Kleene%20Algebra%20with%20Tests

1
Kleene Algebra with Tests

• Dexter Kozen
• Cornell University
• Workshop on Logic Computation
• Nelson, NZ, January 2004

2
These Lectures

• Tutorial on KA and KAT
• model theory
• complexity, deductive completeness
• relation to Hoare logic
• Practical applications
• compiler optimization
• scheme equivalence
• static analysis
• Theoretical applications
• automata on guarded strings BDDs
• algebraic version of Parikhs theorem
• representation
• dynamic model theory

3
Kleene Algebra (KA)is the algebra of regular
expressions
pq qp
pq pq,qp
q,pq,p2q,p3q, (p q) (pq)p
(pq)p p(qp) all
strings over p,q
p,pqp,pqpqp,? (0 1(010)1) multiples
of 3 in binary
p
q
p
q
p
q
p,q
q
p
0
0
1
0
1
1
4
Standard Interpretation
Regular sets over ? AB A ? B AB xy x ?
A, y ? B A Un?0 An A0 ? A1 ? A2 ? ... 1
? 0 ? p ? ? interpreted as p
5
Binary Relations
R, S binary relations on a set X RS R ?
S RS R S (u,v) ?w (u,w) ? R, (w,v) ?
S R reflexive transitive closure of R Un?0
Rn R ? R1 ? R2 ? ? 1 identity relation
(u,u) u ? X 0 ?
6
Applications

• Automata and formal languages
• regular expressions
• Program logic and verification
• Dynamic Logic
• program analysis
• protocol verification
• compiler optimization
• Algorithms
• shortest paths
• connectivity
• computational geometry

7
Prehistory

• Definition, relation to finite automata
• Kleene 56
• No purely equational axiomatization
• Redko 64
• Axiomatization of equational theory
• Salomaa 66
• Algebraic theory Conway 71
• Equational theory PSPACE complete
• (Stock1)Meyer 74

8
Axioms of KA K91

• K is an idempotent semiring under , , 0, 1
• (p q) r p (q r) (pq)r p(qr)
• p q q p p1 1p p
• p p p p0 0p 0
• p 0 p
• p(q r) pq pr
• (p q)r pr qr
• pq least x such that q px ? x
• qp least x such that q xp ? x

9
Succinctly stated,

• A Kleene algebra is an idempotent semiring such
  that
• pq is the least fixpoint of ?x.(q px)
• qp is the least fixpoint of ?x.(q xp)

10
This is a universal Horn axiomatization

• pq least x such that q px ? x
• q p(pq) ? pq
• q px ? x ? pq ? x
• qp least x such that q xp ? x
• q p(qp) ? qp
• q px ? x ? qp ? x
• Every system of linear inequalities
• a11x1 ... an1xn b1 ? x1
• .
• .
• .
• an1x1 ... annxn bn ? xn
• has a unique least solution

11
Alternative Characterizations of
12
Some Useful Properties
1 pp 1 pp p pp p
p (pq)p p(qp) sliding (pq)p
(p q) denesting px xq ? px
xq bisimulation qp 0 ? (p q)
pq loop distribution qp pq ? (p q)
(pq)(p q)
13
Proof of the Sliding Rule (ab)a ? a(ba) a
aba(ba) a(1 ba(ba)) distributivity
a(ba) 1 pp p. a aba(ba) ?
a(ba) (ab)a ? a(ba) q px ? x ? pq ?
x The reverse inequality ? is symmetric.
14
Completeness and Complexity

• Deductively complete for the equational theory of
  regular sets of strings and relational models K
  94
• Complexity Equational theory is PSPACE-complete
  MeyerStockmeyer 74
• Hoare theory (Horn theory with premises p 0) is
  PSPACE-complete Cohen 93
• Horn theory is ?1-complete for star-continuous
  relational models HardinK 03

1
15
Matrices over a KA
a b c d
e f g h
ae bf cg dh
def


aebg afbh cedg cfdh
a b c d
e f g h

def

1 0 0 1
0 0 0 0
def
def
0


1
a b c d

(abdc) (abdc)bd (dcab)ca
(dcab)
def

16
Matrices over a KA

a b c d
(abdc) (abdc)bd (dcab)ca
(dcab)
def

b
a
d
c
17
Matrices over a KA

• Representation of finite automata
• Construction of regular expressions
• Solution of linear equations over a KA
• Connectivity and shortest path algorithms

18
Solution of Linear Inequalities
a11x1 ... an1xn b1 ? x1 .
. . an1x1 ... annxn
bn ? xn a11 ... an1 . .
? . an1 ... ann
b1 . . . bn
x1 . . . xn
x1 . . . xn
19
Shortest PathsThe min, algebra
R ? ? r s min r,s rs r s r 0 0
? 1 0 ? ?
1.4
.9
3.2

0 1.4 2.3 ? 0 .9 ? ? 0
0 1.4 3.2 ? 0 .9 ? ? 0

20
Other Models
Convex polyhedra Iwano Steiglitz 90 AB
ax by x ? A, y ? B A convex hull of
A
A
B
21
Other Models
Convex polyhedra Iwano Steiglitz 90 AB
ax by x ? A, y ? B A convex hull of
A
A
B
22
Hoare LogicC. A. R. Sir Tony Hoare, 1969

• The first formal system for verification of
  well-structured programs
• Initiated the field of program correctness
• Inspiration of hundred of technical articles,
  books, book chapters, surveys
• Turing Award 1980, knighted in 1999

23
Partial Correctness Assertions
bpc postcondition
program precondition If b holds in the
current state, and if p is executed starting in
the current state, then if p halts, c will be
true of the halting state.
24
Rules of Hoare Logic
bx/e xe b
assignment rule
composition rule
bcpd, bcqd cif b then p else qd
conditional rule
bcpc cwhile b do pbc
while rule
weakening rule
25
Dynamic Logic Pratt 76
ltpgtb Starting from the current state, it
is possible for p to halt in a state
satisfying b. pb Starting from the current
state, it is necessary that if p halts, it
does so in a state satisfying b. DL
subsumes HL bpc ? b ? pc
26
Propositional Dynamic Logic (PDL)Fischer
Ladner 1979
propositional modal logic Kleene algebra

• Syntax
• program operators
• propositional operators ? ? ? 0 1
• mixed operators ltpgtb pb b?
• Semantics
• binary relations (input/output)

27
While programs in PDLFischer Ladner 79
if b then p else q ? b?p ?b?q while b do
p ? (b?p)?b?
28
Results about PDL

• complete deductive system Segerberg 77, Gabbay
  77, Parikh 78
• b ? p(b ? pb) ? pb
• EXPTIME-complete Pratt 78

29
For many applications in CS (simple
program manipulations, safety analysis, local
optimizations) dont need the full power of
PDLequational reasoning suffices
BUT need tests to model
conventional programming constructs
(if-then-else, while-do, ?)
30
Kleene Algebra with Tests (KAT)

• (K, B, , , , , 0, 1)
• (K, , , , 0, 1) is a Kleene algebra
• (B, , , , 0, 1) is a Boolean algebra
• B ? K
• p,q,r,? range over K
• a,b,c,? range over B

31
Kleene Algebra with Tests (KAT)

• , , 0, 1 serve double duty
• applied to programs, denote choice, composition,
  fail, and skip, resp.
• applied to tests, denote disjunction,
  conjunction, falsity, and truth, resp.
• these usages do not conflict!
• bc b ? c b c b ? c

32
Models

• Relational models
• K binary relations on a set X
• B subsets of the identity relation
• Trace models
• K sets of traces u0p0u1p1u2 un-1pn-1un
• B sets of traces of length 0
• Language-theoretic models
• K regular sets of guarded strings over ?
• B atoms of a finite free Boolean algebra

33
Guarded Strings Kaplan 69
P atomic programs B atomic tests ?, ?,? atoms
(minimal nonzero elements) of the free Boolean
algebra on generators B e.g. if B b1,...,b6,
then b1b2b3b4b5b6 is an atom guarded strings
?0p0?1p1?2p2?3 ? ?n-1pn-1?n AB A ? B AB
x?y x? ? A, ?y ? B A Un?0 An 1
atoms 0 ?
34
Theorem K Smith 96 The family of regular sets
of guarded strings over P,B is the free KAT on
generators P,B. Corollary KAT is complete over
relational models. Eq(GS) Eq(KAT) Eq(KAT)
Eq(REL)
35
Completeness and Complexity

• Deductively complete for the equational theory of
  regular sets of guarded strings and relational
  models KSmith 96
• Complexity Equational theory is PSPACE-complete
  KS 96, CohenKS 97
• Hoare theory (Horn formulas with premises of form
  p0) is PSPACE-complete KS 96
• Full Horn theory is still ?1-complete

1
36
Matrices over a KAT
The n x n matrices over a KAT (K,B) forms a KAT
(K,B) B diagonal matrices over B
37
Modeling Programssame as in PDL Fischer
Ladner 79
pq ? pq if b then p else q ? bp bq while b
do p ? (bp)b
38

• Propositional Hoare Logic (PHL)
• Hoare Logic without the assignment rule
• bx/t x t b
• Is a given rule
• a logical consequence of the composition,
• conditional, while, and weakening rules?
• relationally valid?

b1p1c1, ..., bnpncn bpc
39

• KAT subsumes PHL
• bpc is modeled by any of the following
  equivalent equations inequalities
• bp ? pc
• bp ? pc
• bp bpc
• bpc 0

40
bpc, cqd bpqd
composition rule
bcpd, bcqd cif b then p else qd
conditional rule
bcpc cwhile b do pbc
while rule
41
bpc, cqd bpqd
composition rule
? bpc 0 ? cqd 0 ? bpqd 0
bcpd, bcqd cif b then p else qd
conditional rule
? bcpd 0 ? bcqd 0 ? c(bpbq)d 0
bcpc cwhile b do pbc
while rule
? bcpc 0 ? c(bp)b bc 0
42
Theorem These are all theorems of KAT
Completeness Theorem K 99 All relationally
valid rules of the form are derivable in KAT
(not so for PHL)
43
Counterexample
cif b then p else pc cpc
is trivially unprovable in Hoare Logic, but c(bp
bp)c 0 ? cpc 0 is easily provable in KAT
44
Hoare formulas p1 0 ? p2 0 ? ... ? pn 0 ?
q r Theorem KAT is complete for the Hoare
theory of relational algebras ... not for the
Horn theory! Counterexample p ? 1 ? p2 p
45
Complexity
Theorem Berstel 79 It is undecidable whether a
given equation holds under a given set of
commutativity conditions in all -continuous
Kleene algebras Theorem K 99 ... ? -complete
...
0 2
46
Horn Theories
Theorem K 99, K Hardin 03 The universal Horn
theories of KA, KAT, REL are ? -complete Q
Is there a natural example of a sentence in
H(KA) ? H(KA)? Q Is H(REL) finitely
axiomatizable relative to H(KA)? Q What is the
complexity of H(KA)?
1 1
47
Complexity of KAT and PHL
Theorem Cohen 94 The Hoare theory of KA (Horn
formulas with premises p 0) is
PSPACE-complete Theorem Cohen, Kozen Smith
96 The Hoare theory of KAT is PSPACE-complete Th
eorem PHL is PSPACE-complete
48
Schematic KAT (SKAT) x s y t y
tx/s x s y ? FV(s) x s y t
x s y tx/s x ? FV(s) x s x t
x tx/s bx/t x t x t
b x x 1
49
Special Cases x s y t ? y t x
s (x ? Var(t), y ? Var(s)) x t b ? b
x t (x ? Var(b)) x s ? x s x s
(x ? Var(s)) x s ? x s x s
50
Relation to Hoare Assignment Rule ?x/t x
t x t ? is equivalent to ?x/t x
t ? ??x/t x t ??
51
Relation to Hoare Assignment Rule ?x/t x
t x t ? cp pb is equivalent
to ?x/t x t ? cpb 0 ??x/t x
t ?? cpb 0 cp pb ? cpb cpb 0
52
Interpreted Reasoning ? 1 where ? is any
property of the domain of computation, typically
an instantiated universal first-order property