The Complexity of Enriched µ-Calculi

(1)

Piero A. Bonatti^1?, Carsten Lutz², Aniello Murano^1?, and Moshe Y. Vardi^3??

1 Universit`a di Napoli “Federico II”, Dipartimento di Scienze Fisiche, 80126 Napoli, Italy

2 TU Dresden, Institute for Theoretical Computer Science, 01062 Dresden, Germany

3 Microsoft Research and Rice University, Dept. of Computer Science, TX 77251-1892, USA

Abstract. Thefully enrichedµ-calculusis the extension of the propositional µ-calculus with inverse programs, graded modalities, and nominals. While satis- fiability in several expressive fragments of the fully enrichedµ-calculus is known to be decidable and EXPTIME-complete, it has recently been proved that the full calculus is undecidable. In this paper, we study the fragments of the fully enriched µ-calculus that are obtained by dropping at least one of the additional constructs.

We show that, in all fragments obtained in this way, satisfiability is decidable and EXPTIME-complete. Thus, we identify a family of decidable logics that are maximal (and incomparable) in expressive power. Our results are obtained by introducing two new automata models, showing that their emptiness problems are EXPTIME-complete, and then reducing satisfiability in the relevant logics to this problem. The automata models we introduce aretwo-way graded alternating parity automataover infinite trees (2GAPT) andfully enriched automata(FEA) over infinite forests. The former are a common generalization of two incomparable automata models from the literature. The latter extend alternating automata in a similar way as the fully enrichedµ-calculus extends the standardµ-calculus.

1 Introduction

Theµ-calculusis a propositional modal logic augmented with least and greatest fixpoint operators [Koz83]. It is often used as a target formalism for embedding temporal and modal logics with the goal of transferring computational and model theoretic properties such as the EXPTIMEupper complexity bound.Description logics (DLs)are a family of knowledge representation languages that originated in artificial intelligence [BM+03].

DLs currently receive considerable attention, which is mainly due to their use as an ontology language in prominent applications such as the semantic web [BHS02]. No- tably, DLs have recently been standardized as the ontology language OWL by the W3C committee. It has been pointed out by several authors that, by embedding DLs into the µ-calculus, we can identify DLs that are of very high expressive power, but compu- tationally well-behaved [CGL01,SV01,KSV02]. When putting this idea to work, we face the problem that modern DLs such as the ones underlying OWL include several constructs that cannot easily be translated into theµ-calculus. Most importantly, these

?Supported in part by the European Network of Excellence REWERSE, IST-2004-506779.

??Supported in part by NSF grants CCR-0311326 and ANI-0216467, by BSF grant 9800096, and by Texas ATP grant 003604-0058-2003. Work done in part while this author was visiting the Isaac Newton Institute for Mathematical Science, Cambridge, UK, as part of a Special Programme on Logic and Algorithm.

(2)

Inverse progr. Graded mod. Nominals Complexity

fully enrichedµ-calculus x x x undecidable

full gradedµ-calculus x x EXPTIME(1ary/2ary)

full hybridµ-calculus x x EXPTIME

hybrid gradedµ-calculus x x EXPTIME(1ary/2ary)

gradedµ-calculus x EXPTIME(1ary/2ary)

Fig. 1.Enrichedµ-calculi and previous results.

constructs are inverse programs, graded modalities, and nominals. Intuitively, inverse programs allow to travel backwards along accessibility relations [Var98], nominals are propositional variables interpreted as singleton sets [SV01], and graded modalities en- able statements about the number of successors and predecessors of a state [KSV02].

All of the mentioned constructs are available in the DLs underlying OWL.

The extension of theµ-calculus with these constructs induces a family of enriched µ-calculi. These calculi may or may not enjoy the attractive computational properties of the originalµ-calculus: on the one hand, it has been shown that satisfiability in a number of the enriched calculi is decidable and EXPTIME-complete [CGL01,SV01,KSV02].

On the other hand, it has recently been proved by Bonatti and Peron that satisfiability is undecidable in thefully enrichedµ-calculus, i.e., the logic obtained by extending the µ-calculus with all of the above constructs simultaneously [BP04]. In computer science logic, it has always been a major research goal to identify decidable logics that are as expressive as possible. Thus, the above results raise the question of maximal decidable fragments of the fully enriched µ-calculus. In this paper, we study this question in a systematic way by considering all fragments of the fully enrichedµ-calculus that are obtained by dropping at least one of inverse programs, graded modalities, and nominals.

We show that, in all these fragments, satisfiability is decidable and EXPTIME-complete.

Thus, we identify a whole family of decidable logics that have maximum (incomparable) expressivity.

The relevant fragments of the fully enrichedµ-calculus are shown in Fig. 1 together with the complexity of their satisfiability problem. The results shown in gray are already known from the literature: EXPTIME-completeness of satisfiability in the full hybrid µ-calculus has been shown in [SV01]; under the assumption that the numbers inside graded modalities are coded in unary, the same result was proved for the full graded µ-calculus in [CGL01]; finally, the same was also shown for the (non-full) gradedµ- calculus in [KSV02] under the assumption of binary coding. In this paper, we prove EXPTIME-completeness of the full gradedµ-calculus and the hybrid gradedµ-calculus.

In both cases, we allow numbers to be coded in binary (techniques such as those of [CGL01] involve an exponential blow-up when numbers are coded in binary).

Our results are based on the automata-theoretic approach. We introducefully en- riched automata (FEAs), which run on infinite forests and use a parity acceptance con- dition. Intuitively, these automata generalize alternating automata on infinite trees in a similar way as the fully enrichedµ-calculus extends the standardµ-calculus: FEAs can move up to a node’s predecessor (by analogy with inverse programs), move down to at leastnor all butnsuccessors (by analogy with graded modalities), and jump directly to the roots of the input forest (which are the analogues of nominals). We prove that

(3)

the emptiness problem is decidable for fully enriched automata and then show how to reduce to this problem satisfiability in the hybrid graded and the full gradedµ-calculi, exploiting the forest model property enjoyed by these logics. Observe that decidability of the emptiness problem for FEAs does not contradict the undecidability of the fully enrichedµ-calculus: the latter does not enjoy a forest model property [BP04], and hence satisfiability cannot be decided using forest-based FEAs.

To show that the emptiness problem for FEAs is in EXPTIME, we introduce an additional automata model:two-way graded parity tree automata (2GAPTs). These au- tomata are interesting in their own right because they generalize in a natural way two existing, but incomparable automata models: two-way alternating tree automata (2APT) [Var98] and graded parity tree automata (GAPT) [KSV02]. We give a polynomial reduction of the emptiness problem for FEAs to that for 2GAPTs, and then show contain- ment in EXPTIMEfor the 2GAPT emptiness problem by a reduction to the emptiness of graded nondeterministic parity tree automata (GNPT) as introduced in [KSV02].

Due to space limitations, most of the proofs are omitted. The interested reader can find them in the accompanying technical report [BL+06].

2 Preliminaries

LetAP,Var,Prog, andNom be finite and pairwise disjoint sets ofatomic proposi- tions,propositional variables,atomic programs, andnominals. Aprogramis an atomic programaor its conversea⁻. The set offormulas of the fully enrichedµ-calculusis the smallest set such that (i)trueandfalseare formulas; (ii)pand¬p, forp∈AP∪Nom, are formulas; (iii)x∈Varis a formula; (iv) ifϕ1andϕ2are formulas,αis a program, nis a non-negative integer, andyis a propositional variable, then the following are also formulas:ϕ1∨ϕ2, ϕ1∧ϕ2, hn, αiϕ1, [n, α]ϕ1, µy.ϕ1(y), and νy.ϕ1(y). Observe that we use positive normal form, i.e., negation is applied only to atomic propositions.

We callµandνfixpoint operatorsand useλto denote a fixpoint operatorµorν. A propositional variableyoccursfreein a formula if it is not in the scope of a fixpoint operator, andboundedotherwise. Asentenceis a formula that contains no free variables.

For a formulaλy.ϕ(y), we writeϕ(λy.ϕ(y))to denote the formula that is obtained by one-step unfolding, i.e. replacing each free occurrence ofyinϕwithλy.ϕ(y). We refer often to thegraded modalitieshn, αiϕ1and[n, α]ϕ1asatleast formulasandallbut formulasand assume that the integers in these operators are given in binary coding: the contribution of nto the length of the formulashn, αiϕand[n, α]ϕisdlognerather thann. We refer to fragments of the fully enrichedµ-calculus using the names from Fig. 1.

The semantics of the fully enrichedµ-calculus is defined with respect to aKripke structure, i.e., a tupleK = hW, R, Li where W is a non-empty set ofstates,R : Prog → 2^W^×W assigns to each atomic program a transition relation over W, and L:AP ∪Nom →2^W assigns to each atomic proposition and nominal a set of states such that the sets assigned to nominals are singletons. To deal with inverse programs, we extendRas follows: for eacha∈Prog, setR(a⁻) ={(v, u) : (u, v)∈R(a)}. If (w, w⁰)∈R(α), we say thatw⁰is anαsuccessorofw. Informally, anatleastformula hn, αiϕholds at a statewof a Kripke structureKifϕholds at least inn+1αsuccessors of w. Dually, theallbut formula [n, α]ϕholds in a state wof a Kripke structure K

(4)

if ϕholds in all but at most n αsuccessors of w. Note that ¬hn, αiϕis equivalent to[n, α]¬ϕ, and that the modalitieshαiϕand[α]ϕof the standardµ-calculus can be expressed ash0, αiϕand[0, α]ϕ, respectively.

To formalize semantics, we introduce valuations. Given a Kripke structureK = hW, R, Liand a set{y1, . . . , yn}of variables inVar, avaluationV :{y1, . . . , yn} → 2^W is an assignment of subsets ofW to the variablesy1, . . . , yn. For a valuationV, a variabley, and a setW⁰ ⊆W, we denote byV[y←W⁰]the valuation obtained fromV by assigningW⁰toy. A formulaϕwith free variables amongy1, . . . , ynis interpreted over the structureKas a mappingϕ^Kfrom valuations to2^W, i.e.,ϕ^K(V)denotes the set of points that satisfyϕunder valuationV. The mappingϕ^K is defined inductively as follows:

– true^K(V) =Wandfalse^K(V) =∅;

– forp∈AP∪Nom, we havep^K(V) =L(p)and(¬p)^K(V) =W \L(p);

– fory∈Var, we havey^K(V) =V(y);

– (ϕ1∧ϕ2)^K(V) =ϕ^K₁(V)∩ϕ^K₂(V)and(ϕ1∨ϕ2)^K(V) =ϕ^K₁(V)∪ϕ^K₂(V);

– (hn, αiϕ)^K(V) ={w:|{w⁰∈W : (w, w⁰)∈R(α)andw⁰∈ϕ^K(V)}| ≥n+ 1};

– ([n, α]ϕ)^K(V) ={w:|{w⁰∈W : (w, w⁰)∈R(α)andw⁰6∈ϕ^K(V)}| ≤n};

– (µy.ϕ(y))^k(V) =T

{W⁰⊆W :ϕ^K([y←W⁰])⊆W⁰};

– (νy.ϕ(y))^k(V) =S

{W⁰ ⊆W :W⁰⊆ϕ^K([y←W⁰])}.

LetK=hW, R, Libe a Kripke structure andϕa sentence. For a statew∈W, we say thatϕholdsatwinK, denotedK, w|=ϕ, ifw∈ϕ^K.Kis amodelofϕif there is a w∈Wsuch thatK, w|=ϕ. Finally,ϕissatisfiableif it has a model.

In the remainder of this section, we show that the full gradedµ-calculus has a tree model property, and that the hybrid gradedµ-calculus has a forest model property. A forestis a setF ⊆IN⁺such that ifx·c∈Fwherex∈IN⁺andc∈IN, then alsox∈F. The elements ofFare callednodes, and the strings consisting of a single natural number are therootsofF. For each rootr∈F, the setT ={r·x|x∈IN^∗andr·x∈F}is a treeofF (the treerooted inr). For everyx∈F, the nodesx·c∈F wherec∈IN are thesuccessorsofx, andxis theirpredecessor. The number of successors ofxis called thedegreeofx, and is denoted bydeg(x). The degree of a forest is the maximum of the degrees of a node in the forest and the number of roots.

We call a Kripke structureK = hW, R, Liaforest structureif (i)W is a forest, (ii)(w, v)∈S

a∈ProgR(a)iff(w, v)∈W²andwis either a predecessor or a successor ofv, and (iii)R(α)∩R(β) =∅for allα, β∈Prog∪ {a⁻ |a∈Prog}withα6=β.K isdirectedif(w, v)∈S

a∈ProgR(a)implies thatvis a successor ofw. IfW consists of a single tree then we callKatree structure.

We callK =hW, R, Liaquasi forest structureifhW, R⁰, Liis a forest structure, whereR⁰(a) =R(a)\(W ×IN)for alla∈Prog (i.e.,Kbecomes a forest structure after deleting all the edges entering a root ofW).K isdirectedifhW, R⁰, Liis. The degreeofK is the degree ofW. Note that forest and tree structures are quasi forest structures. Aforest model(resp.tree model,quasi forest model) ofϕis a forest (resp.

tree, quasi forest) structureK =hW, R, Lisuch thatϕand the nominals inϕhold at some (not necessarily different) roots ofW. In what follows, a formulaϕcountsup to bif the maximal integer in atleast and allbut restrictions used inϕisb−1.

(5)

Theorem 1. Letϕbe a sentence of the full gradedµ-calculus such thatϕhas`atleast subsentences and counts up to b. If ϕ is satisfiable, thenϕ has a tree model whose degree is at most`(b+ 1).

In contrast to the full gradedµ-calculus, the hybrid gradedµ-calculus does not enjoy the tree model property. This is for example witnessed by the formula

o∧ h0, ai(p1∧ h0, ai(p2∧ · · · h0, ai(pn−1∧ h0, aio)· · ·))

which generates a cycle of length at most nif the atomic propositions are enforced to be mutually disjoint. However, we can follow [SV01] to show that every satisfiable formula of the hybrid gradedµ-calculus has a quasi forest model.

Theorem 2. Let ϕbe a sentence of the hybrid gradedµ-calculus such thatϕhask nominals,`atleast subsentences and counts up tob. Ifϕis satisfiable, then ϕhas a directed quasi forest modelKwhose degree is at mostmax{k+ 1, `(b+ 1)}.

3 Enriched automata

Nondeterministic automata on infinite trees are a variation of nondeterministic automata on finite and infinite words, see [Tho90] for an introduction.Alternating automata, as first introduced in [MS87], are a generalization of nondeterministic automata. Intu- itively, while a nondeterministic automaton that visits a nodexof the input tree sends one copy of itself to each of the successors ofx, an alternating automaton can send several copies of itself to the same successor. In the two-way paradigm [Var98], an automaton can send a copy of itself to its predecessor, too. In graded automata [KSV02], the automaton can specify a numbernof successors to which copies of itself are sent, without specifying which successors these exactly are. The fully enriched automata that we are introducing in the next subsection work on infinite forests, include all of the above features, and additionally have the ability to send a copy of themselves to the roots of the forest.

3.1 Fully enriched automata

We start with some preliminaries. LetF ⊆ IN⁺ be a forest andxa node inF. As a convention, we takex·ε=x,(x·c)· −1 =x, andε· −1as undefined. We callxaleaf if it has no successors. ApathπinF is a minimal setπ⊆F such that some rootrof Fis contained inπand for everyx∈π, eitherxis a leaf or there exists a uniquec∈F such thatx·c∈π. Given an alphabetΣ, aΣ-labeled forest is a pairhF, Vi, whereF is a forest andV :F →Σmaps each node ofF to a letter inΣ.

For a given setY, letB⁺(Y)be the set of positive Boolean formulas overY (i.e., Boolean formulas built from elements inY using∧and∨), where we also allow the formulastrueandfalseand∧has precedence over∨. For a setX ⊆Y and a formula θ∈B⁺(Y), we say thatXsatisfiesθiff assigningtrueto elements inXand assigning false to elements inY \X makesθtrue. Forb > 0, leth[b]i = {h0i,h1i, . . . ,hbi}, [[b]] ={[0],[1], . . . ,[b]}, andDb=h[b]i ∪[[b]]∪ {−1, ε,hrooti,[root]}.

(6)

A fully enriched automaton is an automaton in which the transition functionδmaps a stateqand a letterσto a formula inB⁺(Db×Q). Intuitively, an atom(hni, q)(resp.

([n], q)) means that the automaton sends copies in stateq ton+ 1(resp. all but n) different successors of the current node,(ε, q)means that the automaton sends a copy (in stateq) to the current node,(−1, q)means that the automaton sends a copy to the predecessor of the current node, and(hrooti, q)and([root], q)mean that the automaton sends a copy to some, respectively all of the roots of the forest. When, for instance, the automaton is in stateq, reads a nodex, and

δ(q, V(x)) = (−1, q1)∧((hrooti, q2)∨([root], q3)),

it sends a copy in stateq1to the predecessor and either sends a copy in stateq2to one of the roots or a copy in stateq3to all roots.

Formally, afully enriched automaton(FEA, for short) is a tupleA =hΣ,b,Q,δ, q₀,Fi, whereΣis the input alphabet,b >0is a counting bound,Qis a finite set of states,δ: Q×Σ →B⁺(Db×Q)is a transition function,q0 ∈Qis an initial state, andFis the acceptance condition. ArunofAon an inputΣ-labeled foresthF, Viis a treehTr, riin which each node is labeled by an element ofF×Q. Intuitively, a node in Trlabeled by(x, q)describes a copy of the automaton in stateqthat reads the nodex ofF. Runs start in the initial state and satisfy the transition relation. Thus, a runhTr, ri with rootzhas to satisfy the following: (i)r(z) = (c, q0)for some rootcofF and (ii) for ally ∈Trwithr(y) = (x, q)andδ(q, V(x)) =θ, there is a (possibly empty) set S⊆Db×Q, such thatSsatisfiesθ, and for all(d, s)∈S, the following hold:

– Ifd∈ {−1, ε}, thenx·dis defined and there isj ∈IN such thaty·j ∈Trand r(y·j) = (x·d, s);

– Ifd=hni, then there are distincti1, . . . , in+1∈IN such that for all1≤j≤n+ 1, there isj⁰∈IN such thaty·j⁰ ∈Tr,x·ij ∈F, andr(y·j⁰) = (x·ij, s);

– Ifd= [n], then there are distincti1. . . , ideg(x)−n ∈IN such that for all1 ≤j ≤ deg(x)−n, there isj⁰∈IN such thaty·j⁰∈Tr,x·ij ∈F, andr(y·j⁰) = (x·ij, s);

– Ifd=hrooti, then for some rootc ∈F and somej ∈IN such thaty·j ∈Tr, it holds thatr(y·j) = (c, s);

– Ifd= [root], then for all rootsc∈F there existsj ∈IN such thaty·j ∈Trand r(y·j) = (c, s).

A runhTr, riisacceptingif all its infinite paths satisfy the acceptance condition. We consider here theparity acceptance condition, where F = {F1, F2, . . . , Fk}is such thatF1 ⊆F2 ⊆. . . ⊆Fk =Q. The numberkof sets inFis called theindexof the automaton. Given a runhTr, riand an infinite pathπ ⊆Tr, letInf(π) ⊆Qbe such thatq∈Inf(π)iff there are infinitely manyy∈πfor whichr(y)∈F× {q}. A pathπ satisfiesa parity acceptance conditionF ={F1, F2, . . . , Fk}iff there is an evenifor whichInf(π)∩Fi6=∅andInf(π)∩Fi−1=∅. An automatonacceptsa forest iff there exists an accepting run of the automaton on the forest. We denote byL(A)the set of all Σ-labeled forests thatAaccepts.

Theemptiness problemfor FEAs is to decide, given a FEAA, whetherL(A) =∅.

To decide this problem, we first reduce it to the emptiness problem of a more restricted automata model: a two-way graded alternating parity tree automaton (2GAPT) is a

(7)

FEA that accepts trees (instead of forests) and cannot jump to the root of the input tree, i.e., it does not support directionshrootiand[root]in the transition relation. For each FEAA, there exists a 2GAPTA⁰ that accepts a tree encoding ofA’s language. AΣ- labeled foresthF, Viisencodedby aΣ∪ {root}-labeled treehT, V⁰iwith rootz /∈F iffroot6∈Σ,T ={z} ∪ {z·c|c∈F}, andV⁰satisfies:

– V⁰(z) ={root},

– V⁰(z·x) =V(x) for all x∈F. Then, we can prove the following.

Theorem 3. LetAbe a FEA running onΣ-labeled forests withnstates, indexkand counting boundb. There exists a 2GAPTA⁰running onΣ∪{root}-labeled trees (root 6∈

Σ) with3n+ 1states, indexk, and counting boundbsuch thatA⁰ accepts a labeled treehT, ViiffAaccepts the forest encoded byhT, Vi.

3.2 Graded nondeterministic parity tree automata

To decide the emptiness problem of 2GAPTs, we use a reduction to the emptiness problem of graded nondeterministic parity tree automata as introduced in [KSV02]. In the following, we define these automata and state some results concerning them.

For an integerb, ab-bound is a pair inBb = {(>,0),(≤,0),(>,1),(≤,1), . . . , (>, b),(≤, b)}. For a setY, we useB(Y)to denote the set of all Boolean formulas over atoms inY. Each formulaθ ∈B(Y)induces a setsat(θ)⊆2^Y such thatx∈sat(θ) iff xsatisfies θ. For an integer b ≥ 0, a b-counting constraint for 2^Y is a relation C⊆B(Y)×B_b. A tuplet=hx₁, . . . , x_mi ∈(2^Y)^msatisfies theb-counting constraint Cif for allhθ, ξi ∈C, the tupletsatisfiesξwith respect tosat(θ), that is, whenθis paired with(>, n), at leastn+ 1elements oftshould satisfyθ, and whenθis paired with(≤, n), at mostnelements in the tuple satisfyθ. We useC(Y, b)to denote the set of allb-counting constraints for2^Y.

Agraded nondeterministic parity tree automaton(GNPT, for short) is a tupleA= hΣ,b,Q,δ,q0,Fi whereΣ, b, q0, andF are as in 2GAPT,Q ⊆ 2^Y is the set of states (i.e.,Qis encoded by a finite set of variables), andδ :Q×Σ → C(Y, b)maps a state and a letter to ab-counting constraint for2^Y. Given a GNPTA, arunofAon aΣ-labeled treehT, Virooted inzis aQ-labeled treehT, risuch thatr(z) =q0and for everyx∈T, the tuplehr(x·1), . . . , r(x·deg(x))isatisfiesδ(r(x), V(x)). The run hT, riisacceptingif all its infinite paths satisfy the parity acceptance condition.

We need two special cases of GNPT: FORALLautomata and SAFETYautomata. In FORALLautomata, for eachq ∈ Qandσ ∈ Σ there iss ∈ Qsuch thatδ(q, σ) = {h(¬θs),(≤,0)i}, whereθs∈B(Y)is such thatsat(θs) ={s}. Thus, a FORALLau- tomaton is a notational variant of a deterministic tree automaton, where the transition function mapsqandσtohs, . . . , si. In SAFETYautomata, there is no acceptance condition, and all runs are accepting. Note that this does not mean that SAFETYautomata accept all trees, as it may be that on some trees the automaton does not have a run. We will need the following results concerning GNPTs.

Lemma 1. [KSV02]Given a FORALLGNPT A1 withn1 states and indexk, and a SAFETYGNPTA2withn2states and counting boundb, we can define a GNPTAwith n1n2states, indexk, and counting boundb, such thatL(A) =L(A1)∩ L(A2).

(8)

Theorem 4. [KSV02]Given a GNPTA = hΣ, b, Q, δ, q0,Fiwithnstates, indexk, counting boundb, and|Σ|=`, the nonemptiness problem forAcan be solved in time n^k`(b+ 2)^O(n(n+2+k ^log^nk)).

4 The emptiness problem for 2GAPT

We show that emptiness of the language accepted by a 2GAPT can be decided in EXPTIME. A corresponding lower bound is inherited from alternating tree automata [KVW00].

LetA =hΣ, b, Q, δ, q0,Fibe a 2GAPT. Recall thatDb = h[b]i ∪[[b]]∪ {−1, ε}

andδ : Q×Σ → B⁺(Db ×Q). Astrategy tree for Ais a2^Q×D^b^×Q-labeled tree hT,stri. Intuitively, the functionstr(from now on calledstrategy) maps each node of the tree to a set of transitions. For each labelw =str(x), we definehead(w) ={q : (q, c, q⁰) ∈ w}as the set of sourcesof w. A strategy treehT,striis on aΣ-labeled treehT, Vi, ifq0 ∈ head(str(root(T)))and for each nodex∈ T and stateq, the set {(c, q⁰) : (q, c, q⁰) ∈ str(x)} satisfiesδ(q, V(x))(whereroot(T)denotes the root of T). Intuitively, by choosing the atoms that are going to be satisfied for a nodex,str(x) removes the nondeterminism inδ.

Apromise treefor the automatonAon aΣ-labeled treehT, Viis a2^Q×Q-labeled treehT,proi. Intuitively, in a run that proceeds according topro(in the following called promise), if a nodex·ihas(q, q⁰)∈pro(x·i)and the run visits its parentxin stateqand proceeds by choosing an atom(hni, q⁰)or([n], q⁰), thenx·iis among the successors ofx that inheritq⁰. For each labelw=pro(x), we also definehead(w) ={q: (q, q⁰)∈w}

as the set ofsourcesofw.

Consider a 2GAPTA, aΣ-labeled treehT, Vi, a strategy treehT,striand a promise treehT,proiforAonhT, Vi. A(T×Q)-labeled treehTr, riisconsistentwithstrand proifhTr, risuggests a possible run ofAonhT, Visuch that whenever the runhTr, ri is in stateqas it reads a nodex∈ T, the strategystr(x)is defined, the run proceeds according to the elements ofstr(x)havingqas source, and it delivers requirements to each successorx·j according to the elements inpro(x·j)also havingq as source.

Formally,hT_r, riis consistent withstrandproiff the following hold:

– r(root(Tr)) = (root(T), q0);

– for each nodeyinTrwithr(y) = (x, q),str(x)is defined and for all(q, c, q⁰)∈ str(x), the following hold:

• Ifc=−1orc=ε, thenx·cis defined and there isj ∈IN such thaty·j∈Tr

andr(y·j) = (x·c, q⁰);

• Ifc =hniorc = [n], then for eachj ∈ IN with(q, q⁰)∈ pro(x·j), there is j⁰∈IN such thaty·j⁰ ∈Trandr(y·j⁰) = (x·j, q⁰).

Note that since the counting constraints instr(x)may not be satisfied,hTr, rimay not be a legal run.

Consider a strategy treehT,striand a promise tree hT,proion aΣ-labeled tree hT, Vi. We say that profulfills str for V if the states promised to be visited by pro satisfy the obligations induced bystras it runs onV. Formally,profulfillsstrforV if for every nodex∈T, the following hold:

(9)

– For every(q,hni, q⁰)∈ str(x), at leastn+ 1successorsx·jofxhave(q, q⁰)∈ pro(x·j);

– for every(q,[n], q⁰)∈str(x), at leastdeg(x)−nsuccessorsx·jofxhave(q, q⁰)∈ pro(x·j).

Consider a 2GAPTA, a strategy treehT,striand promise treehT,proion aΣ- labeled treehT, Vi. A sequence(x0, q0),(x1, q1). . .is atraceinduced bystrandpro ifx0is the root ofT(notice thatq0is the initial state ofA) and, for eachi≥0, one of the following holds:

– qi6∈head(str(xi))and(xi, qi)is the last pair in the trace;

– there is(qi, c, qi+1)∈str(xi)withc=−1orc=ε,xi·cdefined, andxi+1=xi·c;

– str(xi)contains(qi,hni, qi+1)or (qi,[n], qi+1), there existsj ∈ IN withxi+i = xi·j,xi+i∈T, and(q, q⁰)∈pro(xi+1).

It is not difficult to see that a sequence of pairs of nodes ofT and states ofAstarting with(root(T), q0)is a trace induced by a strategy and a promise forAon aΣ-labeled tree hT, Viif a runhTr, rionhT, Vi, which is consistent with both the strategy and the promise, has a pathπlabeled with the trace. We say that a strategy treehT,striand a promisehT,proiaregoodforhT, Viif all the infinite traces induced bystrandpro satisfy the acceptance conditionF. In [KSV02] it has been shown that a necessary and sufficient condition for a tree to be accepted by a one-way GAPT is to have a strategy tree and a promise tree good for the input tree, with the promise fulfilling the strategy.

We establish the same result with respect to the notions of strategy tree and promise tree as introduced above for 2GAPTs.

Theorem 5. A 2GAPT AacceptshT, Viiff there exist a strategy treehT,striand a promise treehT,proigood forhT, Visuch thatprofulfillsstrforV.

Strategy and promise trees allow us to define a notion of a run for alternating automata that has the same tree structure as the underlying input tree, unlike the runhT_r, ri. Since we want to translate 2GAPT into GNPT, we still have the problem that paths in a run can go both up and down. To restrict our attention to unidirectional paths, we extend to our setting the notion of annotation as defined in [Var98]. Annotations allow decomposing a path of a run into a downward path and several finite paths (detour) that come back to their origin (possibly in a loop).

LetA=hΣ, b, Q, δ, q0,Fibe a 2GAPT withF ={F1, . . . , Fk}. Recall thatDb= h[b]i ∪[[b]]∪ {−1, ε}. For each stateq ∈ Q, letindex(q)be the minimalisuch that q ∈ Fi. Consider a strategy treehT,striand a promise treehT,proifor Aon aΣ- labeled treehT, Vi, anannotation treeforAonhT,striandhT,proiishT,anniwhere theannotationannis a mappingann: T →2Q×{1,...,k}×Qsuch that for every node x∈T the following conditions hold:

– If(q, ε, q⁰)∈str(x)then(q, index(q⁰), q⁰)∈ann(x);

– if (q, j⁰, q⁰) ∈ ann(x) and (q⁰, j⁰⁰, q⁰⁰) ∈ ann(x), then (q, min(j⁰, j⁰⁰), q⁰⁰) ∈ ann(x);

– ifx=y·i,(q,−1, q⁰)∈str(x),(q⁰, j, q⁰⁰)∈ann(y),str(y)contains(q⁰⁰,hni, q⁰⁰⁰) or(q⁰⁰,[n], q⁰⁰⁰), and (q⁰⁰, q⁰⁰⁰) ∈ pro(x), then(q, min(index(q⁰), j, index(q⁰⁰⁰)), q⁰⁰⁰)∈ann(x);

(10)

– ify =x·i,str(x)contains(q,hni, q⁰)or(q,[n], q⁰),(q, q⁰)∈pro(y),(q⁰, j, q⁰⁰)∈ ann(y), and(q⁰⁰,−1, q⁰⁰⁰)∈str(y), then(q, min(index(q⁰), j, index(q⁰⁰⁰)), q⁰⁰⁰)∈ ann(x).

Given an annotation treehT,anniforAonhT,striandhT,proi, adownward pathπ induced bystr,pro, andannis a sequence(x0, q0, t0),(x1, q1, t1), . . .of triples, where x0=root(T),q0is the initial state ofA, and for eachi,xiis inT,qiis inQ, andtiis either an element ofstr(xi)orann(xi), such that: (i) eithertiis(qi, c, qi+1)for some c∈[[b]]∪[hbi],(qi, qi+1)∈pro(xi·d)for somed∈IN, andxi+1=xi·d; or (ii)tiis (qi, d, qi+1), ford∈ {1, . . . , k}, andxi+1=xi. In the first case, we considerindex(ti) as the minimaljsuch thatqi+1∈Fjand, in the second case,index(ti) =d. Moreover, for a downward pathπ, we considerindex(π)as the minimal indexindex(ti)for allti

occurring infinitely often inπ. We say that a downward pathπviolatesF ifindex(π) is odd. Given an annotation treehT,anniforAonhT,striandhT,proi, we say thatann isacceptingif there is no downward path induced bystr,pro, andannthat violatesF.

Notice that a downward pathπcan also end in a loop where the lasttiis given byann andπis accepting ifindex(ti)is even.

Theorem 6. A 2GAPT A accepts hT, Vi iff there exist a strategy tree hT,stri and a promise tree hT,proion hT, Vi, and an annotation tree hT,anni on hT,striand hT,proisuch thatprofulfillsstrforV andannis accepting.

In the following, we combine the input tree, the strategy, the promise, and the annotation into one treehT,(V,str,pro,ann)i. Given a signatureΣfor the input tree, letΣ⁰denote the extended signature for the combined trees, i.e.,Σ⁰ = Σ×2^Q×D^b^×Q×2^Q×Q× 2Q×{1,...k}×Q.

Theorem 7. LetAbe a 2GAPT running onΣ-labeled trees withnstates, indexkand counting boundb. There exists a GNPTA⁰running onΣ⁰-labeled trees with2^n(2+k^log^nk) states, indexnk, andb-counting constraints such thatA⁰accepts a tree iffAaccepts its projection onΣ.

5 E

XP

T

IME

upper bounds for enriched µ-calculi

We establish EXPTIMEupper bounds for satisfiability in the full gradedµ-calculus and the hybrid gradedµ-calculus. p For the full graded µ-calculus, we give a polynomial translation of formulas ϕinto a 2GAPT Aϕ that, roughly speaking, accepts the tree models of ϕ. By Theorem 1, we can thus decide satisfiability ofϕby checking nonemptiness ofL(L(Aϕ). There is a minor technical difficulty to be overcome: Kripke structures have labeled edges, while the trees accepted by 2GAPTs do not. This problem can be dealt with by moving the label from each edge to the target node of the edge.

For this purpose, we introduce a new propositional symbolpαfor each programα. Let thetree encodingof a tree structureK =hW, R, Libe the labeled treehW, L^∗isuch thatL^∗(w) =L(w)∪ {pα| ∃(v, w)∈R(α)withwsuccessor ofvinW}.

Theorem 8. Given a sentenceϕof the full gradedµ-calculus that has`atleast sub- sentences and counts up tob, we can construct a 2GAPTAϕsuch thatAϕ

– accepts exactly the tree encodings of tree models ofϕwith degree at most`(b+ 1),

(11)

– has|ϕ|states, index|ϕ|, and counting boundb.

In the case of the hybrid gradedµ-calculus, two additional difficulties have to be ad- dressed. First, FEAs accept forests while the hybridµ-calculus has only aquasiforest model property. This problem can be solved by introducing in node labels new propositional symbols ↑^α_o (not occurring in the input formula) that represent an α-labeled edge from the current node to the (unique) root node labeled by nominalo. Second, we have to take care of the interaction between graded modalities and the implicit edges encoded via propositions↑^a_o. To this end, we need to know the following information before constructing the FEA: which “relevant” formulas are satisfied by each nominal and which nominals are equivalent. This information is provided by a guess, which we define as follows. Theclosure cl(ϕ)of a sentenceϕof the full gradedµ-calculus is the smallest set of sentences satisfying the following:

– ϕ∈cl(ϕ);

– ifψ1∧ψ2∈cl(ϕ)orψ1∨ψ2∈cl(ϕ), then{ψ1, ψ2} ⊆cl(ϕ);

– ifhn, αiψ∈cl(ϕ)or[n, α]ψ∈cl(ϕ), thenψ, ψ∧pα∈cl(ϕ);

– ifλx.ψ(x)∈cl(ϕ), thenψ(λx.ψ(x))∈cl(ϕ).

– ifψ ∈ cl(ϕ), then¬ψ ∈ cl(ϕ), where¬ψdenotes the formula obtained fromψ by dualizing all operators and replacing every literal (i.e., atomic proposition or negation thereof) with its negation.

Aguessfor ϕis a pair(t,∼)wheretassigns a subsett(o) ⊆ cl(ϕ)to eacho ∈ Nom, and∼is an equivalence relation on the set of nominals occurring inϕsuch that the following conditions are satisfied, for all formulas ψ ∈ cl(ϕ)and nominals o, o⁰ occurring in ϕ: (i)ψ ∈ t(o)or ¬ψ ∈ t(o), (ii)o ∈ t(o), and (iii) o ∼ o⁰ implies t(o) = t(o⁰). We construct a separate FEA Aϕ,G for each guessGforϕ. Since the number of guesses is exponential in the length of ϕ, we get an EXPTIME decision procedure by constructing all of the FEAs and checking whether some of them accept a nonempty language. Forest encodings of forest models are defined similar to tree encodings of tree models with the additional property that↑^α_o∈L^∗(w)iff there exists (w, v)∈R(α)such thatvis a root ofW ando∈L^∗(v).

Theorem 9. Given a sentence ϕof the hybrid graded µ-calculus that has ` atleast subsentences, counts up tob, containsknominals, and a guessG= (t,∼)forϕ, we can construct a FEAAϕ,Gsuch thatAϕ,G

– accepts exactly the forest encodings of the quasi forest models ofϕhaving degree at mostmax{k+ 1, `(b+ 1)}, and

– hasO(|ϕ|²)states, index|ϕ|, and counting boundb.

Given a sentence of the full gradedµ-calculus with`at-least subformulas, we get by Theorems 7 and 8 a GNPTAϕwith the number of statesnand indexkbounded by|ϕ|, and|Σ|and the counting boundbbounded by2^|ϕ|. While the latter are exponential in

(12)

|ϕ|, onlynandkappear in the exponents in the expression in Theorem 4. This yields the desired EXPTIMEupper bound. The lower bound is due to the fact that theµ-calculus is EXPTIME-hard [FL79]. For the hybrid gradedµ-calculus, we can argue similarly using Theorems 3, 7, and 9.

Theorem 10. The satisfiability problems of the full gradedµ-calculus and the hybrid gradedµ-calculus areEXPTIME-complete even if the numbers in the graded modalities are coded in binary.

References

[BHS02] F. Baader, I. Horrocks, and U. Sattler. Description logics for the semantic web. KI – K¨unstliche Intelligenz, 3, 2002.

[BM+03] F. Baader, D.L. McGuiness, D. Nardi, and P. Patel-Schneider.The Description Logic Handbook: Theory, implementation and applications. Cambridge Univ. Press, 2003.

[BC96] G. Bhat and R. Cleaveland. Efficient local model-checking for fragments of the modal mu-calculus. InProc. of TACAS’96, LNCS 1055, pages 107-126, 1996.

[BL+06] P.A. Bonatti, C. Lutz, A. Murano and M.Y. Vardi. The Complexity of Enriched µ-calculi. Chair for Automata Theory, Institute for Theoretical Computer Science, Dresden University of Technology, 2006, LTCS-Report, LTCS-06-02, Germany, see http://lat.inf.tu-dresden.de/research/reports.html.

[BP04] P.A. Bonatti and A. Peron. On the undecidability of logics with converse, nominals, recursion and counting.Artificial Intelligence, 158(1):75-96, 2004.

[CGL01] D. Calvanese, G. De Giacomo, and M. Lenzerini. Reasoning in expressive description logics with fixpoints based on automata on infinite trees. InProc. of the 16th Int. Joint Conf. on Artificial Intelligence (IJCAI’99), pages 84-89, 1999.

[FL79] M.J. Fischer and R.E. Ladner. Propositional dynamic logic of regular programs.Jour- nal of Computer and Systems Sciences, Vol.18, pages 194-211, 1979.

[Jut95] C.S. Jutla. Determinization and memoryless winning strategies. Information and Computation, 133(2):117–134, 1997.

[Koz83] D. Kozen. Results on the propositionalµ-calculus. Theoretical Computer Science, Vol.27, pages 333-354, 1983.

[KSV02] O. Kupferman, U. Sattler, and M.Y. Vardi. The complexity of the Gradedµ-calculus.

InProc. of the 18th CADELNAI 2392, pages 423-437, 2002.

[KVW00] O. Kupferman, M.Y. Vardi, and P. Wolper. An automata-theoretic approach to branching-time model checking.Journal of the ACM, Vol.47(2), pages 312-360, 2000.

[MS87] D.E. Muller and P.E. Schupp. Alternating automata on infinite trees. Theoretical Computer Science, Vol.54, pages 267–276, 1987.

[Saf89] S. Safra. Complexity of automata on infinite objects.PhD thesis, Weizmann Institute of Science, Rehovot, Israel, 1989.

[SV01] U. Sattler and M. Y. Vardi. The hybrid mu-calculus. InProc. of IJCAR’01, Vol.2083 of LNAI, pages 76-91. Springer Verlag, 2001.

[Tho90] W. Thomas. Automata on Infinite Objects. InHandbook of Theoretical Computer Science, pages 133 – 191, 1990.

[Tho97] W. Thomas. Languages, automata, and logic. In Handbook of Formal Language Theory, volume III, pages 389-455, G. Rozenberg and A. Salomaa editors, 1997.

[Var98] M.Y. Vardi. Reasoning about the Past with Two-Way Automata. In Proc. of ICALP’98, LNCS 1443, pages. 628–641, 1998.