Reactive Systems: Modelling, Specification and Verification - Cs.ioc.ee

109
Note that logical negation is not one of the constructs in the abstract syntax for
M. However, the language M is closed under negation, in the sense that, for each
formula F ∈ M, there is a formula F c ∈ M that is equivalent to the negation of
F . This formula F c is defined inductively on the structure of F as follows:
1. tt c = ff 4. (F ∨ G) c = F c ∧ G c
2. ff c = tt 5. (〈a〉F ) c = [a]F c
3. (F ∧ G) c = F c ∨ G c 6. ([a]F ) c = 〈a〉F c .
Note, for instance, that
(〈a〉tt) c = [a]ff and
([a]ff) c = 〈a〉tt.
Proposition 5.1 Let (Proc, Act, { a → | a ∈ Act}) be a labelled transition system.
Then, for every formula F ∈ M, it holds that [F c ] = Proc \ [F ].
Proof: The proposition can be proven by structural induction on F . The details
are left as an exercise to the reader. ✷
Exercise 5.8
1. Prove Proposition 5.1.
2. Prove, furthermore, that (F c ) c = F for every formula F ∈ M. Hint: Use
structural induction on F .
As a consequence of Proposition 5.1, we have that, for each process P and formula
F , exactly one of P |= F and P |= F c holds. In fact, each process is either
contained in [F ] or in [F c ].
In Exercise 5.5 you were asked to come up with formulae that distinguished
processes that we know are not strongly bisimilar. As a further example, consider
the processes
A def
= a.A + a.0 and
B def
= a.a.B + a.0 .
These two processes are not strongly bisimilar. In fact, A affords the transition
A a → A .