Upload
alex-dragomir
View
215
Download
0
Embed Size (px)
Citation preview
8/6/2019 Model Minimal en 2
1/19
Minimal Models and Bisimulation in Modal Logic
Alexandru Dragomir
Graduate student, University of Bucharest
Abstract
First, I will introduce the notions of Kripke-model and bisim-
ulation and afterwards I will state and prove some of their prop-
erties. Next, I will present the construction of a minimal model
by factoring the model to its largest bisimulation. Obviously,
the domain of a minimal model (consisting of quotients modulo
the largest bisimulation) is at most as large as the original model.
Keywords: bisimulation, bisimulation contraction, Kripke model,
minimal model.
1 Kripke Models
Let us consider Kripke-model defined as follows:
M = (W, {a |a A}, ), where:
1. W is a finite, nonempty set ofpossible worlds, states, points or nodes,
2. {a |a A} is a collection of binary relations (accessibility relations
between the worlds of our model) indexed by the set of agents A: aA
1
8/6/2019 Model Minimal en 2
2/19
W W, and:
3. The valuation function - the function that assigns sets of worlds
(subsets of our domain, W) to our propositional variables or, equivalently,
the function that assigns the truthhood or the falsehood to propositional
variables of our language relative to the worlds of our domain 1:
(1.1) : V ar(L) W {, }
Or, equivalently 2:
(1.2) : V ar(L) 2W
Definitions (1.1) and (1.2) are equivalent if we assume the following
aspect: if a variable is not assigned to a certain world, then its negation is
true at that world.
Being that we defined our main tool for the construction of a semantics
of modal logic, the Kripke-model, we can now define the satisfaction relation
|=: |= (M, w)Prop(L) as the smallest relation that respects the following
conditions:
R1. M, w |= p iff w (p), for all p W and for all p V ar(L).
R2. M, w iffM, w , for all Prop(L)
R3. M, w iffM, w and M, w , for all , Prop(L)
R4. M, w iffM, w or M, w , , Prop(L)
1The first definition is usually offered in modal logic textbooks and articles (e.g.: Black-burn, P., Venema, Y., de Rijke, M., Modal Logic, Cambridge University Press, 2002), while
the second is preffered in the epistemic logic related texts (e.g.: Fagin, R., Halpern, J. Y.,Moses, Y. M., Vardi, Y., Reasoning about Knowledge, The MIT Press, Cambridge, 1995).
22W is the powerset ofW. This notation is not arbitrary: the cardinal of the powersetof any set P (the set of all subsets ofP) is 2card(P), where card(P) is the cardinal ofP.
2
8/6/2019 Model Minimal en 2
3/19
R5. M, w iffM, w or M, w , , Prop(L)
R6. M, w iff u : Rwu M, u , Prop(L)
R7. M, w iff u : Rwu M, u , L
2 Bisimulation
For starters, Ill offer the definition of the simplest notion of equivalence
between models:
Definition. Let w M and w M be two states of two models. We
call the states w and w equivalent iff they satisfy the same formulas (or
propositions):
w w iff { | M, w |= } = { | M, w |= }, or:
w w iff (M, w |= M, w |= )
Definition. Two models M and M are equivalent iff they satisfy the
same formulas:
M M iff { | M |= } = { | M |= }.
M M iff (M |= M |= )
The Bisimulation Relation Between Kripke-Models3
Lets consider a new equivalence relation between two models: WW. Well say is a bisimulation if the following conditions hold:
3Blackburn, P. et al., Modal Logic, pp. 65-66
3
8/6/2019 Model Minimal en 2
4/19
(2.1) Atomic harmony: If w w, then w and w satisfy the same
propositional letters:
w w p V ar(P) : M, w |= p M, w |= p.
(2.2) Zig: If w w si w v, then v M : v v and w v.
(2.3) Zag: If w w si w v, then v M : v v and w v.
2.1 Preliminary Results
Proposition. If two models are bisimilar (there is a bisimulation linking
them), they are equivalent (meaning that they verify the same formulas).
We say that between two bisimilar models all information is preserved.
w W, w W : (M, w) (M, w) (M, w) (M, w)
Proof4. By induction on the length of any proposition :
1. Basis: Assuming that w w, the atomic harmony condition assures
us that w |= p w |= p, p L
2. Induction Hypothesis: Assuming that w w, we obtain thatM, w |=
M, w |=
3. Induction Step:
3. a) The Case of Negation. Lets assume that M, w . Then,
M, w . From this, using the hypothesis of induction we arrive at:M
, w , so M, w . As a conclusion, he have that if w w,
4van Ditmarsch, H.P. et al., Dynamic Epistemic Logic, p. 25, Blackburn, P. et al.,Modal Logic, 67
4
8/6/2019 Model Minimal en 2
5/19
then M, w |= M, w |= .
3. b) The Case of Conjunction. Lets assume that M, w |= . From
the semantic rule R3, we have that M, w |= and M, w |= . By the
hypothesis of induction we have that M, w |= and M, w |= , and, by
the semantic rule R3, we arrive at: M, w |= .
3. c) The Case of Necessity. Well prove that if w w, then, if
M, w |= , then: M, w |= .
Lets say thatM, w |= . We arbitrarily choose a state u ofW, so that
w u. Because w w, from zag, we have that u : w u and u u.
By the hypothesis induction, we have: M, u |= M, u |= . Because
M, w |= , then M, u |= , so M, u |= . Since u was arbitrarily chosen,
we have that for all u in W so that w u it holds that M, u |= . By
the definition of the necessity operator, we derive that M, w |= .
In order to show that if w w, then, ifM, w |= , then M, w |= ,
we only have to reason analogously, this time using zig.
3. d) The Case of the Possibility Operator.
Well show that for w w, ifM, w |= , then M, w |= .
IfM, w |= , then u : w u, with M, u |= . By zig, we have that
u : w u and u u. By the hypothesis induction, we know that
M, u |= . From this we conclude that M, w |= , by the semantic rule
of the possibility operator.
In order to show that: ifw w, then, ifM, w |= , then M, w |= ,
we can reason by analogy, using, this time, zag.
5
8/6/2019 Model Minimal en 2
6/19
The Henessy-Milner Theorem5. If two finite models are equivalent,
then they are bisimilar.
First, I want to emphasize that if we ignore the condition of finitude,
then we can find both equivalent and bisimilar models. As shown in the
figure below, the infinite model M2 is equivalent to the finite model M1,
but, on the other hand, the two are not bisimilar.
...
M1
...
. . .M2
Figure 1. In this figure two equivalent but not bisimilar models are
represented.
Proof. The idea of this proof is to show that the equivalence relation
between models (as defined at the beginning of the second section) is a
bisimulation relation.
1. has the property of atomic harmony. IfM, w M, w, then, by
the definition of equivalence, the two of them satisfy the same propositions
and atoms.
2. has the property of zig. Let us assume that M, w M, w and
that w u. Lets presuppose, for the sake of contradiction, that u :
5Blackburn, P. et al, Modal Logic, pp. 69-70.
6
8/6/2019 Model Minimal en 2
7/19
(w u u u).
Well consider the following set: S = {u | w u}, as the set of
all states accessible by M from the states w M. We know that
w u, so w , which is equivalent to w , so w . Because it
holds that w w, we have that w , so S = (the states in which it
is true that are the dead-end states - the ones that have no other state
accessible).
Now, because M is finite, it follows that S = is finite, so its ele-
ments can be enumerated (of course, since its an enumerable set): S =
{u1,...,un}. By assumption, we have that u
i S
, i : (M, u i
M, ui i).
From ui S, i : M, ui i, we deduce that M
, ui i. Now, a
little less formal, in any state ui accessible from w, there is a formula i
so that M, u i, so ui Si : M, ui
ni=1 i. We deduce that
M, w (
i) M, w (
n
i=1
i) M, w (n
i=1
i)
M, w (
ni=1 i). (*)
From ui S, i : M, u i, we immediately obtain that M, u
ni=1 i, and that M, w (
ni=1 ), which contradicts our previous (*),
and finally we see rejected our assumption that the zig property doesnt
hold. So, has the property zig.
3. has the property ofzag. We can proceed in analogy with the above
(for zig).
In conclusion, any two finite models are bisimilar if and only if they are
equivalent.
7
8/6/2019 Model Minimal en 2
8/19
Properties:
a) Bisimulation is an equivalence relation between two models (an equiv-
alence relation is a reflexive, symmetrical, and transitive relation).
Proof. To prove our assertion, well have to show that bisimulation
verifies the three properties of an equivalence relation, for an arbitrarily
chosen model M = (W, , ).
1. Reflexivity: a a. It is clear that a satisfies the same variables as a,
(by atomic harmony). Ifa x, then (x) : a x (zig), so a a.
2. Symmetry: Lets assume that a b. Then, b and a satisfy the same
propositional variables (by atomic harmony). In addition, if a x and
()y : b y, then: if b y, then ()x : a x (zig), so b a.
3. Transitivity: Lets assume that a b si b c. Then, a x, b y,
c z. Then, if a x and c z, we have that a c.
b) If is a bisimulation on M, then its inverse: 1
is also a bisimula-
tion on M.
Proof. We have that: a b and 1= {(b, a) : a b}. From a b we
deduce that: (1) p : a |= p b |= p, (2) zig: a a b : b b and
a b, (3) zag: b b a : a a and a b. We arbitrarily choose
a and b, and proceed to show b 1 a is a bisimulation as follows:
Atomic harmony: From (1), we immediately obtain that p : b |= p
a |= p.
Zig: zig for b 1 a is identical with proposition (3) (zag for a b).
8
8/6/2019 Model Minimal en 2
9/19
Zag: The same, condition zag for b 1 a is identical with proposition
(2) (zig for a b).
In another approach, a b b a is true because bisimulation is
a symmetrical relation (being an equivalence relation), so a 1 b is a
bisimulation.
c) If and are bisimulation on M, then their composition: is
also a bisimulation on M.
Proof. If X Y, Y Z (bisimulations), then X Z,
= {(x, z) : y(x y y z)}. We will only prove the atomic harmony
and zig.
Atomic harmony: Because it holds that x y, we have that: p : x |=
p y |= p. Also, because y z, we have that p : y |= p z |= p, so:
p : x |= p z |= p.
Zig: If x y, x x y : y y and x y and if y z,
y y z : z z and y z. Because we have that x x
and z z and x y, y z (so (x, z) ), it results that the
condition zig is verified by .
d) If{i: i I} is a set of bisimulations on M, then their union:iI i
is a bisimulation on M.
Proof: Well show that for any 1 and 2 bisimulation on M, it holds
that: 1 2 is a bisimulation on M.First, lets remember that: 1 2= {(x, y) 1 2 | (x, y) 1
(x, y) 2}.
9
8/6/2019 Model Minimal en 2
10/19
Well assume w(1 2)u and show the following:
1) Atomic harmony: From our assumption, it results that w 1 u or
w 2 u; Also from the assumption - the fact that 1 and 2 are bisimula-
tions - we conclude that in both cases w and u satisfy the same propositional
variables;
2) zig: if (w, u) 1 2, then we distinguish two cases: a) if w 1 u
and w w, then u : u u and w 1 u, by which: w(1 2)u;
and b) if w 2 u and w w, then u : u u and w 2 u
, and we
conclude that: w(1 2)u.
3. Zag: We reason by analogy with zig.
e) The empty relation is a bisimulation.
Proof: It is evident. By the fact that the empty bisimulation doesnt con-
tain any relation between states, the conditions of bisimulation are satisfied
by default.
Given the property expressed by (d), we can define the largest bisimu-
lation on a model. Lets consider , a bisimulation that relates or links all
states ofW. Then, B =
WW is the union of all bisimulations and a
bisimulation itself. B is the largest bisimulation on M.
Its interesting that bisimulation links also the states that are not ac-
cesibile to any other state. Lets assume that M contain such an isolated
state w. Also, lets consider another model M as a copy ofM, but without
the isolated state w. Then, the two models would not be equivalent, since
model M satisfies an extra formula: , at w: M, w |= .
10
8/6/2019 Model Minimal en 2
11/19
We can say that bisimulations 6 are weaker than isomorphisms, but
stronger than homomorphisms. In what sense ? All three of them preserve
the structure of the model, but, on the other hand, two homomorphical mod-
els may not preserve the same information (they might not satisfy the same
formulas) while isomorphic models even though satisfy the same proposi-
tions, do not allow for any change of structure: remember that you can
find models of different structure that preserve the same information. As
an advantage, the bisimulation relation may hold between models with very
different structure but satisfying the same formulas.
It is worthy of another commentary that, dependending on the field of
study, bisimulation has different uses and theoretical meanings. In automata
theory, a bisimulation is an equivalence relation between distinct (not iso-
mophic) transition systems of similar behaviour. In set theory without the
axiom of foundation - which tells us that a set cannot contain itself as a
subset - the identity or equality of two sets cannot be defined extensiona
extensionally, like this: two sets are equal if they contain the same elements.
The reason is simple: if a set contains itself as a subset, then its depth is
infinite, so induction could not be used to establish its equality to other
sets7. Actually, the equality of such unusual sets is proved by showing that
they are bisimilar (there is a bisimulation between them).
6...and the equivalent notion of a p-morphism.7Davide Sangiorgi, On The Origin of Bisimulation and Coinduction, p. 133
11
8/6/2019 Model Minimal en 2
12/19
3 The Minimal Model
Bibliographical indications: Wang, Y., Epistemic Modelling and Proto-
col Dynamics, p. 12., Van Bentham, J., Modal Logic for Open Minds, pp.
27-28.
Let M be a model that satisfies a set of propositions. We can ask
ourselves: what is the smallest model that preserves the same information ?
In our understanding, a minimal model (the one used and analysed in this
paper8) will be a model factorized by the largest bisimulation on it. This
construction is also entitled the (bisimulation contraction). In automata
theory we find an analogous structure named quotient transition system,
and also in graph theory the structure named quotient graph.
Well use the following notation for our minimal model: M/ = (W/,
, ). Its construction needs a few other preliminary constructions and some
steps to follow (each step corresponding to a stage of its construction).
a) M/ is the quotient model - the model factorized by the relation .
Also, it should be mentioned (once again) that is the largest bisimulation
on M. Once weve found a relation W W, we can proceed:
b) W/, is the set of all equivalence (modulo ) classes of our states of
W. So:
(3.1) W/ = {[w] | w W}, unde:
(3.1.1) [w] = {w W | w w}
8See also: De Lavalette, G.R.R., Van Ditmarsch, H.P., Epistemic Actions and MinimalModels
12
8/6/2019 Model Minimal en 2
13/19
c) To obtain W/ W/, we could use the following rule:
(3.2) w a w = [w] a [w]
A little more informal, if two states w and w are linked by the relation
a, then their quotients (modulo ) ([w] and [w]) are linked by the
relationa
.
d) The valuation function is defined by taking into account that W
is a set of equivalence classes of elements of W. So:
(3.3) : V ar(P) 2W/
So, we can have two alternative and equivalent definitions of the valuation
function :
(3.4) (p) = {[(p)]}
As it can be seen, the variable p is no longer sent into a set of states, but
into a set of equivalence classes of states. If the variable is sent into a single
state, we can write: (p) = [(p)].
(3.5) : V ar(P) W/ {, }
Then, is defined as follows:
(3.6) (p,w) = (p, [w])
Because M/ is obtained by factoring the model M by , the two
models are bisimilar, and therefore equivalent (in the sense that they cotain
the same information).
Example:
Lets consider the Kripke-modelM = (W, a, ), defined in the follow-
ing manner: W = {1, 2, 3, 4}, a= {(1, 2), (1, 3), (2, 4), (3, 4)}. The largest
13
8/6/2019 Model Minimal en 2
14/19
bisimulation on the model M is constructed out of the following bisimula-
tions: 1 1, 2 3, 4 4. As we defined it above, the largest bisimulation
is the union of bisimulations: = {(1, 1), (2, 3), (4, 4)}. Because bisimula-
tion is an equivalence relation (see the proof above), we can construct the
quotient model, the model ofM by :
W/ = {[1], [2], [4]}.
Given that [2] = [3], we have equivalently: W/ = {[1], [3], [4]}.
Then, in order to obtain the accessibility relation required for a quotient
model:
1 2 = [1] [2]
1 3 = [1] [3]
2 4 = [2] [4]
3 4 = [3] [4]
Since it holds that: [2] = [3], we have that: [1] [3] is iden-
tical to [1] [2], and [3] [4] is identical to [2] [4],
so [1] [3] and [3] [4] can be eliminated from the graphic
representation.
14
8/6/2019 Model Minimal en 2
15/19
8/6/2019 Model Minimal en 2
16/19
Proof. Lets consider = {(x, x) | x W}. We have to shot that
verifies the three conditions for being a bisimulation.
1. Atomic harmony: Let us assume that (x, x) . Then, x |= p iff
x |= p is evidently true.
2. Zig. Let us assume that (x, x) and x y. Then, (y) :
x y for y = y si (y, y) from the definition of our relation .
3. Zag. The argument is symmetrical to Zig.
Proposition. Every bisimulation on the minimal model (the quotient
model) is included in the diagonal bisimulation. Formally:
Let us consider the model M and the largest bisimulation on it and
its quotient model M/. Also, W/ W/ a bisimulation on M/
and W/ W/ the diagonal bisimulation. Then: , for
W/ W/.
What does this mean ? That any possible bisimulation on the minimal
model links states to themselves. To observe the difference, the bisimulation
on the non-minimal model of Figure 2 (see above) links the distinct states
2 and 3.
Proof10. Well consider w and u two states ofM, [w] and [u] their
equivalence classes modulo (so [w] M/ and [u] M/). Let be
a bisimulation between [w] and [u]. In order to shot that is includedin the diagonal, we have to show that [w] = [u], and this can be proved
10See http : //www.cs.indiana.edu/cmcs/bisimulation.pdf
16
8/6/2019 Model Minimal en 2
17/19
easily by showing that w u (remember a property of equivalence classes:
[a] = [b] a b).
Lets consider a relation on M ( W W) between any w and u
defined as such:
w u [w] [u]
Lets prove that is a bisimulation. First, well presuppose (to prove
zig11) that w w. Because is a bisimulation, we have that if [w]
[w] then it exists [x] so that: [u] [x]. By the definition of
equivalence classes, we have that it exists u : u u. Because [u]
[x], we have that it exists a state x so that u x. Because is a
bisimulation, we obtain (zag) that it exists a state x so that u x and
x x. Since it holds that u x, we proved that w u is a bisimulation.
Now, because ( is included in the largest bisimulation on the models,
), we have that w u = w u, what was to be demonstrated.
w u u iff [w] [u]
w x x [w] [x]
1
2
3
Figure 3: To ease the understanding of the proof, I attached a graphic
representation of the accessibility relations ( and ) and bisimula-
tions (, , ) between states and classes.
11Well show only zig! The argument for zag is symmetrical.
17
8/6/2019 Model Minimal en 2
18/19
Proposition. Let us consider two models M and M/ and a bisim-
ulation on M/. Then, it holds that: , W/ W/.
Proof. We have to show that, for [w] and [u] chosen arbitrarily from
W/: if ([w], [u]) , then [w] [u]. Which means that we have to
prove that is a bisimulation, the truth of which we proved above.
As a conclusion, we arrive at a new definition of a minimal model:
Proposition. A model M is minimal iff the only bisimulation on M is
the diagonal ofM.
Proof. 1) . We have to prove that every bisimulation on the min-
imal model is identical to the diagonal bisimulation: W/ W/ :
= . We proved that in a minimal model, any bisimulation is included in
the diagonal of the model: and that in a minimal model the diagonal
is included in any bisimulation: .
2) . In words, we have to show that if in a model there exists a single
bisimulation (the diagonal of that model), then that model is minimal. Lets
take a model M, and . To show that it is minimal, well prove that the
quotient model ofM is identical to M. And this is possible by applying
the four rules a, b, c, d for the construction of the minimal model: a)
taking into account the definition of , we have that any [w] = {w},
and card(W/)=card(W). b) from the way W/ was constructed, we have
that =. c) the same, from the construction of W/, we have that
= .
Example: in Figure 2, = {(1, 1), (2, 2), (3, 3)}, so: W/: [1] = {1},
[2] = {2}, [3] = {3}, so W/ = {1, 2, 3}.
18
8/6/2019 Model Minimal en 2
19/19
4 References
See below:
[1] Van Bentham, J., 2010, Modal Logic for Open Minds, available online:
http : //fenrong.net/teaching/mljvb.pdf
[2] Blackburn, P., Venema Y., De Rijke, M., 2002, Modal Logic, Cam-
bridge University Press.
[3] Fagin, R., Halpern, J. Y., Moses, Y., Vardi, M. Y., 1995, Reasoning
about Knowledge, The MIT Press, Cambridge.
[4] De Lavalette, G.R., Van Ditmarsch, H.P., 2002, Epistemic Actions
and Minimal Models, Technical Report OUCS - 2002 - 03, Depart ment of
Computer Science, University of Otago, available online:
http : //www.cs.otago.ac.nz/trseries/oucs 2002 03.pdf
[5] Sangiorgi, D., 2009, On the origins of bisimulation and coinduction,
ACM Transactions on Programming Languages and Systems, Volume 31
Issue 4, ACM New York, NY, USA.
[6] Wang, Y., 2010, Epistemic Modelling and Protocol Dynamics, ILLC
Dissertation Series DS-2010-06.
[7] An online presentation on the 5th International Workshop on Coal-
gebraic Methods in Computer Science :
http : //www.cs.indiana.edu/cmcs/bisimulation.pdf
19