A methodology for designing proof rules for fair parallel programs

We propose a methodology for designing sound and complete proof systems for proving progress properties of parallel programs under various fairness assumptions. Our methodology begins with a branching time temporal logic formula (CTL^*) formula that expresses progress under a fairness assumption. The next step obtains an equivalent fixpoint characterization of this CTL^* formula in the-calculus. The final step uses the fixpoint characterizations to extract proof systems for proving progress under the fairness constraint. The methodology guarantees that the proof rules so obtained are sound and relatively complete in the sense of Cook.     

A functional programming approach to the specification and verification of concurrent systems

Networks of communicating processes can be viewed as networks of stream transformers and programmed in a lazy functional language. Thus the correctness of concurrent systems can be reduced to the correctness of functional programs. In this paper such correctness is proved formally in the-calculus extended with recursion equations for functional programs. The-calculus is chosen since it allows the definition of properties by least fixed points (induction) as well as by greatest fixed points (coinduction), and since greatest fixed points are useful for formalising properties, such as fairness, of infinitely proceeding programs. Moreover, non-deterministic processes are represented as incompletely specified deterministic processes, that is, as properties of stream transformers. This method is illustrated by proving the correctness of the alternating bit protocol.     

From Pre-Historic to Post-Modern Symbolic Model Checking

Symbolic model checking, which enables the automatic verification of large systems, proceeds by calculating expressions that represent state sets. Traditionally, symbolic model-checking tools are based on backward state traversal; their basic operation is the function pre, which, given a set of states, returns the set of all predecessor states. This is because specifiers usually employ formalisms with future-time modalities, which are naturally evaluated by iterating applications of pre. It has been shown experimentally that symbolic model checking can perform significantly better if it is based, instead, on forward state traversal; in this case, the basic operation is the function post, which, given a set of states, returns the set of all successor states. This is because forward state traversal can ensure that only parts of the state space that are reachable from an initial state and relevant for the satisfaction or violation of the specification are explored; that is, errors can be detected as soon as possible.In this paper, we investigate which specifications can be checked by symbolic forward state traversal. We formulate the problems of symbolic backward and forward model checking by means of two -calculi. The pre- calculus is based on the pre operation, and the post- calculus is based on the post operation. These two -calculi induce query logics, which augment fixpoint expressions with a boolean emptiness query. Using query logics, we are able to relate and compare the symbolic backward and forward approaches. In particular, we prove that all -regular (linear-time) specifications can be expressed as post- queries, and therefore checked using symbolic forward state traversal. On the other hand, we show that there are simple branching-time specifications that cannot be checked in this way.     

脑基本机能联合区理论在智能机器人体系结构中的应用

文章剖析了A.P.Лурия提出的脑的三个基本机能联合区理论,基于该理论提出了智能机器人神经心理体系结构模型,并拓展了Rao和Georgeff的BDI逻辑,用于机器人的心理(心智)机制描述,基于CADCON的水下机器人三维仿真结果表明了该体系结构的可行性和有效性。     

The π-Calculus in Direct Style

We introduce a calculus which is a direct extension of both the and the calculi. We give a simple type system for it, that encompasses both Curry's type inference for the -calculus, and Milner's sorting for the -calculus as particular cases of typing. We observe that the various continuation passing style transformations for -terms, written in our calculus, actually correspond to encodings already given by Milner and others for evaluation strategies of -terms into the -calculus. Furthermore, the associated sortings correspond to well-known double negation translations on types. Finally we provide an adequate CPS transform from our calculus to the -calculus. This shows that the latter may be regarded as an assembly language, while our calculus seems to provide a better programming notation for higher-order concurrency. We conclude by discussing some alternative design decisions.     

Reasoning about Minimal Knowledge in Nonmonotonic Modal Logics

We study the problem of embedding Halpern and Moses's modal logic of minimal knowledge states into two families of modal formalism for nonmonotonic reasoning, McDermott and Doyle's nonmonotonic modal logics and ground nonmonotonic modal logics. First, we prove that Halpern and Moses's logic can be embedded into all ground logics; moreover, the translation employed allows for establishing a lower bound (3p) for the problem of skeptical reasoning in all ground logics. Then, we show a translation of Halpern and Moses's logic into a significant subset of McDermott and Doyle's formalisms. Such a translation both indicates the ability of Halpern and Moses's logic of expressing minimal knowledge states in a more compact way than McDermott and Doyle's logics, and allows for a comparison of the epistemological properties of such nonmonotonic modal formalisms.     

A logical encoding of the π-calculus: model checking mobile processes using tabled resolution

We present MMC, a model checker for mobile systems specified in the style of the -calculus. MMCs development builds on that of XMC, a model checker for an expressive extension of Milners value-passing calculus implemented using the XSB tabled logic-programming engine. MMC addresses the salient issues that arise in the -calculus, including scope extrusion and intrusion and dynamic generation of new names to avoid name capture. We show that logic programming provides an efficient implementation platform for model checking -calculus specifications and can be used to obtain an exact encoding of the -calculuss transitional semantics. Moreover, MMC is easily extended to handle process expressions in the spi-calculus of Abadi and Gordon. Our experimental data show that MMC outperforms other known tools for model checking the -calculus.     

Distributivity in Łℵ0 and Other Sentential Logics

Certain distributivity results for ukasiewicz's infinite-valued logic ₀ are proved axiomatically (for the first time) with the help of the automated reasoning program OTTER. In addition, nondistributivity results are established for a wide variety of positive substructural logics by the use of logical matrices discovered with the automated model-finding programs MACE and MAGIC.     

Finiteness in Infinite-Valued Łukasiewicz Logic

In this paper we deepen Mundici's analysis on reducibility of the decision problem from infinite-valued ukasiewicz logic to a suitable m-valued ukasiewicz logic _m , where m only depends on the length of the formulas to be proved. Using geometrical arguments we find a better upper bound for the least integer m such that a formula is valid in if and only if it is also valid in _m. We also reduce the notion of logical consequence in to the same notion in a suitable finite set of finite-valued ukasiewicz logics. Finally, we define an analytic and internal sequent calculus for infinite-valued ukasiewicz logic.     

一种基于信念-期望-意图和效用的社会承诺机制

在多智能体系统中,为完成问题求解智能体之间需建立起社会承诺.文章将信念-期望-意图和效用理论结合起来,提出了一种社会承诺机制,保证了智能体行为的逻辑理性和决策理性.该文的工作将Rao&Georgeff的信念-期望-意图理论和S.Kraus的激励承包思想有机地结合起来,改进了Haddadi的社会承诺机制,为Castelfranchi的社会承诺提供了实现支持.     

Reasoning about programs in continuation-passing style

Plotkin's _v -calculus for call-by-value programs is weaker than the -calculus for the same programs in continuation-passing style (CPS). To identify the call-by-value axioms that correspond to on CPS terms, we define a new CPS transformation and an inverse mapping, both of which are interesting in their own right. Using the new CPS transformation, we determine the precise language of CPS terms closed under -transformations, as well as the call-by-value axioms that correspond to the so-called administrative -reductions on CPS terms. Using the inverse mapping, we map the remaining and equalities on CPS terms to axioms on call-by-value terms. On the pure (constant free) set of -terms, the resulting set of axioms is equivalent to Moggi's computational -calculus. If the call-by-value language includes the control operatorsabort andcall-with-current-continuation, the axioms are equivalent to an extension of Felleisenet al.'s _v -C-calculus and to the equational subtheory of Talcott's logic IOCC.This article is a revised and extended version of the conference paper with the same title [42]. The technical report of the same title contains additional material.The authors were supported in part by NSF grant CCR 89-17022 and by Texas ATP grant 91-003604014.     

Classical Natural Deduction for S4 Modal Logic

This paper proposes a natural deduction system CNDS4 for classical S4 modal logic with necessity and possibility modalities. This new system is an extension of Parigot’s Classical Natural Deduction with dualcontext to formulate S4 modal logic. The modal λμ-calculus is also introduced as a computational extraction of CNDS4. It is an extension of both the λμ-calculus and the modal λ-calculus. Subject reduction, confluency, and strong normalization of the modal λμ-calculus are shown. Finally, the computational interpretation of the modal λμ-calculus, especially the computational meaning of the modal possibility operator, is discussed.     

A linear translation from CTL* to the first-order modal μ -calculus

The modal μ-calculus is a very expressive temporal logic. In particular, logics such as LTL, CTL and CTL* can be translated into the modal μ-calculus, although existing translations of LTL and CTL* are at least exponential in size. We show that an existing simple first-order extension of the modal μ-calculus allows for a linear translation from LTL. Furthermore, we show that solving the translated formulae is as efficient as the best known methods to solve LTL formulae directly.     

Computable processes and bisimulation equivalence

A process is calledcomputable if it can be modelled by a transition system that has a recursive structure—implying finite branching. The equivalence relation between transition systems considered is strong bisimulation equivalence. The transition systems studied in this paper can be associated to processes specified in common specification languages such as CCS, LOTOS, ACP and PSF. As a means for defining transition systems up to bisimulation equivalence, the specification languageCRL is used. Two simple fragments of,CRL are singled out, yielding universal expressivity with respect to recursive and primitive recursive transition systems. For both these domains the following properties are classified in the arithmetical hierarchy:bisimilarity, perpetuity (both ₁ ⁰ ),regularity (having a bisimilar, finite representation, ₂ ⁰ ),acyclic regularity ( ₁ ⁰ ), anddeadlock freedom (distinguishing deadlock from successful termination, ₁ ⁰ ). Finally, it is shown that in the domain of primitive recursive transition systems over a fixed, finite label set, a genuine hierarchy in bisimilarity can be defined by the complexity of the witnessing relations, which extends r.e. bisimilarity. Hence, primitive recursive transition systems already form an interesting class.     

Practical Reflection for Sequent Logics

It is well-known that adding reflective reasoning can tremendously increase the power of a proof assistant. In order for this theoretical increase of power to become accessible to users in practice, the proof assistant needs to provide a great deal of infrastructure to support reflective reasoning. In this paper we explore the problem of creating a practical implementation of such a support layer.Our implementation takes a specification of a logical theory (which is identical to how it would be specified if we were simply going to reason within this logical theory, instead of reflecting it) and automatically generates the necessary definitions, lemmas, and proofs that are needed to enable the reflected meta-reasoning in the provided theory.One of the key features of our approach is that the structure of a logic is preserved when it is reflected. In particular, all variables, including meta-variables, are preserved in the reflected representation. This also allows the preservation of proof automation—there is a structure-preserving one-to-one map from proof steps in the original logic to proof step in the reflected logic.To enable reasoning about terms with sequent context variables, we develop a principle for context induction, called teleportation.This work is fully implemented in the MetaPRL theorem prover.     

A survey of theories for mobile agents

This paper presents a comparative survey of formalisms related to mobile agents. It describes the -calculus and its extensions, the Ambient calculus, Petri nets, Actors, and the family of generative communication languages. Each of these formalisms defines a mathematical framework that can be used to reason about mobile code; they vary greatly in their expressiveness, in the mechanisms they provide to specify mobile code based applications and in their practical usefulness for the validation and the verification of such applications. In this paper we show how these formalisms can be used to represent the mobility and communication aspects of two mobile code environments: Obliq and Messengers. We compare and classify the different formalisms with respect to mobility and discuss some shortcomings and desirable extensions. We also point to other emerging concepts in formalisms for mobile code systems.     

Evaluation of Queries under Closed-World Assumption

The minimal entailment Min has been characterized elsewhere by where Cn is the first-order consequence operation, P is a set of clauses (indefinite deductive data base; in short: a data base), is a clause (a query), and Pos is the set of positive (that is, bodiless) ground clauses. In this paper, we address the problem of the computational feasibility of criterion (1). Our objective is to find a query evaluation algorithm that decides P Min by what we call indefinite modeling, without actually computing all ground positive consequences of P and P {}. For this purpose, we introduce the concept of minimal indefinite Herbrand model MP of P, which is defined as the set of subsumption-minimal ground positive clauses provable from P. The algorithm first computes MP by finding the least fixed-point of an indefinite consequence operator TIP. Next, the algorithm verifies whether every ground positive clause derivable from MP {} by one application of the parallel positive resolution rule (in short: the PPR rule) is subsumed by an element of MP. We prove that the PPR rule, which can derive only positive clauses, is positively complete, that is, every positive clause provable from a data base P is derivable from P by means of subsumption and finitely many applications of PPR. From this we conclude that the presented algorithm is partially correct and that it eventually halts if both P and MP are finite. Moreover, we indicate how the algorithm can be modified to handle data bases with infinite indefinite Herbrand models. This modification leads to a concept of universal model that allows for nonground clauses in its Herbrand base and appears to be a good candidate for representation of indefinite deductive data bases.     

A Subset-Matching Size-Bounded Cache for Testing Satisfiability in Modal Logics

The implementation of efficient decision procedures for modal logics is a major research problem in automated deduction. Caching the result of intermediate consistency checks has experimentally proved to be a very important technique for attaining efficiency. Current state-of-the-art systems implement caching mechanisms based on hash tables. In this paper we present a data type – that we call bit matrix – for caching the (in)consistency of sets of formulas. Bit matrices have three distinguishing features: (i) they can be queried for subsets and supersets, (ii) they can be bounded in size, and (iii) if bounded, they can easily implement different policies to resolve which results have to be kept. We have implemented caching mechanisms based on bit matrices and hash tables in *SAT. In *SAT, the bit matrix cache is bounded, and keeps the latest obtained (in)consistency results. We experiment with the benchmarks proposed for the modal logic K at the TABLEAUX Non Classical Systems Comparison (TANCS) 2000. On the basis of the results, we conclude that *SAT performances are improved by (i) caching the results of intermediate consistency checks, (ii) using bit matrices instead of hash tables, and (iii) storing a small number of results in the bit matrices.