Model checking Branching-Time Properties of Multi-Pushdown Systems is Hard

We address the model checking problem for shared memory concurrent programs modeled as multi-pushdown systems. We consider here boolean programs with a finite number of threads and recursive procedures. It is well-known that the model checking problem is undecidable for this class of programs. In this paper, we investigate the decidability and the complexity of this problem under the assumption of bounded context-switching defined by Qadeer and Rehof, and of phase-boundedness proposed by La Torre et al. On the model checking of such systems against temporal logics and in particular branching time logics such as the modal $\mu$-calculus or CTL has received little attention. It is known that parity games, which are closely related to the modal $\mu$-calculus, are decidable for the class of bounded-phase systems (and hence for bounded-context switching as well), but with non-elementary complexity (Seth). A natural question is whether this high complexity is inevitable and what are the ways to get around it. This paper addresses these questions and unfortunately, and somewhat surprisingly, it shows that branching model checking for MPDSs is inherently an hard problem with no easy solution. We show that parity games on MPDS under phase-bounding restriction is non-elementary. Our main result shows that model checking a $k$ context bounded MPDS against a simple fragment of CTL, consisting of formulas that whose temporal operators come from the set {\EF, \EX}, has a non-elementary lower bound

Branching-time model checking of one-counter processes

One-counter processes (OCPs) are pushdown processes which operate only on a unary stack alphabet. We study the computational complexity of model checking computation tree logic (CTL) over OCPs. A PSPACE upper bound is inherited from the modal mu-calculus for this problem. First, we analyze the periodic behaviour of CTL over OCPs and derive a model checking algorithm whose running time is exponential only in the number of control locations and a syntactic notion of the formula that we call leftward until depth. Thus, model checking fixed OCPs against CTL formulas with a fixed leftward until depth is in P. This generalizes a result of the first author, Mayr, and To for the expression complexity of CTL's fragment EF. Second, we prove that already over some fixed OCP, CTL model checking is PSPACE-hard. Third, we show that there already exists a fixed CTL formula for which model checking of OCPs is PSPACE-hard. To obtain the latter result, we employ two results from complexity theory: (i) Converting a natural number in Chinese remainder presentation into binary presentation is in logspace-uniform NC^1 and (ii) PSPACE is AC^0-serializable. We demonstrate that our approach can be used to obtain further results. We show that model-checking CTL's fragment EF over OCPs is hard for P^NP, thus establishing a matching lower bound and answering an open question of the first author, Mayr, and To. We moreover show that the following problem is hard for PSPACE: Given a one-counter Markov decision process, a set of target states with counter value zero each, and an initial state, to decide whether the probability that the initial state will eventually reach one of the target states is arbitrarily close to 1. This improves a previously known lower bound for every level of the Boolean hierarchy by Brazdil et al

Counting CTL

The original publication is available at www.springerlink.com.International audienceThis paper presents a range of quantitative extensions for the temporal logic CTL. We enhance temporal modalities with the ability to constrain the number of states satisfying certain sub-formulas along paths. By selecting the combinations of Boolean and arithmetic operations allowed in constraints, one obtains several distinct logics generalizing CTL. We provide a thorough analysis of their expressiveness and of the complexity of their model-checking problem (ranging from P-complete to undecidable)

Canonical Models and the Complexity of Modal Team Logic

We study modal team logic MTL, the team-semantical extension of classical modal logic closed under Boolean negation. Its fragments, such as modal dependence, independence, and inclusion logic, are well-understood. However, due to the unrestricted Boolean negation, the satisfiability problem of full MTL has been notoriously resistant to a complexity theoretical classification. In our approach, we adapt the notion of canonical models for team semantics. By construction of such a model, we reduce the satisfiability problem of MTL to simple model checking. Afterwards, we show that this method is optimal in the sense that MTL-formulas can efficiently enforce canonicity. Furthermore, to capture these results in terms of computational complexity, we introduce a non-elementary complexity class, TOWER(poly), and prove that the satisfiability and validity problem of MTL are complete for it. We also show that the fragments of MTL with bounded modal depth are complete for the levels of the elementary hierarchy (with polynomially many alternations)

Local Model-Checking of Modal Mu-Calculus on Acyclic Labeled Transition Systems

Model-checking is a popular technique for verifying finite-state concurrent systems, the behaviour of which can be modeled using Labeled Transition Systems (Ltss). In this report, we study the model-checking problem for the modal mu-calculus on acyclic Ltss. This has various applications of practical interest such as trace analysis, log information auditing, run-time monitoring, etc. We show that on acyclic Ltss, the full mu-calculus has the same expressive power as its alternation-free fragment. We also present two new algorithms for local model-checking of mu-calculus formulas on acyclic Ltss. Our algorithms are based upon a translation to boolean equation systems and exhibit a better performance than existing model-checking algorithms applied to acyclic Ltss. The first algorithm handles mu-calculus formulas phi with alternation depth ad (phi) greater or equal than 2 and has time complexity O (|phi|^2 * (|S|+|T|)) and space complexity O (|phi|^2 * |S|), where |S| and |T| are the number of states and transitions of the acyclic Lts and |phi| is the number of operators in phi. The second algorithm handles formulas with alternation depth ad (phi) = 1 and has time complexity O (|phi| * (|S|+|T|)) and space complexity O (|phi| * |S|)

The model checking problem for intuitionistic propositional logic with one variable is AC1-complete

We show that the model checking problem for intuitionistic propositional logic with one variable is complete for logspace-uniform AC1. As basic tool we use the connection between intuitionistic logic and Heyting algebra, and investigate its complexity theoretical aspects. For superintuitionistic logics with one variable, we obtain NC1-completeness for the model checking problem.Comment: A preliminary version of this work was presented at STACS 2011. 19 pages, 3 figure

Discounting in LTL

In recent years, there is growing need and interest in formalizing and reasoning about the quality of software and hardware systems. As opposed to traditional verification, where one handles the question of whether a system satisfies, or not, a given specification, reasoning about quality addresses the question of \emph{how well} the system satisfies the specification. One direction in this effort is to refine the "eventually" operators of temporal logic to {\em discounting operators}: the satisfaction value of a specification is a value in $[0,1]$, where the longer it takes to fulfill eventuality requirements, the smaller the satisfaction value is. In this paper we introduce an augmentation by discounting of Linear Temporal Logic (LTL), and study it, as well as its combination with propositional quality operators. We show that one can augment LTL with an arbitrary set of discounting functions, while preserving the decidability of the model-checking problem. Further augmenting the logic with unary propositional quality operators preserves decidability, whereas adding an average-operator makes some problems undecidable. We also discuss the complexity of the problem, as well as various extensions