On the synthesis of a reactive module
POPL '89 Proceedings of the 16th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On the development of reactive systems
Logics and models of concurrent systems
The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
Model Checking of Safety Properties
Formal Methods in System Design
LPAR '01 Proceedings of the Artificial Intelligence on Logic for Programming
The temporal logic of programs
SFCS '77 Proceedings of the 18th Annual Symposium on Foundations of Computer Science
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
A Framework for Inherent Vacuity
HVC '08 Proceedings of the 4th International Haifa Verification Conference on Hardware and Software: Verification and Testing
Temporal-Logic-Based Reactive Mission and Motion Planning
IEEE Transactions on Robotics
Hi-index | 0.00 |
Of special interest in verification are safety properties, which assert that the system always stays within some allowed region. For closed systems, the theoretical properties of safety properties as well as their practical advantages with respect to general properties are well understood. For open (a.k.a. reactive) systems, whose behavior depends on their on-going interaction with the environment, the common practice is to use the definition and algorithms of safety for closed systems, ignoring the distinction between input and output signals. In a recent work, Ehlers and Finkbeiner introduced reactive safety --- a definition of safety for the setting of open systems. Essentially, reactive safety properties require the system to stay in a region of states that is both allowed and from which the environment cannot force it out. In this paper we continue their study and extend it to other families of properties. In the setting of closed systems, each safety property induces a set of finite bad prefixes --- ones after which the property must be violated. The notion of bad prefixes enables a reduction of reasoning about safety properties to reasoning about properties of finite computations. We study reactive bad prefixes, their detection in theory and in practice, and their approximation by either a non-reactive safety property or by reasoning about the syntax of the formula. We study the dual notion, of reactive co-safety properties, and the corresponding theory of reactive good prefixes. For both safety and co-safety properties, we relate the definitions in the closed and open settings, and argue that our approach strictly extends the range of properties for which we can apply algorithms that are based on finite computations. Since the reactive setting is particularly challenging for general properties, such an application is significant in practice.