Model Checking mu-Calculus in Well-Structured Transition Systems

We study the model checking problem for fixpoint logics in well-structured multiaction transition systems. P.A. Abdulla et al. (1996) and Finkel & Schnoebelen (2001) examined the decidability problem for liveness (reachability) and progress (eventuality) properties in well-structured single action transition systems. Our main result is as follows: the model checking problem is decidable for disjunctive formulae of the propositionalμ-Calculus of D. Kozen (1983) in well-structured transition systems where propositional variables are interpreted by upward cones. We also discuss the model checking problem for the intuitionistic modal logic of Fisher Servi (1984) extended by least fixpoint. 1. Well-Preordered Transition Systems Let D be a set. An equivalence is a reflexive, transitive and symmetric binary relation on D. A partial order is a reflexive, transitive, and antisymmetric binary relation on D. A preorder (synonym: quasi-order) is a reflexive and transitive binary relation on D. A well-preorder (synonym: wellquasi-order) is a preorder where every infinite sequence d0, ... di, ... of elements ofD contains a pair of elements dm and dn so that m < n and dm dn. Let (D, ) be a well-preordered set (i.e. a setD provided with a well-preorder ). An ideal (synonym: cone) is an upward closed subset of D, i.e. a set I ⊆ D such that for all d, d ∈ D, if d d and d ∈ I then d ∈ I . Every d ∈ D generates the upward cone (↑ d) ≡ {e ∈ D : d e}. For every set S ⊆ D and every element d ∈ S, d is a minimal element of S iff for every element s ∈ S either d s or d and s are non-comparable. For every subset S ⊆ D, the set of its minimal elements is min(S). For every subset S ⊆ D, a basis of S is a subset B ⊆ S such that for every s ∈ S there exists an element b ∈ B such that b s. Let us present some algebraic properties of well-preorders that are easy to prove [1, 4]. Let us fix for simplicity a well-preordered set (D, ). First, (D, ) is well-founded, i.e. infinite strictly decreasing sequences of elements of D are impossible; moreover, every infinite sequence in (D, ) contains an infinite non-decreasing subsequence. Next, every subset S ⊆ D provided with the preorder also forms another well-preordered set (S, ). Third, every S ⊆ D has a finite basis that consist of the set of the minimal elements min(S); in particular, every ideal I has a finite basis min(I), and I = ∪d∈min(I)(↑ d). Finally, every nondecreasing sequence of ideals I0 ⊆ ... ⊆ Ii ⊆ ... eventually stabilizes, i.e. there is some k ≥ 0 such that Im = In for all m,n ≥ k. Let Act be a fixed finite alphabet of action symbols. A transition system (synonym: Kripke frame) is a tuple (D,R), where the domainD is a non-empty set of elements that are called states, and the interpretationR is a total mapping R : Act → 2. A run (in the frame) is a maximal sequence of states s1...sisi+1... such that for all adjacent states within the sequence (si, si+1) ∈ R(a) for some a ∈ Act. A well-preordered transition system (WPTS) is a triple (D, , R) such that (D, ) is a well-preordered set and (D,R) is a Kripke frame. We are most interested in wellpreordered transition systems with decidable and compatible well-preorders and interpretations. The decidability condition for the well-preorder is straightforward: ⊆ D × D is decidable. The decidability condition for interpretations of action symbols and compatibility conditions for well-preorders and interpretations of action symbols are discussed below. Let (D, , R) be a WPTS and a ∈ Act be an action symbol. We consider the following decidable condition for the interpretationR(a) of the action symbol a ∈ Act: the function λ s ∈ D . min{t : t R(a) −→ s} is computable. We refer to this condition as tractable past. Again, let (D, , R) be a WPTS and a ∈ Act be an ac(future) upward (future) downward ∀s′1, s ′′ 1 , s ′ 2 ∃s ′′ 2 : ∀s ′ 1, s ′ 2, s ′′ 2 ∃s ′′ 1 : s′1 R(a) −→ s 1 & s ′ 1 s ′ 2 ⇒ s ′ 2 R(a) −→ s 2 & s ′ 1 s ′ 2 ⇒ ⇒ s′2 R(a) −→ s 2 & s ′′ 1 s ′′ 2 ⇒ s ′ 1 R(a) −→ s 1 & s ′′ 1 s ′′ 2 s 1 . . . s 2 ↑ ↑|