Complexity of the Universal and Existential Fragments of the mcalculus

1
Complexity of the Universal and
ExistentialFragments of the m-calculus
Thomas A. Henzinger, Orna Kupferman, and Rupak
Majumdar UC Berkeley
2
The m-calculus

• Modal logic, with least and greatest fixpoints
• Syntax
• f p p y f1 Ç f2 f1 Æ f2
• EX f AX f m y. f n y. f

3
The m-calculus Semantics

• Kripke Structures
• Set of propositions P
• Set of states W
• Total transition relation R µ W W
• Initial state w0
• Labeling L W ! 2P

4
The m-calculus Semantics

• Given a Kripke Structure K ltP, W, R, w0, Lgt,
  and a function V Vars ! 2W, formula f defines a
  subset fV of W
• pV w2 W p 2 L(w) pV w2 W
  p Ï L(w)
• f1 Ç f2V f1V f2V f1 Æ
  f2V f1V Å f2V
• yV V(y)
• EX fV w2 W 9 w. R(w,w) and w2 fV
• AX fV w2 W 8 w. R(w,w) then w2 fV
• m y.fV Å Wµ W fVy W µ W
• n y.fV Wµ W W µ fVy W

Write K, w0 ² f if w0 2 fV
5
Why Study the m-calculus?

• Very expressive can translate most logics of
  programs to it
• Temporal Logics CTL, LTL, CTL,
• Program Logics PDL, YAPL,
• Assembly language for symbolic model checking
• The fixpoint expressions suggest natural symbolic
  evaluation algorithms

6
Assembly Language

• Put in example

7
Questions about the m calculus

• Satisfiability
• Validity
• Model checking
• Implication

Given f, is there a Kripke structure K such that
K,w0 ² f?
EXPTIME
Given f, is K,w0 ² f for all Kripke structures K?
EXPTIME
Given f and Kripke structure K, is K,w0 ² f?
NPÅ coNP
Given f1 and f2, is f1 ! f2 valid?
EXPTIME
8
Sources of Complexity

• Two apparent sources
• Switches between least and greatest fixpoint
  operators
• Switches between universal (AX) and existential
  (EX) branching modes
• Alternation free m calculus (AFMC)
• Switches between least and greatest fixpoint
  operators ruled out
• Example
• m x. p Ç (n y. q Æ EX y) Æ EX x is
  alternation free,
• But m y. n x. EX y Ç p Æ EX x is not

9
Known Complexities
10
How about the other source?

• Define fragments AMC and EMC, where only one
  branching mode is allowed
• AMC f p p y f1 Ç f2 f1 Æ f2
• AX f m y. f n y. f
• EMC f p p y f1 Ç f2 f1 Æ f2
• EX f m y. f n y. f
• AMC rich enough to express most specifications of
  interest
• Subsumes (universal) LTL, ACTL, ACTL

11
Sources of Complexity

• m calculus can express alternating reachability
  (by unbounded switching of EX and AX)
• m x. p Ç EX AX x
• Alternating reachability is PTIME-complete, but
  (existential) reachability is NLOGSPACE
• By removing the ability to explicitly specify
  alternations, we hope to get simpler algorithms

12
Fragments of Temporal Logics
13
Fragments of Temporal Logics
14
Fragments of Temporal Logics
15
We Study
16
Satisfiability AMC

• Theorem Satisfiability for AMC and A-AFMC are
  PSPACE-complete.
• Given an AMC formula f, consider the Linear m
  calculus formula f obtained by removing all path
  quantifiers.
• Then f is satisfiable iff f is satisfiable
• Now use satisfiability for linear m calculus and
  its alternation free fragment are PSPACE-complete
  Vardi88

17
Satisfiability EMC

• Theorem Satisfiability for EMC and E-AFMC are
  NP-complete.
• Technique Show a linear size model property for
  EMC
• If f 2 EMC is satisfiable, it is satisfiable in a
  model of size O(f)
• Recall Full m calculus only has an exponential
  size model property
• ECTL has a linear size model property, but ECTL
  does not

18
Linear Size Model Property

• Example

19
Complexity Results
20
Satisfiability EMC

• Theorem Satisfiability for EMC and E-AFMC are
  NP-complete.
• Technique Show a linear size model property for
  EMC
• If f 2 EMC is satisfiable, it is satisfiable in a
  model of size O(f)
• Recall Full m calculus only has an exponential
  size model property

21
Model Checking

• Theorem

22
Complexity Results
23
Implication

• Theorem

24
Implication

• Labeling was the key trick to reduce model
  checking and implication
• Easy for model checking
• Not so easy for implication
• ACTL and ECTL formulas cannot specify a legal
  labeling, hence implication problems are strictly
  easier than the full logic

25
Complexity Results
26
Equivalence

• Given f1 and f2, is f1 f2 ?
• EXPTIME upper bound from the full \mu calculus
• PSPACE hardness from satisfiability or validity
• There is a gap!!
• Equivalence is not harder than implication, and
  not easier than satisfiability and validity
• In other formalisms (CTL, CTL, word automata)
  there is no gap in these complexities