Toward a More Complete Alloy

Timothy Nelson, Daniel J. Dougherty, Kathi Fisler, Shriram Krishnamurthi

ABZ Conference, 2012

Abstract

Many model-finding tools, such as Alloy, charge users with providing bounds on the sizes of models. It would be preferable to automatically compute sufficient upper-bounds whenever possible. The Bernays-Schoenfinkel-Ramsey fragment of first-order logic can relieve users of this burden in some cases: its sentences are satisfiable iff they are satisfied in a finite model, whose size is computable from the input problem.

Researchers have observed, however, that the class of sentences for which such a theorem holds is richer in a many-sorted framework---which Alloy inhabits---than in the one-sorted case. This paper studies this phenomenon in the general setting of order-sorted logic supporting overloading and empty sorts. We establish a syntactic condition generalizing the Bernays-Schoenfinkel-Ramsey form that ensures the Finite Model Property. We give a linear-time algorithm for deciding this condition and a polynomial-time algorithm for computing the bound on model sizes. As a consequence, model-finding is a complete decision procedure for sentences in this class. Our work has been incorporated into Margrave, a tool for policy analysis, and applies in real-world situations.

Comment

These results have been incorporated into our Margrave tool for policy analysis. For a more technical version of this paper, see our technical report.

Paper

PDF

---

These papers may differ in formatting from the versions that appear in print. They are made available only to support the rapid dissemination of results; the printed versions, not these, should be considered definitive. The copyrights belong to their respective owners.