Results 1  10
of
29
Safraless Decision Procedures
, 2005
"... The automatatheoretic approach is one of the most fundamental approaches to developing decision procedures in mathematical logics. To decide whether a formula in a logic with the treemodel property is satisfiable, one constructs an automaton that accepts all (or enough) tree models of the formu ..."
Abstract

Cited by 56 (23 self)
 Add to MetaCart
The automatatheoretic approach is one of the most fundamental approaches to developing decision procedures in mathematical logics. To decide whether a formula in a logic with the treemodel property is satisfiable, one constructs an automaton that accepts all (or enough) tree models of the formula and then checks that the language of this automaton is nonempty. The standard approach translates formulas into alternating parity tree automata, which are then translated, via Safra's determinization construction, into nondeterministic parity automata. This approach is not amenable to implementation because of the difficulty of implementing Safra's construction and the nonemptiness test for nondeterministic parity tree automata. In this
Optimizations for LTL synthesis
 IN 6TH CONFERENCE ON FORMAL METHODS IN COMPUTER AIDED DESIGN (FMCAD’06
, 2006
"... We present an approach to automatic synthesis of specifications given in Linear Time Logic. The approach is based on a translation through universal coBüchi tree automata and alternating weak tree automata [1]. By careful optimization of all intermediate automata, we achieve a major improvement i ..."
Abstract

Cited by 36 (9 self)
 Add to MetaCart
We present an approach to automatic synthesis of specifications given in Linear Time Logic. The approach is based on a translation through universal coBüchi tree automata and alternating weak tree automata [1]. By careful optimization of all intermediate automata, we achieve a major improvement in performance. We present several optimization techniques for alternating tree automata, including a gamebased approximation to language emptiness and a simulationbased optimization. Furthermore, we use an incremental algorithm to compute the emptiness of nondeterministic Büchi tree automata. All our optimizations are computed in time polynomial in the size of the automaton on which they are computed. We have applied our implementation to several examples and show a significant improvement over the straightforward implementation. Although our examples are still small, this work constitutes the first implementation of a synthesis algorithm for full LTL. We believe that the optimizations discussed here form an important step towards making LTL synthesis practical.
Planning with firstorder temporally extended goals using heuristic search
 In AAAI06
, 2006
"... Temporally extended goals (TEGs) refer to properties that must hold over intermediate and/or final states of a plan. The problem of planning with TEGs is of renewed interest because it is at the core of planning with temporal preferences. Currently, the fastest domainindependent classical planners ..."
Abstract

Cited by 32 (13 self)
 Add to MetaCart
(Show Context)
Temporally extended goals (TEGs) refer to properties that must hold over intermediate and/or final states of a plan. The problem of planning with TEGs is of renewed interest because it is at the core of planning with temporal preferences. Currently, the fastest domainindependent classical planners employ some kind of heuristic search. However, existing planners for TEGs are not heuristic and are only able to prune the search space by progressing the TEG. In this paper we propose a method for planning with TEGs using heuristic search. We represent TEGs using a rich and compelling subset of a firstorder linear temporal logic. We translate a planning problem with TEGs to a classical planning problem. With this translation in hand, we exploit heuristic search to determine a plan. Our translation relies on the construction of a parameterized nondeterministic finite automaton for the TEG. We have proven the correctness of our algorithm and analyzed the complexity of the resulting representation. The translator is fully implemented and available. Our approach consistently outperforms TLPLAN on standard benchmark domains, often by orders of magnitude. 1
SPOT: an Extensible Model Checking Library Using TransitionBased Generalized Büchi Automata
 IN PROC. OF MASCOTS’04
, 2004
"... Spot is a C++ library offering model checking bricks that can be combined and interfaced with third party tools to build a model checker. It relies on Transitionbased Generalized B uchi Automata (TGBA) and does not need to degeneralize these automata to check their emptiness. We motivate the choice ..."
Abstract

Cited by 31 (8 self)
 Add to MetaCart
Spot is a C++ library offering model checking bricks that can be combined and interfaced with third party tools to build a model checker. It relies on Transitionbased Generalized B uchi Automata (TGBA) and does not need to degeneralize these automata to check their emptiness. We motivate the choice of TGBA by illustrating a very simple (yet efficient) translation of LTL into TGBA. We then show how it supports onthefly computations, and how it can be extended or integrated in other tools.
Runtime verification for LTL and TLTL
, 2007
"... This paper studies runtime verification of properties expressed either in lineartime temporal logic (LTL) or timed lineartime temporal logic (TLTL). It classifies runtime verification in identifying its distinguishing features to model checking and testing, respectively. It introduces a threevalued ..."
Abstract

Cited by 27 (7 self)
 Add to MetaCart
(Show Context)
This paper studies runtime verification of properties expressed either in lineartime temporal logic (LTL) or timed lineartime temporal logic (TLTL). It classifies runtime verification in identifying its distinguishing features to model checking and testing, respectively. It introduces a threevalued semantics (with truth values true, false, inconclusive) as an adequate interpretation as to whether a partial observation of a running system meets an LTL or TLTL property. For LTL, a conceptually simple monitor generation procedure is given, which is optimal in two respects: First, the size of the generated deterministic monitor is minimal, and, second, the monitor identifies a continuously monitored trace as either satisfying or falsifying a property as early as possible. The feasibility of the developed methodology is demontrated using a collection of realworld temporal logic specifications. Moreover, the presented approach is related to the properties monitorable in general and is compared to existing concepts in the literature. It is shown that the set of monitorable properties does not only encompass the safety and cosafety properties but is strictly larger. For TLTL, the same road map is followed by first defining a threevalued semantics. The corresponding construction of a timed monitor is more involved, yet, as shown, possible.
LTL Satisfiability Checking
 SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER
"... We report here on an experimental investigation of LTL satisfiability checking via a reduction to model checking. By using large LTL formulas, we offer challenging modelchecking benchmarks to both explicit and symbolic model checkers. For symbolic model checking, we use CadenceSMV, NuSMV, and SALSM ..."
Abstract

Cited by 24 (4 self)
 Add to MetaCart
We report here on an experimental investigation of LTL satisfiability checking via a reduction to model checking. By using large LTL formulas, we offer challenging modelchecking benchmarks to both explicit and symbolic model checkers. For symbolic model checking, we use CadenceSMV, NuSMV, and SALSMC. For explicit model checking, we use SPIN as the search engine, and we test essentially all publicly available LTL translation tools. Our experiments result in two major findings. First, most LTL translation tools are research prototypes and cannot be considered industrial quality tools. Second, when it comes to LTL satisfiability checking, the symbolic approach is clearly superior to the explicit approach.
Search control in planning for temporally extended goals
 In Proc. ICAPS05
, 2005
"... Current techniques for reasoning about search control knowledge in AI planning, such as those used in TLPlan, TALPlanner, or SHOP2, assume that search control knowledge is conditioned upon and interpreted with respect to a fixed set of goal states. Therefore, these techniques can deal with reachabil ..."
Abstract

Cited by 14 (2 self)
 Add to MetaCart
Current techniques for reasoning about search control knowledge in AI planning, such as those used in TLPlan, TALPlanner, or SHOP2, assume that search control knowledge is conditioned upon and interpreted with respect to a fixed set of goal states. Therefore, these techniques can deal with reachability goals but do not apply to temporally extended goals, such as goals of achieving a condition whenever a certain fact becomes true. Temporally extended goals convey several intermediate reachability goals to be achieved at different point of execution, sometimes with cyclic executions; that is, the notion of goal state becomes dynamic. In this paper, we describe a method for reasoning about search control knowledge in the presence of temporally extended goals. Given such a goal, we generate an equivalent Büchi automaton— an automaton recognising the language of the executions satisfying the goal—and interpret control knowledge over this automaton and the world state trajectories generated by a forward search planner. This method is implemented and experimented with as an extension of the TLPlan planner, which incidentally becomes capable of handling cyclic goals.
Antichains: Alternative Algorithms for LTL Satisfiability and ModelChecking
"... The linear temporal logic (LTL) was introduced by Pnueli as a logic to express properties over the computations of reactive systems. Since this seminal work, there have been a large number of papers that have studied deductive systems and algorithmic methods to reason about the correctness of reac ..."
Abstract

Cited by 13 (8 self)
 Add to MetaCart
The linear temporal logic (LTL) was introduced by Pnueli as a logic to express properties over the computations of reactive systems. Since this seminal work, there have been a large number of papers that have studied deductive systems and algorithmic methods to reason about the correctness of reactive programs with regard to LTL properties. In this paper, we propose new efficient algorithms for LTL satisfiability and modelchecking. Our algorithms do not construct nondeterministic automata from LTL formulas but work directly with alternating automata using efficient exploration techniques based on antichains.
SALT  Structured Assertion Language for Temporal Logic
, 2006
"... This paper presents Salt. Salt is a general purpose specification and assertion language developed for creating concise temporal specifications to be used in industrial verification environments. It incorporates ideas of existing approaches, such as specification patterns, but also provides nested s ..."
Abstract

Cited by 6 (5 self)
 Add to MetaCart
This paper presents Salt. Salt is a general purpose specification and assertion language developed for creating concise temporal specifications to be used in industrial verification environments. It incorporates ideas of existing approaches, such as specification patterns, but also provides nested scopes, exceptions, support for regular expressions and realtime. The latter is needed in particular for verification tasks to do with reactive systems imposing strict execution times and deadlines.
Runtime Verification Revisited
, 2005
"... In this paper, we address a typical obstacle in runtime verification of linear temporal logic (LTL) formulae: standard models of linear temporal logic are infinite traces, whereas runtime verification has to deal with only finite system behaviours. This problem is usually addressed by defining an L ..."
Abstract

Cited by 5 (4 self)
 Add to MetaCart
(Show Context)
In this paper, we address a typical obstacle in runtime verification of linear temporal logic (LTL) formulae: standard models of linear temporal logic are infinite traces, whereas runtime verification has to deal with only finite system behaviours. This problem is usually addressed by defining an LTL semantics for finite traces, which, however, does usually not fit well to the infinite trace semantics. We define a 3valued semantics (true, false, inconclusive) for LTL on finite traces that resembles the infinite trace semantics in a preferable manner. Furthermore, we describe how to construct, given an LTL formula, a (deterministic) finite state machine with three output symbols. This automaton reads finite traces and yields their 3valued LTL semantics. Thus, it can directly be deployed for runtime verification. Our concepts are first developed in the setting of LTL and then extended to the timed case for which a linear realtime logic, abbreviated as TLTL, is considered. Consequently, for a TLTL formula a monitor is constructed that operates over finite timed traces. We have implemented the untimed setting and validated our whole approach by examining a realworld case study.