More efficient proof-search for sequents of temporal logic

Romas Alonderis

resúmenes

secciones

referencias

imágenes

Abstract: The present paper deals with efficiency improvement of backward proof-search of sequents of propositional linear temporal logic, using a loop-type sequent calculus. The improvement is achieved by syntactic transformation of sequents into equivalent to them simpler ones. It is proved that some formulas can be removed from sequents with no impact on their derivability.

Keywords: temporal logics, backward proof-search, loop-type sequent calculi.

Summary: Šiame straipsnyje pateikiamas dalinis metodas leidžiantis gauti efektyvesnę sekvenciju˛ i˛rodymo paiešką propozicinei tiesinio laiko logikai, naudojant ciklini˛ sekvencini˛ skaičiavimą. Šis metodas yra pagri˛stas sintaksine sekvenciju˛ transformacija i˛ joms ekvivalenčias paprastesnes sekvencijas. Straipsnyje taip pat parodoma, kad kai kurios formule˙s gali bu¯ti pašalintos iš sekvenciju˛ niekaip nepaveikiant ju˛ i˛rodomumo.

Keywords: laiko logika, atgaline˙, irodymo paieška, cikliniai sekvenciniai skaičiavimai.

Carátula del artículo

Articles

More efficient proof-search for sequents of temporal logic

Efektyvesne˙ laiko logikos sekvenciju˛ i˛rodymo paieška

Romas Alonderis romas.alonderis@mif.vu.lt

Vilnius University, Lituania

Lietuvos matematikos rinkinys, vol. 63 Ser. A, pp. 1-8, 2022
Vilniaus Universitetas

Esta obra está bajo una Licencia Creative Commons Atribución 4.0 Internacional.

Recepción: 03 Mayo 2022

Publicación: 10 Diciembre 2022

DOI: https://doi.org/10.15388/LMR.2022.29752

1 Introduction

Propositional linear temporal logic (PLTL) is used in computer science for specification and verification of programs [2, 5]. Sequent calculi are convenient tools for check of formula validity by means of proof-search. Various tableaux and sequent deductive systems are considered in the literature: tableaux proof-search systems [9, 13]; infinitary sequent calculi containing ω-type induction rule [10]; sequent calculi with invariant-like rule [7, 11, 12]; saturated sequent calculi [8]; a cut-free and invariant-free sequent calculus [4]; loop-type sequent calculi based on sequent history method [3, 6]; loop-type sequent calculus based on derivation loop check [1]. Backward proof-search using the sequent calculus G_LT introduced in [1] involves checks of global conditions, so called derivation loops. The checks hinder efficiency of proof-search. The present paper concerns with some partial methods allowing us to make proof-search shorter, reducing the number of the checks and hence making the proof-search more efficient. This is achieved by syntactic transformation of sequents into equivalent to them simpler ones. It has been proved that some formulas can be removed from sequents with no impact of their derivability. The present paper is organized as follows. In Section 2, we recall the syntax and semantics of PLTL and the calculus G_LT. The correct sequents are defined in Section 3. Sequent simplification and backward proof-search reduction are considered in Section 4. Some concluding remarks are in Section 5.

2 Syntax, semantics, and sequent calculus G_LT

The language of PLTL contains a set P of propositional symbols ${p, p_{1}, p_{2}, . . ., q, q_{1}, q_{2}, . . .}$ the logical operators $\neg,\lor,\land,\supset,$ , temporal operators □ (“henceforth always”) and ⃝ (“next”). The language does not contain the temporal operator ♢ (“sometimes”), assuming that $♢ \emptyset = \neg □ \neg \emptyset$ . Propositional symbols are called atomic formulas. The formulas $\emptyset$ of PLTL are inductively defined as follows:

\emptyset : := p ∣ \neg \emptyset ∣ \emptyset \lor ψ ∣ \emptyset \land ψ ∣ \emptyset \supset ψ ∣ ⃝ \emptyset ∣ □ \emptyset

The Greek letters $\emptyset$ and $ψ$ are used to denote arbitrary formulas. The expression $O^{n}$ denotes the sequence of $n' o' - s, e . g ., o^{2} p = o o p .$ .

An interpretation $M= (N,I)$ consists of the set of natural numbers $ℕ$ and the function $I : ℕ \mapsto 2^{ℙ}$ , where $2^{ℙ}$ is the set of subsets of $ℙ$ . The semantics of PLTL formulas is provided by the satisfaction relation $⊨ :$

M, j ⊨ p, i f f p \in I (j);

M, i ⊨ \neg \emptyset, i f f M, i ⩝ \emptyset;

M, i ⊨ \emptyset V ψ, i f f M, i ⊨ \emptyset o r M, i ⊨ ψ;

M, i ⊨ \emptyset \land ψ, i f f M, i ⊨ \emptyset a n d M, i ⊨ ψ;

M, i ⊨ \supset ψ, i f f M, i ⩝ \emptyset o r M, i ⊨ ψ;

M, i ⊨ O \emptyset, i f f M, i + 1 ⊨ \emptyset;

M, i ⊨ □ \emptyset, i f f M, j ⊨ \emptyset $ f o r a l l j \geq i .

An interpretation M is a model for a formula $\emptyset$ , iff $M,0|= \emptyset$ . A formula $\emptyset$ is called valid, $⊨ \emptyset$ in notation, iff every interpretation is a model for $\emptyset$

The sequent calculus G_LT is defined in [1]. We recall here some definitions. The temporal rules:

\frac{| T \Rightarrow ∆ ∣}{Σ, o T \Rightarrow o ∆, Σ'} (o) \frac{∣ \emptyset, o □ \emptyset, T \Rightarrow ∆ ∣}{□ \emptyset, T \Rightarrow ∆} (□ \Rightarrow),

\frac{∣ T \Rightarrow ∆, \emptyset ∣ ∣ T \Rightarrow ∆, o □ \emptyset}{T \Rightarrow ∆, □ \emptyset} (\Rightarrow □)

Here: $Γ,∆,Σ,Σ'$ denote finite, possibly empty, multisets of formulas, where $Σ\cupΣ'$ consists of atomic formulas; the conclusion is not an axiom and $T \cup ∆ \neq θ$ in (O).

Given a sequent S, a GLT proof-search tree with the sequent S at the root is constructed in usual way by subsequently applying backwards the GLT derivation rules to S and the sequents obtained in the course of the tree construction. A proof search tree is denoted by V. The expression V(S) denotes that S is the root of V.

We say that a sequent S′ subsumes $S (S' ⪰ S$ in notation), iff S′ can be inferred from S by the structural rule of weakening. If $S′ = S$ , then we say S′ strongly subsumes S.

Definition 1. Given a proof-search tree, the upward path p from some sequent S in the tree to S′ inclusive is called a (strong) derivation loop, $[S − S′]$ in notation, iff: 1) the length of p is greater than 0 and 2) $S′ ⪰ S (S′ = S)$ . The nodes marked with S and S′ are called the base and terminal of $[S − S′]$ , respectively. The sequents S and S′ are called the base and terminal sequents of $[S − S′]$ , respectively. It is true that $λ(S) ⩽λ (S′)$ .

Definition 2. A (strong) derivation loop $[S − S′]$ is called a (strong) derivation loop with the universality formula $□ \emptyset$ , iff: 1) $S = (Γ⇒ ∆,θ), 2) S′= Π,Γ ⇒ ∆,θ,Λ$ where $θ \in {□ \emptyset, □ \emptyset}$ , and 3) $[S - S']$ contains the right premise of $(\Rightarrow □ \emptyset)$ , and does not contain the left premise of $(\Rightarrow □ \emptyset)$ .

If a derivation loop is not the derivation loop with a universality formula, then the derivation loop is called α-void.

The following proposition is proved in [1]:

Proposition 1.Any derivation loop $[S − S′]$ has an application of. (O).

Definition 3. A sequent S is called derivable in G_LT ( $⊢ S$ in notation), iff there exists a backward proof-search tree V(S) such that each leaf of V(S) is an axiom or a terminal sequent of a derivation loop with some universality formula. Such a tree V(S) is called a derivation of S or a derivation tree.

3 Correct sequents

We write $ψ ≡ φ$ , iff $M, i ⊨ \emptyset$ implies $M, i ⊨ \emptyset$ and vice versa for any pair M,i.

Proposition 2.

O (\emptyset θ ψ) \equiv O \emptyset θ \emptyset ψ, O η \emptyset \equiv η O \emptyset,

where $θ \in {\lor,\land,\supset}$ and $η \in {□,\neg}$ .

Proof. Let us consider, e.g., the case when $η = □$ . If $M, i ⊨ O □ ψ$ , then $M, i + 1 ⊨ □ ψ$ . Hence $M, j + 1 ⊨ ψ$ for all $j \geq i$ . This fact implies $M, j ⊨ O ψ$ for all $j \geq i$ . We obtain $M, i ⊨ □ O ψ$ .

If $M, i ⊨ □ O ψ$ , then $M, j ⊨ O ψ$ for all $j \geq i$ . Hence $M, j + 1 ⊨ ψ$ for all $j \geq i$ .

This fact implies $M, i + 1 ⊨ □ ψ$ . It follows that $M, i ⊨ O □ ψ$ .

The remaining cases are considered similarly, using the semantics of propositional connectives and $' O'$ .

Corollary 1. If $\emptyset \equiv ψ$ , then $⊨ \emptyset i f f ⊨ ψ$ .

Using Proposition 2,wepusheach $' O'$ inward in formulas so that it binds only propositional symbols and other $' O'$ . For example, the formula

□ O (q \supset O \neg (p \land q_{1}))

is transformed into the formula $□ (O q \supset \neg (O O p \land O O q_{1})$ . Such formulas are called correct. A sequent S is called correct, iff each member of S is correct or of the type $O □ \emptyset$ , where $□ \emptyset$ is correct.

Proposition 3. If S is correct, then all sequents in any backward proof-search tree V (S) are correct.

Proof. The proof follows from the obvious fact that if the conclusion of an arbitrary G_LT derivation rule is a correct sequent, then any premise of this rule is a correct sequent too.

From now on, we consider only correct sequents. The generality is not lost, since any formula $\emptyset$ can be transformed into a correct formula $ψ$ such that $\emptyset \equiv ψ$ , using Proposition 2. Hence $⊦ \emptyset i f f ⊦ ψ$ , based on Corollary 1 and the fact that G_LT is sound and complete, according to Theorems 4.4 and 5.4, respectively, in [1].

4 Sequent and backward proof-search simplification

The sequent τ(S) is obtained from S by substituting $q_{i}$ for. $O^{n} p_{i}$ , where $n > 0, O^{n} p_{i}$ is not a sub-formula of $O O^{n} p_{i}$ in S, and all $q_{i}$ are different and do not occur in S. The obtained sequent has no formulas of the type $O^{n} p$ , where $n > 0$ . For example:

T (o □ (o o p \land o o o p) \Rightarrow o o o p, p, q) = o □ (q_{1} \land q_{2}) \Rightarrow q_{1}, p, q .

A signed formula $\emptyset^{σ}$ is defined inductively as follows:

\emptyset^{σ} {\begin{matrix} p^{σ} & i f \emptyset = p, \\ \emptyset_{1}^{σ} θ^{σ} \emptyset_{2}^{σ} & i f \emptyset = \emptyset_{0} θ \emptyset_{2} & , & w h e r e θ \in {\land, V}, \\ \emptyset_{1}^{η} \supset^{σ} \emptyset_{2}^{σ} & i f \emptyset = \emptyset_{1} \supset \emptyset_{2} \end{matrix} \{\begin{array}{lr} ⨼^{σ} & i f \emptyset = \neg ψ \\ θ^{σ} Ψ^{σ} & i f \emptyset = θ ψ, w h e r e θ \in {O, □} \end{array}

where $η, σ ∈ {l,r}$ and $η \neq σ$ (“l” stands for left side of the sequent (antecedent) and “r” stands for the right side of the sequent (succedent)). If $T = (q_{1}, . . ., q_{m})$ , then $T^{σ} = (q_{1}^{σ}, . . ., q_{m}^{σ})$ . If $S = (Π \Rightarrow ∆)$ , then

s^{s g} = ⫪^{l} \Rightarrow ∆^{r}

$S^{s g}$ is called a signed sequent. A sequent S is called $□^{l} - f r e e$ , if $S^{s g}$ does not contain $□^{l}$ . The maximal class of $□^{l} - f r e e$ sequents is denoted by $ℂ (\ □^{□ l})$ .

Lemma 1.If $S \in ℂ (\ □^{□ l})$ , then any path in V(S) that goes via the conclusion and left premise of $(\Rightarrow □)$ is not a derivation loop.

Proof. If

\frac{| T \Rightarrow \emptyset ∆ | | T \Rightarrow O □ \emptyset, ∆ |}{T \Rightarrow □ \emptyset, ∆} (\Rightarrow □)

is in V(S), then any sequent in any upward path $π_{1}$ starting with the left premise contains at least one occurrence of $□ \emptyset$ less than any sequent in any upward path $π_{2}$ ending by the conclusion. Hence no sequent in $π_{1}$ can subsume any sequent in $π_{2}$ .

Lemma 2.If $S \in ℂ (\ □^{l})$ , then any derivation loop in V S) consists of sequents of the type $\Rightarrow O □ ∆, □ ∆$ and is strong.

Proof. Let us consider any path $π$ in V(S). Assume that $π$ starts with a sequent of the type $\Rightarrow O □ ∆, □ ∆$ . If $π$ is a derivation loop, then there is no left premise of $(\Rightarrow □)$ in $π$ , according to Lemma 1.Hence $π$ consists of sequents of type $\Rightarrow O □ ∆', □ Λ'$ and is strong. If the path $π$ starts with a sequent which is not of the type $\Rightarrow O □ ∆, □ Λ$ , then it cannot subsume any sequent above (O) in $π$ . Hence $π$ is not a derivation loop, based on Proposition 1.

Lemma 3.If $S \in ℂ (\ □^{l})$ , then any connected component in any V(S) consists of one derivation loop.

Proof. The proof follows from Lemmas 1 and 2.

Corollary 2.If $S \in ℂ (□^{l})$ , then there is no β-void derivation loop in any V(S).

Theorem 1.If $S \in ℂ (\ □^{l})$ , then $⊢$ iff $⊢ T (S)$ .

Proof. The Theorem is proved by induction on the derivation height h. If $h = 0$ , then both S and $T (S)$ are axioms. Let $h > 0$ . If S is not of type $(\Rightarrow O □ ∆, □ Λ)$ , then neither S nor $T (S)$ can be in a derivation loop, according to Lemma 2.Thetheoremisproved traditionally by the inductive hypothesis in this case. Let $S : (\Rightarrow O □ \emptyset, □ ∆, □ Λ)$ be the base sequent of a derivation loop $[S - S_{1}]$ and the derivation of S start at the bottom by

\frac{| \Rightarrow \emptyset, □ ∆, O □ Λ | | \Rightarrow O □ \emptyset, □ Λ |}{S : \Rightarrow □ \emptyset, □ ∆, O □} (\Rightarrow □)

We have $S = S_{1}$ , by Lemma 2.Lemma 1 implies that any sequent $S_{L}$ that is the left premise of any application of $(\Rightarrow □)$ the conclusion of which is in $[S - S_{1}]$ cannot be in $[S - S_{1}]$ . Based on this fact, we apply the inductive hypothesis to each such $S_{L}$ in the considered derivation tree. $S = S_{1}$ implies $T (S) = T (S_{1})$ . Hence $[T (S) - T (S_{1})]$ is a derivation loop. We get $⊢ T (S)$ . The direction from $⊢ T (S)$ to $⊢ S$ is considered in the same way.

Let $S : (\Rightarrow O □ Λ)$ be the base sequent of a derivation loop $[S - S_{1}]$ and the derivation of S start at the bottom by

\frac{| \Rightarrow □ Λ |}{S : \Rightarrow O □ Λ} (O)

Only $(\Rightarrow □)$ can be backward applied to the premise and we consider this case in the same way as the previous one.

Example 1. If $S \in ℂ (\ □^{l})$ , then $⊢ S$ iff $⊢ T (S)$ , according to Theorem1. Hence we can use $T (S)$ so that to check if S is derivable. The reduction of S to $T (S)$ may substantially reduce backward proof-search because the number of $' O'$ in $T (S)$ is diminished in comparison with S. For example, let $S = (p, o p, o o p \Rightarrow □ p)$ . The backward proof-search of S is as follows:

\frac{s_{1} : \Rightarrow p \Rightarrow o □ p}{\Rightarrow □ p} \frac{p \Rightarrow p p \Rightarrow o □ p}{p \Rightarrow □ p} \frac{p, o p \Rightarrow p p, o p \Rightarrow o □ p}{p, o p \Rightarrow □ p} \frac{p, o p, o o p \Rightarrow p p, o p, o o p \Rightarrow o □ p}{p, o p, o o p \Rightarrow □ p}

We get $⊬ S$ because no rule is backward applicable to $S_{1}$ . Using $t (s) = (p, q, q_{1} \Rightarrow □ p)$ instead of S, the same result is achieved as follows:

\frac{S_{1} : \Rightarrow p \Rightarrow o □ p}{\Rightarrow □ p} \frac{p, q, q_{1} \Rightarrow p p, q, q_{1} \Rightarrow o □ p}{p, q, q_{1} \Rightarrow □ p}

We obtain $⊬ T (S)$ because no rule is backward applicable to $S_{1}$ . Hence $⊬ S$ , according to Theorem 1.Wehave 3 rule applications in the backward proof-search of $T (S)$ versus 8 rule applications in the backward proof-search of S.

Example 2. Let S be any non-axiom sequent of the type $Ξ \Rightarrow Ξ_{1}$ , where each formula in $Ξ$ and $Ξ_{1}$ is of the type $O^{n} p (n \geq 0)$ . It follows from Theorem 1 that S is not derivable because $T (S)$ is an atomic non-axiom sequent, i.e., no further backward proof-search is needed.

Sequents of the type $Ξ, □ T \Rightarrow □ ∆, Ξ_{1}$ , where only propositional symbols and $' O'$ occur in $(Ξ, Ξ_{1})$ , are called canonical. Let $O^{n} p (n \geq 0)$ be a member of a canonical sequent $Ξ, □ T \Rightarrow □ ∆, Ξ_{1}$ . The formula $O^{n} p$ is called redundant in the sequent if p does not occur in $(T, ∆)$ .

A backward proof-search tree V is called a one-step reduction tree, iff 1) there is at most one application of $(O)$ on each branch and 2) each non-atomic and non-axiom leaf of V is a premise of $(O)$ . It is easy to see that every leaf of any one-step reduction tree is an axiom or a canonical sequent. We have that proof-search of an arbitrary sequent can be reduced to proof-search of canonical sequents.

Theorem 2.If $S^{'}$ is obtained from a non-axiom canonical sequent S by dropping redundant formulas, then $⊢ S$ iff $⊢ S^{'}$ .

Proof. If $⊢ S^{'}$ , then $⊢ S$ , using the rule of weakening and Theorem 6.5 in [1]. Let $⊢ S$ . It follows that $⊢ S$ because G_LT is sound, Theorem 4.4 in [1]. It is easy to see that this fact implies $⊨ S^{'}$ . Hence $⊢ S^{'}$ because G_LT is complete, Theorem 5.4 in [1].

Dropping redundant members allows us to simplify sequents and reduce backward proof-search in some cases. Let us consider, e. g., the sequent $S = (□ p \Rightarrow o o p)$ . The formula $o o q$ is redundant in S. We drop it and obtain $□ p \Rightarrow$ . This sequent is equivalent to S by Theorem 2.

5 Concluding remarks

In the present paper, correct sequents have been defined and it has been shown that any sequent S is equivalent to some correct sequent. The sequent $T (S)$ for any correct sequent S and the class of sequents $ℂ (\ □^{l})$ have been defined. We have proved that if S belongs to this class, then it is derivable if and only if $T (S)$ is derivable, Theorem 1.Thatenablestocheckderivabilityof S by means of a simpler sequent $T (S)$ , which substantially reduces backward proof-search in cases when S has many occurrences of $' O'$ . Also, redundant formulas have been defined and it has been proved that dropping redundant formulas from a canonical sequent has no impact on its derivability, Theorem 2. Theoptimizationsofbackwardproof-searchpresentedin the present paper concern only partial cases. The general case could be a topic for further investigation.

Material suplementario

References

[1] R. Alonderis, R. Pliuškevičius, A. Pliuškevičiene˙, H. Giedra. Loop-type sequent calculi for temporal logic. J. Autom. Reason, 64(8):1663–1684, 2020.

[2] C. Baier, J.P. Katoen. Principles of Model Checking. The MIT Press Cambridge, Massachusetts, London, England, 2008.

[3] K. Brünnler, M. Lange. Cut-free sequent systems for temporal logic. J. Log. Algebr. Program.,76(2):216–225, 2008.

[4] J. Gaintzarain, M. Hermo, P. Lucio, M. Navarro, F. Orejas. A cut-free and invariantfree sequent calculus for pltl. In J. Duparc, T.A. Henzinger(Eds.), Computer Science Logic. CSL 2007, volume 4646 of Lect. Notes Comput. Sci., pp. 481–495, 2007. https://doi.org/10.1007/978-3-540-74915-8_36.

[5] M. Huth, M. Ryan. Logic in Computer Science: Modelling and Reasoning about Systems. Cambridge University Press, 2012.

[6] I. Kokkinis, T. Studer. Cyclic proofs for linear temporal logic. In D. Probst, P. Schuster(Eds.), Concepts of Proof in Mathematics, Philosophy, and Computer Science, pp. 171–192. De Gruyter, Berlin, Boston, 2016.

[7] B. Paech. Gentzen-systems for propositional temporal logics. In E. Börger, H.K. Büning, M.M. Richter (Eds.), CSL ’88. CSL 1988, volume 385 of Lect. Notes Comput. Sci., pp. 240–253. Springer, Berlin, Heidelberg, 1988. https://doi.org/10.1007/BFb0026305.

[8] R. Pliuškevičius. On saturated calculi for linear temporal logic. In A.M. Borzyszkowski, S. Sokołowski(Eds.), Mathematical Foundations of Computer Science 1993. MFCS 1993, volume 711 of Lect. Notes Comput. Sci., pp. 640–649. Springer, Berlin, Heidelberg, 1993. https://doi.org/10.1007/3-540-57182-5_55.

[9] S. Schwendimann. A new one-pass tableau calculus for PLTL. In Automated Reasoning with Analytic Tableaux and Related Methods. TABLEAUX 1998, volume 1397 of Lect. Notes Comput. Sci., pp. 277–291. Springer, Berlin, Heidelberg, 1998. https://doi.org/10.1007/3-540-69778-0_28.

[10] G. Sundholm. A completeness proof for an infinitary tense-logic. Theoria, 43:47–51, 1977. https://doi.org/10.1111/j.1755-2567.1977.tb00778.x.

[11] M. Valiev. On temporal logic of von Vright. In Soviet-Finland Colloquim on Logic, Moscow, pp. 7–11, 1979 (in Russian).

[12] M.K. Valiev. Decision complexity of variants of propositional dynamic logic. In P. Dembinski(Ed.), Mathematical Foundations of Computer Science 1980. MFCS 1980, volume 88 of Lect. Notes Comput. Sci., pp. 656–664, Berlin, 1980. Springer-Verlag.

[13] P. Wolper. The tableau method for temporal logic: an overview. Log. Anal., 28:119–136, 1985.

Notas