Checking NFA equivalence with bisimulations up to congruence

Similar documents
Hopcroft and Karp s algorithm for Non-deterministic Finite Automata

Finite Automata Theory and Formal Languages TMV027/DIT321 LP4 2018

Minimal DFA. minimal DFA for L starting from any other

CS 275 Automata and Formal Language Theory

Finite Automata. Informatics 2A: Lecture 3. John Longley. 22 September School of Informatics University of Edinburgh

The Regulated and Riemann Integrals

Convert the NFA into DFA

20 MATHEMATICS POLYNOMIALS

Theory of Computation Regular Languages. (NTU EE) Regular Languages Fall / 38

Theory of Computation Regular Languages

Nondeterminism and Nodeterministic Automata

Chapter Five: Nondeterministic Finite Automata. Formal Language, chapter 5, slide 1

NFAs and Regular Expressions. NFA-ε, continued. Recall. Last class: Today: Fun:

7.2 The Definite Integral

AUTOMATA AND LANGUAGES. Definition 1.5: Finite Automaton

UNIFORM CONVERGENCE. Contents 1. Uniform Convergence 1 2. Properties of uniform convergence 3

W. We shall do so one by one, starting with I 1, and we shall do it greedily, trying

Strong Bisimulation. Overview. References. Actions Labeled transition system Transition semantics Simulation Bisimulation

Advanced Calculus: MATH 410 Notes on Integrals and Integrability Professor David Levermore 17 October 2004

p-adic Egyptian Fractions

Intermediate Math Circles Wednesday, November 14, 2018 Finite Automata II. Nickolas Rollick a b b. a b 4

Lecture 1. Functional series. Pointwise and uniform convergence.

CMSC 330: Organization of Programming Languages. DFAs, and NFAs, and Regexps (Oh my!)

Assignment 1 Automata, Languages, and Computability. 1 Finite State Automata and Regular Languages

CMSC 330: Organization of Programming Languages

Coalgebra, Lecture 15: Equations for Deterministic Automata

Anatomy of a Deterministic Finite Automaton. Deterministic Finite Automata. A machine so simple that you can understand it in less than one minute

Finite Automata. Informatics 2A: Lecture 3. Mary Cryan. 21 September School of Informatics University of Edinburgh

State Minimization for DFAs

Types of Finite Automata. CMSC 330: Organization of Programming Languages. Comparing DFAs and NFAs. Comparing DFAs and NFAs (cont.) Finite Automata 2

1 Nondeterministic Finite Automata

Math 1B, lecture 4: Error bounds for numerical methods

Improper Integrals, and Differential Equations

Types of Finite Automata. CMSC 330: Organization of Programming Languages. Comparing DFAs and NFAs. NFA for (a b)*abb.

THE EXISTENCE-UNIQUENESS THEOREM FOR FIRST-ORDER DIFFERENTIAL EQUATIONS.

Handout: Natural deduction for first order logic

MAA 4212 Improper Integrals

Non-Deterministic Finite Automata. Fall 2018 Costas Busch - RPI 1

Designing finite automata II

1. For each of the following theorems, give a two or three sentence sketch of how the proof goes or why it is not true.

Lecture 09: Myhill-Nerode Theorem

CMPSCI 250: Introduction to Computation. Lecture #31: What DFA s Can and Can t Do David Mix Barrington 9 April 2014

Lecture 3: Equivalence Relations

Properties of Integrals, Indefinite Integrals. Goals: Definition of the Definite Integral Integral Calculations using Antiderivatives

Deterministic Finite Automata

More on automata. Michael George. March 24 April 7, 2014

Review of Calculus, cont d

Unit #9 : Definite Integral Properties; Fundamental Theorem of Calculus

1. For each of the following theorems, give a two or three sentence sketch of how the proof goes or why it is not true.

How to simulate Turing machines by invertible one-dimensional cellular automata

Regular expressions, Finite Automata, transition graphs are all the same!!

This lecture covers Chapter 8 of HMU: Properties of CFLs

Lecture 08: Feb. 08, 2019

3 Regular expressions

CS415 Compilers. Lexical Analysis and. These slides are based on slides copyrighted by Keith Cooper, Ken Kennedy & Linda Torczon at Rice University

Formal Languages and Automata

Formal languages, automata, and theory of computation

Non Deterministic Automata. Linz: Nondeterministic Finite Accepters, page 51

1.4 Nonregular Languages

Recitation 3: More Applications of the Derivative

CS 275 Automata and Formal Language Theory

1 From NFA to regular expression

Harvard University Computer Science 121 Midterm October 23, 2012

THE QUADRATIC RECIPROCITY LAW OF DUKE-HOPKINS. Circa 1870, G. Zolotarev observed that the Legendre symbol ( a p

Introduction to Group Theory

Finite Automata-cont d

1.3 Regular Expressions

Continuous Random Variables

Chapter 5 : Continuous Random Variables

ARITHMETIC OPERATIONS. The real numbers have the following properties: a b c ab ac

1.9 C 2 inner variations

Homework 3 Solutions

Automata and Languages

State space systems analysis (continued) Stability. A. Definitions A system is said to be Asymptotically Stable (AS) when it satisfies

Chapter 0. What is the Lebesgue integral about?

Quadratic Forms. Quadratic Forms

Lecture 14: Quadrature

Nondeterminism. Nondeterministic Finite Automata. Example: Moves on a Chessboard. Nondeterminism (2) Example: Chessboard (2) Formal NFA

NFA DFA Example 3 CMSC 330: Organization of Programming Languages. Equivalence of DFAs and NFAs. Equivalence of DFAs and NFAs (cont.

5. (±±) Λ = fw j w is string of even lengthg [ 00 = f11,00g 7. (11 [ 00)± Λ = fw j w egins with either 11 or 00g 8. (0 [ ffl)1 Λ = 01 Λ [ 1 Λ 9.

CHAPTER 1 Regular Languages. Contents

Advanced Calculus: MATH 410 Uniform Convergence of Functions Professor David Levermore 11 December 2015

Bases for Vector Spaces

The First Fundamental Theorem of Calculus. If f(x) is continuous on [a, b] and F (x) is any antiderivative. f(x) dx = F (b) F (a).

and that at t = 0 the object is at position 5. Find the position of the object at t = 2.

Lecture 9: LTL and Büchi Automata

NFAs continued, Closure Properties of Regular Languages

Closure Properties of Regular Languages

How do we solve these things, especially when they get complicated? How do we know when a system has a solution, and when is it unique?

Non-deterministic Finite Automata

Converting Regular Expressions to Discrete Finite Automata: A Tutorial

Non-deterministic Finite Automata

Goals: Determine how to calculate the area described by a function. Define the definite integral. Explore the relationship between the definite

Exam 2, Mathematics 4701, Section ETY6 6:05 pm 7:40 pm, March 31, 2016, IH-1105 Instructor: Attila Máté 1

Parse trees, ambiguity, and Chomsky normal form

Talen en Automaten Test 1, Mon 7 th Dec, h45 17h30

Review of basic calculus

Duality # Second iteration for HW problem. Recall our LP example problem we have been working on, in equality form, is given below.

PARTIAL FRACTION DECOMPOSITION

P 3 (x) = f(0) + f (0)x + f (0) 2. x 2 + f (0) . In the problem set, you are asked to show, in general, the n th order term is a n = f (n) (0)

Transcription:

Checking NFA equivlence with bisimultions up to congruence Filippo Bonchi, Dmien Pous To cite this version: Filippo Bonchi, Dmien Pous. Checking NFA equivlence with bisimultions up to congruence. Principle of Progrmming Lnguges (POPL), Jn 2013, Rom, Itly. ACM, pp.457-468, 2013, <10.1145/2429069.2429124>. <hl-00639716v5> HAL Id: hl-00639716 https://hl.rchives-ouvertes.fr/hl-00639716v5 Submitted on 11 Jul 2012 HAL is multi-disciplinry open ccess rchive for the deposit nd dissemintion of scientific reserch documents, whether they re published or not. The documents my come from teching nd reserch institutions in Frnce or brod, or from public or privte reserch centers. L rchive ouverte pluridisciplinire HAL, est destinée u dépôt et à l diffusion de documents scientifiques de niveu recherche, publiés ou non, émnnt des étblissements d enseignement et de recherche frnçis ou étrngers, des lbortoires publics ou privés.

Checking NFA equivlence with bisimultions up to congruence Filippo Bonchi Dmien Pous CNRS, ENS Lyon, Université de Lyon, LIP (UMR 5668) {filippo.bonchi,dmien.pous}@ens-lyon.fr Abstrct We introduce bisimultion up to congruence s technique for proving lnguge equivlence of non-deterministic finite utomt. Exploiting this technique, we devise n optimistion of the clssicl lgorithm by Hopcroft nd Krp [16]. We compre our pproch to the recently introduced ntichin lgorithms, by nlysing nd relting the two underlying coinductive proof methods. We give concrete exmples where we exponentilly improve over ntichins; experimentl results moreover show non negligible improvements. Keywords Lnguge Equivlence, Automt, Bisimultion, Coinduction, Up-to techniques, Congruence, Antichins. 1. Introduction Checking lnguge equivlence of finite utomt is clssicl problem in computer science, which finds pplictions in mny fields rnging from compiler construction to model checking. Equivlence of deterministic finite utomt (DFA) cn be checked either vi minimistion [9, 15] or through Hopcroft nd Krp s lgorithm [2, 16], which exploits n instnce of wht is nowdys clled coinduction proof principle [24, 27, 29]: two sttes recognise the sme lnguge if nd only if there exists bisimultion relting them. In order to check the equivlence of two given sttes, Hopcroft nd Krp s lgorithm cretes reltion contining them nd tries to build bisimultion by dding pirs of sttes to this reltion: if it succeeds then the two sttes re equivlent, otherwise they re different. On the one hnd, minimistion lgorithms hve the dvntge of checking the equivlence of ll the sttes t once (while Hopcroft nd Krp s lgorithm only check given pir of sttes). On the other hnd, they hve the disdvntge of needing the whole utomt from the beginning 1, while Hopcroft nd Krp s lgorithm cn be executed on-the-fly [12], on lzy DFA whose trnsitions re computed on demnd. This difference is fundmentl for our work nd for other recently introduced lgorithms bsed on ntichins [1, 33]. Indeed, when strting from non-deterministic finite utomt (NFA), the 1 There re few exceptions, like [19] which minimises lbelled trnsition systems w.r.t. bisimilrity rther thn trce equivlence. [Copyright notice will pper here once preprint option is removed.] powerset construction used to get deterministic utomt induces n exponentil fctor. In contrst, the lgorithm we introduce in this work for checking equivlence of NFA (s well s those in [1, 33]) usully does not build the whole deterministic utomton, but just smll prt of it. We write usully becuse in few bd cses, the lgorithm still needs exponentilly mny sttes of the DFA. Our lgorithm is grounded on simple observtion on determinised NFA: for ll sets X nd Y of sttes of the originl NFA, the union (written +) of the lnguge recognised by X (written [[X]]) nd the lnguge recognised by Y ([[Y ]]) is equl to the lnguge recognised by the union of X nd Y ([[X + Y ]]). In symbols: [[X + Y ]] = [X]] + [[Y ]] (1) This fct leds us to introduce sound nd complete proof technique for lnguge equivlence, nmely bisimultion up to context, tht exploits both induction (on the opertor +) nd coinduction: if bisimultion R equtes both the (sets of) sttes X 1, Y 1 nd X 2, Y 2, then [[X 1]] = [[Y 1]] nd [[X 2]] = [[Y 2]] nd, by (1), we cn immeditely conclude tht lso X 1 + X 2 nd Y 1 + Y 2 re lnguge equivlent. Intuitively, bisimultions up to context re bisimultions which do not need to relte X 1 + X 2 nd Y 1 + Y 2 when X 1 (resp. X 2) nd Y 1 (resp. Y 2) re lredy relted. To illustrte this ide, let us check the equivlence of sttes x nd u in the following NFA. (Finl sttes re overlined, lbelled edges represent trnsitions.) x z The determinised utomton is depicted below. {x} {y} 1 2 {z} {u} {v, w} {u, w} {u, v, w} 3 y u w {x, y} {y, z} {x, y, z} Ech stte is set of sttes of the NFA, finl sttes re overlined: they contin t lest one finl stte of the NFA. The numbered lines show reltion which is bisimultion contining x nd u. Actully, this is the reltion tht is built by Hopcroft nd Krp s lgorithm (the numbers express the order in which pirs re dded). The dshed lines (numbered by 1, 2, 3) form smller reltion which is not bisimultion, but bisimultion up to context: the equivlence of sttes {x, y} nd {u, v, w} could be immeditely deduced from the fct tht {x} is relted to {u} nd {y} to {v, w}, without the need of further exploring the determinised utomton. Bisimultions up-to, nd in prticulr bisimultions up to context, hve been introduced in the setting of concurrency theory [24, 4 5 6 v 1 2012/7/11

25, 28] s proof technique for bisimilrity of CCS or π-clculus processes. As fr s we know, they hve never been used for proving lnguge equivlence of NFA. Among these techniques one should lso mention bisimultion up to equivlence, which, s we show in this pper, is implicitly used in the originl Hopcroft nd Krp s lgorithm. This technique cn be briefly explined by noting tht not ll bisimultions re equivlence reltions: it might be the cse tht bisimultion reltes (for instnce) X nd Y, Y nd Z but not X nd Z. However, since [[X]] = [Y ]] nd [[Y ]] = [Z]], we cn immeditely conclude tht X nd Z recognise the sme lnguge. Anlogously to bisimultions up to context, bisimultion up to equivlence does not need to relte X nd Z when they re both relted to some Y. The techniques of up-to equivlence nd up-to context cn be combined resulting in powerful proof technique which we cll bisimultion up to congruence. Our lgorithm is in fct just n extension of Hopcroft nd Krp s lgorithm tht ttempts to build bisimultion up to congruence insted of bisimultion up to equivlence. An importnt consequence, when using up to congruence, is tht we do not need to build the whole deterministic utomt, but just those sttes tht re needed for the bisimultion up-to. For instnce, in the bove NFA, the lgorithm stops fter equting z nd u + v nd does not build the remining four sttes. Despite their use of the up to equivlence technique, this is not the cse with Hopcroft nd Krp s lgorithm, where ll ccessible subsets of the deterministic utomt hve to be visited t lest once. The bility of visiting only smll portion of the determinised utomton is lso the key feture of the ntichin lgorithm [33] nd its optimistion exploiting similrity [1]. The two lgorithms re designed to check lnguge inclusion rther thn equivlence, but we cn relte these pproches by observing tht the two problems re equivlent ([[X]] = [[Y ]] iff [[X]] [[Y ]] nd [[Y ]] [[X]]; nd [[X]] [[Y ]] iff [[X]] + [Y ]] = [Y ]] iff [[X + Y ]] = [Y ]]). In order to compre with these lgorithms, we mke explicit the coinductive up-to technique underlying the ntichin lgorithm [33]. We prove tht this technique cn be seen s restriction of up to congruence, for which symmetry nd trnsitivity re not llowed. As consequence, the ntichin lgorithm usully needs to explore more sttes thn our lgorithm. Moreover, we show how to integrte the optimistion proposed in [1] in our setting, resulting in n even more efficient lgorithm. Summrising, the contributions of this work re (1) the observtion tht Hopcroft nd Krp implicitly use bisimultions up to equivlence (Section 2), (2) n efficient lgorithm for checking lnguge equivlence (nd inclusion), bsed on powerful up to technique (Section 3), (3) comprison with ntichin lgorithms, by recsting them into our coinductive frmework (Sections 4 nd 5). Outline Section 2 reclls Hopcroft nd Krp s lgorithm for DFA, showing tht it implicitly exploits bisimultion up to equivlence. Section 3 describes the novel lgorithm, bsed on bisimultions up to congruence. We compre this lgorithm with the ntichin one in Section 4, nd we show how to exploit similrity in Section 5. Section 6 is devoted to benchmrks. Sections 7 nd 8 discuss relted nd future works. Omitted proofs cn be found in the Appendix. Nottion We denote sets by cpitl letters X, Y, S, T... nd functions by lower cse letters f, g,... Given sets X nd Y, X Y is their Crtesin product, X Y is the disjoint union nd X Y is the set of functions f : Y X. Finite itertions of function f : X X re denoted by f n (formlly, f 0 (x) = x, f n+1 (x) = f(f n (x))). The collection of subsets of X is denoted by P(X). The (omeg) itertion of function f : P(X) P(X) is denoted by f ω (formlly, f ω (Y ) = n 0 f n (Y )). For set of letters A, A denotes the set of ll finite words over A; ɛ the empty word; nd w 1w 2 the conctention of words w 1, w 2 A. We use 2 for the set {0, 1} nd 2 A for the set of ll lnguges over A. 2. Hopcroft nd Krp s lgorithm for DFA A deterministic finite utomton (DFA) over the lphbet A is triple (S, o, t), where S is finite set of sttes, o: S 2 is the output function, which determines if stte x S is finl (o(x) = 1) or not (o(x) = 0), nd t: S S A is the trnsition function which returns, for ech stte x nd for ech letter A, the next stte t (x). For A, we write x x to men tht t (x) = x. For w A, we write x w x for the lest reltion such tht (1) x ɛ x nd (2) x w x iff x x nd x w x. For ny DFA, there exists function [[ ]]: S 2 A mpping sttes to lnguges, defined for ll x S s follows: [[x]](ɛ) = o(x), [[x]](w) = [[t (x)]](w). The lnguge [[x]] is clled the lnguge ccepted by x. Given two utomt (S 1, o 1, t 1) nd (S 2, o 2, t 2), the sttes x 1 S 1 nd x 2 S 2 re sid to be lnguge equivlent (written x 1 x 2) iff they ccept they sme lnguge. Remrk 1. In the following, we will lwys consider the problem of checking the equivlence of sttes of one single nd fixed utomton (S, o, t). We do not loose generlity since for ny two utomt (S 1, o 1, t 1) nd (S 2, o 2, t 2) it is lwys possible to build n utomton (S 1 S 2, o 1 o 2, t 1 t 2) such tht the lnguge ccepted by every stte x S 1 S 2 is the sme s the lnguge ccepted by x in the originl utomton (S i, o i, t i). For this reson, we lso work with utomt without explicit initil sttes: we focus on the equivlence of two rbitrry sttes of fixed DFA. 2.1 Proving lnguge equivlence vi coinduction We first define bisimultion. We mke explicit the underlying notion of progression which we need in the sequel. Definition 1 (Progression, Bisimultion). Given two reltions R, R S S on sttes, R progresses to R, denoted R R, if whenever x R y then 1. o(x) = o(y) nd 2. for ll A, t (x) R t (y). A bisimultion is reltion R such tht R R. As expected, bisimultion is sound nd complete proof technique for checking lnguge equivlence of DFA: Proposition 1 (Coinduction). Two sttes re lnguge equivlent iff there exists bisimultion tht reltes them. 2.2 Nive lgorithm Figure 1 shows nive version of Hopcroft nd Krp s lgorithm for checking lnguge equivlence of the sttes x nd y of deterministic finite utomton (S, o, t). Strting from x nd y, the lgorithm builds reltion R tht, in cse of success, is bisimultion. In order to do tht, it employs the set (of pirs of sttes) todo which, intuitively, t ny step of the execution, contins the pirs (x, y ) tht must be checked: if (x, y ) lredy belongs to R, then it hs lredy been checked nd nothing else should be done. Otherwise, the lgorithm checks if x nd y hve the sme outputs (i.e., if both re finl or not). If o(x ) o(y ), then x nd y re different. 2 2012/7/11

Nive(x, y) ( 1) R is empty; todo is empty; ( 2) insert (x, y) in todo; ( 3) while todo is not empty, do { (3.1) extrct (x, y ) from todo; (3.2) if (x, y ) R then skip; (3.3) if o(x ) o(y ) then return flse; (3.4) for ll A, insert (t (x ), t (y )) in todo; (3.5) insert (x, y ) in R; ( 4) return true; Figure 1. Nive lgorithm for checking the equivlence of sttes x nd y of DFA (S, o, t); R nd todo re sets of pirs of sttes. The code of HK(x, y) is obtined by replcing step 3.2 with if (x, y ) e(r) then skip. 1 x u 2 y v 3 z w 1 x,b y u 2 v b 5,b 4,b,b Figure 2. Checking for DFA equivlence. If o(x ) = o(y ), then the lgorithm inserts (x, y ) in R nd, for ll A, the pirs (t (x ), t (y )) in todo. Proposition 2. For ll x, y S, x y iff Nive(x, y). Proof. We first observe tht if Nive(x, y) returns true then the reltion R tht is built before rriving to step 4 is bisimultion. Indeed, the following proposition is n invrint for the loop corresponding to step 3: R R todo This invrint is preserved since t ny itertion of the lgorithm, pir (x, y ) is removed from todo nd inserted in R fter checking tht o(x ) = o(y ) nd dding (t (x ), t (y )) for ll A in todo. Since todo is empty t the end of the loop, we eventully hve R R, i.e., R is bisimultion. By Proposition 1, x y. We now prove tht if Nive(x, y) returns flse, then x y. Note tht for ll (x, y ) inserted in todo, there exists word w A such tht x w x nd y w y. Since o(x ) o(y ), then [[x ]](ɛ) [y ]](ɛ) nd thus [[x]](w) = [[x ]](ɛ) [y ]](ɛ) = [[y]](w), tht is x y. Since both Hopcroft nd Krp s lgorithm nd the one we introduce in Section 3 re simple vritions of this nive one, it is importnt to illustrte its execution with n exmple. Consider the DFA with input lphbet A = {} in the left-hnd side of Figure 2, nd suppose we wnt to check tht x nd u re lnguge equivlent. During the initilistion, (x, u) is inserted in todo. At the first itertion, since o(x) = 0 = o(u), (x, u) is inserted in R nd (y, v) in todo. At the second itertion, since o(y) = 1 = o(v), (y, v) is inserted in R nd (z, w) in todo. At the third itertion, since o(z) = 0 = o(w), (z, w) is inserted in R nd (y, v) in todo. At the fourth itertion, since (y, v) is lredy in R, the lgorithm does nothing. Since there re no more pirs to check in todo, the reltion R is bisimultion nd the lgorithm termintes returning true. 3 z w,b These itertions re concisely described by the numbered dshed lines in Figure 2. The line i mens tht the connected pir is inserted in R t itertion i. (In the sequel, when enumerting itertions, we ignore those where pir from todo is lredy in R so tht there is nothing to do.) Remrk 2. Unless it finds counter-exmple, Nive constructs the smllest bisimultion tht reltes the two strting sttes (see Proposition 8 in Appendix A). On the contrry, minimistion lgorithms [9, 15] re designed to compute the lrgest bisimultion reltion for given utomton. For instnce, tking utomton on the left of Figure 2, they would equte the sttes x nd w which re lnguge equivlent, while Nive(x, u) does not relte them. 2.3 Hopcroft nd Krp s lgorithm The nive lgorithm is qudrtic: new pir is dded to R t ech non-trivil itertion, nd there re only n 2 such pirs, where n = S is the number of sttes of the DFA. To mke this lgorithm (lmost) liner, Hopcroft nd Krp ctully record set of equivlence clsses rther thn set of visited pirs. As consequence, their lgorithm my stop erlier, when n encountered pir of sttes is not lredy in R but in its reflexive, symmetric, nd trnsitive closure. For instnce in the right-hnd side exmple from Figure 2, we cn stop when we encounter the dotted pir (y, w), since these two sttes lredy belong to the sme equivlence clss ccording to the four previous pirs. With this optimistion, the produced reltion R contins t most n pirs (two equivlence clsses re merged ech time pir is dded). Formlly, nd ignoring the concrete dt structure to store equivlence clsses, Hopcroft nd Krp s lgorithm consists in simply replcing step 3.2 in Figure 1 with (3.2) if (x, y ) e(r) then skip; where e: P(S S) P(S S) is the function mpping ech reltion R S S into its symmetric, reflexive, nd trnsitive closure. We herefter refer to this lgorithm s HK. 2.4 Bisimultions up-to We now show tht the optimistion used by Hopcroft nd Krp corresponds to exploiting n up-to technique. Definition 2 (Bisimultion up-to). Let f : P(S S) P(S S) be function on reltions on S. A reltion R is bisimultion up to f if R f(r), i.e., whenever x R y then 1. o(x) = o(y) nd 2. for ll A, t (x) f(r) t (y). With this definition, Hopcroft nd Krp s lgorithm just consists in trying to build bisimultion up to e. To prove the correctness of the lgorithm it suffices to show tht ny bisimultion up to e is contined in bisimultion. We use for tht the notion of comptible function [26, 28]: Definition 3 (Comptible function). A function f : P(S S) P(S S) is comptible if it is monotone nd it preserves progressions: for ll R, R S S, R R entils f(r) f(r ). Proposition 3. Let f be comptible function. Any bisimultion up to f is contined in bisimultion. Proof. Suppose tht R is bisimultion up to f, i.e., tht R f(r). Using comptibility of f nd by simple induction on n, we get n, f n (R) f n+1 (R). Therefore, we hve f n (R) f n (R), n n 3 2012/7/11

in other words, f ω (R) = n f n (R) is bisimultion. This ltter reltion trivilly contins R, by tking n = 0. We could prove directly tht e is comptible function; we however tke detour to ese our correctness proof for the lgorithm we propose in Section 3. Lemm 1. The following functions re comptible: id: the identity function; f g: the composition of comptible functions f nd g; F : the pointwise union of n rbitrry fmily F of comptible functions: F (R) = f F f(r); f ω : the (omeg) itertion of comptible function f. Lemm 2. The following functions re comptible: the constnt reflexive function: r(r) = {(x, x) x S}; the converse function: s(r) = {(y, x) x R y}; the squring function: t(r) = {(x, z) y, x R y R z}. Intuitively, given reltion R, (s id)(r) is the symmetric closure of R, (r s id)(r) is its reflexive nd symmetric closure, nd (r s t id) ω (R) is its symmetric, reflexive nd trnsitive closure: e = (r s t id) ω. Another wy to understnd this decomposition of e is to recll tht for given R, e(r) cn be defined inductively by the following rules: x e(r) x r x e(r) y y e(r) x s x e(r) y y e(r) z x e(r) z t x R y x e(r) y id Theorem 1. Any bisimultion up to e is contined in bisimultion. Proof. By Proposition 3, it suffices to show tht e is comptible, which follows from Lemm 1 nd Lemm 2. Corollry 1. For ll x, y S, x y iff HK(x, y). Proof. Sme proof s for Proposition 2, by using the invrint R e(r) todo. We deduce tht R is bisimultion up to e fter the loop. We conclude with Theorem 1 nd Proposition 1. Returning to the right-hnd side exmple from Figure 2, Hopcroft nd Krp s lgorithm constructs the reltion R HK = {(x, u), (y, v), (z, w), (z, v)} which is not bisimultion, but bisimultion up to e: it contins the pir (x, u), whose b-trnsitions led to (y, w), which is not in R HK but in its equivlence closure, e(r HK). 3. Optimised lgorithm for NFA We now move from DFA to non-deterministic utomt (NFA). We strt with stndrd definitions bout semi-lttices, deterministion, nd lnguge equivlence for NFA. A semi-lttice (X, +, 0) consists of set X nd binry opertion +: X X X which is ssocitive, commuttive, idempotent (ACI), nd hs 0 X s identity. Given two semilttices (X 1, + 1, 0 1) nd (X 2, + 2, 0 2), n homomorphism of semilttices is function f : X 1 X 2 such tht for ll x, y X 1, f(x + 1 y) = f(x) + 2 f(y) nd f(0 1) = 0 2. The set 2 = {0, 1} is semi-lttice when tking + to be the ordinry Boolen or. Also the set of ll lnguges 2 A crries semi-lttice where + is the union of lnguges nd 0 is the empty lnguge. More generlly, for ny set X, P(X) is semi-lttice where + is the union of sets nd 0 is the empty set. In the sequel, we indiscrimintely use 0 to denote the element 0 2, the empty lnguge in 2 A, nd the empty set in P(X). Similrly, we use + to denote the Boolen or in 2, the union of lnguges in 2 A, nd the union of sets in P(X). A non-deterministic finite utomton (NFA) over the input lphbet A is triple (S, o, t), where S is finite set of sttes, o: S 2 is the output function (s for DFA), nd t: S P(S) A is the trnsition reltion, which ssigns to ech stte x S nd input letter A set of possible successor sttes. The powerset construction trnsforms ny NFA (S, o, t) in the DFA (P(S), o, t ) where o : P(S) 2 nd t : P(S) P(S) A re defined for ll X P(S) nd A s follows: o(x) if X = {x} with x S o (X) = 0 if X = 0 o (X 1) + o (X 2) if X = X 1 + X 2 t (x) if X = {x} with x S t (X) = 0 if X = 0 t (X 1) + t (X 2) if X = X 1 + X 2 Observe tht in (P(S), o, t ), the sttes form semi-lttice (P(S), +, 0), nd o nd t re, by definition, semi-lttices homomorphisms. These properties re fundmentl for the up-to technique we re going to introduce; in order to highlight the difference with generic DFA (which usully do not crry this structure), we introduce the following definition. Definition 4. A determinised NFA is DFA (P(S), o, t ) obtined vi the powerset construction of some NFA (S, o, t). Herefter, we use new nottion for representing sttes of determinised NFA: in plce of the singleton {x} we just write x nd, in plce of {x 1,..., x n}, we write x 1 + + x n. For n exmple, consider the NFA (S, o, t) depicted below (left) nd prt of the determinised NFA (P(S), o, t ) (right). x y z x y + z x + y x + y + z In the determinised NFA, x mkes one single -trnsition going into y + z. This stte is finl: o (y + z) = o (y) + o (z) = o(y)+o(z) = 1+0 = 1; it mkes n -trnsition into t (y +z) = t (y) + t (z) = t (y) + t (z) = x + y. The lnguge ccepted by the sttes of NFA (S, o, t) cn be conveniently defined vi the powerset construction: the lnguge ccepted by x S is the lnguge ccepted by the singleton {x} in the DFA (P(S), o, t ), in symbols [[{x}]]. Therefore, in the following, insted of considering the problem of lnguge equivlence of sttes of the NFA, we focus on lnguge equivlence of sets of sttes of the NFA: given two sets of sttes X nd Y in P(S), we sy tht X nd Y re lnguge equivlent (X Y ) iff [[X]] = [Y ]]. This is exctly wht hppens in stndrd utomt theory, where NFA re equipped with sets of initil sttes. 3.1 Extending coinduction to NFA In order to check if two sets of sttes X nd Y of n NFA (S, o, t) re lnguge equivlent, we cn simply employ the bisimultion proof method on (P(S), o, t ). More explicitly, bisimultion for NFA (S, o, t) is reltion R P(S) P(S) on sets of sttes, such tht whenever X R Y then (1) o (X) = o (Y ), nd (2) for ll A, t (X) R t (Y ). Since this is just the old definition of bisimultion (Definition 1) pplied to (P(S), o, t ), we get tht X Y iff there exists bisimultion relting them. 4 2012/7/11

Remrk 3 (Liner time v.s. brnching time). It is importnt not to confuse these bisimultion reltions with the stndrd Milnernd-Prk bisimultions [24] (which strictly imply lnguge equivlence): in stndrd bisimultion R, if the following sttes x nd y of n NFA re in R, x x 1.. x n then ech x i should be in R with some y j (nd vice-vers). Here, insted, we first trnsform the trnsition reltion into y y 1. y m x x 1 + + x n y y 1 + + y m, using the powerset construction, nd then we require tht the sets x 1 + + x n nd y 1 + + y m re relted by R. 3.2 Bisimultion up to congruence The semi-lttice structure (P(S), +, 0) crried by determinised NFA mkes it possible to introduce new up-to technique, which is not vilble with plin DFA: up to congruence. This technique relies on the following function. Definition 5 (Congruence closure). Let u: P(P(S) P(S)) P(P(S) P(S)) be the function on reltions on sets of sttes defined for ll R P(S) P(S) s: u(r) = {(X 1 + X 2, Y 1 + Y 2) X 1 R Y 1 nd X 2 R Y 2}. The function c = (r s t u id) ω is clled the congruence closure function. Intuitively, c(r) is the smllest equivlence reltion which is closed with respect to + nd which includes R. It could lterntively be defined inductively using the rules r, s, t, nd id from the previous section, nd the following one: X 1 c(r) Y 1 X 2 c(r) Y 2 X 1 + X 2 c(r) Y 1 + Y 2 We cll bisimultions up to congruence the bisimultions up to c. We report the explicit definition for the ske of clrity: Definition 6 (Bisimultion up to congruence). A bisimultion up to congruence for NFA (S, o, t) is reltion R P(S) P(S) on sets of sttes, such tht whenever X R Y then 1. o (X) = o (Y ) nd 2. for ll A, t (X) c(r) t (Y ). We then show tht bisimultions up to congruence re sound, using the notion of comptibility: Lemm 3. The function u is comptible. Proof. We ssume tht R R, nd we prove tht u(r) u(r ). If X u(r) Y, then X = X 1 + X 2 nd Y = Y 1 + Y 2 for some X 1, X 2, Y 1, Y 2 such tht X 1 R Y 1 nd X 2 R Y 2. By ssumption, we hve o (X 1) = o (Y 1), o (X 2) = o (Y 2), nd for ll A, t (X 1) R t (Y 1) nd t (X 2) R t (Y 2). Since o nd t re homomorphisms, we deduce o (X 1 + X 2) = o (Y 1 + Y 2), nd for ll A, t (X 1 + X 2) u(r ) t (Y 1 + Y 2). Theorem 2. Any bisimultion up to congruence is contined in bisimultion. Proof. By Proposition 3, it suffices to show tht c is comptible, which follows from Lemms 1, 2 nd 3. u x u y z 1 x u 2 y + z x + y x + y + z Figure 3. Bisimultions up to congruence, on single letter NFA. In the Introduction, we lredy gve n exmple of bisimultion up to context, which is prticulr cse of bisimultion up to congruence (up to context corresponds to use just the function (r u id) ω, without closing under s nd t). A more involved exmple illustrting the use of ll ingredients of the congruence closure function (c) is given in Figure 3. The reltion R expressed by the dshed numbered lines (formlly R = {(x, u), (y + z, u)}) is neither bisimultion, nor bisimultion up to equivlence, since y + z x + y nd u u, but (x+y, u) / e(r). However, R is bisimultion up to congruence. Indeed, we hve (x + y, u) c(r): 3 x + y c(r) u + y ((x, u) R) 4 c(r) y + z + y ((y + z, u) R) = y + z c(r) u ((y + z, u) R) In contrst, we need four pirs to get bisimultion up to e contining (x, u): this is the reltion depicted with both dshed nd dotted lines in Figure 3. Note tht we cn deduce mny other equtions from R; in fct, c(r) defines the following prtition of sets of sttes: {0}, {y}, {z}, {x, u, x+y, x+z, nd the 9 remining subsets}. 3.3 Optimised lgorithm for NFA Algorithms for NFA cn be obtined by computing the determinised NFA on-the-fly [12]: strting from the lgorithms for DFA (Figure 1), it suffices to work with sets of sttes, nd to inline the powerset construction. The corresponding code is given in Figure 4. The nive lgorithm (Nive) does not use ny up to technique, Hopcroft nd Krp s lgorithm (HK) resons up to equivlence in step 3.2, nd the optimised lgorithm, referred s HKC in the sequel, relies on up to congruence: step 3.2 becomes (3.2) if (X, Y ) c(r todo) then skip; Observe tht we use c(r todo) rther thn c(r): this llows us to skip more pirs, nd this is sfe since ll pirs in todo will eventully be processed. Corollry 2. For ll X, Y P(S), X Y iff HKC(X, Y ). Proof. Sme proof s for Proposition 2, by using the invrint R c(r todo) for the loop. We deduce tht R is bisimultion up to congruence fter the loop. We conclude with Theorem 2 nd Proposition 1. The most importnt point bout these three lgorithms is tht they compute the sttes of the determinised NFA lzily. This mens tht only ccessible sttes need to be computed, which is of prcticl importnce since the determinised NFA cn be exponentilly lrge. In cse of negtive nswer, the three lgorithms stop even before ll ccessible sttes hve been explored; otherwise, if bisimultion (possibly up-to) is found, it depends on the lgorithm: 5 2012/7/11

Nive(X, Y ) ( 1) R is empty; todo is empty; ( 2) insert (X, Y ) in todo; ( 3) while todo is not empty, do { (3.1) extrct (X, Y ) from todo; (3.2) if (X, Y ) R then skip; (3.3) if o (X ) o (Y ) then return flse; (3.4) for ll A, insert (t (X ), t (Y )) in todo; (3.5) insert (X, Y ) in R; ( 4) return true; Figure 4. On-the-fly nive lgorithm, for checking the equivlence of sets of sttes X nd Y of NFA (S, o, t). The code for onthe-fly HK(X, Y ) is obtined by replcing the test in step 3.2 with (X, Y ) e(r); the code for HKC(X, Y ) is obtined by replcing this test with (X, Y ) c(r todo). with Nive, ll ccessible sttes need to be visited, by definition of bisimultion; with HK, the only cse where some ccessible sttes cn be voided is when pir (X, X) is encountered: the lgorithm skips this pir so tht the successors of X re not necessrily computed (this sitution rrely hppens in prctice it ctully never hppens when strting with disjoint utomt). In the other cses where pir (X, Y ) is skipped, then X nd Y re necessrily lredy relted to some other sttes in R, so tht their successors will eventully be explored; with HKC, only smll portion of the ccessible sttes is built (check the experiments in Section 6). To see concrete exmple, let us execute HKC on the NFA from Figure 3. After two itertions, R = {(x, u), (y + z, u)}. Since x + y c(r) u, the lgorithm stops without building the sttes x + y nd x + y + z. Similrly, in the exmple from the Introduction, HKC does not construct the four sttes corresponding to pirs 4, 5, nd 6. This bility of HKC to ignore prts of the determinised NFA comes from the up to congruence technique, which llows one to infer properties bout sttes tht were not necessrily encountered before. As we shll see in Section 4 the efficiency of ntichins lgorithms [1, 33] lso comes from their bility to skip lrge prts of the determinised NFA. 3.4 Computing the congruence closure For the optimised lgorithm to be effective, we need wy to check whether some pirs belong to the congruence closure of some reltion (step 3.2). We present here simple solution bsed on set rewriting; the key ide is to look t ech pir (X, Y ) in reltion R s pir of rewriting rules: X X + Y Y X + Y, which cn be used to compute norml forms for sets of sttes. Indeed, by idempotence, X R Y entils X c(r) X + Y. Definition 7. Let R P(S) P(S) be reltion on sets of sttes. We define R P(S) P(S) s the smllest irreflexive reltion tht stisfies the following rules: X R Y X R X + Y X R Y Y R X + Y Z R Z U + Z R U + Z Lemm 4. For ll reltions R, the reltion R is convergent. In the sequel, we denote by X R the norml form of set X w.r.t. R. Intuitively, the norml form of set is the lrgest set of its equivlence clss. Reclling the exmple from Figure 3, the common norml form of x + y nd u cn be computed s follows (R is the reltion {(x, u), (y + z, u)}): x + y x + y + u x + y + z + u x + u Theorem 3. For ll reltions R, nd for ll X, Y P(S), we hve X R = Y R iff (X, Y ) c(r). Thus, in order to check if (X, Y ) c(r todo) we only hve to compute the norml form of X nd Y with respect to R todo. Note tht ech pir of R todo my be used only once s rewriting rule, but we do not know in dvnce in which order to pply these rules. Therefore, the time required to find one rule tht pplies is in the worst cse rn where r = R todo is the size of the reltion R todo, nd n = S is the number of sttes of the NFA (ssuming liner time complexity for set-theoretic union nd continment of sets of sttes). Since we cnnot pply more thn r rules, the time for checking whether (X, Y ) c(r todo) is bounded by r 2 n. We tried other solutions, notbly by using binry decision digrms [8]. We hve chosen to keep the presented rewriting lgorithm for its simplicity nd becuse it behves well in prctice. 3.5 Complexity hints The complexity of Nive, HK nd HKC is closely relted to the size of the reltion tht they build. Herefter, we use v = A to denote the number of letters in A. Lemm 5. The three lgorithms require t most 1 + v R itertions, where R is the size of the produced reltion; moreover, this bound is reched whenever they return true. Therefore, we cn conveniently reson bout R. Lemm 6. Let R Nive, R HK, nd R HKC denote the reltions produced by the three lgorithms. We hve R HKC, R HK m R Nive m 2, (2) where m 2 n is the number of ccessible sttes in the determinised NFA nd n is the number of sttes of the NFA. If the lgorithms returned true, we moreover hve R HKC R HK R Nive. (3) As shown below in Section 4.2.4, R HKC cn be exponentilly smller thn R HK. Notice however tht the problem of deciding NFA lnguge equivlence is PSPACE-complete [23], nd tht none of the lgorithms presented here is in PSPACE: ll of them store set of visited pirs, nd in the worst cse, this set cn become exponentilly lrge with ll of them. (This lso holds for the ntichin lgorithms [1, 33] which we describe in Section 4.) Insted, the stndrd PSPACE lgorithm does not store ny set of visited pirs: it checks ll words of length smller thn 2 n. While this cn be done in polynomil spce, this systemticlly requires exponentil time. 3.6 Using HKC for checking lnguge inclusion For NFA, lnguge inclusion cn be reduced to lnguge equivlence in rther simple wy. Since the function [[ ]]: P(S) 2 A is semi-lttice homomorphism (see Theorem 7 in Appendix A), for ny given sets of sttes X nd Y, [[X+Y ]] = [Y ]] iff [[X]] + [[Y ]] = [[Y ]] iff [[X]] [[Y ]]. Therefore, it suffices to run HKC(X+Y, Y ) to check the inclusion [[X]] [[Y ]]. In such sitution, ll pirs tht re eventully mnipulted by HKC hve the shpe (X +Y, Y ) for some sets X, Y. The step 3.2 of HKC, where it checks whether the current pir belongs u 6 2012/7/11

to the congruence closure of the reltion, cn thus be simplified. First, the pirs in the current reltion cn only be used to rewrite from right to left. Second, the following lemm llows one to void unnecessry norml form computtions: Lemm 7. For ll sets X, Y nd for ll reltions R, we hve X+Y c(r) Y iff X Y R. Proof. We first prove tht for ll X, Y, X R = Y R iff X Y R nd Y X R, using the fct tht the normlistion function R : X X R is monotone nd idempotent. The nnounced result follows by Theorem 3, since Y (X + Y ) R is lwys true nd X+Y Y R iff X Y R. However, s shown below, checking n equivlence by decomposing it into two inclusions cnnot be more efficient thn checking the equivlence directly. Lemm 8. Let X, Y be two sets of sttes; let R nd R be the reltions computed by HKC(X+Y, Y ) nd HKC(X+Y, X), respectively. If R nd R re bisimultions up to congruence, then the following reltion is bisimultion up to congruence: R = = {(X, Y ) (X +Y, Y ) R or (X +Y, X ) R }. On the contrry, checking the equivlence directly ctully llows one to skip some pirs tht cnnot be skipped when resoning by double inclusion. As n exmple, consider the DFA on the right of Figure 2. The reltion computed by HKC(x, u) contins only four pirs (becuse the fifth one follows from trnsitivity). Insted, the reltions built by HKC(x, x+u) nd HKC(u+x, u) would both contin five pirs: trnsitivity cnnot be used since our reltions re now oriented (from y v, z v nd z w, we cnnot deduce y w). Another exmple, where we get n exponentil fctor by checking the equivlence directly rther thn through the two inclusions, cn be found in Section 4.2.4. In sense, the behviour of the coinduction proof method here is similr to tht of stndrd proofs by induction, where one often hs to strengthen the induction predicte to get (nicer) proof. 4. Antichin lgorithm In [33], De Wulf et l. hve proposed the ntichin pproch for checking lnguge inclusion of NFA. We show tht this pproch cn be explined in terms of simultions up to upwrd-closure tht, in turn, cn be seen s specil cse of bisimultions up to congruence. Before doing so, we recll the stndrd notion of ntichin nd we describe the ntichin lgorithm (AC). Given prtil order (X, ), n ntichin is subset Y X contining only incomprble elements (tht is, for ll y 1, y 2 Y, y 1 y 2 nd y 2 y 1). AC exploits ntichins over the set S P(S), where the ordering is given by (x 1, Y 1) (x 2, Y 2) iff x 1 = x 2 nd Y 1 Y 2. In order to check [[X]] [[Y ]] for two sets of sttes X, Y of n NFA (S, o, t), AC mintins n ntichin of pirs (x, Y ), where x is stte of the NFA nd Y is stte of the determinised utomton. More precisely, the utomton is explored nondeterministiclly (vi t) for obtining the first component of the pir nd deterministiclly (vi t ) for the second one. If pir such tht x is ccepting (o(x ) = 1) nd Y is not (o (Y ) = 0) is encountered, then counter-exmple hs been found. Otherwise ll derivtives of the pir long the utomt trnsitions hve to be inserted into the ntichin, so tht they will be explored. If one these pirs p is lrger thn previously encountered pir p (p p) then the lnguge inclusion corresponding to p is subsumed by p so tht p cn be skipped; otherwise, if p p 1,..., p n for some pirs p 1,..., p n tht re lredy in the ntichin, then one cn sfely remove these pirs: they re subsumed by p nd, by doing so, the set of visited pirs remins n ntichin. Remrk 4. An importnt difference between HKC nd AC consists in the fct tht the former inserts pirs in todo without checking whether they re redundnt (this check is performed when the pir is processed), while the ltter removes ll redundnt pirs whenever new one is inserted. Therefore, the cost of n itertion with HKC is merely the cost of the corresponding congruence check, while the cost of n itertion with AC is merely tht of inserting ll successors of the corresponding pir nd simplifying the ntichin. Note tht the bove description corresponds to the forwrd ntichin lgorithm, s described in [1]. Insted, the originl ntichin lgorithm, s first described in [33], is bckwrd in the sense tht the utomt re trversed in the reversed wy, from ccepting sttes to initil sttes. The two versions re dul [33] nd we could similrly define the bckwrd counterprt of HKC nd HK. We however stick to the forwrd versions for the ske of clrity. 4.1 Coinductive presenttion Leving prt the concrete dt structures used to mnipulte ntichins, we cn rephrse this lgorithm using coinductive frmework, like we did for Hopcroft nd Krp s lgorithm. First define notion of simultion, where the left-hnd side utomton is executed non-deterministiclly: Definition 8 (Simultion). Given two reltions T, T S P(S), T s-progresses to T, denoted T s T, if whenever x T Y then 1. o(x) o (Y ) nd 2. for ll A, x t (x), x T t (Y ). A simultion is reltion T such tht T s T. As expected, we obtin the following coinductive proof principle: Proposition 4 (Coinduction). For ll sets X, Y, we hve [[X]] [[Y ]] iff there exists simultion T such tht for ll x X, x T Y. (Note tht like for our notion of bisimultion, the bove notion of simultion is weker thn the stndrd one from concurrency theory [24], which strictly entils lnguge inclusion Remrk 3.) To ccount for the ntichin lgorithm, where we cn discrd pirs using the preorder, it suffices to define the upwrd closure function : P(S P(S)) P(S P(S)) s T = {(x, Y ) (x, Y ) T s.t. (x, Y ) (x, Y )}. A pir belongs to the upwrd closure T of reltion T S P(S), if nd only if this pir is subsumed by some pir in T. In fct, rther thn trying to construct simultion, AC ttempts to construct simultion up to upwrd closure. Like for HK nd HKC, this method cn be justified by defining the pproprite notion of s-comptible function, showing tht ny simultion up to n s-comptible function is contined in simultion, nd showing tht the upwrd closure function ( ) is s-comptible. Theorem 4. Any simultion up to is contined in simultion. Corollry 3. For ll X, Y P(S), [[X]] [[Y ]] iff AC(X, Y ). 4.2 Compring HKC nd AC The efficiency of the two lgorithms strongly depends on the number of pirs tht they need to explore. In the following (Sections 4.2.3 nd 4.2.4), we show tht HKC cn explore fr fewer pirs thn AC, when checking lnguge inclusion of utomt tht shre some sttes, or when checking lnguge equivlence. We would lso like to formlly prove tht () HKC never explores more thn AC, nd 7 2012/7/11

(b) when checking inclusion of disjoint utomt, AC never explores more thn HKC. Unfortuntely, the vlidity of these sttements highly depends on numerous ssumptions bout the two lgorithms (e.g., on the explortion strtegy) nd their potentil proofs seem complicted nd not relly informtive. For these resons, we preferred to investigte the forml correspondence t the level of the coinductive proof techniques, where it is much clener. 4.2.1 Lnguge inclusion: HKC cn mimic AC As explined in Section 3.6, we cn check the lnguge inclusion of two sets X, Y by executing HKC(X+Y, Y ). We now show tht for ny simultion up to upwrd closure tht proves the inclusion [[X]] [[Y ]], there exists bisimultion up to congruence of the sme size which proves the sme inclusion. For T S P(S), let T P(S) P(S) denote the reltion {(x + Y, Y ) x T Y }. Lemm 9. We hve T c( T ). Proof. If (x + Y, Y ) T, then there exists Y Y such tht (x, Y ) T. By definition, (x + Y, Y ) T nd (Y, Y ) c( T ). By the rule (u), (x + Y + Y, Y + Y ) c( T ) nd since Y Y, (x + Y, Y ) c( T ). Proposition 5. If T is simultion up to, then T is bisimultion up to c. Proof. First observe tht if T s T, then T u ω ( T ). Therefore, if T s T, then T u ω ( T ). By Lemm 9, T u ω (c( T )) = c( T ). (Note tht trnsitivity nd symmetry re not used in the bove proofs: the constructed bisimultion up to congruence is ctully bisimultion up to context (r u id) ω.) The reltion T is not the one computed by HKC, since the former contins pirs of the shpe (x + Y, Y ), while the ltter hs pirs of the shpe (X + Y, Y ) with X possibly not singleton. However, note tht mnipulting pirs of the two kinds does not chnge nything since by Lemm 7, (X + Y, Y ) c(r) iff for ll x X, (x + Y, Y ) c(r). 4.2.2 Inclusion: AC cn mimic HKC on disjoint utomt As shown in Section 4.2.3 below, HKC cn be fster thn AC, thnks to the up to trnsitivity technique. However, in the specil cse where the two utomt re disjoint, trnsitivity cnnot help, nd the two lgorithms ctully mtch ech other. Suppose tht the utomton (S, o, t) is built from two disjoint utomt (S 1, o 1, t 1) nd (S 2, o 2, t 2) s described in Remrk 1. Let R be the reltion obtined by running HKC(X 0+Y 0, Y 0) with X 0 S 1 nd Y 0 S 2. All pirs in R re necessrily of the shpe (X+Y, Y ) with X S 1 nd Y S 2. Let R S P(S) denote the reltion {(x, Y ) X, x X nd X+Y R Y }. Lemm 10. If S 1 nd S 2 re disjoint, then c(r) (R). Proof. Suppose tht x c(r) Y, i.e., x X with X + Y c(r) Y. By Lemm 7, we hve X Y R, nd hence, x Y R. By definition of R the pirs it contins cn only be used to rewrite from right to left; moreover, since S 1 nd S 2 re disjoint, such rewriting steps cnnot enble new rewriting rules, so tht ll steps cn be performed in prllel: we hve Y R = X +Y R Y Y X. Therefore, there exists some X, Y with x X, X +Y R Y, nd Y Y. It follows tht (x, Y ) R, hence (x, Y ) (R). Proposition 6. If S 1 nd S 2 re disjoint, nd if R is bisimultion up to congruence, then R is simultion up to upwrd closure.,b,b x x 1 b,b,b y y 1,b,b,b z z 1,b,b,b x n y n Figure 5. Fmily of exmples where HKC exponentilly improves over AC nd HK; we hve x + y z. Proof. First observe tht for ll reltions R, R, if R R, then R s R. Therefore, if R c(r), then R s c(r). We deduce R s (R) by Lemm 10. z n 4.2.3 Inclusion: AC cnnot mimic HKC on merged utomt The continment of Lemm 10 does not hold when S 1 nd S 2 re not disjoint, since c cn exploit trnsitivity, while cnnot. For concrete grsp, tke R = {(x + y, y), (y + z, z)} nd observe tht (x, z) c(r) but (x, z) / (R). This difference mkes it possible to find bisimultions up to c tht re much smller thn the corresponding simultions up to, nd for HKC to be more efficient thn AC. Such n exmple, where HKC is exponentilly better thn AC for checking lnguge inclusion of utomt shring some sttes, is given in [6]. 4.2.4 Lnguge equivlence: AC cnnot mimic HKC. AC cn be used to check lnguge equivlence, by checking the two underlying inclusions. However, checking equivlence directly cn be better, even in the disjoint cse. To see this on simple exmple, consider the DFA on the right-hnd side of Figure 2. If we use AC twice to prove x u, we get the following ntichins T 1 = {(x, u), (y, v), (y, w), (z, v), (z, w)}, T 2 = {(u, x), (v, y), (w, y), (v, z), (w, z)}, contining five pirs ech. Insted, four pirs re sufficient with HK or HKC, thnks to up to symmetry nd up to trnsitivity. For more interesting exmple, consider the fmily of NFA given in Figure 5, where n is n rbitrry nturl number. Tken together, the sttes x nd y re equivlent to the stte z: they recognise the lnguge (+b) (+b) n+1. Alone, the stte x (resp. y) recognises the lnguge (+b) (+b) n (resp. (+b) b(+b) n ). For i n, let X i = x+x 1+... +x i, Y i = y+y 1+... +y i, nd Z i = z+z 1+... +z i; for N [1..i], furthermore set Xi N = x + x j, Y N i = y + y j. j N j [1..n]\N In the determinised NFA, x + y cn rech ll the sttes of the shpe Xi N +Y N i, for i n nd N [1..i]. For instnce, for n=i=2, we hve x+y x+y+x 1+x 2, x+y b x+y+y 1+x 2, x+y b x+y+x 1+y 2, nd x+y bb x+y+y 1+y 2. Insted, z reches only n+1 distinct sttes, those of the form Z i. The smllest bisimultion relting x + y nd z is R ={(X N i + Y N i, Z i) i n, N [1..i]}, which contins 2 n+1 1 pirs. This is the reltion computed by Nive(x, y) nd HK(x, y) the up to equivlence technique (lone) does not help in HK. With AC, we obtin the ntichins T x + T y (for 8 2012/7/11

[[x + y]] [[z]]) nd T z (for [[x + y]] [[z]]), where: T x = {(x i, Z i) i n}, T y = {(y i, Z i) i n}, T z = {(z i, X N i + Y N i ) i n, N [1..i]}. Note tht T x nd T y hve size n + 1, nd T z hs size 2 n+1 1. The lnguge recognised by x or y re known for hving miniml DFA with 2 n sttes [17]. So, checking x + y z vi minimistion (e.g., [9, 15]) would lso require exponentil time. This is not the cse with HKC, which requires only polynomil time in this cse. Indeed, HKC(x+y, z) builds the reltion R = {(x + y, z)} {(x + Y i + y i+1, Z i+1) i < n} {(x + Y i + x i+1, Z i+1) i < n} which is bisimultion up to congruence nd which only contins 2n + 1 pirs. To see tht this is bisimultion up to congruence, consider the pir (x+y+x 1+y 2, Z 2) obtined from (x+y, z) fter reding the word b. This pir does not belong to R but to its congruence closure. Indeed, we hve x+y+x 1+y 2 c(r ) Z 1+y 2 (x+y+x 1 R Z 1) c(r ) x+y+y 1+y 2 (x+y+y 1 R Z 1) c(r ) Z 2 (x+y+y 1+y 2 R Z 2) (Check Lemm 18 in Appendix D for complete proof.) 5. Exploiting Similrity Looking t the exmple in Figure 5, nturl ide would be to first quotient the utomton by grph isomorphism. By doing so, we would merge the sttes x i, y i, z i, nd we would obtin the following utomton, for which checking x+y z is much esier.,b x,b,b y m 1,b z b,b,b m n As shown by Abdull et l. [1], one cn ctully do better with the ntichin lgorithm, by exploiting ny preorder contined in lnguge inclusion (e.g., similrity [24]). In this section, we rephrse this technique for ntichins in our coinductive frmework, nd we show how this ide cn be embedded in HKC, resulting in n even stronger lgorithm. 5.1 AC with similrity: AC For the ske of clrity, we fix the preorder to be similrity, which cn be computed in qudrtic time [13]: Definition 9 (Similrity). Similrity is the lrgest reltion on sttes S S such tht x y entils: 1. o(x) o(y) nd 2. for ll A, x S such tht x x, there exists some y such tht y y nd x y. One extends similrity to preorder P(S) P(S) on sets of sttes, nd to preorder (S P(S)) (S P(S)) on ntichin pirs, s: X Y if x X, y Y, x y, (x, Y ) (x, Y ) if x x nd Y Y. The new ntichin lgorithm [1], which we cll AC, is similr to AC, but the ntichin is now tken w.r.t. the new preorder. Formlly, let : P(S P(S)) P(S P(S)) be the function defined for ll reltions T S P(S), s T = {(x, Y ) x Y, or (x, Y ) T s.t. (x, Y ) (x, Y )}. While AC consists in trying to build simultion up to, AC tries to build simultion up to, i.e., it skips pir (x, Y ) if either () it is subsumed by nother pir of the ntichin or (b) x Y. Theorem 5. Any simultion up to is contined in simultion. Corollry 4. The ntichin lgorithm proposed in [1] is sound nd complete: for ll sets X, Y, [[X]] [[Y ]] iff AC (X, Y ). Optimistion 1() nd optimistion 1(b) in [1] re simply () nd (b), s discussed bove. Another optimistion, clled Optimistion 2, is presented in [1]: if y 1 y 2 nd y 1, y 2 Y for some pir (x, Y ), then y 1 cn be sfely removed from Y. Note tht while this is useful to store smller sets, it does not llow one to explore less, since the pirs encountered with or without optimistion 2 re lwys equivlent w.r.t. the ordering : Y Y \ y 1 nd, for ll A, t (Y ) t (Y \ y 1). 5.2 HKC with similrity: HKC Although HKC is primrily designed to check lnguge equivlence, we cn lso extend it to exploit the similrity preorder. It suffices to notice tht for ny similrity pir x y, we hve x+y y. Let denote the reltion {(x+y, y) x y}, let r denote the constnt to function, nd let c = (r s t u id) ω. Accordingly, we cll HKC the lgorithm obtined from HKC (Figure 4) by replcing (X, Y ) c(r todo) with (X, Y ) c (R todo) in step 3.2. Notice tht the ltter test cn be reduced to rewriting thnks to Theorem 3 nd the following lemm. Lemm 11. For ll reltions R, c (R) = c(r ). In other words to check whether (X, Y ) c (R todo), it suffices to compute the norml forms of X nd Y w.r.t. the rules from R todo plus the rules x + y y for ll x y. Theorem 6. Any bisimultion up to c is contined in bisimultion. Proof. Consider the constnt function r : P(P(S) P(S)) P(P(S) P(S)) mpping ll reltions to. Since lnguge equivlence ( ) is bisimultion, we immeditely obtin tht this function is comptible. Thus so is the function c = (r s t u id) ω. We hve tht is contined in, so tht ny bisimultion up to c is bisimultion up to c. Since c is comptible, such reltion is contined in bisimultion, by Proposition 3. Note tht in the bove proof, we cn replce by ny other reltion contined in. Intuitively, bisimultions up to c correspond to clssicl bisimultions up to bisimilrity [24] from concurrency. Corollry 5. For ll sets X, Y, we hve X Y iff HKC (X, Y ). 5.3 Reltionship between HKC nd AC Like in Section 4.2.1, we cn show tht for ny simultion up to there exists corresponding bisimultion up to c, of the sme size. Lemm 12. For ll reltions T S P(S), T c ( T ). Proposition 7. If T is simultion up to, then T is bisimultion up to c. 9 2012/7/11

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback