User:PhS/CTL

This is my draft for a CTL article -- PhS 21:58, 13 February 2006 (UTC)

CTL, the Computation tree logic, is a temporal logic used in computer science. It arose in the 1980s as a convenient formalism for stating and checking behavioral properties of systems and played in a key rôle in the early development of model checking. Nowadays, the widespread use of powerful symbolic CTL-based model checkers makes it one of the most famous temporal logics.

CTL can express statements about the correctness of a system's behavior, like for example "pressing a stop button is always eventually followed by the system shutting down but not before the engine halts". It is then possible to check automatically whether such statements are satisfied by a given actual system model, a procedure called model checking.

The popularity of CTL comes from the good compromise it offers between, on the one hand, its simplicity and expressive power, and on the other hand, the existence of simple and efficient model-checking methods for CTL statements.

CTL formulae and their meaning

CTL views the behavior of a nondeterministic system as a set of runs, or computations, arranged in a branching tree of configurations. Times progresses when one moves along a run, from past configurations to future ones.

A picture illustrating a tree of configurations is needed here

Simple CTL modalities

A CTL formula states a property of some current configuration. This property can refer to properties at other configurations that may happen in the future.

For example, the formula ${\displaystyle EFp}$  states that there is a possible future configuration where ${\displaystyle p}$  holds. One can read it as "${\displaystyle p}$  is possible", or "${\displaystyle p}$  may happen the future".

The formula ${\displaystyle AFp}$  states that whatever path is followed, some configuration where ${\displaystyle p}$  holds will eventually be reached. It can be read as "${\displaystyle p}$  is inevitable", or "${\displaystyle p}$  will happen in the future".

In the above examples, ${\displaystyle EF}$  and ${\displaystyle AF}$  are modalities. They link "simpler" statements about other configurations in order to build a "more complex" statement about the current configuration. They also define how these configurations are linked. With ${\displaystyle EF}$  we require one configuration reachable from the current configuration, hence a configuration that may happen in the future. With ${\displaystyle AF}$  we also refer to one future configuration but we require at least one such configuration along every run that start from the current configuration. Hence we require a set of configurations that will inevitably be visited.

Other CTL modalities

Other modalities are ${\displaystyle EG}$  and ${\displaystyle AG}$ . ${\displaystyle EGp}$  states that there is a run along which ${\displaystyle p}$  is always verified. One can read it as "it is possible that ${\displaystyle p}$  always holds." ${\displaystyle AGp}$  states that all reachable configurations satisfy ${\displaystyle p}$ , hence ${\displaystyle p}$  will always hold whatever path is chosen. One can read it as "${\displaystyle p}$  will always holds."

Combining modalities

Checking CTL formulae over systems

The expressive power of CTL

Extensions of CTL

Bibliography

rest of the article comes from the original one

Operators

Logical operators

The logical operators are the usual ones: ${\displaystyle \neg ,\lor ,\land ,\rightarrow }$  and ${\displaystyle \leftrightarrow }$ . Along with these operators CTL formulas can also make use of the boolean constants true and false.

Temporal operators

The temporal operators are the following:

State operators

These operators "select" states.

Unary operators

• N ${\displaystyle \phi }$  - Next: ${\displaystyle \phi }$  has to hold at the next state (this operator is sometimes noted X instead of N).
• G ${\displaystyle \phi }$  - Globally: ${\displaystyle \phi }$  has to hold on the entire subsequent path.
• F ${\displaystyle \phi }$  - Finally: ${\displaystyle \phi }$  eventually has to hold (somewhere on the subsequent path).

Binary operators:

• ${\displaystyle \phi }$  U ${\displaystyle \psi }$  - Until: ${\displaystyle \phi }$  has to hold until at some position ${\displaystyle \psi }$  holds. This implies that ${\displaystyle \psi }$  will be verified in the future.
• ${\displaystyle \phi }$  W ${\displaystyle \psi }$  - Weak until: ${\displaystyle \phi }$  has to hold until ${\displaystyle \psi }$  holds. The difference with U is that there is no guarantee that ${\displaystyle \psi }$  will ever be verified. The W operator is sometimes called "unless".

Path operators

These operators "select" paths.

• A ${\displaystyle \phi }$  - All: ${\displaystyle \phi }$  has to hold on all paths starting from the current state.
• E ${\displaystyle \phi }$  - Exists: there exists at least one path starting from the current state where ${\displaystyle \phi }$  holds.

Relations with other logics

EME90 ^[1], MC ^[2], CTL vs. CTL+ ^[3], etc.

Computational tree logic (CTL) is a subset of CTL*.

See also

• Linear temporal logic

References

1. Emerson, E. A. and Halpern, J. Y. (1985). "Decision procedures and expressiveness in the temporal logic of branching time". Journal of Computer and System Sciences. 30 (1): 1–24.
2. Clarke, E. M., Emerson, E. A., and Sistla, A. P. (1986). "Automatic verification of finite-state concurrent systems using temporal logic specifications". ACM Transactions on Programming Languages and Systems. 8 (2): 244–263.
3. Emerson, E. A. (1990). "Temporal and modal logic". In J. van Leeuwen (ed.) (ed.). Handbook of Theoretical Computer Science, vol. B. MIT Press. pp. pp. 955–1072. ISBN 0262220393. {{cite book}}: |editor= has generic name (help); |pages= has extra text (help)