Operationalisation of Norms for Electronic
Institutions
Huib Aldewereld¤, Frank Dignum¤, Andr¶es Garc¶³a-Caminoy, Pablo Noriegay,
Juan Antonio Rodr¶³guez-Aguilary, and Carles Sierray
¤Institute of Information and Computing Sciences, Utrecht University, The
Netherlands
fhuib, dignumg@cs.uu.nl,
yArti¯cial Intelligence Research Institute, IIIA, Spanish Council for Scienti¯c
Research, CSIC, Campus de la UAB, Barcelona, Spain
fandres, pablo, jar, sierrag@iiia.csic.es
Abstract. Agent-mediated electronic institutions belong to a new and
promising ¯eld where interactions among agents are regulated by means
of a set of explicit norms. Current implementations of such open-agent
systems are, however, mostly using constraints on the behaviour of the
agents, thereby severely limiting the autonomy of the agents. In this
paper we propose an extension to electronic institutions to allow for a
°exible enforcement of norms, and manners to help overcome the di±-
culties of translating abstract norms for the use of implementation.
1 Introduction
Agent-mediated institutions, introduced in [16, 17], are open agent systems that
allow heterogeneous agents to enter and perform tasks. Because of this hetero-
geneous nature of the agents joining the electronic institution (e-institution),
measures have to be taken to control and regulate the behaviour of these agents.
These measures are needed to improve and guarantee the safety and stability
of the system, as agents joining the institution might, (un)intentionally, break
the system by behaving in non-expected or non-accepted manners. It has been
widely accepted that norms can be used to ensure this safety, since norms, can be
used for de¯ning the legality and illegality of actions (and states) in e-institutions
[4].
For these norms to be used in the e-institutions, thereby regulating the agents
joining the institution, enforcement mechanisms must be devised to implement
the norms in the institution, ensuring its safety. There is, however, a big gap
between the theoretical work on norms and the practice of e-institutions. In this
paper we will try to bridge this gap from both sides.
From the implementation side we will extend current implementations of
norm enforcement through constraints on unwanted behaviour [7] by mechanisms
that can detect violations of norms and react to these violations. This will allow
the agents in e-institutions more freedom and °exibility, while still complying to
the norms.

On the theoretical side work on normative systems (mainly focussed on deon-
tic frameworks [14, 5]) is mostly declarative in nature while using very abstract
notions of norms. Norms are speci¯ed in a general way abstracting from spe-
ci¯c actions or parties and thus being on the one hand very generally applicable
while in the other hand being very vague and ambiguous compared to a concrete
situation in an institution. The implementation of norms and norm enforcement
in e-institutions, as mentioned above, require norms to have an operational se-
mantics that is concrete and that connects with the ontology of the institutional
actions. Recent approaches on normative systems have begun to research and
express this operational meaning of norms, as seen in [18, 2, 15, 10]. These ap-
proaches represent norms and their operational meaning, but are not conclusive
on how the implementation in an agent system, such as an e-institution, should
be obtained. In this paper we extend this work, by proposing a "translation"
from the operational approach proposed in [18] to elements usable for norm en-
forcement in AMELI. Moreover we will show that the approaches from [15] and
[2] can be translated in this formalism as well.
In this paper we assume institutions to be de¯ned as a set of norms, which
are to be enforced by a distributed set of (internal) agents. Secondly we assume
that the norms can sometimes be violated by agents in order to keep their
autonomy, which can also be functional for the system as a whole as argued
in [3]. The violation of norms is handled from the organisational point of view
by violation and sanction mechanisms. And ¯nally, we assume that the internal
state of agents is neither visible, nor controllable from an institution's point of
view, which, basically, means that enforcement of norms needs to be done by
the detection of violations and the reacting to these violations, and that we can
only use the observable behaviour of agents to detect the violations.
The remainder of this paper is organised as follows. In the next section we give
a short discussion on a formal view of electronic institutions. In sections 3 and
4 we introduce the syntax and semantics of the mechanism used for expressing
and handling the violation of norms, while in section 5 we give a translation from
the norm frame of [18] into this enforcement mechanism. In section 6 we give a
tentative comparison on how this enforcement method can be applied to other
normative approaches, and in section 7 we indicate some issues in the translation
process of norms to implementation.
2 Electronic Institutions
Electronic institutions, as we consider them [6, 16, 17], shape agent environments
that restrict the behaviour of agents to ensure that agents interact in safe con-
ditions. E-institutions constrain agent behaviour by de¯ning the valid sequences
of (dialogical) interactions that agents can have to attain their goals.
The dialogical framework de¯nes all the conventions required to make in-
teraction between two or more agents possible. Moreover, it de¯nes what the
participant roles within the e-institution and the relationships among them will
be. We take interactions to be a sequence of speech acts between two or more

parties. Formally, we express speech acts as illocutionary formulas of the form:
¶(speaker; hearer; Á; t). The speech acts that we use start with an illocutionary
particle (¶), which can be "declare", "request", "promise", etc., that a speaker
addresses to a hearer, at time t, whose content Á is expressed in some object
language whose vocabulary stems from an e-institution's ontology.
A dialogical framework encompasses all the illocutions available to the agents
in a given institution. Formally,
De¯nition 1. A dialogical framework is a tuple DF = hO;LO; P;R;RSi where
O stands for an ontology (vocabulary); LO stands for a content language to
express the information exchanged between agents using ontology O; P is the set
of illocutionary particles; R is the set of roles; RS is the set of relationships over
roles.
For each activity in an institution, interactions between agents are articu-
lated through agent group meetings, which we call scenes. A scene is a role-based
multi-agent protocol speci¯cation. A scene de¯nes the valid sequences of inter-
actions among agents enacting di®erent roles. It is de¯ned as a directed graph
where each node stands for scene state and each edge connecting two states is
labelled by an illocution scheme. An illocution scheme is an illocutionary for-
mula with some unbound variables. At run-time, agents playing di®erent roles
make a scene evolve by uttering illocutions that match the illocution schemes
connecting states. Each scene maintains the context of the interaction, that is
how the dialogue is evolving, i.e. which have been the uttered illocutions and
how the illocution schemes have been instantiated.
De¯nition 2. A scene is a tuple S = hs;R;DF;W;w0;Wf ; £; ¸;min;Maxi
where s is the scene identi¯er; R is the set of scene roles; DF is a dialogical
framework; W is the set of scene states; w0 2 W is the initial state; Wf µ W is
the set of ¯nal states; µ µ W £W is a set of directed edges; ¸ : µ ¡! L¤DF is a
labelling function, which maps each edge to an illocution scheme in the pattern
language of the DF dialogical framework L¤DF ; min;Max;R ¡! N min(r) and
Max(r) are, respectively, the minimum and the maximum number of agents that
must and can play each role r 2 R.
The activities in an e-institution are the composition of multiple, distinct,
possibly concurrent, dialogical activities, each one involving di®erent groups of
agents playing di®erent roles. A performative structure can be seen as a net-
work of scenes, whose connections are mediated by transitions (a special type of
scene), and determines the role-°ow policy among the di®erent scenes by showing
how agents, depending on their roles and prevailing commitments, may get into
di®erent scenes, and showing when new scenes will be started. The performa-
tive structure de¯nes the possible order of execution of the interaction protocols
(scenes). It also allows agent synchronisation, and scene interleaved execution.
De¯nition 3. A performative structure is a tuple PS = hS; T; s0; s­ ; E; fL; fT ; fOE ; ¹i
where S is a ¯nite, non-empty set of scenes; T is a ¯nite, non-empty set of tran-
sitions; s0 2 S is the initial scene; s­ 2 S is the ¯nal scene; E = EI [ EO

is a set of edge identi¯ers where EI µ S £ T is a set of edges from scenes
to transitions and EO µ T £ S is a set of edges from transitions to scenes;
fL : E ¡! DNF2VA£R maps each edge to a disjunctive normal form of pairs
of agent variable and role identi¯er representing the edge label; fT : T ¡! T
maps each transition to its type; fOE : EO ¡! E maps each edge to its type;
¹ : S ¡! f0; 1g sets if a scene can be multiply instantiated at execution time;
The institutional state consists of the list of scene executions (described by
their participating agents and interaction context) along with the participating
agents' state (represented by their observable attributes).
3 Integrity & Dialogical Constraints
As mentioned in the introduction, we want to extend the AMELI formalism
with mechanisms to implement norms by means of a distributed set of agents.
To achieve this we need mechanisms to detect violations and react to these
violations. This is accomplished by using, respectively, integrity constraints and
dialogical constraints. The main idea is that integrity constraints are checked
by the institution to detect and register all violations, i.e. the passing from a
legal state to an illegal state. The dialogical constraints express the obligation of
the enforcing agents to act according to the violations detected, i.e. sanction the
responsible agent. The dialogical constraints themselves are part of the internal
enforcing agents.
Due to the fact that the internal agents should be designed to follow the
norms of the institution, we might assume that internal agents will always act
according to the dialogical constraints speci¯ed. However, the internal agents
might not be responsible for the enforcement of all the norms in the system,
we can specify integrity constraints that express when a dialogical constraint
(which is in a sense an obligation to enforce) has been violated, i.e. a violation
has occurred, but no action has been taken by the enforcing agent to punish the
violator. In theory, complex hierarchical structures of enforcement chains (insti-
tutions enforcing the enforcement within another institution, etc.) are possible
with the approach presented in this paper, but we are not going to discuss them
in this paper.
Before enforcement can take place, norm violations have to be detected. This
is done by specifying integrity constraints, extracted from previous work [8]:
De¯nition 4. Integrity constraints are ¯rst-order formulas of the form
0
@
n^
i=1
uttered(si; wki ; ili) ^
m^
j=0
ej
1
A) ?
where si are scene identi¯ers or variables, wki is a state ki of scene si or a vari-
able, ili is an illocution scheme li matching the schema labelling an outgoing arc
from wki and ej are boolean expressions over variables from uttered predicates.

These integrity constraints de¯ne sets of situations that should not occur
within an e-institution. The meaning of these constraints is that if grounded
illocutions matching the illocution schemes il1 ; : : : ; iln are uttered in the cor-
responding scenes and states, and expressions e1; : : : ; em are satis¯ed, then a
violation (?)occurs afterwards. We use the ")" to indicate that it is not really
an implication, but some temporal order is involved.
Since agents can violate norms, the integrity constraints are not enough.
We need to specify which actions are to be taken by the enforcers after the
violation has been detected. In a sense, the violation of a norm by agents within
the e-institution obliges the enforcers to perform actions, namely to punish the
agent breaking the norm. This \obligation to enforce" is expressed by means of
a dialogical constraint:
De¯nition 5. Dialogical constraints are ¯rst-order formulas of the form:
0
@
n^
i=1
uttered(si; wki ; i¤li) ^
m^
j=0
ej
1
A)
0
@
n0^
i=1
uttered(s0i; w0ki ; i0¤li ) ^
m0^
j=0
ej
1
A
where si, s0i are scene identi¯ers or variables, wki , w0ki are variables or states of
scenes si and s0i respectively, i¤li , i0¤li are illocution schemes li matching the schema
labelling an outgoing arc from wki of scenes si and s0i respectively, and ej, e0j
are boolean expressions over variables from uttered predicates. These boolean
expressions can include functions to check the state of the institution.
The intuitive meaning of a dialogical constraint is that if grounded illocutions
matching i¤l1 ; : : : ; i¤ln are uttered in the corresponding scene states, and the ex-
pressions e1; : : : ; em are satis¯ed, then, grounded illocutions matching i0¤l1 ; : : : ; i0¤ln
satisfying the expressions e01; : : : ; e0m0 must be uttered in the corresponding scene
states as well. Dialogical constraints assume a temporal ordering: the left-hand
side illocutions must be uttered prior to the illocutions on the right-hand side,
i.e. the illocutions on the left should have time stamps which precede those of
the illocutions on the right.
The dialogical constraints point out the actions to perform in the enforcement
of a violated norm. For instance,
uttered(S;W;inform(A;Role;all;Role2;smoke;T )))
uttered(S;W;inform(B;enforcer;A;Role;decrement(credit;50);T 0))^T 0>T
shows an example of a dialogical constraint which expresses that every agent "A"
playing any role "Role" that smokes in a scene should be sanctioned (since smok-
ing is illegal). Whenever an agent performs the action of smoke, an "enforcer"
agent "B" is obliged to decrement its credit by 50.

The integrity constraints are then implemented in the infrastructure of the
e-institutions, thereby providing the means to detect violations of norms, where
the dialogical constraints are implemented in the enforcing agents which use
them to determine the illocutions that should be uttered when a norm has been
violated.
4 Semantics
In this section we present the semantics of the integrity constraints, used for
detecting violations, and the dialogical constraints, used for specifying enforce-
ment, which we introduced in the previous section. In the de¯nitions below we
use the standard concept of substitution (denoted by ¾) to relate a set of values
(¯rst-order terms denoted ¿) to a set of variables (denoted x; y; z) in a compu-
tation [1, 9]. We use Á ¢ ¾ to denote the formula Á on which the substitution ¾
has been performed.
We conceive the notion of state (¢) in an electronic institution as the set of
illocutions uttered (expressions of the form uttered(s; w; i)) and the boolean ex-
pressions that hold during its enactment. The execution of the institution would
be divided into two di®erent, alternating rounds: event addition and process-
ing. Firstly, we start the execution with a (possibly empty) initial state where
agents' illocutions are added. Secondly, the rules are executed evolving the state
adding inconsistency marks or obligations. Then, we again start the event ad-
dition round and so on. The semantics of the integrity constraints are de¯ned
as relationships (sIC) between the current state ¢ and the next state ¢0. Let
us ¯rst look at the utterances and boolean expressions that are used in the
constraints. An utterance holds i® it is uttered in the current state:
De¯nition 6. S(¢;uttered(s; w; i); ¾) holds i® uttered(s ¢ ¾;w ¢ ¾; i ¢ ¾) 2 ¢
The semantics of Boolean expressions are de¯ned as follows:
De¯nition 7. S(¢; ¿1 B ¿2; ¾) holds i® ¿1 ¢ ¾ B ¿2 ¢ ¾ holds. Where B 2 f=; 6=
; >;<;¸;·g with their usual meaning.
Conjunctions used in the constraints are satis¯ed in the normal way:
De¯nition 8. S(¢; (Vni=1 Ái); ¾) holds i® S(¢;Ái; ¾), 1 · i · n; n 2 IN , hold.
In the following we use u as an abbreviation of: Vni=1 uttered(si; wki ; ili) ^Vm
j=0 ej
Integrity constraints de¯ne the violations of the norms. An integrity con-
straint is applicable to the institutional state (¢), and thus introducing a vi-
olation (?), i® the conjunction of utterances and boolean expressions holds in
¢:
De¯nition 9. sIC(¢;u ¢ ¾ ) ?;¢ [ f?g) holds i® S(¢;u; ¾) hold.
An integrity constraint does not introduce a violation, if either the utterances
or the boolean expressions do not hold in ¢, i.e. the integrity constraint is not
applicable:

De¯nition 10. sIC(¢;u ¢ ¾ ) ?;¢) holds i® S(¢;u; ¾) does not hold.
Dialogical constraints introduce obligations to enforce, based on the viola-
tions detected by integrity constraints. We de¯ne the semantics of dialogical
constraints as relationships (sDC) between current state ¢ and the next state
¢'. A dialogical constraint is applicable to a state ¢, thus introducing an obliga-
tion to enforce, i® the conjunction of utterances and boolean expressions holds
in ¢:
De¯nition 11. sDC(¢;u ¢ ¾ ) u0 ¢ ¾;¢ [ fu0 ¢ ¾g) holds i® S(¢;u; ¾) holds.
A dialogical constraint does not introduce an obligation to enforce i® the
conjunction of utterances or the conjunction of boolean expression does not
hold in ¢:
De¯nition 12. sDC(¢;u ¢ ¾ ) u0 ¢ ¾;¢) holds i® S(¢;u; ¾) does not hold.
Note that de¯nitions 9 and 10 can be seen as a kind of special cases of de¯-
nitions 11 and 12. We chose to treat them separate, because the temporal °avor
(and implementation) of the dialogical constraints is much bigger than of the
integrity constraints. From the semantics we can straightforwardly implement an
interpreter in Prolog as done in [11]. This interpreter would evolve the state of
enactment of an institution by adding inconsistency marks, based on violations
detected through the integrity constraints, or obligations to enforce, based on
the speci¯ed dialogical constraints.
In the current AMELI framework, agent interactions are mediated by a spe-
cial kind of agents called governors. These governors regulate the agents' illocu-
tions following the speci¯cation of electronic institutions, i.e. they only forward
illocutions that match the illocution scheme of an outgoing arc of the current
state of the scene. By including the interpreter mentioned above, we improve the
governors by allowing them to regulate according to more expressive and °exible
speci¯cations of electronic institutions.
5 Implementing Norms
The operational approach to norms expressed in [18] that tries to implement
norms from an institutional perspective, that is to say enforcing norms by means
of detecting violations and reacting to such violations, views norms as a manner
to describe how someone should behave, i.e., they de¯ne obligations, permissions
and prohibitions also known as the declarative meaning of norms (cf. [5, 14]).
Since a system needs responses to the violations that occur, the norms in this
approach are viewed as a frame which includes not only this declarative meaning
of the norm but also a de¯nition of the responses to violations to the norms,
which are known as sanctions and repairs (also known as the operational meaning
of the norm). In [18] this norm frame is de¯ned as follows:

De¯nition 13 (Norms).
NORM := NORM CONDITION;VIOLATION CONDITION;
DETECTION MECHANISM;SANCTION;REPAIRS
VIOLATION CONDITION := formula
DETECTION MECHANISM := faction expressionsg
SANCTION := PLAN
REPAIRS := PLAN
PLAN := action expression j action expression ;PLAN
The norm condition is the declarative norm, as obtained from, for instance, the
legal domain (see de¯nition 14 for a description of what these norm conditions
can be. The other ¯elds in this norm description are; 1) the violation condition
which is a formula de¯ning when the norm is violated, 2) the detection mecha-
nism which describes the mechanisms included in the agent platform that can
be used for detecting violations, 3) the sanction which de¯nes the actions that
are used to punish the agent(s) violating the norm, and 4) the repairs which is
a set of actions that are used for recovering the system after the occurrence of a
violation.
De¯nition 14 (Norm Condition).
NORM CONDITION := N(a;S hIFCi) jOBLIGED(aENFORCE(N(a;S hIFCi)))
N := OBLIGED jPERMITTED j FORBIDDEN
S := P jDOA jP TIMED jDOATIMED
C := formula
P := predicate
A := action expression
TIME := BEFORE jAFTER
As de¯nition 14 shows, norms can either be permissions, obligations or pro-
hibitions. Moreover, norms can be related to actions or to predicates (states).
Through the condition (C) and deadline (D), norms can be made applicable to
certain situations only (conditions and deadlines are considered optional).
Before we can use norms speci¯ed in the formalism described above, we
need to translate the abstract predicates and actions into corresponding concrete
utterances and scenes that are speci¯ed in the de¯nition of the institution. For
instance, a norm such as
OBLIGED((buyerDO pay(Price;seller)) IF done(buyer;won(Item;Price)))
should be translated into utterances as used in e-institutions:
uttered(payment;W;inform(A;buyer;B;payee;pay(Item;Price);T ))
uttered(auction;w2;inform(C;auctioneer;A;buyer;won(Item;Price);T 0))
We will get back to this issue in section 7. For now we will assume that some
translation from, e.g., OBLIGED((aDOA) IFC) into OBLIGED(utter(S;W; I) IFC)
can be given, taking into account that the state S and world W of the insti-
tution will correspond to the applicable state meant by the norm, and that
I is an illocution performed by a to implement action A. We can use the
DETECTION MECHANISM description to assist in the translation.

Once the norms are contextualised, we can map them to integrity constraints,
as speci¯ed in the previous section, which we use to check whether violations oc-
cur. This mapping of the contextualised norm conditions to integrity constraints
can be done by the use of the following table:
Norm Translation
FORBIDDEN(utter(s;w;i)) uttered(s;w;i)!?
OBLIGED(utter(s;w;i) IFC) (C^:uttered(s;w;i))!?
FORBIDDEN(utter(s;w;i) IFC) (C^uttered(s;w;i))!?
OBLIGED(utter(s;w;i)BEFORED) (69T :uttered(s;w;i(T ))^T<D)!?
OBLIGED(utter(s;w;i)AFTERD) (69T :uttered(s;w;i(T ))^T>D)!?
FORBIDDEN(utter(s;w;i)BEFORED) (9T :uttered(s;w;i(T ))^T<D)!?
FORBIDDEN(utter(s;w;i)AFTERD) (9T :uttered(s;w;i(T ))^T>D)!?
An observant reader should note that permissions are left out of this trans-
lation, since permissions cannot be violated, and therefore cannot be speci¯ed
as an integrity constraint. Unconditional obligations are also not in this table,
since these would mean that agents are obliged to utter a certain illocution all
the time, which is not meaningful. Likewise, obligations that should be satis¯ed
after a speci¯c point in time are not very useful either, since these can never
be violated. This can, however, be adapted by including another deadline before
which the obligation has to be ful¯lled, which would mean that, in most cases,
the obligation should be ful¯lled before the institution ends.
The VIOLATION CONDITION of a norm is translated into a conjunction of
boolean expressions that can be checked in the institution.
Finally, the SANCTION and REPAIR of a norm as described in the norm
framework should both be translated to (a sequence of utterances plus boolean
constraints) for the enforcer agents. This will create the dialogical constraints to
be used by the enforcing agents to determine which actions should be performed
when a norm is violated.
6 Other Normative Approaches
In this section we give a tentative comparison between the approach just men-
tioned and the norm frameworks introduced in [2] and [15]. Given the concepts
seemingly in those frameworks we show how we think norms from these frame-
works can be implemented using the language given in section 3.
6.1 Norms in Z
In [15] Luck et al. proposed a framework for norms that could be integrated
into their multiagent systems. Like the framework of the previous section it
identi¯es the addressee, normative goal, punishments and context of norms (in
the previous approach these were, respectively, the role a, the predicate P or
action A, the sanctions and the (temporal) condition C or D). The norm frame

in [15] expands this with the concepts of bene¯ciaries, exceptions and rewards,
which were left implicit in the approach of the previous section. Additionally,
their norm frame also speci¯es that for norms the inclusion of an addressee,
a context and a normative goal are mandatory, and, moreover, it shows that
the sets de¯ning the context and the exceptions, as well as the sets of rewards
and punishments, are disjoint. Note that punishments and rewards in this norm
frame are speci¯ed as goals which are to be achieved by norm enforcing agents,
that is to say, when the norm is violated the norm enforcing agents of the system
are obliged to ful¯l the punishment-goal to punish the agent violating the norm.
Using the language introduced in section 3 we can again show that norms
speci¯ed in this norm frame can be operationalised for use in e-institutions.
After contextualisation, the norms can be automatically translated to integrity
constraints and inference rules.
The contextualisation of the norms as speci¯ed above includes linking the ad-
dressee, bene¯ciaries (if present) and normative goal to the correct corresponding
utterance, as well as identifying the predicates used in the e-institution to ex-
press the context and exceptions. After this contextualisation the norms can
easily be translated into the following integrity constraint to detect violations of
the norm:
(context^ » exception ^ :goal0) ! ?
where context and exception are predicates obtained through the contextuali-
sation for specifying the context and exceptions mentioned in the norm, goal0
is the contextualised normative goal (thus including the addressee and possible
bene¯ciaries), and the » operator is for expressing negation-as-failure (since no
exceptions might be given).
If punishments and rewards are speci¯ed, the following dialogical constraints
can be de¯ned:
(context^ » exception ^ :goal0) ) punishment
(context^ » exception ^ goal0) ) reward
which de¯ne that punishment should be executed by an enforcing agent when
the speci¯ed condition (i.e. the violation of the norm) occurs while a reward
should be given when agents comply to the norm.
6.2 Event Calculus Norms
In [2] Artikis et al. propose the use of event calculus for the speci¯cation of norm
based protocols. The event calculus is a formalism to represent reasoning about
actions or events and their e®ects in a logic programming framework. It is based
on a many-sorted ¯rst-order predicate calculus.
Predicates that change along time are called °uents. Obligations, permis-
sions, empowerments, capabilities and sanctions are formalised by means of
the following °uents: obl(Ag;Act), per(Ag;Act), pow(Ag;Act), can(Ag;Act) and

sanction(Ag). In the example of [2], prohibitions are not formalised as °uents
since they assume that every action that is not permitted is forbidden by default.
The expression below shows an example of an obligation speci¯ed in Event
Calculus extracted from [2]. The obligation that C revokes the °oor holds at
time T if C enacts the role of chair and the °oor is granted to someone else
di®erent from the best candidate.
holdsAt(obl(C; revoke floor(C)) = true; T ) Ã
role of(C; chair)
holdsAt(status = granted(S; T 0); T ); (T ¸ T 0);
holdsAt(best candidate = S0; T ); (S 6= S0)
If we translate all the holdsAt predicates into uttered predicates, we can
translate the obligations of the example by including the rest of conditions in
the LHS of the integrity constraints:
(uttered(s; w; inform(A;R;B;R0; best candidate(S0))^
uttered(s; w; inform(C; chair; S; candidate; granted(S))^
S 6= S0) ) utter(s; w; inform(C; chair;A;R00; revoke floor))
However, since there is no concrete de¯nition of a norm, we cannot state that
Artikis' approach is fully translatable into integrity constraints and dialogical
constraints.
Although event calculus models time, the deontic °uents speci¯ed in the
example of [2] are not enough to inform an agent about all types of duties. For
instance, to inform an agent that it is obliged to perform an action before a
deadline, it is necessary to show the agent the obligation °uent and the part of
the theory that models the violation of the deadline.
7 Contextualising Norms
In previous sections we have mentioned that norms need to be contextualised
in order to be used in e-institutions. This contextualisation is, in a sense, in-
terpreting the abstract norm from the institution's point of view such that it is
usable for implementation. In the example that we used earlier this interpreta-
tion was quite clear. However, if we regard institutional norms that are derived
(or translated) from human laws and regulations, the contextualisation becomes
much harder, as laws contain vague and ambiguous concepts that cannot always
be related to a single integrity constraint. In order to implement such norms
with a high level of abstraction two steps must be taken: 1) interpreting the
abstract concepts and link them to concrete concepts used in the institution,
and 2) adding procedural information and artifacts to the institution to simplify
(or allow) the enforcement of the norm. In this section we examine both these
elements.

7.1 Ontological Interpretations of Concepts
The ¯rst step of the contextualisation of norms is to connect abstract concepts
appearing in the norm to concepts used in the institution. Consider the following
norm of an auction house, expressing the obligation to identify oneself upon
entering an auction:
OBLIGED((participantDO identify) IF (participantDO enter(auction)))
The action identify in this norm has an abstract meaning and can be im-
plemented in various di®erent manners. To implement this norm the meaning of
this abstract action must be de¯ned, which is done by connecting the abstract
action to concrete action(s), e.g. through the use of a counts-as operator [12, 13]:
[participantDO give(certificate;manager)AND
managerDO check(certificate)] counts-as participantDO identify
describing that giving an identi¯cation certi¯cate to the auction manager, and
the manager checking this certi¯cate (both actions de¯ned in the institution!)
is seen as an implementation of the identify action. Each institution can de-
¯ne its own relations between abstract and concrete concepts (depending on the
available concrete concepts) using the counts-as relation.
Thus implementing these counts-as de¯nitions is achieved by extending the
existing ontology of the institution. This ontology consists of all the concrete con-
cepts used in the institution. It is extended with the abstract concepts that are
used in the norms and the relation between the abstract and concrete concepts
using the counts-as relation as done above.
7.2 Introducing Procedural Information
After interpreting the abstract concepts of the norm, the norm can be imple-
mented by means of integrity and dialogical constraints as mentioned in sections
3 and 4. In some cases, though, trying to detect a violation would be computa-
tionally hard or totally infeasible from the institution's point of view. Moreover,
there might be norms for which a recovery from a violation is di±cult or costly.
In both cases, the norm should be modi¯ed in (logically or morally equivalent)
norms such that it either becomes feasible to detect the violation, or protect the
system from very harmful violations. This process of contextualising norms can
be done in two ways. Either the norm is translated into smaller and simpler
norms which are easier to check but ensure the compliance of the original norm,
or the norm is translated into a set of constraints that ensure the compliance.
Consider the following norm in an auction house, expressing that as an agent
bids on an item it has to pay for the item if it won the auction:
OBLIGED((buyerDO pay(Price;seller)) IF done(buyer;won(Item;Price)))
Violations of this norm occur, for instance, because the agent does not have
enough money to pay, the agent does not want the item anymore or the agent
simply disconnects (unintentionally or on purpose). Although the violation of
this norm can be detected easily, sanctioning the agent and repairing the sit-
uation might be di±cult (especially if the agent disconnects). To avoid these

situations, one can choose to implement this norm by means of a constraint;
upon entering the institution all agents have to deposit an amount of money
(for security) that they will get back when leaving the institution if no viola-
tions have occurred:
OBLIGED((agentDO pay(Security Fee)) IF done(agent;enter(Institution)))
However, if a violation of the mentioned norm occurs, this money can be used
to pay for the items, thereby sanctioning the agent. This means that our origi-
nal norm has been implemented by introducing a norm that is easier to enforce
(i.e. agents are obliged to pay security before entering), which generates the con-
straint (or mechanism) that is used for enforcing the original norm. Thus, instead
of implementing one norm which was hard to enforce, we have implemented two
norms (which were derived from the original norm) that are easily enforced.
8 Conclusions
Previous implementations of electronic institutions enforced norms by ensuring
that the agents joining the system followed a pre-de¯ned protocol, thereby guar-
anteeing norm compliance of the agents. As this approach severely limits the
autonomy of the agents, a more °exible enforcement was desired. This paper
proposes the use of integrity constraints and dialogical constraints to implement
such a °exible enforcement of norms. This norm enforcement is based on the
detection of and reacting to the violations of norms.
In order for any kind of norm enforcement to be implemented, abstract norms
need to be expanded with an operational meaning, as the declarative nature of
abstract norms only de¯nes what is legal/illegal, but never expresses how this
legality/illegality is obtained/averted. In [18] we introduced several mechanisms
for operationalising norms, where we annotated norms (expressed in deontic
logic) with operational aspects, like sanctions and repairs. In this paper we have
used this normative frame to design an implementation scheme usable for imple-
menting norm enforcement in electronic institutions. However, before norms can
be implemented using this scheme, the norms need to be contextualised. This
contextualisation is 1) connecting the abstract concepts of the norm to the con-
crete concepts used in the institution, and 2) extending the norm with additional
procedural information before attempting to implement it. The contextualisa-
tion of the norms is, in fact, a further operationalisation of the norms, where, in
contrast to declarative norms (which never change the world), the second step
of this operationalisation changes the world in order to enforce the norm.
Acknowledgements
The ¯rst author of this paper was supported by the Netherlands Organisation
for Scienti¯c Research (NWO) under project number 634.000.017. This paper
was also partially supported by the Spanish Science and Technology Ministry as
part of the Web-i-2 project (TIC-2003-08763-C02-00).

References
1. K. R. Apt. From Logic Programming to Prolog. Prentice-Hall, U.K., 1997.
2. A. Artikis, L. Kamara, J. Pitt, and M. Sergot. A protocol for resource sharing in
norm-governed ad hoc networks. In Proceedings of the Declarative Agent Languages
and Technologies (DALT) workshop. Springer, July 2004.
3. C. Castelfranchi. Formalizing the informal?: Dynamic social order, bottom-up
social control, and spontaneous normative relations. Journal of Applied Logic,
1(1-2):47{92, February 2003.
4. F. Dignum. Abstract norms and electronic institutions. In Proceedings of the
International Workshop on Regulated Agent-Based Social Systems: Theories and
Applications (RASTA '02), Bologna, pages 93{104, 2002.
5. F. Dignum, J. Broersen, V. Dignum, and J.-J. Ch. Meyer. Meeting the Deadline:
Why, When and How. In 3rd Goddard Workshop on Formal Approaches to Agent-
Based Systems (FAABS), Maryland, April 2004.
6. M. Esteva. Electronic Institutions: from speci¯cation to development. Number 19
in IIIA Monograph Series. PhD Thesis, 2003.
7. M. Esteva, J. Rodr¶³guez-Aguilar, B. Rosell, and J. Arcos. AMELI: An Agent-based
Middleware for Electronic Institutions. In Third International Joint Conference
on Autonomous Agents and Multi-agent Systems, New York, US, July 2004.
8. M. Esteva, W. Vasconcelos, C. Sierra, and J. Rodr¶³guez-Aguilar. Verifying norm
consistency in electronic institutions. In Proc. of The AAAI-04 Workshop on Agent
Organizations: Theory and Practice (ATOP), San Jose, California, July 2004.
9. M. Fitting. First-Order Logic and Automated Theorem Proving. Springer-Verlag,
New York, U.S.A., 1990.
10. A. Garc¶³a-Camino and J. Rodr¶³guez-Aguillar. Implementing norms in electronic
institutions. In Proceedings of the 4th Int. Joint Conf. on Autonomous Agents &
Multi Agent Systems (AAMAS-05), Utrecht, The Netherlands, July 2005.
11. A. Garc¶³a-Camino, J. Rodr¶³guez-Aguillar, C. Sierra, and W. Vasconcelos. A dis-
tributed architecture for norm-aware agent societies. In Proc. of the 3rd Int. Work-
shop on Declarative Agent Languages and Technologies (DALT 2005), Utrecht, The
Netherlands, July 2005.
12. D. Grossi, H. Aldewereld, J. V¶azquez-Salceda, and F. Dignum. Ontological aspects
of the implementation of norms in agent-based electronic institutions. Computa-
tional and Mathematical Organization Theory, to appear in 2006.
13. D. Grossi, F. Dignum, and J.-J. Ch. Meyer. Contextual taxonomies. In J. Leite
and P. Toroni, editors, Proceedings of CLIMA V Workshop, Lisbon, September,
pages 2{17, 2004.
14. A. Lomuscio and D. Nute, editors. Proc. of the 7th Int. Workshop on Deontic Logic
in Computer Science (DEON04), volume 3065 of LNCS. Springer Verlag, 2004.
15. F. L¶opez y L¶opez and M. Luck. Towards a Model of the Dynamics of Normative
Multi-Agent Systems. In G. L. et.al., editor, Proc. of RASTA '02, pages 175{194,
Bologna, July 2002.
16. P. Noriega. Agent-Mediated Auctions: The Fishmarket Metaphor. Number 8 in
IIIA Monograph Series. PhD Thesis, 1997.
17. J. A. Rodriguez-Aguilar. On the Design and Construction of Agent-mediated Elec-
tronic Institutions. Number 14 in IIIA Monograph Series. PhD Thesis, 2001.
18. J. V¶azquez-Salceda, H. Aldewereld, and F. Dignum. Implementing norms in mul-
tiagent systems. In G. Lindemann, J. Denzinger, I. Timm, and R. Unland, editors,
Multiagent System Technologies, LNAI 3187, pages 313{327. Springer-Verlag, 2004.