Results 1 
9 of
9
Simulating reachability using firstorder logic with applications to verification of linked data structures
 In CADE20
, 2005
"... This paper shows how to harness existing theorem provers for firstorder logic to automatically verify safety properties of imperative programs that perform dynamic storage allocation and destructive updating of pointervalued structure fields. One of the main obstacles is specifying and proving the ..."
Abstract

Cited by 35 (7 self)
 Add to MetaCart
This paper shows how to harness existing theorem provers for firstorder logic to automatically verify safety properties of imperative programs that perform dynamic storage allocation and destructive updating of pointervalued structure fields. One of the main obstacles is specifying and proving the (absence) of reachability properties among dynamically allocated cells. The main technical contributions are methods for simulating reachability in a conservative way using firstorder formulas—the formulas describe a superset of the set of program states that can actually arise. These methods are employed for semiautomatic program verification (i.e., using programmersupplied loop invariants) on programs such as markandsweep garbage collection and destructive reversal of a singly linked list. (The markandsweep example has been previously reported as being beyond the capabilities of ESC/Java.) 1
Reachability in Petri Nets with Inhibitor arcs
, 2004
"... We define 2 operators on relations over natural numbers such that they generalize the operators '+' and '*' and show that the membership and emptiness problem of relations constructed from finite relations with these operators and is decidable. This generalizes Presburger arithmetics and allows to ..."
Abstract

Cited by 15 (0 self)
 Add to MetaCart
We define 2 operators on relations over natural numbers such that they generalize the operators '+' and '*' and show that the membership and emptiness problem of relations constructed from finite relations with these operators and is decidable. This generalizes Presburger arithmetics and allows to decide the reachability problem for those Petri nets where inhibitor arcs occur only in some restricted way. Especially the reachability problem is decidable for Petri nets with only one inhibitor arc, which solves an open problem in [KLM89] . Furthermore we describe the corresponding automaton having a decidable emptiness problem. 1
Model checking synchronized products of infinite transition systems
 in: Proc. 19th LICS, IEEE Comp. Soc
, 2004
"... Abstract. Formal verification using the model checking paradigm has to deal with two aspects: The system models are structured, often as products of components, and the specification logic has to be expressive enough to allow the formalization of reachability properties. The present paper is a study ..."
Abstract

Cited by 14 (2 self)
 Add to MetaCart
Abstract. Formal verification using the model checking paradigm has to deal with two aspects: The system models are structured, often as products of components, and the specification logic has to be expressive enough to allow the formalization of reachability properties. The present paper is a study on what can be achieved for infinite transition systems under these premises. As models we consider products of infinite transition systems with different synchronization constraints. We introduce finitely synchronized transition systems, i.e. product systems which contain only finitely many (parameterized) synchronized transitions, and show that the decidability of FO(R), firstorder logic extended by reachability predicates, of the product system can be reduced to the decidability of FO(R) of the components. This result is optimal in the following sense: (1) If we allow semifinite synchronization, i.e. just in one component infinitely many transitions are synchronized, the FO(R)theory of the product system is in general undecidable. (2) We cannot extend the expressive power of the logic under consideration. Already a weak extension of firstorder logic with transitive closure, where we restrict the transitive closure operators to arity one and nesting depth two, is undecidable for an asynchronous (and hence finitely synchronized) product, namely for the infinite grid. 1.
Constructibility and Decidability versus Domain Independence and Absoluteness
"... We develop a unified framework for dealing with constructibility and absoluteness in set theory, decidability of relations in effective structures (like the natural numbers), and domain independence of queries in database theory. Our framework and results suggest that domainindependence and absolut ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
We develop a unified framework for dealing with constructibility and absoluteness in set theory, decidability of relations in effective structures (like the natural numbers), and domain independence of queries in database theory. Our framework and results suggest that domainindependence and absoluteness might be the key notions in a general theory of constructibility, predicativity, and computability. 1
Safety Signatures for Firstorder Languages and Their Applications
 In FirstOrder Logic Revisited (Hendricks et all,, eds.), 3758, Logos Verlag
, 2004
"... ..."
A New Approach to Predicative Set Theory
"... We suggest a new basic framework for the WeylFeferman predicativist program by constructing a formal predicative set theory PZF which resembles ZF. The basic idea is that the predicatively acceptable instances of the comprehension schema are those which determine the collections they define in an a ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
We suggest a new basic framework for the WeylFeferman predicativist program by constructing a formal predicative set theory PZF which resembles ZF. The basic idea is that the predicatively acceptable instances of the comprehension schema are those which determine the collections they define in an absolute way, independent of the extension of the “surrounding universe”. This idea is implemented using syntactic safety relations between formulas and sets of variables. These safety relations generalize both the notion of domainindependence from database theory, and Godel notion of absoluteness from set theory. The language of PZF is typefree, and it reflects real mathematical practice in making an extensive use of statically defined abstract set terms. Another important feature of PZF is that its underlying logic is ancestral logic (i.e. the extension of FOL with a transitive closure operation). 1
A Framework for Formalizing Set Theories Based on the Use of Static Set Terms
"... To Boaz Trakhtenbrot: a scientific father, a friend, and a great man. Abstract. We present a new unified framework for formalizations of axiomatic set theories of different strength, from rudimentary set theory to full ZF. It allows the use of set terms, but provides a static check of their validity ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
To Boaz Trakhtenbrot: a scientific father, a friend, and a great man. Abstract. We present a new unified framework for formalizations of axiomatic set theories of different strength, from rudimentary set theory to full ZF. It allows the use of set terms, but provides a static check of their validity. Like the inconsistent “ideal calculus ” for set theory, it is essentially based on just two settheoretical principles: extensionality and comprehension (to which we add ∈induction and optionally the axiom of choice). Comprehension is formulated as: x ∈{x  ϕ} ↔ϕ, where {x  ϕ} is a legal set term of the theory. In order for {x  ϕ} to be legal, ϕ should be safe with respect to {x}, where safety is a relation between formulas and finite sets of variables. The various systems we consider differ from each other mainly with respect to the safety relations they employ. These relations are all defined purely syntactically (using an induction on the logical structure of formulas). The basic one is based on the safety relation which implicitly underlies commercial query languages for relational database systems (like SQL). Our framework makes it possible to reduce all extensions by definitions to abbreviations. Hence it is very convenient for mechanical manipulations and for interactive theorem proving. It also provides a unified treatment of comprehension axioms and of absoluteness properties of formulas. 1
Some Remarks on the Definability of Transitive Closure in Firstorder Logic and Datalog
, 2004
"... In the last WSML phone conference we had a brief discussion about the expressivity of Firstorder Logic and Datalog resp. the relation between the expressiveness of those two languages. In particular, there has been some confusion around the description of the transitive closure R + of some binary r ..."
Abstract
 Add to MetaCart
In the last WSML phone conference we had a brief discussion about the expressivity of Firstorder Logic and Datalog resp. the relation between the expressiveness of those two languages. In particular, there has been some confusion around the description of the transitive closure R + of some binary relation R. In this short document, we want to clarify the situation and hope to remedy the confusion. 1 Starting point During the discussion in the last WSML phone conference the statement arose that Datalog with it’s particular semantics can express some things which can not be expressed in the Firstorder Logic (FOL) under the standard modeltheoretic (resp. Tarski) semantics [14]. As an example the transitive closure of a (binary) relation has been mentioned. Some people didn’t believe this claim because it’s a straightforward
Ancestral Arithmetic and Isaacson’s Thesis
, 2007
"... So the question naturally arises: what kinds of sentences belonging to PA’s language LA can we actually establish to be true even though they are unprovable in PA? There are two familiar classes of cases. First, there are sentences like the canonical Gödel sentence for PA. Second, there are sentence ..."
Abstract
 Add to MetaCart
So the question naturally arises: what kinds of sentences belonging to PA’s language LA can we actually establish to be true even though they are unprovable in PA? There are two familiar classes of cases. First, there are sentences like the canonical Gödel sentence for PA. Second, there are sentences like the arithmetization of Goodstein’s Theorem. In the first sort of case, we can come to appreciate the truth of the Gödelian undecidable sentences by reflecting on PA’s consistency or by coming to accept the instances of the Π1 reflection schema for PA. And those routes involve deploying ideas beyond those involved in accepting PA as true. To reason to the truth of the Gödel sentence, we need not just to be able to do basic arithmetic, but to be able to reflect on our practice. In the second sort of case, we come to appreciate the truth of the sentences which are undecidable in PA by deploying transfinite induction or other infinitary ideas. So the reasoning again involves ideas which go beyond what’s involved in grasping basic