Intro.

to Logic
CS402 Fall 2007
1
Temporal Logic
Temporal Logic
-
-
Branching
Branching
-
-
time logic (1/2)
time logic (1/2)
Moonzoo Kim
CS Division of EECS Dept.
KAIST
moonzoo@cs.kaist.ac.kr
http://pswlab.kaist.ac.kr/courses/cs402-07
Intro. to Logic
CS402 Fall 2007
2
LTL vs. CTL
LTL vs. CTL
LTL implicitly quantifies LTL implicitly quantifies universally universally over paths over paths
a state of a system satisfies an LTL formula if a state of a system satisfies an LTL formula if all paths all paths from the given state from the given state
satisfy it satisfy it
properties which use properties which use both both universal and existential path quantifiers cannot in universal and existential path quantifiers cannot in
general be model checked using LTL. general be model checked using LTL.
property property which use only universal path quantifiers can be checked using which use only universal path quantifiers can be checked using LTL by LTL by
checking checking
Branching Branching- -time logic solve this limitation by quantifying paths explicitly time logic solve this limitation by quantifying paths explicitly
There There is is a reachable state satisfying q: a reachable state satisfying q: E EF q F q
Note that we can check this property by checking LTL formula Note that we can check this property by checking LTL formula =G =G q q
If If is true, the property is false. If is true, the property is false. If is false, the property is true is false, the property is true
From all reachable states satisfying p, it is From all reachable states satisfying p, it is possible possible to maintain p to maintain p
continuously until reaching a state satisfying q: AG (p continuously until reaching a state satisfying q: AG (p E E (p U q)) (p U q))
Whenever a state satisfying p is reached, the system Whenever a state satisfying p is reached, the system can can exhibit q exhibit q
continuously forevermore: AG (p continuously forevermore: AG (p E EG q) G q)
There There is is a reachable state from which all reachable states satisfy p: a reachable state from which all reachable states satisfy p: E EF AG p F AG p
Intro. to Logic
CS402 Fall 2007
3
Syntax of Computation Tree Logic (CTL)
Syntax of Computation Tree Logic (CTL)
Def 3.12 Def 3.12 = = | | > > | p | | p | | | | | | | | |A AX X
| | E EX X | | A AF F | | E EF F | | A AG G | | E EG G | | A A ( ( U U ) | ) | E E ( ( U U ) )
A: along all paths A: along all paths
E: along at least one path E: along at least one path
Precedence Precedence
AG, EG, AF, EF,AX, EX, AG, EG, AF, EF,AX, EX, , , , , , AU, EU , AU, EU
Note that the following formulas are Note that the following formulas are not not well well- -formed CTL formed CTL
formulas formulas
EF G r EF G r
A A G G p p
F (r U q) F (r U q)
EF (r U q) EF (r U q)
AEF r AEF r
A ((r U q) A ((r U q) (p U r)) (p U r))
A [(AX p) U (E [(EX pq) U p)]]
Intro. to Logic
CS402 Fall 2007
4
Semantics of CTL (1/2)
Semantics of CTL (1/2)
Def 3.15 Let Def 3.15 Let M M= (S, = (S, , L) be a model for CTL, s in S, , L) be a model for CTL, s in S, a CTL a CTL
formula. The relation formula. The relation M M,s ,s is defined by structural induction on is defined by structural induction on . .
We omit We omit M Mif context is clear. if context is clear.
M M,s ,s > > and and M M,s ,s 2 2
M M,s ,s p p iff iff p p L(s L(s) )
M M,s ,s iff iff M M,s ,s 2 2
M M,s ,s
1 1

2 2
iff iff M M,s ,s
1 1
and and M M,s ,s
2 2
M M,s ,s
1 1

2 2
iff iff M M,s ,s
1 1
or or M M,s ,s
2 2
M M,s ,s
1 1

2 2
iff iff M M,s ,s 2 2
1 1
or or M M,s ,s
2 2
M M,s ,s A AX X iff iff for for all all s s
1 1
s.t s.t. s . s s s
1 1
we have we have M M, s , s
1 1
. Thus . Thus A AX X says says
in in every every next next state state
M M,s ,s E EX X iff iff for for some some s s
1 1
s.t s.t. s . s s s
1 1
we have we have M M, s , s
1 1
. Thus . Thus E EX X
says says in in some some next next state state
M M,s ,s A AX X iff iff for for all all s s
1 1
s.t s.t. s . s s s
1 1
we have we have M M, s , s
1 1
. Thus . Thus A AX X says says
in in every every next next state state
M M,s ,s E EX X iff iff for for some some s s
1 1
s.t s.t. s . s s s
1 1
we have we have M M, s , s
1 1
. Thus . Thus E EX X
says says in in some some next next state state
Intro. to Logic
CS402 Fall 2007
5
Semantics of CTL (2/2)
Semantics of CTL (2/2)
Def 3.15 Let Def 3.15 Let M M= (S, = (S, , L) be a model for CTL, s in S, , L) be a model for CTL, s in S,
a CTL formula. The relation a CTL formula. The relation M M,s ,s is defined by is defined by
structural induction on structural induction on . We omit . We omit M Mif context is clear. if context is clear.
M M,s ,s A AG G iff iff for for all all paths s paths s
1 1
s s
2 2
s s
3 3
... where s ... where s
1 1
equals s, equals s,
and and all all s s
i i
along the path, we have along the path, we have M M,s ,s
i i
. .
M M,s ,s E EG G iff iff there there is is a path s a path s
1 1
s s
2 2
s s
3 3
... where s ... where s
1 1
equals s, equals s,
and and all all s s
i i
along the path, we have along the path, we have M M,s ,s
i i
. .
M M,s ,s A AF F iff iff for for all all paths s paths s
1 1
s s
2 2
s s
3 3
... where s ... where s
1 1
equals s, equals s,
and there and there is is some some s s
i i
s.t s.t. . M M,s ,s
i i
. .
M M,s ,s E EF F iff iff there there is is a path s a path s
1 1
s s
2 2
s s
3 3
... where s ... where s
1 1
equals s, equals s,
and there and there is is some some s s
i i
s.t s.t. . M M,s ,s
i i
. .
M M,s ,s A A [ [
1 1
U U
2 2
] ] iff iff for for all all paths s paths s
1 1
s s
2 2
s s
3 3
... where s ... where s
1 1
equals equals
s, that path satisfies s, that path satisfies
1 1
U U
2 2
M M,s ,s E E [ [
1 1
U U
2 2
] ] iff iff there there is is a path s a path s
1 1
s s
2 2
s s
3 3
... where s ... where s
1 1
equals s, that path satisfies equals s, that path satisfies
1 1
U U
2 2
Intro. to Logic
CS402 Fall 2007
6
Example (1/2)
Example (1/2)
EG
EF
AG
AF
Intro. to Logic
CS402 Fall 2007
7
Example (2/2)
Example (2/2)
M M,s ,s
0 0
p p q, q, M M,s ,s
0 0
r, r, M M,s ,s
0 0
> >
M M,s ,s
0 0
EX ( EX (q q r r) )
M M,s ,s
0 0
AX(q AX(q r r) )
M M,s ,s
0 0
EF(p EF(p r r) )
M M,s ,s
2 2
EG r EG r
M M,s ,s
0 0
AF r AF r
M M,s ,s
0 0
E [(p E [(p q) U r] q) U r]
M M,s ,s
0 0
A [p U r] A [p U r]
M M,s ,s
0 0
AG (p AG (p q q r r EF EG r) EF EG r)