The Composition Method Wolfgang Thomas Francqui Lecture, Mons, - - PowerPoint PPT Presentation

The Composition Method

Wolfgang Thomas Francqui Lecture, Mons, April 2013

Mastering compositions

Wolfgang Thomas

Overview

• 1. Motivation
• 2. m-equivalence and the EF-game
• 3. Applications
• 4. m-types
• 5. Monadic types

Wolfgang Thomas

Motivation

Wolfgang Thomas

Composition and Decomposition

General problem: How to know what is true in a composed system if one knows what is true in the components? Essential question in verification. Here we consider two kinds of compositions: Ordered sums (e.g., concatentation of word models) Products

Wolfgang Thomas

Recall Automata

Given a DFA A = (Q, Σ, q0, δ, F) “If we know the behaviour of A on u and on v then we know the behaviour on uv.” We capture “behaviour” by the state transformations over Q realized by words. For u ∈ Σ∗ define uA : Q → Q by uA(q) = δ(q, u) The set {uA | u ∈ Σ∗} of state transformations forms a finite monoid with composition and identity εA.

(uv)A = uA ◦ vA

Wolfgang Thomas

Composition on Level of Automata

A accepts uv iff

• p∈Q

(uA(q0) = p ∧ vA(p) ∈ F)

Nondeterministic version: Use relation

uA = {(p, q) | A : p

u

→ q} A accepts uv iff

• p∈Q,r∈F

uA(q0, p) ∧ vA(p, r)

Wolfgang Thomas

m-Equivalence and the EF-Game

Wolfgang Thomas

Composition in Logic

How to obtain information whether uv |

= ϕ from knowledge

about u and v? Solution: When dealing with a formula ϕ do not look into ϕ but consider all formulas of the same quantifier complexity. More precisely: The quantifier-depth qd(ϕ) of a formula ϕ is the maximal number of nested quantifiers in ϕ. The quantifier alternation depth qad(ϕ) of ϕ is the number of blocks of existential resp. universal quantifiers in the prenex normal form of ϕ.

Wolfgang Thomas

Format of Models

Fix a signature with unary relation symbols Q1, . . . , Qk and binary relation symbols R1, . . . , Rℓ. Obtain relational structures S = (S, QS

1, . . . , QS k, RS 1, . . . , RS l )

Satisfaction relation: (S, s) |

= ϕ(x)

Special case: Word models ovder Σ = {a, b}:

w = (dom(w), <, Suc, Qa, Qb)

Example w = aaba: dom(w) = {1, 2, 3, 4},

Qa = {1, 2, 4}, Qb = {3}.

Wolfgang Thomas

Ordered Sums

For i ∈ I we are given relational structures Mi = (Mi, Ri

1, . . .)

• f the same signature

First focus on I = {1, 2}.

M1 + M2 is the structure M = (M1 ∪ M2, R1

1 ∪ R2 1, . . .)

If Mi is ordered by <i, then the ordered sum has the following

• rdering <:

a < b iff a, b belong to the same Mi and a <i b, or a ∈ M1, b ∈ M2

Similarly for arbitrary orderings (I, <I).

Wolfgang Thomas

m-Equivalence

Two structures (S, s) and (T , t) are m-equivalent (short: (S, s) ≡m (T , t)) if

(S, s) | = ϕ(x) ⇐ ⇒ (T , t) | = ϕ(x)

for all formulas ϕ(x) of quantifier-depth ≤ m. The m-equivalence classes are also called m-types. Plan:

• 1. Find a way to show that two structures are m-equivalent.
• 2. Present some applications
• 3. Introduce descriptions of the m-types

Wolfgang Thomas

• A. Ehrenfeucht
• R. Fra¨

ıss´ e

Wolfgang Thomas

Ehrenfeucht-Fra¨ ıss´ e game

allows to verify (S, s) ≡m (T , t). A game position is a partial isomorphism: a finite relation {(s1, t1), . . . , (sn, tn)} ⊆ S × T denoted by

s → t,

which is injective and preserves all relations QS, RS under consideration:

s ∈ QS ⇐

⇒ p(s) ∈ QT

and (s, s′) ∈ RS ⇐

⇒ (p(s), p(s′)) ∈ RT

Wolfgang Thomas

Game Gm((S, s), (T , t))

played between two players called Spoiler and Duplicator

(S, s) and (T , t).

There are m rounds. The initial configuration is s → t. Given a configuration r, a round is composed of two moves: first Spoiler picks an element s from S or t from T, and then Duplicator reacts by choosing an element in the other structure, i.e. by choosing some t from T, resp. some s from S. The new configuration is r ∪ {(s, t)}. After m rounds, Duplicator has won if the final configuration is a partial isomorphism (otherwise Spoiler has won).

Wolfgang Thomas

Example 1

Let u = aabaacaa and v = aacaabaa Consider G2(u, v) (including the linear ordering <) Duplicator looses: Spoiler can pick the u-positions with the letters b and c, whence Duplicator can only respond by picking the positions with b and c in v, in order to preserve the relations Qb and Qc; but then the order between the positions < is not preserved. Consider ∃x∃y(x < y ∧ Qb(x) ∧ Qc(y))

Wolfgang Thomas

Example 2

as before, however with successor relation Suc only in word models, besides Qa, Qb, Qc.

u = aabaacaa and v = aacaabaa

Duplicator wins. If Spoiler picks a position with b or c or a position adjacent to

• ne of them, Duplicator reacts accordingly in the other word;

Otherwise Duplicator reacts by corresponding positions. Consider, e.g., ∃x∃y(Suc(x, y) ∧ Qa(x) ∧ Qb(y))

Wolfgang Thomas

Example 3

Word models with order but without successor, singleton alphabet {a}. Format: (dom(w), <, Qa). Duplicator wins G2(aaa, an) for any n ≥ 3: In the first round, Spoiler may pick a first position, a last position, or a non-border position in one of the two words, and Duplicator reacts accordingly. This allows Duplicator also to respond correctly (i.e.,

• rder-preserving) in the second round.

Wolfgang Thomas

G3(ai, aj)

Here after the first round we get the situation

ai = ai1aai2 and aj = aj1aaj2

Remembering the 2-rounds game, Duplicator will win if

i1, j1 are both ≥ 3 or else i1 = j1,

and similarly for i2, j2. Duplicator can reach such a decomposition in the first round if

i, j are both ≥ 7, or if i = j.

Wolfgang Thomas

In general, . . .

With k rounds ahead, Duplicator ensures that corresponding letter-blocks delimited by chosen positions are of length ≥ 2k − 1 or are of the same length. Duplicator wins Gm(ai, aj) for any i, j ≥ 2m − 1 Duplicator also wins Gm(wi, wj) for any word w and

i, j ≥ 2m − 1.

Keep in mind: Sentences of qd m can desribe repetitions up to threshold 2m − 1 but otherwise can just say “many”.

Wolfgang Thomas

Describing Winning Strategy

When does Duplicator win Gm((S, s), (T , t))? Specify, for each k = 0, . . . , m, a set Ik of partial isomorphisms (describing game positions) which would Duplicator allow to win with k rounds ahead. There should be nonempty sets Im, . . . , I0 of partial isomorphisms, each of them extending s → t, such that for all

k = m, . . . , 1:

(back property)

∀p ∈ Ik ∀t ∈ T ∃s ∈ S such that p ∪ {(s, t)} ∈ Ik−1

(forth property)

∀p ∈ Ik ∀s ∈ S ∃t ∈ T such that p ∪ {(s, t)} ∈ Ik−1.

Write (S, s) m (T , t).

Wolfgang Thomas

Ehrenfeucht-Fra¨ ıss´ e Theorem

For m ≥ 0, the following are equivalent:

• 1. (S, s) ≡m (T , t)
• 2. (S, s) m (T , t)
• 3. Duplicator wins Gm((S, s), (T , t)).

Wolfgang Thomas

Applications

Wolfgang Thomas

Non-Definability

The language {an | n is even} is not first-order definable. Suppose a defining first-order sentence ϕ exists, with < only, say of quantifier-depth m. We have a2m ≡m a2m+1 We have a2m |

= ϕ.

So also a2m+1 |

= ϕ.

This model is of odd length, contradiction.

Wolfgang Thomas

Finally Composition!

In order to know whether a formula ϕ of qd m holds in uv, it suffices to know the m-types of u and v. Composition Lemma If u ≡m u′ and v ≡m v′, then u · v ≡m u′ · v′. Use the Ehrenfeucht-Fra¨ ıss´ e Theorem. Duplicator has winning strategies for the games Gm(u, u′) and

Gm(v, v′).

The strategy “on the segments u and u′ use the first strategy,

• n the segments v and v′ use the second strategy”

guarantees Duplicator to win also the game Gm(u · v, u′ · v′).

Wolfgang Thomas

Products

The direct product of S1, S2 has S1 × S2 as its universe, with relations

RS1×S2(a1, b1) . . . (an, bn)

iff RS1a1 . . . an and RS2b1 . . . bn Special forms: Reduced product, synchronized product. Landmark paper by Feferman and Vaught 1959

Wolfgang Thomas

Composition for Products

In order to know whether a formula of qd m holds in S × T , it suffices to know the m-types of S and T . Show: If S ≡m S′ and T ≡m T ′, then S × T ≡m S′ × T ′.

Wolfgang Thomas

m-Types

Wolfgang Thomas

How to Describe Types?

Hintikka formulas:

ψ0

S,¯ s( ¯

x) :=

• R,

¯ s∈RS

R ¯ x ∧

• R,¯

s∈RS

¬R ¯

x ψm+1

S,¯ s ( ¯

x) :=

• s∈S, S,¯

s| =ψm

S,¯ s,s( ¯

x,x)

∃xψm

S,¯ s,s( ¯

x, x)

∧ ∀x

• s∈S, S,¯

s| =ψm

S,¯ s,s

ψm

S,¯ s,s( ¯

x, x)

Wolfgang Thomas

Shorter Notation

T0(S, ¯ s) := {ψ(x) | ψ atomic , (S, ¯ s) |

= ψ(x)}

Tm+1(S, ¯ s) := {Tm(S, ¯ s, s) | s ∈ S}

Wolfgang Thomas

Elementary Facts

• 1. Each type is a finite object.
• 2. For each m and given tuple length n there are only finitely

many m-types of structures (S, s1, . . . , sn)

• 3. Tm(S, s1, . . . , sn) fixes for any formula ϕ(x) whether

S, s) | = ϕ(x).

• 4. Each formula of quantifier depth m is effectively

equivalent to a (finite) disjunction of m-Hintikka formulas

• 5. The first-order theory of S is decidable iff the function

m → Tm(S) is computable.

• 6. Summarizing: The m-types give a classification of

reasons why a formula of quantifier depth m can be true.

Wolfgang Thomas

Monadic Types

Wolfgang Thomas

Saharon Shelah

Wolfgang Thomas

An FO-Free MSO-Dialect

• ver structures S = (S, <, P1, . . . , Pk) with unary Pi

Atomic formulas are

Nonempty(X ∩ Y), X ⊆ Y, X < Y for “some X-element is < some Y-element” X1 ∪ . . . ∪ Xn = All

Wolfgang Thomas

k-Types

For k = (k1, . . . , km) define the k-n type Tk

n (S, P) for a structure S(P1, . . . , Pn)

Tλ

n (S, P) = set of atomic formulas ϕ(X1, . . . , Xn)

which are true in (S, P)

T(k,km+1)

n

(S, P) = set of all types Tk

n+km+1(S, P, Q)

with Q = (Q1, . . . , Qkm+1), Qj ⊆ S Note that m measures quantifier alternation depth.

Wolfgang Thomas

Wolfgang Thomas

A Readable Version

Let k = (k1, . . . , km). To obtain the k-n-type of

(S, P1, . . . , Pn) = ∑i∈I(Si, Pi)

consider (I <I, Q1, . . . , Qℓ) where Qj collects those i where (Si, Pi) has the j-th k-n-type; indeed it suffices to know

T(r1,...,rm)

ℓ

(I <I, Q1, . . . , Qℓ).

Essential: The quantifier alternation depth m is the same in k as in r.

Wolfgang Thomas

B¨ uchi’s Theorem via Shelah

Theorem: MTh(N, <) is decidable. Show that for any k, n we can compute Tk

n (N, <, P1, . . . , Pn).

Show this inductively over the length of k, simultaneously for all n. Case k = λ tedious but straightforward. The set Fin(n) of types of finite structures (M, <, P1, . . . , Pn) can be computed.

Wolfgang Thomas

Induction Step

Assume we know the types T

(k′

1,...,k′ m−1)

n′

(N, <, P) for all

k′

1, . . . , k′ m−1, and P1, . . . , Pn′.

To compute a type T(k1,...,km)

n

(N, <, P)

we need the set of all T(k1,...,km−1)

n+km

(N, <, P, R)

By Ramsey, any such type is presentable as a

(k1, . . . , km−1)-type τ + ∑i∈N σ with τ, σ ∈ Fin(n + km)

The finitely many possible types τ, σ are computable. What remains is to compute the sum types ∑i∈N σ By the Composition Theorem such a type can be obtained from a (r1, . . . , rn−1)-type of a structure (N, <, Q) But these types are computable by induction hypothesis.

Wolfgang Thomas

from B¨ uchi’s last paper (”State Strategies for Games in Fσδ ∩ Gδσ]

Wolfgang Thomas