An on-the-fly tableau construction for a real-time temporal logic

<strong>An</strong> on-the-fly tableau construction for a 

real-time temporal logic 

Marc Geilen 

Information and Communication Systems Group 

Faculty of Electrical Engineering 

Eindhoven University of Technology 

P.O.Box 513, 5600 MB Eindhoven 

The Netherlands 

E-mail: M.C.W.Geilen@tue.nl 

November 29, 2001

Overview 

1. Introduction 

2. Modelling Timed Systems 

3. Real-Time Temporal Logic 

4. Efficient Tableau Constructions 

5. Conclusions 

A 1

1. Introduction: Real-time Systems 

• Real-time systems must adhere to 

quantitative timing constraints 

• Embedded systems, control systems, 

etcetera 

• Hard real-time, soft real-time 

A 2

1. Introduction: LTL Model-checking 

System 

S 

Büchi Automaton 

A S 

Product Automaton 

A S £A ¡ 

• Automata-theoretic approach 

LTL Property 

' 

Büchi Automaton 

A ¡ 

S satisfies ' 

iff 

L(A S )\L(A :' )=∅ 

iff 

L(A S £A ' )=∅ 

• Tableau construction relates temporal logic and automata 

A 3

1. Introduction: Related Work 

• This approach has not yet been applied to timed linear temporal 

logics 

• TCTL model-checking 

• ‘proof of concept’ tableau construction by Alur 

No implementation, not practical 

• Tools DT-Spin/UPPAAL/Kronos use LTL model-checking or 

reachability analysis only 

A 4

1. Introduction: Goals 

• Goal: an efficient tableau construction for a (dense) time linear 

temporal logic 

• Enabling the automata theoretic approach to timed temporal logic 

model-checking 

• (Enabling the monitoring of timed temporal logic properties during 

simulations) 

A 5

2. Modelling Timed Systems 

A 6

2. Labelled Transition Systems 

F G F G 

F G 

F G 

System can be viewed as LTS (or Kripke structure) 

Set Prop of observable (boolean) propositions (p, q) 

F G 

Observable states are subsets of Prop. 

A 7 

F G 

F G 

F G

2. Exploring a Labelled Transition System 

F G 

F G F G 

F G 

The (linear) view on behaviour of the system is a path through the LTS. 

A trace ¯σ ∈ (2 Prop ) ω is an infinite sequence of states 

A 8 

F G 

F G 

F G 

F G

2. Timed Transition Systems 

F 

G 

F G 

F G 

N # 

F G 

N F G 

For quantitative timing aspects, the LTS is augmented with timers to 

express constraints on the timing of a run. 

A 

We use interval automata to model such systems 

9 

F G 

N # 

F G 

F G

3. Real-Time Temporal Logic 

A 10

3. Linear Temporal Logic 

To specify properties of reactive systems, one often uses LTL formulas 

(in positive form, p ∈ Prop): 

ϕ ::= true | false | p | ¬p | ϕ1 ∨ ϕ2 | ϕ1 ∧ ϕ2 | ○ ϕ | ϕ1Uϕ2 | ϕ1Vϕ2. 

LTL formulas are interpreted on infinite traces in the standard way 

A 11

3. Real-time Temporal Logic 

To deal with quantitative timing requirements, temporal logics are 

extended. 

The untimed Until operator ϕ1Uϕ2 states that sometime in the future, ϕ2 

must hold, but cannot express hard constraints on that moment. 

The extended operator ϕ1UIϕ2 adds an interval I that denotes that the 

occurrence of ϕ2 must be within I. 

A 12

3. Model-checking of Timed Systems 

Timed System 

S 

Timed Automaton 

A S 

Product Automaton 

A S £A ¡ 

MITL Property 

' 

Timed Automaton 

A ¡ 

S satisfies ' 

iff 

L(A S )\L(A :' )=∅ 

iff 

L(A S £A ' )=∅ 

Tableau procedure for real-time temporal logic is required. 

Must be efficient to make model-checking feasible in practice. 

⇒ On-the-fly construction 

A 13

3. Real-time Temporal Logic 

To specify properties, we use MITL≤ formulas (in positive form) 

(p ∈ Prop): 

ϕ ::= true | false | p | ¬p | ϕ1 ∨ ϕ2 | ϕ1 ∧ ϕ2 | ○ ϕ | ϕ1UIϕ2 | ϕ1VIϕ2. 

Let’s keep it simple! 

I is an interval of the form [0, d] with d some integer. 

MITL≤ formulas are interpreted on timed state sequences. 

¯ρ = (I0I1I2 . . . ,σ0σ1σ2 . . . ) 

A 14

4. Efficient Tableau Constructions 

A 15

4. On-the-fly tableau construction 

 

 

 

 

• Separating now and the the future 

• Disjunctive form mapped to nondeterministic 

choice 

• Normal form 

ϕ = (Π1 ∧ ○Φ1) ∨ (Π2 ∧ ○Φ2) ∨ . . . 

• Rewriting procedure NF 

E.g. pUq ≡ q ∨ (p ∧ ○pUq) 

ϕ1 ∧ (ϕ2 ∨ ϕ3) ≡ (ϕ1 ∧ ϕ2) ∨ (ϕ1 ∧ 

ϕ3) 

A 16

4. On-the-fly tableau construction 

pUq 

q 

p 

°pUq 

true 

• E.g. 

pUq ≡ q(∧ ○ true) ∨ (p ∧ ○pUq) 

• true ≡ true ∧ ○true 

• incremental / on-the-fly 

A 17

4. Real-time On-the-fly Tableaux 

To obtain a similar normal form for timed temporal logic we extend the 

logic with timers. 

ψ ::= ϕ | TS.ψ | x > 0 | x ≥ 0 | x < 0 | x ≤ 0 | 

○ψ | ϕ1U≤xϕ2 | ϕ1U≤x+ɛϕ2 | ϕ1V≤xϕ2 | ϕ1V


• Unfolding 

ϕ1U≤xϕ2 ≡ ϕ2 ∨ (x > 0 ∧ ϕ1 ∧ ○ϕ1U≤xϕ2 

ϕ1V≤yϕ2 ≡ y ≤ 0 ∨ (ϕ2 ∧ (ϕ1 ∨ ○ϕ1V≤yϕ2)) 

(but what does ○ mean in dense time?) 

• We cannot create a new timer every time we must check a timed 

subformula 

ϕ1U≤dϕ2 ∧ ϕ1U≤xϕ2 ≡ ϕ1U≤xϕ2 (if x ≤ d) 

A 19


x:=5 

pU ≤5 q 

q 

p 

x>0 

pU≤5q ≡ q ∨ {x := 5}.(p ∧ x > 0∧ 

○pU≤xq) 

A 20


x:=5 

pU ≤5 q 

pU ≤x q 

q 

p 

x>0 

pU≤5q ≡ q ∨ {x := 5}.(p ∧ x > 0∧ 

○pU≤xq) 

pU≤xq ≡ q ∨ (p ∧ x > 0 ∧ ○pU≤xq) 

A 21


TS 1 

TS 2 

TS 3 

' 

¦ 1 

¥ 1 

¦ 2 

¥ 2 

¦ k 

¥ k 

© 2 

• Normal form 

ϕ = (Π1 ∧ Ξ1 ∧ ○Φ1)∨ 

(Π2 ∧ Ξ2 ∧ ○Φ2) ∨ . . . 

• Propositional part Πi 

• Timer Conditions Ξi 

• Future part Φi 

A 22


Two similar timed state sequences . . . 

[ 

0 2 

4 

[ 

:p 

:p 

:p 

0 2 

4 

A 23 

:p 

]( 

)[ 

p 

p


Looking at the formula ♦≤2p . . . 

[ 

0 2 

4 

[ 

: ≤ p 

:p 

: ≤ p 

:p 

]( 

)[ 

≤ p 

:p 

0 2 

4 

A 24 

≤ p 

:p 

]( 

)[ 

p 

p


Checking the formula using timers . . . 

[ 

0 2 

4 

[ 

: ≤£ p 

:p 

: ≤ ¡ p 

:p 

¤ :=¥ 

]( 

¢ :=£ 

)[ 

≤ ¡ ¢ p 

≤£ p 

:p 

≤ p 

≤ ¡ p 

:p 

0 2 

4 

♦≤2p s ⇒ {x := 2}.♦≤xp ♦≤2p o ⇒ {x := 2}.♦≤x+ɛp 

A 25 

]( 

)[ 

p 

p


As the type of interval transition influences the constraints to be verified. 

It is controlled by enforcing alternation of open and singular intervals. 

x:=0 x:=0 

x=0 

t 0 ) {t 0 } (t 0 , 

t 0 

open 

singular 

x=0 

t 1 ) {t 1 } (t 1 

A 26 

t 1


⇒ Two sets of normal form rewrite rules! 

Normal form procedure NFs 

Normal form procedure NFo 

¯ρ |=ν NFs(ψ) iff ¯ρ |=ν ψ 

¯ρ t |=ν NFo(ψ) iff ¯ρ t |=ν ψ for all t in the first open interval 

A 27


TS 1 

TS 2 

TS 3 

singular 

¢ 

¢ 

¢ 

£ 

£ 

£ 

1 

1 

2 

2 

k 

k 

TS a 

TS b 

§ ¨© 

open 

¢ 

¡ 

¢ 

£ 

£ 

¢¥¤ 

£¦¤ 

2 

a 

a 

b 

b 

singular 

A 28 

¡ 

b

4. The Tableau Algorithm 

L0 := {((s, Now, Next), TS(¯0)) | (TS, Now, Next) ∈ NFs({ϕ})} 

LNew := {(s, Now, Next) | ((s, Now, Next), TS) ∈ L0 } 

L := ∅, E := ∅ 

while LNew = ∅ do 

Let (it, Now, Next) ∈ LNew 

LNew := LNew\{(it, Now, Next)} 

L := L ∪ {(it, Now, Next)} 

for every (TS ′ , Now ′ , Next ′ ) ∈ NF it (Next) do 

E := E ∪ {((it, Now, Next), TS ′ , (it, Now ′ , Next ′ ))} 

if (it, Now ′ , Next ′ ) /∈ L then 

LNew := LNew ∪ {(it, Now ′ , Next ′ )} 

od 

od 

A 29

4. Example 

Tableau automaton of the formula ≤100♦≤5p 

 

 

© 

 

 

 

 

 

 

 

¥ 

 

¦ § ¡¢¤¨ ¥ ¥ ¡¢¤£ 

0 § 

 

¥ § 

 

¥ 

 

 

¥ § 

 

¥ § 

 

¥ 

§ ¥ 

 

 

 

¥ ¦ 

§ ¥ 

 

 

¥ § 

¥ § 

singular 

open 

sing.+open 

A 30

5. Other Issues and Conclusions 

A 31

5. Constructing Monitors for Runtime 

Verification 

• Deterministic and incremental 

• On-the-fly determinisation 

• Localise updates (stutter-closed formulas) 

• Instrumenting programs and models 

• Specification language for properties and 

atomic propositions 

A 32

5. Optimising the tableaux 

Results can still be optimised 

• Joining locations for open and singular intervals 

• Using techniques applied to LTL tableaux 

– Rewriting formulas before construction 

– Optimising automata after construction 

– Identify equivalent locations 

A 33

5. Conclusions and Future Work 

• On-the-fly tableau construction for a linear real-time temporal logic 

• Weakly monotone time 

• Observers for simulations 

• Implementation 

A 34

An on-the-fly tableau construction for a real-time temporal logic

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?