Temporal Logics for Multi-Agent Systems

This is an overview of an invited talk delivered during the 42nd International Conference on Mathematical Foundations of Computer Science (MFCS 2017). 1998 ACM Subject Classiﬁcation D.2.4 Software/Program Veriﬁcation, F.3.1 Specifying and Verifying and Reasoning about Programs, F.4.1 Mathematical Logic


1
Overview of the talk Temporal logics have been widely used in model checking over the last 40 years, as a formalism for reasoning about executions of computer systems. They are sufficiently powerful to specify most properties one may want to check of reactive systems, while enjoying reasonably-efficient verification algorithms [21,11,22,12,7,6]. Temporal logics and model checking have had a major impact in computer science (as witnessed by two Turing awards won by Pnueli in 1996, and by Clarke, Emerson and Sifakis in 2007), and have been applied in numerous industrial cases.
Several attempts have been made to extend temporal logics to multi-agent systems, where several components interact: while the Computation-Tree Logic (CTL) can only express the existence (or absence) of executions of the global system having certain properties, the aim here is to quantify over the possible behaviours of the individual components interacting in the system (be it in a collaborative or adversarial way).
In 1997, CTL has been extended into the Alternating-time Temporal Logic (ATL), with the introduction of strategy quantifiers [3,4]. In ATL, strategy quantifiers express the existence (or absence) of a behaviour of one of the agents (or of a coalition) so that any resulting execution in the global system satisfies a given property (notice in particular that such an existential quantification over strategies involves an implicit universal quantification over the resulting executions). The semantics of ATL formulas as defined in [4] is bottom-up: when evaluating a formula with nested strategy quantifiers, the innermost quantifiers are evaluated first. While this allows for efficient model-checking algorithms, this prevents strategic interactions: the innermost quantifier being evaluated first, it can be replaced with a fresh atomic proposition labelling those states where the subformula holds true.
During the 2000's, several adaptations of ATL have been proposed in order to introduce strategy interactions [23,24,1,20], until the development of a top-down semantics, storing selected strategies in a context for later interaction with other strategies [5,2,9,13]. This results in a much richer framework, suitable for expressing classical game-theoretic properties (such as the existence of Nash equilibria) and many extra properties mixing collaborative and adversarial interactions (such as the interactions between a server and several clients competing for accessing some shared resource). Such an expressiveness has a cost, and checking if a formula in ATL with strategy contexts holds in a given model is in k-EXPTIME, where k is the number of nested strategy quantifiers in the formula.
Simultaneously, an orthogonal approach has been defined and explored: it allows to manipulate strategies explicitly, quantifying over them and assigning them to agents [10,19,17]. The resulting logic, called Strategy Logic (SL), has similar algorithmic properties as ATL with strategy contexts [17,16,15], but allows for even more expressive power (e.g., strategies can be revoked and applied again later, or two players can follow the same strategy). However, recent works have shown that slight natural variations in the semantics of SL may have significant impact both on the algorithmics and on the expressiveness of the logic [18,8,14].
During this talk, we survey these results, giving a uniform presentation of the verification and expressiveness results for those logics and their semantic variants.