Inductive Injective Partitioned Function

Dans le document Symbolic model-checking with Set Rewriting (Page 50-54)

Suppose without loss of generality that(x,y)∈R. By definition(x,y)is encoded by♦R. (x,y) is encoded in the relation W (there are only unions when creat-ing that relation). Then, if(x,y) ∈ S, it is encoded in the function by Equa-tion(4.1) in Def.4.1.3. Otherwise, it is encoded by Equation(4.2). It follows that♦(R∪S)⊆ (♦R∪♦S).

2. Second, we prove (♦R∪♦S) ⊆ ♦(R∪S). Let (x,y) ∈ (♦R∪♦S) and suppose(x,y) <Rand(x,y) <S. That means there is a X,Y s.t. x ∈ X, y ∈ Y and(♦R∪♦S)(X)=Y. This pair could not have been created by Equation(4.1) in Def. 4.1.3, because that would mean that (x,y) ∈ R and (x,y) ∈ S. This pair could not have been created by Equation (4.2) in Def. 4.1.3 since that would mean that (x,y) ∈ R or (x,y) ∈ S(exclusive or). It follows that that (♦R∪♦S)⊆♦(R∪S).

Finally, we have that(♦R∪♦S)= ♦(R∪S)⇒♦R∪♦S= ♦(R∪S)by unique-ness of the encoding (Thm.4.1.1).

The proof for the intersection follows the same principle and is left as exercise to

the reader.

We add the union and the intersection to the set of injective partitioned functions to form the lattice of theInjective Partitioned Functions. It is important to notice that this lattice is isomorphic to the lattice formed by binary relationsB(A,B) with union and intersection.

Definition 4.1.5 (Lattice of the injective partitioned functions) Let LAand LBas in Def.4.1.2.

Given a set of injective partitioned functions∆(LA,LB), the lattice built over that set ish∆(LA,LB),∪,∩, 0, 1iwhere:

is the union as defined in Def.4.1.3;

is the intersection as defined in Def.4.1.4;

0is the constant function that associates 1A to 0 B,i.e., Dom(0)= {1 A};

1is the constant function that associates 1A to 1 B.

The sequel of this section introduces a special kind of injective partitioned function whose co-domain is inductively defined.

4.2 Inductive Injective Partitioned Function

Inductive Injective Partitioned FunctionsgeneralizeIPFs’ encoding to n-ary relations.

The idea behind is simple: sinceIPFsare lattices, we can have them as domain and images for otherIPFs. Since the relations are now n-ary, we use the currying principle, to transform them intoIPFsand then embed the one on top of the other.

To be completely general we also want to define what happens with 1-ary relations (the subsets of a set). The solution for this case is simple: we encode the set as a binary

32 Chapter 4. ΣDecision Diagrams relation of the set and the singleton set, for example B(A,{•}), and then we encode binary relation into an IPF. The isomorphic lattice for power set of the singleton set is a lattice containing two elements, the empty set (lower bound) and the singleton (upper bound). It is called thesimple latticeand we note itn

0, 1


The line of reasoning in this section is the following. First, we define what it means for an IPF to encode a n-ary relation. Then, we build a new set containing only functions that encode n-ary relations, the set of IIPFs. Finally, we conclude by showing that that the encoding is unique,i.e.,that the encoding is not only a function but an isomorphism.

To simplify the notations, in the rest of the work we refer to n-ary relations solely through their graph. For a relationR= hA,B,C,Gi, withG⊆ A× B×C, we just say R⊆ A×B×C.

Definition 4.2.1 (Encoded n-tuple relation) Let f ∈∆(P(D1), . . .(P(Dn),{0,1})· · ·)), g ∈∆(P(D2),∆(P(D3), . . .(P(Dn),{0, 1})· · ·))andR⊆ D1× · · · ×Dn be a n-ary re-lation. We say that it is encoded byIPF f if and only if:

(x1,x2, . . . ,xn)∈R⇔



(x1, 1)∈f ,if n=1

(x1,g)∈f and(x2, . . . ,xn)encoded by g ,otherwise or f = 0ifR=∅.

In Def.4.2.1we define what does it mean for anIPFto encode a n-ary relation as we did in the previous section. It is clear that there might be several forms of doing this encoding, but we have chosen this one because we want to be close to the encoding of Decision Diagrams.

In Def.4.2.2we say that allIPFsthat encode a n-ary relation form a set. The func-tions belonging to this set are calledIIPFs. We give a name to this particular class of IPFsbecause we heavily rely on them for the rest of this thesis. By construction, each IIPFencodes a n-ary relation. We present an example of an n-ary relation encoded by anIIPF(Example4.2.1).

Definition 4.2.2 (IIPF) Let f ∈∆(P(D1), . . .(P(Dn),{0,1})· · ·). f is anIIPFif and only if f encodes some n-ary relationR⊆ D1× · · · ×Dn as in Def.4.2.1.

Notation AsIIPFshave normally a very complex co-domain. We propose the handy notation∆D1,D2,···Dn to refer to the set ofIIPFsthat encode relations in D1× · · · ×Dn. Example 4.2.1 Let’s define the ternary relation the-sum-is-pair= hA,B,C,Gi, with A={1,2,3,4}, B={1,2,3}, C ={1,2}and

G ={(1,1,2),(1,2,1),(1,3,2),(2,1,1),(2,2,2),(2,3,1), (3,1,2),(3,2,1),(3,3,2),(4,1,1),(4,2,2),(4,3,1)}

We can encode this relation in anIIPF f ∈∆A,B,C. The function is the following:

f :πA → ∆B,C f1B →∆C f2B →∆C g1C1 → {0 ,1} g2C2 → { 0,1} f :{1,3} 7→ f1 f1 :{1,3} 7→g2 f2 :{1,3} 7→ g1 g1 :{1} 7→ 1 g2 :{2} 7→ 1

{2,4} 7→ f2 {2} 7→g1 {2} 7→g2

4.2. Inductive Injective Partitioned Function 33 You can see this function in Section4.2, where we can see the different kinds of shar-ing. The bracket in front of each domain indicate how many functions share that domain. When two functions share the same domain, we use different types of lines in the bracket to distinguish them. πB is shared by f1 and f2 and the bracket is split in a solid part for the former and a dotted part for the latter. The type of the lines also differentiates the mappings. Solid arrows from πB correspond to the mapping of f1,

respectively dotted arrows to the mapping of f2.

f 10




f1 10 f2 10










0 , 1

0 1


{1,3} B

{2,4} B


{2} C

{2} C

1 {1}


Figure4.1 – IIPFfor the relation the-sum-is pair inExample4.2.1

However, there is an open question: is the encoding unique? A unique encoding greatly improves the performance of the implementation. Luckily, the answer to this question is yes. In Theorem4.2.1we state that the encoding intoIIPFsis unique.

Theorem 4.2.1 (Unicity of IIPF encoding) Let f,g ∈∆D1,...,Dn andR ⊆ D1× · · ·Dn

an n-ary relation. If f and g encodeR, then f = g.

Proof 4.2.1 (Unicity of IIPF encoding) Let us prove the theorem by induction over n, the length of the n-ary relation. The set ofIIPFscontains by definition only IPFs that encode a n-ary relation. If the unicity condition is true, then encoding is a lattice isomorphism.

Base case For n= 1we have just a set. The functions being injective (because they areIPFs) with only one possible image (by Example4.2.1) there is only one possible value in the domain: the set being encoded. Thus, f = g.

34 Chapter 4. ΣDecision Diagrams Inductive step We suppose the theorem is true for n≤ m−1and prove it for n=m.

Since the theorem is true for n≤m−1(by the induction hypothesis), it is true for the co-domain. The co-domain is then isomorphic to the power set of D2×· · ·×Dn. Know-ing that, we can use the same argument that we used in the proof of Theorem 4.1.1.

Corollary 4.2.1 IIPFencoding is a lattice isomorphism.

TheIIPFsare also a lattice since they are just plainIPFs. Based on the injective partitioned functions, we can formalize and strongly type theHierarchical Set Deci-sion Diagrams[CTM05].

As inSDDswe can also introduce a graphical notation for theIIPFs. Graphically, we represent an IIPFby a DAG (Directed Acyclic Graph). Each node of the graph and its outgoing edges represent a function. The node is labeled with the encoded relation’s domain name, and each outgoing edge is labeled with an element of the domain of the function, i.e., a subset of encoded relation’s domain. We can see an example of this notation in Section4.2.

Now, we have defined the latticeIIPFs, but as they are defined in Def.4.1.5their expressivity is limited. In fact, the lattice is only defined given a profile,i.e.,we cannot have IIPFs encode sets of heterogeneous n-ary relations, e.g., encode a n-ary and a (n+1)-ary relation in the sameIIPF. But this problem is easily solvable, we just have to create the union of the lattices, in a way that they stay lattices. In definition Def.4.2.3 we define such an union.

Definition 4.2.3 (Union of twoIIPFlattices) Given two IIPFlattices ∆D1,...,Dn(= L)

and ∆D01,...,D0m(= K) s.t. D1 ∩D01 = ∅and ∆D2,...,Dn ∩∆D02,...,D0m = ∅. The lattice of the

union of the two, noted L]K(= M), is the lattice defined ashM,∪M,∩M, 0 M, 1


The operations are defined as follows. Let L (resp. K) the carrier set ofL(resp. K), and f, f0 ∈L and g,g0 ∈K

• f ∪M f0 = f ∪ f0and g∪Mg0 =g∪g0, respectively for the∩M.

• f ∪Mg(x)=



f(x) ,if x ∈D1 g(x) ,if x ∈D01

• (f ∪Mg)∪M(f0Mg0)=(f ∪ f0)](g∪g0).

• f ∩M f0 = 0M, if f ∩ f0 = 0K, and g∩Mg0 = 0M, if g∩g0 = 0L

• f ∩Mg= 0M

• The carrier set is M = L\n




o∪ {f ∪Mg| f ∈K and g∈L} ∪n



The result of the the] operation is not an IIPFlattice to which we can assign a profile. For example, if we say that the type of the result is∆(P(D1∪D01),∆D2,...,Dn ]


2,...,D0m) we would be losing the association between domains and images, since we

4.3. Encoding Terms 35

Dans le document Symbolic model-checking with Set Rewriting (Page 50-54)