the first order logic of hyperproperties
play

The First-Order Logic of Hyperproperties Joint work with Bernd - PowerPoint PPT Presentation

Nov 30, 2023 •133 likes •801 views

The First-Order Logic of Hyperproperties Joint work with Bernd Finkbeiner (Saarland University) Martin Zimmermann Saarland University March, 3rd 2017 RWTH Aachen University, Aachen, Germany Martin Zimmermann Saarland University The

  1. The First-Order Logic of Hyperproperties Joint work with Bernd Finkbeiner (Saarland University) Martin Zimmermann Saarland University March, 3rd 2017 RWTH Aachen University, Aachen, Germany Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 1/19

  2. Hyperproperties I secret O secret S I public O public Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 2/19

  3. Hyperproperties I secret O secret S I public O public The system S is input-deterministic: for all traces t , t ′ of S t = I t ′ t = O t ′ implies Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 2/19

  4. Hyperproperties I secret O secret S I public O public The system S is input-deterministic: for all traces t , t ′ of S t = I t ′ t = O t ′ implies Noninterference: for all traces t , t ′ of S t = I public t ′ t = O public t ′ implies Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 2/19

  5. Hyperproperties Both properties are not trace properties, but hyperproperties, i.e., sets of sets of traces. A system S satisfies a hyperproperty H , if Traces ( S ) ∈ H . Many information flow properties can be expressed as hyperproperties. Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 3/19

  6. Hyperproperties Both properties are not trace properties, but hyperproperties, i.e., sets of sets of traces. A system S satisfies a hyperproperty H , if Traces ( S ) ∈ H . Many information flow properties can be expressed as hyperproperties. Specification languages for hyperproperties [Clarkson et al. ’14] HyperLTL: Extend LTL by trace quantifiers. HyperCTL ∗ : Extend CTL ∗ by trace quantifiers. Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 3/19

  7. HyperLTL HyperLTL = LTL + ψ ::= a | ¬ ψ | ψ ∨ ψ | X ψ | ψ U ψ where a ∈ AP (atomic propositions) Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 4/19

  8. HyperLTL HyperLTL = LTL + trace quantification ϕ ::= ∃ π. ϕ | ∀ π. ϕ | ψ ψ ::= a π | ¬ ψ | ψ ∨ ψ | X ψ | ψ U ψ where a ∈ AP (atomic propositions) and π ∈ V (trace variables). Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 4/19

  9. HyperLTL HyperLTL = LTL + trace quantification ϕ ::= ∃ π. ϕ | ∀ π. ϕ | ψ ψ ::= a π | ¬ ψ | ψ ∨ ψ | X ψ | ψ U ψ where a ∈ AP (atomic propositions) and π ∈ V (trace variables). Shortcuts as usual: G ψ = ¬ F ¬ ψ F ψ = true U ψ Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 4/19

  10. Semantics ϕ = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) T ⊆ (2 AP ) ω is a model of ϕ iff Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 5/19

  11. Semantics ϕ = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) T ⊆ (2 AP ) ω is a model of ϕ iff = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) {} | Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 5/19

  12. Semantics ϕ = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) T ⊆ (2 AP ) ω is a model of ϕ iff = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) {} | = ∀ π ′ . G ( on π ↔ on π ′ ) { π �→ t } | for all t ∈ T Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 5/19

  13. Semantics ϕ = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) T ⊆ (2 AP ) ω is a model of ϕ iff = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) {} | = ∀ π ′ . G ( on π ↔ on π ′ ) { π �→ t } | for all t ∈ T { π �→ t , π ′ �→ t ′ } | for all t ′ ∈ T = G ( on π ↔ on π ′ ) Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 5/19

  14. Semantics ϕ = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) T ⊆ (2 AP ) ω is a model of ϕ iff = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) {} | = ∀ π ′ . G ( on π ↔ on π ′ ) { π �→ t } | for all t ∈ T { π �→ t , π ′ �→ t ′ } | for all t ′ ∈ T = G ( on π ↔ on π ′ ) { π �→ t [ n , ∞ ) , π ′ �→ t ′ [ n , ∞ ) } | = on π ↔ on π ′ for all n ∈ N Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 5/19

  15. Semantics ϕ = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) T ⊆ (2 AP ) ω is a model of ϕ iff = ∀ π. ∀ π ′ . G ( on π ↔ on π ′ ) {} | = ∀ π ′ . G ( on π ↔ on π ′ ) { π �→ t } | for all t ∈ T { π �→ t , π ′ �→ t ′ } | for all t ′ ∈ T = G ( on π ↔ on π ′ ) { π �→ t [ n , ∞ ) , π ′ �→ t ′ [ n , ∞ ) } | = on π ↔ on π ′ for all n ∈ N on ∈ t ( n ) ⇔ on ∈ t ′ ( n ) Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 5/19

  16. LTL vs. HyperLTL LTL has many desirable properties. 1. Every satisfiable LTL formula is satisfied by an ultimately periodic trace, i.e., by a finite and finitely-represented model. 2. LTL and FO[ < ] are expressively equivalent. 3. LTL satisfiability and model-checking are PSpace -complete. Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 6/19

  17. LTL vs. HyperLTL LTL has many desirable properties. 1. Every satisfiable LTL formula is satisfied by an ultimately periodic trace, i.e., by a finite and finitely-represented model. 2. LTL and FO[ < ] are expressively equivalent. 3. LTL satisfiability and model-checking are PSpace -complete. Only partial results for HyperLTL. 3a. HyperLTL satisfiability [F. & Hahn ’16] : alternation-free: PSpace -complete ∃ ∗ ∀ ∗ : ExpSpace -complete ∀ ∗ ∃ ∗ : undecidable 3b. HyperLTL model-checking is decidable [F. et al. ’15] . Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 6/19

  18. The Models of HyperLTL Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 7/19

  19. What about Finite Models? Fix AP = { a } and consider the conjunction ϕ of ∀ π. ( ¬ a π ) U ( a π ∧ X G ¬ a π ) Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 8/19

  20. What about Finite Models? Fix AP = { a } and consider the conjunction ϕ of ∀ π. ( ¬ a π ) U ( a π ∧ X G ¬ a π ) ∃ π. a π Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 8/19

  21. What about Finite Models? Fix AP = { a } and consider the conjunction ϕ of ∀ π. ( ¬ a π ) U ( a π ∧ X G ¬ a π ) ∃ π. a π { a } ∅ ∅ ∅ ∅ ∅ ∅ ∅ · · · Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 8/19

  22. What about Finite Models? Fix AP = { a } and consider the conjunction ϕ of ∀ π. ( ¬ a π ) U ( a π ∧ X G ¬ a π ) ∃ π. a π ∀ π. ∃ π ′ . F ( a π ∧ X a π ′ ) { a } ∅ ∅ ∅ ∅ ∅ ∅ ∅ · · · Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 8/19

  23. What about Finite Models? Fix AP = { a } and consider the conjunction ϕ of ∀ π. ( ¬ a π ) U ( a π ∧ X G ¬ a π ) ∃ π. a π ∀ π. ∃ π ′ . F ( a π ∧ X a π ′ ) { a } ∅ ∅ ∅ ∅ ∅ ∅ ∅ · · · ∅ { a } ∅ ∅ ∅ ∅ ∅ ∅ · · · Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 8/19

  24. What about Finite Models? Fix AP = { a } and consider the conjunction ϕ of ∀ π. ( ¬ a π ) U ( a π ∧ X G ¬ a π ) ∃ π. a π ∀ π. ∃ π ′ . F ( a π ∧ X a π ′ ) { a } ∅ ∅ ∅ ∅ ∅ ∅ ∅ · · · ∅ { a } ∅ ∅ ∅ ∅ ∅ ∅ · · · ∅ ∅ { a } ∅ ∅ ∅ ∅ ∅ · · · . . . . . . . . . . . . . . . . . . . . . . . . The unique model of ϕ is {∅ n { a } ∅ ω | n ∈ N } . Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 8/19

  25. What about Finite Models? Fix AP = { a } and consider the conjunction ϕ of ∀ π. ( ¬ a π ) U ( a π ∧ X G ¬ a π ) ∃ π. a π ∀ π. ∃ π ′ . F ( a π ∧ X a π ′ ) { a } ∅ ∅ ∅ ∅ ∅ ∅ ∅ · · · ∅ { a } ∅ ∅ ∅ ∅ ∅ ∅ · · · ∅ ∅ { a } ∅ ∅ ∅ ∅ ∅ · · · . . . . . . . . . . . . . . . . . . . . . . . . The unique model of ϕ is {∅ n { a } ∅ ω | n ∈ N } . Theorem There is a satisfiable HyperLTL sentence that is not satisfied by any finite set of traces. Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 8/19

  26. What about Countable Models? Theorem Every satisfiable HyperLTL sentence has a countable model. Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 9/19

  27. What about Countable Models? Theorem Every satisfiable HyperLTL sentence has a countable model. Proof W.l.o.g. ϕ = ∀ π 0 . ∃ π ′ 0 . · · · ∀ π k . ∃ π ′ k . ψ with quantifier-free ψ . Fix a Skolem function f j for every existentially quantified π ′ j . Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 9/19

  28. What about Countable Models? Theorem Every satisfiable HyperLTL sentence has a countable model. Proof W.l.o.g. ϕ = ∀ π 0 . ∃ π ′ 0 . · · · ∀ π k . ∃ π ′ k . ψ with quantifier-free ψ . Fix a Skolem function f j for every existentially quantified π ′ j . t Martin Zimmermann Saarland University The First-Order Logic of Hyperproperties 9/19

Recommend

Linear Temporal Logic for Hyperproperties (HyperLTL) Course: Specification and Verification of

Linear Temporal Logic for Hyperproperties (HyperLTL) Course: Specification and Verification of

Linear Temporal Logic for Hyperproperties (HyperLTL) Course: Specification and Verification of Parallel Systems 29 November 2019 Presented by: Elahe Fazeldehkordi 1 Hyperproperties Trace: a sequence of states System: is modeled by

546 views • 13 slides
The First-order Logic of Hyperproperties Joint work with Bernd Finkbeiner (Saarland University)

The First-order Logic of Hyperproperties Joint work with Bernd Finkbeiner (Saarland University)

The First-order Logic of Hyperproperties Joint work with Bernd Finkbeiner (Saarland University) Martin Zimmermann Saarland University September, 13th 2017 Highlights Conference, London, UK Martin Zimmermann Saarland University The

495 views • 27 slides
HyperPCTL: A Temporal Logic for Probabilistic Hyperproperties Erika am 1 Borzoo Bonakdarpour 2

HyperPCTL: A Temporal Logic for Probabilistic Hyperproperties Erika am 1 Borzoo Bonakdarpour 2

Motivation HyperPCTL Syntax and Semantics HyperPCTL in Action HyperPCTL Model Checking Conclusion HyperPCTL: A Temporal Logic for Probabilistic Hyperproperties Erika am 1 Borzoo Bonakdarpour 2 Abrah RWTH Aachen, Germany 1 Iowa State

721 views • 71 slides
Logic as a Tool Chapter 3: Understanding First-order Logic 3.2 Semantics of first-order logic

Logic as a Tool Chapter 3: Understanding First-order Logic 3.2 Semantics of first-order logic

Logic as a Tool Chapter 3: Understanding First-order Logic 3.2 Semantics of first-order logic Valentin Goranko Stockholm University October 2016 Goranko Translation from first-order logic to natural language: examples in the structure of real

994 views • 20 slides
First-order logic Whereas propositional logic assumes world contains facts , first-order logic

First-order logic Whereas propositional logic assumes world contains facts , first-order logic

First-order logic Whereas propositional logic assumes world contains facts , first-order logic (like natural language) assumes the world contains First-order logic Objects: people, houses, numbers, theories, Ronald McDonald, colors, baseball

245 views • 6 slides
Using first order logic (Ch. 8-9) Review: First order logic In first order logic, we have objects

Using first order logic (Ch. 8-9) Review: First order logic In first order logic, we have objects

Using first order logic (Ch. 8-9) Review: First order logic In first order logic, we have objects and relations between objects The relations are basically a list of all valid tuples that satisfy the relation We can also have variables that

382 views • 24 slides
Using first order logic (Ch. 8-9) Review: First order logic In first order logic, we have objects

Using first order logic (Ch. 8-9) Review: First order logic In first order logic, we have objects

Using first order logic (Ch. 8-9) Review: First order logic In first order logic, we have objects and relations between objects The relations are basically a list of all valid tuples that satisfy the relation We can also have variables that

451 views • 26 slides
Logic as a Tool Chapter 3: Understanding First-order Logic 3.1 First-order structures and

Logic as a Tool Chapter 3: Understanding First-order Logic 3.1 First-order structures and

Logic as a Tool Chapter 3: Understanding First-order Logic 3.1 First-order structures and languages. Terms and formulae of first-order logic. Valentin Goranko Stockholm University October 2016 Goranko Propositional logic is too weak

188 views • 14 slides
Logic as a Tool Chapter 3: Understanding First-order Logic 3.1 First-order structures and

Logic as a Tool Chapter 3: Understanding First-order Logic 3.1 First-order structures and

Logic as a Tool Chapter 3: Understanding First-order Logic 3.1 First-order structures and languages. Terms and formulae of first-order logic. Valentin Goranko Stockholm University October 2016 Goranko Propositional logic is too weak Goranko

1.69k views • 109 slides
Why higher-order logic? Higher-Order logic Expressive Mathematics Verification

Why higher-order logic? Higher-Order logic Expressive Mathematics Verification

Extending SMT solvers to higher-order logic Haniel Barbosa Andrew Reynolds Daniel El Ouraoui Clark Barrett Cesare Tinelli SMT 2019 20190707, Lisbon, PT To be published in the proceedings of CADE 2019 Why higher-order logic?

569 views • 25 slides
First-Order Logic over Active Domain We consider First-Order Logic (FOL) exactly as used in

First-Order Logic over Active Domain We consider First-Order Logic (FOL) exactly as used in

First-Order Logic over Active Domain We consider First-Order Logic (FOL) exactly as used in relational database queries. This requires to drop functions except for constants. In particuar we assume to have a countably infinite set of constants

542 views • 5 slides
ARTIFICIAL INTELLIGENCE Russell &amp; Norvig Chapter 8. First-Order Logic First-Order Logic

ARTIFICIAL INTELLIGENCE Russell &amp; Norvig Chapter 8. First-Order Logic First-Order Logic

ARTIFICIAL INTELLIGENCE Russell &amp; Norvig Chapter 8. First-Order Logic First-Order Logic First-Order Predicate Logic / Calculus Much more powerful the propositional (Boolean) logic Greater expressive power than propositional

590 views • 20 slides
First-order logic 6 AI Slides (5e) c Lin Zuoquan@PKU 2003-2019 6 1 6 First-Order Logic

First-order logic 6 AI Slides (5e) c Lin Zuoquan@PKU 2003-2019 6 1 6 First-Order Logic

First-order logic 6 AI Slides (5e) c Lin Zuoquan@PKU 2003-2019 6 1 6 First-Order Logic 6.1 First-order logic Syntax Semantics 6.2 Knowledge representation in FOL 6.3 Agents in first-order case AI Slides (5e) c Lin

814 views • 45 slides
Markov Logic Markov Logic Probability First-Order Logic Propositional Logic Markov Logic

Markov Logic Markov Logic Probability First-Order Logic Propositional Logic Markov Logic

Putting the Pieces Together Markov Logic Markov Logic Probability First-Order Logic Propositional Logic Markov Logic Definition A Markov Logic Network (MLN) is a set of A logical KB is a set of hard constraints pairs (F, w) where on

350 views • 6 slides
Logic-based Program Verification Decidability of Propositional and First-Order Logic. First-Order

Logic-based Program Verification Decidability of Propositional and First-Order Logic. First-Order

Logic-based Program Verification Decidability of Propositional and First-Order Logic. First-Order Theories. Theory of Equality M ad alina Era scu Tudor Jebelean Research Institute for Symbolic Computation, Johannes Kepler University,

1.3k views • 92 slides
Outline First-order logic Syntax and semantics Inference First-order Logic

Outline First-order logic Syntax and semantics Inference First-order Logic

Outline First-order logic Syntax and semantics Inference First-order Logic Propositionalization with ground inference Lifted resolution CS 486/686 Sept 25, 2008 University of Waterloo 1 2 CS486/686 Lecture Slides (c)

81 views • 6 slides
First order logic (FOL) Proposi)onal logic is about simple

First order logic (FOL) Proposi)onal logic is about simple

Introduc)on to Ar)ficial Intelligence Lecture 9 Logical reasoning CS/CNS/EE 154 Andreas Krause TexPoint fonts used in EMF. First order logic

528 views • 22 slides
using First-Order Logic C H A P T E R 8 H A S S A N K H O S R A V I S P R I N G 2 0 1 1

using First-Order Logic C H A P T E R 8 H A S S A N K H O S R A V I S P R I N G 2 0 1 1

Knowledge Representation using First-Order Logic C H A P T E R 8 H A S S A N K H O S R A V I S P R I N G 2 0 1 1 Outline What is First-Order Logic (FOL)? Syntax and semantics Using FOL Wumpus world in FOL Knowledge

739 views • 34 slides
Logic as a Tool Chapter 4: Deductive Reasoning in First-Order Logic 4.5 Resolution for

Logic as a Tool Chapter 4: Deductive Reasoning in First-Order Logic 4.5 Resolution for

Logic as a Tool Chapter 4: Deductive Reasoning in First-Order Logic 4.5 Resolution for First-order Logic Valentin Goranko Stockholm University October 2016 Goranko First-order resolution The Propositional Resolution rule in clausal form

617 views • 26 slides
Logic as a Tool Chapter 3: Understanding First-order Logic 3.3 Basic grammar and use of

Logic as a Tool Chapter 3: Understanding First-order Logic 3.3 Basic grammar and use of

Logic as a Tool Chapter 3: Understanding First-order Logic 3.3 Basic grammar and use of first-order languages Valentin Goranko Stockholm University October 2016 Goranko Translation from natural languages to first-order logic: examples in the

221 views • 19 slides
Part 1: Propositional Logic Literature (also for first-order logic) Sch oning: Logik f ur

Part 1: Propositional Logic Literature (also for first-order logic) Sch oning: Logik f ur

Part 1: Propositional Logic Literature (also for first-order logic) Sch oning: Logik f ur Informatiker, Spektrum Fitting: First-Order Logic and Automated Theorem Proving, Springer 1 Last time 1.1 Syntax Language propositional

540 views • 23 slides
Logics for Data and Knowledge Representation 1. Introduction to First order logic Luciano

Logics for Data and Knowledge Representation 1. Introduction to First order logic Luciano

Why First Order Logic? Syntax and Semantics of FOL Reasoning in FOL Logics for Data and Knowledge Representation 1. Introduction to First order logic Luciano Serafini FBK-irst, Trento, Italy September 24, 2012 1 / 120 Why First Order Logic?

1.25k views • 120 slides
Part 2: First-Order Logic First-order logic formalizes fundamental mathematical concepts

Part 2: First-Order Logic First-order logic formalizes fundamental mathematical concepts

Part 2: First-Order Logic First-order logic formalizes fundamental mathematical concepts is expressive (Turing-complete) is not too expressive (e. g. not axiomatizable: natural numbers, uncountable sets) has a rich structure of

808 views • 23 slides
Introduction to first-order logic: First-order structures and languages. Terms and formulae in

Introduction to first-order logic: First-order structures and languages. Terms and formulae in

Introduction to first-order logic: First-order structures and languages. Terms and formulae in first-order logic. Interpretations, truth, validity, and satisfaction. Valentin Goranko DTU Informatics September 2010 V Goranko Propositional

329 views • 32 slides

More recommend