## Micro-macro stack systems: A new frontier of decidability for sequential systems (2003)

Venue: | In 18th LICS, 381--390 |

Citations: | 2 - 2 self |

### BibTeX

@INPROCEEDINGS{Piterman03micro-macrostack,

author = {Nir Piterman},

title = {Micro-macro stack systems: A new frontier of decidability for sequential systems},

booktitle = {In 18th LICS, 381--390},

year = {2003},

pages = {381--390},

publisher = {IEEE}

}

### OpenURL

### Abstract

We define the class of micro-macro stack graphs, a new class of graphs modeling infinite-state sequential systems with a decidable model-checking problem. Micro-macro stack graphs are the configuration graphs of stack automata whose states are partitioned into micro and macro states. Nodes of the graph are configurations of the stack automaton where the state is a macro state. Edges of the graph correspond to the sequence of micro steps that the automaton makes between macro states. We prove that this class strictly contains the class of prefix-recognizable graphs. We give a direct automata-theoretic algorithm for model checking ¢-calculus formulas over micro-macro stack graphs. 1

### Citations

3837 |
Introduction to Automata Theory, Languages and Computation
- Hopcroft
- 1979
(Show Context)
Citation Context ...way to let the pushdown automaton check that the suffix is in the language . This is by allowing the automaton to read the entire contents of the store. This is the type of behavior of stack automata =-=[27, 26, 29]-=-. Just like pushdown automata, stack automata have a finite but unbounded store, they can change only the top of the store by either removing the letter on top of the store or by adding a finite seque... |

2408 | Model Checking
- Clarke, Grumberg, et al.
- 1999
(Show Context)
Citation Context ...g, we verify the correctness of a system with respect to a desired behavior by checking whether a mathematical model of the system satisfies a formal specification of this behavior (for a survey, see =-=[20]-=-). Traditionally, model checking is applied to finite-state systems, typically modeled by labeled state-transition graphs, and to behaviors that are formally specified as temporal-logic formulas or au... |

1179 | Automatic Verification of Finite-State Concurrent Systems using Temporal Logic Specifications
- Clarke, Emerson, et al.
- 1986
(Show Context)
Citation Context ... graphs. 1 Introduction One of the most significant developments in the area of formal design verification is the discovery of algorithmic methods for verifying on-going behaviors of reactive systems =-=[18, 40, 37, 19, 45]-=-. In model-checking, we verify the correctness of a system with respect to a desired behavior by checking whether a mathematical model of the system satisfies a formal specification of this behavior (... |

794 |
Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic
- CLARKE, EMERSON
- 1982
(Show Context)
Citation Context ... graphs. 1 Introduction One of the most significant developments in the area of formal design verification is the discovery of algorithmic methods for verifying on-going behaviors of reactive systems =-=[18, 40, 37, 19, 45]-=-. In model-checking, we verify the correctness of a system with respect to a desired behavior by checking whether a mathematical model of the system satisfies a formal specification of this behavior (... |

585 |
An automata-theoretic approach to automatic program verification
- Vardi, Wolper
- 1986
(Show Context)
Citation Context ... graphs. 1 Introduction One of the most significant developments in the area of formal design verification is the discovery of algorithmic methods for verifying on-going behaviors of reactive systems =-=[18, 40, 37, 19, 45]-=-. In model-checking, we verify the correctness of a system with respect to a desired behavior by checking whether a mathematical model of the system satisfies a formal specification of this behavior (... |

476 |
Automata on infinite objects
- Thomas
- 1990
(Show Context)
Citation Context ... the formulas obtained from atomic formulas by closing them under Boolean connectives and existential quantification over vertex or set variables. For a full exposition of MSOL we refer the reader to =-=[42]-=-. A R !" #$&%I'G graph is MSOL interpretable in the XZ±9&%Iš$Ji'U %Jš7µ E structure if there exist MSOL formu5 6t6°˜! : las 5 > ] , , and for Ûw4= every we 587W6 : have such that the graph defined bel... |

336 |
On a decision method in restricted second order arithmatic. In Proceeding of the 1960 international Congress on Logic, Methodology. and Philosophy of Science
- Büchi
- 1962
(Show Context)
Citation Context ...aph automaton (that accepts all possible graphs that satisfy the specification, see below). Algorithms for converting -calculus, CTL} CTL, , and LTL ¸( and to automata can be found in the literature =-=[5, 46, 30, 44, 35]-=-. 4.1 Definitions Graph Automata. Given a finite set of directions, an - tree is a do.H¤} set such that V k4zd if , k4I where and 4J¤} , then also 4Pd . The elements of d are called nodes, and the emp... |

299 | An automata-theoretic approach to branchingtime model checking - Bernholtz, Vardi, et al. - 1994 |

290 | Reachability analysis of pushdown automata: Application to model-checking - Bouajjani, Esparza, et al. - 1997 |

250 | Reasoning about infinite computations
- Vardi, Wolper
- 1994
(Show Context)
Citation Context ...model checking algorithms are automata based. The automata-theoretic approach to verification uses the theory of automata as a unifying paradigm for program specification, verification, and synthesis =-=[46, 36, 35]-=-. Automata enables the separation of the logical and the algorithmic aspects of reasoning about systems, yielding clean and in many cases asymptotically optimal algorithms. The automata-theoretic fram... |

237 |
Specification and verification of concurrent systems in Cesar
- Queille, Sifakis
- 1981
(Show Context)
Citation Context |

235 |
Checking that finite state concurrent programs satisfy their linear specification
- Lichtenstein, Pnueli
- 1985
(Show Context)
Citation Context |

213 |
Weak Second-order Arithmetic and Finite Automata
- Büchi
- 1960
(Show Context)
Citation Context ...tains the class of high order pushdown graphs and in turn is strictly contained in the class of rational graphs. Only the firstorder theory of synchronized rational graphs is, however, decidable (cf. =-=[6, 43]-=-). It is undecidable even to determine if some vertex is reachable from another vertex (cf. [43]). For rational graphs even first-order theory is undecidable [38]. To the best of our knowledge the cla... |

147 | Efficient algorithms for model checking pushdown systems
- Esparza, Hansel, et al.
(Show Context)
Citation Context ...in eIS‘¡!T E JHJHIHJ&eJS‘¡ Ÿ is accepting. As is ¸ accepting so is . In the other direction we extend the partial run Ò of to a full run of using the promised partial runs from Claim 5.1. Theorem 5.3 =-=[24, 32]-=- The emptiness problem of a PDNBW can be determined in time ‰c6 ž b ž ± V ž - žGV ž a ž : . Theorem 5.4 The emptiness problem of a ST-NBW can be determined in time ‰c6 ž b ž ± V9ž - žŒV9ž a ž : V Õ ¥ ... |

134 | Pushdown processes: games and model checking
- Walukiewicz
(Show Context)
Citation Context ...-time algorithm by Burkart for model checking the -calculus with respect to prefix-recognizable graphs [8] and decidability of monadic second-order theory of high order pushdown graphs [31]. See also =-=[12, 15, 47, 10, 11, 4, 7, 25, 13, 9, 34]-=- The class of high order pushdown graphs strictly contains the class of prefix-recognizable graphs [31], and the class of prefix-recognizable graphs strictly contains the class of pushdown graphs [15]... |

128 | Reasoning about the past with two-way automata, in
- Vardi
- 1998
(Show Context)
Citation Context ...aph automaton (that accepts all possible graphs that satisfy the specification, see below). Algorithms for converting -calculus, CTL} CTL, , and LTL ¸( and to automata can be found in the literature =-=[5, 46, 30, 44, 35]-=-. 4.1 Definitions Graph Automata. Given a finite set of directions, an - tree is a do.H¤} set such that V k4zd if , k4I where and 4J¤} , then also 4Pd . The elements of d are called nodes, and the emp... |

121 |
The theory of ends, pushdown automata, and second-order logic, Theoretical Computer Science 37
- Muller, Schupp
- 1985
(Show Context)
Citation Context ...of information, e.g., a pushdown store. This research origins in The origin of this research is the result of Müller and Schupp that the monadic secondorder theory of context-free graphs is decidable =-=[39]-=-. As the complexity involved in that decidability result is nonelementary, researchers sought decidability results of elementary complexity. At the same time, researchers sought decidability results f... |

113 | A direct symbolic approach to model checking pushdown systems
- Finkel, Willems, et al.
(Show Context)
Citation Context ...-time algorithm by Burkart for model checking the -calculus with respect to prefix-recognizable graphs [8] and decidability of monadic second-order theory of high order pushdown graphs [31]. See also =-=[12, 15, 47, 10, 11, 4, 7, 25, 13, 9, 34]-=- The class of high order pushdown graphs strictly contains the class of prefix-recognizable graphs [31], and the class of prefix-recognizable graphs strictly contains the class of pushdown graphs [15]... |

95 | On transition graphs having a decidable monadic theory
- Caucal
- 1996
(Show Context)
Citation Context ...-time algorithm by Burkart for model checking the -calculus with respect to prefix-recognizable graphs [8] and decidability of monadic second-order theory of high order pushdown graphs [31]. See also =-=[12, 15, 47, 10, 11, 4, 7, 25, 13, 9, 34]-=- The class of high order pushdown graphs strictly contains the class of prefix-recognizable graphs [31], and the class of prefix-recognizable graphs strictly contains the class of pushdown graphs [15]... |

84 |
Benefits of Bounded Model Checking in an Industrial Setting
- Copti, Fix, et al.
- 2001
(Show Context)
Citation Context ...mata on infinite objects. Symbolic methods that enable model-checking of very large state spaces, and the great ease of use of fully algorithmic methods, led to industrial acceptance of modelchecking =-=[2, 21]-=-. Supported in part by the European Commission (FET project ADVANCE, contract No IST-1999-29082). This work was carried out at the John von Neumann Minerva Center for Verification of Reactive Systems.... |

76 |
Computer Aided Verification of Coordinating Processes
- Kurshan
- 1994
(Show Context)
Citation Context ...model checking algorithms are automata based. The automata-theoretic approach to verification uses the theory of automata as a unifying paradigm for program specification, verification, and synthesis =-=[46, 36, 35]-=-. Automata enables the separation of the logical and the algorithmic aspects of reasoning about systems, yielding clean and in many cases asymptotically optimal algorithms. The automata-theoretic fram... |

62 | Finding Bugs in an Alpha Microprocessor Using Satisfiability Solvers
- Bjesse, Leonard, et al.
- 2001
(Show Context)
Citation Context ...mata on infinite objects. Symbolic methods that enable model-checking of very large state spaces, and the great ease of use of fully algorithmic methods, led to industrial acceptance of modelchecking =-=[2, 21]-=-. Supported in part by the European Commission (FET project ADVANCE, contract No IST-1999-29082). This work was carried out at the John von Neumann Minerva Center for Verification of Reactive Systems.... |

55 | On Infinite Terms Having a Decidable Monadic Theory - Caucal - 2002 |

43 | Higher-order pushdown trees are easy
- Knapik, Niwinski, et al.
- 2002
(Show Context)
Citation Context ... an exponential-time algorithm by Burkart for model checking the -calculus with respect to prefix-recognizable graphs [8] and decidability of monadic second-order theory of high order pushdown graphs =-=[31]-=-. See also [12, 15, 47, 10, 11, 4, 7, 25, 13, 9, 34] The class of high order pushdown graphs strictly contains the class of prefix-recognizable graphs [31], and the class of prefix-recognizable graphs... |

38 | More infinite results
- Burkart, Esparza
- 1997
(Show Context)
Citation Context |

35 | CTL + is exponentially more succinct than CTL
- Wilke
- 1999
(Show Context)
Citation Context ...± in satisfies X iff assigning A B C D to elements in 3 and assign3 Q R"T UgD ing to elements 2o„h3 in X makes true. An alternating automaton on labeled transition graphs (graph automaton, for short) =-=[49]-=- is a i tuple ÷7!e ' ! , where , b , e ' are as in PD-NFW, &b specifies the acceptance condition, ÷M) by1<€, and T 6^…VK 'jcVkC‡ 1zb : is the transition function. Intuitively, i when is in e state a... |

34 | Monadic second-order logic on tree-like structures, Theor - Walukiewicz - 2002 |

33 | An Automata-Theoretic Approach to Reasoning about Infinite-State Systems
- Kupferman, Vardi
- 2000
(Show Context)
Citation Context |

29 |
Composition, decomposition and model checking of pushdown processes
- Burkart, Steffen
- 1995
(Show Context)
Citation Context |

29 |
Tree automata, �- calculus and de-terminacy
- Emerson, Jutla
- 1991
(Show Context)
Citation Context ...JHIH Â successors such t6 Zß : that Þ ßJ7!eißU j6 D!ti‘ ß : : . 6 A °d â !Œ run is accepting if all its infinite paths satisfy the acceptance condition. We consider here parity acceptance conditions =-=[23]-=-. A parity p…(Ô EG&Ô ± JHIHJHµ&Ô ‡ condition is a partition b of . The ‚ number of sets is called the index of i . Given a run d â Œ and an infinite path LR.yd â , let p^qVr 6 L : .Ëb be such that è ... |

25 | On rational graphs
- Morvan
- 2000
(Show Context)
Citation Context ...graphs is, however, decidable (cf. [6, 43]). It is undecidable even to determine if some vertex is reachable from another vertex (cf. [43]). For rational graphs even first-order theory is undecidable =-=[38]-=-. To the best of our knowledge the class of prefixrecognizable graphs is the largest class of graphs modeling sequential systems for which there is an elementary model checking algorithm of -calculus.... |

23 |
A short introduction to infinite automata
- Thomas
- 2002
(Show Context)
Citation Context ...tains the class of high order pushdown graphs and in turn is strictly contained in the class of rational graphs. Only the firstorder theory of synchronized rational graphs is, however, decidable (cf. =-=[6, 43]-=-). It is undecidable even to determine if some vertex is reachable from another vertex (cf. [43]). For rational graphs even first-order theory is undecidable [38]. To the best of our knowledge the cla... |

21 |
On the transition graphs of automata and grammars
- Caucal, Monfort
- 1990
(Show Context)
Citation Context ...s of prefix-recognizable graphs [31], and the class of prefix-recognizable graphs strictly contains the class of pushdown graphs [15], which in turn strictly contains the class of context-free graphs =-=[17]-=-. These classes are defined in terms of certain rewrite rules. More powerful notion of rewrite rules yield even larger classes of graphs. The class of synchronized rational graphs strictly contains th... |

20 | Prefix recognizable graphs and monadic second order logic
- Blumensath
- 2001
(Show Context)
Citation Context ...cing the prefix by some prefix in the regular language , reaching node . Prefix-recognizable graphs correspond to the configuration graphs of pushdown automata when the - transitions are factored out =-=[41, 3]-=-. Indeed, a pushdown automaton can do a series of -transitions that remove from the pushdown store while checking that is in the language . Making sure that the suffix is in the language can be done b... |

19 |
One-way stack automata
- Ginsburg, Greibach, et al.
- 1967
(Show Context)
Citation Context ...way to let the pushdown automaton check that the suffix is in the language . This is by allowing the automaton to read the entire contents of the store. This is the type of behavior of stack automata =-=[27, 26, 29]-=-. Just like pushdown automata, stack automata have a finite but unbounded store, they can change only the top of the store by either removing the letter on top of the store or by adding a finite seque... |

18 | Pushdown Specifications
- Kupferman, Piterman, et al.
- 2002
(Show Context)
Citation Context ...the emptiness problem of nondeterministic stack automata on infinite trees is decidable in quintuply exponential time [28]. Their methods can be easily extended ST-APWE to . A combination of [28] and =-=[33]-=- gives a double exponential algorithm for the emptiness of . ST-APWE Theorem 4.2 The emptiness of ST-APWE é an can be determined in time double exponential in the size é of . 4.2 Branching time model ... |

16 |
Automata for the modal é - calculus and related results
- Janin, Walukiewicz
- 1995
(Show Context)
Citation Context ...aph automaton (that accepts all possible graphs that satisfy the specification, see below). Algorithms for converting -calculus, CTL} CTL, , and LTL ¸( and to automata can be found in the literature =-=[5, 46, 30, 44, 35]-=-. 4.1 Definitions Graph Automata. Given a finite set of directions, an - tree is a do.H¤} set such that V k4zd if , k4I where and 4J¤} , then also 4Pd . The elements of d are called nodes, and the emp... |

15 |
Automatic verification of sequential infinitestate processes
- Burkart
- 1991
(Show Context)
Citation Context |

14 | Uniform solution of parity games on prefix-recognizable graphs
- Cachat
(Show Context)
Citation Context ...checking algorithms is double exponential. Since their introduction in [15], prefix-recognizable graphs have been thoroughly studied. As a few examples we mention, games on prefix-recognizable graphs =-=[14]-=-, characterization of languages accepted by prefix-recognizable graphs [41], and prefix-recognizable structures [3]. There are many equivalent ways to represent prefix-recognizable graphs, using rewri... |

13 | On equational simple graphs
- Barthelmann
- 1997
(Show Context)
Citation Context ...tart of and recognizes words whose reverse is in ). and the runs and are witnesses that the prefixes of and are in and respectively. We conclude that the state is reachable in and ó!ô iff Theorem 3.2 =-=[1, 3]-=- A graph is prefix-recognizable iff it is MSOL interpretable X ± &%Iš7µ ' %Jš7µIEJ in . Consider a prefix-recognizable graph ©M , , , , % ' and a state %-4A . Let Òj ;U}U6 % : denote the # set of stat... |

9 | Model checking of infinite graphs defined by graph grammers
- Burkart, Quemener
- 1996
(Show Context)
Citation Context |

9 | Deciding Emptiness for Stack Automata on Infinite Trees
- Harel, Raz
- 1994
(Show Context)
Citation Context ...parity automata with 1-letter input alphabet ST-APWE as . Harel and Raz show that the emptiness problem of nondeterministic stack automata on infinite trees is decidable in quintuply exponential time =-=[28]-=-. Their methods can be easily extended ST-APWE to . A combination of [28] and [33] gives a double exponential algorithm for the emptiness of . ST-APWE Theorem 4.2 The emptiness of ST-APWE é an can be ... |

9 | Model checking linear properties of prefixrecognizable systems
- Kupferman, Piterman, et al.
(Show Context)
Citation Context ...tic framework for reasoning about finitestate systems has proven to be very versatile. Recently, the automata-theoretic approach to verification has been extended to infinite-state sequential systems =-=[34, 32]-=-. Our model-checking algorithms for micro-macro stack graphs extend the algorithms in [34, 32]. In general, the automatatheoretic approach to branching-time model checking uses a reduction to the empt... |

8 |
Timed alternating tree automata: the automata-theoretic solution to the TCTL model checking problem
- Dickhfer, Wilke
- 1999
(Show Context)
Citation Context ...an atom requires i to send copies in state – to all the successors k˜– % of . The K –$ atom – (or , for short) i requires to send a copy in – state to the % node itself. Thus, like symmetric automata =-=[22, 49]-=-, graph automata cannot distinguish between the various successors of a state and treat them in an existential or universal way. A run of a graph i automaton on a labeled transition ro !" #$&% ' graph... |

8 |
Stack automata and compiling
- Ginsburg, Greibach, et al.
- 1967
(Show Context)
Citation Context ...way to let the pushdown automaton check that the suffix is in the language . This is by allowing the automaton to read the entire contents of the store. This is the type of behavior of stack automata =-=[27, 26, 29]-=-. Just like pushdown automata, stack automata have a finite but unbounded store, they can change only the top of the store by either removing the letter on top of the store or by adding a finite seque... |

7 |
Model checking rationally restricted right closures of recognizable graphs
- Burkart
- 1997
(Show Context)
Citation Context ... logics and more general systems have been proposed. The most powerful results are an exponential-time algorithm by Burkart for model checking the -calculus with respect to prefix-recognizable graphs =-=[8]-=- and decidability of monadic second-order theory of high order pushdown graphs [31]. See also [12, 15, 47, 10, 11, 4, 7, 25, 13, 9, 34] The class of high order pushdown graphs strictly contains the cl... |

5 |
Verification on infinite structures. Unpublished manuscript
- Burkart, Caucal, et al.
- 2000
(Show Context)
Citation Context |

3 |
Model checking the full modal -calculus for infinite sequential processes
- Burkart, Steffen
- 1999
(Show Context)
Citation Context |

1 |
Decidability of bisimulation equivalence for pushdown processes. Unpublished manuscript
- Stirgling
- 2000
(Show Context)
Citation Context ...cing the prefix by some prefix in the regular language , reaching node . Prefix-recognizable graphs correspond to the configuration graphs of pushdown automata when the - transitions are factored out =-=[41, 3]-=-. Indeed, a pushdown automaton can do a series of -transitions that remove from the pushdown store while checking that is in the language . Making sure that the suffix is in the language can be done b... |