Torwards Infinite-State Verification and Planning with Linear Temporal Logic Modulo Theories

In this extended abstract, we discuss about Linear Temporal Logic Modulo Theories over finite traces (LTLMTf ), a temporal logic that we recently introduced with the goal of providing an equilibrium between generality of the formalism and decidability of the logic. After recalling its distinguishing features, we discuss some future applications. 2012 ACM Subject Classification Theory of computation → Logic and verificatio

A Landscape of First-Order Linear Temporal Logics in Infinite-State Verification and Temporal Ontologies

We provide an overview of the main attempts to formalize and reason about the evolution over time of complex domains, through the lens of first-order temporal logics. Different communities have studied similar problems for decades, and some unification of concepts, problems and formalisms is a much needed but not simple task

Qualitative past Timeline-Based Games

This extended abstract discusses timeline-based planning, a modeling approach that offers a unique way to model complex systems. Recently, the timeline-based planning framework has been extended to handle general nondeterminism in a game-theoretic setting, resulting in timeline-based games. In this context, the problem of establishing whether a timeline-based game admits a winning strategy and synthesizing such a strategy have been addressed. We propose exploring simpler yet expressive fragments of timeline-based games by leveraging results about the role of past operators in synthesis from temporal logic specifications. The qualitative fragment of timeline-based planning is a good starting point for this exploration. We suggest introducing syntactic restrictions on synchronization rules so that they only constrain the behavior of the system before the current time point, which is expected to lower the complexity of synthesizing timeline-based games to EXPTIME. 2012 ACM Subject Classification Computing methodologies → Planning for deterministic action

Decidable Fragments of LTLf Modulo Theories

We study Linear Temporal Logic Modulo Theories over Finite Traces (LTLMTf), a recently introduced extension of LTL over finite traces (LTLf) where propositions are replaced by first-order formulas and where first-order variables referring to different time points can be compared. In general, LTLMTf was shown to be semi-decidable for any decidable first-order theory (e.g., linear arithmetics), with a tableau-based semi-decision procedure. In this paper we present a sound and complete pruning rule for the LTLMTf tableau. We show that for any LTLMTf formula that satisfies an abstract, semantic condition, that we call finite memory, the tableau augmented with the new rule is also guaranteed to terminate. Last but not least, this technique allows us to establish novel decidability results for the satisfiability of several fragments of LTLMTf, as well as to give new decidability proofs for classes that are already known

SMT-Based Symbolic Model-Checking for Operator Precedence Languages

Operator Precedence Languages (OPL) have been recently identified as a suitable formalism for model checking recursive procedural programs, thanks to their ability of modeling the program stack. OPL requirements can be expressed in the Precedence Oriented Temporal Logic (POTL), which features modalities to reason on the natural matching between function calls and returns, exceptions, and other advanced programming constructs that previous approaches, such as Visibly Pushdown Languages, cannot model effectively. Existing approaches for model checking of POTL have been designed following the explicit-state, automata-based approach, a feature that severely limits their scalability. In this paper, we give the first symbolic, SMT-based approach for model checking POTL properties. While previous approaches construct the automaton for both the POTL formula and the model of the program, we encode them into a (sequence of) SMT formulas. The search of a trace of the model witnessing a violation of the formula is then carried out by an SMT-solver, in a Bounded Model Checking fashion. We carried out an experimental evaluation, which shows the effectiveness of the proposed solution

SAT Meets Tableaux for Linear Temporal Logic Satisfiability

Linear temporal logic (LTL) and its variant interpreted on finite traces (LTLf) are among the most popular specification languages in the fields of formal verification, artificial intelligence, and others. In this paper, we focus on the satisfiability problem for LTLand LTLfformulas, for which many techniques have been devised during the last decades. Among these are tableau systems, of which the most recent is Reynolds’ tree-shaped tableau. We provide a SAT-based algorithm for LTLand LTLfsatisfiability checking based on Reynolds’ tableau, proving its correctness and discussing experimental results obtained through its implementation in the BLACK satisfiability checker

A FIRST-ORDER LOGIC CHARACTERIZATION OF SAFETY AND CO-SAFETY LANGUAGES

Linear Temporal Logic (LTL) is one of the most popular temporal logics and comes into play in a variety of branches of computer science. Among the various reasons of its widespread use there are its strong foundational properties: LTL is equivalent to counter-free ω-automata, to star-free ω-regular expressions, and (by Kamp’s theorem) to the First-Order Theory of Linear Orders (FO-TLO). Safety and co-safety languages, where a finite prefix suffices to establish whether a word does not belong or belongs to the language, respectively, play a crucial role in lowering the complexity of problems like model checking and reactive synthesis for LTL. Safety-LTL (resp., coSafety-LTL) is a fragment of LTL where only the tomorrow, the weak tomorrow and the until temporal modalities (resp., the tomorrow, the weak tomorrow and the release temporal modalities) are allowed, that recognises safety (resp., co-safety) languages only. The main contribution of this paper is the introduction of a fragment of FO-TLO, called Safety-FO, and of its dual coSafety-FO, which are expressively complete with respect to the LTL-definable safety and co-safety languages. We prove that they exactly characterize Safety-LTL and coSafety-LTL, respectively, a result that joins Kamp’s theorem, and provides a clearer view of the characterization of (fragments of) LTL in terms of first-order languages. In addition, it gives a direct, compact, and self-contained proof that any safety language definable in LTL is definable in Safety-LTL as well. As a by-product, we obtain some interesting results on the expressive power of the weak tomorrow operator of Safety-LTL, interpreted over finite and infinite words. Moreover, we prove that, when interpreted over finite words, Safety-LTL (resp. coSafety-LTL) devoid of the tomorrow (resp., weak tomorrow) operator captures the safety (resp., co-safety) fragment of LTL over finite words. We then investigate some formal properties of Safety-FO and coSafety-FO: (i) we study their succinctness with respect to their modal counterparts, namely, Safety-LTL and coSafety-LTL; (ii) we illustrate an important practical application of them in the context of reactive synthesis; (iii) we compare them with expressively equivalent first-order fragments. Last but not least, we provide different characterizations of the (co-)safety fragment of LTL in terms of temporal logics, automata, and regular expressions

LTL over Finite Words Can Be Exponentially More Succinct Than Pure-Past LTL, and vice versa

Linear Temporal Logic over finite traces (LTLf) has proved itself to be an important and effective formalism in formal verification as well as in artificial intelligence. Pure past LTLf (pLTL) is the logic obtained from LTLf by replacing each (future) temporal operator by a corresponding past one, and is naturally interpreted at the end of a finite trace. It is known that each property definable in LTLf is also definable in pLTL, and vice versa. However, despite being extensively used in practice, to the best of our knowledge, there is no systematic study of their succinctness. In this paper, we investigate the succinctness of LTLf and pLTL. First, we prove that pLTL can be exponentially more succinct than LTLf by showing that there exists a property definable with a pLTL formula of size n such that the size of all LTLf formulas defining it is at least exponential in n. Then, we prove that LTLf can be exponentially more succinct than pLTL as well. This result shows that, although being expressively equivalent, LTLf and pLTL are incomparable when succinctness is concerned. In addition, we study the succinctness of Safety-LTL (the syntactic safety fragment of LTL over infinite traces) with respect to its canonical form G(pLTL), whose formulas are of the form G(α), G being the globally operator and α a pLTL formula. We prove that G(pLTL) can be exponentially more succinct than Safety-LTL, and that the same holds for the dual cosafety fragment. 2012 ACM Subject Classification Theory of computation → Modal and temporal logics; Theory of computation → Logic and verificatio