbèè =; sbèf u 1 :::unè= S n i=1 sbèuiè sbè,èèè = sbèè; where c denoes a consan, æexible or rigid. Finie variabiliy can hen be deæned as follows. Deæniion 11 èænie variabiliyè A formula has he propery of ænie variabiliy, or FV, if for every closed c and every I here exiss a 0 c c such ha I; 0 c j= èi;è è $ I; 0 c j= èi;0 è è for all subformulas è 2 sbèè. The race 0 c called a ground race for, c and I. wih he above propery can be open, and is Example 4 Many common formulas used in he speciæcaion and veriæcaion of sysems are FV. On he oher hand, an example of a formula which is no FV is he following: 1 T é 4! 3 cos T, 4 é 0 : The reason why he above formula is no FV is ha i is no possible o subdivide IR + ino a ænie number of inervals in which he subformula cosè1=èt, 4èè é 0 has consan value. Example 5 Anoher, more suble, example of a formula which is no FV is given by he formula of Example 1. The reason why i is no possible o reæne a given c ino a 0 c such ha he values of he subformulas are consan in he inervals of 0 c has o do wih he way quaniæcaion ineracs wih ime. Speciæcally, for each value of and i is possible o ænd a 0 c such ha he subformulas = T, = T and T =è+è=2have consan value in he inervals. However, i is no possible o ænd a 0 c ha has his propery for all possible values of and. The imporance of he concep of ænie variabiliy lies in he fac ha if all subformulas have consan ruh value hroughou an inerval, hen he ground coninuous race is faihfully represened by is discree ranslaion. The necessiy of considering formulas ha have consan ruh value in he inervals had already been recognized in ë20ë, where he se of imporan evens was inroduced purposely o preven cerain formulas from changing ruh value in an inerval. The deæniion of ænie variabiliy provides a more general soluion: i gives an accoun of he behavior of quaniæcaion, and i allows o change he emporal logic speciæcaions wihou also having o change he se of imporan evens. For FV formulas, he connecion beween TL C and TL D is expressed by he following resuls. 12
13 Theorem 3 If 0 c is a ground race for, c, I, wih c closed, hen I; æè 0 c è j= 2n $ I; 0 c j= èn;è : This heorem enables us o make a connecion beween he formulas ha are valid, or Svalid, in he wo logics. Theorem 4 èransfer of validiyè If S j= D and is FV, hen S j= C. If j= D and is FV, hen j= C. Proof. We prove only he ærs saemen, as he proof of he second is similar. We prove he counerposiive: assume S 6j= C. Then here are I, c and a momen èn; è of c such ha S.c,I;c 6j= èn;è. As is FV and c is closed, here is a race 0 c c ha is ground for, c, I. There is a k 2 n such ha èk; è is a momen of 0 c, and from Theorem 2 we have ha I; 0 c 6j= èk;è. As 0 c is ground for I,, by Theorem 3 we have I; æè0 c è 6j= 2k. Lemma 1 ensures ha S.æè 0 c è, and we ænally ge S 6j=D, which concludes he proof. Noe ha he converse of his heorem does no hold, i.e. if is FV and S j= C,idoes no follow ha S j= D. A simple example is provided by : 3èT = 5è, which is valid in he coninuous semanics, bu is no necessarily valid on a discree race of a sysem èsee Example 2è. 4.4 From Discree o Coninuous Validiy Finie variabiliy is a semanic propery of a formula: o be able o use he resul of he las heorem in a proof sysem for TL C,we need o replace i by some synacic crierion. To obain a suæcien synacical condiion for FV, we ærs deæne wellbehaved funcions ha are analyical along he real axis in some of heir variables. Here, he word ëanalyical" is used in he calculus sense. Deæniion 12 èwellbehaved funcionè We say ha a funcion fèz 0 ;:::;zn;v 1 ;:::;v k è is wellbehaved if, for all 1 i n, and for all real z j6=i, vm è1 j n, 1 m kè, f when considered as a funcion of zi only is analyical in a region of he complex plane conaining he real axis. Example 6 Examples of wellbehaved funcions are fèz 0 ;z 1 ;v 0 è=z 0 +z 1 +v 0 ; fèz 0 ;v 0 è=jv 0 j+z 0 ; fèz 0 è=1=è2 + z 2 0 è; fèz 0 ;z 1 ;v 0 ;v 1 è = sinèv 0 z 0 è cosèv 1 z 1 è: The funcion fèz 0 è=z 3 0 sinè1=z 0è, on he oher hand, is no wellbehaved, as when considered as a funcion of z 0 i is no analyical in z 0 =0. Deæniion 13 èsynacic ænie variabiliy èsfvèè We call SFV he formulas ha are consruced in he following inducive way. 13
14 1. If u 1, :::, un are erms no conaining T or,, hen Pu 1 :::un is SFV. 2. If fèz 0 ;:::;zn;v 1 ;:::;v k è is a wellbehaved funcion, hen f T;,è 1 è;:::;,ènè;c 1 ;:::;c k =0; f T;,è 1 è;:::;,ènè;c 1 ;:::;c k é0; where c 1, :::, c k are eiher consans diæeren from T or variables, and 1, :::n do no conain T or,, isasfv formula. We call his ype of SFV formulas T aoms. 3. A formula consruced from SFV formulas using proposiional connecives or emporal operaors is a SFV formula. 4. If is a SFV formula, and does no occur in any T aom of, hen 8 is a SFV formula. Wihin an inerval of a coninuous race c, he c 1, :::, c k of he above deæniion have consan value. The requiremen ha fèz 0 ;:::;zn;v 1 ;:::;v k è is wellbehaved insures ha wihin each inerval of c he inequaliies change ruh value a mos æniely ofen. This is a consequence of a wellknown heorem of calculus saing ha a funcion can have a mos a ænie number of zeroes in a ænie region of he complex plane where i is analyical. We will say ha a formula is SFV even if i is no in a form described by he above deæniion, bu can be easily ransformed and pu in such a form. As an example, T éx+y is no in he form deæned above, bu i can be ransformed ino T, x, y é 0, and will hus also be called SFV. In a similar way, T,èx = 2è + 4 can be ransformed in ët,,èx =2è,4=0ë_ëT,,èx =2è,4é0ë which isof he above form. I is possible o give a more general deæniion of SFV ha encompasses direcly all hese cases, bu i would be far less concise. Example 7 The formula of Example 4 is no SFV, as he funcion cosè1=èx, 4èè is no analyical in x =4,apoin ofhe real axis. The formula of Example 1 is no SFV as i quaniæes over and ha appear in he T aoms T =, T = and T =è+è=2. We have ha SFV implies FV, as he heorem below saes. Theorem 5 èsfv implies FVè If is SVF, i is also FV. Corollary 1 If is SFV, S j= D implies S j= C he inference rules. Similarly for iniial validiy. Therefore S `D S ; `D ; S `D 0 ; S è0;0è `D 0 è0;0è ; wih he proviso ha is SFV, are sound. 14
Follow the Leader If You Can, Hedge If You Must
Journal of Machine Learning Research 15 (2014) 12811316 Submied 1/13; Revised 1/14; Published 4/14 Follow he Leader If You Can, Hedge If You Mus Seven de Rooij seven.de.rooij@gmail.com VU Universiy and
More informationANALYSIS AND COMPARISONS OF SOME SOLUTION CONCEPTS FOR STOCHASTIC PROGRAMMING PROBLEMS
ANALYSIS AND COMPARISONS OF SOME SOLUTION CONCEPTS FOR STOCHASTIC PROGRAMMING PROBLEMS R. Caballero, E. Cerdá, M. M. Muñoz and L. Rey () Deparmen of Applied Economics (Mahemaics), Universiy of Málaga,
More informationDynamic Contracting: An Irrelevance Result
Dynamic Conracing: An Irrelevance Resul Péer Eső and Balázs Szenes Sepember 5, 2013 Absrac his paper considers a general, dynamic conracing problem wih adverse selecion and moral hazard, in which he agen
More informationAND BACKWARD SDE. Nizar Touzi nizar.touzi@polytechnique.edu. Ecole Polytechnique Paris Département de Mathématiques Appliquées
OPIMAL SOCHASIC CONROL, SOCHASIC ARGE PROBLEMS, AND BACKWARD SDE Nizar ouzi nizar.ouzi@polyechnique.edu Ecole Polyechnique Paris Déparemen de Mahémaiques Appliquées Chaper 12 by Agnès OURIN May 21 2 Conens
More informationCostSensitive Learning by CostProportionate Example Weighting
CosSensiive Learning by CosProporionae Example Weighing Bianca Zadrozny, John Langford, Naoki Abe Mahemaical Sciences Deparmen IBM T. J. Wason Research Cener Yorkown Heighs, NY 0598 Absrac We propose
More informationThe U.S. Treasury Yield Curve: 1961 to the Present
Finance and Economics Discussion Series Divisions of Research & Saisics and Moneary Affairs Federal Reserve Board, Washingon, D.C. The U.S. Treasury Yield Curve: 1961 o he Presen Refe S. Gurkaynak, Brian
More informationOptimal demand response: problem formulation and deterministic case
Opimal demand response: problem formulaion and deerminisic case Lijun Chen, Na Li, Libin Jiang, and Seven H. Low Absrac We consider a se of users served by a single loadserving eniy (LSE. The LSE procures
More informationA Working Solution to the Question of Nominal GDP Targeting
A Working Soluion o he Quesion of Nominal GDP Targeing Michael T. Belongia Oho Smih Professor of Economics Universiy of Mississippi Box 1848 Universiy, MS 38677 mvp@earhlink.ne and Peer N. Ireland Deparmen
More informationAre Under and Overreaction the Same Matter? A Price Inertia based Account
Are Under and Overreacion he Same Maer? A Price Ineria based Accoun Shengle Lin and Sephen Rasseni Economic Science Insiue, Chapman Universiy, Orange, CA 92866, USA Laes Version: Nov, 2008 Absrac. Theories
More informationImproved Techniques for Grid Mapping with RaoBlackwellized Particle Filters
1 Improved Techniques for Grid Mapping wih RaoBlackwellized Paricle Filers Giorgio Grisei Cyrill Sachniss Wolfram Burgard Universiy of Freiburg, Dep. of Compuer Science, GeorgesKöhlerAllee 79, D79110
More informationA Simple Introduction to Dynamic Programming in Macroeconomic Models
Economics Deparmen Economics orking Papers The Universiy of Auckland Year A Simple Inroducion o Dynamic Programming in Macroeconomic Models Ian King Universiy of Auckland, ip.king@auckland.ac.nz This paper
More informationToday s managers are very interested in predicting the future purchasing patterns of their customers, which
Vol. 24, No. 2, Spring 25, pp. 275 284 issn 7322399 eissn 1526548X 5 242 275 informs doi 1.1287/mksc.14.98 25 INFORMS Couning Your Cusomers he Easy Way: An Alernaive o he Pareo/NBD Model Peer S. Fader
More informationCentral Bank Communication: Different Strategies, Same Effectiveness?
Cenral Bank Communicaion: Differen Sraegies, Same Effeciveness? Michael Ehrmann and Marcel Frazscher * European Cenral Bank Michael.Ehrmann@ecb.in, Marcel.Frazscher@ecb.in November 2004 Absrac The paper
More informationAsymmetry of the exchange rate passthrough: An exercise on the Polish data 1
Asymmery of he exchange rae passhrough: An exercise on he Polish daa Jan Przysupa Ewa Wróbel 3 Absrac We propose a complex invesigaion of he exchange rae passhrough in a small open economy in ransiion.
More informationDoes Britain or the United States Have the Right Gasoline Tax?
Does Briain or he Unied Saes Have he Righ Gasoline Tax? Ian W.H. Parry and Kenneh A. Small March 2002 (rev. Sep. 2004) Discussion Paper 02 12 rev. Resources for he uure 1616 P Sree, NW Washingon, D.C.
More informationAnchoring Bias in Consensus Forecasts and its Effect on Market Prices
Finance and Economics Discussion Series Divisions of Research & Saisics and Moneary Affairs Federal Reserve Board, Washingon, D.C. Anchoring Bias in Consensus Forecass and is Effec on Marke Prices Sean
More informationThe Macroeconomics of MediumTerm Aid ScalingUp Scenarios
WP//6 The Macroeconomics of MediumTerm Aid ScalingUp Scenarios Andrew Berg, Jan Goschalk, Rafael Porillo, and LuisFelipe Zanna 2 Inernaional Moneary Fund WP//6 IMF Working Paper Research Deparmen The
More informationKONSTANTĪNS BEŅKOVSKIS IS THERE A BANK LENDING CHANNEL OF MONETARY POLICY IN LATVIA? EVIDENCE FROM BANK LEVEL DATA
ISBN 9984 676 20 X KONSTANTĪNS BEŅKOVSKIS IS THERE A BANK LENDING CHANNEL OF MONETARY POLICY IN LATVIA? EVIDENCE FROM BANK LEVEL DATA 2008 WORKING PAPER Lavias Banka, 2008 This source is o be indicaed
More informationThe Transport Equation
The Transpor Equaion Consider a fluid, flowing wih velociy, V, in a hin sraigh ube whose cross secion will be denoed by A. Suppose he fluid conains a conaminan whose concenraion a posiion a ime will be
More informationParttime Work, Wages and Productivity: Evidence from Matched Panel Data
Parime Work, Wages and Produciviy: Evidence from Mached Panel Daa Alessandra Caaldi (Universià di Roma "La Sapienza" and SBSEM) Sephan Kampelmann (Universié de Lille, CLERSE, SBSEM) François Rycx (Universié
More informationEDUCATION POLICIES AND STRATEGIES
EDUCATION POLICIES AND STRATEGIES Naional Educaion Secor Developmen Plan: A resulbased planning handbook 13 Educaion Policies and Sraegies 13 Educaion Policies and Sraegies 13 Naional Educaion Secor Developmen
More informationI M F S T A F F D I S C U S S I O N N O T E
I M F S T A F F D I S C U S S I O N N O T E February 29, 2012 SDN/12/01 Two Targes, Two Insrumens: Moneary and Exchange Rae Policies in Emerging Marke Economies Jonahan D. Osry, Aish R. Ghosh, and Marcos
More informationBIS Working Papers. Globalisation, passthrough. policy response to exchange rates. No 450. Monetary and Economic Department
BIS Working Papers No 450 Globalisaion, passhrough and he opimal policy response o exchange raes by Michael B Devereux and James Yeman Moneary and Economic Deparmen June 014 JEL classificaion: E58, F6
More informationFIRST PASSAGE TIMES OF A JUMP DIFFUSION PROCESS
Adv. Appl. Prob. 35, 54 531 23 Prined in Norhern Ireland Applied Probabiliy Trus 23 FIRST PASSAGE TIMES OF A JUMP DIFFUSION PROCESS S. G. KOU, Columbia Universiy HUI WANG, Brown Universiy Absrac This paper
More informationOUTOFBAG ESTIMATION. Leo Breiman* Statistics Department University of California Berkeley, CA. 94708 leo@stat.berkeley.edu
1 OUTOFBAG ESTIMATION Leo Breiman* Saisics Deparmen Universiy of California Berkeley, CA. 94708 leo@sa.berkeley.edu Absrac In bagging, predicors are consruced using boosrap samples from he raining se
More informationBoard of Governors of the Federal Reserve System. International Finance Discussion Papers. Number 1003. July 2010
Board of Governors of he Federal Reserve Sysem Inernaional Finance Discussion Papers Number 3 July 2 Is There a Fiscal Free Lunch in a Liquidiy Trap? Chrisopher J. Erceg and Jesper Lindé NOTE: Inernaional
More informationExchange Rate PassThrough into Import Prices: A Macro or Micro Phenomenon? Abstract
Exchange Rae PassThrough ino Impor Prices: A Macro or Micro Phenomenon? Absrac Exchange rae regime opimaliy, as well as moneary policy effeciveness, depends on he ighness of he link beween exchange rae
More informationThe concept of potential output plays a
Wha Do We Know (And No Know) Abou Poenial Oupu? Susano Basu and John G. Fernald Poenial oupu is an imporan concep in economics. Policymakers ofen use a onesecor neoclassical model o hink abou longrun
More informationWhich Archimedean Copula is the right one?
Which Archimedean is he righ one? CPA Mario R. Melchiori Universidad Nacional del Lioral Sana Fe  Argenina Third Version Sepember 2003 Published in he YieldCurve.com ejournal (www.yieldcurve.com), Ocober
More information