In this section we define the semantic framework with respect to which we study the model checking problem. The definitions closely follow (van der Meyden and Shilov 1999), which dealt with model checking knowledge and linear time in multi-agent systems for a “perfect recall” interpretation of knowledge. We also define an alternate “clock” interpretation of knowledge, in which agents reason on the basis of their current observation and knowledge of the time.
LetPropbe a set of atomic propositional constants,n>0 be a natural number, and letA=
{1, . . . ,n} be a set of agents. We will be concerned with model checking a propositional multi- modal language for knowledge and linear time based on the setPropof atomic propositional constants, with formulas generated by the modalities2(next),U (until), a knowledge operator
Kifor each agenti∈A, and a common knowledge operatorCGfor each group of agentsG⊆A.
Formulas of the language are defined as follows: each atomic propositional constantp∈Prop
is a formula, and ifϕandψare formulas, then so are¬ϕ,ϕ∧ψ,2ϕ,ϕUψ,KiϕandCGϕfor
eachi∈Aand groupG⊆A. We writeL{2,U,K1,...,Kn,C}for the set of formulas. We will refer to
sublanguages of this language by a similar expression that lists the operators generating the language. For example,L{2,U,K}refers to the sublanguage with just a single agent (in which case we may drop the subscript on the knowledge operator). As usual in temporal logic, we use the abbreviations1ϕfortrueUϕ, and0ϕfor¬1¬ϕ. Theknowledge depthof a formula
ϕ, denoteddepth(ϕ), is defined to be the maximal depth of nesting ofK operators inϕ. For example,depth(K(p∧ ¬K q))=2.
The semantics of this language is defined with respect to the following class of structures. Define
aninterpreted environment (forA)to be a tupleEof the form (S,I,→, (Oi)i∈A,π,α) where the
components are as follows:
1. Sis a set ofstatesof the environment,
2. I is a subset ofS, representing the possibleinitial states,
4. for eachi∈Athe componentOi:S−→O, whereO is a set of uninterpreted observations,
is called theobservation function of agent i,
5. π:S−→P(Prop) is aninterpretation, 6. α⊆Sis anacceptance condition.
Intuitively, an environment is a transition system where states encode values of local variables, messages in transit, failure of components, etc. For statess,s0the relations→s0means that if
the system is in states, then at the next tick of the clock it could be in states0. We callEfinite wheneverSis. Ifsis a state andian agent thenOi(s) represents the observation agentimakes
when the system is in states, i.e., the information about the state that is accessible to the agent. The interpretationπmaps a statesto the set of propositional constants inPropthat hold ats. The acceptance conditions are essentially Büchi conditions which model fairness requirements on evolutions of the environment.
Apath pofEfrom a statesinSis a finite or infinite sequence of statess0s1. . . such thats0=s
andsj→sj+1for all j. We writep(m) forsm whenmis an index ofp. A pathpis said to be
initializedifp(0)∈I. We call an initialized finite path atrace. A pathpisfairif it is infinite
andp(i)∈αfor infinitely manyi. Note that we do not assume thatSis finite, but when so, this formulation is equivalent to the usual formulation of acceptance for Büchi automata: somes∈α
occurs infinitely often. We say that the acceptance condition ofEistrivialifα=S. We assume that environments satisfy the following well-formedness condition: for every states, there exists a fair path with initial states. ArunofEis a fair, initialized path, and we writer[0..m] for the trace that is the prefix of runr up to timem. Letruns(E) be the set of all runs ofE. Apointof
Eis a pair (r,m), wherer is a run ofEandma natural number. Intuitively, a point identifies a particular moment in time along the history described by the run.
Individual runs of an environment provide sufficient structure for the interpretation of for- mulas of linear temporal logic. To interpret formulas involving knowledge, we use the agents’ observations to determine the points they consider possible. There are many ways one could do this. The particular approaches used in this paper model asynchronous perfect-recall, an
observational, and aclocksemantics of knowledge, each defined using a notion of local state.
We define thesynchronous perfect recall local state of agent i at a point(r,m) to be the sequence1 {(r,m)}pri =Oi(r[0..m]). That is, the synchronous perfect recall local state of an agent at a point
in a run consists of a complete record of the observations the agent has made up to that point.
Theclock local state of agent i at a point(r,m) is defined by {(r,m)}clk
i =(m,Oi(r(m))). That
is, in this definition, the agent’s local state is taken to be the current time, together with the agent’s current observation. Finally, theobservational local state of agent i at a point(r,m) is {(r,m)}obs
i =Oi(r(m)). Effectively, an agent with this view of the world considers any reachable
state giving the same observation to be possible. To distinguish these local state assignments, we define aview vto be one of the three possibilitiespr,clk, andobs.
Given a viewv, the corresponding local state assignment may be used to define for each agenti
a relation∼iv ofindistinguishabilityon points (r,m), (r0,m0) ofE, by (r,m)∼iv (r0,m0) if {(r,m)}iv=
{(r0,m0)}vi. Intuitively, when (r,m)∼iv (r0,m0), agenti’s local state according to the viewvdoes not contain enough information for the agent to determine whether it is at one point or the other. Clearly, each∼iv is an equivalence relation. Both the synchronous perfect recall view and the clock view are “synchronous” in the sense that if (r,m)∼iv (r0,m0), then we must have
m=m0. Intuitively, this means that the agent “knows the time”. The relations∼iv will be used to define the semantics of knowledge for individual agents. ByPiv(E,r,m) we denote the set {r0(m0)|r0∈runs(E),m0∈N, (r0,m0)∼iv (r,m)} ofpossible states for agent iat point (r,m). To interpret the common knowledge operators, we use another relation. IfG⊆Ais agroupof agents (i.e., two or more) then we define the relation∼Gv on points to be the reflexive transitive closure of the union of all indistinguishability relations∼iv fori∈G, i.e.,∼Gv =(S
i∈G∼iv )∗.
The semantics of this language is defined as follows. Suppose we are given an environmentE
with interpretationπ. We define satisfaction of a formulaϕat a point (r,m) of a run ofEwith respect to a viewv, denotedE, (r,m)|=vϕ, inductively on the structure ofϕ. The cases for the temporal fragment of the language are standard, and independent ofv:
E, (r,m)|=vp ifp∈π(r(m)), wherep∈Prop,
E, (r,m)|=vϕ1∧ϕ2 ifE, (r,m)|=vϕ1andE, (r,m)|=vϕ2,
E, (r,m)|=v¬ϕ if notE, (r,m)|=vϕ,
E, (r,m)|=v2ϕ ifE, (r,m+1)|=vϕ,
E, (r,m)|=vϕ1Uϕ2 if there existsm00≥msuch thatE, (r,m00)|=vϕ2 andE, (r,m0)|=vϕ1for allm0withm≤m0<m00.
The semantics of the knowledge and common knowledge operators is defined by:
E, (r,m)|=vKiϕ ifE, (r0,m0)|=vϕfor all points (r0,m0) ofE
satisfying (r0,m0)∼iv (r,m)
E, (r,m)|=vCGϕ ifE, (r0,m0)|=vϕfor all points (r0,m0) ofE
satisfying (r0,m0)∼Gv (r,m)
These definitions can be viewed as an instance of the “interpreted systems” framework for the semantics of the logic of knowledge proposed in (Halpern and Moses 1990). Intuitively, an agent knows a formula to be true if this formula holds at all points that the agent is unable to distinguish from the actual point. Common knowledge may be understood as follows. ForGa group of agents, define the operatorEG, read “everyone inGknows” byEGϕ≡Vi∈GKiϕ. Then
CGϕis equivalent to the infinite conjunction of the formulasEGkϕfork≥1. That is,ϕis common
knowledge if everyone knowsϕ, everyone knows that everyone knowsϕ, etc. We refer the reader to (Fagin et al. 1995) for further motivation and background.