Action Evaluation
Jan van Eijck
CWI, Amsterdam and Uil-OTS, Utrecht
Ji Ruan
University of Liverpool
Tomasz Sadzik
Stanford University
Abstract. A short note on how to evaluate formulas in action models.
1. Partial Evaluation in Action Models
Let A be an action model. Let Σ be the set of preconditions occurring in
A. (assume these are expressions from language LAN G0 ). Let σ range
over Σ. Consider the modal language over Σ:
φ ::= true | p | ¬φ | φ1 ∧ φ2 | [i]φ
Call this the modal language of A. We define verification and falsification
of formulas from the language of A in A.
DEFINITION 1. (Verification and Falsification in Action Models).
A |=s true
A =|s true
A |=s p
A =|s p
A |=s ¬φ
A =|s ¬φ
A |=s φ1 ∧ φ2
A =|s φ1 ∧ φ2
A |=s [i]φ
always
never
pres |= p
pres |= ¬p (i.e., pres ∧ p inconsistent)
A =|s φ
A |=s φ
A |=s φ1 and A |=s φ2
A =|s φ1 or A =|s φ2
either pres′ |= [i]φ or
if
if
if
if
if
if
if
A =|s [i]φ
for all s′ with s→s′ : A |=s′ φ
if either pres′ |= ¬[i]φ or
i
i
for some s′ with s→s′ : A =|s′ φ
Read A |=s φ as “s verifies φ in A”, and A =|s φ as “s falsifies φ
in A”. Note that the clauses for truth and falsity of p and of [i]φ use
the concept of logical consequence for the logic of Σ. The evaluation
uses the strong Kleene scheme (invented by Kleene [4] to describe the
c 2008 Kluwer Academic Publishers. Printed in the Netherlands.
ActionEvaluation.tex; 19/02/2008; 14:18; p.1
2
behaviour of partial recursive functions, where the evaluation procedure
can loop), extended with the (rather obvious) treatment of the modal
operators. Since the case of both true and false is not excluded, we have
in fact a Belnap-style four valued system [1].
For convenience, we work out the verification and falsification rules
for ∨ and hii from the definitions:
A |=s φ1 ∨ φ2 if A |=s φ1 or A |=s φ2
A =|s φ1 ∨ φ2 if A =|s φ1 and A =|s φ2
A |=s hiiφ
if either pre s′ |= hiiφ or
i
A =|s hiiφ
for some s′ with s→s′ : A |=s′ φ
if either pre s′ |= ¬hiiφ or
i
for some s′ with s→s′ : A =|s′ φ
For examples where neither A |=s φ nor A =|s φ, think of a state s with
precondition p. Then A 6|=s q and A 6=|s q, for q does not follow from the
precondition of s nor is q inconsistent with the precondition of s. But we
can also have contradictions! Take an action model A with two states
i
s and s′ with s→s′ (and no other pairs in Ri ), with pre s = [i]p and
pre s′ = ¬p. Then A |=s [i]p because [i]p equals the precondition of s,
but also A =|s [i]p, because for the only i-accessible state, s′ , it holds
that A =|s′ p (since p is inconsistent with the precondition of s′ ).
For a full treatment we will have to extend strong Kleene evaluation
to the full language LAN G0 , but it is rather obvious how to do this.
LEMMA 2. For all action models A, all A-states s, all φ in the language
of A: pres |= φ implies A |=s φ, and pres |= ¬φ implies A =|s φ.
Proof. Induction on the structure of φ. If φ equals true the statement
certainly holds. If φ equals p, then pre s |= p implies A |=s p by the
definition of verification, and pre s |= ¬p implies A =|s p, again by the
definition of verification.
Assume the statement holds for φ1 , φ2 . We show that it also holds
for ¬φ1 , φ1 ∧ φ2 , [i]φ1 .
Assume pre s |= ¬φ1 . We have to show A |=s ¬φ1 . This follows
immediately from A =|s φ (by induction hypothesis) and the definition
of verification for ¬. Assume pre s |= ¬¬φ1 . Then pre s |= φ1 , and, by
induction hypothesis, A |=s φ, and hence A =|s ¬φ.
Assume pre s |= φ1 ∧ φ2 . Then pre s |= φ1 and pre s |= φ2 , hence by
twice the induction hypothesis, A |=s φ1 and A |=s φ2 . Hence A |=s
φ1 ∧ φ2 . Assume pre s |= ¬(φ1 ∧ φ2 ). Then pre s |= ¬φ1 or pre s |= ¬φ2 .
Therefore, by induction hypothesis, either A =|s φ1 or A =|s φ2 . Hence
A =|s φ1 ∧ φ2 .
ActionEvaluation.tex; 19/02/2008; 14:18; p.2
3
Assume pre s |= [i]φ1 . Then A |=s [i]φ1 by definition of verification
for [i]. Assume pre s |= ¬[i]φ1 . Then A =|s [i]φ1 by the clause for
falsification of [i].
✷
If we know that the formulas are purely propositional, we can turn
this around:
LEMMA 3. For all action models A, all A-states s, all φ in the purely
propositional fragment of the language of A:
A |=s φ iff pres |= φ, and A =|s φ iff pres |= ¬φ.
Proof. Induction on the propositional structure of φ. If φ equals true
the statement certainly holds. If φ equals p, then A |=s p iff pre s |= p
by the definition of verification, and A =|s p iff pre s |= ¬p, again by
the definition of verification.
Assume the statement holds for φ1 , φ2 . We show that it also holds
for ¬φ1 and φ1 ∧ φ2 .
A |=s ¬φ1 iff (definition of verification) A =|s φ1 iff (induction
hypothesis) pre s |= ¬φ1 . A =|s ¬φ1 iff (definition of falsification) A |=s
φ1 iff (induction hypothesis) pre s |= φ1 iff pre s |= ¬¬φ1 .
A |=s φ1 ∧ φ2 iff (definition of verification) A |=s φ1 and A |=s φ2 iff
(induction hypothesis) pre s |= φ1 and pre s |= φ2 iff pre s |= φ1 ∧ φ2 .
A =|s φ1 ∧ φ2 iff (definition of falsification) A =|s φ1 or A =|s φ2 iff
(induction hypothesis) pre s |= ¬φ1 or pre s |= ¬φ2 iff pre s |= ¬φ1 ∨ ¬φ2
iff pre s |= ¬(φ1 ∧ φ2 ).
✷
Finally, we note for the record:
PROPOSITION 4. A |=s φ and φ |= ψ implies A |=s ψ, and A =|s φ
and ψ |= φ implies A =|s ψ.
2. Smoothness
DEFINITION 5. Call a formula φ a constraint formula if φ is equivalent to a formula built from purely propositional formulas by means of
[i], ∧ and ∨ (i.e., a formula in the language
φ ::= ψ | φ1 ∧ φ2 | φ1 ∨ φ2 | [i]φ,
where ψ is purely propositional).
ActionEvaluation.tex; 19/02/2008; 14:18; p.3
4
So here is a way to single out the smooth action models: smooth are
the action models where every constraint formula that follows logically
from the precondition of a state is consistent with that state.
DEFINITION 6. Action model A is smooth if for all s ∈ WA and all
constraint formulas φ in the language of A: if pres |= φ then A 6 =|s φ.
i
a..z
0: p & -[i]p
0: p & -[(a U...U z)*]p
Figure 1. Action models for the Moore announcement (left) and the Al Gore
announcement (right).
The reason to restrict the consistency requirement to constraint formulas
is to allow action models with preconditions that ‘falsify themselves’,
such as an announcement of the Moore sentence p ∧ ¬[i]p. The action
model for this (Figure 1 left, with ∧ written as &) has formulas that
are falsified at state 0 while they also follow from the precondition of
0: we have p ∧ ¬[i]p |= ¬[i]p, but also =|0 ¬[i]p. Since p is true at 0, and
0 is the only i-accessible state from 0, |=0 [i]p, and therefore =|0 ¬[i]p.
This does not contradict smoothness; the precondition p ∧ ¬[i]p does
not constrain the accessibility relation in the action model itself, for
the precondition has no non-trivial modal consequences of the form
[i]φ1 ∨ · · · ∨ [i]φn . A similar thing holds for the Al Gore announcement
p ∧ ¬[(a1 ∪ · · · ∪ an )∗ ]p in Figure 1, right.
Note that smoothness is a natural extension of consistency:
PROPOSITION 7. If A is smooth then all preconditions in A are
consistent.
Proof. Suppose A is smooth. Let s be a state in A and assume pre s
is inconsistent. Then pre s |= false and A =|s false, and since false is a
constraint formula, it follows that A is not smooth.
PROPOSITION 8. If each precondition of A is a consistent purely
propositional formula, then A is smooth.
Proof. Let A be an action model with each precondition a consistent
purely propositional formula. Let s be a state in A, and let φ be
a constraint formula such that pre s |= φ. Then since pre s is purely
propositional, φ is equivalent to a purely propositional formula. Because
pre s is consistent, pre s |= φ implies pre s 6|= ¬φ. Lemma 3 gives that
A 6 =|s φ.
ActionEvaluation.tex; 19/02/2008; 14:18; p.4
5
THEOREM 9. Let A be a smooth action model. Then for no state s
in the domain of A and no constraint formula φ it holds that A =|s φ
and A |=s φ.
Proof. Induction on the structure of the constraint formula. For
purely propositional constraints the property holds by Lemma 3 and
the consistency of pre s .
Assume the property holds for φ1 and φ2 . Then the property is easy
to prove for φ1 ∧ φ2 and φ1 ∨ φ2 . Finally, suppose A =|s [i]φ1 and
A |=s [i]φ1 . There are three cases: (i) pre s |= [i]φ, (ii) pre s |= ¬[i]φ,
and (iii) neither of pre s |= [i]φ and pre s |= ¬[i]φ. In case (i), it follows
from the smoothness of A that A 6 =| [i]φ, and contradiction. In case
(ii), it follows from the smoothness of A that A 6 =| ¬[i]φ. From this,
by the clause for falsification, A 6|= [i]φ, and contradiction. In case (iii),
we get from A =|s [i]φ1 by the definition of falsification that there is
i
some s′ with s→s′ and A =|s′ φ1 . Similarly, we get from A |=s [i]φ1
i
by the definition of verification that for all s′ with s→s′ it holds that
✷
A |=s′ φ1 . Contradiction with the induction hypothesis.
DEFINITION 10. If A is an action model and s a state in Ws , then
Φs is given by
Φs = {φ | φ is a constraint formula and A |=s φ}
THEOREM 11. If A is a smooth action model then for each state s in
the domain of A the set {pres } ∪ Φs is consistent.
Proof. Let A be a smooth action model and s a state in WA . Assume
{pre s } ∪ Φs is inconsistent. Then there is some φ ∈ ({pre s } ∪ Φs ) with
({pre s } ∪ Φs ) − {φ} |= ¬φ. It follows that A |=s ¬φ. From this, A =|s φ,
and contradiction with Theorem 9.
✷
3. Filtration and Canonical Models
Our goal in Section 4 is to provide a recipe for turning any action model
into an equivalent smooth action model. Next, in Section ??, we will
prove the converse of Theorem ?? for all smooth action models, i.e., we
will extend Theorem ?? from purely propositional action models to all
smooth action models.
For both goals we need a technique (called filtration) for constructing
models from sets of formulas. The filtration technique in modal logic
is used to construct a finite model for a consistent modal formula φ
(see [2]). For ordinary modal logic the construction is based on the
ActionEvaluation.tex; 19/02/2008; 14:18; p.5
6
set of all sub-formulas of φ, but in PDL we have to be careful in the
handling of formulas with complex modalities α, so we need so-called
Fischer/Ladner closures [3].
DEFINITION 12. Let Σ be a set of LAN G0 formulas. Then FL(Σ),
the Fischer/Ladner closure of Σ, is the smallest set of formulas X that
has Σ ⊆ X, that is closed under taking sub-formulas, and that satisfies
the following constraints:
− if [α ∪ α′ ]φ ∈ X then [α]φ ∈ X and [α′ ]φ ∈ X,
− if [α; α′ ]φ ∈ X then [α][α′ ]φ ∈ X,
− if [α∗ ]φ ∈ X then [α][α∗ ]φ ∈ X.
Note that the definition handles the actual formulas of the language,
not their abbreviations. As an example, consider Σ = {[(a ∪ b)∗ ]h}.
Then
FL(Σ) = {[(a ∪ b)∗ ]h, [(a ∪ b)][(a ∪ b)∗ ]h, [a][(a ∪ b)∗ ]h, [b][(a ∪ b)∗ ]h, h}.
DEFINITION 13. (Closure under single negation). For any formula φ,
define ∼φ, the single negation of φ, as follows: if φ has the form ¬ψ
then ∼φ = ψ, otherwise ∼φ = ¬φ. Then ∼φ forms the negation of φ,
while cancelling double negations. A set of formulas X is closed under
single negations if φ ∈ X implies ∼φ ∈ X.
DEFINITION 14. (Closure of Σ). For any formula set Σ, the closure
of Σ, notation ¬FL(Σ) is the smallest set X which contains FL(Σ) and
is closed under single negations.
As an example, observe that the closure of {[(a ∪ b)∗ ]h} consists of the
union of FL({[(a ∪ b)∗ ]h}) and the set of all negations of formulas in
FL({[(a ∪ b)∗ ]h}).
In building epistemic models and action models from sets of formulas
Σ we can take worlds (or actions) to be maximal consistent sets of
formulas taken from ¬FL(Σ).
DEFINITION 15. Let Σ be a set of formulas. A set of formulas Γ is
an atom over Σ if Γ is a maximal consistent subset of ¬FL(Σ). Let
At(Σ) be the set of all atoms over Σ.
It is easy to show for every consistent formula φ ∈ ¬FL(Σ) there is
a Γ ∈ At(Σ) with φ ∈ Γ (see [2]). For any finite formula set Γ, let
b = V Γ.
Γ
ActionEvaluation.tex; 19/02/2008; 14:18; p.6
7
DEFINITION 16. The canonical model MΣ over finite formula set Σ
is given by
WΣ
= At(Σ),
VΣ (Γ) = {p ∈ Prop | p ∈ Γ},
b ∧ hiiΓb′ is consistent }.
RΣ (i) = {(Γ, Γ′ ) | Γ
See [2] for a proof that this canonical model ‘works’, in the sense that
we can prove the following:
LEMMA 17. (Truth Lemma). For all atoms Γ ∈ At(Σ) and all φ ∈
¬FL(Σ) it is the case that MΣ |=Γ φ iff φ ∈ Γ.
4. Construction of Smooth Action Models
Let A be an action model with set of preconditions Σ. We will show
how to turn A into a smooth action models, by imposing constraints
on the accessibilities, using sets of constraints from ¬FL(Σ).
DEFINITION 18. Let ¬FLC(Σ) be the set of all constraint formulas
in ¬FL(Σ). Let Σ be a set of preconditions. For each atom Γ over Σ,
call the set Γ ∩ ¬FLC(Σ) a constrained atom over Σ.
Note that if Γ is an atom of Σ, then ∆ = Γ ∩ ¬FLC (Σ) will be
closed as follows: if ¬φ ∈ ∆ then φ is purely propositional and φ ∈
/ ∆,
if φ1 ∧ φ2 ∈ ∆ then φ1 , φ2 ∈ ∆, and if φ1 ∨ φ2 ∈ ∆ then φ1 ∈ ∆ or
φ2 ∈ ∆. We will use constrained atoms to build smooth action models.
DEFINITION 19. Let A be an action model, and let Σ be the set of
preconditions of A. Assume without loss of generality that all preconditions
in A are consistent. (If this is not the case, just restrict A to the action
models with consistent preconditions.) Then Sm(A) is the action model
(W, pre, R) given by
W
= {(s, ∆) |
s ∈ WA , ∆ a constrained atom consistent with pres },
pre(s, ∆) = pre(s),
i
c′ consistent}.
b ∧ hii∆
R(i)
= {((s, ∆), (s′ , ∆′ )) ∈ W 2 | s→s′ , ∆
If S is the set of distinctive points of A, then
Sm(S) = {(s, ∆) ∈ W | s ∈ S}
is the set of distinctive points of Sm(A).
ActionEvaluation.tex; 19/02/2008; 14:18; p.7
8
LEMMA 20. Let A be an action model with precondition set Σ, Let φ
be a constraint formula in ¬FL(Σ) and let (s, ∆) be a state in Sm(A).
Then
Sm(A) |=(s,∆) φ implies φ ∈ ∆, and Sm(A) =|(s,∆) φ implies φ ∈
/ ∆.
Proof. Induction on the structure of constraint formula φ. Let φ be
purely propositional, and assume Sm(A) |=(s,∆) φ. Then by Lemma 3,
pre(s, ∆) |= φ. Since pre(s, ∆) = pre s it follows by construction of ∆
that φ ∈ ∆. Assume Sm(A) =|(s,∆) φ. Then by Lemma 3, pre(s, ∆) |=
¬φ. Since pre(s, ∆) = pre s it follows by construction of ∆ that φ ∈
/ ∆.
Now assume the property holds for constraint formulas φ1 , φ2 . We
show that it also holds for φ1 ∧ φ2 , φ1 ∨ φ2 , [i]φ1 .
Assume Sm(A) |=(s,∆) φ1 ∧φ2 . Then by the definition of verification,
Sm(A) |=(s,∆) φ1 and Sm(A) |=(s,∆) φ2 . By the induction hypothesis,
φ1 ∈ ∆ and φ2 ∈ ∆. It follows that φ1 ∧ φ2 ∈ ∆. Assume Sm(A) =|(s,∆)
φ1 ∧ φ2 . Then by the definition of falsification, Sm(A) =|(s,∆) φ1 or
Sm(A) =|(s,∆) φ2 . By the induction hypothesis, φ1 ∈
/ ∆ or φ2 ∈
/ ∆. It
follows that φ1 ∧ φ2 ∈
/ ∆.
Assume Sm(A) |=(s,∆) φ1 ∨φ2 . Then by the definition of verification,
Sm(A) |=(s,∆) φ1 or Sm(A) |=(s,∆) φ2 . By the induction hypothesis,
φ1 ∈ ∆ or φ2 ∈ ∆. It follows that φ1 ∨ φ2 ∈ ∆. Assume Sm(A) =|(s,∆)
φ1 ∨ φ2 . Then by the definition of falsification, Sm(A) =|(s,∆) φ1 and
Sm(A) =|(s,∆) φ2 . By the induction hypothesis, φ1 ∈
/ ∆ and φ2 ∈
/ ∆. It
follows that φ1 ∨ φ2 ∈
/ ∆.
Assume Sm(A) |=(s,∆) [i]φ1 . Then by the definition of verification,
i
either pre(s, ∆) |= [i]φ1 or for all (s′ , ∆′ ) with (s, ∆)→(s′ , ∆′ ) it holds
that Sm(A) |=(s′ ,∆′ ) φ1 . In the first case, pre s |= [i]φ1 , and therefore
[i]φ ∈ ∆. In the second case, the induction hypothesis yields φ1 ∈ ∆′
i
c′
b ∧ hii∆
for all (s′ , ∆′ ) with (s, ∆)→(s′ , ∆′ ), It follows that all ∆′ with ∆
′
consistent satisfy φ1 ∈ ∆ . Therefore, [i]φ1 is consistent with ∆. It
follows by the construction of ∆ that [i]φ1 ∈ ∆.
Assume Sm(A) =|(s,∆) [i]φ1 . Then by the definition of falsification,
i
either pre(s, ∆) |= ¬[i]φ1 or there is a (s′ , ∆′ ) with (s, ∆)→(s′ , ∆′ )
and Sm(A) =|(s′ ,∆′ ) φ1 . In the first case, pre s |= ¬[i]φ1 , and therefore
[i]φ ∈
/ ∆, by the construction of ∆. In the second case, the induction
i
c′ is consistent.
b
hypothesis yields φ1 ∈
/ ∆′ . (s, ∆)→(s′ , ∆′ ) implies ∆∧hii
∆
Therefore, hii∼φ is consistent with ∆, i.e., ∼[i]φ is consistent with ∆.
It follows by construction of ∆ that [i]φ ∈
/ ∆.
✷
THEOREM 21. For each action model A it holds that Sm(A) is smooth.
ActionEvaluation.tex; 19/02/2008; 14:18; p.8
9
Proof. Let φ be a constraint formula. We assume without loss of
generality that φ ∈ ¬FL(Σ), where Σ is the set of preconditions in A.
Asssume Sm(A) |=(s,∆) φ. We will prove by induction on the structure
of φ that Sm(A) 6 =|(s,∆) φ.
Basis. If φ is purely propositional then Sm(A) |=(s,∆) φ implies
pre(s, ∆) |= φ, by Lemma 3, and therefore pre(s, ∆) 6|= ¬φ, by consistency
of the preconditions, and again by Lemma 3, Sm(A) 6 =|(s,∆) φ.
Induction step. Suppose the property holds for constraint formulas
φ1 and φ2 . Let φ = φ1 ∧φ2 . Then by the verification definition, it follows
from
Sm(A) |=(s,∆) φ1 ∧ φ2
that
Sm(A) |=(s,∆) φ1 and Sm(A) |=(s,∆) φ2 .
By the induction hypothesis, Sm(A) 6 =|(s,∆) φ1 and Sm(A) 6 =|(s,∆) φ2 .
By the definition of falsification, Sm(A) 6 =|(s,∆) φ1 ∧ φ2 .
The case of φ ∨ φ2 is similar.
Let φ = [i]φ1 , Then by the verification definition, it follows from
Sm(A) |=(s,∆) [i]φ1 that either pre(s, ∆) |= [i]φ1 or for all (s′ , ∆′ ) with
i
(s, ∆)→(s′ , ∆′ ) it holds that Sm(A) |=(s,∆) φ1 .
In the first case, pre(s, ∆) |= [i]φ1 implies pre s |= [i]φ1 . Therefore
A |=s [i]φ1 , and hence [i]φ1 ∈ ∆, by Lemma 20. Now suppose there
i
is a pair (s′ , ∆′ ) with (s, ∆)→(s′ , ∆′ ). Then from the definition of the
c′ is consistent. Thus,
b ∧ hii∆
accessibilities in Sm(A), it follows that ∆
′
φ1 ∈ ∆ . Therefore, by Lemma 20, Sm(A) 6 =|(s′ ,∆′ ) φ1 . By the definition
of falsification, Sm(A) 6 =|(s,∆) [i]φ1 .
In the second case, we can assume pre(s, ∆) 6|= [i]φ1 . The induction
i
hypothesis gives that for all (s′ , ∆′ ) with (s, ∆)→(s′ , ∆′ ) it holds that
Sm(A) 6 =|(s,∆) φ1 . By the definition of falsification and the fact that
pre(s, ∆) 6|= [i]φ1 , it follows that Sm(A) 6 =|(s,∆) [i]φ1 .
Question: can we extend this to the case of PDL formulas, where
there is no notion of modal degree?
THEOREM 22. For every distinctive action model (A, S) it holds that
(A, S) ≡ (Sm(A), Sm(S)).
Proof. Let M be an arbitrary epistemic model. The relation
C ⊆ WM ⊗A × WM ⊗Sm (A)
given by
b
(w, s)C(w′ , (s′ , ∆)) :≡ w = w′ ∧ s = s′ ∧ M |=w ∆
ActionEvaluation.tex; 19/02/2008; 14:18; p.9
10
is a bisimulation that connects S to Sm(S). Thus,
(A, S) ≡ (Sm(A), Sm(S)).
LEMMA 23. (A, S) is smooth iff (A, S) ↔ (Sm(A), Sm(S)).
Proof. Let (A, S) be smooth. Let Σ be the preconditions in A. We
show that the relation
C ⊆ WA × WSm (A)
given by
sC(s′ , ∆) iff s = s′
is a bisimulation.
Assume sC(s, ∆). Then pre s = pre(s, ∆), so invariance holds,
i
For the zig condition, suppose s→s′ . Let ∆′ be any constrained atom
over Σ with
{φ ∈ ¬FLC (Σ) | pre s′ |= φ} ⊆ ∆′
and
{δ | [i]δ ∈ ∆} ⊆ ∆′ .
Such a constrained atom ∆′ exists, for suppose the set
{φ ∈ ¬FLC (Σ) | pre s′ |= φ} ∪ {δ | [i]δ ∈ ∆}
is inconsistent. Since by consistency of pre s′ the set
X = {φ ∈ ¬FLC (Σ) | A |=s′ φ}
is consistent, it follows that there is some [i]δ ∈ ∆ such that δ is
inconsistent with X, i.e., such that ¬δ follows from X. This means, by
Lemma 2, that A |=s′ ¬δ, and therefore A =|s′ δ. By the smoothness
of A, it follows that pre s′ 6|= δ, and contradiction with δ ∈ X.
i
c′ is consistent by the construction of ∆′ , we
b ∧ hii∆
Since s→s′ and ∆
i
have that (s, ∆)→(s′ , ∆′ ). Obviously, we also have s′ C(s′ , ∆′ ).
i
i
For the zag direction, assume (s, ∆)→(s′ , ∆′ ). This implies s→s′ .
Obviously, also s′ C(s′ , ∆′ ).
THEOREM 24. Let (A, S) and (B, T ) be smooth action models. Then
(A, S) ≡ (B, T ) implies (A, S) ⇆ (B, T ).
Proof. Let Σ be the set of preconditions occurring in A, and Π the
set of preconditions occurring in B.
By the fact that A and B are smooth, we can use Lemma 23.
From a bisimulation between (M, W ) ⊗ (A, S) and (M, W ) ⊗ (B, T )
ActionEvaluation.tex; 19/02/2008; 14:18; p.10
11
this lemma gives us a bisimulation between (M, W ) ⊗ (Sm(A), Sm(S))
and (M, W ) ⊗ (Sm(B), Sm(T )). So first replace A by Sm(A) and B by
Sm(B).
Let M = MΣ∪Π be the canonical model built from these preconditions,
and let W = WΣ∪Π . From (A, S) ≡ (B, T ) it follows that
(M, W ) ⊗ (A, S) ↔ (M, W ) ⊗ (B, T ).
From this, with Lemma 23:
(M, W ) ⊗ (Sm(A), Sm(S)) ↔ (M, W ) ⊗ (Sm(B), Sm(T )).
Now define a binary relation E ⊆ WSm (A) × WSm (B) by means of
(s, ΓA )E(t, ΓB ) :≡ there is a Γ ∈ WM such that
ΓA is the restriction of Γ to ¬FLC (Σ),
ΓB is the restriction of Γ to ¬FLC (Π),
and (Γ, (s, ΓA )) ↔ (Γ, (t, ΓB )).
We show that E is an action emulation. Suppose (s, ΓA )E(t, ΓB ). Then
Invariance By the definition of E, it follows from (s, ΓA )E(t, ΓB )
that for some Γ ∈ WM : (Γ, (s, ΓA )) ↔ (Γ, (t, ΓB )). From the fact
that (Γ, (s, ΓA )) is in the update, M |=Γ pre s , whence by the truth
lemma, pre s ∈ Γ. By the same reasoning we get that pre t ∈ Γ.
Since Γ is consistent, it follows that pre s ∧ pre t is consistent.
i
Zig Suppose (s, ΓA )→(s′ , Γ′ A ). By the definition of Sm(A), it follows
i
i
d
A ∧ hiiΓ
′ A is consistent.
that s→s′ and ΓA →Γ′ A . Thus, Γc
i
This means that there is some Γ′ ∈ WM with pre s′ ∈ Γ′ and Γ→Γ′ ,
and Γ′ A the restriction of Γ′ to ¬FLC (Σ).
Now applying (Γ, (s, ΓA )) ↔ (Γ, (t, ΓB )), we find a non-empty set
G given by:
B
G = {(Γ′′ , (t′ , Γ′′ )) ∈ WM ⊗Sm (B) |
i
B
(Γ, (t, ΓB ))→(Γ′′ , (t′ , Γ′′ ))
A
B
and (Γ′ , (s′ , Γ′ ) ↔ (Γ′′ , (t′ , Γ′′ ))}.
Since M |=Γ′′ pre t′ for all (Γ′′ , (t′ , Γ′′ B ) ∈ G, it follows that pre s′ |=
pre t1 ∨ · · · ∨ pre tn .
Zag Same reasoning vice versa.
ActionEvaluation.tex; 19/02/2008; 14:18; p.11
12
Check that E connects every state pair ((s, ΓA ), (t, ΓB )) ∈ Sm(S) ×
Sm(T ) for which pre s ∧ pre t is consistent.
✷
5.
Kleene evaluation in smooth action models might be a powerful tool
for investigating update effect. We can investigate what happens to
formulas that evaluate to true in a smooth update model. Will they
all be made true by the update, in the sense that if M |=w pre s and
A |=s φ then M ⊗ A |=(w,a) φ?
References
1.
2.
3.
4.
Belnap, N. A useful four-valued logic. In Modern Uses of Multiple-valued Logic
(1977), J. Dunn and G. Epstein, Eds., Reidel, Dordrecht, pp. 8–37.
Blackburn, P., de Rijke, M., and Venema, Y. Modal Logic. Cambridge
Tracts in Theoretical Computer Science. Cambridge University Press, 2001.
Fischer, M., and Ladner, R. Propositional dynamic logic of regular programs.
Journal of Computer and System Sciences 18, 2 (1979), 194–211.
Kleene, S. On notation for ordinal numbers. Journal of Symbolic Logic 3
(1938), 150–155.
ActionEvaluation.tex; 19/02/2008; 14:18; p.12