8

Assume I have two formulae $\Phi$ and $\Psi$ (over the same set of atomic propositions $AP$) in CTL. We have that $\Phi \equiv \Psi$ iff $Sat_{TS}(\Phi) = Sat_{TS}(\Psi)$ for all transition systems $TS$ over $AP$.

Given that there are infinitely many transition systems, it's impossible to check them all. I thought about using PNF (Positive Normal Form, allowing negation only next to literals) because judging from its name it should give me the same formula for $\Phi$ as for $\Psi$ iff they are equivalent, but I'm not convinced this works in all cases (you could say, I'm not convinced PNF is actually a normal form).

For example, take $\forall \mathrm{O} \forall \lozenge \Phi_0 \stackrel{?}{\equiv} \forall \lozenge \forall \mathrm{O} \Phi_0$ (where $\mathrm{O}$ is the next operator and $\lozenge$ is the eventually operator). I'm looking for a way do do this by hand.

Raphael
  • 73,212
  • 30
  • 182
  • 400
bitmask
  • 1,765
  • 2
  • 16
  • 20

4 Answers4

6

It seems to me that "$\Phi≡\Psi$" is equivalent to "Neither $(\Phi ∧ ¬\Psi)$ nor $(\Psi ∧ ¬\Phi)$ is satisfiable".

Therefore deciding equivalence is as difficult as deciding satisfiability, since "$\Phi$ satisfiable" is equivalent to "not ($¬\Phi≡\top$)".

In this article there is a mention of a an exponential procedure to decide satisfiability in CTL, so it should be enough to run the algorithm on the two formulas I wrote above.

PS: I am not at all an expert in this field, so please check what I wrote. If this makes sense, I will remove the various "seems" and "should".

jmad
  • 9,578
  • 1
  • 40
  • 43
3

If you want to prove the identities by hand, I do not know if there are absolutely general techniques. You can start with the axioms and well known identities for CTL and work from there.

If you want the answer and worry about having a human readable proof separately, you can use a CTL satisfiability checker like MLSolver.

Vijay D
  • 854
  • 4
  • 9
0

Your example is not equivalence assume a transition system by two state which all of them are initial, and there is a loop in state which satisfy \phi. To prove equivalence of two CTL formula you should use definition of semantics.

rahim
  • 1
-1

Could you express this in the fixpoint characterization for CTL formulas? That might help you prove their equivalence. http://www-2.cs.cmu.edu/~modelcheck/ed-papers/VTfFSCS.pdf

Rohit
  • 1