## Are you sure?

This action might not be possible to undo. Are you sure you want to continue?

Ratings:

298 pages5 hours

This book presents what in our opinion constitutes the basis of the theory of the mu-calculus, considered as an algebraic system rather than a logic. We have wished to present the subject in a unified way, and in a form as general as possible. Therefore, our emphasis is on the generality of the fixed-point notation, and on the connections between mu-calculus, games, and automata, which we also explain in an algebraic way.

This book should be accessible for graduate or advanced undergraduate students both in mathematics and computer science. We have designed this book especially for researchers and students interested in logic in computer science, comuter aided verification, and general aspects of automata theory. We have aimed at gathering in a single place the fundamental results of the theory, that are currently very scattered in the literature, and often hardly accessible for interested readers.

The presentation is self-contained, except for the proof of the Mc-Naughton's Determinization Theorem (see, e.g., [97]. However, we suppose that the reader is already familiar with some basic automata theory and universal algebra. The references, credits, and suggestions for further reading are given at the end of each chapter.

Publisher: Elsevier ScienceReleased: Feb 7, 2001ISBN: 9780080516455Format: book

*logic. *

**André Arnold and Damian Niwi ****ski ¹ **

The μ-calculus is basically an algebra of monotonic functions over a complete lattice, whose basic constructors are functional composition and least and greatest fixed point operators. In some sense, the μ-calculus naturally extends the concept of an inductive definition, very common in mathematical practice. An object defined by induction, typically a set, is obtained as a least fixed point of some monotonic operator, usually over a powerset lattice. For example, the set of theorems of a formal theory is the least fixed point of the consequence operator. For some concepts, however, the use of co–induction, i.e. of greatest fixed points is more appropriate. For example, a maximal dense–in–itself subspace of a topological space can be defined as the greatest fixed point of the derivative operator. In the μ-calculus, both least and greatest fixed points are considered, but, more importantly, their occurrences can be nested and mutually dependent. The alternation between the least and greatest fixed-point operators is a source of a sharp expressive power of the μ-calculus and gives rise to a proper hierarchy, just as the alternation of quantifiers is the basis of strength of first-order logic.

The μ-calculus emerged from numerous works of logicians and computer scientists and its use has become common in the works about verification of computer programs because it provides a simple way of expressing and checking their behavioural properties. In the literature, the most popular reference is perhaps the modal μ-calculus introduced by Kozen **[55]; let us also mention prior works by Scott and de Bakker [88], Moschovakis [64], Emerson and Clarke [36], Park [80], and Pratt [82]. Indeed, there is a wide variety of phenomena that can be modeled in the μ-calculus, from finite automata and regular expressions, to alternating automata on infinite trees or, even more generally, infinite games with finitely presentable winning conditions. **

From a point of view of computer science, a virtue of the μ-calculus is that it allows static characterization of dynamic concepts. Computation, by its nature, refers to time, and its properties are naturally expressed in terms of histories. It is possible, for instance, to model nondeterministic computations by (possibly infinite) trees, and to express computation properties using temporal operators and quantification over paths. In contrast to that approach, known as temporal logic, in a fixed-point definition of a computational property, an explicit reference to computation paths is no longer needed, since a fixed point contains information about the computation paths converging to it. In this context, the least and the greatest fixed point operators usually correspond to the references to finite (e.g., reachability) or potentially infinite (e.g., safety) periods of time, respectively. To give a simple illustration, the set of origins of all infinite paths in a graph 〈*V, E*〉 can be presented as the greatest fixed point of an equation *X *= *E*−1 *X *(where the graph is given by a relation

and the term greatest

refers to the powerset lattice ℘(*V*)).

Another interesting and important feature of the μ-calculus is the similarity between its semantic aspects and two-player games with perfect information. Indeed, such games (more specifically, infinite parity games) turn out to be inherent to the semantics of the μ-calculus. In some sense, the converse is also true, i.e., the μ-calculus constitutes a useful framework for discussing games. In particular, one can give a μ-calculus explanation of the determinacy of certain infinite games. More precisely, in **Chapter 4, we derive the Memoryless Determinacy Theorem (which says that in an infinite parity game, starting in an arbitrary position, one of the players has a winning strategy which depends only on the actual position, and not on the history of the play), from the Selection Property, where the latter is a kind of normal form result of the Boolean μ-calculus. **

The μ-calculus can also be considered as a natural extension of the notion of an automaton to structures more complex than words and trees. Automata are usually well tractable algorithmically due to a straightforward rather than inductive semantics. One may even consider automata themselves as a kind of a specification language, since, for words and trees, they achieve the expressive power of the monadic second-order logic (by the fundamental results of Büchi **[21] and Rabin [83]). However, automata in general lack the compositionality of logical formulas, and so do not reflect the complexity of the properties specified. The μ-calculus combines the good points of both logic and automata. It offers an elegant and well–structured mathematical notation inducing nice semantical hierarchies. On the other hand, solutions to the related algorithmic problems are already implicitly present in the structure of the fixed-point expressions, as computing a least (or, dually, greatest) fixed point is one of general paradigms of algorithms. **

This book presents what in our opinion constitutes the basis of the theory of the μ-calculus, considered as an algebraic system rather than a logic. We have wished to present the subject in a unified way, and in a form as general as possible. Therefore, our emphasis is on the generality of the fixed-point notation, and on the connections between μ-calculus, games, and automata, which we also explain in an algebraic way.

This book should be accessible for graduate or advanced undergraduate students both in mathematics and computer science. We have designed this book especially for researchers and students interested in logic in computer science, computer aided verification, and general aspects of automata theory. We have aimed at gathering in a single place the fundamental results of the theory, that are currently very scattered in the literature, and often hardly accessible for interested readers.

The presentation is self–contained, except for the proof of the Mc-Naughton’s Determinization Theorem (see, e.g., **[97]). However, we suppose that the reader is already familiar with some basic automata theory and universal algebra. The references, credits, and suggestions for further reading are given at the end of each chapter. **

We wish to stress that our presentation is far from being complete. One important omission is the issue of proof systems of the μ-calculus. For this matter, we refer the reader to the original paper by Walukiewicz **[103] who established the completeness of an axiomatization proposed by Kozen [55]. Another topic not considered here is a first–order version of the μ-calculus, i.e., the fixed–point extension of first–order logic. We refer the reader to the monograph by Moschovakis [64] for general considerations, and to monographs by Ebbinghaus and Flum [29], and by Immerman [43] for fixed-point logic over finite models. **

More generally, the connections between the μ-calculus and related logics of programs (see, e.g., **[41]) are not considered, although they are a great motivation for the development of the μ-calculus. **

In **principle, and Gauss elimination principle allow us to move between scalar and vector fixed points. **

A formalized language for the μ-calculus, based on the concept of fixed-point terms, is introduced in **Chapter 2, together with the notion of a μ-interpretation. To stress the algebraic character of the theory, we introduce a general concept of an abstract μ-calculus, so that fixed-point terms themselves can be organized into a μ-calculus, somehow analogous to an algebra of (ordinary) terms. Then the meaning of fixed-point terms under a particular μ-interpretation is obtained by a homomorphism of μ-calculi. We will meet other examples of abstract μ-calculi later in Chapters 5 and 7, in particular the μ-calculus of automata. **

Still in **Chapter 2, we also show a special role played by μ-interpretations over powerset lattices, which in some sense are representative of all μ-interpretations. This leads to the Boolean μ-calculus, i.e., the calculus of monotonic mappings over the Boolean algebra {0, 1}, which we study in detail in Chapter 3. The prevalent place occupied by this calculus is somehow analogous to that of the Boolean algebra in first order logic. In particular, as we will show later in Chapters 10 and 11, most of the algorithmic problems originating from the μ-calculus (including the well—known model—checking problem) reduce to evaluation of Boolean vector fixed–point terms. Finally, we go beyond the standard Boolean μ-calculus by considering infinite powers of {0, 1}, in order to show the aforementioned Selection Property in its full generality. **

The next chapter is devoted to the correspondence between the μ-calculus and games. We show that the winning sets in parity games on graphs can be defined by fixed-point terms, and conversely, the value of any fixed-point term under a powerset interpretation coincides with a winning set in some parity game induced by the term and interpretation. As we have mentioned above, the Memoryless Determinacy Theorem follows from the Selection Property of the Boolean μ-calculus.

**Chapter 5 studies the connection between the μ-calculus and automata over finite and infinite words. We show that both formalisms define the same class of languages. A reader interested in this topic can read Chapter 5 without knowledge of Chapters 3 and 4. **

**Chapter 6 introduces the concept of a powerset algebra, the idea of which can be traced back to the work of Jónnson and Tarski [47, 48]. In this frame we present the modal μ-calculus of Kozen [55]. We also note a connection between preservation of fixed-point terms and bisimulation. **

In **Chapter 7, we establish an equivalence between the μ-calculus and automata which generalizes the correspondence already shown for automata on words in Chapter 5. To this end, we consider a very general concept of automaton, whose semantics can be given in an arbitrary powerset algebra and is defined in terms of parity games. Our automata generalize in particular nondeterministic and alternating automata on infinite trees. Again, we stress the algebraic character of the theory, by organizing the automata into an abstract μ-calculus. Then, the transformation from fixed-point terms to automata is presented as a homomorphism of μ-calculi which, while failing to be surjective, captures all automata up to semantic equivalence. Reading of Chapter 7 requires the knowledge of Chapters 4 and 6, but not necessarily 3 and 5. **

**Chapter 8 studies the problem of the hierarchy induced by the alternation of least and greatest fixed-point operators. We show that this hierarchy is indeed proper in the powerset algebra of trees. **

**Chapter 9 is motivated by the celebrated Rabin Complementation Lemma which, in a strengthening due to Muller and Schupp, takes form of a Simulation Theorem: An alternating automaton on trees can be simulated by a nondeterministic one. Simplification of the Rabin’s original proof has constituted a longstanding challenge, pursued by many authors. (A proof based on the μ-calculus was given by Emerson and Jutla [33].) In this chapter, we explain the Simulation Theorem in the framework of the μ-calculus, as a conditional elimination of the (lattice) intersection operator. **

**Chapter 10 shows the decidability of the basic decision problems related to fixed-point terms: nonemptiness of an interpretation of a term in a fixed μ-interpretation, satisfiability, and semantic equivalence of fixed-point terms. As we have already remarked, most of the algorithmic problems of the μ-calculus can be reduced to the evaluation of vector Boolean fixed-point terms. This leads us to the last chapter, where we analyze various algorithms that have been proposed for this problem, for which no polynomial–time algorithm is known at the time we close this book. An interested reader can read Chapter 11 directly after Chapter 3. **

**ski was supported by Polish KBN grants no. 8 T11C 002 11 and 8 T11C 027 16. **

Both authors were supported by a Polonium

French-Polish grant in 1998–1999.

The μ-calculus is based on the celebrated Knaster—Tarski fixed-point theorem which states that a monotone function over a complete lattice has a least fixed point. In this chapter we review basic properties of complete lattices and show the fixed-point theorem and its variants. By duality, the Knaster—Tarski theorem also assures the existence of a greatest fixed point of a monotone function, which gives rise to definitions combining both extremal fixed points. We discuss general properties of such fixed-point definitions in **principle and Gauss elimination method. **

Let 〈*E*, ≤〉 be an ordered set. That is, *E *is a set equipped with a (partial) order relation ≤, which is reflexive, antisymmetric, and transitive. As usual, we read ‘*x *≤ *y*’ as "*x *is *less *than or equal to *y*; and we say that

*x *is *less *than *y*" if *x *≤ *y *and *x *≠ *y*.

Let *X *be a subset of *E*. An element *e *∈ *E *is an *upper bound *of *X *in *E *if *x *≤ *e *holds for all *x *in *X*. Similarly, an element *e *∈ *E *is a *lower bound *of *X *if *e *≤ *x *holds for all *x *∈ *X*.

It is easy to see that if an upper bound of a set *X *belongs itself to *X*, then it is unique and is the *greatest *element of *X*. Similarly, if there is a lower bound of *X *in *X*, then it is unique and is the *least *element of *X*.

An element *e *of *E *is said to be the *least upper bound *of a set *X *if it is the least element in the set of upper bounds of *X*, i.e., if the following two conditions hold:

– ∀*x *∈ *X, x *≤ *e*,

– if *e′ *is such that ∀*x *∈ *X, x *≤ *e′*, then *e *≤ *e′*.

Clearly, if a subset *X *of *E *has a least upper bound, then this least upper bound is unique. We shall denote it by ∨ *X*.

However a least upper bound of a set needs not always exist. For instance consider the set {*a, b, c, d*} ordered by *a *≤ *c, a *≤ *d, b *≤ *c, b *≤ *d *(see **Figure 1.1). The subset { c, d} has no upper bound and the subset {a, b} has two upper bounds, namely c and d, but none of them is a least upper bound. **

**Fig. 1.1 **An ordered set, not a lattice

Symmetrically, if it exists, the *greatest lower bound *of a subset *X *of *E *is the (unique) element *e *of *E *satisfying:

– ∀*x *∈ *X, e *≤ *x*,

– if *e′ *is such that ∀*x *∈ *X, e′ *≤ *x*, then *e′ *≤ *e*.

The greatest lower bound of a set *X *will be denoted by ∧ *X*.

Notice that, by remark above, ∨ *X *∈ *X *if and only if it is the greatest element of *X*; the similar claim holds for ∧ *X*.

A *lattice *is an ordered set 〈*E*, ≤〉 such that for any two elements *x *and *y *of *E*, the set {*x, y*} has a least upper bound and a greatest lower bound. In this case, we denote ∨{*x, y*} by *x *∨ *y *and ∧{*x, y*} by *x *∧ *y*.

A *complete lattice *is an ordered set 〈*E*, ≤〉 such that any subset *X *of *E *has a least upper bound and a greatest lower bound.

Indeed, the above definition may be simplified by noting that the existence of ∨ *X *for *any *subset *X *⊆ *E *implies the existence of ∧ *X *for any *X *⊆ *E*, and *vice versa*.

This is due to the following remark.

*Given a subset X of any ordered set E, if the set of lower bounds of X has a least upper bound then it is also the greatest lower bound of X*.

*Symmetrically, if the set of upper bounds of X has a greatest lower bound, this greatest lower bound is the least upper bound of X*.

Let *LB*(*X*) denote the set of the lower bounds of *X*. Firstly, ∨ *LB*(*X*) is a lower bound of *X*. For, let *x *be any element of *X*. We have, ∀*y *∈ *LB*(*X*), *y *≤ *x*. Therefore *x *is an upper bound of *LB*(*X*) and ∨ *LB*(*X*) ≤ *x*.

It follows that ∨ *LB*(*X*) belongs to *LB*(*X*), and thus it is the greatest element of *LB*(*X*).

Notice that, if 〈*E*, ≤〉 is a complete lattice then the least upper bound of the set *E *exists in *E*, and hence is the greatest element of *E*. We shall denote ∨ *E *and ∧ *E *by ⊥.

What are ∨ ∅ and ∧ ∅? Since *any *element of *E *is an upper bound, and also a lower bound, of the empty subset of *E*.

The following result is an immediate consequence of the definition.

*Let E be a complete lattice. If X *⊆ *X′ *⊆ *E then *

Observe that the inequality ∧ *X *≤ ∨ *X *holds for any *nonempty *set *X*and ∨ ∅ = ⊥.

Let *E *be any set, and let *P*(*E*) be its powerset, ordered by inclusion. Then 〈*P*(*E*of *P*(*E*),

and

In particular *X *∨ *Y *= *X *∪ *Y *and *X *∧ *Y *= *X *∩ *Y*= *E*.

It is easy to see that in a lattice, the two binary operations ∨ and ∧ are

– idempotent: *x *∨ *x *= *x *∧ *x *= *x*,

– commutative: *x *∨ *y *= *y *∨ *x, x *∧ *y *= *y *∧ *x*,

– associative: *x *∨ (*y *∨ *z*) = (*x *∨ *y*) ∨ *z, x *∧ (*y *∧ *z*) = (*x *∨ *y*) ∧ *z*,

and satisfy the *absorption law: *

– *x *∨ (*x *∧ *y*) = *x *= *x *∧ (*x *∨ *y*).

It follows that in a lattice every nonempty finite set {*x*1, …, *xn*} has a least upper bound *x*1 ∨ … ∨ *xn *and a greatest lower bound *x*1 ∧ … ∧ *xn*.

Also, *x *≤ *y *if and only if *x *∨ *y *= *y *if and only if *x *∧ *y *= *x*.

In a complete lattice 〈*E*, ≤〉, the two mappings ∨ and ∧ from *P*(*E*) into *E *are *associative *in the following sense: for any family (*Xi*)*i*∈*I *of subsets of *E*,

and

If 〈*E*, ≤〉 is an ordered set then 〈*E*, ≤*〉 with ≤* defined by

is also an ordered set. Moreover, it is easy to see that, if the least upper bound of a set *X *⊆ *E *exists in 〈*E*, ≤〉 then it equals to the greatest lower bound of the same set in 〈*E*, ≤*〉, and *vice versa*. Hence, 〈*E*, ≤〉 is a (complete) lattice if and only if 〈*E*, ≤*〉 is a (complete) lattice, and we have

where ∨*, ∧* etc. denote the bounds with respect to the ordering ≤*.

This fact explains why any property true in all lattices, has its dual, obtained by replacing ≤ by ≥ (i.e., ≤*) and thus exchanging ∨ and ∧. Therefore, in most of the proofs concerning lattices, it is enough to give a half

of the proof, and the other half

follows by a symmetric argument. We shall refer to this informal statement as to *the principle of symmetry*.

Let 〈*E*, ≤〉 be a complete lattice and let *E′ *be a nonempty subset of *E*. This subset *E′ *is naturally ordered by the restriction of ≤ to *E′*, and it may be or may not be the case that 〈*E′*, ≤〉 is a complete lattice.

But, even if 〈*E′*, ≤〉 is a complete lattice, it is not necessary that the least upper bounds (or greatest lower bounds) of a subset *X *of *E′ *are the same in *E *and *E′*.

Let {1, 2, 3, 6, 12} be ordered by the divisibility ordering (*n *≤ *m *⇔ *n *divides *m*). It is a complete lattice where ∨{2, 3} = 6. Its subset {1, 2, 3, 12} is also a complete lattice, but in this lattice, ∨{2, 3} = 12.

Let 〈*E*, ≤〉 be a complete lattice and *E′ *be a nonempty subset of *E*. The ordered set 〈*E′*, ≤〉 is said to be a *complete sublattice *of 〈*E*, ≤〉 if for any nonempty subset *X *of *E*, if *X *⊆ *E′ *then ∨ *X *and ∧ *X *are in *E′*. If it is the case 〈*E′*, ≤〉 is obviously a complete lattice whose minimal and maximal elements are ∧ *E′ *and ∨ *E′*.

Let 〈*E*, ≤〉 be a complete lattice, let *d*1 < *d*2 be two elements of *E*, and let *E′ *= {*e *∈ *E *| *d*1 ≤ *e *≤ *d*2}. Then 〈*E′*, ≤〉 is a complete sublattice of 〈*E*, ≤〉. This is because *d*1 is a lower bound and *d*2 is an upper bound of any subset *X *of *E′*′.

Let *E *and *E′ *be two complete lattices. A mapping *f *: *E *→ *E′ *is said to be *additive *if for any *nonempty *subset *X *of *E, f*(∨ *X*) = ∨ *f*(*X*). It is *multiplicative *if for any *nonempty *subset *X *of *E, f*(∧ *X*) = ∧ *f*(*X*). Obviously, a mapping that is either additive or multiplicative is monotonic.

*Let *〈*E*, ≤〉 *and *〈*E′*, ≤′〉 *be complete lattices and let f : E *→ *E′. If f is additive and multiplicative then *〈*f*(*E*), ≤′〉 *is a complete sublattice of *〈*E′*, ≤′〉.

Let *Y *be a nonempty subset of *f*(*E*) and let *X *= {*e *∈ *E *| *f*(*e*) ∈ *Y*}. Clearly, *f*(*x*) = *Y*. Hence, ∨ *Y *= ∨ *f*(*X*) = *f*(∨ *X*) and ∧ *Y *= ∧ *f*(*X*) = *f*(∧ *X*) which are both in *f*(*E*).

A lattice 〈*E*, ≤〉 is *distributive *if it satisfies the two conditions

–

–

Indeed, it is easy to see that these two conditions are equivalent.

A lattice 〈*E*, ≤〉 is *complemented *if

,

– there exists a mapping γ : *E *→ *E *such that

For any set *E*, the complete lattice 〈*P*(*E*), ⊆〉 is distributive and complemented, with γ the set-theoretical complement operator.

) = ⊥.

To get some other properties of γ, we need to assume that the lattice is distributive.

*If a lattice *〈*E*, ≤〉 *is distributive and complemented, then there exists a *unique *mapping *γ : *E *→ *E such that *

*Moreover, this mapping satisfies *

– *involution property: *∀*x *∈ *E*, γ(γ(*x*)) =

You've reached the end of this preview. Sign up to read more!

Page 1 of 1

Close Dialog## Are you sure?

This action might not be possible to undo. Are you sure you want to continue?

Loading