1,191 research outputs found
A Temporal Logic for Hyperproperties
Hyperproperties, as introduced by Clarkson and Schneider, characterize the
correctness of a computer program as a condition on its set of computation
paths. Standard temporal logics can only refer to a single path at a time, and
therefore cannot express many hyperproperties of interest, including
noninterference and other important properties in security and coding theory.
In this paper, we investigate an extension of temporal logic with explicit path
variables. We show that the quantification over paths naturally subsumes other
extensions of temporal logic with operators for information flow and knowledge.
The model checking problem for temporal logic with path quantification is
decidable. For alternation depth 1, the complexity is PSPACE in the length of
the formula and NLOGSPACE in the size of the system, as for linear-time
temporal logic
Quantified CTL: Expressiveness and Complexity
While it was defined long ago, the extension of CTL with quantification over
atomic propositions has never been studied extensively. Considering two
different semantics (depending whether propositional quantification refers to
the Kripke structure or to its unwinding tree), we study its expressiveness
(showing in particular that QCTL coincides with Monadic Second-Order Logic for
both semantics) and characterise the complexity of its model-checking and
satisfiability problems, depending on the number of nested propositional
quantifiers (showing that the structure semantics populates the polynomial
hierarchy while the tree semantics populates the exponential hierarchy)
On the Complexity of ATL and ATL* Module Checking
Module checking has been introduced in late 1990s to verify open systems,
i.e., systems whose behavior depends on the continuous interaction with the
environment. Classically, module checking has been investigated with respect to
specifications given as CTL and CTL* formulas. Recently, it has been shown that
CTL (resp., CTL*) module checking offers a distinctly different perspective
from the better-known problem of ATL (resp., ATL*) model checking. In
particular, ATL (resp., ATL*) module checking strictly enhances the
expressiveness of both CTL (resp., CTL*) module checking and ATL (resp. ATL*)
model checking. In this paper, we provide asymptotically optimal bounds on the
computational cost of module checking against ATL and ATL*, whose upper bounds
are based on an automata-theoretic approach. We show that module-checking for
ATL is EXPTIME-complete, which is the same complexity of module checking
against CTL. On the other hand, ATL* module checking turns out to be
3EXPTIME-complete, hence exponentially harder than CTL* module checking.Comment: In Proceedings GandALF 2017, arXiv:1709.0176
Model Checking CTL is Almost Always Inherently Sequential
The model checking problem for CTL is known to be P-complete (Clarke,
Emerson, and Sistla (1986), see Schnoebelen (2002)). We consider fragments of
CTL obtained by restricting the use of temporal modalities or the use of
negations---restrictions already studied for LTL by Sistla and Clarke (1985)
and Markey (2004). For all these fragments, except for the trivial case without
any temporal operator, we systematically prove model checking to be either
inherently sequential (P-complete) or very efficiently parallelizable
(LOGCFL-complete). For most fragments, however, model checking for CTL is
already P-complete. Hence our results indicate that, in cases where the
combined complexity is of relevance, approaching CTL model checking by
parallelism cannot be expected to result in any significant speedup. We also
completely determine the complexity of the model checking problem for all
fragments of the extensions ECTL, CTL+, and ECTL+
Model Checking CTL is Almost Always Inherently Sequential
The model checking problem for CTL is known to be P-complete (Clarke, Emerson, and Sistla (1986), see Schnoebelen (2002)). We consider fragments of CTL obtained by restricting the use of temporal modalities or the use of negations—restrictions already studied for LTL by Sistla and Clarke (1985) and Markey (2004). For all these fragments, except for the trivial case without any temporal operator, we systematically prove model checking to be either inherently sequential (P-complete) or very efficiently parallelizable (LOGCFL-complete). For most fragments, however, model checking for CTL is already P-complete. Hence our results indicate that in most applications, approaching CTL model checking by parallelism will not result in the desired speed up. We also completely determine the complexity of the model checking problem for all fragments of the extensions ECTL, CTL +, and ECTL +
Refinement Modal Logic
In this paper we present {\em refinement modal logic}. A refinement is like a
bisimulation, except that from the three relational requirements only `atoms'
and `back' need to be satisfied. Our logic contains a new operator 'all' in
addition to the standard modalities 'box' for each agent. The operator 'all'
acts as a quantifier over the set of all refinements of a given model. As a
variation on a bisimulation quantifier, this refinement operator or refinement
quantifier 'all' can be seen as quantifying over a variable not occurring in
the formula bound by it. The logic combines the simplicity of multi-agent modal
logic with some powers of monadic second-order quantification. We present a
sound and complete axiomatization of multi-agent refinement modal logic. We
also present an extension of the logic to the modal mu-calculus, and an
axiomatization for the single-agent version of this logic. Examples and
applications are also discussed: to software verification and design (the set
of agents can also be seen as a set of actions), and to dynamic epistemic
logic. We further give detailed results on the complexity of satisfiability,
and on succinctness
- …