Open image in new window A ResolutionBased Theorem Prover for \({\textsf {K}}_{n}^{}\): Architecture, Refinements, Strategies and Experiments
 83 Downloads
Abstract
In this paper we describe the implementation of Open image in new window , a resolutionbased prover for the basic multimodal logic \({\textsf {K}}_{n}^{}\). The prover implements a resolutionbased calculus for both local and global reasoning. The user can choose different normal forms, refinements of the basic resolution calculus, and strategies. We describe these options in detail and discuss their implications. We provide experiments comparing some of these options and comparing the prover with other provers for this logic.
Keywords
Modal logics Theorem proving Resolution method1 Introduction
 (i)
given a formula \(\varphi \), the local satisfiability problem consists of showing that there is a model and a world in it that satisfies \(\varphi \);
 (ii)
given a formula \(\varphi \), the global satisfiability problem consists of showing that there is a model such that all worlds in this model satisfy \(\varphi \);
 (iii)
given a set of formulae \({\varGamma }\) and a formula \(\varphi \), the local satisfiability of\(\varphi \)under the global constraints (or assumptions)\({\varGamma }\) consists of showing that there is a model that globally satisfies all formulae in \({\varGamma }\) and that there is a world in this model that satisfies \(\varphi \).
Several proof methods and tools for reasoning in \({\textsf {K}}_{n}^{}\) exist, either in the form of methods applied directly to the modal language [17, 27] or obtained by translation into a more expressive target language (FirstOrder Logic [24] or Hybrid Logic [2], for instance). Translationbased methods benefit not only from the existence of available theorem provers, therefore not requiring additional effort for implementation, but also the strategies available for the target language can be almost immediately applied to the translated problem [23]. This is not the case for direct methods, where strategies need to be adapted to deal with the underlying normal forms and inference rules. However, the translation into a more expressive logic combined with a standard proof method for that logic may involve a computational overhead and may not necessarily result in a decision procedure for the set of translated formulae. Additionally, standard proof methods for the target logic may not normally include all optimisations and strategies that can be included in a direct method. For example, here we employ ‘hyperresolutionlike’ inferences that avoid the generation of intermediate resolvents and thereby reduce the search space.
We will focus on the resolutionbased methods for \({\textsf {K}}_{n}^{}\) which are presented in [33, 34]. Both calculi are clausal: a formula to be tested for satisfiability is first translated into a normal form, to which a set of inference rules are applied. The inference rules applied to propositional clauses (i.e. those where modal operators do not occur) are basically variants of the binary resolution rule [45]. For dealing with modal clauses, a set of hyperresolution rules [44] are applied to modal and propositional clauses. The main difference between those proof methods resides in their normal form: in [33], for completeness, all clauses are considered for application of the resolution rules; whilst in [34], because clauses are labelled, the resolution rules only need to be applied when the labels of clauses can be unified. Differently from other calculi which use labels for guiding the application of inference rules [3, 5, 10, 11, 54, 55], the labels in the clausal form given in [34] do not refer to worlds, but to the modal layer (i.e. the distance from the root of a model) where a subformula holds.
Both proof methods have been implemented in our prover, Open image in new window [36], a resolutionbased prover for the multimodal logic \({\textsf {K}}_{}^{}\). The structure of the normal form restricts application of the resolution inference rules reducing the search space whilst remaining complete. The prover also uses the set of support strategy [56], a strategy that requires that the set of clauses is partitioned in two sets and, then, restricts that clauses used as premises for resolution inferences are from different sets in this partition. For the modal case, the use of labels relating to modal layer of subformulae allows us to restrict clause selection even further. The prover also incorporates a range of simplification techniques and refinements intended to improve efficiency of the prover. Here, we concentrate on the implementation aspects of those techniques and refinements, further discussing the architecture of the prover, a variety of choices available to the user, and their impact on the efficiency of the prover. The resulting prover outperforms other modal provers for formulae that have a high degree of nesting of modal formulae. This paper extends the work in [35] providing full details of the prover, its main control loop, preprocessing options, notions of redundancy, refinements and strategies. The prover is based on the calculus presented in [34] and its sources are available at [36]. We also provide experimental results comparing Open image in new window with other provers and analysing some of the combinations of refinements and strategies. The results update and extend those in [35] by using more recent versions of the provers involved, presenting additional experimental results and considering the performance of portfolios of provers.
The paper is organised as follows. We introduce the syntax and semantics of \({\textsf {K}}_{n}^{}\) in Sect. 2. In Sects. 3 and 4 we briefly describe the normal form and the calculus. Section 5 describes the available strategies and their implementations. The evaluation of strategies and of the performance of the prover compared to existing tools are given in Sect. 6. We summarise our results and provide conclusions in Sect. 7.
2 Language
Let \(A= \{1, \ldots , n\}\), \(n \in \mathbb {N}\), be a finite fixed set of indexes and \(P= \{p, q, s, t, p', q', \ldots \}\) be a denumerable set of propositional symbols. The set of wellformed formulae, \({\textsf {WFF}}_{{\mathsf{K}}_{}}^{}\), is the least set such that every \(p \in P\) is in \({\textsf {WFF}}_{{\mathsf{K}}_{}}^{}\); if \(\varphi \) and \(\psi \) are in \({\textsf {WFF}}_{{\mathsf{K}}_{}}^{}\), then so are \(\lnot \varphi \), \((\varphi \wedge \psi )\), \((\varphi \vee \psi )\), Open image in new window , and Open image in new window for each \(a\in A\). The formulae \(\mathbf{false}\), \(\mathbf{true}\), \((\varphi \Rightarrow \psi )\), and \((\varphi \Leftrightarrow \psi )\) are introduced as the usual abbreviations for \((\varphi \wedge \lnot \varphi )\),\(\lnot \mathbf{false}\), and \((\lnot \varphi \vee \psi )\), and \(((\varphi \Rightarrow \psi ) \wedge (\psi \Rightarrow \varphi ))\), respectively (where \(\varphi , \psi \in {{\textsf {WFF}}_{{\mathsf{K}}_{}}^{}}\)).
A literal is either a propositional symbol or its negation; the set of literals is denoted by \(L\). We denote by \(\lnot l\) the complement of the literal \(l\in L\), that is, \(\lnot l\) denotes \(\lnot p\) if l is the propositional symbol p, and \(\lnot l\) denotes p if l is the literal \(\lnot p\). A modal literal is either Open image in new window or Open image in new window , where \(l \in L\) and \(a\in A\). The modal depth of a formula is recursively defined as follows:
Definition 1

\(\mathsf {mdepth} (p) = 0\), for \(p \in P\);

\(\mathsf {mdepth} (\lnot \varphi ) = \mathsf {mdepth} (\varphi )\);

\(\mathsf {mdepth} (\varphi \wedge \psi ) = \mathsf {max} (\mathsf {mdepth} (\varphi ),\mathsf {mdepth} (\psi ))\);

\(\mathsf {mdepth} (\varphi \vee \psi ) = \mathsf {max} (\mathsf {mdepth} (\varphi ),\mathsf {mdepth} (\psi ))\);
The modal level of a subformula is given relative to its position in the syntactic tree of its superformula.
Definition 2

\(\tau (p,\lambda ,pol,ml) = \{(p,\lambda ,pol,ml)\}\), for \(p \in P\);

\(\tau (\lnot \varphi , \lambda ,pol,ml) = \{(\lnot \varphi , \lambda ,pol,ml)\} \cup \tau (\varphi , \lambda .1,\mathsf {comp}(pol), ml)\);

\(\tau (\varphi \wedge \varphi ',\lambda ,pol,ml) = \{(\varphi \wedge \varphi ',\lambda ,pol,ml)\} \cup \tau (\varphi ,\lambda .1,pol,ml) \cup \tau (\varphi ',\lambda .2,pol,ml)\);

\(\tau (\varphi \vee \varphi ',\lambda ,pol,ml) = \{(\varphi \vee \varphi ',\lambda ,pol,ml)\} \cup \tau (\varphi ,\lambda .1,pol,ml) \cup \tau (\varphi ',\lambda .2,pol,ml)\).
The function \(\tau \) applied to \((\varphi ,\varepsilon ,+,0)\) returns the annotated syntactic tree for\(\varphi \), where each node is uniquely identified by a subformula, its path order (or its position) in the tree, its polarity, and its modal level.
Definition 3
Let \(\varphi \) be a formula and let \(\tau (\varphi ,\varepsilon ,+,0)\) be its annotated syntactic tree. If \((\varphi ',\lambda ,pol, ml) \in \tau (\varphi ,\varepsilon ,+,0)\), then the modal level of \(\varphi '\) in \(\varphi \) is given by \(\mathsf {mlevel} (\varphi ,\varphi ',\lambda ) = ml\) and the polarity of \(\varphi '\) in \(\varphi \) is given by \(\mathsf {pol} (\varphi ,\varphi ',\lambda ) = pol\).
If \(\mathsf {mlevel} (\varphi ,\varphi ',\lambda )=ml\) we say that \(\varphi '\) at position \(\lambda \) of \(\varphi \) occurs at the modal level ml. For instance, p occurs three times in the formula Open image in new window , at position 1.1.1 at modal level 2; and at positions 1.1.2.1.1.1 and 1.1.2.2.1 at modal level 3. Let \(\varphi '\) be a subformula at position \(\lambda \) of a formula \(\varphi \). If \(\mathsf {pol} (\varphi ,\varphi ',\lambda ) = +\), we say that \(\varphi '\) has positive polarity at \(\lambda \). Similarly, if \(\mathsf {pol} (\varphi ,\varphi ',\lambda ) = \), we say that \(\varphi '\) has negative polarity at \(\lambda \). If for all positions \(\lambda \) at the modal level ml, we have that either \(\mathsf {pol} (\varphi ,\varphi ',\lambda ) = +\) or \(\mathsf {pol} (\varphi ,\varphi ',\lambda ) =\), then \(\varphi '\) is said to be pure at the modal levelml. Finally, if \(\varphi '\) is pure at all modal levels, then \(\varphi '\) is said to be a pure. For example, taking \(\varphi \) to be the formula Open image in new window above, then p occurs only with positive polarity at modal level 2 and with both negative and positive polarity at the modal level 3. Thus, p is pure at the modal level 2, but it is not pure at the modal level 3 (hence, it is not pure when considering the whole formula). A literal l is pure at the modal levelml if is either of the form p or \(\lnot p\) and p is pure at the modal level ml. If a literal l is pure at all modal levels, then we say l is a pure literal.
Modal formulae are interpreted over (rooted) Kripke models:
Definition 4
Definition 5

Open image in new window if, and only if, \(\pi (w)(p)= { true}\), where \(p\in P\);

Open image in new window if, and only if, Open image in new window ;

Open image in new window if, and only if, Open image in new window and Open image in new window ;

Open image in new window if, and only if, Open image in new window or Open image in new window ;

Open image in new window if, and only if, for all \(w'\), \(wR_{a}w'\) implies Open image in new window ;

Open image in new window if, and only if, there is \(w'\) such that \(wR_{a}w'\) and Open image in new window .
Let Open image in new window be a model. A formula \(\varphi \) is locally satisfied in\(M\), denoted by \(M \models _L \varphi \), if Open image in new window . The formula \(\varphi \) is locally satisfiable if there is a model \(M\) such that Open image in new window . A formula \(\varphi \) is globally satisfied in\(M\), denoted by \(M \models _G \varphi \), if for all \(w\in W\), Open image in new window . A formula \(\varphi \) is said to be globally satisfiable if there is a model \(M\) such that \(M\) globally satisfies \(\varphi \). Satisfiability of a set of formulae is defined as usual. Given a set of formulae \({\varGamma }\), a formula \(\varphi \) is locally satisfiable under global assumptions\({\varGamma }\), if there is a model \(M\) such that \(M \models _G {\varGamma }\) and \(M \models _L \varphi \).
A model Open image in new window is treelike if \(\bigcup _{a=1}^{n} R_{a}\) is a tree, i.e. a directed acyclic graph (with root \(w_0\)). As a formula is locally satisfiable if, and only if, it is locally satisfiable in a treelike model [21], from now on we will only consider such a class of models. We denote by \(\mathsf {depth} (w)\) the length of the unique path from \(w_0\) to \(w\) through the union of the accessibility relations in \(M\). We call a modal layer the equivalence class of worlds at the same depth in a model.
We note that checking the local satisfiability of a formula \(\varphi \) can be reduced to the problem of checking the local satisfiability of its subformulae at the modal layer of a model which corresponds to the modal level where those subformulae occur (see [1]). Due to this close correspondence of modal layer and modal level we use the terms interchangeably.
Also, checking the global satisfiability of \(\varphi \) can be reduced to checking the local satisfiability of \(\varphi \) at all modal layers (up to an exponential distance from the root) of a model [14, 50]. The following definitions and results are needed later. Let \({\textsf {K}}_{n}^{*}\) be the extension of \({\textsf {K}}_{n}^{}\) with an additional operator Open image in new window , the universal operator. Let Open image in new window be a treelike model for \({\textsf {K}}_{n}^{}\). The model \(M^{*}\) is the tuple \((W,w_0,R_{1}, \ldots , R_{n},R_{*},\pi )\), where \(R_{*} = W\times W\). A formula Open image in new window is locally satisfied at the world w in the model \(M^{*}\), written Open image in new window , if, and only if, for all \(w' \in W\), we have that Open image in new window . Given these definitions, for \(\varphi \) in \({{{\textsf {WFF}}_{{\mathsf{K}}_{}}^{}}}\), deciding \(M\models _G \varphi \) is equivalent to deciding Open image in new window . Also, deciding if a formula \(\varphi \) is satisfiable under the global assumptions \({\varGamma }=\{\gamma _1,\ldots ,\gamma _m\}\), \(m \in \mathbb {N}\), is equivalent to deciding Open image in new window .
Thus, a uniform approach based on modal levels can be used to deal with all satisfiability problems.
3 Layered Normal Form

\(M^{*}\models ml: \varphi \) if, and only if, for all worlds \(w\in W\) such that \(\mathsf {depth} (w)=ml\), we have \(\langle M^{*}, w\rangle \models \varphi \);

\(M^{*}\models *: \varphi \) if, and only if, Open image in new window .

Literal clause \(ml: \bigvee _{b=1}^{r} l_b\)

Positive \(a\)clause Open image in new window

Negative \(a\)clause Open image in new window
The translation function \(\rho \)
As the conjunction operator is commutative, associative, and idempotent, in the following we often refer to a formula in \({\textsf {SNF}_{{ml}}^{}}\) as a set of clauses. The next lemma shows that the transformation into \({\textsf {SNF}_{{ml}}^{}}\) is satisfiability preserving.
Lemma 1
[34] Let \({\varphi \in {{\textsf {WFF}}_{{\mathsf{K}}_{}}^{}}}\) be a formula and let t be a propositional symbol not occurring in \(\varphi \). Then: (1) \(\varphi \) is locally satisfiable if, and only if, \(0: t \wedge \rho (0: t \Rightarrow \varphi )\) is satisfiable; (2) \(\varphi \) is globally satisfiable if, and only if, \(*: t \wedge \rho (*: t \Rightarrow \varphi )\) is satisfiable.
The proof is standard. For the only if part, if \(\varphi \) is satisfiable, then there is a model Open image in new window that satisfies \(\varphi \). We build a model Open image in new window where the valuation of \(\pi '\) of the new symbols introduced by renaming are set to \({ true}\) exactly at the worlds where the formulae they are replacing are also evaluated to \({ true}\). For the if part, if there is a model \(M\) that satisfies the translation of \(\varphi \), by ignoring the labels and the valuation of the propositional symbols not occurring in \(\varphi \), we show that \(M\) also satisfies \(\varphi \).
The fact that the transformation for formulae under global assumptions is also satisfiability preserving follows easily from Lemma 1.
4 Inference Rules
The calculus comprises a set of inference rules for dealing with propositional and modal reasoning. In the following, we denote by \(\sigma \) the result of unifying the labels in the premises for each rule. Formally, unification is given by the function \(\sigma : 2^{\mathbb {N}\cup \{*\}} \longrightarrow \mathbb {N}\cup \{*\}\), where \(\sigma (\{ml,*\}) = ml\); and \(\sigma (\{ml\}) = ml\); otherwise, \(\sigma \) is undefined. The inference rules given in Table 2 can only be applied if the unification of their labels is defined (where \(* 1 = *\)). Note that for GEN1 and GEN3, if the modal clauses in the premises occur at the modal level ml, then the literal clause in the premises occurs at the next modal level, \(ml+1\).
Definition 6
Let \({\varPhi }\) be a set of clauses in \({\textsf {SNF}_{{ml}}^{}}\). A derivation from\({\varPhi }\) is a sequence of sets \({\varPhi }_0,{\varPhi }_1,\ldots \) where \({\varPhi }_0 = {\varPhi }\) and, for each \(i>0\), \({\varPhi }_{i+1} = {\varPhi }_i \cup \{D\}\), where \(D \not \in {\varPhi }_i\) is the resolvent obtained from \({\varPhi }_i\) by an application of either LRES, MRES, GEN1, GEN2, or GEN3. We also require that D is in simplified form and that D is not a tautology. A set of clauses \({\varPhi }\) is saturated if every clause that is a resolvent obtained from \({\varPhi }\) by an application of either LRES, MRES, GEN1, GEN2, or GEN3 is either a tautology or it is already contained in \({\varPhi }\). A local refutation for\({\varPhi }\) is a derivation \({\varPhi }_0,\ldots ,{\varPhi }_k\), \(k \in \mathbb {N}\), where \(0:\mathbf{false}\in {\varPhi }_k\). A global refutation for\({\varPhi }\) is a derivation \({\varPhi }_0,\ldots ,{\varPhi }_k\), \(k \in \mathbb {N}\), where \(*:\mathbf{false}\in {\varPhi }_k\). A derivation \({\varPhi }_0,\ldots ,{\varPhi }_i\) from \({\varPhi }\) is terminating if it is either a local (resp. global) refutation for \({\varPhi }\) or if there is a \({\varPhi }_i\), \(i \in \mathbb {N}\), such that \({\varPhi }_i\) is saturated.
Inference rules, where \(ml = \sigma (\{ml_1,\ldots ,ml_{m+1},ml_{m+2}1\})\) in GEN1, GEN3, where \(m \ge 0\); \(ml = \sigma (\{ml_1,ml_2\})\) in LRES, MRES; and \(ml = \sigma (\{ml_1,ml_2,ml_3\})\) in GEN2
For the satisfiability problem under global assumptions, a refutation is either a local or a global refutation. The following theorems, taken from [34] where full proofs are given, ensure the calculus is sound, complete and terminating.
Theorem 1
(Soundness [34]) Let \({\varPhi }\) be a set of clauses in \({\textsf {SNF}_{{ml}}^{}}\) and \({\varPhi }_0,\ldots ,{\varPhi }_k\), \(k \in \mathbb {N}\), be a derivation for \({\varPhi }\). If \({\varPhi }\) is satisfiable, then every \({\varPhi }_i\), \(0 \le i \le k\), is satisfiable.
Soundness of the calculus is proved by showing that, for each inference rule, if the premises are satisfiable, so it is the resolvent.
Theorem 2
(Completeness [34]) Let \({\varPhi }\) be an unsatisfiable set of clauses in \({\textsf {SNF}_{{ml}}^{}}\). Then there is a refutation for \({\varPhi }\) by applying the resolution rules given in Table 2.
Completeness is proved by showing that if a set \({\varPhi }\) of clauses in \({\textsf {SNF}_{{ml}}^{}}\) is unsatisfiable, there is a refutation produced by the method presented here. The proof is by induction on the number of nodes of a graph, known as behaviour graph [9], built from \({\varPhi }\). Intuitively, nodes in the graph correspond to worlds and the set of edges correspond to the accessibility relations in a model. The graph construction is similar to the construction of a canonical model, followed by filtrations based on the set of clauses, often used to prove completeness for proof methods in modal logics [6]. We show that deletions of nodes in the graph correspond to application of the inference rules given in Table 2. If the reduced graph is empty, then the set of clauses is unsatisfiable and there is refutation from \({\varPhi }\). If the reduced graph is not empty, then a model witnessing the satisfiability of \({\varPhi }\) can be built from it.
Theorem 3
(Termination [34]) Let \({\varPhi }\) be a set of clauses in \({\textsf {SNF}_{{ml}}^{}}\). Then, any derivation from \({\varPhi }\) terminates.
This result follows from the fact that none of the inference rules generates new literals, new modal literals, or new labels. Hence, there are a finite number of clauses that can be built from the literals and modal literals occurring in \({\varPhi }\).
Inference rules for initial clauses
5 Implementation
Open image in new window is an implementation, written in C, of the calculus described in Sect. 4. The prover was designed to support experimentation with different combinations of refinements of its basic calculus. Refinements and options for (pre)processing the input are coded as independently as possible in order to allow for the easy addition and testing of new features. This might not lead to optimal performance (e.g. some techniques need to be applied consecutively, whereas most tools would apply them concurrently), but it helps to evaluate how the different options independently contribute to achieve efficiency. In its current version, Open image in new window implements local and global reasoning. The implementation of a proof search procedure for local satisfiability under global assumptions is ongoing work.
5.1 Main Processing Cycle
The proof search procedure for local satisfiability implemented in Open image in new window is shown in Fig. 1. The preprocessing steps (Lines 2–4) are explained in Sects. 5.2, 5.3, and 5.4. The main loop (Lines 6–16) is based on the givenclause algorithm implemented in Otter [31], a variation of the set of support strategy [56], a refinement which restricts the set of choices of clauses participating in a derivation step. For the classical case, a set of clauses \({\varDelta }\) is partitioned into two sets \({\varGamma }\) and \({\varLambda }= {\varDelta }{\setminus } {\varGamma }\), where \({\varLambda }\) must be satisfiable for completeness. The set \({\varGamma }\) is the set of support (the sos, aka passive or unprocessed set); and \({\varLambda }\) is called the usable (aka active or processed set). The given clause is chosen from \({\varGamma }\), resolved with clauses in \({\varLambda }\), and moved from \({\varGamma }\) to \({\varLambda }\). Resolvents are added to \({\varGamma }\). For the modal calculus, the set of clauses is further partitioned according to the modal level at which clauses occur. That is, for each modal level ml there are three sets: \({\varGamma }^{lit}_{ml}\), \({\varLambda }^{lit}_{ml}\) and \({\varLambda }^{mod}_{ml}\), where the first two sets contain literal clauses while the latter contains modal clauses. As the calculus does not generate new modal clauses and because the set of modal clauses by itself is satisfiable (as they are implications and the lefthand sides are a single nonnegated proposition), there is no need for a set for unprocessed modal clauses. Attempts to apply an inference rule are guided by the choice, for each modal layer ml, of a literal clause in \({\varGamma }^{lit}_{ml}\), which can be resolved with either a set of modal clauses in \({\varLambda }^{mod}_{ml1}\) or with a literal clause in \({\varLambda }^{lit}_{ml}\).
In more detail, let \({\varGamma }^{lit}\) be the union of all sets of literal clauses (Line 5). A cycle corresponds to one iteration of the outer loop (Lines 6–16). This loop is executed while the set of unprocessed clauses is not empty. In the inner loop (Lines 7–15), for every modal level ml, a literal clause is returned by the function given. The options for selecting the modal level and the literal clause at this level are described in Sects. 5.5 and 5.6. Once a literal clause is selected, it is tested for redundancy (Line 9), i.e. clauses that can be deleted without affecting the satisfiability of the clauseset. The choices for redundancy elimination are presented in Sect. 5.9. If the given clause is not redundant, then it is processed against all usable modal clauses in the previous modal level (Lines 10 and 11) and against all usable literal clauses at the same modal level (Line 12). Note that as no modal clauses are generated during the proof search, the inference rules MRES and GEN2 are applied before the prover enters the main loop. This is discussed further in Sect. 5.4. The refinements that can be used to apply LRES are given in Sect. 5.7. Once the inference rules are applied the chosen clause is moved to the set of processed clauses (Line 13) and removed from the set of unprocessed clauses (Line 14). If the empty clause (0: false) is generated at the modal level 0, then the procedure returns that the set of clauses is unsatisfiable (Line 15). Note that in Fig. 1, only the condition for local reasoning is given. If the prover is set for global satisfiability, then that condition changes to \(*: \mathbf{false}\in {\varGamma }^{lit}\). If the empty clause is not found, the procedure returns that the set of clauses is satisfiable (Line 17).
5.2 Input Processing
The input is read from either a file or from the command line. A configuration file can also be given. In this case, the options given at the command line override those in the configuration file. A input file is a set of declarations (the options for the prover) followed by sets of modal formulae or clauses. The user can also specify the sets of formulae and clauses as either processed (usable) or unprocessed (sos).
The tokeniser and the parser were built with Flex [12] and Bison [13], which are both free, open source software and easily available. The input language of Open image in new window is LR(2) which can be handled by Bison with options for generating a generic parser. Relying on generators for the lexer and the parser might not lead to the most efficient implementation of the automata which recognise the given language. However, changes in the grammar require very little effort to be implemented, making this part of the code easier to maintain.
The outputs of the parser are a doublelinked annotated abstract tree and a symbol table. In the annotated tree, a number is assigned to every node in order to avoid unnecessary transversal of the tree while performing simplification. The assigned number may not be unique^{1}, but two formulae are checked for repetition, for instance, only if they are assigned the same number. Conjunctions are treated as nary operators and nested conjunctions are flattened. The operands of conjunctions are ordered: first come Boolean constants, second propositional symbols, third compound propositional formulae, and fourth modal formulae. The same applies to disjunctions. The symbol table contains information about the propositional symbols, constants, and modal operators occurring in the formula: their type, id, number of occurrences, number of positive and negative occurrences (both globally and by modal level). A double level hash table contains the locations of the positions of propositional symbols and constants in the tree: the first level corresponds to the modal level at which they occur and the second level to the addresses themselves, so that bookkeeping the deletions in the tree can be done fast (typically, in constant time).
As the parsing is bottomup, as usual for LR grammars, linearisation (i.e. the removal of doubleimplications) and the calculation of polarity requires at least another pass in the tree. This extra transversal of the tree is only done in case there is any doubleimplication occurring in the input formula or if the option for (modal level) pure literal elimination is set. Modal level pure literal elimination consists of replacing every propositional symbol p which is pure at a modal level ml by a constant. If p occurs only with positive polarity at ml, then p is replaced by \(\mathbf{true}\); if it occurs only with negative polarity, then p is replaced by \(\mathbf{false}\).
If the input is a set of formulae, depending on the options given by the user, the formulae are first transformed into their Negation Normal Form (NNF) or into Box Normal Form (BNF) [39]. The translation into BNF also removes the Open image in new window operator. Thus, the Open image in new window operator is also allowed in the scope of negations. More precisely, the translation into BNF differs from the NNF just in one case. When transforming a formula as Open image in new window into NNF, the result is Open image in new window ; the transformation of the same formula into BNF results in Open image in new window . For example, the formula Open image in new window is transformed into Open image in new window , which is easier to check for simplification than checking the resulting NNF which is Open image in new window .
Then transformation into prenex (option prenex) or antiprenex normal form (option antiprenex) or one after the other can be applied. The definitions of those normal forms are given in [32]. Basically, the prenex normal form corresponds to pushing the modal operators occurring in a formula \(\varphi \) as far as possible outwards the formula in order to obtain \(\varphi '\) which is equivalent to \(\varphi \). For instance, the prenex normal form of Open image in new window is Open image in new window . Similarly, the antiprenex normal form corresponds to pushing the modal operators occurring in \(\varphi \) as far as possible inwards the formula in order to produce \(\varphi '\) equivalent to \(\varphi \). For instance, the antiprenex normal form of Open image in new window is Open image in new window .
Simplification rules
5.3 Transformation to Normal Form
By default, formulae are transformed into \({\textsf {SNF}_{{ml}}^{}}\). There are four different options that determine the normal form. Two of those options are used for transforming a set of clauses into \({\textsf {SNF}_{{ml}}^{+}}\) and into \({\textsf {SNF}_{{ml}}^{++}}\), as described in Sect. 3. The two other options are used for transforming a set of clauses into \({\textsf {SNF}_{{ml}}^{}}\) and \({\textsf {SNF}_{{ml}}^{}}\), which are defined analogously to \({\textsf {SNF}_{{ml}}^{+}}\) and \({\textsf {SNF}_{{ml}}^{++}}\), but where literals in the scope of modal operators are renamed by new negative literals.
The transformation into any of those normal forms requires renaming [41]. All renaming is performed bottomup and it uses an auxiliary hash table based on the number assigned to the formulae in the tree structure and the modal level at which the formula occurs. A bottomup renaming might not be optimal with regard to the number of generated clauses for linear formulae (those where biimplications do not occur and subformulae are not repeated) [7]. An alternative would be topdown renaming. However, for formulae which are not linear, topdown renaming cannot ensure that the number of generated clauses is smaller than that obtained with bottomup renaming. A future version of Open image in new window will implement small normal forms [37], but at the moment only four different forms of renaming are available. With the option normal_renaming, every subformula is renamed by a new propositional symbol. With option limited_reuse_renaming, the same new propositional symbol is used for all occurrences of the same subformula being renamed at a particular modal level. Yet another option, extensive_reuse_renaming, also uses the same propositional symbol for all occurrences of the same subformula being renamed; in addition, if a formula \(\varphi \) was renamed by a new propositional symbol t, then the NNF of \(\lnot \varphi \) is renamed by \(\lnot t\). With the option conjunct_renaming, modal subformulae that occur in conjunctions are renamed, instead of applying the usual rewriting rule. When applied together, conjunct_renaming and either limited_reuse_renaming or extensive_reuse_renaming might lead to a smaller set of clauses. For instance, Open image in new window is transformed into Open image in new window .
The set of clauses resulting from the transformation into the normal form is stored in a trielike structure (implemented as multilevel hash tables), according to the set they belong to (usable, sos), their type (initial, literal, modal positive, modal negative), their modal level, the index of the modal operator (in the case of modal clauses), their maximal literal, and their size (in the case of initial and literal clauses). Clauses are implemented as simplified, ordered lists of literals. Also, for every propositional symbol, a list of clauses by modal level is kept in the symbol table. The trie structure helps to make the implementation of clause and literal selection efficient, to reduce the number of clauses being checked during redundancy tests (repetition and subsumption), and also to reduce the number of misses during the construction of the set of candidate clauses to which a particular resolution rule is applied. The list of clauses kept in the symbol table allows for efficiently finding the clauses to be processed during the application of unit resolution (options unit and lhs_unit) and pure literal elimination (option ple, which is applied if the literal is pure in the whole set of clauses; or option mlple, which is applied if the literal is pure at a modal level).
5.4 Preprocessing of Clauses
The preprocessing of clauses comprises several tasks which may be set by the user. By default, we prevent duplicate clauses to be stored in the trielike structure that we use to maintain the set of clauses, but only duplicates in the set they are stored are checked. For instance, if a clause is to be stored in \({\varGamma }_{ml}^{lit}\), then we only check this particular set for a duplicate. With option check_full_repeated, repetition of clauses is checked against all sets of clauses at the same modal level.
If the set of modal clauses at the modal level ml does not contain a negative modal clause, than all positive modal clauses at that modal level and all clauses (modal and literal) with modal level greater than ml can be deleted. This is justified by the fact that a world \(w\) satisfies Open image in new window , for a literal l and index \(a\), if there is no world \(w'\) such that \((w,w') \in R_{a}\). Thus, we can take the empty relation for all worlds at the level ml, which satisfy all positive modal clauses. As the worlds at greater modal levels are no longer accessible, the sets of clauses corresponding to those levels can also be deleted. The option for this simplification is mle.
As no modal clauses are generated during the proof search, the inference rules MRES and GEN2 are also exhaustively applied at this step, that is, before the prover enters the main loop. We note that the transformation into \({\textsf {SNF}_{{ml}}^{+}}\), \({\textsf {SNF}_{{ml}}^{++}}\), \({\textsf {SNF}_{{ml}}^{}}\), or \({\textsf {SNF}_{{ml}}^{}}\) is performed after the preprocessing of clauses. If any of those four options related to the transformation into the normal form are set by the user, then all literals in the scope of modal operators will have the same polarity. Therefore, the inference rules MRES and GEN2 are not applicable and will be blocked. However, as those inference rules produce very short resolvents, which can be particularly useful to reduce the number of clauses if subsumption is also set, the user can force those inference rules to be applied even when they are not needed for completeness, by setting the options mres and gen2.
If forward and/or backward subsumption [29] are set, then selfsubsumption is also applied at this point. Forward and backward subsumption are performed in lazy mode and only against the usable (see Sect. 5.9). However, for selfsubsumption, clauses are tested against all sets, irrespective of where they are stored.
By default, the usable sets \({\varLambda }^{lit}_{ml}\) of literal clauses are empty (unless those sets are given as input). However, the user has the choice of automatically populating those usable sets with literal clauses. There are six options: populate_non_negative moves literal clauses which are not negative from \({\varGamma }^{lit}_{ml}\) to \({\varLambda }^{lit}_{ml}\); populate_non_positive moves clauses which are not positive from \({\varGamma }^{lit}_{ml}\) to \({\varLambda }^{lit}_{ml}\); populate_negative moves negative literal clauses from \({\varGamma }^{lit}_{ml}\) to \({\varLambda }^{lit}_{ml}\); populate_positive moves positive literal clauses from \({\varGamma }^{lit}_{ml}\) to \({\varLambda }^{lit}_{ml}\); populate_max_lit_negative moves literal clauses whose maximal literal is negative from \({\varGamma }^{lit}_{ml}\) to \({\varLambda }^{lit}_{ml}\); and the option populate_max_lit_positive moves literal clauses whose maximal literal is positive from \({\varGamma }^{lit}_{ml}\) to \({\varLambda }^{lit}_{ml}\).
We note that populating the usable sets must be done with some care, as some combinations of the set of support and other refinements are not complete. For instance, using ordered resolution as a refinement, consider the set \({\varDelta }=\{0: p \vee q, 0: p \vee \lnot q, 0: \lnot p \vee q, 0: \lnot p \vee \lnot q\}\), which is unsatisfiable, and let \(p \succ q\) be the ordering over the propositional symbols. Using the option populate_non_negative, we obtain \({\varLambda }_0^{lit} = \{0: p \vee q, 0: p \vee \lnot q, 0: \lnot p \vee q\}\), which is satisfiable, and \({\varGamma }_0^{lit} = \{0:\lnot p \vee \lnot q\}\). In the first cycle, there is only one clause to choose, \(\lnot p\) is the maximal literal, and the only nonredundant generated resolvent is \(0:\lnot q\), which is added to \({\varGamma }_0^{lit}\). Now, as \(0:\lnot p \vee \lnot q\) is moved to the set of usable clauses, \(0:\lnot q\) is the only clause that can be chosen in the sos. However, there is no clause in \({\varLambda }_0^{lit}\) where q is the maximal literal. Thus, no inference steps can be applied, and the procedure would output the set as satisfiable. In contrast, using the options populate_non_negative with negative resolution or populate_max_lit_positive with either negative or ordered resolution are safe choices.
5.5 Controlling the Inner Loop
The inner loop executed during the proof search (Lines 7–15) iterates over the modal levels in the set of literal clauses. As mentioned before, each set \({\varGamma }_{ml}^{lit}\) is implemented as multilevel hash tables, where the modal level is one of the keys. By default, these sets are scanned by following the order of the entries in the hash table. However, the user can set different orderings. With option ordlevel_ascend, the for loop iterates in ascending order of modal levels, that is, from \(ml=0\) to the maximal modal level; and with option ordlevel_descend, the modal levels are scanned from the maximal modal level down to \(ml=0\). With option ordlevel_shuffle, the list of modal levels is partitioned in half and the two lists are merged, just before entering the inner loop; the modal levels are then scanned in the resulting order. Preliminary evaluation of these features, checked over the LWB benchmarks [25], shows that the default performs better. However, we have not performed an extensive evaluation yet.
5.6 Clause Selection
Besides the set of support strategy, which restricts clause selection to those in the sos, there are five different heuristics for choosing a literal clause as the given clause at a modal level within each cycle. With option shortest, the clause with the smallest size at that particular modal level is chosen. With option newest, clause selection simulates a stack (last in, first out). With option oldest, clause selection simulates a queue (first in, first out). With option smallest (resp. greatest), the given clause is the shortest clause with the smallest (resp. greatest) maximal literal in the set.
5.7 Refinements
Besides the implemented restrictions on clause selection, the user can further restrict LRES by choosing options ordered (clauses can only be resolved on their maximal literals with respect to an ordering chosen by the prover in such a way to preserve completeness), negative (one of the premises is a negative clause, i.e. a clause where all literals are of the form \(\lnot p\) for some \(p \in P\)), positive (one of the premises is a positive clause), or negord, where both negative and ordered resolution inferences are performed.
The completeness of some of these refinements depends on the particular normal form chosen. For instance, negative resolution is incomplete without \({\textsf {SNF}_{{ml}}^{+}}\) or \({\textsf {SNF}_{{ml}}^{++}}\). For example, the set Open image in new window is locally unsatisfiable, but as there is no negative literal clause in the set, no refutation can be found with negative resolution. By renaming \(\lnot q\) with t in the scope of Open image in new window , we obtain the set Open image in new window in \({\textsf {SNF}_{{ml}}^{+}}\), from which a refutation using negative resolution can be found. Similarly, ordered resolution requires \({\textsf {SNF}_{{ml}}^{++}}\) for completeness, while positive resolution requires \({\textsf {SNF}_{{ml}}^{}}\) or \({\textsf {SNF}_{{ml}}^{}}\).
5.8 Inference Rules
Clearly, UNIT, UNITGEN1, UNITGEN3 are special cases of the inference rules LRES, GEN1, and GEN3, respectively. Their implementation, however, is different, as the set of candidates to resolve with the unit clause \(ml: \lnot l\) is built from the list of clauses stored in the symbol table instead of using the trielike structure for clauses. Subsumption, if set, is also immediately applied. By default, redundancy is only checked when a clause is chosen, but for those unit resolution rules the premises \(ml_1: l_1 \vee \ldots \vee l_m \vee l\) in UNIT and Open image in new window in UNITGEN1 are deleted from the set of clauses as soon as subsuming resolvents are generated.
Again, if the modal clauses in the premises are subsumed by the resolvents in those inference rules, they are immediately deleted from the clause set. The rules LHSUNIT1 and LHSUNIT2 are not needed for completeness. However, exhaustive application of the two rules together with subsumption and the usual unit resolution removes all occurrences of the literal \(\lnot l\) at the modal level ml; thus, if the options for pure literal elimination are set, more clauses can be removed from the clause set.
The inference rules shown in Table 3 are set with the option ires, which together with the global option, implements initial resolution and, therefore, the calculus given in [33]. The inference rules IRES1 and IRES2 are, by default, applied after the main loop described in Fig. 1. For an unsatisfiable set of clauses, if the literal clauses are not by themselves unsatisfiable, this means that a proof can only be found after the set of literal clauses is saturated, which might be very time consuming. With option interires, initial and literal resolution are interleaved, that is, IRES1 and IRES2 are applied within the main loop given in Fig. 1, which may shorten the time to finding a proof.
5.9 Redundancy Elimination
Pure literal elimination can be applied globally (option ple) or by modal level (option mlple). For modal level pure literal elimination, if a literal l is pure at a modal level ml, then the literal can be set to \(\mathbf{true}\) at that level. This means that any literal clause at the modal level ml in which l occurs can be deleted. If l occurs in the scope of Open image in new window on the righthand side of a positive modal clause, then the positive modal clause can also be deleted (because Open image in new window is a tautology). If l occurs in the scope of Open image in new window on the righthand side of a positive modal clause Open image in new window , then the clause Open image in new window is deleted and the clause Open image in new window is generated. Because Open image in new window is not a tautology, the newly generated clause is kept in the set of clauses. As the number of literal occurrences is stored in the symbol table, at the implementation level, the procedure for modal level pure literal elimination consists of scanning the information related to all propositional symbols p and deleting the list of clauses at a particular modal level ml if the number of either positive or negative occurrences of p at the modal level ml is zero. For pure literal elimination, the procedure is similar.
 1.
\(\sigma (\{ml,ml'\})\) is defined;
 2.
the size of ml : C is greater or equal the size of \(ml':D\);
 3.
the maximal literal in ml : C is less or equal the maximal literal in \(ml':D\);
 4.
the minimal literal in ml : C is greater or equal the minimal literal in \(ml':D\).
The user can force subsumption checking in the whole set of clauses by setting the option sos_sub.
6 Evaluation
We have compared Open image in new window 0.1.2 with the provers BDDTab [15, 38], FaCT++ 1.6.3 [51, 52], InKreSAT 1.0 [26, 27], Spartacus 1.1.3 [16, 17], and a combination of the optimised functional translation [23] with Vampire 4.2.2 [28, 53]^{2}. In this context, FaCT++ represents the previous generation of reasoners while the remaining systems have all been developed in recent years. Unless stated otherwise, the reasoners were used with their default options.
 1.
The complete set of TANCS2000 modalised random QBF (MQBF) formulae [30] complemented by the additional MQBF formulae provided by Kaminski and Tebbi [27]. This collection consists of five classes, called qbf, qbfL, qbfS, qbfML, and qbfMS in the following, with a total of 1016 formulae, of which 617 are known to be satisfiable and 399 are known to be unsatisfiable (due to at least one of the provers being able to solve the formula). The minimum modal depth of formulae in this collection is 19, the maximum 225, average 69.2 with a standard deviation of 47.5.
 2.
LWB basic modal logic benchmark formulae [4], with 56 formulae chosen from each of the 18 parameterised classes. In most previous uses of these benchmark classes, only parameter values 1 to 21 were used for each class, resulting in 378 benchmark formulae with a median size of a benchmark formula of 1072.5 and a maximum size of 24,972. For such low parameter values, most benchmark formulae were easily solvable by stateofthe art provers. To overcome this problem we have instead chosen the 56 parameter values so that only the best current provers, if any at all, will be able to solve all the formulae within a time limit of 1000 CPU second. The median value of the maximal parameter value used for the 18 classes is 1880, far beyond what has ever been tested before. The median size of benchmark formulae is 342,077.5 and the maximum size is 288,072,146. Of the 1008 formulae, half are satisfiable and half are unsatisfiable by construction of the benchmark classes. The minimum modal depth of formulae in this collection is 1, the maximum 30,004, average 1065.7 with a standard deviation of 2670.1.
 3.
Randomly generated 3CNF\(_K\) formulae [40] over 3 to 10 propositional symbols with modal depth 1 or 2. We have chosen formulae from each of the 11 parameter settings given in the table on page 372 of [40]. For the number of conjuncts we have focused on a range around the critical region where about half of the generated formulae are satisfiable and half are unsatisfiable. The resulting collection contains 1000 formulae, of which 457 are known to be satisfiable and 464 are known to be unsatisfiable. Note that this collection is quite distinct to the one used in [27] which consisted of 135 3CNF\(_K\) formulae over 3 propositional symbols with modal depth 2, 4 or 6, all of which were satisfiable. The minimum modal depth of formulae in this collection is 1, the maximum 2, average 1.8 with a standard deviation of 0.4.
Benchmarking was performed on PCs with an Intel i72600 CPU @3.40 GHz and 16 GB main memory. For each formula and each prover we have determined the median run time over five runs with a time limit of 1000 CPU seconds for each run.
Detailed evaluation results on the LWB benchmark
BDDTab  FaCT++  InKreSAT  Open image in new window (ordered)  Spartacus  OFT +Vampire  

branch_n  22  22  12  12  15  15  18  18  12  12  3 6  42 
branch_p  22  22  12  12  22  22  24  24  14  14  3 5  40 
d4_n  20  440  6  40  34  5 3  1760  31  880  14  200  
d4_p  26  640  24  600  18  360  5 6  1880  35  1040  21  960 
dum_n  39  2400  42  2640  23  1120  5 2  3440  49  3200  16  560 
dum_p  42  2640  38  2320  28  1520  52  3440  52  3440  19  800 
grz_n  35  2600  27  1800  50  4500  5  50  5 1  5000  20  1100 
grz_p  35  2600  27  1800  5 1  5000  29  2000  49  4000  26  1700 
lin_n  46  4000  43  3400  33  2500  1  10  34  2500  4 0  3100 
lin_p  14  500  28  \(\textit{1}\times \textit{10}^{\textit{5}}\)  5 6  \(\textit{5}\times \textit{10}^{\textit{5}}\)  24  6000  55  \(\textit{4}\times \textit{10}^{\textit{5}}\)  28  \(\textit{1}\times \textit{10}^{\textit{5}}\) 
path_n  37  290  48  400  7  14  5 6  1200  48  400  42  340 
path_p  35  270  48  400  5  12  5 6  1200  48  400  42  340 
ph_n  10  10  8  16  2 4  90  3  6  22  80  13  35 
ph_p  1 1  11  9  8  10  10  5  5  9  9  10  10 
poly_n  39  600  34  500  30  33  480  4 7  760  18  180  
poly_p  38  580  34  500  28  400  33  480  4 7  760  17  160 
t4p_n  40  3500  24  1500  17  800  41  4000  4 6  6500  10  100 
t4p_p  48  7500  49  8000  28  54  13000  54  13000  12  300 
On the LWB collection Open image in new window performs slightly better than the other provers with Spartacus being the second best system and the combination of the optimised functional translation with Vampire (OFT + Vampire) performing worst. Table 5 provides more detailed results. For each prover it shows in the left column how many of the 56 formulae in a class have been solved and in the right column the parameter value of the most difficult formula solved. For InKreSAT we are not reporting this parameter value for three classes on which the prover’s runtime does not increase monotonically with the parameter value but fluctuates instead. As indicated in bold in the table, BDDTab is the best performing prover on one class, InKreSAT on three, OFT + Vampire on three, Spartacus on four, and Open image in new window on five classes; Open image in new window and Spartacus are joint best on a further two classes. A characteristic of the classes on which Open image in new window performs best is again that atomic subformulae are evenly spread over a wide range of modal levels.
It is worth pointing out that simplification alone is sufficient to detect that formulae in lin_p are unsatisfiable. For grz_p, pure literal elimination can be used to reduce all formulae in this class to the same simple formula; the same is true for grz_n and lin_n. Thus, these classes are tests of how effectively and efficiently, if at all, a prover uses these techniques.
On the \(\hbox {3CNF}_{{K}}\) collection, InKreSAT is the best performing prover and Open image in new window the worst performing one. This should now not come as a surprise. For 3CNF\(_K\) we specifically restricted ourselves to formulae with low modal depth which in turn means that the layered normal form has little positive effect.
Use of each prover by an Oracle Solver
BDDTab  FaCT++  InKreSAT  Spartacus  OFT + Vampire  Unsolved  

674  111  912  849  748  57  227 
7 Conclusions
We have presented the clausal resolution prover Open image in new window for both local and global reasoning for the multimodal propositional modal logic, \({\textsf {K}}_{n}^{}\). This is based on a complete calculus where resolution inferences are restricted to clauses at the same modal level. This paper focuses on the implemented prover providing full details of the input processing, normal forms, clause preprocessing, the main control loop including proof search strategies and clause selection, refinements via variants of ordered resolution, inference rules and dealing with redundant clauses. We carried out an experimental evaluation with the prover comparing Open image in new window with other provers and also analysing some of these combinations. The evaluation shows that Open image in new window works well on problems with high modal depth where the separation of modal layers can be exploited to improve the efficiency of reasoning.
As with all provers that provide a variety of strategies and optimisations, to get the best performance for a particular formula or class of formulae it is important to choose the right strategy and optimisations. Open image in new window currently leaves that choice to the user. The development of an auto mode in which the prover makes a choice of its own, based on an analysis of the given formula, is future work.
The same applies to the transformation to the layered normal form. Again, Open image in new window offers a number of ways in which this can be done as well as a number of simplifications that can be applied during the process. It is clear that this affects the performance of the prover, but we have yet to investigate the effects on the benchmark collections introduced in this paper.
Footnotes
Notes
References
 1.Areces, C., Gennari, R., Heguiabehere, J., de Rijke, M.: Treebased heuristics in modal theorem proving. In: W. Horn (ed.) ECAI 2000, pp. 199–203. IOS Press, Amsterdam (2000)Google Scholar
 2.Areces, C., Heguiabehere, J.: Hylores 1.0: Direct resolution for hybrid logics. In: A. Voronkov (ed.) CADE 2002, LNCS, vol. 2392, pp. 156–160. Springer, Berlin (2002)Google Scholar
 3.Balbiani, P., Demri, S.: Prefixed tableaux systems for modal logics with enriched languages. In: M.E. Pollack (ed.) IJCAI 1997, pp. 190–195. Morgan Kaufmann, Los Altos (1997)Google Scholar
 4.Balsiger, P., Heuerding, A., Schwendimann, S.: A benchmark method for the propositional modal logics K, KT, S4. J. Automat. Reason. 24(3), 297–317 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
 5.Basin, D., Matthews, S., Vigano, L.: Labelled propositional modal logics: theory and practice. J. Logic Comput. 7(6), 685–717 (1997)MathSciNetCrossRefzbMATHGoogle Scholar
 6.Blackburn, P., de Rijke, M., Venema, Y.: Modal Logic. Cambridge University Press, Cambridge (2001)CrossRefzbMATHGoogle Scholar
 7.de la Tour, T.B.: An optimality result for clause form translation. J. Symb. Comput. 14(4), 283–301 (1992)MathSciNetCrossRefzbMATHGoogle Scholar
 8.Fagin, R., Halpern, J.Y., Moses, Y., Vardi, M.Y.: Reasoning About Knowledge. MIT Press, Cambridge (1995)zbMATHGoogle Scholar
 9.Fisher, M., Dixon, C., Peim, M.: Clausal temporal resolution. ACM Trans. Comput. Logic 2(1), 12–56 (2001)MathSciNetCrossRefzbMATHGoogle Scholar
 10.Fitting, M.: Prefixed tableaus and nested sequents. Ann. Pure Appl. Logic 163(3), 291–313 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
 11.Fitting, M., Mendelsohn, R.L.: FirstOrder Modal Logic. Kluwer, Dordrecht (1998)CrossRefzbMATHGoogle Scholar
 12.Flex: The fast lexical analyzer generator. http://github.com/westes/flex (2017). Accessed 6 Dec 2018
 13.GNU Bison: The yacccompatible parser generator. http://www.gnu.org/software/bison/ (2017). Accessed 6 Dec 2018
 14.Goranko, V., Passy, S.: Using the universal modality: gains and questions. J. Logic Comput. 2(1), 5–30 (1992)MathSciNetCrossRefzbMATHGoogle Scholar
 15.Goré, R., Olesen, K., Thomson, J.: Implementing tableau calculi using BDDs: BDDTab system description. In: S. Demri, D. Kapur, C. Weidenbach (eds.) IJCAR 2014, LNCS, vol. 8562, pp. 337–343. Springer, Berlin(2014)Google Scholar
 16.Götzmann, D., Kaminski, M.: Spartacus: sources and benchmarks. Saarland University, Saarbrücken, Germany. http://www.ps.unisaarland.de/spartacus/. Accessed 6 Dec 2018
 17.Götzmann, D., Kaminski, M., Smolka, G.: Spartacus: a tableau prover for hybrid logic. Electron. Notes Theor. Comput. Sci. 262, 127–139 (2010)MathSciNetCrossRefGoogle Scholar
 18.Hailpern, B.T.: Verifying Concurrent Processes Using Temporal Logic. LNCS, vol. 129. Springer, Berlin (1982)zbMATHGoogle Scholar
 19.Halpern, J.Y.: Using reasoning about knowledge to analyze distributed systems. Ann. Rev. Comput. Sci. 2, 37–68 (1987)MathSciNetCrossRefGoogle Scholar
 20.Halpern, J.Y., Manna, Z., Moszkowski, B.: A hardware semantics based on temporal intervals. In: J. Díaz (ed.) ICALP 1983, LNCS, vol. 154, pp. 278–291. Springer, Berlin (1983)Google Scholar
 21.Halpern, J.Y., Moses, Y.: A guide to completeness and complexity for modal logics of knowledge and belief. Artif. Intell. 54(3), 319–379 (1992)MathSciNetCrossRefzbMATHGoogle Scholar
 22.Hayes, P.J., Kowalski, R.A.: Semantic trees in automatic theorem proving. In: Meltzer, B., Michie, D. (eds.) Machine Intelligence, vol. 4, pp. 87–101. Elsevier, Amsterdam (1969)Google Scholar
 23.Horrocks, I.R., Hustadt, U., Sattler, U., Schmidt, R.: Computational modal logic. In: Blackburn, P., van Benthem, J., Wolter, F. (eds.) Handbook of Modal Logic, pp. 181–245. Elsevier, Amsterdam (2006)Google Scholar
 24.Hustadt, U., Schmidt, R.A.: MSPASS: modal reasoning by translation and firstorder resolution. In: R. Dyckhoff (ed.) TABLEAUX 2000, LNCS, vol. 1847, pp. 67–71. Springer, Berlin (2000)Google Scholar
 25.Jaeger, G., Balsiger, P., Heuerding, A., Schwendimann, S., Bianchi, M., Guggisberg, K., Janssen, G., Heinle, W., Achermann, F., Boroumand, A.D., Brambilla, P., Bucher, I., Zimmermann, H.: LWB: the logics workbench 1.1. University of Berne, Switzerland. http://home.inf.unibe.ch/~lwb/benchmarks/benchmarks.html. Accessed 6 Dec 2018
 26.Kaminski, M., Tebbi, T.: InKreSAT: sources and benchmarks. Saarland University, Germany. http://www.ps.unisaarland.de/~kaminski/inkresat/. Accessed 6 Dec 2018
 27.Kaminski, M., Tebbi, T.: InKreSAT: modal reasoning via incremental reduction to SAT. In: CADE 2013, LNCS, vol. 7898, pp. 436–442. Springer, Berlin (2013)Google Scholar
 28.Kovács, L., Voronkov, A.: Firstorder theorem proving and Vampire. In: N. Sharygina, H. Veith (eds.) CAV 2013, LNCS, vol. 8044, pp. 1–35. Springer, Berlin (2013)Google Scholar
 29.Lee, R.C.T.: A completeness theorem and computer program for finding theorems derivable from given axioms. Ph.D. thesis, University of California, Berkeley, USA (1967)Google Scholar
 30.Massacci, F., Donini, F.M.: Design and results of TANCS2000 nonclassical (modal) systems comparison. In: R. Dyckhoff (ed.) TABLEAUX 2000, LNCS, vol. 1847, pp. 52–56. Springer, Berlin (2000)Google Scholar
 31.McCune, W.W.: OTTER 3.0 reference manual and guide. Technical report ANL94/6, Argonne National Lab, Lemont, IL, USA (1994). http://www.osti.gov/servlets/purl/101290526WVVjK/native/. Accessed 6 Dec 2018
 32.Nalon, C., Dixon, C.: Antiprenexing and prenexing for modal logics. In: M. Fisher, W. van der Hoek, B. Konev, A. Lisitsa (eds.) JELIA 2006, LNCS, vol. 4160, pp. 333–345. Springer, Berlin (2006)Google Scholar
 33.Nalon, C., Dixon, C.: Clausal resolution for normal modal logics. J. Algorithms 62, 117–134 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
 34.Nalon, C., Hustadt, U., Dixon, C.: A modallayered resolution calculus for K. In: H. de Nivelle (ed.) TABLEAUX 2015, LNCS, vol. 9323, pp. 185–200. Springer, Berlin (2015)Google Scholar
 35.Nalon, C., Hustadt, U., Dixon, C.: Open image in new window : A resolutionbased prover for multimodal K. In: N. Olivetti, A. Tiwari (eds.) IJCAR 2016, LNCS, vol. 9706, pp. 406–415. Springer, Berlin (2016)Google Scholar
 36.Nalon, C., Hustadt, U., Dixon, C.: Open image in new window : sources and benchmarks. University of Brasília, Brazil (2018). http://www.cic.unb.br/~nalon/#software. Accessed 6 Dec 2018
 37.Nonnengart, A., Weidenbach, C.: Computing small clause normal forms. In: Robinson, A., Voronkov, A. (eds.) Handbook of Automated Reasoning, vol. 1, pp. 335–367. Elsevier, Amsterdam (2001)CrossRefGoogle Scholar
 38.Olesen, K.: BDDTab: sources and benchmarks. Australian National University, Canberra, Australia. http://users.cecs.anu.edu.au/~rpg/BDDTab/. Accessed 6 Dec 2018
 39.Pan, G., Sattler, U., Vardi, M.Y.: BDDbased decision procedures for the modal logic K. J. Appl. Non Class. Logics 16(1–2), 169–208 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
 40.PatelSchneider, P.F., Sebastiani, R.: A new general method to generate random modal formulae for testing decision procedures. J. Artif. Intell. Res. (JAIR) 18, 351–389 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
 41.Plaisted, D.A., Greenbaum, S.: A structurepreserving clause form translation. J. Symb. Comput. 2(3), 293–304 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
 42.Pratt, V.R.: Application of modal logic to programming. Stud. Log. 39(2/3), 257–274 (1980)MathSciNetCrossRefzbMATHGoogle Scholar
 43.Rao, A.S., Georgeff, M.P.: Modeling rational agents within a BDIarchitecture. In: R. Fikes, E. Sandewall (eds.) KR 1991, pp. 473–484. Morgan Kaufmann, Los Altos (1991)Google Scholar
 44.Robinson, J.A.: Automatic deduction with hyperresolution. Int. J. Comput. Math. 1, 227–234 (1965)MathSciNetzbMATHGoogle Scholar
 45.Robinson, J.A.: A machineoriented logic based on the resolution principle. J. ACM 12(1), 23–41 (1965)MathSciNetCrossRefzbMATHGoogle Scholar
 46.Schild, K.: A correspondence theory for terminological logics. In: J. Mylopoulos, R. Reiter (eds.) IJCAI 1991, pp. 466–471. Morgan Kaufmann, Los Altos (1991)Google Scholar
 47.Schulz, S.: Simple and efficient clause subsumption with feature vector indexing. In: Bonacina, M.P., Stickel, M.E. (eds.) Automated Reasoning and Mathematics: Essays in Honour of William W. McCune. LNCS, vol. 7788, pp. 45–67. Springer, Berlin (2013)CrossRefGoogle Scholar
 48.Schuppan, V., Darmawan, L.: Evaluating LTL satisfiability solvers. In: T. Bultan, P.A. Hsiung (eds.) ATVA 2011, LNCS, vol. 6996, pp. 397–413. Springer, Berlin (2011)Google Scholar
 49.Sebastiani, R., Vescovi, M.: Automated reasoning in modal and description logics via SAT encoding: the case study of K(m)/ALCsatisfiability. J. Artif. Intell. Res. 35(1), 343–389 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
 50.Spaan, E.: Complexity of modal logics. Ph.D. thesis, University of Amsterdam, The Netherlands (1993)Google Scholar
 51.Tsarkov, D.: FaCT++: sources. https://github.com/ethzasl/libfactplusplus. Accessed 6 Dec 2018
 52.Tsarkov, D., Horrocks, I.: FaCT++ description logic reasoner: system description. In: U. Furbach, N. Shankar (eds.) IJCAR 2006, LNCS, vol. 4130, pp. 292–297. Springer, Berlin (2006)Google Scholar
 53.Voronkov, A., Kovács, L., Reger, G., Suda, M., Kotelnikov, E., Robillard, S., Gleiss, B., Rawson, M., Bhayat, A., Riener, M.: Vampire. https://vprover.github.io/. Accessed 6 Dec 2018
 54.Waaler, A.: Connections in nonclassical logics. In: Robinson, J.A., Voronkov, A. (eds.) Handbook of Automated Reasoning, pp. 1487–1578. Elsevier, Amsterdam (2001)CrossRefGoogle Scholar
 55.Wallen, L.A.: Automated Deduction in Nonclassical Logics. MIT Press, Cambridge (1990)zbMATHGoogle Scholar
 56.Wos, L., Robinson, G.A., Carson, D.F.: Efficiency and completeness of the set of support strategy in theorem proving. J. ACM 12, 536–541 (1965)MathSciNetCrossRefzbMATHGoogle Scholar
Copyright information
OpenAccessThis article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.