Avoiding Determinization Orna Kupferman Hebrew University Joint work with Moshe Vardi

Deterministic (automaton, Turing machine, person…) NO! A single run on every input. Success: happily ever after in the unique future. Nondeterministic (automaton, Turing machine, person…) Multiple runs on every input. perhap s Success: happily ever after in at least one future.

A very convenient definition of success… Risk is for free. Goals are achieved in a more succinct way. perhap s

NFW are exponentially more succinct than DFW {N,D,A,U} x {F,B,R,P} x {W,T} NFW: nondeterministic automata on finite words. DBW: deterministic Büchi word automata. APT: alternating parity tree automata.

NFW are exponentially more succinct than DFW Ln = (0+1)*.0.(0+1) n NFW: O(n) states n 0, DFW: O(2 n ) states u v1v1 v2v2 0 1 n

Sometimes, nondeterminism causes no problems. Nonemptiness check: L(A) ≠ Ø ? Membership check, projection,… NFW and DFW: reachability  NLOGSPACE, linear time

Sometimes, nondeterminism is problematic. 1. Complementation: L(A’) = comp(L(A)) DFW: dualize the acceptance condition L(A) = (0+1)*.1 comp(L(A)) = ε + (0+1)*.0

Sometimes, nondeterminism is problematic. 1. Complementation: L(A’) = comp(L(A)) DFW: dualize the acceptance condition L(A) = (0+1)*.1 comp(L(A)) = ε + (0+1)*.0

Sometimes, nondeterminism is problematic. 1. Complementation: L(A’) = comp(L(A)) NFW: dualize the acceptance condition? 0,1 1 L(A) = (0+1)*.1 comp(L(A)) = ε + (0+1)*.0

Sometimes, nondeterminism is problematic. 1. Complementation: L(A’) = comp(L(A)) NFW: dualize the acceptance condition? L(A) = (0+1)*.1 comp(L(A)) = ε + (0+1)*.0 0,1 1 L(A’) = (0+1)* w  L(A): exists an accepting run. w  L(A): all runs are rejecting. dualization: exists a rejecting run.

Tree automata: Word automata: M(q 0,a)={q 1,q 2 } Tree automata: M(q 0,a)={  q 1,q 3 ,  q 2, q 1  } a cc c a ca q0q0 q1q1 q3q3 Sometimes, nondeterminism is problematic. 2. Running A on a tree. a c c q0q0 q1q1

Sometimes, nondeterminism is problematic. 2. Running A on a tree. M(q 0,a)={q 1,q 2 } M t (q 0,a)={  q 1,q 1 ,  q 1, q 2 ,  q 2,q 1 ,  q 2,q 2  } Given: an NFW A. M t (q,a) = M(q,a) x M(q,a) Run A on each of the paths of the tree… Wanted: an NFT A t that accepts all trees all of whose paths are accepted by A.

Sometimes, nondeterminism is problematic. 2. Running A on a tree. L(A) = (0+1)*.0.(0+1) n A: whenever you read 0, guess whether the input ends after exactly n letters. A t : whenever you read 0, guess whether all the paths in the subtree end after exactly n letters. n 0,

Sometimes, nondeterminism is problematic. 2. Running A on a tree. L(A) = (0+1)*.0.(0+1) n A: whenever you read 0, guess whether the input ends after exactly n letters. A t : whenever you read 0, guess whether all the paths in the subtree end after exactly n letters. n 0, M t (●,0)={  ●,● ,  ●, ● ,  ●,● ,  ●,●  } ●●

Sometimes, nondeterminism is problematic. 2. Running A on a tree. L(A) = (0+1)*.0.(0+1) n A: whenever you read 0, guess whether the input ends after exactly n letters. 0 accepts: rejects: n 0, ●● ● ● ● M t (●,0)={  ●,● ,  ●, ● ,  ●,● ,  ●,●  } n=2: ● ●●

Sometimes, nondeterminism is problematic. 2. Running A on a tree. Applications in 1.Decidability of CTL*, μ-calculus,… [SE84, EJ91,…] 2.Solving games with ω-regular goals. [Tho95] 3.LTL realizability and synthesis. [RP89]

How to solve complementation, decidability, games, synthesis,…? DETERMINIZE! #1 problem: exponential blow-up. legitimate (matching lower bounds). #2 problem (automata on infinite words): determinization is awfully complicated.

Automata on infinite words 0,1 1 1 sq L(A) = (0+1)*.1 ω Büchi acceptance: visit α infinitely often {s}{s,q} Subset construction: There is no DBW for L(A) [Lan69]. Safra’s determinization construction 1988: NBW(n)  DRW(2 O(n log n), O(n))

Safra’s construction: - First optimal construction! Each state of A’ is an ordered tree in which each node is labeled by a subset of the states of A such that the label of a node is - Beautiful! MONA: implementation of a nonelementary algorithm Model checking: tools! A success story!! Synthesis: no tools, no story. Very Complicated!!!

We are afraid of Safra

Universal (automaton, Turing machine, person…) Multiple runs on every input. perhap s Success: happily ever after in all futures. When viewed as a UFW, L(A) = When viewed as an NFW, L(A) = (0+1)* (0+10)* every 1 is followed by 0 0,1 10

Universal automata are sufficiently strong to serve as intermediate automata in many applications in which deterministic automata are traditionally used as intermediate automata. -Complementation constructions -Decision procedures -Synthesis - You name it (please do) Talk outline: 1.Indeed sufficiently strong. 2.Much simpler! Promising practical applications.

Complementation NFW DFW DFW NFW UFW DFW Finite words: dualize both the branching mode and the set of accepting states subset construction a state S  Q: all states the universal automaton may visit. S is accepting iff S  α

Complementation Given an NBW A, construct a complementary NBW. 1.Construct a DRW equivalent to A. 2.Dualize the DRW. 3.Translate the result to an NBW. Current procedure: co-determinization, Streett, LAR, …

Complementation 1.NBW  complementary UCW. 2.UCW  NBW. Our procedure: Easy: dualize both the transitions and the acceptance condition and get a UCW for the comlementary language. Given an NBW A, construct a complementary NBW. Easy: analyze ranks in accepting runs of UCW. [GSKV03] co-Buchi acceptance: visit α only finitely often

Example: 0,1 1 1 s1s1 s2s2 L(A) = (0+1)*.1 ω finitely many 0s 0,1 0 s3s3 NBW:

L(A) = (1*0) ω infinitely many 0s UCW: 0,1 1 1 s1s1 s2s2 0 s3s3

s2s2 s2s2 L(A) = (1*0) ω 0,1 1 1 s1s1 s2s2 0 s3s3 s1s1 s1s s3s3 s1s1 s2s2 s1s1 s3s s1s1 s2s2 0 s1s1 s3s3 0 a ranking function f:V  {0,…,2n} s3s3 s1s1 s3s3 s1s1

s2s2 s2s2 L(A) = (1*0) ω 0,1 1 1 s1s1 s2s2 0 s3s3 s1s1 s1s s3s3 s1s1 s2s2 s1s1 s3s s1s1 s2s2 0 s1s1 s3s3 0 a ranking function f:V  {0,…,2n} The state space of the NBW: subset construction + ranks for the states in the subset s3s3 s1s1 s3s3 s1s

Complementation μ-calculus satisfiability

Is there a tree satisfying Ψ? 1.Construct an APT A Ψ that accepts all trees satisfying Ψ [EJ91,KVW00]. 2.APT  NPT. 3.Check emptiness of the NPT. Current procedure: determinization of an NPW that accepts good paths of the run tree. parity games… [Jur00]

μ-calculus satisfiability Is there a tree satisfying Ψ? 1.Construct an APT A Ψ that accepts all trees satisfying Ψ [EJ91,KVW00]. 2.APT  UCT. 3.Check emptiness of the UCT. Our procedure: Easy, “empiness equivalent” UCT, similar to the translation on NPW to NBW. UCT  “emptiness equivalent’’ NBT Ranks…

Complementation μ-calculus satisfiability Synthesis

Given an LTL formula Ψ over I and O, construct a finite-state strategy f: (2 I )*  2 O that generates only computations that satisfy Ψ. Open system: interacts with an environment! o0o0 o 1 =f(i 0 ) o 2 =f(i 0,i 1 ) o 3 =f(i 0,i 1,i 2 )i2i2 i1i1 i0i0 (f(  ))  (i 0,f(i 0 ))  (i 1,f(i 0,i 1 ))  (i 2,f(i 0,i 1,i 2 ))  …

Synthesis Is Ψ realizable? 1.Construct a DRW A Ψ that accepts all computations satisfying Ψ. 2.Run A Ψ on the I-exhaustive tree. 3.Check emptiness of the NRT. Current procedure [PR88]: Rabin emptiness… [PR88,KV98]

Synthesis Is Ψ realizable? 1.Construct an NBW A ~Ψ that accepts all computations satisfying ~Ψ [VW94]. 2.Run the dual UCW on the I-exhaustive tree. 3.Check emptiness of the UCT. Our procedure: Easy, running a universal automaton on a tree is sound and complete.

The magic: UCW  NBW UCT  NBT Based on an analysis of accepting runs of co-Büchi automata A run is accepting iff the vertices of its run DAG can get ranks in {0,…,k} so that ranks along paths decrease and odd ranks appear only finitely often. The NBW/NBT: guesses a ranking, checks decrease, checks infinitely many visits to even ranks.

A run is accepting iff the vertices of its run DAG can get ranks in {0,…,k} so that ranks along paths decrease and odd ranks appear only finitely often. s2s2 s2s2 s1s1 s1s1 s3s3 s1s1 s2s2 s1s1 s3s3 s1s1 s2s2 s1s1 s3s3 s3s3 s1s1 s3s3 s1s Width of the run DAG : -For UCW: bounded by n. -For UCT: ??? If the UCT accepts some tree, it also accepts a tree generated by a transducer with k=(2n!)n 2n 3 n (n+1)/n! states. k We still need Safra! k is bounded by the width of the run DAG.

The magic: UCW  NBW UCT  NBT Based on an analysis of accepting runs of co-Büchi automata A run is accepting iff the vertices of its run DAG can get ranks in {0,…,k} so that ranks along paths decrease and odd ranks appear only finitely often. The NBW/NBT: guesses a ranking, checks decrease, checks infinitely many visits to even ranks. In practice: [GSKV03] -Incremental search for k. -Symbolic implementation.

To sum up: 1.Many applications use determinization. 2.The complexity of Safra’s determinization prevents implementations. 3.Universality can replace determinization and results in much simpler and friendlier procedures. universality

The end

0,1 10 s1s1 s2s2 s3s3 s1s1 s1s1 s1s1 s2s s2s2

10 s1s1 s2s2 s3s3 s1s1 s1s s3s3 s1s1 s2s2 s1s1 s3s s1s1 s2s2 s1s1 s3s3 s1s1 s3s3 s3s3

Complementation NFW DFW DFW NFW UFW DFW Finite words: NBW DRW NBW NBW UCW NBW Infinite words: co-Büchi acceptance: visit α only finitely often

NBW UCW NBW

Easy: dualize both branching mode and acceptance condition. O(1) w  A: exists a run that visits α infinitely often. w  A: all runs visit α only finitely often.

NBW UCW NBW [KV97]

UCW NBW 0,1 1 1 s1s1 s2s2 L(A) = (0+1)*.1 ω 0,1 0 s3s3 NBW:

UCW NBW L(A) = (1*0) ω UCW: 0,1 1 1 s1s1 s2s2 0 s3s3

UCW NBW L(A) = (1*0) ω s1s1 s1s s3s3 s1s1 s2s2 s1s1 s3s s2s2 s1s1 s2s2 s1s1 s3s3 s3s3 s2s2 s1s1 0 s1s1 s3s3 0,1 1 1 s1s1 s2s2 0 s3s3 0 a ranking function f:V  {0,…,2n} The state space of the NBW: subset construction + ranks for the states in the subset

Complementation μ-calculus satisfiability [GSKV03]