|
|
Line 1: |
Line 1: |
| {{more footnotes|date=January 2011}}
| |
|
| |
|
| In [[logic]], '''linear temporal logic''' or '''linear-time temporal logic'''<ref>Logic in Computer Science: Modelling and Reasoning about Systems: page 175</ref><ref>[http://www-step.stanford.edu/tutorial/temporal-logic/temporal-logic.html Linear-time Temporal Logic]</ref> ('''LTL''') is a [[modal logic|modal]] [[temporal logic]] with modalities referring to time. In LTL, one can encode formulae about the future of [[path (graph theory)|paths]], e.g., a condition will eventually be true, a condition will be true until another fact becomes true, etc. It is a fragment of the more complex [[CTL*]], which additionally allows branching time and quantifiers. Subsequently LTL is sometimes called ''propositional temporal logic'', abbreviated ''PTL''.<ref name="Gabbay2003">{{cite book|author=[[Dov M. Gabbay]], A. Kurucz, F. Wolter, M. Zakharyaschev|title=Many-dimensional modal logics: theory and applications|url=http://books.google.com/books?id=P8jZwiExZYEC&pg=PA46|year=2003|publisher=Elsevier|isbn=978-0-444-50826-3|page=46}}</ref>
| |
| Linear temporal logic (LTL) is a fragment of S1S.
| |
|
| |
|
| LTL was first proposed for the [[formal verification]] of computer programs by [[Amir Pnueli]] in 1977.<ref>[[Amir Pnueli]], The temporal logic of programs. ''Proceedings of the 18th Annual Symposium on Foundations of Computer Science (FOCS)'', 1977, 46–57. {{doi|10.1109/SFCS.1977.32}}</ref>
| | Love Seibert is the title my [http://Photo.net/gallery/tag-search/search?query_string=parents parents] gave me and I love it. Dispatching is how he supports his family. Hawaii is the only place I've been residing in. I am truly fond of bottle tops [http://www.adobe.com/cfusion/search/index.cfm?term=&gathering&loc=en_us&siteSection=home gathering] and now I'm trying to make cash with it. I've been operating on my web site for some time now. Check it out right here: http://isa-ly.blogspot.fr/2013/10/gribouillis-de-carnet.html<br><br>Have a look at my page :: [http://isa-ly.blogspot.fr/2013/10/gribouillis-de-carnet.html nya online svenska casino på nätet] |
| | |
| ==Syntax==
| |
| LTL is built up from a finite set of [[propositional variable]]s ''AP'', the [[logical connective|logical operators]] ¬ and ∨, and the [[Temporal logic|temporal]] [[modal operator]]s '''X''' (some literature uses '''O''' or '''N''') and '''U'''.
| |
| Formally, the set of LTL formulas over ''AP'' is inductively defined as follows:
| |
| * if p ∈ ''AP'' then p is a LTL formula;
| |
| * if ψ and φ are LTL formulas then ¬ψ, φ ∨ ψ, '''X''' ψ, and φ '''U''' ψ are LTL formulas.<ref>Sec. 5.1 of Christel Baier and Joost-Pieter Katoen, Principles of Model Checking, MIT Press [http://mitpress.mit.edu/catalog/item/default.asp?tid=11481&ttype=2]</ref>
| |
| | |
| '''X''' is read as ne'''x'''t and '''U''' is read as '''u'''ntil.
| |
| Other than these fundamental operators, there are additional logical and temporal operators defined in terms of the fundamental operators to write LTL formulas succinctly.
| |
| The additional logical operators are ∧, →, ↔, '''true''', and '''false'''.
| |
| Following are the additional temporal operators.
| |
| | |
| *'''G''' for always ('''g'''lobally)
| |
| *'''F''' for eventually (in the '''f'''uture)
| |
| *'''R''' for '''r'''elease
| |
| *'''W''' for '''w'''eakly until
| |
| | |
| ==Semantics==
| |
| | |
| An LTL formula can be ''[[satisfiability|satisfied]]'' by an infinite sequence of truth evaluations of variables in ''AP''.
| |
| These sequences can be viewed as a word on a path of a [[Kripke structure]] (an [[ω-language|ω-word]] over alphabet 2<sup>''AP''</sup>).
| |
| Let ''w'' = a<sub>0</sub>,a<sub>1</sub>,a<sub>2</sub>,... be such an ω-word. Let ''w''(i) = a<sub>i</sub>. Let ''w''<sup>i</sup> = a<sub>i</sub>,a<sub>i+1</sub>,..., which is a suffix of ''w''. Formally, the satisfaction relation <math>\vDash</math> between a word and an LTL formula is defined as follows:
| |
| * ''w'' <math>\vDash</math> p if p ∈ ''w''(0)
| |
| * ''w'' <math>\vDash</math> ¬ψ if ''w'' <math>\nvDash</math> ψ
| |
| * ''w'' <math>\vDash</math> φ ∨ ψ if ''w'' <math>\vDash</math> φ or ''w'' <math>\vDash</math> ψ
| |
| * ''w'' <math>\vDash</math> '''X''' ψ if ''w''<sup>1</sup> <math>\vDash</math> ψ (in the ne'''x'''t time step ψ must be true)
| |
| * ''w'' <math>\vDash</math> φ '''U''' ψ if there exists i ≥ 0 such that ''w''<sup>i</sup> <math>\vDash</math> ψ and for all 0 ≤ k < i, ''w''<sup>k</sup> <math>\vDash</math> φ (φ must remain true '''u'''ntil ψ becomes true)
| |
| | |
| We say an ω-word ''w'' satisfies LTL formula ψ when ''w'' <math>\vDash</math> ψ.
| |
| The [[ω-language]] ''L''(ψ) defined by ψ is {''w'' | ''w'' <math>\vDash</math> ψ}, which is the set of ω-words that satisfy ψ.
| |
| A formula ψ is ''satisfiable'' if there exist a ω-word ''w'' such that ''w'' <math>\vDash</math> ψ.
| |
| A formula ψ is ''valid'' if for each ω-word ''w'' over alphabet 2<sup>''AP''</sup>, ''w'' <math>\vDash</math> ψ.
| |
| | |
| The additional logical operators are defined as follows:
| |
| * φ ∧ ψ ≡ ¬(¬φ ∨ ¬ψ)
| |
| * φ → ψ ≡ ¬φ ∨ ψ
| |
| * φ ↔ ψ ≡ (φ → ψ) ∧ ( ψ → φ)
| |
| * '''true''' ≡ p ∨ ¬p, where p ∈ ''AP''
| |
| * '''false''' ≡ ¬'''true'''
| |
| The additional temporal operators '''R''', '''F''', and '''G''' are defined as follows:
| |
| * φ '''R''' ψ ≡ ¬(¬φ '''U''' ¬ψ) ( ψ remains true until once φ becomes true. φ may never become true)
| |
| *'''F''' ψ ≡ '''true''' '''U''' ψ (eventually ψ becomes true)
| |
| *'''G''' ψ ≡ '''false''' '''R''' ψ ≡ ¬'''F''' ¬ψ (ψ always remains true)
| |
| | |
| ;Weak until
| |
| Some authors also define a ''weak until'' binary operator, denoted '''W''', with semantics similar to that of the until operator but the stop condition is not required to occur (similar to release).<ref>Sec. 5.1.5 "Weak Until, Release, and Positive Normal Form" of Principles of Model Checking.</ref> It is sometimes useful since both '''U''' and '''R''' can be defined in terms of the weak until:
| |
| * φ '''W''' ψ ≡ (φ '''U''' ψ) ∨ '''G''' φ ≡ φ '''U''' (ψ ∨ '''G''' φ) ≡ ψ '''R''' (ψ ∨ φ)
| |
| * φ '''U''' ψ ≡ '''F'''ψ ∧ (φ '''W''' ψ)
| |
| * φ '''R''' ψ ≡ ψ '''W''' (ψ ∧ φ)
| |
| | |
| The semantics for the temporal operators are pictorially presented as follows.
| |
| | |
| {| border="1" align="center"
| |
| |-
| |
| !Textual
| |
| !Symbolic†
| |
| !Explanation
| |
| !Diagram
| |
| |-
| |
| | colspan="4" | [[Unary operation|Unary operators]]:
| |
| |-
| |
| |'''X''' <math>\phi</math>
| |
| |<math>\bigcirc \phi</math>
| |
| |ne'''X'''t: <math>\phi</math> has to hold at the next state.
| |
| |[[File:Ltlnext.png|LTL next operator]]
| |
| |-
| |
| |'''G''' <math>\phi</math>
| |
| |<math>\Box \phi</math>
| |
| |'''G'''lobally: <math>\phi</math> has to hold on the entire subsequent path.
| |
| |[[File:Ltlalways.png|LTL always operator]]
| |
| |-
| |
| |'''F''' <math>\phi</math>
| |
| |<math>\Diamond \phi</math>
| |
| |'''F'''inally: <math>\phi</math> eventually has to hold (somewhere on the subsequent path).
| |
| |[[File:Ltlevently.png|LTL eventually operator]]
| |
| |-
| |
| | colspan="4" | [[Binary operator]]s:
| |
| |-
| |
| |<math>\psi</math> '''U''' <math>\phi</math>
| |
| |<math>\psi\mathcal{U}\phi</math>
| |
| |'''U'''ntil: <math>\psi</math> has to hold ''at least'' until <math>\phi</math>, which holds at the current or a future position.
| |
| |[[File:Ltluntil.png|LTL until operator]]
| |
| |-
| |
| |<math>\psi</math> '''R''' <math>\phi</math>
| |
| |<math>\psi\mathcal{R}\phi</math>
| |
| |'''R'''elease: <!-- <math>\psi</math> releases <math>\phi</math> if --> <math>\phi</math> has to be true until and including the point where <math>\psi</math> first becomes true; if <math>\psi</math> never becomes true, <math>\phi</math> must remain true forever.
| |
| |[[File:Ltlrelease1.png|LTL release operator (which stops)]]<br />
| |
| [[File:Ltlrelease2.png|LTL release operator (which does not stop)]]
| |
| |}
| |
| | |
| †The symbols are used in the literature to denote these operators.
| |
| | |
| ==Equivalences==
| |
| Let Φ, ψ, and ρ be LTL formulas. The following tables list some of the useful equivalences which extend standard equivalences among the usual logical operators.
| |
| | |
| {| class="wikitable"
| |
| |-
| |
| ! colspan="3" | Distributivity
| |
| |-
| |
| | '''X''' (Φ ∨ ψ) ≡ ('''X''' Φ) ∨ ('''X''' ψ)|| '''X''' (Φ ∧ ψ)≡ ('''X''' Φ) ∧ ('''X''' ψ) || '''X''' (Φ '''U''' ψ)≡ ('''X''' Φ) '''U''' ('''X''' ψ)
| |
| |-
| |
| | '''F''' (Φ ∨ ψ) ≡ ('''F''' Φ) ∨ ('''F''' ψ)|| '''G''' (Φ ∧ ψ)≡ ('''G''' Φ) ∧ ('''G''' ψ) ||
| |
| |-
| |
| | ρ '''U''' (Φ ∨ ψ) ≡ (ρ '''U''' Φ) ∨ (ρ '''U''' ψ)|| (Φ ∧ ψ) '''U''' ρ ≡ (Φ '''U''' ρ) ∧ (ψ '''U''' ρ) ||
| |
| |}
| |
| | |
| {| class="wikitable"
| |
| |-
| |
| ! colspan="3" | Negation propagation
| |
| |-
| |
| | ¬'''X''' Φ ≡ '''X''' ¬Φ || ¬'''G''' Φ ≡ '''F''' ¬Φ || ¬'''F''' Φ ≡ '''G''' ¬Φ
| |
| |-
| |
| | ¬ (Φ '''U''' ψ) ≡ (¬Φ '''R''' ¬ψ) || ¬ (Φ '''R''' ψ) ≡ (¬Φ '''U''' ¬ψ) ||
| |
| |}
| |
|
| |
| {| class="wikitable"
| |
| |-
| |
| ! colspan="3" | Special Temporal properties
| |
| |-
| |
| | '''F''' Φ ≡ '''F''' '''F''' Φ || '''G''' Φ ≡ '''G''' '''G''' Φ || Φ '''U''' ψ ≡ Φ '''U''' (Φ '''U''' ψ)
| |
| |-
| |
| | Φ '''U''' ψ ≡ ψ ∨ ( Φ ∧ '''X'''(Φ '''U''' ψ) ) || Φ '''W''' ψ ≡ ψ ∨ ( Φ ∧ '''X'''(Φ '''W''' ψ) ) || Φ '''R''' ψ ≡ ψ ∧ (Φ ∨ '''X'''(Φ '''R''' ψ) )
| |
| |-
| |
| | '''G''' Φ ≡ Φ ∧ '''X'''('''G''' Φ) ||'''F''' Φ ≡ Φ ∨ '''X'''('''F''' Φ) ||
| |
| |}
| |
| | |
| ==Negation normal form==
| |
| | |
| All the formulas of LTL can be transformed into ''negation normal form'', where
| |
| * all negations appear only in front of the atomic propositions,
| |
| * only other logical operators '''true''', '''false''', ∧, and ∨ can appear, and
| |
| * only the temporal operators '''X''', '''U''', and '''R''' can appear.
| |
| Using the above equivalences for negation propagation, it is possible to derive the normal form. This normal form allows '''R''', '''true''', '''false''', and ∧ to appear in the formula, which are not fundamental operators of LTL. Note that the transformation to the negation normal form does not blow up the size of the formula. This normal form is useful in [[Linear temporal logic to Büchi automaton|translation from LTL to Büchi automaton]].
| |
| | |
| ==Relations with other logics==
| |
| LTL can be shown to be equivalent to the [[monadic first-order logic of order]], FO[<]—a result known as [[Kamp's theorem]]—<ref>http://books.google.com/books?id=TLpcI2axv8kC&pg=PA22</ref> or equivalently [[star-free language]]s.<ref>{{cite book|editor=Orna Grumberg, Helmut Veith|title=25 years of model checking: history, achievements, perspectives|year=2008|publisher=Springer|isbn=978-3-540-69849-4|chapter=From [[Alonzo Church|Church]] and Prior to [[Property Specification Language|PSL]]|author=Moshe Y. Vardi}} [http://www.cs.rice.edu/~vardi/papers/25mc.ps.gz preprint]</ref>
| |
| | |
| [[Computation tree logic]] (CTL) and Linear temporal logic (LTL) are both a subset of [[CTL*]], but are not equivalent to each other. For example,
| |
| * No formula in CTL can define the language that is defined by the LTL formula '''F'''('''G''' p).
| |
| *No formula in LTL can define the language that is defined by the CTL formula '''AG'''( p → ('''EX'''q ∧ '''EX'''¬q) ).
| |
| However, a subset of CTL* exists that is a proper subset of both CTL and LTL.
| |
| | |
| ==Applications==
| |
| | |
| ;Automata theoretic Linear temporal logic model checking
| |
| An important way to model check is to express desired properties (such as the ones described above) using LTL operators and actually check if the model satisfies this property. One technique is to obtain a [[Büchi automaton]] that is "equivalent" to the model and one that is "equivalent" to the negation of the property. The intersection of the two non-deterministic Büchi automata is empty if the model satisfies the property.<ref>Moshe Y. Vardi. ''An Automata-Theoretic Approach to Linear Temporal Logic.'' Proceedings of the 8th Banff Higher Order Workshop (Banff'94). Lecture Notes in Computer Science, vol. 1043, pp. 238--266, Springer-Verlag, 1996. ISBN 3-540-60915-6.</ref>
| |
| | |
| ;Expressing important properties in formal verification
| |
| There are two main types of properties that can be expressed using linear temporal logic: '''[[Safety (temporal property)|safety]]''' properties usually state that ''something bad never happens'' ('''G'''<math>\neg</math><math>\phi</math>), while '''[[liveness]]''' properties state that ''something good keeps happening'' ('''GF'''<math>\psi</math> or '''G'''<math>(\phi \rightarrow</math>'''F'''<math>\psi)</math>).{{citation needed|date=January 2011}} More generally: Safety properties are those for which every [[counterexample]] has a finite prefix such that, however it is extended to an infinite path, it is still a counterexample. For liveness properties, on the other hand, every finite prefix of a counterexample can be extended to an infinite path that satisfies the formula.
| |
| | |
| ;Specification language
| |
| One of the applications of linear temporal logic is the specification of [[preference]]s in the [[Planning Domain Definition Language]] for the purpose of [[preference-based planning]].{{citation needed|date=January 2011}}
| |
| | |
| ==See also==
| |
| {{Commons category}}
| |
| *[[Action language]]
| |
| | |
| ==References==
| |
| {{reflist}}
| |
| | |
| ;External links
| |
| * [http://www.dcs.qmul.ac.uk/~pm/SaR/2004ltl.pdf A presentation of LTL]
| |
| * [http://www.cmi.ac.in/~madhavan/papers/isical97.html Linear-Time Temporal Logic and Büchi Automata]
| |
| *[http://www.inf.unibz.it/~artale/FM/slide3.pdf LTL Teaching slides] of professor [[Alessandro Artale]] at the [[Free University of Bozen-Bolzano]]
| |
| *[http://spot.lip6.fr/wiki/LtlTranslationAlgorithms LTL to Buchi translation algorithms] a genealogy, from the website of [http://spot.lip6.fr/ Spot] a library for model-checking.
| |
| | |
| [[Category:1977 works]]
| |
| [[Category:Temporal logic]]
| |