Metric Temporal Logic Formulas Research Articles

Automated formalization of structured natural language requirements

The use of structured natural languages to capture requirements provides a reasonable trade-off between ambiguous natural language and unintuitive formal notations. There are two major challenges in making structured natural language amenable to formal analysis: (1) formalizing requirements as formulas that can be processed by analysis tools and (2) ensuring that the formulas conform to the semantics of the structured natural language. fretish is a structured natural language that incorporates features from existing research and from NASA applications. Even though fretish is quite expressive, its underlying semantics is determined by the types of four fields: scope, condition, timing, and response. Each combination of field types defines a template with Real-Time Graphical Interval Logic (RTGIL) semantics. We have developed a framework that constructs temporal logic formulas for each template compositionally, from its fields. The compositional nature of our algorithms facilitates maintenance and extensibility. Our goal is to be inclusive not only in terms of language expressivity, but also in terms of requirements analysis tools that we can interface with. For this reason we generate metric-temporal logic formulas with (1) exclusively future-time operators, over both finite and infinite traces, and (2) exclusively past-time operators. To establish trust in the produced formalizations for each template, our framework: (1) extensively tests the generated formulas against the template semantics and (2) proves equivalence between its past-time and future-time formulas. Our approach is available through the open-source tool fret and has been used to capture and analyze requirements for a Lockheed Martin Cyber–Physical System challenge.

Robust Temporal Logic Inference for Provably Correct Fault Detection and Privacy Preservation of Switched Systems

In complex cyber-physical system operations, fault detection needs to be performed using limited state information for practicality and privacy concerns. While a well-designed observation can distinguish a faulty behavior from the normal behavior, it can also represent the action of hiding some of the state information or discrete mode switchings. In this paper, we present a method for constructing the observation maps in the form of metric temporal logic (MTL) formulas that can be formally proven to detect fault in a switched system, while preserving certain privacy conditions. We provide a theoretical framework of robust temporal logic inference for classification of switched system trajectories with spatial and temporal uncertainties. We simulate finitely many nominal trajectories and use the robust neighborhoods around the simulated trajectories to cover the infinite trajectories that constitute the system behavior. Thus, the designed observation maps with the inferred MTL formulas can detect fault and preserve privacy in a provably correct fashion. Our approach is implemented on the simulation model of a smart building testbed to detect thermal leakage in the room, while preserving multiple privacy conditions of the room occupancy.

Bounded variability of metric temporal logic

Deciding validity of Metric Temporal Logic (MTL) formulas is generally very complex and even undecidable over dense time domains; bounded variability is one of the several restrictions that have been proposed to bring decidability back. A temporal model has bounded variability if no more than v events occur over any time interval of length V, for constant parameters v and V. Previous work has shown that MTL validity over models with bounded variability is less complex—and often decidable—than MTL validity over unconstrained models. This paper studies the related problem of deciding whether an MTL formula has intrinsic bounded variability, that is whether it is satisfied only by models with bounded variability. The results of the paper are mainly negative: over dense time domains, the problem is mostly undecidable (even if with an undecidability degree that is typically lower than deciding validity); over discrete time domains, it is decidable with the same complexity as deciding validity. As a partial complement to these negative results, the paper also identifies MTL fragments where deciding bounded variability is simpler than validity, which may provide for a reduction in complexity in some practical cases.

A Metric Temporal Logic Specification Interface for Real-Time Discrete-Event Control

In supervisory control of timed discrete-event systems (TDESs), a conceptually well founded finitary control synthesis framework is developed, and it requires specifications to be prescribed as finite (-trace) automata in the form of timed transition graphs (TTGs). However, prescribing real-time specifications as TTGs is a nontrivial task that must be resolved before the formal framework could expect to become widely used. In addressing this specification problem, metric temporal logic (MTL) is proposed in this paper as a control specification language for use with the TTG-based control synthesis framework. MTL is a designer-friendly formalism due to its human or natural language expressiveness and readability, and is well suited for specifying real-time control specifications. In automating TTG prescription, this paper proposes an MTL interface to the control synthesis framework. The interface is proved to be a correct and complete translation algorithm that converts finitary control specifications written in state-based MTL formulas for a given TDES model into deterministic finite TTGs. Integrated, the MTL interface and the control synthesis framework combine the human expressiveness and readability of MTL with the algorithmic computability of TTGs, and together provide a new and convenient MTL specification-based design tool for automated prescription of TTGs and real-time control synthesis. Illustrative examples demonstrate the utility of the MTL interface.

A theory of sampling for continuous-time metric temporal logic

This article revisits the classical notion of sampling in the setting of real-time temporal logics for the modeling and analysis of systems. The relationship between the satisfiability of metric temporal logic (MTL) formulas over continuous-time models and over discrete-time models is studied. It is shown to what extent discrete-time sequences obtained by sampling continuous-time signals capture the semantics of MTL formulas over the two time domains. The main results apply to “flat” formulas that do not nest temporal operators and can be applied to the problem of reducing the verification problem for MTL over continuous-time models to the same problem over discrete time, resulting in an automated partial practically efficient discretization technique.

Modeling and Analyzing Adaptive User-Centric Systems in Real-Time Maude

Pervasive user-centric applications are systems which are meant to sense the presence, mood, and intentions of users in order to optimize user comfort and performance. Building such applications requires not only state-of-the art techniques from artificial intelligence but also sound software engineering methods for facilitating modular design, runtime adaptation and verification of critical system requirements. In this paper we focus on high-level design and analysis, and use the algebraic rewriting language Real-Time Maude for specifying applications in a real-time setting. We propose a generic component-based approach for modeling pervasive user-centric systems and we show how to analyze and prove crucial properties of the system architecture through model checking and simulation. For proving time-dependent properties we use Metric Temporal Logic (MTL) and present analysis algorithms for model checking two subclasses of MTL formulas: time-bounded response and time-bounded safety MTL formulas. The underlying idea is to extend the Real-Time Maude model with suitable clocks, to transform the MTL formulas into LTL formulas over the extended specification, and then to use the LTL model checker of Maude. It is shown that these analyses are sound and complete for maximal time sampling. The approach is illustrated by a simple adaptive advertising scenario in which an adaptive advertisement display can react to actions of the users in front of the display.

Robustness of temporal logic specifications for continuous-time signals

In this paper, we consider the robust interpretation of Metric Temporal Logic (MTL) formulas over signals that take values in metric spaces. For such signals, which are generated by systems whose states are equipped with non-trivial metrics, for example continuous or hybrid, robustness is not only natural, but also a critical measure of system performance. Thus, we propose multi-valued semantics for MTL formulas, which capture not only the usual Boolean satisfiability of the formula, but also topological information regarding the distance, ε , from unsatisfiability. We prove that any other signal that remains ε -close to the initial one also satisfies the same MTL specification under the usual Boolean semantics. Finally, our framework is applied to the problem of testing formulas of two fragments of MTL, namely Metric Interval Temporal Logic (MITL) and closed Metric Temporal Logic (clMTL), over continuous-time signals using only discrete-time analysis. The motivating idea behind our approach is that if the continuous-time signal fulfills certain conditions and the discrete-time signal robustly satisfies the temporal logic specification, then the corresponding continuous-time signal should also satisfy the same temporal logic specification.

A method for the synthesis of controllers to handle safety, liveness, and real-time constraints

Describes a synthesis method that automatically derives controllers for timed discrete-event systems with nonterminating behavior modeled by timed transition graphs and specifications of control requirements expressed by metric temporal logic (MTL) formulas. Synthesis is performed by using: 1) a forward-chaining search that evaluates the satisfiability of MTL formulas over sequences of states generated by occurrences of actions and 2) a control-directed backtracking technique that takes into consideration the controllability of actions. This method has several interesting features. First, the issues of controllability, safety, liveness, and real time are integrated in a single framework. Second, the synthesis process does not require explicit storage of an entire transition structure over which formulas are checked and can be stopped at any moment, giving an approximate but useful result. Third, search and control mechanisms allow circumvention of the state explosion problem.