Complexity of Secure Sets

A secure set S in a graph is defined as a set of vertices such that for any \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$X\subseteq S$$\end{document}X⊆S the majority of vertices in the neighborhood of X belongs to S. It is known that deciding whether a set S is secure in a graph is \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathrm {\text {co-}NP}$$\end{document}co-NP-complete. However, it is still open how this result contributes to the actual complexity of deciding whether for a given graph G and integer k, a non-empty secure set for G of size at most k exists. In this work, we pinpoint the complexity of this problem by showing that it is \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathrm {\Sigma ^P_2}$$\end{document}Σ2P-complete. Furthermore, the problem has so far not been subject to a parameterized complexity analysis that considers structural parameters. In the present work, we prove that the problem is \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathrm {W[1]}$$\end{document}W[1]-hard when parameterized by treewidth. This is surprising since the problem is known to be FPT when parameterized by solution size and “subset problems” that satisfy this property usually tend to be FPT for bounded treewidth as well. Finally, we give an upper bound by showing membership in \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathrm {XP}$$\end{document}XP, and we provide a positive result in the form of an FPT algorithm for checking whether a given set is secure on graphs of bounded treewidth.


Introduction
The objective of many problems that can be modeled as graphs is finding a group of vertices that together satisfy some property. In this respect, one of the concepts B Bernhard Bliem bliem@dbai.tuwien.ac.at 1 Institute of Information Systems 184/2, TU Wien, Favoritenstrasse 9-11, 1040 Vienna, Austria that has been quite extensively studied [31] is the notion of a defensive alliance [20], which is a set of vertices such that for each element v at least half of its neighbors are also in the alliance. The name "defensive alliance" stems from the intuition that the neighbors of such an element v that are also in the alliance can help out in case v is attacked by its other neighbors. Notions like this can be applied to finding groups of nations, companies or individuals that depend on each other, but also to more abstract situations like finding groups of websites that form communities [18].
In this work, we are looking at a natural generalization of defensive alliances called secure sets, which have been introduced by Brigham et al. [11]. While defensive alliances make sure that each element of an alliance can defend itself against attacks from its neighbors, they do not account for attacks on multiple vertices at the same time. To this end, we can employ a stronger concept: A secure set of a graph G is a subset S of the vertices of G such that for each X ⊆ S, the number of vertices in N [X ] ∩ S is not less than the number of vertices in N [X ]\S. Here N [X ] denotes the closed neighborhood of X in G, i.e., X together with all vertices adjacent to X . The Secure Set problem can now be stated as follows: Given a graph G and an integer k, does there exists a secure set S of G such that 1 ≤ |S| ≤ k?
It is known that deciding whether a given set S is secure in a graph is co-NPcomplete [21], so it would not be surprising if finding (non-trivial) secure sets is also a very hard problem. Unfortunately, the exact complexity of this problem has so far remained unresolved. This is an unsatisfactory state of affairs because it leaves the possibility open that existing approaches for solving the problem (e.g., [1]) are suboptimal in that they employ unnecessarily powerful programming techniques. Hence we require a precise complexity-theoretic classification of the problem.
Due to its high complexity, it makes sense to look at the parameterized complexity [13,16,19,26] of the problem and to study if Secure Set becomes tractable under the assumption that certain parameters of the problem instances are small. For some parameters, this may be a reasonable assumption in practice. For instance, it has been shown that Secure Set can be solved in linear time if the solution size is bounded by a constant [17]. If we are only interested in small secure sets, the resulting algorithm is therefore a good choice.
However, we often cannot make the assumption that the solutions are small. In such cases, it is a common strategy to consider structural parameters instead, which measure in a certain way how complex the graph underlying a problem instance is. One of the most studied structural parameters is treewidth [5,7,27], which indicates how close a graph is to being a tree. Treewidth is an attractive parameter because many hard problems become tractable on instances of bounded treewidth, and in several practical applications it has been observed that the considered problem instances exhibit small treewidth [5,24,30]. In [22] it has been shown that a certain variant of Secure Set becomes easy on trees, but the complexity of Secure Set parameterized by treewidth is listed as an open problem in that work and has so far remained unresolved.
The first main contribution of our paper is to show that Secure Set is P 2 -complete. Unlike the existing co-NP-hardness proof [21], which uses a (quite involved) reduction from Dominating Set, we base our proof on a reduction from a problem in the area of logic. To be specific, we first show that the canonical P 2 -complete problem Qsat 2 can be reduced to a variant of Secure Set, where vertices can be forced to be in or out of every solution, and pairs of vertices can be specified to indicate that every solution must contain exactly one element of each such pair. In order to prove the desired complexity result, we then successively reduce this variant to the standard Secure Set problem. At the same time, we show P 2 -completeness for the exact variants of these problems, where we are interested in secure sets exactly of a certain size.
Membership in the class P 2 is rather obvious; in fact, [1] presents a polynomialtime reduction to Answer Set Programming [10] and thus shows this result implicitly. Together with our corresponding hardness result, it follows that Secure Set is P 2complete, and it turns out that all the problem variants we consider in this paper are P 2 -complete. We thus complete the picture of the precise complexity of the Secure Set problem, and we also provide completeness results for variants of the problem that have already been proposed [22] but for which no complexity analysis has been performed so far. Our results underline that Secure Set is among the few rather natural problems in graph theory that are complete for the second layer of the polynomial hierarchy (like, e.g., Clique Coloring [25] or 2-Coloring Extension [28]). Moreover, P 2 -hardness of Secure Set indicates that an efficient reduction to the Sat problem is not possible (unless the polynomial hierarchy collapses).
The second main contribution of our paper is a parameterized complexity analysis of Secure Set with treewidth as the parameter. We show that this problem is hard for the class W [1], which rules out a fixed-parameter tractable algorithm under commonly held complexity-theoretic assumptions. This result is rather surprising for two reasons: First, the problem is tractable on trees [22] and often problems that become easy on trees turn out to be fixed-parameter tractable when parameterized by treewidth. 1 Second, this makes Secure Set one of the very few "subset problems" that are fixedparameter tractable w.r.t. solution size but not w.r.t. treewidth. Problems with this kind of behavior are rather rare, as observed by Dom et al. [15].
Beside this parameterized hardness result, we also give an upper bound by showing that Secure Set is in the class XP, which means that it can be solved in polynomial time on instances of bounded treewidth. We do so by providing an algorithm where the degree of the polynomial depends on the treewidth.
Finally, we present a positive result for the co-NP-complete problem of checking whether a given set of vertices is secure in a graph: We provide an algorithm that solves the problem in linear time for graphs of bounded treewidth. This paper is organized as follows: We first provide the necessary background in Sect. 2. Then we analyze the complexity of Secure Set in Sect. 3, where we show that this problem, along with several variants, is P 2 -complete. In Sect. 4, we consider the parameterized complexity of Secure Set where treewidth is our parameter of interest. Section 5 concludes the paper with a discussion.
The present work extends a conference paper [4], which did not contain any results about the parameterized complexity of the considered problems. Beside the new results in Sect. 4, we also slightly modified some of the reductions that prove P 2 -hardness so that they preserve bounded treewidth, which allows us to reuse them for our parameterized hardness proofs. We also added a reduction (which eliminates necessary vertices), which made one of the reductions (from the exact variant of the problem to the nonexact variant) from the previous paper redundant.

Background
All graphs are undirected and simple unless stated otherwise. We denote the set of vertices and edges of a graph G by V (G) and E(G), respectively. We denote an undirected edge between vertices u and v as (u, v) or equivalently (v, u). It will be clear from the context whether an edge (u, v) is directed or undirected. Given a graph , respectively. If it is clear from the context which graph is meant, we write N (·) and N [·] instead of N G (·) and N G [·], respectively.
We often write "S is secure" instead of "S is secure in G" if it is clear from the context which graph is meant. By definition, the empty set is secure in any graph. Thus, in the following decision problems we ask for secure sets of size at least 1. The following is our main problem:

Secure Set
Input: A graph G and an integer k with 1 ≤ k ≤ |V (G)| Question: Does there exist a set S ⊆ V (G) with 1 ≤ |S| ≤ k that is secure? Figure 1 shows a graph together with a minimum non-empty secure set S = {a, b, c}. Observe that for any X ⊆ S the condition |N [X ] ∩ S| ≥ |N [X ]\S| is satisfied.
Note that the well-known Defensive Alliance problem is a special case of Secure Set where only those subsets X of S are considered that have size 1. For example, in Fig. 1, the set S = {a, b} is a defensive alliance as We now define three variants of the Secure Set problem that we require in our proofs. Secure Set F generalizes the Secure Set problem by designating some "forbidden" vertices that may never be in any solution. This variant can be formalized as follows:

Secure Set F
Input: A graph G, an integer k and a set V ⊆ V (G) Question: Does there exist a set S ⊆ V (G)\V with 1 ≤ |S| ≤ k that is secure?
Secure Set FN is a further generalization that, in addition, allows "necessary" vertices to be specified that must occur in every solution.

Secure Set FN
Input: A graph G, an integer k, a set V ⊆ V (G) and a set V ⊆ V (G) Question: Does there exist a set S ⊆ V (G)\V with V ⊆ S and 1 ≤ |S| ≤ k that is secure?
Finally, we introduce the generalization Secure Set FNC . Here we may state pairs of "complementary" vertices where each solution must contain exactly one element of every such pair.

Secure Set FNC
that is secure and, for each pair (a, b) ∈ C, contains either a or b but not both?
For our results on structural parameters, we need a way to represent the structure of a Secure Set FNC instance by a graph that augments G with the information in C: Definition 2 Let I be a Secure Set FNC instance, let G be the graph in I and let C the set of complementary vertex pairs in I . By the primal graph of I we mean the graph While the Secure Set problem asks for secure sets of size at most k, we also consider the Exact Secure Set problem that concerns secure sets of size exactly k. Note that a secure set may become insecure by adding or removing elements, so this is a non-trivial problem variant. Analogously, we also define exact versions of the three generalizations of Secure Set presented above.
When the task is not to find secure sets but to verify whether a given set is secure, the following problem is of interest:

Secure Set Verification
Input: A graph G and a set S ⊆ V (G) Question: Is S secure?
This problem is known to be co-NP-complete [21].
In this paper's figures, we often indicate necessary vertices by means of a triangular node shape, and forbidden vertices by means of either a square node shape or a superscript square in the node name. If two vertices are complementary, we often Note, however, that by putting a = sign between two vertices we do not mean to express that there is an edge between them. For instance, there is no edge between b and c, but there is an edge between b and e, which is explicitly drawn. The vertex a and the "anonymous" vertex adjacent to c are necessary and occur in every solution; d and the "anonymous" vertex adjacent to e are forbidden and occur in no solution. In this figure, the unique minimum nonempty secure set satisfying the conditions of forbidden, necessary and complementary vertices consists of a, b and the "anonymous" necessary vertex adjacent to c.
The following terminology will be helpful: We often use the terms attackers and defenders of a subset X of a secure set candidate S. By these we mean the sets N [X ]\S and N [X ]∩ S, respectively. To show that a subset X of a secure set candidate S is not a witness to S being insecure, we sometimes employ the notion of a defense of X w.r.t. S, which assigns to each attacker a dedicated defender: If we are able to find an injective mapping μ : ∩ S|, and we call μ a defense of X w.r.t. S. Given such a defense μ, we say that a defender d repels an attack on X by an attacker a whenever μ(a) = d. Consequentially, when we say that a set of defenders D can repel attacks on X from a set of attackers A, we mean that there is a defense that assigns to each element of A a dedicated defender in D.
To warm up, we make some easy observations that we will use in our proofs. First, for every set R consisting of a majority of neighbors of a vertex v, whenever v is in a secure set, also some element of R must be in it:  In particular, if half of the neighbors of v are forbidden, then v can only be in a given secure set if all non-forbidden neighbors are also in the secure set.
Finally, we recapitulate some background from complexity theory. The class P 2 is the class of problems that are solvable in polynomial time by a nondeterministic Turing machine that has access to an NP oracle. The canonical problem complete for this class is Qsat 2 , which asks, given a formula ∃x 1 . . . ∃x n x ∀y 1 . . . ∀y n y ψ, where ψ is a propositional 3-DNF formula, whether there is a truth assignment to the x i variables such that for all truth assignments to the y i variables ψ evaluates to true.
In parameterized complexity theory [13,16,19,26], we study problems that consist not only of an input and a question, but also of some parameter of the input that is represented as an integer. A problem is in the class FPT ("fixed-parameter tractable") if it can be solved in time f (k) · n c , where n is the input size, k is the parameter, f is a computable function that only depends on k, and c is a constant that does not depend on k or n. We call such an algorithm an FPT algorithm, and we call it fixed-parameter linear if c = 1. Similarly, a problem is in the class XP ("slice-wise polynomial") if it can be solved in time f (k) · n g(k) , where f and g are computable functions. Note that here the degree of the polynomial may depend on k, so such algorithms are generally slower than FPT algorithms. For the class W [1] it holds that FPT ⊆ W[1] ⊆ XP, and it is commonly believed that the inclusions are proper, i.e., W[1]-hard problems do not admit FPT algorithms. W[1]-hardness of a problem can be shown using parameterized reductions, which are reductions that run in FPT time and produce an equivalent instance whose parameter is bounded by a function of the original parameter.
For problems whose input can be represented as a graph, one important parameter is treewidth, which is a structural parameter that, roughly speaking, measures the "tree-likeness" of a graph. It is defined by means of tree decompositions, originally introduced in [27]. The intuition behind tree decompositions is to obtain a tree from a (potentially cyclic) graph by subsuming multiple vertices under one node and thereby isolating the parts responsible for cyclicity.

Definition 3
A tree decomposition of a graph G is a pair T = (T, χ) where T is a (rooted) tree and χ : V (T ) → 2 V (G) assigns to each node of T a set of vertices of G (called the node's bag), such that the following conditions are met: We call max t∈V (T ) |χ(t)| − 1 the width of T . The treewidth of a graph is the minimum width over all its tree decompositions.
In general, constructing an optimal tree decomposition (i.e., a tree decomposition with minimum width) is intractable [2]. However, the problem is solvable in linear time on graphs of bounded treewidth (specifically in time w O(w 3 ) · n, where w is the treewidth) [6] and there are also heuristics that offer good performance in practice [8,14].
In this paper we will consider so-called nice tree decompositions: Fig. 3 A graph G and a nice tree decomposition T of G rooted at the leftmost node is of one of the following types: 1. Leaf node: The node t has no child nodes.
2. Introduce node: The node t has exactly one child node t such that χ(t)\χ(t ) consists of exactly one element. 3. Forget node: The node t has exactly one child node t such that χ(t )\χ(t) consists of exactly one element. 4. Join node: The node t has exactly two child nodes t 1 and t 2 with Additionally, the bags of the root and the leaves of T are empty.
A tree decomposition of width w for a graph with n vertices can be transformed into a nice one of width w with O(wn) nodes in fixed-parameter linear time [23].
For any tree decomposition T and an element v of some bag in T , we use the notation t T v to denote the unique "topmost node" whose bag contains v (i.e., t T v does not have a parent whose bag contains v). Figure 3 depicts a graph and a nice tree decomposition, where we also illustrate the t T v notation. When we speak of the treewidth of an instance of Secure Set, Secure Set F , Secure Set FN , Exact Secure Set, Exact Secure Set F or Exact Secure Set FN , we mean the treewidth of the graph in the instance. For an instance of Secure Set FNC or Exact Secure Set FNC , we mean the treewidth of the primal graph.

Complexity of the Secure Set Problem
This section is devoted to proving the following theorem: We prove this by providing a chain of polynomial reductions from Qsat 2 to the problems under consideration.

Hardness of Secure Set with Forbidden, Necessary and Complementary Vertices
Lemma 1 Secure Set FNC and Exact Secure Set FNC are P 2 -hard.
. To avoid clutter, we omit labels for the vertices from Y , Y , Y , T , T and T , and we draw some edges in a dashed style Proof We reduce from Qsat 2 to Secure Set FNC . This also proves P 2 -hardness for the exact variant because our reduction makes sure that all solutions of the Secure Set FNC instance have the same size. We are given a quantified Boolean formula ϕ = ∃x 1 . . . ∃x n x ∀y 1 . . . ∀y n y ψ, where ψ is in 3-DNF and contains n t terms. We assume that no term contains both a variable and its complement (since such a term can never be satisfied) and that each term contains at least one universally quantified variable (since ϕ is trivially true otherwise).
We construct an instance (G, k, V , V , C) of Secure Set FNC in the following. For an illustration, see Fig. 4. We define a graph G by choosing the union of the following sets as V (G): Next we define the set of edges. In the following, whenever we sloppily speak of a literal in the context of the graph G, we mean the vertex corresponding to that literal (i.e., some x i , x i , y i or y i ), and we proceed similarly for terms. Furthermore, when we are dealing with a (vertex corresponding to a) literal l, then l shall denote the (vertex corresponding to the) complement of l. For any term t i , let L X (t i ) and L Y (t i ) denote the set of existentially and universally quantified literals, respectively, in t i .
The following observations are crucial: Elements of X ∪ X are only adjacent to vertices from T (which are forbidden) and T . For any i, each element of X ∪ X is adjacent to t i ∈ T iff it is adjacent to t i ∈ T . Furthermore, for any i, j, if x i or x i is adjacent to t j , then setting the variable x i to true or false, respectively, falsifies the term t j . Finally, for any i, j, if y i or y i is adjacent to t j , then setting the variable y i to true or false, respectively, falsifies the term t j .
The intuition is that the complementary pairs (x i , x i ) guess a truth assignment to the existentially quantified variables. We now need to check if such a truth assignment has the property that the formula ψ is true for all extensions of this assignment to the universally quantified variables. Trying out all these extensions amounts to going through all subsets of a solution candidate and comparing the numbers of attackers and defenders.
To illustrate, let S be a solution candidate (i.e., a set of vertices) and suppose S satisfies the conditions on forbidden, necessary and complementary vertices. We denote the truth assignment to x 1 , . . . , x n x encoded in S by I S . Moreover, let R be a subset of S containing either y j or y j for each universally quantified variable y j . We denote the extension of I S to y 1 , . . . , y n y encoded in R by I S,R . For any term t i that is falsified already by I S , the vertex t i attacks all vertices y j and y j . At the same time, for any term t i that is not falsified by I S , the vertex t i attacks y j or y j if setting the variable y j to true or false, respectively, falsifies t i . Hence, the number of attacks from vertices of the form t i or t i on R is exactly the number of terms that are falsified by I S,R . With the help of the vertices in Y , we can afford up to n t − 1 falsified terms, but if we falsify all n t terms, then R is a witness that S is not secure.
The Secure Set FNC instance (G, k, V , V , C) can be constructed in time polynomial in the size of ϕ. We claim that ϕ is true iff (G, k, V , V , C) is a positive instance of Secure Set FNC . "Only if " direction If ϕ is true, then there is an assignment I to x 1 , . . . , x n x such that, for all assignments extending I to y 1 , . . . , y n y , some term in ψ is satisfied. We define a set We observe that |S| = k, V ∩ S = ∅, V ⊆ S, and that for any (a, b) ∈ C it holds that a ∈ S iff b / ∈ S. By construction, whenever some element of X ∪ X is in S, then all its neighbors in T are in S; and whenever some t i is in S, then some neighbor of t i in X ∪ X is in S.
We claim that S is a secure set in G. Let R be an arbitrary subset of S. We show that R has at least as many defenders as attackers by constructing a defense, which assigns to each attacker of R a dedicated defender in N [R] ∩ S. We distinguish cases regarding the origins of the attacks on R.
-We repel each attacker t i ∈ T using t i . Since t i attacks R, R must contain some element of X ∪ X that is adjacent to t i and thus also to t i , so We repel that attacker using t i , which is adjacent to t i . Note that it cannot be the case that t i is attacked by more than one vertex in X ∪ X ∪ {d 1 , d 2 } because t i has exactly two neighbors from that set and would not be in S if neither of these neighbors was in S. -If t attacks R, then it attacks at least one element of T ∩ R, which is adjacent to some element of X ∪ X that is also in S. We repel t using any such element of X ∪ X . -Any attack from some t i ∈ T on R must be on t i . Since t i / ∈ S, t i is not consumed for repelling an attack on t i , so we repel t i with t i .
-If some t i ∈ T attacks R (by attacking t i ), we repel t i with t i .
-Analogously, we repel each attacker t i ∈ T with t i . -If, for some i with 1 ≤ i ≤ n y , the vertices y i, j for 1 ≤ j ≤ n t + 1 attack R, then we distinguish the following cases: If y i is in R, then the adjacent vertices y i, j for 1 ≤ j ≤ n t are in the neighborhood of R, too. We then repel each y i, j with y i, j for 1 ≤ j ≤ n t , and we repel y i,n t +1 with y i . Otherwise, y i is in R, and we proceed symmetrically using y i, j and y i as dedicated defenders.
-In order to account for attacks from T ∪ T on R, we distinguish two cases.
-If, for some i with 1 ≤ i ≤ n y , both y i and y i are in R, then, in the step before, we have repelled each y i, j with the respective y i, j or y i , but all y i, j are still free. These vertices can repel all attacks from T ∪ T , as there are at most n t such attacks. -Otherwise we show that there are at most n t − 1 attacks from T ∪ T , and they can be repelled using Y . Consider the (partial) assignment J that assigns the same values to the variables x 1 , . . . , x n x as the assignment I above, and, for any variable y i , sets y i to true or false if R contains the vertex y i or y i , respectively. By assumption we know that our assignment to x 1 , . . . , x n x is such that for all assignments to y 1 , . . . , y n y some term t i in ψ is true. In particular, it must therefore hold that J falsifies no existentially quantified literal in t i . Then, by construction of S, the vertex t i is not in S. We also know that J falsifies no universally quantified literal in t i . But then the vertices from Y ∪ Y adjacent to the vertex t i are not in R due to our construction of J , so t i does not attack any vertex in R. From this it follows that there are at most n t − 1 attacks from T ∪ T on R. We can repel all these attacks using the vertices y 1 , . . . , y n t −1 . This allows us to conclude |N [R] ∩ S| ≥ |N [R]\S|. Therefore S is secure.
"If " direction Suppose S is a secure set in G satisfying the conditions regarding forbidden, necessary and complementary vertices. First observe that |S| = k because the complementary vertex pairs make sure that S contains exactly half of If S contains some l ∈ X ∪ X , then N (l) ∩ T ⊆ S by Observation 2. If S contains some t i ∈ T , then t i must be adjacent to some element of X ∪ X that is also in S by Observation 1.
We construct an interpretation I on the variables x 1 , . . . , x n x that sets exactly those x i to true where the corresponding vertex x i is in S, and we claim that for each extension of I to the universally quantified variables there is a satisfied term in ψ. To see this, suppose to the contrary that some assignment J to all variables extends I but falsifies all terms in ψ. Then we define a set R consisting of all vertices y i such that J (y i ) = true, all vertices y i such that J (y i ) = false, and all vertices in (T ∪ T ) ∩ S that are adjacent to these vertices y i or y i . We show that this contradicts S being secure: Clearly, R is a subset of S and has |R| defenders due to itself, n t − 1 defenders due to Y , and n y · n t defenders due to N (R) ∩ Y . This amounts to |N [R] ∩ S| = |R| + n t − 1 + n y · n t . On the other hand, there are n t attacks on R from T ∪ T . This is because for any term t i in ψ one of the following cases applies: -The term t i is falsified already by I . Then t i ∈ S and thus t i / ∈ S. The vertex t i , however, is adjacent to every element of Y ∪ Y , so it attacks R.
-The term t i is not falsified by I but by J . Then t i / ∈ S, and L Y (t i ) contains some literal l with l ∈ N (t i ) and J | l, so l is in R and attacked by t i .
In addition to these n t attackers, R has |R ∩ (T ∪ T )| attackers in N (R)∩(T ∪T ), as well as n y · (n t + 1) attackers in Y . As |R| = n y + |R ∩ (T ∪ T )|, we obtain in total This contradicts S being secure, so for each extension of I to the universally quantified vertices, ψ is true; hence ϕ is true.

Hardness of Secure Set with Forbidden and Necessary Vertices
Next we present a transformation τ FNC that eliminates complementary vertex pairs by turning a Secure Set FNC instance into an equivalent Secure Set FN instance. Along with τ FNC , we define a function σ FNC I , for each Secure Set FNC instance I , such that the solutions of I are in a one-to-one correspondence with those of τ FNC (I ) in such a way that any two solutions of I have the same size iff the corresponding solutions of τ FNC (I ) have the same size. We use these functions to obtain a polynomial-time reduction from Secure Set FNC to Secure Set FN as well as from Exact Secure Set FNC to Exact Secure Set FN .
Before we formally define our reduction, we briefly describe the underlying intuition. The gadget in Fig. 5 is added for every complementary pair (a, b). It is constructed in such a way that every solution must either contain all of {a, a ab , a ab 1 , . . . , a ab n+4 } or none of them, and the same holds for {b, b ab , b ab 1 , . . . , b ab n+4 }. By making the vertex ab necessary, every solution must contain one of these two sets. At the same time, the bound on the solution size makes sure that we cannot afford to take both sets for any complementary pair.

Definition 5
We define a function τ FNC , which assigns a Secure Set FN instance to each Secure Set FNC instance I = (G, k, V , V , C). For this, we use n to denote |V (G)| and first define a function σ FNC I : x → x + |C| · (n + 6). For each (a, b) ∈ C, we introduce new vertices a ab , b ab and ab as well as, for any  Let S ∈ A and let S denote g(S). Obviously S satisfies V ∩ S = ∅ and V ⊆ S . To see that S is secure in G , let X be an arbitrary subset of S . Since S is secure in G and X ∩ V (G) ⊆ S, there is a defense μ : since v is only adjacent to x ab i or neighbors of it.
-If v is a ab or b ab for some (a, b) ∈ C, its only neighbor in X can be ab and we set μ (v) = ab . -Otherwise v is in N G [X ∩V (G)]\S (by our construction of S ). Since the codomain of μ is a subset of the codomain of μ , we may set μ (v) = μ(v).
Since μ is injective, each attack on X in G can be repelled by S . Hence S is secure in G . Clearly g is injective. It remains to show that g is surjective. Let S be a solution of τ FNC (I ). First we make the following observations for each (a, b) ∈ C and each x ∈ {a, b}: To see this, suppose x ∈ S . Let D x consist of those pairs (c, d) ∈ C such that x ∈ {c, d} and Y cd x c ∩ S = ∅, and let A x consist of those pairs (c, d) ∈ C such that x ∈ {c, d} and Y cd By the previous observations, X ⊆ S . The defenders of X are the element x, the |D x |·(n +1) elements of (c,d)∈D x Y cd x c and perhaps some elements of N G (x), which consists of at most n −1 vertices. The attackers of X are the |D x | · (n + 1) elements of (c,d)∈D x Y cd x , the |A x | · (n + 1) elements of (c,d)∈A x Y cd x c and perhaps some elements of N G (x). Thus, if A x is nonempty, then the set X has more attackers than defenders in G . However, S is secure, so A x must be empty, which implies Y ab x c ∩ S = ∅.
-If x ab ∈ S , then Z ab x c ∩ S = ∅ by Observation 1.
So for each (a, b) ∈ C and x ∈ {a, b}, S contains either all or none of {x, x ab } ∪ Y ab x c ∪ Z ab x c. For every (a, b) ∈ C, S contains a ab or b ab , since ab ∈ S , whose neighbors are a ab and b ab . It follows that |S | > |C| · (n + 6) even if S contains only one of each (a, b) ∈ C. If, for some (a, b) ∈ C, S contained both a and b, we could derive a contradiction to |S | ≤ σ FNC contains either a or b for any (a, b) ∈ C. We construct S = S ∩ V (G) and observe that S = g(S), V ⊆ S, V ∩ S = ∅, and |S ∩ {a, b}| = 1 for each (a, b) ∈ C. It remains to show that S is secure in G. Let X be an arbitrary subset of S. We construct X = X ∪ (a,b)∈C,x∈X ∩{a,b} Y ab x c and observe that each Y ab x c we put into X entails |Y ab x c ∪ {x ab n+2 }| = n + 2 additional defenders and |Y ab x ∪ {x ab n+2 }| = n + 2 additional attackers of X in G compared to As τ FNC is clearly computable in polynomial time, the following result follows: The instances of Secure Set FNC are identical to the instances of the exact variant, so τ FNC is also applicable to the exact case. In fact it turns out that this gives us also a reduction from Exact Secure Set FNC to Exact Secure Set FN .

Hardness of Secure Set with Forbidden Vertices
Now we present a transformation τ FN that eliminates necessary vertices. Our transformation not only operates on a problem instance, but also requires an ordering of the necessary vertices. For now, we can consider this as an arbitrary ordering. It will become more important in Sect. 4.1, where we reuse this transformation for showing W[1]-hardness w.r.t. treewidth. Before formally defining the transformation τ FN , we refer to Fig. 6, which shows the result for a simple example graph with only two vertices a and b, of which b is necessary. The basic idea is that the vertex w must be in every solution S because any vertex that is in S also eventually forces w to be in S. Once w ∈ S, the construction to the right of w makes sure that b ∈ S.

Definition 6
We define a function τ FN , which assigns a Secure Set F instance to each pair (I, ), where I = (G, k, V , V ) is a Secure Set FN instance and is an ordering of the elements of V . For this, let V c denote V (G)\(V ∪ V ). We use n to denote |V (G)|, and we first define a function σ FN The intention is for each w v and w v to be forbidden, for w and each w v to be in every secure set, and for w v to be in a secure set iff v is in it at the same time. We write V + to denote V ∪ V c∪ {w}; for each v ∈ V + , we use A v to denote the set of new vertices {v 1 , . . . , v n+1 , v 1 , . . . , v n+1 }, and we use shorthand notation A The intention is for each v i to be forbidden and for each v i to be in a secure set iff v is in it at the same time. We use the notation u ⊕ v to denote the set of edges {(u, v), (u, u ), (v, v ), (u, v ), (v, u )}. If V = ∅, let P = ∅; otherwise let P be the set consisting of all pairs (u, v) such that v is the direct successor of u according to , as well as the pair (u, w), where u is the greatest element according to . Now we define τ FN (I, ) = (G , k , V Fig. 7 Illustration of the gadget that makes sure w and w a are in every secure set. The vertex a is a nonnecessary, non-forbidden vertex from the Secure Set FN instance and may have other neighbors from this instance. The vertex w has two neighbors (as depicted here) for each non-necessary, non-forbidden vertex from the Secure Set FN instance, and additionally the neighbors depicted in Fig. 8 x We illustrate our construction in Figs. 7 and 8.
We now prove that τ FN yields a correct reduction for any ordering .

Lemma 3 Let I = (G, k, V , V ) be a Secure Set FN instance, let be an ordering of V , let A be the set of solutions of I and let B be the set of solutions of τ FN (I, ).
There is a bijection g : A → B such that |g(S)| = σ FN I (|S|) holds for every S ∈ A.
Let S ∈ A and let S denote g(S). Obviously S satisfies V ∩ S = ∅. To see that S is secure in G , let X be an arbitrary subset of S . Since S is secure in G and We now construct a defense μ : N G [X ]\S → N G [X ] ∩ S . For any attacker a of X in G , we distinguish the following cases: -If a is some v i ∈ A v for some v ∈ V + , then a can only attack either v i or a neighbor of v i , all of which are in S , and we set μ (a) -If a is w v for some v ∈ V c, then a attacks w v and we set μ (a) = w v .
-If a is w v for some v ∈ V c, then it attacks w or w v , which is not used for repelling any attack because w v cannot attack X , so we set μ (a) = w v . -Otherwise a is in N G [X ∩V (G)]\S (by our construction of S ). Since the codomain of μ is a subset of the codomain of μ , we may set μ (a) = μ(a).
Since μ is injective, each attack on X in G can be repelled by S . Hence S is secure in G . Clearly g is injective. It remains to show that g is surjective. Let S be a solution of τ FN (I, ). We first show that V ∪ {w} ⊆ S : -If w v ∈ S for some v ∈ V c, then w ∈ S because at least w v or w must be in S and the former implies w ∈ S as we have seen. -The previous observations show that any vertex being in S implies w ∈ S . Since S is nonempty, it follows that w ∈ S . We now show that S contains an element of A c w . Suppose the contrary, let U = S ∩{w v | v ∈ V c}, let U = S ∩{w v | v ∈ V c} and consider X = {w}∪U . The defenders of X consist of exactly 1+|U |+2|U | elements, whereas there are exactly (n + 1) + (|V c| − |U |) + (|V c| − |U |) + 3|U | attackers. With |V c| ≥ |U | ≥ |U | and n > 0 in mind, we arrive at the contradiction Suppose, for the sake of contradiction, that there is some u ∈ V c such that w u / ∈ S . We have seen that the latter can only be the case if u / ∈ S . Observe that This contradicts S being secure in G .
Let S = S ∩ V (G). By the previous observations, it is easy to see that S = g(S). It remains to show that S is secure in G. Let X be an arbitrary subset of S. We construct X = X ∪ v∈X A c v and observe that the number of additional defenders of X in G compared to X in G is equal to the number of additional attackers; formally Given an ordering , clearly τ FN (I, ) is computable in polynomial time. We can thus easily obtain a reduction from Secure Set FN to Secure Set F by first computing an arbitrary ordering of the necessary vertices in polynomial time. This also gives us a hardness result for the exact case, analogous to Corollary 2.
Corollary 3 Secure Set F and Exact Secure Set F are P 2 -hard.

Hardness of Secure Set
We now introduce a transformation τ F that eliminates forbidden vertices. The basic idea is that we ensure that a forbidden vertex f is never part of a solution by adding so many neighbors to f that we could only defend f by exceeding the bound on the solution size.

Definition 7
We define a function τ F , which assigns a Secure Set instance to each

Complexity of Secure Set Parameterized by Treewidth
In this section we study the parameterized complexity of the Secure Set problem when treewidth is the parameter. We first show that all variants of Secure Set considered in this paper are W[1]hard for this parameter by reusing some reductions from Sect. 3 and proving that they preserve bounded treewidth. Under the widely held assumption that FPT = W [1], this rules out fixed-parameter tractable algorithms for these problems.
Second, we show that the co-NP-complete Secure Set Verification problem is solvable in linear time on instances whose treewidth is bounded by a constant. We do this by providing a fixed-parameter linear algorithm that performs dynamic programming on a tree decomposition of the input graph. Although bounded treewidth most likely does not lead to fixed-parameter tractability of the problem of finding secure sets, this proves that it does for the problem of verifying whether a given set is secure.
Third, we show that all the variants of the Secure Set problem considered in this paper are solvable in polynomial time on instances whose treewidth is bounded by a constant. We again do this by providing a polynomial-time dynamic programming algorithm, but this time the degree of the polynomial depends on the treewidth.

Hardness of Secure Set Parameterized by Treewidth
In this subsection, we prove the following theorem: To prove this, we reduce from the following problem [3], which is known to be W[1]hard [29] parameterized by the treewidth of the graph:

Minimum Maximum Outdegree
Input: A graph G, an edge weighting w : E(G) → N + given in unary and a positive integer r Question: Is there an orientation of the edges of G such that, for each v ∈ V (G), the sum of the weights of outgoing edges from v is at most r ? Proof Let an instance of Minimum Maximum Outdegree be given by a graph G, an edge weighting w : E(G) → N + in unary and a positive integer r . From this we construct an instance of both Secure Set FNC and Exact Secure Set FNC . An example is given in Fig. 9. For each v ∈ V (G), we define the set of new vertices We now define the graph G with Fig. 9 Result of our transformation on a sample Minimum Maximum Outdegree instance with r = 3 and two vertices a, b that are connected by an edge of weight 3. Complementary vertex pairs are shown via dashed lines. Necessary vertices have a symbol next to their name We also define the set of complementary vertex pairs (u, v). We use I to denote (G , k, C, V , ∅), which is an instance of Secure Set FNC and also of Exact Secure Set FNC . Obviously I is a positive instance of Secure Set FNC iff it is a positive instance of Exact Secure Set FNC because the necessary and complementary vertices make sure that every solution of the Secure Set FNC instance I has exactly k elements. Hence we only consider Secure Set FNC .
The intention is that for each orientation of G we have a solution candidate S in I such that an edge orientation from u to v entails V vu ⊆ S and V uv ∩ S = ∅, and the other orientation entails V uv ⊆ S and V vu ∩ S = ∅. For each outgoing edge of v in the orientation of G, there are as many attackers of v in I as the weight of that edge. Together with H v , v can repel up to r such attacks. The other neighbors of v that are in S cannot help v since they are in turn attacked by their neighbors.
Clearly I can be computed in polynomial time. We now show that the treewidth of the primal graph of I depends only on the treewidth of G. We do so by modifying an optimal tree decomposition T of G as follows: 1. For each (u, v) ∈ E(G), we take an arbitrary node whose bag B contains both u and v and add to its children a chain of nodes N 1 , . . . , we take an arbitrary node whose bag B contains v and add to its children a chain of nodes N 1 , . . . , It is easy to verify that the result is a valid tree decomposition of the primal graph of I and its width is at most the treewidth of G plus four.
We claim that (G, w, r ) is a positive instance of Minimum Maximum Outdegree iff I is a positive instance of Secure Set FNC . "Only if " direction Let D be the directed graph given by an orientation of the edges of G such that for each vertex the sum of weights of outgoing edges is at most r . The Let X be an arbitrary subset of S. Every attacker must be some element u v i . If v u i ∈ X , then we can use v u i to repel the attack from u v i . Otherwise u ∈ X , so we can use either u or one of the r − 1 elements of H u to repel the attack from u v i . These are sufficiently many defenders: For every vertex v ∈ V (G) ∩ X , at most r neighbors attack v as otherwise the sum of weights of outgoing edges of v in D would be greater than r . Finally, it is easy to verify that |S| = k, V ⊆ S, and exactly one element of each pair of complementary vertices is in S. "If " direction Let S be a solution of I . For every (u, v) ∈ E(G), either V uv ⊆ S or V vu ⊆ S due to the complementary vertex pairs. We define a directed graph D by Suppose there is a vertex v in D whose sum of weights of outgoing edges is greater than r . We construct X = {v} ∪ (u,v)∈E(D) V vu , which is a subset of S. Now v has more than r attacking neighbors, but all defenders except v and H v must already defend themselves against their attacking neighbor. This contradicts S being secure. Now we reduce from Secure Set FNC to Secure Set FN to show W[1]-hardness of the latter problem. We reuse the function τ FNC from Definition 5 and show that this gives us a reduction that preserves bounded treewidth.

Lemma 6 Secure Set FN , parameterized by the treewidth of the graph, is W[1]-hard.
Proof Let I be a Secure Set FNC instance whose primal graph we denote by G. We obtain an equivalent Secure Set FN instance τ FNC (I ), whose graph we denote by G . This reduction is correct, as shown in Lemma 2. It remains to show that the treewidth of G is bounded by a function of the treewidth of G. Let T be an optimal nice tree decomposition of G. We build a tree decomposition T of G by modifying a copy of T in the following way: For every pair (a, b) of complementary vertices, we pick an arbitrary node t in T whose bag B contains both a and b, and we add a chain of nodes N 1 , . . . , N 2n+3 between t and its parent such that, for 1 ≤ i ≤ n + 1, the bag of It is easy to verify that T is a valid tree decomposition of G . Furthermore, the width of T is at most the width of T plus 15.
Just like before, we get an analogous result for the exact variant. It can be proved in the same way as Corollary 2.

Corollary 5 Exact Secure Set FN , parameterized by the treewidth of the graph, is
We next show W[1]-hardness of Secure Set F by reducing from Secure Set FN using the function τ FN from Definition 6. This function maps a Secure Set FN instance, together with an ordering of the necessary vertices, to an equivalent Secure Set F instance. We show that by choosing appropriately, this gives us a reduction that preserves bounded treewidth.

Lemma 7 Secure Set F , parameterized by the treewidth of the graph, is W[1]-hard.
Proof Let I = (G, k, V , V ) be a Secure Set FN instance and let T be an optimal nice tree decomposition of G. We can compute such a tree decomposition in FPT time [6]. Let be the ordering of the elements of V that is obtained in linear time by doing a post-order traversal of T and sequentially recording the elements that occur for the last time in the current bag. We obtain the Secure Set F instance τ FN (I, ), whose graph we denote by G . This reduction is correct, as shown in Lemma 3, and computable in FPT time. It remains to show that the treewidth of G is bounded by a function of the treewidth of G. To this end, we use T to build a tree decomposition T of G . We initially set T := T and modify it by the following steps: 1. We insert w into every bag. 2. For every (u, v) ∈ P, we add v, v 1 and v 1 into the bag of every node between (and including) t T u and t T v . Note that the bag of t T u contains both u and v. After this step, we have increased the bag size of each node by at most five. 3. For each v ∈ V + , we use B v to denote the bag of t T v and replace t T v by a chain of nodes N 1 , . . . , N n , where N n is the topmost node and the bag of After this step, note that, for each (u, v) ∈ P, the bag of the new node t T u contains u n+1 , u n+1 , v 1 and v 1 .
It is easy to verify that T is a valid tree decomposition of G . Furthermore, the width of T is at most the width of T plus twelve.
We again get an analogous result for the exact variant.

Corollary 6 Exact Secure Set F , parameterized by the treewidth of the graph, is
Finally, we show W[1]-hardness of Secure Set by reducing from Secure Set F while preserving bounded treewidth.

Lemma 8 Secure Set, parameterized by the treewidth of the graph, is W[1]-hard.
Proof Let I = (G, k, V ) be a Secure Set F instance, let G denote the graph of τ F (I ) and let T be an optimal nice tree decomposition of G. We build a tree decomposition T of G by modifying a copy of T in the following way: For every f ∈ V , we pick an arbitrary node t in T whose bag B contains f , and we add a chain of nodes N 1 , . . . , N 2k between t and its parent such that, It is easy to verify that T is a valid tree decomposition of G . Furthermore, the width of T is at most the width of T plus two.
We again get an analogous result for the exact variant.

A Fixed-Parameter Tractable Algorithm for Secure Set Verification
While we have seen in Sect. 4.1 that Secure Set parameterized by treewidth is most likely not FPT, we now present a positive result: The co-NP-complete [21] Secure Set Verification problem, which consists of checking whether a given set S is secure in a graph G, is FPT parameterized by the treewidth of G. We show this by giving a fixed-parameter linear algorithm that follows the principle of dynamic programming on a tree decomposition T of G. The core idea is the following: For each node t of T and each X ⊆ S ∩ χ(t), we store an integer c S,t (X ), which indicates that X can be extended to a set X ⊆ S using "forgotten" vertices from further down in T in such a way that the difference between defenders and attackers of X is c S,t (X ) and X is the "worst" subset of S that can be obtained in this way. To compute these values, we traverse T from the bottom up and use recurrence relations to compute the values for the current node t of T based on the values we have computed for the children of t. If we then look at the values we have computed at the root of T , we can decide if there is a subset of S that is "bad enough" to witness that S is not secure.
Dynamic programming algorithms like this are quite common for showing FPT membership w.r.t. treewidth and some examples can be found in [13,26]. Proving their correctness is a usually rather tedious structural induction argument along the tree decomposition: At every node t of T , we have to prove that the recurrence relations indeed characterize the value they are supposed to represent. Examples of such proofs can be found in [13].
We now formally define the values that we will compute at each tree decomposition node. Let G be a graph with a nice tree decomposition T and let S ⊆ V (G) be the candidate for which we want to check if it is secure. For each node t of T and each set of vertices A, we define at t (or just the score of X if S and t are clear from the context) and denote it by score S,t ( X ). Furthermore, we call |N G [ X ] ∩ χ(t) ∩ S| − |(N G [ X ] ∩ χ(t))\ S| the local score of X w.r.t. S at t and denote it by lscore S,t ( X ). Finally, for each X ⊆ S ∩ χ(t), we define the value When r is the root of T , both S r = S and χ(r ) = ∅ hold, so S is secure if and only if c S,r (∅) is nonnegative. We now describe how to compute all such values in a bottom-up manner by distinguishing the node type of t, and we prove the correctness of our computation by structural induction along the way. In this correctness proof, we use additional terminology: We say that a set X is an extension of X w.r.t. S at t if it is one of those sets considered in the definition of c S,t (X ) that has minimum score; formally X ⊆ S t , X ∩ χ(t) = X and score S,t ( X ) = c S,t (X ). We may omit S or t if they are clear from the context.
Leaf node. If t is a leaf node, then its bag is empty and obviously c S,t (∅) = 0 holds. Introduce node. Let t be an introduce node with child t , let v be the unique element of χ(t)\χ(t ), let X ⊆ S ∩ χ(t) and let X = X \{v}. We prove that the following equation holds: we infer score S,t ( X ) = score S,t ( X \{v}) + 1. Moreover, the set X \{v} is one of the candidates considered for an extension of X in the definition of c S,t , so we obtain c S,t (X ) ≤ score S,t ( X \{v}). In total, this gives us c S,t (X ) ≥ c S,t (X ) + 1. Conversely, let X be an extension of X at t , so score S,t ( X ) = c S,t (X ). We distinguish two cases.
Hence the set X ∪ {v} is one of the candidates considered for an extension of X in the definition of c S,t and we obtain c S,t (X ) ≤ score S,t ( X ∪ {v}).

Otherwise v /
∈ X . In this case X = X , v / ∈ X and X = X ∩ χ(t). Hence the set X is considered in the definition of c S,t (X ) and we get c S,t (X ) ≤ score S,t ( X ). Since v is adjacent to an element of X , we infer score S,t ( X ) = score S,t ( X ) + 1. In both cases, we obtain c S,t (X ) ≤ c S,t (X )+1, so indeed c S,t (X ) = c S,t (X )+1. Next consider the case where v ∈ N G [X ]\ S. Clearly v / ∈ X . Let X be an extension of X at t, so score S,t ( X ) = c S,t (X ). From v / ∈ N G [ X ] t and v ∈ N G [ X ] t \ S we now infer score S,t ( X ) = score S,t ( X ) − 1. Similar to before, by definition of c S,t (X ) we obtain c S,t (X ) ≤ score S,t ( X ). In total, this gives us c S,t (X ) ≥ c S,t (X ) − 1. Conversely, let X be an extension of X at t , so score S,t ( X ) = c S,t (X ). Since v / ∈ X and X = X ∩ χ(t), X is considered in the definition of c S,t (X ) and we get c S,t (X ) ≤ score S,t ( X ). Since v is adjacent to an element of X , we infer score S,t ( X ) = score S,t ( X ) − 1. We obtain c S,t (X ) ≤ c S,t (X ) − 1, so indeed c S,t (X ) = c S,t (X ) − 1. Finally consider the remaining case where v / ∈ N G [X ] and, in particular, v / ∈ X holds as well as X = X . Using elementary set theory with S t \{v} = S t and since v is not adjacent to any element of X and if it were adjacent to some element of X \X , then T would not be a valid tree decomposition. This proves that every such X has the same score at t and t . Hence c S,t (X ) = c S,t (X ). Forget node. Let t be a forget node with child t , let v be the unique element of χ(t )\χ(t) and let X ⊆ S ∩ χ(t). We prove that the following equation holds: Clearly S t = S t and all scores at forget nodes are identical to those in the respective child node. The case where v / ∈ S is trivial as then S ∩ χ(t) = S ∩ χ(t ), i.e., the domains of c S,t and c S,t are equal, and the sets considered in the definitions of c S,t (X ) and c S,t (X ) are the same. Hence we consider the case where v ∈ S. Let X be an extension of X at t, so c S,t (X ) = score S,t ( X ) = score S,t ( X ). If v / ∈ X , then X ∩ χ(t ) = X , so we obtain c S,t (X ) ≤ score S,t ( X ) by definition of c S,t (X ). On the other hand, if v ∈ X , then X ∩ χ(t ) = X ∪ {v}, so we obtain c S,t (X ∪ {v}) ≤ score S,t ( X ). As one of these two inequalities applies, we get Join node. Let t be a join node with children t , t such that χ(t) = χ(t ) = χ(t ), and let X ⊆ S ∩ χ(t). We prove that the following equation holds: Let X be an extension of X at t, so score S,t ( X ) = c S,t (X ). The set X = X ∩ S t satisfies X ∩ χ(t ) = X , so c S,t (X ) ≤ score S,t ( X ). Symmetrically, for X = X ∩ S t it holds that c S,t (X ) ≤ score S,t ( X ). There is no element of V (G) t \χ(t) that is adjacent to an element of X \X , otherwise T would not be a valid tree decomposition.
This entails score S,t ( X ) = score S,t ( X ) and score S,t ( X ) = score S,t ( X ).
and these latter two sets have N G [X ] ∩ χ(t) ∩ S as their intersection, we can apply the inclusion- We can establish score S,t ( X ) = score S,t ( X ) +score S,t ( X )−lscore S,t (X ) by putting these equations together. The inequalities we have derived before now allow us to conclude c S,t (X ) ≥ c S,t (X ) + c S,t (X ) − lscore S,t (X ). Now let X and X be extensions of X at t and at t , respectively. We have that c S,t (X ) = score S,t ( X ) and c S,t (X ) = score S,t ( X ). The set X = X ∪ X is clearly considered in the definition of c S,t (X ), so c S,t (X ) ≤ score S,t ( X ). Following the same reasoning as before, we obtain score S,t ( X ) = score S,t ( X ) + score S,t ( X ) − lscore S,t (X ). This gives us c S,t (X ) ≤ c S,t (X ) + c S,t (X ) − lscore S,t (X ). Hence c S,t (X ) = c S,t (X ) + c S,t (X ) − lscore S,t (X ).
Using these recurrence relations, we can traverse the tree decomposition T in a bottom-up way and compute at each node t of T the value c S,t (X ) for each X ⊆ S ∩ χ(t). Hence for each node of T we compute at most 2 w values, where w is the width of T . By choosing the right data structure for adjacency tests [13,Exercise 7.16], each value can be computed in time O(w 3 ). Since T has O(w·|V (G)|) many nodes and T can be computed in fixed-parameter linear time [6], (in fact in time 2 O(w 3 ) · |V (G)| as observed by [9]), we thus get an algorithm with fixed-parameter linear running time for checking whether a given set S is secure. Theorem 3 Given a graph G, a tree decomposition of G of weight w and a set S ⊆ V (G), we can decide in time O(2 w · w 4 · |V (G)|) whether S is secure in G.
Our algorithm can easily be adjusted to find a witness if S is not secure, i.e., to print a subset of S that has more attackers than defenders. After c S,t has been computed for each t, this can be done via a final top-down traversal by a standard technique in dynamic programming on tree decompositions [26]: Alongside each value c S,t (X ), we store the "origin" of this value and recursively combine the origins of c S,r (∅), where r is the root of T .
In our definition of the Secure Set Verification problem, we were only concerned with checking whether a set is secure, but we did not mention the additional constructs that we consider in this paper, like complementary vertex pairs or necessary or forbidden vertices. However, these additions pose no difficulty at all because we can just check the respective conditions in linear time.

A Polynomial Algorithm for Secure Set on Bounded Treewidth
We now present an algorithm for finding secure sets, not just verifying whether a given set is secure. Our algorithm works by dynamic programming on a tree decomposition of the input and extends the algorithm from Sect. 4.2. For graphs of bounded treewidth, the algorithm presented in this section runs in polynomial time. However, in contrast to the algorithm in Sect. 4.2, it is not an FPT algorithm since the degree of the polynomial depends on the treewidth. This is to be expected since the problem of finding secure sets of a certain size is W[1]-hard when parameterized by treewidth, as we have shown in Lemma 8. Our algorithm provides an upper bound for the complexity of this problem, namely membership in the class XP.
Let G be a graph with a nice tree decomposition T , and let t be a node of T . In Sect. 4.2, we were given one particular secure set candidate S that we wanted to check, so we only computed one value for each X ⊆ S ∩ χ(t), namely the lowest score of any X ⊆ S t whose intersection with χ(t) is X . Here, in contrast, we cannot restrict ourselves to only one secure set candidate, and multiple candidates may have the same intersection with χ(t). We therefore compute multiple objects for each subset of χ(t), since two subsets of V (G) t that have the same intersection with χ(t) may have to be distinguished due to their subsets having different scores.
Let S ⊆ χ(t). By F S we denote the set of functions from 2 S to an integer. Let c ∈ F S and let k be an integer. We say that a set S ⊆ V (G) t is (S, t, c, k)-characterized if | S| = k, S ∩ χ(t) = S and, for each X ⊆ S, it holds that c(X ) = c S,t (X ), where c S,t is the function defined in Sect. 4.2. For each S ⊆ χ(t), we now define the set When r is the root of T , there is a secure set of size k in G if and only if there is an element (c, k) ∈ C ∅,r such that c(∅) ≥ 0. To see this, first suppose there is a secure set S of size k in G. Then there is a function c : {∅} → Z such that S is (∅, r, c, k)characterized, so (c, k) ∈ C ∅,r and c(∅) = c S,r (∅), which means that c(∅) is the lowest score of any subset of S. Since S is secure in G, this number is nonnegative. For the other direction, let (c, k) ∈ C ∅,r such that c(∅) ≥ 0. Then there is a (∅, r, c, k)characterized set S, obviously of size k. Since c(∅) ≥ 0, the lowest score of any subset of S is nonnegative, which proves that S is secure in G.
We now describe how to compute all such values in a bottom-up manner.
Leaf node. If t is a leaf node, its bag is empty and obviously C ∅,t = {(c, 0)} holds, where c maps ∅ to 0. Introduce node. Let t be an introduce node with child t and let v be the unique element of χ(t)\χ(t ). For each S ⊆ χ(t) and each function c ∈ F S\{v} , we define a function c ⊕ S,t v : 2 S → Z. Its intended purpose is to obtain a version of c that applies to t instead of t . If v ∈ S, we need to increase scores where v can serve as an additional defender, and otherwise we need to decrease scores where v can serve as an additional attacker. We now make this formal. Let S ⊆ χ(t), X ⊆ S, X = X \{v} and c ∈ F S\{v} .
For each S ⊆ χ(t) and each function c ∈ F S there is a unique function c ∈ F S\{v} such that c = c ⊕ S,t v, and we denote c by origin S,t (c).
The following statements can be proved by arguments similar to those in Sect. 4.2: and (c, k) ∈ C S,t such that S is (S, t, c, k)-characterized, and let c = origin S,t (c) and k = k − |S ∩ {v}|. The set S\{v} is (S\{v}, t , c , k )-characterized. Hence (c , k ) ∈ C S\{v},t . From these observations, the following equation follows for every S ⊆ χ(t): Forget node. Let t be a forget node with child t and let v be the unique element of χ(t )\χ(t). For each S ⊆ χ(t) and each function c ∈ F S∪{v} , we define a function c ∈ S,t v, and for each S ⊆ χ(t) and each function c ∈ F S , we define a function c / ∈ S,t v. Each of these functions maps every subset of S to an integer. c ∈ S,t v (X ) = min{c(X ), c(X ∪ {v})} c / ∈ S,t v (X ) = c(X ) Next we define functions origin ∈ S,t and origin / ∈ S,t that map each element of F S to a set of elements of F S∪{v} and F S , respectively: The following statements can be proved by arguments similar to those in Sect. 4.2: Let S ⊆ V (G) t , S = S ∩ χ(t ) and (c, k) ∈ C S,t such that S is (S, t , c, k)characterized. If v ∈ S, then S is (S\{v}, t, c ∈ S,t v, k)-characterized and (c ∈ S,t v, k) ∈ C S\{v},t ; otherwise S is (S, t, c / ∈ S,t v, k)-characterized and (c / ∈ S,t v, k) ∈ C S,t . Conversely, let S ⊆ V (G) t , S = S ∩ χ(t) and (c, k) ∈ C S,t such that S is (S, t, c, k)-characterized. If v ∈ S, then there is some c ∈ origin ∈ S,t (c) such that S is (S ∪ {v}, t , c , k)-characterized and (c , k) ∈ C S∪{v},t ; otherwise there is some c ∈ origin / ∈ S,t (c) such that S is (S, t , c , k)-characterized and (c , k) ∈ C S,t . From these observations, the following equation follows for every S ⊆ χ(t): Join node. Let t be a join node with children t , t such that χ(t) = χ(t ) = χ(t ).
For each S ⊆ χ(t), and each c , c ∈ F S , we define a function c ⊗ S,t c , which maps each subset of S to an integer.
(c ⊗ S,t c )(X ) = c (X ) + c (X ) − lscore S,t (X ) Next we define a function origin S,t that maps each element of F S to a subset of F S × F S : The following statements can be proved by arguments similar to those in Sect. 4.2: Let S ⊆ V (G) t , S ⊆ V (G) t , S = S ∩ S , (c , k ) ∈ C S,t and (c , k ) ∈ C S,t such that S is (S, t , c , k )-characterized and S is (S, t , c , k )-characterized, and let c = c ⊗ S,t c and k = k + k − |S|. The set S ∪ S is (S, t, c, k)characterized and (c, k) ∈ C S,t . Conversely, let S ⊆ V (G) t , S = S ∩ χ(t) and (c, k) ∈ C S,t such that S is (S, t, c, k)-characterized. There is some (c , c ) ∈ origin S,t (c) as well as integers k , k such that k = k +k −|S|, the set S∩V (G) t is (S, t , c , k )-characterized and S ∩ V (G) t is (S, t , c , k )-characterized. Hence (c , k ) ∈ C S,t and (c , k ) ∈ C S,t .
From these observations, the following equation follows for every S ⊆ χ(t): C S,t = {(c ⊗ S,t c , k + k − |S|) | (c , k ) ∈ C S,t , (c , k ) ∈ C S,t } We can now traverse the tree decomposition T in a bottom-up way and at each node t of T compute the set C S,t for each S ⊆ χ(t). Let n denote the number of vertices of G and w denote the width of T . Every element of C S,t is a pair (c, k), where c is a function that maps each subset of S to an integer between −n and n, there are at most 2 w subsets of S, and k is an integer between 0 and n. Hence there are at most (2n + 1) 2 w · (n + 1) elements of C S,t . Each individual element of C S,t can be computed in time O(2 w ). Finally, there are at most 2 w possible values for S and O(wn) many nodes in T . We thus get an algorithm that takes as input an integer k together with a graph G whose treewidth we denote by w, and determines in time f (w) · n g(w) whether G admits a secure set of size k, where f and g are functions that only depend on w.
This algorithm for Exact Secure Set obviously also gives us an algorithm for Secure Set by checking all solution sizes from 1 to k. Finally, we can easily extend it to accommodate complementary vertex pairs as well as necessary and forbidden vertices. Hence we get the following XP membership result: By keeping track of the origins of our computed values during our bottom-up traversal of the tree decomposition, we can easily adapt the algorithm to find solutions if they exist.

Conclusion
In this work, we have solved a complexity problem in graph theory that, to the best of our knowledge, has remained open since the introduction of secure sets [11] in 2007. We have shown that the problem of deciding whether, for a given graph G and integer k, G possesses a non-empty secure set of size at most k is P 2 -complete. We moreover obtained P 2 -completeness for seven further variants of this problem. In the second part of this paper, we analyzed the complexity of the Secure Set problem parameterized by the treewidth of the input graph. In particular, we showed that bounded treewidth does not make the problem fixed-parameter tractable unless FPT = W [1]. Nevertheless, we provided a polynomial-time algorithm for finding secure sets on graphs of bounded treewidth and thus showed membership in the class XP. As a positive result, we could show that the co-NP-complete problem of verifying whether a given set is secure can be solved in fixed-parameter linear time when parameterized by treewidth.
There are several interesting directions for future research. One open question is which additional restrictions beside bounded treewidth need to be imposed on Secure Set instances to achieve fixed-parameter tractability. On the other hand, the Secure Set Verification problem may remain FPT for parameters that are less restrictive than treewidth. We showed W[1]-hardness and XP-membership of Secure Set, so a tight bound is still lacking, albeit perhaps more of theoretical interest due to the fact that problems at a certain level of the weft hierarchy generally do not admit faster algorithms than problems at higher levels. To classify a problem as FPT w.r.t. treewidth, a common approach is to express it in monadic second-order logic (MSO) and then invoke Courcelle's Theorem [12], which immediately proves that the problem is FPT. We showed that Secure Set Verification is FPT, but it is not clear if it can be expressed in MSO. If it cannot, then our FPT result could hint at possible extensions of MSO whose model-checking problem is still FPT. Similarly, we believe that MSO can be extended in such a way that Secure Set can be expressed and that a variant of Courcelle's Theorem for showing membership in XP instead of FPT holds. Finally, some of our results seem to be transferable to (variants of) the Defensive Alliance problem, so it would be interesting to investigate if some of our reductions and algorithms can help in the study of such related problems.