A tableau-based decision procedure for LTL

Similar documents
Model Checking II Temporal Logic Model Checking

Introduction to Software Verification

Using Patterns and Composite Propositions to Automate the Generation of Complex LTL

Software Modeling and Verification

Automata-based Verification - I

T Reactive Systems: Introduction and Finite State Automata

Introduction to Logic in Computer Science: Autumn 2006

Formal Verification and Linear-time Model Checking

On strong fairness in UNITY

Schedule. Logic (master program) Literature & Online Material. gic. Time and Place. Literature. Exercises & Exam. Online Material

On the Modeling and Verification of Security-Aware and Process-Aware Information Systems

Algorithmic Software Verification

Model Checking: An Introduction

Testing LTL Formula Translation into Büchi Automata

A Propositional Dynamic Logic for CCS Programs

Constructing Automata from Temporal Logic Formulas : A Tutorial

Temporal Logics. Computation Tree Logic

Which Semantics for Neighbourhood Semantics?

logic language, static/dynamic models SAT solvers Verified Software Systems 1 How can we model check of a program or system?

CS510 Software Engineering

Journal of Mathematics Volume 1, Number 1, Summer 2006 pp

Determination of the normalization level of database schemas through equivalence classes of attributes

The Ultimate Undecidability Result for the Halpern Shoham Logic

Lecture 22: November 10

MetaGame: An Animation Tool for Model-Checking Games

A first step towards modeling semistructured data in hybrid multimodal logic

SOLUTIONS TO ASSIGNMENT 1 MATH 576

DEFINABLE TYPES IN PRESBURGER ARITHMETIC

Handout #1: Mathematical Reasoning

Lecture 17 : Equivalence and Order Relations DRAFT

x < y iff x < y, or x and y are incomparable and x χ(x,y) < y χ(x,y).

A CTL-Based Logic for Program Abstractions

Policy Analysis for Administrative Role Based Access Control without Separate Administration

University of Ostrava. Reasoning in Description Logic with Semantic Tableau Binary Trees

CS 598CSC: Combinatorial Optimization Lecture date: 2/4/2010

Lecture 1: Course overview, circuits, and formulas

The Classes P and NP

MATHEMATICS: CONCEPTS, AND FOUNDATIONS Vol. III - Logic and Computer Science - Phokion G. Kolaitis

Midterm Practice Problems

Tree sums and maximal connected I-spaces

1 if 1 x 0 1 if 0 x 1

From Workflow Design Patterns to Logical Specifications

Outline. NP-completeness. When is a problem easy? When is a problem hard? Today. Euler Circuits

1 Definitions. Supplementary Material for: Digraphs. Concept graphs

Exponential time algorithms for graph coloring

Generating models of a matched formula with a polynomial delay

OHJ-2306 Introduction to Theoretical Computer Science, Fall

HECTOR a software model checker with cooperating analysis plugins. Nathaniel Charlton and Michael Huth Imperial College London

(LMCS, p. 317) V.1. First Order Logic. This is the most powerful, most expressive logic that we will examine.

Path Querying on Graph Databases

Model Checking of Software

Continued Fractions and the Euclidean Algorithm

Monitoring Metric First-order Temporal Properties

Formal Verification by Model Checking

Problem Set 7 Solutions

Updating Action Domain Descriptions

Fixed-Point Logics and Computation

So let us begin our quest to find the holy grail of real analysis.

Complexity Theory. IE 661: Scheduling Theory Fall 2003 Satyaki Ghosh Dastidar

facultad de informática universidad politécnica de madrid

NP-complete? NP-hard? Some Foundations of Complexity. Prof. Sven Hartmann Clausthal University of Technology Department of Informatics

Fundamentals of Software Engineering

On the Relationship between Classes P and NP

Lemma 5.2. Let S be a set. (1) Let f and g be two permutations of S. Then the composition of f and g is a permutation of S.

Borne inférieure de circuit : une application des expanders

Development of dynamically evolving and self-adaptive software. 1. Background

Welcome to... Problem Analysis and Complexity Theory , 3 VU

SEQUENCES OF MAXIMAL DEGREE VERTICES IN GRAPHS. Nickolay Khadzhiivanov, Nedyalko Nenov

Fabio Patrizi DIS Sapienza - University of Rome

On Integer Additive Set-Indexers of Graphs

5.1 Bipartite Matching

Cartesian Products and Relations

Cycles in a Graph Whose Lengths Differ by One or Two

Since [L : K(α)] < [L : K] we know from the inductive assumption that [L : K(α)] s < [L : K(α)]. It follows now from Lemma 6.

THE DIMENSION OF A VECTOR SPACE

MATH10040 Chapter 2: Prime and relatively prime numbers

Examination paper for MA0301 Elementær diskret matematikk

6.2 Permutations continued

An inequality for the group chromatic number of a graph

A Sublinear Bipartiteness Tester for Bounded Degree Graphs

A Working Knowledge of Computational Complexity for an Optimizer

Validated Templates for Specification of Complex LTL Formulas

COMBINATORIAL PROPERTIES OF THE HIGMAN-SIMS GRAPH. 1. Introduction

Page 331, 38.4 Suppose a is a positive integer and p is a prime. Prove that p a if and only if the prime factorization of a contains p.

CONTINUED FRACTIONS AND PELL S EQUATION. Contents 1. Continued Fractions 1 2. Solution to Pell s Equation 9 References 12

Software Verification and Testing. Lecture Notes: Temporal Logics

Degrees that are not degrees of categoricity

MODEL CHECKING ONE-CLOCK PRICED TIMED AUTOMATA

Practical Guide to the Simplex Method of Linear Programming

Formal Verification Coverage: Computing the Coverage Gap between Temporal Specifications

Chapter 3. Cartesian Products and Relations. 3.1 Cartesian Products

Guessing Game: NP-Complete?

6.852: Distributed Algorithms Fall, Class 2

Software Engineering using Formal Methods

Approximated Distributed Minimum Vertex Cover Algorithms for Bounded Degree Graphs

Formal Specification and Verification

Random vs. Structure-Based Testing of Answer-Set Programs: An Experimental Comparison

How To Know If A Domain Is Unique In An Octempo (Euclidean) Or Not (Ecl)

The Graphical Method: An Example

An example of a computable

Transcription:

Angelo Montanari Department of Mathematics and Computer Science University of Udine, Udine Italy

Outline 1 Point-based temporal logics 2

Outline 1 Point-based temporal logics 2

Basic coordinates - 1 Explicit vs. implicit methods for (modal and) temporal logics

Basic coordinates - 1 Explicit vs. implicit methods for (modal and) temporal logics In implicit methods the accessibility relation is built-in into the structure of the tableau This is the case with tableau methods for linear and branching time point temporal logics

Basic coordinates - 1 Explicit vs. implicit methods for (modal and) temporal logics In implicit methods the accessibility relation is built-in into the structure of the tableau This is the case with tableau methods for linear and branching time point temporal logics Explicit methods keep track of the accessibility relation by means of some sort of external device This is the case with tableau methods for interval temporal logics where structured labels are associated with nodes to constrain the corresponding formula, or set of formulae, to hold only at the domain element(s) identified by the label

Basic coordinates - 2 Declarative vs. incremental methods

Basic coordinates - 2 Declarative vs. incremental methods Declarative methods first generate all possible sets of subformulae of a given formula and then they eliminate some (possibly all) of them Declarative methods are generally easier to understand

Basic coordinates - 2 Declarative vs. incremental methods Declarative methods first generate all possible sets of subformulae of a given formula and then they eliminate some (possibly all) of them Declarative methods are generally easier to understand Incremental methods generate only meaningful sets of subformulae Incremental methods are generally more efficient

Tableau systems for LTL and fragments/variants - 1 An exponential time declarative method to check LTL formulae has been developed by Wolper P. Wolper, The tableau method for temporal logic: An overview, Logique et Analyse 28 (1985) 119 136 and later extended by Lichtenstein and Pnueli to Past LTL (PLTL) O. Lichtenstein, A. Pnueli, Propositional temporal logic: Decidability and completeness, Logic Journal of the IGPL 8(1) (2000) 55 85

Tableau systems for LTL and fragments/variants - 2 A PSPACE incremental method for PLTL has been proposed by Kesten et al. Y. Kesten, Z. Manna, H. McGuire, A. Pnueli, A decision algorithm for full propositional temporal logic, in: Proc. of the 5th International Conference on Computer Aided Verification, 1993, pp. 97 109 A labeled tableau system for the LTL-fragment LTL[F] has been proposed by Schmitt and Goubault-Larrecq P. Schmitt, J. Goubault-Larrecq, A tableau system for linear-time temporal logic, in: E. Brinksma (Ed.), Proc. of the 3rd Workshop on Tools and Algorithms for the Construction and Analysis of Systems, Vol. 1217 of LNCS, Springer, 1997, pp. 130 144

Tableau systems for LTL and fragments/variants - 3 A tableau method for PLTL over bounded models has been developed by Cerrito and Cialdea-Mayer S. Cerrito, M. Cialdea-Mayer, Bounded model search in linear temporal logic and its application to planning, in: Proc. of the International Conference TABLEAUX 1998, Vol. 1397 of LNAI, Springer, 1998, pp. 124 140 Later Cerrito et al. generalized the method to first-order PLTL S. Cerrito, M. Cialdea-Mayer, S. Praud, First-order linear temporal logic over finite time structures, in: H. Ganzinger, D. McAllester, A. Voronkov (Eds.), Proc. of the 6th International Conference on Logic for Programming, Artificial Intelligence and Reasoning, Vol. 1705 of LNAI, Springer, 1999, pp. 62 76.

About complexity The satisfiability problem for LTL / PLTL is PSPACE-complete A. Sistla, E. Clarke, The complexity of propositional linear time temporal logics, Journal of the ACM 32 (3) (1985) 733 749 while that LTL[F] and for PLTL over bounded models of polynomial length is NP-complete S. Cerrito, M. Cialdea-Mayer, Bounded model search in linear temporal logic and its application to planning, in: Proc. of the International Conference TABLEAUX 1998, Vol. 1397 of LNAI, Springer, 1998, pp. 124 140 A. Sistla, E. Clarke, The complexity of propositional linear time temporal logics, Journal of the ACM 32 (3) (1985) 733 749

Tableau systems for CTL An implicit tableau method to check the satisfiability of CTL formulae, that generalizes Wolper s method for LTL, has been proposed by Emerson and Halpern E. Emerson, J. Halpern, Decision procedures and expressiveness in the temporal logic of branching time, Journal of Computer and System Sciences 30 (1) (1985) 1 24 The satisfiability problem for CTL is known to be EXPTIME-complete. There exists an optimal incremental version of Emerson and Halpern s decision procedure

Outline 1 Point-based temporal logics 2

In the following, we describe in detail a tableau-based decision procedure for LTL For the sake of clarity, among the various existing tableau systems for LTL, we selected Manna and Pnueli s implicit declarative one Z. Manna, A. Pnueli, Temporal Verification of Reactive Systems: Safety, Springer, 1995

Expansion rules and closure Expansion rules Gp p XGp Fp p XFp puq q (p X(pUq))

Expansion rules and closure Expansion rules Gp p XGp Fp p XFp puq q (p X(pUq)) Closure Φ ϕ of a formula ϕ Φ ϕ is the smallest set of formulae satisfying: ϕ Φ ϕ for every p Φ ϕ and subformula q of p, q Φ ϕ for every p Φ ϕ, p Φ ϕ ( p p) for every ψ {Gp, Fp, puq}, if ψ Φ ϕ, then Xψ Φ ϕ

Example of closure ϕ : Gp F p The closure is Φ ϕ = Φ + ϕ Φ ϕ, where Φ + ϕ = {ϕ, Gp, F p, XGp, XF p, p} and Φ ϕ = { ϕ, Gp, F p, XGp, XF p, p}

Example of closure ϕ : Gp F p The closure is Φ ϕ = Φ + ϕ Φ ϕ, where Φ + ϕ = {ϕ, Gp, F p, XGp, XF p, p} and Φ ϕ = { ϕ, Gp, F p, XGp, XF p, p} We have that Φ ϕ 4 ϕ Gp {Gp, XGp, Gp, XGp}

Classification of formulae α and β tables α p q Gp k(α) p, q p, XGp We have that an α-formula holds at position j iff all of k(α)-formulae hold at j

Classification of formulae α and β tables α p q Gp k(α) p, q p, XGp We have that an α-formula holds at position j iff all of k(α)-formulae hold at j β k 1 (β) k 2 (β) p q p q Fp p XFp puq q p, X(pUq) We have that a β-formula holds at position j iff either the k 1 (β)-formula holds at j or all k 2 (β)-formulae hold at j (or both)

Atoms Atom over ϕ (ϕ-atom) A ϕ-atom is a subset A Φ ϕ satisfying: R sat : the conjunction of all local formulae in A is satisfiable R : for every p Φ ϕ, p A iff p A (i.e., for every p Φ ϕ, a ϕ-atom must contain either p or p) R α : for every α-formula α Φ ϕ, α A iff k(α) A (e.g., Gp A iff both p A and XGp A) R β : for every β-formula β Φ ϕ, β A iff either k 1 (β) A or k 2 (beta) A (or both)

Atoms Atom over ϕ (ϕ-atom) A ϕ-atom is a subset A Φ ϕ satisfying: R sat : the conjunction of all local formulae in A is satisfiable R : for every p Φ ϕ, p A iff p A (i.e., for every p Φ ϕ, a ϕ-atom must contain either p or p) R α : for every α-formula α Φ ϕ, α A iff k(α) A (e.g., Gp A iff both p A and XGp A) R β : for every β-formula β Φ ϕ, β A iff either k 1 (β) A or k 2 (beta) A (or both) Example (ϕ : Gp F p) A 1 = {ϕ, Gp, F p, XGp, XF p, p} is an atom A 2 == {ϕ, Gp, F p, XGp, XF p, p} is not (R α is violated)

Intended meaning of atoms Atoms are used to represent maximal mutually satisfiable sets of formulae

Intended meaning of atoms Atoms are used to represent maximal mutually satisfiable sets of formulae Definition A set of formulae S Φ ϕ is mutually satisfiable if there exist a model σ and a position j 0 such that every formula p S holds at position j

Intended meaning of atoms Atoms are used to represent maximal mutually satisfiable sets of formulae Definition A set of formulae S Φ ϕ is mutually satisfiable if there exist a model σ and a position j 0 such that every formula p S holds at position j Proposition For any set of mutually satisfiable formulae S Φ ϕ there exists a ϕ-atom A such that S A

Intended meaning of atoms Atoms are used to represent maximal mutually satisfiable sets of formulae Definition A set of formulae S Φ ϕ is mutually satisfiable if there exist a model σ and a position j 0 such that every formula p S holds at position j Proposition For any set of mutually satisfiable formulae S Φ ϕ there exists a ϕ-atom A such that S A The opposite does not hold: it may happen that S Φ ϕ and there exists a ϕ-atom A such that S A, but S is not mutually satisfiable (e.g., Xp X p)

Basic (or elementary) formulae Definition Basic formulae are propositions or formulae of the form Xp

Basic (or elementary) formulae Definition Basic formulae are propositions or formulae of the form Xp Property of basic formulae The presence or absence of basic formulae in an atom A determine the presence or absence of all other closure formulae in A

Basic (or elementary) formulae Definition Basic formulae are propositions or formulae of the form Xp Property of basic formulae The presence or absence of basic formulae in an atom A determine the presence or absence of all other closure formulae in A Example (ϕ : Gp F p) Suppose that XGp A and XF p A, while p A. From p A, it follows that p A From p A and XGp A, it follows that Gp A From p A and XF p A, it follows that F p A From Gp A and F p A, it follows that ϕ A

Tableau Given a formula ϕ, construct a direct graph T ϕ such that Nodes and edges of T ϕ The nodes of T ϕ are the atoms of ϕ and there exists an edge from an atom A to an atom B if for every Xp Φ ϕ, Xp A iff p B

Tableau Given a formula ϕ, construct a direct graph T ϕ such that Nodes and edges of T ϕ The nodes of T ϕ are the atoms of ϕ and there exists an edge from an atom A to an atom B if for every Xp Φ ϕ, Xp A iff p B Tableau T ϕ is the tableau of ϕ

Tableau Given a formula ϕ, construct a direct graph T ϕ such that Nodes and edges of T ϕ The nodes of T ϕ are the atoms of ϕ and there exists an edge from an atom A to an atom B if for every Xp Φ ϕ, Xp A iff p B Tableau T ϕ is the tableau of ϕ Example (ϕ : Gp F p) The tableau T ϕ of ϕ = Gp F p is depicted in the next slide

{ } p, XGp, X F p A 2 : Gp, F p, ϕ { } p, XGp, X F p A 3 : Gp, F p, ϕ { } p, XGp, X F p A 0 : Gp, F p, ϕ { } p, XGp, X F p A 1 : Gp, F p, ϕ { } p, XGp, X F p A 4 : Gp, F p, ϕ { } p, XGp, X F p A 5 : Gp, F p, ϕ { } p, XGp, X F p A 6 : Gp, F p, ϕ { } p, XGp, X F p A 7 : Gp, F p, ϕ

Models and tableau paths - 1 Definition (induced path) Given a model σ of ϕ, the infinite path π σ : A 0, A 1,... in T ϕ is induced by σ if for every position j 0 and every p Φ ϕ, (σ, j) p iff p A j (in particular, ϕ A 0 )

Models and tableau paths - 1 Definition (induced path) Given a model σ of ϕ, the infinite path π σ : A 0, A 1,... in T ϕ is induced by σ if for every position j 0 and every p Φ ϕ, (σ, j) p iff p A j (in particular, ϕ A 0 ) Proposition Given a formula ϕ and a tableau T ϕ for it, for every model σ : s 0, s 1,... of ϕ there exists an infinite path π σ : A 0, A 1,... in T ϕ such that π σ is induced by σ.

Models and tableau paths - 2 Sketch of the proof Let σ : s 0, s 1,... be a model. For every j 0, let A j be the subset of Φ φ that contains all formulas p Φ φ such that (σ, j) = p. For every j 0, we have that (i) A j satisfies all the requirements of an atom and (ii) the pair (A j, A j+1 ) satisfies the condition on edges. Hence, π σ : A 0, A 1,... is an infinite path in T ϕ induced by σ.

Models and tableau paths - 2 Sketch of the proof Let σ : s 0, s 1,... be a model. For every j 0, let A j be the subset of Φ φ that contains all formulas p Φ φ such that (σ, j) = p. For every j 0, we have that (i) A j satisfies all the requirements of an atom and (ii) the pair (A j, A j+1 ) satisfies the condition on edges. Hence, π σ : A 0, A 1,... is an infinite path in T ϕ induced by σ. An immediate consequence Since σ is a model of φ, we have that (σ, 0) = φ and thus φ A 0

Models and tableau paths - 2 Sketch of the proof Let σ : s 0, s 1,... be a model. For every j 0, let A j be the subset of Φ φ that contains all formulas p Φ φ such that (σ, j) = p. For every j 0, we have that (i) A j satisfies all the requirements of an atom and (ii) the pair (A j, A j+1 ) satisfies the condition on edges. Hence, π σ : A 0, A 1,... is an infinite path in T ϕ induced by σ. An immediate consequence Since σ is a model of φ, we have that (σ, 0) = φ and thus φ A 0 The opposite does not hold: not every infinite path in T ϕ is induced by some model σ

A (counter)example The infinite path A ω 7, where A 7 = {p, XGp, XF p, Gp, F p, ϕ}, is not induced by any model: every formula q A 7 should hold at all positions j, but there exists no model σ such that F p holds at position 0 and p holds at all positions j 0.

A (counter)example The infinite path A ω 7, where A 7 = {p, XGp, XF p, Gp, F p, ϕ}, is not induced by any model: every formula q A 7 should hold at all positions j, but there exists no model σ such that F p holds at position 0 and p holds at all positions j 0. For what kind of paths does the opposite hold?

Promises and promising formulae Promise A formula ψ Φ ϕ is said to promise a formula r if ψ has one of the following forms: Fr pur G r

Promises and promising formulae Promise A formula ψ Φ ϕ is said to promise a formula r if ψ has one of the following forms: Fr pur G r Property 1 If (σ, j) ψ, then (σ, k) r, for some k j

Promises and promising formulae Promise A formula ψ Φ ϕ is said to promise a formula r if ψ has one of the following forms: Fr pur G r Property 1 If (σ, j) ψ, then (σ, k) r, for some k j Property 2 The model σ contains infinitely many positions j 0 such that (σ, j) ψ or (σ, j) r

Fulfilling atoms and paths Fulfilling atom An atom A fulfills a formula ψ, that promises r, if ψ A or r A

Fulfilling atoms and paths Fulfilling atom An atom A fulfills a formula ψ, that promises r, if ψ A or r A Fulfilling path A path π = A 0, A 1,... in T ϕ is fulfilling if for every promising formula ψ Φ ϕ, π contains infinitely many atoms A j which fulfill ψ (that is, either ψ A j or r A j or both)

Fulfilling atoms and paths Fulfilling atom An atom A fulfills a formula ψ, that promises r, if ψ A or r A Fulfilling path A path π = A 0, A 1,... in T ϕ is fulfilling if for every promising formula ψ Φ ϕ, π contains infinitely many atoms A j which fulfill ψ (that is, either ψ A j or r A j or both) An example The path A ω 7 is not fulfilling, because F p Φ ϕ promises p, but p A 7 and F p A 7

Additional examples The path A ω 2 is fulfilling, because F p Φ ϕ promises p, the path visits A 2 infinitely many times, and both F p and p belong to A 2 The path (A 2 A 3 ) ω is fulfilling, because F p Φ ϕ promises p, p A 2, and the path visits A 2 infinitely many times The path A 4 A ω 5 is fulfilling, because F p Φ ϕ promises p, the path visits A 5 infinitely many times, p does not belong to A 5, but F p(= Gp) belongs to A 5

From models to fulfilling paths Proposition (models induce fulfilling paths) If π σ = A 0, A 1,... is a path induced by a model σ, then π σ is fulfilling

From models to fulfilling paths Proposition (models induce fulfilling paths) If π σ = A 0, A 1,... is a path induced by a model σ, then π σ is fulfilling Proof Let ψ Φ φ be a formula that promises r. By the definition of model, σ contains infinitely many positions j such that (σ, j) = ψ or (σ, j) = r. By the correspondence between models and induced paths, for each of these positions j, ψ A j or r A j.

From fulfilling paths to models - 1 Proposition (fulfilling paths induce models) If π = A 0, A 1,... is a fulfilling path in T ϕ, then there exists a model σ inducing π, that is, π = π σ and for every ψ Φ ϕ and every j 0, (σ, j) ψ iff ψ A j

From fulfilling paths to models - 1 Proposition (fulfilling paths induce models) If π = A 0, A 1,... is a fulfilling path in T ϕ, then there exists a model σ inducing π, that is, π = π σ and for every ψ Φ ϕ and every j 0, (σ, j) ψ iff ψ A j Proof The proof is by induction on the structure of ψ Φ ϕ. Base case. For all j 0, we require the state s j of σ to agree with A j on the interpretation of propositions in Φ ϕ, that is, s j [p] = true iff p A j. The case of propositions is thus trivial. Inductive case. The case of Boolean connectives is straightforward. Let consider the case of X and F. Let ψ = Xp. We have that (σ, j) Xp iff (definition of X) (σ, j + 1) p iff (inductive hypothesis) p A j+1 iff (definition on the edges of the tableau) Xp A j

From fulfilling paths to models - 2 Proof Let ψ = Fr. We first prove that Fr A j implies (σ, j) Fr. Assume that Fr A j. Since π is fulfilling, it contains infinitely many positions k beyond j such that A k fulfills Fr. Let k j the smallest k j fulfilling Fr. If k = j, then, since Fr in A j, r A j as well. If k > j, then A k 1 does not fulfill Fr, that is, it contains both Fr and r. By R β for Fr, XFr A k 1 and thus Fr A k. The only way A k can fulfill Fr is to have r A k. It follows that there always exists k j such that r A k. By the inductive hypothesis, (σ, k) r, which, by definition of Fr, implies (σ, j) Fr. We prove now that (σ, j) Fr implies Fr A j. Assume that (σ, j) Fr and Fr A j. From Fr A j, it follows that { r, Fr} A k for all k j. By the inductive hypothesis, this implies that (σ, k) r for all k j (which contradicts (σ, j) Fr).

Satisfiability and fulfilling paths Main proposition A formula ϕ is satisfiable iff the tableau T ϕ contains a fulfilling path π = A 0, A 1,... such that ϕ A 0 Proof The direction from right to left follows from the last lemma (from fulfilling paths to models). The direction from left to right follows from the previous lemma (from models to fulfilling paths).

Applications Is ϕ : Gp F p satisfiable? ϕ is satisfiable if T ϕ contains a fulfilling path π = B 0, B 1,... with ϕ B 0

Applications Is ϕ : Gp F p satisfiable? ϕ is satisfiable if T ϕ contains a fulfilling path π = B 0, B 1,... with ϕ B 0 A 7 is the only atom containing ϕ (ϕ-atom) A ω 7 is the only infinite path starting at A 7

Applications Is ϕ : Gp F p satisfiable? ϕ is satisfiable if T ϕ contains a fulfilling path π = B 0, B 1,... with ϕ B 0 A 7 is the only atom containing ϕ (ϕ-atom) A ω 7 is the only infinite path starting at A 7 Since A ω 7 is not fulfilling, ϕ is not satisfiable

Applications Is ϕ : Gp F p satisfiable? ϕ is satisfiable if T ϕ contains a fulfilling path π = B 0, B 1,... with ϕ B 0 A 7 is the only atom containing ϕ (ϕ-atom) A ω 7 is the only infinite path starting at A 7 Since A ω 7 is not fulfilling, ϕ is not satisfiable Is ϕ : Gp F p satisfiable? ϕ is satisfiable if T ϕ (= T ϕ ) contains a fulfilling path π = B 0, B 1,... with ϕ B 0

Applications Is ϕ : Gp F p satisfiable? ϕ is satisfiable if T ϕ contains a fulfilling path π = B 0, B 1,... with ϕ B 0 A 7 is the only atom containing ϕ (ϕ-atom) A ω 7 is the only infinite path starting at A 7 Since A ω 7 is not fulfilling, ϕ is not satisfiable Is ϕ : Gp F p satisfiable? ϕ is satisfiable if T ϕ (= T ϕ ) contains a fulfilling path π = B 0, B 1,... with ϕ B 0 Since A ω 5 is a fulfilling path and A 5 contains ϕ, ϕ is satisfiable (model p : ω )

Strongly connected subgraphs How do we check the existence of fulfilling paths starting at a ϕ-atom?

Strongly connected subgraphs How do we check the existence of fulfilling paths starting at a ϕ-atom? Definition (strongly connected subgraph) A subgraph S T ϕ is a strongly connected subgraph (SCS) if for every pair of distinct atoms A, B S, there exists a path from A to B which only passes through atoms of S

Strongly connected subgraphs How do we check the existence of fulfilling paths starting at a ϕ-atom? Definition (strongly connected subgraph) A subgraph S T ϕ is a strongly connected subgraph (SCS) if for every pair of distinct atoms A, B S, there exists a path from A to B which only passes through atoms of S Definition (fulfilling SCS) A non-transient SCS S is fulfilling if every formula ψ Φ ϕ that promises r is fulfilled by some atom A S (either ψ A or r A or both), where a transient SCS is an SCS consisting of a single node not connected to itself

{ } p, XGp, X F p A 2 : Gp, F p, ϕ { } p, XGp, X F p A 3 : Gp, F p, ϕ { } p, XGp, X F p A 0 : Gp, F p, ϕ { } p, XGp, X F p A 1 : Gp, F p, ϕ { } p, XGp, X F p A 4 : Gp, F p, ϕ { } p, XGp, X F p A 5 : Gp, F p, ϕ { } p, XGp, X F p A 6 : Gp, F p, ϕ { } p, XGp, X F p A 7 : Gp, F p, ϕ

Examples Positive examples The two SCSs {A 2, A 3 } {A 5 } are fulfilling SCSs.

Examples Positive examples The two SCSs {A 2, A 3 } {A 5 } are fulfilling SCSs. Negative examples The two SCSs {A 1 } {A 7 } are not fulfilling.

SCS and satisfiability Definition (ϕ-reachable SCS) An SCS S is ϕ-reachable if there exists a finite path B 0, B 1,..., B k such that ϕ B 0 and B k S

SCS and satisfiability Definition (ϕ-reachable SCS) An SCS S is ϕ-reachable if there exists a finite path B 0, B 1,..., B k such that ϕ B 0 and B k S Proposition The tableau T ϕ contains a fulfilling path starting at a ϕ-atom iff T ϕ contains a ϕ-reachable fulfilling SCS

SCS and satisfiability Definition (ϕ-reachable SCS) An SCS S is ϕ-reachable if there exists a finite path B 0, B 1,..., B k such that ϕ B 0 and B k S Proposition The tableau T ϕ contains a fulfilling path starting at a ϕ-atom iff T ϕ contains a ϕ-reachable fulfilling SCS Corollary A formula ϕ is satisfiable iff T ϕ contains a ϕ-reachable fulfilling SCS

An example Is ϕ : Gp F p satisfiable? The SCS S = {A 2, A 3 } is ( ϕ)-reachable fulfilling SCS because (A 2, A 3 ) ω : A 2, A 3, A 2, A 3,... and ϕ A 2 (as well as ϕ A 3 ) Hence, ϕ is satisfiable ((model ( p : p : ) ω )

One step more: maximal SCS Definition (MSCS) An SCS is maximal (MSCS) if it is not contained in any larger SCS (notice that there exist at most T ϕ MSCSs)

One step more: maximal SCS Definition (MSCS) An SCS is maximal (MSCS) if it is not contained in any larger SCS (notice that there exist at most T ϕ MSCSs) Example {A 2 } and {A 3 } are not MSCS, while {A 2, A 3 } is an MSCS

One step more: maximal SCS Definition (MSCS) An SCS is maximal (MSCS) if it is not contained in any larger SCS (notice that there exist at most T ϕ MSCSs) Example {A 2 } and {A 3 } are not MSCS, while {A 2, A 3 } is an MSCS Proposition A formula ϕ is satisfiable iff the tableau T ϕ contains a ϕ-reachable fulfilling MSCS (as a matter of fact, we can preliminarily remove all atoms which are not reachable from a ϕ-atom)

Example 1 Is ϕ : Gp F p satisfiable? If we remove all atoms which are not reachable from a ϕ-atom, the resulting pruned graph (tableau) only includes A 7 connected to itself The only MSCS is {A 7 }; since it is not fulfilling, it immediately follows that ϕ is not satisfiable

{ } p, XGp, X F p A 2 : Gp, F p, ϕ { } p, XGp, X F p A 3 : Gp, F p, ϕ { } p, XGp, X F p A 0 : Gp, F p, ϕ { } p, XGp, X F p A 1 : Gp, F p, ϕ { } p, XGp, X F p A 4 : Gp, F p, ϕ { } p, XGp, X F p A 5 : Gp, F p, ϕ { } p, XGp, X F p A 6 : Gp, F p, ϕ { } p, XGp, X F p A 7 : Gp, F p, ϕ

{ } p, XGp, X F p A 2 : Gp, F p, ϕ { } p, XGp, X F p A 3 : Gp, F p, ϕ { } p, XGp, X F p A 0 : Gp, F p, ϕ { } p, XGp, X F p A 1 : Gp, F p, ϕ { } p, XGp, X F p A 4 : Gp, F p, ϕ { } p, XGp, X F p A 5 : Gp, F p, ϕ { } p, XGp, X F p A 6 : Gp, F p, ϕ { } p, XGp, X F p A 7 : Gp, F p, ϕ

Example 2 Is ϕ : Gp F p satisfiable? The removal of all atoms which are not reachable from a ( ϕ)-atom has not effect in this case: the pruned graph (tableau) coincides with the original one. The MSCSs are {A 0 }, {A 1 }, {A 2, A 3 }, {A 4 }, {A 5 }, {A 6 }, and {A 7 } MSCSs {A 0 }, {A 4 }, and {A 6 } are transient and MSCSs {A 1 } and {A 7 } are not fulfilling. However, since both {A 2, A 3 } and {A 5 } are fulfilling, it follows that ϕ is satisfiable

Further pruning the tableau Definition (terminal MSCS) An MSCS S is terminal if there are no edges leading from atoms of S to atoms outside S

Further pruning the tableau Definition (terminal MSCS) An MSCS S is terminal if there are no edges leading from atoms of S to atoms outside S Examples {A 7 } and {A 5 } are terminal MSCSs, while {A 6 } and {A 2, A 3 } are not

Further pruning the tableau Definition (terminal MSCS) An MSCS S is terminal if there are no edges leading from atoms of S to atoms outside S Examples {A 7 } and {A 5 } are terminal MSCSs, while {A 6 } and {A 2, A 3 } are not Pruning criteria After constructing T ϕ, remove any MSCS which is not reachable from a ϕ-atom remove any terminal MSCS which is not fulfilling

How can we check the validity of ϕ? To check the validity of a formula ϕ, we can apply the proposed algorithm to ϕ. Possible outcomes: If the algorithm reports success, ϕ is satisfiable and thus ϕ is not valid (the produced model σ is a counterexample to the validity of ϕ) If the algorithm reports failure, ϕ is unsatisfiable and thus ϕ is valid

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information