1

Translating from LTL to automata

2

Why translating?

Want to write the specification in some logic. Want to check that an automaton (or a Kripke structure)

satisfies this property. The check (“model-checking”) will be based on automata

operations – hence we need to translate the property to automata.

3

From formulas to Buchi automta

Gp Fp p U q GFp

p p

T

T

q

p

T

p

T

Now try yourself: FGp, a U (b U c), X(p U (q Æ r))

4

A translation algorithm

So now we need to show an algorithmic translation from LTL to Buchi

It will work in two stages: Translate to Generalized Buchi Degeneralization.

5

Preprocessing

Convert into normal form, where negation only applies to propositional variables.

¬G becomes F¬. ¬F becomes G¬. ¬( U ) becomes (¬) R (¬), ¬( R ) becomes (¬) U (¬).

6

Convert to Negation Normal Form Push negations over propositional conenctives, and

eliminate operators other than Æ, Ç

Eliminate G Replace G by (False R ).

(in general we can stay with U, R, X)

Preprocessing

7

Example

Translate (GF P ) ! ( GF Q )

Eliminate implication ¬( GF P ) Ç ( GF Q )

Eliminate G, F :¬( False R ( True U P ) ) Ç ( False R ( True U Q ) )

Push negation inwards:(True U (False R ¬P ) ) Ç ( False R ( True U Q ) )

8

And now...

We need to build an automaton that accepts exactly those words that satisfy .

9

Content

The construction continues as follows:

1. Build the Local Automaton This automaton guarantees that the word satisfies

all conditions imposed by the formula

2. Build the Eventuality Automaton Eventualities : formulas of the form Fφ and φ1 U

φ2 The problem is that nothing prevents us from

postponing forever the time at which (eventuality) formula will be true

3. Compose them

10

The Local Automaton

Closure of all the subformulas of and their negations.

Formally: cl() is the smallest set of formulas satisfying the following conditions

φ ∈ cl(φ) φ1 ∈ cl(φ) ⇒ ¬φ1 ∈ cl(φ) φ1 ∧ φ2∈ cl(φ) ⇒ φ1 , φ2 ∈ cl(φ) φ1 ∨ φ2 ∈ cl(φ) ⇒ φ1 , φ2 ∈ cl(φ)

X φ1 ∈ cl(φ) ⇒ φ1 ∈ cl(φ) F φ1 ∈ cl(φ) ⇒ φ1 ∈ cl(φ) φ1 U φ2 ∈ cl(φ) ⇒ φ1 , φ2 ∈ cl(φ) φ1 R φ2 ∈ cl(φ) ⇒ φ1 , φ2 ∈ cl(φ)

11

The Local Automaton / Alphabet, states

The local automaton is L = (∑, SL, ρL, IL, FL)

The alphabet ∑ ∑ µ 2cl(φ)

∑ elements are consistent: for s 2 ∑ and f ∈ cl(φ): f ∈ s ¬f ∉ s

The states SL All propositionally consistent subsets s of cl(φ):

φ1 ∈ s ¬φ1 ∉ s

12

The Local Automaton / Transition relation

The edges: ρL(s, a) must check the next state is compatible with the semantics of

the temporal operators.

Let t ∈ ρL(s, a). Then:

Xφ1 ∈ s φ1 ∈ t

Fφ1 ∈ s φ1 ∈ s or Fφ1 ∈ t

φ1 U φ2 ∈ s (φ2 ∈ s) or (φ1 ∈ s and φ1 U φ2 ∈ t)

φ1 R φ2 ∈ s (φ1 ⋀ φ2 ∈ s) or (φ2 ∈ s and φ1 R φ2

∈ t)

The labeling on the edges: For a state s ;, s is the label on all the outgoing edges from s.

13

The initial states IL

... is the set of states that include the formula

The accepting states FL

... is the set of all states

The Local Automaton / Initial + final states

14

Example: Local Automaton for Fp

Closure of Fp cl(Fp) = {Fp, p, ¬Fp, ¬p}

SL= {{Fp, p}, {¬Fp, p}, {Fp, ¬p}, {¬Fp, ¬p}}

15

Local Automaton for Fp

{¬Fp, p}

{Fp, ¬p}

{¬Fp, ¬p}

Recall the defnition: (Fp ∈ s) (p ∈ s or Fp ∈ t) (t is the target state)

Top-right: Since p s then t can only be such that Fp 2 t.

Top left: Since p 2 s then all states can be t.

{Fp, p}

Bottom left: contradictory, hence no point in this state (can be removed)

Bottom right: since the condition above is iff relation, then we need that (:p 2 s) and (:Fp 2 t).

16

Local Automaton for Fp (labels)

{¬Fp, p}

{Fp, ¬p}

{¬Fp, ¬p}

{Fp, p}

{Fp, p}

{Fp, p} {¬Fp, ¬p}

{Fp, ¬p}

{Fp, ¬p}

{Fp, p}

Recall: the edge labels are equivalent to the source state names.

17

Eventuality automaton is supposed to check that the eventualities are realized

Check formulas of the form φ1 U φ2

Fφ // special case of U

The Eventuality Automaton

18

The Eventuality Automaton/ Alphabet, states

Ev = (∑, 2ev(φ), ρF, {{}}, F)

The alphabet ∑ µ 2cl(φ)

∑ elements are consistent: for s 2 ∑ and f ∈ cl(φ): f ∈ s ¬f ∉ s

The states 2ev(φ)

The set of subsets of the eventualities of the formula φ

A state {e1, …, ek} means that the eventualities e1, …, ek still have to be realized

19

The Eventuality Automaton/ Transition relation, initial state

The transition ρF

Let t ∈ ρF(s,a)

For Fφ : Fφ ∈ t φ ∉ a

For φ1 U φ2 : φ1 U φ2 ∈ t φ2 ∉ a

The initial state : {}

20

The Eventuality Automaton/ accepting states

The acceptance condition F is complicated... When can we accept a state s?

if s has an eventuality, it satisfies it.

Examples: s is accepting: s = {pUq,:p, q}

s = {:pUq,:p, :q}

s is not accepting: s = {pUq, p, :q} s = {pUq, :p, :q}

21

The Eventuality Automaton/ accepting states

The acceptance condition, formaly: Let ei be an eventuality condition i’ U i

Suppose we have the eventuality conditions e1,...,em. Then F is a generalized Buchi condition:

F = {Á1,...,Ám} where Ái = {s 2 S | ei 2 s ! i 2 s}

In our example: We have two states: {} and {Fp} Thus, F contains the single state {}

22

ExampleEventuality automaton

{Fp}

{}

{Fp, p}

{¬Fp, p}

{¬Fp, ¬p}

{Fp, ¬p}

{Fp, p}{¬Fp, p}

{¬Fp, ¬p}

{Fp, ¬p}

We can begin with all edges and all labels and then remove those that are incompatible with the condition we saw in the previous slide:

The condition is: Fp ∈ t p ∉ a

Q: When is this automaton satisfied? A: When all eventualities are satisfied.

23

M = (∑, SM, ρM ,NM0, FM)

∑ µ 2cl()

SM = SL x 2ev(φ) (Cartesian Product)

(p, q) ∈ ρM((s, t), a) p ∈ ρL(s, a) and q ∈ ρF(t, a)

NM0 = Nφ x {}

FM = NL x {}

Composing the two automata

24

Example Composing the two automata

({Fp, p}, Fp)

({Fp, ¬p} , Fp)

({¬Fp, ¬p} , Fp)

({Fp, p}, {})({Fp, ¬p} , {})

({¬Fp, ¬p} , {})

The propositions are the ‘real’ labels.

p

p

:p

:p

:p

25

Example Composing the two automata

({Fp, p}, Fp)

({Fp, ¬p} , Fp)

({Fp, p}, {})

({¬Fp, ¬p} , {})

p :p

:p

:p

Equivalently: labels move to outgoing edges.

p

p :pp

:p

p

p

({Fp, ¬p} , {})

26

Optimizations...

There are optimizations that make the automaton much smaller:

p

:p

:p

:p pp

If we define the alphabet ∑ as formulas over AP we can do better:

p

:p truep Ç :p

27

Conclusion

The number of States Local Automaton : 2cl(φ) = O(22|φ|) Eventuality Automaton : 2ev(φ) = O(2|φ|) Composed Automata : 2cl(φ) X 2ev(φ) = O(23|φ|)

|φ| is length of formula φ