A Mixed Decision Method for Duration Calculus

Similar documents
Non-elementary Lower Bound for Propositional Duration. Calculus. A. Rabinovich. Department of Computer Science. Tel Aviv University

In a second part, we concentrate on interval models similar to the traditional ITL models presented in [, 5]. By making various assumptions about time

Optimal Tableaux for Right Propositional Neighborhood Logic over Linear Orders

An optimal tableau-based decision algorithm for Propositional Neighborhood Logic

A Duration Calculus with Infinite Intervals

Tableau-based decision procedures for the logics of subinterval structures over dense orderings

Duration Calculus Introduction

Introduction to Logic in Computer Science: Autumn 2006

Declarative modelling for timing

Decision procedure for Default Logic

Lecture 03: Duration Calculus I

A Tableau Calculus for Minimal Modal Model Generation

A Resolution Method for Modal Logic S5

3 Propositional Logic

A Theory of Duration Calculus with Application

Computational Logic. Davide Martinenghi. Spring Free University of Bozen-Bolzano. Computational Logic Davide Martinenghi (1/30)

On Modal Logics of Partial Recursive Functions

Propositional and Predicate Logic - V

Hypersequent Calculi for some Intermediate Logics with Bounded Kripke Models

On the Complexity of the Reflected Logic of Proofs

PSPACE-completeness of LTL/CTL model checking

Automated Solution of the Riddle of Dracula and Other Puzzles

KE/Tableaux. What is it for?

Semantics and Pragmatics of NLP

Classical Propositional Logic

The Calculus of Computation: Decision Procedures with Applications to Verification. Part I: FOUNDATIONS. by Aaron Bradley Zohar Manna

Automata theory. An algorithmic approach. Lecture Notes. Javier Esparza

Expressiveness, decidability, and undecidability of Interval Temporal Logic

Introduction to Temporal Logic. The purpose of temporal logics is to specify properties of dynamic systems. These can be either

Decision Procedures for Satisfiability and Validity in Propositional Logic

CHAPTER 10. Gentzen Style Proof Systems for Classical Logic

Optimal Tableau Systems for Propositional Neighborhood Logic over All, Dense, and Discrete Linear Orders

Chapter 2 Background. 2.1 A Basic Description Logic

Description Logics. Deduction in Propositional Logic. franconi. Enrico Franconi

Introduction to Logic in Computer Science: Autumn 2006

Introduction to Artificial Intelligence Propositional Logic & SAT Solving. UIUC CS 440 / ECE 448 Professor: Eyal Amir Spring Semester 2010

Modal Dependence Logic

Chapter 11: Automated Proof Systems

Mathematical Logic Propositional Logic - Tableaux*

Propositional Logic Language

First-Order Logic. Chapter Overview Syntax

Propositional logic (revision) & semantic entailment. p. 1/34

A brief introduction to Logic. (slides from

Computation and Logic Definitions

Marie Duží

Part 1: Propositional Logic

Learning Goals of CS245 Logic and Computation

Characterization of Semantics for Argument Systems

7. Propositional Logic. Wolfram Burgard and Bernhard Nebel

Relational dual tableaux for interval temporal logics *

Propositional Logic: Part II - Syntax & Proofs 0-0

Introduction to Metalogic

Foundations of Artificial Intelligence

Foundations of Artificial Intelligence

Deductive Systems. Lecture - 3

Proving Completeness for Nested Sequent Calculi 1

Warm-Up Problem. Is the following true or false? 1/35

An Efficient Decision Procedure for Functional Decomposable Theories Based on Dual Constraints

Design of Distributed Systems Melinda Tóth, Zoltán Horváth

From Constructibility and Absoluteness to Computability and Domain Independence

Probabilistic Neighbourhood Logic

MONADIC FRAGMENTS OF INTUITIONISTIC CONTROL LOGIC

Linking Duration Calculus and TLA

Propositional logic. First order logic. Alexander Clark. Autumn 2014

Redundancy for rigid clausal tableaux

CS 486: Applied Logic Lecture 7, February 11, Compactness. 7.1 Compactness why?

Chapter 4: Computation tree logic

Projections: A Technique for Verifying Real-Time Programs in Duration Calculus

COMP9414: Artificial Intelligence Propositional Logic: Automated Reasoning

Nested Epistemic Logic Programs

Propositional Calculus - Semantics (3/3) Moonzoo Kim CS Dept. KAIST

THE LANGUAGE OF FIRST-ORDER LOGIC (FOL) Sec2 Sec1(1-16)

Propositional logic. Programming and Modal Logic

CS156: The Calculus of Computation

An Algebraic Semantics for Duration Calculus

Principles of Knowledge Representation and Reasoning

Description Logics. Foundations of Propositional Logic. franconi. Enrico Franconi

Chapter 11: Automated Proof Systems (1)

A Tableau-Based Decision Procedure for Right Propositional Neighborhood Logic (RPNL )

Encoding formulas with partially constrained weights in a possibilistic-like many-sorted propositional logic

Lecture 3: Semantics of Propositional Logic

Foundations of Artificial Intelligence

Přednáška 12. Důkazové kalkuly Kalkul Hilbertova typu. 11/29/2006 Hilbertův kalkul 1

Logic: Propositional Logic (Part I)

Nonmonotonic Reasoning in Description Logic by Tableaux Algorithm with Blocking

Classical First-Order Logic

From Bi-facial Truth to Bi-facial Proofs

Logic for Computer Scientists

Propositional Logic: Models and Proofs

Propositional and Predicate Logic - IV

Metric Propositional Neighborhood Logics

Applied Logic. Lecture 1 - Propositional logic. Marcin Szczuka. Institute of Informatics, The University of Warsaw

Critical Reading of Optimization Methods for Logical Inference [1]

First-Order Logic First-Order Theories. Roopsha Samanta. Partly based on slides by Aaron Bradley and Isil Dillig

Splitting a Default Theory. Hudson Turner. University of Texas at Austin.

An Independence Relation for Sets of Secrets

On Sequent Calculi for Intuitionistic Propositional Logic

02 Propositional Logic

First Order Logic (FOL) 1 znj/dm2017

Discrete Mathematics

Transcription:

A Mixed Decision Method for Duration Calculus NATHALIE CHETCUTI-SERANDIO and LUIS FARIÑAS DEL CERRO, Institut de Recherche en Informatique de Toulouse, 118, route de Narbonne, F-31062 Toulouse cedex 04, France. E-mail: fchetcuti,farinasg@irit.fr Abstract The Duration Calculus is an interval logic with an additional notion of duration. It became one of the main references of real-time system specification for which it was introduced. From a practical point of view an important challenge is to define automated proof procedures for this calculus. Since the propositional Duration Calculus is undecidable, in this paper we isolate a fragment and we define a mixed decision method combining standard tableau techniques with temporal constraint network resolution algorithms. This method gives a natural procedure to decide whether a given formula is satisfiable. This fragment is strong enough to embed Allen s Interval Algebra. Keywords: Automated deduction, representation of time, software engineering. 1 Introduction The Duration Calculus [14] is an interval logic introduced for specifying real-time systems. This calculus is able to capture important real-time problems like the specification of the behaviour of schedulers [11]; it has also been used, to specify the requirements of the classical gas burner [8], to give a semantics to communicating processes sharing a processor and to specify their scheduler [12], to specify controllers automatically synthesized from these specifications [3], etc. From a practical point of view an important challenge is to define automated proof procedures for this calculus. Since the propositional Duration Calculus is undecidable, we are interested in isolating decidable fragments of this calculus. A first fragment was given [13] and its decidability proved via regular languages. In this paper we isolate another fragment and we define a decision method combining standard tableau techniques with temporal constraint network resolution algorithms. This method gives a natural procedure to decide whether a given formula is satisfiable. This fragment is strong enough to embed Allen s Interval Algebra [1]. This paper is organized as follows: first we introduce the fragment of propositional Duration Calculus we isolated, then the tableau method we defined which we prove to be sound, complete and decidable before concluding. 2 Duration Calculus: an interval fragment Duration Calculus [14] is a temporal logic based on Interval Temporal Logic [7] with an additional notion of duration in a state, i.e. the duration for which a system stays in a particular state. Given that this calculus is undecidable, we shall consider only a fragment of propositional J. Logic Computat., Vol. 10 No. 6, pp. 877 895 2000 cfl Oxford University Press

878 A Mixed Decision Method for Duration Calculus Duration Calculus; nevertheless this new fragment is rich enough to embed Interval Algebra [1] (cf. Apendix A). Furthermore that fragment is a decidable subset of Duration Calculus. In this section we introduce formally the syntax and the semantics of propositional Duration Calculus restricted to the fragment we are interested in then we give some results of decidability for Duration Calculus. The reader interested in a thorough presentation of Duration Calculus can refer to [6] for the logical aspects. 2.1 Syntax Three types of expressions are considered: 1. State expressions, built from state variables and classical logic operators: the states of a system are modelled as state expressions, state variables being basic states. State expressions are defined by induction in the following way: (a) state variables are state expressions, (b) if ff is a state expression then :ff is a state expression, (c) if ff 1 and ff 2 are state expressions then ff 1 ^ ff 2 is a state expression. 2. Terms, defined in the following way: (a) R 1 is a term, denoted by `; ` is the length of the current interval, (b) if ff is a state expression then R ff is a term; R ff is the duration for which the system is in state ff within a given temporal interval, (c) there are only function symbols of arity 0: ifk is a function symbol of arity 0 then k is a term, called constant; a constant k is interpreted as the real number k. 3. Formulae are defined, still by induction, in the following way: (a)? and > are formulae, (b) if k is a constant then ` S k, wheres 2f<;»; =; 6=; ;>g, is a formula; the binary predicate symbols f<;»; =; 6=; ;>g are interpreted as binary Boolean functions over the set of the real numbers: IR 2!ftrue; falseg, (c) if ff is a state expression then R ff = ` is a formula, (d) if ffi 1 and ffi 2 are formulae then ffi 1 _ ffi 2, ffi 1 ^ ffi 2 and ffi 1 ; ffi 2 are formulae. ffi 1 ; ffi 2 is true in a given interval if this one can be split into two subintervals, ffi 1 being true in the former and ffi 2 in the latter; this special operator is called chop. Another modal logic based on a chop operator is considered by Venema [10]. Abbreviations. Apart from classical abbreviations, standard modal operators can be defined in Duration Calculus: ffl}ffi >; ffi ; > ffi is true for some subinterval of the current interval. ffl Note that the operator cannot be defined in our fragment since we cannot express the negation of a formula. More typical abbreviations: fflde (` R =0) the current interval is a point interval. ffldffe ( ff = `) ^ `>0 state expression ff is 1 almost everywhere on the current interval and this one is not a point interval.

A Mixed Decision Method for Duration Calculus 879 2.2 Semantics Time is modelled by the set of the real numbers called Time. For each b, e 2 Time such that b» e, the closed interval [b; e] denotes the set ft 2 Time : b» t» eg and IInt will denote the set of closed intervals. In the sequel let I be an interpretation, t a temporal point and [b; e] a temporal interval. State expressions. An interpretation I associates with each state variable, a Boolean function over temporal points: Time! f0; 1g. The semantics of a state expression is a Boolean function over temporal points: Time! f0; 1g, defined by induction in the following way: ffl if s is a state variable then I[[s]](t) =I(s)(t), ffl if ff is a state expression then I[[:ff]](t) =1 I[[ff]](t), ffl if ff 1 and ff 2 are state expressions then I[[ff 1 ^ ff 2 ]](t) =I[[ff 1 ]](t) I[[ff 2 ]](t). State variables, hence state expressions, are finitely varied, i.e. they may have only a finite number of discontinuities on a bounded interval, state expressions being thus Riemannintegrable on all bounded interval. Terms. A term is interpreted as a real-valued function: IInt! IR, giving for all temporal interval the duration of a given state expression. The semantics of a term is defined in the following way: R e ffli[[`]]([b; e]) = 1dt = e b, b R R e ffl if ff is a state expression then I[[ ff]]([b; e]) = b I[[ff]](t)dt, ffli[[k]]([b; e]) = k. Formulae. A formula is interpreted as a Boolean function over intervals: IInt! ff alse; trueg. The semantics of a formula is defined by induction in the following way: ffli[[?]]([b; e]) = false, ffli[[>]]([b; e]) = true, ffl if k is a constant and S is a binary predicate symbol such that S 2 f<;»; =; 6=; ;>g then I[[` S k]]([b; e]) = true if, and only if, I[[`]]([b; e]) S k, ffl if ff is a state expression then I[[ R ff = `]]([b; e]) = true if, and only if, I[[ R ff]]([b; e]) = I[[`]]([b; e]), ffl if ffi 1 and ffi 2 are formulae then I[[ffi 1 _ ffi 2 ]]([b; e]) = true if, and only if, I[[ffi 1 ]]([b; e]) = true or I[[ffi 2 ]]([b; e]) = true, ffl if ffi 1 and ffi 2 are formulae then I[[ffi 1 ^ ffi 2 ]]([b; e]) = true if, and only if, I[[ffi 1 ]]([b; e]) = true and I[[ffi 2 ]]([b; e]) = true, ffl if ffi 1 and ffi 2 are formulae then I[[ffi 1 ; ffi 2 ]]([b; e]) = true if, and only if, 9m 2 [b; e] such that I[[ffi 1 ]]([b; m]) = true and I[[ffi 2 ]]([m; e]) = true. Let I be an interpretation, let [b; e] be a Time interval and let ffi be a formula. Semantically, M =(I; [b; e]) satisfies ffi (or M is a model of ffi), denoted M j= ffi, ifi[[ffi]]([b; e]) = true. Likewise, (I; [b; e]) 6j= ffi if I[[ffi]]([b; e]) = false. REMARK 2.1 R ffl In formulae, state expressions only appear within a.

880 A Mixed Decision Method for Duration Calculus ffl Let ff 1 and ff 2 be two state expressions R and let I[[ff R 1 ]] be I[[ff 2 ]] except for a finite number e of points then 8[b; e] 2 IInt, b I[[ff e 1]](t)dt = b I[[ff 2]](t)dt. Therefore for all state expression we can drop a finite number of discontinuity points without altering the truth value of formulae. R b ffl Let ff be a state expression. On any point interval [b; b], b I[[ff]] (t)dt =0= R b b I[[:ff]](t)dt. So(I; [b; b]) j= (R ff = `), (I; [b; b]) j= ( R :ff = `). 2.3 Fragments of Duration Calculus Michael R. Hansen and Zhou Chaochen give an axiomatization of Duration Calculus in [5]. Some subsets have been identified to be decidable while others are undecidable [13]. In a certain decidable subset of Duration Calculus, a regular language L(ffi) can be generated from aformulaffi. L(ffi) represents a set of strings corresponding to interpretations satisfying ffi, such that ffi is satisfiable if, and only if, L(ffi) is not empty. The emptiness of a regular language being decidable, so is the satisfiability of a formula. A decision algorithm for checking the validity of formulae of a decidable Duration Calculus subset was implemented in [9]. Our decidable Duration Calculus fragment is not comparable with the dense-time decidable fragment of [13]: both are included in propositional Duration Calculus but none is included in the other one, they only intersects one another. Below are some examples of formulae characteristic of each language: the second formula is not expressible in our fragment and the third one does not belong to the dense-time decidable fragment of [13]. Formula Language 1. (( R s 1 = R s 2 ) ^ ( R s 1 6=5))) ( R s 2 6=5) Propositional Duration Calculus 2. (ds 1 e; ds 1 e) )ds 1 e Dense-Time Decidable Duration Calculus Fragment from [13] 3. (` 4) ^ (( R s 1 = ` _ `» 1); ( R s 2 = `)) Our Decidable Duration Calculus Fragment In the next section we define a deduction method based on tableau techniques extended with constraint resolution algorithms. 3 Tableau construction In this section we give a tableau-based method characterized by a set of extension rules. A step-by-step procedure applies these rules to a tree initially possessing an only node, called root, to which a single formula is attached; the final tree thus constructed is called a tableau. If the original formula is consistent, there exists a model associated with its tableau satisfying it.

A Mixed Decision Method for Duration Calculus 881 Since we need to deal explicitly with interval bounds, we shall call bounded formula (respectively bounded state expression) an interval-stamped formula (respectively intervalstamped state expression), e.g. ffi [b;e]. Intuitively ffi [b;e] means that there should be a (I; [b; e])- like model which satisfies ffi. Tableaux are built by means of extension rules: an extension rule constructs a new tree T i+1 from a tree T i by adding sons to a terminal node of T i. It is represented as a tree pattern: S 1 S 2 or S 1 @ @ S 2 S 3 where S 1, S 2 and S 3 are conjunctions (expressed in the form of sets) of bounded formulae, bounded state expressions and constraints and where branching expresses disjunction. The intended meaning of an extension rule is as follows: if a terminal node n of T i contains a set of bounded formulae, bounded state expressions and constraints matching S 1 then the rule applies to n and adds one or two sons to n, each son containing the corresponding instantiation of S 2 or S 3. EXAMPLE 3.1 Let T i be ffi [b;e] @ @@... S k ffl If S k matches S 1 of rule S 1 then the rule applies and T i+1 is identical to T a (see below) S 2 where S k+1 is the corresponding instantiation of S 2. ffl If S k matches S 0 1 of rule S 0 1 @ @ S 0 2 S 0 3 then the rule applies and T i+1 is identical to T b (see below) where S 0 k+1 and S0 k+2 are the corresponding instantiation of S0 2 and S0 3 respectively.

882 A Mixed Decision Method for Duration Calculus ffl stop 1 : ffl stop 2 : S;? [b0 ;e 0 ] S; b 0 <e 0 ;b 0 = e 0 stop stop FIGURE 1. Extension rules for Duration Calculus: stop rules Let T a be and let T b be ffi [b;e] @ @@... S k S k+1 ffi [b;e] @ @@... S k @ @ S 0 k+1 S 0 k+2 DEFINITION 3.2 Let b and e be constraint variables and k 2 IR. ffl b R e,wherer 2 f<; =;»g,isaqualitative constraint, ffl (e b) S k,wheres 2f<;»; =; 6=; ;>g,isaquantitative constraint. DEFINITION 3.3 Let n be a node and b, b 0 constraint variables. b and b 0 are connected in n, denoted by b./ b 0 2 n, if9 b 1 ;:::;b m constraint variables such that the set of qualitative constraints fb R 1 b 1 ;b 1 R 2 b 2 ;:::;b m R m+1 b 0 : R i 2f<;»; =gg belongs to n. The extension rules for Duration Calculus are presented in Figures 1, 2 and 3. DEFINITION 3.4 (Tableau) Let ffi be a formula and ft 0, T 1,...,T i, T i+1, :::g be a series of trees such that ffl T 0 is a single node containing solely ffi [b;e],whereb and e are constraint variables, ffl T i+1 is obtained by applying an extension rule to T i. If this series has a limit, 1 it is called a tableau for formula ffi. Note that in such a series of trees any rule applicable to some T i is eventually applied to T j, where j i (fairness hypothesis). 1 Such a series reaches a limit when no more extension rule is applicable.

A Mixed Decision Method for Duration Calculus 883 ffl>: S; > [b0 ;e 0 ] S; b 0» e 0 ffl double negation: ff is a state expression. S; (::ff) [b0 ;e 0 ] S; ff [b0 ;e 0 ] ffl and negation: ff 1 and ff 2 are state expressions. S; :(ff 1 ^ ff 2 ) [b0 ;e 0 ], b 0./m./e 0 S; :(ff 1 ^ ff 2 ) [b0 ;m], :(ff 1 ^ ff 2 ) [m;e0 ], b 0./m./e 0 ffl last and negation: ff 1 and ff 2 are state expressions. S; :(ff 1 ^ ff 2 ) [b0 ;e 0 ] @ @@ S; :ff 1[b0 ;e 0 ] S; :ff 2[b0 ;e 0 ] Rule last and negation applies when the rules applying to formulae and rule and negation no longer apply. ffl interval length S: k is a constant. S; (` S k) [b0 ;e 0 ] S; b 0» e 0 ; (e 0 b 0 ) S k where S 2f<;»; =; 6=; ;>g FIGURE 2. Extension rules for Duration Calculus: building rules (1)

884 A Mixed Decision Method for Duration Calculus ffl maximal length: S; ( R ff = `) [b0 ;e 0 ] S; ff [b0 ;e 0 ];b 0» e 0 ffl and: S; (x ^ y) [b0 ;e 0 ] S; x [b0 ;e 0 ];y [b0 ;e 0 ] ffl or: ffi 1 and ffi 2 are formulae. S; (ffi 1 _ ffi 2 ) [b0 ;e 0 ] @ @@ S; ffi 1[b0 ;e 0 ] S; ffi 2[b0 ;e 0 ] ffl subinterval sequence: S; (ffi 1 ; ffi 2 ) [b0 ;e 0 ] S; ffi 1[b0 ;b 1] ;ffi 2[b1;e 0 ] b 1 new constraint variable ffl interval disjunction: S; ff [b1;e1] ; :ff [b2;e2] @ @@ S; ff [b1;e1] ; :ff [b2;e2] ;e 1» b 2 S; ff [b1;e1] ; :ff [b2;e2] ;e 2» b 1 Rule interval disjunction does not apply if constraints e 1» b 2 or e 2» b 1 belong to the father. FIGURE 3. Extension rules for Duration Calculus: building rules (2)

A Mixed Decision Method for Duration Calculus 885 DEFINITION 3.5 A tableau branch is a path from the root to a terminal node. DEFINITION 3.6 ffl A terminal node is open if it is stop-free and the set of its constraints is consistent, otherwise it is closed. ffl A tableau branch is open if its terminal node is open, otherwise it is closed. ffl A tableau is open if one of its branches is open, otherwise it is closed. OBSERVATION 3.7 Any constraint belonging to a node also belongs to its stop-free descendants (if it has any). Since the aim of our work is to define a decision procedure, a first step is to prove that the tableau construction terminates, hence the following lemmas and theorem: LEMMA 3.8 Let ffi be a formula. The series of trees constructed to find a tableau for ffi is not empty. PROOF. ThefirsttreeT 0 of the series of trees constructed to find a tableau for ffi is a single node containing the only formula ffi [b;e],whereb and e are constraint variables. LEMMA 3.9 Let ffi be a formula. In the series of trees constructed to find a tableau for ffi, each extension rule can apply finitely often in a given branch. PROOF. ffl Rules stop 1 and stop 2 stop the construction of the current branch, so they apply finitely often. ffl Rule > just generates a constraint in the son of the current node. Formulae being finite, rule > applies finitely often. ffl Rules double negation and last and negation generate bounded state subexpressions of the bounded state expression to which they apply in the sons of the current node. State expressions being finite, the number of their subexpressions is also finite, so rules double negation and last and negation apply finitely often. ffl Rule and negation generates the state expression to which it applies twice in the son of the current node but those state expressions are stamped by already known subintervals of the current interval. The only rule making new constraint variables appear is rule subinterval sequence which applies finitely often (see farther on) consequently only a finite number of intervals can be generated. So rule and negation applies finitely often. ffl Rule interval length S just generates two constraints in the son of the current node. Formulae being finite, this rule applies only finitely often. ffl Rule maximal length generatesaboundedstatesubexpressionandaconstraint. Formulae being finite, the number of their state subexpressions is also finite, thus rule maximal length applies finitely often. ffl Rules or and subinterval sequence generateboundedsubformulaeoftheboundedformula to which they apply in the sons of the current node. Formulae being finite, the number of their subformulae is also finite, so rules or and subinterval sequence apply finitely often.

886 A Mixed Decision Method for Duration Calculus ffl Rule and generates bounded subformulae or state subexpressions of, respectively, the bounded formula or state expression to which it applies in the sons of the current node. Formulae and state expressions being finite, the number of their subformulae is also finite, so rule and applies finitely often. ffl Rule interval disjunction carries both bounded state expressions to which it applies and generates a b» e-like constraint in both sons of the current node. Rule interval disjunction cannot apply twice to the same pair of state expressions in a given branch because of the application condition on rule interval disjunction and because of Observation 3.7. Furthermore formulae being finite, the number of state expressions, hence the number of pairs of state expressions, is finite so rule interval disjunction applies finitely often. LEMMA 3.10 Let ffi be a formula. The series of trees constructed to find a tableau for ffi reaches a limit. PROOF. Each element of the series of trees constructed to find a tableau for ffi is built by applying an extension rule to its predecessor; as the application of an extension rule to a node creates two sons at most and as each extension rule applies finitely often in a given branch (Lemma 3.9), that series of trees is finite. THEOREM 3.11 (Existence of a tableau) For all formula ffi, there exists a tableau for ffi. PROOF. First, the series of trees constructed to find a tableau for ffi is never empty (Lemma 3.8). Secondly, owing to Lemma 3.10, this series of trees is finite, yielding thus a tableau. 4 Definitions and preliminary lemmas In this section we introduce first an extension of the notion of satisfiability, called t-satisfiability, with the aim of giving a precise meaning to the stamped formulae, stamped state expressions and constraints of a node; from that definition the classical satisfiability for a Duration Calculus formula is derived. Next we present how to associate a model with a tableau, then we give some fundamental properties of the tableau construction. 4.1 Model associated with a tableau DEFINITION 4.1 (T-model) A t-model is a triplet (V; I; [b; e]) such that ffl V : fconstraint variablesg! Time, ffli: fstate variablesg! ( Time! f0; 1g), ffl [b; e] is a Time-interval. DEFINITION 4.2 (T-satisfiability) T-satisfiability is defined by structural induction on bounded expressions and constraints: ffl Let ffi [b0 ;e 0 ] be a bounded formula. A t-model M = (V; I; [b; e]) t-satisfies ffi [b0 ;e 0 ] if [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= ffi. ffl Let ff [b0 ;e 0 ] be a bounded state expression. A t-model M =(V; I; [b; e]) t-satisfies ff [b0 ;e 0 ] if [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(ff)(t) =1.

A Mixed Decision Method for Duration Calculus 887 ffl Let b 0 R e 0 be a qualitative constraint with R 2f<; =;»g. A t-model M =(V; I; [b; e]) t-satisfies b 0 R e 0 if V(b 0 ) 2 [b; e], V(e 0 ) 2 [b; e] and the constraint V(b 0 ) R V(e 0 ) is satisfied. ffl Let (e 0 b 0 ) S k be a quantitative constraint with S 2f<;»; =; 6=; ;>gand k 2 IR. A t-model M =(V; I; [b; e]) t-satisfies (e 0 b 0 ) S k if V(b 0 ) 2 [b; e], V(e 0 ) 2 [b; e] and the constraint (V(e 0 ) V(b 0 )) S k is satisfied. LEMMA 4.3 (Equivalence between satisfiability and t-satisfiability) For all constraint variables b 0 and e 0, bounded formula ffi [b0 ;e 0 ] is t-satisfiable if, and only if, formula ffi is satisfiable. PROOF. ()) Let b 0 and e 0 be constraint variables. ffi [b0 ;e 0 ] is t-satisfiable,9(v; I; [b; e]) : [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= ffi )9(I 00 ; [b 00 ;e 00 ]) : (I 00 ; [b 00 ;e 00 ]) j= ffi (just take I 00 = I, b 00 = V(b 0 ) and e 00 = V(e 0 )), ffi is satisfiable. (() ffi is satisfiable,9(i; [b; e]) : (I; [b; e]) j= ffi )8b 0 ;e 0 interval bounds, 9(V; I 00 ; [b 00 ;e 00 ]): [V(b 0 ); V(e 0 )] [b 00 ;e 00 ] and (I 00 ; [V(b 0 ); V(e 0 )]) j= ffi (just take V(b 0 )=b = b 00, V(e 0 )=e = e 00 and I 00 = I), for all constraint variables b 0 and e 0, ffi [b0 ;e 0 ] is t-satisfiable. DEFINITION 4.4 (T-model associated with an open tableau) Let n be an open terminal node of some open tableau then the t-model (V; I; [b; e]) associated with n is constructed in the following way: ffl Let B = fb 1 ;:::;b m g be the set of constraint variables occurring in the constraints of n. V : B! Time associates with all variable of B a Time value such that the order on fv(b 1 );:::;V(b m )g complies with the constraints of n, i.e. if b i R b j 2 n then V(b i ) R V(b j ),wherer 2f<;»; =g and if (b j b i ) S k 2 n then (V(b j ) V(b i )) S k, where S 2f<;»; =; 6=; ;>gand k 2 IR. Let b = minfv(b i ):i 2f1;:::;mgg and e = maxfv(b i ):i2f1;:::;mgg. ffl Let fs 1 ;:::;s p g be the set of state variables occurring in node n. 8j 2f1;:::;pgI(s j ) 2 Time!f0; S 1g such that if s j [b0 ;e belongs to node n then 8t 2 0 ] [V(b 0 ); V(e 0 )), I(s j )(t) = 1 and 8t 62 f[v(b 0 ); V(e 0 )) : s j [b0 ;e 2 ng, I(s 0 ] j)(t) = 0. 4.2 Tableau fundamental properties Here are given some essential tools for the soundness and completeness proof: for instance the first lemma (Lemma 4.5) concerns the preservation of t-satisfiability by extension rules. LEMMA 4.5 (T-satisfiability preservation) For all rule, the father s bounded formulae, bounded state expressions and constraints are t-satisfiable if, and only if, the bounded formulae, bounded state expressions and constraints in one of the sons are t-satisfiable. PROOF. First, let us prove that for all stop rules, the father s bounded formulae are not t-satisfiable: concerning rule stop 1 the proof is quite obvious and as far as rule stop 2 is concerned, let M =(V; I; [b; e]) be a model of the father s bounded formulae then V(b 0 ) 2 [b; e], V(e 0 ) 2 [b; e], V(b 0 ) < V(e 0 ) and V(b 0 )=V(e 0 ) which is impossible.

888 A Mixed Decision Method for Duration Calculus Let us prove now that for all rule (but stop 1 and stop 2 ) a model M t-satisfies the father s boundedformulae, boundedstate expressionsandconstraintsif, andonlyif, M t-satisfies the bounded formulae, bounded state expressions and constraints in one of the child nodes. ffl>: M t-satisfies > [b0 ;e 0 ], [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= >, V(b 0 ) 2 [b; e], V(e 0 ) 2 [b; e] and V(b 0 )» V(e 0 ), M t-satisfies b 0» e 0. ffl double negation: M t-satisfies (::ff) [b0 ;e 0 ], [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(::ff)(t) =1, [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(:ff)(t) =1 I(::ff)(t) =0, [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(ff)(t) =1 (1 I(::ff)(t)) = 1, M t-satisfies ff [b0 ;e 0 ]. ffl and negation: M t-satisfies :(ff 1 ^ ff 2 ) [b0 ;e 0 ] and M t-satisfies b 0./m./e 0, [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(:(ff 1 ^ ff 2 ))(t) =1and V(b 0 ) 2 [b; e] and V(m) 2 [b; e] and V(e 0 ) 2 [b; e] and V(b 0 )» V(m) and V(m)» V(e 0 ), [V(b 0 ); V(m)] [b; e] and 8t 2 [V(b 0 ); V(m)), I(:(ff 1 ^ ff 2 ))(t) = 1 and [V(m); V(e 0 )] [b; e] and 8t 2 [V(m); V(e 0 )), I(:(ff 1 ^ ff 2 ))(t) =1and V(b 0 ) 2 [b; e] and V(m) 2 [b; e] and V(e 0 ) 2 [b; e] and V(b 0 )» V(m) and V(m)» V(e 0 ), M t-satisfies :(ff 1 ^ ff 2 ) [b0 ;m] and M t-satisfies :(ff 1 ^ ff 2 ) [m;e0 ] and M t-satisfies b 0./m./e 0. ffl last and negation: M t-satisfies S and M t-satisfies :(ff 1 ^ ff 2 ) [b0 ;e 0 ], M t-satisfies S; [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(:(ff 1 ^ ff 2 ))(t) =1 The rules applying to formulae, in particular rule subinterval sequence, do not apply anymore, consequently no new constraint variable may appear. Moreover as rule and negation do not apply to :(ff 1 ^ ff 2 ) [b0 ;e 0 ] either, there is and there will be no constraint variable m such that b 0./m./e 0.Soff 1[b1;e 1] and ff 2[b2;e 2],whereb 0./b 1./e 1./e 0 and b 0./b 2./e 2./e 0, do not belong to S neither does ff 0 [b 3;e 3],whereb 0./b 3./e 3./ e 0 and ff 0 is a state subexpression of :(ff 1 ^ ff 2 ). Nevertheless ff 1[b0 ;e 0 ] or ff 2[b0 ;e 0 ] can belong to S. If ff 2[b0 ;e 0 ] 2 S then let M 0 = (V; I 0 ; [b; e]) be a model such that I 0 is I except that 8t 2 [V(b 0 ); V(e 0 )), I(ff 1 )(t) =0else let M 0 =(V; I 0 ; [b; e]) be a model such that I 0 is I except that 8t 2 [V(b 0 ); V(e 0 )), I(ff 2 )(t) =0 ) M 0 t-satisfies S and (M 0 t-satisfies :ff 1[b0 ;e 0 ] or M 0 t-satisfies :ff 2[b0 ;e 0 ]). M t-satisfies :ff 1[b0 ;e 0 ] or M t-satisfies :ff 2[b0 ;e 0 ], [V(b 0 ); V(e 0 )] [b; e] and (8t 2 [V(b 0 ); V(e 0 )), I(:ff 1 )(t) =1or 8t 2 [V(b 0 ); V(e 0 )), I(:ff 2 )(t) =1) ) [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), (I(:ff 1 )(t) =1or I(:ff 2 )(t) =1), [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(:(ff 1 ^ ff 2 ))(t) =1, M t-satisfies :(ff 1 ^ ff 2 ) [b0 ;e 0 ]. ffl interval length S: M t-satisfies (` S k) [b0 ;e 0 ] where S 2f<;»; =; 6=; ;>g, [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= ` S k

A Mixed Decision Method for Duration Calculus 889, V(b 0 ) 2 [b; e], V(e 0 ) 2 [b; e], V(b 0 )» V(e 0 ) and (V(e 0 ) V(b 0 )) S k, M t-satisfies b 0» e 0 and M t-satisfies (e 0 b 0 ) S k. ffl maximal length: M t-satisfies ( R ff = `) [b0 ;e 0 ], [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= R ff = `, [V(b 0 ); V(e 0 )] [b; e] and I[[ R ff]]([b; e]) = I[[`]]([b; e]), [V(b 0 ); V(e 0 )] [b; e] and R V(e 0 ) V(b 0 ) I[[ff]](t)dt = R V(e 0 ) V(b 0 ) 1dt, [V(b 0 ); V(e 0 )] [b; e] and R V(e 0 ) V(b 0 ) I[[ff]](t)dt = V(e0 ) V(b 0 ), [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I[[ff]](t) =1except for a finite number of points ) [V(b 0 ); V(e 0 )] [b; e] and by remark 2.1 8t 2 [V(b 0 ); V(e 0 )), I[[ff]](t) =1, V(b 0 ) 2 [V(b 0 ); V(e 0 )], V(e 0 ) 2 [V(b 0 ); V(e 0 )], V(b 0 )» V(e 0 ), [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I[[ff]](t) =1, M t-satisfies ff [b0 ;e 0 ] and M t-satisfies b 0» e 0. M t-satisfies ff [b0 ;e 0 ] and b 0» e 0, [V(b 0 ); V(e 0 )] [b; e], 8t 2 [V(b 0 ); V(e 0 )), I[[ff]](t) = 1, V(b 0 ) 2 [V(b 0 ); V(e 0 )], V(e 0 ) 2 [V(b 0 ); V(e 0 )] and V(b 0 )» V(e 0 ), [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I[[ff]](t) =1 ) [V(b 0 ); V(e 0 )] [b; e] and R V(e 0 ) V(b 0 ) I[[ff]](t)dt = R V(e 0 ) V(b 0 ) 1dt, [V(b 0 ); V(e 0 )] [b; e] and R V(e 0 ) V(b 0 ) I[[ff]](t)dt = R V(e 0 ) V(b 0 ) I[[1]](t)dt, [V(b 0 ); V(e 0 )] [b; e] and I[[ R ff]]([v(b 0 ); V(e 0 )]) = I[[ R 1]]([V(b 0 ); V(e 0 )]), [V(b 0 ); V(e 0 )] [b; e] and I[[ R ff]]([v(b 0 ); V(e 0 )]) = I[[`]]([V(b 0 ); V(e 0 )]), [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= R ff = `, M t-satisfies ( R ff = `) [b0 ;e 0 ]. ffl or: ffi 1 and ffi 2 are formulae. M t-satisfies (ffi 1 _ ffi 2 ) [b0 ;e 0 ], [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= (ffi 1 _ ffi 2 ), [V(b 0 ); V(e 0 )] [b; e] and ((I; [V(b 0 ); V(e 0 )]) j= ffi 1 or (I; [V(b 0 ); V(e 0 )]) j= ffi 2 ), ([V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= ffi 1 )or([v(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= ffi 2 ), M t-satisfies ffi 1[b0 ;e 0 ] or M t-satisfies ffi 2[b0 ;e 0 ]. ffl and: if x and y are state expressions then M t-satisfies (x ^ y) [b0 ;e 0 ], [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(x ^ y)(t) =1, [V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), (I(x)(t) =1and I(y)(t) =1), ([V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(x)(t) =1)and([V(b 0 ); V(e 0 )] [b; e] and 8t 2 [V(b 0 ); V(e 0 )), I(y)(t) =1), M t-satisfies x [b0 ;e 0 ] and M t-satisfies y [b0 ;e 0 ] if x and y are formulae then M t-satisfies (x ^ y) [b0 ;e 0 ], [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= (x ^ y), [V(b 0 ); V(e 0 )] [b; e], (I; [V(b 0 ); V(e 0 )]) j= x and (I; [V(b 0 ); V(e 0 )]) j= y, ([V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= x) and([v(b 0 ); V(e 0 )] [b; e] and

890 A Mixed Decision Method for Duration Calculus (I; [V(b 0 ); V(e 0 )]) j= y), M t-satisfies x [b0 ;e 0 ] and M t-satisfies y [b0 ;e 0 ]. ffl subinterval sequence: M t-satisfies (ffi 1 ; ffi 2 ) [b0 ;e 0 ], [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= (ffi 1 ; ffi 2 ), [V(b 0 ); V(e 0 )] [b; e] and there exists b 2 2 [V(b 0 ); V(e 0 )] such that (I; [V(b 0 );b 2 ]) j= ffi 1 and (I; [b 2 ; V(e 0 )]) j= ffi 2 ) let b 1 be a new constraint variable such that V(b 1 ) = b 2, [V(b 0 ); V(e 0 )] [b; e], V(b 1 ) 2 [V(b 0 ); V(e 0 )], (I; [V(b 0 ); V(b 1 )]) j= ffi 1 and (I; [V(b 1 ); V(e 0 )]) j= ffi 2, ([V(b 0 ); V(b 1 )] [b; e] and (I; [V(b 0 ); V(b 1 )]) j= ffi 1 )and([v(b 1 ); V(e 0 )] [b; e] and (I; [V(b 1 ); V(e 0 )]) j= ffi 2 ), M t-satisfies ffi 1 [b 0 ;b 1] and M t-satisfies ffi 2 [b 1;e 0 ]. M t-satisfies ffi 1[b0 ;b 1] and M t-satisfies ffi 2[b1;e 0 ], ([V(b 0 ); V(b 1 )] [b; e] and (I; [V(b 0 ); V(b 1 )]) j= ffi 1 )and([v(b 1 ); V(e 0 )] [b; e] and (I; [V(b 1 ); V(e 0 )]) j= ffi 2 ) ) [V(b 0 ); V(e 0 )] [b; e] and there exists b 2 2 [V(b 0 ); V(e 0 )] such that (I; [V(b 0 );b 2 ]) j= ffi 1 and (I; [b 2 ; V(e 0 )]) j= ffi 2, [V(b 0 ); V(e 0 )] [b; e] and (I; [V(b 0 ); V(e 0 )]) j= (ffi 1 ; ffi 2 ), M t-satisfies (ffi 1 ;) [b0 ;e 0 ]. ffl interval disjunction: Additional hypothesis: e 1» b 2 does not belong to the father and neither does e 2» b 1. M t-satisfies ff [b1;e 1] and M t-satisfies :ff [b2;e 2], [V(b 1 ); V(e 1 )] [b; e], 8t 2 [V(b 1 ); V(e 1 )), I(ff)(t) =1, [V(b 2 ); V(e 2 )] [b; e] and 8t 2 [V(b 2 ); V(e 2 )], I(:ff)(t) =1, [V(b 1 ); V(e 1 )] [b; e], [V(b 2 ); V(e 2 )] [b; e], 8t 2 [V(b 1 ); V(e 1 )), I(ff)(t) =1and 8t 2 [V(b 2 ); V(e 2 )], I(ff)(t) =0, ([V(b 1 ); V(e 1 )] [b; e], 8t 2 [V(b 1 ); V(e 1 )), I(ff)(t) =1and [V(b 2 ); V(e 2 )] [b; e], 8t 2 [V(b 2 ); V(e 2 )], I(ff)(t) = 0 and V(e 1 ) 2 [b; e], V(b 2 ) 2 [b; e], V(e 1 )» V(b 2 ))or ([V(b 1 ); V(e 1 )] [b; e], 8t 2 [V(b 1 ); V(e 1 )], I(ff)(t) = 1 and [V(b 2 ); V(e 2 )] [b; e], 8t 2 [V(b 2 ); V(e 2 )], I(ff)(t) =0and V(e 1 ) 2 [b; e], V(b 2 ) 2 [b; e], V(e 2 )» V(b 1 )), (M t-satisfies ff [b1;e 1] and M t-satisfies :ff [b2;e 2] and M t-satisfies e 1» b 2 )or(m t-satisfies ff [b1;e 1] and M t-satisfies :ff [b2;e 2] and M t-satisfies e 2» b 1 ). DEFINITION 4.6 χ is a partial order relation defined on tree nodes by: ffl n 0 χ n if n 0 is a descendant of n, ffl n 0 ν n if n 0 is a descendant of n or is the same node as n. OBSERVATION 4.7 ffl Thebinaryrelation./ is transitive. ffl If b./b 0 is t-satisfiable then so is b» b 0. Now we have the following fundamental lemma. LEMMA 4.8 Let ffi [b;e] be a bounded formula or bounded state expression in a node n. In any stop-free terminal node such that n 0 ν n, b./e.

A Mixed Decision Method for Duration Calculus 891 PROOF. ffl If ffi is a formula, we prove the lemma by structural induction on ffi: base case: ffi =?, ffi = >, ` S k or R ff = `, wheres 2f<;»; =; 6=; ;>g, k is a real number and ff is a state expression. Λ If ffi =? then applying rule stop 1 generates stop in the only son, the requirements of the lemma are not met: it does not apply to?. Λ If ffi = > then applying rule > generates constraint b» e in the only son of n. By Observation 3.7, this constraint propagates to the stop-free terminal descendants of n,ifn is not terminal itself. Thus the lemma is true for >. Λ If ffi =(` S k),wheres 2f<;»; =; 6=; ;>g and k 2 IR, then applying rule interval length generates constraints b» e and (e b) S k in the only son of n. ByObservation 3.7, these constraints propagate to the stop-free terminal descendants of n,ifn is not terminal itself. Thus the lemma is true for ` S k, wheres 2f<;»; =; 6=; ;>g and k is a real number. Λ If ffi =( R ff = `), whereff is a state expression, then applying rule maximal length generates the constraint b» e in the only son of n. By Observation 3.7, that constraint propagatesto the stop-free terminal descendantsof n, if n is not terminal itself. Thus the lemma is true for R ff = `,whereff is a state expression. Induction hypothesis: the lemma is true for all subformulae of ffi; let us prove that it is true then for ffi if ffi = ffi 1 _ ffi 2, ffi 1 ^ ffi 2 or ffi 1 ; ffi 2. Λ If ffi = ffi 1 _ ffi 2 then applying rule or generates respectively ffi 1[b;e] and ffi 2[b;e] in the two sons of n, n 0 and 1 n0. By induction hypothesis the lemma is true for 2 ffi 1[b;e] and ffi 2[b;e] hence in all stop-free terminal node n 00 1 such that n 00 1 χ n 10 (so n 00 1 χ n), b./e and in all stop-free terminal node n 00 2 such that n 00 2 χ n 0 2 (so n 00 2 χ n), b./e. Thus the lemma is true for ffi 1 _ ffi 2. Λ If ffi = ffi 1 ^ ffi 2 then applying rule and generates bounded formulae ffi 1[b;e] and ffi 2[b;e] in the only son of n, n 0. By induction hypothesis the lemma is true for ffi and 1 [b;e] ffi 2[b;e] hence in all stop-free terminal node n 00 such that n 00 χ n 0 (so n 00 χ n), b./e. Thus the lemma is true for ffi 1 ^ ffi 2. Λ If ffi = ffi 1 ; ffi 2 then applying rule subinterval sequence generates bounded formulae ffi 1[b;b0 ] and ffi 2[b0 ;e], whereb 0 is a new constraint variable, in the only son of n, n 0. By induction hypothesis the lemma is true for ffi 1[b;b0 ] and ffi 2[b0 ;e] hence in all stop-free terminal node n 00 such that n 00 χ n 0 (so n 00 χ n), b./b 0 and b 0./e.By Observation 4.7, b./e2 n 00. Thus the lemma is true for ffi 1 ; ffi 2. Therefore the lemma is true for all formula. ffl Suppose now that ffi is a state expression. The root contains a formula ffi 0 so any state expression belonging to a descendant comes from a subformula of ffi 0, more precisely from a ( R ff = `)-like subformula of ffi 0 because rule maximal length is the only one to generate a state expression from a formula. Given that from a bounded formula ( R ff = `[b0 ;e 0 ] rule maximal length generates a bounded state expression ff [b0 ;e 0 ], if state expression ffi [b;e] comes from ( R ff = `) [b0 ;e 0 ] and if rule and negation has not been applied meanwhile then actually b is b 0 and e is e 0. Moreover applying rule maximal length to ( R ff = k) [b0 ;e 0 ] generates the constraint b 0» e 0 and by Observation 3.7, this constraint propagates to n and to its stop-free terminal descendants. On the other hand, whenever rule and negation is applied the node to which it applies

892 A Mixed Decision Method for Duration Calculus contains the set of constraints b./m./eso by Observation 4.7 it also contains b./e. By observation 3.7, this set of constraints propagates to n and to its stop-free terminal descendants. Thus the lemma is true for all state expression. 5 Constraint resolution Given that constraints with a special shape appear in the nodes of tableaux, we need to consider a mechanism able to solve these particular temporal constraints. The constraints of a given terminal node n can be represented as a Simple Temporal Problem with inequations (STP 6= [4], a generalization of the well-known STPs [2]): ffl the set of variables is the set of the constraint variables appearing in n, ffl each constraint is a pair: the second element is the set of excluded points: each (e b 6= k)-like constraint is translated as the excluded point k, the first element is a binary constraint composed of a single interval: the constraint between two variables b and e is the intersection of all the constraints involving b and e given that each (b R e)-like constraint is translated as a constraint between b and e: Λ (0; +1) if R is <, Λ [0; +1) if R is», Λ or [0; 0] if R is =, and each ((e b) S k)-like constraint is translated as a constraint between b and e: Λ ( 1;k) if S is <, Λ ( 1;k] if S is», Λ [k; k] if S is =, Λ [k; +1) if S is, Λ or (k; +1) if S is >. EXAMPLE 5.1 Let fb <e;(e b) 6= 5; (e b) 3g be the set of constraints of a terminal node of some tableau. The set of variables of the corresponding STP 6= is fb; eg. The first element of the constraint between b and e is the intersection of (0; +1) (corresponding to constraint b < e) and [3; +1) (corresponding to constraint (e b) 3), that is to say interval [3; +1); the second element of the constraint between b and e is the set of excluded points f5g (corresponding to constraint (e b) 6= 5). Consequently the STP 6= corresponding to the set of constraints fb <e;(e b) 6= 5; (e b) ([3; +1); f5g) 3g is bffl -ffle Computing an STP 6= consistency is in O(n 3 + p) time and O(n 2 + p) space, where n is the number of variables and p is the number of inequations. A solution (if there is any) can be found in O(n 3 + p) time too [4].

6 Soundness, completeness and decidability A Mixed Decision Method for Duration Calculus 893 The main result of this note is presented in this section, where we have as a corollary the decidability of our fragment. THEOREM 6.1 (Soundness and completeness) There exists an open tableau for a formula ffi if, and only if, ffi is satisfiable. PROOF. ()) Soundness. Let n be an open terminal node of an open tableau for ffi and let (V; I; [b; e]) be the t- model associated with n. First, let us prove that t-model (V; I; [b; e]) t-satisfies all bounded state expression and all constraint of node n: ffl If b i R b j 2 n with R 2f<;»; =g then, by Definition 4.4, V(b i ) 2 [b; e], V(b j ) 2 [b; e] and V(b i ) R V(b j ). ffl If (b j b i ) S k 2 n with S 2f<;»; =; 6=; ;>gand k 2 IR then, by Definition 4.4, V(b i ) 2 [b; e], V(b j ) 2 [b; e] and (V(b j ) V(b i )) S k. ffl If ff [b0 ;e 0 ] 2 n then, by Lemma 4.8, as n is an open terminal node b 0./ e 0 thus b 0 2 B, e 0 2 B and b 0» e 0 (by Observation 4.7) so, by Definition 4.4, V(b 0 ) 2 [b; e], V(e 0 ) 2 [b; e] and V(b 0 )» V(e 0 ). Owing to the construction of (V; I; [b; e]), 8t 2 [V(b 0 ); V(e 0 )), I(ff)(t) = 1 hence (V; I; [b; e]) t-satisfies ff [b0 ;e 0 ]. ffl If :ff [b0 ;e 0 ] 2 n then, by Lemma 4.8, since n is an open terminal node b 0./e 0 thus b 0 2 B, e 0 2 B and b 0» e 0 (by Observation 4.7) so V(b 0 ) 2 [b; e], V(e 0 ) 2 [b; e] and V(b 0 )» V(e 0 ). Rule interval disjunction applied to all ff [b 00 ;e 00 ] 2 n ) for all ff [b 00 ;e 00 ] 2 n, e 00» b 0 or e 0» b 00 ) for all ff [b 00 ;e 00 ] 2 n, b 00 2 B, e 00 2 B and (V(e 00 )» V(b 0 ) or V(e 0 )» V(b 00 )) ) for all ff [b 00 ;e 00 ] 2 n, [V(b 0 ); V(e 0 )) [V(b 00 ); V(e 00 )) = ; ) [V(b 0 ); V(e 0 )) S f[v(b 00 ); V(e 00 )) : ff [b 00 ;e 00 ] 2 ng = ; )8t 2 [V(b 0 ); V(e 0 )), t 62 S f[v(b 00 ); V(e 00 )) : ff [b 00 ;e 00 ] 2 ng. Moreover, by Definition 4.4, 8t 62 S f[v(b 00 ); V(e 00 )): ff [b 00 ;e 00 ] 2 ng, I(ff)(t) = 0, so 8t 2 [V(b 0 ); V(e 0 )), I(ff)(t) = 0, thus 8t 2 [V(b 0 ); V(e 0 )), I(:ff)(t) = 1. Hence (V; I; [b; e]) t-satisfies :ff [b0 ;e 0 ]. Furthermore, by Lemma 4.5, for all rules, the father s bounded formulae, bounded state expressions and constraints are t-satisfiable if the bounded formulae, bounded state expressions and constraints in one of the sons are t-satisfiable. Consequently (V; I; [b; e]) t-satisfies ffi [fi;ffl]. Accordingly, by Lemma 4.3, ffi is satisfiable. (() Completeness. Let ffi [fi;ffl] be the root bounded formula. If ffi is satisfiable then ffi [fi;ffl] is t-satisfiable (Lemma 4.3). According to Lemma 4.5, for all rule if the father s bounded formulae are t-satisfiable then the bounded formulae of one of the sons are t-satisfiable too. This entails the existence of an open tableau for ffi. Finally, given that Lemma 3.10 provides the ending of the tableau construction we conclude that our Duration Calculus fragment is decidable.

894 A Mixed Decision Method for Duration Calculus 7 Conclusion In this note a new decidable fragment of Duration Calculus was isolated. This fragment is rich enough to embed Allen s Interval Algebra. Moreover in this fragment we can express quantitative constraints, i.e. constraints about the duration of actions, which is essential to reason in the field of real-time systems. On the other hand we defined a deduction method for that fragment; this tableau-based method is sound, complete and terminates. Work in progress concerns the extension of our methodology to richer fragments as for example fragments including negation or any duration of actions. The implementation of our method is also currently under way. References [1] J. F. Allen. Maintaining knowledge about temporal intervals. Communications of the ACM, 26, 832 843, 1983. [2] R. Dechter, I. Meiri and J. Pearl. Temporal constraint networks. Artificial Intelligence, 49, 61 95, 1991. [3] M. Fränzle. Synthesizing Controllers from Duration Calculus. In Formal Techniques in Real-Time and Fault- Tolerant Systems, 4th International Symposium, Uppsala, Sweden, B. Jonsson and J. Parrow, eds., pp. 168 187. Vol. 1135 of Lecture Notes in Computer Science, Springer-Verlag, 1996. [4] A. Gerevini and M. Cristani. On finding a solution in temporal constraint satisfaction problem. In Proceedings of the Fifteenth International Joint Conference on Artificial Intelligence, IJCAI 97, Nagoya, Japan, Volume 2, pp. 1460 1465, Morgan Kaufmann, 1997. [5] M. R. Hansen and C. Zhou. Semantics and completeness of duration calculus. In Real-Time: Theory in Practice, REX Workshop, W.-P. de Roever, J. W. de Bakker, C. Huizing and G. Rozenberg, eds., pp. 209 225. Volume 600 of Lecture Notes in Computer Science, Springer-Verlag, 1992. [6] M. R. Hansen and C. Zhou. Duration Calculus: logical foundations. Formal Aspects of Computing, 9, 283 330, 1997. [7] B. Moszkowski. A temporal logic for multilevel reasoning about hardware. Computer, 18, 10 19, 1985. [8] A. P. Ravn, H. Rischel and K. M. Hansen. Specifying and verifying requirements of real-time systems. IEEE Transactions on Software Engineering, Special Issue on Software for Critical Systems, 19, 41 55, 1993. [9] J. U. Skakkebæk and P. Sestoft. Checking validity of duration calculus formulas. Technical Report ID/DTH JUS 3/1, Department of Computer Science, Technical University of Denmark, 2800 Lyngby, Denmark, March 1994. available at ftp://ftp.it.dtu.dk/pub/procos/jens.u.skakkebaek /IDDTH-JUS-3-1.ps.Z. [10] Y. Venema. A modal logic for chopping intervals. Journal of Logic and Computation, 1, 453 476, 1991. [11] Z. Yuhua and C. Zhou. A formal proof of the deadline driven scheduler. In Formal Techniques in Real-Time and Fault-Tolerant Systems, Third International Symposium, H. Langmaack, W.-P. de Roever, and J. Vytopil, eds., pp. 756 775. Volume 863 of Lecture Notes in Computer Science, Springer-Verlag, 1994. [12] C. Zhou, M. R. Hansen, A. P. Ravn and H. Rischel. Duration specifications for shared processors. In Formal Techniques in Real-Time and Fault-Tolerant Systems, Second International Symposium, J. Vytopil, editor, pp. 21 32. Volume 571 of Lecture Notes in Computer Science, Springer-Verlag, 1992. [13] C Zhou, M. R. Hansen and P. Sestoft. Decidability and undecidability results for duration calculus. In STACS 93, 10th Annual Symposium on Theoretical Aspects of Computer Science, P. Enjalbert, A. Finkel and K. W. Wagner, eds., pp. 58 68. Volume 665 of Lecture Notes in Computer Science, Springer-Verlag, 1993. [14] C. Zhou, C. A. R. Hoare and A. P. Ravn. A calculus of durations. Information Processing Letters, 40, 269 276, North Holland, 1991. Appendix A Interval Algebra Interval Algebra is an interval-based temporal logic introduced by Allen [1]. The basic entities are time intervals linked by qualitative temporal relations; there are thirteen possible relations between two intervals, listed hereafter. A set of temporal information is represented as a temporal network, the aim being to find whether this network is

A Mixed Decision Method for Duration Calculus 895 consistent. A network corresponds to a conjunction of disjunctions of atomic relations: ^ni=1 _p j=1 u ijr ij v ij, where R ij is an atomic relation and u ij, v ij are time intervals. An Interval Algebra formula F IA = ^ni=1 _p j=1 u ij R ij v ij is satisfiable by a total order R on the interval bounds if for all i 2 f1;:::;ng, there exists j 2 f1;:::;pg such that R satisfies the interval bound constraints entailed by u ij R ij v ij. The Interval Fragment formula corresponding to a network is obtained by translating each formula u R v (where R is an atomic relation) by its Interval Fragment counterpart from Figure 4, where state variable x (respectively y) corresponds to interval u (respectively v). IntervalAlgebra u before v u meets v u overlaps v u starts v u during v u finishes v u equals v u finished by v u during by v u started by v u overlapped by v u met by v u after v Duration Calculus d:x ^:ye; dx ^:ye; d:x ^:ye; d:x ^ ye; d:x ^:ye d:x ^:ye; dx ^:ye; d:x ^ ye; d:x ^:ye d:x ^:ye; dx ^:ye; dx ^ ye; d:x ^ ye; d:x ^:ye d:x ^:ye; dx ^ ye; d:x ^ ye; d:x ^:ye d:x ^:ye; d:x ^ ye; dx ^ ye; d:x ^ ye; d:x ^:ye d:x ^:ye; d:x ^ ye; dx ^ ye; d:x ^:ye d:x ^:ye; dx ^ ye; d:x ^:ye d:x ^:ye; dx ^:ye; dx ^ ye; d:x ^:ye d:x ^:ye; dx ^:ye; dx ^ ye; dx ^:ye; d:x ^:ye d:x ^:ye; dx ^ ye; dx ^:ye; d:x ^:ye d:x ^:ye; d:x ^ ye; dx ^ ye; dx ^:ye; d:x ^:ye d:x ^:ye; d:x ^ ye; dx ^:ye; d:x ^:ye d:x ^:ye; d:x ^ ye; d:x ^:ye; dx ^:ye; d:x ^:ye FIGURE 4. Translation of Interval Algebra atomic relations into Duration Calculus EXAMPLE A.1 (u starts v _ u equals v) ^ w met by v 7! (d:x ^:ye; dx ^ ye; d:x ^ ye; d:x ^:ye_d:x ^:ye; dx ^ ye; d:x ^:ye) ^d:z ^:ye; d:z ^ ye; dz ^:ye; d:z ^:ye. THEOREM A.2 Let F IA be an Interval Algebra formula and let G DC be its translation into the Interval Fragment. F IA is satisfiable in Interval Algebra if, and only if, G DC is satisfiable in the Interval Fragment. PROOF. [Sketch] ()) From a total order R satisfying F IA, one can construct a model M =(I; [b; e]) of G DC in the following way: ffl for all state variable x corresponding to an interval u of F IA, I(x) 2 Time! f0; 1g is such that 9x ;x + 2 Time such that x(i) =1if i 2 [x ;x + ], x(i) =0if i 2 [ 1;x ] [ [x + ; +1],sothatR is respected, ffl b 2 Time such that b<minfx jx is a state variableg and e 2 Time such that e>maxfx + jx is a state variableg. (() If G D is satisfiable then there exists M = (I; [b; e]) a model of G D such that for all state variable x k, I(x k ) 2 Time!f0; 1g such that 9x k ;x+ k 2 Time such that x k (i) =1if i 2 [x k ;x+ k ], x k (i) =0if i 2 [ 1;x k ] [ [x+ k ; +1]. There exists a total order R on all the bounds x k ;x+ k of state variables x k which satisfies F IA. Received 4 November 1999

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback