SlideShare utilise les cookies pour améliorer les fonctionnalités et les performances, et également pour vous montrer des publicités pertinentes. Si vous continuez à naviguer sur ce site, vous acceptez l’utilisation de cookies. Consultez nos Conditions d’utilisation et notre Politique de confidentialité.

SlideShare utilise les cookies pour améliorer les fonctionnalités et les performances, et également pour vous montrer des publicités pertinentes. Si vous continuez à naviguer sur ce site, vous acceptez l’utilisation de cookies. Consultez notre Politique de confidentialité et nos Conditions d’utilisation pour en savoir plus.

Ce diaporama a bien été signalé.

Vous avez aimé cette présentation ? Partagez !

2 321 vues

Publié le

and the connections between temporal logic and FRP. I propose a rather "pedestrian" approach to propositional linear-time temporal logic (LTL), showing how to perform calculations in LTL and how to synthesize programs from LTL formulas. I intend to explain why LTL largely failed to

solve the synthesis problem, and how FRP tries to cope.

FRP can be formulated as a -calculus with types given by the propositional intuitionistic LTL. I will discuss the limitations of this approach, and outline the features of FRP that are required by typical application programming scenarios. My talk will be largely self-contained and should be understandable to anyone familiar with Curry-Howard and functional programming.

Licence: CC Attribution-NoDerivs License

Aucun téléchargement

Nombre de vues

2 321

Sur SlideShare

0

Issues des intégrations

0

Intégrations

74

Partages

0

Téléchargements

34

Commentaires

0

J’aime

3

Aucune incorporation

Aucune remarque pour cette diapositive

- 1. Temporal Logic and Functional Reactive Programming Sergei Winitzki Bay Area Categories and Types April 25, 2014 Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 1 / 23
- 2. What is reactive programming Transformational programs Reactive programs example: pdflatex frp_talk.tex example: any GUI program start, run, then stop keep running indenitely read some input, write some output wait for signals, send messages execution: sequential + some parallel main run loop + concurrency diculty: algorithms signal/response sequences specication: classical logic temporal logic? owcharts? verication: prove it correct model checking? synthesis: extract code from proof temporal synthesis? type theory: intuitionistic logic intuitionistic temporal logic Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 2 / 23
- 3. The uses of logic in computer science 1 Logic as a specication language - enables automatic verication Automatic synthesis of programs from specications? 2 (Intuitionistic) logic as type theory - guides language design Mathematicians have already minimized the set of axioms! 3 Logic programming - use a decidable subset of logic Very high-level language, but limited to its domain 4 Automated theorem proving - derive a program as a proof artifact Requires advanced type systems and proof heuristics Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 3 / 23
- 4. Part 1: Introduction to temporal logic Let's forget all philosophy, what is time, what is true, modal logic... We want to see logic as a down-to-earth, computationally useful tool We begin with the computational view of classical Boolean logic Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 4 / 23
- 5. Boolean algebra: notation Classical propositional (Boolean) logic: T , F , a ∨ b, a ∧ b, ¬a, a → b A notation better adapted to school-level algebra: 1, 0, a + b, ab, a The only new rule is 1 + 1 = 1 Dene a → b = a + b Some identities: 0a = 0, 1a = a, a + 0 = a, a + 1 = 1, a + a = a, aa = a, a + a = 1, aa = 0, (a + b) = a b , (ab) = a + b , a = a a (b + c) = ab + ac, (a + b) (a + c) = a + bc DNF = expand all brackets. Some DNF simplication tricks: a + ab = a, a (a + b) = a, (a → b) a → c = ab + a c, (a → x) b → x = a + x b + x = x a + xb Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 5 / 23
- 6. Boolean algebra: example Of the three suspects A, B, C , only one is guilty of a crime. Suspect A says: B did it. Suspect B says: C is innocent. The guilty one is lying, the innocent ones tell the truth. φ = ab c + a bc + a b c a b + ab b c + bc Simplify: expand the brackets, omit aa , bb , cc , replace aa = a etc.: φ = ab c + 0 + 0 = ab c The guilty one is A. Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 6 / 23
- 7. Synthesis of Boolean programs Specication of a Boolean program: If the boss is in, I need to work unless the telephone rings. If the boss is not in, I go drink tea. b =boss is in, r =telephone rings, w =I work, w =I drink tea φ(b, r , w ) = br → w b → w = w br + wb = w b + r + wb Goal: given any b and r , compute w such that φ(b, r , w ) = 1. One solution is just φ(b, r , w = 1): w = φ(b, r , 1) = 0 b + r + 1b = b I work if and only if the boss is in (Other solutions exist, e.g. w = br ) Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 7 / 23
- 8. Propositional linear-time temporal logic (LTL) Reactive programs respond to an innite stream of signals So let's work with innite boolean sequences (linear time) Boolean operations: a = [a0, a1, a2, ...] ; b = [b0, b1, b2, ...] ; a + b = [a0 + b0, a1 + b1, ...] ; a = a0, a1, ... ; ab = [a0b0, a1b1, ...] Temporal operations: (Next) Na = [a1, a2, ...] (Sometimes) Fa = [a0 + a1 + a2 + ..., a1 + a2 + ..., ...] (Always) Ga = [a0a1a2a3..., a1a2a3..., a2a3..., ...] Other notation (from modal logic): Na ≡ a; Fa ≡ ♦a; Ga ≡ a Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 8 / 23
- 9. Temporal xpoints and the µ-calculus notation LTL admits only temporal functions dened by xpoints: Fa = [a0 + a1 + a2 + a3 + ..., a1 + a2 + a3 + ..., ...] Fa = a + N(Fa) Ga = [a0a1a2a3..., a1a2a3..., a2a3..., ...] Ga = aN(Ga) Notation: µ for the least xpoint, ν for the greatest xpoint Fa = µx. (a + Nx) ; Ga = νx. (a(Nx)) but νx. (a + Nx) = 1; µx. (a(Nx)) = 0 The most general xpoints involving only one N: (weak Until) pUq = νx. (q + p(Nx)) (strict Until) p ˙Uq = µx. (q + p(Nx)) Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 9 / 23
- 10. LTL: interpretation of Until Weak Until: pUq = p holds from now on until q rst becomes true pUq = q + pN(q + pN(q + ...)) Example: a = [1, 0, 0, 0, 1, 0, ...] b = [0, 1, 0, 1, 0, 1, ...] aUb = [1, 1, 0, 1, 1, 1, ...] Strict Until: p ˙Uq = q must become true, and p holds until then Dualities: (Fa) = G(a ); also (p ˙Uq) = q U(p q ) Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 10 / 23
- 11. LTL: temporal specication Whenever the boss comes by my oce, I will start working. Once I start working, I will keep working until the telephone rings. G((b → Fw ) (w → w Ur )) = G b + Fw w + w Ur Whenever the button is pressed, the dialog will appear. The dialog will disappear after 1 minute of user inactivity. G (b → Fd ) (d → Ft) d → d Utd The timer t is an external event and is not specied here Dicult to say x stays true until further notice Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 11 / 23
- 12. LTL: disjunctive normal form What would be the DNF in LTL? Let's just expand brackets: φ = G b + Fw w + w Ur = b + Fw w + w Ur Nφ = b + w + N(Fw ) w + r + w N(w Ur ) Nφ = b + w + N(w + N(Fw )) w + r + w N(r + w N(w Ur )) N(...) = ... N(... ...N(... ...N(...))) ... We will never nish expanding those brackets! But many subformulas under N(...) are the same: φ1 = Fw ; φ2 = w Ur ; φ = b + w + Nφ1 w + r + w Nφ2 Nφ = rw + b w Nφ + w N(φφ1) + w N(φφ2) Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 12 / 23
- 13. LTL: disjunctive normal form Let's expand and simplify φφ1 and φφ2: we get simultaneous xpoints φ = rw + b w N(φ) + w N(φφ1) + w N(φφ2); φφ1 = rw N(φ) + r + w N(φφ1) + w N(φφ2); φφ2 = r w + b N(φ) + r N(φφ1) + w N(φφ2). The DNF for LTL is a graph! φ φφ1 rw + b′ w′ w′ w rw r φφ2 w r + w′ r(w + b′ ) w Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 13 / 23
- 14. The failure of LTL program synthesis Goal: given b and r , determine w The DNF generates a nondeterministic nite automaton (NFA) for w States of the automaton are φ, φφ1, φφ2, ... (sets of xpoints of φ) The DNF construction generates these states for us Determinizing the automaton may exponentially increase its size Worst case: for φ with n xpoints, DFA will have 2 2n states Specications will generally need to use many xpoints. Example: Whenever b is pressed, send query q and show w (Waiting). Upon reply r , show d (Done). Pressing c (Cancel) stops waiting. φ = G[ bw → bUd w w → d w U(c + r ) cw → cUw q ↔ bw rw → r Udw ]. LTL is not particularly convenient for modular specication Synthesis is not practical (I write and debug my automata by hand...) Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 14 / 23
- 15. Part 2: Temporal logic as type theory Logic gives a recipe for designing a minimal programming language (Curry-Howard isomorphism) Typically, we use an intuitionistic version of the logic: No negation, no ⊥; only a + b, ab, a → b No law of excluded middle No truth tables, no simplication Usually, cannot derive proofs automatically Axioms are predened terms needed in the language Example: (a → c) → (b → c) → (a + b → c) is the case operator Proof rules are predened constructions needed in the language Example: modus ponens (a; a → b so b) is function application Natural deduction rules are typing rules for the language Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 15 / 23
- 16. Interpreting values typed by LTL What does it mean to have a value x of type, say, G(α → αUβ)? x : Nα means that x : α will be available only at the next time tick (x is a deferred value of type α) x : Fα means that x : α will be available at some future tick(s) (x is an event of type α) x : Gα means that a (dierent) value x : α is available at every tick (x is an innite stream of type α) x : αUβ means a nite stream of α that may end with a β Some temporal axioms of intuitionistic LTL: (deferred apply) N(α → β) → (Nα → Nβ) ; (streamed apply) G(α → β) → (Gα → Gβ) ; (generate a stream) G(α → Nα) → (α → Gα) ; (read innite stream) Gα → αN(Gα) (read nite stream) αUβ → β + αN(αUβ) Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 16 / 23
- 17. A small FRP language: Elm Core Elm: polymorphic λ-calculus with lift2, foldp, async lift2 : (α → β → γ) → Gα → Gβ → Gγ foldp : (α → β → β) → β → Gα → Gβ async : Gα → Gα (lift2 makes G an applicative functor) async is a special scheduling instruction Limitations: Cannot have a type G(Gα), also no concept of N or F Cannot construct temporal values by hand This language is an incomplete Curry-Howard image of LTL! I work after the boss comes by and until the phone rings: let after_until w (b,r) = (w or b) and not r in foldp after_until false (boss, phone) Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 17 / 23
- 18. Legacy FRP systems: FrTime, Fran, AFRP, etc. Two functors: continuous behavior Gα and discrete event Fα Time is conceptually continuous Explicit N, delay by time ∆t, explicit values of time Many predened combinators that do not follow from type theory: value-now, delay-by, integral, ... (FrTime) merge, switcher, G(Gα), ... (Fran) AFRP: temporal values are not available, only combinators! Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 18 / 23
- 19. A lower-level FRP language: AdjS A lower-level type system: Nα (next), ˆµα.Σ (µ+next), α (stable) Explicit one-step temporal xpoints, for example Fτ = ˆµα.τ + α τ = ˆµα.Σ ∼= ˆµα. Nτ α Σ Term assignments, simplied (see Krishnaswamy's paper): Γ e : α Γ next e : Nα NI Γ f : Nα Γ, x : α e : β let next x = f in e : β NE Γ e : [N(ˆµα.Σ)/α] Σ Γ into e : ˆµα.Σ ˆµI Γ e : ˆµα.Σ Γ out e : [N(ˆµα.Σ)/α] Σ ˆµE Γ e : α Γ stable e : α I Γ f : α Γ, x : α e : β Γ let stable x = f in e : β E Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 19 / 23
- 20. Dreams of an ideal FRP language Requirements for a broadly usable FRP language: stable and temporal types distinguished statically seamless conversion from int to G(int) and back, for stable types construct values of type Fα by hand: from asynchronous scheduling construct values of type Fα from external sources (environment) tick-free operation: N is not needed, use F instead the runloop (UI thread / background threads) needs to be represented I guess we are still in the research phase here... Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 20 / 23
- 21. Conclusions and outlook LTL is not a good t as a specication language for reactive programs LTL synthesis from specication is theoretical, not practical FRP tries to make specication closer to implementation There are some languages that implement FRP in various ad hoc ways The ideal is not (yet) reached Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 21 / 23
- 22. Abstract In my day job, most bugs come from imperatively implemented reactive programs. Temporal Logic and FRP are declarative approaches that promise to solve my problems. I will briey review the motivations behind and the connections between temporal logic and FRP. I propose a rather pedestrian approach to propositional linear-time temporal logic (LTL), showing how to perform calculations in LTL and how to synthesize programs from LTL formulas. I intend to explain why LTL largely failed to solve the synthesis problem, and how FRP tries to cope. FRP can be formulated as a λ-calculus with types given by the propositional intuitionistic LTL. I will discuss the limitations of this approach, and outline the features of FRP that are required by typical application programming scenarios. My talk will be largely self-contained and should be understandable to anyone familiar with Curry-Howard and functional programming. Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 22 / 23
- 23. Suggested reading E. Czaplicki, S. Chong. Asynchronous FRP for GUIs. (2013) E. Czaplicki. Concurrent FRP for functional GUI (2012). N. R. Krishnaswamy. https://www.mpi-sws.org/∼neelk/simple-frp.pdfHigher-order functional reactive programming without spacetime leaks(2013). M. F. Dam. Lectures on temporal logic. Slides: Syntax and semantics of LTL, A Hilbert-style proof system for LTL E. Bainomugisha, et al. A survey of reactive programming (2013). W. Jeltsch. Temporal logic with Until, Functional Reactive Programming with processes, and concrete process categories. (2013). A. Jerey. LTL types FRP. (2012). D. Marchignoli. Natural deduction systems for temporal logic. (2002). See Chapter 2 for a natural deduction system for modal and temporal logics. Sergei Winitzki (Versal Group Inc.) Temporal Logic and FRP April 25, 2014 23 / 23

Aucun clipboard public n’a été trouvé avec cette diapositive

Il semblerait que vous ayez déjà ajouté cette diapositive à .

Créer un clipboard

Soyez le premier à commenter