2 Translating Formulæ from B to PFOL
Tải bản đầy đủ  0trang
208
P. Halmagrand
θ(E) =





T
t
match E with
xT
E1 , E 2
E1 × E2
P(E)
f P(T ) (. . .)
→
→
→
→
→
Δ(x)
Pair(θ(E1 ), θ(E2 ))
Set(Pair(θ(E1 ), θ(E2 )))
Set(θ(E))
Set( T t )
= match T with
if id ∈ Ω then return Ω(id)
else Ω := Ω, (id, αid ) return αid
if id ∈ Ω then return Ω(id)
 id when f lag = gl →
else T := T , kid :: 0 ; Ω := Ω, (id, kid ) return kid
 T1 × T2
→ Pair( T1 t , T2 t )
 P(T )
→ Set( T t )
 id when f lag = ax →
P
f
=





match P with
⊥
P1 ∧ P 2
P1 ⇒ P 2
¬P
∀xT · P
 E1 = E2
 E1 ∈ E2
⊥
P1 f ∧ P 2 f
P1 f ⇒ P 2 f
¬ P f
∀x : T t . P f and Δ := Δ, x : T t
∀x1 : T1 t .∀x2 : T2 t . P f
→
and Δ := Δ, x1 : T1 t , x2 : T2 t
→ E1 e =θ(E1 ) E2 e
→ E1 e ∈θ(E1 ) E2 e
= match E with
 xT
 E1 , E 2
→x
→ ( E1 e , E2 e )θ(E1 ),θ(E2 )
 ∀(xT1 1 , xT2 2 ) · P
E
e
→
→
→
→
→
θ(E1 ) = Set(τ1 )
θ(E2 ) = Set(τ2 )
 P(E)
→ Pτ ( E e ) where θ(E) = Set(τ )
 f P(T ) (E1 , . . . , En ) →
if f : Πα1 . . . αm . τ1 → . . . → τn → τ ∈ T
then T := T , f : Sig(f P(T ) (E1 , . . . , En ))
⎧
⎨ θ(E1 ) = τ1 (τ1 , . . . , τm )
···
return f (τ1 , . . . , τm ; E1 e , . . . , En e ) where
⎩
θ(En ) = τn (τ1 , . . . , τm )
 E 1 × E2
→ E1
e
×τ1 ,τ2 E2
e
where
Fig. 4. Translation from B to PFOL
Finally, the translation of the goal (we unfold the ⊆ deﬁnition, see Sect. 2.1) is:
∀s : Set(k1 ), t : Set(k2 ), a : Set(Pair(k1 , k2 )), b : Set(Pair(k1 , k2 )).
(a, b) ∈ P(s × t) × P(s × t) ⇒ f (a, b) ∈ P(s × t)
Soundly Proving B Method Formulæ Using Typed Sequent Calculus
5
209
Translating LLproof Proofs into B Proofs
1
In Fig. 5, we present the reverse translation, denoted ϕ , to translate
monomorphic PFOL formulæ into B formulæ. This reverse translation is simpler than the one presented in Sect. 4.2 because we do not need to translate
types, annotations for bound variables and function symbols not being necessary anymore.
ϕ
1
f
e
1
e
=







match ϕ with
⊥
ϕ1 ∧ ϕ2
ϕ1 ⇒ ϕ2
¬ϕ
∀x : τ. ϕ
e1 =τ e2
e1 ∈τ e2
→
→
→
→
→
→
→
⊥
1
ϕ1 1
f ∧ ϕ2 f
1
ϕ1 f ⇒ ϕ2 1
f
¬ ϕ 1
f
∀x · ϕ 1
f
1
e1 1
e = e2 e
1
1
e1 e ∈ e2 e
=





match E with
x
(e1 , e2 )τ1 ,τ2
e1 ×τ1 ,τ2 e2
Pτ (e)
f (τ1 , . . . , τm ; e1 , . . . , en )
→
→
→
→
→
x
1
e1 1
e , e2 e
1
e1 e × e2 1
e
P( e 1
e )
f ( e1 1
e , . . . , en
1
e )
Fig. 5. Translation from PFOL to B
Theorem 1. For a set of B formulæ Γ and a B goal P , if there exists a LLproof
proof of the sequent Γ , ¬P LL ⊥, then there exists a set Γ of monomorphic
1
, ¬P B ⊥.
instances of Γ , and a B proof of the sequent Γ
Proof. We present a sketch of the proof.
1
1. We show that if P is a B goal, then we have P
⇔ P.
2. Given a proof Π of the sequent Γ , ¬P LL ⊥, there exists a proof ΠKleene
of the sequent, starting with all applications of ∀type rules on polymorphic
formulæ, thanks to the permutation of inference rules in sequent calculus [15].
3. We take the subproof Πmono of ΠKleene , where we removed all the ∀type nodes
and the remaining polymorphic formulæ.
4. The set Γ of monomorphic instances of Γ is made of the root node formulæ
of Πmono , except ¬P .
5. We extend the reverse translation to LLproof sequents,
1
1
1
1
→ P1 , . . . , Pn
, and to LLproof proof
P1 , . . . , Pn LL Q
B Q
nodes in Figs. 6 and 7.
1
1
, ¬P B ⊥.
6. Πmono is a B proof of the sequent Γ
210
P. Halmagrand
Axiom
P
1
P
BR3
¬P
P, ¬P
¬P
1
R5
1
⊥
BR3
=
t =τ t
1
R10
¬(t =τ t)
¬(t =τ t)
1
¬(t =τ t)
R5
1
⊥
BR3
Sym
t =τ u
t =τ u
1
t =τ t
BR3
1
¬P
¬P
1
BR3
¬¬P
¬¬P
¬(t =τ t)
¬(t =τ t)
t =τ u, ¬(u =τ t)
¬¬
R10
P
⊥
R5
¬¬P
P ∧Q
P ∧Q
P ∧Q
1
P ∧Q
R2
1
P
BR3
P ⇒ Q, ¬P
⊥
P ⇒Q
1
P
Q
¬⊥
1
1
BR4
1
BR3
1
R2
1
P ∧ Q, P, Q
⊥
1
⊥
1
BR4
BR4
BR6
R5
1
⊥
1
⊥
R5
R9
¬¬P, P
P ∧ Q, P
P ∧Q
⇒
⊥
P ∧Q
BR3
BR3
1
1
P ∧Q
1
1
1
¬¬P
∧
⊥
¬(t =τ t)
P ⇒Q
P ⇒Q
Q
P ⇒Q
1
1
P ⇒Q
⊥
BR3
MP
P ⇒ Q, Q
⊥
1
1
BR4
Fig. 6. Translations of LLproof Rules into B Proof System (part 1)
We give in Figs. 6 and 7 the translations for each LLproof proof node. Each
node can be translated to a B derivation where all PFOL sequents are translated
into B sequents, leading to a B proof tree. To lighten the presentation, we omit to
indicate the context Γ and some useless formulæ (removable by applying BR2) on
the lefthand side of sequents, and we use for LL . For instance, the translation
of the LLproof Axiom rule should be:
Γ, P, ¬P, ¬⊥
LL
P
1
BR3
Γ, P, ¬P
Γ, P, ¬P, ¬⊥
LL
⊥
1
LL
¬P
1
BR3
R5
Example 5. The proof of the running example is too big to be presented here.
Instead, we present the proof translation for the following B formula, given s:
∀x · (x ∈ s ⇒ x ∈ s)
Soundly Proving B Method Formulỉ Using Typed Sequent Calculus
¬∧
¬(P ∧ Q), ¬P
⊥
1
¬(P ∧ Q)
¬⊥
BR6
1
R5
1
P
¬(P ∧ Q), ¬Q
¬(P ∧ Q)
¬(P ∧ Q)
where Π :=
¬⇒
¬(P ∧ Q)
¬(P ⇒ Q), P, ¬Q
1
⊥
¬(P ⇒ Q), P
¬(P ⇒ Q)
¬(P ∧ Q)
¬⊥
Q
P ∧Q
¬∀x : τ.P (x), ¬P (c)
⊥
¬∀x : τ.P (x)
¬(P ⇒ Q)
¬∀x : τ.P (x)
1
1
¬⊥
∀x : τ.P (x)
1
⊥
∀x : τ. P (x)
∀x : τ. P (x)
∀x : τ. P (x)
P (t)
1
R5
¬(P ⇒ Q)
1
BR3
R5
BR6
R7
¬∀x : τ.P (x)
⊥
¬∀x : τ.P (x)
1
BR3
R5
1
BR3
R8
1
Π
1
1
¬∀x : τ.P (x)
∀
R1
R5
1
P (c)
⊥
R5
1
R5
¬(P ⇒ Q)
¬∀
Q
BR6
1
BR6
1
R3
1
¬⊥
1
¬(P ∧ Q)
BR3
1
1
P ⇒Q
1
⊥
211
∀x : τ. P (x), P (t)
∀x : τ. P (x)
⊥
⊥
1
1
BR4
Subst
P (t), ¬(t =τ u)
P (t)
⊥
1
¬⊥
t =τ u
1
P (t)
1
BR6
R5
P (u)
P (t)
P (t)
1
1
P (t)
⊥
BR3
R9
P (t), P (u)
⊥
1
Fig. 7. Translation of LLproof Rules into B Proof System (part 2)
The latter leads to the PFOL formula, where k is a constant:
∀s : Set(k). ∀x : k. x ∈ s ⇒ x ∈ s
The LLproof proof is:
Ax
cx ∈k cs , cx ∈k cs LL ⊥
¬⇒
¬(cx ∈k cs ⇒ cx ∈k cs ) LL ⊥
¬∀
¬∀x : k. x ∈k cs ⇒ x ∈k cs LL ⊥
¬∀
¬∀s : Set(k). ∀x : k. x ∈k s ⇒ x ∈k s LL ⊥
1
BR4
212
P. Halmagrand
We obtain the B proof (we removed the universal quantiﬁcation over the given
set s, the ﬁrst R5 node in the translation of ¬∀, some useless formulỉ on the
lefthand side of sequents and used for B , c for cx and s for cs ):
c∈s
BR3
BR3
c∈s
c∈s c∈s
R5
c ∈ s, c ∈ s ⊥
c∈s c∈s
R3
c∈s⇒c∈s
¬⊥
BR6
R5
¬(c ∈ s ⇒ c ∈ s)
¬(c ∈ s ⇒ c ∈ s)
6
¬(c ∈ s ⇒ c ∈ s)
⊥
c∈s⇒c∈s
∀x · (x ∈ s ⇒ x ∈ s)
BR3
R5
¬⊥
BR6
R5
R7
Conclusion
Automated theorem provers are in general made of thousands lines of code, using
elaborate decision procedures and speciﬁc heuristics. The conﬁdence in such
tools may therefore be questioned. The correctness of Zenon proofs is already
guaranteed by the checking of proof certiﬁcates by an external proof checker.
But to prove B proof obligations, Zenon relies on two external tools, bpo2why
and Why3, to translate proof obligations into its input format, which raises the
question whether the proof found still corresponds to a proof of the original
statement.
In this paper, we have formalized a diﬀerent and direct translation from the B
Method to a polymorphic ﬁrstorder logic. The main purpose of this work is not
to replace bpo2why, but to validate the use of Zenon to prove B proof obligations.
One of the most challenging part of this translation deals with the encoding of
the B notion of types. Our solution to make the axioms polymorphic allows us
to beneﬁt from the ﬂexibility of polymorphism. Furthermore, we showed that
this translation is sound and gave a procedure to translate Zenon proofs in the
B proof system.
As future work, we want to prove the soundness and completeness of the
deduction modulo theory [11] extension of the proof system LLproof with regard
to those of LLproof, in particular in the case of the B Method.
References
1. Abrial, J.R.: The BBook: Assigning Programs to Meanings. Cambridge University
Press, Cambridge (1996)
2. Blanchette, J.C., Bă
ohme, S., Popescu, A., Smallbone, N.: Encoding monomorphic and polymorphic types. In: Piterman, N., Smolka, S.A. (eds.) TACAS
2013. LNCS, vol. 7795, pp. 493–507. Springer, Heidelberg (2013). doi:10.1007/
9783642367427 34
3. Bobot, F., Filliˆ
atre, J.C., March´e, C., Paskevich, A.: Why3: shepherd your herd
of provers. In: International Workshop on Intermediate Verification Languages
(Boogie) (2011)
Soundly Proving B Method Formulæ Using Typed Sequent Calculus
213
4. Bodeveix, J.P., Filali, M.: Type synthesis in B and the translation of B to PVS.
In: Bert, D., Bowen, J.P., Henson, M.C., Robinson, K. (eds.) ZB 2002. LNCS, vol.
2272, pp. 350–369. Springer, Heidelberg (2002). doi:10.1007/3540456481 18
5. Boespflug, M., Carbonneaux, Q., Hermant, O.: The λΠcalculus modulo as a universal proof language. In: Proof Exchange for Theorem Proving (PxTP) (2012)
6. Bonichon, R., Delahaye, D., Doligez, D.: Zenon: an extensible automated theorem
prover producing checkable proofs. In: Dershowitz, N., Voronkov, A. (eds.) LPAR
2007. LNCS (LNAI), vol. 4790, pp. 151–165. Springer, Heidelberg (2007). doi:10.
1007/9783540755609 13
7. Bury, G., Delahaye, D., Doligez, D., Halmagrand, P., Hermant, O.: Automated
deduction in the B set theory using typed proof search and deduction modulo.
In: LPAR 20 : 20th International Conference on Logic for Programming, Artificial
Intelligence and Reasoning, Suva, Fiji (2015)
8. Cauderlier, R., Halmagrand, P.: Checking Zenon modulo proofs in Dedukti.
In: Fourth Workshop on Proof eXchange for Theorem Proving (PxTP), Berlin,
Germany (2015)
9. Delahaye, D., Doligez, D., Gilbert, F., Halmagrand, P., Hermant, O.: Zenon modulo: when achilles outruns the tortoise using deduction modulo. In: McMillan, K.,
Middeldorp, A., Voronkov, A. (eds.) LPAR 2013. LNCS, vol. 8312, pp. 274–290.
Springer, Heidelberg (2013). doi:10.1007/9783642452215 20
10. Delahaye, D., Dubois, C., March´e, C., Mentr´e, D.: The Bware project: building a
proof platform for the automated verification of B proof obligations. In: Ameur,
Y.A., Schewe, K.S. (eds.) Abstract State Machines, Alloy, B, VDM, and Z (ABZ).
LNCS, vol. 8477, pp. 290–293. Springer, Heidelberg (2014)
11. Dowek, G., Hardin, T., Kirchner, C.: Theorem proving Modulo. J. Autom.
Reasoning (JAR) 31, 33–72 (2003)
12. Dowek, G., Miquel, A.: Cut elimination for zermelo set theory. Archive for Mathematical Logic. Springer, Heidelberg (2007, submitted)
13. Jacquel, M., Berkani, K., Delahaye, D., Dubois, C.: Verifying B proof rules using
deep embedding and automated theorem proving. Softw. Eng. Formal Methods
7041, 253–268 (2011)
´ Dubois, C.: Why would you trust B ? In: Dershowitz, N., Voronkov,
14. Jaeger, E.,
A. (eds.) LPAR 2007. LNCS (LNAI), vol. 4790, pp. 288–302. Springer, Heidelberg
(2007). doi:10.1007/9783540755609 22
15. Kleene, S.C.: Permutability of inferences in Gentzens calculi LK and LJ. In:
Bulletin Of The American Mathematical Society, vol. 57, pp. 485–485. Amer Mathematical Soc, Providence (1951)
16. Mentr´e, D., March´e, C., Filliˆ
atre, J.C., Asuka, M.: Discharging proof obligations from Atelier B using multiple automated provers. In: Derrick, J., Fitzgerald,
J., Gnesi, S., Khurshid, S., Leuschel, M., Reeves, S., Riccobene, E. (eds.) ABZ
2012. LNCS, vol. 7316, pp. 238–251. Springer, Heidelberg (2012). doi:10.1007/
9783642308857 17
17. Schmalz, M.: Formalizing the logic of eventB. Ph.D. thesis, Diss., Eidgenă
ossische
Technische Hochschule ETH Ză
urich, Nr. 20516, 2012 (2012)
18. ClearSy: Atelier B 4.1 (2013). http://www.atelierb.eu/
Deriving Inverse Operators for Modal Logic
Michell Guzm´
an1(B) , Salim Perchy1 , Camilo Rueda3 , and Frank D. Valencia2,3
1
2
´
InriaLIX, Ecole
Polytechnique de Paris, Palaiseau, France
michell.guzman@inria.fr
´
CNRSLIX, Ecole
Polytechnique de Paris, Palaiseau, France
3
Pontificia Universidad Javeriana de Cali, Cali, Colombia
Abstract. Spatial constraint systems are algebraic structures from concurrent constraint programming to specify spatial and epistemic behavior in multiagent systems. We shall use spatial constraint systems to
give an abstract characterization of the notion of normality in modal
logic and to derive right inverse/reverse operators for modal languages.
In particular, we shall identify the weakest condition for the existence
of right inverses and show that the abstract notion of normality corresponds to the preservation of finite suprema. We shall apply our results
to existing modal languages such as the weakest normal modal logic,
HennessyMilner logic, and lineartime temporal logic. We shall discuss
our results in the context of modal concepts such as bisimilarity and
inconsistency invariance.
Keywords: Modal logic · Inverse operators
Modal algebra · Bisimulation
1
·
Constraint systems
·
Introduction
Constraint systems (cs’s) provide the basic domains and operations for the
semantic foundations of several declarative models and process calculi from concurrent constraint programming (ccp) [3,8,9,11,15,18,23,25]. In these calculi,
processes can be thought of as both concurrent computational entities and logic
speciﬁcations (e.g., process composition can be seen as parallel execution and
conjunction). All ccp process calculi are parametric in a cs that speciﬁes partial
information upon which programs (processes) may act.
A cs is often represented as a complete algebraic lattice (Con, ). The elements of Con, the constraints, represent partial information and we shall think
of them as being assertions. The intended meaning of c d is that d speciﬁes
at least as much information as c (i.e., d entails c). The join operation , the
This work has been partially supported by the ANR project 12IS02001 PACE,
the Colciencias project 125171250031 CLASSIC, and Labex DigiCosme (project
ANR11LABEX0045DIGICOSME) operated by ANR as part of the program
“Investissement d’Avenir” Idex ParisSaclay (ANR11IDEX000302).
c Springer International Publishing AG 2016
A. Sampaio and F. Wang (Eds.): ICTAC 2016, LNCS 9965, pp. 214–232, 2016.
DOI: 10.1007/9783319467504 13
Deriving Inverse Operators for Modal Logic
215
bottom true and the top false of the lattice (Con, ) correspond to conjunction, the empty information and the join of all information, respectively. The
ccp operations and their logical counterparts typically have a corresponding elementary construct or operation on the elements of the constraint system. In particular, parallel composition and conjunction correspond to the join operation,
and existential quantiﬁcation and local variables correspond to a cylindriﬁcation
operation on the set of constraints [25].
Similarly, the notion of computational space and the epistemic notion of belief
in the sccp process calculi [15] correspond to a family of functions [·]i : Con →
Con on the elements of the constraint system Con that preserve ﬁnite suprema.
These functions are called space functions. A cs equipped with space functions is
called a spatial constraint system (scs). From a computational point of view the
assertion (constraint) [c]i speciﬁes that c resides within the space of agent i. From
an epistemic point of view, the assertion [c]i speciﬁes that agent i considers c to
be true (i.e. that in the world of agent i the assertion c is true). Both intuitions
convey the idea of c being local to agent i.
The Extrusion Problem. Given a space function [·]i , the extrusion problem consists in ﬁnding/constructing a right inverse of [·]i , called extrusion function, satisfying some basic requirements (e.g., preservation of ﬁnite suprema). By right
inverse of [·]i we mean a function ↑i : Con → Con such that [↑i c]i = c. From a
computational point of view, the intended meaning of [↑i c]i = c is that within a
space context [·]i , ↑i c extrudes c from agent i’s space. From an epistemic point of
view, we can use [↑i c]i to express utterances by agent i, i.e., to specify that agent
i wishes to say c to the outside world. One can then think of extrusion/utterance
as the right inverse of space/belief.
Modal logics [21] extend classical logic to include operators expressing modalities. Depending on the intended meaning of the modalities, a particular modal
logic can be used to reason about space, knowledge, belief or time, among others. Some modal logics have been extended with inverse modalities to specify,
for example, past tense assertions in temporal logic [24], utterances in epistemic
logic [13], and backward moves in modal logic for concurrency [19], among others.
Although the notion of spatial constraint system is intended to give an algebraic
account of spatial and epistemic assertions, we shall show that it is suﬃciently
robust to give an algebraic account of more general modal assertions.
Contributions. We shall study the extrusion problem for a meaningful family
of scs’s that can be used as semantic structures for modal logics. These scs’s
are called Kripke spatial constraint systems because its elements are Kripke
structures. We shall show that the extrusion functions of Kripke scs’s, i.e. the
right inverses of the space functions, correspond to right inverse modalities in
modal logic. We shall derive a complete characterization for the existence of right
inverses of space functions: The weakest restriction on the elements of Kripke
scs’s that guarantees the existence of right inverses. We shall also give an algebraic characterization of the modal logic notion of normality as maps that preserve ﬁnite suprema. We then give a complete characterization and derivations of
216
M. Guzm´
an et al.
extrusion functions that are normal (and thus they correspond to normal inverse
modalities). Finally, we use the abovementioned contributions to the problem
of whether a given modal language can be extended with right inverse operators. We discuss the implications of our results for speciﬁc modal languages
and modal concepts such the minimal modal logic Kn [10], HennessyMilner
logic [14], a modal logic of lineartime [20], and bisimulation.
2
Background: Spatial Constraint Systems
In this section we recall the notion of basic constraint system [3] and the more
recent notion of spatial constraint system [15]. We presuppose basic knowledge
of order theory and modal logic [1,2,10,21].
The concurrent constraint programming model of computation [25] is parametric in a constraint system (cs) specifying the structure and interdependencies
of the partial information that computational agents can ask of and post in a
shared store. This information is represented as assertions traditionally referred
to as constraints.
Constraint systems can be formalized as complete algebraic lattices [3]1 . The
elements of the lattice, the constraints, represent (partial) information. A constraint c can be viewed as an assertion (or a proposition). The lattice order is
meant to capture entailment of information: c d, alternatively written d c,
means that the assertion d represents as much information as c. Thus we may
think of c d as saying that d entails c or that c can be derived from d. The
least upper bound (lub) operator represents join of information; c
d, the
least element in the underlying lattice above c and d. Thus c
d can be seen
as an assertion stating that both c and d hold. The top element represents the
lub of all, possibly inconsistent, information, hence it is referred to as false. The
bottom element true represents the empty information.
Definition 1 (Constraint Systems [3]). A constraint system (cs) C is a
complete algebraic lattice (Con, ). The elements of Con are called constraints.
The symbols , true and false will be used to denote the least upper bound (lub)
operation, the bottom, and the top element of C, respectively.
We shall use the following notions and notations from order theory.
Notation 1 (Lattices). Let C be a partially ordered set (poset) (Con, ).
We shall use S to denote the least upper bound (lub) (or supremum or join)
of the elements in S, and S is the greatest lower bound (glb) ( inﬁmum or
meet) of the elements in S. We say that C is a complete lattice iff each subset
of Con has a supremum and an inﬁmum in Con. A nonempty set S ⊆ Con
is directed iff every ﬁnite subset of S has an upper bound in S. Also c ∈Con
is compact iff for any directed subset D of Con, c
D implies c
d for
1
An alternative syntactic characterization of cs, akin to Scott information systems, is
given in [25].
Deriving Inverse Operators for Modal Logic
217
some d ∈ D. A complete lattice C is said to be algebraic iff for each c ∈ Con,
the set of compact elements below it forms a directed set and the lub of this
directed set is c. A selfmap on Con is a function f :Con → Con. Let (Con,
) be a complete lattice. The selfmap f on Con preserves the supremum of
a set S ⊆ Con iff f ( S) = {f (c)  c ∈ S}. The preservation of the inﬁmum of a set is deﬁned analogously. We say f preserves ﬁnite/inﬁnite suprema
iﬀ it preserves the supremum of arbitrary ﬁnite/inﬁnite sets. Preservation of
ﬁnite/inﬁnite inﬁma is deﬁned similarly.
Spatial Constraint Systems. The authors of [15] extended the notion of cs to
account for distributed and multiagent scenarios where agents have their own
space for local information and for performing their computations.
Intuitively, each agent i has a space function [·]i from constraints to constraints. Recall that constraints can be viewed as assertions. We can then think
of [c]i as an assertion stating that c is a piece of information residing within a
space attributed to agent i. An alternative epistemic logic interpretation of [c]i
is an assertion stating that agent i believes c or that c holds within the space of
agent i (but it may not hold elsewhere). Both interpretations convey the idea that
c is local to agent i. Similarly, [[c]j ]i is a hierarchical spatial speciﬁcation stating
that c holds within the local space the agent i attributes to agent j. Nesting of
spaces can be of any depth. We can think of a constraint of the form [c]i [d]j as
an assertion specifying that c and d hold within two parallel/neighboring spaces
that belong to agents i and j, respectively. From a computational/ concurrency
point of view, we think of as parallel composition. As mentioned before, from
a logic point of view the join of information corresponds to conjunction.
Definition 2 (Spatial Constraint System [15]). An nagent spatial constraint system (nscs) C is a cs (Con, ) equipped with n selfmaps [·]1 , . . . , [·]n
over its set of constraints Con such that: (S.1) [true]i = true, and (S.2) [c
d]i =
[d]i for each c, d ∈ Con.
[c]i
Axiom S.1 requires space functions to be strict maps (i.e. bottom preserving).
Intuitively, it states that having an empty local space amounts to nothing. Axiom
S.2 states that the information in a given space can be distributed. Notice that
requiring S.1 and S.2 is equivalent to requiring that each [·]i preserves ﬁnite
suprema. Also S.2 implies that each [·]i is monotonic: I.e., if c d then [c]i [d]i .
Extrusion and utterance. We can also equip each agent i with an extrusion
function ↑i : Con → Con. Intuitively, within a space context [·]i , the assertion ↑i c
speciﬁes that c must be posted outside of (or extruded from) agent i’s space. This
is captured by requiring the extrusion axiom [ ↑i c ]i = c. In other words, we view
extrusion/utterance as the right inverse of space/belief (and thus space/belief as
the left inverse of extrusion/utterance).
Definition 3 (Extrusion). Given an nscs (Con, , [·]1 , . . . , [·]n ), we say that
↑i is extrusion function for the space [·]i iﬀ ↑i is a right inverse of [·]i , i.e., iﬀ
[ ↑i c ]i = c.
218
M. Guzm´
an et al.
From the above deﬁnitions it follows that [c ↑i d]i = [c]i d. From a spatial
point of view, agent i extrudes d from its local space. From an epistemic view
this can be seen as an agent i that believes c and utters d to the outside world.
If d is inconsistent with c, i.e., c d = false, we can see the utterance as an
intentional lie by agent i: The agent i utters an assertion inconsistent with their
own beliefs.
The Extrusion/Right Inverse Problem. A legitimate question is: Given
space [·]i can we derive an extrusion function ↑i for it? From set theory we
know that there is an extrusion function (i.e., a right inverse) ↑i for [·]i iff [·]i
is surjective. Recall that the preimage of y ∈ Y under f : X → Y is the set
f −1 (y) = {x ∈ X  y = f (x)}. Thus the extrusion ↑i can be deﬁned as a
function, called choice function, that maps each element c to some element from
the preimage of c under [·]i .
The existence of the abovementioned choice function assumes the Axiom
of Choice. The next proposition from [13] gives some constructive extrusion
functions. It also identiﬁes a distinctive property of space functions for which a
right inverse exists.
Proposition 1. Let [·]i be a space function of scs. Then
1. If [false]i = false then [·]i does not have any right inverse.
2. If [·]i is surjective and preserves arbitrary suprema then ↑i : c →
right inverse of [·]i and preserve arbitrary inﬁma.
3. If [·]i is surjective and preserves arbitrary inﬁma then ↑i : c →
right inverse of [·]i and preserve arbitrary suprema.
−1
[c]i
−1
[c]i
is a
is a
We have presented spatial constraint systems as algebraic structures for spatial
and epistemic behaviour as that was their intended meaning. Nevertheless, we
shall see that they can also provide an algebraic structure to reason about Kripke
models with applications to modal logics.
In Sect. 4 we shall study the existence, constructions and properties of right
inverses for a meaningful family of scs’s; the Kripke scs’s. The importance of
such a study is the connections we shall establish between right inverses and
reverse modalities which are present in temporal, epistemic and other modal
logics. Property (1) in Proposition 1 can be used as a test for the nonexistence
of a rightinverse. The space functions of Kripke scs’s preserve arbitrary suprema,
thus Property (2) will be useful. They do not preserve in general arbitrary (or
even ﬁnite) inﬁma so we will not apply Property (3).
It is worth to point out that the derived extrusion ↑i in Property (3), preserves
arbitrary suprema, this implies ↑i is normal in a sense we shall make precise next.
Normal selfmaps give an abstract characterization of normal modal operators, a
fundamental concept in modal logic. We will be therefore interested in deriving
normal inverses.