Positive Hennessy-Milner Logic for Branching Bisimulation
2025-05-02
0
0
524.54KB
22 页
10玖币
侵权投诉
POSITIVE HENNESSY-MILNER LOGIC FOR BRANCHING
BISIMULATION
HERMAN GEUVERS aAND KOMI GOLOV a
Radboud University Nijmegen, The Netherlands
e-mail address: herman@cs.ru.nl, a.golov@math.ru.nl
Abstract.
Labelled transitions systems can be studied in terms of modal logic and in
terms of bisimulation. These two notions are connected by Hennessy-Milner theorems,
that show that two states are bisimilar precisely when they satisfy the same modal logic
formulas. Recently, apartness has been studied as a dual to bisimulation, which also gives
rise to a dual version of the Hennessy-Milner theorem: two states are apart precisely when
there is a modal formula that distinguishes them.
In this paper, we introduce “directed” versions of Hennessy-Milner theorems that
characterize when the theory of one state is included in the other. For this we introduce
“positive modal logics” that only allow a limited use of negation. Furthermore, we introduce
directed notions of bisimulation and apartness, and then show that, for this positive modal
logic, the theory of
s
is included in the theory of
t
precisely when
s
is directed bisimilar to
t
.
Or, in terms of apartness, we show that
s
is directed apart from
t
precisely when the theory
of
s
is not included in the theory of
t
. From the directed version of the Hennessy-Milner
theorem, the original result follows.
In particular, we study the case of branching bisimulation and Hennessy-Milner Logic
with Until (HMLU) as a modal logic. We introduce “directed branching bisimulation” (and
directed branching apartness) and “Positive Hennessy-Milner Logic with Until” (PHMLU)
and we show the directed version of the Hennessy-Milner theorems. In the process, we
show that every HMLU formula is equivalent to a Boolean combination of Positive HMLU
formulas, which is a very non-trivial result. This gives rise to a sublogic of HMLU that is
equally expressive but easier to reason about.
Concurrent systems are usually modeled as labelled transition systems (LTS), where a
labelled transition step takes one from one state to the other in a non-deterministic way.
Two states in such a system are considered equivalent in case the same labelled transitions
can be taken to equivalent states. This is captured via the notion of bisimulation, which is a
type of observable equality: two states are bisimilar if we can make the same observations
on them, where the observations are the labelled transitions to equivalent states.
Often it is the case that some transitions cannot be observed and then they are modeled
via a silent step, also called a
τ
-step, denoted by
t→τs
. The notion of bisimulation should
take this into account and abstract away from the silent steps. This leads to a notion of weak
bisimulation (as opposed to strong bisimulation, where all steps are observable). In [
vGW89
]
(and the later full version [
vGW96
]) it has been noticed that weak bisimulation ignores the
branching in an LTS that can be caused by silent steps, and that is undesirable. Therefore
Key words and phrases: bisimulation apartness concurrency.
Preprint submitted to
Logical Methods in Computer Science
© H. Geuvers and K. Golov
CC
⃝Creative Commons
arXiv:2210.07380v3 [cs.LO] 22 Oct 2024
2 H. GEUVERS AND K. GOLOV
the notion of branching bisimulation has been developed, which ignores the silent steps while
taking into account their branching behavior. Branching bisimulation has been studied a lot
as it is the finest equivalence in the well-known “van Glabbeek spectrum” [
vG93
]. Various
algorithms have been developed for checking branching bisimulation and various tools have
been developed that verify branching bisimulation for large systems [GV90, JGKW20].
There is a well-known connection between notions of bisimulation and various modal
logics, first discovered by Hennessy and Milner [
HM85
] for strong bisimulation, and then
extended to weak and branching bisimulation by De Nicola and Vaandrager [
dNV95
]. Let
↔
be a bisimilarity relation, and let
Th
(
s
) be the set of formulas in some modal logic that
are true in
s
. A Hennessy-Milner theorem is a theorem relating the bisimulation and the
logic by showing that two states are bisimilar precisely when their theories coincide:
s↔t⇐⇒ Th(s) = Th(t).
Hennessy and Milner proved such a theorem for Hennessy-Milner Logic and strong
bisimulation, while De Nicola and Vaandrager extended this to Hennessy-Milner Logic
1
and
weak bisimulation, and Hennessy-Milner Logic with Until and branching bisimulation.
In this paper, we explore what a directed variant of such a theorem would look like by
considering what form of “directed bisimulation” relation corresponds to inclusion of theories.
Hennessy-Milner logics typically have negation, so if the theory of one state is included in
the other, then they are equal. As a consequence, Hennessy-Milner logics typically do not
permit non-trivial inclusions of theories, so we must first replace the logic with a positive
version. Writing
→
for our new relation and
ThP
(
s
) for the theory of
s
in this new, positive,
logic, we prove the property
s→t⇐⇒ ThP(s)⊆ThP(t).(0.1)
Our constructions ensure that
s↔t
precisely when
s→t
and
t→s
, and that
ThP
(
s
) =
ThP
(
t
) precisely when
Th
(
s
) =
Th
(
t
). The undirected Hennessy-Milner theorem
is thus an immediate consequence of our directed variant.
Our proof of Equation (0.1) uses the notion of apartness, which is the dual notion of
bisimulation, studied previously by Geuvers and Jacobs [
GJ21
]. Two states are bisimilar
precisely when they are not apart. The property we prove is thus
s#> t ⇐⇒ ∃φ. φ ∈ThP(s)−ThP(t),(0.2)
where φis called the distinguishing formula.
Unlike bisimulation, apartness is an inductive notion, meaning that we can perform our
proofs by an induction on the derivation of an apartness. It turns out that the structure of
this derivation closely mirrors the distinguishing formula, making the proof straightforward.
This was previously shown by Geuvers in relation to strong and weak bisimulation in [
Geu22
],
but a straightforward inductive proof does not work in the branching setting when the logic
includes an until operator.
In this paper we study the directed constructions for branching bisimulation. Concretely,
we define and study (Section 2) a logic PHMLU of Positive Hennessy-Milner Logic with
Until formulas (Subsection 2.1), as well as a directed branching bisimulation relation
→db
(Subsection 2.2) and a directed branching apartness relation
#>db
(Subsection 2.3). We
then show that Equation (0.2) (for PHMLU and branching apartness) holds, and from that
we conclude that Equation (0.1) holds as well. There are differences between HMLU and
1This involved modifying the semantics to account for silent steps.
POSITIVE HENNESSY-MILNER LOGIC FOR BRANCHING BISIMULATION 3
PHMLU that make it far from obvious that the logics are equally powerful. We show that
the logics are equivalent in which states they distinguish, and moreover we show that every
HMLU formula is equivalent to a Boolean combination of PHMLU formulas (Subsection 2.1).
This gives rise to a logic that is equally expressive as HMLU, but for which the satisfaction
relation is simpler.
To introduce the directed versions of bisimulation and apartness, and the corresponding
positive modal logics, we will first start from the simpler setting of strong bisimulation
and standard Hennessy-Milner Logic in Section 1. Here the construction and the proofs
are rather straightforward, but it also suggests that a ‘directed approach’ to bisimulation,
combined with a positive version of Hennessy-Milner logic and the use of apartness, should
be applicable to other notions of bisimulation. For weak bisimulation, this is the case, which
we have verified, but not included in the present paper.
Throughout this paper, we will work in a fixed labelled transition system (LTS) (
X, A, →
),
consisting of a set of states
X
, a set of actions
A
, possibly with a silent action
τ̸∈ A
, and a
transition relation
→a
for every
a∈A
(and for
τ
, if applicable). Following [
GJ21
], we will
use
α
to denote an arbitrary action from
A∪ {τ}
,
a
to denote an arbitrary non-silent action
(so
a∈A
), and use
↠α
to denote the transitive reflexive closure of
→α
. We use
→(α)
as a
shorthand for →aif α=a̸=τ, and for the reflexive closure of →τif α=τ.
We would like to thank Jan Friso Groote and Jurriaan Rot for discussions on the topic
of this paper.
1. Hennessy-Milner Logic and Strong Bisimulation
Definition 1.1. Alabelled transition system (LTS) is a tuple (
X, A, →
), where
X
is a set
of states,
A
is a set of actions and for every
a∈A
,
→a
is a binary relation on
X
. When
s→atholds, we say that s a-steps to t.
An LTS is image-finite if for all s∈Xand a∈A, the set {t∈X|s→aq}is finite.
We will be particularly interested in image-finite LTSs, since the logics we study are
finitary. We can characterize states in an LTS using Hennessy-Milner Logic (HML).
Definition 1.2. The formulas of HML are given inductively by the following definition:
φ:= ⊤ | ¬φ|φ1∧φ2| ⟨a⟩φ.
We say that a formula of the form
⟨a⟩φ
is a modal formula. We use
⊥
as a shorthand
for
¬⊤
and
φ1∨φ2
as a shorthand for
¬
(
¬φ1∧ ¬φ2
). The modality binds weakly;
⟨a⟩φ∧ψ
denotes ⟨a⟩(φ∧ψ).
Definition 1.3. The relation s⊨φis defined inductively by the following rules:
s⊨⊤always s⊨φ1∧φ2⇔s⊨φ1and s⊨φ2
s⊨¬φ⇔s̸⊨φ s ⊨⟨a⟩φ⇔ ∃s′. s →as′∧s′⊨φ.
Given a state
s
we define
Th
(
s
) :=
{φ∈HML |s⊨φ}
, the set of HML formulas true in
s
. We call a formula in
Th
(
s
)
−Th
(
t
) or
Th
(
t
)
−Th
(
s
) a distinguishing formula for
s
and
t
.
To compare two states, one considers if they can recursively simulate one another. This
notion is known as bisimulation.
4 H. GEUVERS AND K. GOLOV
Definition 1.4. A symmetric relation
R
is a strong bisimulation if whenever
R
(
s, t
) and
s→as′, there exists some t′such that R(s′, t′) and t→at′.
We say two states are strongly bisimilar (notation
s↔st
) if there exists a strong
bisimulation that relates them.
A key result of Hennessy and Milner [
HM85
] is that these two views of labelled transition
systems are related in the following sense:
Theorem 1.5 [
HM85
].In an image-finite LTS, two states
s
and
t
are strongly bisimilar
precisely when they satisfy the same HML formulas; that is,
s↔st⇔Th(s) = Th(t).
We are interested in a similar theorem that considers inclusion of theories rather than
equality. However, in the context of Hennessy-Milner Logic such a theorem would not be
meaningfully different, since the presence of negation gives us the following result:
Proposition 1.6. If Th(s)⊆Th(t), then Th(s) = Th(t).
Proof.
Suppose, on the contrary, that there is some
φ∈Th
(
t
)
−Th
(
s
). Then
¬φ∈Th
(
s
)
⊆
Th(t), hence t⊨φand t⊨¬φ, a contradiction.
We will thus introduce Positive Hennessy-Milner Logic (PHML), where negation is only
permitted under a modality.2
Definition 1.7. The formulas of PHML are given inductively by the following definition:
φ:= ⊤ | ⊥ | φ1∧φ2|φ1∨φ2| ⟨a⟩(φ1∧ ¬φ2).
We view a formula of PHML as also being a formula of HML, and can thus reuse
the semantics from Definition 1.3. We define
ThP
(
s
) :=
{φ∈PHML |s⊨φ}
. We call a
φ∈ThP(s)−ThP(t) a positive distinguishing formula for sand t.
There are various syntactic classes related to PHML that will be useful for our proofs,
and for these we introdice some special notation.
Notation 1.8.
• ±PHML denotes the set of PHML formulas and their negations.
•V±PHML denotes the set of conjunctions of ±PHML formulas.
•
Given a formula
φ∈V±PHML
, we will use
φ+
and
φ−
to refer to the PHML formulas
such that φis equivalent to φ+∧ ¬φ−.
So
φ+
is the conjunction of all ‘positive’ conjuncts of
φ
, the positive segment of
φ
, and
φ−
is the disjunction of
ψ
for every ‘negative’ conjunct
¬ψ
of
φ
, the negative segment of
φ
.
Concretely, for
φ∈V±PHML
with
φ
=
φ1∧φ2∧ ¬φ3∧ ¬φ4
, we have
φ+
=
φ1∧φ2
and
φ−
=
φ3∨φ4
, and so
φ
is equivalent to
φ+∧ ¬φ−
. We write
⟨a⟩φ
for
⟨a⟩φ+∧ ¬φ−
. Recall
that by our conventions, this is read as ⟨a⟩(φ+∧ ¬φ−).
Example 1.9. If we consider PHML, we can have non-trivial inclusion of theories. This is
illustrated by the following LTS.
2
Prohibiting negation entirely would produce a logic that is too weak; it would correspond to simulation.
Two states simulating each other is weaker than two states being bisimilar, while we require that two states
directed bisimulating each other be equivalent to the states being bisimilar.
POSITIVE HENNESSY-MILNER LOGIC FOR BRANCHING BISIMULATION 5
st
r
a
aa
In this LTS, we have
ThP
(
r
)
⊊ThP
(
t
)
⊊ThP
(
s
). Examples of PHML formulas that
distinguish s,tand rare the following.
• ⟨a⟩⟨a⟩⊤, which holds in sbut not in tand r.
• ⟨a⟩¬⟨a⟩⊤ and ⟨a⟩⊤, which hold in sand t, but not in r
Note that
⟨a⟩⊥
does not hold in any state, but for different reasons: in
r
there is no
a
-step
possible, whereas in
s
and
t
there is an
a
-step possible, but not to a state where
⊥
holds
(because ⊥never holds).
Theorem 1.10. Every HML formula
φ
is equivalent to a disjunction of
V±PHML
formulas.
Proof.
The proof proceeds by induction on
φ
. We treat the cases for
φ
being a negation
and for φbeing a modality.
Suppose that
φ
=
¬ψ
, then by induction there is a formula
Wn
i=1
Ψ
i
equivalent to
ψ
and we write Ψ
i
= Ψ
+
i∧ ¬
Ψ
−
i
(for
i∈ {
1
, . . . , n}
). Then
φ
=
¬ψ
is equivalent to
Vn
i=1 ¬
(Ψ
+
i
)
∨
Ψ
−
i
. Note that Ψ
−
i∈PHML
, but
¬
(Ψ
+
i
) is a negation of a
PHML
-formula.
We can let
∧
distribute over
∨
and we find that
φ
is equivalent to a disjunction of
V±PHML
formulas.
Suppose that
φ
=
⟨a⟩ψ
, then by induction there is a formula
Wi∈I
Ψ
i
equivalent to
ψ
.
Since modality distributes over disjunction,
⟨a⟩Wi
Ψ
i
is equivalent to
Wi⟨a⟩
Ψ
i
, which is the
desired formula.
Corollary 1.11. For all states
s, t
, we have
Th
(
s
) =
Th
(
t
)precisely when
ThP
(
s
) =
ThP
(
t
).
Proof.
The left to right direction is easy:
ThP
(
s
) =
Th
(
s
)
∩PHML
, so
Th
(
s
) =
Th
(
t
) implies
ThP(s) = ThP(t).
In the other direction, suppose
ThP
(
s
) =
ThP
(
t
) and
φ∈Th
(
s
). By Theorem 1.10,
there is an equivalent formula
Wi
Ψ
i
where Ψ
i∈V±PHML
. As
s⊨φ
, there is some
i
such
that
s⊨
Ψ
i
. Writing Ψ
i
=
Vj
Ψ
+
j∧ ¬
Ψ
−
j
, we have that for all
j
,
s⊨
Ψ
+
j
and
s̸⊨
Ψ
−
j
. Since
each Ψ
+
j
and Ψ
−
j
is positive, it follows that
t⊨
Ψ
+
j
and
t̸⊨
Ψ
−
j
and thus
t⊨
Ψ
i
and
t⊨φ
, as
required.
This concludes our construction on the logic side. Let us now consider the bisimulation
side of the question.
Definition 1.12. A relation
R
is a directed strong bisimulation if whenever
R
(
s, t
) and
s→as′, there exists some t′such that t→at′and R(s′, t′) and R(t′, s′).
We say two states are directed strongly bisimilar (notation
s→ds t
) if there exists a
directed strong bisimulation that relates them.
Theorem 1.13. Two states are strongly bisimilar if and only if they are directed strongly
bisimilar in each direction.
Proof.
The left-to-right direction follows from the fact that every strong bisimulation is a
directed strong bisimulation. The other direction follows from
↔ds
itself being a strong
bisimulation.
摘要:
展开>>
收起<<
POSITIVEHENNESSY-MILNERLOGICFORBRANCHINGBISIMULATIONHERMANGEUVERSaANDKOMIGOLOVaRadboudUniversityNijmegen,TheNetherlandse-mailaddress:herman@cs.ru.nl,a.golov@math.ru.nlAbstract.Labelledtransitionssystemscanbestudiedintermsofmodallogicandintermsofbisimulation.ThesetwonotionsareconnectedbyHennessy-Miln...
声明:本站为文档C2C交易模式,即用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知玖贝云文库,我们立即给予删除!
相关推荐
-
架构演进:小米的经验分享VIP免费
2025-03-31 5 -
Massive particle interferometry with lattice solitons Piero Naldesi1Juan Polo2Peter D Drummond3Vanja Dunjko4Luigi Amico2Anna Minguzzi5and Maxim Olshanii4 1Université Grenoble-Alpes LPMMC F-38000 Grenoble
2025-05-02 0 -
Averaged Solar Torque Rotational Dynamics for Defunct Satellites Conor J. Bensonand Daniel J. Scheeres
2025-05-02 0 -
Preprint MASS M ULTI -ATTRIBUTE SELECTIVE SUPPRESSION Chun-Fu Richard Chen1 Shaohan Hu1 Zhonghao Shi12 Prateek Gulati13
2025-05-02 0 -
Preprint IN-CONTEXT REINFORCEMENT LEARNING WITH ALGORITHM DISTILLATION
2025-05-02 0 -
Portfolio optimization with discrete simulated annealing Álvaro Rubio-García1Juan José García-Ripoll1and Diego Porras1 1Instituto de Física Fundamental IFF-CSIC Serrano 113 28006 Madrid Spain
2025-05-02 0 -
Polynomial Equations Theory and Practice Simon Telen Abstract Solvingpolynomialequationsisasubtaskofpolynomialoptimization.This
2025-05-02 0 -
Polarization Spectroscopy of High-Order Harmonic Generation in Gallium Arsenide SHATHA KAASSAMANI1 THIERRY AUGUSTE1 NICOLAS
2025-05-02 0 -
Phase diagrams of lattice models on Cayley tree and chandelier network a review
2025-05-02 0 -
Performance of Quantum Preprocessing under Phase Noise Zuhra Amiri Boulat A. Bashy Janis N otzel
2025-05-02 0
分类:图书资源
价格:10玖币
属性:22 页
大小:524.54KB
格式:PDF
时间:2025-05-02
作者详情
相关内容
-
Portfolio optimization with discrete simulated annealing Álvaro Rubio-García1Juan José García-Ripoll1and Diego Porras1 1Instituto de Física Fundamental IFF-CSIC Serrano 113 28006 Madrid Spain
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
Polynomial Equations Theory and Practice Simon Telen Abstract Solvingpolynomialequationsisasubtaskofpolynomialoptimization.This
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
Polarization Spectroscopy of High-Order Harmonic Generation in Gallium Arsenide SHATHA KAASSAMANI1 THIERRY AUGUSTE1 NICOLAS
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
Phase diagrams of lattice models on Cayley tree and chandelier network a review
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
Performance of Quantum Preprocessing under Phase Noise Zuhra Amiri Boulat A. Bashy Janis N otzel
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
渝公网安备50010702506394
