Model Checking Discounted Temporal Properties
Abstract
Temporal logic is two-valued: formulas are interpreted as either true or false. When applied to the analysis of stochastic systems, or systems with imprecise formal models, temporal logic is therefore fragile: even small changes in the model can lead to opposite truth values for a specification. We present a generalization of the branching-time logic C(sub TL) which achieves robustness with respect to model perturbations by giving a quantitative interpretation to predicates and logical operators, and by discounting the importance of events according to how late they occur. In every state, the value of a formula is a real number in the interval [0,1], where 1 corresponds to truth and 0 to falsehood. The boolean operators and or are replaced by min and max, the path quantifiers for all possible futures and some possible futures determine sup and inf over all paths from a given state, and the temporal operators for always and eventually specify sup and inf over a given path; a new operator averages all values along a path. Furthermore, all path operators are discounted by a parameter that can be chosen to give more weight to states that are closer to the beginning of the path. We interpret the resulting logic D(sub C(SUB TL)) over transition systems, Markov chains, and Markov decision processes. We present two semantics for D(sub C(SUB TL)): a path semantics, inspired by the standard interpretation of state and path formulas in C(sub TL), and a fixpoint semantics, inspired by the micro-calculus evaluation of C(sub TL) formulas. We show that, while these semantics coincide for C(sub TL), they differ for D(sub CTL), and we provide model-checking algorithms for both semantics.
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 13, 2005
- Accession Number
- ADA457138
Entities
People
- Luca De Alfaro
- Marco Faella
- Marieelle Stoelinga
- Rupak Majumdar
- Thomas Henzinger
Organizations
- University of California, Santa Cruz