Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Robust Vacuity for Branching Temporal Logic

Robust Vacuity for Branching Temporal Logic 1 Robust Vacuity for Branching Temporal Logic ARIE GURFINKEL, Carnegie Mellon University MARSHA CHECHIK, University of Toronto There is a growing interest in techniques for detecting whether a logic speci cation is satis ed too easily, or vacuously. For example, the speci cation œevery request is eventually followed by an acknowledgment  is satis ed vacuously by a system that never generates any requests. Vacuous satisfaction misleads users of model-checking into thinking that a system is correct. It is a serious problem in practice. There are several existing de nitions of vacuity. Originally, Beer et al. [1997] formalized vacuity as insensitivity to syntactic perturbation (syntactic vacuity). This formulation captures the intuition of œvacuity  when applied to a single occurrence of a subformula. Armoni et al. argued that vacuity must be robust; not affected by semantically invariant changes, such as extending a model with additional atomic propositions. They show that syntactic vacuity is not robust for subformulas of linear temporal logic, and propose an alternative de nition; trace vacuity. In this article, we continue this line of research. We show that trace vacuity is not robust for branching time logic. We further re ne the notion of vacuity http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png ACM Transactions on Computational Logic (TOCL) Association for Computing Machinery

Robust Vacuity for Branching Temporal Logic

Download PDF
32 pages

Loading next page...
 
/lp/association-for-computing-machinery/robust-vacuity-for-branching-temporal-logic-l8PmIbMcuP

References (50)

Publisher
Association for Computing Machinery
Copyright
Copyright © 2012 by ACM Inc.
ISSN
1529-3785
DOI
10.1145/2071368.2071369
Publisher site
See Article on Publisher Site

Abstract

1 Robust Vacuity for Branching Temporal Logic ARIE GURFINKEL, Carnegie Mellon University MARSHA CHECHIK, University of Toronto There is a growing interest in techniques for detecting whether a logic speci cation is satis ed too easily, or vacuously. For example, the speci cation œevery request is eventually followed by an acknowledgment  is satis ed vacuously by a system that never generates any requests. Vacuous satisfaction misleads users of model-checking into thinking that a system is correct. It is a serious problem in practice. There are several existing de nitions of vacuity. Originally, Beer et al. [1997] formalized vacuity as insensitivity to syntactic perturbation (syntactic vacuity). This formulation captures the intuition of œvacuity  when applied to a single occurrence of a subformula. Armoni et al. argued that vacuity must be robust; not affected by semantically invariant changes, such as extending a model with additional atomic propositions. They show that syntactic vacuity is not robust for subformulas of linear temporal logic, and propose an alternative de nition; trace vacuity. In this article, we continue this line of research. We show that trace vacuity is not robust for branching time logic. We further re ne the notion of vacuity

Journal

ACM Transactions on Computational Logic (TOCL)Association for Computing Machinery

Published: Jan 1, 2012

There are no references for this article.