Partial Derivatives of KAT Terms

| gs_conc a p x ⇒ (a,p)::from_gstring x end.

The following properties hold between words and guarded strings: Lemma to_gstring_app :

∀ w1 w2 x, to_gstring (w1 ++ w2) x = to_gstring w1 (to_gstring w2 x).

Lemma from_to_gstring :

∀ w, w = (to_gstring (from_gstring w) (gs_end (last w))). Lemma from_string_correct :

∀ x, x = to_gstring (from_gstring x) (gs_end (last x)).

Finally, we introduce another notion of left-quotient, this time with respect to words. Its definition in Coq is as follows:

Inductive LQw_alt (l:gl) : list (atom*Z) → gl :=

| in_quow_alt : ∀ x w, (to_gstring x w) ∈ l → w ∈ (LQw_alt l x).

The role of the predicate LQw_alt is going to be the same as the role of left-quotients with respect to words in the case of regular expressions, that is, the predicate LQw_alt will serve as the language model of partial derivatives of KAT terms. We will get back to this particular point briefly.

4.3

Partial Derivatives of KAT Terms

The notion of derivative of a KAT term was introduced by Kozen in [62] as an extension of the Brzozowski’s derivatives. In the same work, Kozen also introduces the notion of set derivative, to which we will call partial derivative of a KAT term.

Before formally introducing partial derivatives, we have to introduce the notion of nullability of a KAT term. Given an atom α and a KAT term e, the function inductively defined by

εα(p) def = false, εα(t) def = ( true if α ≤ t, false if α 6≤ t. εα(e1+ e2)def= εα(e1) || εα(e2), εα(e1e2) def = εα(e1) && εα(e2), εα(e?)def= true,

determines if e is nullable. The function εα(·) is extended to the set of all atoms At by

E(e)def= {α ∈ At | εα(e) = true}.

As with the notion of nullable regular expression, we can relate the results of εα(e) with

language membership by

εα(e) = true → α ∈ G(e),

and, symmetrically, by

εα(e) = false → α 6∈ G(e).

For KAT terms e1 and e2, if εα(e1) = εα(e2) holds for all α ∈ At, then we say that e1 and

e2 are equi-nullable.

Example 24. Let B = {b₁, b2}, let Σ = {p, q}, and let e = b1p + qb2. The computation of

εb1b2(e) goes as follows:

εb1b2(e) = εb1b2(b1p + qb2) = εb1b2(b1p) || εb1b2(qb2)

= (εb1b2(b1) && εb1b2(p)) || (εb1b2(q) && εb1b2(b2)) = (b1b2 ≤ b1 && false) || (false && b1b2≤ b2)

= (true && false) || (false && false) = false.

However, if we consider e = b1+ b2, we obtain a positive result. The computation of εb1b2(e) goes as follows: εb1b2(α) = εb1b2(b1+ b2) = εb1b2(b1) || εb1b2(b2) = b1b2 ≤ b1 || b1b2≤ b2 = true || false = true.

Nullability is extended to sets in the following way: εα(S) def =   

true if ∃e ∈ S, εα(e) = true;

false otherwise.

Two sets S1 and S2 of KAT terms are equi-nullable if εα(S1) = εα(S2). For sets of KAT

terms we also define the concatenation of a set with a KAT term by S  edef=          ∅ if e = 0, S if e = 1, {e0e | e0 ∈ S} otherwise.

4.3. PARTIAL DERIVATIVES OF KAT TERMS 85 As usual, we omit the operator  whenever possible.

Let αp ∈ (At · Σ) and let e be a KAT term. The set ∂αp(e) of partial derivatives of e with

respect to αp is inductively defined by ∂αp(t) def = ∅, ∂αp(q) def =    {1} if p ≡ q, ∅ otherwise. ∂αp(e1+ e2)def= ∂αp(e1) ∪ ∂αp(e2), ∂αp(e1e2)def=    ∂αp(e1)e2∪ ∂αp(e2) if εα(e1) = true, ∂αp(e1)e2, otherwise. ∂αp(e?) def = ∂αp(e)e?.

Example 25. Let B = {b1, b2}, Σ = {p, q}, and e = b1p + qb2. The partial derivative of e

with respect to b1b2p is the following:

∂b1b2p(e) = ∂b1b2p(b1p + qb2) = ∂b1b2p(b1p) ∪ ∂b1b2p(qb2) = ∂b1b2p(b1)p ∪ ∂b1b2p(p) ∪ ∂b1b2(q)b2 = ∂b1b2p(b1)p ∪ ∂b1b2p(p) = ∂b1b2p(p) = {1}.

Partial derivatives of KAT terms can be inductively extended to words w ∈ (At · Σ)? _{in the}

following way: ∂(e) def = {e} ∂wαp(e) def = ∂αp(∂w(e)),

where  is the empty word . The set of all partial derivatives of a KAT term is the set ∂_(At·Σ)?(e)def=

[

w∈(At·Σ)?

{e0| e0 ∈ ∂w(e)}.

e with respect to the sequence b1b2pb1b2q is the following: ∂_b 1b2pb1b2q(e) = ∂b1b2pb1b2q(b1p(b1+ b2)q) = ∂_b 1b2q(∂b1b2p(b1p(b1+ b2)q)) = ∂_b 1b2q(∂b1b2p(b1)(p(b1+ b2)q) ∪ ∂b1b2p(p(b1+ b2)q)) = ∂_b 1b2q(∂b1b2p(b1)(p(b1+ b2)q)) ∪ ∂b1b2q(∂b1b2p(p(b1+ b2)q)) = ∂_b 1b2q(∂b1b2p(p)(b1+ b2)q) = ∂_b 1b2q((b1+ b2)q) = ∂_b 1b2q(b1+ b2)q ∪ ∂b1b2q(q) = ∂_b 1b2q(q) = {1}.

Similarly to partial derivatives of regular expressions, the language of partial derivatives of KAT terms are the left-quotients, that is, for w ∈ (At · Σ)? and for αp ∈ (At·Σ), the following equalities G(∂w(e)) = Dw(G(e))and G(∂αp(e)) = Dαp(G(e)) hold.

The next excerpt of the Coq development shows the previous definitions and theorems. Fixpoint nullable(e:kat)(α:atom) : bool :=

match e with | kats p ⇒ false | katb b ⇒ evalT α b

| katu e1 e2 ⇒ nullable e1 α || nullable e2 α

| katc e1 e2 ⇒ nullable e1 α && nullable t2 α

| katst e1 ⇒ true

end.

Definition nullable_set(s:set kat)(a:atom) :=

fold (fun x ⇒ orb (nullable x a)) s false.

Fixpoint pdrv(e:kat)(α:atom)(p:sy) : set kat := match e with

| kats p0 ⇒ match compare p0 p with | Eq ⇒ {1}

| _ ⇒ ∅ end | katb b ⇒ ∅

| katu e1 e2 ⇒ pdrv e1 α p ∪ pdrv e2 α p

| katc e1 e2 ⇒ if nullable e1 α then

4.3. PARTIAL DERIVATIVES OF KAT TERMS 87

else

(pdrv e1 α p)  e2

| katst e1 ⇒ (pdrv e1 α p)  (katst e1)

end.

Theorem pdrv_correct : ∀ e α p, G(pdrv e α p) ∼ LQ (G(e)) α p.

Theorem wpdrv_correct : ∀ e w, G(wpdrv e w) ∼ LQw_alt (G(e)) w.

Finiteness of the Set of Partial Derivatives

Kozen showed [62] that the set of partial derivatives is finite by means of the closure properties of a sub-term relation over KAT terms. As we have seen in the previous chapter, in the case of regular expressions the same problem can be solved using Mirkin’s pre-bases [73]. Here we extend this method to KAT terms. We obtain an upper bound on the number of partial derivatives that is bounded by the number of primitive programs of Σ, and not the number of sub-terms as in [62].

Definition 1. Let e be a KAT term. The function π(e) from KAT terms to sets of KAT terms is recursively defined as follows:

π(t)def= ∅, π(p)def= {1},

π(e1+ e2)def= π(e1) ∪ π(e2),

π(e1e2) def

= π(e1)e2∪ π(e2),

π(e?)def= π(e)e?.

Example 27. Let B = {b₁, b2}, Σ = {p, q}, and e = b1p(b1+ b2)q. The set of KAT terms

computed by π(e) is the following:

π(e) = π(b1p(b1+ b2)q) = π(b1)p(b1+ b2)q ∪ π(p(b1+ b2)q) = π(p(b1+ b2)q) = π(p)(b1+ b2)q ∪ π((b1+ b2)q) = {(b1+ b2)q} ∪ π(b1+ b2)q ∪ π(q) = {(b1+ b2)q} ∪ π(q) = {1, (b1+ b2)q}.

Let |e|Σ be the measure that gives us the number of primitive programs in e, which is

recursively defined as follows:

|t|Σ def = 0, t ∈ T, |p|_Σdef= 1, p ∈ Σ, |e1+ e2|Σ def = |e1|Σ+ |e2|Σ, |e₁e2|Σ def = |e1|Σ+ |e2|Σ, |e?₁|Σ def = |e1|Σ.

We now show that this is an upper bound of π(e), which requires a lemma stating that π is a closed operation on KAT terms.

Proposition 10. Let e be a KAT term over the set of primitive tests B and the set of primitive programs Σ. Hence, it holds that

∀e e0, e0∈ π(e) → ∀e00, e00 ∈ π(e0) → e00∈ π(e).

Lemma 5. Let e be a KAT term over the set of primitive tests B and the set of primitive programs Σ. Hence, |π(e)| ≤ |e|Σ.

Now let KD(e) def

= {e} ∪ π(e), with e being a KAT term. It is easy to see that |KD(e)| ≤ |e|_Σ+ 1, since |π(e)|Σ ≤ |e|Σ. We will now show that KD(e) establishes an upper bound on

the number of partial derivatives of e. For that, we prove that KD(e) contains all the partial derivatives of e. First we prove that the partial derivative ∂αp(e) is a subset of π(e), for all

α ∈ At and p ∈ Σ. Next, we prove that if e0 ∈ ∂_αp(e) then π(e0) is a subset of π(e), which allow us to prove, by induction on the length of a word w ∈ (At · Σ)? _{that all the derivatives}

of e are members of KD(e).

Lemma 6. Let e be a KAT term, and let αp ∈ (At · Σ). Hence, if the KAT term e0 is a member of π(e), then ∂αp(e0) ⊆ π(e).

Theorem 2. Let e be a KAT term, and let w ∈ (At · Σ)?. Thus, ∂w(e) ⊆ KD(e).

In the code excerpt below we present the definition of π and of KD, as well as the proof of the cardinality of the set of all the partial derivatives of a KAT term.

Fixpoint PI (e:kat) : set kat := match e with

| katb b ⇒ ∅

| kats _ ⇒ {katb ba1}

| katu x y ⇒ (PI x) ∪ (PI y) | katc x y ⇒ (PI x) y ∪ (PI y)