Negation normal form for Linear Temporal Logic #
We define negation normal form (NNF) formulas, their language, and a translation
LTL.toNNF from LTL formulas to equivalent NNF formulas. The main result
LTL.exists_equiv_nnf shows every LTL formula has an equivalent NNF formula.
Linear temporal logic formulas in negation normal form over atomic
propositions AP: negation is pushed to the atoms (atom/not_atom), and the
temporal operators are next, until, and the dual release.
- atom {AP : Type} (p : AP) : NNF AP
- not_atom {AP : Type} (p : AP) : NNF AP
- and {AP : Type} (f g : NNF AP) : NNF AP
- or {AP : Type} (f g : NNF AP) : NNF AP
- next {AP : Type} (f : NNF AP) : NNF AP
- until {AP : Type} (f g : NNF AP) : NNF AP
- release {AP : Type} (f g : NNF AP) : NNF AP
Instances For
Equations
- One or more equations did not get rendered due to their size.
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.atom a) (LeanModelChecking.NNF.atom b) = if h : a = b then h ▸ isTrue ⋯ else isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.atom p) (LeanModelChecking.NNF.not_atom p_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.atom p) (f.and g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.atom p) (f.or g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.atom p) f.next = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.atom p) (f.until g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.atom p) (f.release g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.not_atom p) (LeanModelChecking.NNF.atom p_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.not_atom a) (LeanModelChecking.NNF.not_atom b) = if h : a = b then h ▸ isTrue ⋯ else isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.not_atom p) (f.and g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.not_atom p) (f.or g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.not_atom p) f.next = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.not_atom p) (f.until g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (LeanModelChecking.NNF.not_atom p) (f.release g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.and g) (LeanModelChecking.NNF.atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.and g) (LeanModelChecking.NNF.not_atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.and g) (f_1.or g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.and g) f_1.next = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.and g) (f_1.until g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.and g) (f_1.release g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.or g) (LeanModelChecking.NNF.atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.or g) (LeanModelChecking.NNF.not_atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.or g) (f_1.and g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.or g) f_1.next = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.or g) (f_1.until g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.or g) (f_1.release g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq f.next (LeanModelChecking.NNF.atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq f.next (LeanModelChecking.NNF.not_atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq f.next (f_1.and g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq f.next (f_1.or g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq a.next b.next = if h : a = b then h ▸ have inst := LeanModelChecking.instDecidableEqNNF.decEq a a; isTrue ⋯ else isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq f.next (f_1.until g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq f.next (f_1.release g) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.until g) (LeanModelChecking.NNF.atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.until g) (LeanModelChecking.NNF.not_atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.until g) (f_1.and g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.until g) (f_1.or g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.until g) f_1.next = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.until g) (f_1.release g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.release g) (LeanModelChecking.NNF.atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.release g) (LeanModelChecking.NNF.not_atom p) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.release g) (f_1.and g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.release g) (f_1.or g_1) = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.release g) f_1.next = isFalse ⋯
- LeanModelChecking.instDecidableEqNNF.decEq (f.release g) (f_1.until g_1) = isFalse ⋯
Instances For
The language of an NNF formula: the predicate on infinite words w that holds
exactly when w satisfies f at position 0.
Equations
- (LeanModelChecking.NNF.atom p).language w = (p ∈ w 0)
- (LeanModelChecking.NNF.not_atom p).language w = ¬p ∈ w 0
- (f_2.and g).language w = (f_2.language w ∧ g.language w)
- (f_2.or g).language w = (f_2.language w ∨ g.language w)
- f_2.next.language w = f_2.language fun (j : ℕ) => w (j + 1)
- (f_2.until g).language w = ∃ (i : ℕ), (g.language fun (j : ℕ) => w (j + i)) ∧ ∀ (k : ℕ), k < i → f_2.language fun (j : ℕ) => w (j + k)
- (f_2.release g).language w = ∀ (i : ℕ), (g.language fun (j : ℕ) => w (j + i)) ∨ ∃ (k : ℕ), k < i ∧ f_2.language fun (j : ℕ) => w (j + k)
Instances For
Translate an LTL formula to an NNF formula, optionally negated: the Boolean
flag, when true, requests the NNF of the negation of the formula, allowing
negation to be pushed down to the atoms recursively.
Equations
- LeanModelChecking.LTL.toNNFCore false (LeanModelChecking.LTL.atom p) = LeanModelChecking.NNF.atom p
- LeanModelChecking.LTL.toNNFCore true (LeanModelChecking.LTL.atom p) = LeanModelChecking.NNF.not_atom p
- LeanModelChecking.LTL.toNNFCore false f.not = LeanModelChecking.LTL.toNNFCore true f
- LeanModelChecking.LTL.toNNFCore true f.not = LeanModelChecking.LTL.toNNFCore false f
- LeanModelChecking.LTL.toNNFCore false (f.or g) = (LeanModelChecking.LTL.toNNFCore false f).or (LeanModelChecking.LTL.toNNFCore false g)
- LeanModelChecking.LTL.toNNFCore true (f.or g) = (LeanModelChecking.LTL.toNNFCore true f).and (LeanModelChecking.LTL.toNNFCore true g)
- LeanModelChecking.LTL.toNNFCore false f.next = (LeanModelChecking.LTL.toNNFCore false f).next
- LeanModelChecking.LTL.toNNFCore true f.next = (LeanModelChecking.LTL.toNNFCore true f).next
- LeanModelChecking.LTL.toNNFCore false (f.until g) = (LeanModelChecking.LTL.toNNFCore false f).until (LeanModelChecking.LTL.toNNFCore false g)
- LeanModelChecking.LTL.toNNFCore true (f.until g) = (LeanModelChecking.LTL.toNNFCore true f).release (LeanModelChecking.LTL.toNNFCore true g)
Instances For
The NNF formula equivalent to the LTL formula f.
Equations
Instances For
The NNF formula equivalent to the negation of the LTL formula f.