Agenda coming lectures ... Part I: Linear time temporal logic (LTL) - PowerPoint PPT Presentation

Linear and Branching Temporal Logics 1 Frits Vaandrager Institute for Computing and Information Sciences Radboud University Nijmegen fvaan@cs.ru.nl June 25, 2015 1 Based on slides Julien Schmaltz F. Vaandrager Temporal Logics

Agenda coming lectures ... Part I: Linear time temporal logic (LTL) Part II: Model checking LTL Part III: Branching time temporal logic (CTL) Part IV: Expressiveness of CTL vs LTL Part V: Model checking CTL Part VI: Binary decision diagrams and symbolic model checking Part VII: Partial order reduction F. Vaandrager Temporal Logics

Agenda for today Course intro Linear time temporal logic F. Vaandrager Temporal Logics

Principles Syntax Semantics Part I Linear Time Logic F. Vaandrager Temporal Logics

Principles Syntax Semantics Principles 1 Syntax 2 Syntax Derived operators Semantics 3 Intuitive semantics Semantics over words Semantics over paths and states Laws F. Vaandrager Temporal Logics

Principles Syntax Semantics Principles: next time or until ... Temporal logic = logic about time Abstract notion of (discrete) time = sequence of events Two principal operators next A: at the next ”time” A holds A until B: A holds until B holds Application to software/hardware specification At the next clock cycle, the request signal must be high The request signal must be high until the acknowledge is high Eventually the request signal must become low again The arbiter always grants at most one request The elevator should never travel when the doors are open F. Vaandrager Temporal Logics

Principles Syntax Syntax Derived operators Semantics Syntax modal logic over infinite sequences [Pnueli 1977] Propositional logic Atomic propositions: a ∈ AP Boolean connectives: ¬ a and ϕ ∧ ψ Temporal operators ”Next” noted X ϕ or � ϕ ”Until” noted ϕ U ψ or ϕ ∪ ψ F. Vaandrager Temporal Logics

Principles Syntax Syntax Derived operators Semantics Derived operators ϕ ∨ ψ ≡ ¬ ( ¬ ϕ ∧ ¬ ψ ) ϕ ⇒ ψ ≡ ¬ ϕ ∨ ψ ϕ ⇔ ψ ≡ ( ϕ ⇒ ψ ) ∧ ( ψ ⇒ ϕ ) True (or ⊤ ) ≡ ϕ ∨ ¬ ϕ False (or ⊥ ) ≡ ¬⊤ F ϕ (also noted ♦ ϕ ) ≡ ⊤ U ϕ ”eventually ϕ ” G ϕ (also noted � ϕ ) ≡ ¬ F ¬ ϕ ”globally ϕ ” F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Intuitive semantics a ... a a ... X a a ∧ ¬ b a ∧ ¬ b b ... a U b ¬ a ¬ a a ... F a a a a a ... G a F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Example: traffic lights Whenever the light is red, it cannot become green immediately G ( red ⇒ ¬ X green ) The traffic light eventually becomes green F green Once red, the light eventually becomes green G ( red ⇒ F green ) After being red, the light goes yellow and then eventually becomes green G ( red ⇒ X ( red U ( yellow ∧ X ( yellow U green )))) F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Classification of LTL Properties Reachability negated reachability: F ¬ ψ conditional reachability: ϕ U ψ reachability from any state: not expressible Safety simple safety: G ¬ ψ conditional safety (weak until): ( ϕ U ψ ) ∨ G ϕ Liveness: G ( ϕ ⇒ F ψ ) and others Fairness: GF ψ and others F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Semantics over words A word σ is an infinite sequence of sets of atomic propositions. LTL property φ defines set of words for which the property is true. Words( ϕ ) = { σ ∈ (2 AP ) ω | σ | = ϕ } | = a iff a ∈ A 0 (or A 0 | = a ) σ σ | = ϕ ∧ ψ iff σ | = ϕ and σ | = ψ | = ¬ ϕ iff σ �| = ϕ σ σ | = X ϕ iff σ [1 .. ] = A 1 A 2 A 3 ... | = ϕ | = iff ∃ j ≥ 0 : σ [ j .. ] | = ψ and σ [ i .. ] | = ϕ, 0 ≤ i < j σ ϕ U ψ for σ = A 0 A 1 A 2 ... , σ [ i .. ] = A i A i +1 A i +2 ... is suffix of σ from index i F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws More semantics ... σ | = F ψ iff F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws More semantics ... σ | = F ψ iff ∃ j ≥ 0 : σ [ j .. ] | = ψ F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws More semantics ... σ | = F ψ iff ∃ j ≥ 0 : σ [ j .. ] | = ψ | = iff σ G ψ F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws More semantics ... σ | = F ψ iff ∃ j ≥ 0 : σ [ j .. ] | = ψ | = iff ∀ j ≥ 0 : σ [ j .. ] | = ψ σ G ψ F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws More semantics ... σ | = F ψ iff ∃ j ≥ 0 : σ [ j .. ] | = ψ | = iff ∀ j ≥ 0 : σ [ j .. ] | = ψ σ G ψ σ | = GF ψ iff F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws More semantics ... σ | = F ψ iff ∃ j ≥ 0 : σ [ j .. ] | = ψ | = iff ∀ j ≥ 0 : σ [ j .. ] | = ψ σ G ψ σ | = GF ψ iff ∀ j ≥ 0 , ∃ i ≥ j : σ [ i .. ] | = ψ F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws More semantics ... σ | = F ψ iff ∃ j ≥ 0 : σ [ j .. ] | = ψ | = iff ∀ j ≥ 0 : σ [ j .. ] | = ψ σ G ψ σ | = GF ψ iff ∀ j ≥ 0 , ∃ i ≥ j : σ [ i .. ] | = ψ | = iff σ FG ψ F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws More semantics ... σ | = F ψ iff ∃ j ≥ 0 : σ [ j .. ] | = ψ | = iff ∀ j ≥ 0 : σ [ j .. ] | = ψ σ G ψ σ | = GF ψ iff ∀ j ≥ 0 , ∃ i ≥ j : σ [ i .. ] | = ψ | = iff ∃ j ≥ 0 , ∀ i ≥ j : σ [ i .. ] | = ψ σ FG ψ F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Duality From the semantics, we have ¬ F ¬ ϕ = G ϕ . Proof. σ | = ¬ F ¬ ϕ F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Duality From the semantics, we have ¬ F ¬ ϕ = G ϕ . Proof. σ | = ¬ F ¬ ϕ σ | = ¬∃ j ≥ 0 : σ [ j .. ] | = ¬ ϕ (Def. of F ) F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Duality From the semantics, we have ¬ F ¬ ϕ = G ϕ . Proof. σ | = ¬ F ¬ ϕ σ | = ¬∃ j ≥ 0 : σ [ j .. ] | = ¬ ϕ (Def. of F ) σ | = ∀ j ≥ 0 : σ [ j .. ] | = ϕ (Def. of ¬ ) F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Duality From the semantics, we have ¬ F ¬ ϕ = G ϕ . Proof. σ | = ¬ F ¬ ϕ σ | = ¬∃ j ≥ 0 : σ [ j .. ] | = ¬ ϕ (Def. of F ) σ | = ∀ j ≥ 0 : σ [ j .. ] | = ϕ (Def. of ¬ ) σ | = G ϕ (Def. of G ) F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Semantics over paths, states, and transition systems Let TS = ( S , Σ , T , I , AP , L ) be a transition system and let ϕ be an LTL formula over AP . An infinite path π of TS satisfies ϕ iff the trace of π satisfies ϕ : π | = ϕ iff trace ( π ) | = ϕ A state s ∈ S satisfies ϕ iff all paths from s satisfy ϕ : s | = ϕ iff ∀ π ∈ Paths ( s ) : π | = ϕ A transition system satisfies ϕ iff ϕ holds from all initial states: TS | = ϕ iff Traces ( TS ) ⊆ Words ( ϕ ) iff ∀ s 0 ∈ I : s 0 | = ϕ F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Example { a , b } { a } { a , b } TS | = G a TS | = X ( a ∧ b ) TS | = G ( ¬ b ⇒ G ( a ∧ ¬ b )) TS �| = b U ( a ∧ ¬ b ) F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Semantics of negation For paths, it holds π | = ϕ iff π �| = ¬ ϕ since: Words ( ¬ ϕ ) = (2 AP ) ω \ Words ( ϕ ) But: TS �| = ϕ and TS | = ¬ ϕ are not equivalent in general We have: TS | = ¬ ϕ implies TS �| = ϕ . TS neither satisfies ϕ or ¬ ϕ if there are paths π 1 and π 2 such that π 1 | = ϕ and π 2 | = ¬ ϕ . F. Vaandrager Temporal Logics

Intuitive semantics Principles Semantics over words Syntax Semantics over paths and states Semantics Laws Example A transition system for which TS �| = F a and TS �| = ¬ F a . F. Vaandrager Temporal Logics