3.4 Correctness of Translation Algorithm
3.4.2 Proving Some Necessary Lemmas
It should be quite obvious that we shall need separate lemmas to express prop-erties of the state assertions, and that these lemmas will be used in the proofs of the lemmas regarding DC formulas.
Our first approach at constructing this proof was naively based on just two lemmas (one for SA and one for DC formulas) of the type
There exists a trajectoryρsuch that ρ,[i, j]|=φiff tk[[φ]]∧[φ]i,j∧[true] is satisfiable
A straightforward proof by induction rather quickly was established for the cases oftrue,false,R
S≥1 (using on the lemma for state assertions),φ1∧φ2,φ1∨φ2
and φ1_φ2. But for ¬φ1 problems arose: If we assumed that ρ,[i, j] |= ¬φ1
then we knew that ρ,[i, j]6|= φ1 but had no chance of proving that there did not exist some other trajectory ρ0 for whichρ0,[i, j] |= φ1. The conclusion of this was, unfortunately, that a much more complicated set of lemmas had to be constructed. The heart of these lemmas is the use of functions, building on valuations and trajectories, so that the proofs may be about function values and not require existential quantifiers.
First, we will state and prove the lemmas regarding state assertions. Then, we will state and prove the lemmas regarding DC formulas, with the majority being similar to the lemmas on state assertions. Keep in mind that the goal is still to show the close correspondance between interpretation and satisfiability
— the path is just not as straightforward as in the original idea!
Lemmas Regarding State Assertions We shall begin by defining a function
ˆ
σ ∈LitSA→B that extends
σ∈State→B
to give the value of a literal representing the value of a state assertion at a given time instant. Remember that by definition [true]i = [true] and [false]i =
¬[true].
CHAPTER 3. DC→SAT TRANSLATION
ˆ
σ([true]) = true ˆ
σ([s]i) = σ(s) fors∈State ˆ
σ([¬S]i) = ¬ˆσ([S]i) ˆ
σ([S1∧S2]i) = σ([Sˆ 1]i)∧σ([Sˆ 2]i) ˆ
σ([S1∨S2]i) = σ([Sˆ 1]i)∨σ([Sˆ 2]i)
Furthermore, we shall extend ˆσ to ˆσ ∈ LitSA → B giving the value of boolean combinations of the propositional variables:
ˆ
σ(true) = true ˆ
σ(false) = false ˆ
σ([S]i) = σ([S]ˆ i) σ(¬e) =ˆ ¬ˆσ(e) ˆ
σ(e1∧e2) = σ(eˆ 1)∧σ(eˆ 2) ˆ
σ(e1∨e2) = σ(eˆ 1)∨σ(eˆ 2) The following Lemma indicates that ˆσ is well-defined:
Lemma 1 σ(eˆ 1) = ˆσ(e2)implies σ(eˆ 1⇔e2) =true.
Proof:
Assume ˆσ(e1) = ˆσ(e2).
ˆ
σ(e1⇔e2) (1)= ˆσ((¬e1∨e2)∧(e1∨ ¬e2))
(2)= ¬ˆσ(e1)∨σ(eˆ 2)
∧ σ(eˆ 1)∨ ¬ˆσ(e2)
(3)= true with the following arguments:
(1) By definition of the ’⇔’ operator (2) By definition of ˆσ
(3) Using the assumption that ˆσ(e1) = ˆσ(e2)
In the following, we shall use the symbol tkSA,i[[S]] to denote the constraints of the translation tkSA[[S]] that regard variables with index i. By definition, tkSA[[S]] =Vk.1
i=0tkSA,i[[S]].
The next Lemma states the correctness of thetkSA,i translation with respect to ˆσ:
CHAPTER 3. DC→SAT TRANSLATION
Lemma 2 σ(tˆ kSA,i[[S]]) =true Proof:
We shall establish a proof by structural induction onS.
Basis:
• CaseS=true:
ˆ
σ(tkSA,i[[true]]) (1)= ˆσ(true)
(2)= true with the following arguments:
(1) By definition oftkSA,i (2) By definition of ˆσ
• CaseS=false:
Equivalent.
• CaseS=sfors∈State:
Equivalent.
Induction:
• CaseS=¬S1: ˆ
σ(tkSA,i[[¬S1]]) (1)= σ tˆ kSA,i[[S1]]∧([¬S1]i⇔ ¬[S1]i)
(2)= σ tˆ kSA,i[[S1]]
∧σˆ([¬S1]i⇔ ¬[S1]i)
(3)= σˆ([¬S1]i⇔ ¬[S1]i)
(4)= true with the following arguments:
(1) By definition oftkSA,i (2) By definition of ˆσ (3) By induction
(4) Using Lemma 1 since by definition of ˆσ we have that ˆ
σ([¬S1]i) =¬ˆσ([S1]i) = ˆσ(¬[S1]i)
• CaseS=S1∧S2: ˆ
σ(tkSA,i[[S1∧S2]]) (1)= σ(tˆ kSA,i[[S1]]∧tkSA,i[[S2]]∧ ([S1∧S2]i ⇔[S1]i∧[S2]i))
(2)= σ(tˆ kSA,i[[S1]])∧σ(tˆ kSA,i[[S2]])∧ ˆ
σ([S1∧S2]i⇔[S1]i∧[S2]i)
(3)= σˆ([S1∧S2]i⇔[S1]i∧[S2]i)
(4)= true with the following arguments:
CHAPTER 3. DC→SAT TRANSLATION (1) By definition oftkSA,i
(2) By definition of ˆσ (3) By induction
(4) Using Lemma 1 since by definition of ˆσ we have that ˆ
σ([S1∧S2]i) = ˆσ([S1]i)∧σˆ([S2]i) = ˆσ([S1]i∧[S2]i)
• CaseS=S1∨S2: Equivalent.
Then, we must show a connection between the semantic interpretation of S, I[[S]](σ), with valuationσ, and the value of ˆσ(S):
Lemma 3 I[[S]](σ) =true iff ˆσ([S]i) =true
Proof:
We shall prove Lemma 3 by structural induction onS.
Basis:
• CaseS=true:
ˆ
σ([true]i) (1)= σ([true])ˆ
(2)= true
(3)= I[[true]](σ) with the following arguments:
(1) By definition of [true]i
(2) By definition of ˆσ (3) By definition ofI
• CaseS=false:
Equivalent.
• CaseS=sfors∈State:
ˆ
σ([s]i) (1)= σ(s)
(2)= I[[s]](σ) with the following arguments:
(1) By definition of ˆσ (2) By definition ofI Induction:
CHAPTER 3. DC→SAT TRANSLATION
• CaseS=¬S1:
σ([¬Sˆ 1]i) (1)= ¬ˆσ([S1]i)
(2)= ¬I[[S1]](σ)
(3)= I[[¬S1]](σ) with the following arguments:
(1) By definition of ˆσ (2) By induction (3) By definition ofI
• CaseS=S1∧S2: ˆ
σ([S1∧S2]i) (1)= σ([Sˆ 1]i)∧ˆσ([S2]i)
(2)= I[[S1]](σ)∧ I[[S2]](σ)
(3)= I[[S1∧S2]](σ) with the following arguments:
(1) By definition of ˆσ (2) By induction (3) By definition ofI
• CaseS=S1∨S2: Equivalent.
Given a valuation ξ ∈ Lit → B and i ∈ Time, we shall define a function
←
ξ, that creates a corresponding trajectory.
←
ξ (i)(s) =ξ([s]i) fors∈State Then, we may state the following Lemma:
Lemma 4 If ξ satisfies tkSA,i[[S]]∧[true]thenξ([S]i) =←[ ξ (i)([S]i) Proof:
We shall prove Lemma 4 by structural induction onS.
Basis:
• CaseS=true:
ξ([true]i) (1)= ξ([true])
(2)= true
(3)= ←[
ξ (i)([true]) with the following arguments:
CHAPTER 3. DC→SAT TRANSLATION (1) By definition of [true]i
(2) Sinceξ satisfiestkSA,i[[S]]∧[true]
(3) By definition of ←[ ξ (i)
• CaseS=false:
Equivalent.
• CaseS=s∈State:
ξ([s]i) (1)= ←ξ (i)(s)
(2)= ←[ ξ (i)([s]i) with the following arguments:
(1) By definition of ←ξ (i) (2) By definition of ←[ ξ (i) Induction:
• CaseS=¬S1:
ξ([¬S1]i) (1)= ¬ξ([S1]i)
(2)= ¬←[ ξ (i)([S1]i)
(3)= ←[
ξ (i)(¬[S1]i)
(4)= ←[
ξ (i)([¬S1]i) with the following arguments:
(1) Sinceξ satisfies [¬S1]i⇔ ¬[S1]i
(2) By induction, since by definition oftkSA,i,ξsatisfiestkSA,i[[S1]]∧[true]
(3) By definition of ←[ ξ (i) (4) By definition of ←[ ξ (i)
• CaseS=S1∧S2:
ξ([S1∧S2]i) (1)= ξ([S1]i)∧ξ([S2]i)
(2)= ←[
ξ (i)([S1]i)∧←[ ξ (i)([S1]i)
(3)= ←[
ξ (i)([S1]i∧[S2]i)
(4)= ←[
ξ (i)([S1∧S2]i)
CHAPTER 3. DC→SAT TRANSLATION with the following arguments:
(1) Sinceξ satisfies [S1∧S2]i⇔[S1]i∧[S2]i
(2) By induction, since by definition oftkSA,i,ξsatisfiestkSA,i[[S1]]∧[true]
and tkSA,i[[S2]]∧[true]
(3) By definition of ←[ ξ (i) (4) By definition of ←[ ξ (i)
• CaseS=S1∨S2: Equivalent.
Lemmas Regarding DC Formulas
Given a trajectoryρwe will define a function ˜ρ∈Lit→B:
˜
ρ([true]) = true
˜ ρ([R
S≥1]i,j) =
j−1_
m=i
˜ ρ([S]m)
˜
ρ([S]i) = ρ(i)([S]d i) ρ([¬φ˜ 1]i,j) = ¬˜ρ([φ1]i,j)
˜
ρ([φ1∧φ2]i,j) = ρ([φ˜ 1]i,j)∧ρ([φ˜ 2]i,j)
˜
ρ([φ1∨φ2]i,j) = ρ([φ˜ 1]i,j)∨ρ([φ˜ 2]i,j)
˜
ρ([φ1_φ2]i,j) = _j m=i
˜
ρ([φ1]i,m)∧ρ([φ˜ 2]m,j)
We extend that function to ˜ρ, giving the value of expressions of the propo-sitional variables.
˜
ρ(true) = true
˜
ρ(false) = false
˜
ρ([φ]i,j) = ρ([φ]˜ i,j)
˜
ρ([S]i) = ρ([S]˜ i)
˜
ρ(¬e) = ¬˜ρ(e)
˜
ρ(e1∧e2) = ρ(e˜ 1)∧ρ(e˜ 2)
˜
ρ(e1∨e2) = ρ(e˜ 1)∨ρ(e˜ 2)
We shall need a Lemma describing how we may handle the occurence of biim-plications in proofs concerning ˜ρ:
Lemma 5 σ(e˜ 1) = ˜σ(e2)implies σ(e˜ 1⇔e2) =true.
CHAPTER 3. DC→SAT TRANSLATION
Proof:
Assume ˜σ(e1) = ˜σ(e2).
˜
σ(e1⇔e2) (1)= ˜σ((¬e1∨e2)∧(e1∨ ¬e2))
(2)= ¬˜σ(e1)∨σ(e˜ 2)
∧ σ(e˜ 1)∨ ¬˜σ(e2)
(3)= true with the following arguments:
(1) By definition of the ’⇔’ operator (2) By definition of ˜σ
(3) Using the assumption that ˜σ(e1) = ˜σ(e2)
Then, we must demonstrate the well-formedness of the translation tkDC with respect to ˜ρ:
Lemma 6 ρ(t˜ kDC[[φ]]) =true Proof:
We shall establish a proof by structural induction onφ.
Basis:
• Caseφ=true:
˜
ρ(tkDC[[true]]) (1)= ρ(true)˜
(2)= true with the following arguments:
(1) By definition oftkDC (2) By definition of ˜ρ
• Caseφ=false:
Equivalent.
CHAPTER 3. DC→SAT TRANSLATION
• Caseφ=R S≥1:
˜ ρ(tkDC[[R
S≥1]]) (1)= ρ˜
tkSA[[S]]∧ ^
i∈{0,...,k}
j∈{i+1,...,k}
[R
S≥1]i,j⇔Wj−1 m=i[S]m
(2)= ρ t˜ kSA[[S]]
∧ ^
i∈{0,...,k}
j∈{i+1,...,k}
˜ ρ
[R
S≥1]i,j⇔Wj−1 m=i[S]m
(3)= ^
i∈{0,...,k}
j∈{i+1,...,k}
˜ ρ
[R
S ≥1]i,j⇔Wj−1 m=i[S]m
(4)= true
with the following arguments:
(1) By definition oftkDC (2) By definition of ˜ρ (3) Using Lemma 2
(4) Using Lemma 1 since by definition of ˜ρwe have that ˜ρ([R
S≥1]i,j) =
˜ ρ([R
S≥1]i,j) =Wj−1
m=iρ(m)([S][ m) =Wj
m=iρ([S]˜ m) = ˜ρWj
m=i([S]m) Induction:
• Caseφ=¬φ1:
˜
ρ(tkDC[[¬φ1]]) (1)= ρ˜
tkDC[[φ1]]∧ ^
i∈{0,...,k}
j∈{i,...,k}
([¬φ1]i,j ⇔ ¬[φ1]i,j)
(2)= ρ t˜ kDC[[φ1]]
∧ ^
i∈{0,...,k}
j∈{i,...,k}
˜
ρ([¬φ1]i,j⇔ ¬[φ1]i,j)
(3)= ^
i∈{0,...,k}
j∈{i,...,k}
˜
ρ([¬φ1]i,j ⇔ ¬[φ1]i,j)
(4)= true with the following arguments:
(1) By definition oftkDC (2) By definition of ˜ρ (3) By induction
(4) Using Lemma 5 since by definition of ˜ρ it holds that ˜ρ([¬φ1]i,j) =
¬ρ˜([φ1]i,j) = ˜ρ(¬[φ1]i,j)
CHAPTER 3. DC→SAT TRANSLATION
• Caseφ=φ1∧φ2:
˜
ρ(tkDC[[φ1∧φ2]]) (1)= ρ t˜ kDC[[φ1]]∧tkDC[[φ2]]∧
^
i∈{0,...,k}
j∈{i,...,k}
([φ1∧φ2]i,j ⇔[φ1]i,j∧[φ2]i,j)
(2)= ρ t˜ kDC[[φ1]]
∧ρ t˜ kDC[[φ2]]
^ ∧
i∈{0,...,k}
j∈{i,...,k}
˜
ρ([φ1∧φ2]i,j ⇔[φ1]i,j∧[φ2]i,j)
(3)= ^
i∈{0,...,k}
j∈{i,...,k}
˜
ρ([φ1∧φ2]i,j ⇔[φ1]i,j∧[φ2]i,j)
(4)= true with the following arguments:
(1) By definition oftkDC (2) By definition of ˜ρ (3) By induction
(4) Using Lemma 5 since by definition of ˜ρit holds that ˜ρ([φ1∧φ2]i,j) =
˜
ρ([φ1]i,j)∧ρ˜([φ1]i,j) = ˜ρ([φ1]i,j∧[φ2]i,j)
• Caseφ=φ1∨φ2: Equivalent.
• Caseφ=φ1_φ2:
˜
ρ(tkDC[[φ1_φ2]]) (1)= ρ t˜ kDC[[φ1]]∧tkDC[[φ2]]∧
^
i∈{0,...,k}
j∈{i,...,k}
[φ1_φ2]i,j⇔ _j m=i
([φ1]i,m∧[φ2]m,j)
!
(2)= ρ t˜ kDC[[φ1]]
∧ρ t˜ kDC[[φ2]]
∧
^
i∈{0,...,k}
j∈{i,...,k}
˜
ρ [φ1_φ2]i,j⇔ _j m=i
([φ1]i,m∧[φ2]m,j)
!
(3)= ^
i∈{0,...,k}
j∈{i,...,k}
˜
ρ [φ1_φ2]i,j⇔ _j m=i
([φ1]i,m∧[φ2]m,j)
!
(4)= true with the following arguments:
CHAPTER 3. DC→SAT TRANSLATION (1) By definition oftkDC
(2) By definition of ˜ρ (3) By induction
(4) Using Lemma 5 since by definition of ˜ρit holds that
˜
ρ([φ1_φ2]i,j) = ˜ρ([φ1_φ2]i,j) = Wj
m=i(˜ρ([φ1]i,m)∧ρ([φ˜ 2]m,j)) =
˜ ρWj
m=i([φ1]i,m∧[φ2]m,j)
We must also show a connection between the semantic interpretation of φ in observationρ,[i, j] and the value ofρ:e
Lemma 7 ρ,[i, j]|=φiffρ([φ]e i,j) =true Proof:
We shall prove Lemma 7 by structural induction onφ.
Basis:
• Caseφ=true:
Trivial, sinceρ,[i, j]|=trueandρ([true]e i,j) =ρ([true]) =e true.
• Caseφ=false:
Trivial, sinceρ,[i, j]6|=falseandρ(false) =e ρ(¬[true]) =e false.
• Caseφ=R S≥1:
ρ,[i, j]|=R S≥1
(1)
iff
j−1_
m=i
I[[S]](ρ(m)) =true
(2)
iff
j−1_
m=i
ρ(m)([S][ m) =true
(3)
iff
j−1_
m=i
e
ρ([S]m) =true
(4)
iff ρ([e R
S≥1]i,j) =true with the following arguments:
(1) By definition ofρ,[i, j]|=R S≥1 (2) Using Lemma 3
(3) By definition ofρe (4) By definition ofρe Induction:
CHAPTER 3. DC→SAT TRANSLATION
• Caseφ=¬φ1
ρ,[i, j]|=¬φ1 (1)
iff ρ,[i, j]6|=φ1 (2)
iff ρ([φ˜ 1]i,j) =false
(2)
iff ρ([¬φ˜ 1]i,j) =true with the following arguments:
(1) By definition ofρ,[i, j]|=¬φ1
(2) By induction (3) By definition ofρe
• Caseφ=φ1∧φ2: ρ,[i, j]|=φ1∧φ2
(1)
iff (ρ,[i, j]|=φ1)∧(ρ,[i, j]|=φ2)
(2)
iff ρ([φ˜ 1]i,j) =true
∧ ρ([φ˜ 2]i,j) =true
(3)
iff ρ([φ˜ 1∧φ2]i,j) =true with the following arguments:
(1) By definition ofρ,[i, j]|=φ1∧φ2
(2) By induction (3) By definition ofρe
• Caseφ=φ1∨φ2: Equivalent.
• Caseφ=φ1_φ2:
ρ,[i, j]|=φ1_φ2 (1)
iff ∃m∈ {i, . . . , j} ·(ρ,[i, m]|=φ1)∧(ρ,[m, j]|=φ2)
(2)
iff ∃m∈ {i, . . . , j} · ρ([φ˜ 1]i,m) =true
∧ ρ([φ˜ 2]m,j) =true
(3)
iff _j m=i
˜
ρ([φ1]i,m) =true
∧ ρ([φ˜ 2]m,j) =true
(4)
iff ρ([φ˜ 1_φ2]i,j) =true with the following arguments:
(1) By definition ofρ,[i, j]|=φ1_φ2
(2) By induction
(3) Using the meaning of∃m∈ {i, . . . , j}
(4) By definition ofρe
CHAPTER 3. DC→SAT TRANSLATION
We shall show a Lemma relating satisfiability of constraints to values of ←e ξ: Lemma 8 If ξ satisfies tkDC[[φ]]∧[true] then
∀i, j ∈Time·0≤i≤j≤k⇒ξ([φ]i,j) =←e ξ([φ]i,j)
Proof: We shall prove Lemma 8 by structural induction onφ.
Basis:
• Caseφ=true:
Assumeξ satisfiestkDC[[true]]∧[true].
ξ([true]i,j) (1)= ξ([true])
(2)= true
(3)= ←e
ξ([true]) with the following arguments
(1) By definition of [true]i,j
(2) Using the assumption (3) By definition of ←e
ξ
• Caseφ=false:
Equivalent.
• Caseφ=R S≥1:
We have that tkDC[[R
S≥1]]∧[true] =
k−1^
i=0
tkSA,i[[S]]∧
^
i∈{0,...k−1}
j∈{i+1,...,k}
[R
S≥1]i,j⇔Wj−1 m=i[S]m
∧
^
i∈{0,...,k}
¬[R
S≥1]i,i
For 0≤i=j≤k:
ξ([R
S≥1]i,i) (1)= false
(2)=
i−1_
m=i
([S]m)
(3)= ←e ξ [R
S≥1]i,i with the following arguments:
CHAPTER 3. DC→SAT TRANSLATION (1) Sinceξ satisfies¬[R
S≥1]i,i fori∈ {0, . . . , k}
(2) By definition of a disjunction with zero elements (3) By definition of ←e
ξ For 0≤i < j≤k:
ξ([R
S≥1]i,j) (1)=
j−1_
m=i
ξ([S]m)
(2)=
j−1_
m=i
\
←
ξ (m)([S]m)
(3)= ←e ξ([R
S≥1]i,j) with the following arguments:
(1) Since ξ satisfies [R
S ≥ 1]i,j ⇔ Wj−1
m=i[S]m for i ∈ {0, . . . , k−1}, j ∈ {i+ 1, . . . , k}
(2) By Lemma 4 sinceξsatisfiestkSA,m[[S]]∧[true] form∈ {i, . . . , j−1}
(3) By definition of ←e ξ Induction:
• Caseφ=¬φ1: We have that
tkDC[[¬φ1]] = tkDC[[φ1]]∧ ^
i∈{0,...k}
j∈{i,...,k}
([¬φ1]i,j⇔ ¬[φ1]i,j)∧[true]
For 0≤i≤j≤k:
ξ([¬φ1]i,j) (1)= ¬ξ([φ1]i,j)
(2)= ¬←˜ ξ([φ1]i,j)
(3)= ←˜
ξ([¬φ1]i,j) with the following arguments:
(1) Sinceξ satisfies [¬φ1]i,j⇔ ¬[φ1]i,j fori∈ {0, . . . , k},j∈ {i, . . . , k}
(2) By induction (3) By definition of ←˜
ξ
• Caseφ=φ1∧φ2: We have that
tkDC[[φ1∧φ2]] = tkDC[[φ1]]∧tkDC[[φ2]]∧
^
i∈{0,...k}
j∈{i,...,k}
([φ1∧φ2]i,j⇔[φ1]i,j∧[φ2]i,j)∧[true]
CHAPTER 3. DC→SAT TRANSLATION
For 0≤i≤j≤k:
ξ([φ1∧φ2]i,j) (1)= ξ([φ1]i,j)∧ξ([φ2]i,j)
(2)= ←˜
ξ([φ1]i,j)∧←˜ ξ([φ2]i,j)
(3)= ←˜
ξ([φ1∧φ2]i,j) with the following arguments:
(1) Since ξ satisfies [φ1∧φ2]i,j ⇔ [φ1]i,j ∧[φ2]i,j for i ∈ {0, . . . , k}, j ∈ {i, . . . , k}
(2) By induction (3) By definition of ←˜
ξ
• Caseφ=φ1∨φ2: Equivalent.
• Caseφ=φ1_φ2: We have that
tkDC[[φ1_φ2]] = tkDC[[φ1]]∧tkDC[[φ2]]∧
^
i∈{0,...k}
j∈{i,...,k}
([φ1_φ2]i,j⇔ _j m=i
([φ1]i,m∧[φ2]m,j))∧[true]
For 0≤i≤j≤k:
ξ([φ1∧φ2]i,j) (1)= _j m=i
ξ([φ1]i,m)∧ξ([φ2]m,j)
(2)= _j m=i
˜
←
ξ([φ1]i,m)∧←˜
ξ([φ2]m,j)
!
(3)= ←˜
ξ([φ1_φ2]i,j) with the following arguments:
(1) Sinceξsatisfies [φ1_φ2]i,j ⇔Wj
m=i([φ1]i,m∧[φ2]m,j) fori∈ {0, . . . , k}, j ∈ {i, . . . , k}
(2) By induction (3) By definition of ←˜
ξ
And, building on Lemma 8, we have:
CHAPTER 3. DC→SAT TRANSLATION
Lemma 9 IfξsatisfiestkDC[[φ]]∧[φ]i,j∧[true]then←e
ξ(tkDC[[φ]]∧[φ]i,j∧[true]) = true
Proof:
e
←
ξ(tkDC[[φ]]∧[φ]i,j∧[true]) (1)= ←e
ξ(tkDC[[φ]])∧←e ξ([φ]i,j)
(2)= ←e ξ([φ]i,j)
(3)= ξ([φ]i,j)
(4)= true with the following arguments:
(1) By definition of ←e ξ (2) Using Lemma 6 (3) Using Lemma 8
(4) Sinceξ satisfiestkDC[[φ]]∧[φ]i,j∧[true]
Finally, we may show the last Lemma:
Lemma 10 ∃ρ∈Traj ·ρ,[i, j]|=φiff tkDC[[φ]]∧[φ]i,j∧[true] is satisfiable.
Proof:
If:
If∃ρ∈Traj ·ρ,[i, j]|=φ
(1)
then ∃ρ∈Traj ·ρ([φ]˜ i,j) =true
(2)
then ∃ρ∈Traj · ρ(t˜ kDC[[φ]]) =true
∧
˜
ρ([φ]i,j) =true
(3)
then ∃ρ∈Traj · ρ(t˜ kDC[[φ]]∧[φ]i,j∧[true]) =true
(4)
then ∃ρ∈Traj ·ρ˜satisfiestkDC[[φ]]∧[φ]i,j∧[true]
(5)
then tkDC[[φ]]∧[φ]i,j∧[true] is satisfiable with the following arguments:
(1) By Lemma 7 (2) By Lemma 6
CHAPTER 3. DC→SAT TRANSLATION (3) By definition of ˜ρ
(4) Since the definition of ˜ρis simply the extension of ˜ρto boolean combina-tions of the variables
(5) By definition of satisfiability Only if:
IftkDC[[φ]]∧[φ]i,j∧[true] is satisfiable
(1)
then ∃ξ ∈Lit→B·
ξ satisfiestkDC[[φ]]∧[φ]i,j∧[true]
(2)
then ∃ξ ∈Lit→B· e
←
ξ(tkDC[[φ]]∧[φ]i,j∧[true]) =true
(3)
then ∃ξ ∈Lit→B·←ξ ,[i, j]|=φ
(4)
then ∃ρ∈Traj ·ρ,[i, j]|=φ with the following arguments:
(1) By definition of satisfiability (2) By Lemma 9
(3) By Lemma 7 (4) Namelyρ=
←
ξ