Wojciech Jamroga

Wojciech Jamroga
Polish Academy of Sciences | PAN · Department of Theoretical Foundations of Computer Science

About

147
Publications
9,022
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,743
Citations
Citations since 2016
39 Research Items
687 Citations
2016201720182019202020212022020406080100120
2016201720182019202020212022020406080100120
2016201720182019202020212022020406080100120
2016201720182019202020212022020406080100120

Publications

Publications (147)
Chapter
Model checking of strategic abilities is a notoriously hard problem, even more so in the realistic case of agents with imperfect information. Assume-guarantee reasoning can be of great help here, providing a way to decompose the complex problem into a small set of exponentially easier subproblems. In this paper, we propose two schemes for assume-gu...
Chapter
We present a substantially expanded version of the open source tool STV for strategy synthesis and verification of strategic abilities. The new version provides a web interface and support for assume-guarantee verification of multi-agent systems.
Preprint
Full-text available
Voting procedures are designed and implemented by people, for people, and with significant human involvement. Thus, one should take into account the human factors in order to comprehensively analyze properties of an election and detect threats. In particular, it is essential to assess how actions and strategies of the involved agents (voters, munic...
Article
Formal analysis of security is often focused on the technological side of the system. One implicitly assumes that the users will behave in the right way to preserve the relevant security properties. In real life, this cannot be taken for granted. In particular, security mechanisms that are difficult and costly to use are often ignored by the users,...
Preprint
Full-text available
We propose a notion of alternating bisimulation for strategic abilities under imperfect information. The bisimulation preserves formulas of ATL$^*$ for both the {\em objective} and {\em subjective} variants of the state-based semantics with imperfect information, which are commonly used in the modeling and verification of multi-agent systems. Furth...
Preprint
Full-text available
We present a substantially expanded version of our tool STV for strategy synthesis and verification of strategic abilities. The new version provides a web interface and support for assume-guarantee verification of multi-agent systems.
Preprint
Full-text available
Model checking of multi-agent systems (MAS) is known to be hard, both theoretically and in practice. A smart abstraction of the state space may significantly reduce the model, and facilitate the verification. In this paper, we propose and study an intuitive agent-based abstraction scheme, based on the removal of variables in the representation of a...
Conference Paper
Recently, we have proposed a framework for verification of agents' abilities in asynchronous multi-agent systems (MAS), together with an algorithm for automated reduction of models. The semantics was built on the modeling tradition of distributed systems. As we show here, this can sometimes lead to counterintuitive interpretation of formulas when r...
Chapter
Security properties are often focused on the technological side of the system. One implicitly assumes that the users will behave in the right way to preserve the property at hand. In real life, this cannot be taken for granted. In particular, security mechanisms that are difficult and costly to use are often ignored by the users, and do not really...
Preprint
Full-text available
An important aspect of AI design and ethics is to create systems that reflect aggregate preferences of the society. To this end, the techniques of social choice theory are often utilized. We propose a new social choice function motivated by the PageRank algorithm. The function ranks voting options based on the Condorcet graph of pairwise comparison...
Preprint
Full-text available
The COVID-19 pandemic has influenced virtually all aspects of our lives. Across the world, countries have applied various mitigation strategies, based on social, political, and technological instruments. We postulate that multi-agent systems can provide a common platform to study (and balance) their essential properties. We also show how to obtain...
Preprint
Full-text available
The COVID-19 pandemic has influenced virtually all aspects of our lives. Across the world, countries have applied various mitigation strategies for the epidemic, based on social, political, and technological instruments. We postulate that one should {identify the relevant requirements} before committing to a particular mitigation strategy. One way...
Chapter
Some multi-agent scenarios call for the possibility of evaluating specifications in a richer domain of truth values. Examples include runtime monitoring of a temporal property over a growing prefix of an infinite path, inconsistency analysis in distributed databases, and verification methods that use incomplete anytime algorithms, such as bounded m...
Article
Some multi-agent scenarios call for the possibility of evaluating specifications in a richer domain of truth values. Examples include runtime monitoring of a temporal property over a growing prefix of an infinite path, inconsistency analysis in distributed databases, and verification methods that use incomplete anytime algorithms, such as bounded m...
Chapter
The design and implementation of a trustworthy e-voting system is a challenging task. Formal analysis can be of great help here. In particular, it can lead to a better understanding of how the voting system works, and what requirements on the system are relevant. In this paper, we propose that the state-of-art model checker Uppaal provides a good e...
Article
We propose a general semantics for strategic abilities of agents in asynchronous systems, with and without perfect information. Based on the semantics, we show some general complexity results for verification of strategic abilities in asynchronous interaction. More importantly, we develop a methodology for partial order reduction in verification of...
Preprint
Full-text available
Security properties are often focused on the technological side of the system. One implicitly assumes that the users will behave in the right way to preserve the property at hand. In real life, this cannot be taken for granted. In particular, security mechanisms that are difficult and costly to use are often ignored by the users, and do not really...
Article
Full-text available
We propose a notion of alternating bisimulation for strategic abilities under imperfect information. The bisimulation preserves formulas of ATL⁎ for both the objective and subjective variants of the state-based semantics with imperfect information, which are commonly used in the modeling and verification of multi-agent systems. Furthermore, we appl...
Article
In this paper we investigate the Timed Alternating-Time Temporal Logic (TATL), a discrete-time extension of ATL. In particular, we propose, systematize, and further study semantic variants of TATL, based on different notions of a strategy. The notions are derived from different assumptions about the agents’ memory and observational capabilities, an...
Article
In game theory, as well as in the semantics of game logics, a strategy can be represented by any function from states of the game to the agent's actions. That makes sense from the mathematical point of view, but not necessarily in the context of human behavior. This is because humans are quite bad at executing complex plans, and rather unlikely to...
Preprint
Full-text available
Many voter-verifiable, coercion-resistant schemes have been proposed, but even the most carefully designed systems necessarily leak information via the announced result. In corner cases, this may be problematic. For example, if all the votes go to one candidate then all vote privacy evaporates. The mere possibility of candidates getting no or few v...
Conference Paper
In this paper we introduce Strategy Logic with simple goals (SL[SG]), a fragment of Strategy Logic that strictly extends the well-known Alternating-time Temporal Logic ATL by introducing arbitrary quantification over the agents' strategies. Our motivation comes from game-theoretic applications, such as expressing Stackelberg equilibria in games, co...
Conference Paper
Full-text available
Model checking strategic abilities in multi-agent systems is hard, especially for agents with partial observability of the state of the system. In that case, it ranges from NP-complete to undecidable, depending on the precise syntax and the semantic variant. That, however, is the worst case complexity, and the problem might as well be easier when r...
Conference Paper
Strategies in game theory and multi-agent logics are mathematical objects of remarkable combinatorial complexity. Recently, the concept of natural strategies has been proposed to model more human-like reasoning about simple plans and their outcomes. So far, the theory of such simple strategic play was only considered in scenarios where all the agen...
Conference Paper
p>A central issue in the specification and verification of autonomous agents and multiagent systems is the ascription of responsibility to individual agents and groups of agents When designing a (multi)agent system, we must specify which agents or groups of agents are responsible for bringing about a particular state of affairs Similarly, when veri...
Article
In alternating-time temporal logic ATL*, agents with perfect recall assign choices to sequences of states, i.e., to possible finite histories of the game. However, when a nested strategic modality is interpreted, the new strategy does not take into account the previous sequence of events. It is as if agents collect their observations in the nes...
Article
We present a model checking algorithm for a subset of alternating-time temporal logic (ATL) with imperfect information and imperfect recall.This variant ofATLis arguably most appropriate when it comes to modelling and specification of multi-agent systems. The related variant of model checking is known to be theoretically hard (NP-to PSPACE-complete...
Conference Paper
Full-text available
In game theory, as well as in the semantics of game logics, a strategy can be represented by any function from states of the game to the agent’s actions. That makes sense from the mathematical point of view, but not necessarily in the context of human behavior. This is because humans are quite bad at executing complex plans, and also rather unlikel...
Conference Paper
Full-text available
We present a game-theoretic approach to coercion-resistance from the point of view of an honest election authority that chooses between various protection methods with different levels of resistance and different implementation costs. We give a simple game model of the election and propose a preliminary analysis. It turns out that, in the games tha...
Article
Full-text available
Model checking of strategic ability under imperfect information is known to be hard. In this paper, we propose translations of ATLir formulae that provide lower and upper bounds for their truth values, and are cheaper to verify than the original specifications. Most interestingly, the lower approximation is provided by a fixpoint expression that us...
Technical Report
Full-text available
A general semantics of strategic abilities of agents in asynchronous systems with and without perfect information is proposed, and some general complexity results for verification of strategic abilities in asynchronous systems are presented. A methodology for partial order reduction (POR) in verification of agents with imperfect information is deve...
Conference Paper
Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself, but rather a means of preventing potential attackers from compromising the correct behavior of the system. To fo...
Conference Paper
Voting is a mechanism of utmost importance to social processes. In this paper, we focus on the strategic aspect of information security in voting procedures. We argue that the notions of receipt-freeness and coercion resistance are underpinned by existence (or nonexistence) of a suitable strategy for some participants of the voting process. In orde...
Article
Full-text available
Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself, but rather a means of preventing potential attackers from compromising the correct behavior of the system. To fo...
Article
Judgment aggregation problems are a class of collective decision-making problems represented in an abstract way, subsuming some well known collective decision-making problems such voting problems. A collective decision can be reached either by aggregation of individual decisions or by deliberation -- allowing each decision-maker to change their ind...
Conference Paper
Full-text available
Module checking is a decision problem proposed in late 1990s to formalize verification of open systems, i.e., systems that must adapt their behavior to the input they receive from the environment. It was recently shown that module checking offers a distinctly different perspective from the better-known problem of model checking. Module checking has...
Article
Full-text available
Alternating-time temporal logic ATL allows to specify requirements on abilities that different agents should (or should not) possess in a multi-agent system. However, model checking ATL specifications in realistic systems is computationally hard. In particular, if the agents don't have perfect information about the global state of the system, the c...
Conference Paper
Full-text available
Noninterference is a property that captures confidentiality of actions executed by a given process. However, the property is hard to guarantee in realistic scenarios. We show that the security of a system can be seen as an interplay between functionality requirements and the strategies adopted by users, and based on it we propose a weaker notion of...
Conference Paper
Full-text available
Module checking is a decision problem proposed in late 1990s to formalize verification of open systems, i.e., systems that must adapt their behavior to the input they receive from the environment. It was recently shown that module checking offers a distinctly different perspective from the better-known problem of model checking. So far, specificati...
Article
Full-text available
We consider models of multi-player games where abilities of players and coalitions are defined in terms of sets of outcomes which they can effectively enforce. We extend the well-studied state effectivity models of one-step games in two different ways. On the one hand, we develop multiple state effectivity functions associated with different long-t...
Conference Paper
A possible purpose of performing an action is to gather information. Such information-collecting actions are usually resource-consuming. The resources needed for performing them can be for example time or memory, but also money, specialized equipment, etc. In this work, we propose a formal framework to study how the ability of an agent to improve i...
Article
Full-text available
We introduce and discuss basic concepts, ideas, and logical formalisms used for reasoning about strategic abilities in multi-player games. In particular, we present concurrent game models and the Al-ternating time temporal logic ATL * and its fragment ATL. We discuss variations of the language and semantics of ATL * that take into account the limit...
Conference Paper
Systems within the agent-oriented paradigm range from ones where a single agent is coupled with an environment to ones inhabited by a large number of autonomous entities. In this paper, we look at what distinguishes single-agent systems from multi-agent systems. We claim that multi-agency implies limited coordination, in terms of action and/or info...
Conference Paper
We present a model checking algorithm for alternating-time temporal logic (ATL) with imperfect information and imperfect recall. This variant of ATL is arguably most appropriate when it comes to modeling and specification of multi-agent systems. The related variant of model checking is known to be theoretically hard (\(\Delta^{\rm P}_{2}\)- to pspa...
Conference Paper
Full-text available
Two decision problems are very close in spirit: module check-ing of CTL/CTL* and model checking of ATL/ATL*. The latter appears to be a natural multi-agent extension of the former, and it is commonly believed that model checking of ATL(*) subsumes module checking of CTL(*) in a straight-forward way. Perhaps because of that, the exact relationship b...
Article
Alternating-time temporal logic (ATL) is a modal logic that allows to reason about agents’ abilities in game-like scenarios. Semantic variants of ATL are usually built upon different assumptions about the kind of game that is played, including capabilities of agents (perfect vs. imperfect information, perfect vs. imperfect memory, etc.). ATL has be...
Article
Full-text available
We study the security of interaction protocols when incentives of participants are taken into account. We begin by formally defining correctness of a protocol, given a notion of rationality and utilities of participating agents. Based on that, we propose how to assess security when the precise incentives are unknown. Then, the security level can be...
Book
This book constitutes the proceedings of the 15th International Workshop on Computational Logic in Multi-Agent Systems, CLIMA XV, held in Prague, Czech Republic, in August 2014.The 12 regular papers were carefully reviewed and selected from 20 submissions. The purpose of the CLIMA workshops is to provide a forum for discussing techniques, based on...
Article
The problem of practical model checking Alternating-time Temporal Logic (ATL) formulae under imperfect information and imperfect recall is considered. This is done by synthesis and subsequent verification of strategies, until a good one is found. To reduce the complexity of the problem we define an equivalence relation on strategies. Then an algori...
Article
In alternating-time temporal logic ATL∗, agents with perfect recall assign choices to sequences of states, i.e., to possible finite histories of the game. However, when a nested strategic modality is interpreted, the new strategy does not take into account the previous sequence of events. It is as if agents collect their observations in the nested...
Conference Paper
Judgment aggregation is a social choice method for aggregating information on logically related issues. In distance-based judgment aggregation, the collective opinion is sought as a compromise between information sources that satisfies several structural properties. It would seem that the standard conditions on distance and aggregation functions ar...
Conference Paper
We study the security of interaction protocols when incentives of participants are taken into account. We begin by formally defining correctness of a protocol, given a notion of rationality and utilities of participating agents. Based on that, we propose how to assess security when the precise incentives are unknown. Then, the security level can be...
Article
Full-text available
We revisit the formalism of modular interpreted systems (MIS) which encourages modular and open modeling of synchronous multi-agent systems. The original formulation of MIS did not live entirely up to its promise. In this paper, we propose how to improve modularity and openness of MIS by changing the structure of interference functions. These relat...
Conference Paper
Full-text available
Coercion resistance is one of the most important features of a secure voting procedure. Recently several coercion resistant voting schemes have been introduced, and some measures for quantifying the level of the co-ercion resistance in a voting protocol were defined. Also the relationship between coercion resistance and privacy in elections has bee...
Conference Paper
Full-text available
We consider models of multi-player games where abilities of players and coalitions are defined in terms of sets of outcomes which they can effectively enforce. We extend the well studied state effectivity models of one-step games in two different ways. On the one hand, we develop multiple state effectivity functions associated with different long-t...
Conference Paper
Full-text available
Cooperating agents need to reach group decisions on several logically related issues. These decision-making problems are studied in social choice theory by the discipline of judgment aggregation. Judgment aggregation produces group decisions by aggregating individual answers to binary questions, however existing aggregation rules are defined for a...
Conference Paper
Full-text available
We indicate two problems with the specifications of fairness that are currently used for the verification of non-repudiation and other fair-exchange protocols. The first of these problems is the implicit as-sumption of perfect information. The second problem is the possible lack of effectiveness. We solve both problems in isolation by giving new de...
Article
We consider a combination of the strategic logic AT L with the description logic ALCO. In order to combine the logics in a flexible way, we assume that every individual can be (potentially) an agent. We also take the novel approach to teams by assuming that a coalition has an identity on its own, and hence its membership can vary. In terms of techn...
Conference Paper
Full-text available
Nash equilibrium is based on the idea that a strategy profile is stable if no player can benefit from a unilateral deviation. We observe that some locally rational deviations in a strategic form game may not be profitable anymore if one takes into account the possibility of further deviations by the other players. As a solution, we propose the conc...
Conference Paper
Alternating-time temporal logic (ATL) is a well-known logic for reasoning about strategic abilities of agents. An important feature that distinguishes variants of ATL for imperfect information scenarios is that the standard fixed point characterizations of temporal modalities do not hold anymore. In this paper, we show that adding explicit fixed po...
Conference Paper
Full-text available
We show that different semantics of ability in ATL give rise to different validity sets. As a consequence, different notions of ability induce different strategic logics and different general properties of games. Moreover, the study can be seen as the first systematic step towards satisfiability-checking algorithms for ATL with imperfect informatio...
Conference Paper
Full-text available
In agent-oriented programming and planning, agents' actions are typically specified in terms of postconditions, and the model of execution assumes that the environment carries the actions out exactly as specified. That is, it is assumed that the state of the environment after an action has been executed will satisfy its postcondition. In reality, h...
Conference Paper
A well-known result in the logical analysis of cooperative games states that the so-called playable effectivity functions exactly correspond to strategic games. More precisely, this result states that for every playable effectivity function E there exists a strategic game that assigns to coalitions of players exactly the same power as E, and every...
Conference Paper
Overview. Multi agent systems (MAS) provide an important framework for formalizing various problems in computer science, artificial intelligence, game theory, social choice theory, etc. Modal logics are amongst the most suitable and versatile logical formalisms for specification and verification of computational systems. Here, we present an overvie...
Chapter
Full-text available
This chapter is about model checking and its complexity in some of the main temporal and strategic logics, e.g. LTL, CTL, and ATL. We discuss several variants of ATL (perfect vs. imperfect recall, perfect vs. imperfect information) as well as two different measures for model checking with concurrent game structures (explicit vs. implicit representa...
Article
Full-text available
Coalitional Description Logic [Seylan, I. and W. Jamroga, Description logic for coalitions, in: Proceedings of AAMAS'09, 2009, pp. 425–432.] is a product style combination of Coalition Logic and the description logic ALC. It enables reasoning about agents' ability to influence first-order structures. In this paper, we extend the logic with nominals...
Conference Paper
ATL+ is a variant of alternating-time temporal logic that does not have the expressive power of full ATL*, but still allows for expressing some natural properties of agents. It has been believed that verification with ATL+ is ΔP3-complete for both memoryless agents and players who can memorize the whole history of the game. In this paper, we show t...
Conference Paper
Full-text available
Verification of multi-agent programs is a key problem in agent re- search and development. This paper focuses on multi-agent pro- grams that consist of a finite set of BDI-based agent programs ex- ecuted concurrently. We choose alternating-time temporal logic (ATL) for expressing properties of such programs. However, the original ATL is based on a...
Conference Paper
Full-text available
Alternating-time temporal logic (atl) is one of the most influential logics for reasoning about agents' abilities. Con- structive Strategic Logic (csl )i s av ariant ofatl for imper- fect information games that allows to express strategic and epistemic properties of coalitions under uncertainty. In this paper, we propose a logic that extends csl wi...
Article
Full-text available
In this paper, we consider planning for multi-agents situations in STRIPS-like domains with planning graph. Three possible relationships between agents' goals are considered in order to evaluate plans: the agents may be collaborative, adversarial or indifferent entities. We propose algorithms to deal with each situation. The collaborative situation...
Article
Full-text available