. On a case study, we present a new approach for verifying cryptographic protocols, based on rewriting and on tree automata techniques. Protocols are operationally described using Term Rewriting Systems and the initial set of communication requests is described by a tree automaton. Starting from these two representations, we automatically compute an over-approximation of the set of exchanged messages (also recognized by a tree automaton). Then, proving classical properties like confidentiality or authentication can be done by automatically showing that the intersection between the approximation and a set of prohibited behaviors is the empty set. Furthermore, this method enjoys a simple and powerful way to describe intruder work, the ability to consider an unbounded number of parties, an unbounded number of interleaved sessions, and a theoretical property ensuring safeness of the approximation. Introduction In this paper, we present a new way of verifying cryptographic pro...

The following theorem of Huet and L'evy forms the basis of all results on optimal reduction strategies for orthogonal term rewriting systems: every term not in normal form contains a needed redex, and repeated contraction of needed redexes results in the normal form, if the term under consideration has one. We generalize this theorem to computations to root-stable form and we argue that the resulting notion of root-neededness is more fundamental than (other variants of) neededness when it comes to infinitary normalization. 1 Introduction In this paper we are concerned with reduction strategies for term rewriting systems. A reduction strategy is called normalizing if repeated contraction of the redexes selected by the strategy leads to normal form. O'Donnell [13] showed that the parallel-outermost strategy, which contracts all outermost redexes in parallel, is normalizing for orthogonal term rewriting systems. Parallel-outermost is not an optimal reduction strategy since many of the r...

Context-sensitive rewriting is a simple restriction of rewriting which is formalized by imposing fixed restrictions on replacements. Such a restriction is given on a purely syntactic basis: it is (explicitly or automatically) specified on the arguments of symbols of the signature and inductively extended to arbitrary positions of terms built from those symbols. Termination is not only preserved but usually improved and several methods have been developed to formally prove it. In this paper, we investigate the definition, properties, and use of context-sensitive rewriting strategies, i.e., particular, fixed sequences of context-sensitive rewriting steps. We study how to define them in order to obtain efficient computations and to ensure that context-sensitive computations terminate whenever possible. We give conditions enabling the use of these strategies for root-normalization, normalization, and infinitary normalization. We show that this theory is suitable for formalizing ...

: We present here decidable approximations of sets of descendants and sets of normal forms of Term Rewriting Systems, based on specific tree automata techniques. In the context of rewriting logic, a Term Rewriting System is a program, and a normal form is a result of the program. Thus, approximations of sets of descendants and sets of normal forms provide tools for analysing a few properties of programs: we show how to compute a superset of results, to prove the sufficient completeness property, or to find a criterion for proving termination under a specific strategy, the sequential reduction strategy. Key-words: Term Rewriting, Program Verification, Normal Forms, Descendants, Tree Automata, Approximation, Sufficient Completeness, Reachability, Termination. (R'esum'e : tsvp) Email: Thomas.Genet@loria.fr, http://www.loria.fr/equipe/protheo.html Unite de recherche INRIA Lorraine Technopole de Nancy-Brabois, Campus scientifique, 615 rue de Jardin Botanique, BP 101, 54600 VILLERS L ES NA...

) Ir#ne Durand Universit# de Bordeaux I, France Aart Middeldorp University of Tsukuba, Japan Abstract In this paper we study decidable approximations to call by need computations to normal and root-stable forms in term rewriting. We obtain uniform decidability proofs by making use of elementary tree automata techniques. Surprisingly, by avoiding complicated concepts like index and sequentiality we are able to cover much larger classes of term rewriting systems. 1 Introduction The following theorem of Huet and L#vy [8] forms the basis of all results on optimal normalizing reduction strategies for orthogonal term rewriting systems (TRSs): every reducible term contains a needed redex, i.e., a redex which is contracted in every rewrite sequence to normal form, and repeated contraction of needed redexes results in a normal form, if the term under consideration has a normal form. Unfortunately, needed redexes are not computable in general. Hence, in order to obtain a computable optimal...

Abstract. The dependency pair method of Arts and Giesl is the most powerful technique for proving termination of term rewrite systems automatically. We show that the method can be improved by using tree automata techniques to obtain better approximations of the dependency graph. This graph determines the ordering constraints that need to be solved in order to conclude termination. We further show that by using our approximations the dependency pair method provides a decision procedure for termination of right-ground rewrite systems. 1

We propose a variant of ordered resolution with semantic restrictions based on interpretations which are identi ed by the given atom ordering and selection function. Techniques for effectively approximating validity (satisfiability) in these interpretations are presented. They are related to methods of soft typing for programming languages. The framework is shown to be strictly more general than certain previously introduced approaches. Implementation of some of our techniques in the Spass prover has lead to encouraging experimental results.

. Starting from the regular tree language E of ground constructor-instances of any linear term, we build a nite tree automaton that recognizes the set of descendants R (E) of E for a constructor-based term rewrite system whose right-hand-sides fulll the following three restrictions : linearity, no nested function symbols, function arguments are variables or ground terms. Note that left-linearity is not assumed. We next present several applications. 1 Introduction Tree automata have already been applied to many areas of computer science, and in particular to rewriting techniques [2]. In comparison with more sophisticated renements, nite tree automata are obviously less powerful, but have plenty of good properties and lead to much simpler algorithms from a practical point of view. Because of potential applications to automated deduction and program validation, the problem of expressing by a nite tree automaton the transitive closure of a regular set E of ground terms with resp...

We present Timbuk -- a tree automata library -- which implements usual operations on tree automata as well as a completion algorithm used to compute an over-approximation of the set of descendants (E) for a regular set E and a term rewriting system R, possibly non linear and non terminating. On several examples of term rewriting systems representing programs and systems to verify, we show how to use Timbuk to construct their approximations and then prove unreachability properties of these systems.

We show that unification in certain extensions of shallow equational theories is decidable. Our extensions generalize the known classes of shallow or standard equational theories. In order to prove decidability of unification in the extensions, a class of Horn clause sets called sorted shallow equational theories is introduced. This class is a natural extension of tree automata with equality constraints between brother subterms as well as shallow sort theories. We show that saturation under sorted superposition is effective on sorted shallow equational theories. So called semi-linear equational theories can be e ectively transformed into equivalent sorted shallow equational theories and generalize the classes of shallow and standard equational theories.