In this appendix we proof some of the propositions and theorems used throughout the thesis. Proofs of LTL-reductions of chapter 4
|
|
- Sharleen Lambert
- 5 years ago
- Views:
Transcription
1 AppendixA Selected Proofs In this appendix we proof some of the propositions and theorems used throughout the thesis. Proofs of LTL-reductions of chapter 4 In chapter we introduced a linear-time temporal logic for the expression of norms. There we have given semantical definitions of various normatives that are expressable in the logic mentioned. We claimed that these normatives could be reduced to expressions containing only temporal operators already in the formalism, and we will prove some of these reductions here. Reduction of Deadlines In definition 4.5 we defined deadlines as the following: M, s OBLIGED(a, P BEFORE D) def t s : M, t D and ( s u < t : M, u NOTviol(a, P, D)) and (( s v < t : M, v P and M, v ALWAYS NOTviol(a, P, D)) or ( s w < t : M, w P and M, t viol(a, P, D))) We now show that this can be reduced to the LTL formula as presented in proposition 4.6. Assuming that M at state s satisfies OBLIGED(a, P BEFORE D), i.e. the LTL model complies with the semantical definition given above, we will show that these models satisfy the proposition 4.6 as well. The first condition of definition 4.5, t s : M, t D, tells us that D will hold in some world in the future (with s the current world), i.e. M, s SOMETIMED. Although D may hold many times more in the future, we are mainly interested 185
2 186 APPENDIX A in its first occurrence: (NOT D UNTIL D) From the second condition, s u < t : M, u NOT viol(a, P, D), we know that no violations will occur before the deadline occurs (in time moment t), i.e. ((NOT D AND NOTviol(a, P, D)) UNTIL D). The last condition then specifies how the deadline handles the compliance and violation, respectively. This condition defines two different cases: 1. Conditions 1 and 2 hold until the (first) appearance of P (strictly before the appearance of D), after which no violation of the deadline can occur; or 2. Conditions 1 and 2 hold until the deadline holds and a violation occurs. Let us first look at the case defining the violation first. s w < t : M, w P and M, t viol(a, P, D) tells us that, before t has happened (the time-moment of the deadline), P will never occur, and, in that case, t satisfies viol(a, P, D). Combined with our currently derived formula (for conditions 1 and 2) we get: (D AND viol(a, P, D) ] However, if the deadline is adhered to, which is expressed in the first part of the last condition, there is a state v before t (but after s) where P holds, and after that viol(a, P, D) never holds (note that, because v happens strictly before t, v also satisfies NOT D, as expressed in the second condition of definition 4.5). This leads to the following when combined with the formula for conditions 1 and 2 (assuming that the occurrence of P is the first occurrence 1 ): (NOTD AND P AND ALWAYS NOTviol(a, P, D) ] Combining both cases, we get a formula expressing the deadline: ((NOTD AND P AND ALWAYS NOTviol(a, P, D)) OR (D AND viol(a, P, D))) ] Which is exactly the LTL-reduction mentioned in proposition 4.6. The formal reduction, which we explained (informally) above, shows that models expressed by the reduction are also the same as those defined by the semantic definition (thus proving that the reduction is equivalent to the semantic definition): 1 This assumption is warranted because if P would occur more then once before D, the same restrictions hold on the model.
3 SELECTED PROOFS 187 t s : M, t D and ( s u < t : M, u NOTviol(a, P, D)) and (( s v < t : M, v P and M, v ALWAYS NOTviol(a, P, D)) or ( s w < t : M, w P and M, t viol(a, P, D))) M, s SOMETIMED and M, s (NOTD AND NOT viol(a, P, D))UNTILD and ( s v < t : M, v NOT D AND P AND ALWAYS NOT viol(a, P, D)) or ( s w < t : M, w NOTP and M, t viol(a, P, D) M, s SOMETIMED and M, s (NOT D NOTP AND NOTviol(a, P, D))UNTIL(D AND viol(a, P, D)) or (M, s (NOT D AND NOTP NOT viol(a, P, D))UNTIL (NOTD AND P AND ALWAYS NOTviol(a, P, D))) ] ((NOTD AND P AND ALWAYS NOTviol(a, P, D)) OR (D AND viol(a, P, D))) ] Reduction of Temporal Prohibitions We can show that the reduction from the Temporal prohibitions of definition 4.7 to the LTL reduction in proposition 4.9 can be done in a similar manner. In definition 4.7 temporal prohibitions are defined as follows: M, s FORBIDDEN(a, P BEFORE D) def If t s : M, t D then ((( s u < t : M, u P and M, u NEXT viol(a, P, D)) and ( s w < u : M, w P and M, w NOT viol(a, P, D))) or ( s v < t : M, v P and M, v NOT viol(a, P, D) and M, t ALWAYS NOT viol(a, P, D))) and if t s : M, t D then u s : if M, u P then M, u NEXT viol(a, P, D) This temporal prohibition works, in essence, similar to the deadline specified above. We show (formally) that the semantical definition is equivalent to a formula in LTL, as given by proposition 4.9.
4 188 APPENDIX A If t s : M, t D then (( s u < t : M, u P and M, u NEXT viol(a, P, D)) and ( s w < u : M, w P and M, w NOT viol(a, P, D))) or ( s v < t : M, v P and M, v NOT viol(a, P, D) and M, t ALWAYS NOT viol(a, P, D)) ] and if t s : M, t D then u s : if M, u P then M, u NEXT viol(a, P, D) If M, s SOMETIMED then (( s u < t : M, u P AND NEXT viol(a, P, D)) and ( s w < u : M, w NOTP AND NOT viol(a, P, D))) or (M, s (NOT D AND NOTP AND NOT viol(a, P, D))UNTIL (D AND ALWAYS NOTviol(a, P, D))) ] and if M, s ALWAYS NOTD then u s : M, u P IMPLIESNEXT viol(a, P, D) If M, s SOMETIMED then (M, s (NOTAND NOT NOTP AND NOT viol(a, P, D))UNTIL (NOTD AND P AND NEXT viol(a, P, D))) or (M, s (NOT D AND NOTP AND NOT viol(a, P, D))UNTIL (D AND ALWAYS NOTviol(a, P, D))) ] and if M, s ALWAYS NOTD then u s : M, u P IMPLIESNEXT viol(a, P, D) M, s ( SOMETIME D IMPLIES (NOT D AND NOT P AND NOT viol(a, P, D)) UNTIL ((D AND NOT P AND NEXTALWAYS ]) NOT viol(a, P, D)) OR (P AND NEXT viol(a, P, D))) AND ( ]) ALWAYS NOT D IMPLIES ALWAYS P IMPLIES NEXT viol(a, P, D) Which is exactly expressed in proposition 4.9. ProofsofTheoremsusedinChapter6 In sections 6.4 and 6.5 several theorems were used to derive the safety and liveness properties of the protocol. Some of these theorems, like theorem 6.13, theorem 6.17 and 6.18 were derived from Kröger, 1987], and proofs of these theorems can be found there. The other theorems are proven in this section.
5 SELECTED PROOFS 189 Derivation Rule The following theorem was mentioned in section 6.4 to derive the invariance of a violation predicate: Theorem A.1(Derivation Rule) The following rule is valid: M O x (α < δ) M atπ i α M atπ i δ M atπ i viol(x, α, δ) Proof. We show semantically that theorem A.1 holds. First, remember that O(α < δ) stated in means the following (see definition 4.5): M, s O x (α < δ) t s : M, t δ and ( s u < t : M, u V ) and (( s v < t : M, v α and M, v V ) or ( s w < t : M, w α and M, t V )) Now, knowing that M, s O(α < δ), for s being the state where start Π holds (remember, we are only interested in those situations where the norms hold and the protocol is started), we also know that there will be a state t such that δ holds. Moreover, all states from s up to t will satisfy V, and either there exists a state between s and t (s included) where α holds, in which case V will holds as well, or α does not hold in any state between s and t (again, s included), in which case V holds in t. Suppose we have that, for some state i s : M, i atπ i. Now we have to prove that M, i V. Since we know that atπ i δ is true in all states of the computation we know that M, i δ, meaning that the moment that atπ i holds the deadline has not yet occurred, so we can conclude that s i < t. Moreover, since atπ i α holds, i.e. atπ i counts as α, we know that α happens before the deadline. This means that s i < t : M, i α holds, and according to the semantical definition given above we can conclude that M, i V holds as well. Therefore, we can conclude that atπ i V and, in particular, atπ i V hold. Liveness Rule The following theorem was mentioned in section 6.5 to derive the liveness property of a protocol: Theorem A.2(Liveness Rule) The following rule is valid when γ and γ are invari-
6 190 APPENDIX A ants of Π: start Π γ (atπ e ϕ 1 ) start Π γ (atπ e ϕ 2 ) start Π (atπ e (γ ϕ 1 ) ( γ ϕ 2 )) (A.1) (A.2) (A.3) Proof. We will only consider the cases where start Π actually holds, since those are the only cases we are interested in and the rule is trivially true those cases where start Π does not hold. Let us assume we can derive (1) and (2), and let us assume that γ actually holds. In this case start Π γ holds as well and we know, because of (1), that (atπ e ϕ 1 ) holds. Since γ is an invariant of Π, γ holds at all steps of the protocol, and thus at the moment that atπ e holds. Therefore, (atπ e γ ϕ 1 )) holds, and we can thus derive that (atπ e (γ ϕ 1 )). Since γ holds (and is an invariant of Π), we know that all states satisfy γ χ, for arbitrary χ. If we choose χ = ϕ we thus obtain the desired π e (γ ϕ 1 ) ( γ ϕ 2 )). Reasoning similarly for γ and using (2) instead, we again obtain π e (γ ϕ 1 ) ( γ ϕ 2 )). We can therefore conclude that, whenever start Π holds, π e (γ ϕ 1 ) ( γ ϕ 2 )) holds, and thus start Π (at α e (γ ϕ 1 ) ( γ ϕ 2 )).
Meeting the Deadline: Why, When and How
Meeting the Deadline: Why, When and How Frank Dignum, Jan Broersen, Virginia Dignum and John-Jules Meyer Institute of Information and Computing Sciences Utrecht University, email: {dignum/broersen/virginia/jj}@cs.uu.nl
More informationAbstractions and Decision Procedures for Effective Software Model Checking
Abstractions and Decision Procedures for Effective Software Model Checking Prof. Natasha Sharygina The University of Lugano, Carnegie Mellon University Microsoft Summer School, Moscow, July 2011 Lecture
More informationTemporal Logic. M φ. Outline. Why not standard logic? What is temporal logic? LTL CTL* CTL Fairness. Ralf Huuck. Kripke Structure
Outline Temporal Logic Ralf Huuck Why not standard logic? What is temporal logic? LTL CTL* CTL Fairness Model Checking Problem model, program? M φ satisfies, Implements, refines property, specification
More informationIt is a growing concern for companies, administrations,
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING (preprint) 1 Monitoring Data Usage in Distributed Systems David Basin, Matúš Harvan, Felix Klaedtke, and Eugen Zălinescu Abstract IT systems manage increasing
More informationThe Expressiveness of Metric Temporal Logic II:
The Expressiveness of Metric Temporal Logic II: This time it s irrational! Paul Hunter Université Libre de Bruxelles (Joint work with Joël Ouaknine and James Worrell) Université Libre de Bruxelles, March
More informationPHIL 50 - Introduction to Logic
Truth Validity Logical Consequence Equivalence V ψ ψ φ 1, φ 2,, φ k ψ φ ψ PHIL 50 - Introduction to Logic Marcello Di Bello, Stanford University, Spring 2014 Week 2 Friday Class Overview of Key Notions
More informationLecture 16: Computation Tree Logic (CTL)
Lecture 16: Computation Tree Logic (CTL) 1 Programme for the upcoming lectures Introducing CTL Basic Algorithms for CTL CTL and Fairness; computing strongly connected components Basic Decision Diagrams
More informationProgram verification. Hoare triples. Assertional semantics (cont) Example: Semantics of assignment. Assertional semantics of a program
Program verification Assertional semantics of a program Meaning of a program: relation between its inputs and outputs; specified by input assertions (pre-conditions) and output assertions (post-conditions)
More informationAn Introduction to Temporal Logics
An Introduction to Temporal Logics c 2001,2004 M. Lawford Outline Motivation: Dining Philosophers Safety, Liveness, Fairness & Justice Kripke structures, LTS, SELTS, and Paths Linear Temporal Logic Branching
More informationPropositional Calculus - Hilbert system H Moonzoo Kim CS Division of EECS Dept. KAIST
Propositional Calculus - Hilbert system H Moonzoo Kim CS Division of EECS Dept. KAIST moonzoo@cs.kaist.ac.kr http://pswlab.kaist.ac.kr/courses/cs402-07 1 Review Goal of logic To check whether given a formula
More informationFORMAL METHODS LECTURE III: LINEAR TEMPORAL LOGIC
Alessandro Artale (FM First Semester 2007/2008) p. 1/39 FORMAL METHODS LECTURE III: LINEAR TEMPORAL LOGIC Alessandro Artale Faculty of Computer Science Free University of Bolzano artale@inf.unibz.it http://www.inf.unibz.it/
More informationAn Introduction to Hybrid Systems Modeling
CS620, IIT BOMBAY An Introduction to Hybrid Systems Modeling Ashutosh Trivedi Department of Computer Science and Engineering, IIT Bombay CS620: New Trends in IT: Modeling and Verification of Cyber-Physical
More informationLinear Temporal Logic and Büchi Automata
Linear Temporal Logic and Büchi Automata Yih-Kuen Tsay Department of Information Management National Taiwan University FLOLAC 2009 Yih-Kuen Tsay (SVVRL @ IM.NTU) Linear Temporal Logic and Büchi Automata
More informationLecture Notes on Software Model Checking
15-414: Bug Catching: Automated Program Verification Lecture Notes on Software Model Checking Matt Fredrikson André Platzer Carnegie Mellon University Lecture 19 1 Introduction So far we ve focused on
More informationModal and Temporal Logics
Modal and Temporal Logics Colin Stirling School of Informatics University of Edinburgh July 23, 2003 Why modal and temporal logics? 1 Computational System Modal and temporal logics Operational semantics
More informationThe State Explosion Problem
The State Explosion Problem Martin Kot August 16, 2003 1 Introduction One from main approaches to checking correctness of a concurrent system are state space methods. They are suitable for automatic analysis
More information1.2 Functions What is a Function? 1.2. FUNCTIONS 11
1.2. FUNCTIONS 11 1.2 Functions 1.2.1 What is a Function? In this section, we only consider functions of one variable. Loosely speaking, a function is a special relation which exists between two variables.
More informationAlan Bundy. Automated Reasoning LTL Model Checking
Automated Reasoning LTL Model Checking Alan Bundy Lecture 9, page 1 Introduction So far we have looked at theorem proving Powerful, especially where good sets of rewrite rules or decision procedures have
More informationFLAVOR: A FORMAL LANGUAGE FOR A
: A FORMAL LANGUAGE FOR A POSTERIORI VERIFICATION OF LEGAL RULES Romuald THION, Daniel LE MÉTAYER UNIVERSITÉ LYON 1, LIRIS/INRIA GRENOBLE RHÔNE-ALPES IEEE International Symposium on Policies for Distributed
More informationLecture 11 Safety, Liveness, and Regular Expression Logics
Lecture 11 Safety, Liveness, and Regular Expression Logics Safety and Liveness Regular Expressions w-regular Expressions Programs, Computations, and Properties Guarantee, Response, and Persistance Properties.
More informationModel for reactive systems/software
Temporal Logics CS 5219 Abhik Roychoudhury National University of Singapore The big picture Software/ Sys. to be built (Dream) Properties to Satisfy (caution) Today s lecture System Model (Rough Idea)
More informationSolution of the 7 th Homework
Solution of the 7 th Homework Sangchul Lee December 3, 2014 1 Preliminary In this section we deal with some facts that are relevant to our problems but can be coped with only previous materials. 1.1 Maximum
More informationLecture Overview. 2 Weak Induction
COMPSCI 30: Discrete Mathematics for Computer Science February 18, 019 Lecturer: Debmalya Panigrahi Lecture 11 Scribe: Kevin Sun 1 Overview In this lecture, we study mathematical induction, which we often
More informationDescription Logics. Foundations of Propositional Logic. franconi. Enrico Franconi
(1/27) Description Logics Foundations of Propositional Logic Enrico Franconi franconi@cs.man.ac.uk http://www.cs.man.ac.uk/ franconi Department of Computer Science, University of Manchester (2/27) Knowledge
More informationComputer-Aided Program Design
Computer-Aided Program Design Spring 2015, Rice University Unit 3 Swarat Chaudhuri February 5, 2015 Temporal logic Propositional logic is a good language for describing properties of program states. However,
More informationLecture Notes on Proofs & Arithmetic
15-424: Foundations of Cyber-Physical Systems Lecture Notes on Proofs & Arithmetic André Platzer Carnegie Mellon University Lecture 9 1 Introduction Lecture 8 on Events & Delays discussed and developed
More informationComputation Tree Logic (CTL) & Basic Model Checking Algorithms
Computation Tree Logic (CTL) & Basic Model Checking Algorithms Martin Fränzle Carl von Ossietzky Universität Dpt. of Computing Science Res. Grp. Hybride Systeme Oldenburg, Germany 02917: CTL & Model Checking
More informationSupplementary Logic Notes CSE 321 Winter 2009
1 Propositional Logic Supplementary Logic Notes CSE 321 Winter 2009 1.1 More efficient truth table methods The method of using truth tables to prove facts about propositional formulas can be a very tedious
More informationOverview. overview / 357
Overview overview6.1 Introduction Modelling parallel systems Linear Time Properties Regular Properties Linear Temporal Logic (LTL) Computation Tree Logic syntax and semantics of CTL expressiveness of CTL
More informationRelational Interfaces and Refinement Calculus for Compositional System Reasoning
Relational Interfaces and Refinement Calculus for Compositional System Reasoning Viorel Preoteasa Joint work with Stavros Tripakis and Iulia Dragomir 1 Overview Motivation General refinement Relational
More informationFailure Diagnosis of Discrete Event Systems With Linear-Time Temporal Logic Specifications
Failure Diagnosis of Discrete Event Systems With Linear-Time Temporal Logic Specifications Shengbing Jiang and Ratnesh Kumar Abstract The paper studies failure diagnosis of discrete event systems with
More informationFormal Verification of Mobile Network Protocols
Dipartimento di Informatica, Università di Pisa, Italy milazzo@di.unipi.it Pisa April 26, 2005 Introduction Modelling Systems Specifications Examples Algorithms Introduction Design validation ensuring
More informationIntroduction to Formal Verification Methods Exercise 4
Introduction to Formal Verification Methods Exercise 4 Guy Katz, 301062063 May 30, 2013 Question 1 We argue that there exists a weakly fair non-progress cycle in the given model. ssuming weak fairness,
More informationPractical Run-Time Norm Enforcement with Bounded Lookahead
Practical Run-Time Norm Enforcement with Bounded Lookahead Natasha Alechina University of Nottingham Nottingham, UK nza@cs.nott.ac.uk Nils Bulling Delft University of Technology Delft, The Netherlands
More informationCS558 Programming Languages
CS558 Programming Languages Winter 2017 Lecture 2b Andrew Tolmach Portland State University 1994-2017 Semantics Informal vs. Formal Informal semantics Descriptions in English (or other natural language)
More informationDeductive Characterization of Logic
6 The Deductive Characterization of Logic 1. Derivations...2 2. Deductive Systems...3 3. Axioms in Deductive Systems...4 4. Axiomatic Systems...5 5. Validity and Entailment in the Deductive Context...6
More informationMathematical Induction
Chapter 6 Mathematical Induction 6.1 The Process of Mathematical Induction 6.1.1 Motivating Mathematical Induction Consider the sum of the first several odd integers. produce the following: 1 = 1 1 + 3
More informationComputation Tree Logic
Computation Tree Logic Computation tree logic (CTL) is a branching-time logic that includes the propositional connectives as well as temporal connectives AX, EX, AU, EU, AG, EG, AF, and EF. The syntax
More informationProtocols for Highly-Regulated Systems
Chapter5 Protocols for Highly-Regulated Systems In previous chapters we introduced the means to design and implement normative institutions given their specification in terms of norms. We have shown how
More informationTemporal Logic - Soundness and Completeness of L
Temporal Logic - Soundness and Completeness of L CS402, Spring 2018 Soundness Theorem 1 (14.12) Let A be an LTL formula. If L A, then A. Proof. We need to prove the axioms and two inference rules to be
More informationResolution for Predicate Logic
Logic and Proof Hilary 2016 James Worrell Resolution for Predicate Logic A serious drawback of the ground resolution procedure is that it requires looking ahead to predict which ground instances of clauses
More informationA Unified Framework for Representing Logic Program Updates
A Unified Framework for Representing Logic Program Updates Yan Zhang School of Computing & Information Technology University of Western Sydney NSW 1797 Australia E-mail: yan@cit.uws.edu.au Norman Foo School
More informationHoare Logic: Part II
Hoare Logic: Part II COMP2600 Formal Methods for Software Engineering Jinbo Huang Australian National University COMP 2600 Hoare Logic II 1 Factorial {n 0} fact := 1; i := n; while (i >0) do fact := fact
More informationFormal Methods for Java
Formal Methods for Java Lecture 20: Sequent Calculus Jochen Hoenicke Software Engineering Albert-Ludwigs-University Freiburg January 15, 2013 Jochen Hoenicke (Software Engineering) Formal Methods for Java
More informationAN INTRODUCTION TO SEPARATION LOGIC. 2. Assertions
AN INTRODUCTION TO SEPARATION LOGIC 2. Assertions John C. Reynolds Carnegie Mellon University January 7, 2011 c 2011 John C. Reynolds Pure Assertions An assertion p is pure iff, for all stores s and all
More informationIntroduction to Temporal Logic. The purpose of temporal logics is to specify properties of dynamic systems. These can be either
Introduction to Temporal Logic The purpose of temporal logics is to specify properties of dynamic systems. These can be either Desired properites. Often liveness properties like In every infinite run action
More informationLinear Temporal Logic (LTL)
Chapter 9 Linear Temporal Logic (LTL) This chapter introduces the Linear Temporal Logic (LTL) to reason about state properties of Labelled Transition Systems defined in the previous chapter. We will first
More informationThe Curry Howard Correspondence between Temporal Logic and Functional Reactive Programming
The Curry Howard Correspondence between Temporal Logic and Functional Reactive Programming Wolfgang Jeltsch Brandenburgische Technische Universität Cottbus Cottbus, Germany Teooriapäevad Nelijärvel Nelijärve,
More informationProperty Checking of Safety- Critical Systems Mathematical Foundations and Concrete Algorithms
Property Checking of Safety- Critical Systems Mathematical Foundations and Concrete Algorithms Wen-ling Huang and Jan Peleska University of Bremen {huang,jp}@cs.uni-bremen.de MBT-Paradigm Model Is a partial
More informationHoare Calculus and Predicate Transformers
Hoare Calculus and Predicate Transformers Wolfgang Schreiner Wolfgang.Schreiner@risc.uni-linz.ac.at Research Institute for Symbolic Computation (RISC) Johannes Kepler University, Linz, Austria http://www.risc.uni-linz.ac.at
More informationSolution of the 8 th Homework
Solution of the 8 th Homework Sangchul Lee December 8, 2014 1 Preinary 1.1 A simple remark on continuity The following is a very simple and trivial observation. But still this saves a lot of words in actual
More informationOn Safety Properties and Their Monitoring
Scientific Annals of Computer Science vol.??, 201?, pp. 1 39 On Safety Properties and Their Monitoring Grigore Roşu 1 Abstract This paper addresses the problem of runtime verification from a foundational
More informationNOTE ON A THEOREM OF PUTNAM S
NOTE ON A THEOREM OF PUTNAM S MICHAEL BARR DEPARTMENT OF MATHEMATICS AND STATISTICS MCGILL UNIVERSITY MONTREAL, QUEBEC, CANADA 1. Introduction In an appendix to his 1981 book, Putnam made the following
More informationAssignment 3 Logic and Reasoning KEY
Assignment 3 Logic and Reasoning KEY Print this sheet and fill in your answers. Please staple the sheets together. Turn in at the beginning of class on Friday, September 8. Recall this about logic: Suppose
More informationPropositional Logic: Part II - Syntax & Proofs 0-0
Propositional Logic: Part II - Syntax & Proofs 0-0 Outline Syntax of Propositional Formulas Motivating Proofs Syntactic Entailment and Proofs Proof Rules for Natural Deduction Axioms, theories and theorems
More informationAutomata-Theoretic Model Checking of Reactive Systems
Automata-Theoretic Model Checking of Reactive Systems Radu Iosif Verimag/CNRS (Grenoble, France) Thanks to Tom Henzinger (IST, Austria), Barbara Jobstmann (CNRS, Grenoble) and Doron Peled (Bar-Ilan University,
More informationUsing Patterns and Composite Propositions to Automate the Generation of Complex LTL Specifications
Using Patterns and Composite Propositions to Automate the Generation of Complex LTL Specifications Salamah Salamah, Ann Q. Gates, Vladik Kreinovich, and Steve Roach Dept. of Computer Science, University
More informationCOP4020 Programming Languages. Introduction to Axiomatic Semantics Prof. Robert van Engelen
COP4020 Programming Languages Introduction to Axiomatic Semantics Prof. Robert van Engelen Assertions and Preconditions Assertions are used by programmers to verify run-time execution An assertion is a
More informationLogicality of Operators
Logicality of Operators Tomoya Sato Abstract Characterizing logical operators has been crucially important in the philosophy of logic. One reason for this importance is that the boundary between logically
More informationBilateral Proofs of Safety and Progress Properties of Concurrent Programs (Working Draft)
Bilateral Proofs of Safety and Progress Properties of Concurrent Programs (Working Draft) Jayadev Misra December 18, 2015 Contents 1 Introduction 3 2 Program and Execution Model 4 2.1 Program Structure..........................
More informationTopics in Verification AZADEH FARZAN FALL 2017
Topics in Verification AZADEH FARZAN FALL 2017 Last time LTL Syntax ϕ ::= true a ϕ 1 ϕ 2 ϕ ϕ ϕ 1 U ϕ 2 a AP. ϕ def = trueu ϕ ϕ def = ϕ g intuitive meaning of and is obt Limitations of LTL pay pay τ τ soda
More informationTo do something else
To do something else Ju Fengkui School of Philosophy, Beijing Normal University May 21, 2016 Joint work with Jan van Eijck from Centrum Wiskunde & Informatica Outline 1 Background 2 Our ideas 3 A deontic
More informationT Reactive Systems: Temporal Logic LTL
Tik-79.186 Reactive Systems 1 T-79.186 Reactive Systems: Temporal Logic LTL Spring 2005, Lecture 4 January 31, 2005 Tik-79.186 Reactive Systems 2 Temporal Logics Temporal logics are currently the most
More informationChapter 4: Classical Propositional Semantics
Chapter 4: Classical Propositional Semantics Language : L {,,, }. Classical Semantics assumptions: TWO VALUES: there are only two logical values: truth (T) and false (F), and EXTENSIONALITY: the logical
More informationExpressing Security Properties Using Selective Interleaving Functions
Expressing Security Properties Using Selective Interleaving Functions Joseph Halpern and Sabina Petride August 8, 2008 Abstract McLean s notion of Selective Interleaving Functions (SIFs) is perhaps the
More informationAxiomatic Semantics. Hoare s Correctness Triplets Dijkstra s Predicate Transformers
Axiomatic Semantics Hoare s Correctness Triplets Dijkstra s Predicate Transformers Goal of a program = IO Relation Problem Specification Properties satisfied by the input and expected of the output (usually
More informationPROOF WITHOUT WORDS MATH CIRCLE (BEGINNERS) 05/06/2012
PROOF WITHOUT WORDS MATH CIRCLE (BEGINNERS) 05/06/2012 If you ve been with us for a little while, you ve already seen some examples of proofs without words. Remember a proof is just an airtight argument
More informationEstimation of An Event Occurrence for LOPA Studies. Randy Freeman S&PP Consulting Houston, TX
Estimation of An Event Occurrence for LOPA Studies Randy Freeman S&PP Consulting Houston, TX 77041 713 408 0357 rafree@yahoo.com 1 Problem Your LOPA team members tell you that the initiating event of concern
More informationLTL is Closed Under Topological Closure
LTL is Closed Under Topological Closure Grgur Petric Maretić, Mohammad Torabi Dashti, David Basin Department of Computer Science, ETH Universitätstrasse 6 Zürich, Switzerland Abstract We constructively
More informationContamination in Formal Argumentation Systems
Contamination in Formal Argumentation Systems Martin Caminada a a Utrecht University, P.O.Box 80089, 3508TB Utrecht Abstract Over the last decennia, many systems for formal argumentation have been defined.
More informationLogic: Propositional Logic (Part I)
Logic: Propositional Logic (Part I) Alessandro Artale Free University of Bozen-Bolzano Faculty of Computer Science http://www.inf.unibz.it/ artale Descrete Mathematics and Logic BSc course Thanks to Prof.
More informationProving Programs Correct
Proving Programs Correct Page 1 of 9 Proving Programs Correct How can we be sure that a piece of code does what we want it to do? One way is to try testing the code on a large group of data. Another is
More informationCIS 842: Specification and Verification of Reactive Systems. Lecture Specifications: Specification Patterns
CIS 842: Specification and Verification of Reactive Systems Lecture Specifications: Specification Patterns Copyright 2001-2002, Matt Dwyer, John Hatcliff, Robby. The syllabus and all lectures for this
More informationSystems of modal logic
499 Modal and Temporal Logic Systems of modal logic Marek Sergot Department of Computing Imperial College, London utumn 2008 Further reading: B.F. Chellas, Modal logic: an introduction. Cambridge University
More informationFinite-State Model Checking
EECS 219C: Computer-Aided Verification Intro. to Model Checking: Models and Properties Sanjit A. Seshia EECS, UC Berkeley Finite-State Model Checking G(p X q) Temporal logic q p FSM Model Checker Yes,
More informationTemporal Logic Model Checking
18 Feb, 2009 Thomas Wahl, Oxford University Temporal Logic Model Checking 1 Temporal Logic Model Checking Thomas Wahl Computing Laboratory, Oxford University 18 Feb, 2009 Thomas Wahl, Oxford University
More informationMeasurement Independence, Parameter Independence and Non-locality
Measurement Independence, Parameter Independence and Non-locality Iñaki San Pedro Department of Logic and Philosophy of Science University of the Basque Country, UPV/EHU inaki.sanpedro@ehu.es Abstract
More informationFORMALIZATION AND VERIFICATION OF PROPERTY SPECIFICATION PATTERNS. Dmitriy Bryndin
FORMALIZATION AND VERIFICATION OF PROPERTY SPECIFICATION PATTERNS by Dmitriy Bryndin A THESIS Submitted to Michigan State University in partial fulllment of the requirements for the degree of MASTER OF
More informationCharacterization of Semantics for Argument Systems
Characterization of Semantics for Argument Systems Philippe Besnard and Sylvie Doutre IRIT Université Paul Sabatier 118, route de Narbonne 31062 Toulouse Cedex 4 France besnard, doutre}@irit.fr Abstract
More informationIntroduction to Model Checking. Debdeep Mukhopadhyay IIT Madras
Introduction to Model Checking Debdeep Mukhopadhyay IIT Madras How good can you fight bugs? Comprising of three parts Formal Verification techniques consist of three parts: 1. A framework for modeling
More informationPropositional logic (revision) & semantic entailment. p. 1/34
Propositional logic (revision) & semantic entailment p. 1/34 Reading The background reading for propositional logic is Chapter 1 of Huth/Ryan. (This will cover approximately the first three lectures.)
More informationWarm-Up Problem. Let be a Predicate logic formula and a term. Using the fact that. (which can be proven by structural induction) show that 1/26
Warm-Up Problem Let be a Predicate logic formula and a term Using the fact that I I I (which can be proven by structural induction) show that 1/26 Predicate Logic: Natural Deduction Carmen Bruni Lecture
More informationUsing Patterns and Composite Propositions to Automate the Generation of LTL Specifications
Using Patterns and Composite Propositions to Automate the Generation of LTL Specifications Salamah Salamah, Ann Q. Gates, Vladik Kreinovich, and Steve Roach Dept. of Computer Science, University of Texas
More informationTimo Latvala. February 4, 2004
Reactive Systems: Temporal Logic LT L Timo Latvala February 4, 2004 Reactive Systems: Temporal Logic LT L 8-1 Temporal Logics Temporal logics are currently the most widely used specification formalism
More informationInfinite Truth-Functional Logic
28 Notre Dame Journal of Formal Logic Volume 29, Number 1, Winter 1988 Infinite Truth-Functional Logic THEODORE HAILPERIN What we cannot speak about [in K o or fewer propositions] we must pass over in
More informationMathematics 114L Spring 2018 D.A. Martin. Mathematical Logic
Mathematics 114L Spring 2018 D.A. Martin Mathematical Logic 1 First-Order Languages. Symbols. All first-order languages we consider will have the following symbols: (i) variables v 1, v 2, v 3,... ; (ii)
More informationIntroduction to Embedded Systems
Introduction to Embedded Systems Sanjit A. Seshia UC Berkeley EECS 149/249A Fall 2015 2008-2015: E. A. Lee, A. L. Sangiovanni-Vincentelli, S. A. Seshia. All rights reserved. Chapter 13: Specification and
More informationNotes on Complexity Theory Last updated: November, Lecture 10
Notes on Complexity Theory Last updated: November, 2015 Lecture 10 Notes by Jonathan Katz, lightly edited by Dov Gordon. 1 Randomized Time Complexity 1.1 How Large is BPP? We know that P ZPP = RP corp
More informationDefinitions and Proofs
Giving Advice vs. Making Decisions: Transparency, Information, and Delegation Online Appendix A Definitions and Proofs A. The Informational Environment The set of states of nature is denoted by = [, ],
More informationPropositional Calculus - Hilbert system H Moonzoo Kim CS Dept. KAIST
Propositional Calculus - Hilbert system H Moonzoo Kim CS Dept. KAIST moonzoo@cs.kaist.ac.kr CS402 1 Review Goal of logic To check whether given a formula Á is valid To prove a given formula Á ` Á Syntactic
More informationc i r i i=1 r 1 = [1, 2] r 2 = [0, 1] r 3 = [3, 4].
Lecture Notes: Rank of a Matrix Yufei Tao Department of Computer Science and Engineering Chinese University of Hong Kong taoyf@cse.cuhk.edu.hk 1 Linear Independence Definition 1. Let r 1, r 2,..., r m
More informationLogic. Definition [1] A logic is a formal language that comes with rules for deducing the truth of one proposition from the truth of another.
Math 0413 Appendix A.0 Logic Definition [1] A logic is a formal language that comes with rules for deducing the truth of one proposition from the truth of another. This type of logic is called propositional.
More informationState-Space Exploration. Stavros Tripakis University of California, Berkeley
EE 144/244: Fundamental Algorithms for System Modeling, Analysis, and Optimization Fall 2014 State-Space Exploration Stavros Tripakis University of California, Berkeley Stavros Tripakis (UC Berkeley) EE
More informationRuntime Verification. Grigore Roşu. University of Illinois at Urbana-Champaign
Runtime Verification Grigore Roşu University of Illinois at Urbana-Champaign 2 Contents 1 Introduction 7 2 Background, Preliminaries, Notations 13 3 Safety Properties 17 3.1 Finite Traces...........................
More informationA New Semantic Characterization of. Second-Order Logical Validity
A New Semantic Characterization of Second-Order Logical Validity Tomoya Sato Abstract A problem with second-order logic with standard semantics is that it validates arguments that can be described as set-theoretically
More informationModel Checking: An Introduction
Model Checking: An Introduction Meeting 3, CSCI 5535, Spring 2013 Announcements Homework 0 ( Preliminaries ) out, due Friday Saturday This Week Dive into research motivating CSCI 5535 Next Week Begin foundations
More informationLogic, Sets, and Proofs
Logic, Sets, and Proofs David A. Cox and Catherine C. McGeoch Amherst College 1 Logic Logical Operators. A logical statement is a mathematical statement that can be assigned a value either true or false.
More informationTemporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct.
EE 244: Fundamental Algorithms for System Modeling, Analysis, and Optimization Fall 2016 Temporal logic Stavros Tripakis University of California, Berkeley Stavros Tripakis (UC Berkeley) EE 244, Fall 2016
More informationLTL and CTL. Lecture Notes by Dhananjay Raju
LTL and CTL Lecture Notes by Dhananjay Raju draju@cs.utexas.edu 1 Linear Temporal Logic: LTL Temporal logics are a convenient way to formalise and verify properties of reactive systems. LTL is an infinite
More informationProseminar on Semantic Theory Fall 2013 Ling 720 Proving the Soundness and Completeness of Propositional Logic: Some Highlights 1
Proving the Soundness and Completeness of Propositional Logic: Some Highlights 1 (1) A Summary of What We ve Done So Far for PL a. We ve given a purely syntactic characterization of valid inference in
More information