On module checking and strategies
نویسندگان
چکیده
Two decision problems are very close in spirit: module checking of CTL/CTL* and model checking of ATL/ATL*. The latter appears to be a natural multi-agent extension of the former, and it is commonly believed that model checking of ATL(*) subsumes module checking of CTL(*) in a straightforward way. Perhaps because of that, the exact relationship between the two has never been formally established. A more careful look at the known complexity results, however, makes one realize that the relationship is somewhat suspicious. In particular, module checking of CTL is EXPTIME-complete, while model checking of ATL is only P-complete. Thus, the (seemingly) less expressive framework yields significantly higher computational complexity than the (seemingly) more expressive one. This suggests that the relationship may not be as simple as believed. In this paper, we show that the difference is indeed fundamental. The way in which behavior of the environment is understood in module checking cannot be equivalently characterized in ATL(*). Conversely, if one wants to embed module checking in ATL(*) then its semantics must be extended with two essential features, namely nondeterministic strategies and long-term commitment to strategies.
منابع مشابه
On the Complexity of ATL and ATL* Module Checking
Module checking has been introduced in late 1990s to verify open systems, i.e., systems whose behavior depends on the continuous interaction with the environment. Classically, module checking has been investigated with respect to specifications given as CTL and CTL∗ formulas. Recently, it has been shown that CTL (resp., CTL∗) module checking offers a distinctly different perspective from the be...
متن کاملIntegrated module testing and module verification
In this dissertation an integrated approach to formal module verification by model checking andmodule testing is described. The main focus lays on the verification of C functions. Specification-based testing and functional verification require a formalized module specification. For this purposean annotation language as an extension of a pre-/post-condition syntax is developed and di...
متن کاملModule Checking Revisited
When we verify the correctness of an open system with respect to a desired requirement, we should take into consideration the different environments with which the system may interact. Each environment induces a different behavior of the system, and we want all these behaviors to satisfy the requirement. Module checking is an algorithmic method that checks, given an open system (modeled as a fi...
متن کاملPushdown Module Checking for Branching-Time Temporal Logics
In system modeling, a main distinction is between closed systems, whose behavior is totally determined by the program, and open systems, which are systems where the program interacts with an external environment [HP85, Hoa85]. In order to check whether a closed system satisfies a required property, we translate the system into a formal model (such as a transition system), specify the property w...
متن کاملModule Checking
In computer system design, we distinguish between closed and open systems. A closed system is a system whose behavior is completely determined by the state of the system. An open system is a system that interacts with its environment and whose behavior depends on this interaction. The ability of temporal logics to describe an ongoing interaction of a reactive program with its environment makes ...
متن کامل