CS256/Spring 2008 Lecture #11 Zohar Manna. Beyond Temporal Logics

Transcription

1 CS256/Spring 2008 Lecture #11 Zohar Manna Beyond Temporal Logics Temporal logic expresses properties of infinite sequences of states, but there are interesting properties that cannot be expressed, e.g., p is true only (at most) at even positions. Questions (foundational/practical): What other languages can we use to express properties of sequences ( properties of programs)? How do their expressive powers compare? How do their computational complexities (for the decision problems) compare? ω-languages Σ: nonempty finite set (alphabet) of characters Σ : set of all finite strings of characters in Σ finite word w Σ Σ ω : set of all infinite strings of characters in Σ ω-word w Σ ω (finitary) language: L Σ ω-language: L Σ ω States Propositional LTL (PLTL) formulas are constructed from the following: propositions p 1, p 2,..., p n. boolean/temporal operators. a state s {f, t} n i.e., every state s is a truth-value assignment to all n propositional variables. If n = 3, then s : p 1 : t, p 2 : f, p 3 : t corresponds to state tf t. p 1 p 2 denotes the set of states {fff, fft, t t f, t t t} alphabet Σ = {f, t} n i.e, 2 n strings, one string for every state Note: t, f = formulas (syntax) t, f = truth values (semantics) 11-4

2 Models of PLTL ω-languages Other Languages to Talk about Infinite Sequences A model of PLTL for the language with n propositions σ : s 0, s 1, s 2,... can be viewed as an infinite string s 0 s 1 s 2..., i.e., ω-regular expressions ω-automata σ ({f, t} n ) ω A PLTL formula ϕ denotes an ω-language L = {σ σ Õ ϕ} ({f, t} n ) ω If n = 3, then ϕ : ¼ (p 1 p 2 ) denotes the ω-language L(ϕ) = {fff, fft, t t f, t t t} ω Regular Expressions ω-regular expressions Syntax: r ::= ε a r 1 r 2 r 1 + r 2 r (ε = empty word, a Σ) Semantics: A regular expression r (on alphabet Σ) denotes a finitary language L(r) Σ : L( ) = L(ε) = {ε} L(a) = {a} L(r 1 r 2 ) = L(r 1 ) L(r 2 ) = {xy x L(r 1 ), y L(r 2 )} L(r 1 + r 2 ) = L(r 1 ) L(r 2 ) L(r ) = L(r) = {x 1 x 2 x n n 0, x 1, x 2,..., x n L(r)} 11-7 Syntax: ωr ::= r 1 (s 1 ) ω + r 2 (s 2 ) ω + + r n (s n ) ω Semantics: n 1, r i, s i = regular expressions L(rs ω ) = {xy 1 y 2 x L(r), y 1, y 2,... L(s) \ {ε}} rs ω denotes all infinite strings with an initial prefix in L(r), followed by a concatenation of infinitely many nonempty words in L(s). 11-8

3 ω-regular expressions (cont.) PLTL (future) ω-r.e. s Take A = {a, b}. What languages do the following ω-r.e. s denote? aa b ω ω-word starting with two a s, followed by b s a b ω all ω-words starting with a finite string of a s, followed by b s (a + b) b ω all ω-words with only finitely many a s ((a + b) b) ω all ω-words containing infinitely many b s p is an abbreviation for tt + tf q is an abbreviation for tt + ft t is an abbreviation for tt + tf + ft + ff ¼ p: p ω ½ q: t q t ω puq: p q t ω p ¼ q: ( p) q ω + ( p) ω ¼ ½ p: (t p) ω ½ ¼ q: t q ω Expressive Power Finite-State Automata Every PLTL formula has an equivalent ω-r.e. PLTL is strictly weaker than ω-r.e. s: n 1 : a, b n 2 : c p is true only (at most) at even positions. not expressible in PLTL (Pierre Wolper, 1983) Finite alphabet Σ. ω-r.e.: (t( p)) ω ω-r.e. s are equivalent to ω-automata. Automaton A: N, N 0, E, µ, F, where N: nodes N 0 N: initial nodes E N N: edges µ : N 2 Σ : node labeling function F N: final nodes Note: We label the nodes and not the edges

4 Finite-State Automata (Cont d) Main question: Given a string σ: s 0... s k over Σ, is σ accepted by A? path A sequence of nodes is a path of A if n 0 N 0 π: n 0,..., n k for every i: 0... k 1, n i, n i+1 E. trail A path Finite-State Automata (Cont d) of A is a trail of a string π: n 0,..., n k σ: s 0,..., s k in A if for every i: 0... k, accepted A string s i µ(n i ). σ: s 0... s k is accepted by A if it has a trail in A such that π: n 0,..., n k n k F Finite-State Automata (Cont d) L(A) The set of all strings ( languages ) accepted by A. deterministic An automaton A is called deterministic if every string has exactly one (not necessarily accepting) trail in A. Finite-State Automata: Decision Problems Emptiness: Is any string accepted? L(A)? = Ø Universality: Are all strings accepted? L(A)? = Σ total An automaton A is called total if every string has at least one (not necessarily accepting) trail in A. Inclusion: Are all strings accepted by A 1 accepted by A 2? L(A 1 )? L(A 2 )

5 Finite-State Automata: Operations Complementation: A L(A) = Σ L(A) Product: A 1 A 2 L(A 1 A 2 ) = L(A 1 ) L(A 2 ) Union: A 1 + A 2 L(A 1 + A 2 ) = L(A 1 ) L(A 2 ) Using complementation and product construction, we only need a decision procedure for emptiness to decide universality and inclusion: Finite-State Automata: Determinization For every nondeterministic automaton A N, there exists a deterministic automaton A D such that L(A N ) = L(A D ). (May cause exponential blowup in size.) Universality: L(A) = Σ L(A) = Ø Inclusion: L(A 1 ) L(A 2 ) L(A 1 A 2 ) = Ø ω-automata Finite-state automata over infinite strings. ω-automata (Motivation) Main question: Given an infinite sequence of states is σ accepted by A? σ : s 0, s 1, s 2,... n 1 : p 1 n 2 : p 1 p 2 Additional references: Section 5 of Wolfgang Thomas: Languages, Automata, and Logic. In G. Rozenberg and A. Salomaa (eds.), Handbook of Formal Languages, V. III. (Tech Report version available on the web), pp , Part I of Wolfgang Thomas: Automata on Infinite Objects. In Jan van Leeuwen (ed.), Handbook of Theoretical Computer Science, vol. B, Elsevier, 1990, pp Moshe Vardi and Pierre Wolper, An Automata Theoretic Approach to Program Verification, Symposium on Logic in Computer Science, 1986, pp n 1 represents all states in which p 1 is true; i.e. tf and t t. µ(n 1 ) = {tf, t t} n 2 represents all states in which p 1 is false and p 2 is true. µ(n 2 ) = {ft} 11-20

6 ω-automata: Trails ω-automata (Definition) Set of propositions: p 1,..., p n. Alphabet Σ = {t, f} n. Automaton A: N, N 0, E, µ, F, where N: finite set of nodes N 0 N: initial nodes E N N: edges µ : N 2 Σ : node labeling function (assertions) F : acceptance condition Note: Most of the literature on ω-automata uses edge labeling, similarly to automata on finite strings. However, we use node labeling to ease the transition to diagrams. The two approaches are equally expressive and can easily be translated into each other Definition: A path π : n 0, n 1,... of A is a trail of an infinite sequence of states if for every i 0, n 1 : p 1 σ : s 0, s 1,... s i Õ µ(n i ) (or s i µ(n i )). The sequence of states n 2 : p 1 p 2 p 1 t p 2 t σ :, tf, ft, t t, tf, ft,... has trail π : n 1, n 1, n 2, n 1, n 1, n 2,... Note: no trail for σ :..., ff,.... In general, A is nondeterministic i.e., trail π is not necessarily unique for σ. A is deterministic if for every σ, there is exactly one trail π of σ inf(π): Inf(π) infinite sequence of states σ : s 0, s 1, s 2,... infinite trail π : n 0, n 1, n 2,... The set of nodes appearing infinitely often in π. Observe: inf(π) is nonempty since the set of nodes of the automaton is finite. The nodes in inf(π) form a Strongly Connected Subgraph (SCS) in A. SCS S: Every node in S is reachable from every other node in S. MSCS S: a maximal SCS; i.e., S is not contained in any larger SCS. Definition: An infinite sequence of states σ is accepted by A if it has a trail π such that inf(π) is accepted by the acceptance condition ω-automata: Acceptance Conditions A: Name Büchi Muller Type of acceptance condition F N a set of nodes F 2 N a set of subsets of nodes Condition for acceptance inf(π) F Ø inf(π) F To accept L(¼ ½ p) with A F = {n 2 } F = {{n 1, n 2 }, {n 2 }} To accept L(½ ¼ p) with A no deterministic Büchi automaton accepts this language F = {{n 2 }} 11-24

7 ω-automata: Acceptance Conditions (Cont d) A: Name Streett Rabin Type of acceptance condition Condition for acceptance F 2 N 2 N a set of pairs {(P 1, R 1 ),..., (P n, R n )} where each P i, R i is a set of nodes for every i : [1..n] inf(π) P i or inf(π) R i Ø To accept L(¼ ½ p) with A F = {(Ø, {n 2 })} for some i : [1..n] inf(π) P i and inf(π) R i Ø F = {({n 1, n 2 }, {n 2 })} To accept L(½ ¼ p) with A F = {({n 2 }, Ø)} F = {({n 2 }, {n 2 })} Automata Automaton for ¼ ½ p ¼ ½ q (if p happens infinitely often, then q happens infinitely often) ½ ¼ p ¼ ½ q Deterministic: n 1 : p q n 3 : p q q n 4 : p q Muller acceptance condition (P = powerset): F = P({n 1, n 2, n 3, n 4 }) {{n 2 }, {n 2, n 4 }} Streett acceptance condition: eventually always p {}}{ F = {({n 3, n 4 } or, infinitely often q {}}{ {n 1, n 3 })} Automata (Cont d) Automaton for ¼ ½ p ¼ ½ q ½ ¼ p ¼ ½ q Nondeterministic: n 1 : t n 2 : p Muller acceptance condition: n 3 : t n 4 : q F = {{n 2 }, {n 4 }, {n 3, n 4 }} Streett acceptance condition: F = {({n 2 }, {n 4 })} More Examples: Muller/Streett ¼ p p ½ q n 1 : p F M = {{n 1 }} F S = {({n 1 }, Ø)} n 2 : q n 3 : q F M = {{n 1 }, {n 3 }, {n 1, n 3 }, {n 2, n 3 }, {n 1, n 2, n 3 }} F S = {(Ø, {n 1, n 3 })} Question: Why is {n 1, n 2 } not in F M? 11-28

8 More Examples: Muller/Streett More Examples: Muller/Streett pwq n 1 : p n 2 : q n 3 : t F M = {{n 1 }, {n 3 }} F S = {({n 1, n 3 }, Ø)} puq n 1 : p q n 2 : q n 3 : t F M = {{n 3 }} F S = {({n 3 }, Ø)} p ½ ¼ q p qwr n 2 : q n 3 : q F M = {{n 1 }, {n 3 }} n 2 : q n 3 : r F M = P({n 1, n 2, n 3 }) {n 1, n 2 } Question: Why n 1 : p q and not n 1 : p? F S = {({n 1, n 3 }, Ø)} F S = {(Ø, {n 1, n 2, n 3 })} n 2 : q m More Examples: Muller/Streett p q m Wq m 1... q 1 Wq 0 F M = P({n 1,..., n m+2 }) F S = {(Ø, {n 1,..., n m+2 })} n 3 : q m 1. n 4 : q m 2 n m+1 : q 1 n m+2 : q

9 Existence of ω-automaton Theorem: For every PLTL formula ϕ, there exists an ω-automaton A ϕ such that L(ϕ) = L(A ϕ ). Question: Does the converse also hold? Consider A: n 1 : t Existence of ω-automaton (Cont d) First attempt: ¾ p ¼ (p ¾ p) Not good because it only accepts p p p p p... F M = {{n 1, n 2 }} L(A) = all sequences of form p p p p p p p p p p p p... That is, it accepts L(A 1 ), with A 1 : F M = {{n 1, n 2 }} Is there a PLTL formula ϕ such that L(A) = L(ϕ)? Existence of ω-automaton (Cont d) Second attempt: ¾ p ¼ (p ¾ ¾ p) Not good because it accepts only and p p p p p... p p p p p... That is, it accepts L(A 2 ), with A 2 : n 3 : p F M = {{n 1, n 2 }, {n 3 }} ω-automaton Expressiblity It was shown by Wolper (1982) that there does not exist a PLTL formula ϕ such that L(ϕ) = L(A) for the automaton A shown above. Theorem: ω-automata are strictly more expressive than PLTL. Theorem: For every ω-automaton A there exists an existentially quantified formula ϕ such that L(A) = L(ϕ)

10 n 1 : t k.( ¾ k }{{} k holds in the second position F = {{n 1, n 2 }} ¼ (k ¾ k) ¼ (k p) ) }{{} k-positions alternate } {{ } whenever k holds, p also holds k is a flexible, auxiliary boolean variable: its value may be different in different positions. Note: k at position 0. Why? 11-37