The Unary Fragments of Metric Interval Temporal Logic: Bounded versus Lower bound Constraints(Full Version)

The Unary Fragments of Metric Interval Temporal Logic: Bounded versus Lower bound Constraints (Full Version)

Abstract

1

We study two unary fragments of the well-known metric interval temporal logic that was originally proposed by Alur and Henzinger, and we pin down their expressiveness as well as satisfaction complexities. We show that which has unary modalities with only lower-bound constraints is (surprisingly) expressively complete for Partially Ordered 2-Way Deterministic Timed Automata () and the reduction from logic to automaton gives us its NP-complete satisfiability. We also show that the fragment having unary modalities with only bounded intervals has NEXPTIME-complete satisfiability. But strangely, is strictly less expressive than . We provide a comprehensive picture of the decidability and expressiveness of various unary fragments of .

1 Introduction

Temporal logics are a well known notation for specifying properties of reactive systems. Reductions between temporal logics and finite state automata have been very influential in formulating decision procedures and model checking of temporal logic properties. However, extending this paradigm to real-time logics and timed automata has been challenging.

Metric Temporal Logic is a well established logic for specifying quantitative properties of timed behaviors in real-time. In this logic, the temporal modalities and are time constrained by a time interval . A formula holds at a position provided there exists a strictly later position where holds and must hold for all in between positions. Moreover the “time distance” between and must be in the interval . Interval has integer valued endpoints and it can be open, closed, half open, or singular (i.e. ). It can even be unbounded, i.e. of the form . Unary modalities and can be defined as and , respectively. Unfortunately, satisfiability of formulae and their model checking (against timed automata) are both undecidable in general [AH93, Hen91].

In their seminal paper [AFH96], the authors proposed the sub logic having only non-punctual (or non-singular) intervals. Alur and Henzinger [AFH96, AH92] showed that the logic has EXPSPACE-complete satisfiability2. In another significant paper [BMOW08], Bouyer et al showed that sublogic of with only bounded intervals, denoted , also has EXPSPACE-complete satisfiability. These results are practically significant since many real time properties can be stated with bounded or non-punctual interval constraints.

In quest for more efficiently decidable timed logics, Alur and Henzinger considered the fragment consisting only of “one-sided” intervals, and showed that it has PSPACE-complete satisfiability. Here, allowed intervals are of the form or thereby enforcing either an upper bound or a lower bound time constraint in each modality.

Several real-time properties of systems may be specified by using the unary future and past modalities alone. In the untimed case of finite words, the unary fragment of logic has a special position: the unary temporal logic has NP-complete satisfiability [EVW02] and it expresses exactly the unambiguous star-free languages which are characterized by Partially ordered 2-Way Deterministic Finite Automata () [STV01]. On the other hand, the PSPACE-complete satisfiability of drops to NP-complete satisfiability for unary temporal logic [EVW02]. Automata based characterizations for the above two logics are also well known: - definable languages are exactly the star-free regular languages which are characterized by counter-free automata, where as - definable languages exactly correspond to the unambiguous star-free languages [TT02] which are characterized by Partially ordered 2-Way Deterministic Automata () [STV01].

Inspired by the above, in this paper, we investigate several “unary” fragments of and we pin down their exact decision complexities as well as expressive powers. In this paper, we confine ourselves to point-wise with finite strictly monotonic time, i.e. the models are finite timed words where no two letters have the same time stamp.

As our main results, we identify two fragments of unary logic for which a remarkable drop in complexity of checking satisfiability is observed, and we study their automata as well as expressive powers. These fragments are as follows.

  • Logic embodying only unary “lower-bound” interval constraints of the form and . We show that satisfiability of this logic is NP-complete.

  • Logic having only unary modalities and with bounded and non-singular interval constraints where (). We show that satisfiability of this logic is NEXPTIME-complete.

In both cases, an automata theoretic decision procedure is given as a language preserving reduction from the logic to Partially Ordered 2-Way Deterministic Timed Automata (). These automata are a subclass of the 2Way Deterministic Timed Automata of Alur and Henzinger [AH92] and they incorporate the notion of partial-ordering of states. They define a subclass of timed regular languages called unambiguous timed regular languages () (see [PS10]). have several attractive features: they are boolean closed (with linear blowup only) and their non-emptiness checking is NP-complete. The properties of together with our reductions give the requisite decision procedures for satisfiability checking of logics and .

The reduction from to uses a nice optimization which becomes possible in this sublogic: truth of a formula at any point can be determined as a simple condition between times of first and last occurrences of its modal subformulas and current time. A much more sophisticated but related optimization is required for the logic with both upper and lower bound constraints: truth of a formula at any point in a unit interval can be related to the times of first and last occurrences of its immediate modal subformulas in some “related” unit intervals. The result is an inductive bottom up evaluation of the first and last occurrences of subformulas which is carried out in successive passes of the two way deterministic timed automaton.

For both the logics, we show that our decision procedures are optimal. We also verify that the logic consisting only of the unary future fragment of already exhibits EXPSPACE-complete satisfiability. Moreover, the unary future fragment with only upper bound constraints has PSPACE-complete satisfiability, whereas with only lower bound constraints has NP-complete satisfiability. A comprehensive picture of decision complexities of fragments of is obtained and summarized in Figure 1.

We also study the expressive powers of logics and . We establish that is expressively complete for , and hence it can define all unambiguous timed regular languages (). This is quite surprising as include guards with simultaneous upper and lower bound constraints as well as punctual constraints, albeit only occurring deterministically. Expressing these in , which has only lower bound constraints, is tricky. We remark that is a rare instance of a precise logic automaton connection within the family of timed logics.

We also establish that is strictly more expressive than the bounded unary logic . Combining these results with decision complexities, we conclude that , although less expressive, is exponentially more succinct as compared to the logic . Completing the picture, we show that, for expressiveness, . For each logic, we give a sample property that cannot be expressed in the contained logic (see Figure 2). The inexpressibility of these properties in lower logics are proved using an EF theorem for formulated earlier [PS11].

For logic , the reduction relies on the property that checking truth of a unary modal formula at any position of a given unit interval can be formulated as simple condition over and the times of first and last occurrences of in some related unit intervals (such as . We call this the horizontal stacking of unit intervals Some remarks on our reductions are appropriate here. It should be noted that these logics have both future and past modalities and these naturally translate to the two-wayness of the automata. An important feature of our reduction is that checking of satisfiability of a modal subformula reduces searching for “last” occurrence of within some specified subintervals, and remembering its time stamp. This can be carried out by one backward scan of the automaton. Similarly, for the past formula we need a forward scan.

NP-complete

PSPACE-complete

NEXPTIME-complete

EXPSPACE-complete

Figure 1: Unary MITL: fragments with satisfiability complexities. Arrows indicate syntactic inclusion. The boxed logics are the two main fragments studied in this chapter.

Figure 2: Expressiveness of Unary fragments

2 Unary and its fragments

Definition 1

[Timed Words] A finite timed word over an alphabet is a finite sequence , of event-time stamp pairs such that and the sequence of time stamps is non-decreasing: . This gives weakly monotonic timed words. If time stamps are strictly increasing, i.e. , the timed word is strictly monotonic.

The length of is denoted by , and . For convenience, we assume that as this simplifies the treatment of the initial semantics of timed logics. The timed word can alternately be represented as with and . Let be the untimed word of and be the set of events that occur in . Let for some be the factor of given by . Let be the set of timed words over the alphabet .

The logic MTL [Koy90, AH91] extends Linear Temporal Logic by adding timing constraints to the ”Until” and ”Since” modalities of LTL, using timed intervals. We consider the unary fragment of this logic called . Let range over the set of intervals with non-negative integers as end-points. The syntax of is as follows:

Remark 1

In this paper, we study with interval constraints given by timed intervals with integer end-points. In literature, with interval constraints with rational end-points are often considered. However, it is important to note that properties expressed by the latter may also be expressed by the former, by scaling the intervals as well as the timestamps in the timed word models appropriately.

Let be a timed word and let . The semantics of formulas over pointwise models is as below:

The language of an formula is given by .

is the fragment of which allows only non-punctual intervals to constrain the F and P modalities. Some fragments of that we shall consider in this paper are as follows. See Figure 2 for examples.

  • allows only interval constraints of the form or . Thus, each modality enforces either an upper bound or a lower bound constraint.

  • is with the added restriction that all interval constraints are bounded intervals of the form with .

  • is the fragment of where all interval constraints are “lower bound” constraints of the form .

  • is the fragment in which all interval constraints (whether bounded or unbounded) are “upper bound” constraints of the form .

  • , , , and are the corresponding future-only fragments.

Size of formulas

Consider any formula , represented as a DAG. Let be the number of modal operators in the DAG of . Let be the product of all constants that occur in . Then the modal-DAG size of , whose constants are presented in some logarithmic encoding (e.g. binary) is within constant factors of .

Definition 2

[Normal Form for ] Let denote a boolean combination of formulas from the finite set . Then a normal form formula is given by

A subformula in normal form is said to be an F-type modal argument (or modarg in brief) if it occurs within an F-modality (as ). It is a P-type modarg if it occurs as . Each is said to be a modal sub formula.

Proposition 1

Every formula may be expressed as an equivalent normal form formula of modal-DAG size linear in the modal-DAG size of .

Proof

Given , consider the equivalent formula . Transform this formula in disjunctive normal form treating modal subformulas as atomic. Now apply reductions such as (if ) and otherwise. The resulting formula is equivalent to . Note that DNF representation does not increase the modal-DAG size of the formula. Apply the same reduction to modargs recursively.

2.1

In [PS10], we defined a special class of called Partially-ordered 2-way Deterministic Timed Automata (). The only loops allowed in the transition graph of these automata are self-loops. This condition naturally defines a partial order on the set of states (hence the name). Another restriction is that clock resets may occur only on progress edges. THese are a useful class of automata for the following reasons:

  • The “two-way” nature of the automata naturally allows the simultaneous treatment of future and past modalities in timed temporal logics.

  • Since they are deterministic, complementation may be achieved trivially. In fact, the deterministic and two-way nature of the automata allow for boolean operations to be achieved with only a linear blow-up in the size of the automaton.

  • The size of the small model of a is polynomial in the size of the automaton. Hence, language emptiness of a is decidable with NP-complete complexity.

are formally defined below.

Let be a finite set of clocks. A guard is a timing constraint on the clock values and has the form:
         .3

Here, denotes the current time value. Let be the set of all guards over . A clock valuation is a function which assigns to each clock a non-negative real number. Let denote that a valuation satisfies the guard when is assigned a real value . If is a clock valuation and , let denote a valuation such that and . Two guards and are said to be disjoint if for all valuations and all reals , we have . A special valuation maps all clocks to 0.

Two-way automata “detect” the ends of a word, by appending the word with special end-markers on either side. Hence, if then the run of a is defined on a timed word .

Definition 3 (Syntax of )

Fix an alphabet and let . Let be a finite set of clocks. A po2DTA over alphabet is a tuple where is a partially ordered and finite set of states such that are the only minimal elements and is the only maximal element. Here, is the initial state, the accept state and the reject state. The set is partitioned into and (states which are entered from the left and right respectively). The progress transition function is a partial function which specifies the progress transitions of the automaton, such that if then and is the subset of clocks that is reset to the current time stamp. Every state in has a default “else” self-loop transition which is taken in all such configurations for which no progress transition is enabled. Hence, the automaton continues to loop in a given state and scan the timed word in a single direction (right or left, depending on whether or respectively), until one of the progress transitions is taken. Note that there are no transitions from the terminal states and .

Definition 4 (Run)

Let be a given timed word. The configuration of a po2DTA at any instant is given by where is the current state, the current value of the clocks is given by the valuation function and the current head position is . In this configuration, the head reads the letter and the time stamp .

The run of a po2DTA on the timed word with and starting head position and starting valuation is the (unique) sequence of configurations such that

  • Initialization: , and . The automaton always starts in the initial state .

  • If the automaton is in a configuration such that . If there exists a (unique) transition such that . Then,

    • for all clocks , and otherwise.

    • if , if and if

  • If the automaton is in a configuration (and ) and there does not exist a transition such that and . Then,

    • for all clocks and

    • if and if

  • Termination: . The run is accepting if and rejecting if .

Let be a function such that gives the final configuration of the unique run of on starting with the configuration . The language accepted by an automaton is given by .

The transition function satisfies the following conditions.

  • For all and , there exists such that and such that . This prevents the head from falling off the end-markers.

  • (Determinism) For all and , if there exist distinct transitions and , then and are disjoint.

Example 1

Figure 3 shows an example po2DTA. This automaton accepts timed words with the following property: There is in the interval and a occurs before it such that, if is the position of the first in the interval then there is a exactly at the timestamp .

Figure 3: Example of po2DTA
Definition 5

[Timed Unambiguous Languages] The languages accepted by are called Timed Unambiguous Languages (TUL).

3 From -fragments to

In this section, we explore reductions from some fragments of Unary to . A powerful optimization becomes possible when dealing with the unary sublogics such as and . The truth of a modal formula for a time point in an interval can be reduced to a simple condition involving time differences between and the times of first and last occurrences of within some related intervals. We introduce some notation below.

Marking timed words with first and last -positions

Consider a formula in normal form, a timed word and an interval . Let . Given set of positions in let and denote the smallest and largest positions in , with the convention that and . Let and denote the times of first and last occurrence of within interval in word . If the subscript is omitted, it is assumed to be the default interval .

The logic-automata translations that we give in this chapter are based on the following concepts:

  • In [BMOW07], the authors consider and show that the satisfiability problem for over point-wise models is EXPSPACE-complete. This is done via translation to ATA. In [BMOW08], they show a similar result for continuous models, using model-theoretic methods, in which they construct a tableaux for the bounded formulas. The bounded size of the tableaux relies on the fact that there is a bound on the interval within which the truth of every subformula has to be evaluated. Our translation from also uses this concept.

  • On the other hand, [MNP06] gives the translation of formulas to “Timed Transducers”. A key concept used here, is the fact that the variability within a unit interval of the truth of a subformula with non-punctual interval constraints is limited.

  • Further, it is known that unary LTL (called Unary Temporal Logic) is expressively equivalent to . In LABEL:SShah12, we gave a constructive reduction from to . The novel concept used here is that for every subformula, it is sufficient to know the first and last positions in a word, where the subformula holds true. It is this concept, which justifies the expressive equivalence between the seemingly different properties of unaryness (of ) and determinism (of ).

We combine the concepts (i), (ii) and (iii) described above to give translations from to and from to .

3.1 From to

Fix an formula in normal form. We shall construct a language-equivalent by an inductive bottom-up construction. But first we assert an important property on which our automaton construction is based.

Lemma 1

Given a timed word and ,

Proof

We give the proof only for part (1). Remaining parts can be proved similarly.

Case 1

. Let . Then, . Now,

Case 2

. We show that both LHS and RHS are false. For any we have, . Also, . Hence, conjunct of RHS does not hold.

The above lemma shows that truth of (or ) at a position can be determined by knowing the value of (respectively, ). Hence for each F-type modarg of , we introduce a clock to freeze the value and P-type modarg of , we introduce a clock to freeze the value .

Figure 4: Table for and automaton for an F-type .

Now we give the inductive step of automaton construction. Consider an F-type modarg . The automaton is as shown in Figure 4. If , then for every , we derive the guard which is the guard on the transition labelled by in , such that the transition is enabled is taken if and only if is satisfied at that position. This is given by . To define , let variable denote the time stamp of current position. Then, the condition for checking truth of a modal subformula is a direct encoding of the conditions in lemma 1 and is given in the table in figure 4. It is now straightforward to see that clocks exactly the last position in the word, where holds. A symmetrical construction can be given for P-type modarg , for which clocks the first position in the word where holds. The following lemma states its key property which is obvious from the construction. Hence we omit its proof.

Lemma 2

Given a modarg and any timed word , let be a valuation where and for each modarg subformula of , and and . If is the clock valuation at the end of the run of starting with , then , for each , and additionally,

  • if is F modarg then .

  • if is P modarg then .

Theorem 3.1

For any formula , there is a language-equivalent whose size is linear in the modal-DAG size of the formula. Hence, satisfiability of is in NP.

Proof

Assume that is in the normal form as described in Definition 2. Note that reduction to normal form results in a linear blow-up in the modal-DAG size of the formula (Proposition 1). The construction of the complete automaton is as follows. In an initial pass, all the clocks are set to . Then, the component automata for clocking modargs () are composed in sequence with innermost modargs being evaluated first. This bottom-up construction, gives us the initial-valuation conditions at every level of induction, as required in Lemma 2. Finally, the validity of at the first position may be checked.

This construction, gives a language-equivalent whose number of states is linear in the number of nodes in the DAG of and the largest constant in the guards of is equal to the largest constant in the interval constraints of . From [PS10], we know that the non-emptiness of may be checked in NP-time. Hence we can conclude that satisfiability of formulas is decidable in NP-time.

3.2 From to

Theorem 3.2

Given a , we may derive an equivalent formula such that

We shall first illustrate the reduction of to by giving a language equivalent formula for the in Example 1. This first scans in the forward direction and clocks the first in the time interval (this is a bounded constraint), and then checks if there is a exactly 1 time unit to its past by a backward scan (this is a punctual constraint). The automaton contains guards with both upper and lower bound constraints as well as a punctual constraints. It is critical for our reduction that the progress transitions are satisfied at unique positions in the word.

Consider the following formulas. Define as the formula which holds only at the first position in the word.
         
         
         
The formula holds at any within the time interval . The formula holds at the unique first in . The formula holds at the initial position in a word iff the first in has a exactly 1 time unit behind it. Note that the correctness of relies on the uniqueness of the position where holds. The uniqueness of the positions at which the progress transitions are taken, is the key property that allows us to express even punctual constraints (occurring in the guards of progress transitions) using only lower-bound constraints as interval constraints in the formula. It is easy to verify that the formula exactly accepts the timed words that are accepted by the in example 1.

Translation from to

Consider . We shall derive a language-equivalent formula for the automaton. Since run on words that are delimited by end-markers, for the sake of simplicity in presentation, we shall derive the corresponding formula over the extended alphabet . However a language equivalent formula over may be derived with minor modifications to the construction described below.

Theorem 3.3

Given a , we may derive an formula such that