In logic, philosophy, and theoretical computer science, dynamic logic is an extension of modal logic capable of encoding properties of computer programs.
A simple example of a statement in dynamic logic is
which states that if the ground is currently dry and it rains, then afterwards the ground will be wet.
The syntax of dynamic logic contains a language of propositions (like "the ground is dry") and a language of actions (like "it rains"). The core modal constructs are , which states that after performing action a the proposition p should hold, and , which states that after performing action a it is possible that p holds. The action language supports operations (doing one action followed by another), (doing one action or another), and iteration (doing one action zero or more times). The proposition language supports Boolean operations (and, or, and not). The action logic is expressive enough to encode programs. For an arbitrary program , precondition , and postcondition , the dynamic logic statement encodes the correctness of the program, making dynamic logic more general than Hoare logic.
Beyond its use in formal verification of programs, dynamic logic has been applied to describe complex behaviors arising in linguistics, philosophy, AI, and other fields.
Modal logic is characterized by the modal operators (box p) asserting that is necessarily the case, and (diamond p) asserting that is possibly the case. Dynamic logic extends this by associating to every action the modal operators and , thereby making it a multimodal logic. The meaning of is that after performing action it is necessarily the case that holds, that is, must bring about . The meaning of is that after performing it is possible that holds, that is, might bring about . These operators dual to each other, which means they are related by and , analogously to the relationship between the universal () and existential () quantifiers.
Dynamic logic permits compound actions built up from smaller actions. While the basic control operators of any programming language could be used for this purpose, Kleene's regular expression operators are a good match to modal logic. Given actions and , the compound action , choice, also written or , is performed by performing one of or . The compound action , sequence, is performed by performing first and then . The compound action , iteration, is performed by performing zero or more times, sequentially. The constant action or BLOCK does nothing and does not terminate, whereas the constant action or SKIP or NOP, definable as , does nothing but does terminate.
These operators can be axiomatized in dynamic logic as follows, taking as already given a suitable axiomatization of modal logic including such axioms for modal operators as the above-mentioned axiom and the two inference rules modus ponens ( and implies ) and necessitation ( implies ).
A1.
A2.
A3.
A4.
A5.
A6.
Axiom A1 makes the empty promise that when BLOCK terminates, will hold, even if is the proposition false. (Thus BLOCK abstracts the essence of the action of hell freezing over.)
A2 says that NOP acts as the identity function on propositions, that is, it transforms into itself.
A3 says that if doing one of or must bring about , then must bring about and likewise for , and conversely.
A4 says that if doing and then must bring about , then must bring about a situation in which must bring about .
A5 is the evident result of applying A2, A3 and A4 to the equation of Kleene algebra.
A6 asserts that if holds now, and no matter how often we perform it remains the case that the truth of after that performance entails its truth after one more performance of , then must remain true no matter how often we perform . A6 is recognizable as mathematical induction with the action n := n+1 of incrementing n generalized to arbitrary actions .
The modal logic axiom permits the derivation of the following six theorems corresponding to the above:
T1.
T2.
T3.
T4.
T5.
T6.
T1 asserts the impossibility of bringing anything about by performing BLOCK.
T2 notes again that NOP changes nothing, bearing in mind that NOP is both deterministic and terminating whence and have the same force.
T3 says that if the choice of or could bring about , then either or alone could bring about .
T4 is just like A4.
T5 is explained as for A5.
T6 asserts that if it is possible to bring about by performing sufficiently often, then either is true now or it is possible to perform repeatedly to bring about a situation where is (still) false but one more performance of could bring about .
Box and diamond are entirely symmetric with regard to which one takes as primitive. An alternative axiomatization would have been to take the theorems T1–T6 as axioms, from which we could then have derived A1–A6 as theorems.
The difference between implication and inference is the same in dynamic logic as in any other logic: whereas the implication asserts that if is true then so is , the inference asserts that if is valid then so is . However the dynamic nature of dynamic logic moves this distinction out of the realm of abstract axiomatics into the common-sense experience of situations in flux. The inference rule , for example, is sound because its premise asserts that holds at all times, whence no matter where might take us, will be true there. The implication is not valid, however, because the truth of at the present moment is no guarantee of its truth after performing . For example, will be true in any situation where is false, or in any situation where is true, but the assertion is false in any situation where has value 1, and therefore is not valid.
As for modal logic, the inference rules modus ponens and necessitation suffice also for dynamic logic as the only primitive rules it needs, as noted above. However, as usual in logic, many more rules can be derived from these with the help of the axioms. An example instance of such a derived rule in dynamic logic is that if kicking a broken TV once can't possibly fix it, then repeatedly kicking it can't possibly fix it either. Writing for the action of kicking the TV, and for the proposition that the TV is broken, dynamic logic expresses this inference as , having as premise and as conclusion . The meaning of is that it is guaranteed that after kicking the TV, it is broken. Hence the premise means that if the TV is broken, then after kicking it once it will still be broken. denotes the action of kicking the TV zero or more times. Hence the conclusion means that if the TV is broken, then after kicking it zero or more times it will still be broken. For if not, then after the second-to-last kick the TV would be in a state where kicking it once more would fix it, which the premise claims can never happen under any circumstances.
The inference is sound. However the implication is not valid because we can easily find situations in which holds but does not. In any such counterexample situation, must hold but must be false, while however must be true. But this could happen in any situation where the TV is broken but can be revived with two kicks. The implication fails (is not valid) because it only requires that hold now, whereas the inference succeeds (is sound) because it requires that hold in all situations, not just the present one.
An example of a valid implication is the proposition . This says that if is greater or equal to 3, then after incrementing , must be greater or equal to 4. In the case of deterministic actions that are guaranteed to terminate, such as , must and might have the same force, that is, and have the same meaning. Hence the above proposition is equivalent to asserting that if is greater or equal to 3 then after performing , might be greater or equal to 4.
The general form of an assignment statement is where is a variable and is an expression built from constants and variables with whatever operations are provided by the language, such as addition and multiplication. The Hoare axiom for assignment is not given as a single axiom but rather as an axiom schema.
A7.
This is a schema in the sense that can be instantiated with any formula containing zero or more instances of a variable . The meaning of is with those occurrences of that occur free in , i.e. not bound by some quantifier as in , replaced by . For example, we may instantiate A7 with , or with . Such an axiom schema allows infinitely many axioms having a common form to be written as a finite expression connoting that form.
The instance of A7 allows us to calculate mechanically that the example encountered a few paragraphs ago is equivalent to , which in turn is equivalent to by elementary algebra.
An example illustrating assignment in combination with is the proposition . This asserts that it is possible, by incrementing sufficiently often, to make equal to 7. This of course is not always true, e.g. if is 8 to begin with, or 6.5, whence this proposition is not a theorem of dynamic logic. If is of type integer however, then this proposition is true if and only if is at most 7 to begin with, that is, it is just a roundabout way of saying .
Mathematical induction can be obtained as the instance of A6 in which the proposition is instantiated as , the action as , and as . The first two of these three instantiations are straightforward, converting A6 to . However, the ostensibly simple substitution of for is not so simple as it brings out the so-called referential opacity of modal logic in the case when a modality can interfere with a substitution.
When we substituted for , we were thinking of the proposition symbol as a rigid designator with respect to the modality , meaning that it is the same proposition after incrementing as before, even though incrementing may impact its truth. Likewise, the action is still the same action after incrementing , even though incrementing will result in its executing in a different environment. However, itself is not a rigid designator with respect to the modality ; if it denotes 3 before incrementing , it denotes 4 after. So we can't just substitute for everywhere in A6.
One way of dealing with the opacity of modalities is to eliminate them. To this end, expand as the infinite conjunction , that is, the conjunction over all of . Now apply A4 to turn into , having modalities. Then apply Hoare's axiom times to this to produce , then simplify this infinite conjunction to . This whole reduction should be applied to both instances of in A6, yielding . The remaining modality can now be eliminated with one more use of Hoare's axiom to give .
With the opaque modalities now out of the way, we can safely substitute for in the usual manner of first-order logic to obtain Peano's celebrated axiom , namely mathematical induction.
One subtlety we glossed over here is that should be understood as ranging over the natural numbers, where is the superscript in the expansion of as the union of over all natural numbers . The importance of keeping this typing information straight becomes apparent if had been of type integer, or even real, for any of which A6 is perfectly valid as an axiom. As a case in point, if is a real variable and is the predicate is a natural number, then axiom A6 after the first two substitutions, that is, , is just as valid, that is, true in every state regardless of the value of in that state, as when is of type natural number. If in a given state is a natural number, then the antecedent of the main implication of A6 holds, but then is also a natural number so the consequent also holds. If is not a natural number, then the antecedent is false and so A6 remains true regardless of the truth of the consequent. We could strengthen A6 to an equivalence without impacting any of this, the other direction being provable from A5, from which we see that if the antecedent of A6 does happen to be false somewhere, then the consequent must be false.
Dynamic logic associates to every proposition an action called a test. When holds, the test acts as a NOP, changing nothing while allowing the action to move on. When is false, acts as BLOCK. Tests can be axiomatized as follows.
A8.
The corresponding theorem for is:
T8.
The construct if p then a else b is realized in dynamic logic as . This action expresses a guarded choice: if holds then is equivalent to , whereas is equivalent to BLOCK, and is equivalent to . Hence when is true the performer of the action can only take the left branch, and when is false the right.
The construct while p do a is realized as . This performs zero or more times and then performs . As long as remains true, the at the end blocks the performer from terminating the iteration prematurely, but as soon as it becomes false, further iterations of the body are blocked and the performer then has no choice but to exit via the test .
The random-assignment statement denotes the nondeterministic action of setting to an arbitrary value. then says that holds no matter what you set to, while says that it is possible to set to a value that makes true. thus has the same meaning as the universal quantifier , while similarly corresponds to the existential quantifier . That is, first-order logic can be understood as the dynamic logic of programs of the form .
Dijkstra claimed to show the impossibility of a program that sets the value of variable to an arbitrary positive integer. [1] However, in dynamic logic with assignment and the * operator, can be set to an arbitrary positive integer with the dynamic logic program . Hence we must either reject Dijkstra's argument or hold that the * operator is not effective.
Modal logic is most commonly interpreted in terms of possible world semantics or Kripke structures. This semantics carries over naturally to dynamic logic by interpreting worlds as states of a computer in the application to program verification, or states of our environment in applications to linguistics, AI, etc. One role for possible world semantics is to formalize the intuitive notions of truth and validity, which in turn permit the notions of soundness and completeness to be defined for axiom systems. An inference rule is sound when validity of its premises implies validity of its conclusion. An axiom system is sound when all its axioms are valid and its inference rules are sound. An axiom system is complete when every valid formula is derivable as a theorem of that system. These concepts apply to all systems of logic including dynamic logic.
Ordinary or first-order logic has two types of terms, respectively assertions and data. As can be seen from the examples above, dynamic logic adds a third type of term denoting actions. The dynamic logic assertion contains all three types: , , and are data, is an action, and and are assertions. Propositional logic is derived from first-order logic by omitting data terms and reasons only about abstract propositions, which may be simple propositional variables or atoms or compound propositions built with such logical connectives as and, or, and not.
Propositional dynamic logic, or PDL, was derived from dynamic logic in 1977 by Michael J. Fischer and Richard Ladner. PDL blends the ideas behind propositional logic and dynamic logic by adding actions while omitting data; hence the terms of PDL are actions and propositions. The TV example above is expressed in PDL whereas the next example involving is in first-order dynamic logic. PDL is to (first-order) dynamic logic as propositional logic is to first-order logic.
Fischer and Ladner showed in their 1977 paper that PDL satisfiability was of computational complexity at most nondeterministic exponential time, and at least deterministic exponential time in the worst case. This gap was closed in 1978 by Vaughan Pratt who showed that PDL was decidable in deterministic exponential time. In 1977, Krister Segerberg proposed a complete axiomatization of PDL, namely any complete axiomatization of modal logic K together with axioms A1–A6 as given above. Completeness proofs for Segerberg's axioms were found by Gabbay (unpublished note), Parikh (1978), Pratt (1979), and Kozen and Parikh (1981).
Dynamic logic was developed by Vaughan Pratt in 1974 in notes for a class on program verification as an approach to assigning meaning to Hoare logic by expressing the Hoare formula as . The approach was later published in 1976 as a logical system in its own right. The system parallels Andrzej Salwicki's system of algorithmic logic [2] and Edsger Dijkstra's notion of weakest-precondition predicate transformer , with corresponding to Dijkstra's , weakest liberal precondition. Those logics however made no connection with either modal logic, Kripke semantics, regular expressions, or the calculus of binary relations. Dynamic logic therefore can be viewed as a refinement of algorithmic logic and predicate transformers that connects them up to the axiomatics and Kripke semantics of modal logic as well as to the calculi of binary relations and regular expressions.
Hoare logic, algorithmic logic, weakest preconditions, and dynamic logic are all well suited to discourse and reasoning about sequential behavior. Extending these logics to concurrent behavior however has proved problematic. There are various approaches but all of them lack the elegance of the sequential case. In contrast Amir Pnueli's 1977 system of temporal logic, another variant of modal logic sharing many common features with dynamic logic, differs from all of the above-mentioned logics by being what Pnueli has characterized as an "endogenous" logic, the others being "exogenous" logics. By this Pnueli meant that temporal logic assertions are interpreted within a universal behavioral framework in which a single global situation changes with the passage of time, whereas the assertions of the other logics are made externally to the multiple actions about which they speak. The advantage of the endogenous approach is that it makes no fundamental assumptions about what causes what as the environment changes with time. Instead a temporal logic formula can talk about two unrelated parts of a system, which because they are unrelated tacitly evolve in parallel. In effect ordinary logical conjunction of temporal assertions is the concurrent composition operator of temporal logic. The simplicity of this approach to concurrency has resulted in temporal logic being the modal logic of choice for reasoning about concurrent systems with its aspects of synchronization, interference, independence, deadlock, livelock, fairness, etc.
First-order logic—also called predicate logic, predicate calculus, quantificational logic—is a collection of formal systems used in mathematics, philosophy, linguistics, and computer science. First-order logic uses quantified variables over non-logical objects, and allows the use of sentences that contain variables, so that rather than propositions such as "Socrates is a man", one can have expressions in the form "there exists x such that x is Socrates and x is a man", where "there exists" is a quantifier, while x is a variable. This distinguishes it from propositional logic, which does not use quantifiers or relations; in this sense, propositional logic is the foundation of first-order logic.
The propositional calculus is a branch of logic. It is also called propositional logic, statement logic, sentential calculus, sentential logic, or sometimes zeroth-order logic. It deals with propositions and relations between propositions, including the construction of arguments based on them. Compound propositions are formed by connecting propositions by logical connectives representing the truth functions of conjunction, disjunction, implication, biconditional, and negation. Some sources include other connectives, as in the table below.
In Boolean logic, a formula is in conjunctive normal form (CNF) or clausal normal form if it is a conjunction of one or more clauses, where a clause is a disjunction of literals; otherwise put, it is a product of sums or an AND of ORs. As a canonical normal form, it is useful in automated theorem proving and circuit theory.
Intuitionistic logic, sometimes more generally called constructive logic, refers to systems of symbolic logic that differ from the systems used for classical logic by more closely mirroring the notion of constructive proof. In particular, systems of intuitionistic logic do not assume the law of the excluded middle and double negation elimination, which are fundamental inference rules in classical logic.
In mathematics, constructive analysis is mathematical analysis done according to some principles of constructive mathematics.
Modal logic is a kind of logic used to represent statements about necessity and possibility. It plays a major role in philosophy and related fields as a tool for understanding concepts such as knowledge, obligation, and causation. For instance, in epistemic modal logic, the formula can be used to represent the statement that is known. In deontic modal logic, that same formula can represent that is a moral obligation. Modal logic considers the inferences that modal statements give rise to. For instance, most epistemic modal logics treat the formula as a tautology, representing the principle that only true statements can count as knowledge. However, this formula is not a tautology in deontic modal logic, since what ought to be true can be false.
In mathematical logic, Löb's theorem states that in Peano arithmetic (PA) (or any formal system including PA), for any formula P, if it is provable in PA that "if P is provable in PA then P is true", then P is provable in PA. If Prov(P) means that the formula P is provable, we may express this more formally as
Computation tree logic (CTL) is a branching-time logic, meaning that its model of time is a tree-like structure in which the future is not determined; there are different paths in the future, any one of which might be an actual path that is realized. It is used in formal verification of software or hardware artifacts, typically by software applications known as model checkers, which determine if a given artifact possesses safety or liveness properties. For example, CTL can specify that when some initial condition is satisfied, then all possible executions of a program avoid some undesirable condition. In this example, the safety property could be verified by a model checker that explores all possible transitions out of program states satisfying the initial condition and ensures that all such executions satisfy the property. Computation tree logic belongs to a class of temporal logics that includes linear temporal logic (LTL). Although there are properties expressible only in CTL and properties expressible only in LTL, all properties expressible in either logic can also be expressed in CTL*.
Kripke semantics is a formal semantics for non-classical logic systems created in the late 1950s and early 1960s by Saul Kripke and André Joyal. It was first conceived for modal logics, and later adapted to intuitionistic logic and other non-classical systems. The development of Kripke semantics was a breakthrough in the theory of non-classical logics, because the model theory of such logics was almost non-existent before Kripke.
In logic, a rule of inference is admissible in a formal system if the set of theorems of the system does not change when that rule is added to the existing rules of the system. In other words, every formula that can be derived using that rule is already derivable without that rule, so, in a sense, it is redundant. The concept of an admissible rule was introduced by Paul Lorenzen (1955).
The Kripke–Platek set theory with urelements (KPU) is an axiom system for set theory with urelements, based on the traditional (urelement-free) Kripke–Platek set theory. It is considerably weaker than the (relatively) familiar system ZFU. The purpose of allowing urelements is to allow large or high-complexity objects to be included in the theory's transitive models without disrupting the usual well-ordering and recursion-theoretic properties of the constructible universe; KP is so weak that this is hard to do by traditional means.
In mathematical logic, Heyting arithmetic is an axiomatization of arithmetic in accordance with the philosophy of intuitionism. It is named after Arend Heyting, who first proposed it.
In the foundations of mathematics, Morse–Kelley set theory (MK), Kelley–Morse set theory (KM), Morse–Tarski set theory (MT), Quine–Morse set theory (QM) or the system of Quine and Morse is a first-order axiomatic set theory that is closely related to von Neumann–Bernays–Gödel set theory (NBG). While von Neumann–Bernays–Gödel set theory restricts the bound variables in the schematic formula appearing in the axiom schema of Class Comprehension to range over sets alone, Morse–Kelley set theory allows these bound variables to range over proper classes as well as sets, as first suggested by Quine in 1940 for his system ML.
Epistemic modal logic is a subfield of modal logic that is concerned with reasoning about knowledge. While epistemology has a long philosophical tradition dating back to Ancient Greece, epistemic logic is a much more recent development with applications in many fields, including philosophy, theoretical computer science, artificial intelligence, economics and linguistics. While philosophers since Aristotle have discussed modal logic, and Medieval philosophers such as Avicenna, Ockham, and Duns Scotus developed many of their observations, it was C. I. Lewis who created the first symbolic and systematic approach to the topic, in 1912. It continued to mature as a field, reaching its modern form in 1963 with the work of Kripke.
Axiomatic constructive set theory is an approach to mathematical constructivism following the program of axiomatic set theory. The same first-order language with "" and "" of classical set theory is usually used, so this is not to be confused with a constructive types approach. On the other hand, some constructive theories are indeed motivated by their interpretability in type theories.
In mathematics, a set is inhabited if there exists an element .
In theoretical computer science, the modal μ-calculus is an extension of propositional modal logic by adding the least fixed point operator μ and the greatest fixed point operator ν, thus a fixed-point logic.
In mathematics and philosophy, Łukasiewicz logic is a non-classical, many-valued logic. It was originally defined in the early 20th century by Jan Łukasiewicz as a three-valued modal logic; it was later generalized to n-valued as well as infinitely-many-valued (ℵ0-valued) variants, both propositional and first order. The ℵ0-valued version was published in 1930 by Łukasiewicz and Alfred Tarski; consequently it is sometimes called the Łukasiewicz–Tarski logic. It belongs to the classes of t-norm fuzzy logics and substructural logics.
Dynamic epistemic logic (DEL) is a logical framework dealing with knowledge and information change. Typically, DEL focuses on situations involving multiple agents and studies how their knowledge changes when events occur. These events can change factual properties of the actual world : for example a red card is painted in blue. They can also bring about changes of knowledge without changing factual properties of the world : for example a card is revealed publicly to be red. Originally, DEL focused on epistemic events. We only present in this entry some of the basic ideas of the original DEL framework; more details about DEL in general can be found in the references.
A non-normal modal logic is a variant of modal logic that deviates from the basic principles of normal modal logics.