Formal Specification and Automatic Verification of Conditional Commitments

Developing and implementing a model checker dedicated to conditional logic with the user interface are urgent requirements for determining whether agents comply with their commitment protocols

Leveraging commitments and goals in agent interaction

Abstract. Modeling and regulating interactions among agents is a crit-ical step in the development of Multiagent Systems (MASs). Some re-cent works assume a normative view, and suggest to model interaction protocols in terms of obligations. In this paper we propose to model in-teraction protocols in terms of goals and commitments, and show how such a formalization promotes a deliberative process inside the agents. In particular, we take a software engineering perspective, and balance the use of commitments against obligations inside interaction protocols. The proposal is implemented via JaCaMo+, an extension to JaCaMo, in which Jason agents can interact while preserving their deliberative capabilities by exploiting commitment-based protocols, reified by special CArtAgO artifacts. The paper shows how practical rules relating goals and commitments can be almost directly encoded as Jason plans to be used as building blocks in agent programming

Exploiting Social Commitments in Programming Agent Interaction

Abstract. Modeling and regulating interactions among agents is a crit-ical step in the development of Multiagent Systems (MASs). Some re-cent works assume a normative view, and suggest to model interaction protocols in terms of obligations. In this paper we propose to model in-teraction protocols in terms of goals and commitments, and show how such a formalization promotes a deliberative process inside the agents. The proposal is implemented via JaCaMo+, an extension of JaCaMo, in which Jason agents can interact, while preserving their deliberative ca-pabilities, by exploiting commitment-based protocols, reified by special CArtAgO artifacts

Comodo: Collaborative Monitoring of Commitment Delegations

Understanding accountability in contract violations, e.g., whom is accountable for what, is a tedious, time-consuming, and costly task for human decision-making, especially when contractual responsibilities are delegated among parties. Intelligent software agents equipped with expert capabilities such as monitoring and diagnosis help save time and improve accuracy of diagnosis by formal reasoning upon electronic contracts. Such contracts are represented as commitment norms, a well studied artifact in multi-agent systems, which provide semantics for agent interactions. Due to the open and heterogeneous nature of multi-agent systems, commitments are often violated. When a commitment is violated, e.g., an exception occurs, agents need to collaborate to understand what went wrong and which agent is responsible. We propose Comodo: a framework for monitoring commitment delegations and detecting violations. We define a complete set of possible rational delegation schemes for commitments, identifying for each combination of delegations what critical situations may lead to an improper delegation and potentially to a commitment violation. Comodo provides a sound and complete distributed reasoning procedure that is able to find all improper delegations of a given commitment. We provide the complete implementation of Comodo using the Reactive Event Calculus, and present an e-commerce case study to demonstrate its workings. Due to its generic nature, we discuss the application of our approach to other distributed diagnosis problems in emergency healthcare, Internet of Things and smart environments, and security, privacy, and accountability in the context of socio-technical system

Model Checking Real-Time Conditional Commitment Logic using Transformation

A new logical language for real-time conditional commitments called RTCTLcc has been developed by extending the CTL logic with interval bounded until modalities, conditional commitment modalities, and fulfillment modalities. RTCTLcc allows us to express qualitative and quantitative commitment requirements in a convenient way. These requirements can be used to model multi-agent systems (MASs) employed in environments that react properly and timely to events occurring at time instants or within time intervals. However, the timing requirements and behaviors of MASs need an appropriate way to scale and bundle and should be carefully analyzed to ensure their correctness, especially when agents are autonomous. In this paper, we develop transformation algorithms that are fully implemented in a new Java toolkit for automatically transforming the problem of model checking RTCTLcc into the problem of model checking RTCTL (real-time CTL). The toolkit engine is built on top of the NuSMV tool, effectively used to automatically verify and analyze the correctness of real-time distributed systems. We analyzed the time and space computational complexity of the RTCTLcc model checking problem. We proved the soundness and completeness of the transformation technique and experimentally evaluated the validity of the toolkit using a set of business scenarios. Moreover, we added a capability in the toolkit to automatically scale MASs and to bundle requirements in a parametric form. We experimentally evaluated the scalability aspect of our approach using the standard ordering protocol. We further validated the approach using an industrial case study

Analyzing the Interaction between Knowledge and Social Commitments in Multi-Agent Systems

Both knowledge and social commitments in Multi-Agent Systems (MASs) have long been under research independently, especially for agent communication. Plenty of work has been carried out to define their semantics. However, in concrete applications such as business settings and web-based applications, agents should reason about their knowledge and their social commitments at the same time, particularly when they are engaged in conversations. In fact, studying the interaction between knowledge and social commitments is still in its beginnings. Therefore, in this thesis, we aim to provide a practical and formal framework that analyzes the interaction between knowledge and communicative social commitments in MASs from the semantics, model checking, complexity, soundness and completeness perspectives. To investigate such an interaction, we, first, combine CTLK (an extension of computation Tree Logic (CTL) with modality for reasoning about knowledge) and CTLC (an extension of CTL with modalities for reasoning about commitments and their fulfillments) in one new logic named CTLKC. By so doing, we identify some paradoxes in the new logic showing that simply combining current versions of commitment and knowledge logics results in a language of logic that violates some fundamental intuitions. Consequently, we propose CTLKC+, a new consistent logic of knowledge and commitments that fixes the identified paradoxes and allows us to reason about social commitments and knowledge simultaneously in a consistent manner. Second, we use correspondence theory for modal logics to prove the soundness and completeness of CTLKC+. To do so, we develop a set of reasoning postulates in CTLKC+ and correspond them to certain classes of frames. The existence of such correspondence allows us to prove that the logic generated by any subset of these postulates is sound and complete, with respect to the models that are based on the corresponding frames. Third, we address the problem of model checking CTLKC+ by transforming it to the problem of model checking GCTL∗ (a generalized version of Extended Computation Tree Logic (CTL∗) with action formulas) and ARCTL (the combination of CTL with action formulas) in order to respectively use the CWB-NC automata-based model checker and the extended NuSMV symbolic model checker. Moreover, we prove that the transformation techniques are sound. Fourth, we analyze the complexity of the proposed model checking techniques. The results of this analysis reveal that the complexity of our transformation procedures is PSPACE-complete for local concurrent programs with respect to the size of these programs and the length of the formula being checked. From the time perspective, we prove that the complexity of the proposed approaches is P-complete with regard to the size of the model and length of the formula. Finally, we implement our model checking approaches and report some experimental results by verifying the well-known NetBell payment protocol against some desirable properties

Modeling and Verifying Probabilistic Social Commitments in Multi-Agent Systems

Interaction among autonomous agents in Multi-Agent Systems (MASs) is the key aspect for solving complex problems that an individual agent cannot handle alone. In this context, social approaches, as opposed to the mental approaches, have recently received a considerable attention in the area of agent communication. They exploit observable social commitments to develop a verifiable formal semantics by which communication protocols can be specified. However, existing approaches for defining social commitments tend to assume an absolute guarantee of correctness so that systems run in a certain manner. That is, social commitments have always been modeled with the assumption of certainty. Moreover, the widespread use of MASs increases the interest to explore the interactions between different aspects of the participating agents such as the interaction between agents’ knowledge and social commitments in the presence of uncertainty. This results in having a gap, in the literature of agent communication, on modeling and verifying social commitments in probabilistic settings. In this thesis, we aim to address the above-mentioned problems by presenting a practical formal framework that is capable of handling the problem of uncertainty in social commitments. First, we develop an approach for representing, reasoning about, and verifying probabilistic social commitments in MASs. This includes defining a new logic called the probabilistic logic of commitments (PCTLC), and a reduction-based model checking procedure for verifying the proposed logic. In the reduction technique, the problem of model checking PCTLC is transformed into the problem of model checking PCTL so that the use of the PRISM (Probabilistic Symbolic Model Checker) is made possible. Formulae of PCTLC are interpreted over an extended version of the probabilistic interpreted systems formalism. Second, we extend the work we proposed for probabilistic social commitments to be able to capture and verify the interactions between knowledge and commitments. Properties representing the interactions between the two aspects are expressed in a new developed logic called the probabilistic logic of knowledge and commitment (PCTLkc). Third, we develop an adequate semantics for the group social commitments, for the first time in the literature, and integrate it into the framework. We then introduce an improved version of PCTLkc and extend it with operators for the group knowledge and group social commitments. The new refined logic is called PCTLkc+. In each of the latter stages, we respectively develop a new version of the probabilistic interpreted systems over which the presented logic is interpreted, and introduce a new reduction-based verification technique to verify the proposed logic. To evaluate our proposed work, we implement the proposed verification techniques on top of the PRISM model checker and apply them on several case studies. The results demonstrate the usefulness and effectiveness of our proposed work

Representing and monitoring social commitments using the event calculus

Multiagent social commitments provide a principled basis for agent interactions, and serve as a natural tool to resolve design ambiguities. Indeed, they have been the subject of considerable research for more than a decade. However, the take-up of the social commitments paradigm is yet to come. To explain this negative result, we pinpoint a number of shortcomings, which this article aims to address. We extend current commitment modelling languages, thus leveraging expressive possibilities that were precluded by previous formalizations. We propose a novel axiomatization of commitment operations in a first order Event Calculus framework, that accommodates reasoning with data and metric time. Finally, we illustrate how publicly available REC implementations can be exploited for commitment monitoring purposes

Formal Specification and Automatic Verification of Multi-Agent Conditional Commitments and their Applications

Modeling agent communication using social commitments in the form of obligatory contracts among intelligent agents in a multi-agent system (MAS) provides a quintessential basis for capturing flexible and declarative interactions and helps in addressing the challenge of ensuring compliance with specifications. However, on the one hand, social commitments exclusively are not able to model agent communication actions, the cornerstone of the fundamental agent communication theory, namely speech act theory. These actions provide mechanisms for dynamic interactions and enable designers to track the evolution of active commitments. On the other hand, the designers of the system cannot guarantee the emergence of expected behaviors, such as self-contained intelligent agent complies with its protocols and honors its activated commitments. Moreover, the designers might still wish to develop effective and scalable algorithms to tackle the problem of model checking complex interactions modeled by conditional commitments and conditional commitment actions and regulated by commitment-based protocols at design time. Conditional commitments are a natural and universal frame of social commitments and cope with business conditional contracts. This dissertation is in principle about addressing two open challenging issues: 1) formally defining computationally grounded semantics for agent communication messages in terms of conditional commitments and associated actions (fulfill, cancel, release, assign and delegate), which is yet to be studied; and 2) developing a symbolic algorithm dedicated to tackle the raised model checking problem and to ensure the development of correct systems. In this dissertation, we start with distinguishing between two types of conditional commitments: weak and strong. Weak conditional commitments are those that can be activated even if the antecedents will never be satisfied, while strong conditional commitments are those that can be solely activated when there is at least one possibility to satisfy their assigned antecedents. We develop a branching-time temporal logic called CTL{cc,\alpha} that extends computation tree logic (CTL) with new modalities for representing and reasoning about the two types of conditional commitments and their actions using the formalism of interpreted systems. We present a set of valid properties, a set of reasoning rules, and a set of action postulates in order to explore the capabilities of CTL{cc,\alpha}. Furthermore, we propose a new life cycle of conditional commitments. Having a new logic (CTL{cc,\alpha}), we introduce a new symbolic algorithm to tackle the problem of its model checking. Instead of developing our algorithm from scratch, we extend the standard CTL model checking algorithm with symbolic algorithms needed for new modalities. We also investigate important theoretical results (soundness and termination) of the algorithm. Given that, we completely implement our algorithm and then assemble it on top of the symbolic model checker MCMAS, developed to automatically and directly test MAS specifications. The resulting symbolic model checker is so-called MCMAS+. We extend MCMAS's input modeling and encoding language called ISPL with shared and unshared variables needed for agent interactions and with the syntactic grammar of new modalities to produce a new one called ISPL+. We also extend the MCMAS's graphical user interface to display verified models to reduce inefficient and labor-intensive processes performed by the designers. To evaluate the performance of the developed algorithm, we analyze its time and space computational complexity. The computed time and space complexity are P-complete for explicit models and PSPACE-complete for concurrent programs. Such results are positive because model checking CTL{cc,\alpha} has the same time and space complexity of model checking CTL although CTL{cc,\alpha} extends CTL. Therefore, CTL{cc,\alpha} balances between expressive power and verification efficiency. Regarding the feasibility aspect, we apply our approach in three different application domains: business interaction protocols, health care processes, and web service compositions. The MAS paradigm is successfully employed in these domains wherein a component is represented, implemented and enacted by an agent. The proposed approach improved the employed MAS paradigm by formally modeling and automatically verifying interactions among participating agents so that the bad behaviors can be detected and then eliminated or repaired at design time and the confidence on the safety, efficiency and robustness is increased. We conduct extensive experiments to evaluate the computational performance and scalability of MCMAS+ using very large case studies. The obtained results strongly confirm the theoretical findings and make MCMAS+ practical. We finally compare our approach to other available approaches and show that it outperforms such approaches in terms of execution time, memory usage and number of considered intelligent agents