Axiomatization and computability of a variant of iteration-free PDL with fork

HAL Id: hal-02378379

https://hal.archives-ouvertes.fr/hal-02378379

Submitted on 25 Nov 2019

HAL is a multi-disciplinary open access

archive for the deposit and dissemination of

sci-entific research documents, whether they are

pub-lished or not. The documents may come from

teaching and research institutions in France or

abroad, or from public or private research centers.

L’archive ouverte pluridisciplinaire HAL, est

destinée au dépôt et à la diffusion de documents

scientifiques de niveau recherche, publiés ou non,

émanant des établissements d’enseignement et de

recherche français ou étrangers, des laboratoires

publics ou privés.

Axiomatization and computability of a variant of

iteration-free PDL with fork

Philippe Balbiani, Joseph Boudou

To cite this version:

Philippe Balbiani, Joseph Boudou. Axiomatization and computability of a variant of iteration-free

PDL with fork. Journal of Logic and Algebraic Methods in Programming, Elsevier, 2019, 108,

pp.47-68. �10.1016/j.jlamp.2019.06.004�. �hal-02378379�

Any correspondence concerning this service should be sent

to the repository administrator:

tech-oatao@listes-diff.inp-toulouse.fr

This is an author’s version published in:

http://oatao.univ-toulouse.fr/24762

To cite this version:

Balbiani, Philippe and Boudou, Joseph

Axiomatization and computability of a variant of iteration-free PDL with

fork. (2019) Journal of Logical and Algebraic Methods in Programming,

108. 47-68. ISSN 2352-2208

Official URL

DOI :

https://doi.org/10.1016/j.jlamp.2019.06.004

Open Archive Toulouse Archive Ouverte

OATAO is an open access repository that collects the work of Toulouse

researchers and makes it freely available over the web where possible

Axiomatization

and

computability

of

a

variant

of

iteration-free

PDL with

fork

Philippe

Balbiani,

Joseph

Boudou

InstitutderechercheeninformatiquedeToulouse,CNRS,UniversitédeToulouse,France

a b s t r a c t Keywords: Iteration-freePDL Fork Axiomatization Completeness 0 0

WedevotethispapertotheaxiomatizationandthecomputabilityofPDL1,avariant ofiteration-freePDL with

fork.Concerningtheaxiomatization,ourresults are basedon thefollowing:althoughtheprogramoperationof fork is not modally definable in the ordinary language of PDL, it becomes definable in a modal language strengthened by the introduction of propositional quantifiers. Instead ofusing axioms to definethe program operationofforkinthelanguageofPDL enlargedwithpropositionalquantifiers, weadd anunorthodoxruleof proof thatmakesthe canonicalmodel standardfor theprogram operationofforkand we use largeprograms for theproofoftheTruthLemma.Concerning thecomputability,weprovebyaselection procedurethatPDL1

hasastrongfinite property,henceisdecidable.

1. Introduction

Propositional dynamic logic (PDL) is an applied non-classical logic designed for reasoning about the behavior of pro-grams [10]. The definition of its syntax is based on the idea of associating with each program

α

of some programming languagethemodaloperator[

α

],formulasoftheform[

α

]φ beingread“everyexecutionoftheprogram

α

fromthepresent stateleadstoastatebearingtheformulaφ”.CompletenessandcomplexityresultsforthestandardversionofPDL inwhich programs are built up from program variables and tests by means of the operations of composition, union and iteration are given in [15,16]. A number of interesting variants have been obtained by extending or restricting the syntax or the semantics ofPDL indifferentways [7,9,14,19].

Some of these variants extend theordinary semantics of PDL by considering sets W ofstates structuredby means of a function⋆from theset ofallpairs ofstatesinto theset ofallstates [5,11–13]: thestate x istheresultofapplying the function⋆tothestates y,z ifftheinformationconcerningx canbeseparatedinafirstpartconcerning y andasecondpart concerning z. The binaryfunction⋆considered in [5,11] hasitsoriginin theadditionof anextrabinaryoperationof fork denoted ∇ inrelationalgebras: in [5,Section 2], wheneverx and y arerelated via R and z andt arerelated via S,states in x⋆z andstatesin y⋆t are relatedvia R∇S whereasin [11,Chapter 1],wheneverx and y are relatedvia R andx and z

arerelatedvia S,x andstatesin y⋆z arerelatedvia R∇S.

This addition offork in relation algebrasgives rise to a variant of PDL which includes the program operation of fork denoted 1.Inthisvariant, forallprograms

α

and β,onecanusethemodaloperator [

α

1β],formulasoftheform[

α

1β]φ being read“everyexecutioninparalleloftheprograms

α

andβ fromthepresentstateleadstoastatebearingtheformula φ”.Thebinaryoperationoffork∇ consideredinBenevides et al. [5,Section 2] givesrisetoPRSPDL,avariantofPDL with

E-mailaddress: philippe.balbiani@irit.fr (P. Balbiani). https://doi.org/10.1016/j.jlamp.2019.06.004

fork whoseaxiomatization hasbeen given in [2].Inthispaper,weattacktheproblemofaxiomatizing anddecidingPDL1₀, a variantofiteration-free PDL with forkwhose semanticsis basedon theinterpretationofthebinary operationoffork ∇ consideredinFrias [11,Chapter 1].

The difficulty in axiomatizing PRSPDL or PDL1

0 originates in the fact that the program operations of fork considered

above are not modally definable in the ordinary language of PDL. We overcome this difficulty by means of tools and techniques developedin [1,3,4].Ourresults arebasedon thefollowing:althoughfork isnot modallydefinable,itbecomes definable in a modal language strengthened by the introduction of propositional quantifiers. Instead of using axioms to definetheprogramoperationofforkinthelanguageofPDL enlargedwithpropositionalquantifiers,weaddanunorthodox ruleofproofthatmakesthecanonicalmodelstandardfortheprogramoperationofforkandweuselargeprogramsforthe proof oftheTruthLemma.

The difficulty in deciding PRSPDL or PDL1₀ originatesin the semantics of thefork. For instance, in a tableau method, some successors of the current state must be considered together, because they will later be composed by the binary function ⋆. Moreover, in PDL1

0,an additional layerof complexity arisesby thefact that thebinary modalities ◦, ⊲ and ⊳

are somehowthe inverses of eachother. To overcomeallthese difficulties,we provea strong finitemodel propertyusing a selection procedure which, given a pointed model satisfying a formula,selects the statesneeded bythe formula to be satisfied. Weprovethatthisprocedureterminatesinacomputabledeterministictime.

Wewillfirstpresentthesyntax(Section2)and thesemantics(Section3)ofPDL1

0 andcontinuewithresultsconcerning

theexpressivityofPDL1

0 (Section4),theaxiomatization/completenessofPDL01(Sections5and6)andthe

decidability/com-plexityofPDL1

0 (Section7).Weassumethereaderisathomewithtoolsand techniquesinmodallogicanddynamiclogic.

For moreonthis,see [6,15].TheproofsofsomeofourresultscanbefoundintheAnnex.

2. Syntax

ThissectionpresentsthesyntaxofPDL1₀.As usual,wewillfollowthestandardrulesforomissionoftheparentheses.

Definition. Theset PRG ofallprograms andthesetFRM ofallformulasareinductivelydefined asfollows:

•

α

,β ::=a| (

α

;β)| (

α

1β)| φ?;

• φ,ψ ::=p| ⊥| ¬φ | (φ ∨ ψ)| [

α

]φ | (φ ◦ ψ)| (φ ⊲ ψ)| (φ ⊳ ψ);

wherea rangesoveracountablyinfinite setofprogramvariablesand p rangesoveracountablyinfinitesetofpropositional variables.

Wewill use

α

,β,. . . for programs and φ,ψ,. . .for formulas.The other Booleanconstructs for formulas aredefined as usual. Anumberofother modalconstructs forformulascanbedefined intermsoftheprimitive onesasfollows.

Definition. Themodalconstructsforformulas h·i·,(·¯◦·), (· ¯⊲·)and(· ¯⊳·)aredefinedasfollows:h

α

iφ ::= ¬[

α

]¬φ;(φ ¯◦ψ )::= ¬(¬φ ◦ ¬ψ);(φ ¯⊲ψ )::= ¬(¬φ ⊲ ¬ψ);(φ ¯⊳ψ )::= ¬(¬φ ⊳ ¬ψ).Moreover,forallformulas φ,letφ0::= ¬φ and φ1::= φ.

It iswell worthnoting that programs and formulas arefinite stringsof symbols comingfrom acountable alphabet.It follows that thereare countably many programs and countably many formulas.The construct ·;· comes from theclassof algebras ofbinaryrelations [20]: theprogram

α

;β firstlyexecutes

α

and secondlyexecutesβ.As for theconstruct·1·,it comes fromtheclassofproper forkalgebras [11,Chapter 1]: theprogram

α

1β performsakindofparallelexecutionof

α

and β.The construct[·]·comes fromthe languageofPDL [10,15]:theformula [

α

]φ saysthat “everyexecutionof

α

from the presentstate leadsto astatebearingtheinformation φ”.As for theconstructs ·◦ ·,·⊲ · and ·⊳ ·, theycomefromthe languageofconjugatedarrowlogic [8,18]:theformulaφ ◦ ψ saysthat “thepresentstateisacombinationofstatesbearing theinformation φ andψ”,theformulaφ ⊲ ψ says that “thepresent statecanbecombined toitsleftwith astatebearing the informationφ givingusastatebearingtheinformation ψ” andtheformula φ ⊳ ψ saysthat “the present statecanbe combinedtoitsrightwithastatebearingtheinformationψ givingusastatebearingtheinformationφ”.

Example.The formula [a1b](p◦q) says that “the parallel execution of a andb from the present state always leads to a stateresulting fromthecombinationofstatesbearingtheinformation p andq”.

Obviously, programs are built up from program variables and tests by means of the constructs ·;· and ·1·. Let

α

(φ1?,. . . ,φn?) be a program with (φ1?,. . . ,φn?) a sequence of some of its tests. The result of the replacement of φ1?,. . . ,φn? intheirplaces withothertestsψ1?,. . . ,ψn? isanotherprogramwhichwillbedenoted

α

(ψ1?,. . . ,ψn?).Now, weintroducethefunction f fromtheset ofallprogramsintoitselfdefined asfollows.

• f(a)=a;

• f(

α

;β)= f(

α

);⊤?;f(β);

• f(

α

1β)= (f(

α

);⊤?)1(f(β);⊤?); • f(φ?)= φ?.

Example.If

α

=a1b, f(

α

)= (a;⊤?)1(b;⊤?).

The function f will be used later in our axiomatization and in our completeness proof of PDL1₀. Now, we introduce parametrizedactionsandadmissible forms.

Definition.Theset ofallparametrizedactionsand theset ofalladmissibleformsareinductivelydefined asfollows:

• ˘

α

,β ::= ( ˘˘

α

;β)| (

α

;β)˘ | ( ˘

α

1β)| (

α

1 ˘β)| ¬ ˘φ?;

• ˘φ,ψ ::= ♯˘ | [ ˘

α

]⊥| ( ˘φ ¯◦ψ )| (φ ¯◦ ˘ψ )| ( ˘φ ¯⊲ψ )| (φ ¯⊲ ˘ψ )| ( ˘φ ¯⊳ψ )| (φ ¯⊳ ˘ψ );

where ♯isanewpropositionalvariable,

α

,β rangeoverPRG andφ,ψ rangeover FRM.

We will use

α

˘,β,˘ . . . for parametrized actions and φ,˘ ψ ,˘ . . . for admissible forms. It is well worth noting that parametrized actionsand admissible forms arefinitestringsof symbolscomingfrom acountable alphabet.Itfollowsthat there are countably many parametrized actions and countably many admissible forms. Remark that in each parametrized action

α

˘, ♯ has a uniqueoccurrence. The result ofthe replacement of♯ in itsplacein

α

˘ with aformula ψ is aprogram which willbedenoted

α

˘(ψ ).As well,remarkthat ineachadmissibleform φ˘,♯ has auniqueoccurrence.Theresultofthe replacement of♯initsplaceinφ˘ withaformulaψ isaformulawhichwillbedenotedφ(ψ ).˘

Example.Forallprograms

α

,

α

;¬[¬♯?]⊥? isaparametrizedactionwhereasforallformulasφ,φ ¯◦[¬♯?]⊥isanadmissible form. The resultofthereplacement of ♯ initsplacein

α

;¬[¬♯?]⊥? witha formulaψ istheprogram

α

;¬[¬ψ?]⊥?. The resultofthereplacementof♯ initsplaceinφ ¯◦[¬♯?]⊥withaformulaψ istheformulaφ ¯◦[¬ψ?]⊥.

3. Semantics

OurtaskisnowtopresentthesemanticsofPDL1

0.

Definition.A frame is a 3-tuple F_{= (}W,R,⋆) where W is anonempty set of states, R isa function from theset ofall program variablesintothe set ofallbinaryrelations betweenstatesand ⋆is afunctionfrom theset ofallpairs ofstates intothesetofallsetsofstates.

Wewillusex,y,. . .for states.The set W ofstatesinaframe F_{= (}W,R,⋆)isto beregardedastheset ofallpossible states in a computation process. The function R from the set of allprogram variables into theset of allbinary relations betweenstatesassociateswitheachprogramvariablea thebinaryrelationR(a)on W withxR(a)y meaningthat“ y canbe reachedfrom x byperforming programvariablea”.The function⋆ fromthesetofallpairsofstatesinto theset ofallsets ofstatesassociateswitheachpair(x,y) ofstatesthesubsetx⋆y of W with z∈x⋆y meaningthat “z isacombinationof

x and y”.

Definition.AmodelontheframeF_{= (}W,R,⋆)isa4-tupleM_{= (}W,R,⋆,V) whereV isavaluationonF,i.e.afunction fromthesetofallpropositionalvariablesintotheset ofallsetsofstates.

In the model M_{= (}W,R,⋆,V), thevaluation V associates with each propositional variable p the subset V(p) of W

with x∈V(p)meaningthat“propositionalvariablep istrueatstate x inM”.Wenowdefinetheproperty“state y canbe reached fromstate x by performingprogram

α

in M” —in symbolsxRM(

α

)y —and theproperty “formula φ is trueat

state x inM” —insymbolsx∈VM(φ).

Definition.InmodelM= (W,R,⋆,V), RM:

α

7→RM(

α

)⊆W×W andVM: φ 7→VM(φ)⊆W areinductivelydefined

asfollows:

• xRM(a)y iff xR(a)y;

• xRM(

α

;β)y iffthereexists z∈W suchthat xRM(

α

)z andzRM(β)y;

• xRM(

α

1β)y iffthereexistsz,t∈W suchthat xRM(

α

)z,xRM(β)t and y∈z⋆t;

• xRM(φ?)y iff x=y and y∈VM(φ);

• x∈/VM(⊥);

• x∈VM(¬φ)iffx∈/VM(φ);

• x∈VM(φ ∨ ψ )iffeitherx∈VM(φ),orx∈VM(ψ );

• x∈VM([

α

]φ)iffforall y∈W ,if xRM(

α

)y, y∈VM(φ);

• x∈VM(φ ◦ ψ )iffthereexists y,z∈W suchthatx∈y⋆z, y∈VM(φ)and z∈VM(ψ );

• x∈VM(φ ⊲ ψ )iffthereexists y,z∈W suchthat z∈y⋆x, y∈VM(φ)and z∈VM(ψ );

• x∈VM(φ ⊳ ψ )iffthereexists y,z∈W suchthat y∈x⋆z, y∈VM(φ)and z∈VM(ψ ).

Itfollowsthat

Proposition1.LetM_{= (}W,R,⋆,V)beamodel.Forallx∈W ,wehave:x∈VM(h

α

iφ)iffthereexistsy∈W suchthatxRM(

α

)y

andy∈VM(φ);x∈VM(φ ¯◦ψ )iffforally,z∈W ,ifx∈y⋆z,eithery∈VM(φ),orz∈VM(ψ );x∈VM(φ ¯⊲ψ )iffforally,z∈W ,

ifz∈y⋆x,eithery∈VM(φ),orz∈VM(ψ );x∈VM(φ ¯⊳ψ )iffforally,z∈W ,ify∈x⋆z,eithery∈VM(φ),orz∈VM(ψ ).

Example.LetM_{= (}W,R,⋆,V)bethemodeldefined by:

• W= {x,y,z,t};

• R(a)= {(x,y)}, R(b)= {(x,z)},otherwise R is theemptyfunction; • y⋆z= {t},otherwise⋆istheemptyfunction;

• V(p)= {y}, V(q)= {z},otherwise V istheemptyfunction.

Obviously, xRM(a1b)t andt∈VM(p◦q).Hence,x∈VM(ha1bi(p◦q)).

We now definethe property“state z can bereachedfrom state x by performing parametrizedaction

α

˘ via state y in

M” —insymbols xR˘M( ˘

α

,y)z —and theproperty“admissible form φ˘ is trueatstate x via state y inM” — insymbols

x∈ ˘VM( ˘φ,y).

Definition. In model M_{= (}W,R,⋆,V), R˘M: ( ˘

α

,y)7→ ˘RM( ˘

α

,y)⊆W ×W and V˘M: ( ˘φ,y)7→ ˘VM( ˘φ,y)⊆W are

inductivelydefined asfollows:

• xR˘M( ˘

α

;β,y)z iffthereexistst∈W suchthat xR˘M( ˘

α

,y)t andt RM(β)z;

• xR˘M(

α

;β,˘ y)z iffthereexistst∈W suchthat xRM(

α

)t andtR˘M( ˘β,y)z;

• xR˘M( ˘

α

1β,y)z iffthereexistst,u∈W suchthatxR˘M( ˘

α

,y)t,xRM(β)u and z∈t⋆u;

• xR˘M(

α

1 ˘β,y)z iffthereexistst,u∈W suchthat xRM(

α

)t,xR˘M( ˘β,y)u andz∈t⋆u;

• xR˘M(¬ ˘φ?,y)z iffx=z andz∈ ˘VM( ˘φ,y);

• x∈ ˘VM(♯,y) iffx=y;

• x∈ ˘VM([ ˘

α

]⊥,y)iffthereexists z∈W suchthatxR˘M( ˘

α

,y)z;

• x∈ ˘VM( ˘φ ¯◦ψ,y)iffthereexistsz,t∈W suchthat x∈z⋆t,z∈ ˘VM( ˘φ,y) andt∈/VM(ψ );

• x∈ ˘VM(φ ¯◦ ˘ψ ,y)iffthereexists z,t∈W suchthat x∈z⋆t,z∈/VM(φ)andt∈ ˘VM( ˘ψ ,y);

• x∈ ˘VM( ˘φ ¯⊲ψ,y)iffthereexists z,t∈W suchthatt∈z⋆x,z∈ ˘VM( ˘φ,y)andt∈/VM(ψ );

• x∈ ˘VM(φ ¯⊲ ˘ψ ,y) iffthereexists z,t∈W suchthat t∈z⋆x, z∈/VM(φ)andt∈ ˘VM( ˘ψ ,y);

• x∈ ˘VM( ˘φ ¯⊳ψ,y)iffthereexists z,t∈W suchthatz∈x⋆t,z∈ ˘VM( ˘φ,y)andt∈/VM(ψ );

• x∈ ˘VM(φ ¯⊳ ˘ψ ,y) iffthereexists z,t∈W suchthat z∈x⋆t, z∈/VM(φ)andt∈ ˘VM( ˘ψ ,y).

Itfollowsthat

Proposition2.LetM_{= (}W,R,⋆,V)beamodel.Letψbeaformula.Let

α

˘ beaparametrizedaction.Forallx,z∈W ,thefollowing conditionsareequivalent:xRM( ˘

α

(ψ ))z;thereexists y∈W suchthatxRM( ˘

α

,y)z andy∈/VM(ψ ).Letφ˘beanadmissibleform.

Forallx∈W ,thefollowingconditionsareequivalent:x∈VM( ˘φ(ψ ));forally∈W ,ifx∈VM( ˘φ,y),y∈VM(ψ ).

Theconceptofvalidityisdefined intheusualwayasfollows.

Definition. Weshall saythat aformulaφ isvalidinamodel M,insymbolsM|= φ,iff VM(φ)=W . Aformulaφ issaid

to bevalid inaframeF,insymbolsF_{|= φ,}iffforallmodelsMon F,M_{|= φ.}Weshallsaythataformulaφ isvalidin aclassC offrames,insymbolsC_{|= φ,}iffforallframesF inC,F_{|= φ.}

Definition.AframeF= (W,R,⋆)issaidtobeseparatediffforallx,y,z,t,u∈W ,ifu∈x⋆y andu∈z⋆t,x=z and y=t.

We shall say that a frame F_{= (}W,R,⋆) is deterministic iff for allx,y,z,t∈W , if z∈x⋆y and t∈x⋆y, z=t.A frame F_{= (}W,R,⋆) issaidtobeserialiffforallx,y∈W ,thereexistsz∈W suchthat z∈x⋆y.

Inseparatedframes,thereisatmostonewaytodecomposeagiven state;indeterministicframes,thereisatmostone way tocombine twogiven states; inserialframes, itisalways possibleto combinetwo given states.Frias [11, Chapter 1] only considersseparated,deterministicand serialframes.Herearesome validformulasandadmissible rulesofproof.

Proposition3(Validity).Thefollowingformulasarevalidintheclassofallframes:

(A1) [

α

](φ → ψ)→ ([

α

]φ → [

α

]ψ);

(A2) h

α

;βiφ ↔ h

α

ihβiφ;

(A3) h

α

1βiφ → h

α

i((φ ∧ ψ)⊳ ⊤)∨ hβi(⊤⊲ (φ ∧ ¬ψ));

(A4) hφ?iψ ↔ φ ∧ ψ; (A5) (φ → ψ )¯◦

χ

→ (φ ¯◦

χ

→ ψ ¯◦

χ

); (A6) φ ¯◦(ψ →

χ

)→ (φ ¯◦ψ → φ ¯◦

χ

); (A7) (φ → ψ ) ¯⊲

χ

→ (φ ¯⊲

χ

→ ψ ¯⊲

χ

); (A8) φ ¯⊲(ψ →

χ

)→ (φ ¯⊲ψ → φ ¯⊲

χ

); (A9) (φ → ψ ) ¯⊳

χ

→ (φ ¯⊳

χ

→ ψ ¯⊳

χ

); (A10) φ ¯⊳(ψ →

χ

)→ (φ ¯⊳ψ → φ ¯⊳

χ

); (A11) φ ◦ ¬(φ ⊲ ¬ψ )→ ψ; (A12) φ ⊲ ¬(φ ◦ ¬ψ )→ ψ; (A13) ¬(¬φ ⊳ ψ )◦ ψ → φ; (A14) ¬(¬φ ◦ ψ )⊳ ψ → φ; (A15) [(

α

;φ?)1(β;ψ?)](φ ◦ ψ );

(A16) h

α

(φ?)iψ → h

α

((φ ∧

χ

)?)iψ ∨ h

α

((φ ∧ ¬

χ

)?)iψ;

(A17) hf(

α

)iφ ↔ h

α

iφ.

Proposition4(Validity).Thefollowingformulaisvalidintheclassofallseparatedframes:

(A18) p◦q→ (p¯◦⊥)∧ (⊥¯◦q).

Proposition5(Admissibility).Thefollowingrulesofproofpreservevalidityintheclassofallframes:

(MP) fromφandφ → ψ,inferψ;

(N) fromφ,infer[

α

]φ;fromφ,inferφ ¯◦ψ;fromφ,inferψ ¯◦φ.

(A1) is thedistribution axiom ofPDL, (A2) is thecomposition axiom,(A4) isthe test axiom,(A5)–(A10) are the dis-tributionaxioms ofconjugatedarrowlogicand (A11)–(A14) arethetenseaxioms ofconjugatedarrowlogicwhereas(A3) and (A15)–(A18)areaxiomsconcerningspecificpropertiesoftheprogramoperationofforkortheconstructs·◦ ·,·⊲ ·and · ⊳ ·. (MP) isthemodus ponensrule ofproof and (N) isthe necessitationrule ofproof. They areprobably familiarto the reader.Asforthefollowingruleofproof,itconcernsspecificpropertiesoftheprogramoperationofforkandtheconstructs · ⊲ · and·⊳ ·.

Proposition6(Admissibility).Thefollowingruleofproofpreservesvalidityintheclassofallseparatedframes:

(FOR) from{ ˘φ(h

α

i((ψ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (ψ ∧ ¬p))): p isapropositionalvariable},inferφ(h˘

α

1βiψ ).

Proof. Suppose that for allpropositional variables p, φ(h˘

α

i((ψ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (ψ ∧ ¬p))) isvalid inthe class ofall separatedframes.Supposeφ(h˘

α

1βiψ )isnotvalidintheclassofallseparatedframes.Hence,thereexistsaseparatedmodel M_{= (}W,R,⋆,V) and there exists x∈W suchthat x∈/VM( ˘φ(h

α

1βiψ )). ByProposition 2,there exists y∈W such that

x∈ ˘VM( ˘φ,y) and y∈/VM(h

α

1βiψ ). Let p be a propositional variable notoccurring inφ,˘

α

,β,ψ and V′: q7→V′(q)⊆

W be such that V′∼pV and V′(p)= {z: there exists t,u∈W such that y RM(β)u and z∈t⋆u}. Since x∈ ˘VM( ˘φ,y),

x∈ ˘V₍W,R,⋆,V′₎( ˘φ,y).Sinceforallpropositionalvariables p,φ(h˘

α

i((ψ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (ψ ∧ ¬p)))isvalidintheclassof allseparatedframesand M isseparated, x∈V₍W,R,⋆,V′₎( ˘φ(h

α

i((ψ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (ψ ∧ ¬p)))).ByProposition2,since

x∈ ˘V₍W,R,⋆,V′₎( ˘φ,y), y∈V_(W,R,⋆,V′₎(h

α

i((ψ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (ψ ∧ ¬p))). Thus,either y∈V_(W,R,⋆,V′₎(h

α

i((ψ ∧p)⊳ ⊤)), or y∈V₍W,R,⋆,V′₎(hβi(⊤⊲ (ψ ∧ ¬p))).

Case y∈V₍W,R,⋆,V′₎(h

α

i((ψ ∧p)⊳ ⊤)). Hence, thereexists z∈W such that y R_(W,R,⋆,V′₎(

α

)z and z∈V_(W,R,⋆,V′₎((ψ ∧

exists v,w∈W suchthat y RM(β)w andt∈v⋆w.Sincet∈z⋆u andMisseparated, w=u.Sincey RM(β)w,y RM(β)u.

Since p doesnotoccurin

α

, V′∼pV and y R(W,R,⋆,V′₎(

α

)z, y R_M(

α

)z. Since y R_M(β)u andt∈z⋆u, y R_M(

α

1β)t.Since p doesnotoccurinψ, V′∼pV andt∈V(W,R,⋆,V′₎(ψ ),t∈V_M(ψ ).Since y R_M(

α

_1β)t, y∈V_M(h

α

1βiψ ):acontradiction.

Case y∈V₍W,R,⋆,V′₎(hβi(⊤⊲(ψ ∧ ¬p))).Hence,thereexistsz∈W suchthat y R_(W,R,⋆,V′₎(β)z andz∈V_(W,R,⋆,V′₎(⊤⊲(ψ ∧ ¬p)).Thus,thereexistst,u∈W suchthat u∈t⋆z andu∈V₍W,R,⋆,V′₎(ψ ∧ ¬p).Therefore,forallv,w∈W ,if y RM(β)w,

u∈/v⋆w.Sinceu∈t⋆z, not y RM(β)z.Since p doesnotoccurinβ and V′∼pV ,not y R(W,R,⋆,V′₎(β)z:acontradiction. ⊣

Thereisanimportantpointweshouldmake: (FOR)isaninfinitaryruleofproof,i.e.ithas aninfiniteset offormulasas preconditions. Insomeways, itissimilartotheruleforintersectionfrom [3,4].

4. Expressivity

ThissectionstudiestheexpressivityofPDL1

0.

Definition. LetC beaclassofframes. WeshallsaythatC ismodallydefinablebytheformulaφ ifffor allframes F, F is inC iffF|= φ.

Thefollowingpropositionsshowelementaryclassesofframesthat aremodallydefinable.

Proposition7.Theelementaryclassesofframesdefinedbythefirst-ordersentencesinthehereundertablearemodallydefinableby theassociatedformulas.

1. ∀x∃y y∈x⋆x h⊤?1⊤?i⊤ 2. ∀x∀y∀z(y∈x⋆x∧z∈x⋆x→y=z) h⊤?1⊤?ip→ [⊤?1⊤?]p 3. ∀x∀y(y∈x⋆x→x∈x⋆y) p→ [⊤?1⊤?](p⊲p) 4. ∀x∀y(y∈x⋆x→x∈y⋆x) p→ [⊤?1⊤?](p⊳p) 5. ∀x∀y∀z(z∈x⋆y↔z∈y⋆x) p◦q↔q◦p 6. ∀x∃y∃z x∈y⋆z ⊤ ◦ ⊤ 7. ∀x∃y∃z y∈z⋆x ⊤ ⊲ ⊤ 8. ∀x∃y∃z z∈x⋆y ⊤ ⊳ ⊤ 9. ∀x∀y∀z∀t(t∈ (x⋆y) ⋆z↔t∈x⋆ (y⋆z)) (p◦q) ◦r↔p◦ (q◦r) 10. ∀x∀y∀z x∈/y⋆z ⊥¯◦⊥

Proposition8.Theclassofallseparatedframesismodallydefinablebytheformulap◦q→ (p¯◦⊥)∧ (⊥¯◦q).

Thefollowingpropositionshowsanelementaryclassofframesthatisnotmodallydefinable.

Proposition9.Theclassofalldeterministicframesisnotmodallydefinable.

Asfortheclassofallserialframes,

Proposition10.Theclassofallserialframesisnotmodallydefinable.

Inotherrespect,theformulahφ?iψ ↔ φ ∧ ψ,beingvalidintheclassofallframes,seemstoindicatethatforallformulas, thereexistsanequivalenttest-freeformula.Itisinterestingtoobservethatthisassertionisfalse.

Proposition11.Foralltest-freeformulasφ,h⊤?1⊤?i⊤↔ φisnotvalidintheclassofallseparateddeterministicframes.

The following proposition illustratesthe fact that the programoperation offork cannot bedefined from the fork-free fragmentofthelanguage.

Proposition 12.Leta beaprogram variable.For allfork-freeformulasφ, ha1ai⊤↔ φ isnotvalidinthe classofallseparated deterministicframes.

Thefollowingpropositionillustratesthefactthat, inthepresenceofpropositionalquantifiers,theprogramoperationof forkbecomesdefinablefromthefork-freefragmentofthelanguageintheclassofallseparatedframes.

Proposition13.LetM= (W,R,⋆,V)beaseparatedmodelandx∈W .Foralladmissibleformsφ˘,forallprograms

α

,β,forall formulasψ andforallpropositionalvariablesp,ifp doesnotoccurinφ,˘

α

,β,ψ,thefollowingconditionsareequivalent:(1)x∈

VM( ˘φ(h

α

1βiψ ));(2)forallV′: q7→V′(q)⊆W ,ifV′∼pV ,x∈V(W,R,⋆,V′_{)( ˘φ(h}

α

i((ψ ∧p₎⊳ ⊤)∨ hβi(⊤⊲ (ψ ∧ ¬p₎₎₎₎.

Proof. (1)→ (2).ByProposition2.Lefttothereader. (2) → (1).SimilartotheproofofProposition6. ⊣

Moreprecisely,inthepresenceofpropositionalquantifiers,theformulash

α

1βiφand∀p(h

α

i((φ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (φ ∧ ¬p)))arelogicallyequivalentintheclassofallseparatedframes.Theimplicationh

α

1βiφ → ∀p(h

α

i((φ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (φ ∧ ¬p)))canbeexpressedwithoutpropositionalquantifiersbyformulas:h

α

1βiφ → h

α

i((φ ∧ ψ)⊳ ⊤)∨ hβi(⊤⊲ (φ ∧ ¬ψ))). See axiom (A3) in Proposition 3. As for the implication ∀p(h

α

i((φ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (φ ∧ ¬p)))→ h

α

1βiφ, it can be expressedbyaruleofproof.Thesimplestformofsucharuleofproofis:from{h

α

i((φ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (φ ∧ ¬p)): p is

apropositionalvariable},inferh

α

1βiφ.SeeProposition6.

In PRSPDL, the variant of PDL introduced by Benevides et al. [5], storing and recovering programs are considered. Within our context, let us momentarily add to the syntax the programs s1, s2, r1 and r2 with intended semantics in a

model M_{= (}W,R,⋆,V) definedasfollows:

• xRM(s1)y iffthereexists z∈W suchthat y∈x⋆z;

• xRM(s2)y iffthereexists z∈W suchthat y∈z⋆x;

• xRM(r1)y iffthereexistsz∈W suchthat x∈y⋆z;

• xRM(r2)y iffthereexistsz∈W suchthat x∈z⋆y.

Thefollowingpropositionsillustratethefactthat theprograms s1, s2,r1and r2 cannotbedefinedfromourlanguage.

Proposition14.Leti∈ {1,2}.Forallsi-freeformulasφ,hsi1sii⊤↔ φisnotvalidintheclassofallseparatedframes.

Proof. We onlyconsiderthecasei=1.Suppose thereexists aformulaφ inourlanguagesuchthat hs11s1i⊤↔ φ isvalid

intheclassofallseparatedframes.LetM_{= (}W,R,⋆,V)and M′_{= (}W′,R′,⋆′,V′) bethemodelsdefinedby • W= {x,y1,y2,z1,z2,t1,t2},

• R istheemptyfunction,

• x⋆y1= {z1},x⋆y2= {z2}, z1⋆z2= {t1},z2⋆z1= {t2},otherwise ⋆istheemptyfunction,

• V is theemptyfunction,

• W′= {x′₁,x′₂,y′₁,y₂′,z′₁,z′₂,t′₁,t′₂}, • R′ _{istheemptyfunction,}

• x′

1⋆′y′1= {z′1},x′2⋆′y′2= {z′2}, z′1⋆′z′2= {t1′}, z′2⋆′z′1= {t′2},otherwise⋆′ istheemptyfunction,

• V′ istheemptyfunction.

Clearly, x∈VM(hs11s1i⊤) but x′1∈/VM′(hs₁1s₁i⊤). Hence,since hs₁1s₁i⊤↔ φ is supposed to bevalid, itmust bethe case that x∈VM(φ) and x₁′ ∈/VM′(φ). But we will prove that if x∈VM(φ) then x′₁∈VM(φ). First remark that for

all s1-free program

α

and all w∈W , if xRM(

α

)w then w=x. Then define the function r from W to W by r(x)=x,

r(y1)=y2,r(y2)=y1,r(z1)=z2,r(z2)=z1,r(t1)=t2and r(t2)=t1.Itcaneasilybecheckedthat forallw1,w2∈W and

alls1-freeprogram

α

,w1RM(

α

)w2iffr(w1)RM(

α

)r(w2).Nowdefinethefunction f fromW′toW by f(x′1)= f(x′2)=x,

f(y′

1)=y1, f(y′2)=y2, f(z′1)=z1, f(z′2)=z2, f(t′1)=t1 and f(t2′)=t2. Define also the binary relation Z between W

and W′ suchthat (w,w′)∈Z iff w= f(w′) orr(w)= f(w′).Weprovethatforalln>0,alls1-freeformulaψ,alls1-free

program

α

,allw1∈W andallw′1,w′2∈W′:

1. ifthenumberofoccurrencesofsymbolsinψ isn and(w1,w′1)∈Z then w1∈VM(ψ ) iffw′₁∈VM′(ψ ); 2. if thenumberofoccurrencesofsymbolsin

α

isn then w′

1RM′(

α

)w′

2iff f(w′1)RM(

α

)f(w′₂).

Theproofisbyinductiononn,lefttothereader. ⊣

Proposition15.Leti∈ {1,2}.Forallri-freeformulasφ,h(a;ri)1(ri;a)i⊤↔ φisnotvalidintheclassofallseparatedframes.

Proof. We onlyconsider thecasei=1.Suppose thereexistsaformulaφ inourlanguagesuchthat hr11r1i⊤↔ φ isvalid

• W= {x,y,z,s,t,u,v},

• R(a)= {(x,s),(z,t)},otherwise R istheemptyfunction, • z⋆y= {x},u⋆t= {s,v},otherwise⋆istheemptyfunction, • V is theemptyfunction,

• W′_{= {x}′

1,x′2,y′1,y′2,z′1,z′2,s′1,s′2,t1′,t′2,u′1,u′2,v′1,v′2},

• R′(a)= {(x′₁,s′₂),(x′₂,s′₁),(z′₁,t′₁),(z′₂,t′₂)},otherwise R′ istheemptyfunction,

• forall j∈ {1,2},z′_j⋆′y′_j= {x′_j}and u′_j⋆′t′_j= {s′_j,v′_j},otherwise⋆′ istheemptyfunction, • V′ istheemptyfunction.

Clearly, x∈VM(h(a;r1)1(r1;a)i⊤)but x′1∈/VM′(h(a;r₁)1(r₁;a)i⊤).Hence,sinceh(a;r₁)1(r₁;a)i⊤↔ φ issupposedtobe valid, it mustbethecasethat x∈VM(φ) and x′₁∈/VM′(φ).Butwe willprove that if x∈V_M(φ)then x′

1∈VM(φ). First

remark thatforallr1-freeprogram

α

andall w1,w2∈W suchthat w1RM(

α

)w2:

• if w2=u then w1=u,

• if w2∈ {x,y,z} thenw1∈ {x,y,z},and

• if w1∈ {s,t,u,v}then w2∈ {s,t,u,v}.

Then,definethefunctions f1and f2from W toW′ suchthatforall j∈ {1,2}, fj(x)=x′_j, fj(y)=y′_j, fj(z)=z′_j, fj(s)=s′_j,

fj(t)=t′_j, fj(u)=u′_j and fj(v)=v′_j. For all w′∈W′,there isexactlyone pair(w,j)∈W × {1,2} suchthat w′= fi(w); hence wealso definethefunction g from W′ to W suchthat for all w′∈W′ thereis i∈ {1,2} suchthat fi(g(w′))=w′. Weprovethatforalln>0,allr1-freeformulaψ,allr1-freeprogram

α

,allw1,w2∈W andallw′1∈W′:

1. ifthenumberofoccurrencesofsymbolsinψ isn then w1∈VM(ψ )iff f1(w1)∈VM′(ψ )iff f₂(w₁)∈V_M′(ψ ); 2. if the numberofoccurrences ofsymbols in

α

isn−1 and w1=g(w′1) then w1RM(

α

)w2 iffthere is w′2∈W′ such

that w2=g(w′2) and w′1RM′(

α

)w′₂;

3. if the number of occurrences of symbols in

α

is n and w1∈ {s,t,u,v} or w2 ∈ {x,y,z} then w1RM(

α

)w2 iff

f1(w1)RM′(

α

)f₁(w₂)iff f₂(w₁)R_M′(

α

)f₂(w₂). Theproof isbyinductiononn,lefttothereader. ⊣

5. Axiomsystem

WenowdefinePDL1₀.

Definition. LetPDL1

0 betheleast set offormulas that containsallinstancesofpropositional tautologies, that containsthe

formulas (A1)–(A18) considered inPropositions 3and 4and that is closed undertherules ofproof (MP),(N) and (FOR) consideredinPropositions5and 6.

ItiseasytoestablishthesoundnessforPDL1₀:

Proposition16(SoundnessforPDL1₀).Letφbeaformula.Ifφ ∈PDL1₀,φisvalidintheclassofallseparatedframes.

Thecompletenessfor PDL1₀ ismoredifficulttoestablish andwedeferprovingittillnextsection.Inthemeantime,itis wellworthnotingthat forallseparatedmodels M_{= (}W,R,⋆,V) andfor allx∈W , {φ : x∈VM(φ)} isasetofformulas

that containsPDL1₀ andthat isclosedundertheruleofproof(MP).Now,weintroducetheories.

Definition. Aset S offormulas issaidtobeatheoryiffPDL1₀ ⊆S and S isclosedundertherulesofproof(MP)and (FOR).

Wewilluse S,T,. . .for theories.Obviously,theleast theoryisPDL1₀ andthegreatest theoryisthesetof allformulas. Notsurprisingly,wehave

Lemma1.LetS beatheory.Thefollowingconditionsareequivalent:S isequaltothesetofallformulas;thereexistsaformulaφsuch thatφ ∈S and¬φ ∈S;⊥∈S.

ReferringtoLemma1,wedefinewhatitmeansforatheoryto beconsistent.

By Lemma1,there isonlyone inconsistent theory:theset ofallformulas.Now, wedefinewhatit means foratheory tobemaximal.

Definition.Atheory S issaidtobemaximaliffforallformulas φ,eitherφ ∈S,or¬φ ∈S.

Wewillusethefollowinglemmawithoutexplicitreference:

Lemma2.LetS beamaximalconsistenttheory.Wehave:⊥∈/S;forallformulasφ,¬φ ∈S iffφ /∈S;forallformulasφ,ψ,φ ∨ ψ ∈S iffeitherφ ∈S,orψ ∈S.

Toknowmoreabouttheories,weneedyet anotherdefinition.

Definition.If

α

isaprogram,φ isaformulaand S isatheory,let[

α

]S= {φ : [

α

]φ ∈S} and S+ φ = {ψ : φ → ψ ∈S}.

Inthenextlemmas,wesummarizesome propertiesoftheories.

Lemma3.LetS beatheory.Forallprograms

α

andforallformulasφ,wehave:(1) [φ?]S=S+ φ;(2) [

α

]S isatheory;(3)S+ φis atheory;(4) φ,S+ φistheleasttheorycontainingS andφ;(5)S+ φisconsistentiff¬φ /∈S.

Lemma4.LetS beatheory.IfS isconsistent,forallformulasφ,eitherS+ φisconsistent,orthereexistsaformulaψsuchthatthe followingconditionsaresatisfied:S+ ψisconsistent;ψ → ¬φ ∈PDL1₀;ifφisintheform

χ

˘(h

α

1βiθ )ofaconclusionoftheruleof proof(FOR),thereexistsapropositionalvariablep suchthatψ → ¬ ˘

χ

(h

α

i((θ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (θ ∧ ¬p)))∈PDL1₀.

Proof. Suppose S is consistent.Suppose S+ φ isnot consistent.By Lemma 3, ¬φ ∈S.Obviously, thereare finitely many, sayk≥0,representations ofφ intheform ofaconclusionof theruleofproof (FOR):

χ

˘1(h

α

11β1iθ1),. . . ,

χk

˘ (h

αk

1βkiθk). We define byinduction a sequence(ψ0,. . . ,ψk) offormulas suchthat for alll∈ N, if l≤k, thefollowing conditions are satisfied: S+ ψl is consistent; ψl→ ¬φ ∈PDL10; for allm∈ N, if 1≤m≤l, there exists a propositional variable p such

that ψl→ ¬ ˘

χm

(h

αm

i((θm∧p)⊳ ⊤)∨ hβmi(⊤⊲ (θm∧ ¬p)))∈PDL1₀. First, letψ0= ¬φ.Obviously, thefollowing conditions

are satisfied: S+ ψ0 is consistent; ψ0→ ¬φ ∈PDL10. Second, letl≥1 be such that l≤k and the formulas ψ0,. . . ,ψl−1

have already been defined.Hence, S+ ψl−1 isconsistent; ψl−1→ ¬φ ∈PDL10;for allm∈ N, if1≤m≤l−1, thereexists

apropositional variable p suchthat ψl−1→ ¬ ˘

χm

(h

αm

i((θm∧p)⊳ ⊤)∨ hβmi(⊤⊲ (θm∧ ¬p)))∈PDL10. Third,since S+ ψl−1

is consistent and ψl−1→ ¬φ ∈PDL1₀,φ /∈S+ ψl−1.Since S+ ψl−1 isclosed undertherule ofproof (FOR),there existsa

propositionalvariablep suchthat

χ

˘l(h

α

li((θl∧p)⊳ ⊤)∨ hβli(⊤⊲ (θl∧ ¬p)))∈/S+ ψl−1.Letψl= ψl−1∧ ¬ ˘

χ

l(h

α

li((θl∧p)⊳ ⊤)∨ hβli(⊤⊲ (θl∧ ¬p))).Obviously,thefollowingconditionsaresatisfied: S+ ψl isconsistent;ψl→ ¬φ ∈PDL10;forallm∈ N,

if 1≤m≤l,thereexistsapropositionalvariable p suchthat ψl→ ¬ ˘

χm

(h

αm

i((θm∧p)⊳ ⊤)∨ hβmi(⊤⊲ (θm∧ ¬p)))∈PDL10.

Finally, the readermay easily verifythat the followingconditions aresatisfied: S+ ψk is consistent;ψk→ ¬φ ∈PDL10; if

φ isin the form

χ

˘(h

α

1βiθ ) ofa conclusionof the rule ofproof (FOR), thereexists a propositional variable p such that ψk→ ¬ ˘

χ

(h

α

i((θ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (θ ∧ ¬p)))∈PDL10. ⊣

Now,wearereadyfortheLindenbaumLemma.

Lemma5(LindenbaumLemma).LetS beatheory.IfS isconsistent,thereexistsamaximalconsistenttheorycontainingS.

Proof. Suppose S is consistent. Since there are countably many formulas, there exists an enumeration φ1,φ2,. . . of the

set of all formulas.Let T0,T1,. . . be the sequence of consistent theories inductively defined as follows. First, let T0=S.

Obviously, T0isconsistent.Second,letn≥1 besuchthat consistenttheoriesT0,. . . ,Tn−1 havealreadybeen defined.Third,

by Lemma 4, either Tn−1+ φn isconsistent, orthere exists a formulaψ such that the followingconditions are satisfied:

Tn−1+ ψ isconsistent;ψ → ¬φn∈PDL10;ifφnisintheform

χ

˘(h

α

1βiθ ) ofaconclusionoftheruleofproof(FOR),there exists a propositional variable p such that ψ → ¬ ˘

χ

(h

α

i((θ ∧p)⊳ ⊤)∨ hβi(⊤⊲ (θ ∧ ¬p)))∈PDL1₀. In theformer case,let

Tn=Tn−1+ φn. Inthelattercase,let Tn=Tn−1+ ψ.Obviously, Tn isconsistent. Finally, thereadermay easilyverifythat

T0∪T1∪ . . .isamaximalconsistent theorycontaining S. ⊣

TodefinethecanonicalframeofPDL₀1innextsection,weneedyetanotherdefinition.

Definition.If S and T aretheory,let S◦T= {φ ◦ ψ : φ ∈S andψ ∈T}.

Lemma6.Letφ,ψ beformulasand⊗∈ {◦,⊲,⊲}.ForallmaximalconsistenttheoriesS,ifφ ⊗ ψ ∈S,forallformulas

χ

,wehave:

(1)either(φ ∧

χ

)⊗ ψ ∈S,orthereexistsaformulaθsuchthatthefollowingconditionsaresatisfied:(φ ∧ θ )⊗ ψ ∈S;θ → ¬

χ

∈

PDL1₀;if

χ

isintheform

τ

˘(h

α

1βi

µ

)ofaconclusionoftheruleofproof(FOR),thereexistsapropositionalvariable p suchthat

θ → ¬ ˘

τ

(h

α

i((

µ

∧p)⊳ ⊤)∨ hβi(⊤⊲ (

µ

∧ ¬p)))∈PDL1

0;(2)eitherφ ⊗ (ψ ∧

χ

)∈S,orthereexistsaformulaθ suchthatthe

followingconditionsaresatisfied:φ ⊗ (ψ ∧ θ )∈S;θ → ¬

χ

∈PDL1

0;if

χ

isintheform

τ

˘(h

α

1βi

µ

)ofaconclusionoftheruleof

proof(FOR),thereexistsapropositionalvariablep suchthatθ → ¬ ˘

τ

(h

α

i((

µ

∧p)⊳ ⊤)∨ hβi(⊤⊲ (

µ

∧ ¬p)))∈PDL1

0.

Lemma7.Letφ,ψbeformulas.ForallmaximalconsistenttheoriesS,wehave:(1)ifφ ◦ ψ ∈S,thereexistmaximal consistenttheories T,U suchthatT◦U⊆S,φ ∈T andψ ∈U ;(2)ifφ ⊲ ψ ∈S,thereexistmaximal consistenttheoriesT,U suchthatT◦S⊆U ,φ ∈T andψ ∈U ;(3)ifφ ⊳ ψ ∈S,thereexistmaximal consistenttheoriesT,U suchthatS◦U⊆T ,φ ∈T andψ ∈U .

6. Completeness

Now,forthecanonicalframeofPDL1₀.

Definition. The canonical frame of PDL1₀ is the 3-tuple F_{c= (}Wc,Rc,⋆c) where Wc is the set of all maximalconsistent theories, Rc is the function from the set of all program variables into the set of all binary relations between maximal consistent theoriesdefined by S Rc(a)T iff [a]S⊆T and ⋆c is thefunctionfrom theset of allpairs ofmaximalconsistent theoriesintothesetofallsetsofmaximalconsistenttheoriesdefinedbyU∈S⋆cT iff S◦T⊆U .

Weshowfirstthat

Lemma8.F_cisseparated.

Now,forthecanonicalvaluationofPDL1₀ and thecanonicalmodelofPDL1₀.

Definition. ThecanonicalmodelofPDL1₀ isthe4-tupleM_{c= (}Wc,Rc,⋆c,Vc)where Vc isthecanonicalvaluationofPDL1₀, i.e.thefunctionfromtheset ofallpropositionalvariablesintothesetofallsets ofmaximalconsistent theoriesdefinedby

S∈Vc(p) iffp∈S.

FortheproofoftheTruthLemma,wehavetoconsiderlargeprograms.

Definition. Theset ofalllargeprogramsisinductivelydefined asfollows:

• A::=a| (A;B)| (A1B)| ¯S?;

whereforallconsistenttheories S, S is¯ anewsymbol.

We will use A,B,. . . for large programs. Let us be clear that each large program is a finite string of symbols com-ing from an uncountable alphabet. Itfollows that there are uncountably many large programs. For convenience, weomit the parenthesesinaccordancewith thestandardrules. Itisessential that largeprograms arebuilt upfrom program vari-ables and symbols for consistent theories by means of the operations ; and 1. Let A( ¯S1?,. . . ,S¯n?) be a large program with ( ¯S1,. . . ,S¯n) a sequence of some of itssymbols for consistent theories. The resultof the replacement of S¯1,. . . ,S¯n in their places with other symbols T¯1,. . . ,T¯n for consistent theories is another large program which will be denoted

A( ¯T1?,. . . ,T¯n?).

Definition. Alargeprogram A( ¯S1?,. . . ,S¯n?) with( ¯S1,. . . ,S¯n)thesequenceofallitssymbolsforconsistenttheorieswillbe defined tobemaximalifthetheories S1,. . . ,Snaremaximal.

Itappearsthatlargeprograms,eithermaximal,ornot,canbeassociatedwithsetsofprograms.

Definition. Thekernelfunctionker: A7→ker(A)⊆PRG isinductivelydefinedasfollows:

• ker(a)= {a};

• ker(A;B)= {

α

;β :

α

∈ker(A)and β ∈ker(B)}; • ker(A1B)= {

α

1β :

α

∈ker(A)and β ∈ker(B)}; • ker( ¯S)= {φ?: φ ∈S}.

Lemma9.Let

α

(φ?)beaprogram.ForallmaximalconsistenttheoriesS,ifh

α

(φ?)i⊤∈S,forallformulasψ,wehave:eitherh

α

((φ ∧ ψ )?)i⊤∈S,orthereexistsaformula

χ

suchthatthefollowingconditionsaresatisfied:h

α

((φ ∧

χ

)?)i⊤∈S;

χ

→ ¬ψ ∈PDL1₀; ifψ isintheform θ (hβ1˘

γ

i

τ

) ofaconclusionoftheruleofproof(FOR),thereexistsapropositionalvariable p suchthat

χ

→ ¬ ˘θ (hβi((

τ

∧p)⊳ ⊤)∨ h

γ

i(⊤⊲ (

τ

∧ ¬p)))∈PDL1₀.

Lemma10(DiamondLemma).Let

α

beaprogramandφbeaformula.ForallmaximalconsistenttheoriesS,if[

α

]φ /∈S,thereexists amaximalprogram A andthereexistsamaximalconsistenttheory T suchthat f(

α

)∈ker(A),forallprogramsβ,ifβ ∈ker(A),

[β]S⊆T andφ /∈T .

Withthisestablished,wearereadyfortheTruthLemma.

Lemma11(TruthLemma).Let

α

beaprogram.ForallmaximalconsistenttheoriesS,T ,thefollowingconditionsareequivalent: S RM_c(

α

)T ;thereexistsamaximalprogramA suchthat f(

α

)∈ker(A)andforallprogramsβ,ifβ ∈ker(A),[β]S⊆T .Letφbea

formula.ForallmaximalconsistenttheoriesS,thefollowingconditionsareequivalent:S∈VM_c(φ);φ ∈S. Proof. Let P(·)bethepropertyabout programsandformulas definedasfollows:

• forallprograms

α

, P(

α

) iffforallmaximalconsistent theories S,T , S RM_c(

α

)T iffthereexists amaximalprogram A

suchthat f(

α

)∈ker(A)andforallprogramsβ,ifβ ∈ker(A),[β]S⊆T ;

• forallformulas φ, P(φ)iffforallmaximalconsistenttheories S, S∈VMc(φ)iffφ ∈S.

Theproofthat P(·)holdsforallprogramsandforallformulas willbedonebyinductionontheformationofprogramsand formulas.

Hypothesis. Let

α

beaprogramsuchthat for allexpressions exp (eitheraprogram,or aformula),if exp isanexpression strictlyoccurringin

α

, P(exp)holds.

Step. We demonstrate P(

α

)holds. Case

α

=a.Lefttothereader.

Case

α

= β;

γ

.Let S,T bemaximalconsistenttheories.

• Suppose S RM_c(β;

γ

)T . We demonstrate there exists a maximal program A such that f(β);⊤?;f(

γ

)∈ker(A) and

forall programs δ, if δ ∈ker(A), [δ]S⊆T .Since S RMc(β;

γ

)T , there existsa maximalconsistent theoryU such that

S RMc(β)U and U RMc(

γ

)T . Since P(β) and P(

γ

), there exists a maximal program A

′ _{such that f(β)∈ker(A}′_{) and}

for all programs δ′, if δ′∈ker(A′), [δ′]S⊆U and there exists a maximal program A′′ such that f(

γ

)∈ker(A′′) and for all programs δ′′, if δ′′∈ker(A′′), [δ′′]U ⊆T . Since ⊤∈U , f(β);⊤?;f(

γ

)∈ker(A′;U¯;A′′). Now, let δ′;φ?;δ′′∈ ker(A′;U¯;A′′) and ψ ∈ [δ′;φ?;δ′′]S. Hence, δ′∈ker(A′), φ ∈U , δ′′∈ker(A′′) and [δ′;φ?;δ′′]ψ ∈ S. Thus, [δ′](φ → [δ′′_{]ψ)∈S.Therefore, φ → [δ}′′_{]ψ ∈ [δ}′_{]S. Sinceδ}′_∈ker(A′_{), [δ}′_{]S⊆U . Since φ → [δ}′′_{]ψ ∈ [δ}′_{]S,φ → [δ}′′_{]ψ ∈U . Since}

φ ∈U , [δ′′_{]ψ ∈U . Consequently, ψ ∈ [δ}′′_{]U .Since δ}′′_∈ker(A′′_),[δ′′_{]U⊆T . Since ψ ∈ [δ}′′_{]U ,ψ ∈T . Hence,for all}

pro-gramsδ,ifδ ∈ker(A′;U¯;A′′),[δ]S⊆T .Since f(β);⊤?;f(

γ

)∈ker(A′;U¯;A′′),itsufficestotake A=A′;U¯;A′′.

• Suppose there exists a maximal program A such that f(β);⊤?;f(

γ

)∈ker(A) and for all programs δ, if δ ∈ker(A), [δ]S ⊆T . We demonstrate S RMc(β;

γ

)T . Since f(β);⊤?;f(

γ

)∈ker(A), there exists a maximal program A

′_{, there}

existsamaximalconsistenttheoryU andthereexistsamaximalprogram A′′ suchthat f(β)∈ker(A′), f(

γ

)∈ker(A′′) and A=A′_;U¯;A′′_{. Now, letδ}′_∈ker(A′_{) and φ ∈ [δ}′_{]S. Hence, [δ}′_{]φ ∈S. Let δ}′′_∈ker(A′′_{). Since [δ}′_{]φ ∈S, [δ}′_{](¬φ →}

[δ′′_{]⊥)∈S.Thus, [δ}′_;¬φ?;δ′′_{]⊥∈S.Therefore, ⊥∈ [δ}′_;¬φ?;δ′′_{]S. Since T isconsistent, byLemma 1,⊥∈/T . Sincefor}

allprograms δ,ifδ ∈ker(A), [δ]S⊆T and ⊥∈ [δ′;¬φ?;δ′′]S,δ′;¬φ?;δ′′∈/ker(A).Since A=A′_;U¯;A′′_{, δ}′_∈ker(A′_)and

δ′′∈ker(A′′),¬φ /∈U .SinceU ismaximal,φ ∈U .Consequently,forallδ′∈ker(A′),[δ′]S⊆U .Since f(β)∈ker(A′)and

P(β), S RMc(β)U . Now, letδ

′′_∈ker(A′′_{) and φ ∈ [δ}′′_{]U .Hence, [δ}′′_{]φ ∈U .Let δ}′_∈ker(A′_{).Thus, [δ}′_]([δ′′_{]φ → [δ}′′_]φ)∈

S. Therefore, [δ′;[δ′′]φ?;δ′′]φ ∈S. Consequently, φ ∈ [δ′;[δ′′]φ?;δ′′]S. Since δ′∈ker(A′), [δ′′]φ ∈U and δ′′∈ker(A′′), δ′;[δ′′]φ?;δ′′∈ker(A′;U¯;A′′).Since A=A′;U¯;A′′,δ′;[δ′′]φ?;δ′′∈ker(A).Sinceforallprogramsδ,if δ ∈ker(A), [δ]S⊆

T , δ′;[δ′′_]φ?;δ′′_{∈ker(A) and φ ∈ [δ}′_;[δ′′_]φ?;δ′′_{]S, φ ∈T . Hence, for allδ}′′_∈ker(A′′_{), [δ}′′_{]U⊆T .Since f(}

_γ

_)∈ker(A′′₎

and P(

γ

), U RM_c(

γ

)T .Since S RM_c(β)U , S RM_c(β;

γ

)T .

Case

α

= β1

γ

.Let S,T bemaximalconsistenttheories.

• Suppose S RMc(β1

γ

)T .Wedemonstratethereexistsamaximalprogram A such that(f(β);⊤?)1(f(

γ

);⊤?)∈ker(A)

andforallprogramsδ, ifδ ∈ker(A),[δ]S⊆T .Since S RMc(β1

γ

)T ,thereexistmaximal consistent theoriesU,V such

that S RM_c(β)U , S RM_c(

γ

)V and T ∈U ⋆c V . Since P(β) and P(

γ

), there exists a maximal program A′ such that

f(β)∈ker(A′_{) and for all programs δ}′_{, if δ}′_∈ker(A′_{), [δ}′_{]S⊆U and there exists a maximal program A}′′ _{such that}