Branching Bisimilarity of Normed BPA Processes as a Rational Monoid

Branching Bisimilarity of Normed BPA Processes as a Rational Monoid

arXiv:1602.05151v1 [cs.LO] 16 Feb 2016

Petr Janˇcar Dept Comp. Sci., FEI, Techn. Univ. of Ostrava, CZ

Abstract The aim is to highlight and elaborate the structural result for branching bisimilarity on normed BPA (Basic Process Algebra) processes that was the crux of a conference paper by Czerwi´ nski and Janˇcar (arxiv 7/2014 and LiCS 2015 [CJ-2014,2015]). That paper focused on the computational complexity, and a NEXPTIME-upper bound has been derived; the authors built on the ideas by Fu (ICALP 2013), and strengthened his decidability result. Later He and Huang announced the EXPTIME-completeness of this problem (arxiv 1/2015, and LiCS 2015), giving a technical proof for the EXPTIME membership. He and Huang indirectly acknowledge the decomposition ideas in [CJ-2014] on which they also built, but it is difficult for the reader to understand what was their starting point and what are the crucial new ideas. One aim here is to present the previous decomposition result of [CJ-2014,2015] in a technically new framework, noting that branching bisimulation equivalence on normed BPA processes corresponds to a rational monoid (in the sense of Sakarovitch); in particular it is shown that the mentioned equivalence can be decided by normal-form computing deterministic finite transducers. Another aim is to provide a complete description, including an informal overview that should also make clear how Fu’s ideas were used, and to give all proofs in a form that should be both rigorous and readable. The paper finishes by some remarks on the computational complexity of the problem, also noting that no rigorous proof for the EXPTIME-hardness has been given so far.

1

Introduction

Bisimulation equivalence (or bisimilarity) is a fundamental notion in theory of processes, and the respective decidability and complexity questions are a natural research topic; we can refer to [19] for an (updated) overview of the results in a specific area of process rewrite systems. One basic model of infinite-state systems is called Basic Process Algebra (BPA), which can be naturally related to context-free grammars in Greibach normal form. Here the processes are identified with finite sequences of variables (nonterminals); a process Aα can change by a performing an action, denoted by Aα −→ βα, in which case its leftmost variable A is rewritten according to a grammar rule A −→ aβ. The seminal paper by Baeten, Bergstra and Klop [1] showed the decidability of bisimilarity on nBPA, i.e. on the normed BPA processes, where each variable can be stepwise rewritten to the empty word; this decidability result was later extended to the whole class BPA [5]. Further exploration placed the problem on nBPA even in PTime [12] (this problem is thus PTime-complete [2]); we can refer to [6] for further references and a way towards the so far best known upper bound. The bisimilarity problem 1

for the whole class BPA is known to be ExpTime-hard [15] and to belong to 2-ExpTime (claimed in [3] and explicitly proven in [14]). When also internal (unobservable) actions of systems are taken into account, the most studied generalization of bisimilarity is weak bisimilarity [17] but the relevance of the finer equivalence called branching bisimilarity is also well argued [20]. The (un)decidability status of weak bisimilarity on BPA, as well as on nBPA, is still open, but we have the ExpTime-hardness result by Mayr [16] for weak bisimilarity on nBPA. Similarly, the decidability status of weak bisimilarity is still open in the case of (normed) Basic Parallel Processes, which is the parallel (or commutative) version of BPA. The situation seems more favourable in the case of branching bisimilarity. It was first shown decidable for the normed Basic Parallel Processes [7], and then Fu [9] showed the decidability on nBPA. A later paper [21] shows that the mentioned decidability results for branching bisimilarity cannot be essentially extended, possibly with the exception of the full classes of BPA processes and of Basic Parallel Processes for which the decidability question remains open. The case of branching bisimilarity on nBPA is the main topic of this paper. We first note that Fu’s decidability result [9] is substantially stronger than the previous results dealing with so called totally normed BPA [13, 4] (where no variable can “disappear” by unobservable actions). In the case of totally normed BPA processes even a polynomial time algorithm is suggested in [10], building on the unique-decomposition results and techniques that were previously used in the case of (strong) bisimilarity on nBPA. A crucial novel idea in Fu’s decidability proof is a use of the notion that can be called the class-change norm (called the branching norm in [9]); while the standard norm counts all steps in rewriting a process to the empty word, the class-change norm only counts the steps that change the current equivalence-class. It is not clear how to compute this norm directly but equivalent processes α ∼ β must agree on this norm. Another useful fact shown by Fu is that the relation of αγ and βγ (either αγ ∼ βγ or αγ 6∼ βγ) is determined solely by the redundant variables w.r.t. γ, i.e. by those X for which Xγ ∼ γ, independently of the string γ itself. This paper is based on the research reported on in [8], performed with W. Czerwi´ nski (see Author’s acknowledgements). The main new idea there was to use the decompositions of processes that are relative to a given set of (redundant) variables; the notion is also based on the (semantic) class-change norm. This structural result is here slightly reworked and presented in a technically new framework; it is shown that the quotient of branching bisimulation equivalence on nBPA is a rational monoid (in the sense of Sakarovitch [18]). In particular, the mentioned equivalence can be decided by (canonical) normal-form computing deterministic finite transducers; the size of such a transducer can be easily bounded by an exponential function of the size of the given nBPA system. The paper aims to provide a complete description, including an informal overview that should make clear how Fu’s ideas are used, and to give all proofs in a form that should be both rigorous and readable. This also includes the part that shows a “consistency” property of canonical transducers that is easily verifiable and guarantees that two strings with the same translations are branching bisimilar. The branching bisimilarity problem on nBPA is thus in NExpTime (while Fu’s decidability result via a tableau framework has not provided any complexity bound). Further comments on complexity, and on the related paper [11] by He and Huang, are given in Section 7. Structure of the paper. In Section 2 we define the used notions and make some simple 2

observations. Section 3 gives an informal overview, which is then formalized in Sections 4, 5, and 6. Section 7 adds some comments on complexity.

2

Preliminaries

We put N = {0, 1, 2, . . . }, and [i, j] = {i, i+1, . . . , j} for i, j ∈ N. For a set R, by R∗ we denote the set of finite sequences of elements of R, also called words, or strings, over R; by ε we denote the empty string, and we put R+ = R∗ r {ε}. For a string α ∈ R∗ , by |α| we denote its length. By the concatenation C · C ′ of sets C, C ′ ⊆ R∗ we mean the set {αβ | α ∈ C, β ∈ C ′ }. Labelled transition systems. A labelled transition system, an LTS for short, is a tuple a

L = (S, A, (−→)a∈A ) a

where S is the set of states, A is the set of actions and −→⊆ S × S is the set of a-labelled transitions. We reserve the symbol τ for the (unique) silent action; the visible actions are the elements of A r {τ }. a

a

w

We write s −→ t rather than (s, t) ∈−→ (for a ∈ A), and we define s −→ t for w ∈ A∗ u au w ε a inductively: s −→ s; if s −→ s′ and s′ −→ t, then s −→ t. By s −→ t we sometimes also refer to a concrete respective path from s to t in L. (We do not exclude cycles in the paths.) Branching bisimilarity. a Given an LTS L = (S, A, (−→)a∈A ), a relation B ⊆ S × S is a branching bisimulation on L if for any (s, t) ∈ B the following conditions hold: a

i) for any a ∈ A and s′ ∈ S such that s −→ s′ we have a) a = τ and (s′ , t) ∈ B, or τ

τ

τ

a

b) there is a sequence t = t0 −→ t1 −→ · · · −→ tk −→ t′ (for some k ≥ 0) such that (s′ , t′ ) ∈ B and (s, ti ) ∈ B for all i ∈ [1, k]. a

ii) for any a ∈ A and t′ ∈ S such that t −→ t′ we have a) a = τ and (s, t′ ) ∈ B, or τ

τ

τ

a

b) there is a sequence s = s0 −→ s1 −→ · · · −→ sk −→ s′ (for some k ≥ 0) such that (s′ , t′ ) ∈ B and (si , t) ∈ B for all i ∈ [1, k]. By s ∼ t, to be read as “states s, t are branching bisimilar ”, we denote that there is a branching bisimulation containing (s, t). We can easily verify the standard facts that ∼⊆ S × S is the union of all branching bisimulations (on L), and thus the largest branching bisimulation, and that ∼ is an equivalence relation. Attacker-Defender game. It is also useful to characterize ∼ in terms of the following round-based game between Attacker (he) and Defender (she). In any round starting with a pair (s, t), a play proceeds as follows: 3

a

a

1. Attacker chooses a transition s −→ s′ or t −→ t′ (if there is no such transition, he loses). a

2. If Attacker has chosen s −→ s′ , then (a) if a = τ , then Defender can choose the pair (s′ , t) as the starting pair for the next round, but she is not obliged to do this; if this option is not relevant (a 6= τ ) or has not been chosen, then τ

τ

τ

a

(b) Defender chooses a path t = t0 −→ t1 −→ · · · −→ tk −→ t′ (if there is no such path, she loses). Afterwards Attacker chooses either the pair (s′ , t′ ) or one of the pairs (s, ti ), i ∈ [1, k], as the starting pair for the next round. a

3. If Attacker has chosen t −→ t′ , then the play proceeds symmetrically. Any infinite play is viewed as a win of Defender. It is obvious that Defender has a winning strategy from the pair (s, t) iff s ∼ t (and Attacker has a winning strategy iff s 6∼ t). Class-change norm. We now introduce a notion and make simple observations that turn out very useful for our aims. We say that a

a transition s −→ s′ (in an assumed LTS L) is ∼-class-changing if s 6∼ s′ . It is useful to view Defender as claiming that the starting pair (s, t) of each round satisfies s ∼ t (until she is possibly contradicted). Hence the choice (s′ , t) in the point 2(a) is viewed τ as a claim by Defender that s −→ s′ is not ∼-class-changing. In the point 2(b) Defender τ τ τ “claims” that all transitions in the path t0 −→ t1 −→ · · · −→ tk are not ∼-class-changing. a

a

a

1 2 k Observation 1. If s ∼ t, then for any path s = s0 −→ s1 −→ · · · −→ sk (for k ≥ 0) where

a′

a′

a′ ′

1 2 k tk ′ there are (precisely) ℓ ∼-class-changing transitions there is a path t = t0 −→ t1 −→ · · · −→ also with ℓ ∼-class-changing transitions where sk ∼ tk′ . Moreover, we can also require that a′1 a′2 . . . a′k′ has the same visible content as a1 a2 . . . ak , i.e., these strings become equal when every occurrence of τ is replaced with ε.

This also has the trivial consequence formulated in Observation 2 for the “class-change w distance” to the silent states. A state s is silent if s −→ s′ entails w ∈ {τ }∗ . (Hence we can never perform a visible action when starting from a silent state.) Let Ssil be the set of silent a states (in L = (S, A, (−→)a∈A )); it is obviously a (maybe empty) equivalence class of ∼ (for all s, t ∈ Ssil we have s ∼ t, and s ∈ Ssil , t 6∈ Ssil implies s 6∼ t). By hhsii we define the cc-norm of s, its “class-change distance” to Ssil , i.e., the smallest ℓ such that there is a path s = s0 −→ s1 −→ · · · −→ sk with ℓ ∼-class-change transitions where sk ∈ Ssil ; we put hhsii = ω if Ssil is not reachable from s. Observation 2. If s ∼ t, then hhsii = hhtii. Remark. As already mentioned, the cc-norm was introduced by Fu in [9], who used the name “branching norm” and a slightly different form. BPA systems and processes. We will view a BPA system (where BPA stands for Basic Process Algebra) as a contextfree grammar in Greibach normal form, with no starting variable (nonterminal). We denote it as G = (V, A, R) 4

where V is a finite set of variables (or nonterminals), A is a finite set of actions (or terminals), a which can contain the silent action τ , and R is a finite set of rules of the form A −→ α where A ∈ V, a ∈ A, α ∈ V ∗ . A BPA system G = (V, A, R) has the associated LTS a

LG = (V ∗ , A, (−→)a∈A ) a

a

where each rule A −→ α in R induces the transitions Aβ −→ αβ for all β ∈ V ∗ . The states of LG , i.e. the strings of variables, are also called processes. Normed BPA systems (nBPA), and the standard norm. w A variable A ∈ V is normed if there is w ∈ A∗ such that A −→ ε. A BPA system G = (V, A, R) is normed, i.e. an nBPA system, if each A ∈ V is normed. Given a normed BPA system G = (V, A, R), the norm kαk of α ∈ V ∗ is the length |w| of w τ a shortest w ∈ A∗ such that α −→ ε. (Note that the silent steps −→ are also counted.) A a transition α −→ β is norm-reducing if kαk > kβk, in which case kβk = kαk−1, in fact. The facts captured by the next proposition are standard; they also entail that we can check in polynomial time whether a BPA system is normed. Proposition 3. (1) kεk = 0. (2) kαβk = kαk + kβk. a (3) kAk = 1 + kαk for a norm-reducing rule A −→ α. (4) There is a polynomial-time algorithm that computes kAk for each A ∈ V (when given G = (V, A, R)). (5) The values kAk are at most exponential in size(G). We note in particular that the algorithm in the point (4) can be naturally based on the dynamic programming paradigm: We first temporarily assume that kAk = ω (the norm is infinite) for all variables; this also temporarily yields kαk = ω for all rhs (right-hand sides) of a the rules A −→ α, except of α = ε where we use that kεk = 0. Now we repeatedly look for a a variable A with a temporary norm that has a rule A −→ α with the least (so far defined) kαk; for such A we put definitively kAk = 1 + kαk (and recompute the norms of rhs). Branching bisimilarity problem for nBPA. Given an nBPA system G = (V, A, R) and two processes α, β ∈ V ∗ we ask if α ∼ β, i.e., if α and β are branching bisimilar as the states in LG . By hhαii we refer to the cc-norm of α in LG . By Observation 2 we know that α ∼ β implies hhαii = hhβii. We have shown how to compute the (“syntactic”) norm kαk, but it is unclear how to compute the (semantic) norm hhαii. Nevertheless, we can at least easily observe that hhαii ≤ kαk (and hhAii is thus at most exponential by (5) in Prop. 3).

3

Informal overview

The main result will show that branching bisimilarity for a given nBPA system G = (V, A, R), i.e. the respective equivalence relation ∼ on V ∗ , can be decided via a canonical “normalform-computing” finite-state deterministic transducer T G , of at most exponential size w.r.t. size(G). More precisely, we have α ∼ β iff T G (α) = T G (β), 5

where T G (α), the translation of α, is the output string (also from V ∗ ) that is computed by T G when processing the input string α. We will have the idempotence, i.e. T G (T G (α)) = T G (α), and thus also α ∼ T G (α); hence T G (α) can be naturally viewed as a normal form of α, and thus α, β are equivalent iff they have the same normal forms. The transducers are based on a decomposition property of ∼, which will naturally suggest to proceed from-right-to-left when processing strings α ∈ V ∗ . The aim of the rest of this section is to convey the main ideas, using also an example; the proof ideas are sketched but no rigorous proofs are given here. The notions and claims are formalized and proven in the later sections, which do not depend on the overview given here. Let us consider the BPA system G = (V, A, R) where • V = {A, B, C, D, E}, • A = {τ } ∪ {a, b, c, d}, τ

a

b

τ

b

a

a

c

• R = {A −→ ε, A −→ C, A −→ ε, B −→ ε, B −→ ε, C −→ CC, C −→ D, C −→ ε, a

b

d

d

τ

D −→ CD, D −→ D, D −→ EF, E −→ ε, F −→ ε}. We easily note that each variable is normed, hence G is an nBPA system; e.g., kDk = 3 since d

d

τ

a shortest path from D to ε is D −→ EF −→ F −→ ε. We also note that F is here the only silent variable (i.e., a variable which is a silent state in LG ). The set of silent variables is Vsil = {F }, and the set of silent states (in LG ) is (Vsil )∗ = {F }∗ . We thus have ε ∼ α iff α ∈ {F }∗ . Informally we can say that Defender has to care that if a string from (Vsil )∗ appears on one side, then a (maybe different) string from (Vsil )∗ must appear on the other side. I.e., when Attacker can choose a pair (α1 , α2 ) for the next round where αi ∈ (Vsil )∗ and α3−i 6∈ (Vsil )∗ , then he wins; on the other hand, any pair (α1 , α2 ) where both α1 , α2 belong to (Vsil )∗ is a winning pair for Defender. Now suppose that a play starts from (αD, βD). For the variable D we can easily verify that we have D ∼ F D (for the silent variable F ) but also D ∼ AD, D ∼ BD (for the nonsilent variables A, B); we also note that D 6∼ CD, D 6∼ DD. For any string γ ∈ V ∗ we define the set red(γ) = {X ∈ V | Xγ ∼ γ} of the redundant variables w.r.t. γ. We have shown that red(ε) = Vsil = {F }, and red(D) = {A, B, F }. The following equivalence is one crucial fact (that already appeared in [9]): αγ ∼ γ ⇐⇒ hhαγii = hhγii ⇐⇒ α ∈ (red(γ))∗ .

(1)

By Observation 2, αγ ∼ γ implies hhαγii = hhγii. On the other hand, if hhαγii = hhγii, then τ τ α must be silently erasable (αγ −→ · · · −→ γ) without any change of the equivalence-class (recall Observation 1); hence αγ ∼ βγ ∼ γ for any suffix β of α, and in particular we have 6

Xγ ∼ γ for the last variable in α (if α 6= ε). The second equivalence ⇐⇒ now follows by an induction on |α|, using the (easily verifiable) fact that ∼ is a congruence (and thus Xγ ∼ γ implies α′ Xγ ∼ α′ γ). In our concrete case we have αD ∼ D iff α ∈ (red(D))∗ = {A, B, F }∗ . Hence when playing from (αD, βD), Defender can play as if from (α, β) but has to care that if a string from (red(D))∗ appears on one side, then a (maybe different) string from (red(D))∗ must appear on the other side. This observation naturally leads us to consider the relative equivalences ∼R for R ⊆ V; the respective game is the normal (branching bisimulation) game but played in the LTS LG,R that arises from LG by declaring all states α ∈ R∗ silent. (Later we technically achieve this by trimming away the maximal suffix in R∗ from each state α ∈ V ∗ , by which α ∈ R∗ changes to ε.) For a general set R ⊆ V, the above “declare states in R∗ silent” does not correspond exactly to “any string from R∗ must be matched by a string from R∗ ” since there might R r R, i.e., variables that are silent in L be variables X ∈ Vsil G,R but do not belong to R. Nevertheless, we will only work with the admissible sets R ⊆ V, i.e., with those satisfying R ⊆ R (which is the same as V R = R since any A ∈ R is a silent state in L Vsil G,R by definition). sil It is easy to verify that each red(γ) is admissible. We now note another crucial fact (that also appears in [9], though not referring to LG,R explicitly): αγ ∼ βγ ⇐⇒ α ∼red(γ) β; (2) in particular α ∼ β iff α ∼Vsil β. In our concrete example we have α ∼{A,B,F } β iff αD ∼{F } βD (iff αD ∼ βD). This naturally suggests that the announced transducer T G will have the sets R ⊆ V as control D states, where one concrete transition will be {A, B, F } ←− {F }. (Our notation visualizes the ?

right-left direction.) Generally we will have γ

red(γ) ←− Vsil ?

where we put the question mark “?” in the place of the translation T G (γ) that we define below. We come to the final crucial fact: αA ∼ βB, hhAii ≥ hhBii =⇒ A ∼ γB for some γ.

(3)

This is clear by observing that in a play starting from (αA, βB) Attacker can stepwise erase α until reaching (the first) α′ A where hhα′ Aii = hhAii; maybe α′ 6= ε but we have α′ A ∼ A by the fact (1). Defender must be able to match this (when αA ∼ βB), while only her last move finishes in a state with the cc-norm hhAii (the previous states have bigger cc-norms); this last state thus must be of the form γB, and it must be equivalent to A. Since A ∼ γB implies αA ∼ αγB (by the congruence property), the pair (αA, βB) can be “handled” as (αγB, βB), i.e., as a special case of (2): αγB ∼ βB iff αγ ∼red(B) β. For continuing the “right-left” processing, we need to generalize the above facts (1), (2), (3) to the equivalences ∼R for (admissible) R ⊆ V. But this is straightforward, when we put 7

red(γ, R) = {X ∈ V | Xγ ∼R γ} and define hhαiiR as hhαii in the LTS LG,R (that arises from LG by viewing all states α ∈ R∗ as silent). To specify the output-part of the transducer T G , we introduce the notion of “relative primevariables” and the respective (relative) prime-decompositions of strings. We say that a variable A is R-decomposable if A ∼R ε or A ∼R γB for some γ and B where hhAiiR > hhBiiR ≥ 1; otherwise A is R-non-decomposable. In each ∼R -class on the set of R-non-decomposable variables we choose a representant variable that is called an R-prime. We now define TR (α), the translation of α when the transducer T G starts in the state R; we use the following inductive definition (the induction being based on hhαiiR ), which is obviously sound: A

a) If A ∼R ε, then TR (αA) = TR (α). (We have R ←− R.) ε

A

b) If A is an R-prime, then TR (αA) = TR′ (α)A for R′ = red(A, R). (We have R′ ←− R.) A

c) If A ∼R γB, then TR (αA) = TR (αγB). (This comprises the case when γ = ε and B is an R-prime.) As expected, we put T G (α) = TVsil (α). By definition we indeed have the idempotence, i.e. TR (α) = TR (TR (α)), and we also have α ∼R TR (α). We can also easily check that α ∼R β iff TR (α) = TR (β). We note that the construction of the above “canonical” transducer T G is not defined effectively (i.e., not algorithmically), but its size is surely at most exponential in size(G): there are at most exponentially many control states R ⊆ V, and the string γ = TR (A) A

in any transition R′ ←− R satisfies |γ| ≤ hhγiiR (since γ = Am Am−1 . . . A1 entails that γ

hhAi+1 Ai . . . A1 iiR > hhAi . . . A1 iiR for all i ∈ [1, m−1], as can be easily verified), and the fact A ∼R TR (A), i.e. A ∼R γ, entails that hhγiiR = hhAiiR ≤ kAk, where kAk is at most exponential in size(G), as we noted at the end of Section 2. In Section 6 we show that for a given transducer T (not necessarily a canonical one) we can efficiently check if T is consistent, i.e., if the relation ≡T (where α ≡T β ⇔df T (α) = T (β)) is a branching bisimulation. This immediately places the branching bisimilarity problem for nBPA in NExpTime; further remarks on the complexity are given in Section 7.

4

Decomposition property of branching bisimilarity on nBPA

We now give a more formal treatment, with detailed proofs, of the notions and claims touched on in Section 3. The following text is self-contained, technically not relying on anything from Section 3.

4.1

Equivalences ∼R

Given an nBPA system G = (V, A, R), we have already defined branching bisimilarity ∼ on V ∗ ; we now make a generalization that yields the equivalences ∼R on V ∗ for all sets R ⊆ V, 8

where we will have ∼ = ∼∅ . These equivalences will help us to formulate a decomposition property (Lemma 9) that naturally leads to the announced transducers, in which R ⊆ V will serve as control states. One crucial fact for this decomposition will be captured by Lemma 6. For R ⊆ V we first define the equivalence ∼trim as branching bisimilarity on the LTS R arising from LG so that we ignore (“trim away”) all suffixes from R+ ; a formal definition follows. For α ∈ V ∗ and R ⊆ V we define trim(α, R) inductively: trim(ε, R) = ε; trim(αA, R) = αA if A 6∈ R, and trim(αA, R) = trim(α, R) if A ∈ R. We say that α is R-trimmed if trim(α, R) = α. An nBPA system G = (V, A, R) and a set R ⊆ V generate the LTS a

LG,R = ({α ∈ V ∗ | α is R-trimmed}, A, (−→)a∈A ) a

where the transitions are defined as follows: if A 6∈ R and A −→ α is a rule in R, then a a A −→ trim(α, R) is a transition; if A −→ α is a rule (for any A ∈ V) and β is a nonempty a R-trimmed string then Aβ −→ αβ is a transition. Now ∼trim is defined to be branching bisimilarity on LG,R . R We extend ∼trim to the equivalence relation ∼R on the whole set V ∗ : for α, β ∈ V ∗ we put R α ∼R β ⇔df trim(α, R) ∼trim trim(β, R). R Hence α ∼trim β entails that α, β are R-trimmed, while strings α, β satisfying α ∼R β can R finish with (ignored) suffixes from R+ . Since trim(α, ∅) = α, we have ∼ = ∼∅ .

4.2

Relative silent variables, cc-norms, and redundant variables

Before stating and proving a crucial decomposition property (Lemma 6), we introduce some useful notions and make some observations and a convention; these deal with the “silent variables” and the context-dependent “redundant variables” in the LTSs LG,R . We say that w

a variable X ∈ V is R-silent if for any path X −→ α in LG,R we have w ∈ {τ }∗ . We also say silent instead of ∅-silent, and we put R = {X ∈ V | X is R-silent} and V Vsil sil = {X ∈ V | X is silent}. R by definition, and that the set of R-silent variables can be found easily: We note that R ⊆ Vsil R when given G = Proposition 4. There is a polynomial algorithm that constructs Vsil (V, A, R) and R ⊆ V.

Proof. We first observe that Vsil is the largest subset of V satisfying a

X ∈ Vsil =⇒ for any rule X −→ δ we have a = τ and δ ∈ (Vsil )∗ .

(4)

Starting from the overapproximation V of Vsil , we can stepwise remove all variables X from the (stepwise-decreasing) overapproximation that do not satisfy the implication (4); we thus construct Vsil as the fixpoint reached by this process. For R ⊆ V we now note that an R-trimmed string γ is a non-silent state in LG,R iff R is the largest subset of V that γ = γ ′ Y where γ ′ 6∈ (Vsil )∗ or Y is not R-silent. Hence Vsil (subsumes R and) satisfies 9

a

R r R =⇒ for any rule X −→ δ we have a = τ and trim(δ, R) ∈ (V )∗ ∪ (V )∗ · V R . X ∈ Vsil sil sil sil R . Hence we can again apply an overapproximation-decreasing process to construct Vsil

We note that the class of silent states in LG is [ε]∼ = {α | α ∼ ε} = (Vsil )∗ . Though R iff X ∼ ε, generally we do not have [ε] R ∗ X ∈ Vsil R ∼R = (Vsil ) . (E.g., if the only rule for τ a A 6∈ R is A −→ B where B ∈ R and there is a rule B −→ δ for a 6= τ , then A ∼R ε but R ⊆ R, AA 6∼R ε.) Nevertheless, the sets R in which we are interested have the property Vsil R = R. We say that i.e. Vsil R = R. R ⊆ V is admissible if Vsil

For admissible sets we have [ε]∼R = R∗ (as will be shown in Prop. 5(2)); in other words, ε is ∅ = V ; the only silent state in LG,R . We note that ∅ is not admissible if Vsil 6= ∅, since Vsil sil on the other hand, Vsil is admissible. We recall the cc-norm hhαii in LG (the “class-change distance” to the set of silent processes). By hhαiiR we refer to the cc-norm in LG,R ; we define it for general α ∈ V ∗ by putting hhαiiR = hhtrim(α, R)iiR . We also note that α ∼R β implies hhαiiR = hhβiiR (using Observation 2). By the set of R-redundant variables w.r.t. γ ∈ V ∗ we mean the set γ

red(γ, R) = {X ∈ V | Xγ ∼R γ}; we often write R′ ←− R instead of R′ = red(γ, R). γ

ε

We note that Vsil ←− ∅. In Prop. 5(5) we show that all elements of {R | R ←− ∅ for some γ ∈ V ∗ } are admissible. Convention. In what follows, the notions like ∼R , LG,R , “R-silent” etc. are implicitly R = R, unless related to the admissible sets R ⊆ V only, i.e., to the sets R satisfying Vsil explicitly stated otherwise. Proposition 5. The following conditions hold, assuming R is admissible (where relevant): 1. ∼ = ∼∅ = ∼Vsil . α 2. α ∼R ε ⇐⇒ α ∈ R∗ ⇐⇒ hhαiiR = 0. Thus for α ∈ R∗ we have R ←− R. α

β

3. α ∼R β implies γα ∼R γβ, and red(α, R) = red(β, R) (if R′ ←− R then R′ ←− R). γ 4. αγ ∼R γ ⇐⇒ hhαγiiR = hhγiiR ⇐⇒ α ∈ (R′ )∗ where R′ ←− R. γ γ 5. If R′ ←− R (and R admissible), then R′ is admissible. If R′ ←− ∅, then R′ is admissible. Proof. 1. We have ∼ = ∼∅ since LG = LG,∅ . We note that the set ′ ′ ∗ B1 = {(αα′ , ββ ′ ) | α ∼trim Vsil β and α , β ∈ Vsil }

is a branching bisimulation on LG ; this is obvious by noting that α ∼trim Vsil ε entails α = ε (since α is Vsil -trimmed). Hence γ ∼Vsil δ implies (γ, δ) ∈ B1 , and thus γ ∼ δ; i.e., ∼Vsil ⊆∼. To show ∼⊆∼Vsil , we note that the set B2 = {(trim(α, Vsil ), trim(β, Vsil )) | α ∼ β}

10

is a branching bisimulation on LG,Vsil ; this is clear when noting that α ∼ β implies that trim(α, Vsil ) = ε iff trim(β, Vsil ) = ε. Hence γ ∼ δ implies (trim(γ, Vsil ), trim(δ, Vsil )) ∈ B2 , and thus γ ∼Vsil δ. 2. We first show that α ∈ R∗ iff hhαiiR = 0. If α ∈ R∗ , then trim(α, R) = ε, and hhεiiR = 0. If α 6∈ R∗ , then trim(α, R) is not a silent state in LG,R since it contains a nonR ⊆ R), and thus hhαii > 0. Now we show that α ∈ R∗ iff R-silent variable (recall that Vsil R ∗ α ∼R ε. If α ∈ R , then trim(α, R) = ε, and thus α ∼R ε. If α 6∈ R∗ , then in LG,R we have a trim(α, R) −→∗ δ −→ δ′ for some δ, δ′ and a 6= τ , and thus α 6∼R ε. Finally, for α ∈ R∗ we α have Xα ∼R α iff X ∼R ε by definition, and thus Xα ∼R α iff X ∈ R; therefore R ←− R. 3. Suppose α ∼R β, and let α′ = trim(α, R), β ′ = trim(β, R). We have α′ ∼trim β ′ , and R by the point 2 either α′ = β ′ = ε or both α′ and β ′ are nonempty. In the case α′ = β ′ = ε we have trim(γα, R) = trim(γ, R) = trim(γβ, R), and thus trim(γα, R) ∼trim trim(γβ, R), R which entails γα ∼R γβ. In the case when α′ , β ′ are nonempty, any pair (γα′ , γβ ′ ) belongs to the set B = ∼trim ∪ {(δα′ , δβ ′ ) | δ ∈ V ∗ } R that is clearly a branching bisimulation on LG,R (since α′ ∼trim β ′ ). Hence α ∼R β implies R γα ∼R γβ. In particular, α ∼R β implies Xα ∼R Xβ for any X ∈ V; hence Xα ∼R α iff Xβ ∼R β. Therefore α ∼R β implies red(α, R) = red(β, R). 4. Let R′ = {X ∈ V | Xγ ∼R γ}. By the point 3, if Xγ ∼R γ then αXγ ∼R αγ; hence α ∈ (R′ )∗ implies αγ ∼R γ (by induction on |α|), and thus hhαγiiR = hhγiiR (by Observation 2). Now we assume hhαγiiR = hhγiiR , and by induction on |α| we show that α ∈ (R′ )∗ . For |α| = 0 the claim is trivial, so assume α = α′ X. If γ if R-silent, i.e. γ ∼R ε, then γ ∈ R∗ and R′ = R (by the point 2); in this case hhαγiiR = hhαiiR and hhγiiR = 0, hence hhαiiR = 0 and thus α ∈ R∗ = (R′ )∗ . Now we assume that γ 6∼R ε, and w.l.o.g. that γ is a nonempty R-trimmed string. Any path from the state αγ = α′ Xγ to the silent state ε in LG,R must have a prefix α′ Xγ −→∗ Xγ −→∗ γ, which has no ∼R -class-change transitions for at least one such path, since hhαγiiR = hhγiiR . Hence α′ Xγ ∼R Xγ ∼R γ. From Xγ ∼R γ we deduce X ∈ R′ and α′ Xγ ∼R α′ γ (using the point 3). Therefore α′ Xγ ∼R γ implies α′ γ ∼R γ, and thus also hhα′ γiiR = hhγiiR . By the induction hypothesis we have α′ ∈ (R′ )∗ , and thus α = α′ X ∈ (R′ )∗ . Vsil 5. Recall that X ∼Vsil ε ⇔ X ∼ ε ⇔ X ∈ Vsil . We thus have Vsil = Vsil , and Vsil is thus γ admissible. Since {X | Xγ ∼ γ} = {X | Xγ ∼∅ γ} = {X | Xγ ∼Vsil γ}, we have R′ ←− ∅ γ iff R′ ←− Vsil . To show the claim in the point 5, it is thus sufficient to fix some arbitrary γ R′ ⊆ R′ . R′ ←− R where R is admissible and show that Vsil ′ R r R′ ; we will show Xγ ∼ γ, which contradicts with X 6∈ R′ . If γ ∈ R∗ , Suppose X ∈ Vsil R γ ′ R′ thus implies X ∈ R′ (since R = R′ then R = R (since R ←− R by the point 2), and X ∈ Vsil is admissible). W.l.o.g. we thus assume that γ is a nonempty R-trimmed string. a Since X is R′ -silent, for any rule X −→ δ (in the set R of rules in G) we have a = τ and R′ ) · (R′ )∗ (hence δ = δ Y δ δ belongs to the (“intermediate”) set I = ((Vsil )∗ ∪ (Vsil )∗ · Vsil 1 2 where δ1 is silent already in LG , δ2 ∈ (R′ )∗ , and Y is either ε or an R′ -silent variable). We now check that the set

B = ∼trim ∪ {(αγ, γ) | α ∈ I} R

11

is a branching bisimulation on LG,R ; this will entail Xγ ∼trim γ, and thus Xγ ∼R γ, since R ′ ∗ trim (Xγ, γ) ∈ B. If α ∈ (R ) , then αγ ∼R γ (by the point 4); hence assume α ∈ I r (R′ )∗ . a But then for any transition αγ −→ α′ γ we have a = τ and (α′ γ, γ) ∈ B. On the other hand, the simple fact that α is normed (we have α −→∗ ε in LG ) implies that we must have a path τ τ τ αγ = α0 γ −→ α1 γ −→ · · · −→ αk γ in LG,R where αk ∈ (R′ )∗ while αi ∈ I r (R′ )∗ for all i < k; here (αi γ, γ) ∈ B for all i, and αk γ ∼trim γ. The set B is thus indeed a branching R bisimulation on LG,R .

4.3

Decomposition properties of ∼R

Lemma 6. (First Decomposition Lemma) γ For admissible R, αγ ∼R βγ iff α ∼R′ β where R′ ←− R (i.e. R′ = {X ∈ V | Xγ ∼R γ}). Proof. We assume R′ = {X ∈ V | Xγ ∼R γ}, and show that αγ ∼R βγ ⇐⇒ α ∼R′ β. γ If γ ∈ R∗ then R′ = R (since R ←− R), and we obviously have αγ ∼R βγ ⇐⇒ α ∼R β. W.l.o.g. we now assume that γ is a nonempty R-trimmed string. We will show that β ′ , α′′ ∈ (R′ )∗ , β ′′ ∈ (R′ )∗ } B1 = ∼trim ∪ {(α′ α′′ γ, β ′ β ′′ γ) | α′ ∼trim R R′ is a branching bisimulation on LG,R , and that B2 = {(α′ , β ′ ) | α′ = trim(α, R′ ), β ′ = trim(β, R′ ) where αγ ∼R βγ} is a branching bisimulation on LG,R′ . Since the assumption α ∼R′ β, i.e. α′ ∼trim β′ R′ ′ ′ ′ ′ where α = trim(α, R ), β = trim(β, R ), implies (αγ, βγ) ∈ B1 , we will have that α ∼R′ β ⇒ αγ ∼R βγ. On the other hand, the assumption αγ ∼R βγ implies that (trim(α, R′ ), trim(β, R)) ∈ B2 and thus α ∼R′ β; hence αγ ∼R βγ ⇒ α ∼R′ β. To show the claim for B1 , we first note that α′ ∼trim β ′ entails that α′ = β ′ = ε or α′ , β ′ R′ R′ = R′ ), which are nonempty R′ -trimmed strings; this follows from the admissibility of R′ (Vsil is guaranteed by the admissibility of R (and Prop. 5(5)). Since α′′ ∈ (R′ )∗ and β ′′ ∈ (R′ )∗ entail α′′ γ ∼R β ′′ γ (by Prop. 5(4)), it is trivial to check that B1 is a branching bisimulation on LG,R . To show the claim for B2 , we note that if we write αγ ∼R βγ as α′ α′′ γ ∼R β ′ β ′′ γ where α′ , β ′ are R′ -trimmed and α′′ , β ′′ belong to (R′ )∗ , then we have either α′ = β ′ = ε or both α′ , β ′ are nonempty (by Prop. 5(4)). Checking that B2 is a branching bisimulation on LG,R′ is now also trivial. γ

Remark. We have proved, in fact, a stronger implication: if R′ ←− R and α ∼R′′ β for an admissible set R′′ ⊆ R′ , then αγ ∼R βγ. To show this, we replace R′ with R′′ in the definition of B1 in the proof and proceed in the same way. In particular, if α ∼ β (i.e., α ∼Vsil β), then αγ ∼R βγ. This, together with the fact α ∼R β =⇒ γα ∼R βγ (Prop. 5(3)), also entails that ∼ is a congruence: α ∼ γ and β ∼ δ imply αβ ∼ γδ. Corollary 7. αβ

α

β

1. R′′ ←− R iff R′′ ←− R′ and R′ ←− R for some R′ . β

2. [αβ]∼R = [[α]∼R′ · [β]∼R ]∼R where R′ ←− R. γ 3. hhαγiiR = hhαiiR′ + hhγiiR where R′ ←− R.

12

β

Proof. 1. We have Xαβ ∼R αβ iff Xα ∼R′ α where R′ ←− R (by Lemma 6). 2. The inclusion “⊆” is trivial. To show “⊇”, we assume γ ∼R γ ′ γ ′′ where γ ′ ∼R′ α and γ ′′

γ ′′ ∼R β, and we will show γ ∼R αβ. By Prop. 5(3) we have αβ ∼R αγ ′′ and R′ ←− R. By Lemma 6 we get αγ ′′ ∼R γ ′ γ ′′ , and by transitivity we deduce αβ ∼R γ ′ γ ′′ and αβ ∼R γ. γ

3. Suppose R′ ←− R; we assume that R is admissible, and thus R′ is admissible (by Prop. 5(5)). Hence only ε is silent in LG,R , as well as in LG,R′ . If γ ∈ R∗ , then hhγiiR = 0, R′ = R, and hhαγiiR = hhαiiR . W.l.o.g. we now assume that γ is a nonempty R-trimmed string. Hence γ is not R-silent (we have γ 6∼R ε), and thus any path from αγ to the silent state ε in LG,R has a prefix αγ = α0 γ −→ α1 γ −→ · · · −→ αk γ where αk = ε. Since any transition αi γ −→ αi+1 γ is ∼R -class changing iff αi −→ αi+1 is ∼R′ -class changing (by Lemma 6), we derive that hhαγiiR − hhγiiR = hhαiiR′ . The next lemma states the announced (main) decomposition property, using also the following technical notions. We say that a variable A is R-decomposable if A ∼R ε (i.e., A ∈ R, and hhAiiR = 0) or A ∼R γB for some γ and B where hhAiiR > hhBiiR ≥ 1; otherwise A is Rnon-decomposable. If A is an R-non-decomposable variable, then the ∼R -class [A]∼R = {α ∈ V ∗ | α ∼R A} is also called R-non-decomposable. We note the following direct consequence of the facts captured by Prop. 5 and Corollary 7: Corollary 8. If A ∈ V is R-non-decomposable, then A [A]∼R = {α ∈ V ∗ | α ∼R A} = {α2 Bα1 | α1 ∈ R∗ , B ∼R A, α2 ∈ (R′ )∗ where R′ ←− R}. C

We also use the notation R′ ←− R where C is a ∼R -class; this is sound since α ∼R β and β

α

R′ ←− R implies R′ ←− R (Prop. 5(3)). Similarly it is sound to use hhCiiR , since α ∼R β implies hhαiiR = hhβiiR (Observation 2); we also have hh[αγ]∼R iiR = hh[α]∼R′ iiR′ + hh[γ]∼R iiR [γ]∼

where R′ ←−R R (by Corollary 7(3)). Lemma 9. (Main Decomposition Lemma.) Assume an nBPA system G = (V, A, R) and an admissible set R ⊆ V. If C ⊆ V ∗ is a ∼R -class, then there is the unique decomposition decR (C), i.e., the sequence Ck Ck−1 . . . C1 of subsets of V ∗ (for some k ≥ 0) such that C = [Ck · Ck−1 · · · · · C1 ]∼R (viewed as [ε]∼R when k = 0) and we have C

Ck−1

C

1 k Rk ←− Rk−1 ←− · · · R1 ←− R0 = R where

Ci is Ri−1 -non-decomposable for all i ∈ [1, k] (i.e., Ci = [Ai ]∼Ri−1 for an Ri−1 -non-decomposable variable Ai ). β

Moreover, we have decR ([αβ]∼R ) = decR′ ([α]∼R′ ) decR ([β]∼R ) where R′ ←− R. Proof. We proceed by induction on hhCiiR . If hhCiiR = 0, then C = [ε]∼R = R∗ (by Prop. 5(2)). We now consider the case hhCiiR > 0. Each α ∈ C is necessarily of the form α = α1 Aα2 where α2 ∈ R∗ and A 6∈ R; hence α ∼R α1 A, and hhAiiR > 0. There is thus some αA ∈ C where A 6∈ R and hhAiiR is the smallest possible; we note that A is R-non-decomposable in this case: indeed, A ∼R γB where hhAiiR > hhBiiR ≥ 1 would imply B 6∈ R and αA ∼R αγB, and this would entail αγB ∈ C, which implies that hhAiiR was not the smallest possible. 13

Suppose now that αA ∼R α′ A′ where αA ∈ C (and thus also α′ A′ ∈ C), A 6= A′ , and both A and A′ are R-non-decomposable (which entails A 6∈ R, A′ 6∈ R). We will now show that A ∼R A′ : W.l.o.g. assume hhAiiR ≥ hhA′ iiR . Let αA = α0 A −→ α1 A −→ · · · −→ αk A be a path in LG,R where hhαk AiiR = hhAiiR and hhαi AiiR > hhAiiR for all i < k; we have αi A 6∼R αk A for i < k and αk A ∼R A (by Obs. 2 and Prop. 5(4)). Since αA ∼R α′ A′ , there must be a path α′ A′ = α′0 A′ −→ α′1 A′ −→ · · · −→ α′ℓ A′ where hhα′i A′ iiR > hhAiiR for all i < ℓ and α′ℓ A′ ∼R αk A ∼R A (and hhα′ℓ A′ iiR = hhAiiR ). Since hhA′ iiR ≥ 1 and A is R-non-decomposable, A ∼R α′ℓ A′ entails hhA′ iiR = hhAiiR = hhα′ℓ A′ iiR . Since hhα′ℓ A′ iiR = hhA′ iiR entails α′ℓ A′ ∼R A′ (by Prop. 5(4)), we get A ∼R A′ . Hence C determines the unique R-non-decomposable ∼R -class [A1 ]∼R such that α ∈ C implies α ∼R βA1 for some β. Therefore C = [C ′ · [A1 ]∼R ]∼R where C ′ = {β ∈ V ∗ | βA1 ∈ C}. We note A

1 that C ′ is a ∼R1 -class for R1 ←− R, which follows from the fact that β ∼R1 γ iff βA ∼R γA (by Lemma 6). Since hhCiiR = hhC ′ iiR1 + hhAiiR and hhAiiR ≥ 1, we have hhC ′ iiR1 < hhCiiR , and we can thus use the unique decomposition C ′ = [[Ak ]∼Rk−1 · [Ak−1 ]∼Rk−2 · · · · · [A2 ]∼R1 ]∼R1 ,

A

Ak−1

A

A

k 2 1 where Rk ←− Rk−1 ←− · · · R2 ←− R1 ←− R, guaranteed by the induction hypothesis. We thus have C = [[[Ak ]∼Rk−1 · [Ak−1 ]∼Rk−2 · · · · · [A2 ]∼R1 ]∼R1 · [A1 ]∼R ]∼R , from which we derive C = [[Ak ]∼Rk−1 · [Ak−1 ]∼Rk−2 · · · · · [A2 ]∼R1 · [A1 ]∼R ]∼R by Corollary 7(3). We note that we can even derive C = [Ak Ak−1 . . . A1 ]∼R .

β

The claim that decR ([αβ]∼R ) = decR′ ([α]∼R′ ) decR ([β]∼R ) where R′ ←− R now follows Aℓ−1

A

A

A

2 1 ℓ easily: If β ∼R Aℓ Aℓ−1 . . . A1 where Rℓ ←− Rℓ−1 ←− · · · R2 ←− R1 ←− R0 = R and Ai is Ri−1 -non-decomposable for all i ∈ [1, ℓ], then every γ ∈ [αβ]∼R satisfies γ ∼R αAℓ Aℓ−1 . . . A1 and the claim follows by the the uniqueness of decR (αβ).

5

Quotient of branching bisimilarity as a rational monoid

We recall that branching bisimilarity ∼ on V ∗ for an nBPA system G = (V, A, R) is a congruence, as was mentioned in the remark after Lemma 6. We can thus soundly define the quotient monoid ({[α]∼ | α ∈ V ∗ }, ⊙, [ε]∼ ) where [α]∼ ⊙ [β]∼ = [αβ]∼ . Lemma 9 (The Main Decomposition Lemma) implies that this monoid is a rational monoid in the sense of Sakarovitch [18]. In fact, it is a special type of such a monoid, where the normal forms of strings can be computed by deterministic finite transducers reading the input from right to left. We first give a definition of such special transducers, tailored to our use, and then define the canonical transducers related to nBPA systems.

5.1

Normal-form-computing transducers

By a normal-form-computing transducer, or just a transducer for short, we mean a tuple T = (Q, V, ∆, q0 ), where Q is a finite set of (control) states, q0 ∈ Q is the initial state, and the transition (and translation) function ∆ is of the form ∆ : Q × V → Q × V ∗ and satisfies the constraint (5) explained below. Our transducers read the input word from right to left, A

and we also write q ′ ←− q instead of ∆(q, A) = (q ′ , γ) to visualize this fact. We extend this γ

14

ε

α′

α

ε

β

β

q ′ , q ′ ←− q notation to strings inductively: for every q ∈ Q we have q ←− q, and q ′′ ←− ′ α′ α q. implies q ′′ ←− β′ β α that q ′ ←− q (for β

By Tq (α) (the translation of α when starting in q ∈ Q) we mean β such some q ′ ). We require that A

γ

γ

γ

q ′ ←− q implies q ′ ←− q, α

Tq (α)

Tq (α)

Tq (α)

(5)

which entails that q ′ ←− q implies q ′ ←− q. Hence the functions Tq are idempotent (Tq (Tq (α)) = Tq (α)) and α transfers T from q to the same state as Tq (α); this reflects that Tq (α) is (viewed as) the q-normal form of α. By NFTq , the set of q-normal forms, we mean the set {γ ∈ V ∗ | Tq (γ) = γ}; we note that ε ∈ NFTq , and a nonempty string Ak Ak−1 · · · A1 A

Ak−1

A

A

Ak

Ak−1

A2

A1

2 1 k q1 ←− qk−1 ←− qk−2 · · · ←− q for some q1 , q2 , . . . , qk . belongs to NFTq iff qk ←−

We also note that the condition (5) can be easily verified (for a given tuple (Q, V, ∆, q0 )). β

The condition also entails that Tq (αβ) = Tq (α Tq (β)) = Tq′ (α)Tq (β) where q ′ ←− q; here we β

β

use a natural convention that q ′ ←− q is a shorthand for q ′ ←− q. Tq (β)

A transducer T = (Q, V, ∆, q0 ) defines the family of equivalences ≡Tq on V ∗ , for q ∈ Q, induced by the equality of q-normal forms: α ≡Tq β ⇔df Tq (α) = Tq (β); we put ≡T =≡Tq0 . Due to the property (5), α ≡Tq β implies that α transfers T from q to the same state as β.

5.2

Canonical transducers for nBPA systems

Given an nBPA system G = (V, A, R), we recall the unique decomposition-sequence decR (α) = Ck Ck−1 · · · C1 attached to each α ∈ V ∗ and admissible R ⊆ V by Lemma 9. To represent any decomposition-sequence by a unique string from V ∗ , we choose a representantvariable for any R-non-decomposable class [A]∼R (for all admissible R). Formally, a prime-choice P is a partial function P : 2V × 2V → V that is defined for each pair ([A]∼R ∩ V, R) where R ⊆ V is admissible and A is R-non-decomposable; moreover, we must have that P([A]∼R ∩ V, R) is a variable B such that [B]∼R = [A]∼R , which we call an R-prime (w.r.t. the choice P). The number of R-primes coincides with the number of the ∼R -equivalence classes on the set of variables that are R-non-decomposable. ∗ We now define the decomposition decP R (α) (the decomposition of α ∈ V w.r.t. the admissible set R ⊆ V, related to the choice P) inductively: 1. decP R (ε) = ε; P 2. if A ∈ R, then decP R (αA) = decR (α); A

′ P 3. if A is an R-prime (w.r.t. P), then decP R (αA) = decR′ (α) A where R ←− R; P 4. if A ∼R γB where B is an R-prime, then decP R (αA) = decR (αγB).

Lemma 9 makes clear that decP R (α) is fully determined by the class [α]∼R : Let Ck , Ck−1 , . . . , C1 and Rk , Rk−1 , . . . , R0 = R be the unique sequences related to [α]∼R , and let Ai be the unique Ri−1 -prime in Ci , for all i ∈ [1, k]; then decP R (α) = Ak Ak−1 · · · A1 . We summarize some useful facts that essentially follow immediately from Lemma 9. 15

Proposition 10. Given an nBPA system G = (V, A, R) and a prime-choice P, the following conditions hold for any admissible R ⊆ V: P ′ α P 1. decP R (βα) = decR′ (β) decR (α) where R ←− R. P P P 2. decP R (decR (α)) = decR (α) (i.e. the functions decR (..) are idempotent). α

′ ′ 3. α ∼R decP R (α), and thus R ←− R implies R P P 4. α ∼R β iff decR (α) = decR (β).

decP R (α)

←−

R.

The canonical transducer T G,P , related to an nBPA system G = (V, A, R) and a primechoice P, is defined as the tuple (Q, V, ∆, q0 ) where: i) Q = {red(γ, ∅) | γ ∈ V ∗ }. (Hence Q = {R | R = {X ∈ V | Xγ ∼ γ} for some γ ∈ V ∗ }.) ii) The initial state q0 is the set red(ε, ∅) = Vsil . A

iii) For R ∈ Q and A ∈ V we have R′ ←− R (i.e., ∆(R, A) = (R′ , γ)) where R′ = red(A, R) γ

and γ =

decP R (A).

previous notation

R′

A

(The transducer notation R′ ←− R is thus compatible with the γ

A

←− R meaning

R′

= red(A, R).)

The properties of canonical transducers captured by the next lemma are easy consequences of Prop. 10 and other already established facts; a crucial property is that TRG,P (α) = decP R (α). Lemma 11. Let T = T G,P for an nBPA system G = (V, A, R) and a prime-choice P. Then: 1. T is a (normal form computing) transducer, and each state R of T is an admissible set. 2. For any state R of T we have α ∼R TR (α), and ∼R = ≡TR (α ∼R β iff TR (α) = TR (β)). 3. The number of states of T is at most 2|V| , and |TR (A)| ≤ hhAiiR ≤ kAk (for any state R and any A ∈ V). The size of T is thus at most exponential in size(G). G,P

= ∼ (since ∼Vsil =∼). We thus naturally view The point 2 in the lemma entails that ≡T G,P T (α) as the normal form of α; these normal forms (i.e., γ ∈ V ∗ such that T G,P (γ) = γ) are in one-to-one correspondence with the elements of the monoid ({[α]∼ | α ∈ V ∗ }, ⊙, [ε]∼ ).

6

Consistent transducers as witnesses of equivalence

We have not given any algorithm for constructing canonical transducers, nor for checking if a given transducer is canonical, w.r.t. a given nBPA system. But we now observe a “consistency property” of canonical transducers such that we can easily check whether a given transducer T is consistent and we are guaranteed that ≡T is a branching bisimulation when T is consistent. We assume a fixed nBPA system G = (V, A, R). Given any (normal form computing) transducer T = (Q, V, ∆, q0 ), for any q ∈ Q and α ∈ V ∗ we define the set MoveTq (α) as the set of all possible outcomes of “consistent long moves” from α. For each such move τ

τ

τ

a

α = α0 −→ α1 −→ · · · −→ αk −→ β

16

where the q-normal forms of α0 , α1 , . . . , αk are the same we put the pair (a, Tq (β)) in MoveTq (α). We also put (τ, Tq (α)) in MoveTq (α). More formally, MoveTq (α) is the subset of A × NFTq defined as follows: MoveTq (α) ∋ (a, γ) if γ is a q-normal form (Tq (γ) = γ) and i) a = τ and γ = Tq (α), or ii) there are α1 , α2 , . . . , αk (for k ≥ 0) and β such that τ τ τ a α = α0 −→ α1 −→ · · · −→ αk −→ β (in LG ), Tq (α0 ) = Tq (α1 ) = · · · = Tq (αk ), and Tq (β) = γ. We note in particular that MoveTq (ε) = {(τ, ε)}. A transducer T = (Q, V, ∆, q0 ) is consistent (w.r.t. G) if the following conditions hold: 1. MoveTq0 (A) = MoveTq0 (ε) for all A ∈ V where Tq0 (A) = ε; 2. MoveTq (A) = MoveTq (Tq (A)) if Tq (A) 6= ε (for all q ∈ Q, A ∈ V); X

A

ε

β

3. MoveTq (XA) = MoveTq (A) if Tq (XA) = Tq (A) 6= ε (hence q ′ ←− q ′ ←− q, β 6= ε). We put EqT = {Y ∈ V | Tq (Y ) = ε}, and we can observe that the condition MoveTq0 (A) = {(τ, ε)} for all A ∈ EqT0 entails that EqT0 ⊆ Vsil (while we do not require EqT ⊆ Vsil for q 6= q0 ). Lemma 12. 1. For any nBPA system G and any prime-choice P, the canonical transducer T G,P is consistent. 2. There is a polynomial algorithm checking if a given transducer T is consistent w.r.t. a given nBPA system G. 3. If a transducer T is consistent w.r.t. an nBPA system G, then ≡T is a branching bisimulation on LG . Proof. 1. Let us consider the canonical transducer T = T G,P = (Q, V, ∆, q0 ) for an nBPA γ system G = (V, A, R) and a prime-choice P; recall that Q = {R | R ←− Vsil , γ ∈ V ∗ } and q0 = Vsil . By the definition of T G,P and Lemma 11 we have α ∼R TR (α) = decP R (α) for all R ∈ Q and α ∈ V ∗ ; moreover, α ∼R β iff α ≡TR β (i.e. iff TR (α) = TR (β)). We also have TR (α) = ε iff α ∈ R∗ ; this entails that A ∈ EqT0 (i.e., Tq0 (A) = ε) iff A is silent, and A ∈ EqT0 thus implies MoveTq0 (A) = MoveTq0 (ε) (the condition 1 for consistent transducers). ∼ For R-trimmed strings α we now define Move∼ R (α) as follows: (a, [γ]∼R ) ∈ MoveR (α) if i) a = τ and [γ]∼R = [α]∼R (hence [γ]∼R = [TR (α)]∼R ), or τ

τ

τ

a

ii) there are α1 , α2 , . . . , αk (for k ≥ 0) and γ ′ such that α = α0 −→ α1 −→ · · · −→ αk −→ γ ′ , α0 ∼R α1 ∼R α2 · · · ∼R αk , and γ ′ ∼R γ (i.e., [α0 ]∼R = [α1 ]∼R = · · · = [αk ]∼R , and [γ ′ ]∼R = [γ]∼R ). By the definition of branching bisimilarity, it is easy to verify that for all R-trimmed α, β we ∼ T have α ∼R β iff Move∼ R (α) = MoveR (β). Since ∼R coincides with ≡R (for all R ∈ Q), for R-trimmed α we have 17

MoveTR (α) = {(a, γ) | γ ∈ NFTR (i.e. TR (γ) = γ) and (a, [γ]R ) ∈ Move∼ R (α)}; hence α ∼R β iff MoveTR (α) = MoveTR (β), for all R-trimmed α, β. If TR (A) 6= ε, then both A and TR (A) are (nonempty) R-trimmed strings and A ∼R TR (A), and we thus have MoveTR (A) = MoveTR (TR (A)); similarly, if TR (XA) = TR (A) 6= ε, then XA and A are R-trimmed and XA ∼R A, which entails MoveTR (XA) = MoveTR (A). Thus also the conditions 2 and 3 for consistent transducers are satisfied by T = T G,P . 2. Let us consider a transducer T = (Q, V, ∆, q0 ) and an nBPA system G = (V, A, R). We first make two simple observations: a) MoveTq0 (A) = MoveTq0 (ε) for all A ∈ EqT0 (for which Tq0 (A) = ε) iff EqT0 ⊆ Vsil ; δ′ B

δ

b) if q ′′ ←− q ′ ←− q where Tq′ (B) 6= ε, then Tq (δ)

MoveTq (δ′ Bδ) = {(a, γ Tq (δ)) | (a, γ) ∈ MoveTq′ (δ′ B)} (in particular when δ′ = ε). To show that checking the conditions 1.-3. defining consistent transducers is polynomial, it is thus sufficient to show a polynomial construction of MoveTq (A) in the cases Tq (A) 6= ε, and of MoveTq (XA) in the cases Tq (XA) = Tq (A) 6= ε. We will construct all these sets MoveTq (A) and MoveTq (XA) stepwise simultaneously, by applying a dynamic programming approach. To this aim it is convenient to introduce the notion of the q-erasable sets E¯q ⊆ V (we say more about them in the remark after the proof); we define E¯q inductively, which also makes clear that this set can be quickly constructed: τ X ∈ E¯q if X ∈ EqT (i.e., Tq (X) = ε) and there is a rule X −→ γ where γ ∈ (E¯q )∗ . τ

τ

τ

τ

Hence X ∈ E¯q iff there are δ1 , δ2 , . . . , δk (k ≥ 0) such that X = δ0 −→ δ1 −→ · · · −→ δk −→ ε and each δi is in (EqT )∗ (hence we have Tq (δi ) = ε). Now we give the deduction rules, on which a construction of the above mentioned sets MoveTq (A) and MoveTq (XA) can be based: 1. (τ, Tq (A)) belongs to MoveTq (A), and also to MoveTq (XA) if Tq (XA) = Tq (A); a

2. if Tq (A) 6= ε and there is a rule A −→ δ, then (a, Tq (δ)) ∈ MoveTq (A); τ

3. if Tq (A) 6= ε and there is a rule A −→ δ where Tq (δ) = Tq (A), then δ2 δ1 B (a) if δ = δ2 Bδ1 , q2 ←− q2 ←− q1 ←− q, δ2 ∈ (E¯q2 )∗ , Tq1 (B) 6= ε, and T (a, γ) ∈ Moveq1 (B), then (a, γ Tq (δ1 )) ∈ MoveTq (A); δ

X

δ

B

δ

3 2 1 (b) if δ = δ3 Xδ2 Bδ1 , q2 ←− q2 ←− q2 ←− q2 ←− q1 ←− q, δ3 ∈ (E¯q2 )∗ , Xδ2 ∈ (EqT2 )∗ , Tq1 (B) 6= ε, and (a, γ) ∈ MoveTq1 (XB), then (a, γ Tq (δ1 )) ∈ MoveTq (A);

X

A

ε

Tq (A)

4. if q ′ ←− q ′ ←− q and Tq (A) 6= ε, then (a) if X ∈ E¯q′ , and (a, γ) ∈ MoveTq (A), then (a, γ) ∈ MoveTq (XA); a

(b) if there is a rule X −→ δ, then (a, Tq (δA)) ∈ MoveTq (XA);

18

δ

τ

X′

δ

1 2 q ′ ), q ′ ←− q ′ ←− (c) if there is a rule X −→ δ, δ ∈ EqT′ , δ = δ2 X ′ δ1 (hence q ′ ←− δ2 ∈ E¯q′ , and (a, γ) ∈ MoveTq (X ′ A), then (a, γ) ∈ MoveTq (XA).

The claimed polynomial algorithm can iteratively apply the above deduction rules, stepwise extending the constructed MoveTq (A), MoveTq (XA) (from the initial situation where all are empty), until reaching the fixed point. The result is correct since the above “deduction rules” are obviously sound and complete. The sets MoveTq (A) and MoveTq (XA) are polynomially bounded (in the size of the transducer) for the following reasons: In each (a, γ) ∈ MoveTq (A) the string γ is of the form δ′ γ ′ where γ ′ is a suffix of Tq (A) a

γ′

and δ′ = Tq′ (δ) for an rhs δ (the right-hand side in a rule Y −→ δ of G) and q ′ ←− q. In each (a, γ) ∈ MoveTq (XA) we have γ = Tq (δA) for an rhs δ. 3. Let us consider a transducer T = (Q, V, ∆, q0 ) that is consistent w.r.t. an nBPA system G = (V, A, R). We start by showing the claim that MoveTq0 (α) = MoveTq0 (Tq0 (α)): If Tq0 (α) = ε, i.e. if α ∈ (EqT0 )∗ , then by the condition 1 for consistent transducers we indeed have MoveTq0 (α) = {(τ, ε)}. If Tq0 (α) 6= ε (α 6∈ (EqT0 )∗ ), then we can obviously write α

A

α

ε

Tq1 (A)

Tq0 (α1 )

2 1 α = α2 Aα1 where q2 ←− q2 ←− q1 ←− q0 , Tq1 (A) 6= ε, and α2 ∈ (EqT2 )∗ .

Due to the above observation b) (at the beginning of the proof of the point 2), for finishing the proof of the claim it suffices to show that MoveTq1 (α2 A) = MoveTq1 (Tq1 (A)). By the condition 3 for consistent transducers we derive easily that MoveTq1 (α2 A) = MoveTq1 (A), and the condition 2 implies that MoveTq1 (A) = MoveTq1 (Tq1 (A)). Therefore α ≡T β implies MoveTq0 (α) = MoveTq0 (β) (since MoveTq0 (α) = MoveTq0 (Tq0 (α)), MoveTq0 (β) = MoveTq0 (Tq0 (β)) and Tq0 (α) = Tq0 (β)). If ≡T were not a branching bisimulation, then there would be a case α ≡T β with a a τ τ τ move α −→ α′ for which we have no β1 , · · · , βk and β ′ such that β = β0 −→ β1 −→ · · · −→ a βk −→ β ′ , β0 ≡T β1 ≡T · · · ≡T βk , and β ′ ≡T α′ . But then MoveTq0 (α) 6= MoveTq0 (β) — a contradiction. Remark. In the canonical transducers T = T G,P we have R = ERT = E¯R for each state R. (This follows from the fact that Xγ ∼ γ entails that X in Xγ can be silently erased without changing the ∼-class, as we deduce from Observation 1.) We could use such observations to restrict the consistency condition for transducers T (by requiring EqT = E¯q ); further restricR ⊆ R ⊆ V}, that T (A) = ε tions can require that the set Q of states is included in {R | Vsil R iff A ∈ R, etc. Nevertheless, our (simpler and more general) definition of the consistency property has been sufficient for our aims here.

7

Complexity issues

Lemmas 11 and 12 make clear that there is a nondeterministic exponential-time algorithm deciding the branching bisimilarity problem on nBPA: 19

given an nBPA system G = (V, A, R) and α, β ∈ V ∗ , 1. guess a (deterministic normal-form computing) transducer T of at most exponential size w.r.t. size(G) (where the exponential bound is clear from Lemma 11); 2. verify that T is consistent and that T (α) = T (β). Corollary 13. The branching bisimilarity problem on nBPA is in NExpTime. In the arxiv-version of [8] we mentioned that a natural way for a further research is to look for a deterministic algorithm that would compute the decompositions (or a base in the terminology of [8], which corresponds to a canonical transducer, in fact) by proceeding via a certain series of decreasing over-approximations. This should be based on a closer look at the canonical transducers, which have been defined at a rather abstract level here. The paper by He and Huang [11] in fact suggests an algorithm proceeding by a refining series of over-approximations (also of a certain base), though it seems technically difficult to extract a precise relation to the notions of [8]. The aim of the algorithm in [11] is to show the ExpTime-membership of the branching bisimilarity problem on nBPA, which the authors claim to be ExpTime-complete. The ExpTime-hardness was first mentioned by Fu [9], who remarked that “A slight modification of Mayr’s proof shows that the EXPTIME lower bound holds for the branching bisimilarity as well.” In fact, this remark in [9] does not make explicitly clear if the case of normed BPA is meant; but since this remark follows after a remark on “Kiefer’s recent result” [15], from which the ExpTime-hardness of branching bisimilarity on (general) BPA follows immediately, and since Mayr’s proof [16] dealing with weak bisimilarity showed the ExpTime-hardness (even) for normed BPA, a natural interpretation of the above remark in [9] is that branching bisimilarity is ExpTime-hard for normed BPA as well. Similar (and more explicit) remarks about the ExpTime-hardness were then given in [8] and in [11], but a respective modification was not shown and proven correct in any of the mentioned papers. There is indeed a kind of a “tempting” modification, as the author of this paper can confess, but a detailed look shows that it does not work. Hence the respective remark on the ExpTime-hardness in [8] must be “retracted” (with a professional apology), and it is up to the other authors to show the modification they had in mind.

Author’s acknowledgements I would like to thank especially to Wojciech Czerwi´ nski, with whom we performed the research reported on in [8]. I felt appropriate to elaborate this new version but Wojciech could not participate because of other duties, and he suggested that I do this alone. Nevertheless he commented a preliminary version of this paper, for which I also warmly thank him. I also thank the anonymous reviewers of the paper [8] for their helpful comments.

References [1] J. C. M. Baeten, J. A. Bergstra, and J. W. Klop. Decidability of bisimulation equivalence for processes generating context-free languages. J. ACM, 40(3):653–682, 1993. 20

[2] J. L. Balc´azar, J. Gabarr´o, and M. Santha. Deciding bisimilarity is P-complete. Formal Asp. Comput., 4(6A):638–648, 1992. [3] O. Burkart, D. Caucal, and B. Steffen. An elementary bisimulation decision procedure for arbitrary context-free processes. In Proc. MFCS’95, volume 969 of Lecture Notes in Computer Science, pages 423–433. Springer, 1995. [4] D. Caucal, D. T. Huynh, and L. Tian. Deciding branching bimiliarity of normed contextfree processes is in Σp2 . Inf. Comput., 118(2):306–315, 1995. [5] S. Christensen, H. H¨ uttel, and C. Stirling. Bisimulation equivalence is decidable for all context-free processes. Inf. Comput., 121(2):143–148, 1995. [6] W. Czerwi´ nski. Partially-commutative context-free graphs. PhD thesis, University of Warsaw, 2012. Available at www.mimuw.edu.pl/˜wczerwin. [7] W. Czerwi´ nski, P. Hofman, and S. Lasota. Decidability of branching bisimulation on normed commutative context-free processes. Theory Comput. Syst., 55(1):136–169, 2014. [8] W. Czerwi´ nski and P. Janˇcar. Branching bisimilarity of normed BPA processes is in NEXPTIME. In Proc. LiCS’15, pages 168–179. IEEE, 2015. A preliminary version at arxiv.org/abs/1407.0645. [9] Y. Fu. Checking equality and regularity for normed BPA with silent moves. In Proc. ICALP’13, volume 7966 of Lecture Notes in Computer Science, pages 238–249. Springer, 2013. [10] C. He. A polynomial time algorithm for deciding branching bisimilarity on totally normed BPA. CoRR, abs/1411.4157, 2014. [11] C. He and M. Huang. Branching bisimilarity on normed BPA is EXPTIMEcomplete. In Proc. LiCS’15, pages 180–191. IEEE, 2015. A preliminary version at arxiv.org/abs/1501.04748. [12] Y. Hirshfeld, M. Jerrum, and F. Moller. A polynomial algorithm for deciding bisimilarity of normed context-free processes. Theor. Comput. Sci., 158(1&2):143–159, 1996. [13] H. H¨ uttel. Silence is golden: Branching bisimilarity is decidable for context-free processes. In Proc. CAV’91, volume 575 of LNCS, pages 2–12. Springer, 1992. [14] P. Janˇcar. Bisimilarity on basic process algebra is in 2-EXPTIME (an explicit proof). Logical Methods in Computer Science, 9(1:10):1–19, 2013. [15] S. Kiefer. BPA bisimilarity is EXPTIME-hard. Inf. Process. Lett., 113(4):101–106, 2013. [16] R. Mayr. Weak bisimilarity and regularity of context-free processes is EXPTIME-hard. Theor. Comput. Sci., 330(3):553–575, 2005. [17] R. Milner. Communication and Concurrency. Prentice Hall, 1989. [18] J. Sakarovitch. Easy multiplications. I. The realm of Kleene’s theorem. Inf. Comput., 74(3):173–197, 1987. 21

[19] J. Srba. Roadmap of infinite results. In Current Trends In Theoretical Computer Science, The Challenge of the New Century, volume 2, pages 337–350. World Scientific Publishing Co., 2004. An updated version at http://users-cs.au.dk/srba/roadmap/. [20] R. J. van Glabbeek and W. P. Weijland. Branching time and abstraction in bisimulation semantics. J. ACM, 43(3):555–600, 1996. [21] Q. Yin, Y. Fu, C. He, M. Huang, and X. Tao. Branching bisimilarity checking for PRS. In Proc. ICALP’14, volume 8573 of Lecture Notes in Computer Science, pages 363–374. Springer, 2014.

22