强直到
Its 正式定义 is:
M, sk ⊨ ϕ U ψ
∃ j ∈ N 。
(j≥k)∧
∀ i ∈ N . ((k ≤ i < j) ⇒ (<si, si+1> ∈ Rt)) ∧
(M, sj ⊨ ψ) ∧
∀ i ∈ N . ((k ≤ i < j) ⇒ (M, si ⊨ ϕ))
where
解释:
Conditions (1)-(2) enforce the sequence of states (sk, sk+1, ..., sj, ...) to be a valid execution path of the transition system over which the ltl formula can be evaluated.
Condition (3) forces ψ to hold in sj.
Condition (4) forces ϕ to hold in any state si that lies along the path from sk (included) up to sj (excluded).
Since an implication with a false premise is always true, the logical implication inside condition (4) is trivially satisfied for any i that lies outside of the range [k, j). Whenever j is picked to be equal to k, as in your question, the range [k, j) = [k, k) is empty and any choice of i lies outside said interval. In this case, regardless of the fact M, s ⊨ ϕ holds (or not) for some s, condition (4) is trivially satisfied for any choice of i and it no longer imposes any constraint over the execution path (sk, sk+1, ..., sj, ...). In other words, when j = k condition (4) no longer provides any meaningful contribution to the verification of property ϕ U ψ over the state sk.
弱直到
之间的区别弱直到,特此表示为ϕ W ψ, and 强直到就是它弱直到也满足任何执行路径 s.t.G (ϕ ∧ ¬ψ), 然而强直到强迫F ψ.
实例分析
该物业p0
[] ((state == Reverse) U (state != Reverse))
需要p1
((state == Reverse) U (state != Reverse))
保持系统的每一个状态。我会崩溃p1为了清楚起见,分为两个部分,并定义ϕ平等state == Reverse and ψ平等state != Reverse (note: ϕ <-> !ψ).
为了简化问题,我们假设您的系统由以下三种状态组成:
-
s_0:常规状态,这也恰好是初始状态
-
s_1: 反向状态
-
s_2:最终状态
为了p0持有,p1对于这些状态中的每一个都必须成立。
- 处于状态s_0该财产ψ成立,因此p1也适用于
j equal 0.
- 处于状态s_1该财产ψ is
false。然而,我们有这样的ϕ坚持s_1 and ψ坚持s_2这是它的直接且唯一的继承者。所以财产p1坚持s_1.
- 处于状态s_2该财产ψ is
true, so p1又是微不足道的满足了。
