STL-GO: Spatio-Temporal Logic with Graph Operators

Updated 23 July 2025

STL-GO is a spatio-temporal logic that unifies temporal operators with graph-based constraints to specify agent interactions in distributed systems.
It employs a two-level structure that distinguishes local per-agent specifications from global network-wide properties, enhancing resilience and redundancy.
Its practical deployment in smart cities, multi-drone surveillance, and sensor networks is supported by scalable, distributed monitoring algorithms.

Spatio-Temporal Logic with Graph Operators (STL-GO) is a formalism for specifying and verifying properties of distributed systems—especially multi-agent systems—where agent capabilities and requirements are defined both temporally and via structured interactions captured by possibly multiple, time-varying graphs. STL-GO innovates by explicitly allowing reasoning not just about an agent’s states but also about the number, type, and quality of its relationships across different network topologies (e.g., communication, sensing, or task graphs), thereby providing a unified approach to formal specification, monitoring, and analysis of complex cyber-physical and robotic systems in domains such as smart cities, multi-robot systems, and sensor networks.

1. Formal Definition and Syntax

STL-GO extends the classical Signal Temporal Logic (STL) by integrating specialized graph operators that enable specification of conditions concerning agent neighborhoods as defined by directed or undirected graphs. The syntax comprises two levels:

Inner Logic (STL-GO-S): Specifies local (per-agent) requirements, incorporating temporal and graph modalities.
Outer Logic (STL-GO): Couples these specifications across the multi-agent population using an “i. φ” operator, indicating that agent i must satisfy formula φ.

The core graph operators are:

$\text{In}^{(W, \#)}_{\mathcal{G}, E}\,\varphi \quad \text{and} \quad \text{Out}^{(W, \#)}_{\mathcal{G}, E}\,\varphi$

where:

$\mathcal{G}$ is a set of graphs (types of interactions: e.g., communication, sensing),
$W = [w_1, w_2]$ is a constraint on edge weights (distance, latency, etc.),
$E = [e_1, e_2]$ is a counting constraint (number of qualifying neighbors),
$\#$ is the quantifier—either $\exists$ or $\forall$ —over graphs in $\mathcal{G}$ ,
$\varphi$ is the property to be satisfied by neighbors.

Semantics (Existential Incoming Example):

$(\mathcal{A}, i, t) \models \mathrm{In}^{(W, \exists)}_{\mathcal{G}, E}\ \varphi \iff \exists\, \text{graph type}~\mathcal{G}^{\mathrm{type}} \in \mathcal{G}:~ |\{ (j,i,n) \in \mathcal{E}_t^{\mathrm{type}}~|~w_t^{\mathrm{type}}(j,i,n) \in W,\ (\mathcal{A},j,t)\models \varphi\}| \in E$

This formula is true at agent $i$ and time $t$ if, in at least one graph type, the number of incoming edges within weight $W$ from agents $j$ at time $t$ (with those $j$ satisfying $\varphi$ ) falls within $E$ .

2. Specification of Multi-Agent System Requirements

STL-GO is suited to expressing rich, multi-layered specifications that go beyond what is expressible in typical STL or metric-based spatial logics. Examples include:

Redundancy and Resilience: “At all times, there is at least one agent that can sense or communicate with agent $i$ ,” expressed via

$\phi \triangleq \mathbf{G}_{[0,\infty]} \left( \mathrm{In}_{\{\mathcal{G}^s, \mathcal{G}^c\}, [1,\infty]}^{\exists}~\top \right)$

where $\mathcal{G}^s$ and $\mathcal{G}^c$ are sensing/communication graphs.

Coupled Task and Safety Constraints: “If a station has low inventory, there must be at least five alternative stations reachable within a given travel graph and satisfying an availability property.”
Heterogeneous Modalities: Requirements can be specified over different types of graphs simultaneously (e.g., physical proximity, wireless range, semantic dependencies).

STL-GO’s two-level logical hierarchy enables both per-agent properties (via the STL-GO-S layer) and network-global or location-wide constraints (via the outer logic).

3. Graph Operators: Syntax, Semantics, and Expressivity

The critical technical innovation in STL-GO is the formal definition and use of graph operators that quantify over agent neighborhoods:

Parameters:
- Graph set $\mathcal{G}$ : allows multi-modal relationships.
- Edge weight interval $W$ : constrains the “quality” or “distance” of considered neighbors.
- Edge count interval $E$ : specifies how many neighbors must satisfy a property.
- Quantifier $\#$ : existential ( $\exists$ ) or universal ( $\forall$ ) across multiple graphs.
Operator Variants:
- “In”/“Out” designate directionality (incoming or outgoing edges).
- Variants exist for requiring at least/at most a number of neighbors (by adjusting $E$ ).
- Simultaneous selection of multiple graph types allows for redundancy and fallback requirements.
Semantic Generality:
- Capable of encoding not only spatial relationships expressed in shortest-path, “somewhere,” or “surrounded” operators from prior work (e.g., SSTL, STREL), but also requirements parameterized by time-varying or role-dependent topologies.

This design allows STL-GO to match and in many cases strictly generalize formalisms such as SaSTL, SSTL, and STREL while adding expressibility for multi-modal, directed, or heterogeneous agent interactions.

4. Distributed Monitoring: Algorithms and Local Reasoning

A central goal of STL-GO is supervision and runtime verification in decentralized systems. The logic supports distributed monitoring by defining, for each agent $i$ , a ternary signal $s_{\varphi,i} : [0, T+T_\varphi] \to \{0,1,?\}$ indicating:

$1$ if $\varphi$ is surely satisfied at agent $i$ and time $t$ ,
$0$ if surely violated,
$?$ if undetermined due to limited local information.

Sufficient conditions for determinate monitoring:

If an agent has complete information about all required neighbors (as dictated by the nested “graph operator tree”), the local monitor can conclusively decide.
If the known number of available neighbors is insufficient to meet the edge-count requirement, a violation ($0$) can be declared without further data.

The monitor architecture is designed to handle complex, nested operator trees corresponding to deeply structured neighborhood queries. Agents propagate only necessary information about their own states and, when necessary, about (relevant) neighbors in the appropriate graphs.

5. Comparison with Other Spatio-Temporal Logics

STL-GO is compared against several notable spatio-temporal logic frameworks:

Logic	Key Features	Graph Modalities	Counting/Redundancy	Directed/Multi-Graph
SaSTL	STL + spatial counting, usually single graph	Single (typically static)	Yes	Limited
SSTL	STL + metric-based spatial operators	Weighted/metric graphs	Indirect (distance)	Undirected primarily
STREL	STL + spatial reach/escape, graph distances	Single, metric	Path-based	Indirect
STL-GO	STL + general graph operators	Multiple, typed, directed	Yes	Yes

STL-GO strictly subsumes the spatial and counting expressivity of these logics, allowing not only for arbitrary nestings but for reasoning simultaneously over several, possibly asymmetric, network topologies and with fine-grained redundancy constraints.

6. Case Studies and Practical Deployments

The paper demonstrates STL-GO’s utility in two detailed case studies:

Bike-Sharing System: Each station is modeled as an agent with state variables (e.g., availability, incoming/outgoing flows). The system implements multiple graphs (physical distance, public transport connectivity). STL-GO-S formulas encode, for instance, that “if the bike count at a central station falls below a threshold, at least five outgoing paths in a given travel-time graph lead to stations with sufficient bikes.” Monitoring is performed both centrally and by individual stations, showing low overhead and scalability.
Multi-Drone Surveillance: Drones are represented as agents with multiple time-varying graphs: distance for proximity, communication for group membership, and sensing for coverage. STL-GO-S and outer formulas specify both safety constraints (e.g., separation, communication redundancy) and capability matching (e.g., every drone near a region must also have certain sensing/comm capabilities). Experiments demonstrated that both centralized and distributed monitors could efficiently verify system-wide and per-agent requirements even in large, dynamic scenarios.

7. Implications for Design, Analysis, and Verification

STL-GO provides a formal foundation for specifying and enforcing requirements in multi-agent cyber-physical systems that interact via diverse spatial and virtual network structures. Its key implications include:

Expressivity: STL-GO captures a wide range of practical requirements that are infeasible or unwieldy in less expressive logics, notably redundancy, connectivity under multiple modalities, and asymmetric or coupled neighborhoods.
Distributed Monitoring Scalability: By providing sufficient (though not always necessary) conditions for agent-level satisfaction, STL-GO enables practical runtime verification in scenarios where full centralization is infeasible.
Composability and Modularity: The logic’s two-level structure naturally supports hierarchical system design and analysis, where local and global properties are related but separable.
Extensibility: New graph modality operators, directed/undirected distinctions, and weight semantics can be added without altering the core logical machinery, enabling further adaptation to evolving application domains.

This framework forms both a theoretical and practical basis for the formal specification, synthesis, and monitoring of requirements in distributed, graph-structured, spatio-temporal systems.

PDF Markdown Chat (Upgrade)