Automata on Innite Words

gehalten von Univ.-Prof. Dr. rer. nat. Wolfgang Thomas

im Wintersemester 2005/06 an der RWTH Aachen
eine studentische Mitschrift von
Florian Heller
orian@heller-web.net
Diese Mitschrift erhebt keinen Anspruch auf Richtigkeit oder Vollst andigkeit.
- Think Dierent -
February 7, 2006
1 Introduction
18.10.05
1.1 The Theory
The Theory has been formed by Dr. Richard B uchi, Trakhtenbrot, Rabin, McNaughton. The subject is the
analysis of nite Automata working on innite Words.
Motivation
1. Attractive theory with algorithmic content.
2. Framework to non-terminating reactive systems.
3. Connection to logic (temporal logic and others)
A Script of this lecture is available on the website of Informatik 7
1.2 Exercises
Starting tomorrow.
Hand in the Solutions in Groups of three persons.
1.3 B uchi automata and regular -languages
Alphabet, B = {0, 1}, a, b, c, . . . letters, u, v, w, . . . nite words, empty word,
+
,

= (0)(1)(2) . . . -Word [over if (i) ]

set of -words over

[i . . . j] = (i) . . . ( j)
U, V, W, . . . languages of nite words. K, L, . . . languages of -words
Denition (B uchi Automaton)
A B uchi automaton is of the form A = (Q, , q
0
, , F) with nite state set Q, input alphabet , initial state
q
0
, transition relation Q Q and a set F Q of accepting (or nal) states.
accepting -wordby the B uchi condition
A run of Aon is a sequence = (0)(1) . . . s.t. (0) = q
0
, ((i), (i), (i + 1)) for i 0
satises the B uchi condition ( accepting) if (i) F
3
4 CHAPTER 1. INTRODUCTION
A accepts if exists run of A on wich satises the B uchi condition
L(A) = {

|Aaccepts}
Example:
A
0
:
1
2
a
a
3
a,b
a
b
a
= abbababab . . .

1
= 0000000000 . . .

2
= 0000002323 . . .

3
= 0000232323 . . .

2
,
3
accepting. A
0
accepts L(A
0
) = the set of all -words over {a, b} with from some point onwards
have ababab . . . or aaaa . . . .
Short notation: (a + b)

(ab)

+ (a + b)

regular expression
Questions
1. Reduction to deterministic automata?
2. Alternative characterization of accepted (or recognized) -languages?
3. Closure under operations like ,
4. Algorithmic properties
Remark on determinism In a deterministic B uchi automaton replace by a transition function :
Q Q
Then an -word induces a unique run of Aon .
(0) = q
0
(1) = (q
0
, (0))
(2) = ((q
0
, (0)), (1))
B uchi condition as before.
L
1
= { {a, b}

| from some point onwards, in only a occurs}

L
2
= { {a, b}

|b occurs only nitely often in} = (a + b)

Claim: L
A
is B uchi recognizable, but not deterministically B uchi rec.
Proof:
Assume det. B uchi aut. A recognizes L
1
Consider A on aaa . . . . A visits nal states innitely often in its unique run, say rst time after n
0
letters a.
Consider A: a
n
0
baa . . . Next visit to nal state is guaranteed by assumption, say after prex
4
CHAPTER 1. INTRODUCTION 5
a
n
0
ba
n
1
ConsiderA on a
n
0
ba
n
1
baa . . .
Generate innite word a
n
0
, ba
n
1
ba
n
2
b . . . where the A-run visits nal states innitely often.
Contradiction to the assumption on A
1.4 Towards characterization of B uchi recognizable -languages
1.4.1 Preparation
Given U

, dene U

= {

| = u
0
u
1
u
2
. . . , u
i
U}
Example:
U = abba

+ aa
U

contains aa
.,,.
abb
.,,.
abba
.,,.
abbaa
.,,.
abbaaa . . .
Given U

, L

, U L = {

| = u, u U, L}
Theorem 1 L

is B uchi recognizable L =
_
n
i=1
U
i
V

i
with U
i
, V
i

regular.
Proof:
Given A = (Q, , q
0
, , F) B uchi automaton
Dene for p, q Q W
p,q
= {w

| ex. A-run from p to q via w}

W
p,q
is regular (use (Q, , p, , {q}))
Remark: A accepts if for some q F is in W
q
0
q
W
qq
W
qq
. . . L =
_
qF
W
q
0
q
W

qq
()
Consequence: is ultimately periodic if = uvvv . . . for some xed words u, v
Proposition: L B uchi recognizable, L L contains an ultimately periodic -word
Proof:
Given A, consider the representation ()
For some q W
q
0
q
W
qq
Using u W
q
0
q
, v W
qq
nd = uvvv . . .
Denition
L

is B uchi recognizable L is nite union of sets U V

, with U, V

regular
Proof:
Proof of ) Lemma:
a) V

regular V

B uchi recognizable (B-Rec).

b) U

reg, K

B Rec L
1
L
2
B rec
Proof a) Given NFA A = (Q, , q
0
, , F) recognizing V
Preprocessing: Introduce new initial state q

0
wich cannot be reached via nenempty word, obtain
equiv. NFA A
Construct the B uchi-atuomaton B for V

from a

For any transition (p, a, q) with q F introduce new transition (p, a, q

0
)
5
6 CHAPTER 1. INTRODUCTION
Use {q

0
} as set of nal states of B
Proof b) Given NFA A for U, B uchi automaton B for K Introduce over Q
A
Q
B
for (p, a, q) with q F
A
new transistion (p, a, q
0B
if q
0A
F
A
for (q
0B
, b, q) new transition (q
0A
, b, q)
Proof c) Given B
1
, B
2
for L
1
, resp L
2
Introduce a new initial state q
0
and new initial transitions
Consequence B uchi-recognizable -languages are described by regular -expressions (-regular ex-
pressions) r
1
s

1
+ + r
k
s

k
where r
i
, s
i
are standard regular expressions.
1.5 Complementation of B uchi automata.
Theorem 2 L

B-rec.

\ L B-rec
Strategy: Given B uchi-automaton A = (Q, , q
0
, , F) recognizing L
Dene nite family W
A
= {W
1
, . . . , w
k
} of regular languages W
i

such that
L is nite union of sets U V

with U, V
A

\ L ist also nite union of sets with U, V

A
notation (Given A) write p
w
q[p
w
q] : ex run of A on w from p to q [Such than a nal state is visited
in this run]
Denition
Given A dene for u, v

u
A
v for each p, q Q
p
u
q p
v
q
p
u
q p
v
q
Fact 1:
A
is equivalence relation, call the equivalence classes
A
-classes [u]
Fact 2: Each
A
-class is regular
w [u] p, q Q s.t. p
u
q [not p
u
q ] w W
pq
[w W
pq
] and p, q Q s.t.
p
u
q[not p
u
q] w W
F
pq
(allowing A to go from p to q visiting F )
L

B uchi-Rec.

\ B uchi-Rec. AB uchi aut. for L U V

Remark:
From the transition proles of u, v one can compute the transition prole of uv.
Other Formulation:
u
a
u

v
a
v

uv
a
u

6
CHAPTER 1. INTRODUCTION 7

a
is a congruence
U, V W
a
(U, V
a
classes)
U V W for some W
Consequence of Lemma 1,2:

\ L =
_
{U V

|U, V W
a
, V V V, U V

L = }
Proof (Proof of Lemma 2):
Given

Notation [m, n) = (m) . . . (n 1)

Two positions k, k

merge at m(> k, k

)
k k

m n
V
V V

: k, k

merge at some m Remark 1 k, k

merge at m, m < n k, k

merge at n: clear from

Remark on
a
being congruence
Remark 2

is an equivalence relation over N of nite index.

k k

m n

Given , by Remark 2, choose innite

-class, say with k

0
, k
1
, k2
,
. . .
Consider = [0, k
0
)[k
0
, k
1
)[k
1
, k
2
) . . .
Of the segments, [k
0
, k
i
) innitely many must belong to xed
a
-class, say V
So choose a subsequence of the k
i
, call them k
0
, k
1
, k
2
again, sucht that [0, k
0
) U
[k
0
, k
i
) V for all i > 0
By canncelling some k
j
we can assume that k
0
, k
i
merge at k
i
+ 1 Call the subsequence obtained
again k
0
, k
1
, . . . Show for this sequence [k
i
, k
i+1
V, i = 0, [k
0
, k
1
) V So [k
i
, k
i
+ 1)

Check
wether U.V V For construction of
complement B uchi automaton we need a test wether U V

L =
Lemma (Intersection-Lemma:)
Given B uchi automata a
1
, a
2
, L(a
1
) L(a
2
) is B uchi-recognizable.
Emptiness Test: Given B uchi aut. a, one can test wether L(a) =
L(a) ex. nal state q, such that
q is reachable from q
0
7
8 CHAPTER 1. INTRODUCTION
q is reachable from q by nonempty path.
Idea: Given a
1
(Q
1
, , q
01
,
1
, F
1
)
a
2
(Q
2
, , q
02
,
2
, F
2
)
construct product automaton
Introduce memory component with entries 0, 1, 2:
1. wait for state in F
1
2. wait for state in F
2
3. Cycle completed
1.6 Acceptance Conditions
Aim: Obtain expressive of NBA by deterministic automata with other acceptance then B uchi-ac.
Four basic acceptance conditions (given a = (Q, , q
0
, , F))
The run Q

is E-Accepting if i, (i) F
A-Accepting if i(i) F
B uchi-Accepting if
j
i > j, (i) F
-B uchi-acc. , i > j(i) F
An E-/A-/B uchi/-B uchi-cond is here a det. automaton used over -words with E-/A-. . . acceptance
Example:
(aa + b)

= {a, b}
1 2 3
a,b
Error
a,b
Example:
For Q

Inf () = {q Q|ji > j (I) = q} is visited innitely often in

Muller aut. has format a = (Q, , q
0
, , F), where F = {F
1
, . . . , F
k
}, F
i
Q
8
CHAPTER 1. INTRODUCTION 9
Run is Muller accepting if Inf () F i, Inf () = F
i
L
1
set of -words over = {a, b} with innitely many b
L
2
set of -words over = {a, b} with only nitely many b. ... 15.11.05
Lemma
a) The class of Muller recognizable Languages is closed under boolean comb.
b) L is B uchi-recognizable L is Muller recognizable
A
Proof:
We show closure under negation (complementation) an (intersection)
Complementation proceed from FtoF

q
Q
\ F
Intersection use a product construction, given A
i
= (Q
i
, , q
i
0
,
i
, F
i
), (i = 1, 2) construct A = (Q
1

Q
2
, , (q
1
0
, q
2
0
), , F) where ((p, q), a) (
1
(p, a),
2
(q, a)) and F dened n, p
1
. . . p
n
Q
1
, q
1
. . . , q
n

Q
2
: {(p
1
, q
1
), . . . , (p
n
, q
n
)} F {p
1
. . . p
n
} F
1
and {q
1
. . . q
n
} F
2
Lemma
a) L

det. B uchi recognizable

\ L det ca.B uchi recognizable

b) L

E-recognizable

\ L is A-recognizable
proof of a) (B is similar
Let A = (Q, , q
0
, , F) be a det. B uchi automaton with L = L(A)
Dene A

= (Q, , q
0
, , Q \ F)
Then

\ L Inf (

F = From some point onwards only states from Q \ F are seen , i.e.
i n

(i) Q \ F A

co-B uchi accepts

Structural Analysis of E- and det. B uchi-recognizable Languages
Lemma
a) L

is E-recognizable L = U

wher U

regular
b) L

is det. B uchi recognizable L = lim(U), U

regular
Denition
Let u

Lim(u) {

|[0, . . . , i] U for ininitely manyi}

Example U = a

ba

lim(u) = {

| contains exactly one b}

Proof:
a) Let A = (Q, , q
0
, , F) be det. automaton
Let L

be the -language E-recognized by A and U

the language recognized by A as

nite automaton. Then

isE AcceptedbyA in the unique run of A on . Finished after

nite prex u A accepts u as a nite automaton u U and for the remainder of

.
9
10 CHAPTER 1. INTRODUCTION
b) Let A = (Q, , q
0
, , F) det, L = L(A)

B uchi recognized by A, U

reg. language accepted

by A as nite DFA.
Then for

: Aacceots in

a state from F is visited inf. often i.e.

(i) = q F for
inf. many i [0, . . . , i] acceptesd by DFA A for inf. many i [0, . . . , i] U for inf. many
i lim(u)
Comparison of det. recognizable -Languages Hierarchy Theorem For the classes of det. E,A,B uchi,
co-B uchi, Muller-recognizable languages, the following inclusion diagram
All the inclusions are strict!
proof strategy: done. B uchi Muller complement Lemma + closure of Muller under boolean comb.
co-B uchi Muller , we sho E B uchi, E co-B uchi.
Then (complement) A B uchi, A co-B uchi.
Proof: W B uchi, E co-B uchi
Let A be an E-automaton recognizing L

We construct automaton A

wich both B uhi and co-B uchi

recognizes L. A

results from Aby adding a new accepting sink state,

q
f

, {q
f
} = F

redirtect every transition to a nal state in Ato q

f
, i.e. (q, a) = p F

(q, a) = q
f
22.11.05
1.6.1 Strict inclusion claims
On (4): O

1(0 + 1)

is not A-recognizable.
Assume A with n states recognizes 0

1(0 + 1)

A on input 0
n
10

accepts, so run has only nal states.

A : q
0
p p
.,,.
0
n
q On input o

the run repeats q

0
p p p . . . so only nal states. A accepts 0

contradiction.
On (5): 0

, complement of 0

1(0 + 1)

Assuming {=

} is E-recogn., the complement would be A-recognizable. Now use the proof on the language
(4).
So {0

} is not E-recogn.
On(2): L
2
= { {0, 1}

| in 101 occurs, but 11 does not }

Assume L
2
is E-Recognizable, say by A with n states. Consider A on 1010

, reaches a nal state, say up to

1010
k
. On 1010
k
1

. A reaches nal state and accepts. Contradiction.

Assume L
2
is A-recognizable, say by A with n states. A accepts 0
n
1010

, have state repetitions on prex

0
n
, so accept 0

, so contrad.
On (7): L
7
= { {0, 1}

|1 occurs only nitely often} known: not B uchi-recogn.

On (6): L
6
is complement of L
7
, so it is not co-B uchi recognizable.
1.6.2 Deciding the levels
Aim: Given Mulller automaton A = (Qm, q
0
, , F) we want to decide wether L(A) is in fact E-recognizable
or B uchi-recognizable.
10
CHAPTER 1. INTRODUCTION 11
A loop of A is a subset S Q s.t. for all s, s

exists w
+
with (s, w) = s

over Q S
Remark A set Inf () is a loop. We may restrict F to loops only. Assume A has only reacheable states, has
acceptance component F containing only loops.
F is closed under reacheable then S

F
F is closed under superloops if loop S F and loop S

S then S

F
Remark Given A both properties of F can be checked eectively.
1.6.3 Landwebers Theorem
Let A be a Muller automaton A = (Q, , q
0
, , F)
a) L(A) is E-recognizable if F is closed under reachable loops.
b) L(A) is B uchi-recognizable if F is closed under superloops.
Proof b) Assume A is closed under superloops. Construct B uchi automaton for L(A) Use set Q 2
Q
:
in rst component simulate A in second component accumulate visited states until superset S S F is
reached, then go to instead (nal).
Automaton accepts if given aut. A satis f iesInf () S F Given Muller-automaton A = (Q, , q
0
,
a
, F)
and a B uchi-atuomaton B = (P, , p
0
,
b
, F with L(A) = L(B)
Consider loop S F, superloop S

. Show S F
Find -word with Inf () = S

for the A-run , with A accepts. Start with prex w leading A to some
q S . Continue w by wich causes A to loop through S again and again. Bon w visits F-state after w, say
adter wu
1
. Via word v
1
back to q in A, via x
1
go once through S in A and back to q. On prex wu
1
v
1
x
1
A
has looped through S

once, B has visited a nal state. Repeat the argument with wu

1
v
1
x
1
. Repeateing we
obtain wu
1
v
1
x
1
u
2
v
2
x
2
. . . s.t.:
_
Aloops through S

againandagain
B reaches nal states inf. often
So Baccepts hence accepts, hence S

F
1.7 Weak automata
A Staiger-Wagner automaton (weak Muller automaton) has the same format (Q, , q
0
, , F) as Muller au-
tomaton, but with the following acceptance: A accepts if for unique run of A on : the set of states
occuring in is in F. Occ() F 29.11.2005
Staiger-Wagner automaton: A = (Q, , q
0
, , F) F Pow(Q)
A accepts for the unique run of A in we have Occ() F for some F F, the states of form F
Theorem 3 L

is (det.) B uchi- and Co-B uchi recognizable L is Staiger-Wagner recognizable.

Proof:
Given A = (Q, , q
0
, , F) F = {F
1
, F
2
, . . . , F
k
}
Construct A

over Q 2
Q
2
Q
.,,.
k times
State (q, R
1
, . . . , R
k
) signals that A is in q, and that R
i
(i = 1, . . . , k) is the set of states visited so
11
12 CHAPTER 1. INTRODUCTION
far.
Declare (q, R
1
, . . . , R
k
) as nal if R
i
= F
i
for some i (For B uchi-automaton A)
A

visits nal ininitely often for some i, R

i
= F
i
innitely often
for some i, R
i
= F
i
from some point onwards.
So A

used as b uchi or as Co-B uchi automaton, accepts if the visited states for A form some
F
i
.
Preparation for : SCC Decomposition) Given transition graph, a strongly connected component
is a maximal strongly connected subset.
Proposition the SCCs and the singletons wich do not belong to an SCC form a partial ordering under
the reachability relation.
SCC-Algorithm For directed Graph G = (V, E)
1. Run depth-rst search, recording enter/farewell-times for the vertices
2. Reverse edges, get G
T
3. Run depth-rst search on G
T
, taking as roots of depth-rst trees vertices in reversed order of
nish times (Starting from vertex with highest farewell
Resulting d-f-trees are the SCCs (the reacheable vertices form a SCC S of G
Given B uchi-automaton wich recognizes L
Take Muller-automaton for L, A = (Q, , q
0
, , F) F is closed under superloops.
Since A recognizes a co-B uchi recogn. set, F is closed under subloops.
Consequence: All loops of an SCC of A are accepting ( F) or all loops of SCC are rejecting
( F).
Call SCC S good, if all its loops are accepting, (otherwise its bad)
Fiven S , let S
+
be the set of states q S with transition (p, q), p S
Consequence: Run of A is accepting if reaches some good S but does not reach the cor-
repsonding set S
+
.
So get a Staiger-Wagner-automaton from A with the following acceptance component F

con-
taining a set R Q if for some good S we have R S and R S
+
= .
12
2 Determinization
Aim: Transformation of undet. B uchi automaton to det. Muller automata. (McNaughton 1966, (Information
and Control)).
Safra 1988: Optimal complexity bound for the number of states (Rabin automata)
Muller,Schupp (1992): Optimal complexity bound for the number of states
Problem: Powerset construction is not enough.
1
b
a,b
b
1 1 1
. . .
. . .
innitely often set visited with -
nal state 1!
Idea of MS-construction: On given input word, build up the run Tree of B uchi automaton. Use prexes
of tree up to some level as rst approximation of states. Reduction and compression leads to nite number
of states.
Illustration with
a
b
a
a,b
b
L = (a + b)

(b
+
a)
Example input: Run tree of A = (Q, , q
0
, , F) on input
Remark:
A accepts in run tree of A an innite path exists with innitely many nal states.
Reduct1on 1 Put states together if they are nal, respectingly nonnal (nal:down, vertically display:
left)
Result: Binary branching tree. Acceptance Tree.
Remark:
A accepts in acceptance of A on exists path pranching down innitely often.
13
14 CHAPTER 2. DETERMINIZATION
From a nondet. B uchi automaton, one can construct an equivalent det. Muller automaton.
Given A = (Q, , q
0
, , F), start on input from run tree of A on
Convention: Branch left(down) with nal states.
1. Reduction Merge states at a branching when they are nal (left succ.)
Merge states at a branching when they are non-nal (right succ.)
Get acceptance tree with a most binary branching.
Remark:
A accepts in acceptance tree of A on exists path with innitley many left turns.
easy from condition on run tree
from innite path in acc. tree obtain a partial run tree wich is innite and nitely branch-
ing.K onigs Lemma gives innite path of run tree of course with innitley many left turns.
2. Reduction On each Level keep only the leftmost (downmost) occurence of each individual state.
Remark:
A accepts in the resulted left-reduced acc. tree a path exists with innitely many
left turns.
3. Reduction Compress path segments into single nodes:
Merge
nodes of a path segment into the topmost one (not a successor of branching node)
Keep states at leaves, color each node of compressed tree by:
Red: if no nal state occurs
yellow: if nal state occurs, no nal state added
green: if nal state was added in left update
4. Reduction Delete all nodes wich do not get a new descendent in the last update step.
Result: Muller-Schupp tree (over Q), a nite, strictly binary tree with node names from N
+
where node is
colored red,green or yellow, and the leaves are labelled with disjoint state sets (over Q).
Notation: MS (Q) for the nite set of all Muller-Schupp trees over Q.
Remark:
A accepts in the sequence of Muller-Schupp trees of A on , some node stays forever from
some point onwards and is colored gren again and again.
14
CHAPTER 2. DETERMINIZATION 15
Denition
of Muller automaton A

from nondet. B uchi automaton A = (Q, , q

0
, , F)
State-set: MS (Q) initial state:
1;red
{q
0
}
Denition
of (t, a) (t : MS tree) using the following update rule:
1. Copy tree, replace green by yellow
2. For each leaf, with state set P, introduce son labelled P

= {q|p P, (p, a, q) }
Delete state p if it occurs more to the left.
Split any set into left,right son with the nal, resp. nonnal states with colors green,red.
3. Delete all nodes wich did not get a new descnendant with set.
4. Compress path semgents into the respective top node giving it colour green if it is merged with nodes
either coloured green or yellow.
Convention about use of node names after deletion step a node name can be reused, however not in an
immediate successor tree accordings to update.
Observation: Over Q, 3|Q| node names suces.
Acceptance Component: Dene F as follows:
R( MS (Q)) F some node name k occurs in each tree of R and even colored green in some tree of R.
Example:
t =
1; red
2; green 3; red
{2} {0, 1}
(t, b) to be computed.
1; red
2; yellow 3; red
{0, 1, 2}
1; red
2; yellow 3; red

4; green 5; yellow
{2} {0, 1}
1; red
4; green 5; red
{2} {0, 1}
Denition
Dene E
k
set of MS-trees without node k
F
k
set of MS-trees with node k colored green.
Acceptance Condition: for some k: any tree in E
k
occurs only nitely often, some tree in F
k
occurs
15
16 CHAPTER 2. DETERMINIZATION
innitely often.
Start notation for run (of MS-trees):
_
m
k=1
Inf () E
k
= Inf () F
k

Denition
A (det.) Rabin-automaton has the form A = (Q, , q
0
, , ) where is sequence (E
1
, F
1
), . . . , (E
m
, F
m
) of
sets Q.
A-run is accepting if for some k {1, . . . , m}: Inf () E
k
= Inf () F
k

13.12.05
Theorem 4 A nondet. B uchi aut. can be transformed into a deterministic Muller automaton and also into
a det. Rabin automaton.
Rabin aut.: A = (Q, , q
0
, , ) = (E
1
, F
1
), . . . , (E
m
, F
m
)) E
i
, F
i
Q
successfull
_
m
i=1
(Inf () E
i
= Inf () F
i
)
Remark on Rabin and (Union Lemma) Given Rabin aut. over Q, whith = (E
1
, F
1
), . . . , (E
m
, F
m
)),
1
,
2
non-successful runs
Let be run with Inf () = Inf (
1
) Inf (
2
)
is not successful
Proof:

1
,
2
arenotsuccess f ul, assume is successful, Inf () = Inf (
1
) Inf (
2
)
Pick index i: Inf () E
i
= Inf () F
i

Then Inf () E
i
= , Inf (
2
) E
i
=
Also Inf (
1
) F
i
or Inf (
2
) F
i

So
1
or
2
successful
Theorem 5 MS-construction yelds a Rabin automaton with 2
O(nlog n)
states from B uchi automaton with n
states
Proof:
Estimate number of MS-Trees over Q, |Q| = n
MS-trees are built from node names 1, . . . , 3n
Fix a MS-Tree by the following functions:
parent p : N N {0, }
p(n) =
_

_
parent if exists
0 i k is root
otherwise
right brother rb : N N {0, } anologously
color: c : N {green, red,yellow} {}
State occurence: : Q N {0}
_

_
node where q occurs if q occurs
0 otherwise
Number od MS-Trees number of quadruples (p, rb, c, ) of functions.
(3n + 2)
3n
(3n + 2)
3n
4
3n
(3n + 1)
n
(4n)
10n
= 2
O(n log n)
Optimality of bound:
16
CHAPTER 2. DETERMINIZATION 17
Theorem 6 There is L
n
{#, 1, . . . , n}

recognized by B uchi aut. with n +2 states auch that any det. Rabin
automaton recognizing L
n
needs n! states. n! 2
=(n log n)
Proof:
B uchi automaton for L
n
= {#, 1, . . . , n}
q
0
1 1 3 n
#
#
#
#
f
1
2
3
4

Cycle property: L
n
exists letters i
1
, . . . , i
k

\ {#} such that the letter paris segments i
1
i
2
, i
2
i
3
, i
3
i
4
. . . i
k1
i
k
, i
k
i
1
occur innitely often.
Consider permutation (i
1
, . . . , i
n
) of 1, . . . , n (i
1
, i
2
, . . . , i
n
#)

L
n
Assume A does not accept (i
1
, . . . , i
n
#)

, ( j
1
, . . . , j
n
#)

with permutations i
1
, . . . , i
n
j
1
, . . . , j
n
The runs

of A on , resp are not successful, Inf (

) = R Show; Inf (

) = S R S =
So A has n! states.
Assume q R S . Build -word with innitely many occ. of i
1
. . . i
n
, j
1
. . . j
n
Inf () = R S , not successful.
i
1
. . . i
k
j
1
. . . j
k
get cycle in input word. Contradiction!
17
3 Monadic Theory of one successor (S1S)
We consider transition systems.
P
1
, P
2
P
1
P
2
p
i
denote properties of the states
arrows = possible behaviour of the system.
Associate boolean vector to properties
p
i
is true i-th component is 1
_
1
1
_
_
1
0
_
_
0
1
_
_
0
0
_
Execution of such a system yields an -word over B
m
eg: =
_
1
1
__
1
0
__
0
1
__
1
0
__
0
0
_

evolvement of single property over time is the projection to the corresponding row
Express speciication for the behaviour of the system by expressing specication for -words over B
n
Use S1S for this: variables s
i
t . . . for time points, positions
variables X, Y, Z . . . sets of positions, 0 constant, successor

< earlier, = , + boolean connectors + quanti-
cation
Example:
Constant: At position 3, p
1
holds. (X
1
) = X
1
(
,..,
0

=3
)
Reactivity: Sometimes p
1
holds.
2
(X
1
) = tX
1
(t)
Recurrence: again and again p
1
holds: ts > t : X
1
(s)
Request - Response: Whenever p
1
holds, p
2
holds afterwards.
s(X
1
(s) t(t > s X
2
(t))
18
CHAPTER 3. MONADIC THEORY OF ONE SUCCESSOR (S1S) 19
3.1 Formal Syntax
Variables: s, t, . . .
Second-order variables: X, Y, X
1
, X
2
. . .
Terms: constant 0, rst-order variables, term

term
Atomic formulas: X(), < , = with , terms.
S1S-formulas are obtained from the atomic formulas by using boolean connectives and quantication.
3.2 Semantics
Use N as universe for rst-order variables
Use 2
N
as universe for second-order variables
The interpretation of

is +1
<= less than on N
Use standard semantics
Write
(N, 0, +1, <, P
1
, . . . , P
n
) (X
1
. . . X
n
) where X
1
. . . X
n
are the free variables od
if is true in these semantics if the free variable X
i
is interpreted as P
i
We need to specify only P
1
. . . P
n
=

P
For P
1
. . . P
n
N we dene (

P)( (B
n
)

by ((i)9
j
= 1 i i P
j
Then we write (

P) (X
1
. . . X
n
Denition
For S1S-formula (X
1
. . . X
n
) dene L() = { ((B)
n

| (X
1
. . . X
n
)}
20.12.05
3.2.1 Connection from S1S to B uchi-automata
S1S: s, t, . . . positions of -words.
X, Y, . . .sets of positions
0,

, <X(s) Monadic second-order logic

X(s

)
, , , , , ,
Formula (X
1
, . . . , X
n
) satised in a model (N, 0,

, <, P
1
, . . . , P
n
) -word over {0, 1}

Example (for correspondance (p

1
, P
2
) {0, 1}
2
):
P
1
even numbers: 1 0 1 0 1 0 1 0 1 0 . . .
P
2
prime numbers: 0 0 1 0 1 0 1 0 . . .
(X
1
, X
2
There are two successive positions with 1 in second component followed by 1 in rst compo-
nent
19
20 CHAPTER 3. MONADIC THEORY OF ONE SUCCESSOR (S1S)
With from above: st(s

= t X
2
(s) X
2
(t) X
1
(t

))
s(X
2
(s) X
2
(s

) X
1
(s

))
L {0, 1}
n
S1S-denable exists S1S-formula (X
1
, . . . , X
n
) s, t for any ({0, 1}
n
)

: L
(X
1
, . . . , X
n
)
Theorem 7 (B uchi 1960) An -language L ({0, 1}
n
)

is S1S-denable if and only if is B uchi-recognizable.

Proof:
[]: Given B uchi-automaton
q
1
q
2
q
3
0
1
0
0
= {0, 1} Find (X) saying A accepts the -word corresponding to X
(X) has to say: exists a successful run of A over corresponding to X
= 1 0 1 0 0 0 0
q
1
* *
q
2
* *
q
3
* * 0
Idea: Express existence of run by existence of three set Y
1
, Y
2
, Y
3
Express that Y
1
, Y
2
, Y
3
represents successful run
(X) : Y
1
, Y
2
Y
3
( each position belongs to singly Y
i
Y
1
(0)s(Y
1
(s)X(s)Y
2
(s

))(Y
2
(s)
X(s) Y
1
(s

)) (Y
2
(s) X(s) Y
3
(s

)) (Y
3
(s) X(s) Y
3
(s

))]
st(s < t Y
3
(t)))
General Case A = (Q, {0, 1}
n
, q
1
, , F) Q = {q
1
, . . . , q
m
}
(X
1
, . . . , X
n
) : Y
1
. . . Y
m
(Partition(Y
1
, . . . Y
m
)Y
1
(0) s
_
(q
i
,a,q
j

(Y
i
(s)X
a
(s)Y
j
(s))st(s <
t
_
q
i
F
Y
i
(t))
Partition (Y
1
, . . . , Y
m
) :
_
m
i=1
Y
i
(s) s
_
ij
(Y
i
(s) Y
j
(s))
For a = (b
1
, . . . , b
n
) b
1
{0, 1} write X
a
(s) for (b
1
)X
1
(s) (b
n
)X
n
(s) where b
i
=
_

_
empty b
i
= 1
b
i
= 0
[] From S1S-Formulas to b uchi-automata
Simplify formalism S1S to S1S
0
with second order variables only.
S1S
0
has new atomic formulas :
S ing(X) for X is a singleton
S ucc(X, Y) for X = {s}, Y = {t} with s

= t
X Y
Lemma S1S formulas can be rewritten as S1S
0
-formulas
Proof Apply the following steps: Eliminate 0: X(=) s(X(s) tt

= s)
Eliminate iterations of

X(s

) t(s

= t X(t

))
Eliminate <: s < t t is in successor closure of s

X(X(s

) z(X(z) X(z

)) X(t))
Get S1S-formulas with atomic formulas s

= t X(s) only
From such formulas obtain an equivalent S1S
0
formula.
Example: Xst(s = t

, X(s))
XS (S ing(S ) T(S ing(T)S ucc(T, S )S X) Lemma Each S1S
0
formula (X
1
, . . . , X
n
)canbe
transformed into an equivalent B uchi-automaton.
Proof by induction on S!S
0
-formulas.
20
CHAPTER 3. MONADIC THEORY OF ONE SUCCESSOR (S1S) 21
Atomic formulas S ing(X
1
)
1
0 0
S ucc(X
1
, X
2
)
_
1
0
_
_
0
0
_
_
0
0
_
_
0
1
_
X
1
X
2

For induction step assume that only connectives remain (, , have been elimi-
nated)
Consider (X
1
, . . . X
m
), assume by ind B uchi automaton A for
Use B uchi-aut. complementation to nd automaton for
:
1
(X
1
. . . )
2
(X
1
. . . ), assuming B uchi aut. A

1
, A

2
. Use union automation of A

1
, A

2
Consider X(X
1
, . . . , X
m
, X) assuming B uchi-aut. A

over {0, 1}
m+1
Find autom. over {0, 1}
m
Example: (X
1
, X)
_
0
0
_
_
1
1
_
_
0
1
_
_
0
1
_
New automaton reads only rst component ans messes second comp. with this simulating
given automaton.
Implementation: Delete second components in the given automaton:
1
0
10.1.06
From S1S-formulas to B uchi-automaton (X
1
, . . . , X
n
) A

over = {0, 1}
n
such that for each
({0, 1}
n
)

(X
1
, . . . , X
n
) A

accepts
Illustration (X
1
) : s(X
1
(s) X
1
(s

))
First Step: Rewriting as S1S
0
-Formula:
st(X
1
(s) s

= t X
1
(t))
X
2
X
3
(X
2
X
1
S ucc(X
2
, X
3
) X
3
X
1
)
.,,.
(X
1
,X
2
,X
3
)
21
22 CHAPTER 3. MONADIC THEORY OF ONE SUCCESSOR (S1S)
X
2
= {s}, X
3
= {t}
Automaton for X
2
X
1
S ucc(X
2
, X
3
)
(1,1,0) (0,0,1)
(0/1,0,0,)
(0/1,0,0)

For intersection with X

3
X
1
take only (0,0,1) at ()
Automaton for full formula: forget 2
nd
/ 3
rd
component.
1st Step Theorem 8 For each S1S-formula (X
1
, . . . X
n
) one can construct an equivalent B uchi-automaton over =
{0, 1}
n
, and conversely
Recall: Given B uchi automaton, an equivalent formula can be written as Y
1
. . . Y
m
(X
1
, . . . , X
m
, Y
1
, . . . Y
m
)
.,,.
f irst Order
()
Consequence 1: Call S1S-formula existential if it has form ()
Each S1S-formula (X
1
. . . X
n
) is equivalent to an existential one.
Proof by translation: A

formula equivalent to A

(of the form ()) existential.

Consequence 2: Decidability of aritmetical theorics
Use Theorem for n = 0, i.e. for sentences (without free variables).
A

has unlabelled transitions.

(N,

, <, 0) A

has a successful run (state sequence with infenitely many visits of nal state)
Hence: For each S1S-sentence one can decide whether it is true in (N,

m, <, 0)
Example:
stt < s false (take s=0)
X (X(0) s(X(s) X(s

)) tX(t)) (induction princ.) True

The monadic second-order theory of (N,

, <, 0) is decidable
Background: G odels result on undecidability of rst-order arithmetic (for the structure (N, +, , 0, 1, <)
Example:
x(x < y z
1
z(z
1
z
2
= y z
1
= 1 z
2
= 1)
.,,.
y is prime
There are innitely many primes.
xy(x < y y is prime y + 1 + 1 is prime There are ininitely many twin primes.
Remark:
Remak (G odel): The full second-order theory (with quantication over relations) of (N,

, <, 0) is unde-
cidable.
Proof:
By second-order denitions of + ans

x +y = z each relation wich contains (0, x) and is closed under successor in both components mus
contain (y, z)
R((0, x) R (s, t)((s, t) R (s

, t

) R) (y, z) R)
x y = z analogously, using +
22
CHAPTER 3. MONADIC THEORY OF ONE SUCCESSOR (S1S) 23
Decidability? (Tarstei) What about monadic quantication? (Quantiers over sets only) Solution by
B uchi.
Th(N, +, <, 0, 1) Th(N, , <, 0, 1) decidable (Presburger, Skolem)
Consequence 3 Monadic theory of a structure (N,

, <, 0, P) with some xed P N

Example:
P= set of primes
st(s < t P(t) P(t

)) twin prime statement.

Question: For wich P is the monadic theory decidable. Approach: Use B uchis theorem about (X) A

for a xed set/sequence P.

Given , nd B uchi A

such that (N,

, <, 0, P) A

accepts
p

p
(i) =
_

_
1 i P
0 i P
P primes: 001101010001
dots
Example:
For P = primes st(s < t P(t) P(t

)) is true the following B uchi automaton accepts

P
1 0
1
0,1
MTh(N,

, <, 0, P) is decidable if the following decision problem is decidable: Given B uchi-automaton

over = {0, 1} Does A accept
P
Consequence 4: Method for model-checking.
Basic situation: P :Program (System) given as transition graph.
Here:represented as a (B uchi) automaton (with all states nal)
Specication: S :Formula about the desired system runs.
Here: S1S formula about the transition labels.
P is corrext with respect to S: all runs wich are possible in P satisfy S
L(A
p
) L(A
S
), equivalently L(A
p
L(A)
S
= 17.01.06
23
24 CHAPTER 3. MONADIC THEORY OF ONE SUCCESSOR (S1S)
3.3 The binary Tree and the two-dimensional Grid
.
.
.
1
2
3
. . .
.
.
.
.
.
.
Format of binary tree: ({0, 1}

, succ
0
, succ
1
, ) succ
0
(w) = w0 and succ
1
(w) = w1
Introduce monadic second order language as before with succ
0
, succ
1
instead of

.
S 2S is the corresponding logical system.
Theorem 9 (Rabin, 1969) MTh({0, 1}

, succ
0
, succ
1
, ) is decidable.
Format of the grid: G
2
= (N N, succ
1
, succ
2
, (0, 0))
succ
1
(x, y) = (x + 1, y) succ
2
(x, y) = (x, y + 1)
Theorem 10 (Seese, 1975) Mth(G
2
) is undecidable
Proof:
Use reduction of the halting problem for Turing machines.
Task: Given TM M, construct sentence
M
s.t. M halts started on empty tape G
2

M
Use TM on left-bounded tape
TM-computation is sequence of congurations C
0
, C
1
, C
2
, . . .
Convention: Repeat halting conguration
Halting signalled by stop state q
s
Idea Express existence of halting computing computation of M by requiring a corresponding labelling
od G
2
C
0
q
0
. . . q
0
1Rq
1
C
1
1 q
1
. . . q
1
1Nq
0
C
2
1 q
0
1 . . .
For construction of
M
use work-alphabet {a
0
, . . . , a
n
} and M-states q
0
, . . . , q
k
Introduce X
0
, . . . , X
n
, Y
1
, . . . , Y
k
X
i
= set of positions where a
i
occurs
Y
j
= set of positions where q
j
occurs

M
: X
0
, . . . , X
n
Y
1
, . . . , Y
k
(Partition (X
0
, . . . , Y
k
)
rst row corresponding to inital conf. (empty tape) [Y
0
(0, 0) y(S
+
2
((0, 0), y) X
0
(y))]
each successor row corresponds to successor conguration of preceeding row
xY
k
(x)
For () with down condition on 2 4 boxes of grid.
q
0

1 q
1

Because the Turing Maching is
24
CHAPTER 3. MONADIC THEORY OF ONE SUCCESSOR (S1S) 25
deterministic: For each labelling wich starts in the rst row and wich continues in admissible windows,
a stop state will be reached.
25
4 Model-Checking and Temporal Logics
Model-Checking-Problem: Given Structure/System S YS , specication S PEC .
Does S YS satisfy S PEC?
Plan: Formalisation/ automata-theoric approach.
1. Kripke structures as system models
2. Basic specications
3. Formal specication languages
[S 1S ]: model-checking is very hard(O(2)
2
2
.
.
.
2
(exp. k times), non elementary
Introduce temporal logic LTL, show that M.C. is PSPACE-complete
4. Use automata to solve the m.c. problem
1. Kripke Structures:
Let p
1
. . . p
n
atomic propositions (base state properties)
A Kripke structure over p
1
. . . p
n
is a tuple M = (S, R, ) where
S is a nite set of states
R is a transition relation, R S S ((s
1
, s
2
R: the system can go from s
1
to state s
2
)
is a labelling function, : S S
p
1
...p
n
p
i
(S ): the base property p
i
is true at state s.
Example: trac light, three atomic propositions:
p
1
red light is on
p
2
yellow light is on
p
3
green light is on
S
1
p
1
S
2
p
1
, p
2
S
3
p
3
S
4
p
2
Notations:
a) A pointed K.S. is a K.S. M = (S, R, ) with an initial state s S
26
CHAPTER 4. MODEL-CHECKING AND TEMPORAL LOGICS 27
b) Usually, we write (s) as a bit vector (B)
n
:
_

_
b
1
.
.
.
b
n
_

_
: b
i
= 1 i p
i
(S )
c) Convention we dont allow...
Denition
1) A Path through a K.S. M = (S, Q, )(M, S ) is an ininite sequence of states s
0
, s
1
, s
2
. . . with:
s
0
= s
(s
i
, s
i+1
) R for all i N
2) Label sequences for a path s
0
s
1
s
2
. . . is the -word (s
0
)(s
1
) . . .
3) The language of (M, S ) is the set of label sequences of paths through (M, S ), we write L(M, s)
(B)

Model-checking Problem revisited:

Given a Kripke structure (M, S ) over p
1
. . . p
n
, and a specication on -words over , does every
path through (M, S ) satisfy ?
L(M, S ) L()?
24.01.06
Review Model-Checking-Problem:
Given Kripke-structure specication:Logical formula
(M, s) ?
Does (M, s) satisfy ?
L(M, s)
_
1
1
_
_
1
0
_
_
0
1
_
_
0
0
_
Label sequence:
_
1
1
__
1
0
__
0
1
__
1
0
__
0
0
__
0
0
_
. . .
Approach for solution: Construct B uchi automata A
M,s
for L(M, s) and A

for L()
and check wether L(A
M,s
) L(A

)
Formulation of given often in linear time temporal logic LTL (in fact, subsystem of S1S).
Plan: Introduce LTL
Sketch translation from LTL B uchi aut.
Solve MC Problem
27
28 CHAPTER 4. MODEL-CHECKING AND TEMPORAL LOGICS
4.0.1 LTL
Basic sequence properties (over two state properties p
1
, p
2
)
Guaranteed property: sometime p
1
becomes true (E-aut.) [Fp
1
]
Safety property: alwys p
1
is true (A-aut.) [Gp
1
]
Periodicity property: Initially p
1
is trie , and p
1
is true precisely every third moment. (A-aut.) [p
1

Xp
1
XXp
1
G(p
1
XXXp
1
)]
Obligation property: Sometimes p
1
is true, and p
2
is never true (SW-aut.) [Fp
1
Fp
2
Fp
1
Gp
2
]
Recurrence property: Again and again, p
1
is true (B uchi-condition) [GFp
1
]
Request-response property: Always when p
1
holds, then sometime later p
2
holds [G(p
1
XFp
2
]
Until property: Always when p
1
holds, sometime later p
1
holds and in the meantime p
2
holds. [G(p
1

X(p
2
Up
1
))]
Fariness property: If p
1
is true again and again, so is p
2
[GFp
1
GFp
2
]
Fomalisations with temporal operators:
X next F sometimes
G always U until
Remark:
All formulas can be expressed by B uchi automata over {0, 1}
2
Periodicity:
_
0

_
_
1

_ _
0

_
obligtion:
_
1
0
_
_
0
0
_
_

0
_
recurrence:
_
0

_
_
1

_
_
1

_
_
0

_
28
CHAPTER 4. MODEL-CHECKING AND TEMPORAL LOGICS 29
LTL-Syntax
LTL-formulas over p
1
. . . p
n
are dened inductively as follows:
p
i
ist LTL formula (i = 1, . . . , n)
If , are LTL-formulas, then also , , , , [, ] suces
If , are LTL-formulas, then also X F G U
In -sequences over = {0, 1}
n
Notation:
For ({0, 1}
n
)

, = (0)(1)

i
= (i)(i + 1)(i + 2) . . .
((i))
j
= j-th component of (i)
Satisfaction relation
i
is dened inductively:

i
p
j
((i))
j
= 1

i
not
i
similarly for , ,

i
X
i+1

i
F j i
j

i
G
f orall j i
j

i
U j i(
j
k(i k < j
k
))
Example:
GFp
1
(0
0
GFp
1
j 0
j
Fp
1
jk j
k
p
1
.,,.
((k))
1
=1
innitely often p
1
is true
Evaluation of LTL-formulas
: F(p
1
X(p
2
Up
1
))
Expension of
=
_
1
0
_ _
0
1
_ _
1
1
_ _
0
0
_ _
1
0
_ _
0
1
_ _
0
1
_ _
0
1
_
. . .
p1 0 1 0 1 0 1 1 1 . . .
p
2
1 0 0 1 1 0 0 0 . . .
p
2
Up
1
1 0 1 1 1 0 0 0 . . .
X(p
2
Up
1
0 1 1 1 0 0 0 0 . . .
p
1
X(p
2
Up
1
) 0 1 0 1 0 0 0 0 . . .
F(p
1
X(p
2
Up
1
)) 1 1 1 1 0 0 0 0 . . .
Theorem 11 (Main Theorem) An LTL formula over p
1
. . . p
n
can be transformed into a B uchi automaton
A

over = {0, 1}
n
such that for all

can be constructed with state set {q

0
} {0, 1}
m
31.01.06
29
30 CHAPTER 4. MODEL-CHECKING AND TEMPORAL LOGICS
Idea: Declare the bit vectors for truth of subformulas as states of B uchi automaton
Technical Preparation:
a) tt : p
1
p
1
f f : p
1
p
1
F : ttU
G : F Temp op. X, U suces.
b) U ( X(U))
c) Generalized B uchi automaton: A = (Q, , q
0
, , F
1
, . . . , F
k
)
A accepts exists run of A ond such that each F
i
(i = 1, . . . , k) is visited innitely often.
Lemma (Translation Lemma)
Any LTL formula over p
1
. . . p
n
wih temporal operators X, U only and with m subformulas
1
. . .
m
(
p
i
) can be transformed into a generalized B uchi-automaton with state set {q
0
} {0, 1}
m
Aim: Automaton has a unique successful run, namely the sequence of truth-value vectors for
1
. . .
n
Given , subformulas
1
, . . . ,
m
of , the -expansion of satises the compatibility conditions:

j
=
j
1
: ((i))
j
= 1 ((i))
j
1
= 0

j
=
j
1

j
2
: ((i))
j
= 1 ((i))
j
1
or (i))
j
2
= 1

j
= X
j
1
: ((i))
j
= 1 ((i + 1))
j
1
= 1
j
=
j
1
U
j
2
: ((i))
j
= 1 ((i))
j
2
= 1 (((i))
j
1
=
1 (((i))
j
2
= 0 in the last case (U-Formula): there is no k s.t. for i > k ((i))
j
= 1 but ((i))
j
2
= 0. 7.2.06
4.0.2 LTL B uchi automata
Comaprison LTL - FO (rst order logic over -words)
Example:
G(p
1
X(p
2
Up
1
)) p
1
at time x X
1
(x)
s (X
1
(s) t (s < t X
1
(t) r(s < r < t X
2
(r)))
Theorem 12 LTL and FO are of same expressive Power.
Proof:
LTL FO: easy by induction
FO LTL: Difcult. (superexponential blowup in formula length)
Intuition: FO-Quantication can be restricted to intervals [s, t] (r(s < r < t . . . ))
Illustration for LTL: p
1
X(p
2
Fp
3
)Up
1
)
Theorem 13 a) An LTL-formula with m distinct subformulas can be translated into a B uchi automaton
with O(2
m
) states.
b) An FO-formula with m connectives is translatable to B uchi aut with m
_

_
2
m
.
.
.
2
states
30
CHAPTER 4. MODEL-CHECKING AND TEMPORAL LOGICS 31
Translation LTL B uchi automata via alternating B uchi automata (ABA)
Idea of alternating automaton: Allow existential (or-) branching as in nondet. aut. and universal (and-)
branching.
Example:
q
0
q
1
q
2
a b
a,b
a
b
Run tree on input
b a b b a a b
. . .
q
0
q
0
q
0
q
0
q
0
q
0
q
0
q
0
q
0
q
1 f f
q
1
q
2
q
2
q
2
q
2
. . .
Nondetdermin-
ism generates different run trees (for each nondet. choice a new run tree).
Alt. B uchi automaton accepts iff exists run tree on such that all branches of it are successful (end
in tt or visit nal state ininitely often)
Theorem 14 An LTL-formula can be translated into an Alt. B uchi automaton where the set of states is the
set of subformulas (with f f , tt)
IllustrationFGp
1
(input alphabet: = {0, 1})
FGp
1
GP
1
tt
f f
0 0
1
0
1
31
32 CHAPTER 4. MODEL-CHECKING AND TEMPORAL LOGICS
0 0 0 0 0 0

.
.
.
Second Step: Transformation of ABA into standard B uchi automaton
As states use sets of ABA-states, updated according to the growth of ABA run tree(s)
Comparison of LTL (or FO) with B uchi automata (or S1S)
Theorem 15 B uchi automata are strictly more expressive then LTL
Example:
L
0
= (00)

is not LTL-denable.
q
0
q
3
q
1
1
0 0
1
L = (10)

is LTL-denable.
Proof:
Proof strategy
Introduce property non-counting for -languages L
Show that each LTL-def -language has this property
L
0
= (00)

violoates this property

L

: for sufciently large n: xy xy

n
L xy
n+1
L
Negation: L counting: there are ininitely many n and xy sucht that xy
n
L, x, y
n+1
L or
conversely.
L
0
is counting: take any even n, x = , y = 0, = 1

(oo)

: xy
n
L
0
, xy
n+1
L
0
32
CHAPTER 4. MODEL-CHECKING AND TEMPORAL LOGICS 33
4.1 Beyond reular -languages
Scale of complexity for -languages:
Level 1: -languages of form L = W

L ex. prex in W, W

Level 2: -languages of form L = limW (W

)
General construction: Borel hierarchy
Level 1
1
class of L = W

with W

1
: class of complements of
1
-languages
Level (n+1)
(n+1)
: class of countable unions
_
i
L
i
with L
i

n

n+1
class of countable intersections
_
i
L
i
with L
i

n
Remark:
2
= class of languages limW
33
Contents
1 Introduction 3
1.1 The Theory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3 B uchi automata and regular -languages . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.4 Towards characterization of B uchi recognizable -languages . . . . . . . . . . . . . . . . . 5
1.4.1 Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.5 Complementation of B uchi automata. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.6 Acceptance Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
1.6.1 Strict inclusion claims . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.6.2 Deciding the levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.6.3 Landwebers Theorem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.7 Weak automata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2 Determinization 13
3 Monadic Theory of one successor (S1S) 18
3.1 Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3.2 Semantics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3.2.1 Connection from S1S to B uchi-automata . . . . . . . . . . . . . . . . . . . . . . . 19
3.3 The binary Tree and the two-dimensional Grid . . . . . . . . . . . . . . . . . . . . . . . . . 24
4 Model-Checking and Temporal Logics 26
4.0.1 LTL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
4.0.2 LTL B uchi automata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
4.1 Beyond reular -languages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
34