1. No category

Temporal Logics over Mazurkiewicz Traces A Quick Tour

Temporal Logics over Mazurkiewicz Traces
A Quick Tour
Madhavan Mukund
Chennai Mathematical Institute
92 G N Chetty Rd, Chennai 600 017, India
http://www.cmi.ac.in/˜madhavan
Arcachon, 23 May 2002
Motivation
• Temporal logic — convenient specification language
• Formulas interpreted over sequences
– For concurrent systems, sets of interleaved behaviours
– Combinatorial explosion in verification
• Can we directly reason about a single structure that describes the entire
behaviour of a concurrent system?
Arcachon, 23 May 2002
1
Mazurkiewicz traces
• An alphabet with an independence relation, (Σ, I)
• Independent letters can be commuted.
If (a, b) ∈ I, then wabw 0 ∼ w0abw
• A trace is an equivalence class of words—a single concurrent behaviour
with different, equivalent linearizations
• Traces faithfully model behaviour of concurrent systems with static
architecture —e.g., safe Petri nets
Arcachon, 23 May 2002
2
Traces revisited
• Dependence alphabet (Σ, D): D is the complement of I
Dependence graph; e.g., (Σ, D) = a — b — c — d
Here, (a, c), (b, d), (a, d) are independent pairs
• A trace is a labelled partial order
The trace {abacbac, abcabac, . . . , abcabca} is the (set of linearizations
of the) labelled partial order
a
*
j
j
b
*
j
Arcachon, 23 May 2002
a
c
*
a
j
c
b
3
Finite and infinite traces
(Σ, D) = a — b — c — d
Finite trace
a
*
j
a
j
b
*
j
c
-
c
*
a
j
c
b
Infinite trace
a
-
b
6
d
Arcachon, 23 May 2002
-
-
b
-
···
c
4
Traces as partial orders
A trace over (Σ, D) is a labelled partial order t = (E, ≤, λ) such that
/D
• e 6≤ f and f 6≤ e implies (λ(e), λ(f )) ∈
Concurrent (unordered) events correspond to independent actions
• e l f implies (λ(e), λ(f )) ∈ D
The causality order on events is generated by D
• For all e ∈ E, ↓e = {f | f ≤ e} is finite
Each event has a finite past (infinite traces are “real”)
Key fact For each (Σ, D), the width of traces over (Σ, D) is bounded.
Arcachon, 23 May 2002
5
Linear-time temporal logic over sequences
• Atomic propositions, boolean connectives, temporal modalities
ϕ
• Next
-
-
-
-
-
-
-
-
-
···
ϕ
ϕ Uψ
• Until
-
-
-
-
ϕ
Arcachon, 23 May 2002
-
ϕ
···
-
-
ϕ
-
-
···
ψ
6
Linear-time temporal logic over sequences . . .
Derived modalities
3ψ ≡ > Uψ
• Eventually
-
-
-
-
-
···
-
-
-
-
···
ψ
2ψ ≡ ¬3¬ψ
• Henceforth
-
-
-
-
ψ
Arcachon, 23 May 2002
-
ψ
···
-
-
ψ
-
ψ
-
···
ψ
7
Linear-time temporal logic over sequences . . .
Past modalities
−ϕ
• Previous
-
-
-
-
-
-
-
-
-
···
ϕ
ϕ Sψ
• Since
-
-
-
-
ψ
Arcachon, 23 May 2002
-
ϕ
···
-
-
ϕ
-
-
···
ϕ
8
Linear-time temporal logic over sequences . . .
• Theorem (Kamp ’68)
LTL has the same expressive power as FO(N, <).
• Theorem (Gabbay, Pnueli, Shelah & Stavi ’80)
LTL with only future modalities has the same expressive power as
FO(N, <).
• Theorem (Sistla & Clarke ’82)
Model checking LTL is PSPACE-complete.
– Do all sequences generated by a finite-state system S satisfy an
LTL formula ϕ?
Arcachon, 23 May 2002
9
LTL over traces
• Points on a sequence ⇔ prefixes of the sequence
• A prefix of a trace is a downward closed subset of events
a
*
j
a
*
j
b
*
j
a
*
j
b
c
a
j
c
a
j
b
*
j
*
a
j
c
b
c
• Interpret formulas at prefixes
• Prefixes can be ordered in the obvious way—c c0 iff c ⊆ c0
Arcachon, 23 May 2002
10
LTL over traces . . .
• Two prefixes may be unordered
a
*
j
a
*
a
a
*
j
b
j
*b
j
c
j
a
j
b
*
c
j
*
a
j
c
b
c
• A prefix may have more than one “next” prefix
a
a
*
j
a
*
c
j
c
a
j
=⇒
Arcachon, 23 May 2002
a
j
b
=⇒
*b
j
j
a
j
b
*
*
*
a
b
j
c
j
c
*
a
*
a
j
c
j
b
*
j
c
b
11
Trace modalities
For a trace t = (E, ≤, λ) over (Σ, D), let c ⊆ E be a prefix.
ϕ
···•
• ···
t, c |= ϕ
if there exists a “next”
···
c0 = c ∪ {e}
prefix
···•
···
0
such that t, c |= ϕ
···
···• •
ϕ
t, c |= ϕ Uψ
Arcachon, 23 May 2002
0
if t, c |= ψ for some
prefix c0, c c0, and
c00
with
for
all
c c00 c0, t, c00 |= ψ
ϕ Uψ
ϕ ϕ ϕ
ψ
12
Trace modalities . . .
Fix a trace alphabet (Σ, D).
• When interpreted on traces over (Σ, D), what is the expressive power of
LTL(, U) with respect to FO(<)?
– LTL(, U) is within FO(<) because width of a trace is bounded!
• Theorem (Thiagarajan & Walukiewicz, LICS ’97)
Expressively complete, if you add past formulas −a
– t, c |= − a if c contains a maximal event labelled a
• Theorem (Diekert & Gastin, ICALP ’00)
Expressively complete with just and U.
Generalizes the GPSS ’80 result from sequences to traces.
Arcachon, 23 May 2002
13
Trace modalities . . .
Unfortunately, . . .
• Theorem (Walukiewicz, ICALP ’98)
Model checking is non elementary.
“Too many” configurations between ϕ and ψ.
ϕ Uψ
ϕ ϕ ϕ
Arcachon, 23 May 2002
ψ
14
Global vs local configurations
Global configuration
a
*
j
a
*
Local configuration
a
j
b
c
*
j
*b
j
a
j
c
a
j
b
*
j
c
*
a
j
c
b
• Local configuration represents local history of an event.
– Events e ∈ E
⇔
Local configurations ↓e ⊆ E
• Variables in FO(<) are interpreted as events
• Can we evaluate temporal formulas at local configurations and still be
as expressive as FO(<)?
Arcachon, 23 May 2002
15
Local logics on traces
a
ϕ holds on some path in the interval
Universal until
ϕ holds on every path in the interval
Arcachon, 23 May 2002
a
j
Hasse diagram provides a natural local
interpretation for Existential until
*
b
ϕ
ϕ Uψ
a
ϕ
ϕ Uψ
a
ϕ
j
*
j
b
ϕ
c
ϕ
*
c
b
ϕ
ϕ
*a
j
b
ϕ
*
c
ϕ
c
j
c
ψ
*a
j
j
j
ψ
*a
j
j
a
b
ϕ
*a
j
*
b
ϕ
j
c
16
Existential until is not first-order expressible
h
a
e
(Σ, D) = d
g
a
2 ω
aht b =
h
a
h
t=
b
c
e
b
f
f
g
d
b
e
a
d
g
c
h
f
b
e
a
d
g
c
h
f
c
b
b
···
Example (independently) due to Gastin and Walukiewicz
Arcachon, 23 May 2002
17
Existential until is not first-order expressible
h
a
e
(Σ, D) = d
g
a
2 ω
aht b =
h
a
h
t=
b
c
e
b
f
f
g
d
b
e
a
d
g
c
h
f
b
e
a
d
g
c
h
f
c
b
b
···
ϕ = a ∨ b ∨ c ∨ d U2b
Arcachon, 23 May 2002
18
Existential until is not first-order expressible
h
a
e
(Σ, D) = d
g
a
1 ω
aht b =
h
a
h
t=
b
c
e
b
f
f
g
d
b
e
a
d
g
c
h
f
b
b
c
···
ϕ = a ∨ b ∨ c ∨ d U2b
Arcachon, 23 May 2002
19
Existential until is not first-order expressible
h
a
e
(Σ, D) = d
g
a
1 ω
aht b =
h
a
h
t=
b
c
e
b
f
f
g
d
b
e
a
d
g
c
h
f
b
b
c
···
ϕ = a ∨ b ∨ c ∨ d U2b
aht∗bω ∩ L(ϕ) = ah(t2)∗bω
Arcachon, 23 May 2002
20
Local logics on traces
a
*
a
j
b
ϕ
Existential Universal until
ϕ holds on every path in the interval
Arcachon, 23 May 2002
ϕ Uψ
a
ϕ
j
*
j
b
ϕ
c
ϕ
*
c
ϕ
j
c
ψ
*a
j
j
a
b
ϕ
*a
j
*
b
ϕ
j
c
21
Local logics on traces . . .
• Need some way of globally combining local formulas to span disjoint
components
e
a
*a
*a
j
j
b
*
c
- g
b
j
g
-
f
c
- g
j
-
f
Formula at e cannot “reach” the disconnected chain gf gf g
• Global formulas
Boolean combinations of EM ϕ, ϕ a local formula
t |= EM ϕ if there is a minimal event e in t such that t, e |= ϕ
Arcachon, 23 May 2002
22
Pure future local logics are not sufficient
ϕ is a pure future formula if t, e |= ϕ implies that t0t, e |= ϕ for any t0, t, e
Example (Walukiewicz)
The following traces over a — b — c — d cannot be distinguished
by pure future local formulas
a
-
b
6
d
-
c
Arcachon, 23 May 2002
-
c
-
b
-
···
d
-
a
-
c
6
-
b
-
c
-
···
b
23
A stronger until
• For events e ≤ f , the interval between e and f is more properly defined
as ↓f \ ↓e
↓e
↓f \ ↓e
e
Arcachon, 23 May 2002
f
24
A stronger until
• For events e ≤ f , the interval between e and f is more properly defined
as ↓f \ ↓e
↓e
↓f \ ↓e
e
f
• This interval includes events that do not lie above e
Arcachon, 23 May 2002
25
A stronger until . . .
• A ternary until
ϕk
(ϕk, ϕ<) Uψ
ϕ<
e
(ϕk, ϕ<) Uψ
f
ψ
• A weaker version — filtered until
– ϕ holds above e and below f
ϕ UC ψ, C ⊆ Σ
– No action from C occurs in ↓f \ ↓e
¬C
e
ϕ UC ψ
Arcachon, 23 May 2002
ϕ ∧ ¬C
f
ψ
26
A stronger until . . .
Filtered until can distinguish these traces
a
-
b
-
c
-
b
-
···
-
b
-
c
-
···
6
d
-
c
d
-
c
a
-
6
b
The formula EM d U{a}c is true in the first trace, but not in the second.
Arcachon, 23 May 2002
27
A stronger until . . .
A dual modality — filtered since
• ϕ holds above f and below e
ϕ SC ψ, C ⊆ Σ
• No action from C occurs in ↓e \ ↓f
¬C
f
ψ
Arcachon, 23 May 2002
ϕ ∧ ¬C
e
ϕ SC ψ
28
A stronger until . . .
Theorem (Gastin & Mukund, ICALP ’02)
LT L(, − , UC , SC ) has the same expressive power as FO(<).
For each fixed alphabet (Σ, D), the model-checking problem is in
PSPACE (and hence PSPACE-complete).
Corollary
FO3(<), FO with 3 variables, is as expressive as FO(<) for traces.
Independent of the width of the trace!
Arcachon, 23 May 2002
29
Pure future modalities
Theorem (Diekert & Gastin, LPAR ’01)
LT L(, U), where U is the universal pure future local until, has
the same expressive power as FO(<) for cographs.
Cographs—traces where the alphabet (Σ, D) is series-parallel.
• (Σ, D) is built from singletons using
– Σ1 · Σ2 — all actions in Σ1 are dependent on all actions Σ2
– Σ1 k Σ2 — all actions in Σ1 are independent of all actions Σ2
• (Σ, D) is N-free, does not embed a — b — c — d.
• Traces generated by (Σ, D) are series-parallel graphs.
Arcachon, 23 May 2002
30
What if . . .
• For arbitrary alphabets, you have only UC , but not SC ?
• Each trace is equipped with a special bottom element.
-c
a
b
b -· · ·
6
⊥
-c
d
-c
-c
-· · ·
d
b
⊥
6
a
b
Can separate these traces using the pure future formula ¬a Uc
evaluated at ⊥.
Arcachon, 23 May 2002
31
Another point of view
• (Σ, D) can be implemented as a distributed alphabet (Σ1, . . . , Σn).
[
Σi = Σ
–
1≤i≤n
– If (a, b) ∈ D, then for some i, {a, b} ∈ Σi
• Think of each i as an agent or process in a distributed system.
• Example, can implement a — b — c — d with three agents.
Distributed alphabet is ({a, b}, {b, c}, {c, d}).
Arcachon, 23 May 2002
32
Another point of view . . .
Can redraw the trace
a
*
j
a
j
b
*
j
c
*
a
j
c
b
as
p1 = {a, b}
p2 = {b, c}
p3 = {c, d}
Arcachon, 23 May 2002
•
a
•
b
•
•
a
•
c
•
•
b
•
•
a
•
c
•
33
Another point of view . . .
The view that p3 has of
p1 = {a, b}
•
a
p2 = {b, c}
•
b
•
•
a
•
b
•
•
a
p3 = {c, d}
•
c
•
•
b
•
•
a
•
c
•
is
p1 = {a, b}
p2 = {b, c}
p3 = {c, d}
Arcachon, 23 May 2002
•
a
•
c
•
•
b
•
•
c
•
34
Another point of view . . .
The p1 view of the p3 view of
p1 = {a, b}
•
a
p2 = {b, c}
•
b
•
•
a
•
b
•
•
a
p3 = {c, d}
•
c
•
•
b
•
•
a
•
c
•
is
p1 = {a, b}
p2 = {b, c}
p3 = {c, d}
Arcachon, 23 May 2002
•
a
•
c
•
•
b
•
35
Another point of view . . .
• Define local modalities based on processes
(TrPTL, Thiagarajan LICS ’94)
• t, e |= iϕ
With respect to the maximal i-event in ↓e, the next i-event satisfies ϕ
• t, e |= ϕ Uiψ
Starting with the maximal i-event in ↓e, the sequence of events along
process i satisfies ϕ Uψ.
• Boolean combination of assertions EM iϕ which say that there is a
minimal i-event satisfying the local formula ϕ.
Arcachon, 23 May 2002
36
Another point of view . . .
• Is TrPTL equivalent to FO(<)?
Probably not, but counterexample is elusive
• Using more explicit past assertions, it is possible to obtain a
process-oriented temporal logic that is equivalent to FO(<)
(Adsul & Sohoni, ICALP ’02)
Arcachon, 23 May 2002
37
Summary
• Temporal logics interpreted over the Hasse diagram of a trace
– Without a special element ⊥, to what extent are past modalities
required?
– With a special element ⊥, are past modalities required at all?
• Temporal logics interpreted over the process view of a trace
– Is TrPTL expressively complete?
• Not discussed at all in this talk
– µ-calculi on traces and expressive completeness with respect to MSO
(Niebert ’95, Walukiewicz ’01)
Arcachon, 23 May 2002
38

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz