The Thirty-Third AAAI Conference on Artificial Intelligence (AAAI-19) Approximate Stream Reasoning with Metric Temporal Logic under Uncertainty Daniel de Leng, Fredrik Heintz Department of Computer and Information Science Linkoping¨ University, 581 83 Linkoping,¨ Sweden daniel.de.leng, fredrik.heintz @liu.se f g Abstract works by incrementally taking states from a state sequence and computing a new formula that incorporates this state Stream reasoning can be defined as incremental reasoning information using syntactic rewriting. If the new formula over incrementally-available information. The formula pro- gression procedure for Metric Temporal Logic (MTL) makes holds over the unseen remainder of the state sequence, then use of syntactic formula rewritings to incrementally evaluate the original formula is guaranteed to hold over the complete formulas against incrementally-available states. Progression state sequence. Consequently, the evaluation of an MTL for- however assumes complete state information, which can be mula through progression is linear in the size of the formula, problematic when not all state information is available or can but the formula may grow exponentially due to the rewrit- be observed, such as in qualitative spatial reasoning tasks or ings. A key advantage is that we may terminate the proce- in robotics applications. In those cases, there may be uncer- dure once a formula is determined to be true or false, without tainty as to which state out of a set of possible states repre- having to consider the potentially infinite state sequence. sents the ‘true’ state. The main contribution of this paper is One key assumption for progression is that the states re- therefore an extension of the progression procedure that ef- ficiently keeps track of all consistent hypotheses. The result- ceived are complete, i.e. all propositions have a truth value ing procedure is flexible, allowing a trade-off between faster assigned to them. Essentially, progression requires every but approximate and slower but precise progression under un- state to provide a complete ‘snapshot’ of the world. This as- certainty. The proposed approach is empirically evaluated by sumption is however unreasonable in many applications for considering the time and space requirements, as well as the which acquiring such a snapshot is not feasible, e.g. robots impact of permitting varying degrees of uncertainty. relying on local sensor data. The main contribution of this paper is therefore an approximate progression procedure for 1 Introduction path checking with partial states, allowing for a trade-off be- tween precision and space requirements. We also consider Temporal logics allow us to make statements about propo- the impact of knowledge concerning the probabilities of in- sitions across time, making them powerful in areas such dividual states in cases where there is uncertainty. This pa- as runtime verification. Metric Temporal Logic (MTL) by per is a companion paper to our earlier work (de Leng and (Koymans 1990) extends the expressiveness of the well- Heintz 2018), which laid some of the groundwork we ex- known Linear Temporal Logic (LTL) (Emerson 1990) by pand upon here. adding metric intervals for the temporal operators. The ex- The key motivation behind supporting progression with tension makes it possible to describe bounded intervals for multiple hypotheses is not just limited to the possibility logical formulas, further enhancing their use in practical that we receive partial states—reasoning with background applications. MTL thus makes it possible to precisely de- knowledge can by itself lead to incomplete information. scribe complex temporal statements that go beyond the ab- For example, the Region Connection Calculus with eight solutes of the LTL temporal operators. This makes MTL a jointly exhaustive pairwise disjoint (JEPD) relations known useful tool in realtime applications such as robotics. While as RCC-8 by (Randell, Cui, and Cohn 1992) uses qualita- model checking for MTL has been shown to be undecid- tive reasoning based on composition tables that allow us to able (Alur, Feder, and Henzinger 1996), we focus on the reduce the uncertainty between the qualitative spatial rela- computationally simpler task of path checking, in which we tions that may exist between regions, without narrowing this check whether a given path satisfies a formula. In this pa- relation down to precisely one spatial relation. This effec- per, we take a stream reasoning approach to path check- tively means we acquire multiple consistent models, any of ing, which uses incremental reasoning over incrementally- which could be the ‘true’ model, and all of which are valid available information. hypotheses. The syntactic rewriting technique used is known as pro- The remainder of this paper is organized as follows. In gression (Bacchus and Kabanza 1996; 1998). Progression Section 2 we consider some of the related work on progres- Copyright c 2019, Association for the Advancement of Artificial sion and partiality. We then give an overview of the prelimi- Intelligence (www.aaai.org). All rights reserved. naries concerning MTL and progression, including the nota- 2760 tion used in this paper, in Section 3. Section 4 discusses the Algorithm 1: Classical Progression theory behind stochastic partial-state progression, followed 1 function PROGRESS(φ, si): by an overview of the related procedure in Section 5. An em- 2 if φ = φ _ φ then pirical evaluation of the procedure is presented in Section 6. 1 2 3 return PROGRESS(φ1; si) _ PROGRESS(φ2; si) Finally, the paper concludes with Section 7 with a summary 4 else if φ = :φ1 then and a discussion of future work. 5 return :PROGRESS(φ1; si) 6 else if φ = φ1 UI φ2 then 7 if I < 0 then 2 Related Work 8 return ? 9 else if 0 2 I then 10 return PROGRESS(φ2; si) _ (PROGRESS(φ1; si) ^ Partial-state progression is a useful technique when consid- φ1 UI−∆ φ2) ering applications such as safe robotics. Progression vari- 11 else ants have for example been used for execution monitor- 12 return PROGRESS(φ1; si) ^ φ1 UI−∆ φ2 ing (Kvarnstrom,¨ Heintz, and Doherty 2008) in autonomous 13 end UAV applications, in which path-checking of MTL formu- 14 else las was used to check whether the execution of a plan is in 15 if φ 2 si then accordance with expectations. 16 return > 17 else More recently, Desi et al. (Desai, Dreossi, and Seshia 18 return ? 2017) focused on a combination of model checking and 19 end runtime verification for making formal safety guarantees in 20 end robot software, where they make use of Signal Temporal Logic (STL) as a language for formalizing logical state- ments. STL is similar to MTL in extending the temporal op- erators from LTL to range over time intervals, but instead of 3 Classical Progression for MTL propositions it considers inequality checks over quantitative MTL is an extension of LTL with temporal operators rang- signals. While we focus on binary MTL statements, partial- ing over intervals. We denote the set of all MTL proposi- state progression could be extended to work with STL given tional symbols by . We define a state s to be a set of that the extra information in STL statements can be utilized. true propositions, andP its complement ⊆s to P denote the set P n The recent work by Adolf et al. (Adolf et al. 2017) of false propositions. A state thus models complete informa- on stream runtime monitoring in unmanned aircraft sys- tion. Since we are interested in temporal reasoning, we con- tems further shows the need for and interest in the abil- sider sequences of states called streams. A stream is denoted by a total ordering ρ = (s ; t ); (s ; t );::: for states si, ity to monitor robot systems during runtime for debugging f 0 0 1 1 g time-stamps ti N, and time-points i N.A stream prefix and the monitoring of safety restrictions. Progression of 2 2 is denoted by ρ≤τ = (s; t) t τ . MTL formulas has also been used for monitoring purposes. f j ≤ g For example, Basin et al. (Basin, Bhatt, and Traytel 2017; An MTL-formula is well-formed iff it adheres to the MTL Basin, Krstic,´ and Traytel 2017) proposed an MTL (and re- syntax: lated Metric Dynamic Logic; MDL) monitor for complex Definition 1 (MTL Syntax). The syntax for MTL is as fol- event processing which is almost event-rate independent, lows for atomic propositions p , temporal intervals meaning it can handle a dense stream with high quantities I [0; ], and well-formed formulas2 P (wffs) φ and : of events occuring within fixed time intervals. ⊆ 1 p φ φ φ I Our approach makes it possible to keep track of the prob- j : j _ j U In this paper we also make use of connectives ; ; ability of partial-state progression having ended up in some f^ ! $g MTL formula given a partially-observed incomplete state se- with their classical semantics, as well as the temporal oper- = = quence. This is somewhat related to the recent work by Med- ators ‘eventually’ ♦I φ def I φ and ‘always’ I φ def >U = hat et al. (Medhat et al. 2016), who proposed absolute and ♦I φ, and verdicts ‘true’ def p p and ‘false’ : =: > _: relative ‘counting quantifiers’, allowing them to express and def . Lastly, the temporal operator intervals may be omitted? for:> cases where I = [0; ]. monitor constraints that concern a lower or upper bound on 1 a certain number or percentage of instances. Their approach Definition 2 (MTL semantics). The semantics of MTL are differs from ours in that they extend LTL with counting defined recursively for a wff φ and a stream ρ at time ti: quantifiers whereas our probability mass exists at the meta- ρ, ti = p iff p si for p logic level.