Kleene Algebra with Hypotheses
Abstract
We study the Horn theories of Kleene algebras and star continuous Kleene algebras, from the complexity point of view. While their equational theories coincide and are PSpacecomplete, their Horn theories differ and are undecidable. We characterise the Horn theory of star continuous Kleene algebras in terms of downward closed languages and we show that when restricting the shape of allowed hypotheses, the problems lie in various levels of the arithmetical or analytical hierarchy. We also answer a question posed by Cohen about hypotheses of the form \(1=S\) where S is a sum of letters: we show that it is decidable.
Keywords
Kleene algebra Hypotheses Horn theory Complexity1 Introduction
Kleene algebras [6, 10] are idempotent semirings equipped with a unary operation star such that \(x^*\) intuitively corresponds to the sum of all powers of x. They admit several models which are important in practice: formal languages, where \(L^*\) is the Kleene star of a language L; binary relations, where \(R^*\) is the reflexive transitive closure of a relation R; matrices over various semirings, where \(M^*\) can be used to perform flow analysis.
Because of their interpretation in the algebra of binary relations, Kleene algebras and their extensions have been used to reason abstractly about program correctness [1, 2, 9, 12, 15]. For instance, if two programs can be abstracted into two relational expressions \((R^*;S)^*\) and \(((R\cup S)^*;S)^=\), then we can deduce that these programs are equivalent by checking that the regular expression \((a^*b)^*\) and \((a+b)^*b+1\) denote the same language. This technique made it possible to automate reasoning steps in proof assistants [4, 16, 19].
In such a scenario, one often has to reason under assumptions. For instance, if we can abstract our programs into relational expressions \((R+S)^*\) and \(S^*;R^*\), then we can deduce algebraically that the starting programs are equal if we know that \(R;S=R\) (i.e., that S is a noop when executed after R). When doing so, we move from the equational theory of Kleene algebras to their Horn theory: we want to know whether a given set of equations, the hypotheses, entails another equation in all Kleene algebras. Unfortunately, this theory is undecidable in general [13]. In this paper, we continue the work initiated by Cohen [5] and pursued by Kozen [13], by characterising the precise complexity of new subclasses of this general problem.

when they are of the form \(e=0\) [5],

when they are of the form \(a\le 1\) for a a letter [5],

when they are of the form \(1=w\) or \(a=w\) for a a letter and w a word, provided that those equations seen as a word rewriting system satisfy certain properties [14, 18]; this includes equations like idempotency \((x=xx)\) or selfinvertibility \((1=xx)\).

when hypotheses are of the form \(S=1\) for S a sum of letters.
Conversely, Kozen also studied the precise complexity of various undecidable subclasses of the problem [13]. For those, one has to be careful about the precise definition of Kleene algebras. Indeed, these only form a quasivariety (their definition involves two implications), and one often consider \(*\)continuous Kleene algebras [6], which additionally satisfy an infinitary implication (We define these formally in Sect. 2). While the equational theory of Kleene algebras coincides with that of \(*\)continuous Kleene algebras, this is not the case for their Horn theories: there exist Horn sentences which are valid in all \(*\)continuous Kleene algebras but not in all Kleene algebras.
Kozen [13] showed for instance that when hypotheses are of the form \(pq=qp\) for pairs of letters (p, q), then validity of an implication in all \(*\)continuous Kleene algebras is \(\varPi ^0_1\)complete, while it is only known to be ExpSpacehard for plain Kleene algebras. In fact, for plain Kleene algebras, the only known negative result is that the problem is undecidable for hypotheses of the form \(u=v\) for pairs (u, v) of words (Kleene star plays no role in this undecidability result: this is just the word problem). We show that it is already undecidable, and in fact \(\varSigma ^0_1\)complete when hypotheses are of the form \(a\le S\) where a is a letter and S is a sum of letters. We use a similar encoding as in [13] to relate the Horn theories of \(\mathsf {KA}\) and \(\mathsf {KA}^*\) to runs of Turing Machines and alternating linearly bounded automata. This allows us to show that deciding whether an inequality \(w\le f\) holds where w is a word, in presence of sumofletters hypotheses, is EXPTIMEcomplete. We also refine the \(\varPi _1^1\)completeness result obtained in [13] for general hypotheses, by showing that hypotheses of the form \(a\le g\) where a is a letter already make the problem \(\varPi _1^1\)complete.
The first implication can be strengthened into an equivalence in a few cases, for instance when the regular expression e and the righthand sides of all hypotheses denote finite languages, or when hypotheses have the form \(1=S\) for S a sum of letters. We obtain decidability in those cases (Sect. 4).
Then we focus on cases where hypotheses are of the form \(a\le e\) for a a letter, and we show that most problems are already undecidable there. We do so by exploiting the characterisation in terms of downward closed languages to provide encodings of various undecidable problems on Turing machines, total Turing machines, and linearly bounded automata (Sect. 5).
Notations. We let a, b range over the letters of a finite alphabet \(\varSigma \). We let u, v, w range over the words over \(\varSigma \), whose set is written \(\varSigma ^*\). We write \(\epsilon \) for the empty word; uv for the concatenation of two words u, v; \({w}\) for the length of a word w. We write \(\varSigma ^+\) for the set of nonempty words. We let e, f, g range over the regular expressions over \(\varSigma \), whose set is written \(\mathsf {Exp}_{\varSigma }\). We write \([e]\) for the language of such a an expression e: \([e]\subseteq \varSigma ^*\). We sometimes implicitly regard a word as a regular expression. If X is a set, \(\mathcal {P}(X)\) (resp. \(\mathcal {P}_\mathrm {fin}(X)\)) is the set of its subsets (resp. finite subsets) and \({X}\) for its cardinality.
A long version of this extended abstract is available on HAL [8], with most proofs in appendix.
2 The Systems \(\mathsf {KA}\) and \(\mathsf {KA}^*\)
Definition 1
A hypothesis is an inequation of the form \(e\le f\), where e and f are regular expressions. If H is a set of hypotheses, and e, f are regular expressions, we write \(\mathsf {KA}_H\vdash e\le f\) (resp. \(\mathsf {KA}_H^*\vdash e\le f\)) if \(e\le f\) is derivable from the axioms and implications of \(\mathsf {KA}\) (resp. \(\mathsf {KA}^*\)) as well as the hypotheses from H. We omit the subscript when H is empty.
Note that the letters appearing in the hypotheses are constants: they are not universally quantified. In particular if \(H=\{aa\le a\}\), we may deduce \(\mathsf {KA}_H\vdash a^*\le a\) but not \(\mathsf {KA}_H\vdash b^*\le b\).
Languages over the alphabet \(\varSigma \) form a \(*\)continuous Kleene algebra, as well as binary relations over an arbitrary set.
In absence of hypotheses, provability in \(\mathsf {KA}\) is coincides with provability in \(\mathsf {KA}^*\) and with language inclusion:
Theorem 1
We call letter hypotheses any class of hypotheses where the lefthand side is a letter (the last four ones). In the rest of the paper, we study the following problem from a complexity point of view: given a set of Chypotheses H, where C is one of the classes listed above, and two expressions \(e,f\in \mathsf {Exp}_{\varSigma }\), can we decide whether \(\mathsf {KA}_H\vdash e \le f\) (resp. \(\mathsf {KA}_H^{*} \vdash e \le f\)) holds? We call it the problem of deciding \(\mathsf {KA}\) (resp. \(\mathsf {KA}^*\)) under Chypotheses.
3 Closure of Regular Languages
It is known that provability in \(\mathsf {KA}\) and \(\mathsf {KA}^*\) can be characterised by language inclusions (Theorem 1). In the presence of hypotheses, this is not the case anymore: we need to take the hypotheses into account in the semantics. We do so by using the following notion of downward closure of a language.
3.1 Definition of the Closure
Definition 2
Example 1
If \(H=\{ab\le ba\}\) then \(\mathrm {cl}_H([b^*a^*])=[(a+b)^*]\), while \(\mathrm {cl}_H([a^*b^*])=[a^*b^*]\).
In order to manipulate closures more conveniently, we introduce a syntactic object witnessing membership in a closure: derivation trees.
Definition 3
We write \(\vdash _{H,L}e\) if e is derivable in this proof system, i.e. if there is a wellfounded tree using these rules, with root e and all leaves labelled by words in L. Such a tree will be called a derivation tree for \([e]\subseteq \mathrm {cl}_H(L)\) (or \(e\in \mathrm {cl}_H(L)\) if e is a word).
Example 2
Derivation trees witness membership to the closure as shown by the following proposition.
Proposition 1
\([e]\subseteq \mathrm {cl}_H(L)\quad \text {iff} \quad \vdash _{H,L}e\).
(See [8, App. A] for a proof.)
3.2 Properties of the Closure Operator
We summarise in this section some useful properties of the closure. Lemma 1 shows in particular that the closure is idempotent, monotonic (both for the set of hypotheses and its language argument) and invariant by context application. Lemma 2 shows that internal closure operators can be removed in the evaluation of regular expressions. Those two lemmas are proved in [8, App. A].
Lemma 1
 1.
\(A\subseteq \mathrm {cl}_H(A)\)
 2.
\(\mathrm {cl}_H(\mathrm {cl}_H(A))=\mathrm {cl}_H(A)\)
 3.
\(A\subseteq B\) implies \(\mathrm {cl}_H(A)\subseteq \mathrm {cl}_H(B)\)
 4.
\(H\subseteq H'\) implies \(\mathrm {cl}_H(A)\subseteq \mathrm {cl}_{H'}(A)\)
 5.
\(\mathrm {cl}_H(A)\subseteq \mathrm {cl}_H(B)\) if and only if \(A\subseteq \mathrm {cl}_H(B)\).
 6.
\(A\subseteq \mathrm {cl}_H(B)\) implies \(UAV\subseteq \mathrm {cl}_H(UBV)\).
Lemma 2
 1.
\(\mathrm {cl}_H(A+B)=\mathrm {cl}_H(\mathrm {cl}_H(A)+\mathrm {cl}_H(B))\),
 2.
\(\mathrm {cl}_H(AB)=\mathrm {cl}_H(\mathrm {cl}_H(A)\mathrm {cl}_H(B))\),
 3.
\(\mathrm {cl}_H(A^*)=\mathrm {cl}_H(\mathrm {cl}_H(A)^*)\)
3.3 Relating Closure and Provability in \(\mathsf {KA}_H\) and \(\mathsf {KA}_H^*\)
We show that provability in \(\mathsf {KA}^*\) can be characterized by closure inclusions. In \(\mathsf {KA}\), provability implies closure inclusions but the converse is not true in general.
Theorem 2
Proof
We write \(\le \) for the inequality induced by \(\oplus \) in \(F_{H,\varSigma }\): \(X\le Y\) if \(X\oplus Y=Y\).
Lemma 3
Open image in new window is a \(*\)continuous Kleene algebra. The inequality \(\le \) of \(F_{H,\varSigma }\) coincides with inclusion of languages.
Proof
By Lemma 2, the function Open image in new window is a homomorphism. We show that \(F_{H,\varSigma }\) is a \(*\)continuous Kleene algebra. First, identities of \(\mathsf {Lang}_{\varSigma }=(\mathcal {P}(\varSigma ^*),+,\cdot ,*)\) are propagated through the morphism \(\mathrm {cl}_H\), so only Horn formulas defining \(*\)continuous Kleene algebras remain to be verified. It suffices to prove that \(F_{H,\varSigma }\) satisfies the \(*\)continuity implication, because the implication \(xy\le y\rightarrow x^*y\le y\) and its dual can be deduced from it. Let \(A,B,C\in F_{H,\varSigma }\) such that for all \(i\in \mathbb N\), Open image in new window , where Open image in new window . By Lemma 2, Open image in new window , so we have \(\mathrm {cl}_H(A B^i C)\le D\), and in particular \(A B^i C\le D\) for all i. By \(*\)continuity of \(\mathsf {Lang}_{\varSigma }\), we obtain \(A B^* C\le D\). By Lemma 1 and using \(D=\mathrm {cl}_H(D)\), we obtain \(\mathrm {cl}_H(A B^* C)\le D\) and finally by Lemma 2, Open image in new window . This achieves the proof that \(F_{H,\varSigma }\) is a \(*\)continuous Kleene algebra.
Let \(A,B\in \mathsf {CReg}_{H,\varSigma }\). We have \(A\le B\Leftrightarrow A\oplus B=B \Leftrightarrow \mathrm {cl}_H(A+B)=B \Leftrightarrow A\subseteq B\). Finally, if \(e\le f\) is a hypothesis from H, then we have \(\mathrm {cl}_H{[e]}\subseteq \mathrm {cl}_H([f])\), so the hypothesis is verified in \(F_{H,\varSigma }\). \(\square \)
The implications \(\mathsf {KA}_H^{(*)}\vdash e\le f \Rightarrow [e]\subseteq \mathrm {cl}_H(f)\) follow from the fact that if an inequation \(e\le f\) is derivable in \(\mathsf {KA}_H\) (resp. \(\mathsf {KA}_H^*\)) then it is true in every model, in particular in the model \(F_{H,\varSigma }\), thus \(\mathrm {cl}_H([e])\subseteq \mathrm {cl}_H([f])\) or, equivalently. \([e]\subseteq \mathrm {cl}_H([f])\).
Let us prove that for any regular expressions e, f, if \([e]\subseteq \mathrm {cl}_H([f])\) then \(\mathsf {KA}_H^*\vdash e\le f\). Let e, f be two such expressions and let T be a derivation tree for \([e]\subseteq \mathrm {cl}_H([f])\), i.e. witnessing \(\vdash _{H,L}e\le f\). We show that we can transform this tree T into a proof tree in \(\mathsf {KA}_H^*\). The extension rule is an occurrence of [8, App. A, Lem. 12]. Finally, the hypothesis rule is also provable in \(\mathsf {KA}_H^*\), using the hypothesis \(e\le f\) together with compatibility of \(\le \) with concatenation, and completeness of \(\mathsf {KA}^*\) for membership of \(u\in [e]\). We can therefore build from the tree T a proof in \(\mathsf {KA}_H^*\) witnessing \(\mathsf {KA}_H^*\vdash e\le f\). \(\square \)
When we restrict the shape of the expression e to words, and hypotheses to \((w\le \sum w)\)hypotheses, we get the implication missing from Theorem 2.
Proposition 2
Proof
Our inductive assumption is that \(\mathsf {KA}_H\vdash uw_iv\le f\) for all i, thus \(\mathsf {KA}_H\vdash \sum _iuw_iv\le f\). We also have \(\mathsf {KA}_H\vdash w \le (\sum _iw_i)\) hence \(\mathsf {KA}\vdash w\le f\) by distributivity. \(\square \)
4 Decidability of \(\mathsf {KA}\) and \(\mathsf {KA}^*\) with (\(1=\sum x\))Hypotheses
In this section, we answer positively the decidability problem of \(\mathsf {KA}_H\), where H is a set of (\(1=\sum x\))hypotheses, posed by Cohen [5]:
Theorem 3
If H is a set of \((1=\sum x)\)hypotheses, then \(\mathsf {KA}_H\) is decidable.
 (P1)
\(\mathsf {KA}_H\vdash e\le f\) if and only if \( [e]\subseteq \mathrm {cl}_H([f])\).
 (P2)
\(\mathrm {cl}_H([f])\) is regular and we can compute effectively an expression for it.
Decidability of \(\mathsf {KA}_H\) follows immediately from (P1) and (P2), since it amounts to checking language inclusion for two regular expressions.
To show (P1) and (P2), it is enough to prove the following result:
Theorem 4
Let H be a set of \((1=\sum x)\)hypotheses and let f be a regular expression. The language \(\mathrm {cl}_H([f])\) is regular and we can compute effectively an expression c such that \([c]=\mathrm {cl}_H([f])\) and \(\mathsf {KA}_H\vdash c\le f\).
(P2) follows immediately from Theorem 4. To show (P1), it is enough to prove that \([e]\subseteq \mathrm {cl}_H([f])\) implies \(\mathsf {KA}_H\vdash e\le f \), since the other implication is always true (Theorem 2). Let e, f such that \([e]\subseteq \mathrm {cl}_H([f])\). If c is the expression given by Theorem 4, we have \(\mathsf {KA}_H\vdash c \le f\) and \([e]\subseteq [c]\) so by Theorem 1 \(\mathsf {KA}\vdash e \le c\), and this concludes the proof.
To prove Theorem 4, we first show that the closure of (\(1=\sum x\))hypotheses can be decomposed into the closure of (\( x\le 1\))hypotheses followed by the closure of (\(1\le \sum x\))hypotheses:
Proposition 3
(Decomposition result). Let \(H=\{1=S_j \mid j\in J\}\) be a set of \((1=\sum x)\)hypotheses.
We set \(H_{ sum }=\{1\le S_j \mid j\in J\}\) and \(H_{ id }=\{a\le 1 \mid a\in [S_j], j\in J\}\). For every language \(L\subseteq \varSigma ^*\), we have \( \mathrm {cl}_H(L)=\mathrm {cl}_{H_{ sum }}(\mathrm {cl}_{H_{ id }}(L))\).
Sketch. We show that rules from \(H_{ id }\) can be locally permuted with rules of \(H_{ sum }\) in a derivation tree. This allows to compute a derivation tree where all rules from \(H_{ id }\) occur after (i.e. closer to leaves than) rules from \(H_{ sum }\). \(\square \)
Now, we will show results similar to Theorem 4, but which apply to (\(x\le 1\))hypotheses and (\(1\le \sum x\))hypotheses (Propositions 5 and 6 below). To prove Theorem 4, the idea is to decompose H into \(H_{ id }\) and \(H_{ sum }\) using the decomposition property Proposition 3, then applying Propositions 5 and 6 to \(H_{ id }\) and \(H_{ sum }\) respectively.
To show these two propositions, we make use of a result from [7]:
Definition 4

\(\mathsf {KA}_H\vdash 1\le \varphi (q)\) whenever \(q\in F\),

\(\mathsf {KA}_H\vdash a \varphi (r) \le \varphi (q)\) for all transitions \((q, a, r)\in \varDelta \).
We set \(\varphi ^\mathcal {A}=\varphi (\iota )\).
Proposition 4
Proposition 5
Let H be a set of \((x\le 1)\)hypotheses and let f be a regular expression. The language \(\mathrm {cl}_H([f])\) is regular and we can compute effectively an expression c such that \([c]=\mathrm {cl}_H([f])\) and \(\mathsf {KA}_H\vdash c\le f\).
Proof
Let \(K=\mathrm {cl}_{H}([f])\) and \(\varGamma =\{a\mid (a\le 1)\in H\}\), we show that K is regular. If \(\mathcal {A}\) is a NFA for f, a NFA \(\mathcal {A}_ id \) recognizing K can be built from \(\mathcal {A}\) by adding a \(\varGamma \)labelled loop on every state. It is straightforward to verify that the resulting NFA recognizes K, by allowing to ignore any letter from \(\varGamma \).
For every \(q\in Q\), let \(f_q\) be a regular expression such that \([f_q]=[q]_\mathcal {A}\), where \([q]_\mathcal {A}\) denotes the language accepted from q in \(\mathcal {A}\). Let \(\varphi :Q \rightarrow \mathsf {Exp}_{\varSigma }\) which maps each state q of \(\mathcal {A}_ id \) (which is also a state of \(\mathcal {A}\)) to \(\varphi (q)=f_q\). Let us show that \(\varphi \) is Hcompatible with \(\mathcal {A}\). If \(q\in F\), then \(1\in [f_q]\), so by completeness of \(\mathsf {KA}\), we have \(\mathsf {KA}\vdash 1\le f_q\). Let (p, a, q) be a transition of \(\mathcal {A}_ id \). Either \((p,a,q)\in \varDelta \), in which case we have \(a[f_q]\subseteq [f_p]\), and so by Theorem 1 \(\mathsf {KA}\vdash af_q\le f_p\). Or \(p=q\) (this transition is a loop that we added). Then \(\mathsf {KA}_H\vdash a\le 1\), so \(\mathsf {KA}_H\vdash af_p\le f_p\), and this concludes the proof.
By Proposition 4, we can now construct a regular expression c which satisfies the desired properties. \(\square \)
Definition 5
Remark 1
If H is a set of \((x\le 1)\)hypothesis, and \(\varGamma =\{a\mid (a\le 1)\in H\}\), then \(\mathrm {cl}_H(L)\) is \(\varGamma \)closed for every language L.
Proposition 6
Let H be a set of \((1\le \sum x)\)hypotheses and let f be a regular expression whose language is Hclosed. The language \(\mathrm {cl}_H([f])\) is regular and we can compute effectively an expression c such that \([c]=\mathrm {cl}_H([f])\) and \(\mathsf {KA}_H\vdash c\le f\).
Proof
We set \(L=[f]\), \(H=\{1\le S_j\mid j\in J\}\) and \(\varGamma =\{a\mid a\in [S_j], j\in J \}\).

\(\mathrm {cl}_H(L)\) is obtained from \(L_\sharp \) by erasing the symbols \(\sharp _j\).

\(L_\sharp \) is regular.
Since the operation that erases letters preserves regularity, we obtain as a corollary that \(\mathrm {cl}_H(L)\) is regular.
Let us now introduce more precisely the language \(L_\sharp \) and show the properties that it satisfies. Let \(\varTheta _\sharp =\{\sharp _j \mid j\in J\}\) be a set of new letters and \(\varSigma _\sharp =\varSigma \cup \varTheta _\sharp \) be the alphabet \(\varSigma \) enriched with these new letters.
Lemma 4
We have \(L_\sharp =\mathrm {cl}_{H_\sharp }(L)\). In particular \(L_\sharp \) is \(\varTheta _\sharp \)closed.
See App. B for a detailed proof of Lemma 4.
Lemma 5
\(\mathrm {cl}_{H}(L)=\pi (L_\sharp )\).
Proof
If \(u\in \pi (L_\sharp )\), let \(v\in L_\sharp \) such that \(u=\pi (v)\). By Lemma 4, there is a derivation tree \(T_v\) for \(v\in \mathrm {cl}_{H_\sharp }(L)\). Erasing all occurrences of \(\sharp _j\) in \(T_v\) yields a derivation tree for \(u\in \mathrm {cl}_{H}(L)\).
Conversely, if \(u\in \mathrm {cl}_{H}(L)\) is witnessed by some derivation tree \(T_u\), we show by induction on \(T_u\) that there exists \(v\in L_\sharp \cap \pi ^{1}(u)\). If \(T_u\) is a single leaf, we have \(u\in L\), and therefore it suffices to take \(v=u\).
Otherwise, the rule applied at the root of \(T_u\) partitions u into \(u=wz\), and has premises \(\{wbz\mid b\in [S_j]\}\) for some \(j\in J\) and \(w,z\in \varSigma ^*\). By induction hypothesis, for all \(b\in [S_j]\), there is \(v_b\in L_\sharp \cap \pi ^{1}(wbz)\). Let \(w=w_1\dots w_{n}\) and \(z=z_1\dots z_m\) be the decompositions of w, z into letters of \(\varSigma \). By definition of \(\pi \), for all \(b\in [S_j]\), \(v_b\) can be written \(v_b=\alpha _{b,1}w_1\alpha _{b,2}w_2\dots w_{n}\alpha _{b,n} b\alpha _{b,n+1}z_1\alpha _{b,n+2}\dots z_{m}\alpha _{b,n+m+3}\), with \(\alpha _{b,0}\dots \alpha _{b,n+m+3}\in (\varTheta _\sharp )^*\). For each \(k\in [0,n+m+3]\), let \(\alpha _k=\varPi _{b\in [S_j]} \alpha _{b,k}\). Let \(w'=\alpha _{0}w_1\alpha _1\dots w_{n}\alpha _{n+1}\) and \(z'=\alpha _{n+2}z_1\alpha _{n+3}\dots z_{m}\alpha _{n+m+3}\). By Lemma 4, \(L_\sharp \) is \(\varTheta _\sharp \)closed, so for each \(b\in [S_j]\) the word \(v_b'=w'bz'\) is in \(L_\sharp \), since \(v_b'\) is obtained from \(v_b\) by adding letters from \(\varTheta _\sharp \). We can finally build \(v=w'\sharp _j z'\). We have \( exp (v)=\bigcup _{b\in [S_j]} exp (v_b')\subseteq L\), and \(\pi (v)=\pi (w')\pi (z')=wz=u\). \(\square \)
Lemma 6
\(L_\sharp \) is a regular language, computable effectively.
Sketch. From a DFA \(\mathcal {A}=(\varSigma ,Q,q_0,F,\delta )\) for for L, we first build a DFA \(\mathcal {A}_\wedge =(\varSigma ,\mathcal {P}(Q),q_0,\mathcal {P}(F),\delta _\wedge )\), which corresponds to a powerset construction, except that accepting states are \(\mathcal {P}(F)\). This means that the semantic of a state P is the conjunction of its members. We then build \(\mathcal {A}_\sharp =(\varSigma ,\mathcal {P}(Q),q_0,\mathcal {P}(F),\delta _\sharp )\) based on \(\mathcal {A}_\wedge \), which can additionally read letters of the form \(\sharp _j\), by expanding them using the powerset structure of \(\mathcal {A}_\wedge \). \(\square \)
Lemma 7
We can construct a regular expression c such that \([c]=\mathrm {cl}_H(L)\) and \(\mathsf {KA}_H\vdash c\le f\).
Proof
Let \(\mathcal {A}_\sharp \) be the DFA constructed for \(L_\sharp \) in the proof of Lemma 6. We will use the notations of this proof in the following.
Let \(\pi (\mathcal {A}_\sharp )=(\varSigma ,\mathcal {P}(Q),q_0,\mathcal {P}(F),\pi (\delta _\sharp ))\) be the NFA obtained from \(\mathcal {A}_\sharp \) by replacing every transition \(\delta _\sharp (P,\sharp _j)=R\), where \(j\in J\), by a transition \(\pi (\delta _\sharp )(P,\epsilon )=R\). By Lemma 5, the automaton \(\pi (\mathcal {A}_\sharp )\) recognizes the language \(\mathrm {cl}_H(L)\). Let us construct a regular expression c for this automaton such that \(\mathsf {KA}_H\vdash c\le f\).
For every \(P\in \mathcal {P}(Q)\), let \(f_P\) be a regular expression such that \([f_P]=[P]_{\mathcal {A}_\wedge }\).
Let \(\varphi :\mathcal {P}(Q) \rightarrow \mathsf {Exp}_{\varSigma }\) be the function which maps each state P of \(\pi (\mathcal {A}_{\sharp })\) to \(\varphi (P)=f_P\). Let us show that \(\varphi \) is Hcompatible.
If \(P\in \mathcal {P}(F)\), then P is a final state of \(\mathcal {A}_\wedge \), so \(1\in [f_P]\), and by completeness of \(\mathsf {KA}\), \(\mathsf {KA}\vdash 1\le f_P\). Let \((P,a,R)\in \pi (\varDelta _{\sharp })\). Either \(a\in \varSigma \), so \((P,a,R)\in \varDelta _\wedge \) and \(a[f_R]\subseteq [f_P]\), so by Theorem 1 \(\mathsf {KA}\vdash af_R\le f_P\). Or \(a=\epsilon \) so there is \(j\in J\) such that \((P,\sharp _j,R)\in \varDelta _\sharp \). This means that \(R=\cup _{b\in [S_j]} R_b\) where \(\delta _\wedge (P,b)=R_b, \forall b\in [S_j]\). We have then that \(b[f_{R_b}]\subseteq [f_P]\) for all \(b\in [S_j]\). Note that for all \(b\in [S_j]\), \(R_b\subseteq R\), so \([f_R]\subseteq [f_{R_b}]\) and then \(S_j[f_R]\subseteq [f_P]\). By Theorem 1 \(\mathsf {KA}\vdash S_jf_R\le f_P\). We have also that \(\mathsf {KA}_H\vdash \sharp _j \le S_j\), so \(\mathsf {KA}_H\vdash \sharp _jf_R\le f_P\).
By Proposition 4, we can construct the desired regular expression c. \(\square \)
5 Complexity Results for Letter Hypotheses
In this section, we give a recursiontheoretic characterization of \(\mathsf {KA}_H\) and \(\mathsf {KA}_H^*\) where H is a set of letter hypotheses or (\(w\le \sum w\))hypotheses. In all the section, by “deciding \(\mathsf {KA}_H^{(*)}\)” we mean deciding whether \(\mathsf {KA}_H^{(*)}\vdash e\le f\), given e, f, H as input.
Theses various complexity classes will be obtained by reduction from some known problems concerning Turing Machines (TM) and alternating linearly bounded automata (LBA), such as halting problem and universality.
To obtain these reductions, we build on a result which bridges TMs and LBAs on one hand and closures on the other: the set of coreachable configurations of a TM (resp. LBA) can be seen as the closure of a wellchosen set of hypotheses.
We present this result in Sect. 5.1, and show in Sect. 5.2 how to instantiate it to get our complexity classes.
5.1 Closure and Coreachable States of TMs and LBAs
Definition 6
An alternating Turing Machine over \(\varSigma \) is a tuple \(\mathcal {M}= (Q, Q_F, \varGamma , \iota , B, \varDelta )\) consisting of a finite set of states Q and final states \(Q_F\subseteq Q\), a finite set of states Q, a finite working alphabet \(\varGamma \supseteq \varSigma \), an initial state \(\iota \in Q\), \(B\in \varGamma \) the blank symbol and a transition function \(\varDelta : (Q\setminus Q_F) \times \varGamma \rightarrow \mathcal {P}(\mathcal {P}(\{L,R\}\times \varGamma \times Q))\). Let \(\#_L, \#_R\notin \varGamma \) be fresh symbols to mark the ends of the tape, and \(\varGamma _\#=\varGamma \cup \{ \#_L, \#_R\}\).
A configuration is a word \(uqav=\#_L\varGamma ^* Q \varGamma ^+\#_R\), where \(\#_L\) and \(\#_R\) are special symbols not in \(\varGamma \), meaning that the head of the TM points to the letter a. We denote by C the set of configurations of \(\mathcal {M}\). A configuration is final if it is of the form \(\#_L\varGamma ^* Q_F\varGamma ^+\#_L\).
The execution of the TM \(\mathcal {M}\) over input \(w \in \varSigma \) may be seen as a gamelike scenario between two players \(\exists \mathrm {loise}\) and \(\forall \mathrm {belard}\) over a graph \(C \sqcup (C \times \mathcal {P}(\{L,R\}\times \varGamma \times Q))\), with initial position \(\iota w \) which proceeds as follows.

over a configuration uqav with \(a \in \varGamma \), \(u,v \in \varGamma _\#^*\), \(\exists \mathrm {loise}\) picks a transition \(X \in \varDelta (q,a)\) to move to position (uqav, X)
 over a position (uqav, X) with \(a \in \varGamma \), \(u,v \in \varGamma ^*\), \(\forall \mathrm {belard}\) picks a triple \((d,c,r) \in X\) to move in configuration

\(ucrB\#_R\) if \(v = \#_R\) and \(d = R\)

ucrv if \(v \ne \#_R\) and \(d = R\)

\(\#_LrBcv\) if \(u = \#_L\) and \(d = L\)

\(u'rbcv\) if \(u = \#_Ru'b\) and \(d = L\)

Given a subset of configurations \(D \subseteq C\), we define \(\mathrm {Attr}^{\exists \mathrm {loise}}(D)\) the \(\exists \mathrm {loise}\) attractor for D as the set of configurations from which \(\exists \mathrm {loise}\) may force the execution to go through D.
A deterministic TM \(\mathcal {M}\) is one where every \(\varDelta (q,a) \subseteq \{ \{(d,c,r) \}\}\) for some \((d,c,r) \in \{L,R\}\times \varGamma \times Q\) In such a case, we may identify \(\mathcal {M}\) with the underlying partial function \([\mathcal {M}] : \varSigma ^* \rightharpoonup Q_F\).
An alternating linearly bounded automaton over the alphabet \(\varSigma \) is a tuple \(\mathcal {A}= (Q, Q_F, \varGamma , \iota , \varDelta )\) where \((Q, Q_F, \varGamma \sqcup \{B\}, \iota , B, \varDelta )\) is a TM that does not insert \(B\) symbols. This means that the head can point to \(\sharp _d\), and for every \(X \in \varDelta (q, \#_{d})\) and \((d', a, r) \in X\), we have \(d \ne d'\) and \(a=\#_{d}\).
An LBA is deterministic if its underlying TM is.
Definition 7
A set of \((w\le \sum w)\)hypotheses is said to be lengthpreserving if for every \((v\le \sum _{i\in I} v_i)\in H\), we have that \(v=v_i\) for all \(i\in I\).
The following lemma generalizes a similar construction from [13].
Lemma 8
For every TM \(\mathcal {M}\) of working alphabet \(\varGamma \), there exists a set of (\(w\le \sum w\))hypotheses \(H_\mathcal {M}\) over the alphabet \(\varTheta = Q \cup \varGamma \) such that, for any set of configurations \(D \subseteq C\) we have that: \(\mathrm {cl}_{H_\mathcal {A}}(D) = \mathrm {Attr}^{\exists \mathrm {loise}}(D)\). Furthermore, this reduction is polytime computable, and \(H_\mathcal {A}\) is lengthpreserving if \(\mathcal {M}\) is an LBA.
A configuration c is coreachable if \(\exists \mathrm {loise}\) has a strategy to reach a final configuration from c. Lemma 8 shows that the set of coreachable configurations can be seen as the closure by (\(w\le \sum w\))hypotheses. Since we are also interested in (\(x\le \sum x\))hypotheses, we will show that (\(w\le \sum w\)) hypotheses can be transformed into letter hypotheses. Moreover, this transformation preserves the lengthpreserving property.
Theorem 5

\((\varSigma ', H',h)\) can be computed in polynomial time from \((\varSigma , H)\).

\(H'\) is lengthpreserving whenever H is.
5.2 Complexity Results
Lemma 9
If H is a set of lengthpreserving (\(w\le \sum w\))hypotheses (resp. a set of (\(x\le \sum x\))hypotheses), \(w\in \varSigma ^*\) and \(f \in \mathsf {Exp}_{\varSigma }\), deciding \(\mathsf {KA}_H\vdash w \le f\) is \(\mathrm {EXPTIMEcomplete}\).
Proof
We actually show that our problem is complete in alternating\(\mathrm {PSPACE}\) (\(\mathrm {APSPACE}\)), which enables us to conclude as \(\mathrm {EXPTIME}\) and \(\mathrm {APSPACE}\) coincide. First, notice that by completeness of \(\mathsf {KA}_H\) over this fragment (Proposition 2), we have \(\mathsf {KA}_H\vdash w \le f \Leftrightarrow w \in \mathrm {cl}_H([f])\). Hence, we work directly with the latter notion. It suffices to show hardness for the (\(x\le \sum x\)) case and membership for the (\(w\le \sum w\)) case.
Given an arbitrary alternating Turing Machine \(\mathcal {M}\) in \(\mathrm {APSPACE}\) there exists a polynomial \(p \in \mathbb N[X]\) such that executions of \(\mathcal {M}\) over words w are bisimilar to executions of the \(\mathrm {LBA}(\mathcal {M})\) over \(wB^{p({w})}\). Hence, by Lemma 8 and Theorem 5, the problem with (\(x\le \sum x\))hypotheses is \(\mathrm {APSPACE}\)hard. Conversely, we may show that our problem with (\(w\le \sum w\))hypotheses falls into \(\mathrm {APSPACE}\). On input w, the alternating algorithm first checks whether \(w \in [f]\) in linear time. If it is the case, it returns “yes”. Otherwise, it nondeterministically picks a factorization \(w = uxv\) with \(x \in \varSigma ^*\) and a hypothesis \(x \le \sum _i y_i\). It then universally picks \(y_i\in \varSigma ^{x}\), and replaces x by \(y_i\) on the tape, so that the new tape content is \(w' = uy_iv\). Then the algorithm loops back to its first step. In parallel, we keep track of the number of steps and halt by returning “no” as soon as we reach \({\varSigma }^{w}\) steps. This is correct because, if there is a derivation tree witnessing \(w \in \mathrm {cl}_H([f])\), there is one where on every path, all nodes have distinct labels, so the nondeterministic player can play according to this tree, while the universal player selects a branch. \(\square \)
Theorem 6
Deciding \(\mathsf {KA}_H^*\) is \(\varPi ^0_1\mathrm {complete}\) for (\(x\le \sum x\))hypotheses.
Proof
By Lemma 9 and the fact that regular expressions are in recursive bijection with natural numbers, our set is clearly \(\varPi ^0_1\). To show completeness, we effectively reduce the set of universal LBAs, which is known to be \(\varPi ^0_1\mathrm {complete}\), to our set of triples. Indeed, by Lemma 8, an LBA \(\mathcal {A}\) is universal if and only if \(\#_L\{\iota \} \varSigma ^*\#_R\subseteq \mathrm {cl}_H(C_F)\) where \(C_F\) is the set of final configurations. \(\square \)
Theorem 7
If H is a set of (\(x\le \sum w\))hypotheses, \(w\in \varSigma ^*\) and \(f \in \mathsf {Exp}_{\varSigma }\), deciding \(\mathsf {KA}_H^{(*)} \vdash w \le f\) is \(\varSigma ^0_1\mathrm {complete}\).
Proof
As \(\mathsf {KA}_H\) is a recursively enumerable theory, our set is \(\varSigma ^0_1\). By the completeness theorem (Proposition 2), we have \(\mathsf {KA}_H\vdash w \le f \Leftrightarrow \mathsf {KA}_H^*\vdash w \le f \Leftrightarrow w \in \mathrm {cl}_H([f])\), so we may work directly with closure. In order to show completeness, we reduce the halting problem for Turing machines (on empty input) to this problem. Let \(\mathcal {M}\) be a Turing machine with alphabet \(\varSigma \) and final state \(q_f\), and \(H_\mathcal {M}\) be the set of (\(w\le \sum w\))hypotheses given effectively by Lemma 8. Let \(f=\varSigma ^*q_f\varSigma ^*\), by Lemma 8 we have \(\mathcal {M}\) halts on empty input if and only if \(q_0\in \mathrm {cl}_{H_\mathcal {M}}(f)\). Notice that hypotheses of \(H'\) are of the form \(u\le V\) where \(u\in \varTheta ^3\) and \(V\subseteq \varTheta ^3\). By Theorem 5, we can compute a set \(H'\) of (\(x\le \sum x\))hypotheses, and an expression h on an extended alphabet such that \(q_0\in \mathrm {cl}_{H_\mathcal {M}}([f])\Leftrightarrow q_0\in \mathrm {cl}_{H'}([f+h])\). \(\square \)
Theorem 8
Deciding \(\mathsf {KA}_H^*\) is \(\varPi ^0_2\mathrm {complete}\) for (\(x\le \sum w\))hypotheses.
Proof
This set is \(\varPi ^0_2\) by Theorem 7. It is complete by reduction from the set of Turing Machines accepting all inputs, which is known to be \(\varPi ^0_2\). Indeed, let \(\mathcal {M}\) be a Turing Machine on alphabet \(\varSigma \) with final state \(q_f\), by Lemma 8, we can compute a set of (\(w\le \sum w\))hypotheses \(H_\mathcal {M}\) with finite language in second components such that \(c\in \mathrm {cl}_{H_\mathcal {M}}(c')\) if and only if configuration \(c'\) is reachable from c. As before, by Theorem 5, we can compute a set of letter hypotheses \(H'\) with finite languages in second components, and a regular expression h on an extended alphabet, such that for any \(\mathrm {cl}_{H'}([f+h])\cap \varTheta ^*=\mathrm {cl}_{H}([f])\) for any \(f\in \mathsf {Exp}_{\varTheta }\). Let \(C_f=\varSigma ^*q_f\varSigma ^*\), we obtain that \(\mathcal {M}\) accepts all inputs if and only if \([q_0\varSigma ^*]\subseteq \mathrm {cl}_{H'}([C_f+h])\), which achieves the proof of \(\varPi ^0_2\)completeness. \(\square \)
Theorem 9
Deciding \(\mathsf {KA}_H^*\) is \(\varPi ^1_1\mathrm {complete}\) for \((x\le g)\)hypotheses (\(g\in \mathsf {Exp}_{\varSigma }\)).
Sketch. It is shown in [13] that the problem is complete with hypotheses of the form \(H=H_w\cup \{x\le g\}\), where \(H_w\) is a set of lengthpreserving (\(w\le \sum w\)) hypotheses. A slight refinement of Theorem 5 allows us to reduce this problem to hypotheses of the form \(x\le g\). \(\square \)
5.3 Undecidability of \(\mathsf {KA}_H\) for Sums of Letters
Fix an alphabet \(\varSigma \), a wellbehaved coding function \(\lceil \cdot \rceil \) of Turing machines with final states \(\{0,1\}\) into \(\varSigma ^*\) and a recursive pairing function \(\langle \cdot , \cdot \rangle : \varSigma ^* \times \varSigma ^* \rightarrow \varSigma ^*\). A universal total \(F : \varSigma ^* \rightarrow \{0,1\}\) is a function such that, for every total Turing machine \(\mathcal {M}\) and input \(w \in \varSigma ^*\) we have \(F(\langle \lceil \mathcal {M} \rceil ,w \rangle ) = [M](w)\). In particular, F should be total and is not uniquely determined over codes of partial Turing machines. The next folklore lemma follows from an easy diagonal argument.
Lemma 10
There is no universal total Turing machine.
Our strategy is to show that decidability of \(\mathsf {KA}_H\) with \((x\le \sum x)\) hypotheses would imply the existence of a universal total TM. To do so, we need one additional lemma.
Lemma 11
Suppose that \(\mathcal {M}=(Q, Q_F, \varGamma , \iota , B, \varDelta )\) is a total Turing machine with final states \(\{0,1\}\) and initial state \(\iota \). Let \(w\in \varSigma ^*\) be an input word for \(\mathcal {M}\).
Then there is effectively a set of lengthpreserving (\(w\le \sum w\))hypotheses H and expressions \(e_w,h\) such that \([\mathcal {M}](w) = 1\) if and only if \(\mathsf {KA}_{H} \vdash e_w\le h\).
Theorem 10
\(\mathsf {KA}_H\) is undecidable for (\(x\le \sum x\))hypotheses.
Proof
Assume that \(\mathsf {KA}_H\) is decidable. This means that we have an algorithm \(\mathcal {A}\) taking tuples \((\varSigma ,w,f,H)\), with H consisting only of sumofletters hypotheses and returning true when \(\mathsf {KA}_H\vdash w \le f\) and false otherwise. Without loss of generality, we can assume that \(\mathcal {A}\) is total. By Theorem 5, we may even provide an algorithm \(\mathcal {A}'\) taking as input tuples (w, f, H) where H is a set of lengthpreserving (\(w\le \sum w\))hypotheses with a similar behaviour: \(\mathcal {A}'\) returns true when \(\mathsf {KA}_H\vdash w \le f\) and false otherwise.
Given \(\mathcal {A}'\), consider \(\mathcal {M}\) defined so that \([\mathcal {M}](\lceil \mathcal {N} \rceil ,w) = [\mathcal {A}'](e_w, h, H)\), where the last tuple is given by Lemma 11. We show that \(\mathcal {M}\) is a total universal Turing machine. Since such a machine cannot exist by Lemma 10, this is enough to conclude. Since \(\mathcal {A}'\) is total, so is \(\mathcal {M}\). For total Turing Machines \(\mathcal {N}\), Lemma 11 guarantees that \([\mathcal {N}](w) = 1\) if and only if \([\mathcal {A}'](e_w, h, H) = [\mathcal {M}](\lceil \mathcal {N} \rceil ,w) = 1\). Since both \([\mathcal {A}']\) and \([\mathcal {M}]\) are total with codomain \(\{0,1\}\), we really have \([\mathcal {M}](\lceil \mathcal {N} \rceil ,w) = [\mathcal {N}](w)\). \(\square \)
References
 1.Anderson, C.J., et al.: NetKAT: semantic foundations for networks. In: Proceedings of the POPL, pp. 113–126. ACM (2014). https://doi.org/10.1145/2535838.2535862
 2.Angus, A., Kozen, D.: Kleene algebra with tests and program schematology. Technical report TR20011844, CS Dpt., Cornell University, July 2001. http://hdl.handle.net/1813/5831
 3.Boffa, M.: Une remarque sur les systèmes complets d’identités rationnelles. Informatique Théorique et Applications 24, 419–428 (1990). http://archive.numdam.org/article/ITA19902444190.pdfMathSciNetCrossRefGoogle Scholar
 4.Braibant, T., Pous, D.: An efficient Coq tactic for deciding Kleene algebras. In: Kaufmann, M., Paulson, L.C. (eds.) ITP 2010. LNCS, vol. 6172, pp. 163–178. Springer, Heidelberg (2010). https://doi.org/10.1007/9783642140525_13CrossRefGoogle Scholar
 5.Cohen, E.: Hypotheses in Kleene algebra. Technical report, Bellcore, Morristown, N.J. (1994). http://www.researchgate.net/publication/2648968_Hypotheses_in_Kleene_Algebra
 6.Conway, J.H.: Regular Algebra and Finite Machines. Chapman and Hall, London (1971)zbMATHGoogle Scholar
 7.Das, A., Doumane, A., Pous, D.: Lefthanded completeness for Kleene algebra, via cyclic proofs. In: Proceedings of the LPAR. EPiC Series in Computing, vol. 57, pp. 271–289. EasyChair (2018). https://doi.org/10.29007/hzq3
 8.Doumane, A., Kuperberg, D., Pous, D., Pradic, P.: Kleene algebra with hypotheses. Full version of this extended abstract (2019). https://hal.archivesouvertes.fr/hal02021315
 9.Hoare, C.A.R.T., Möller, B., Struth, G., Wehrman, I.: Concurrent Kleene algebra. In: Bravetti, M., Zavattaro, G. (eds.) CONCUR 2009. LNCS, vol. 5710, pp. 399–414. Springer, Heidelberg (2009). https://doi.org/10.1007/9783642040818_27CrossRefGoogle Scholar
 10.Kleene, S.C.: Representation of events in nerve nets and finite automata. In: Automata Studies, pp. 3–41. Princeton University Press (1956). http://www.rand.org/pubs/research_memoranda/2008/RM704.pdf
 11.Kozen, D.: A completeness theorem for Kleene algebras and the algebra of regular events. Inform. Comput. 110(2), 366–390 (1994). https://doi.org/10.1006/inco.1994.1037MathSciNetCrossRefzbMATHGoogle Scholar
 12.Kozen, D.: On Hoare logic and Kleene algebra with tests. ACM Trans. Comput. Log. 1(1), 60–76 (2000). https://doi.org/10.1145/343369.343378MathSciNetCrossRefzbMATHGoogle Scholar
 13.Kozen, D.: On the complexity of reasoning in Kleene algebra. Inform. Comput. 179, 152–162 (2002). https://doi.org/10.1006/inco.2001.2960MathSciNetCrossRefzbMATHGoogle Scholar
 14.Kozen, D., Mamouras, K.: Kleene algebra with equations. In: Esparza, J., Fraigniaud, P., Husfeldt, T., Koutsoupias, E. (eds.) ICALP 2014. LNCS, vol. 8573, pp. 280–292. Springer, Heidelberg (2014). https://doi.org/10.1007/9783662439517_24CrossRefGoogle Scholar
 15.Kozen, D., Patron, M.C.: Certification of compiler optimizations using Kleene algebra with tests. In: Lloyd, J., et al. (eds.) CL 2000. LNCS (LNAI), vol. 1861, pp. 568–582. Springer, Heidelberg (2000). https://doi.org/10.1007/3540449574_38CrossRefGoogle Scholar
 16.Krauss, A., Nipkow, T.: Proof pearl: regular expression equivalence and relation algebra. JAR 49(1), 95–106 (2012). https://doi.org/10.1007/s1081701192234MathSciNetCrossRefzbMATHGoogle Scholar
 17.Krob, D.: Complete systems of Brational identities. TCS 89(2), 207–343 (1991). https://doi.org/10.1016/03043975(91)90395IMathSciNetCrossRefzbMATHGoogle Scholar
 18.Mamouras, K.: Extensions of Kleene algebra for program verification. Ph.D. thesis, Cornell University, Ithaca, NY (2015). https://ecommons.cornell.edu/handle/1813/40960
 19.Pous, D.: Kleene algebra with tests and Coq tools for while programs. In: Blazy, S., PaulinMohring, C., Pichardie, D. (eds.) ITP 2013. LNCS, vol. 7998, pp. 180–196. Springer, Heidelberg (2013). https://doi.org/10.1007/9783642396342_15CrossRefGoogle Scholar
Copyright information
Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.