A machine-checked constructive metatheory of computation tree logic

This thesis presents a machine-checked constructive metatheory of computation tree logic (CTL) and its sublogics K and K* based on results from the literature. We consider models, Hilbert systems, and history-based Gentzen systems and show that for every logic and every formula s the following statements are decidable and equivalent: s is true in all models, s is provable in the Hilbert system, and s is provable in the Gentzen system. We base our proofs on pruning systems constructing finite models for satisfiable formulas and abstract refutations for unsatisfiable formulas. The pruning systems are devised such that abstract refutations can be translated to derivations in the Hilbert system and the Gentzen system, thus establishing completeness of both systems with a single model construction. All results of this thesis are formalized and machine-checked with the Coq interactive theorem prover. Given the level of detail involved and the informal presentation in much of the original work, the gap between the original paper proofs and constructive machine-checkable proofs is considerable. The mathematical proofs presented in this thesis provide for elegant formalizations and often differ significantly from the proofs in the literature.Diese Dissertation beschreibt eine maschinell verifizierte konstruktive Metatheorie von computation tree logic (CTL) und deren Teillogiken K und K*. Wir betrachten Modelle, Hilbert-Kalküle und History-basierte Gentzen-Kalküle und zeigen, für jede betrachtete Logik und jede Formel s, Entscheidbarkeit und Äquivalenz der folgenden Aussagen: s gilt in allen Modellen, s ist im Hilbert-Kalkül ableitbar und s ist im Gentzen-Kalkül ableitbar. Die Beweise bauen auf Pruningsystemen auf, welche für erfüllbare Formeln endliche Modelle und für unerfüllbare Formeln abstrakte Widerlegungen konstruieren. Die Pruningsysteme sind so konstruiert, dass abstrakte Widerlegungen zu Widerlegungen sowohl im Hilbert- als auch im Gentzen-Kalkül übersetzt werden können. Dadurch wird es möglich, die Vollständigkeit beider Systeme mit nur einer Modellkonstruktion zu zeigen. Alle Ergebnisse dieser Dissertation sind formalisiert und maschinell verifiziert mit Hilfe des Beweisassistenten Coq. In Anbetracht der Fülle an Details und der informellen Beweisführung in großen Teilen der Originalliteratur, erfordert dies teilweise tiefgreifende Veränderungen an den Beweisen aus der Literatur. Die Beweise in der vorliegenden Arbeit sind so aufgebaut, dass sie zu eleganten Formalisierungen führen

A machine-checked constructive metatheory of computation tree logic

This thesis presents a machine-checked constructive metatheory of computation tree logic (CTL) and its sublogics K and K* based on results from the literature. We consider models, Hilbert systems, and history-based Gentzen systems and show that for every logic and every formula s the following statements are decidable and equivalent: s is true in all models, s is provable in the Hilbert system, and s is provable in the Gentzen system. We base our proofs on pruning systems constructing finite models for satisfiable formulas and abstract refutations for unsatisfiable formulas. The pruning systems are devised such that abstract refutations can be translated to derivations in the Hilbert system and the Gentzen system, thus establishing completeness of both systems with a single model construction. All results of this thesis are formalized and machine-checked with the Coq interactive theorem prover. Given the level of detail involved and the informal presentation in much of the original work, the gap between the original paper proofs and constructive machine-checkable proofs is considerable. The mathematical proofs presented in this thesis provide for elegant formalizations and often differ significantly from the proofs in the literature.Diese Dissertation beschreibt eine maschinell verifizierte konstruktive Metatheorie von computation tree logic (CTL) und deren Teillogiken K und K*. Wir betrachten Modelle, Hilbert-Kalküle und History-basierte Gentzen-Kalküle und zeigen, für jede betrachtete Logik und jede Formel s, Entscheidbarkeit und Äquivalenz der folgenden Aussagen: s gilt in allen Modellen, s ist im Hilbert-Kalkül ableitbar und s ist im Gentzen-Kalkül ableitbar. Die Beweise bauen auf Pruningsystemen auf, welche für erfüllbare Formeln endliche Modelle und für unerfüllbare Formeln abstrakte Widerlegungen konstruieren. Die Pruningsysteme sind so konstruiert, dass abstrakte Widerlegungen zu Widerlegungen sowohl im Hilbert- als auch im Gentzen-Kalkül übersetzt werden können. Dadurch wird es möglich, die Vollständigkeit beider Systeme mit nur einer Modellkonstruktion zu zeigen. Alle Ergebnisse dieser Dissertation sind formalisiert und maschinell verifiziert mit Hilfe des Beweisassistenten Coq. In Anbetracht der Fülle an Details und der informellen Beweisführung in großen Teilen der Originalliteratur, erfordert dies teilweise tiefgreifende Veränderungen an den Beweisen aus der Literatur. Die Beweise in der vorliegenden Arbeit sind so aufgebaut, dass sie zu eleganten Formalisierungen führen

Completeness and Decidability Results for CTL in Coq

We prove completeness and decidability results for the temporal logic CTL in Coq/Ssreflect. Our basic result is a constructive proof that for every formula one can obtain either a finite model satisfying the formula or a proof in a Hilbert system certifying the unsatisfiability of the formula. The proof is based on a history-augmented tableau system obtained as the dual of Brünnler and Lange's cut-free sequent calculus for CTL. We prove the completeness of the tableau system and give a translation of tableau refutations into Hilbert refutations. Decidability of CTL and completeness of the Hilbert system follow as corollaries

Constructive Completeness for Modal Logic with Transitive Closure

Classical modal logic with transitive closure appears as a subsystem of logics used for program verification. The logic can be axiomatized with a Hilbert system. In this paper we develop a constructive completeness proof for the axiomatization using Coq with Ssreflect. The proof is based on a novel analytic Gentzen system, which yields a certifying decision procedure that for a formula constructs either a derivation or a finite countermodel. Completeness of the axiomatization then follows by translating Gentzen derivations to Hilbert derivations. The main difficulty throughout the development is the treatment of transitive closure

Formal Methods Specification and Analysis Guidebook for the Verification of Software and Computer Systems

This guidebook, the second of a two-volume series, is intended to facilitate the transfer of formal methods to the avionics and aerospace community. The 1st volume concentrates on administrative and planning issues [NASA-95a], and the second volume focuses on the technical issues involved in applying formal methods to avionics and aerospace software systems. Hereafter, the term "guidebook" refers exclusively to the second volume of the series. The title of this second volume, A Practitioner's Companion, conveys its intent. The guidebook is written primarily for the nonexpert and requires little or no prior experience with formal methods techniques and tools. However, it does attempt to distill some of the more subtle ingredients in the productive application of formal methods. To the extent that it succeeds, those conversant with formal methods will also nd the guidebook useful. The discussion is illustrated through the development of a realistic example, relevant fragments of which appear in each chapter. The guidebook focuses primarily on the use of formal methods for analysis of requirements and high-level design, the stages at which formal methods have been most productively applied. Although much of the discussion applies to low-level design and implementation, the guidebook does not discuss issues involved in the later life cycle application of formal methods

Completeness and Decidability of Converse PDL in the Constructive Type Theory of Coq

International audienceThe completeness proofs for Propositional Dynamic Logic (PDL) in the literature are non-constructive and usually presented in an informal manner. We obtain a formal and constructive completeness proof for Converse PDL by recasting a completeness proof by Kozen and Parikh into our constructive setting. We base our proof on a Pratt-style decision method for satisfiability constructing finite models for satisfiable formulas and pruning refutations for unsatisfiable formulas. Completeness of Segerberg's axiomatization of PDL is then obtained by translating pruning refutations to derivations in the Hilbert system. We first treat PDL without converse and then extend the proofs to Converse PDL. All results are formalized in Coq/Ssreflect

Collective agency:From philosophical and logical perspectives

People inhabit a vast and intricate social network nowadays. In addition to our own decisions and actions, we confront those of various groups every day. Collective decisions and actions are more complex and bewildering compared to those made by individuals. As members of a collective, we contribute to its decisions, but our contributions may not always align with the outcome. We may also find ourselves excluded from certain groups and passively subjected to their influences without being aware of the source. We are used to being in overlapping groups and may switch identities, supporting or opposing the claims of particular groups. But rarely do we pause to think: What do we talk about when we talk about groups and their decisions?At the heart of this dissertation is the question of collective agency, i.e., in what sense can we treat a group as a rational agent capable of its action. There are two perspectives we take: a philosophical and logical one. The philosophical perspective mainly discusses the ontological and epistemological issues related to collective agency, sorts out the relevant philosophical history, and argues that the combination of a relational view of collective agency and a dispositional view of collective intentionality provides a rational and realistic account. The logical perspective is associated with formal theories of groups, it disregards the psychological content involved in the philosophical perspective, establishes a logical system that is sufficiently formal and objective, and axiomatizes the nature of a collective

Time, events and temporal relations: an empirical model for temporal processing of Italian texts

The aim of this work is the elaboration a computational model for the identification of temporal relations in text/discourse to be used as a component in more complex systems for Open-Domain Question-Answers, Information Extraction and Summarization. More specifically, the thesis will concentrate on the relationships between the various elements which signal temporal relations in Italian texts/discourses, on their roles and how they can be exploited. Time is a pervasive element of human life. It is the primary element thanks to which we are able to observe, describe and reason about what surrounds us and the world. The absence of a correct identification of the temporal ordering of what is narrated and/or described may result in a bad comprehension, which can lead to a misunderstanding. Normally, texts/discourses present situations standing in a particular temporal ordering. Whether these situations precede, or overlap or are included one within the other is inferred during the general process of reading and understanding. Nevertheless, to perform this seemingly easy task, we are taking into account a set of complex information involving different linguistic entities and sources of knowledge. A wide variety of devices is used in natural languages to convey temporal information. Verb tense, temporal prepositions, subordinate conjunctions, adjectival phrases are some of the most obvious. Nevertheless even these obvious devices have different degrees of temporal transparency, which may sometimes be not so obvious as it can appear at a quick and superficial analysis. One of the main shortcomings of previous research on temporal relations is represented by the fact that they concentrated only on a particular discourse segment, namely narrative discourse, disregarding the fact that a text/discourse is composed by different types of discourse segments and relations. A good theory or framework for temporal analysis must take into account all of them. In this work, we have concentrated on the elaboration of a framework which could be applied to all text/discourse segments, without paying too much attention to their type, since we claim that temporal relations can be recovered in every kind of discourse segments and not only in narrative ones. The model we propose is obtained by mixing together theoretical assumptions and empirical data, collected by means of two tests submitted to a total of 35 subjects with different backgrounds. The main results we have obtained from these empirical studies are: (i.) a general evaluation of the difficulty of the task of recovering temporal relations; (ii.) information on the level of granularity of temporal relations; (iii.) a saliency-based order of application of the linguistic devices used to express the temporal relations between two eventualities; (iv.) the proposal of tense temporal polysemy, as a device to identify the set of preferences which can assign unique values to possibly multiple temporal relations. On the basis of the empirical data, we propose to enlarge the set of classical finely grained interval relations (Allen, 1983) by including also coarse-grained temporal relations (Freska, 1992). Moreover, there could be cases in which we are not able to state in a reliable way if there exists a temporal relation or what the particular relation between two entities is. To overcome this issue we have adopted the proposal by Mani (2007) which allows the system to have differentiated levels of temporal representation on the basis of the temporal granularity associated with each discourse segment. The lack of an annotated corpus for eventualities, temporal expressions and temporal relations in Italian represents the biggest shortcomings of this work which has prevented the implementation of the model and its evaluation. Nevertheless, we have been able to conduct a series of experiments for the validation of procedures for the further realization of a working prototype. In addition to this, we have been able to implement and validate a working prototype for the spotting of temporal expressions in texts/discourses