: ''This article describes Kripke structures as used in model checking. For a more general description, see Kripke semantics''. A Kripke structure is a variation of the

transition system In theoretical computer science, a transition system is a concept used in the study of computation. It is used to describe the potential behavior of discrete systems. It consists of states and transitions between states, which may be labeled wit ...

, originally proposed by

Saul Kripke Saul Aaron Kripke (; November 13, 1940 – September 15, 2022) was an American philosopher and logician in the analytic tradition. He was a Distinguished Professor of Philosophy at the Graduate Center of the City University of New York and eme ...

, used in

model checking In computer science, model checking or property checking is a method for checking whether a finite-state model of a system meets a given specification (also known as correctness). This is typically associated with hardware or software system ...

to represent the behavior of a system. It consists of a

graph Graph may refer to: Mathematics *Graph (discrete mathematics), a structure made of vertices and edges **Graph theory, the study of such graphs and their properties *Graph (topology), a topological space resembling a graph in the sense of discre ...

whose nodes represent the reachable states of the system and whose edges represent state transitions, together with a labelling function which maps each node to a set of properties that hold in the corresponding state.

Temporal logic In logic, temporal logic is any system of rules and symbolism for representing, and reasoning about, propositions qualified in terms of time (for example, "I am ''always'' hungry", "I will ''eventually'' be hungry", or "I will be hungry ''until'' I ...

s are traditionally interpreted in terms of Kripke structures.

Formal definition

Let be a set of ''atomic propositions'', i.e. boolean expressions over variables, constants and predicate symbols. Clarke et al. define a Kripke structure over as a

4-tuple In mathematics, a tuple is a finite ordered list (sequence) of elements. An -tuple is a sequence (or ordered list) of elements, where is a non-negative integer. There is only one 0-tuple, referred to as ''the empty tuple''. An -tuple is defi ...

consisting of * a

finite set In mathematics, particularly set theory, a finite set is a set that has a finite number of elements. Informally, a finite set is a set which one could in principle count and finish counting. For example, :\ is a finite set with five elements. ...

of states . * a set of initial states . * a transition relation such that is left-total, i.e., such that . * a labeling (or ''interpretation'') function . Since is left-total, it is always possible to construct an infinite path through the Kripke structure. A

deadlock In concurrent computing, deadlock is any situation in which no member of some group of entities can proceed because each waits for another member, including itself, to take action, such as sending a message or, more commonly, releasing a lo ...

state can be modeled by a single outgoing edge back to itself. The labeling function defines for each state the set of all atomic propositions that are valid in . A ''path'' of the structure is a sequence of states such that for each , holds. The ''word'' on the path is a sequence of sets of the atomic propositions , which is an ω-word over alphabet . With this definition, a Kripke structure (say, having only one initial state may be identified with a Moore machine with a singleton input alphabet, and with the output function being its labeling function.

Example

Let the set of atomic propositions . and can model arbitrary boolean properties of the system that the Kripke structure is modelling. The figure at right illustrates a Kripke structure , where * . * . * . * . may produce a path and is the execution word over the path . can produce execution words belonging to the language .

Relation to other notions

Although this terminology is widespread in the model checking community, some textbooks on model checking do not define "Kripke structure" in this extended way (or at all in fact), but simply use the concept of a (labelled)

, which additionally has a set of actions, and the transition relation is defined as a subset of , which they additionally extend to include a set of atomic propositions and a labeling function for the states as well ( as defined above.) In this approach, the binary relation obtained by abstracting away the action labels is called a state graph. Clarke et al. redefine a Kripke structure as a set of transitions (instead of just one), which is equivalent to the labeled transitions above, when they define the semantics of modal μ-calculus.Clarke et al. p. 98

References

{{Reflist Model checking Temporal logic Transition systems

Formal definition

Example

Relation to other notions

See also

References