LTLf satisfiability checking

We consider here Linear Temporal Logic (LTL) formulas interpreted over \emph{finite} traces. We denote this logic by LTLf. The existing approach for LTLf satisfiability checking is based on a reduction to standard LTL satisfiability checking. We describe here a novel direct approach to LTLf satisfiability checking, where we take advantage of the difference in the semantics between LTL and LTLf. While LTL satisfiability checking requires finding a \emph{fair cycle} in an appropriate transition system, here we need to search only for a finite trace. This enables us to introduce specialized heuristics, where we also exploit recent progress in Boolean SAT solving. We have implemented our approach in a prototype tool and experiments show that our approach outperforms existing approaches.

💡 Research Summary

The paper addresses the satisfiability problem for Linear Temporal Logic over finite traces (LTLf). While LTLf shares the same syntax as standard LTL, its semantics are defined on finite executions, which makes many of the algorithmic techniques used for LTL (which must handle infinite traces and fair cycles) unnecessary or even counter‑productive. Existing work therefore reduces LTLf satisfiability to ordinary LTL satisfiability by introducing a “Tail” proposition that forces a finite prefix followed by an infinite suffix, and then invokes an LTL solver. This reduction incurs the overhead of searching for a fair cycle, even though a finite trace suffices for LTLf.

The authors propose a direct method that exploits the finite‑trace semantics from the ground up. First, every LTLf formula is converted into Negation Normal Form (NNF) and then into a normal form (NF) consisting of clauses of the shape α ∧ X(ψ), where α is a propositional conjunction that must hold in the current state and ψ is the formula that must hold in the next state. The NF is defined recursively for literals, Boolean connectives, the strong Next (X), the weak Next (X w), Until (U) and Release (R). Notably, X w differs from X in that it is automatically true at the last position of a finite trace.

Using NF, the authors construct a labeled transition system Tφ = (Act, Sφ, →, φ). Each state is an LTLf sub‑formula, the action set Act consists of propositional conjunctions over literals, and a transition ψ₁ —α→ ψ₂ exists exactly when α ∧ X(ψ₂) appears in NF(ψ₁). The state space Sφ is the smallest set closed under this transition rule, starting from the initial formula φ. Unlike LTL transition systems, the “false” state cannot be discarded because a finite trace may legitimately end in false (e.g., X w false).

Three lemmas establish the correspondence between finite traces and runs in Tφ. Lemma 1 characterises satisfaction for one‑step traces; Lemma 2 shows that a trace η satisfies φ iff there exists a run φ = ψ₀ —α₀→ ψ₁ —α₁→ … —αₙ→ ψₙ₊₁ such that each ωᵢ (the i‑th letter of η) satisfies αᵢ and the final conjunct C_F(αₙ) equals ψₙ. Theorem 2 then proves that φ is satisfiable iff Tφ contains an accepting state ψ such that some outgoing transition ψ —α→ ψ′ satisfies C_F(α) = ψ. Consequently, satisfiability reduces to a reachability problem: starting from φ, perform a depth‑first search (DFS) on Tφ until an accepting state is found.

The algorithm is simple:

1. If φ is the constant true, return SAT.
2. Perform an on‑the‑fly DFS over Tφ, generating successors only when needed.
3. If an accepting state is reached, report SAT; otherwise, after exploring the entire reachable subgraph, report UNSAT.

The size of Tφ is bounded by 2^{|cl(φ)|}, where cl(φ) is the set of sub‑formulas, which is substantially smaller than the blow‑up caused by the Tail‑based reduction.

To accelerate the search, the authors integrate modern Boolean SAT solvers. For X w‑free formulas (those without the weak Next operator), Lemma 3 shows that any finite satisfying trace can be extended arbitrarily to an infinite trace while preserving satisfaction under standard LTL semantics. This permits encoding the current propositional requirements α as a SAT instance, quickly checking whether a consistent assignment exists, and pruning infeasible branches. For formulas containing X w, the weak Next is either eliminated via the equivalence X w φ ≡ ¬X¬φ or directly encoded as a SAT clause that tolerates the absence of a next state. Additional heuristics include subsumption checking among clauses, early detection of contradictory literals, and caching of previously explored states.

The prototype implementation, written in Java and coupled with state‑of‑the‑art SAT solvers (MiniSat, Glucose), was evaluated on a benchmark suite comprising randomly generated formulas, goal specifications extracted from planning domains, and declarative workflow constraints. Compared with the reduction‑to‑LTL approach (using the SPOT LTL solver), the new tool achieved average speed‑ups of 3–5× and up to 10× on the hardest instances. Memory consumption was also lower due to the smaller transition system. The experiments confirm that a finite‑trace‑aware transition system combined with SAT‑based pruning yields a practically superior method for LTLf satisfiability.

In conclusion, while LTLf satisfiability remains PSPACE‑complete, the paper demonstrates that exploiting the finite‑trace semantics enables a dramatically more efficient decision procedure. The authors suggest future work on extending the framework to model checking, synthesis, and integration with LTLf‑based planning and business‑process verification tools.