Professional Documents
Culture Documents
Honours Paper
Honours Paper
Abstract
In this research project, I shall implement two tableau-based procedures used for satisfiability
checking in Epistemic Logic, namely the procedure developed by Goranko and Shkatov [2],
and the procedure developed by Abate, Gore and Widmann [1]. These procedures did not have
any implementations up until now. I shall then investigate and compare the two procedures
by devising 20 Epistemic Logic test formulae to run the procedures on, and capturing the
average running times of the two procedures.
1
Background
Multi-agent Epistemic Logic (MAEL) is a branch of logic concerned with reason-
ing about the knowledge of rational agents. MAEL is most prominently applied
to design and verification of distributed systems, where each component in the
system is treated as an agent [8]. However, with recent advances in Artificial In-
telligence, more serious attempts are being made to develop agents with greater
abilities in reasoning, and so MAEL offers a powerful existing framework to
develop these agents from [3], [4].
Syntax
A recursive definition of the language of MAEL is given as follows:
Syntax Description
Intuitively, distributed knowledge DA φ is knowledge that can be derived by
combining agents’ individual knowledge. For example, Ann knows that Bob
loves either Catherine or Dora, and Emma knows that Bob loves either Dora or
Fiona, therefore together Ann and Emma know that Bob loves Dora. Written
formally as Ka (φ ∨ ψ) ∧ Ke (ψ ∨ ω) ⇒ D{a,e} ψ.
2
Semantics
MAEL formulae are interpreted over a ‘many-worlds’ model. Intuitively this
means that each agent, given his knowledge, considers a number of states of
the world as the possible true state of the world. For example, sitting here in
my room in Johannesburg I do not know the weather in London. I consider it
both possible that it is raining, or not raining in London, hence these are two
possible states of the world I consider. We say that these possible states are
indistinguishable to me.
• M, u ⊨ p if p ∈ L(u), where p ∈ AP
• M, u ⊨ ¬φ if M, u ⊭ φ
• M, u ⊨ φ ∧ ψ if M, u ⊨ φ and M, u ⊨ ψ
3
Introduction
To understand satisfiability checking, we must first define satisfiability.
Definition 2. A MAEL formula φ is satisfiable if there exists some MAEM
M = ⟨Ag, AP, S, ∼1 , ∼2 , ..., ∼n , L⟩ and a possible state s ∈ S, for which
M, s ⊨ φ.
Up until now, Ajspur et al.’s procedure has only been developed theoreti-
cally, with no implementation [2]. I developed software to run these procedures
in Java 17, which can be used to check if a MAEL formula is satisfiable or not,
as in most cases this would require too much work to be done by hand. The
programs for satisfiability checking can also form part of a larger artificial in-
telligence system
Note that Abate et al.’s procedure was not designed for the distributed knowl-
edge operator, and can only accept the common knowledge operator for the full
set of agents. So a simplified version of Ajspur et al.’s procedure [7] was used in
this comparison instead, where coalitions of agents are not considered.
4
Goranko and Shkatov’s Procedure
The procedure attempts to construct not a MAEM, but a Hintikka structure.
The main difference is that while a MAEM determines the truth of every for-
mula of the language at every state, the Hintikka structure focuses only on the
truth value of formulae relevant to the inputted formula. With that said, it is
shown that if a formula is satisfiable in some MAEM, then there exists a Hin-
tikka structure for it, and vice versa [7].
The actual procedure is carried out in three phases: the construction phase,
the prestate elimination phase, and the state elimination phase. If at the end
there is a state containing the inputted formula θ, then θ is declared satisfiable.
Construction Phase
During this phase, a pretableau is built. This pretableau consists of two types
of nodes: states (∆) and prestates (Γ), and two types of edges which connect
prestates to states, or states to prestates.
The construction phase begins with a single prestate containing θ. Then the
following rules are applied:
5
• (DR) Creates prestates from states.
For a state ∆ containing ¬Dφ for some arbitrary φ and agent a (note
that the operator D refers to distributed knowledge among all agents).
If ∆ does not contain a patent inconsistency, then create a new prestate
Γ = {¬φ} ∪ {Dψ | Dψ ∈ ∆} ∪ {¬Dψ | ¬Dψ ∈ ∆} ∪ {Ka χ | Ka χ ∈
∆} ∪ {¬Ka χ | ¬Ka χ ∈ ∆}. ∆ is then connected to Γ with an arrow
¬Dφ
labeled ¬Dφ, ∆ −−−→ Γ. However, if there already exists a Γ′ such that
¬Dφ
Γ′ = Γ, then ignore Γ and put ∆ −−−→ Γ′ .
Note that while no formulae with the distributed knowledge operator
will be tested, the procedure expands knowledge-operator-formulae into
distributed-knowledge-operator-formulae in Definition 3.1 [7], and hence
it is necessary to include this rule.
The rules are applied alternatively. First (SR) is applied to create states,
then (KR) and (DR) are applied to create prestates, then repeat. The con-
struction phase ends when every prestate which gets created by (KR) and
(DR) is already in the pretableau, or when there are only states to which nei-
ther (KR) nor (DR) is applicable (i.e. states not containing formulae of the
form ¬Ka φ or ¬Dφ, or containing patent inconsistencies). It can be proven
that the construction phase does in fact terminate [7].
(PR) For every prestate Γ in the pretableau, remove Γ, and if there is a state
χ χ
∆ such that ∆ −
→ Γ, then for every state ∆′ that Γ points to, put ∆ − → ∆′ .
(E1) is applied once, and then (E2) and (E3) are applied repeatedly.
6
Abate, Gore and Widmann’s Procedure
The tableau which this procedure attempts to build varies from Goranko and
Shkatov’s procedure. For starters, this tableau is a tree, meaning it doesn’t
allow for cycles.
The nodes in the tableau store additional information known as histories and
variables. A history is used to pass information down from parent nodes to
child nodes, and a variable is used to propagate information up from children
to parents.
The procedure also only allows for one rule to be applied to a node. A summary
of the rules is given; for exact details on the rules the reader should refer to [1]:
1. Terminal Rule
This rule closes a node if it contains an inconsistency in its formula set
of the form {p, ¬p} where p ∈ AP . Closing a node means changing the
node’s variable, which in turns passes information up to its parent. This
can lead to a chain reaction of nodes closing.
7
The rules are to be applied according to their priority. First the Terminal
Rule, then the Linear Rules, then the Universal Branching Rules, then the Ex-
istential Branching Rule.
The procedure begins with a single node containing the inputted formula θ.
It terminates once no rules can be applied to any of the leaves (often because
they have all been closed). Once this happens, a check is made to see if the
root node is open or closed. If the root is open, then θ is satisfiable, else θ
is unsatisfiable. Note that the procedure can terminate early if the root node
is closed earlier on, hence the procedure will not always exhibit its worst-case
2EXPTIME behaviour.
Implementation
An important decision when implementing these procedures is deciding how the
MAEL formulae will be represented. Simply storing the formulae as strings
could lead to further difficulties later on when they need to be decomposed or
checked for sub-formulae using a recursive call. Instead formulae will stored in
a sort of linked list where each node is a logical operator or atomic proposition,
and points to other operators.
Note that the conjunction operator points to two other operator nodes, since
it is a binary operator.
The reader may notice that this is just the syntax directed acyclic graph
(DAG) of the formula [5]. An advantage of using the syntax DAG comes when
checking if two formulae are equal. A string representation is sensitive to re-
dundant brackets, for example the two formulae (Ka p) ∧ (Kb p) and Ka p ∧ Kb p
would be declared not equal if checking string representations, but this is not a
problem with the syntax DAG.
The operator nodes themselves will be represented using classes, one for
each operator and an additional one for atomic propositions. Each class will
8
implement a formula interface, allowing them all to be treated the same when
stored in containers. An advantage of using objects is that the object can
easily store the coalition corresponding to a particular operator. Additionally,
the implication, bi-implication, disjunction and knowledge operators can all be
represented using other operators:
• φ ∨ ψ ≡ ¬(¬φ ∧ ¬ψ)
• φ → ψ ≡ ¬φ ∨ ψ ≡ ¬(φ ∧ ¬ψ)
• φ ↔ ψ ≡ (φ → ψ) ∧ (ψ → φ) ≡ (¬(φ ∧ ¬ψ)) ∧ (¬(ψ ∧ ¬φ))
• Ka φ ≡ D{a} φ
• Eφ ≡ i∈Ag Ki φ ≡ i∈Ag D{i} φ
V V
9
Test Formulae
The following 20 test formulae types were used to evaluate the performance
of the two procedures. The formulae types were chosen to represent a wide
variety of cases. Each formula type is designed to be scalable in n. Note that
all formulae with the common knowledge operator scale in n in the number of
agents.
Satisfiable
1. K1 φ1 ∧ K2 φ2 ∧ ... ∧ Kn φn
2. ¬K1 φ1 ∧ ¬K2 φ2 ∧ ... ∧ ¬Kn φn
3. Cφ
4. ¬C¬φ
5. K1 (φ1 ∨ φ2 ∨ ... ∨ φn ) → (φ1 ∨ φ2 ∨ ... ∨ φn )
6. K1 φ → K1 K1 φ → ... → K1 ...K1 φ ; where n is the number of → operators
7. K1 ((φ1 → φ2 ) ∧ ... ∧ (φn−1 → φn )) → ((K1 φ1 → K1 φ2 ) ∧ ... ∧ (K1 φn−1 →
K1 φn ))
8. K1 φ1 ∧ K2 φ2 ∧ ... ∧ Kn φn ∧ C((φ1 → φ2 ) ∧ ... ∧ (φn−1 → φn )) ∧ Cφn
9. ¬K1 ¬φ ∧ ¬K2 ¬φ ∧ ... ∧ ¬Kn−1 ¬φ ∧ Kn φ
10. (C((φ1 → φ2 ) ∧ ... ∧ (φn−1 → φn )) ∧ Cφ1 ) → Cφn
11. K1 φ ∧ K2 φ ∧ ... ∧ Kn φ ∧ ¬Cφ
12. (Cφ1 ∨ Cφ2 ∨ ... ∨ Cφn ) → (φ1 ∨ φ2 ∨ ... ∨ φn )
Unsatisfiable
1. K1 (φ1 ∨ φ2 ∨ ... ∨ φn ) ∧ ¬φ1 ∧ ¬φ2 ∧ ... ∧ ¬φn
2. K1 (φ1 ∧ φ2 ∧ ... ∧ φn ) ∧ φ1 ∧ φ2 ∧ ... ∧ φn−1 ∧ ¬φn
3. Cφ ∧ K1 φ ∧ K2 φ ∧ ... ∧ Kn−1 φ ∧ ¬Kn φ
4. K1 ((φ1 → φ2 ) ∧ ... ∧ (φn−1 → φn )) ∧ K1 φ1 ∧ ¬K1 φn
5. (Cφ) ∧ ¬φ
6. ¬C(φ ∨ ¬φ)
7. C((φ1 → φ2 ) ∧ ... ∧ (φn−1 → φn )) ∧ Cφ1 ∧ ¬K1 φn
8. K1 φ ∧ K2 φ ∧ ... ∧ Kn φ ∧ KRandom ¬φ
10
Results
11
Analysis
Both procedures did similarly well for S1-S4.
Procedure 2 outperformed Procedure 1 for S5, S6 and S7. This is most likely
thanks to the one-pass and cut-free nature of Procedure 2, and that the rules
in Procedure 2 are generally faster operations than those of Procedure 1.
Onto the unsatisfiable formulae. These were largely variations on the nega-
tions of the axioms of S5 logic [11]. Procedure 2 does better for the unsatisfiable
formulae in general, which is most apparent for US1, US4 and US7. This is
because Procedure 2 has a major advantage when it comes to unsatisfiable for-
mulae, that being it can terminate early. Whilst Procedure 1 works by always
applying the rules of construction and (pre)state elimination until they are no
longer applicable; Procedure 2 will only apply a given rule if the root node has
not been marked. The root node can be marked during the application of any
rule, so this allows it to be marked while there are still rules applicable, and
hence the procedure can terminate early, saving considerable time.
Conclusion
Through this thorough experiment of both procedures, I have been able to
confirm the theoretical results that both procedures are in EXPTIME. This is
in compliance with the known EXPTIME(-complete) lower bound of tableau-
based satisfiability checking for Epistemic Logic [6]. Furthermore I have been
able to provide strong experimental evidence that the average-case behaviour
of Abate, Gore and Widmann’s Procedure is superior to that of Goranko and
Shkatov’s Procedure. Lastly, the results from this experiment can provide some
useful insights into the type of formulae that each procedure struggles and excels
with, which can be helpful for logicians looking to use the developed software
for their own purposes of satisfiability checking.
12
References
[1] P. ABATE, R. GORE, F. WIDMANN, “Cut-free Single-pass Tableaux for
the Logic of Common Knowledge”, 2007
[2] M. AJSPUR, V. GORANKO and D. SHKATOV, “Tableau-based decision
procedure for the multiagent epistemic logic with all coalitional operators
for common and distributed knowledge”, Logic Journal of the IGPL, vol. 21,
no. 3, pp. 407–437, 2013.
13