Formal Specification and Verification
Formal Modeling with Propositional Logic
Bernhard Beckert
Based on a lecture by Wolfgang Ahrendt and Reiner Hähnle at
Chalmers University, Göteborg
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
1 / 24
Formalisation
Real
Formalisation
World
Formal Specification and Verification: Formal Modeling with PL
Formal
Model
B. Beckert
2 / 24
Formalisation: Syntax, Semantics
Formal
tax
Syn
Languages
Real
World
Sem
ant
ics
Formal
Semantics
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
2 / 24
Formalisation: Syntax, Semantics
Formal
tax
Syn
Real
Languages
Interpretation
World
Sem
ant
ics
Formal
Semantics
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
2 / 24
Formalisation: Syntax, Semantics
Propositional
tax
Syn
Real
Logic
Interpretation
World
Sem
ant
ics
Valuation
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
2 / 24
Formalisation: Syntax, Semantics
Promela +
tax
Syn
Real
Temporal Logic
Interpretation
World
Sem
ant
ics
All Runs σ +
Valuation in σ
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
2 / 24
Formalisation: Syntax, Semantics
Temporal Logic
ta
Syn
Real
World
x
Promela
x
ta
Syn
Semantics
Formal Specification and Verification: Formal Modeling with PL
All Runs σ =
Transition System
B. Beckert
2 / 24
Formalisation: Syntax, Semantics, Proving
Temporal Logic
tax
Syn
Real
World
Promela
x
ta
Syn
Semantics
All Runs σ =
Transition System
How to do
proving?
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
2 / 24
Formal Verification: Model Checking
TL
Sy
n
ta
x
Promela
x
Real
World
n
Sy
ta
Sem.
Transition
System
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
2 / 24
Formal Verification: Model Checking
Translation
TL
Büchi
Automaton
Sy
n
ta
x
Promela
of Negation
x
Real
World
n
Sy
ta
Sem.
Transition
System
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
2 / 24
Formal Verification: Model Checking
Translation
TL
Büchi
Automaton
Sy
n
ta
x
Promela
of Negation
x
Real
World
n
Sy
ta
Transition
Semantics
System
Product
accepts
no run?
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
2 / 24
Syntax, Semantics, Calculus
Syntax
Formula/Program
x
Semantics
“valid”
Calculus
“Derivable”
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
3 / 24
Syntax, Semantics, Calculus
Syntax
Formula/Program
Semantics
“valid”
x
Completeness
Calculus
“Derivable”
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
3 / 24
Syntax, Semantics, Calculus
Syntax
Formula/Program
Semantics
“valid”
x
Completeness
Soundness
Calculus
“Derivable”
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
3 / 24
Propositional Logic
Propositional
Formulas
|=
x
Mapping
Var → {T , F }
`
Sequent Calculus
SAT Solver
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
4 / 24
Propositional Logic— Syntax
Propositional
Formulas
|=
x
Mapping
Var → {T , F }
`
Sequent Calculus
SAT Solver
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
4 / 24
Syntax of Propositional Logic
Signature
A set of Propositional Variables P
Formal Specification and Verification: Formal Modeling with PL
(with typical elements p, q, r , . . .)
B. Beckert
5 / 24
Syntax of Propositional Logic
Signature
A set of Propositional Variables P
(with typical elements p, q, r , . . .)
Propositional Connectives
true
false
&
|
!
−>
<−>
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
5 / 24
Syntax of Propositional Logic
Signature
A set of Propositional Variables P
(with typical elements p, q, r , . . .)
Propositional Connectives
true
false
&
|
!
−>
<−>
Set of Propositional Formulas For0
I Truth constants true, false and variables P are formulas
I
If φ and ψ are formulas then
! φ,
(φ & ψ),
(φ | ψ),
(φ −> ψ),
(φ <−> ψ)
are also formulas
I
There are no other formulas (inductive definition)
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
5 / 24
Syntax of Propositional Logic
Signature
A set of Propositional Variables P
(with typical elements p, q, r , . . .)
Propositional Connectives (KeY notation)
true
false
&
|
!
−>
<−>
Set of Propositional Formulas For0
I Truth constants true, false and variables P are formulas
I
If φ and ψ are formulas then
! φ,
(φ & ψ),
(φ | ψ),
(φ −> ψ),
(φ <−> ψ)
are also formulas
I
There are no other formulas (inductive definition)
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
5 / 24
Remark on Concrete Syntax
Negation
Conjunction
Disjunction
Implication
Equivalence
Text book
¬
∧
∨
→, ⊃
↔
Formal Specification and Verification: Formal Modeling with PL
Spin
!
&&
||
−>
<−>
KeY
!
&
|
−>
<−>
B. Beckert
6 / 24
Remark on Concrete Syntax
Negation
Conjunction
Disjunction
Implication
Equivalence
Text book
¬
∧
∨
→, ⊃
↔
Spin
!
&&
||
−>
<−>
KeY
!
&
|
−>
<−>
Today, we use KeY notation.
Be flexible during the course!
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
6 / 24
Propositional Logic— Semantics
Propositional
Formulas
`
x
Mapping
Var → {T , F }
|=
Sequent Calculus
SAT Solver
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
7 / 24
Semantics of Propositional Logic
Interpretation I
Assigns a truth value to each propositional variable
I : P → {T , F }
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
8 / 24
Semantics of Propositional Logic
Interpretation I
Assigns a truth value to each propositional variable
I : P → {T , F }
Valuation function
valI : Continuation of I on For0
valI : For0 → {T , F }
valI (pi ) = I(pi )
valI (true) = T
valI (false) = F
(cont’d next page)
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
8 / 24
Semantics of Propositional Logic (Cont’d)
Valuation function (Cont’d)
T if valI (φ) = F
valI (! φ) =
F otherwise
T if valI (φ) = T and valI (ψ) = T
valI (φ & ψ) =
F otherwise
T if valI (φ) = T or valI (ψ) = T
valI (φ | ψ) =
F otherwise
T if valI (φ) = F or valI (ψ) = T
valI (φ −> ψ) =
F otherwise
T if valI (φ) = valI (ψ)
valI (φ <−> ψ) =
F otherwise
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
9 / 24
Examples
Formula
p −> (q −> p)
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
10 / 24
Examples
Formula
p −> (q −> p)
Interpretation
One of four different ones on P = {p, q} that are possible:
I(p) = T
I(q) = F
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
10 / 24
Examples
Formula
p −> (q −> p)
Interpretation
One of four different ones on P = {p, q} that are possible:
I(p) = T
I(q) = F
Valuation
valI ( q −> p )
=
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
10 / 24
Examples
Formula
p −> (q −> p)
Interpretation
One of four different ones on P = {p, q} that are possible:
I(p) = T
I(q) = F
Valuation
valI ( q −> p )
=
T
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
10 / 24
Examples
Formula
p −> (q −> p)
Interpretation
One of four different ones on P = {p, q} that are possible:
I(p) = T
I(q) = F
Valuation
valI ( q −> p ) = T
valI ( p −> (q −> p) )
=
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
10 / 24
Examples
Formula
p −> (q −> p)
Interpretation
One of four different ones on P = {p, q} that are possible:
I(p) = T
I(q) = F
Valuation
valI ( q −> p ) = T
valI ( p −> (q −> p) )
=
T
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
10 / 24
Semantic Notions of Propositional Logic
Let φ ∈ For0 , Γ ⊂ For0
Definition (Model and Consequence Relation, overloading |=)
φ is true in I and I is a model of φ (write: I |= φ) iff valI (φ) = T
φ follows from Γ (write: Γ |= φ) iff for all interpretations I:
If I |= ψ for all ψ ∈ Γ then also I |= φ
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
11 / 24
Semantic Notions of Propositional Logic
Let φ ∈ For0 , Γ ⊂ For0
Definition (Model and Consequence Relation, overloading |=)
φ is true in I and I is a model of φ (write: I |= φ) iff valI (φ) = T
φ follows from Γ (write: Γ |= φ) iff for all interpretations I:
If I |= ψ for all ψ ∈ Γ then also I |= φ
Definition (Satisfiability, Validity)
A formula is satisfiable if it is true in some interpretation.
If φ is true in every interpretation, i.e.
∅ |= φ (short: |= φ)
then φ is called (logically) valid.
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
11 / 24
Examples
Formula (same as before)
p −> (q −> p)
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
12 / 24
Examples
Formula (same as before)
p −> (q −> p)
Is this formula valid?
|= p −> (q −> p) ?
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
12 / 24
Examples
p & ((! p) | q)
Satisfiable?
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
13 / 24
Examples
p & ((! p) | q)
Satisfiable?
4
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
13 / 24
Examples
p & ((! p) | q)
Satisfiable?
Satisfying Interpretation?
4
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
13 / 24
Examples
p & ((! p) | q)
Satisfiable?
Satisfying Interpretation?
4
I(p) = T , I(q) = T
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
13 / 24
Examples
p & ((! p) | q)
Satisfiable?
4
Satisfying Interpretation?
I(p) = T , I(q) = T
Other Satisfying Interpretations?
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
13 / 24
Examples
p & ((! p) | q)
Satisfiable?
4
Satisfying Interpretation?
I(p) = T , I(q) = T
Other Satisfying Interpretations? 8
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
13 / 24
Examples
p & ((! p) | q)
Satisfiable?
4
Satisfying Interpretation?
I(p) = T , I(q) = T
Other Satisfying Interpretations? 8
Therefore, also not valid!
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
13 / 24
Examples
p & ((! p) | q)
Satisfiable?
4
Satisfying Interpretation?
I(p) = T , I(q) = T
Other Satisfying Interpretations? 8
Therefore, also not valid!
p & ((! p) | q) |= q | r
Does it hold?
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
13 / 24
Examples
p & ((! p) | q)
Satisfiable?
4
Satisfying Interpretation?
I(p) = T , I(q) = T
Other Satisfying Interpretations? 8
Therefore, also not valid!
p & ((! p) | q) |= q | r
Does it hold? Yes.
Why?
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
13 / 24
Propositional Logic— Calculus
Propositional
Formulas
`
x
Mapping
Var → {T , F }
|=
Sequent
Calculus
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
14 / 24
Reasoning by Syntactic Transformation
Establish |= φ by finite, syntactic transformation of φ
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
15 / 24
Reasoning by Syntactic Transformation
Establish |= φ by finite, syntactic transformation of φ
(Logic) Calculus
A set of syntactic transformation rules R defining a
relation ` ⊆ For0 such that ` φ implies |= φ.
I
` φ implies |= φ: Soundness (required)
I
|= φ implies ` φ: Completeness (desirable)
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
15 / 24
Reasoning by Syntactic Transformation
Establish |= φ by finite, syntactic transformation of φ
(Logic) Calculus
A set of syntactic transformation rules R defining a
relation ` ⊆ For0 such that ` φ implies |= φ.
I
` φ implies |= φ: Soundness (required)
I
|= φ implies ` φ: Completeness (desirable)
Sequent Calculus based on notion of sequent
ψ1 , . . . , ψ m
| {z }
=⇒
Antecedent
φ1 , . . . , φn
| {z }
Succedent
has same semantics as
(ψ1 & · · · & ψm ) −> (φ1 | · · · | φn )
{ψ1 , . . . , ψm } |= φ1 | · · · | φn
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
15 / 24
Notation for Sequents
ψ1 , . . . , ψ m
=⇒
φ1 , . . . , φn
Consider antecedent/succedent as sets of formulas, may be empty
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
16 / 24
Notation for Sequents
ψ1 , . . . , ψ m
=⇒
φ1 , . . . , φn
Consider antecedent/succedent as sets of formulas, may be empty
Schema Variables
φ, ψ, . . . match formulas, Γ, ∆, . . . match sets of formulas
Characterize infinitely many sequents with a single schematic sequent
Γ
=⇒
∆, φ & ψ
Matches any sequent with occurrence of conjunction in succedent
Call φ & ψ main formula and Γ, ∆ side formulas of sequent
Any sequent of the form Γ, φ =⇒ ∆, φ is logically valid: axiom
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
16 / 24
Sequent Calculus Rules of Propositional Logic
Write syntactic transformation schema for sequents that reflects
semantics of connectives as closely as possible
Premisses
RuleName
z
Γ1 =⇒ ∆1
}|
···
{
Γr =⇒ ∆r
Γ
{z ∆}
| =⇒
Conclusion
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
17 / 24
Sequent Calculus Rules of Propositional Logic
Write syntactic transformation schema for sequents that reflects
semantics of connectives as closely as possible
Premisses
RuleName
z
Γ1 =⇒ ∆1
}|
···
{
Γr =⇒ ∆r
Γ
{z ∆}
| =⇒
Conclusion
Example
andRight
Γ =⇒ φ, ∆
Γ =⇒ ψ, ∆
Γ =⇒ φ & ψ, ∆
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
17 / 24
Sequent Calculus Rules of Propositional Logic
Write syntactic transformation schema for sequents that reflects
semantics of connectives as closely as possible
Premisses
RuleName
z
Γ1 =⇒ ∆1
}|
···
{
Γr =⇒ ∆r
Γ
{z ∆}
| =⇒
Conclusion
Example
andRight
Γ =⇒ φ, ∆
Γ =⇒ ψ, ∆
Γ =⇒ φ & ψ, ∆
Sound rule (essential):
|= (Γ1 =⇒ ∆1 & · · · & Γr =⇒ ∆r ) −> (Γ =⇒ ∆)
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
17 / 24
Sequent Calculus Rules of Propositional Logic
Write syntactic transformation schema for sequents that reflects
semantics of connectives as closely as possible
Premisses
RuleName
z
Γ1 =⇒ ∆1
}|
···
{
Γr =⇒ ∆r
Γ
{z ∆}
| =⇒
Conclusion
Example
andRight
Γ =⇒ φ, ∆
Γ =⇒ ψ, ∆
Γ =⇒ φ & ψ, ∆
Sound rule (essential):
|= (Γ1 =⇒ ∆1 & · · · & Γr =⇒ ∆r ) −> (Γ =⇒ ∆)
Complete rule (desirable):|= (Γ =⇒ ∆) −> (Γ1 =⇒ ∆1 & · · · & Γr =⇒ ∆r )
Admissible to have no premisses (iff conclusion is valid, eg axiom)
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
17 / 24
Rules of Propositional Sequent Calculus
main left side (antecedent)
not
right side (succedent)
Γ =⇒ φ, ∆
Γ, φ =⇒ ∆
Γ, ! φ =⇒ ∆
Γ =⇒ ! φ, ∆
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
18 / 24
Rules of Propositional Sequent Calculus
main left side (antecedent)
not
and
right side (succedent)
Γ =⇒ φ, ∆
Γ, φ =⇒ ∆
Γ, ! φ =⇒ ∆
Γ =⇒ ! φ, ∆
Γ, φ, ψ =⇒ ∆
Γ, φ & ψ =⇒ ∆
Formal Specification and Verification: Formal Modeling with PL
Γ =⇒ φ, ∆
Γ =⇒ ψ, ∆
Γ =⇒ φ & ψ, ∆
B. Beckert
18 / 24
Rules of Propositional Sequent Calculus
main left side (antecedent)
not
and
or
right side (succedent)
Γ =⇒ φ, ∆
Γ, φ =⇒ ∆
Γ, ! φ =⇒ ∆
Γ =⇒ ! φ, ∆
Γ, φ, ψ =⇒ ∆
Γ =⇒ φ, ∆
Γ, φ & ψ =⇒ ∆
Γ, φ =⇒ ∆
Γ, ψ =⇒ ∆
Γ, φ | ψ =⇒ ∆
Formal Specification and Verification: Formal Modeling with PL
Γ =⇒ ψ, ∆
Γ =⇒ φ & ψ, ∆
Γ =⇒ φ, ψ, ∆
Γ =⇒ φ | ψ, ∆
B. Beckert
18 / 24
Rules of Propositional Sequent Calculus
main left side (antecedent)
not
and
or
imp
right side (succedent)
Γ =⇒ φ, ∆
Γ, φ =⇒ ∆
Γ, ! φ =⇒ ∆
Γ =⇒ ! φ, ∆
Γ, φ, ψ =⇒ ∆
Γ =⇒ φ, ∆
Γ, φ & ψ =⇒ ∆
Γ, φ =⇒ ∆
Γ, ψ =⇒ ∆
Γ, φ | ψ =⇒ ∆
Γ =⇒ φ, ∆
Γ, ψ =⇒ ∆
Γ, φ −> ψ =⇒ ∆
Formal Specification and Verification: Formal Modeling with PL
Γ =⇒ ψ, ∆
Γ =⇒ φ & ψ, ∆
Γ =⇒ φ, ψ, ∆
Γ =⇒ φ | ψ, ∆
Γ, φ =⇒ ψ, ∆
Γ =⇒ φ −> ψ, ∆
B. Beckert
18 / 24
Rules of Propositional Sequent Calculus
main left side (antecedent)
not
and
Γ =⇒ φ, ∆
Γ, φ =⇒ ∆
Γ, ! φ =⇒ ∆
Γ =⇒ ! φ, ∆
Γ, φ, ψ =⇒ ∆
Γ =⇒ φ, ∆
Γ, φ & ψ =⇒ ∆
Γ, φ =⇒ ∆
or
right side (succedent)
Γ =⇒ φ & ψ, ∆
Γ, ψ =⇒ ∆
Γ, φ | ψ =⇒ ∆
imp
close
Γ =⇒ φ, ∆
Γ, ψ =⇒ ∆
true
Γ =⇒ φ, ψ, ∆
Γ =⇒ φ | ψ, ∆
Γ, φ −> ψ =⇒ ∆
Γ, φ =⇒ φ, ∆
Γ =⇒ ψ, ∆
Γ, φ =⇒ ψ, ∆
Γ =⇒ φ −> ψ, ∆
Γ =⇒ true, ∆
Formal Specification and Verification: Formal Modeling with PL
false
Γ, false =⇒ ∆
B. Beckert
18 / 24
Justification of Rules
Compute rules by applying semantic definitions
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
19 / 24
Justification of Rules
Compute rules by applying semantic definitions
orRight
Γ =⇒ φ, ψ, ∆
Γ =⇒ φ | ψ, ∆
Follows directly from semantics of sequents
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
19 / 24
Justification of Rules
Compute rules by applying semantic definitions
orRight
Γ =⇒ φ, ψ, ∆
Γ =⇒ φ | ψ, ∆
Follows directly from semantics of sequents
andRight
Γ =⇒ φ, ∆
Γ =⇒ ψ, ∆
Γ =⇒ φ & ψ, ∆
iff
Γ −> φ | ∆
Γ −> (φ & ψ) | ∆
Distributivity of & over | and −>
Formal Specification and Verification: Formal Modeling with PL
and
Γ −> ψ | ∆
B. Beckert
19 / 24
Sequent Calculus Proofs
Goal to prove: G =
ψ1 , . . . , ψm =⇒ φ1 , . . . , φn
I
find rule R whose conclusion matches G
I
instantiate R such that conclusion identical to G
I
recursively find proofs for resulting premisses G1 , . . . , Gr
I
tree structure with goal as root
I
close proof branch when rule without premiss encountered
Goal-directed proof search
In KeY tool proof displayed as Java Swing tree
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
20 / 24
A Simple Proof
=⇒ (p & (p −> q)) −> q
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
21 / 24
A Simple Proof
p & (p −> q) =⇒ q
=⇒ (p & (p −> q)) −> q
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
21 / 24
A Simple Proof
p, (p −> q) =⇒ q
p & (p −> q) =⇒ q
=⇒ (p & (p −> q)) −> q
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
21 / 24
A Simple Proof
p =⇒ q, p
p, q =⇒ q
p, (p −> q) =⇒ q
p & (p −> q) =⇒ q
=⇒ (p & (p −> q)) −> q
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
21 / 24
A Simple Proof
Close
∗
∗
Close
p =⇒ q, p
p, q =⇒ q
p, (p −> q) =⇒ q
p & (p −> q) =⇒ q
=⇒ (p & (p −> q)) −> q
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
21 / 24
A Simple Proof
Close
∗
∗
Close
p =⇒ q, p
p, q =⇒ q
p, (p −> q) =⇒ q
p & (p −> q) =⇒ q
=⇒ (p & (p −> q)) −> q
A proof is closed iff all its branches are closed
Demo
Examples/prop.key
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
21 / 24
How Expressive is Propositional Logic?
Finite set of elements N = {1, . . . , n}
Let pij denote p(i) = j. p is a permutation on N . . .
Groups, Latin squares, Sudoku, . . .
Even finite numbers (e.g., bitwise encoding)
We will see that Promela data structures are carefully designed such that
computation states can be encoded in propositional logic
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
22 / 24
Limitations of Propositional Logic
Fixed, finite number of objects
Cannot express: let g be group with arbitrary number of elements
No functions or relations with arguments
Can express: finite function/relation table pij
Cannot express: properties of function/relation on all arguments, e.g., +
is associative
Static interpretation
Programs change value of their variables, e.g., via assignment, call, etc.
Propositional formulas look at one single interpretation at a time
Formal Specification and Verification: Formal Modeling with PL
B. Beckert
23 / 24
Beyond the Limitations of Propositional Logic
pu
+com
ns
tatio
Temporal
Logic
+computations +functions
Propositional
Logic
+fun
ction
s
First-order
Logic
Dynamic
Logic
Beyond the Limitations of Propositional Logic
Spin
pu
+com
ns
tatio
Temporal
Logic
+computations +functions
Propositional
Logic
+fun
ction
s
First-order
Logic
Dynamic
Logic
Beyond the Limitations of Propositional Logic
Spin
pu
+com
ns
tatio
Temporal
Logic
+computations +functions
Propositional
Logic
+fun
ction
s
First-order
Logic
Formal Specification and Verification: Formal Modeling with PL
Dynamic
Logic
KeY
B. Beckert
24 / 24
© Copyright 2026 Paperzz