DOCSLIB.ORG

CTL Model Checking

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

CTL Model Checking

Prof. P.H. Schmitt

  • Institut fur Theoretische Informatik
  • ¨

  • Fakultat fur Informatik
  • ¨
  • ¨

  • Universitat Karlsruhe (TH)
  • ¨

Formal Systems II

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 1 / 26

Fixed Point Theory

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 2 / 26

Fixed Points Definition

Definition

Let f : P(G) → P(G) be a set valued function and Z a subset of G.
1. Z is called a fixed point of f if f(Z) = Z . 2. Z is called the least fixed point of f is Z is a fixed point and for all other fixed points U of f the relation Z ⊆ U is true.

3. Z is called the greatest fixed point of f is Z is a fixed point and for all other fixed points U of f the relation U ⊆ Z is true.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 3 / 26

Finite Fixed Point Lemma

Let G be an arbitrary set, Let P(G) denote the power set of a set G. A function f : P(G) → P(G) is called monotone of for all X, Y ⊆ G

X ⊆ Y ⇒ f(X) ⊆ f(Y )

Let f : P(G) → P(G) be a monotone function on a finite set G.
1. There is a least and a greatest fixed point of f.

S

2. n≥1 fn(∅) is the least fixed point of f.

T

3. n≥1 fn(G) is the greatest fixed point of f.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 4 / 26

Proof

of part (2) of the finite fixed point Lemma

Monotonicity of f yields

∅ ⊆ f(∅) ⊆ f2(∅) ⊆ . . . ⊆ fn(∅) ⊆ . . .

Since G is finite there must be an i such that fi(∅) = fi+1(∅).

S

Then Z = n≥1 fn(∅) = fi(∅) is a fixed point of f:

f(Z) = f(fi(∅)) = fi+1(∅) = fi(∅) = Z

Let U be another fixed point of f. From ∅ ⊆ U be infer by monotonicity of f at first f(∅) ⊆ f(U) = U. By induction on n we conclude fn(∅) ⊆ U for all n. Thus also Z = fi(∅) ⊆ U.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 5 / 26

Continuous Functions

Definition

A function f : P(G) → P(G) is called
1. ∪-continuous (upward continuous), if for every ascending sequence

M1 ⊆ M2 ⊆ . . . ⊆ Mn ⊆ . . .

  • [
  • [

  • f(
  • Mn) =
  • f(Mn)

  • n≥1
  • n≥1

2. ∩-continuous (downward continuous) , if for every descending

sequence M1 ⊇ M2 ⊇ . . . ⊇ Mn ⊇ . . .

  • \
  • \

  • f(
  • Mn) =
  • f(Mn)

  • n≥1
  • n≥1

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 6 / 26

Fixed Points For Continuous Functions

Let f : P(G) → P(G) be an upward continuous functions and g : P(G) → P(G) a downward continuous function.

The for all M, N ∈ P(G) such that M ⊆ f(M) and g(N) ⊆ N the following is true.

S

1. n≥1 fn(M) is the least fixed point of f containing M,

T

2. n≥1 gn(M) is the greatest fixed point of g contained in M.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 7 / 26

Proof of (1)

By monotonicity we first obtain

M ⊆ f(M) ⊆ f2(M) ⊆ . . . ⊆ fn(M) ⊆ . . .

Let P = n≥1 fn(M). This immediately gives M ⊆ P. Furthermore

S
S

f(P) = f( n≥1 fn(M))

S

n+1

=== P

f

(M)

by continuity since f(M) ⊆ f2(M)

n≥1

S

n≥1 fn(M)

Assume now that Q is another fixed point of f satisfying M ⊆ Q. By Monotonicity and the fixed point property f(M) ⊆ f(Q) = Q and furthermore for every n ≥ 1 also fn(M) ⊆ Q.

S

Thus we obtain P = n≥1 fn(M) ⊆ Q

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 8 / 26

Knaster-Tarski-Fixed-Points Theorem

Let f : P(G) → P(G) be a monotone function. Then f has a least and a greatest fixed point.
Note, G need not be finite.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 9 / 26

Proof

Fixed Point

Let L = {S ⊆ G | f(S) ⊆ S}, e.g., G ∈ L.

T

Let U = L. Show f(U) = U!

For all S ∈ L by the property of an intersection: U ⊆ S. By monotonicity and definition of L f(U) ⊆ f(S) ⊆ S.

T

Thus f(U) ⊆ L = U and we have already established half of our claim. By monotonicity f(U) ⊆ U implies f(f(U)) ⊆ f(U) which yields f(U) ∈ L and futhermore U ⊆ f(U).

We thus have indeed U = f(U).

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 10 / 26

Proof

Least Fixed Point

Now assume W is another fixed point of f,i.e., f(W) = W. This yields W ∈ L= {S ⊆ G | f(S) ⊆ S} and

T

U = L ⊆ W.

Thus U is the least fixed point of f. Following the same line of argument one can show that

S

{S ⊆ G | S ⊆ f(S)} is the greatest fixed point of f.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 11 / 26

CTL Model Checking
Algorithm

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 12 / 26

Two Auxiliary Concepts

Let T = (S, R, v) be a transition system and F an CTL formula. The set

τ(F) = {s ∈ S | s |= F}

is called the characteristic region of F in T . The universal and existential next step functions fAX, fEX : P(S) → P(S) are defined by

fAX(Z) = {s ∈ S | for all t with sRt we get t ∈ Z} fEX(Z) = {s ∈ S | there exists a t with sRt and t ∈ Z}

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 13 / 26

CTL Model Checking Algorithm

Let T = (S, R, v) be a transition system and F an CTL formula. τ(F) is computed by the following high-level recursive algorithm:

123456789

τ(p)

==========

{s ∈ S | v(s, p) = 1}

τ(F1) ∩ τ)F2)

τ(F1 ∧ F2) τ(F1 ∨ F2)

τ(¬F1) τ(F1) ∪ τ(F2)

S \ τ(F1)

τ(A(F1 U F2)) τ(E(F1 U F2)) τ(AFF1) τ(EFF1) lfp[τ(F2) ∪ (τ(F1) ∩ fAX(Z))] lfp[τ(F2) ∪ (τ(F1) ∩ fEX(Z)] lfp[τ(F1) ∪ fAX(Z)] lfp[τ(F1) ∪ fEX(Z)] gfp[τ(F1) ∩ fEX(Z)] gfp[τ(F1) ∩ fAX(Z)] τ(EGF1)

10 τ(AGF1)

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 14 / 26

Correctness Proof

Case 10 AG F1

By definition

τ(AG F1) = {s ∈ S | s ∈ τ(F1) and h ∈ τ(AG F1) for all h with gRh}

Using Definition of the universal next step function:

τ(AG F1) = τ(F1) ∩ fAX(τ(AG F1))

So, τ(AG F1) is a fixed point of the function τ(F1) ∩ fAX(Z). It remains to see that it is the greatest fixed point.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 15 / 26

Correctness Proof

Case 10 AG F1 (continued)

Let H be another fixed point, i.e., H = τ(F1) ∩ fAX(H). We need to show H ⊆ τ(AG F1)). Consider g0 ∈ H with the aim of showing that for all n ≥ 0 and all gi satisfying gi−1Rgi for all 1 ≤ i ≤ n we obtain gn ∈ τ(F1).

Observe H = τ(F1) ∩ fAX(H) ⊆ τ(F1). Thus it suffices to show for all n ≥ 0 that gn ∈ H. For n = 0 that is true by assumptions. Assume gn−1 ∈ H. gn−1 ∈ H ⊆ fAX(H) = {g | for all h with gRh we have h ∈ H}.

Thus gn ∈ H.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 16 / 26

Correctness Proof

Case 6 E(F1 U F2)

By definition

τ(E(F1 U F2)) = {g ∈ S | s |= F2 or s |= F1 and

there exists h with gRh and h |= F2}
Using next step function:

τ(E(F1 U F2)) = τ(F2) ∪ (τ(F1) ∩ fEX(τ(E(F1 U F2)))

Thus τ(E(F1 U F2)) is a fixed point of the function

τ(F2) ∪ (τ(F1) ∩ fEX(Z)).

It remains to show that it is the least fixed point.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 17 / 26

Correctness Proof

Case 6 E(F1 U F2) (continued)

Consider H ⊆ S with H = τ(F2) ∪ (τ(F1) ∩ fEX(H)). We need τ(E(F1 U F2)) ⊆ H. Fix g0 ∈ τ(E(F1 U F2)), try to arrive at g0 ∈ H. There is an n ∈ N and there are gi for 1 ≤ i ≤ n satisfying

1. giRgi+1 for all 0 ≤ i < n.

2. gn ∈ τ(F2).

3. gi ∈ τ(F1) for all 0 ≤ i < n.

We set out to prove gn ∈ H by induction on n.

n = 0 Since H = τ(F2) ∪ (τ(F1) ∩ fEX(H)) ⊇ τ(F2) and

g0 = gn ∈ τ(F2).

n − 1 Ã n By induction hypothesis we have g1 ∈ H Since g0 ∈ τ(F1) and g0Rg1 we obtain g0 ∈ (τ(F1) ∩ fEX(H)) ⊆ H and thus also g0 ∈ H.

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 18 / 26

CTL Model Checking
Example

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 19 / 26

Transition System

s0 n1n2

  • s1
  • s5
  • n1t2
  • t1n2

  • s3
  • s8

  • s2 c1n2
  • n1c2 s6
  • t1t2
  • t1t2

  • s4
  • s7

  • t1c2
  • c1t2

  • Prof. P.H. Schmitt
  • CTLMC

  • Summer 2009
  • 20 / 26

Recommended publications
  • Least Fixed Points Revisited

    Least Fixed Points Revisited

    LEAST FIXED POINTS REVISITED J.W. de Bakker Mathematical Centre, Amsterdam ABSTRACT Parameter mechanisms for recursive procedures are investigated. Con- trary to the view of Manna et al., it is argued that both call-by-value and call-by-name mechanisms yield the least fixed points of the functionals de- termined by the bodies of the procedures concerned. These functionals dif- fer, however, according to the mechanism chosen. A careful and detailed pre- sentation of this result is given, along the lines of a simple typed lambda calculus, with interpretation rules modelling program execution in such a way that call-by-value determines a change in the environment and call-by- name a textual substitution in the procedure body. KEY WORDS AND PHRASES: Semantics, recursion, least fixed points, parameter mechanisms, call-by-value, call-by-name, lambda calculus. Author's address Mathematical Centre 2e Boerhaavestraat 49 Amsterdam Netherlands 28 NOTATION Section 2 s,t,ti,t',... individual } function terms S,T,... functional p,p',... !~individual} boolean .J function terms P,... functional a~A, aeA} constants b r B, IBeB x,y,z,u X, ~,~ X] variables qcQ, x~0. J r149149 procedure symbols T(t I ..... tn), ~(tl,.-.,tn) ~ application T(TI' '~r)' P(~I' '~r)J ~x I . .xs I . .Ym.t, ~x] . .xs I . .ym.p, abstraction h~l ...~r.T, hX1 ..Xr.~ if p then t' else t"~ [ selection if p then p' else p"J n(T), <n(T),r(r)> rank 1 -< i <- n, 1 -< j -< r,) indices 1 -< h -< l, 1 _< k <- t,T,x,~, .
  • Domain Theory: an Introduction

    Domain Theory: an Introduction

    Domain Theory: An Introduction Robert Cartwright Rebecca Parsons Rice University This monograph is an unauthorized revision of “Lectures On A Mathematical Theory of Computation” by Dana Scott [3]. Scott’s monograph uses a formulation of domains called neighborhood systems in which finite elements are selected subsets of a master set of objects called “tokens”. Since tokens have little intuitive significance, Scott has discarded neighborhood systems in favor of an equivalent formulation of domains called information systems [4]. Unfortunately, he has not rewritten his monograph to reflect this change. We have rewritten Scott’s monograph in terms of finitary bases (see Cartwright [2]) instead of information systems. A finitary basis is an information system that is closed under least upper bounds on finite consistent subsets. This convention ensures that every finite answer is represented by a single basis object instead of a set of objects. 1 The Rudiments of Domain Theory Motivation Programs perform computations by repeatedly applying primitive operations to data values. The set of primitive operations and data values depends on the particular programming language. Nearly all languages support a rich collection of data values including atomic objects, such as booleans, integers, characters, and floating point numbers, and composite objects, such as arrays, records, sequences, tuples, and infinite streams. More advanced languages also support functions and procedures as data values. To define the meaning of programs in a given language, we must first define the building blocks—the primitive data values and operations—from which computations in the language are constructed. Domain theory is a comprehensive mathematical framework for defining the data values and primitive operations of a programming language.
  • Arxiv:1301.2793V2 [Math.LO] 18 Jul 2014 Uaeacnetof Concept a Mulate Fpwrbet Uetepwre Xo) N/Rmk S Ff of Use Make And/Or Axiom), Presupp Principles

    Arxiv:1301.2793V2 [Math.LO] 18 Jul 2014 Uaeacnetof Concept a Mulate Fpwrbet Uetepwre Xo) N/Rmk S Ff of Use Make And/Or Axiom), Presupp Principles

    ON TARSKI’S FIXED POINT THEOREM GIOVANNI CURI To Orsola Abstract. A concept of abstract inductive definition on a complete lattice is formulated and studied. As an application, a constructive version of Tarski’s fixed point theorem is obtained. Introduction The fixed point theorem referred to in this paper is the one asserting that every monotone mapping on a complete lattice L has a least fixed point. The proof, due to A. Tarski, of this result, is a simple and most significant example of a proof that can be carried out on the base of intuitionistic logic (e.g. in the intuitionistic set theory IZF, or in topos logic), and that yet is widely regarded as essentially non-constructive. The reason for this fact is that Tarski’s construction of the fixed point is highly impredicative: if f : L → L is a monotone map, its least fixed point is given by V P , with P ≡ {x ∈ L | f(x) ≤ x}. Impredicativity here is found in the fact that the fixed point, call it p, appears in its own construction (p belongs to P ), and, indirectly, in the fact that the complete lattice L (and, as a consequence, the collection P over which the infimum is taken) is assumed to form a set, an assumption that seems only reasonable in an intuitionistic setting in the presence of strong impredicative principles (cf. Section 2 below). In concrete applications (e.g. in computer science and numerical analysis) the monotone operator f is often also continuous, in particular it preserves suprema of non-empty chains; in this situation, the least fixed point can be constructed taking the supremum of the ascending chain ⊥,f(⊥),f(f(⊥)), ..., given by the set of finite iterations of f on the least element ⊥.
  • First Order Logic, Fixed Point Logic and Linear Order Anuj Dawar University of Pennsylvania

    First Order Logic, Fixed Point Logic and Linear Order Anuj Dawar University of Pennsylvania

    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by ScholarlyCommons@Penn University of Pennsylvania ScholarlyCommons IRCS Technical Reports Series Institute for Research in Cognitive Science November 1995 First Order Logic, Fixed Point Logic and Linear Order Anuj Dawar University of Pennsylvania Steven Lindell University of Pennsylvania Scott einsW tein University of Pennsylvania, [email protected] Follow this and additional works at: http://repository.upenn.edu/ircs_reports Dawar, Anuj; Lindell, Steven; and Weinstein, Scott, "First Order Logic, Fixed Point Logic and Linear Order" (1995). IRCS Technical Reports Series. 145. http://repository.upenn.edu/ircs_reports/145 University of Pennsylvania Institute for Research in Cognitive Science Technical Report No. IRCS-95-30. This paper is posted at ScholarlyCommons. http://repository.upenn.edu/ircs_reports/145 For more information, please contact [email protected]. First Order Logic, Fixed Point Logic and Linear Order Abstract The Ordered conjecture of Kolaitis and Vardi asks whether fixed-point logic differs from first-order logic on every infinite class of finite ordered structures. In this paper, we develop the tool of bounded variable element types, and illustrate its application to this and the original conjectures of McColm, which arose from the study of inductive definability and infinitary logic on proficient classes of finite structures (those admitting an unbounded induction). In particular, for a class of finite structures, we introduce a compactness notion which yields a new proof of a ramified version of McColm's second conjecture. Furthermore, we show a connection between a model-theoretic preservation property and the Ordered Conjecture, allowing us to prove it for classes of strings (colored orderings).
  • Characterizations of Inductive Posets with Applications Milan R

    Characterizations of Inductive Posets with Applications Milan R

    PROCEEDINGS OF THE AMERICAN MATHEMATICAL SOCIETY Volume 104, Number 2, October 1988 CHARACTERIZATIONS OF INDUCTIVE POSETS WITH APPLICATIONS MILAN R. TASKOVIC (Communicated by Andrew Odlyzko) ABSTRACT. This paper presents new characterizations of inductiveness of posets in terms of fixed apexes and fixed points. Applications in nonlinear functional analysis and fixed point theory are considered. 1. Introduction and main results. Let P be a partially ordered set. A self- mapping / of P into itself is called an isotone mapping if x < y implies f(x) < f(y). An isotone (order-preserving or increasing) map / of a partially ordered set (:= poset) P to itself has a fixed point if there exists an element f in P such that /(£) — f. P is said to have the fixed point property if every isotone map / of P into itself has a fixed point. The first of the fixed point theorems for partially ordered sets goes back to Tarski and Knaster (cf. [TA]), who proved that the lattice of all subsets of a set has the fixed point property. In the mid-1950's Tarski [TA] published a generalization: Every complete lattice has the fixed point property. Tarski [TA] raised the question whether the converse of this result also holds. Davis [DA] proved the converse: Every lattice with the fixed point property is complete. In [RI], Rival published a far-reaching extension: Every isotone map of a finite, connected poset P into itself has a fixpoint. Call a poset P inductive (chain-complete) when every nonempty chain in P has an upper bound (supremum) in P.
  • Corecursive Algebras: a Study of General Structured Corecursion (Extended Abstract)

    Corecursive Algebras: a Study of General Structured Corecursion (Extended Abstract)

    Corecursive Algebras: A Study of General Structured Corecursion (Extended Abstract) Venanzio Capretta1, Tarmo Uustalu2, and Varmo Vene3 1 Institute for Computer and Information Science, Radboud University Nijmegen 2 Institute of Cybernetics, Tallinn University of Technology 3 Department of Computer Science, University of Tartu Abstract. We study general structured corecursion, dualizing the work of Osius, Taylor, and others on general structured recursion. We call an algebra of a functor corecursive if it supports general structured corecur- sion: there is a unique map to it from any coalgebra of the same functor. The concept of antifounded algebra is a statement of the bisimulation principle. We show that it is independent from corecursiveness: Neither condition implies the other. Finally, we call an algebra focusing if its codomain can be reconstructed by iterating structural refinement. This is the strongest condition and implies all the others. 1 Introduction A line of research started by Osius and Taylor studies the categorical foundations of general structured recursion. A recursive coalgebra (RCA) is a coalgebra of a functor F with a unique coalgebra-to-algebra morphism to any F -algebra. In other words, it is an algebra guaranteeing unique solvability of any structured recursive diagram. The notion was introduced by Osius [Osi74] (it was also of interest to Eppendahl [Epp99]; we studied construction of recursive coalgebras from coalgebras known to be recursive with the help of distributive laws of functors over comonads [CUV06]). Taylor introduced the notion of wellfounded coalgebra (WFCA) and proved that, in a Set-like category, it is equivalent to RCA [Tay96a,Tay96b],[Tay99, Ch.
  • Type-Based Termination, Inflationary Fixed-Points, and Mixed Inductive-Coinductive Types

    Type-Based Termination, Inflationary Fixed-Points, and Mixed Inductive-Coinductive Types

    Type-Based Termination, Inflationary Fixed-Points, and Mixed Inductive-Coinductive Types Andreas Abel Department of Computer Science Ludwig-Maximilians-University Munich, Germany [email protected] Type systems certify program properties in a compositional way. From a bigger program one can abstract out a part and certify the properties of the resulting abstract program by just using the type of the part that was abstracted away. Termination and productivity are non-trivial yet desired pro- gram properties, and several type systems have been put forward that guarantee termination, com- positionally. These type systems are intimately connected to the definition of least and greatest fixed-points by ordinal iteration. While most type systems use “conventional” iteration, we consider inflationary iteration in this article. We demonstrate how this leads to a more principled type system, with recursion based on well-founded induction. The type system has a prototypical implementa- tion, MiniAgda, and we show in particular how it certifies productivity of corecursive and mixed recursive-corecursive functions. 1 Introduction: Types, Compositionality, and Termination While basic types like integer, floating-point number, and memory address arise on the machine-level of most current computers, higher types like function and tuple types are abstractions that classify values. Higher types serve to guarantee certain good program behaviors, like the classic “don’t go wrong” ab- sence of runtime errors [Mil78]. Such properties are usually not compositional, i. e., while a function f and its argument a might both be well-behaved on their own, their application f a might still go wrong. This issue also pops up in termination proofs: take f = a = λx.xx, then both are terminating, but their application loops.
  • Least and Greatest Fixed Points in Linear Logic

    Least and Greatest Fixed Points in Linear Logic

    Least and Greatest Fixed Points in Linear Logic DAVID BAELDE, University of Minnesota The first-order theory of MALL (multiplicative, additive linear logic) over only equalities is a well-structured 2 but weak logic since it cannot capture unbounded (infinite) behavior. Instead of accounting for unbounded behavior via the addition of the exponentials (! and ?), we add least and greatest fixed point operators. The resulting logic, which we call μMALL, satisfies two fundamental proof theoretic properties: we establish weak normalization for it, and we design a focused proof system that we prove complete with respect to the initial system. That second result provides a strong normal form for cut-free proof structures that can be used, for example, to help automate proof search. We show how these foundations can be applied to intuitionistic logic. Categories and Subject Descriptors: F.4.1 [Mathematical Logic and Formal Languages]: Mathematical Logic—Proof theory; F.3.1 [Logics and Meanings of Programs]: Specifying and Verifying and Reasoning about Programs—Specification techniques; F.3.3 [Logics and Meanings of Programs]: Studies of Program Constructs—Program and recursion schemes General Terms: Design, Theory, Verification Additional Key Words and Phrases: Fixed points, linear logic, (co)induction, recursive definitions, cut elimination, normalization, focusing, proof search ACM Reference Format: Baelde, D. 2012. Least and greatest fixed points in linear logic. ACM Trans. Comput. Logic 13, 1, Article 2 (January 2012), 44 pages. DOI = 10.1145/2071368.2071370 http://doi.acm.org/10.1145/2071368.2071370 1. INTRODUCTION Inductive and coinductive definitions are ubiquitous in mathematics and computer sci- ence, from arithmetic to operational semantics and concurrency theory.
  • Fixed-Point Logics and Computation

    Fixed-Point Logics and Computation

    1 Fixed-Point Logics and Computation Symposium on the Unusual E®ectiveness of Logic in Computer Science Anuj Dawar University of Cambridge Anuj Dawar ICLMPS'03 2 Mathematical Logic Mathematical logic seeks to formalise the process of mathematical reasoning and turn this process itself into a subject of mathematical enquiry. It investigates the relationships among: Structure ² Language ² Proof ² Proof-theoretic vs. Model-theoretic views of logic. Anuj Dawar ICLMPS'03 3 Computation as Logic If logic aims to reduce reasoning to symbol manipulation, On the one hand, computation theory provides a formalisation of \symbol manipulation". On the other hand, the development of computing machines leads to \logic engineering". The validities of ¯rst-order logic are r.e.-complete. Anuj Dawar ICLMPS'03 4 Proof Theory in Computation As all programs and data are strings of symbols in a formal system, one view sees all computation as inference. For instance, the functional programming view: Propositions are types. ² Programs are (constructive proofs). ² Computation is proof transformation. ² Anuj Dawar ICLMPS'03 5 Model Theory in Computation A model-theoretic view of computation aims to distinguish computational structures and languages used to talk about them. Data Structure Programming Language Database Query Language Program/State Space Speci¯cation Language The structures involved are rather di®erent from those studied in classical model theory. Finite Model Theory. Anuj Dawar ICLMPS'03 6 First-Order Logic terms { c; x; f(t1; : : : ; ta) atomic formulas { R(t1; : : : ; ta); t1 = t2 boolean operations { ' Ã, ' Ã, ' ^ _ : ¯rst-order quanti¯ers { x', x' 9 8 Formulae are interpreted in structures: A = (A; R1; : : : ; Rm; f1; : : : ; fn; c1; : : : ; cn) Anuj Dawar ICLMPS'03 7 Success of First-Order Logic First-order logic is very successful at its intended purpose, the formalisation of mathematics.
  • Chapter 10 DOMAIN THEORY and FIXED-POINT SEMANTICS

    Chapter 10 DOMAIN THEORY and FIXED-POINT SEMANTICS

    Chapter 10 DOMAIN THEORY AND FIXED-POINT SEMANTICS lthough we did not stress the point in Chapter 9, the notation of denotational semantics is built upon that of the lambda calculus. The A purpose of denotational semantics is to provide mathematical descrip- tions of programming languages independent of their operational behavior. The extended lambda calculus serves as a mathematical formalism, a metalanguage, for denotational definitions. As with all mathematical formal- isms, we need to know that the lambda calculus has a model to ensure that the definitions are not meaningless. Furthermore, denotational definitions, as well as programming languages in general, rely heavily on recursion, a mechanism whose description we de- ferred in the discussion of the lambda calculus in Chapter 5. Normally a user of a programming language does not care about the logical foundations of declarations, but we maintain that serious questions can be raised concern- ing the validity of recursion. In this chapter we justify recursive definitions to guarantee that they actually define meaningful objects. 10.1 CONCEPTS AND EXAMPLES Programmers use recursion to define functions and procedures as subpro- grams that call themselves and also to define recursive data structures. Most imperative programming languages require the use of pointers to declare recursive data types such as (linked) lists and trees. In contrast, many func- tional programming languages allow the direct declaration of recursive types. Rather than investigating recursive types in an actual programming language, we study recursive data declarations in a wider context. In this introductory section we consider the problems inherent in recursively defined functions and data and the related issue of nontermination.
  • Corecursion and Coinduction: How They Relate to Recursion and Induction

    Corecursion and Coinduction: How They Relate to Recursion and Induction

    Corecursion and coinduction: what they are and how they relate to recursion and induction Mike Gordon 1 Contents Preface 3 Summary 4 Data, codata, constructors and destructors ............... 4 Recursion and corecursion ......................... 5 Fixed points, induction, coinduction and bisimulation ......... 7 Overview of the rest of this article .................... 9 Natural numbers, Peano’s axioms and Peano structures 10 Algebras and coalgebras 11 Numbers and conumbers .......................... 12 Example of corecursion for numbers ................... 14 Lists and colists ............................... 15 Example of corecursion for lists ...................... 17 Coinduction and bisimulation 19 Bisimulation coinduction for conumbers ................. 20 Example of bisimulation coinduction for numbers ..... 20 Justification of bisimulation coinduction for numbers ... 21 Bisimulation coinduction for lists ..................... 22 Examples of bisimulation coinduction for lists ....... 22 Justification of bisimulation coinduction for lists ..... 27 F-algebras and F-coalgebras 28 Set theory notation ............................. 29 Numbers and lists ............................. 29 Morphisms ................................. 30 Initial and terminal algebras ........................ 32 Least and greatest fixed points 32 Fixed points, numbers and conumbers .................. 33 Summary of fixed point proof rules for numbers and conumbers .... 34 Fixed points, lists and colists ....................... 34 Summary of fixed point proof rules
  • On the Origins of Bisimulation and Coinduction

    On the Origins of Bisimulation and Coinduction

    On the Origins of Bisimulation and Coinduction DAVIDE SANGIORGI University of Bologna, Italy The origins of bisimulation and bisimilarity are examined, in the three fields where they have been independently discovered: Computer Science, Philosophical Logic (precisely, Modal Logic), Set Theory. Bisimulation and bisimilarity are coinductive notions, and as such are intimately related to fixed points, in particular greatest fixed points. Therefore also the appearance of coinduction and fixed points is discussed, though in this case only within Computer Science. The paper ends with some historical remarks on the main fixed-point theorems (such as Knaster-Tarski) that underpin the fixed-point theory presented. Categories and Subject Descriptors: F.4.1 [Mathematical logic and formal languages]: Math- ematical Logic—Computational logic; Modal logic; Set theory; F.4.0 [Mathematical logic and formal languages]: General General Terms: Theory, Verification Additional Key Words and Phrases: Bisimulation, coinduction, fixed points, greatest fixed points, history Contents 1 Introduction 112 2 Background 114 2.1Bisimulation................................114 2.2Approximantsofbisimilarity......................116 2.3 Coinduction . 116 3 Bisimulation in Modal Logic 119 3.1Modallogics................................119 3.2Fromhomomorphismtop-morphism..................120 3.3JohanvanBenthem...........................122 3.4Discussion.................................125 4 Bisimulation in Computer Science 125 4.1Algebraictheoryofautomata......................125 4.2RobinMilner...............................128 Author’s address: Dipartimento di Scienze dell’Informazione Universita’ di Bologna Mura Anteo Zamboni, 7 40126 Bologna, ITALY. Permission to make digital/hard copy of all or part of this material without fee for personal or classroom use provided that the copies are not made or distributed for profit or commercial advantage, the ACM copyright/server notice, the title of the publication, and its date appear, and notice is given that copying is by permission of the ACM, Inc.