The reasoning powers of Burstall's (modal logic) and Pnueli's (temporal logic) program verification methods
Logics of Programs, 1985
... DEFINITION 2 (indr, lar, faR, laf) The induction concerning R, nex, inp : Let ~ be a formula ... more ... DEFINITION 2 (indr, lar, faR, laf) The induction concerning R, nex, inp : Let ~ be a formula (ice. ... and ~(nex(~)) : F(~i/nexi(~i) : i<m) . The sets of induction formulas lar~Fd[m] , laR~Fd[m] , and Iaf~Fd{m} are defined as follows: Iar := { indr(~-,~ F d and ~ mmX J , ...
Weak direct products of arbitrary universal algebras are introduced. The usual notion for groups ... more Weak direct products of arbitrary universal algebras are introduced. The usual notion for groups and rings is a special case. Some universal algebraic properties are proved and applications to cylindric and polyadic algebras are considered.
In this paper we investigate total correctness (termination and correctness simultaneously) in No... more In this paper we investigate total correctness (termination and correctness simultaneously) in Nonstandard Dynamic Logic (NDL). Here we show that despite of the celebrated Kfoury-Park [5] result, termination is a first order notion if approached properly (e.g. via NDL). In Definition 1 below we recall the famous Manna-Cooper Q-method for proving total correctness. Then we do the same things to Manna-Cooper total correctness method ` that were done in [1] to Floyd’s partial correctness method ` . Among others, we shall give an explicit characterization of the information content of ` as well as prove that NDL is strictly stronger than ` w.r.t. proving total correctness (that is, more programs can be proved totally correct by NDL than by `). The same results apply if we replace ` by Burstall’s method for total correctness (this is because Burstall’s method is very close to our version of `) as it will be demonstrated in the other paper. Since these methods (Burstall’s and Manna-Cooper...
The class TPA of true pairing algebras is defined to be the class of relation algebras expanded w... more The class TPA of true pairing algebras is defined to be the class of relation algebras expanded with concrete set theoretical projection functions. The main results of the present paper is that neither the equational theory of TPA nor the first order theory of TPA are decidable. Moreover, we show that the set of all equations valid in TPA is exactly on the Π 1 1 level. We consider the class TPA − of the relation algebra reducts of TPA's, as well. We prove that the equational theory of TPA − is much simpler, namely, it is recursively enumerable. We also give motivation for our results and some connections to related work.
Completeness problems in verification of programs and program schemes
Mathematical Foundations of Computer Science 1979, 1979
Thm 1 states a negative result about the classical semantics of program schemes. Thm 2 investigat... more Thm 1 states a negative result about the classical semantics of program schemes. Thm 2 investigates the reason for this. We conclude that Thm 2 justifies the Henkin-type semantics for which the opposite of the present Thm 1 was proved in Andréka-Németi[1],
The idea of solving problems in logic by first translating them to algebra, then using the powerf... more The idea of solving problems in logic by first translating them to algebra, then using the powerful methodology of algebra for solving them, and then translating the solution back to logic, goes back to Leibnitz and Pascal. Papers on the history of Logic (e.g. Anellis-Houser [4], Maddux [14]) point out that this method was fruitfully applied in the 19th century not only to propositional logics but also to quantifier logics (De Morgan, Peirce etc. applied it to quantifier logics too). The number of applications grew ever since. (Though some of these remained unnoticed, e.g. the celebrated Kripke-Lemmon completeness theorem for modal logic w.r.t. Kripke models was first proved by Jonsson and Tarski in 1948 using algebraic logic.)
In this paper we solve some open problems raised in recent publications of the Computer Science T... more In this paper we solve some open problems raised in recent publications of the Computer Science Temporal Logic school represented by Manna-Pnueli [11], [12], Abadi-Manna [5], Abadi [1]-[4]. These problems concern the proof theoretic powers of the following inference systems: T 0 introduced in [11], [12] and reformulated in [1]-[4]; the resolution system R of [5]; and T 1 , T 2 of [1]-[4]. We use first-order temporal logic (FTL) with modalities , [F ], and U denoting "nexttime", "always-in-the-future", and "until" respectively. Given a first-order similarity type or language L, the usual predicate etc. symbols of L are considered to be rigid, i.e. their meanings do not change in time. Similarly, individual variables x i (i ∈ ω) are rigid. To this we add an infinity y i (i ∈ ω) of flexible constants. That is, the meaning of y i is allowed to change in time. Other authors, see e.g. Abadi [1]-[4], add flexible predicates too, but we will not need them here though we will mention them occasionally. Our theorems remain true even if we allow flexible predicateand function symbols, as it will be very easy to see. F m(F T L) denotes the set of all FTL-formulas (of some fixed similarity type L) defined above. For semantic purposes, we use classical two-sorted models M = < T, D, f 0 ,. .. , f i ,. .. > i∈ω where D is a classical first-order structure of similarity type L, T = < T, 0, suc, ≤, +, × > is a structure of the same similarity type as the standard model N = < ω, 0, suc, ≤, +, × > of arithmetic, and for i ∈ ω, f i , a function from T into D, serves to interpret the flexible constant y i. T is called the time-frame of M, and, except for its language, is arbitrary. M od denotes the class of all models M of the above kind. (The members of M od are basically the same as Kripke models known from the
In this paper we investigate the reasoning powers or proof theoretic powers of various establishe... more In this paper we investigate the reasoning powers or proof theoretic powers of various established temporal logics used in Computer Science. In Sections 1-6 we concentrate on provability of various program properties while in Sections 7-9 we investigate provability of temporal formulas in general. In Sections 1-6 we consider both deterministic and nondeterministic programs. Our investigations are ~wofoid: (1) compare the reasoning powers of the various logics, and (2) characterize their reasoning powers. The investigations in (2) are often called completeness issues, because a good characterization amounts to finding a nice and mathematically transparent semantics for which our logic is complete (cf. e.g. [4] and [19]). In doing (2), we follow the methodology called Correspondence Theory in philosophical logic (see [19, Chap. II.4]) which was first elaborated for temporal logics of programs in the 1978 version of Sain's [43] (cf. also [10] and [21]; both [43] and [10] were based on the Computer Science temporal logics in [6]), in the framework called time oriented Nonstandard Logics of Programs (NLP). The same is used in [1-4]. In particular, the semantics denoted as "~-o P(...)'" by Abadi was first introduced as "(lnd+ Tord)~'" in the above quoted NLP literature (cf. e.g. the historical notes in [38, 42, 21, 49]), and will also play a central role here. Among others, we will obtain new strong (hereditarily in a sense) incompleteness results w.r.t, this semantics for proof systems of [5] and [33]. No number of new axioms, but a single new modality can eliminate this incompleteness (see [40]). In Section 8 we solve some of the problems raised in recent publications of the famous temporal logic school represented by Manna and Pnueli [33, 34], Abadi and Manna [5], and Abadi [ 1-4]. These problems concern the strongest among the inference systems designed so far for computer science oriented first-order temp',ral logics. Here we consider only inference systems which are (at least theoretically) relevant i'or machine implementation.
We show the equivalence (!{ LeivIIlII' .1' dUlfl/r;wr;zmion of Floyd-Hoare Logic in weak second o... more We show the equivalence (!{ LeivIIlII' .1' dUlfl/r;wr;zmion of Floyd-Hoare Logic in weak second order logic (fLeSSJ) with both Csirltl(lZ'S (f Cs80I) 111/(/ Selin's (f Sa85bJ) characterizations of Floyd-Hoare logic in Nonstandard Logics of Programs, Ow method allows us u) spell out tlJ.e precise role of the comprehension axiom in weak second order [og;I:. Ii .(~then prove similar resultsIor other program verification systems (suggested by Barstllll fwd f'l1uclii and identify exactly the comprehension axioms corresponding to those systems. I This is an cltpanded ver~il>n of IM.5S(,j. ' 1' 111' ("I':IllSi'~1 of IJle parer li'as done when bo!h au!hors were visiling the
It is important to stress here that (p(z) may contain ofherfree variables of all sorts. All the f... more It is important to stress here that (p(z) may contain ofherfree variables of all sorts. All the free variables of Q(Z) are also free in Q: except for z, They are the 'parameters' of the induction Qz. The theory IA says that if a 'property' q(z) changes during time T, then it must change 'some time', i.e. there is a time point b E T when Q(Z) is just changing. We define Complete logic for reasoning about programs 261 Notations. We define the abbreviations <: and-X as follows: The finite set OA c Ftd of order axioms is defined as follows: OA 2 {Vz,(z,-< zo+ l), VzoKK ZQ A [0 = zo v Eizl(zl+ 1 = to)]), Let PA denote the set of Peano Axioms for the sort t (see e.g. Example 1.4.11 in [8]). Now we define the theories Axe, Axe, Ax: Ax0 = df OA u IA'.
Uploads
Papers by Ildikó Sain