From Hybrid Modal Logic to Matching Logic and Back ††thanks: All authors contributed equally to this work.
Ioana Leuştean
Faculty of Mathematics and Computer Science,
University of Bucharest, Str. Academiei 14, 010014 Bucharest, Romania
11email: [email protected], [email protected], [email protected]
Natalia Moangă
Faculty of Mathematics and Computer Science,
University of Bucharest, Str. Academiei 14, 010014 Bucharest, Romania
11email: [email protected], [email protected], [email protected]
Traian Florin Şerbănuţă
Faculty of Mathematics and Computer Science,
University of Bucharest, Str. Academiei 14, 010014 Bucharest, Romania
11email: [email protected], [email protected], [email protected]
Abstract
Building on our previous work on hybrid polyadic modal logic we identify modal logic equivalents for Matching Logic, a logic for program specification and verification. This provides a rigorous way to transfer results between the two approaches, which should benefit both systems.
1 Introduction
In this paper, we continue our work from [9, 10], where we defined a (hybrid) many-sorted polyadic modal logic, for which we proved soundness and completeness, generalizing well-known results from the mono-sorted setting [5].
Our research was inspired by Matching logic [12] which made some connections with modal logic 111Note that Matching logic was further developed in [6], where techniques from modal logic are employed for the theoretical development.. Nevertheless, while the system we proposed in [10] was strong enough for performing specification and formal verification, its connection with Matching logic, its original motivation, was still to be established.
The purpose of this paper is that of stating the relation between our modal-logic-based systems and Matching logic. In this way we provide a rigorous way to transfer the results between the two approaches, hopefully in the benefit of both systems. To this aim, we make the following contributions:
(1) We isolate H_Σ(∀), a fragment of the system presented in [10], and we show that, when restricted to global deduction, it is equivalent with Matching Logic without definedness.
(2) We introduce H_Σ(@_z,∀), a strengthening of the system from [10] which allows the satisfaction operators @_sz to also range over state variables, and we show that, when restricted to global deduction, it is equivalent to Matching Logic with the definedness operator.
Background.
For a general background on modal logic we refer to [5]. We recall that hybrid logics are modal logics that have special symbols (called “nominals”) that name the particular states of a model. Recall that the satisfaction in modal logic is local, i.e. one analyzes what happens in a given point of the model. With respect to this, nominals can be seen as local constants and, given a model (a frame and an evaluation), the value of a nominal is a fixed singleton set. State variables are variables that range over the individual points of a model, while the usual (propositional) variables range over arbitrary sets of points. All these notions will be detailed in our many-sorted context, but we refer to [1] for a basic introduction in hybrid modal logics.
For (S,Σ) a many-sorted signature, the many-sorted polyadic modal logic H_Σ defined in [9] is recalled in Figure 1. The system H_Σ(∀), defined in Section 2, is a fragment of the system introduced by [10] which enriches H_Σ with nominals, state variables and the forall binder. This system is a many-sorted generalization of a hybrid modal logic defined in [3]. The second system,H_Σ(@_z,∀) is an enrichment of the first one, through the incorporation of the modal satisfaction operators @_sx for s∈S and x a state variable or a nominal. Intuitively, the operator @_sz allows us to “jump” at the element(world, state) denoted by z and the truth value we infer at this point is visible on all sorts. One can see [1] for a discussion on the expressivity of satisfaction operators in hybrid modal logic.
The systems H_Σ(∀) and H_Σ(@_z,∀) are presented in Section 2 and Section 3, along with their completeness results, while the connection with Matching logic is clarified in Section 4.
2 The many-sorted hybrid modal logic H_Σ(∀)
Let (S,Σ) be a many-sorted signature. In this section we perform hybridization on top of H_Σ, the many-sorted polyadic modal logic defined in [9].
We recall that our language is determined by an S-sorted set of propositional variables PROP={PROP_s}_s∈S such that PROP_s=∅ for any s∈S and PROP_s_1∩PROP_s_2=∅ for any s_1=s_2 in S.
For any n∈N and s,s_1,…,s_n∈S, we denote Σ_s_1…s_n,s={σ∈Σ∣σ:s_1⋯s_n→s}. The formulas of H_Σ are an S-sorted set defined by:
ϕ_s:=p∣j∣y_s∣¬ϕ_s∣ϕ_s∨ϕ_s∣σ(ϕ_s_1,…,ϕ_s_n)_s.
For any σ∈Σ_s_1…s_n,s the dual operation is
σ□(ϕ_1,…,ϕ_n):=¬σ(¬ϕ_1,…,¬ϕ_n).
In general, the sort of a formula will be determined by its context. When necessary, we’ll denote by φ_s the fact that the formula φ has the sort s.
In order to define the semantics we introduce (S,Σ)-frames and (S,Σ)-models. An (S,Σ)-frame is a tuple
F=(W,(R_σ)_σ∈Σ)
where W={W_s}_s∈S is an S-sorted set (whose elements are referred as points, worlds, states, etc.) such that W_s=∅ for any s∈S ,
and R_σ⊆W_s×W_s_1×…×W_s_n for any σ∈Σ_s_1⋯s_n,s.
An (S,Σ)-model based on F is a pair M=(F,V) where V={V_s}_s∈S such that V_s:PROP_s→P(W_s) for any s∈S. The model M=(F,V) will be simply denoted as M=(W,(R_σ)_σ∈Σ,V). For s∈S, w∈W_s and ϕ a formula of sort s, the many-sorted satisfaction relation M,w∣\joinrel=sϕ
is defined by structural induction of formulas (see [9] for details). Moreover, let s∈S and assume ϕ is a formula of sort s. Then ϕ is satisfiable if M,w∣\joinrel=sϕ for some model M and some w∈W_s. The formula ϕ is valid in a model M if M,w∣\joinrel=sϕ for any w∈W_s; in this case we write M∣\joinrel=sϕ.
The deductive system of H_Σ is recalled in 1 and the completeness theorem is proved in [9].
The hybridization of our many-sorted modal logic is developed using a combination of ideas and techniques from [1, 2, 3, 5, 7, 8], but for this section we drew our inspiration mainly form [3]. We refer to [10] for some similar proofs of the results presented in this section.
Hybrid logic is defined on top of modal logic by adding nominals, states variables and specific operators and binders. Nominals allow us to directly refer the worlds (states) of a model, since they are evaluated in singletons in any model. However, a nominal may refer different worlds in different models.
The sorts will be denoted by s, t, … and by PROP={PROP_s}_s∈S, NOM={NOM_s}_s∈S and SVAR={SVAR_s}_s∈S we will denote some countable S-sorted sets. The elements of PROP are ordinary propositional variables and they will be denoted p, q,…; the elements of NOM are called nominals and they will be denoted by j, k, …; the elements of SVAR are called state variables and they are denoted x, y, …. We shall assume that for any distinct sorts s=t∈S, the corresponding sets of propositional variables, nominals and state variables are distinct. A state symbol is a nominal or a state variable.
Definition 1** (H_Σ(∀) formulas).**
For any s∈S we define the formulas of sort s:
ϕ_s:=p∣j∣y_s∣¬ϕ_s∣ϕ_s∨ϕ_s∣σ(ϕ_s_1,…,ϕ_s_n)_s∣∀x_tϕ_s**
Here, p∈PROP_s, j∈NOM_s, t∈S, x∈SVAR_t, y∈SVAR_s and σ∈Σ_s_1⋯s_n,s. We also define the dual binder ∃: for any s,t∈S, if ϕ is a formula of sort s and x is a state variable of sort t, then ∃xϕ:=¬∀x¬ϕ is a formula of sort s. The notions of free state variables and bound state variables are defined as usual.
In order to define the semantics for H_Σ(@_z,∀) more is needed. Given a model M=(W,(R_σ)_σ∈Σ,V), an assignment is an S-sorted function g:SVAR→W. If g and g′ are assignment functions s∈S and x∈\mboxSVAR_s then we say that g′ is an x-variant of g (and we write g′∼xg) if g_t=g_′t for
t=s∈S and g_s(y)=g_′s(y) for any y∈\mboxSVAR_s, y=x.
Definition 2** (The satisfaction relation in H_Σ(∀)).**
In the sequel M=(W,(R_σ)_σ∈Σ,V) is a model and g:SVAR→W an S-sorted assignment. The satisfaction relation is defined as follows:
M,g,w∣\joinrel=sa, if and only if w∈V_s(a), where a∈PROP_s∪NOM_s,
M,g,w∣\joinrel=sx, if and only if w=g_s(x), where x∈SVAR_s,
M,g,w∣\joinrel=s¬ϕ, if and only if M,g,w∣\joinrel=sϕ
M,g,w∣\joinrel=sϕ∨ψ, if and only if M,g,w∣\joinrel=sϕ or M,g,w∣\joinrel=sψ
*if σ∈Σ_s_1…s_n,S then M,g,w∣\joinrel=sσ(ϕ_1,…,ϕ_n), if and only if there is *
(w_1,…,w_n)∈W_s_1×⋯×W_s_n* such that R_σww_1…w_n and M,g,w_i∣\joinrel=s_iϕ_i for any i∈[n],*
M,g,w∣\joinrel=s∀xϕ, if and only if M,g′,w∣\joinrel=sϕ for all g′∼xg.
Consequently,
M,g,w∣\joinrel=s∃xϕ, if and only if ∃g′(g′∼xg and M,g′,w∣\joinrel=sϕ).
In order to define the axioms of our system, one more definition is needed.
We assume #_s be a new propositional variable of sort s and
we inductively define NC={NC_s}_s by
#_s,⊤_s∈NC_s for any s∈S
if σ∈Σ_s_1⋯s_n,s and η_i∈NC_s_i for any i∈[n] then σ(η_1,…,η_n)∈NC_s.
We further define NomC={NomC_s}_s∈S such that η∈NomC_s iff η∈NC_s and ∣{#_s∣s∈S,#_s∈η}∣=1. If η∈NomC_s then η□ is its dual and η(φ):=η[φ/#_s′].
Remark 3**.**
If η∈NomC_s and φ∈Form_s′ then
M,g,w∣\joinrel=sη(φ) \mboxiff M,h,w′∣\joinrel=s′φ for some w′ in the submodel generated by X where X_s={w} and X_t=∅ for t=s. Dually, M,g,w∣\joinrel=sη□(φ) \mboxiff M,h,w′∣\joinrel=s′φ for any w′ in the submodel generated by X.
The deductive system is presented in Figure 1.
Note: The proofs for the following lemmas: Agreement Lemma, Substitution Lemma, Generalization on nominals are similar to the ones in [10].
Lemma 4** (Agreement Lemma).**
Let M be a standard model. For all standard
M-assignments g and h, all states w in M and all formulas ϕ of sort s∈S, if g and h agree on all state variables occurring freely in ϕ, then:
M,g,w∣\joinrel=sϕ \mboxiff M,h,w∣\joinrel=sϕ
Lemma 5** (Substitution Lemma).**
Let M be a standard model. For all standard
M-assignments g, all states w in M and all formulas ϕ, if y is a state variable that is substitutable for x in ϕ and j is a nominal then:
M,g,w∣\joinrel=sϕ[y/x]* iff M,g′,w∣\joinrel=sϕ where g′∼xg and g_′s(x)=g_s(y)*
M,g,w∣\joinrel=sϕ[j/x]* iff M,g′,w∣\joinrel=sϕ where g′∼xg and g_′s(x)=V_s(j)*
Lemma 6** (Generalization on nominals).**
Assume ∣\joinrel\joinrel sϕ[i/x] where i∈NOM_t and x∈SVAR_t for some t∈S. Then there is a state variable y∈SVAR_t that does not appear in ϕ such that ∣\joinrel\joinrel s∀yϕ[y/x]
Following the construction of the canonical model of K∀ we define
MK∀=(WK∀,RK∀,VK∀) as follows: (1) for any s∈S, {W}^{\mathbf{K}\forall}_{\_}s=\{\Phi\subseteq Form_{\_}s\mid\Phi\mbox{ is maximal {\mathbf{K}}\forall-consistent \ set}\},
(2) for any σ∈Σ_s_1…s_n,s,w∈W_K∀s,u_1∈W_K∀s_1,…,u_n∈W_K∀s_n we define R_K∀σwu_1…u_n iff σ(ψ_1,…,ψ_n)∈w implies ψ_1∈u_1,…,ψ_n∈u_n, (3) for every propositional symbol or nominal a, VK∀={V_K∀s}_s∈S is the valuation defined by
V_K∀s(a)={w∈W_K∀s∣ a∈w} for any s∈S. Note that V_K∀s(a) might be empty or might contain more that one element. We address these issues in the rest of this section.
Definition 7** (Witnessed Sets).**
Let s∈S and Γ_s a maximal K∀-consistent set. Γ_s is called witnessed iff for any K∀-formula of the form ∃xϕ with ϕ∈Form_s there is a nominal j having the same sort as x such that ∃xϕ→ϕ[j/x]∈Γ_s.
Lemma 8** (Extended Lindenbaum Lemma).**
Let K∀ and K∀+ be two countable languages such that K∀+ is K∀ extended with a countably infinite set of new nominals. Then every consistent set of K∀-formulas, Γ_s, can be extended to a witnessed maximal K∀+-consistent set, Γ_s+.
Proof.
Let E_n={j_1,j_2,j_3…} be an enumeration of the set of all new nominals that are in K∀+, and let E_f={ϕ_1,ϕ_2,ϕ_3…} be an enumeration of all K∀+-formulas. We define inductively the maximal K∀+-consistent set Γ_s+ for any s∈S.
Let Γ_s0=Γ_s. Γ_s0 contains no nominals from E_n, therefore it is consistent when regarded as a set of K∀+-formulas. To prove this, let us suppose that we can prove ⊥_s by making use of nominals from E_n, then by replacing all the E_n nominals in such a proof with state variables from K∀ , we get a proof of ⊥_s in K∀ , which is a contradiction.
We define Γ_sn as follows. If Γ_sn∪{ϕ_n} is inconsistent, then Γ_sn+1=Γn. Otherwise:
Γ_sn+1=Γ_sn∪{ϕ_n}, if ϕ_n is not of the form ∃xψ
Γ_sn+1=Γ_sn∪{ϕ_n}∪{ψ[j/x]}, if ϕ_n=∃xψ and j is the the first nominal in the enumeration E_n which is not used in the definitions of Γ_si for all i≤n and also does not appear in ϕ_n.
Let Γ_s+=⋃_n≥0Γ_sn. By construction Γ_s+ is maximal and witnessed and we need to prove that it is consistent. Let us suppose that Γ_s+ is inconsistent, therefore for some n≥0, Γ_sn is inconsistent. But we will prove that all Γ_sn are consistent. Hence, we need to prove that expansion using 2) preserve consistency. Suppose Γ_sn+1=Γ_sn∪{ϕ_n}∪{ψ[j/x]} is inconsistent, where ϕ_n=∃xψ. Then there is a formula χ which is a conjunction of a finite number of formulas from Γ_sn∪{ϕ_n}, such that ∣\joinrel\joinrel sχ→¬ψ[j/x]. By Lemma 6 we can prove that ∣\joinrel\joinrel s∀y(χ→¬ψ[j/x]), for some state variable y that does not occur in χ→¬ψ[j/x]. Therefore by (Q1) we get ∣\joinrel\joinrel sχ→∀y¬ψ[y/x]. Hence Γ_sn∪{ϕ_n∣\joinrel\joinrel}\joinrel s∀y¬ψ[y/x], and by Lemma 5 we obtain Γ_sn∪{ϕ_n∣\joinrel\joinrel}\joinrel s∀x¬ψ. But ϕ_n=∃xψ, and this contradicts the consistency of Γ_sn∪{ϕ_n}.
∎
Definition 9** (Witnessed Models).**
Let M_K∀wit be the witnessed canonical model which is defined as the canonical model, but only witnessed maximal consistent sets are considered, i.e. all the relations, as well as the valuation are restricted and co-restricted to witnessed maximal consistent sets.
Lemma 10**.**
Let MK∀=(WK∀,RK∀,VK∀) be a canonical model, Υ be a witnessed maximal consistent set of sort s, where Υ∈W_K∀s and let M_K∀wit=(Wwit,Rwit,Vwit) be the witnessed submodel of MK∀ generated by Υ. For any t∈S, any state symbol x∈SVAR_t and for all witnessed maximal consistent sets Γ and Δ in W_witt, if x∈Γ∩Δ, the Γ=Δ.
Proof.
Suppose that Γ and Δ are different, then there is a formula ϕ such that ϕ∈Γ and ϕ∈Δ. But Δ and Γ are maximal consistent sets, therefore, we get ϕ∈Γ and ¬ϕ∈Δ. From hypothesis, we have x∈SVAR_t, where x∈Γ∩Δ. Thus, x∧ϕ∈Γ and x∧¬ϕ∈Δ. Recall that Γ and Δ belong to the generated submodel, therefore, exists η_1,η_2∈NC_s such that η_1(x∧ϕ)∈Υ and η_2(x∧¬ϕ)∈Υ. As Υ contains every instance of a Nom schema, for some state variable y∈SVAR_t that does not occur freely in ϕ, ∀y(η_1(y∧ϕ)→η_□2(y→ϕ))∈Υ. Suppose that x is substitutable for y in ϕ. By Q2, we get η_1(x∧ϕ)→η_□2(x→ϕ)∈Υ. But η_1(x∧ϕ)∈Υ, therefore η_□2(x→ϕ)∈Υ. So, we have ¬η_2(x∧¬ϕ)∈Υ and η_2(x∧¬ϕ)∈Υ, which contradicts that Υ is a maximal consistent set. We conclude that Γ=Δ.
∎
Recall that to have a standard model we need a model in which every nominal is true at exactly one state. Until now, from the previous lemma we know that the nominals are contained in at most one maximal consistent set in a witnessed model. Therefore, whenever we have a witnessed model M_K∀wit such that some state variable does not occur in any maximal consistent set in M_K∀wit, we will complete the model by adding a new dummy state symbol ⋆.
Definition 11**.**
Let M_K∀wit=(Wwit,Rwit,Vwit) be a witnessed model generate by the witnessed maximal consistent set Υ. For any t∈S and any x∈SVAR_t if there exists a maximal consistent set Δ∈W_witt such that x∈Δ, then the completed model M_⋆wit is simply M_K∀wit. Otherwise, W_wit⋆t=W_witt∪{⋆_t} and Rwit⋆=Rwit∪{(⋆_t,Υ) ∣ t∈S,⋆_t∈W_wit⋆t}. For all propositional symbols p, V_wit⋆t(p)=V_witt(p) and for all nominals j, V_wit⋆t(j)={Γ_t∈M_K∀wit ∣ j∈Γ_t} if this set is not empty, and V_wit⋆t(j)={⋆} otherwise. For all state variables x∈SVAR_t, g_wit⋆t(x)={Γ_t∈M_K∀wit ∣ x∈Γ_t} if this set is not empty, and g_wit⋆t(x)={⋆} otherwise.
Lemma 12**.**
*Let ϕ and χ be formulas and x and y state variables such that y is substitutable for x in χ, and y does not have free occurrences in either ϕ or χ. Then for any sort s∈S and any φ_i∈Form_s_i, for i∈[n] and i=t, we have that:
∣\joinrel\joinrel sσ(φ_1,…,φ_t−1,ϕ,φ_t+1,…,φ_n)→∃yσ(φ_1,…,φ_t−1,(∃xχ→χ[y/x])∧ϕ,φ_t+1,…,φ_n).*
Proof.
The proof is similar to the one in [3].
∎
Lemma 13** (Existence Lemma for Witnessed Models).**
Let w be a witnessed maximal consistent set. If σ(ϕ_1,…,ϕ_n)∈w then there exists witnessed maximal consistent sets u_i such that R_K∀σwu_1…u_n and ϕ_i∈u_i for any i∈[n].
Proof.
The proof for unary operators is similar with [5, Lemma 4.20] for any sort s∈S. We prove this lemma for higher arity and start with σ a binary operator.
Suppose σ(ϕ_1,ϕ_2)∈w, where ϕ_1∈Form_s_1 and ϕ_2∈Form_s_2. We define u_1−:={ψ∣σ□(ψ,¬ϕ_2)∈w}. We prove that u_1−∪{ϕ_1} is consistent. Let us suppose is not consistent. Then there are formulas of sort s_1, ψ_1,…, ψ_m∈u_1− such that ∣\joinrel\joinrel s_1ψ_1∧…∧ψ_m→¬ϕ_1. Easy modal reasoning yields ∣\joinrel\joinrel sσ□(ψ_1∧…∧ψ_m,¬ϕ_2)→σ□(¬ϕ_1,¬ϕ_2). But ∣\joinrel\joinrel sσ□(ψ_1,¬ϕ_2)∧…∧σ□(ψ_m, ¬ϕ_2)→σ□(ψ_1∧…∧ψ_m,¬ϕ_2), so ∣\joinrel\joinrel sσ□(ψ_1,¬ϕ_2)∧…∧σ□(ψ_m,¬ϕ_2)→σ□(¬ϕ_1,¬ϕ_2). We have σ□(ψ_1,¬ϕ_2)∈w,…, σ□(ψ_m,¬ϕ_2)∈w and w is a witnessed maximal consistent set, thus it follows that σ□(¬ϕ_1,¬ϕ_2)∈w. So, we get that ¬σ(ϕ_1,ϕ_2)∈w, which is a contradiction, since w is consistent. Therefore, u_1−∪{ϕ_1} is consistent and can be extended by Lindenbaum’s Lemma to u_1 a maximal consistent set. By construction, ϕ_1∈u_1.
We define u_2−:={ψ_2∣\mboxexistsψ_1∈u_1\mboxsuchthatσ□(¬ψ_1,ψ_2)∈w}. We prove that u_2−∪{ϕ_2} is consistent. Let us suppose is not consistent. Then there exists formulas of sort s_2, ψ_21,…,ψ_2m∈u_2− such that ∣\joinrel\joinrel s_2ψ_21∧…∧ψ_2m→¬ϕ_2. Also, because ψ_21,…,ψ_2m∈u_2−,by definition of u_2−, we have that there exists formulas ψ_11,…,ψ_1m∈u_1 such that σ□(¬ψ_11,ψ_21,…,σ□(¬ψ_1m,ψ_2m∈w. Let ψ:=¬ψ_11∨…∨¬ψ_1m. Therefore, we have σ□(ψ,ψ_21),…,σ□(ψ,ψ_2m)∈w.
Easy modal reasoning applied on ∣\joinrel\joinrel s_2ψ_21∧…∧ψ_2m→¬ϕ_2 yields that ∣\joinrel\joinrel sσ□(ψ,ψ_21∧…∧ψ_2m)→σ□(ψ,¬ϕ_2). But ∣\joinrel\joinrel sσ□(ψ,ψ_21)∧…∧σ□(ψ,ψ_2m)→σ□(ψ,ψ_21∧…∧ψ_2m), therefore ∣\joinrel\joinrel sσ□(ψ,ψ_21)∧…∧σ□(ψ,ψ_2m)→σ□(ψ,¬ϕ_2). We have σ□(ψ,ψ_21),…,σ□(ψ,ψ_2m)∈w and w is a witnessed maximal consistent set, thus it follows that σ□(ϕ,¬ϕ_2)∈w. So, by definition of u_1−, we get that ψ∈u_1−⊆u_1, which is equivalent with ¬ψ_11∨…∨¬ψ_1m∈u_1. Hence, exists k∈[m] such that ¬ψ_1k∈u_1. But ψ_1k∈u_1 and this contradicts the consistency of u_1. Therefore, u_2−∪{ϕ_2} is consistent and can be extended by Lindenbaum’s Lemma to u_2 a maximal consistent set. By construction, ϕ_2∈u_2.
Let us verify if R_K∀σwu_1u_2. From [9, Lemma 2.18] we need to verify that σ□(ψ_1,ψ_2)∈w implies ψ_1∈u_1 or ψ_2∈u_2. Suppose σ□(ψ_1,ψ_2)∈w. We have two cases. If ψ_1∈u_1, then we get R_K∀σwu_1u_2. If ψ_1∈u_1, then ¬ψ_1∈u_1, so σ□(¬(¬ψ_1)),ψ_2)∈w. By definition of u_2−, we can conclude that ψ_2∈u_2.
In the same way we can prove the case for higher arity. Let us suppose than w is a maximal consistent set and σ(ϕ_1,…,ϕ_n−1)∈w then there exists maximal consistent sets u_i such that R_K∀σwu_1…u_n−1 and ϕ_i∈u_i for any i∈[n−1] where u_n−1−:={ψ_n−1∣\mboxforanyi∈[n−2]\mboxthereexistsψ_i∈u_i such that σ□(¬ψ_1,…,¬ψ_n−2,ψ_n−1)∈w}.
So, we proved that there exist maximal consistent sets u_i. Now we want to prove that we can expand those maximal consistent sets to witnessed maximal consistent sets.
Enumerate all the formulas of form ∃xχ, where x can be any state formula of any sort. For each formula in the enumeration we add a suitable witnessed conditional. In this way we inductively expand each u_i for any i∈[n] to a witnessed maximal consistent set.
Suppose that σ:Form_s_1×⋯×Form_s_n→Form_s and define ◊t(φ):=σ(φ_1,…,φ_t−1,φ,φ_t+1,…,φ_n) where φ∈Form_s_t. Now we enumerate all the formulas of form ∃xχ of sort s_t where x can be any state variable of any sort. The notation ω(∃xχ,i) stands for the witnessed conditional for ∃xχ in nominal i, in other words the formula ∃xχ→χ[i/x]. Also, we use the notation u_t0:=u_t for the maximal consistent set from which we start to expand it to the needed witnessed maximal consistent set. Suppose that for the firsts m formulas in the enumeration we expanded u_t0 to a witnessed maximal consistent set u_tm. We shall prove that if ϵ_m+1 is the (m+1)-formula in the enumeration then it is possible to choose a nominal j_m+1 such that the set u_tm+1=u_tm∪{ω(ϵ_m+1,j_m+1} is consistent. Therefore, we will prove that it is possible to choose j_m+1 so that ◊t(φ∧ω(ϵ_1,j_1)∧…∧ω(ϵ_m,j_m)∧ω(ϵ_m+1,j_m+1))∈w.
As we suppose we have already construct u_tm a witnessed maximal consistent set which contains the witnessed conditionals ω(ϵ_1,j_1),…,ω(ϵ_m,j_m) for the firsts m formulas in the enumeration, such that ◊t(φ∧ω(ϵ_1,j_1)∧…∧ω(ϵ_m,j_m))∈w.
Let ϕ:=φ∧ω(ϵ_1,j_1)∧…∧ω(ϵ_m,j_m).
Suppose that ϵ_m+1 is ∃xχ. By Lemma 12 we have ∣\joinrel\joinrel s_t◊t(ϕ)→∃y◊t((∃xχ→χ[y/x])∧ϕ) where y does not have free occurrences in either ϕ or χ. Because ◊t(ϕ)∈w, then so is ∃y◊t((∃xχ→χ[y/x])∧ϕ)∈w. Since w is a witnessed maximal consistent set, then there is a nominal j_m+1 such that ◊t((∃xχ→χ[j_m+1/x])∧ϕ)∈w.Therefore, we chose ω(ϵ_m+1,j_m+1)=∃xχ→χ[j_m+1/x] to be the needed witnessed conditional and we define u_tm+1:=u_tm∪{ω(ϵ_m+1,j_m+1)}.
By construction, we have ◊t(φ∧ω(ϵ_1,j_1)∧…∧ω(ϵ_m,j_m)∧ω(ϵ_m+1,j_m+1))∈w. But is u_tm+1 consistent? Let us suppose that u_tm+1 is not consistent. Then there is a conjunction τ in u_t− where u_t−={φ ∣ \mboxforanyi∈[n],i=t\mboxthereexistsφ_i∈u_i\mboxsuchthatσ□(φ_1,…,φ_t−1,φ,φ_t+1,…,φ_n)} such that ∣\joinrel\joinrel s_tτ→¬(φ∧ω(ϵ_1,j_1)∧…∧ω(ϵ_m,j_m)∧ω(ϵ_m+1,j_m+1)). By modal reasoning, we get ∣\joinrel\joinrel s□_t(τ)→□_t(¬(φ∧ω(ϵ_1,j_1)∧…∧ω(ϵ_m,j_m) ∧ω(ϵ_m+1,j_m+1)). From definition of u_t− we know that □_t(τ)∈w, so either □_t(¬(φ∧ω(ϵ_1,j_1)∧…∧ω(ϵ_m,j_m)∧ω(ϵ_m+1,j_m+1))∈w, equivalent with ¬◊t((φ∧ω(ϵ_1,j_1)∧…∧ω(ϵ_m,j_m)∧ω(ϵ_m+1,j_m+1))∈w and this contradicts the consistency of w. For any m≥0, u_tm is a witnessed consistent set, therefore ⋃_m≥0u_tm is a witnessed consistent set and can be extended by Lindenbaum’s Lemma to a maximal consistent set. In this way we get the needed witnessed maximal consistent sets for any sort.∎
Lemma 14** (Truth Lemma).**
Let M be a completed model, g a completed M-assignment and w an maximal consistent set. For any sort s∈S and any formula ϕ of sort s, we have:
ϕ∈w* if and only if M,g,w∣\joinrel=sϕ*
Proof.
We make the proof by structural induction on ϕ.
M,g,w∣\joinrel=sa,where a∈PROP_s∪NOM_s, iff w∈V_s(a) iff a∈w;
M,g,w∣\joinrel=sx, where x∈SVAR_s, iff w=g_s(x), iff x∈w;
M,g,w∣\joinrel=s¬ϕ iff M,g,w∣\joinrel=sϕ iff ϕ∈w (inductive hypothesis) iff ¬ϕ∈w (maximal consistent set);
M,g,w∣\joinrel=sϕ∨ψ iff M,g,w∣\joinrel=sϕ or M,g,w∣\joinrel=sψ iff ϕ∈w or ψ∈w (inductive hypothesis) iff ϕ∨ψ∈w;
let σ∈Σ_s_1…s_n,s and ϕ=σ(ϕ_1,…,ϕ_n);
M,g,w∣\joinrel=sσ(ϕ_1,…,ϕ_n), if and only if for any i∈[n] there exists u_i∈W_s_i such that M,g,u_i∣\joinrel=s_iϕ_i and R_KΛσww_1…w_n. Using the induction hypothesis we get ϕ_i∈w_i for any i∈[n]. Because no maximal consistent set precedes ⋆, we can conclude that neither u_i is ⋆. Therefore, the successors of w must be themselves maximal consistent sets which satisfy the correspondent ϕ_i. In the end, by applying the induction hypothesis we get ϕ_i∈u_i for any i∈[n]. Since R_K∀σwu_1…u_n by definition we infer that ϕ∈w.
Suppose σ(ϕ_1,…,ϕ_n)∈w. Using Existence Lemma 13, for any i∈[n] there are u_i witnessed maximal consistent sets such that ϕ_i∈u_i and Rwu_1…u_n. Using the induction hypothesis we get M,g,u_i∣\joinrel=s_iϕ_i for any i∈[n], so M,g,w∣\joinrel=sϕ.
let ϕ=∃xψ
Suppose M,g,w∣\joinrel=s∃xψ. Then there exists s∈M such that M,g′,w∣\joinrel=sψ) where g′∼xg and g′(x)={s}. Because of the definition of the completed models, we know that either a nominal j or a state variable y is true at a state s with respect to the M-assignment function g, even if s=⋆.
] Suppose V(i)={s}. By Substitution Lemma 5, M,g,w∣\joinrel=sψ[j/x] and by inductive hypothesis ψ[j/x]∈w. By means of contrapositive of axiom (Q2) it follows ϕ∈w.
] Suppose g(y)={s}. Firstly, y may not be substitutable for x in ψ, therefore we need to replace all the bounded occurrences of y in ψ by some state variable that does not occur in ψ at all. In this way, we get a new formula which we will name it ψ′. By Lemma 5 it follows that ψ↔ψ′ is provable and by soundness we get that it is valid. Now, we have that M,g′,w∣\joinrel=sψ′ and since y is now substitutable for x in ψ′, by clause 1 of Substitution Lemma • ‣ 5 it follows M,g′,w∣\joinrel=sψ′[y/x]. By inductive hypothesis ψ′[y/x]∈w and by applying the contrapositive of the (Q2) axiom, it follows ∃xψ′∈w. But ∃xψ↔∃xψ′ is provable, therefore ∃xψ∈w.
Suppose ∃xψ∈w. As w is a witnessed maximal consistent sets then there is a nominal j of sort s such that ψ[j/x]∈w. By the induction hypothesis M,g,w∣\joinrel=sψ[j/x] and by means of contrapositive of axiom (Q2) it follows M,g,w∣\joinrel=s∃xψ.
∎
Theorem 15** (Hybrid Completeness).**
Every consistent set of formulas is satisfiable.
Proof.
The proof is similar to the one in [3].∎
3 The many-sorted hybrid modal logic H_Σ(@_z,∀)
Let (S,Σ) be a many-sorted signature. As already announced, in this section we extend the sistem defined in Section 2 by adding the satisfaction operators @_zs where s∈S and z is a state symbol, that is, a nominal or a state variable. The formulas
of H_Σ(@_z,∀) are defined as follows:
ϕ_s:=p∣j∣y_s∣¬ϕ_s∣ϕ_s∨ϕ_s∣σ(ϕ_s_1,…,ϕ_s_n)_s∣∀x_tϕ_s∣@_zsψ_t
Here, p∈PROP_s, j∈NOM_s, t∈S, x∈SVAR_t, y∈SVAR_s, σ∈Σ_s_1⋯s_n,s, z is a state symbol of sort t and
ψ is a formula of sort t.
The satisfaction relation is defined similar with the one in H_Σ(∀), but we only need to add the definition for @_z: M,g,w∣\joinrel=s@_zsϕ if and only if M,g,Den_g(z)∣\joinrel=tϕ where z is a state symbol of sort t and ϕ is a formula of the same sort t. Here, Den_g(z) is the denotation of the state symbol z of sort s in a model M with an assignment function g, where Den_g(z)=V_s(z) if z is a nominal, and Den_g(z)=g_s(z) if z is a state variable.
Let us remark that if z is a nominal, then the satisfaction relation is equivalent with the one in [10]: M,g,w∣\joinrel=s@_zsϕ if and only if M,g,Den_g(z)∣\joinrel=tϕ if and only if M,g,v∣\joinrel=tϕ where Den_g(z)=V_t(z)={v}.
Note: Due to the similarities between H_Σ(@,∀) and H_Σ(@_z,∀), the following section will contain only the most distinctive proofs.
Proposition 16** (Soundness).**
The deductive systems for H_Σ(@_z,∀) from Figure 2 is sound.
Lemma 17**.**
Let Γ_s be a maximal consistent set that contains a state symbol of sort s, and for all state symbols z, let Δ_z={ϕ∣@_zsϕ∈Γ_s. Then:
For every state symbol z of sort s, Δ_z is a maximal consistent set that contains z.
For all state symbols z and y of same sort, @_szϕ∈Δ_y iff @_szϕ∈Γ_s.
There is a state symbol z such that Γ_s=Δ_z.
For all state symbols z and y of same sort, if z∈Δ_y then Δ_z=Δ_y.
Proof.
The proofs are similar to the ones in [4].
∎
This Lemma gives us the maximal consistent sets needed in the Existence Lemma. We build our models out of named sets, i.e. sets containing nominals, and also these are automatically witnessed, therefore, we don’t need to glue a dummy state symbol as we deed in the first system, H_Σ(∀), presented in this paper.
But more is needed in order for our model to support an Existential Lemma. Therefore, we add the Paste rules, as you can see in Figure 2. In this setting, the system is still sound as we prove in the following:
Now, let M be an arbitrary named model.
(Paste0) Suppose M,g,w∣\joinrel=s@_zs(y∧ϕ)→ψ iff M,g,w∣\joinrel=s@_zs(y∧ϕ) implies M,g,w∣\joinrel=sψ. Hence, (M,g,v∣\joinrel=s′y∧ϕ where Den_g(z)={v} implies M,g,w∣\joinrel=sψ) iff (M,g,v∣\joinrel=s′y and M,g,v∣\joinrel=s′ϕ, where Den_g(z)={v}, or M,g,w∣\joinrel=sψ). It follows that (M,g,v∣\joinrel=s′y or M,g,w∣\joinrel=sψ) and (M,g,v∣\joinrel=s′ϕ or M,g,w∣\joinrel=sψ), where Den_g(z)={v}. Then, (M,g,v∣\joinrel=s′ϕ or M,g,w∣\joinrel=sψ), where Den_g(z)={v}. So, M,g,w∣\joinrel=s@_szϕ→ψ.
(Paste1) Suppose M,g,w∣\joinrel=s@_zsσ(ψ_1,…,ψ_i−1,y∧ϕ,ψ_i+1,…,ψ_n)→ψ iff M,g,w∣\joinrel=s@_jsσ(ψ_1,…, ψ_i−1,y∧ϕ,ψ_i+1,…,ψ_n) implies M,g,w∣\joinrel=sψ. Hence, M,g,v∣\joinrel=s′y∧ϕ where Den_g(z)={v} iff exists (v_1,…,v_n)∈W_s_1×…×W_s_n such that R_σvv_1…v_i…v_n where Den_g(z)={v} and M,g,v_e∣\joinrel=s′ψ_e for any e∈[n],e=i and M,g,v_i∣\joinrel=s_iy∧ϕ. Hence, M,g,v_i∣\joinrel=s_iy and M,g,v_i∣\joinrel=s_iϕ, so Den_g(y)={v_i} and M,g,v_i∣\joinrel=s_iϕ. Then, if there exists (v_1,…,v_n)∈W_s_1×…×W_s_n such that R_σvv_1…v_i…v_n where Den_g(z)={v} and M,g,v_e∣\joinrel=s′ψ_e for any e∈[n],e=i and M,g,v_i∣\joinrel=s_iϕ, these imply M,g,w∣\joinrel=sψ. So, M,g,v∣\joinrel=s′σ(ψ_1,…,ψ_i−1,ϕ,ψ_i+1,…,ψ_n) where Den_g(z)={v} implies M,g,w∣\joinrel=sψ. In conclusion, M,g,w∣\joinrel=s′@_zsσ(ψ_1,…,ψ_i−1,ϕ,ψ_i+1,…,ψ_n)→ψ.
Definition 18** (Named, pasted and @-witnessed sets).**
Let s∈S and Γ_s be a set of formulas of sort s from
H_Σ(@_z,∀). We say that
Γ_s* is named if one of its elements is a nominal,*
Γ_s* is pasted if it is both 0-pasted and 1-pasted:*
Γ_s* is 0-pasted if, for any t∈S, σ∈Σ_s_1⋯s_n,t, z a state symbol of sort t, and ϕ a formula of sort s_i, whenever @_zsϕ∈Γ_s there exists a nominal j∈NOM_s_i such that @_zsσ(…,ϕ_i−1,j∧ϕ,ϕ_i+1,…)∈Γ_s.*
Γ_s* is 1-pasted if, for any t∈S, σ∈Σ_s_1⋯s_n,t, z a state symbol of sort t, and ϕ a formula of sort s_i, whenever @_zsσ(…,ϕ_i−1,ϕ,ϕ_i+1,…)∈Γ_s there exists a nominal j∈NOM_s_i such that @_zsσ(…,ϕ_i−1,j∧ϕ,ϕ_i+1,…)∈Γ_s.*
Γ_s* is @-witnessed if the following two conditions are satisfied:*
for s′,t∈S , x∈SVAR_t, k∈NOM_s′ and any formula ϕ of sort s′, whenever @_ks∃xϕ∈Γ_s there exists j∈NOM_t such that @_ksϕ[j/x]∈Γ_s,
for any t∈S and x∈SVAR_t there is j_s∈NOM_t such that @_j_xsx∈Γ_s.
Lemma 19** (Extended Lindenbaum Lemma).**
Let Λ be a set of formulas in the language of H_Σ(@_z,∀) and s∈S. Then any consistent set Γ_s of formulas of sort s from H_Σ(@_z,∀)+Λ can be extended to a named, pasted and @-witnessed maximal consistent set by adding countably many nominals to the language.
Proof.
The proof generalizes to the S-sorted setting well-known proofs for the mono-sorted hybrid logic, see [5, Lemma 7.25], [2, Lemma 3, Lemma 4], [3, Lemma 3.9].
For each sort s∈S, we add a set of new nominals and enumerate this set. Given a set of formulas Γ_s, define Γ_sk to be Γ_s∪{k_s}∪{@_j_xsx∣ x∈SVAR_s}, where k_s is the first new nominal of sort s in our enumeration and j_x are such that if x and y are different state variables of sort s then also j_x and j_y are different nominals of same sort s. As showed in [10], Γ_sk is consistent.
Now we enumerate on each sort s∈S all the formulas of the new language obtained by adding the set of new nominals and define Γ0:=Γ_sk. Suppose we have defined Γm, where m≥0. Let ϕ_m+1 be the m+1−th formula of sort s in the previous enumeration. We define Γm+1 as follows. If Γm∪{ϕ_m+1} is inconsistent, then Γm+1=Γm. Otherwise:
Γm+1=Γm∪{ϕ_m+1}, if ϕ_m+1 is not of the form @_zσ(…,φ,…), @_xx or @_j∃xφ(x), where j is any nominal of sort s′′, φ a formula of sort s′′, x∈SVAR_s′′ and z is a state symbol.
Γm+1=Γm∪{ϕ_m+1}∪{@_x(k∧x)}, if ϕ_m+1 is of the form @_xx.
Γm+1=Γm∪{ϕ_m+1}∪{@_xσ(…,k∧ϕ,…)}, if ϕ_m+1 is of the form @_xσ(…,φ,…).
Γm+1=Γm∪{ϕ_m+1}∪{@_jφ[k/x]}, where ϕ_m+1 is of the form @_j∃xφ(x).
In clauses (ii) and (iii), k is the first new nominal in the enumeration that does not occur in Γi for all i≤m, nor in @_xσ(…,φ,…).
Let Γ+=⋃_n≥0Γn. Because k∈Γ0⊆Γ+, this set in named, maximal, pasted and @-witnessed by construction. We will check if it is consistent for the expansion made in the second, third and fourth items.
Suppose Γm+1=Γm∪{ϕ_m+1}∪{@_x(k∧x)} is an inconsistent set, where ϕ_m+1 is @_xx. Then there is a conjunction of formulas χ∈Γm∪{ϕ_m+1} such that ∣\joinrel\joinrel sχ→¬@_x(k∧x) and so ∣\joinrel\joinrel s@_x(k∧x)→¬χ. But k is the first new nominal in the enumeration that does not occur neither in Γm, nor in @_xx and by Paste0 rule we get ∣\joinrel\joinrel s@_xx→¬χ. Then ∣\joinrel\joinrel sχ→¬@_xx, which contradicts the consistency of Γm∪{ϕ_m+1}.
Suppose Γm+1=Γm∪{ϕ_m+1}∪{@_xσ(…,k∧φ,…)} is an inconsistent set, where ϕ_m+1 has the form @_xσ(…,φ,…). Then there is a conjunction of formulas χ∈Γm∪{ϕ_m+1} such that ∣\joinrel\joinrel sχ→¬@_xσ(…,k∧φ,…) and so ∣\joinrel\joinrel s@_xσ(…,k∧φ,…)→¬χ. But k is the first new nominal in the enumeration that does not occur neither in Γm, nor in @_xσ(…,φ,…), therefore, by Paste1 rule we get ∣\joinrel\joinrel s@_xσ(…,φ,…)→¬χ. It follows that ∣\joinrel\joinrel sχ→¬@_xσ(…,φ,…), which contradicts the consistency of Γm∪{ϕ_m+1}. ∎
Definition 20** (Named models and natural assignments).**
For any s∈S, let Γ_s be a named, pasted and witnessed maximal consistent set and for all state symbols z, let Δ_z={φ∣@_zsφ∈Γ_s}. Define W_s={Δ_x∣z a state symbol of sort s}. Then, we define M=(W,{R_σ}_σ∈Σ), the named model generated by the S-sorted set Γ={Γ_s}_s∈S, where R_σ and V are the restriction of the canonical relation and the canonical valuation. We define the natural assignment g_s:SVAR_s→W_s by g_s(x)={w∈W_s∣x∈w}.
Lemma 21** (Existence Lemma).**
Let M=(W,{R_σ}_σ∈Σ) be a named model generated by a named and pasted S-sorted set Γ and let w be a witnessed maximal consistent set. If σ(ϕ_1,…,ϕ_n)∈w then there exists witnessed maximal consistent sets u_i such that R_σwu_1…u_n and ϕ_i∈u_i for any i∈[n].
Proof.
Let σ(ϕ_1,…,ϕ_n)∈w, then @_sjσ(ϕ_1,…,ϕ_n)∈Γ_s, but Γ_s is pasted( then 1−pasted), so there exists k_1 a nominal of sort s_1 such that @_sjσ(ϕ_1∧k_1,…,ϕ_n)∈Γ_s, so σ(ϕ_1∧k_1,…,ϕ_n)∈Δ_j=w.
We want to prove that Δ_k_1,…,Δ_k_n are suitable choices for u_1,…,u_n.
Let ψ_1∈Δ_k_1. Then @_k_1ψ_1∈Γ_s and by agreement property we get @_k_1ψ_1∈Δ_j. But ∣\joinrel\joinrel sk_1∧ψ_1→@_k_1ψ_1 (instance of Introduction axiom), and by modal reasoning we get σ(@_k_1ψ_1,ϕ_2,…,ϕ_n)∈Δ_j. From Back axiom, @_k_1ψ_1∈Δ_j and by using the agreement property, @_k_1ψ_1∈Γ_s. Hence, ψ_1∈Δ_k_1.
Now, σ(ψ_1,ϕ_2,…,ϕ_n)∈Δ_j, then @_jσ(ψ_1,ϕ_2,…,ϕ_n)∈Γ_s, but the set is pasted, then exists k_2 a nominal of sort s_2 such that @_jσ(ψ_1,k_2∧ϕ_2,ϕ_3,…,ϕ_n)∈Γ_s. Then σ(ψ_1,k_2∧ϕ_2,ϕ_3,…,ϕ_n)∈Δ_j.
Let ψ_2∈Δ_k_2. Then @_k_2ψ_2∈Γ_s and by agreement property we get @_k_2ψ_2∈Δ_j. But ∣\joinrel\joinrel sk_2∧ψ_2→@_k_2ψ_2 (instance of Introduction axiom), and by modal reasoning we get σ(ψ_1,@_k_2ψ_2,ϕ_3,…,ϕ_n)∈Δ_j. From Back axiom, @_k_2ψ_2∈Δ_j and by using the agreement property, @_k_2ψ_2∈Γ_s. Hence, ψ_2∈Δ_k_2. Therefore, by induction, we get that ψ_i∈Δ_k_i for any i∈[n]. Then @_k_iψ_i∈Γ_s if and only if, by agreement property, @_k_iψ_i∈Δ_j. But σ(k_1,…,k_n)∈Δ_j and by using the Bridge axiom, it follows that σ(ψ_1,…,ψ_n)∈Δ_j. We proved that for any i∈[n], ψ_i∈Δ_k_i we have σ(ψ_1,…,ψ_n)∈Δ_j and by Definition 20, it follows that R_σΔ_jΔ_k_1…Δ_k_n.
∎
Lemma 22** (Truth Lemma).**
Let M be a model, g an M-assignment and w a maximal consistent set. For any sort s∈S and any formula ϕ of sort s, we have
ϕ∈w if and only if M,g,w∣\joinrel=sϕ.
Proof.
We make the proof by structural induction on ϕ. All the cases except the one for @_z are similar with the ones of the H_Σ(∀) system. Suppose M,g,w∣\joinrel=s@_szϕ iff M,g,Δ_z∣\joinrel=s@_szϕ (by Lemma 17.(3)) iff ϕ∈Δ_z (inductive hypothesis) iff @_szϕ (by Intro axiom together with z∈Δ_z) iff @_szϕ∈w (by Lemma 17.(2)).
∎
Theorem 23** (Hybrid Completeness).**
Every consistent set of formulas is satisfied.
As in the mono-sorted case, in H_Σ(@_z,∀) we can define the universal modality: Asφ:=∀x@_xsφ, where φ is a formula of sort t and x∈SVAR_t. Its dual is defined Esφ=¬As¬φ.
Note that, in our many-sorted setting, the universal modality has also the role of connecting the sorts (similarly to satisfaction operators).
Lemma 24**.**
Let M=(W,{R_σ}_σ∈Σ,V) be an S-sorted model in H_Σ(@_z,∀) and φ a formula of sort t. Then, for any s∈S, M∣\joinrel=sAsφ iff M∣\joinrel=tφ
Proof.
M∣\joinrel=sAsφ iff for any g, any w∈W_s, M,g,w∣\joinrel=sAsφ
iff for any g, any w∈W_s, M,g,w∣\joinrel=s∀x@_sxφ
iff for any g, any w∈W_s, any g′∼xg, M,g′,w∣\joinrel=s@_sxφ
iff for any g, any w∈W_s, any g′∼xg, M,g′,v∣\joinrel=tφ where g_′t(x)=v
iff for any g, any w∈W_s, any g′∼xg, M,g′,v∣\joinrel=tφ for any v∈W_t
iff M∣\joinrel=tφ.
∎
Let Γ={Γ_s}_s∈S an S-sorted set of formulas. Then M∣\joinrel=Γ if and only if M∣\joinrel=sΓ_s, for any s∈S. We define Γ_As=Γ_s∪{Asψ∣ψ∈Γ_t for some t=s}
Proposition 25**.**
Let M=(W,{R_σ}_σ∈Σ,V) be an S-sorted model in H_Σ(@_z,∀) and Γ={Γ_s}_s∈S an S-sorted set of formulas. Let s∈S, then M∣\joinrel=Γ if and only if M∣\joinrel=sΓ_As.
Proof.
Suppose M∣\joinrel=Γ if and only if M∣\joinrel=sΓ_s for any s∈S. Then M∣\joinrel=sφ for any φ∈Γ_s for any s∈S. Let s,t∈S, so for any ψ∈Γ_t, M∣\joinrel=tψ and by Lemma 24, we get M∣\joinrel=sAsψ, for any ψ∈Γ_t. It follows that, for any φ∈Γ_As, we have M∣\joinrel=sφ if and only if M∣\joinrel=sΓ_As. For the right-to-left direction, let s∈S and M∣\joinrel=sΓ_As. Then, for any φ∈Γ_As, we have M∣\joinrel=sφ. If φ∈Γ_s, then M∣\joinrel=sΓ_s. If φ∈Γ_As\Γ_s, then φ is Asψ, where ψ∈Γ_t for some t=s in S. Since M∣\joinrel=sAsψ, by Lemma 24, M∣\joinrel=tψ. Hence M∣\joinrel=tψ for any ψ∈Γ_t and any t=s in S. It follows that M∣\joinrel=tΓ_t for any t=s, so M∣\joinrel=Γ.
∎
4 The connection between Matching Logic and Hybrid Modal Logic
In this section we analyze the connection between
Matching logic (ML) and the Many-sorted hybrid modal logic (HModL). We denote by ML a Matching logic system (with and without definedness) and by HModL the corresponding Many-sorted hybrid modal logic system, as follows:
for ML without definedness, the corresponding system is H_Σ(∀), while
for ML with definedness, the corresponding system is
H_Σ(@_z,∀).
Recall that a matching logic signature or simply a signature
ΣML=(S,VAR,Σ) is a triple with a nonempty set S of sorts, an
S-indexed set VAR={VAR_s}_s∈S of countably infinitely many
sorted variables denoted x:s; y:s, etc., and an (S∗×S)-indexed
countable set Σ={Σ_s_1…s_n,s}_s_1…s_n,s∈S of many-sorted symbols.
A matching logic ΣML-model M=({M_s}_s∈S, {σ_M}_σ∈Σ) consists of a non-empty carrier set M_s for each sort s∈S and a function σ_M:M_s_1×…×M_s_n→P(M_s) for each symbol σ∈Σ_s_1…s_n,s called the interpretation of σ in M.
The pointwise extension, σ_M:P(M_s_1)×…×P(M_s_n)→P(M_s) is defined as:
σ_M(A_1,…,A_n)=⋃{σ_m(a_1,…,a_n)∣a_i∈A_i for all i∈[n]},\mboxwhereA_i⊆M_i\mboxforalli∈[n].
Let ΣML=(S,VAR,Σ) and let M be a ΣML-model. Given a map ρ:VAR→M, called an M-valuation, let its extension ρ:PATTERNML→P(M) be inductively defined as fallows:
ρ(x)={ρ(x)}, for all x∈VAR_s
ρ(¬φ)=M_s\ρ(φ), for all φ∈PATTERN_s
ρ(φ_1∨φ_2)=ρ(φ_1)∪ρ(φ_2), for all φ_1,φ_2 patterns of the same sort
ρ(σ(φ_1,…,φ_n))=σ_M(ρ(φ_1),⋯,ρ(φ_n)), for all σ∈Σ_s_1…s_n,s and appropriate φ_1,…,φ_n
ρ(∃x.φ)=⋃_a∈M_s′ρ[a/x](φ), for all x∈VAR_s
where “\” is set difference and ρ[a/x] denotes de M-valuation ρ′ with ρ′(x)=a and ρ′(y)=ρ(y) for all y=x.
In Matching logic M satisfies φ_s, written M⊨φ_s, iff ρ(φ_s)=M_s for all ρ:VAR→M.
For any sorts (not necessarily distinct) s_1,s_2∈S, we consider the unary symbol ⌈_−⌉_s_2s_1∈Σ_s_1,s_2, called the definedness symbol, and the pattern/symbol ⌈x:s_1⌉_s_2s_1∈Σ_s_1,s_2, called (Definedness).
For all ρ, we have ρ(⌈φ⌉_s_2s_1)=M_s_2 if ρ(φ)=∅, and ρ(⌈φ⌉_s_2s_1)=∅, otherwise. Totality, ⌊_−⌋_s_2s_1, is defined as a derived construct dual to definedness: ⌊φ⌋_s_2s_1=¬⌊¬φ⌋_s_2s_1.
The following remark clarifies the relation between definedness from Matching Logic and satisfaction operator from our logic.
Remark 26**.**
In a Matching Logic system with a definedness pattern, we can define @_xsϕ=⌈x∧ϕ⌉_s_xs, while in H_Σ(@_z,∀) we can define the Matching Logic definedness operator as ⌈ϕ⌉_s_ϕs=∃x@_xsϕ. Note that the definedness operator is thus the dual of the universal modality A recalled in the previous section.
Note that any formula of ML is a formula of HModL, but the converse does not hold, since a HModL formula might contain nominals or propositional variables. Let Form0=Form_0s_s∈S be the set of formulas in HModL that does not contain nominals and propositional variables, i.e. the only variables in these formulas are state variables. The following remark characterizes the models of a formula from Form0.
Remark 27**.**
Let F=(W,{R_σ}_σ∈Σ) be an S-sorted frame in (hybrid) modal logic and g:SVAR_s→W an assignment function. For any V_1=V_2 evaluation functions and any models based on the frame F, M_1=(F,V_1) and M_2=(F,V_2), we have M_1,g,w∣\joinrel=sφ if and only if M_2,g,w∣\joinrel=sφ for any φ∈Form_0s. In other word, because the evaluation function is defined to evaluate nominals and propositional variables, the satisfiability of formulas which contain only state variables will not be changed in models with the same frame and assignment function, but different evaluation functions.
For any s∈S, φ∈Form_0s we define F,g,w∣\joinrel=sφ if and only if M,g,w∣\joinrel=sφ for any M model based on the frame F if and only if M,g,w∣\joinrel=sφ for some M model based on the frame F. Therefore, we use the following notation: (F,g)∣\joinrel=sφ if and only if F,g,w∣\joinrel=sφ for any w of sort s in any model based on the frame F.
The following definition gives the correspondence between the models of ML and those of HModL, both logics having the same many-sorted signature.
Definition 28**.**
*Let (S,Σ) be a many-sorted signature.
(1) Let M be a model of ML and ρ an M-valuation. We define the frame F_M in HModL such that W_s=M_s for any s∈S and R_σww_1…w_n if and only if w∈σ_M(w_1,…,w_n). Moreover, let g_s(x)=ρ(x) for any s∈S and x∈SVAR_s. Hence, to any model and valuation (M,ρ) of ML we associate a model (F,ρ) of HModL.*
(2) Let (F,g) be a model of HModL with F=(W,{R_σ}_σ∈Σ). We define a model in ML as follows: let M_s=W_s for any s∈S, w∈σ_M(w_1,…,w_n) if and only if R_σww_1…w_n and ρ(x)=g_s(x) for any s∈S and x∈SVAR_s. Hence, to any model \ (\mathcal{F},g)\ of HModL we can associate a model (M_F,g) of ML.
In the sequel, we need to speak about satisfiability in ML and satisfiability in HModL. Therefore, to distinguish these two notions, we use ∣\joinrel=s_ML when refer to satisfiability in ML and we use ∣\joinrel=s_HModL for HModL.
Proposition 29**.**
Let φ∈Form_0s. Then
- (1)
(M,ρ)∣\joinrel=sMLφ* if and only if (F_M,ρ)∣\joinrel=sHModLφ*
2. (2)
(F,g)∣\joinrel=sHModLφ* if and only if (M_F,g)∣\joinrel=sMLφ*
Proof.
We only prove the first item of the proposition by induction over φ, the other one is similar.
∙ (M,ρ)∣\joinrel=sMLx, where x∈SVAR_s iff ρ(x)=M_s={w} iff W_s=M_s and ρ(x)=w iff
F_M,ρ,w∣\joinrel=sHModLx, for any w∈W_s iff (F_M,ρ)∣\joinrel=sHModLx.
∙ (M,ρ)∣\joinrel=sML¬φ iff (M,ρ) ∣\joinrel=sMLφ iff (F_M,ρ) ∣\joinrel=sHModLφ (induction hypothesis) iff
(F_M,ρ)∣\joinrel=sHModL¬φ.
∙ (M,ρ)∣\joinrel=sMLφ_1∨φ_2 iff (M,ρ)∣\joinrel=sMLφ_1 or (M,ρ)∣\joinrel=sMLφ_2 iff (F_M,ρ)∣\joinrel=sHModLφ_1 or (F_M,ρ)∣\joinrel=sHModLφ_2 (induction hypothesis) iff (F_M,ρ)∣\joinrel=sHModLφ_1∨φ_2.
∙ (M,ρ)∣\joinrel=sMLσ(φ_1,…,φ_n) iff σ_M(ρ(φ_1),…,ρ(φ_n))=M_s iff ⋃{σ_M(m_1,…,m_n)∣m_i∈ρ(φ_i), for any i∈[n]}=M_s iff for any m∈M_s exist m_1∈ρ(φ_1),…,m_n∈ρ(φ_n) such that m=σ_M(m_1,…,m_n) iff for any m∈M_s exist m_1∈M_s_1,…,m_n∈M_s_n such that R_σmm_1…m_n and F_M,ρ,m_i∣\joinrel=s_iHModLφ_i for any i∈[n] iff for any m∈M_s, F_M,ρ,m∣\joinrel=sHModLσ(φ_1,…,φ_n) iff (F_M,ρ)∣\joinrel=sHModLσ(φ_1,…,φ_n).
∙ (M,ρ)∣\joinrel=sML∀xφ iff ρ(∀xφ)=M_s iff ⋂_a∈M_s′{ρ′(φ)∣\mboxforallρ′∼xρ}=M_s iff for all m∈M_s and for all ρ′∼xρ, m∈ρ′(φ) iff for all ρ′∼xρ, (M,ρ′)∣\joinrel=sMLφ iff for all ρ′∼xρ, (F_M,ρ′)∣\joinrel=sHModLφ (induction hypothesis) iff (F_M,ρ′)∣\joinrel=sHModL∀xφ.
∎
Theorem 30**.**
For any formula φ from ML, we have ∣\joinrel\joinrel _MLφ iff ∣\joinrel\joinrel s_HModLφ.
Proof.
Let φ be a formula of sort s from Matching logic. Then φ∈Form_0s. From the Completeness Theorem proved in [6], ∣\joinrel\joinrel __MLφ iff for any model M from ML, (M,ρ)∣\joinrel=sMLφ. From the Completeness Theorem proved for HModL, we have ∣\joinrel\joinrel s__HModLφ iff for any model M and any w∈W_s, M,g,w∣\joinrel=sHModLφ. Let M be a model from ML, such that (M,ρ)∣\joinrel=sMLφ. But φ∈Form_0s, so the satisfiability of the formula φ is not affected by the evaluation function, but by frame, by assignment function and by world. Therefore, ∣\joinrel\joinrel s__HModLφ iff for any w∈W_s and any F, F,g,w∣\joinrel=sHModLφ iff for any w∈W_s and any F, (F,g)∣\joinrel=sHModLφ. But case 1. from Proposition 29 tell us that to any model in ML where (M,ρ)∣\joinrel=sMLφ we can associate a model in HModL such that (F_M,ρ)∣\joinrel=sHModLφ. And case 2 of Proposition 29 tell us that for any model in HModL (F,ρ)∣\joinrel=sHModLφ we have (M,ρ)∣\joinrel=sMLφ. Therefore, our proof is completed.
∎
So far we’ve remarked that formulas of ML are particular formulas of HModL and we’ve analized the satisfaction of such formulas in both logics. In the most general case, a formula from HModL has nominals and propositional variables (that are interpreted as sets that are not necessarily singletons). In the sequel we show how we can represent any HModL formula in ML. Following the well-known theorem of constants, our main steps are the following:
-
we represent the propositional variables from HModL as constant operations in ML;
2. 2.
we represent the nominals from HModL as constant operations in ML and, in order to interpret them as singletons, we ask them to satisfy the property of the functional patterns from ML.
We need to recall further definitions from ML. For each pair of sorts s_1 (for the compared patterns) and s_2 (for the context in which the equality is used), equality is defined _− =_s_2s_1 _− as the following derived construct:
φ=_s_2s_1φ′ ≡ ⌊φ↔φ′⌋_s_2s_1 \mbox,whereφ,φ′∈PATTERN_s_1.
Let (S,Σ) be a many sorted signature and assume that
HModL_(S,Σ) is the system H_Σ(@_z,∀) as before. We define Σ_PROP={c_p∣p∈PROP} and Σ_NOM={c_i∣i∈NOM}. We set
Σ′=Σ∪Σ_PROP∪Σ_NOM and Γ′={∃x(x=c_i)∣i∈NOM}.
If φ is a formula in HModL_(S,Σ), let φ′ be the formula obtained by replacing p with c_p for any p∈PROP and i with c_i for any i∈NOM. Hence φ′ is a formula in ML over the signature (S,Σ′), which will be called ML_(S,Σ′).
Theorem 31**.**
Let (S,Σ) be a many-sorted signature and assumeφ is a formula of sort s in HModL_(S,Σ). If Σ′, Γ′ and φ′ are defined as above then ∣\joinrel\joinrel s_HModL_(S,Σ)φ iff Γ′⊢_ML_(S,Σ′)φ′.
Proof.
Let M=(W,{R_σ}_σ∈Σ,V) be a model for φ in HModL_(S,Σ). We define
M′=(W,{σ_M′}_σ∈Σ′) such that σ_M′ is defined as in Definition 28 for σ∈Σ,
c_p_M′=V(p) for any p∈SVAR and c_i_M′=V(i) for any i∈NOM. Note that V(i) is a singleton set, so M′⊨_ML_(S,Σ′)Γ′. For any g:SVAR→W one can easily prove that
M,g,w∣\joinrel=s_HModL_(S,Σ)φ for any w∈W_s if and only if (M,g)⊨_ML_(S,Σ′)φ′. Conversly, if (M′,ρ) is a model for φ′ in
ML_(S,Σ′) such that M′⊨_ML_(S,Σ′)Γ′ then ρ(c_i) is a singleton set by [12, Proposition 5.18], so we can safely define V(i)=ρ(c_i) for any i∈NOM and V(p)=ρ(c_p) for any p∈PROP. If M=(M′,{R_σ}_σ∈Σ,V) where R_σ is defined as in Definition 28. One can easily see that
M′⊨_ML_(S,Σ′)φ′ if and only if M,ρ,w∣\joinrel=s_HModL_(S,Σ)φ for any w∈M_s. The intended syntactical connection follows using the completness theorems for ML and HModL.
∎
5 Conclusions
The results proved in Section 4 allow the transfer of results between many-sorted hybrid modal logic and Matching logic. Note that, both in this paper, as well as in [6, 12], there are two pairs of systems we can consider, the connection being stated by Theorem 30 and Theorem 31: H_Σ(@_z,∀) is related to Matching logic with Definedness [12], while
H_Σ(∀) is related to Matching logic without Definedness [6].
While Matching logic is a young logic for program verification, the hybrid modal logic is quite established, with roots go back to the work of Prior in the 50’s [11]. As we proved in this paper, they are strongly connected and the connection goes both ways. At the same time, each system has its peculiarities, an important distinction being the local (in the modal case) versus global (in the case of Matching logic) approach to deduction. Modal logic in general and hybrid logic in particular has a plethora of applications, both theoretical and practical. Matching logic supports the development of the K framework, leading not only to formal specification, but also to concrete implementations. We hope that the interaction between this two approaches will be of further interest for both systems and we plan to further investigate it in the future.